aura-3.1.6: A secure package manager for Arch Linux and the AUR.

Copyright(c) Colin Woodbury 2012 - 2020
LicenseGPL3
MaintainerColin Woodbury <colin@fosskers.ca>
Safe HaskellNone
LanguageHaskell2010

Aura.Pkgbuild.Security

Description

Analyse PKGBUILDs for potentially malicious bash code.

Synopsis

Documentation

data BannedTerm Source #

A bash term which should never appear in a PKGBUILD. If one does, it's either a sign of maintainer negligence or malicious behaviour.

Constructors

BannedTerm !Text !BanCategory 

parsedPB :: Pkgbuild -> Maybe List Source #

Attempt to parse a PKGBUILD. Should succeed for all reasonable PKGBUILDs.

bannedTerms :: List -> [(ShellCommand, BannedTerm)] Source #

Discover any banned terms lurking in a parsed PKGBUILD, paired with the surrounding context lines.

reportExploit :: BannedTerm -> Language -> Doc AnsiStyle Source #

Dispatch different error messages depending on the category of a BannedTerm.