Class: RuboCop::Cop::FormulaAudit::Checksum Private

Inherits:
RuboCop::Cop::FormulaCop show all
Defined in:
rubocops/checksum.rb

Overview

This class is part of a private API. This class may only be used in the Homebrew/brew repository. Third parties should avoid using this class if possible, as it may be removed or changed without warning.

This cop makes sure that deprecated checksums are not used.

Instance Attribute Summary

Attributes inherited from RuboCop::Cop::FormulaCop

#file_path

Instance Method Summary collapse

Methods inherited from RuboCop::Cop::FormulaCop

#audit_comments, #audit_urls, #caveats_strings, #depends_on?, #depends_on_name_type?, #formula_tap, #get_checksum_node, #on_class, #tap_style_exception?, #versioned_formula?

Methods included from HelperFunctions

#block_size, #check_precedence, #class_name, #component_precedes?, #end_column, #expression_negated?, #find_all_blocks, #find_block, #find_blocks, #find_const, #find_every_func_call_by_name, #find_every_method_call_by_name, #find_instance_call, #find_instance_method_call, #find_method_calls_by_name, #find_method_def, #find_method_with_args, #find_node_method_by_name, #find_strings, #format_component, #line_number, #line_start_column, #method_called?, #method_called_ever?, #method_called_in_block?, #method_name, #node_equals?, #offending_node, #parameters, #parameters_passed?, #problem, #regex_match_group, #size, #source_buffer, #start_column, #string_content

Instance Method Details

#audit_formula(_node, _class_node, _parent_class_node, body_node) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



13
14
15
16
17
18
19
20
21
22
23
24
25
# File 'rubocops/checksum.rb', line 13

def audit_formula(_node, _class_node, _parent_class_node, body_node)
  return if body_node.nil?

  problem "MD5 checksums are deprecated, please use SHA-256" if method_called_ever?(body_node, :md5)

  problem "SHA1 checksums are deprecated, please use SHA-256" if method_called_ever?(body_node, :sha1)

  sha256_calls = find_every_method_call_by_name(body_node, :sha256)
  sha256_calls.each do |sha256_call|
    sha256_node = get_checksum_node(sha256_call)
    audit_sha256(sha256_node)
  end
end

#audit_sha256(checksum) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# File 'rubocops/checksum.rb', line 27

def audit_sha256(checksum)
  return if checksum.nil?

  if regex_match_group(checksum, /^$/)
    problem "sha256 is empty"
    return
  end

  if string_content(checksum).size != 64 && regex_match_group(checksum, /^\w*$/)
    problem "sha256 should be 64 characters"
  end

  return unless regex_match_group(checksum, /[^a-f0-9]+/i)

  add_offense(@offensive_source_range, message: "sha256 contains invalid characters")
end