From patchwork Sun Sep 20 07:55:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov via arch-projects X-Patchwork-Id: 1778 Return-Path: Delivered-To: patchwork@archlinux.org Received: from apollo.archlinux.org (localhost [127.0.0.1]) by apollo.archlinux.org (Postfix) with ESMTP id CDD671B4D120F for ; Sun, 20 Sep 2020 07:59:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on apollo.archlinux.org X-Spam-Level: X-Spam-Status: No, score=-6.4 required=5.0 tests=DKIMWL_WL_HIGH=-2.996, DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1, MAILING_LIST_MULTI=-1,RCVD_IN_DNSWL_MED=-2.3,SPF_HELO_NONE=0.001, T_DMARC_POLICY_NONE=0.01 autolearn=ham autolearn_force=no version=3.4.4 X-Spam-BL-Results: [127.0.9.2] Received: from orion.archlinux.org (orion.archlinux.org [IPv6:2a01:4f8:160:6087::1]) by apollo.archlinux.org (Postfix) with ESMTPS for ; Sun, 20 Sep 2020 07:59:04 +0000 (UTC) Received: from orion.archlinux.org (localhost [127.0.0.1]) by orion.archlinux.org (Postfix) with ESMTP id 663CC1D3956D47; Sun, 20 Sep 2020 07:59:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=luna2; t=1600588742; bh=oX0XT/E5iXwKy7sPta4fR96Lx89tg0X4qIPrkiTgbUk=; h=To:Date:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc; b=HQG1POkmG/Cznb39Iuerav7DDwK3oJ8JDW8MFVRsBgv9LFq8vCqzhWkW0tfI+Cj1j ljkBFgxmdNXw0c9wD1WIBE+7OIYxhjQmLxBuDaeTlnlQk6somE/JtEJCItYkf6KVlJ 8j1VwQL01XDyzlas3dYYc4gpzpRdkOUHlPYkrRpOlp7jKHgR6wc/bStRueUXosioDX HcLK31S9CNpg1ZjldA/6LqUTi+CehuMd4Y0KgoXdC5B3hf0v5W4j7KGddyHhm/RnSe 4ykmap+C+dlTdfMQX0GNOgGsTYPpqSSHG4m6wkVzuFDYMhDnjPDen4af+JCwqlAFqX Uehnf6sUqpmHv9n8+oMOHsfHRjYjMa12w0W+SEl8LPyS91HbOHU6hlLgEAh8rte+gl EdrhL3RrKB2pLopp1WN1vPoplLtA4X0o0y+Fg1TnS4SB3iu4kJlbcEotTZkq+hoJ5k mb646PM6sxlD5aJvVtbGam5d2pMEe6s/kp3cLb2VsNLbnl56IfeAA9ptJNvCQQ/d3w xA18AY5B8rFnSgMh/XSNKwhUBSnmRckDpo4S0k7SNav31/cQava2rsaB48C5NEWrcZ Id2zy+CQ+3mSWVdZxMKOB7xnRtW8XcnPu9PF5y+odsZ+jiu5BkE1aw87W/Be5AEE9m Y7cHpaWeE2/TRqfMJl8Al5Yo= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=orion; t=1600588742; bh=oX0XT/E5iXwKy7sPta4fR96Lx89tg0X4qIPrkiTgbUk=; h=To:Date:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc; b=TyUEyjkFCIeNWSHf1TbIJaLhXDdiC/hBBu6034k93zxGFbHV28tBAmfYfE/g1kcrR OmxWo8iZ/2PmVwuCaUfRV+WdeQZLo1j8g+N0f7nWBZlAi40pPT+6IMXOtlza/QP2Ow +wD5U0CmTWdX/TkF1fKb0byJStp/sHYGHCzP8f3b4FhXbw9YMHa6nj/Ms3U1BtczHk oetJ2ZZqc6t0vuAdpNhmRyjJvHA0ng1Qkig4ut2Ht7lPWxl2zPhxCoRFrpTKUOUMO0 oWk3Zky73U34vQuzFoNIPYwuDYORBRMvZkR0kEq2T+QODTMrDWjVQAjeKLoZDy4MNV +Gxet+A4E+L5isvmYOqdrSvMZWa9ffuXosOPcGbnkGAwmKM8Wu5EsKzxVBEQzj1VbS YPRkN9uuWUlOdnR42Av8vPK+hoxH3uvwo9YpeCMHGrzwj78Sa3wII7vJuCKWA7J29+ SnQuoDuPSfnUF+n1Fmqe14lYVDbZgjnN4X28wIP9tJK8OueUT8vbfhThqsqRs16nSl 6B+WhxFNLdFJoAIgtONGImqCyHi5FA0x4dJtudd0gMQyavXIrqJ8vOYN6I0B+CGKJ7 