[Build-common-hackers] a WAF class for CDBS

Jonas Smedegaard dr at jones.dk
Wed Dec 29 23:41:38 UTC 2010

On Wed, Dec 29, 2010 at 07:39:02PM +0100, Rémi Thebault wrote:
>> Here's a proposed pseudo-code:
>> If not safetybelt-off; then
>>    do-checksum
>>    mesg checksum
>>    if checksum-match-fail (including no stored checksum at all); then
>>      unpack-waf
>>      error "waf checksum failed. inspect unpacked waf, and if ok
>>             store above calculated checksum as debian/waf.sha1sum
>>             and remove the unpacked files"
>> else
>>    warning "WARNING: waf file is executed without prior inspection!
>>             this might be unsafe - you have been warned...!"
>It's now implemented in waf.mk.in.


>unpack is done by a separate python script. (still must I test it on
>various waf versions).

Makes sense.

A few comments on your recent changes:

Arrrgh! Please be careful to commit each single logical code change 
separately, with a concise commit message - so we are best able to see 
via git changelog what has actually happened with the code. Better with 
one commit too many than one too few!  You (again!) committed 
autogenerated autotools files together with hand-coded changes, and 
changes with more invasive changes than the corresponding commit 
messages indicate!

Please avoid ifdef contruct!  I wrote bfore about this: it should 
generally be avoided as it causes order of snippet inclusion to matter, 
which is bad.  If you do not understand what I mean, then say so, and I 
can try clarify.  If you disagree then say so, and we can discuss it.  
Just being silent about my commenting on this while ignoring it, is 

There are stray trailing spaces in your Python script.

>I just have a little concern : the messages are drawn in too many 
>output since I do the tests with shell if and everything is echoed.
>I could put all those test and unpacking in a separate shell script and 
>echo only what I need. Or do you prefer implementation only in 

I prefer using make $(warning ) and $(error ).

Alternatively you can see utils.mk for an example of how to emit 
pseudo-code while silencing more convoluted actual code including 
shell-based error message.  But I don't recommend that - better to 
simplify by using make instead of shell.

Did you look into the relevancy of doing checksum of individual files 
inside the wad instead?

  - Jonas

  * Jonas Smedegaard - idealist & Internet-arkitekt
  * Tlf.: +45 40843136  Website: http://dr.jones.dk/

  [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/build-common-hackers/attachments/20101230/39575d57/attachment-0001.pgp>

More information about the Build-common-hackers mailing list