实现示例type Tag = { name: string; annotated: boolean; sig?: { alg: 'OpenPGP'; kid?: string }; created: number; expires: number } function validName(n: string): boolean { return /^v\d+\.\d+\.\d+$/.test(n) } function within(created: number, expires: number, now: number, leewaySec: number): boolean { if (expires <= created) return false; return now + leewaySec * 1000 >= created && now - leewaySec * 1000 <= expires } function evaluate(t: Tag, now: number): { ok: boolean; errors: string[] } { const errors: string[] = []; if (!validName(t.name)) errors.push('name'); if (!t.annotated) errors.push('annotated'); if (t.sig?.alg !== 'OpenPGP') errors.push('sig'); if (!within(t.created, t.expires, now, 60)) errors.push('time'); return { ok: errors.length === 0, errors } } 审计与发布治理审计标签名称、注释与签名;时间窗口与 `kid` 合规才允许发布。保护发布分支与标签,防止覆盖或删除。
投稿
微信公众账号
微信扫一扫加关注
评论 返回
顶部
发表评论 取消回复