forked from openedx/edx-platform
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathxss-commit-linter.sh
executable file
·87 lines (77 loc) · 2.68 KB
/
xss-commit-linter.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#!/usr/bin/env bash
set -e
###############################################################################
#
# xss-commit-linter.sh
#
# Executes xsslint/xss_linter.py on the set of files in a particular git commit.
#
###############################################################################
show_help() {
echo "Usage: xss-commit-linter.sh [OPTION]"
echo "Runs the XSS Linter against all files in a git commit."
echo ""
echo "Mandatory arguments to long options are mandatory for short options too."
echo " -h, --help Output this help."
echo " -m, --main-branch=COMMIT Run against files changed between the"
echo " current branch and this commit."
echo " Defaults to origin/master."
echo " -v, --verbose Output details of git commands run."
echo ""
echo "This scripts does not give a grand total. Be sure to check for"
echo "0 violations on each file."
echo ""
echo "For more help using the xss linter, including details on how to"
echo "understand and fix any violations, read the docs here:"
echo ""
echo " http://edx.readthedocs.org/projects/edx-developer-guide/en/latest/conventions/preventing_xss.html#xss-linter"
}
show_verbose() {
echo "Files linted is based on the following:"
echo "- Current commit: ${current_branch_hash}"
echo "- Main commit: ${MAIN_COMMIT}"
echo "- Merge base command: ${merge_base_command}"
echo "- Merge base: ${merge_base}"
echo "- Diff command: ${diff_command}"
}
for i in "$@"; do
case $i in
-m=*|--main-branch=*)
MAIN_COMMIT="${i#*=}"
shift # past argument=value
;;
-v|--verbose)
VERBOSE=true
;;
-h|--help|*)
# help or unknown option
show_help
exit 0
;;
esac
done
current_branch_hash=`git rev-parse HEAD`
if [ -z "${MAIN_COMMIT+x}" ]; then
# if commit is not set, get hash of current branch
MAIN_COMMIT="origin/master"
fi
merge_base_command="git merge-base $current_branch_hash $MAIN_COMMIT"
merge_base=$(${merge_base_command})
diff_command="git diff --name-only --diff-filter=ACM $merge_base $current_branch_hash"
diff_files=$(${diff_command})
if [ "$diff_files" = "" ]; then
# When no files are found, automatically display verbose details to help
# understand why.
show_verbose
echo ""
echo "No files linted."
else
if [ ${VERBOSE} ] ; then
show_verbose
fi
for f in $diff_files; do
echo ""
echo "Linting $f:"
./scripts/xsslint/xss_linter.py --config=scripts.xsslint_config $f
done
fi