From ae059fd558cbfb78f59d195cff0817d0785d96ac Mon Sep 17 00:00:00 2001
From: Sertonix <sertonix@posteo.net>
Date: Sun, 9 Jun 2024 15:16:30 +0200
Subject: [PATCH] abuild: drop support for md5 and sha1 checksums
---
abuild.in | 29 +++++++++--------------------
sample.APKBUILD | 2 +-
tests/abuild_test | 4 ++--
3 files changed, 12 insertions(+), 23 deletions(-)
diff --git a/abuild.in b/abuild.in
index 7ac3b3de..2078c631 100644
--- a/abuild.in
+++ b/abuild.in
@@ -272,7 +272,7 @@ default_sanitycheck() {
*::*) i=${i%%::*};;
https://*) makedepends_has wget && warning "wget no longer need to be in makedepends when source has https://" ;;
esac
- list_has ${i##*/} $md5sums $sha256sums $sha512sums \
+ list_has ${i##*/} $sha256sums $sha512sums \
|| die "${i##*/} is missing in checksums"
# verify that our source does not have git tag version
@@ -288,7 +288,7 @@ default_sanitycheck() {
# verify that things listed in checksum also is listed in source
local algo=
- for algo in md5 sha256 sha512; do
+ for algo in sha256 sha512; do
eval set -- \$${algo}sums
while [ $# -gt 1 ]; do
local file="$2"
@@ -368,16 +368,10 @@ sumcheck() {
return $endreturnval
}
-# for compatibility
-md5check() {
- warning "'md5check' is deprecated. Use 'verify' instead"
- sumcheck md5 "$md5sums"
-}
-
# verify checksums
verify() {
local verified=false algo=
- for algo in sha512 sha256 sha1 md5; do
+ for algo in sha512 sha256; do
local sums=
eval sums=\"\$${algo}sums\"
if [ -z "$sums" ] || [ -z "$source" ]; then
@@ -2392,17 +2386,17 @@ builddeps() {
deps || return 1
}
-# replace the md5sums in the APKBUILD
+# replace the sha512sums in the APKBUILD
checksum() {
local s files
- [ -z "$source" ] && [ -n "${md5sums}${sha256sums}${sha512sums}" ] \
+ [ -z "$source" ] && [ -n "${sha256sums}${sha512sums}" ] \
&& msg "Removing checksums from $APKBUILD"
sed -E -i \
- -e '/^(md5|sha[0-9]+)sums=".*"$/d' \
- -e '/^(md5|sha[0-9]+)sums="/,/"$/d' \
+ -e '/^sha[0-9]+sums=".*"$/d' \
+ -e '/^sha[0-9]+sums="/,/"$/d' \
\
- -e "/^(md5|sha[0-9]+)sums='.*'\$/d" \
- -e "/^(md5|sha[0-9]+)sums='/,/'\$/d" \
+ -e "/^sha[0-9]+sums='.*'\$/d" \
+ -e "/^sha[0-9]+sums='/,/'\$/d" \
"$APKBUILD"
[ -z "$source" ] && return 0
@@ -2416,7 +2410,6 @@ checksum() {
done
msg "Updating the sha512sums in $APKBUILD..."
- md5sums=
sha256sums=
sha512sums="$(cd "$srcdir" && sha512sum $files)" \
|| die "sha512sum failed"
@@ -2681,10 +2674,6 @@ makedepends_has() {
deplist_has "$1" $makedepends
}
-md5sums_has() {
- list_has "$1" $md5sums
-}
-
install_has() {
list_has "$1" $install
}
diff --git a/sample.APKBUILD b/sample.APKBUILD
index 7df007c6..876e1e03 100644
--- a/sample.APKBUILD
+++ b/sample.APKBUILD
@@ -50,4 +50,4 @@ check() {
# make check
}
-md5sums="" #generate with 'abuild checksum'
+sha512sums="" #generate with 'abuild checksum'
diff --git a/tests/abuild_test b/tests/abuild_test
index 8812fdfb..ea5c7af8 100755
--- a/tests/abuild_test
+++ b/tests/abuild_test
@@ -261,12 +261,12 @@ abuild_reproducible_body() {
pkgs=$(abuild listpkg)
abuild || atf_fail "first build failed"
- checksums=$(cd "$REPODEST"/testrepo/$arch && md5sum $pkgs)
+ checksums=$(cd "$REPODEST"/testrepo/$arch && sha512sum $pkgs)
echo "$checksums"
rm -r "$REPODEST"/testrepo
abuild || atf_fail "rebuild failed"
- checksums2=$(cd "$REPODEST"/testrepo/$arch && md5sum $pkgs)
+ checksums2=$(cd "$REPODEST"/testrepo/$arch && sha512sum $pkgs)
echo "$checksums2"
if [ "$checksums" != "$checksums2" ]; then
--
GitLab