The `#audit_stable_version` check was previously part of
`#audit_revision_and_version_scheme` and duplicates some of the
logic to identify previous version information. To avoid the
duplication, this extracts the logic into a `#committed_version_info`
method that can be called in both audits. The method stores the
information in instance variables, so we don't repeat the collection
process if it has already run.
The "stable version should not decrease" formula audit currently
prevents us from being able to create bottles when downgrading a
formula version. We previously worked around this by bumping
`version_scheme` but this wasn't an intended use case and we now
avoid using it for this purpose.
We can handle simple formula downgrades by reverting changes in a
syntax-only PR but that isn't sufficient when we need new bottles
(i.e., if additional changes have been made to the formula in the
interim time). In the latter case, the only available solution may be
to revert all changes made after the previous version using a
syntax-only PR and then create another PR to reintroduce the other
changes and create new bottles.
To avoid the aforementioned approach, this splits the stable version
audit into a separate method, so we can use `brew audit
--except=stable_version` to selectively skip it.
Ensure that `FormulaVersions` correctly also looks at older paths for
sharded formulae.
While we're here, also cleanup `FormulaVersions` a bit to have more
signatures, cleanup dead code, make more code private, improve
variable naming.
This supports the use of `*-staging` branches in the future for projects
similar to the OpenSSL migration (e.g. Python migration). We already
have branch protections set for these branches, so it makes sense to
keep using them with the supporting code.
1. Adjust audit so that it ignore conflicts only for `brew audit --tap`.
This is useful because it prevents us from trying to migrate a formula
to `openssl@3` before all its dependencies have also been migrated.
2. Exempt only PRs that target a branch called
`openssl-migration-staging`.
- Fixes issue 14996.
- The API JSON is generated with a `/usr/local` Homebrew prefix, but
frequently now users have `/opt/homebrew` as their prefix. Since
formulae `keg_only` reasons are generated by the API, this can lead
to the confusing messaging that follows:
```
socket_vmnet is keg-only, which means it was not symlinked into /opt/homebrew,
because /usr/local/bin is often writable by a non-admin user.
```
- With this change, that formula as it is now will fail `brew audit`,
prompting to remove the prefix reference.
```
❯ HOMEBREW_NO_INSTALL_FROM_API=1 brew audit --strict socket_vmnet
socket_vmnet:
* `keg_only` reason should not include `HOMEBREW_PREFIX` as it provides confusing output.
Error: 1 problem in 1 formula detected
```
The `github_issue_comment` audit disallows references to closed or
merged PRs in other repositories. We should allow those, since it is a
common pattern to reference merged PRs in formulae when adding comments
that explain changes that need to be made in future versions (e.g.
`patch` blocks).
This audit is mistakenly passing for formulae where
`variations_dependencies` is an empty array. We can fix that by checking
for `nil` instead.
See Homebrew/homebrew-core#111280.
There is an audit for versioned formulae that makes sure
an unversioned formulae of the same name exists already.
This ignores that check when we exlicitly removed the
unversioned formula by checking if it was renamed.
Also, there is no need to check for formula.tap because
formula.core_formula? guarantees the presence of formula.tap.
The Git log is required only when `--strict` is not passed. This check
should still run with one of `--strict` or `--git`, but currently
passing `--strict` also requires `--git` in order to run this check.
This will still not be done during `tap_syntax` jobs after this change.
