brew/Library/Homebrew/rubocops/cask/url.rb

# typed: true # rubocop:todo Sorbet/StrictSigil
# frozen_string_literal: true

require "rubocops/shared/url_helper"

module RuboCop
  module Cop
    module Cask
      # This cop checks that a cask's `url` stanza is formatted correctly.
      #
      # ### Example
      #
      # ```ruby
      # # bad
      # url "https://example.com/download/foo.dmg",
      #     verified: "https://example.com/download"
      #
      # # good
      # url "https://example.com/download/foo.dmg",
      #     verified: "example.com/download/"
      # ```
      class Url < Base
        extend AutoCorrector
        extend Forwardable
        include OnUrlStanza
        include UrlHelper

        def on_url_stanza(stanza)
          return if stanza.stanza_node.block_type?

          url_stanza = stanza.stanza_node.first_argument
          hash_node = stanza.stanza_node.last_argument

          audit_url(:cask, [stanza.stanza_node], [], livecheck_url: false)

          return unless hash_node.hash_type?

          hash_node.each_pair do |key_node, value_node|
            next if key_node.source != "verified"
            next unless value_node.str_type?

            if value_node.source.start_with?(%r{^"https?://})
              add_offense(
                value_node.source_range,
                message: "Verified URL parameter value should not contain a URL scheme.",
              ) do |corrector|
                corrector.replace(value_node.source_range, value_node.source.gsub(%r{^"https?://}, "\""))
              end
            end

            # Skip if the URL and the verified value are the same.
            next if value_node.source == url_stanza.source.gsub(%r{^"https?://}, "\"")
            # Skip if the URL has two path components, e.g. `https://github.com/google/fonts.git`.
            next if url_stanza.source.gsub(%r{^"https?://}, "\"").count("/") == 2
            # Skip if the verified value ends with a slash.
            next if value_node.str_content.end_with?("/")

            add_offense(
              value_node.source_range,
              message: "Verified URL parameter value should end with a /.",
            ) do |corrector|
              corrector.replace(value_node.source_range, value_node.source.gsub(/"$/, "/\""))
            end
          end
        end
      end
    end
  end
end
rubocop: Use `Sorbet/StrictSigil` as it's better than comments - Previously I thought that comments were fine to discourage people from wasting their time trying to bump things that used `undef` that Sorbet didn't support. But RuboCop is better at this since it'll complain if the comments are unnecessary. - Suggested in https://github.com/Homebrew/brew/pull/18018#issuecomment-2283369501. - I've gone for a mixture of `rubocop:disable` for the files that can't be `typed: strict` (use of undef, required before everything else, etc) and `rubocop:todo` for everything else that should be tried to make strictly typed. There's no functional difference between the two as `rubocop:todo` is `rubocop:disable` with a different name. - And I entirely disabled the cop for the docs/ directory since `typed: strict` isn't going to gain us anything for some Markdown linting config files. - This means that now it's easier to track what needs to be done rather than relying on checklists of files in our big Sorbet issue: ```shell $ git grep 'typed: true # rubocop:todo Sorbet/StrictSigil' \| wc -l 268 ``` - And this is confirmed working for new files: ```shell $ git status On branch use-rubocop-for-sorbet-strict-sigils Untracked files: (use "git add <file>..." to include in what will be committed) Library/Homebrew/bad.rb Library/Homebrew/good.rb nothing added to commit but untracked files present (use "git add" to track) $ brew style Offenses: bad.rb:1:1: C: Sorbet/StrictSigil: Sorbet sigil should be at least strict got true. ^^^^^^^^^^^^^ 1340 files inspected, 1 offense detected ``` 2024-08-12 10:30:59 +01:00			`# typed: true # rubocop:todo Sorbet/StrictSigil`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`# frozen_string_literal: true`

feat: use shared checks for URL cop 2024-06-17 19:11:26 +02:00			`require "rubocops/shared/url_helper"`

rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`module RuboCop`
			`module Cop`
			`module Cask`
			# This cop checks that a cask's `url` stanza is formatted correctly.
			`#`
Warn about undocumented non-private APIs. 2024-04-26 20:55:51 +02:00			`# ### Example`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`#`
Warn about undocumented non-private APIs. 2024-04-26 20:55:51 +02:00			# ```ruby
			`# # bad`
			`# url "https://example.com/download/foo.dmg",`
			`# verified: "https://example.com/download"`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`#`
Warn about undocumented non-private APIs. 2024-04-26 20:55:51 +02:00			`# # good`
			`# url "https://example.com/download/foo.dmg",`
			`# verified: "example.com/download/"`
			# ```
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`class Url < Base`
			`extend AutoCorrector`
			`extend Forwardable`
			`include OnUrlStanza`
feat: use shared checks for URL cop 2024-06-17 19:11:26 +02:00			`include UrlHelper`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00
			`def on_url_stanza(stanza)`
			`return if stanza.stanza_node.block_type?`

Handle when the URL has interpolation: use `source` not `str_content` - We see this a lot in real Casks. 2023-04-02 23:00:14 +01:00			`url_stanza = stanza.stanza_node.first_argument`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`hash_node = stanza.stanza_node.last_argument`
feat: use shared checks for URL cop 2024-06-17 19:11:26 +02:00
			`audit_url(:cask, [stanza.stanza_node], [], livecheck_url: false)`

rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`return unless hash_node.hash_type?`

