init

2025-02-24 00:22:49 +00:00 · 2022-03-18 23:29:53 +03:00 · 2022-03-18 23:29:53 +03:00 · c78371b982
commit c78371b982
3 changed files with 91 additions and 0 deletions
--- a/macros.antifascist
+++ b/macros.antifascist
@ -0,0 +1,6 @@
 # may be set to %%nil to disable it
 %__antifascist %{_bindir}/rpm-antifascist
 # Run it when source code has already been unpacked
 %__spec_prep_post %{__antifascist} \
 %{___build_post}
--- a/rpm-antifascist.sh
+++ b/rpm-antifascist.sh
@ -0,0 +1,48 @@
 #!/bin/bash
 set -efu
 # Mask to exclude files. You may add the following into the end of %prep section:
 # export ANTIFASCIST_EXCLUDE_MASK="*.po"
 ANTIFASCIST_EXCLUDE_MASK="${ANTIFASCIST_EXCLUDE_MASK:-}"
 keywords=()
 # ak - add keyword
 # $1: keyword to add
 ak(){
 	keywords=("${keywords[@]}" "$1")
 }
 # "Glory to Ukraine", "Stand with Ukraine"
 ak Ukraine
 ak Украина
 # "Слава Украине"
 ak Украине
 ak Україна
 ak Україне
 ak Putin
 ak Путин
 # popular in README.md
 ak SWUbanner
 # https://github.com/vshymanskyy/StandWithUkraine
 ak StandWithUkraine
 # nodejs module
 ak peacenotwar
 regex="${keywords[0]}"
 for (( i=1; i<${#keywords[@]}; i++ ))
 do
 	regex="${regex}|${keywords[$i]}"
 done
 echo "RPM AntiFascist is using the following regex: $regex"
 grep_exclude_args=""
 if [ -n "$ANTIFASCIST_EXCLUDE_MASK" ]; then
 	grep_exclude_args="--exclude=$ANTIFASCIST_EXCLUDE_MASK"
 fi
 # shellcheck disable=SC2086
 if grep -inHrE ${grep_exclude_args} -- "$regex" "$PWD"; then
 	echo "RPM AntiFascist has detected potentially faschism/nazi-alike text or malware!"
 	exit 5
 fi
--- a/rpm-antifascist.spec
+++ b/rpm-antifascist.spec
@ -0,0 +1,37 @@
 Summary:	Detect potentially malicious source code
 Name:		rpm-antifascist
 Version:	0.1
 Release:	1
 License:	MIT
 Group:		Development/Other
 Url:		https://abf.rosalinux.ru/import/rpm-antifascist
 Source0:	rpm-antifascist.sh
 Source1:	macros.antifascist
 BuildArch:	noarch
 Requires:	bash
 Requires:	grep
 %description
 Detect source code with potential malware or political propaganda before building an RPM package.
 List of known issues is tracked here:
 https://docs.google.com/spreadsheets/d/1H3xPB4PgWeFcHjZ7NOPtrcya_Ua4jUolWm-7z9-jSpQ/edit
 Report bugs and proposals to: https://bugzilla.rosalinux.ru
 Send pull requests to: https://abf.rosalinux.ru/import/rpm-antifascist
 %files
 %{_bindir}/rpm-antifascist
 %{_rpmmacrodir}/*antifascist*
 #------------------------------------------------------------------
 %prep
 # avoid detecting itself
 export ANTIFASCIST_EXCLUDE_MASK="rpm-antifascist.sh"
 %build
 %install
 mkdir -p %{buildroot}%{_bindir}
 install -m0755 %{SOURCE0} %{buildroot}%{_bindir}/rpm-antifascist
 %install_macro antifascist %{SOURCE1}