From 6bce076365ade20dd85aa2cbddafe7a2ee59fe0c Mon Sep 17 00:00:00 2001 From: Seb M'Caw Date: Mon, 13 Jan 2025 10:44:24 +0000 Subject: [PATCH] Review --- src/alire/alire-index.adb | 4 ++- src/alire/alire-publish.adb | 34 ++++++++++++------- src/alire/alire-publish.ads | 12 +++---- src/alire/alire-settings-builtins.ads | 9 +++-- src/alr/alr-commands-publish.adb | 3 +- testsuite/tests/index/untrusted-host/test.py | 4 +-- testsuite/tests/publish/trusted-sites/test.py | 4 +-- 7 files changed, 41 insertions(+), 29 deletions(-) diff --git a/src/alire/alire-index.adb b/src/alire/alire-index.adb index e3f87e451..3037cf626 100644 --- a/src/alire/alire-index.adb +++ b/src/alire/alire-index.adb @@ -129,7 +129,9 @@ package body Alire.Index is for Crate of All_Crates.all loop for Rel of Crate.Releases loop if Rel.Origin.Kind in Origins.VCS_Kinds then - if not Publish.Is_Trusted (Rel.Origin.URL, False) then + if not Publish.Is_Trusted + (Rel.Origin.URL, For_Community => False) + then OK := False; Put_Warning ("Release " & Rel.Milestone.TTY_Image & " has URL not in known hosts: " diff --git a/src/alire/alire-publish.adb b/src/alire/alire-publish.adb index fad4fac06..c78561b7f 100644 --- a/src/alire/alire-publish.adb +++ b/src/alire/alire-publish.adb @@ -930,13 +930,14 @@ package body Alire.Publish is if Context.Origin.Kind in Origins.VCS_Kinds then - -- Check an VCS origin is from a trusted site, unless we are forcing - -- a local repository. + -- Check a VCS origin is from a trusted site, unless we are forcing + -- a local repository or '--for-private-index' is specified. if (Force and then URI.URI_Kind (URL) in URI.Local_URIs) or else - Is_Trusted (URL, not Context.Options.For_Private_Index) + Is_Trusted + (URL, For_Community => not Context.Options.For_Private_Index) then Put_Success ("Origin is hosted on trusted site: " & URI.Host (URL)); @@ -1079,9 +1080,9 @@ package body Alire.Publish is -- Trusted_Sites -- ------------------- - function Trusted_Sites (Ignore_Setting : Boolean) return Vector is + function Trusted_Sites (For_Community : Boolean) return Vector is Space_Separated : constant String := - (if Ignore_Setting then Community_Trusted_Sites + (if For_Community then Community_Trusted_Sites else Settings.Builtins.Origins_Git_Trusted_Sites.Get); Split_Vector : constant Vector := Split (Space_Separated, ' '); Sites : Vector := Empty_Vector; @@ -1094,17 +1095,27 @@ package body Alire.Publish is return Sites; end Trusted_Sites; + --------------------------- + -- All_Sites_Are_Trusted -- + --------------------------- + + function All_Sites_Are_Trusted (For_Community : Boolean) return Boolean is + Sites : constant Vector := Trusted_Sites (For_Community); + begin + return Sites.Length in 1 and then Sites (1) = "..."; + end All_Sites_Are_Trusted; + ---------------- -- Is_Trusted -- ---------------- - function Is_Trusted (URL : Alire.URL; Ignore_Setting : Boolean) + function Is_Trusted (URL : Alire.URL; For_Community : Boolean) return Boolean is - Sites : constant Vector := Trusted_Sites (Ignore_Setting); + Sites : constant Vector := Trusted_Sites (For_Community); begin return - Sites.Length in 0 -- Empty list means all sites are trusted + All_Sites_Are_Trusted (For_Community) or else (for some Site of Sites => URI.Host (URL) = Site or else Has_Suffix (URI.Host (URL), "." & Site)); @@ -1470,11 +1481,10 @@ package body Alire.Publish is -- Print_Trusted_Sites -- ------------------------- - procedure Print_Trusted_Sites (For_Private_Index : Boolean) is - Ignore_Setting : constant Boolean := not For_Private_Index; - Sites : constant Vector := Trusted_Sites (Ignore_Setting); + procedure Print_Trusted_Sites (For_Community : Boolean) is + Sites : constant Vector := Trusted_Sites (For_Community); begin - if Sites.Length in 0 then + if All_Sites_Are_Trusted (For_Community) then Trace.Always ("All sites are currently trusted for private indexes."); else for Site of Sites loop diff --git