contrib: improve optimize-pngs.py
- Check that image contents match pre- and post- crushing. - Also remove use of external tool to compute sha256 in favor of hashlib. - contrib: remove all use of shell=True in strip_pngs.py Using `shell=True` can be a security hazard. See e.g. https://docs.python.org/2/library/subprocess.html#subprocess.check_output
This commit is contained in:
parent
42f6a0c2b9
commit
905711f0a1
1 changed files with 33 additions and 9 deletions
|
@ -3,12 +3,28 @@
|
|||
import os
|
||||
import sys
|
||||
import subprocess
|
||||
import hashlib
|
||||
from PIL import Image
|
||||
|
||||
def file_hash(filename):
|
||||
'''Return hash of raw file contents'''
|
||||
with open(filename, 'rb') as f:
|
||||
return hashlib.sha256(f.read()).hexdigest()
|
||||
|
||||
def content_hash(filename):
|
||||
'''Return hash of RGBA contents of image'''
|
||||
i = Image.open(filename)
|
||||
i = i.convert('RGBA')
|
||||
data = i.tostring()
|
||||
return hashlib.sha256(data).hexdigest()
|
||||
|
||||
#optimize png, remove various color profiles, remove ancillary chunks (alla) and text chunks (text)
|
||||
#pngcrush -brute -ow -rem gAMA -rem cHRM -rem iCCP -rem sRGB -rem alla -rem text
|
||||
|
||||
pngcrush = 'pngcrush'
|
||||
git = 'git'
|
||||
folders = ["src/qt/res/movies", "src/qt/res/icons", "src/qt/res/images"]
|
||||
basePath = subprocess.check_output("git rev-parse --show-toplevel", shell=True).rstrip('\n')
|
||||
basePath = subprocess.check_output([git, 'rev-parse', '--show-toplevel']).rstrip('\n')
|
||||
totalSaveBytes = 0
|
||||
|
||||
outputArray = []
|
||||
|
@ -19,30 +35,38 @@ for folder in folders:
|
|||
if extension.lower() == '.png':
|
||||
print("optimizing "+file+"..."),
|
||||
file_path = os.path.join(absFolder, file)
|
||||
fileMetaMap = {'file' : file, 'osize': os.path.getsize(file_path), 'sha256Old' : subprocess.check_output("openssl dgst -sha256 "+file_path, shell=True).rstrip('\n')};
|
||||
fileMetaMap = {'file' : file, 'osize': os.path.getsize(file_path), 'sha256Old' : file_hash(file_path)};
|
||||
fileMetaMap['contentHashPre'] = content_hash(file_path)
|
||||
|
||||
pngCrushOutput = ""
|
||||
try:
|
||||
pngCrushOutput = subprocess.check_output("pngcrush -brute -ow -rem gAMA -rem cHRM -rem iCCP -rem sRGB -rem alla -rem text "+file_path+" >/dev/null 2>&1", shell=True).rstrip('\n')
|
||||
pngCrushOutput = subprocess.check_output(
|
||||
[pngcrush, "-brute", "-ow", "-rem", "gAMA", "-rem", "cHRM", "-rem", "iCCP", "-rem", "sRGB", "-rem", "alla", "-rem", "text", file_path],
|
||||
stderr=subprocess.STDOUT).rstrip('\n')
|
||||
except:
|
||||
print "pngcrush is not installed, aborting..."
|
||||
sys.exit(0)
|
||||
|
||||
#verify
|
||||
if "Not a PNG file" in subprocess.check_output("pngcrush -n -v "+file_path+" >/dev/null 2>&1", shell=True):
|
||||
if "Not a PNG file" in subprocess.check_output([pngcrush, "-n", "-v", file_path], stderr=subprocess.STDOUT):
|
||||
print "PNG file "+file+" is corrupted after crushing, check out pngcursh version"
|
||||
sys.exit(1)
|
||||
|
||||
fileMetaMap['sha256New'] = file_hash(file_path)
|
||||
fileMetaMap['contentHashPost'] = content_hash(file_path)
|
||||
|
||||
if fileMetaMap['contentHashPre'] != fileMetaMap['contentHashPost']:
|
||||
print "Image contents of PNG file "+file+" before and after crushing don't match"
|
||||
sys.exit(1)
|
||||
|
||||
fileMetaMap['sha256New'] = subprocess.check_output("openssl dgst -sha256 "+file_path, shell=True).rstrip('\n')
|
||||
fileMetaMap['psize'] = os.path.getsize(file_path)
|
||||
outputArray.append(fileMetaMap)
|
||||
print("done\n"),
|
||||
|
||||
print "summary:\n+++++++++++++++++"
|
||||
for fileDict in outputArray:
|
||||
oldHash = fileDict['sha256Old'].split("= ")[1]
|
||||
newHash = fileDict['sha256New'].split("= ")[1]
|
||||
oldHash = fileDict['sha256Old']
|
||||
newHash = fileDict['sha256New']
|
||||
totalSaveBytes += fileDict['osize'] - fileDict['psize']
|
||||
print fileDict['file']+"\n size diff from: "+str(fileDict['osize'])+" to: "+str(fileDict['psize'])+"\n old sha256: "+oldHash+"\n new sha256: "+newHash+"\n"
|
||||
|
||||
|
|
Loading…
Reference in a new issue