1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
//! Rust bindings and utilities for working with composefs images and repositories.
//!
//! Composefs is a read-only FUSE filesystem that enables efficient sharing
//! of container filesystem layers by using content-addressable storage
//! and fs-verity for integrity verification.
/// Files with this many bytes or fewer are stored inline in the erofs image
/// (and in splitstreams). Files above this threshold are written to object
/// storage and referenced via overlay metacopy xattrs.
///
/// Changing this value is effectively a format break: it affects which files
/// get fs-verity checksums (external) vs. which are stored directly (inline),
/// so images produced with different thresholds are not interchangeable.
/// A future composefs format version may change this size
/// (see <https://github.com/composefs/composefs-rs/issues/107>).
///
/// For the *parsing* safety bound enforced when reading untrusted input, see
/// [`MAX_INLINE_CONTENT`].
pub const INLINE_CONTENT_MAX_V0: usize = 64;
/// Maximum inline content size accepted when parsing untrusted input (dumpfiles,
/// EROFS images in composefs-restricted mode).
///
/// This is intentionally higher than [`INLINE_CONTENT_MAX_V0`] to allow for future
/// increases to the inline threshold (see
/// <https://github.com/composefs/composefs-rs/issues/107>).
pub const MAX_INLINE_CONTENT: usize = 512;
/// Maximum symlink target length in bytes.
///
/// XFS limits symlink targets to 1024 bytes (`XFS_SYMLINK_MAXLEN`). Since
/// generic Linux containers are commonly backed by XFS, we enforce that
/// limit rather than the Linux VFS `PATH_MAX` of 4096.
pub const SYMLINK_MAX: usize = 1024;
/// Internal constants shared across workspace crates.
///
/// Not part of the public API — may change without notice.