[gentoo-portage-dev] [PATCH] repoman: flag URIs using http:// when https:// is available

Sun, 12 Jun 2016 21:22:23 -0700 

---
 repoman/pym/repoman/modules/scan/ebuild/checks.py | 17 +++++++++++++++++
 repoman/pym/repoman/modules/scan/ebuild/errors.py |  2 ++
 repoman/pym/repoman/qa_data.py                    |  4 +++-
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/repoman/pym/repoman/modules/scan/ebuild/checks.py 
b/repoman/pym/repoman/modules/scan/ebuild/checks.py
index 15e225156db4..1a21096dd4d1 100644
--- a/repoman/pym/repoman/modules/scan/ebuild/checks.py
+++ b/repoman/pym/repoman/modules/scan/ebuild/checks.py
@@ -682,6 +682,23 @@ class EMakeParallelDisabledViaMAKEOPTS(LineCheck):
        error = errors.EMAKE_PARALLEL_DISABLED_VIA_MAKEOPTS
 
 
+class UriUseHttps(LineCheck):
+       """Check that we use https:// for known good sites."""
+       repoman_check_name = 'uri.https'
+       _SITES = (
+               '[-._a-zA-Z0-9]*apache\.org',
+               'curl\.haxx\.se',
+               '((dev|www)\.)?gentoo\.org',
+               'github\.com',
+               'savannah\.(non)?gnu\.org',
+               '((gcc|www)\.)?gnu\.org',
+               '(sf|sourceforge)\.net',
+               '(www\.)?sourceware\.org',
+       )
+       re = re.compile(r'.*\bhttp://(%s)' % r'|'.join(_SITES))
+       error = errors.URI_HTTPS
+
+
 class NoAsNeeded(LineCheck):
        """Check for calls to the no-as-needed function."""
        repoman_check_name = 'upstream.workaround'
diff --git a/repoman/pym/repoman/modules/scan/ebuild/errors.py 
b/repoman/pym/repoman/modules/scan/ebuild/errors.py
index 3090de0d1a2c..14e47e35877e 100644
--- a/repoman/pym/repoman/modules/scan/ebuild/errors.py
+++ b/repoman/pym/repoman/modules/scan/ebuild/errors.py
@@ -47,3 +47,5 @@ USEQ_ERROR = (
        'Ebuild calls deprecated useq function on line: %d')
 HASQ_ERROR = (
        'Ebuild calls deprecated hasq function on line: %d')
+URI_HTTPS = (
+       'Ebuild uses http:// but should use https:// on line: %d')
diff --git a/repoman/pym/repoman/qa_data.py b/repoman/pym/repoman/qa_data.py
index b9475e801368..055fc4b72c59 100644
--- a/repoman/pym/repoman/qa_data.py
+++ b/repoman/pym/repoman/qa_data.py
@@ -222,7 +222,8 @@ qahelp = {
                "The ebuild makes use of an obsolete construct"),
        "upstream.workaround": (
                "The ebuild works around an upstream bug,"
-               " an upstream bug should be filed and tracked in 
bugs.gentoo.org")
+               " an upstream bug should be filed and tracked in 
bugs.gentoo.org"),
+       "uri.https": "URI uses http:// but should use https://";,
 }
 
 qacats = list(qahelp)
@@ -271,6 +272,7 @@ qawarnings = set((
        "LIVEVCS.stable",
        "LIVEVCS.unmasked",
        "IUSE.rubydeprecated",
+       "uri.https",
 ))
 
 
-- 
2.8.2

Reply via email to