admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity

Merge pull request #4768 from reitermarkus/deprecate-gpg-stanza

Browse Source 
Deprecate `gpg` stanza.
This commit is contained in:
Markus Reiter 2018-09-03 21:21:23 +02:00 committed by GitHub
commit 654ad4690a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
23 changed files with 31 additions and 339 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Library/Homebrew/cask/lib/hbc/cask.rb
View File

@ -132,7 +132,6 @@ module Hbc
"depends_on" => depends_on,
"conflicts_with" => conflicts_with.to_a,
"container" => container,
"gpg" => gpg,
"accessibility_access" => accessibility_access,
"auto_updates" => auto_updates,
}

6
Library/Homebrew/cask/lib/hbc/dsl.rb
View File

@ -12,7 +12,6 @@ require "hbc/dsl/caveats"
require "hbc/dsl/conflicts_with"
require "hbc/dsl/container"
require "hbc/dsl/depends_on"
require "hbc/dsl/gpg"
require "hbc/dsl/postflight"
require "hbc/dsl/preflight"
require "hbc/dsl/uninstall_postflight"
@ -64,7 +63,6 @@ module Hbc
:conflicts_with,
:container,
:depends_on,
:gpg,
:homepage,
:language,
:languages,
@ -179,10 +177,6 @@ module Hbc
set_unique_stanza(:appcast, args.empty?) { DSL::Appcast.new(*args) }
end
def gpg(*args)
set_unique_stanza(:gpg, args.empty?) { DSL::Gpg.new(*args) }
end
def container(*args)
set_unique_stanza(:container, args.empty?) do
DSL::Container.new(*args)

47
Library/Homebrew/cask/lib/hbc/dsl/gpg.rb
View File

@ -1,47 +0,0 @@
module Hbc
class DSL
class Gpg
KEY_PARAMETERS = Set.new [
:key_id,
:key_url,
]
VALID_PARAMETERS = Set.new []
VALID_PARAMETERS.merge KEY_PARAMETERS
attr_accessor(*VALID_PARAMETERS)
attr_accessor :signature
def initialize(signature, parameters = {})
@parameters = parameters
@signature = URI(signature) unless signature == :embedded
parameters.each do |hkey, hvalue|
raise "invalid 'gpg' parameter: '#{hkey.inspect}'" unless VALID_PARAMETERS.include?(hkey)
writer_method = "#{hkey}=".to_sym
hvalue = URI(hvalue) if hkey == :key_url
valid_id?(hvalue) if hkey == :key_id
send(writer_method, hvalue)
end
return if KEY_PARAMETERS.intersection(parameters.keys).length == 1
raise "'gpg' stanza must include exactly one of: '#{KEY_PARAMETERS.to_a}'"
end
def valid_id?(id)
legal_lengths = Set.new [8, 16, 40]
is_valid = id.is_a?(String) && legal_lengths.include?(id.length) && id[/^[0-9a-f]+$/i]
raise "invalid ':key_id' value: '#{id.inspect}'" unless is_valid
is_valid
end
def to_yaml
# bug, :key_url value is not represented as an instance of URI
[@signature, @parameters].to_yaml
end
def to_s
@signature.to_s
end
end
end
end

