From 3f43f60a2a52617bfc906f6f08863fce774a8583 Mon Sep 17 00:00:00 2001
From: William Woodruff
Date: Sun, 4 Feb 2018 21:54:49 -0500
Subject: audit: Warn on new formulae containing binary URLs

---
 Library/Homebrew/dev-cmd/audit.rb | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

(limited to 'Library/Homebrew/dev-cmd')

diff --git a/Library/Homebrew/dev-cmd/audit.rb b/Library/Homebrew/dev-cmd/audit.rb
index 9d0ed3c59..45de368e1 100644
--- a/Library/Homebrew/dev-cmd/audit.rb
+++ b/Library/Homebrew/dev-cmd/audit.rb
@@ -198,6 +198,8 @@ class FormulaAuditor
     @online = options[:online]
     # Accept precomputed style offense results, for efficiency
     @style_offenses = options[:style_offenses]
+    # Allow the actual official-ness of a formula to be overridden, for testing purposes
+    @official_tap = formula.tap&.official? || options[:official_tap]
     @problems = []
     @text = FormulaText.new(formula.path)
     @specs = %w[stable devel head].map { |s| formula.send(s) }.compact
@@ -304,7 +306,7 @@ class FormulaAuditor
   def audit_formula_name
     return unless @strict
     # skip for non-official taps
-    return unless formula.tap&.official?
+    return unless @official_tap
 
     name = formula.name
 
@@ -718,7 +720,7 @@ class FormulaAuditor
 
     return unless @strict
 
-    if formula.tap&.official? && line.include?("env :std")
+    if @official_tap && line.include?("env :std")
       problem "`env :std` in official tap formulae is deprecated"
     end
 
@@ -747,7 +749,7 @@ class FormulaAuditor
   def audit_reverse_migration
     # Only enforce for new formula being re-added to core and official taps
     return unless @strict
-    return unless formula.tap&.official?
+    return unless @official_tap
     return unless formula.tap.tap_migrations.key?(formula.name)
 
     problem <<~EOS
@@ -768,6 +770,18 @@ class FormulaAuditor
     EOS
   end
 
+  def audit_url_is_not_binary
+    return unless @official_tap
+
+    urls = @specs.map(&:url)
+
+    urls.each do |url|
+      if url =~ /darwin/i && (url =~ /x86_64/i || url =~ /amd64/i)
+        problem "#{url} looks like a binary package, not a source archive. Official taps are source-only."
+      end
+    end
+  end
+
   def quote_dep(dep)
     dep.is_a?(Symbol) ? dep.inspect : "'#{dep}'"
   end
-- 
cgit v1.2.3