mansi75 commented on code in PR #56: URL: https://github.com/apache/fineract-site/pull/56#discussion_r2996398260
########## scripts/check-whimsy-json.sh: ########## @@ -0,0 +1,66 @@ +#!/usr/bin/env bash +# Checks whimsy site-scan.json for fineract compliance +# Usage: ./scripts/check-whimsy-json.sh +# Source: https://whimsy.apache.org/public/site-scan.json + +set -euo pipefail + +echo "Fetching whimsy site-scan.json..." +DATA=$(curl -s https://whimsy.apache.org/public/site-scan.json | jq '.fineract') + +echo "Whimsy scan results for fineract:" +echo "$DATA" | jq . + +FAILED=0 + +check_field() { + FIELD=$1 + VALUE=$(echo "$DATA" | jq -r ".$FIELD") + if [ "$VALUE" = "null" ] || [ -z "$VALUE" ]; then + echo "FAIL: $FIELD is null/missing" + FAILED=1 + else + echo "PASS: $FIELD = $VALUE" + fi +} + +check_field "uri" +check_field "foundation" +check_field "events" +check_field "license" +check_field "thanks" +check_field "security" +check_field "sponsorship" +check_field "trademarks" +check_field "copyright" +check_field "privacy" +check_field "resources" +check_field "image" + +# csp_check is done differently - whimsy sets it to "OK" if csp matches +# the expected DEFAULT_CSP pattern from sitestandards.rb +# See: https://infra.apache.org/tools/csp.html +CSP_CHECK=$(echo "$DATA" | jq -r '.csp_check') Review Comment: @meonkeys I have updated the check-whimsy-json according to the above changes mentioned. I think you meant csp_check to be against the "default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval'......data: blob:;". Please kindly check -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
