实现示例
type Pod = { name: string; version: string; source: string }
const allowHosts = new Set<string>(['github.com','cdn.cocoapods.org','pods.example.com'])
function validSource(u: string): boolean { try { const x = new URL(u); return x.protocol === 'https:' && allowHosts.has(x.host) } catch { return false } }
function semverLike(v: string): boolean { return /^(\d+\.\d+\.\d+)(?:[-A-Za-z0-9_.]+)?$/.test(v) }
function evaluate(list: Pod[]): { ok: boolean; errors: string[] } {
const errors: string[] = []
for (const p of list) {
if (!p.name || !semverLike(p.version) || !validSource(p.source)) errors.push(p.name)
}
return { ok: errors.length === 0, errors }
}
审计与CI门禁
- 审计源与版本,异常阻断并回退;变更需审批与归档。
发表评论 取消回复