Index: b/lib/routines.c =================================================================== --- a/lib/routines.c +++ b/lib/routines.c @@ -242,3 +242,50 @@ /* Don't complain if you can't unlink. Who cares of a tmp file? */ unlink (filename); } + +/* + * Securely generate a temp file, and make sure it gets + * deleted upon exit. + */ +static char ** tempfiles; +static unsigned ntempfiles; + +static void +cleanup_tempfiles() +{ + while (ntempfiles--) + unlink(tempfiles[ntempfiles]); +} + +char * +safe_tempnam(const char *pfx) +{ + char *dirname, *filename; + int fd; + + if (!(dirname = getenv("TMPDIR"))) + dirname = "/tmp"; + + tempfiles = (char **) realloc(tempfiles, + (ntempfiles+1) * sizeof(char *)); + if (tempfiles == NULL) + return NULL; + + filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX")); + if (!filename) + return NULL; + + sprintf(filename, "%s/%sXXXXXX", dirname, pfx); + + if ((fd = mkstemp(filename)) < 0) { + free(filename); + return NULL; + } + close(fd); + + if (ntempfiles == 0) + atexit(cleanup_tempfiles); + tempfiles[ntempfiles++] = filename; + + return filename; +} Index: b/lib/routines.h =================================================================== --- a/lib/routines.h +++ b/lib/routines.h @@ -255,7 +255,8 @@ /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */ #define tempname_ensure(Str) \ do { \ - (Str) = (Str) ? (Str) : tempnam (NULL, "a2_"); \ + (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \ } while (0) +char * safe_tempnam(const char *); #endif bdb5faad01d47d69929aa4'>diff
path: root/build-aux/update-guix-package.scm
AgeCommit message (Expand)Author
2020-11-12maint: update-guix-package: Optionally add sources to store....Following discussions in <https://issues.guix.gnu.org/43893>, keeping a copy of the updated package source is desirable when generating a release. * build-aux/update-guix-package.scm (version-controlled?): Remove variable. (call-with-temporary-git-worktree): Renamed from 'with-temporary-git-worktree'. Update doc. Do not change directory implicitly. Define as a procedure, not a syntax. (keep-source-in-store): New procedure. (main): Adjust to use with call-with-temporary-git-worktree. Add the sources to the store when GUIX_ALLOW_ME_TO_USE_PRIVATE_COMMIT is set. Exit gracefully when FIND-ORIGIN-REMOTE returns #f. (%savannah-guix-git-repo-push-url-regexp): Adjust match for a potential colon separator. * Makefile.am (GUIX_ALLOW_ME_TO_USE_PRIVATE_COMMIT): Adjust. * .dir-locals.el (scheme-mode): Remove entry for with-temporary-git-worktree. * doc/contributing.texi (Updating the Guix Package): Update doc. Co-authored-by: Ludovic Courtès <ludo@gnu.org> Maxim Cournoyer
2020-10-25maint: update-guix-package: Include the git.sv.gnu.org alias....* build-aux/update-guix-package.scm (%savannah-guix-git-repo-push-url): Rename to... (%savannah-guix-git-repo-push-url-regexp): ...this. Add the 'sv' alternative to 'savannah' and the (push) suffix in the URL regexp. (find-origin-remote): Adjust accordingly. Reported-by: Ludovic Courtès <ludo@gnu.org> Maxim Cournoyer
2020-10-19maint: update-guix-package: Prevent accidentally breaking guix pull....Fixes <https://issues.guix.gnu.org/43893>. This changes the 'update-guix-package' tool so that it: 1. Always uses a clean checkout to compute the hash of the updated 'guix' package. 2. Ensures the commit used in the updated 'guix' package definition has already been pushed upstream. * build-aux/update-guix-package.scm (%savannah-guix-git-repo-push-url): New variable. (with-input-pipe-to-string, with-temporary-git-worktree): New syntaxes. (find-origin-remote, git-add-worktree): New procedures. (commit-already-pushed?): New predicate. (main): Check the commit used has already been pushed upstream and compute the hash from a clean checkout. * doc/contributing.texi (Updating the Guix Package): Document it. * .dir-locals.el (scheme-mode): Fix indentation of with-temporary-git-worktree. Maxim Cournoyer
2020-05-28update-guix-package: Use 'origin-hash'....* gnu/packages/package-management.scm (main): Use 'origin-hash' instead of 'origin-sha256'. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr> Vincent Legoll