2014-09-01 02:13:21 +02:00
|
|
|
|
;;; GNU Guix --- Functional package management for GNU
|
|
|
|
|
;;; Copyright © 2014 Cyril Roelandt <tipecaml@gmail.com>
|
2015-09-10 22:34:58 +02:00
|
|
|
|
;;; Copyright © 2014, 2015 Eric Bavier <bavier@member.fsf.org>
|
2016-01-06 15:53:20 +01:00
|
|
|
|
;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
|
2016-01-24 15:21:10 +01:00
|
|
|
|
;;; Copyright © 2015, 2016 Mathieu Lirzin <mthl@gnu.org>
|
2016-04-08 17:59:12 +02:00
|
|
|
|
;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
|
2014-09-01 02:13:21 +02:00
|
|
|
|
;;;
|
|
|
|
|
;;; This file is part of GNU Guix.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is free software; you can redistribute it and/or modify it
|
|
|
|
|
;;; under the terms of the GNU General Public License as published by
|
|
|
|
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
|
|
|
|
;;; your option) any later version.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is distributed in the hope that it will be useful, but
|
|
|
|
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
;;; GNU General Public License for more details.
|
|
|
|
|
;;;
|
|
|
|
|
;;; You should have received a copy of the GNU General Public License
|
|
|
|
|
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
|
|
(define-module (guix scripts lint)
|
2016-03-17 21:36:22 +01:00
|
|
|
|
#:use-module ((guix store) #:hide (close-connection))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
#:use-module (guix base32)
|
2014-12-29 04:38:15 +01:00
|
|
|
|
#:use-module (guix download)
|
2015-01-28 19:49:53 +01:00
|
|
|
|
#:use-module (guix ftp-client)
|
2016-03-04 10:44:08 +01:00
|
|
|
|
#:use-module (guix http-client)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
#:use-module (guix packages)
|
2015-09-06 10:54:51 +02:00
|
|
|
|
#:use-module (guix licenses)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
#:use-module (guix records)
|
|
|
|
|
#:use-module (guix ui)
|
|
|
|
|
#:use-module (guix utils)
|
utils: Move combinators to (guix combinators).
* guix/utils.scm (compile-time-value, memoize, fold2)
(fold-tree, fold-tree-leaves): Move to...
* guix/combinators: ... here. New file.
* tests/utils.scm ("fold2, 1 list", "fold2, 2 lists")
(fold-tree tests): Move to...
* tests/combinators.scm: ... here. New file.
* Makefile.am (MODULES, SCM_TESTS): Add them.
* gnu/packages.scm, gnu/packages/bootstrap.scm,
gnu/services/herd.scm, guix/build-system/gnu.scm,
guix/build-system/python.scm, guix/derivations.scm,
guix/gnu-maintenance.scm, guix/import/elpa.scm,
guix/scripts/archive.scm, guix/scripts/build.scm,
guix/scripts/graph.scm, guix/scripts/lint.scm,
guix/scripts/size.scm, guix/scripts/substitute.scm,
guix/serialization.scm, guix/store.scm, guix/ui.scm: Adjust imports
accordingly.
2016-05-04 17:35:47 +02:00
|
|
|
|
#:use-module (guix combinators)
|
2015-09-10 11:37:36 +02:00
|
|
|
|
#:use-module (guix scripts)
|
2014-11-07 17:34:15 +01:00
|
|
|
|
#:use-module (guix gnu-maintenance)
|
2015-05-31 23:22:29 +02:00
|
|
|
|
#:use-module (guix monads)
|
2015-11-26 22:59:06 +01:00
|
|
|
|
#:use-module (guix cve)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
#:use-module (gnu packages)
|
|
|
|
|
#:use-module (ice-9 match)
|
2014-10-22 20:47:01 +02:00
|
|
|
|
#:use-module (ice-9 regex)
|
|
|
|
|
#:use-module (ice-9 format)
|
2014-12-28 17:55:16 +01:00
|
|
|
|
#:use-module (web uri)
|
|
|
|
|
#:use-module ((guix build download)
|
2014-12-29 04:38:15 +01:00
|
|
|
|
#:select (maybe-expand-mirrors
|
2016-03-17 21:36:22 +01:00
|
|
|
|
open-connection-for-uri
|
|
|
|
|
close-connection))
|
2014-12-28 17:55:16 +01:00
|
|
|
|
#:use-module (web request)
|
|
|
|
|
#:use-module (web response)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
#:use-module (srfi srfi-1)
|
2015-05-31 23:22:29 +02:00
|
|
|
|
#:use-module (srfi srfi-6) ;Unicode string ports
|
2014-09-01 02:13:21 +02:00
|
|
|
|
#:use-module (srfi srfi-9)
|
|
|
|
|
#:use-module (srfi srfi-11)
|
2014-12-29 04:38:15 +01:00
|
|
|
|
#:use-module (srfi srfi-26)
|
2015-04-10 10:27:26 +02:00
|
|
|
|
#:use-module (srfi srfi-34)
|
|
|
|
|
#:use-module (srfi srfi-35)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
#:use-module (srfi srfi-37)
|
2015-08-19 11:22:07 +02:00
|
|
|
|
#:use-module (ice-9 rdelim)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
#:export (guix-lint
|
2014-09-27 23:00:44 +02:00
|
|
|
|
check-description-style
|
2014-09-01 02:13:21 +02:00
|
|
|
|
check-inputs-should-be-native
|
2015-04-10 10:08:49 +02:00
|
|
|
|
check-patch-file-names
|
2014-12-29 20:39:58 +01:00
|
|
|
|
check-synopsis-style
|
2015-04-12 23:14:19 +02:00
|
|
|
|
check-derivation
|
2015-03-05 22:16:01 +01:00
|
|
|
|
check-home-page
|
2015-08-19 11:22:07 +02:00
|
|
|
|
check-source
|
2015-09-10 22:34:58 +02:00
|
|
|
|
check-source-file-name
|
2015-09-06 10:54:51 +02:00
|
|
|
|
check-license
|
2015-11-26 22:59:06 +01:00
|
|
|
|
check-vulnerabilities
|
2015-08-12 13:17:44 +02:00
|
|
|
|
check-formatting
|
2015-10-01 20:10:16 +02:00
|
|
|
|
run-checkers
|
2015-08-12 13:17:44 +02:00
|
|
|
|
|
|
|
|
|
%checkers
|
|
|
|
|
lint-checker
|
|
|
|
|
lint-checker?
|
|
|
|
|
lint-checker-name
|
|
|
|
|
lint-checker-description
|
|
|
|
|
lint-checker-check))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Helpers
|
|
|
|
|
;;;
|
|
|
|
|
(define* (emit-warning package message #:optional field)
|
|
|
|
|
;; Emit a warning about PACKAGE, printing the location of FIELD if it is
|
|
|
|
|
;; given, the location of PACKAGE otherwise, the full name of PACKAGE and the
|
|
|
|
|
;; provided MESSAGE.
|
|
|
|
|
(let ((loc (or (package-field-location package field)
|
|
|
|
|
(package-location package))))
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(format (guix-warning-port) "~a: ~a: ~a~%"
|
2014-09-03 09:01:28 +02:00
|
|
|
|
(location->string loc)
|
|
|
|
|
(package-full-name package)
|
|
|
|
|
message)))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
2015-05-31 23:22:29 +02:00
|
|
|
|
(define (call-with-accumulated-warnings thunk)
|
|
|
|
|
"Call THUNK, accumulating any warnings in the current state, using the state
|
|
|
|
|
monad."
