mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4310 from commitay/remove-checkpoint

Browse Source 
remove appcast checkpoints
This commit is contained in:
commitay 2018-06-12 23:37:26 +10:00 committed by GitHub
commit dee0028d1b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 21 additions and 323 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
Library/Homebrew/cask/lib/hbc/audit.rb
View File

@ -26,7 +26,7 @@ module Hbc
check_version_and_checksum
check_version
check_sha256
check_appcast
check_appcast_checkpoint
check_url
check_generic_artifacts
check_token_conflicts
@ -185,58 +185,11 @@ module Hbc
add_error "cannot use the sha256 for an empty string in #{stanza}: #{empty_sha256}"
end
def check_appcast
def check_appcast_checkpoint
return unless cask.appcast
odebug "Auditing appcast"
check_appcast_has_checkpoint
return unless cask.appcast.checkpoint
check_sha256_actually_256(sha256: cask.appcast.checkpoint, stanza: "appcast :checkpoint")
check_sha256_invalid(sha256: cask.appcast.checkpoint, stanza: "appcast :checkpoint")
return unless download
check_appcast_http_code
check_appcast_checkpoint_accuracy
end
def check_appcast_has_checkpoint
odebug "Verifying appcast has :checkpoint key"
add_error "a checkpoint sha256 is required for appcast" unless cask.appcast.checkpoint
end
def check_appcast_http_code
odebug "Verifying appcast returns 200 HTTP response code"
curl_executable, *args = curl_args(
"--compressed", "--location", "--fail",
"--write-out", "%{http_code}",
"--output", "/dev/null",
cask.appcast,
user_agent: :fake
)
result = @command.run(curl_executable, args: args, print_stderr: false)
if result.success?
http_code = result.stdout.chomp
add_warning "unexpected HTTP response code retrieving appcast: #{http_code}" unless http_code == "200"
else
add_warning "error retrieving appcast: #{result.stderr}"
end
end
def check_appcast_checkpoint_accuracy
odebug "Verifying appcast checkpoint is accurate"
result = cask.appcast.calculate_checkpoint
actual_checkpoint = result[:checkpoint]
if actual_checkpoint.nil?
add_warning "error retrieving appcast: #{result[:command_result].stderr}"
else
expected = cask.appcast.checkpoint
add_warning <<~EOS unless expected == actual_checkpoint
appcast checkpoint mismatch
Expected: #{expected}
Actual: #{actual_checkpoint}
EOS
end
add_error "Appcast checkpoints have been removed from Homebrew-Cask"
end
def check_latest_with_appcast

1
Library/Homebrew/cask/lib/hbc/cli.rb
View File

@ -27,7 +27,6 @@ require "hbc/cli/zap"
require "hbc/cli/abstract_internal_command"
require "hbc/cli/internal_audit_modified_casks"
require "hbc/cli/internal_appcast_checkpoint"
require "hbc/cli/internal_dump"
require "hbc/cli/internal_help"
require "hbc/cli/internal_stanza"

54
Library/Homebrew/cask/lib/hbc/cli/internal_appcast_checkpoint.rb
View File

@ -1,54 +0,0 @@
module Hbc
class CLI
class InternalAppcastCheckpoint < AbstractInternalCommand
option "--calculate", :calculate, false
def initialize(*)
super
raise CaskUnspecifiedError if args.empty?
end
def run
if args.all? { |t| t =~ %r{^https?://} && t !~ /\.rb$/ }
self.class.appcask_checkpoint_for_url(args)
else
self.class.appcask_checkpoint(casks, calculate?)
end
end
def self.appcask_checkpoint_for_url(urls)
urls.each do |url|
appcast = DSL::Appcast.new(url)
puts appcast.calculate_checkpoint[:checkpoint]
end
end
def self.appcask_checkpoint(casks, calculate)
casks.each do |cask|
if cask.appcast.nil?
opoo "Cask '#{cask}' is missing an `appcast` stanza."
else
checkpoint = if calculate
result = cask.appcast.calculate_checkpoint
result[:checkpoint]
else
cask.appcast.checkpoint
end
if calculate && checkpoint.nil?
onoe "Could not retrieve `appcast` checkpoint for cask '#{cask}': #{result[:command_result].stderr}"
elsif casks.count > 1
puts "#{checkpoint} #{cask}"
else
puts checkpoint
end
end
end
end
def self.help
"prints or calculates a given Cask's or URL's appcast checkpoint"
end
end
end
end

