Auto-calculate subresource integrity for webring JS

This commit is contained in:
Charlotte Som 2022-03-05 20:22:41 +00:00
parent c32320fec4
commit 1e1fe5b82f
3 changed files with 76 additions and 0 deletions

63
Cargo.lock generated
View file

@ -89,6 +89,15 @@ version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a"
[[package]]
name = "base64"
version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0b25d992356d2eb0ed82172f5248873db5560c4721f564b13cb5193bda5e668e"
dependencies = [
"byteorder",
]
[[package]] [[package]]
name = "bitflags" name = "bitflags"
version = "1.2.1" version = "1.2.1"
@ -416,6 +425,12 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "hex"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "805026a5d0141ffc30abb3be3173848ad46a1b1664fe632428479619a3644d77"
[[package]] [[package]]
name = "html5ever" name = "html5ever"
version = "0.25.1" version = "0.25.1"
@ -492,6 +507,7 @@ dependencies = [
"askama", "askama",
"notify", "notify",
"siru", "siru",
"ssri",
] ]
[[package]] [[package]]
@ -973,6 +989,18 @@ dependencies = [
"opaque-debug", "opaque-debug",
] ]
[[package]]
name = "sha2"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69"
dependencies = [
"block-buffer",
"digest",
"fake-simd",
"opaque-debug",
]
[[package]] [[package]]
name = "shell-words" name = "shell-words"
version = "1.0.0" version = "1.0.0"
@ -1006,6 +1034,21 @@ version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f173ac3d1a7e3b28003f40de0b5ce7fe2710f9b9dc3fc38664cebee46b3b6527" checksum = "f173ac3d1a7e3b28003f40de0b5ce7fe2710f9b9dc3fc38664cebee46b3b6527"
[[package]]
name = "ssri"
version = "7.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a9cec0d388f39fbe79d7aa600e8d38053bf97b1bc8d350da7c0ba800d0f423f2"
dependencies = [
"base64",
"digest",
"hex",
"serde",
"sha-1",
"sha2",
"thiserror",
]
[[package]] [[package]]
name = "static_assertions" name = "static_assertions"
version = "1.1.0" version = "1.1.0"
@ -1080,6 +1123,26 @@ dependencies = [
"unicode-width", "unicode-width",
] ]
[[package]]
name = "thiserror"
version = "1.0.30"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "854babe52e4df1653706b98fcfc05843010039b406875930a70e4d9644e5c417"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.30"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aa32fd3f627f367fe16f893e2597ae3c05020f8bba2666a4e6ea73d377e5714b"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]] [[package]]
name = "time" name = "time"
version = "0.1.44" version = "0.1.44"

View file

@ -14,3 +14,4 @@ path = "build_src/main.rs"
askama = "0.10.5" askama = "0.10.5"
notify = "4.0.17" notify = "4.0.17"
siru = { git = "https://github.com/videogame-hacker/siru.git" } siru = { git = "https://github.com/videogame-hacker/siru.git" }
ssri = "7.0.0"

View file

@ -1,5 +1,7 @@
use crate::*; use crate::*;
use ssri::{Algorithm, IntegrityOpts};
pub fn copy_webring(ctx: &BuildContext) -> Result<()> { pub fn copy_webring(ctx: &BuildContext) -> Result<()> {
log_info("Copying webring…"); log_info("Copying webring…");
copy_dir_recursive( copy_dir_recursive(
@ -7,5 +9,15 @@ pub fn copy_webring(ctx: &BuildContext) -> Result<()> {
ctx.output_dir.join("webring"), ctx.output_dir.join("webring"),
)?; )?;
log_info("Calculating webring integrity…");
let webring_content = ctx.read_bin("webring/webring-0.2.0.js")?;
let integrity = IntegrityOpts::new()
.algorithm(Algorithm::Sha512)
.algorithm(Algorithm::Sha1)
.chain(&webring_content)
.result();
ctx.write("webring/webring-0.2.0.js.integ.txt", integrity.to_string())?;
Ok(()) Ok(())
} }