Use pyalpm for vercmp.

Vimru · Apr 23, 2020 · 4d9518f · 4d9518f
1 parent cb609e6
commit 4d9518f
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -330,11 +330,11 @@ PyPI packages:
 
 **Why is audit mode slower than query mode?**
 
-In order for audit mode to reliably determine if patches are available (an installed package version is older than the patched version), `vercmp` has to be used for many packages which is not particularly efficient. Libraries do exist for this such as [cmp_version](https://pypi.org/project/cmp_version/) and [rpm-vercmp](https://pypi.org/project/rpm-vercmp/), however they are unable to deal with some unusual version number cases, such as comparing 3.1.3pre1-1 with 3.1.3-1 and 1:3.34.0-2 with 3.20.1-1. If these libraries were used, you could come across false positives.
+In order for audit mode to reliably determine if patches are available (an installed package version is older than the patched version), `vercmp` has to be used for many packages which takes a few 100ms extra time. 
 
 If you have just -Syu'd, you can probably skip these checks with -s for increased speed.
 
- - Default audit mode takes around 1s - 3s
+ - Default audit mode takes around 1s
  - Audit mode with skipped checks takes around 500ms - 1000ms
 
 **Why is `pacman -Q` and `pacman -Qq` used when `pacman -Qn` would only list native packages and be more efficient?**

diff --git a/setup.py b/setup.py
@@ -6,15 +6,16 @@
 setuptools.setup(
     name = "taps",
     packages = setuptools.find_packages(),
-    version = "1.0.1",
+    version = "1.1.0",
     description = "True Arch package security - audit and query packages",
     long_description = long_description,
     long_description_content_type = "text/markdown",
     url = "https://github.com/Vimru/taps",
     install_requires = [
         "colorful",
         "setuptools",
-        "requests"
+        "requests",
+        "pyalpm"
     ],
     classifiers = [
         "Programming Language :: Python :: 3",

diff --git a/taps/config.py b/taps/config.py
@@ -7,7 +7,6 @@
 PACMAN_INSTALLED_CMD = "pacman -Qq"     # Used to be pacman -Qnq
 PACMAN_INSTALLED_VER_CMD = "pacman -Q"  # Used to be pacman -Qn
 PACMAN_ALL_PKGS_CMD = "pacman -Ssq"
-PACMAN_VERCMP_CMD = "vercmp"
 REGEX = "(?<=Required By     : )(.+)"
 ATTRIBUTES = ["name", "affected", "severity", "type", "ticket", "advisories"]
 

diff --git a/taps/pacman.py b/taps/pacman.py
@@ -2,6 +2,7 @@
 from taps.text_format import printColor
 from taps import user_config
 import subprocess
+import pyalpm
 
 def pacmanCommand(cmd):
     try:
@@ -29,5 +30,5 @@ def allRepoPackages():
     return pacmanCommand(PACMAN_ALL_PKGS_CMD).split("\n")
 
 def vercmp(version1, version2):
-    return int(pacmanCommand(PACMAN_VERCMP_CMD + " " + version1 + " " + version2))
+    return int(pyalpm.vercmp(version1, version2))