Find never(!) used files in annex?

It is possible to deposit files in a remotes annex, for example via a p2phttp request. In this case, the deposited file was never known to the git-annex branch metadata. It is my understanding that in this case all the "unused" tooling is not applicable.

Does git-annex provide means to scan an annex for unexpected annex keys, and maybe for ingesting them such that the appear as unused?

Thx!

RSS Atom

comment 1

git-annex p2phttp does update the git-annex branch itself when recieving files. And generally, any time git-annex stores an object in a repository, it updates the git-annex branch accordingly.

So, you can fetch from the remote and learn about those objects, and then git-annex unused --from=$remote will show you unused objects in the remote.

When running git-annex unused on the local repository, it does list all objects in the local repository. So if an object somehow does get into the repository without a branch update, it will still show as unused.

There is no way to list all objects present in a remote. Special remotes are not required to support emumeration at all. So, if an object got sent to a special remote, and the git-annex branch record of that was lost, there would be no way to find that unused object.

Comment by joey — Wed Dec 31 18:58:44 2025

Mismatch with observations

Thanks for detailing the behavior. I am observing something different, though. The context is a git-annex repo at a forgejo-aneksajo site.

I used a JS client to upload annex keys to a an annex with uuid f1a8ef1c-.... This worked. I see them in annex/objects at the remote

git@loki:~/git/repositories/internal/pool-files.git$ tree annex/objects/
annex/objects/
|-- d73
|   `-- 370
|       `-- SHA256E-s61542--80e2f39feca014a9d6cbaa510e37d96c4663500a1cf6dd74a4cd10b42f3e9169.1
|           `-- SHA256E-s61542--80e2f39feca014a9d6cbaa510e37d96c4663500a1cf6dd74a4cd10b42f3e9169.1
|-- db2
|   `-- f4b
|       `-- SHA256E-s61542--80e2f39feca014a9d6cbaa510e37d96c4663500a1cf6dd74a4cd10b42f3e9169.svg
|           `-- SHA256E-s61542--80e2f39feca014a9d6cbaa510e37d96c4663500a1cf6dd74a4cd10b42f3e9169.svg
|-- dc7
|   `-- 005
|       `-- SHA256E-s12027--6f4d23344053ca2f22c4a40eec33e178b70e67d63edd1c5e4f05d96053548b69.png
|           `-- SHA256E-s12027--6f4d23344053ca2f22c4a40eec33e178b70e67d63edd1c5e4f05d96053548b69.png
`-- fa0
    `-- d63
        `-- SHA256E-s324254--d6581b4f13219fe93aa8b020df8ec8875881c5d97f28493c6b7b7ac9e80c2532.png
            `-- SHA256E-s324254--d6581b4f13219fe93aa8b020df8ec8875881c5d97f28493c6b7b7ac9e80c2532.png

I also see this:

git@...:~/git/repositories/internal/pool-files.git$ find . -name '*f1a8ef1c-...*'
./annex/transfer/upload/f1a8ef1c-...
git@...:~/git/repositories/internal/pool-files.git$ grep -R 'f1a8ef1c-6d8a-40e3-970f-4634390d961f' .   
./annex/journal/db2_f4b_SHA256E-s61542--80e2f39feca014a9d6cbaa510e37d96c4663500a1cf6dd74a4cd10b42f3e9169.svg.log:1766077308s 1 f1a8ef1c-...
./annex/journal/dc7_005_SHA256E-s12027--6f4d23344053ca2f22c4a40eec33e178b70e67d63edd1c5e4f05d96053548b69.png.log:1766058908s 1 f1a8ef1c-...
./annex/journal/fa0_d63_SHA256E-s324254--d6581b4f13219fe93aa8b020df8ec8875881c5d97f28493c6b7b7ac9e80c2532.png.log:1766060307s 1 f1a8ef1c-...
./annex/journal/d73_370_SHA256E-s61542--80e2f39feca014a9d6cbaa510e37d96c4663500a1cf6dd74a4cd10b42f3e9169.1.log:1766077792s 1 f1a8ef1c-...
./config:       uuid = f1a8ef1c-...

This made me (incorrectly) think whether this could mean that the repo thinks the upload came FROM f1a8ef1c-... ?

The p2phttp request is made to an endpoint that is composed like this:

endpoint = `${baseUrl}/${targetUuid}/v4/put?key=${encodeURIComponent(fileData.value.annexKey)}&clientuuid=${encodeURIComponent(clientUuid)}`

where

  baseUrl: https://<site>/git-annex-p2phttp/git-annex
  targetUuid: f1a8ef1c-...
  clientUuid: not-a-uuid

Notice that clientUuid is not a UUID (redacted original value that also was not a valid UUID).

I have adjusted that to be an actual UUID, and did another upload. This achieved two things:

A new file uploaded successfully (as before)
The pending logs were applied and the git-annex branch was updated -- exactly like you described.

However, the new upload is now sitting in the journal, and has not been taken into account, and additional uploads do not trigger a git-annex branch update immediately.

This issue may be in the realm of forgejo-aneksajo, and how it runs the p2phttp server. The previous uploads were made mid-December (as seen from the timestamps in the journal). Nothing has triggered a journal commit, also not the fetch of the git-annex branch.

Comment by mih — Fri Jan 16 15:30:17 2026

comment 3

This seems like a bug in the p2phttp server, it should not be leaving the git-annex branch uncommitted for long periods of time. It's easy enough to show that it leaves changes in the journal for a long time.

Probably we don't usually notice the bug because usually, if the p2phttp server doesn't commit the journal, the client will record the same information in the git-annex branch on its side, and push it out in the normal course of events, eg during a sync. I assume your JS client doesn't do that.

I've filed a bug: p2phttp timely journal commit

(As to the p2phttp clientuuid parameter, it is actually only used in transfer logs, which don't get into the git-annex branch. Using a made-up non-UUID there, or for that matter, using a UUID that "belongs" to someone else won't cause any real problem. (git-annex info will use the non-UUID in the "transfers in progress" display). This does not seem related to your problem.)