Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NonConsistentTarUsage: check tar without -f #709

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

NonConsistentTarUsage: check tar without -f #709

wants to merge 1 commit into from

Conversation

arthurzam
Copy link
Member

The tar command defaults to reading from stdin, unless this default is changed at compile time or the TAPE environment variable is set.

To ensure consistent behavior, the -f or --file option should always be given to ensure the input device is chosen explicitly.

@floppym Here is the check for the issues you found with tar :)

Results for gentoo scan:

$ pkgcheck scan -k NonPosixTarUsage
dev-libs/optix
  NonPosixTarUsage: version 7.4.0: line 67: non-posix usage of tar without '-f' or '--file': 'tar -zx'
  NonPosixTarUsage: version 7.5.0: line 67: non-posix usage of tar without '-f' or '--file': 'tar -zx'

games-action/descent1-data
  NonPosixTarUsage: version 1.4a-r1: line 60: non-posix usage of tar without '-f' or '--file': 'tar c \\\n\t\t--mode=u+w \\\n\t\t--ignore-case \\\n\t\t--xform=\'s:.*/::xg\' \\\n\t\t--xform=\'s:.*:\\L\\0:x\' \\\n\t\t--xform=\'s:^chaos\\.:data/missions/\\0:x\' \\\n\t\t--xform=\'s:.*\\.dem$:data/demos/\\0:x\' \\\n\t\t--xform=\'s:.*\\.(faq|pdf|txt)$:doc/\\0:x\' \\\n\t\t--xform=\'s:^[^/]+$:data/\\0:x\' \\\n\t\t--exclude="$(use doc || echo \'*.pdf\')" \\\n\t\t*.{faq,txt,pdf} **/*.{dem,hog,msn,pig}'
  NonPosixTarUsage: version 1.4a-r1: line 71: non-posix usage of tar without '-f' or '--file': 'tar x -C "${WORKDIR}"'

games-action/descent2-data
  NonPosixTarUsage: version 1.2-r1: line 75: non-posix usage of tar without '-f' or '--file': 'tar c \\\n\t\t--mode=u+w \\\n\t\t--ignore-case \\\n\t\t--xform=\'s:.*/::xg\' \\\n\t\t--xform=\'s:.*:\\L\\0:x\' \\\n\t\t--xform=\'s:^d2(-2plyr|chaos)\\.:data/missions/\\0:x\' \\\n\t\t--xform=\'s:.*\\.dem$:data/demos/\\0:x\' \\\n\t\t--xform=\'s:.*\\.(pdf|txt)$:doc/\\0:x\' \\\n\t\t--xform=\'s:^[^/]+$:data/\\0:x\' \\\n\t\t--exclude=\'d2x*\' \\\n\t\t--exclude=\'hoard.ham\' \\\n\t\t--exclude=\'panic.*\' \\\n\t\t--exclude="$(use doc || echo \'*.pdf\')" \\\n\t\t--exclude="$(use videos || echo \'*.mvl\')" \\\n\t\t*.{txt,pdf} *-h.mvl **/*.{ham,hog,mn2,pig,s11,s22}'
  NonPosixTarUsage: version 1.2-r1: line 90: non-posix usage of tar without '-f' or '--file': 'tar x -C "${WORKDIR}"'

games-action/descent2-vertigo
  NonPosixTarUsage: version 1.0-r1: line 33: non-posix usage of tar without '-f' or '--file': 'tar c \\\n\t\t--mode=u+w \\\n\t\t--ignore-case \\\n\t\t--xform=\'s:.*/::xg\' \\\n\t\t--xform=\'s:.*:\\L\\0:x\' \\\n\t\t--xform=\'s:.*\\.(hog|mn2)$:data/missions/\\0:x\' \\\n\t\t--xform=\'s:^[^/]+$:data/\\0:x\' \\\n\t\t--exclude="$(use videos || echo \'*.mvl\')" \\\n\t\t**/{hoard.ham,d2x-h.mvl,{d2x,panic}.{hog,mn2}}*'
  NonPosixTarUsage: version 1.0-r1: line 42: non-posix usage of tar without '-f' or '--file': 'tar x -C "${WORKDIR}"'

games-rpg/comi
  NonPosixTarUsage: version 1-r1: line 29: non-posix usage of tar without '-f' or '--file': 'tar c \\\n\t\t--mode=u+w \\\n\t\t--ignore-case \\\n\t\t--xform=\'s:^[^a-z]+$:\\L\\0:x\' \\\n\t\t--xform=\'s:.*:data/\\0:x\' \\\n\t\t--xform=\'s:.*\\.(pdf|txt)$:doc/\\0:x\' \\\n\t\t--xform=\'s:^doc/data/:doc/:x\' \\\n\t\t--exclude="$(use doc || echo \'*.pdf\')" \\\n\t\t--exclude-from=<(find "${WORKDIR}"/data -type f -printf "%P\\n" 2>/dev/null) \\\n\t\t*.{txt,pdf} *.la[0-9] resource*/'
  NonPosixTarUsage: version 1-r1: line 39: non-posix usage of tar without '-f' or '--file': 'tar x -C "${WORKDIR}"'

games-strategy/settlers-2-gold-data
  NonPosixTarUsage: version 0: line 46: non-posix usage of tar without '-f' or '--file': 'tar c \\\n\t\t--mode=u+w \\\n\t\t--ignore-case \\\n\t\t--xform=\'s:.*:\\U\\0:x\' \\\n\t\t--exclude-from=<(find "${S}"/ -type f -printf "%P\\n" 2>/dev/null) \\\n\t\t{DATA,GFX}/**/*.{BBM,BOB,DAT,FNT,IDX,LBM,LST,RTX,WLD}'
  NonPosixTarUsage: version 0: line 52: non-posix usage of tar without '-f' or '--file': 'tar x -C "${S}"'

Resolves: #704

@arthurzam
NonConsistentTarUsage: check tar without -f
7b1951b 
The ``tar`` command defaults to reading from stdin, unless this default is
changed at compile time or the ``TAPE`` environment variable is set.

To ensure consistent behavior, the ``-f`` or ``--file`` option should
always be given to ensure the input device is chosen explicitly.

Resolves: pkgcore#704
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
@floppym
Copy link
Contributor

floppym commented Oct 21, 2024

Does this accept --file=filename as valid?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thesamesam thesamesam Awaiting requested review from thesamesam

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[New Check]: tar invocations without -f / --file
2 participants
@arthurzam @floppym