@dk/hipp 0.1.21 → 0.1.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -6
- package/hipp.js +21 -2
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -220,16 +220,16 @@ PERFORMANCE OF THIS SOFTWARE.
|
|
|
220
220
|
Verify this package with [@dk/hipp](https://www.npmjs.com/package/@dk/hipp):
|
|
221
221
|
|
|
222
222
|
```bash
|
|
223
|
-
npx @dk/hipp verify @dk/hipp@0.1.
|
|
223
|
+
npx @dk/hipp verify @dk/hipp@0.1.22
|
|
224
224
|
```
|
|
225
225
|
|
|
226
226
|
```json
|
|
227
227
|
{
|
|
228
|
-
"origin": "
|
|
229
|
-
"tag": "v0.1.
|
|
230
|
-
"revision": "
|
|
231
|
-
"hash": "
|
|
232
|
-
"signature": "
|
|
228
|
+
"origin": "git@github.com:dmytri/hipp.git",
|
|
229
|
+
"tag": "v0.1.22",
|
|
230
|
+
"revision": "384db1fb92cd1d5f0c72a32f12748c6b683996e0",
|
|
231
|
+
"hash": "afad3a4ee75bb430c416067e841dd127de3577c27cd89bbf4064e1da568e1aa1",
|
|
232
|
+
"signature": "2XhbwQWY5tp/7frdyRjh2ynyigjdu5fumebrfN1/eMvSSuSawNwekZctBs+CfsfBI61V1tu4plzOhRvgsw8AAw==",
|
|
233
233
|
"name": "Dmytri Kleiner",
|
|
234
234
|
"email": "dev@dmytri.to",
|
|
235
235
|
"npm": "11.12.1",
|
package/hipp.js
CHANGED
|
@@ -41,6 +41,14 @@ function sshToHttpsUrl(sshUrl) {
|
|
|
41
41
|
return sshUrl;
|
|
42
42
|
}
|
|
43
43
|
|
|
44
|
+
function httpsToSshUrl(httpsUrl) {
|
|
45
|
+
const match = httpsUrl.match(/^https:\/\/([^/]+)\/(.+)$/);
|
|
46
|
+
if (match) {
|
|
47
|
+
return `git@${match[1]}:${match[2]}`;
|
|
48
|
+
}
|
|
49
|
+
return httpsUrl;
|
|
50
|
+
}
|
|
51
|
+
|
|
44
52
|
function runCmd(cmd, args, options = {}) {
|
|
45
53
|
const result = spawnSync(cmd, args, {
|
|
46
54
|
encoding: 'utf8',
|
|
@@ -482,7 +490,18 @@ async function runVerify(packageSpec) {
|
|
|
482
490
|
const stageDir = fs.mkdtempSync(path.join(os.tmpdir(), `hipp-verify-stage-`));
|
|
483
491
|
|
|
484
492
|
try {
|
|
485
|
-
|
|
493
|
+
let cloneResult;
|
|
494
|
+
try {
|
|
495
|
+
cloneResult = git(['clone', '--branch', tag, '--depth', '1', originUrl, tmpDir], { stdio: 'pipe' });
|
|
496
|
+
} catch (cloneErr) {
|
|
497
|
+
if (originUrl.startsWith('git@')) {
|
|
498
|
+
const httpsUrl = sshToHttpsUrl(originUrl);
|
|
499
|
+
log.info(`🌿 SSH clone failed, trying HTTPS: ${httpsUrl}...`);
|
|
500
|
+
cloneResult = git(['clone', '--branch', tag, '--depth', '1', httpsUrl, tmpDir], { stdio: 'pipe' });
|
|
501
|
+
} else {
|
|
502
|
+
throw cloneErr;
|
|
503
|
+
}
|
|
504
|
+
}
|
|
486
505
|
|
|
487
506
|
const clonedRevision = git(['rev-parse', 'HEAD'], { cwd: tmpDir });
|
|
488
507
|
if (clonedRevision !== revision) {
|
|
@@ -658,7 +677,7 @@ async function run() {
|
|
|
658
677
|
const revision = refInfo.head;
|
|
659
678
|
const npmVersion = runCmd('npm', ['--version']).stdout.trim();
|
|
660
679
|
const nodeVersion = process.version;
|
|
661
|
-
const originUrl =
|
|
680
|
+
const originUrl = provenance.remoteUrl;
|
|
662
681
|
const dataToSign = buildSignData(tarballHash, originUrl, rawTag, revision, name, email);
|
|
663
682
|
const signature = signContent(dataToSign, privateKey);
|
|
664
683
|
|