summaryrefslogtreecommitdiffstats
path: root/scripts
AgeCommit message (Collapse)AuthorFilesLines
2014-11-09makepkg: introduce .SRCINFO files for source packagesDave Reisner1-1/+98
Similar to .PKGINFO, .SRCINFO provides structured metadata from the PKGBUILD to be included with source packages. The format is structured such that it contains a "pkgbase" and one to many "pkgname" sections. Each "pkgname" section represents an "output package", and inherits all of the attributes of the "pkgbase" section, and then can define their own additive fields. For example, a simple PKGBUILD: pkgbase=ponies pkgname=('applejack' 'pinkiepie') pkgver=1.2.3 pkgrel=1 arch=('x86_64' 'i686') depends=('friendship' 'magic') build() { ...; } package_applejack() { provides=('courage') ...; } package_pinkiepie() { provides=('laughter') ...; } Would yield the following .SRCINFO file: pkgbase = ponies pkgdesc = friendship is magic pkgver = 1.2.3 pkgrel = 1 arch = x86_64 arch = i686 depends = friendship depends = magic pkgname = applejack provides = courage pkgname = pinkiepie provides = laughter The code to generate this new file is taken a project which I've been incubating[0] under the guise of 'mkaurball', which creates .AURINFO files for the AUR. AURINFO is the exactly same file as .SRCINFO, but named as such to make it clear that this is specific to the AUR. Because we're parsing shell in the packaging functions rather than executing it, there *are* some limitations, but these only really crop up in more "exotic" PKGBUILDs. Smoketesting[1] for accuracy in the Arch repos yields 100% accuracy for [core] and [extra]. [community] clocks in at ~98% accuracy (.3% difference per PKGBUILD), largely due to silly haskell packages calling pacman from inside the PKGBUILD to determine dependencies. [multilib] currently shows about 92% accuracy -- a statistic which can be largely improved by utilizing the recently merged arch-specific attribute work. This is also a smaller repo so the numbers are somewhat inflated. In reality, this is only a .8% variance per PKGBUILD. Together, we can make PKGBUILD better. [0] https://github.com/falconindy/pkgbuild-introspection [1] https://github.com/falconindy/pkgbuild-introspection/blob/master/test/smoketest Signed-off-by: Allan McRae <allan@archlinux.org>
2014-11-09makepkg: simplify epoch handlingDave Reisner1-3/+1
We can avoid setting a default value for epoch since we intend to mean unset and "0" as the same thing. This is also a more consistent default as the display of epoch=0 is no epoch at all in the full package version. The extra paranoia in get_full_version can be removed due to lint_epoch guarding against non-integer values of epoch. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-11-09makepkg: ignore empty global attributes in extractionDave Reisner1-1/+1
This bug isn't currently exposed by any of the existing codepaths, but an upcoming patch to introduce SRCINFO files to makepkg will expose this. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-11-04pacman-db-upgrade: fix --config option typoAndrew Gregory1-1/+1
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-10-19makepkg: always look for sources in source=()Dave Reisner1-3/+3
This regression snuck in during some reviewing of 963f7fe02fcb14 (arch-specific sources). We must always check the source=() array for sources. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-10-13makepkg: reorder args to pkgbuild_get_attribute for consistencyDave Reisner1-5/+5
In all other cases, this code gets the outvalue from the final parameter. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-10-13makepkg: simplify attr matching in extract_function_varDave Reisner1-3/+3
Interesting attributes created with 'local' or 'declare' won't be surfaced in .PKGINFO, so we shouldn't try to look for them. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-10-13makepkg: show full fingerprint on pgp failureDave Reisner1-2/+2
