Permalink
Switch branches/tags
Nothing to show
Commits on Dec 11, 2017
  1. Merge pull request #48 from M0ses/fix_42

    M0ses committed Dec 11, 2017
    check *_source.changes if they are valid debian source change files
Commits on Nov 16, 2017
  1. Merge pull request #59 from marcus-h/spec_query_fixes

    scarabeusiv committed Nov 16, 2017
    Spec query fixes
  2. Merge pull request #58 from andreas-schwab/master

    scarabeusiv committed Nov 16, 2017
    Use priviate --homedir when calling gpg
Commits on Nov 15, 2017
  1. Do not ignore conditionals of the form "%if ... %{name} ..."

    marcus-h committed Nov 15, 2017
    Pass --keep-name-conditionals option to the helpers/spec_query script
    in order to take conditionals of the form "%if ... %{name} ..." into
    account.
    This is a fix for commit 0cb8321 ("Don't use rpmbuild to extract
    sources, patches etc. from a spec").
    
    Fixes: #55 ("source validator fails on openSUSE:Factory/coreutils")
  2. Add --keep-name-conditionals option to helpers/spec_query

    marcus-h committed Nov 15, 2017
    This option is used to take conditionals of the form "%if ... %{name} ..."
    into account. Its sole purpose is to restrict the --no-conditionals
    option in order to mimic the behavior of the "old"
    20-files-present-and-referenced script (see commit 0cb8321).
  3. Do not fail in case of ambiguous source tags

    marcus-h committed Nov 15, 2017
    Ambiguous source tags can occur, if the helpers/spec_query script is
    invoked with the --no-conditionals option. In this case, the following
    snippet from the glibc.spec can be used for reproduction:
    
    %if !%{build_snapshot}
    Source:         http://ftp.gnu.org/pub/gnu/glibc/glibc-%{version}.tar.xz
    Source1:        http://ftp.gnu.org/pub/gnu/glibc/glibc-%{version}.tar.xz.sig
    %else
    Source:         glibc-%{version}.tar.xz
    %endif
    
    Hence, we have to pass the --disambiguate-sources option to the
    helpers/spec_query in 20-files-present-and-referenced.
    
    This issue is part of #55 ("source validator fails on
    openSUSE:Factory/coreutils").
Commits on Oct 17, 2017
  1. Use priviate --homedir when calling gpg

    Andreas Schwab committed Oct 17, 2017
Commits on Sep 22, 2017
  1. 45-stale-changes: use spec_query instead of output_versions using the

    bugfinder committed Sep 22, 2017
    specfile parser from the build package
Commits on Sep 18, 2017
Commits on Aug 30, 2017
Commits on Aug 18, 2017
  1. Merge pull request #51 from marcus-h/spec_query

    scarabeusiv committed Aug 18, 2017
    Do not use rpm --specfile to query the subpackage names
Commits on Aug 17, 2017
  1. Do not use a grouping

    marcus-h committed Aug 13, 2017
    The previous regex would also match, for instance, "can't expand
    %foobar".
  2. Remove unused RPMBUILD variable

    marcus-h committed Aug 13, 2017
  3. Do not use rpm --specfile to query the subpackage names

    marcus-h committed Aug 13, 2017
    Using "rpm --specfile..." is "insecure", because during macro
    expansion arbitrary code can be executed ("%(...)"). Instead,
    use the helpers/spec_query script, which does not expand such
    macros, to list the names of all subpackages. Hence, this might
    break some packages.
    
    Note: we also change the semantics, because we ignore all %if*
    conditionals during the specfile parsing. That is, we also
    take subpackages into account that are guarded by some %if...
    The advantage of this change is that we get the same results
    on all architectures.
    
    Fixes: boo#938556
  4. Use helpers/spec_query in 20-files-present-and-referenced

    marcus-h committed Aug 13, 2017
    The unique_sources code was flawed, because it could break macro
    expansion: consider the following excerpt of a specfile
    ...
    Source0: foo
    Source1: %{SOURCEURL0}.conf
    ...
    
    After applying unique_sources to such a specfile, the Source1
    tag cannot be correctly expanded anymore.
    
    The helpers/spec_query could take care of rewriting duplicate
    source/patch tags without breaking macro expansion. However,
    as discussed in PR51 [1], we want to fail in case of ambiguous
    source/patch tags.
    
