summaryrefslogtreecommitdiff
path: root/scripts/Dpkg/Source
AgeCommit message (Collapse)AuthorFilesLines
2016-10-30Dpkg::Source::Package: Prefix private functions with _Guillem Jover4-26/+26
2016-10-30Dpkg::Source::Archive: Fix reproducible source package supportGuillem Jover1-1/+1
We should make sure the generated tarball has its filenames sorted, otherwise tar will use whatever order comes from the filesystem.
2016-10-30Dpkg::Vendor: Rework keyring hooksGuillem Jover1-1/+1
Add new archive-keyrings and archive-keyrings-historic for archive related keyrings. Rename keyrings to package-keyrings for the source package keyrings. And add a compatibility keyrings hook that aliases to package-keyrings and emits a deprecation warning. Prompted-by: Johannes Schauer <josch@debian.org>
2016-07-19Dpkg::Source::Archive: Add support for reproducible source packagesGuillem Jover1-1/+4
Clamp the mtime of the source files when building the tarball to the first defined value from the source_date option, SOURCE_DATE_EPOCH environment variable or time(). This makes sure the generated source tarballs always contain the same mtime for files or directories that have been modified during the build.
2016-07-03Dpkg::Source::Package::V2: Preset Last-Update field with current timeGuillem Jover1-1/+3
We know the current date, so let's make it easier on maintainers by presetting the field value when generating the patch header template. Closes: #828146 Based-on-patch-by: Daniel Shahaf <danielsh@apache.org>
2016-07-03Dpkg::Source::Package::V1: Disable upstream tar signature when buildingGuillem Jover1-1/+3
The current stable dpkg series does not support extracting upstream tar signatures. So let's disable this for now until either those are supported in 1.17.x or 1.18.x, and we'll be able to enable them again in 1.18.x or 1.19.x respectively.
2016-07-03man, perl: Remove most AUTHOR sectionsGuillem Jover1-4/+0
These are strongly discouraged by the man-pages project, because they are redundant with the copyright notices, and tend to get out-of-sync. In addition their format is inconsitent. Just remove them in the same way we did for man pages in the past.
2016-07-03dpkg-source: Add new --no-overwrite-dir extraction optionGuillem Jover6-6/+28
Closes: #826334
2016-05-09dpkg-source: Add new --require-strong-checksums option and change defaultGuillem Jover1-2/+21
Erroring out when no strong checksums are present is very harsh, as we do not even do something similar for invalid/unknown/expired signatures which means doing this for checksums has really no point. Add a new command-line option to force the behavior to be strict, and change to a warning. Regression introduced in commit 040973c7a1e50b78ef042ef5ffbfff0440c24700. Closes: #823428 Reported-by: Niko Tyni <ntyni@debian.org>
2016-05-02scripts: Remove -s option argument parsing that does not matchGuillem Jover1-2/+2
The -si and -sn arguments are handled in previous code branches.
2016-05-02Dpkg::Source::Package: Include upstream orig tarball signaturesGuillem Jover2-0/+5
If there are upstream signatures for orig.tar files, pick them up and include them in the .dsc file. See: #759478
2016-05-02Dpkg::Source::Package::V1: Allow detached upstream orig tarball signaturesGuillem Jover1-0/+3
Upstream orig tarballs usually come with detached signatures, which would be useful to have in the source package, as an additional check that could be performed to verify its integrity and provenance. Fixes: #759478 Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-05-02perl: Fix various perl critic regressionsGuillem Jover1-2/+2
2016-05-02Dpkg::Source::Package: Use GnuPG instead of gpg to refer to the softwareGuillem Jover1-2/+2
The message is confusing as it refers to the command, but we might use gpg2, also the message talks about the command not being installed when in this context it would be expected a package. Instead use the software name GnuPG.
2016-04-01Dpkg::Source::Package: Error out on sources w/o any strong digestGuillem Jover1-1/+6
This is used by dpkg-source --extract, which can still be disabled with --no-check.
2016-04-01dpkg-deb, scripts: Make the Architecture field mandatory on package buildsGuillem Jover1-2/+2
We still accept source and binary packages with missing or empty Architecture fields, but when building either of these, we require the field to be present.
2016-02-15dpkg-source: Add backend-specific --help options supportGuillem Jover6-0/+168
This will print source format specific options depending on the --format version specified.
2016-01-26Dpkg::Source::Patch: Only warn once when a diff patches a file multiple timesGuillem Jover1-2/+4
Reword the warning message to make it clear that the diff might be patching the file more than once, not just twice, which might be incorrect. And only emit a single warning.
2016-01-26Dpkg::Source: Make patching a file multiple times fatal for first quilt patchGuillem Jover2-3/+8
When we check if the first quilt patch in a series can be applied, we use «patch --dry-run» with other options, but that cannot work if the same diff patches a file multiple times, as patch does not record the previous state in memory. We are alredy detecting this condition, but only emitting a warning, instead make it possible to turn it into a fatal error. Closes: #810720 Reported-by: Apollon Oikonomopoulos <apoikos@debian.org>
2015-12-19Dpkg::Source::Package: Add ‘.gitreview’ to the default ignore listGuillem Jover1-1/+2
2015-09-21scripts: Use error() and errormsg() instead of printing on STDERR directlyGuillem Jover1-2/+1
This way any transformation done for error messages gets applied consistently to all error output.
