diff options
| author | Wouter Deconinck <wdconinc@gmail.com> | 2024-05-19 09:30:19 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-19 09:30:19 -0500 |
| commit | 5eebd653666f4967163857a30a034d4ec3fe624f (patch) | |
| tree | 2919524d4be27c247f1ff371db4e294454d625fd /lib | |
| parent | 625f5323c0e1f996bc6dbafa72762c82267060d0 (diff) | |
| download | spack-5eebd653666f4967163857a30a034d4ec3fe624f.tar.gz spack-5eebd653666f4967163857a30a034d4ec3fe624f.tar.bz2 spack-5eebd653666f4967163857a30a034d4ec3fe624f.tar.xz spack-5eebd653666f4967163857a30a034d4ec3fe624f.zip | |
audit: disallow github.com/org/repo/pull/n/commits/hash.patch?full_index=1 (#44212)
* audit: disallow github.com/org/repo/pull/n/commits/hash.patch?full_index=1
* [@spackbot] updating style on behalf of wdconinc
* audit: fix style
* audit: github.com/o/r/pull/n/commits/sha.patch -> sha.patch
* [@spackbot] updating style on behalf of wdconinc
* Revert "[@spackbot] updating style on behalf of wdconinc"
This reverts commit 2ecec9923829c9514f6e09885ee57cda3688b2f4.
* Revert "audit: github.com/o/r/pull/n/commits/sha.patch -> sha.patch"
This reverts commit 5bd7da2cadee9dae44ce14f35a4fb72323c0b98e.
* fix: modify audit message with suggested fix
* audit: github.com/o/r/pull/n/commits/sha.patch -> /o/r/commit/sha.patch?full_index=1
---------
Co-authored-by: wdconinc <wdconinc@users.noreply.github.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/spack/spack/audit.py | 26 | ||||
| -rw-r--r-- | lib/spack/spack/test/audit.py | 2 |
2 files changed, 21 insertions, 7 deletions
diff --git a/lib/spack/spack/audit.py b/lib/spack/spack/audit.py index 50eb8b8ec5..3154723e16 100644 --- a/lib/spack/spack/audit.py +++ b/lib/spack/spack/audit.py @@ -421,6 +421,10 @@ def _check_patch_urls(pkgs, error_cls): r"^https?://(?:patch-diff\.)?github(?:usercontent)?\.com/" r".+/.+/(?:commit|pull)/[a-fA-F0-9]+\.(?:patch|diff)" ) + github_pull_commits_re = ( + r"^https?://(?:patch-diff\.)?github(?:usercontent)?\.com/" + r".+/.+/pull/\d+/commits/[a-fA-F0-9]+\.(?:patch|diff)" + ) # Only .diff URLs have stable/full hashes: # https://forum.gitlab.com/t/patches-with-full-index/29313 gitlab_patch_url_re = ( @@ -436,14 +440,24 @@ def _check_patch_urls(pkgs, error_cls): if not isinstance(patch, spack.patch.UrlPatch): continue - if re.match(github_patch_url_re, patch.url): + if re.match(github_pull_commits_re, patch.url): + url = re.sub(r"/pull/\d+/commits/", r"/commit/", patch.url) + url = re.sub(r"^(.*)(?<!full_index=1)$", r"\1?full_index=1", url) + errors.append( + error_cls( + f"patch URL in package {pkg_cls.name} " + + "must not be a pull request commit; " + + f"instead use {url}", + [patch.url], + ) + ) + elif re.match(github_patch_url_re, patch.url): full_index_arg = "?full_index=1" if not patch.url.endswith(full_index_arg): errors.append( error_cls( - "patch URL in package {0} must end with {1}".format( - pkg_cls.name, full_index_arg - ), + f"patch URL in package {pkg_cls.name} " + + f"must end with {full_index_arg}", [patch.url], ) ) @@ -451,9 +465,7 @@ def _check_patch_urls(pkgs, error_cls): if not patch.url.endswith(".diff"): errors.append( error_cls( - "patch URL in package {0} must end with .diff".format( - pkg_cls.name - ), + f"patch URL in package {pkg_cls.name} must end with .diff", [patch.url], ) ) diff --git a/lib/spack/spack/test/audit.py b/lib/spack/spack/test/audit.py index 98e6ad83c8..0d2ca594f1 100644 --- a/lib/spack/spack/test/audit.py +++ b/lib/spack/spack/test/audit.py @@ -19,6 +19,8 @@ import spack.config (["missing-dependency"], ["PKG-DIRECTIVES", "PKG-PROPERTIES"]), # The package use a non existing variant in a depends_on directive (["wrong-variant-in-depends-on"], ["PKG-DIRECTIVES", "PKG-PROPERTIES"]), + # This package has a GitHub pull request commit patch URL + (["invalid-github-pull-commits-patch-url"], ["PKG-DIRECTIVES", "PKG-PROPERTIES"]), # This package has a GitHub patch URL without full_index=1 (["invalid-github-patch-url"], ["PKG-DIRECTIVES", "PKG-PROPERTIES"]), # This package has invalid GitLab patch URLs |