We can only do a filesystem check and we have to allow broken symlinks because the linter is being run outside of the target app's sandbox. So a executable file in files/bin/foo may point to a "broken" symlink like "/app/bin/bar", but this is valid when run inside the target app's sandbox.
The paths are split into two because with builddir check the executable is in $path/files/bin/ but with repo check since we extract the subpath files/bin we get the contents of bin under tmpdir, not the parent directory bin itself. And extracting full files/ to get bin is costly.
We can only do a filesystem check and we have to allow broken symlinks because the linter is being run outside of the target app's sandbox. So a executable file in
files/bin/foomay point to a "broken" symlink like "/app/bin/bar", but this is valid when run inside the target app's sandbox.Also strip all field spcifiers https://specifications.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html#exec-variables and
env FOO=BARorFOO=BARto extract the actual executable from theExeckeyThe paths are split into two because with builddir check the executable is in
$path/files/bin/but with repo check since we extract the subpathfiles/binwe get the contents ofbinunder tmpdir, not the parent directorybinitself. And extracting fullfiles/to getbinis costly.