summaryrefslogtreecommitdiffstats
path: root/scripts
AgeCommit message (Collapse)AuthorFilesLines
2019-11-01Pull latest translations from TransifexAllan McRae39-81/+107
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-30Comma failAllan McRae1-1/+1
2019-10-30makepkg: only run --clean actions if we built a packageEli Schwartz1-1/+1
Fixes issue where users were allowed to run cleanup while running --geninteg or --printsrcinfo or --packagelist, thus mixing invalid responses into stdout. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-30makepkg: do not count hard links multiple times when calculating pkg sizeEli Schwartz4-1/+44
Exclude files with hardlinks when cat'ing all the files, and do a second run to look at each file with hardlinks, keep track of the ones we've already operated on, and only cat each inode once. Then use "wc -c" to get the size of all (deduplicated) files the same way we were already doing. Original-patch-by: Ronan Pigott <rpigott@berkeley.edu> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-30makepkg: protect against unexpected whitespace in filenamesEli Schwartz4-11/+11
zipman: read -r protects against those evil manpages whose filenames contain backslash escapes, (muahahaha?) IFS= read protects against filenames with: - leading whitespace (but no one is actually stupid enough to configure their MAN_DIRS=() in makepkg.conf with such silly directories, *right*?) - trailing whitespace (but likewise, no one should be stupid enough to write an uncompressed manpage for section '1 ' or something) Also fix several other cases where we read filenames without protecting against surrounding whitespace, or without using null-delimited filenames when we could trivially do so. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-23Update copyright yearsAllan McRae87-92/+92
make update-copyright OLD=2018 NEW=2019 Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-23Remove --force from completionAllan McRae2-4/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-23Update completion for -F changesAllan McRae2-4/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-22makepkg: don't warn when PACKAGER is unsetmorganamilo1-1/+1
makepkg now complains when PACKAGER is not in the format "name <email>". Hide this warning when PACKAGER is unset but still warn if it is set to something out of format. Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-22Fix compression of package databases with zstdNick Cao1-6/+6
Commit 7afe51171 attempted to add zstd compression support to repo-add, but failed... FS#64213 Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-22Fix distribution of meson filesAllan McRae1-1/+3
Also caught the source of a man page not being distributed. Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-21Final translation updates for pacman-5.2.0Allan McRae38-125/+89
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-14Translation updatesAllan McRae39-833/+1093
Pull all translations with >75% completion. Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-09makepkg: do not save fflags when creating packagesEli Schwartz1-2/+2
Saving fflages breaks reproducible builds due to encoding information specific to the filesystem that was used to build the package. This information is not needed for packaging purposes anyway. Including fflags also means that attempting to extract a package file as root (or fakeroot) might result in angry warnings being printed to the console by bsdtar, followed by a non-zero exit code, unless the user remembers to use --no-fflags during extraction. This is unpleasant UI, even if pacman itself won't care about these. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07pacman-key: receive keys from WKD with -r/--recv-keysJonas Witschel1-8/+17
If an email address is specified, we use --locate-key to look up the key using WKD and keyserver as a fallback. If the key is specified as a key ID, this doesn't work, so we use the normal keyserver-based --recv-keys. Note that --refresh-keys still uses the keyservers exclusively for refreshing, though the situation might potentially be improved in a new version of GnuPG: https://lists.gnupg.org/pipermail/gnupg-users/2019-July/062169.html Signed-off-by: Jonas Witschel <diabonas@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07Pull and push translation changes in preparation for 5.2Allan McRae40-12741/+8135
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07makepkg: propagate E_REMOVE_BUILD_DEPSAlad Wenter1-1/+5
remove_deps is called once, at the end of clean_up() before makepkg exit. If remove_deps returns >0 (e.g. when pressing "n" in the resulting prompt), the error is caught by the ERR signal handler. This in turns sends SIGUSR1 to the process group, with resulting exit code 138. In case remove_deps fails, this patch exits makepkg with E_REMOVE_DEPS if there was no previous error (that is, EXIT_CODE equals E_OK). Otherwise, makepkg exits with EXIT_CODE. Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07makepkg: remove makedepends before installing built packageErich Eckner1-0/+3
When running `makepkg -i` it may be necessary to first remove make- and checkdepends before installing the built package - for example if they conflict each other. This is the case for wireguard-arch which makedepends and conflicts wireguard-dkms. Signed-off-by: Erich Eckner <git@eckner.net> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07makepkg: wait for process to finishAllan McRae1-1/+1
