[aur-dev] epoch fields for packages are completely ignored
Slavi Pantaleev
s.pantaleev at gmail.com
Fri Jun 24 13:06:02 EDT 2011
By the "AUR helpers cannot update packages" comment, I really meant
that scripts/helpers that use rpc.php to get the parsed version were
being confused about the actual AUR version of the package, meaning
they couldn't update locale packages (which always seemed newer if
they had an epoch > 0).
Perhaps the commit message was a bit misleading, and I have tried to
correct that confusion in the new one.
Oh, good catch on the IF for adding/updating packages.
I'm definitely not used looking at code like this and totally overlook
it, even though I saw and fixed the code below :)
New patch attached that hopefully fixes all problems discussed until now.
On Fri, Jun 24, 2011 at 5:59 PM, Lukas Fleischer
<archlinux at cryptocrack.de> wrote:
> On Fri, Jun 24, 2011 at 08:47:49AM +0300, Slavi Pantaleev wrote:
>> From 43edc10872ede698a647805e6b1c798f6a13e8b8 Mon Sep 17 00:00:00 2001
>> From: Slavi Pantaleev <s.pantaleev at gmail.com>
>> Date: Fri, 24 Jun 2011 08:27:55 +0300
>> Subject: [PATCH] Honor epoch field in PKGBUILD files.
>>
>> The epoch field in PKGBUILD files was completely ignored until now,
>> and the final Version field for the package consisted only of
>> pkgver and pkgrel (example: 5.0-1)
>
> Yeah, it seems like we sleepwalked through the epoch change... Good
> catch.
>
>> This means that various AUR helpers cannot perform updates on packages
>> that have epoch > 0, because the local package is from that higher epoch
>> and the one in the AUR (as reported by rpc.php) is from epoch 0.
>
> Well, I don't see how the PKGBUILD parser should prevent packages from
> being upgraded here, unless AUR helpers are doing something nasty.
> Packages should *always* be built by downloading the source tarball and
> using makepkg(8) which will result in a correct epoch, regardless of
> what the AUR reports.
>
> However, having no epoch support might break upgrades with AUR helpers
> that use the parsed version number to check for updates. The commit
> message should be fixed to reflect this.
>
>>
>> The epoch field is taken into consideration now, and if not 0,
>> will be prepended to the final Version field (example: 1:5.0-1)
>> ---
>> web/html/pkgsubmit.php | 18 ++++++++++++------
>> 1 files changed, 12 insertions(+), 6 deletions(-)
>>
>> diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
>> index b5fe3b7..699b64f 100644
>> --- a/web/html/pkgsubmit.php
>> +++ b/web/html/pkgsubmit.php
>> @@ -240,6 +240,8 @@ if ($uid):
>> }
>> $new_pkgbuild[$k] = $v;
>> }
>> +
>> + $new_pkgbuild['epoch'] = (isset($new_pkgbuild['epoch']) ? (int)$new_pkgbuild['epoch'] : 0);
>
> Don't do that here. Sanitizing strings never is a mistake but we should
> refactor our code if we want to do that. Just coerce the epoch value
> into an integer when doing the "$pkg_version" assignment below.
>
>> }
>>
>> # Now we've parsed the pkgbuild, let's move it to where it belongs
>> @@ -324,11 +326,16 @@ if ($uid):
>> db_query($q, $dbh);
>> }
>>
>> + if ($new_pkgbuild['epoch'] !== 0) {
>
> See above. Something like "if (isset($new_pkgbuild['epoch']) &&
> (int)$new_pkgbuild['epoch'] != 0)" might work. Also, move this out of
> the if block. Otherwise, "$pkg_version" will be unset in case someone
> does an initial package submission (check the else case).
>
>> + $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']);
>> + } else {
>> + $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']);
>> + }
>> +
>> # Update package data
>> - $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s-%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d",
>> + $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d",
>> mysql_real_escape_string($new_pkgbuild['pkgname']),
>> - mysql_real_escape_string($new_pkgbuild['pkgver']),
>> - mysql_real_escape_string($new_pkgbuild['pkgrel']),
>> + mysql_real_escape_string($pkg_version),
>> mysql_real_escape_string($new_pkgbuild['license']),
>> mysql_real_escape_string($new_pkgbuild['pkgdesc']),
>> mysql_real_escape_string($new_pkgbuild['url']),
>> @@ -339,11 +346,10 @@ if ($uid):
>>
>> } else {
>> # This is a brand new package
>> - $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s-%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)",
>> + $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)",
>> mysql_real_escape_string($new_pkgbuild['pkgname']),
>> mysql_real_escape_string($new_pkgbuild['license']),
>> - mysql_real_escape_string($new_pkgbuild['pkgver']),
>> - mysql_real_escape_string($new_pkgbuild['pkgrel']),
>> + mysql_real_escape_string($pkg_version),
>> mysql_real_escape_string($_REQUEST['category']),
>> mysql_real_escape_string($new_pkgbuild['pkgdesc']),
>> mysql_real_escape_string($new_pkgbuild['url']),
>> --
>> 1.7.5.2
>>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: honor_pkgbuild_epoch_revised.patch
Type: text/x-patch
Size: 3463 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/aur-dev/attachments/20110624/b65e2bdf/attachment.bin>
More information about the aur-dev
mailing list