debian/check-orig-suspicious.sh

   1 #!/bin/sh
   2
   3 set -x
   4
   5 ver="$1"
   6 test -n "$ver" || exit 2
   7
   8 FILTER="Files-Excluded: in debian/copyright and run a repack."
   9 SUS_WHITELIST=$(find "${PWD}" -name upstream-tarball-unsuspicious.txt -type f)
  10
  11 rm -rf rustc-$ver-src/
  12 tar xf ../rustc_$ver+dfsg1.orig.tar.xz && cd rustc-$ver-src/
  13
  14 # Remove non-suspicious files, warning on patterns that match nothing
  15 grep -v '^#' ${SUS_WHITELIST} | xargs  -I% sh -c 'rm -r ./% || true'
  16 echo "Checking for suspicious files..."
  17
  18 # TODO: merge the -m stuff into suspicious-source(1).
  19 suspicious-source -v -m text/x-objective-c
  20 # The following shell snippet is a bit more strict than suspicious-source(1)
  21 find . -type f -and -not -name '.cargo-checksum.json' -exec file '{}' \; | \
  22   sed -e 's/\btext\b\(.*\), with very long lines/verylongtext\1/g' | \
  23   grep -v '\b\(text\|empty\)\b' || true
  24
  25 # Most C and JS code should be in their own package
  26 find src/vendor/ -name '*.c' -o -name '*.js'
  27
  28 echo "The above files (if any) seem suspicious, please audit them."
  29 echo "If good, add them to ${SUS_WHITELIST}."
  30 echo "If bad, add them to ${FILTER}."
  31
  32 echo "Artifacts left in rustc-$ver-src, please remove them yourself."