fix: Update validation

2025-12-08 16:16:24 +00:00 · 2021-07-22 12:55:04 -07:00
parent 53f686aaf8
commit 0bbb08247a
4 changed files with 42 additions and 35 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 ### Fixes
 - Underlying uploader fixes issues with tokens not being sent properly for users seeing
  `Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found`
+- #440 fix: Validation ordering

 ## 2.0.1
 ### Fixes
--- a/dist/index.js
+++ b/dist/index.js
@@ -13061,22 +13061,23 @@ const verify = (filename) => __awaiter(void 0, void 0, void 0, function* () {
        else {
            setFailure('Codecov: Error validating SHASUM signature', true);
        }
-        // Verify uploader
-        const uploaderSha = external_crypto_.createHash(`sha256`);
+        const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
            const stream = external_fs_.createReadStream(filename);
-        return yield stream
-            .on('data', (data) => {
-            uploaderSha.update(data);
-        }).on('end', () => __awaiter(void 0, void 0, void 0, function* () {
-            const hash = `${uploaderSha.digest('hex')}  ${uploaderName}`;
-            if (hash !== shasum) {
-                setFailure('Codecov: Uploader shasum does not match\n' +
-                    `uploader hash: ${hash}\npublic hash: ${shasum}`, true);
+            const uploaderSha = external_crypto_.createHash(`sha256`);
+            stream.pipe(uploaderSha);
+            return new Promise((resolve, reject) => {
+                stream.on('end', () => resolve(`${uploaderSha.digest('hex')}  ${uploaderName}`));
+                stream.on('error', reject);
+            });
+        });
+        const hash = yield calculateHash(filename);
+        if (hash === shasum) {
+            core.info(`==> Uploader SHASUM verified (${hash})`);
        }
        else {
-                core.info('==> Uploader SHASUM verified');
+            setFailure('Codecov: Uploader shasum does not match -- ' +
+                `uploader hash: ${hash}, public hash: ${shasum}`, true);
        }
-        }));
    }
    catch (err) {
        setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/src/validate.ts
+++ b/src/validate.ts
@@ -44,24 +44,29 @@ const verify = async (filename: string) => {
      setFailure('Codecov: Error validating SHASUM signature', true);
    }

-    // Verify uploader
-    const uploaderSha = crypto.createHash(`sha256`);
+    const calculateHash = async (filename: string) => {
      const stream = fs.createReadStream(filename);
-    return await stream
-        .on('data', (data) => {
-          uploaderSha.update(data);
-        }).on('end', async () => {
-          const hash = `${uploaderSha.digest('hex')}  ${uploaderName}`;
-          if (hash !== shasum) {
+      const uploaderSha = crypto.createHash(`sha256`);
+      stream.pipe(uploaderSha);
+
+      return new Promise((resolve, reject) => {
+        stream.on('end', () => resolve(
+            `${uploaderSha.digest('hex')}  ${uploaderName}`,
+        ));
+        stream.on('error', reject);
+      });
+    };
+
+    const hash = await calculateHash(filename);
+    if (hash === shasum) {
+      core.info(`==> Uploader SHASUM verified (${hash})`);
+    } else {
      setFailure(
-                'Codecov: Uploader shasum does not match\n' +
-                  `uploader hash: ${hash}\npublic hash: ${shasum}`,
+          'Codecov: Uploader shasum does not match -- ' +
+            `uploader hash: ${hash}, public hash: ${shasum}`,
          true,
      );
-          } else {
-            core.info('==> Uploader SHASUM verified');
    }
-        });
  } catch (err) {
    setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
  }