David Broder-Rodgers 
							
						 
					 
					
						
						
						
						
							
						
						
							13a3a57fa8 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/master' into insecure_audit  
						
						
						
						
					 
					
						2017-01-30 18:31:52 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							34e03532a0 
							
						 
					 
					
						
						
							
							audit: improve homepage audit reliability.  
						
						... 
						
						
						
						Try first with an (exact, actual) browser user agent from Safari and
then try again with the default Homebrew `curl` user agent. 
						
						
					 
					
						2017-01-26 16:19:38 +00:00 
						 
				 
			
				
					
						
							
							
								ilovezfs 
							
						 
					 
					
						
						
						
						
							
						
						
							cebe137499 
							
						 
					 
					
						
						
							
							audit: exempt wine's deps from the universal deprecation  
						
						... 
						
						
						
						This can be reverted when wine's dependencies are all vendored. 
						
						
					 
					
						2017-01-20 07:18:51 -08:00 
						 
				 
			
				
					
						
							
							
								Gautham Goli 
							
						 
					 
					
						
						
						
						
							
						
						
							0b3d9031e2 
							
						 
					 
					
						
						
							
							Add --fix option to brew audit command  
						
						
						
						
					 
					
						2017-01-18 22:35:37 +05:30 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							4f0505f759 
							
						 
					 
					
						
						
							
							audit: only warn on versioned conflicts_with.  
						
						... 
						
						
						
						Rather than all versioned formulae regardless. Oops. 
						
						
					 
					
						2017-01-17 19:09:41 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							dac66c4ada 
							
						 
					 
					
						
						
							
							Add keg_only :versioned_formula.  
						
						... 
						
						
						
						This is used to indicate a formula is a version of another formula.
This will be used to provide a consistent interface for older formulae
versions and replaces the use of `conflicts_with`. 
						
						
					 
					
						2017-01-17 10:50:04 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							aa104137e5 
							
						 
					 
					
						
						
							
							Merge pull request  #1844  from MikeMcQuaid/audit-universal  
						
						... 
						
						
						
						audit: don't allow universal for new formulae. 
						
						
					 
					
						2017-01-17 10:08:44 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							f4496e85e5 
							
						 
					 
					
						
						
							
							audit: don't allow universal for new formulae.  
						
						... 
						
						
						
						We're frowning on these now so may as well turn that into code. 
						
						
					 
					
						2017-01-15 02:31:11 -08:00 
						 
				 
			
				
					
						
							
							
								ilovezfs 
							
						 
					 
					
						
						
						
						
							
						
						
							9dca10f9dc 
							
						 
					 
					
						
						
							
							audit: whitelist unstable versions already in core  
						
						... 
						
						
						
						also allow higher stable versions with the same version prefix 
						
						
					 
					
						2017-01-13 18:59:23 -08:00 
						 
				 
			
				
					
						
							
							
								William Woodruff 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							82c046b3e1 
							
						 
					 
					
						
						
							
							audit: Check for invocations of cctools.  
						
						... 
						
						
						
						Now that ruby-macho is available, cctools should be invoked as little
as possible. 
						
						
					 
					
						2017-01-11 23:07:26 -05:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							346d68eb04 
							
						 
					 
					
						
						
							
							audit: check virtualenv and setuptools resource.  
						
						... 
						
						
						
						`virtualenv_install_with_resources` will automatically define and
install a `setuptools` resource so this is unnecessary.
References https://github.com/Homebrew/homebrew-core/pull/8570  
						
						
					 
					
						2017-01-09 13:24:51 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							e7a81caaf4 
							
						 
					 
					
						
						
							
							Allow brew audit to fake a Safari user-agent.  
						
						... 
						
						
						
						This allows us to detect if homepages such as e.g. `aiccu` which
blocks `curl` are up or not. 
						
						
					 
					
						2017-01-07 14:03:08 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							d7ab913f31 
							
						 
					 
					
						
						
							
							audit: deprecate env :std/:userpaths for strict.  
						
						... 
						
