feat: update pgp examples to use npm commands

lukekarrys · lukekarrys · commit 41a0e7cf631c · 2022-02-26T11:36:07.000-07:00
diff --git a/content/packages-and-modules/securing-your-code/verifying-the-pgp-signature-for-a-package-from-the-npm-public-registry.mdx b/content/packages-and-modules/securing-your-code/verifying-the-pgp-signature-for-a-package-from-the-npm-public-registry.mdx
@@ -28,13 +28,13 @@ To ensure the integrity of a package version you download from the npm public re
 1. On the command line, fetch the signature for the package version you want and save it in a file:
 
    ```
-   $ http GET https://registry.npmjs.org/light-cycle | json "versions['1.4.3'].dist.npm-signature" > sig-to-check
+   npm view light-cycle@1.4.3 --json | npm exec json ".dist.npm-signature" > sig-to-check
    ```
 
 2. Get the integrity field for that version (example below includes response):
 
    ```
-   $ http GET https://registry.npmjs.org/light-cycle | json "versions['1.4.3'].dist.integrity"
+   npm view light-cycle@1.4.3 --json | npm exec json ".dist.integrity"
    ```
 
    Example response:
@@ -46,19 +46,18 @@ To ensure the integrity of a package version you download from the npm public re
 3. Construct the string that ties the unique package name and version to the integrity string (example below includes response):
 
    ```
-   $ keybase pgp verify --signed-by npmregistry -d sig-to-check -m 'light-cycle@1.4.3:sha512-sFcuivsDZ99fY0TbvuRC6CDXB8r/ylafjJAMnbSF0y4EMM1/1DtQo40G2WKz1rBbyiz4SLAc3Wa6yZyC4XSGOQ=='
+   keybase pgp verify --signed-by npmregistry -d sig-to-check -m 'light-cycle@1.4.3:sha512-sFcuivsDZ99fY0TbvuRC6CDXB8r/ylafjJAMnbSF0y4EMM1/1DtQo40G2WKz1rBbyiz4SLAc3Wa6yZyC4XSGOQ=='
    ```
 
    Example response:
 
    ```
    ▶ INFO Identifying npmregistry
-   ✔ <tracked> public key fingerprint: 0963 1802 8A2B 58C8 4929 D8E1 3D4D 5B12 0276 566A
-   You last followed npmregistry on 2018-04-10 21:21:57 PDT
-   ✔ <tracked> admin of DNS zone npmjs.com: found TXT entry keybase-site-verification=iK3pjpRBkv-CIJ4PHtWL4TTcFXMpPiwPynatKl3oWO4
-   ✔ <tracked> "npmjs" on twitter: https://twitter.com/npmjs/status/981288548845240320 [cached 2018-04-12 13:18:31 PDT; but got a retryable error (API network error: Get https://twitter.com/npmjs/status/981288548845240320: net/http: request canceled (Client.Timeout exceeded while awaiting headers) (code=170)) this time around]
-   ✔ <tracked> admin of DNS zone npmjs.org: found TXT entry keybase-site-verification=Ls8jN55i6KesjiX91Ck79bUZ17eA-iohmw2jJFM16xc
-   Signature verified. Signed by npmregistry 7 minutes ago (2018-04-13 15:00:37 -0700 PDT).
+   ✔ public key fingerprint: 0963 1802 8A2B 58C8 4929 D8E1 3D4D 5B12 0276 566A
+   ✔ admin of DNS zone npmjs.org: found TXT entry keybase-site-verification=Ls8jN55i6KesjiX91Ck79bUZ17eA-iohmw2jJFM16xc
+   ✔ admin of DNS zone npmjs.com: found TXT entry keybase-site-verification=iK3pjpRBkv-CIJ4PHtWL4TTcFXMpPiwPynatKl3oWO4
+   ✔ "npmjs" on twitter: https://twitter.com/npmjs/status/981288548845240320
+   Signature verified. Signed by npmregistry 3 years ago (2018-04-13 15:00:37 -0700 MST).
    PGP Fingerprint: 096318028a2b58c84929d8e13d4d5b120276566a.
    ```
 
