实现示例type Vendor = { name: string; version: string; files: { path: string; sha256: string }[] }
function hex64(h: string): boolean { return /^[A-Fa-f0-9]{64}$/.test(h) }
function valid(v: Vendor): boolean {
return !!v.name && !!v.version && v.files.length > 0 && v.files.every(f => !!f.path && hex64(f.sha256))
}
function diffVendor(prev: Vendor, next: Vendor): { added: string[]; removed: string[]; changed: string[] } {
const mp = new Map(prev.files.map(f => [f.path, f.sha256]))
const mn = new Map(next.files.map(f => [f.path, f.sha256]))
const added: string[] = []
const removed: string[] = []
const changed: string[] = []
for (const p of mn.keys()) if (!mp.has(p)) added.push(p)
for (const p of mp.keys()) if (!mn.has(p)) removed.push(p)
for (const p of mn.keys()) {
const a = mp.get(p)
const b = mn.get(p)
if (a && b && a.toLowerCase() !== b.toLowerCase()) changed.push(p)
}
return { added, removed, changed }
}
审计与更新门禁变更必须通过差异审计与签名校验;高风险变更需双人审批。发布产线使用 vendoring 版本;外部源更新需入库与审计。
发表评论 取消回复