GNU bug report logs - #28659
Content-addressed mirror is not used upon invalid hash

Previous Next

Package: guix;

Reported by: Jan Nieuwenhuizen <janneke <at> gnu.org>

Date: Sun, 1 Oct 2017 10:17:02 UTC

Severity: important

Merged with 70588

Full log

Message #63 received at 28659 <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Leo Famulari <leo <at> famulari.name>
Cc: Ludovic Courtès <ludo <at> gnu.org>, 28659 <at> debbugs.gnu.org
Subject: Re: bug#28659: v0.13: guix pull fails;
 libgit2-0.26.0 and 0.25.1 content hashes fail
Date: Wed, 04 Oct 2017 19:53:30 -0400

[Message part 1 (text/plain, inline)]
Leo Famulari <leo <at> famulari.name> writes:

> On Wed, Oct 04, 2017 at 12:22:34AM -0400, Maxim Cournoyer wrote:
>> Here are the first 10 lines of the output:
>> --8<---------------cut here---------------start------------->8---
>> Number of potentially problematic GitHub packages:1011
>> fdupes
>> cbatticon
>> sedsed
>> cpulimit
>> autojump
>> sudo
>
> I think the script is buggy; sudo's source is not downloaded from GitHub
> as far as I can tell.

Good catch! I was assuming empty lists were falsy, but that's not the
case! I've ensured purely boolean predicates now and it gets the list
down to 650.

Here's the corrected script:

[Message part 2 (text/plain, inline)]
;;; A script to find packages possibly affected by GitHub
;;; infrastructure update that caused minor changes in the
;;; automatically generated tarballs.

(use-modules (ice-9 match)
	     (gnu packages)
	     (guix download)
	     (guix packages))

(define (problematic-uri? uri)

  (define (contains-github-archive? uri)
    (regexp-match? (string-match "github.com/.*/archive/" uri)))

  ;; URI can be a string or a list of string.
  (match uri
    ((uri1 uri2 ...)			;match list of strings
     (not (null? (filter contains-github-archive? uri))))
    (uri1				;match string
     (contains-github-archive? uri1))))

(define (problematic-github-package? package)
  (let ((source (package-source package)))
    (and (origin? source)
	 (eq? (origin-method source) url-fetch)
	 (problematic-uri? (origin-uri source)))))

(define (problematic-github-packages)
  "List of all the potentially problematic GitHub packages."
  (fold-packages (lambda (p r)
		   (if (problematic-github-package? p)
		       (cons p r)
		       r))
		 '()))
(define (main)
  "Find and print the names of the potentially problematic GitHub packages."
  (let ((packages (problematic-github-packages)))
    (format #t "Number of potentially problematic GitHub packages: ~a~%"
	    (length packages))
    (for-each (lambda (p)
		(format #t "~a~%" (package-name p)))
	      packages)))

;;; Run the program.
(main)

[Message part 3 (text/plain, inline)]
And sample output:
--8<---------------cut here---------------start------------->8---
Number of potentially problematic GitHub packages: 650
fdupes
cbatticon
cpulimit
thefuck
thermald
neofetch
autojump
progress
nnn
[...]
wxwidgets
xclip
xcape
sxhkd
maim
slop
tinyxml2
xlsx2csv
--8<---------------cut here---------------end--------------->8---

Maxim
This bug report was last modified 1 year and 42 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.