264a3cf031
Although origin registries return specific [filename, hash] pairs, our various different installation methods can't produce a structured mapping from platform to hash without breaking changes. Therefore, as a compromise, we'll continue to do platform-specific checks against upstream data in the cases where that's possible (installation from origin registry or network mirror) but we'll treat the lock file as just a flat set of equally-valid hashes, at least one of which must match after we've completed whatever checks we've made against the upstream-provided checksums/signatures. This includes only the minimal internal/getproviders updates required to make this compile. A subsequent commit will update that package to actually support the idea of verifying against multiple hashes. |
||
|---|---|---|
| .. | ||
| copydir | ||
| depsfile | ||
| earlyconfig | ||
| getproviders | ||
| initwd | ||
| modsdir | ||
| providercache | ||
| tfplugin5 | ||