From 6683aaee4f550881ced31b0549572797ad6f7b6c Mon Sep 17 00:00:00 2001
From: Mimi <1119186082@qq.com>
Date: Wed, 6 Dec 2023 13:04:55 +0800
Subject: [PATCH] Compare integrity with ground truth

---
 lib/comment.js | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/lib/comment.js b/lib/comment.js
index a207c0a..6fac2fe 100644
--- a/lib/comment.js
+++ b/lib/comment.js
@@ -24,7 +24,7 @@ if (diff.length > 0) {
   console.log('The following packages are updated in the Pull Request.');
   console.log(diff.map(item => '- ' + item).join('\n'));
   console.log('\nThe affected CDN links are listed below.');
-  main();
+  printCDNTable();
 } else {
   console.log('No packages are updated in the Pull Request.');
 }
@@ -44,6 +44,7 @@ async function checkIntegrity(url) {
   return new Promise((resolve, reject) => {
     const req = https.get(url, response => {
       ssri.fromStream(response, { algorithms: ['sha256'] })
+        .then(integrity => integrity.toString())
         .then(resolve);
     });
     req.on('error', error => {
@@ -52,13 +53,19 @@ async function checkIntegrity(url) {
   });
 }
 
-async function format(name, links) {
+async function formatTable(name, links, groundTruth) {
   let content = '';
   for (const [key, url] of Object.entries(links)) {
     if (!['jsdelivr', 'unpkg', 'cdnjs'].includes(key)) continue;
     const statusCode = await request(url);
-    const integrity = (statusCode === 200) ? await checkIntegrity(url) : '❌';
-    content += `| [${key}](${url}) | ${statusCode === 200 ? '✅ 200' : '❌ ' + statusCode} | ${integrity} |\n`;
+    let integrityMatch;
+    if (statusCode === 200) {
+      const integrity = await checkIntegrity(url);
+      integrityMatch = integrity === groundTruth ? '✅' : '❌';
+    } else {
+      integrityMatch = '❌';
+    }
+    content += `| [${key}](${url}) | ${statusCode === 200 ? '✅' : '❌'} ${statusCode} | ${integrityMatch} |\n`;
   }
   console.log(`
 ## ${name}
@@ -68,12 +75,15 @@ async function format(name, links) {
 ${content}`);
 }
 
-async function main() {
+async function printCDNTable() {
   for (const [key, value] of Object.entries(dependencies)) {
     const { name, file } = value;
     if (!diff.includes(name) || !file) continue;
     const version = newPlugins[name];
     const links = getVendors({ ...value, version, minified: file });
-    await format(key, links);
+    const integrity = await ssri
+      .fromStream(fs.createReadStream(`./node_modules/${name}/${file}`), { algorithms: ['sha256'] })
+      .toString();
+    await formatTable(key, links, integrity);
   }
 }