extern/hishtory
1
0
Fork 0
mirror of https://github.com/ddworken/hishtory.git synced 2025-08-25 05:26:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update slsa integration to use the shared library for parsing version strings

Browse Source
This commit is contained in:
David Dworken
2023-11-09 20:51:47 -08:00
parent e11c4554fe
commit 165cdd9187
2 changed files with 28 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
client/lib/slsa.go
View File

@@ -8,9 +8,9 @@ import (
"fmt"
"io"
"os"
"strconv"
"strings"
"github.com/ddworken/hishtory/shared"
"github.com/slsa-framework/slsa-verifier/options"
"github.com/slsa-framework/slsa-verifier/verifiers"
)
@@ -30,16 +30,15 @@ func verify(ctx context.Context, provenance []byte, artifactHash, source, branch
}
func checkForDowngrade(currentVersionS, newVersionS string) error {
currentVersion, err := strconv.Atoi(strings.TrimPrefix(currentVersionS, "v0."))
currentVersion, err := shared.ParseVersionString(currentVersionS)
if err != nil {
return fmt.Errorf("failed to parse current version %#v", currentVersionS)
return fmt.Errorf("failed to parse current version string: %w", err)
}
newVersion, err := strconv.Atoi(strings.TrimPrefix(newVersionS, "v0."))
newVersion, err := shared.ParseVersionString(newVersionS)
if err != nil {
return fmt.Errorf("failed to parse updated version %#v", newVersionS)
return fmt.Errorf("failed to parse new version string: %w", err)
}
// TODO: migrate this to the version parser struct
if currentVersion > newVersion {
if currentVersion.GreaterThan(newVersion) {
return fmt.Errorf("failed to update because the new version (%#v) is a downgrade compared to the current version (%#v)", newVersionS, currentVersionS)
}
return nil