Class: Homebrew::FormulaAuditor
- Inherits:
-
Object
- Object
- Homebrew::FormulaAuditor
show all
- Includes:
- FormulaCellarChecks
- Defined in:
- brew/Library/Homebrew/dev-cmd/audit.rb
Constant Summary
collapse
- PROVIDED_BY_MACOS_DEPENDS_ON_ALLOWLIST =
%w[
apr
apr-util
libressl
openblas
openssl@1.1
].freeze
- PERMITTED_LICENSE_MISMATCHES =
{
"AGPL-3.0" => ["AGPL-3.0-only", "AGPL-3.0-or-later"],
"GPL-2.0" => ["GPL-2.0-only", "GPL-2.0-or-later"],
"GPL-3.0" => ["GPL-3.0-only", "GPL-3.0-or-later"],
"LGPL-2.1" => ["LGPL-2.1-only", "LGPL-2.1-or-later"],
"LGPL-3.0" => ["LGPL-3.0-only", "LGPL-3.0-or-later"],
}.freeze- PERMITTED_FORMULA_LICENSE_MISMATCHES =
{
"cmockery" => "0.1.2",
"scw@1" => "1.20",
}.freeze- VERSIONED_KEG_ONLY_ALLOWLIST =
openssl@1.1 only needed for Linux
%w[
autoconf@2.13
bash-completion@2
clang-format@8
gnupg@1.4
libsigc++@2
lua@5.1
numpy@1.16
openssl@1.1
python@3.8
].freeze
- CERT_ERROR_ALLOWLIST =
{
"hashcat" => "https://hashcat.net/hashcat/",
"jinx" => "https://www.jinx-lang.org/",
"lmod" => "https://www.tacc.utexas.edu/research-development/tacc-projects/lmod",
"micropython" => "https://www.micropython.org/",
"monero" => "https://www.getmonero.org/",
}.freeze- VERSIONED_HEAD_SPEC_ALLOWLIST =
%w[
bash-completion@2
imagemagick@6
].freeze
- THROTTLED_FORMULAE =
{
"aws-sdk-cpp" => 10,
"awscli@1" => 10,
"balena-cli" => 10,
"gatsby-cli" => 10,
"quicktype" => 10,
"vim" => 50,
}.freeze- UNSTABLE_ALLOWLIST =
{
"aalib" => "1.4rc",
"automysqlbackup" => "3.0-rc",
"aview" => "1.3.0rc",
"elm-format" => "0.6.0-alpha",
"ftgl" => "2.1.3-rc",
"hidapi" => "0.8.0-rc",
"libcaca" => "0.99b",
"premake" => "4.4-beta",
"pwnat" => "0.3-beta",
"recode" => "3.7-beta",
"speexdsp" => "1.2rc",
"sqoop" => "1.4.",
"tcptraceroute" => "1.5beta",
"tiny-fugue" => "5.0b",
"vbindiff" => "3.0_beta",
}.freeze- UNSTABLE_DEVEL_ALLOWLIST =
used for formulae that are unstable but need CI run without being in homebrew/core
{
"python@3.9" => "3.9.0rc",
}.freeze- GNOME_DEVEL_ALLOWLIST =
{
"libart" => "2.3",
"gtk-mac-integration" => "2.1",
"gtk-doc" => "1.31",
"gcab" => "1.3",
"libepoxy" => "1.5",
}.freeze
FormulaCellarChecks::VALID_LIBRARY_EXTENSIONS
Instance Attribute Summary collapse
Class Method Summary
collapse
Instance Method Summary
collapse
#audit_installed, #check_easy_install_pth, #check_elisp_dirname, #check_elisp_root, #check_env_path, #check_generic_executables, #check_infopages, #check_jars, #check_linkage, #check_manpages, #check_non_executables, #check_non_libraries, #check_openssl_links, #check_plist, #check_python_framework_links, #check_python_packages, #check_shadowed_headers, #check_shim_references, #generic_audit_installed, #generic_valid_library_extension?, #valid_library_extension?
Constructor Details
#initialize(formula, options = {}) ⇒ FormulaAuditor
Returns a new instance of FormulaAuditor.
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 227
def initialize(formula, options = {})
@formula = formula
@versioned_formula = formula.versioned_formula?
