-
Notifications
You must be signed in to change notification settings - Fork 240
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Task] Create and publish Sub Resource Integrity (SRI) hashes for the generated scripts #1621 #1622
Conversation
… generated scripts #1621
c67c897
to
f66d1da
Compare
@@ -178,6 +178,8 @@ dist-esm/ | |||
browser/ | |||
types/ | |||
dist/ | |||
# Don't commit the sub resource integrity generated files | |||
**/*.integrity.json |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does each extension generate a integrity.json file? Is it stored under each extension's folder?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, every extension and Sku gets it's own integrity.json file.
Generally, these are included in the browser folder (which is automatically excluded from git).
This one is included as it is also generating a integrity.json file for the snippet, which we don't need to checkin
@@ -373,19 +379,28 @@ Function ValidateAccess | |||
Function GetVersion( | |||
[string] $name | |||
) { | |||
$regMatch = '^(.*\/)*([^\/\d]*\.)(\d+(\.\d+)*(-[^\.]+)?)(\.(?:gbl\.js|gbl\.min\.js|cjs\.js|cjs\.min\.js|js|min\.js)(?:\.map)?)$' | |||
$regMatch = '^(.*\/)*([^\/\d]*\.)(\d+(\.\d+)*(-[^\.]+)?)(\.(?:gbl\.js|gbl\.min\.js|cjs\.js|cjs\.min\.js|js|min\.js|integrity\.json)(?:\.map)?)$' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah so this is to get version from integrity.json file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, this is the list script that we run from the internal DevOps task, this is used to extract and order the output. Examples are in the scripts readme here https://github.com/microsoft/ApplicationInsights-JS/tree/master/AISKU/scripts#listcdnversionsps1
|
||
$ext = $match.groups[6].value | ||
$tokens = $ext.split(".") | ||
if ($tokens.length -gt 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what does -gt
mean?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
-gt is powershells version of greater then >
@@ -570,9 +598,6 @@ if ([string]::IsNullOrWhiteSpace($jsSdkDir) -eq $true) { | |||
$fileTimeStamp = ((get-date).ToUniversalTime()).ToString("yyyyMMddThhmmss") | |||
$logFile = "$logDir\publishReleaseCdnLog_$fileTimeStamp.txt" | |||
|
|||
$cacheControl1Year = "public, max-age=31536000, immutable"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is cache time not needed anymore?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I moved it to the top of the file - it's on line 16 now 😃
No description provided.