1

The following link explains how Git computes object IDs (ruby code snippet). The object type (blob, tree, commit) is encoded in the header which is concatenated with the content and the SHA1 is computed on the concatenated string.

https://git-scm.com/book/en/v2/Git-Internals-Git-Objects

One can use git cat-file -t <object id> to determine the type of the object (blob, tree, commit).

I'm wondering how does this command extract the type from the object ID given that SHA1 is a oneway hashing function?

The FilterByRequest() works as a pre-filter that is called before the action executes, so you won't have the response on the filter delegate.

The option to discard events based on the response is to do a post-filter via a custom action, for example on your startup:

using Audit.WebApi;

Audit.Core.Configuration.AddCustomAction(ActionType.OnEventSaving, scope =>
{
    var ev = scope.GetWebApiAuditAction();
    if (ev?.ResponseStatusCode == 500 || ev?.ResponseStatusCode == 400)
    {
        scope.Discard();
    }
});
4

2 回答 2

7

“你把它倒过来了。”

虽然 SHA 确实是单向哈希,但这不是问题:您自己提供哈希,Git 将其用作键值数据库中的键,从而允许 Git 检索数据。(如果您提供部分哈希,而不是整个哈希,Git 会查找与该前缀匹配的键;如果前缀是唯一的,Git 会假定生成的匹配键是正确的键。)

获得数据(zlib 压缩的对象)后,Git 现在只需解压缩该数据的前几个字节。它们以四种对象类型字符串之一开头:blob, commit, tag, or tree(后跟一个空格,然后是大小的十进制扩展ASCII 和'\0' 字节)。

如果 Git 提取了整个对象——-t代码可以采取捷径并提前停止解压缩——然后 Git 将验证对象的字节,包括标题,通过散列函数反馈,生成用于检索对象的密钥. 如果 Git 突然停止(就像它一样-t),Git 会跳过验证步骤。

于 2021-06-29T23:25:53.707 回答
4

假设 SHA1 是一个单向散列函数

那是无关紧要的。SHA 没有隐瞒任何事情。相反。将 SHA 视为一个地址。该地址的文件是可读的并说明了类型。

于 2021-06-29T23:20:35.537 回答