[dpkg] 05/08: Dpkg::Source::Package::V1: Explicitly initialize constructor options

Tue, 07 Jul 2020 21:10:50 -0700 

This is an automated email from the git hooks/post-receive script.

guillem pushed a commit to branch master
in repository dpkg.

View the commit online:
https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=b29b48c499f766a7920d82b9170157d86734dbcc

commit b29b48c499f766a7920d82b9170157d86734dbcc
Author: Guillem Jover <[email protected]>
AuthorDate: Wed Jul 8 05:10:06 2020 +0200

    Dpkg::Source::Package::V1: Explicitly initialize constructor options
    
    Some of the options had not been explicitly initialized to their
    implicit default value, which broke when the code to verify signatures
    got refactored into Dpkg::OpenPGP::verify_signature() with a default
    for require_valid_signature of 1.
    
    This is required here too as this class does not call the initialization
    from its parent. This is error prone, and will be refactored in the
    future to make use of a common setup in the parent.
---
 debian/changelog                  | 5 +++++
 scripts/Dpkg/Source/Package/V1.pm | 4 ++++
 2 files changed, 9 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 16e9a52c0..640103db0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,11 @@ dpkg (1.20.5) UNRELEASED; urgency=medium
     apparently fixed the issue at hand because gcc started parsing it as
     the «[SUFFIX]:» case, completely disabling the PIE handling.
     Thanks to Thorsten Glaser <[email protected]>.
+  * Perl modules:
+    - Dpkg::Source::Package::V1: Explicitly initialize constructor options to
+      their implicit values, otherwise other code end up assuming different
+      defaults. This is required here too as this class does not call the
+      initialization from its parent.
   * Build system:
     - Detect the GNU program variants for make, patch and tar in the CPAN
       distribution to replace in the Dpkg module.
diff --git a/scripts/Dpkg/Source/Package/V1.pm 
b/scripts/Dpkg/Source/Package/V1.pm
index 33cffc20b..ac8af8cc9 100644
--- a/scripts/Dpkg/Source/Package/V1.pm
+++ b/scripts/Dpkg/Source/Package/V1.pm
@@ -63,6 +63,10 @@ sub init_options {
     $self->{options}{ignore_bad_version} //= 0;
     $self->{options}{abort_on_upstream_changes} //= 0;
 
+    # Set default validation checks.
+    $self->{options}{require_valid_signature} //= 0;
+    $self->{options}{require_strong_checksums} //= 0;
+
     # V1.0 only supports gzip compression.
     $self->{options}{compression} //= 'gzip';
     $self->{options}{comp_level} //= compression_get_property('gzip', 
'default_level');

-- 
Dpkg.Org's dpkg

Reply via email to