mirror of
https://github.com/Jguer/yay.git
synced 2025-11-29 00:05:47 -05:00
Fix updating of vsc packages
With the addition of pgp key checking in Yay, the srcinfo parsing was moved to before the pkgver() bump, leading to outdated pkgbuild information. Srcinfo parsing must be done after the pkgver() bump The pkgver() bump must be done after downloading sources makepkg's PGP checking is done as the sources download yays PGP importing requires the srcingo to be parsed Quite the chicken and egg problem It is possible to skip the integ checks after the sources download then parse the srcinfo do the yay PGP check then run the integ checks the problem here is that to generate the srcinfo `makepkg --printsrcingo` is ran This causes the pkgbuild to be sourced which I am not comftable with doing without the integ checks. Instead we parse the on disk .SRRCINFO that downloads with the PKGBUILD just for the PGP checking. Later on we parse a fresh srcinfo straight from `makepkg --printsrcingo`. This is a little bit less efficient but more secure than the other option.
This commit is contained in:
morganamilo
parent
7944c73b6c
commit
158b80c5bc
12
install.go
12
install.go
@ -209,12 +209,7 @@ func install(parser *arguments) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
err = parsesrcinfosGenerate(dc.Aur, srcinfos, dc.Bases)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
err = checkPgpKeys(dc.Aur, srcinfos, dc.Bases, nil)
|
||||
err = checkPgpKeys(dc.Aur, dc.Bases, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -224,6 +219,11 @@ func install(parser *arguments) error {
|
||||
return err
|
||||
}
|
||||
|
||||
err = parsesrcinfosGenerate(dc.Aur, srcinfos, dc.Bases)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
err = buildInstallPkgBuilds(dc.Aur, srcinfos, parser.targets, parser, dc.Bases)
|
||||
if err != nil {
|
||||
return err
|
||||
|
||||
10
keys.go
10
keys.go
@ -43,7 +43,7 @@ func (set pgpKeySet) get(key string) bool {
|
||||
// asks the user whether yay should try to import them. gpgExtraArgs are extra
|
||||
// parameters to pass to gpg, in order to facilitate testing, such as using a
|
||||
// different keyring. It can be nil.
|
||||
func checkPgpKeys(pkgs []*rpc.Pkg, srcinfos map[string]*gopkg.PKGBUILD, bases map[string][]*rpc.Pkg, gpgExtraArgs []string) error {
|
||||
func checkPgpKeys(pkgs []*rpc.Pkg, bases map[string][]*rpc.Pkg, gpgExtraArgs []string) error {
|
||||
// Let's check the keys individually, and then we can offer to import
|
||||
// the problematic ones.
|
||||
problematic := make(pgpKeySet)
|
||||
@ -51,7 +51,13 @@ func checkPgpKeys(pkgs []*rpc.Pkg, srcinfos map[string]*gopkg.PKGBUILD, bases ma
|
||||
|
||||
// Mapping all the keys.
|
||||
for _, pkg := range pkgs {
|
||||
for _, key := range srcinfos[pkg.PackageBase].Validpgpkeys {
|
||||
dir := config.BuildDir + pkg.PackageBase + "/"
|
||||
pkgbuild, err := gopkg.ParseSRCINFO(dir + ".SRCINFO")
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s: %s", pkg.Name, err)
|
||||
}
|
||||
|
||||
for _, key := range pkgbuild.Validpgpkeys {
|
||||
// If key already marked as problematic, indicate the current
|
||||
// PKGBUILD requires it.
|
||||
if problematic.get(key) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user