mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
12,570 Commits 11 Branches 451 Tags
Commit Graph

115 Commits

Author SHA1 Message Date
JCount
3db3b08d72 audit: freeze versioned_conflicts_whitelist 2017-03-05 15:44:03 -05:00
JCount
460c4a3200 audit: deconstruct versioned_conflicts_whitelist using splat 2017-03-05 15:06:02 -05:00
JCount
4e50562424 audit: whitelist bash-completion@* to use conflicts_with 
this is necessary because they install conflicting scripts into
HOMEBREW_PREFIX/etc/profile.d
 2017-03-05 14:19:32 -05:00
Mike McQuaid
dbf3630a53 Merge pull request #2262 from MikeMcQuaid/subversion-https-audit 
Don't check Subversion HTTPS pre-Sierra.
 2017-03-05 15:30:16 +01:00
ilovezfs
a1da909dea audit: whitelist node@* to use conflicts_with 
Add exceptions for node@* versioned formulae to use conflicts_with
instead of keg_only :versioned_formula since they, and the main node
formula, all currently overwrite npm during postinstall.
 2017-03-05 03:15:22 -08:00
Mike McQuaid
e26cf3a83f Don't check Subversion HTTPS pre-Sierra. 
The system Subversion doesn't handle new certificate authorities (e.g.
Let's Encrypt) well enough for this check to be useful.
 2017-03-05 11:42:59 +01:00
Jonathan Chang
8385f179df audit: reject versions starting with HEAD 
Many parts of Homebrew assume that a version string beginning with
"HEAD" is, in fact, a head build. A stable version that begins with
"HEAD" violates this assumption and causes problems, as it's treated
as a head build in some places and as a stable build in others.
 2017-03-02 21:27:12 -08:00
Misty De Meo
e3f4701f38 audit: fix audit on formulae without homepages 2017-02-27 08:24:44 +11:00
Misty De Meo
177aefdf55 xcodebuild audit: match xcodebuild with no args 
Closes #2199.

Signed-off-by: Misty De Meo <mistydemeo@gmail.com>
 2017-02-26 21:16:43 +11:00
Mike McQuaid
d0a965e2ab Merge pull request #2107 from MikeMcQuaid/audit-version-aliases 
audit: check for version aliases.
 2017-02-25 14:13:35 +00:00
ilovezfs
75724c5b5d audit: whitelist more unstable versions already in core 
These were imported from homebrew/games.
 2017-02-25 03:03:37 -08:00
Mike McQuaid
1284f29561 audit: don't try to HTTP check non-HTTP content. 2017-02-24 08:51:15 +00:00
Mike McQuaid
b984be675d audit: use using for HTTPS detection. 2017-02-24 08:45:39 +00:00
Mike McQuaid
9fa014710d audit: further refactor http content checks. 
Check homepages and don’t check mirrors unless `—strict`.
 2017-02-23 10:16:27 +00:00
Mike McQuaid
96a8f8f172 audit: check for version aliases. 
Current version aliases should be provided for versioned formulae so
people can `brew install foo@1.2` to provide pin-like behaviour.
 2017-02-23 09:14:54 +00:00
Mike McQuaid
5e90575004 audit: handle redirects in get_content_details. 2017-02-23 09:09:58 +00:00
Mike McQuaid
5390897883 audit: refactor http content checks. 2017-02-23 09:09:33 +00:00
Mike McQuaid
ac5b6b6eea Revert "audit: fix revision should be removed." 2017-02-22 08:49:24 +00:00
ilovezfs
4e34f7b60e Merge pull request #2086 from MikeMcQuaid/audit-revision-remove-fix 
audit: fix revision should be removed.
 2017-02-21 14:09:58 -08:00
ilovezfs
b59bf2ff64 Revert "audit: check for version aliases." 2017-02-21 11:31:18 -08:00
Mike McQuaid
2f42dfc68a audit: fix revision should be removed. 
Regression introduced in #1754 which meant that (due to storing the
current formula revision in `attributes_map`) `stable_revisions.empty?`
would never be `true`.
 2017-02-21 18:50:07 +00:00
Mike McQuaid
606790d062 audit: check for version aliases. 
Current version aliases should be provided for versioned formulae so
people can `brew install foo@1.2` to provide pin-like behaviour.
 2017-02-21 15:36:49 +00:00
Mike McQuaid
125a6eee21 audit: fix brew style. 2017-02-20 22:48:03 +00:00
David Broder-Rodgers
55bc2a3019 Merged 404 and security mirror auditing logic 2017-02-20 19:24:35 +00:00
David Broder-Rodgers
12501b4046 Prevent mirror curl for file:/// URL 2017-02-20 19:24:35 +00:00
David Broder-Rodgers
a699d284d0 Use DownloadStrategyDetector to classify mirror URLs 2017-02-20 19:24:35 +00:00
David Broder-Rodgers
81b3368c9c Added better check for HTTP git URLs 2017-02-20 19:24:35 +00:00
David Broder-Rodgers
a731f4e17c Updated HTTP mirror check to use new url_status_code method 2017-02-20 19:24:34 +00:00
David Broder-Rodgers
d3ac333197 Rubocop styling fixes 2017-02-20 19:24:31 +00:00
David Broder-Rodgers
3e7dfe4aab Updated mirror audit problem message 2017-02-20 19:24:25 +00:00
David Broder-Rodgers
ed9f775b77 Added support for returning HTTP status codes and for git and svn URLs 2017-02-20 19:24:19 +00:00
David Broder-Rodgers
ea440ca328 Markups to online mirror auditing 2017-02-20 19:24:13 +00:00
David Broder-Rodgers
7eec6a3a25 Updated resource auditing to detect invalid mirrors when using --online 2017-02-20 19:23:58 +00:00
ilovezfs
c667a43b97 audit: fix insecure mirror check when stdout is empty 2017-02-20 07:51:04 -08:00
Mike McQuaid
d24ac0555c Merge pull request #1722 from broder/insecure_audit 
Added check for insecure mirror URLs
 2017-02-20 11:26:41 +00:00
Mike McQuaid
b2dd6bc9b0 audit: fix brew style warning. 2017-02-15 14:41:06 +00:00
Viktor Szakats
64448834a6 fix existing rule for github.io homepages 2017-02-13 16:20:34 +00:00
Viktor Szakats
a09169f248 audit: enforce https for *.sourceforge.io urls 2017-02-13 14:58:28 +00:00
Alyssa Ross
9e97eadccb rubocop: trailing comma in multiline method calls 
Discussed in
https://github.com/Homebrew/brew/pull/1987/files#r100693581.

