github/asdf-nodejs
github/asdf-nodejs
3
0
Fork 0
mirror of https://github.com/asdf-vm/asdf-nodejs.git synced 2024-10-06 07:42:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix install

Browse Source
This commit is contained in:
Thomas B Homburg 2020-05-08 14:32:14 +02:00
parent c3aec726a2
commit b7430cbecc
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
bin/install
View File

@ -189,7 +189,7 @@ download_and_verify_checksums() {
export GNUPGHOME="${ASDF_DIR:-$HOME/.asdf}/keyrings/nodejs"
fi
if ! $gnugp_verify_command_name --keyring asdf-nodejs.gpg --display-charset utf-8 --verify "$signed_checksum_file" 2>/dev/null; then
if ! $gnugp_verify_command_name --no-default-keyring --keyring asdf-nodejs.gpg --display-charset utf-8 --verify "$signed_checksum_file" 2>/dev/null; then
# Try default keyring
if ! $gnugp_verify_command_name --display-charset utf-8 --verify "$signed_checksum_file" 2>/dev/null; then
echo "Authenticity of checksum file can not be assured! Please be sure to check the README of asdf-nodejs in case you did not yet import the needed PGP keys. If you already did that then that is the point to become SUSPICIOUS! There must be a reason why this is failing. If you are installing an older NodeJS version you might need to import OpenPGP keys of previous release managers. Exiting." >&2
@ -198,6 +198,7 @@ download_and_verify_checksums() {
fi
## Mitigates: https://github.com/nodejs/node/issues/6821
local authentic_checksum_file="$tmp_download_dir/authentic_SHASUMS256.txt"
$gnugp_verify_command_name --no-default-keyring --keyring asdf-nodejs.gpg --output "${authentic_checksum_file}" --decrypt "$signed_checksum_file" 2>/dev/null || \
$gnugp_verify_command_name --output "${authentic_checksum_file}" --decrypt "$signed_checksum_file" 2>/dev/null
)
elif [ "${NODEJS_CHECK_SIGNATURES}" == "strict" ]; then