On 07/14/2018 12:08 AM, Michał Górny wrote:
> Warn if the '=' package dependency operator is used along with pure
> version with no revision specified. This means to catch a common mistake
> of developers copying '=' from upstream dependency specification while
> '~' operator would be more appropriate. This causes unintended depgraph
> breakage when the dependencies are revbumped e.g. due to dependency
> changes, or prevents people from upgrading.
>
> The developers are given two suggestions: either to use '~' if any
> revision is acceptable, or to explicitly specify '-r0' when they really
> do accept -r0 only.
>
> Bug: https://bugs.gentoo.org/649482
> ---
> repoman/cnf/qa_data/qa_data.yaml | 1 +
> repoman/cnf/repository/qa_data.yaml | 1 +
> .../pym/repoman/modules/scan/depend/_depend_checks.py| 9 +
> 3 files changed, 11 insertions(+)
>
> Changes in v2:
> rebased for the repoman rewrite
>
> diff --git a/repoman/cnf/qa_data/qa_data.yaml
> b/repoman/cnf/qa_data/qa_data.yaml
> index 32994e013..d68673708 100644
> --- a/repoman/cnf/qa_data/qa_data.yaml
> +++ b/repoman/cnf/qa_data/qa_data.yaml
> @@ -26,6 +26,7 @@ qahelp:
> badinexp: "User-visible ebuilds with unsatisfied dependencies
> (matched against *visible* ebuilds) in experimental arch"
> badmaskedinexp: "Masked ebuilds with unsatisfied dependencies
> (matched against *all* ebuilds) in experimental arch"
> badtilde: "Uses the ~ dep operator with a non-zero revision part,
> which is useless (the revision is ignored)"
> +equalsversion: "Suspicious =-dependency with a specific version and
> no rev. Please either use ~ if any revision is acceptable, or append -r0 to
> silence the warning."
> missingslot: "RDEPEND matches more than one SLOT but does not
> specify a slot and/or use the := or :* slot operator"
> perlcore: "This ebuild directly depends on a package in perl-core;
> it should use the corresponding virtual instead."
> syntax: "Syntax error in dependency string (usually an extra/missing
> space/parenthesis)"
> diff --git a/repoman/cnf/repository/qa_data.yaml
> b/repoman/cnf/repository/qa_data.yaml
> index 4aa961633..2e9e16b1d 100644
> --- a/repoman/cnf/repository/qa_data.yaml
> +++ b/repoman/cnf/repository/qa_data.yaml
> @@ -44,6 +44,7 @@ qawarnings:
> - dependency.badindev
> - dependency.badmaskedindev
> - dependency.badtilde
> +- dependency.equalsversion
> - dependency.missingslot
> - dependency.perlcore
> - DESCRIPTION.toolong
> diff --git a/repoman/pym/repoman/modules/scan/depend/_depend_checks.py
> b/repoman/pym/repoman/modules/scan/depend/_depend_checks.py
> index 79fd0a0c2..690b95aa0 100644
> --- a/repoman/pym/repoman/modules/scan/depend/_depend_checks.py
> +++ b/repoman/pym/repoman/modules/scan/depend/_depend_checks.py
> @@ -152,6 +152,15 @@ def _depend_checks(ebuild, pkg, portdb, qatracker,
> repo_metadata, qadata):
> qacat, "%s: %s uses the ~
> operator"
> " with a non-zero revision:
> '%s'" %
> (ebuild.relative_path, mytype,
> atom))
> + # plain =foo-1.2.3 without revision or *
> + if atom.operator == "=" and '-r' not in
> atom.version:
> + qacat = 'dependency.equalsversion'
> + qatracker.add_error(
> + qacat, "%s: %s uses the =
> operator with"
> + " no revision: '%s'; if any
> revision is"
> + " acceptable, use '~' instead;
> if only -r0"
> + " then please append '-r0' to
> the dep" %
> + (ebuild.relative_path, mytype,
> atom))
>
> check_missingslot(atom, mytype, ebuild.eapi,
> portdb, qatracker,
> ebuild.relative_path, ebuild.metadata)
>
Looks good, please merge.
--
Thanks,
Zac
signature.asc
Description: OpenPGP digital signature