core/pacman to 5.0.2-1

2025-03-19 00:21:40 +00:00 · 2017-06-16 01:07:31 +00:00 · 2017-06-16 01:07:31 +00:00 · 391b2d45c6
commit 391b2d45c6
parent 8650e3c469
7 changed files with 24 additions and 604 deletions
--- a/core/pacman/0001-Sychronize-filesystem.patch
+++ b/core/pacman/0001-Sychronize-filesystem.patch
@ -1,4 +1,4 @@
-From 42c073e4335d45e5f733a67cb1857a7561275d44 Mon Sep 17 00:00:00 2001
+From faad6b96560cc1c7c7e816299e56b3a1ea7098e0 Mon Sep 17 00:00:00 2001
 From: Kevin Mihelich <kevin@archlinuxarm.org>
 Date: Sat, 13 Sep 2014 18:58:16 -0600
 Subject: [PATCH 1/3] Sychronize filesystem
@ -14,7 +14,7 @@ Signed-off-by: Kevin Mihelich <kevin@archlinuxarm.org>
 1 file changed, 3 insertions(+)

 diff --git a/lib/libalpm/trans.c b/lib/libalpm/trans.c
-index 1398470..82835ee 100644
+index 13984707..82835ee5 100644
 --- a/lib/libalpm/trans.c
 +++ b/lib/libalpm/trans.c
@@ -230,6 +230,9 @@ int SYMEXPORT alpm_trans_commit(alpm_handle_t *handle, alpm_list_t **data)
@ -28,5 +28,5 @@ index 1398470..82835ee 100644
 }
 
 -- 
-2.7.1
+2.13.1

--- a/core/pacman/0002-Revert-close-stdin-before-running-install-scripts.patch
+++ b/core/pacman/0002-Revert-close-stdin-before-running-install-scripts.patch
@ -1,4 +1,4 @@
-From b6d6499c598caaa50f492c6558b649fcd608a1f6 Mon Sep 17 00:00:00 2001
+From 60baf4136355d00ce141b8dc4a90637eb0245245 Mon Sep 17 00:00:00 2001
 From: Kevin Mihelich <kevin@archlinuxarm.org>
 Date: Sat, 30 Jan 2016 17:19:03 -0700
 Subject: [PATCH 2/3] Revert "close stdin before running install scripts"
@ -16,10 +16,10 @@ Signed-off-by: Kevin Mihelich <kevin@archlinuxarm.org>
 1 file changed, 1 deletion(-)

 diff --git a/lib/libalpm/util.c b/lib/libalpm/util.c
-index 4a4847d..5e74462 100644
+index 1e554632..41cca4a7 100644
 --- a/lib/libalpm/util.c
 +++ b/lib/libalpm/util.c
-@@ -602,7 +602,6 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
+@@ -612,7 +612,6 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
 
 	if(pid == 0) {
 		/* this code runs for the child only (the actual chroot/exec) */
@ -28,5 +28,5 @@ index 4a4847d..5e74462 100644
 		close(2);
 		while(dup2(child2parent_pipefd[1], 1) == -1 && errno == EINTR);
 -- 
-2.7.1
+2.13.1

--- a/core/pacman/0003-Revert-alpm_run_chroot-always-connect-parent2child-p.patch
+++ b/core/pacman/0003-Revert-alpm_run_chroot-always-connect-parent2child-p.patch
@ -1,4 +1,4 @@
-From 2c2a442ba21223de93b1927f8829dbf4ab4c495c Mon Sep 17 00:00:00 2001
+From 87612bf6ef06e5fa5d58716f9c18ccb52c27be6c Mon Sep 17 00:00:00 2001
 From: Kevin Mihelich <kevin@archlinuxarm.org>
 Date: Fri, 11 Mar 2016 20:11:24 -0700
 Subject: [PATCH 3/3] Revert "alpm_run_chroot: always connect parent2child
@ -10,10 +10,10 @@ This reverts commit 1d6583a58da0904fb7feafd4a666391087955a7b.
 1 file changed, 7 insertions(+), 6 deletions(-)

 diff --git a/lib/libalpm/util.c b/lib/libalpm/util.c
-index 5e74462..f2d43ee 100644
+index 41cca4a7..aba0ee94 100644
 --- a/lib/libalpm/util.c
 +++ b/lib/libalpm/util.c
-@@ -586,7 +586,7 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
+@@ -596,7 +596,7 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
 		goto cleanup;
 	}
 
@ -22,7 +22,7 @@ index 5e74462..f2d43ee 100644
 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not create pipe (%s)\n"), strerror(errno));
 		retval = 1;
 		goto cleanup;
-@@ -606,9 +606,11 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
+@@ -616,9 +616,11 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
 		close(2);
 		while(dup2(child2parent_pipefd[1], 1) == -1 && errno == EINTR);
 		while(dup2(child2parent_pipefd[1], 2) == -1 && errno == EINTR);
@ -37,7 +37,7 @@ index 5e74462..f2d43ee 100644
 		close(child2parent_pipefd[0]);
 		close(child2parent_pipefd[1]);
 		if(cwdfd >= 0) {
-@@ -643,16 +645,15 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
+@@ -653,16 +655,15 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
 		child2parent->events = POLLIN;
 		fcntl(child2parent->fd, F_SETFL, O_NONBLOCK);
 		close(child2parent_pipefd[1]);
@ -56,5 +56,5 @@ index 5e74462..f2d43ee 100644
 
 #define STOP_POLLING(p) do { close(p->fd); p->fd = -1; } while(0)
 -- 
-2.7.1
+2.13.1

--- a/core/pacman/PKGBUILD
+++ b/core/pacman/PKGBUILD
@ -11,8 +11,8 @@
 #  - reverts to allow scriplet input on stdin

 pkgname=pacman
-pkgver=5.0.1
-pkgrel=5
+pkgver=5.0.2
+pkgrel=1
 pkgdesc="A library-based package manager with dependency support"
 arch=('i686' 'x86_64')
 url="http://www.archlinux.org/pacman/"
@ -28,29 +28,25 @@ conflicts=('pacman-contrib')
 replaces=('pacman-contrib')
 backup=(etc/pacman.conf etc/makepkg.conf)
 options=('strip' 'debug')
+validpgpkeys=('6645B0A8C7005E78DB1D7864F99FFE0FEAE999BD'  # Allan McRae <allan@archlinux.org>
+              'B8151B117037781095514CA7BBDFFC92306B1121') # Andrew Gregory (pacman) <andrew@archlinux.org>
 source=(https://sources.archlinux.org/other/pacman/$pkgname-$pkgver.tar.gz{,.sig}
-        pacman-5.0.1-roundup.patch
        0001-Sychronize-filesystem.patch
        0002-Revert-close-stdin-before-running-install-scripts.patch
        0003-Revert-alpm_run_chroot-always-connect-parent2child-p.patch
        pacman.conf
        makepkg.conf)
-md5sums=('377a2664d6007d72d6d8a126add83bcf'
-         'SKIP'
-         '1a6573187531068d38cb4478cd20368c'
-         'b1083094498f63e53de7d2aafea23733'
-         '8968ff77379c5b0143cbe89ed062c33b'
-         'fd59d9fb04abadffb937082c288bb10c'
-         '372fa63a5333ef22a0197d44b2a454ca'
-         'ace945b12a7a429af48b7a50f4119c4c')
-validpgpkeys=('6645B0A8C7005E78DB1D7864F99FFE0FEAE999BD')  # Allan McRae <allan@archlinux.org>
+sha256sums=('dfd36086ad68564bcd977f4a1fafe51dd328acd4a95093ac4bf1249be9c41f0e'
+            'SKIP'
+            '5b81731c07945db05011db153cced5294187f16e487ca2fa221bb50aa4a18dc7'
+            '47b3583d093a9d5305f52f402f103fc5584c986a0272acbd36acfc96a9f01147'
+            'c8610fbae271167c2a1ae0bf69692038eac24f13921cabf925855a8697ea82f9'
