Module: RuboCop::Cop::UrlHelper Private
- Includes:
- HelperFunctions
- Included in:
- Cask::Url, FormulaAudit::Urls
- Defined in:
- rubocops/shared/url_helper.rb
Overview
This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.
This module performs common checks the homepage field in both formulae and casks.
Instance Method Summary collapse
- #audit_url(type, urls, mirrors, livecheck_url: false) ⇒ Object private
-
#audit_urls(urls, regex) ⇒ Object
private
Yields to block when there is a match.
Methods included from HelperFunctions
#block_method_called_in_block?, #block_size, #check_precedence, #class_name, #component_precedes?, #end_column, #expression_negated?, #find_all_blocks, #find_block, #find_blocks, #find_const, #find_every_func_call_by_name, #find_every_method_call_by_name, #find_instance_call, #find_instance_method_call, #find_method_calls_by_name, #find_method_def, #find_method_with_args, #find_node_method_by_name, #find_strings, #format_component, #line_number, #line_start_column, #method_called?, #method_called_ever?, #method_name, #node_equals?, #offending_node, #parameters, #parameters_passed?, #problem, #regex_match_group, #size, #source_buffer, #start_column, #string_content
Instance Method Details
#audit_url(type, urls, mirrors, livecheck_url: false) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
# File 'rubocops/shared/url_helper.rb', line 35 def audit_url(type, urls, mirrors, livecheck_url: false) @type = type # GNU URLs; doesn't apply to mirrors gnu_pattern = %r{^(?:https?|ftp)://ftpmirror\.gnu\.org/(.*)} audit_urls(urls, gnu_pattern) do |match, url| problem "Please use \"https://ftp.gnu.org/gnu/#{match[1]}\" instead of #{url}." end # Fossies upstream requests they aren't used as primary URLs # https://github.com/Homebrew/homebrew-core/issues/14486#issuecomment-307753234 fossies_pattern = %r{^https?://fossies\.org/} audit_urls(urls, fossies_pattern) do problem "Please don't use fossies.org in the url (using as a mirror is fine)" end apache_pattern = %r{^https?://(?:[^/]*\.)?apache\.org/(?:dyn/closer\.cgi\?path=/?|dist/)(.*)}i audit_urls(urls, apache_pattern) do |match, url| next if url == livecheck_url problem "#{url} should be `https://www.apache.org/dyn/closer.lua?path=#{match[1]}`" end version_control_pattern = %r{^(cvs|bzr|hg|fossil)://} audit_urls(urls, version_control_pattern) do |match, _| problem "Use of the #{match[1]}:// scheme is deprecated, pass `:using => :#{match[1]}` instead" end svn_pattern = %r{^svn\+http://} audit_urls(urls, svn_pattern) do |_, _| problem "Use of the svn+http:// scheme is deprecated, pass `:using => :svn` instead" end audit_urls(mirrors, /.*/) do |_, mirror| urls.each do |url| url_string = string_content(parameters(url).first) next unless url_string.eql?(mirror) problem "URL should not be duplicated as a mirror: #{url_string}" end end urls += mirrors # Check a variety of SSL/TLS URLs that don't consistently auto-redirect # or are overly common errors that need to be reduced & fixed over time. http_to_https_patterns = Regexp.union([%r{^http://ftp\.gnu\.org/}, %r{^http://ftpmirror\.gnu\.org/}, %r{^http://download\.savannah\.gnu\.org/}, %r{^http://download-mirror\.savannah\.gnu\.org/}, %r{^http://(?:[^/]*\.)?apache\.org/}, %r{^http://code\.google\.com/}, %r{^http://fossies\.org/}, %r{^http://mirrors\.kernel\.org/}, %r{^http://mirrors\.ocf\.berkeley\.edu/}, %r{^http://(?:[^/]*\.)