summaryrefslogtreecommitdiffstats
path: root/scripts/libmakepkg/lint_pkgbuild/depends.sh.in
AgeCommit message (Collapse)AuthorFilesLines
2019-05-08scripts: protect against unintended glob matching in [[ ]] RHSEli Schwartz1-1/+1
The right-hand side of the [[ ... = ... ]] keyword is an exception to the general rule that quoting is unnecessary with [[ This is usually not a problem, e.g. in libmakepkg, lint_one_pkgname will already fail if pkgname has an asterisk, but it certainly doesn't hurt to be "more proper" and go with the spec; it is more dangerous in repo-add, which can get caught in an infinite loop instead of safely asserting there is no package named 'foo*'. Reported-by: Rafael Ascensão <rafa.almas@gmail.com> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-01-10makepkg: Better error messages for versions in (check, make, ↵Luke Shumaker1-7/+7
opt)depends/provides/conflicts Given the depends depends=('foo>=1.2-1.par2') and the error message ==> ERROR: pkgver in depends is not allowed to contain colons, forward slashes, hyphens or whitespace. One would be lead to believe that the problem is that they gave a pkgrel in depends at all, not that the pkgrel contains letters. Each of the (check,make,opt)depends, conflicts, and provides linters use a glob to trim off properly formed epoch an rel from the full version string, and pass the remainder to check_pkgver(). This does a good job of accepting/rejecting full versions, but doesn't do a good job of generating good error messages when rejecting if it's because of the epoch or rel. 1. Factor out check_epoch() and check_pkgrel() from lint_epoch() and lint_pkgrel(), similarly to check_pkgver(). 2. Add a check_fullpkgver() that takes a full [epoch:]ver[-rel] string and splits it in to epoch/ver/rel, and calls the appropriate check_ function on each. 3. Use check_fullpkgver() in the {,check,make,opt}depends, conflicts, and provides linters. Signed-off-by: Allan McRae <allan@archlinux.org>
2018-07-27makepkg: reduce strictness of pkgver in depends lintingEli Schwartz1-1/+2
This change was introduced to prevent entries like depends=('foo>'). However, it had the unintended side effect of causing a number of working PKGBUILDs to fail to build. This happened when a PKGBUILD defined one variable through calling a "complex" statement within the PKGBUILD's package function (e.g. a function or evaluating in a subshell), then used it to define the package metadata variable. extract_function_variable() cannot execute the package function in order to retrieve this information, so it performs a simple grep + eval instead and in the process misses the contextual awareness of running within the package function. While not catching these "issues" can result in incorrect SRCINFO, the resulting packages are fine. Stop aborting on the common case where the pkgver of a dependency is dynamically set during the package function until the large number of broken PKGBUILDs are fixed, and the restrictions of the PKGBUILD format are documented. "Fixes" FS#58776 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-05-12libmakepkg: only save the shellopts we needEli Schwartz1-2/+2
micro-optimization: We only care about temporarily enforcing extglob, so that is the only one we need to explicitly restore. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-05-12libmakepkg/lint_pkgbuild: fix regression in linting ↵Eli Schwartz1-2/+4
depends=(foo=$epoch:$pkgver-$pkgrel) In commit 91b72cc386ca03241791748da5da2b150c724ace support was added for linting depends/etc. to ensure they contain only valid dependency specifiers. However it did not properly take into account the possibility of dependencies linked to a specific pkgrel or epoch, which promptly failed to build because "-" and ":" is not allowed in a pkgver. pkgrel is something supported by pacman and useful for e.g. split packages which cannot be mismatched even if the pkgver is the same. Fix by removing an optional suffixed "-$decimal" when checking for a valid pkgver. epoch is kind of difficult to do without :D so likewise fix by removing an optional prefixed "$integer:" Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-04-29libmakepkg/lint_pkgbuild: lint depends/etc. as if they are pkgnameEli Schwartz1-0/+56
depends, provides, conflicts, replaces, and other variables that are meant to contain package names, are now checked to ensure 1) the name component contains only characters that would equate to a valid pkgname. 2) the version component contains only characters that would equate to a valid pkgver. 3) comparison operator is a valid comparison operator (e.g. provides only allows exact = while optdepends doesn't allow anything) This also refactors pkgname into a shared utility function, wires up pkgbase optdepends and provides to use it, and gives pkgver a touchup to allow referencing where it was called from. Fixes FS#57833 and a bit of extra. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>