Module: SharedAudits Private
Overview
This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.
Auditing functions for rules common to both casks and formulae.
Constant Summary collapse
- URL_TYPE_HOMEPAGE =
This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.
"homepage URL"
Class Method Summary collapse
-
.bitbucket(user, repo) ⇒ Object
private
-
.github(user, repo) ⇒ Object
private
-
.github_release(user, repo, tag, formula: nil, cask: nil) ⇒ Object
private
-
.github_release_data(user, repo, tag) ⇒ Object
private
-
.github_repo_data(user, repo) ⇒ Object
private
-
.github_tag_from_url(url) ⇒ Object
private
-
.gitlab(user, repo) ⇒ Object
private
-
.gitlab_release(user, repo, tag, formula: nil, cask: nil) ⇒ Object
private
-
.gitlab_release_data(user, repo, tag) ⇒ Object
private
-
.gitlab_repo_data(user, repo) ⇒ Object
private
-
.gitlab_tag_from_url(url) ⇒ Object
private
Methods included from Utils::Curl
clear_path_cache, curl, curl_args, curl_check_http_content, curl_download, curl_executable, curl_headers, curl_http_content_headers_and_checksum, curl_output, curl_path, curl_response_follow_redirections, curl_response_last_location, curl_supports_tls13?, curl_with_workarounds, http_status_ok?, parse_curl_output, url_protected_by_cloudflare?, url_protected_by_incapsula?
Class Method Details
.bitbucket(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 |
# File 'utils/shared_audits.rb', line 123 def bitbucket(user, repo) api_url = "https://api.bitbucket.org/2.0/repositories/#{user}/#{repo}" out, _, status= curl_output("--request", "GET", api_url) return unless status.success? = JSON.parse(out) return if .nil? return "Uses deprecated mercurial support in Bitbucket" if ["scm"] == "hg" return "Bitbucket fork (not canonical repository)" unless ["parent"].nil? return "Bitbucket repository too new (<30 days old)" if Date.parse(["created_on"]) >= (Date.today - 30) forks_out, _, forks_status= curl_output("--request", "GET", "#{api_url}/forks") return unless forks_status.success? watcher_out, _, watcher_status= curl_output("--request", "GET", "#{api_url}/watchers") return unless watcher_status.success? = JSON.parse(forks_out) return if .nil? = JSON.parse(watcher_out) return if .nil? return if ["size"] >= 30 || ["size"] >= 75 "Bitbucket repository not notable enough (<30 forks and <75 watchers)" end |
.github(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 |
# File 'utils/shared_audits.rb', line 91 def github(user, repo) = github_repo_data(user, repo) return if .nil? return "GitHub fork (not canonical repository)" if ["fork"] if (["forks_count"] < 30) && (["subscribers_count"] < 30) && (["stargazers_count"] < 75) return "GitHub repository not notable enough (<30 forks, <30 watchers and <75 stars)" end return if Date.parse(["created_at"]) <= (Date.today - 30) "GitHub repository too new (<30 days old)" end |
.github_release(user, repo, tag, formula: nil, cask: nil) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'utils/shared_audits.rb', line 37 def github_release(user, repo, tag, formula: nil, cask: nil) release = github_release_data(user, repo, tag) return unless release exception, name, version = if formula [formula.tap&.audit_exception(:github_prerelease_allowlist, formula.name), formula.name, formula.version] elsif cask [cask.tap&.audit_exception(:github_prerelease_allowlist, cask.token), cask.token, cask.version] end return "#{tag} is a GitHub pre-release." if release["prerelease"] && [version, "all"].exclude?(exception) if !release["prerelease"] && exception return "#{tag} is not a GitHub pre-release but '#{name}' is in the GitHub prerelease allowlist." end return "#{tag} is a GitHub draft." if release["draft"] end |
.github_release_data(user, repo, tag) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
26 27 28 29 30 31 32 33 34 35 |
# File 'utils/shared_audits.rb', line 26 def github_release_data(user, repo, tag) id = "#{user}/#{repo}/#{tag}" url = "#{GitHub::API_URL}/repos/#{user}/#{repo}/releases/tags/#{tag}" @github_release_data ||= {} @github_release_data[id] ||= GitHub::API.open_rest(url) @github_release_data[id] rescue GitHub::API::HTTPNotFoundError nil end |
.github_repo_data(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
17 18 19 20 21 22 23 24 |
# File 'utils/shared_audits.rb', line 17 def github_repo_data(user, repo) @github_repo_data ||= {} @github_repo_data["#{user}/#{repo}"] ||= GitHub.repository(user, repo) @github_repo_data["#{user}/#{repo}"] rescue GitHub::API::HTTPNotFoundError nil end |
.github_tag_from_url(url) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
154 155 156 157 158 159 160 161 162 163 |
# File 'utils/shared_audits.rb', line 154 def github_tag_from_url(url) url = url.to_s tag = url.match(%r{^https://github\.com/[\w-]+/[\w-]+/archive/([^/]+)\.(tar\.gz|zip)$}) .to_a .second tag ||= url.match(%r{^https://github\.com/[\w-]+/[\w-]+/releases/download/([^/]+)/}) .to_a .second tag end |
.gitlab(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
# File 'utils/shared_audits.rb', line 108 def gitlab(user, repo) = gitlab_repo_data(user, repo) return if .nil? return "GitLab fork (not canonical repository)" if ["fork"] if (["forks_count"] < 30) && (["star_count"] < 75) return "GitLab repository not notable enough (<30 forks and <75 stars)" end return if Date.parse(["created_at"]) <= (Date.today - 30) "GitLab repository too new (<30 days old)" end |
.gitlab_release(user, repo, tag, formula: nil, cask: nil) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
# File 'utils/shared_audits.rb', line 75 def gitlab_release(user, repo, tag, formula: nil, cask: nil) release = gitlab_release_data(user, repo, tag) return unless release return if DateTime.parse(release["released_at"]) <= DateTime.now exception, version = if formula [formula.tap&.audit_exception(:gitlab_prerelease_allowlist, formula.name), formula.version] elsif cask [cask.tap&.audit_exception(:gitlab_prerelease_allowlist, cask.token), cask.version] end return if [version, "all"].include?(exception) "#{tag} is a GitLab pre-release." end |
.gitlab_release_data(user, repo, tag) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
64 65 66 67 68 69 70 71 72 73 |
# File 'utils/shared_audits.rb', line 64 def gitlab_release_data(user, repo, tag) id = "#{user}/#{repo}/#{tag}" @gitlab_release_data ||= {} @gitlab_release_data[id] ||= begin out, _, status = curl_output( "https://gitlab.com/api/v4/projects/#{user}%2F#{repo}/releases/#{tag}", "--fail" ) JSON.parse(out) if status.success? end end |
.gitlab_repo_data(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
56 57 58 59 60 61 62 |
# File 'utils/shared_audits.rb', line 56 def gitlab_repo_data(user, repo) @gitlab_repo_data ||= {} @gitlab_repo_data["#{user}/#{repo}"] ||= begin out, _, status = curl_output("https://gitlab.com/api/v4/projects/#{user}%2F#{repo}") JSON.parse(out) if status.success? end end |
.gitlab_tag_from_url(url) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
165 166 167 168 169 170 |
# File 'utils/shared_audits.rb', line 165 def gitlab_tag_from_url(url) url = url.to_s url.match(%r{^https://gitlab\.com/[\w-]+/[\w-]+/-/archive/([^/]+)/}) .to_a .second end |