On 04/04/18 07:48, Eli Schwartz wrote: > depends, provides, conflicts, replaces, and other variables that are > meant to contain package names, are now checked to ensure > > 1) the name component contains only characters that would equate to > a valid pkgname. > 2) the version component contains only characters that would equate > to a valid pkgver. > 3) comparison operator is a valid comparison operator (e.g. provides > only allows exact = while optdepends doesn't allow anything) > > This also refactors pkgname into a shared utility function, wires up > pkgbase optdepends and provides to use it, and gives pkgver a touchup > to allow referencing where it was called from. > > Fixes FS#57833 and a bit of extra. >
This looks OK. Quick testing showed it caught a couple of interesting cases without a false positive. Allan
