bug#63336: [PATCH] package-vc: Process :make and :shell-command spec args

[Joseph Turner via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>]

Philip Kaludercic <philipk@posteo.net> writes:

> Joseph Turner <joseph@breatheoutbreathe.in> writes:
>
>> Philip Kaludercic <philipk@posteo.net> writes:
>>
>>> Joseph Turner <joseph@breatheoutbreathe.in> writes:
>>>
>>>> Philip Kaludercic <philipk@posteo.net> writes:
>>>>
>>>>> Joseph Turner <joseph@breatheoutbreathe.in> writes:
>>>>>
>>>>>> Philip Kaludercic <philipk@posteo.net> writes:
>>>>>>
>>>>>>> Joseph Turner <joseph@breatheoutbreathe.in> writes:
>>
>>>> We also might want to add another option for
>>>> package-vc-allow-side-effects like 'user-defined, which only runs :make
>>>> and :shell-command args which were specified by the user (as opposed to
>>>> those which were downloaded from elpa). WDYT?
>>>
>>> That sounds like a good idea, but let us do that in a separate patch.
>>
>> Okay!
>>
>>>> To update the manual, shall I edit doc/emacs/package.texi directly or is
>>>> there another file to edit?
>>>
>>> Yes, just update the table under the "Specifying Package Sources" subsection.
>>
>> See patch.
>>
>>>>> If :shell-command fails, do we really want to proceed to :make?
>>>>
>>>> Up to you! I was following the lead of elpa-admin.el.
>>>
>>> In that case let us do that too, unless there is a good reason not to.
>>
>> +1
>>
>>>> I switched the first two cases. I think pcase is readable here,
>>>> especially if we add an 'user-defined option. What would you use
>>>> instead?
>>>
>>> I would have just used a regular cond.
>>>
>>> --8<---------------cut here---------------start------------->8---
>>> (cond
>>>  ((null package-vc-process-make)
>>>   ...)
>>>  ((listp package-vc-process-make)
>>>   ...)
>>>  (...))
>>> --8<---------------cut here---------------end--------------->8---
>>>
>>> But this doesn't matter, do what you prefer.
>>
>> Thank you! I like pcase here.
>>
>>>> +Be careful when changing this option as processing :make and
>>>> +:shell-command will run potentially harmful code.
>>>
>>> Sounds scary.  I guess that is the point, but what do you think about
>>> something like
>>>
>>>   Be careful when changing this option, as installing and updating a
>>>   package can potentially run harmful code.  If possible, allow packages
>>>   you trust to run code, if it is necessary for a package to be properly
>>>   initialised.
>>
>> Thank you! What do you think about the version in the attached patch?
>>
>>>> +When set to a list of symbols (packages), run commands for only
>>>> +packages in the list. When `nil', never run commands.  Otherwise
>>>> +when non-`nil', run commands for any package with :make or
>>>> +:shell-command specified.
>>>
>>> Watch out.  According to (elisp) Documentation Tips, nil is not quoted.
>>
>> Good to know! Fixed.
>>
>> From 812e32ea6c3f7b2d71174658db0e272b0b4fb84b Mon Sep 17 00:00:00 2001
>> From: Joseph Turner <joseph@breatheoutbreathe.in>
>> Date: Sat, 13 May 2023 10:05:04 -0700
>> Subject: [PATCH] package-vc: Process :make and :shell-command spec args
>>
>> ---
>>  doc/emacs/package.texi        |  9 ++++++++
>>  lisp/emacs-lisp/package-vc.el | 42 +++++++++++++++++++++++++++++++++++
>>  2 files changed, 51 insertions(+)
>>
>> diff --git a/doc/emacs/package.texi b/doc/emacs/package.texi
>> index 6722185cb20..4f606b22e54 100644
>> --- a/doc/emacs/package.texi
>> +++ b/doc/emacs/package.texi
>> @@ -682,6 +682,15 @@ A string providing the repository-relative name of the documentation
>>  file from which to build an Info file.  This can be a Texinfo file or
>>  an Org file.
>>
>> +@item :make
>> +A string or list of strings providing the target or targets defined in
>> +the repository Makefile which should run before building the Info
>> +file. Only takes effect when package-vc-allow-side-effects is non-nil.
>
> A @var is missing here

Thank you!

