Prevents trust being spoofed by using TRUST_FULLY in the signatory's name
or in an added notation.
Fixes FS#41147.
Signed-off-by: Allan McRae <allan@archlinux.org>
The example for human-readable values must not contain a space between
the value and the unit; otherwise, pkgdelta will not recognize the
command options and will error out.
In prose, however, there should be a space between the value and the
unit.
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
Remove blank lines immediately following section headings.
Ensure two blank lines before the start of a new section.
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
Notable changes:
* Add double quotes around printf-like formatting options for "--print-format"
* Add a missing backslash in '--force'
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
In 5acfa65f when adding a new variable (hit_mtree), the initialization of a
variable (config) was dropped, which could lead to loading invalid package
files, i.e. files that aren't archive (no metadata loaded) would return a new
alpm_pkg_t with everything set to 0/NULL.
Depending on the operation/use of the package, this could lead to segfault.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This introduces support for architecture-specific conflicts, depends,
optdepends, makedepends, replaces, and conflicts by appending "_$CARCH"
to the array name. For example, in the global section:
arch=('i686' 'x86_64')
depends=('foo')
depends_x86_64=('bar')
This will generate depends of 'foo' and 'bar' on x86_64, but only 'foo'
on i686. Moreover, this is supported in the package functions with the
same heuristics as the generic names, e.g.
...
arch=('i686' 'x86_64')
depends=('foo')
...
package_somepkg() {
depends_x86_64=('bar')
...
}
Again, will cause x86_64 to have depends of 'foo' and 'bar', but only
'foo' for i686.
Break apart each of the blocks into their own separate functions. And,
instead of the hand crafted eval statements, reuse the logic from
pkgbuild-introspection[0] to abstract away the complexities of parsing
bash.
This commit fixes at least 3 bugs in check_sanity:
1) The wrong variable is shown for the error which would be thrown
when, e.g. pkgname=('foopkg' 'bar^pkg')
2) The "arch" variable is not sanity checked when the PKGBUILD has
an arch override, but only one output package.
3) https://bugs.archlinux.org/task/40361
Lastly, there's some string changes here which should help to clarify
a few errors emitted in the linting process.
[0] https://github.com/falconindy/pkgbuild-introspection
This makes it clear whether a transaction successfully completed and
allows log parsers to group related actions.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Incorporate memory exhaustion and end-of-stream
checks into the main loop.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Problems due to concurrent running instances of pacman can be difficult
to diagnose. Log a warning to make it more obvious that that's what
happened, that it's a bad idea, and hopefully encourage people who do
things like removing the lock file to run pacman from an install script
to at least be courteous enough to put it back when they're done.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Rather than have individual callers log failure, just
do it directly in _alpm_handle_unlock.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
CHECK_ERR checks gpg_err which is a local variable. Calling
gpg_op_import_result cannot modify it.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Ignored packages are from the transaction remove list which consists of
duplicated packages so a direct pointer comparison is not appropriate.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The actual test object is only used to run the test. Storing test cases
as strings limits the test object scope and allows it to be garbage
collected, reducing memory usage when multiple tests are run.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Only a few of our tests need file snapshots at all and most of them only
need a few files. Taking snapshots of the entire test environment for
every single test is a massive waste.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Consolidates repeated code and replaces dangerous
strdup calls with STRDUP.
Also fix a couple variables named "pkg" that
refer to file paths.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Dependencies are now handled with --nobuild unless specificially skipped.
Using --verifysource will skip dependency checks unless --syncdeps is
specified.
Fixes FS#35057 and FS#36999.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add an array VCSCLIENTS to makepkg.conf that matches vcs source protocols
to the package containing the software needed for handling the source.
Signed-off-by: Allan McRae <allan@archlinux.org>
The documentation very clearly states that the buildfile has to be in
$PWD, but the error thrown by makepkg reference some mysterious "build
directory". Simplify this check so that we more directly check that the
file being referred to is in fact in our $PWD. Revise the error message
when the check fails to more plainly point out the problem.
Signed-off-by: Allan McRae <allan@archlinux.org>
Since 017184fa, alpm_sync_sysupgrade will not add both a replacement and
a literal upgrade to the transaction.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Paths are constructed directly from package file lists and may contain
trailing slashes, causing lstat to dereference symlinks.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
This makes llstat's signature differ from lstat's, but we never actually
use it on a const string and this saves a large number of strdup's.
This also allows stripping multiple trailing slashes and corrects a bug
where calling llstat on "/" would result in calling lstat on an empty
string.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
If a directory has been replaced by a symlink, -Qk currently stats the
symlink target rather than the symlink itself and doesn't check that the
actual file type matches the package file list. This will make it
difficult to discover errors once 4.2 is released and replacing
directories with symlinks is no longer supported.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Setting up the temporary directory and environment is pointless if there
are no tests to run.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Using fakeroot or fakechroot as the command with subprocess.call
prevents the detection and reporting of a missing pacman binary. Some
tests even pass when run with a non-existent binary. Checking manually
allows us to provide a meaningful error message and prevent the false
positives.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Add support for following the XDG Base Directory Specification when
reading the user-specific configuration file.
If no $XDG_CONFIG_HOME/pacman/makepkg.conf file exists we fall back to
sourcing $HOME/.makepkg.conf
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
[Allan] Note XDG_CONFIG_HOME takes priority.
Signed-off-by: Allan McRae <allan@archlinux.org>
Prevents the need to modify paths, removing strndup as an unchecked
point of failure, and lengths only need to be calculated if the paths
match.
Also removed an old comment regarding directory/symlink compatibility.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
After resourcing the PKGBUILD in update_pkgver(), set the epoch to 0
if it is empty. Also adjust the get_full_version function to be more
robust if epoch somehow still is empty.
Fixes FS#41022.
Signed-off-by: Allan McRae <allan@archlinux.org>
gettimeofday is susceptible to backwards system time adjustments,
skewing or altogether breaking progress output. For the sake of
platforms that lack clock_gettime support, gettimeofday is retained as
a fallback.
Fixes FS#36983
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Refactoring getcols, yet again. We do the following:
1) Introduce a static global in src/pacman/util.c
2) getcols always prefers this cached value, but will derive it from
the COLUMNS environment var, the characteristics of stdout, or a sane
default (in that order).
3) Introduce a SIGWINCH signal handler to reset the cached value,
meaning we only call ioctl when we don't know the value.
On my machine, pacman -Syy goes from ~4300 ioctl calls to 3.
One of the comments for this function is out of sync with the code.
Since the code exhibits the more sane behavior of treating SIGINT and
SIGHUB the same way (by not exiting pacman when there is a commit in
flight) we adjust the comment.
Given this code flow, the if/else statements can be simplified somewhat
as well.
Signed-off-by: Silvan Jegen <s.jegen@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Much like with events, instead of using a bunch of void* arguments for
all questions, we now send one pointer to an alpm_question_t union.
This contains the type of question that was triggered.
With this information, a question-specific struct can be accessed in
order to get additional arguments.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>