[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#991285: unblock: strip-nondeterminism/1.12-0.1

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
x-debbugs-cc: reproducible-builds@lists.alioth.debian.org

Hi,

I'm wondering whether it makes sense to unblock strip-nondeterminism 1.12.0-1,
which has been uploaded on 2021-05-07 and which since then (or rather shortly after)
has been used on the buildds when building packages. There haven't been any bugs
filed since the upload and the changes are pretty small:

strip-nondeterminism (1.12.0-1) unstable; urgency=medium

  [ Chris Lamb ]
  * Support normalising Python "pyzip" files -- ie. zip-compressed .py files
    with a regular Python shebang. (Closes: reproducible-builds/strip-nondeterminism#18)
  * Drop single-debian-patch, etc.

  [ Bernhard M. Wiedemann ]
  * Move exception handling closer to call using perl's "//" operator.

The debdiffstat is:

 debdiff strip-nondeterminism_1.11.0-1.dsc strip-nondeterminism_1.12.0-1.dsc|diffstat
 debian/changelog                               |   12 ++
 debian/source/options                          |    1 
 debian/source/patch-header                     |   17 ----
 lib/File/StripNondeterminism.pm                |   11 ++
 lib/File/StripNondeterminism/handlers/pyzip.pm |  106 +++++++++++++++++++++++++
 5 files changed, 128 insertions(+), 19 deletions(-)

and the full debdiff is attached.

Rather obviously this more or less against the freeze guidelines but given the
fact that it's been used in many bullseye builds during the freeze I thought
I'd ask.
And I decided to ask via a bug report. Feel free to close or unblock :)

(And before you ask: I don't really know why I didn't file this unblock request
earlier. I guess it's because the change is not soo relevant but then I somehow
continued to be bothered by the fact that bullseye is build with packages from
out of bullseye and so I finally decided to ask anyway.)

unblock strip-nondeterminism/1.12-0.1

and thank you for releasing bullseye and dealing with requests like these! ;)


-- 
cheers,
	Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

"A developed country is not a place where the poor have cars. It's where the
rich use public transportation." (quote attributed to several people)

diff -Nru strip-nondeterminism-1.11.0/debian/changelog strip-nondeterminism-1.12.0/debian/changelog
--- strip-nondeterminism-1.11.0/debian/changelog	2021-02-05 13:04:06.000000000 +0100
+++ strip-nondeterminism-1.12.0/debian/changelog	2021-05-07 13:36:57.000000000 +0200
@@ -1,3 +1,15 @@
+strip-nondeterminism (1.12.0-1) unstable; urgency=medium
+
+  [ Chris Lamb ]
+  * Support normalising Python "pyzip" files -- ie. zip-compressed .py files
+    with a regular Python shebang. (Closes: reproducible-builds/strip-nondeterminism#18)
+  * Drop single-debian-patch, etc.
+
+  [ Bernhard M. Wiedemann ]
+  * Move exception handling closer to call using perl's "//" operator.
+
+ -- Chris Lamb <lamby@debian.org>  Fri, 07 May 2021 12:36:57 +0100
+
 strip-nondeterminism (1.11.0-1) unstable; urgency=medium
 
