Class: Homebrew::ResourceAuditor Private

Inherits:
Object
  • Object
show all
Defined in:
resource_auditor.rb

Overview

This class is part of a private API. This class may only be used in the Homebrew/brew repository. Third parties should avoid using this class if possible, as it may be removed or changed without warning.

Auditor for checking common violations in Resources.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(resource, spec_name, options = {}) ⇒ ResourceAuditor

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns a new instance of ResourceAuditor.



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# File 'resource_auditor.rb', line 11

def initialize(resource, spec_name, options = {})
  @name     = resource.name
  @version  = resource.version
  @checksum = resource.checksum
  @url      = resource.url
  @mirrors  = resource.mirrors
  @using    = resource.using
  @specs    = resource.specs
  @owner    = resource.owner
  @spec_name = spec_name
  @online    = options[:online]
  @strict    = options[:strict]
  @only      = options[:only]
  @except    = options[:except]
  @use_homebrew_curl = options[:use_homebrew_curl]
  @problems = []
end

Instance Attribute Details

#checksumObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def checksum
  @checksum
end

#mirrorsObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def mirrors
  @mirrors
end

#nameObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def name
  @name
end

#ownerObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def owner
  @owner
end

#problemsObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def problems
  @problems
end

#spec_nameObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def spec_name
  @spec_name
end

#specsObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def specs
  @specs
end

#urlObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def url
  @url
end

#usingObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def using
  @using
end

#versionObject (readonly)

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



9
10
11
# File 'resource_auditor.rb', line 9

def version
  @version
end

Class Method Details

.curl_depsObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



93
94
95
96
97
98
99
# File 'resource_auditor.rb', line 93

def self.curl_deps
  @curl_deps ||= begin
    ["curl"] + Formula["curl"].recursive_dependencies.map(&:name).uniq
  rescue FormulaUnavailableError
    []
  end
end

Instance Method Details

#auditObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



29
30
31
32
33
34
35
36
37
38
39
40
41
42
# File 'resource_auditor.rb', line 29

def audit
  only_audits = @only
  except_audits = @except

  methods.map(&:to_s).grep(/^audit_/).each do |audit_method_name|
    name = audit_method_name.delete_prefix("audit_")
    next if only_audits&.exclude?(name)
    next if except_audits&.include?(name)

    send(audit_method_name)
  end

  self
end

#audit_checksumObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



86
87
88
89
90
91
# File 'resource_auditor.rb', line 86

def audit_checksum
  return if spec_name == :head
  return unless DownloadStrategyDetector.detect(url, using) <= CurlDownloadStrategy

  problem "Checksum is missing" if checksum.blank?
end

#audit_download_strategyObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# File 'resource_auditor.rb', line 56

def audit_download_strategy
  url_strategy = DownloadStrategyDetector.detect(url)

  if (using == :git || url_strategy == GitDownloadStrategy) && specs[:tag] && !specs[:revision]
    problem "Git should specify :revision when a :tag is specified."
  end

  return unless using

  if using == :cvs
    mod = specs[:module]

    problem "Redundant :module value in URL" if mod == name

    if url.match?(%r{:[^/]+$})
      mod = url.split(":").last

      if mod == name
        problem "Redundant CVS module appended to URL"
      else
        problem "Specify CVS module as `:module => \"#{mod}\"` instead of appending it to the URL"
      end
    end
  end

  return unless url_strategy == DownloadStrategyDetector.detect("", using)

  problem "Redundant :using value in URL"
end

#audit_head_branchObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



141
142
143
144
145
146
147
148
149
150
151
152
153
154
# File 'resource_auditor.rb', line 141

def audit_head_branch
  return unless @online
  return unless @strict
  return if spec_name != :head
  return unless Utils::Git.remote_exists?(url)
  return if specs[:tag].present?

  branch = Utils.popen_read("git", "ls-remote", "--symref", url, "HEAD")
                .match(%r{ref: refs/heads/(.*?)\s+HEAD})[1]

  return if branch == specs[:branch]

  problem "Use `branch: \"#{branch}\"` to specify the default branch"
end

#audit_urlsObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# File 'resource_auditor.rb', line 101

def audit_urls
  urls = [url] + mirrors

  curl_dep = self.class.curl_deps.include?(owner.name)
  # Ideally `ca-certificates` would not be excluded here, but sourcing a HTTP mirror was tricky.
  # Instead, we have logic elsewhere to pass `--insecure` to curl when downloading the certs.
  # TODO: try remove the OS/env conditional
  if (OS.mac? || Homebrew::EnvConfig.simulate_macos_on_linux?) && spec_name == :stable &&
     owner.name != "ca-certificates" && curl_dep && !urls.find { |u| u.start_with?("http://") }
    problem "should always include at least one HTTP mirror"
  end

  return unless @online

  urls.each do |url|
    next if !@strict && mirrors.include?(url)

    strategy = DownloadStrategyDetector.detect(url, using)
    if strategy <= CurlDownloadStrategy && !url.start_with?("file")

      raise HomebrewCurlDownloadStrategyError, url if
        strategy <= HomebrewCurlDownloadStrategy && !Formula["curl"].any_version_installed?

      if (http_content_problem = curl_check_http_content(url,
                                                         "source URL",
                                                         specs:             specs,
                                                         use_homebrew_curl: @use_homebrew_curl))
        problem http_content_problem
      end
    elsif strategy <= GitDownloadStrategy
      problem "The URL #{url} is not a valid git URL" unless Utils::Git.remote_exists? url
    elsif strategy <= SubversionDownloadStrategy
      next unless DevelopmentTools.subversion_handles_most_https_certificates?
      next unless Utils::Svn.available?

      problem "The URL #{url} is not a valid svn URL" unless Utils::Svn.remote_exists? url
    end
  end
end

#audit_versionObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



44
45
46
47
48
49
50
51
52
53
54
# File 'resource_auditor.rb', line 44

def audit_version
  if version.nil?
    problem "missing version"
  elsif !version.detected_from_url?
    version_text = version
    version_url = Version.detect(url, **specs)
    if version_url.to_s == version_text.to_s && version.instance_of?(Version)
      problem "version #{version_text} is redundant with version scanned from URL"
    end
  end
end

#problem(text) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



156
157
158
# File 'resource_auditor.rb', line 156

def problem(text)
  @problems << text
end