verify

package
v0.5.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 19, 2019 License: BSD-3-Clause Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source
const HashVersion = 1

HashVersion is an arbitrary number that identifies the hash algorithm used by the directory hasher.

1: SHA256, as implemented in crypto/sha256

Variables

This section is empty.

Functions

func CheckDepTree

func CheckDepTree(osDirname string, wantDigests map[string]VersionedDigest) (map[string]VendorStatus, error)

CheckDepTree verifies a dependency tree according to expected digest sums, and returns an associative array of file system nodes and their respective vendor status conditions.

The keys to the expected digest sums associative array represent the project's dependencies, and each is required to be expressed using the solidus character, `/`, as its path separator. For example, even on a GOOS platform where the file system path separator is a character other than solidus, one particular dependency would be represented as "github.com/alice/alice1".

Types

type ConstraintMismatch

type ConstraintMismatch struct {
	C gps.Constraint
	V gps.Version
}

ConstraintMismatch is a two-tuple of a gps.Version, and a gps.Constraint that does not allow that version.

type DeltaDimension

type DeltaDimension uint32

DeltaDimension defines a bitset enumerating all of the different dimensions along which a Lock, and its constitutent components, can change.

const (
	InputImportsChanged DeltaDimension = 1 << iota
	ProjectAdded
	ProjectRemoved
	SourceChanged
	VersionChanged
	RevisionChanged
	PackagesChanged
	PruneOptsChanged
	HashVersionChanged
	HashChanged
	AnyChanged = (1 << iota) - 1
)

Each flag represents an ortohgonal dimension along which Locks can vary with respect to each other.

type LockDelta

type LockDelta struct {
	AddedImportInputs   []string
	RemovedImportInputs []string
	ProjectDeltas       map[gps.ProjectRoot]LockedProjectDelta
}

LockDelta represents all possible differences between two Locks.

func DiffLocks

func DiffLocks(l1, l2 gps.Lock) LockDelta

DiffLocks compares two locks and computes a semantically rich delta between them.

func (LockDelta) Changed

func (ld LockDelta) Changed(dims DeltaDimension) bool

Changed indicates whether the delta contains a change along the dimensions with their corresponding bits set.

This implementation checks the topmost-level Lock properties

func (LockDelta) Changes

func (ld LockDelta) Changes() DeltaDimension

Changes returns a bitset indicating the dimensions along which deltas exist across all contents of the LockDelta.

This recurses down into the individual LockedProjectDeltas contained within the LockDelta. A single delta along a particular dimension from a single project is sufficient to flip the bit on for that dimension.

type LockSatisfaction

type LockSatisfaction struct {
	// If LockExisted is false, it indicates that a nil gps.Lock was passed to
	// LockSatisfiesInputs().
	LockExisted bool
	// MissingImports is the set of import paths that were present in the
	// inputs but missing in the Lock.
	MissingImports []string
	// ExcessImports is the set of import paths that were present in the Lock
	// but absent from the inputs.
	ExcessImports []string
	// UnmatchedConstraints reports any normal, non-override constraint rules that
	// were not satisfied by the corresponding LockedProject in the Lock.
	UnmetConstraints map[gps.ProjectRoot]ConstraintMismatch
	// UnmatchedOverrides reports any override rules that were not satisfied by the
	// corresponding LockedProject in the Lock.
	UnmetOverrides map[gps.ProjectRoot]ConstraintMismatch
}

LockSatisfaction holds the compound result of LockSatisfiesInputs, allowing the caller to inspect each of several orthogonal possible types of failure.

The zero value assumes that there was no input lock, which necessarily means the inputs were not satisfied. This zero value means we err on the side of failure.

func LockSatisfiesInputs

func LockSatisfiesInputs(l gps.Lock, m gps.RootManifest, ptree pkgtree.PackageTree) LockSatisfaction

LockSatisfiesInputs determines whether the provided Lock satisfies all the requirements indicated by the inputs (RootManifest and PackageTree).

