@tufjs/models
Advanced tools
@tufjs/models - npm Package Compare versions
Comparing version 1.0.1 to 1.0.2
@@ -7,2 +7,3 @@ "use strict"; | ||
| exports.Metadata = void 0; | ||
| const canonical_json_1 = require("@tufjs/canonical-json"); | ||
| const util_1 = __importDefault(require("util")); | ||
@@ -17,3 +18,2 @@ const base_1 = require("./base"); | ||
| const utils_1 = require("./utils"); | ||
| const json_1 = require("./utils/json"); | ||
| /*** | ||
@@ -50,3 +50,3 @@ * A container for signed TUF metadata. | ||
| sign(signer, append = true) { | ||
| const bytes = (0, json_1.canonicalize)(this.signed.toJSON()); | ||
| const bytes = Buffer.from((0, canonical_json_1.canonicalize)(this.signed.toJSON())); | ||
| const signature = signer(bytes); | ||
@@ -53,0 +53,0 @@ if (!append) { |
@@ -7,8 +7,8 @@ "use strict"; | ||
| exports.verifySignature = void 0; | ||
| const canonical_json_1 = require("@tufjs/canonical-json"); | ||
| const crypto_1 = __importDefault(require("crypto")); | ||
| const json_1 = require("./json"); | ||
| const verifySignature = (metaDataSignedData, key, signature) => { | ||
| const canonicalData = (0, json_1.canonicalize)(metaDataSignedData) || ''; | ||
| const canonicalData = Buffer.from((0, canonical_json_1.canonicalize)(metaDataSignedData)); | ||
| return crypto_1.default.verify(undefined, canonicalData, key, Buffer.from(signature, 'hex')); | ||
| }; | ||
| exports.verifySignature = verifySignature; |
| { | ||
| "name": "@tufjs/models", | ||
| "version": "1.0.1", | ||
| "version": "1.0.2", | ||
| "description": "TUF metadata models", | ||
@@ -32,7 +32,8 @@ "main": "dist/index.js", | ||
| "@types/minimatch": "^5.1.2", | ||
| "@types/node": "^18.15.3", | ||
| "typescript": "^4.9.5" | ||
| "@types/node": "^18.15.11", | ||
| "typescript": "^5.0.4" | ||
| }, | ||
| "dependencies": { | ||
| "minimatch": "^7.4.2" | ||
| "minimatch": "^8.0.3", | ||
| "@tufjs/canonical-json": "1.0.0" | ||
| }, | ||
@@ -39,0 +40,0 @@ "engines": { |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
- decreased by-2.78%
77827
- Dependency count
- increased by100%
2
- Number of package files
- decreased by-4.65%
41
- Lines of code
- decreased by-3.04%
2039
Dependency changes
+ Added@tufjs/canonical-json@1.0.0
+ Added@tufjs/canonical-json@1.0.0(transitive)
+ Addedminimatch@8.0.4(transitive)
- Removedminimatch@7.4.6(transitive)
Updatedminimatch@^8.0.3