[aur-dev] epoch fields for packages are completely ignored
Hey. The epoch field in PKGBUILD files is completely ignored now, and the final Version field for the package consists only of pkgver and pkgrel (example: 5.0-1) This means that various AUR helpers cannot perform updates on packages that have epoch > 0, because the local package is from that higher epoch and the one in the AUR (as reported by rpc.php) is from epoch 0. I'm providing a patch that supposedly fixes the problem by inspecting the epoch field, and if not 0 prepending it to the Version (example: 1:5.0-1). Comments welcome.
On Fri, Jun 24, 2011 at 08:47:49AM +0300, Slavi Pantaleev wrote:
From 43edc10872ede698a647805e6b1c798f6a13e8b8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev <s.pantaleev@gmail.com> Date: Fri, 24 Jun 2011 08:27:55 +0300 Subject: [PATCH] Honor epoch field in PKGBUILD files.
The epoch field in PKGBUILD files was completely ignored until now, and the final Version field for the package consisted only of pkgver and pkgrel (example: 5.0-1)
Yeah, it seems like we sleepwalked through the epoch change... Good catch.
This means that various AUR helpers cannot perform updates on packages that have epoch > 0, because the local package is from that higher epoch and the one in the AUR (as reported by rpc.php) is from epoch 0.
Well, I don't see how the PKGBUILD parser should prevent packages from being upgraded here, unless AUR helpers are doing something nasty. Packages should *always* be built by downloading the source tarball and using makepkg(8) which will result in a correct epoch, regardless of what the AUR reports. However, having no epoch support might break upgrades with AUR helpers that use the parsed version number to check for updates. The commit message should be fixed to reflect this.
The epoch field is taken into consideration now, and if not 0, will be prepended to the final Version field (example: 1:5.0-1) --- web/html/pkgsubmit.php | 18 ++++++++++++------ 1 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index b5fe3b7..699b64f 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -240,6 +240,8 @@ if ($uid): } $new_pkgbuild[$k] = $v; } + + $new_pkgbuild['epoch'] = (isset($new_pkgbuild['epoch']) ? (int)$new_pkgbuild['epoch'] : 0);
Don't do that here. Sanitizing strings never is a mistake but we should refactor our code if we want to do that. Just coerce the epoch value into an integer when doing the "$pkg_version" assignment below.
}
# Now we've parsed the pkgbuild, let's move it to where it belongs @@ -324,11 +326,16 @@ if ($uid): db_query($q, $dbh); }
+ if ($new_pkgbuild['epoch'] !== 0) {
See above. Something like "if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] != 0)" might work. Also, move this out of the if block. Otherwise, "$pkg_version" will be unset in case someone does an initial package submission (check the else case).
+ $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } else { + $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } + # Update package data - $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s-%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d", + $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d", mysql_real_escape_string($new_pkgbuild['pkgname']), - mysql_real_escape_string($new_pkgbuild['pkgver']), - mysql_real_escape_string($new_pkgbuild['pkgrel']), + mysql_real_escape_string($pkg_version), mysql_real_escape_string($new_pkgbuild['license']), mysql_real_escape_string($new_pkgbuild['pkgdesc']), mysql_real_escape_string($new_pkgbuild['url']), @@ -339,11 +346,10 @@ if ($uid):
} else { # This is a brand new package - $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s-%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)", + $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)", mysql_real_escape_string($new_pkgbuild['pkgname']), mysql_real_escape_string($new_pkgbuild['license']), - mysql_real_escape_string($new_pkgbuild['pkgver']), - mysql_real_escape_string($new_pkgbuild['pkgrel']), + mysql_real_escape_string($pkg_version), mysql_real_escape_string($_REQUEST['category']), mysql_real_escape_string($new_pkgbuild['pkgdesc']), mysql_real_escape_string($new_pkgbuild['url']), -- 1.7.5.2
By the "AUR helpers cannot update packages" comment, I really meant that scripts/helpers that use rpc.php to get the parsed version were being confused about the actual AUR version of the package, meaning they couldn't update locale packages (which always seemed newer if they had an epoch > 0). Perhaps the commit message was a bit misleading, and I have tried to correct that confusion in the new one. Oh, good catch on the IF for adding/updating packages. I'm definitely not used looking at code like this and totally overlook it, even though I saw and fixed the code below :) New patch attached that hopefully fixes all problems discussed until now. On Fri, Jun 24, 2011 at 5:59 PM, Lukas Fleischer <archlinux@cryptocrack.de> wrote:
On Fri, Jun 24, 2011 at 08:47:49AM +0300, Slavi Pantaleev wrote:
From 43edc10872ede698a647805e6b1c798f6a13e8b8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev <s.pantaleev@gmail.com> Date: Fri, 24 Jun 2011 08:27:55 +0300 Subject: [PATCH] Honor epoch field in PKGBUILD files.