@new_formula_inclusive = options[:new_formula]
@new_formula = options[:new_formula] && !@versioned_formula
@strict = options[:strict]
@online = options[:online]
@build_stable = options[:build_stable]
@git = options[:git]
@display_cop_names = options[:display_cop_names]
@only = options[:only]
@except = options[:except]
@style_offenses = options[:style_offenses]
@core_tap = formula.tap&.core_tap? || options[:core_tap]
@problems = []
@new_formula_problems = []
@text = FormulaText.new(formula.path)
@specs = %w[stable head].map { |s| formula.send(s) }.compact
@spdx_license_data = options[:spdx_license_data]
@spdx_exception_data = options[:spdx_exception_data]
end
|
Instance Attribute Details
Returns the value of attribute formula.
225
226
227
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 225
def formula
@formula
end
|
Returns the value of attribute new_formula_problems.
225
226
227
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 225
def new_formula_problems
@new_formula_problems
end
|
#problems ⇒ Object
Returns the value of attribute problems.
225
226
227
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 225
def problems
@problems
end
|
#text ⇒ Object
Returns the value of attribute text.
225
226
227
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 225
def text
@text
end
|
Class Method Details
.aliases ⇒ Object
330
331
332
333
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 330
def self.aliases
@aliases ||= Formula.aliases + Formula.tap_aliases
end
|
Instance Method Details
#audit ⇒ Object
966
967
968
969
970
971
972
973
974
975
976
977
978
979
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 966
def audit
only_audits = @only
except_audits = @except
methods.map(&:to_s).grep(/^audit_/).each do |audit_method_name|
name = audit_method_name.delete_prefix("audit_")
if only_audits
next unless only_audits.include?(name)
elsif except_audits
next if except_audits.include?(name)
end
send(audit_method_name)
end
end
|
#audit_bitbucket_repository ⇒ Object
663
664
665
666
667
668
669
670
671
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 663
def audit_bitbucket_repository
user, repo = get_repo_data(%r{https?://bitbucket\.org/([^/]+)/([^/]+)/?.*}) if @new_formula
return if user.blank?
warning = SharedAudits.bitbucket(user, repo)
return if warning.nil?
new_formula_problem warning
end
|
#audit_bottle_disabled ⇒ Object
607
608
609
610
611
612
613
614
615
616
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 607
def audit_bottle_disabled
return unless formula.bottle_disabled?
return if formula.bottle_unneeded?
problem "Unrecognized bottle modifier" unless formula.bottle_disable_reason.valid?
return unless @core_tap
problem "Formulae in homebrew/core should not use `bottle :disabled`"
end
|
#audit_bottle_spec ⇒ Object
595
596
597
598
599
600
601
602
603
604
605
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 595
def audit_bottle_spec
return unless @new_formula_inclusive
return unless @core_tap
return if formula.bottle_disabled?
return unless formula.bottle_defined?
new_formula_problem "New formulae in homebrew/core should not have a `bottle do` block"
end
|
#audit_conflicts ⇒ Object
#audit_deps ⇒ Object
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 432
def audit_deps
@specs.each do |spec|
spec.deps.each do |dep|
begin
dep_f = dep.to_formula
rescue TapFormulaUnavailableError
next
rescue FormulaUnavailableError
problem "Can't find dependency #{dep.name.inspect}."
next
rescue TapFormulaAmbiguityError
problem "Ambiguous dependency #{dep.name.inspect}."
next
rescue TapFormulaWithOldnameAmbiguityError
problem "Ambiguous oldname dependency #{dep.name.inspect}."
next
end
if dep_f.oldname && dep.name.split("/").last == dep_f.oldname
problem "Dependency '#{dep.name}' was renamed; use new name '#{dep_f.name}'."
end
if self.class.aliases.include?(dep.name) &&
dep_f.core_formula? && !dep_f.versioned_formula?
problem "Dependency '#{dep.name}' from homebrew/core is an alias; " \
"use the canonical name '#{dep.to_formula.full_name}'."
end
if @core_tap &&
@new_formula &&
dep_f.keg_only? &&
dep_f.keg_only_reason.provided_by_macos? &&
dep_f.keg_only_reason.applicable? &&
!PROVIDED_BY_MACOS_DEPENDS_ON_ALLOWLIST.include?(dep.name)
new_formula_problem(
"Dependency '#{dep.name}' is provided by macOS; " \
"please replace 'depends_on' with 'uses_from_macos'.",
)
end
dep.options.each do |opt|
next if @core_tap
next if dep_f.option_defined?(opt)
next if dep_f.requirements.find do |r|
if r.recommended?
opt.name == "with-#{r.name}"
elsif r.optional?
