The ability to build only selected packages from a split package was
removed from makepkg, so this lint is no longer needed.
Signed-off-by: Allan McRae <allan@archlinux.org>
The xdata field is an array of key=value entries that allow a packager to
include arbitrary metadata in the generated .PKGINFO.
Fixes#241.
Signed-off-by: Dominik Peteler <archlinux+gitlab@with-h.at>
This ensures (e.g.) that the "emptydirs" script runs last after
unneeded files have been deleted.
Fixes#184.
Signed-off-by: Allan McRae <allan@archlinux.org>
This could help locate the real failure (instead of scrolling through the whole possibly-successful buildtime dep installation section) and also saves time on the operation.
Using the --wait-for-lock option will result in repo-add retrying to acquire the database lock file after 3 seconds. If the option is not set, exit with code 2 on lock failure.
Globally set `GIT_CONFIG_GLOBAL` and `GIT_CONFIG_SYSTEM` so that we're
only loading `/etc/makepkg.d/gitconfig` (if it exists) and no other Git
config files.
Allow injecting another value via `MAKEPKG_GIT_CONFIG`.
Fixes: https://gitlab.archlinux.org/pacman/pacman/-/issues/193
When using --ignorearch or options that imply it (e.g. --printsrcinfo),
all checks of the arch array were skipped. Instead, perform all checks
apart from confirming that the package can be built on that
architecture.
Signed-off-by: Allan McRae <allan@archlinux.org>
Using gdb-add-index to add a .gdb_index section before splitting
debug info (together with enabling "maintenance set debuginfod
download-sections" in GDB) can dramatically reduce the amount of
data GDB has to download.
Fixes#205.
Signed-off-by: Allan McRae <allan@archlinux.org>
The current logic sets CCACHE_PREFIX to distcc when both distcc and
ccache are enabled. However, according to the source of ccache, it would
execute the command with execv, which would not look up arg0 from PATH,
unlike those exec functions with _p suffix.
This would result in the following error, when building a package with
both ccache and distcc enabled:
```
ccache: error: execute_noreturn of distcc failed: No such file or directory
```
This breaks package builds in different ways: packages that use make/cc
directly would yield the actual error which is the same as the above
line, packages that rely on other build systems wouldn't go through
compiler check and complain on a bad compiler.
To reproduce the problem, try to build a simple package:
```
git clone https://gitlab.archlinux.org/archlinux/packaging/packages/abc.git
cd abc
cp /etc/makepkg.conf .
echo 'BUILDENV=(distcc color ccache check !sign)' >> makepkg.conf
makepkg --config makepkg.conf
```
refs:
f887434d35/src/ccache/execute.cpp (L348)https://man.archlinux.org/man/exec.3.en#v_-_execv(),_execvp(),_execvpe()
Signed-off-by: Guoxin Pu <pugokushin@gmail.com>
Repeated values in the arch array can result in architecture specific
fields being repeated when using --printsrcinfo.
Signed-off-by: Allan McRae <allan@archlinux.org>
The check for the format of the PACKAGER variable did not align with the
rest of the function where it was located. Move to its own function.
Signed-off-by: Allan McRae <allan@archlinux.org>
We use NPROC for managing the number of parallel jobs to run, so it is
essentially that this is a valid number. Add a lint pass, and move the
setting of the default value to this location.
Signed-off-by: Allan McRae <allan@archlinux.org>
Parallel processing of file stripping is causing a TOC/TOU race when copying
source files into the debug location resulting in error messages from cp.
While hiding this error is not the ideal solution, it is currently the only
one we have. Given this is a error of our own making, and we understand the
cause and have determined there is zero actual downside to ignoring the
error, we will accept this approach until something better is found.
Signed-off-by: Allan McRae <allan@archlinux.org>
Perform file stripping in parallel where possible. Hardlinks remain
processed one at a time due to reproducibility issues.
Signed-off-by: Allan McRae <allan@archlinux.org>
Handle singly and muptiply hard-linked files separately. Also collect
information on hard linked files to avoid searching the entire package
to check for hard links.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a "safe_" prefix to strip_file() and strip_lto() to indicate that
these functions are taking extra steps to ensure permissions remain
unchanged.
