6002 Commits

Author SHA1 Message Date
Mike McQuaid
e3a1a9dccf
Improve locking UX
My experience recently playing around with our locking behaviour is
that, while mostly seamless and not seen by users, it's leaks
implementation details a bit too heavily.

As a result, the following improvements are in this commit:
- Ensure that, whenever possible, we tell the user the actual command
  that is holding a given lock instead of the lock name (an internal
  implementation detail)
- Make the locking error output a little more consistent and user
  friendly
- Add a `DownloadLock` class to simplify locking downloads
- Add a `HOMEBREW_LOCK_CONTEXT` variable to allow adding additional
  context for logging error messages
- Lock paths and leave deciding how this translates to lock names up
  to the locking code itself
- Lock the Cellar/Caskroom paths explicitly rather than implicitly

Co-authored-by: Carlo Cabrera <30379873+carlocab@users.noreply.github.com>
2024-07-30 17:51:02 +01:00
William Woodruff
5e0e0d56af
attestation: remove gh version detection
I'm declaring bankruptcy on this entire approach:

1. We can attempt to match on versions, but this will fail
   when the version of `gh` installed is built from `HEAD`
   or similar.
2. We can match on dates instead (since `gh --version` also includes
   the date), but this is even more brittle + implies a support
   contract we don't actually have (we don't actually want
   to say we support random dated builds between public releases
   of `gh`).

This moves us back to a simpler approach: if `gh` is present,
we use it. If `gh` is not present, we attempt to install it
with `ensure_executable!`. If the user's `gh` is present but too old,
it'll fail during attestation verification with a reasonable error,
which IMO is fine for now since this is all still in beta.

Signed-off-by: William Woodruff <william@yossarian.net>
2024-07-29 13:13:55 -04:00
Issy Long
f0084e611a
rubocops/text: Allow all "#{bin}/foo" interpolated strings with spaces
- This was complaining about `shell_output("#{bin}/abricate-get_db --help 2>&1")` which it shouldn't have.
2024-07-28 17:18:35 +01:00
Mike McQuaid
7abc6f4349
cask/installer: improve *_FORBIDDEN_* env handling.
- Improve the error message when a cask or formula is forbidden by an
  environment variable (fixes #17880)
- Move the `forbidden_tap_check` and `forbidden_cask_and_formula_check`
  methods to the top of the `install` method, so that they are checked
  before the main cask is downloaded.
2024-07-27 16:13:51 +01:00
Branch Vincent
5304b70c92
rubocops/lines: remove existing npm audit 2024-07-26 05:41:57 -07:00
Issy Long
38bb463aad
Interpolated shell_output("#{bin}/foo -v"), for example, is fine
- This would be weird to change because it's a string not a pathname passed to `shell_output`.
- I had misunderstood https://github.com/Homebrew/brew/pull/17826#discussion_r1690806375.
2024-07-25 13:28:00 +01:00
Mike McQuaid
b31cfe8a85
Merge pull request #17840 from Homebrew/forbid-path-installs 2024-07-25 11:48:30 +01:00
Issy Long
ac973535ee
Merge pull request #17826 from Homebrew/no-interpolated-bin
rubocops/text: Enforce `bin/"formula"` instead of `"#{bin}/formula"`
2024-07-25 11:39:20 +01:00
Bo Anderson
10cbf191dc
Add env to disable finding packages from paths 2024-07-25 11:37:44 +01:00
Issy Long
a6596c969f
Test the shell_output single string edge case 2024-07-25 10:41:13 +01:00
Bo Anderson
a4b65647ae
Merge pull request #17844 from samford/version-loosen-debian-regex
version: loosen Debian orig tarball regex
2024-07-25 04:47:32 +01:00
Bo Anderson
38987be01f
cmd/--repository: fix homebrew- prefix handling 2024-07-25 01:42:53 +01:00
Issy Long
3713939e0d
rubocops/text: Include dashed binaries in bin/ interpolation check
- Previously this only included the formula name.
- But, for example in tests, we have "#{bin}/ansible-test",
  not just "#{bin}/ansible". So handle that too.
- I decided to make the error message better by extracting the
  binary name from the interpolation, but I'm not sure it was worth it.

```
$ brew audit --strict ansible
ansible
  * line 580, col 29: Use `bin/"ansible-test"` instead of `"#{bin}/ansible-test"`
Error: 1 problem in 1 formula detected.
```
2024-07-24 22:19:38 +01:00
Sam Ford
2cd95d482d
version: loosen Debian orig tarball regex
The regex to match Debian `orig` tarballs uses the standard regex for
versions like `1.2.3` but it won't match versions without a dot. The
`lcrack` formula uses a date-based version in the filename
(`lcrack_20040914.orig.tar.gz`) and `mkcue` uses a single number
(`mkcue_1.orig.tar.gz`), so we have to use a manual `version` in
these formulae.

This updates the regex to use the looser `NUMERIC_WITH_OPTIONAL_DOTS`
pattern, which will also match the aforementioned versions. I tested
this by checking versions of formulae before/after this change and
confirming that they remain the same after removing the `version`
calls from related formulae.
2024-07-24 11:39:09 -04:00
Bo Anderson
131b930d89
attestation: only fallback to backfill on 404 2024-07-23 16:59:52 +01:00
Issy Long
96400e01e1
rubocops/text: Enforce bin/"formula" instead of "#{bin}/formula" 2024-07-23 12:43:15 +01:00
Nanda H Krishna
45f853ef61
Merge pull request #17793 from Homebrew/fix-frozen-array-modification-errors
Avoid frozen array errors in `brew upgrade`
2024-07-19 09:58:57 -04:00
apainintheneck
5a37a77a7b Add tests for new sort_formulae_for_install method
These are integration tests but they should complete relatively
quickly anyway since we're not installing anything.
2024-07-18 21:38:43 -07:00
Bo Anderson
16d547b030
attestation: handle bad configurations better 2024-07-18 16:11:25 +01:00
Kevin
4aae003a1a
Merge pull request #17766 from Homebrew/fix-formula-uri-loader
FormulaURILoader: use regex to validate refs before attempting to cast
2024-07-17 20:07:17 -07:00
Nanda H Krishna
6db608f43f
Ensure that the gh formula is sufficiently new 2024-07-17 14:48:53 -04:00
Nanda H Krishna
8839ccfe72
Fix tests for attestations 2024-07-17 14:48:53 -04:00
Nanda H Krishna
802eb54e87
Fix tests for attestations 2024-07-17 14:48:50 -04:00
Bo Anderson
f40330c42d
attestation: avoid touching working directory 2024-07-17 19:18:09 +01:00
Bo Anderson
19617cb161
system_command: add reset_uid option 2024-07-17 06:33:03 +01:00
Rylan Polster
b563d9920b
FormulaURILoader: use regex to validate refs before attempting to cast 2024-07-15 14:07:55 -04:00
Rylan Polster
d4910cc490
Merge pull request #17757 from krehel/fix-cask-info 2024-07-15 14:07:25 -04:00
Rylan Polster
284f6b8829
Remove redundant context block 2024-07-15 13:55:23 -04:00
Rylan Polster
9ff4bab171
Fix tab info test 2024-07-15 13:31:39 -04:00
Rylan Polster
7d16fd9186
Revert "sandbox: deny signal to other processes" 2024-07-15 12:22:02 -04:00
William Woodruff
ad1500ad60
Apply suggestions from code review 2024-07-14 16:30:12 -04:00
Nanda H Krishna
1ae21d2731
attestation: improve error message when gh is too old 2024-07-14 16:12:56 -04:00
Mike McQuaid
4d1e601ecb
Merge pull request #17721 from Homebrew/deprecated_packages_disable_date 2024-07-14 14:15:05 -04:00
Rylan Polster
fea65f7603
Merge pull request #17719 from Moisan/sandbox_process_signals 2024-07-14 13:38:38 -04:00
William Woodruff
a6e6837077
Merge pull request #17724 from Homebrew/ww/fix-local-bottles 2024-07-14 13:32:36 -04:00
William Woodruff
fdabfd15dc
formula_auditor_spec: add wheel resource test
Signed-off-by: William Woodruff <william@yossarian.net>
2024-07-14 13:19:36 -04:00
Ruoyu Zhong
96cf5513c8
Port brew --repository to Bash
This provides a significant speedup:

    $ hyperfine 'git checkout master; brew --repo homebrew/core' 'git checkout brew-repository-speedup; brew --repo homebrew/core'
    Benchmark 1: git checkout master; brew --repo homebrew/core
      Time (mean ± σ):      1.737 s ±  0.388 s    [User: 0.743 s, System: 0.323 s]
      Range (min … max):    1.336 s …  2.438 s    10 runs

