[gentoo-dev] Last rites: dev-cpp/jarowinkler-cpp, dev-python/jarowinkler

2022-10-05 Thread Michał Górny
# Michał Górny  (2022-10-05)
# Originally added for dev-python/rapidfuzz.  Now the algorithm has been
# inlined into rapidfuzz, and the package is semi-deprecated.
# No revdeps left in ::gentoo.
# Removal on 2022-11-04.  Bug #875350.
dev-cpp/jarowinkler-cpp
dev-python/jarowinkler

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH 4/4] distutils-r1.eclass: Remove obsolete EAPI condition for *.pth files

2022-10-02 Thread Michał Górny
Remove the EAPI condition for *.pth files, as they are banned in all
EAPIs currently supported by the eclass.

Signed-off-by: Michał Górny 
---
 eclass/distutils-r1.eclass | 24 +++-
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index d667b31191e2..5a622689b979 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -2023,21 +2023,19 @@ _distutils-r1_check_namespace_pth() {
done < <(find "${ED%/}" -name '*-nspkg.pth' -print0)
 
if [[ ${pth[@]} ]]; then
-   ewarn "The following *-nspkg.pth files were found installed:"
-   ewarn
+   eerror "The following *-nspkg.pth files were found installed:"
+   eerror
for f in "${pth[@]}"; do
-   ewarn "  ${f#${ED%/}}"
+   eerror "  ${f#${ED%/}}"
done
-   ewarn
-   ewarn "The presence of those files may break namespaces in 
Python 3.5+. Please"
-   ewarn "read our documentation on reliable handling of 
namespaces and update"
-   ewarn "the ebuild accordingly:"
-   ewarn
-   ewarn "  
https://projects.gentoo.org/python/guide/concept.html#namespace-packages;
-
-   if ! has "${EAPI}" 6 7 8; then
-   die "*-nspkg.pth files are banned in EAPI ${EAPI}"
-   fi
+   eerror
+   eerror "The presence of those files may break namespaces in 
Python 3.5+. Please"
+   eerror "read our documentation on reliable handling of 
namespaces and update"
+   eerror "the ebuild accordingly:"
+   eerror
+   eerror "  
https://projects.gentoo.org/python/guide/concept.html#namespace-packages;
+
+   die "Installing *-nspkg.pth files is banned"
fi
 }
 
-- 
2.37.3




[gentoo-dev] [PATCH 3/4] distutils-r1.eclass: Bump min dep versions

2022-10-02 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/distutils-r1.eclass | 20 ++--
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index 8fd652ff1e13..d667b31191e2 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -202,7 +202,7 @@ _distutils_set_globals() {
fi
 
bdep='
-   >=dev-python/gpep517-8[${PYTHON_USEDEP}]
+   >=dev-python/gpep517-9[${PYTHON_USEDEP}]
'
case ${DISTUTILS_USE_PEP517} in
flit)
@@ -212,22 +212,22 @@ _distutils_set_globals() {
;;
flit_scm)
bdep+='
-   dev-python/flit_scm[${PYTHON_USEDEP}]
+   
>=dev-python/flit_scm-1.7.0[${PYTHON_USEDEP}]
'
;;
hatchling)
bdep+='
-   
>=dev-python/hatchling-1.3.1[${PYTHON_USEDEP}]
+   
>=dev-python/hatchling-1.8.1[${PYTHON_USEDEP}]
'
;;
jupyter)
bdep+='
-   
>=dev-python/jupyter_packaging-0.12.0-r1[${PYTHON_USEDEP}]
+   
>=dev-python/jupyter_packaging-0.12.3[${PYTHON_USEDEP}]
'
;;
maturin)
bdep+='
-   
>=dev-util/maturin-0.12.20[${PYTHON_USEDEP}]
+   
>=dev-util/maturin-0.13.3[${PYTHON_USEDEP}]
'
;;
no)
@@ -236,17 +236,17 @@ _distutils_set_globals() {
;;
meson-python)
bdep+='
-   
dev-python/meson-python[${PYTHON_USEDEP}]
+   
>=dev-python/meson-python-0.9.0[${PYTHON_USEDEP}]
'
;;
pbr)
bdep+='
-   >=dev-python/pbr-5.9.0[${PYTHON_USEDEP}]
+   
>=dev-python/pbr-5.10.0[${PYTHON_USEDEP}]
'
;;
pdm)
bdep+='
-   
>=dev-python/pdm-pep517-1.0.2[${PYTHON_USEDEP}]
+   
>=dev-python/pdm-pep517-1.0.4[${PYTHON_USEDEP}]
'
;;
poetry)
@@ -256,7 +256,7 @@ _distutils_set_globals() {
;;
setuptools)
bdep+='
-   
>=dev-python/setuptools-62.6.0[${PYTHON_USEDEP}]
+   
>=dev-python/setuptools-65.3.0[${PYTHON_USEDEP}]
dev-python/wheel[${PYTHON_USEDEP}]
'
;;
@@ -277,7 +277,7 @@ _distutils_set_globals() {
eqawarn "is enabled."
fi
else
-   local 
setuptools_dep='>=dev-python/setuptools-42.0.2[${PYTHON_USEDEP}]'
+   local 
setuptools_dep='>=dev-python/setuptools-65.3.0[${PYTHON_USEDEP}]'
 
case ${DISTUTILS_USE_SETUPTOOLS:-bdepend} in
no|manual)
-- 
2.37.3




[gentoo-dev] [PATCH 2/4] distutils-r1.eclass: fix typo in comment

2022-10-02 Thread Michał Górny
From: Petr Vaněk 

Signed-off-by: Petr Vaněk 
---
 eclass/distutils-r1.eclass | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index d011e5f97ad9..8fd652ff1e13 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -723,8 +723,8 @@ esetup.py() {
 # to unmerge the package first.
 #
 # This function is not available in PEP517 mode.  The eclass provides
-# a venv-style install unconditionally therefore, and therefore it
-# should no longer be necessary.
+# a venv-style install unconditionally and therefore it should no longer
+# be necessary.
 distutils_install_for_testing() {
debug-print-function ${FUNCNAME} "${@}"
 
-- 
2.37.3




[gentoo-dev] [PATCH 1/4] distutils-r1.eclass: Remove obsolete DUS=pyproject.toml support

2022-10-02 Thread Michał Górny
Remove the obsolete code branches for DISTUTILS_USE_SETUPTOOLS
pyproject.toml variant.  dev-python/pyproject2setuppy is last rited now
and there are no consumers of that mode left in ::gentoo.

Signed-off-by: Michał Górny 
---
 eclass/distutils-r1.eclass | 19 ++-
 1 file changed, 6 insertions(+), 13 deletions(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index 60f81473c0a6..d011e5f97ad9 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -150,9 +150,6 @@ esac
 #
 # - rdepend -- add it to BDEPEND+RDEPEND (e.g. when using pkg_resources)
 #
-# - pyproject.toml -- use pyproject2setuptools to install a project
-#   using pyproject.toml (flit, poetry...)
-#
 # - manual -- do not add the dependency and suppress the checks
 #   (assumes you will take care of doing it correctly)
 #
@@ -293,7 +290,7 @@ _distutils_set_globals() {
rdep+=" ${setuptools_dep}"
;;
pyproject.toml)
-   bdep+=' 
>=dev-python/pyproject2setuppy-22[${PYTHON_USEDEP}]'
+   die "DISTUTILS_USE_SETUPTOOLS=pyproject.toml is 
no longer supported, use DISTUTILS_USE_PEP517"
;;
*)
die "Invalid 
DISTUTILS_USE_SETUPTOOLS=${DISTUTILS_USE_SETUPTOOLS}"
@@ -668,9 +665,7 @@ esetup.py() {
fi
 
local setup_py=( setup.py )
-   if [[ ${DISTUTILS_USE_SETUPTOOLS} == pyproject.toml ]]; then
-   setup_py=( -m pyproject2setuppy )
-   elif [[ ! -f setup.py ]]; then
+   if [[ ! -f setup.py ]]; then
if [[ ! -f setup.cfg ]]; then
die "${FUNCNAME}: setup.py nor setup.cfg not found"
fi
@@ -883,12 +878,10 @@ _distutils-r1_handle_pyproject_toml() {
[[ ${DISTUTILS_USE_SETUPTOOLS} == manual ]] && return
 
if [[ ! -f setup.py && -f pyproject.toml ]]; then
-   if [[ ${DISTUTILS_USE_SETUPTOOLS} != pyproject.toml ]]; then
-   eerror "No setup.py found but pyproject.toml is 
present.  Please migrate"
-   eerror "the package to use DISTUTILS_USE_PEP517. See:"
-   eerror "  
https://projects.gentoo.org/python/guide/distutils.html;
-   die "No setup.py found and PEP517 mode not enabled"
-   fi
+   eerror "No setup.py found but pyproject.toml is present.  
Please migrate"
+   eerror "the package to use DISTUTILS_USE_PEP517. See:"
+   eerror "  
https://projects.gentoo.org/python/guide/distutils.html;
+   die "No setup.py found and PEP517 mode not enabled"
fi
 }
 
-- 
2.37.3




[gentoo-dev] [PATCH] eclass/tests/unpacker.sh: Add online tests for makeself

2022-09-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/tests/unpacker.sh | 105 +++
 1 file changed, 105 insertions(+)

diff --git a/eclass/tests/unpacker.sh b/eclass/tests/unpacker.sh
index ea9e64d0a4c7..ef17e724a851 100755
--- a/eclass/tests/unpacker.sh
+++ b/eclass/tests/unpacker.sh
@@ -223,6 +223,67 @@ test_reject_junk() {
rm -f "${archive}" || die
 }
 
+test_online() {
+   local url=${1}
+   local b2sum=${2}
+   local unpacked=${3}
+   local unp_b2sum=${4}
+
+   local filename=${url##*/}
+   local archive=${DISTDIR}/${filename}
+
+   if [[ ! -f ${archive} ]]; then
+   if [[ ${UNPACKER_TESTS_ONLINE} != 1 ]]; then
+   ewarn "Skipping ${filename} test, distfile not found"
+   return
+   fi
+
+   if ! wget -O "${archive}" "${url}"; then
+   die "Fetching ${archive} failed"
+   fi
+   fi
+
+   local real_sum=$(b2sum "${archive}" | cut -d' ' -f1)
+   if [[ ${real_sum} != ${b2sum} ]]; then
+   eerror "Incorrect b2sum on ${filename}"
+   eerror "  expected: ${b2sum}"
+   eerror " found: ${real_sum}"
+   die "Incorrect b2sum on ${filename}"
+   fi
+
+   rm -rf testdir || die
+   mkdir -p testdir || die
+
+   tbegin "unpacking ${filename}"
+   cd testdir || die
+
+   ln -s "${archive}" "${filename}" || die
+
+   local out
+   out=$(
+   _unpacker "${archive}" 2>&1
+   )
+   ret=$?
+   if [[ ${ret} -eq 0 ]]; then
+   if [[ ! -f ${unpacked} ]]; then
+   eerror "${unpacked} not found after unpacking"
+   ret=1
+   else
+   real_sum=$(b2sum "${unpacked}" | cut -d' ' -f1)
+   if [[ ${real_sum} != ${unp_b2sum} ]]; then
+   eerror "Incorrect b2sum on unpacked file 
${unpacked}"
+   eerror "  expected: ${unp_b2sum}"
+   eerror " found: ${real_sum}"
+   ret=1
+   fi
+   fi
+   fi
+   [[ ${ret} -ne 0 ]] && echo "${out}" >&2
+   tend ${ret}
+
+   cd .. || die
+}
+
 test_compressed_file .bz2 bzip2
 test_compressed_file .Z compress
 test_compressed_file .gz gzip
@@ -322,4 +383,48 @@ test_reject_junk .rar
 test_reject_junk .lha
 test_reject_junk .lzh
 
+DISTDIR=$(portageq envvar DISTDIR)
+if [[ -n ${DISTDIR} ]]; then
+   einfo "Using DISTDIR: ${DISTDIR}"
+   if [[ ${UNPACKER_TESTS_ONLINE} != 1 ]]; then
+   ewarn "Online tests will be skipped if distfiles are not found 
already."
+   ewarn "Set UNPACKER_TESTS_ONLINE=1 to enable fetching."
+   fi
+
+   # NB: a good idea to list the last file in the archive (to avoid
+   # passing on partial unpack)
+
+   # TODO: find test cases for makeself 2.0/2.0.1, 2.1.1, 2.1.2, 2.1.3
+
+   # makeself 1.5.4, gzip
+   test_online \
+   http://updates.lokigames.com/sof/sof-1.06a-cdrom-x86.run \
+   
f76f605af08a19b77548455c0101e03aca7cae69462914e47911da2fadd6d4f3b766e1069556ead0d06c757b179ae2e8105e76ea37852f17796b47b4712aec87
 \
+   update.sh \
+   
ba7a3f8fa79bbed8ca3a34ead957aeaa308c6e6d6aedd603098aa9867ca745983ff98c83d65572e507f2c3c4e0778ae4984f8b69d2b8279741b06064253c5788
+
+   # makeself 1.6.0-nv*, xz
+   test_online \
+   
https://download.nvidia.com/XFree86/Linux-x86/390.154/NVIDIA-Linux-x86-390.154.run
 \
+   
083d9dd234a37ec39a703ef7e0eb6ec165c24d2fcb5e92ca987c33df643d0604319eb65ef152c861acacd5a41858ab6b82c45c2c8ff270efc62b07727666daae
 \
+   libEGL_nvidia.so.390.154 \
+   
6665804947e71fb583dc7d5cc3a6f4514f612503000b0a9dbd8da5c362d3c2dcb2895d8cbbf5700a6f0e24cca9b0dd9c2cf5763d6fbb037f55257ac5af7d6084
+
+   # makeself 2.3.0, gzip
+   test_online \
+   
http://www.sdrplay.com/software/SDRplay_RSP_API-Linux-3.07.1.run \
+   
059d9a5fbd14c0e7ecb969cd3e5afe8e3f42896175b443bdaa9f9108302a1c9ef5ad9769e62f824465611d74f67191fff71cc6dbe297e399e5b2f6824c650112
 \
+   i686/sdrplay_apiService \
+   
806393c310d7e60dca7b8afee225bcc50c0d5771bdd04c3fa575eda2e687dc5c888279a7404316438b633fb91565a49899cf634194d43981151a12c6c284a162
+
+   # makeself 2.4.0, gzip
+   test_online \
+   
http://www.sdrplay.com/software/SDRplay_RSP_API-Linux-2.13.1.run \
+   
7eff1aa35190db1ead5b1d96994d24ae2301e3a765d6701756c6304a1719aa32125fedacf6a6859d89b89db5dd6956ec0e8c7e814dbd6242db

[gentoo-dev] Last rites: games-simulation/bcs-demo

2022-09-29 Thread Michał Górny
# Michał Górny  (2022-09-29)
# Unfetchable mirror-restricted distfile.  No action from maintainer
# in over a year.
# Removal on 2022-10-29.  Bug #789477.
games-simulation/bcs-demo

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH 5/5] unpacker.eclass: Check makeself compression without a tempfile

2022-09-28 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index dfcb111e00f5..02000dd5d911 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -243,9 +243,8 @@ unpack_makeself() {
esac
 
# lets grab the first few bytes of the file to figure out what kind of 
archive it is
-   local decomp= filetype suffix tmpfile="${T}/${FUNCNAME}"
-   "${exe[@]}" 2>/dev/null | head -c 512 > "${tmpfile}"
-   filetype=$(file -b "${tmpfile}") || die
+   local decomp= filetype suffix
+   filetype=$("${exe[@]}" 2>/dev/null | head -c 512 | file -b -) || die
case ${filetype} in
*tar\ archive*)
decomp=cat
-- 
2.37.3




[gentoo-dev] [PATCH 4/5] eclass/tests/unpacker.sh: Add tests for makeself

2022-09-28 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/tests/unpacker.sh | 29 +
 1 file changed, 29 insertions(+)

diff --git a/eclass/tests/unpacker.sh b/eclass/tests/unpacker.sh
index b15953966f65..175975798731 100755
--- a/eclass/tests/unpacker.sh
+++ b/eclass/tests/unpacker.sh
@@ -177,6 +177,25 @@ test_gpkg() {
"create_gpkg '${suffix}' '${tool_cmd}' \${archive} \${TESTFILE}"
 }
 
+create_makeself() {
+   local comp_opt=${1}
+   local archive=${2}
+   local infile=${3}
+
+   mkdir test || die
+   cp "${infile}" test/ || die
+   makeself --quiet "${comp_opt}" test "${archive}" test : || die
+   rm -rf test || die
+}
+
+test_makeself() {
+   local comp_opt=${1}
+   local tool=${2}
+
+   test_unpack "makeself-${tool}.sh" test.in "makeself ${tool}" \
+   "create_makeself '${comp_opt}' \${archive} \${TESTFILE}"
+}
+
 test_reject_junk() {
local suffix=${1}
local archive=test${1}
@@ -260,6 +279,16 @@ test_gpkg .lzo lzop
 test_gpkg .xz xz
 test_gpkg .zst zstd
 
+test_makeself --gzip gzip
+test_makeself --zstd zstd
+test_makeself --bzip2 bzip2
+test_makeself --xz xz
+test_makeself --lzo lzop
+test_makeself --lz4 lz4
+test_makeself --compress compress
+test_makeself --base64 base64
+test_makeself --nocomp tar
+
 test_unpack test.zip test.in zip 'zip -q ${archive} ${TESTFILE}'
 # test handling non-adjusted zip with junk prepended
 test_unpack test.zip test.in zip \
-- 
2.37.3




[gentoo-dev] [PATCH 3/5] unpacker.eclass: Support all makeself "compression" methods

2022-09-28 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 12 
 1 file changed, 12 insertions(+)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 660cafce5105..dfcb111e00f5 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -262,6 +262,18 @@ unpack_makeself() {
XZ*)
suffix=xz
;;
+   Zstandard*)
+   suffix=zst
+   ;;
+   lzop*)
+   suffix=lzo
+   ;;
+   LZ4*)
+   suffix=lz4
+   ;;
+   "ASCII text"*)
+   decomp='base64 -d'
+   ;;
*)
die "Unknown filetype \"${filetype}\", for makeself 
${src##*/} ('${ver}' +${skip})"
;;
-- 
2.37.3




[gentoo-dev] [PATCH 2/5] unpacker.eclass: Reuse _unpacker_get_decompressor for makeself

2022-09-28 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 18 ++
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 86641621c949..660cafce5105 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -243,30 +243,32 @@ unpack_makeself() {
esac
 
# lets grab the first few bytes of the file to figure out what kind of 
archive it is
-   local filetype tmpfile="${T}/${FUNCNAME}"
+   local decomp= filetype suffix tmpfile="${T}/${FUNCNAME}"
"${exe[@]}" 2>/dev/null | head -c 512 > "${tmpfile}"
filetype=$(file -b "${tmpfile}") || die
case ${filetype} in
*tar\ archive*)
-   "${exe[@]}" | tar --no-same-owner -xf -
+   decomp=cat
;;
bzip2*)
-   "${exe[@]}" | bzip2 -dc | tar --no-same-owner -xf -
+   suffix=bz2
;;
gzip*)
-   "${exe[@]}" | tar --no-same-owner -xzf -
+   suffix=gz
;;
compress*)
-   "${exe[@]}" | gunzip | tar --no-same-owner -xf -
+   suffix=z
;;
XZ*)
-   "${exe[@]}" | unxz | tar --no-same-owner -xf -
+   suffix=xz
;;
*)
-   eerror "Unknown filetype \"${filetype}\" ?"
-   false
+   die "Unknown filetype \"${filetype}\", for makeself 
${src##*/} ('${ver}' +${skip})"
;;
esac
+
+   [[ -z ${decomp} ]] && decomp=$(_unpacker_get_decompressor ".${suffix}")
+   "${exe[@]}" | ${decomp} | tar --no-same-owner -xf -
assert "failure unpacking (${filetype}) makeself ${src##*/} ('${ver}' 
+${skip})"
 }
 
-- 
2.37.3




[gentoo-dev] [PATCH 1/5] unpacker.eclass: Add support for makeself 2.4.5

2022-09-28 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 8 
 1 file changed, 8 insertions(+)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 3d23151b636e..86641621c949 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -218,6 +218,14 @@ unpack_makeself() {
skip=$(head -n ${skip} "${src}" | wc -c)
exe="dd"
;;
+   2.4.5)
+   # e.g.: skip="713"
+   skip=$(
+   sed -n -e 
'/^skip=/{s:skip="\(.*\)":\1:p;q}' "${src}"
+   )
+   skip=$(head -n "${skip}" "${src}" | wc -c)
+   exe="dd"
+   ;;
*)
eerror "I'm sorry, but I was unable to support 
the Makeself file."
eerror "The version I detected was '${ver}'."
-- 
2.37.3




[gentoo-dev] [PATCH 0/5] unpacker.eclass: makeself improvements + tests

2022-09-28 Thread Michał Górny
Hi,

Here's a smaller batch for unpacker.eclass.  It includes:

- adding support for makeself 2.4.5, i.e. the only version in ::gentoo
  (which is also pretty easy to support, unlike earlier versions)

- adding support for all (reasonable) compression methods that makeself
  2.4.5 supports, including base64 encoding (I've omitted gpg, I don't
  think we can reasonably expect that)

- adding tests for makeself support

Please review.

