def _check_useless_provides(self, pkg, provides):
"""Trigger check useless-provides
Check if a package has a multiple number of Provides
(versioned and unversioned): of the same dependency
example:
Provides: foo
Provides: foo = 1.0
Returns:
Output info to STDOUT
"""
# TODO: should take versions, <, <=, =, >=, > into account here
# https://bugzilla.redhat.com/460872
no_version_provides = set()
version_provides = set()
for provide in provides:
prov = provide[0]
if prov.startswith('debuginfo('):
continue
version = Pkg.versionToString(provide[2])
if version:
version_provides.add(prov)
else:
no_version_provides.add(prov)
for prov in sorted(no_version_provides):
if prov in version_provides:
self.output.add_info('E', pkg, 'useless-provides', prov)
def check(self, pkg):
packager = pkg[rpm.RPMTAG_PACKAGER]
if packager:
self._unexpanded_macros(pkg, 'Packager', packager)
if self.config.configuration['Packager'] and \
not self.packager_regex.search(packager):
self.output.add_info('W', pkg, 'invalid-packager', packager)
else:
self.output.add_info('E', pkg, 'no-packager-tag')
version = pkg[rpm.RPMTAG_VERSION]
if version:
self._unexpanded_macros(pkg, 'Version', version)
res = invalid_version_regex.search(version)
if res:
self.output.add_info('E', pkg, 'invalid-version', version)
else:
self.output.add_info('E', pkg, 'no-version-tag')
release = pkg[rpm.RPMTAG_RELEASE]
if release:
self._unexpanded_macros(pkg, 'Release', release)
if self.release_ext and not self.extension_regex.search(release):
self.output.add_info('W', pkg,
'not-standard-release-extension', release)
else:
self.output.add_info('E', pkg, 'no-release-tag')
epoch = pkg[rpm.RPMTAG_EPOCH]
if epoch is None:
if self.use_epoch:
self.output.add_info('E', pkg, 'no-epoch-tag')
else:
if epoch > 99:
self.output.add_info('W', pkg, 'unreasonable-epoch', epoch)
epoch = str(epoch)
if self.use_epoch:
for tag in ('obsoletes', 'conflicts', 'provides', 'recommends',
'suggests', 'enhances', 'supplements'):
for x in (x for x in getattr(pkg, tag)()
if x[1] and x[2][0] is None):
self.output.add_info('W', pkg, 'no-epoch-in-%s' % tag,
Pkg.formatRequire(*x))
name = pkg.name
deps = pkg.requires + pkg.prereq
devel_depend = False
is_devel = FilesCheck.devel_regex.search(name)
is_source = pkg.is_source
for d in deps:
value = Pkg.formatRequire(*d)
if self.use_epoch and d[1] and d[2][0] is None and \
not d[0].startswith('rpmlib('):
self.output.add_info('W', pkg, 'no-epoch-in-dependency', value)
for r in self.invalid_requires:
if r.search(d[0]):
self.output.add_info('E', pkg, 'invalid-dependency', d[0])
if d[0].startswith('/usr/local/'):
self.output.add_info('E', pkg, 'invalid-dependency', d[0])
if is_source:
if lib_devel_number_regex.search(d[0]):
self.output.add_info('E', pkg, 'invalid-build-requires',
d[0])
elif not is_devel:
if not devel_depend and FilesCheck.devel_regex.search(d[0]):
self.output.add_info('E', pkg, 'devel-dependency', d[0])
devel_depend = True
if not d[1]:
res = lib_package_regex.search(d[0])
if res and not res.group(1):
self.output.add_info('E', pkg,
'explicit-lib-dependency', d[0])
if d[1] == rpm.RPMSENSE_EQUAL and d[2][2] is not None:
self.output.add_info('W', pkg, 'requires-on-release', value)
self._unexpanded_macros(pkg, 'dependency %s' % (value, ), value)
self._unexpanded_macros(pkg, 'Name', name)
if not name:
self.output.add_info('E', pkg, 'no-name-tag')
else:
if is_devel and not is_source:
base = is_devel.group(1)
dep = None
has_so = False
has_pc = False
for fname in pkg.files:
if fname.endswith('.so'):
has_so = True
if pkg_config_regex.match(fname) and fname.endswith('.pc'):
has_pc = True
if has_so:
base_or_libs = base + '*' + '/' + base + '-libs/lib' + base + '*'
# try to match *%_isa as well (e.g. '(x86-64)', '(x86-32)')
base_or_libs_re = re.compile(
r'^(lib)?%s(-libs)?[\d_-]*(\(\w+-\d+\))?$' %
re.escape(base))
for d in deps:
if base_or_libs_re.match(d[0]):
dep = d
break
if not dep:
self.output.add_info('W', pkg, 'no-dependency-on',
base_or_libs)
elif version:
exp = (epoch, version, None)
sexp = Pkg.versionToString(exp)
if not dep[1]:
self.output.add_info('W', pkg,
'no-version-dependency-on',
base_or_libs, sexp)
elif dep[2][:2] != exp[:2]:
self.output.add_info(
'W', pkg, 'incoherent-version-dependency-on',
base_or_libs,
Pkg.versionToString(
(dep[2][0], dep[2][1], None)), sexp)
res = devel_number_regex.search(name)
if not res:
self.output.add_info('W', pkg, 'no-major-in-name',
name)
else:
if res.group(3):
prov = res.group(1) + res.group(2) + '-devel'
else:
prov = res.group(1) + '-devel'
if prov not in (x[0] for x in pkg.provides):
self.output.add_info('W', pkg, 'no-provides', prov)
if has_pc:
found_pkg_config_dep = False
for p in (x[0] for x in pkg.provides):
if p.startswith('pkgconfig('):
found_pkg_config_dep = True
break
if not found_pkg_config_dep:
self.output.add_info('E', pkg,
'no-pkg-config-provides')
# List of words to ignore in spell check
ignored_words = set()
for pf in pkg.files:
ignored_words.update(pf.split('/'))
ignored_words.update((x[0] for x in pkg.provides))
ignored_words.update((x[0] for x in pkg.requires))
ignored_words.update((x[0] for x in pkg.conflicts))
ignored_words.update((x[0] for x in pkg.obsoletes))
langs = pkg[rpm.RPMTAG_HEADERI18NTABLE]
summary = byte_to_string(pkg[rpm.RPMTAG_SUMMARY])
if summary:
if not langs:
self._unexpanded_macros(pkg, 'Summary', summary)
else:
for lang in langs:
self.check_summary(pkg, lang, ignored_words)
else:
self.output.add_info('E', pkg, 'no-summary-tag')
description = byte_to_string(pkg[rpm.RPMTAG_DESCRIPTION])
if description:
if not langs:
self._unexpanded_macros(pkg, '%description', description)
else:
for lang in langs:
self.check_description(pkg, lang, ignored_words)
if len(description) < len(pkg[rpm.RPMTAG_SUMMARY]):
self.output.add_info('W', pkg,
'description-shorter-than-summary')
else:
self.output.add_info('E', pkg, 'no-description-tag')
group = pkg[rpm.RPMTAG_GROUP]
self._unexpanded_macros(pkg, 'Group', group)
if not group:
self.output.add_info('E', pkg, 'no-group-tag')
elif pkg.name.endswith(
'-devel') and not group.startswith('Development/'):
self.output.add_info('W', pkg,
'devel-package-with-non-devel-group', group)
elif self.valid_groups and group not in self.valid_groups:
self.output.add_info('W', pkg, 'non-standard-group', group)
buildhost = pkg[rpm.RPMTAG_BUILDHOST]
self._unexpanded_macros(pkg, 'BuildHost', buildhost)
if not buildhost:
self.output.add_info('E', pkg, 'no-buildhost-tag')
elif self.config.configuration['ValidBuildHost'] and \
not self.valid_buildhost_regex.search(buildhost):
self.output.add_info('W', pkg, 'invalid-buildhost', buildhost)
changelog = pkg[rpm.RPMTAG_CHANGELOGNAME]
if not changelog:
self.output.add_info('E', pkg, 'no-changelogname-tag')
else:
clt = pkg[rpm.RPMTAG_CHANGELOGTEXT]
if self.use_version_in_changelog:
ret = changelog_version_regex.search(
byte_to_string(changelog[0]))
if not ret and clt:
# we also allow the version specified as the first
# thing on the first line of the text
ret = changelog_text_version_regex.search(
byte_to_string(clt[0]))
if not ret:
self.output.add_info('W', pkg,
'no-version-in-last-changelog')
elif version and release:
srpm = pkg[rpm.RPMTAG_SOURCERPM] or ''
# only check when source name correspond to name
if srpm[0:-8] == '%s-%s-%s' % (name, version, release):
expected = [version + '-' + release]
if epoch is not None: # regardless of use_epoch
expected[0] = str(epoch) + ':' + expected[0]