2
Library/Homebrew/cask/lib/hbc/cli/internal_audit_modified_casks.rb
View File

@ -1,7 +1,7 @@
module Hbc
class CLI
class InternalAuditModifiedCasks < AbstractInternalCommand
RELEVANT_STANZAS = [:version, :sha256, :url, :appcast].freeze
RELEVANT_STANZAS = [:version, :sha256, :url].freeze
option "--cleanup", :cleanup, false

18
Library/Homebrew/cask/lib/hbc/dsl/appcast.rb
View File

@ -11,24 +11,6 @@ module Hbc
@checkpoint = parameters[:checkpoint]
end
def calculate_checkpoint
curl_executable, *args = curl_args(
"--compressed", "--location", "--fail", uri,
user_agent: :fake
)
result = SystemCommand.run(curl_executable, args: args, print_stderr: false)
checkpoint = if result.success?
processed_appcast_text = result.stdout.gsub(%r{<pubDate>[^<]*</pubDate>}m, "")
Digest::SHA2.hexdigest(processed_appcast_text)
end
{
checkpoint: checkpoint,
command_result: result,
}
end
def to_yaml
[uri, parameters].to_yaml
end

6
Library/Homebrew/manpages/brew-cask.1.md
View File

@ -141,12 +141,6 @@ names, and other aspects of this manual are still subject to change.
## INTERNAL COMMANDS
* `_appcast_checkpoint` [--calculate] [ <token> ... | <URL> ... ]:
Given a <token>, returns the current appcast checkpoint, or calculates
the appcast checkpoint if the `--calculate` flag is specified.
Given a <URL>, calculates the appcast checkpoint for it.
* `_stanza` <stanza_name> [ --table | --yaml | --inspect | --quiet ] [ <token> ... ]:
Given a <stanza_name> and a <token>, returns the current stanza for a
given Cask. If no <token> is given, then data for all Casks is returned.

123
Library/Homebrew/test/cask/audit_spec.rb
View File

@ -317,124 +317,19 @@ describe Hbc::Audit, :cask do
end
end
describe "appcast checks" do
context "when appcast has no sha256" do
let(:cask_token) { "appcast-missing-checkpoint" }
describe "appcast checkpoint check" do
let(:error_msg) { "Appcast checkpoints have been removed from Homebrew-Cask" }
it { is_expected.to fail_with(/checkpoint sha256 is required for appcast/) }
context "when the Cask does not have a checkpoint" do
let(:cask_token) { "with-appcast" }
it { is_expected.not_to fail_with(error_msg) }
end
context "when appcast checkpoint is not a string of 64 hexadecimal characters" do
let(:cask_token) { "appcast-invalid-checkpoint" }
context "when the Cask has a checkpoint" do
let(:cask_token) { "appcast-with-checkpoint" }
it { is_expected.to fail_with(/string must be of 64 hexadecimal characters/) }
end
context "when appcast checkpoint is sha256 for empty string" do
let(:cask_token) { "appcast-checkpoint-sha256-for-empty-string" }
it { is_expected.to fail_with(/cannot use the sha256 for an empty string/) }
end
context "when appcast checkpoint is valid sha256" do
let(:cask_token) { "appcast-valid-checkpoint" }
it { is_expected.not_to fail_with(/appcast :checkpoint/) }
end
context "when verifying appcast HTTP code" do
let(:cask_token) { "appcast-valid-checkpoint" }
let(:download) { instance_double(Hbc::Download) }
let(:wrong_code_msg) { /unexpected HTTP response code/ }
let(:curl_error_msg) { /error retrieving appcast/ }
let(:fake_curl_result) { instance_double(Hbc::SystemCommand::Result) }
before do
allow(audit).to receive(:check_appcast_checkpoint_accuracy)
allow(fake_system_command).to receive(:run).and_return(fake_curl_result)
allow(fake_curl_result).to receive(:success?).and_return(success)
end
context "when curl succeeds" do
let(:success) { true }
before do
allow(fake_curl_result).to receive(:stdout).and_return(stdout)
end
context "when HTTP code is 200" do
let(:stdout) { "200" }
it { is_expected.not_to warn_with(wrong_code_msg) }
end
context "when HTTP code is not 200" do
let(:stdout) { "404" }
it { is_expected.to warn_with(wrong_code_msg) }
end
end
context "when curl fails" do
let(:success) { false }
before do
allow(fake_curl_result).to receive(:stderr).and_return("Some curl error")
end
it { is_expected.to warn_with(curl_error_msg) }
end
end
context "when verifying appcast checkpoint" do
let(:cask_token) { "appcast-valid-checkpoint" }
let(:download) { instance_double(Hbc::Download) }
let(:mismatch_msg) { /appcast checkpoint mismatch/ }
let(:curl_error_msg) { /error retrieving appcast/ }
let(:fake_curl_result) { instance_double(Hbc::SystemCommand::Result) }
let(:expected_checkpoint) { "d5b2dfbef7ea28c25f7a77cd7fa14d013d82b626db1d82e00e25822464ba19e2" }
before do
allow(audit).to receive(:check_appcast_http_code)
allow(Hbc::SystemCommand).to receive(:run).and_return(fake_curl_result)
allow(fake_curl_result).to receive(:success?).and_return(success)
end
context "when appcast download succeeds" do
let(:success) { true }
let(:appcast_text) { instance_double(::String) }
before do
allow(fake_curl_result).to receive(:stdout).and_return(appcast_text)
allow(appcast_text).to receive(:gsub).and_return(appcast_text)
allow(appcast_text).to receive(:end_with?).with("\n").and_return(true)
allow(Digest::SHA2).to receive(:hexdigest).and_return(actual_checkpoint)
end
context "when appcast checkpoint is out of date" do
let(:actual_checkpoint) { "deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef" }
it { is_expected.to warn_with(mismatch_msg) }
it { is_expected.not_to warn_with(curl_error_msg) }
end
context "when appcast checkpoint is up to date" do
let(:actual_checkpoint) { expected_checkpoint }
it { is_expected.not_to warn_with(mismatch_msg) }
it { is_expected.not_to warn_with(curl_error_msg) }
end
end
context "when appcast download fails" do
let(:success) { false }
before do
allow(fake_curl_result).to receive(:stderr).and_return("Some curl error")
end
it { is_expected.to warn_with(curl_error_msg) }
end
it { is_expected.to fail_with(error_msg) }
end
end

