pacman should be able to extract an email address from PACKAGER for WKD
lookup, so issue a warning if it is not of the form
"Example Name <email@address.invalid>". Neither the name nor the email
address must contain additional angle brackets.
Signed-off-by: Jonas Witschel <diabonas@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
If we use make dist to create the official, signed release tarballs,
those will not have meson build files by default since autotools doesn't
know what they are.
Also distribute all src/common/ files. We never strictly needed any of
them to be distributed with autotools, because the dist tarball
dereferences the symlinks (???), but only some of them were being
distributed, and meson needs them to be in the right location as we only
build libcommon from the primary files.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Commit 11ab9aa9f5 replaced a strcpy() call
with memcpy(), without copying the terminating null character.
Since fname is allocated with malloc(), subsequent strstr() calls will
overrun the buffer's boundary.
Signed-off-by: László Várady <laszlo.varady93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This includes a patch from Andrew to fix pactest's TAP output for
subtests. Original TAP support in meson was added in 0.50, but 0.51
contains a bugfix that ensures the test still work with the --verbose
flag passed to meson test, so let's depend on that.
An artificial symbol can be produced when requesting debugging symbols
and the compiler has inlined a function. These symbols will give
spurious results when listing source files for inclusion in debug
packages. This will ignore these symbols and avoid an error that can be
generated when creating a debug package.
Signed-off-by: Austin Lund <austin.lund@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
.ninja.log is only present after building (successful or otherwise) the
project, but build.ninja is output as soon as the build dir is setup.
Signed-off-by: Allan McRae <allan@archlinux.org>
These are defined by a POSIX standard, and we should assert that we have
them, or define sane fallbacks (as per sys_types.h(0P)).
Signed-off-by: Allan McRae <allan@archlinux.org>
This was ported over from the AC_CHECK_{FUNCS,HEADERS} lists in
configure.ac, but I never actually checked if the resulting CPP defines
are used. Turns out, lots of symbols, not a lot of define usage.
Signed-off-by: Allan McRae <allan@archlinux.org>
Overriding the segfault handler prevents the creation of core dumps by
the default handler, which makes debugging segfaults difficult.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
If we get SIGSEGV we need to bail out quickly, leaving other signals
unblocked could lead to other signal handlers getting triggered.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Currently when caling alpm_trans_commit, if fetching a package restults
in a 404 (or other non 400 response code), the function returns -1 but
errno is never set.
This patch sets errno to ALPM_ERR_RETRIEVE.
Signed-off-by: Allan McRae <allan@archlinux.org>
This works everywhere that gpgme >= 1.13.0 because it is a pkg-config
dependency, and meson 0.51 adds a fallback config-tool dependency
provider that detects older versions of gpgme seamlessly via
gpgme-config.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
The default state of `dependency()` is `required: true`, which means if
a dependency is not found, meson immediately aborts and does not log our
`error()` messages. meson 0.50 has builtin support for dependencies with
custom error messages.
The alternative would be to specify `required: false` everywhere, and
only then to key off of `dep.found()`.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
We haven't reached our first public release of the meson build backend
yet, so we have lots of flexibility for this... and build dependencies
are easier to upgrade than runtime dependencies anyway.
Updating meson allows us to make use of a bunch of new features that
rewquire the latest version of meson.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
bash uses POSIX extended regular expressions via regex(3), which does
not guarantee support for shorthand character classes. Although glibc
supports it, msys2-runtime does not.
Make sure the completion script works (hopefully) everywhere by being
more portable.
Fixes: https://github.com/msys2/MSYS2-packages/pull/1549
Original-patch-by: plotasse <platos@protonmail.ch>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
%X is locale-dependent, making it impossible to reliably parse and
potentially overflowing the buffer. %T is consistent across locales.
Also fixes some adjacent whitespace.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Make it clearer that the targets are matched against both directories
and regular files and free up File to potentially refer specifically to
regular files in the future. File is retained as a deprecated alias for
Path for the time being to avoid breaking existing hooks and will be
removed in a future release.
See FS#53136.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
pkgname and pkgver are used as directory names within database files.
libarchive does not provide a reliable locale-independent method for
reading archive file names, causing errors when archive paths include
non-ascii characters.
