[pacman-dev] [GIT] The official pacman repository branch, master, updated. v5.1.1-214-g2a792ac7

Allan McRae allan at archlinux.org
Mon Oct 7 03:34:45 UTC 2019


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The official pacman repository".

The branch, master has been updated
       via  2a792ac7bb1ceda42767c696e2664819b47ffc3b (commit)
       via  f49233903521f19a1fcba6bf6c36abea71309a1e (commit)
       via  45e01e55c96d9abf8c73f6ee3766b16e5fbefc4d (commit)
       via  6d99a15f0bd9cba4500808114738065903312bf6 (commit)
       via  a6ae5f0a04cd3cac70525f073bdb11e4bb9266e5 (commit)
       via  b4e4b74acea3d652317b030e761300d5c7b437a2 (commit)
       via  bcacb00fc89c04ec0b5e7ebefe3b605b266cef57 (commit)
      from  48752f1b4b16cd1dad56649cd36b253494aa9ff1 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 2a792ac7bb1ceda42767c696e2664819b47ffc3b
Author: Eli Schwartz <eschwartz at archlinux.org>
Date:   Sun Oct 6 23:11:20 2019 -0400

    pacman-key: clean keys on import to remove unknown signatures
    
    There is no good reason to bloat the keyring by importing tons of
    signatures we cannot use; drop any signatures that don't validate
    against another available key (probably the master keys).
    
    If any desired signatures get cleaned, the key can be refreshed after
    importing the new signing public key.
    
    Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
    Signed-off-by: Allan McRae <allan at archlinux.org>

commit f49233903521f19a1fcba6bf6c36abea71309a1e
Author: Eli Schwartz <eschwartz at archlinux.org>
Date:   Sun Oct 6 23:11:19 2019 -0400

    pacman-key: make sure we actually use the Web of Trust, which GnuPG doesn't.
    
    By default, the latest versions of GnuPG disable the Web of Trust and
    refuse to import signatures from public keyservers. This is to prevent
    denial of service attacks, because refusing to import signatures only if
    the key size is too big, is apparently too silly to consider.
    
    Either way, pacman needs the WoT. If pacman imports a key at all, it
    means everything failed and we are in fallback mode, trying to overcome
    a shortcoming in the availability of keys in the keyring package.
    (This commonly means the user needs to acquire a new key during the same
    transaction that updates archlinux-keyring.)
    In order for that new key to be usable, it *must* also import signatures
    from the Master Keys.
    
    I don't give credence to this supposed DoS, since the worst case
    scenario is nothing happening and needing to CTRL+C in order to exit the
    program. In the case of pacman, this is better than being unable to
    install anything at all (which is gnupg doing a much more harmful DoS to
    pacman), and in the already unusual case where something like
    --refresh-keys is being used directly instead of depending on the
    keyring package itself, gnupg supports WKD out of the box and will
    prefer that for people whose keys are marketed as being non-DOSable.
    
    Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
    Signed-off-by: Allan McRae <allan at archlinux.org>

commit 45e01e55c96d9abf8c73f6ee3766b16e5fbefc4d
Author: Eli Schwartz <eschwartz at archlinux.org>
Date:   Mon Aug 5 12:53:09 2019 -0400

    pacman-key: when refreshing gpg.conf, don't truncate option checking
    
    If an option is a two-part option, we print both (separated by IFS=' '),
    but when grepping to see if it already exists, we only checked the first
    component. This means that something like keyserver-options could only
    check if there were existing keyserver options of any sort, but not
    which ones.
    
    Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
    Signed-off-by: Allan McRae <allan at archlinux.org>

commit 6d99a15f0bd9cba4500808114738065903312bf6
Author: Matthew Sexton <WSDMatty at gmail.com>
Date:   Tue Sep 10 05:33:53 2019 -0400

    pacman/pacman-conf, testpkg: Added translatable strings
    
    Added gettext macro to warnings, helps, and errors for translation.
    
    Signed-off-by: Matthew Sexton <wsdmatty at gmail.com>
    Signed-off-by: Allan McRae <allan at archlinux.org>

commit a6ae5f0a04cd3cac70525f073bdb11e4bb9266e5
Author: Matthew Sexton <WSDMatty at gmail.com>
Date:   Sun Sep 8 22:52:57 2019 -0400

    pacman: pacman-conf: removed hputs macro for usage display
    
    Using the macro got in the way of _() macro for translation
    All the macro did was make it so the writer didn't have to type
    \n", stream); at the end of every line.
    
    Signed-off-by: Allan McRae <allan at archlinux.org>

commit b4e4b74acea3d652317b030e761300d5c7b437a2
Author: morganamilo <morganamilo at gmail.com>
Date:   Sun Sep 8 22:45:27 2019 +0100

    libalpm: resolvedep(): don't compare names twice
    
    If we failed to get the pkg from pkgcache then we know no satisfying
    package exists by name. So only compare provides.
    
    Signed-off-by: Allan McRae <allan at archlinux.org>

commit bcacb00fc89c04ec0b5e7ebefe3b605b266cef57
Author: Eli Schwartz <eschwartz at archlinux.org>
Date:   Sun Oct 6 21:33:41 2019 -0400

    makepkg: add rust support for *FLAGS and debug-prefix-map
    
    The rust language supports $RUSTFLAGS to be used automatically in all
    rustc invocations. Allow setting this in makepkg.conf (e.g. for
    optimization or debuginfo support), and teach debug+strip to pass the
    rustc command line argument necessary to rewrite source file paths in
    the debugging symbols.
    
    Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
    Signed-off-by: Allan McRae <allan at archlinux.org>

-----------------------------------------------------------------------

Summary of changes:
 doc/makepkg.conf.5.asciidoc                   |  9 ++++++
 etc/makepkg.conf.in                           |  2 ++
 lib/libalpm/deps.c                            |  3 +-
 scripts/libmakepkg/buildenv.sh.in             |  2 +-
 scripts/libmakepkg/buildenv/buildflags.sh.in  |  2 +-
 scripts/libmakepkg/buildenv/debugflags.sh.in  |  2 ++
 scripts/libmakepkg/lint_config/variable.sh.in |  8 ++---
 scripts/pacman-key.sh.in                      |  8 ++++-
 src/pacman/pacman-conf.c                      | 46 +++++++++++++++------------
 src/util/testpkg.c                            | 29 ++++++++++-------
 10 files changed, 70 insertions(+), 41 deletions(-)


hooks/post-receive
-- 
The official pacman repository


More information about the pacman-dev mailing list