Module: SharedAudits Private
- Defined in:
- utils/shared_audits.rb
Overview
This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.
Auditing functions for rules common to both casks and formulae.
Constant Summary collapse
- URL_TYPE_HOMEPAGE =
This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.
"homepage URL"
Class Method Summary collapse
-
.bitbucket(user, repo) ⇒ Object
private
-
.github(user, repo) ⇒ Object
private
-
.github_release(user, repo, tag, formula: nil, cask: nil) ⇒ Object
private
-
.github_release_data(user, repo, tag) ⇒ Object
private
-
.github_repo_data(user, repo) ⇒ Object
private
-
.github_tag_from_url(url) ⇒ Object
private
-
.gitlab(user, repo) ⇒ Object
private
-
.gitlab_release(user, repo, tag, formula: nil, cask: nil) ⇒ Object
private
-
.gitlab_release_data(user, repo, tag) ⇒ Object
private
-
.gitlab_repo_data(user, repo) ⇒ Object
private
-
.gitlab_tag_from_url(url) ⇒ Object
private
Class Method Details
.bitbucket(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 |
# File 'utils/shared_audits.rb', line 127 def bitbucket(user, repo) api_url = "https://api.bitbucket.org/2.0/repositories/#{user}/#{repo}" out, _, status = Utils::Curl.curl_output("--request", "GET", api_url) return unless status.success? = JSON.parse(out) return if .nil? return "Uses deprecated mercurial support in Bitbucket" if ["scm"] == "hg" return "Bitbucket fork (not canonical repository)" unless ["parent"].nil? return "Bitbucket repository too new (<30 days old)" if Date.parse(["created_on"]) >= (Date.today - 30) forks_out, _, forks_status = Utils::Curl.curl_output("--request", "GET", "#{api_url}/forks") return unless forks_status.success? watcher_out, _, watcher_status = Utils::Curl.curl_output("--request", "GET", "#{api_url}/watchers") return unless watcher_status.success? = JSON.parse(forks_out) return if .nil? = JSON.parse(watcher_out) return if .nil? return if ["size"] >= 30 || ["size"] >= 75 "Bitbucket repository not notable enough (<30 forks and <75 watchers)" end |
.github(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 |
# File 'utils/shared_audits.rb', line 95 def github(user, repo) = github_repo_data(user, repo) return if .nil? return "GitHub fork (not canonical repository)" if ["fork"] if (["forks_count"] < 30) && (["subscribers_count"] < 30) && (["stargazers_count"] < 75) return "GitHub repository not notable enough (<30 forks, <30 watchers and <75 stars)" end return if Date.parse(["created_at"]) <= (Date.today - 30) "GitHub repository too new (<30 days old)" end |
.github_release(user, repo, tag, formula: nil, cask: nil) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'utils/shared_audits.rb', line 39 def github_release(user, repo, tag, formula: nil, cask: nil) release = github_release_data(user, repo, tag) return unless release exception, name, version = if formula [formula.tap&.audit_exception(:github_prerelease_allowlist, formula.name), formula.name, formula.version] elsif cask [cask.tap&.audit_exception(:github_prerelease_allowlist, cask.token), cask.token, cask.version] end return "#{tag} is a GitHub pre-release." if release["prerelease"] && [version, "all"].exclude?(exception) if !release["prerelease"] && exception return "#{tag} is not a GitHub pre-release but '#{name}' is in the GitHub prerelease allowlist." end return "#{tag} is a GitHub draft." if release["draft"] end |
.github_release_data(user, repo, tag) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
26 27 28 29 30 31 32 33 34 35 36 37 |
