summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-11-03pacman-key: just accept one file to verify, and enforce detached sigsEli Schwartz
Simply pass options on to gpg the same way gpg uses them -- no looping through and checking lots of signatures. This prevents a situation where the signature file to be verified is manipulated to contain an embedded signature which is valid, but not a detached signature for the file you are actually trying to verify. gpg does not offer an option to verify many files at once by naming each signature/file pair, and there's no reason for us to do so either, since it would be quite tiresome to do so. In the event that there is no signature/file pair specified to pacman-key itself, - preserve gpg's behavior, *if* the matching file does not exist, by - assuming the signature is an embedded signature - deviate from gpg's behavior, by - offering a security warning about which one is happening - when there is an embedded signature *and* a matching detached file, assume the latter is desired Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-11-02meson: add a wrapper to bootstrap scripts from within build dirDave Reisner
This doesn't do quite as good of a job of "hiding away" the real script as we did with autotools, but it satisfies the need for being able to run scripts which depend on libmakepkg with the local copy within the repo. We do, however, improve upon the autotools script by ensuring that the bash path used in configuring pacman is the interpreter used to run the underlying script.
2018-11-02Add meson.build files to build with mesonDave Reisner
Provide both build systems in parallel for now, to ensure that we work out all the differences between the two. Some time from now, we'll give up on autotools. Meson tends to be faster and probably easier to read/maintain. On my machine, the full meson configure+build+install takes a little under half as long as a similar autotools-based invocation. Building with meson is a two step process. First, configure the build: meson build Then, compile the project: ninja -C build There's some mild differences in functionality between meson and autotools. specifically: 1) No singular update-po target. meson only generates individual update-po targets for each textdomain (of which we have 3). To make this easier, there's a build-aux/update-po script which finds all update-po targets and runs them. 2) No 'make dist' equivalent. Just run 'git archive' to generate a suitable tarball for distribution.
2018-10-23Dynamically generate Doxyfile from inputDave Reisner
This isn't super interesting for the autotools side, but it's necessary in order to make things sane for other build systems which we might introduce in the future.
2018-10-21Port scripts to use libmakepkg's messaging code.Eli Schwartz
Remove all remnants of library/{output_format,term_colors}.sh Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21message.sh: add modifications from output_format.shEli Schwartz
In the spirit of making libmakepkg more useful as a library, and, critically, *using* that library for additional pacman scripts, we should include all of output_format.sh and term_colors.sh directly in libmakepkg and hopefully stop having to embed additional copies in e.g. repo-add via m4 macros. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21makepkg: send messages to stdout rather than stderrEli Schwartz
This behavior is confusing, since it means absolutely everything goes to stderr and makepkg itself is a quiet program that produces no expected output??? The only situation where messages should go to stderr rather than stdout, is with --geninteg which is meant to return the checksums on stdout (but we don't want to totally get rid of status messages when redirecting the results elsewhere, or, worse, redirect status messages to a PKGBUILD). For this specific case, redirect message output to stderr in the --geninteg callers directly. Implements FS#17173 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21makepkg: use builtin globbing to print files in packageEli Schwartz
- it comes with free collation when moving the LC_ALL declaration up a bit; this fixes a bug where the .FILES were not being properly sorted and their order depended on directory creation order, which broke reproducible builds in the wild. - it handles sorting null-delimited output everywhere, without sort -z; this lets us get rid of sed hacks - it is faster than invoking multiple find subprocesses - dotfiles can be automatically printed *and the C locale sorts them first* with a single ** glob Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21makepkg: use bash 4.4 to localize `set` without explicitly saving/restoringEli Schwartz
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21bash-completion: disable completions for pacman --search operationsEli Schwartz
We don't need exact package name completions for something that expects a regular expression *search*, which is what we currently do. If you want a package name completion for a search, you don't need the search. This change is consistent with the current state of zsh completions. Fixes FS#59965 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21bash-completion: don't complete filenames when they're not wantedEli Schwartz
Filename completion should only be generated for makepkg, when using the options -p or --config... which means we should offer option completions by default. Filename completion for pacman, should not be generated when using -Qu, or -F without -o. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21handle EINTR while polling scripts/hooksAndrew Gregory
If poll() is interrupted by a signal, alpm was closing the socket it uses for listening to script/hook output. This would drop script output at the least and kill the script at the worst. Fixes FS#60396 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21reset signal handlers before running scripts/hooksAndrew Gregory
Front-ends or libraries may set signals to be ignored, which gets inherited across fork and exec. This can cause scripts to malfunction if they expect the signal. To make matters worse, scripts written in bash can't reset signals that were ignored when bash was started. Fixes FS#56756 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21libmakepkg: fix linting arrays of empty stringsmorganamilo
[[ ${array[@]} ]] will resolve to false if array only contains empty strings. This means that values such as "depends=('')" can be inserted into a pkgbuild and bypass the linting. This causes makepkg to successfully build the package while pacman refuses to install it because of the unmet dependency on ''. Instead check the length of the array. Signed-off-by: morganamilo <morganamilo@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-20Drop vestiges of SIZECMDDave Reisner
SIZECMD was replaced in 1af766987f with a POSIX solution, and this token is no longer used/needed.
