Class: Homebrew::ResourceAuditor Private

Inherits:

Object

• Object
• Homebrew::ResourceAuditor

Defined in:

resource_auditor.rb

Overview

This class is part of a private API. This class may only be used in the Homebrew/brew repository. Third parties should avoid using this class if possible, as it may be removed or changed without warning.

Auditor for checking common violations in Resources.

Instance Attribute Summary

• #checksum ⇒ Object readonly private
• #mirrors ⇒ Object readonly private
• #name ⇒ Object readonly private
• #owner ⇒ Object readonly private
• #problems ⇒ Object readonly private
• #spec_name ⇒ Object readonly private
• #specs ⇒ Object readonly private
• #url ⇒ Object readonly private
• #using ⇒ Object readonly private
• #version ⇒ Object readonly private

Class Method Summary

• .curl_deps ⇒ Object private

Instance Method Summary

• #audit ⇒ Object private
• #audit_checksum ⇒ Object private
• #audit_download_strategy ⇒ Object private
• #audit_head_branch ⇒ Object private
• #audit_urls ⇒ Object private
• #audit_version ⇒ Object private
• #initialize(resource, spec_name, options = {}) ⇒ ResourceAuditor constructor private

  A new instance of ResourceAuditor.

• #problem(text) ⇒ Object private

Constructor Details

#initialize(resource, spec_name, options = {}) ⇒ ResourceAuditor

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns a new instance of ResourceAuditor.

# File 'resource_auditor.rb', line 11

def initialize(resource, spec_name, options = {})
  @name     = resource.name
  @version  = resource.version
  @checksum = resource.checksum
  @url      = resource.url
  @mirrors  = resource.mirrors
  @using    = resource.using
  @specs    = resource.specs
  @owner    = resource.owner
  @spec_name = spec_name
  @online    = options[:online]
  @strict    = options[:strict]
  @only      = options[:only]
  @except    = options[:except]
  @use_homebrew_curl = options[:use_homebrew_curl]
  @problems = []
end

Instance Attribute Details

#checksum ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def checksum
  @checksum
end

#mirrors ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def mirrors
  @mirrors
end

#name ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def name
  @name
end

#owner ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def owner
  @owner
end

#problems ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def problems
  @problems
end

#spec_name ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def spec_name
  @spec_name
end

#specs ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def specs
  @specs
end

#url ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def url
  @url
end

#using ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def using
  @using
end

#version ⇒ Object (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 9

def version
  @version
end

Class Method Details

.curl_deps ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 93

def self.curl_deps
  @curl_deps ||= begin
    ["curl"] + Formula["curl"].recursive_dependencies.map(&:name).uniq
  rescue FormulaUnavailableError
    []
  end
end

Instance Method Details

#audit ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 29

def audit
  only_audits = @only
  except_audits = @except

  methods.map(&:to_s).grep(/^audit_/).each do |audit_method_name|
    name = audit_method_name.delete_prefix("audit_")
    next if only_audits&.exclude?(name)
    next if except_audits&.include?(name)

    send(audit_method_name)
  end

  self
end

#audit_checksum ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 86

def audit_checksum
  return if spec_name == :head
  return unless DownloadStrategyDetector.detect(url, using) <= CurlDownloadStrategy

  problem "Checksum is missing" if checksum.blank?
end

#audit_download_strategy ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 56

def audit_download_strategy
  url_strategy = DownloadStrategyDetector.detect(url)

  if (using == :git || url_strategy == GitDownloadStrategy) && specs[:tag] && !specs[:revision]
    problem "Git should specify :revision when a :tag is specified."
  end

  return unless using

  if using == :cvs
    mod = specs[:module]

    problem "Redundant :module value in URL" if mod == name

    if url.match?(%r{:[^/]+$})
      mod = url.split(":").last

      if mod == name
        problem "Redundant CVS module appended to URL"
      else
        problem "Specify CVS module as `:module => \"#{mod}\"` instead of appending it to the URL"
      end
    end
  end

  return unless url_strategy == DownloadStrategyDetector.detect("", using)

  problem "Redundant :using value in URL"
end

#audit_head_branch ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 141

def audit_head_branch
  return unless @online
  return unless @strict
  return if spec_name != :head
  return unless Utils::Git.remote_exists?(url)
  return if specs[:tag].present?

  branch = Utils.popen_read("git", "ls-remote", "--symref", url, "HEAD")
                .match(%r{ref: refs/heads/(.*?)\s+HEAD})[1]

  return if branch == specs[:branch]

  problem "Use `branch: \"#{branch}\"` to specify the default branch"
end

#audit_urls ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 101

def audit_urls
  urls = [url] + mirrors

  curl_dep = self.class.curl_deps.include?(owner.name)
  # Ideally `ca-certificates` would not be excluded here, but sourcing a HTTP mirror was tricky.
  # Instead, we have logic elsewhere to pass `--insecure` to curl when downloading the certs.
  # TODO: try remove the OS/env conditional
  if (OS.mac? || Homebrew::EnvConfig.simulate_macos_on_linux?) && spec_name == :stable &&
     owner.name != "ca-certificates" && curl_dep && !urls.find { |u| u.start_with?("http://") }
    problem "should always include at least one HTTP mirror"
  end

  return unless @online

  urls.each do |url|
    next if !@strict && mirrors.include?(url)

    strategy = DownloadStrategyDetector.detect(url, using)
    if strategy <= CurlDownloadStrategy && !url.start_with?("file")

      raise HomebrewCurlDownloadStrategyError, url if
        strategy <= HomebrewCurlDownloadStrategy && !Formula["curl"].any_version_installed?

      if (http_content_problem = curl_check_http_content(url,
                                                         "source URL",
                                                         specs:             specs,
                                                         use_homebrew_curl: @use_homebrew_curl))
        problem http_content_problem
      end
    elsif strategy <= GitDownloadStrategy
      problem "The URL #{url} is not a valid git URL" unless Utils::Git.remote_exists? url
    elsif strategy <= SubversionDownloadStrategy
      next unless DevelopmentTools.subversion_handles_most_https_certificates?
      next unless Utils::Svn.available?

      problem "The URL #{url} is not a valid svn URL" unless Utils::Svn.remote_exists? url
    end
  end
end

#audit_version ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 44

def audit_version
  if version.nil?
    problem "missing version"
  elsif !version.detected_from_url?
    version_text = version
    version_url = Version.detect(url, **specs)
    if version_url.to_s == version_text.to_s && version.instance_of?(Version)
      problem "version #{version_text} is redundant with version scanned from URL"
    end
  end
end

#problem(text) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'resource_auditor.rb', line 156

def problem(text)
  @problems << text
end