bundler-integrity 1.0.4 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/bundler-integrity +27 -20
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 16d8e0af58189d54879cf2ba4ca00639ac922db9025988d5af42b287205be553
|
|
4
|
+
data.tar.gz: 2ec92dfd6fb119f30313358a615548165d2402056fbc811b758de972f5a71f06
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dd97d3e8ed5998f6d69f679ab81b7ff0796fe380ba3fae7e09b55a545a6e940d2a5002b77e46f01117e905a28f9645cf769d52335891386de3c4dae87b2873a2
|
|
7
|
+
data.tar.gz: 0af0bdd19235f8f7a5aea46f15b582f06000bbe4c8f467de15570fd28e69e37237810f755516a2be4150bd70d747a5b5741c01a1df7806b908a9f3b68fa5dcd2
|
data/bin/bundler-integrity
CHANGED
|
@@ -10,6 +10,10 @@ require 'json'
|
|
|
10
10
|
require 'open-uri'
|
|
11
11
|
require 'digest/sha2'
|
|
12
12
|
|
|
13
|
+
# This will only print gem files full names and their expected checksums WITHOUT validating
|
|
14
|
+
# Useful to export and run search and comparison in prod, etc
|
|
15
|
+
PRINT_EXPORT = (ARGV[0] == 'export')
|
|
16
|
+
|
|
13
17
|
# Packages cache paths candidates (we will check all)
|
|
14
18
|
CACHE_DIRS = [
|
|
15
19
|
Bundler::RubygemsIntegration.new.gem_cache,
|
|
@@ -23,7 +27,6 @@ deps = ::Bundler::Definition
|
|
|
23
27
|
.build(Bundler.default_gemfile, Bundler.default_lockfile, nil)
|
|
24
28
|
.tap(&:validate_runtime!)
|
|
25
29
|
|
|
26
|
-
|
|
27
30
|
deps.specs.each do |spec|
|
|
28
31
|
# Ignore git based, etc
|
|
29
32
|
next unless spec.source.is_a?(Bundler::Source::Rubygems)
|
|
@@ -50,32 +53,36 @@ deps.specs.each do |spec|
|
|
|
50
53
|
|
|
51
54
|
version || raise("#{full_name} not found in the RubyGems API response")
|
|
52
55
|
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
+
if PRINT_EXPORT
|
|
57
|
+
puts "#{version.fetch('sha')} #{full_name}"
|
|
58
|
+
else
|
|
59
|
+
candidates = CACHE_DIRS
|
|
60
|
+
.map { |dir| File.join(dir, full_name) }
|
|
61
|
+
.select { |path| File.exist?(path) }
|
|
56
62
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
63
|
+
if candidates.empty?
|
|
64
|
+
puts "\033[0;33m[WARN]\033[0m #{full_name} was not found in cache locations, maybe it is a stdlib gem?"
|
|
65
|
+
next
|
|
66
|
+
end
|
|
61
67
|
|
|
62
|
-
|
|
63
|
-
|
|
68
|
+
candidates.each do |full_path|
|
|
69
|
+
sha = Digest::SHA2.new
|
|
64
70
|
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
71
|
+
File.open(full_path) do |f|
|
|
72
|
+
while chunk = f.read(256)
|
|
73
|
+
sha << chunk
|
|
74
|
+
end
|
|
68
75
|
end
|
|
69
|
-
end
|
|
70
76
|
|
|
71
77
|
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
78
|
+
if version.fetch('sha') == sha.hexdigest
|
|
79
|
+
puts "\033[0;32m[OK]\033[0m #{full_path}"
|
|
80
|
+
else
|
|
81
|
+
puts "\033[0;31m[FAILURE]\033[0m"
|
|
82
|
+
puts "Checksum verification for #{full_path} failed!"
|
|
77
83
|
|
|
78
|
-
|
|
84
|
+
exit 1
|
|
85
|
+
end
|
|
79
86
|
end
|
|
80
87
|
end
|
|
81
88
|
end
|