rubocops/caveats: Disallow ANSI escape codes

Formula caveats text appears on formulae.brew.sh but escape characters, as used in ANSI escape codes, should not appear in HTML. This commit adds a RuboCop to disallow escape characters in the caveats text.
2023-01-16 01:24:23 -05:00 · 2023-01-16 01:24:23 -05:00 · a1993b9086
commit a1993b9086
parent 3e257890da
2 changed files with 28 additions and 2 deletions
--- a/Library/Homebrew/rubocops/caveats.rb
+++ b/Library/Homebrew/rubocops/caveats.rb
@ -27,10 +27,12 @@ module RuboCop
      class Caveats < FormulaCop
        def audit_formula(_node, _class_node, _parent_class_node, _body_node)
          caveats_strings.each do |n|
-            next unless regex_match_group(n, /\bsetuid\b/i)
-
+            if regex_match_group(n, /\bsetuid\b/i)
              problem "Don't recommend setuid in the caveats, suggest sudo instead."
            end
+
+            problem "Don't use ANSI escape codes in the caveats." if regex_match_group(n, /\e/)
+          end
        end
      end
    end
--- a/Library/Homebrew/test/rubocops/caveats_spec.rb
+++ b/Library/Homebrew/test/rubocops/caveats_spec.rb
@ -19,5 +19,29 @@ describe RuboCop::Cop::FormulaAudit::Caveats do
        end
      RUBY
    end
+
+    it "reports an offense if an escape character is present" do
+      expect_offense(<<~RUBY)
+        class Foo < Formula
+          homepage "https://brew.sh/foo"
+          url "https://brew.sh/foo-1.0.tgz"
+           def caveats
+            "\\x1B"
+            ^^^^^^ Don't use ANSI escape codes in the caveats.
+          end
+        end
+      RUBY
+
+      expect_offense(<<~RUBY)
+        class Foo < Formula
+          homepage "https://brew.sh/foo"
+          url "https://brew.sh/foo-1.0.tgz"
+           def caveats
+            "\\u001b"
+            ^^^^^^^^ Don't use ANSI escape codes in the caveats.
+          end
+        end
+      RUBY
+    end
  end
 end