-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathrun.sh
More file actions
executable file
·64 lines (51 loc) · 1.41 KB
/
run.sh
File metadata and controls
executable file
·64 lines (51 loc) · 1.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/usr/bin/env bash
# Usage:
# run.sh [-p PACKAGE_LIST_FILENAME] [-o OUT_DIR] [--skip-audit] [--skip-eslint] [--strict] [-h]
#
set -euo pipefail
IFS=$'\n\t'
# Defaults
PACKAGE_LIST_FILENAME="${PACKAGE_LIST_FILENAME:-.}"
OUT_DIR="${OUT_DIR:-./reports}"
progname="$(basename "$0")"
usage() {
cat <<EOF
Usage: $progname [options]
Options:
-f, --file Path to a single package.json file to analyze
-o, --out DIR Output directory for reports (default: $OUT_DIR)
-h, --help Show this help
EOF
exit 1
}
# Parse args (simple)
while [[ $# -gt 0 ]]; do
case "$1" in
-f|--file) PACKAGE_LIST_FILENAME="$2"; shift 2 ;;
-o|--out) OUT_DIR="$2"; shift 2 ;;
-h|--help) usage ;;
--) shift; break ;;
*) echo "Unknown arg: $1"; usage ;;
esac
done
timestamp() { date -u +"%Y-%m-%dT%H:%M:%SZ"; }
echo "[$(timestamp)] Starting static analysis"
echo " Package list filename : $PACKAGE_LIST_FILENAME"
echo " out dir: $OUT_DIR"
mkdir -p "$OUT_DIR"
# Helpers
command_exists() {
command -v "$1" >/dev/null 2>&1
}
safe_run() {
# run command, don't fail the whole script (errors handled by strict flag)
if ! "$@"; then
echo "[$(timestamp)] Command failed: $*"
return 1
fi
return 0
}
python3 download_tgz.py "$PACKAGE_LIST_FILENAME" $OUT_DIR
python3 extract_tgzs.py $OUT_DIR
python3 batch_analysis.py $OUT_DIR/extracted
exit 0