|
|
|
|
|
(let ((port (open-output-string)))
|
|
|
|
|
(mlet %state-monad ((state (current-state))
|
|
|
|
|
(result -> (parameterize ((guix-warning-port port))
|
|
|
|
|
(thunk)))
|
|
|
|
|
(warning -> (get-output-string port)))
|
|
|
|
|
(mbegin %state-monad
|
|
|
|
|
(munless (string=? "" warning)
|
|
|
|
|
(set-current-state (cons warning state)))
|
|
|
|
|
(return result)))))
|
|
|
|
|
|
|
|
|
|
(define-syntax-rule (with-accumulated-warnings exp ...)
|
|
|
|
|
"Evaluate EXP and accumulate warnings in the state monad."
|
|
|
|
|
(call-with-accumulated-warnings
|
|
|
|
|
(lambda ()
|
|
|
|
|
exp ...)))
|
|
|
|
|
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Checkers
|
|
|
|
|
;;;
|
|
|
|
|
(define-record-type* <lint-checker>
|
|
|
|
|
lint-checker make-lint-checker
|
|
|
|
|
lint-checker?
|
|
|
|
|
;; TODO: add a 'certainty' field that shows how confident we are in the
|
|
|
|
|
;; checker. Then allow users to only run checkers that have a certain
|
|
|
|
|
;; 'certainty' level.
|
|
|
|
|
(name lint-checker-name)
|
|
|
|
|
(description lint-checker-description)
|
|
|
|
|
(check lint-checker-check))
|
|
|
|
|
|
|
|
|
|
(define (list-checkers-and-exit)
|
|
|
|
|
;; Print information about all available checkers and exit.
|
|
|
|
|
(format #t (_ "Available checkers:~%"))
|
|
|
|
|
(for-each (lambda (checker)
|
|
|
|
|
(format #t "- ~a: ~a~%"
|
|
|
|
|
(lint-checker-name checker)
|
2014-11-19 22:44:22 +01:00
|
|
|
|
(_ (lint-checker-description checker))))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
%checkers)
|
|
|
|
|
(exit 0))
|
|
|
|
|
|
2014-10-25 18:29:34 +02:00
|
|
|
|
(define (properly-starts-sentence? s)
|
2015-09-22 15:11:48 +02:00
|
|
|
|
(string-match "^[(\"'`[:upper:][:digit:]]" s))
|
2014-09-27 23:00:44 +02:00
|
|
|
|
|
2014-11-07 17:44:30 +01:00
|
|
|
|
(define (starts-with-abbreviation? s)
|
|
|
|
|
"Return #t if S starts with what looks like an abbreviation or acronym."
|
|
|
|
|
(string-match "^[A-Z][A-Z0-9]+\\>" s))
|
|
|
|
|
|
2016-10-19 13:55:25 +02:00
|
|
|
|
(define %quoted-identifier-rx
|
|
|
|
|
;; A quoted identifier, like 'this'.
|
|
|
|
|
(make-regexp "['`][[:graph:]]+'"))
|
|
|
|
|
|
2014-09-27 23:00:44 +02:00
|
|
|
|
(define (check-description-style package)
|
|
|
|
|
;; Emit a warning if stylistic issues are found in the description of PACKAGE.
|
2014-10-22 20:48:55 +02:00
|
|
|
|
(define (check-not-empty description)
|
|
|
|
|
(when (string-null? description)
|
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "description should not be empty")
|
2014-10-22 20:48:55 +02:00
|
|
|
|
'description)))
|
|
|
|
|
|
2015-09-20 12:27:23 +02:00
|
|
|
|
(define (check-texinfo-markup description)
|
|
|
|
|
"Check that DESCRIPTION can be parsed as a Texinfo fragment. If the
|
|
|
|
|
markup is valid return a plain-text version of DESCRIPTION, otherwise #f."
|
2015-09-26 18:47:37 +02:00
|
|
|
|
(catch #t
|
|
|
|
|
(lambda () (texi->plain-text description))
|
|
|
|
|
(lambda (keys . args)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(_ "Texinfo markup in description is invalid")
|
|
|
|
|
'description)
|
|
|
|
|
#f)))
|
2015-09-15 17:38:56 +02:00
|
|
|
|
|
2016-08-23 09:08:02 +02:00
|
|
|
|
(define (check-trademarks description)
|
|
|
|
|
"Check that DESCRIPTION does not contain '™' or '®' characters. See
|
|
|
|
|
http://www.gnu.org/prep/standards/html_node/Trademarks.html."
|
|
|
|
|
(match (string-index description (char-set #\™ #\®))
|
|
|
|
|
((and (? number?) index)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f (_ "description should not contain ~
|
|
|
|
|
trademark sign '~a' at ~d")
|
|
|
|
|
(string-ref description index) index)
|
|
|
|
|
'description))
|
|
|
|
|
(else #t)))
|
|
|
|
|
|
2016-10-19 13:55:25 +02:00
|
|
|
|
(define (check-quotes description)
|
|
|
|
|
"Check whether DESCRIPTION contains single quotes and suggest @code."
|
|
|
|
|
(when (regexp-exec %quoted-identifier-rx description)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
|
|
|
|
|
;; TRANSLATORS: '@code' is Texinfo markup and must be kept
|
|
|
|
|
;; as is.
|
|
|
|
|
(_ "use @code or similar ornament instead of quotes")
|
|
|
|
|
'description)))
|
|
|
|
|
|
2014-10-25 18:29:34 +02:00
|
|
|
|
(define (check-proper-start description)
|
2014-10-26 18:36:42 +01:00
|
|
|
|
(unless (or (properly-starts-sentence? description)
|
|
|
|
|
(string-prefix-ci? (package-name package) description))
|
2014-10-22 20:47:01 +02:00
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "description should start with an upper-case letter or digit")
|
2014-10-22 20:47:01 +02:00
|
|
|
|
'description)))
|
|
|
|
|
|
|
|
|
|
(define (check-end-of-sentence-space description)
|
|
|
|
|
"Check that an end-of-sentence period is followed by two spaces."
|
|
|
|
|
(let ((infractions
|
|
|
|
|
(reverse (fold-matches
|
|
|
|
|
"\\. [A-Z]" description '()
|
|
|
|
|
(lambda (m r)
|
|
|
|
|
;; Filter out matches of common abbreviations.
|
|
|
|
|
(if (find (lambda (s)
|
|
|
|
|
(string-suffix-ci? s (match:prefix m)))
|
|
|
|
|
'("i.e" "e.g" "a.k.a" "resp"))
|
|
|
|
|
r (cons (match:start m) r)))))))
|
|
|
|
|
(unless (null? infractions)
|
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(format #f (_ "sentences in description should be followed ~
|
|
|
|
|
by two spaces; possible infraction~p at ~{~a~^, ~}")
|
2014-10-22 20:47:01 +02:00
|
|
|
|
(length infractions)
|
|
|
|
|
infractions)
|
|
|
|
|
'description))))
|
|
|
|
|
|
|
|
|
|
(let ((description (package-description package)))
|
2016-04-27 10:05:45 +02:00
|
|
|
|
(if (string? description)
|
|
|
|
|
(begin
|
|
|
|
|
(check-not-empty description)
|
2016-10-19 13:55:25 +02:00
|
|
|
|
(check-quotes description)
|
2016-08-23 09:08:02 +02:00
|
|
|
|
(check-trademarks description)
|
2016-04-27 10:05:45 +02:00
|
|
|
|
;; Use raw description for this because Texinfo rendering
|
|
|
|
|
;; automatically fixes end of sentence space.
