From 8334026e89ed60138039747b7fbfd40ecfc3e1a8 Mon Sep 17 00:00:00 2001
From: Azalea <22280294+hykilpikonna@users.noreply.github.com>
Date: Sat, 2 May 2026 16:40:48 +0000
Subject: [PATCH] [O] Remove revoked ssh keys on update-ssh-keys

---
 scripts/bin/update-ssh-keys.py | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/scripts/bin/update-ssh-keys.py b/scripts/bin/update-ssh-keys.py
index dc21af7..25deb04 100755
--- a/scripts/bin/update-ssh-keys.py
+++ b/scripts/bin/update-ssh-keys.py
@@ -47,19 +47,26 @@ def normalize_key(key: str) -> str:
     return ' '.join(key.split(' ')[:2])
 
 
+def is_github_key(key: str) -> bool:
+    parts = key.split()
+    return len(parts) >= 3 and parts[2].endswith('@github')
+
+
 def update_ssh_keys():
     all_keys = list(fetch_all_keys())
     normalized_keys = {normalize_key(k) for k in all_keys}
 
     existing_keys = set(KEYS_PATH.read_text('utf-8').strip().splitlines()) \
         if KEYS_PATH.is_file() else set()
+    existing_normalized_keys = {normalize_key(k) for k in existing_keys}
     for k in existing_keys:
-        if normalize_key(k) not in normalized_keys:
+        if normalize_key(k) not in normalized_keys and not is_github_key(k):
             all_keys.append(k)
 
-    len_diff = len(all_keys) - len(existing_keys)
-    if len_diff > 0:
-        printc(f"&aSSH Keys Updated! Added {len_diff} keys")
+    len_added = len([k for k in all_keys if normalize_key(k) not in existing_normalized_keys])
+    len_removed = len([k for k in existing_keys if is_github_key(k) and normalize_key(k) not in normalized_keys])
+    if len_added > 0 or len_removed > 0:
+        printc(f"&aSSH Keys Updated! Added {len_added} keys, removed {len_removed} revoked GitHub keys")
 
     KEYS_PATH.write_text('\n'.join(all_keys))
 
@@ -132,4 +139,4 @@ if __name__ == "__main__":
             Usage: update-ssh-keys.py
             - add/remove [github username]
             - list
-            """))
\ No newline at end of file
+            """))