From e55e4914217e1fb5d186b4fcca3e95c3380ca065 Mon Sep 17 00:00:00 2001
From: Devin Canterberry <devin@canterberry.cc>
Date: Wed, 27 Jul 2022 21:41:44 -0700
Subject: [PATCH 1/3] =?UTF-8?q?=F0=9F=8E=A8=20Tidy=20up=20wget=20and=20gpg?=
 =?UTF-8?q?=20output=20during=20installation?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bin/install | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/bin/install b/bin/install
index 02d2103..3198d46 100755
--- a/bin/install
+++ b/bin/install
@@ -21,13 +21,13 @@ asdf_yarn_keyring() {
 
 asdf_yarn_download_wget() {
   # Download archive
-  wget -O "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz"
+  wget -q -O "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz"
 
   # Download archive signature
-  wget -O "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc"
+  wget -q -O "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc"
 
   # Download and import signing key
-  wget -q -O - "https://dl.yarnpkg.com/debian/pubkey.gpg" | GNUPGHOME="$(asdf_yarn_keyring)" gpg --import
+  wget -q -O - "https://dl.yarnpkg.com/debian/pubkey.gpg" | GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --import
 }
 
 asdf_yarn_download_curl() {
@@ -38,7 +38,7 @@ asdf_yarn_download_curl() {
   curl -sSL -o "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc"
 
   # Download and import signing key
-  curl -sSL "https://dl.yarnpkg.com/debian/pubkey.gpg" | GNUPGHOME="$(asdf_yarn_keyring)" gpg --import
+  curl -sSL "https://dl.yarnpkg.com/debian/pubkey.gpg" | GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --import
 }
 
 asdf_yarn_download() {
@@ -60,7 +60,7 @@ asdf_yarn_install() {
     asdf_yarn_download
 
     # Verify archive signature
-    GNUPGHOME="$(asdf_yarn_keyring)" gpg --verify "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "yarn-v${ASDF_INSTALL_VERSION}.tar.gz"
+    GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --verify "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "yarn-v${ASDF_INSTALL_VERSION}.tar.gz"
 
     # Extract archive
     tar xzf "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" --strip-components=1 --no-same-owner

From 4e122b3cfe24d19025399a77dc18c511964f921f Mon Sep 17 00:00:00 2001
From: Devin Canterberry <devin@canterberry.cc>
Date: Wed, 27 Jul 2022 21:50:29 -0700
Subject: [PATCH 2/3] =?UTF-8?q?=F0=9F=8E=A8=20Ignore=20GPG=20output=20on?=
 =?UTF-8?q?=20signature=20verification?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This plugin uses a dedicated keyring containing only the signing key
we know to trust because we obtained it from an official source via
a secure channel. However, because we haven't told GPG that we trust
the key, we see a trust warning when attempting to verify a signature
made using that key. This warning is spurious (aside: the GPG-level
trust model is esoteric and rarely used, in favor of pushing trust
upward to ensure you're only using trusted keys to verify signatures
in the first place).

If signature verification fails, we'll still get a non-zero exit code,
which will halt the process from continuing to install the errant file.
---
 bin/install | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/install b/bin/install
index 3198d46..c07cdf2 100755
--- a/bin/install
+++ b/bin/install
@@ -60,7 +60,7 @@ asdf_yarn_install() {
     asdf_yarn_download
 
     # Verify archive signature
-    GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --verify "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "yarn-v${ASDF_INSTALL_VERSION}.tar.gz"
+    GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --verify "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" 2>/dev/null
 
     # Extract archive
     tar xzf "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" --strip-components=1 --no-same-owner

From 5ff06a50dc3ee0963f88c49ffa7a31acf5a49bf2 Mon Sep 17 00:00:00 2001
From: Devin Canterberry <devin@canterberry.cc>
Date: Wed, 27 Jul 2022 22:01:48 -0700
Subject: [PATCH 3/3] =?UTF-8?q?=F0=9F=8E=A8=20Prettifying=20progress=20upd?=
 =?UTF-8?q?ates?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Writing progress to standard error (vs standard output)
because it is intended for humans to read (vs machines).
---
 bin/install | 49 ++++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 42 insertions(+), 7 deletions(-)

diff --git a/bin/install b/bin/install
index c07cdf2..f6dd5d4 100755
--- a/bin/install
+++ b/bin/install
@@ -8,6 +8,31 @@ asdf_yarn_fail() {
   exit 1
 }
 
