From 4013da3128e1973c389486ecadc3904d8ce4c7ea Mon Sep 17 00:00:00 2001 From: Lionell Date: Wed, 1 Jul 2020 21:45:47 +0800 Subject: [PATCH 01/27] license-bl: new blacklist env var --- Library/Homebrew/env_config.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Library/Homebrew/env_config.rb b/Library/Homebrew/env_config.rb index 108218aed0..7f613779fb 100644 --- a/Library/Homebrew/env_config.rb +++ b/Library/Homebrew/env_config.rb @@ -111,6 +111,10 @@ module Homebrew description: "Output this many lines of output on formula `system` failures.", default: 15, }, + HOMEBREW_FORBIDDEN_LICENSES: { + description: "Use this environment variable to define a blacklist of space separated licenses and Homebrew " \ + "will avoid installing the packages with those licenses.", + }, HOMEBREW_FORCE_BREWED_CURL: { description: "If set, always use a Homebrew-installed `curl`(1) rather than the system version. " \ "Automatically set if the system version of `curl` is too old.", From 589524254bdf730ddfc2246f5cc3bb642e730c43 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 2 Jul 2020 00:07:57 +0800 Subject: [PATCH 02/27] WIP: can detect violation --- Library/Homebrew/cmd/install.rb | 41 +++++++++++++++++++++++++++++---- 1 file changed, 36 insertions(+), 5 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index a608b72ea9..8c838b5f46 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -95,7 +95,6 @@ module Homebrew def install install_args.parse - args.named.each do |name| next if File.exist?(name) next if name !~ HOMEBREW_TAP_FORMULA_REGEX && name !~ HOMEBREW_CASK_TAP_CASK_REGEX @@ -259,6 +258,7 @@ module Homebrew formulae.each do |f| Migrator.migrate_if_needed(f) + licenses_not_blisted(f) install_formula(f) Cleanup.install_formula_clean!(f) end @@ -330,10 +330,11 @@ module Homebrew fi.build_bottle = args.build_bottle? fi.interactive = args.interactive? fi.git = args.git? - fi.prelude - fi.fetch - fi.install - fi.finish + # fi.prelude + # fi.fetch + # fi.install + # fi.finish + rescue FormulaInstallationAlreadyAttemptedError # We already attempted to install f as part of the dependency tree of # another formula. In that case, don't generate an error, just move on. @@ -342,3 +343,33 @@ module Homebrew ofail e.message end end + +def licenses_not_blisted(f) + puts f.class + puts "licenses not blisted running" + license_blist = ENV["HOMEBREW_FORBIDDEN_LICENSES"].split(" ") + fi = FormulaInstaller.new(f) + stack = [fi] + dep_graph = {} + until stack.blank? + fi = stack.pop() + # p "#{fi.formula.name} | Children: #{fi.compute_dependencies}" + fi.compute_dependencies.each do |dep_child, _| + dep_graph[dep_child.name] = fi.formula.name + stack << FormulaInstaller.new(dep_child.to_formula) + p dep_child.name + if license_blist.include? dep_child.to_formula().license + p "VIOLATION #{dep_child.name}" + dep_lineage = [dep_child.name] + curr_dep = dep_child.name + until dep_graph[curr_dep].blank? + curr_dep = dep_graph[curr_dep] + dep_lineage << curr_dep + end + p dep_lineage.reverse.map{ |dep|}.compact + end + end + end + + +end \ No newline at end of file From ed42ed5265612a530045b3252aee160607997883 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 2 Jul 2020 00:12:17 +0800 Subject: [PATCH 03/27] do away with DFS since compute_dep already does it --- Library/Homebrew/cmd/install.rb | 30 +++++------------------------- 1 file changed, 5 insertions(+), 25 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index 8c838b5f46..917d44fbec 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -258,7 +258,7 @@ module Homebrew formulae.each do |f| Migrator.migrate_if_needed(f) - licenses_not_blisted(f) + forbidden_license_check(f) unless ENV["HOMEBREW_FORBIDDEN_LICENSES"].blank? install_formula(f) Cleanup.install_formula_clean!