refactor: enhance uninstall safety and fix dock removal

- Add symlink/bundle_id/BOM validation to prevent injection attacks - Fix Dock removal for /Applications symlink (use pwd not pwd -P) - Fix brew uninstall test hanging (skip sudo in non-interactive mode) - Remove unused SENSITIVE_DATA_REGEX
2026-02-04 15:04:42 +00:00 · 2026-01-17 09:49:42 +08:00
parent 12cacaa6cc
commit 060c48c48d
7 changed files with 22 additions and 33 deletions
--- a/lib/uninstall/batch.sh
+++ b/lib/uninstall/batch.sh
@@ -11,25 +11,6 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"

 # Batch uninstall with a single confirmation.

-# User data detection patterns (prompt user to backup if found).
-readonly SENSITIVE_DATA_PATTERNS=(
-    "\.warp"                               # Warp terminal configs/themes
-    "/\.config/"                           # Standard Unix config directory
-    "/themes/"                             # Theme customizations
-    "/settings/"                           # Settings directories
-    "/Application Support/[^/]+/User Data" # Chrome/Electron user data
-    "/Preferences/[^/]+\.plist"            # User preference files
-    "/Documents/"                          # User documents
-    "/\.ssh/"                              # SSH keys and configs (critical)
-    "/\.gnupg/"                            # GPG keys (critical)
-)
-
-# Join patterns into a single regex for grep.
-SENSITIVE_DATA_REGEX=$(
-    IFS='|'
-    echo "${SENSITIVE_DATA_PATTERNS[*]}"
-)
-
 # High-performance sensitive data detection (pure Bash, no subprocess)
 # Faster than grep for batch operations, especially when processing many apps
 has_sensitive_data() {