| 1 | #!/usr/bin/env bash |
| 2 | # SPDX-License-Identifier: AGPL-3.0-or-later |
| 3 | # |
| 4 | # Fail when goldmark or bluemonday is imported outside the canonical |
| 5 | # internal/markdown/ package. After S25, every markdown render must |
| 6 | # flow through markdown.Render() so the sanitizer policy and pipeline |
| 7 | # version stay coherent. |
| 8 | # |
| 9 | # Allowed locations: |
| 10 | # internal/markdown/... — owns Goldmark + bluemonday |
| 11 | # *_test.go everywhere — tests may exercise rendering directly |
| 12 | # |
| 13 | # Anything else triggers the alarm. The fix is to swap the import to |
| 14 | # `github.com/tenseleyFlow/shithub/internal/markdown` and call |
| 15 | # `markdown.RenderHTML` (back-compat) or `markdown.Render` (new). |
| 16 | # |
| 17 | # Exits 0 when no violations are found, 1 otherwise. Run from `make ci`. |
| 18 | |
| 19 | set -euo pipefail |
| 20 | |
| 21 | cd "$(git rev-parse --show-toplevel)" |
| 22 | |
| 23 | # Build a regex of forbidden imports. Matches both the bare import |
| 24 | # path and any aliased form. |
| 25 | FORBIDDEN='github\.com/(yuin/goldmark|microcosm-cc/bluemonday)' |
| 26 | |
| 27 | # git grep is faster than find+grep; --null lets us safely handle |
| 28 | # unusual paths (we don't have any, but cheap insurance). |
| 29 | violations=$(git grep -lE "\"$FORBIDDEN" -- '*.go' 2>/dev/null \ |
| 30 | | grep -v -e '_test\.go$' \ |
| 31 | | grep -v -e '^internal/markdown/' \ |
| 32 | || true) |
| 33 | |
| 34 | if [[ -n "$violations" ]]; then |
| 35 | echo "lint-markdown-boundary: forbidden goldmark/bluemonday import outside internal/markdown/:" >&2 |
| 36 | echo "$violations" | sed 's/^/ /' >&2 |
| 37 | echo "" >&2 |
| 38 | echo "Fix: import 'github.com/tenseleyFlow/shithub/internal/markdown' and call markdown.Render or markdown.RenderHTML." >&2 |
| 39 | exit 1 |
| 40 | fi |
| 41 | |
| 42 | echo "lint-markdown-boundary: ok" |