summaryrefslogtreecommitdiff
path: root/commitpkg.in
AgeCommit message (Collapse)Author
2019-09-28commitpkg: prefer explicit signature+data parameters for gpg --verifyLevente Polyak
Lets prefer the explicit variant of gpg --verify by providing both, the signature and the data file as parameters. For the unlikely case there is a matching signature file already present that was created outside of the toolchain and has an embedded signature with data, we at least could detect it early with this check. Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
2019-09-28commitpkg: disallow if PKGBUILD hash mismatches package's enclosed hashLevente Polyak
Several cases showed that we release packages that were built with different PKGBUILDs than the one commited to the source tree. This is bad for obvious reasons plus sploils reproducible builds. We, under no circumstances, want to allow using commitpkg to publish and release a packages whose PKGBUILD doesn't match the one to be commited. Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
2019-09-28commitpkg: fix wrongly ordered find_cached_package callLevente Polyak
The unknown packager check didn't worked so far as the wrongly ordered call to find_cached_package lead to the enclosing block never being executed. Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
2017-11-08Remove i686 supportBartłomiej Piotrowski
2017-07-05Add `# shellcheck` directives to quiet shellcheck, add PKGBUILD.protoLuke Shumaker
The added PKGBUILD.proto file is so that shellcheck can know know what to expect that a PKGBUILD sets.
2017-07-05Make slightly more involved changes to make shellcheck happy.Luke Shumaker
- Use `read -r` instead of other forms of read or looping - Use arrays instead of strings with whitespaces. - In one instance, use ${var%%.*} instead of $(echo $var|cut -f. -d1)
2017-07-05Quote strings that shellcheck warns about.Luke Shumaker
These changes are all strictly "slap some double-quotes in there". Anything more than that is not included in this commit.
2017-07-05Make purely stylistic changes to make shellcheck happier.Luke Shumaker
These are purely stylistic changes that make shellcheck complain less. This does NOT include things like quoting currently unquoted variables.
2017-04-05Handle makepkg.conf more consistentlylukeshu@parabola.nu
2017-04-05Avoid using string interpolation; use printf format strings instead.Luke Shumaker
This involves extending the signature of lib/common.sh's `stat_busy()`, `lock()`, and `slock()`. The `mesg=$1; shift` in stat_busy even suggests that this is what was originally intended from it.
2017-04-05Add a "License:" tag to all code files.Luke Shumaker
In cases where there is no license specified, the file is tagged as "License: Unspecified". Obviously, that is not ideal, but it highlights the fact, and I hope that it encourages whoever has the authority to specify the license to do so. On that note, to anyone who may have the authority to specify the license of files in devtools: the current licence of many files is GPLv2 with no option for later versions; I impore you to re-license them to have the "or any later version" option.
2017-04-05commitpkg: Adjust fancy quoting/escaping to not confuse Emacs.Luke Shumaker
It was confusing Emacs and screwing up the syntax highlighting and auto-indentation for the rest of the file.
2016-05-27Use repos.archlinux.org everywhere instead of hostname based domains20160527Sven-Hendrik Haase
This makes it a lot easier to swap out the host that actually serves the repos in the future.
2015-06-06commitpkg: Force unarmored signaturesJohannes Löthberg
Pacman cannot handle armored signatures, so force a generation of a binary one using the --no-armor flag.
2013-11-01common: implement find_cached_packageDave Reisner
This function (currently) searches through $PWD and $PKGDEST looking for a tarball matching the requested package name, architecture, and pkgver. If found, it writes the full path to the located package to stdout and returns 0, else 1. If more than 1 match is found, it's treated as an error and the user will need to figure out what to do. Use this in checkpkg and commitpkg, which previously implemented their own less complete logic, to locate the build artifacts they rely on. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-11-01commitpkg: check all files at once for version controlDave Reisner
Instead of dying at the first sight of an unversioned file, this lets commitpkg dump all known unversioned files at once. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-08-18ensure that PKGBUILDs aren't sourced via PATHDave Reisner
Fixes FS#36378. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-08-08avoid injecting code into the format stringDave Reisner
Now that die() properly forwards arguments to error(), we can expect that the first arg is a format string and not the entirety of the output. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-01-20Use nymeria instead of gerolde20130120Pierre Schmitz
2012-11-15Make sure the usage functions are consistentEric Bélanger
The usage messages now begins with a "Usage:", i.e. capitalized and with a colon. Fixes FS#26956. Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2012-11-11For now only packages and svn from sigurd will be moved to nymeriaPierre Schmitz
2012-11-03Use nymeria.archlinux.org as shared host for developers and trusted usersPierre Schmitz
2012-10-27Use sigurd.archlinux.org instead of the now moved aur.archlinux.org hostnamePierre Schmitz
2012-06-16commitpkg: check if there are any packages to process before doing soPierre Schmitz
2012-06-10Gracefully handle files containing an "@"Lukas Fleischer
