[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#636994: lintian: add check for deprecated perl libraries (was: #629472)

tags 636994 +patch
thanks

On Sun, Aug 07, 2011 at 05:11:51PM +0100, Dominic Hargreaves wrote:
> Thanks for the response; I think you've convinced me that this would
> be the best approach, at least to start with.
> 
> You're correct that build-time deps will be caught by rebuilds, once
> the modules get removed. Ideally in this case we'd have all the
> packages fixed well in advance of that; we'd like to be able to drop
> them from wheezy+1 without worrying about partial upgrades breaking
> things. However, this isn't actually a concern for situations where
> the build fails.
> 
> I take your point about starting off with the check marked as
> experimental, although I would like this check to have the maximum
> input before wheezy freezes, so your planned released schedule for 
> lintian may affect whether I'd like to have that included or not.
> 
> I'm filing this as a wishlist bug without patch initially; I had a look
> at the lintian git repository and couldn't initially see where the best
> place to put such a check would be. If you can give me any hints about
> where to start, I'll do so :)
> 
> To make this bug report complete, here's a specification for the check:
> 
> check in all perl source files in binary packages not depending on
> libperl4-corelibs-perl for strings satisfying the following regexp:
> 
> /(?:do|require)\s+(?:'|")(?:abbrev|assert|bigfloat|bigint|bigrat|cacheout|complete|ctime|dotsh|exceptions|fastcwd|find|finddepth|flush|getcwd|getopt|getopts|hostname|importenv|look|newgetopt|open2|open3|pwd|shellwords|stat|syslog|tainted|termcap|timelocal|validate)\.pl(?:'|")/
> 
> Tag: uses-perl4-libs
> Severity: important
> Certainty: possible
> Experimental: yes
> Info: This package includes perl programs using obsoleted perl 4-era
>  libraries. These libraries have been deprecated in perl in 5.14, and
>  are likely to be removed from the core in perl 5.16. Please either
>  remove references to these libraries, or add a dependency on
>  "libperl4-corelibs-perl | perl (<< 5.12.3-7)" to this package.

Okay, I had a stab at implementing this. It involved a lot of guesswork
and cargo-culting, but it appears to work. Patch attached. Please do
let me know if I can do anything to improve the patch.

Cheers,
Dominic.

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)

>From c3c6d998bd623d5b4968a17db44daab9e0e479a1 Mon Sep 17 00:00:00 2001
From: Dominic Hargreaves <dom@earth.li>
Date: Sun, 14 Aug 2011 16:22:14 +0100
Subject: [PATCH] Add new perl4 libs checks

These new checks add the following tags:

- perl-module-uses-perl4-libs-without-dep
- script-uses-perl4-libs-without-dep

Closes: #636994
---
 checks/perl_modules           |   82 +++++++++++++++++++++++++++++++++++++++++
 checks/perl_modules.desc      |   15 +++++++
 checks/scripts                |   11 +++++
 checks/scripts.desc           |    9 ++++
 collection/perl_modules       |   59 +++++++++++++++++++++++++++++
 collection/perl_modules.desc  |    7 +++
 lib/Lintian/Collect/Binary.pm |   20 ++++++++++
 profiles/debian/main.profile  |    4 +-
 8 files changed, 205 insertions(+), 2 deletions(-)
 create mode 100644 checks/perl_modules
 create mode 100644 checks/perl_modules.desc
 create mode 100755 collection/perl_modules
 create mode 100644 collection/perl_modules.desc

