This reduces the surface area of our `Kernel` monkeypatch and removes
the need to `include Kernel` in a bunch of modules.
While we're here, also move `Kernel#require?` to `Homebrew` and fully
scope the calls to it.
Work on this has stalled a bit and it slows things down so let's require
an explicit opt-in to use it.
While we're here, remove the silent/implicit opt-out for CI, too.
Otherwise this just shows a message like
Failed to verify attestation. Retrying in 27...
which is a little vague. Let's make it clear that that refers to
seconds.
I don't think I've seen an `InvalidAttestationError` that wasn't some
sort of network problem (e.g., rate limit, connection timeout, 503).
Let's emit a warning instead of erroring out.
Note that `MissingAttestationError` is still fatal, and that will still
produce errors in CI.
I'm declaring bankruptcy on this entire approach:
1. We can attempt to match on versions, but this will fail
when the version of `gh` installed is built from `HEAD`
or similar.
2. We can match on dates instead (since `gh --version` also includes
the date), but this is even more brittle + implies a support
contract we don't actually have (we don't actually want
to say we support random dated builds between public releases
of `gh`).
This moves us back to a simpler approach: if `gh` is present,
we use it. If `gh` is not present, we attempt to install it
with `ensure_executable!`. If the user's `gh` is present but too old,
it'll fail during attestation verification with a reasonable error,
which IMO is fine for now since this is all still in beta.
Signed-off-by: William Woodruff <william@yossarian.net>
This adds a new method to either move the `gh` formula to the front
of the formula list to be installed or checks that the `gh` formula
is already installed some other way.
Take 2 of https://github.com/Homebrew/brew/pull/17692 but with:
- provide and document `HOMEBREW_NO_VERIFY_ATTESTATIONS`
- don't try to run unless there's GitHub credentials
- don't try to run unless `gh` is installed
- don't try to run in CI
While we're here:
- split out a `Homebrew::EnvConfig.devcmdrun?` helper method
- add some missing `Homebrew::EnvConfig.github_api_token` presence
checks
Add the (for now undocumented) `HOMEBREW_NO_VERIFY_ATTESTATIONS` to
disable attestation verification if it's having issues or when doing
development.
While we're here, do a little style cleanup too.
This widens the beta to include people with developer mode enabled,
as well as those with HOMEBREW_DEVELOPER set in their environment.
Signed-off-by: William Woodruff <william@yossarian.net>