?bintray\.com/}, %r{^http://tools\.ietf\.org/}, %r{^http://launchpad\.net/}, %r{^http://github\.com/}, %r{^http://bitbucket\.org/}, %r{^http://anonscm\.debian\.org/}, %r{^http://cpan\.metacpan\.org/}, %r{^http://hackage\.haskell\.org/}, %r{^http://(?:[^/]*\.)?archive\.org}, %r{^http://(?:[^/]*\.)?freedesktop\.org}, %r{^http://(?:[^/]*\.)?mirrorservice\.org/}]) audit_urls(urls, http_to_https_patterns) do |_, url, index| # It's fine to have a plain HTTP mirror further down the mirror list. https_url = url.dup.insert(4, "s") https_index = T.let(nil, T.nilable(Integer)) audit_urls(urls, https_url) do |_, _, found_https_index| https_index = found_https_index end problem "Please use https:// for #{url}" if !https_index || https_index > index end apache_mirror_pattern = %r{^https?://(?:[^/]*\.)?apache\.org/dyn/closer\.(?:cgi|lua)\?path=/?(.*)}i audit_urls(mirrors, apache_mirror_pattern) do |match, mirror| problem "Please use `https://archive.apache.org/dist/#{match[1]}` as a mirror instead of #{mirror}." end cpan_pattern = %r{^http://search\.mcpan\.org/CPAN/(.*)}i audit_urls(urls, cpan_pattern) do |match, url| problem "#{url} should be `https://cpan.metacpan.org/#{match[1]}`" end gnome_pattern = %r{^(http|ftp)://ftp\.gnome\.org/pub/gnome/(.*)}i audit_urls(urls, gnome_pattern) do |match, url| problem "#{url} should be `https://download.gnome.org/#{match[2]}`" end debian_pattern = %r{^git://anonscm\.debian\.org/users/(.*)}i audit_urls(urls, debian_pattern) do |match, url| problem "#{url} should be `https://anonscm.debian.org/git/users/#{match[1]}`" end # Prefer HTTP/S when possible over FTP protocol due to possible firewalls. mirror_service_pattern = %r{^ftp://ftp\.mirrorservice\.org} audit_urls(urls, mirror_service_pattern) do |_, url| problem "Please use https:// for #{url}" end cpan_ftp_pattern = %r{^ftp://ftp\.cpan\.org/pub/CPAN(.*)}i audit_urls(urls, cpan_ftp_pattern) do |match_obj, url| problem "#{url} should be `http://search.cpan.org/CPAN#{match_obj[1]}`" end # SourceForge url patterns sourceforge_patterns = %r{^https?://.*\b(sourceforge|sf)\.(com|net)} audit_urls(urls, sourceforge_patterns) do |_, url| # Skip if the URL looks like a SVN repository. next if url.include? "/svnroot/" next if url.include? "svn.sourceforge" next if url.include? "/p/" if url =~ /(\?|&)use_mirror=/ problem "Don't use #{Regexp.last_match(1)}use_mirror in SourceForge urls (url is #{url})." end problem "Don't use /download in SourceForge urls (url is #{url})." if url.end_with?("/download") if url.match?(%r{^https?://sourceforge\.}) && url != livecheck_url problem "Use https://downloads.sourceforge.net to get geolocation (url is #{url})." end if url.match?(%r{^https?://prdownloads\.}) problem "Don't use prdownloads in SourceForge urls (url is #{url})." end if url.match?(%r{^http://\w+\.dl\.}) problem "Don't use specific dl mirrors in SourceForge urls (url is #{url})." end problem "Please use https:// for #{url}" if url.start_with? "http://downloads" end # Debian has an abundance of secure mirrors. Let's not pluck the insecure # one out of the grab bag. unsecure_deb_pattern = %r{^http://http\.debian\.net/debian/(.*)}i audit_urls(urls, unsecure_deb_pattern) do |match, _| problem <<~EOS Please use a secure mirror for Debian URLs. We recommend: https://deb.debian.org/debian/#{match[1]} EOS end # Check to use canonical URLs for Debian packages noncanon_deb_pattern = Regexp.union([%r{^https://mirrors\.kernel\.org/debian/}, %r{^https://mirrors\.ocf\.berkeley\.edu/debian/}, %r{^https://(?:[^/]*\.)