|
|
|
|
|
(check-end-of-sentence-space description)
|
|
|
|
|
(and=> (check-texinfo-markup description)
|
|
|
|
|
check-proper-start))
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f (_ "invalid description: ~s") description)
|
|
|
|
|
'description))))
|
2014-09-27 23:00:44 +02:00
|
|
|
|
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(define (check-inputs-should-be-native package)
|
|
|
|
|
;; Emit a warning if some inputs of PACKAGE are likely to belong to its
|
|
|
|
|
;; native inputs.
|
2016-07-22 19:50:54 +02:00
|
|
|
|
(let ((linted package)
|
|
|
|
|
(inputs (package-inputs package))
|
2016-08-01 16:13:40 +02:00
|
|
|
|
(native-inputs
|
|
|
|
|
'("pkg-config"
|
|
|
|
|
"extra-cmake-modules"
|
|
|
|
|
"glib:bin"
|
|
|
|
|
"intltool"
|
|
|
|
|
"itstool"
|
|
|
|
|
"qttools")))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(match inputs
|
2016-07-22 19:50:54 +02:00
|
|
|
|
(((labels packages . outputs) ...)
|
|
|
|
|
(for-each (lambda (package output)
|
|
|
|
|
(when (package? package)
|
|
|
|
|
(let ((input (string-append
|
|
|
|
|
(package-name package)
|
|
|
|
|
(if (> (length output) 0)
|
|
|
|
|
(string-append ":" (car output))
|
|
|
|
|
""))))
|
|
|
|
|
(when (member input native-inputs)
|
|
|
|
|
(emit-warning linted
|
|
|
|
|
(format #f (_ "'~a' should probably \
|
|
|
|
|
be a native input")
|
|
|
|
|
input)
|
|
|
|
|
'inputs)))))
|
|
|
|
|
packages outputs)))))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
2014-11-07 14:09:19 +01:00
|
|
|
|
(define (package-name-regexp package)
|
|
|
|
|
"Return a regexp that matches PACKAGE's name as a word at the beginning of a
|
|
|
|
|
line."
|
|
|
|
|
(make-regexp (string-append "^" (regexp-quote (package-name package))
|
|
|
|
|
"\\>")
|
|
|
|
|
regexp/icase))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
|
|
|
|
(define (check-synopsis-style package)
|
|
|
|
|
;; Emit a warning if stylistic issues are found in the synopsis of PACKAGE.
|
2014-10-22 20:48:55 +02:00
|
|
|
|
(define (check-not-empty synopsis)
|
|
|
|
|
(when (string-null? synopsis)
|
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "synopsis should not be empty")
|
2014-10-22 20:48:55 +02:00
|
|
|
|
'synopsis)))
|
|
|
|
|
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(define (check-final-period synopsis)
|
|
|
|
|
;; Synopsis should not end with a period, except for some special cases.
|
2014-10-22 19:01:04 +02:00
|
|
|
|
(when (and (string-suffix? "." synopsis)
|
|
|
|
|
(not (string-suffix? "etc." synopsis)))
|
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "no period allowed at the end of the synopsis")
|
2014-10-22 19:01:04 +02:00
|
|
|
|
'synopsis)))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
2014-11-07 17:34:15 +01:00
|
|
|
|
(define check-start-article
|
|
|
|
|
;; Skip this check for GNU packages, as suggested by Karl Berry's reply to
|
|
|
|
|
;; <http://lists.gnu.org/archive/html/bug-womb/2014-11/msg00000.html>.
|
|
|
|
|
(if (false-if-exception (gnu-package? package))
|
|
|
|
|
(const #t)
|
|
|
|
|
(lambda (synopsis)
|
|
|
|
|
(when (or (string-prefix-ci? "A " synopsis)
|
|
|
|
|
(string-prefix-ci? "An " synopsis))
|
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "no article allowed at the beginning of \
|
|
|
|
|
the synopsis")
|
2014-11-07 17:34:15 +01:00
|
|
|
|
'synopsis)))))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
2014-09-27 21:39:19 +02:00
|
|
|
|
(define (check-synopsis-length synopsis)
|
2014-10-22 19:01:04 +02:00
|
|
|
|
(when (>= (string-length synopsis) 80)
|
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "synopsis should be less than 80 characters long")
|
2014-10-22 19:01:04 +02:00
|
|
|
|
'synopsis)))
|
2014-09-27 21:39:19 +02:00
|
|
|
|
|
2014-10-25 18:29:34 +02:00
|
|
|
|
(define (check-proper-start synopsis)
|
|
|
|
|
(unless (properly-starts-sentence? synopsis)
|
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "synopsis should start with an upper-case letter or digit")
|
2014-10-25 18:29:34 +02:00
|
|
|
|
'synopsis)))
|
2014-09-27 23:00:44 +02:00
|
|
|
|
|
2014-09-27 23:24:12 +02:00
|
|
|
|
(define (check-start-with-package-name synopsis)
|
2014-11-07 17:44:30 +01:00
|
|
|
|
(when (and (regexp-exec (package-name-regexp package) synopsis)
|
|
|
|
|
(not (starts-with-abbreviation? synopsis)))
|
2014-10-22 16:20:20 +02:00
|
|
|
|
(emit-warning package
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "synopsis should not start with the package name")
|
2014-10-22 16:20:20 +02:00
|
|
|
|
'synopsis)))
|
2014-09-27 23:24:12 +02:00
|
|
|
|
|
2016-04-27 10:05:45 +02:00
|
|
|
|
(define checks
|
|
|
|
|
(list check-not-empty check-proper-start check-final-period
|
|
|
|
|
check-start-article check-start-with-package-name
|
|
|
|
|
check-synopsis-length))
|
|
|
|
|
|
|
|
|
|
(match (package-synopsis package)
|
|
|
|
|
((? string? synopsis)
|
|
|
|
|
(for-each (lambda (proc)
|
|
|
|
|
(proc synopsis))
|
|
|
|
|
checks))
|
|
|
|
|
(invalid
|
|
|
|
|
(emit-warning package (format #f (_ "invalid synopsis: ~s") invalid)
|
|
|
|
|
'synopsis))))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
2015-11-12 23:17:12 +01:00
|
|
|
|
(define* (probe-uri uri #:key timeout)
|
2014-12-28 17:55:16 +01:00
|
|
|
|
"Probe URI, a URI object, and return two values: a symbol denoting the
|
|
|
|
|
probing status, such as 'http-response' when we managed to get an HTTP
|
2015-11-12 23:17:12 +01:00
|
|
|
|
response from URI, and additional details, such as the actual HTTP response.
|
|
|
|
|
|
|
|
|
|
TIMEOUT is the maximum number of seconds (possibly an inexact number) to wait
|
|
|
|
|
for connections to complete; when TIMEOUT is #f, wait as long as needed."
|
2014-12-28 17:55:16 +01:00
|
|
|
|
(define headers
|
|
|
|
|
'((User-Agent . "GNU Guile")
|
|
|
|
|
(Accept . "*/*")))
|
|
|
|
|
|
|
|
|
|
(let loop ((uri uri)
|
|
|
|
|
(visited '()))
|
|
|
|
|
(match (uri-scheme uri)
|
|
|
|
|
((or 'http 'https)
|
|
|
|
|
(catch #t
|
|
|
|
|
(lambda ()
|
2015-11-12 23:17:12 +01:00
|
|
|
|
(let ((port (open-connection-for-uri uri #:timeout timeout))
|
2014-12-28 17:55:16 +01:00
|
|
|
|
(request (build-request uri #:headers headers)))
|
|
|
|
|
(define response
|
|
|
|
|
(dynamic-wind
|
|
|
|
|
(const #f)
|
|
|
|
|
(lambda ()
|
|
|
|
|
(write-request request port)
|
|
|
|
|
(force-output port)
|
|
|
|
|
(read-response port))
|
|
|
|
|
(lambda ()
|
2016-03-17 21:36:22 +01:00
|
|
|
|
(close-connection port))))
|
2014-12-28 17:55:16 +01:00
|
|
|
|
|
|
|
|
|
(case (response-code response)
|
|
|
|
|
((301 302 307)
|
|
|
|
|
(let ((location (response-location response)))
|
|
|
|
|
(if (or (not location) (member location visited))
|
|
|
|
|
(values 'http-response response)
|
|
|
|
|
(loop location (cons location visited))))) ;follow the redirect
|
|
|
|
|
(else
|
|
|
|
|
(values 'http-response response)))))
|
|
|
|
|
(lambda (key . args)
|
|
|
|
|
(case key
|
|
|
|
|
((bad-header bad-header-component)
|
|
|
|
|
;; This can happen if the server returns an invalid HTTP header,
|
|
|
|
|
;; as is the case with the 'Date' header at sqlite.org.
