| Message ID | mailman.57525.1739297147.1089.openwrt-devel@lists.openwrt.org |
|---|---|
| State | New |
| Headers | show |
| Series | build: parsing "git log" breaks with gpg signature verification | expand |
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
This is BROKEN, in the exact same way as the other "git log" parsing I
tried to fix with the ignored patch quoted below:
commit e56845fae3c05463a57ba8e0e104d6d8d8cd96ed
Author: Eric Fahlgren <ericfahlgren@gmail.com>
Date: Sat Feb 1 08:12:07 2025 -0800
scripts: getver.sh: approximate version from date
When doing package support and management it is often the case that
knowing the corresponding openwrt repo's release version is useful.
For example, when adding package changes to the ASU server, the
openwrt revision is used as the cutoff for applying those changes.
Knowing a package change's hash in its remote feed repo allows us
to look up its change date, which we can now use with getver.sh
to approximate the revision in openwrt at which it was made.
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17817
Signed-off-by: Robert Marko <robimarko@gmail.com>
diff --git a/scripts/getver.sh b/scripts/getver.sh
index 0659d8004a01..e9a5cca0740d 100755
--- a/scripts/getver.sh
+++ b/scripts/getver.sh
@@ -23,6 +23,9 @@ try_git() {
BASE_REV="$(git rev-list ${REBOOT}..HEAD 2>/dev/null | wc -l | awk '{print $1}')"
[ $((BASE_REV - GET_REV)) -ge 0 ] && REV="$(git rev-parse HEAD~$((BASE_REV - GET_REV)))"
;;
+ *-*-*) # ISO date format - for approximating when packages were removed or renamed
+ GET_REV="$(git log -n 1 --format="%h" --until "$GET_REV")"
+ ;& # FALLTHROUGH
*)
BRANCH="$(git rev-parse --abbrev-ref HEAD)"
ORIGIN="$(git rev-parse --verify --symbolic-full-name ${BRANCH}@{u} 2>/dev/null)"
If you don't believe me, then please try this in an OpenWrt workdir:
git config log.showSignature true
export GET_REV=2025-05-27
GET_REV="$(git log -n 1 --format="%h" --until "$GET_REV")"
echo "$GET_REV"
See? A user could also have that setting in their ~/.gitconfig. Now,
try the same using
GET_REV="$(git log -n 1 --no-show-signature --format="%h" --until "$GET_REV")"
Notice the difference? It's a simple workaround. So why not use that
option, if you insist on parsing git-log output?
Bjørn
Bjørn Mork via openwrt-devel <openwrt-devel@lists.openwrt.org> writes:
> The sender domain has a DMARC Reject/Quarantine policy which disallows
> sending mailing list messages using the original "From" header.
>
> To mitigate this problem, the original message has been wrapped
> automatically by the mailing list software.
>
> From: Bjørn Mork <bjorn@mork.no>
> Subject: [PATCH] build: parsing "git log" breaks with gpg signature verification
> To: openwrt-devel@lists.openwrt.org
> Cc: Bjørn Mork <bjorn@mork.no>
> Date: Tue, 11 Feb 2025 19:05:32 +0100
>
> Parsing "git log" is fragile. The actual output depends on both global and
> local configuration files. Enabling "log.showSignature" makes "git log" prefix
> signed commits with multiple lines of gpg verify output, regardless of the
> configured log format.
>
> Add "--no-show-signature" to "git log" commands to work around this particular
> issue.
