[arch-projects] [namcap] [PATCH v2] Warn on unquoted pkgdir and srcdir
Unqouted $pkgdir and $srcdir can lead to errors if the directory name contains spaces. Not quoting these variables is a common mistake. For example, it is often seen in PKGBUILDs that are submitted for review. Add a rule that warns on unquoted $pkgdir and $srcdir. Signed-off-by: Michael Straube --- v1 -> v2 Updated my email address. Namcap/rules/__init__.py | 3 +- Namcap/rules/unquoteddirvars.py | 39 Namcap/tests/pkgbuild/test_unquoteddirvars.py | 63 +++ namcap-tags | 1 + 4 files changed, 105 insertions(+), 1 deletion(-) create mode 100644 Namcap/rules/unquoteddirvars.py create mode 100644 Namcap/tests/pkgbuild/test_unquoteddirvars.py diff --git a/Namcap/rules/__init__.py b/Namcap/rules/__init__.py index 5ca6551..bd348b4 100644 --- a/Namcap/rules/__init__.py +++ b/Namcap/rules/__init__.py @@ -67,7 +67,8 @@ from . import ( pkginfo, pkgnameindesc, sfurl, - splitpkgbuild + splitpkgbuild, + unquoteddirvars ) all_rules = {} diff --git a/Namcap/rules/unquoteddirvars.py b/Namcap/rules/unquoteddirvars.py new file mode 100644 index 000..bf303f0 --- /dev/null +++ b/Namcap/rules/unquoteddirvars.py @@ -0,0 +1,39 @@ +# +# namcap rules - unquoteddirvars +# Copyright (C) 2020 Michael Straube +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +import re +from Namcap.ruleclass import * + +class package(PkgbuildRule): + name = "unquoteddirvars" + description = "Looks for unquoted $pkgdir and $srcdir" + def analyze(self, pkginfo, pkgbuild): + needles = ['$pkgdir', '${pkgdir}', '$srcdir', '${srcdir}'] + hits = set() + for line in pkginfo.pkgbuild: + if not any(n in line for n in needles): + continue + double_quoted_strings = re.findall('"([^"]*)"', line) + for n in needles: + if line.count(n) != sum(n in s for s in double_quoted_strings): + hits.add(n) + for i in hits: + self.warnings.append(("unquoted-dirvar %s", i)) + +# vim: set ts=4 sw=4 noet: diff --git a/Namcap/tests/pkgbuild/test_unquoteddirvars.py b/Namcap/tests/pkgbuild/test_unquoteddirvars.py new file mode 100644 index 000..4525744 --- /dev/null +++ b/Namcap/tests/pkgbuild/test_unquoteddirvars.py @@ -0,0 +1,63 @@ +# +# namcap tests - unquoteddirvars +# Copyright (C) 2020 Michael Straube +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +from Namcap.tests.pkgbuild_test import PkgbuildTest +import Namcap.rules + +class NamcapUnqoutedDirVarsTest(PkgbuildTest): + pkgbuild = """ +# Maintainer: Arch Linux +# Contributor: Arch Linux + +pkgname=mypackage +pkgver=1.0 +pkgrel=1 +pkgdesc="A package" +url="http://www.example.com/; +arch=('x86_64') +depends=('glibc') +license=('GPL') +options=('!libtool') +source=(ftp://ftp.example.com/pub/mypackage-0.1.tar.gz) +md5sums=('abcdefabcdef12345678901234567890') + +build() { + cd $srcdir/$pkgname-$pkgver +} + +package() { + make install DESTDIR=$pkgdir/ + install -Dm644 ${srcdir}/LICENSE ${pkgdir}/usr/share/licenses/${pkgname} + install -Dm644 "${srcdir}/example.desktop" "$pkgdir"/usr/share/applications +} +""" + test_valid = PkgbuildTest.valid_tests + + def preSetUp(self): + self.rule = Namcap.rules.unquoteddirvars.package + + def test_example(self): + needles = ['$pkgdir', '${pkgdir}', '$srcdir', '${srcdir}'] +
[arch-projects] [namcap] [PATCH] Revert "makedepends: Replace bzr with breezy"
As Allan pointed out the change bzr -> breezy was in Arch, but not everywhere else pacman is used. Also breezy provides bzr, so it still works as it was. Signed-off-by: Michael Straube --- https://lists.archlinux.org/pipermail/pacman-dev/2020-July/024474.html Namcap/rules/makedepends.py | 2 +- Namcap/tests/pkgbuild/test_makedepends.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py index b319e7c..380a089 100644 --- a/Namcap/rules/makedepends.py +++ b/Namcap/rules/makedepends.py @@ -48,7 +48,7 @@ class VCSMakedepends(PkgbuildRule): def analyze(self, pkginfo, pkgbuild): vcs = { - 'bzr' : 'breezy', + 'bzr' : 'bzr', 'git' : 'git', 'hg' : 'mercurial', 'svn' : 'subversion', diff --git a/Namcap/tests/pkgbuild/test_makedepends.py b/Namcap/tests/pkgbuild/test_makedepends.py index 676af33..d443b2b 100644 --- a/Namcap/tests/pkgbuild/test_makedepends.py +++ b/Namcap/tests/pkgbuild/test_makedepends.py @@ -97,7 +97,7 @@ package() { def test_example1(self): # Example 1 - makedeps = ['breezy', 'git', 'mercurial', 'subversion'] + makedeps = ['bzr', 'git', 'mercurial', 'subversion'] r = self.run_on_pkg(self.pkgbuild1) self.assertEqual(r.errors, []) self.assertEqual(set(r.warnings), -- 2.28.0