    Benchmark 2: git checkout brew-repository-speedup; brew --repo homebrew/core
      Time (mean ± σ):     459.1 ms ±  91.9 ms    [User: 100.5 ms, System: 142.1 ms]
      Range (min … max):   366.5 ms … 594.0 ms    10 runs

    Summary
      git checkout brew-repository-speedup; brew --repo homebrew/core ran
        3.78 ± 1.13 times faster than git checkout master; brew --repo homebrew/core
2024-07-14 12:07:11 -04:00
Thierry Moisan
e351cf049c
Update Library/Homebrew/test/sandbox_spec.rb
Co-authored-by: Mike McQuaid <mike@mikemcquaid.com>
2024-07-14 11:51:52 -04:00
Thierry Moisan
6995e955b5
Update Library/Homebrew/test/sandbox_spec.rb
Co-authored-by: Mike McQuaid <mike@mikemcquaid.com>
2024-07-14 11:51:45 -04:00
Mike McQuaid
15f162c6ab
Output disable date for deprecated packages
Let's use the disable date, if provided, and use 1 year after the
deprecation date otherwise, to display a better message for the
various outputs of deprecated package messages.

Also, provide an internal API for this that can be used by
Homebrew/actions.
2024-07-14 11:49:44 -04:00
Thierry Moisan
66a479be82
sandbox: deny signal to other processes 2024-07-14 11:21:51 -04:00
Mike McQuaid
001d318014
Merge pull request #17707 from Homebrew/optimise_requires 2024-07-14 09:01:42 -04:00
Mike McQuaid
c5dbd3ca24
Rearrange requires
This improves the load time of most brew commands. For an example of
one of the simplest commands this speeds up:

Without Bootsnap:
```
$ hyperfine 'git checkout master; brew help' 'git checkout optimise_requires; brew help'
Benchmark 1: git checkout master; brew help
  Time (mean ± σ):     525.0 ms ±  35.8 ms    [User: 229.9 ms, System: 113.1 ms]
  Range (min … max):   465.3 ms … 576.6 ms    10 runs

Benchmark 2: git checkout optimise_requires; brew help
  Time (mean ± σ):     383.3 ms ±  25.1 ms    [User: 133.0 ms, System: 72.1 ms]
  Range (min … max):   353.0 ms … 443.6 ms    10 runs

Summary
  git checkout optimise_requires; brew help ran
    1.37 ± 0.13 times faster than git checkout master; brew help
```

With Bootsnap:
```
$ hyperfine 'git checkout master; brew help' 'git checkout optimise_requires; brew help'
Benchmark 1: git checkout master; brew help
  Time (mean ± σ):     386.0 ms ±  30.9 ms    [User: 130.2 ms, System: 93.8 ms]
  Range (min … max):   359.5 ms … 469.3 ms    10 runs

Benchmark 2: git checkout optimise_requires; brew help
  Time (mean ± σ):     330.2 ms ±  32.4 ms    [User: 93.4 ms, System: 73.0 ms]
  Range (min … max):   302.9 ms … 413.9 ms    10 runs

Summary
  git checkout optimise_requires; brew help ran
    1.17 ± 0.15 times faster than git checkout master; brew help
```
2024-07-14 08:49:39 -04:00
William Woodruff
92ef6ef763
Merge pull request #17708 from Homebrew/sandbox-chmod 2024-07-13 16:38:44 -04:00
Rylan Polster
e054a3ccf6
Also restrict SUID/GSID writes in sandbox 2024-07-13 16:28:17 -04:00
Thierry Moisan
74bb9fb193
Add test 2024-07-13 16:14:12 -04:00
Mike McQuaid
0f9ca1d627
Merge pull request #17699 from Homebrew/ww/rm-marshal-from-spec 2024-07-13 15:53:00 -04:00
Mike McQuaid
2ee6f29934
Merge pull request #17700 from Homebrew/filter-special-chars-from-sandbox 2024-07-13 15:52:33 -04:00
William Woodruff
419d4f7ab6
curl_spec: use deep_dup
Signed-off-by: William Woodruff <william@yossarian.net>
2024-07-13 15:36:34 -04:00
William Woodruff
695f080ba8
Revert "curl_spec: remove no-op Marshal use"
This reverts commit f3847d263f69a9a36e004c75c4969f939a66de3b.
2024-07-13 15:33:16 -04:00