diff --git a/Library/Homebrew/rubocops/checksum_cop.rb b/Library/Homebrew/rubocops/checksum_cop.rb index 17ce1e83e0..d9e81a4eff 100644 --- a/Library/Homebrew/rubocops/checksum_cop.rb +++ b/Library/Homebrew/rubocops/checksum_cop.rb @@ -5,55 +5,48 @@ module RuboCop module FormulaAudit class Checksum < FormulaCop def audit_formula(_node, _class_node, _parent_class_node, body_node) - %w[stable devel head].each do |name| - next unless spec_node = find_block(body_node, name.to_sym) - _, _, spec_body = *spec_node - audit_checksums(spec_body, name) - if name == "stable" - resource_blocks = find_blocks(body_node, :resource) + - find_all_blocks(spec_body, :resource) - else - resource_blocks = find_all_blocks(spec_body, :resource) - end - resource_blocks.each do |rb| - _, _, resource_body = *rb - audit_checksums(resource_body, name, string_content(parameters(rb).first)) - end + return if body_node.nil? + if method_called_ever?(body_node, :md5) + problem "MD5 checksums are deprecated, please use SHA256" + end + + if method_called_ever?(body_node, :sha1) + problem "SHA1 checksums are deprecated, please use SHA256" + end + + sha256_calls = find_every_method_call_by_name(body_node, :sha256) + sha256_calls.each do |sha256_call| + sha256_node = get_checksum_node(sha256_call) + audit_sha256(sha256_node) end end - def audit_checksums(node, spec, resource_name = nil) - msg_prefix = if resource_name - "#{spec} resource \"#{resource_name}\": " - else - "#{spec}: " - end - if find_node_method_by_name(node, :md5) - problem "#{msg_prefix}MD5 checksums are deprecated, please use SHA256" + def get_checksum_node(call) + return if parameters(call).empty? || parameters(call).nil? + if parameters(call).first.str_type? + parameters(call).first + elsif parameters(call).first.hash_type? + parameters(call).first.keys.first end + end - if find_node_method_by_name(node, :sha1) - problem "#{msg_prefix}SHA1 checksums are deprecated, please use SHA256" - end - - checksum_node = find_node_method_by_name(node, :sha256) - return if checksum_node.nil? - checksum = parameters(checksum_node).first - if string_content(checksum).size.zero? - problem "#{msg_prefix}sha256 is empty" + def audit_sha256(checksum) + return if checksum.nil? + if regex_match_group(checksum, /^$/) + problem "sha256 is empty" return end if string_content(checksum).size != 64 && regex_match_group(checksum, /^\w*$/) - problem "#{msg_prefix}sha256 should be 64 characters" + problem "sha256 should be 64 characters" end - unless regex_match_group(checksum, /^[a-f0-9]+$/i) - problem "#{msg_prefix}sha256 contains invalid characters" + if regex_match_group(checksum, /[^a-f0-9]+/i) + problem "sha256 contains invalid characters" end return unless regex_match_group(checksum, /[A-F]+/) - problem "#{msg_prefix}sha256 should be lowercase" + problem "sha256 should be lowercase" end end end diff --git a/Library/Homebrew/test/rubocops/checksum_cop_spec.rb b/Library/Homebrew/test/rubocops/checksum_cop_spec.rb index c2caab73a5..633f3117ac 100644 --- a/Library/Homebrew/test/rubocops/checksum_cop_spec.rb +++ b/Library/Homebrew/test/rubocops/checksum_cop_spec.rb @@ -23,15 +23,15 @@ describe RuboCop::Cop::FormulaAudit::Checksum do end EOS - expected_offenses = [{ message: "stable: sha256 is empty", + expected_offenses = [{ message: "sha256 is empty", severity: :convention, line: 5, - column: 4, + column: 12, source: source }, - { message: "stable resource \"foo-package\": sha256 is empty", + { message: "sha256 is empty", severity: :convention, line: 9, - column: 6, + column: 14, source: source }] inspect_source(cop, source) @@ -57,12 +57,12 @@ describe RuboCop::Cop::FormulaAudit::Checksum do end EOS - expected_offenses = [{ message: "stable: sha256 should be 64 characters", + expected_offenses = [{ message: "sha256 should be 64 characters", severity: :convention, line: 5, column: 12, source: source }, - { message: "stable resource \"foo-package\": sha256 should be 64 characters", + { message: "sha256 should be 64 characters", severity: :convention, line: 9, column: 14, @@ -91,15 +91,15 @@ describe RuboCop::Cop::FormulaAudit::Checksum do end EOS - expected_offenses = [{ message: "stable: sha256 contains invalid characters", + expected_offenses = [{ message: "sha256 contains invalid characters", severity: :convention, line: 5, - column: 4, + column: 31, source: source }, - { message: "stable resource \"foo-package\": sha256 contains invalid characters", + { message: "sha256 contains invalid characters", severity: :convention, line: 9, - column: 6, + column: 31, source: source }] inspect_source(cop, source) @@ -125,12 +125,12 @@ describe RuboCop::Cop::FormulaAudit::Checksum do end EOS - expected_offenses = [{ message: "stable: sha256 should be lowercase", + expected_offenses = [{ message: "sha256 should be lowercase", severity: :convention, line: 5, column: 21, source: source }, - { message: "stable resource \"foo-package\": sha256 should be lowercase", + { message: "sha256 should be lowercase", severity: :convention, line: 9, column: 20, @@ -163,7 +163,7 @@ describe RuboCop::Cop::FormulaAudit::Checksum do end EOS - expected_offenses = [{ message: "stable resource \"foo-outside\": sha256 should be lowercase", + expected_offenses = [{ message: "sha256 should be lowercase", severity: :convention, line: 5, column: 12,