diff options
author | Jon Turney <jon.turney@dronecode.org.uk> | 2023-01-18 17:52:28 +0300 |
---|---|---|
committer | Jon Turney <jon.turney@dronecode.org.uk> | 2023-01-19 16:24:47 +0300 |
commit | bb40e56925ea39a75b03aa205f4a783ea3b1f7ab (patch) | |
tree | 2c4e459e0778edc7666ceed41d38ce0acab4b8ab | |
parent | 96fdd81dca85221cc5b3b63e36f1f0fc3566bfc6 (diff) |
Validate character set used by the package version, V
Just as package name, only allow alphanumerics and '-._+'
Warn about other characters, just as we already warn about '-', and add
an exception for the one existing package which breaks these rules (with
a ~).
Also: '._+' should be allowed in R
-rwxr-xr-x | calm/package.py | 14 | ||||
-rw-r--r-- | calm/past_mistakes.py | 8 |
2 files changed, 15 insertions, 7 deletions
diff --git a/calm/package.py b/calm/package.py index c8f079a..43a403e 100755 --- a/calm/package.py +++ b/calm/package.py @@ -404,8 +404,8 @@ def read_one_package(packages, p, relpath, dirpath, files, kind, strict): # warn if filename doesn't follow P-V-R naming convention # # P must match the package name, V can contain anything, R must - # start with a number - match = re.match(r'^' + re.escape(p) + r'-(.+)-(\d[0-9a-zA-Z.]*)(-src|)\.(tar' + common_constants.PACKAGE_COMPRESSIONS_RE + r'|hint)$', f) + # start with a number and can't include a hyphen + match = re.match(r'^' + re.escape(p) + r'-(.+)-(\d[0-9a-zA-Z._+]*)(-src|)\.(tar' + common_constants.PACKAGE_COMPRESSIONS_RE + r'|hint)$', f) if not match: logging.error("file '%s' in package '%s' doesn't follow naming convention" % (f, p)) return True @@ -417,7 +417,7 @@ def read_one_package(packages, p, relpath, dirpath, files, kind, strict): # we already know P to split unambiguously), but this is a bad # idea. if '-' in v: - if v in past_mistakes.hyphen_in_version.get(p, []): + if v in past_mistakes.illegal_char_in_version.get(p, []): lvl = logging.INFO else: lvl = logging.ERROR @@ -428,6 +428,14 @@ def read_one_package(packages, p, relpath, dirpath, files, kind, strict): logging.error("file '%s' in package '%s' has a version which doesn't start with a digit" % (f, p)) warnings = True + if not re.match(r'^[\w\-._+]*$', v): + if v in past_mistakes.illegal_char_in_version.get(p, []): + lvl = logging.INFO + else: + lvl = logging.ERROR + warnings = True + logging.log(lvl, "file '%s' in package '%s' has a version which contains illegal characters" % (f, p)) + # if not there already, add to version-release list vr = '%s-%s' % (v, r) vr_list.add(vr) diff --git a/calm/past_mistakes.py b/calm/past_mistakes.py index 6678d86..fed6c49 100644 --- a/calm/past_mistakes.py +++ b/calm/past_mistakes.py @@ -27,14 +27,16 @@ # uses. # -# packages with historical versions containing a hyphen -hyphen_in_version = { +# packages with historical versions containing a hyphen, or other illegal +# character +illegal_char_in_version = { 'ctorrent': ['1.3.4-dnh3.2'], 'email': ['3.2.1-git', '3.2.3-git'], 'email-debuginfo': ['3.2.1-git', '3.2.3-git'], 'fdupes': ['1.50-PR2'], 'gendef': ['1.0-svn2931'], 'gendef-debuginfo': ['1.0-svn2931'], + 'gt5': ['1.5.0~20111220+bzr29'], 'hidapi': ['0.8.0-rc1'], 'hidapi-debuginfo': ['0.8.0-rc1'], 'libhidapi-devel': ['0.8.0-rc1'], @@ -48,8 +50,6 @@ hyphen_in_version = { 'mingw64-x86_64-hidapi-debuginfo': ['0.8.0-rc1'], 'recode': ['3.7-beta2'], 'recode-debuginfo': ['3.7-beta2'], - 'tack': ['1.07-20150606'], - 'tack-debuginfo': ['1.07-20150606'], } # cygport places this into the requires of every debuginfo package, including |