Class: RuboCop::Cop::FormulaAudit::Files Private

Inherits:
RuboCop::Cop::FormulaCop show all
Defined in:
rubocops/files.rb

Overview

This class is part of a private API. This class may only be used in the Homebrew/brew repository. Third parties should avoid using this class if possible, as it may be removed or changed without warning.

This cop makes sure that a formula's file permissions are correct.

Constant Summary

Constants included from Kernel

Kernel::IGNORE_INTERRUPTS_MUTEX

Instance Attribute Summary

Attributes inherited from RuboCop::Cop::FormulaCop

#file_path

Instance Method Summary collapse

Methods inherited from RuboCop::Cop::FormulaCop

#audit_comments, #audit_urls, #caveats_strings, #dependency_name_hash_match?, #dependency_type_hash_match?, #depends_on?, #depends_on_name_type?, #formula_tap, #get_checksum_node, #on_class, #required_dependency?, #required_dependency_name?, #style_exceptions_dir, #tap_style_exception?, #versioned_formula?

Methods included from HelperFunctions

#block_method_called_in_block?, #block_size, #check_precedence, #class_name, #component_precedes?, #end_column, #expression_negated?, #find_all_blocks, #find_block, #find_blocks, #find_const, #find_every_func_call_by_name, #find_every_method_call_by_name, #find_instance_call, #find_instance_method_call, #find_method_calls_by_name, #find_method_def, #find_method_with_args, #find_node_method_by_name, #find_strings, #format_component, #line_number, #line_start_column, #method_called?, #method_called_ever?, #method_name, #node_equals?, #offending_node, #parameters, #parameters_passed?, #problem, #regex_match_group, #size, #source_buffer, #start_column, #string_content

Methods included from Kernel

#disk_usage_readable, #ensure_executable!, #ensure_formula_installed!, #exec_browser, #exec_editor, #ignore_interrupts, #interactive_shell, #number_readable, #odebug, #odeprecated, #odie, #odisabled, #ofail, #oh1, #oh1_title, #ohai, #ohai_title, #onoe, #opoo, #paths, #pretty_duration, #pretty_installed, #pretty_outdated, #pretty_uninstalled, #quiet_system, #redact_secrets, #redirect_stdout, #require?, #safe_system, #tap_and_name_comparison, #truncate_text_to_approximate_size, #which, #which_all, #which_editor, #with_custom_locale, #with_env, #with_homebrew_path

Instance Method Details

#audit_formula(formula_nodes) ⇒ void

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

This method returns an undefined value.

Parameters:



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'rubocops/files.rb', line 12

def audit_formula(formula_nodes)
  return unless file_path

  # Codespaces routinely screws up all permissions so don't complain there.
  return if ENV["CODESPACES"] || ENV["HOMEBREW_CODESPACES"]

  offending_node(formula_nodes.node)
  actual_mode = File.stat(file_path).mode
  # Check that the file is world-readable.
  if actual_mode & 0444 != 0444
    problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
                   actual: actual_mode & 0777,
                   wanted: "a+r",
                   path:   file_path)
  end
  # Check that the file is user-writeable.
  if actual_mode & 0200 != 0200
    problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
                   actual: actual_mode & 0777,
                   wanted: "u+w",
                   path:   file_path)
  end
  # Check that the file is *not* other-writeable.
  return if actual_mode & 0002 != 002

  problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
                 actual: actual_mode & 0777,
                 wanted: "o-w",
                 path:   file_path)
end