This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The official pacman repository". The branch, master has been updated via 2a792ac7bb1ceda42767c696e2664819b47ffc3b (commit) via f49233903521f19a1fcba6bf6c36abea71309a1e (commit) via 45e01e55c96d9abf8c73f6ee3766b16e5fbefc4d (commit) via 6d99a15f0bd9cba4500808114738065903312bf6 (commit) via a6ae5f0a04cd3cac70525f073bdb11e4bb9266e5 (commit) via b4e4b74acea3d652317b030e761300d5c7b437a2 (commit) via bcacb00fc89c04ec0b5e7ebefe3b605b266cef57 (commit) from 48752f1b4b16cd1dad56649cd36b253494aa9ff1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2a792ac7bb1ceda42767c696e2664819b47ffc3b Author: Eli Schwartz <eschwartz@archlinux.org> Date: Sun Oct 6 23:11:20 2019 -0400 pacman-key: clean keys on import to remove unknown signatures There is no good reason to bloat the keyring by importing tons of signatures we cannot use; drop any signatures that don't validate against another available key (probably the master keys). If any desired signatures get cleaned, the key can be refreshed after importing the new signing public key. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> commit f49233903521f19a1fcba6bf6c36abea71309a1e Author: Eli Schwartz <eschwartz@archlinux.org> Date: Sun Oct 6 23:11:19 2019 -0400 pacman-key: make sure we actually use the Web of Trust, which GnuPG doesn't. By default, the latest versions of GnuPG disable the Web of Trust and refuse to import signatures from public keyservers. This is to prevent denial of service attacks, because refusing to import signatures only if the key size is too big, is apparently too silly to consider. Either way, pacman needs the WoT. If pacman imports a key at all, it means everything failed and we are in fallback mode, trying to overcome a shortcoming in the availability of keys in the keyring package. (This commonly means the user needs to acquire a new key during the same transaction that updates archlinux-keyring.) In order for that new key to be usable, it *must* also import signatures from the Master Keys. I don't give credence to this supposed DoS, since the worst case scenario is nothing happening and needing to CTRL+C in order to exit the program. In the case of pacman, this is better than being unable to install anything at all (which is gnupg doing a much more harmful DoS to pacman), and in the already unusual case where something like --refresh-keys is being used directly instead of depending on the keyring package itself, gnupg supports WKD out of the box and will prefer that for people whose keys are marketed as being non-DOSable. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> commit 45e01e55c96d9abf8c73f6ee3766b16e5fbefc4d Author: Eli Schwartz <eschwartz@archlinux.org> Date: Mon Aug 5 12:53:09 2019 -0400 pacman-key: when refreshing gpg.conf, don't truncate option checking If an option is a two-part option, we print both (separated by IFS=' '), but when grepping to see if it already exists, we only checked the first component. This means that something like keyserver-options could only check if there were existing keyserver options of any sort, but not which ones. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> commit 6d99a15f0bd9cba4500808114738065903312bf6 Author: Matthew Sexton <WSDMatty@gmail.com> Date: Tue Sep 10 05:33:53 2019 -0400 pacman/pacman-conf, testpkg: Added translatable strings Added gettext macro to warnings, helps, and errors for translation. Signed-off-by: Matthew Sexton <wsdmatty@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org> commit a6ae5f0a04cd3cac70525f073bdb11e4bb9266e5 Author: Matthew Sexton <WSDMatty@gmail.com> Date: Sun Sep 8 22:52:57 2019 -0400 pacman: pacman-conf: removed hputs macro for usage display Using the macro got in the way of _() macro for translation All the macro did was make it so the writer didn't have to type \n", stream); at the end of every line. Signed-off-by: Allan McRae <allan@archlinux.org> commit b4e4b74acea3d652317b030e761300d5c7b437a2 Author: morganamilo <morganamilo@gmail.com> Date: Sun Sep 8 22:45:27 2019 +0100 libalpm: resolvedep(): don't compare names twice If we failed to get the pkg from pkgcache then we know no satisfying package exists by name. So only compare provides. Signed-off-by: Allan McRae <allan@archlinux.org> commit bcacb00fc89c04ec0b5e7ebefe3b605b266cef57 Author: Eli Schwartz <eschwartz@archlinux.org> Date: Sun Oct 6 21:33:41 2019 -0400 makepkg: add rust support for *FLAGS and debug-prefix-map The rust language supports $RUSTFLAGS to be used automatically in all rustc invocations. Allow setting this in makepkg.conf (e.g. for optimization or debuginfo support), and teach debug+strip to pass the rustc command line argument necessary to rewrite source file paths in the debugging symbols. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> ----------------------------------------------------------------------- Summary of changes: doc/makepkg.conf.5.asciidoc | 9 ++++++ etc/makepkg.conf.in | 2 ++ lib/libalpm/deps.c | 3 +- scripts/libmakepkg/buildenv.sh.in | 2 +- scripts/libmakepkg/buildenv/buildflags.sh.in | 2 +- scripts/libmakepkg/buildenv/debugflags.sh.in | 2 ++ scripts/libmakepkg/lint_config/variable.sh.in | 8 ++--- scripts/pacman-key.sh.in | 8 ++++- src/pacman/pacman-conf.c | 46 +++++++++++++++------------ src/util/testpkg.c | 29 ++++++++++------- 10 files changed, 70 insertions(+), 41 deletions(-) hooks/post-receive -- The official pacman repository