a/src/alire/alire-publish.ads b/src/alire/alire-publish.ads index 55ce99f16..99cce9e03 100644 --- a/src/alire/alire-publish.ads +++ b/src/alire/alire-publish.ads @@ -47,17 +47,17 @@ package Alire.Publish is & M.Crate.As_String & "-" & M.Version.Image); - procedure Print_Trusted_Sites (For_Private_Index : Boolean); + procedure Print_Trusted_Sites (For_Community : Boolean); -- Print our list of allowed sites to host git releases. -- - -- If For_Private_Index is True, the list is that configured with the - -- 'origins.git.trusted_sites' setting, otherwise it is the hardcoded - -- Community_Trusted_Sites list. + -- If For_Community is True, the list is the hardcoded + -- Community_Trusted_Sites list, otherwise it is that configured with the + -- 'origins.git.trusted_sites' setting. - function Is_Trusted (URL : Alire.URL; Ignore_Setting : Boolean) + function Is_Trusted (URL : Alire.URL; For_Community : Boolean) return Boolean; -- According to the 'origins.git.trusted_sites' setting, or the hardcoded - -- Community_Trusted_Sites if Ignore_Setting is True. + -- Community_Trusted_Sites if For_Community is True. type Data is tagged limited private; diff --git a/src/alire/alire-settings-builtins.ads b/src/alire/alire-settings-builtins.ads index e1fa98f30..d468e0dac 100644 --- a/src/alire/alire-settings-builtins.ads +++ b/src/alire/alire-settings-builtins.ads @@ -133,11 +133,10 @@ package Alire.Settings.Builtins is Global_Only => True, Help => "Space-separated list of trusted sites for Git origins, used by" - & " 'alr index --check' and 'alr publish --for-private-index'. If" - & " empty (e.g. if set to ' '), all origins are trusted. Note that" - & " this does not have any effect when using 'alr publish' for" - & " submissions to the community index (which only permits the" - & " default list)."); + & " 'alr index --check' and 'alr publish --for-private-index'. If set to" + & " '...', all origins are trusted. Note that this does not have any" + & " effect when using 'alr publish' for submissions to the community" + & " index (which only permits the default list)."); -- SOLVER diff --git a/src/alr/alr-commands-publish.adb b/src/alr/alr-commands-publish.adb index 7968e7623..f3e7357dc 100644 --- a/src/alr/alr-commands-publish.adb +++ b/src/alr/alr-commands-publish.adb @@ -53,7 +53,8 @@ package body Alr.Commands.Publish is Cmd.Auto_Update_Index; if Cmd.Print_Trusted then - Alire.Publish.Print_Trusted_Sites (Cmd.For_Private_Index); + Alire.Publish.Print_Trusted_Sites + (For_Community => not Cmd.For_Private_Index); elsif Cmd.Tar then diff --git a/testsuite/tests/index/untrusted-host/test.py b/testsuite/tests/index/untrusted-host/test.py index 5d62fb8d6..ea1ff29b2 100644 --- a/testsuite/tests/index/untrusted-host/test.py +++ b/testsuite/tests/index/untrusted-host/test.py @@ -67,9 +67,9 @@ p.out ) -# Set 'origins.git.trusted_sites' to ' ' and verify that all hosts are now +# Set 'origins.git.trusted_sites' to '...' and verify that all hosts are now # permitted. -alr_settings_set("origins.git.trusted_sites", " ") +alr_settings_set("origins.git.trusted_sites", "...") p = run_alr("index", "--check", quiet=False) assert_eq("Success: No issues found in index contents.\n", p.out) diff --git a/testsuite/tests/publish/trusted-sites/test.py b/testsuite/tests/publish/trusted-sites/test.py index 2582d1a19..054a504dc 100644 --- a/testsuite/tests/publish/trusted-sites/test.py +++ b/testsuite/tests/publish/trusted-sites/test.py @@ -20,8 +20,8 @@ p = run_alr("publish", "--for-private-index", "--trusted-sites") assert_eq("some.host\nother.host\nthird.host\n", p.out) -# Set `origins.git.trusted_sites` to an empty list (which trusts all hosts) -alr_settings_set("origins.git.trusted_sites", " ") +# Set `origins.git.trusted_sites` to '...' (which trusts all hosts) +alr_settings_set("origins.git.trusted_sites", "...") # Verify that the output of `alr publish --trusted-sites` is unchanged p = run_alr("publish", "--trusted-sites")