[Git][reproducible-builds/diffoscope][master] 2 commits: Use a BuildinfoFile (etc.) regardless of whether the associated files such as...
Chris Lamb
gitlab at salsa.debian.org
Sat May 23 08:54:40 UTC 2020
Chris Lamb pushed to branch master at Reproducible Builds / diffoscope
Commits:
5f8952ae by Chris Lamb at 2020-05-23T09:43:03+01:00
Use a BuildinfoFile (etc.) regardless of whether the associated files such as the orig.tar.gz and the .deb are present. (Re: reproducible-builds/diffoscope#122)
- - - - -
481e7eef by Chris Lamb at 2020-05-23T09:43:03+01:00
releasing package diffoscope version 145
- - - - -
6 changed files:
- debian/changelog
- diffoscope/__init__.py
- diffoscope/comparators/debian.py
- diffoscope/comparators/utils/container.py
- diffoscope/comparators/utils/file.py
- tests/comparators/test_debian.py
Changes:
=====================================
debian/changelog
=====================================
@@ -1,8 +1,70 @@
-diffoscope (145) UNRELEASED; urgency=medium
+diffoscope (145) unstable; urgency=medium
- * WIP (generated upon release).
+ [ Chris Lamb ]
+
+ * Improvements:
+
+ - Add support for Apple Xcode mobile provisioning .mobilepovision files.
+ (Closes: reproducible-builds/diffoscope#113)
+ - Add support for printing the signatures via apksigner(1).
+ (Closes: reproducible-builds/diffoscope#121)
+ - Use SHA256 over MD5 when generating page names for the HTML directory
+ presenter, validate checksums for files referenced in .changes files
+ using SHA256 too, and move to using SHA256 in "Too much input for diff"
+ output too. (Closes: reproducible-builds/diffoscope#124)
+ - Don't leak the full path of the temporary directory in "Command [..]
+ exited with 1". (Closes: reproducible-builds/diffoscope#126)
+ - Identify "iOS App Zip archive data" files as .zip files.
+ (Closes: reproducible-builds/diffoscope#116)
+
+ * Bug fixes:
+
+ - Correct "differences" typo in the ApkFile handler.
+ (Closes: reproducible-builds/diffoscope#127)
+
+ * Reporting/output improvements:
+
+ - Never emit the same id="foo" TML anchor reference twice, otherwise
+ identically-named parts will not be able to linked to via "#foo".
+ (Closes: reproducible-builds/diffoscope#120)
+ - Never emit HTML with empty "id" anchor lements as it is not possible to
+ link to "#" (vs "#foo"). We use "#top" as a fallback value so it will
+ work for the top-level parent container.
+ - Clarify the message when we cannot find the "debian" Python module.
+ - Clarify "Command [..] failed with exit code" to remove duplicate "exited
+ with exit" but also to note that diffoscope is intepreting this as an
+ error.
+ - Add descriptions for the 'fallback' Debian module file types.
+ - Rename the --debugger command-line argument to --pdb.
+
+ * Testsuite improvements:
+
+ - Prevent CI (and runtime) apksigner test failures due to lack of
+ binfmt_misc on Salsa CI and elsewhere.
+
+ * Codebase improvements:
+
+ - Initially add a pair of comments to tidy up a slightly abstraction level
+ violating code in diffoscope.comparators.mising_file and the
+ .dsc/.buildinfo file handling, but replace this later by by inlining
+ MissingFile's special handling of deb822 to prevent leaking through
+ abstraction layers in the first place.
+ - Use a BuildinfoFile (etc.) regardless of whether the associated files
+ such as the orig.tar.gz and the .deb are present, but don't treat them as
+ actual containers. (Re: reproducible-builds/diffoscope#122)
+ - Rename the "Openssl" command class to "OpenSSLPKCS7" to accommodate other
+ commands with this prefix.
+ - Wrap a docstring across multiple lines, drop an inline pprint import and
+ comment the HTMLPrintContext class, etc.
+
+ [ Emanuel Bronshtein ]
+ * Avoid build-cache in building the released Docker image.
+ (Closes: reproducible-builds/diffoscope#123)
+
+ [ Holger Levsen ]
+ * Wrap long lines in older changelog entries.
