From 46613a0aaef2619280992d344bc2e74edb84fd17 Mon Sep 17 00:00:00 2001
From: Felix Pankratz <felix.pankratz@auma.com>
Date: Thu, 29 Jun 2023 14:46:00 +0200
Subject: [PATCH] compare more things

---
 check.py | 44 ++++++++++++++++++++++++++++++++------------
 1 file changed, 32 insertions(+), 12 deletions(-)

diff --git a/check.py b/check.py
index 7de72d8..a37d333 100755
--- a/check.py
+++ b/check.py
@@ -13,50 +13,70 @@ def get_registry_manifest(pkg):
     return(r.text)
 
 def parse_manifest(manifest):
-    # parse the manifest which represents the values from the frontend
+    # parse the manifest which contains the values from the frontend
     parsed = json.loads(manifest)
 
-    # extract latest package version
+    # extract the interesting bits
     latest_ver = parsed['dist-tags']['latest']
     latest_manifest = parsed['versions'][latest_ver]
 
     dependencies = parsed['versions'][latest_ver]['dependencies']
     scripts = parsed['versions'][latest_ver]['scripts']
+    name = parsed['versions'][latest_ver]['name']
 
-    # extract number of dependencies
-    print('latest version: {}'.format(latest_ver))
-    return latest_ver, dependencies, scripts
+    #print('latest version: {}'.format(latest_ver))
+    return latest_ver, dependencies, scripts, name
 
 def get_actual_manifest(pkg, ver):
     index_url = 'https://www.npmjs.com/package/' + pkg + '/v/' + ver + '/index'
     index = json.loads(requests.get(index_url).text)
     hexsum = index['files']['/package.json']['hex']
-    print('hex checksum: {}'.format(hexsum))
+    #print('hex checksum: {}'.format(hexsum))
     manifest_url = 'https://www.npmjs.com/package/{}/file/{}'.format(pkg, hexsum)
     manifest = json.loads(requests.get(manifest_url).text)
+    version = manifest['version']
     dependencies = manifest['dependencies']
     scripts = manifest['scripts']
-    return dependencies, scripts
+    name = manifest['name']
+
+    return version, dependencies, scripts, name
 
 
- 
 def main():
     import sys
+    mismatch = False
     pkg = sys.argv[1]
     manifest = get_registry_manifest(pkg)
-    ver, reported_dependencies, reported_scripts = parse_manifest(manifest)
-    actual_dependencies, actual_scripts = get_actual_manifest(pkg, ver)
+    reported_ver, reported_dependencies, reported_scripts, reported_name = parse_manifest(manifest)
+    actual_ver, actual_dependencies, actual_scripts, actual_name = get_actual_manifest(pkg, reported_ver)
+
+    if actual_ver != reported_ver:
+        mismatch = True
+        print('Version mismatch for {}!'.format(pkg))
+        print('Reported version: {}'.format(reported_ver))
+        print('Actual version: {}'.format(actual_ver))
+
     if actual_dependencies != reported_dependencies:
+        mismatch = True
         print('Dependency mismatch detected for {}!'.format(pkg))
         print('Reported dependencies: {}'.format(reported_dependencies))
         print('Actual dependencies: {}'.format(actual_dependencies))
-    else:
-        print('No mismatch detected for {}.'.format(pkg))
+
     if actual_scripts != reported_scripts:
+        mismatch = True
         print('Scripts mismatch detected for {}!'.format(pkg))
         print('Reported scripts: {}'.format(reported_scripts))
         print('Actual scripts: {}'.format(actual_scripts))
 
+    if actual_name != reported_name:
+        mismatch = True
+        print('Name mismatch detected for {}!'.format(pkg))
+        print('Reported name: {}'.format(reported_name))
+        print('Actual name: {}'.format(actual_name))
+
+    if not mismatch:
+        print('No mismatch detected for {}.'.format(pkg))
+
 
 if __name__ == '__main__':
     main()