Bug#797085: lintian: Please detect gzip called without -n option
Package: lintian
Version: 2.5.36.1
Tags: patch
Severity: wishlist
User: reproducible-builds@lists.alioth.debian.org
Usertags: toolchain
X-Debbugs-Cc: reproducible-builds@lists.alioth.debian.org
Hi,
Patch attached to detect gzip called without the -n option. This
invariably results in an unreproducible build.
Pretty sure there's a negative-lookbehind solution, but it evades me
right a this moment and this is probably more readable anyway.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
From e7b52b435bca9a4940782a76f3db6d21ac832791 Mon Sep 17 00:00:00 2001
From: Chris Lamb <lamby@debian.org>
Date: Thu, 27 Aug 2015 20:15:33 +0200
Subject: [PATCH] New tag gzip-called-without-no-name-option
---
checks/rules.desc | 6 ++++++
checks/rules.pm | 4 ++++
t/tests/rules-general/debian/debian/rules | 10 ++++++++++
t/tests/rules-general/desc | 3 ++-
t/tests/rules-general/tags | 2 ++
5 files changed, 24 insertions(+), 1 deletion(-)
diff --git a/checks/rules.desc b/checks/rules.desc
index bea0e17..aa63ffa 100644
--- a/checks/rules.desc
+++ b/checks/rules.desc
@@ -247,3 +247,9 @@ Info: The source package does not have both a build-arch and a build-indep
.
Please consider adding both the build-arch and build-indep targets.
+Tag: gzip-called-without-no-name-option
+Severity: normal
+Certainty: possible
+Info: The rules files appears to call <tt>gzip</tt> without specifying the
+ <tt>-n</tt> option. This introduces timestamps into the binary package,
+ rendering the package unreproducible.
diff --git a/checks/rules.pm b/checks/rules.pm
index e1fdf73..0e646bf 100644
--- a/checks/rules.pm
+++ b/checks/rules.pm
@@ -219,6 +219,10 @@ sub run {
tag 'debian-rules-makemaker-prefix-is-deprecated', "line $.";
}
+ if ($line =~ m/\bgzip\b/ && $line !~ m/\s-\w*n\w*\b/) {
+ tag 'gzip-called-without-no-name-option', "line $.";
+ }
+
# General assignment - save the variable
if (/^\s*(?:\S+\s+)*?(\S+)\s*([:\?\+])?=\s*(.*+)?$/so) {
# This is far too simple from a theoretical PoV, but should do
diff --git a/t/tests/rules-general/debian/debian/rules b/t/tests/rules-general/debian/debian/rules
index cddbc03..1c4c31e 100755
--- a/t/tests/rules-general/debian/debian/rules
+++ b/t/tests/rules-general/debian/debian/rules
@@ -9,3 +9,13 @@ clean:
dh_clean
echo $(DEB_BUILD_OPTS) $(PWD)
@echo $(_)
+
+dh_auto_build:
+ # Bad
+ touch filename && gzip filename
+ touch filename && gzip -9 filename
+
+ # Good
+ gzip -9nmore filename
+ gzip -n9 filename
+ gzip filename -n9
diff --git a/t/tests/rules-general/desc b/t/tests/rules-general/desc
index 1f41c20..417eba5 100644
--- a/t/tests/rules-general/desc
+++ b/t/tests/rules-general/desc
@@ -7,4 +7,5 @@ Test-For:
debian-rules-should-not-automatically-update-control
debian-rules-should-not-use-DEB_BUILD_OPTS
debian-rules-should-not-use-pwd
- debian-rules-should-not-use-underscore-variable
\ No newline at end of file
+ debian-rules-should-not-use-underscore-variable
+ gzip-called-without-no-name-option
diff --git a/t/tests/rules-general/tags b/t/tests/rules-general/tags
index 3e7351b..415e097 100644
--- a/t/tests/rules-general/tags
+++ b/t/tests/rules-general/tags
@@ -3,3 +3,5 @@ E: rules-general source: debian-rules-should-not-automatically-update-control li
W: rules-general source: debian-rules-should-not-use-DEB_BUILD_OPTS line 10
W: rules-general source: debian-rules-should-not-use-pwd line 10
W: rules-general source: debian-rules-should-not-use-underscore-variable line 11
+W: rules-general source: gzip-called-without-no-name-option line 15
+W: rules-general source: gzip-called-without-no-name-option line 16
--
2.5.0
Reply to: