Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 295335

Summary: repoman needs should have a "fuller" scan with network checks
Product: Portage Development Reporter: Diego Elio Pettenò (RETIRED) <flameeyes>
Component: RepomanAssignee: Portage team <dev-portage>
Status: RESOLVED WONTFIX    
Severity: normal CC: cedk, flow, lordvan, pacho, qa, walch.martin, wicher
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 294791    
Bug Blocks: 295194, 315243    

Description Diego Elio Pettenò (RETIRED) gentoo-dev 2009-12-01 14:20:51 UTC 
Currently repoman does not do online network checks, this though causes some trouble since we have no way to report moved or gone pages, and the same goes for distfiles.

Having a further scan level for repoman to check HOMEPAGE and SRC_URI for validity (and reporting eventually where they result moved, which would allow to find eventual spam links that packages.gentoo.org is currently providing) would definitely help.

I proposed (a few months back) the name "repoman anal" but Zac turned it down ;)
Comment 1 Martin Walch 2009-12-01 15:19:06 UTC 
Yesterday, I opened bug #295194. Should that one be closed in favor of this one? Or should it depend on this one?
Comment 2 Diego Elio Pettenò (RETIRED) gentoo-dev 2009-12-01 16:18:51 UTC 
Ah I couldn't find it, sorry… but I guess a blocker is good, since we're going to need something else as well, like a way to check for mirrors ;)
Comment 3 Alec Warner (RETIRED) archtester gentoo-dev Security 2009-12-01 22:29:20 UTC 
Do you expect developers to fix:
 - Homepages that have moved (300-level redirect)
 - Homepages that are gone (400-level error page)
 - Homepages that are broken (500-level error page)
 - Homepages that are spam
 - Distfiles that are missing.

I am not sure repoman is really the best place for these checks; although having devs do it is appealing as a distributed effort (as opposed to one or two lonely qa guys trying valiantly to fix stuff).

I guess here I'd rather see a third-party tool doing this stuff first; with people actually fixing stuff; as opposed to adding yet another option to repoman that only two lonely qa devs will ever use.

-A
Comment 4 Diego Elio Pettenò (RETIRED) gentoo-dev 2009-12-02 06:32:45 UTC 
and I sincerely don't want to write a tool to parse an ebuild file to be able to do something that repoman does already.

Checking for spam links is quite difficult so I don't pretend that repoman be able to do that, but the rest should be pretty trivial to do.
Comment 5 Alec Warner (RETIRED) archtester gentoo-dev Security 2009-12-02 20:44:30 UTC 
I never said you shouldn't use the portage API (no ebuild parsing required.)
Comment 6 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2010-07-15 15:36:37 UTC 
Well, I'm already working on support for limiting the amount of checks performed by repoman to a specific group. When this is done, I may introduce additional check group for SRC_URI, disabled by default.
Comment 7 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2018-02-04 12:59:42 UTC 
*** Bug 315243 has been marked as a duplicate of this bug. ***
Comment 8 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-07-12 03:18:20 UTC 
repoman support has been removed per bug 835013.

Please file a new bug (or, I suppose, reopen this one) if you feel this check is still applicable to pkgcheck and doesn't already exist.