|
|
|
|
|
(values 'invalid-http-response #f))
|
2016-11-07 23:07:08 +01:00
|
|
|
|
((getaddrinfo-error system-error
|
|
|
|
|
gnutls-error tls-certificate-error)
|
2014-12-28 17:55:16 +01:00
|
|
|
|
(values key args))
|
|
|
|
|
(else
|
|
|
|
|
(apply throw key args))))))
|
2015-01-28 19:49:53 +01:00
|
|
|
|
('ftp
|
|
|
|
|
(catch #t
|
|
|
|
|
(lambda ()
|
2015-11-22 14:35:28 +01:00
|
|
|
|
(let ((conn (ftp-open (uri-host uri) #:timeout timeout)))
|
2015-01-28 19:49:53 +01:00
|
|
|
|
(define response
|
|
|
|
|
(dynamic-wind
|
|
|
|
|
(const #f)
|
|
|
|
|
(lambda ()
|
2015-03-19 11:23:47 +01:00
|
|
|
|
(ftp-chdir conn (dirname (uri-path uri)))
|
|
|
|
|
(ftp-size conn (basename (uri-path uri))))
|
2015-01-28 19:49:53 +01:00
|
|
|
|
(lambda ()
|
2015-03-19 11:23:47 +01:00
|
|
|
|
(ftp-close conn))))
|
2015-03-19 11:45:04 +01:00
|
|
|
|
(values 'ftp-response '(ok))))
|
2015-01-28 19:49:53 +01:00
|
|
|
|
(lambda (key . args)
|
|
|
|
|
(case key
|
2015-03-19 11:45:04 +01:00
|
|
|
|
((ftp-error)
|
|
|
|
|
(values 'ftp-response `(error ,@args)))
|
2015-01-28 19:49:53 +01:00
|
|
|
|
((getaddrinfo-error system-error gnutls-error)
|
|
|
|
|
(values key args))
|
|
|
|
|
(else
|
|
|
|
|
(apply throw key args))))))
|
2014-12-28 17:55:16 +01:00
|
|
|
|
(_
|
2015-01-28 19:49:53 +01:00
|
|
|
|
(values 'unknown-protocol #f)))))
|
2014-12-28 17:55:16 +01:00
|
|
|
|
|
2016-11-09 16:27:29 +01:00
|
|
|
|
(define (tls-certificate-error-string args)
|
|
|
|
|
"Return a string explaining the 'tls-certificate-error' arguments ARGS."
|
|
|
|
|
(call-with-output-string
|
|
|
|
|
(lambda (port)
|
|
|
|
|
(print-exception port #f
|
|
|
|
|
'tls-certificate-error args))))
|
|
|
|
|
|
2014-12-29 04:38:15 +01:00
|
|
|
|
(define (validate-uri uri package field)
|
2015-05-31 23:13:09 +02:00
|
|
|
|
"Return #t if the given URI can be reached, otherwise return #f and emit a
|
2014-12-29 04:38:15 +01:00
|
|
|
|
warning for PACKAGE mentionning the FIELD."
|
|
|
|
|
(let-values (((status argument)
|
2015-11-12 23:17:12 +01:00
|
|
|
|
(probe-uri uri #:timeout 3))) ;wait at most 3 seconds
|
2014-12-29 04:38:15 +01:00
|
|
|
|
(case status
|
|
|
|
|
((http-response)
|
2016-07-13 00:50:05 +02:00
|
|
|
|
(if (= 200 (response-code argument))
|
|
|
|
|
(match (response-content-length argument)
|
|
|
|
|
((? number? length)
|
|
|
|
|
;; As of July 2016, SourceForge returns 200 (instead of 404)
|
|
|
|
|
;; with a small HTML page upon failure. Attempt to detect such
|
|
|
|
|
;; malicious behavior.
|
|
|
|
|
(or (> length 1000)
|
|
|
|
|
(begin
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f
|
|
|
|
|
(_ "URI ~a returned \
|
|
|
|
|
suspiciously small file (~a bytes)")
|
|
|
|
|
(uri->string uri)
|
|
|
|
|
length))
|
|
|
|
|
#f)))
|
|
|
|
|
(_ #t))
|
2015-05-31 23:13:09 +02:00
|
|
|
|
(begin
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f
|
|
|
|
|
(_ "URI ~a not reachable: ~a (~s)")
|
|
|
|
|
(uri->string uri)
|
|
|
|
|
(response-code argument)
|
|
|
|
|
(response-reason-phrase argument))
|
|
|
|
|
field)
|
|
|
|
|
#f)))
|
2015-01-28 19:49:53 +01:00
|
|
|
|
((ftp-response)
|
2015-03-19 11:45:04 +01:00
|
|
|
|
(match argument
|
|
|
|
|
(('ok) #t)
|
|
|
|
|
(('error port command code message)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f
|
|
|
|
|
(_ "URI ~a not reachable: ~a (~s)")
|
|
|
|
|
(uri->string uri)
|
2015-05-31 23:13:09 +02:00
|
|
|
|
code (string-trim-both message)))
|
|
|
|
|
#f)))
|
2014-12-29 04:38:15 +01:00
|
|
|
|
((getaddrinfo-error)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f
|
|
|
|
|
(_ "URI ~a domain not found: ~a")
|
|
|
|
|
(uri->string uri)
|
|
|
|
|
(gai-strerror (car argument)))
|
2015-01-26 00:19:04 +01:00
|
|
|
|
field)
|
|
|
|
|
#f)
|
2014-12-29 04:38:15 +01:00
|
|
|
|
((system-error)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f
|
|
|
|
|
(_ "URI ~a unreachable: ~a")
|
|
|
|
|
(uri->string uri)
|
|
|
|
|
(strerror
|
|
|
|
|
(system-error-errno
|
|
|
|
|
(cons status argument))))
|
2015-01-26 00:19:04 +01:00
|
|
|
|
field)
|
|
|
|
|
#f)
|
2016-11-07 23:07:08 +01:00
|
|
|
|
((tls-certificate-error)
|
|
|
|
|
(emit-warning package
|
2016-11-09 16:27:29 +01:00
|
|
|
|
(format #f (_ "TLS certificate error: ~a")
|
|
|
|
|
(tls-certificate-error-string argument))))
|
2014-12-29 04:38:15 +01:00
|
|
|
|
((invalid-http-response gnutls-error)
|
|
|
|
|
;; Probably a misbehaving server; ignore.