+asdf_yarn_progress() {
+  >&2 printf "\e[32m"
+  if [[ "$1" -gt 0 ]]; then
+    for i in $(seq 1 "$1"); do
+      >&2 printf "█"
+    done
+  fi
+  >&2 printf "\e[2m"
+  if [[ "$1" -lt 5 ]]; then
+    for i in $(seq "$1" 4); do
+      >&2 printf "█"
+    done
+  fi
+  >&2 printf "\e[0m "
+}
+
+asdf_yarn_progress_clear() {
+  >&2 printf "\b\b\b\b\b\b"
+}
+
+asdf_yarn_progress_step() {
+  asdf_yarn_progress_clear
+  asdf_yarn_progress "$@"
+}
+
 asdf_yarn_keyring() {
   local YARN_KEYRING="${ASDF_DATA_DIR:-$HOME/.asdf}/keyrings/yarn"
 
@@ -21,24 +46,24 @@ asdf_yarn_keyring() {
 
 asdf_yarn_download_wget() {
   # Download archive
-  wget -q -O "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz"
+  wget -q -O "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz" || asdf_yarn_fail 'failed to download archive'
 
   # Download archive signature
-  wget -q -O "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc"
+  wget -q -O "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" || asdf_yarn_fail 'failed to download signature'
 
   # Download and import signing key
-  wget -q -O - "https://dl.yarnpkg.com/debian/pubkey.gpg" | GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --import
+  wget -q -O - "https://dl.yarnpkg.com/debian/pubkey.gpg" | GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --import || asdf_yarn_fail 'failed to download signing key'
 }
 
 asdf_yarn_download_curl() {
   # Download archive
-  curl -sSL -o "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz"
+  curl -sSL -o "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz" || asdf_yarn_fail 'failed to download archive'
 
   # Download archive signature
-  curl -sSL -o "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc"
+  curl -sSL -o "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "https://classic.yarnpkg.com/downloads/${ASDF_INSTALL_VERSION}/yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" || asdf_yarn_fail 'failed to download signature'
 
   # Download and import signing key
-  curl -sSL "https://dl.yarnpkg.com/debian/pubkey.gpg" | GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --import
+  curl -sSL "https://dl.yarnpkg.com/debian/pubkey.gpg" | GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --import || asdf_yarn_fail 'failed to download signing key'
 }
 
 asdf_yarn_download() {
@@ -52,23 +77,30 @@ asdf_yarn_download() {
 }
 
 asdf_yarn_install() {
+  >&2 printf "🧶 yarn ${ASDF_INSTALL_VERSION} "
   local ASDF_YARN_DIR="$(mktemp -d -t asdf-yarn-XXXXXXX)"
 
   (
     cd "${ASDF_YARN_DIR}"
 
+    asdf_yarn_progress 0
     asdf_yarn_download
 
+    asdf_yarn_progress_step 1
     # Verify archive signature
-    GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --verify "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" 2>/dev/null
+    GNUPGHOME="$(asdf_yarn_keyring)" gpg -q --verify "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc" "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" 2>/dev/null || asdf_yarn_fail 'failed to verify signature'
 
+    asdf_yarn_progress_step 2
     # Extract archive
     tar xzf "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" --strip-components=1 --no-same-owner
 
+    asdf_yarn_progress_step 3
     # Remove downloaded files
     rm -f "yarn-v${ASDF_INSTALL_VERSION}.tar.gz" "yarn-v${ASDF_INSTALL_VERSION}.tar.gz.asc"
   )
 
+  asdf_yarn_progress_step 4
+
   if [ -d "${ASDF_INSTALL_PATH}" ]; then
     # Remove existing install directory
     rm -fR "${ASDF_INSTALL_PATH}"
@@ -79,6 +111,9 @@ asdf_yarn_install() {
 
   # Finish the installation
   mv "${ASDF_YARN_DIR}" "${ASDF_INSTALL_PATH}"
+
+  asdf_yarn_progress_step 5
+  echo '✅ installed!'
 }
 
 [ "${ASDF_INSTALL_TYPE}" == 'ref' ] && asdf_yarn_fail "This plugin does not support installing by ref."