From 2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Sun, 18 Dec 2011 14:16:30 +0100
Subject: Validate package signatures on db-update

---
 db-update | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 4b9c78f..60af79f 100755
--- a/db-update
+++ b/db-update
@@ -35,6 +35,9 @@ for repo in ${repos[@]}; do
 			if ! check_pkgfile "${pkg}"; then
 				die "Package ${repo}/$(basename ${pkg}) is not consistent with its meta data"
 			fi
+			if ${REQUIRE_SIGNATURE} && ! check_pkgsig "${pkg}.sig"; then
+				die "Package ${repo}/$(basename ${pkg}) does not have a valid signature"
+			fi
 			if ! check_pkgsvn "${pkg}" "${repo}"; then
 				die "Package ${repo}/$(basename ${pkg}) is not consistent with svn repository"
 			fi
-- 
cgit v1.2.3-2-g168b


From 5c7220a4aa370d1f726eb27d99d8f9294646433d Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Mon, 19 Dec 2011 14:40:07 +0100
Subject: Avoid calls to basename

---
 db-update | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 60af79f..a9d307f 100755
--- a/db-update
+++ b/db-update
@@ -4,7 +4,7 @@
 . "$(dirname $0)/config"
 
 if [ $# -ge 1 ]; then
-	warning "Calling $(basename $0) with a specific repository is no longer supported"
+	warning "Calling ${0##*/} with a specific repository is no longer supported"
 	exit 1
 fi
 
@@ -30,19 +30,19 @@ for repo in ${repos[@]}; do
 	if [ $? -eq 0 ]; then
 		for pkg in ${pkgs[@]}; do
 			if [ -h "${pkg}" ]; then
-				die "Package ${repo}/$(basename ${pkg}) is a symbolic link"
+				die "Package ${repo}/${pkg##*/} is a symbolic link"
 			fi
 			if ! check_pkgfile "${pkg}"; then
-				die "Package ${repo}/$(basename ${pkg}) is not consistent with its meta data"
+				die "Package ${repo}/${pkg##*/} is not consistent with its meta data"
 			fi
 			if ${REQUIRE_SIGNATURE} && ! check_pkgsig "${pkg}.sig"; then
-				die "Package ${repo}/$(basename ${pkg}) does not have a valid signature"
+				die "Package ${repo}/${pkg##*/} does not have a valid signature"
 			fi
 			if ! check_pkgsvn "${pkg}" "${repo}"; then
-				die "Package ${repo}/$(basename ${pkg}) is not consistent with svn repository"
+				die "Package ${repo}/${pkg##*/} is not consistent with svn repository"
 			fi
 			if ! check_pkgrepos "${pkg}"; then
-				die "Package ${repo}/$(basename ${pkg}) already exists in another repository"
+				die "Package ${repo}/${pkg##*/} already exists in another repository"
 			fi
 		done
 		if ! check_splitpkgs ${repo} ${pkgs[@]}; then
@@ -60,7 +60,7 @@ for repo in ${repos[@]}; do
 		add_pkgs=()
 		arch_pkgs=($(getpkgfiles "${STAGING}/${repo}/"*-${pkgarch}${PKGEXT} 2>/dev/null))
 		for pkg in ${arch_pkgs[@]} ${any_pkgs[@]}; do
-			pkgfile="$(basename ${pkg})"
+			pkgfile="${pkg##*/}"
 			msg2 "${pkgfile} (${pkgarch})"
 			# any packages might have been moved by the previous run
 			if [ -f "${pkg}" ]; then
-- 
cgit v1.2.3-2-g168b


From 33cfe12c34747bd52e2730e45566e5b21cd76153 Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Sun, 29 Apr 2012 10:10:43 +0200
Subject: Source the config before the functions as the latter references the
 former

---
 db-update | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index a9d307f..8be0d54 100755
--- a/db-update
+++ b/db-update
@@ -1,7 +1,7 @@
 #!/bin/bash
 
-. "$(dirname $0)/db-functions"
 . "$(dirname $0)/config"
+. "$(dirname $0)/db-functions"
 
 if [ $# -ge 1 ]; then
 	warning "Calling ${0##*/} with a specific repository is no longer supported"
-- 
cgit v1.2.3-2-g168b


