]> git.proxmox.com Git - rustc.git/blob - debian/check-orig-suspicious.sh
Update upstream source from tag 'upstream/1.27.2+dfsg1'
[rustc.git] / debian / check-orig-suspicious.sh
1 #!/bin/bash
2
3 set -e
4
5 ver="$1"
6 test -n "$ver" || exit 2
7
8 FILTER="Files-Excluded: in debian/copyright and run a repack."
9 SUS_WHITELIST=$(find "${PWD}" -name upstream-tarball-unsuspicious.txt -type f)
10
11 rm -rf rustc-${ver/*~*/beta}-src/
12 tar xf ../rustc_$ver+dfsg1.orig.tar.xz && cd rustc-${ver/*~*/beta}-src/
13
14 # Remove tiny files 4 bytes or less
15 find . -size -4c -delete
16 # Remove non-suspicious files, warning on patterns that match nothing
17 echo "Excluding (i.e. removing) whitelisted files..."
18 grep -v '^#' ${SUS_WHITELIST} | xargs -I% sh -c 'rm -r ./% || true'
19 echo "Checking for suspicious files..."
20
21 # TODO: merge the -m stuff into suspicious-source(1).
22 suspicious-source -v -m text/x-objective-c
23 # The following shell snippet is a bit more strict than suspicious-source(1)
24 find . -type f -and -not -name '.cargo-checksum.json' -exec file '{}' \; | \
25 sed -e 's/\btext\b\(.*\), with very long lines/verylongtext\1/g' | \
26 grep -v '\b\(text\|empty\)\b' || true
27
28 # Most C and JS code should be in their own package
29 find src/vendor/ -name '*.c' -o -name '*.js'
30
31 echo "The above files (if any) seem suspicious, please audit them."
32 echo "If good, add them to ${SUS_WHITELIST}."
33 echo "If bad, add them to ${FILTER}."
34
35 echo "Artifacts left in rustc-$ver-src, please remove them yourself."