Skip to content

Instantly share code, notes, and snippets.

@dd32

dd32/pre-commit Secret

Last active Sep 17, 2021
Embed
What would you like to do?
pre-commit themes.svn.wordress.org suggestions
#!/bin/bash
REPOS="$1"
TXN="$2"
PHP=/usr/local/bin/php
SVNLOOK=/usr/bin/svnlook
$SVNLOOK changed -t "$TXN" "$REPOS"
if [ $? -ne 0 ]; then
echo $FILES >&2
echo "svnlook failed, possible SHA-1 collision" >&2
exit 2
fi
FILES=`$SVNLOOK changed -t "$TXN" "$REPOS" | /bin/grep -Ev '^D ' | /usr/bin/awk '{print $2}'`
for FILE in $FILES; do
if test -f $FILE; then
PREFIX=`$SVNLOOK cat -t "$TXN" "$REPOS" "$FILE" | head -c320 | /usr/bin/sha1sum | cut -c-40`
if [ "$PREFIX" == 'f92d74e3874587aaf443d1db961d4e26dde13e9c' ]; then
echo "known SHA-1 collision rejected" >&2
exit 3
fi
fi
done
LOGMSG=$( $SVNLOOK log -t "$TXN" "$REPOS" | grep [a-zA-Z0-9] | wc -c )
if [ "$LOGMSG" -lt 5 ]; then
echo -e "Please provide commit message that describes the changes you are making." 1>&2
exit 1
fi
CHANGED=`$SVNLOOK changed -t "$TXN" "$REPOS" | awk '/^[^D]/ {print $2}'`
for LINE in $CHANGED
do
FILE=`echo $LINE | egrep \\.php$`
if [ $? == 0 ]
then
MESSAGE=`$SVNLOOK cat -t "$TXN" "$REPOS" "${FILE}" | $PHP -nl`
if [ $? -ne 0 ]
then
echo 1>&2
echo "***********************************" 1>&2
echo "PHP error in: ${FILE}:" 1>&2
echo "$MESSAGE" | sed "s| -| $FILE|g" 1>&2
echo "***********************************" 1>&2
exit 1
fi
fi
done
# Theme Dropbox is exempt from the following rules (To prevent any issues)
AUTHOR=`$SVNLOOK author -t "$TXN" "$REPOS"`
if [ "$AUTHOR" == "themedropbox" ]; then
exit 0
fi
function version_compare_gt() {
# Use PHP for version comparisons for consistency.
$PHP -r 'echo (int) ( $argc == 3 && version_compare( $argv[1], $argv[2], ">" ) );' "$@"
# This should perhaps do an exit rather than an echo? That way just the exit code can be looked at?
}
function latest_version() {
# Assuming `jq` isn't available sends me down a grep rabbithole, which isn't too bad really, as long as the json_encode output doesn't change to include spaces.
# curl -s "https://api.wordpress.org/themes/info/1.1/?action=theme_information&request\[slug\]=$1" --user-agent 'WordPress.org SVN' | jq -r '.version'
curl -s "https://api.wordpress.org/themes/info/1.1/?action=theme_information&request\[slug\]=$1" --user-agent 'WordPress.org SVN' | grep -iEo '"version":"[^"]+"' | cut -d'"' -f4
}
ALL_CHANGES=`$SVNLOOK changed -t "$TXN" "$REPOS" | awk '{print $2}'`
# Require /$slug/$version/ paths only
for LINE in $ALL_CHANGES; do
if ! [[ $LINE =~ ^[^/]+/[0-9.]+/ ]]; then
echo 1>&2
echo "***********************************" 1>&2
echo "Please ensure the path is correct." 1>&2
echo "$LINE doesn't match expected format of /slug/version/" 1>&2
echo "***********************************" 1>&2
exit 1;
fi
done
# Require touching a single version only
CHANGED_VERSIONS=$( printf '%s\n' $ALL_CHANGES | cut -d/ -f1,2 | uniq | wc -l )
if [ "$CHANGED_VERSIONS" -ne 1 ]; then
echo 1>&2
echo "***********************************" 1>&2
echo "Only a single theme version per commit please." 1>&2
echo "***********************************" 1>&2
exit 1
fi
SLUG=`echo $ALL_CHANGES | cut -d/ -f1`
VERSION=`echo $ALL_CHANGES | cut -d/ -f2`
LATEST_VERSION=$( latest_version $SLUG )
# Require that the Version is >= stable
# Deny altering previous versions of a theme
if [ -z "$LATEST_VERSION" ]; then
echo 1>&2
echo "***********************************" 1>&2
echo "Theme '$SLUG' is unknown, suspended, or WordPress.org is experiencing a temporary network issue. Please try again." 1>&2
echo "***********************************" 1>&2
exit 1;
fi
if [ $(version_compare_gt $VERSION $LATEST_VERSION) -ne "1" ]; then
echo 1>&2
echo "***********************************" 1>&2
echo "$SLUG version needs to be greater than $LATEST_VERSION. Found: '$VERSION'." 1>&2
echo "***********************************" 1>&2
exit 1;
fi
# Require that /$slug/$version/style.css exists
# Require that Version in style.css matches path
# NOTE: The style.css version header check here is not super strict, looking for a version-like header in the first 15 lines.
STYLECSS_VERSION=$( $SVNLOOK cat -t "$TXN" "$REPOS" "/$SLUG/$VERSION/style.css" | head -n15 | grep -iEo 'version:.+' | awk -F '[: ]+' '{print $2}' )
if [ "$STYLECSS_VERSION" != "$VERSION" ]; then
echo 1>&2
echo "***********************************" 1>&2
echo "$SLUG/$VERSION/style.css doesn't exist, or version doesn't match '$VERSION'. Found: '$STYLECSS_VERSION'." 1>&2
echo "***********************************" 1>&2
exit 1;
fi
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment