From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 831311581D3 for ; Wed, 22 May 2024 05:54:02 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 18D8BE2A61; Wed, 22 May 2024 05:53:58 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id BD06CE2A5B for ; Wed, 22 May 2024 05:53:57 +0000 (UTC) From: Ulrich Mueller To: Mike Gilbert Cc: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] [PATCH v2] verify-sig.eclass: avoid calling unpack on sig files In-Reply-To: <20240522020519.1845786-1-floppym@gentoo.org> (Mike Gilbert's message of "Tue, 21 May 2024 22:05:19 -0400") References: <20240522015830.1841810-1-floppym@gentoo.org> <20240522020519.1845786-1-floppym@gentoo.org> Date: Wed, 22 May 2024 07:53:47 +0200 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Archives-Salt: 82ff7562-6bf2-4350-aa77-68551e0bf711 X-Archives-Hash: 90b7aea384347a18b0d49a0c0b04500a --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable >>>>> On Wed, 22 May 2024, Mike Gilbert wrote: > Signed-off-by: Mike Gilbert > --- > eclass/verify-sig.eclass | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) > diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass > index b74ed78290aa..4d48c9ed8503 100644 > --- a/eclass/verify-sig.eclass > +++ b/eclass/verify-sig.eclass > @@ -426,10 +426,14 @@ verify-sig_src_unpack() { > verify-sig_verify_detached \ > "${DISTDIR}/${f%.*}" "${DISTDIR}/${f}" > done > - fi =20 > - # finally, unpack the distfiles > - default_src_unpack > + # finally, unpack the distfiles > + if [[ ${#distfiles[@]} -gt 0 ]]; then > + unpack "${distfiles[@]}" > + fi > + else > + default_src_unpack > + fi > } =20 > fi Please provide an explanation what problem this patch fixes. Why is calling unpack on sig files bad? It should silently skip files with unknown extensions. Ulrich --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFDBAEBCAAtFiEEtDnZ1O9xIP68rzDbUYgzUIhBXi4FAmZNiGsPHHVsbUBnZW50 b28ub3JnAAoJEFGIM1CIQV4u4PYH/1n4rtVquFYktBwjzlglBZLkPwbiKuxh5TRq RgrXZsURMbdwGYfAuuS36O3C9D0KjVRdhz/ZPaH2ySPSYMqRF53We3EOPDCinUtf cFn4VlS7/9NRPZoYhHZuhwHIYibgDOsxTgTtinL9I30zaQiR1l9DGpPeeCX34JVU DFMnE3EnBEebzNlBL+Agn80qA/tUXYjMWLM5ngRZcSVzUyPqmAxVqyRte7pys415 4rvj/ust5DSg0lYPt/YAuX2IR/c+NVXV6O1Y2zS52RrCnqtRo7xKqZSOKYEUjZjD 6KHWvRjinvFyxAf62eXeK96cNpnCej9xAjcgp2ZqSLGfC858ZKU= =Wr9u -----END PGP SIGNATURE----- --=-=-=--