From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id D24CE13829C for ; Mon, 13 Jun 2016 04:22:11 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3BA4FE09DB; Mon, 13 Jun 2016 04:22:08 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 6CCD2E09C6 for ; Mon, 13 Jun 2016 04:22:07 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id F1EFC33FD24 for ; Mon, 13 Jun 2016 04:22:05 +0000 (UTC) From: Mike Frysinger To: gentoo-portage-dev@lists.gentoo.org Subject: [gentoo-portage-dev] [PATCH] repoman: flag URIs using http:// when https:// is available Date: Mon, 13 Jun 2016 00:22:04 -0400 Message-Id: <1465791724-17361-1-git-send-email-vapier@gentoo.org> X-Mailer: git-send-email 2.8.2 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@lists.gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org X-Archives-Salt: 183914c4-0523-43fb-a49b-373ed27fe038 X-Archives-Hash: 3fedbaefe5f90d1e4165efe73a6dc78e --- repoman/pym/repoman/modules/scan/ebuild/checks.py | 17 +++++++++++++++++ repoman/pym/repoman/modules/scan/ebuild/errors.py | 2 ++ repoman/pym/repoman/qa_data.py | 4 +++- 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/repoman/pym/repoman/modules/scan/ebuild/checks.py b/repoman/pym/repoman/modules/scan/ebuild/checks.py index 15e225156db4..1a21096dd4d1 100644 --- a/repoman/pym/repoman/modules/scan/ebuild/checks.py +++ b/repoman/pym/repoman/modules/scan/ebuild/checks.py @@ -682,6 +682,23 @@ class EMakeParallelDisabledViaMAKEOPTS(LineCheck): error = errors.EMAKE_PARALLEL_DISABLED_VIA_MAKEOPTS +class UriUseHttps(LineCheck): + """Check that we use https:// for known good sites.""" + repoman_check_name = 'uri.https' + _SITES = ( + '[-._a-zA-Z0-9]*apache\.org', + 'curl\.haxx\.se', + '((dev|www)\.)?gentoo\.org', + 'github\.com', + 'savannah\.(non)?gnu\.org', + '((gcc|www)\.)?gnu\.org', + '(sf|sourceforge)\.net', + '(www\.)?sourceware\.org', + ) + re = re.compile(r'.*\bhttp://(%s)' % r'|'.join(_SITES)) + error = errors.URI_HTTPS + + class NoAsNeeded(LineCheck): """Check for calls to the no-as-needed function.""" repoman_check_name = 'upstream.workaround' diff --git a/repoman/pym/repoman/modules/scan/ebuild/errors.py b/repoman/pym/repoman/modules/scan/ebuild/errors.py index 3090de0d1a2c..14e47e35877e 100644 --- a/repoman/pym/repoman/modules/scan/ebuild/errors.py +++ b/repoman/pym/repoman/modules/scan/ebuild/errors.py @@ -47,3 +47,5 @@ USEQ_ERROR = ( 'Ebuild calls deprecated useq function on line: %d') HASQ_ERROR = ( 'Ebuild calls deprecated hasq function on line: %d') +URI_HTTPS = ( + 'Ebuild uses http:// but should use https:// on line: %d') diff --git a/repoman/pym/repoman/qa_data.py b/repoman/pym/repoman/qa_data.py index b9475e801368..055fc4b72c59 100644 --- a/repoman/pym/repoman/qa_data.py +++ b/repoman/pym/repoman/qa_data.py @@ -222,7 +222,8 @@ qahelp = { "The ebuild makes use of an obsolete construct"), "upstream.workaround": ( "The ebuild works around an upstream bug," - " an upstream bug should be filed and tracked in bugs.gentoo.org") + " an upstream bug should be filed and tracked in bugs.gentoo.org"), + "uri.https": "URI uses http:// but should use https://", } qacats = list(qahelp) @@ -271,6 +272,7 @@ qawarnings = set(( "LIVEVCS.stable", "LIVEVCS.unmasked", "IUSE.rubydeprecated", + "uri.https", )) -- 2.8.2