    [1] #51
  5. Refactor helpers/spec_sources into helpers/spec_query

    marcus-h committed Aug 13, 2017
    The helpers/spec_query can be used to list all subpackages or all
    sources, patches, and icons of a specfile. Moreover, it supports
    some commandline options for controlling the specfile parsing (for
    instance, ignore all %if* conditionals).
Commits on Aug 16, 2017
  1. Merge pull request #52 from olafhering/master

    scarabeusiv committed Aug 16, 2017
    Fix typo in egrep _service
Commits on Aug 15, 2017
  1. Fix typo in egrep _service

    olafhering committed Aug 15, 2017
    Fixes commit f90d0b9 ("Fix service run mode check for localonly")
    
    Signed-off-by: Olaf Hering <olaf@aepfle.de>
Commits on Aug 11, 2017
Commits on Aug 9, 2017
  1. Merge pull request #49 from marcus-h/ignore_appimage

    scarabeusiv committed Aug 9, 2017
    Ignore not referenced appimage.yml file
  2. Merge pull request #39 from marcus-h/spec_sources

    scarabeusiv committed Aug 9, 2017
    Don't use rpmbuild to extract sources, patches etc. from a spec
  3. Don't use rpmbuild to extract sources, patches etc. from a spec

    marcus-h committed Aug 9, 2017
    Using rpmbuild is "insecure", because during macro expansion arbitrary
    code can be executed ("%(...)"). The newly added helpers/spec_sources
    script relies on the Build/Rpm.pm package, which doesn't expand such
    macros. This fixes boo#938556.
    
    Note: this might "break" some packages.
Commits on Jul 28, 2017
  1. Ignore not referenced appimage.yml file

    marcus-h committed Jul 28, 2017
    The appimage.yml file is used for an AppImage build. Hence, there is
    no need to reference it in the spec file.
Commits on Jul 26, 2017
  1. check *_source.changes if they are valid debian source change files

    M0ses committed Jul 26, 2017
    Without this commit all *.changes files are checked like changelog files
    
    With this commit 40-sequence-changes checks if the file is a valid debian
    source changes file when the filename matches *_source.changes, by searching
    for all mandatory keywords in the file. If it is a valid debian source
    changes file, further changelog checks are ommitted
    
    Fixes #42
Commits on Jul 19, 2017
  1. Merge pull request #47 from andreasstieger/trust-model

    scarabeusiv committed Jul 19, 2017
    For signature verification, use trust model "always"
Commits on Jul 17, 2017
  1. For signature verification, use trust model "always"

    andreasstieger committed Jul 17, 2017
    The only keyring used in the verification run is the one from the
    package .keyring file. Therefore no trust database or relationship
    exists. Use the "always" trust model, which moves the checking to
    what is in the package keyring.
    
    Fixes #29
Commits on Jul 15, 2017
  1. Merge pull request #45 from DimStar77/multispec_xor_multibuild

    scarabeusiv committed Jul 15, 2017
    Add 80-multibuild_xor_multispec: multibuild XOR multispec is supported
  2. Merge pull request #44 from dirkmueller/master

    scarabeusiv committed Jul 15, 2017
    Fix service run mode check for localonly
  3. Merge pull request #41 from lslezak/debian_manpages

    scarabeusiv committed Jul 15, 2017
    Don't complain about Debian manpages files missing in *.spec
  4. Merge pull request #46 from openSUSE/scarabeusiv-patch-1

    scarabeusiv committed Jul 15, 2017
    Remove provides and obsoletes from the spec
  5. Merge pull request #43 from kstreitova/master

    scarabeusiv committed Jul 15, 2017
    Add README.md file
  6. Remove provides and obsoletes from the spec

    scarabeusiv committed Jul 15, 2017
    This is not needed to be present in order to verify sources by rpmbuild and avoid errors with _multibuild packages.
    
    source_validator"http://www.inf.puc-rio.br/~roberto/lpeg/lpeg-1.0.1.tar.gz error: line 29: Dependency tokens must begin with alpha-numeric, '_' or '/': Provides:       @BUILD_FLAVOR@-LPeg = 1.0.1
Commits on Jul 4, 2017
  1. Add 80-multibuild_xor_multispec: only multibuild OR multispec is supp…

    DimStar77 committed Jul 4, 2017
    …orted
    
    Having multibuild AND multispec in place is confusing and for openSUSE:Factory leads
    to problems, as the checkin bot automatically links up all additional spec file names
    as sub-packages to the main package name.
    
    If there is also a _multibuild file in it, all subpackages are built multiple times, e.g
    
    With libproxy having libproxy.spec and libproxy-plugins.spec PLUS a multibuild, we would get
    these package containts
    
    (based on spec file names)
      libproxy
      libproxy-plugins
    and assuming only libproxy-plugins be mentioned in _multibuild, additionally
      libproxy-plugins:libproxy-plugins