chocolatey / home

The place to start for issues with areas of Chocolatey that are infrastructure related, or really any issues could be started here. There is also choco for the CLI client, Chocolatey GUI for the GUI.
Apache License 2.0
29 stars 10 forks source link

Package validator cpmr0020 flagged when nuspec does not contain email. #200

Open TheCakeIsNaOH opened 2 years ago

TheCakeIsNaOH commented 2 years ago

What You Are Seeing?

For plexamp, the cpmr0020 rule is flagged, which is indicating that nuspec contains an email. However, the nuspec does not contain an email address.

It is likely flagging because the description contains this url: https://cdn-images-1.medium.com/max/2000/1*_5vj2zq-mkZT88N8syPMtA@2x.png

What is Expected?

That the rule is not flagged.

How Did You Get This To Happen? (Steps to Reproduce)

N/A

System Details

N/A

Output Log

N/A

┆Issue is synchronized with this Gitlab issue by Unito

TheCakeIsNaOH commented 2 years ago

Also happening here: https://community.chocolatey.org/packages/iasl/2022.03.31

TheCakeIsNaOH commented 1 year ago

Another: https://community.chocolatey.org/packages/MediaElch/2.8.18

flcdrg commented 1 year ago

https://community.chocolatey.org/packages/webex/43.1.0.24716

flcdrg commented 1 year ago

https://community.chocolatey.org/packages/Weka/3.8.6

Windos commented 1 year ago

https://community.chocolatey.org/packages/qbs/2.0.0

This one does not have any email addresses in the author or copyright fields, though it does in the release notes so it could be triggering against that.

TheCakeIsNaOH commented 1 year ago

@Windos That check was recently expanded to cover all the nuspec fields, but the message was not updated to reflect that change. https://github.com/chocolatey/home/issues/187

The package does have emails in the release notes, so the rule is triggering correctly in this case, and is not hitting this bug. image

Windos commented 1 year ago

Ahh, I hadn't picked up on that change

Thilas commented 1 year ago

https://community.chocolatey.org/packages/StrawberryPerl/5.38.0: there's is something that looks like an email in the mailingListUrl but this is a valid url anyway (as a workaround, I'll encode the @ for the time being).