brew/Library/Homebrew/test/rubocops/zero_zero_zero_zero_spec.rb

# frozen_string_literal: true

require "rubocops/zero_zero_zero_zero"

RSpec.describe RuboCop::Cop::FormulaAudit::ZeroZeroZeroZero do
  subject(:cop) { described_class.new }

  it "reports no offenses when 0.0.0.0 is used inside test do blocks" do
    expect_no_offenses(<<~RUBY, "/homebrew-core/")
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        test do
          system "echo", "0.0.0.0"
        end
      end
    RUBY
  end

  it "reports no offenses for valid IP ranges like 10.0.0.0" do
    expect_no_offenses(<<~RUBY, "/homebrew-core/")
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        def install
          system "echo", "10.0.0.0"
        end
      end
    RUBY
  end

  it "reports no offenses for IP range notation like 0.0.0.0-255.255.255.255" do
    expect_no_offenses(<<~RUBY, "/homebrew-core/")
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        def install
          system "echo", "0.0.0.0-255.255.255.255"
        end
      end
    RUBY
  end

  it "reports no offenses for private IP ranges" do
    expect_no_offenses(<<~RUBY, "/homebrew-core/")
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        def install
          system "echo", "192.168.1.1"
          system "echo", "172.16.0.1"
          system "echo", "10.0.0.1"
        end
      end
    RUBY
  end

  it "reports no offenses when outside of homebrew-core" do
    expect_no_offenses(<<~RUBY)
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        service do
          run [bin/"foo", "--host", "0.0.0.0"]
        end
      end
    RUBY
  end

  it "reports offenses when 0.0.0.0 is used in service blocks" do
    expect_offense(<<~RUBY, "/homebrew-core/")
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        service do
          run [bin/"foo", "--host", "0.0.0.0"]
                                    ^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.
        end
      end
    RUBY
  end

  it "reports offenses when 0.0.0.0 is used outside of test do blocks" do
    expect_offense(<<~RUBY, "/homebrew-core/")
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        def install
          system "echo", "0.0.0.0"
                         ^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.
        end
      end
    RUBY
  end

  it "reports offenses for 0.0.0.0 in method definitions outside test blocks" do
    expect_offense(<<~RUBY, "/homebrew-core/")
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        def configure
          system "./configure", "--bind-address=0.0.0.0"
                                ^^^^^^^^^^^^^^^^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.
        end
      end
    RUBY
  end

  it "reports multiple offenses when 0.0.0.0 is used in multiple places" do
    expect_offense(<<~RUBY, "/homebrew-core/")
      class Foo < Formula
        url "https://brew.sh/foo-1.0.tgz"
        desc "A test formula"

        def install
          system "echo", "0.0.0.0"
                         ^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.
        end

        def post_install
          system "echo", "0.0.0.0"
                         ^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.
        end
      end
    RUBY
  end
end
Add ZeroZeroZeroZero cop Add a new RuboCop to detect the use of 0.0.0.0 in formulae which indicates binding to all network interfaces, internally or externally, so is a bad default and potentially a security risk. Co-authored-by: Issy Long <me@issylong.com> 2025-07-10 17:41:12 +01:00			`# frozen_string_literal: true`

			`require "rubocops/zero_zero_zero_zero"`

			`RSpec.describe RuboCop::Cop::FormulaAudit::ZeroZeroZeroZero do`
			`subject(:cop) { described_class.new }`

			`it "reports no offenses when 0.0.0.0 is used inside test do blocks" do`
			`expect_no_offenses(<<~RUBY, "/homebrew-core/")`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`test do`
			`system "echo", "0.0.0.0"`
			`end`
			`end`
			`RUBY`
			`end`

			`it "reports no offenses for valid IP ranges like 10.0.0.0" do`
			`expect_no_offenses(<<~RUBY, "/homebrew-core/")`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`def install`
			`system "echo", "10.0.0.0"`
			`end`
			`end`
			`RUBY`
			`end`

			`it "reports no offenses for IP range notation like 0.0.0.0-255.255.255.255" do`
			`expect_no_offenses(<<~RUBY, "/homebrew-core/")`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`def install`
			`system "echo", "0.0.0.0-255.255.255.255"`
			`end`
			`end`
			`RUBY`
			`end`

			`it "reports no offenses for private IP ranges" do`
			`expect_no_offenses(<<~RUBY, "/homebrew-core/")`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`def install`
			`system "echo", "192.168.1.1"`
			`system "echo", "172.16.0.1"`
			`system "echo", "10.0.0.1"`
			`end`
			`end`
			`RUBY`
			`end`

			`it "reports no offenses when outside of homebrew-core" do`
			`expect_no_offenses(<<~RUBY)`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`service do`
			`run [bin/"foo", "--host", "0.0.0.0"]`
			`end`
			`end`
			`RUBY`
			`end`

			`it "reports offenses when 0.0.0.0 is used in service blocks" do`
			`expect_offense(<<~RUBY, "/homebrew-core/")`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`service do`
			`run [bin/"foo", "--host", "0.0.0.0"]`
			`^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.`
			`end`
			`end`
			`RUBY`
			`end`

			`it "reports offenses when 0.0.0.0 is used outside of test do blocks" do`
			`expect_offense(<<~RUBY, "/homebrew-core/")`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`def install`
			`system "echo", "0.0.0.0"`
			`^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.`
			`end`
			`end`
			`RUBY`
			`end`

			`it "reports offenses for 0.0.0.0 in method definitions outside test blocks" do`
			`expect_offense(<<~RUBY, "/homebrew-core/")`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`def configure`
			`system "./configure", "--bind-address=0.0.0.0"`
			`^^^^^^^^^^^^^^^^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.`
			`end`
			`end`
			`RUBY`
			`end`

			`it "reports multiple offenses when 0.0.0.0 is used in multiple places" do`
			`expect_offense(<<~RUBY, "/homebrew-core/")`
			`class Foo < Formula`
			`url "https://brew.sh/foo-1.0.tgz"`
			`desc "A test formula"`

			`def install`
			`system "echo", "0.0.0.0"`
			`^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.`
			`end`

			`def post_install`
			`system "echo", "0.0.0.0"`
			`^^^^^^^^^ FormulaAudit/ZeroZeroZeroZero: Do not use 0.0.0.0 as it can be a security risk.`
			`end`
			`end`
			`RUBY`
			`end`
			`end`