guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: `guix lint' warn of GitHub autogenerated source tarballs

From: swedebugia
Subject: Re: `guix lint' warn of GitHub autogenerated source tarballs
Date: Fri, 21 Dec 2018 13:00:07 -0800 
On 2018-12-21 21:50, Ludovic Courtès wrote:
> Hi!
> 
> Efraim Flashner <address@hidden> skribis:
> 
>> Here's what I currently have. I don't think I've tried running the tests
>> I've written yet, and Ludo said there was a better way to check if the
>> download was a git-fetch or a url-fetch. As the logic is currently
>> written it'll flag any package hosted on github owned by 'archive' or
>> any package named 'archive' in addition to the ones we want.
> 
> OK.  I think you’re pretty much there anyway, so please don’t drop the
> ball.  ;-)
> 
> Some comments follow:
> 
>> From 8a07c8aea1f23db48a9e69956ad15f79f0f70e35 Mon Sep 17 00:00:00 2001
>> From: Efraim Flashner <address@hidden>
>> Date: Tue, 23 Oct 2018 12:01:53 +0300
>> Subject: [PATCH] lint: Add checker for unstable tarballs.
>>
>> * guix/scripts/lint.scm (check-source-unstable-tarball): New procedure.
>> (%checkers): Add it.
>> * tests/lint.scm ("source-unstable-tarball", source-unstable-tarball:
>> source #f", "source-unstable-tarball: valid", source-unstable-tarball:
>> not-github", source-unstable-tarball: git-fetch"): New tests.
> 
> [...]
> 
>> +(define (check-source-unstable-tarball package)
>> +  "Emit a warning if PACKAGE's source is an autogenerated tarball."
>> +  (define (github-tarball? origin)
>> +    (string-contains origin "github.com"))
>> +  (define (autogenerated-tarball? origin)
>> +    (string-contains origin "/archive/"))
>> +  (let ((origin (package-source package)))
>> +    (unless (not origin) ; check for '(source #f)'
>> +      (let ((uri       (origin-uri origin))
>> +            (dl-method (origin-method origin)))
>> +        (unless (not (pk dl-method "url-fetch"))
>> +        (when (and (github-tarball? uri)
>> +                   (autogenerated-tarball? uri))
>> +          (emit-warning package
>> +                        (G_ "the source URI should not be an autogenerated 
>> tarball")
>> +                        'source)))))))
> 
> You should use ‘origin-uris’ (plural), which always returns a list of
> URIs, and iterate on them (see ‘check-mirror-url’ as an example.)
> 
> Also, when you have a URI, you can obtain just the host part and decode
> the path part like this:
> 
> --8<---------------cut here---------------start------------->8---
> scheme@(guile-user)> (string->uri 
> "https://github.com/foo/bar/archive/whatnot";)
> $2 = #<<uri> scheme: https userinfo: #f host: "github.com" port: #f
> path: "/foo/bar/archive/whatnot" query: #f fragment: #f>
> scheme@(guile-user)> (uri-host $2)
> $3 = "github.com"
> scheme@(guile-user)> (split-and-decode-uri-path (uri-path $2))
> $4 = ("foo" "bar" "archive" "whatnot")
> --8<---------------cut here---------------end--------------->8---
> 
> That way you should be able to get more accurate matching than with
> ‘string-contains’.  Does that make sense?

This is super nice! I did not know this. It makes URL parsing much
easier :D

-- 
Cheers 
Swedebugia
reply via email to
[Prev in Thread] Current Thread [Next in Thread]