search

cassava / repoctl

Make it easy to manage your local Arch Linux repository.
MIT License
128 stars 13 forks source link

Repoctl deletes packages on 'unknown' entry in .PKGINFO #71

Closed StarterX4 closed 8 months ago

StarterX4 commented 1 year ago

Repoctl wiped my whole repo because one package (rebuilt with fakepkg) contained "base" (same as the package name) entry in the .PKGINFO.

[starterx4@doadgrz ~]$ repoctl add /tmp/brother-dcp-l2530dw-4.0.0-1.pkg.tar.zst 
Copying and adding to repository: /tmp/brother-dcp-l2530dw-4.0.0-1.pkg.tar.zst
Adding package to database: /run/user/1000/keybase/kbfs/public/starterx4/repos/arch/x86_64/stx4/brother-dcp-l2530dw-4.0.0-1.pkg.tar.zst
error: read package /run/user/1000/keybase/kbfs/public/starterx4/repos/arch/x86_64/stx4/brother-dcp-l2530dw-4.0.0-1.pkg.tar.zst: unknown field 'base' in .PKGINFO.
Deleting: brother-dcp-l2530dw-4.0.0-1.pkg.tar.zst
Deleting: chakracore-bin-1.11.15-1-x86_64.pkg.tar.xz
Deleting: duolingo-nativefier-20201122-1-x86_64.pkg.tar.zst
Deleting: geforcenow-nativefier-20201122-1-x86_64.pkg.tar.zst
Deleting: lib32-gst-plugin-pipewire-0.3.28-2-x86_64.pkg.tar.zst
Deleting: lib32-jemalloc-5.3.0-1-x86_64.pkg.tar.zst
Deleting: lib32-pipewire-0.3.28-2-x86_64.pkg.tar.zst
Deleting: lib32-pipewire-jack-0.3.28-2-x86_64.pkg.tar.zst
Deleting: libqcow-20181227-1-x86_64.pkg.tar.xz
Deleting: libxmp-4.5.0-3-x86_64.pkg.tar.zst
Deleting: memtest86-efi-1:10.2build1000-1-any.pkg.tar.zst
Deleting: murse-git-r90.gf0e4c0e-1-x86_64.pkg.tar.zst
Deleting: nautilus-checksums-git-r1.6474434-1-x86_64.pkg.tar.zst
Deleting: openboard-1.5.3-3-x86_64.pkg.tar.xz
Deleting: package-query-1.10-1-x86_64.pkg.tar.xz
Deleting: pacmanxg4-bin-4.14.21-1-x86_64.pkg.tar.xz
cassava commented 1 year ago

Hey @StarterX4 thanks for raising the issue. I'm sorry about your data loss. I'll see if I can reproduce this issue. It looks like it should be fairly straightforward.

cassava commented 1 year ago

So I can't reproduce it, but I notice I also don't get the error either.

Can you please give me the output from repoctl version. Please redact any part of the configuration you don't want to expose.

StarterX4 commented 1 year ago 
[starterx4@doadgrz ~]$ repoctl version
repoctl version 0.21 (30 August, 2020)
Copyright 2016-2020, Ben Morgan <cassava@iexu.de>

You may find repoctl on the Internet at
    https://github.com/cassava/repoctl
Please report any bugs you may encounter.

The source code of repoctl is licensed under the MIT license.

Current configuration:
    columnate = false
    color = "auto"
    quiet = false

    current_profile = "stx4-x64"
    default_profile = "stx4-x64"

    [profiles.stx4-any]
        repo = "/run/user/1000/keybase/kbfs/public/starterx4/repos/arch/any/stx4/stx4-any.db.tar.zst"
        add_params = []
        rm_params = []
        ignore_aur = []
        require_signature = false
        backup = false
        backup_dir = ""
        interactive = false
        pre_action = ""
        post_action = "cd /run/user/1000/keybase/kbfs/public/starterx4/repos/arch/any/stx4/; rm stx4-any.{db,files}; cp stx4-any.db.tar.zst stx4-any.db; cp stx4-any.files.tar.zst stx4-any.files"

    [profiles.stx4-x64]
        repo = "/run/user/1000/keybase/kbfs/public/starterx4/repos/arch/x86_64/stx4/stx4-x86_64.db.tar.zst"
        add_params = []
        rm_params = []
        ignore_aur = []
        require_signature = false
        backup = false
        backup_dir = ""
        interactive = false
        pre_action = ""
        post_action = "cd /run/user/1000/keybase/kbfs/public/starterx4/repos/arch/x86_64/stx4/; rm stx4-x86_64.{db,files}; cp stx4-x86_64.db.tar.zst stx4-x86_64.db; cp stx4-x86_64.files.tar.zst stx4-x86_64.files"
intelfx commented 8 months ago

@cassava I can reproduce this repeatedly (albeit with a different unknown field, namely xdata as written by makepkg 6.1.0).

To reproduce, try building a split package with makepkg 6.1.0 and adding it to a non-empty repo with repoctl add.

(Note that this is on the 0.21 release, not master. The master seems to verify the file prior to any operations on the repository.)

intelfx commented 8 months ago

Okay, so what happens is this encounters an error and returns nothing (empty pkgs), but also no error (because it is eaten by the handler):

https://github.com/cassava/repoctl/blob/92ed55f855a3f1d4df80e9d1a567c7e0b83fc96f/repo/find.go#L130-L133

Then, when this function receives an empty list, it returns all packages in the directory:

https://github.com/cassava/repoctl/blob/92ed55f855a3f1d4df80e9d1a567c7e0b83fc96f/repo/find.go#L134-L137

And then we happily delete every file because we treat the returns of Repo.ReadNames() as similar packages.

cassava commented 8 months ago

Thanks @intelfx for your stellar analysis. I'll get onto creating a fix for this ASAP!

intelfx commented 8 months ago

Take a look at #73, I believe I have a fix there.