Rather than implementing suffix matching, which might clash, let's just print the full fingerprint of the err'ing key so that the user can copy/paste it into validpgpkeys. Also, make it clear in the manpage that validpgpkeys needs full fingerprints, and nothing else. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-10-13Revert "makepkg: allow less than the full fingerprint in validpgpkeys"Dave Reisner1-20/+1
This reverts commit 50296576d006d433fbfd4a6c57d5f95a942f7833. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-10-06pacman-db-upgrade: do not mangle file listsAndrew Gregory1-7/+22
grep'ing out blank lines and sorting output thoroughly breaks any file lists with %BACKUP% entries which must be separated from the file list by a blank line. Adds a custom function to ensure that all paths printed are non-empty and unique. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-30makepkg: allow less than the full fingerprint in validpgpkeysDave Reisner1-1/+20
I found this feature confusing, and the documentation wasn't any help. It was pointed out to me on IRC that validpgpkeys expects full fingerprints, and won't accept shorter forms. This makes the documentation insufficient, and the variable name itself misleading. This patch bolsters the documentation to explain more about what the contents should be, and implements suffix matching to allow matching on shorters fingerprint suffices. Now, when makepkg tells you that a key ID isn't valid, it's sufficient to manually check the key ID against the known good ID, and add it as is to validpgpkeys. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-30makepkg: move negation in inequality comparisonsDave Reisner1-5/+5
This commit changes the few remaining instances of: [[ ! $foo = "$bar" ]] to the more common: [[ $foo != "$bar" ]] Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-30makepkg: abort if we can't add install/changelog to packageDave Reisner1-1/+4
2014-09-30PKGBUILD: add support for arch-specific sourcesDave Reisner1-35/+147
This implements support for declarations such as: arch=('i686' 'x86_64') ... source=("somescript.sh") source_i686=("http://evilmonster.com/i686/ponies-9001-1.i686.bin") source_x86_64=("http://evilmonster.com/i686/ponies-9001-1.x86_64.bin") md5sums=('d41d8cd98f00b204e9800998ecf8427e') md5sums_i686=('e4ca381035a34b7a852184cc0dd89baa') md5sums_x86_64=('4019740e6998f30a3c534bac6a83f582') Just the same as the "untagged" sources, multiple integrity algorithms are supported. The manpage is updated to reflect support for these suffices. This commit also refactors download_sources slightly: 1) to use the otherwise preferred convention of lowercase local variable names, and to make the handling of $1 more clear. 2) rename the "fast" parameter to "novcs", to make it more clear what this token does. 3) add a new possible token "allarch" to ensure that download_sources will fetch all sources, for all architectures.
2014-09-30makepkg: break out checksum generation to its own functionDave Reisner1-32/+41
This also fixes a "bug" in which a PKGBUILD without any source array would generate "md5sums=()". While not technically wrong, we can easily do better and emit nothing at all.
2014-09-30makepkg: break out check_checksums to reasonably sized functionsDave Reisner1-41/+54
2014-09-23makepkg: disallow values of 'arch' which might be problematicDave Reisner1-3/+11
We rely on values in the arch array to be valid as part of variable names, so extend the arch lint check to catch this. This also cleans up lint_arch to restrict the use of "lint" only to the package-specific architecture checks. It previously had an odd declaration with a conditional expansion that would never be true.
2014-09-23makepkg: let --source imply --ignorearchDave Reisner1-4/+10
Since source package creation is architecture independent, we should ignore architecture-dependent behaviors such as the lint check which will halt execution when the host machine is not a supported arch. https://github.com/falconindy/pkgbuild-introspection/issues/15
2014-09-23makepkg: use correct terminologyDave Reisner1-1/+1
unix has no "folders".
