+sub action_push_confirm () {
+ my $initq = $dbh->prepare(<<END);
+ SELECT taint_id, gitobjid FROM taints t
+ WHERE (package = ? OR package = '')
+END
+ $initq->execute($pkg);
+
+ my @taintids;
+ my $chkinput = tempfile();
+ while (my $taint = $initq->fetchrow_hashref()) {
+ push @taintids, $taint->{taint_id};
+ print $chkinput, $taint->{gitobjid}, "\n" or die $!;
+ }
+ flush $chkinput or die $!;
+ seek $chkinput,0,0 or die $!;
+
+ my $checkpid = open2("<&$chkinput", \*CHKOUT, qw(git cat-file --batch));
+ $checkpid or die $!;
+
+ my ($taintinfoq,$overridesanyq,$untaintq,$overridesq);
+
+ my $overridesstmt = <<END;
+ SELECT deliberately FROM taintoverrides WHERE (
+ my @overridesv = sort keys %deliberately;
+ $overridesstmt .= join <<END, (<<END x @overridesv);
+END
+ OR
+END
+ deliberately = ?
+END
+ $overridesstmt .= <<END;
+ ) AND taint_id = ?
+ ORDER BY deliberately ASC
+END
+
+ my $mustreject=0;
+
+ while (<CHKOUT>) {
+ my $taintid = shift @taintids;
+ die unless defined $taintid;
+
+ next if m/^\w+ missing$/;
+ die unless m/^(\w+) (\s+) (\d+)\s/;
+ my ($objid,$objtype,$nbytes) = @_;
+
+ read CHKOUT, $_, $nbytes == $bytes or last;
+
+ $taintinfoq ||= $dbh->prepare(<<END);
+ SELECT package, time, comment FROM taints WHERE taint_id = ?
+END
+ $taintinfoq->execute($taintid);
+
+ my $ti = $taintinfoq->fetchrow_hashref();
+ die unless $ti;
+
+ my $timeshow = defined $ti->{time}
+ ? " at time ".strftime("%Y-%m-%d %H:%M:%S Z", gmtime $ti->time)
+ : "";
+ my $pkgshow = length $ti->{package}
+ ? "package $ti->{package}"
+ : "any package";
+
+ print STDERR <<END;
+
+History contains tainted $objtype $objid
+Taint recorded$timeshow for $pkginfo
+Reason: $ti->{comment}
+END
+
+ $overridesq ||= $dbh->prepare($overridesstmt);
+ $overridesq->execute(@overridesv, $taintid);
+ my ($ovwhy) = $overridesq->fetchrow_array();
+ if (!defined $ovwhy) {
+ $overridesanyq ||= $dbh->prepare(<<END);
+ SELECT 1 FROM taintoverrides WHERE taint_id = ? LIMIT 1
+END
+ $overridesanyq->execute($taintid);
+ my ($ovany) = $overridesanyq->fetchrow_array();
+ print STDERR $ovany ? <<END : <<END;
+Could be forced using --deliberately. Consult documentation.
+END
+Uncorrectable error. If confused, consult administrator.
+END
+ $mustreject = 1;
+ } else {
+ print STDERR <<END;
+Forcing due to --deliberately-$ovwhy
+END
+ $untaintq ||= $dbh->prepare(<<END);
+ DELETE FROM taints WHERE taint_id = ?
+END
+ $untaintq->execute($taint_id);
+ }
+ }
+ if (@taintids) {
+ $?=0; my $gotpid = waitpid $checkpid, WNOHANG;
+ die "@taintids $gotpid $? $!";
+ }