summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2017-07-20 07:56:11 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2017-07-20 08:08:17 +0000
commit1efaa3996e7f722ad05d67982b5b3ea78441dd41 (patch)
tree4b9a0aae2e6fbef4d2dbe8e194b094450b225636
parent3923c36af9c12a2047fce34abb461d1a21313e57 (diff)
downloadabuild-1efaa3996e7f722ad05d67982b5b3ea78441dd41.tar.gz
abuild-1efaa3996e7f722ad05d67982b5b3ea78441dd41.tar.bz2
abuild-1efaa3996e7f722ad05d67982b5b3ea78441dd41.tar.xz
abuild-1efaa3996e7f722ad05d67982b5b3ea78441dd41.zip
abuild: add sanitycheck for secfixes comment
The secfixes comment will be parsed and added to alpine-secdb. add sanitycheck so we catch errors early.
-rw-r--r--abuild.in21
1 files changed, 21 insertions, 0 deletions
diff --git a/abuild.in b/abuild.in
index 7cf87e2..53926fc 100644
--- a/abuild.in
+++ b/abuild.in
@@ -219,6 +219,7 @@ default_sanitycheck() {
check_maintainer || die "Provide a valid RFC822 maintainer address"
check_depends_dev || warning "depends_dev found but no development subpackage found"
+ check_secfixes_comment || return 1
makedepends_has 'g++' && ! options_has toolchain && warning "g++ should not be in makedepends"
return 0
@@ -816,6 +817,26 @@ check_maintainer() {
fi
}
+check_secfixes_comment() {
+ local c=$(sed -E -n -e '/^# secfixes:/,/(^[^#]|^$)/p' $APKBUILD | grep '^#')
+ local invalid=$(echo "$c" \
+ | grep -v -E '(^# secfixes:|^# +- [A-Z0-9-]+|^# [0-9]+.*:$|^#$)')
+ if [ -z "$invalid" ]; then
+ return 0
+ fi
+
+ # check if there are tabs
+ if echo "$invalid" | grep -q $'\t'; then
+ error "secfixes comment must not have tabs:"
+ echo "$c" | grep $'\t' >&2
+ return 1
+ fi
+
+ error "secfixes comment is not valid:"
+ echo "$invalid" >&2
+ return 1
+}
+
check_depends_dev() {
if [ -z "$depends_dev" ]; then
return 0