swhid 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 17e5d6a13e7f6d44bed90224e6ff6b1418bd9501b7bd14c1ef00d5d7adbbeb3c
-  data.tar.gz: 712d0c4136e0ac2c5d11b38b73cbf77d75bbf87b188fc998a3f716e4f9e8ff98
+  metadata.gz: ee71514f26b0e91e02344d741fdfb56dc4aa5d9314e30dcc3c5d85caa68f8973
+  data.tar.gz: 4f087cd83b505e88543e991aa24d8fb88368596e4b108128de52d562e2d81025
 SHA512:
-  metadata.gz: 7fa9985d872d26ade840cdb509319fe27795dbd7bbac18b9a4141eb291dcee55cdeb5be31ad94a2fd557b2d676124016c955303bee9a7b4dac1ff698fc22ddc9
-  data.tar.gz: e99b1253233fd0862a7b57da14ca6367036e5cb50b4d153ffe154165be2635bf8f7579a5a8d3ae10757972dfc511d591c9485bf66cca001db8336b5dc08d4349
+  metadata.gz: a94007e0ee145b967ec7f2ac0007dcf996207990bec1af8ce3a63fc4f0ddd0e4a59afe6bf1385a4e0f9b9b033a3f0301657835751e653b1f1ed5fb457a3a6b90
+  data.tar.gz: 0f8a27c61f50d91519564fe4f7a6483b23415c600ffc6d49df26141388faf71ab547aa06e56450a6df9d95b91d6560c3c773a65c80682e6d87d5538858fd5e68

data/CHANGELOG.md

@@ -1,5 +1,24 @@
 ## [Unreleased]
 
+## [0.4.0] - 2026-01-12
+
+### Added
+- Windows support for directory SWHID computation
+- File permissions read from Git index on Windows where filesystem permissions unavailable
+- Optional `permissions:` parameter for `FromFilesystem.from_directory_path` to pass explicit file modes
+- CI testing on Windows (Ruby 3.4 and 4.0)
+
+### Changed
+- Archive extraction in tests now uses pure Ruby (Zlib/TarReader/Zip) instead of shell commands
+
+## [0.3.1] - 2025-11-23
+
+### Fixed
+- Snapshot implementation now includes HEAD symbolic reference
+- Extra headers extraction for signed commits (gpgsig, mergetag, etc.)
+- Tag-of-tag support (tags pointing to other tag objects)
+- Extra headers extraction for signed tags
+
 ## [0.3.0] - 2025-11-23
 
 - `directory` CLI command - Generate SWHID for directory from filesystem

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Andrew Nesbitt
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -261,6 +261,36 @@ SWHIDs can include optional qualifiers to provide context:
 
 The hash computation for content, directory, revision, and release objects is compatible with Git's object hashing. This means you can use this gem to compute the same hashes that Git would produce for the same objects.
 
+## Windows Support
+
+The library works on Windows with some considerations for file permissions.
+
+Directory SWHIDs include file permission bits (executable vs non-executable). Windows doesn't store Unix-style permissions, so the library uses these strategies:
+
+1. **Files in a Git repository**: Permissions are read from the Git index, which works correctly on all platforms.
+
+2. **Extracted archives**: When extracting tar.gz files, pass the permissions from tar headers:
+
+```ruby
+require 'zlib'
+require 'rubygems/package'
+
+permissions = {}
+Zlib::GzipReader.open(tarball) do |gz|
+  Gem::Package::TarReader.new(gz) do |tar|
+    tar.each do |entry|
+      next unless entry.file?
+      File.binwrite(dest_path, entry.read)
+      permissions[dest_path] = entry.header.mode
+    end
+  end
+end
+
+swhid = Swhid::FromFilesystem.from_directory_path(extract_dir, permissions: permissions)
+```
+
+3. **Other directories**: Without Git or explicit permissions, Windows will treat all files as non-executable. If the directory contains executable files, the hash will differ from Linux/macOS.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
@@ -274,3 +304,7 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/andrew
 ## Code of Conduct
 