Signed-off-by: Allan McRae <allan@archlinux.org>
Only a subset of checks were being performed on the overridden arch
arrays in package functions. Refactor checking such that all checks
are perform on all arch arrays.
Signed-off-by: Allan McRae <allan@archlinux.org>
The decision to set the PYTHONHASHSEED variable and its value is outside
the domain of makepkg and should be handled by a distribution. Move this
file to the libalpm-dropins project.
Signed-off-by: Allan McRae <allan@archlinux.org>
Debug symbols should only be split from finally linked ELFs, not bare
object files. We're already excluding static libraries from splitting
for a similar reason.
The `.gnu_debuglink` sections are also mishandled by LLVM's LLD, which
copies them to its output. For example, this affects Arch Linux's
`/usr/lib/Scrt1.o`.
While we're here (and it changes the code less), also strip GNU LTO data
from bare objects, again for the same reason we're removing it from
static libraries, and apply static library stripping instead of shared
library stripping.
See: https://bugs.gentoo.org/787623
When objcopy encounters an already-present section, adding the new
debuglink will fail with a warning. Remove any existing `.gnu_debuglink`
section to work around this problem.
Arch Linux's `rust` package is affected by this. Apparently when LLVM's
LLD links in `/usr/lib/Scrt1.o` it will also copy the `.gnu_debuglink`
section.
See: https://bugs.gentoo.org/787623
Using objcopy can result in file permission changes. We work around this
by using "cat" to copy the temporary output file into the target. Extract
this code into a utility function.
Signed-off-by: Allan McRae <allan@archlinux.org>
Git commands can fail in bare repositories when global git config contains safe.bareRepository=explicit.
Some users set this option for increased security.
To be compatible with this configuration, explicitly set safe.bareRepository=all when invoking git in a bare repository.
In f91fa546 (repo-add: do not recreate the database if nothing was changed),
repo-add was made to skip database write-out if there were no changes to
the database. However, this breaks the usage of repo-add to create a new
empty database: `repo-add /path/to/mydb/mydb.db.tar.xz`.
Bring back support for this use-case by always writing the database if
it is missing.
Original-patch-by: Ivan Shapovalov <intelfx@intelfx.name>
Signed-off-by: Allan McRae <allan@archlinux.org>
The Arch sharutils package was spewing messages about "Permission denied" when
copying source files into the debug package. This is due to the source files
having 444 permissions and being used in multiple binaries. Only copy each
source file into the debug package onces to avoid this error.
Signed-off-by: Allan McRae <allan@archlinux.org>
On Windows based systems (e.g. msys), running PKGBUILD linting is very
slow due to time taken spawning bash subshells. Additionally, some packages
have extreme amounts of (usually procedurally generated) splitting, which
also causes linting to be extremely slow. Provide an environment variable
to disable PKGBUILD linting.
Signed-off-by: Allan McRae <allan@archlinux.org>
Supporting git source fragments (branch, commit, tag) is difficult in
conjunction with GITFLAGS usage - particularly with the most common
use cases that reduce the amount of data cloned from the upstream repo.
Leaving GITFLAGS in place an documenting that various git source features
are not supported when GITFLAGS are in used is not an ideal 'solution'.
Instead, remove GITFLAGS support.
Signed-off-by: Allan McRae <allan@archlinux.org>
This causes issues when repeatedly building a package using the same
git checkout. There is also ambiguity of the default checkout when
trying to build from HEAD. See #142 and #143.
This reverts commit 85c421f1cb.
Add the -k parameter to the sudo call to prevent caching of credientials.
This would (potentailly) stop a rogue sudo use within a PKGBUILD.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a new error code to expose the 'not a clone of' error state of some source
providers (git and fossil). This allows other tools integrating further and
handle this specific error state.
One usecase evolves around frequently changing source locations in PKGBUILDs
of packages in the AUR.
It's extremely hard to figure out what's going from when bsdtar fails
here when we expect it to succeed. Stop tunneling stderr to /dev/null
to help users figure out what's going on when this fails.
