diff options
| author | Thong Kuah <tkuah@gitlab.com> | 2022-08-01 11:42:18 +1200 |
|---|---|---|
| committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2023-10-23 13:59:01 +0900 |
| commit | ad08674d8dc17c4ca031ce20760c4a4779c83e27 (patch) | |
| tree | bf4958d6f06c36051f9c65e53c9e615ea1d978b2 /spec/bundler/support | |
| parent | 2d468358a516f575d013f07801079e0906c61f0c (diff) | |
[rubygems/rubygems] Add CHECKSUMS for each gem in lockfile
We lock the checksum for each resolved spec under a new CHECKSUMS
section in the lockfile.
If the locked spec does not resolve for the local platform, we preserve
the locked checksum, similar to how we preserve specs.
Checksum locking only makes sense on install. The compact index
information is only available then.
https://github.com/rubygems/rubygems/commit/bde37ca6bf
Diffstat (limited to 'spec/bundler/support')
| -rw-r--r-- | spec/bundler/support/artifice/helpers/compact_index.rb | 2 | ||||
| -rw-r--r-- | spec/bundler/support/checksums.rb | 51 |
2 files changed, 52 insertions, 1 deletions
diff --git a/spec/bundler/support/artifice/helpers/compact_index.rb b/spec/bundler/support/artifice/helpers/compact_index.rb index 4df47a9659..ef507ca12d 100644 --- a/spec/bundler/support/artifice/helpers/compact_index.rb +++ b/spec/bundler/support/artifice/helpers/compact_index.rb @@ -80,7 +80,7 @@ class CompactIndexAPI < Endpoint CompactIndex::Dependency.new(d.name, reqs) end checksum = begin - Digest(:SHA256).file("#{gem_repo}/gems/#{spec.original_name}.gem").base64digest + Digest(:SHA256).file("#{gem_repo}/gems/#{spec.original_name}.gem").hexdigest rescue StandardError nil end diff --git a/spec/bundler/support/checksums.rb b/spec/bundler/support/checksums.rb new file mode 100644 index 0000000000..3594b93518 --- /dev/null +++ b/spec/bundler/support/checksums.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +module Spec + module Checksums + class ChecksumsBuilder + def initialize + @checksums = [] + end + + def repo_gem(gem_repo, gem_name, gem_version, platform = nil) + gem_file = if platform + "#{gem_repo}/gems/#{gem_name}-#{gem_version}-#{platform}.gem" + else + "#{gem_repo}/gems/#{gem_name}-#{gem_version}.gem" + end + + checksum = sha256_checksum(gem_file) + @checksums << Bundler::Checksum.new(gem_name, gem_version, platform, checksum) + end + + def to_lock + @checksums.map(&:to_lock).join.strip + end + + private + + def sha256_checksum(file) + File.open(file) do |f| + digest = Bundler::SharedHelpers.digest(:SHA256).new + digest << f.read(16_384) until f.eof? + + "sha256-#{digest.hexdigest!}" + end + end + end + + def construct_checksum_section + checksums = ChecksumsBuilder.new + + yield checksums + + checksums.to_lock + end + + def checksum_for_repo_gem(gem_repo, gem_name, gem_version, platform = nil) + construct_checksum_section do |c| + c.repo_gem(gem_repo, gem_name, gem_version, platform) + end + end + end +end |