Extends the audit checks to GnuPG, a significant chunk of Freedesktop
domains, and Github Pages. I’ve somewhat hardened my stance towards
Github Pages from the last time we extended this, hence the new
inclusion - I did a pretty thorough check through the Homebrew formulae
that use Github Pages for homepage links and found very few places
where enforcing SSL/TLS would cause issues - I think a wider
enforcement is worthwhile.
I’ve also fixed the capitalisation of the taps, if only because at the
moment it disagrees with what ` puts formula.tap ` outputs (We get
Homebrew/homebrew-head-only rather than homebrew/homebrew-head-only for
example).
ClosesHomebrew/homebrew#36719.
Signed-off-by: Mike McQuaid <mike@mikemcquaid.com>
Currently the bot is failing certain devel-only formulae because it
thinks having ` devel ` defined with an added ` head ` defined
as well = a head-only formula.
```
==> audit problems
docker-machine:
* Head-only (no stable download)
```
This is a pretty simple fix for that problem:
```
==> brew style docker-machine
1 file inspected, no offenses detected
```
ClosesHomebrew/homebrew#36197.
Signed-off-by: Mike McQuaid <mike@mikemcquaid.com>
I don’t know how maintainers are going to feel about this, to be
honest. If it’s too clunky, perhaps we could externalise the entire two
main blocks here and then require that file into the audit instead?
Basically, I’m pushing changes here to better detect a wide-array of
SSL/TLS available links that either have no auto-redirect in place or
is a common linking error in formulae. I haven’t spotted any false
positives yet, but obviously, feel free to try and break the changes
and I’ll fix as necessary ;).
IMO, this would allow us gradual updates without having to mass-update
everything at once and stress the bot and inform users they have
hundreds of updates pending when really it’s just style/basic changes.
ClosesHomebrew/homebrew#35551.
Signed-off-by: Mike McQuaid <mike@mikemcquaid.com>
This deprecates URLs that begin with the following fake URL schemes:
bzr://
cvs://
hg://
fossil://
svn+http://
Despite their appearance, they are not actually accepted by the
corresponding tools. They exist only as hints to the download strategy
detection code, and are stripped from the URL before the URL is handed
off to the VCS program.
This is not documented, and may lead one to believe it is a valid URL
that can be used elsewhere, when it actually only works inside Homebrew.
We have a better mechanism for specifying the download strategy that is
straightforward and explicit:
:using => :hg
Recommend that instead.
ClosesHomebrew/homebrew#35114.
Before this change, audit would detect commented-out lines
containing the string 'DATA' as if there were no commenting.
Then it could complain, e.g., problem "'DATA' was found, but no
'__END__'", which would be a false alarm in that circumstance.
ClosesHomebrew/homebrew#32568.
Signed-off-by: Jack Nagel <jacknagel@gmail.com>
