ssri@5.3.0

Add option to throw when checks fail.

Credit: @zkat

4 files changed, 59 insertions, 14 deletions

diff --git a/node_modules/ssri/CHANGELOG.md b/node_modules/ssri/CHANGELOG.md
index f90bb70f7..5c0689488 100644
--- a/node_modules/ssri/CHANGELOG.md
+++ b/node_modules/ssri/CHANGELOG.md
@@ -2,6 +2,16 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+<a name="5.3.0"></a>
+# [5.3.0](https://github.com/zkat/ssri/compare/v5.2.4...v5.3.0) (2018-03-13)
+
+
+### Features
+
+* **checkData:** optionally throw when checkData fails ([bf26b84](https://github.com/zkat/ssri/commit/bf26b84))
+
+
+
 <a name="5.2.4"></a>
 ## [5.2.4](https://github.com/zkat/ssri/compare/v5.2.3...v5.2.4) (2018-02-16)
 
diff --git a/node_modules/ssri/README.md b/node_modules/ssri/README.md
index 801141817..a6c07e740 100644
--- a/node_modules/ssri/README.md
+++ b/node_modules/ssri/README.md
@@ -389,6 +389,9 @@ If `opts.pickAlgorithm` is provided, it will be used by
 [`Integrity#pickAlgorithm`](#integrity-pick-algorithm) when deciding which of
 the available digests to match against.
 
+If `opts.error` is true, and verification fails, `checkData` will throw either
+an `EBADSIZE` or an `EINTEGRITY` error, instead of just returning false.
+
 ##### Example
 
 ```javascript
@@ -396,6 +399,7 @@ const data = fs.readFileSync('index.js')
 ssri.checkData(data, ssri.fromData(data)) // -> 'sha512'
 ssri.checkData(data, 'sha256-l981iLWj8kurw4UbNy8Lpxqdzd7UOxS50Glhv8FwfZ0')
 ssri.checkData(data, 'sha1-BaDDigEST') // -> false
+ssri.checkData(data, 'sha1-BaDDigEST', {error: true}) // -> Error! EINTEGRITY
 ```
 
 #### <a name="check-stream"></a> `> ssri.checkStream(stream, sri, [opts]) -> Promise<Hash>`
diff --git a/node_modules/ssri/index.js b/node_modules/ssri/index.js
index 5418256f1..ff7881f7c 100644
--- a/node_modules/ssri/index.js
+++ b/node_modules/ssri/index.js
@@ -216,10 +216,39 @@ module.exports.checkData = checkData
 function checkData (data, sri, opts) {
   opts = opts || {}
   sri = parse(sri, opts)
-  if (!Object.keys(sri).length) { return false }
+  if (!Object.keys(sri).length) {
+    if (opts.error) {
+      throw Object.assign(
+        new Error('No valid integrity hashes to check against'), {
+          code: 'EINTEGRITY'
+        }
+      )
+    } else {
+      return false
+    }
+  }
   const algorithm = sri.pickAlgorithm(opts)
   const digest = crypto.createHash(algorithm).update(data).digest('base64')
-  return parse({algorithm, digest}).match(sri, opts)
+  const newSri = parse({algorithm, digest})
+  const match = newSri.match(sri, opts)
+  if (match || !opts.error) {
+    return match
+  } else if (typeof opts.size === 'number' && (data.length !== opts.size)) {
+    const err = new Error(`data size mismatch when checking ${sri}.\n  Wanted: ${opts.size}\n  Found: ${data.length}`)
+    err.code = 'EBADSIZE'
+    err.found = data.length
+    err.expected = opts.size
+    err.sri = sri
+    throw err
+  } else {
+    const err = new Error(`Integrity checksum failed when using ${algorithm}: Wanted ${sri}, but got ${newSri}. (${data.length} bytes)`)
+    err.code = 'EINTEGRITY'
+    err.found = newSri
+    err.expected = sri
+    err.algorithm = algorithm
+    err.sri = sri
+    throw err
+  }
 }
 
 module.exports.checkStream = checkStream
diff --git a/node_modules/ssri/package.json b/node_modules/ssri/package.json
index 59f5c92f3..abfc47626 100644
--- a/node_modules/ssri/package.json
+++ b/node_modules/ssri/package.json
@@ -1,31 +1,33 @@
 {
-  "_from": "ssri@latest",
-  "_id": "ssri@5.2.4",
+  "_from": "ssri@5.3.0",
+  "_id": "ssri@5.3.0",
   "_inBundle": false,
-  "_integrity": "sha512-UnEAgMZa15973iH7cUi0AHjJn1ACDIkaMyZILoqwN6yzt+4P81I8tBc5Hl+qwi5auMplZtPQsHrPBR5vJLcQtQ==",
+  "_integrity": "sha512-XRSIPqLij52MtgoQavH/x/dU1qVKtWUAAZeOHsR9c2Ddi4XerFy3mc1alf+dLJKl9EUIm/Ht+EowFkTUOA6GAQ==",
   "_location": "/ssri",
   "_phantomChildren": {},
   "_requested": {
-    "type": "tag",
+    "type": "version",
     "registry": true,
-    "raw": "ssri@latest",
+    "raw": "ssri@5.3.0",
     "name": "ssri",
     "escapedName": "ssri",
-    "rawSpec": "latest",
+    "rawSpec": "5.3.0",
     "saveSpec": null,
-    "fetchSpec": "latest"
+    "fetchSpec": "5.3.0"
   },
   "_requiredBy": [
     "#USER",
     "/",
     "/cacache",
+    "/npm-profile/make-fetch-happen",
+    "/npm-registry-client",
     "/pacote",
     "/pacote/make-fetch-happen"
   ],
-  "_resolved": "https://registry.npmjs.org/ssri/-/ssri-5.2.4.tgz",
-  "_shasum": "9985e14041e65fc397af96542be35724ac11da52",
-  "_spec": "ssri@latest",
-  "_where": "/Users/zkat/Documents/code/npm",
+  "_resolved": "https://registry.npmjs.org/ssri/-/ssri-5.3.0.tgz",
+  "_shasum": "ba3872c9c6d33a0704a7d71ff045e5ec48999d06",
+  "_spec": "ssri@5.3.0",
+  "_where": "/Users/rebecca/code/npm",
   "author": {
     "name": "Kat Marchán",
     "email": "kzm@sykosomatic.org"
@@ -89,5 +91,5 @@
     "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'",
     "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'"
   },
-  "version": "5.2.4"
+  "version": "5.3.0"
 }