" removed from NEW (ie, rejected) (or never arrived)");
}
-sub action_check_package () {
- getpackage();
+sub check_package () {
return 0 unless $pkg_exists;
return 0 unless $pkg_secret;
my $age = time - $mtime;
printdebug "check_package age=$age\n";
- return 0 if $age < $new_upload_propagation_slop;
-
- return 0 if new_has_vsn_in_our_history();
-
if (good_suite_has_vsn_in_our_history) {
chmod $publicmode, "." or die $!;
+ $pkg_secret = 0;
return 0;
}
+ return 0 if $age < $new_upload_propagation_slop;
+
+ return 0 if new_has_vsn_in_our_history();
+
printdebug "check_package secret, deleted, tainting\n";
git_for_each_ref('refs/tags', sub {
return FRESHREPO;
}
+sub action_check_package () {
+ getpackage();
+ return check_package();
+}
+
sub getpushinfo () {
die unless @ARGV >= 4;
$version = shift @ARGV;
}
}
-sub deliberately ($) { return $deliberately{$_[0]}; }
+sub deliberately ($) { return $deliberately{"--deliberately-$_[0]"}; }
sub action_push () {
getpackage();
getpushinfo();
+ check_package(); # might make package public, or might add taints
+
return 0 unless $pkg_exists;
return 0 unless $pkg_secret;
if (deliberately('not-fast-forward')) {
add_taint(server_ref($suite),
- "suite $suite when --deliberately-not-fast-forward".
+ "rewound suite $suite; --deliberately-not-fast-forward".
" specified in signed tag $tagname for upload of".
- " version $version into suite $suite");
+ " version $version");
return NOFFCHECK|FRESHREPO;
}
if (deliberately('include-questionable-history')) {
END
$initq->execute($pkg);
+ my @objscatcmd = qw(git);
+ push @objscatcmd, qw(--git-dir), $freshrepo if length $freshrepo;
+ push @objscatcmd, qw(cat-file --batch);
+ debugcmd '|',@objscatcmd if $debuglevel>=2;
+
my @taintids;
my $chkinput = tempfile();
while (my $taint = $initq->fetchrow_hashref()) {
push @taintids, $taint->{taint_id};
print $chkinput $taint->{gitobjid}, "\n" or die $!;
+ printdebug '|> ', $taint->{gitobjid}, "\n" if $debuglevel>=2;
}
flush $chkinput or die $!;
seek $chkinput,0,0 or die $!;
my $checkpid = open CHKOUT, "-|" // die $!;
if (!$checkpid) {
open STDIN, "<&", $chkinput or die $!;
- exec qw(git cat-file --batch) or die $!;
+ exec @objscatcmd or die $!;
}
my ($taintinfoq,$overridesanyq,$untaintq,$overridesq);
# just read what we expect and then let it get SIGPIPE.
$!=0; $_ = <CHKOUT>;
die "$? $!" unless defined $_;
+ printdebug "|< ", $_ if $debuglevel>=2;
next if m/^\w+ missing$/;
die unless m/^(\w+) (\w+) (\d+)\s/;