实现示例type Override = { name: string; target: string; version: string }
const allowNames = new Set<string>(['lodash','express','react','vue','@example/core'])
function semverValid(v: string): boolean {
return /^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-[0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*)?(?:\+[0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*)?$/.test(v)
}
function valid(o: Override): boolean {
return allowNames.has(o.name) && allowNames.has(o.target) && semverValid(o.version)
}
function evaluate(list: Override[]): { ok: boolean; errors: string[] } {
const errors: string[] = []
for (const o of list) if (!valid(o)) errors.push(`override:${o.name}->${o.target}`)
return { ok: errors.length === 0, errors }
}
审计与CI门禁记录替换与重定向条目;命中非白名单或非精确版本直接阻断。变更需审批与回归校验;产线仅接受受控清单。
发表评论 取消回复