diff --git a/package.json b/package.json index 1e97289012d7..60636530ce27 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "description": "Cypress is a next generation front end testing tool built for the modern web", "private": true, "scripts": { - "binary-build": "cross-env DEBUG=cypress:*snap*info NODE_OPTIONS=--max_old_space_size=16384 node ./scripts/binary.js build", + "binary-build": "cross-env NODE_OPTIONS=--max_old_space_size=8192 node ./scripts/binary.js build", "binary-deploy": "node ./scripts/binary.js deploy", "binary-deploy-linux": "./scripts/build-linux-binary.sh", "binary-ensure": "node ./scripts/binary.js ensure", diff --git a/scripts/after-pack-hook.js b/scripts/after-pack-hook.js index b0ae84419eba..9ffc327cfb4b 100644 --- a/scripts/after-pack-hook.js +++ b/scripts/after-pack-hook.js @@ -67,11 +67,6 @@ module.exports = async function (params) { ) await cleanup(outputFolder) - - try { - await setupV8Snapshots({ cypressAppPath: params.appOutDir, integrityCheckSource: getIntegrityCheckSource(outputFolder) }) - } catch (error) { - console.log(error) - } + await setupV8Snapshots({ cypressAppPath: params.appOutDir, integrityCheckSource: getIntegrityCheckSource(outputFolder) }) } } diff --git a/scripts/binary/binary-integrity-check-source.js b/scripts/binary/binary-integrity-check-source.js index e1b6b3b46349..5dc05ed44270 100644 --- a/scripts/binary/binary-integrity-check-source.js +++ b/scripts/binary/binary-integrity-check-source.js @@ -60,8 +60,10 @@ function validateFs (fs) { } } -function validatePath (path) { - if (toString.call(path.join) !== `PATH_JOIN_TO_STRING`) { +function validatePath (path, crypto) { + const pathJoinHash = crypto.createHmac('md5', 'HMAC_SECRET').update(toString.call(path.join)).digest('hex') + + if (pathJoinHash !== 'PATH_JOIN_HASH') { throw new Error(`Integrity check failed for path.join.toString()`) } } @@ -91,8 +93,8 @@ function integrityCheck (options) { validateToString() validateElectron(electron) validateFs(fs) - validatePath(path) validateCrypto(crypto) + validatePath(path, crypto) const appPath = electron.app.getAppPath() diff --git a/scripts/binary/binary-sources.js b/scripts/binary/binary-sources.js index 613890dd7470..8af858a4ecb2 100644 --- a/scripts/binary/binary-sources.js +++ b/scripts/binary/binary-sources.js @@ -21,13 +21,14 @@ const getIntegrityCheckSource = (baseDirectory) => { const mainIndexHash = crypto.createHmac('md5', secret).update(fs.readFileSync(path.join(baseDirectory, './index.js'), 'utf8')).digest('hex') const bytenodeHash = crypto.createHmac('md5', secret).update(fs.readFileSync(path.join(baseDirectory, './node_modules/bytenode/lib/index.js'), 'utf8')).digest('hex') const indexJscHash = crypto.createHmac('md5', secret).update(fs.readFileSync(path.join(baseDirectory, './packages/server/index.jsc'), 'utf8')).digest('hex') + const pathJoinHash = crypto.createHmac('md5', secret).update(path.join.toString()).digest('hex') return fileSource.split('\n').join(`\n `) .replaceAll('MAIN_INDEX_HASH', mainIndexHash) .replaceAll('BYTENODE_HASH', bytenodeHash) .replaceAll('INDEX_JSC_HASH', indexJscHash) .replaceAll('HMAC_SECRET', secret) - .replaceAll('PATH_JOIN_TO_STRING', escapeString(path.join.toString())) + .replaceAll('PATH_JOIN_HASH', pathJoinHash) .replaceAll('CRYPTO_CREATE_HMAC_TO_STRING', escapeString(crypto.createHmac.toString())) .replaceAll('CRYPTO_HMAC_UPDATE_TO_STRING', escapeString(crypto.Hmac.prototype.update.toString())) .replaceAll('CRYPTO_HMAC_DIGEST_TO_STRING', escapeString(crypto.Hmac.prototype.digest.toString())) diff --git a/scripts/binary/build.ts b/scripts/binary/build.ts index 3065b3f05888..65a85334d4df 100644 --- a/scripts/binary/build.ts +++ b/scripts/binary/build.ts @@ -260,7 +260,6 @@ require('./packages/server/index.js') }, }) } catch (e) { - console.log(e) if (!skipSigning) { throw e }