From 4fcedea4ae5fb8788c7ef0ddd907ed8b02d14a5b Mon Sep 17 00:00:00 2001
From: Dave Reisner <dreisner@archlinux.org>
Date: Tue, 9 Sep 2014 19:04:25 -0400
Subject: disallow packages without a valid PACKAGER

Shame.

Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
---
 db-update | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 576fe2b..cdc35a5 100755
--- a/db-update
+++ b/db-update
@@ -51,6 +51,9 @@ for repo in ${repos[@]}; do
 			if ! check_pkgrepos "${pkg}"; then
 				die "Package ${repo}/${pkg##*/} already exists in another repository"
 			fi
+			if ! check_packager "${pkg}"; then
+				die "Package ${repo}/${pkg##*/} does not have a valid packager"
+			fi
 		done
 		if ! check_splitpkgs ${repo} ${pkgs[@]}; then
 			die "Missing split packages for ${repo}"
-- 
cgit v1.2.3-2-g168b


From 282bf65c81e278b9237b4c202d325642bc0aa1a3 Mon Sep 17 00:00:00 2001
From: Levente Polyak <anthraxx@archlinux.org>
Date: Mon, 8 Feb 2016 14:26:23 +0100
Subject: disallow packages not built in a chroot

double shame!
This will detect both, packages with missing .BUILDINFO (built in
non updated environments) and packages that are not built in a
chroot at all (indicated by non default builddir).

Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
---
 db-update | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'db-update')

diff --git a/db-update b/db-update
index cdc35a5..db8cb91 100755
--- a/db-update
+++ b/db-update
@@ -54,6 +54,12 @@ for repo in ${repos[@]}; do
 			if ! check_packager "${pkg}"; then
 				die "Package ${repo}/${pkg##*/} does not have a valid packager"
 			fi
+			if ! check_buildinfo "${pkg}"; then
+				die "Package ${repo}/${pkg##*/} does not have a .BUILDINFO file"
+			fi
+			if ! check_builddir "${pkg}"; then
+				die "Package ${repo}/${pkg##*/} was not built in a chroot"
+			fi
 		done
 		if ! check_splitpkgs ${repo} ${pkgs[@]}; then
 			die "Missing split packages for ${repo}"
-- 
cgit v1.2.3-2-g168b


From 7850874b1ef1b18de585be108e3be899d95a3a2a Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Wed, 18 Jun 2014 12:07:09 -0400
Subject: Fix quoting around variables, especially arrays.

Other than pure quoting, this involved:
 - swapping */@ for array access in a few places
 - fiddling with printf in a pipeline
 - replacing `$(echo ${array[@]})` with `${array[*]}`
 - replacing `echo $(...)` with `...`

When searching for these things, I used the command:

    grep -Prn --exclude-dir=.git '(?<!["=]|\[\[ |\[\[ -[zn] )\$(?!{?#|\(|\? )'

and ignored a bunch of false positives.
---
 db-update | 40 ++++++++++++++++++++--------------------
 1 file changed, 20 insertions(+), 20 deletions(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index db8cb91..0544e7c 100755
--- a/db-update
+++ b/db-update
@@ -1,7 +1,7 @@
 #!/bin/bash
 
-. "$(dirname $0)/config"
-. "$(dirname $0)/db-functions"
+. "$(dirname "$0")/config"
+. "$(dirname "$0")/db-functions"
 
 if [ $# -ge 1 ]; then
 	warning "Calling ${0##*/} with a specific repository is no longer supported"
@@ -15,34 +15,34 @@ if [ $? -ge 1 ]; then
 fi
 
 repos=()
-for staging_repo in ${staging_repos[@]##*/}; do
-	if in_array ${staging_repo} ${PKGREPOS[@]}; then
-		repos+=(${staging_repo})
+for staging_repo in "${staging_repos[@]##*/}"; do
+	if in_array "${staging_repo}" "${PKGREPOS[@]}"; then
+		repos+=("${staging_repo}")
 	fi
 done
 
 # TODO: this might lock too much (architectures)
-for repo in ${repos[@]}; do
-	for pkgarch in ${ARCHES[@]}; do
-		repo_lock ${repo} ${pkgarch} || exit 1
+for repo in "${repos[@]}"; do
+	for pkgarch in "${ARCHES[@]}"; do
+		repo_lock "${repo}" "${pkgarch}" || exit 1
 	done
 done
 
