index : devtools32 | |
Archlinux32 fork of devtools | gitolite user |
summaryrefslogtreecommitdiff |
-rw-r--r-- | src/archrelease.in | 11 |
diff --git a/src/archrelease.in b/src/archrelease.in index e80271b..55d3726 100644 --- a/src/archrelease.in +++ b/src/archrelease.in @@ -42,6 +42,17 @@ if git rev-parse "$pkgver" >/dev/null 2>&1; then die "archrelease: the tag $pkgver already exists in the repository!" fi +# If the tag exists we check if it's properly signed and that it +# matches the working directory PKGBUILD. +if git tag --verify "$pkgver" &> /dev/null; then + cwd_checksum=$(sha256sum PKGBUILD|cut -d' ' -f1) + tag_checksum=$(git show $pkgver:PKGBUILD | sha256sum |cut -d' ' -f1) + if [[ "$cwd_checksum" != "$tag_checksum" ]]; then + die "tagged PKGBUILD is not the same as the working dir PKGBUILD" + fi + exit 0 +fi + stat_busy "Releasing package" printf -v tag_list ", %s" "$@"; tag_list="${tag_list#, }" git tag -s -m "archrelease: released $pkgbase-$pkgver to $tag_list" "$pkgver" || abort |