Merge pull request #440 from codecov/2.0.2-token-fixes

2.0.2 token fixes
2025-12-23 20:27:02 +08:00 · 2021-07-23 07:48:24 -07:00
parent 88c796db18 0bbb08247a
commit 51d810878b
6 changed files with 50 additions and 38 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 2.0.2
+### Fixes
+- Underlying uploader fixes issues with tokens not being sent properly for users seeing
+  `Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found`
+- #440 fix: Validation ordering
+
 ## 2.0.1
 ### Fixes
 - #424 fix: Issue in building all deep dependencies
--- a/dist/index.js
+++ b/dist/index.js
@@ -12849,7 +12849,7 @@ var core = __nccwpck_require__(2186);
 // EXTERNAL MODULE: ./node_modules/@actions/github/lib/github.js
 var github = __nccwpck_require__(5438);
 ;// CONCATENATED MODULE: ./package.json
-const package_namespaceObject = {"i8":"2.0.1"};
+const package_namespaceObject = {"i8":"2.0.2"};
 ;// CONCATENATED MODULE: ./src/buildExec.ts


@@ -13061,22 +13061,23 @@ const verify = (filename) => __awaiter(void 0, void 0, void 0, function* () {
        else {
            setFailure('Codecov: Error validating SHASUM signature', true);
        }
-        // Verify uploader
-        const uploaderSha = external_crypto_.createHash(`sha256`);
-        const stream = external_fs_.createReadStream(filename);
-        yield stream
-            .on('data', (data) => {
-            uploaderSha.update(data);
-        }).on('end', () => __awaiter(void 0, void 0, void 0, function* () {
-            const hash = `${uploaderSha.digest('hex')}  ${uploaderName}`;
-            if (hash !== shasum) {
-                setFailure('Codecov: Uploader shasum does not match ' +
-                    `uploader hash: ${hash}, public hash: ${shasum}`, true);
-            }
-            else {
-                core.info('==> Uploader SHASUM verified');
-            }
-        }));
+        const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
+            const stream = external_fs_.createReadStream(filename);
+            const uploaderSha = external_crypto_.createHash(`sha256`);
+            stream.pipe(uploaderSha);
+            return new Promise((resolve, reject) => {
+                stream.on('end', () => resolve(`${uploaderSha.digest('hex')}  ${uploaderName}`));
+                stream.on('error', reject);
+            });
+        });
+        const hash = yield calculateHash(filename);
+        if (hash === shasum) {
+            core.info(`==> Uploader SHASUM verified (${hash})`);
+        }
+        else {
+            setFailure('Codecov: Uploader shasum does not match -- ' +
+                `uploader hash: ${hash}, public hash: ${shasum}`, true);
+        }
    }
    catch (err) {
        setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
  "name": "codecov-action",
-  "version": "2.0.1",
+  "version": "2.0.2",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "codecov-action",
-  "version": "2.0.1",
+  "version": "2.0.2",
  "description": "Upload coverage reports to Codecov from GitHub Actions",
  "main": "index.js",
  "scripts": {
--- a/src/validate.ts
+++ b/src/validate.ts
@@ -44,24 +44,29 @@ const verify = async (filename: string) => {
      setFailure('Codecov: Error validating SHASUM signature', true);
    }

-    // Verify uploader
-    const uploaderSha = crypto.createHash(`sha256`);
-    const stream = fs.createReadStream(filename);
-    await stream
-        .on('data', (data) => {
-          uploaderSha.update(data);
-        }).on('end', async () => {
-          const hash = `${uploaderSha.digest('hex')}  ${uploaderName}`;
-          if (hash !== shasum) {
-            setFailure(
-                'Codecov: Uploader shasum does not match ' +
-                  `uploader hash: ${hash}, public hash: ${shasum}`,
-                true,
-            );
-          } else {
-            core.info('==> Uploader SHASUM verified');
-          }
-        });
+    const calculateHash = async (filename: string) => {
+      const stream = fs.createReadStream(filename);
+      const uploaderSha = crypto.createHash(`sha256`);
+      stream.pipe(uploaderSha);
+
+      return new Promise((resolve, reject) => {
+        stream.on('end', () => resolve(
+            `${uploaderSha.digest('hex')}  ${uploaderName}`,
+        ));
+        stream.on('error', reject);
+      });
+    };
+
+    const hash = await calculateHash(filename);
+    if (hash === shasum) {
+      core.info(`==> Uploader SHASUM verified (${hash})`);
+    } else {
+      setFailure(
+          'Codecov: Uploader shasum does not match -- ' +
+            `uploader hash: ${hash}, public hash: ${shasum}`,
+          true,
+      );
+    }
  } catch (err) {
    setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
  }