UNPKG

@salesforce/plugin-trust

Version:

validate a digital signature for a npm package

github.com/salesforcecli/plugin-trust

salesforcecli/plugin-trust

83 lines (82 loc) 2.6 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
import { Readable } from 'node:stream'; import { URL } from 'node:url'; import { Ux } from '@salesforce/sf-plugins-core/Ux'; import { Logger } from '@salesforce/core'; import { NpmMeta } from './npmCommand.js'; import { type NpmName } from './npmName.js'; export declare const DEFAULT_REGISTRY = "https://registry.npmjs.org/"; export type ConfigContext = { configDir?: string; cacheDir?: string; dataDir?: string; cliRoot?: string; }; export type Verifier = { verify(): Promise<NpmMeta>; isAllowListed(): Promise<boolean>; }; declare class CodeVerifierInfo { private signature?; private publicKey?; private data?; get dataToVerify(): Readable; set dataToVerify(value: Readable); get signatureStream(): Readable; set signatureStream(value: Readable); get publicKeyStream(): Readable; set publicKeyStream(value: Readable); } export declare function verify(codeVerifierInfo: CodeVerifierInfo): Promise<boolean>; export declare const getNpmRegistry: () => URL; export declare function isAllowListed({ logger, configPath, name, }: { logger: Logger; configPath: string; name?: string; }): Promise<boolean>; /** * class for verifying a digital signature pack of an npm */ export declare class InstallationVerification implements Verifier { private pluginNpmName?; private config?; private logger?; /** * setter for the cli engine config * * @param _config cli engine config */ setConfig(_config?: ConfigContext): InstallationVerification; /** * setter for the plugin name * * @param _pluginName the published plugin name */ setPluginNpmName(_pluginName?: NpmName | undefined): InstallationVerification; /** * validates the digital signature. */ verify(): Promise<NpmMeta>; isAllowListed(): Promise<boolean>; /** * Downloads the tgz file content and stores it in a cache folder */ streamTagGz(): Promise<NpmMeta>; private getConfigPath; private getCachePath; /** * Invoke npm to discover a urls for the certificate and digital signature. */ private retrieveNpmMeta; private getLogger; } export declare class VerificationConfig { verifier?: Verifier; private ux; log(message: string): void; } export declare const doPrompt: (ux: Ux) => (plugin?: string) => Promise<void>; export declare const doInstallationCodeSigningVerification: (ux: Ux) => (config: ConfigContext, plugin: { plugin: string; tag: string; }, verificationConfig: VerificationConfig) => Promise<void>; export {};