						
						
						This should apply only for new formulae but we should start gradually
phasing it out for older ones too. 
						
						
					 
					
						2017-01-03 22:12:21 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							b3c6334d3c 
							
						 
					 
					
						
						
							
							audit: use new curl_args form.  
						
						... 
						
						
						
						This will use Curl’s default user agent to reduce homepage errors and
provides a function that can be used for other audits to perform
similar tests on URLs. 
						
						
					 
					
						2016-12-30 20:17:34 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							59180ec370 
							
						 
					 
					
						
						
							
							audit: improve reliability of homepage audit.  
						
						... 
						
						
						
						- Don't run on Yosemite where the system Curl is too old for some modern
  HTTPS homepages
- Try up to 3 times in case of transient failures. 
						
						
					 
					
						2016-12-29 12:51:12 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							8ffe231f44 
							
						 
					 
					
						
						
							
							audit: don't allow openssl & libressl dependency.  
						
						... 
						
						
						
						Formulae should not depend on both OpenSSL and LibreSSL (even
optionally). This is to avoid descending into madness where every
formulae that could use LibreSSL has to have option and switching logic.
Homebrew has standardised on OpenSSL and will do so everywhere that
LibreSSL is not a hard requirement. 
						
						
					 
					
						2016-12-29 11:46:51 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							cd13e306a8 
							
						 
					 
					
						
						
							
							Merge pull request  #1693  from broder/homepage_check  
						
						... 
						
						
						
						Updated homepage 404 check to use explicit parameters and return the … 
						
						
					 
					
						2016-12-23 19:14:08 +00:00 
						 
				 
			
				
					
						
							
							
								David Broder-Rodgers 
							
						 
					 
					
						
						
						
						
							
						
						
							3c566399cf 
							
						 
					 
					
						
						
							
							Added check for insecure mirror URLs  
						
						
						
						
					 
					
						2016-12-23 14:55:08 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							8f85eb64c4 
							
						 
					 
					
						
						
							
							audit: fix 32-bit check.  
						
						
						
						
					 
					
						2016-12-20 14:26:53 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							ef6b55125c 
							
						 
					 
					
						
						
							
							Merge pull request  #1695  from MikeMcQuaid/audit-revision-map-nil  
						
						... 
						
						
						
						audit: handle a nil revision map. 
						
						
					 
					
						2016-12-20 10:55:41 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							1d2390b2de 
							
						 
					 
					
						
						
							
							Merge pull request  #1698  from MikeMcQuaid/deprecate-32-bit  
						
						... 
						
						
						
						Deprecate 32-bit options. 
						
						
					 
					
						2016-12-20 10:54:54 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							f98304026b 
							
						 
					 
					
						
						
							
							Deprecate 32-bit options.  
						
						... 
						
						
						
						These were formerly supported but as it has been a very long time since
32-bit software was necessary on macOS these have been deprecated with
a `brew audit` warning and a future `odeprecated`. 
						
						
					 
					
						2016-12-20 10:22:30 +00:00 
						 
				 
			
				
					
						
							
							
								David Broder-Rodgers 
							
						 
					 
					
						
						
						
						
							
						
						
							637aae48e4 
							
						 
					 
					
						
						
							
							Markups  
						
						
						
						
					 
					
						2016-12-19 08:45:21 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							41a248786f 
							
						 
					 
					
						
						
							
							audit: handle a nil revision map.  
						
						
						
						
					 
					
						2016-12-18 15:46:02 -08:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							339ff9400f 
							
						 
					 
					
						
						
							
							audit: don't allow use of OS.mac?/OS.linux?.  
						
						... 
						
						
						
						Forbid their use in Homebrew/core which only supports macOS. This may
be added to more/all official taps in future. 
						
						
					 
					
						2016-12-18 15:30:06 -08:00 
						 
				 
			
				
					
						
							
							
								David Broder-Rodgers 
							
						 
					 
					
						
						
						
						
							
						
						
							0a007fc983 
							
						 
					 
					
						
						
							
							Updated homepage 404 check to use explicit parameters and return the status code  
						
						
						
						
					 
					
						2016-12-18 22:37:26 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							cf1fa0c5bc 
							
						 
					 
					
						
						
							
							audit: flag use of "fails_with :llvm".  
						
