From 501d63d666b02a221b9885187b87e243dba2b02f Mon Sep 17 00:00:00 2001 From: Ximin Luo Date: Tue, 5 Feb 2019 20:26:26 -0800 Subject: [PATCH] Use audit-vendor-source from cargo --- debian/check-orig-suspicious.sh | 29 +++++------------------------ 1 file changed, 5 insertions(+), 24 deletions(-) diff --git a/debian/check-orig-suspicious.sh b/debian/check-orig-suspicious.sh index ed0d5b484d..63396e4b45 100755 --- a/debian/check-orig-suspicious.sh +++ b/debian/check-orig-suspicious.sh @@ -1,35 +1,16 @@ -#!/bin/bash - +#!/bin/sh set -e ver="$1" test -n "$ver" || exit 2 -FILTER="Files-Excluded: in debian/copyright and run a repack." -SUS_WHITELIST=$(find "${PWD}" -name upstream-tarball-unsuspicious.txt -type f) +SUS_WHITELIST=$(find "${PWD}/debian" -name upstream-tarball-unsuspicious.txt -type f) rm -rf rustc-${ver/*~*/beta}-src/ tar xf ../rustc_$ver+dfsg1.orig.tar.xz && cd rustc-${ver/*~*/beta}-src/ -# Remove tiny files 4 bytes or less -find . -size -4c -delete -# Remove non-suspicious files, warning on patterns that match nothing -echo "Excluding (i.e. removing) whitelisted files..." -grep -v '^#' ${SUS_WHITELIST} | xargs -I% sh -c 'rm -r ./% || true' -echo "Checking for suspicious files..." - -# TODO: merge the -m stuff into suspicious-source(1). -suspicious-source -v -m text/x-objective-c -m text/x-awk -# The following shell snippet is a bit more strict than suspicious-source(1) -find . -type f -and -not -name '.cargo-checksum.json' -exec file '{}' \; | \ - sed -e 's/\btext\b\(.*\), with very long lines/verylongtext\1/g' | \ - grep -v '\b\(text\|empty\)\b' || true - -# Most C and JS code should be in their own package -find vendor/ -name '*.c' -o -name '*.js' - -echo "The above files (if any) seem suspicious, please audit them." -echo "If good, add them to ${SUS_WHITELIST}." -echo "If bad, add them to ${FILTER}." +/usr/share/cargo/scripts/audit-vendor-source \ + "$SUS_WHITELIST" \ + "Files-Excluded: in debian/copyright and run a repack." echo "Artifacts left in rustc-$ver-src, please remove them yourself." -- 2.39.2