chore(M00-A): 建立单仓库基线和参考清单
This commit is contained in:
Codex
@@ -0,0 +1,58 @@
|
||||
$ErrorActionPreference = "Stop"
|
||||
|
||||
$referenceDirName = ([char]0x53C2).ToString() + ([char]0x8003).ToString()
|
||||
$referenceRoot = Join-Path (Resolve-Path ".").Path $referenceDirName
|
||||
if (-not (Test-Path $referenceRoot)) {
|
||||
throw "Missing reference directory: $referenceRoot"
|
||||
}
|
||||
|
||||
$nestedGit = Get-ChildItem $referenceRoot -Recurse -Force -Directory -Filter ".git" -ErrorAction SilentlyContinue
|
||||
if ($nestedGit) {
|
||||
$nestedGit | ForEach-Object { Write-Host "NESTED-GIT: $($_.FullName)" }
|
||||
throw "Nested .git found under reference directory."
|
||||
}
|
||||
|
||||
$blockedRawReferences = @(
|
||||
"$referenceDirName/mazongjian-server.xjar",
|
||||
"$referenceDirName/easy-joy-life-main.zip",
|
||||
"$referenceDirName/24h_qipaishi-master(1).zip",
|
||||
"$referenceDirName/$(([char]0x5C0F).ToString() + ([char]0x7A0B).ToString() + ([char]0x5E8F).ToString() + ([char]0x6E90).ToString() + ([char]0x4EE3).ToString() + ([char]0x7801).ToString()).zip",
|
||||
"$referenceDirName/db_20260427.sql"
|
||||
)
|
||||
|
||||
$tracked = @(& git -c core.quotePath=false ls-files)
|
||||
foreach ($blocked in $blockedRawReferences) {
|
||||
if ($tracked -contains $blocked) {
|
||||
throw "Blocked raw reference is tracked: $blocked"
|
||||
}
|
||||
}
|
||||
|
||||
Get-ChildItem $referenceRoot -Recurse -File | ForEach-Object {
|
||||
$hash = Get-FileHash -Algorithm SHA256 $_.FullName
|
||||
"{0} {1} {2}" -f $hash.Hash, $_.Length, $_.FullName
|
||||
}
|
||||
|
||||
$zipFiles = Get-ChildItem $referenceRoot -File -Filter "*.zip" -ErrorAction SilentlyContinue
|
||||
foreach ($zip in $zipFiles) {
|
||||
$safeName = [IO.Path]::GetFileNameWithoutExtension($zip.Name)
|
||||
$extractRoot = Join-Path $env:TEMP "qipai-reference-check"
|
||||
$extractDir = Join-Path $extractRoot $safeName
|
||||
if (Test-Path $extractDir) {
|
||||
Remove-Item -LiteralPath $extractDir -Recurse -Force
|
||||
}
|
||||
New-Item -ItemType Directory -Force $extractDir | Out-Null
|
||||
try {
|
||||
Expand-Archive -LiteralPath $zip.FullName -DestinationPath $extractDir -Force
|
||||
$fileCount = (Get-ChildItem $extractDir -Recurse -File | Measure-Object).Count
|
||||
$dependencyDirs = Get-ChildItem $extractDir -Recurse -Force -Directory -Include "node_modules","miniprogram_npm" -ErrorAction SilentlyContinue
|
||||
$secretFiles = Get-ChildItem $extractDir -Recurse -File -Include "*.pem","*.key","*.p12","*.crt","application*.yml","application*.properties" -ErrorAction SilentlyContinue
|
||||
Write-Host "ZIP-AUDIT: $($zip.Name) files=$fileCount dependencyDirs=$($dependencyDirs.Count) sensitiveConfigFiles=$($secretFiles.Count)"
|
||||
}
|
||||
finally {
|
||||
if (Test-Path $extractDir) {
|
||||
Remove-Item -LiteralPath $extractDir -Recurse -Force
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Write-Host "PASS: reference directory basic scan completed."
|
||||
Reference in New Issue
Block a user