						... 
						
						
						
						Also, add TODOs for deprecating this properly at a later point. 
						
						
					 
					
						2016-12-13 02:10:11 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							1980af52de 
							
						 
					 
					
						
						
							
							audit: allow deprecated options on new @ formulae.  
						
						... 
						
						
						
						As these may be migrations from another tap where we want to migrate
options across correctly. 
						
						
					 
					
						2016-11-23 11:03:10 +00:00 
						 
				 
			
				
					
						
							
							
								William Woodruff 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4a9601ab82 
							
						 
					 
					
						
						
							
							audit: check formula name against blacklisted names.  
						
						
						
						
					 
					
						2016-11-20 00:40:54 -05:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							5e073f1f40 
							
						 
					 
					
						
						
							
							Merge pull request  #1528  from MikeMcQuaid/audit-devel-revision  
						
						... 
						
						
						
						audit: don't check devel version_scheme/revision. 
						
						
					 
					
						2016-11-18 13:53:22 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							e4fb108079 
							
						 
					 
					
						
						
							
							audit: check for HOMEBREW_PREFIX test path usage.  
						
						... 
						
						
						
						This is also not allowed.
As seen in https://github.com/Homebrew/homebrew-core/pull/6996 . 
						
						
					 
					
						2016-11-18 09:02:39 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							b7f0edd1fd 
							
						 
					 
					
						
						
							
							audit: don't check devel version_scheme/revision.  
						
						... 
						
						
						
						These are formulae-wide so doesn't make sense to iterate through these
for specs and get weird results.
As seem in https://github.com/Homebrew/homebrew-core/pull/6952 . 
						
						
					 
					
						2016-11-17 17:13:52 +00:00 
						 
				 
			
				
					
						
							
							
								Markus Reiter 
							
						 
					 
					
						
						
						
						
							
						
						
							e3be9c068b 
							
						 
					 
					
						
						
							
							Update .rubocop_todo.yml.  
						
						
						
						
					 
					
						2016-11-16 23:52:37 +01:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							edf042ee97 
							
						 
					 
					
						
						
							
							Merge pull request  #1522  from MikeMcQuaid/audit-one-previous-commit  
						
						... 
						
						
						
						audit: only check previous formula version. 
						
						
					 
					
						2016-11-16 10:25:11 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							31caa8ef93 
							
						 
					 
					
						
						
							
							audit: only check previous formula version.  
						
						... 
						
						
						
						For calculating the stable/devel versions this should be sufficient as
it's looking at `origin/master` so for a e.g. unmerged pull request this
will stop complaining about mistakes outside the pull request itself.
This will silence all warnings for historic version mistakes (i.e.
before these audit checks were all enabled) which is normally a bad
thing but as this case would rely on modifying history to complete is a
good one. 
						
						
					 
					
						2016-11-16 09:03:20 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							27ea94adb8 
							
						 
					 
					
						
						
							
							audit: check that there are any stable revisions.  
						
						... 
						
						
						
						Fixes the exception if `revision_map[formula.stable.version]` is `nil`. 
						
						
					 
					
						2016-11-16 08:59:52 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							5e0b3d24e5 
							
						 
					 
					
						
						
							
							audit: fix "version should not decrease" (again).  
						
						... 
						
						
						
						- output the max version and current version to make the message more
  obvious.
- Don't compare the development spec version to the formula version and
  then complain the formula version is lower (it should always be!) 
						
						
					 
					
						2016-11-15 09:02:50 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							c78aa43386 
							
						 
					 
					
						
						
							
							audit: fix "version should not decrease" check.  
						
						... 
						
						
						
						Fix the "version should not decrease" check so it correctly handles
`version_scheme`s.
Fixes  #1489 . 
						
