Skip to content
This repository has been archived by the owner on May 3, 2022. It is now read-only.

feat: use Canonical JSON #612

Merged
merged 1 commit into from
Mar 14, 2019
Merged

feat: use Canonical JSON #612

merged 1 commit into from
Mar 14, 2019

Conversation

technosophos
Copy link
Member

This switches Duffle to use Canonical JSON, which provides JSON ordering
that is conducive to hashing. http://wiki.laptop.org/go/Canonical_JSON

This will increase interoperability with other languages and platforms,
and match the ordering produced by security tools like Notary.

Note that this change does not impact:

  • Claims (still stored as regular JSON)
  • Drivers (still receive regular JSON)
  • Repo (still uses regular JSON)

@technosophos technosophos self-assigned this Jan 14, 2019
@technosophos technosophos added the enhancement New feature or request label Jan 14, 2019
@technosophos technosophos force-pushed the feat/canonical-json-bundle branch from e126f10 to e25ecd7 Compare January 14, 2019 23:54
radu-matei
radu-matei approved these changes Jan 15, 2019
View reviewed changes
Copy link
Member

@radu-matei radu-matei left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (wich a couple of nits about package import order).

@technosophos
Copy link
Member Author

I seriously spent over an hour fixing package import order issues because of the linter. If we have some stated order, can you point me toward it? Because it appears that the order the linter expects is:

built-in

external

local-project

But it seems you are suggesting

built-in

internal

external

And my understanding was that imports within those sections were to be in alphabetical order, which would have github before golang. Yet you are suggesting golang before github.

@radu-matei radu-matei mentioned this pull request Jan 16, 2019
Merged
@radu-matei radu-matei mentioned this pull request Feb 2, 2019
Open
@radu-matei
Copy link
Member

radu-matei commented Feb 11, 2019
edited
Loading

Now that we moved passed the order import kerfuffle, this is tied to cnabio/cnab-spec#73.

Is there anything preventing the spec PR from getting merged?

It also needs a rebase.

@technosophos
feat: use Canonical JSON
cee0aa9 
This switches Duffle to use Canonical JSON, which provides JSON ordering
that is conducive to hashing. http://wiki.laptop.org/go/Canonical_JSON

This will increase interoperability with other languages and platforms,
and match the ordering produced by security tools like Notary.

Note that this change does not impact:

- Claims (still stored as regular JSON)
- Drivers (still receive regular JSON)
- Repo (still uses regular JSON)
@technosophos technosophos force-pushed the feat/canonical-json-bundle branch from 829f9ca to cee0aa9 Compare March 11, 2019 19:50
@ghost ghost added review and removed in progress labels Mar 11, 2019
@technosophos
Copy link
Member Author

Rebased.

jeremyrickard
jeremyrickard approved these changes Mar 12, 2019
View reviewed changes
Copy link
Member

@jeremyrickard jeremyrickard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@radu-matei radu-matei merged commit 779c1d3 into cnabio:master Mar 14, 2019
@ghost ghost removed the review label Mar 14, 2019
@radu-matei radu-matei mentioned this pull request Mar 14, 2019
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@radu-matei radu-matei radu-matei approved these changes

@jeremyrickard jeremyrickard jeremyrickard approved these changes

Assignees

@technosophos technosophos

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@technosophos @radu-matei @jeremyrickard