change strongest property type from Array<IntegrityMetadata> to IntegrityMetadataSet

2025-01-18 08:05:13 +00:00 · 2025-01-06 13:41:24 +09:00 · 2025-01-06 13:41:24 +09:00 · 93af3bce3c
commit 93af3bce3c
parent 3d1a4acd2f
3 changed files with 98 additions and 62 deletions
--- a/src/index.ts
+++ b/src/index.ts
@ -241,12 +241,7 @@ export type IntegrityMetadataSetOptions = {
 */
 export class IntegrityMetadataSet {
  #set: ReadonlyArray<IntegrityMetadata>;
-
+  #getPrioritizedHashAlgorithm = getPrioritizedHashAlgorithm;
  /**
   * The strongest (most secure) integrity metadata from the set.
   * @see {@link https://www.w3.org/TR/SRI/#get-the-strongest-metadata-from-set}
   */
  readonly strongest: Array<IntegrityMetadata> = [];
  /**
   * Create an instance of `IntegrityMetadataSet` from integrity metadata or an array of integrity
@ -284,40 +279,23 @@ export class IntegrityMetadataSet {
        _getPrioritizedHashAlgorithm = getPrioritizedHashAlgorithm,
    }: IntegrityMetadataSetOptions = {},
  ) {
-    const set: ReadonlyArray<
+    this.#set = [integrity]
      IntegrityMetadataLike | string | null | undefined
    > = [integrity]
      .flat()
      .flatMap(
        (
          integrity: IntegrityMetadataLike | string | null | undefined,
-        ): ReadonlyArray<IntegrityMetadataLike | string | null | undefined> =>
+        ): ReadonlyArray<IntegrityMetadataLike | string | null | undefined> => {
-          typeof integrity === "string"
+          if (typeof integrity === "string") {
-            ? integrity.split(SeparatorRegex)
+            return integrity.split(SeparatorRegex);
-            : [integrity],
+          }
      );
-    this.#set = set
+          return [integrity];
        },
      )
      .map((integrity) => new IntegrityMetadata(integrity))
      .filter((integrityMetadata) => integrityMetadata.toString() !== "");
-    for (const integrityMetadata of this.#set) {
+    this.#getPrioritizedHashAlgorithm = _getPrioritizedHashAlgorithm;
      const [strongest = new IntegrityMetadata("")] = this.strongest;
      const prioritizedHashAlgorithm = _getPrioritizedHashAlgorithm(
        strongest.alg as HashAlgorithm,
        integrityMetadata.alg as HashAlgorithm,
      );
      switch (prioritizedHashAlgorithm) {
        case "":
          this.strongest.push(integrityMetadata);
          break;
        case integrityMetadata.alg:
          this.strongest = [integrityMetadata];
          break;
      }
    }
  }
  /**
@ -330,7 +308,7 @@ export class IntegrityMetadataSet {
   */
  *[Symbol.iterator](): Generator<IntegrityMetadata> {
    for (const integrityMetadata of this.#set) {
-      yield integrityMetadata;
+      yield new IntegrityMetadata(integrityMetadata);
    }
  }
@ -341,11 +319,44 @@ export class IntegrityMetadataSet {
    return this.#set.length;
  }
  /**
   * The strongest (most secure) integrity metadata from the set.
   * @see {@link https://www.w3.org/TR/SRI/#get-the-strongest-metadata-from-set}
   */
  get strongest(): IntegrityMetadataSet {
    let strongest = new IntegrityMetadataSet([]);
    for (const integrityMetadata of this.#set) {
      const [{ alg } = new IntegrityMetadata("")] = strongest;
      const prioritizedHashAlgorithm = this.#getPrioritizedHashAlgorithm(
        alg as HashAlgorithm,
        integrityMetadata.alg as HashAlgorithm,
      );
      switch (prioritizedHashAlgorithm) {
        case "":
          strongest = new IntegrityMetadataSet([
            ...this.strongest,
            integrityMetadata,
          ]);
          break;
        case integrityMetadata.alg:
          strongest = new IntegrityMetadataSet(integrityMetadata);
          break;
        case alg:
          break;
      }
    }
    return strongest;
  }
  /**
   * Returns an array of the strongest supported hash algorithms in the set.