Also as a PR: https://github.com/gentoo/gentoo/pull/27507


Michał Górny (5):
  unpacker.eclass: Add support for makeself 2.4.5
  unpacker.eclass: Reuse _unpacker_get_decompressor for makeself
  unpacker.eclass: Support all makeself "compression" methods
  eclass/tests/unpacker.sh: Add tests for makeself
  unpacker.eclass: Check makeself compression without a tempfile

 eclass/tests/unpacker.sh | 29 
 eclass/unpacker.eclass   | 41 ++--
 2 files changed, 60 insertions(+), 10 deletions(-)

-- 
2.37.3




Re: [gentoo-dev] [PATCH] distutils-r1.eclass: fix typo in comment

2022-09-26 Thread Michał Górny
On Tue, 2022-09-20 at 17:17 +0200, Petr Vaněk wrote:
> Signed-off-by: Petr Vaněk 
> ---
>  eclass/distutils-r1.eclass | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
> index 60f81473c0a..27bd9207743 100644
> --- a/eclass/distutils-r1.eclass
> +++ b/eclass/distutils-r1.eclass
> @@ -728,8 +728,8 @@ esetup.py() {
>  # to unmerge the package first.
>  #
>  # This function is not available in PEP517 mode.  The eclass provides
> -# a venv-style install unconditionally therefore, and therefore it
> -# should no longer be necessary.
> +# a venv-style install unconditionally and therefore it should no longer
> +# be necessary.
>  distutils_install_for_testing() {
>   debug-print-function ${FUNCNAME} "${@}"
>  

Thanks for the patch.  While this is definitely good, I'm a bit
reluctant to force the big cache regen for this, so I'd rather wait till
we have some more changes in queue.  I'm a bit afraid I won't remember
about it though.

-- 
Best regards,
Michał Górny




[gentoo-dev] Last rites: games-sports/torcs

2022-09-26 Thread Michał Górny
# Michał Górny  (2022-09-26)
# Bundles a vulnerable version of dev-libs/expat.  The current Gentoo
# version is from 2014, pending bump to the last upstream release
# from 2016.  Effectively unmaintained.  EAPI 6.
# Removal on 2022-10-26.  Bug #253517.
games-sports/torcs

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH v2 3/3] glep-0074: Clarify the hex encoding of hash values

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 8 
 1 file changed, 8 insertions(+)

diff --git a/glep-0074.rst b/glep-0074.rst
index 16cbb67..06e961f 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -418,6 +418,14 @@ Checksum algorithms
| ``WHIRLPOOL``   | Whirlpool [#BARRETO]_ | 512  | Hex  | |
+-+---+--+--+-+
 
+The following hash value encodings are used:
+
+Hex
+  The hash value expressed as an unsigned hexadecimal integer,
+  using digits ``0`` to ``9`` and lowercase letters ``a`` to ``f``,
+  with no prefix or suffix.
+
+
 Any new hashes must be added to this specification prior to being used
 in Manifest files. Adding a new hash is considered
 a backwards-compatible change to the GLEP. It is recommended that new
-- 
2.37.3




[gentoo-dev] [PATCH v2 2/3] glep-0074: Specify the format of size and checksum fields

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 13 +
 1 file changed, 13 insertions(+)

diff --git a/glep-0074.rst b/glep-0074.rst
index 54bf216..16cbb67 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -191,6 +191,19 @@ The encoding can be used for other characters as well. In 
particular,
 escaping non-printable characters might be desirable.
 
 
+Size and checksum fields
+
+
+The Manifest entries used to describe files list the file size in bytes
+and one or more checksums. The size is expressed as an unsigned decimal
+integer. The checksums are expressed using pairs of fields, with
+the first field in every pair specifying the hash name and the second
+field its value. The names of hashes and the encoding of their values
+are specified in the `checksum algorithms`_ section.
+
+It is invalid to specify a hash name without a value.
+
+
 File verification
 -
 
-- 
2.37.3




[gentoo-dev] [PATCH v2 1/3] glep-0074: Clarify that DIST entries are specific to PMs

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 7f53302..54bf216 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -8,7 +8,7 @@ Type: Standards Track
 Status: Final
 Version: 1.3
 Created: 2017-10-21
-Last-Modified: 2022-09-21
+Last-Modified: 2022-09-23
 Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
 Content-Type: text/x-rst
 Requires: 59, 61
@@ -286,6 +286,9 @@ The Manifest files can specify the following tags:
   ``DIST`` entries apply to all packages below the Manifest file
   specifying them.
 
+  This entry is specific to package manager use and it is not used
+  when verifying local directories.
+
 
 Deprecated Manifest tags
 
-- 
2.37.3




[gentoo-dev] [PATCH v2 0/3] glep-0074: clarifications about size and checksum fields

2022-09-25 Thread Michał Górny
Hi,

Changes in v2: clarified that size is in bytes.


Michał Górny (3):
  glep-0074: Clarify that DIST entries are specific to PMs
  glep-0074: Specify the format of size and checksum fields
  glep-0074: Clarify the hex encoding of hash values

 glep-0074.rst | 26 +-
 1 file changed, 25 insertions(+), 1 deletion(-)

-- 
2.37.3




Re: [gentoo-dev] [PATCH 2/3] glep-0074: Specify the format of size and checksum fields

2022-09-25 Thread Michał Górny
On Sat, 2022-09-24 at 18:09 -0500, John Helmert III wrote:
> On Fri, Sep 23, 2022 at 04:03:54PM +0200, Michał Górny wrote:
> > Signed-off-by: Michał Górny 
> > ---
> >  glep-0074.rst | 13 +
> >  1 file changed, 13 insertions(+)
> > 
> > diff --git a/glep-0074.rst b/glep-0074.rst
> > index 54bf216..bfbe092 100644
> > --- a/glep-0074.rst
> > +++ b/glep-0074.rst
> > @@ -191,6 +191,19 @@ The encoding can be used for other characters as well. 
> > In particular,
> >  escaping non-printable characters might be desirable.
> >  
> >  
> > +Size and checksum fields
> > +
> > +
> > +The Manifest entries used to describe files list the file size and one
> > +or more checksums. The size is expressed as an unsigned decimal integer.
> 
> "an unsigned decimal integer" representing the file's size in bytes
> (rather than bits, or nibbles, or $UNIT), right?
> 

Very well.  I'm afraid this is going to break some existing
implementations that preferred to measure in inches but gotta live with
it.

-- 
Best regards,
Michał Górny




Re: [gentoo-dev] [PATCH 0/3] glep-0074: clarifications about size and checksum fields

2022-09-25 Thread Michał Górny
On Fri, 2022-09-23 at 17:58 +, Sheng Yu wrote:
> Hi,
> 
> The hash does not need to be lowercase. It can be a quick fix in portage to 
> accept any case.
> 

I'm all for fixing Portage but I don't think we should be breaking
backwards compatibility over this.

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH 15/15] unpacker.eclass: Unpack .deb packages on-the-fly as well

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 60 +++---
 1 file changed, 33 insertions(+), 27 deletions(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 100f11428622..3d23151b636e 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -273,33 +273,39 @@ unpack_deb() {
 
unpack_banner "${deb}"
 
-   # on AIX ar doesn't work out as their ar used a different format
-   # from what GNU ar (and thus what .deb files) produce
-   if [[ -n ${EPREFIX} ]] ; then
-   {
-   read # global header
-   [[ ${REPLY} = "!" ]] || die "${deb} does not seem 
to be a deb archive"
-   local f timestamp uid gid mode size magic
-   while read f timestamp uid gid mode size magic ; do
-   [[ -n ${f} && -n ${size} ]] || continue # 
ignore empty lines
-   # GNU ar uses / as filename terminator (and 
.deb permits that)
-   f=${f%/}
-   if [[ ${f} = "data.tar"* ]] ; then
-   head -c "${size}" > "${f}"
-   else
-   head -c "${size}" > /dev/null # trash it
-   fi
-   done
-   } < "${deb}"
-   else
-   $(tc-getBUILD_AR) x "${deb}" || die
-   fi
-
-   unpacker ./data.tar*
-
-   # Clean things up #458658.  No one seems to actually care about
-   # these, so wait until someone requests to do something else ...
-   rm -f debian-binary {control,data}.tar*
+   {
+   # on AIX ar doesn't work out as their ar used a different format
+   # from what GNU ar (and thus what .deb files) produce
+   if [[ -n ${EPREFIX} ]] ; then
+   {
+   read # global header
+   [[ ${REPLY} = "!" ]] || die "${deb} does 
not seem to be a deb archive"
+   local f timestamp uid gid mode size magic
+   while read f timestamp uid gid mode size magic 
; do
+   [[ -n ${f} && -n ${size} ]] || continue 
# ignore empty lines
+   # GNU ar uses / as filename terminator 
(and .deb permits that)
+   f=${f%/}
+   if [[ ${f} = "data.tar"* ]] ; then
+   local 
decomp=$(_unpacker_get_decompressor "${f}")
+   head -c "${size}" | 
${decomp:-cat}
+   assert "unpacking ${f} from 
${deb} failed"
+   break
+   else
+   head -c "${size}" > /dev/null # 
trash it
+   fi
+   done
+   } < "${deb}"
+   else
+   local f=$(
+   $(tc-getBUILD_AR) t "${deb}" | grep ^data.tar
+   assert "data not found in ${deb}"
+   )
+   local decomp=$(_unpacker_get_decompressor "${f}")
+   $(tc-getBUILD_AR) p "${deb}" "${f}" | ${decomp:-cat}
+   assert "unpacking ${f} from ${deb} failed"
+   fi
+   } | tar --no-same-owner -x
+   assert "unpacking ${deb} failed"
 }
 
 # @FUNCTION: unpack_cpio
-- 
2.37.3




[gentoo-dev] [PATCH 14/15] unpacker.eclass: Fix handling GNU ar archives in hand-weaved impl

2022-09-25 Thread Michał Górny
Fix the hand-weaved implementation of ar unpacking that is used
on Prefix to handle slash-terminated filenames of GNU ar format
correctly.

Signed-off-by: Michał Górny 
---
 eclass/tests/unpacker.sh | 4 
 eclass/unpacker.eclass   | 2 ++
 2 files changed, 6 insertions(+)

diff --git a/eclass/tests/unpacker.sh b/eclass/tests/unpacker.sh
index bbbfa32623ab..e42e656756c4 100755
--- a/eclass/tests/unpacker.sh
+++ b/eclass/tests/unpacker.sh
@@ -134,6 +134,10 @@ test_deb() {
 
test_unpack "test-${tool}_1.2.3_noarch.deb" test.in "ar tar ${tool}" \
"create_deb '${suffix}' '${tool_cmd}' \${archive} \${TESTFILE}"
+   # also test with the hand-weaved implementation used on Prefix
+   EPREFIX=/foo \
+   test_unpack "test_pfx-${tool}_1.2.3_noarch.deb" test.in "ar tar 
${tool}" \
+   "create_deb '${suffix}' '${tool_cmd}' \${archive} \${TESTFILE}"
 }
 
 create_gpkg() {
diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 370f00a83bba..100f11428622 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -282,6 +282,8 @@ unpack_deb() {
local f timestamp uid gid mode size magic
while read f timestamp uid gid mode size magic ; do
[[ -n ${f} && -n ${size} ]] || continue # 
ignore empty lines
+   # GNU ar uses / as filename terminator (and 
.deb permits that)
+   f=${f%/}
if [[ ${f} = "data.tar"* ]] ; then
head -c "${size}" > "${f}"
else
-- 
2.37.3




[gentoo-dev] [PATCH 13/15] unpacker.eclass: Support lbzip2 as parallel bz2 decompressor

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index d96b56609869..370f00a83bba 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -30,7 +30,8 @@ inherit multiprocessing toolchain-funcs
 # @DEFAULT_UNSET
 # @DESCRIPTION:
 # Utility to use to decompress bzip2 files.  Will dynamically pick between
-# `pbzip2` and `bzip2`.  Make sure your choice accepts the "-dc" options.
+# `lbzip2`, `pbzip2` and `bzip2`.  Make sure your choice accepts the "-dc"
+# options.
 # Note: this is meant for users to set, not ebuilds.
 
 # @ECLASS_VARIABLE: UNPACKER_LZIP
@@ -387,7 +388,9 @@ unpack_lha() {
 _unpacker_get_decompressor() {
case ${1} in
*.bz2|*.tbz|*.tbz2)
-   local bzcmd=${PORTAGE_BZIP2_COMMAND:-$(type -P pbzip2 || type 
-P bzip2)}
+   local bzcmd=${PORTAGE_BZIP2_COMMAND:-$(
+   type -P lbzip2 || type -P pbzip2 || type -P bzip2
+   )}
local bzuncmd=${PORTAGE_BUNZIP2_COMMAND:-${bzcmd} -d}
: ${UNPACKER_BZ2:=${bzuncmd}}
echo "${UNPACKER_BZ2} -c"
-- 
2.37.3




[gentoo-dev] [PATCH 12/15] unpacker.eclass: decompress xz in parallel

2022-09-25 Thread Michał Górny
From: Sam James 

>= xz 5.3.3_alpha supports parallel decompression, so let's use it.

As recently added to Portage (see 
https://github.com/gentoo/portage/commit/48d107e5c1a103d59a053aebeefa9a5aac5c32ff).

Signed-off-by: Sam James 
---
 eclass/unpacker.eclass | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 70a46ac19709..d96b56609869 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -23,7 +23,7 @@ esac
 if [[ -z ${_UNPACKER_ECLASS} ]]; then
 _UNPACKER_ECLASS=1
 
-inherit toolchain-funcs
+inherit multiprocessing toolchain-funcs
 
 # @ECLASS_VARIABLE: UNPACKER_BZ2
 # @USER_VARIABLE
@@ -395,7 +395,7 @@ _unpacker_get_decompressor() {
*.z|*.gz|*.tgz)
echo "gzip -dc" ;;
*.lzma|*.xz|*.txz)
-   echo "xz -dc" ;;
+   echo "xz -T$(makeopts_jobs) -dc" ;;
*.lz)
: ${UNPACKER_LZIP:=$(type -P plzip || type -P pdlzip || type -P 
lzip)}
echo "${UNPACKER_LZIP} -dc" ;;
-- 
2.37.3




[gentoo-dev] [PATCH 11/15] sys-kernel/gentoo-kernel-bin: Use unpacker.eclass for .gpkg.tar

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 .../gentoo-kernel-bin-5.19.11.ebuild| 17 ++---
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/sys-kernel/gentoo-kernel-bin/gentoo-kernel-bin-5.19.11.ebuild 
b/sys-kernel/gentoo-kernel-bin/gentoo-kernel-bin-5.19.11.ebuild
index 966fadbe839a..0ba336c5c1aa 100644
--- a/sys-kernel/gentoo-kernel-bin/gentoo-kernel-bin-5.19.11.ebuild
+++ b/sys-kernel/gentoo-kernel-bin/gentoo-kernel-bin-5.19.11.ebuild
@@ -3,7 +3,7 @@
 
 EAPI=8
 
-inherit kernel-install toolchain-funcs
+inherit kernel-install toolchain-funcs unpacker
 
 MY_P=linux-${PV%.*}
 GENPATCHES_P=genpatches-${PV%.*}-$(( ${PV##*.} + 2 ))
@@ -55,11 +55,6 @@ QA_PREBUILT='*'
 KV_LOCALVERSION='-gentoo-dist'
 KPV=${PV}${KV_LOCALVERSION}
 
-src_unpack() {
-   default
-   unpack "${BINPKG}"/image.tar.xz
-}
-
 src_prepare() {
local PATCHES=(
# meh, genpatches have no directory
@@ -102,22 +97,22 @@ src_configure() {
)
 
mkdir modprep || die
-   cp "image/usr/src/linux-${KPV}/.config" modprep/ || die
+   cp "${BINPKG}/image/usr/src/linux-${KPV}/.config" modprep/ || die
emake -C "${MY_P}" "${makeargs[@]}" modules_prepare
 }
 
 src_test() {
kernel-install_test "${KPV}" \
-   
"${WORKDIR}/image/usr/src/linux-${KPV}/$(dist-kernel_get_image_path)" \
-   "image/lib/modules/${KPV}"
+   
"${WORKDIR}/${BINPKG}/image/usr/src/linux-${KPV}/$(dist-kernel_get_image_path)" 
\
+   "${BINPKG}/image/lib/modules/${KPV}"
 }
 
 src_install() {
-   mv image/{lib,usr} "${ED}"/ || die
+   mv "${BINPKG}"/image/{lib,usr} "${ED}"/ || die
 
# FIXME: requires proper mount-boot
if [[ -d boot/dtbs ]]; then
-   mv image/boot "${ED}"/ || die
+   mv "${BINPKG}"/image/boot "${ED}"/ || die
fi
 
# strip out-of-source build stuffs from modprep
-- 
2.37.3




[gentoo-dev] [PATCH 10/15] unpacker.eclass: Add on-the-fly .gpkg.tar unpacking support

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/tests/unpacker.sh | 47 
 eclass/unpacker.eclass   | 38 
 2 files changed, 85 insertions(+)

diff --git a/eclass/tests/unpacker.sh b/eclass/tests/unpacker.sh
index 60b651759a52..bbbfa32623ab 100755
--- a/eclass/tests/unpacker.sh
+++ b/eclass/tests/unpacker.sh
@@ -136,6 +136,43 @@ test_deb() {
"create_deb '${suffix}' '${tool_cmd}' \${archive} \${TESTFILE}"
 }
 