2018-10-20libalpm: process needed before group selectionmorganamilo
When --needed is used, up to date packages are now filtered out before showing the group select. Fixes FS#22870. Signed-off-by: morganamilo <morganamilo@gmail.com>
2018-10-20pacman: don't error when a group exists but all packages are ignoredmorganamilo
Currently when attempting to sync a group where all packages are ignored, either by ignorepkg, ignoregroup or --needed, pacman will error with "target not found". Instead, if a group has no packages check if the group exists before throwing an error. Signed-off-by: morganamilo <morganamilo@gmail.com>
2018-10-18Port pactest to python3Dave Reisner
Use BytesIO instead of StringIO, and ensure that we unicode-encode data where needed.
2018-10-17alpm: Fix SIGINT handling re: aborting downloadOlivier Brunel
Upon receiving SIGINT a flag is set to abort the (curl) download. However, since it was never reset/initialized, if a front-end doesn't actually exit on SIGINT, and later tries any operation that needs to perform a new download, said download would always get aborted right away due to the flag not having been reset.
2018-10-17alpm: Do not raise SIGINT when filesize goes over limitOlivier Brunel
Variable dload_interrupted is used both to abort a download because SIGINT was caught, and when a file limit is reached. But raising SIGINT is only meant to happen in the first case. Signed-off-by: Olivier Brunel <jjk@jjacky.com>
2018-09-19repo-add: add support for the zst formatEli Schwartz
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19makepkg: add support for the zst formatEli Schwartz
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19makepkg: lint_pkgver: Run even if PKGVERFUNCLuke Shumaker
lint_pkgver returns 0 if PKGVERFUNC, since it's likely that update_pkgver() will change the value of pkgver anyway, and there's no point in linting the old value. update_pkgver() will call check_pkgver() itself to validate the new value. However, that "optimization" only holds if we're definitely going to call update_pkgver() later; and that's way more complicated than if (( PKGVERFUNC )); then it's more like: if (( !GENINTEG && !PACKAGELIST && !PRINTSRCINFO && !SOURCEONLY && !REPKG && PKGVERFUNC )); then Which is to say: If I have a PKGBUILD with pkgver(): * if I run `makepkg -g` I expect it to lint pkgver, but it won't * if I run `makepkg -R` I expect it to lint pkgver, but it won't * ... So let's fix that. Rather than try to keep a huge list of conditions in sync with the flow of makepkg.sh.in, let's just drop it. As far as I can tell, the only thing that skipping lint_pkgver() really enables is letting the PKGBUILD author write `pkgver=` in the initial version, and letting pkgver() fill it in. They can just start writing `pkgver=0` for that workflow. Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19User-visible log when validity check fails due to accessDavid Phillips
Currently, if checking the validity of packages fails due to an access error on one or more packages, the user must sift through debug output in order to find the culprit package(s). This patch adds a call to _alpm_log in such a case to make the culprits more easily visible. Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19Change if-else chain to switchDavid Phillips
Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19makepkg: reject PKGBUILDs with both split and non-split package functionsEli Schwartz
We accept package_foo() in non-split packages, because it's easier to switch to/from a split package just by removing a pkgname element. But it makes no sense to have both in one PKGBUILD. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19Show group status during file searchmorganamilo
When doing "pacman -Fs", show the "(groupname)" message just like "pacman -Ss". And refactor group printing to its own function. Signed-off-by: morganamilo <morganamilo@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19libmakepkg/lint_config: fix lint_variable actually running the PKGBUILD lintEli Schwartz
Due to a copy-paste error when initially implementing this, it actually uses a duplicate function name, usually resulting in lint_pkgbuild overwriting the function definition. Then the PKGBUILD lint gets run twice, one time before the PKGBUILD is even sourced -- to potentially surprising results, like erroring out on a pre-existing shell definition that doesn't match our expectations. Seen in the wild with lint_config triggering an error for 'declare -x arch="foo"' Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19pacman: check versioned optdepends in -Qi operationEli Schwartz
Fixes FS#60106 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19doc: Remove double spacesRikard Falkeborn
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19scripts: deduplicate localized copyright messagesEli Schwartz
We don't need to translate the "Copyright YEAR AUTHOR" part, no part of it should probably be translated and it definitely shouldn't turn every single license terms notice into a separate translation just because the author/year is different. Fixes FS#58452 Also consistently add a blank line after the copyright and before the license terms. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-18Revert "makepkg: add whirlpool to the list of hashing algorithms"Eli Schwartz