+            '0c81e6feb426c2def260fe7b0c0586ae191ce3a782d19c119474671f147515c7'
+            '881759c640603e8f2ca5ff7eef83d4a5e2d3482b5d0e1e37d6b17a5533b75e5e')

 prepare() {
  cd $srcdir/$pkgname-$pkgver

-  # v5.0.1..pacman-5.0.1..c2f97580
-  patch -p1 -i $srcdir/pacman-5.0.1-roundup.patch
-
  patch -p1 -i ../0001-Sychronize-filesystem.patch
  patch -p1 -i ../0002-Revert-close-stdin-before-running-install-scripts.patch
  patch -p1 -i ../0003-Revert-alpm_run_chroot-always-connect-parent2child-p.patch
--- a/core/pacman/ensure-matching-database-and-package-version.patch
+++ b/core/pacman/ensure-matching-database-and-package-version.patch
@ -1,60 +0,0 @@
-From deac9731884a83ad91eab9f27b288f406f56c87b Mon Sep 17 00:00:00 2001
-From: Levente Polyak <anthraxx@archlinux.org>
-Date: Sat, 18 Jul 2015 17:58:23 +0200
-Subject: [PATCH] ensure matching database and package version
-
-While loading each package ensure that the internal version matches the
-expected database version to avoid the possibility to circumvent the
-version check.
-This issue can be used by an attacker to trick the software into
-installing an older version. The behavior can be  exploited by a
-man-in-the-middle attack through specially crafted  database tarball
-containing a higher version, yet actually delivering an  older and
-vulnerable version, which was previously shipped.
-
-Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
-Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>
-Signed-off-by: Allan McRae <allan@archlinux.org>
---
- lib/libalpm/sync.c | 18 ++++++++++++++++++
- 1 file changed, 18 insertions(+)
-
-diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
-index 888ae15..e843b07 100644
--- a/lib/libalpm/sync.c
-+++ b/lib/libalpm/sync.c
-@@ -1212,6 +1212,7 @@ static int load_packages(alpm_handle_t *handle, alpm_list_t **data,
- 	EVENT(handle, &event);
- 
- 	for(i = handle->trans->add; i; i = i->next, current++) {
-+		int error = 0;
- 		alpm_pkg_t *spkg = i->data;
- 		char *filepath;
- 		int percent = (int)(((double)current_bytes / total_bytes) * 100);
-@@ -1232,6 +1233,23 @@ static int load_packages(alpm_handle_t *handle, alpm_list_t **data,
- 				spkg->name);
- 		alpm_pkg_t *pkgfile =_alpm_pkg_load_internal(handle, filepath, 1);
- 		if(!pkgfile) {
-+			_alpm_log(handle, ALPM_LOG_DEBUG, "failed to load pkgfile internal\n");
-+			error = 1;
-+		} else {
-+			if(strcmp(spkg->name, pkgfile->name) != 0) {
-+				_alpm_log(handle, ALPM_LOG_DEBUG,
-+						"internal package name mismatch, expected: '%s', actual: '%s'\n",
-+						spkg->name, pkgfile->name);
-+				error = 1;
-+			}
-+			if(strcmp(spkg->version, pkgfile->version) != 0) {
-+				_alpm_log(handle, ALPM_LOG_DEBUG,
-+						"internal package version mismatch, expected: '%s', actual: '%s'\n",
-+						spkg->version, pkgfile->version);
-+				error = 1;
-+			}
-+		}
-+		if(error != 0) {
- 			errors++;
- 			*data = alpm_list_add(*data, strdup(spkg->filename));
- 			free(filepath);
-- 
-2.4.6
-
--- a/core/pacman/pacman-4.2.0-roundup.patch
+++ b/core/pacman/pacman-4.2.0-roundup.patch
@ -1,342 +0,0 @@
-diff --git a/contrib/paccache.sh.in b/contrib/paccache.sh.in
-index 6a68d4d..1690583 100644
--- a/contrib/paccache.sh.in
-+++ b/contrib/paccache.sh.in
