fix: Update validation

Author: thomasrockhu

CHANGELOG.md

@@ -2,6 +2,7 @@
 ### Fixes
 - Underlying uploader fixes issues with tokens not being sent properly for users seeing
   `Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found`
+- #440 fix: Validation ordering
 
 ## 2.0.1
 ### Fixes

dist/index.js

@@ -13061,22 +13061,23 @@ const verify = (filename) => __awaiter(void 0, void 0, void 0, function* () {
         else {
             setFailure('Codecov: Error validating SHASUM signature', true);
         }
-        // Verify uploader
-        const uploaderSha = external_crypto_.createHash(`sha256`);
-        const stream = external_fs_.createReadStream(filename);
-        return yield stream
-            .on('data', (data) => {
-            uploaderSha.update(data);
-        }).on('end', () => __awaiter(void 0, void 0, void 0, function* () {
-            const hash = `${uploaderSha.digest('hex')}  ${uploaderName}`;
-            if (hash !== shasum) {
-                setFailure('Codecov: Uploader shasum does not match\n' +
-                    `uploader hash: ${hash}\npublic hash: ${shasum}`, true);
-            }
-            else {
-                core.info('==> Uploader SHASUM verified');
-            }
-        }));
+        const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
+            const stream = external_fs_.createReadStream(filename);
+            const uploaderSha = external_crypto_.createHash(`sha256`);
+            stream.pipe(uploaderSha);
+            return new Promise((resolve, reject) => {
+                stream.on('end', () => resolve(`${uploaderSha.digest('hex')}  ${uploaderName}`));
+                stream.on('error', reject);
+            });
+        });
+        const hash = yield calculateHash(filename);
+        if (hash === shasum) {
+            core.info(`==> Uploader SHASUM verified (${hash})`);
+        }
+        else {
+            setFailure('Codecov: Uploader shasum does not match -- ' +
+                `uploader hash: ${hash}, public hash: ${shasum}`, true);
+        }
     }
     catch (err) {
         setFailure(`Codecov: Error validating uploader: ${err.message}`, true);

dist/index.js.map

@@ -44,24 +44,29 @@ const verify = async (filename: string) => {
       setFailure('Codecov: Error validating SHASUM signature', true);
     }
 
-    // Verify uploader
-    const uploaderSha = crypto.createHash(`sha256`);
-    const stream = fs.createReadStream(filename);
-    return await stream
-        .on('data', (data) => {
-          uploaderSha.update(data);
-        }).on('end', async () => {
-          const hash = `${uploaderSha.digest('hex')}  ${uploaderName}`;
-          if (hash !== shasum) {
-            setFailure(
-                'Codecov: Uploader shasum does not match\n' +
-                  `uploader hash: ${hash}\npublic hash: ${shasum}`,
-                true,
-            );
-          } else {
-            core.info('==> Uploader SHASUM verified');
-          }
-        });
+    const calculateHash = async (filename: string) => {
+      const stream = fs.createReadStream(filename);
+      const uploaderSha = crypto.createHash(`sha256`);
+      stream.pipe(uploaderSha);
+
+      return new Promise((resolve, reject) => {
+        stream.on('end', () => resolve(
+            `${uploaderSha.digest('hex')}  ${uploaderName}`,
+        ));
+        stream.on('error', reject);
+      });
+    };
+
+    const hash = await calculateHash(filename);
+    if (hash === shasum) {
+      core.info(`==> Uploader SHASUM verified (${hash})`);
+    } else {
+      setFailure(
+          'Codecov: Uploader shasum does not match -- ' +
+            `uploader hash: ${hash}, public hash: ${shasum}`,
+          true,
+      );
+    }
   } catch (err) {
     setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
   }