Class: RuboCop::Cop::FormulaAudit::Files Private

Inherits:
RuboCop::Cop::FormulaCop show all
Defined in:
rubocops/files.rb

Overview

This class is part of a private API. This class may only be used in the Homebrew/brew repository. Third parties should avoid using this class if possible, as it may be removed or changed without warning.

This cop makes sure that a formula's file permissions are correct.

Instance Attribute Summary

Attributes inherited from RuboCop::Cop::FormulaCop

#file_path

Instance Method Summary collapse

Methods inherited from RuboCop::Cop::FormulaCop

#audit_comments, #audit_urls, #caveats_strings, #dependency_name_hash_match?, #dependency_type_hash_match?, #depends_on?, #depends_on_name_type?, #formula_tap, #get_checksum_node, #on_class, #required_dependency?, #required_dependency_name?, #style_exceptions_dir, #tap_style_exception?, #versioned_formula?

Methods included from HelperFunctions

#block_method_called_in_block?, #block_size, #check_precedence, #class_name, #component_precedes?, #end_column, #expression_negated?, #find_all_blocks, #find_block, #find_blocks, #find_const, #find_every_func_call_by_name, #find_every_method_call_by_name, #find_instance_call, #find_instance_method_call, #find_method_calls_by_name, #find_method_def, #find_method_with_args, #find_node_method_by_name, #find_strings, #format_component, #line_number, #line_start_column, #method_called?, #method_called_ever?, #method_name, #node_equals?, #offending_node, #parameters, #parameters_passed?, #problem, #regex_match_group, #size, #source_buffer, #start_column, #string_content

Methods included from Kernel

#disk_usage_readable, #ensure_executable!, #ensure_formula_installed!, #exec_browser, #exec_editor, #ignore_interrupts, #interactive_shell, #number_readable, #odebug, #odeprecated, #odie, #odisabled, #ofail, #oh1, #oh1_title, #ohai, #ohai_title, #onoe, #opoo, #paths, #pretty_duration, #pretty_installed, #pretty_outdated, #pretty_uninstalled, #quiet_system, #redact_secrets, #redirect_stdout, #require?, #safe_system, #tap_and_name_comparison, #truncate_text_to_approximate_size, #which, #which_all, #which_editor, #with_custom_locale, #with_env, #with_homebrew_path

Instance Method Details

#audit_formula(node, _class_node, _parent_class_node, _body_node) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'rubocops/files.rb', line 11

def audit_formula(node, _class_node, _parent_class_node, _body_node)
  return unless file_path

  # Codespaces routinely screws up all permissions so don't complain there.
  return if ENV["CODESPACES"] || ENV["HOMEBREW_CODESPACES"]

  offending_node(node)
  actual_mode = File.stat(file_path).mode
  # Check that the file is world-readable.
  if actual_mode & 0444 != 0444
    problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
                   actual: actual_mode & 0777,
                   wanted: "a+r",
                   path:   file_path)
  end
  # Check that the file is user-writeable.
  if actual_mode & 0200 != 0200
    problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
                   actual: actual_mode & 0777,
                   wanted: "u+w",
                   path:   file_path)
  end
  # Check that the file is *not* other-writeable.
  return if actual_mode & 0002 != 002

  problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
                 actual: actual_mode & 0777,
                 wanted: "o-w",
                 path:   file_path)
end