-@@ -256,6 +256,8 @@ while :; do
- 			delete=1 ;;
- 		-u|--uninstalled)
- 			IFS=$'\n' read -r -d '' -a ign < <(pacman -Qq)
-+			# pacman -Qq may exit with an error, thus making ign an empty array
-+			(( ${#ign[@]} )) || die 'failed to retrieve the list of installed packages'
- 			blacklist+=("${ign[@]}")
- 			unset ign ;;
- 		-V|--version)
-diff --git a/contrib/paclist.sh.in b/contrib/paclist.sh.in
-index 1c10b32..f4fd540 100644
--- a/contrib/paclist.sh.in
-+++ b/contrib/paclist.sh.in
-@@ -31,7 +31,7 @@ if ! type gettext &>/dev/null; then
- fi
- 
- usage() {
-	printf "%s (pacman) v%s\n" "${myname}" "myver"
-+	printf "%s (pacman) v%s\n" "${myname}" "${myver}"
- 	echo
- 	printf "List all packages installed from a given repository\n" "${myname}"
- 	echo
-diff --git a/contrib/updpkgsums.sh.in b/contrib/updpkgsums.sh.in
-index b0d2d69..7b92efe 100644
--- a/contrib/updpkgsums.sh.in
-+++ b/contrib/updpkgsums.sh.in
-@@ -82,9 +82,6 @@ fi
- export BUILDDIR=$(mktemp -d --tmpdir updpkgsums.XXXXXX)
- newbuildfile=$(mktemp --tmpdir updpkgsums.XXXXXX)
- 
-# In case the eventual replacement fails, we don't want to leave behind
-# $newbuildfile as garbage in $TMPDIR. This fails silently if the replacement
-# succeeds.
- trap "rm -rf '$BUILDDIR' '$newbuildfile'" EXIT
- newsums=$(makepkg -g -p "$buildfile") || die 'Failed to generate new checksums'
- awk -v newsums="$newsums" '
-@@ -100,8 +97,9 @@ awk -v newsums="$newsums" '
- 	END { if (!w) print newsums }
- ' "$buildfile" > "$newbuildfile" || die 'Failed to write new PKGBUILD'
- 
-# Replace the original buildfile.
-if ! mv -- "$newbuildfile" "$buildfile"; then
-+# Rewrite the original buildfile. Use cat instead of mv/cp to preserve
-+# permissions implicitly.
-+if ! cat -- "$newbuildfile" >"$buildfile"; then
- 	die "Failed to update %s. The file has not been modified." "$buildfile"
- fi
- 
-diff --git a/doc/PKGBUILD.5.txt b/doc/PKGBUILD.5.txt
-index 7fa91ff..c95c41d 100644
--- a/doc/PKGBUILD.5.txt
-+++ b/doc/PKGBUILD.5.txt
-@@ -216,7 +216,7 @@ underscore and the architecture name e.g., 'checkdepends_x86_64=()'.
- 	and are not utilized by pacman during dependency resolution. The format
- 	for specifying optdepends is:
- 
-	optdepends=('fakeroot: for makepkg usage as normal user')
-+	optdepends=('python: for library bindings')
- +
- Additional architecture-specific optdepends can be added by appending an
- underscore and the architecture name e.g., 'optdepends_x86_64=()'.
-@@ -336,10 +336,9 @@ files into the packaging directory, with optional `prepare()`, `build()`, and
- *package() Function*::
- 	The `package()` function is used to install files into the directory that
- 	will become the root directory of the built package and is run after all
-	the optional functions listed below. When specified in combination with
-	the fakeroot BUILDENV option in linkman:makepkg.conf[5], fakeroot usage
-	will be limited to running the packaging stage. All other functions will
-	be run as the user calling makepkg.
-+	the optional functions listed below. The packaging stage is run using
-+	fakeroot to ensure correct file permissions in the resulting package.
-+	All other functions will be run as the user calling makepkg.
