maint.mk: relax sc_prohibit_strcmp, to avoid a false positive
[gnulib.git] / top / maint.mk
index 5a23185..09f55c5 100644 (file)
@@ -61,7 +61,7 @@ endif
 # (i.e., with no $(srcdir) prefix), this definition is careful to
 # remove any $(srcdir) prefix, and to restore what it removes.
 _sc_excl = \
-  $(if $(exclude_file_name_regexp--$@),$(exclude_file_name_regexp--$@),^$$)
+  $(or $(exclude_file_name_regexp--$@),^$$)
 VC_LIST_EXCEPT = \
   $(VC_LIST) | sed 's|^$(_dot_escaped_srcdir)/||' \
        | if test -f $(srcdir)/.x-$@; then grep -vEf $(srcdir)/.x-$@; \
@@ -178,11 +178,20 @@ syntax-check: $(local-check)
 #     Regular expression (ERE) denoting either a forbidden construct
 #     or a required construct.  Those arguments are exclusive.
 #
+#  exclude
+#
+#     Regular expression (ERE) denoting lines to ignore that matched
+#     a prohibit construct.  For example, this can be used to exclude
+#     comments that mention why the nearby code uses an alternative
+#     construct instead of the simpler prohibited construct.
+#
 #  in_vc_files | in_files
 #
-#     grep-E-style regexp denoting the files to check.  If no files
-#     are specified the default are all the files that are under
-#     version control.
+#     grep-E-style regexp selecting the files to check.  For in_vc_files,
+#     the regexp is used to select matching files from the list of all
+#     version-controlled files; for in_files, it's from the names printed
+#     by "find $(srcdir)".  When neither is specified, use all files that
+#     are under version control.
 #
 #  containing | non_containing
 #
@@ -212,6 +221,17 @@ syntax-check: $(local-check)
 # when filtering by name via in_files, we explicitly filter out matching
 # names here as well.
 
+# Initialize each, so that envvar settings cannot interfere.
+export require =
+export prohibit =
+export exclude =
+export in_vc_files =
+export in_files =
+export containing =
+export non_containing =
+export halt =
+export with_grep_options =
+
 # By default, _sc_search_regexp does not ignore case.
 export ignore_case =
 _ignore_case = $$(test -n "$$ignore_case" && printf %s -i || :)
@@ -231,6 +251,9 @@ define _sc_search_regexp
    test -z "$$prohibit" && test -z "$$require"                         \
      && { msg='Should specify either prohibit or require'              \
           $(_sc_say_and_exit) } || :;                                  \
+   test -z "$$prohibit" && test -n "$$exclude"                         \
+     && { msg='Use of exclude requires a prohibit pattern'             \
+          $(_sc_say_and_exit) } || :;                                  \
    test -n "$$in_vc_files" && test -n "$$in_files"                     \
      && { msg='Cannot specify both in_vc_files and in_files'           \
           $(_sc_say_and_exit) } || :;                                  \
@@ -240,7 +263,7 @@ define _sc_search_regexp
    : Filter by file name;                                              \
    if test -n "$$in_files"; then                                       \
      files=$$(find $(srcdir) | grep -E "$$in_files"                    \
-              | grep -Ev '$(exclude_file_name_regexp--$@)');           \
+              | grep -Ev '$(_sc_excl)');                               \
    else                                                                        \
      files=$$($(VC_LIST_EXCEPT));                                      \
      if test -n "$$in_vc_files"; then                                  \
@@ -258,6 +281,7 @@ define _sc_search_regexp
    if test -n "$$files"; then                                          \
      if test -n "$$prohibit"; then                                     \
        grep $$with_grep_options $(_ignore_case) -nE "$$prohibit" $$files \
+         | grep -vE "$${exclude:-^$$}"                                 \
          && { msg="$$halt" $(_sc_say_and_exit) } || :;                 \
      else                                                              \
        grep $$with_grep_options $(_ignore_case) -LE "$$require" $$files \
@@ -303,12 +327,20 @@ sc_prohibit_atoi_atof:
          $(_sc_search_regexp)
 
