mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
brew/Library/Homebrew/deprecate_disable.rb
Michka Popoff 1ce7f1fb7b
disable: allow to disable due to checksum mismatch 
The rationale is that a checksum mismatch is a huge security issue.
This means that the current source file, but maybe the initial one,
might have been compromised.

In the case upstream does not respond quickly to clarify what happened,
or fails to respond, we can now rev-bump the formula, disable and unbottle it,
making sure we stop delivering the potentially malicious code

Further improvements:
- Add the url of the project in the error message to redirect users to
the closed pull request where we disabled this, to centralize the discussion
and avoid the opening of multiple new issues
- Add a warning on brew-update that something is fishy upstream
2021-11-15 20:25:37 +01:00

41 lines
1.3 KiB
Ruby
Raw Blame History

# typed: true
# frozen_string_literal: true
# Helper module for handling `disable!` and `deprecate!`.
#
# @api private
module DeprecateDisable
module_function
DEPRECATE_DISABLE_REASONS = {
does_not_build: "does not build",
no_license: "has no license",
repo_archived: "has an archived upstream repository",
repo_removed: "has a removed upstream repository",
unmaintained: "is not maintained upstream",
unsupported: "is not supported upstream",
deprecated_upstream: "is deprecated upstream",
versioned_formula: "is a versioned formula",
checksum_mismatch: "was built with an initially released source file that had "\
"a different checksum than the current one. " \
"Upstream's repository might have been compromised. " \
"We can re-package this once upstream has confirmed that they retagged their release",
}.freeze
def deprecate_disable_info(formula)
if formula.deprecated?
type = :deprecated
reason = formula.deprecation_reason
elsif formula.disabled?
type = :disabled
reason = formula.disable_reason
else
return
end
reason = DEPRECATE_DISABLE_REASONS[reason] if DEPRECATE_DISABLE_REASONS.key? reason
[type, reason]
end
end
Reference in New Issue View Git Blame Copy Permalink