2015-09-14Dpkg::Source::Package::V2: Do not warn when removing an empty subdirectoryGuillem Jover1-0/+4
When extracting a source package, do not warn if the pathname to remove is an empty directory, just silently remove it, as it might be part of a git repository, as a submodule for example. Closes: #796671
2015-07-30Dpkg::Source::Archive: Future-proof tar invocationsGuillem Jover1-5/+5
The function options should come before any other option. And at least the --owner and --group options might become positional in the same way --no-recursion did with tar > 1.28, according to upstream. Suffle options around to make sure this does not cause any problems in the future.
2015-07-29Dpkg::Source::Package::V2: Do not exclude pre-existing symlinks for debian/Guillem Jover1-13/+1
This effectively reverts commit 867c88dadccff6e285c48dadccb61f9001b50d9b. There is no point in excluding pre-existing symlinks when unpacking the packaging tarball, as GNU tar will make sure to unlink any symlink before extracting an object replacing it. So there should be no danger of escaping the directory. Closes: #790073, #791535
2015-07-29Dpkg::Source::Package::V2: Make the BinaryFiles package self-containedGuillem Jover1-0/+1
Explicitly import File::Spec, to avoid relying on the other imports in the same file.
2015-07-29Dpkg::Source::Package::V2: Import make_path from File::PathGuillem Jover1-1/+1
Regression introduced in commit 5e59d94a17051b1185c591a1fc3eed00e3b01070. Closes: #789957
2015-07-28Dpkg: Remove my keyword from POD function prototypesGuillem Jover1-2/+2
2015-07-28doc: Fix multiple typosGuillem Jover1-1/+1
Warned-by: spellintian
2015-05-30scripts, dselsect/methods: Switch from `` to operator qx()Guillem Jover1-1/+1
2015-05-30scripts: Use non-destructive substitutions inside mapGuillem Jover2-6/+2
This avoids having to use a temporary variable, and makes the code more clear.
2015-05-18scripts: Document dpkg version when module versions got bumpedGuillem Jover1-2/+2
This has two purposes, first it will make it easier to know if the module version needs to be bumped for the current development release, and second it will make it easier for users to know how "old" that module version is, and to which dpkg series and specific version it corresponds to.
2015-05-18scripts: Say METHODS instead of FUNCTIONS or OBJECT FOO in POD section titlesGuillem Jover1-2/+8
2015-05-09Dpkg::Source::Patch: Pass PATCH_GET envvar instead of -g0 to patchGuillem Jover2-6/+6
For GNU patch the default value for -g is already 0, but that option is not available in other systems, such as FreeBSD. Let's switch to use the environment variable PATCH_GET, so that we make sure it gets set to a known value, and so that we can stop using the unportable option.
2015-04-21scripts: Move each statement into its own lineGuillem Jover2-2/+4
2015-04-18debian: Update my copyright yearsGuillem Jover5-1/+6
2015-04-10Consistently use proper quotation marks all over the placeGuillem Jover11-47/+51
That is "" or '', and not the unbalanced `' pair.
2015-03-31Dpkg::Source::Patch: Add missing preposition in error messageGuillem Jover1-1/+2
2015-03-31Say directory instead of dir in output messagesGuillem Jover2-3/+3
2015-03-31scripts: Uppercase field names in error messagesGuillem Jover1-1/+2
2015-03-30perl: Rework use and exporter declarationsGuillem Jover12-58/+63
Place 'use' strict and warnings first, then Exporter 'our' declarations, then Test module imports, then system module imports, then Dpkg module imports, then 'use' parent and overload pragmas, separated by a blank line for each block. Split each exported symbol declaration into its own line to ease modifications.
2015-02-11Dpkg::Source::Package: Add ‘.mailmap’ to the default ignore listsGuillem Jover1-1/+2
2015-01-28scripts: Remove unused «use Dpkg»Guillem Jover7-7/+0
2015-01-28Dpkg::Source::Package::V2: Use TMPDIR instead of manually setting DIRGuillem Jover1-1/+1
2015-01-28Dpkg::Source::Patch: Enable sub-second timestamps with Time::HiResGuillem Jover1-2/+1
We should have a recent enough Perl now.
2015-01-28perl: Switch from legacy File::Path functions to new onesGuillem Jover2-6/+6
Use make_path() instead of mkpath(), and remove_tree() instead of rmtree().
2015-01-28Dpkg: Use shift instead of @_ on single argument unpackingGuillem Jover8-34/+36
2015-01-28scripts: Rename and deprecate _g function with g_Guillem Jover12-260/+260
The old function name was inconsistent with the other gettext family of short aliases which has already caused some code typos, and functions starting with underscore are considered by convention private in Perl.
2014-10-23Dpkg::Source::Package::V2: Allow detached upstream signaturesGuillem Jover1-2/+21
Upstream tarballs usually come with detached signatures, which would be useful to have in the source package, as an additional check that could be performed to verify its integrity and provenance. For now just allow the detached signatures to be listed in the file fields in the source control file (.dsc). Closes: #759478 Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2014-10-12scripts: Document all public module versions in a CHANGES sectionGuillem Jover1-0/+4
This makes it clear what is the current version of the module, and that it is a public interface.
2014-10-12scripts: Do not modify the topic variable values in list functionsGuillem Jover1-1/+2
Fixes ControlStructures::ProhibitMutatingListFunctions. Warned-by: perlcritic