+create_gpkg() {
+   local suffix=${1}
+   local tool=${2}
+   local archive=${3}
+   local infile=${4}
+   local gpkg_dir=${archive%.gpkg.tar}
+
+   mkdir image metadata "${gpkg_dir}" || die
+   cp "${infile}" image/ || die
+   tar -c metadata | ${tool} > "${gpkg_dir}/metadata.tar${suffix}"
+   assert "packing metadata.tar${suffix} failed"
+   : > "${gpkg_dir}/metadata.tar${suffix}.sig" || die
+   tar -c image | ${tool} > "${gpkg_dir}/image.tar${suffix}"
+   assert "packing image.tar${suffix} failed"
+   : > "${gpkg_dir}/image.tar${suffix}.sig" || die
+   : > "${gpkg_dir}"/gpkg-1 || die
+   tar -cf "${archive}" --format=ustar \
+   "${gpkg_dir}"/{gpkg-1,{metadata,image}.tar"${suffix}"} || die
+   rm -r image metadata "${gpkg_dir}" || die
+}
+
+test_gpkg() {
+   local suffix=${1}
+   local tool=${2}
+   local tool_cmd
+
+   if [[ -n ${tool} ]]; then
+   tool_cmd="${tool} -c"
+   else
+   tool_cmd=cat
+   fi
+
+   test_unpack "test-${tool}-1.2.3-1.gpkg.tar" \
+   "test-${tool}-1.2.3-1/image/test.in" "tar ${tool}" \
+   "create_gpkg '${suffix}' '${tool_cmd}' \${archive} \${TESTFILE}"
+}
+
 test_reject_junk() {
local suffix=${1}
local archive=test${1}
@@ -209,6 +246,16 @@ test_deb .xz xz
 test_deb .bz2 bzip2
 test_deb .lzma lzma
 
+test_gpkg
+test_gpkg .gz gzip
+test_gpkg .bz2 bzip2
+test_gpkg .lz4 lz4
+test_gpkg .lz lzip
+test_gpkg .lzma lzma
+test_gpkg .lzo lzop
+test_gpkg .xz xz
+test_gpkg .zst zstd
+
 test_unpack test.zip test.in zip 'zip -q ${archive} ${TESTFILE}'
 # test handling non-adjusted zip with junk prepended
 test_unpack test.zip test.in zip \
diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index a64c5eae18aa..70a46ac19709 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -408,6 +408,42 @@ _unpacker_get_decompressor() {
esac
 }
 
+# @FUNCTION: unpack_gpkg
+# @USAGE: 
+# @DESCRIPTION:
+# Unpack the image subarchive of a GPKG package on-the-fly, preserving
+# the original directory structure (i.e. into /image).
+unpack_gpkg() {
+   [[ $# -eq 1 ]] || die "Usage: ${FUNCNAME} "
+
+   local gpkg=$(find_unpackable_file "$1")
+   unpack_banner "${gpkg}"
+
+   local l images=()
+   while read -r l; do
+   case ${l} in
+   */image.tar*.sig)
+   ;;
+   */image.tar*)
+   images+=( "${l}" )
+   ;;
+   esac
+   done < <(tar -tf "${gpkg}" || die "unable to list ${gpkg}")
+
+   if [[ ${#images[@]} -eq 0 ]]; then
+   die "No image.tar found in ${gpkg}"
+   elif [[ ${#images[@]} -gt 1 ]]; then
+   die "More than one image.tar found in ${gpkg}"
+   fi
+
+   local decomp=$(_unpacker_get_decompressor "${images[0]}")
+   local dirname=${images[0]%/*}
+   mkdir -p "${dirname}" || die
+   tar -xOf "${gpkg}" "${images[0]}" | ${decomp:-cat} |
+   tar --no-same-owner -xC "${dirname}"
+   assert "Unpacking ${gpkg} failed"
+}
+
 # @FUNCTION: _unpacker
 # @USAGE: 
 # @INTERNAL
@@ -427,6 +463,8 @@ _unpacker() {
# then figure out if there are any archiving aspects
local arch=""
case ${m} in
+   *.gpkg.tar)
+   arch="unpack_gpkg" ;;
*.tgz|*.tbz|*.tbz2|*.txz|*.tar.*|*.tar)
arch="tar --no-same-owner -xof" ;;
*.cpio.*|*.cpio)
-- 
2.37.3




[gentoo-dev] [PATCH 09/15] unpacker.eclass: Add support for .lz4 and .lzo compression

2022-09-25 Thread Michał Górny
Add support for .lz4 and .lzo formats that can be used for .tar.gpkg
compression.

Signed-off-by: Michał Górny 
---
 eclass/tests/unpacker.sh | 7 +++
 eclass/unpacker.eclass   | 8 
 2 files changed, 15 insertions(+)

diff --git a/eclass/tests/unpacker.sh b/eclass/tests/unpacker.sh
index af979b0e2995..60b651759a52 100755
--- a/eclass/tests/unpacker.sh
+++ b/eclass/tests/unpacker.sh
@@ -165,6 +165,8 @@ test_compressed_file .lzma lzma
 test_compressed_file .xz xz
 test_compressed_file .lz lzip
 test_compressed_file .zst zstd
+test_compressed_file .lz4 lz4
+test_compressed_file .lzo lzop
 
 test_compressed_file_multistream .bz2 bzip2
 test_compressed_file_multistream .gz gzip
@@ -187,6 +189,8 @@ test_compressed_tar .tar.xz xz
 test_compressed_tar .txz xz
 test_compressed_tar .tar.lz lzip
 test_compressed_tar .tar.zst zstd
+test_compressed_tar .tar.lz4 lz4
+test_compressed_tar .tar.lzo lzop
 
 test_unpack test.cpio test.in cpio 'cpio -o --quiet <<<${TESTFILE} > 
${archive}'
 test_compressed_cpio .cpio.bz2 bzip2
@@ -196,6 +200,8 @@ test_compressed_cpio .cpio.lzma lzma
 test_compressed_cpio .cpio.xz xz
 test_compressed_cpio .cpio.lz lzip
 test_compressed_cpio .cpio.zst zstd
+test_compressed_cpio .cpio.lz4 lz4
+test_compressed_cpio .cpio.lzo lzop
 
 test_deb
 test_deb .gz gzip
@@ -223,6 +229,7 @@ test_reject_junk .lz
 test_reject_junk .zst
 test_reject_junk .tar
 test_reject_junk .cpio
+test_reject_junk .gpkg.tar
 test_reject_junk .deb
 test_reject_junk .zip
 test_reject_junk .7z
diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 8fb1c2abd1cf..a64c5eae18aa 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -401,6 +401,10 @@ _unpacker_get_decompressor() {
echo "${UNPACKER_LZIP} -dc" ;;
*.zst)
echo "zstd -dc" ;;
+   *.lz4)
+   echo "lz4 -dc" ;;
+   *.lzo)
+   echo "lzop -dc" ;;
esac
 }
 
@@ -535,6 +539,10 @@ unpacker_src_uri_depends() {
d="app-arch/zstd" ;;
*.lha|*.lzh)
d="app-arch/lha" ;;
+   *.lz4)
+   d="app-arch/lz4" ;;
+   *.lzo)
+   d="app-arch/lzop" ;;
esac
deps+=" ${d}"
done
-- 
2.37.3




[gentoo-dev] [PATCH 08/15] unpacker.eclass: Move decompressor recognition into a function

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 44 +-
 1 file changed, 26 insertions(+), 18 deletions(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index ca6761488100..8fb1c2abd1cf 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -379,6 +379,31 @@ unpack_lha() {
lha xfq "${lha}" || die "unpacking ${lha} failed (arch=unpack_lha)"
 }
 
+# @FUNCTION: _unpacker_get_decompressor
+# @INTERNAL
+# @USAGE: 
+# @DESCRIPTION:
+# Get decompressor command for specified filename.
+_unpacker_get_decompressor() {
+   case ${1} in
+   *.bz2|*.tbz|*.tbz2)
+   local bzcmd=${PORTAGE_BZIP2_COMMAND:-$(type -P pbzip2 || type 
-P bzip2)}
+   local bzuncmd=${PORTAGE_BUNZIP2_COMMAND:-${bzcmd} -d}
+   : ${UNPACKER_BZ2:=${bzuncmd}}
+   echo "${UNPACKER_BZ2} -c"
+   ;;
+   *.z|*.gz|*.tgz)
+   echo "gzip -dc" ;;
+   *.lzma|*.xz|*.txz)
+   echo "xz -dc" ;;
+   *.lz)
+   : ${UNPACKER_LZIP:=$(type -P plzip || type -P pdlzip || type -P 
lzip)}
+   echo "${UNPACKER_LZIP} -dc" ;;
+   *.zst)
+   echo "zstd -dc" ;;
+   esac
+}
+
 # @FUNCTION: _unpacker
 # @USAGE: 
 # @INTERNAL
@@ -393,24 +418,7 @@ _unpacker() {
a=$(find_unpackable_file "${a}")
 
# first figure out the decompression method
-   local comp=""
-   case ${m} in
-   *.bz2|*.tbz|*.tbz2)
-   local bzcmd=${PORTAGE_BZIP2_COMMAND:-$(type -P pbzip2 || type 
-P bzip2)}
-   local bzuncmd=${PORTAGE_BUNZIP2_COMMAND:-${bzcmd} -d}
-   : ${UNPACKER_BZ2:=${bzuncmd}}
-   comp="${UNPACKER_BZ2} -c"
-   ;;
-   *.z|*.gz|*.tgz)
-   comp="gzip -dc" ;;
-   *.lzma|*.xz|*.txz)
-   comp="xz -dc" ;;
-   *.lz)
-   : ${UNPACKER_LZIP:=$(type -P plzip || type -P pdlzip || type -P 
lzip)}
-   comp="${UNPACKER_LZIP} -dc" ;;
-   *.zst)
-   comp="zstd -dc" ;;
-   esac
+   local comp=$(_unpacker_get_decompressor "${m}")
 
# then figure out if there are any archiving aspects
local arch=""
-- 
2.37.3




[gentoo-dev] [PATCH 07/15] unpacker.eclass: Remove uppercase RAR/LHA variants

2022-09-25 Thread Michał Górny
Remove the uppercase variants of RAR/LHA that were copied from Portage
implementation.  The functions always convert filenames to lowercase,
so accounting for them is redundant.

Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index e07c25d0ffa9..ca6761488100 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -444,9 +444,9 @@ _unpacker() {
case ${m} in
*.7z)
arch="unpack_7z" ;;
-   *.rar|*.RAR)
+   *.rar)
arch="unpack_rar" ;;
-   *.LHA|*.LHa|*.lha|*.lzh)
+   *.lha|*.lzh)
arch="unpack_lha" ;;
esac
fi
@@ -513,7 +513,7 @@ unpacker_src_uri_depends() {
case ${m} in
*.cpio.*|*.cpio)
d="app-arch/cpio" ;;
-   *.rar|*.RAR)
+   *.rar)
d="app-arch/unrar" ;;
*.7z)
d="app-arch/p7zip" ;;
@@ -525,7 +525,7 @@ unpacker_src_uri_depends() {
d="|| ( app-arch/plzip app-arch/pdlzip app-arch/lzip )" 
;;
*.zst)
d="app-arch/zstd" ;;
-   *.LHA|*.LHa|*.lha|*.lzh)
+   *.lha|*.lzh)
d="app-arch/lha" ;;
esac
deps+=" ${d}"
-- 
2.37.3




[gentoo-dev] [PATCH 06/15] unpacker.eclass: Use lowercase in unpacker_src_uri_depends

2022-09-25 Thread Michał Górny
Transform the URIs to lowercase in unpacker_src_uri_depends() for
consistency with the behavior of _unpacker().

Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 482cf141ee1d..e07c25d0ffa9 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -509,7 +509,8 @@ unpacker_src_uri_depends() {
fi
 
for uri in "$@" ; do
-   case ${uri} in
+   local m=${uri,,}
+   case ${m} in
*.cpio.*|*.cpio)
d="app-arch/cpio" ;;
*.rar|*.RAR)
-- 
2.37.3




[gentoo-dev] [PATCH 05/15] unpacker.eclass: Use bash substitution instead of tr for lowercase

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 915a31c86437..482cf141ee1d 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -389,7 +389,7 @@ _unpacker() {
[[ $# -eq 1 ]] || die "Usage: ${FUNCNAME} "
 
local a=$1
-   local m=$(echo "${a}" | tr '[:upper:]' '[:lower:]')
+   local m=${a,,}
a=$(find_unpackable_file "${a}")
 
# first figure out the decompression method
-- 
2.37.3




[gentoo-dev] [PATCH 04/15] unpacker.eclass: Remove support for EAPI 5

2022-09-25 Thread Michał Górny
There are no ebuilds using it in EAPI 5 anymore, and it is the last EAPI
requiring support for bash 3.2.

Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index 1f2f09e33ad6..915a31c86437 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -4,7 +4,7 @@
 # @ECLASS: unpacker.eclass
 # @MAINTAINER:
 # base-sys...@gentoo.org
-# @SUPPORTED_EAPIS: 5 6 7 8
+# @SUPPORTED_EAPIS: 6 7 8
 # @BLURB: helpers for extraneous file formats and consistent behavior across 
EAPIs
 # @DESCRIPTION:
 # Some extraneous file formats are not part of PMS, or are only in certain
@@ -16,7 +16,7 @@
 #  - support partial unpacks?
 
 case ${EAPI:-0} in
-   [5678]) ;;
+   [678]) ;;
*) die "${ECLASS}: EAPI ${EAPI:-0} not supported" ;;
 esac
 
@@ -440,7 +440,7 @@ _unpacker() {
esac
 
# 7z, rar and lha/lzh are handled by package manager in EAPI < 8
-   if [[ ${EAPI} != [567] ]]; then
+   if [[ ${EAPI} != [67] ]]; then
case ${m} in
*.7z)
arch="unpack_7z" ;;
-- 
2.37.3




[gentoo-dev] [PATCH 03/15] unpacker.eclass: Fix unpack_7z to respect the exit status

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index c26523a419df..1f2f09e33ad6 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -344,8 +344,11 @@ unpack_7z() {
 
local p7z=$(find_unpackable_file "$1")
unpack_banner "${p7z}"
-   local output="$(7z x -y "${p7z}")"
 
+   # warning: putting local and command substitution in a single call
+   # discards the exit status!
+   local output
+   output="$(7z x -y "${p7z}")"
if [ $? -ne 0 ]; then
echo "${output}" >&2
die "unpacking ${p7z} failed (arch=unpack_7z)"
-- 
2.37.3




[gentoo-dev] [PATCH 02/15] unpacker.eclass: Remove `-f` from zstd arguments

2022-09-25 Thread Michał Górny
Remove `-f` from zstd arguments.  This option causes zstd to ignore
input errors, notably causing it to pass invalid files through rather
than returning an error.

Closes: https://bugs.gentoo.org/872662
Signed-off-by: Michał Górny 
---
 eclass/unpacker.eclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eclass/unpacker.eclass b/eclass/unpacker.eclass
index f6e83c53bf23..c26523a419df 100644
--- a/eclass/unpacker.eclass
+++ b/eclass/unpacker.eclass
@@ -406,7 +406,7 @@ _unpacker() {
: ${UNPACKER_LZIP:=$(type -P plzip || type -P pdlzip || type -P 
lzip)}
comp="${UNPACKER_LZIP} -dc" ;;
*.zst)
-   comp="zstd -dfc" ;;
+   comp="zstd -dc" ;;
esac
 
# then figure out if there are any archiving aspects
-- 
2.37.3




[gentoo-dev] [PATCH 01/15] eclass/tests: Add tests for unpacker.eclass

2022-09-25 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/tests/tests-common.sh |   7 ++
 eclass/tests/unpacker.sh | 233 +++
 2 files changed, 240 insertions(+)
 create mode 100755 eclass/tests/unpacker.sh

diff --git a/eclass/tests/tests-common.sh b/eclass/tests/tests-common.sh
index a677842b6ac5..45b1e20b933a 100644
--- a/eclass/tests/tests-common.sh
+++ b/eclass/tests/tests-common.sh
@@ -60,6 +60,13 @@ die() {
exit 1
 }
 
+assert() {
+   local x pipestatus=${PIPESTATUS[*]}
+   for x in ${pipestatus} ; do
+   [[ ${x} -eq 0 ]] || die "$@"
+   done
+}
+
 has_version() {
while [[ $1 == -* ]]; do
shift
diff --git a/eclass/tests/unpacker.sh b/eclass/tests/unpacker.sh
new file mode 100755
index ..af979b0e2995
--- /dev/null
+++ b/eclass/tests/unpacker.sh
@@ -0,0 +1,233 @@
+#!/bin/bash
+# Copyright 2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+source tests-common.sh || exit
+
+inherit unpacker
+
+# silence the output
+unpack_banner() { :; }
+
+TESTFILE=test.in
+TESTDIR=$(mktemp -d || die)
+trap 'cd - >/dev/null && rm -r "${TESTDIR}"' EXIT
+
+# prepare some test data
+# NB: we need something "compressible", as compress(1) will return
+# an error if the file "is larger than before compression"
+cp ../unpacker.eclass "${TESTDIR}/${TESTFILE}" || die
+cd "${TESTDIR}" || die
+
+test_unpack() {
+   local archive=${1}
+   local unpacked=${2}
+   local deps=${3}
+   local packcmd=${4}
+
+   local x
+   for x in ${deps}; do
+   if ! type "${x}" &>/dev/null; then
+   ewarn "Skipping ${archive}, tool ${x} not found"
+   return
+   fi
+   done
+
+   rm -rf testdir || die
+   mkdir -p testdir || die
+
+   tbegin "unpacking ${archive}"
+   eval "${packcmd}"
+   assert "packing ${archive} failed"
+   cd testdir || die
+   local out
+   out=$(
+   _unpacker "../${archive}" 2>&1
+   )
+   ret=$?
+   if [[ ${ret} -eq 0 ]]; then
+   if [[ ! -f ${unpacked} ]]; then
+   eerror "${unpacked} not found after unpacking"
+   ret=1
+   elif ! diff -u "${unpacked}" "../${TESTFILE}"; then
+   eerror "${unpacked} different than input"
+   ret=1
+   fi
+   fi
+   [[ ${ret} -ne 0 ]] && echo "${out}" >&2
+   tend ${ret}
+
+   cd .. || die
+   rm -f "${archive}" || die
+}
+
+test_compressed_file() {
+   local suffix=${1}
+   local tool=${2}
+
+   test_unpack "test${suffix}" test "${tool}" \
+   "${tool} -c \${TESTFILE} > \${archive}"
+}
+
+test_compressed_file_multistream() {
+   local suffix=${1}
+   local tool=${2}
+
+   test_unpack "test+multistream${suffix}" "test+multistream" "${tool}" \
+   "head -n 300 \${TESTFILE} | ${tool} -c > \${archive} &&
+   tail -n +301 \${TESTFILE} | ${tool} -c >> \${archive}"
+}
+
+test_compressed_file_with_junk() {
+   local suffix=${1}
+   local tool=${2}
+   local flag=${3}
+
+   test_unpack "test+junk${suffix}" "test+junk" "${tool}" \
+   "${tool} -c \${TESTFILE} > \${archive} && cat test.in >> 
\${archive}"
+}
+
+test_compressed_tar() {
+   local suffix=${1}
+   local tool=${2}
+
+   test_unpack "test${suffix}" test.in "tar ${tool}" \
+   "tar -c \${TESTFILE} | ${tool} -c > \${archive}"
+}
+
+test_compressed_cpio() {
+   local suffix=${1}
+   local tool=${2}
+
+   test_unpack "test${suffix}" test.in "cpio ${tool}" \
+   "cpio -o --quiet <<<\${TESTFILE} | ${tool} -c > \${archive}"
+}
+
+create_deb() {
+   local suffix=${1}
+   local tool=${2}
+   local archive=${3}
+   local infile=${4}
+
+   echo 2.0 > debian-binary || die
+   : > control || die
+   tar -cf control.tar control || die
+   tar -c "${infile}" | ${tool} > "data.tar${suffix}"
+   assert "packing data.tar${suffix} failed"
+   ar r "${archive}" debian-binary control.tar "data.tar${suffix}" \
+   2>/dev/null || die
+   rm -f control control.tar "data.tar${suffix}" debian-binary || die
+}
+
+test_deb() {
+   local suffix=${1}
+   local tool=${2}
+   local tool_cmd
+
+   if [[ -n ${tool} ]]; then
+

[gentoo-dev] [PATCH 00/15] unpacker.eclass: Tests, bugfixes and GPKG support

2022-09-25 Thread Michał Górny
Hi,

Here's a patch series for unpacker.eclass that does the following:

- add tests for unpacking various file formats
- fix handling broken/invalid `.zst` and `.7z` files
- use lowercase suffixes everywhere consistently
- add support for `.lz4` and `.lzo`
- add support for on-the-fly unpacking of the image archive from `.gpkg.tar`
- use parallel xz decompression (by @thesamesam)
- support lbzip2 if available
- fix handling `.deb` that use GNU ar format
- unpack `.deb` on-the-fly (i.e. without temporary files)

Also available as PR: https://github.com/gentoo/gentoo/pull/27431

Please review.


