diff options
Diffstat (limited to 'deps/npm/node_modules/tuf-js/dist/updater.js')
-rw-r--r-- | deps/npm/node_modules/tuf-js/dist/updater.js | 30 |
1 files changed, 17 insertions, 13 deletions
diff --git a/deps/npm/node_modules/tuf-js/dist/updater.js b/deps/npm/node_modules/tuf-js/dist/updater.js index 7f8b6bedee..68243e554f 100644 --- a/deps/npm/node_modules/tuf-js/dist/updater.js +++ b/deps/npm/node_modules/tuf-js/dist/updater.js @@ -31,6 +31,7 @@ const config_1 = require("./config"); const error_1 = require("./error"); const fetcher_1 = require("./fetcher"); const store_1 = require("./store"); +const url = __importStar(require("./utils/url")); class Updater { constructor(options) { const { metadataDir, metadataBaseUrl, targetDir, targetBaseUrl, fetcher, config, } = options; @@ -75,12 +76,13 @@ class Updater { const consistentSnapshot = this.trustedSet.root.signed.consistentSnapshot; if (consistentSnapshot && this.config.prefixTargetsWithHash) { const hashes = Object.values(targetInfo.hashes); - const basename = path.basename(targetFilePath); - targetFilePath = `${hashes[0]}.${basename}`; + const { dir, base } = path.parse(targetFilePath); + const filename = `${hashes[0]}.${base}`; + targetFilePath = dir ? `${dir}/${filename}` : filename; } - const url = path.join(targetBaseUrl, targetFilePath); + const targetUrl = url.join(targetBaseUrl, targetFilePath); // Client workflow 5.7.3: download target file - await this.fetcher.downloadFile(url, targetInfo.length, async (fileName) => { + await this.fetcher.downloadFile(targetUrl, targetInfo.length, async (fileName) => { // Verify hashes and length of downloaded file await targetInfo.verify(fs.createReadStream(fileName)); // Copy file to target path @@ -116,10 +118,10 @@ class Updater { const lowerBound = rootVersion + 1; const upperBound = lowerBound + this.config.maxRootRotations; for (let version = lowerBound; version <= upperBound; version++) { - const url = path.join(this.metadataBaseUrl, `${version}.root.json`); + const rootUrl = url.join(this.metadataBaseUrl, `${version}.root.json`); try { // Client workflow 5.3.3: download new root metadata file - const bytesData = await this.fetcher.downloadBytes(url, this.config.rootMaxLength); + const bytesData = await this.fetcher.downloadBytes(rootUrl, this.config.rootMaxLength); // Client workflow 5.3.4 - 5.4.7 this.trustedSet.updateRoot(bytesData); // Client workflow 5.3.8: persist root metadata file @@ -142,9 +144,9 @@ class Updater { // continue } //Load from remote (whether local load succeeded or not) - const url = path.join(this.metadataBaseUrl, `timestamp.json`); + const timestampUrl = url.join(this.metadataBaseUrl, 'timestamp.json'); // Client workflow 5.4.1: download timestamp metadata file - const bytesData = await this.fetcher.downloadBytes(url, this.config.timestampMaxLength); + const bytesData = await this.fetcher.downloadBytes(timestampUrl, this.config.timestampMaxLength); try { // Client workflow 5.4.2 - 5.4.4 this.trustedSet.updateTimestamp(bytesData); @@ -178,10 +180,10 @@ class Updater { const version = this.trustedSet.root.signed.consistentSnapshot ? snapshotMeta.version : undefined; - const url = path.join(this.metadataBaseUrl, version ? `${version}.snapshot.json` : `snapshot.json`); + const snapshotUrl = url.join(this.metadataBaseUrl, version ? `${version}.snapshot.json` : 'snapshot.json'); try { // Client workflow 5.5.1: download snapshot metadata file - const bytesData = await this.fetcher.downloadBytes(url, maxLength); + const bytesData = await this.fetcher.downloadBytes(snapshotUrl, maxLength); // Client workflow 5.5.2 - 5.5.6 this.trustedSet.updateSnapshot(bytesData); // Client workflow 5.5.7: persist snapshot metadata file @@ -213,10 +215,10 @@ class Updater { const version = this.trustedSet.root.signed.consistentSnapshot ? metaInfo.version : undefined; - const url = path.join(this.metadataBaseUrl, version ? `${version}.${role}.json` : `${role}.json`); + const metadataUrl = url.join(this.metadataBaseUrl, version ? `${version}.${role}.json` : `${role}.json`); try { // Client workflow 5.6.1: download targets metadata file - const bytesData = await this.fetcher.downloadBytes(url, maxLength); + const bytesData = await this.fetcher.downloadBytes(metadataUrl, maxLength); // Client workflow 5.6.2 - 5.6.6 this.trustedSet.updateDelegatedTargets(bytesData, role, parentRole); // Client workflow 5.6.7: persist targets metadata file @@ -291,7 +293,9 @@ class Updater { if (!this.targetDir) { throw new error_1.ValueError('Target directory not set'); } - return path.join(this.targetDir, targetInfo.path); + // URL encode target path + const filePath = encodeURIComponent(targetInfo.path); + return path.join(this.targetDir, filePath); } async persistMetadata(metaDataName, bytesData) { try { |