# Allow EVR in changelog without release extension,
# the extension is often a macro or otherwise dynamic.
if self.release_ext:
expected.append(
self.extension_regex.sub('', expected[0]))
if ret.group(1) not in expected:
if len(expected) == 1:
expected = expected[0]
self.output.add_info(
'W', pkg, 'incoherent-version-in-changelog',
ret.group(1), expected)
if clt:
changelog = changelog + clt
for s in changelog:
if not Pkg.is_utf8_bytestr(s):
self.output.add_info('E', pkg, 'tag-not-utf8',
'%changelog')
break
e = Pkg.has_forbidden_controlchars(s)
if e:
self.output.add_info('E', pkg,
'forbidden-controlchar-found',
'%%changelog : %s' % e)
break
clt = pkg[rpm.RPMTAG_CHANGELOGTIME][0]
if clt:
clt -= clt % (24 * 3600) # roll back to 00:00:00, see #246
if clt < oldest_changelog_timestamp:
self.output.add_info(
'W', pkg, 'changelog-time-overflow',
time.strftime('%Y-%m-%d', time.gmtime(clt)))
elif clt > time.time():
self.output.add_info(
'E', pkg, 'changelog-time-in-future',
time.strftime('%Y-%m-%d', time.gmtime(clt)))
def split_license(text):
return (x.strip()
for x in (l for l in license_regex.split(text) if l))
def split_license_exception(text):
x, y = license_exception_regex.split(text)[1:3] or (text, '')
return x.strip(), y.strip()
rpm_license = pkg[rpm.RPMTAG_LICENSE]
if not rpm_license:
self.output.add_info('E', pkg, 'no-license')
else:
valid_license = True
if rpm_license not in self.valid_licenses:
license_string = rpm_license
l1, lexception = split_license_exception(rpm_license)
# SPDX allows "<license> WITH <license-exception>"
if lexception:
license_string = l1
if lexception not in self.valid_license_exceptions:
self.output.add_info('W', pkg,
'invalid-license-exception',
lexception)
valid_license = False
for l1 in split_license(license_string):
if l1 in self.valid_licenses:
continue
for l2 in split_license(l1):
if l2 not in self.valid_licenses:
self.output.add_info('W', pkg, 'invalid-license',
l2)
valid_license = False
if not valid_license:
self._unexpanded_macros(pkg, 'License', rpm_license)
for tag in ('URL', 'DistURL', 'BugURL'):
if hasattr(rpm, 'RPMTAG_%s' % tag.upper()):
url = byte_to_string(pkg[getattr(rpm,
'RPMTAG_%s' % tag.upper())])
self._unexpanded_macros(pkg, tag, url, is_url=True)
if url:
(scheme, netloc) = urlparse(url)[0:2]
if not scheme or not netloc or '.' not in netloc or \
scheme not in ('http', 'https', 'ftp') or \
(self.config.configuration['InvalidURL'] and
self.invalid_url_regex.search(url)):
self.output.add_info('W', pkg, 'invalid-url', tag, url)
elif tag == 'URL':
self.output.add_info('W', pkg, 'no-url-tag')
obs_names = [x[0] for x in pkg.obsoletes]
prov_names = [x[0] for x in pkg.provides]
for o in (x for x in obs_names if x not in prov_names):
self.output.add_info('W', pkg, 'obsolete-not-provided', o)
for o in pkg.obsoletes:
value = Pkg.formatRequire(*o)
self._unexpanded_macros(pkg, 'Obsoletes %s' % (value, ), value)
# TODO: should take versions, <, <=, =, >=, > into account here
# https://bugzilla.redhat.com/460872
useless_provides = set()
for p in prov_names:
if (prov_names.count(p) != 1 and not p.startswith('debuginfo(')
and p not in useless_provides):
useless_provides.add(p)
for p in sorted(useless_provides):
self.output.add_info('E', pkg, 'useless-provides', p)
for tagname, items in (('Provides', pkg.provides), ('Conflicts',
pkg.conflicts),
('Obsoletes', pkg.obsoletes), ('Supplements',
