Add a new `Sandbox.formula?` method to see if a given formula should be
sandboxed. Use the formula to check its tap against a list of
pre-approved taps where we know every formula builds under the sandbox
(currently just homebrew/core).
Loosen this a bit; we don't necessarily expect the end commit is the one
we're looking for, just that it has changed from the start commit (i.e.
some sort of update has occurred).
Addresses some false negatives on `master` branch merges that weren't
present on the PR commits.
Swats away this annoying warning when the test is skipped due to GPG being
unavailable:
```
1) Skipped:
GpgTest#test_create_test_key:
GPG Unavailable
Error:
GpgTest#test_create_test_key:
NoMethodError: undefined method `rmtree' for nil:NilClass
/usr/local/Library/Homebrew/test/test_gpg.rb:11:in `teardown'
```
Closes#675.
Signed-off-by: Dominyk Tiller <dominyktiller@gmail.com>
Removes the detection logic from the Requirement in favour of it living inside
the Gpg class & us calling it from there. It's a bit nicer & avoids us calling
Requirement code from outside of direct requirement handling & fulfillment.
GPG 1.x has stopped receiving new features, some of which we may well want to
take advantage of sooner or later in Homebrew. Upstream has also been attempting
to work out for a while how well used it still is which suggests it may "go away"
at some point in the future.
Debian is also in the process of migrating GnuPG 1.x to a `gpg1` executable
whilst GnuPG 2.1.x assumes the `gpg` executable. There's a detailed video
discussion of this from DebConf 2015 at:
http://meetings-archive.debian.net/pub/debian-meetings/2015/debconf15/GnuPG_in_Debian_report.webm
It's unsafe to assume every `gpg` executable is going to forever equal 1.x and
every `gpg2` executable is going to forever equal 2.x. MacGPG2 has been symlinking
2.x as a vanilla `gpg` for a while, for example, and we will be soon as well.
You'll still be able to plonk the `libexec/bin` path of `gpg` in your PATH to
access a vanilla `gpg` 1.x executable if you want to, but we're not going to
actively keep adding gpg1 support to formulae going forwards. There's really no
reason why 99.9% of projects should not or cannot use `gpg2` these days.
This uses detection methods to determine regardless of what the executable
is called we're always hitting a 2.0 GnuPG or nothing.
which_all already runs some checks to see if the file is a file & is executable.
Our usage here inside `self.available?` is mostly a smoke test.
Closes#676.
Signed-off-by: Dominyk Tiller <dominyktiller@gmail.com>
Add a `brew update --force` to side-step all of the clever optimisations
we have to detect if an update is unnecessary. That means if those
optimisations go wrong in future we can tell people just to run this
single command.
This would have been a useful workaround for the issue fixed in 985c672.