# File 'utils/shared_audits.rb', line 26 def github_release_data(user, repo, tag) id = "#{user}/#{repo}/#{tag}" url = "#{GitHub::API_URL}/repos/#{user}/#{repo}/releases/tags/#{tag}" @github_release_data ||= {} @github_release_data[id] ||= GitHub::API.open_rest(url) @github_release_data[id] rescue GitHub::API::HTTPNotFoundError nil rescue GitHub::API::AuthenticationFailedError => e raise unless e..match?(GitHub::API::GITHUB_IP_ALLOWLIST_ERROR) end |
.github_repo_data(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
15 16 17 18 19 20 21 22 23 24 |
# File 'utils/shared_audits.rb', line 15 def github_repo_data(user, repo) @github_repo_data ||= {} @github_repo_data["#{user}/#{repo}"] ||= GitHub.repository(user, repo) @github_repo_data["#{user}/#{repo}"] rescue GitHub::API::HTTPNotFoundError nil rescue GitHub::API::AuthenticationFailedError => e raise unless e..match?(GitHub::API::GITHUB_IP_ALLOWLIST_ERROR) end |
.github_tag_from_url(url) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
158 159 160 161 162 163 164 165 166 167 |
# File 'utils/shared_audits.rb', line 158 def github_tag_from_url(url) url = url.to_s tag = url.match(%r{^https://github\.com/[\w-]+/[\w-]+/archive/([^/]+)\.(tar\.gz|zip)$}) .to_a .second tag ||= url.match(%r{^https://github\.com/[\w-]+/[\w-]+/releases/download/([^/]+)/}) .to_a .second tag end |
.gitlab(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
112 113 114 115 116 117 118 119 120 121 122 123 124 125 |
# File 'utils/shared_audits.rb', line 112 def gitlab(user, repo) = gitlab_repo_data(user, repo) return if .nil? return "GitLab fork (not canonical repository)" if ["fork"] if (["forks_count"] < 30) && (["star_count"] < 75) return "GitLab repository not notable enough (<30 forks and <75 stars)" end return if Date.parse(["created_at"]) <= (Date.today - 30) "GitLab repository too new (<30 days old)" end |
.gitlab_release(user, repo, tag, formula: nil, cask: nil) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'utils/shared_audits.rb', line 79 def gitlab_release(user, repo, tag, formula: nil, cask: nil) release = gitlab_release_data(user, repo, tag) return unless release return if DateTime.parse(release["released_at"]) <= DateTime.now exception, version = if formula [formula.tap&.audit_exception(:gitlab_prerelease_allowlist, formula.name), formula.version] elsif cask [cask.tap&.audit_exception(:gitlab_prerelease_allowlist, cask.token), cask.version] end return if [version, "all"].include?(exception) "#{tag} is a GitLab pre-release." end |
.gitlab_release_data(user, repo, tag) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
68 69 70 71 72 73 74 75 76 77 |
# File 'utils/shared_audits.rb', line 68 def gitlab_release_data(user, repo, tag) id = "#{user}/#{repo}/#{tag}" @gitlab_release_data ||= {} @gitlab_release_data[id] ||= begin out, _, status = Utils::Curl.curl_output( "https://gitlab.com/api/v4/projects/#{user}%2F#{repo}/releases/#{tag}", "--fail" ) JSON.parse(out) if status.success? end end |
.gitlab_repo_data(user, repo) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
58 59 60 61 62 63 64 65 66 |
# File 'utils/shared_audits.rb', line 58 def gitlab_repo_data(user, repo) @gitlab_repo_data ||= {} @gitlab_repo_data["#{user}/#{repo}"] ||= begin out, _, status = Utils::Curl.curl_output("https://gitlab.com/api/v4/projects/#{user}%2F#{repo}") json = JSON.parse(out) if status.success? json = nil if json&.dig("message")&.include?("404 Project Not Found") json end end |
.gitlab_tag_from_url(url) ⇒ Object
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
169 170 171 172 173 174 |
# File 'utils/shared_audits.rb', line 169 def gitlab_tag_from_url(url) url = url.to_s url.match(%r{^https://gitlab\.com/[\w-]+/[\w-]+/-/archive/([^/]+)/}) .to_a .second end |