l4OEb+jP/ohQgryeVv25B1+ps4w5xqrJyDHqXxAU29XgbIb4pLPP4mWnLK6dyUYvpp BePiL9owS50Dhmzqt1Uf3Uec= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=sWZfdnlPeSaXCuMT2rVmO4HsCA+CSfG5bJT4PH5TNHo=; b=caPvM4OdZBcp5EltQy/b76Ydd1xjjr2cT5fcZ0JLLHuzThcpSniRZVi/luFm4N6/Mz GxldNdRQ0eeDwh3KZHEyhhXf0MA0bIQ2Mlp91n9/xjek/y3avMIqTfP1KxlklWx9PGKR cP+uqogywIjFSWfhQ87iyE/aYu5CW90n9Kt/JlsyLFvaWlj5rasaShfeNSYteLXidzGt g79nUwqDIAJEuy/5HwtVsn9mAq5BKB4oWTaxpXW0P7ISfO6CgWCm3qYCL9TNOiKpvw5X m/0DZtc9ejduJ4WmE56AWmMe5GKVuht+4xrHABs3LIzR1uUah+ardbnUcJHT/7TFuXnt +v2Q== X-Gm-Message-State: AOAM533R51HKyTmmGTeR4MRSi/j1wYUyC3YcN9BrIPoJO4eU2TCSVtPx xBIWjXmkcW1gde2iXulgsM/zilZxKjNzfpKd X-Google-Smtp-Source: ABdhPJwdHi/vLOU9K+26hZULrQ9UyxUa9cENKyH3z7ThY7bJKLgX16KepDAAMkjkgTwb3H7Nw1Hykg== X-Received: by 2002:a7b:c00d:: with SMTP id c13mr23681687wmb.24.1600588731635; Sun, 20 Sep 2020 00:58:51 -0700 (PDT) To: arch-projects@archlinux.org Date: Sun, 20 Sep 2020 09:55:10 +0200 Message-Id: <20200920075510.10268-1-michael.straubej@gmail.com> X-Mailer: git-send-email 2.28.0 MIME-Version: 1.0 Subject: [arch-projects] [namcap] [PATCH v2] Warn on unquoted pkgdir and srcdir X-BeenThere: arch-projects@archlinux.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Arch Linux projects development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Michael Straube via arch-projects Reply-To: Arch Linux projects development discussion Cc: Michael Straube Errors-To: arch-projects-bounces@archlinux.org Sender: "arch-projects" Unqouted $pkgdir and $srcdir can lead to errors if the directory name contains spaces. Not quoting these variables is a common mistake. For example, it is often seen in PKGBUILDs that are submitted for review. Add a rule that warns on unquoted $pkgdir and $srcdir. Signed-off-by: Michael Straube --- v1 -> v2 Updated my email address. Namcap/rules/__init__.py | 3 +- Namcap/rules/unquoteddirvars.py | 39 ++++++++++++ Namcap/tests/pkgbuild/test_unquoteddirvars.py | 63 +++++++++++++++++++ namcap-tags | 1 + 4 files changed, 105 insertions(+), 1 deletion(-) create mode 100644 Namcap/rules/unquoteddirvars.py create mode 100644 Namcap/tests/pkgbuild/test_unquoteddirvars.py diff --git a/Namcap/rules/__init__.py b/Namcap/rules/__init__.py index 5ca6551..bd348b4 100644 --- a/Namcap/rules/__init__.py +++ b/Namcap/rules/__init__.py @@ -67,7 +67,8 @@ from . import ( pkginfo, pkgnameindesc, sfurl, - splitpkgbuild + splitpkgbuild, + unquoteddirvars ) all_rules = {} diff --git a/Namcap/rules/unquoteddirvars.py b/Namcap/rules/unquoteddirvars.py new file mode 100644 index 0000000..bf303f0 --- /dev/null +++ b/Namcap/rules/unquoteddirvars.py @@ -0,0 +1,39 @@ +# +# namcap rules - unquoteddirvars +# Copyright (C) 2020 Michael Straube +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +import