Light

wprobot / wordpress-scanner Goto Github PK

View Code? Open in Web Editor NEW

This project forked from jmhobbs/wordpress-scanner

0.0 1.0 0.0 27 KB

CLI to scan plugin directories, and an HTTP server to scan zips from Wordpress.org

Makefile 2.04% Go 97.96%

wordpress-scanner's Introduction

This is an experimental server which downloads plugins from WordPress.org on demand, and hashes their contents.

The idea is that a client could check the hashes against their existing files to quickly check if the plugin has been hacked or otherwise corrupted.

Endpoints

GET /plugin/{name}/{version} - Get hashes for a plugin from wordpress.org
POST /plugin/{name}/{version}/diff - Compare a client hash against a wordpress.org hash
GET /plugin - List of plugins we have hashed versions of
GET /plugin/{name} - List of versions we have hashed

Binary Encoding

I wrote a custom binary encoding of the Scan struct for storage and wire xfer. A scan of bbpress 2.3 (PHP files only) compares as such:

Bytes	JSON	Binary
Plain	11684	7973
gzipped	2153	1985

You don't gain much after gzip, but it's still interesting, and decoding should be faster than JSON.

If we move to a prefix tree, I think we could easily go even smaller.

Ideas

https://github.com/d4l3k/messagediff - Diff the output of client/server
Optionally use protobufs
Make sure gzip is on
HTTP/2?
TLS & Auth
Use a tree structure (radix tree?) and binary encoding for xfer
Hash at the directory level (sorted filenames + hashes)

wordpress-scanner's People

Contributors

Watchers

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.