From a539598c640caa92e2b1967949836d73c5264036 Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Wed, 3 Oct 2012 14:50:03 +0200
Subject: Use pacman-key to check signatures as it now uses a correct exit
 value

---
 db-update | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 8be0d54..caddbe6 100755
--- a/db-update
+++ b/db-update
@@ -35,7 +35,7 @@ for repo in ${repos[@]}; do
 			if ! check_pkgfile "${pkg}"; then
 				die "Package ${repo}/${pkg##*/} is not consistent with its meta data"
 			fi
-			if ${REQUIRE_SIGNATURE} && ! check_pkgsig "${pkg}.sig"; then
+			if ${REQUIRE_SIGNATURE} && ! pacman-key -v "${pkg}.sig" >/dev/null 2>&1; then
 				die "Package ${repo}/${pkg##*/} does not have a valid signature"
 			fi
 			if ! check_pkgsvn "${pkg}" "${repo}"; then
-- 
cgit v1.2.3-2-g168b


From 0992cc36f525898ff07032d0ee697ecb62fedc07 Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Thu, 31 Jan 2013 23:24:07 +0100
Subject: db-update: Ignore forgeign staging packages

---
 db-update | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index caddbe6..576fe2b 100755
--- a/db-update
+++ b/db-update
@@ -9,11 +9,18 @@ if [ $# -ge 1 ]; then
 fi
 
 # Find repos with packages to release
-repos=($(find  "${STAGING}" -mindepth 1 -type d ! -empty -printf '%f ' 2>/dev/null))
+staging_repos=($(find  "${STAGING}" -mindepth 1 -type f -name "*${PKGEXT}" -printf '%h\n' | sort -u))
 if [ $? -ge 1 ]; then
 	die "Could not read ${STAGING}"
 fi
 
+repos=()
+for staging_repo in ${staging_repos[@]##*/}; do
+	if in_array ${staging_repo} ${PKGREPOS[@]}; then
+		repos+=(${staging_repo})
+	fi
+done
+
 # TODO: this might lock too much (architectures)
 for repo in ${repos[@]}; do
 	for pkgarch in ${ARCHES[@]}; do
-- 
cgit v1.2.3-2-g168b


From 33b8cb611363102e23972cf3914a03d65cb3cad8 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Mon, 17 Jun 2013 23:59:15 -0600
Subject: use xbs, not svn

---
 db-update | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 576fe2b..28fcabe 100755
--- a/db-update
+++ b/db-update
@@ -45,8 +45,8 @@ for repo in ${repos[@]}; do
 			if ${REQUIRE_SIGNATURE} && ! pacman-key -v "${pkg}.sig" >/dev/null 2>&1; then
 				die "Package ${repo}/${pkg##*/} does not have a valid signature"
 			fi
-			if ! check_pkgsvn "${pkg}" "${repo}"; then
-				die "Package ${repo}/${pkg##*/} is not consistent with svn repository"
+			if ! check_pkgxbs "${pkg}" "${repo}"; then
+				die "Package ${repo}/${pkg##*/} is not consistent with xbs"
 			fi
 			if ! check_pkgrepos "${pkg}"; then
 				die "Package ${repo}/${pkg##*/} already exists in another repository"
-- 
cgit v1.2.3-2-g168b


From e6294556d3197b7d87f7659355d0e189fad613d6 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 8 Dec 2013 17:33:25 -0500
Subject: `readlink -e` all "$0"s

---
 db-update | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 28fcabe..9c6a56a 100755
--- a/db-update
+++ b/db-update
@@ -1,7 +1,7 @@
 #!/bin/bash
 
-. "$(dirname $0)/config"
-. "$(dirname $0)/db-functions"
+. "$(dirname "$(readlink -e "$0")")/config"
+. "$(dirname "$(readlink -e "$0")")/db-functions"
 
 if [ $# -ge 1 ]; then
 	warning "Calling ${0##*/} with a specific repository is no longer supported"
-- 
cgit v1.2.3-2-g168b