audit: check more GitHub URLs. (#256)

GitHub’s code load and patch-diff URLs are the result of redirects and make it harder to modify the URL to reach the original repository.
2016-05-19 07:56:11 +01:00 · 2016-05-19 07:56:11 +01:00 · b8e5ff431d
commit b8e5ff431d
parent bc1d5ae4d4
1 changed files with 18 additions and 0 deletions
--- a/Library/Homebrew/cmd/audit.rb
+++ b/Library/Homebrew/cmd/audit.rb
@ -636,6 +636,13 @@ class FormulaAuditor
      unless patch.url =~ /[a-fA-F0-9]{40}/
        problem "GitHub/Gist patches should specify a revision:\n#{patch.url}"
      end
+    when %r{https?://patch-diff\.githubusercontent\.com/raw/(.+)/(.+)/pull/(.+)\.(?:diff|patch)}
+      problem <<-EOS.undent
+        use GitHub pull request URLs:
+          https://github.com/#{$1}/#{$2}/pulls/#{$3}.patch
+        Rather than patch-diff:
+          #{patch.url}
+      EOS
    when %r{macports/trunk}
      problem "MacPorts patches should specify a revision instead of trunk:\n#{patch.url}"
    when %r{^http://trac\.macports\.org}
@ -1235,6 +1242,17 @@ class ResourceAuditor
      next unless u =~ %r{https://.*github.*/(archive|releases)/.*\.zip$} && u !~ %r{releases/download}
      problem "Use GitHub tarballs rather than zipballs (url is #{u})."
    end
+
+    # Don't use GitHub codeload URLs
+    urls.each do |u|
+      next unless u =~ %r{https?://codeload\.github\.com/(.+)/(.+)/(?:tar\.gz|zip)/(.+)}
+      problem <<-EOS.undent
+        use GitHub archive URLs:
+          https://github.com/#{$1}/#{$2}/archive/#{$3}.tar.gz
+        Rather than codeload:
+          #{u}
+      EOS
+    end
  end

  def problem(text)