46
Library/Homebrew/test/cask/dsl/appcast_spec.rb
View File

@ -30,50 +30,4 @@ describe Hbc::DSL::Appcast do
end
end
end
describe "#calculate_checkpoint" do
before do
expect(Hbc::SystemCommand).to receive(:run) do |executable, **options|
expect(executable).to eq "/usr/bin/curl"
expect(options[:args]).to include(*cmd_args)
expect(options[:print_stderr]).to be false
cmd_result
end
allow(cmd_result).to receive(:success?).and_return(cmd_success)
allow(cmd_result).to receive(:stdout).and_return(cmd_stdout)
end
context "when server returns a successful HTTP status" do
let(:cmd_args) { [HOMEBREW_USER_AGENT_FAKE_SAFARI, "--compressed", "--location", "--fail", uri] }
let(:cmd_result) { double("Hbc::SystemCommand::Result") }
let(:cmd_success) { true }
let(:cmd_stdout) { "hello world" }
it "generates the content digest hash and returns a hash with the command result and the digest hash for the checkpoint" do
expected_digest = Digest::SHA2.hexdigest(cmd_stdout)
expected_result = {
checkpoint: expected_digest,
command_result: cmd_result,
}
expect(subject.calculate_checkpoint).to eq(expected_result)
end
end
context "when server returns a non-successful HTTP status" do
let(:cmd_args) { [HOMEBREW_USER_AGENT_FAKE_SAFARI, "--compressed", "--location", "--fail", uri] }
let(:cmd_result) { double("Hbc::SystemCommand::Result") }
let(:cmd_success) { false }
let(:cmd_stdout) { "some error message from the server" }
it "returns a hash with the command result and nil for the checkpoint" do
expected_result = {
checkpoint: nil,
command_result: cmd_result,
}
expect(subject.calculate_checkpoint).to eq(expected_result)
end
end
end
end

4
Library/Homebrew/test/support/fixtures/cask/Casks/appcast-checkpoint-sha256-for-empty-string.rb
View File

@ -1,4 +0,0 @@
cask 'appcast-checkpoint-sha256-for-empty-string' do
appcast 'http://localhost/appcast.xml',
checkpoint: 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
end

4
Library/Homebrew/test/support/fixtures/cask/Casks/appcast-invalid-checkpoint.rb
View File

@ -1,4 +0,0 @@
cask 'appcast-invalid-checkpoint' do
appcast 'http://localhost/appcast.xml',
checkpoint: 'not a valid shasum'
end

3
Library/Homebrew/test/support/fixtures/cask/Casks/appcast-missing-checkpoint.rb
View File

@ -1,3 +0,0 @@
cask 'appcast-missing-checkpoint' do
appcast 'http://localhost/appcast.xml'
end

