@electron/get
Advanced tools
Comparing version 2.0.2 to 2.0.3
@@ -21,2 +21,50 @@ "use strict"; | ||
} | ||
async function validateArtifact(artifactDetails, downloadedAssetPath, _downloadArtifact) { | ||
return await utils_1.withTempDirectoryIn(artifactDetails.tempDirectory, async (tempFolder) => { | ||
// Don't try to verify the hash of the hash file itself | ||
// and for older versions that don't have a SHASUMS256.txt | ||
if (!artifactDetails.artifactName.startsWith('SHASUMS256') && | ||
!artifactDetails.unsafelyDisableChecksums && | ||
semver.gte(artifactDetails.version, '1.3.2')) { | ||
let shasumPath; | ||
const checksums = artifactDetails.checksums; | ||
if (checksums) { | ||
shasumPath = path.resolve(tempFolder, 'SHASUMS256.txt'); | ||
const fileNames = Object.keys(checksums); | ||
if (fileNames.length === 0) { | ||
throw new Error('Provided "checksums" object is empty, cannot generate a valid SHASUMS256.txt'); | ||
} | ||
const generatedChecksums = fileNames | ||
.map(fileName => `${checksums[fileName]} *${fileName}`) | ||
.join('\n'); | ||
await fs.writeFile(shasumPath, generatedChecksums); | ||
} | ||
else { | ||
shasumPath = await _downloadArtifact({ | ||
isGeneric: true, | ||
version: artifactDetails.version, | ||
artifactName: 'SHASUMS256.txt', | ||
force: artifactDetails.force, | ||
downloadOptions: artifactDetails.downloadOptions, | ||
cacheRoot: artifactDetails.cacheRoot, | ||
downloader: artifactDetails.downloader, | ||
mirrorOptions: artifactDetails.mirrorOptions, | ||
}); | ||
} | ||
// For versions 1.3.2 - 1.3.4, need to overwrite the `defaultTextEncoding` option: | ||
// https://github.com/electron/electron/pull/6676#discussion_r75332120 | ||
if (semver.satisfies(artifactDetails.version, '1.3.2 - 1.3.4')) { | ||
const validatorOptions = {}; | ||
validatorOptions.defaultTextEncoding = 'binary'; | ||
const checker = new sumchecker.ChecksumValidator('sha256', shasumPath, validatorOptions); | ||
await checker.validate(path.dirname(downloadedAssetPath), path.basename(downloadedAssetPath)); | ||
} | ||
else { | ||
await sumchecker('sha256', shasumPath, path.dirname(downloadedAssetPath), [ | ||
path.basename(downloadedAssetPath), | ||
]); | ||
} | ||
} | ||
}); | ||
} | ||
/** | ||
@@ -58,3 +106,10 @@ * Downloads an artifact from an Electron release and returns an absolute path | ||
d('Cache hit'); | ||
return cachedPath; | ||
try { | ||
await validateArtifact(artifactDetails, cachedPath, downloadArtifact); | ||
return cachedPath; | ||
} | ||
catch (err) { | ||
d("Artifact in cache didn't match checksums", err); | ||
d('falling back to re-download'); | ||
} | ||
} | ||
@@ -72,48 +127,3 @@ } | ||
await downloader.download(url, tempDownloadPath, artifactDetails.downloadOptions); | ||
// Don't try to verify the hash of the hash file itself | ||
// and for older versions that don't have a SHASUMS256.txt | ||
if (!artifactDetails.artifactName.startsWith('SHASUMS256') && | ||
!artifactDetails.unsafelyDisableChecksums && | ||
semver.gte(artifactDetails.version, '1.3.2')) { | ||
await utils_1.withTempDirectory(async (tmpDir) => { | ||
let shasumPath; | ||
const checksums = artifactDetails.checksums; | ||
if (checksums) { | ||
shasumPath = path.resolve(tmpDir, 'SHASUMS256.txt'); | ||
const fileNames = Object.keys(checksums); | ||
if (fileNames.length === 0) { | ||
throw new Error('Provided "checksums" object is empty, cannot generate a valid SHASUMS256.txt'); | ||
} | ||
const generatedChecksums = fileNames | ||
.map(fileName => `${checksums[fileName]} *${fileName}`) | ||
.join('\n'); | ||
await fs.writeFile(shasumPath, generatedChecksums); | ||
} | ||
else { | ||
shasumPath = await downloadArtifact({ | ||
