feat(version upgrade): Add diff & confirmation for pkgctl version upgrade
pkgctl version upgrade now shows a diff of the changes that would be made to the PKGBUILD and asks for user's confirmation to apply them.
Changes are made to a temporary fresh copy of the PKGBUILD and are only applied to the actual PKGBUILD if the user gives confirmation to do so.
This ensures that no other potential untracked changes made prior to pkgctl version upgrade are lost or overwritten and it makes the overall process more "atomic" as the actual PKGBUILD is only modified once the whole upgrade process is over (and the associated changes acknowledged and verified by the user) on the temporary file; preventing eventual undesired "half-baked" changes (e.g. updated $pkgver but no updated checksums).
The --noconfirm flag can be passed to avoid being prompted for a confirmation. The applied changes are still shown however.
This new behavior addresses concerns about the new feature proposed in !261 (which could eventually lead to "yolo" upgrades / packaging). With this new feature, packagers will have to acknowledge & confirm changes before the build starts.
Screenshots:
- Confirming changes:
- Not confirming changes:
- Passing the
--noconfirmflag:
- On multiple pkgbases / paths:
Closes #239
Merge request reports
Activity
added 1 commit
- fbd60711 - feat(version upgrade): Add diff & confirmation for pkgctl version upgrade
Here's a PKGBUILD to build a
devtoolspackage including those changes for testing purposes:# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> # Maintainer: Christian Heusel <gromit@archlinux.org> # Contributor: Pierre Schmitz <pierre@archlinux.de> pkgname=devtools epoch=1 pkgver=1.2.0 pkgrel=1 pkgdesc='Tools for Arch Linux package maintainers' arch=('any') license=('GPL-3.0-or-later') url='https://gitlab.archlinux.org/antiz/devtools' depends=( arch-install-scripts awk bash binutils coreutils curl diffutils expac fakeroot findutils grep jq openssh parallel rsync sed util-linux breezy git mercurial subversion ) makedepends=( asciidoctor shellcheck ) checkdepends=( bats ) optdepends=( 'btrfs-progs: btrfs support' 'bat: pretty printing for pkgctl search' 'nvchecker: pkgctl version subcommand' ) replaces=(devtools-git-poc) source=("git+${url}.git#branch=version_upgrade_confirm") validpgpkeys=( 'E240B57E2C4630BA768E2F26FC1B547C8D8172C8' # Levente Polyak <anthraxx@archlinux.org> 'F00B96D15228013FFC9C9D0393B11DAA4C197E3D' # Christian Heusel (gromit packager key) <gromit@archlinux.org> ) sha256sums=('SKIP') b2sums=('SKIP') build() { cd ${pkgname} make BUILDTOOLVER="${epoch}:${pkgver}-${pkgrel}-${arch}" PREFIX=/usr } check() { cd ${pkgname} make PREFIX=/usr test } package() { cd ${pkgname} make PREFIX=/usr DESTDIR="${pkgdir}" install } # vim: ts=2 sw=2 et:mentioned in issue #239
225 231 "${#failure[@]}" 226 232 fi 227 233 234 # ask confirmation about changes made to PKGBUILD 235 if (( noconfirm == 0 )); then 236 echo 237 git diff PKGBUILD 238 read -rep $'\nConfirm changes? [Y/n] ' answer 239 case $answer in 240 "Y"|"y"|"") 241 true 242 ;; 243 *) 244 printf "\nReverting changes...\n" 245 git checkout PKGBUILD -
Well, if such changes are untracked, they would be discarded indeed. I understand that might not be ideal... although the
git diffbeforehand shows exactly what would be reversed :PI'll try to come up with a way to prevent that and only revert the parts modified by
pkgctl version upgradeinstead. I tried to play a bit withgit stashbut couldn't find a way to achieve that for now. Hopefully I can find a simple and elegant solution.
Edited by Robin Candau -
I added some clarifications about reverting changes in the confirmation message in !274 (eeca8d52)
Hopefully this is clear enough 
I think the magic would be around not reverting changes, but instead have a confirmation to apply the new version prior to modifying the PKGBUILD and updating the checksums. That would match a much more natural expectations, not just around confirming to apply an upgrade change, but also in terms of implication on a dirty working tree.
-
@lahwaacz @anthraxx Does it still makes sense for
pkgctl version upgradeto show the actual diff of the changes it'll apply before asking for a confirmation? Or @anthraxx's proposition is just to implement a confirmation message before applying changes as it's done today?If showing diff is still of interest, I thought of the following behavior:
pkgctl version upgradewould copy the PKGBUILD into a separate and temporary file (e.g.PKGBUILD_version_upgrade.tmp) and would make changes into that file (instead of targeting the actual PKGBUILD). Then the diff will be shown to the user with e.g.diff --unified --color PKGBUILD PKGBUILD_version_upgrade.tmpand a confirmation message will be prompted to user.Then:
-
If the user gives its confirmation to proceed, then the patch is applied to the actual PKGBUILD with e.g.
diff --unified --color PKGBUILD PKGBUILD_version_upgrade.tmp | git apply(the diff output can be stored in a variable or a patch file the first time it is ran if runningdifftwice is a concern). -
If not, the patch isn't applied.
In any case, the
PKGBUILD_version_upgrade.tmpfile is then deleted.Users can pass the
--noconfirmflag to avoid being prompted for confirmation.This behavior allows to avoid making changes to the PKGBUILD itself before the user gave its confirmation (and thus avoid the need to revert changes if the user doesn't give its confirmation, so we are not taking the risk to revert other untracked and unrelated changes).
How does that sounds?
Edited by Robin Candau -
-
For what it's worth, that would also prevent to end up with an eventual "half baked" change in the PKGBUILD (e.g. when the $pkgver is updated but the checksum for the source cannot be updated for whatever reason, like non existing upstream source or something), making the process more "atomic".
Edited by Robin Candau changed this line in version 6 of the diff
-
@anthraxx @lahwaacz The behavior described above has been applied. It was trickier than I anticipated but covers both your concerns :)
Hopefully the implement isn't too sketchy 🫣To sum up, changes are now applied to a fresh & temporary copy of the PKGBUILD file, and later only applied to the actual PKGBUILD if the user gave the confirmation to do so. That means eventual changes made prior to running
pkgctl version upgradecannot be lost or overwritten as there's no "reverting changes" mechanism anymore. Only a diff between the PKGBUILD state right before and afterpkgctl version upgradethat user has to acknowledge and confirm to actually apply.As a side benefit, this also makes the whole process more "atomic" as the changes are only applied once the whole
version upgradeprocess is successfully over (+ acknowledged & confirmed by the user) on the temporary file, preventing eventual undesired "half-baked" changes that can currently happen (e.g. an updated$pkgverbut no updated checksums because the upstream source doesn't exists or you lost your internet connection during source downloading or whatever else...).
added 1 commit
- eeca8d52 - Make the confirmation clearer about reverting changes
added 1 commit
- 22a393b7 - feat(version upgrade): Add diff & confirmation for pkgctl version upgrade
added scopefeature label
added 1 commit
- eb47605f - Work on a temporary file instead of the actual PKGBUILD
added 1 commit
- 378e24d7 - Allow targeting another file than the PKGBUILD for 'pkgbuild_update_checksums'
added 1 commit
- be5d60d5 - Apply changes right away if user used the --noconfirm flag
added 1 commit
- 51e966ce - Make it work when working on multiple packages