30
Library/Homebrew/cask/lib/hbc/installer.rb
View File

@ -22,8 +22,6 @@ module Hbc
include Staged
include Verify
PERSISTENT_METADATA_SUBDIRS = ["gpg"].freeze
def initialize(cask, command: SystemCommand, force: false,
skip_cask_deps: false, binaries: true, verbose: false,
require_sha: false, upgrade: false,
@ -504,12 +502,12 @@ module Hbc
def backup_path
return if @cask.staged_path.nil?
Pathname.new "#{@cask.staged_path}.upgrading"
Pathname("#{@cask.staged_path}.upgrading")
end
def backup_metadata_path
return if @cask.metadata_versioned_path.nil?
Pathname.new "#{@cask.metadata_versioned_path}.upgrading"
Pathname("#{@cask.metadata_versioned_path}.upgrading")
end
def gain_permissions_remove(path)
@ -520,15 +518,13 @@ module Hbc
ohai "Purging files for version #{@cask.version} of Cask #{@cask}"
# versioned staged distribution
gain_permissions_remove(backup_path) if !backup_path.nil? && backup_path.exist?
gain_permissions_remove(backup_path) if backup_path&.exist?
# Homebrew-Cask metadata
if backup_metadata_path.directory?
backup_metadata_path.children.each do |subdir|
unless PERSISTENT_METADATA_SUBDIRS.include?(subdir.basename)
gain_permissions_remove(subdir)
end
end
return unless backup_metadata_path.directory?
backup_metadata_path.children.each do |subdir|
gain_permissions_remove(subdir)
end
backup_metadata_path.rmdir_if_possible
end
@ -537,18 +533,16 @@ module Hbc
ohai "Purging files for version #{@cask.version} of Cask #{@cask}"
# versioned staged distribution
gain_permissions_remove(@cask.staged_path) if !@cask.staged_path.nil? && @cask.staged_path.exist?
gain_permissions_remove(@cask.staged_path) if @cask.staged_path&.exist?
# Homebrew-Cask metadata
if @cask.metadata_versioned_path.respond_to?(:children) &&
@cask.metadata_versioned_path.exist?
if @cask.metadata_versioned_path.directory?
@cask.metadata_versioned_path.children.each do |subdir|
unless PERSISTENT_METADATA_SUBDIRS.include?(subdir.basename)
gain_permissions_remove(subdir)
end
gain_permissions_remove(subdir)
end
@cask.metadata_versioned_path.rmdir_if_possible
end
@cask.metadata_versioned_path.rmdir_if_possible
@cask.metadata_master_container_path.rmdir_if_possible unless upgrade?
# toplevel staged distribution

4
Library/Homebrew/cask/lib/hbc/verify.rb
View File

@ -1,5 +1,4 @@
require "hbc/verify/checksum"
require "hbc/verify/gpg"
module Hbc
module Verify
@ -7,8 +6,7 @@ module Hbc
def verifications
[
Hbc::Verify::Checksum
# TODO: Hbc::Verify::Gpg
Hbc::Verify::Checksum,
]
end

4
Library/Homebrew/cask/lib/hbc/verify/checksum.rb
View File

@ -18,7 +18,7 @@ module Hbc
def verify
return unless self.class.me?(cask)
ohai "Verifying checksum for Cask #{cask}"
ohai "Verifying SHA-256 checksum for Cask '#{cask}'."
verify_checksum
end
@ -36,7 +36,7 @@ module Hbc
raise CaskSha256MissingError.new(cask.token, expected, computed) if expected.nil? || expected.empty?
if expected == computed
odebug "SHA256 checksums match"
odebug "SHA-256 checksums match."
else
ohai 'Note: running "brew update" may fix sha256 checksum errors'
raise CaskSha256MismatchError.new(cask.token, expected, computed, downloaded_path)

64
Library/Homebrew/cask/lib/hbc/verify/gpg.rb
View File

@ -1,64 +0,0 @@
module Hbc
module Verify
class Gpg
def self.me?(cask)
cask.gpg
end
attr_reader :cask, :downloaded_path
def initialize(cask, downloaded_path, command = SystemCommand)
@command = command
@cask = cask
@downloaded_path = downloaded_path
end
def available?
return @available unless @available.nil?
@available = self.class.me?(cask) && installed?
end
def installed?
cmd = @command.run("/usr/bin/type",
args: ["-p", "gpg"])
# if `gpg` is found, return its absolute path
cmd.success? ? cmd.stdout : false
end
def fetch_sig(force = false)
unversioned_cask = cask.version.is_a?(Symbol)
cached = cask.metadata_subdir("gpg") unless unversioned_cask
meta_dir = cached || cask.metadata_subdir("gpg", :now, true)
sig_path = meta_dir.join("signature.asc")
curl_download cask.gpg.signature, to: sig_path unless cached || force
sig_path
end
def import_key
args = if cask.gpg.key_id
["--recv-keys", cask.gpg.key_id]
elsif cask.gpg.key_url
["--fetch-key", cask.gpg.key_url.to_s]
end
@command.run!("gpg", args: args)
end
def verify
return unless available? && cask.gpg.signature != :embedded
import_key
sig = fetch_sig
ohai "Verifying GPG signature for #{cask}"
@command.run!("gpg",
args: ["--verify", sig, downloaded_path],
print_stdout: true)
end
end
end
end

6
Library/Homebrew/compat/hbc/dsl.rb
View File

@ -1,8 +1,12 @@
module Hbc
class DSL
module Compat
def gpg(*)
odeprecated "the `gpg` stanza", disable_on: Time.new(2018, 12, 31)
end
def license(*)
odisabled "Hbc::DSL#license"
odisabled "the `license` stanza"
end
end

2
Library/Homebrew/test/cask/cli/install_spec.rb
View File

@ -8,7 +8,7 @@ describe Hbc::CLI::Install, :cask do
it "displays the installation progress" do
output = Regexp.new <<~EOS
==> Downloading file:.*caffeine.zip
==> Verifying checksum for Cask local-caffeine
==> Verifying SHA-256 checksum for Cask 'local-caffeine'.
==> Installing Cask local-caffeine
==> Moving App 'Caffeine.app' to '.*Caffeine.app'.
.*local-caffeine was successfully installed!