|
|
|
|
|
#f)
|
2015-01-28 19:49:53 +01:00
|
|
|
|
((unknown-protocol) ;nothing we can do
|
2014-12-29 04:38:15 +01:00
|
|
|
|
#f)
|
|
|
|
|
(else
|
2015-01-26 00:19:04 +01:00
|
|
|
|
(error "internal linter error" status)))))
|
2014-12-29 04:38:15 +01:00
|
|
|
|
|
2014-12-28 17:55:16 +01:00
|
|
|
|
(define (check-home-page package)
|
|
|
|
|
"Emit a warning if PACKAGE has an invalid 'home-page' field, or if that
|
|
|
|
|
'home-page' is not reachable."
|
|
|
|
|
(let ((uri (and=> (package-home-page package) string->uri)))
|
|
|
|
|
(cond
|
|
|
|
|
((uri? uri)
|
2014-12-29 04:38:15 +01:00
|
|
|
|
(validate-uri uri package 'home-page))
|
2014-12-28 17:55:16 +01:00
|
|
|
|
((not (package-home-page package))
|
|
|
|
|
(unless (or (string-contains (package-name package) "bootstrap")
|
|
|
|
|
(string=? (package-name package) "ld-wrapper"))
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(_ "invalid value for home page")
|
|
|
|
|
'home-page)))
|
|
|
|
|
(else
|
|
|
|
|
(emit-warning package (format #f (_ "invalid home page URL: ~s")
|
|
|
|
|
(package-home-page package))
|
|
|
|
|
'home-page)))))
|
|
|
|
|
|
2015-04-10 10:08:49 +02:00
|
|
|
|
(define (check-patch-file-names package)
|
2015-04-10 10:27:26 +02:00
|
|
|
|
"Emit a warning if the patches requires by PACKAGE are badly named or if the
|
|
|
|
|
patch could not be found."
|
2016-01-24 15:15:54 +01:00
|
|
|
|
(guard (c ((message-condition? c) ;raised by 'search-patch'
|
2015-04-10 10:27:26 +02:00
|
|
|
|
(emit-warning package (condition-message c)
|
|
|
|
|
'patch-file-names)))
|
2016-01-24 15:15:54 +01:00
|
|
|
|
(unless (every (match-lambda ;patch starts with package name?
|
|
|
|
|
((? string? patch)
|
|
|
|
|
(and=> (string-contains (basename patch)
|
|
|
|
|
(package-name package))
|
|
|
|
|
zero?))
|
|
|
|
|
(_ #f)) ;must be an <origin> or something like that.
|
|
|
|
|
(or (and=> (package-source package) origin-patches)
|
|
|
|
|
'()))
|
|
|
|
|
(emit-warning
|
|
|
|
|
package
|
|
|
|
|
(_ "file names of patches should start with the package name")
|
|
|
|
|
'patch-file-names))))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
2014-11-19 22:52:14 +01:00
|
|
|
|
(define (escape-quotes str)
|
|
|
|
|
"Replace any quote character in STR by an escaped quote character."
|
|
|
|
|
(list->string
|
|
|
|
|
(string-fold-right (lambda (chr result)
|
|
|
|
|
(match chr
|
|
|
|
|
(#\" (cons* #\\ #\"result))
|
|
|
|
|
(_ (cons chr result))))
|
|
|
|
|
'()
|
|
|
|
|
str)))
|
|
|
|
|
|
|
|
|
|
(define official-gnu-packages*
|
|
|
|
|
(memoize
|
|
|
|
|
(lambda ()
|
|
|
|
|
"A memoizing version of 'official-gnu-packages' that returns the empty
|
|
|
|
|
list when something goes wrong, such as a networking issue."
|
|
|
|
|
(let ((gnus (false-if-exception (official-gnu-packages))))
|
|
|
|
|
(or gnus '())))))
|
|
|
|
|
|
|
|
|
|
(define (check-gnu-synopsis+description package)
|
|
|
|
|
"Make sure that, if PACKAGE is a GNU package, it uses the synopsis and
|
|
|
|
|
descriptions maintained upstream."
|
|
|
|
|
(match (find (lambda (descriptor)
|
|
|
|
|
(string=? (gnu-package-name descriptor)
|
|
|
|
|
(package-name package)))
|
|
|
|
|
(official-gnu-packages*))
|
|
|
|
|
(#f ;not a GNU package, so nothing to do
|
|
|
|
|
#t)
|
2016-04-27 10:05:45 +02:00
|
|
|
|
(descriptor ;a genuine GNU package
|
2014-11-19 22:52:14 +01:00
|
|
|
|
(let ((upstream (gnu-package-doc-summary descriptor))
|
|
|
|
|
(downstream (package-synopsis package))
|
|
|
|
|
(loc (or (package-field-location package 'synopsis)
|
|
|
|
|
(package-location package))))
|
2016-04-27 10:05:45 +02:00
|
|
|
|
(when (and upstream
|
|
|
|
|
(or (not (string? downstream))
|
|
|
|
|
(not (string=? upstream downstream))))
|
2014-11-19 22:52:14 +01:00
|
|
|
|
(format (guix-warning-port)
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "~a: ~a: proposed synopsis: ~s~%")
|
2014-11-19 22:52:14 +01:00
|
|
|
|
(location->string loc) (package-full-name package)
|
|
|
|
|
upstream)))
|
|
|
|
|
|
|
|
|
|
(let ((upstream (gnu-package-doc-description descriptor))
|
|
|
|
|
(downstream (package-description package))
|
|
|
|
|
(loc (or (package-field-location package 'description)
|
|
|
|
|
(package-location package))))
|
|
|
|
|
(when (and upstream
|
2016-04-27 10:05:45 +02:00
|
|
|
|
(or (not (string? downstream))
|
|
|
|
|
(not (string=? (fill-paragraph upstream 100)
|
|
|
|
|
(fill-paragraph downstream 100)))))
|
2014-11-19 22:52:14 +01:00
|
|
|
|
(format (guix-warning-port)
|
2014-11-19 22:42:23 +01:00
|
|
|
|
(_ "~a: ~a: proposed description:~% \"~a\"~%")
|
2014-11-19 22:52:14 +01:00
|
|
|
|
(location->string loc) (package-full-name package)
|
|
|
|
|
(fill-paragraph (escape-quotes upstream) 77 7)))))))
|
|
|
|
|
|
2014-12-29 04:38:15 +01:00
|
|
|
|
(define (check-source package)
|
|
|
|
|
"Emit a warning if PACKAGE has an invalid 'source' field, or if that
|
|
|
|
|
'source' is not reachable."
|
2015-05-31 23:22:29 +02:00
|
|
|
|
(define (try-uris uris)
|
|
|
|
|
(run-with-state
|
|
|
|
|
(anym %state-monad
|
|
|
|
|
(lambda (uri)
|
|
|
|
|
(with-accumulated-warnings
|
|
|
|
|
(validate-uri uri package 'source)))
|
|
|
|
|
(append-map (cut maybe-expand-mirrors <> %mirrors)
|
|
|
|
|
uris))
|
|
|
|
|
'()))
|
|
|
|
|
|
2014-12-29 04:38:15 +01:00
|
|
|
|
(let ((origin (package-source package)))
|
|
|
|
|
(when (and origin
|
|
|
|
|
(eqv? (origin-method origin) url-fetch))
|
|
|
|
|
(let* ((strings (origin-uri origin))
|
|
|
|
|
(uris (if (list? strings)
|
|
|
|
|
(map string->uri strings)
|
|
|
|
|
(list (string->uri strings)))))
|
2015-05-31 23:22:29 +02:00
|
|
|
|
|
2015-01-26 00:19:04 +01:00
|
|
|
|
;; Just make sure that at least one of the URIs is valid.
|
2015-05-31 23:22:29 +02:00
|
|
|
|
(call-with-values
|
|
|
|
|
(lambda () (try-uris uris))
|
|
|
|
|
(lambda (success? warnings)
|
|
|
|
|
;; When everything fails, report all of WARNINGS, otherwise don't
|
|
|
|
|
;; report anything.
|
|
|
|
|
;;
|
|
|
|
|
;; XXX: Ideally we'd still allow warnings to be raised if *some*
|
|
|
|
|
;; URIs are unreachable, but distinguish that from the error case
|
|
|
|
|
;; where *all* the URIs are unreachable.
|
|
|
|
|
(unless success?
