summaryrefslogtreecommitdiffstats
path: root/scripts/repo-add.sh.in
AgeCommit message (Collapse)AuthorFilesLines
2020-06-18makepkg/repo-add: do not accept public-only keys for signingEli Schwartz1-1/+1
If it's not listed by --list-secret-key we don't care if it has been imported into your keyring, it's unusable. And you might not have a private key at all in the no-keyid-specified case. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> (cherry picked from commit 02ae97b0da220d9079c6c2c1ac3e3ab0d12c1ac7)
2020-06-18makepkg/repo-add: handle GPGKEY with spacesEli Schwartz1-4/+4
We pass this to gpg -u and this gpg option can accept a number of different formats, not just the historical hexadecimal fingerprint we assumed. We should not barf hard if a format is used which happens to contain spaces. This also fixes a validation bug. When we initially check if the desired key is available, we don't quote spaces, so gpg goes ahead and treats each space-separated string as a *different key* to search for, returning partial matches, and returning success if at least one key is found. But gpg --detach-sign -u will certainly not accept multiple keys! Fixes FS#66949 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> (cherry picked from commit 899d39b635d46f9e2daff1aada75ea07f08fef64)
2020-06-18build-aux/update-copyright 2019 2020Allan McRae1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org> (cherry picked from commit e76ec94083235ddc5510ab57b7c2bc12a1d34e8a)
2019-10-23Update copyright yearsAllan McRae1-2/+2
make update-copyright OLD=2018 NEW=2019 Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-22Fix compression of package databases with zstdNick Cao1-6/+6
Commit 7afe51171 attempted to add zstd compression support to repo-add, but failed... FS#64213 Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-28repo-add: Add --prevent-downgrade optionekardnam1-3/+16
Implements FS#17752 Signed-off-by: Luca Bertozzi <ekarndam@autistici.org>
2019-05-08scripts: protect against unintended glob matching in [[ ]] RHSEli Schwartz1-2/+2
The right-hand side of the [[ ... = ... ]] keyword is an exception to the general rule that quoting is unnecessary with [[ This is usually not a problem, e.g. in libmakepkg, lint_one_pkgname will already fail if pkgname has an asterisk, but it certainly doesn't hurt to be "more proper" and go with the spec; it is more dangerous in repo-add, which can get caught in an infinite loop instead of safely asserting there is no package named 'foo*'. Reported-by: Rafael Ascensão <rafa.almas@gmail.com> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-03-07Remove delta support from repo-addAllan McRae1-161/+7
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-01-04repo-add: don't break if delta package sources contain epochEli Schwartz1-2/+2
Our sed parser for xdelta3 headers will greedily match on ":" which coincidentally is also the character we use to define a version with an epoch. While we are at it, simply use sed for the whole pipeline, rather than using both grep and sed. Fixes FS#61195 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-01-04repo-remove: fix removing packages with deltasEli Schwartz1-1/+1
We have code in order to remove deltas when removing a package, but it is never run, since we try to remove the wrong file. This was broken in commit cb0f2bd0385f447e045e2b2aab9ffa55df3c2d8a which modified the internal layout we use to modify the db, changing "tree" to "db", but did not update all locations where it was used. This worked swimmingly well as long as only repo-add updates were handling the backup and restore of the delta file, as the delta file therefore got backed up to the correct location (db) in the shared db_remove_entry() function. But later on in the repo-remove logic, we tried removing a different file that will never exist (tree). Fixes FS#53041 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-11-03repo-add: print the name of the database when extractingEli Schwartz1-1/+1
Currently this prints the following message: ==> Extracting database to a temporary location... ==> Extracting database to a temporary location... This redundancy is potentially confusing and may cause people to think something is wrong. Historically, this message came from a time when we only extracted one database, but repo-add was changed to always create the files database in commit cb0f2bd0385f447e045e2b2aab9ffa55df3c2d8a and whole code block with message intact was moved into a for loop and run (and printed) twice. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-10-21Port scripts to use libmakepkg's messaging code.Eli Schwartz1-3/+11
Remove all remnants of library/{output_format,term_colors}.sh Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-19repo-add: add support for the zst formatEli Schwartz1-0/+1
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-09-18scripts: deduplicate localized copyright messagesEli Schwartz1-1/+2
We don't need to translate the "Copyright YEAR AUTHOR" part, no part of it should probably be translated and it definitely shouldn't turn every single license terms notice into a separate translation just because the author/year is different. Fixes FS#58452 Also consistently add a blank line after the copyright and before the license terms. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-08-10scripts: Remove trailing semicolonsJan Alexander Steffens (heftig)1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2018-05-14Remove all modelines from the projectEli Schwartz1-1/+0
Many of these are pointless (e.g. there is no need to explicitly turn on spellchecking and language dictionaries for the manpages by default). The only useful modelines are the ones enforcing the project coding standards for indentation style (and "maybe" filetype/syntax, but everything except the asciidoc manpages and makepkg.conf is already autodetected), and indent style can be applied more easily with .editorconfig Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-05-12Fix regression that broke repo-add aborting on failuresEli Schwartz1-1/+2
In commit cb0f2bd0385f447e045e2b2aab9ffa55df3c2d8a the changes from commit 81d233b79345d05d5bf17a4b2844085e14f9ee36 seem to have been inadvertently backed out. Right now the current check doesn't do anything, since "fail" is always nothing and therefore successful. Fixes FS#58505 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-03-14Update coyrights for 2018Allan McRae1-2/+2
make update-copyright OLD=2017 NEW=201 Signed-off-by: Allan McRae <allan@archlinux.org>
2017-04-04Replace @SIZECMD@ with POSIX-compatible commandDrew DeVault1-3/+3