 # Use STREQ rather than comparing strcmp == 0, or != 0.
+sp_ = strcmp *\(.+\)
 sc_prohibit_strcmp:
-       @grep -nE '! *str''cmp *\(|\<str''cmp *\(.+\) *[!=]='   \
-           $$($(VC_LIST_EXCEPT))                                       \
-         | grep -vE ':# *define STRN?EQ\(' &&                          \
-         { echo '$(ME): replace str''cmp calls above with STREQ/STRNEQ' \
-               1>&2; exit 1; } || :
+       @prohibit='! *strcmp *\(|\<$(sp_) *[!=]=|[!=]= *$(sp_)'         \
+       exclude='# *define STRN?EQ\('                                   \
+       halt='replace strcmp calls above with STREQ/STRNEQ'             \
+         $(_sc_search_regexp)
+
+# Really.  You don't want to use this function.
+# It may fail to NUL-terminate the destination,
+# and always NUL-pads out to the specified length.
+sc_prohibit_strncpy:
+       @prohibit='\<strncpy *\('                                       \
+       halt='do not use strncpy, period'                               \
+         $(_sc_search_regexp)
 
 # Pass EXIT_*, not number, to usage, exit, and error (when exiting)
 # Convert all uses automatically, via these two commands:
@@ -321,8 +353,9 @@ sc_prohibit_strcmp:
 #  | xargs --no-run-if-empty \
 #      perl -pi -e 's/(^|[^.])\b(exit ?)\(0\)/$1$2(EXIT_SUCCESS)/'
 sc_prohibit_magic_number_exit:
-       @prohibit='(^|[^.])\<(usage|exit) ?\([0-9]|\<error ?\([1-9][0-9]*,'     \
-       halt='use EXIT_* values rather than magic number'                       \
+       @prohibit='(^|[^.])\<(usage|exit|error) ?\(-?[0-9]+[,)]'        \
+       exclude='error ?\((0,|[^,]*)'                                   \
+       halt='use EXIT_* values rather than magic number'               \
          $(_sc_search_regexp)
 
 # Using EXIT_SUCCESS as the first argument to error is misleading,
@@ -433,7 +466,8 @@ sc_prohibit_quotearg_without_use:
 
 # Don't include quote.h unless you use one of its functions.
 sc_prohibit_quote_without_use:
-       @h='quote.h' re='\<quote(_n)? *\(' $(_sc_header_without_use)
+       @h='quote.h' re='\<quote((_n)? *\(|_quoting_options\>)' \
+         $(_sc_header_without_use)
 
 # Don't include this header unless you use one of its functions.
 sc_prohibit_long_options_without_use:
@@ -516,7 +550,7 @@ sc_prohibit_argmatch_without_use:
 
 sc_prohibit_canonicalize_without_use:
        @h='canonicalize.h' \
-       re='CAN_(EXISTING|ALL_BUT_LAST|MISSING)|canonicalize_(mode_t|filename_mode)' \
+       re='CAN_(EXISTING|ALL_BUT_LAST|MISSING)|canonicalize_(mode_t|filename_mode|file_name)' \
          $(_sc_header_without_use)
 
 sc_prohibit_root_dev_ino_without_use:
@@ -708,12 +742,10 @@ _gl_translatable_diag_func_re ?= error
 # Look for diagnostics that aren't marked for translation.
 # This won't find any for which error's format string is on a separate line.
 sc_unmarked_diagnostics:
-       @grep -nE                                                       \
-           '\<$(_gl_translatable_diag_func_re) *\([^"]*"[^"]*[a-z]{3}' \
-               $$($(VC_LIST_EXCEPT))                                   \
-         | grep -Ev '(_|ngettext ?)\(' &&                              \
-         { echo '$(ME): found unmarked diagnostic(s)' 1>&2;            \
-           exit 1; } || :
+       @prohibit='\<$(_gl_translatable_diag_func_re) *\([^"]*"[^"]*[a-z]{3}' \
+       exclude='(_|ngettext ?)\('                                      \
+       halt='found unmarked diagnostic(s)'                             \
+         $(_sc_search_regexp)
 
