audit(github): prefer /archive/refs/tags urls over /archive

Signed-off-by: Rui Chen <rui@chenrui.dev>
2023-10-20 19:10:14 -04:00 · 2023-10-20 19:10:14 -04:00 · a496f6708e
commit a496f6708e
parent 35746e0a6b
2 changed files with 8 additions and 1 deletions
--- a/Library/Homebrew/rubocops/urls.rb
+++ b/Library/Homebrew/rubocops/urls.rb
@ -217,6 +217,13 @@ module RuboCop
            problem "Use /archive/ URLs for GitHub tarballs (url is #{url})."
          end

+          archive_ref_tags_gh_pattern = %r{https://.*github.*/archive(?!/refs/tags)/.*\.tar\.gz$}
+          audit_urls(urls, archive_ref_tags_gh_pattern) do |_, url|
+            next if url.end_with?(".git")
+
+            problem "Use /archive/refs/tags URLs for GitHub tarballs (url is #{url})."
+          end
+
          # Don't use GitHub .zip files
          zip_gh_pattern = %r{https://.*github.*/(archive|releases)/.*\.zip$}
          audit_urls(urls, zip_gh_pattern) do |_, url|
--- a/Library/Homebrew/utils/shared_audits.rb
+++ b/Library/Homebrew/utils/shared_audits.rb
@ -157,7 +157,7 @@ module SharedAudits

  def github_tag_from_url(url)
    url = url.to_s
-    tag = url.match(%r{^https://github\.com/[\w-]+/[\w-]+/archive/([^/]+)\.(tar\.gz|zip)$})
+    tag = url.match(%r{^https://github\.com/[\w-]+/[\w-]+/archive/refs/tags/([^/]+)\.(tar\.gz|zip)$})
             .to_a
             .second
    tag ||= url.match(%r{^https://github\.com/[\w-]+/[\w-]+/releases/download/([^/]+)/})