@dk/hipp 0.1.26 → 0.1.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -8
- package/hipp.js +5 -2
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -110,8 +110,9 @@ npx @dk/hipp -- --access public --tag beta
|
|
|
110
110
|
HIPP provides out-of-band verification to prove package integrity:
|
|
111
111
|
|
|
112
112
|
```bash
|
|
113
|
-
npx @dk/hipp verify @dk/
|
|
114
|
-
npx @dk/hipp verify
|
|
113
|
+
npx @dk/hipp verify # verifies latest @dk/hipp
|
|
114
|
+
npx @dk/hipp verify @scope/package # verifies latest of a package
|
|
115
|
+
npx @dk/hipp verify @scope/package@1.0.0 # verifies specific version
|
|
115
116
|
```
|
|
116
117
|
|
|
117
118
|
### How Verification Works
|
|
@@ -239,20 +240,20 @@ PERFORMANCE OF THIS SOFTWARE.
|
|
|
239
240
|
Verify this package with [@dk/hipp](https://www.npmjs.com/package/@dk/hipp):
|
|
240
241
|
|
|
241
242
|
```bash
|
|
242
|
-
npx @dk/hipp verify @dk/hipp@0.1.
|
|
243
|
+
npx @dk/hipp verify @dk/hipp@0.1.27
|
|
243
244
|
```
|
|
244
245
|
|
|
245
246
|
```json
|
|
246
247
|
{
|
|
247
248
|
"origin": "git@github.com:dmytri/hipp.git",
|
|
248
|
-
"tag": "v0.1.
|
|
249
|
-
"revision": "
|
|
250
|
-
"hash": "
|
|
251
|
-
"signature": "+
|
|
249
|
+
"tag": "v0.1.27",
|
|
250
|
+
"revision": "528a1ce0c415b335f118ec006e50b464c75efd9a",
|
|
251
|
+
"hash": "8738b992f6546c2aa6509c43aa95dc4a8206582d2cc511e8b30f5e35c6e2eb3a",
|
|
252
|
+
"signature": "80nbN79+QNiEVMKsY520VXcWBY1s5R2Yq9kpi/EUW5Hrs8KKBRPH3tQ6JSeBGGi5ZzWDi3UEi9s/AN55c5hdAg==",
|
|
252
253
|
"name": "Dmytri Kleiner",
|
|
253
254
|
"email": "dev@dmytri.to",
|
|
254
255
|
"npm": "11.12.1",
|
|
255
256
|
"node": "v25.8.2",
|
|
256
|
-
"hipp": "0.1.
|
|
257
|
+
"hipp": "0.1.27"
|
|
257
258
|
}
|
|
258
259
|
```
|
package/hipp.js
CHANGED
|
@@ -429,7 +429,7 @@ async function runVerify(packageSpec) {
|
|
|
429
429
|
const npa = require('npm-package-arg');
|
|
430
430
|
const parsed = npa(packageSpec);
|
|
431
431
|
const pkgName = parsed.name;
|
|
432
|
-
const pkgVersion = parsed.fetchSpec;
|
|
432
|
+
const pkgVersion = parsed.fetchSpec === '*' ? null : parsed.fetchSpec;
|
|
433
433
|
log.info(`🔍 HIPP Verify: ${pkgName}${pkgVersion ? '@' + pkgVersion : ''}`);
|
|
434
434
|
|
|
435
435
|
const registryUrl = `https://registry.npmjs.org/${parsed.escapedName}/${pkgVersion || 'latest'}`;
|
|
@@ -757,7 +757,10 @@ if (isVerify) {
|
|
|
757
757
|
} else {
|
|
758
758
|
const hippPkgPath = path.join(path.dirname(process.argv[1]), 'package.json');
|
|
759
759
|
const hippPkg = JSON.parse(fs.readFileSync(hippPkgPath, 'utf8'));
|
|
760
|
-
|
|
760
|
+
const spec = hippPkg.version === '0.0.0'
|
|
761
|
+
? hippPkg.name
|
|
762
|
+
: `${hippPkg.name}@${hippPkg.version}`;
|
|
763
|
+
runVerify(spec);
|
|
761
764
|
}
|
|
762
765
|
} else if (process.argv.includes('--help') || process.argv.includes('-h')) {
|
|
763
766
|
console.log(`\x1b[36mHIPP - High Integrity Package Publisher\x1b[0m
|