?mirrorservice\.org/sites/ftp\.debian\.org/debian/}]) audit_urls(urls, noncanon_deb_pattern) do |_, url| problem "Please use https://deb.debian.org/debian/ for #{url}" end # Check for new-url Google Code download URLs, https:// is preferred google_code_pattern = Regexp.union([%r{^http://[A-Za-z0-9\-.]*\.googlecode\.com/files.*}, %r{^http://code\.google\.com/}]) audit_urls(urls, google_code_pattern) do |_, url| problem "Please use https:// for #{url}" end # Check for `git://` GitHub repository URLs, https:// is preferred. git_gh_pattern = %r{^git://[^/]*github\.com/} audit_urls(urls, git_gh_pattern) do |_, url| problem "Please use https:// for #{url}" end # Check for `git://` Gitorious repository URLs, https:// is preferred. git_gitorious_pattern = %r{^git://[^/]*gitorious\.org/} audit_urls(urls, git_gitorious_pattern) do |_, url| problem "Please use https:// for #{url}" end # Check for `http://` GitHub repository URLs, https:// is preferred. gh_pattern = %r{^http://github\.com/.*\.git$} audit_urls(urls, gh_pattern) do |_, url| problem "Please use https:// for #{url}" end # Check for master branch GitHub archives. if type == :formula tarball_gh_pattern = %r{^https://github\.com/.*archive/master\.(tar\.gz|zip)$} audit_urls(urls, tarball_gh_pattern) do problem "Use versioned rather than branch tarballs for stable checksums." end end # Use new-style archive downloads. archive_gh_pattern = %r{https://.*github.*/(?:tar|zip)ball/} audit_urls(urls, archive_gh_pattern) do |_, url| next if url.end_with?(".git") problem "Use /archive/ URLs for GitHub tarballs (url is #{url})." end archive_refs_gh_pattern = %r{https://.*github.+/archive/(?![a-fA-F0-9]{40})(?!refs/(tags|heads)/)(.*)\.tar\.gz$} audit_urls(urls, archive_refs_gh_pattern) do |match, url| next if url.end_with?(".git") problem "Use refs/tags/#{match[2]} or refs/heads/#{match[2]} for GitHub references (url is #{url})." end # Don't use GitHub .zip files zip_gh_pattern = %r{https://.*github.*/(archive|releases)/.*\.zip$} audit_urls(urls, zip_gh_pattern) do |_, url| next if url.match? %r{raw.githubusercontent.com/.*/.*/(main|master|HEAD)/} next if url.include?("releases/download") next if url.include?("desktop.githubusercontent.com/releases/") problem "Use GitHub tarballs rather than zipballs (url is #{url})." end # Don't use GitHub codeload URLs codeload_gh_pattern = %r{https?://codeload\.github\.com/(.+)/(.+)/(?:tar\.gz|zip)/(.+)} audit_urls(urls, codeload_gh_pattern) do |match, url| problem <<~EOS Use GitHub archive URLs: https://github.com/#{match[1]}/#{match[2]}/archive/#{match[3]}.tar.gz Rather than codeload: #{url} EOS end # Check for Maven Central URLs, prefer HTTPS redirector over specific host maven_pattern = %r{https?://(?:central|repo\d+)\.maven\.org/maven2/(.+)$} audit_urls(urls, maven_pattern) do |match, url| problem "#{url} should be `https://search.maven.org/remotecontent?filepath=#{match[1]}`" end end |
#audit_urls(urls, regex) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
Yields to block when there is a match.
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
# File 'rubocops/shared/url_helper.rb', line 16 def audit_urls(urls, regex) urls.each_with_index do |url_node, index| if @type == :cask url_string_node = url_node.first_argument url_string = url_node.source else url_string_node = parameters(url_node).first url_string = string_content(url_string_node) end match_object = regex_match_group(url_string_node, regex) next unless match_object offending_node(url_string_node.parent) yield match_object, url_string, index end end |