pkg.supplements),
('Suggests', pkg.suggests),
('Enhances', pkg.enhances), ('Recommends',
pkg.recommends)):
for p in items:
e = Pkg.has_forbidden_controlchars(p)
if e:
self.output.add_info('E', pkg,
'forbidden-controlchar-found',
'%s: %s' % (tagname, e))
value = Pkg.formatRequire(*p)
self._unexpanded_macros(pkg, '%s %s' % (tagname, value), value)
for p in (pkg.requires):
e = Pkg.has_forbidden_controlchars(p)
if e:
self.output.add_info('E', pkg, 'forbidden-controlchar-found',
'Requires: %s' % e)
obss = pkg.obsoletes
if obss:
provs = pkg.provides
for prov in provs:
for obs in obss:
if Pkg.rangeCompare(obs, prov):
self.output.add_info(
'W', pkg, 'self-obsoletion',
'%s obsoletes %s' % (Pkg.formatRequire(*obs),
Pkg.formatRequire(*prov)))
expfmt = rpm.expandMacro('%{_build_name_fmt}')
if pkg.is_source:
# _build_name_fmt often (always?) ends up not outputting src/nosrc
# as arch for source packages, do it ourselves
expfmt = re.sub(r'(?i)%\{?ARCH\b\}?', pkg.arch, expfmt)
expected = pkg.header.sprintf(expfmt).split('/')[-1]
basename = Path(pkg.filename).parent
if basename != expected:
self.output.add_info('W', pkg, 'non-coherent-filename', basename,
expected)
for tag in ('Distribution', 'DistTag', 'ExcludeArch', 'ExcludeOS',
'Vendor'):
if hasattr(rpm, 'RPMTAG_%s' % tag.upper()):
res = byte_to_string(pkg[getattr(rpm,
'RPMTAG_%s' % tag.upper())])
self._unexpanded_macros(pkg, tag, res)
def _check_multiple_tags(self, pkg, name, is_devel, is_source, deps, epoch,
version):
"""Trigger checks no-name-tag check, no-dependency-on,
no-version-dependency-on, missing-dependency-on,
no-major-in-name, no-provides, no-pkg-config-provides
Args:
name: Variable to find if Name: tag
Returns:
Output info to STDOUT
"""
if not name:
# Check if a package does not have a Name: tag
self.output.add_info('E', pkg, 'no-name-tag')
else:
if is_devel and not is_source:
base = is_devel.group(1)
dep = None
has_so = False
has_pc = False
for fname in pkg.files:
if fname.endswith('.so'):
has_so = True
if pkg_config_regex.match(fname) and fname.endswith('.pc'):
has_pc = True
if has_so:
base_or_libs = base + '*' + '/' + base + '-libs/lib' + base + '*'
# try to match *%_isa as well (e.g. '(x86-64)', '(x86-32)')
base_or_libs_re = re.compile(
r'^(lib)?%s(-libs)?[\d_-]*(\(\w+-\d+\))?$' %
re.escape(base))
for d in deps:
if base_or_libs_re.match(d[0]):
dep = d
break
if not dep:
self.output.add_info('W', pkg, 'no-dependency-on',
base_or_libs)
elif version:
epoch = str(epoch)
exp = (epoch, version, None)
sexp = Pkg.versionToString(exp)
if not dep[1]:
self.output.add_info('W', pkg,
'no-version-dependency-on',
base_or_libs, sexp)
elif dep[2][:2] != exp[:2]:
version = Pkg.versionToString(
(dep[2][0], dep[2][1], None))
self.output.add_info(
'W', pkg, 'missing-dependency-on',
f'{base_or_libs} = {version}')
res = devel_number_regex.search(name)
if not res:
self.output.add_info('W', pkg, 'no-major-in-name',
name)
else:
if res.group(3):
prov = res.group(1) + res.group(2) + '-devel'
else:
prov = res.group(1) + '-devel'
if prov not in (x[0] for x in pkg.provides):
self.output.add_info('W', pkg, 'no-provides', prov)
if has_pc:
found_pkg_config_dep = False
for p in (x[0] for x in pkg.provides):
if p.startswith('pkgconfig('):
found_pkg_config_dep = True
break
if not found_pkg_config_dep:
self.output.add_info('E', pkg,
'no-pkg-config-provides')