1. 04 Sep, 2021 1 commit
    • Morgan Adamiec's avatar
      libalpm: Give -U downloads a random .part name if needed · c0026caa
      Morgan Adamiec authored and Allan McRae's avatar Allan McRae committed
      
      
      archweb's download links all ended in /download. This cause all the temp
      files to be named download.part. With parallel downloads this results in
      multiple downloads to go to the same temp file and breaks the transaction.
      
      Assign random temporary filenames to downloads from URLs that are either
      missing a filename, or if the filename does not contain at least three
      hyphens (as a well formed package filename does).
      
      While this approach to determining when to use a temporary filename is
      not 100% foolproof, it does keep nice looking download progress bar names
      when a proper package filename is given. The only downside of not using
      temporary files when provided with a filename  with three or more hyphens
      is URLs created specifically to bypass temporary filename usage can not
      be downloaded in parallel. We probably do not want to download packages
      from such URLs anyway.
      
      Fixes FS#71464
      
      Modified-by: Allan McRae (do not use temporary files for realish URLs)
      Signed-off-by: Allan McRae's avatarAllan McRae <allan@archlinux.org>
      c0026caa
  2. 08 Aug, 2021 1 commit
    • Allan McRae's avatar
      libmakepkg: reproducibilty for python packages · 1c5a5688
      Allan McRae authored
      
      
      Arch Linux has been setting PYTHONHASHSEED=0 to create deterministic
      .pyc files.  After a thorough review by the Arch Security Team, setting
      this variable was determined not to generated vulnerable .pyc files, as
      when the loader loads the .pyc file and unmarshalls it, the internal
      runtime will just populate the unordered data structures and use a new
      runtime hash for them.
      
      Signed-off-by: Allan McRae's avatarAllan McRae <allan@archlinux.org>
      1c5a5688
  3. 04 Aug, 2021 4 commits
  4. 01 Jul, 2021 1 commit
    • Jonas Witschel's avatar
      doc: use localdate instead of pacman_date to improve reproducibility · b4383b8d
      Jonas Witschel authored and Allan McRae's avatar Allan McRae committed
      
      
      pacman_date is set to the current date during build without respecting
      SOURCE_DATE_EPOCH. As a result, a build cannot be fully reproduced on a later
      date because the date embedded into the man pages does not match.
      
      In contrast, the built-in asciidoc attribute "localdate" respects
      SOURCE_DATE_EPOCH and has the desired ISO 8601 format, so simply use that
      instead of the custom "pacman_date" attribute.
      
      Fixes: FS#71154
      
      Signed-off-by: Jonas Witschel <diabonas at archlinux.org>
      Signed-off-by: Allan McRae's avatarAllan McRae <allan@archlinux.org>
      b4383b8d
  5. 24 Jun, 2021 2 commits
  6. 07 Jun, 2021 3 commits
  7. 02 Jun, 2021 1 commit
  8. 20 May, 2021 6 commits
  9. 19 May, 2021 1 commit
    • Eli Schwartz's avatar
      makepkg: squelch readelf warnings from debug stripping · e176b8ec
      Eli Schwartz authored and Allan McRae's avatar Allan McRae committed
      
      
      readelf --debug-dump sometimes reports inscrutable warnings which don't
      actually affect our extraction of source filenames. For example:
      
      readelf: Warning: There is a hole [0xd3d - 0xd89] in .debug_loc section.
      
      Now gcc 11 seems to have dramatically increased the number of warnings:
      
      readelf: Warning: Corrupt offset (0x0000008e) in range entry 9
      [...]
      readelf: Warning: Corrupt offset (0x000010f0) in range entry 250
      
      The resulting debuginfo created by the very same toolchain works fine,
      as does the list of source filenames. But the warnings are quite
      noisy... send them to /dev/null since they are not actionable in the
      context of getting source files
      
      Signed-off-by: Eli Schwartz's avatarEli Schwartz <eschwartz@archlinux.org>
      Signed-off-by: Allan McRae's avatarAllan McRae <allan@archlinux.org>
      e176b8ec
  10. 18 May, 2021 1 commit
  11. 17 May, 2021 3 commits
  12. 09 May, 2021 6 commits
  13. 03 May, 2021 1 commit
  14. 01 May, 2021 7 commits
  15. 23 Apr, 2021 2 commits