From 966afcca6a6f2734b65f34f5b1c6a534cf13c0b4 Mon Sep 17 00:00:00 2001
From: Peter Boling <peter.boling@gmail.com>
Date: Wed, 4 Sep 2024 03:34:16 -0600
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20bin/checksums?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- https://github.com/rubygems/guides/pull/325
---
 bin/checksums | 67 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100755 bin/checksums

diff --git a/bin/checksums b/bin/checksums
new file mode 100755
index 0000000..5498152
--- /dev/null
+++ b/bin/checksums
@@ -0,0 +1,67 @@
+#!/usr/bin/env ruby
+
+# Script from https://github.com/rubygems/guides/pull/325
+require "digest/sha2"
+
+# Final clause of Regex `(?=\.gem)` is a positive lookahead assertion
+# See: https://learnbyexample.github.io/Ruby_Regexp/lookarounds.html#positive-lookarounds
+# Used to pattern match against a gem package name, which always ends with .gem.
+# The positive lookahead ensures it is present, and prevents it from being captured.
+VERSION_REGEX = /((\d+\.\d+\.\d+)([-.][0-9A-Za-z-]+)*)(?=\.gem)/
+
+gem_path_parts = ARGV.first&.split("/")
+
+if gem_path_parts&.any?
+  gem_name = gem_path_parts.last
+  gem_pkg = File.join(gem_path_parts)
+  puts "Looking for: #{gem_pkg.inspect}"
+  gems = Dir[gem_pkg]
+  puts "Found: #{gems.inspect}"
+else
+  gem_pkgs = File.join("pkg", "*.gem")
+  puts "Looking for: #{gem_pkgs.inspect}"
+  gems = Dir[gem_pkgs]
+  raise "Unable to find gems #{gem_pkgs}" if gems.empty?
+
+  # Sort by newest last
+  # [ "my_gem-2.3.9.gem", "my_gem-2.3.11.pre.alpha.4.gem", "my_gem-2.3.15.gem", ... ]
+  gems.sort_by! { |gem| Gem::Version.new(gem[VERSION_REGEX]) }
+  gem_pkg = gems.last
+  gem_path_parts = gem_pkg.split("/")
+  gem_name = gem_path_parts.last
+  puts "Found: #{gems.length} gems; latest is #{gem_name}"
+end
+
+checksum512 = Digest::SHA512.new.hexdigest(File.read(gem_pkg))
+checksum512_path = "checksums/#{gem_name}.sha512"
+File.write(checksum512_path, checksum512)
+
+checksum256 = Digest::SHA256.new.hexdigest(File.read(gem_pkg))
+checksum256_path = "checksums/#{gem_name}.sha256"
+File.write(checksum256_path, checksum256)
+
+version = gem_name[VERSION_REGEX]
+
+git_cmd = <<~GIT_MSG
+  git add checksums/* && \
+  git commit -m "🔒️ Checksums for v#{version}"
+GIT_MSG
+
+puts <<~RESULTS
+  [ GEM: #{gem_name} ]
+  [ VERSION: #{version} ]
+  [ GEM PKG LOCATION: #{gem_pkg} ]
+  [ CHECKSUM SHA-256: #{checksum256} ]
+  [ CHECKSUM SHA-512: #{checksum512} ]
+  [ CHECKSUM SHA-256 PATH: #{checksum256_path} ]
+  [ CHECKSUM SHA-512 PATH: #{checksum512_path} ]
+  
+  ... Running ...
+  
+  #{git_cmd}
+RESULTS
+
+# This will replace the current process with the git process, and exit.
+# Any command placed after this will not be run:
+#   See: https://www.akshaykhot.com/call-shell-commands-in-ruby
+exec(git_cmd)