pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/mk Make the check-vulnerable target more self-sufficie...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/bce42392689a
branches:  trunk
changeset: 515635:bce42392689a
user:      jlam <jlam%pkgsrc.org@localhost>
date:      Wed Jul 05 09:08:35 2006 +0000

description:
Make the check-vulnerable target more self-sufficient, by moving some
of the logic from fetch/fetch.mk into flavor/pkg/check.mk, so that
check-vulnerable can be used as a source target.

Make check-vulnerable a source target for every phase of the build
workflow, which ensures that it is always run if the user starts a
new phase from the command line.

Fix the cookie-generation targets so that they don't append, only
overwrite to the cookie file.  This works around potential problems
due to recursive makes.

Move the cookie checks so that they surround the corresponding phase
target.  The presence of the cookie should now inform the make process
to avoid doing any processing of phases that occur before the phase
corresponding to the cookie.

diffstat:

 mk/build/bsd.build.mk         |   4 +-
 mk/build/build.mk             |  13 +++++-----
 mk/build/test.mk              |   5 ++-
 mk/check/check-vulnerable.mk  |   6 ++++-
 mk/configure/bsd.configure.mk |   4 +-
 mk/configure/configure.mk     |  13 +++++-----
 mk/depends/depends.mk         |  12 +++++-----
 mk/extract/extract.mk         |  15 ++++++-----
 mk/fetch/fetch.mk             |  22 +----------------
 mk/flavor/pkg/check.mk        |  51 ++++++++++++++++++++++++++++++++----------
 mk/install/bsd.install.mk     |   4 +-
 mk/install/install.mk         |  13 +++++-----
 mk/package/package.mk         |  16 +++++++-----
 mk/patch/patch.mk             |  15 +++++++-----
 mk/tools/bsd.tools.mk         |  14 +++++-----
 mk/wrapper/bsd.wrapper.mk     |  14 +++++------
 16 files changed, 121 insertions(+), 100 deletions(-)

diffs (truncated from 588 to 300 lines):

diff -r 32b9263cc30d -r bce42392689a mk/build/bsd.build.mk
--- a/mk/build/bsd.build.mk     Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/build/bsd.build.mk     Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: bsd.build.mk,v 1.1 2006/07/05 06:09:15 jlam Exp $
+# $NetBSD: bsd.build.mk,v 1.2 2006/07/05 09:08:35 jlam Exp $
 #
 # This Makefile fragment is included by bsd.pkg.mk and provides all
 # variables and targets related to building sources for a package.
@@ -40,4 +40,4 @@
 .PHONY: build-cookie
 build-cookie:
        ${_PKG_SILENT}${_PKG_DEBUG}${MKDIR} ${_BUILD_COOKIE:H}
-       ${_PKG_SILENT}${_PKG_DEBUG}${ECHO} ${PKGNAME} >> ${_BUILD_COOKIE}
+       ${_PKG_SILENT}${_PKG_DEBUG}${ECHO} ${PKGNAME} > ${_BUILD_COOKIE}
diff -r 32b9263cc30d -r bce42392689a mk/build/build.mk
--- a/mk/build/build.mk Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/build/build.mk Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: build.mk,v 1.1 2006/07/05 06:09:15 jlam Exp $
+# $NetBSD: build.mk,v 1.2 2006/07/05 09:08:35 jlam Exp $
 #
 # BUILD_MAKE_FLAGS is the list of arguments that is passed to the make
 #      process.
@@ -14,6 +14,7 @@
 ######################################################################
 ### build is a public target to build the sources from the package.
 ###
+_BUILD_TARGETS+=       check-vulnerable
 _BUILD_TARGETS+=       configure
 _BUILD_TARGETS+=       acquire-build-lock
 _BUILD_TARGETS+=       ${_BUILD_COOKIE}
@@ -22,20 +23,20 @@
 
 .PHONY: build
 .if !target(build)
+.  if !exists(${_BUILD_COOKIE})
 build: ${_BUILD_TARGETS}
+.  else
+build:
+       @${DO_NADA}
+.  endif
 .endif
 