 # Avoid useless parentheses like those in this example:
 # #if defined (SYMBOL) || defined (SYM2)
@@ -746,6 +778,11 @@ sc_prohibit_always_true_header_tests:
        '  with the corresponding gnulib module, they are always true') \
          $(_sc_search_regexp)
 
+sc_prohibit_defined_have_decl_tests:
+       @prohibit='#[    ]*if(n?def|.*\<defined)\>[      (]+HAVE_DECL_' \
+       halt='HAVE_DECL macros are always defined'                      \
+         $(_sc_search_regexp)
+
 # ==================================================================
 gl_other_headers_ ?= \
   intprops.h   \
@@ -911,8 +948,15 @@ sc_prohibit_doubled_word:
 # A regular expression matching undesirable combinations of words like
 # "can not"; this matches them even when the two words appear on different
 # lines, but not when there is an intervening delimiter like "#" or "*".
+# Similarly undesirable, "See @xref{...}", since an @xref should start
+# a sentence.  Explicitly prohibit any prefix of "see" or "also".
+# Also prohibit a prefix matching "\w+ +".
+# @pxref gets the same see/also treatment and should be parenthesized;
+# presume it must *not* start a sentence.
+bad_xref_re_ ?= (?:[\w,:;] +|(?:see|also)\s+)\@xref\{
+bad_pxref_re_ ?= (?:[.!?]|(?:see|also))\s+\@pxref\{
 prohibit_undesirable_word_seq_RE_ ?=                                   \
-  /\bcan\s+not\b/gims
+  /(?:\bcan\s+not\b|$(bad_xref_re_)|$(bad_pxref_re_))/gims
 prohibit_undesirable_word_seq_ =                                       \
     -e 'while ($(prohibit_undesirable_word_seq_RE_))'                  \
     $(perl_filename_lineno_text_)
@@ -974,10 +1018,10 @@ sc_redundant_const:
          $(_sc_search_regexp)
 
 sc_const_long_option:
-       @grep '^ *static.*struct option ' $$($(VC_LIST_EXCEPT))         \
-         | grep -Ev 'const struct option|struct option const' && {     \
-             echo 1>&2 '$(ME): add "const" to the above declarations'; \
-             exit 1; } || :
+       @prohibit='^ *static.*struct option '                           \
+       exclude='const struct option|struct option const'               \
+       halt='add "const" to the above declarations'                    \
+         $(_sc_search_regexp)
 
 NEWS_hash =                                                            \
   $$(sed -n '/^\*.* $(PREV_VERSION_REGEXP) ([0-9-]*)/,$$p'             \
@@ -1015,15 +1059,15 @@ update-NEWS-hash: NEWS
 # setting this to ' && !/PRAGMA_SYSTEM_HEADER/'.
 _makefile_at_at_check_exceptions ?=
 sc_makefile_at_at_check:
-       @perl -ne '/\@[A-Z_0-9]+\@/'                                    \
-          -e ' && !/([A-Z_0-9]+)\s+=.*\@\1\@$$/'                       \
+       @perl -ne '/\@\w+\@/'                                           \
+          -e ' && !/(\w+)\s+=.*\@\1\@$$/'                              \
           -e ''$(_makefile_at_at_check_exceptions)                     \
          -e 'and (print "$$ARGV:$$.: $$_"), $$m=1; END {exit !$$m}'    \
            $$($(VC_LIST_EXCEPT) | grep -E '(^|/)(Makefile\.am|[^/]+\.mk)$$') \
          && { echo '$(ME): use $$(...), not @...@' 1>&2; exit 1; } || :
 
 news-check: NEWS
-       if sed -n $(news-check-lines-spec)p $(srcdir)/NEWS              \
+       $(AM_V_GEN)if sed -n $(news-check-lines-spec)p $<               \
            | grep -E $(news-check-regexp) >/dev/null; then             \
          :;                                                            \
        else                                                            \
@@ -1079,7 +1123,7 @@ sc_po_check:
 # Sometimes it is useful to change the PATH environment variable
 # in Makefiles.  When doing so, it's better not to use the Unix-centric
 # path separator of ':', but rather the automake-provided '$(PATH_SEPARATOR)'.
-msg = '$(ME): Do not use ":" above; use $$(PATH_SEPARATOR) instead'
+msg = 'Do not use ":" above; use $$(PATH_SEPARATOR) instead'
 sc_makefile_path_separator_check:
        @prohibit='PATH[=].*:'                                          \
        in_vc_files='akefile|\.mk$$'                                    \
@@ -1178,16 +1222,25 @@ sc_prohibit_path_max_allocation:
 
