admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity

sbom: ensure Homebrew versions are more consistent.

Browse Source 
Avoid making bottles non-reproducible by ensuring that the Homebrew
version doesn't include the full commit hash but just a `-dev` suffix.

This is similar to the approach we use for analytics.
This commit is contained in:
Mike McQuaid 2024-07-26 17:35:46 +01:00
parent d79fa417b8
commit a901a9c389
No known key found for this signature in database
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Library/Homebrew/sbom.rb
View File

@ -24,9 +24,16 @@ class SBOM
end end
active_spec_sym = formula.active_spec_sym active_spec_sym = formula.active_spec_sym
homebrew_version_maybe_dev = if (match_data = HOMEBREW_VERSION.match(/^[\d.]+/))
suffix = "-dev" if HOMEBREW_VERSION.include?("-")
match_data[0] + suffix.to_s
else
HOMEBREW_VERSION
end
attributes = { attributes = {
name: formula.name, name: formula.name,
homebrew_version: HOMEBREW_VERSION, homebrew_version: homebrew_version_maybe_dev,
spdxfile: SBOM.spdxfile(formula), spdxfile: SBOM.spdxfile(formula),
time: tab.time, time: tab.time,
source_modified_time: tab.source_modified_time.to_i, source_modified_time: tab.source_modified_time.to_i,