This is a first step toward dealing with FS#49342, by hopefully reducing
the number of packages with non-ascii data in the wild before updating
libalpm to reject them outright.
See https://github.com/libarchive/libarchive/wiki/Filenames
and https://github.com/libarchive/libarchive/issues/587
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Reworks the UI of -F according to FS#47949
In short -F replaces both -Fs and -Fo.
Searching for an exact path (target contains "/"), causes the output to
switch to the old -Fo output. Otherwise the old -Fs output is used.
Also strip the leading "/" from targets like how -Qo does.
Signed-off-by: Allan McRae <allan@archlinux.org>
When scripting/automating around makepkg, it is sometimes desirable to
know how makepkg will be configured to operate. One example is the
archlinux devtools, which must forward select makepkg.conf variables
into a build chroot (for example PACKAGER) or use those variables itself
(for example {SRC,PKG,LOG}DEST).
The configuration file can be in up to 3 places, and should be capable
of being overridden via environment variables. It is sufficiently
complex to represent distinct functionality, and sufficiently useful to
merit easy accessibility in other scripts, therefore, let us move it
into a publicly exposed utility library.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Currently this tells people that the settings should not be touched, but
we should just rely on the description of what it should be set to, and
leave it up to the user. With the previous patch, makepkg aborts if an
invalid value is set, greatly reducing the danger of it being badly
configured.
Also make this clearer by indicating when it would be useful to change
the settings -- i.e. disable compression -- and ensure their described
defaults are based on the ones established during ./configure or meson
setup.
Reported-by: Jouke Witteveen <j.witteveen@gmail.com>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
These variables must begin with .src.tar / .pkg.tar respectively, so
fail early if those expectations are not matched. This prevents makepkg
from creating e.g. package files literally named "./pacman-5.1.3-1-x86_64"
which are actually uncompressed tarballs.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
file 5.37 changed the gzip MIME type from application/x-gzip to
application/gzip, so support this when checking to extract source files.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Since makepkg exports a public library of functions, other projects may
wish to use these functions. Highlights include parseopts or our
messaging functions.
Install a pkg-config file in order to let downstream users detect where
they can source the libmakepkg functionality. This is useful e.g. to
gracefully handle the case where a thirdparty project is configured and
installed into a different datarootdir from pacman, but still wants to
use the installed pacman's version of libmakepkg.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
When the executable checking was refactored into libmakepkg, it carried
with it, usage of $E_* error codes, which need to be declared from
error.sh but are only available when the parent program already sources
error.sh; additionally, message.sh was only loaded in a parent
library, but not where it was needed, and option.sh was often loaded
when it wasn't needed at all.
util.sh, meanwhile, has always depended on message.sh functions.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
The right-hand side of the [[ ... = ... ]] keyword is an exception to
the general rule that quoting is unnecessary with [[
This is usually not a problem, e.g. in libmakepkg, lint_one_pkgname will
already fail if pkgname has an asterisk, but it certainly doesn't hurt
to be "more proper" and go with the spec; it is more dangerous in
repo-add, which can get caught in an infinite loop instead of safely
asserting there is no package named 'foo*'.
Reported-by: Rafael Ascensão <rafa.almas@gmail.com>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Fixes "arch" and "checkdepends" never having been unset, fixes b2sums
(but not ${!b2sums_@}) being recently left out.
The "build" function used to be unset as well, explicitly unset it as a
function and do the same for other official functions as well.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
The libarchive header is used in alpm.h, and several binaries include
this header. This is noticeably a problem when using e.g. the musl-gcc
compiler which does not include /usr/include by default, and thus the
build system reports:
...../lib/libalpm/alpm.h:35:10: fatal error: archive.h: No such file or directory
More commonly, this will result in compiling against potentially the
wrong headers, if the libarchive installation picked up by pkg-config is
different from the one with headers in /usr/include, and /usr/include is
in the -isystem path.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
In commit b5191ea140 we moved to using
shell globbing to print package files for a couple of reasons including
reproducible packaging of .METADATA files.
Unfortunately, this only works reliably when the glob pattern does not
resolve to a symlinked directory due to a change in the bash 5.0
release. Note that the previous, desired behavior was rather to merely
refuse to recurse into symlinked directories, but due to an unrelated
issue, the symlink handling for globstar was reworked in a way that had
this side effect.