re +from Namcap.ruleclass import * + +class package(PkgbuildRule): + name = "unquoteddirvars" + description = "Looks for unquoted $pkgdir and $srcdir" + def analyze(self, pkginfo, pkgbuild): + needles = ['$pkgdir', '${pkgdir}', '$srcdir', '${srcdir}'] + hits = set() + for line in pkginfo.pkgbuild: + if not any(n in line for n in needles): + continue + double_quoted_strings = re.findall('"([^"]*)"', line) + for n in needles: + if line.count(n) != sum(n in s for s in double_quoted_strings): + hits.add(n) + for i in hits: + self.warnings.append(("unquoted-dirvar %s", i)) + +# vim: set ts=4 sw=4 noet: diff --git a/Namcap/tests/pkgbuild/test_unquoteddirvars.py b/Namcap/tests/pkgbuild/test_unquoteddirvars.py new file mode 100644 index 0000000..4525744 --- /dev/null +++ b/Namcap/tests/pkgbuild/test_unquoteddirvars.py @@ -0,0 +1,63 @@ +# +# namcap tests - unquoteddirvars +# Copyright (C) 2020 Michael Straube +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +from Namcap.tests.pkgbuild_test import PkgbuildTest +import Namcap.rules + +class NamcapUnqoutedDirVarsTest(PkgbuildTest): + pkgbuild = """ +# Maintainer: Arch Linux +# Contributor: Arch Linux + +pkgname=mypackage +pkgver=1.0 +pkgrel=1 +pkgdesc="A package" +url="http://www.example.com/" +arch=('x86_64') +depends=('glibc') +license=('GPL') +options=('!libtool') +source=(ftp://ftp.example.com/pub/mypackage-0.1.tar.gz) +md5sums=('abcdefabcdef12345678901234567890') + +build() { + cd $srcdir/$pkgname-$pkgver +} + +package() { + make install DESTDIR=$pkgdir/ + install -Dm644 ${srcdir}/LICENSE ${pkgdir}/usr/share/licenses/${pkgname} + install -Dm644 "${srcdir}/example.desktop" "$pkgdir"/usr/share/applications +} +""" + test_valid = PkgbuildTest.valid_tests + + def preSetUp(self): + self.rule = Namcap.rules.unquoteddirvars.package + + def test_example(self): + needles = ['$pkgdir', '${pkgdir}', '$srcdir', '${srcdir}'] + r = self.run_on_pkg(self.pkgbuild) + self.assertEqual(r.errors, []) + self.assertEqual(set(r.warnings), + set(("unquoted-dirvar %s", i) for i in needles)) + self.assertEqual(r.infos, []) + +# vim: set ts=4 sw=4 noet: diff --git a/namcap-tags b/namcap-tags index 1f7bc69..e48f8fe 100644 --- a/namcap-tags +++ b/namcap-tags @@ -85,6 +85,7 @@ specific-sourceforge-mirror :: Attempting to use specific sourceforge mirror, us symlink-found %s points to %s :: Symlink (%s) found that points to %s systemd-location %s :: File %s should be in /usr/lib/systemd/system/ too-many-checksums %s %i needed :: Too many %s: %i needed +unquoted-dirvar %s :: Variable %s is not quoted. unused-sodepend %s %s :: Unused shared library '%s' by file ('%s') use-pkgdir :: Use $pkgdir instead of $startdir/pkg use-srcdir :: Use $srcdir instead of $startdir/src