securegit 0.8.5

Zero-trust git replacement with 12 built-in security scanners, LLM redteam bridge, universal undo, durable backups, and a 50-tool MCP server
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161

use crate::cli::UI;
use crate::ops::oplog;
use crate::ops::utils::short_oid;
use anyhow::{bail, Result};
use std::path::Path;

pub fn execute(
    path: &Path,
    commit_ref: &str,
    abort: bool,
    continue_pick: bool,
    skip: bool,
    no_commit: bool,
    ui: &UI,
) -> Result<()> {
    let desc = if abort {
        "abort cherry-pick".to_string()
    } else if continue_pick {
        "continue cherry-pick".to_string()
    } else if skip {
        "skip cherry-pick".to_string()
    } else {
        format!("cherry-pick {}", commit_ref)
    };
    oplog::with_oplog(path, "cherry-pick", &desc, || {
        execute_inner(path, commit_ref, abort, continue_pick, skip, no_commit, ui)
    })
}

fn execute_inner(
    path: &Path,
    commit_ref: &str,
    abort: bool,
    continue_pick: bool,
    skip: bool,
    no_commit: bool,
    ui: &UI,
) -> Result<()> {
    let repo = crate::ops::open_repo(path)?;

    if abort {
        if repo.state() != git2::RepositoryState::CherryPickSequence
            && repo.state() != git2::RepositoryState::CherryPick
        {
            bail!("No cherry-pick in progress to abort.");
        }
        repo.cleanup_state()?;
        // Reset index to HEAD
        let head = repo.head()?.peel_to_commit()?;
        repo.reset(head.as_object(), git2::ResetType::Hard, None)?;
        ui.success("Cherry-pick aborted");
        return Ok(());
    }

    if skip {
        if repo.state() != git2::RepositoryState::CherryPickSequence
            && repo.state() != git2::RepositoryState::CherryPick
        {
            bail!("No cherry-pick in progress to skip.");
        }
        // Reset to HEAD (discard current changes) and clean up state
        let head = repo.head()?.peel_to_commit()?;
        repo.reset(head.as_object(), git2::ResetType::Hard, None)?;
        repo.cleanup_state()?;
        ui.success("Cherry-pick skipped");
        return Ok(());
    }

    if continue_pick {
        if repo.state() != git2::RepositoryState::CherryPickSequence
            && repo.state() != git2::RepositoryState::CherryPick
        {
            bail!("No cherry-pick in progress to continue.");
        }
        let index = repo.index()?;
        if index.has_conflicts() {
            bail!("Conflicts still exist. Resolve them before continuing.");
        }
        // Commit the resolved state
        let mut index = repo.index()?;
        let tree_oid = index.write_tree()?;
        let tree = repo.find_tree(tree_oid)?;
        let sig = repo.signature().map_err(|_| {
            anyhow::anyhow!(
                "Author identity not configured. Run:\n  \
                 git config user.name \"Your Name\"\n  \
                 git config user.email \"you@example.com\""
            )
        })?;
        let head_commit = repo.head()?.peel_to_commit()?;
        repo.commit(
            Some("HEAD"),
            &sig,
            &sig,
            "cherry-pick (continued)",
            &tree,
            &[&head_commit],
        )?;
        repo.cleanup_state()?;
        ui.success("Cherry-pick continued and committed");
        return Ok(());
    }

    let obj = repo.revparse_single(commit_ref)?;
    let commit = obj.peel_to_commit()?;

    repo.cherrypick(&commit, None)?;

    let index = repo.index()?;
    if index.has_conflicts() {
        let short_id = short_oid(&commit.id());
        let _ = crate::ops::conflicts::record_conflicts(path, &short_id, "cherry-pick", commit_ref);
        ui.warning(format!("Cherry-pick of {} had conflicts", short_id));
        ui.info("Resolve conflicts, then run: securegit cherry-pick --continue");
        ui.info("Or abort with: securegit cherry-pick --abort");
        return Ok(());
    }

    if no_commit {
        repo.cleanup_state()?;
        let short_id = short_oid(&commit.id());
        ui.success(format!(
            "Cherry-pick {} applied to index (not committed)",
            short_id
        ));
        return Ok(());
    }

    // Auto-commit when clean
    let mut index = repo.index()?;
    let tree_oid = index.write_tree()?;
    let tree = repo.find_tree(tree_oid)?;
    let sig = repo.signature().map_err(|_| {
        anyhow::anyhow!(
            "Author identity not configured. Run:\n  \
             git config user.name \"Your Name\"\n  \
             git config user.email \"you@example.com\""
        )
    })?;
    let head_commit = repo.head()?.peel_to_commit()?;

    let msg = commit.message().unwrap_or("cherry-pick");
    match repo.commit(Some("HEAD"), &sig, &sig, msg, &tree, &[&head_commit]) {
        Ok(_) => {
            repo.cleanup_state()?;
            let short_id = short_oid(&commit.id());
            ui.success(format!(
                "[cherry-pick {}] {}",
                short_id,
                commit.summary().unwrap_or("")
            ));
        }
        Err(e) => {
            // Clean up cherry-pick state on commit failure
            let _ = repo.cleanup_state();
            bail!("Cherry-pick commit failed: {}", e);
        }
    }

    Ok(())
}