2014-09-23replace --reference on chmod/chown commandsWolfgang Bumiller2-2/+4
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-23Extend database upgrade script to handle alpm db version 9Andrew Gregory1-10/+86
Original-work-by: Allan McRae <allan@archlinux.org> Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-16pacman-db-upgrade: use pacman-style optionsAndrew Gregory2-21/+53
* convert dbpath from argument to option * add --config and --root options * read dbpath and root from config file * if root is set but not dbpath, dbpath is set relative to root Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-15makepkg: do not eval dlcmdlolilolicon1-11/+10
This eval enables the following in a PKGBUILD to "just work": source=('$pkgname-$pkgver.tar.gz'::'https://host/$pkgver.tar.gz') This has at least two problems: - It violated the principle of least surprise. - It could be a security issue since URLs are arbitrary input. Instead, expand the dlagent command line into an array, replace the %o, %u place holders, and run the resultant command line as is. Embedded spaces in the DLAGENTS entry can be escaped with a backslash. Fixes FS#41682 Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-15makepkg: Allow using sources with :: in themWilliam Giokas1-3/+3
Git has the ability to use helper applications for interfacing with hg, and from what we had before, the following url:: foo::git+hg::http://foo.bar/foobar would get converted to something along the lines of: filename: foo URL: http://foo.bar/foobar and the 'git+hg' part would essentially be ignored when it's getting set up in the 'get_protocol' and 'get_downloadclient' functions. With this patch it is possible to have a source link with '::' in it, however it is not possible to have a filename with '::', which is the current behavior. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-09pacman-key: stricter parsing for -verifyAllan McRae1-1/+1
Prevents trust being spoofed by using TRUST_FULLY in the signatory's name or in an added notation. Fixes FS#41147. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-08makepkg: replace bare eval with var extraction functionsDave Reisner1-6/+12
2014-08-08PKGBUILD: handle arch specific attributesDave Reisner1-3/+45
This introduces support for architecture-specific conflicts, depends, optdepends, makedepends, replaces, and conflicts by appending "_$CARCH" to the array name. For example, in the global section: arch=('i686' 'x86_64') depends=('foo') depends_x86_64=('bar') This will generate depends of 'foo' and 'bar' on x86_64, but only 'foo' on i686. Moreover, this is supported in the package functions with the same heuristics as the generic names, e.g. ... arch=('i686' 'x86_64') depends=('foo') ... package_somepkg() { depends_x86_64=('bar') ... } Again, will cause x86_64 to have depends of 'foo' and 'bar', but only 'foo' for i686.
2014-08-08makepkg: refactor check_sanity, give it some sanity of its ownDave Reisner1-107/+299
Break apart each of the blocks into their own separate functions. And, instead of the hand crafted eval statements, reuse the logic from pkgbuild-introspection[0] to abstract away the complexities of parsing bash. This commit fixes at least 3 bugs in check_sanity: 1) The wrong variable is shown for the error which would be thrown when, e.g. pkgname=('foopkg' 'bar^pkg') 2) The "arch" variable is not sanity checked when the PKGBUILD has an arch override, but only one output package. 3) https://bugs.archlinux.org/task/40361 Lastly, there's some string changes here which should help to clarify a few errors emitted in the linting process. [0] https://github.com/falconindy/pkgbuild-introspection
2014-08-08makepkg: disallow pkgver/pkgrel/epoch overrides in packagesDave Reisner1-33/+12
This is a confusing feature, and no one uses it.