 Everyone interacting in the Swhid project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/andrew/swhid/blob/main/CODE_OF_CONDUCT.md).
+
+## License
+
+[MIT](LICENSE)

data/lib/swhid/from_filesystem.rb

@@ -5,15 +5,23 @@ require "find"
 
 module Swhid
   module FromFilesystem
-    def self.from_directory_path(path)
+    def self.from_directory_path(path, git_repo: nil, permissions: nil)
       raise ArgumentError, "Path does not exist: #{path}" unless File.exist?(path)
       raise ArgumentError, "Path is not a directory: #{path}" unless File.directory?(path)
 
-      entries = build_entries(path)
+      git_repo ||= discover_git_repo(path)
+      entries = build_entries(path, git_repo: git_repo, permissions: permissions)
       Swhid.from_directory(entries)
     end
 
-    def self.build_entries(dir_path)
+    def self.discover_git_repo(path)
+      require "rugged"
+      Rugged::Repository.discover(path)
+    rescue Rugged::RepositoryError, Rugged::OSError
+      nil
+    end
+
+    def self.build_entries(dir_path, git_repo: nil, permissions: nil)
       entries = []
 
       Dir.foreach(dir_path) do |name|
@@ -28,9 +36,9 @@ module Swhid
                   target_hash = Swhid.from_content(target_content).object_hash
                   { name: name, type: :symlink, target: target_hash }
                 elsif stat.directory?
-                  target_swhid = from_directory_path(full_path)
+                  target_swhid = from_directory_path(full_path, git_repo: git_repo, permissions: permissions)
                   { name: name, type: :dir, target: target_swhid.object_hash }
-                elsif stat.executable?
+                elsif file_executable?(full_path, stat, git_repo, permissions)
                   content = File.binread(full_path)
                   target_hash = Swhid.from_content(content).object_hash
                   { name: name, type: :exec, target: target_hash }
@@ -45,5 +53,42 @@ module Swhid
 
       entries
     end
+
+    def self.file_executable?(full_path, stat, git_repo, permissions = nil)
+      # Check explicit permissions map first (from tar extraction, etc.)
+      if permissions
+        mode = permissions[full_path] || permissions[File.expand_path(full_path)]
+        return (mode & 0o111) != 0 if mode
+      end
+
+      # Check Git index for tracked files
+      if git_repo
+        relative_path = relative_path_in_repo(full_path, git_repo)
+        if relative_path
+          entry = git_repo.index[relative_path]
+          if entry
+            mode = entry[:mode]
+            return (mode & 0o111) != 0
+          end
+        end
+      end
+
+      # Fall back to filesystem
+      stat.executable?
+    end
+
+    def self.relative_path_in_repo(full_path, git_repo)
+      repo_workdir = git_repo.workdir
+      return nil unless repo_workdir
+
+      full_path = File.expand_path(full_path)
+      repo_workdir = File.expand_path(repo_workdir)
+
+      return nil unless full_path.start_with?(repo_workdir)
+
+      relative = full_path.sub(repo_workdir, "")
+      relative = relative[1..] if relative.start_with?("/") || relative.start_with?("\\")
+      relative.tr("\\", "/")
+    end
   end
 end

data/lib/swhid/from_git.rb

@@ -22,8 +22,8 @@ module Swhid
         message: commit.message
       }
 
-      # Extract extra headers if present
-      extra_headers = extract_extra_headers(commit)
+      # Extract extra headers if present (like gpgsig, svn headers, etc)
+      extra_headers = extract_extra_headers(repo, commit)
       metadata[:extra_headers] = extra_headers unless extra_headers.empty?
 
       Swhid.from_revision(metadata)
@@ -42,6 +42,7 @@ module Swhid
       if tag_obj.is_a?(Rugged::Tag::Annotation)
         target_type = case tag_obj.target
                       when Rugged::Commit then "rev"
+                      when Rugged::Tag::Annotation then "rel"
                       when Rugged::Tree then "dir"
                       when Rugged::Blob then "cnt"
                       else "rev"
@@ -59,6 +60,10 @@ module Swhid
           metadata[:author_timezone] = format_timezone(tag_obj.tagger[:time])
         end
 
+        # Extract extra headers if present (like gpgsig for signed tags)
+        extra_headers = extract_tag_extra_headers(repo, tag_obj)
+        metadata[:extra_headers] = extra_headers unless extra_headers.empty?
+
         Swhid.from_release(metadata)
       else
         # Lightweight tag - points directly to commit
@@ -70,12 +75,27 @@ module Swhid
       repo = Rugged::Repository.new(repo_path)
       branches = []
 