[arch-projects] [namcap] [PATCH] Don't report missing-vcs-makedeps when it is in depends
Currently a PKGBUILD warning is shown when the package depends on git instead of makedepends on it. Since we also have the redundant_makedepends rule we should not write it again in makedepends. This patch checkes depends array too so this warning could be suppressed. --- Namcap/rules/makedepends.py | 2 ++ Namcap/tests/pkgbuild/test_makedepends.py | 8 2 files changed, 10 insertions(+) diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py index 53676c2..8b938a0 100644 --- a/Namcap/rules/makedepends.py +++ b/Namcap/rules/makedepends.py @@ -68,6 +68,8 @@ class VCSMakedepends(PkgbuildRule): for v in protocols: d = vcs[v] + if 'depends' in pkginfo and d in pkginfo["depends"]: + continue if 'makedepends' not in pkginfo: missing.append(d) continue diff --git a/Namcap/tests/pkgbuild/test_makedepends.py b/Namcap/tests/pkgbuild/test_makedepends.py index d443b2b..73a3ba2 100644 --- a/Namcap/tests/pkgbuild/test_makedepends.py +++ b/Namcap/tests/pkgbuild/test_makedepends.py @@ -111,4 +111,12 @@ package() { self.assertEqual(r.warnings, []) self.assertEqual(r.infos, []) + def test_example3(self): + # Example 3 + r = self.run_on_pkg(self.pkgbuild1 + 'depends=(bzr git mercurial)') Package 'bzr' was replaced with 'breezy' in commit 28fdd26b77ac. r = self.run_on_pkg(self.pkgbuild1 + 'depends=(breezy git mercurial)') + self.assertEqual(r.errors, []) + self.assertEqual(r.warnings, + [("missing-vcs-makedeps %s", 'subversion')]) + self.assertEqual(r.infos, []) + # vim: set ts=4 sw=4 noet: -- 2.25.1
[arch-projects] [namcap] [PATCH] Warn on unquoted pkgdir and srcdir
Unqouted $pkgdir and $srcdir can lead to errors if the directory name contains spaces. Not quoting these variables is a common mistake. For example, it is often seen in PKGBUILDs that are submitted for review. Add a rule that warns on unquoted $pkgdir and $srcdir. Signed-off-by: Michael Straube --- Namcap/rules/__init__.py | 3 +- Namcap/rules/unquoteddirvars.py | 39 Namcap/tests/pkgbuild/test_unquoteddirvars.py | 63 +++ namcap-tags | 1 + 4 files changed, 105 insertions(+), 1 deletion(-) create mode 100644 Namcap/rules/unquoteddirvars.py create mode 100644 Namcap/tests/pkgbuild/test_unquoteddirvars.py diff --git a/Namcap/rules/__init__.py b/Namcap/rules/__init__.py index 5ca6551..bd348b4 100644 --- a/Namcap/rules/__init__.py +++ b/Namcap/rules/__init__.py @@ -67,7 +67,8 @@ from . import ( pkginfo, pkgnameindesc, sfurl, - splitpkgbuild + splitpkgbuild, + unquoteddirvars ) all_rules = {} diff --git a/Namcap/rules/unquoteddirvars.py b/Namcap/rules/unquoteddirvars.py new file mode 100644 index 000..63de0c1 --- /dev/null +++ b/Namcap/rules/unquoteddirvars.py @@ -0,0 +1,39 @@ +# +# namcap rules - unquoteddirvars +# Copyright (C) 2020 Michael Straube +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +import re +from Namcap.ruleclass import * + +class package(PkgbuildRule): + name = "unquoteddirvars" + description = "Looks for unquoted $pkgdir and $srcdir" + def analyze(self, pkginfo, pkgbuild): + needles = ['$pkgdir', '${pkgdir}', '$srcdir', '${srcdir}'] + hits = set() + for line in pkginfo.pkgbuild: + if not any(n in line for n in needles): + continue + double_quoted_strings = re.findall('"([^"]*)"', line) + for n in needles: + if line.count(n) != sum(n in s for s in double_quoted_strings): + hits.add(n) + for i in hits: + self.warnings.append(("unquoted-dirvar %s", i)) + +# vim: set ts=4 sw=4 noet: diff --git a/Namcap/tests/pkgbuild/test_unquoteddirvars.py b/Namcap/tests/pkgbuild/test_unquoteddirvars.py new file mode 100644 index 000..7a420bd --- /dev/null +++ b/Namcap/tests/pkgbuild/test_unquoteddirvars.py @@ -0,0 +1,63 @@ +# +# namcap tests - unquoteddirvars +# Copyright (C) 2020 Michael Straube +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +from Namcap.tests.pkgbuild_test import PkgbuildTest +import Namcap.rules + +class NamcapUnqoutedDirVarsTest(PkgbuildTest): + pkgbuild = """ +# Maintainer: Arch Linux +# Contributor: Arch Linux + +pkgname=mypackage +pkgver=1.0 +pkgrel=1 +pkgdesc="A package" +url="http://www.example.com/; +arch=('x86_64') +depends=('glibc') +license=('GPL') +options=('!libtool') +source=(ftp://ftp.example.com/pub/mypackage-0.1.tar.gz) +md5sums=('abcdefabcdef12345678901234567890') + +build() { + cd $srcdir/$pkgname-$pkgver +} + +package() { + make install DESTDIR=$pkgdir/ + install -Dm644 ${srcdir}/LICENSE ${pkgdir}/usr/share/licenses/${pkgname} + install -Dm644 "${srcdir}/example.desktop" "$pkgdir"/usr/share/applications +} +""" + test_valid = PkgbuildTest.valid_tests + + def preSetUp(self): + self.rule = Namcap.rules.unquoteddirvars.package + + def test_example(self): + needles = ['$pkgdir', '${pkgdir}', '$srcdir', '${srcdir}'] + r = self.run_on_pkg(self.pkgbuild) +
