I think down the line we'll need to better distinguish between new content and existing hardlinks to make this pattern work well. For example doing unprivileged OS builds, we want to specify
ostree commit --owner-uid 0 but only have that apply to new files. Which actually is what gnome-continuous has been doing for a long time, and that PR broke it too.
Maybe something like a flag in the callbacks that say whether or not the object existed, then callbacks can decide what to do?