Class: Gem::Guardian::ChecksumProvider::Url

Inherits:

Object

Object
Gem::Guardian::ChecksumProvider::Url

show all

Defined in:: lib/gem/guardian/checksum_provider.rb

Overview

Reads checksum metadata from a publisher-controlled checksum URL.

This is intentionally generic. Commercial or self-hosted publishers can expose a stable checksum file without implementing RubyGems.org metadata APIs. For example, a publisher could host:

https://example.com/checksums/mammoth-pro-1.0.0.gem.sha256

The template supports these placeholders:

+name+
+version+
+platform+
+filename+

The response body may contain either a bare SHA256 or a line such as:

Constant Summary collapse

SHA256_PATTERN =

/\b([a-fA-F0-9]{64})\b/

OPEN_TIMEOUT =

READ_TIMEOUT =

Instance Method Summary collapse

#checksum_for(dependency, client:) ⇒ Result^?
Provider result when the configured URL returns a parseable SHA256, otherwise +nil+.
#initialize(template:, http: Net::HTTP, provider_name: "url") ⇒ Url constructor
A new instance of Url.

Constructor Details

#initialize(template:, http: Net::HTTP, provider_name: "url") ⇒ `Url`

Returns a new instance of Url.

Parameters:

template (String) —
URL template containing dependency placeholders such as +filename+
http (#get_response) (defaults to: Net::HTTP) —
HTTP client, mainly for tests. When omitted, +Net::HTTP+ is used with explicit timeouts.
provider_name (String) (defaults to: "url") —
provider label used in reports and JSON output

# File 'lib/gem/guardian/checksum_provider.rb', line 131

def initialize(template:, http: Net::HTTP, provider_name: "url")
  @template = template
  @http = http
  @provider_name = provider_name
end

Instance Method Details

#checksum_for(dependency, client:) ⇒ `Result`^?

Returns provider result when the configured URL returns a parseable SHA256, otherwise +nil+.