Use tap trust for eval all#22476
Merged
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR shifts “evaluate all formulae/casks” behavior away from the legacy --eval-all / HOMEBREW_EVAL_ALL mechanism toward the tap-trust model, while keeping the legacy path working but de-emphasized.
Changes:
- Make
HOMEBREW_REQUIRE_TAP_TRUSTandHOMEBREW_NO_REQUIRE_TAP_TRUSTenable “eval all” behavior (Homebrew::EnvConfig.eval_all?) and add a deprecation warning forHOMEBREW_EVAL_ALL. - Hide
--eval-allandHOMEBREW_EVAL_ALLfrom manpage/docs/completions/config output unless directly set, and update commands to useargs.eval_all? || Homebrew::EnvConfig.eval_all?. - Expose/document
brew trustandbrew untrustand update related tests and TestBot logic.
Reviewed changes
Copilot reviewed 36 out of 36 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| manpages/brew.1 | Removes --eval-all docs from multiple commands; documents trust/untrust; documents new env vars. |
| Library/Homebrew/test/formula_spec.rb | Adds coverage for Formula.all when tap-trust mode is enabled. |
| Library/Homebrew/test/env_config_spec.rb | Adds unit tests for EnvConfig.eval_all? including deprecation warning behavior. |
| Library/Homebrew/test/cmd/uses_spec.rb | Updates uses tests to rely on tap-trust env vars instead of --eval-all. |
| Library/Homebrew/test/cmd/desc_spec.rb | Updates desc --search tests for the new tap-trust gating/error messaging. |
| Library/Homebrew/test/cmd/config_spec.rb | Verifies hidden env behavior (don’t print HOMEBREW_EVAL_ALL unless directly set). |
| Library/Homebrew/test/cask/cask_spec.rb | Adds coverage for Cask::Cask.all when trust checks are disabled via env var. |
| Library/Homebrew/test_bot/test_formulae.rb | Adds helper to set trust requirements/environment for TestBot runs. |
| Library/Homebrew/test_bot/formulae.rb | Updates TestBot’s brew uses invocation to use the tap-trust env instead of --eval-all. |
| Library/Homebrew/test_bot/formulae_dependents.rb | Updates dependent enumeration to use the tap-trust env instead of --eval-all. |
| Library/Homebrew/system_config.rb | Skips printing hidden env vars unless they are directly present in ENV. |
| Library/Homebrew/search.rb | Updates --desc search behavior to treat tap-trust env vars as enabling “eval all”. |
| Library/Homebrew/formula.rb | Updates Formula.all gating/error message to reference tap-trust env vars. |
| Library/Homebrew/env_config.rb | Deprecates/hides HOMEBREW_EVAL_ALL, adds eval_all? custom implementation, updates env descriptions. |
| Library/Homebrew/dev-cmd/unbottled.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates usage errors. |
| Library/Homebrew/dev-cmd/livecheck.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates usage errors. |
| Library/Homebrew/dev-cmd/determine-test-runners.rb | Hides legacy --eval-all and adjusts eval-all logic (but needs a runtime guard fix; see comments). |
| Library/Homebrew/dev-cmd/bump.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates usage errors. |
| Library/Homebrew/dev-cmd/audit.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates odisabled guidance. |
| Library/Homebrew/commands.rb | Filters hidden options out of conflict metadata (for help/completions generation). |
| Library/Homebrew/cmd/uses.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates usage errors. |
| Library/Homebrew/cmd/untrust.rb | Makes untrust visible in manpage by removing hide_from_man_page!. |
| Library/Homebrew/cmd/trust.rb | Makes trust visible in manpage by removing hide_from_man_page!. |
| Library/Homebrew/cmd/tap.rb | Uses tap-trust-based “verify/eval-all” behavior; hides legacy --eval-all. |
| Library/Homebrew/cmd/search.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates usage errors. |
| Library/Homebrew/cmd/readall.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates usage errors. |
| Library/Homebrew/cmd/options.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates usage errors. |
| Library/Homebrew/cmd/info.rb | Uses tap-trust-based eval_all? for JSON; hides legacy --eval-all. |
| Library/Homebrew/cmd/desc.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates usage errors. |
| Library/Homebrew/cmd/deps.rb | Uses tap-trust-based eval_all?; hides legacy --eval-all; updates --for-each description. |
| Library/Homebrew/cask/cask.rb | Updates Cask::Cask.all gating/error message to reference tap-trust env vars. |
| docs/Manpage.md | Mirrors manpage changes: removes --eval-all docs, adds trust/untrust, adds env var docs. |
| completions/zsh/_brew | Adds trust/untrust and removes --eval-all completions/constraints. |
| completions/internal_commands_list.txt | Adds trust and untrust to internal command list. |
| completions/fish/brew.fish | Adds trust/untrust and removes --eval-all completions. |
| completions/bash/brew | Adds trust/untrust and removes --eval-all completions. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
MikeMcQuaid
force-pushed
the
tap-trust-eval-all
branch
from
b42801f to
c805041
Compare
Code Coverage OverviewLanguages: Ruby Ruby / code-coverage/simplecovThe overall coverage in the branch remains at 78%, unchanged from the branch. Show a code coverage summary of the most impacted files.
Updated |
p-linnane
approved these changes
May 30, 2026
MikeMcQuaid
force-pushed
the
tap-trust-eval-all
branch
4 times, most recently
from
17a988c to
72f4979
Compare
MikeMcQuaid
force-pushed
the
tap-trust-eval-all
branch
from
72f4979 to
03d250c
Compare
MikeMcQuaid
force-pushed
the
tap-trust-eval-all
branch
4 times, most recently
from
8ee5901 to
4c5aff4
Compare
MikeMcQuaid
force-pushed
the
tap-trust-eval-all
branch
2 times, most recently
from
3ef67c8 to
9ffb47a
Compare
issyl0
approved these changes
May 31, 2026
p-linnane
approved these changes
May 31, 2026
- Make `HOMEBREW_REQUIRE_TAP_TRUST` and `HOMEBREW_NO_REQUIRE_TAP_TRUST` enable commands that evaluate all formulae and casks. - Hide `--eval-all` and `HOMEBREW_EVAL_ALL` from generated help, completions and configuration unless the env var is set directly. - Keep legacy `HOMEBREW_EVAL_ALL` working with a deprecation warning so callers can move to the trust model.
MikeMcQuaid
force-pushed
the
tap-trust-eval-all
branch
from
9ffb47a to
848a24c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
HOMEBREW_REQUIRE_TAP_TRUSTandHOMEBREW_NO_REQUIRE_TAP_TRUSTenable commands that evaluate allformulae and casks.
--eval-allandHOMEBREW_EVAL_ALLfrom generated help,completions and configuration unless the env var is set directly.
HOMEBREW_EVAL_ALLworking with a deprecation warningso callers can move to the trust model.
brew lgtm(style, typechecking and tests) with your changes locally?OpenAI Codex 5.5 xhigh with local review and extensive manual testing.