1. 09 Jan, 2019 2 commits
  2. 02 Dec, 2018 1 commit
  3. 08 Nov, 2018 2 commits
  4. 11 Oct, 2018 1 commit
    • Sören Tempel's avatar
      abuild-rmtemp: Do not follow symbolic links · 17cb68e9
      Sören Tempel authored
      Symbolic links might point to files outside of the chroot and
      thus might delete files outside the chroot. This allows deletion
      of arbitrary directories on the host from a malicious APKBUILD.
      
      Following hard links shouldn't be a problem since hard links (usually)
      cannot refer to directories and since remove(3) removes the link, not
      the file it points to it shouldn't cause a problem.
      
      I noticed this because alpine-baselayout creates /var/run as a symlink
      to /run. Therefore causing /run to be deleted on the host when using
      abuild-rmtemp which in turn causes a bunch of software to no longer
      function properly (including OpenRC).
      17cb68e9
  5. 03 Oct, 2018 20 commits
  6. 24 Sep, 2018 2 commits
  7. 29 Jul, 2018 1 commit
  8. 22 Jun, 2018 1 commit
  9. 21 Jun, 2018 1 commit
    • Oliver Smith's avatar
      newapkbuild: check arguments and improve usage() · a68354eb
      Oliver Smith authored
      Changes:
      * argument sanity checks:
        * `PKGNAME[-PKGVER] | SRCURL`
          * check if missing
          * check if specified more than once (see below)
        * specifying more than one buildtype flag
        * `-n` (set pkgname) without using SRCURL as last argument
        * `-s` (sourceforge source) without using PKGNAME as last argument
      * Typo fix: exist -> exists
      * `usage()`:
        * always print PKGNAME and PKGDESC (instead of NAME and DESC,
          NAME was used in one place and PKGNAME in another)
        * link to <https://spdx.org/licenses/>
        * `-m` (meson) flag was missing in short usage line at the top
        * indicate that the buildtypes are exclusive
        * `-c` flag: remove "to new directory" wording to make the
          message shorter (this should be obvious)
        * remove empty line at the end
      
      NOTE: Before this commit, the `PKGNAME[-PKGVER] | SRCURL` was allowed
      to be specified more than once, and the code looped over the arguments.
      But this was not documented in `usage()` and had unexpected results:
      
      ```
      $ newapkbuild first second third
      $ tree
      .
      ___ first
          ___ APKBUILD
          ___ first
          ___ ___ APKBUILD
          ___ ___ first
          ___ ___ ___ APKBUILD
          ___ ___ ___ src
          ___ ___ src
          ___ src
      ```
      a68354eb
  10. 31 May, 2018 2 commits
    • Natanael Copa's avatar
      ==== release 3.2.0_rc2 ==== · 0bb0bd84
      Natanael Copa authored
      0bb0bd84
    • Natanael Copa's avatar
      abuild: fix race when stripping · c0a86293
      Natanael Copa authored
      scanelf may pick up tempfiles created by strip or setfattr since it runs
      in spearate process and pipes the out to a subshell. This causes a race
      and may lead to the while loop attempt to strip seomthing that no longer
      exists.
      
      We fix that by test if file exists before try manipulate it. We could
      have written he file list to a temp file first, but this way we benefit
      from multiple cores working in parallel.
      c0a86293
  11. 24 May, 2018 2 commits
    • A. Wilcox's avatar
      newapkbuild: move checksum call to after fetch · 75b8caca
      A. Wilcox authored
      unpack will no longer unpack without a checksum, even with -f.  This
      means that newapkbuild will not be able to deduce what kind of build
      system is contained within, so the templates for CMake, Perl, etc are
      never used.
      
      This patch ensures checksumming is done right after fetch, so that
      unpack works properly.
      75b8caca
    • A. Wilcox's avatar
      newapkbuild: fix typo · db5ca299
      A. Wilcox authored
      db5ca299
  12. 07 May, 2018 2 commits
  13. 24 Apr, 2018 1 commit
  14. 22 Apr, 2018 1 commit
    • Sören Tempel's avatar
      abuild.in: don't fail if git describe fails · 720a2c18
      Sören Tempel authored
      `git describe` by default looks for tags, but `git clone` does not clone
      tags by default which causes failures on travis currently.
      
      Also redirect `git describe` errors to /dev/null while being here.
      720a2c18
  15. 17 Apr, 2018 1 commit