diff --git a/src/Composer.php b/src/Composer.php index 1183113..5890af0 100644 --- a/src/Composer.php +++ b/src/Composer.php @@ -28,8 +28,24 @@ public static function postAutoloadDump(Event $event) require_once $vendorDir . '/autoload.php'; $dataDir = \dirname($vendorDir) . '/data'; - (new RemoteFetch($dataDir))->getLatestBundle(); + (new RemoteFetch($dataDir))->getLatestBundle(false, false); + self::dos2unixAll($dataDir); echo '[OK] Remote Fetch of latest CACert Bundle', PHP_EOL; } + + /** + * Prevent newline weirdness with Git from causing invalid files (SHA-256, signatures) + * + * @param string $dataDir + * @return void + */ + protected static function dos2unixAll($dataDir) + { + foreach (glob($dataDir . '/*.pem') as $pemFile) { + $contents = file_get_contents($pemFile); + $fixed = str_replace("\r\n", "\n", $pemFile); + file_put_contents($pemFile, $fixed); + } + } } diff --git a/src/Fetch.php b/src/Fetch.php index c718cbf..a9dc0fa 100644 --- a/src/Fetch.php +++ b/src/Fetch.php @@ -99,7 +99,6 @@ public function getLatestBundle($checkEd25519Signature = null, $checkChronicle = if ($checkEd25519Signature) { $valid = $validator->checkEd25519Signature($bundle); if (!$valid) { - var_dump('invalid signature for' . $bundle->getFilePath()); $this->markBundleAsBad($bundleIndex, 'Ed25519 signature mismatch'); } } @@ -108,11 +107,9 @@ public function getLatestBundle($checkEd25519Signature = null, $checkChronicle = $index = array_search($bundle->getFilePath(), $this->unverified, true); if ($index !== false) { $validChronicle = $validator->checkChronicleHash($bundle); - $valid = $valid && $validChronicle; if ($validChronicle) { unset($this->unverified[$index]); } else { - var_dump('invalid chronicle entry for' . $bundle->getFilePath()); $this->markBundleAsBad($bundleIndex, 'Chronicle'); } }