 .PHONY: acquire-build-lock release-build-lock
 acquire-build-lock: acquire-lock
 release-build-lock: release-lock
 
-.if !exists(${_BUILD_COOKIE})
 ${_BUILD_COOKIE}:
        ${_PKG_SILENT}${_PKG_DEBUG}cd ${.CURDIR} && ${SETENV} ${BUILD_ENV} ${MAKE} ${MAKEFLAGS} real-build PKG_PHASE=build || ${PKG_ERROR_HANDLER.build}
-.else
-${_BUILD_COOKIE}:
-       @${DO_NADA}
-.endif
 
 PKG_ERROR_CLASSES+=    build
 PKG_ERROR_MSG.build=                                                   \
diff -r 32b9263cc30d -r bce42392689a mk/build/test.mk
--- a/mk/build/test.mk  Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/build/test.mk  Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: test.mk,v 1.1 2006/07/05 06:09:15 jlam Exp $
+# $NetBSD: test.mk,v 1.2 2006/07/05 09:08:35 jlam Exp $
 #
 # TEST_DIRS is the list of directories in which to perform the build
 #      process.  If the directories are relative paths, then they
@@ -19,6 +19,7 @@
 ######################################################################
 ### build is a public target to build the sources from the package.
 ###
+_TEST_TARGETS+=        check-vulnerable
 _TEST_TARGETS+=        build
 _TEST_TARGETS+=        acquire-test-lock
 _TEST_TARGETS+=        ${_TEST_COOKIE}
@@ -120,4 +121,4 @@
 .PHONY: test-cookie
 test-cookie:
        ${_PKG_SILENT}${_PKG_DEBUG}${MKDIR} ${_TEST_COOKIE:H}
-       ${_PKG_SILENT}${_PKG_DEBUG}${ECHO} ${PKGNAME} >> ${_TEST_COOKIE}
+       ${_PKG_SILENT}${_PKG_DEBUG}${ECHO} ${PKGNAME} > ${_TEST_COOKIE}
diff -r 32b9263cc30d -r bce42392689a mk/check/check-vulnerable.mk
--- a/mk/check/check-vulnerable.mk      Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/check/check-vulnerable.mk      Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: check-vulnerable.mk,v 1.2 2006/06/05 22:49:44 jlam Exp $
+# $NetBSD: check-vulnerable.mk,v 1.3 2006/07/05 09:08:35 jlam Exp $
 
 ###########################################################################
 ### check-vulnerable (PRIVATE, override)
@@ -9,5 +9,9 @@
 .PHONY: check-vulnerable
 .if !target(check-vulnerable)
 check-vulnerable:
+.  if defined(ALLOW_VULNERABLE_PACKAGES)
+       @${DO_NADA}
+.  else
        @${PHASE_MSG} "Skipping vulnerability checks."
+.  endif
 .endif
diff -r 32b9263cc30d -r bce42392689a mk/configure/bsd.configure.mk
--- a/mk/configure/bsd.configure.mk     Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/configure/bsd.configure.mk     Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: bsd.configure.mk,v 1.1 2006/07/05 06:09:15 jlam Exp $
+# $NetBSD: bsd.configure.mk,v 1.2 2006/07/05 09:08:35 jlam Exp $
 #
 # This Makefile fragment is included by bsd.pkg.mk and provides all
 # variables and targets related to configuring packages for building.
@@ -36,4 +36,4 @@
 .PHONY: configure-cookie
 configure-cookie:
        ${_PKG_SILENT}${_PKG_DEBUG}${MKDIR} ${_CONFIGURE_COOKIE:H}
-       ${_PKG_SILENT}${_PKG_DEBUG}${ECHO} ${PKGNAME} >> ${_CONFIGURE_COOKIE}
+       ${_PKG_SILENT}${_PKG_DEBUG}${ECHO} ${PKGNAME} > ${_CONFIGURE_COOKIE}
diff -r 32b9263cc30d -r bce42392689a mk/configure/configure.mk
--- a/mk/configure/configure.mk Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/configure/configure.mk Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: configure.mk,v 1.1 2006/07/05 06:09:15 jlam Exp $
+# $NetBSD: configure.mk,v 1.2 2006/07/05 09:08:35 jlam Exp $
 #
 # CONFIGURE_SCRIPT is the path to the script to run in order to
 #      configure the software for building.  If the path is relative,
@@ -40,6 +40,7 @@
 ######################################################################
 ### configure is a public target to configure the sources for building.
 ###
+_CONFIGURE_TARGETS+=   check-vulnerable
 _CONFIGURE_TARGETS+=   wrapper
 _CONFIGURE_TARGETS+=   acquire-configure-lock
 _CONFIGURE_TARGETS+=   ${_CONFIGURE_COOKIE}
@@ -47,20 +48,20 @@
 
