Merge pull request #15614 from carlocab/quictls-cop

rubocops/lines: disallow `quictls` dependencies in homebrew/core

Library/Homebrew/rubocops/lines.rb

@@ -219,6 +219,27 @@ def audit_formula(_node, _class_node, _parent_class_node, body_node)
         end
       end
 
+      # This cop makes sure that formulae depend on `openssl` instead of `quictls`.
+      #
+      # @api private
+      class QuicTLSCheck < FormulaCop
+        extend AutoCorrector
+
+        def audit_formula(_node, _class_node, _parent_class_node, body_node)
+          return if body_node.nil?
+
+          # Enforce use of OpenSSL for TLS dependency in core
+          return if formula_tap != "homebrew-core"
+
+          find_method_with_args(body_node, :depends_on, "quictls") do
+            problem "Formulae in homebrew/core should use 'depends_on \"openssl@3\"' " \
+                    "instead of '#{@offensive_node.source}'." do |corrector|
+              corrector.replace(@offensive_node.source_range, "depends_on \"openssl@3\"")
+            end
+          end
+        end
+      end
+
       # This cop makes sure that formulae do not depend on `pyoxidizer` at build-time
       # or run-time.
       #

Library/Homebrew/test/rubocops/lines/quictls_check_spec.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require "rubocops/lines"
+
+describe RuboCop::Cop::FormulaAudit::QuicTLSCheck do
+  subject(:cop) { described_class.new }
+
+  context "when auditing formula dependencies" do
+    it "reports an offense when a formula depends on `quictls`" do
+      expect_offense(<<~RUBY, "/homebrew-core/Formula/foo.rb")
+        class Foo < Formula
+          desc "foo"
+          url 'https://brew.sh/foo-1.0.tgz'
+
+          depends_on "quictls"
+          ^^^^^^^^^^^^^^^^^^^^ FormulaAudit/QuicTLSCheck: Formulae in homebrew/core should use 'depends_on "openssl@3"' instead of 'depends_on "quictls"'.
+        end
+      RUBY
+    end
+  end
+end