The epoch field in PKGBUILD files was completely ignored until now, and the final Version field for the package consisted only of pkgver and pkgrel (example: 5.0-1)
Yeah, it seems like we sleepwalked through the epoch change... Good catch.
This means that various AUR helpers cannot perform updates on packages that have epoch > 0, because the local package is from that higher epoch and the one in the AUR (as reported by rpc.php) is from epoch 0.
Well, I don't see how the PKGBUILD parser should prevent packages from being upgraded here, unless AUR helpers are doing something nasty. Packages should *always* be built by downloading the source tarball and using makepkg(8) which will result in a correct epoch, regardless of what the AUR reports.
However, having no epoch support might break upgrades with AUR helpers that use the parsed version number to check for updates. The commit message should be fixed to reflect this.
The epoch field is taken into consideration now, and if not 0, will be prepended to the final Version field (example: 1:5.0-1) --- web/html/pkgsubmit.php | 18 ++++++++++++------ 1 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index b5fe3b7..699b64f 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -240,6 +240,8 @@ if ($uid): } $new_pkgbuild[$k] = $v; } + + $new_pkgbuild['epoch'] = (isset($new_pkgbuild['epoch']) ? (int)$new_pkgbuild['epoch'] : 0);
Don't do that here. Sanitizing strings never is a mistake but we should refactor our code if we want to do that. Just coerce the epoch value into an integer when doing the "$pkg_version" assignment below.
}
# Now we've parsed the pkgbuild, let's move it to where it belongs @@ -324,11 +326,16 @@ if ($uid): db_query($q, $dbh); }
+ if ($new_pkgbuild['epoch'] !== 0) {
See above. Something like "if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] != 0)" might work. Also, move this out of the if block. Otherwise, "$pkg_version" will be unset in case someone does an initial package submission (check the else case).
+ $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } else { + $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } + # Update package data - $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s-%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d", + $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d", mysql_real_escape_string($new_pkgbuild['pkgname']), - mysql_real_escape_string($new_pkgbuild['pkgver']), - mysql_real_escape_string($new_pkgbuild['pkgrel']), + mysql_real_escape_string($pkg_version), mysql_real_escape_string($new_pkgbuild['license']), mysql_real_escape_string($new_pkgbuild['pkgdesc']), mysql_real_escape_string($new_pkgbuild['url']), @@ -339,11 +346,10 @@ if ($uid):
} else { # This is a brand new package - $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s-%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)", + $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)", mysql_real_escape_string($new_pkgbuild['pkgname']), mysql_real_escape_string($new_pkgbuild['license']), - mysql_real_escape_string($new_pkgbuild['pkgver']), - mysql_real_escape_string($new_pkgbuild['pkgrel']), + mysql_real_escape_string($pkg_version), mysql_real_escape_string($_REQUEST['category']), mysql_real_escape_string($new_pkgbuild['pkgdesc']), mysql_real_escape_string($new_pkgbuild['url']), -- 1.7.5.2
participants (2)
-
Lukas Fleischer
-
Slavi Pantaleev