From 4437b953977caabc6cefd796fc7ad8a79dd632e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADtor=20Galv=C3=A3o?= Date: Tue, 18 Apr 2023 19:26:14 +0100 Subject: [PATCH 1/2] Cask audit: check binary signature and notarisation --- Library/Homebrew/cask/audit.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Library/Homebrew/cask/audit.rb b/Library/Homebrew/cask/audit.rb index 696ff6f513..2798a41779 100644 --- a/Library/Homebrew/cask/audit.rb +++ b/Library/Homebrew/cask/audit.rb @@ -460,7 +460,9 @@ module Cask return if !signing? || download.blank? || cask.url.blank? odebug "Auditing signing" - artifacts = cask.artifacts.select { |k| k.is_a?(Artifact::Pkg) || k.is_a?(Artifact::App) } + artifacts = cask.artifacts.select do |k| + k.is_a?(Artifact::Pkg) || k.is_a?(Artifact::App) || k.is_a?(Artifact::Binary) + end return if artifacts.empty? From a2f9f89d30766379a908f33e87e50d4b311d89a1 Mon Sep 17 00:00:00 2001 From: apainintheneck Date: Thu, 20 Apr 2023 23:37:05 -0700 Subject: [PATCH 2/2] cask/audit_spec: fix outdated test We used the binary artifact as an example of an unsigned artifact before in this test. Now that we're adding it as a signed artifact the test has been updated with another example of an unsigned one. --- Library/Homebrew/test/cask/audit_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Library/Homebrew/test/cask/audit_spec.rb b/Library/Homebrew/test/cask/audit_spec.rb index e71514440c..150ca8258c 100644 --- a/Library/Homebrew/test/cask/audit_spec.rb +++ b/Library/Homebrew/test/cask/audit_spec.rb @@ -483,7 +483,7 @@ describe Cask::Audit, :cask do cask 'signing-cask-test' do version '1.0' url "https://brew.sh/index.html" - binary 'Audit.app' + artifact "example.pdf", target: "/Library/Application Support/example" end RUBY end