14
Library/Homebrew/test/cask/cli/internal_stanza_spec.rb
View File

@ -1,40 +1,40 @@
describe Hbc::CLI::InternalStanza, :cask do
it "shows stanza of the Specified Cask" do
command = described_class.new("gpg", "with-gpg")
command = described_class.new("homepage", "local-caffeine")
expect {
command.run
}.to output("https://example.com/gpg-signature.asc\n").to_stdout
}.to output("https://example.com/local-caffeine\n").to_stdout
end
it "raises an exception when stanza is unknown/unsupported" do
expect {
described_class.new("this_stanza_does_not_exist", "with-gpg")
described_class.new("this_stanza_does_not_exist", "local-caffeine")
}.to raise_error(%r{Unknown/unsupported stanza})
end
it "raises an exception when normal stanza is not present on cask" do
command = described_class.new("caveats", "with-gpg")
command = described_class.new("caveats", "local-caffeine")
expect {
command.run
}.to raise_error(/no such stanza/)
end
it "raises an exception when artifact stanza is not present on cask" do
command = described_class.new("zap", "with-gpg")
command = described_class.new("zap", "local-caffeine")
expect {
command.run
}.to raise_error(/no such stanza/)
end
it "raises an exception when 'depends_on' stanza is not present on cask" do
command = described_class.new("depends_on", "with-gpg")
command = described_class.new("depends_on", "local-caffeine")
expect {
command.run
}.to raise_error(/no such stanza/)
end
it "shows all artifact stanzas when using 'artifacts' keyword" do
command = described_class.new("artifacts", "with-gpg")
command = described_class.new("artifacts", "local-caffeine")
expect {
command.run
}.to output(/Caffeine\.app/).to_stdout

4
Library/Homebrew/test/cask/cli/reinstall_spec.rb
View File

@ -10,8 +10,8 @@ describe Hbc::CLI::Reinstall, :cask do
output = Regexp.new <<~EOS
==> Downloading file:.*caffeine.zip
Already downloaded: .*caffeine.zip
==> Verifying checksum for Cask local-caffeine
Already downloaded: .*--caffeine.zip
==> Verifying SHA-256 checksum for Cask 'local-caffeine'.
==> Uninstalling Cask local-caffeine
==> Backing App 'Caffeine.app' up to '.*Caffeine.app'.
==> Removing App '.*Caffeine.app'.

74
Library/Homebrew/test/cask/dsl_spec.rb
View File

@ -290,80 +290,6 @@ describe Hbc::DSL, :cask do
end
end
describe "GPG stanza" do
context "valid" do
let(:token) { "with-gpg" }
it "is allowed to be specified" do
expect(cask.gpg.to_s).to match(/\S/)
end
end
context "with :key_url" do
let(:token) { "with-gpg-key-url" }
it "is allowed to be specified" do
expect(cask.gpg.to_s).to match(/\S/)
end
end
context "specifying mmultiple times" do
let(:token) { "invalid/invalid-gpg-multiple-stanzas" }
it "is not allowed" do
expect { cask }.to raise_error(Hbc::CaskInvalidError, /'gpg' stanza may only appear once/)
end
end
context "missing GPG key parameters" do
let(:token) { "invalid/invalid-gpg-missing-key" }
it "refuses to load" do
expect { cask }.to raise_error(Hbc::CaskInvalidError, /'gpg' stanza must include exactly one/)
end
end
context "conflicting GPG key parameters" do
let(:token) { "invalid/invalid-gpg-conflicting-keys" }
it "refuses to load" do
expect { cask }.to raise_error(Hbc::CaskInvalidError, /'gpg' stanza must include exactly one/)
end
end
context "invalid GPG signature URLs" do
let(:token) { "invalid/invalid-gpg-signature-url" }
it "refuses to load" do
expect { cask }.to raise_error(Hbc::CaskInvalidError)
end
end
context "invalid GPG key URLs" do
let(:token) { "invalid/invalid-gpg-key-url" }
it "refuses to load" do
expect { cask }.to raise_error(Hbc::CaskInvalidError)
end
end
context "invalid GPG key IDs" do
let(:token) { "invalid/invalid-gpg-key-id" }
it "refuses to load" do
expect { cask }.to raise_error(Hbc::CaskInvalidError)
end
end
context "GPG parameter is unknown" do
let(:token) { "invalid/invalid-gpg-parameter" }
it "refuses to load" do
expect { cask }.to raise_error(Hbc::CaskInvalidError)
end
end
end
describe "depends_on stanza" do
let(:token) { "invalid/invalid-depends-on-key" }

