#!/usr/local/bin/perl
# vim:sts=4 sw=4

use strict;
use warnings;
use 5.024;

$" = ", ";
for (<STDIN>) {
    chomp;
    my ($old, $new, $ref) = split / /;

  REV: for my $rev (qx{git log --format="%H" $new --not --all}) {
	chomp $rev;

	my ($seen,$other) = (0,0);

	for my $line (qx{git diff --name-only $rev~1..$rev}) {
	    chomp ($line);
	    if ($line =~ m{\Asecurity/vuxml/vuln(?:-\d{4})?.xml\z}oms) {
		$seen = 1;
	    } else {
		$other = 1;
	    }
	}

	if ($seen && 'refs/heads/main' ne $ref) {
	    die "\n================================================================\n" .
	      "Commits to security/vuxml/vuln.xml are only allowed on main".
	      "\n================================================================\n";
	}
	if ($seen && $other) {
	    die "\n================================================================\n" .
	      "Commit to security/vuxml/vuln.xml first, and then other files".
	      "\n================================================================\n";
	}
    }
}

exit 0;