audit: check test system calls are fully scoped.

This doesn't matter for everything but it does for the binaries that
are installed. Have a limited name/alias check when not installed and
a better one that iterates bin/sbin if installed.

Library/Homebrew/dev-cmd/audit.rb

@@ -725,6 +725,19 @@ class FormulaAuditor
       problem %q(use "xcodebuild *args" instead of "system 'xcodebuild', *args")
     end
 
+    bin_names = Set.new
+    bin_names << formula.name
+    bin_names += formula.aliases
+    [formula.bin, formula.sbin].each do |dir|
+      next unless dir.exist?
+      bin_names += dir.children.map(&:basename).map(&:to_s)
+    end
+    bin_names.each do |name|
+      if text =~ /test do.*system\s+['"]#{name}/m
+        problem %(fully scope test system calls e.g. system "\#{bin}/#{name}")
+      end
+    end
+
     if text =~ /xcodebuild[ (]["'*]/ && !text.include?("SYMROOT=")
       problem 'xcodebuild should be passed an explicit "SYMROOT"'
     end