- 
- *prepare() Function*::
- 	An optional `prepare()` function can be specified in which operations to
-diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in
-index 712ca60..19f673d 100644
--- a/etc/makepkg.conf.in
-+++ b/etc/makepkg.conf.in
-@@ -19,6 +19,13 @@ DLAGENTS=('ftp::/usr/bin/curl -qfC - --ftp-pasv --retry 3 --retry-delay 3 -o %o
- # /usr/bin/lftpget -c
- # /usr/bin/wget
- 
-+#-- The package required by makepkg to download VCS sources
-+#  Format: 'protocol::package'
-+VCSCLIENTS=('bzr::bzr'
-+            'git::git'
-+            'hg::mercurial'
-+            'svn::subversion')
-+
- #########################################################################
- # ARCHITECTURE, COMPILE FLAGS
- #########################################################################
-diff --git a/lib/libalpm/log.c b/lib/libalpm/log.c
-index d232bcc..9af5e84 100644
--- a/lib/libalpm/log.c
-+++ b/lib/libalpm/log.c
-@@ -52,7 +52,7 @@ int SYMEXPORT alpm_logaction(alpm_handle_t *handle, const char *prefix,
- 		int fd;
- 		do {
- 			fd = open(handle->logfile, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC,
-					0000);
-+					0644);
- 		} while(fd == -1 && errno == EINTR);
- 		if(fd >= 0) {
- 			handle->logstream = fdopen(fd, "a");
-diff --git a/lib/libalpm/package.c b/lib/libalpm/package.c
-index e2997f6..d9ed3d3 100644
--- a/lib/libalpm/package.c
-+++ b/lib/libalpm/package.c
-@@ -574,7 +574,7 @@ int _alpm_pkg_dup(alpm_pkg_t *pkg, alpm_pkg_t **new_ptr)
- 	newpkg->installdate = pkg->installdate;
- 	STRDUP(newpkg->packager, pkg->packager, goto cleanup);
- 	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
-	STRDUP(newpkg->sha256sum, pkg->md5sum, goto cleanup);
-+	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);
- 	STRDUP(newpkg->arch, pkg->arch, goto cleanup);
- 	newpkg->size = pkg->size;
- 	newpkg->isize = pkg->isize;
-diff --git a/scripts/makepkg-template.pl.in b/scripts/makepkg-template.pl.in
-index 6e6d944..d9da167 100755
--- a/scripts/makepkg-template.pl.in
-+++ b/scripts/makepkg-template.pl.in
-@@ -70,7 +70,7 @@ sub parse_template_line {
- 	foreach my $element (@elements) {
- 		my ($key, $val) = ($element =~ /^([a-z0-9]+)=(.*)$/);
- 		unless ($key and $val) {
-			die gettext("invalid key/value pair\n%s:%s: %s"),
-+			die gettext("invalid key/value pair\n"),
- 				"$filename:$linenumber: $line";
- 		}
- 		$values{$key} = $val;
-diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
-index 33dff24..da68dc7 100644
--- a/scripts/makepkg.sh.in
-+++ b/scripts/makepkg.sh.in
-@@ -362,11 +362,11 @@ download_file() {
- 	# replace %o by the temporary dlfile if it exists
- 	if [[ ${cmdline[*]} = *%o* ]]; then
- 		dlfile=$filename.part
-		cmdline=("${cmdline[@]//%o/"$dlfile"}")
-+		cmdline=("${cmdline[@]//%o/$dlfile}")
- 	fi
- 	# add the URL, either in place of %u or at the end
- 	if [[ ${cmdline[*]} = *%u* ]]; then
-		cmdline=("${cmdline[@]//%u/"$url"}")
-+		cmdline=("${cmdline[@]//%u/$url}")
- 	else
- 		cmdline+=("$url")
- 	fi
-@@ -1317,47 +1317,41 @@ verify_integrity_sums() {
- 	fi
- }
- 
-have_sources() {
-	local a
-
-	(( ${#source[*]} )) && return 0
-+check_checksums() {
-+	local integ a
-+	declare -A correlation
-+	(( SKIPCHECKSUMS )) && return 0
- 
-+	# Initialize a map which we'll use to verify that every source array has at
-+	# least some kind of checksum array associated with it.
