| Age | Commit message (Collapse) | Author |
|---|
|
audit: Port audit_homepage method to rubocop and add tests
|
|
|
|
audit: fix dependency option detection.
|
|
Instead of trying to do this all with a single regex give up and do a
two stage process. Eventually I'll end up implementing a full ruby
parser here :troll:.
|
|
Check that a required versioned alias has a valid name (rather than
assuming it’s fine based on it’s existence alone) and check for
the presence of invalid version aliases.
This should handle the case where someone bumps a formula but forgets
to rename the alias that’s mentioned in #2596.
|
|
Attempt to improve Travis CI. This time without any vendoring gems
nonsense.
|
|
This reverts commit 3e4547f52e7ebec633f8bfefc8a396d944edf908, reversing
changes made to 6edf9382bcc1240ad6f97c8b752cfe56cef9965d.
|
|
This reverts commit 8d948e4b0b55912c592d34cb5ea83c649b1f9d5e, reversing
changes made to 2372872974d1049c2beafe7dedb7f8f882502058.
|
|
Tweak our Travis CI configuration and the one we suggest for taps to
be faster and use caching.
|
|
Homebrew's actually ended up using a fair few gems. While we want to
avoid Bundler at runtime (and this PR still does that, in fact uses
Bundler even less at runtime than it did before) writing our own version
to use at build-time seems redundant.
|
|
audit: Allow skipping/selective running of cops and cops refactor
|
|
|
|
|
|
|
|
Also refactor audit cops into two "departments"
- FormulaAudit
- FormulaAuditStrict
|
|
|
|
|
|
audit: formally ban go get usage
|
|
The status code of the last redirect should be 2xx to be deemed successful.
|
|
There's been an informal ban for a while but let's
be punchier because this crops up still.
|
|
Make sure that `if build.with?` isn't caught.
|
|
Update this to the current latest Travis CI supports (which we're using)
|
|
When auditing new formulae without `--new-formula` the
`audit_revision_and_version_scheme` method fails ungracefully. Instead,
set some better defaults so fewer checks are needed.
Fixes #2551.
|
|
This was removed in #2540 but this call site was note updated to use
the `search_taps` method instead.
|
|
audit: audit_components method to rubocops and tests
|
|
Another attempt at fixing `brew audit` issues around detecting
`revision` and `version_scheme` changes correctly. First done in #1754
and #2086 (reverted in #2099 and #2100).
To ease future debugging a `ph` helper has been added to print a hash
and a series of RSpec tests to verify that the `revision`,
`version_scheme` and `version` formula version audits behave as
expected.
Fixes #1731.
|
|
Hide sensitive tokens from install/test/post.
|
|
More deprecations.
|
|
|
|
audit: flip GNU mirror preference.
|
|
Hide these tokens to avoid malicious subprocesses e.g. sending them
over the network. Also, support using these tokens with environment
filtering and clear `HOMEBREW_PATH` from subprocesses to stop them
sniffing it. Finally, use `HOMEBREW_PATH` to detect Homebrew’s user’s
PATH for e.g. `brew doctor` etc.
|
|
Deprecate more methods. Internal APIs have been verified to be unused
elsewhere and removed. External APIs have had deprecation methods added.
Existing deprecations have been either upgraded to produce warnings or
no longer deprecated and the reasoning documented.
|
|
audit: lookup unversioned formulae with Formulary.
|
|
Now that both the primary and mirror URLs use HTTPS we can flip these
around so the primary URL is the primary URL and we don't have problems
with waiting for mirror propagation.
|
|
This means that if e.g. the unversioned formulae exists in another tap
this audit won't produce a false positive.
|
|
- Tweak the way offline skipping happens
- Skip more tests that break when offline
- Hide more stdout output from tests.
|
|
audit: ensure default dependencies don't use options.
|
|
Option dependencies are nasty as they cause unnecessary builds from
source.
|
|
We may under some circumstances accept these anyway but it's better to
nudge people into the right behaviours on local `audit`s.
|
|
Port OsxfuseRequirement to Linux
|
|
|
|
audit: allow skipping audit methods.
|
|
GitHub provides a description and homepage field so let `brew create`
use them where possible. Also, detect GitHub repositories based on
`releases` as well as `archive`s.
|
|
Add `--only` and `--except` methods which can be used to selectively
enable or disable audit groups.
|
|
audit: check for more universal usage.
|
|
audit: deprecate language module requirements.
|
|
|
|
As requested in #11462 by @neutric as this produces confusing,
incorrect output.
|
|
Make `brew audit` complain about language module requirements because
they provide a crappy user experience compared to vendoring and we’re
not really fixing bugs in them any more.
|
|
Also check for `ENV.universal_binary` and `build.universal?`. The prior
is still required for `wine` and the latter should never be required any
longer.
|