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(_ "all the source URIs are unreachable:")
|
|
|
|
|
'source)
|
|
|
|
|
(for-each (lambda (warning)
|
|
|
|
|
(display warning (guix-warning-port)))
|
|
|
|
|
(reverse warnings)))))))))
|
2014-12-29 04:38:15 +01:00
|
|
|
|
|
2015-09-10 22:34:58 +02:00
|
|
|
|
(define (check-source-file-name package)
|
|
|
|
|
"Emit a warning if PACKAGE's origin has no meaningful file name."
|
|
|
|
|
(define (origin-file-name-valid? origin)
|
|
|
|
|
;; Return #t if the source file name contains only a version or is #f;
|
|
|
|
|
;; indicates that the origin needs a 'file-name' field.
|
|
|
|
|
(let ((file-name (origin-actual-file-name origin))
|
|
|
|
|
(version (package-version package)))
|
|
|
|
|
(and file-name
|
|
|
|
|
(not (or (string-prefix? version file-name)
|
|
|
|
|
;; Common in many projects is for the filename to start
|
|
|
|
|
;; with a "v" followed by the version,
|
|
|
|
|
;; e.g. "v3.2.0.tar.gz".
|
|
|
|
|
(string-prefix? (string-append "v" version) file-name))))))
|
|
|
|
|
|
|
|
|
|
(let ((origin (package-source package)))
|
|
|
|
|
(unless (or (not origin) (origin-file-name-valid? origin))
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(_ "the source file name should contain the package name")
|
|
|
|
|
'source))))
|
|
|
|
|
|
2015-04-12 23:14:19 +02:00
|
|
|
|
(define (check-derivation package)
|
|
|
|
|
"Emit a warning if we fail to compile PACKAGE to a derivation."
|
|
|
|
|
(catch #t
|
|
|
|
|
(lambda ()
|
|
|
|
|
(guard (c ((nix-protocol-error? c)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f (_ "failed to create derivation: ~a")
|
|
|
|
|
(nix-protocol-error-message c))))
|
|
|
|
|
((message-condition? c)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f (_ "failed to create derivation: ~a")
|
|
|
|
|
(condition-message c)))))
|
|
|
|
|
(with-store store
|
2016-03-03 09:45:09 +01:00
|
|
|
|
;; Disable grafts since it can entail rebuilds.
|
|
|
|
|
(package-derivation store package #:graft? #f)
|
|
|
|
|
|
|
|
|
|
;; If there's a replacement, make sure we can compute its
|
|
|
|
|
;; derivation.
|
|
|
|
|
(match (package-replacement package)
|
|
|
|
|
(#f #t)
|
|
|
|
|
(replacement
|
|
|
|
|
(package-derivation store replacement #:graft? #f))))))
|
2015-04-12 23:14:19 +02:00
|
|
|
|
(lambda args
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f (_ "failed to create derivation: ~s~%")
|
|
|
|
|
args)))))
|
|
|
|
|
|
2015-09-06 10:54:51 +02:00
|
|
|
|
(define (check-license package)
|
|
|
|
|
"Warn about type errors of the 'license' field of PACKAGE."
|
|
|
|
|
(match (package-license package)
|
|
|
|
|
((or (? license?)
|
|
|
|
|
((? license?) ...))
|
|
|
|
|
#t)
|
|
|
|
|
(x
|
|
|
|
|
(emit-warning package (_ "invalid license field")
|
|
|
|
|
'license))))
|
|
|
|
|
|
2015-11-28 16:15:31 +01:00
|
|
|
|
(define (patch-file-name patch)
|
|
|
|
|
"Return the basename of PATCH's file name, or #f if the file name could not
|
|
|
|
|
be determined."
|
|
|
|
|
(match patch
|
|
|
|
|
((? string?)
|
|
|
|
|
(basename patch))
|
|
|
|
|
((? origin?)
|
|
|
|
|
(and=> (origin-actual-file-name patch) basename))))
|
|
|
|
|
|
2016-03-04 10:44:08 +01:00
|
|
|
|
(define (current-vulnerabilities*)
|
|
|
|
|
"Like 'current-vulnerabilities', but return the empty list upon networking
|
|
|
|
|
or HTTP errors. This allows network-less operation and makes problems with
|
|
|
|
|
the NIST server non-fatal.."
|
|
|
|
|
(guard (c ((http-get-error? c)
|
|
|
|
|
(warning (_ "failed to retrieve CVE vulnerabilities \
|
|
|
|
|
from ~s: ~a (~s)~%")
|
|
|
|
|
(uri->string (http-get-error-uri c))
|
|
|
|
|
(http-get-error-code c)
|
|
|
|
|
(http-get-error-reason c))
|
|
|
|
|
(warning (_ "assuming no CVE vulnerabilities~%"))
|
|
|
|
|
'()))
|
2016-11-09 16:27:29 +01:00
|
|
|
|
(catch #t
|
2016-03-04 10:44:08 +01:00
|
|
|
|
(lambda ()
|
|
|
|
|
(current-vulnerabilities))
|
2016-11-09 16:27:29 +01:00
|
|
|
|
(match-lambda*
|
|
|
|
|
(('getaddrinfo-error errcode)
|
|
|
|
|
(warning (_ "failed to lookup NIST host: ~a~%")
|
|
|
|
|
(gai-strerror errcode))
|
|
|
|
|
(warning (_ "assuming no CVE vulnerabilities~%"))
|
|
|
|
|
'())
|
|
|
|
|
(('tls-certificate-error args ...)
|
|
|
|
|
(warning (_ "TLS certificate error: ~a")
|
|
|
|
|
(tls-certificate-error-string args))
|
|
|
|
|
(warning (_ "assuming no CVE vulnerabilities~%"))
|
|
|
|
|
'())
|
|
|
|
|
(args
|
|
|
|
|
(apply throw args))))))
|
2016-03-04 10:44:08 +01:00
|
|
|
|
|
2015-11-26 22:59:06 +01:00
|
|
|
|
(define package-vulnerabilities
|
|
|
|
|
(let ((lookup (delay (vulnerabilities->lookup-proc
|
2016-03-04 10:44:08 +01:00
|
|
|
|
(current-vulnerabilities*)))))
|
2015-11-26 22:59:06 +01:00
|
|
|
|
(lambda (package)
|
|
|
|
|
"Return a list of vulnerabilities affecting PACKAGE."
|
2016-05-17 18:04:13 +02:00
|
|
|
|
;; First we retrieve the Common Platform Enumeration (CPE) name and
|
|
|
|
|
;; version for PACKAGE, then we can pass them to LOOKUP.
|
|
|
|
|
(let ((name (or (assoc-ref (package-properties package)
|
|
|
|
|
'cpe-name)
|
|
|
|
|
(package-name package)))
|
|
|
|
|
(version (or (assoc-ref (package-properties package)
|
|
|
|
|
'cpe-version)
|
|
|
|
|
(package-version package))))
|
|
|
|
|
((force lookup) name version)))))
|
2015-11-26 22:59:06 +01:00
|
|
|
|
|
|
|
|
|
(define (check-vulnerabilities package)
|
|
|
|
|
"Check for known vulnerabilities for PACKAGE."
