Age | Commit message (Collapse) | Author |
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
coreutils 8.26 in December 2016 added this new hashing method which is
compatible with the existing md5sum and sha*sum tool usage, while using
the blake2 hash algorithm.
makepkg uses coreutils to provide source file integrity checks via
${integ}sum binaries and it makes sense to offer this as an additional
option.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We cannot use most of the arrays defined in schema.sh as srcinfo is dependent
on the order, but migrate the hashes for now.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We don't need to check the options twice, since it is the same check
both times. Instead, merge the conditionals.
As far as I can tell, the only reason the checks for:
- PACMAN_OPTS and
- whether to use sudo
were ever separated is due to the historic existence of --asroot, since
the second check included a check for (( ! ASROOT )) until it was
cleaned up in commit 61ba5c961e4a3536c4bbf41edb348987a9993fdb.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When pacman is run as root to do -S, -U, or -R, it would immediately
abort if pacman is not ready for use. Instead, poll the lockfile and
wait until it becomes available.
Implements FS#28840
Original-patch-by: Georges Dubus <georges.dubus@compiletoi.net>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Variables such as 'pkgdesc_x86_64' are invalid, instead of ignoring them
raise an error.
This also disallows using 'any' as an architecture specific variable
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
makepkg will now error if disallowed variables are set inside of
the package function.
Disallowed variables are variables that do exist, like 'makedepends'
and 'pkgver' but can not be set inside of a package function.
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Refactor many of the different arrays of pkgbuild variables
into scripts/libmakepkg/util/schema.sh.in.
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This patch was inspired by FS#32723 which asks makepkg to install makedepends
before depends. The use case is to build a package depending on a virtual
package that is only provided by other packages (e.g. java-runtime in Arch
Linux), but wanting to build against a specific version. Installing makedepends
first (but not at the same time as depends) would allow specifying the version
to build against, instead of pacman resolving to the default version when
installing depends.
It turns out, we can already achieve installing makedepends first by specifying
dependencies only in the package function (and making sure makedepends includes
everything needed). The only issue is that if we use makepkg to install the
built package with the --install flag and along with the --rmdeps flag, we will
try to remove any installed dependencies that are specified in the depends
array in the package function. To counter this, we need to use the --unneeded
flag for the pacman call.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
lzip is a lossless data compressor designed to replace gzip and bzip2 as
the standard general-purpose compressed format.
- add .lz (lzip) support to libmakepkg/util/compress.sh:compress_as
- add COMPRESSLZ to makepkg.conf.in
- document COMPRESSLZ
- document PKGEXT with `.tar.lz`
Signed-off-by: Chloe Kudryavtsev <toast@toastin.space>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Lookup the existence of matching functions for each protocol, and
fallback on the generic file handler. New verification protocols can
then be added via thirdparty libmakepkg drop-ins without requiring
modifications to verify_signature.sh
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Lookup the existence of matching functions for each protocol, and
fallback on the generic file handler. New source protocols can then be
added via thirdparty libmakepkg drop-ins without requiring modifications
to source.sh
Fixes FS#49076
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
e.g. git+https:// is commonly used for git repositories cloned over
HTTPS, but we assume a proto with a plus in it is actually a protocol
followed by some URI handler. So we might as well simplify the return
value and not have to always add glob matching everywhere when checking
the proto in use.
This is required in order to use the proto directly in function calls,
which will be used in a followup patch.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Making the undescore be translated is probably not something we need
translators to think about.
Additionally, a number of places which use the same text differ only by
the variable being referenced, so simplifying the string means we can
drop a redundant translation.
Bonus: we save a few bytes here and there. \o/
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Error if the arch array contains any and any other values. This also
fixes a bug where the check for `$arch == 'any'` which only evaluated
the first value in the array, meaning the rest of the values would not
be linted.
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit f7efa6a93d5361af610827d41045d87c7a72f2b5 we added a new file,
and also wired it up to the build systems, but it got added under the
wrong name in meson.build
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is not really an error with a "user function".
