Age | Commit message (Collapse) | Author | Files | Lines |
|
If it's not listed by --list-secret-key we don't care if it has been
imported into your keyring, it's unusable. And you might not have a
private key at all in the no-keyid-specified case.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 02ae97b0da220d9079c6c2c1ac3e3ab0d12c1ac7)
|
|
We pass this to gpg -u and this gpg option can accept a number of
different formats, not just the historical hexadecimal fingerprint we
assumed. We should not barf hard if a format is used which happens to
contain spaces.
This also fixes a validation bug. When we initially check if the desired
key is available, we don't quote spaces, so gpg goes ahead and treats
each space-separated string as a *different key* to search for,
returning partial matches, and returning success if at least one key is
found. But gpg --detach-sign -u will certainly not accept multiple keys!
Fixes FS#66949
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 899d39b635d46f9e2daff1aada75ea07f08fef64)
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit e76ec94083235ddc5510ab57b7c2bc12a1d34e8a)
|
|
make update-copyright OLD=2018 NEW=2019
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Commit 7afe51171 attempted to add zstd compression support to repo-add,
but failed...
FS#64213
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Implements FS#17752
Signed-off-by: Luca Bertozzi <ekarndam@autistici.org>
|
|
The right-hand side of the [[ ... = ... ]] keyword is an exception to
the general rule that quoting is unnecessary with [[
This is usually not a problem, e.g. in libmakepkg, lint_one_pkgname will
already fail if pkgname has an asterisk, but it certainly doesn't hurt
to be "more proper" and go with the spec; it is more dangerous in
repo-add, which can get caught in an infinite loop instead of safely
asserting there is no package named 'foo*'.
Reported-by: Rafael Ascensão <rafa.almas@gmail.com>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Our sed parser for xdelta3 headers will greedily match on ":" which
coincidentally is also the character we use to define a version with an
epoch.
While we are at it, simply use sed for the whole pipeline, rather than
using both grep and sed.
Fixes FS#61195
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We have code in order to remove deltas when removing a package, but it
is never run, since we try to remove the wrong file.
This was broken in commit cb0f2bd0385f447e045e2b2aab9ffa55df3c2d8a which
modified the internal layout we use to modify the db, changing "tree" to
"db", but did not update all locations where it was used.
This worked swimmingly well as long as only repo-add updates were
handling the backup and restore of the delta file, as the delta file
therefore got backed up to the correct location (db) in the shared
db_remove_entry() function.
But later on in the repo-remove logic, we tried removing a different
file that will never exist (tree).
Fixes FS#53041
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Currently this prints the following message:
==> Extracting database to a temporary location...
==> Extracting database to a temporary location...
This redundancy is potentially confusing and may cause people to think
something is wrong. Historically, this message came from a time when we
only extracted one database, but repo-add was changed to always create
the files database in commit cb0f2bd0385f447e045e2b2aab9ffa55df3c2d8a
and whole code block with message intact was moved into a for loop and
run (and printed) twice.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Remove all remnants of library/{output_format,term_colors}.sh
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We don't need to translate the "Copyright YEAR AUTHOR" part, no part of
it should probably be translated and it definitely shouldn't turn every
single license terms notice into a separate translation just because the
author/year is different.
Fixes FS#58452
Also consistently add a blank line after the copyright and before the
license terms.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Many of these are pointless (e.g. there is no need to explicitly turn on
spellchecking and language dictionaries for the manpages by default).
The only useful modelines are the ones enforcing the project coding
standards for indentation style (and "maybe" filetype/syntax, but
everything except the asciidoc manpages and makepkg.conf is already
autodetected), and indent style can be applied more easily with
.editorconfig
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit cb0f2bd0385f447e045e2b2aab9ffa55df3c2d8a the changes from
commit 81d233b79345d05d5bf17a4b2844085e14f9ee36 seem to have been
inadvertently backed out.
Right now the current check doesn't do anything, since "fail" is always
nothing and therefore successful.
Fixes FS#58505
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
make update-copyright OLD=2017 NEW=201
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Now uses wc -c $file | cut -d' ' -f1, which works using only POSIX
commands and removes the need for any platform-specific usages.
Signed-off-by: Drew DeVault <sir@cmpwn.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If pacman is build against a crypto library other than openssl, it makes no
sense to require makepkg to use it.
The only currently considered alternative to openssl is nettle, which has no
binary for base64 encode/decode. This means that we could replace the hashing
cacluations with nettle-hash, but would require base64 from coreutils.
Given makepkg already relies heavily on coreutils, we might as well use all
the coreutils hashing binaries too.
This patch also improves the checking of required binaries for hashing
operations.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Fixes FS#50285
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Fixes FS#48085.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
make update-copyright OLD=2015 NEW=2016
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Makes all use of ellipses consistent...
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Pacman cannot handle armored signatures, so make repo-add error out if
one is detected.
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Pacman cannot handle armored signatures, so use gpg's --no-armor flag to
force an unarmored signature.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
There is little point in these two files being separated as the whole sync db
is parsed at once.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Both the "db" and "files" databases are created in one call to repo-add.
Only the "foo.db.tar.xz" name is passed to repo-add.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The information needed to create a delta entry and remove the old package from
the filesystem are the same.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The check for xdelta3 was done as needed (and not in all cases). Do this
check early so that repo-add does not abort part way through.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It is not hard to think of situations where the repo database should not
be updated unless the whole operation succeeds. Error out before a partial
database update occurs.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This allows use to remove a package with the name "foo.delta" from the
repos.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Ensures the backed update database and its signature are always consistent.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Move the PGP key checking into the check_gpg function. This also results in
error messages being in colour.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The -R/--remove option left the old package in place when delta packages
were to be generated. It was also removed before we ensure the generation
of the entry for the new package was generated without error.
Remove the old package at the end of database entry and delta generation. Also
improve the help message to clarify it is the old package that is removed.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
|
|
Forcing vim users to view files with a tabstop of 2 seems really
unnecessary when noet is set. I find it much easier to read code with
ts=4 and I dislike having to override the modeline by hand.
Command run:
find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} +
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When maintaining a custom repo, often it is undesirable to retain older
versions of packages. This patch adds the --remove option to remove the
current package file and it's signature from disk before adding the new
one to the database. Documentation is also updated. This is an optional
flag and default behaviour (leaving ondisk files alone) is not changed.
Signed-off-by: Phillip Smith <fukawi2@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Also adjust translations.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Packages are already in the pkg db were given a warning, and then
readded anyway. With -n specified, the warning is printed, but skips
readding it.
Signed-off-by: Danny George <dangets@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|