This feature makes Git VCS build inputs immutable by adding support for
pinning a Git checkout by a hash of its content using the deterministic
export functionality `git archive`.
This feature aids packagers by allowing them to use simple and
convenient refnames (instead of full commit hashes) in the `PKGBUILD`
while still preserving security implications of immutable build inputs
using a trusted cryptographic hash function of the content.
Previously VCS source downloads have been skipped for `--geninteg` and
`--source` as both options did not need a checkout. This commit changes
this behavior by forcing the download of all sources as integrity checks
and generation requires to have an up to date state.
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Refactor many of the different arrays of pkgbuild variables
into scripts/libmakepkg/util/schema.sh.in.
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
e.g. git+https:// is commonly used for git repositories cloned over
HTTPS, but we assume a proto with a plus in it is actually a protocol
followed by some URI handler. So we might as well simplify the return
value and not have to always add glob matching everywhere when checking
the proto in use.
This is required in order to use the proto directly in function calls,
which will be used in a followup patch.
Signed-off-by: Allan McRae <allan@archlinux.org>
This behavior is confusing, since it means absolutely everything goes to
stderr and makepkg itself is a quiet program that produces no expected
output???
The only situation where messages should go to stderr rather than
stdout, is with --geninteg which is meant to return the checksums on
stdout (but we don't want to totally get rid of status messages when
redirecting the results elsewhere, or, worse, redirect status messages
to a PKGBUILD). For this specific case, redirect message output to
stderr in the --geninteg callers directly.
Implements FS#17173
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Checking the file extension to determine if something is a signature is
currently done in three places:
- verify_file_signature: uses $file to print status, reuses it for
comparison
- source_has_signatures: uses $netfile, but removes url component if
filename component exists
- generate_one_checksum: uses $netfile and fails to detect renamed files
This leads to inconsistent behavior when trying to use a signature of
the form "foo-1.0.tar.gz.asc::https://example.com/foo-1.0.tar.gz.pgp"
Fix this by treating the third case like the second case.
Reported-by: Giancarlo Razzolini <grazzolini@archlinux.org>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
If pacman is build against a crypto library other than openssl, it makes no
sense to require makepkg to use it.
The only currently considered alternative to openssl is nettle, which has no
binary for base64 encode/decode. This means that we could replace the hashing
cacluations with nettle-hash, but would require base64 from coreutils.
Given makepkg already relies heavily on coreutils, we might as well use all
the coreutils hashing binaries too.
This patch also improves the checking of required binaries for hashing
operations.
Signed-off-by: Allan McRae <allan@archlinux.org>
