Identified in #1840/#1841, `lintian` will error due to invalid
control.tar file, as shown below.
This test ensures that `lintian` will not crash. There were two options
I found: First, to run `lintian` and, when it crashes, it exits code 2.
Second, to run `lintian` with a single always-successful check. I chose
the second option because this allows me to rely on success/failure
(exit code 0 vs non-zero) in the event that `lintian` ever changes its
exit code, or that the crash exit code changes across older versions of
Debian.
```
% lintian example_1.0_amd64.deb
dpkg-deb: error: archive '/home/jls/projects/fpm/example_1.0_amd64.deb' uses unknown compression for member 'control.tar.bz2', giving up
/bin/tar: This does not look like a tar archive
/bin/tar: *control: Not found in archive
/bin/tar: Exiting with failure status due to previous errors
Skipping example_1.0_amd64.deb: could not read control data in /home/jls/projects/fpm/example_1.0_amd64.deb: at /usr/share/perl5/Lintian/ProcessablePool.pm line 93.
```
This fixes a bug where fpm would create an invalid debian package file.
When `--deb-compression bzip2` was used, fpm would create
'control.tar.bz2' file inside the debian package. Debian does not
support bzip2-compressed control files. Per the deb(5) manpage:
> The second required member is named control.tar. It is a tar archive containing the package control information, either not compressed (supported since dpkg 1.17.6), or compressed with gzip (with .gz extension) or xz (with .xz extension, supported since 1.17.6)
With this commit, when bzip2 is chosen for data compression, fpm will
use gzip compression on the control.tar file.
- Files in the tarball should begin with / (#1811, #1844)
- Assert certain top-level manifest fields
- Assert manifest files are present
Idea from #1844
(note: fpm calls 'iteration' what rpm calls 'release')
rpmbuild will reject the `Release` tag containing a dash with the
following error (via fpm --verbose):
```
error: line 41: Illegal char '-' (0x2d) in: Release: 1-1 {:level=>:info}
Process failed: rpmbuild failed (exit code 1).
```
This patch copies the dash-to-underscore operation that is already
applied to the version field.
Adds tests for both iteration and version field.
Fixes: #1833
It's been hard to debug travis failures for a long time, and since the recent credentials-issue[1] being handled poorly, I think we can close this chapter.
> After 3 days of pressure from multiple projects, [Travis CI] silently patched the issue on the 10th. No analysis, no security report, no post mortem, not warning any of their users that their secrets might have been stolen
[1] https://arstechnica.com/information-technology/2021/09/travis-ci-flaw-exposed-secrets-for-thousands-of-open-source-projects/
This resolves an issue caused by #1803 where a user was, historically, passing `--provides 'foo (<< 1.2.3)'` which was working correctly in prior versions of fpm but creating invalid Debian packages in the newer release.
This is a funny issue because previously fpm was removing the relationship text '(<< 1.2.3)' so it never made it into the resulting Debian package. Due to #1803, this text is now passed into the resulting package, and Debian package tooling rejects it.
Added tests to cover a few valid and invalid cases.
This change also adds code to validate other relationship fields (Depends, Suggests, etc) but does not actually do any validation.
This test was failing on a lintian check which reports:
```
E: name: init.d-script-needs-depends-on-lsb-base etc/init.d/test (line 14)
```
Added `lsb-base` dependency to resolve it.
This is a simple workaround, which transforms the filenames inside the
tar archive so that they start with `/`. This happens only in case
the filename doesn't begin with `+`, which is expected (or at least is
very likely) to be a metadata file.
```
$ tar --list -f test-package-0.0.1.txz
+COMPACT_MANIFEST
+MANIFEST
/etc/config
/usr/bin/script
$ pkg install -y test-package-0.0.1.txz && echo OK
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
test-package: 0.0.1
Number of packages to be installed: 1
[1/1] Installing test-package-0.0.1...
Extracting test-package-0.0.1: 100%
OK
```
Fixes#1811
Signed-off-by: Vlastimil Holer <vholer@opennebula.io>
This fixes#1788. This also reverts #280. For #280, at the time, this
change to ignore versions was correct. Two years after #280, Debian
began allowing `Provides` field to have versions.
This change also fixes bug in gem-to-deb conversion where previously an
incorrect Provides syntax would be generated (but thanks to #280,
removed), so this bug was only noticed after #280 was undone!
Computers are hard sometimes.
