| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
These were referring to the type and not the instance, which makes
using the incorrect nomenclature confusing.
|
|
This hook has been obsoleted for a while and been emitting deprecation
warnings, so it's safe to remove now.
|
|
Closes: #939969
|
|
Closes: #932967
|
|
These will detect problematic files under /usr/local which can taint
the current build.
|
|
This will detect whether the system we are building on contains the
problematic /usr merged via symlinks deployment method.
Suggested-by: Alexander E. Patrakov <patrakov@gmail.com>
|
|
This field will contain a list of tainting reason tags, which can denote
that the current build has potentially been broken.
Suggested-by: Alexander E. Patrakov <patrakov@gmail.com>
|
|
The default buildflags got moved from the Dpkg::BuildFlags module to
the Dpkg::Vendor::Debian, but this module was not adapted to match.
Instead of running the Debian hooks after the Ubuntu buildflags are set
up, run them first, and then modify/prepend the bits we need to change.
This fixes compiler optimization on ppc64el, and makes setting it more
future proof.
Fixes: commit d5374bc618310917557daa9c9ac2f4930515a0b2
Closes: #915881
Co-Author: Iain Lane <laney@ubuntu.com>
Co-Author: Adam Conrad <adconrad@ubuntu.com>
|
|
The former calls /bin/pwd, while the latter uses the getcwd() syscall
directly.
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
This is a superset of the fixdebugpath feature supported by gcc-8, but
covering in addition mappings for macros such as __FILE__ and similar.
|
|
This should really be a vendor specific default. It's also documented
that way in the man page.
|
|
This function was being called on each foreach iteration to parse the
options within the DEB_BUILD_MAINT_OPTIONS and DEB_BUILD_OPTIONS
environment variables, and needed to parse these at construction time
every time. Inlining it should make it more performant and in addition
reduce line count.
|
|
|
|
This makes changing them easier to see when diffing.
|
|
Requested-by: Samuel Thibault <sthibault@debian.org>
|
|
We need to access the features within the feature area hash now. Missed
in a previous refactoring.
Fixes: commit 2125e8dd7388e2adb9b6c837f4832fe8f0f63b25
Reported-by: Mattia Rizzolo <mattia@debian.org> (on IRC)
Closes: #881051
|
|
This new area includes an lfs feature, to be used instead of the
getconf(1) interfaces which cannot support cross-building.
|
|
This reduces code redundancy, and makes it possible to reuse common code
for various feature areas.
|
|
|
|
The Dpkg::Vendor-specific modules are loaded as part of many other
modules load-chains. But not all parts of these modules are used, as
they are hook-specific. Switch these two modules to be required only
when we are going over the specific code paths needing them.
|
|
Missed in commit d62520090a7dafb123b6f1f4d4e9b61b75218057.
|
|
|
|
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
Delegate the setting to gcc builtin or an explicit request by a user.
This is needed to cope with the general PIE brokenness situation in
Debian, and the current specific brokenness of a Debian gcc patch
mangling the dpkg build flags.
This is wrong in so many levels, as we'll have discrepancies between
architectures, the interface towards maintainers is inconsistent, and
updating the PIE support needs touching and coordinating two places. But
it's certainly the current lesser evil.
Closes: #848129, #845550
|
|
Specifically kfreebsd-amd64, kfreebsd-i386, sparc and sparc64.
|
|
This has been refactored from Dpkg::Vendor::Debian, to have a generic
option parser.
|
|
Addresses RegularExpressions::RequireExtendedFormatting.
Warned-by: perlcritic
|
|
Fix changelog for dpkg 1.18.11 to mention PIE got enabled by default for
all architectures, not just the ones where gcc does that itself.
When emitting PIE flags on architectures where gcc does not inject those
itself, do it via a specs file too, so that maintainers can use them
unconditionally regardless of the object being compiled or linked.
When injecting -no-pie for linking via gcc specs also inject -fno-PIE.
Update the documentation to make the current situation more clear.
|
|
Add support for compiler built-in features, so that we do not set
them when enabled and set negated flags when disabled.
We use gcc spec files to set these flags so that we avoid any conflict
with other incompatible flags that would make the build fail.
Closes: #835149
Based-on-patch-by: Bálint Réczey <balint@balintreczey.hu>
|
|
The .buildinfo files are a new type of control files, similar to
the .changes files, meant to describe the environment of a build
and its artifacts. They are meant to be added to the Debian archive
to allow independent parties to reproduce a build and verify the
result.
Specifications for .buildinfo are available at:
<https://wiki.debian.org/ReproducibleBuilds/BuildinfoSpecification>
This patch adds support for .buildinfo files in Dpkg::Control,
adds new .buildinfo fields to Dpkg::Control::Fields, a new
builtin-system-build-paths Dpkg::Vendor hook, and adds a new script
named dpkg-genbuildinfo, that will now be called by dpkg-buildpackage
before generating the .changes file.
[ntyni@debian.org: small changes. ]
Closes: #138409
Based-on-patch-by: Jérémy Bobbio <lunar@debian.org>
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
This allows to detangle the libc used from the calling conventions.
|
|
|
|
Add new archive-keyrings and archive-keyrings-historic for archive
related keyrings. Rename keyrings to package-keyrings for the source
package keyrings. And add a compatibility keyrings hook that aliases
to package-keyrings and emits a deprecation warning.
Prompted-by: Johannes Schauer <josch@debian.org>
|
|
Closes: #832179
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
If the path has any unsafe characters we would need to escape them on
output, but the escaping method depends on how the output is going to
be used, which complicates things a bit. To make it safe to eventually
enable this feature by default, we'll just check for safe characters
and silently disable it otherwise.
|
|
Having dpkg-buildflags change its output depending on its current
working directory is not very friendly. We add a new environment
variable to be able to specify it so that we can control the output.
And use it from the test suite so make sure we always use the same
path regardless of where we execute the makefile snippets from.
|
|
The flag should work on all current */kFreeBSD systems now.
Closes: #823877
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
|
|
This feature normalizes the path stored in debug symbols, so that
these symbols can be built reproducibly regardless of the location
of the build in the larger filesystem.
It defaults to off, but should be enabled by systems trying to
generate reproducible packages.
[guillem@debian.org:
- Add additional build flags.
- Rename feature name.
- Import Cwd module with require instead of use. ]
Closes: #819194
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
This gcc target does not support stack-protector.
Acked-by: Marek Vasut <marex@denx.de>
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
Closes: #805872
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
|
|
This package is distribution specific, and it does not belong in the
generic build dependency checker.
|
|
These are mutually incompatible, prefer the address sanitizer when both
are enabled at the same time.
|
|
|
|
|
|
This feature area includes the features “address”, “thread”, “leak” and
“undefined”, all disabled by default.
Cloess: #760741
|
|
Place 'use' strict and warnings first, then Exporter 'our' declarations,
then Test module imports, then system module imports, then Dpkg module
imports, then 'use' parent and overload pragmas, separated by a blank
line for each block.
Split each exported symbol declaration into its own line to ease
modifications.
|
|
|
