From 1efaa3996e7f722ad05d67982b5b3ea78441dd41 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Thu, 20 Jul 2017 07:56:11 +0000 Subject: abuild: add sanitycheck for secfixes comment The secfixes comment will be parsed and added to alpine-secdb. add sanitycheck so we catch errors early. --- abuild.in | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/abuild.in b/abuild.in index 7cf87e2..53926fc 100644 --- a/abuild.in +++ b/abuild.in @@ -219,6 +219,7 @@ default_sanitycheck() { check_maintainer || die "Provide a valid RFC822 maintainer address" check_depends_dev || warning "depends_dev found but no development subpackage found" + check_secfixes_comment || return 1 makedepends_has 'g++' && ! options_has toolchain && warning "g++ should not be in makedepends" return 0 @@ -816,6 +817,26 @@ check_maintainer() { fi } +check_secfixes_comment() { + local c=$(sed -E -n -e '/^# secfixes:/,/(^[^#]|^$)/p' $APKBUILD | grep '^#') + local invalid=$(echo "$c" \ + | grep -v -E '(^# secfixes:|^# +- [A-Z0-9-]+|^# [0-9]+.*:$|^#$)') + if [ -z "$invalid" ]; then + return 0 + fi + + # check if there are tabs + if echo "$invalid" | grep -q $'\t'; then + error "secfixes comment must not have tabs:" + echo "$c" | grep $'\t' >&2 + return 1 + fi + + error "secfixes comment is not valid:" + echo "$invalid" >&2 + return 1 +} + check_depends_dev() { if [ -z "$depends_dev" ]; then return 0 -- cgit v1.2.3-70-g09d2