Merge pull request #230 from ziglang/techatrix/version-manager

introduce a fully featured version manager

.vscodeignore

@@ -1,8 +1,11 @@
+.github/**
 .vscode/**
 .vscode-test/**
 out/test/**
 src/**
 .gitignore
+.prettierignore
+eslint.config.mjs
 **/tsconfig.json
 **/tslint.json
 **/*.map

package.json

@@ -36,6 +36,9 @@
           ".zig",
           ".zon"
         ],
+        "aliases": [
+          "Zig"
+        ],
         "configuration": "./language-configuration.json"
       }
     ],
@@ -68,11 +71,6 @@
       "type": "object",
       "title": "Zig",
       "properties": {
-        "zig.initialSetupDone": {
-          "type": "boolean",
-          "default": false,
-          "description": "Has the initial setup been done yet?"
-        },
         "zig.buildOnSave": {
           "type": "boolean",
           "default": false,
@@ -105,13 +103,12 @@
         "zig.path": {
           "scope": "machine-overridable",
           "type": "string",
-          "description": "Set a custom path to the Zig binary. The string \"zig\" means lookup zig in PATH."
+          "description": "Set a custom path to the `zig` executable. Example: `C:/zig-windows-x86_64-0.13.0/zig.exe`. The string \"zig\" means lookup zig in PATH."
         },
-        "zig.checkForUpdate": {
+        "zig.version": {
           "scope": "resource",
-          "type": "boolean",
-          "description": "Whether to automatically check for new updates",
-          "default": true
+          "type": "string",
+          "description": "Specify which Zig version should be installed. Takes priority over a `.zigversion` file or a `build.zig.zon` with `minimum_zig_version`."
         },
         "zig.formattingProvider": {
           "scope": "resource",
@@ -150,16 +147,21 @@
           ],
           "default": "off"
         },
-        "zig.zls.checkForUpdate": {
+        "zig.zls.enabled": {
           "scope": "resource",
-          "type": "boolean",
-          "description": "Whether to automatically check for new updates",
-          "default": true
+          "type": "string",
+          "description": "Whether to enable the optional ZLS Language Server",
+          "enum": [
+            "ask",
+            "off",
+            "on"
+          ],
+          "default": "ask"
         },
         "zig.zls.path": {
           "scope": "machine-overridable",
           "type": "string",
-          "description": "Path to `zls` executable. Example: `C:/zls/zig-cache/bin/zls.exe`. The string \"zls\" means lookup ZLS in PATH.",
+          "description": "Set a custom path to the `zls` executable. Example: `C:/zls/zig-cache/bin/zls.exe`. The string \"zls\" means lookup ZLS in PATH.",
           "format": "path"
         },
         "zig.zls.enableSnippets": {
@@ -336,28 +338,18 @@
         "category": "Zig Setup"
       },
       {
-        "command": "zig.update",
-        "title": "Check for Zig Updates",
-        "category": "Zig Setup"
-      },
-      {
-        "command": "zig.zls.install",
-        "title": "Install Server",
+        "command": "zig.zls.enable",
+        "title": "Enable Language Server",
         "category": "Zig Language Server"
       },
       {
         "command": "zig.zls.startRestart",
-        "title": "Start / Restart Server",
+        "title": "Start / Restart Language Server",
         "category": "Zig Language Server"
       },
       {
         "command": "zig.zls.stop",
-        "title": "Stop Server",
-        "category": "Zig Language Server"
-      },
-      {
-        "command": "zig.zls.update",
-        "title": "Check for Server Updates",
+        "title": "Stop Language Server",
         "category": "Zig Language Server"
       }
     ],
@@ -379,23 +371,25 @@
     "lint": "eslint ."
   },
   "devDependencies": {
+    "@types/libsodium-wrappers": "^0.7.14",
     "@types/lodash-es": "^4.17.12",
     "@types/mocha": "^2.2.48",
     "@types/node": "^18.0.0",
     "@types/vscode": "^1.80.0",
     "@types/which": "^2.0.1",
+    "@vscode/test-electron": "^2.3.9",
     "@vscode/vsce": "^2.24.0",
     "esbuild": "^0.12.1",
     "eslint": "^8.57.0",
     "eslint-config-prettier": "^9.1.0",
     "prettier": "3.2.5",
     "typescript": "^5.4.3",
-    "typescript-eslint": "^7.4.0",
-    "@vscode/test-electron": "^2.3.9"
+    "typescript-eslint": "^7.4.0"
   },
   "dependencies": {
     "axios": "^1.7.4",
     "camelcase": "^7.0.1",
+    "libsodium-wrappers": "^0.7.15",
     "lodash-es": "^4.17.21",
     "semver": "^7.5.2",
     "vscode-languageclient": "8.0.2-next.5",

