1132 Commits

Author SHA1 Message Date
Gautham Goli
c3330c289d Add --only-cops,--except-cops options for brew audit
Also refactor audit cops into two "departments"
 - FormulaAudit
 - FormulaAuditStrict
2017-05-02 23:26:12 +05:30
Gautham Goli
a4568a8697 Let cops run without --strict flag 2017-05-02 23:14:44 +05:30
Dominyk Tiller
85053b1476
audit: add audit_keg_only_style 2017-05-01 19:22:34 +01:00
Mike McQuaid
0c9047a2b8 Merge pull request #2562 from DomT4/you_shall_not_pass_go_get
audit: formally ban go get usage
2017-04-30 13:32:22 +01:00
Zhiming Wang
7a75de7cb1
pull: fix status code check in check_bintray_mirror
The status code of the last redirect should be 2xx to be deemed successful.
2017-04-29 19:30:19 -04:00
Dominyk Tiller
2ad43cb1fd
audit: formally ban go get usage
There's been an informal ban for a while but let's
be punchier because this crops up still.
2017-04-28 17:38:01 +01:00
Mike McQuaid
1c9cfb2419 audit: tweak dependency option audit.
Make sure that `if build.with?` isn't caught.
2017-04-27 16:30:05 +01:00
Mike McQuaid
0cedb4db08 tap-new: bump Xcode to 8.3.
Update this to the current latest Travis CI supports (which we're using)
2017-04-27 08:56:46 +01:00
Mike McQuaid
5647fdb2f9 audit: fix audit of new formulae.
When auditing new formulae without `--new-formula` the
`audit_revision_and_version_scheme` method fails ungracefully. Instead,
set some better defaults so fewer checks are needed.

Fixes #2551.
2017-04-26 11:33:13 +01:00
Mike McQuaid
b2a291529d audit: fix use of search_tap method.
This was removed in #2540 but this call site was note updated to use
the `search_taps` method instead.
2017-04-25 12:08:50 +01:00
Mike McQuaid
ceb1629ad7 Merge pull request #2465 from GauthamGoli/audit_components_port_rubocop
audit: audit_components method to rubocops and tests
2017-04-24 10:06:41 +01:00
Mike McQuaid
d5155256ce Fix audit version_scheme and revision checks.
Another attempt at fixing `brew audit` issues around detecting
`revision` and `version_scheme` changes correctly. First done in #1754
and #2086 (reverted in #2099 and #2100).

To ease future debugging a `ph` helper has been added to print a hash
and a series of RSpec tests to verify that the `revision`,
`version_scheme` and `version` formula version audits behave as
expected.

