diff --git a/lib/manager/bazel/update.js b/lib/manager/bazel/update.js
index e22e6539c50eb1748353f2d411632f5c04e5e399..cc63efc569025cdd28225a1fd186614b8e23e810 100644
--- a/lib/manager/bazel/update.js
+++ b/lib/manager/bazel/update.js
@@ -1,10 +1,17 @@
-const crypto = require('crypto');
+const hasha = require('hasha');
const got = require('../../util/got');
module.exports = {
updateDependency,
};
+async function getHash(url) {
+ const hash = await hasha.fromStream(got.stream(url), {
+ algorithm: 'sha256',
+ });
+ return hash;
+}
+
async function updateDependency(fileContent, upgrade) {
try {
logger.debug(
@@ -30,25 +37,18 @@ async function updateDependency(fileContent, upgrade) {
);
}
} else if (upgrade.depType === 'http_archive' && upgrade.newValue) {
- const [, shortRepo] = upgrade.repo.split('/');
- let newUrl;
- let file;
+ let hash;
try {
- newUrl = `https://github.com/${upgrade.repo}/releases/download/${upgrade.newValue}/${shortRepo}-${upgrade.newValue}.tar.gz`;
- file = (await got(newUrl, {
- encoding: null,
- })).body;
+ const [, shortRepo] = upgrade.repo.split('/');
+ const url = `https://github.com/${upgrade.repo}/releases/download/${upgrade.newValue}/${shortRepo}-${upgrade.newValue}.tar.gz`;
+ hash = await getHash(url);
} catch (err) {
logger.debug(
'Failed to download release download - trying archive instead'
);
- newUrl = `https://github.com/${upgrade.repo}/archive/${upgrade.newValue}.tar.gz`;
- file = (await got(newUrl, { encoding: null })).body;
+ const url = `https://github.com/${upgrade.repo}/archive/${upgrade.newValue}.tar.gz`;
+ hash = await getHash(url);
}
- const hash = crypto
- .createHash('sha256')
- .update(Buffer.from(file))
- .digest('hex');
const valuePattern = new RegExp(
upgrade.currentValue.replace(/\./g, '\\.').replace(/^v/, ''),
'g'
@@ -60,12 +60,8 @@ async function updateDependency(fileContent, upgrade) {
newDef = newDef.replace(/(sha256\s*=\s*)"[^"]+"/, `$1"${hash}"`);
} else if (upgrade.depType === 'http_archive' && upgrade.newDigest) {
const [, shortRepo] = upgrade.repo.split('/');
- const newUrl = `https://github.com/${upgrade.repo}/archive/${upgrade.newDigest}.tar.gz`;
- const file = (await got(newUrl, { encoding: null })).body;
- const hash = crypto
- .createHash('sha256')
- .update(Buffer.from(file))
- .digest('hex');
+ const url = `https://github.com/${upgrade.repo}/archive/${upgrade.newDigest}.tar.gz`;
+ const hash = await getHash(url);
newDef = upgrade.def.replace(/(sha256\s*=\s*)"[^"]+"/, `$1"${hash}"`);
newDef = newDef.replace(
new RegExp(`(strip_prefix\\s*=\\s*)"[^"]*"`),
diff --git a/package.json b/package.json
index 40785a352fd72f53df58d956e43151b26fa42a92..06ea71828afeae7bd5b34b50305c54fd17040a50 100644
--- a/package.json
+++ b/package.json
@@ -112,6 +112,7 @@
"github-url-from-git": "1.5.0",
"got": "9.6.0",
"handlebars": "4.1.2",
+ "hasha": "5.0.0",
"ini": "1.3.5",
"isomorphic-git": "0.55.2",
"js-yaml": "3.13.1",
diff --git a/test/manager/bazel/update.spec.js b/test/manager/bazel/update.spec.js
index f7bea837934b805c10bdbc7cbe3b3fdcf8228ea0..eb1d1e9a99223085217418c603bb45f685a65569 100644
--- a/test/manager/bazel/update.spec.js
+++ b/test/manager/bazel/update.spec.js
@@ -1,8 +1,9 @@
const fs = require('fs');
+const hasha = require('hasha');
const path = require('path');
-const got = require('../../../lib/util/got');
const bazelfile = require('../../../lib/manager/bazel/update');
+jest.mock('hasha');
jest.mock('../../../lib/util/got');
const content = fs.readFileSync(
@@ -30,6 +31,9 @@ git_repository(
describe('manager/bazel/update', () => {
describe('updateDependency', () => {
+ beforeEach(() => {
+ jest.resetAllMocks();
+ });