Michał Górny (14):
  eclass/tests: Add tests for unpacker.eclass
  unpacker.eclass: Remove `-f` from zstd arguments
  unpacker.eclass: Fix unpack_7z to respect the exit status
  unpacker.eclass: Remove support for EAPI 5
  unpacker.eclass: Use bash substitution instead of tr for lowercase
  unpacker.eclass: Use lowercase in unpacker_src_uri_depends
  unpacker.eclass: Remove uppercase RAR/LHA variants
  unpacker.eclass: Move decompressor recognition into a function
  unpacker.eclass: Add support for .lz4 and .lzo compression
  unpacker.eclass: Add on-the-fly .gpkg.tar unpacking support
  sys-kernel/gentoo-kernel-bin: Use unpacker.eclass for .gpkg.tar
  unpacker.eclass: Support lbzip2 as parallel bz2 decompressor
  unpacker.eclass: Fix handling GNU ar archives in hand-weaved impl
  unpacker.eclass: Unpack .deb packages on-the-fly as well

Sam James (1):
  unpacker.eclass: decompress xz in parallel

 eclass/tests/tests-common.sh  |   7 +
 eclass/tests/unpacker.sh  | 291 ++
 eclass/unpacker.eclass| 179 +++
 .../gentoo-kernel-bin-5.19.11.ebuild  |  17 +-
 4 files changed, 428 insertions(+), 66 deletions(-)
 create mode 100755 eclass/tests/unpacker.sh

-- 
2.37.3




[gentoo-dev] [PATCH 3/3] glep-0074: Clarify the hex encoding of hash values

2022-09-23 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 8 
 1 file changed, 8 insertions(+)

diff --git a/glep-0074.rst b/glep-0074.rst
index bfbe092..7594932 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -418,6 +418,14 @@ Checksum algorithms
| ``WHIRLPOOL``   | Whirlpool [#BARRETO]_ | 512  | Hex  | |
+-+---+--+--+-+
 
+The following hash value encodings are used:
+
+Hex
+  The hash value expressed as an unsigned hexadecimal integer,
+  using digits ``0`` to ``9`` and lowercase letters ``a`` to ``f``,
+  with no prefix or suffix.
+
+
 Any new hashes must be added to this specification prior to being used
 in Manifest files. Adding a new hash is considered
 a backwards-compatible change to the GLEP. It is recommended that new
-- 
2.37.3




[gentoo-dev] [PATCH 2/3] glep-0074: Specify the format of size and checksum fields

2022-09-23 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 13 +
 1 file changed, 13 insertions(+)

diff --git a/glep-0074.rst b/glep-0074.rst
index 54bf216..bfbe092 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -191,6 +191,19 @@ The encoding can be used for other characters as well. In 
particular,
 escaping non-printable characters might be desirable.
 
 
+Size and checksum fields
+
+
+The Manifest entries used to describe files list the file size and one
+or more checksums. The size is expressed as an unsigned decimal integer.
+The checksums are expressed using pairs of fields, with the first field
+in every pair specifying the hash name and the second field its value.
+The names of hashes and the encoding of their values are specified
+in the `checksum algorithms`_ section.
+
+It is invalid to specify a hash name without a value.
+
+
 File verification
 -
 
-- 
2.37.3




[gentoo-dev] [PATCH 1/3] glep-0074: Clarify that DIST entries are specific to PMs

2022-09-23 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 7f53302..54bf216 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -8,7 +8,7 @@ Type: Standards Track
 Status: Final
 Version: 1.3
 Created: 2017-10-21
-Last-Modified: 2022-09-21
+Last-Modified: 2022-09-23
 Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
 Content-Type: text/x-rst
 Requires: 59, 61
@@ -286,6 +286,9 @@ The Manifest files can specify the following tags:
   ``DIST`` entries apply to all packages below the Manifest file
   specifying them.
 
+  This entry is specific to package manager use and it is not used
+  when verifying local directories.
+
 
 Deprecated Manifest tags
 
-- 
2.37.3




[gentoo-dev] [PATCH 0/3] glep-0074: clarifications about size and checksum fields

2022-09-23 Thread Michał Górny
Hi,

Here's next part of GLEP 74 updates, this time I think it qualifiers
as 100% editorial.  Ulrich Müller noticed that we don't specify how
to express sizes and checksums.  I've partially solved the latter while
adding the hash algorithm table and these patches should clarify
the matters even further.

Notably, they:

1) clarify that DIST entries are relevant to package managers only

2) specify that size is an unsigned decimal, and checksums consist
   of name-value pairs

3) clarify that 'Hex' encoding of hashes means lowercase hex without
   any prefix or suffix

Perhaps the most controversial part is requiring lowercase -- but
(drumroll...) Portage reports hash mismatch if you use uppercase.


Michał Górny (3):
  glep-0074: Clarify that DIST entries are specific to PMs
  glep-0074: Specify the format of size and checksum fields
  glep-0074: Clarify the hex encoding of hash values

 glep-0074.rst | 26 +-
 1 file changed, 25 insertions(+), 1 deletion(-)

-- 
2.37.3




[gentoo-dev] [PATCH 6/6] glep-0078: Clarify that Manifest must be present for signed binpkg

2022-09-21 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0078.rst | 5 +
 1 file changed, 5 insertions(+)

diff --git a/glep-0078.rst b/glep-0078.rst
index ab28aed..733d8d7 100644
--- a/glep-0078.rst
+++ b/glep-0078.rst
@@ -228,6 +228,11 @@ If the Manifest is present, all files contained in the 
archive must
 be listed in it and verify successfully.  The package manager should
 ignore unknown files but preserve them across package updates.
 
+For a binary package to be considered signed and suitable for
+authenticity verification, the Manifest file must be present and contain
+a valid signature.  It is recommended to include detached signatures
+for archive members as well.
+
 
 Permitted .tar format features
 --
-- 
2.37.3




[gentoo-dev] [PATCH 5/6] glep-0078: Clarify that Manifest is signed too

2022-09-21 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0078.rst | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/glep-0078.rst b/glep-0078.rst
index a109b7f..ab28aed 100644
--- a/glep-0078.rst
+++ b/glep-0078.rst
@@ -328,7 +328,9 @@ the inner archive contents.  This file also provides 
protection against
 signature reuse/replacement attacks if the OpenPGP signatures are used.
 
 The implementation follows the Manifest specifications in GLEP 74
-[#GLEP74]_ and uses the DATA tag for files within the container.
+and uses the ``DATA`` tag for files within the container.
+If the package is using OpenPGP signatures, the Manifest file must also
+include a cleartext OpenPGP signature as defined in GLEP 74 [#GLEP74]_.
 
 The implementation should be able to detect checksum mismatches,
 as well as missing, duplicate, or extraneous files within
-- 
2.37.3




[gentoo-dev] [PATCH 4/6] glep-0078: Link OpenPGP to RFC 4880

2022-09-21 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0078.rst | 10 +++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/glep-0078.rst b/glep-0078.rst
index 3078061..a109b7f 100644
--- a/glep-0078.rst
+++ b/glep-0078.rst
@@ -349,9 +349,10 @@ not verify, the package manager must reject processing the 
corresponding
 archive member.  In particular, it must not attempt decompressing
 compressed members in those circumstances.
 
-The signatures are created as binary detached OpenPGP signature files,
-with filename corresponding to the member filename with ``.sig`` suffix
-appended.
+The signatures are created as binary detached OpenPGP signature files
+as defined by RFC 4880 § 11.4 or a subsequent standard, with filename
+corresponding to the member filename with ``.sig`` suffix appended
+[#RFC-4880]_.
 
 The exact details regarding creating and verifying signatures, as well
 as maintaining and distributing keys are outside the scope of this
@@ -643,6 +644,9 @@ References
 .. [#GLEP74] GLEP 74: Full-tree verification using Manifest files
(https://www.gentoo.org/glep/glep-0074.html)
 
+.. [#RFC4880] RFC 4880: OpenPGP Message Format
+   (https://www.rfc-editor.org/rfc/rfc4880)
+
 .. [#DEB-FORMAT] deb(5) — Debian binary package format
(https://manpages.debian.org/unstable/dpkg-dev/deb.5.en.html)
 
-- 
2.37.3




[gentoo-dev] [PATCH 3/6] glep-0078: Link compressed file formats to GLEP 74

2022-09-21 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0078.rst | 18 ++
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/glep-0078.rst b/glep-0078.rst
index 4d27ac1..3078061 100644
--- a/glep-0078.rst
+++ b/glep-0078.rst
@@ -5,7 +5,7 @@ Author: Michał Górny ,
 Sheng Yu 
 Type: Standards Track
 Status: Accepted
-Version: 1
+Version: 1.1
 Created: 2018-11-15
 Last-Modified: 2022-09-21
 Post-History: 2018-11-17, 2019-07-08, 2021-09-13, 2021-09-22, 2022-05-28,
@@ -304,15 +304,17 @@ Archive member compression
 
 The archive members outlined above support optional compression using
 one of the compressed file formats supported by the package manager.
-The exact list of compression types is outside the scope of this
-specification.
+The list of compression types is maintained in GLEP 74 [#GLEP74]_.
+The package manager may implement an arbitrary subset of compressed file
+formats.  However, it is recommended that it can uncompress all formats
+that are not listed as deprecated.
 
 The implementations must support archive members being uncompressed,
 and must support using different compression types for different files.
 
 When compressing an archive member, the member filename should be
-suffixed using the standard suffix for the particular compressed file
-type (e.g. ``.bz2`` for bzip2 format).
+suffixed using the suffix for the particular compressed file type
+specified in GLEP 74.
 
 
 The package Manifest file
@@ -638,15 +640,15 @@ References
 .. [#GNU-TAR] GNU tar: an archiver tool, Appendix E Tar Internals
(https://www.gnu.org/software/tar/manual/html_node/Tar-Internals.html)
 
+.. [#GLEP74] GLEP 74: Full-tree verification using Manifest files
+   (https://www.gentoo.org/glep/glep-0074.html)
+
 .. [#DEB-FORMAT] deb(5) — Debian binary package format
(https://manpages.debian.org/unstable/dpkg-dev/deb.5.en.html)
 
 .. [#TAR-PORTABILITY] Michał Górny, Portability of tar features
(https://dev.gentoo.org/~mgorny/articles/portability-of-tar-features.html)
 
-.. [#GLEP74] GLEP 74: Full-tree verification using Manifest files
-   (https://www.gentoo.org/glep/glep-0074.html)
-
 .. [#XPAK2GPKG] xpak2gpkg: Proof-of-concept converter from tbz2/xpak
to gpkg binpkg format
(https://github.com/mgorny/xpak2gpkg)
-- 
2.37.3




[gentoo-dev] [PATCH 2/6] glep-0078: Link tar format to the respective standards

2022-09-21 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0078.rst | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/glep-0078.rst b/glep-0078.rst
index 24c5c9d..4d27ac1 100644
--- a/glep-0078.rst
+++ b/glep-0078.rst
@@ -232,8 +232,10 @@ ignore unknown files but preserve them across package 
updates.
 Permitted .tar format features
 --
 
-The tar archives should use either the POSIX ustar format or a subset
-of the GNU format with the following (optional) extensions:
+The tar archives should use either the POSIX ustar format as defined
+by POSIX.1-2017 [#POSIX-USTAR]_ or a subset of the ustar-compatible
+GNU tar format as described in the GNU tar manual [#GNU-TAR]_ with
+the following (optional) extensions:
 
 - long pathnames and long linknames,
 
@@ -629,6 +631,13 @@ References
written in C
(https://packages.gentoo.org/packages/app-portage/portage-utils)
 
+.. [#POSIX-USTAR] The Open Group Base Specifications Issue 7, 2018
+   edition, pax - portable archive interchange, ustar Interchange Format
+   
(https://pubs.opengroup.org/onlinepubs/9699919799/utilities/pax.html#tag_20_92_13_06)
+
+.. [#GNU-TAR] GNU tar: an archiver tool, Appendix E Tar Internals
+   (https://www.gnu.org/software/tar/manual/html_node/Tar-Internals.html)
+
 .. [#DEB-FORMAT] deb(5) — Debian binary package format
(https://manpages.debian.org/unstable/dpkg-dev/deb.5.en.html)
 
-- 
2.37.3




[gentoo-dev] [PATCH 1/6] glep-0078: Replace "basename" with non-ambiguous explanation

2022-09-21 Thread Michał Górny
It has been pointed out that the "basename" term may be ambiguous
in the context.  Explain explicitly that it is the filename with
.gpkg.tar suffix stripped.

Signed-off-by: Michał Górny 
---
 glep-0078.rst | 14 --
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/glep-0078.rst b/glep-0078.rst
index 05ceba9..24c5c9d 100644
--- a/glep-0078.rst
+++ b/glep-0078.rst
@@ -7,8 +7,9 @@ Type: Standards Track
 Status: Accepted
 Version: 1
 Created: 2018-11-15
-Last-Modified: 2022-08-14
-Post-History: 2018-11-17, 2019-07-08, 2021-09-13, 2021-09-22, 2022-05-28
+Last-Modified: 2022-09-21
+Post-History: 2018-11-17, 2019-07-08, 2021-09-13, 2021-09-22, 2022-05-28,
+  2022-09-21
 Content-Type: text/x-rst
 ---
 
@@ -193,10 +194,11 @@ The gpkg package container is an uncompressed .tar achive 
whose filename
 should use ``.gpkg.tar`` suffix.
 
 The archive contains a number of files.  All package-related files
-should be stored in a single directory whose name matches the basename
-of the package file.  However, the implementation must be able to
-process an archive where the directory name is mismatched.  There should
-be no explicit archive member entry for the directory.
+should be stored in a single directory whose name matches the package
+filaname after stripping the ``.gpkg.tar`` suffix.  However,
+the implementation must be able to process an archive where
+the directory name is mismatched.  There should be no explicit archive
+member entry for the directory.
 
 The package directory contains the following members, in order:
 
-- 
2.37.3




[gentoo-dev] [PATCH 0/6] glep-0078: Clarifications

2022-09-21 Thread Michał Górny
Hi,

Here's a bunch of patches to GLEP 78 (GPKG format).  They're mostly
clarifications, that is:

- replacing "basename" with more specific explanation

- linking formats to the respective standards

- deferring compressed file formats to GLEP 74

- clarifying the situation around Manifest signing and verifying binpkg
  authenticity

Please review.


Michał Górny (6):
  glep-0078: Replace "basename" with non-ambiguous explanation
  glep-0078: Link tar format to the respective standards
  glep-0078: Link compressed file formats to GLEP 74
  glep-0078: Link OpenPGP to RFC 4880
  glep-0078: Clarify that Manifest is signed too
  glep-0078: Clarify that Manifest must be present for signed binpkg

 glep-0078.rst | 64 +++
 1 file changed, 44 insertions(+), 20 deletions(-)

-- 
2.37.3




Re: [gentoo-dev] Last rites: dev-libs/libdivsufsort

2022-09-19 Thread Michał Górny
On Thu, 2022-08-11 at 12:18 +0200, Michał Górny wrote:
> # Michał Górny  (2022-08-11)
> # Niche library with no revdeps left.  Last commit in 2015.
> # Removal on 2022-09-10.  Bug #864889.
> dev-libs/libdivsufsort

Reverting per user's request — it's a zero-maintenance package overall,
and it miraculously still seems to work.

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH v3 3/3] glep-0074: Specify compressed file formats

2022-09-18 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 81 ---
 1 file changed, 71 insertions(+), 10 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 5a63f70..d96a3dd 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -27,7 +27,8 @@ Changes
 ===
 
 v1.3
-  Formally specified the current set of hash algorithms supported.
+  Formally specified the current set of hash algorithms and compressed
+  Manifest formats supported.
 
 v1.2
   Specified the newline convention used for Manifests.
@@ -432,9 +433,8 @@ compression and this specification.
 
 The compressed Manifest files are required to be suffixed for their
 compression algorithm. This suffix should be used to recognize
-the compression and decompress Manifests transparently. The exact list
-of algorithms and their corresponding suffixes are outside the scope
-of this specification.
+the compression and decompress Manifests transparently. The supported
+formats are specified in `compressed file formats`_ section.
 
 The top-level Manifest file must not be compressed. Since the OpenPGP
 signature covers the uncompressed text and is compressed itself,
@@ -455,6 +455,46 @@ uncompressed content and the specification is free to 
choose either
 of the files using the same base name.
 
 
+Compressed file formats
+---
+
+.. table:: Table 2. Defined compressed file formats
+   :widths: auto
+
+   ===  ==    ===
+   Tool nameSuffix  Specification Notes
+   ===  ==    ===
+   bzip2.bz2(none known)
+   gzip .gz RFC 1952 [#RFC1952]_  Recommended
+   lz4  .lz4(none known)
+   lzip .lz RFC draft [#LZIP]_
+   lzma .lzma   (none known)  Deprecated
+   lzop .lzo(none known)
+   xz   .xz xz [#XZ]_
+   zstd .zstRFC 8878 [#RFC8878]_
+   ===  ==    ===
+
+Any new formats must be added to this specification prior to being used
+for Manifest files. Adding a new compressed file format is considered
+a backwards-compatible change to the GLEP. It is recommended that new
+formats use their reference (most common) file suffixes.
+
+An implementation can implement an arbitrary subset of the listed
+formats. For best interoperability, it should implement at least
+the recommended formats. Using deprecated formats should be avoided.
+
+If multiple Manifest variants coexist using different compressed file
+formats, the implementation may choose to use an arbitrary subset
+of them. However, all of them must be verified against the hashes stored
+in the containing Manifest. Should they be decompressed, the resulting
+contents must be identical.
+
+If the compressed file format is unsupported and a variant using
+a supported format coexists, the other variant should be used. However,
+at least one supported variant must exist for the verification
+to succeed.
+
+
 Combining multiple Manifest trees (informational)
 -
 
@@ -1033,12 +1073,19 @@ into a compressed sub-Manifest in the top directory 
(e.g.
 ``Manifest.sub.gz``), and including a ``MANIFEST`` entry for this file
 in a signed, uncompressed top-level Manifest.
 
-The existence of additional entries for uncompressed Manifest checksums
-was debated. However, plain entries for the uncompressed file would
-be confusing if only the compressed file existed, and conflicting
-if both uncompressed and compressed variants existed. Furthermore,
-it has been pointed out that ``DIST`` entries do not have
-an uncompressed variant either.
+The existence of additional entries for checksums of Manifest contents
+after uncompressing was debated. However, plain entries for
+the uncompressed file would be confusing if only the compressed file
+existed. Furthermore, it has been pointed out that ``DIST`` entries
+do not have an uncompressed variant either.
+
+The specification permits coexistence of multiple variants of the same
+Manifest file using different compression for historical compatibility.
+However, there does not seem to be any real benefit from including
+a compressed Manifest file if the uncompressed variant needs to exist
+anyway. Providing different compressed variants could technically
+improve interoperability, though the same result could probably
+be achieved by using a more commonly supported format (e.g. gzip).
 
