diff --git a/js/container-baby.ts b/js/container-baby.ts index 85af051..1a78706 100644 --- a/js/container-baby.ts +++ b/js/container-baby.ts @@ -4,11 +4,9 @@ import { join } from "node:path"; import { promisify } from "node:util"; import { tar2squashfs } from "./tar2squashfs.js"; import { subtle } from "node:crypto"; -const execFile = promisify(_execFile); type RegistryName = string; type RegistrySecret = string; -// const downloadBlob = memoizeDownloader(_downloadBlob); const getToken = memoizeDownloader(_getToken); let squashfsDownloads = new Map>(); @@ -181,14 +179,6 @@ async function jsonBlob(image: string, digest: string): Promise { return (await res.json()) as T; } -// // We can't just trust the digest as some evil image or registry can lie with -// // their own digests, using one of another image but inserting malware in it. -// // If we just cache according to the digest without verifying digests, this -// // attack is possible. -// function blobKey(image: string, digest: string): string { -// return `${image.replaceAll("/", "%")}#${digest}`; -// } - function memoizeDownloader( downloader: (id: string) => Promise ): (id: string) => Promise { @@ -204,27 +194,6 @@ function memoizeDownloader( }; } -// async function _downloadBlob(key: string) { -// let [image, digest] = key.split("#"); -// image = image.replaceAll("%", "/"); -// const path = join(tmpDir, key); -// const res = await getBlob(image, digest); -// try { -// await access(path); -// // cacheado, actualizar mtime y devolver -// utimes(path, new Date(), new Date()); -// return path; -// } catch (error) {} - -// const tempKey = `.${key}.downloading.${nanoid()}`; -// const tempFile = await open(join(tmpDir, tempKey), "wx"); -// await res.body!.pipeTo(Writable.toWeb(tempFile.createWriteStream())); -// await tempFile.close(); - -// await rename(tempKey, path); -// return path; -// } - // https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md#properties type Descriptor = { digest: string; diff --git a/js/tar2squashfs.js b/js/tar2squashfs.js index e6be542..14c96bb 100644 --- a/js/tar2squashfs.js +++ b/js/tar2squashfs.js @@ -5,8 +5,7 @@ import gunzip from "gunzip-maybe"; import { spawn } from "node:child_process"; -import { Duplex, Readable, Writable } from "node:stream"; -import { pipeline } from "node:stream/promises"; +import { Duplex, Writable } from "node:stream"; import { ReadableStream } from "node:stream/web"; import { extract, pack } from "tar-stream";