fix: Update validation

CHANGELOG.md

@@ -2,6 +2,7 @@
 ### Fixes
 - Underlying uploader fixes issues with tokens not being sent properly for users seeing
   `Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found`
+- #440 fix: Validation ordering
 
 ## 2.0.1
 ### Fixes

dist/index.js

@@ -13061,22 +13061,23 @@ const verify = (filename) => __awaiter(void 0, void 0, void 0, function* () {
         else {
             setFailure('Codecov: Error validating SHASUM signature', true);
         }
-        // Verify uploader
+        const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
-        const uploaderSha = external_crypto_.createHash(`sha256`);
+            const stream = external_fs_.createReadStream(filename);
-        const stream = external_fs_.createReadStream(filename);
+            const uploaderSha = external_crypto_.createHash(`sha256`);
-        return yield stream
+            stream.pipe(uploaderSha);
-            .on('data', (data) => {
+            return new Promise((resolve, reject) => {
-            uploaderSha.update(data);
+                stream.on('end', () => resolve(`${uploaderSha.digest('hex')}  ${uploaderName}`));
-        }).on('end', () => __awaiter(void 0, void 0, void 0, function* () {
+                stream.on('error', reject);
-            const hash = `${uploaderSha.digest('hex')}  ${uploaderName}`;
+            });
-            if (hash !== shasum) {
+        });
-                setFailure('Codecov: Uploader shasum does not match\n' +
+        const hash = yield calculateHash(filename);
-                    `uploader hash: ${hash}\npublic hash: ${shasum}`, true);
+        if (hash === shasum) {
-            }
+            core.info(`==> Uploader SHASUM verified (${hash})`);
-            else {
+        }
-                core.info('==> Uploader SHASUM verified');
+        else {
-            }
+            setFailure('Codecov: Uploader shasum does not match -- ' +
-        }));
+                `uploader hash: ${hash}, public hash: ${shasum}`, true);
+        }
     }
     catch (err) {
         setFailure(`Codecov: Error validating uploader: ${err.message}`, true);

src/validate.ts

@@ -44,24 +44,29 @@ const verify = async (filename: string) => {
       setFailure('Codecov: Error validating SHASUM signature', true);
     }
 
-    // Verify uploader
+    const calculateHash = async (filename: string) => {
-    const uploaderSha = crypto.createHash(`sha256`);
+      const stream = fs.createReadStream(filename);
-    const stream = fs.createReadStream(filename);
+      const uploaderSha = crypto.createHash(`sha256`);
-    return await stream
+      stream.pipe(uploaderSha);
-        .on('data', (data) => {
+
-          uploaderSha.update(data);
+      return new Promise((resolve, reject) => {
-        }).on('end', async () => {
+        stream.on('end', () => resolve(
-          const hash = `${uploaderSha.digest('hex')}  ${uploaderName}`;
+            `${uploaderSha.digest('hex')}  ${uploaderName}`,
-          if (hash !== shasum) {
+        ));
-            setFailure(
+        stream.on('error', reject);
-                'Codecov: Uploader shasum does not match\n' +
+      });
-                  `uploader hash: ${hash}\npublic hash: ${shasum}`,
+    };
-                true,
+
-            );
+    const hash = await calculateHash(filename);
-          } else {
+    if (hash === shasum) {
-            core.info('==> Uploader SHASUM verified');
+      core.info(`==> Uploader SHASUM verified (${hash})`);
-          }
+    } else {
-        });
+      setFailure(
+          'Codecov: Uploader shasum does not match -- ' +
+            `uploader hash: ${hash}, public hash: ${shasum}`,
+          true,
+      );
+    }
   } catch (err) {
     setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
   }