From 726b4e14191aed00565992cba29cbf4785108cd6 Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Thu, 26 Nov 2020 14:21:17 -0500 Subject: [PATCH 1/8] Migrate PROVIDED_BY_MACOS_DEPENDS_ON_ALLOWLIST --- Library/Homebrew/formula_auditor.rb | 10 +--------- Library/Homebrew/test/dev-cmd/audit_spec.rb | 1 - 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb index bde37fe752..a4e8a96b5d 100644 --- a/Library/Homebrew/formula_auditor.rb +++ b/Library/Homebrew/formula_auditor.rb @@ -150,14 +150,6 @@ module Homebrew problem "Formula name conflicts with existing core formula." end - PROVIDED_BY_MACOS_DEPENDS_ON_ALLOWLIST = %w[ - apr - apr-util - libressl - openblas - openssl@1.1 - ].freeze - PERMITTED_LICENSE_MISMATCHES = { "AGPL-3.0" => ["AGPL-3.0-only", "AGPL-3.0-or-later"], "GPL-2.0" => ["GPL-2.0-only", "GPL-2.0-or-later"], @@ -265,7 +257,7 @@ module Homebrew dep_f.keg_only? && dep_f.keg_only_reason.provided_by_macos? && dep_f.keg_only_reason.applicable? && - !PROVIDED_BY_MACOS_DEPENDS_ON_ALLOWLIST.include?(dep.name) + !tap_audit_exception(:provided_by_macos_depends_on_allowlist, dep.name) new_formula_problem( "Dependency '#{dep.name}' is provided by macOS; " \ "please replace 'depends_on' with 'uses_from_macos'.", diff --git a/Library/Homebrew/test/dev-cmd/audit_spec.rb b/Library/Homebrew/test/dev-cmd/audit_spec.rb index 9a356f53b4..e6dcb09049 100644 --- a/Library/Homebrew/test/dev-cmd/audit_spec.rb +++ b/Library/Homebrew/test/dev-cmd/audit_spec.rb @@ -1011,7 +1011,6 @@ module Homebrew end # include_examples "formulae exist", described_class::VERSIONED_KEG_ONLY_ALLOWLIST - include_examples "formulae exist", described_class::PROVIDED_BY_MACOS_DEPENDS_ON_ALLOWLIST include_examples "formulae exist", described_class::UNSTABLE_ALLOWLIST.keys include_examples "formulae exist", described_class::GNOME_DEVEL_ALLOWLIST.keys end From 96cf0e5bcd3b5ec0e08495b990ab89c6b2f9c380 Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Thu, 26 Nov 2020 14:30:05 -0500 Subject: [PATCH 2/8] Migrate VERSIONED_DEPENDENCIES_CONFLICTS_ALLOWLIST --- Library/Homebrew/formula_auditor.rb | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb index a4e8a96b5d..1489a290ee 100644 --- a/Library/Homebrew/formula_auditor.rb +++ b/Library/Homebrew/formula_auditor.rb @@ -210,17 +210,6 @@ module Homebrew end end - # TODO: try to remove these, it's not a good user experience - VERSIONED_DEPENDENCIES_CONFLICTS_ALLOWLIST = %w[ - agda - anjuta - fdroidserver - gradio - predictionio - sqoop - visp - ].freeze - def audit_deps @specs.each do |spec| # Check for things we don't like to depend on. @@ -297,7 +286,7 @@ module Homebrew end return unless @core_tap - return if VERSIONED_DEPENDENCIES_CONFLICTS_ALLOWLIST.include?(formula.name) + return if tap_audit_exception :versioned_dependencies_conflicts_allowlist, formula.name # The number of conflicts on Linux is absurd. # TODO: remove this and check these there too. From e03d1606d6a3b12778e66ae6a3b78dd5a2252e4f Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Thu, 26 Nov 2020 14:43:06 -0500 Subject: [PATCH 3/8] Migrate VERSIONED_KEG_ONLY_ALLOWLIST --- Library/Homebrew/formula_auditor.rb | 17 +---------------- Library/Homebrew/test/dev-cmd/audit_spec.rb | 1 - 2 files changed, 1 insertion(+), 17 deletions(-) diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb index 1489a290ee..5e84898ab8 100644 --- a/Library/Homebrew/formula_auditor.rb +++ b/Library/Homebrew/formula_auditor.rb @@ -347,21 +347,6 @@ module Homebrew end end - # openssl@1.1 only needed for Linux - VERSIONED_KEG_ONLY_ALLOWLIST = %w[ - autoconf@2.13 - bash-completion@2 - clang-format@8 - gnupg@1.4 - libsigc++@2 - lua@5.1 - numpy@1.16 - openssl@1.1 - python@3.8 - python@3.9 - cairomm@1.14 - ].freeze - def audit_versioned_keg_only return unless @versioned_formula return unless @core_tap @@ -374,7 +359,7 @@ module Homebrew end end - return if VERSIONED_KEG_ONLY_ALLOWLIST.include?