(f) end @@ -344,32 +344,12 @@ module Homebrew end end -def licenses_not_blisted(f) - puts f.class - puts "licenses not blisted running" +def forbidden_license_check(f) license_blist = ENV["HOMEBREW_FORBIDDEN_LICENSES"].split(" ") fi = FormulaInstaller.new(f) - stack = [fi] - dep_graph = {} - until stack.blank? - fi = stack.pop() - # p "#{fi.formula.name} | Children: #{fi.compute_dependencies}" - fi.compute_dependencies.each do |dep_child, _| - dep_graph[dep_child.name] = fi.formula.name - stack << FormulaInstaller.new(dep_child.to_formula) - p dep_child.name - if license_blist.include? dep_child.to_formula().license - p "VIOLATION #{dep_child.name}" - dep_lineage = [dep_child.name] - curr_dep = dep_child.name - until dep_graph[curr_dep].blank? - curr_dep = dep_graph[curr_dep] - dep_lineage << curr_dep - end - p dep_lineage.reverse.map{ |dep|}.compact - end + fi.compute_dependencies.each do |dep, _| + if license_blist.include? dep.to_formula().license + p "VIOLATION #{dep.name}" end end - - end \ No newline at end of file From e9ff0fac430f9a25885012074e1a7af3f3fd96a6 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 2 Jul 2020 00:19:54 +0800 Subject: [PATCH 04/27] license-forbidden: style fixes --- Library/Homebrew/cmd/install.rb | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index 917d44fbec..42af74c223 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -95,6 +95,7 @@ module Homebrew def install install_args.parse + args.named.each do |name| next if File.exist?(name) next if name !~ HOMEBREW_TAP_FORMULA_REGEX && name !~ HOMEBREW_CASK_TAP_CASK_REGEX @@ -330,11 +331,10 @@ module Homebrew fi.build_bottle = args.build_bottle? fi.interactive = args.interactive? fi.git = args.git? - # fi.prelude - # fi.fetch - # fi.install - # fi.finish - + fi.prelude + fi.fetch + fi.install + fi.finish rescue FormulaInstallationAlreadyAttemptedError # We already attempted to install f as part of the dependency tree of # another formula. In that case, don't generate an error, just move on. @@ -345,11 +345,14 @@ module Homebrew end def forbidden_license_check(f) - license_blist = ENV["HOMEBREW_FORBIDDEN_LICENSES"].split(" ") + forbidden_licenses = ENV["HOMEBREW_FORBIDDEN_LICENSES"].split(" ") fi = FormulaInstaller.new(f) fi.compute_dependencies.each do |dep, _| - if license_blist.include? dep.to_formula().license - p "VIOLATION #{dep.name}" - end + dep_f = dep.to_formula + next unless forbidden_licenses.include? dep_f.license + + raise CannotInstallFormulaError, <<~EOS + #The installation of {f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license} + EOS end -end \ No newline at end of file +end From 80887e649b5ad17871ff53cc47e941925fe1e1fe Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 2 Jul 2020 00:25:48 +0800 Subject: [PATCH 05/27] licence-forbidden: consider directly contain forbidden licenses --- Library/Homebrew/cmd/install.rb | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index 42af74c223..9976d5bd64 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -346,13 +346,20 @@ end def forbidden_license_check(f) forbidden_licenses = ENV["HOMEBREW_FORBIDDEN_LICENSES"].split(" ") + + if forbidden_licenses.include? f.license + raise CannotInstallFormulaError , <<~EOS + #{f.name} has a forbidden license #{f.license}. + EOS + end + fi = FormulaInstaller.new(f) fi.compute_dependencies.each do |dep, _| dep_f = dep.to_formula next unless forbidden_licenses.include? dep_f.license raise CannotInstallFormulaError, <<~EOS - #The installation of {f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license} + The installation of #{f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license}. EOS end end From aaa51fb71e0982383f1e954f462a47e5d00c631d Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 2 Jul 2020 00:26:24 +0800 Subject: [PATCH 06/27] license-forbidden: indent style --- Library/Homebrew/cmd/install.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index 9976d5bd64..fe1eea882c 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -348,8 +348,8 @@ def forbidden_license_check(f) forbidden_licenses = ENV["HOMEBREW_FORBIDDEN_LICENSES"].split(" ") if forbidden_licenses.include? f.license - raise CannotInstallFormulaError , <<~EOS - #{f.name} has a forbidden license #{f.license}. + raise CannotInstallFormulaError, <<~EOS + #{f.name} has a forbidden license #{f.license}. EOS end From d24f911410809633114fd85571c2758247ffaaf3 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 2 Jul 2020 00:31:31 +0800 Subject: [PATCH 07/27] man pages --- manpages/brew.1 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/manpages/brew.1 b/manpages/brew.1 index 525eeddfd8..ca41e7ba4b 100644 --- a/manpages/brew.1 +++ b/manpages/brew.1 @@ -1799,6 +1799,10 @@ Output this many lines of output on formula \fBsystem\fR failures\. \fIDefault:\fR \fB15\fR\. . .TP +\fBHOMEBREW_FORBIDDEN_LICENSES\fR +Use this environment variable to define a blacklist of space separated licenses and Homebrew will avoid installing the packages with those licenses\. +. +.TP \fBHOMEBREW_FORCE_BREWED_CURL\fR If set, always use a Homebrew\-installed \fBcurl\fR(1) rather than the system version\. Automatically set if the system version of \fBcurl\fR is too old\. . From a161829927fcd13d7a91cbc707db402577e95867 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 16:09:20 +0800 Subject: [PATCH 08/27] forbidden-license: include method in module scope for module-wide access --- Library/Homebrew/cmd/install.rb | 33 ++++++++++++++++----------- Library/Homebrew/formula_installer.rb | 2 ++ 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index fe1eea882c..2072b7fa05 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -342,24 +342,31 @@ module Homebrew rescue CannotInstallFormulaError => e ofail e.message end -end -def forbidden_license_check(f) - forbidden_licenses = ENV["HOMEBREW_FORBIDDEN_LICENSES"].split(" ") + def get_forbidden_licenses + Homebrew::EnvConfig.forbidden_licenses.split(" ") + end - if forbidden_licenses.include? f.license - raise CannotInstallFormulaError, <<~EOS + def forbidden_license_check(f) + forbidden_licenses = get_forbidden_licenses + + if forbidden_licenses.include? f.license + raise CannotInstallFormulaError, <<~EOS #{f.name} has a forbidden license #{f.license}. - EOS - end + EOS + end - fi = FormulaInstaller.new(f) - fi.compute_dependencies.each do |dep, _| - dep_f = dep.to_formula - next unless forbidden_licenses.include? dep_f.license + fi = FormulaInstaller.new(f) + fi.compute_dependencies.each do |dep, _| + dep_f = dep.to_formula + next unless forbidden_licenses.include? dep_f.license - raise CannotInstallFormulaError, <<~EOS + raise CannotInstallFormulaError, <<~EOS The installation of #{f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license}. - EOS + EOS + end end + end + + diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index c6a7318e6c..e7fa45da2b 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -148,6 +148,8 @@ class FormulaInstaller def prelude Tab.clear_cache verify_deps_exist unless ignore_deps? + Homebrew.forbidden_license_check(formula) unless ENV["HOMEBREW_FORBIDDEN_LICENSES"].blank? + check_install_sanity end From fdc9dc433394b7a934a3487b62d960c06d21f00c Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 16:20:05 +0800 Subject: [PATCH 09/27] require cmd/install to include methods methods in scope --- Library/Homebrew/formula_installer.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index e7fa45da2b..7a9da2a595 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -17,6 +17,7 @@ require "linkage_checker" require "install" require "messages" require "cask/cask_loader" +require "cmd/install" require "find" class FormulaInstaller From 43bec1f58db9e9fe81a77309445a30f3a4ab7a9b Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 17:33:11 +0800 Subject: [PATCH 10/27] style fix --- Library/Homebrew/cmd/install.rb | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index 2072b7fa05..9d90603b92 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -352,7 +352,7 @@ module Homebrew if forbidden_licenses.include? f.license raise CannotInstallFormulaError, <<~EOS - #{f.name} has a forbidden license #{f.license}. + #{f.name} has a forbidden license #{f.license}. EOS end @@ -362,11 +362,8 @@ module Homebrew next unless forbidden_licenses.include? dep_f.license raise CannotInstallFormulaError, <<~EOS - The installation of #{f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license}. + The installation of #{f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license}. EOS end end - end - - From ab3d1b69a0113f62b807848408e452649247256b Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 17:33:20 +0800 Subject: [PATCH 11/27] brew man --- docs/Manpage.