[licensecheck]
flags = copyright
apt = licensecheck | devscripts (<< 2.16.6~)
command = licensecheck --check=. --recursive --copyright .
# TODO: is --check=. reasonable?

[suspicious-source]
# We need:
#   devscripts (<< 2.13.1~), python-magic
# or
#   devscripts (>= 2.13.1~), python3-magic
apt = devscripts, devscripts (>= 2.13.1~) | python-magic, devscripts (<< 2.13.1~) | python3-magic
command = suspicious-source

[licensecheck-generated-files]
apt = licensecheck | devscripts (<< 2.16.6~)
command = licensecheck --check=. --recursive --copyright . | grep -aF 'GENERATED FILE'

[licensecheck-incorrect-fsf-address]
apt = licensecheck | devscripts (<< 2.16.6~)
command = licensecheck --check=. --recursive --copyright . | grep -aF 'with incorrect FSF address'

[fdupes]
flags = fixme fixme-ignore
apt = fdupes
command = fdupes -q -r . | grep -vE '/(\.(git|svn|bzr|hg|sgdrawer|pc)|_(darcs|FOSSIL_)|CVS)(/|$)' | cat -s

[bitmap-gimp]
flags = images
comment = Check with upstream where the GIMP XCF source files are.
files = *.png *.gif *.jpg *.jpeg
types = image/*
command = grep -nHiF gimp {files}

[bitmap-inkscape]
flags = images
comment = Check with upstream where the Inkscape SVG source files are.
files = *.png *.gif *.jpg *.jpeg
types = image/*
command = grep -nHiF inkscape {files}

[bitmap-synfig]
flags = images
comment = Check with upstream where the Synfig SIF source files are.
files = *.png *.gif *.jpg *.jpeg
types = image/*
command = grep -nHi 'SINFG|SYNFIG' {files}

[bitmap-povray]
flags = images
comment = Check with upstream where the POV-Ray POV source files are.
files = *.png *.gif *.jpg *.jpeg
types = image/*
command = grep -nHiF 'POV-Ray' {files}

[bitmap-gnuplot]
flags = images
comment = Check with upstream where the gnuplot scripts are.
files = *.png *.gif *.jpg *.jpeg
types = image/*
command = grep -nHiF 'gnuplot' {files}

[bitmap-base64]
flags = images
files = *.xml *.html *.xhtml *.svg
comment = Check with upstream why they are storing binary data in plain text form.
command = grep -nHoP 'data:image/[a-z0-9]*;base64,.{{20}}' {files}

[cpuinfo]
comment = Parsing /proc/cpuinfo is not portable at all, use /sys instead.
command = grep -nHrF /proc/cpuinfo .

[readme-install]
comment = Users of binary packages do not need install instructions.
files = *README*
not-files = README.md README.rst README.install
command = grep -nHiF install {files}

[autoupdate]
flags = modify
apt = autoconf
files = configure.ac configure.in
command = autoupdate
comment = Overwrites configure.ac (#776559)

[autoscan]
flags = modify
apt = autoconf
files = configure.ac configure.in
command = autoscan
comment = Overwrites autom4te.cache/ autoscan.log configure.scan (#818572)

[empty]
types = inode/x-empty
command = find . \( -name .git -o -name .svn -o -name .bzr -o -name CVS -o -name .hg -o -name _darcs -o -name _FOSSIL_ -o -name .sgdrawer -o -name .pc \) -prune -o -empty -print

[todo]
command = grep -nHriE 'fixme|todo|hack|xxx+|broken' .

[isutf8]
apt = moreutils
not-dirs = .git .svn .bzr CVS .hg _darcs _FOSSIL_ .sgdrawer .pc
flags = fixme fixme-ignore
comment = A recursive option needs to be implemented (#780197)
not-files =
 *.blend
 *.icns *.bmp *.ico *.png *.gif *.jpg *.jpeg *.tga *.xcf *.tif *.tiff
 *.mo *.gmo
 *.gz *.bz2 *.xz *.lz *.zip *.tar *.deb
 *.pdf *.odt *.docx *.doc
 *.chm
 *.torrent
 *.pyc *.pyo *.o *.so *.so.* *.debug
 *.wav *.ogg *.oga *.ogv *.mid *.mp3 *.flac
 *.ttf *.otf *.fon
 *.pgp *.gpg
 *.dat
types = text/*
command = isutf8 {files}

[disabled-tests]
command = grep -nHriEC1 '((check|test) *\|\| *true|-dh_auto_test)' .

[timeless]
comment = Prevents reproducible builds: https://reproducible-builds.org/
command = grep -nHrE '__DATE__|__TIME__|__TIMESTAMP__' .

[project-flint]
flags = todo
comment = #809042 https://github.com/pengwynn/flint

[http]
comment = check if these can be switched to https://
command = grep -nHrF http: .

[embed-readme]
flags = embed
files = *README*
comment = Please check if these README files belong to embedded code/data copies.
command = find . -mindepth 2 -iname '*README*'

[embed-dirs]
flags = embed
comment = Please check if these directories contain embedded code/data copies.
command = find . -type d -name 'vendor*' -o -iname '*rd*party' -o -iname 3rdp -o -name contrib -o -name imports -o -name node_modules -o -iname external -o -iname deps -o -name inc

[mailto]
comment = As per RFC 6068, there should be no slashes after "mailto:".
command = grep -nHrF mailto:/ .

# TODO: EC2_SECRET_KEY
# TODO: curl -k --insecure
# TODO: wget --no-check-certificate
# TODO: svn --trust-server-cert
# TODO: bogomips
# TODO: ripper
# TODO: similarity-tester sim_text
# TODO: https://github.com/coala/coala
# TODO: https://github.com/nexB/scancode-toolkit/
# TODO: https://github.com/jeremylong/DependencyCheck/
# TODO: http://www.coding-guidelines.com/numbers/
# TODO: ebnflint
# TODO: http://fbinfer.com/ #789059
# TODO: https://github.com/facebook/pfff/wiki/Scheck
# TODO: http://jwilk.net/software/urlycue
# TODO: https://github.com/dlenski/wtf
# TODO: https://marc-stevens.nl/research/software/download.php?file=libdetectcoll-0.2.zip
# TODO: https://github.com/cr-marcstevens/sha1collisiondetection
# TODO: https://github.com/dxa4481/truffleHog

# vim:ft=dosini
