forked from fenneclab/hugo-bin
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(index): Check checksum after download
closes: fenneclab#36
- Loading branch information
1 parent
a9189d1
commit 0367c6d
Showing
4 changed files
with
110 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
9684d0537b86bc3b9d188663a04be490d894d45222ad0397fe9a6229cb404a76 hugo_0.56.1_NetBSD-32bit.tar.gz | ||
a497af1d1c62e462c034231cb2c5cd0a433f69f0497a3cba293f98a379a199fa hugo_0.56.1_Linux-ARM64.tar.gz | ||
2842e643bede752a73d62475d9533ea9d9cbf149f1768c0a6a5e3b7aebd04a9a hugo_extended_0.56.1_Linux-64bit.deb | ||
4e737877835507a54687af2f767d69c4841e0d13ea26dc4eac8aab7c33ac7cb5 hugo_extended_0.56.1_macOS-64bit.tar.gz | ||
3b65fd97b544735462d0d432bdde7ff49465a8cece22b25ec2a9af5b438cf851 hugo_0.56.1_Windows-64bit.zip | ||
99ebdcbd846d5e151568ca58613dcf84a61d16433931eaf673781ddd09d964af hugo_0.56.1_Linux-32bit.tar.gz | ||
a11f9d488e9c7d9be8516beddfdd35a6232de80f143d6e690b2b26ba34d771cf hugo_0.56.1_macOS-32bit.tar.gz | ||
1b72b5b2cb1f0ec858b5daf1675f3f3883cb24222ef00266f15392ce8ce7d848 hugo_0.56.1_FreeBSD-32bit.tar.gz | ||
a02bba8e9391008e4d773bbd09e9f11a35f00d599b668e388ae0857dbef48a54 hugo_0.56.1_Linux-64bit.tar.gz | ||
cde6105946befdfc26769051f83795c3c55068db1d7582098fe1655027d2c133 hugo_0.56.1_DragonFlyBSD-64bit.tar.gz | ||
365e987956fee2cb3ffac30423dfdd94af08ec9fa1f0fbe0346784431cce3f87 hugo_0.56.1_Linux-ARM.tar.gz | ||
af68761aaae76954cfd78a99b310143998efb629e47d2048f8e24b3311f23a28 hugo_extended_0.56.1_Linux-64bit.tar.gz | ||
08e85b08afbc3ab419601be7bc14d5ac75254fdd77b74b0576bcae52e00036b5 hugo_0.56.1_OpenBSD-64bit.tar.gz | ||
4167cf37bc536e239a371fc27032f4bd09aa72350476d18f37395677deb58768 hugo_0.56.1_OpenBSD-32bit.tar.gz | ||
bb2e7741cb059a03b0613ae054ca839e2cdafb2bf77d07c37df91c5e2b803433 hugo_0.56.1_OpenBSD-ARM.tar.gz | ||
5729fc9ef3cc84c46ab8c2d114a5c1884466835363d4e5a2c25b140c8e9e2019 hugo_0.56.1_Linux-ARM.deb | ||
2920c24bb51bebbe8fd429147b13447087c435d999acdbd3a5ecf1048c9f2b47 hugo_0.56.1_NetBSD-64bit.tar.gz | ||
085607cb25361a48cf65a6ab10cf7ea29c7ab31f689feca17e50e3aef367a4d7 hugo_0.56.1_Linux-ARM64.deb | ||
aa6008e12b07e59b8f371edfa1d7da69cc90224f01aa6471a4428018d9edce59 hugo_0.56.1_Linux-32bit.deb | ||
ab9517cfe66172833280afb7a2a731a0d8c7edf26d861eaef42aa41deb17671b hugo_0.56.1_Linux-64bit.deb | ||
99a44ad0e58446e17e966805b6c60b161bebc76017a11215f07684735b56bcc0 hugo_0.56.1_Windows-32bit.zip | ||
4732a8169209efeadf46a9de75ea21d0d4b4341b606d20b2f645533944bf1199 hugo_0.56.1_NetBSD-ARM.tar.gz | ||
c05066136a537ad3ce4f6624e43bf1625866bb92c06da1e2c6271347b51c8d9a hugo_0.56.1_FreeBSD-64bit.tar.gz | ||
dfc3f887692e0eb377cc5be02adca4ce8864cdd0ac6a56f2c68f52e4a710d821 hugo_0.56.1_macOS-64bit.tar.gz | ||
9b82eb59f67823bff6ebaf83b9804e3c3e0a4a150fcd3d2c564c65ac9e3282ba hugo_extended_0.56.1_Windows-64bit.zip | ||
fefa258f9f861aaea46d1e9c4eb87c02024d2919f17d403dff373281e745c2f9 hugo_0.56.1_FreeBSD-ARM.tar.gz |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
|
||
'use strict'; | ||
|
||
const crypto = require('crypto'); | ||
const fs = require('fs'); | ||
const path = require('path'); | ||
const url = require('url'); | ||
const BinWrapperBase = require('bin-wrapper'); | ||
const importLazy = require('import-lazy')(require); | ||
const decompress = importLazy('decompress'); | ||
const download = importLazy('download'); | ||
const osFilterObj = importLazy('os-filter-obj'); | ||
|
||
const checksumPath = path.join(__dirname, '../hugo-checksums.txt'); | ||
|
||
function readFileAsync(filePath) { | ||
return new Promise((resolve, reject) => { | ||
fs.readFile(filePath, 'utf8', (err, data) => { | ||
if (err) { | ||
reject(err); | ||
return; | ||
} | ||
resolve(data); | ||
}); | ||
}) | ||
} | ||
function chmodAsync(filePath, mode) { | ||
return new Promise((resolve, reject) => { | ||
fs.chmod(filePath, mode, (err) => { | ||
if (err) { | ||
reject(err); | ||
return; | ||
} | ||
resolve(); | ||
}); | ||
}); | ||
} | ||
module.exports = class BinWrapper extends BinWrapperBase { | ||
/** | ||
* Override original download() to check checksum before download and after decompress | ||
*/ | ||
download() { | ||
const files = osFilterObj(this.src() || []); | ||
|
||
if (files.length === 0) { | ||
return Promise.reject(new Error('No binary found matching your system. It\'s probably not supported.')); | ||
} | ||
const fileUrl = files[0].url; | ||
const parsedUrl = url.parse(fileUrl); | ||
const parsedPath = path.parse(parsedUrl.pathname); | ||
const fileBaseName = parsedPath.base; | ||
|
||
return Promise.all([ | ||
download(fileUrl), | ||
readFileAsync(checksumPath) | ||
]) | ||
.then(([data, checksums]) => { | ||
const lines = checksums.split('\n'); | ||
const found = lines.map(line => { | ||
// parsing goreleaser checksum format | ||
// see: https://github.com/goreleaser/goreleaser/blob/master/internal/pipe/checksums/checksums.go#L81 | ||
return line.split(' '); | ||
}).find(([,baseName]) => { | ||
return baseName === fileBaseName; | ||
}); | ||
if (!found) { | ||
return Promise.reject(new Error('No checksum found.')); | ||
} | ||
const checksum = found[0]; | ||
if (crypto.createHash('sha256').update(data).digest('hex') !== checksum) { | ||
return Promise.reject(new Error('Hugo binary checksum does not match.')); | ||
} | ||
return decompress(data, this.dest(), { strip: this.options.strip }); | ||
}) | ||
.then(files => { | ||
return Promise.all(files.map(file => file.path).map(fileName => { | ||
return chmodAsync(path.join(this.dest(), fileName), 0o755); | ||
})); | ||
}); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters