Unqouted $pkgdir and $srcdir can lead to errors if the directory name
contains spaces. Not quoting these variables is a common mistake. For
example, it is often seen in PKGBUILDs that are submitted for review.
Add a rule that warns on unquoted $pkgdir and $srcdir.
Signed-off-by: Michael Straube <michael.straubej(a)gmail.com>
---
v1 -> v2
Updated my email address.
Namcap/rules/__init__.py | 3 +-
Namcap/rules/unquoteddirvars.py | 39 ++++++++++++
Namcap/tests/pkgbuild/test_unquoteddirvars.py | 63 +++++++++++++++++++
namcap-tags | 1 +
4 files changed, 105 insertions(+), 1 deletion(-)
create mode 100644 Namcap/rules/unquoteddirvars.py
create mode 100644 Namcap/tests/pkgbuild/test_unquoteddirvars.py
diff --git a/Namcap/rules/__init__.py b/Namcap/rules/__init__.py
index 5ca6551..bd348b4 100644
--- a/Namcap/rules/__init__.py
+++ b/Namcap/rules/__init__.py
@@ -67,7 +67,8 @@ from . import (
pkginfo,
pkgnameindesc,
sfurl,
- splitpkgbuild
+ splitpkgbuild,
+ unquoteddirvars
)
all_rules = {}
diff --git a/Namcap/rules/unquoteddirvars.py b/Namcap/rules/unquoteddirvars.py
new file mode 100644
index 0000000..bf303f0
--- /dev/null
+++ b/Namcap/rules/unquoteddirvars.py
@@ -0,0 +1,39 @@
+#
+# namcap rules - unquoteddirvars
+# Copyright (C) 2020 Michael Straube <michael.straubej(a)gmail.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import re
+from Namcap.ruleclass import *
+
+class package(PkgbuildRule):
+ name = "unquoteddirvars"
+ description = "Looks for unquoted $pkgdir and $srcdir"
+ def analyze(self, pkginfo, pkgbuild):
+ needles = ['$pkgdir', '${pkgdir}', '$srcdir', '${srcdir}']
+ hits = set()
+ for line in pkginfo.pkgbuild:
+ if not any(n in line for n in needles):
+ continue
+ double_quoted_strings = re.findall('"([^"]*)"', line)
+ for n in needles:
+ if line.count(n) != sum(n in s for s in double_quoted_strings):
+ hits.add(n)
+ for i in hits:
+ self.warnings.append(("unquoted-dirvar %s", i))
+
+# vim: set ts=4 sw=4 noet:
diff --git a/Namcap/tests/pkgbuild/test_unquoteddirvars.py b/Namcap/tests/pkgbuild/test_unquoteddirvars.py
new file mode 100644
index 0000000..4525744
--- /dev/null
+++ b/Namcap/tests/pkgbuild/test_unquoteddirvars.py
@@ -0,0 +1,63 @@
+#
+# namcap tests - unquoteddirvars
+# Copyright (C) 2020 Michael Straube <michael.straubej(a)gmail.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+from Namcap.tests.pkgbuild_test import PkgbuildTest
+import Namcap.rules
+
+class NamcapUnqoutedDirVarsTest(PkgbuildTest):
+ pkgbuild = """
+# Maintainer: Arch Linux <archlinux at example.com>
+# Contributor: Arch Linux <archlinux at example.com>
+
+pkgname=mypackage
+pkgver=1.0
+pkgrel=1
+pkgdesc="A package"
+url="http://www.example.com/"
+arch=('x86_64')
+depends=('glibc')
+license=('GPL')
+options=('!libtool')
+source=(ftp://ftp.example.com/pub/mypackage-0.1.tar.gz)
+md5sums=('abcdefabcdef12345678901234567890')
+
+build() {
+ cd $srcdir/$pkgname-$pkgver
+}
+
+package() {
+ make install DESTDIR=$pkgdir/
+ install -Dm644 ${srcdir}/LICENSE ${pkgdir}/usr/share/licenses/${pkgname}
+ install -Dm644 "${srcdir}/example.desktop" "$pkgdir"/usr/share/applications
+}
+"""
+ test_valid = PkgbuildTest.valid_tests
+
+ def preSetUp(self):
+ self.rule = Namcap.rules.unquoteddirvars.package
+
+ def test_example(self):
+ needles = ['$pkgdir', '${pkgdir}', '$srcdir', '${srcdir}']
+ r = self.run_on_pkg(self.pkgbuild)
+ self.assertEqual(r.errors, [])
+ self.assertEqual(set(r.warnings),
+ set(("unquoted-dirvar %s", i) for i in needles))
+ self.assertEqual(r.infos, [])
+
+# vim: set ts=4 sw=4 noet:
diff --git a/namcap-tags b/namcap-tags
index 1f7bc69..e48f8fe 100644
--- a/namcap-tags
+++ b/namcap-tags
@@ -85,6 +85,7 @@ specific-sourceforge-mirror :: Attempting to use specific sourceforge mirror, us
symlink-found %s points to %s :: Symlink (%s) found that points to %s
systemd-location %s :: File %s should be in /usr/lib/systemd/system/
too-many-checksums %s %i needed :: Too many %s: %i needed
+unquoted-dirvar %s :: Variable %s is not quoted.
unused-sodepend %s %s :: Unused shared library '%s' by file ('%s')
use-pkgdir :: Use $pkgdir instead of $startdir/pkg
use-srcdir :: Use $srcdir instead of $startdir/src
--
2.28.0