Fixes #1731.
2017-04-23 18:56:22 +01:00
Mike McQuaid
11acadaa50 Merge pull request #2524 from MikeMcQuaid/more-env-filtering-fixes
Hide sensitive tokens from install/test/post.
2017-04-23 09:45:47 +01:00
Mike McQuaid
a937ed0a20 Merge pull request #2522 from MikeMcQuaid/more-deprecations
More deprecations.
2017-04-22 17:47:39 +01:00
Gautham Goli
413a7e5dae Port audit_components method to rubocops and add corresponding tests 2017-04-22 21:53:16 +05:30
Mike McQuaid
5c82e0d552 Merge pull request #2526 from MikeMcQuaid/audit-gnu-mirror-flip
audit: flip GNU mirror preference.
2017-04-22 16:54:50 +01:00
Mike McQuaid
d02b4f321d Hide sensitive tokens from install/test/post.
Hide these tokens to avoid malicious subprocesses e.g. sending them
over the network. Also, support using these tokens with environment
filtering and clear `HOMEBREW_PATH` from subprocesses to stop them
sniffing it. Finally, use `HOMEBREW_PATH` to detect Homebrew’s user’s
PATH for e.g. `brew doctor` etc.
2017-04-22 16:31:19 +01:00
Mike McQuaid
ba3c46d24f More deprecations.
Deprecate more methods. Internal APIs have been verified to be unused
elsewhere and removed. External APIs have had deprecation methods added.
Existing deprecations have been either upgraded to produce warnings or
no longer deprecated and the reasoning documented.
2017-04-22 16:28:07 +01:00
Mike McQuaid
044bd974e4 Merge pull request #2484 from MikeMcQuaid/unversion-formula-tap-match
audit: lookup unversioned formulae with Formulary.
2017-04-22 15:04:21 +01:00
Mike McQuaid
94ef7318ae audit: flip GNU mirror preference.
Now that both the primary and mirror URLs use HTTPS we can flip these
around so the primary URL is the primary URL and we don't have problems
with waiting for mirror propagation.
2017-04-22 13:10:03 +01:00
Mike McQuaid
185b1787c6 audit: lookup unversioned formulae with Formulary.
This means that if e.g. the unversioned formulae exists in another tap
this audit won't produce a false positive.
2017-04-22 13:00:38 +01:00
Mike McQuaid
a6df701fad tests: reduce some noise.
- Tweak the way offline skipping happens
- Skip more tests that break when offline
- Hide more stdout output from tests.
2017-04-22 12:49:14 +01:00
Mike McQuaid
fdcffb25a9 Merge pull request #2482 from MikeMcQuaid/audit-dependency-options
audit: ensure default dependencies don't use options.
2017-04-22 11:07:16 +01:00
Mike McQuaid
3011cbac34 audit: ensure dependencies don't use options.
Option dependencies are nasty as they cause unnecessary builds from
source.
2017-04-21 18:24:10 +01:00
Mike McQuaid
1775c32210 audit: new formulae should not require patches.
We may under some circumstances accept these anyway but it's better to
nudge people into the right behaviours on local `audit`s.
2017-04-21 18:23:55 +01:00
Mike McQuaid
2be7999878 Merge pull request #2274 from rwhogg/fuse-requirement
Port OsxfuseRequirement to Linux
2017-04-20 17:14:42 +01:00
Steven Peters
3982d24d8b audit: fix swapped audit messages 2017-04-19 10:59:11 -07:00
Mike McQuaid
55c02ae774 Merge pull request #2478 from MikeMcQuaid/audit-skip-methods
audit: allow skipping audit methods.
2017-04-18 09:18:55 +01:00
Mike McQuaid
43253ede65 create: use GitHub metadata where available.
GitHub provides a description and homepage field so let `brew create`
use them where possible. Also, detect GitHub repositories based on
`releases` as well as `archive`s.
2017-04-18 08:22:41 +01:00
Mike McQuaid
3f8722c971 audit: allow skipping audit methods.
Add `--only` and `--except` methods which can be used to selectively
enable or disable audit groups.
2017-04-18 08:17:26 +01:00
Mike McQuaid
417f49dd32 Merge pull request #2477 from MikeMcQuaid/audit-more-universal
audit: check for more universal usage.
2017-04-17 15:50:21 +01:00
Mike McQuaid
29b54dc16d Merge pull request #2473 from MikeMcQuaid/audit-language-module-requirements
audit: deprecate language module requirements.
2017-04-17 14:20:51 +01:00
Bob W. Hogg
7b6abc7630 Only run Linux-specific tests on Linux 2017-04-15 21:20:09 -07:00
Mike McQuaid
88a75af1c3 audit: don't recommend version aliases on --devel.
As requested in #11462 by @neutric as this produces confusing,
incorrect output.
2017-04-10 19:03:44 -07:00
Mike McQuaid
0948d2013a audit: deprecate language module requirements.
Make `brew audit` complain about language module requirements because
they provide a crappy user experience compared to vendoring and we’re
not really fixing bugs in them any more.
2017-04-10 22:42:57 +01:00
Mike McQuaid
2c370f3677 audit: check for more universal usage.
Also check for `ENV.universal_binary` and `build.universal?`. The prior
is still required for `wine` and the latter should never be required any
longer.
2017-04-10 22:36:39 +01:00
Mike McQuaid
3f51406212 Merge pull request #2242 from GauthamGoli/audit_custom_cops
Port audit_desc audit rules to a cop
2017-04-05 08:37:43 +01:00
Mike McQuaid
57b230dd5c audit: fix core formula alias check.
Was missing a formula object being passed.
2017-04-04 18:38:18 +01:00
Mike McQuaid
566d3cb58b Document all short flags. 2017-04-02 10:14:58 +01:00
Mike McQuaid
bfcfdb4f01 man: strip </?var> from Markdown output. 2017-04-02 10:14:57 +01:00
Mike McQuaid
3805850eb3 Merge pull request #2414 from sjackman/update-test-fetch-shallow
update-test: Use git fetch --tags --depth=1
2017-03-30 19:58:42 +01:00
Mike McQuaid
7d66e29927 Merge pull request #2399 from MikeMcQuaid/unversioned-formulae-check
audit: check for unversioned formulae.
2017-03-30 19:06:47 +01:00
Mike McQuaid
490252d063 Merge pull request #2392 from MikeMcQuaid/cleanup-taps
Update all references to taps.
2017-03-30 19:06:14 +01:00
William Woodruff
e7554b0b3f
audit: Fix cctools invocation check regular expression.
Additionally, ignore the cctools formula itself, since it obviously
needs to check cctools invocations.
2017-03-29 09:52:35 -04:00
William Woodruff
8608d1ea78 Merge pull request #1828 from woodruffw/audit-cctools
audit: Check for invocations of cctools.
2017-03-28 22:03:57 -04:00
Shaun Jackman
89f3b6d6a6 update-test: Use git fetch --tags --depth=1
Use git fetch --tags --depth=1 to fetch fewer commits.
2017-03-28 09:36:50 -07:00
Mike McQuaid
c3bf9bda58 update-test: improve error handling.
Fail if the start or end commit are missing and retry finding the
previous tag by fetching all tags if they are missing.

This should fix CI on the current Homebrew/brew `master` branch.

Closes #2404.
2017-03-28 15:31:16 +01:00
ilovezfs
70685f3017 audit: bump whitelisted elm-format version to 0.6.0-alpha 2017-03-26 22:43:08 -07:00
Mike McQuaid
181275c016 audit: check for unversioned formulae.
If we're adding a versioned formulae we want to ensure that there's also
an unversioned one too.
2017-03-26 20:36:37 +01:00
Mike McQuaid
09231dd52b Merge pull request #2393 from raza15/raza2
updating the exception for "kibana" for the "@" naming scheme. File changed: audit.rb
2017-03-26 19:51:25 +01:00