opt.name == "without-#{r.name}"
end
end
problem "Dependency #{dep} does not define option #{opt.name.inspect}"
end
problem "Don't use git as a dependency (it's always available)" if @new_formula && dep.name == "git"
problem "Dependency '#{dep.name}' is marked as :run. Remove :run; it is a no-op." if dep.tags.include?(:run)
next unless @core_tap
if dep.tags.include?(:recommended) || dep.tags.include?(:optional)
problem "Formulae in homebrew/core should not have optional or recommended dependencies"
end
end
next unless @core_tap
if spec.requirements.map(&:recommended?).any? || spec.requirements.map(&:optional?).any?
problem "Formulae in homebrew/core should not have optional or recommended requirements"
end
end
end
|
#audit_file ⇒ Object
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 264
def audit_file
if formula.core_formula? && @versioned_formula
unversioned_formula = begin
full_name = if formula.tap
"#{formula.tap}/#{formula.name}"
else
formula.name
end
Formulary.factory(full_name.gsub(/@.*$/, "")).path
rescue FormulaUnavailableError, TapFormulaAmbiguityError,
TapFormulaWithOldnameAmbiguityError
Pathname.new formula.path.to_s.gsub(/@.*\.rb$/, ".rb")
end
unless unversioned_formula.exist?
unversioned_name = unversioned_formula.basename(".rb")
problem "#{formula} is versioned but no #{unversioned_name} formula exists"
end
elsif @build_stable && formula.stable? &&
!(versioned_formulae = formula.versioned_formulae).empty?
versioned_aliases = formula.aliases.grep(/.@\d/)
_, last_alias_version = versioned_formulae.map(&:name).last.split("@")
alias_name_major = "#{formula.name}@#{formula.version.major}"
alias_name_major_minor = "#{alias_name_major}.#{formula.version.minor}"
alias_name = if last_alias_version.split(".").length == 1
alias_name_major
else
alias_name_major_minor
end
valid_alias_names = [alias_name_major, alias_name_major_minor]
unless @core_tap
versioned_aliases.map! { |a| "#{formula.tap}/#{a}" }
valid_alias_names.map! { |a| "#{formula.tap}/#{a}" }
end
if alias_name_major_minor == "adoptopenjdk@1.8"
valid_alias_names << "adoptopenjdk@8"
valid_alias_names.delete "adoptopenjdk@1"
end
valid_versioned_aliases = versioned_aliases & valid_alias_names
invalid_versioned_aliases = versioned_aliases - valid_alias_names
if valid_versioned_aliases.empty?
if formula.tap
problem <<~EOS
Formula has other versions so create a versioned alias:
cd #{formula.tap.alias_dir}
ln -s #{formula.path.to_s.gsub(formula.tap.path, "..")} #{alias_name}
EOS
else
problem "Formula has other versions so create an alias named #{alias_name}."
end
end
if invalid_versioned_aliases.present?
problem <<~EOS
Formula has invalid versioned aliases:
#{invalid_versioned_aliases.join("\n ")}
EOS
end
end
end
|
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 335
def audit_formula_name
return unless @strict
return unless @core_tap
name = formula.name
problem "'#{name}' is not allowed in homebrew/core." if MissingFormula.disallowed_reason(name)
if Formula.aliases.include? name
problem "Formula name conflicts with existing aliases in homebrew/core."
return
end
if oldname = CoreTap.instance.formula_renames[name]
problem "'#{name}' is reserved as the old name of #{oldname} in homebrew/core."
return
end
return if formula.core_formula?
return unless Formula.core_names.include?(name)
problem "Formula name conflicts with existing core formula."
end
|
#audit_github_repository ⇒ Object
642
643
644
645
646
647
648
649
650
651
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 642
def audit_github_repository
user, repo = get_repo_data(%r{https?://github\.com/([^/]+)/([^/]+)/?.*}) if @new_formula
return if user.blank?
warning = SharedAudits.github(user, repo)
return if warning.nil?
new_formula_problem warning
end
|
#audit_github_repository_archived ⇒ Object
618
619
620
621
622
623
624
625
626
627
628
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 618
def audit_github_repository_archived
return if formula.deprecated?
user, repo = get_repo_data(%r{https?://github\.com/([^/]+)/([^/]+)/?.*}) if @online
return if user.blank?
metadata = SharedAudits.github_repo_data(user, repo)
return if metadata.nil?
