mirror of
https://github.com/asdf-vm/asdf-nodejs.git
synced 2024-10-06 07:42:08 +08:00
Fix install
This commit is contained in:
parent
c3aec726a2
commit
b7430cbecc
@ -189,7 +189,7 @@ download_and_verify_checksums() {
|
|||||||
export GNUPGHOME="${ASDF_DIR:-$HOME/.asdf}/keyrings/nodejs"
|
export GNUPGHOME="${ASDF_DIR:-$HOME/.asdf}/keyrings/nodejs"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! $gnugp_verify_command_name --keyring asdf-nodejs.gpg --display-charset utf-8 --verify "$signed_checksum_file" 2>/dev/null; then
|
if ! $gnugp_verify_command_name --no-default-keyring --keyring asdf-nodejs.gpg --display-charset utf-8 --verify "$signed_checksum_file" 2>/dev/null; then
|
||||||
# Try default keyring
|
# Try default keyring
|
||||||
if ! $gnugp_verify_command_name --display-charset utf-8 --verify "$signed_checksum_file" 2>/dev/null; then
|
if ! $gnugp_verify_command_name --display-charset utf-8 --verify "$signed_checksum_file" 2>/dev/null; then
|
||||||
echo "Authenticity of checksum file can not be assured! Please be sure to check the README of asdf-nodejs in case you did not yet import the needed PGP keys. If you already did that then that is the point to become SUSPICIOUS! There must be a reason why this is failing. If you are installing an older NodeJS version you might need to import OpenPGP keys of previous release managers. Exiting." >&2
|
echo "Authenticity of checksum file can not be assured! Please be sure to check the README of asdf-nodejs in case you did not yet import the needed PGP keys. If you already did that then that is the point to become SUSPICIOUS! There must be a reason why this is failing. If you are installing an older NodeJS version you might need to import OpenPGP keys of previous release managers. Exiting." >&2
|
||||||
@ -198,6 +198,7 @@ download_and_verify_checksums() {
|
|||||||
fi
|
fi
|
||||||
## Mitigates: https://github.com/nodejs/node/issues/6821
|
## Mitigates: https://github.com/nodejs/node/issues/6821
|
||||||
local authentic_checksum_file="$tmp_download_dir/authentic_SHASUMS256.txt"
|
local authentic_checksum_file="$tmp_download_dir/authentic_SHASUMS256.txt"
|
||||||
|
$gnugp_verify_command_name --no-default-keyring --keyring asdf-nodejs.gpg --output "${authentic_checksum_file}" --decrypt "$signed_checksum_file" 2>/dev/null || \
|
||||||
$gnugp_verify_command_name --output "${authentic_checksum_file}" --decrypt "$signed_checksum_file" 2>/dev/null
|
$gnugp_verify_command_name --output "${authentic_checksum_file}" --decrypt "$signed_checksum_file" 2>/dev/null
|
||||||
)
|
)
|
||||||
elif [ "${NODEJS_CHECK_SIGNATURES}" == "strict" ]; then
|
elif [ "${NODEJS_CHECK_SIGNATURES}" == "strict" ]; then
|
||||||
|
Loading…
Reference in New Issue
Block a user