Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: the SHASUMS256.txt download is corrupted with custom filename mirror options set #165

Open
ghost opened this issue Jun 26, 2020 · 2 comments
Open

bug: the SHASUMS256.txt download is corrupted with custom filename mirror options set #165

ghost opened this issue Jun 26, 2020 · 2 comments
Labels
🪲 bug Something isn't working

Comments

@ghost
Copy link

ghost commented Jun 26, 2020

When downloading from a mirror and specifying a custom filename, the SHASUMS256.txt is always invalid. When the checksum is downloaded in this case

get/src/index.ts

Lines 125 to 138 in 9034cc4

if (
!artifactDetails.artifactName.startsWith('SHASUMS256') &&
!artifactDetails.unsafelyDisableChecksums
) {
const shasumPath = await downloadArtifact({
isGeneric: true,
version: artifactDetails.version,
artifactName: 'SHASUMS256.txt',
force: artifactDetails.force,
downloadOptions: artifactDetails.downloadOptions,
cacheRoot: artifactDetails.cacheRoot,
downloader: artifactDetails.downloader,
mirrorOptions: artifactDetails.mirrorOptions,
});
there are two places where the filename used to build the download url can be overwritten by mirror options and corrupt the resulting SHASUMS256.txt file. One is if the mirrorOptions.customFilename is set and the other is if any of the custom_filename env vars are set:

get/src/artifact-utils.ts

Line 61 in 9034cc4

const file = mirrorVar('customFilename', opts, getArtifactFileName(details));

get/src/artifact-utils.ts

Lines 27 to 43 in 9034cc4

function mirrorVar(
name: keyof Omit<MirrorOptions, 'resolveAssetURL'>,
options: MirrorOptions,
defaultValue: string,
) {
// Convert camelCase to camel_case for env var reading
const lowerName = name.replace(/([a-z])([A-Z])/g, (_, a, b) => `${a}_${b}`).toLowerCase();
return (
process.env[`NPM_CONFIG_ELECTRON_${lowerName.toUpperCase()}`] ||
process.env[`npm_config_electron_${lowerName}`] ||
process.env[`npm_package_config_electron_${lowerName}`] ||
process.env[`ELECTRON_${lowerName.toUpperCase()}`] ||
options[name] ||
defaultValue
);
}
In either case, the default filename for the checksum passed as 'SHASUMS256.txt' gets chosen last after the custom filename and gets overwritten

Can reproduce by setting the mirror var for electron custom filename and trying to get the electron binary via downloadArtifact(). The checksum will error with Error: Could not parse checksum file at line 1: PK as the SHASUMS256.txt is invalid
@ghost ghost changed the title bug: the SHASUMS256.txt download fails with CUSTOM_FILENAME env vars set bug: the SHASUMS256.txt download is corrupted with CUSTOM_FILENAME env vars set Jun 26, 2020
@ghost ghost changed the title bug: the SHASUMS256.txt download is corrupted with CUSTOM_FILENAME env vars set bug: the SHASUMS256.txt download is corrupted with custom filename mirror options set Jun 26, 2020
@ophirKatz
Copy link

Hey, did you find a fix for the issue or is it still pending?
I'm struggling with it as-well

@ghost
Copy link
Author

ghost commented Feb 1, 2021

Hi, I believe this issue is still pending, although I think it could have a quick fix. I was forced to work around it by using custom directory structures only, and no custom filenames

@dsanders11 dsanders11 added the 🪲 bug Something isn't working label Aug 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🪲 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dsanders11 @ophirKatz