2
Library/Homebrew/test/support/fixtures/cask/Casks/appcast-valid-checkpoint.rb → Library/Homebrew/test/support/fixtures/cask/Casks/appcast-with-checkpoint.rb
View File

@ -1,4 +1,4 @@
cask 'appcast-valid-checkpoint' do
cask 'appcast-with-checkpoint' do
appcast 'http://localhost/appcast.xml',
checkpoint: 'd5b2dfbef7ea28c25f7a77cd7fa14d013d82b626db1d82e00e25822464ba19e2'
end

3
Library/Homebrew/test/support/fixtures/cask/Casks/github-with-appcast.rb
View File

@ -3,8 +3,7 @@ cask 'github-with-appcast' do
sha256 'a69e7357bea014f4c14ac9699274f559086844ffa46563c4619bf1addfd72ad9'
url "https://github.com/user/project/releases/download/#{version}/github.pkg"
appcast 'https://github.com/user/project/releases.atom',
checkpoint: '56d1707d3065bf0c75d75d7738571285273b7bf366d8f0f5a53eb8b457ad2453'
appcast 'https://github.com/user/project/releases.atom'
name 'github'
homepage 'https://github.com/user/project'

6
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-appcast-multiple.rb
View File

@ -3,10 +3,8 @@ cask 'invalid-appcast-multiple' do
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
appcast 'http://example.com/appcast1.xml',
checkpoint: '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
appcast 'http://example.com/appcast2.xml',
checkpoint: '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
appcast 'http://example.com/appcast1.xml'
appcast 'http://example.com/appcast2.xml'
homepage 'http://example.com/invalid-appcast-multiple'
app 'Caffeine.app'

3
Library/Homebrew/test/support/fixtures/cask/Casks/invalid/invalid-appcast-url.rb
View File

@ -3,8 +3,7 @@ cask 'invalid-appcast-url' do
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
appcast 1,
checkpoint: '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
appcast 1
homepage 'http://example.com/invalid-appcast-url'
app 'Caffeine.app'

3
Library/Homebrew/test/support/fixtures/cask/Casks/latest-with-appcast.rb
View File

@ -3,8 +3,7 @@ cask 'latest-with-appcast' do
sha256 :no_check
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
appcast 'http://example.com/appcast.xml',
checkpoint: '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
appcast 'http://example.com/appcast.xml'
homepage 'http://example.com/with-appcast'
app 'Caffeine.app'

3
Library/Homebrew/test/support/fixtures/cask/Casks/sourceforge-with-appcast.rb
View File

@ -2,7 +2,6 @@ cask 'sourceforge-with-appcast' do
version '1.2.3'
url 'https://downloads.sourceforge.net/something/Something-1.2.3.dmg'
appcast 'https://sourceforge.net/projects/something/rss',
checkpoint: '407fb59baa4b9eb7651d9243b89c30b7481590947ef78bd5a4c24f5810f56531'
appcast 'https://sourceforge.net/projects/something/rss'
homepage 'https://sourceforge.net/projects/something/'
end

3
Library/Homebrew/test/support/fixtures/cask/Casks/with-appcast.rb
View File

@ -3,8 +3,7 @@ cask 'with-appcast' do
sha256 '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
url "file://#{TEST_FIXTURE_DIR}/cask/caffeine.zip"
appcast 'http://example.com/appcast.xml',
checkpoint: '67cdb8a02803ef37fdbf7e0be205863172e41a561ca446cd84f0d7ab35a99d94'
appcast 'http://example.com/appcast.xml'
homepage 'http://example.com/with-appcast'
app 'Caffeine.app'

7
manpages/brew-cask.1
View File

@ -136,13 +136,6 @@ If the Cask definition contains a \fBzap\fR stanza, performs additional \fBzap\f
.SH "INTERNAL COMMANDS"
.
.TP
\fB_appcast_checkpoint\fR [\-\-calculate] [ \fItoken\fR \.\.\. | \fIURL\fR \.\.\. ]
Given a \fItoken\fR, returns the current appcast checkpoint, or calculates the appcast checkpoint if the \fB\-\-calculate\fR flag is specified\.
.
.IP
Given a \fIURL\fR, calculates the appcast checkpoint for it\.
.
.TP
\fB_stanza\fR \fIstanza_name\fR [ \-\-table | \-\-yaml | \-\-inspect | \-\-quiet ] [ \fItoken\fR \.\.\. ]
Given a \fIstanza_name\fR and a \fItoken\fR, returns the current stanza for a given Cask\. If no \fItoken\fR is given, then data for all Casks is returned\.
.