On 07/14/2018 12:08 AM, Michał Górny wrote: > Warn if the '=' package dependency operator is used along with pure > version with no revision specified. This means to catch a common mistake > of developers copying '=' from upstream dependency specification while > '~' operator would be more appropriate. This causes unintended depgraph > breakage when the dependencies are revbumped e.g. due to dependency > changes, or prevents people from upgrading. > > The developers are given two suggestions: either to use '~' if any > revision is acceptable, or to explicitly specify '-r0' when they really > do accept -r0 only. > > Bug: https://bugs.gentoo.org/649482 > --- > repoman/cnf/qa_data/qa_data.yaml | 1 + > repoman/cnf/repository/qa_data.yaml | 1 + > .../pym/repoman/modules/scan/depend/_depend_checks.py | 9 +++++++++ > 3 files changed, 11 insertions(+) > > Changes in v2: > rebased for the repoman rewrite > > diff --git a/repoman/cnf/qa_data/qa_data.yaml > b/repoman/cnf/qa_data/qa_data.yaml > index 32994e013..d68673708 100644 > --- a/repoman/cnf/qa_data/qa_data.yaml > +++ b/repoman/cnf/qa_data/qa_data.yaml > @@ -26,6 +26,7 @@ qahelp: > badinexp: "User-visible ebuilds with unsatisfied dependencies > (matched against *visible* ebuilds) in experimental arch" > badmaskedinexp: "Masked ebuilds with unsatisfied dependencies > (matched against *all* ebuilds) in experimental arch" > badtilde: "Uses the ~ dep operator with a non-zero revision part, > which is useless (the revision is ignored)" > + equalsversion: "Suspicious =-dependency with a specific version and > no rev. Please either use ~ if any revision is acceptable, or append -r0 to > silence the warning." > missingslot: "RDEPEND matches more than one SLOT but does not > specify a slot and/or use the := or :* slot operator" > perlcore: "This ebuild directly depends on a package in perl-core; > it should use the corresponding virtual instead." > syntax: "Syntax error in dependency string (usually an extra/missing > space/parenthesis)" > diff --git a/repoman/cnf/repository/qa_data.yaml > b/repoman/cnf/repository/qa_data.yaml > index 4aa961633..2e9e16b1d 100644 > --- a/repoman/cnf/repository/qa_data.yaml > +++ b/repoman/cnf/repository/qa_data.yaml > @@ -44,6 +44,7 @@ qawarnings: > - dependency.badindev > - dependency.badmaskedindev > - dependency.badtilde > + - dependency.equalsversion > - dependency.missingslot > - dependency.perlcore > - DESCRIPTION.toolong > diff --git a/repoman/pym/repoman/modules/scan/depend/_depend_checks.py > b/repoman/pym/repoman/modules/scan/depend/_depend_checks.py > index 79fd0a0c2..690b95aa0 100644 > --- a/repoman/pym/repoman/modules/scan/depend/_depend_checks.py > +++ b/repoman/pym/repoman/modules/scan/depend/_depend_checks.py > @@ -152,6 +152,15 @@ def _depend_checks(ebuild, pkg, portdb, qatracker, > repo_metadata, qadata): > qacat, "%s: %s uses the ~ > operator" > " with a non-zero revision: > '%s'" % > (ebuild.relative_path, mytype, > atom)) > + # plain =foo-1.2.3 without revision or * > + if atom.operator == "=" and '-r' not in > atom.version: > + qacat = 'dependency.equalsversion' > + qatracker.add_error( > + qacat, "%s: %s uses the = > operator with" > + " no revision: '%s'; if any > revision is" > + " acceptable, use '~' instead; > if only -r0" > + " then please append '-r0' to > the dep" % > + (ebuild.relative_path, mytype, > atom)) > > check_missingslot(atom, mytype, ebuild.eapi, > portdb, qatracker, > ebuild.relative_path, ebuild.metadata) >
Looks good, please merge. -- Thanks, Zac
signature.asc
Description: OpenPGP digital signature