On 4/27/19 11:00 PM, Allan McRae wrote: > On 28/4/19 12:49 pm, Eli Schwartz wrote: >> On 4/27/19 4:38 AM, Ralph Corderoy wrote: >>> Hi Jan, >>> >>>>> This happens because find_pkgentry() fails to account the case where >>>>> globbing fails and the expression is taken literally. >>>> >>>> Maybe we should use failglob instead to provoke an error? >>> >>> Wouldn't nullglob be better to skip the loop's body? >>> >>> $ touch foo bar >>> $ ls >>> bar foo >>> $ >>> $ shopt -u nullglob failglob >>> $ for f in *; do echo = $f; done >>> = bar >>> = foo >>> $ rm foo >>> $ for f in *; do echo = $f; done >>> = bar >>> $ rm bar >>> $ for f in *; do echo = $f; done >>> = * >>> $ >>> $ touch foo bar >>> $ shopt -s nullglob >>> $ for f in *; do echo = $f; done >>> = bar >>> = foo >>> $ rm foo >>> $ for f in *; do echo = $f; done >>> = bar >>> $ rm bar >>> $ for f in *; do echo = $f; done >>> $ >> >> All three of you are wrong, or at least missing the point. :) >> >> [[ foo = f* ]] is defined to have pattern-matching context, and in this >> case, [[ pkgname* = pkgname** ]] matches true. If we do not want this >> behavior, we need to quote this -- and by properly quoting where we are >> supposed to quote, we don't need to stat for file existence, we don't >> need to change the way the whole script handles globs, and we still get >> the failing action we want. To be more precise, we get the exact >> behavior and method of acquiring that behavior, which was originally >> intended. >> >> There are also other cases where this could matter, some of which are >> long shots. >> > > We probably need to work on the enforcement of pkgname rules from > makepkg into repo-add as well: > > pkgname (array) > Either the name of the package or an array of names for split > packages. Valid characters for members of this array are > alphanumerics, and any of the following characters: “@ . _ + -”. > Additionally, names are not allowed to start with hyphens or dots. > > Can probably link in libmakepkg into here to do so. Although I'd like > to move repo-add to using libalpm, and we need to enforce rules here too...
Moving to libalpm would be nice, also because repo-add is some hairy code and I'm almost afraid to touch it. :p I'm unsure what some of the logic in there is doing. Spent like 15 minutes trying to figure out why db_remove_entry is even an infinite loop at all (but then Andrew pointed out even if we don't support multiple versions of a pkgname in a database, it probably makes sense to not fail to remove them if they get created some other way). -- Eli Schwartz Bug Wrangler and Trusted User
signature.asc
Description: OpenPGP digital signature
