核心要点来源白名单与 `https` 强制;证书指纹与 SRI 哈希校验。异常触发阻断并回退到最近可信镜像;记录审计与证据。实现示例type Source = { url: string; certSha256?: string }
type Entry = { name: string; version: string; resolved: string; integrity: string }
const allowOrigins = new Set<string>(['https://registry.npmjs.org','https://registry.example.com'])
function isHttpsUrl(u: string): boolean {
try {
const url = new URL(u)
return url.protocol === 'https:' && allowOrigins.has(url.origin)
} catch {
return false
}
}
function parseSri(integrity: string): { alg: 'sha256'; b64: string } | null {
const m = /^sha256-([A-Za-z0-9+/=]+)$/.exec(integrity)
return m ? { alg: 'sha256', b64: m[1] } : null
}
function sourceValid(e: Entry): boolean {
return isHttpsUrl(e.resolved) && !!parseSri(e.integrity)
}
function fallback(current: string, candidates: string[]): string | null {
for (const c of candidates) {
try {
const u = new URL(c)
if (u.protocol === 'https:' && allowOrigins.has(u.origin)) return c
} catch {}
}
return null
}
审计与运行治理审计包含来源、证据与回退镜像;异常期间采用只读令牌与哈希强制。变更来源需审批;回退结束后进行完整性复核。
发表评论 取消回复