Warn if the '=' package dependency operator is used along with pure
version with no revision specified. This means to catch a common mistake
of developers copying '=' from upstream dependency specification while
'~' operator would be more appropriate. This causes unintended depgraph
breakage when the dependencies are revbumped e.g. due to dependency
changes, or prevents people from upgrading.

The developers are given two suggestions: either to use '~' if any
revision is acceptable, or to explicitly specify '-r0' when they really
do accept -r0 only.

Bug: https://bugs.gentoo.org/649482
 repoman/cnf/qa_data/qa_data.yaml                         | 1 +
 repoman/cnf/repository/qa_data.yaml                      | 1 +
 .../pym/repoman/modules/scan/depend/_depend_checks.py    | 9 +++++++++
 3 files changed, 11 insertions(+)

Changes in v2:
 rebased for the repoman rewrite

diff --git a/repoman/cnf/qa_data/qa_data.yaml b/repoman/cnf/qa_data/qa_data.yaml
index 32994e013..d68673708 100644
--- a/repoman/cnf/qa_data/qa_data.yaml
+++ b/repoman/cnf/qa_data/qa_data.yaml
@@ -26,6 +26,7 @@ qahelp:
         badinexp: "User-visible ebuilds with unsatisfied dependencies (matched 
against *visible* ebuilds) in experimental arch"
         badmaskedinexp: "Masked ebuilds with unsatisfied dependencies (matched 
against *all* ebuilds) in experimental arch"
         badtilde: "Uses the ~ dep operator with a non-zero revision part, 
which is useless (the revision is ignored)"
+        equalsversion: "Suspicious =-dependency with a specific version and no 
rev. Please either use ~ if any revision is acceptable, or append -r0 to 
silence the warning."
         missingslot: "RDEPEND matches more than one SLOT but does not specify 
a slot and/or use the := or :* slot operator"
         perlcore: "This ebuild directly depends on a package in perl-core; it 
should use the corresponding virtual instead."
         syntax: "Syntax error in dependency string (usually an extra/missing 
diff --git a/repoman/cnf/repository/qa_data.yaml 
index 4aa961633..2e9e16b1d 100644
--- a/repoman/cnf/repository/qa_data.yaml
+++ b/repoman/cnf/repository/qa_data.yaml
@@ -44,6 +44,7 @@ qawarnings:
     - dependency.badindev
     - dependency.badmaskedindev
     - dependency.badtilde
+    - dependency.equalsversion
     - dependency.missingslot
     - dependency.perlcore
     - DESCRIPTION.toolong
diff --git a/repoman/pym/repoman/modules/scan/depend/_depend_checks.py 
index 79fd0a0c2..690b95aa0 100644
--- a/repoman/pym/repoman/modules/scan/depend/_depend_checks.py
+++ b/repoman/pym/repoman/modules/scan/depend/_depend_checks.py
@@ -152,6 +152,15 @@ def _depend_checks(ebuild, pkg, portdb, qatracker, 
repo_metadata, qadata):
                                                qacat, "%s: %s uses the ~ 
                                                " with a non-zero revision: 
'%s'" %
                                                (ebuild.relative_path, mytype, 
+                               # plain =foo-1.2.3 without revision or *
+                               if atom.operator == "=" and '-r' not in 
+                                       qacat = 'dependency.equalsversion'
+                                       qatracker.add_error(
+                                               qacat, "%s: %s uses the = 
operator with"
+                                               " no revision: '%s'; if any 
revision is"
+                                               " acceptable, use '~' instead; 
if only -r0"
+                                               " then please append '-r0' to 
the dep" %
+                                               (ebuild.relative_path, mytype, 
                                check_missingslot(atom, mytype, ebuild.eapi, 
portdb, qatracker,
                                        ebuild.relative_path, ebuild.metadata)

Reply via email to