#!/usr/bin/env python3
"""Download the vulnerable (1.26.1) and patched (1.26.2) Gitea binaries for the
current OS/arch into ./bin/. Cross-platform, stdlib only."""
import os, platform, stat, sys, urllib.request

VERSIONS = ["1.26.1", "1.26.2"]
HERE = os.path.dirname(os.path.abspath(__file__))
BIN  = os.path.join(HERE, "bin")

def arch():
    m = platform.machine().lower()
    if m in ("x86_64", "amd64"): return "amd64"
    if m in ("arm64", "aarch64"): return "arm64"
    return "amd64"

def asset(v):
    a = arch()
    if sys.platform.startswith("win"):
        return f"gitea-{v}-windows-4.0-{a}.exe", f"gitea-{v}.exe"
    if sys.platform == "darwin":
        # Gitea publishes a universal darwin build label per minor; 10.12 amd64 / arm64
        plat = "darwin-10.12" if a == "amd64" else "darwin-10.12"
        return f"gitea-{v}-{plat}-{a}", f"gitea-{v}"
    return f"gitea-{v}-linux-{a}", f"gitea-{v}"

def main():
    os.makedirs(BIN, exist_ok=True)
    for v in VERSIONS:
        remote, local = asset(v)
        url = f"https://github.com/go-gitea/gitea/releases/download/v{v}/{remote}"
        dst = os.path.join(BIN, local)
        print(f"[*] {v}: downloading {url}")
        urllib.request.urlretrieve(url, dst)
        if not sys.platform.startswith("win"):
            os.chmod(dst, os.stat(dst).st_mode | stat.S_IEXEC | stat.S_IXGRP | stat.S_IXOTH)
        print(f"[+] {v}: ready at {dst} ({os.path.getsize(dst):,} bytes)")

if __name__ == "__main__":
    main()