[arch-projects] [namcap] [PATCH] makedepends: Replace bzr with breezy
The 'bzr' package was replaced with 'breezy' in the repos. Update the VCS makedepends rule to report the correct package. Signed-off-by: Michael Straube --- Namcap/rules/makedepends.py | 2 +- Namcap/tests/pkgbuild/test_makedepends.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py index 380a089..b319e7c 100644 --- a/Namcap/rules/makedepends.py +++ b/Namcap/rules/makedepends.py @@ -48,7 +48,7 @@ class VCSMakedepends(PkgbuildRule): def analyze(self, pkginfo, pkgbuild): vcs = { - 'bzr' : 'bzr', + 'bzr' : 'breezy', 'git' : 'git', 'hg' : 'mercurial', 'svn' : 'subversion', diff --git a/Namcap/tests/pkgbuild/test_makedepends.py b/Namcap/tests/pkgbuild/test_makedepends.py index d443b2b..676af33 100644 --- a/Namcap/tests/pkgbuild/test_makedepends.py +++ b/Namcap/tests/pkgbuild/test_makedepends.py @@ -97,7 +97,7 @@ package() { def test_example1(self): # Example 1 - makedeps = ['bzr', 'git', 'mercurial', 'subversion'] + makedeps = ['breezy', 'git', 'mercurial', 'subversion'] r = self.run_on_pkg(self.pkgbuild1) self.assertEqual(r.errors, []) self.assertEqual(set(r.warnings), -- 2.25.0
[arch-projects] [PATCH] [namcap] Fix makedepends.py for PKGBUILD without source array
Namcap errors when a PKGBUILD has no source array. Test if the PKGBUILD has a source array in the VCSMakedepends rule to avoid such errors. Fixes FS#65042 Signed-off-by: Michael Straube --- Namcap/rules/makedepends.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py index 53676c2..380a089 100644 --- a/Namcap/rules/makedepends.py +++ b/Namcap/rules/makedepends.py @@ -56,6 +56,9 @@ class VCSMakedepends(PkgbuildRule): missing = [] protocols = set() + if 'source' not in pkginfo: + return + for s in pkginfo["source"]: p = s.split("::", 1)[-1] p = p.split("://", 1)[0] -- 2.25.0
[arch-projects] [namcap] FS#34300 False positive on Mach-O universal binary
Hi, namcap does not distinguish java class files from Mach-O files since both use the same byte magic CAFEBABE. See FS#34300 Implementing this would only need a test if the value of the byte at offset 7 is greater than 0x30. See: https://github.com/file/file/blob/master/magic/Magdir/cafebabe I think having Mach-O files in a package is a _very_ rare case. But on the other hand implementing would be no big deal. Would a patch for this be accepted, or is it not worth? Regards, Michael
Re: [arch-projects] [namcap] [PATCH] namcap-tags: Add back missing dependency reason tags (FS#56898)
Am 02.12.18 um 20:34 schrieb Eli Schwartz via arch-projects: On 12/2/18 1:33 PM, Michael Straube via arch-projects wrote: There are two missing tags that are needed in rules added (back) in commit e385ac93a354 (Restore and refactor accidentally removed tests). Add back the missing tags. Signed-off-by: Michael Straube --- namcap-tags | 2 ++ 1 file changed, 2 insertions(+) diff --git a/namcap-tags b/namcap-tags index 17b9506..70dabb2 100644 --- a/namcap-tags +++ b/namcap-tags @@ -101,6 +101,8 @@ depends-by-namcap-sight depends=(%s) :: Depends as namcap sees them: depends=(%s dconf-needed-for-glib-schemas :: needed for glib schemas glib2-needed-for-gio-modules :: needed for GIO modules hicolor-icon-theme-needed-for-hicolor-dir :: needed for hicolor theme hierarchy +shared-mime-info-needed :: needed for update-mime-database +desktop-file-utils-needed :: needed for update-desktop-database kdebase-runtime-needed %s :: needed for programs %s java-runtime-needed %s :: found class files %s libraries-needed %s %s :: libraries %s needed in files %s Huh, why do these tests even exist? The fact that we have hooks for them now, means that we never need to run either command at all. Applications that need a desktop or mime database will already depend on the relevant package, and packages that merely happen to be a provider of such files should not care whether or not you have other applications that can make use of them. We don't even need to use NeedsTargets, so it doesn't matter when the hook runs. It can be run in the future at any time. I was also wondering and do not know why these tests were added (back).