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/Manpage.md b/docs/Manpage.md index 2aa5bc9ed3..0b7aca2828 100644 --- a/docs/Manpage.md +++ b/docs/Manpage.md @@ -1394,6 +1394,9 @@ Note that environment variables must have a value set to be detected. For exampl *Default:* `15`. + * `HOMEBREW_FORBIDDEN_LICENSES`: + Use this environment variable to define a blacklist of space separated licenses and Homebrew will avoid installing the packages with those licenses. + * `HOMEBREW_FORCE_BREWED_CURL`: If set, always use a Homebrew-installed `curl`(1) rather than the system version. Automatically set if the system version of `curl` is too old. From e53e7a1fbd3b3bcd6b71b1e031e6c371bb784fbe Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 17:33:31 +0800 Subject: [PATCH 12/27] function name change --- Library/Homebrew/cmd/install.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index 9d90603b92..e4ec708c0b 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -343,12 +343,12 @@ module Homebrew ofail e.message end - def get_forbidden_licenses + def env_forbidden_licenses Homebrew::EnvConfig.forbidden_licenses.split(" ") end def forbidden_license_check(f) - forbidden_licenses = get_forbidden_licenses + forbidden_licenses = env_forbidden_licenses if forbidden_licenses.include? f.license raise CannotInstallFormulaError, <<~EOS From 29622c35d145dc82984282cf110596555a39f000 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 21:02:06 +0800 Subject: [PATCH 13/27] tests: wrote up more tests for brew install --- Library/Homebrew/test/cmd/install_spec.rb | 20 +++++++++++++++++++ .../spec/shared_context/integration_test.rb | 6 ++++++ 2 files changed, 26 insertions(+) diff --git a/Library/Homebrew/test/cmd/install_spec.rb b/Library/Homebrew/test/cmd/install_spec.rb index 70ba941c78..b6955930ce 100644 --- a/Library/Homebrew/test/cmd/install_spec.rb +++ b/Library/Homebrew/test/cmd/install_spec.rb @@ -17,6 +17,26 @@ describe "brew install", :integration_test do expect(HOMEBREW_CELLAR/"testball1/0.1/foo/test").not_to be_a_file end + it "does not install formulae with forbidden license" do + setup_test_formula "package_license" + + expect { brew "install", "package_license", "HOMEBREW_FORBIDDEN_LICENSES" => "0BSD MIT"} + .to output("Error: package_license has a forbidden license 0BSD.\n").to_stderr + .and not_to_output.to_stdout + .and be_a_failure + expect(HOMEBREW_CELLAR/"testball1/0.1/foo/test").not_to be_a_file + end + + it "installs formulae if formulae license is not forbidden" do + setup_test_formula "testball1" + + expect { brew "install", "testball1", "HOMEBREW_FORBIDDEN_LICENSES" => "AAK ADSL AML"} + .to output(%r{#{HOMEBREW_CELLAR}/testball1/0\.1}).to_stdout + .and not_to_output.to_stderr + .and be_a_success + expect(HOMEBREW_CELLAR/"testball1/0.1/foo/test").not_to be_a_file + end + it "installs formulae with options" do setup_test_formula "testball1" diff --git a/Library/Homebrew/test/support/helper/spec/shared_context/integration_test.rb b/Library/Homebrew/test/support/helper/spec/shared_context/integration_test.rb index 7ecb936ec8..619eae5c80 100644 --- a/Library/Homebrew/test/support/helper/spec/shared_context/integration_test.rb +++ b/Library/Homebrew/test/support/helper/spec/shared_context/integration_test.rb @@ -161,6 +161,12 @@ RSpec.shared_context "integration test" do content = <<~RUBY url "https://brew.sh/#{name}-1.0" RUBY + + when "package_license" + content = <<~RUBY + url "https://brew.sh/#patchelf-1.0" + license "0BSD" + RUBY end Formulary.core_path(name).tap do |formula_path| From ebb3b50cc1f71a9d371ea92f41afc3b266a85dbf Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 21:03:41 +0800 Subject: [PATCH 14/27] style fixes --- Library/Homebrew/test/cmd/install_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Library/Homebrew/test/cmd/install_spec.rb b/Library/Homebrew/test/cmd/install_spec.rb index b6955930ce..3fad1c64f0 100644 --- a/Library/Homebrew/test/cmd/install_spec.rb +++ b/Library/Homebrew/test/cmd/install_spec.rb @@ -20,7 +20,7 @@ describe "brew install", :integration_test do it "does not install formulae with forbidden license" do setup_test_formula "package_license" - expect { brew "install", "package_license", "HOMEBREW_FORBIDDEN_LICENSES" => "0BSD MIT"} + expect { brew "install", "package_license", "HOMEBREW_FORBIDDEN_LICENSES" => "0BSD MIT" } .to output("Error: package_license has a forbidden license 0BSD.