From patchwork Wed Dec 26 08:47:13 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Efraim Flashner X-Patchwork-Id: 546 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 5EA3B16996; Wed, 26 Dec 2018 08:48:20 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mira.cbaines.net (Postfix) with ESMTP id 5BF3116984 for ; Wed, 26 Dec 2018 08:48:19 +0000 (GMT) Received: from localhost ([127.0.0.1]:44966 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gc4rS-0000Bs-PF for patchwork@mira.cbaines.net; Wed, 26 Dec 2018 03:48:18 -0500 Received: from eggs.gnu.org ([208.118.235.92]:56505) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gc4rG-0000BZ-NE for guix-patches@gnu.org; Wed, 26 Dec 2018 03:48:08 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gc4rC-0005g0-8U for guix-patches@gnu.org; Wed, 26 Dec 2018 03:48:06 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:43801) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gc4rC-0005fe-3W for guix-patches@gnu.org; Wed, 26 Dec 2018 03:48:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1gc4rB-0004dS-Rw for guix-patches@gnu.org; Wed, 26 Dec 2018 03:48:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#33875] [PATCH] `guix lint' warn of GitHub autogenerated source tarballs Resent-From: Efraim Flashner Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 26 Dec 2018 08:48:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 33875 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 33875@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.154581406017782 (code B ref -1); Wed, 26 Dec 2018 08:48:01 +0000 Received: (at submit) by debbugs.gnu.org; 26 Dec 2018 08:47:40 +0000 Received: from localhost ([127.0.0.1]:36575 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gc4qm-0004cc-1t for submit@debbugs.gnu.org; Wed, 26 Dec 2018 03:47:40 -0500 Received: from eggs.gnu.org ([208.118.235.92]:36171) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gc4qj-0004cP-EN for submit@debbugs.gnu.org; Wed, 26 Dec 2018 03:47:34 -0500 Received: from lists.gnu.org ([208.118.235.17]:33180) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gc4qe-0005Gp-4K for submit@debbugs.gnu.org; Wed, 26 Dec 2018 03:47:28 -0500 Received: from eggs.gnu.org ([208.118.235.92]:56321) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gc4qc-00007S-Hf for guix-patches@gnu.org; Wed, 26 Dec 2018 03:47:28 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gc4qW-00058d-KE for guix-patches@gnu.org; Wed, 26 Dec 2018 03:47:26 -0500 Received: from flashner.co.il ([178.62.234.194]:37646) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gc4qS-00053N-QB for guix-patches@gnu.org; Wed, 26 Dec 2018 03:47:18 -0500 Received: from localhost (unknown [141.226.9.73]) by flashner.co.il (Postfix) with ESMTPSA id 04B21402D1 for ; Wed, 26 Dec 2018 08:47:13 +0000 (UTC) Date: Wed, 26 Dec 2018 10:47:13 +0200 From: Efraim Flashner Message-ID: <20181226084712.GQ2581@macbook41> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.11.0 (2018-11-25) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches Forwarded from the discussion on guix-devel diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm index 354f6f703..2c1c7ec66 100644 --- a/guix/scripts/lint.scm +++ b/guix/scripts/lint.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2016 Hartmut Goebel ;;; Copyright © 2017 Alex Kost ;;; Copyright © 2017 Tobias Geerinckx-Rice -;;; Copyright © 2017 Efraim Flashner +;;; Copyright © 2017, 2018 Efraim Flashner ;;; Copyright © 2018 Arun Isaac ;;; ;;; This file is part of GNU Guix. @@ -76,6 +76,7 @@ check-home-page check-source check-source-file-name + check-source-unstable-tarball check-mirror-url check-github-url check-license @@ -752,6 +753,22 @@ descriptions maintained upstream." (G_ "the source file name should contain the package name") 'source)))) +(define (check-source-unstable-tarball package) + "Emit a warning if PACKAGE's source is an autogenerated tarball." + (define (check-source-uri uri) + (when (and (string=? (uri-host (string->uri uri)) "github.com") + (string=? (third (split-and-decode-uri-path + (uri-path (string->uri uri)))) + "archive")) + (emit-warning package + (G_ "the source URI should not be an autogenerated tarball") + 'source))) + (let ((origin (package-source package))) + (when (and (origin? origin) + (eqv? (origin-method origin) url-fetch)) + (let ((uris (origin-uris origin))) + (for-each check-source-uri uris))))) + (define (check-mirror-url package) "Check whether PACKAGE uses source URLs that should be 'mirror://'." (define (check-mirror-uri uri) ;XXX: could be optimized @@ -1098,6 +1115,10 @@ or a list thereof") (name 'source-file-name) (description "Validate file names of sources") (check check-source-file-name)) + (lint-checker + (name 'source-unstable-tarball) + (description "Check for autogenerated tarballs") + (check check-source-unstable-tarball)) (lint-checker (name 'derivation) (description "Report failure to compile a package to a derivation") diff --git a/tests/lint.scm b/tests/lint.scm index d4aa7c0e8..fe12bebd8 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -572,6 +572,86 @@ (check-source-file-name pkg))) "file name should contain the package name")))) +(test-assert "source-unstable-tarball" + (string-contains + (with-warnings + (let ((pkg (dummy-package "x" + (source + (origin + (method url-fetch) + (uri "https://github.com/example/example/archive/v0.0.tar.gz") + (sha256 %null-sha256)))))) + (check-source-unstable-tarball pkg))) + "source URI should not be an autogenerated tarball")) + +(test-assert "source-unstable-tarball: source #f" + (not + (->bool + (string-contains + (with-warnings + (let ((pkg (dummy-package "x" + (source #f)))) + (check-source-unstable-tarball pkg))) + "source URI should not be an autogenerated tarball")))) + +(test-assert "source-unstable-tarball: valid" + (not + (->bool + (string-contains + (with-warnings + (let ((pkg (dummy-package "x" + (source + (origin + (method url-fetch) + (uri "https://github.com/example/example/releases/download/x-0.0/x-0.0.tar.gz") + (sha256 %null-sha256)))))) + (check-source-unstable-tarball pkg))) + "source URI should not be an autogenerated tarball")))) + +(test-assert "source-unstable-tarball: package named archive" + (not + (->bool + (string-contains + (with-warnings + (let ((pkg (dummy-package "x" + (source + (origin + (method url-fetch) + (uri "https://github.com/example/archive/releases/download/x-0.0/x-0.0.tar.gz") + (sha256 %null-sha256)))))) + (check-source-unstable-tarball pkg))) + "source URI should not be an autogenerated tarball")))) + +(test-assert "source-unstable-tarball: not-github" + (not + (->bool + (string-contains + (with-warnings + (let ((pkg (dummy-package "x" + (source + (origin + (method url-fetch) + (uri "https://bitbucket.org/archive/example/download/x-0.0.tar.gz") + (sha256 %null-sha256)))))) + (check-source-unstable-tarball pkg))) + "source URI should not be an autogenerated tarball")))) + +(test-assert "source-unstable-tarball: git-fetch" + (not + (->bool + (string-contains + (with-warnings + (let ((pkg (dummy-package "x" + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/archive/example.git") + (commit "0"))) + (sha256 %null-sha256)))))) + (check-source-unstable-tarball pkg))) + "source URI should not be an autogenerated tarball")))) + (test-skip (if (http-server-can-listen?) 0 1)) (test-equal "source: 200" ""