problem "GitHub repo is archived" if metadata["archived"]
end
|
#audit_gitlab_repository ⇒ Object
653
654
655
656
657
658
659
660
661
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 653
def audit_gitlab_repository
user, repo = get_repo_data(%r{https?://gitlab\.com/([^/]+)/([^/]+)/?.*}) if @new_formula
return if user.blank?
warning = SharedAudits.gitlab(user, repo)
return if warning.nil?
new_formula_problem warning
end
|
#audit_gitlab_repository_archived ⇒ Object
630
631
632
633
634
635
636
637
638
639
640
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 630
def audit_gitlab_repository_archived
return if formula.deprecated?
user, repo = get_repo_data(%r{https?://gitlab\.com/([^/]+)/([^/]+)/?.*}) if @online
return if user.blank?
metadata = SharedAudits.gitlab_repo_data(user, repo)
return if metadata.nil?
problem "GitLab repo is archived" if metadata["archived"]
end
|
#audit_homepage ⇒ Object
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 576
def audit_homepage
homepage = formula.homepage
return if homepage.nil? || homepage.empty?
return unless @online
return if CERT_ERROR_ALLOWLIST[formula.name] == homepage
return unless DevelopmentTools.curl_handles_most_https_certificates?
if http_content_problem = curl_check_http_content(homepage,
user_agents: [:browser, :default],
check_content: true,
strict: @strict)
problem http_content_problem
end
end
|
#audit_license ⇒ Object
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 380
def audit_license
if formula.license.present?
licenses, exceptions = SPDX.parse_license_expression formula.license
non_standard_licenses = licenses.reject { |license| SPDX.valid_license? license }
if non_standard_licenses.present?
problem <<~EOS
Formula #{formula.name} contains non-standard SPDX licenses: #{non_standard_licenses}.
For a list of valid licenses check: #{Formatter.url("https://spdx.org/licenses/")}
EOS
end
if @strict
deprecated_licenses = licenses.select do |license|
SPDX.deprecated_license? license
end
if deprecated_licenses.present?
problem <<~EOS
Formula #{formula.name} contains deprecated SPDX licenses: #{deprecated_licenses}.
You may need to add `-only` or `-or-later` for GNU licenses (e.g. `GPL`, `LGPL`, `AGPL`, `GFDL`).
For a list of valid licenses check: #{Formatter.url("https://spdx.org/licenses/")}
EOS
end
end
invalid_exceptions = exceptions.reject { |exception| SPDX.valid_license_exception? exception }
if invalid_exceptions.present?
problem <<~EOS
Formula #{formula.name} contains invalid or deprecated SPDX license exceptions: #{invalid_exceptions}.
For a list of valid license exceptions check:
#{Formatter.url("https://spdx.org/licenses/exceptions-index.html")}
EOS
end
return unless @online
user, repo = get_repo_data(%r{https?://github\.com/([^/]+)/([^/]+)/?.*})
return if user.blank?
github_license = GitHub.get_repo_license(user, repo)
return unless github_license
return if (licenses + ["NOASSERTION"]).include?(github_license)
return if PERMITTED_LICENSE_MISMATCHES[github_license]&.any? { |license| licenses.include? license }
return if PERMITTED_FORMULA_LICENSE_MISMATCHES[formula.name] == formula.version
problem "Formula license #{licenses} does not match GitHub license #{Array(github_license)}."
elsif @new_formula && @core_tap
problem "Formulae in homebrew/core must specify a license."
end
end
|
#audit_postgresql ⇒ Object
521
522
523
524
525
526
527
528
529
530
531
532
533
534
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 521
def audit_postgresql
return unless formula.name == "postgresql"
return unless @core_tap
major_version = formula.version.major.to_i
previous_major_version = major_version - 1
previous_formula_name = "postgresql@#{previous_major_version}"
begin
Formula[previous_formula_name]
rescue FormulaUnavailableError
problem "Versioned #{previous_formula_name} in homebrew/core must be created for " \
"`brew-postgresql-upgrade-database` and `pg_upgrade` to work."
end
end
|
#audit_prefix_has_contents ⇒ Object
947
948
949
950
951
952
953
954
955
956
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 947
def audit_prefix_has_contents
return unless formula.prefix.directory?
return unless Keg.new(formula.prefix).empty_installation?
problem <<~EOS
The installation seems to be empty. Please ensure the prefix
is set correctly and expected files are installed.
The prefix configure/make argument may be case-sensitive.
