Skip to content

Commit

Permalink
Add warning for dotfiles in info plugin
Browse files Browse the repository at this point in the history
  • Loading branch information
@kamilkrzyskow
kamilkrzyskow committed May 2, 2024
1 parent 5cb3117 commit f724bb9
Show file tree
Hide file tree
Showing 2 changed files with 72 additions and 2 deletions.
37 changes: 36 additions & 1 deletion material/plugins/info/plugin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,9 @@ def on_config(self, config):
pattern = _resolve_pattern(project_config.site_dir)
self.exclusion_patterns.append(pattern)

# Track dotpath inclusion to inform about it later
contains_dotpath: bool = False

# Create self-contained example from project
files: list[str] = []
with ZipFile(archive, "a", ZIP_DEFLATED, False) as f:
Expand All @@ -228,6 +231,11 @@ def on_config(self, config):
# Exclude the directory and all subdirectories
if self._is_excluded(path):
dirnames.remove(name)
continue

# Warn about .dotdirectories
if _is_dotpath(path, log_warning = True):
contains_dotpath = True

# Write files to the in-memory archive
for name in filenames:
Expand All @@ -238,6 +246,10 @@ def on_config(self, config):
if self._is_excluded(path):
continue

# Warn about .dotfiles
if _is_dotpath(path, log_warning = True):
contains_dotpath = True

# Resolve the relative path to create a matching structure
path = os.path.relpath(path, os.path.curdir)
f.write(path, os.path.join(example, path))
Expand Down Expand Up @@ -278,8 +290,11 @@ def on_config(self, config):

# Retrieve list of processed files
for a in f.filelist:
# Highlight .dotpaths in a more explicit manner
color = (Fore.LIGHTYELLOW_EX if "/." in a.filename
else Fore.LIGHTBLACK_EX)
files.append("".join([
Fore.LIGHTBLACK_EX, a.filename, " ",
color, a.filename, " ",
_size(a.compress_size)
]))

Expand Down Expand Up @@ -309,6 +324,14 @@ def on_config(self, config):
if buffer.nbytes > 1000000:
log.warning("Archive exceeds recommended maximum size of 1 MB")

# Print warning when file contains hidden .dotpaths
if contains_dotpath:
log.warning(
"Archive contains dotpaths, which could contain sensitive "
"information.\nPlease review them at the bottom of the list "
"and share only necessary data to reproduce the issue."
)

# Aaaaaand done
sys.exit(1)

Expand Down Expand Up @@ -488,6 +511,18 @@ def _get_project_config(project_config_file: str):

return config

# Check if the path is a .dotpath. A warning can also be issued when the param
# is set. The function also returns a boolean to track results outside it.
def _is_dotpath(path: str, log_warning: bool = False) -> bool:
posix_path = _resolve_pattern(path, return_path = True)
name = posix_path.rstrip("/").rsplit("/", 1)[-1]
if name.startswith("."):
if log_warning:
log.warning(f"The following .dotpath will be included: {path}")
return True
return False


# -----------------------------------------------------------------------------
# Data
# -----------------------------------------------------------------------------
Expand Down
37 changes: 36 additions & 1 deletion src/plugins/info/plugin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,9 @@ def on_config(self, config):
pattern = _resolve_pattern(project_config.site_dir)
self.exclusion_patterns.append(pattern)

# Track dotpath inclusion to inform about it later
contains_dotpath: bool = False

# Create self-contained example from project
files: list[str] = []
with ZipFile(archive, "a", ZIP_DEFLATED, False) as f:
Expand All @@ -228,6 +231,11 @@ def on_config(self, config):
# Exclude the directory and all subdirectories
if self._is_excluded(path):
dirnames.remove(name)
continue

# Warn about .dotdirectories
if _is_dotpath(path, log_warning = True):
contains_dotpath = True

# Write files to the in-memory archive
for name in filenames:
Expand All @@ -238,6 +246,10 @@ def on_config(self, config):
if self._is_excluded(path):
continue

# Warn about .dotfiles
if _is_dotpath(path, log_warning = True):
contains_dotpath = True

# Resolve the relative path to create a matching structure
path = os.path.relpath(path, os.path.curdir)
f.write(path, os.path.join(example, path))
Expand Down Expand Up @@ -278,8 +290,11 @@ def on_config(self, config):

# Retrieve list of processed files
for a in f.filelist:
# Highlight .dotpaths in a more explicit manner
color = (Fore.LIGHTYELLOW_EX if "/." in a.filename
else Fore.LIGHTBLACK_EX)
files.append("".join([
Fore.LIGHTBLACK_EX, a.filename, " ",
color, a.filename, " ",
_size(a.compress_size)
]))

Expand Down Expand Up @@ -309,6 +324,14 @@ def on_config(self, config):
if buffer.nbytes > 1000000:
log.warning("Archive exceeds recommended maximum size of 1 MB")

# Print warning when file contains hidden .dotpaths
if contains_dotpath:
log.warning(
"Archive contains dotpaths, which could contain sensitive "
"information.\nPlease review them at the bottom of the list "
"and share only necessary data to reproduce the issue."
)

# Aaaaaand done
sys.exit(1)

Expand Down Expand Up @@ -488,6 +511,18 @@ def _get_project_config(project_config_file: str):

return config

# Check if the path is a .dotpath. A warning can also be issued when the param
# is set. The function also returns a boolean to track results outside it.
def _is_dotpath(path: str, log_warning: bool = False) -> bool:
posix_path = _resolve_pattern(path, return_path = True)
name = posix_path.rstrip("/").rsplit("/", 1)[-1]
if name.startswith("."):
if log_warning:
log.warning(f"The following .dotpath will be included: {path}")
return True
return False


# -----------------------------------------------------------------------------
# Data
# -----------------------------------------------------------------------------
Expand Down

0 comments on commit f724bb9

Please sign in to comment.