tuf-js - npm Package Compare versions
Comparing version 2.1.0 to 2.2.0
@@ -7,10 +7,10 @@ "use strict"; | ||
| maxDelegations: 32, | ||
| rootMaxLength: 512000, | ||
| timestampMaxLength: 16384, | ||
| snapshotMaxLength: 2000000, | ||
| targetsMaxLength: 5000000, | ||
| rootMaxLength: 512000, //bytes | ||
| timestampMaxLength: 16384, // bytes | ||
| snapshotMaxLength: 2000000, // bytes | ||
| targetsMaxLength: 5000000, // bytes | ||
| prefixTargetsWithHash: true, | ||
| fetchTimeout: 100000, | ||
| fetchTimeout: 100000, // milliseconds | ||
| fetchRetries: undefined, | ||
| fetchRetry: 2, | ||
| }; |
@@ -10,2 +10,3 @@ import { TargetFile } from '@tufjs/models'; | ||
| fetcher?: Fetcher; | ||
| forceCache?: boolean; | ||
| config?: Partial<Config>; | ||
@@ -18,2 +19,3 @@ } | ||
| private targetBaseUrl?; | ||
| private forceCache; | ||
| private trustedSet; | ||
@@ -20,0 +22,0 @@ private config; |
@@ -47,2 +47,3 @@ "use strict"; | ||
| this.targetBaseUrl = targetBaseUrl; | ||
| this.forceCache = options.forceCache ?? false; | ||
| const data = this.loadLocalMetadata(models_1.MetadataKind.Root); | ||
@@ -61,4 +62,21 @@ this.trustedSet = new store_1.TrustedMetadataStore(data); | ||
| async refresh() { | ||
| await this.loadRoot(); | ||
| await this.loadTimestamp(); | ||
| // If forceCache is true, try to load the timestamp from local storage | ||
| // without fetching it from the remote. Otherwise, load the root and | ||
| // timestamp from the remote per the TUF spec. | ||
| if (this.forceCache) { | ||
| // If anything fails, load the root and timestamp from the remote. This | ||
| // should cover any situation where the local metadata is corrupted or | ||
| // expired. | ||
| try { | ||
| await this.loadTimestamp({ checkRemote: false }); | ||
| } | ||
| catch (error) { | ||
| await this.loadRoot(); | ||
| await this.loadTimestamp(); | ||
| } | ||
| } | ||
| else { | ||
| await this.loadRoot(); | ||
| await this.loadTimestamp(); | ||
| } | ||
| await this.loadSnapshot(); | ||
@@ -148,3 +166,3 @@ await this.loadTargets(models_1.MetadataKind.Targets, models_1.MetadataKind.Root); | ||
| // Client workflow 5.4: update timestamp role | ||
| async loadTimestamp() { | ||
| async loadTimestamp({ checkRemote } = { checkRemote: true }) { | ||
| // Load local and remote timestamp metadata | ||
@@ -154,2 +172,7 @@ try { | ||
| this.trustedSet.updateTimestamp(data); | ||
| // If checkRemote is disabled, return here to avoid fetching the remote | ||
| // timestamp metadata. | ||
| if (!checkRemote) { | ||
| return; | ||
| } | ||
| } | ||
@@ -156,0 +179,0 @@ catch (error) { |
| { | ||
| "name": "tuf-js", | ||
| "version": "2.1.0", | ||
| "version": "2.2.0", | ||
| "description": "JavaScript implementation of The Update Framework (TUF)", | ||
@@ -32,4 +32,4 @@ "main": "dist/index.js", | ||
| "@tufjs/repo-mock": "2.0.0", | ||
| "@types/debug": "^4.1.8", | ||
| "@types/make-fetch-happen": "^10.0.1" | ||
| "@types/debug": "^4.1.12", | ||
| "@types/make-fetch-happen": "^10.0.4" | ||
| }, | ||
@@ -36,0 +36,0 @@ "dependencies": { |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.75%
40562
- Lines of code
- increased by2.96%
869