electron-updater - npm Package Compare versions

Comparing version 5.0.0-alpha.1 to 5.0.0-alpha.2

out/MacUpdater.js

@@ -101,28 +101,29 @@ "use strict";
         return await new Promise((resolve, reject) => {
-            const pass = crypto_1.default.randomBytes(64).toString("base64").replace(/\//g, "_").replace(/\+/g, "-");
-            const authInfo = Buffer.from(`autoupdater:${pass}`, "base64");
+            const pass = crypto_1.randomBytes(64).toString("base64").replace(/\//g, "_").replace(/\+/g, "-");
+            const authInfo = Buffer.from(`autoupdater:${pass}`, "ascii");
             // insecure random is ok
             const fileUrl = `/${Date.now().toString(16)}-${Math.floor(Math.random() * 9999).toString(16)}.zip`;
             this.server.on("request", (request, response) => {
-                // check for basic auth header
-                if (!request.headers.authorization || request.headers.authorization.indexOf("Basic ") === -1) {
-                    response.statusCode = 401;
-                    response.statusMessage = "Invalid Authentication Credentials";
-                    response.end();
-                    log.warn("No authenthication info");
-                }
-                // verify auth credentials
-                const base64Credentials = request.headers.authorization.split(" ")[1];
-                const credentials = Buffer.from(base64Credentials, "base64").toString("ascii");
-                const [username, password] = credentials.split(":");
-                if (username !== "autoupdater" || password !== pass) {
-                    response.statusCode = 401;
-                    response.statusMessage = "Invalid Authentication Credentials";
-                    response.end();
-                    log.warn("Invalid authenthication credentials");
-                    return;
-                }
                 const requestUrl = request.url;
                 log.info(`${requestUrl} requested`);
                 if (requestUrl === "/") {
+                    // check for basic auth header
+                    if (!request.headers.authorization || request.headers.authorization.indexOf("Basic ") === -1) {
+                        response.statusCode = 401;
+                        response.statusMessage = "Invalid Authentication Credentials";
+                        response.end();
+                        log.warn("No authenthication info");
+                        return;
+                    }
+                    // verify auth credentials
+                    const base64Credentials = request.headers.authorization.split(" ")[1];
+                    const credentials = Buffer.from(base64Credentials, "base64").toString("ascii");
+                    const [username, password] = credentials.split(":");
+                    if (username !== "autoupdater" || password !== pass) {
+                        response.statusCode = 401;
+                        response.statusMessage = "Invalid Authentication Credentials";
+                        response.end();
+                        log.warn("Invalid authenthication credentials");
+                        return;
+                    }
                     const data = Buffer.from(`{ "url": "${getServerUrl(this.server)}${fileUrl}" }`);
@@ -172,3 +173,3 @@ response.writeHead(200, { "Content-Type": "application/json", "Content-Length": data.length });
                         "Cache-Control": "no-cache",
-                        Authorization: `Basic ${authInfo.toString("ascii")}`,
+                        Authorization: `Basic ${authInfo.toString("base64")}`,
                     },
@@ -175,0 +176,0 @@ });