\n").to_stderr .and not_to_output.to_stdout .and be_a_failure @@ -30,7 +30,7 @@ describe "brew install", :integration_test do it "installs formulae if formulae license is not forbidden" do setup_test_formula "testball1" - expect { brew "install", "testball1", "HOMEBREW_FORBIDDEN_LICENSES" => "AAK ADSL AML"} + expect { brew "install", "testball1", "HOMEBREW_FORBIDDEN_LICENSES" => "AAK ADSL AML" } .to output(%r{#{HOMEBREW_CELLAR}/testball1/0\.1}).to_stdout .and not_to_output.to_stderr .and be_a_success From c8554296125ad858ac1130e0ec5572007d67cb7a Mon Sep 17 00:00:00 2001 From: Lionell Loh Jian An Date: Tue, 7 Jul 2020 21:39:53 +0800 Subject: [PATCH 15/27] Apply suggestions from code review code review changes Co-authored-by: Mike McQuaid --- docs/Manpage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/Manpage.md b/docs/Manpage.md index 0b7aca2828..77771d0ede 100644 --- a/docs/Manpage.md +++ b/docs/Manpage.md @@ -1395,7 +1395,7 @@ Note that environment variables must have a value set to be detected. For exampl *Default:* `15`. * `HOMEBREW_FORBIDDEN_LICENSES`: - Use this environment variable to define a blacklist of space separated licenses and Homebrew will avoid installing the packages with those licenses. + Use this environment variable to define a denylist of space separated licenses and Homebrew will refuse to install packages known to have those licenses. * `HOMEBREW_FORCE_BREWED_CURL`: If set, always use a Homebrew-installed `curl`(1) rather than the system version. Automatically set if the system version of `curl` is too old. From 5449904ddefcf3cd8bdbf5574d7d5e87b47bacaa Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 21:42:22 +0800 Subject: [PATCH 16/27] small refactor to check env variable within function --- Library/Homebrew/cmd/install.rb | 4 +++- Library/Homebrew/formula_installer.rb | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index e4ec708c0b..41d31be6a9 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -259,7 +259,7 @@ module Homebrew formulae.each do |f| Migrator.migrate_if_needed(f) - forbidden_license_check(f) unless ENV["HOMEBREW_FORBIDDEN_LICENSES"].blank? + forbidden_license_check(f) install_formula(f) Cleanup.install_formula_clean!(f) end @@ -348,6 +348,8 @@ module Homebrew end def forbidden_license_check(f) + return if ENV["HOMEBREW_FORBIDDEN_LICENSES"].blank? + forbidden_licenses = env_forbidden_licenses if forbidden_licenses.include? f.license diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index 7a9da2a595..73f452eca0 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -149,7 +149,7 @@ class FormulaInstaller def prelude Tab.clear_cache verify_deps_exist unless ignore_deps? - Homebrew.forbidden_license_check(formula) unless ENV["HOMEBREW_FORBIDDEN_LICENSES"].blank? + Homebrew.forbidden_license_check(formula) check_install_sanity end From 56bde378f3732353be869e7f925002a4b3b2b525 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 21:42:30 +0800 Subject: [PATCH 17/27] remove integration tests --- Library/Homebrew/test/cmd/install_spec.rb | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/Library/Homebrew/test/cmd/install_spec.rb b/Library/Homebrew/test/cmd/install_spec.rb index 3fad1c64f0..70ba941c78 100644 --- a/Library/Homebrew/test/cmd/install_spec.rb +++ b/Library/Homebrew/test/cmd/install_spec.rb @@ -17,26 +17,6 @@ describe "brew install", :integration_test do expect(HOMEBREW_CELLAR/"testball1/0.1/foo/test").not_to be_a_file end - it "does not install formulae with forbidden license" do - setup_test_formula "package_license" - - expect { brew "install", "package_license", "HOMEBREW_FORBIDDEN_LICENSES" => "0BSD MIT" } - .to output("Error: package_license has a forbidden license 0BSD.\n").to_stderr - .and not_to_output.to_stdout - .and be_a_failure - expect(HOMEBREW_CELLAR/"testball1/0.1/foo/test").not_to be_a_file - end - - it "installs formulae if formulae license is not forbidden" do - setup_test_formula "testball1" - - expect { brew "install", "testball1", "HOMEBREW_FORBIDDEN_LICENSES" => "AAK ADSL AML" } - .to output(%r{#{HOMEBREW_CELLAR}/testball1/0\.1}).to_stdout - .and not_to_output.to_stderr - .and be_a_success - expect(HOMEBREW_CELLAR/"testball1/0.1/foo/test").not_to be_a_file - end - it "installs formulae with options" do setup_test_formula "testball1" From f0222c3eb732c01bd6e329a8748f28d3ff40b00e Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 21:51:15 +0800 Subject: [PATCH 18/27] Moved code from install -> formula_installer --- Library/Homebrew/cmd/install.rb | 27 -------------------------- Library/Homebrew/formula_installer.rb | 28 ++++++++++++++++++++++++++- 2 files changed, 27 insertions(+), 28 deletions(-) diff --git a/Library/Homebrew/cmd/install.rb b/Library/Homebrew/cmd/install.rb index 41d31be6a9..a608b72ea9 100644 --- a/Library/Homebrew/cmd/install.rb +++ b/Library/Homebrew/cmd/install.rb @@ -259,7 +259,6 @@ module Homebrew formulae.each do |f| Migrator.migrate_if_needed(f) - forbidden_license_check(f) install_formula(f) Cleanup.install_formula_clean!