Update to v1.2.0

This is the version that will be ported to FreeBSD!

README.md

@@ -175,6 +175,8 @@ This implementation tries to follow the [PEP 8](https://www.python.org/dev/peps/
 ## PORTABILITY
 None. Works only on FreeBSD, but who needs anything else?
 
+Packaged for FreeBSD as *pyXX-pnu-portstreelint*.
+
 ## HISTORY
 While working on the 4th version of the [pysec2vuxml](https://github.com/HubTou/pysec2vuxml) tool,
 I noticed there were errors in the FreeBSD port Index,
@@ -195,8 +197,9 @@ The IGNORE mark check is not reliable because this tool doesn't parse
 the ports' Makefiles, but just loads their variables without regard to
 the conditional tests that may surround them.
 
-PORTREVISION is not taken into account in the vulnerabilities check
-which may leads to reporting false positives. The ports using exotic
-versioning schemes will also be skipped because the library we use
-for version comparisons is geared toward Python ports and limited
-for this usage.
+The nonexistent plist is not very helpful because there are unaccounted
+autoplist options for some languages (Python)...
+
+The ports using exotic versioning schemes will be skipped from the
+vulnerability check because the library we use for version comparisons
+is geared toward Python ports and limited for this usage.

TODO.md

@@ -1,25 +1,27 @@
-# portstreelint TODOLIST
+# PortsTreeLint TODOLIST
+Feel free to submit your own ideas!
 
 ## Planned changes
-* Next version: checking distfiles availability
-
-## Probable evolutions
 * Having a configuration file
   * Limits setting
   * Checks enabling or disabling
   * Exclusion of ports, maintainers, categories
-  * Correction of false positives
+  * Correction of false positives (for example for vulnerability checks)
+
+## Probable evolutions
+* Checking distfiles availability
 
 ## Possible evolutions
 * Better Makefiles exploitation by expanding embedded variables when possible locally
+  * Perhaps using Make to do the job when there are embedded variables?
 * Checking the existence of domains in maintainer's email addresses
 * Checking the depends fields (extract/patch/fetch/build/run):
-  * between the Index and the Makefiles
-  * against the existence of the dependencies
+  * Between the Index and the Makefiles
+  * Against the existence of the dependencies
 * Other Makefiles related checks
 
 ## Unprobable evolutions
-* Adding an option to notice port maintainers by email => will be better done by a wrapping script using the per-maintainer output
+* Adding an option to notify port maintainers by email => will be better done by a wrapping script using the per-maintainer output
 * Providing a mechanism to keep track of external events => will be better done by a wrapping script using the per-maintainer output
   * For example, the INDEX:www-site being unavailable since date X
 * Side functionalities => not the direct purpose of this tool
@@ -28,4 +30,3 @@
 * Checking ports that could be flavourized => no ideas for implementation (yet!)
   * See https://lists.freebsd.org/archives/freebsd-ports/2024-March/005597.html
 
-Feel free to submit your own ideas!

man/portstreelint.8

@@ -1,4 +1,4 @@
-.Dd March 4, 2024
+.Dd March 18, 2024
 .Dt portstreelint 8
 .Os
 .Sh NAME
@@ -241,6 +241,11 @@ This implementation tries to follow the PEP 8 style guide for Python
 code.
 .Sh PORTABILITY
 None. Works only on FreeBSD, but who needs anything else?
+.Pp
+Packaged for
+.Fx
+as
+.Em pyXX\\-pnu\\-portstreelint .
 .Sh HISTORY
 While working on the 4th version of the pysec2vuxml tool,
 I noticed there were errors in the FreeBSD port Index,
@@ -264,8 +269,9 @@ The IGNORE mark check is not reliable because this tool doesn't parse
 the ports' Makefiles, but just loads their variables without regard to
 the conditional tests that may surround them.
 .Pp
-PORTREVISION is not taken into account in the vulnerabilities check
-which may leads to reporting false positives. The ports using exotic
-versioning schemes will also be skipped because the library we use
-for version comparisons is geared toward Python ports and limited
-for this usage.
+The nonexistent plist is not very helpful because there are
+unaccounted autoplist options for some languages (Python)...
+.Pp
+The ports using exotic versioning schemes will be skipped from the
+vulnerability check because the library we use for version comparisons
+is geared toward Python ports and limited for this usage.

