deltara 0.26.1 → 0.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/deltara.js +49 -2
- package/bin/integrity.json +5 -0
- package/package.json +1 -1
- package/vendor/darwin-arm64/deltara +0 -0
package/bin/deltara.js
CHANGED
|
@@ -1,9 +1,13 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
// Thin wrapper that spawns the platform-specific Deltara binary.
|
|
3
|
-
//
|
|
4
|
-
//
|
|
3
|
+
//
|
|
4
|
+
// 0.27.0+ — integrity guard: verifies the shipped binary's SHA-256 matches
|
|
5
|
+
// the hash recorded in integrity.json at build time. If the binary on disk
|
|
6
|
+
// has been tampered with (post-install file swap, corrupted install, etc.),
|
|
7
|
+
// the wrapper aborts BEFORE executing so a trojaned binary cannot run.
|
|
5
8
|
|
|
6
9
|
const { spawn } = require("child_process");
|
|
10
|
+
const { createHash } = require("crypto");
|
|
7
11
|
const path = require("path");
|
|
8
12
|
const fs = require("fs");
|
|
9
13
|
const os = require("os");
|
|
@@ -26,6 +30,49 @@ if (!fs.existsSync(binPath)) {
|
|
|
26
30
|
process.exit(1);
|
|
27
31
|
}
|
|
28
32
|
|
|
33
|
+
// ── Binary integrity check (0.27.0+) ────────────────────────────────
|
|
34
|
+
// Computes SHA-256 of the binary on disk and compares against the hash
|
|
35
|
+
// recorded during build. A mismatch means:
|
|
36
|
+
// - The binary was modified after npm install (malware, IDE plugin, etc.)
|
|
37
|
+
// - The install partially failed and left a truncated file
|
|
38
|
+
// - A file-system corruption event touched the bits
|
|
39
|
+
// In any of these cases, the safe action is to abort. Telling the user to
|
|
40
|
+
// reinstall is the correct remediation — npm pulls a fresh signed tarball
|
|
41
|
+
// whose hash the wrapper will verify again.
|
|
42
|
+
try {
|
|
43
|
+
const integrityPath = path.join(__dirname, "integrity.json");
|
|
44
|
+
if (fs.existsSync(integrityPath)) {
|
|
45
|
+
const integrity = JSON.parse(fs.readFileSync(integrityPath, "utf-8"));
|
|
46
|
+
const expectedHash = integrity && integrity[binName];
|
|
47
|
+
if (expectedHash && expectedHash.startsWith("sha256:")) {
|
|
48
|
+
const expected = expectedHash.slice(7);
|
|
49
|
+
const actual = createHash("sha256")
|
|
50
|
+
.update(fs.readFileSync(binPath))
|
|
51
|
+
.digest("hex");
|
|
52
|
+
if (actual !== expected) {
|
|
53
|
+
console.error("deltara: binary integrity check FAILED");
|
|
54
|
+
console.error(` expected sha256: ${expected.slice(0, 16)}...${expected.slice(-16)}`);
|
|
55
|
+
console.error(` actual sha256: ${actual.slice(0, 16)}...${actual.slice(-16)}`);
|
|
56
|
+
console.error();
|
|
57
|
+
console.error("The deltara binary on disk does not match the hash recorded");
|
|
58
|
+
console.error("at build time. This could mean the binary was tampered with,");
|
|
59
|
+
console.error("or the install is corrupted. Reinstall to fix:");
|
|
60
|
+
console.error();
|
|
61
|
+
console.error(" npm install -g deltara");
|
|
62
|
+
process.exit(1);
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
// Missing/malformed integrity.json → treat as non-fatal warning in case
|
|
66
|
+
// someone is running from a dev build. The Worker's binary-attestation
|
|
67
|
+
// HMAC still gates every request, so a bad binary without integrity.json
|
|
68
|
+
// can't actually reach sensitive endpoints.
|
|
69
|
+
}
|
|
70
|
+
} catch (err) {
|
|
71
|
+
console.error(`deltara: integrity check error — ${err.message}`);
|
|
72
|
+
console.error("Aborting for safety. Reinstall: npm install -g deltara");
|
|
73
|
+
process.exit(1);
|
|
74
|
+
}
|
|
75
|
+
|
|
29
76
|
// ── Ensure binary is executable ─────────────────────────────────────
|
|
30
77
|
try {
|
|
31
78
|
fs.chmodSync(binPath, 0o755);
|
package/package.json
CHANGED
|
Binary file
|