admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity
41,947 Commits 15 Branches 471 Tags
Commit Graph

41947 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rylan Polster
278bd2f1c2
Merge pull request #17919 from Homebrew/ww/backslash 2024-07-31 12:25:47 -04:00
William Woodruff
9d313b23eb
sandbox: disallow backslashes in path filter names 
This should really be an allowlist rather than a denylist,
but for the time being this at least prevents someone from
causing an obtuse sandbox error by naming a file something like
"foo\".

Signed-off-by: William Woodruff <william@yossarian.net>
 2024-07-31 12:10:51 -04:00
Markus Reiter
4a1643e7ad
Refactor condition. 2024-07-30 21:48:59 +02:00
Markus Reiter
77e3a405f5
Remove unneeded rules. 2024-07-30 21:44:10 +02:00
Markus Reiter
40d55f8035
Change type name. 2024-07-30 21:43:30 +02:00
Markus Reiter
3b4e1cb573
Share code between cask token and formula name audits. 2024-07-30 21:41:15 +02:00
Mike McQuaid
ca22e9ccfa
Merge pull request #17904 from Homebrew/lock_improvements 2024-07-30 18:02:02 +01:00
Patrick Linnane
c609f24efb
Merge pull request #17908 from Homebrew/dependabot/bundler/Library/Homebrew/sorbet-0.5.11500 2024-07-30 09:53:58 -07:00
Patrick Linnane
65725edcdd
Merge pull request #17911 from Homebrew/dependabot/bundler/Library/Homebrew/racc-1.8.1 2024-07-30 09:52:03 -07:00
Mike McQuaid
e3a1a9dccf
Improve locking UX 
My experience recently playing around with our locking behaviour is
that, while mostly seamless and not seen by users, it's leaks
implementation details a bit too heavily.

As a result, the following improvements are in this commit:
- Ensure that, whenever possible, we tell the user the actual command
  that is holding a given lock instead of the lock name (an internal
  implementation detail)
- Make the locking error output a little more consistent and user
  friendly
- Add a `DownloadLock` class to simplify locking downloads
- Add a `HOMEBREW_LOCK_CONTEXT` variable to allow adding additional
  context for logging error messages
- Lock paths and leave deciding how this translates to lock names up
  to the locking code itself
- Lock the Cellar/Caskroom paths explicitly rather than implicitly

Co-authored-by: Carlo Cabrera <30379873+carlocab@users.noreply.github.com>
 2024-07-30 17:51:02 +01:00
Patrick Linnane
5d2195828f
Merge pull request #17881 from Homebrew/npm-args-docs 2024-07-30 09:46:47 -07:00
BrewTestBot
88eb68b799
Update RBI files for sorbet. 
Autogenerated by the [vendor-gems](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/vendor-gems.yml) workflow.
 2024-07-30 16:43:10 +00:00
BrewTestBot
14553e367f
brew vendor-gems: commit updates. 2024-07-30 16:42:50 +00:00
dependabot[bot]
2876c6bce2
build(deps-dev): bump sorbet in /Library/Homebrew 
Bumps [sorbet](https://github.com/sorbet/sorbet) from 0.5.11495 to 0.5.11500.
- [Release notes](https://github.com/sorbet/sorbet/releases)
- [Commits](https://github.com/sorbet/sorbet/commits)

---
updated-dependencies:
- dependency-name: sorbet
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-30 09:41:28 -07:00
BrewTestBot
987481a0e4
brew vendor-gems: commit updates. 2024-07-30 16:40:43 +00:00
Mike McQuaid
72b45a0c3b
Merge pull request #17907 from Homebrew/dependabot/bundler/Library/Homebrew/spoom-1.4.2 2024-07-30 17:11:36 +01:00
dependabot[bot]
21b5931b99
build(deps-dev): bump racc from 1.8.0 to 1.8.1 in /Library/Homebrew 
Bumps [racc](https://github.com/ruby/racc) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/ruby/racc/releases)
- [Changelog](https://github.com/ruby/racc/blob/master/ChangeLog)
- [Commits](https://github.com/ruby/racc/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: racc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-30 15:56:12 +00:00
dependabot[bot]
4ca51e5625
build(deps-dev): bump spoom from 1.4.1 to 1.4.2 in /Library/Homebrew 
Bumps [spoom](https://github.com/Shopify/spoom) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/Shopify/spoom/releases)
- [Commits](https://github.com/Shopify/spoom/compare/v1.4.1...v1.4.2)

---
updated-dependencies:
- dependency-name: spoom
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-30 15:54:55 +00:00
William Woodruff
6e9947d570
Merge pull request #17897 from Homebrew/ww/std-pip-args-allow-wheel 2024-07-30 11:49:17 -04:00
William Woodruff
575592d7f9
Update Library/Homebrew/language/python.rb 
Co-authored-by: Bo Anderson <mail@boanderson.me>
 2024-07-30 11:38:07 -04:00
William Woodruff
9804e58ceb
python: don't assume resources have URLs 
Signed-off-by: William Woodruff <william@yossarian.net>
 2024-07-30 09:51:33 -04:00
William Woodruff
c6ba4844b3
specialize wheel resource handling 
Signed-off-by: William Woodruff <william@yossarian.net>
 2024-07-30 08:38:58 -04:00
Carlo Cabrera
3ac3feed3c
Merge pull request #17903 from Homebrew/fix-dash-v 2024-07-30 18:12:00 +08:00
Carlo Cabrera
0f71de045e
brew.sh: fix brew -v 
`brew -v` was previously equivalent to `brew --version`, but it
currently returns the output of `brew help`. (This also occurs with
`brew -x`, where x is any single character.)

