[Build-common-hackers] a WAF class for CDBS
Jonas Smedegaard
dr at jones.dk
Wed Dec 29 23:41:38 UTC 2010
On Wed, Dec 29, 2010 at 07:39:02PM +0100, Rémi Thebault wrote:
>
>
>> Here's a proposed pseudo-code:
>>
>> If not safetybelt-off; then
>> do-checksum
>> mesg checksum
>> if checksum-match-fail (including no stored checksum at all); then
>> unpack-waf
>> error "waf checksum failed. inspect unpacked waf, and if ok
>> store above calculated checksum as debian/waf.sha1sum
>> and remove the unpacked files"
>> else
>> warning "WARNING: waf file is executed without prior inspection!
>> this might be unsafe - you have been warned...!"
>
>It's now implemented in waf.mk.in.
Awesome!
>unpack is done by a separate python script. (still must I test it on
>various waf versions).
Makes sense.
A few comments on your recent changes:
Arrrgh! Please be careful to commit each single logical code change
separately, with a concise commit message - so we are best able to see
via git changelog what has actually happened with the code. Better with
one commit too many than one too few! You (again!) committed
autogenerated autotools files together with hand-coded changes, and
changes with more invasive changes than the corresponding commit
messages indicate!
Please avoid ifdef contruct! I wrote bfore about this: it should
generally be avoided as it causes order of snippet inclusion to matter,
which is bad. If you do not understand what I mean, then say so, and I
can try clarify. If you disagree then say so, and we can discuss it.
Just being silent about my commenting on this while ignoring it, is
annoying!
There are stray trailing spaces in your Python script.
>I just have a little concern : the messages are drawn in too many
>output since I do the tests with shell if and everything is echoed.
>I could put all those test and unpacking in a separate shell script and
>echo only what I need. Or do you prefer implementation only in
>makefile?
I prefer using make $(warning ) and $(error ).
Alternatively you can see utils.mk for an example of how to emit
pseudo-code while silencing more convoluted actual code including
shell-based error message. But I don't recommend that - better to
simplify by using make instead of shell.
Did you look into the relevancy of doing checksum of individual files
inside the wad instead?
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/build-common-hackers/attachments/20101230/39575d57/attachment-0001.pgp>
More information about the Build-common-hackers
mailing list