mirror of
https://abf.rosa.ru/djam/rpm-antifascist.git
synced 2025-02-23 16:12:50 +00:00
init
This commit is contained in:
Mikhail Novosyolov
commit
c78371b982
3 changed files with 91 additions and 0 deletions
6
macros.antifascist
Normal file
6
macros.antifascist
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
# may be set to %%nil to disable it
|
||||
%__antifascist %{_bindir}/rpm-antifascist
|
||||
|
||||
# Run it when source code has already been unpacked
|
||||
%__spec_prep_post %{__antifascist} \
|
||||
%{___build_post}
|
||||
48
rpm-antifascist.sh
Executable file
48
rpm-antifascist.sh
Executable file
|
|
@ -0,0 +1,48 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -efu
|
||||
|
||||
# Mask to exclude files. You may add the following into the end of %prep section:
|
||||
# export ANTIFASCIST_EXCLUDE_MASK="*.po"
|
||||
ANTIFASCIST_EXCLUDE_MASK="${ANTIFASCIST_EXCLUDE_MASK:-}"
|
||||
|
||||
keywords=()
|
||||
# ak - add keyword
|
||||
# $1: keyword to add
|
||||
ak(){
|
||||
keywords=("${keywords[@]}" "$1")
|
||||
}
|
||||
|
||||
# "Glory to Ukraine", "Stand with Ukraine"
|
||||
ak Ukraine
|
||||
ak Украина
|
||||
# "Слава Украине"
|
||||
ak Украине
|
||||
ak Україна
|
||||
ak Україне
|
||||
ak Putin
|
||||
ak Путин
|
||||
# popular in README.md
|
||||
ak SWUbanner
|
||||
# https://github.com/vshymanskyy/StandWithUkraine
|
||||
ak StandWithUkraine
|
||||
# nodejs module
|
||||
ak peacenotwar
|
||||
|
||||
regex="${keywords[0]}"
|
||||
for (( i=1; i<${#keywords[@]}; i++ ))
|
||||
do
|
||||
regex="${regex}|${keywords[$i]}"
|
||||
done
|
||||
|
||||
echo "RPM AntiFascist is using the following regex: $regex"
|
||||
|
||||
grep_exclude_args=""
|
||||
if [ -n "$ANTIFASCIST_EXCLUDE_MASK" ]; then
|
||||
grep_exclude_args="--exclude=$ANTIFASCIST_EXCLUDE_MASK"
|
||||
fi
|
||||
# shellcheck disable=SC2086
|
||||
if grep -inHrE ${grep_exclude_args} -- "$regex" "$PWD"; then
|
||||
echo "RPM AntiFascist has detected potentially faschism/nazi-alike text or malware!"
|
||||
exit 5
|
||||
fi
|
||||
37
rpm-antifascist.spec
Normal file
37
rpm-antifascist.spec
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
Summary: Detect potentially malicious source code
|
||||
Name: rpm-antifascist
|
||||
Version: 0.1
|
||||
Release: 1
|
||||
License: MIT
|
||||
Group: Development/Other
|
||||
Url: https://abf.rosalinux.ru/import/rpm-antifascist
|
||||
Source0: rpm-antifascist.sh
|
||||
Source1: macros.antifascist
|
||||
BuildArch: noarch
|
||||
Requires: bash
|
||||
Requires: grep
|
||||
|
||||
%description
|
||||
Detect source code with potential malware or political propaganda before building an RPM package.
|
||||
List of known issues is tracked here:
|
||||
https://docs.google.com/spreadsheets/d/1H3xPB4PgWeFcHjZ7NOPtrcya_Ua4jUolWm-7z9-jSpQ/edit
|
||||
Report bugs and proposals to: https://bugzilla.rosalinux.ru
|
||||
Send pull requests to: https://abf.rosalinux.ru/import/rpm-antifascist
|
||||
|
||||
%files
|
||||
%{_bindir}/rpm-antifascist
|
||||
%{_rpmmacrodir}/*antifascist*
|
||||
|
||||
#------------------------------------------------------------------
|
||||
|
||||
%prep
|
||||
# avoid detecting itself
|
||||
export ANTIFASCIST_EXCLUDE_MASK="rpm-antifascist.sh"
|
||||
|
||||
%build
|
||||
|
||||
%install
|
||||
mkdir -p %{buildroot}%{_bindir}
|
||||
install -m0755 %{SOURCE0} %{buildroot}%{_bindir}/rpm-antifascist
|
||||
|
||||
%install_macro antifascist %{SOURCE1}
|
||||
Loading…
Add table
Reference in a new issue