[arch-projects] [namcap] [PATCH] namcap-tags: Add back missing dependency reason tags (FS#56898)
There are two missing tags that are needed in rules added (back) in commit e385ac93a354 (Restore and refactor accidentally removed tests). Add back the missing tags. Signed-off-by: Michael Straube --- namcap-tags | 2 ++ 1 file changed, 2 insertions(+) diff --git a/namcap-tags b/namcap-tags index 17b9506..70dabb2 100644 --- a/namcap-tags +++ b/namcap-tags @@ -101,6 +101,8 @@ depends-by-namcap-sight depends=(%s) :: Depends as namcap sees them: depends=(%s dconf-needed-for-glib-schemas :: needed for glib schemas glib2-needed-for-gio-modules :: needed for GIO modules hicolor-icon-theme-needed-for-hicolor-dir :: needed for hicolor theme hierarchy +shared-mime-info-needed :: needed for update-mime-database +desktop-file-utils-needed :: needed for update-desktop-database kdebase-runtime-needed %s :: needed for programs %s java-runtime-needed %s :: found class files %s libraries-needed %s %s :: libraries %s needed in files %s -- 2.19.2
[arch-projects] [namcap] [PATCH v3] makedepends: Make VCS matching more robust
If a VCS source is renamed using the "::" syntax the makedepends are not detected. If there are files starting with in the source array false positives are produced. See the gitlab package for example. Make the matching more robust to avoid such issues. Signed-off-by: Michael Straube --- v1 -> v2 Make it also work for e.g. git:// v2 -> v3 Return early if no vcs sources. Namcap/rules/makedepends.py | 15 --- Namcap/tests/pkgbuild/test_makedepends.py | 15 +++ 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py index 2a0ceaa..53676c2 100644 --- a/Namcap/rules/makedepends.py +++ b/Namcap/rules/makedepends.py @@ -54,10 +54,19 @@ class VCSMakedepends(PkgbuildRule): 'svn' : 'subversion', } missing = [] + protocols = set() - for v in vcs: - if not any(s.startswith(v) for s in pkginfo["source"]): - continue + for s in pkginfo["source"]: + p = s.split("::", 1)[-1] + p = p.split("://", 1)[0] + p = p.split("+", 1)[0] + if p in vcs: + protocols.add(p) + + if not protocols: + return + + for v in protocols: d = vcs[v] if 'makedepends' not in pkginfo: missing.append(d) diff --git a/Namcap/tests/pkgbuild/test_makedepends.py b/Namcap/tests/pkgbuild/test_makedepends.py index 78c476a..d443b2b 100644 --- a/Namcap/tests/pkgbuild/test_makedepends.py +++ b/Namcap/tests/pkgbuild/test_makedepends.py @@ -76,10 +76,10 @@ depends=() makedepends=() license=('GPL') options=('!libtool') -source=(bzr+https://ftp.example.com/pub/mypackage -git+https://ftp.example.com/pub/mypackage -hg+https://ftp.example.com/pub/mypackage -svn+https://ftp.example.com/pub/mypackage) +source=(name::bzr+https://example.com/pub/mypackage +name::git://example.com/pub/mypackage +hg+https://example.com/pub/mypackage +svn://example.com/pub/mypackage) md5sums=('abcdefabcdef12345678901234567890') build() { @@ -104,4 +104,11 @@ package() { set(("missing-vcs-makedeps %s", i) for i in makedeps)) self.assertEqual(r.infos, []) + def test_example2(self): + # Example 2 + r = self.run_on_pkg(self.pkgbuild1 + 'source=(gitsomething)') + self.assertEqual(r.errors, []) + self.assertEqual(r.warnings, []) + self.assertEqual(r.infos, []) + # vim: set ts=4 sw=4 noet: -- 2.19.2
[arch-projects] [namcap] [PATCH v2] makedepends: Make VCS matching more robust
If a VCS source is renamed using the "::" syntax the makedepends are not detected. If there are files starting with in the source array false positives are produced. See the gitlab package for example. Make the matching more robust to avoid such issues. Signed-off-by: Michael Straube --- v1 -> v2 Make it also work for e.g. git:// Namcap/rules/makedepends.py | 10 +- Namcap/tests/pkgbuild/test_makedepends.py | 15 +++ 2 files changed, 20 insertions(+), 5 deletions(-) diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py index 2a0ceaa..65747c4 100644 --- a/Namcap/rules/makedepends.py +++ b/Namcap/rules/makedepends.py @@ -54,9 +54,17 @@ class VCSMakedepends(PkgbuildRule): 'svn' : 'subversion', } missing = [] + protocols = set() + + for s in pkginfo["source"]: + p = s.split("::", 1)[-1] + p = p.split("://", 1)[0] + p = p.split("+", 1)[0] + if p in vcs: + protocols.add(p) for v in vcs: - if not any(s.startswith(v) for s in pkginfo["source"]): + if not v in protocols: continue d = vcs[v] if 'makedepends' not in pkginfo: diff --git a/Namcap/tests/pkgbuild/test_makedepends.py b/Namcap/tests/pkgbuild/test_makedepends.py index 78c476a..d443b2b 100644 --- a/Namcap/tests/pkgbuild/test_makedepends.py +++ b/Namcap/tests/pkgbuild/test_makedepends.py @@ -76,10 +76,10 @@ depends=() makedepends=() license=('GPL') options=('!libtool') -source=(bzr+https://ftp.example.com/pub/mypackage -git+https://ftp.example.com/pub/mypackage -hg+https://ftp.example.com/pub/mypackage -svn+https://ftp.example.com/pub/mypackage) +source=(name::bzr+https://example.com/pub/mypackage +name::git://example.com/pub/mypackage +hg+https://example.com/pub/mypackage +svn://example.com/pub/mypackage) md5sums=('abcdefabcdef12345678901234567890') build() { @@ -104,4 +104,11 @@ package() { set(("missing-vcs-makedeps %s", i) for i in makedeps)) self.assertEqual(r.infos, []) + def test_example2(self): + # Example 2 + r = self.run_on_pkg(self.pkgbuild1 + 'source=(gitsomething)') + self.assertEqual(r.errors, []) + self.assertEqual(r.warnings, []) + self.assertEqual(r.infos, []) + # vim: set ts=4 sw=4 noet: -- 2.19.2
Re: [arch-projects] [namcap] [PATCH] makedepends: Make VCS matching more robust
Am 02.12.18 um 06:04 schrieb Eli Schwartz via arch-projects: On 12/1/18 9:54 AM, Michael Straube via arch-projects wrote: If a VCS source is renamed using the "::" syntax the makedepends are not detected. If there are files starting with in the source array false positives are produced. See the gitlab package for example. Make the matching more robust to avoid such issues. Signed-off-by: Michael Straube --- Perhaps there is a more elegant way? Namcap/rules/makedepends.py | 2 +- Namcap/tests/pkgbuild/test_makedepends.py | 9 - 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py index 2a0ceaa..710e969 100644 --- a/Namcap/rules/makedepends.py +++ b/Namcap/rules/makedepends.py @@ -56,7 +56,7 @@ class VCSMakedepends(PkgbuildRule): missing = [] for v in vcs: - if not any(s.startswith(v) for s in pkginfo["source"]): + if not any(s.split("::")[-1].startswith(v + '+') for s in pkginfo["source"]): Instead this fails to detect git:// instead? The check makepkg uses is to strip ::* and then strip ://* to get the protocol, and match on protocols like git*, although I have pending patches to also strip +* and match protocols exactly. Ah yes, I will send a v2 that also works for things like git://. Thank you!
