* [PATCH v2] insane: add sanity checks to SRC_URI
@ 2019-05-17 23:37 Ross Burton
2019-05-18 11:52 ` Adrian Bunk
2019-05-22 15:48 ` Martin Jansa
0 siblings, 2 replies; 5+ messages in thread
From: Ross Burton @ 2019-05-17 23:37 UTC (permalink / raw)
To: openembedded-core
The SRC_URI almost definitely shouldn't be using ${PN}, and GitHub */archive/*
tarballs are dynamically generated so the checksums will change over time.
Detect both of these, and emit a QA warning if found.
Signed-off-by: Ross Burton <ross.burton@intel.com>
---
meta/classes/insane.bbclass | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index 9ca5aefe544..59bb8be5470 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -25,7 +25,7 @@ QA_SANE = "True"
WARN_QA ?= "ldflags useless-rpaths rpaths staticdev libdir xorg-driver-abi \
textrel already-stripped incompatible-license files-invalid \
installed-vs-shipped compile-host-path install-host-path \
- pn-overrides infodir build-deps \
+ pn-overrides infodir build-deps src-uri-bad \
unknown-configure-option symlink-to-sysroot multilib \
invalid-packageconfig host-user-contaminated uppercase-pn patch-fuzz \
"
@@ -898,6 +898,17 @@ def package_qa_check_host_user(path, name, d, elf, messages):
return False
return True
+QARECIPETEST[src-uri-bad] = "package_qa_check_src_uri"
+def package_qa_check_src_uri(pn, d, messages):
+ import re
+
+ if "${PN}" in d.getVar("SRC_URI", False):
+ package_qa_handle_error("src-uri-bad", "%s: SRC_URI uses PN not BPN" % pn, d)
+
+ pn = d.getVar("SRC_URI")
+ if re.search(r"github\.com/.+/.+/archive/.+", pn):
+ package_qa_handle_error("src-uri-bad", "%s: SRC_URI uses unstable GitHub archives" % pn, d)
+
# The PACKAGE FUNC to scan each package
python do_package_qa () {
--
2.20.1 (Apple Git-117)
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2] insane: add sanity checks to SRC_URI
2019-05-17 23:37 [PATCH v2] insane: add sanity checks to SRC_URI Ross Burton
@ 2019-05-18 11:52 ` Adrian Bunk
2019-05-22 15:48 ` Martin Jansa
1 sibling, 0 replies; 5+ messages in thread
From: Adrian Bunk @ 2019-05-18 11:52 UTC (permalink / raw)
To: Ross Burton; +Cc: openembedded-core
On Fri, May 17, 2019 at 04:37:43PM -0700, Ross Burton wrote:
> The SRC_URI almost definitely shouldn't be using ${PN}, and GitHub */archive/*
> tarballs are dynamically generated so the checksums will change over time.
>...
It might be worth mentioning that this is for archive, not releases.
GitHub release tarballs are stable, and they are preferable to commit ids.
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] insane: add sanity checks to SRC_URI
2019-05-17 23:37 [PATCH v2] insane: add sanity checks to SRC_URI Ross Burton
2019-05-18 11:52 ` Adrian Bunk
@ 2019-05-22 15:48 ` Martin Jansa
2019-05-22 22:23 ` Richard Purdie
1 sibling, 1 reply; 5+ messages in thread
From: Martin Jansa @ 2019-05-22 15:48 UTC (permalink / raw)
To: Ross Burton; +Cc: Patches and discussions about the oe-core layer
[-- Attachment #1: Type: text/plain, Size: 2453 bytes --]
Can we add an option to skip this with INSANE_SKIP?
It looks like QARECIPETEST doesn't use INSANE_SKIP or I don't see how.
Removing src-uri-bad from ERROR_QA/WARN_QA for some recipes works as well,
is it worth adding INSANE_SKIP for consistency with other checks or not?
On Sat, May 18, 2019 at 1:37 AM Ross Burton <ross.burton@intel.com> wrote:
> The SRC_URI almost definitely shouldn't be using ${PN}, and GitHub
> */archive/*
> tarballs are dynamically generated so the checksums will change over time.