2014-08-04makepkg: skip dependency checking with --verifysourceAllan McRae1-2/+2
Dependencies are now handled with --nobuild unless specificially skipped. Using --verifysource will skip dependency checks unless --syncdeps is specified. Fixes FS#35057 and FS#36999. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-04makepkg: ensure vcs download tool are installed when requiredAllan McRae1-0/+70
Add an array VCSCLIENTS to makepkg.conf that matches vcs source protocols to the package containing the software needed for handling the source. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-03makepkg: improve check and error message for buildfile locationDave Reisner1-2/+2
The documentation very clearly states that the buildfile has to be in $PWD, but the error thrown by makepkg reference some mysterious "build directory". Simplify this check so that we more directly check that the file being referred to is in fact in our $PWD. Revise the error message when the check fails to more plainly point out the problem. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-03makepkg: Respect XDG_CONFIG_HOMEJohannes Löthberg1-2/+7
Add support for following the XDG Base Directory Specification when reading the user-specific configuration file. If no $XDG_CONFIG_HOME/pacman/makepkg.conf file exists we fall back to sourcing $HOME/.makepkg.conf Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> [Allan] Note XDG_CONFIG_HOME takes priority. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-06-29makepkg: handle "epoch=" in PKGBUILD with pkgver functionAllan McRae1-6/+7
After resourcing the PKGBUILD in update_pkgver(), set the epoch to 0 if it is empty. Also adjust the get_full_version function to be more robust if epoch somehow still is empty. Fixes FS#41022. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-06-12Use C locale for bsdtar calls during package creationAllan McRae1-3/+3
This ensures packages build on a UTF-8 locale system with non-ASCII character names can be installed on non-UTF-8 systems. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-06-10makepkg: Remove redundant sig generation commentJohannes Löthberg1-1/+1
Remove the comment above the signature generation command as the command is self explanatory and no longer does what the comment says. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-25makepkg: pass "--nocolor" to pacmanAndrew DeMaria1-1/+1
FS#39982. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-25makepkg: Force buildscripts to be in startdirAllan McRae1-0/+5
We expect all source file to lie in $startdir. However, using "makepkg -p <buildscript>" can currently allows people to specify buildscripts in other directories. This results in confusion about where other sources should lie (in startdir or in the directory that the buildscript is in). Explicitly disable using -p for files in other directories to avoid this issue. Fixes FS#40293. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-23Do not check makepkg-wrapper for standard optionsAllan McRae1-0/+1
Fixes "make distcheck". Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-23makepkg: Introduce validpgpkeys arrayThomas Bächler1-5/+18
If validpgpkeys is set in the PKGBUILD, signature checking fails if the fingerprint of the key used to create the signature is not listed in the array. The key's trust value is ignored. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-23makepkg: Treat a signature from an untrusted key as an errorThomas Bächler1-12/+24
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-23makepkg: Use read to parse status file during signature verification.Thomas Bächler1-19/+74
Instead of invoking grep multiple times, parse the status file once. This refactoring also changes the behvaiour when signature verification fails due to a missing public key: It is now an error instead of a warning. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-04-21makepkg: use dash instead of underscore in /usr/lib/debug/.build-idSteven Noonan1-4/+4
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-27repo-add: declare pkgbase as localAllan McRae1-1/+1
2014-03-27Always supply base name and version info in .PKGFILE if neededAllan McRae1-8/+16
Provide pkgbase information for non-split packages with pkgbase set. Also record the version of the "base" package. This is useful for matching package files to source packages. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-27makepkg: sign source packages with --signAllan McRae1-0/+6
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-13makepkg: Reorder some entries in usage() and getoptsPierre Neidhardt1-4/+4
Signed-off-by: Pierre Neidhardt <ambrevar@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-12makepkg: enforce fakeroot usageAllan McRae1-47/+12
Packaging outside of fakeroot can result in incorrect permissions for package files. It has been years since fakeroot issues during packaging were common, so it is safe to enforce fakeroot usage. If using fakeroot is impossible for some reason, a two line wrapper script will suffice to fool makepkg. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-12makepkg: Remove --asroot optionAllan McRae1-16/+6
The days of fakeroot being error ridden are long gone, so there is no valid reason to run makepkg as root. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-12makepkg: Add a --noarchive option to inhibit archive creationPierre Neidhardt1-5/+16
1. Packagers who want to test the package() function, i.e. to check the content of the pkg/ folder. 2. Developers who want to check how the packaged version of a program looks, in other words how the pkg/ folder looks. 3. For users of systems with no port tree, makepkg can ease package creation. However the resulting archive of the whole makepkg process is often useless. For all situations, makepkg will usually be called several times. But no archive (the final package) is needed in any cases. The archive creation ends up being a waste of time and resource, especially for big applications and slow machines. Since this option aborts the process prematurely, it behaves like the -o,--nobuild option, i.e. any other option acting on later stages in the process will be automatically discarded. For --noarchive, it means that in $ makepkg --noarchive --install the '--install' option does not do anything. Signed-off-by: Pierre Neidhardt <ambrevar@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>