(f) end @@ -342,30 +341,4 @@ module Homebrew rescue CannotInstallFormulaError => e ofail e.message end - - def env_forbidden_licenses - Homebrew::EnvConfig.forbidden_licenses.split(" ") - end - - def forbidden_license_check(f) - return if ENV["HOMEBREW_FORBIDDEN_LICENSES"].blank? - - forbidden_licenses = env_forbidden_licenses - - if forbidden_licenses.include? f.license - raise CannotInstallFormulaError, <<~EOS - #{f.name} has a forbidden license #{f.license}. - EOS - end - - fi = FormulaInstaller.new(f) - fi.compute_dependencies.each do |dep, _| - dep_f = dep.to_formula - next unless forbidden_licenses.include? dep_f.license - - raise CannotInstallFormulaError, <<~EOS - The installation of #{f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license}. - EOS - end - end end diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index 73f452eca0..83b49c4d40 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -149,7 +149,7 @@ class FormulaInstaller def prelude Tab.clear_cache verify_deps_exist unless ignore_deps? - Homebrew.forbidden_license_check(formula) + forbidden_license_check(formula) check_install_sanity end @@ -1105,4 +1105,30 @@ class FormulaInstaller $stderr.puts @requirement_messages end + + def env_forbidden_licenses + Homebrew::EnvConfig.forbidden_licenses.split(" ") + end + + def forbidden_license_check(f) + return if ENV["HOMEBREW_FORBIDDEN_LICENSES"].blank? + + forbidden_licenses = env_forbidden_licenses + + if forbidden_licenses.include? f.license + raise CannotInstallFormulaError, <<~EOS + #{f.name} has a forbidden license #{f.license}. + EOS + end + + fi = FormulaInstaller.new(f) + fi.compute_dependencies.each do |dep, _| + dep_f = dep.to_formula + next unless forbidden_licenses.include? dep_f.license + + raise CannotInstallFormulaError, <<~EOS + The installation of #{f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license}. + EOS + end + end end From 84d86e6dbcae40a62e215a3474a956f701f5410c Mon Sep 17 00:00:00 2001 From: lionellloh Date: Tue, 7 Jul 2020 21:57:02 +0800 Subject: [PATCH 19/27] `brew man` --- docs/Manpage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/Manpage.md b/docs/Manpage.md index 77771d0ede..0b7aca2828 100644 --- a/docs/Manpage.md +++ b/docs/Manpage.md @@ -1395,7 +1395,7 @@ Note that environment variables must have a value set to be detected. For exampl *Default:* `15`. * `HOMEBREW_FORBIDDEN_LICENSES`: - Use this environment variable to define a denylist of space separated licenses and Homebrew will refuse to install packages known to have those licenses. + Use this environment variable to define a blacklist of space separated licenses and Homebrew will avoid installing the packages with those licenses. * `HOMEBREW_FORCE_BREWED_CURL`: If set, always use a Homebrew-installed `curl`(1) rather than the system version. Automatically set if the system version of `curl` is too old. From 5e99ecfbdb0a33fd4cb831232abfd824b5b5ecb7 Mon Sep 17 00:00:00 2001 From: Lionell Loh Jian An Date: Wed, 8 Jul 2020 23:55:48 +0800 Subject: [PATCH 20/27] Apply suggestions from code review Code review changes Co-authored-by: Mike McQuaid --- Library/Homebrew/env_config.rb | 2 +- Library/Homebrew/formula_installer.rb | 18 ++++++------------ 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/Library/Homebrew/env_config.rb b/Library/Homebrew/env_config.rb index 7f613779fb..79b6999992 100644 --- a/Library/Homebrew/env_config.rb +++ b/Library/Homebrew/env_config.rb @@ -112,7 +112,7 @@ module Homebrew default: 15, }, HOMEBREW_FORBIDDEN_LICENSES: { - description: "Use this environment variable to define a blacklist of space separated licenses and Homebrew " \ + description: "Use this environment variable to define a denylist of space separated licenses and Homebrew " \ "will avoid installing the packages with those licenses.", }, HOMEBREW_FORCE_BREWED_CURL: { diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index 