EOS
end
|
#audit_reverse_migration ⇒ Object
934
935
936
937
938
939
940
941
942
943
944
945
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 934
def audit_reverse_migration
return unless @strict
return unless @core_tap
return unless formula.tap.tap_migrations.key?(formula.name)
problem <<~EOS
#{formula.name} seems to be listed in tap_migrations.json!
Please remove #{formula.name} from present tap & tap_migrations.json
before submitting it to Homebrew/homebrew-#{formula.tap.repo}.
EOS
end
|
#audit_revision_and_version_scheme ⇒ Object
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 836
def audit_revision_and_version_scheme
return unless @git
return unless formula.tap return unless formula.tap.git? return if formula.stable.blank?
fv = FormulaVersions.new(formula)
current_version = formula.stable.version
current_checksum = formula.stable.checksum
current_version_scheme = formula.version_scheme
current_revision = formula.revision
previous_version = nil
previous_version_scheme = nil
previous_revision = nil
newest_committed_version = nil
newest_committed_checksum = nil
newest_committed_revision = nil
fv.rev_list("origin/master") do |rev|
fv.formula_at_revision(rev) do |f|
stable = f.stable
next if stable.blank?
previous_version = stable.version
previous_checksum = stable.checksum
previous_version_scheme = f.version_scheme
previous_revision = f.revision
newest_committed_version ||= previous_version
newest_committed_checksum ||= previous_checksum
newest_committed_revision ||= previous_revision
end
break if previous_version && current_version != previous_version
end
if current_version == previous_version &&
current_checksum != newest_committed_checksum
problem(
"stable sha256 changed without the version also changing; " \
"please create an issue upstream to rule out malicious " \
"circumstances and to find out why the file changed.",
)
end
if !newest_committed_version.nil? &&
current_version < newest_committed_version &&
current_version_scheme == previous_version_scheme
problem "stable version should not decrease (from #{newest_committed_version} to #{current_version})"
end
unless previous_version_scheme.nil?
if current_version_scheme < previous_version_scheme
problem "version_scheme should not decrease (from #{previous_version_scheme} " \
"to #{current_version_scheme})"
elsif current_version_scheme > (previous_version_scheme + 1)
problem "version_schemes should only increment by 1"
end
end
if (previous_version != newest_committed_version ||
current_version != newest_committed_version) &&
!current_revision.zero? &&
current_revision == newest_committed_revision &&
current_revision == previous_revision
problem "'revision #{current_revision}' should be removed"
elsif current_version == previous_version &&
!previous_revision.nil? &&
current_revision < previous_revision
problem "revision should not decrease (from #{previous_revision} to #{current_revision})"
elsif newest_committed_revision &&
current_revision > (newest_committed_revision + 1)
problem "revisions should only increment by 1"
end
end
|
#audit_specs ⇒ Object
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 732
def audit_specs
problem "Head-only (no stable download)" if head_only?(formula)
%w[Stable HEAD].each do |name|
spec_name = name.downcase.to_sym
next unless spec = formula.send(spec_name)
ra = ResourceAuditor.new(spec, spec_name, online: @online, strict: @strict).audit
ra.problems.each do |message|
problem "#{name}: #{message}"
end
spec.resources.each_value do |resource|
problem "Resource name should be different from the formula name" if resource.name == formula.name
ra = ResourceAuditor.new(resource, spec_name, online: @online, strict: @strict).audit
ra.problems.each do |message|
problem "#{name} resource #{resource.name.inspect}: #{message}"
end
end
next if spec.patches.empty?
next unless @new_formula
new_formula_problem(
"Formulae should not require patches to build. " \
"Patches should be submitted and accepted upstream first.",
)
end
if stable = formula.stable
version = stable.version
problem "Stable: version (#{version}) is set to a string without a digit" if version.to_s !~ /\d/
if version.to_s.start_with?("HEAD")
problem "Stable: non-HEAD version name (#{version}) should not begin with HEAD"
end
end
return unless @core_tap
if formula.head && @versioned_formula
head_spec_message = "Versioned formulae should not have a `HEAD` spec"
problem head_spec_message unless VERSIONED_HEAD_SPEC_ALLOWLIST.include?(formula.name)
end
stable = formula.stable
return unless stable
return unless stable.url
stable_version_string = stable.version.to_s
stable_url_version = Version.parse(stable.url)
stable_url_minor_version = stable_url_version.minor.to_i
formula_suffix = stable.version.patch.to_i
throttled_rate = THROTTLED_FORMULAE[formula.name]
if throttled_rate && formula_suffix.modulo(throttled_rate).nonzero?
