On 4/28/19 3:06 PM, Eli Schwartz wrote:
>> + local version=$(sed -n '/^%VERSION%$/ {n;p;q}'
>> "$pkgentry/desc")
>> + if (( "$(vercmp $version $pkgver)" > "0" )); then
>
> Neither of these actually need to be quoted, although sure, quoting
> doesn't hurt. But one of them is an integer literal, and vercmp is
> guaranteed to produce another integer literal, so there is no word
> splitting, globbing, or parameter expansion to worry about.
... although since we're not exactly linting the versions to make sure
they are valid, the arguments to vercmp really should be quoted. A
package with metadata which makepkg does not allow, could still
theoretically be created in some other manner; pacman itself is very
forgiving of this.(As mentioned elsewhere, it would be nice if repo-add made use of the linting rules written for makepkg...) -- Eli Schwartz Bug Wrangler and Trusted User
signature.asc
Description: OpenPGP digital signature
