mirror of
https://github.com/kuhyx/scripts.git
synced 2026-07-04 11:43:03 +02:00
* Initial plan * fix: format shell scripts with shfmt (convert tabs to 2 spaces) Co-authored-by: kuhyx <147418882+kuhyx@users.noreply.github.com> * feat: enhance shell-check workflow for PR pre-merge validation - Add pull_request_target trigger to check PRs from forks - Add explicit failure message with instructions - Create BRANCH_PROTECTION.md with setup guide - Ensure workflow runs on all PRs targeting main/master Co-authored-by: kuhyx <147418882+kuhyx@users.noreply.github.com> * refactor: improve workflow security and remove redundant exit code - Remove pull_request_target to avoid executing untrusted fork code - Remove redundant exit 1 from failure step - Update documentation to reflect changes - Standard pull_request trigger handles forks securely Co-authored-by: kuhyx <147418882+kuhyx@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: kuhyx <147418882+kuhyx@users.noreply.github.com>
29 lines
654 B
Bash
29 lines
654 B
Bash
#!/usr/bin/env bash
|
|
# pacman-pre-unlock-hosts.sh - Temporarily unlock /etc/hosts before pacman
|
|
set -euo pipefail
|
|
|
|
# Source shared functions
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
# shellcheck source=hosts-guard-common.sh
|
|
source "$SCRIPT_DIR/hosts-guard-common.sh"
|
|
|
|
# Remove protective attributes
|
|
remove_host_attrs
|
|
|
|
# Stop guard services
|
|
stop_units_if_present
|
|
|
|
log_hook "pre" "unlocking(start)"
|
|
|
|
# Collapse any existing mount layers
|
|
collapse_mounts
|
|
|
|
# Ensure writable by remounting if still read-only
|
|
if is_ro_mount; then
|
|
mount -o remount,rw "$TARGET" > /dev/null 2>&1 || collapse_mounts
|
|
fi
|
|
|
|
log_hook "pre" "unlocking(done)"
|
|
|
|
exit 0
|