[arch-projects] [namcap] [PATCH] makedepends: Make VCS matching more robust
If a VCS source is renamed using the "::" syntax the makedepends are not detected. If there are files starting with in the source array false positives are produced. See the gitlab package for example. Make the matching more robust to avoid such issues. Signed-off-by: Michael Straube --- Perhaps there is a more elegant way? Namcap/rules/makedepends.py | 2 +- Namcap/tests/pkgbuild/test_makedepends.py | 9 - 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py index 2a0ceaa..710e969 100644 --- a/Namcap/rules/makedepends.py +++ b/Namcap/rules/makedepends.py @@ -56,7 +56,7 @@ class VCSMakedepends(PkgbuildRule): missing = [] for v in vcs: - if not any(s.startswith(v) for s in pkginfo["source"]): + if not any(s.split("::")[-1].startswith(v + '+') for s in pkginfo["source"]): continue d = vcs[v] if 'makedepends' not in pkginfo: diff --git a/Namcap/tests/pkgbuild/test_makedepends.py b/Namcap/tests/pkgbuild/test_makedepends.py index 78c476a..0309016 100644 --- a/Namcap/tests/pkgbuild/test_makedepends.py +++ b/Namcap/tests/pkgbuild/test_makedepends.py @@ -77,7 +77,7 @@ makedepends=() license=('GPL') options=('!libtool') source=(bzr+https://ftp.example.com/pub/mypackage -git+https://ftp.example.com/pub/mypackage +some_name::git+https://ftp.example.com/pub/mypackage hg+https://ftp.example.com/pub/mypackage svn+https://ftp.example.com/pub/mypackage) md5sums=('abcdefabcdef12345678901234567890') @@ -104,4 +104,11 @@ package() { set(("missing-vcs-makedeps %s", i) for i in makedeps)) self.assertEqual(r.infos, []) + def test_example2(self): + # Example 2 + r = self.run_on_pkg(self.pkgbuild1 + 'source=(gitsomething)') + self.assertEqual(r.errors, []) + self.assertEqual(r.warnings, []) + self.assertEqual(r.infos, []) + # vim: set ts=4 sw=4 noet: -- 2.19.2
[arch-projects] [namcap] [PATCH v2 2/3] Add test for the makedepends rule
Signed-off-by: Michael Straube --- Namcap/tests/pkgbuild/test_makedepends.py | 65 +++ 1 file changed, 65 insertions(+) create mode 100644 Namcap/tests/pkgbuild/test_makedepends.py diff --git a/Namcap/tests/pkgbuild/test_makedepends.py b/Namcap/tests/pkgbuild/test_makedepends.py new file mode 100644 index 000..c8d6e97 --- /dev/null +++ b/Namcap/tests/pkgbuild/test_makedepends.py @@ -0,0 +1,65 @@ +# -*- coding: utf-8 -*- +# +# namcap tests - makedepends +# Copyright (C) 2011 Rémy Oudompheng +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 +# USA +# + +from Namcap.tests.pkgbuild_test import PkgbuildTest +import Namcap.rules.makedepends as module + +class NamcapRedundantMakedependsTest(PkgbuildTest): + pkgbuild1 = """ +# Maintainer: Arch Linux +# Contributor: Arch Linux + +pkgname=mypackage +pkgver=1.0 +pkgrel=1 +pkgdesc="A package" +url="http://www.example.com/; +arch=('i686' 'x86_64') +depends=('lib1' 'lib2' 'lib3') +makedepends=('lib1' 'lib2' 'lib4') +license=('GPL') +options=('!libtool') +source=(ftp://ftp.example.com/pub/mypackage-0.1.tar.gz) +md5sums=('abcdefabcdef12345678901234567890') + +build() { + true +} + +package() { + true +} +""" + + test_valid = PkgbuildTest.valid_tests + + def preSetUp(self): + self.rule = module.RedundantMakedepends + + def test_example1(self): + # Example 1 + r = self.run_on_pkg(self.pkgbuild1) + self.assertEqual(r.errors, []) + self.assertEqual(set(r.warnings), + set(("redundant-makedep %s", i) for i in ["lib1" ,"lib2"])) + self.assertEqual(r.infos, []) + +# vim: set ts=4 sw=4 noet: -- 2.19.2
[arch-projects] [namcap] [PATCH v2 1/3] Warn about makedepends already in depends
Add a rule that warns about make dependencies already listed as dependencies. Signed-off-by: Michael Straube --- v1 -> v2 Added patch that implements FS#58303 Warn about missing VCS make dependencies. Namcap/rules/__init__.py| 1 + Namcap/rules/makedepends.py | 41 + namcap-tags | 1 + 3 files changed, 43 insertions(+) create mode 100644 Namcap/rules/makedepends.py diff --git a/Namcap/rules/__init__.py b/Namcap/rules/__init__.py index e8775a0..dcc950f 100644 --- a/Namcap/rules/__init__.py +++ b/Namcap/rules/__init__.py @@ -59,6 +59,7 @@ from . import ( carch, extravars, invalidstartdir, + makedepends, makepkgfunctions, missingvars, pkginfo, diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py new file mode 100644 index 000..48b1049 --- /dev/null +++ b/Namcap/rules/makedepends.py @@ -0,0 +1,41 @@ +# +# namcap rules - makedepends +# Copyright (C) 2018 Michael Straube +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +from Namcap.ruleclass import * + +class RedundantMakedepends(PkgbuildRule): + """ + This rule checks for make dependencies that are already + included as dependencies. + """ + name = "makedepends" + description = "Check for redundant make