mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-09-13 22:42:29 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

move NON_FREE_GRADLE_LINES to signature definition files

Browse source
This commit is contained in:
Michael Pöhn 2022-09-22 15:34:25 +02:00
parent 9c5b35742d
commit e4b54fe4a7
2 changed files with 257 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

251
fdroidserver/data/scanner/scanner.json
View file

@ -1,23 +1,116 @@
{ {
"signatures": { "signatures": {
"admob": {
"gradle_signatures": [
"admob.*sdk.*android"
],
"license": "NonFree"
},
"androidx": {
"gradle_signatures": [
"androidx.navigation:navigation-dynamic-features",
"androidx.work:work-gcm"
],
"license": "NonFree"
},
"appcenter-push": {
"gradle_signatures": [
"appcenter-push"
],
"license": "NonFree"
},
"bugsense": {
"gradle_signatures": [
"bugsense"
],
"license": "NonFree"
},
"cloudrail": {
"gradle_signatures": [
"cloudrail"
],
"license": "NonFree"
},
"com.android.billing": { "com.android.billing": {
"code_signatures": [ "code_signatures": [
"com/android/billing" "com/android/billing"
], ],
"license": "NonFree" "license": "NonFree"
}, },
"com.android.billingclient": {
"gradle_signatures": [
"com.android.billingclient"
],
"license": "NonFree"
},
"com.anjlab.android.iab.v3": {
"gradle_signatures": [
"com.anjlab.android.iab.v3:library"
],
"license": "NonFree"
},
"com.cloudinary": {
"gradle_signatures": [
"com.cloudinary:cloudinary-android"
],
"license": "NonFree"
},
"com.evernote": {
"gradle_signatures": [
"com.evernote:android-job"
],
"license": "NonFree"
},
"com.facebook": {
"gradle_signatures": [
"[\"']com.facebook.android['\":]"
],
"license": "NonFree"
},
"com.github.junrar": {
"gradle_signatures": [
"com.github.junrar:junrar"
],
"license": "NonFree"
},
"com.github.penn5": {
"gradle_signatures": [
"com.github.penn5:donations"
],
"license": "NonFree"
},
"com.google.analytics": { "com.google.analytics": {
"code_signatures": [ "code_signatures": [
"com/google/analytics" "com/google/analytics"
], ],
"license": "NonFree" "license": "NonFree"
}, },
"com.google.android.exoplayer": {
"gradle_signatures": [
"com.google.android.exoplayer:extension-cast",
"com.google.android.exoplayer:extension-cronet"
],
"license": "NonFree"
},
"com.google.android.gms": { "com.google.android.gms": {
"code_signatures": [ "code_signatures": [
"com/google/android/gms" "com/google/android/gms"
], ],
"license": "NonFree" "license": "NonFree"
}, },
"com.google.android.libraries.places": {
"gradle_signatures": [
"com.google.android.libraries.places:places"
],
"license": "NonFree"
},
"com.google.android.play": {
"gradle_signatures": [
"com.google.android.play:app-update",
"com.google.android.play:core.*"
],
"license": "NonFree"
},
"com.google.android.play.core": { "com.google.android.play.core": {
"code_signatures": [ "code_signatures": [
"com/google/android/play/core" "com/google/android/play/core"
@ -30,13 +123,169 @@
], ],
"license": "NonFree" "license": "NonFree"
}, },
"com.google.mlkit": {
"gradle_signatures": [
"com.google.mlkit"
],
"license": "NonFree"
},
"com.google.tagmanager": { "com.google.tagmanager": {
"code_signatures": [ "code_signatures": [
"com/google/tagmanager" "com/google/tagmanager"
], ],
"license": "NonFree" "license": "NonFree"
},
"com.hypertrack": {
"gradle_signatures": [
"com.hypertrack"
],
"license": "NonFree"
},
"com.mapbox": {
"gradle_signatures": [
"com.mapbox"
],
"license": "NonFree"
},
"com.onesignal": {
"gradle_signatures": [
"com.onesignal:OneSignal"
],
"license": "NonFree"
},
"com.tencent.bugly": {
"gradle_signatures": [
"com.tencent.bugly"
],
"license": "NonFree"
},
"com.umeng.umsdk": {
"gradle_signatures": [
"com.umeng.umsdk"
],
"license": "NonFree"
},
"com.yandex.android": {
"gradle_signatures": [
"com.yandex.android"
],
"license": "NonFree"
},
"com.yayandroid": {
"gradle_signatures": [
"com.yayandroid:LocationManager"
],
"license": "NonFree"
},
"crashlytics": {
"gradle_signatures": [
"crashlytics"
],
"license": "NonFree"
},
"crittercism": {
"gradle_signatures": [
"crittercism"
],
"license": "NonFree"
},
"firebase": {
"gradle_signatures": [
"firebase"
],
"license": "NonFree"
},
"flurryagent": {
"gradle_signatures": [
"flurryagent"
],
"license": "NonFree"
},
"google-ad": {
"gradle_signatures": [
"google.*ad.*view"
],
"license": "NonFree"
},
"google.admob": {
"gradle_signatures": [
"google.*admob"
],
"license": "NonFree"
},
"google.play.services": {
"gradle_signatures": [
"google.*play.*services"
],
"license": "NonFree"
},
"heyzap": {
"gradle_signatures": [
"heyzap"
],
"license": "NonFree"
},
"io.github.sinaweibosdk": {
"gradle_signatures": [
"io.github.sinaweibosdk"
],
"license": "NonFree"
},
"io.objectbox": {
"gradle_signatures": [
"io.objectbox:objectbox-gradle-plugin"
],
"license": "NonFree"
},
"jpct": {
"gradle_signatures": [
"jpct.*ae"
],
"license": "NonFree"
},
"libspen23": {
"gradle_signatures": [
"libspen23"
],
"license": "NonFree"
},
"me.pushy": {
"gradle_signatures": [
"me.pushy:sdk"
],
"license": "NonFree"
},
"org.jetbrains.kotlinx": {
"gradle_signatures": [
"org.jetbrains.kotlinx:kotlinx-coroutines-play-services"
],
"license": "NonFree"
},
"ouya": {
"gradle_signatures": [
"ouya.*sdk"
],
"license": "NonFree"
},
"paypal": {
"gradle_signatures": [
"paypal.*mpl"
],
"license": "NonFree"
},
"xyz.belvi.mobilevision": {
"gradle_signatures": [
"xyz.belvi.mobilevision:barcodescanner"
],
"license": "NonFree"
},
"youtube": {
"gradle_signatures": [
"youtube.*android.*player.*api"
],
"license": "NonFree"
} }
}, },
"timestamp": "2022-09-15T12:43:06.508370+00:00", "timestamp": "2022-09-22T13:16:29.313769+00:00",
"version": 1 "version": 1
} }