-+	(( ${#source[*]} )) && correlation['source']=1
- 	case $1 in
- 		all)
- 			for a in "${arch[@]}"; do
-				array_build _ source_"$a" && return 0
-+				array_build _ source_"$a" && correlation["source_$a"]=1
- 			done
- 			;;
- 		*)
-			array_build _ source_"$CARCH" && return 0
-+			array_build _ source_"$CARCH" && correlation["source_$CARCH"]=1
- 			;;
- 	esac
- 
-	return 1
-}
-
-check_checksums() {
-	(( SKIPCHECKSUMS )) && return 0
-	have_sources "$1" || return 0
-
-	local correlation=0
-	local integ a
- 	for integ in "${known_hash_algos[@]}"; do
-		verify_integrity_sums "$integ" && correlation=1
-+		verify_integrity_sums "$integ" && unset "correlation[source]"
- 
- 		case $1 in
- 			all)
- 				for a in "${arch[@]}"; do
-					verify_integrity_sums "$integ" "$a" && correlation=1
-+					verify_integrity_sums "$integ" "$a" && unset "correlation[source_$a]"
- 				done
- 				;;
- 			*)
-				verify_integrity_sums "$integ" "$CARCH" && correlation=1
-+				verify_integrity_sums "$integ" "$CARCH" && unset "correlation[source_$CARCH]"
- 				;;
- 		esac
- 	done
- 
-	if (( ! correlation )); then
-+	if (( ${#correlation[*]} )); then
- 		error "$(gettext "Integrity checks are missing.")"
- 		exit 1 # TODO: error code
- 	fi
-@@ -1504,7 +1498,7 @@ check_pgpsigs() {
- 			esac
- 			errors=1
- 		else
-			if (( ${#validpgpkeys[@]} == 0 && ! $trusted )); then
-+			if (( ${#validpgpkeys[@]} == 0 && !trusted )); then
- 				printf "%s ($(gettext "the public key %s is not trusted"))" $(gettext "FAILED") "$fingerprint" >&2
- 				errors=1
- 			elif (( ${#validpgpkeys[@]} > 0 )) && ! in_array "$fingerprint" "${validpgpkeys[@]}"; then
-@@ -1627,7 +1621,10 @@ merge_arch_attrs() {
- 
- source_buildfile() {
- 	source_safe "$@"
-	merge_arch_attrs
-+
-+	if (( !SOURCEONLY )); then
-+		merge_arch_attrs
-+	fi
- }
- 
- run_function_safe() {
-@@ -1835,7 +1832,7 @@ tidy_install() {
- 	# check existence of backup files
- 	local file
- 	for file in "${backup[@]}"; do
-		if [[ ! -f $file ]]; then
-+		if [[ ! -f $file && ! -h $file ]]; then
- 			warning "$(gettext "%s entry file not in package : %s")" "backup" "$file"
- 		fi
- 	done
-@@ -2469,6 +2466,9 @@ array_build() {
- 	# Build an array of the indicies of the source array.
- 	eval "keys=(\"\${!$2[@]}\")"
- 
-+	# Clear the destination array
-+	eval "$dest=()"
-+
- 	# Read values indirectly via their index. This approach gives us support
- 	# for associative arrays, sparse arrays, and empty strings as elements.