>
> Signed-off-by: Bjørn Mork <bjorn@mork.no>
> ---
> include/download.mk | 2 +-
> rules.mk | 4 ++--
> scripts/getver.sh | 2 +-
> toolchain/Makefile | 2 +-
> 4 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/include/download.mk b/include/download.mk
> index 7f3430277350..3ed88bb9528d 100644
> --- a/include/download.mk
> +++ b/include/download.mk
> @@ -228,7 +228,7 @@ define DownloadMethod/rawgit
> [ \! -d $(SUBDIR) ] && \
> git clone $(OPTS) $(URL) $(SUBDIR) && \
> (cd $(SUBDIR) && git checkout $(SOURCE_VERSION)) && \
> - export TAR_TIMESTAMP=`cd $(SUBDIR) && git log -1 --format='@%ct'` && \
> + export TAR_TIMESTAMP=`cd $(SUBDIR) && git log -1 --no-show-signature --format='@%ct'` && \
> echo "Generating formal git archive (apply .gitattributes rules)" && \
> (cd $(SUBDIR) && git config core.abbrev 8 && \
> git archive --format=tar HEAD --output=../$(SUBDIR).tar.git) && \
> diff --git a/rules.mk b/rules.mk
> index dbc448e1a432..7a5df4109ef1 100644
> --- a/rules.mk
> +++ b/rules.mk
> @@ -507,9 +507,9 @@ ext=$(word $(words $(subst ., ,$(1))),$(subst ., ,$(1)))
> ##
> define commitcount
> $(shell \
> - if git log -1 >/dev/null 2>/dev/null; then \
> + if git log -1 --no-show-signature >/dev/null 2>/dev/null; then \
> if [ -n "$(1)" ]; then \
> - last_bump="$$(git log --pretty=format:'%h %s' . | \
> + last_bump="$$(git log --no-show-signature --pretty=format:'%h %s' . | \
> grep -m 1 -e ': [uU]pdate to ' -e ': [bB]ump to ' | \
> cut -f 1 -d ' ')"; \
> fi; \
> diff --git a/scripts/getver.sh b/scripts/getver.sh
> index 0659d8004a01..23ca0f489b15 100755
> --- a/scripts/getver.sh
> +++ b/scripts/getver.sh
> @@ -40,7 +40,7 @@ try_git() {
> REV="${UPSTREAM_REV}+$((REV - UPSTREAM_REV))"
> fi
>
> - REV="${REV:+r$REV-$(git log -n 1 --format="%h" $UPSTREAM_BASE)}"
> + REV="${REV:+r$REV-$(git log -n 1 --no-show-signature --format="%h" $UPSTREAM_BASE)}"
>
> ;;
> esac
> diff --git a/toolchain/Makefile b/toolchain/Makefile
> index 09c16f72a780..67b1540117cd 100644
> --- a/toolchain/Makefile
> +++ b/toolchain/Makefile
> @@ -65,7 +65,7 @@ endif
> ifdef CONFIG_BUILDBOT
> ifneq ($(wildcard $(TOPDIR)/.git),)
> $(TOOLCHAIN_DIR)/stamp/.ver_check: $(TMP_DIR)/.build
> - cd "$(TOPDIR)"; git log --format=%h -1 toolchain > $(TMP_DIR)/.ver_check
> + cd "$(TOPDIR)"; git log --no-show-signature --format=%h -1 toolchain > $(TMP_DIR)/.ver_check
> cmp -s $(TMP_DIR)/.ver_check $@ || { \
> rm -rf $(BUILD_DIR) $(STAGING_DIR) $(TOOLCHAIN_DIR) $(BUILD_DIR_TOOLCHAIN); \
> mkdir -p $(TOOLCHAIN_DIR)/stamp; \
The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Sorry, that example was bogus. This should do a better job illustrating the issue: git config log.showSignature true export GET_REV=2025-05-01 GET_REV="$(git log -n 1 --format="%h" --until "$GET_REV")" echo "$GET_REV" Bjørn Bjørn Mork via openwrt-devel <openwrt-devel@lists.openwrt.org> writes: > The sender domain has a DMARC Reject/Quarantine policy which disallows > sending mailing list messages using the original "From" header. > > To mitigate this problem, the original message has been wrapped > automatically by the mailing list software. > > From: Bjørn Mork <bjorn@mork.no> > Subject: Re: [PATCH] build: parsing "git log" breaks with gpg signature verification > To: Bjørn Mork via openwrt-devel <openwrt-devel@lists.openwrt.org> > Cc: Eric Fahlgren <ericfahlgren@gmail.com>, Robert Marko <robimarko@gmail.com> > Date: Fri, 27 Jun 2025 11:05:54 +0200 > Organization: m > > This is BROKEN, in the exact same way as the other "git log" parsing I > tried to fix with the ignored patch quoted below: > > > commit e56845fae3c05463a57ba8e0e104d6d8d8cd96ed > Author: Eric Fahlgren <ericfahlgren@gmail.com> > Date: Sat Feb 1 08:12:07 2025 -0800 > > scripts: getver.sh: approximate version from date > > When doing package support and management it is often the case that > knowing the corresponding openwrt repo's release version is useful. > > For example, when adding package changes to the ASU server, the > openwrt revision is