| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-03-26 | simplify the regex and make a line max 80 char long | Raza Hussain | |
| 2017-03-21 | Merge pull request #1732 from zmwangx/hint-migrations | Mike McQuaid | |
| Hint at new location of migrated formulae | |||
| 2017-03-21 | Merge pull request #2365 from MikeMcQuaid/audit-provided-by-macos | Mike McQuaid | |
| audit: check system dupe deps on new formulae. | |||
| 2017-03-20 | blacklist: move to missing_formula class instead. | Mike McQuaid | |
| This will allow extending this class so it can be used by more than just blacklisting. | |||
| 2017-03-19 | audit: deprecate depends_on :tex. | Mike McQuaid | |
| This has known issues with our `ghostscript` formula, we can't test it on CI and is a ludicrously heavy dependency that in many cases can be avoided by upstream providing prebuilt documentation. | |||
| 2017-03-19 | audit: check system dupe deps on new formulae. | Mike McQuaid | |
| Provide a gentle nudge to users to check if these dependencies are definitely required. | |||
| 2017-03-16 | audit: online - limit download time based on HTTPS determination | JCount | |
| Previously, the http_content_headers_and_checksum method always downloaded the entire url, including headers. These downloads periodically hang, outputting false positives or wreaking havoc on the CI. Therefore, use curl's --max-time arg to prevent this by setting a hard limit of 600 seconds when the entire file is going to be used to detect whether the url can be changed to use the HTTPS protocol instead of HTTP. Otherwise, if the url already is HTTPS, limit the download time to 25 seconds since only the headers, not contents, matter. | |||
| 2017-03-12 | Revert "audit: exempt wine's deps from the universal deprecation" | ilovezfs | |
| 2017-03-11 | Add `Formatter::pluralize`. | Markus Reiter | |
| 2017-03-08 | Merge pull request #2252 from zmwangx/audit-no-warn-brew-mirror-url | Mike McQuaid | |
| audit: do not warn about reachability of `brew mirror`ed URL | |||
| 2017-03-05 | audit: freeze versioned_conflicts_whitelist | JCount | |
| 2017-03-05 | audit: deconstruct versioned_conflicts_whitelist using splat | JCount | |
| 2017-03-05 | audit: whitelist bash-completion@* to use conflicts_with | JCount | |
| this is necessary because they install conflicting scripts into HOMEBREW_PREFIX/etc/profile.d | |||
| 2017-03-05 | Merge pull request #2262 from MikeMcQuaid/subversion-https-audit | Mike McQuaid | |
| Don't check Subversion HTTPS pre-Sierra. | |||
| 2017-03-05 | audit: whitelist node@* to use conflicts_with | ilovezfs | |
| Add exceptions for node@* versioned formulae to use conflicts_with instead of keg_only :versioned_formula since they, and the main node formula, all currently overwrite npm during postinstall. | |||
| 2017-03-05 | Don't check Subversion HTTPS pre-Sierra. | Mike McQuaid | |
| The system Subversion doesn't handle new certificate authorities (e.g. Let's Encrypt) well enough for this check to be useful. | |||
| 2017-03-04 | audit: do not warn about reachability of `brew mirror`ed URL | Zhiming Wang | |
| A `brew mirror`ed URL is usually not yet reachable at the time of pull request. | |||
| 2017-03-02 | audit: reject versions starting with HEAD | Jonathan Chang | |
| Many parts of Homebrew assume that a version string beginning with "HEAD" is, in fact, a head build. A stable version that begins with "HEAD" violates this assumption and causes problems, as it's treated as a head build in some places and as a stable build in others. | |||
| 2017-03-02 | Port audit_desc rules to cop | Gautham Goli | |
| 2017-02-27 | audit: fix audit on formulae without homepages | Misty De Meo | |
| 2017-02-26 | xcodebuild audit: match xcodebuild with no args | Misty De Meo | |
| Closes #2199. Signed-off-by: Misty De Meo <mistydemeo@gmail.com> | |||
| 2017-02-25 | Merge pull request #2107 from MikeMcQuaid/audit-version-aliases | Mike McQuaid | |
| audit: check for version aliases. | |||
| 2017-02-25 | audit: whitelist more unstable versions already in core | ilovezfs | |
| These were imported from homebrew/games. | |||
| 2017-02-24 | audit: don't try to HTTP check non-HTTP content. | Mike McQuaid | |
| 2017-02-24 | audit: use using for HTTPS detection. | Mike McQuaid | |
| 2017-02-23 | audit: further refactor http content checks. | Mike McQuaid | |
| Check homepages and don’t check mirrors unless `—strict`. | |||
| 2017-02-23 | audit: check for version aliases. | Mike McQuaid | |
| Current version aliases should be provided for versioned formulae so people can `brew install foo@1.2` to provide pin-like behaviour. | |||
| 2017-02-23 | audit: handle redirects in get_content_details. | Mike McQuaid | |
| 2017-02-23 | audit: refactor http content checks. | Mike McQuaid | |
| 2017-02-22 | Revert "audit: fix revision should be removed." | Mike McQuaid | |
| 2017-02-21 | Merge pull request #2086 from MikeMcQuaid/audit-revision-remove-fix | ilovezfs | |
| audit: fix revision should be removed. | |||
| 2017-02-21 | Revert "audit: check for version aliases." | ilovezfs | |
| 2017-02-21 | audit: fix revision should be removed. | Mike McQuaid | |
| Regression introduced in #1754 which meant that (due to storing the current formula revision in `attributes_map`) `stable_revisions.empty?` would never be `true`. | |||
| 2017-02-21 | audit: check for version aliases. | Mike McQuaid | |
| Current version aliases should be provided for versioned formulae so people can `brew install foo@1.2` to provide pin-like behaviour. | |||
| 2017-02-20 | audit: fix `brew style`. | Mike McQuaid | |
| 2017-02-20 | Merged 404 and security mirror auditing logic | David Broder-Rodgers | |
| 2017-02-20 | Prevent mirror curl for file:/// URL | David Broder-Rodgers | |
| 2017-02-20 | Use DownloadStrategyDetector to classify mirror URLs | David Broder-Rodgers | |
| 2017-02-20 | Added better check for HTTP git URLs | David Broder-Rodgers | |
| 2017-02-20 | Updated HTTP mirror check to use new url_status_code method | David Broder-Rodgers | |
| 2017-02-20 | Rubocop styling fixes | David Broder-Rodgers | |
| 2017-02-20 | Updated mirror audit problem message | David Broder-Rodgers | |
| 2017-02-20 | Added support for returning HTTP status codes and for git and svn URLs | David Broder-Rodgers | |
| 2017-02-20 | Markups to online mirror auditing | David Broder-Rodgers | |
| 2017-02-20 | Updated resource auditing to detect invalid mirrors when using --online | David Broder-Rodgers | |
| 2017-02-20 | audit: fix insecure mirror check when stdout is empty | ilovezfs | |
| 2017-02-20 | Merge pull request #1722 from broder/insecure_audit | Mike McQuaid | |
| Added check for insecure mirror URLs | |||
| 2017-02-15 | audit: fix brew style warning. | Mike McQuaid | |
| 2017-02-13 | fix existing rule for github.io homepages | Viktor Szakats | |
| 2017-02-13 | audit: enforce https for *.sourceforge.io urls | Viktor Szakats | |
 |
index : brew | |
| 🍺 The missing package manager for macOS |
| aboutsummaryrefslogtreecommitdiffstats |