|
2016-10-03 23:30:49 +02:00
|
|
|
|
(let ((package (or (package-replacement package) package)))
|
|
|
|
|
(match (package-vulnerabilities package)
|
|
|
|
|
(()
|
|
|
|
|
#t)
|
|
|
|
|
((vulnerabilities ...)
|
|
|
|
|
(let* ((patches (filter-map patch-file-name
|
|
|
|
|
(or (and=> (package-source package)
|
|
|
|
|
origin-patches)
|
|
|
|
|
'())))
|
|
|
|
|
(unpatched (remove (lambda (vuln)
|
|
|
|
|
(find (cute string-contains
|
|
|
|
|
<> (vulnerability-id vuln))
|
|
|
|
|
patches))
|
|
|
|
|
vulnerabilities)))
|
|
|
|
|
(unless (null? unpatched)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f (_ "probably vulnerable to ~a")
|
|
|
|
|
(string-join (map vulnerability-id unpatched)
|
|
|
|
|
", ")))))))))
|
2015-11-26 22:59:06 +01:00
|
|
|
|
|
2015-08-19 11:22:07 +02:00
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Source code formatting.
|
|
|
|
|
;;;
|
|
|
|
|
|
|
|
|
|
(define (report-tabulations package line line-number)
|
|
|
|
|
"Warn about tabulations found in LINE."
|
|
|
|
|
(match (string-index line #\tab)
|
|
|
|
|
(#f #t)
|
|
|
|
|
(index
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f (_ "tabulation on line ~a, column ~a")
|
|
|
|
|
line-number index)))))
|
|
|
|
|
|
|
|
|
|
(define (report-trailing-white-space package line line-number)
|
|
|
|
|
"Warn about trailing white space in LINE."
|
|
|
|
|
(unless (or (string=? line (string-trim-right line))
|
|
|
|
|
(string=? line (string #\page)))
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f
|
|
|
|
|
(_ "trailing white space on line ~a")
|
|
|
|
|
line-number))))
|
|
|
|
|
|
|
|
|
|
(define (report-long-line package line line-number)
|
|
|
|
|
"Emit a warning if LINE is too long."
|
|
|
|
|
;; Note: We don't warn at 80 characters because sometimes hashes and URLs
|
|
|
|
|
;; make it hard to fit within that limit and we want to avoid making too
|
|
|
|
|
;; much noise.
|
|
|
|
|
(when (> (string-length line) 90)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f (_ "line ~a is way too long (~a characters)")
|
|
|
|
|
line-number (string-length line)))))
|
|
|
|
|
|
2015-09-18 21:49:51 +02:00
|
|
|
|
(define %hanging-paren-rx
|
|
|
|
|
(make-regexp "^[[:blank:]]*[()]+[[:blank:]]*$"))
|
|
|
|
|
|
|
|
|
|
(define (report-lone-parentheses package line line-number)
|
|
|
|
|
"Emit a warning if LINE contains hanging parentheses."
|
|
|
|
|
(when (regexp-exec %hanging-paren-rx line)
|
|
|
|
|
(emit-warning package
|
|
|
|
|
(format #f
|
|
|
|
|
(_ "line ~a: parentheses feel lonely, \
|
|
|
|
|
move to the previous or next line")
|
|
|
|
|
line-number))))
|
|
|
|
|
|
2015-08-19 11:22:07 +02:00
|
|
|
|
(define %formatting-reporters
|
|
|
|
|
;; List of procedures that report formatting issues. These are not separate
|
|
|
|
|
;; checkers because they would need to re-read the file.
|
|
|
|
|
(list report-tabulations
|
|
|
|
|
report-trailing-white-space
|
2015-09-18 21:49:51 +02:00
|
|
|
|
report-long-line
|
|
|
|
|
report-lone-parentheses))
|
2015-08-19 11:22:07 +02:00
|
|
|
|
|
|
|
|
|
(define* (report-formatting-issues package file starting-line
|
|
|
|
|
#:key (reporters %formatting-reporters))
|
|
|
|
|
"Report white-space issues in FILE starting from STARTING-LINE, and report
|
|
|
|
|
them for PACKAGE."
|
|
|
|
|
(define last-line
|
|
|
|
|
;; Number of the presumed last line.
|
|
|
|
|
;; XXX: Ideally we'd stop at the boundaries of the surrounding sexp, but
|
|
|
|
|
;; for now just use this simple heuristic.
|
|
|
|
|
(+ starting-line 60))
|
|
|
|
|
|
|
|
|
|
(call-with-input-file file
|
|
|
|
|
(lambda (port)
|
|
|
|
|
(let loop ((line-number 1))
|
|
|
|
|
(let ((line (read-line port)))
|
|
|
|
|
(or (eof-object? line)
|
|
|
|
|
(> line-number last-line)
|
|
|
|
|
(begin
|
|
|
|
|
(unless (< line-number starting-line)
|
|
|
|
|
(for-each (lambda (report)
|
|
|
|
|
(report package line line-number))
|
|
|
|
|
reporters))
|
|
|
|
|
(loop (+ 1 line-number)))))))))
|
|
|
|
|
|
|
|
|
|
(define (check-formatting package)
|
|
|
|
|
"Check the formatting of the source code of PACKAGE."
|
|
|
|
|
(let ((location (package-location package)))
|
|
|
|
|
(when location
|
|
|
|
|
(and=> (search-path %load-path (location-file location))
|
|
|
|
|
(lambda (file)
|
|
|
|
|
;; Report issues starting from the line before the 'package'
|
|
|
|
|
;; form, which usually contains the 'define' form.
|
|
|
|
|
(report-formatting-issues package file
|
|
|
|
|
(- (location-line location) 1)))))))
|
2014-12-29 04:38:15 +01:00
|
|
|
|
|
2014-11-19 22:52:14 +01:00
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; List of checkers.
|
|
|
|
|
;;;
|
|
|
|
|
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(define %checkers
|
|
|
|
|
(list
|
2014-09-27 23:00:44 +02:00
|
|
|
|
(lint-checker
|
2014-11-19 22:37:29 +01:00
|
|
|
|
(name 'description)
|
2014-09-27 23:00:44 +02:00
|
|
|
|
(description "Validate package descriptions")
|
|
|
|
|
(check check-description-style))
|
2014-11-19 22:52:14 +01:00
|
|
|
|
(lint-checker
|
2014-11-19 22:37:29 +01:00
|
|
|
|
(name 'gnu-description)
|
2014-11-19 22:52:14 +01:00
|
|
|
|
(description "Validate synopsis & description of GNU packages")
|
|
|
|
|
(check check-gnu-synopsis+description))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(lint-checker
|
2014-11-19 22:37:29 +01:00
|
|
|
|
(name 'inputs-should-be-native)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(description "Identify inputs that should be native inputs")
|
|
|
|
|
(check check-inputs-should-be-native))
|
|
|
|
|
(lint-checker
|
2015-04-10 10:08:49 +02:00
|
|
|
|
(name 'patch-file-names)
|
2015-04-10 10:27:26 +02:00
|
|
|
|
(description "Validate file names and availability of patches")
|
2015-04-10 10:08:49 +02:00
|
|
|
|
(check check-patch-file-names))
|
2014-12-28 17:55:16 +01:00
|
|
|
|
(lint-checker
|
|
|
|
|
(name 'home-page)
|
|
|
|
|
(description "Validate home-page URLs")
|
|
|
|
|
(check check-home-page))
|
2014-12-29 04:38:15 +01:00
|
|
|
|
(lint-checker
|
2015-09-06 10:54:51 +02:00
|
|
|
|
(name 'license)
|
|
|
|
|
;; TRANSLATORS: <license> is the name of a data type and must not be
|
|
|
|
|
;; translated.