83b49c4d40..0a906b3020 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -1106,23 +1106,17 @@ class FormulaInstaller $stderr.puts @requirement_messages end - def env_forbidden_licenses - Homebrew::EnvConfig.forbidden_licenses.split(" ") - end + def forbidden_license_check + forbidden_licenses = Homebrew::EnvConfig.forbidden_licenses.split(" ") + return if forbidden_licenses.blank? - def forbidden_license_check(f) - return if ENV["HOMEBREW_FORBIDDEN_LICENSES"].blank? - - forbidden_licenses = env_forbidden_licenses - - if forbidden_licenses.include? f.license + if forbidden_licenses.include? formula.license raise CannotInstallFormulaError, <<~EOS - #{f.name} has a forbidden license #{f.license}. + #{formula.name} has a forbidden license #{formula.license}. EOS end - fi = FormulaInstaller.new(f) - fi.compute_dependencies.each do |dep, _| + compute_dependencies.each do |dep, _| dep_f = dep.to_formula next unless forbidden_licenses.include? dep_f.license From 4836970fdc4e621ab93767336a9470f26ea43709 Mon Sep 17 00:00:00 2001 From: Lionell Date: Thu, 9 Jul 2020 00:06:34 +0800 Subject: [PATCH 21/27] brew man --- docs/Manpage.md | 2 +- manpages/brew.1 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/Manpage.md b/docs/Manpage.md index 0b7aca2828..a31c2ac26b 100644 --- a/docs/Manpage.md +++ b/docs/Manpage.md @@ -1395,7 +1395,7 @@ Note that environment variables must have a value set to be detected. For exampl *Default:* `15`. * `HOMEBREW_FORBIDDEN_LICENSES`: - Use this environment variable to define a blacklist of space separated licenses and Homebrew will avoid installing the packages with those licenses. + Use this environment variable to define a denylist of space separated licenses and Homebrew will avoid installing the packages with those licenses. * `HOMEBREW_FORCE_BREWED_CURL`: If set, always use a Homebrew-installed `curl`(1) rather than the system version. Automatically set if the system version of `curl` is too old. diff --git a/manpages/brew.1 b/manpages/brew.1 index ca41e7ba4b..54a7c18341 100644 --- a/manpages/brew.1 +++ b/manpages/brew.1 @@ -1800,7 +1800,7 @@ Output this many lines of output on formula \fBsystem\fR failures\. . .TP \fBHOMEBREW_FORBIDDEN_LICENSES\fR -Use this environment variable to define a blacklist of space separated licenses and Homebrew will avoid installing the packages with those licenses\. +Use this environment variable to define a denylist of space separated licenses and Homebrew will avoid installing the packages with those licenses\. . .TP \fBHOMEBREW_FORCE_BREWED_CURL\fR From 4de020ec6c1167daca13294b80b6d9abf14aef0a Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 9 Jul 2020 11:38:23 +0800 Subject: [PATCH 22/27] adapt to forbidden_license_check method signature --- Library/Homebrew/formula_installer.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index 0a906b3020..339c74194d 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -149,7 +149,7 @@ class FormulaInstaller def prelude Tab.clear_cache verify_deps_exist unless ignore_deps? - forbidden_license_check(formula) + forbidden_license_check check_install_sanity end @@ -1107,7 +1107,8 @@ class FormulaInstaller end def forbidden_license_check - forbidden_licenses = Homebrew::EnvConfig.forbidden_licenses.split(" ") + + forbidden_licenses = (Homebrew::EnvConfig.forbidden_licenses || "").split(" ") return if forbidden_licenses.blank? if forbidden_licenses.include? formula.license From 22ef3d52941c0b57c01ef516a7f2803c9f791a40 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 9 Jul 2020 11:48:09 +0800 Subject: [PATCH 23/27] brew style --fix --- Library/Homebrew/formula_installer.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index 339c74194d..5d6e2de74f 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -1107,7 +1107,6 @@ class FormulaInstaller end def forbidden_license_check - forbidden_licenses = (Homebrew::EnvConfig.forbidden_licenses || "").split(" ") return if forbidden_licenses.blank? From bdb64aa178c1531661d74f58cd2435c30e029272 Mon Sep 17 00:00:00 2001 From: Lionell Loh Jian An Date: Thu, 9 Jul 2020 16:28:00 +0800 Subject: [PATCH 24/27] Apply suggestions from code review Code review changes Co-authored-by: Mike McQuaid --- Library/Homebrew/formula_installer.