]>
Commit | Line | Data |
---|---|---|
8faf50e0 XL |
1 | // Copyright 2018 The Rust Project Developers. See the COPYRIGHT |
2 | // file at the top-level directory of this distribution and at | |
3 | // http://rust-lang.org/COPYRIGHT. | |
4 | // | |
5 | // Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or | |
6 | // http://www.apache.org/licenses/LICENSE-2.0> or the MIT license | |
7 | // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your | |
8 | // option. This file may not be copied, modified, or distributed | |
9 | // except according to those terms. | |
10 | ||
11 | // ! Check for external package sources. Allow only vendorable packages. | |
12 | ||
13 | use std::fs::File; | |
14 | use std::io::Read; | |
15 | use std::path::Path; | |
16 | ||
17 | /// List of whitelisted sources for packages | |
b7449926 | 18 | const WHITELISTED_SOURCES: &[&str] = &[ |
8faf50e0 XL |
19 | "\"registry+https://github.com/rust-lang/crates.io-index\"", |
20 | ]; | |
21 | ||
22 | /// check for external package sources | |
23 | pub fn check(path: &Path, bad: &mut bool) { | |
24 | // Cargo.lock of rust: src/Cargo.lock | |
25 | let path = path.join("Cargo.lock"); | |
26 | ||
27 | // open and read the whole file | |
28 | let mut cargo_lock = String::new(); | |
29 | t!(t!(File::open(path)).read_to_string(&mut cargo_lock)); | |
30 | ||
31 | // process each line | |
b7449926 | 32 | for line in cargo_lock.lines() { |
8faf50e0 XL |
33 | |
34 | // consider only source entries | |
35 | if ! line.starts_with("source = ") { | |
36 | continue; | |
37 | } | |
38 | ||
39 | // extract source value | |
b7449926 | 40 | let source = line.splitn(2, '=').nth(1).unwrap().trim(); |
8faf50e0 XL |
41 | |
42 | // ensure source is whitelisted | |
43 | if !WHITELISTED_SOURCES.contains(&&*source) { | |
44 | println!("invalid source: {}", source); | |
45 | *bad = true; | |
46 | } | |
47 | } | |
48 | } |