#!/usr/bin/env bash # # Validation script for sanitized files # Checks that all personal information has been removed # # Usage: ./scripts/validate-sanitization.sh set -euo pipefail # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' NC='\033[0m' # No Color # Check arguments if [ $# -ne 1 ]; then echo "Usage: $0 " echo "Example: $0 modules/" exit 1 fi CHECK_DIR="$1" if [ ! -d "$CHECK_DIR" ]; then echo -e "${RED}✗ Error: Directory $CHECK_DIR does not exist${NC}" exit 1 fi echo "==> Validating sanitization in $CHECK_DIR" echo "" VALIDATION_FAILED=0 # Check for personal domains echo "Checking for personal domains..." if rg 'clarun\.xyz|talu\.uno' "$CHECK_DIR" --type nix --type md 2>/dev/null; then echo -e "${RED}✗ FAIL: Found personal domains (clarun.xyz or talu.uno)${NC}" VALIDATION_FAILED=1 else echo -e "${GREEN}✓ PASS: No personal domains found${NC}" fi echo "" # Check for personal IPs echo "Checking for personal IP addresses..." if rg '192\.168\.1\.|45\.77\.205\.49' "$CHECK_DIR" --type nix 2>/dev/null; then echo -e "${RED}✗ FAIL: Found personal IP addresses${NC}" VALIDATION_FAILED=1 else echo -e "${GREEN}✓ PASS: No personal IP addresses found${NC}" fi echo "" # Check for personal paths echo "Checking for personal paths..." if rg '/home/dan' "$CHECK_DIR" 2>/dev/null; then echo -e "${RED}✗ FAIL: Found personal paths (/home/dan)${NC}" VALIDATION_FAILED=1 else echo -e "${GREEN}✓ PASS: No personal paths found${NC}" fi echo "" # Check for hostname jrz1 echo "Checking for personal hostname..." if rg '\bjrz1\b' "$CHECK_DIR" --type nix --type md 2>/dev/null; then echo -e "${RED}✗ FAIL: Found personal hostname (jrz1)${NC}" VALIDATION_FAILED=1 else echo -e "${GREEN}✓ PASS: No personal hostname found${NC}" fi echo "" # Check for personal email echo "Checking for personal email..." if rg 'dlei@duck\.com' "$CHECK_DIR" 2>/dev/null; then echo -e "${RED}✗ FAIL: Found personal email (dlei@duck.com)${NC}" VALIDATION_FAILED=1 else echo -e "${GREEN}✓ PASS: No personal email found${NC}" fi echo "" # Check for Matrix access tokens (if gitleaks available) if command -v gitleaks &> /dev/null; then echo "Running gitleaks secret scan..." if gitleaks detect --no-git --source "$CHECK_DIR" --quiet 2>/dev/null; then echo -e "${GREEN}✓ PASS: No secrets detected by gitleaks${NC}" else echo -e "${RED}✗ FAIL: gitleaks detected secrets${NC}" echo "Run: gitleaks detect --no-git --source $CHECK_DIR" VALIDATION_FAILED=1 fi echo "" else echo -e "${YELLOW}⚠ WARNING: gitleaks not installed, skipping secret scan${NC}" echo "Install with: nix-env -iA nixpkgs.gitleaks" echo "" fi # Summary echo "==> Validation Summary" if [ $VALIDATION_FAILED -eq 0 ]; then echo -e "${GREEN}✓ All validation checks passed${NC}" echo "" echo "Next steps:" echo "1. Manual review: Check comments for personal context" echo "2. Build validation: nix flake check" echo "3. Commit changes: git add && git commit" exit 0 else echo -e "${RED}✗ Validation failed - personal information still present${NC}" echo "" echo "Actions required:" echo "1. Review the failures above" echo "2. Manually fix remaining personal references" echo "3. Re-run this script" exit 1 fi