 # check if packages are valid
-for repo in ${repos[@]}; do
+for repo in "${repos[@]}"; do
 	if ! check_repo_permission "${repo}"; then
 		die "You don't have permission to update packages in ${repo}"
 	fi
 	pkgs=($(getpkgfiles "${STAGING}/${repo}/"*${PKGEXT}))
 	if [ $? -eq 0 ]; then
-		for pkg in ${pkgs[@]}; do
+		for pkg in "${pkgs[@]}"; do
 			if [ -h "${pkg}" ]; then
 				die "Package ${repo}/${pkg##*/} is a symbolic link"
 			fi
 			if ! check_pkgfile "${pkg}"; then
 				die "Package ${repo}/${pkg##*/} is not consistent with its meta data"
 			fi
-			if ${REQUIRE_SIGNATURE} && ! pacman-key -v "${pkg}.sig" >/dev/null 2>&1; then
+			if "${REQUIRE_SIGNATURE}" && ! pacman-key -v "${pkg}.sig" >/dev/null 2>&1; then
 				die "Package ${repo}/${pkg##*/} does not have a valid signature"
 			fi
 			if ! check_pkgsvn "${pkg}" "${repo}"; then
@@ -61,7 +61,7 @@ for repo in ${repos[@]}; do
 				die "Package ${repo}/${pkg##*/} was not built in a chroot"
 			fi
 		done
-		if ! check_splitpkgs ${repo} ${pkgs[@]}; then
+		if ! check_splitpkgs "${repo}" "${pkgs[@]}"; then
 			die "Missing split packages for ${repo}"
 		fi
 	else
@@ -69,13 +69,13 @@ for repo in ${repos[@]}; do
 	fi
 done
 
-for repo in ${repos[@]}; do
+for repo in "${repos[@]}"; do
 	msg "Updating [${repo}]..."
 	any_pkgs=($(getpkgfiles "${STAGING}/${repo}/"*-any${PKGEXT} 2>/dev/null))
-	for pkgarch in ${ARCHES[@]}; do
+	for pkgarch in "${ARCHES[@]}"; do
 		add_pkgs=()
-		arch_pkgs=($(getpkgfiles "${STAGING}/${repo}/"*-${pkgarch}${PKGEXT} 2>/dev/null))
-		for pkg in ${arch_pkgs[@]} ${any_pkgs[@]}; do
+		arch_pkgs=($(getpkgfiles "${STAGING}/${repo}/"*-"${pkgarch}"${PKGEXT} 2>/dev/null))
+		for pkg in "${arch_pkgs[@]}" "${any_pkgs[@]}"; do
 			pkgfile="${pkg##*/}"
 			msg2 "${pkgfile} (${pkgarch})"
 			# any packages might have been moved by the previous run
@@ -93,13 +93,13 @@ for repo in ${repos[@]}; do
 			add_pkgs[${#add_pkgs[*]}]=${pkgfile}
 		done
 		if [ ${#add_pkgs[@]} -ge 1 ]; then
-			arch_repo_add "${repo}" "${pkgarch}" ${add_pkgs[@]}
+			arch_repo_add "${repo}" "${pkgarch}" "${add_pkgs[@]}"
 		fi
 	done
 done
 
-for repo in ${repos[@]}; do
-	for pkgarch in ${ARCHES[@]}; do
-		repo_unlock ${repo} ${pkgarch}
+for repo in "${repos[@]}"; do
+	for pkgarch in "${ARCHES[@]}"; do
+		repo_unlock "${repo}" "${pkgarch}"
 	done
 done
-- 
cgit v1.2.3-2-g168b


From 6638878c5eb6d5116580d06cc3042a5e9beacb7e Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Wed, 18 Jun 2014 20:33:06 -0400
Subject: Use printf-formatters instead of string interpolation on msg, error,
 etc.

---
 db-update | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 0544e7c..9a57b19 100755
--- a/db-update
+++ b/db-update
@@ -4,14 +4,14 @@
 . "$(dirname "$0")/db-functions"
 
 if [ $# -ge 1 ]; then
-	warning "Calling ${0##*/} with a specific repository is no longer supported"
+	warning "Calling %s with a specific repository is no longer supported" "${0##*/}"
 	exit 1
 fi
 
 # Find repos with packages to release
 staging_repos=($(find  "${STAGING}" -mindepth 1 -type f -name "*${PKGEXT}" -printf '%h\n' | sort -u))
 if [ $? -ge 1 ]; then
-	die "Could not read ${STAGING}"
+	die "Could not read %s" "${STAGING}"
 fi
 