62
fdroidserver/scanner.py
View file

@ -51,56 +51,6 @@ json_per_build = deepcopy(DEFAULT_JSON_PER_BUILD)
MAVEN_URL_REGEX = re.compile(r"""\smaven\s*(?:{.*?(?:setUrl|url)|\((?:url)?)\s*=?\s*(?:uri)?\(?\s*["']?([^\s"']+)["']?[^})]*[)}]""", MAVEN_URL_REGEX = re.compile(r"""\smaven\s*(?:{.*?(?:setUrl|url)|\((?:url)?)\s*=?\s*(?:uri)?\(?\s*["']?([^\s"']+)["']?[^})]*[)}]""",
re.DOTALL) re.DOTALL)
# Common known non-free blobs (always lower case):
NON_FREE_GRADLE_LINES = {
exp: re.compile(r'.*' + exp, re.IGNORECASE) for exp in [
r'flurryagent',
r'paypal.*mpl',
r'admob.*sdk.*android',
r'google.*ad.*view',
r'google.*admob',
r'google.*play.*services',
r'com.google.android.play:core.*',
r'com.google.android.play:app-update',
r'com.google.android.libraries.places:places',
r'com.google.mlkit',
r'com.android.billingclient',
r'androidx.work:work-gcm',
r'crittercism',
r'heyzap',
r'jpct.*ae',
r'youtube.*android.*player.*api',
r'bugsense',
r'crashlytics',
r'ouya.*sdk',
r'libspen23',
r'firebase',
r'''["']com.facebook.android['":]''',
r'cloudrail',
r'com.tencent.bugly',
r'appcenter-push',
r'com.github.junrar:junrar',
r'androidx.navigation:navigation-dynamic-features',
r'xyz.belvi.mobilevision:barcodescanner',
r'org.jetbrains.kotlinx:kotlinx-coroutines-play-services',
r'me.pushy:sdk',
r'io.github.sinaweibosdk',
r'com.umeng.umsdk',
r'com.google.android.exoplayer:extension-cast',
r'io.objectbox:objectbox-gradle-plugin',
r'com.evernote:android-job',
r'com.yayandroid:LocationManager',
r'com.onesignal:OneSignal',
r'com.cloudinary:cloudinary-android',
r'com.google.android.exoplayer:extension-cronet',
r'com.anjlab.android.iab.v3:library',
r'com.github.penn5:donations',
r'com.mapbox',
r'com.yandex.android',
r'com.hypertrack',
]
}
SCANNER_CACHE_VERSION = 1 SCANNER_CACHE_VERSION = 1
@ -314,13 +264,13 @@ class ScannerTool():
self.compile_regexes() self.compile_regexes()
def compile_regexes(self): def compile_regexes(self):
self.regex = {'code_signatures': {}} self.regex = {'code_signatures': {}, 'gradle_signatures': {}}
for sdc in self.sdcs: for sdc in self.sdcs:
print(']]]', sdc.data)
for signame, sigdef in sdc.data.get('signatures', {}).items(): for signame, sigdef in sdc.data.get('signatures', {}).items():
for sig in sigdef['code_signatures']: for sig in sigdef.get('code_signatures', []):
self.regex['code_signatures'][sig] = re.compile(sig, re.IGNORECASE) self.regex['code_signatures'][sig] = re.compile('.*' + sig, re.IGNORECASE)
print(')))', self.regex['code_signatures']) for sig in sigdef.get('gradle_signatures', []):
self.regex['gradle_signatures'][sig] = re.compile('.*' + sig, re.IGNORECASE)
# TODO: change this from global instance to dependency injection # TODO: change this from global instance to dependency injection
@ -412,7 +362,7 @@ def scan_source(build_dir, build=metadata.Build()):
return any(al in s for al in allowlisted) return any(al in s for al in allowlisted)
def suspects_found(s): def suspects_found(s):
for n, r in NON_FREE_GRADLE_LINES.items(): for n, r in _get_tool().regex['gradle_signatures'].items():
if r.match(s) and not is_allowlisted(s): if r.match(s) and not is_allowlisted(s):
yield n yield n