1. 04 Oct, 2021 1 commit
    • Morgan Adamiec's avatar
      alpm: return -1 for error in find_dl_candidates · 8d483320
      Morgan Adamiec authored
      This is the error value generally used and the calling function
      explicitly checks for -1, later causing the error to be missed
      and the transaction to continue.
      > pacman -S xterm
      warning: xterm-369-1 is up to date -- reinstalling
      resolving dependencies...
      looking for conflicting packages...
      Package (1)  Old Version  New Version  Net Change  Download Size
      extra/xterm  369-1        369-1          0.00 MiB       0.42 MiB
      Total Download Size:   0.42 MiB
      Total Installed Size:  1.05 MiB
      Net Upgrade Size:      0.00 MiB
      :: Proceed with installation? [Y/n]
      error: no servers configured for repository: extra
      (1/1) checking keys in keyring                                                                 [--------------------------------------------------------] 100%
      (1/1) checking package integrity                                                               [--------------------------------------------------------] 100%
      error: failed to commit transaction (wrong or NULL argument passed)
      Errors occurred, no packages were upgraded.
  2. 04 Sep, 2021 20 commits
  3. 08 Aug, 2021 1 commit
    • Allan McRae's avatar
      libmakepkg: reproducibilty for python packages · 1c5a5688
      Allan McRae authored
      Arch Linux has been setting PYTHONHASHSEED=0 to create deterministic
      .pyc files.  After a thorough review by the Arch Security Team, setting
      this variable was determined not to generated vulnerable .pyc files, as
      when the loader loads the .pyc file and unmarshalls it, the internal
      runtime will just populate the unordered data structures and use a new
      runtime hash for them.
      Signed-off-by: Allan McRae's avatarAllan McRae <allan@archlinux.org>
  4. 04 Aug, 2021 4 commits
  5. 01 Jul, 2021 1 commit
    • Jonas Witschel's avatar
      doc: use localdate instead of pacman_date to improve reproducibility · b4383b8d
      Jonas Witschel authored and Allan McRae's avatar Allan McRae committed
      pacman_date is set to the current date during build without respecting
      SOURCE_DATE_EPOCH. As a result, a build cannot be fully reproduced on a later
      date because the date embedded into the man pages does not match.
      In contrast, the built-in asciidoc attribute "localdate" respects
      SOURCE_DATE_EPOCH and has the desired ISO 8601 format, so simply use that
      instead of the custom "pacman_date" attribute.
      Fixes: FS#71154
      Signed-off-by: Jonas Witschel <diabonas at archlinux.org>
      Signed-off-by: Allan McRae's avatarAllan McRae <allan@archlinux.org>
  6. 24 Jun, 2021 2 commits
  7. 07 Jun, 2021 3 commits
  8. 02 Jun, 2021 1 commit
  9. 20 May, 2021 6 commits
  10. 19 May, 2021 1 commit
    • Eli Schwartz's avatar
      makepkg: squelch readelf warnings from debug stripping · e176b8ec
      Eli Schwartz authored and Allan McRae's avatar Allan McRae committed
      readelf --debug-dump sometimes reports inscrutable warnings which don't
      actually affect our extraction of source filenames. For example:
      readelf: Warning: There is a hole [0xd3d - 0xd89] in .debug_loc section.
      Now gcc 11 seems to have dramatically increased the number of warnings:
      readelf: Warning: Corrupt offset (0x0000008e) in range entry 9
      readelf: Warning: Corrupt offset (0x000010f0) in range entry 250
      The resulting debuginfo created by the very same toolchain works fine,
      as does the list of source filenames. But the warnings are quite
      noisy... send them to /dev/null since they are not actionable in the
      context of getting source files
      Signed-off-by: Eli Schwartz's avatarEli Schwartz <eschwartz@archlinux.org>
      Signed-off-by: Allan McRae's avatarAllan McRae <allan@archlinux.org>