f67813c
f67813c7acc92d0058522cd7088c5265384d1de752ab4e1
b4a2799| Status | File | + | - |
|---|---|---|---|
| M |
scripts/lint-policy-boundary.sh
|
11 | 1 |
scripts/lint-policy-boundary.shmodified@@ -29,13 +29,23 @@ set -euo pipefail | |||
| 29 | 29 | ||
| 30 | cd "$(git rev-parse --show-toplevel)" | 30 | cd "$(git rev-parse --show-toplevel)" |
| 31 | 31 | ||
| 32 | -# Patterns that smell like an inline auth decision. | 32 | +# Patterns that smell like an inline auth decision. The audit found |
| 33 | +# negation forms (`!=`) slipping past the original equality-only set, | ||
| 34 | +# so both directions are covered. Same for the visibility shape — both | ||
| 35 | +# `== "private"` literal and the typed-enum compare. | ||
| 33 | PATTERNS=( | 36 | PATTERNS=( |
| 34 | '\.OwnerUserID == ' | 37 | '\.OwnerUserID == ' |
| 38 | + '\.OwnerUserID != ' | ||
| 35 | '\.OwnerUserID\.Int64 == ' | 39 | '\.OwnerUserID\.Int64 == ' |
| 40 | + '\.OwnerUserID\.Int64 != ' | ||
| 36 | '== .*\.OwnerUserID' | 41 | '== .*\.OwnerUserID' |
| 42 | + '!= .*\.OwnerUserID' | ||
| 37 | '\.Visibility == .*RepoVisibility' | 43 | '\.Visibility == .*RepoVisibility' |
| 44 | + '\.Visibility != .*RepoVisibility' | ||
| 45 | + '\.Visibility == "(public|private)"' | ||
| 46 | + '\.Visibility != "(public|private)"' | ||
| 38 | 'if .*\.IsArchived ' | 47 | 'if .*\.IsArchived ' |
| 48 | + 'if !.*\.IsArchived ' | ||
| 39 | ) | 49 | ) |
| 40 | 50 | ||
| 41 | # Files we're guarding — anywhere a request handler or hook lives. | 51 | # Files we're guarding — anywhere a request handler or hook lives. |