src/extension.ts

@@ -1,15 +1,15 @@
 import vscode from "vscode";
 
 import { activate as activateZls, deactivate as deactivateZls } from "./zls";
-import ZigCompilerProvider from "./zigCompilerProvider";
+import { deactivate as deactivateSetupZig, setupZig } from "./zigSetup";
+import ZigDiagnosticsProvider from "./zigDiagnosticsProvider";
 import ZigMainCodeLensProvider from "./zigMainCodeLens";
 import ZigTestRunnerProvider from "./zigTestRunnerProvider";
 import { registerDocumentFormatting } from "./zigFormat";
-import { setupZig } from "./zigSetup";
 
 export async function activate(context: vscode.ExtensionContext) {
     await setupZig(context).finally(() => {
-        const compiler = new ZigCompilerProvider();
+        const compiler = new ZigDiagnosticsProvider();
         compiler.activate(context.subscriptions);
 
         context.subscriptions.push(registerDocumentFormatting());
@@ -31,4 +31,5 @@ export async function activate(context: vscode.ExtensionContext) {
 
 export async function deactivate() {
     await deactivateZls();
+    await deactivateSetupZig();
 }

src/minisign.ts

@@ -0,0 +1,92 @@
+/**
+ * Ported from: https://github.com/mlugg/setup-zig/blob/main/main.js (MIT)
+ */
+
+import sodium from "libsodium-wrappers";
+
+export interface Key {
+    id: Buffer;
+    key: Buffer;
+}
+
+// Parse a minisign key represented as a base64 string.
+// Throws exceptions on invalid keys.
+export function parseKey(keyString: string): Key {
+    const keyInfo = Buffer.from(keyString, "base64");
+
+    const id = keyInfo.subarray(2, 10);
+    const key = keyInfo.subarray(10);
+
+    if (key.byteLength !== sodium.crypto_sign_PUBLICKEYBYTES) {
+        throw new Error("invalid public key given");
+    }
+
+    return {
+        id: id,
+        key: key,
+    };
+}
+
+export interface Signature {
+    algorithm: Buffer;
+    keyID: Buffer;
+    signature: Buffer;
+}
+
+// Parse a buffer containing the contents of a minisign signature file.
+// Throws exceptions on invalid signature files.
+export function parseSignature(sigBuf: Buffer): Signature {
+    const untrustedHeader = Buffer.from("untrusted comment: ");
+
+    // Validate untrusted comment header, and skip
+    if (!sigBuf.subarray(0, untrustedHeader.byteLength).equals(untrustedHeader)) {
+        throw new Error("file format not recognised");
+    }
+    sigBuf = sigBuf.subarray(untrustedHeader.byteLength);
+
+    // Skip untrusted comment
+    sigBuf = sigBuf.subarray(sigBuf.indexOf("\n") + 1);
+
+    // Read and skip signature info
+    const sigInfoEnd = sigBuf.indexOf("\n");
+    const sigInfo = Buffer.from(sigBuf.subarray(0, sigInfoEnd).toString(), "base64");
+    sigBuf = sigBuf.subarray(sigInfoEnd + 1);
+
+    // Extract components of signature info
+    const algorithm = sigInfo.subarray(0, 2);
+    const keyID = sigInfo.subarray(2, 10);
+    const signature = sigInfo.subarray(10);
+
+    // We don't look at the trusted comment or global signature, so we're done.
+
+    return {
+        algorithm: algorithm,
+        keyID: keyID,
+        signature: signature,
+    };
+}
+
+// Given a parsed key, parsed signature file, and raw file content, verifies the
+// signature. Does not throw. Returns 'true' if the signature is valid for this
+// file, 'false' otherwise.
+export function verifySignature(pubkey: Key, signature: Signature, fileContent: Buffer) {
+    let signedContent;
+    if (signature.algorithm.equals(Buffer.from("ED"))) {
+        signedContent = sodium.crypto_generichash(sodium.crypto_generichash_BYTES_MAX, fileContent);
+    } else {
+        signedContent = fileContent;
+    }
+
+    if (!signature.keyID.equals(pubkey.id)) {
+        return false;
+    }
+
+    if (!sodium.crypto_sign_verify_detached(signature.signature, signedContent, pubkey.key)) {
+        return false;
+    }
+
+    // Since we don't use the trusted comment, we don't bother verifying the global signature.
+    // If we were to start using the trusted comment for any purpose, we must add this.
+
+    return true;
+}