Re: `guix lint' warn of GitHub autogenerated source tarballs

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: swedebugia@riseup.net
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: guix-devel@gnu.org,
	Guix-devel <guix-devel-bounces+swedebugia=riseup.net@gnu.org>
Subject: Re: `guix lint' warn of GitHub autogenerated source tarballs
Date: Fri, 21 Dec 2018 13:00:07 -0800	[thread overview]
Message-ID: <780fe5ff38aac96b9949148d2ffd73d2@riseup.net> (raw)
In-Reply-To: <87imzmmwno.fsf@gnu.org>

On 2018-12-21 21:50, Ludovic Courtès wrote:
> Hi!
> 
> Efraim Flashner <efraim@flashner.co.il> skribis:
> 
>> Here's what I currently have. I don't think I've tried running the tests
>> I've written yet, and Ludo said there was a better way to check if the
>> download was a git-fetch or a url-fetch. As the logic is currently
>> written it'll flag any package hosted on github owned by 'archive' or
>> any package named 'archive' in addition to the ones we want.
> 
> OK.  I think you’re pretty much there anyway, so please don’t drop the
> ball.  ;-)
> 
> Some comments follow:
> 
>> From 8a07c8aea1f23db48a9e69956ad15f79f0f70e35 Mon Sep 17 00:00:00 2001
>> From: Efraim Flashner <efraim@flashner.co.il>
>> Date: Tue, 23 Oct 2018 12:01:53 +0300
>> Subject: [PATCH] lint: Add checker for unstable tarballs.
>>
>> * guix/scripts/lint.scm (check-source-unstable-tarball): New procedure.
>> (%checkers): Add it.
>> * tests/lint.scm ("source-unstable-tarball", source-unstable-tarball:
>> source #f", "source-unstable-tarball: valid", source-unstable-tarball:
>> not-github", source-unstable-tarball: git-fetch"): New tests.
> 
> [...]
> 
>> +(define (check-source-unstable-tarball package)
>> +  "Emit a warning if PACKAGE's source is an autogenerated tarball."
>> +  (define (github-tarball? origin)
>> +    (string-contains origin "github.com"))
>> +  (define (autogenerated-tarball? origin)
>> +    (string-contains origin "/archive/"))
>> +  (let ((origin (package-source package)))
>> +    (unless (not origin) ; check for '(source #f)'
>> +      (let ((uri       (origin-uri origin))
>> +            (dl-method (origin-method origin)))
>> +        (unless (not (pk dl-method "url-fetch"))
>> +        (when (and (github-tarball? uri)
>> +                   (autogenerated-tarball? uri))
>> +          (emit-warning package
>> +                        (G_ "the source URI should not be an autogenerated tarball")
>> +                        'source)))))))
> 
> You should use ‘origin-uris’ (plural), which always returns a list of
> URIs, and iterate on them (see ‘check-mirror-url’ as an example.)
> 
> Also, when you have a URI, you can obtain just the host part and decode
> the path part like this:
> 
> --8<---------------cut here---------------start------------->8---
> scheme@(guile-user)> (string->uri "https://github.com/foo/bar/archive/whatnot")
> $2 = #<<uri> scheme: https userinfo: #f host: "github.com" port: #f
> path: "/foo/bar/archive/whatnot" query: #f fragment: #f>
> scheme@(guile-user)> (uri-host $2)
> $3 = "github.com"
> scheme@(guile-user)> (split-and-decode-uri-path (uri-path $2))
> $4 = ("foo" "bar" "archive" "whatnot")
> --8<---------------cut here---------------end--------------->8---
> 
> That way you should be able to get more accurate matching than with
> ‘string-contains’.  Does that make sense?

This is super nice! I did not know this. It makes URL parsing much
easier :D

-- 
Cheers 
Swedebugia

next prev parent reply	other threads:[~2018-12-21 21:21 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-12-18 20:45 `guix lint' warn of GitHub autogenerated source tarballs Arun Isaac
2018-12-19  8:43 ` Pierre Neidhardt
2018-12-19 14:07 ` Ludovic Courtès
2018-12-19 14:33   ` Efraim Flashner
2018-12-19 17:43     ` Arun Isaac
2018-12-19 19:29       ` Efraim Flashner
2018-12-21 20:50         ` Ludovic Courtès
2018-12-21 21:00           ` swedebugia [this message]
2018-12-25 14:32           ` Efraim Flashner
2019-01-05 17:39             ` Ludovic Courtès
2019-01-05 21:25               ` Learning the match-syntax swedebugia
2019-01-05 22:35                 ` Ricardo Wurmus
2019-01-06 21:36                 ` Chris Marusich
2019-01-07 17:34                   ` swedebugia
2019-01-07 22:18                     ` Ricardo Wurmus
2019-01-08  8:25                       ` swedebugia
2019-01-08 20:32                         ` Ricardo Wurmus

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=780fe5ff38aac96b9949148d2ffd73d2@riseup.net \
    --to=swedebugia@riseup.net \
    --cc=guix-devel-bounces+swedebugia=riseup.net@gnu.org \
    --cc=guix-devel@gnu.org \
    --cc=ludo@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.