From 1f26237697e5be4d1131884b2bfefd46d85650ea Mon Sep 17 00:00:00 2001 From: jarebear6expepjozn6rakjq5iczi3irqwphcvb <1045813+jarebear6expepjozn6rakjq5iczi3irqwphcvb@users.noreply.github.com> Date: Thu, 14 Aug 2025 19:12:32 -0700 Subject: [PATCH 1/2] add authentication support for private repositories support for ~/.netrc support for environment variable support for stdin --- vet | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/vet b/vet index 9158361..c58d42a 100755 --- a/vet +++ b/vet @@ -39,6 +39,9 @@ OPTIONS: -f, --force Skip all interactive prompts and execute immediately. Use with extreme caution in trusted environments. -h, --help Display this help message. + -n, --netrc Use ~/.netrc credentials for authentication. + -t, --token-stdin + Set authentication token from standard input. EOF } @@ -59,6 +62,20 @@ check_dependencies() { fi } +build_authentication() { + # Tell curl to check ~/.netrc for authentication credentials. + # wget checks for existence of ~/.netrc by default + NETRC="${NETRC:-}" + [[ ! "$NETRC" ]] && NETRC_ARG=() + if [[ "${DOWNLOAD_CMD[0]}" == "curl" ]]; then + NETRC_ARG=(-n) + fi + + # Build Authorization header, if token exists. + VET_TOKEN="${VET_TOKEN:-}" + [[ ! "$VET_TOKEN" ]] && AUTH_HEADER=() || AUTH_HEADER=(--header "Authorization: bearer $VET_TOKEN") +} + trap cleanup EXIT INT TERM FORCE_MODE=0 @@ -73,6 +90,16 @@ while [[ $# -gt 0 ]]; do usage exit 0 ;; + -n|--netrc) + NETRC=1 + shift + ;; + -t|--token-stdin) + if [[ ! -t 0 ]]; then + IFS= read -r VET_TOKEN + fi + shift + ;; --) shift break @@ -100,13 +127,14 @@ shift SCRIPT_ARGS=("$@") check_dependencies +build_authentication mkdir -p "$CACHE_DIR" TMPFILE=$(mktemp) || { log_error "Failed to create temporary file."; exit 1; } TMPFILE_DIFF=$(mktemp) || { log_error "Failed to create temporary diff file."; exit 1; } log_info "Downloading script from: $URL" -if ! "${DOWNLOAD_CMD[@]}" "$TMPFILE" "$URL"; then +if ! "${DOWNLOAD_CMD[@]}" "$TMPFILE" "$URL" "${AUTH_HEADER[@]}" "${NETRC_ARG[@]}"; then log_error "Download failed. Check URL and network connection." exit 1 fi From c0103a82358d5a1100a183826d2042fdf4df546b Mon Sep 17 00:00:00 2001 From: jarebear6expepjozn6rakjq5iczi3irqwphcvb <1045813+jarebear6expepjozn6rakjq5iczi3irqwphcvb@users.noreply.github.com> Date: Thu, 14 Aug 2025 20:09:13 -0700 Subject: [PATCH 2/2] document authentication methods --- README.md | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/README.md b/README.md index 0cffb63..4838984 100644 --- a/README.md +++ b/README.md @@ -133,6 +133,38 @@ Skip all interactive prompts and execute immediately. Use with caution. Display the help message. +\-n, \--netrc + +Use ~/.netrc credentials for authentication. + +\-t, \--token-stdin + +Set authentication token from standard input. + +#### Authentication + +`vet` can: + +- Read from a `~/.netrc` file. +``` +# Example ~/.netrc file to authenticate with GitHub private repositories +machine raw.githubusercontent.com +login api +password +``` + +- Detect and read a `$VET_TOKEN` from an environment variable into an `Authorization` token. +```bash +# Example setting a VET_TOKEN from an environment variable for private GitHub repository access +export VET_TOKEN= +``` + +- Read an `Authorization` token from standard input. +```bash +# Example setting a VET_TOKEN from standared input for private GitHub repository access +echo | ./vet --token-stdin https://example.com/private.sh +``` + ## Project Philosophy & Technical Decisions ### Bash 4+ is a Required Dependency