Prevent code updates if malicious changes

Chaosthebot · May 25, 2017 · 093c71f · 093c71f
1 parent 46251bb
commit 093c71f
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 8 deletions.
diff --git a/startup.d/10-git-pull.sh b/startup.d/10-git-pull.sh
@@ -1,2 +1,21 @@
 #!/bin/sh
+
+# Prepare code auditing environment
+REPO_URL=$(git remote get-url origin)
+TEST_DIR=$(mktemp -d)
+git clone "$REPO_URL" "$TEST_DIR";
+pushd "$TEST_DIR";
+
+# Code auditing section
+python -m py_compile $(find . -name '*.py');
+if [ "$?" != "0" ]
+then
+  echo "There is syntax error. This may endanger chaos. Pauses updates."
+  exit 45
+fi
+
+# End code auditing section
+popd
+
+git checkout master
 git pull
diff --git a/startup.d/20-syntax-check.sh b/startup.d/20-syntax-check.sh