From 0c772829acadd67f6a47a3db4a28340115f46787 Mon Sep 17 00:00:00 2001
From: Raphael Zimmermann <mail@raphael.li>
Date: Tue, 9 Jul 2024 21:12:44 +0200
Subject: [PATCH] Allow whitelisting of components in
 update-verification-metadata

---
 update-verification-metadata/default.nix               |  4 +++-
 .../update-verification-metadata.py                    | 10 +++++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/update-verification-metadata/default.nix b/update-verification-metadata/default.nix
index 0875cd6..20a497a 100644
--- a/update-verification-metadata/default.nix
+++ b/update-verification-metadata/default.nix
@@ -1,4 +1,5 @@
 {
+  lib,
   python3,
   git,
   writeShellApplication,
@@ -6,6 +7,7 @@
   updateAction ? "dependencies",
   cmd ? "gradle --refresh-dependencies --write-verification-metadata sha256 ${updateAction}",
   verificationFile ? "gradle/verification-metadata.xml",
+  whitelist ? [],
 }:
 writeShellApplication {
   name = "update-verification-metadata";
@@ -19,7 +21,7 @@ writeShellApplication {
       exit 1
     fi
     echo "Removing all component entries from $verificationFile ..."
-    python ${./update-verification-metadata.py} "$verificationFile"
+    python ${./update-verification-metadata.py} "$verificationFile" ${builtins.toString (builtins.map lib.escapeShellArg whitelist)}
     echo "Regenerating gradle verification data ..."
     ${cmd}
   '';
diff --git a/update-verification-metadata/update-verification-metadata.py b/update-verification-metadata/update-verification-metadata.py
index 057864c..c780b6a 100755
--- a/update-verification-metadata/update-verification-metadata.py
+++ b/update-verification-metadata/update-verification-metadata.py
@@ -2,6 +2,9 @@
 import xml.etree.ElementTree as ET
 
 verification_file = sys.argv[1]
+whitelist = sys.argv[1:]
+whitelist_set = set(tuple(item.split(':')) for item in whitelist)
+
 namespaces={'': "https://schema.gradle.org/dependency-verification"}
 ET.register_namespace("", namespaces[''])
 
@@ -10,7 +13,12 @@
 root = tree.getroot()
 components = root.find('components', namespaces)
 if (components):
-    root.remove(components)
+  for component in list(components):
+        group = component.get('group')
+        name = component.get('name')
+        version = component.get('version')
+        if (group, name, version) not in whitelist_set:
+            components.remove(component)
 
 tree.write(verification_file, encoding='UTF-8', xml_declaration=True)