See https://lists.gnu.org/archive/html/bug-bash/2019-04/msg00015.html
for discussion; this may be fixed at some point, but bash 5.0 is broken
either way.
The appropriate way of handling this seems to be to use **/* to match
instead; this produces the same results on both bash 4 and bash 5, as
the ** matches any leading directory component (or none), and the *
matches any file, directory, or symlink to either one.
Fixes FS#62278
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Clang 8 warns that adding a string to an integer does not append to
string. Indeed it doesn't, but that was not the intentetion. Use array
indexing as suggested by the compiler to silence the warning. There
should be no functional change.
Example of warning message:
alpm.c:71:54: warning: adding 'int' to a string does not append to the string [-Wstring-plus-int]
sprintf(hookdir, "%s%s", myhandle->root, SYSHOOKDIR + 1);
~~~~~~~~~~~^~~
alpm.c:71:54: note: use array indexing to silence this warning
sprintf(hookdir, "%s%s", myhandle->root, SYSHOOKDIR + 1);
^
& [ ]
1 warning generated.
The "tip" ref actually signifies the most recently updated branch. hg
does not support a default branch named anything other than "default",
except by creating a "@" bookmark. The correct way to explicitly update
to the default clone ref, is therefore to use one of these, rather than
"tip".
Fixes FS#62092
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
One of the callers was changed to use known_hash_algos, one was not.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
The current completions don't properly handle redirection operators, and
attempt to complete command completions rather than completing filenames
to redirect to.
bash-completion provides both _get_comp_words_by_ref and a higher-level
wrapper _init_completion, but the latter provides handling of redirection
operators, so switch to using that.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Currently this is scoped to the build() function, which is simply wrong
as it equally applies to any function. Simply moving the paragraphs up
to the main manpage section makes this clear.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
In commit 1825bd6716 this was split out
from makepkg, but the warning was not properly migrated; $ext did not
ever exist.
As a result, no matter what you did, the only possible warning was:
==> WARNING: '' is not a valid archive extension.
Fix to filter based on the presence of .tar in the argument, and
building the $ext variable for all checking and messaging purposes
within the function.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
In order to cache sources offline, makepkg creates *two* copies of every
git repo. This is a useful tradeoff for network time, but comes at the
cost of increased disk space.
Normally, git can smooth this over automagically. Whenever possible, git
objects are hardlinked to save space, but this does not work when
SRCDEST and BUILDDIR are on separate filesystems.
When the repo in question is both very large (linux.git for example is
2.2 GB) and crosses filesystem boundaries, this results in a lot of
extra disk space being used; the most likely scenario is where BUILDDIR
is a tmpfs for bonus ouch.
git(1) has a builtin feature which serves this case handily: the
--shared flag will create the info/alternates file instructing git to
not copy or hardlink or create objects/packs at all, but merely look for
them in an external location (that being the source of the clone).
The downside of using shared clones, is that if you modify and drop
commits from the original repo, or simply delete the whole repo
altogether, you break the copy. But we don't care about that here,
because
1) the BUILDDIR copy is meant to be a temporary copy strictly derived
via PKGBUILD syntax from the SRCDEST, and must be able to be
recreated at any time,
2) if the SRCDEST disappears, makepkg will redownload it, thus restoring
the objects needed by the BUILDDIR clone,
3) if the user does non-default things like hacking on the BUILDDIR copy
then deleting and re-cloning the SRCDEST may result in momentary
breakage, but ultimately should be fine -- the unique objects they
created will be stored in the BUILDDIR copy.
While it's theoretically possible that upstream will force-push to
overwrite the base tree from which makepkg is building (which they
should not do), *and* the user deleted their SRCDEST which they should
not do, *and* they saved work in makepkg's working directory which they
should not do either...
... this is an unlikely chain of events for which we should not care.
Using --shared is therefore helpful in immediately useful ways and IMHO
has no actual downsides; we should use it.
An alternative implementation would be to use worktrees. I've rejected
this since it is essentially the same as shared clones, except adding
additional restrictions on the branch namespace, and could potentially
break existing use cases such as manually handling the SRCDEST in order
to share repositories with normal working copies.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
