[Rpm-maint] Planning for rpm 4.13.0 (-rc2)

Thierry Vignaud thierry.vignaud at gmail.com
Wed Oct 19 10:25:17 UTC 2016

On 14 October 2016 at 15:33, Panu Matilainen <pmatilai at laiskiainen.org> wrote:
> Time to get rpm 4.13.0 out of the door. But in order to do that, we'll need
> to cut -rc2 first, there's just too much change to jump right into final.
> The idea is to get -rc2 out next week (ie by Oct 21st at latest). If all
> goes well we'll just rename that to -final in a few weeks time, if all goes
> to hell we'll just have another -rc. Which I really, really dont want to
> happen. So what I've planned for -rc2 is this rather conservative
> cherry-picks from git master on top of the 4.13.x branch:
> d20b7d2 Fix rpmrichOpStr to use the new syntax
> 54f24ec Fix reading a memory right after the end of an allocated area.
> 7a84b45 Add support for various types of dependencies to rpmdeps tool
> 73ea59e fix %autopatch when patch do not exist
> 0d214a1 Permit scriptlet exec context setting to fail in non-enforcing modes
> f5bab7c Warn if epoch is not unsigned integer (rhbz:1251453)
> 5e94633 Make terminating build if version format is wrong configurable
> 90d8cc1 Ignore SIGPIPE signals during execucton of scriptlets (rhbz:1264198)
> 2dd0693 Fix SIGSEGV in case of old unsupported gpg keys (rhbz:1277464)
> 9c36ca4 Fix crash when parsing corrupted RPM file (rhbz:1273360)
> 1af568a Fix next_brace_sub() to return NULL if braces don't match.
> 61838b0 Remove size limit when expanding macros
> a0f2d94 Add possibility to disable file triggers.
> 5e4c16f Remove option --priority for file triggers, leave option -P
> aee8446 Rename expandMacrosU to rpmExpandMacros
> ddf9ec7 rpmExpandMacros() is modified to be able to return more return codes
> 8e847d5 Sanity check that there is at least one tag in header region
> 9aff39d Fix not chrooting transaction file triggers
> 8efe51e Add support for %missingok as a standalone file attribute
> 33158b3 Fix recursive calling of rpmdeps tool (rhbz:1297557)
> 231a721 Fix %autosetup to not cause errors during run of rpmspec tool
> 6e23e20 Fix memory leak in file triggers
> 448db68 Add RPMCALLBACK_ELEM_PROGRESS callback type
> 83219d0 Also block idle and sleep in the systemd-inhibit plugin
> cd02e06 Add support for MIPS release 6 - Add mips32 mips64 mipsel and mipseb
> macros
> 2166133 Use pkg->dpaths during dependency generation instead of buildRoot +
> filename
> d53499d Use %_build_cpu instead of noarch when evaluating ExcludeArch and
> ExclusiveArch
> cc61141 Fix memory leaks in rpmGetSubkeys() and pgpPrtParamsSubkeys()
> 19fe0d9 Add posix.redirect2null
> 877d5b1 Fix non-working combination of %lang and %doc directive
> (rhbz:1254483)
> 50905f4 Use fuzz settings for %autopatch/%autosetup
> dddc6e7 Misleading indentation fixes (GCC6)
> 4695533 Fix index generation of rich dependencies with an else part
> 9c1e995 Make creating index records consistent for rich and rich-weak deps
> e297b51 Add enahance dependency forgotten in the recent commit [1]
> 66a6082 Add %{_default_patch_flags} to %__patch which is used in %autosetup
> 69ed95e Enable --no-backup-if-mismatch by default in %patch macro
> (rhbz:884755)
> b722cf8 Fix reading rpmtd behind its size in formatValue() (rhbz:1316896)
> cddf43a Fix sigsegv in stringFormat() (rhbz:1316903)
> b4f0e7e Make sure getNEVRA always sets td.data
> 6ac793b Filter unversioned deps if corresponding versioned deps exist
> (rhbz:678605)
> 5d5dd56 Use armv7hl isa for all armhfp (armv7h*l) arches (#1326871)
> 258e306 Fix signing with non-ASCII uid keys (rhbz:1243963)
> 0964912 Fix off-by-one error
> 1aeddbc fix segfault when calling with args==NULL
> 4ec7c39 Add sepdebugcrcfix to fixup old style gnu_debuglink CRC checksum.
> 6b3b435 Add dwz debuginfo compression support.
> b33a41d Add find-debuginfo.sh -m minisymtab support.
> cf56793 rpmrc: Convert uname.machine == "riscv" to
> "riscv32"/"riscv64"/"riscv128".
> d9d47e0 RISCV 64-bit (riscv64) support.
> f255c6b Fix overflow in cpio filename by limiting the allowed length to 4kB
> e41550e Fix misleading-indentation in rpmplugins.c
> 7e26e2b Create files with with 000 permissions to avoid leaking yet
> unchecked data
> a6e662f rpm2archive: return 0 on success instead of stop iteration
> bd76111 find-debuginfo.sh: Don't copy extra sections into .gnu_debugdata.
> 6e7c6d1 Revised fix for CVE-2013-6435
> If that seems somewhat strange selection, that's because ... well, I agree
> it is. To minimize the risk of breaking anything, this is almost exactly
> what has been included in Fedora and Mageia rpm during the past year. Which
> means its reasonably tried and true code, which is exactly what we want to
> get the thing out of the door, fast.
> I know there's a huge pile of other important fixes and enhancements in git
> master waiting for an outlet. The idea is to get 4.13.0 out as soon as we
> can reasonably can, just to break the current logjam. And then immediately
> start looking forward to both new major release and backporting more goodies
> to 4.13.x in the meanwhile. Think on the order of three months max to
> 4.13.1.
> Anyway, the list above is not set in stone, otherwise there'd be little
> point in posting it here. If you think something absolutely critical is
> missing from that list, or that something should not be there, now is the
> time to speak up.

It would be nice to fix lib/rpmscript.c  so that filetriggers
warnings/errors would be reported as such instead of as regular (aka
package) triggers errors

The issue is that rpmScriptNew() doesn't know the type of triggers
(package, file) and thus it doesn't store the right thing in script->desc

Ie when findTag() is called, it doesn't know the type of triggers
(package, file), it just has enough info to know whether the script
comes from a trigger or from a regular scriptlet but file & pkg
triggers are threaded the same way because we don't have a
rpmscriptTriggerModes variable to consider
This makes harder to debug issues...

More information about the Rpm-maint mailing list