Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 51d8108

Browse filesBrowse files
thomasrockhuthomasrockhu
authored
Merge pull request #440 from codecov/2.0.2-token-fixes
2.0.2 token fixes
2 parents 88c796d + 0bbb082 commit 51d8108
Copy full SHA for 51d8108

File tree

Expand file treeCollapse file tree

6 files changed

+50
-38
lines changed
Filter options
Expand file treeCollapse file tree

6 files changed

+50
-38
lines changed

‎CHANGELOG.md

Copy file name to clipboardExpand all lines: CHANGELOG.md
+6Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,9 @@
1+
## 2.0.2
2+
### Fixes
3+
- Underlying uploader fixes issues with tokens not being sent properly for users seeing
4+
`Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found`
5+
- #440 fix: Validation ordering
6+
17
## 2.0.1
28
### Fixes
39
- #424 fix: Issue in building all deep dependencies

‎dist/index.js

Copy file name to clipboardExpand all lines: dist/index.js
+18-17Lines changed: 18 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -12849,7 +12849,7 @@ var core = __nccwpck_require__(2186);
1284912849
// EXTERNAL MODULE: ./node_modules/@actions/github/lib/github.js
1285012850
var github = __nccwpck_require__(5438);
1285112851
;// CONCATENATED MODULE: ./package.json
12852-
const package_namespaceObject = {"i8":"2.0.1"};
12852+
const package_namespaceObject = {"i8":"2.0.2"};
1285312853
;// CONCATENATED MODULE: ./src/buildExec.ts
1285412854

1285512855

@@ -13061,22 +13061,23 @@ const verify = (filename) => __awaiter(void 0, void 0, void 0, function* () {
1306113061
else {
1306213062
setFailure('Codecov: Error validating SHASUM signature', true);
1306313063
}
13064-
// Verify uploader
13065-
const uploaderSha = external_crypto_.createHash(`sha256`);
13066-
const stream = external_fs_.createReadStream(filename);
13067-
yield stream
13068-
.on('data', (data) => {
13069-
uploaderSha.update(data);
13070-
}).on('end', () => __awaiter(void 0, void 0, void 0, function* () {
13071-
const hash = `${uploaderSha.digest('hex')} ${uploaderName}`;
13072-
if (hash !== shasum) {
13073-
setFailure('Codecov: Uploader shasum does not match ' +
13074-
`uploader hash: ${hash}, public hash: ${shasum}`, true);
13075-
}
13076-
else {
13077-
core.info('==> Uploader SHASUM verified');
13078-
}
13079-
}));
13064+
const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
13065+
const stream = external_fs_.createReadStream(filename);
13066+
const uploaderSha = external_crypto_.createHash(`sha256`);
13067+
stream.pipe(uploaderSha);
13068+
return new Promise((resolve, reject) => {
13069+
stream.on('end', () => resolve(`${uploaderSha.digest('hex')} ${uploaderName}`));
13070+
stream.on('error', reject);
13071+
});
13072+
});
13073+
const hash = yield calculateHash(filename);
13074+
if (hash === shasum) {
13075+
core.info(`==> Uploader SHASUM verified (${hash})`);
13076+
}
13077+
else {
13078+
setFailure('Codecov: Uploader shasum does not match -- ' +
13079+
`uploader hash: ${hash}, public hash: ${shasum}`, true);
13080+
}
1308013081
}
1308113082
catch (err) {
1308213083
setFailure(`Codecov: Error validating uploader: ${err.message}`, true);

‎dist/index.js.map

Copy file name to clipboardExpand all lines: dist/index.js.map
+1-1Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

‎package-lock.json

Copy file name to clipboardExpand all lines: package-lock.json
+1-1Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

‎package.json

Copy file name to clipboardExpand all lines: package.json
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "codecov-action",
3-
"version": "2.0.1",
3+
"version": "2.0.2",
44
"description": "Upload coverage reports to Codecov from GitHub Actions",
55
"main": "index.js",
66
"scripts": {

‎src/validate.ts

Copy file name to clipboardExpand all lines: src/validate.ts
+23-18Lines changed: 23 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -44,24 +44,29 @@ const verify = async (filename: string) => {
4444
setFailure('Codecov: Error validating SHASUM signature', true);
4545
}
4646

47-
// Verify uploader
48-
const uploaderSha = crypto.createHash(`sha256`);
49-
const stream = fs.createReadStream(filename);
50-
await stream
51-
.on('data', (data) => {
52-
uploaderSha.update(data);
53-
}).on('end', async () => {
54-
const hash = `${uploaderSha.digest('hex')} ${uploaderName}`;
55-
if (hash !== shasum) {
56-
setFailure(
57-
'Codecov: Uploader shasum does not match ' +
58-
`uploader hash: ${hash}, public hash: ${shasum}`,
59-
true,
60-
);
61-
} else {
62-
core.info('==> Uploader SHASUM verified');
63-
}
64-
});
47+
const calculateHash = async (filename: string) => {
48+
const stream = fs.createReadStream(filename);
49+
const uploaderSha = crypto.createHash(`sha256`);
50+
stream.pipe(uploaderSha);
51+
52+
return new Promise((resolve, reject) => {
53+
stream.on('end', () => resolve(
54+
`${uploaderSha.digest('hex')} ${uploaderName}`,
55+
));
56+
stream.on('error', reject);
57+
});
58+
};
59+
60+
const hash = await calculateHash(filename);
61+
if (hash === shasum) {
62+
core.info(`==> Uploader SHASUM verified (${hash})`);
63+
} else {
64+
setFailure(
65+
'Codecov: Uploader shasum does not match -- ' +
66+
`uploader hash: ${hash}, public hash: ${shasum}`,
67+
true,
68+
);
69+
}
6570
} catch (err) {
6671
setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
6772
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.