Without the -f option to wait, we might move on and try to delete the logpipe before the process is completed. Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07makepkg: Delete logpipe when exitingAustin Lund1-3/+4
The logpipe fifo can remain when exiting on a non-error condition such as recieving signals INT and USR1. This can be seen by doing either a manual CTRL-C to interrupt the build or by sending a signal such as: $ makepkg & sleep 5 ; kill -USR1 $! Remove the fifo in all cases on script exit if it still exists. Signed-off-by: Austin Lund <austin.lund@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07Support file with seccomp enabledEli Schwartz2-1/+2
Not all compression types can be detected in the seccomp sandbox, so we need to disable it. This requires either configuring makepkg to know the sandbox is available, or checking for file >= 5.38 in which the sandbox option is a no-op even when seccomp is disabled. - Requires autoconf-archive for autotools version compare macro. - meson version comparison could be made a lot simpler using meson-git. Fixes FS#58626 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07pacman-key: clean keys on import to remove unknown signaturesEli Schwartz1-0/+1
There is no good reason to bloat the keyring by importing tons of signatures we cannot use; drop any signatures that don't validate against another available key (probably the master keys). If any desired signatures get cleaned, the key can be refreshed after importing the new signing public key. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07pacman-key: make sure we actually use the Web of Trust, which GnuPG doesn't.Eli Schwartz1-0/+5
By default, the latest versions of GnuPG disable the Web of Trust and refuse to import signatures from public keyservers. This is to prevent denial of service attacks, because refusing to import signatures only if the key size is too big, is apparently too silly to consider. Either way, pacman needs the WoT. If pacman imports a key at all, it means everything failed and we are in fallback mode, trying to overcome a shortcoming in the availability of keys in the keyring package. (This commonly means the user needs to acquire a new key during the same transaction that updates archlinux-keyring.) In order for that new key to be usable, it *must* also import signatures from the Master Keys. I don't give credence to this supposed DoS, since the worst case scenario is nothing happening and needing to CTRL+C in order to exit the program. In the case of pacman, this is better than being unable to install anything at all (which is gnupg doing a much more harmful DoS to pacman), and in the already unusual case where something like --refresh-keys is being used directly instead of depending on the keyring package itself, gnupg supports WKD out of the box and will prefer that for people whose keys are marketed as being non-DOSable. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07pacman-key: when refreshing gpg.conf, don't truncate option checkingEli Schwartz1-1/+1
If an option is a two-part option, we print both (separated by IFS=' '), but when grepping to see if it already exists, we only checked the first component. This means that something like keyserver-options could only check if there were existing keyserver options of any sort, but not which ones. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07makepkg: add rust support for *FLAGS and debug-prefix-mapEli Schwartz4-6/+8
The rust language supports $RUSTFLAGS to be used automatically in all rustc invocations. Allow setting this in makepkg.conf (e.g. for optimization or debuginfo support), and teach debug+strip to pass the rustc command line argument necessary to rewrite source file paths in the debugging symbols. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-04libmakepkg: check if PACKAGER has the expected format for WKD lookupJonas Witschel1-0/+6
pacman should be able to extract an email address from PACKAGER for WKD lookup, so issue a warning if it is not of the form "Example Name <email@address.invalid>". Neither the name nor the email address must contain additional angle brackets. Signed-off-by: Jonas Witschel <diabonas@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-04libmakepkg: fix typomorganamilo1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-04autotools: distribute meson filesEli Schwartz1-0/+2
If we use make dist to create the official, signed release tarballs, those will not have meson build files by default since autotools doesn't know what they are. Also distribute all src/common/ files. We never strictly needed any of them to be distributed with autotools, because the dist tarball dereferences the symlinks (???), but only some of them were being distributed, and meson needs them to be in the right location as we only build libcommon from the primary files. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-08-12Prepare translations for next releaseAllan McRae38-20300/+20267
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-08-05makepkg: Ignore "<artificial>" source filesAustin Lund1-1/+1
An artificial symbol can be produced when requesting debugging symbols and the compiler has inlined a function. These symbols will give spurious results when listing source files for inclusion in debug packages. This will ignore these symbols and avoid an error that can be generated when creating a debug package. Signed-off-by: Austin Lund <austin.lund@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-06-26bash-completion: use POSIX character classes in regular expressionsEli Schwartz1-3/+3