2
Library/Homebrew/test/cask/installer_spec.rb
View File

@ -114,7 +114,7 @@ describe Hbc::Installer, :cask do
<<~EOS
==> Satisfying dependencies
==> Downloading file:#{HOMEBREW_LIBRARY_PATH}/test/support/fixtures/cask/caffeine.zip
==> Verifying checksum for Cask with-installer-manual
==> Verifying SHA-256 checksum for Cask 'with-installer-manual'.
==> Installing Cask with-installer-manual
To complete the installation of Cask with-installer-manual, you must also
run the installer at

12
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-gpg-conflicting-keys.rb
View File

@ -1,12 +0,0 @@
cask 'invalid-gpg-conflicting-keys' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/invalid-gpg-conflicting-keys'
gpg 'https://example.com/gpg-signature.asc',
key_id: '01234567',
key_url: 'https://example.com/gpg-key-url'
app 'Caffeine.app'
end

11
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-gpg-key-id.rb
View File

@ -1,11 +0,0 @@
cask 'invalid-gpg-key-id' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/invalid-gpg-key-id'
gpg 'https://example.com/gpg-signature.asc',
key_id: '012'
app 'Caffeine.app'
end

11
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-gpg-key-url.rb
View File

@ -1,11 +0,0 @@
cask 'invalid-gpg-key-url' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/invalid-gpg-key-url'
gpg 'https://example.com/gpg-signature.asc',
key_url: 1
app 'Caffeine.app'
end

10
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-gpg-missing-key.rb
View File

@ -1,10 +0,0 @@
cask 'invalid-gpg-missing-key' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/invalid-gpg-missing-keys'
gpg 'https://example.com/gpg-signature.asc'
app 'Caffeine.app'
end

13
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-gpg-multiple-stanzas.rb
View File

@ -1,13 +0,0 @@
cask 'invalid-gpg-multiple-stanzas' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/invalid-gpg-multiple-stanzas'
gpg 'https://example.com/gpg-signature.asc',
key_id: '01234567'
gpg 'https://example.com/gpg-signature.asc',
key_id: '01234567'
app 'Caffeine.app'
end

11
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-gpg-parameter.rb
View File

@ -1,11 +0,0 @@
cask 'invalid-gpg-parameter' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/invalid-gpg-type'
gpg 'https://example.com/gpg-signature.asc',
no_such_parameter: :value
app 'Caffeine.app'
end

11
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-gpg-signature-url.rb
View File

@ -1,11 +0,0 @@
cask 'invalid-gpg-signature-url' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/invalid-gpg-signature-url'
gpg 1,
key_id: '01234567'
app 'Caffeine.app'
end

11
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-gpg-type.rb
View File

@ -1,11 +0,0 @@
cask 'invalid-gpg-type' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/invalid-gpg-type'
gpg 'https://example.com/gpg-signature.asc',
no_such_parameter: :value
app 'Caffeine.app'
end

11
Library/Homebrew/test/support/fixtures/cask/Casks/with-gpg-key-url.rb
View File

@ -1,11 +0,0 @@
cask 'with-gpg-key-url' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/with-gpg-key-url'
gpg 'https://example.com/gpg-signature.asc',
key_url: 'https://example.com/gpg-key-url'
app 'Caffeine.app'
end

11
Library/Homebrew/test/support/fixtures/cask/Casks/with-gpg.rb
View File

@ -1,11 +0,0 @@
cask 'with-gpg' do
version '1.2.3'
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
homepage 'https://example.com/with-gpg'
gpg 'https://example.com/gpg-signature.asc',
key_id: '01234567'
app 'Caffeine.app'
end