isGeneric: true, | ||
version: artifactDetails.version, | ||
artifactName: 'SHASUMS256.txt', | ||
force: artifactDetails.force, | ||
downloadOptions: artifactDetails.downloadOptions, | ||
cacheRoot: artifactDetails.cacheRoot, | ||
downloader: artifactDetails.downloader, | ||
mirrorOptions: artifactDetails.mirrorOptions, | ||
}); | ||
} | ||
// For versions 1.3.2 - 1.3.4, need to overwrite the `defaultTextEncoding` option: | ||
// https://github.com/electron/electron/pull/6676#discussion_r75332120 | ||
if (semver.satisfies(artifactDetails.version, '1.3.2 - 1.3.4')) { | ||
const validatorOptions = {}; | ||
validatorOptions.defaultTextEncoding = 'binary'; | ||
const checker = new sumchecker.ChecksumValidator('sha256', shasumPath, validatorOptions); | ||
await checker.validate(path.dirname(tempDownloadPath), path.basename(tempDownloadPath)); | ||
} | ||
else { | ||
await sumchecker('sha256', shasumPath, path.dirname(tempDownloadPath), [ | ||
path.basename(tempDownloadPath), | ||
]); | ||
} | ||
}); | ||
} | ||
await validateArtifact(artifactDetails, tempDownloadPath, downloadArtifact); | ||
return await cache.putFileInCache(url, tempDownloadPath, fileName); | ||
@@ -120,0 +130,0 @@ }); |
@@ -10,3 +10,3 @@ import debug from 'debug'; | ||
import { initializeProxy } from './proxy'; | ||
import { withTempDirectoryIn, getHostArch, getNodeArch, ensureIsTruthyString, isOfficialLinuxIA32Download, withTempDirectory, } from './utils'; | ||
import { withTempDirectoryIn, getHostArch, getNodeArch, ensureIsTruthyString, isOfficialLinuxIA32Download, } from './utils'; | ||
export { getHostArch } from './utils'; | ||
@@ -18,2 +18,50 @@ export { initializeProxy } from './proxy'; | ||
} | ||
async function validateArtifact(artifactDetails, downloadedAssetPath, _downloadArtifact) { | ||
return await withTempDirectoryIn(artifactDetails.tempDirectory, async (tempFolder) => { | ||
// Don't try to verify the hash of the hash file itself | ||
// and for older versions that don't have a SHASUMS256.txt | ||
if (!artifactDetails.artifactName.startsWith('SHASUMS256') && | ||
!artifactDetails.unsafelyDisableChecksums && | ||
semver.gte(artifactDetails.version, '1.3.2')) { | ||
let shasumPath; | ||
const checksums = artifactDetails.checksums; | ||
if (checksums) { | ||
shasumPath = path.resolve(tempFolder, 'SHASUMS256.txt'); | ||
const fileNames = Object.keys(checksums); | ||
if (fileNames.length === 0) { | ||
throw new Error('Provided "checksums" object is empty, cannot generate a valid SHASUMS256.txt'); | ||
} | ||
const generatedChecksums = fileNames | ||
.map(fileName => `${checksums[fileName]} *${fileName}`) | ||
.join('\n'); | ||
await fs.writeFile(shasumPath, generatedChecksums); | ||
} | ||
else { | ||
shasumPath = await _downloadArtifact({ | ||
isGeneric: true, | ||
version: artifactDetails.version, | ||
artifactName: 'SHASUMS256.txt', | ||
force: artifactDetails.force, | ||
downloadOptions: artifactDetails.downloadOptions, | ||
cacheRoot: artifactDetails.cacheRoot, | ||
downloader: artifactDetails.downloader, | ||
mirrorOptions: artifactDetails.mirrorOptions, | ||
}); | ||
} | ||
// For versions 1.3.2 - 1.3.4, need to overwrite the `defaultTextEncoding` option: | ||
// https://github.com/electron/electron/pull/6676#discussion_r75332120 | ||
if (semver.satisfies(artifactDetails.version, '1.3.2 - 1.3.4')) { | ||
const validatorOptions = {}; | ||
validatorOptions.defaultTextEncoding = 'binary'; | ||
const checker = new sumchecker.ChecksumValidator('sha256', shasumPath, validatorOptions); | ||
await checker.validate(path.dirname(downloadedAssetPath), path.basename(downloadedAssetPath)); | ||
} | ||
else { | ||
