cacache - npm Package Versions
Changelog
7.0.0 (2017-04-03)
Bug Fixes
- test: fix content.write tests when running in docker (d2e9b6a)
Features
- integrity: subresource integrity support (#78) (b1e731f)
BREAKING CHANGES
-
integrity: The entire API has been overhauled to use SRI hashes instead of digest/hashAlgorithm pairs. SRI hashes follow the Subresource Integrity standard and support strings and objects compatible with
ssri. -
This change bumps the index version, which will invalidate all previous index entries. Content entries will remain intact, and existing caches will automatically reuse any content from before this breaking change.
-
cacache.get.info(),cacache.ls(), andcacache.ls.stream()will now return objects that looks like this:
{
key: String,
integrity: '<algorithm>-<base64hash>',
path: ContentPath,
time: Date<ms>,
metadata: Any
}
-
opts.digestandopts.hashAlgorithmare obsolete for any API calls that used them. -
Anywhere
opts.digestwas accepted,opts.integrityis now an option. Any valid SRI hash is accepted here -- multiple hash entries will be resolved according to the standard: first, the "strongest" hash algorithm will be picked, and then each of the entries for that algorithm will be matched against the content. Content will be validated if any of the entries match (so, a single integrity string can be used for multiple "versions" of the same document/data). -
put.byDigest(),put.stream.byDigest,get.byDigest()andget.stream.byDigest()now expect an SRI instead of adigest+opts.hashAlgorithmpairing. -
get.hasContent()now expects an integrity hash instead of a digest. If content exists, it will return the specific single integrity hash that was found in the cache. -
verify()has learned to handle integrity-based caches, and forgotten how to handle old-style cache indices due to the format change. -
cacache.rm.content()now expects an integrity hash instead of a hex digest.
<a name="6.3.0"></a>