dependencies" + + def analyze(self, pkginfo, pkgbuild): + redundant_makedeps = [] + + if 'makedepends' in pkginfo and 'depends' in pkginfo: + for d in pkginfo["makedepends"]: + if d in pkginfo["depends"]: + redundant_makedeps.append(d) + + for i in redundant_makedeps: + self.warnings.append(("redundant-makedep %s", i)) + +# vim: set ts=4 sw=4 noet: diff --git a/namcap-tags b/namcap-tags index 2133c45..c253042 100644 --- a/namcap-tags +++ b/namcap-tags @@ -71,6 +71,7 @@ potential-non-fhs-man-page %s :: Potential non-FHS man page (%s) found. py-mtime-mtree-warning :: Found .py file unnoticeably newer than associated .pyc/pyo. py-mtime-tar-error :: Found .py file newer than associated .pyc/pyo. py-mtime-file-name %s :: Python script (%s) is newer than associated .pyc/pyo. +redundant-makedep %s :: Make dependency (%s) already included as dependency script-link-detected %s in %s :: Script link detected (%s) in file %s scrollkeeper-dir-exists %s :: Scrollkeeper directory exists (%s). Remember to not run scrollkeeper till post_{install,upgrade,remove}. site-ruby :: Found usr/lib/ruby/site_ruby in package, usr/lib/ruby/vendor_ruby should be used instead. -- 2.19.2
[arch-projects] [namcap] [PATCH] Add test for systemdlocation rule
Signed-off-by: Michael Straube --- Namcap/tests/package/test_systemdlocation.py | 85 1 file changed, 85 insertions(+) create mode 100644 Namcap/tests/package/test_systemdlocation.py diff --git a/Namcap/tests/package/test_systemdlocation.py b/Namcap/tests/package/test_systemdlocation.py new file mode 100644 index 000..c22dd5d --- /dev/null +++ b/Namcap/tests/package/test_systemdlocation.py @@ -0,0 +1,85 @@ +# -*- coding: utf-8 -*- +# +# namcap tests - systemdlocation +# Copyright (C) 2011 Rémy Oudompheng +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 +# USA +# + +import os +from Namcap.tests.makepkg import MakepkgTest +import Namcap.rules.systemdlocation + +class SystemdlocationTest(MakepkgTest): + pkgbuild = """ +pkgname=__namcap_test_systemdlocation +pkgver=1.0 +pkgrel=1 +pkgdesc="A package" +arch=('i686' 'x86_64') +url="http://www.example.com/; +license=('GPL') +depends=('glibc') +source=() +build() { + true +} +package() { + mkdir -p "${pkgdir}/etc/systemd/system" + touch "${pkgdir}/etc/systemd/system/systemdsomething" +} +""" + def test_systemdlocation_pkgname(self): + pkgfile = "systemd-1.0-1-%(arch)s.pkg.tar" % { "arch": self.arch } + with open(os.path.join(self.tmpdir, "PKGBUILD"), "w") as f: + f.write(self.pkgbuild + "pkgname=systemd") + self.run_makepkg() + pkg, r = self.run_rule_on_tarball( + os.path.join(self.tmpdir, pkgfile), + Namcap.rules.systemdlocation.systemdlocationRule + ) + self.assertEqual(r.errors, []) + self.assertEqual(r.warnings, []) + self.assertEqual(r.infos, []) + + def test_systemdlocation_provides(self): + pkgfile = "__namcap_test_systemdlocation-1.0-1-%(arch)s.pkg.tar" % { "arch": self.arch } + with open(os.path.join(self.tmpdir, "PKGBUILD"), "w") as f: + f.write(self.pkgbuild + "provides=(systemd)") + self.run_makepkg() + pkg, r = self.run_rule_on_tarball( + os.path.join(self.tmpdir, pkgfile), + Namcap.rules.systemdlocation.systemdlocationRule + ) + self.assertEqual(r.errors, []) + self.assertEqual(r.warnings, []) + self.assertEqual(r.infos, []) + + def test_systemdlocation(self): + pkgfile = "__namcap_test_systemdlocation-1.0-1-%(arch)s.pkg.tar" % { "arch": self.arch } + with open(os.path.join(self.tmpdir, "PKGBUILD"), "w") as f: + f.write(self.pkgbuild) + self.run_makepkg() + pkg, r = self.run_rule_on_tarball( + os.path.join(self.tmpdir, pkgfile), + Namcap.rules.systemdlocation.systemdlocationRule + ) + self.assertEqual(r.errors, []) + self.assertEqual(r.warnings, [("systemd-location %s", + "etc/systemd/system/systemdsomething")]) + self.assertEqual(r.infos, []) + +# vim: set ts=4 sw=4 noet: -- 2.19.1
[arch-projects] [namcap] [PATCH] Add test for makepkgfunctions rule
Signed-off-by: Michael Straube --- .../tests/pkgbuild/test_makepkgfunctions.py | 67 +++ 1 file changed, 67 insertions(+) create mode 100644 Namcap/tests/pkgbuild/test_makepkgfunctions.py diff --git a/Namcap/tests/pkgbuild/test_makepkgfunctions.py b/Namcap/tests/pkgbuild/test_makepkgfunctions.py new file mode 100644 index 000..ac2601c --- /dev/null +++ b/Namcap/tests/pkgbuild/test_makepkgfunctions.py @@ -0,0 +1,67 @@ +# -*- coding: utf-8 -*- +# +# namcap tests - makepkgfunctions +# Copyright (C) 2011 Rémy Oudompheng +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 +# USA +# + +from Namcap.tests.pkgbuild_test import PkgbuildTest +import Namcap.rules.makepkgfunctions as module + +class NamcapMakepkgfunctionsTest(PkgbuildTest): + pkgbuild1 = """ +# Maintainer: Arch Linux +# Contributor: Arch Linux + +pkgname=mypackage +pkgver=1.0 +pkgrel=1 +pkgdesc="A package" +arch=('i686' 'x86_64') +url="http://www.example.com/; +license=('GPL') +depends=('glibc') +options=('!libtool') +source=(ftp://ftp.example.com/pub/mypackage-0.1.tar.gz) +md5sums=('abcdefabcdef12345678901234567890') + +build() { + msg "some text" + msg2 "some text" + warning "some text" + error "some text" + plain "some text" +} + +package() { + true +} +""" + test_valid = PkgbuildTest.valid_tests + + def preSetUp(self): + self.rule = module.package + + def test_example1(self): + bad_calls = ['msg', 'msg2', 'warning', 'error', 'plain'] + r = self.run_on_pkg(self.pkgbuild1) + self.assertEqual(r.errors, []) + self.assertEqual(set(r.warnings), + set(("makepkg-function-used %s", i) for i in bad_calls)) + self.assertEqual(r.infos, []) + +# vim: set ts=4 sw=4 noet: -- 2.19.1
[arch-projects] [namcap] [PATCH 1/2] Warn about makedepends already in depends
Add a rule that warns about make dependencies already listed as dependencies. Signed-off-by: Michael Straube --- Namcap/rules/__init__.py| 1 + Namcap/rules/makedepends.py | 41 + namcap-tags | 1 + 3 files changed, 43 insertions(+) create mode 100644 Namcap/rules/makedepends.py diff --git a/Namcap/rules/__init__.py b/Namcap/rules/__init__.py index e8775a0..dcc950f 100644 --- a/Namcap/rules/__init__.py +++ b/Namcap/rules/__init__.py @@ -59,6 +59,7 @@ from . import ( carch, extravars, invalidstartdir, + makedepends, makepkgfunctions, missingvars, pkginfo, diff --git a/Namcap/rules/makedepends.py b/Namcap/rules/makedepends.py new file mode 100644 index 000..48b1049 --- /dev/null +++ b/Namcap/rules/makedepends.py @@ -0,0 +1,41 @@ +# +# namcap rules - makedepends +# Copyright (C) 2018 Michael Straube +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +from Namcap.ruleclass import * + +class RedundantMakedepends(PkgbuildRule): + """ + This rule checks for make dependencies that are already + included as dependencies. + """ + name = "makedepends" + description = "Check for redundant make dependencies" + + def analyze(self, pkginfo, pkgbuild): + redundant_makedeps = [] + + if 'makedepends' in pkginfo and 'depends' in pkginfo: + for d in pkginfo["makedepends"]: + if d in pkginfo["depends"]: + redundant_makedeps.append(d) + + for i in redundant_makedeps: + self.warnings.append(("redundant-makedep %s", i)) + +# vim: set ts=4 sw=4 noet: diff --git a/namcap-tags b/namcap-tags index 2133c45..c253042 100644 --- a/namcap-tags +++ b/namcap-tags @@ -71,6 +71,7 @@ potential-non-fhs-man-page %s :: Potential non-FHS man page (%s) found. py-mtime-mtree-warning :: Found .py file unnoticeably newer than associated .pyc/pyo. py-mtime-tar-error :: Found .py file newer than associated .pyc/pyo. py-mtime-file-name %s :: Python script (%s) is newer than associated .pyc/pyo. +redundant-makedep %s :: Make dependency (%s) already included as dependency script-link-detected %s in %s :: Script link detected (%s) in file %s scrollkeeper-dir-exists %s :: Scrollkeeper directory exists (%s). Remember to not run scrollkeeper till post_{install,upgrade,remove}. site-ruby :: Found usr/lib/ruby/site_ruby in package, usr/lib/ruby/vendor_ruby should be used instead. -- 2.19.1
[arch-projects] [namcap] [PATCH 2/2] Add test for the makedepends rule
Signed-off-by: Michael Straube --- Namcap/tests/pkgbuild/test_makedepends.py | 65 +++ 1 file changed, 65 insertions(+) create mode 100644 Namcap/tests/pkgbuild/test_makedepends.py diff --git a/Namcap/tests/pkgbuild/test_makedepends.py b/Namcap/tests/pkgbuild/test_makedepends.py new file mode 100644 index 000..c8d6e97 --- /dev/null +++ b/Namcap/tests/pkgbuild/test_makedepends.py @@ -0,0 +1,65 @@ +# -*- coding: utf-8 -*- +# +# namcap tests - makedepends +# Copyright (C) 2011 Rémy Oudompheng +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 +# USA +# + +from Namcap.tests.pkgbuild_test import PkgbuildTest +import Namcap.rules.makedepends as module + +class NamcapRedundantMakedependsTest(PkgbuildTest): + pkgbuild1 = """ +# Maintainer: Arch Linux +# Contributor: Arch Linux + +pkgname=mypackage +pkgver=1.0 +pkgrel=1 +pkgdesc="A package" +url="http://www.example.com/; +arch=('i686' 'x86_64') +depends=('lib1' 'lib2' 'lib3') +makedepends=('lib1' 'lib2' 'lib4') +license=('GPL') +options=('!libtool') +source=(ftp://ftp.example.com/pub/mypackage-0.1.tar.gz) +md5sums=('abcdefabcdef12345678901234567890') + +build() { + true +} + +package() { + true +} +""" + + test_valid = PkgbuildTest.valid_tests + + def preSetUp(self): + self.rule = module.RedundantMakedepends + + def test_example1(self): + # Example 1 + r = self.run_on_pkg(self.pkgbuild1) + self.assertEqual(r.errors, []) + self.assertEqual(set(r.warnings), + set(("redundant-makedep %s", i) for i in ["lib1" ,"lib2"])) + self.assertEqual(r.infos, []) + +# vim: set ts=4 sw=4 noet: -- 2.19.1
