From 899783b35ad39de9744830f9e3fd22af812fcd29 Mon Sep 17 00:00:00 2001
From: Rylan Polster <rslpolster@gmail.com>
Date: Tue, 17 Nov 2020 17:57:48 -0500
Subject: [PATCH 1/3] migrate license mismatch allowlist to Homebrew/core

---
 Library/Homebrew/formula_auditor.rb         |  8 ++------
 Library/Homebrew/test/dev-cmd/audit_spec.rb | 17 +++++++++++++++++
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb
index 8c193c4603..0392b11e7e 100644
--- a/Library/Homebrew/formula_auditor.rb
+++ b/Library/Homebrew/formula_auditor.rb
@@ -165,11 +165,6 @@ module Homebrew
       "LGPL-3.0" => ["LGPL-3.0-only", "LGPL-3.0-or-later"],
     }.freeze
 
-    PERMITTED_FORMULA_LICENSE_MISMATCHES = {
-      "cmockery" => "0.1.2",
-      "scw@1"    => "1.20",
-    }.freeze
-
     def audit_license
       if formula.license.present?
         licenses, exceptions = SPDX.parse_license_expression formula.license
@@ -213,7 +208,7 @@ module Homebrew
         return unless github_license
         return if (licenses + ["NOASSERTION"]).include?(github_license)
         return if PERMITTED_LICENSE_MISMATCHES[github_license]&.any? { |license| licenses.include? license }
-        return if PERMITTED_FORMULA_LICENSE_MISMATCHES[formula.name] == formula.version
+        return if tap_audit_exception :permitted_formula_license_mismatches, formula.name
 
         problem "Formula license #{licenses} does not match GitHub license #{Array(github_license)}."
 
@@ -821,6 +816,7 @@ module Homebrew
     end
 
     def tap_audit_exception(list, formula, value = nil)
+      return false if @tap_audit_exceptions.blank?
       return false unless @tap_audit_exceptions.key? list
 
       list = @tap_audit_exceptions[list]
diff --git a/Library/Homebrew/test/dev-cmd/audit_spec.rb b/Library/Homebrew/test/dev-cmd/audit_spec.rb
index 4548be2e0f..4a54b8d1a8 100644
--- a/Library/Homebrew/test/dev-cmd/audit_spec.rb
+++ b/Library/Homebrew/test/dev-cmd/audit_spec.rb
@@ -423,6 +423,23 @@ module Homebrew
           .to eq 'Formula license ["0BSD"] does not match GitHub license ["GPL-3.0"].'
       end
 
+      it "allows a formula-specified license that differes from its GitHub "\
+         "repository for formulae on the mismatched license allowlist" do
+        formula_text = <<~RUBY
+          class Cask < Formula
+            url "https://github.com/cask/cask/archive/v0.8.4.tar.gz"
+            head "https://github.com/cask/cask.git"
+            license "0BSD"
+          end
+        RUBY
+        fa = formula_auditor "cask", formula_text, spdx_license_data: spdx_license_data,
+                             online: true, core_tap: true, new_formula: true,
+                             tap_audit_exceptions: { permitted_formula_license_mismatches: ["cask"] }
+
+        fa.audit_license
+        expect(fa.problems).to be_empty
+      end
+
       it "checks online and detects that an array of license does not contain "\
         "what is indicated on its Github repository" do
         formula_text = <<~RUBY

From b0d10fdf28869e1f599e5e97ce2e9a1a8573d9a9 Mon Sep 17 00:00:00 2001
From: Rylan Polster <rslpolster@gmail.com>
Date: Tue, 17 Nov 2020 19:16:36 -0500
Subject: [PATCH 2/3] add audit tests for migrated audit exception lists

---
 Library/Homebrew/test/dev-cmd/audit_spec.rb | 85 +++++++++++++++++++++
 1 file changed, 85 insertions(+)

diff --git a/Library/Homebrew/test/dev-cmd/audit_spec.rb b/Library/Homebrew/test/dev-cmd/audit_spec.rb
index 4a54b8d1a8..026210603b 100644
--- a/Library/Homebrew/test/dev-cmd/audit_spec.rb
+++ b/Library/Homebrew/test/dev-cmd/audit_spec.rb
@@ -560,6 +560,91 @@ module Homebrew
       end
     end
 