- 	for i in "${keys[@]}"; do
-@@ -2896,7 +2896,7 @@ get_vcsclient() {
- }
- 
- check_vcs_software() {
-	local ret=0
-+	local all_sources all_deps deps ret=0
- 
- 	if (( SOURCEONLY == 1 )); then
- 		# we will not download VCS sources
-@@ -2908,7 +2908,17 @@ check_vcs_software() {
- 		return $ret
- 	fi
- 
-	for netfile in ${source[@]}; do
-+	# we currently only use global depends/makedepends arrays for --syncdeps
-+	for attr in depends makedepends; do
-+		pkgbuild_get_attribute "$pkg" "$attr" 1 'deps'
-+		all_deps+=("${deps[@]}")
-+
-+		pkgbuild_get_attribute "$pkg" "${attr}_$CARCH" 1 'deps'
-+		all_deps+=("${deps[@]}")
-+	done
-+
-+	get_all_sources_for_arch 'all_sources'
-+	for netfile in ${all_sources[@]}; do
- 		local proto=$(get_protocol "$netfile")
- 
- 		case $proto in
-@@ -2921,7 +2931,7 @@ check_vcs_software() {
- 					uninstalled="$(set +E; check_deps $client)" || exit 1
- 					# if not installed, check presence in depends or makedepends
- 					if [[ -n "$uninstalled" ]] && (( ! NODEPS || ( VERIFYSOURCE && !DEP_BIN ) )); then
-						if ! in_array "$client" ${depends[@]} ${makedepends[@]}; then
-+						if ! in_array "$client" ${all_deps[@]}; then
- 							error "$(gettext "Cannot find the %s package needed to handle %s sources.")" \
- 									"$client" "${proto%%+*}"
- 							ret=1
-@@ -3435,7 +3445,7 @@ CARCH=${_CARCH:-$CARCH}
- if (( ! INFAKEROOT )); then
- 	if (( EUID == 0 )); then
- 		error "$(gettext "Running %s as root is not allowed as it can cause permanent,\n\
-catastrophic damage to your system.")"
-+catastrophic damage to your system.")" "makepkg"
- 		exit 1 # $E_USER_ABORT
- 	fi
- else
-@@ -3597,7 +3607,7 @@ if (( SOURCEONLY )); then
- 		download_sources allarch
- 	elif ( (( ! SKIPCHECKSUMS )) || \
- 			( (( ! SKIPPGPCHECK )) && source_has_signatures ) ); then
-		download_sources novcs
-+		download_sources allarch novcs
- 	fi
- 	check_source_integrity all
- 	cd_safe "$startdir"
-diff --git a/scripts/pacman-db-upgrade.sh.in b/scripts/pacman-db-upgrade.sh.in
-index 7bb277b..7d01bce 100644
--- a/scripts/pacman-db-upgrade.sh.in
-+++ b/scripts/pacman-db-upgrade.sh.in
-@@ -19,6 +19,9 @@
- #   along with this program.  If not, see <http://www.gnu.org/licenses/>.
- #
- 
-+# Avoid creating world-unreadable files
-+umask 022
-+
- # gettext initialization
- export TEXTDOMAIN='pacman-scripts'
- export TEXTDOMAINDIR='@localedir@'
-@@ -167,6 +170,8 @@ if [[ -z "$db_version" ]]; then
- 	fi
- 
- 	# pacman 4.1 to 4.2 upgrade - remove directory symlink support
-+	msg "$(gettext "Pre-4.2 database format detected - upgrading...")"
-+
- 	dirlist=()
- 
- 	unset GREP_OPTIONS
-@@ -180,8 +185,6 @@ if [[ -z "$db_version" ]]; then
- 		done)
- 
- 	if [[ ${#dirlist[@]} != 0 ]]; then
-		msg "$(gettext "Pre-4.2 database format detected - upgrading...")"
