mirror of
https://github.com/MedzikUser/go-github-selfupdate.git
synced 2024-08-15 03:25:29 +00:00
116dfa144d
Go-self-update lacks support for checking integrity of downloaded files. For more advanced situation it's necessary to validate the hash or verify against public signatures. This patch adds support for SHA2 hash and ECDSA PublicKey signature validation. SHA2 uses file with suffix `.sha256`, whereas ECDSA uses `.sig` file endings. See `selfupdate/validate_test.go` for examples. Signed-off-by: Tobias Kohlbau <t.kohlbau@myopenfactory.com>
33 lines
946 B
Go
33 lines
946 B
Go
package selfupdate
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/blang/semver"
|
|
)
|
|
|
|
// Release represents a release asset for current OS and arch.
|
|
type Release struct {
|
|
// Version is the version of the release
|
|
Version semver.Version
|
|
// AssetURL is a URL to the uploaded file for the release
|
|
AssetURL string
|
|
// AssetSize represents the size of asset in bytes
|
|
AssetByteSize int
|
|
// AssetID is the ID of the asset on GitHub
|
|
AssetID int64
|
|
// ValidationAssetID is the ID of additional validaton asset on GitHub
|
|
ValidationAssetID int64
|
|
// URL is a URL to release page for browsing
|
|
URL string
|
|
// ReleaseNotes is a release notes of the release
|
|
ReleaseNotes string
|
|
// Name represents a name of the release
|
|
Name string
|
|
// PublishedAt is the time when the release was published
|
|
PublishedAt *time.Time
|
|
// RepoOwner is the owner of the repository of the release
|
|
RepoOwner string
|
|
// RepoName is the name of the repository of the release
|
|
RepoName string
|
|
}
|