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Use mapfile instead of hacking around read -a with the $IFS.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This can only ever be an int, and the specification states that a
malformed timestamp should be considered a fatal error.
https://reproducible-builds.org/specs/source-date-epoch/
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
paths can contain printf-unsafe chars, and printf -v is not somehow immune to this
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If you have a malformed pkgrel, the error message says that it must be a
"decimal". That isn't quite true, as that would mean that `1.1 == 1.10`.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
opt)depends/provides/conflicts
Given the depends
depends=('foo>=1.2-1.par2')
and the error message
==> ERROR: pkgver in depends is not allowed to contain colons, forward slashes, hyphens or whitespace.
One would be lead to believe that the problem is that they gave a pkgrel in
depends at all, not that the pkgrel contains letters.
Each of the (check,make,opt)depends, conflicts, and provides linters use a
glob to trim off properly formed epoch an rel from the full version string,
and pass the remainder to check_pkgver(). This does a good job of
accepting/rejecting full versions, but doesn't do a good job of generating
good error messages when rejecting if it's because of the epoch or rel.
1. Factor out check_epoch() and check_pkgrel() from lint_epoch() and
lint_pkgrel(), similarly to check_pkgver().
2. Add a check_fullpkgver() that takes a full [epoch:]ver[-rel] string and
splits it in to epoch/ver/rel, and calls the appropriate check_ function
on each.
3. Use check_fullpkgver() in the {,check,make,opt}depends, conflicts, and
provides linters.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Checking the length of the variable to be non-zero before considering it
an error is inconsistent; license=() and depends='' and `declare arch`
should be considered just as wrong.
In fact the current check detects depends='' as non-zero and returns an
error, but happily considers the others to be perfectly okay.
A more reliable check is to simply see if the name has been declared
(whether it is set or not), and then enforce that it's been declared to
the right type.
As an added benefit, avoiding the creation of proxy-evaled variables to
count the number of indexes results in simpler code.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit d8ee8d0c99c3820951e2e49dbdb71a5390bd1dc4 we made use of
fakeroot absolutely mandatory, and disabled a lot of the code which
checked to see if this now-defunct BUILDENV option was set, before
setting up the environment to use fakeroot. Unfortunately, we missed one
spot.
The check_software routine still checked to see if fakeroot was
enabled, but due to the option being removed, thought that it was in
fact disabled, and as a result this check would never run.
Fix by checking to see if we are trying to build either a package or a
source package, and if so, checking for fakeroot. These are the only two
situations where fakeroot is needed.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
There are state variables for everything else, and we use them to do
conditional checks on things, but it's currently a bit difficult to test
whether a package is being built, as it's the default action if *no*
options are specified.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Causes it to be reset (to $pkgdirbase/$pkgbase) between subpackages.
This shouldn't be visible.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Merge the similar code handling unsplit PKGBUILDs and individual
packages in a split PKGBUILD and make it a new function.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We don't need to re-backup the variables we restored on the previous
iteration.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Our sed parser for xdelta3 headers will greedily match on ":" which
coincidentally is also the character we use to define a version with an
epoch.
While we are at it, simply use sed for the whole pipeline, rather than
using both grep and sed.
Fixes FS#61195
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We have code in order to remove deltas when removing a package, but it
is never run, since we try to remove the wrong file.
This was broken in commit cb0f2bd0385f447e045e2b2aab9ffa55df3c2d8a which
modified the internal layout we use to modify the db, changing "tree" to
"db", but did not update all locations where it was used.
This worked swimmingly well as long as only repo-add updates were
handling the backup and restore of the delta file, as the delta file
therefore got backed up to the correct location (db) in the shared
db_remove_entry() function.
But later on in the repo-remove logic, we tried removing a different
file that will never exist (tree).
Fixes FS#53041
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
directories are created by install_dir within the subdir custom_target
installation targets.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Simply fix a typo: in written -> is written
Signed-off-by: Michael Straube <michael.straube@posteo.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Elsewhere, we return 1 if a library dropin fails, and when running
functions in a loop, we use `|| ret=1` to preserve scope. This ensures
the return value of the function remains useful in isolation. Do the
same thing here as well.