The second parameter is expected to be the list of imports that were used to generate the input Lock. Without this explicit list, it is not possible to compute package imports that may have been removed. Figuring out that negative space would require exploring the entire graph to ensure there are no in-edges for particular imports.

func (LockSatisfaction) Satisfied

func (ls LockSatisfaction) Satisfied() bool

Satisfied is a shortcut method that indicates whether there were any ways in which the Lock did not satisfy the inputs. It will return true only if the Lock was satisfactory in all respects vis-a-vis the inputs.

type LockedProjectDelta

type LockedProjectDelta struct {
	Name                         gps.ProjectRoot
	ProjectRemoved, ProjectAdded bool
	LockedProjectPropertiesDelta
}

LockedProjectDelta represents all possible state changes of a LockedProject within a Lock. It encapsulates the property-level differences represented by a LockedProjectPropertiesDelta, but can also represent existence deltas - a given name came to exist, or cease to exist, across two Locks.

func (LockedProjectDelta) Changed

func (ld LockedProjectDelta) Changed(dims DeltaDimension) bool

Changed indicates whether the delta contains a change along the dimensions with their corresponding bits set.

For example, if only the Revision changed, and this method is called with SourceChanged | VersionChanged, it will return false; if it is called with VersionChanged | RevisionChanged, it will return true.

func (LockedProjectDelta) Changes

func (ld LockedProjectDelta) Changes() DeltaDimension

Changes returns a bitset indicating the dimensions along which there were changes between the compared LockedProjects. This includes both existence-level deltas (add/remove) and property-level deltas.

func (LockedProjectDelta) WasAdded

func (ld LockedProjectDelta) WasAdded() bool

WasAdded returns true if the named project did not exist in the first lock, but did exist in the second lock.

func (LockedProjectDelta) WasRemoved

func (ld LockedProjectDelta) WasRemoved() bool

WasRemoved returns true if the named project existed in the first lock, but did not exist in the second lock.

type LockedProjectPropertiesDelta

type LockedProjectPropertiesDelta struct {
	PackagesAdded, PackagesRemoved      []string
	VersionBefore, VersionAfter         gps.UnpairedVersion
	RevisionBefore, RevisionAfter       gps.Revision
	SourceBefore, SourceAfter           string
	PruneOptsBefore, PruneOptsAfter     gps.PruneOptions
	HashVersionBefore, HashVersionAfter int
	HashChanged                         bool
}

LockedProjectPropertiesDelta represents all possible differences between the properties of two LockedProjects. It can represent deltas for VerifiableProject properties, as well.

func DiffLockedProjectProperties

func DiffLockedProjectProperties(lp1, lp2 gps.LockedProject) LockedProjectPropertiesDelta

DiffLockedProjectProperties takes two gps.LockedProject and computes a delta for each of their component properties.

This function is focused exclusively on the properties of a LockedProject. As such, it does not compare the ProjectRoot part of the LockedProject's ProjectIdentifier, as those are names, and the concern here is a difference in properties, not intrinsic identity.

func (LockedProjectPropertiesDelta) Changed

Changed indicates whether the delta contains a change along the dimensions with their corresponding bits set.

For example, if only the Revision changed, and this method is called with SourceChanged | VersionChanged, it will return false; if it is called with VersionChanged | RevisionChanged, it will return true.

func (LockedProjectPropertiesDelta) Changes

Changes returns a bitset indicating the dimensions along which there were changes between the compared LockedProjects.

func (LockedProjectPropertiesDelta) HashVersionChanged

func (ld LockedProjectPropertiesDelta) HashVersionChanged() bool

HashVersionChanged returns true if the version of the hashing algorithm changed between the first and second locks.

func (LockedProjectPropertiesDelta) HashVersionWasZero

func (ld LockedProjectPropertiesDelta) HashVersionWasZero() bool

HashVersionWasZero returns true if the first lock had a zero hash version, which can only mean it was uninitialized.