+    describe "#audit_specs" do
+      let(:throttle_list) { { throttled_formulae: { "foo" => 10 } } }
+      let(:versioned_head_spec_list) { { versioned_head_spec_allowlist: ["foo"] } }
+
+      it "allows versions with no throttle rate" do
+        fa = formula_auditor "bar", <<~RUBY, core_tap: true, tap_audit_exceptions: throttle_list
+          class Bar < Formula
+            url "https://brew.sh/foo-1.0.1.tgz"
+          end
+        RUBY
+
+        fa.audit_specs
+        expect(fa.problems).to be_empty
+      end
+
+      it "allows major/minor versions with throttle rate" do
+        fa = formula_auditor "foo", <<~RUBY, core_tap: true, tap_audit_exceptions: throttle_list
+          class Foo < Formula
+            url "https://brew.sh/foo-1.0.0.tgz"
+          end
+        RUBY
+
+        fa.audit_specs
+        expect(fa.problems).to be_empty
+      end
+
+      it "allows patch versions to be multiples of the throttle rate" do
+        fa = formula_auditor "foo", <<~RUBY, core_tap: true, tap_audit_exceptions: throttle_list
+          class Foo < Formula
+            url "https://brew.sh/foo-1.0.10.tgz"
+          end
+        RUBY
+
+        fa.audit_specs
+        expect(fa.problems).to be_empty
+      end
+
+      it "doesn't allow patch versions that aren't multiples of the throttle rate" do
+        fa = formula_auditor "foo", <<~RUBY, core_tap: true, tap_audit_exceptions: throttle_list
+          class Foo < Formula
+            url "https://brew.sh/foo-1.0.1.tgz"
+          end
+        RUBY
+
+        fa.audit_specs
+        expect(fa.problems.first[:message]).to match "should only be updated every 10 releases on multiples of 10"
+      end
+
+      it "allows non-versioned formulae to have a `HEAD` spec" do
+        fa = formula_auditor "bar", <<~RUBY, core_tap: true, tap_audit_exceptions: versioned_head_spec_list
+          class Bar < Formula
+            url "https://brew.sh/foo-1.0.tgz"
+            head "https://brew.sh/foo-1.0.tgz"
+          end
+        RUBY
+
+        fa.audit_specs
+        expect(fa.problems).to be_empty
+      end
+
+      it "doesn't allow versioned formulae to have a `HEAD` spec" do
+        fa = formula_auditor "bar@1", <<~RUBY, core_tap: true, tap_audit_exceptions: versioned_head_spec_list
+          class BarAT1 < Formula
+            url "https://brew.sh/foo-1.0.tgz"
+            head "https://brew.sh/foo-1.0.tgz"
+          end
+        RUBY
+
+        fa.audit_specs
+        expect(fa.problems.first[:message]).to match "Versioned formulae should not have a `HEAD` spec"
+      end
+
+      it "allows ersioned formulae on the allowlist to have a `HEAD` spec" do
+        fa = formula_auditor "foo", <<~RUBY, core_tap: true, tap_audit_exceptions: versioned_head_spec_list
+          class Foo < Formula
+            url "https://brew.sh/foo-1.0.tgz"
+            head "https://brew.sh/foo-1.0.tgz"
+          end
+        RUBY
+
+        fa.audit_specs
+        expect(fa.problems).to be_empty
+      end
+    end
+
     describe "#audit_deps" do
       describe "a dependency on a macOS-provided keg-only formula" do
         describe "which is allowlisted" do

From 67e4e78f227873c8c4e49f37de1c8c9e58a3ee83 Mon Sep 17 00:00:00 2001
From: Rylan Polster <rslpolster@gmail.com>
Date: Wed, 18 Nov 2020 11:54:38 -0500
Subject: [PATCH 3/3] fix typo in audit tests

Co-authored-by: Mike McQuaid <mike@mikemcquaid.com>
Co-authored-by: Markus Reiter <me@reitermark.us>
---
 Library/Homebrew/test/dev-cmd/audit_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Library/Homebrew/test/dev-cmd/audit_spec.rb b/Library/Homebrew/test/dev-cmd/audit_spec.rb
index 026210603b..9e07867643 100644
--- a/Library/Homebrew/test/dev-cmd/audit_spec.rb
+++ b/Library/Homebrew/test/dev-cmd/audit_spec.rb
@@ -423,7 +423,7 @@ module Homebrew
           .to eq 'Formula license ["0BSD"] does not match GitHub license ["GPL-3.0"].'
       end
 
-      it "allows a formula-specified license that differes from its GitHub "\
+      it "allows a formula-specified license that differs from its GitHub "\
          "repository for formulae on the mismatched license allowlist" do
         formula_text = <<~RUBY
           class Cask < Formula