fix: remove node-fetch from postinstall script

supabase · Dec 29, 2023 · 1e297ed · 1e297ed
1 parent abd10ed
commit 1e297ed
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 31 deletions.
diff --git a/package.json b/package.json
@@ -22,7 +22,6 @@
   },
   "dependencies": {
     "bin-links": "^4.0.1",
-    "node-fetch": "^3.2.10",
     "https-proxy-agent": "^7.0.2",
     "tar": "6.2.0"
   },

diff --git a/scripts/postinstall.js b/scripts/postinstall.js
@@ -7,7 +7,6 @@
 import binLinks from "bin-links";
 import { createHash } from "crypto";
 import fs from "fs";
-import fetch from "node-fetch";
 import { HttpsProxyAgent } from "https-proxy-agent";
 import path from "path";
 import tar from "tar";
@@ -122,6 +121,7 @@ async function main() {
   const ungz = zlib.createGunzip();
   const binName = path.basename(binPath);
   const untar = tar.x({ cwd: binDir }, [binName]);
+  const hash = createHash("sha256");
 
   console.info("Downloading", url);
   const proxyUrl =
@@ -131,36 +131,22 @@ async function main() {
   const agent = proxyUrl ? new HttpsProxyAgent(proxyUrl) : undefined;
   const resp = await fetch(url, { agent });
 
-  const hash = createHash("sha256");
-  const pkgNameWithPlatform = `${pkg.name}_${platform}_${arch}.tar.gz`;
-  const checksumMap = await fetchAndParseCheckSumFile(pkg, agent);
+  const [data, copy] = resp.body.tee();
+  await Promise.all([data.pipeThrough(ungz).pipeTo(untar), copy.pipeTo(hash)]);
 
-  resp.body
-    .on("data", (chunk) => {
-      hash.update(chunk);
-    })
-    .pipe(ungz);
-
-  ungz
-    .on("end", () => {
-      const expectedChecksum = checksumMap?.[pkgNameWithPlatform];
-      // Skip verification if we can't find the file checksum
-      if (!expectedChecksum) {
-        console.warn("Skipping checksum verification");
-        return;
-      }
-      const calculatedChecksum = hash.digest("hex");
-      if (calculatedChecksum !== expectedChecksum) {
-        throw errChecksum;
-      }
-      console.info("Checksum verified.");
-    })
-    .pipe(untar);
-
-  await new Promise((resolve, reject) => {
-    untar.on("error", reject);
-    untar.on("end", () => resolve());
-  });
+  const checksumMap = await fetchAndParseCheckSumFile(pkg, agent);
+  const pkgNameWithPlatform = `${pkg.name}_${platform}_${arch}.tar.gz`;
+  const expectedChecksum = checksumMap?.[pkgNameWithPlatform];
+  // Skip verification if we can't find the file checksum
+  if (expectedChecksum) {
+    const calculatedChecksum = hash.digest("hex");
+    if (calculatedChecksum !== expectedChecksum) {
+      throw errChecksum;
+    }
+    console.info("Checksum verified.");
+  } else {
+    console.warn("Skipping checksum verification");
+  }
 
   // Link the binaries in postinstall to support yarn
   await binLinks({