 sc_vulnerable_makefile_CVE-2009-4029:
        @prohibit='perm -777 -exec chmod a\+rwx|chmod 777 \$$\(distdir\)' \
-       in_files=$$(find $(srcdir) -name Makefile.in)                   \
+       in_files='(^|/)Makefile\.in$$'                                  \
        halt=$$(printf '%s\n'                                           \
          'the above files are vulnerable; beware of running'           \
          '  "make dist*" rules, and upgrade to fixed automake'         \
          '  see http://bugzilla.redhat.com/542609 for details')        \
          $(_sc_search_regexp)
 
+sc_vulnerable_makefile_CVE-2012-3386:
+       @prohibit='chmod a\+w \$$\(distdir\)'                           \
+       in_files='(^|/)Makefile\.in$$'                                  \
+       halt=$$(printf '%s\n'                                           \
+         'the above files are vulnerable; beware of running'           \
+         '  "make distcheck", and upgrade to fixed automake'           \
+         '  see http://bugzilla.redhat.com/CVE-2012-3386 for details') \
+         $(_sc_search_regexp)
+
 vc-diff-check:
-       (unset CDPATH; cd $(srcdir) && $(VC) diff) > vc-diffs || :
-       if test -s vc-diffs; then                               \
+       $(AM_V_GEN)(unset CDPATH; cd $(srcdir) && $(VC) diff) > vc-diffs || :
+       $(AM_V_at)if test -s vc-diffs; then                     \
          cat vc-diffs;                                         \
          echo "Some files are locally modified:" 1>&2;         \
          exit 1;                                               \
@@ -1203,10 +1256,11 @@ bootstrap-tools ?= autoconf,automake,gnulib
 
 # If it's not already specified, derive the GPG key ID from
 # the signed tag we've just applied to mark this release.
-gpg_key_ID ?= \
-  $$(git cat-file tag v$(VERSION) \
-     | gpgv --status-fd 1 --keyring /dev/null - - 2>/dev/null \
-     | sed -n '/^\[GNUPG:\] ERRSIG /{s///;s/ .*//p;q}')
+gpg_key_ID ?=                                                          \
+  $$(cd $(srcdir)                                                      \
+     && git cat-file tag v$(VERSION)                                   \
+        | gpgv --status-fd 1 --keyring /dev/null - - 2>/dev/null       \
+        | awk '/^\[GNUPG:\] ERRSIG / {print $$3; exit}')
 
 translation_project_ ?= coordinator@translationproject.org
 
@@ -1225,19 +1279,27 @@ else
 endif
 
 announcement: NEWS ChangeLog $(rel-files)
-       @$(srcdir)/$(_build-aux)/announce-gen                           \
+       $(AM_V_GEN)$(srcdir)/$(_build-aux)/announce-gen                 \
            --mail-headers='$(announcement_mail_headers_)'              \
            --release-type=$(RELEASE_TYPE)                              \
            --package=$(PACKAGE)                                        \
            --prev=$(PREV_VERSION)                                      \
            --curr=$(VERSION)                                           \
            --gpg-key-id=$(gpg_key_ID)                                  \
+           --srcdir=$(srcdir)                                          \
            --news=$(srcdir)/NEWS                                       \
            --bootstrap-tools=$(bootstrap-tools)                        \
-           --gnulib-version=$(gnulib-version)                          \
+           $$(case ,$(bootstrap-tools), in (*,gnulib,*)                \
+              echo --gnulib-version=$(gnulib-version);; esac)          \
            --no-print-checksums                                        \
            $(addprefix --url-dir=, $(url_dir_list))
 