   */
  get strongestHashAlgorithms(): ReadonlyArray<HashAlgorithm> {
-    const strongestHashAlgorithms = this.strongest
+    const strongestHashAlgorithms = [...this.strongest]
      .map(({ alg }) => alg as HashAlgorithm)
      .filter(Boolean);
--- a/test/integrity-metadata-set/constructor.ts
+++ b/test/integrity-metadata-set/constructor.ts
@ -7,11 +7,16 @@ test("supports SHA-256", function () {
    "sha256-MV9b23bQeMQ7isAGTkoBZGErH853yGk0W/yUx1iU7dM=",
  );
-  assert.deepEqual(set.strongest[0], {
+  assert.deepEqual(
    [...set],
    [
      {
        alg: "sha256",
        val: "MV9b23bQeMQ7isAGTkoBZGErH853yGk0W/yUx1iU7dM=",
        opt: [],
-  });
+      },
    ],
  );
 });
 test("supports SHA-384", function () {
@ -19,11 +24,16 @@ test("supports SHA-384", function () {
    "sha384-VbxVaw0v4Pzlgrpf4Huq//A1ZTY4x6wNVJTCpkwL6hzFczHHwSpFzbyn9MNKCJ7r",
  );
-  assert.deepEqual(set.strongest[0], {
+  assert.deepEqual(
    [...set],
    [
      {
        alg: "sha384",
        val: "VbxVaw0v4Pzlgrpf4Huq//A1ZTY4x6wNVJTCpkwL6hzFczHHwSpFzbyn9MNKCJ7r",
        opt: [],
-  });
+      },
    ],
  );
 });
 test("supports SHA-512", function () {
@ -31,11 +41,16 @@ test("supports SHA-512", function () {
    "sha512-wVJ82JPBJHc9gRkRlwyP5uhX1t9dySJr2KFgYUwM2WOk3eorlLt9NgIe+dhl1c6ilKgt1JoLsmn1H256V/eUIQ==",
  );
-  assert.deepEqual(set.strongest[0], {
+  assert.deepEqual(
    [...set],
    [
      {
        alg: "sha512",
        val: "wVJ82JPBJHc9gRkRlwyP5uhX1t9dySJr2KFgYUwM2WOk3eorlLt9NgIe+dhl1c6ilKgt1JoLsmn1H256V/eUIQ==",
        opt: [],
-  });
+      },
    ],
  );
 });
 test("accepts options", function () {
@ -43,11 +58,16 @@ test("accepts options", function () {
    "sha256-MV9b23bQeMQ7isAGTkoBZGErH853yGk0W/yUx1iU7dM=?foo?bar",
  );
-  assert.deepEqual(set.strongest[0], {
+  assert.deepEqual(
    [...set],
    [
      {
        alg: "sha256",
        val: "MV9b23bQeMQ7isAGTkoBZGErH853yGk0W/yUx1iU7dM=",
        opt: ["foo", "bar"],
-  });
+      },
    ],
  );
 });
 test("accepts an IntegrityMetadata like object as input", function () {
--- a/test/integrity-metadata-set/strongest.ts
+++ b/test/integrity-metadata-set/strongest.ts
@ -1,6 +1,6 @@
 import assert from "node:assert";
 import { test } from "node:test";
-import { IntegrityMetadata, IntegrityMetadataSet } from "../../src/index.ts";
+import { IntegrityMetadataSet } from "../../src/index.ts";
 test("pick the strongest metadata from set", function () {
  const integrityMetadataSet = new IntegrityMetadataSet(`
@ -9,11 +9,12 @@ sha384-VbxVaw0v4Pzlgrpf4Huq//A1ZTY4x6wNVJTCpkwL6hzFczHHwSpFzbyn9MNKCJ7r
 sha512-wVJ82JPBJHc9gRkRlwyP5uhX1t9dySJr2KFgYUwM2WOk3eorlLt9NgIe+dhl1c6ilKgt1JoLsmn1H256V/eUIQ==
 `);
-  assert.deepEqual(integrityMetadataSet.strongest, [
+  assert.deepEqual(
-    new IntegrityMetadata(
+    integrityMetadataSet.strongest,
    new IntegrityMetadataSet(
      "sha512-wVJ82JPBJHc9gRkRlwyP5uhX1t9dySJr2KFgYUwM2WOk3eorlLt9NgIe+dhl1c6ilKgt1JoLsmn1H256V/eUIQ==",
    ),
-  ]);
+  );
 });
 test("if there are no supported algorithms, return the empty set", function () {
@ -22,7 +23,10 @@ sha1-lDpwLQbzRZmu4fjajvn3KWAx1pk=
 md5-bNNVbesNpUvKBgtMOUeYOQ==
 `);
-  assert.deepEqual(integrityMetadataSet.strongest, []);
+  assert.deepEqual(
    integrityMetadataSet.strongest,
    new IntegrityMetadataSet([]),
  );
 });
 test("custom getPrioritizedHashAlgorithm function can be used", function () {
@ -39,9 +43,10 @@ sha512-wVJ82JPBJHc9gRkRlwyP5uhX1t9dySJr2KFgYUwM2WOk3eorlLt9NgIe+dhl1c6ilKgt1JoLs
    },
  );
-  assert.deepEqual(integrityMetadataSet.strongest, [
+  assert.deepEqual(
-    new IntegrityMetadata(
+    integrityMetadataSet.strongest,
    new IntegrityMetadataSet(
      "sha384-VbxVaw0v4Pzlgrpf4Huq//A1ZTY4x6wNVJTCpkwL6hzFczHHwSpFzbyn9MNKCJ7r",
    ),
-  ]);
+  );
 });