This reverts commit 9cdfd18739cc4b0e2b2efeb9a92a3ea612c8505f. We've never documented whirlpoolsums support in the manpage and no one really seems to have realized we support it, let alone use it -- except for a few parabola packages, being the contributor's motivation for adding support. The problem is that for two years the code has been broken. In commit 577701250d645d1fc1a505cde34aedbeb3208ea5 we moved to coreutils to provide checksum commands, rather than openssl, but there is no whirlpoolsums binary. Properly fixing this would require re-adding a dependency on openssl, independent of the libalpm crypto backend -- which defeats the purpose of moving to coreutils in the general case. nettle-hash does not provide a whirlpool algorithm any more than it does base64 (the original reason for moving to coreutils). Therefore, we should just drop support for this again. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-18pacman-conf: add missing DisableDownloadTimeoutmorganamilo
Signed-off-by: morganamilo <morganamilo@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-29makepkg: don't print status for run_function when in a subshellEli Schwartz
It's most likely a case where output is being captured, so we shouldn't be interleaving status messages with function output regardless. Setting the pkgver() status message (the one time we use it in a subshell) separately also makes it safe to change whether message.sh functions write to stdout or stderr. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-29makepkg: fix pkgver() function not aborting on errorsEli Schwartz
`run_function_safe pkgver` is evaluated in a subshell and therefore does not abort when it should. Explicitly check the return outside of the subshell and abort if necessary. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-29makepkg: don't save the same shopts twiceEli Schwartz
Both run_function and run_function_safe will save and restore `shopt -p` but the former is only called from the latter. It makes sense to save this as part of a "safe" runner, so let's just do it in one place, there where we save and restore everything else too. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-29Show install status during file searchmorganamilo
When doing "pacman -Fs", show the "[installed: version]" message just like "pacman -Ss". Signed-off-by: morganamilo <morganamilo@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-29pacman/conf: Remove unused includeDave Reisner
Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-29doc: use more implicit rules to build manpagesDave Reisner
Use implicit dependency rules to translate asciidoc inputs to HTML and manpage outputs. We should only have to declare explicit dependencies for odd cases, e.g. the PKGBUILD documentation has an additional include file and isn't a 1:1 conversion. Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-29Remove unused checks for strcoll and mktimeDave Reisner
We don't use these. Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-29common/ini: Depend on util-common, not utilDave Reisner
Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10scripts: pass on options such as set -x to child processesEli Schwartz
When re-running makepkg for fakeroot, if `bash -x makepkg` was used this is lost. Fix by encoding the current set of options explicitly in the invocation, both for makepkg and for the wrapper used to test scripts inside the source tree. Also change to use ${BASH_SOURCE[0]} instead of $0 as the latter can be anything the parent process wants, while the former is explicitly set by bash itself to the filepath of the script. See http://mywiki.wooledge.org/BashFAQ/028 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10Remove the last traces of the pacman --force optionAllan McRae
Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10scripts: Remove trailing semicolonsJan Alexander Steffens (heftig)
Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10libmakepkg/util/option: Refactor checking to reduce code duplicationJan Alexander Steffens (heftig)
Pull out the expected=y/n check into a separate function and make use of the fact we can just prepend the fallback arrays to get the same result. Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10libmakepkg/util: use parameter transformation when checking variable typeEli Schwartz
Now that we require bash 4.4 this is "more correct" than analyzing the output of declare -p to see if it compares favorably with -a. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10configure: bump the minimum version of bash to 4.4Eli Schwartz
This is required in order to use declare -g and ${var@a} Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10makepkg: when signing packages, report package filename on failureEli Schwartz
In commit c6b04c04653ba9933fe978829148312e412a9ea7 the signing function was moved out of fakeroot, and thus out of the create_package loop. This meant that if package signing failed, it was no longer possible to tell which package it failed on by checking which package creation is currently running. Successful signing attempts do not have this problem as we already printed the name of the signature file. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10libalpm/dload.c: add case for CURLE_COULDNT_RESOLVE_HOSTMichael Straube
Add a case for curl error 'Could not resolve host'. An attempt to fix FS#48285. Signed-off-by: Michael Straube <straubem@gmx.de> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10libalpm: ignore .hook suffix when sorting hooksJouke Witteveen
It is desirable to have 'a-post.hook' ordered after 'a.hook'. For this, it is needed to ignore the suffix when sorting. Signed-off-by: Allan McRae <allan@archlinux.org>