 
 Performance considerations
@@ -1171,6 +1218,20 @@ References
(archived at 2017-11-29)

(https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html)
 
+.. [#RFC1952] RFC 1952: GZIP file format specification version 4.3
+   (https://www.rfc-editor.org/rfc/rfc1952)
+
+.. [#LZIP] RFC draft: Lzip Compressed Format and the 'application/lzip'
+   Media Type
+   (https://datatracker.ietf.org/doc/html/draft-diaz-lzip)
+
+.. [#XZ

[gentoo-dev] [PATCH v3 2/3] glep-0074: Specify supported hash algorithms

2022-09-18 Thread Michał Górny
Replace the informational hash name section with a formal specification
of allowed hash algorithms.  The original reasoning for leaving them
implementation-defined was poor.  After all, not a single new hash
was added since the initial version of the GLEP.  At the same time,
ensuring consistent support for at least a minimal set of hash
algorithms is crucial to interoperability.  Given that the effort needed
to update the GLEP is relatively small, it is better to require all
algorithms to be formally listed than to have to track all
implementations for new hashes and hope for consistency.

Signed-off-by: Michał Górny 
---
 glep-0074.rst | 177 --
 1 file changed, 127 insertions(+), 50 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 8cec618..5a63f70 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -6,7 +6,7 @@ Author: Michał Górny ,
 Ulrich Müller 
 Type: Standards Track
 Status: Final
-Version: 1.2
+Version: 1.3
 Created: 2017-10-21
 Last-Modified: 2022-09-11
 Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
@@ -26,6 +26,9 @@ efficient and provide means of backwards compatibility.
 Changes
 ===
 
+v1.3
+  Formally specified the current set of hash algorithms supported.
+
 v1.2
   Specified the newline convention used for Manifests.
 
@@ -364,27 +367,60 @@ up to and including the *original* directory. Note that 
those
 sub-Manifests can use different filenames than ``Manifest``.
 
 
-Checksum algorithms (informational)

-
-This section is informational only. Specifying the exact set
-of supported algorithms is outside the scope of this specification.
-
-The algorithm names reserved at the time of writing are:
-
-- ``MD5`` [#MD5]_,
-- ``RMD160`` -- RIPEMD-160 [#RIPEMD160]_,
-- ``SHA1`` [#SHS]_,
-- ``SHA256`` and ``SHA512`` -- SHA-2 family of hashes [#SHS]_,
-- ``WHIRLPOOL`` [#WHIRLPOOL]_,
-- ``BLAKE2B`` and ``BLAKE2S`` -- BLAKE2 family of hashes [#BLAKE2]_,
-- ``SHA3_256`` and ``SHA3_512`` -- SHA-3 family of hashes [#SHA3]_,
-- ``STREEBOG256`` and ``STREEBOG512`` -- Streebog family of hashes
-  [#STREEBOG]_.
-
-The method of introducing new hashes is defined by GLEP 59 [#GLEP59]_.
-It is recommended that any new hashes are named after the Python
-``hashlib`` module algorithm names, transformed into uppercase.
+Checksum algorithms
+---
+
+.. table:: Table 1. Defined hash algorithms
+   :widths: auto
+
+   +-+---+--+--+-+
+   | Name| Specification | Bits | Enc. | Notes   |
+   +=+===+==+==+=+
+   | ``BLAKE2B`` |   | 512  | Hex  | Recommended |
+   +-+ RFC 7693 [#RFC7693]_  +--+--+-+
+   | ``BLAKE2S`` |   | 256  | Hex  | |
+   +-+---+--+--+-+
+   | ``MD5`` | RFC 1321 [#RFC1321]_  | 128  | Hex  | Deprecated  |
+   +-+---+--+--+-+
+   | ``RMD160``  | RIPEMD-160 [#RMD160]_ | 160  | Hex  | |
+   +-+---+--+--+-+
+   | ``SHA1``|   | 160  | Hex  | Deprecated  |
+   +-+   +--+--+-+
+   | ``SHA256``  | FIPS 180-4 [#SHS]_| 256  | Hex  | |
+   +-+   +--+--+-+
+   | ``SHA512``  |   | 512  | Hex  | Recommended |
+   +-+---+--+--+-+
+   | ``SHA3_256``|   | 256  | Hex  | |
+   +-+ FIPS 202 [#SHA3]_ +--+--+-+
+   | ``SHA3_512``|   | 512  | Hex  | |
+   +-+---+--+--+-+
+   | ``STREEBOG256`` |   | 256  | Hex  | |
+   +-+ RFC 6986 [#RFC6986]_  +--+--+-+
+   | ``STREEBOG512`` |   | 512  | Hex  | |
+   +-+---+--+--+-+
+   | ``WHIRLPOOL``   | Whirlpool [#BARRETO]_ | 512  | Hex  | |
+   +-+---+--+--+-+
+
+Any new hashes must be added to this specification prior to being used
+in Manifest files. Adding a new hash is considered
+a backwards-compatible change to the GLEP. It is recommended that new
+hashes are named after the Python ``hashlib`` module algorithm names,
+transformed into uppercase, with dashes replaced by underscores.
+
+An implementation can implement an arbitrary subset of the listed
+hashes. For best interoperability, it should

[gentoo-dev] [PATCH v3 1/3] glep-0074: Add a changelog

2022-09-18 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 15 +--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 182a871..8cec618 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -8,8 +8,8 @@ Type: Standards Track
 Status: Final
 Version: 1.2
 Created: 2017-10-21
-Last-Modified: 2022-09-08
-Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08
+Last-Modified: 2022-09-11
+Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
 Content-Type: text/x-rst
 Requires: 59, 61
 Replaces: 44, 58, 60
@@ -23,6 +23,17 @@ integrity and authenticity checks. The format aims to be 
future-proof,
 efficient and provide means of backwards compatibility.
 
 
+Changes
+===
+
+v1.2
+  Specified the newline convention used for Manifests.
+
+v1.1
+  Removed the restriction that all files covered by a Manifest tree
+  must reside on the same filesystem.
+
+
 Motivation
 ==
 
-- 
2.37.3




[gentoo-dev] [PATCH v3 0/3] glep-0074: Explicitly specify hashes and compressed Manifest formats

2022-09-18 Thread Michał Górny
Hi,

Here's v3 of the patches.  The changes since v2 are:

- RIPEMD-160 is no longer marked as deprecated (as noted in [1]) since
  there's no proof of it broken at this moment.

- The links to SHA specifications were changed from http:// to https://.

The patches are being resent to have a permanent trail for the version
that the Council will be voting on.


[1] 
https://archives.gentoo.org/gentoo-dev/message/6ea964b8276ff9530883976a92d16dda

Michał Górny (3):
  glep-0074: Add a changelog
  glep-0074: Specify supported hash algorithms
  glep-0074: Specify compressed file formats

 glep-0074.rst | 271 ++
 1 file changed, 210 insertions(+), 61 deletions(-)

-- 
2.37.3




[gentoo-dev] Global USE flags for sound notifications (libcanberra) and global hotkeys (keybinder)

2022-09-15 Thread Michał Górny
Hi,

I think we've passed the threshold for making two USE flags global:

- sound notification support (usually via libcanberra)

- global hotkey support (usually via keybinder)

I don't have a strong opinion on flag names.


For sound notification, I've found that:

- 7 packages use "libcanberra" as the name

- 1 package uses "sound-notification" (and implements it using
libcanberra)


For global hotkey support, I've found that:

- 4 packages use "keybinder"

- 1 package uses "hotkeys" but it doesn't use keybinder and I'm not 100%
sure it's the same feature


WDYT?

-- 
Best regards,
Michał Górny




Re: [gentoo-dev] file(1) now supports Gentoo file types!

2022-09-15 Thread Michał Górny
On Wed, 2022-09-14 at 23:58 +0100, Sam James wrote:
> Hi,
> 
> Fun thing to share: thanks to mgorny, file(1) (sys-apps/file) now
> supports Gentoo ebuilds, eclasses, and binpkgs.
> 
> ```
> $ file sys-apps/file/file-.ebuild
> sys-apps/file/file-.ebuild: Gentoo ebuild, EAPI 8, ASCII text
> 
> $ file sys-apps/file/Manifest
> sys-apps/file/Manifest: Gentoo Manifest (GLEP 74)
> 
> $ file eclass/autotools.eclass
> eclass/autotools.eclass: Gentoo eclass autotools.eclass, Unicode text,
> UTF-8 text
> 
> $ file /var/cache/binpkgs/app-shells//zsh-5.9-r1.gpkg.tar
> /var/cache/binpkgs/app-shells//zsh-5.9-r1.gpkg.tar: Gentoo GLEP 78
> (GPKG) binary package for "zsh-5.9-r1" using zstd compression
> ```
> 
> Thought this was a nice fun thing to share.
> 

Unfortunately it doesn't support transparent lzip decompression, so it
still does a disservice to our users.

-- 
Best regards,
Michał Górny




Re: [gentoo-dev] [PATCH v2 2/3] glep-0074: Specify supported hash algorithms

2022-09-14 Thread Michał Górny
On Mon, 2022-09-12 at 15:38 +0200, Michał Górny wrote:
> +   +-+---+--+--+-+
> +   | Name| Specification | Bits | Enc. | Notes   |
> +   +=+===+==+==+=+
> +   | ``BLAKE2B`` |   | 512  | Hex  | Recommended |
> +   +-+ RFC 7693 [#RFC7693]_  +--+--+-+
> +   | ``BLAKE2S`` |   | 256  | Hex  | |
> +   +-+---+--+--+-+
> +   | ``MD5`` | RFC 1321 [#RFC1321]_  | 128  | Hex  | Deprecated  |
> +   +-+---+--+--+-+
> +   | ``RMD160``  | RIPEMD-160 [#RMD160]_ | 160  | Hex  | Deprecated  |

Small change here after some internal and external consideration: I've
removed the "deprecated" tag from RIPEMD-160 since (unlike MD5/SHA1)
it's not officially considered weakened.

> +   +-+---+--+--+-+
> +   | ``SHA1``|   | 160  | Hex  | Deprecated  |
> +   +-+   +--+--+-+
> +   | ``SHA256``  | FIPS 180-4 [#SHS]_| 256  | Hex  | |
> +   +-+   +--+--+-+
> +   | ``SHA512``  |   | 512  | Hex  | Recommended |
> +   +-+---+--+--+-+
> +   | ``SHA3_256``|   | 256  | Hex  | |
> +   +-+ FIPS 202 [#SHA3]_ +--+--+-+
> +   | ``SHA3_512``|   | 512  | Hex  | |
> +   +-+---+--+--+-+
> +   | ``STREEBOG256`` |   | 256  | Hex  | |
> +   +-+ RFC 6986 [#RFC6986]_  +--+--+-+
> +   | ``STREEBOG512`` |   | 512  | Hex  | |
> +   +-+---+--+--+-+
> +   | ``WHIRLPOOL``   | Whirlpool [#BARRETO]_ | 512  | Hex  | |
> +   +-+---+--+--+-+
> +
> +Any new hashes must be added to this specification prior to being used
> +in Manifest files. Adding a new hash is considered
> +a backwards-compatible change to the GLEP. It is recommended that new
> +hashes are named after the Python ``hashlib`` module algorithm names,
> +transformed into uppercase, with dashes replaced by underscores.
> +
> +An implementation can implement an arbitrary subset of the listed
> +hashes. For best interoperability, it should implement at least
> +recommended hashes. If deprecated hashes are implemented, it is
> +preferable to disallow their use by default.
> +
> +If an entry specifies multiple hashes using different algorithms,
> +an implementation may choose to verify an arbitrary subset of them.
> +However, should any tested hash yield a mismatch, the verification must
> +fail.
> +
> +If a particular hash is either unsupported or unknown,
> +the implementation can either ignore it or report a failure. However,
> +at least one algorithm specified for a particular entry must be
> +supported for the verification to succeed.
>  
>  
>  Manifest compression
> @@ -913,23 +949,25 @@ tool working with this Manifest format.
>  Hash algorithms
>  ---
>  
> -While maintaining a consistent supported hash set is important
> -for interoperability, it is not a good fit for the generic layout
> -of this GLEP. Furthermore, it would require updating the GLEP
> -in the future every time the used algorithms change.
> +Originally, this GLEP did not formally specify the complete set of hash
> +algorithms. Instead, it only listed (informationally) the names already
> +used at the time of writing. Since enforcing consistent use of algorithm
> +names is important for interoperability, this was changed in version
> +1.3.
>  
> -Instead, the specification focuses on listing the currently used
> -algorithm names for interoperability, and sets a recommendation
> -for consistent naming of algorithms in the future. The Python
> -``hashlib`` module is used as a reference since it is used
> -as the provider of hash functions for most of the Python software,
> -including Portage and PkgCore.
> +Since the effort needed to update the GLEP is small compared to the time
> +needed for a new hash algorithm to be well-deployed, the GLEP needs
> +to be updated prior to adding a new hash method.
>  
> -The basic rules for changing hash algorithms are defined 

Re: [gentoo-dev] [PATCH data/xml-schema 1/2] metadata.xsd: Add gnome remote-id

2022-09-13 Thread Michał Górny
On Tue, 2022-09-13 at 10:36 -0400, Matt Turner wrote:
> On Tue, Sep 13, 2022 at 2:38 AM Michał Górny  wrote:
> > 
> > On Mon, 2022-09-12 at 20:58 -0400, Matt Turner wrote:
> > > Signed-off-by: Matt Turner 
> > > ---
> > >  metadata.xsd | 1 +
> > >  1 file changed, 1 insertion(+)
> > > 
> > > diff --git a/metadata.xsd b/metadata.xsd
> > > index 87972cb..cced33d 100644
> > > --- a/metadata.xsd
> > > +++ b/metadata.xsd
> > > @@ -279,6 +279,7 @@
> > >   
> > >   
> > >   
> > > + 
> > >   
> > >   
> > >   
> > 
> > Some examples, please.  Are these somehow "global" identifiers or
> > specific to their GitLab instances?
> 
> This would be for gitlab.gnome.org. E.g. for x11-terms/gnome-terminal
> whose git repo is located at
> https://gitlab.gnome.org/GNOME/gnome-terminal.git, we'd have
> 
> GNOME/gnome-terminal
> 
> Similar situation for 'freedesktop' in patch 2/2, for gitlab.freedesktop.org.
> 

Well, then I guess I'd prefer if these were "gnome-gitlab"
and "freedesktop-gitlab" to make it clear which services the names
correspond to.

-- 
Best regards,
Michał Górny




Re: [gentoo-dev] [PATCH data/xml-schema 1/2] metadata.xsd: Add gnome remote-id

2022-09-13 Thread Michał Górny
On Mon, 2022-09-12 at 20:58 -0400, Matt Turner wrote:
> Signed-off-by: Matt Turner 
> ---
>  metadata.xsd | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/metadata.xsd b/metadata.xsd
> index 87972cb..cced33d 100644
> --- a/metadata.xsd
> +++ b/metadata.xsd
> @@ -279,6 +279,7 @@
>   
>   
>   
> + 
>   
>   
>   

Some examples, please.  Are these somehow "global" identifiers or
specific to their GitLab instances?

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH v2 3/3] glep-0074: Specify compressed file formats

2022-09-12 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 81 ---
 1 file changed, 71 insertions(+), 10 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 9a0e92b..6523272 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -27,7 +27,8 @@ Changes
 ===
 
 v1.3
-  Formally specified the current set of hash algorithms supported.
+  Formally specified the current set of hash algorithms and compressed
+  Manifest formats supported.
 
 v1.2
   Specified the newline convention used for Manifests.
@@ -432,9 +433,8 @@ compression and this specification.
 
 The compressed Manifest files are required to be suffixed for their
 compression algorithm. This suffix should be used to recognize
-the compression and decompress Manifests transparently. The exact list
-of algorithms and their corresponding suffixes are outside the scope
-of this specification.
+the compression and decompress Manifests transparently. The supported
+formats are specified in `compressed file formats`_ section.
 
 The top-level Manifest file must not be compressed. Since the OpenPGP
 signature covers the uncompressed text and is compressed itself,
@@ -455,6 +455,46 @@ uncompressed content and the specification is free to 
choose either
 of the files using the same base name.
 
 
+Compressed file formats
+---
+
+.. table:: Table 2. Defined compressed file formats
+   :widths: auto
+
+   ===  ==    ===
+   Tool nameSuffix  Specification Notes
+   ===  ==    ===
+   bzip2.bz2(none known)
+   gzip .gz RFC 1952 [#RFC1952]_  Recommended
+   lz4  .lz4(none known)
+   lzip .lz RFC draft [#LZIP]_
+   lzma .lzma   (none known)  Deprecated
+   lzop .lzo(none known)
+   xz   .xz xz [#XZ]_
+   zstd .zstRFC 8878 [#RFC8878]_
+   ===  ==    ===
+
+Any new formats must be added to this specification prior to being used
+for Manifest files. Adding a new compressed file format is considered
+a backwards-compatible change to the GLEP. It is recommended that new
+formats use their reference (most common) file suffixes.
+
+An implementation can implement an arbitrary subset of the listed
+formats. For best interoperability, it should implement at least
+the recommended formats. Using deprecated formats should be avoided.
+
+If multiple Manifest variants coexist using different compressed file
+formats, the implementation may choose to use an arbitrary subset
+of them. However, all of them must be verified against the hashes stored
+in the containing Manifest. Should they be decompressed, the resulting
+contents must be identical.
+
+If the compressed file format is unsupported and a variant using
+a supported format coexists, the other variant should be used. However,
+at least one supported variant must exist for the verification
+to succeed.
+
+
 Combining multiple Manifest trees (informational)
 -
 
@@ -996,12 +1036,19 @@ into a compressed sub-Manifest in the top directory (e.g.
 ``Manifest.sub.gz``), and including a ``MANIFEST`` entry for this file
 in a signed, uncompressed top-level Manifest.
 
-The existence of additional entries for uncompressed Manifest checksums
-was debated. However, plain entries for the uncompressed file would
-be confusing if only the compressed file existed, and conflicting
-if both uncompressed and compressed variants existed. Furthermore,
-it has been pointed out that ``DIST`` entries do not have
-an uncompressed variant either.
+The existence of additional entries for checksums of Manifest contents
+after uncompressing was debated. However, plain entries for
+the uncompressed file would be confusing if only the compressed file
+existed. Furthermore, it has been pointed out that ``DIST`` entries
+do not have an uncompressed variant either.
+
+The specification permits coexistence of multiple variants of the same
+Manifest file using different compression for historical compatibility.
+However, there does not seem to be any real benefit from including
+a compressed Manifest file if the uncompressed variant needs to exist
+anyway. Providing different compressed variants could technically
+improve interoperability, though the same result could probably
+be achieved by using a more commonly supported format (e.g. gzip).
 