Added tests for gem-to-deb conversion specifically for the Provides
field.
Tested manually with Docker on Ubuntu 14.04 and 18.04 and results meet
expectations.
The history here is follows:
* In 2012, fpm was patched to remove version specifiers in Provides
field because Debian didn't support it.
* In 2014, Debian dpkg[1] added support for versions in Provides field
* Somewhere between 2015-2018, Debian and Ubuntu included this new
version of dpkg.
* Debian packaging policy docs (v4.4.0) was updated to allow versions
in the Provides field.
Expected impacts:
* Older versions of dpkg/etc should _ignore_ the presence of a version
specifier. Testing on Ubuntu 14.04 confirmed this.
* Newer versions of dpkg/etc should respect the presence of a version
specifier. Testing on Ubuntu 18.04 confirmed this.
[1] https://launchpad.net/debian/+source/dpkg/1.17.11
The previous commit eats too much whitespace after the section headers
(`%pre`, `%post` etc.). There should remain a newline.
Correct versions (for `%pre`):
```
%pre
ugrade () {
```
and
```
%pre -e
upgrade() {
```
Without this patch, we get these (wrong):
```
%pre ugrade () {
```
and
```
%pre -e upgrade() {
```
(exact number of spaces can be different, but should not be relevant)
Fixes#1750
Signed-off-by: Jo Vandeginste <Jo.Vandeginste@kuleuven.be>
The previous method using :if actually hides the test entirely from the run.
Now an rspec run will correctly(I hope?) show any skipped tests. The
goal is to remind me that sometimes my dev environment is missing
important tooling needed to fully test fpm.
Also: Skip pacman tests if bsdtar and zstd programs are missing.
For #1795
This replaces another library which uses ffi with an implementation
that doesn't need ffi.
I am not certain this is an exact replacement, but for my casual tests,
comparing .txz files generated before/after this commit, things seem ok.
This would benefit from real freebsd testing, though.
This removes fpm's direct use of FFI and removes `ffi` as a direct
dependency. For #1795
Cases:
* A unix socket.
* A named pipe
* A charDev should now fail (like /dev/tty)
* A blockDev should now fail (like /dev/sda1)
NOTE: In this change, chardev and blockdev support have been removed.
These "copies" previously were just calling `mknod` with identical
mode, basically copying the `mode` from stat(2) to mknod(2).
Exceptions are now thrown for chardev and blockdev.
Test cases:
# Try to package a named pipe.
% mkfifo /tmp/z.pipe
% bundle exec bin/fpm -s dir -t rpm -n example /tmp/z.pipe
Created package {:path=>"example-1.0-1.x86_64.rpm"}
% rpm -qlvp example-1.0-1.x86_64.rpm
prw-rw-r-- 1 root root 0 Jun 17 22:40 /tmp/z.pipe
# Create the unix socket
% nc -lU /tmp/z.sock
# Package it into an rpm
% bin/fpm -s dir -t rpm -n example /tmp/z.sock |& less
{:timestamp=>"2021-06-17T22:33:27.780347-0700", :message=>"Created package", :path=>"example-1.0-1.x86_64.rpm"}
# Verify the file is of socket type ('s' at beginning of file mode
% rpm -qlvp example-1.0-1.x86_64.rpm
srwxrwxr-x 1 root root 0 Jun 17 22:33 /tmp/z.sock
The childprocess library uses `ffi`. Historically, installing ffi has
brought challenges for fpm users. This change is an attempt to use
ruby standard methods to replace ChildProcess.
For #1795
Previously, rexml was included standard in Ruby. However, in 3.0.0, ruby
moved this library to be a "bundled gem", per the release notes:
https://www.ruby-lang.org/en/news/2020/12/25/ruby-3-0-0-released/
> The following default gems are now bundled gems.
> * rexml
Tested on Ruby 2.7.0 and 3.0.1 w/ bundler and it works.
```
% (rbenv shell 3.0.1; bundle install; bundle exec bin/fpm -s empty -t empty -n example)
% (rbenv shell 2.7.0; bundle install; bundle exec bin/fpm -s empty -t empty -n example)
```
Fixes#1793
Jordan Sissel
Andrey Tikhonov
Clayton Wong
Vlastimil Holer
Joris Vandermeersch
Vedant K
allen joslin
Philippe Poilbarbe
Jo Vandeginste
Steve Kamerman
Zoe O'Connell
Andreas Ulm