The "@" sign in file names in SVN marks the beginning of a pegged version number -- from the Subversion book: Peg revisions are specified to the Subversion command-line client using at syntax, so called because the syntax involves appending an “at sign” (@) and the peg revision to the end of the path with which the revision is associated. The trivial workaround is to always append an at sign to the end of the path in the version control checks. Before: $ community-stagingpkg 'Add systemd units.' ==> ERROR: exim-submission@.service is not under version control $ svn status -v | grep 'exim-submission@.service' A - ? ? exim-submission@.service After: $ community-stagingpkg 'Add systemd units.' ==> Committing changes to trunk...done ==> Signing package exim-4.80-2-x86_64.pkg.tar.xz... [...] Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2012-06-10Prevent packages being uploaded with "Unknown Packager"Allan McRae
Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2012-03-05commitpkg: Pass through the -f parameter to archrelease so unofficial repos ↵Pierre Schmitz
can be used
2012-03-04commitpkg: Add ability to override the serverPierre Schmitz
This might be useful for unofficial repos
2012-02-15Always sign unsigned packagesAllan McRae
We do not allow packages to be uploaded without signatures so force all unsigned packages to be signed. This has the bonus of not breaking makepkg signing support by requiring you use an internal makepkg variable. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2012-02-06commitpkg: use absolute paths when uploading filesFlorian Pritz
This fixes a problem where rsync won't work if the pkgver contains a colon (epoch). In this case rsync assumes that the colon is a remote:path separator and having src and dest both being remote arguments is not supported. Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2012-01-19Fix typo: It's PKGDEST and not DESTDIRPierre Schmitz
2012-01-18commitpkg: behavior more sanely in searching for built pkgsDave Reisner
In the case of a .pkg.tar.xz and a .pkg.tar.gz existing in the same directory, all commitpkg would say is: ==> WARNING: Could not find . Skipping x86_64 Upon digging into the logic, we did a few things poorly, mostly in getpkgfile: - getpkgfile tried to die in a subshell (within the command substituion assignment to 'pkgfile'). This will never work. - We assumed that proper glob expansion happened when we received exactly 1 arg. This isn't necessarily true without nullglob in effect. - We dumped the real error (spewed by getpkgfile) to /dev/null. - We checked for the package twice in both $PWD and $DESTDIR/. - We checked for file existance multiple times. Address this by: - not hiding errors. revamp the wording a little bit to make it more obvious why we failed, particularly in the case of a glob expanding to more than 1 file. Logic here is simplified to pointing out the failure cases of 0 and >1. - setting nullglob so the number of arguments passed into getpkgfile is meaningful from a 'did it decisively resolve' point of view. - not trying to exit the entire script from a subshell. Just return a value (and use it). - avoiding the package file existance check afterwards. this is a freebie from getpkgfile when the glob passed fails to expand. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2011-12-04Use double brackets everywhereLukas Fleischer
We already fixed a couple of these in previous patches - this one should replace all remaining uses of single brackets ("[") by double brackets. Also, use arithmetic evaluation instead of conditional expressions where appropriate and make use of "-z" and "-n" instead of comparing variables to empty strings. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-12-04Add support for kde-unstable and gnome-unstablePierre Schmitz
2011-11-21Skip archrelease for missing architecturesPierre Schmitz
2011-11-04commitpkg: Fix commit messageLukas Fleischer
Move the message template before the if block. We moved this to the else branch in commit aaa68e49e8e5a68950a63b9aa4a8c1f6aed2e2d2 which lead to "msgtemplate" being unset if one specifies a commit message on the command line, thus stripping the "upgpkg:" part. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2011-11-04commitpkg: Make svn quieterEric Bélanger
Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2011-11-04Capitalize output messagesEric Bélanger
Some of the output/error messages were capitalized, some were not. This patch capitalize everything for consistency sake. Other minor changes were done to the messages like removing the superfluous "error:" from die messages and adding a final period to messages that were complete sentences as appropriate. Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2011-11-01Move common functions to a shared filePierre Schmitz
* common.sh is included on build time * most functions are copied from makepkg
2011-10-31commitpkg: Require signatures for packagesPierre Schmitz
2011-10-31commitpkg: Check signature if availablePierre Schmitz
2011-10-31commitpkg: Skip signing if signature already existsPierre Schmitz
2011-10-29commitpkg: Sync changelog/install check with makepkg(8)Lukas Fleischer
makepkg(8) currently uses a smarter method to extract all changelog and install files from a PKGBUILD. Sync commitpkg to use the same code (with small modifications). This also adds support for changelog/install files that contain a whitespace. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2011-10-07Support non-standard install locationsLukas Fleischer
This build system overhaul allows for adding (define-style) macros to our scripts. All source files are now suffixed with ".in" to clarify that they might contain unprocessed defines. The Makefile provides a new rule to preprocess source files and generate proper output scripts. Also, add a "@pkgdatadir@" define (as used in GNU Autotools) and use it instead of hardcoded paths to "/usr/share/devtools" everywhere. We missed this when adding PREFIX support to the build system in commit 35fc83ce7d8dc26cd424321f2e8638d05da0a6d4. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>