>> +
>> +@item :shell-command
>> +A string providing the shell command to run before building the Info
>> +file. Only takes effect when package-vc-allow-side-effects is non-nil.
>
> and here.  I can take care of that.

Thank you!

>> +
>>  @item :vc-backend
>>  A symbol naming the VC backend to use for downloading a copy of the
>>  package's repository (@pxref{Version Control Systems,,,emacs, The GNU
>> diff --git a/lisp/emacs-lisp/package-vc.el b/lisp/emacs-lisp/package-vc.el
>> index beca0bd00e2..d2f6d287224 100644
>> --- a/lisp/emacs-lisp/package-vc.el
>> +++ b/lisp/emacs-lisp/package-vc.el
>> @@ -344,6 +344,38 @@ asynchronously."
>>          "\n")
>>         nil pkg-file nil 'silent))))
>>
>> +(defcustom package-vc-allow-side-effects nil
>> +  "Whether to process :make and :shell-command spec arguments.
>> +
>> +It may be necessary to run :make and :shell-command arguments in
>> +order to initialize a package or build its documentation, but
>> +please be careful when changing this option, as installing and
>> +updating a package can run potentially harmful code.
>> +
>> +When set to a list of symbols (packages), run commands for only
>> +packages in the list. When nil, never run commands.  Otherwise
>> +when non-nil, run commands for any package with :make or
>> +:shell-command specified.
>> +
>> +Package specs are loaded from trusted package archives."
>> +  :type '(choice (const :tag "Run for all packages" t)
>> +                 (repeat :tag "Run only for selected packages" (symbol :tag "Package name"))
>> +                 (const :tag "Never run" nil))
>> +  :version "30.1")
>> +
>> +(defun package-vc--make (pkg-spec pkg-desc)
>> +  "Process :make and :shell-command PKG-SPEC arguments for PKG-DESC."
>> +  (let ((target (plist-get pkg-spec :make))
>> +        (cmd (plist-get pkg-spec :shell-command))
>> +        (buf (format " *package-vc make %s*" (package-desc-name pkg-desc))))
>> +    (when (or cmd target)
>> +      (with-current-buffer (get-buffer-create buf)
>> +        (erase-buffer)
>> +        (when (and cmd (/= 0 (call-process shell-file-name nil t nil shell-command-switch cmd)))
>> +          (warn "Failed to run %s, see buffer %S" cmd (buffer-name)))
>> +        (when (and target (/= 0 (apply #'call-process "make" nil t nil (if (consp target) target (list target)))))
>> +          (warn "Failed to make %s, see buffer %S" target (buffer-name)))))))
>> +
>>  (declare-function org-export-to-file "ox" (backend file))
>>
>>  (defun package-vc--build-documentation (pkg-desc file)
>> @@ -486,6 +518,16 @@ documentation and marking the package as installed."
>>        ;; Generate package file
>>        (package-vc--generate-description-file pkg-desc pkg-file)
>>
>> +      ;; Process :make and :shell-command arguments before building documentation
>> +      (pcase package-vc-allow-side-effects
>> +        ('nil         ; When `nil', do nothing.
>> +         nil)
>> +        ((pred consp) ; When non-`nil' list, check if package is on the list.
>> +         (when (memq (package-desc-name pkg-desc) package-vc-allow-side-effects)
>> +           (package-vc--make pkg-spec pkg-desc)))
>> +        (_            ; When otherwise non-`nil', run commands.
>> +         (package-vc--make pkg-spec pkg-desc)))
>
> Thinking about this again, I am still not convinced.  Isn't
>
> --8<---------------cut here---------------start------------->8---
> (when (or (eq package-vc-allow-side-effects t)
> 	  (memq (package-desc-name pkg-desc)
> 		package-vc-allow-side-effects))
>   (package-vc--make pkg-spec pkg-desc))
> --8<---------------cut here---------------end--------------->8---
>
> much simpler?  Again, you don't have to prepare another patch, I'm just
> interested in what you think.

I take it all back and insist upon the opposite :)

You are right, that's much simpler.

>> +
>>        ;; Detect a manual
>>        (when (executable-find "install-info")
>>          (dolist (doc-file (ensure-list (plist-get pkg-spec :doc)))