out/providers/GitHubProvider.js

@@ -25,3 +25,3 @@ "use strict";
         const host = this.options.host;
-        return host != null && host !== "github.com" && host !== "api.github.com" ? `/api/v3${result}` : result;
+        return host !== null && host !== "github.com" && host !== "api.github.com" ? `/api/v3${result}` : result;
     }
@@ -37,2 +37,3 @@ }
     async getLatestVersion() {
+        var _a, _b, _c, _d;
         const cancellationToken = new builder_util_runtime_1.CancellationToken();
@@ -45,7 +46,30 @@ const feedXml = (await this.httpRequest(util_1.newUrlFromBase(`${this.basePath}.atom`, this.baseUrl), {
         let latestRelease = feed.element("entry", false, `No published versions on GitHub`);
-        let tag;
+        let tag = null;
         try {
             if (this.updater.allowPrerelease) {
-                // noinspection TypeScriptValidateJSTypes
-                tag = hrefRegExp.exec(latestRelease.element("link").attribute("href"))[1];
+                const currentChannel = ((_a = this.updater) === null || _a === void 0 ? void 0 : _a.channel) || String((_b = semver.prerelease(this.updater.currentVersion)) === null || _b === void 0 ? void 0 : _b[0]) || null;
+                for (const element of feed.getElements("entry")) {
+                    // noinspection TypeScriptValidateJSTypes
+                    const hrefElement = hrefRegExp.exec(element.element("link").attribute("href"));
+                    // If this is null then something is wrong and skip this release
+                    if (hrefElement === null)
+                        continue;
+                    // This Release's Tag
+                    const hrefTag = hrefElement[1];
+                    //Get Channel from this release's tag
+                    const hrefChannel = ((_c = semver.prerelease(hrefTag)) === null || _c === void 0 ? void 0 : _c[0]) || null;
+                    const shouldFetchVersion = !currentChannel || ["alpha", "beta"].includes(currentChannel);
+                    const isCustomChannel = !["alpha", "beta"].includes(String(hrefChannel));
+                    // Allow moving from alpha to beta but not down
+                    const channelMismatch = currentChannel === "beta" && hrefChannel === "alpha";
+                    if (shouldFetchVersion && !isCustomChannel && !channelMismatch) {
+                        tag = hrefTag;
+                        break;
+                    }
+                    const isNextPreRelease = hrefChannel && hrefChannel === currentChannel;
+                    if (isNextPreRelease) {
+                        tag = hrefTag;
+                        break;
+                    }
+                }
             }
@@ -69,14 +93,31 @@ else {
         }
-        const channelFile = util_1.getChannelFilename(this.getDefaultChannelName());
-        const channelFileUrl = util_1.newUrlFromBase(this.getBaseDownloadPath(tag, channelFile), this.baseUrl);
-        const requestOptions = this.createRequestOptions(channelFileUrl);
         let rawData;
+        let channelFile = "";
+        let channelFileUrl = "";
+        const fetchData = async (channelName) => {
+            channelFile = util_1.getChannelFilename(channelName);
+            channelFileUrl = util_1.newUrlFromBase(this.getBaseDownloadPath(String(tag), channelFile), this.baseUrl);
+            const requestOptions = this.createRequestOptions(channelFileUrl);
+            try {
+                return (await this.executor.request(requestOptions, cancellationToken));
+            }
+            catch (e) {
+                if (e instanceof builder_util_runtime_1.HttpError && e.statusCode === 404) {
+                    throw builder_util_runtime_1.newError(`Cannot find ${channelFile} in the latest release artifacts (${channelFileUrl}): ${e.stack || e.message}`, "ERR_UPDATER_CHANNEL_FILE_NOT_FOUND");
+                }
+                throw e;
+            }
+        };
         try {
-            rawData = (await this.executor.request(requestOptions, cancellationToken));
+            const channel = this.updater.allowPrerelease ? this.getCustomChannelName(String(((_d = semver.prerelease(tag)) === null || _d === void 0 ? void 0 : _d[0]) || "latest")) : this.getDefaultChannelName();
+            rawData = await fetchData(channel);
         }
         catch (e) {
-            if (!this.updater.allowPrerelease && e instanceof builder_util_runtime_1.HttpError && e.statusCode === 404) {
-                throw builder_util_runtime_1.newError(`Cannot find ${channelFile} in the latest release artifacts (${channelFileUrl}): ${e.stack || e.message}`, "ERR_UPDATER_CHANNEL_FILE_NOT_FOUND");
+            if (this.updater.allowPrerelease) {
+                // Allow fallback to `latest.yml`
+                rawData = await fetchData(this.getDefaultChannelName());
             }
-            throw e;
+            else {
+                throw e;
+            }
         }
@@ -83,0 +124,0 @@ const result = Provider_1.parseUpdateInfo(rawData, channelFile, channelFileUrl);

package.json

 {
   "name": "electron-updater",
-  "version": "5.0.0-alpha.1",
+  "version": "5.0.0-alpha.2",
   "description": "Cross platform updater for electron applications",
@@ -5,0 +5,0 @@ "main": "out/main.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

416631

increased by1.36%

Lines of code

3794

increased by1.12%

No dependency changes