Replaces our serialization of child process
errors via Marshal with JSON, preventing
unintentional or malicious code execution outside
of the build sandbox.
Additionally, adds tests for the new behavior.
Replaces our serialization of child process
errors via Marshal with JSON, preventing
unintentional or malicious code execution outside
of the build sandbox.
Additionally, adds tests for the new behavior.
Use 124 max line length everywhere. Also, reduce tap max line length to
189 as Homebrew/homebrew-core has that as a maximum now. In future
Homebrew/homebrew-core will also be reduced to 124 maximum line length.
Hide these tokens to avoid malicious subprocesses e.g. sending them
over the network. Also, support using these tokens with environment
filtering and clear `HOMEBREW_PATH` from subprocesses to stop them
sniffing it. Finally, use `HOMEBREW_PATH` to detect Homebrew’s user’s
PATH for e.g. `brew doctor` etc.
These definitions are scattered throughout the codebase which makes it
hard to refactor them later (my goal is to move them outside of
HOMEBREW_LIBRARY). Unify their definitions for clearer code and easier
movement later.
* global: add RUBY_TWO global variable.
* test-bot: use RUBY_TWO global variable.
* github: produce better curl error messages.
If we don't know why curl has failed then ensure that the error messages
that it produced are included as part of the user output.
Add an extension for accessing Git-related meta data that can be mixed
in into a Pathname object (e.g. `HOMBREW_REPOSITORY` or the path of a
`Tap` instance). The goal here is to eliminate code duplication.
This reverts commit 252c701c59227c385ef6178fe99523cca8c843bb.
Taps installed prior to running the test suite are not visible to the
test suite as most Homebrew paths are redefined as to not mess up the
local installation.
All of these taps use Homebrew internal APIs (or will shortly) and we
autoinstall them all from `brew $CMD`. We should adjust our CI to ensure
that we never accidentally break these taps when making changes to core
code so that these taps can rely more on this core code rather than
having to e.g. vendor equivalent code that never changes on our end.
* Move GitHub API module to utils/github.rb.
* Move curl method to utils/curl.rb.
* global: use long curl arguments and an array.
This makes the code more self-documenting.
* utils/curl: support reading curl's output.
* utils/github: use curl instead of open-uri.
It has far better proxy support.
* pull: set Homebrew user agent.
* gist-logs: remove trailing whitespace.
* gist-logs: use first instead of [0].
Easier to read.
* gist-logs: use curl-based GitHub.open method.
Reference from `man curl`
> -R, --remote-time
> When used, this will make curl attempt to figure out the time-
> stamp of the remote file, and if that is available make the
> local file get that same timestamp.
- add `HOMEBREW_PRODUCT` global variable
- only differentiate between `/usr/local` and `non-/usr/local` Homebrew
prefixes to avoid sharing sensitive user information
- note if e.g. build errors are occurring under CI
- Add `HOMEBREW_NO_ANALYTICS` variable (this will be how people opt-out
when this is enabled for everyone)
- Add `HOMEBREW_ANALYTICS_DEBUG` variable to output all the analytics
that are sent
- Move Bash analytics code to `Library/Homebrew/utils/analytics.sh`
- Add documentation for our analytics and why/what/when/how and opt-out
- Only official Homebrew commands are reported
- Ruby analytics are now reported in a forked, background process
