module Aura.Security where
import Aura.Core
import Aura.IO
import Aura.Languages
import Aura.Pkgbuild.Security
import Aura.Settings
import Aura.Types
import Language.Bash.Pretty (prettyText)
import Language.Bash.Syntax
import RIO
import qualified RIO.Text as T
analysePkgbuild :: Buildable -> RIO Env ()
analysePkgbuild b = do
ss <- asks settings
let f = do
yes <- liftIO $ optionalPrompt ss security_6
when yes . throwM . Failure $ FailMsg security_7
case parsedPB $ bPkgbuild b of
Nothing -> warn ss (security_1 $ bName b) *> f
Just l -> case bannedTerms l of
[] -> pure ()
bts -> do
scold ss . security_5 $ bName b
liftIO $ traverse_ (displayBannedTerms ss) bts
f
displayBannedTerms :: Settings -> (ShellCommand, BannedTerm) -> IO ()
displayBannedTerms ss (stmt, b) = do
putTextLn . T.pack $ "\n " <> prettyText stmt <> "\n"
warn ss $ reportExploit b