+      # Check for HEAD first
+      head_path = File.join(repo.path, "HEAD")
+      if File.exist?(head_path)
+        head_content = File.read(head_path).strip
+        if head_content.start_with?("ref:")
+          # HEAD is a symbolic ref
+          target_ref = head_content.sub("ref: ", "")
+          branches << {
+            name: "HEAD",
+            target_type: "alias",
+            target: target_ref
+          }
+        end
+      end
+
       # Get all references (branches and tags)
       repo.references.each do |ref|
         ref_name = ref.name
 
         if ref.type == :symbolic
-          # This is an alias (like HEAD pointing to refs/heads/main)
+          # This is an alias (symbolic ref)
           target_ref_name = ref.target
           branches << {
             name: ref_name,
@@ -125,11 +145,75 @@ module Swhid
       format("%s%02d%02d", sign, hours, minutes)
     end
 
-    def self.extract_extra_headers(commit)
+    def self.extract_extra_headers(repo, commit)
       # Rugged doesn't expose extra headers directly
-      # We would need to parse the raw commit object for this
-      # For now, return empty array
-      []
+      # We need to parse the raw commit object
+      raw_data = repo.read(commit.oid).data
+      lines = raw_data.split("\n")
+
+      extra_headers = []
+      in_headers = true
+
+      lines.each do |line|
+        # Stop when we hit the blank line before the message
+        if line.empty?
+          in_headers = false
+          next
+        end
+
+        next unless in_headers
+
+        # Skip standard headers
+        next if line.start_with?("tree ", "parent ", "author ", "committer ")
+
+        # Extract extra headers (like gpgsig, mergetag, svn-repo-uuid, etc)
+        if line.start_with?(" ")
+          # Continuation of previous header
+          if extra_headers.any?
+            extra_headers.last[1] += "\n#{line[1..]}"
+          end
+        elsif line.include?(" ")
+          key, value = line.split(" ", 2)
+          extra_headers << [key, value]
+        end
+      end
+
+      extra_headers
+    end
+
+    def self.extract_tag_extra_headers(repo, tag)
+      # Parse raw tag object for extra headers
+      raw_data = repo.read(tag.oid).data
+      lines = raw_data.split("\n")
+
+      extra_headers = []
+      in_headers = true
+
+      lines.each do |line|
+        # Stop when we hit the blank line before the message
+        if line.empty?
+          in_headers = false
+          next
+        end
+
+        next unless in_headers
+
+        # Skip standard tag headers
+        next if line.start_with?("object ", "type ", "tag ", "tagger ")
+
+        # Extract extra headers (like gpgsig for signed tags)
+        if line.start_with?(" ")
+          # Continuation of previous header
+          if extra_headers.any?
+            extra_headers.last[1] += "\n#{line[1..]}"
+          end
+        elsif line.include?(" ")
+          key, value = line.split(" ", 2)
+          extra_headers << [key, value]
+        end
+      end
+
+      extra_headers
     end
   end
 end

data/lib/swhid/objects/release.rb

@@ -39,6 +39,11 @@ module Swhid
           lines << author_line
         end
 
+        extra_headers = metadata[:extra_headers] || []
+        extra_headers.each do |key, value|
+          lines << format_header_line(key, value)
+        end
+
         result = lines.join("\n") + "\n"
 
         if metadata[:message]
@@ -54,6 +59,11 @@ module Swhid
         "#{prefix} #{person_escaped} #{timestamp} #{tz}"
       end
 
+      def self.format_header_line(key, value)
+        value_escaped = value.gsub("\n", "\n ")
+        "#{key} #{value_escaped}"
+      end
+
       def self.extract_target(target)
         case target
         when Hash

data/lib/swhid/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Swhid
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: swhid
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Andrew Nesbitt
@@ -35,6 +35,7 @@ extra_rdoc_files: []
 files:
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
+- LICENSE
 - README.md
 - Rakefile
 - benchmark/benchmark.rb
@@ -72,7 +73,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.9
+rubygems_version: 4.0.1
 specification_version: 4
 summary: Generate and parse SoftWare Hash IDentifiers (SWHIDs)
 test_files: []