(formula.name) + return if tap_audit_exception :versioned_keg_only_allowlist, formula.name return if formula.name.start_with?("adoptopenjdk@") return if formula.name.start_with?("gcc@") diff --git a/Library/Homebrew/test/dev-cmd/audit_spec.rb b/Library/Homebrew/test/dev-cmd/audit_spec.rb index e6dcb09049..c4e02baa8f 100644 --- a/Library/Homebrew/test/dev-cmd/audit_spec.rb +++ b/Library/Homebrew/test/dev-cmd/audit_spec.rb @@ -1010,7 +1010,6 @@ module Homebrew end end - # include_examples "formulae exist", described_class::VERSIONED_KEG_ONLY_ALLOWLIST include_examples "formulae exist", described_class::UNSTABLE_ALLOWLIST.keys include_examples "formulae exist", described_class::GNOME_DEVEL_ALLOWLIST.keys end From c4faac4b2f98e2500ff34a04598a60fb3fe01a84 Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Thu, 26 Nov 2020 15:01:24 -0500 Subject: [PATCH 4/8] Migrate CERT_ERROR_ALLOWLIST --- Library/Homebrew/formula_auditor.rb | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb index 5e84898ab8..3369d5adcc 100644 --- a/Library/Homebrew/formula_auditor.rb +++ b/Library/Homebrew/formula_auditor.rb @@ -366,14 +366,6 @@ module Homebrew problem "Versioned formulae in homebrew/core should use `keg_only :versioned_formula`" end - CERT_ERROR_ALLOWLIST = { - "hashcat" => "https://hashcat.net/hashcat/", - "jinx" => "https://www.jinx-lang.org/", - "lmod" => "https://www.tacc.utexas.edu/research-development/tacc-projects/lmod", - "micropython" => "https://www.micropython.org/", - "monero" => "https://www.getmonero.org/", - }.freeze - def audit_homepage homepage = formula.homepage @@ -381,7 +373,7 @@ module Homebrew return unless @online - return if CERT_ERROR_ALLOWLIST[formula.name] == homepage + return if tap_audit_exception :cert_error_allowlist, formula.name, homepage return unless DevelopmentTools.curl_handles_most_https_certificates? From 71beff367adb0838707d6625c4f68e04b7f44b99 Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Thu, 26 Nov 2020 15:18:06 -0500 Subject: [PATCH 5/8] Migrate UNSTABLE_ALLOWLIST --- Library/Homebrew/formula_auditor.rb | 20 +------------------- Library/Homebrew/test/dev-cmd/audit_spec.rb | 1 - 2 files changed, 1 insertion(+), 20 deletions(-) diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb index 3369d5adcc..c982fb6a77 100644 --- a/Library/Homebrew/formula_auditor.rb +++ b/Library/Homebrew/formula_auditor.rb @@ -477,24 +477,6 @@ module Homebrew [user, repo] end - UNSTABLE_ALLOWLIST = { - "aalib" => "1.4rc", - "automysqlbackup" => "3.0-rc", - "aview" => "1.3.0rc", - "elm-format" => "0.6.0-alpha", - "ftgl" => "2.1.3-rc", - "hidapi" => "0.8.0-rc", - "libcaca" => "0.99b", - "premake" => "4.4-beta", - "pwnat" => "0.3-beta", - "recode" => "3.7-beta", - "speexdsp" => "1.2rc", - "sqoop" => "1.4.", - "tcptraceroute" => "1.5beta", - "tiny-fugue" => "5.0b", - "vbindiff" => "3.0_beta", - }.freeze - # Used for formulae that are unstable but need CI run without being in homebrew/core UNSTABLE_DEVEL_ALLOWLIST = { }.freeze @@ -570,7 +552,7 @@ module Homebrew when /[\d._-](alpha|beta|rc\d)/ matched = Regexp.last_match(1) version_prefix = stable_version_string.sub(/\d+$/, "") - return if UNSTABLE_ALLOWLIST[formula.name] == version_prefix + return if tap_audit_exception :unstable_allowlist, formula.name, version_prefix return if UNSTABLE_DEVEL_ALLOWLIST[formula.name] == version_prefix problem "Stable version URLs should not contain #{matched}" diff --git a/Library/Homebrew/test/dev-cmd/audit_spec.rb b/Library/Homebrew/test/dev-cmd/audit_spec.rb index c4e02baa8f..c1a17089f4 100644 --- a/Library/Homebrew/test/dev-cmd/audit_spec.rb +++ b/Library/Homebrew/test/dev-cmd/audit_spec.rb @@ -1010,7 +1010,6 @@ module Homebrew end end - include_examples "formulae exist", described_class::UNSTABLE_ALLOWLIST.keys include_examples "formulae exist", described_class::GNOME_DEVEL_ALLOWLIST.keys end end From de26310b327c28805c69b86404751484d0aef1f4 Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Thu, 26 Nov 2020 15:26:12 -0500 Subject: [PATCH 6/8] Migrate UNSTABLE_DEVEL_ALLOWLIST --- Library/Homebrew/formula_auditor.rb | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb index c982fb6a77..a15ca4b78a 100644 --- a/Library/Homebrew/formula_auditor.rb +++ b/Library/Homebrew/formula_auditor.rb @@ -477,10 +477,6 @@ module Homebrew [user, repo] end - # Used for formulae that are unstable but need CI run without being in homebrew/core - UNSTABLE_DEVEL_ALLOWLIST = { - }.freeze - GNOME_DEVEL_ALLOWLIST = { "libart" => "2.3", "gtk-mac-integration" => "2.1", @@ -553,7 +549,7 @@ module Homebrew matched = Regexp.last_match(1) version_prefix = stable_version_string.sub(/\d+$/, "") return if tap_audit_exception :unstable_allowlist, formula.name, version_prefix - return if UNSTABLE_DEVEL_ALLOWLIST[formula.name] == version_prefix + return if tap_audit_exception :unstable_devel_allowlist, formula.name, version_prefix problem "Stable version URLs should not contain #{matched}" when %r{download\.gnome\.org/sources}, %r{ftp\.gnome\.org/pub/GNOME/sources}i From fe8ce9b725406467689e43ea29dfe7702b168e0b Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Thu, 26 Nov 2020 15:33:32 -0500 Subject: [PATCH 7/8] Migrate GNOME_DEVEL_ALLOWLIST --- Library/Homebrew/formula_auditor.rb | 10 +--------- Library/Homebrew/test/dev-cmd/audit_spec.rb | 2 -- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb index a15ca4b78a..9ec59bcbe9 100644 --- a/Library/Homebrew/formula_auditor.rb +++ b/Library/Homebrew/formula_auditor.rb @@ -477,14 +477,6 @@ module Homebrew [user, repo] end - GNOME_DEVEL_ALLOWLIST = { - "libart" => "2.3", - "gtk-mac-integration" => "2.1", - "gtk-doc" => "1.31", - "gcab" => "1.3", - "libepoxy" => "1.5", - }.freeze - def audit_specs problem "Head-only (no stable download)" if head_only?(formula) @@ -554,7 +546,7 @@ module Homebrew problem "Stable version URLs should not contain #{matched}" when %r{download\.gnome\.org/sources}, %r{ftp\.gnome\.org/pub/GNOME/sources}i version_prefix = stable.version.major_minor - return if GNOME_DEVEL_ALLOWLIST[formula.name] == version_prefix + return if tap_audit_exception :gnome_devel_allowlist, formula.name, version_prefix return if stable_url_version < Version.create("1.0") return if stable_url_minor_version.even? diff --git a/Library/Homebrew/test/dev-cmd/audit_spec.rb b/Library/Homebrew/test/dev-cmd/audit_spec.rb index c1a17089f4..ed6d55ee24 100644 --- a/Library/Homebrew/test/dev-cmd/audit_spec.rb +++ b/Library/Homebrew/test/dev-cmd/audit_spec.rb @@ -1009,7 +1009,5 @@ module Homebrew expect(fa.problems).to be_empty end end - - include_examples "formulae exist", described_class::GNOME_DEVEL_ALLOWLIST.keys end end From 685efd5a67e8dcf73391c765d205e4cb560df272 Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Fri, 27 Nov 2020 11:55:53 -0500 Subject: [PATCH 8/8] Remove hardcoded exceptions to the versioned_keg_only_allowlist --- Library/Homebrew/formula_auditor.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/Library/Homebrew/formula_auditor.rb b/Library/Homebrew/formula_auditor.rb index 9ec59bcbe9..1835029ae4 100644 --- a/Library/Homebrew/formula_auditor.rb +++ b/Library/Homebrew/formula_auditor.rb @@ -360,8 +360,6 @@ module Homebrew end return if tap_audit_exception :versioned_keg_only_allowlist, formula.name - return if formula.name.start_with?("adoptopenjdk@") - return if formula.name.start_with?("gcc@") problem "Versioned formulae in homebrew/core should use `keg_only :versioned_formula`" end