panda/qipai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f5445f16d71cacc85bd504238a4d50b21aa01c0b
qipai/scripts/dev/windows/check-reference.ps1
T

59 lines
2.5 KiB
PowerShell
Raw Blame History

$ErrorActionPreference = "Stop"
$referenceDirName = ([char]0x53C2).ToString() + ([char]0x8003).ToString()
$referenceRoot = Join-Path (Resolve-Path ".").Path $referenceDirName
if (-not (Test-Path $referenceRoot)) {
throw "Missing reference directory: $referenceRoot"
}
$nestedGit = Get-ChildItem $referenceRoot -Recurse -Force -Directory -Filter ".git" -ErrorAction SilentlyContinue
if ($nestedGit) {
$nestedGit | ForEach-Object { Write-Host "NESTED-GIT: $($_.FullName)" }
throw "Nested .git found under reference directory."
}
$blockedRawReferences = @(
"$referenceDirName/mazongjian-server.xjar",
"$referenceDirName/easy-joy-life-main.zip",
"$referenceDirName/24h_qipaishi-master(1).zip",
"$referenceDirName/$(([char]0x5C0F).ToString() + ([char]0x7A0B).ToString() + ([char]0x5E8F).ToString() + ([char]0x6E90).ToString() + ([char]0x4EE3).ToString() + ([char]0x7801).ToString()).zip",
"$referenceDirName/db_20260427.sql"
)
$tracked = @(& git -c core.quotePath=false ls-files)
foreach ($blocked in $blockedRawReferences) {
if ($tracked -contains $blocked) {
throw "Blocked raw reference is tracked: $blocked"
}
}
Get-ChildItem $referenceRoot -Recurse -File | ForEach-Object {
$hash = Get-FileHash -Algorithm SHA256 $_.FullName
"{0} {1} {2}" -f $hash.Hash, $_.Length, $_.FullName
}
$zipFiles = Get-ChildItem $referenceRoot -File -Filter "*.zip" -ErrorAction SilentlyContinue
foreach ($zip in $zipFiles) {
$safeName = [IO.Path]::GetFileNameWithoutExtension($zip.Name)
$extractRoot = Join-Path $env:TEMP "qipai-reference-check"
$extractDir = Join-Path $extractRoot $safeName
if (Test-Path $extractDir) {
Remove-Item -LiteralPath $extractDir -Recurse -Force
}
New-Item -ItemType Directory -Force $extractDir | Out-Null
try {
Expand-Archive -LiteralPath $zip.FullName -DestinationPath $extractDir -Force
$fileCount = (Get-ChildItem $extractDir -Recurse -File | Measure-Object).Count
$dependencyDirs = Get-ChildItem $extractDir -Recurse -Force -Directory -Include "node_modules","miniprogram_npm" -ErrorAction SilentlyContinue
$secretFiles = Get-ChildItem $extractDir -Recurse -File -Include "*.pem","*.key","*.p12","*.crt","application*.yml","application*.properties" -ErrorAction SilentlyContinue
Write-Host "ZIP-AUDIT: $($zip.Name) files=$fileCount dependencyDirs=$($dependencyDirs.Count) sensitiveConfigFiles=$($secretFiles.Count)"
}
finally {
if (Test-Path $extractDir) {
Remove-Item -LiteralPath $extractDir -Recurse -Force
}
}
}
Write-Host "PASS: reference directory basic scan completed."
Reference in New Issue View Git Blame Copy Permalink