fix(merk): reject dangling multi-chunk ids

[thepastaclaw]

PR Body

Summary

• Validate multi-chunk ChunkOp ordering before processing any chunks.
• Reject malformed streams that end with a dangling ChunkId.
• Add regressions for both dangling-id forms.
• Assert restore state stays unchanged when rejecting a trailing id after a
  valid chunk.

Fixes #705.

Validation

• cargo fmt --all
• git diff --check
• cargo test -p grovedb-merk test_process_multi_chunk --lib
  • 5 passed, 0 failed; existing unused-import warnings only.
• Code review gate:
  • Repo: dashpay/grovedb
  • Base: upstream/develop
  • Head: review-fix-multi-chunk-dangling-id
  • Intent: reject malformed multi-chunk ordering before state mutation.
  • Recommendation: ship.

Summary by CodeRabbit

• Tests

  • Expanded test coverage for multi-chunk operations validation, including edge cases for invalid orderings.

• Refactor

  • Improved validation logic for multi-chunk operation ordering to better detect and reject invalid sequences.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7358d194-df38-4d01-aefe-5884a591c325

📥 Commits

Reviewing files that changed from the base of the PR and between 9f67e8c and b025e7b.

📒 Files selected for processing (1)

• merk/src/merk/restore.rs

---

📝 Walkthrough

Walkthrough

This PR refactors multi-chunk ordering validation in the restore module by extracting inline checks into a dedicated validate_multi_chunk helper function. The helper is called upfront in process_multi_chunk to reject invalid alternation patterns and dangling ChunkId sequences. Two test cases verify the validation correctly rejects truncated and malformed multi-chunks without mutating restoration state.

Changes

Multi-chunk restore validation

Layer / File(s)	Summary
Multi-chunk ordering validation helper and integration merk/src/merk/restore.rs	validate_multi_chunk enforces that ChunkOp::ChunkId and ChunkOp::Chunk alternate starting with ChunkId, rejecting sequences with mis-ordered items or trailing dangling ChunkId. The helper is called at the start of process_multi_chunk before iteration, replacing inline checks.
Test coverage for invalid multi-chunk orderings merk/src/merk/restore.rs	Two unit tests verify process_multi_chunk rejects a dangling ChunkId-only sequence and a valid chunk pair followed by a trailing ChunkId, confirming InvalidMultiChunk("invalid multi chunk ordering") is returned and restoration state remains unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A rabbit hops through chunks so neat,
ChunkId, then Chunk—the pattern's sweet!
But danglers beware, no trailing surprise,
Validation now catches what once went by!
Tests ensure the order's right!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix(merk): reject dangling multi-chunk ids' directly and clearly describes the main change: fixing the handling of dangling multi-chunk IDs in the merk restore process.
Linked Issues check	✅ Passed	The PR fully implements the requirements from issue #705: validates multi-chunk ordering before processing, rejects dangling ChunkIds, and includes regression tests for both suggested scenarios.
Out of Scope Changes check	✅ Passed	All changes are directly related to the multi-chunk validation fix in restore.rs. The refactoring of validation logic into a dedicated helper and added test cases are both in-scope and necessary for the fix.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[thepastaclaw]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[codecov]

Codecov Report

❌ Patch coverage is 95.83333% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 91.44%. Comparing base (9f67e8c) to head (b025e7b).
⚠️ Report is 10 commits behind head on develop.

Files with missing lines	Patch %	Lines
merk/src/merk/restore.rs	95.83%	3 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff            @@
##           develop     #750   +/-   ##
========================================
  Coverage    91.43%   91.44%           
========================================
  Files          236      236           
  Lines        67111    67175   +64     
========================================
+ Hits         61364    61428   +64     
  Misses        5747     5747           

Components	Coverage Δ
grovedb-core	88.94% <ø> (ø)
merk	92.29% <95.83%> (+0.02%)	⬆️
storage	86.36% <ø> (ø)
commitment-tree	96.43% <ø> (ø)
mmr	96.79% <ø> (ø)
bulk-append-tree	89.39% <ø> (ø)
element	97.38% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[thepastaclaw]

✅ Review complete (commit b025e7b)

[thepastaclaw]

Code Review

Targeted, correct fix for issue #705: validate_multi_chunk runs before any restorer mutation and rejects both ordering violations and trailing dangling ChunkIds via the post-loop check. Two regression tests cover the reported failure modes, including a state-unchanged assertion. No in-scope issues found.

GitHub does not allow PastaClaw to approve their own PR, so this is posted as a COMMENT review rather than an APPROVE review.

No findings.