problem "should only be updated every #{throttled_rate} releases on multiples of #{throttled_rate}"
end
case (url = stable.url)
when /[\d._-](alpha|beta|rc\d)/
matched = Regexp.last_match(1)
version_prefix = stable_version_string.sub(/\d+$/, "")
return if UNSTABLE_ALLOWLIST[formula.name] == version_prefix
return if UNSTABLE_DEVEL_ALLOWLIST[formula.name] == version_prefix
problem "Stable version URLs should not contain #{matched}"
when %r{download\.gnome\.org/sources}, %r{ftp\.gnome\.org/pub/GNOME/sources}i
version_prefix = stable.version.major_minor
return if GNOME_DEVEL_ALLOWLIST[formula.name] == version_prefix
return if stable_url_version < Version.create("1.0")
return if stable_url_minor_version.even?
problem "#{stable.version} is a development release"
when %r{isc.org/isc/bind\d*/}i
return if stable_url_minor_version.even?
problem "#{stable.version} is a development release"
when %r{https?://gitlab\.com/([\w-]+)/([\w-]+)}
owner = Regexp.last_match(1)
repo = Regexp.last_match(2)
tag = SharedAudits.gitlab_tag_from_url(url)
tag ||= stable.specs[:tag]
tag ||= stable.version
if @online
error = SharedAudits.gitlab_release(owner, repo, tag, formula: formula)
problem error if error
end
when %r{^https://github.com/([\w-]+)/([\w-]+)}
owner = Regexp.last_match(1)
repo = Regexp.last_match(2)
tag = SharedAudits.github_tag_from_url(url)
tag ||= formula.stable.specs[:tag]
if @online
error = SharedAudits.github_release(owner, repo, tag, formula: formula)
problem error if error
end
end
end
|
#audit_style ⇒ Object
251
252
253
254
255
256
257
258
259
260
261
262
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 251
def audit_style
return unless @style_offenses
@style_offenses.each do |offense|
correction_status = "#{Tty.green}[Corrected]#{Tty.reset} " if offense.corrected?
cop_name = "#{offense.cop_name}: " if @display_cop_names
message = "#{cop_name}#{correction_status}#{offense.message}"
problem message, location: offense.location
end
end
|
#audit_text ⇒ Object
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 915
def audit_text
bin_names = Set.new
bin_names << formula.name
bin_names += formula.aliases
[formula.bin, formula.sbin].each do |dir|
next unless dir.exist?
bin_names += dir.children.map(&:basename).map(&:to_s)
end
shell_commands = ["system", "shell_output", "pipe_output"]
bin_names.each do |name|
shell_commands.each do |cmd|
if text.to_s.match?(/test do.*#{cmd}[(\s]+['"]#{Regexp.escape(name)}[\s'"]/m)
problem %Q(fully scope test #{cmd} calls, e.g. #{cmd} "\#{bin}/#{name}")
end
end
end
end
|
#audit_versioned_keg_only ⇒ Object
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 549
def audit_versioned_keg_only
return unless @versioned_formula
return unless @core_tap
if formula.keg_only?
return if formula.keg_only_reason.versioned_formula?
if formula.name.start_with?("openssl", "libressl") &&
formula.keg_only_reason.by_macos?
return
end
end
return if VERSIONED_KEG_ONLY_ALLOWLIST.include?(formula.name)
return if formula.name.start_with?("adoptopenjdk@")
return if formula.name.start_with?("gcc@")
problem "Versioned formulae in homebrew/core should use `keg_only :versioned_formula`"
end
|
#get_repo_data(regex) ⇒ Object
673
674
675
676
677
678
679
680
681
682
683
684
685
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 673
def get_repo_data(regex)
return unless @core_tap
return unless @online
_, user, repo = *regex.match(formula.stable.url) if formula.stable
_, user, repo = *regex.match(formula.homepage) unless user
_, user, repo = *regex.match(formula.head.url) if !user && formula.head
return if !user || !repo
repo.delete_suffix!(".git")
[user, repo]
end
|
#problem_if_output(output) ⇒ Object
962
963
964
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 962
def problem_if_output(output)
problem(output) if output
end
|
#quote_dep(dep) ⇒ Object
958
959
960
|
# File 'brew/Library/Homebrew/dev-cmd/audit.rb', line 958
def quote_dep(dep)
dep.is_a?(Symbol) ? dep.inspect : "'#{dep}'"
end
|