Now uses wc -c $file | cut -d' ' -f1, which works using only POSIX commands and removes the need for any platform-specific usages. Signed-off-by: Drew DeVault <sir@cmpwn.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04repo-add: sort file list entriesAndrew Gregory1-1/+1
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Update copyright yearsAllan McRae1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2016-10-22Use coreutils binaries for checking/generating checksumsAllan McRae1-8/+8
If pacman is build against a crypto library other than openssl, it makes no sense to require makepkg to use it. The only currently considered alternative to openssl is nettle, which has no binary for base64 encode/decode. This means that we could replace the hashing cacluations with nettle-hash, but would require base64 from coreutils. Given makepkg already relies heavily on coreutils, we might as well use all the coreutils hashing binaries too. This patch also improves the checking of required binaries for hashing operations. Signed-off-by: Allan McRae <allan@archlinux.org>
2016-09-09repo-add: fix error in directories with a space in their nameFabio Castell1-1/+1
Fixes FS#50285 Signed-off-by: Allan McRae <allan@archlinux.org>
2016-02-26repo-add: do not alter the database if only verifying signatureAllan McRae1-0/+11
Fixes FS#48085. Signed-off-by: Allan McRae <allan@archlinux.org>
2016-02-20repo-remove: fix checking for non-existent .db databaseAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2016-01-04Update copyright years for 2016Allan McRae1-2/+2
make update-copyright OLD=2015 NEW=2016 Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-19Remove space before ellipsesAllan McRae1-1/+1
Makes all use of ellipses consistent... Signed-off-by: Allan McRae <allan@archlinux.org>
2015-06-20repo-add: Reject armored signaturesJohannes Löthberg1-0/+4
Pacman cannot handle armored signatures, so make repo-add error out if one is detected. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-06-20repo-add: Generate unarmored DB signatureJohannes Löthberg1-1/+1
Pacman cannot handle armored signatures, so use gpg's --no-armor flag to force an unarmored signature. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: merge desc and depends filesAllan McRae1-7/+3
There is little point in these two files being separated as the whole sync db is parsed at once. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26Always create files databaseAllan McRae1-102/+153
Both the "db" and "files" databases are created in one call to repo-add. Only the "foo.db.tar.xz" name is passed to repo-add. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: remove duplication finding old package detailsAllan McRae1-9/+1
The information needed to create a delta entry and remove the old package from the filesystem are the same. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: check early for xdelta if it is neededAllan McRae1-4/+24
The check for xdelta3 was done as needed (and not in all cases). Do this check early so that repo-add does not abort part way through. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: only update database if entire command succeededAllan McRae1-4/+4
It is not hard to think of situations where the repo database should not be updated unless the whole operation succeeds. Error out before a partial database update occurs. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: move database creation into its own functionAllan McRae1-20/+22
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: move database rotation into its own functionAllan McRae1-30/+37
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: improve delta file detection on removalAllan McRae1-1/+1
This allows use to remove a package with the name "foo.delta" from the repos. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: only backup database signature if database was backed upAllan McRae1-6/+7
Ensures the backed update database and its signature are always consistent. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: unify checking gpg keysAllan McRae1-15/+17
Move the PGP key checking into the check_gpg function. This also results in error messages being in colour. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: clarify invalid repo extension messageAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: improve removing old packagesAllan McRae1-5/+9
The -R/--remove option left the old package in place when delta packages were to be generated. It was also removed before we ensure the generation of the entry for the new package was generated without error. Remove the old package at the end of database entry and delta generation. Also improve the help message to clarify it is the old package that is removed. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-01Update copyright notices for 2015Allan McRae1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-27repo-add: declare pkgbase as localAllan McRae1-1/+1
2014-01-28Remove ts and sw from vim modeline when noet is setFlorian Pritz1-1/+1
Forcing vim users to view files with a tabstop of 2 seems really unnecessary when noet is set. I find it much easier to read code with ts=4 and I dislike having to override the modeline by hand. Command run: find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} + Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-06Update copyright years for 2014Allan McRae1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-06-06repo-add; add option to remove existing package files from diskPhillip Smith1-0/+12
When maintaining a custom repo, often it is undesirable to retain older versions of packages. This patch adds the --remove option to remove the current package file and it's signature from disk before adding the new one to the database. Documentation is also updated. This is an optional flag and default behaviour (leaving ondisk files alone) is not changed. Signed-off-by: Phillip Smith <fukawi2@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-15repo-add: Update copyright yearAllan McRae1-2/+2
Also adjust translations. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-08scripts: Add color to repo-addWilliam Giokas1-0/+5
Signed-off-by: William Giokas <1007380@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-03Add a -n option to repo-add to only add new packagesDanny George1-0/+6
Packages are already in the pkg db were given a warning, and then readded anyway. With -n specified, the warning is printed, but skips readding it. Signed-off-by: Danny George <dangets@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2012-11-27repo-add: quote filename for consistent output styleAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>