jussi/zig-overlay
1
0
Fork 0
mirror of https://github.com/mitchellh/zig-overlay.git synced 2025-02-05 08:52:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

verify signature of index.json

Browse source
This commit is contained in:
Mitchell Hashimoto 2023-01-19 15:43:00 -08:00
parent 05f48be62a
commit dccddf644a
No known key found for this signature in database
GPG key ID: 523D5DC389D273BC
2 changed files with 16 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -1,2 +1,4 @@
index.json
index.json.minisig
sources.old.json sources.old.json
sources.new.json sources.new.json

16
update
View file

@ -1,9 +1,21 @@
#!/usr/bin/env nix-shell #!/usr/bin/env nix-shell
#! nix-shell -p curl jq -i sh #! nix-shell -p curl jq minisign -i sh
set -e set -e
# The well known public key for Zig
PUBLIC_KEY="RWSGOq2NVecA2UPNdBUZykf1CCb147pkmdtYxgb3Ti+JO/wCYvhbAb/U"
# Grab the JSON and parse the version
curl -s 'https://ziglang.org/download/index.json' > index.json
VERSION=$(cat index.json | jq -r '.master.version')
echo "Parsing master version: ${VERSION}"
# Verify the signature of the JSON before we parse it
curl -s "https://ziglang.org/builds/zig-${VERSION}-index.json.minisig" > index.json.minisig
minisign -V -P ${PUBLIC_KEY} -x index.json.minisig -m index.json
# Build our new sources.json # Build our new sources.json
curl -s 'https://ziglang.org/download/index.json' | jq ' cat index.json | jq '
["aarch64-linux", "x86_64-linux", "aarch64-macos", "x86_64-macos", "aarch64-windows", "x86_64-windows"] as $targets | ["aarch64-linux", "x86_64-linux", "aarch64-macos", "x86_64-macos", "aarch64-windows", "x86_64-windows"] as $targets |
def todarwin(x): x | gsub("macos"; "darwin"); def todarwin(x): x | gsub("macos"; "darwin");
def toentry(vsn; x): def toentry(vsn; x):