Drop trivial function which wraps a dropin that also uses $ret, since
it's no longer needed.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Now that repo-add uses libmakepkg, it needs to have $LIBRARY set before
testing it in-tree.
[Allan: fix "make distcheck"]
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Instead of assuming all scripts are .sh.in and leaving a comment to that
effect, just take the input file directly.
This depends on the first dependency for the target being the source of
the script.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
All of our scripts depend on the same pattern .sh.in, and since commit
b5d62d2c91a2caf5c18945921cdf12af6f36b2d4, they also all (not just
makepkg itself) depend on libmakepkg.
There's no real reason to include separate targets for them just to
establish dependency rules.
While we are at it, fix a longstanding bug where generated wrapper
scripts did not depend on wrapper.sh.in (which due to moving to .lib,
requires we regenerate the script too), by making the shared target
pattern depend on it. All our generated scripts now require the wrapper,
even repo-add which now uses libmakepkg.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
repo-remove and repo-elephant don't care whether repo-add.sh.in is
updated... but they do require the repo-add target to be up to date, so
use that instead. As a bonus, use the same rule for both of them.
|
|
This opens the door for third parties to provide libmakepkg
extentions for the purpose of altering the build environment.
Signed-off-by: Que Quotion <quequotion@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This opens the door for third parties who provide extensions to
libmakepkg to supply scripts that confirm the presence of their
dependant executables.
Signed-off-by: Que Quotion <quequotion@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
|
|
If a user has a makepkg.conf policy to enable debug builds, but a
PKGBUILD has disabled buildflags, we would unset the *FLAGS but then
later append the debug *FLAGS anyway, which would result in some *FLAGS
being used, against the wishes of the PKGBUILD author.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This was only ever used by paccache, and paccache has since been moved
to pacman-contrib.
|
|
makepkg-template is a perl script and doesn't get wrapped by our shell
wrapper. It (wrongly) reads from the host machine rather than the build
root, but this is working as implemented.
|
|
Currently this prints the following message:
==> Extracting database to a temporary location...
==> Extracting database to a temporary location...
This redundancy is potentially confusing and may cause people to think
something is wrong. Historically, this message came from a time when we
only extracted one database, but repo-add was changed to always create
the files database in commit cb0f2bd0385f447e045e2b2aab9ffa55df3c2d8a
and whole code block with message intact was moved into a for loop and
run (and printed) twice.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The respective write_* functions are low-level and shouldn't be
outputting statuses; move these to the logic flow where they are used.
This ensures the functions can be used in the future wherever, and also
solves an issue where, as fallout from the message.sh retrofitting in
commit 882e707e40bbade0111cf3bdedbdac4d4b70453b, the statuses got
redirected to the actual files.
The resulting package was technically correct, except that it contained
useless lines which pacman ignored, and repo-add also ignored but at the
same time generated an error message:
/usr/bin/repo-add: line 335: declare: `=-> Generating .PKGINFO file...': not a valid identifier
Thirdparty package tools with stricter parsers may abort with errors,
and "repose" is known to do so.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Simply pass options on to gpg the same way gpg uses them -- no looping
through and checking lots of signatures.
This prevents a situation where the signature file to be verified is
manipulated to contain an embedded signature which is valid, but not a
detached signature for the file you are actually trying to verify.
gpg does not offer an option to verify many files at once by naming each
signature/file pair, and there's no reason for us to do so either, since
it would be quite tiresome to do so.
In the event that there is no signature/file pair specified to
pacman-key itself,
- preserve gpg's behavior, *if* the matching file does not exist, by
- assuming the signature is an embedded signature
- deviate from gpg's behavior, by
- offering a security warning about which one is happening
- when there is an embedded signature *and* a matching detached file,
assume the latter is desired
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This doesn't do quite as good of a job of "hiding away" the real script
as we did with autotools, but it satisfies the need for being able to
run scripts which depend on libmakepkg with the local copy within the
repo. We do, however, improve upon the autotools script by ensuring that
the bash path used in configuring pacman is the interpreter used to run
the underlying script.
|