From 985839602a36621809a335283f8c738057673cb5 Mon Sep 17 00:00:00 2001 From: Jinzhe Zeng Date: Sun, 3 Dec 2023 06:37:43 -0500 Subject: [PATCH 1/3] Add unit test for integrity Signed-off-by: Jinzhe Zeng --- test/validate/index.js | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/test/validate/index.js b/test/validate/index.js index 15d736b8f..b66cf2593 100644 --- a/test/validate/index.js +++ b/test/validate/index.js @@ -13,11 +13,21 @@ describe('Validate', () => { }); }); - it('vendors', () => { + it('vendors', async () => { + const { createHash } = require('crypto'); + const { getVendors } = require('../../scripts/events/lib/utils'); const vendorsFile = fs.readFileSync(path.join(__dirname, '../../_vendors.yml')); - should.not.throw(() => { - yaml.load(vendorsFile); - }); + (await Promise.all(Object.entries(yaml.load(vendorsFile)).map(async ([key, vendor]) => { + vendor.minified = vendor.file || ''; + const { cdnjs } = getVendors(vendor); + // fetch content and check sha256 + return await fetch(cdnjs) + .then((response) => response.text()) + .then((body) => { + const integrity = Buffer.from(createHash('sha256').update(body, 'utf8').digest()).toString('base64'); + return !vendor.integrity || "sha256-" + integrity == vendor.integrity; + }); + }))).should.all.equal(true); }); it('language', () => { From 40d64a465ff5c911f74d8bc77e77147cb3337ec9 Mon Sep 17 00:00:00 2001 From: Jinzhe Zeng Date: Sun, 3 Dec 2023 06:42:47 -0500 Subject: [PATCH 2/3] fix lint Signed-off-by: Jinzhe Zeng --- test/validate/index.js | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/validate/index.js b/test/validate/index.js index b66cf2593..88a501c89 100644 --- a/test/validate/index.js +++ b/test/validate/index.js @@ -13,19 +13,19 @@ describe('Validate', () => { }); }); - it('vendors', async () => { + it('vendors', async() => { const { createHash } = require('crypto'); const { getVendors } = require('../../scripts/events/lib/utils'); const vendorsFile = fs.readFileSync(path.join(__dirname, '../../_vendors.yml')); - (await Promise.all(Object.entries(yaml.load(vendorsFile)).map(async ([key, vendor]) => { + (await Promise.all(Object.entries(yaml.load(vendorsFile)).map(async([key, vendor]) => { vendor.minified = vendor.file || ''; const { cdnjs } = getVendors(vendor); // fetch content and check sha256 return await fetch(cdnjs) - .then((response) => response.text()) - .then((body) => { + .then(response => response.text()) + .then(body => { const integrity = Buffer.from(createHash('sha256').update(body, 'utf8').digest()).toString('base64'); - return !vendor.integrity || "sha256-" + integrity == vendor.integrity; + return !vendor.integrity || 'sha256-' + integrity === vendor.integrity; }); }))).should.all.equal(true); }); From ad6c3030ccbdfd53c0e2af41fabe0710e1df80c6 Mon Sep 17 00:00:00 2001 From: Jinzhe Zeng Date: Sun, 3 Dec 2023 14:28:00 -0500 Subject: [PATCH 3/3] fix a typo --- test/validate/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/validate/index.js b/test/validate/index.js index 88a501c89..613396e4b 100644 --- a/test/validate/index.js +++ b/test/validate/index.js @@ -27,7 +27,7 @@ describe('Validate', () => { const integrity = Buffer.from(createHash('sha256').update(body, 'utf8').digest()).toString('base64'); return !vendor.integrity || 'sha256-' + integrity === vendor.integrity; }); - }))).should.all.equal(true); + })))[0].should.all.equal(true); }); it('language', () => {