Class: Gem::Guardian::VerificationResult

Inherits:

Data

• Object
• Data
• Gem::Guardian::VerificationResult

Defined in:

lib/gem/guardian/verifier.rb

Overview

Result object for a single verification attempt.

Instance Attribute Summary

• #actual_sha256 ⇒ String^? readonly

  SHA256 computed from the downloaded .gem artifact.

• #artifact_path ⇒ String^? readonly

  Local path to the downloaded artifact.

• #checksum_source ⇒ Symbol^? readonly

  :lockfile, :registry, or :artifact.

• #dependency ⇒ Dependency readonly

  Dependency being verified.

• #error ⇒ Exception^? readonly

  Verification error when status is :error.

• #expected_sha256 ⇒ String^? readonly

  Independent checksum used as the primary expected digest, or nil when the artifact was only recorded.

• #registry_checksum_provider ⇒ String^? readonly

  Checksum provider name, such as rubygems-api, compact-index, or url.

• #registry_checksum_uri ⇒ String^? readonly

  Sanitized URI where the registry or publisher checksum can be inspected.

• #registry_sha256 ⇒ String^? readonly

  Registry or publisher checksum used as an optional cross-check.

• #status ⇒ Symbol readonly

  :ok, :mismatch, or :error.

Instance Method Summary

• #ok? ⇒ Boolean

  Indicates whether the verification result is successful.

Instance Attribute Details

#actual_sha256 ⇒ String^? (readonly)

Returns SHA256 computed from the downloaded .gem artifact.

Returns:

• (String, nil) —

  SHA256 computed from the downloaded .gem artifact

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#artifact_path ⇒ String^? (readonly)

Returns local path to the downloaded artifact.

Returns:

• (String, nil) —

  local path to the downloaded artifact

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#checksum_source ⇒ Symbol^? (readonly)

Returns :lockfile, :registry, or :artifact.

Returns:

• (Symbol, nil) —

  :lockfile, :registry, or :artifact

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#dependency ⇒ Dependency (readonly)

Returns dependency being verified.

Returns:

• (Dependency) —

  dependency being verified

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#error ⇒ Exception^? (readonly)

Returns verification error when status is :error.

Returns:

• (Exception, nil) —

  verification error when status is :error

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#expected_sha256 ⇒ String^? (readonly)

Returns independent checksum used as the primary expected digest, or nil when the artifact was only recorded.

Returns:

• (String, nil) —

  independent checksum used as the primary expected digest, or nil when the artifact was only recorded

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#registry_checksum_provider ⇒ String^? (readonly)

Returns checksum provider name, such as rubygems-api, compact-index, or url.

Returns:

• (String, nil) —

  checksum provider name, such as rubygems-api, compact-index, or url

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#registry_checksum_uri ⇒ String^? (readonly)

Returns sanitized URI where the registry or publisher checksum can be inspected.

Returns:

• (String, nil) —

  sanitized URI where the registry or publisher checksum can be inspected

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#registry_sha256 ⇒ String^? (readonly)

Returns registry or publisher checksum used as an optional cross-check.

Returns:

• (String, nil) —

  registry or publisher checksum used as an optional cross-check

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

#status ⇒ Symbol (readonly)

Returns :ok, :mismatch, or :error.

Returns:

• (Symbol) —

  :ok, :mismatch, or :error

# File 'lib/gem/guardian/verifier.rb', line 28

VerificationResult = Data.define(:dependency, :expected_sha256, :actual_sha256, :artifact_path, :status, :error,
                                 :checksum_source, :registry_sha256, :registry_checksum_provider,
                                 :registry_checksum_uri) do
  # Indicates whether the verification result is successful.
  #
  # For +:artifact+ results, success means the artifact digest was recorded,
  # not that an independent checksum comparison occurred.
  #
  # @return [Boolean] +true+ when +status+ is +:ok+
  def ok?
    status == :ok
  end
end

Instance Method Details

#ok? ⇒ Boolean

Indicates whether the verification result is successful.

For :artifact results, success means the artifact digest was recorded, not that an independent checksum comparison occurred.

Returns:

• (Boolean) —

  true when status is :ok

# File 'lib/gem/guardian/verifier.rb', line 37

def ok?
  status == :ok
end