Add hash validation and support for HTTP(S) and IPFS to command hash anchor-data
#895
Conversation
palas
requested review from
Jimbo4350,
newhoggy,
carbolymer,
smelc,
kevinhammond and
disassembler
as code owners
palas
force-pushed
the
add-hash-validation
branch
10 times, most recently
from
44caf5e
to
cf9cf24
Compare
palas
force-pushed
the
add-hash-validation
branch
2 times, most recently
from
eeb9869
to
02d8367
Compare
| case mExpectedHash of | ||
| Just expectedHash | ||
| | hash /= expectedHash -> | ||
| left $ HashMismatchedHashError expectedHash hash | ||
| | otherwise -> liftIO $ putStrLn "Hashes match!" | ||
| Nothing -> writeHash hash |
There was a problem hiding this comment.
This code bit is surprising a little: specifying the hash in the CLI argument, makes the command ignore --out-file argument. I agree that's redundant here, but for the sake of consistency, I would still add writing output file even when the hash is specified as a command line argument.
There was a problem hiding this comment.
I have now changed it for outputting only in case of --out-file and not in case of stdout (dda90ab)
I the case of stdout I am guessing it would be confusing to mix both results
There was a problem hiding this comment.
You can print the information message to stderr and the hash to stdout.
There was a problem hiding this comment.
Still will be mixed usually, and it is not an error. Not sure. Another option is to print the message to a file instead of the hash when --out-file is used. Or to make them mutually exclusive
There was a problem hiding this comment.
Well stderr isn't reserved only for errors, but is usually used for any kind of diagnostics. I guess ignoring --out-file would work too if we print a warning here.
@CarlosLopezDeLara thoughts on the UX here?
There was a problem hiding this comment.
I have tried making them mutually exclusive in: cabb16a
I think that works quite well, maybe the problem was trying to do two conflicting things at the same time
palas
force-pushed
the
add-hash-validation
branch
from
11ea69c
to
dda90ab
Compare
palas
force-pushed
the
add-hash-validation
branch
from
dda90ab
to
e7e8a8a
Compare
palas
force-pushed
the
add-hash-validation
branch
2 times, most recently
from
47d4f27
to
4f7cdac
Compare
palas
force-pushed
the
add-hash-validation
branch
from
0d48517
to
d0df4c0
Compare
Changelog
Context
This PR is a first step towards solving: #882
But it doesn't completely address it because the check should be in the commands mentioned and not in a separate command. That will be addressed in a separate PR.
How to trust this PR
The tests should provide a lot of assurance. I think the most unverified bit is the URL structure for IPFS_GATEWAYS, but I have tried it against existing gateways and seems to work. Other than that, code style, and maybe code organisation? We may need to move the verification code somewhere else in order to be able to use it in the next PR.
The PR adds quite a few packages, but it was mainly for testing. For querying it uses
http-client(andhttp-client-tlsfor HTTPS support).Checklist