1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
module Hbc
class CLI
class InternalAuditModifiedCasks < AbstractInternalCommand
RELEVANT_STANZAS = [:version, :sha256, :url, :appcast].freeze
option "--cleanup", :cleanup, false
def self.needs_init?
true
end
attr_accessor :commit_range
private :commit_range=
def initialize(*)
super
if args.count != 1
raise ArgumentError, <<~EOS
This command requires exactly one argument.
#{self.class.usage}
EOS
end
@commit_range = args.first
end
def self.help
"audit all modified Casks in a given commit range"
end
def self.usage
<<~EOS
Usage: brew cask _audit_modified_casks [options...] <commit range>
Given a range of Git commits, find any Casks that were modified and run `brew
cask audit' on them. If the `url', `version', or `sha256' stanzas were modified,
run with the `--download' flag to verify the hash.
Options:
-c, --cleanup
Remove all cached downloads. Use with care.
EOS
end
def run
Dir.chdir git_root do
modified_cask_files.zip(modified_casks).each do |cask_file, cask|
audit(cask, cask_file)
Cleanup.run(cask) if cleanup?
end
end
report_failures
end
def git_root
@git_root ||= git("rev-parse", "--show-toplevel")
end
def modified_cask_files
@modified_cask_files ||= git_filter_cask_files("AMR")
end
def added_cask_files
@added_cask_files ||= git_filter_cask_files("A")
end
def git_filter_cask_files(filter)
git("diff", "--name-only", "--diff-filter=#{filter}", commit_range,
"--", Pathname.new(git_root).join("Casks", "*.rb").to_s).split("\n")
end
def modified_casks
return @modified_casks if defined? @modified_casks
@modified_casks = modified_cask_files.map { |f| CaskLoader.load(f) }
if @modified_casks.any?
num_modified = @modified_casks.size
ohai "#{Formatter.pluralize(num_modified, "modified cask")}: " \
"#{@modified_casks.join(" ")}"
end
@modified_casks
end
def audit(cask, cask_file)
audit_download = audit_download?(cask, cask_file)
check_token_conflicts = added_cask_files.include?(cask_file)
success = Auditor.audit(cask, audit_download: audit_download,
check_token_conflicts: check_token_conflicts,
commit_range: commit_range)
failed_casks << cask unless success
end
def failed_casks
@failed_casks ||= []
end
def audit_download?(cask, cask_file)
cask.sha256 != :no_check && relevant_stanza_modified?(cask_file)
end
def relevant_stanza_modified?(cask_file)
out = git("diff", commit_range, "--", cask_file)
out =~ /^\+\s*(#{RELEVANT_STANZAS.join('|')})/
end
def git(*args)
odebug ["git", *args].join(" ")
out, err, status = Open3.capture3("git", *args)
return out.chomp if status.success?
odie err.chomp
end
def report_failures
return if failed_casks.empty?
num_failed = failed_casks.size
odie "audit failed for #{Formatter.pluralize(num_failed, "cask")}: " \
"#{failed_casks.join(" ")}"
end
end
end
end
|