			`hash_node.each_pair do \|key_node, value_node\|`
brew style --fix 2023-04-18 15:06:50 -07:00			`next if key_node.source != "verified"`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`next unless value_node.str_type?`
rubocops/cask: Ensure that "verified" URLs with paths end with "/" - These were being fixed manually[1], so let's make a RuboCop for any further occurrences since this is a good rule to enforce[2]. [1] - https://github.com/Homebrew/homebrew-cask/pull/144179#issuecomment-1489857249 [2] - https://github.com/Homebrew/homebrew-cask/pull/80965#issuecomment-616232313 2023-04-02 15:29:17 +01:00
			`if value_node.source.start_with?(%r{^"https?://})`
			`add_offense(`
			`value_node.source_range,`
Simplify the 'should not start with https?://' message wording Co-authored-by: Markus Reiter <me@reitermark.us> 2023-04-02 22:43:52 +01:00			`message: "Verified URL parameter value should not contain a URL scheme.",`
rubocops/cask: Ensure that "verified" URLs with paths end with "/" - These were being fixed manually[1], so let's make a RuboCop for any further occurrences since this is a good rule to enforce[2]. [1] - https://github.com/Homebrew/homebrew-cask/pull/144179#issuecomment-1489857249 [2] - https://github.com/Homebrew/homebrew-cask/pull/80965#issuecomment-616232313 2023-04-02 15:29:17 +01:00			`) do \|corrector\|`
			`corrector.replace(value_node.source_range, value_node.source.gsub(%r{^"https?://}, "\""))`
			`end`
			`end`

Only 'verified' stanzas with 0 or >1 path components should end with "/" Handle good things like: ```ruby url "https://example.org/download", verified: "example.org/download" # This is fine. ``` And bad things like: ```ruby url "https://example.org/", verified: "example.org" # This should end with a slash. ``` 2023-04-02 19:39:23 +01:00			`# Skip if the URL and the verified value are the same.`
Handle when the URL has interpolation: use `source` not `str_content` - We see this a lot in real Casks. 2023-04-02 23:00:14 +01:00			`next if value_node.source == url_stanza.source.gsub(%r{^"https?://}, "\"")`
Lint Ruby docs. 2024-04-30 11:10:23 +02:00			# Skip if the URL has two path components, e.g. `https://github.com/google/fonts.git`.
Skip if the URL stanza has only two path components https://github.com/Homebrew/homebrew-cask-fonts/pull/7336#discussion_r1156325651 2023-04-04 16:11:44 +01:00			`next if url_stanza.source.gsub(%r{^"https?://}, "\"").count("/") == 2`
Only 'verified' stanzas with 0 or >1 path components should end with "/" Handle good things like: ```ruby url "https://example.org/download", verified: "example.org/download" # This is fine. ``` And bad things like: ```ruby url "https://example.org/", verified: "example.org" # This should end with a slash. ``` 2023-04-02 19:39:23 +01:00			`# Skip if the verified value ends with a slash.`
rubocops/cask: Ensure that "verified" URLs with paths end with "/" - These were being fixed manually[1], so let's make a RuboCop for any further occurrences since this is a good rule to enforce[2]. [1] - https://github.com/Homebrew/homebrew-cask/pull/144179#issuecomment-1489857249 [2] - https://github.com/Homebrew/homebrew-cask/pull/80965#issuecomment-616232313 2023-04-02 15:29:17 +01:00			`next if value_node.str_content.end_with?("/")`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00
			`add_offense(`
			`value_node.source_range,`
rubocops/cask: Ensure that "verified" URLs with paths end with "/" - These were being fixed manually[1], so let's make a RuboCop for any further occurrences since this is a good rule to enforce[2]. [1] - https://github.com/Homebrew/homebrew-cask/pull/144179#issuecomment-1489857249 [2] - https://github.com/Homebrew/homebrew-cask/pull/80965#issuecomment-616232313 2023-04-02 15:29:17 +01:00			`message: "Verified URL parameter value should end with a /.",`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`) do \|corrector\|`
rubocops/cask: Ensure that "verified" URLs with paths end with "/" - These were being fixed manually[1], so let's make a RuboCop for any further occurrences since this is a good rule to enforce[2]. [1] - https://github.com/Homebrew/homebrew-cask/pull/144179#issuecomment-1489857249 [2] - https://github.com/Homebrew/homebrew-cask/pull/80965#issuecomment-616232313 2023-04-02 15:29:17 +01:00			`corrector.replace(value_node.source_range, value_node.source.gsub(/"$/, "/\""))`
rubocops/cask: Disallow protocol in cask URL verified stanza - Apparently the "verified" parameter in the URL (present when a Cask's download URL is not the same as its homepage) shouldn't have the protocol (`https`, `http`) at the front. - Removing this has happened manually in the past, so here's an autocorrecting RuboCop for it. 2023-03-04 22:23:32 +00:00			`end`
			`end`
			`end`
			`end`
			`end`
			`end`
			`end`