diff --git a/checks/perl_modules b/checks/perl_modules
new file mode 100644
index 0000000..38f5496
--- /dev/null
+++ b/checks/perl_modules
@@ -0,0 +1,82 @@
+# perl-modules -- lintian check script -*- perl -*-
+#
+# This is probably the right file to add a check for the use of
+# set -e in bash and sh scripts.
+#
+# Copyright (C) 1998 Richard Braakman
+# Copyright (C) 2002 Josip Rodin
+# Copyright (C) 2011 Dominic Hargreaves
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, you can find it on the World Wide
+# Web at http://www.gnu.org/copyleft/gpl.html, or write to the Free
+# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+# MA 02110-1301, USA.
+
+package Lintian::perl_modules;
+use strict;
+use warnings;
+
+use lib "$ENV{'LINTIAN_ROOT'}/checks/";
+
+use Lintian::Relation;
+use Lintian::Tags qw(tag);
+
+sub run {
+
+my $pkg = shift;
+my $type = shift;
+my $info = shift;
+
+foreach (@{$info->sorted_index}) {
+    next if $_ eq '';
+    my $index_info = $info->index->{$_};
+    my $operm = $index_info->{operm};
+    next unless ($index_info->{type} =~ m,^[-h], and ($operm & 01 or
+	$operm & 010 or $operm & 0100));
+}
+
+my $all_deps = '';
+for my $field (qw/suggests recommends depends pre-depends provides/) {
+    if (defined $info->field($field)) {
+        $all_deps .= ', ' if $all_deps;
+        $all_deps .= $info->field($field);
+    }
+}
+$all_deps .= ', ' if $all_deps;
+$all_deps .= $pkg;
+my $all_parsed = Lintian::Relation->new($all_deps);
+
+for my $filename (@{$info->perl_modules}) {
+    my $path = $info->unpacked($filename);
+    # Check for obsolete perl libraries
+    if (!$all_parsed->implies('libperl4-corelibs-perl')) {
+        open(FH, '<', $path);
+        while (<FH>) {
+            if (/(?:do|require)\s+(?:'|")(?:abbrev|assert|bigfloat|bigint|bigrat|cacheout|complete|ctime|dotsh|exceptions|fastcwd|find|finddepth|flush|getcwd|getopt|getopts|hostname|importenv|look|newgetopt|open2|open3|pwd|shellwords|stat|syslog|tainted|termcap|timelocal|validate)\.pl(?:'|")/) {
+                tag('perl-module-uses-perl4-libs-without-dep', "$filename:$_");
+            }
+        }
+	    close(FH);
+    }
+}
+
+}
+
+1;
+
+# Local Variables:
+# indent-tabs-mode: t
+# cperl-indent-level: 4
+# End:
+# vim: syntax=perl ts=8 sw=4
diff --git a/checks/perl_modules.desc b/checks/perl_modules.desc
new file mode 100644
index 0000000..539e8b2
--- /dev/null
+++ b/checks/perl_modules.desc
@@ -0,0 +1,15 @@
+Check-Script: perl_modules
+Author: Dominic Hargreaves <dom@earth.li>
+Abbrev: perlmod
+Type: binary
+Info: This script checks the perl modules in a package.
+Needs-Info: unpacked, file-info, perl_modules, bin-pkg-control, fields, index
+
+Tag: perl-module-uses-perl4-libs-without-dep
+Severity: normal
+Certainty: possible
+Info: This package includes perl modules using obsoleted perl 4-era
+ libraries. These libraries have been deprecated in perl in 5.14, and
+ are likely to be removed from the core in perl 5.16. Please either
+ remove references to these libraries, or add a dependency on
+ <tt>libperl4-corelibs-perl | perl (&lt;&lt; 5.12.3-7)</tt> to this package.
diff --git a/checks/scripts b/checks/scripts
index bcb0526..1c084d9 100644
--- a/checks/scripts
+++ b/checks/scripts
@@ -449,6 +449,17 @@ for my $filename (sort keys %{$info->scripts}) {
 	script_tag('unusual-interpreter', $filename, "#!$interpreter");
     }
 
