#!/usr/bin/env bash set -euo pipefail ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)" cd "$ROOT" python3 - <<'PY' import json, pathlib, hashlib, tomllib for p in pathlib.Path('.').rglob('*.json'): json.load(open(p, encoding='utf-8')) print('JSON OK', p) for p in pathlib.Path('.').rglob('*.toml'): tomllib.load(open(p, 'rb')) print('TOML OK', p) manifest = json.load(open('manifest/sha256-manifest.json')) fail = 0 for e in manifest: p = pathlib.Path(e['path']) if not p.exists(): print('MISSING', p); fail += 1; continue h = hashlib.sha256(p.read_bytes()).hexdigest() if h != e['sha256']: print('HASH FAIL', p); fail += 1 if fail: raise SystemExit(fail) print('SHA256 OK') PY for f in $(find . -name '*.sh'); do bash -n "$f"; echo "BASH OK $f"; done grep -RIn "PUT_\|Signature verification hook required\|NOT TESTED" . || true