used as the cutoff for applying those changes. > Knowing a package change's hash in its remote feed repo allows us > to look up its change date, which we can now use with getver.sh > to approximate the revision in openwrt at which it was made. > > Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com> > Link: https://github.com/openwrt/openwrt/pull/17817 > Signed-off-by: Robert Marko <robimarko@gmail.com> > > diff --git a/scripts/getver.sh b/scripts/getver.sh > index 0659d8004a01..e9a5cca0740d 100755 > --- a/scripts/getver.sh > +++ b/scripts/getver.sh > @@ -23,6 +23,9 @@ try_git() { > BASE_REV="$(git rev-list ${REBOOT}..HEAD 2>/dev/null | wc -l | awk '{print $1}')" > [ $((BASE_REV - GET_REV)) -ge 0 ] && REV="$(git rev-parse HEAD~$((BASE_REV - GET_REV)))" > ;; > + *-*-*) # ISO date format - for approximating when packages were removed or renamed > + GET_REV="$(git log -n 1 --format="%h" --until "$GET_REV")" > + ;& # FALLTHROUGH > *) > BRANCH="$(git rev-parse --abbrev-ref HEAD)" > ORIGIN="$(git rev-parse --verify --symbolic-full-name ${BRANCH}@{u} 2>/dev/null)" > > > > > > If you don't believe me, then please try this in an OpenWrt workdir: > > git config log.showSignature true > export GET_REV=2025-05-27 > GET_REV="$(git log -n 1 --format="%h" --until "$GET_REV")" > echo "$GET_REV" > > > See? A user could also have that setting in their ~/.gitconfig. Now, > try the same using > > GET_REV="$(git log -n 1 --no-show-signature --format="%h" --until "$GET_REV")" > > > Notice the difference? It's a simple workaround. So why not use that > option, if you insist on parsing git-log output? > > > > Bjørn > > > > Bjørn Mork via openwrt-devel <openwrt-devel@lists.openwrt.org> writes: > >> The sender domain has a DMARC Reject/Quarantine policy which disallows >> sending mailing list messages using the original "From" header. >> >> To mitigate this problem, the original message has been wrapped >> automatically by the mailing list software. >> >> From: Bjørn Mork <bjorn@mork.no> >> Subject: [PATCH] build: parsing "git log" breaks with gpg signature verification >> To: openwrt-devel@lists.openwrt.org >> Cc: Bjørn Mork <bjorn@mork.no> >> Date: Tue, 11 Feb 2025 19:05:32 +0100 >> >> Parsing "git log" is fragile. The actual output depends on both global and >> local configuration files. Enabling "log.showSignature" makes "git log" prefix >> signed commits with multiple lines of gpg verify output, regardless of the >> configured log format. >> >> Add "--no-show-signature" to "git log" commands to work around this particular >> issue. >> >> Signed-off-by: Bjørn Mork <bjorn@mork.no> >> --- >> include/download.mk | 2 +- >> rules.mk | 4 ++-- >> scripts/getver.sh | 2 +- >> toolchain/Makefile | 2 +- >> 4 files changed, 5 insertions(+), 5 deletions(-) >> >> diff --git a/include/download.mk b/include/download.mk >> index 7f3430277350..3ed88bb9528d 100644 >> --- a/include/download.mk >> +++ b/include/download.mk >> @@ -228,7 +228,7 @@ define DownloadMethod/rawgit >> [ \! -d $(SUBDIR) ] && \ >> git clone $(OPTS) $(URL) $(SUBDIR) && \ >> (cd $(SUBDIR) && git checkout $(SOURCE_VERSION)) && \ >> - export TAR_TIMESTAMP=`cd $(SUBDIR) && git log -1 --format='@%ct'` && \ >> + export TAR_TIMESTAMP=`cd $(SUBDIR) && git log -1 --no-show-signature --format='@%ct'` && \ >> echo "Generating formal git archive (apply .gitattributes rules)" && \ >> (cd $(SUBDIR) && git config core.abbrev 8 && \ >> git archive --format=tar HEAD --output=../$(SUBDIR).tar.git) && \ >> diff --git a/rules.mk b/rules.mk >> index dbc448e1a432..7a5df4109ef1 100644 >> --- a/rules.mk >> +++ b/rules.mk >> @@ -507,9 +507,9 @@ ext=$(word $(words $(subst ., ,$(1))),$(subst ., ,$(1))) >> ## >> define commitcount >> $(shell \ >> - if git log -1 >/dev/null 2>/dev/null; then \ >> + if git log -1 --no-show-signature >/dev/null 2>/dev/null; then \ >> if [ -n "$(1)" ]; then \ >> - last_bump="$$(git log --pretty=format:'%h %s' . | \ >> + last_bump="$$(git log --no-show-signature --pretty=format:'%h %s' . | \ >> grep -m 1 -e ': [uU]pdate to ' -e ': [bB]ump to ' | \ >> cut -f 1 -d ' ')"; \ >> fi; \ >> diff --git a/scripts/getver.sh b/scripts/getver.sh >> index 0659d8004a01..23ca0f489b15 100755 >> --- a/scripts/getver.sh >> +++ b/scripts/getver.sh >> @@ -40,7 +40,7 @@ try_git() { >> REV="${UPSTREAM_REV}+$((REV - UPSTREAM_REV))" >> fi >> >> - REV="${REV:+r$REV-$(git log -n 1 --format="%h" $UPSTREAM_BASE)}" >> + REV="${REV:+r$REV-$(git log -n 1 --no-show-signature --format="%h" $UPSTREAM_BASE)}" >> >> ;; >> esac >> diff --git a/toolchain/Makefile b/toolchain/Makefile >> index 09c16f72a780..67b1540117cd 100644 >> --- a/toolchain/Makefile >> +++ b/toolchain/Makefile >> @@ -65,7 +65,7 @@ endif >> ifdef CONFIG_BUILDBOT >> ifneq ($(wildcard $(TOPDIR)/.git),) >> $(TOOLCHAIN_DIR)/stamp/.ver_check: $(TMP_DIR)/.build >> - cd "$(TOPDIR)"; git log --format=%h -1 toolchain > $(TMP_DIR)/.ver_check >> + cd "$(TOPDIR)"; git log --no-show-signature --format=%h -1 toolchain > $(TMP_DIR)/.ver_check >> cmp -s $(TMP_DIR)/.ver_check $@ || { \ >> rm -rf $(BUILD_DIR) $(STAGING_DIR) $(TOOLCHAIN_DIR) $(BUILD_DIR_TOOLCHAIN); \ >> mkdir -p $(TOOLCHAIN_DIR)/stamp; \ > > ---------- > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel
diff --git a/include/download.mk b/include/download.mk index 7f3430277350..3ed88bb9528d 100644 --- a/include/download.mk +++ b/include/download.mk @@ -228,7 +228,7 @@ define DownloadMethod/rawgit [ \! -d $(SUBDIR) ] && \ git clone $(OPTS) $(URL) $(SUBDIR) && \ (cd $(SUBDIR) && git checkout $(SOURCE_VERSION)) && \ - export TAR_TIMESTAMP=`cd $(SUBDIR) && git log -1 --format='@%ct'` && \ + export TAR_TIMESTAMP=`cd $(SUBDIR) && git log -1 --no-show-signature --format='@%ct'` && \ echo "Generating formal git archive (apply .gitattributes rules)" && \ (cd $(SUBDIR) && git config core.abbrev 8 && \ git archive --format=tar HEAD --output=../$(SUBDIR).tar.git) && \ diff --git a/rules.mk b/rules.mk index dbc448e1a432..7a5df4109ef1 100644 --- a/rules.mk +++ b/rules.mk @@ -507,9 +507,9 @@ ext=$(word $(words $(subst ., ,$(1))),$(subst ., ,$(1))) ## define commitcount $(shell \ - if git log -1 >/dev/null 2>/dev/null; then \ + if git log -1 --no-show-signature >/dev/null 2>/dev/null; then \ if [ -n "$(1)" ]; then \ - last_bump="$$(git log --pretty=format:'%h %s' . | \ + last_bump="$$(git log --no-show-signature --pretty=format:'%h %s' . | \ grep -m 1 -e ': [uU]pdate to ' -e ': [bB]ump to ' | \ cut -f 1 -d ' ')"; \ fi; \ diff --git a/scripts/getver.sh b/scripts/getver.sh index 0659d8004a01..23ca0f489b15 100755 --- a/scripts/getver.sh +++ b/scripts/getver.sh @@ -40,7 +40,7 @@ try_git() { REV="${UPSTREAM_REV}+$((REV - UPSTREAM_REV))" fi - REV="${REV:+r$REV-$(git log -n 1 --format="%h" $UPSTREAM_BASE)}" + REV="${REV:+r$REV-$(git log -n 1 --no-show-signature --format="%h" $UPSTREAM_BASE)}" ;; esac diff --git a/toolchain/Makefile b/toolchain/Makefile index 09c16f72a780..67b1540117cd 100644 --- a/toolchain/Makefile +++ b/toolchain/Makefile @@ -65,7 +65,7 @@ endif ifdef CONFIG_BUILDBOT ifneq ($(wildcard $(TOPDIR)/.git),) $(TOOLCHAIN_DIR)/stamp/.ver_check: $(TMP_DIR)/.build - cd "$(TOPDIR)"; git log --format=%h -1 toolchain > $(TMP_DIR)/.ver_check + cd "$(TOPDIR)"; git log --no-show-signature --format=%h -1 toolchain > $(TMP_DIR)/.ver_check cmp -s $(TMP_DIR)/.ver_check $@ || { \ rm -rf $(BUILD_DIR) $(STAGING_DIR) $(TOOLCHAIN_DIR) $(BUILD_DIR_TOOLCHAIN); \ mkdir -p $(TOOLCHAIN_DIR)/stamp; \
The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Parsing "git log" is fragile. The actual output depends on both global and local configuration files. Enabling "log.showSignature" makes "git log" prefix signed commits with multiple lines of gpg verify output, regardless of the configured log format. Add "--no-show-signature" to "git log" commands to work around this particular issue. Signed-off-by: Bjørn Mork <bjorn@mork.no> --- include/download.mk | 2 +- rules.mk | 4 ++-- scripts/getver.sh | 2 +- toolchain/Makefile | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-)