实现示例type Submodule = { path: string; url: string; ref: string } const allowHosts = new Set<string>(['github.com','git.example.com']) function validUrl(u: string): boolean { try { const x = new URL(u); return x.protocol === 'https:' && allowHosts.has(x.host) } catch { return false } } function sha40(s: string): boolean { return /^[a-f0-9]{40}$/.test(s) } function evaluate(list: Submodule[]): { ok: boolean; errors: string[] } { const errors: string[] = []; for (const m of list) { if (!validUrl(m.url)) errors.push(`url:${m.path}`); if (!sha40(m.ref)) errors.push(`ref:${m.path}`) } return { ok: errors.length === 0, errors } } 审计与运行治理审计记录路径、来源与提交引用;拒绝分支或标签形式引用。外部来源变更需审批与复核;默认只读拉取权限。
投稿
微信公众账号
微信扫一扫加关注
评论 返回
顶部
发表评论 取消回复