Merge pull request #1402 from MikeMcQuaid/audit-system-test

audit: check test system calls are fully scoped.
author: Mike McQuaid 2016-10-30 13:30:03 -0400
committer: GitHub 2016-10-30 13:30:03 -0400
commit: 8d5df2ea8769f48fc8b9c145abc8fc1329a650cb (patch)
tree: a547911aafe13b3916096023c33dcc7fe5400f64
parent: 20c8c5958ec2491d85156acde5e57e745ae95874 (diff)
parent: 0bd0fec6a6387b7155b0823b58874da72ecbc096 (diff)
download: brew-8d5df2ea8769f48fc8b9c145abc8fc1329a650cb.tar.bz2
1 files changed, 13 insertions, 0 deletions
diff --git a/Library/Homebrew/dev-cmd/audit.rb b/Library/Homebrew/dev-cmd/audit.rb
index a6ca1f7cb..1fa583705 100644
--- a/Library/Homebrew/dev-cmd/audit.rb
+++ b/Library/Homebrew/dev-cmd/audit.rb
@@ -721,6 +721,19 @@ class FormulaAuditor
       problem %q(use "xcodebuild *args" instead of "system 'xcodebuild', *args")
     end
 
+    bin_names = Set.new
+    bin_names << formula.name
+    bin_names += formula.aliases
+    [formula.bin, formula.sbin].each do |dir|
+      next unless dir.exist?
+      bin_names += dir.children.map(&:basename).map(&:to_s)
+    end
+    bin_names.each do |name|
+      if text =~ /test do.*system\s+['"]#{name}/m
+        problem %(fully scope test system calls e.g. system "\#{bin}/#{name}")
+      end
+    end
+
     if text =~ /xcodebuild[ (]["'*]/ && !text.include?("SYMROOT=")
       problem 'xcodebuild should be passed an explicit "SYMROOT"'
     end
author	Mike McQuaid	2016-10-30 13:30:03 -0400
committer	GitHub	2016-10-30 13:30:03 -0400
commit	8d5df2ea8769f48fc8b9c145abc8fc1329a650cb (patch)
tree	a547911aafe13b3916096023c33dcc7fe5400f64
parent	20c8c5958ec2491d85156acde5e57e745ae95874 (diff)
parent	0bd0fec6a6387b7155b0823b58874da72ecbc096 (diff)
download	brew-8d5df2ea8769f48fc8b9c145abc8fc1329a650cb.tar.bz2