mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-02-16 12:56:11 +00:00
Code Activity

feat: add whitelist protection for user and external volume Trash directories and include ~/.Trash in default whitelist

Browse Source
This commit is contained in:
Tw93
2025-12-27 13:04:19 +08:00
parent 139b66d1bb
commit f5efc63bae
2 changed files with 49 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
lib/clean/user.sh
View File

@@ -12,7 +12,34 @@ clean_user_essentials() {
stop_section_spinner stop_section_spinner
safe_clean ~/Library/Logs/* "User app logs" safe_clean ~/Library/Logs/* "User app logs"
safe_clean ~/.Trash/* "Trash"
# Check if Trash directory is whitelisted
local trash_protected=false
local trash_path="$HOME/.Trash"
if [[ ${#WHITELIST_PATTERNS[@]} -gt 0 ]]; then
for w in "${WHITELIST_PATTERNS[@]}"; do
# Expand tilde in whitelist pattern for comparison
local expanded_w="${w/#\~/$HOME}"
# Remove trailing slash for consistent comparison
expanded_w="${expanded_w%/}"
# Check for exact match or glob pattern match
# shellcheck disable=SC2053
if [[ "$trash_path" == "$expanded_w" ]] || [[ "$trash_path" == $expanded_w ]]; then
trash_protected=true
break
fi
done
fi
if [[ "$trash_protected" == "true" ]]; then
note_activity
echo -e " ${GREEN}${ICON_EMPTY}${NC} Trash · whitelist protected"
else
safe_clean ~/.Trash/* "Trash"
fi
} }
# Helper: Scan external volumes for cleanup (Trash & DS_Store) # Helper: Scan external volumes for cleanup (Trash & DS_Store)
@@ -75,11 +102,29 @@ scan_external_volumes() {
run_with_timeout 1 mount | grep -q "on $volume " || continue run_with_timeout 1 mount | grep -q "on $volume " || continue
# 1. Clean Trash on volume # 1. Clean Trash on volume
if [[ -d "$volume/.Trashes" && "$DRY_RUN" != "true" ]]; then local volume_trash="$volume/.Trashes"
local volume_trash_protected=false
# Check if external volume Trash is whitelisted
if [[ ${#WHITELIST_PATTERNS[@]} -gt 0 ]]; then
for w in "${WHITELIST_PATTERNS[@]}"; do
local expanded_w="${w/#\~/$HOME}"
expanded_w="${expanded_w%/}"
# Check for exact match or glob pattern match
# shellcheck disable=SC2053
if [[ "$volume_trash" == "$expanded_w" ]] || [[ "$volume_trash" == $expanded_w ]]; then
volume_trash_protected=true
break
fi
done
fi
if [[ -d "$volume_trash" && "$DRY_RUN" != "true" && "$volume_trash_protected" != "true" ]]; then
# Safely iterate and remove each item # Safely iterate and remove each item
while IFS= read -r -d '' item; do while IFS= read -r -d '' item; do
safe_remove "$item" true || true safe_remove "$item" true || true
done < <(command find "$volume/.Trashes" -mindepth 1 -maxdepth 1 -print0 2> /dev/null || true) done < <(command find "$volume_trash" -mindepth 1 -maxdepth 1 -print0 2> /dev/null || true)
fi fi
# 2. Clean .DS_Store # 2. Clean .DS_Store

1
lib/manage/whitelist.sh
View File

@@ -143,6 +143,7 @@ Podman container cache|$HOME/.local/share/containers/cache/*|container_cache
Font cache|$HOME/Library/Caches/com.apple.FontRegistry/*|system_cache Font cache|$HOME/Library/Caches/com.apple.FontRegistry/*|system_cache
Spotlight metadata cache|$HOME/Library/Caches/com.apple.spotlight/*|system_cache Spotlight metadata cache|$HOME/Library/Caches/com.apple.spotlight/*|system_cache
CloudKit cache|$HOME/Library/Caches/CloudKit/*|system_cache CloudKit cache|$HOME/Library/Caches/CloudKit/*|system_cache
Trash|$HOME/.Trash|system_cache
EOF EOF
# Add FINDER_METADATA with constant reference # Add FINDER_METADATA with constant reference
echo "Finder metadata (.DS_Store)|$FINDER_METADATA_SENTINEL|system_cache" echo "Finder metadata (.DS_Store)|$FINDER_METADATA_SENTINEL|system_cache"