|
|
|
|
|
(description "Make sure the 'license' field is a <license> \
|
|
|
|
|
or a list thereof")
|
|
|
|
|
(check check-license))
|
|
|
|
|
(lint-checker
|
2014-12-29 04:38:15 +01:00
|
|
|
|
(name 'source)
|
|
|
|
|
(description "Validate source URLs")
|
|
|
|
|
(check check-source))
|
2015-09-10 22:34:58 +02:00
|
|
|
|
(lint-checker
|
|
|
|
|
(name 'source-file-name)
|
|
|
|
|
(description "Validate file names of sources")
|
|
|
|
|
(check check-source-file-name))
|
2015-04-12 23:14:19 +02:00
|
|
|
|
(lint-checker
|
|
|
|
|
(name 'derivation)
|
|
|
|
|
(description "Report failure to compile a package to a derivation")
|
|
|
|
|
(check check-derivation))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(lint-checker
|
2014-11-19 22:37:29 +01:00
|
|
|
|
(name 'synopsis)
|
2014-11-19 22:45:47 +01:00
|
|
|
|
(description "Validate package synopses")
|
2015-08-19 11:22:07 +02:00
|
|
|
|
(check check-synopsis-style))
|
2015-11-26 22:59:06 +01:00
|
|
|
|
(lint-checker
|
|
|
|
|
(name 'cve)
|
|
|
|
|
(description "Check the Common Vulnerabilities and Exposures\
|
|
|
|
|
(CVE) database")
|
|
|
|
|
(check check-vulnerabilities))
|
2015-08-19 11:22:07 +02:00
|
|
|
|
(lint-checker
|
|
|
|
|
(name 'formatting)
|
|
|
|
|
(description "Look for formatting issues in the source")
|
|
|
|
|
(check check-formatting))))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
2015-10-01 20:10:16 +02:00
|
|
|
|
(define* (run-checkers package #:optional (checkers %checkers))
|
|
|
|
|
"Run the given CHECKERS on PACKAGE."
|
2014-12-28 18:21:53 +01:00
|
|
|
|
(let ((tty? (isatty? (current-error-port)))
|
|
|
|
|
(name (package-full-name package)))
|
|
|
|
|
(for-each (lambda (checker)
|
|
|
|
|
(when tty?
|
2016-04-08 17:59:12 +02:00
|
|
|
|
(format (current-error-port) "checking ~a [~a]...\x1b[K\r"
|
2014-12-28 18:21:53 +01:00
|
|
|
|
name (lint-checker-name checker))
|
|
|
|
|
(force-output (current-error-port)))
|
|
|
|
|
((lint-checker-check checker) package))
|
2016-04-08 17:59:12 +02:00
|
|
|
|
checkers)
|
|
|
|
|
(when tty?
|
|
|
|
|
(format (current-error-port) "\x1b[K")
|
|
|
|
|
(force-output (current-error-port)))))
|
2014-10-12 01:58:29 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Command-line options.
|
|
|
|
|
;;;
|
|
|
|
|
|
|
|
|
|
(define %default-options
|
|
|
|
|
;; Alist of default option values.
|
|
|
|
|
'())
|
|
|
|
|
|
|
|
|
|
(define (show-help)
|
|
|
|
|
(display (_ "Usage: guix lint [OPTION]... [PACKAGE]...
|
2015-06-07 10:46:06 +02:00
|
|
|
|
Run a set of checkers on the specified package; if none is specified,
|
|
|
|
|
run the checkers on all packages.\n"))
|
2014-10-12 01:58:29 +02:00
|
|
|
|
(display (_ "
|
|
|
|
|
-c, --checkers=CHECKER1,CHECKER2...
|
2015-07-23 09:40:05 +02:00
|
|
|
|
only run the specified checkers"))
|
2014-10-12 01:58:29 +02:00
|
|
|
|
(display (_ "
|
|
|
|
|
-h, --help display this help and exit"))
|
|
|
|
|
(display (_ "
|
|
|
|
|
-l, --list-checkers display the list of available lint checkers"))
|
|
|
|
|
(display (_ "
|
|
|
|
|
-V, --version display version information and exit"))
|
|
|
|
|
(newline)
|
|
|
|
|
(show-bug-report-information))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(define %options
|
|
|
|
|
;; Specification of the command-line options.
|
|
|
|
|
;; TODO: add some options:
|
|
|
|
|
;; * --certainty=[low,medium,high]: only run checkers that have at least this
|
|
|
|
|
;; 'certainty'.
|
|
|
|
|
(list (option '(#\c "checkers") #t #f
|
2015-01-28 14:00:58 +01:00
|
|
|
|
(lambda (opt name arg result)
|
2014-11-19 22:37:29 +01:00
|
|
|
|
(let ((names (map string->symbol (string-split arg #\,))))
|
2014-10-12 01:58:29 +02:00
|
|
|
|
(for-each (lambda (c)
|
2014-11-19 22:37:29 +01:00
|
|
|
|
(unless (memq c
|
|
|
|
|
(map lint-checker-name
|
|
|
|
|
%checkers))
|
|
|
|
|
(leave (_ "~a: invalid checker~%") c)))
|
2014-10-12 01:58:29 +02:00
|
|
|
|
names)
|
2015-01-28 14:00:58 +01:00
|
|
|
|
(alist-cons 'checkers
|
|
|
|
|
(filter (lambda (checker)
|
|
|
|
|
(member (lint-checker-name checker)
|
|
|
|
|
names))
|
|
|
|
|
%checkers)
|
|
|
|
|
result))))
|
2014-10-12 01:58:29 +02:00
|
|
|
|
(option '(#\h "help") #f #f
|
|
|
|
|
(lambda args
|
|
|
|
|
(show-help)
|
|
|
|
|
(exit 0)))
|
|
|
|
|
(option '(#\l "list-checkers") #f #f
|
|
|
|
|
(lambda args
|
|
|
|
|
(list-checkers-and-exit)))
|
|
|
|
|
(option '(#\V "version") #f #f
|
|
|
|
|
(lambda args
|
|
|
|
|
(show-version-and-exit "guix lint")))))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Entry Point
|
|
|
|
|
;;;
|
|
|
|
|
|
|
|
|
|
(define (guix-lint . args)
|
|
|
|
|
(define (parse-options)
|
|
|
|
|
;; Return the alist of option values.
|
|
|
|
|
(args-fold* args %options
|
2015-01-28 14:00:58 +01:00
|
|
|
|
(lambda (opt name arg result)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(leave (_ "~A: unrecognized option~%") name))
|
2015-01-28 14:00:58 +01:00
|
|
|
|
(lambda (arg result)
|
2014-09-01 02:13:21 +02:00
|
|
|
|
(alist-cons 'argument arg result))
|
2015-01-28 14:00:58 +01:00
|
|
|
|
%default-options))
|
2014-09-01 02:13:21 +02:00
|
|
|
|
|
|
|
|
|
(let* ((opts (parse-options))
|
|
|
|
|
(args (filter-map (match-lambda
|
|
|
|
|
(('argument . value)
|
|
|
|
|
value)
|
|
|
|
|
(_ #f))
|
2014-10-12 01:58:29 +02:00
|
|
|
|
(reverse opts)))
|
|
|
|
|
(checkers (or (assoc-ref opts 'checkers) %checkers)))
|
|
|
|
|
(if (null? args)
|
|
|
|
|
(fold-packages (lambda (p r) (run-checkers p checkers)) '())
|
|
|
|
|
(for-each (lambda (spec)
|
|
|
|
|
(run-checkers (specification->package spec) checkers))
|
|
|
|
|
args))))
|