 
 Performance considerations
@@ -1134,6 +1181,20 @@ References
(archived at 2017-11-29)

(https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html)
 
+.. [#RFC1952] RFC 1952: GZIP file format specification version 4.3
+   (https://www.rfc-editor.org/rfc/rfc1952)
+
+.. [#LZIP] RFC draft: Lzip Compressed Format and the 'application/lzip'
+   Media Type
+   (https://datatracker.ietf.org/doc/html/draft-diaz-lzip)
+
+.. [#XZ] The .xz

[gentoo-dev] [PATCH v2 2/3] glep-0074: Specify supported hash algorithms

2022-09-12 Thread Michał Górny
Replace the informational hash name section with a formal specification
of allowed hash algorithms.  The original reasoning for leaving them
implementation-defined was poor.  After all, not a single new hash
was added since the initial version of the GLEP.  At the same time,
ensuring consistent support for at least a minimal set of hash
algorithms is crucial to interoperability.  Given that the effort needed
to update the GLEP is relatively small, it is better to require all
algorithms to be formally listed than to have to track all
implementations for new hashes and hope for consistency.

Signed-off-by: Michał Górny 
---
 glep-0074.rst | 136 --
 1 file changed, 88 insertions(+), 48 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 8cec618..9a0e92b 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -6,7 +6,7 @@ Author: Michał Górny ,
 Ulrich Müller 
 Type: Standards Track
 Status: Final
-Version: 1.2
+Version: 1.3
 Created: 2017-10-21
 Last-Modified: 2022-09-11
 Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
@@ -26,6 +26,9 @@ efficient and provide means of backwards compatibility.
 Changes
 ===
 
+v1.3
+  Formally specified the current set of hash algorithms supported.
+
 v1.2
   Specified the newline convention used for Manifests.
 
@@ -364,27 +367,60 @@ up to and including the *original* directory. Note that 
those
 sub-Manifests can use different filenames than ``Manifest``.
 
 
-Checksum algorithms (informational)

-
-This section is informational only. Specifying the exact set
-of supported algorithms is outside the scope of this specification.
-
-The algorithm names reserved at the time of writing are:
-
-- ``MD5`` [#MD5]_,
-- ``RMD160`` -- RIPEMD-160 [#RIPEMD160]_,
-- ``SHA1`` [#SHS]_,
-- ``SHA256`` and ``SHA512`` -- SHA-2 family of hashes [#SHS]_,
-- ``WHIRLPOOL`` [#WHIRLPOOL]_,
-- ``BLAKE2B`` and ``BLAKE2S`` -- BLAKE2 family of hashes [#BLAKE2]_,
-- ``SHA3_256`` and ``SHA3_512`` -- SHA-3 family of hashes [#SHA3]_,
-- ``STREEBOG256`` and ``STREEBOG512`` -- Streebog family of hashes
-  [#STREEBOG]_.
-
-The method of introducing new hashes is defined by GLEP 59 [#GLEP59]_.
-It is recommended that any new hashes are named after the Python
-``hashlib`` module algorithm names, transformed into uppercase.
+Checksum algorithms
+---
+
+.. table:: Table 1. Defined hash algorithms
+   :widths: auto
+
+   +-+---+--+--+-+
+   | Name| Specification | Bits | Enc. | Notes   |
+   +=+===+==+==+=+
+   | ``BLAKE2B`` |   | 512  | Hex  | Recommended |
+   +-+ RFC 7693 [#RFC7693]_  +--+--+-+
+   | ``BLAKE2S`` |   | 256  | Hex  | |
+   +-+---+--+--+-+
+   | ``MD5`` | RFC 1321 [#RFC1321]_  | 128  | Hex  | Deprecated  |
+   +-+---+--+--+-+
+   | ``RMD160``  | RIPEMD-160 [#RMD160]_ | 160  | Hex  | Deprecated  |
+   +-+---+--+--+-+
+   | ``SHA1``|   | 160  | Hex  | Deprecated  |
+   +-+   +--+--+-+
+   | ``SHA256``  | FIPS 180-4 [#SHS]_| 256  | Hex  | |
+   +-+   +--+--+-+
+   | ``SHA512``  |   | 512  | Hex  | Recommended |
+   +-+---+--+--+-+
+   | ``SHA3_256``|   | 256  | Hex  | |
+   +-+ FIPS 202 [#SHA3]_ +--+--+-+
+   | ``SHA3_512``|   | 512  | Hex  | |
+   +-+---+--+--+-+
+   | ``STREEBOG256`` |   | 256  | Hex  | |
+   +-+ RFC 6986 [#RFC6986]_  +--+--+-+
+   | ``STREEBOG512`` |   | 512  | Hex  | |
+   +-+---+--+--+-+
+   | ``WHIRLPOOL``   | Whirlpool [#BARRETO]_ | 512  | Hex  | |
+   +-+---+--+--+-+
+
+Any new hashes must be added to this specification prior to being used
+in Manifest files. Adding a new hash is considered
+a backwards-compatible change to the GLEP. It is recommended that new
+hashes are named after the Python ``hashlib`` module algorithm names,
+transformed into uppercase, with dashes replaced by underscores.
+
+An implementation can implement an arbitrary subset of the listed
+hashes. For best interoperability, it should

[gentoo-dev] [PATCH v2 1/3] glep-0074: Add a changelog

2022-09-12 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 15 +--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 182a871..8cec618 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -8,8 +8,8 @@ Type: Standards Track
 Status: Final
 Version: 1.2
 Created: 2017-10-21
-Last-Modified: 2022-09-08
-Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08
+Last-Modified: 2022-09-11
+Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
 Content-Type: text/x-rst
 Requires: 59, 61
 Replaces: 44, 58, 60
@@ -23,6 +23,17 @@ integrity and authenticity checks. The format aims to be 
future-proof,
 efficient and provide means of backwards compatibility.
 
 
+Changes
+===
+
+v1.2
+  Specified the newline convention used for Manifests.
+
+v1.1
+  Removed the restriction that all files covered by a Manifest tree
+  must reside on the same filesystem.
+
+
 Motivation
 ==
 
-- 
2.37.3




[gentoo-dev] [PATCH v2 0/3] glep-0074: Explicitly specify hashes and compressed Manifest formats

2022-09-12 Thread Michał Górny
Hi,

Here's v2 of the patches.  Change from v1: removed explicit Bootstrap
table classes (they don't really belong in GLEPs) in favor of fixed
table rendering in docutils-glep 1.5 / matching www.g.o update.
Use rowspan="" instead of "ditto"s for hashes using the same spec.

Michał Górny (3):
  glep-0074: Add a changelog
  glep-0074: Specify supported hash algorithms
  glep-0074: Specify compressed file formats

 glep-0074.rst | 230 +-
 1 file changed, 171 insertions(+), 59 deletions(-)

-- 
2.37.3




Re: [gentoo-dev] [PATCH 2/3] glep-0074: Specify supported hash algorithms

2022-09-12 Thread Michał Górny
On Mon, 2022-09-12 at 10:28 +0200, Florian Schmaus wrote:
> On 11/09/2022 15.14, Michał Górny wrote:
> > +.. table:: Table 1. Defined hash algorithms
> > +   :widths: auto
> > +   :class: table table-bordered table-striped
> > +
> > +   === ===   ===
> > +   NameSpecification   Bits Enc. Notes
> > +   === ===   ===
> > +   ``BLAKE2B`` RFC 7693 [#RFC7693]_512  Hex  Recommended
> > +   ``BLAKE2S`` ditto   256  Hex
> > +   ``MD5`` RFC 1321 [#RFC1321]_128  Hex  Deprecated
> > +   ``RMD160``  RIPEMD-160 [#RMD160]_   160  Hex  Deprecated
> > +   ``SHA1``FIPS 180-4 [#SHS]_  160  Hex  Deprecated
> > +   ``SHA256``  ditto   256  Hex
> > +   ``SHA512``  ditto   512  Hex  Recommended
> > +   ``SHA3_256``FIPS 202 [#SHA3]_   256  Hex
> > +   ``SHA3_512``ditto   512  Hex
> > +   ``STREEBOG256`` RFC 6986 [#RFC6986]_256  Hex
> > +   ``STREEBOG512`` ditto   512  Hex
> > +   ``WHIRLPOOL``   Whirlpool [#WHIRLPOOL]_ 512  Hex
> > +   === ===   ===
> 
> Personally, I would slightly prefer repeating the source specification, 
> instead of using "ditto".
> 

Unfortunately, that would mean each of them would have 2-3
backreferences in the 'References' section.

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH 3/3] glep-0074: Specify compressed file formats

2022-09-11 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 82 ---
 1 file changed, 72 insertions(+), 10 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 33f6f80..6deeaf8 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -27,7 +27,8 @@ Changes
 ===
 
 v1.3
-  Formally specified the current set of hash algorithms supported.
+  Formally specified the current set of hash algorithms and compressed
+  Manifest formats supported.
 
 v1.2
   Specified the newline convention used for Manifests.
@@ -422,9 +423,8 @@ compression and this specification.
 
 The compressed Manifest files are required to be suffixed for their
 compression algorithm. This suffix should be used to recognize
-the compression and decompress Manifests transparently. The exact list
-of algorithms and their corresponding suffixes are outside the scope
-of this specification.
+the compression and decompress Manifests transparently. The supported
+formats are specified in `compressed file formats`_ section.
 
 The top-level Manifest file must not be compressed. Since the OpenPGP
 signature covers the uncompressed text and is compressed itself,
@@ -445,6 +445,47 @@ uncompressed content and the specification is free to 
choose either
 of the files using the same base name.
 
 
+Compressed file formats
+---
+
+.. table:: Table 2. Defined compressed file formats
+   :widths: auto
+   :class: table table-bordered table-striped
+
+   === ==  ===
+   Tool name   Suffix SpecificationNotes
+   === ==  ===
+   bzip2   .bz2   (none known)
+   gzip.gzRFC 1952 [#RFC1952]_ Recommended
+   lz4 .lz4   (none known)
+   lzip.lzRFC draft [#LZIP]_
+   lzma.lzma  (none known) Deprecated
+   lzop.lzo   (none known)
+   xz  .xzxz [#XZ]_
+   zstd.zst   RFC 8878 [#RFC8878]_
+   === ==  ===
+
+Any new formats must be added to this specification prior to being used
+for Manifest files. Adding a new compressed file format is considered
+a backwards-compatible change to the GLEP. It is recommended that new
+formats use their reference (most common) file suffixes.
+
+An implementation can implement an arbitrary subset of the listed
+formats. For best interoperability, it should implement at least
+the recommended formats. Using deprecated formats should be avoided.
+
+If multiple Manifest variants coexist using different compressed file
+formats, the implementation may choose to use an arbitrary subset
+of them. However, all of them must be verified against the hashes stored
+in the containing Manifest. Should they be decompressed, the resulting
+contents must be identical.
+
+If the compressed file format is unsupported and a variant using
+a supported format coexists, the other variant should be used. However,
+at least one supported variant must exist for the verification
+to succeed.
+
+
 Combining multiple Manifest trees (informational)
 -
 
@@ -986,12 +1027,19 @@ into a compressed sub-Manifest in the top directory (e.g.
 ``Manifest.sub.gz``), and including a ``MANIFEST`` entry for this file
 in a signed, uncompressed top-level Manifest.
 
-The existence of additional entries for uncompressed Manifest checksums
-was debated. However, plain entries for the uncompressed file would
-be confusing if only the compressed file existed, and conflicting
-if both uncompressed and compressed variants existed. Furthermore,
-it has been pointed out that ``DIST`` entries do not have
-an uncompressed variant either.
+The existence of additional entries for checksums of Manifest contents
+after uncompressing was debated. However, plain entries for
+the uncompressed file would be confusing if only the compressed file
+existed. Furthermore, it has been pointed out that ``DIST`` entries
+do not have an uncompressed variant either.
+
+The specification permits coexistence of multiple variants of the same
+Manifest file using different compression for historical compatibility.
+However, there does not seem to be any real benefit from including
+a compressed Manifest file if the uncompressed variant needs to exist
+anyway. Providing different compressed variants could technically
+improve interoperability, though the same result could probably
+be achieved by using a more commonly supported format (e.g. gzip).
 
 
 Performance considerations
@@ -1123,6 +1171,20 @@ References
 .. [#WHIRLPOOL] The WHIRLPOOL Hash Function (archived at 2017-11-29)

(https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html)
 
+.. [#RFC1952] RFC 1952: GZIP file format specification version 4.3
+   (https://www.rfc-editor.org/rfc/rfc1952)
+
+.. [#LZIP] RFC draft: Lzip Compressed Format and the 'application/lzip'
+   Media Type
+   (https

[gentoo-dev] [PATCH 2/3] glep-0074: Specify supported hash algorithms

2022-09-11 Thread Michał Górny
Replace the informational hash name section with a formal specification
of allowed hash algorithms.  The original reasoning for leaving them
implementation-defined was poor.  After all, not a single new hash
was added since the initial version of the GLEP.  At the same time,
ensuring consistent support for at least a minimal set of hash
algorithms is crucial to interoperability.  Given that the effort needed
to update the GLEP is relatively small, it is better to require all
algorithms to be formally listed than to have to track all
implementations for new hashes and hope for consistency.

Signed-off-by: Michał Górny 
---
 glep-0074.rst | 125 +++---
 1 file changed, 77 insertions(+), 48 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 8cec618..33f6f80 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -6,7 +6,7 @@ Author: Michał Górny ,
 Ulrich Müller 
 Type: Standards Track
 Status: Final
-Version: 1.2
+Version: 1.3
 Created: 2017-10-21
 Last-Modified: 2022-09-11
 Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
@@ -26,6 +26,9 @@ efficient and provide means of backwards compatibility.
 Changes
 ===
 
+v1.3
+  Formally specified the current set of hash algorithms supported.
+
 v1.2
   Specified the newline convention used for Manifests.
 
@@ -364,27 +367,50 @@ up to and including the *original* directory. Note that 
those
 sub-Manifests can use different filenames than ``Manifest``.
 
 
-Checksum algorithms (informational)

-
-This section is informational only. Specifying the exact set
-of supported algorithms is outside the scope of this specification.
-
-The algorithm names reserved at the time of writing are:
-
-- ``MD5`` [#MD5]_,
-- ``RMD160`` -- RIPEMD-160 [#RIPEMD160]_,
-- ``SHA1`` [#SHS]_,
-- ``SHA256`` and ``SHA512`` -- SHA-2 family of hashes [#SHS]_,
-- ``WHIRLPOOL`` [#WHIRLPOOL]_,
-- ``BLAKE2B`` and ``BLAKE2S`` -- BLAKE2 family of hashes [#BLAKE2]_,
-- ``SHA3_256`` and ``SHA3_512`` -- SHA-3 family of hashes [#SHA3]_,
-- ``STREEBOG256`` and ``STREEBOG512`` -- Streebog family of hashes
-  [#STREEBOG]_.
-
-The method of introducing new hashes is defined by GLEP 59 [#GLEP59]_.
-It is recommended that any new hashes are named after the Python
-``hashlib`` module algorithm names, transformed into uppercase.
+Checksum algorithms
+---
+
+.. table:: Table 1. Defined hash algorithms
+   :widths: auto
+   :class: table table-bordered table-striped
+
+   === ===   ===
+   NameSpecification   Bits Enc. Notes
+   === ===   ===
+   ``BLAKE2B`` RFC 7693 [#RFC7693]_512  Hex  Recommended
+   ``BLAKE2S`` ditto   256  Hex
+   ``MD5`` RFC 1321 [#RFC1321]_128  Hex  Deprecated
+   ``RMD160``  RIPEMD-160 [#RMD160]_   160  Hex  Deprecated
+   ``SHA1``FIPS 180-4 [#SHS]_  160  Hex  Deprecated
+   ``SHA256``  ditto   256  Hex
+   ``SHA512``  ditto   512  Hex  Recommended
+   ``SHA3_256``FIPS 202 [#SHA3]_   256  Hex
+   ``SHA3_512``ditto   512  Hex
+   ``STREEBOG256`` RFC 6986 [#RFC6986]_256  Hex
+   ``STREEBOG512`` ditto   512  Hex
+   ``WHIRLPOOL``   Whirlpool [#WHIRLPOOL]_ 512  Hex
+   === ===   ===
+
+Any new hashes must be added to this specification prior to being used
+in Manifest files. Adding a new hash is considered
+a backwards-compatible change to the GLEP. It is recommended that new
+hashes are named after the Python ``hashlib`` module algorithm names,
+transformed into uppercase, with dashes replaced by underscores.
+
+An implementation can implement an arbitrary subset of the listed
+hashes. For best interoperability, it should implement at least
+recommended hashes. If deprecated hashes are implemented, it is
+preferable to disallow their use by default.
+
+If an entry specifies multiple hashes using different algorithms,
+an implementation may choose to verify an arbitrary subset of them.
+However, should any tested hash yield a mismatch, the verification must
+fail.
+
+If a particular hash is either unsupported or unknown,
+the implementation can either ignore it or report a failure. However,
+at least one algorithm specified for a particular entry must be
+supported for the verification to succeed.
 
 
 Manifest compression
@@ -913,23 +939,25 @@ tool working with this Manifest format.
 Hash algorithms
 ---
 
-While maintaining a consistent supported hash set is important
-for interoperability, it is not a good fit for the generic layout
-of this GLEP. Furthermore, it would require updating the GLEP
-in the future every time the used algorithms change.
+Originally, this GLEP did not formally specify the complete set of hash
+algorithms. Instead

[gentoo-dev] [PATCH 1/3] glep-0074: Add a changelog

2022-09-11 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 15 +--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 182a871..8cec618 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -8,8 +8,8 @@ Type: Standards Track
 Status: Final
 Version: 1.2
 Created: 2017-10-21
-Last-Modified: 2022-09-08
-Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08
+Last-Modified: 2022-09-11
+Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
 Content-Type: text/x-rst
 Requires: 59, 61
 Replaces: 44, 58, 60
@@ -23,6 +23,17 @@ integrity and authenticity checks. The format aims to be 
future-proof,
 efficient and provide means of backwards compatibility.
 
 
+Changes
+===
+
+v1.2
+  Specified the newline convention used for Manifests.
+
+v1.1
+  Removed the restriction that all files covered by a Manifest tree
+  must reside on the same filesystem.
+
+
 Motivation
 ==
 
-- 
2.37.3




[gentoo-dev] [PATCH 0/3] glep-0074: Explicitly specify hashes and compressed Manifest formats

2022-09-11 Thread Michał Górny
Hi,

Here's a batch of three followup patches to GLEP 74 (Manifest),
to be reviewed separately from the previous set:

1. Add a changelog to the GLEP.
2. Explicitly list supported hash algorithms.
3. Explicitly list supported compressed Manifest formats.


Originally I didn't want to include these lists in GLEP 74 because
I didn't want to update the spec whenever we were to add a new hash.
However, from retrospective this seems wrong.  In the end, new hashes
are not something that happens every month (we didn't add any since
the GLEP was published) and updating the GLEP is relatively cheap.
At the same time, having a formal, well-defined list of algorithms
is good for interoperability.

I have also considered the option of listing the algorithms
in a separate GLEP but I think this option would only cause unnecessary
confusion.

-- 
Best regards,
Michał Górny

Michał Górny (3):
  glep-0074: Add a changelog
  glep-0074: Specify supported hash algorithms
  glep-0074: Specify compressed file formats

 glep-0074.rst | 220 --
 1 file changed, 161 insertions(+), 59 deletions(-)

-- 
2.37.3




[gentoo-dev] Last rites: dev-python/pytest-pylint

2022-09-11 Thread Michał Górny
# Michał Górny  (2022-09-11)
# Bad quality package with failing tests.  No revdeps.
# Removal on 2022-10-11.  Bug #869650.
dev-python/pytest-pylint

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH v2 5/5] glep-0074: Specify newline convention

2022-09-08 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 18 --
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 677bf35..182a871 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -6,7 +6,7 @@ Author: Michał Górny ,
 Ulrich Müller 
 Type: Standards Track
 Status: Final
-Version: 1.1
+Version: 1.2
 Created: 2017-10-21
 Last-Modified: 2022-09-08
 Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08
@@ -79,7 +79,10 @@ are relative to the directory containing the Manifest file. 
The paths
 must not reference the parent directory (``..``). Forward slash (``/``)
 is used as path component separator.
 
