#
# in_vc_files | in_files
#
-# grep-E-style regexp denoting the files to check. If no files
-# are specified the default are all the files that are under
-# version control.
+# grep-E-style regexp selecting the files to check. For in_vc_files,
+# the regexp is used to select matching files from the list of all
+# version-controlled files; for in_files, it's from the names printed
+# by "find $(srcdir)". When neither is specified, use all files that
+# are under version control.
#
# containing | non_containing
#
: Filter by file name; \
if test -n "$$in_files"; then \
files=$$(find $(srcdir) | grep -E "$$in_files" \
- | grep -Ev '$(exclude_file_name_regexp--$@)'); \
+ | grep -Ev '$(_sc_excl)'); \
else \
files=$$($(VC_LIST_EXCEPT)); \
if test -n "$$in_vc_files"; then \
halt='$(ME): replace strcmp calls above with STREQ/STRNEQ' \
$(_sc_search_regexp)
+# Really. You don't want to use this function.
+# It may fail to NUL-terminate the destination,
+# and always NUL-pads out to the specified length.
+sc_prohibit_strncpy:
+ @prohibit='\<strncpy *\(' \
+ halt='do not use strncpy, period' \
+ $(_sc_search_regexp)
+
# Pass EXIT_*, not number, to usage, exit, and error (when exiting)
# Convert all uses automatically, via these two commands:
# git grep -l '\<exit *(1)' \
' with the corresponding gnulib module, they are always true') \
$(_sc_search_regexp)
+sc_prohibit_defined_have_decl_tests:
+ @prohibit='#[ ]*if(n?def|.*\<defined)\>[ (]+HAVE_DECL_' \
+ halt='$(ME): HAVE_DECL macros are always defined' \
+ $(_sc_search_regexp)
+
# ==================================================================
gl_other_headers_ ?= \
intprops.h \
&& { echo '$(ME): use $$(...), not @...@' 1>&2; exit 1; } || :
news-check: NEWS
- if sed -n $(news-check-lines-spec)p $(srcdir)/NEWS \
+ if sed -n $(news-check-lines-spec)p $< \
| grep -E $(news-check-regexp) >/dev/null; then \
:; \
else \
sc_vulnerable_makefile_CVE-2009-4029:
@prohibit='perm -777 -exec chmod a\+rwx|chmod 777 \$$\(distdir\)' \
- in_files=$$(find $(srcdir) -name Makefile.in) \
+ in_files=(^\|/)Makefile\\.in$$ \
halt=$$(printf '%s\n' \
'the above files are vulnerable; beware of running' \
' "make dist*" rules, and upgrade to fixed automake' \
' see http://bugzilla.redhat.com/542609 for details') \
$(_sc_search_regexp)
+sc_vulnerable_makefile_CVE-2012-3386:
+ @prohibit='chmod a\+w \$$\(distdir\)' \
+ in_files=(^\|/)Makefile\\.in$$ \
+ halt=$$(printf '%s\n' \
+ 'the above files are vulnerable; beware of running' \
+ ' "make distcheck", and upgrade to fixed automake' \
+ ' see http://bugzilla.redhat.com/CVE-2012-3386 for details') \
+ $(_sc_search_regexp)
+
vc-diff-check:
(unset CDPATH; cd $(srcdir) && $(VC) diff) > vc-diffs || :
if test -s vc-diffs; then \
gpg_key_ID ?= \
$$(git cat-file tag v$(VERSION) \
| gpgv --status-fd 1 --keyring /dev/null - - 2>/dev/null \
- | sed -n '/^\[GNUPG:\] ERRSIG /{s///;s/ .*//p;q;}')
+ | awk '/^\[GNUPG:\] ERRSIG / {print $$3; exit}')
translation_project_ ?= coordinator@translationproject.org
--prev=$(PREV_VERSION) \
--curr=$(VERSION) \
--gpg-key-id=$(gpg_key_ID) \
+ --srcdir=$(srcdir) \
--news=$(srcdir)/NEWS \
--bootstrap-tools=$(bootstrap-tools) \
$$(case ,$(bootstrap-tools), in (*,gnulib,*) \
fi
echo $(VERSION) > $(prev_version_file)
$(MAKE) update-NEWS-hash
- perl -pi -e '$$. == 3 and print "$(gl_noteworthy_news_)\n\n\n"' NEWS
+ perl -pi -e '$$. == 3 and print "$(gl_noteworthy_news_)\n\n\n"' $(srcdir)/NEWS
$(emit-commit-log) > .ci-msg
$(VC) commit -F .ci-msg -a
rm .ci-msg