From 628458f49233093226565f8de324feb48cfbecc8 Mon Sep 17 00:00:00 2001 From: rogu3bear Date: Tue, 12 May 2026 09:47:53 -0500 Subject: [PATCH] ci(pointer): scan all docs for premature distribution claims --- .../PointerDesignerTests/IdentityTests.swift | 2 ++ scripts/check-distribution-boundary.sh | 15 +++++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/apps/macos/Tests/PointerDesignerTests/IdentityTests.swift b/apps/macos/Tests/PointerDesignerTests/IdentityTests.swift index 77047c0..648af14 100644 --- a/apps/macos/Tests/PointerDesignerTests/IdentityTests.swift +++ b/apps/macos/Tests/PointerDesignerTests/IdentityTests.swift @@ -335,6 +335,8 @@ final class IdentityTests: XCTestCase { let rootReadme = try loadText(relativeToThisFile: "../../../../README.md") XCTAssertTrue(script.contains("Casks apps/macos/Casks homebrew Formula")) + XCTAssertTrue(script.contains("--glob '*.md'")) + XCTAssertTrue(script.contains("--glob '!apps/macos/.build/**'")) XCTAssertTrue(script.contains("brew install --cask cursor-designer-osx")) XCTAssertTrue(script.contains("Cursor Designer distribution-boundary check passed.")) XCTAssertTrue(workflow.contains("./scripts/check-distribution-boundary.sh")) diff --git a/scripts/check-distribution-boundary.sh b/scripts/check-distribution-boundary.sh index 91fde9c..09baa04 100755 --- a/scripts/check-distribution-boundary.sh +++ b/scripts/check-distribution-boundary.sh @@ -17,9 +17,16 @@ if find Casks apps/macos/Casks homebrew Formula \ exit 1 fi -scan_files=( - "README.md" - "apps/macos/README.md" +scan_paths=( + "." +) + +rg_args=( + --line-number + --fixed-strings + --glob '*.md' + --glob '!.git/**' + --glob '!apps/macos/.build/**' ) forbidden_patterns=( @@ -30,7 +37,7 @@ forbidden_patterns=( ) for pattern in "${forbidden_patterns[@]}"; do - if rg --line-number --fixed-strings "$pattern" "${scan_files[@]}"; then + if rg "${rg_args[@]}" "$pattern" "${scan_paths[@]}"; then echo "ERROR: unverified public distribution instruction found: $pattern" >&2 echo "Stable download and Homebrew claims require a notarized artifact, matching release digest, and manual release evidence." >&2 exit 1