 repos=()
@@ -31,25 +31,25 @@ done
 # check if packages are valid
 for repo in "${repos[@]}"; do
 	if ! check_repo_permission "${repo}"; then
-		die "You don't have permission to update packages in ${repo}"
+		die "You don't have permission to update packages in %s" "${repo}"
 	fi
 	pkgs=($(getpkgfiles "${STAGING}/${repo}/"*${PKGEXT}))
 	if [ $? -eq 0 ]; then
 		for pkg in "${pkgs[@]}"; do
 			if [ -h "${pkg}" ]; then
-				die "Package ${repo}/${pkg##*/} is a symbolic link"
+				die "Package %s is a symbolic link" "${repo}/${pkg##*/}"
 			fi
 			if ! check_pkgfile "${pkg}"; then
-				die "Package ${repo}/${pkg##*/} is not consistent with its meta data"
+				die "Package %s is not consistent with its meta data" "${repo}/${pkg##*/}"
 			fi
 			if "${REQUIRE_SIGNATURE}" && ! pacman-key -v "${pkg}.sig" >/dev/null 2>&1; then
-				die "Package ${repo}/${pkg##*/} does not have a valid signature"
+				die "Package %s does not have a valid signature" "${repo}/${pkg##*/}"
 			fi
 			if ! check_pkgsvn "${pkg}" "${repo}"; then
-				die "Package ${repo}/${pkg##*/} is not consistent with svn repository"
+				die "Package %s is not consistent with svn repository" "${repo}/${pkg##*/}"
 			fi
 			if ! check_pkgrepos "${pkg}"; then
-				die "Package ${repo}/${pkg##*/} already exists in another repository"
+				die "Package %s already exists in another repository" "${repo}/${pkg##*/}"
 			fi
 			if ! check_packager "${pkg}"; then
 				die "Package ${repo}/${pkg##*/} does not have a valid packager"
@@ -62,22 +62,22 @@ for repo in "${repos[@]}"; do
 			fi
 		done
 		if ! check_splitpkgs "${repo}" "${pkgs[@]}"; then
-			die "Missing split packages for ${repo}"
+			die "Missing split packages for %s" "${repo}"
 		fi
 	else
-		die "Could not read ${STAGING}"
+		die "Could not read %s" "${STAGING}"
 	fi
 done
 
 for repo in "${repos[@]}"; do
-	msg "Updating [${repo}]..."
+	msg "Updating [%s]..." "${repo}"
 	any_pkgs=($(getpkgfiles "${STAGING}/${repo}/"*-any${PKGEXT} 2>/dev/null))
 	for pkgarch in "${ARCHES[@]}"; do
 		add_pkgs=()
 		arch_pkgs=($(getpkgfiles "${STAGING}/${repo}/"*-"${pkgarch}"${PKGEXT} 2>/dev/null))
 		for pkg in "${arch_pkgs[@]}" "${any_pkgs[@]}"; do
 			pkgfile="${pkg##*/}"
-			msg2 "${pkgfile} (${pkgarch})"
+			msg2 "%s (%s)" "${pkgfile}" "${pkgarch}"
 			# any packages might have been moved by the previous run
 			if [ -f "${pkg}" ]; then
 				mv "${pkg}" "$FTP_BASE/${PKGPOOL}"
-- 
cgit v1.2.3-2-g168b


From 6262754028e750dbbacd1d68618bf5553d78f3cd Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@sbcglobal.net>
Date: Sun, 17 Apr 2016 14:45:58 -0400
Subject: Use += instead of jumping through hoops.

The += operator was introduced in Bash 3.1, and was already used in some
places in dbscripts, but not everywhere.

For normal strings, this isn't a big deal, but appending to an array
without using += is nasty.
---
 db-update | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 9a57b19..9fa9c1b 100755
--- a/db-update
+++ b/db-update
@@ -90,7 +90,7 @@ for repo in "${repos[@]}"; do
 			if [ -f "$FTP_BASE/${PKGPOOL}/${pkgfile}.sig" ]; then
 				ln -s "../../../${PKGPOOL}/${pkgfile}.sig" "$FTP_BASE/$repo/os/${pkgarch}"
 			fi
-			add_pkgs[${#add_pkgs[*]}]=${pkgfile}
+			add_pkgs+=("${pkgfile}")
 		done
 		if [ ${#add_pkgs[@]} -ge 1 ]; then
 			arch_repo_add "${repo}" "${pkgarch}" "${add_pkgs[@]}"
-- 
cgit v1.2.3-2-g168b


From e4e5a028843316edf73cae4ac70d9df3cf8e1565 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Tue, 17 Jun 2014 23:47:21 -0400
Subject: Consistently use "$(dirname "$(readlink -e "$0")")"

This does correct handling of
 - executing a program by symlink
 - any weird characters in the full path
 - I'm sure there's another case I thought about when I originally did
   this.
---
 db-update | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'db-update')

diff --git a/db-update b/db-update
index 9fa9c1b..358c534 100755
--- a/db-update
+++ b/db-update
@@ -1,7 +1,7 @@
 #!/bin/bash
 
-. "$(dirname "$0")/config"
-. "$(dirname "$0")/db-functions"
+. "$(dirname "$(readlink -e "$0")")/config"
+. "$(dirname "$(readlink -e "$0")")/db-functions"
 
 if [ $# -ge 1 ]; then
 	warning "Calling %s with a specific repository is no longer supported" "${0##*/}"
-- 
cgit v1.2.3-2-g168b