func (LockedProjectPropertiesDelta) PackagesChanged

func (ld LockedProjectPropertiesDelta) PackagesChanged() bool

PackagesChanged returns true if the package set gained or lost members (or both) between the first and second locks.

func (LockedProjectPropertiesDelta) PruneOptsChanged

func (ld LockedProjectPropertiesDelta) PruneOptsChanged() bool

PruneOptsChanged returns true if the pruning flags for the project changed between the first and second locks.

func (LockedProjectPropertiesDelta) RevisionChanged

func (ld LockedProjectPropertiesDelta) RevisionChanged() bool

RevisionChanged returns true if the revision property differed between the first and second locks.

func (LockedProjectPropertiesDelta) SourceChanged

func (ld LockedProjectPropertiesDelta) SourceChanged() bool

SourceChanged returns true if the source field differed between the first and second locks.

func (LockedProjectPropertiesDelta) VersionChanged

func (ld LockedProjectPropertiesDelta) VersionChanged() bool

VersionChanged returns true if the version property differed between the first and second locks. In addition to simple changes (e.g. 1.0.1 -> 1.0.2), this also includes all possible version type changes either going from a paired version to a plain revision, or the reverse direction, or the type of unpaired version changing (e.g. branch -> semver).

type VendorStatus

type VendorStatus uint8

VendorStatus represents one of a handful of possible status conditions for a particular file system node in the vendor directory tree.

const (
	// NotInLock is used when a file system node exists for which there is no
	// corresponding dependency in the lock file.
	NotInLock VendorStatus = iota

	// NotInTree is used when a lock file dependency exists for which there is
	// no corresponding file system node.
	NotInTree

	// NoMismatch is used when the digest for a dependency listed in the
	// lockfile matches what is calculated from the file system.
	NoMismatch

	// EmptyDigestInLock is used when the digest for a dependency listed in the
	// lock file is the empty string. While this is a special case of
	// DigestMismatchInLock, separating the cases is a desired feature.
	EmptyDigestInLock

	// DigestMismatchInLock is used when the digest for a dependency listed in
	// the lock file does not match what is calculated from the file system.
	DigestMismatchInLock

	// HashVersionMismatch indicates that the hashing algorithm used to generate
	// the digest being compared against is not the same as the one used by the
	// current program.
	HashVersionMismatch
)

func (VendorStatus) String

func (ls VendorStatus) String() string

type VerifiableProject

type VerifiableProject struct {
	gps.LockedProject
	PruneOpts gps.PruneOptions
	Digest    VersionedDigest
}

VerifiableProject composes a LockedProject to indicate what the hash digest of a file tree for that LockedProject should be, given the PruneOptions and the list of packages.

type VersionedDigest

type VersionedDigest struct {
	HashVersion int
	Digest      []byte
}

VersionedDigest comprises both a hash digest, and a simple integer indicating the version of the hash algorithm that produced the digest.

func DigestFromDirectory

func DigestFromDirectory(osDirname string) (VersionedDigest, error)

DigestFromDirectory returns a hash of the specified directory contents, which will match the hash computed for any directory on any supported Go platform whose contents exactly match the specified directory.

This function ignores any file system node named `vendor`, `.bzr`, `.git`, `.hg`, and `.svn`, as these are typically used as Version Control System (VCS) directories.

Other than the `vendor` and VCS directories mentioned above, the calculated hash includes the pathname to every discovered file system node, whether it is an empty directory, a non-empty directory, an empty file, or a non-empty file.

Symbolic links are excluded, as they are not considered valid elements in the definition of a Go module.

func ParseVersionedDigest

func ParseVersionedDigest(input string) (VersionedDigest, error)

ParseVersionedDigest decodes the string representation of versioned digest information - a colon-separated string with a version number in the first part and the hex-encdoed hash digest in the second - as a VersionedDigest.

func (VersionedDigest) IsEmpty

func (vd VersionedDigest) IsEmpty() bool

IsEmpty indicates if the VersionedDigest is the zero value.

func (VersionedDigest) String

func (vd VersionedDigest) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL