From 01ad485f6517caba49b1917818ceaa477e6cc846 Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Mon, 4 Apr 2016 16:17:50 -0700
Subject: SECURITY: Do not link unknown and unverified code repositories to the
 project without some form of confirmation that one accepts the significant
 risks involved.

---
 util/add_addon_repo  | 14 ++++++++++++--
 util/add_theme_repo  | 14 ++++++++++++--
 util/add_widget_repo | 13 ++++++++++++-
 3 files changed, 36 insertions(+), 5 deletions(-)

(limited to 'util')

diff --git a/util/add_addon_repo b/util/add_addon_repo
index decd9e091..a8dd9f49a 100755
--- a/util/add_addon_repo
+++ b/util/add_addon_repo
@@ -1,10 +1,21 @@
 #!/bin/bash -f
 
-if [ $# -ne 2 ]; then
+if [ $# -lt 2 ]; then
 	echo usage: $0 repo_url nickname
 	exit 1
 fi
 
+if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then
+	echo "";
+	echo "This is NOT an official project repository.";
+	echo "In order to protect you from unverified and";
+	echo "possibly malicious content, this repository";
+	echo "will not be linked to your site unless you";
+	echo "append the word 'insecure' to the command.";
+	echo "";
+	exit 1
+fi
+
 mkdir -p extend/addon/$2
 mkdir addon > /dev/null 2>&1
 git clone $1 extend/addon/$2
@@ -14,7 +25,6 @@ fi
 
 filelist=(`ls extend/addon/$2`)
 
-
 cd addon
 for a in "${filelist[@]}" ; do
 	base=`basename $a`
diff --git a/util/add_theme_repo b/util/add_theme_repo
index d41eba6d9..8280c447b 100755
--- a/util/add_theme_repo
+++ b/util/add_theme_repo
@@ -1,11 +1,21 @@
 #!/bin/bash -f
 
-
-if [ $# -ne 2 ]; then
+if [ $# -lt 2 ]; then
 	echo usage: $0 repo_url nickname
 	exit 1
 fi
 
+if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then
+	echo "";
+	echo "This is NOT an official project repository.";
+	echo "In order to protect you from unverified and";
+	echo "possibly malicious content, this repository";
+	echo "will not be linked to your site unless you";
+	echo "append the word 'insecure' to the command.";
+	echo "";
+	exit 1
+fi
+
 mkdir -p extend/theme/$2
 git clone $1 extend/theme/$2
 if [ $? -ne 0 ]; then
diff --git a/util/add_widget_repo b/util/add_widget_repo
index 347e8e4e1..e7e316ba4 100755
--- a/util/add_widget_repo
+++ b/util/add_widget_repo
@@ -1,10 +1,21 @@
 #!/bin/bash -f
 
-if [ $# -ne 2 ]; then
+if [ $# -lt 2 ]; then
 	echo usage: $0 repo_url nickname
 	exit 1
 fi
 
+if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then
+	echo "";
+	echo "This is NOT an official project repository.";
+	echo "In order to protect you from unverified and";
+	echo "possibly malicious content, this repository";
+	echo "will not be linked to your site unless you";
+	echo "append the word 'insecure' to the command.";
+	echo "";
+	exit 1
+fi
+
 mkdir -p extend/widget/$2
 mkdir widget > /dev/null 2>&1
 git clone $1 extend/widget/$2
-- 
cgit v1.2.3