Tests: validate checksums in all files at once

2024-01-11 02:25:13 +01:00 · 2024-01-11 02:25:13 +01:00 · 65da7155fa
commit 65da7155fa
parent 03d55955e6
1 changed files with 17 additions and 13 deletions
--- a/test/CodeQuality.spec.ts
+++ b/test/CodeQuality.spec.ts
@ -16,7 +16,7 @@ function detectInCode(forbidden: string, reason: string) {
 * @private
 */
 function detectInCodeUnwrapped(forbidden: string, reason: string): Promise<void> {
-    return new Promise<void>((done) => {
+    return new Promise<void>(() => {
        const excludedDirs = [
            ".git",
            "node_modules",
@ -29,9 +29,9 @@ function detectInCodeUnwrapped(forbidden: string, reason: string): Promise<void>
        ]

        const command =
-            'grep -n "' +
+            "grep -n \"" +
            forbidden +
-            '" -r . ' +
+            "\" -r . " +
            excludedDirs.map((d) => "--exclude-dir=" + d).join(" ")
        console.log(command)
        exec(command, (error, stdout, stderr) => {
@ -81,6 +81,7 @@ async function validateScriptIntegrityOf(path: string): Promise<void> {
    const doc = parse_html(htmlContents)
    // @ts-ignore
    const scripts = Array.from(doc.getElementsByTagName("script"))
+    const failed = new Set<string>()
    for (const script of scripts) {
        let src = script.getAttribute("src")
        if (src === undefined) {
@ -106,12 +107,15 @@ async function validateScriptIntegrityOf(path: string): Promise<void> {
        const data: string = (await ScriptUtils.Download(src))["content"]
        const hashed = await webcrypto.subtle.digest("SHA-384", new TextEncoder().encode(data))
        const hashedStr = _arrayBufferToBase64(hashed)
-        console.log(src, hashedStr, integrity)
-        expect(integrity).to.equal(
-            "sha384-" + hashedStr,
-            "Loading a script from '" + src + "' in the file " + path + " has a mismatched checksum"
-        )
+
+        const expected = "sha384-" + hashedStr
+        if (expected !== integrity) {
+            const msg = "Loading a script from '" + src + "' in the file " + path + " has a mismatched checksum: expected " + expected + " but the HTML-file contains " + integrity
+            failed.add(msg)
+            console.warn(msg)
+        }
    }
+    expect(Array.from(failed).join("\n")).to.equal("")
 }

 describe("Code quality", () => {
@ -119,21 +123,21 @@ describe("Code quality", () => {
        "should not contain reverse",
        detectInCode(
            "reverse()",
-            "Reverse is stateful and changes the source list. This often causes subtle bugs"
-        )
+            "Reverse is stateful and changes the source list. This often causes subtle bugs",
+        ),
    )

    it(
        "should not contain 'constructor.name'",
-        detectInCode("constructor\\.name", "This is not allowed, as minification does erase names.")
+        detectInCode("constructor\\.name", "This is not allowed, as minification does erase names."),
    )

    it(
        "should not contain 'innerText'",
        detectInCode(
            "innerText",
-            "innerText is not allowed as it is not testable with fakeDom. Use 'textContent' instead."
-        )
+            "innerText is not allowed as it is not testable with fakeDom. Use 'textContent' instead.",
+        ),
    )

    test("scripts with external sources should have an integrity hash", async () => {