Skip to content

Instantly share code, notes, and snippets.

@patcon
Last active April 12, 2022 11:31
Show Gist options
  • Save patcon/88e7e8332e49abd06b79feb1d0a134bd to your computer and use it in GitHub Desktop.
Save patcon/88e7e8332e49abd06b79feb1d0a134bd to your computer and use it in GitHub Desktop.
const fs = require('fs');
const ssri = require('ssri');
const path = require('path');
const npmCachePath = process.env.npm_config_cache;
// Get this from npmjs? Not cache?
let integritySha512 = 'sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg=='
let packageName = 'get-caller-file';
let packageVersion = '2.0.5';
let packagePath = path.join(npmCachePath, packageName, packageVersion, 'package.tgz')
let packageData = fs.readFileSync(packagePath)
let checkedData = ssri.checkData(packageData, integritySha512)
console.log(checkedData)
/**
FAILURE:
false
SUCCESS:
Hash {
source: 'sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==',
digest: 'DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==',
algorithm: 'sha512',
options: []
}
*/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment