$debugprefix *debuglevel *DEBUG
shellquote printcmd messagequote);
# implicitly uses $main::us
- %EXPORT_TAGS = ( policyflags => [qw(NOFFCHECK FRESHREPO)] );
+ %EXPORT_TAGS = ( policyflags => [qw(NOFFCHECK FRESHREPO NOCOMMITCHECK)] );
@EXPORT_OK = @{ $EXPORT_TAGS{policyflags} };
}
# dynamic loader, runtime, etc., failures, which report 127 or 255
sub NOFFCHECK () { return 0x2; }
sub FRESHREPO () { return 0x4; }
+sub NOCOMMITCHECK () { return 0x8; }
our $debugprefix;
our $debuglevel = 0;
# FRESHREPO (4)
# blow away repo right away (ie, as if before push or fetch)
# ("check-package" and "push" only)
+# NOCOMMITCHECK (8)
+# suppress dgit-repos-server's check that commits do
+# not lack "committer" info (eg as produced by #849041)
# any unexpected bits mean failure, and then known set bits are ignored
# if no unexpected bits set, operation continues (subject to meaning
# of any expected bits set). So, eg, exit 0 means "continue normally"
chomp $mb;
$mb eq $oldcommit or reject "not fast forward on dgit branch";
}
+
+ # defend against commits generated by #849041
+ if (!($policy & NOCOMMITCHECK)) {
+ my @checks = qw(%an %ae %at
+ %cn %ce %ct);
+ my @chk = qw(git log -z);
+ push @chk, '--pretty=tformat:%H%n'.
+ (join "", map { $_, '%n' } @checks);
+ push @chk, "^$oldcommit" if $oldcommit =~ m/[^0]/;
+ push @chk, $commit;;
+ printdebug " ~NOCOMMITCHECK @chk\n";
+ open CHK, "-|", @chk or die $!;
+ local $/ = "\0";
+ while (<CHK>) {
+ next unless m/^$/m;
+ m/^\w+(?=\n)/ or die;
+ reject "corrupted object $& (missing metadata)";
+ }
+ $!=0; $?=0; close CHK or $?==256 or die "$? $!";
+ }
+
if ($policy & FRESHREPO) {
# It's a bit late to be discovering this here, isn't it ?
#