- -- Chris Lamb <lamby at debian.org> Thu, 14 May 2020 16:26:30 +0100
+ -- Chris Lamb <lamby at debian.org> Sat, 23 May 2020 09:31:26 +0100
diffoscope (144) unstable; urgency=medium
=====================================
diffoscope/__init__.py
=====================================
@@ -18,4 +18,4 @@
# You should have received a copy of the GNU General Public License
# along with diffoscope. If not, see <https://www.gnu.org/licenses/>.
-VERSION = "144"
+VERSION = "145"
=====================================
diffoscope/comparators/debian.py
=====================================
@@ -70,6 +70,31 @@ class DebControlContainer(Container):
super().__init__(*args, **kwargs)
self._version_re = DebControlContainer.get_version_trimming_re(self)
+ def recognizes(self):
+ if "Checksums-Sha256" not in self.source._deb822:
+ return False
+
+ for x in self.source._deb822.get("Checksums-Sha256"):
+ sha256 = hashlib.sha256()
+
+ # This will not work in nested containers
+ dsc_in_same_dir = os.path.join(
+ os.path.dirname(self.source.path), x["Name"]
+ )
+
+ if not os.path.exists(dsc_in_same_dir):
+ return False
+
+ # Validate whether the checksum matches
+ with open(dsc_in_same_dir, "rb") as f:
+ for buf in iter(functools.partial(f.read, 32768), b""):
+ sha256.update(buf)
+
+ if sha256.hexdigest() != x["sha256"]:
+ return False
+
+ return True
+
@staticmethod
def get_version_trimming_re(dcc):
version = dcc.source._deb822.get('Version')
@@ -185,15 +210,13 @@ class DotChangesFile(DebControlFile):
if not super().recognizes(file):
return False
- changes = Changes(filename=file.path)
+ file._deb822 = Changes(filename=file.path)
try:
- changes.validate("sha256", check_signature=False)
+ file._deb822.validate("sha256", check_signature=False)
except FileNotFoundError:
return False
- file._deb822 = changes
-
return True
def compare(self, other, *args, **kwargs):
@@ -231,25 +254,7 @@ class DotDscFile(DebControlFile):
return False
with open(file.path, 'rb') as f:
- dsc = Dsc(f)
-
- for d in dsc.get('Files'):
- md5 = hashlib.md5()
-
- # XXX: this will not work for containers
- dsc_in_same_dir = os.path.join(
- os.path.dirname(file.path), d['Name']
- )
- if not os.path.exists(dsc_in_same_dir):
- return False
-
- with open(dsc_in_same_dir, 'rb') as f:
- for buf in iter(functools.partial(f.read, 32768), b''):
- md5.update(buf)
- if md5.hexdigest() != d['md5sum']:
- return False
-
- file._deb822 = dsc
+ file._deb822 = Dsc(f)
return True
@@ -284,29 +289,8 @@ class DotBuildinfoFile(DebControlFile):
if not super().recognizes(file):
return False
- with open(file.path, 'rb') as f:
- # We can parse .buildinfo files just like .dsc
- buildinfo = Dsc(f)
-
- if 'Checksums-Sha256' not in buildinfo:
- return False
-
- for d in buildinfo.get('Checksums-Sha256'):
- sha256 = hashlib.sha256()
-
- # XXX: this will not work for containers
- dsc_in_same_dir = os.path.join(
- os.path.dirname(file.path), d['Name']
- )
- if not os.path.exists(dsc_in_same_dir):
- return False
-
- with open(dsc_in_same_dir, 'rb') as f:
- for buf in iter(functools.partial(f.read, 32768), b''):
- sha256.update(buf)
- if sha256.hexdigest() != d['sha256']:
- return False
-
- file._deb822 = buildinfo
+ # Parse .buildinfo files like .dsc files
+ with open(file.path, "rb") as f:
+ file._deb822 = Dsc(f)
return True
=====================================
diffoscope/comparators/utils/container.py
=====================================
@@ -70,6 +70,9 @@ class Container(metaclass=abc.ABCMeta):
def get_member(self, member_name):
raise NotImplementedError()
+ def recognizes(self):
+ return True
+
def get_path_name(self, dest_dir):
return os.path.join(dest_dir, str(uuid.uuid4()))
=====================================
diffoscope/comparators/utils/file.py
=====================================
@@ -252,7 +252,18 @@ class File(metaclass=abc.ABCMeta):
'Instantiating a %s for %s', type_name(klass), self.name,
)
try:
- self._as_container = klass(self)
+ container = klass(self)
+
+ if not container.recognizes():
+ logger.debug(
+ "Instantiated a %s for %s, but cannot use it as a container",
+ type_name(klass),
+ self.name,
+ )
+ continue
+
+ self._as_container = container
+
logger.debug(
"Returning a %s for %s", type_name(klass), self.name,
)
=====================================
tests/comparators/test_debian.py
=====================================
@@ -230,13 +230,13 @@ def test_dot_dsc_identification(dot_dsc1):
@skip_unless_module_exists('debian.deb822')
-def test_dot_dsc_invalid(tmpdir, dot_dsc2):
+def test_dot_dsc_no_associated_tar_gz(tmpdir, dot_dsc2):
tmpdir.mkdir('a')
dot_dsc_path = str(tmpdir.join('a/test_1.dsc'))
shutil.copy(TEST_DOT_CHANGES_FILE1_PATH, dot_dsc_path)
# we don't copy the referenced .tar.gz
identified = specialize(FilesystemFile(dot_dsc_path))
- assert not isinstance(identified, DotDscFile)
+ assert isinstance(identified, DotDscFile)
def test_dot_dsc_no_differences(dot_dsc1):
@@ -288,13 +288,13 @@ def test_dot_buildinfo_identification(dot_buildinfo1):
@skip_unless_module_exists('debian.deb822')
-def test_dot_buildinfo_invalid(tmpdir):
+def test_dot_buildinfo_no_deb(tmpdir):
tmpdir.mkdir('a')
dot_buildinfo_path = str(tmpdir.join('a/test_1.buildinfo'))
shutil.copy(TEST_DOT_BUILDINFO_FILE1_PATH, dot_buildinfo_path)
# we don't copy the referenced .deb
identified = specialize(FilesystemFile(dot_buildinfo_path))
- assert not isinstance(identified, DotBuildinfoFile)
+ assert isinstance(identified, DotBuildinfoFile)
def test_dot_buildinfo_no_differences(dot_buildinfo1):
View it on GitLab: https://salsa.debian.org/reproducible-builds/diffoscope/-/compare/ca8861d5e499354e970d2099157d6f383dd236c7...481e7eef5fca29161d56b813c6076f827450de45
--
View it on GitLab: https://salsa.debian.org/reproducible-builds/diffoscope/-/compare/ca8861d5e499354e970d2099157d6f383dd236c7...481e7eef5fca29161d56b813c6076f827450de45
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20200523/b83a0a66/attachment.htm>
More information about the rb-commits
mailing list