LocalCDN-Firefox-Chrome-Brave/audit/README.md

### Introduction
This script makes it possible for any user and extension reviewer to verify the integrity of the resources bundled. It compares all libraries with their original sources. Optionally, a local Tor proxy can be used. In total, there are over 1000 files in LocalCDN. This process can take between 5 and 15 minutes.

### Prerequisites
* GNU/Linux (Debian, Ubuntu,...)
* Bash >= 4.4
* LocalCDN >= v2.6.3
* Local Tor SOCKS5 Proxy (optional, but recommended)


### Settings
* Use local Tor Proxy
  * `USE_TOR=true` slow (~ 15 minutes)
  * `USE_TOR=false` fast (~ 4 minutes)
* Generate the THIRD_PARTY.txt file. This file contains all source URLs that were used for the check.
  * `CREATE_THIRD_PARTY_FILE=true`
  * `CREATE_THIRD_PARTY_FILE=false`


### Tor Proxy
* Install Tor Proxy
  * `sudo apt install tor`
  * e.g. https://linuxconfig.org/install-tor-proxy-on-ubuntu-20-04-linux
* Check Tor
  * `systemctl status tor@default.service`
  * `systemctl status tor.service`


### How to start
Open up a terminal and cd into this directory. However you run the script, the output can be redirected to a file with ` > output.txt`
* Check all files:
  * `bash audit.sh`
  * `bash audit.sh > output.txt`
* Check only one library. Choose the folder name from `/resources/`, e.g. `jquery`:
  * `bash audit.sh jquery`
  * `bash audit.sh jquery > output.txt`
* Check all files and replace in case of hash mismatch:
  * `bash audit.sh replace`
  * `bash audit.sh replace > output.txt`
* Check only one library files and replace in case of hash mismatch. Choose the folder name from `/resources/`, e.g. `jquery`:
  * `bash audit.sh replace jquery`
  * `bash audit.sh replace jquery > output.txt`
Audit script moved and doc added (#285) 2021-03-10 07:05:22 +01:00			`### Introduction`
			`This script makes it possible for any user and extension reviewer to verify the integrity of the resources bundled. It compares all libraries with their original sources. Optionally, a local Tor proxy can be used. In total, there are over 1000 files in LocalCDN. This process can take between 5 and 15 minutes.`

			`### Prerequisites`
			`* GNU/Linux (Debian, Ubuntu,...)`
			`* Bash >= 4.4`
			`* LocalCDN >= v2.6.3`
			`* Local Tor SOCKS5 Proxy (optional, but recommended)`


			`### Settings`
			`* Use local Tor Proxy`
			* `USE_TOR=true` slow (~ 15 minutes)
			* `USE_TOR=false` fast (~ 4 minutes)
			`* Generate the THIRD_PARTY.txt file. This file contains all source URLs that were used for the check.`
			* `CREATE_THIRD_PARTY_FILE=true`
			* `CREATE_THIRD_PARTY_FILE=false`


			`### Tor Proxy`
			`* Install Tor Proxy`
			* `sudo apt install tor`
			`* e.g. https://linuxconfig.org/install-tor-proxy-on-ubuntu-20-04-linux`
			`* Check Tor`
			* `systemctl status tor@default.service`
			* `systemctl status tor.service`


			`### How to start`
			Open up a terminal and cd into this directory. However you run the script, the output can be redirected to a file with ` > output.txt`
			`* Check all files:`
			* `bash audit.sh`
			* `bash audit.sh > output.txt`
			* Check only one library. Choose the folder name from `/resources/`, e.g. `jquery`:
			* `bash audit.sh jquery`
			* `bash audit.sh jquery > output.txt`
			`* Check all files and replace in case of hash mismatch:`
			* `bash audit.sh replace`
			* `bash audit.sh replace > output.txt`
			* Check only one library files and replace in case of hash mismatch. Choose the folder name from `/resources/`, e.g. `jquery`:
			* `bash audit.sh replace jquery`
			* `bash audit.sh replace jquery > output.txt`