mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-03-22 18:30:08 +00:00
Code Activity

fix(purge): normalize search roots for scan filtering (#478)

Browse Source
This commit is contained in:
tw93
2026-02-22 22:06:19 +08:00
parent 082cc1d09b
commit 8f5b70457e
2 changed files with 61 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
lib/clean/project.sh
View File

@@ -254,12 +254,33 @@ is_purge_project_root() {
is_safe_project_artifact() { is_safe_project_artifact() {
local path="$1" local path="$1"
local search_path="$2" local search_path="$2"
# Normalize search path to tolerate user config entries with trailing slash.
if [[ "$search_path" != "/" ]]; then
search_path="${search_path%/}"
fi
if [[ "$path" != /* ]]; then if [[ "$path" != /* ]]; then
return 1 return 1
fi fi
if [[ "$path" != "$search_path/"* ]]; then if [[ "$path" != "$search_path/"* ]]; then
return 1 # fd may emit physical/canonical paths (for example /private/var)
# while configured search roots use symlink aliases (for example /var).
# Compare physical paths as a fallback to avoid false negatives.
local physical_path=""
local physical_search_path=""
if [[ -d "$path" && -d "$search_path" ]]; then
physical_path=$(cd "$path" 2> /dev/null && pwd -P || echo "")
physical_search_path=$(cd "$search_path" 2> /dev/null && pwd -P || echo "")
fi
if [[ -z "$physical_path" || -z "$physical_search_path" || "$physical_path" != "$physical_search_path/"* ]]; then
return 1
fi
path="$physical_path"
search_path="$physical_search_path"
fi fi
# Must not be a direct child of the search root. # Must not be a direct child of the search root.

39
tests/purge.bats
View File

@@ -92,6 +92,23 @@ setup() {
[[ "$result" == "ALLOWED" ]] [[ "$result" == "ALLOWED" ]]
} }
@test "is_safe_project_artifact: accepts physical path under symlinked search root" {
mkdir -p "$HOME/www/real/proj/node_modules"
touch "$HOME/www/real/proj/package.json"
ln -s "$HOME/www/real" "$HOME/www/link"
result=$(bash -c "
source '$PROJECT_ROOT/lib/clean/project.sh'
if is_safe_project_artifact '$HOME/www/real/proj/node_modules' '$HOME/www/link/proj'; then
echo 'ALLOWED'
else
echo 'BLOCKED'
fi
")
[[ "$result" == "ALLOWED" ]]
}
@test "filter_nested_artifacts: removes nested node_modules" { @test "filter_nested_artifacts: removes nested node_modules" {
mkdir -p "$HOME/www/project/node_modules/package/node_modules" mkdir -p "$HOME/www/project/node_modules/package/node_modules"
@@ -472,6 +489,28 @@ EOF
[[ "$result" == "FOUND" ]] [[ "$result" == "FOUND" ]]
} }
@test "scan_purge_targets: supports trailing slash search path in find mode" {
mkdir -p "$HOME/single-project/node_modules"
touch "$HOME/single-project/package.json"
local scan_output
scan_output="$(mktemp)"
result=$(bash -c "
source '$PROJECT_ROOT/lib/clean/project.sh'
MO_USE_FIND=1 scan_purge_targets '$HOME/single-project/' '$scan_output'
if grep -q '$HOME/single-project/node_modules' '$scan_output'; then
echo 'FOUND'
else
echo 'MISSING'
fi
")
rm -f "$scan_output"
[[ "$result" == "FOUND" ]]
}
@test "is_recently_modified: detects recent projects" { @test "is_recently_modified: detects recent projects" {
mkdir -p "$HOME/www/project/node_modules" mkdir -p "$HOME/www/project/node_modules"
touch "$HOME/www/project/package.json" touch "$HOME/www/project/package.json"