From d124d8eae8b03e9d5aa1c6a82a8d4f0c40f72c80 Mon Sep 17 00:00:00 2001 From: Rylan Polster Date: Mon, 4 Oct 2021 19:22:30 -0400 Subject: [PATCH] cask/audit: allow the homepage https audit to have exceptions --- Library/Homebrew/cask/audit.rb | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/Library/Homebrew/cask/audit.rb b/Library/Homebrew/cask/audit.rb index 4ef3462e83..652238d281 100644 --- a/Library/Homebrew/cask/audit.rb +++ b/Library/Homebrew/cask/audit.rb @@ -44,6 +44,7 @@ module Cask @strict = strict @new_cask = new_cask @token_conflicts = token_conflicts + @tap_audit_exceptions = cask.tap&.audit_exceptions end def run! @@ -746,14 +747,38 @@ module Cask check_url_for_https_availability(cask.homepage, "homepage URL", + cask.token, user_agents: [:browser, :default], check_content: true, strict: strict?) end - def check_url_for_https_availability(url_to_check, url_type, **options) + def check_url_for_https_availability(url_to_check, url_type, cask_token, **options) problem = curl_check_http_content(url_to_check.to_s, url_type, **options) - add_error problem if problem + exception = tap_audit_exception(:cert_error_allowlist, cask_token, url_to_check) + + if problem + add_error problem unless exception + elsif exception + add_error "#{url_to_check} is in the certificate error allowlist but does not have a certificate error" + end + end + + def tap_audit_exception(list, cask, value = nil) + return false if @tap_audit_exceptions.blank? + return false unless @tap_audit_exceptions.key? list + + list = @tap_audit_exceptions[list] + + case list + when Array + list.include? cask + when Hash + return false unless list.include? cask + return list[cask] if value.blank? + + list[cask] == value + end end end end