I don’t know how maintainers are going to feel about this, to be
honest. If it’s too clunky, perhaps we could externalise the entire two
main blocks here and then require that file into the audit instead?
Basically, I’m pushing changes here to better detect a wide-array of
SSL/TLS available links that either have no auto-redirect in place or
is a common linking error in formulae. I haven’t spotted any false
positives yet, but obviously, feel free to try and break the changes
and I’ll fix as necessary ;).
IMO, this would allow us gradual updates without having to mass-update
everything at once and stress the bot and inform users they have
hundreds of updates pending when really it’s just style/basic changes.
ClosesHomebrew/homebrew#35551.
Signed-off-by: Mike McQuaid <mike@mikemcquaid.com>
This deprecates URLs that begin with the following fake URL schemes:
bzr://
cvs://
hg://
fossil://
svn+http://
Despite their appearance, they are not actually accepted by the
corresponding tools. They exist only as hints to the download strategy
detection code, and are stripped from the URL before the URL is handed
off to the VCS program.
This is not documented, and may lead one to believe it is a valid URL
that can be used elsewhere, when it actually only works inside Homebrew.
We have a better mechanism for specifying the download strategy that is
straightforward and explicit:
:using => :hg
Recommend that instead.
ClosesHomebrew/homebrew#35114.
Before this change, audit would detect commented-out lines
containing the string 'DATA' as if there were no commenting.
Then it could complain, e.g., problem "'DATA' was found, but no
'__END__'", which would be a false alarm in that circumstance.
ClosesHomebrew/homebrew#32568.
Signed-off-by: Jack Nagel <jacknagel@gmail.com>
