-
Notifications
You must be signed in to change notification settings - Fork 173
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactoring of the CLI interface #291
Conversation
No idea why Node.js 20.0 seems unable to use the Nock files from 16.x, but only on Windows 🤔 I think I'll just remove the 16.x tests, since it's EOL on Sep 11 anyway ... Edit: Actually it worked after a restart - I think a timeout caused some requests to not run, which messed with how Nock answers the http requests. |
Thanks for keeping those! That will help as we migrate support for multiple versions of corepack 👍 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please update the doc in the README?
sources/corepackUtils.ts
Outdated
? stream.pipe(createHash(build[0])) | ||
: null; | ||
|
||
const hash = stream.pipe(createHash(build[0] ?? `sha256`)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suggest we use sha224
because it's shorter
const hash = stream.pipe(createHash(build[0] ?? `sha256`)); | |
const hash = stream.pipe(createHash(build[0] ?? `sha224`)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd have a small preference for sha256 because it's more well-known. I suspect most people seeing sha224 will wonder whether it's less secure and perhaps document themselves about it. sha256 seems less friction for users.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's easy to change if folks complain about it, but I suspect most folks won't pay attention to it – unless they're into software security, in which case I have the feeling they'd know what sha224 is. Until anyone complains sha224
seems a better choice for me, no strong feelings though
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sha224 seems a better choice for me
Can you explain why?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because it's shorter, and more than strong enough for what that hash is used for.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My intuition is that the extra characters won't change a lot the experience, but sha256 is more well-known. I kept it as-is for this iteration.
Should be good to merge. |
PR-URL: #49486 Refs: nodejs/corepack#291 Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: #49486 Refs: nodejs/corepack#291 Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: nodejs#49486 Refs: nodejs/corepack#291 Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This PR is the first step towards implementing the changes from #274
corepack install -g [--all] ...
corepack install
corepack use [pattern]
corepack up
corepack pack ...
I added tests for
use
andup
since those are new;install
andpack
should already covered by the existing tests, which I migrated fromprepare
/hydrate
to the new commands.The old commands are still there, but I removed their help messages so they don't appear in
corepack -h
anymore.