bash uses POSIX extended regular expressions via regex(3), which does not guarantee support for shorthand character classes. Although glibc supports it, msys2-runtime does not. Make sure the completion script works (hopefully) everywhere by being more portable. Fixes: https://github.com/msys2/MSYS2-packages/pull/1549 Original-patch-by: plotasse <platos@protonmail.ch> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-06-25makepkg: do not exit immediately on dependency install failuresAllan McRae1-2/+2
Fixes FS#63000 Signed-off-by: Allan McRae <allan@archlinux.org>
2019-06-06makepkg: restrict pkgname and pkgver to asciiAndrew Gregory2-0/+9
pkgname and pkgver are used as directory names within database files. libarchive does not provide a reliable locale-independent method for reading archive file names, causing errors when archive paths include non-ascii characters. This is a first step toward dealing with FS#49342, by hopefully reducing the number of packages with non-ascii data in the wild before updating libalpm to reject them outright. See https://github.com/libarchive/libarchive/wiki/Filenames and https://github.com/libarchive/libarchive/issues/587 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-28makepkg: also move restore_envvars handling into libmakepkgEli Schwartz2-6/+21
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-28makepkg: move config loading into libmakepkgEli Schwartz5-31/+73
When scripting/automating around makepkg, it is sometimes desirable to know how makepkg will be configured to operate. One example is the archlinux devtools, which must forward select makepkg.conf variables into a build chroot (for example PACKAGER) or use those variables itself (for example {SRC,PKG,LOG}DEST). The configuration file can be in up to 3 places, and should be capable of being overridden via environment variables. It is sufficiently complex to represent distinct functionality, and sufficiently useful to merit easy accessibility in other scripts, therefore, let us move it into a publicly exposed utility library. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-28libmakepkg: add lint_config to validate SRCEXT/PKGEXTEli Schwartz3-0/+47
These variables must begin with .src.tar / .pkg.tar respectively, so fail early if those expectations are not matched. This prevents makepkg from creating e.g. package files literally named "./pacman-5.1.3-1-x86_64" which are actually uncompressed tarballs. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-28repo-add: Add --prevent-downgrade optionekardnam1-3/+16
Implements FS#17752 Signed-off-by: Luca Bertozzi <ekarndam@autistici.org>
2019-05-28Support application/gzip MIME type in extractionKevin Mihelich1-1/+1
file 5.37 changed the gzip MIME type from application/x-gzip to application/gzip, so support this when checking to extract source files. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-08makepkg: propagate error codes when package failed to sign correctlyEli Schwartz2-3/+7
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-08libmakepkg: install pkg-config fileEli Schwartz4-2/+19
Since makepkg exports a public library of functions, other projects may wish to use these functions. Highlights include parseopts or our messaging functions. Install a pkg-config file in order to let downstream users detect where they can source the libmakepkg functionality. This is useful e.g. to gracefully handle the case where a thirdparty project is configured and installed into a different datarootdir from pacman, but still wants to use the installed pacman's version of libmakepkg. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-08libmakepkg: fix missing or inaccurate interdependenciesEli Schwartz13-14/+14
When the executable checking was refactored into libmakepkg, it carried with it, usage of $E_* error codes, which need to be declared from error.sh but are only available when the parent program already sources error.sh; additionally, message.sh was only loaded in a parent library, but not where it was needed, and option.sh was often loaded when it wasn't needed at all. util.sh, meanwhile, has always depended on message.sh functions. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-08scripts: protect against unintended glob matching in [[ ]] RHSEli Schwartz10-11/+11
The right-hand side of the [[ ... = ... ]] keyword is an exception to the general rule that quoting is unnecessary with [[ This is usually not a problem, e.g. in libmakepkg, lint_one_pkgname will already fail if pkgname has an asterisk, but it certainly doesn't hurt to be "more proper" and go with the spec; it is more dangerous in repo-add, which can get caught in an infinite loop instead of safely asserting there is no package named 'foo*'. Reported-by: Rafael Ascensão <rafa.almas@gmail.com> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-08makepkg: use more schema.sh to clean the environment of special variablesEli Schwartz1-3/+3
Fixes "arch" and "checkdepends" never having been unset, fixes b2sums (but not ${!b2sums_@}) being recently left out. The "build" function used to be unset as well, explicitly unset it as a function and do the same for other official functions as well. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-08makepkg: fix bash 5 compatibility when packaging symlinks to a directoryEli Schwartz1-1/+2