   [ Helmut Grohne ]
diff -Nru strip-nondeterminism-1.11.0/debian/source/options strip-nondeterminism-1.12.0/debian/source/options
--- strip-nondeterminism-1.11.0/debian/source/options	2021-02-05 13:04:06.000000000 +0100
+++ strip-nondeterminism-1.12.0/debian/source/options	1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-single-debian-patch
diff -Nru strip-nondeterminism-1.11.0/debian/source/patch-header strip-nondeterminism-1.12.0/debian/source/patch-header
--- strip-nondeterminism-1.11.0/debian/source/patch-header	2021-02-05 13:04:06.000000000 +0100
+++ strip-nondeterminism-1.12.0/debian/source/patch-header	1970-01-01 01:00:00.000000000 +0100
@@ -1,17 +0,0 @@
-Subject: Collected Debian patches for strip-nondeterminism
-Author: Andrew Ayer <agwa@andrewayer.name>
-
-Since I am also upstream for this package, there will normally not be
-any patches to apply to the upstream source.  However, occasionally
-I'll pull up specific upstream commits prior to making an upstream
-release.  When this happens, this patch will collect all of those
-modifications.
-
-I use Git to maintain both the upstream source and the Debian
-packages, and generating individual patches rather than using git
-cherry-pick takes extra work for no gain.  Since I'm also upstream,
-there's no need to separate the patches for later upstream submission.
-Hence, I take this approach with a unified patch when it's necessary.
-
-For full commit history and separated commits, see the upstream Git
-repository.
diff -Nru strip-nondeterminism-1.11.0/lib/File/StripNondeterminism/handlers/pyzip.pm strip-nondeterminism-1.12.0/lib/File/StripNondeterminism/handlers/pyzip.pm
--- strip-nondeterminism-1.11.0/lib/File/StripNondeterminism/handlers/pyzip.pm	1970-01-01 01:00:00.000000000 +0100
+++ strip-nondeterminism-1.12.0/lib/File/StripNondeterminism/handlers/pyzip.pm	2021-05-07 13:35:16.000000000 +0200
@@ -0,0 +1,106 @@
+#
+# Copyright 2021 Chris Lamb <lamby@debian.org>
+#
+# This file is part of strip-nondeterminism.
+#
+# strip-nondeterminism is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# strip-nondeterminism is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with strip-nondeterminism.  If not, see <http://www.gnu.org/licenses/>.
+#
+package File::StripNondeterminism::handlers::pyzip;
+
+use strict;
+use warnings;
+
+use File::StripNondeterminism;
+use File::StripNondeterminism::Common qw(copy_data);
+use File::Basename;
+use File::StripNondeterminism::handlers::zip;
+use File::Temp;
+use Fcntl q/SEEK_SET/;
+
+=head1 ABOUT
+
+Python supports running .zip'd .py files:
+
+	$ cat __main__.py
+	#!/usr/bin/python3
+	print("Hello World")
+	$ zip pyzip.zip __main__.py
+	$ head -1 __main__.py | cat - pyzip.zip > pyzip
+	$ chmod a+x pyzip 
+
+They require special handling to not mangle the shebang.
+
+=head1 DEPRECATION PLAN
+
+Unclear, as many tools can, after all, generate these .zip files.
+
+=cut
+
+sub is_pyzip_file {
+	my ($filename) = @_;
+
+	my $fh;
+	my $str;
+
+	return
+	  open($fh, '<', $filename)
+	  && read($fh, $str, 32)
+	  && $str =~ /^#!.*\n\x{50}\x{4b}\x{03}\x{04}/s;
+}
+
+sub normalize {
+	my ($filename) = @_;
+
+	my $buf;
+
+	# Create a .zip file without the shebang
+	my $stripped = File::Temp->new(DIR => dirname($filename));
+	open my $fh, '<', $filename;
+
+	# Save the shebang for later
+	my $shebang = <$fh>; 
+
+	# Copy through the rest of the file
+	while (read($fh, $buf, 4096) // die "$filename: read failed: $!") {
+		print $stripped $buf;
+	}
+	$stripped->close;
+	close $fh;
+
+	# Normalize the stripped version
+	my $modified = File::StripNondeterminism::handlers::zip::normalize(
+		$stripped->filename
+	);
+
+	# If we didnt change anything, no need to mess around with a new file
+	return 0 if not $modified;
+
+	# Create a file with the existing shebang
+	my $pyzip = File::Temp->new(DIR => dirname($filename));
+	print $pyzip $shebang;
+	open $fh, '<', $stripped->filename;
+	while (read($fh, $buf, 4096)) {
+		print $pyzip $buf;
+	}
+	close $fh;
+	$pyzip->close;
+
+	# Copy the result, preserving the attributes of the original
+	copy_data($pyzip->filename, $filename)
+	  or die "$filename: unable to overwrite: copy_data: $!";
+
+	return 1;
+}
+
+1;
diff -Nru strip-nondeterminism-1.11.0/lib/File/StripNondeterminism.pm strip-nondeterminism-1.12.0/lib/File/StripNondeterminism.pm
--- strip-nondeterminism-1.11.0/lib/File/StripNondeterminism.pm	2021-02-05 13:02:07.000000000 +0100
+++ strip-nondeterminism-1.12.0/lib/File/StripNondeterminism.pm	2021-05-07 13:35:16.000000000 +0200
@@ -26,7 +26,7 @@
 
 our($VERSION, $canonical_time, $clamp_time, $verbose);
 
-$VERSION = '1.11.0'; # <https://semver.org/>
+$VERSION = '1.12.0'; # <https://semver.org/>
 
 sub init() {
 	$ENV{'TZ'} = 'UTC';
@@ -109,6 +109,14 @@
 		&& _get_file_type($_) =~ m/Zip archive data|EPUB document/) {
 		return _handler('zip');
 	}
+
+	# pyzip - check last due to call to file(1)
+	if (_get_file_type($_) =~ m/python3 script executable \(binary data\)/) {
+		my $handler = _handler('pyzip');
+		return $handler
+		  if File::StripNondeterminism::handlers::pyzip::is_pyzip_file($_);
+	}
+
 	return undef;
 }
 
@@ -124,6 +132,7 @@
 	jmod	=> 1,
 	uimage	=> 1,
 	png	=> 1,
+	pyzip	=> 1,
 	javaproperties => 1,
 	zip	=> 1,
 );
Binärdateien /tmp/v7l1msc5Dm/strip-nondeterminism-1.11.0/t/fixtures/pyzip/pyzip.in und /tmp/MsFQpF3N4x/strip-nondeterminism-1.12.0/t/fixtures/pyzip/pyzip.in sind verschieden.
Binärdateien /tmp/v7l1msc5Dm/strip-nondeterminism-1.11.0/t/fixtures/pyzip/pyzip.out und /tmp/MsFQpF3N4x/strip-nondeterminism-1.12.0/t/fixtures/pyzip/pyzip.out sind verschieden.

Attachment: signature.asc
Description: PGP signature

Reply to: