search

dxw / whippet

Whippet is a framework for building WordPress sites that eases deployment, plugin management and build steps.
MIT License
14 stars 3 forks source link

Add a command to check hash of whippet.lock against whippet.json #161

Closed RobjS closed 2 years ago

RobjS commented 3 years ago

e.g. whippet deps hash-check, or whippet deps validate (could potentially also check they're both valid JSON)

This would compare the expected hash based on whippet.json against the hash in whippet.lock, and return an error if they don't match.

We could then include a test for this in CI, to prevent mismatched hashes attempting to deploy.

RobjS commented 3 years ago

Thinking about this some more, it could probably do some other things to check that all is ok as well, e.g.

  1. Check that the hash in whippet.lock is as expected
  2. Check that both files are valid json
  3. Check that there's a valid entry in whippet.lock (i.e. a name, a src and a revision commit sha) for each of the dependencies listed in whippet.json