pub fn read_file(repo_root: &Path, path: &str) -> Result<ReadOutcome, PawError>Expand description
Reads one file from the local working tree, confined to the repository root and refusing gitignored paths.
Steps, in order:
- Resolve
pathunderrepo_root, canonicalise it, and verify it still lies within the canonical repository root. Any escape (.., an absolute path, a symlink target outside the root) is refused — no file outside the root is read. - Refuse gitignored paths (
git check-ignore), so secrets/build artifacts are never returned even when they sit inside the root. - Read the on-disk working-tree content (so uncommitted/branch state is reflected).
Returns:
- refused traversal/escape →
Ok(ReadOutcome { content: None, message }). - gitignored path →
Ok(ReadOutcome { content: None, message }). - missing file →
Ok(ReadOutcome { content: None, message }). - readable file →
Ok(ReadOutcome { content: Some(..), message: None }). - present-but-unreadable (e.g. a permission error) →
Err, so the tool layer can surface the misconfiguration.