diff --git a/node_modules/@sigstore/tuf/dist/client.js b/node_modules/@sigstore/tuf/dist/client.js index 797346d39e620..865d52b73027e 100644 --- a/node_modules/@sigstore/tuf/dist/client.js +++ b/node_modules/@sigstore/tuf/dist/client.js @@ -25,8 +25,8 @@ const tuf_js_1 = require("tuf-js"); const target_1 = require("./target"); class TUFClient { constructor(options) { - initTufCache(options.cachePath, options.rootPath); - const remote = initRemoteConfig(options.cachePath, options.mirrorURL); + initTufCache(options); + const remote = initRemoteConfig(options); this.updater = initClient(options.cachePath, remote, options); } async refresh() { @@ -42,7 +42,7 @@ exports.TUFClient = TUFClient; // created. If the targets directory does not exist, it will be created. // If the root.json file does not exist, it will be copied from the // rootPath argument. -function initTufCache(cachePath, tufRootPath) { +function initTufCache({ cachePath, rootPath: tufRootPath, force, }) { const targetsPath = path_1.default.join(cachePath, 'targets'); const cachedRootPath = path_1.default.join(cachePath, 'root.json'); if (!fs_1.default.existsSync(cachePath)) { @@ -51,7 +51,9 @@ function initTufCache(cachePath, tufRootPath) { if (!fs_1.default.existsSync(targetsPath)) { fs_1.default.mkdirSync(targetsPath); } - if (!fs_1.default.existsSync(cachedRootPath)) { + // If the root.json file does not exist (or we're forcing re-initialization), + // copy it from the rootPath argument + if (!fs_1.default.existsSync(cachedRootPath) || force) { fs_1.default.copyFileSync(tufRootPath, cachedRootPath); } return cachePath; @@ -59,14 +61,18 @@ function initTufCache(cachePath, tufRootPath) { // Initializes the remote.json file, which contains the URL of the TUF // repository. If the file does not exist, it will be created. If the file // exists, it will be parsed and returned. -function initRemoteConfig(rootDir, mirrorURL) { +function initRemoteConfig({ cachePath, mirrorURL, force, }) { let remoteConfig; - const remoteConfigPath = path_1.default.join(rootDir, 'remote.json'); - if (fs_1.default.existsSync(remoteConfigPath)) { + const remoteConfigPath = path_1.default.join(cachePath, 'remote.json'); + // If the remote config file exists, read it and parse it (skip if force is + // true) + if (!force && fs_1.default.existsSync(remoteConfigPath)) { const data = fs_1.default.readFileSync(remoteConfigPath, 'utf-8'); remoteConfig = JSON.parse(data); } - if (!remoteConfig) { + // If the remote config file does not exist (or we're forcing initialization), + // create it + if (!remoteConfig || force) { remoteConfig = { mirror: mirrorURL }; fs_1.default.writeFileSync(remoteConfigPath, JSON.stringify(remoteConfig)); } diff --git a/node_modules/@sigstore/tuf/dist/index.js b/node_modules/@sigstore/tuf/dist/index.js index 0d201c356dffc..297c7231408c2 100644 --- a/node_modules/@sigstore/tuf/dist/index.js +++ b/node_modules/@sigstore/tuf/dist/index.js @@ -1,6 +1,6 @@ "use strict"; Object.defineProperty(exports, "__esModule", { value: true }); -exports.TUFError = exports.initTUF = exports.getTrustedRoot = void 0; +exports.TUFError = exports.initTUF = exports.getTrustedRoot = exports.DEFAULT_MIRROR_URL = void 0; /* Copyright 2023 The Sigstore Authors. @@ -19,8 +19,8 @@ limitations under the License. const protobuf_specs_1 = require("@sigstore/protobuf-specs"); const appdata_1 = require("./appdata"); const client_1 = require("./client"); +exports.DEFAULT_MIRROR_URL = 'https://tuf-repo-cdn.sigstore.dev'; const DEFAULT_CACHE_DIR = 'sigstore-js'; -const DEFAULT_MIRROR_URL = 'https://tuf-repo-cdn.sigstore.dev'; const DEFAULT_TUF_ROOT_PATH = '../store/public-good-instance-root.json'; const DEFAULT_RETRY = { retries: 2 }; const DEFAULT_TIMEOUT = 5000; @@ -46,9 +46,10 @@ function createClient(options) { return new client_1.TUFClient({ cachePath: options.cachePath || (0, appdata_1.appDataPath)(DEFAULT_CACHE_DIR), rootPath: options.rootPath || require.resolve(DEFAULT_TUF_ROOT_PATH), - mirrorURL: options.mirrorURL || DEFAULT_MIRROR_URL, + mirrorURL: options.mirrorURL || exports.DEFAULT_MIRROR_URL, retry: options.retry ?? DEFAULT_RETRY, timeout: options.timeout ?? DEFAULT_TIMEOUT, + force: options.force ?? false, }); } var error_1 = require("./error"); diff --git a/node_modules/@sigstore/tuf/package.json b/node_modules/@sigstore/tuf/package.json index a655d52a0407a..38d5a03ad5be1 100644 --- a/node_modules/@sigstore/tuf/package.json +++ b/node_modules/@sigstore/tuf/package.json @@ -1,6 +1,6 @@ { "name": "@sigstore/tuf", - "version": "2.1.0", + "version": "2.2.0", "description": "Client for the Sigstore TUF repository", "main": "dist/index.js", "types": "dist/index.d.ts", diff --git a/package-lock.json b/package-lock.json index ebf0e10b8ee1e..7bd064a521a8c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -97,7 +97,7 @@ "@npmcli/package-json": "^5.0.0", "@npmcli/promise-spawn": "^7.0.0", "@npmcli/run-script": "^7.0.2", - "@sigstore/tuf": "^2.1.0", + "@sigstore/tuf": "^2.2.0", "abbrev": "^2.0.0", "archy": "~1.0.0", "cacache": "^18.0.0", @@ -3818,9 +3818,9 @@ } }, "node_modules/@sigstore/tuf": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@sigstore/tuf/-/tuf-2.1.0.tgz", - "integrity": "sha512-BUoVCx+7Wj+8moEGvUU2MyBI+f93lmg1CLmoG6KrhQMeDyAG8HAZNk+YRCNuvwvSDCfPhwsj37Bg63/Q+bnGsw==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@sigstore/tuf/-/tuf-2.2.0.tgz", + "integrity": "sha512-KKATZ5orWfqd9ZG6MN8PtCIx4eevWSuGRKQvofnWXRpyMyUEpmrzg5M5BrCpjM+NfZ0RbNGOh5tCz/P2uoRqOA==", "inBundle": true, "dependencies": { "@sigstore/protobuf-specs": "^0.2.1", diff --git a/package.json b/package.json index 2ac49b670d4fb..0403402193eaa 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "@npmcli/package-json": "^5.0.0", "@npmcli/promise-spawn": "^7.0.0", "@npmcli/run-script": "^7.0.2", - "@sigstore/tuf": "^2.1.0", + "@sigstore/tuf": "^2.2.0", "abbrev": "^2.0.0", "archy": "~1.0.0", "cacache": "^18.0.0",