This is because the `-?` pattern matches `-` followed by any single
character. We need to quote it to capture the intended meaning.
 2024-07-30 17:09:11 +08:00
Mike McQuaid
cae9660c36
Merge pull request #17773 from branchvincent/node-shebangs 2024-07-30 08:34:29 +01:00
Mike McQuaid
33f555eac9
Merge pull request #17901 from iMichka/archive 2024-07-30 08:31:09 +01:00
Bo Anderson
874d2da453
Merge pull request #17902 from Homebrew/api-credentials-fix 
Fix GitHub API credential encoding errors
4.3.12 		2024-07-30 07:25:46 +01:00
Bo Anderson
1b8a8a0902
attestation: only extract credentials when necessary 2024-07-30 04:51:29 +01:00
Bo Anderson
a0a3333ee4
utils/github/api: fix encoding errors when reading from keychain 2024-07-30 04:51:00 +01:00
Michka Popoff
352678d933
feat: enable audit for wayback urls on all formulae 
Still for core only

Follow up of #16476

With https://github.com/Homebrew/homebrew-core/pull/160050 all formuale in core have been treated
 2024-07-29 23:55:17 +02:00
Patrick Linnane
1b0fdae219
Merge pull request #17900 from Homebrew/dependabot/bundler/Library/Homebrew/spoom-1.4.1 2024-07-29 12:01:39 -07:00
BrewTestBot
2f395346e7
Update RBI files for spoom. 
Autogenerated by the [vendor-gems](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/vendor-gems.yml) workflow.
 2024-07-29 18:51:04 +00:00
BrewTestBot
298af3d084
brew vendor-gems: commit updates. 2024-07-29 18:50:49 +00:00
dependabot[bot]
e8b5f023cc
build(deps-dev): bump spoom from 1.4.0 to 1.4.1 in /Library/Homebrew 
Bumps [spoom](https://github.com/Shopify/spoom) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/Shopify/spoom/releases)
- [Commits](https://github.com/Shopify/spoom/compare/v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: spoom
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-29 18:35:36 +00:00
Nanda H Krishna
d99c2bc890
Merge pull request #17899 from Homebrew/ww/no-version-sniffing 2024-07-29 14:08:39 -04:00
William Woodruff
107d57d220
extend/kernel: forward the latest: kwarg 
Signed-off-by: William Woodruff <william@yossarian.net>
 2024-07-29 13:43:42 -04:00
William Woodruff
5e0e0d56af
attestation: remove gh version detection 
I'm declaring bankruptcy on this entire approach:

1. We can attempt to match on versions, but this will fail
   when the version of `gh` installed is built from `HEAD`
   or similar.
2. We can match on dates instead (since `gh --version` also includes
   the date), but this is even more brittle + implies a support
   contract we don't actually have (we don't actually want
   to say we support random dated builds between public releases
   of `gh`).

This moves us back to a simpler approach: if `gh` is present,
we use it. If `gh` is not present, we attempt to install it
with `ensure_executable!`. If the user's `gh` is present but too old,
it'll fail during attestation verification with a reasonable error,
which IMO is fine for now since this is all still in beta.

Signed-off-by: William Woodruff <william@yossarian.net>
 2024-07-29 13:13:55 -04:00
William Woodruff
38e47ea996
Merge pull request #17896 from Homebrew/ww/pypi-normalize 2024-07-29 10:38:14 -04:00
William Woodruff
de582fbdbf
resource_auditor: make typechecker happy 
Signed-off-by: William Woodruff <william@yossarian.net>
 2024-07-29 10:27:42 -04:00
William Woodruff
921fa5b6ed
resource_auditor: normalize PyPI names to kebab case before auditing 
Signed-off-by: William Woodruff <william@yossarian.net>
 2024-07-29 10:18:17 -04:00
Mike McQuaid
3b9bec8c95
Merge pull request #17893 from Homebrew/release_utils_github 4.3.11 2024-07-29 09:52:45 +01:00
Mike McQuaid
96cbc7bd6e
dev-cmd/release: add missing require. 2024-07-29 09:25:51 +01:00
Ruoyu Zhong
cab7ec960a
Merge pull request #17891 from Homebrew/sponsors-maintainers-man-completions 2024-07-29 08:34:50 +08:00
BrewTestBot
e9820fb1fe
Update sponsors. 
Autogenerated by the [sponsors-maintainers-man-completions](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/sponsors-maintainers-man-completions.yml) workflow.
 2024-07-29 00:06:52 +00:00
Patrick Linnane
c16f79aa10
Merge pull request #17889 from Homebrew/revert-17887-contributions-show-only-csv-in-csv-mode 2024-07-28 12:48:01 -07:00
Issy Long
9e98bbf59a
Revert "dev-cmd/contributions: Show only the CSV output for --csv" 2024-07-28 19:28:19 +01:00
Issy Long
df6b06c57e
Merge pull request #17888 from Homebrew/bin-pathname-audit-bugs 
rubocops/text: Allow all "#{bin}/foo" interpolated strings with spaces
 2024-07-28 17:44:59 +01:00
Patrick Linnane
6509dc1f29
Merge pull request #17883 from bevanjkay/unpack-strategy-types 2024-07-28 09:30:24 -07:00
Kevin
12d0d7b9c5
Merge pull request #17887 from Homebrew/contributions-show-only-csv-in-csv-mode 
dev-cmd/contributions: Show only the CSV output for `--csv`
 2024-07-28 09:25:21 -07:00
Issy Long
f0084e611a
rubocops/text: Allow all "#{bin}/foo" interpolated strings with spaces 
- This was complaining about `shell_output("#{bin}/abricate-get_db --help 2>&1")` which it shouldn't have.
 2024-07-28 17:18:35 +01:00