(polaris) branch release/1.3.x updated: Fix executable POSIX permission in archive files (#3146) (#3151)

Mon, 24 Nov 2025 09:37:47 -0800 

This is an automated email from the ASF dual-hosted git repository.

pingtimeout pushed a commit to branch release/1.3.x
in repository https://gitbox.apache.org/repos/asf/polaris.git


The following commit(s) were added to refs/heads/release/1.3.x by this push:
     new fcc458244 Fix executable POSIX permission in archive files (#3146) 
(#3151)
fcc458244 is described below

commit fcc458244ae8056abbc177012bd888442517c86a
Author: Pierre Laporte <[email protected]>
AuthorDate: Mon Nov 24 18:36:37 2025 +0100

    Fix executable POSIX permission in archive files (#3146) (#3151)
    
    The PR #2819 accidentally _removed_ the executable POSIX file permission, 
assuming that not explicity setting the attributes via `filePermissions` 
retains the file-system 'x' permission.
    
    This change updates the logic to explicitly check the owner-executable bit 
and uses `755` or `644` respectively for each individual file in the archive.
    
    Co-authored-by: Robert Stupp <[email protected]>
---
 .../src/main/kotlin/polaris-reproducible.gradle.kts   | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/build-logic/src/main/kotlin/polaris-reproducible.gradle.kts 
b/build-logic/src/main/kotlin/polaris-reproducible.gradle.kts
index 036c482f4..6f8233f87 100644
--- a/build-logic/src/main/kotlin/polaris-reproducible.gradle.kts
+++ b/build-logic/src/main/kotlin/polaris-reproducible.gradle.kts
@@ -17,20 +17,21 @@
  * under the License.
  */
 
+import java.nio.file.Files
+import java.nio.file.attribute.PosixFilePermission
+
 // ensure jars conform to reproducible builds
 // 
(https://docs.gradle.org/current/userguide/working_with_files.html#sec:reproducible_archives)
 tasks.withType<AbstractArchiveTask>().configureEach {
   isPreserveFileTimestamps = false
   isReproducibleFileOrder = true
 
-  dirPermissions { unix("755") }
-  filePermissions {
-    // do not force the "execute" bit in case the file _is_ executable
-    user.read = true
-    user.write = true
-    group.read = true
-    group.write = false
-    other.read = true
-    other.write = false
+  eachFile {
+    permissions {
+      val isExec =
+        
Files.getPosixFilePermissions(file.toPath()).contains(PosixFilePermission.OWNER_EXECUTE)
+      unix(if (isExec) "755" else "644")
+    }
   }
+  dirPermissions { unix("755") }
 }

Reply via email to