fix: 🐛 Include leading zeros in checksums (#399)

Co-authored-by: i-al-istannen <i-al-istannen@users.noreply.github.com> Co-authored-by: SirYwell <hannesgreule@outlook.de>
chains-project · Aug 31, 2023 · 5964e7a · 5964e7a
1 parent 8b8d20d
commit 5964e7a
Show file tree

Hide file tree

Showing 6 changed files with 9 additions and 8 deletions.
diff --git a/github_action/lockfile.json b/github_action/lockfile.json
@@ -1,7 +1,7 @@
 {
   "artifactID": "maven-lockfile-github-action",
   "groupID": "io.github.chains-project",
-  "version": "4.1.1-SNAPSHOT",
+  "version": "4.2.1-SNAPSHOT",
   "lockFileVersion": 1,
   "dependencies": [
     {

diff --git a/lockfile.json b/lockfile.json
@@ -1,7 +1,7 @@
 {
   "artifactID": "maven-lockfile-parent",
   "groupID": "io.github.chains-project",
-  "version": "4.1.1-SNAPSHOT",
+  "version": "4.2.1-SNAPSHOT",
   "lockFileVersion": 1,
   "dependencies": [],
   "mavenPlugins": [

diff --git a/maven_plugin/lockfile.json b/maven_plugin/lockfile.json
@@ -1,7 +1,7 @@
 {
   "artifactID": "maven-lockfile",
   "groupID": "io.github.chains-project",
-  "version": "4.1.1-SNAPSHOT",
+  "version": "4.2.1-SNAPSHOT",
   "lockFileVersion": 1,
   "dependencies": [
     {

diff --git a/maven_plugin/pom.xml b/maven_plugin/pom.xml
@@ -284,5 +284,4 @@
       </build>
     </profile>
   </profiles>
-
 </project>
diff --git a/maven_plugin/src/main/java/io/github/chains_project/maven_lockfile/ValidateChecksumMojo.java b/maven_plugin/src/main/java/io/github/chains_project/maven_lockfile/ValidateChecksumMojo.java
@@ -55,8 +55,8 @@ public void execute() throws MojoExecutionException {
                 sb.append("Lock file validation failed. Differences:");
                 sb.append("\n");
                 sb.append("Your lockfile from file is for:"
-                        + lockFileFromFile.getGroupId().getValue() + ":"
-                        + lockFileFromFile.getName().getValue() + ":"
+                        + lockFileFromFile.getGroupId().getValue()
+                        + ":" + lockFileFromFile.getName().getValue() + ":"
                         + lockFileFromFile.getVersion().getValue() + "\n");
                 sb.append("Your generated lockfile is for:"
                         + lockFileFromProject.getGroupId().getValue() + ":"

diff --git a/...n/java/io/github/chains_project/maven_lockfile/checksum/FileSystemChecksumCalculator.java b/...n/java/io/github/chains_project/maven_lockfile/checksum/FileSystemChecksumCalculator.java
@@ -1,9 +1,10 @@
 package io.github.chains_project.maven_lockfile.checksum;
 
-import java.math.BigInteger;
+import com.google.common.io.BaseEncoding;
 import java.nio.file.Files;
 import java.security.MessageDigest;
 import java.util.List;
+import java.util.Locale;
 import java.util.Optional;
 import org.apache.log4j.Logger;
 import org.apache.maven.artifact.Artifact;
@@ -63,7 +64,8 @@ private Optional<String> calculateChecksumInternal(Artifact artifact) {
             MessageDigest messageDigest = MessageDigest.getInstance(checksumAlgorithm);
             byte[] fileBuffer = Files.readAllBytes(artifact.getFile().toPath());
             byte[] artifactHash = messageDigest.digest(fileBuffer);
-            return Optional.of(new BigInteger(1, artifactHash).toString(16));
+            BaseEncoding baseEncoding = BaseEncoding.base16();
+            return Optional.of(baseEncoding.encode(artifactHash).toLowerCase(Locale.ROOT));
         } catch (Exception e) {
             LOGGER.warn("Could not calculate checksum for artifact " + artifact, e);
             return Optional.empty();