await sumchecker('sha256', shasumPath, path.dirname(downloadedAssetPath), [ | ||
path.basename(downloadedAssetPath), | ||
]); | ||
} | ||
} | ||
}); | ||
} | ||
/** | ||
@@ -55,3 +103,10 @@ * Downloads an artifact from an Electron release and returns an absolute path | ||
d('Cache hit'); | ||
return cachedPath; | ||
try { | ||
await validateArtifact(artifactDetails, cachedPath, downloadArtifact); | ||
return cachedPath; | ||
} | ||
catch (err) { | ||
d("Artifact in cache didn't match checksums", err); | ||
d('falling back to re-download'); | ||
} | ||
} | ||
@@ -69,48 +124,3 @@ } | ||
await downloader.download(url, tempDownloadPath, artifactDetails.downloadOptions); | ||
// Don't try to verify the hash of the hash file itself | ||
// and for older versions that don't have a SHASUMS256.txt | ||
if (!artifactDetails.artifactName.startsWith('SHASUMS256') && | ||
!artifactDetails.unsafelyDisableChecksums && | ||
semver.gte(artifactDetails.version, '1.3.2')) { | ||
await withTempDirectory(async (tmpDir) => { | ||
let shasumPath; | ||
const checksums = artifactDetails.checksums; | ||
if (checksums) { | ||
shasumPath = path.resolve(tmpDir, 'SHASUMS256.txt'); | ||
const fileNames = Object.keys(checksums); | ||
if (fileNames.length === 0) { | ||
throw new Error('Provided "checksums" object is empty, cannot generate a valid SHASUMS256.txt'); | ||
} | ||
const generatedChecksums = fileNames | ||
.map(fileName => `${checksums[fileName]} *${fileName}`) | ||
.join('\n'); | ||
await fs.writeFile(shasumPath, generatedChecksums); | ||
} | ||
else { | ||
shasumPath = await downloadArtifact({ | ||
isGeneric: true, | ||
version: artifactDetails.version, | ||
artifactName: 'SHASUMS256.txt', | ||
force: artifactDetails.force, | ||
downloadOptions: artifactDetails.downloadOptions, | ||
cacheRoot: artifactDetails.cacheRoot, | ||
downloader: artifactDetails.downloader, | ||
mirrorOptions: artifactDetails.mirrorOptions, | ||
}); | ||
} | ||
// For versions 1.3.2 - 1.3.4, need to overwrite the `defaultTextEncoding` option: | ||
// https://github.com/electron/electron/pull/6676#discussion_r75332120 | ||
if (semver.satisfies(artifactDetails.version, '1.3.2 - 1.3.4')) { | ||
const validatorOptions = {}; | ||
validatorOptions.defaultTextEncoding = 'binary'; | ||
const checker = new sumchecker.ChecksumValidator('sha256', shasumPath, validatorOptions); | ||
await checker.validate(path.dirname(tempDownloadPath), path.basename(tempDownloadPath)); | ||
} | ||
else { | ||
await sumchecker('sha256', shasumPath, path.dirname(tempDownloadPath), [ | ||
path.basename(tempDownloadPath), | ||
]); | ||
} | ||
}); | ||
} | ||
await validateArtifact(artifactDetails, tempDownloadPath, downloadArtifact); | ||
return await cache.putFileInCache(url, tempDownloadPath, fileName); | ||
@@ -117,0 +127,0 @@ }); |
{ | ||
"name": "@electron/get", | ||
"version": "2.0.2", | ||
"version": "2.0.3", | ||
"description": "Utility for downloading artifacts from different versions of Electron", | ||
@@ -38,3 +38,3 @@ "main": "dist/cjs/index.js", | ||
"devDependencies": { | ||
"@continuous-auth/semantic-release-npm": "^2.0.0", | ||
"@continuous-auth/semantic-release-npm": "^3.0.0", | ||
"@types/debug": "^4.1.4", | ||
@@ -41,0 +41,0 @@ "@types/fs-extra": "^8.0.0", |
@@ -5,3 +5,4 @@ # @electron/get | ||
[![CircleCI](https://circleci.com/gh/electron/get.svg?style=svg)](https://circleci.com/gh/electron/get) | ||
[![CircleCI](https://circleci.com/gh/electron/get.svg?style=shield)](https://circleci.com/gh/electron/get) | ||
[![NPM package](https://img.shields.io/npm/v/@electron/get)](https://npm.im/@electron/get) | ||
@@ -8,0 +9,0 @@ ## Usage |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
93636
1361
139