There were a couple places where filenames beginning with "-" were not
properly guarded against by passing them after "--". Some PKGBUILD
authors are crazy, but we still take those into account.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
With recent version of gpg, signing within fakeroot works on the first
invocation, but fails on later runs. Sign all packages outside of fakeroot
to avoid this issue.
Fixes FS#49946.
Signed-off-by: Allan McRae <allan@archlinux.org>
Debug packages are fairly useless currently because the soucre files needed
for stepping through code etc are not packaged with them. This patch adds the
needed source files to the debug package and adjusts the debug info to look at
the /usr/src/debug/ directory for them rather than the build location. This
requires using the "debugedit" program which is provided as part of the RPM
sources.
Signed-off-by: Allan McRae <allan@archlinux.org>
A git repository is marked as signed if it contains the query "signed"
as defined by https://tools.ietf.org/html/rfc3986
Adds two utility functions in util/source.sh.in to extract fragments and
queries, and modifies source/git.sh.in to use them.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This makes it easier to add signature verification for new protos.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
libalpm reserves paths starting with '.' for its own use and will not
extract any other than those it recognizes.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
scripts/libmakepkg/lint_pkgbuild/pkgver.sh.in now raises an error when
pkgver contains forward slashes.
pkgver containing a forward slash results in a package filename
containing a forward slash, which isn't a valid filename.
Signed-off-by: Steef Hegeman <steefhegeman@hotmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
We want to provide source files with debug symbol packages to allow easy
stepping through the program. This becomes difficult with split packages due
to the binaries in many of these sharing source files across packages.
There are (at least) two solutions to this problem. #1: ensure common source
files are located in the debug package for the package lowest in the dependency
chain and add dependencies to the debug packages so all require source files
are present, or #2: create one debug package for all split packages in a
PKGBUILD. The second is a more robust approach despite potentially creating
very large debug packages.
This patch creates a single $pkgbase-debug package and adds provides such that
installing $pkgname-debug will always work.
Signed-off-by: Allan McRae <allan@archlinux.org>
These files are generated at build time. Ignore in git.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
libalpm's local database format does not support paths with newlines.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Allows lint_package to prevent makepkg from creating an invalid package.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Debug packages are fairly useless currently because the soucre files
needed for stepping through code etc are not packaged with them. This
patch adds the needed source files to the debug package and adjusts
the debug info to look at the /usr/src/debug/ directory for them rather
than the build location. This requires using the "debugedit" program
which is provided as part of the RPM sources.
Signed-off-by: Allan McRae <allan@archlinux.org>
If pacman is build against a crypto library other than openssl, it makes no
sense to require makepkg to use it.
The only currently considered alternative to openssl is nettle, which has no
binary for base64 encode/decode. This means that we could replace the hashing
cacluations with nettle-hash, but would require base64 from coreutils.
Given makepkg already relies heavily on coreutils, we might as well use all
the coreutils hashing binaries too.
This patch also improves the checking of required binaries for hashing
operations.
Signed-off-by: Allan McRae <allan@archlinux.org>
parseopts is used in makepkg and other scripts such as pacman-key as a
getopt replacement.
Instead of including it in those scripts via a macro, move it to
libmakepkg/util/parseopts.sh and have scripts source this file where
appropriate.
To keep the parseopts test, a new variable was introduced:
PM_LIBMAKEPKG_DIR
Signed-off-by: Alad Wenter <alad@archlinux.info>
Signed-off-by: Allan McRae <allan@archlinux.org>
In order for the scripts to be used in testsuites, it is easiest to generate
all of them so they are found in the build directory (which may be different
to the source directory).
Signed-off-by: Alad Wenter <alad@archlinux.info>
Signed-off-by: Allan McRae <allan@archlinux.org>
We checked for empty array elements, but did not catch empty array. Add
a check for that case as well.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
`makepkg -g` looks for existing checksums in the PKGBUILD file, so that
it can generate new sums of the same type. Previously it only checked
variables of the form "sha256sums", and not "sha256sums_x86_64". That
meant it would always fall back to MD5 for packages with only
architecture-specific sources. This change makes it look at
architecture-specific checksums too to determine the type.
Signed-off-by: Jack O'Connor <oconnor663@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Using "-exec command {} +" systax exits on any error. Such errors occur when
running rmdir on a non-empty directory. Switch to "{} ;" syntax instead which
avoids exiting before the find command is completed.
Fixes FS#48515.
Note, we can not use "-empty" in the find command because it is not supported
by Busybox find, and the "--ignore-fail-on-non-empty" flag for rmdir is not
available on BSD rmdir variants.
Signed-off-by: Allan McRae <allan@archlinux.org>
These options were added before libmakepkg allowed passes like this to be
dropped in. I prefer only real core packaging tasks to be included in
makepkg and additional things like this to be dropped in by a user or
distribution that wants to support them.
Signed-off-by: Allan McRae <allan@archlinux.org>
This happened to work for the majority of cases because the only calling
function used a variable named "i" that was related to the variable being
passed to the function.
Fixes FS#48340.
Signed-off-by: Allan McRae <allan@archlinux.org>
Extract array detection into its own utility function that ensures
extglob is enabled.
Suggested-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Most entries in $sources contain variables so finding out why a URL
fails to download is hard because one has to manually replace the
variables when looking at the PKGBUILD. Simply output the full URL here
so that it can be easily seen what is wrong.
Old:
==> ERROR: Failure while downloading example-1.2.4.tar.gz
New:
==> ERROR: Failure while downloading http://example.org/releases/1.1/example-1.2.4.tar.gz
With the new format it is much more obvious that the directory name is
the culprint (1.1 vs 1.2) while the old one would not display that
information.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
Approach the detection of variables of the wrong type using an approach
similar to that used for construction of .SRCINFO files. While doing silly
things in bash could still result in false negatives, this approach should
be very robust to generatinf false positives results.
Signed-off-by: Allan McRae <allan@archlinux.org>
Negative subscripts to indexed arrays are not supported before 4.2. However,
since substring expansion works on arrays, we can specify an offset of -1 to
be taken relative to one greater than the maximum index of the specified
array (see Parameter Expansion section of the bash man page). This works with
both Bash 4.1 and 4.2, and 4.1 is already the oldest supported by pacman.
Signed-off-by: Aaron Campbell <aaron@monkey.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
makepkg used to check OPTIONS too, which could override
BUILDENV. Implement a new function that handles these
options more like OPTIONS.
This also reduces code duplication a bit.
Signed-off-by: Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The return value was being assigned when an error was found in a PKGBUILD's
arch array but it never was returned.
Also remove error message explaining about adding the arch array to a PKGBUILD.
That was added a long time ago when the arch array first became compulsory.
Signed-off-by: Allan McRae <allan@archlinux.org>
When extracting variables from PKGBUILD (e.g. for .SRCINFO creation) we make
assumptions about whether variables are arrays or not. This adds a check to
the PKGBUILD linter to ensure variables are arrays or not as appropriate.
Signed-off-by: Allan McRae <allan@archlinux.org>
