actions/install-action
1
0
Fork 0
mirror of https://github.com/taiki-e/install-action.git synced 2026-05-10 22:50:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

tidy: Check file permissions

Browse Source
This commit is contained in:
Taiki Endo
2023-08-19 15:58:26 +09:00
parent c9ba9d12d0
commit 1f490d2b6e
1 changed files with 43 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
tools/tidy.sh
View File

@@ -112,6 +112,49 @@ if [[ -n "$(git ls-files '*.rs')" ]]; then
echo "${new}" >"${lib}" echo "${new}" >"${lib}"
check_diff "${lib}" check_diff "${lib}"
done done
# Make sure that public Rust crates don't contain executables.
failed_files=''
metadata=$(cargo metadata --format-version=1 --all-features --no-deps)
has_public_crate=''
for id in $(jq <<<"${metadata}" '.workspace_members[]'); do
pkg=$(jq <<<"${metadata}" ".packages[] | select(.id == ${id})")
publish=$(jq <<<"${pkg}" -r '.publish')
# Publishing is unrestricted if null, and forbidden if an empty array.
if [[ "${publish}" == "[]" ]]; then
continue
fi
has_public_crate='1'
done
if [[ -n "${has_public_crate}" ]]; then
info "checking file permissions"
if [[ -f Cargo.toml ]] && grep -Eq '^\[package\]' Cargo.toml && ! grep -Eq '^publish = false' Cargo.toml; then
if ! grep -Eq '^exclude = \[.*\.\*.*\]' Cargo.toml; then
error "top-level Cargo.toml of real manifest should have exclude field with \"/.*\" and \"/tools\""
elif ! grep -Eq '^exclude = \[.*/tools.*\]' Cargo.toml; then
error "top-level Cargo.toml of real manifest should have exclude field with \"/.*\" and \"/tools\""
fi
fi
for p in $(git ls-files); do
# Skip directories.
if [[ -d "${p}" ]]; then
continue
fi
# Top-level hidden files/directories and tools/* are excluded from crates.io (ensured by the above check).
# TODO: fully respect exclude field in Cargo.toml.
case "${p}" in
.* | tools/*) continue ;;
esac
if [[ -x "${p}" ]]; then
failed_files+="${p}"$'\n'
fi
done
if [[ -n "${failed_files}" ]]; then
error "file-permissions-check failed: executable should be in tools/ directory"
echo "======================================="
echo -n "${failed_files}"
echo "======================================="
fi
fi
fi fi
# C/C++ (if exists) # C/C++ (if exists)