-The Manifest files use UTF-8 encoding.
+The Manifest files use UTF-8 encoding. Line feed (``U+000A``) is used
+to separate lines. For best compatibility, empty lines and any
+additional whitespace, including the carriage return character
+(``U+000D``) should be ignored by the implementation.
 
 
 Manifest file locations and nesting
@@ -516,6 +519,17 @@ information to perform the verification following all the 
rules specific
 to the Gentoo repository.
 
 
+Newline convention
+--
+
+Prior to version 1.2, the specification did not indicate the encoding
+to be used for newlines. Since the format is primarily used on Gentoo
+Linux systems, this has been changed to follow the Unix convention
+of using the line feed character. However, for best interoperability
+the implementation should be prepared to treat superfluous carriage
+return characters as whitespace and ignore them.
+
+
 Tree design
 ---
 
-- 
2.37.3




[gentoo-dev] [PATCH v2 4/5] glep-0074: Inline Manifest format description

2022-09-08 Thread Michał Górny
Rather than limiting the GLEP to list changes from GLEP 44, include
a short inline explanation of the base Manifest format.  This makes
the standard more standalone, and GLEP 44 did not do a very good job
of describing the format either.

Signed-off-by: Michał Górny 
---
 glep-0074.rst | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/glep-0074.rst b/glep-0074.rst
index 0ce7baf..677bf35 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -68,6 +68,12 @@ repurposed as a generic *tag* that could also indicate 
additional
 (non-checksum) metadata. Appropriately, those tags can be followed by
 other space-separated values.
 
+The Manifest file is a line-oriented text file. Every line comprises
+a single Manifest entry and consists of one or more fields separated
+by a single space character (``U+0020``). The tags and their
+corresponding fields are defined in the `modern Manifest tags`_
+and `deprecated Manifest tags`_ sections.
+
 Unless specified otherwise, the paths used in the Manifest files
 are relative to the directory containing the Manifest file. The paths
 must not reference the parent directory (``..``). Forward slash (``/``)
-- 
2.37.3




[gentoo-dev] [PATCH v2 3/5] glep-0074: Clearly indicate that top-level Manifest is not listed

2022-09-08 Thread Michał Górny
Make it clear that the top-level Manifest is not verified through itself
or other Manifests, and should not be explicitly listed in IGNORE.

Signed-off-by: Michał Górny 
---
 glep-0074.rst | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 1005f85..0ce7baf 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -109,8 +109,9 @@ of specific files and directories (recursively):
 
 3. using names starting with a dot (``.``) which are always skipped.
 
-All files that are not ignored must be covered by at least one
-of the Manifests.
+The top-level Manifest is skipped implicitly and it is an error to list
+it in Manifest files. All remaining files that are not ignored must
+be covered by at least one of the Manifests.
 
 A single file may be matched by multiple identical or equivalent
 Manifest entries, if and only if the entries have the same semantics,
-- 
2.37.3




[gentoo-dev] [PATCH v2 2/5] glep-0074: Link OpenPGP to RFC 4880

2022-09-08 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index b61801d..1005f85 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -82,7 +82,8 @@ Manifest file locations and nesting
 The ``Manifest`` file located in the root directory of the repository
 is called top-level Manifest, and it is used to perform the full-tree
 verification. In order to verify the authenticity, it must be signed
-using OpenPGP, using the armored cleartext format.
+using OpenPGP, using the armored cleartext format as defined by RFC 4880
+§ 7 or a subsequent standard [#RFC4880]_.
 
 The top-level Manifest may reference sub-Manifests contained
 in subdirectories of the repository. The sub-Manifests are traditionally
@@ -1026,6 +1027,9 @@ References
 .. [#GLEP61] GLEP 61: Manifest2 compression
(https://www.gentoo.org/glep/glep-0061.html)
 
+.. [#RFC4880] RFC 4880: OpenPGP Message Format
+   (https://www.rfc-editor.org/rfc/rfc4880)
+
 .. [#UNICODE] The Unicode standard
(https://unicode.org/versions/latest/)
 
-- 
2.37.3




[gentoo-dev] [PATCH v2 1/5] glep-0074: Update license to CC BY-SA 4.0

2022-09-08 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 4adf068..b61801d 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -8,8 +8,8 @@ Type: Standards Track
 Status: Final
 Version: 1.1
 Created: 2017-10-21
-Last-Modified: 2018-03-11
-Post-History: 2017-10-26, 2017-11-16, 2018-02-08
+Last-Modified: 2022-09-08
+Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08
 Content-Type: text/x-rst
 Requires: 59, 61
 Replaces: 44, 58, 60
@@ -1071,6 +1071,7 @@ References
 
 Copyright
 =
-This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
-Unported License. To view a copy of this license, visit
-https://creativecommons.org/licenses/by-sa/3.0/.
+
+This work is licensed under the Creative Commons Attribution-ShareAlike 4.0
+International License. To view a copy of this license, visit
+https://creativecommons.org/licenses/by-sa/4.0/.
-- 
2.37.3




[gentoo-dev] [PATCH 4/4] glep-0074: Specify newline convention

2022-09-08 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 17 +++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index ff8002f..a65a7e7 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -6,7 +6,7 @@ Author: Michał Górny ,
 Ulrich Müller 
 Type: Standards Track
 Status: Final
-Version: 1.1
+Version: 1.2
 Created: 2017-10-21
 Last-Modified: 2022-09-08
 Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08
@@ -79,7 +79,10 @@ are relative to the directory containing the Manifest file. 
The paths
 must not reference the parent directory (``..``). Forward slash (``/``)
 is used as path component separator.
 
-The Manifest files use UTF-8 encoding.
+The Manifest files use UTF-8 encoding.  Line feed (``U+000A``) character
+is used to separate lines.  For best compatibility, empty lines and any
+additional whitespace, including the carriage return character
+(``U+000D``) should be ignored by the implementation.
 
 
 Manifest file locations and nesting
@@ -516,6 +519,16 @@ information to perform the verification following all the 
rules specific
 to the Gentoo repository.
 
 
+Newline convention
+--
+Prior to version 1.2, the specification did not indicate the encoding
+to be used for newlines. Since the format is primarily used on Gentoo
+Linux systems, this has been changed to follow the Unix convention
+of using the line feed character. However, for best interoperability
+implementation should be prepared to treat superfluous carriage return
+characters as whitespace and ignore them.
+
+
 Tree design
 ---
 
-- 
2.37.3




[gentoo-dev] [PATCH 3/4] glep-0074: Inline Manifest format description

2022-09-08 Thread Michał Górny
Rather than limiting the GLEP to list changes from GLEP 44, include
a short inline explanation of the base Manifest format.  This makes
the standard more standalone, and GLEP 44 did not do a very good job
of describing the format either.

Signed-off-by: Michał Górny 
---
 glep-0074.rst | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/glep-0074.rst b/glep-0074.rst
index 0117c4b..ff8002f 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -68,6 +68,12 @@ repurposed as a generic *tag* that could also indicate 
additional
 (non-checksum) metadata. Appropriately, those tags can be followed by
 other space-separated values.
 
+The Manifest file is a line-oriented text file. Every line comprises
+a single Manifest entry and consists of one or more fields separated
+by a single space character (``U+0020``). The tags and their
+corresponding fields are defined in the `modern Manifest tags`_
+and `deprecated Manifest tags`_ sections.
+
 Unless specified otherwise, the paths used in the Manifest files
 are relative to the directory containing the Manifest file. The paths
 must not reference the parent directory (``..``). Forward slash (``/``)
-- 
2.37.3




[gentoo-dev] [PATCH 2/4] glep-0074: Clearly indicate that top-level Manifest is not listed

2022-09-08 Thread Michał Górny
Make it clear that the top-level Manifest is not verified through itself
or other Manifests, and should not be explicitly listed in IGNORE.

Signed-off-by: Michał Górny 
---
 glep-0074.rst | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 80a63a1..0117c4b 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -109,8 +109,9 @@ of specific files and directories (recursively):
 
 3. using names starting with a dot (``.``) which are always skipped.
 
-All files that are not ignored must be covered by at least one
-of the Manifests.
+The top-level Manifest is skipped implicitly and it is an error to list
+it in Manifest files. All the remaining files that are not ignored must
+be covered by at least one of the Manifests.
 
 A single file may be matched by multiple identical or equivalent
 Manifest entries, if and only if the entries have the same semantics,
-- 
2.37.3




[gentoo-dev] [PATCH 1/4] glep-0074: Link OpenPGP to RFC 4880

2022-09-08 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 glep-0074.rst | 10 +++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/glep-0074.rst b/glep-0074.rst
index 4adf068..80a63a1 100644
--- a/glep-0074.rst
+++ b/glep-0074.rst
@@ -8,8 +8,8 @@ Type: Standards Track
 Status: Final
 Version: 1.1
 Created: 2017-10-21
-Last-Modified: 2018-03-11
-Post-History: 2017-10-26, 2017-11-16, 2018-02-08
+Last-Modified: 2022-09-08
+Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08
 Content-Type: text/x-rst
 Requires: 59, 61
 Replaces: 44, 58, 60
@@ -82,7 +82,8 @@ Manifest file locations and nesting
 The ``Manifest`` file located in the root directory of the repository
 is called top-level Manifest, and it is used to perform the full-tree
 verification. In order to verify the authenticity, it must be signed
-using OpenPGP, using the armored cleartext format.
+using OpenPGP, using the armored cleartext format as defined by RFC 4880
+§ 7 or a subsequent standard [#RFC4880]_.
 
 The top-level Manifest may reference sub-Manifests contained
 in subdirectories of the repository. The sub-Manifests are traditionally
@@ -1026,6 +1027,9 @@ References
 .. [#GLEP61] GLEP 61: Manifest2 compression
(https://www.gentoo.org/glep/glep-0061.html)
 
+.. [#RFC4880] RFC 4880: OpenPGP Message Format
+   (https://www.rfc-editor.org/rfc/rfc4880)
+
 .. [#UNICODE] The Unicode standard
(https://unicode.org/versions/latest/)
 
-- 
2.37.3




[gentoo-dev] [PATCH 0/4] glep-0074: Clarifications

2022-09-08 Thread Michał Górny
Hi,

Here are a few clarifications for the Manifest format specification
in GLEP 74.  They are mostly editorial changes, except for the last
patch.  The patches do, in order:

1. Replace bare "OpenPGP" with a reference to RFC 4880.

2. Make it clear that Manifests do not specify an entry for the
   top-level Manifest, nor IGNORE it explicitly.

3. Shortly describe the actual format used for Manifest entries rather
   than relying on GLEP 44 to do that, especially that it doesn't
   really.

4. Specify that Unix newline convention is to be used for Manifest
   files and spurious whitespace (including stray CRs) should be
   ignored.

Please review.


Michał Górny (4):
  glep-0074: Link OpenPGP to RFC 4880
  glep-0074: Clearly indicate that top-level Manifest is not listed
  glep-0074: Inline Manifest format description
  glep-0074: Specify newline convention

 glep-0074.rst | 38 +++---
 1 file changed, 31 insertions(+), 7 deletions(-)

-- 
2.37.3




[gentoo-dev] Initial review: registration for text/vnd.gentoo.manifest media type

2022-09-07 Thread Michał Górny
Hi,

I'd like to give it a shot and try to register a media type for GLEP 74
Manifest files.  I've specifically chosen this type because it's
relatively simple and well-specified.  I'd like to request your feedback
on the registration form, then ask Council for approving it and then
send it to IANA media-types ml for feedback.


```
Type name: text

Subtype name: vnd.gentoo.manifest

Required parameters:

charset - always "UTF-8"


Optional parameters:

none


Encoding considerations:

8-bit text

always encoded as UTF-8, the format technically permits encoding all
Unicode characters as 7-bit escape codes


Security considerations:

The Manifest files are text files that are transmitted as part of larger
file sets in order to provide integrity and authenticity verification
for other files.  They are primarily intended to be processed locally
to verify transferred files.

The format does not provide support for executable content.  It does
provide support for specifying arbitrary filenames to verify.  Symbolic
links are followed when opening files.  The tools are explicitly
required to be secured against attempting to read non-regular files.
No other dangers were identified from the ability to verify arbitrary
file checksums locally (GLEP 74 § 3.3).

The initial Manifest file to be processed must not be compressed.
It can contain an inline OpenPGP signature to provide authenticity
verification.  Every Manifest file can reference subsequent Manifest
files to be processed.  Subsequent Manifest files can be compressed.
The tools are required to verify the integrity (and authenticity,
if provided) of subsequent Manifest files prior to decompressing them
(GLEP 74 § 3.2 / 3.12).

The Manifest files have no special privacy considerations.  The same
privacy considerations as for the files covered by the Manifest apply.


Interoperability considerations:

The format is using UTF-8 encoding for best interoperability.  Platforms
using non-UTF-8 filesystem encoding need to be able to recode filenames
to UTF-8.  The format does not provide support for using raw filenames
with unknown encoding.

The format does not specify newline encoding.  The implementations need
to be able to support different platform newline conventions for
portability.

The format specifies the use of forward slash as a directory separator.
Platforms using a different character need to convert paths
appropriately.


Published specification:

GLEP 74: Full-tree verification using Manifest files
https://www.gentoo.org/glep/glep-0074.html


Applications that use this media type:

The reference implementation for the format is provided by the gemato
tool [1].  A subset of the format is also directly supported by Gentoo
package managers, e.g. Portage [2] and pkgcore [3].  This list is not
exhaustive.

[1] https://github.com/projg2/gemato
[2] https://wiki.gentoo.org/wiki/Project:Portage
[3] https://github.com/pkgcore/pkgcore


Fragment identifier considerations:

None.


Additional information:

 Deprecated alias names for this type: none
 Magic number(s): none
 File extension(s): none, the file is commonly named "Manifest"
 Macintosh file type code(s): none

Person & email address to contact for further information:

Michał Górny 


Intended usage: COMMON

Restrictions on usage:

None.


Author: Michał Górny 

Change controller: Gentoo Council 

Provisional registration? (standards tree only): no
```

-- 
Best regards,
Michał Górny




Re: [gentoo-dev] Registering media types for Gentoo files

2022-09-06 Thread Michał Górny
On Tue, 2022-09-06 at 12:18 +0200, Florian Schmaus wrote:
> On 06.09.22 11:33, Michał Górny wrote:
> > Hi, everyone.
> > 
> > Since we've been standardizing some things in Gentoo lately, I was
> > thinking we could try to get some media types registered with IANA.
> > 
> > Particularly, I'm thinking of registering our Manifest format [1] as:
> > 
> >text/vnd.gentoo.manifest
> > 
> > and our new binary package container format [2] as:
> > 
> >application/vnd.gentoo.gpkg
> > 
> > However, the process is non-trivial and I'm not sure if the latter
> > really qualifies, given we're only specifying the container and not
> > the complete data format.  To be honest, the specs are quite huge
> > and I'd really appreciate some help grasping all of this.
> > 
> > Perhaps ebuilds and eclasses would also qualify for registration.
> > 
> > WDYT?
> 
> If you are happy to put in the effort, then I would go for it. Some 
> (most?) IANA registries are relatively easy to get in. I have some, but 
> somewhat little, experience with IANA due my XMPP background and I am 
> happy to assist.
> 

Thanks, I'll keep that in mind.  That said, I just noticed that Debian
has their binpkg format registered, so I may be able to get some
inspiration there ;-).

-- 
Best regards,
Michał Górny




Re: [gentoo-dev] Registering media types for Gentoo files

2022-09-06 Thread Michał Górny
On Tue, 2022-09-06 at 10:40 +0100, Roy Bamford wrote:
> On 2022.09.06 10:33, Michał Górny wrote:
> > Hi, everyone.
> > 
> > Since we've been standardizing some things in Gentoo lately, I was
> > thinking we could try to get some media types registered with IANA.
> > 
> > Particularly, I'm thinking of registering our Manifest format [1] as:
> > 
> >   text/vnd.gentoo.manifest
> > 
> > and our new binary package container format [2] as:
> > 
> >   application/vnd.gentoo.gpkg
> > 
> > However, the process is non-trivial and I'm not sure if the latter
> > really qualifies, given we're only specifying the container and not
> > the complete data format.  To be honest, the specs are quite huge
> > and I'd really appreciate some help grasping all of this.
> > 
> > Perhaps ebuilds and eclasses would also qualify for registration.
> > 
> > WDYT?
> > 
> > [1] https://www.gentoo.org/glep/glep-0074.html
> > [2] https://www.gentoo.org/glep/glep-0078.html
> > 
> > -- 
> > Best regards,
> > Michał Górny
> > 
> > 
> > 
> 
> Michał,
> 
> > However, the process is non-trivial ... 
> That's a down side.
> 
> What are the benefits to Gentoo?
> 

Fame and glory?  I think we might be the second (after Debian) distro to
have officially registered MIME types.

-- 
Best regards,
Michał Górny




[gentoo-dev] Registering media types for Gentoo files

2022-09-06 Thread Michał Górny
Hi, everyone.

Since we've been standardizing some things in Gentoo lately, I was
thinking we could try to get some media types registered with IANA.

Particularly, I'm thinking of registering our Manifest format [1] as:

  text/vnd.gentoo.manifest

and our new binary package container format [2] as:

  application/vnd.gentoo.gpkg

However, the process is non-trivial and I'm not sure if the latter
really qualifies, given we're only specifying the container and not
the complete data format.  To be honest, the specs are quite huge
and I'd really appreciate some help grasping all of this.

Perhaps ebuilds and eclasses would also qualify for registration.

WDYT?

[1] https://www.gentoo.org/glep/glep-0074.html
[2] https://www.gentoo.org/glep/glep-0078.html

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH] python-utils-r1.eclass: Pass "-p no:xvfb" in epytest

2022-09-05 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/python-utils-r1.eclass | 5 +
 1 file changed, 5 insertions(+)

GitHub PR (with package updates):


diff --git a/eclass/python-utils-r1.eclass b/eclass/python-utils-r1.eclass
index 89013591c31b..7a5f84bd561e 100644
--- a/eclass/python-utils-r1.eclass
+++ b/eclass/python-utils-r1.eclass
@@ -1334,6 +1334,11 @@ epytest() {
# pytest-sugar undoes everything that's good about pytest output
# and makes it hard to read logs
-p no:sugar
+   # pytest-xvfb automatically spawns Xvfb for every test suite,
+   # effectively forcing it even when we'd prefer the tests
+   # not to have DISPLAY at all, causing crashes sometimes
+   # and causing us to miss missing virtualx usage
+   -p no:xvfb
)
local x
for x in "${EPYTEST_DESELECT[@]}"; do
-- 
2.37.3




Re: [gentoo-dev] Last rites: dev-python/flask-security & its deps

2022-08-30 Thread Michał Górny
On Tue, 2022-08-30 at 07:33 -0700, Zoltan Puskas wrote:
> Hi,
> 
> Can we please keep `dev-python/pyqrcode`. I find it quite useful for
> quickly generating QR codes from scripts.

pyqrcode is dead and buried.  Use dev-python/qrcode instead.  Look
at [1], [2] for some ideas how to replace it.