>
> Detect both of these, and emit a QA warning if found.
>
> Signed-off-by: Ross Burton <ross.burton@intel.com>
> ---
> meta/classes/insane.bbclass | 13 ++++++++++++-
> 1 file changed, 12 insertions(+), 1 deletion(-)
>
> diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
> index 9ca5aefe544..59bb8be5470 100644
> --- a/meta/classes/insane.bbclass
> +++ b/meta/classes/insane.bbclass
> @@ -25,7 +25,7 @@ QA_SANE = "True"
> WARN_QA ?= "ldflags useless-rpaths rpaths staticdev libdir
> xorg-driver-abi \
> textrel already-stripped incompatible-license files-invalid \
> installed-vs-shipped compile-host-path install-host-path \
> - pn-overrides infodir build-deps \
> + pn-overrides infodir build-deps src-uri-bad \
> unknown-configure-option symlink-to-sysroot multilib \
> invalid-packageconfig host-user-contaminated uppercase-pn
> patch-fuzz \
> "
> @@ -898,6 +898,17 @@ def package_qa_check_host_user(path, name, d, elf,
> messages):
> return False
> return True
>
> +QARECIPETEST[src-uri-bad] = "package_qa_check_src_uri"
> +def package_qa_check_src_uri(pn, d, messages):
> + import re
> +
> + if "${PN}" in d.getVar("SRC_URI", False):
> + package_qa_handle_error("src-uri-bad", "%s: SRC_URI uses PN not
> BPN" % pn, d)
> +
> + pn = d.getVar("SRC_URI")
> + if re.search(r"github\.com/.+/.+/archive/.+", pn):
> + package_qa_handle_error("src-uri-bad", "%s: SRC_URI uses unstable
> GitHub archives" % pn, d)
> +
>
> # The PACKAGE FUNC to scan each package
> python do_package_qa () {
> --
> 2.20.1 (Apple Git-117)
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
[-- Attachment #2: Type: text/html, Size: 3343 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] insane: add sanity checks to SRC_URI
2019-05-22 15:48 ` Martin Jansa
@ 2019-05-22 22:23 ` Richard Purdie
2019-05-23 9:24 ` Alexander Kanavin
0 siblings, 1 reply; 5+ messages in thread
From: Richard Purdie @ 2019-05-22 22:23 UTC (permalink / raw)
To: Martin Jansa, Ross Burton; +Cc: Patches and discussions about the oe-core layer
On Wed, 2019-05-22 at 17:48 +0200, Martin Jansa wrote:
> Can we add an option to skip this with INSANE_SKIP?
>
> It looks like QARECIPETEST doesn't use INSANE_SKIP or I don't see
> how.
>
> Removing src-uri-bad from ERROR_QA/WARN_QA for some recipes works as
> well, is it worth adding INSANE_SKIP for consistency with other
> checks or not?
Ultimately I'd say that all these checks should work with INSANE_SKIP.
I was just wondering about this issue myself for the chkconfig
autobuilder warnings...
Cheers,
Richard
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] insane: add sanity checks to SRC_URI
2019-05-22 22:23 ` Richard Purdie
@ 2019-05-23 9:24 ` Alexander Kanavin
0 siblings, 0 replies; 5+ messages in thread
From: Alexander Kanavin @ 2019-05-23 9:24 UTC (permalink / raw)
To: Richard Purdie; +Cc: Patches and discussions about the oe-core layer
On Thu, 23 May 2019 at 00:24, Richard Purdie
<richard.purdie@linuxfoundation.org> wrote:
> Ultimately I'd say that all these checks should work with INSANE_SKIP.
> I was just wondering about this issue myself for the chkconfig
> autobuilder warnings...
chkconfig can be easily addressed by switching to git:// I think. Patch coming.
Alex
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-05-23 9:24 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-05-17 23:37 [PATCH v2] insane: add sanity checks to SRC_URI Ross Burton
2019-05-18 11:52 ` Adrian Bunk
2019-05-22 15:48 ` Martin Jansa
2019-05-22 22:23 ` Richard Purdie
2019-05-23 9:24 ` Alexander Kanavin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.