 .PHONY: configure
 .if !target(configure)
+.  if !exists(${_CONFIGURE_COOKIE})
 configure: ${_CONFIGURE_TARGETS}
+.  else
+configure:
+       @${DO_NADA}
+.  endif
 .endif
 
 .PHONY: acquire-configure-lock release-configure-lock
 acquire-configure-lock: acquire-lock
 release-configure-lock: release-lock
 
-.if !exists(${_CONFIGURE_COOKIE})
 ${_CONFIGURE_COOKIE}:
        ${_PKG_SILENT}${_PKG_DEBUG}cd ${.CURDIR} && ${SETENV} ${BUILD_ENV} ${MAKE} ${MAKEFLAGS} real-configure PKG_PHASE=configure || ${PKG_ERROR_HANDLER.configure}
-.else
-${_CONFIGURE_COOKIE}:
-       @${DO_NADA}
-.endif
 
 PKG_ERROR_CLASSES+=    configure
 PKG_ERROR_MSG.configure=                                               \
diff -r 32b9263cc30d -r bce42392689a mk/depends/depends.mk
--- a/mk/depends/depends.mk     Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/depends/depends.mk     Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: depends.mk,v 1.7 2006/06/09 13:59:08 jlam Exp $
+# $NetBSD: depends.mk,v 1.8 2006/07/05 09:08:35 jlam Exp $
 
 ######################################################################
 ### depends (PUBLIC)
@@ -12,19 +12,19 @@
 
 .PHONY: depends
 .if !target(depends)
+.  if !exists(${_DEPENDS_COOKIE})
 depends: ${_DEPENDS_TARGETS}
+.  else
+depends:
+       @${DO_NADA}
+.  endif
 .endif
 
 .PHONY: acquire-depends-lock release-depends-lock
 acquire-depends-lock: acquire-lock
 release-depends-lock: release-lock
 
-.if !exists(${_DEPENDS_COOKIE})
 ${_DEPENDS_COOKIE}: real-depends
-.else
-${_DEPENDS_COOKIE}:
-       @${DO_NADA}
-.endif
 
 ######################################################################
 ### real-depends (PRIVATE)
diff -r 32b9263cc30d -r bce42392689a mk/extract/extract.mk
--- a/mk/extract/extract.mk     Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/extract/extract.mk     Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: extract.mk,v 1.7 2006/06/09 13:59:08 jlam Exp $
+# $NetBSD: extract.mk,v 1.8 2006/07/05 09:08:35 jlam Exp $
 #
 # The following variables may be set by the package Makefile and
 # specify how extraction happens:
@@ -42,6 +42,7 @@
 ######################################################################
 ### extract is a public target to perform extraction.
 ###
+_EXTRACT_TARGETS+=     check-vulnerable
 _EXTRACT_TARGETS+=     checksum
 _EXTRACT_TARGETS+=     makedirs
 _EXTRACT_TARGETS+=     depends
@@ -52,19 +53,19 @@
 
 .PHONY: extract
 .if !target(extract)
+.  if !exists(${_EXTRACT_COOKIE})
 extract: ${_EXTRACT_TARGETS}
+.  else
+extract:
+       @${DO_NADA}
+.  endif
 .endif
 
 .PHONY: acquire-extract-lock release-extract-lock
 acquire-extract-lock: acquire-lock
 release-extract-lock: release-lock
 