it('updates tag', async () => {
const upgrade = {
depName: 'build_bazel_rules_nodejs',
@@ -102,9 +106,13 @@ describe('manager/bazel/update', () => {
currentValue: '0.7.1',
newValue: '0.8.1',
};
- got.mockReturnValueOnce({ body: '' });
+ hasha.fromStream.mockImplementationOnce(() => {
+ throw new Error('not found');
+ });
+ hasha.fromStream.mockImplementationOnce(() => 'abc123');
const res = await bazelfile.updateDependency(content, upgrade);
expect(res).not.toEqual(content);
+ expect(res.includes('abc123')).toBe(true);
expect(res.indexOf('0.8.1')).not.toBe(-1);
});
it('updates http archive with content other then WORKSPACE', async () => {
@@ -121,7 +129,7 @@ describe('manager/bazel/update', () => {
currentValue: '0.6.0',
newValue: '0.8.0',
};
- got.mockReturnValueOnce({ body: '' });
+ hasha.fromStream.mockReturnValueOnce('abc123');
const res = await bazelfile.updateDependency(
fileWithBzlExtension,
upgrade
@@ -137,7 +145,7 @@ describe('manager/bazel/update', () => {
def: `http_archive(\n name="distroless",\n sha256="f7a6ecfb8174a1dd4713ea3b21621072996ada7e8f1a69e6ae7581be137c6dd6",\n strip_prefix="distroless-446923c3756ceeaa75888f52fcbdd48bb314fbf8",\n urls=["https://github.com/GoogleContainerTools/distroless/archive/446923c3756ceeaa75888f52fcbdd48bb314fbf8.tar.gz"]\n)`,
newDigest: '033387ac8853e6cc1cd47df6c346bc53cbc490d8',
};
- got.mockReturnValueOnce({ body: '' });
+ hasha.fromStream.mockReturnValueOnce('abc123');
const res = await bazelfile.updateDependency(content, upgrade);
expect(res).not.toEqual(content);
});
@@ -150,8 +158,10 @@ describe('manager/bazel/update', () => {
currentValue: '0.7.1',
newValue: '0.8.1',
};
- got.mockReturnValueOnce(null);
- got.mockReturnValueOnce({ body: '' });
+ hasha.fromStream.mockImplementationOnce(() => {
+ throw new Error('not found');
+ });
+ hasha.fromStream.mockImplementationOnce(() => 'abc123');
const res = await bazelfile.updateDependency(content, upgrade);
expect(res).not.toEqual(content);
expect(res.indexOf('0.8.1')).not.toBe(-1);
@@ -176,7 +186,7 @@ http_archive(
currentValue: '0.5.0',
newValue: '0.6.2',
};
- got.mockReturnValueOnce({ body: '' });
+ hasha.fromStream.mockReturnValueOnce('abc123');
const res = await bazelfile.updateDependency(content, upgrade);
expect(res).not.toEqual(content);
expect(res.indexOf('0.5.0')).toBe(-1);
diff --git a/yarn.lock b/yarn.lock
index b91d0dbfb230ede85d180ad2e55591e7ba66a69e..7edbcb72899bae9fc9a2f648b3b9c96cc9ee6113 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3982,6 +3982,14 @@ hash.js@^1.0.0:
inherits "^2.0.3"
minimalistic-assert "^1.0.1"
+hasha@5.0.0:
+ version "5.0.0"
+ resolved "https://registry.yarnpkg.com/hasha/-/hasha-5.0.0.tgz#fdc3785caea03df29535fc8adb512c3d3a709004"
+ integrity sha512-PqWdhnQhq6tqD32hZv+l1e5mJHNSudjnaAzgAHfkGiU0ABN6lmbZF8abJIulQHbZ7oiHhP8yL6O910ICMc+5pw==
+ dependencies:
+ is-stream "^1.1.0"
+ type-fest "^0.3.0"
+
he@1.1.1:
version "1.1.1"
resolved "https://registry.yarnpkg.com/he/-/he-1.1.1.tgz#93410fd21b009735151f8868c2f271f3427e23fd"
@@ -9187,6 +9195,11 @@ type-detect@^4.0.0, type-detect@^4.0.5:
resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-4.0.8.tgz#7646fb5f18871cfbb7749e69bd39a6388eb7450c"
integrity sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==
+type-fest@^0.3.0:
+ version "0.3.1"
+ resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.3.1.tgz#63d00d204e059474fe5e1b7c011112bbd1dc29e1"
+ integrity sha512-cUGJnCdr4STbePCgqNFbpVNCepa+kAVohJs1sLhxzdH+gnEoOd8VhbYa7pD3zZYGiURWM2xzEII3fQcRizDkYQ==
+
type-fest@^0.4.1:
version "0.4.1"
resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.4.1.tgz#8bdf77743385d8a4f13ba95f610f5ccd68c728f8"