pyproject.toml

@@ -1,6 +1,3 @@
 [build-system]
-requires = [
-    "setuptools>=42",
-    "wheel"
-]
+requires = ["setuptools"]
 build-backend = "setuptools.build_meta"

setup.cfg

@@ -3,7 +3,7 @@ name = pnu-portstreelint
 description = FreeBSD ports tree lint
 long_description = file: README.md
 long_description_content_type = text/markdown
-version = 1.1.3
+version = 1.2.0
 license = BSD 3-Clause License
 license_files = License
 author = Hubert Tournier
@@ -20,7 +20,6 @@ classifiers =
     License :: OSI Approved :: BSD License
     Natural Language :: English
     Operating System :: POSIX :: BSD :: FreeBSD
-    Programming Language :: Python :: 3
     Programming Language :: Python :: 3.6
     Programming Language :: Python :: 3.7
     Programming Language :: Python :: 3.8
@@ -37,8 +36,8 @@ package_dir =
 packages = find:
 python_requires = >=3.6
 install_requires =
-    pnu-libpnu
-    pnu-vuxml >= 1.0.1
+    pnu-libpnu >= 1.3.0
+    pnu-vuxml >= 1.2.1
 
 [options.packages.find]
 where = src
@@ -50,6 +49,6 @@ console_scripts =
     ptl = portstreelint:main
 
 [options.data_files]
-man/man8 =
+share/man/man8 =
     man/portstreelint.8.gz
 

src/portstreelint/check_vulnerabilities.py

@@ -92,6 +92,8 @@ def check_vulnerabilities(ports):
 
         if portversion and '$' not in portversion:
             version = portversion
+            if portrevision:
+                version += '_' + portrevision
 
         # Try to figure out ourselves from the port name:
         if not portname or not version:
@@ -103,10 +105,7 @@ def check_vulnerabilities(ports):
                 version = re.sub(r",[0-9]+$", "", version)
                 logging.debug("Port epoch without PORTEPOCH for port %s", name)
 
-            if portrevision:
-                version = re.sub(r"_" + portrevision + "$", "", version)
-            elif '_' in version:
-                version = re.sub(r"_[0-9]+$", "", version)
+            if not portrevision and '_' in version:
                 logging.debug("Port revision without PORTREVISION for port %s", name)
 
             group = re.match(r"^(.*)-([^-]+)$", version)

src/portstreelint/load_data.py

@@ -10,6 +10,8 @@
 import re
 import sys
 
+import libpnu
+
 from .library import counters, notify_maintainer
 
 ####################################################################################################
@@ -108,28 +110,9 @@ def update_with_makefiles(ports):
             # Getting the port last modification datetime:
             ports[name]["Last modification"] = datetime.datetime.fromtimestamp(os.path.getmtime(port_makefile)).replace(tzinfo=datetime.timezone.utc)
 
-            with open(port_makefile, encoding='utf-8', errors='ignore') as file:
-                lines = file.read().splitlines()
+            lines = libpnu.load_strings_from_file(port_makefile)
 
-            previous_lines = ""
             for line in lines:
-                if not "#" in line:
-                    line = previous_lines + line.strip()
-                elif "\\#" in line:
-                    line = re.sub(r"\\#", "²", line) # horrible kludge!
-                    line = previous_lines + re.sub(r"[ 	]*#.*", "", line.strip()) # remove comments
-                    line = re.sub(r"²", "\\#", line)
-                else:
-                    line = previous_lines + re.sub(r"[ 	]*#.*", "", line.strip()) # remove comments
-                previous_lines = ""
-
-                if not line:
-                    continue
-
-                if line.endswith("\\"): # Continued line
-                    previous_lines = re.sub(r"\\$", "", line)
-                    continue
-
                 group = re.match(r"^([A-Z_]+)=[ 	]*(.*)", line)
                 if group is not None: # Makefile variable
                     ports[name][group[1]] = group[2]

src/portstreelint/main.py

@@ -31,7 +31,7 @@
 
 
 # Version string used by the what(1) and ident(1) commands:
-ID = "@(#) $Id: portstreelint - FreeBSD ports tree lint v1.1.3 (March 4, 2024) by Hubert Tournier $"
+ID = "@(#) $Id: portstreelint - FreeBSD ports tree lint v1.2.0 (March 20, 2024) by Hubert Tournier $"
 
 # Default parameters. Can be overcome by command line options:
 parameters = {
@@ -87,13 +87,6 @@ def _display_help():
     #pylint: enable=C0301
 
 
-####################################################################################################
-def _handle_interrupts(signal_number, current_stack_frame):
-    """ Prevent SIGINT signals from displaying an ugly stack trace """
-    print(" Interrupted!\n", file=sys.stderr)
-    sys.exit(0)
-
-
 ####################################################################################################
 def _process_environment_variables():
     """ Process environment variables """
@@ -255,7 +248,7 @@ def main():
     program_name = os.path.basename(sys.argv[0])
 
     libpnu.initialize_debugging(program_name)
-    libpnu.handle_interrupt_signals(_handle_interrupts)
+    libpnu.handle_interrupt_signals(libpnu.interrupt_handler_function)
     _process_environment_variables()
     _ = _process_command_line()