						
					 
					
						2016-11-13 13:35:25 +00:00 
						 
				 
			
				
					
						
							
							
								Baptiste Fontaine 
							
						 
					 
					
						
						
						
						
							
						
						
							bfa19b3385 
							
						 
					 
					
						
						
							
							audit: Escape interpolated string in regexp  
						
						... 
						
						
						
						This avoids issues with names containing special characters like e.g. [
Fixes  #1431  
						
						
					 
					
						2016-11-03 18:17:11 +01:00 
						 
				 
			
				
					
						
							
							
								Mandar Gokhale 
							
						 
					 
					
						
						
						
						
							
						
						
							0e15ffff62 
							
						 
					 
					
						
						
							
							Correct a few typos  
						
						... 
						
						
						
						...and update man pages where applicable 
						
						
					 
					
						2016-11-03 12:09:44 +00:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							2a865f085e 
							
						 
					 
					
						
						
							
							Merge pull request  #1424  from MikeMcQuaid/audit-more-test-system  
						
						... 
						
						
						
						audit: check more unscoped test calls. 
						
						
					 
					
						2016-11-02 21:50:54 -04:00 
						 
				 
			
				
					
						
							
							
								Steven Peters 
							
						 
					 
					
						
						
						
						
							
						
						
							72f889fef0 
							
						 
					 
					
						
						
							
							audit: restore check that was lost in  #927  
						
						... 
						
						
						
						This audit check ensures that certain build dependencies
are explicitly marked either as `:build` or `:run`.
It seems to have been lost in #927 .
It was also adjusted in #1290 . 
						
						
					 
					
						2016-11-02 16:52:09 -07:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							f35a86ff70 
							
						 
					 
					
						
						
							
							audit: stricter test system calls check.  
						
						... 
						
						
						
						Ensure that the name is suffixed with whitespace or quotes. 
						
						
					 
					
						2016-11-02 15:57:19 -04:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							7aa26f7817 
							
						 
					 
					
						
						
							
							audit: check more unscoped test calls.  
						
						... 
						
						
						
						Also check `def test`, `shell_output`, `pipe_output` and method calls
using parentheses. 
						
						
					 
					
						2016-11-02 13:23:38 -04:00 
						 
				 
			
				
					
						
							
							
								Baptiste Fontaine 
							
						 
					 
					
						
						
						
						
							
						
						
							127461d879 
							
						 
					 
					
						
						
							
							audit: don't check new formulae revision/versions.  
						
						
						
						
					 
					
						2016-10-30 13:51:23 -04:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							ef58225749 
							
						 
					 
					
						
						
							
							audit: check the version does not decrease.  
						
						... 
						
						
						
						This will prevent brew upgrade from working correctly. 
						
						
					 
					
						2016-10-30 13:51:21 -04:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							8d5df2ea87 
							
						 
					 
					
						
						
							
							Merge pull request  #1402  from MikeMcQuaid/audit-system-test  
						
						... 
						
						
						
						audit: check test system calls are fully scoped. 
						
						
					 
					
						2016-10-30 13:30:03 -04:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							20c8c5958e 
							
						 
					 
					
						
						
							
							Merge pull request  #1367  from MikeMcQuaid/audit-check-master-branch  
						
						... 
						
						
						
						audit: check for master branch tar/zipballs. 
						
						
					 
					
						2016-10-30 13:29:47 -04:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							a093c62b16 
							
						 
					 
					
						
						
							
							Revert "audit: check the version does not decrease."  
						
						
						
						
					 
					
						2016-10-30 07:32:20 -04:00 
						 
				 
			
				
					
						
							
							
								Mike McQuaid 
							
						 
					 
					
						
						
						
						
							
						
						
							0bd0fec6a6 
							
						 
					 
					
						
						
							
							audit: check test system calls are fully scoped.  
						
						... 
						
						
						
						This doesn't matter for everything but it does for the binaries that
are installed. Have a limited name/alias check when not installed and
a better one that iterates bin/sbin if installed. 
						
						
					 
					
						2016-10-29 17:53:05 -04:00