- This safelists one formula that has only ever shipped pre-releases,
from before we had the GitHub pre-release audit. So it won't fail CI
and cause maintainers more work to determine if it's always been that
way, or if it's new. Then, we don't have to keep comments at the top
of files to say so for the next contributors.
- We should check this list from time to time to make sure that the
formulae here have graduated to actual releases and we can remove
them.
This is really, really slow at the moment for a few reasons:
- it goes through the list of revisions twice
- it checks many more revisions than it needs to
Even after these improvements it's still by far the slowest audit so
am also making it a `--git` only audit.
Additionally, to further improve default `brew audit` performance do not
run `brew style` checks when doing `brew audit` with no arguments.
`brew style` can be run quickly and efficiently on all of a tap (and is
cached) so no need to duplicate it here.
- Depending on context, I've gone for either "denylist" or "disallow"
here. "Disallow" for things in sentences, or actions, and "denylist"
for list of things.
```
➜ brew audit --online --new-formula --verbose turbogit
turbogit:
* GitHub repository not notable enough (<30 forks, <30 watchers and <75 stars)
* GitHub repository too new (<30 days old)
Error: undefined local variable or method `created_pr_comment' for Homebrew:Module
/usr/local/Homebrew/Library/Homebrew/dev-cmd/audit.rb:148:in `audit'
/usr/local/Homebrew/Library/Homebrew/brew.rb:110:in `<main>'
```
- This was removed in 4f75a77b089e65ff9e03c65d192808aa4ea6842f. We can't
post PR comments from GitHub Actions CI from forks.
- [For a formula named
turbogit](https://github.com/Homebrew/homebrew-core/pull/55208), we
didn't see any of the notability checks fail CI.
- The repo name was getting truncated to `turb`, which didn't exist, so
the audit didn't return anything for this check.
- The Regexp to strip `.git` from the end of was not escaping the `.`,
so it would match anything ending in `git`, not a literal `.git`.
Regression introduced in f90612ccf0db03681dc6cbf6585cca5bc27b84b1 (#6718).
`tap_full_name` returned from `use_correct_linux_tap` has been
required (`GitHub.create_fork(tap_full_name)`), but it was never set when the
formula is guessed from args.url, resulting in an API request to
https://api.github.com/repos//forks which 404s (note the missing :owner/:repo),
and subsequently
Error: Unable to fork: Not Found!
Also remove default `--with-label` value and add `--without-approval`
option.
Reviews could be automatically dismissed on new commits pushed (there is
an option for that in repository settings on Github). That is not the
case for labels. They remain attached to a PR, even when new commits are
pushed. This is undesirable and creates security concerns, because
someone could introduce untested code just before the automerge happens.
Co-authored-by: Eric Knibbe <enk3@outlook.com>
Refactor the CLI::Args module so it doesn't have different paths to
check arguments depending on whether the arguments have been parsed or
not. Instead, set the values we need from the global ARGV at
first, global initialisation time where they will be thrown away when
the actual arguments are parsed.
To do this some other general refactoring was needed:
- more methods made private when possible
- e.g. `HEAD?` used consistently instead of `head` before arguments
are parsed.
- formula options are only parsed after named arguments are extracted
