We've already disabled installing casks/formulae from URLs and we
regularly tell people not to install from paths so let's just deprecate
this behaviour entirely.
Even Homebrew developers do not need to work this way.
- Improve the error message when a cask or formula is forbidden by an
environment variable (fixes#17880)
- Move the `forbidden_tap_check` and `forbidden_cask_and_formula_check`
methods to the top of the `install` method, so that they are checked
before the main cask is downloaded.
This is a follow-up to 484498e. I added loading for tap migration
renames from the API but it apparently only worked for full names.
There was a bug in both the code and the tests which prevented
loading by short names. This fixes those bugs so everything should
be good now.
Check for the following:
- Tap migration rename to core tap can be loaded by short name
- Tap migration rename to core tap can be loaded by long name
- Tap migration renam that clashes with existing core tap short name
is ignored in favor of loading the cask/formula from the core tap
This replaces `FileUtils.cp` and `system_command! "cp"` with the new
`Utils::Cp` utility where it is expected that the performance
improvement outweighs the cost of the system command invocation.
There are two big changes here. Both have to do with how we want
to load casks in different scenarios. One also is related to formulae.
1. Prevent loading casks & formulae outside of taps for specific commands.
There are certain commands like `bump`, `bump-*-pr`, `livecheck` and `audit`
where it really makes no sense to try and run things if the specified formulae
or cask is not in a tap. A new `#to_formulae_and_casks_with_taps` method was
added to the `CLI::NamedArgs` class to allow us to easily grab and validate
formulae and casks from named arguments.
2. Always load the source file path when loading casks with the path loader.
There was an edge case where all JSON cask files were being loaded without
setting the source file path because most of the work was handed off to the
API loader where that normally would make more sense. Now we set that when
calling the API loader which solves the problem. This improves the user
experience of people using the `--cache` and `fetch` commands in certain
edge cases. Hopefully it makes the user experience a bit more consistent.
A regression test was added for this point.
We already had `HOMEBREW_FORBIDDEN_LICENSES` but this commit adds
`HOMEBREW_FORBIDDEN_CASKS`, `HOMEBREW_FORBIDDEN_FORMULAE` and
`HOMEBREW_FORBIDDEN_TAPS` for also forbidding those.
Relatedly, add `HOMEBREW_FORBIDDEN_OWNER` and
`HOMEBREW_FORBIDDEN_OWNER_CONTACT` to allow customising these
messages.
There were no existing tests for `HOMEBREW_FORBIDDEN_LICENSES` so have
added more tests for all of these checks.
Co-authored-by: Bo Anderson <mail@boanderson.me>
