1 files changed, 92 insertions, 7 deletions
diff --git a/Library/Homebrew/dev-cmd/audit.rb b/Library/Homebrew/dev-cmd/audit.rb
index fffe14b47..af1e4a71b 100644
--- a/Library/Homebrew/dev-cmd/audit.rb
+++ b/Library/Homebrew/dev-cmd/audit.rb
@@ -169,6 +169,33 @@ class FormulaAuditor
     @specs = %w[stable devel head].map { |s| formula.send(s) }.compact
   end
 
+  def url_status_code(url, range: false, user_agent: :default)
+    # The system Curl is too old and unreliable with HTTPS homepages on
+    # Yosemite and below.
+    return "200" unless DevelopmentTools.curl_handles_most_https_homepages?
+
+    extra_args = [
+      "--connect-timeout", "15",
+      "--output", "/dev/null",
+      "--write-out", "%{http_code}"
+    ]
+    extra_args << "--range" << "0-0" if range
+    extra_args << url
+
+    args = curl_args(
+      extra_args: extra_args,
+      show_output: true,
+      user_agent: user_agent
+    )
+    retries = 3
+    status_code = nil
+    retries.times do
+      status_code = Open3.popen3(*args) { |_, stdout, _, _| stdout.read }
+      break if status_code.start_with? "20"
+    end
+    status_code
+  end
+
   def audit_style
     return unless @style_offenses
     display_cop_names = ARGV.include?("--display-cop-names")
@@ -432,6 +459,14 @@ class FormulaAuditor
   end
 
   def audit_conflicts
+    if formula.conflicts.any? && formula.versioned_formula?
+      problem <<-EOS
+        Versioned formulae should not use `conflicts_with`.
+        Use `keg_only :versioned_formula` instead.
+      EOS
+      return
+    end
+
     formula.conflicts.each do |c|
       begin
         Formulary.factory(c.name)
@@ -454,6 +489,10 @@ class FormulaAuditor
 
       next unless @strict
 
+      if o.name == "universal" && !Formula["wine"].recursive_dependencies.map(&:name).include?(formula.name)
+        problem "macOS has been 64-bit only since 10.6 so universal options are deprecated."
+      end
+
       if o.name !~ /with(out)?-/ && o.name != "c++11" && o.name != "universal"
         problem "Options should begin with with/without. Migrate '--#{o.name}' with `deprecated_option`."
       end
@@ -466,7 +505,7 @@ class FormulaAuditor
 
     return unless @new_formula
     return if formula.deprecated_options.empty?
-    return if formula.name.include?("@")
+    return if formula.versioned_formula?
     problem "New formulae should not use `deprecated_option`."
   end
 
@@ -569,11 +608,10 @@ class FormulaAuditor
     end
 
     return unless @online
-    begin
-      nostdout { curl "--connect-timeout", "15", "-o", "/dev/null", homepage }
-    rescue ErrorDuringExecution
-      problem "The homepage is not reachable (curl exit code #{$?.exitstatus})"
-    end
+
+    status_code = url_status_code(homepage, user_agent: :browser)
+    return if status_code.start_with? "20"
+    problem "The homepage #{homepage} is not reachable (HTTP status code #{status_code})"
   end
 
   def audit_bottle_spec
@@ -652,11 +690,47 @@ class FormulaAuditor
       end
     end
 
+    unstable_whitelist = %w[
+      aalib 1.4rc5
+      automysqlbackup 3.0-rc6
+      aview 1.3.0rc1
+      distcc 3.2rc1
+      elm-format 0.5.2-alpha
+      ftgl 2.1.3-rc5
+      hidapi 0.8.0-rc1
+      libcaca 0.99b19
+      premake 4.4-beta5
+      pwnat 0.3-beta
+      pxz 4.999.9
+      recode 3.7-beta2
+      speexdsp 1.2rc3
+      sqoop 1.4.6
+      tcptraceroute 1.5beta7
+      testssl 2.8rc3
+      tiny-fugue 5.0b8
+      vbindiff 3.0_beta4
+    ].each_slice(2).to_a.map do |formula, version|
+      [formula, version.sub(/\d+$/, "")]
+    end
+
+    gnome_devel_whitelist = %w[
+      gtk-doc 1.25
+      libart 2.3.21
+      pygtkglext 1.1.0
+    ].each_slice(2).to_a.map do |formula, version|
+      [formula, version.split(".")[0..1].join(".")]
+    end
+
     stable = formula.stable
     case stable && stable.url
     when /[\d\._-](alpha|beta|rc\d)/
-      problem "Stable version URLs should not contain #{$1}"
+      matched = $1
+      version_prefix = stable.version.to_s.sub(/\d+$/, "")
+      return if unstable_whitelist.include?([formula.name, version_prefix])
+      problem "Stable version URLs should not contain #{matched}"
     when %r{download\.gnome\.org/sources}, %r{ftp\.gnome\.org/pub/GNOME/sources}i
+      version_prefix = stable.version.to_s.split(".")[0..1].join(".")
+      return if gnome_devel_whitelist.include?([formula.name, version_prefix])
       version = Version.parse(stable.url)
       if version >= Version.create("1.0")
         minor_version = version.to_s.split(".", 3)[1].to_i
@@ -789,6 +863,15 @@ class FormulaAuditor
       problem "Please set plist_options when using a formula-defined plist."
     end
 
+    if text =~ /depends_on\s+['"]openssl['"]/ && text =~ /depends_on\s+['"]libressl['"]/
+      problem "Formulae should not depend on both OpenSSL and LibreSSL (even optionally)."
+    end
+
+    if text =~ /virtualenv_(create|install_with_resources)/ &&
+       text =~ /resource\s+['"]setuptools['"]\s+do/
+      problem "Formulae using virtualenvs do not need a `setuptools` resource."
+    end
+
     return unless text.include?('require "language/go"') && !text.include?("go_resource")
     problem "require \"language/go\" is unnecessary unless using `go_resource`s"
   end
@@ -1018,6 +1101,8 @@ class FormulaAuditor
 
     return unless @strict
 
+    problem "`#{$1}` in formulae is deprecated" if line =~ /(env :(std|userpaths))/
+
     if line =~ /system ((["'])[^"' ]*(?:\s[^"' ]*)+\2)/
       bad_system = $1
       unless %w[| < > & ; *].any? { |c| bad_system.include? c }