Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure all formulae/casks are audited regularly #19374

Open
1 task done
MikeMcQuaid opened this issue Feb 25, 2025 · 4 comments
Open
1 task done

Ensure all formulae/casks are audited regularly #19374

MikeMcQuaid opened this issue Feb 25, 2025 · 4 comments
Labels
features New features help wanted We want help addressing this

Comments

@MikeMcQuaid
Copy link
Member

MikeMcQuaid commented Feb 25, 2025
edited by dduugg
Loading

Verification

Provide a detailed description of the proposed feature

We have a scheduled job that runs every day for homebrew-core (https://github.com/Homebrew/homebrew-core/blob/master/.github/workflows/scheduled.yml)
and for homebrew-cask (https://github.com/Homebrew/homebrew-cask/blob/master/.github/workflows/scheduled.yml).

It picks a random selection of formulae/casks and audits them, posting issues to e.g. Homebrew/homebrew-core#139929 for homebrew-core.

Ideally, this would be changed so:

  • there is no randomness but instead we audit the same (or: as close to the same as possible) formulae/casks on a given day in a time period
  • in a given time period (e.g. weekly/fortnightly/monthly, depending on rate limits) we can guarantee complete coverage of all formulae/casks

What is the motivation for the feature?

Ensure that every formula/cask is audited regularly rather than a random selection.

How will the feature be relevant to at least 90% of Homebrew users?

Addressing cases like https://github.com/orgs/Homebrew/discussions/5954

What alternatives to the feature have been considered?

  • The status quo
  • Trying to audit everything every time (likely problematic from a rate limit perspective)
@MikeMcQuaid MikeMcQuaid added features New features help wanted We want help addressing this labels Feb 25, 2025
@carlocab
Copy link
Member

carlocab commented Feb 25, 2025
edited
Loading

  • there is no randomness but instead we audit the same (or: as close to the same as possible) formulae/casks on a given day in a time period

This is already the case for formulae. See Homebrew/homebrew-core#192485. Each formulae is audited roughly every 150 days (but that will happen less often as more formulae are added).

@MikeMcQuaid
Copy link
Member Author

@carlocab Oh nice, thanks!

Would be great if we could (somehow?) get this down to once a month at most, even if this required e.g. dedicated CI capacity to do this.

@carlocab
Copy link
Member

We would have to audit 250 formulae a day to get there, and increase that as more formulae are added.

@Bo98
Copy link
Member

Bo98 commented Feb 26, 2025

Instead of running the job once a day we can probably scatter it a few times over a day.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
features New features help wanted We want help addressing this
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MikeMcQuaid @Bo98 @carlocab