[1] https://github.com/crossbario/autobahn-python/pull/1573/files
[2] https://github.com/Flask-Middleware/flask-security/pull/623/files

-- 
Best regards,
Michał Górny




[gentoo-dev] Last rites: dev-python/flask-security & its deps

2022-08-30 Thread Michał Górny
# Michał Górny  (2022-08-30)
# Flask-Security-Too is a package with high maintenance cost
# and no revdeps in ::gentoo.  The next version bump (once more)
# introduces more dependencies.
#
# The remaining listed packages are used exclusively by this package
# (or its tests).  If you find one of them useful, please let us know
# and we'll keep it.
#
# Removal on 2022-09-29.  Bug #867415.
dev-python/flask-security
dev-python/flask-babelex
dev-python/flask-mail
dev-python/flask-principal
dev-python/flask-wtf
dev-python/mongomock
dev-python/peewee
dev-python/pony
dev-python/pyqrcode
dev-python/sentinels
dev-python/speaklater
dev-python/zxcvbn

-- 
Best regards,
Michał Górny




Re: [gentoo-dev] [RFC] Encouraging using hardening options in systemd units

2022-08-25 Thread Michał Górny
On Thu, 2022-08-25 at 16:06 +0200, Florian Schmaus wrote:
> On 25/08/2022 15.25, Kenton Groombridge wrote:
> > I think the best way to address this is to have packages ship unit override
> > files instead of unit files themselves which enable these options. For 
> > example,
> > instead of Gentoo shipping a modified miniflux.service unit file, we can 
> > instead
> > install a file to /etc/system/miniflux.service.d/00gentoo.conf using the
> > existing systemd_install_serviced helper in systemd.eclass which enables 
> > these
> > options.
> 
> Wouldn't the proper place for overrides installed by a distributions 
> package manager be
> 
> /usr/lib/systemd/system/miniflux.service.d/gentoo.conf
> 

These files are meant to be modifiable by the sysadmin, so they don't
belong in /usr.

-- 
Best regards,
Michał Górny




Re: [gentoo-dev] new virtual for zig

2022-08-16 Thread Michał Górny
On Tue, 2022-08-16 at 22:48 +, Eric Joldasov wrote:
> Hello everyone,
> 
> I'd like to introduce "zig" virtual package that will be satisfied by 
> "dev-lang/zig-bin" or "dev-lang/zig" package [1]. The main reason is that 
> compilation of "dev-lang/zig" requires a lot of RAM [2] (10 GB, which makes 
> it impossible to build on x86 arch) and depends on LLVM, which can be a big 
> problem for people who just want to upgrade "sys-fs/ncdu" (the only reverse 
> dependency) or use this programming language on systems with small amount of 
> RAM.
> 
> [1] https://github.com/gentoo/gentoo/pull/26325
> [2] 
> https://github.com/ziglang/zig/wiki/Troubleshooting-Build-Issues#high-memory-requirements
> [3] https://bugs.gentoo.org/823086
> 

In general that's a valid use of virtual and I don't exactly mind having
it added but if it's just one package, perhaps it'd be better to start
with a simple || dep and see how things develop?

-- 
Best regards,
Michał Górny




[gentoo-dev] Last rites: dev-libs/libdivsufsort

2022-08-11 Thread Michał Górny
# Michał Górny  (2022-08-11)
# Niche library with no revdeps left.  Last commit in 2015.
# Removal on 2022-09-10.  Bug #864889.
dev-libs/libdivsufsort

-- 
Best regards,
Michał Górny




[gentoo-dev] [PATCH 11/11] python-utils-r1.eclass: Sterilize pytest-sugar plugin

2022-07-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/python-utils-r1.eclass | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/eclass/python-utils-r1.eclass b/eclass/python-utils-r1.eclass
index b793a1f13e0f..89013591c31b 100644
--- a/eclass/python-utils-r1.eclass
+++ b/eclass/python-utils-r1.eclass
@@ -1331,6 +1331,9 @@ epytest() {
# sterilize pytest-markdown as it runs code snippets from all
# *.md files found without any warning
-p no:markdown
+   # pytest-sugar undoes everything that's good about pytest output
+   # and makes it hard to read logs
+   -p no:sugar
)
local x
for x in "${EPYTEST_DESELECT[@]}"; do
-- 
2.35.1




[gentoo-dev] [PATCH 10/11] dev-python/pygobject: Call python_optimize explicitly

2022-07-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 dev-python/pygobject/pygobject-3.42.2.ebuild | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dev-python/pygobject/pygobject-3.42.2.ebuild 
b/dev-python/pygobject/pygobject-3.42.2.ebuild
index 217ae21f2c4a..d411290d7520 100644
--- a/dev-python/pygobject/pygobject-3.42.2.ebuild
+++ b/dev-python/pygobject/pygobject-3.42.2.ebuild
@@ -65,6 +65,7 @@ python_test() {
 
 python_install() {
meson_src_install
+   python_optimize
 }
 
 python_install_all() {
-- 
2.35.1




[gentoo-dev] [PATCH 09/11] net-wireless/blueman: Invoke eautomake to fix py-compile script

2022-07-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 net-wireless/blueman/blueman-2.3.1.ebuild | 2 +-
 net-wireless/blueman/blueman-.ebuild  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/net-wireless/blueman/blueman-2.3.1.ebuild 
b/net-wireless/blueman/blueman-2.3.1.ebuild
index dbedcfc7eae6..997963609ec2 100644
--- a/net-wireless/blueman/blueman-2.3.1.ebuild
+++ b/net-wireless/blueman/blueman-2.3.1.ebuild
@@ -97,7 +97,7 @@ pkg_setup() {
 }
 
 src_prepare() {
-   [[ ${PV} ==  ]] && eautoreconf
+   [[ ${PV} ==  ]] && eautoreconf || eautomake
distutils-r1_src_prepare
 }
 
diff --git a/net-wireless/blueman/blueman-.ebuild 
b/net-wireless/blueman/blueman-.ebuild
index dbedcfc7eae6..997963609ec2 100644
--- a/net-wireless/blueman/blueman-.ebuild
+++ b/net-wireless/blueman/blueman-.ebuild
@@ -97,7 +97,7 @@ pkg_setup() {
 }
 
 src_prepare() {
-   [[ ${PV} ==  ]] && eautoreconf
+   [[ ${PV} ==  ]] && eautoreconf || eautomake
distutils-r1_src_prepare
 }
 
-- 
2.35.1




[gentoo-dev] [PATCH 08/11] dev-python/tomli: Call python_optimize explicitly

2022-07-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 dev-python/tomli/tomli-2.0.1-r1.ebuild | 5 +
 1 file changed, 5 insertions(+)

diff --git a/dev-python/tomli/tomli-2.0.1-r1.ebuild 
b/dev-python/tomli/tomli-2.0.1-r1.ebuild
index f24193c0c9fe..4a4c0bc1ea17 100644
--- a/dev-python/tomli/tomli-2.0.1-r1.ebuild
+++ b/dev-python/tomli/tomli-2.0.1-r1.ebuild
@@ -34,3 +34,8 @@ distutils_enable_tests unittest
 python_compile() {
python_domodule src/tomli "${WORKDIR}"/*.dist-info
 }
+
+python_install() {
+   distutils-r1_python_install
+   python_optimize
+}
-- 
2.35.1




[gentoo-dev] [PATCH 07/11] dev-python/installer: Call python_optimize explicitly

2022-07-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 dev-python/installer/installer-0.5.1-r1.ebuild | 5 +
 1 file changed, 5 insertions(+)

diff --git a/dev-python/installer/installer-0.5.1-r1.ebuild 
b/dev-python/installer/installer-0.5.1-r1.ebuild
index a29b236242ca..39b7336c9b89 100644
--- a/dev-python/installer/installer-0.5.1-r1.ebuild
+++ b/dev-python/installer/installer-0.5.1-r1.ebuild
@@ -35,3 +35,8 @@ distutils_enable_tests pytest
 python_compile() {
python_domodule src/installer "${WORKDIR}"/*.dist-info
 }
+
+python_install() {
+   distutils-r1_python_install
+   python_optimize
+}
-- 
2.35.1




[gentoo-dev] [PATCH 06/11] distutils-r1.eclass: Let gpep517 compile bytecode when 9+ is used

2022-07-29 Thread Michał Górny
Use the new --optimize option of gpep517 >= 9 when it is installed,
and remove the python_optimize call then.  This conditional logic is
meant to give some additional testing while gpep517-9 is still in ~arch.

Note that this also removes python_optimize call for "no" mode.
However, this mode is used only by a handful of ebuilds, so if any of
them needs an explicit python_optimize call, we can quickly fix them.

Signed-off-by: Michał Górny 
---
 eclass/distutils-r1.eclass | 36 ++--
 1 file changed, 26 insertions(+), 10 deletions(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index 495eead1d5fd..60f81473c0a6 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -1270,13 +1270,25 @@ distutils_wheel_install() {
local wheel=${2}
 
einfo "  Installing ${wheel##*/} to ${root}"
-   local cmd=(
-   gpep517 install-wheel
-   --destdir="${root}"
-   --interpreter="${PYTHON}"
-   --prefix="${EPREFIX}/usr"
-   "${wheel}"
-   )
+   if has_version -b ">=dev-python/gpep517-9"; then
+   # TODO: inline when we dep on >=9
+   local cmd=(
+   gpep517 install-wheel
+   --destdir="${root}"
+   --interpreter="${PYTHON}"
+   --prefix="${EPREFIX}/usr"
+   --optimize=all
+   "${wheel}"
+   )
+   else
+   local cmd=(
+   gpep517 install-wheel
+   --destdir="${root}"
+   --interpreter="${PYTHON}"
+   --prefix="${EPREFIX}/usr"
+   "${wheel}"
+   )
+   fi
printf '%s\n' "${cmd[*]}"
"${cmd[@]}" || die "Wheel install failed"
 
@@ -1994,9 +2006,13 @@ _distutils-r1_post_python_install() {
done
 
if [[ ${DISTUTILS_USE_PEP517} ]]; then
-   # we need to recompile everything here in order to embed
-   # the correct paths
-   python_optimize "${sitedir}"
+   if ! has_version -b ">=dev-python/gpep517-9"
+   then
+   # TODO: remove when we dep on >=9
+   # we need to recompile everything here in order 
to embed
+   # the correct paths
+   python_optimize "${sitedir}"
+   fi
fi
fi
 }
-- 
2.35.1




[gentoo-dev] [PATCH 05/11] distutils-r1.eclass: Pass EPREFIX to addpredict

2022-07-29 Thread Michał Górny
Pointed out by Arfrever.

Signed-off-by: Michał Górny 
---
 eclass/distutils-r1.eclass | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index e4ef1919bc7d..495eead1d5fd 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -1647,8 +1647,8 @@ distutils-r1_python_install() {
# python likes to compile any module it sees, which triggers 
sandbox
# failures if some packages haven't compiled their modules yet.
addpredict "${EPREFIX}/usr/lib/${EPYTHON}"
-   addpredict /usr/lib/pypy3.9
-   addpredict /usr/local # bug 498232
+   addpredict "${EPREFIX}/usr/lib/pypy3.9"
+   addpredict "${EPREFIX}/usr/local" # bug 498232
 
if [[ ! ${DISTUTILS_SINGLE_IMPL} ]]; then
merge_root=1
-- 
2.35.1




[gentoo-dev] [PATCH 04/11] distutils-r1.eclass: Bump dev-python/sip dependency

2022-07-29 Thread Michał Górny
Bug: https://bugs.gentoo.org/851840
Signed-off-by: Michał Górny 
---
 eclass/distutils-r1.eclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index 85a5c8496d49..e4ef1919bc7d 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -265,7 +265,7 @@ _distutils_set_globals() {
;;
sip)
bdep+='
-   >=dev-python/sip-6.6.1[${PYTHON_USEDEP}]
+   >=dev-python/sip-6.6.2[${PYTHON_USEDEP}]
'
;;
standalone)
-- 
2.35.1




[gentoo-dev] [PATCH 03/11] install-qa-check.d: Rewrite 60python-pyc to use gpep517

2022-07-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 metadata/install-qa-check.d/60python-pyc | 168 +--
 1 file changed, 96 insertions(+), 72 deletions(-)

diff --git a/metadata/install-qa-check.d/60python-pyc 
b/metadata/install-qa-check.d/60python-pyc
index 47e9a3eea908..fd9434994f2f 100644
--- a/metadata/install-qa-check.d/60python-pyc
+++ b/metadata/install-qa-check.d/60python-pyc
@@ -4,86 +4,110 @@
 # QA check: ensure that Python modules are compiled after installing
 # Maintainer: Python project 
 
-# EAPI guard to prevent errors from trying to import python-utils-r1
-# in unsupported EAPIs.  Please keep the list in sync with the eclass!
-if [[ ${EAPI} == [6-8] ]]; then
-   inherit python-utils-r1
+python_pyc_check() {
+   local save=$(shopt -p nullglob)
+   shopt -s nullglob
+   local progs=( "${EPREFIX}"/usr/lib/python-exec/*/gpep517 )
+   ${save}
 
-   python_pyc_check() {
-   local impl missing=() outdated=()
-   for impl in "${_PYTHON_SUPPORTED_IMPLS[@]}"; do
-   _python_export "${impl}" EPYTHON PYTHON
-   [[ -x ${PYTHON} ]] || continue
-   local sitedir=$(python_get_sitedir "${impl}")
+   local invalid=()
+   local mismatched_timestamp=()
+   local mismatched_data=()
+   local missing=()
+   local stray=()
 
-   if [[ -d ${D}${sitedir} ]]; then
-   local suffixes=() subdir=
-   case ${EPYTHON} in
-   python2*)
-   suffixes=( .py{c,o} )
-   ;;
-   pypy)
-   suffixes=( .pyc )
-   ;;
-   python3*|pypy3*)
-   local tag=$("${PYTHON}" -c 
'import sys; print(sys.implementation.cache_tag)')
-   suffixes=( 
".${tag}"{,.opt-{1,2}}.pyc )
-   subdir=__pycache__/
-   ;;
-   *)
-   # skip testing unknown impl
-   continue
-   ;;
-   esac
+   for prog in "${progs[@]}"; do
+   local impl=${prog%/*}
+   impl=${impl##*/}
+   einfo "Verifying compiled files for ${impl}"
+   local kind pyc py
+   while IFS=: read -r kind pyc py extra; do
+   case ${kind} in
+   invalid)
+   invalid+=( "${pyc}" )
+   ;;
+   mismatched)
+   case ${extra} in
+   timestamp)
+   mismatched_timestamp+=( 
"${pyc}" )
+   ;;
+   *)
+   mismatched_data+=( 
"${pyc}" )
+   ;;
+   esac
+   ;;
+   missing)
+   missing+=( "${pyc}" )
+   ;;
+   older)
+   # older warnings were produced by 
earlier version
+   # of gpep517 but the check was 
incorrect, so we just
+   # ignore them
+   ;;
+   stray)
+   stray+=( "${pyc}" )
+   ;;
+   esac
+   done < <("${prog}" verify-pyc --destdir "${D}" --prefix 
"${EPREFIX}"/usr)
+   done
 
-   einfo "Verifying compiled files in ${sitedir}"
-   local f s
-   while read -d $'\0' -r f; do
-   local dir=${f%/*}
-   local basename=${f##*/}
-   basename=${basename%.py}
+   local found=
+   if [[ ${missing[@]} ]]; then
+   eqawarn
+   eqawarn "QA Notice: This p

[gentoo-dev] [PATCH 02/11] distutils-r1.eclass: Require gpep517 >= 8

2022-07-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/distutils-r1.eclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index 9909ba70178c..85a5c8496d49 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -205,7 +205,7 @@ _distutils_set_globals() {
fi
 
bdep='
-   >=dev-python/gpep517-6[${PYTHON_USEDEP}]
+   >=dev-python/gpep517-8[${PYTHON_USEDEP}]
'
case ${DISTUTILS_USE_PEP517} in
flit)
-- 
2.35.1




[gentoo-dev] [PATCH 01/11] distutils-r1.eclass: Update pyproject.toml advice for PEP517 mode

2022-07-29 Thread Michał Górny
Signed-off-by: Michał Górny 
---
 eclass/distutils-r1.eclass | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index e64eedec5fd3..9909ba70178c 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -884,10 +884,10 @@ _distutils-r1_handle_pyproject_toml() {
 
if [[ ! -f setup.py && -f pyproject.toml ]]; then
if [[ ${DISTUTILS_USE_SETUPTOOLS} != pyproject.toml ]]; then
-   eerror "No setup.py found but pyproject.toml is 
present.  In order to enable"
-   eerror "pyproject.toml support in distutils-r1, set:"
-   eerror "  DISTUTILS_USE_SETUPTOOLS=pyproject.toml"
-   die "No setup.py found and 
DISTUTILS_USE_SETUPTOOLS!=pyproject.toml"
+   eerror "No setup.py found but pyproject.toml is 
present.  Please migrate"
+   eerror "the package to use DISTUTILS_USE_PEP517. See:"
+   eerror "  
https://projects.gentoo.org/python/guide/distutils.html;
+   die "No setup.py found and PEP517 mode not enabled"
fi
fi
 }
-- 
2.35.1




[gentoo-dev] [PATCH 00/11] distutils-r1.eclass: Support for gpep517-9+ --optimize + minor changes

2022-07-29 Thread Michał Górny
Hi,

Here's another medium-sized patchset for Python eclasses.  The primary
feature is support for the new gpep517 9+ option to byte-compile
installed .pyc files.  As a result, rather than delaying until
python_install(), we get optimized .pyc already in python_compile()
and the test phase should be faster.

This implies a minor change to DISTUTILS_USE_PEP517=no behavior -- we're
no longer calling python_optimize implicitly, so if the ebuild does not
compile bytecode, it needs to call python_optimize explicitly now.
This mode is used only by a few ebuilds right now, so I'm including
updates to them as well.  On the plus side, it now avoids compiling .py
files twice in the remaining ebuilds.

The other major change included is rewriting the .pyc install-qa-check.d
to use the new "gpep517 verify-pyc" command rather than implementing
the checks in bash.  Since gpep517 is a dep of all ebuilds inheriting
distutils-r1, this should be a relatively safe place to put
the functionality, and so the check should work reliably in most
of the environments.  This also includes more correct checking of
whether .pyc files are up-to-date that couldn't be done in bash because
it impacted performance *a lot*.

The other changes include a fix for obsolete pyproject.toml
recommendation, the usual build system minimal version updates,
disabling pytest-sugar plugin in epytest (that makes test output awful)
and fixing EPREFIX in addpredict invocations.


Michał Górny (11):
  distutils-r1.eclass: Update pyproject.toml advice for PEP517 mode
  distutils-r1.eclass: Require gpep517 >= 8
  install-qa-check.d: Rewrite 60python-pyc to use gpep517
  distutils-r1.eclass: Bump dev-python/sip dependency
  distutils-r1.eclass: Pass EPREFIX to addpredict
  distutils-r1.eclass: Let gpep517 compile bytecode when 9+ is used
  dev-python/installer: Call python_optimize explicitly
  dev-python/tomli: Call python_optimize explicitly
  net-wireless/blueman: Invoke eautomake to fix py-compile script
  dev-python/pygobject: Call python_optimize explicitly
  python-utils-r1.eclass: Sterilize pytest-sugar plugin

 .../installer/installer-0.5.1-r1.ebuild   |   5 +
 dev-python/pygobject/pygobject-3.42.2.ebuild  |   1 +
 dev-python/tomli/tomli-2.0.1-r1.ebuild|   5 +
 eclass/distutils-r1.eclass|  52 --
 eclass/python-utils-r1.eclass |   3 +
 metadata/install-qa-check.d/60python-pyc  | 168 ++
 net-wireless/blueman/blueman-2.3.1.ebuild |   2 +-
 net-wireless/blueman/blueman-.ebuild  |   2 +-
 8 files changed, 146 insertions(+), 92 deletions(-)

-- 
2.35.1




  1   2   3   4   5   6   7   8   9   10   >