+.PHONY: release-commit
+release-commit:
+       $(AM_V_GEN)cd $(srcdir)                         \
+         && $(_build-aux)/do-release-commit-and-tag    \
+              -C $(abs_builddir) $(RELEASE)
+
 ## ---------------- ##
 ## Updating files.  ##
 ## ---------------- ##
@@ -1265,7 +1327,7 @@ endef
 
 .PHONY: no-submodule-changes
 no-submodule-changes:
-       if test -d $(srcdir)/.git; then                                 \
+       $(AM_V_GEN)if test -d $(srcdir)/.git; then                      \
          diff=$$(cd $(srcdir) && git submodule -q foreach              \
                  git diff-index --name-only HEAD)                      \
            || exit 1;                                                  \
@@ -1304,16 +1366,16 @@ check: $(gl_public_submodule_commit)
 .PHONY: alpha beta stable
 ALL_RECURSIVE_TARGETS += alpha beta stable
 alpha beta stable: $(local-check) writable-files $(submodule-checks)
-       test $@ = stable                                                \
+       $(AM_V_GEN)test $@ = stable                                     \
          && { echo $(VERSION) | grep -E '^[0-9]+(\.[0-9]+)+$$'         \
               || { echo "invalid version string: $(VERSION)" 1>&2; exit 1;};}\
          || :
-       $(MAKE) vc-diff-check
-       $(MAKE) news-check
-       $(MAKE) distcheck
-       $(MAKE) dist XZ_OPT=-9ev
-       $(MAKE) $(release-prep-hook) RELEASE_TYPE=$@
-       $(MAKE) -s emit_upload_commands RELEASE_TYPE=$@
+       $(AM_V_at)$(MAKE) vc-diff-check
+       $(AM_V_at)$(MAKE) news-check
+       $(AM_V_at)$(MAKE) distcheck
+       $(AM_V_at)$(MAKE) dist
+       $(AM_V_at)$(MAKE) $(release-prep-hook) RELEASE_TYPE=$@
+       $(AM_V_at)$(MAKE) -s emit_upload_commands RELEASE_TYPE=$@
 
 # Override this in cfg.mk if you follow different procedures.
 release-prep-hook ?= release-prep
@@ -1321,19 +1383,21 @@ release-prep-hook ?= release-prep
 gl_noteworthy_news_ = * Noteworthy changes in release ?.? (????-??-??) [?]
 .PHONY: release-prep
 release-prep:
-       case $$RELEASE_TYPE in alpha|beta|stable) ;; \
+       $(AM_V_GEN)case $$RELEASE_TYPE in alpha|beta|stable) ;; \
          *) echo "invalid RELEASE_TYPE: $$RELEASE_TYPE" 1>&2; exit 1;; esac
-       $(MAKE) --no-print-directory -s announcement > ~/announce-$(my_distdir)
-       if test -d $(release_archive_dir); then                 \
+       $(AM_V_at)$(MAKE) --no-print-directory -s announcement \
+         > ~/announce-$(my_distdir)
+       $(AM_V_at)if test -d $(release_archive_dir); then       \
          ln $(rel-files) $(release_archive_dir);               \
          chmod a-w $(rel-files);                               \
        fi
-       echo $(VERSION) > $(prev_version_file)
-       $(MAKE) update-NEWS-hash
-       perl -pi -e '$$. == 3 and print "$(gl_noteworthy_news_)\n\n\n"' NEWS
-       $(emit-commit-log) > .ci-msg
-       $(VC) commit -F .ci-msg -a
-       rm .ci-msg
+       $(AM_V_at)echo $(VERSION) > $(prev_version_file)
+       $(AM_V_at)$(MAKE) update-NEWS-hash
+       $(AM_V_at)perl -pi                                              \
+         -e '$$. == 3 and print "$(gl_noteworthy_news_)\n\n\n"'        \
+         $(srcdir)/NEWS
+       $(AM_V_at)msg=$$($(emit-commit-log)) || exit 1;         \
+       cd $(srcdir) && $(VC) commit -m "$$msg" -a
 
 # Override this with e.g., -s $(srcdir)/some_other_name.texi
 # if the default $(PACKAGE)-derived name doesn't apply.
@@ -1341,14 +1405,20 @@ gendocs_options_ ?=
 