-.if !exists(${_EXTRACT_COOKIE})
 ${_EXTRACT_COOKIE}: real-extract
-.else
-${_EXTRACT_COOKIE}:
-       @${DO_NADA}
-.endif
 
 ######################################################################
 ### real-extract (PRIVATE)
@@ -114,7 +115,7 @@
 .PHONY: extract-cookie
 extract-cookie:
        ${_PKG_SILENT}${_PKG_DEBUG}${MKDIR} ${_EXTRACT_COOKIE:H}
-       ${_PKG_SILENT}${_PKG_DEBUG}${ECHO} ${PKGNAME} >> ${_EXTRACT_COOKIE}
+       ${_PKG_SILENT}${_PKG_DEBUG}${ECHO} ${PKGNAME} > ${_EXTRACT_COOKIE}
 
 ######################################################################
 ### pre-extract, do-extract, post-extract (PUBLIC, override)
diff -r 32b9263cc30d -r bce42392689a mk/fetch/fetch.mk
--- a/mk/fetch/fetch.mk Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/fetch/fetch.mk Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: fetch.mk,v 1.4 2006/06/20 14:54:03 jlam Exp $
+# $NetBSD: fetch.mk,v 1.5 2006/07/05 09:08:35 jlam Exp $
 
 ######################################################################
 ### fetch (PUBLIC)
@@ -8,7 +8,7 @@
 ###
 .PHONY: fetch
 .if !target(fetch)
-fetch: pre-fetch do-fetch post-fetch
+fetch: check-vulnerable pre-fetch do-fetch post-fetch
 .endif
 
 # If this host is behind a filtering firewall, use passive ftp(1)
@@ -262,24 +262,6 @@
 .PHONY: do-fetch
 .if !target(do-fetch)
 do-fetch: ${FAILOVER_FETCH:Duptodate-digest}
-.  if !defined(ALLOW_VULNERABLE_PACKAGES)
-       ${_PKG_SILENT}${_PKG_DEBUG}                                     \
-       if [ -f ${PKGVULNDIR}/pkg-vulnerabilities ]; then               \
-               ${PHASE_MSG} "Checking for vulnerabilities in ${PKGNAME}"; \
-               vul=`${MAKE} ${MAKEFLAGS} check-vulnerable`;            \
-               case "$$vul" in                                         \
-               "")     ;;                                              \
-               *)      ${ECHO} "$$vul";                                \
-                       ${ECHO} "or define ALLOW_VULNERABLE_PACKAGES if this package is absolutely essential"; \
-                       ${FALSE} ;;                                     \
-               esac;                                                   \
-       else                                                            \
-               ${PHASE_MSG} "Skipping vulnerability checks.";          \
-               ${WARNING_MSG} "No ${PKGVULNDIR}/pkg-vulnerabilities file found."; \
-               ${WARNING_MSG} "To fix, install the pkgsrc/security/audit-packages"; \
-               ${WARNING_MSG} "package and run: \`\`${LOCALBASE}/sbin/download-vulnerability-list''."; \
-       fi
-.  endif
 .  if !empty(_ALLFILES)
        ${_PKG_SILENT}${_PKG_DEBUG}                                     \
        ${TEST} -d ${_DISTDIR} || ${MKDIR} ${_DISTDIR}
diff -r 32b9263cc30d -r bce42392689a mk/flavor/pkg/check.mk
--- a/mk/flavor/pkg/check.mk    Wed Jul 05 08:43:21 2006 +0000
+++ b/mk/flavor/pkg/check.mk    Wed Jul 05 09:08:35 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: check.mk,v 1.1 2006/06/03 23:11:42 jlam Exp $
+# $NetBSD: check.mk,v 1.2 2006/07/05 09:08:35 jlam Exp $
 
 ######################################################################
 ### check-vulnerable (PUBLIC, pkgsrc/mk/check/check.mk)
@@ -12,16 +12,43 @@
 ###
 .PHONY: check-vulnerable
 check-vulnerable:
-       @if [ ! -z "${PKG_SYSCONFDIR.audit-packages}" -a -f ${PKG_SYSCONFDIR.audit-packages}/audit-packages.conf ]; then \



Home | Main Index | Thread Index | Old Index