This was originally ommitted because it wasn't compatible with Ruby 1.8.
(See https://github.com/Homebrew/legacy-homebrew/pull/48144#r49928971).
 2017-02-12 15:11:38 +00:00
Mike McQuaid
674e5f13f8 Merge pull request #1873 from GauthamGoli/audit_custom_cops 
Custom Cops for `brew audit`
 2017-02-12 13:09:28 +00:00
Markus Reiter
1292a4b219 Merge pull request #1955 from vszakats/patch-2 
audit: enforce https://*.sourceforge.io/ homepages
 2017-02-12 11:05:21 +01:00
Viktor Szakats
03253a8d8b audit: enforce https://*.sourceforge.io/ homepages 
Ref: https://sourceforge.net/blog/introducing-https-for-project-websites/
 2017-02-10 14:53:32 +00:00
Viktor Szakats
11ebfdafb2 audit: enforce https for github.com urls 2017-02-07 00:19:58 +00:00
Gautham Goli
1f5cf4fd40 Update docs and manpages to include --fix option 2017-02-06 12:46:26 +05:30
David Broder-Rodgers
64c83f3286 Use file checksum rather than file diffing 2017-02-02 21:25:29 +00:00
David Broder-Rodgers
d4aa98d230 Updated mirror checks to compare ETags, Content-Lengths and binary files 2017-01-30 21:49:42 +00:00
David Broder-Rodgers
13a3a57fa8 Merge remote-tracking branch 'origin/master' into insecure_audit 2017-01-30 18:31:52 +00:00
Mike McQuaid
34e03532a0 audit: improve homepage audit reliability. 
Try first with an (exact, actual) browser user agent from Safari and
then try again with the default Homebrew `curl` user agent.
 2017-01-26 16:19:38 +00:00
ilovezfs
cebe137499 audit: exempt wine's deps from the universal deprecation 
This can be reverted when wine's dependencies are all vendored.
 2017-01-20 07:18:51 -08:00
Gautham Goli
0b3d9031e2 Add --fix option to brew audit command 2017-01-18 22:35:37 +05:30