In commit b5191ea140386dd9b73e4509ffa9a6d347c1b5fa we moved to using shell globbing to print package files for a couple of reasons including reproducible packaging of .METADATA files. Unfortunately, this only works reliably when the glob pattern does not resolve to a symlinked directory due to a change in the bash 5.0 release. Note that the previous, desired behavior was rather to merely refuse to recurse into symlinked directories, but due to an unrelated issue, the symlink handling for globstar was reworked in a way that had this side effect. See https://lists.gnu.org/archive/html/bug-bash/2019-04/msg00015.html for discussion; this may be fixed at some point, but bash 5.0 is broken either way. The appropriate way of handling this seems to be to use **/* to match instead; this produces the same results on both bash 4 and bash 5, as the ** matches any leading directory component (or none), and the * matches any file, directory, or symlink to either one. Fixes FS#62278 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-08makepkg: correctly handle hg sources with updates on a non-default branchEli Schwartz1-1/+5
The "tip" ref actually signifies the most recently updated branch. hg does not support a default branch named anything other than "default", except by creating a "@" bookmark. The correct way to explicitly update to the default clone ref, is therefore to use one of these, rather than "tip". Fixes FS#62092 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-05-08libmakepkg: fix migration to schema.sh for integsumsEli Schwartz1-1/+1
One of the callers was changed to use known_hash_algos, one was not. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-03-25bash-completion: support file redirection completionsEli Schwartz1-9/+9
The current completions don't properly handle redirection operators, and attempt to complete command completions rather than completing filenames to redirect to. bash-completion provides both _get_comp_words_by_ref and a higher-level wrapper _init_completion, but the latter provides handling of redirection operators, so switch to using that. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-03-19libmakepkg: fix reporting of invalid archive extensions in compress.shEli Schwartz1-13/+13
In commit 1825bd6716c2a51c92642e8b96beac0101e83805 this was split out from makepkg, but the warning was not properly migrated; $ext did not ever exist. As a result, no matter what you did, the only possible warning was: ==> WARNING: '' is not a valid archive extension. Fix to filter based on the presence of .tar in the argument, and building the $ext variable for all checking and messaging purposes within the function. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-03-19makepkg: use "shared" git clones when checking out sourcesEli Schwartz1-1/+1
In order to cache sources offline, makepkg creates *two* copies of every git repo. This is a useful tradeoff for network time, but comes at the cost of increased disk space. Normally, git can smooth this over automagically. Whenever possible, git objects are hardlinked to save space, but this does not work when SRCDEST and BUILDDIR are on separate filesystems. When the repo in question is both very large (linux.git for example is 2.2 GB) and crosses filesystem boundaries, this results in a lot of extra disk space being used; the most likely scenario is where BUILDDIR is a tmpfs for bonus ouch. git(1) has a builtin feature which serves this case handily: the --shared flag will create the info/alternates file instructing git to not copy or hardlink or create objects/packs at all, but merely look for them in an external location (that being the source of the clone). The downside of using shared clones, is that if you modify and drop commits from the original repo, or simply delete the whole repo altogether, you break the copy. But we don't care about that here, because 1) the BUILDDIR copy is meant to be a temporary copy strictly derived via PKGBUILD syntax from the SRCDEST, and must be able to be recreated at any time, 2) if the SRCDEST disappears, makepkg will redownload it, thus restoring the objects needed by the BUILDDIR clone, 3) if the user does non-default things like hacking on the BUILDDIR copy then deleting and re-cloning the SRCDEST may result in momentary breakage, but ultimately should be fine -- the unique objects they created will be stored in the BUILDDIR copy. While it's theoretically possible that upstream will force-push to overwrite the base tree from which makepkg is building (which they should not do), *and* the user deleted their SRCDEST which they should not do, *and* they saved work in makepkg's working directory which they should not do either... ... this is an unlikely chain of events for which we should not care. Using --shared is therefore helpful in immediately useful ways and IMHO has no actual downsides; we should use it. An alternative implementation would be to use worktrees. I've rejected this since it is essentially the same as shared clones, except adding additional restrictions on the branch namespace, and could potentially break existing use cases such as manually handling the SRCDEST in order to share repositories with normal working copies. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2019-03-19drop DU* config variablesSantiago Torres1-2/+0
Since DUFLAGS and DUPATH are not needed anymore remove them from the source Signed-off-by: Santiago Torres <santiago@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>