[arch-projects] [namcap] [PATCH] parsepkgbuild.sh: fix detection of split pkgbuilds with empty pkgbase
For split pkgbuilds the pkgbase variable is optional. If not specified, the first element in the pkgname array is used. Currently parsepkgbuild.sh fails to detect split pkgbuilds if pkgbase is not specified. Therefore the split pkgbuild rules are not applied to such pkgbuilds. Instead of testing if pkgbase is set, test if the pkgname array has more than one element. If so, set pkgbase accordingly. Signed-off-by: Michael Straube --- parsepkgbuild.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/parsepkgbuild.sh b/parsepkgbuild.sh index a158d1e..d85574d 100644 --- a/parsepkgbuild.sh +++ b/parsepkgbuild.sh @@ -140,7 +140,8 @@ compgen -A variable } # is it a split pkgbuild ? -if [ -n "${pkgbase}" ]; then +if [ "${#pkgname[@]}" -gt 1 ]; then + pkgbase=${pkgbase:-${pkgname[0]}} _namcap_pkgnames=(${pkgname[@]}) unset pkgname echo -e "%SPLIT%\n1\n" -- 2.19.1
[arch-projects] [namcap] [PATCH] tests: pacman 5.1
Signed-off-by: Michael Straube --- Namcap/tests/package/test_sodepends.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Namcap/tests/package/test_sodepends.py b/Namcap/tests/package/test_sodepends.py index 3a3d7b6..4188c35 100644 --- a/Namcap/tests/package/test_sodepends.py +++ b/Namcap/tests/package/test_sodepends.py @@ -56,13 +56,13 @@ package() { ) self.assertEqual(pkg.detected_deps['pacman'], [ ('libraries-needed %s %s', -(str(['usr/lib/libalpm.so.10']), str(["usr/bin/main"])) +(str(['usr/lib/libalpm.so.11']), str(["usr/bin/main"])) )] ) e, w, i = Namcap.depends.analyze_depends(pkg) self.assertEqual(e, [ ('dependency-detected-not-included %s (%s)', - ('pacman', "libraries ['usr/lib/libalpm.so.10'] needed in files ['usr/bin/main']")) + ('pacman', "libraries ['usr/lib/libalpm.so.11'] needed in files ['usr/bin/main']")) ]) self.assertEqual(w, []) -- 2.18.0
[arch-projects] [namcap] [PATCH] Add missing support for sha224 sums
Namcap does not support sha224 checksums but makepkg does. Add sha224 support. Signed-off-by: Michael Straube --- Namcap/rules/arrays.py | 2 +- Namcap/rules/extravars.py | 4 ++-- Namcap/rules/missingvars.py | 2 +- parsepkgbuild.sh| 5 + 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/Namcap/rules/arrays.py b/Namcap/rules/arrays.py index 243816e..5ca33cc 100644 --- a/Namcap/rules/arrays.py +++ b/Namcap/rules/arrays.py @@ -29,7 +29,7 @@ class package(PkgbuildRule): arrayvars = ['arch', 'license', 'groups', 'depends', 'makedepends', 'optdepends', 'checkdepends', 'provides', 'conflicts', 'replaces', 'backup', 'options', 'source', 'noextract', 'md5sums', 'sha1sums', -'sha256sums', 'sha384sums', 'sha512sums', 'validpgpkeys'] +'sha224sums', 'sha256sums', 'sha384sums', 'sha512sums', 'validpgpkeys'] for i in pkginfo.pkgbuild: m = re.match('\s*(.*)\s*=\s*(.*)$', i) for j in arrayvars: diff --git a/Namcap/rules/extravars.py b/Namcap/rules/extravars.py index df0c0bf..a10a878 100644 --- a/Namcap/rules/extravars.py +++ b/Namcap/rules/extravars.py @@ -26,8 +26,8 @@ class package(PkgbuildRule): description = "Verifies that extra variables start with an underscore" def analyze(self, pkginfo, tar): carch_vars = ['checkdepends', 'conflicts', 'depends', 'makedepends', -'optdepends', 'provides', 'replaces', 'source', 'md5sums', -'sha1sums', 'sha256sums', 'sha384sums', 'sha512sums'] +'optdepends', 'provides', 'replaces', 'source', 'md5sums', +'sha224sums', 'sha1sums', 'sha256sums', 'sha384sums', 'sha512sums'] stdvars = ['arch', 'license', 'backup', 'noextract', 'pkgname', 'pkgbase', 'pkgver', 'pkgrel', 'epoch', 'pkgdesc', 'groups', 'url', 'install', 'changelog', diff --git a/Namcap/rules/missingvars.py b/Namcap/rules/missingvars.py index 2b8811c..25445e2 100644 --- a/Namcap/rules/missingvars.py +++ b/Namcap/rules/missingvars.py @@ -30,7 +30,7 @@ class ChecksumsRule(PkgbuildRule): name = "checksums" description = "Verifies checksums are included in a PKGBUILD" def analyze(self, pkginfo, tar): - checksums=[('md5', 32), ('sha1', 40), ('sha256', 64), ('sha384', 96), ('sha512', 128)] + checksums=[('md5', 32), ('sha1', 40), ('sha224', 56), ('sha256', 64), ('sha384', 96), ('sha512', 128)] if "source" in pkginfo: haschecksums = False diff --git a/parsepkgbuild.sh b/parsepkgbuild.sh index 12874f3..a158d1e 100644 --- a/parsepkgbuild.sh +++ b/parsepkgbuild.sh @@ -109,6 +109,11 @@ if [ -n "$sha1sums" ]; then for i in "${sha1sums[@]}"; do echo $i; done echo "" fi +if [ -n "$sha224sums" ]; then + echo "%SHA224SUMS%" + for i in "${sha224sums[@]}"; do echo $i; done + echo "" +fi if [ -n "$sha256sums" ]; then echo "%SHA256SUMS%" for i in "${sha256sums[@]}"; do echo $i; done -- 2.18.0