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index 5d6e2de74f..a86867c2af 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -1107,7 +1107,7 @@ class FormulaInstaller end def forbidden_license_check - forbidden_licenses = (Homebrew::EnvConfig.forbidden_licenses || "").split(" ") + forbidden_licenses = Homebrew::EnvConfig.forbidden_licenses.to_s.split(" ") return if forbidden_licenses.blank? if forbidden_licenses.include? formula.license From 7ed33959f9025b0f2fed2e8d844e48ab508cec28 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 9 Jul 2020 17:42:08 +0800 Subject: [PATCH 25/27] description for HOMEBREW_FORBIDDEN_LICENSES --- Library/Homebrew/env_config.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Library/Homebrew/env_config.rb b/Library/Homebrew/env_config.rb index 79b6999992..e47f1ab848 100644 --- a/Library/Homebrew/env_config.rb +++ b/Library/Homebrew/env_config.rb @@ -112,8 +112,8 @@ module Homebrew default: 15, }, HOMEBREW_FORBIDDEN_LICENSES: { - description: "Use this environment variable to define a denylist of space separated licenses and Homebrew " \ - "will avoid installing the packages with those licenses.", + description: "A space-separated list of licenses. Homebrew will refuse to install a " \ + "formula if that formula or any of its dependencies has a license on this list.", }, HOMEBREW_FORCE_BREWED_CURL: { description: "If set, always use a Homebrew-installed `curl`(1) rather than the system version. " \ From c1bdbc53ea33b8f1083c0a531973da881c1d7d15 Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 9 Jul 2020 17:45:04 +0800 Subject: [PATCH 26/27] include logic for ignore-deps and only-deps --- Library/Homebrew/formula_installer.rb | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index a86867c2af..2d7eeba674 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -1110,19 +1110,22 @@ class FormulaInstaller forbidden_licenses = Homebrew::EnvConfig.forbidden_licenses.to_s.split(" ") return if forbidden_licenses.blank? - if forbidden_licenses.include? formula.license - raise CannotInstallFormulaError, <<~EOS - #{formula.name} has a forbidden license #{formula.license}. - EOS - end - compute_dependencies.each do |dep, _| + next if @ignore_deps + dep_f = dep.to_formula next unless forbidden_licenses.include? dep_f.license raise CannotInstallFormulaError, <<~EOS - The installation of #{f.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license}. + The installation of #{formula.name} has a dependency on #{dep.name} with a forbidden license #{dep_f.license}. EOS end + return if @only_deps + + return unless forbidden_licenses.include? formula.license + + raise CannotInstallFormulaError, <<~EOS + #{formula.name} has a forbidden license #{formula.license}. + EOS end end From 1952c140e9ce4b2e0af71b24cbd84ba4f9debbfe Mon Sep 17 00:00:00 2001 From: lionellloh Date: Thu, 9 Jul 2020 17:46:21 +0800 Subject: [PATCH 27/27] brew man --- docs/Manpage.md | 2 +- manpages/brew.1 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/Manpage.md b/docs/Manpage.md index a31c2ac26b..f6651dd689 100644 --- a/docs/Manpage.md +++ b/docs/Manpage.md @@ -1395,7 +1395,7 @@ Note that environment variables must have a value set to be detected. For exampl *Default:* `15`. * `HOMEBREW_FORBIDDEN_LICENSES`: - Use this environment variable to define a denylist of space separated licenses and Homebrew will avoid installing the packages with those licenses. + A space-separated list of licenses. Homebrew will refuse to install a formula if that formula or any of its dependencies has a license on this list. * `HOMEBREW_FORCE_BREWED_CURL`: If set, always use a Homebrew-installed `curl`(1) rather than the system version. Automatically set if the system version of `curl` is too old. diff --git a/manpages/brew.1 b/manpages/brew.1 index 54a7c18341..28951194e7 100644 --- a/manpages/brew.1 +++ b/manpages/brew.1 @@ -1800,7 +1800,7 @@ Output this many lines of output on formula \fBsystem\fR failures\. . .TP \fBHOMEBREW_FORBIDDEN_LICENSES\fR -Use this environment variable to define a denylist of space separated licenses and Homebrew will avoid installing the packages with those licenses\. +A space\-separated list of licenses\. Homebrew will refuse to install a formula if that formula or any of its dependencies has a license on this list\. . .TP \fBHOMEBREW_FORCE_BREWED_CURL\fR