+    # Check for obsolete perl libraries
+    if ($base eq 'perl' && !$all_parsed->implies('libperl4-corelibs-perl')) {
+        open(FH, '<', $path);
+        while (<FH>) {
+            if (/(?:do|require)\s+(?:'|")(?:abbrev|assert|bigfloat|bigint|bigrat|cacheout|complete|ctime|dotsh|exceptions|fastcwd|find|finddepth|flush|getcwd|getopt|getopts|hostname|importenv|look|newgetopt|open2|open3|pwd|shellwords|stat|syslog|tainted|termcap|timelocal|validate)\.pl(?:'|")/) {
+                tag('script-uses-perl4-libs-without-dep', "$filename:$_");
+            }
+        }
+        close(FH);
+    }
+
     # Do some additional checks on shell scripts in /etc.  This should
     # probably be extended eventually to any script in a public directory.
     # This also needs smarter processing of multiline quoted strings,
diff --git a/checks/scripts.desc b/checks/scripts.desc
index 240868c..d0abeee 100644
--- a/checks/scripts.desc
+++ b/checks/scripts.desc
@@ -680,3 +680,12 @@ Info: The maintainer script removes a diversion that it didn't add.  If
  you're cleaning up unnecessary diversions from older versions of the
  package, remove them in <tt>preinst</tt> or <tt>postinst</tt> instead of
  waiting for <tt>postrm</tt> to do it.
+
+Tag: script-uses-perl4-libs-without-dep
+Severity: normal
+Certainty: possible
+Info: This package includes perl scripts using obsoleted perl 4-era
+ libraries. These libraries have been deprecated in perl in 5.14, and
+ are likely to be removed from the core in perl 5.16. Please either
+ remove references to these libraries, or add a dependency on
+ <tt>libperl4-corelibs-perl | perl (&lt;&lt; 5.12.3-7)</tt> to this package.
diff --git a/collection/perl_modules b/collection/perl_modules
new file mode 100755
index 0000000..1061c77
--- /dev/null
+++ b/collection/perl_modules
@@ -0,0 +1,59 @@
+#!/usr/bin/perl -w
+# perl-modules -- lintian collection script
+
+# Copyright (C) 1998 Richard Braakman
+# Copyrgith (C) 2011 Dominic Hargreaves
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, you can find it on the World Wide
+# Web at http://www.gnu.org/copyleft/gpl.html, or write to the Free
+# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+# MA 02110-1301, USA.
+
+use strict;
+use warnings;
+
+open(MODS, '>', 'perl-modules') or fail("cannot open perl-modules output file: $!");
+open(INDEX, '<', 'index') or fail("cannot open index file: $!");
+
+my $file;
+
+while (<INDEX>) {
+    next unless /^-/;   # skip non-files
+    chop;
+
+    # Extract the filename field from the tar-like file index.
+    # Note that the split is done with an explicit limit so that filenames
+    # with embedded spaces are handled correctly.
+    $file = (split(' ', $_, 6))[5];
+    $file =~ s/ link to .*//;    # cut off info about hard links
+    $file =~ /\.pm$/ or next;
+    print MODS "$file\n";
+}
+close(INDEX);
+close(MODS) or fail("cannot write perl-modules file: $!");
+
+exit 0;
+
+# -----------------------------------
+
+sub fail {
+    if ($_[0]) {
+        print STDERR "internal error: $_[0]\n";
+    } elsif ($!) {
+        print STDERR "internal error: $!\n";
+    } else {
+        print STDERR "internal error.\n";
+    }
+    exit 1;
+}
diff --git a/collection/perl_modules.desc b/collection/perl_modules.desc
new file mode 100644
index 0000000..a950280
--- /dev/null
+++ b/collection/perl_modules.desc
@@ -0,0 +1,7 @@
+Collector-Script: perl_modules
+Author: Dominic Hargreaves <dom@earth.li>
+Info: This script scans a binary package for perl modules and lists their
+ filenames
+Type: binary, udeb
+Version: 1
+Needs-Info: unpacked, bin-pkg-control, index
diff --git a/lib/Lintian/Collect/Binary.pm b/lib/Lintian/Collect/Binary.pm
index 68062c4..32e3eb4 100644
--- a/lib/Lintian/Collect/Binary.pm
+++ b/lib/Lintian/Collect/Binary.pm
@@ -149,6 +149,26 @@ sub scripts {
     return $self->{scripts};
 }
 
+sub perl_modules {
+    my ($self) = @_;
+    return $self->{perl_modules} if exists $self->{perl_modules};
+    my $base_dir = $self->base_dir();
+    my @mods;
+    open(MODS, '<', "$base_dir/perl-modules")
+    or fail("cannot open perl-modules $base_dir/file: $!");
+    while (<MODS>) {
+        chomp;
+        my $name = $_;
+        $name =~ s,^\./,,o;
+        $name =~ s,/+$,,o;
+        push @mods, $name;
+    }
+    close MODS;
+    $self->{perl_modules} = \@mods;
+
+    return $self->{perl_modules};
+}
+
 
 # Returns the information from collect/objdump-info
 sub objdump_info {
diff --git a/profiles/debian/main.profile b/profiles/debian/main.profile
index b856c33..e6eff3c 100644
--- a/profiles/debian/main.profile
+++ b/profiles/debian/main.profile
@@ -6,6 +6,6 @@ Enable-Tags-From-Check: binaries, changelog-file, changes-file, circular-deps, c
  debhelper, debian-readme, debian-source-dir, description, duplicate-files,
  etcfiles, fields, filename-length, files, huge-usr-share, infofiles, init.d,
  java, lintian, manpages, md5sums, menu-format, menus, nmu, ocaml, patch-systems,
- po-debconf, rules, scripts, shared-libs, standards-version, symlinks,
- version-substvars, watch-file
+ perl_modules, po-debconf, rules, scripts, shared-libs, standards-version,
+ symlinks, version-substvars, watch-file
 
-- 
1.7.5.4
Reply to: