From 2ff7403742a67349a53ded1653bb74597bf96300 Mon Sep 17 00:00:00 2001 From: Max Howell Date: Mon, 26 Dec 2022 10:27:28 -0500 Subject: [PATCH] +bun.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Closes #1 * Using bun.sh binaries because we'll probs need to do the same for ziglang because ziglang OOMs during builds in CD * However in general we are happy to use the binaries the project built—they know what they are doing and we should trust them in that. * HOWEVER we should insist that they sign their binaries. Bun do not. * ALSO really we should insist on signed sources, see comments in the YAML for more discussion * Not using profile versions as they are not documented and seemingly less portable (based on reading the installer) --- projects/bun.sh/package.yml | 38 +++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 projects/bun.sh/package.yml diff --git a/projects/bun.sh/package.yml b/projects/bun.sh/package.yml new file mode 100644 index 00000000..8e2e48aa --- /dev/null +++ b/projects/bun.sh/package.yml @@ -0,0 +1,38 @@ +distributable: + url: https://github.com/oven-sh/bun/archive/refs/tags/bun-v{{version}}.tar.gz + +warnings: + - vendored + +versions: + github: oven-sh/bun + strip: /^Bun / + +#FIXME proper system for re-using pre-built binaries +# we must require the vendor to provide signatures against a published public +# key. If they don’t then really we should build ourselves or warn the user +# about the fact. +# The thing is, we trust the sources implicitly currently because signing is +# so rare. The only way wide spread signing will occur is via our protocol. + +build: + dependencies: + curl.se: '*' + info-zip.org/unzip: '*' + working-directory: ${{prefix}} + script: | + curl -Lfo bun.zip "https://github.com/oven-sh/bun/releases/download/bun-v{{version}}/bun-$PLATFORM.zip" + unzip bun.zip + mv bun-$PLATFORM bin + rm bun.zip + env: + darwin/aarch64: {PLATFORM: darwin-aarch64} + darwin/x86-64: {PLATFORM: darwin-x64} + linux/aarch64: {PLATFORM: linux-aarch64} + linux/x86-64: {PLATFORM: linux-x64} + +test: + bun --help + +provides: + - bin/bun