 .PHONY: web-manual
 web-manual:
-       @test -z "$(manual_title)" \
+       $(AM_V_GEN)test -z "$(manual_title)" \
          && { echo define manual_title in cfg.mk 1>&2; exit 1; } || :
-       @cd '$(srcdir)/doc'; \
+       $(AM_V_at)cd '$(srcdir)/doc'; \
          $(SHELL) ../$(_build-aux)/gendocs.sh $(gendocs_options_) \
             -o '$(abs_builddir)/doc/manual' \
             --email $(PACKAGE_BUGREPORT) $(PACKAGE) \
            "$(PACKAGE_NAME) - $(manual_title)"
-       @echo " *** Upload the doc/manual directory to web-cvs."
+       $(AM_V_at)echo " *** Upload the doc/manual directory to web-cvs."
+
+.PHONY: web-manual-update
+web-manual-update:
+       $(AM_V_GEN)cd $(srcdir) \
+         && $(_build-aux)/gnu-web-doc-update -C $(abs_builddir)
+
 
 # Code Coverage
 
@@ -1374,6 +1444,31 @@ gen-coverage:
 
 coverage: init-coverage build-coverage gen-coverage
 
+# Some projects carry local adjustments for gnulib modules via patches in
+# a gnulib patch directory whose default name is gl/ (defined in bootstrap
+# via local_gl_dir=gl).  Those patches become stale as the originals evolve
+# in gnulib.  Use this rule to refresh any stale patches.  It applies each
+# patch to the original in $(gnulib_dir) and uses the temporary result to
+# generate a fuzz-free .diff file.  If you customize the name of your local
+# gnulib patch directory via bootstrap.conf, this rule detects that name.
+# Run this from a non-VPATH (i.e., srcdir) build directory.
+.PHONY: refresh-gnulib-patches
+refresh-gnulib-patches:
+       gl=gl;                                                          \
+       if test -f bootstrap.conf; then                                 \
+         t=$$(perl -lne '/^\s*local_gl_dir=(\S+)/ and $$d=$$1;'        \
+              -e 'END{defined $$d and print $$d}' bootstrap.conf);     \
+         test -n "$$t" && gl=$$t;                                      \
+       fi;                                                             \
+       for diff in $$(cd $$gl; git ls-files | grep '\.diff$$'); do     \
+         b=$$(printf %s "$$diff"|sed 's/\.diff$$//');                  \
+         VERSION_CONTROL=none                                          \
+           patch "$(gnulib_dir)/$$b" "$$gl/$$diff" || exit 1;          \
+         ( cd $(gnulib_dir) || exit 1;                                 \
+           git diff "$$b" > "../$$gl/$$diff";                          \
+           git checkout $$b ) || exit 1;                               \
+       done
+
 # Update gettext files.
 PACKAGE ?= $(shell basename $(PWD))
 PO_DOMAIN ?= $(PACKAGE)
@@ -1385,7 +1480,7 @@ refresh-po:
        wget --no-verbose --directory-prefix $(PODIR) --no-directories --recursive --level 1 --accept .po --accept .po.1 $(POURL) && \
        echo 'en@boldquot' > $(PODIR)/LINGUAS && \
        echo 'en@quot' >> $(PODIR)/LINGUAS && \
-       ls $(PODIR)/*.po | sed 's/\.po//' | sed 's,$(PODIR)/,,' | sort >> $(PODIR)/LINGUAS
+       ls $(PODIR)/*.po | sed 's/\.po//;s,$(PODIR)/,,' | sort >> $(PODIR)/LINGUAS
 
  # Running indent once is not idempotent, but running it twice is.
 INDENT_SOURCES ?= $(C_SOURCES)
@@ -1407,7 +1502,7 @@ update-copyright-env ?=
 # in the file .x-update-copyright.
 .PHONY: update-copyright
 update-copyright:
-       grep -l -w Copyright                                             \
+       $(AM_V_GEN)grep -l -w Copyright                                  \
          $$(export VC_LIST_EXCEPT_DEFAULT=COPYING && $(VC_LIST_EXCEPT)) \
          | $(update-copyright-env) xargs $(srcdir)/$(_build-aux)/$@