-
- 		pacroot="$(resolve_dir "$pacroot")"
- 
- 		for dir in "${dirlist[@]}"; do
--- a/core/pacman/pacman-5.0.1-roundup.patch
+++ b/core/pacman/pacman-5.0.1-roundup.patch
@ -1,174 +0,0 @@
-diff --git a/NEWS b/NEWS
-index 07aa028..b7298bf 100644
--- a/NEWS
-+++ b/NEWS
-@@ -1,5 +1,22 @@
- VERSION         DESCRIPTION
- -----------------------------------------------------------------------------
-+5.0.1         - fix alignment issues with wide character locales (FS#47980)
-+              - fix removal of .pacnew files (FS#47993)
-+              - fix triggering of Install hooks (FS#47996)
-+              - fix handling of stdin scripts called by pacman
-+              - hook activity is logged
-+              - documentataion updates for alpm-hooks (FS#48080)
-+              - makepkg:
-+                - increase robustness of variable array checks
-+                - makepkg -g does not perform current architecture checks
-+                - do not run prepare() with --noextract
-+                - all directories in the packaging directory are cleared
-+                  before each build
-+                - fix translations issues (FS#48057, FS#48298)
-+              - repo-add:
-+                - fix checking for non-existent database
-+              - contrib:
-+                - zsh_completion: updated makepkg options
- 5.0.0         - pacman can run hooks pre- and post-transaction. See the
-                 alpm-hooks(5) man page for details and an example hook (FS#2985)
-               - pacman can now sync and read .files databases (-Fy) and do basic
-diff --git a/doc/PKGBUILD.5.txt b/doc/PKGBUILD.5.txt
-index e410481..4b4a22c 100644
--- a/doc/PKGBUILD.5.txt
-+++ b/doc/PKGBUILD.5.txt
-@@ -52,10 +52,10 @@ similar to `$_basekernver`.
- +
- The `pkgver` variable can be automatically updated by providing a `pkgver()`
- function in the PKGBUILD that outputs the new package version.
-This is run after downloading and extracting the sources so it can use those
-files in determining the new `pkgver`.
-This is most useful when used with sources from version control systems (see
-below).
-+This is run after downloading and extracting the sources and running the
-+`prepare()` function (if present), so it can use those files in determining the
-+new `pkgver`.  This is most useful when used with sources from version control
-+systems (see below).
- 
- *pkgrel*::
- 	This is the release number specific to the Arch Linux release. This
-diff --git a/scripts/libmakepkg/tidy/emptydirs.sh.in b/scripts/libmakepkg/tidy/emptydirs.sh.in
-index 32b8d8c..85ab39d 100644
--- a/scripts/libmakepkg/tidy/emptydirs.sh.in
-+++ b/scripts/libmakepkg/tidy/emptydirs.sh.in
-@@ -33,6 +33,7 @@ tidy_remove+=('tidy_emptydirs')
- tidy_emptydirs() {
- 	if check_option "emptydirs" "n"; then
- 		msg2 "$(gettext "Removing empty directories...")"
-		find . -depth -type d -exec rmdir '{}' + 2>/dev/null
-+		# we are unable to use '-empty' as it is non-POSIX and not support by all find variants
-+		find . -depth -type d -exec rmdir '{}' \; 2>/dev/null
- 	fi
- }
-diff --git a/scripts/libmakepkg/util/util.sh b/scripts/libmakepkg/util/util.sh
-index 675e75d..f9f1c20 100644
--- a/scripts/libmakepkg/util/util.sh
-+++ b/scripts/libmakepkg/util/util.sh
-@@ -46,7 +46,7 @@ is_array() {
- 	local shellopts=$(shopt -p)
- 	shopt -s extglob
- 
-	if [[ $(declare -p "$i") == declare\ -*([[:alnum:]])a*([[:alnum:]])\ * ]]; then
-+	if [[ $(declare -p "$v") == declare\ -*([[:alnum:]])a*([[:alnum:]])\ * ]]; then
- 		ret=0
- 	fi
- 
-diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
-index 30d2704..0db0952 100644
--- a/scripts/pacman-key.sh.in
-+++ b/scripts/pacman-key.sh.in
-@@ -483,7 +483,7 @@ verify_sig() {
- 	local ret=0
- 	for sig; do
- 		msg "Checking %s..." "$sig"
-		if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE)$'; then
-+		if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'; then
- 			error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
- 			ret=1
- 		fi
-diff --git a/src/pacman/check.c b/src/pacman/check.c
-index 0fe74e8..d282cc2 100644
--- a/src/pacman/check.c
-+++ b/src/pacman/check.c
-@@ -254,7 +254,6 @@ int check_pkg_full(alpm_pkg_t *pkg)
- 	const char *root, *pkgname;
- 	size_t errors = 0;
- 	size_t rootlen;
-	char filepath[PATH_MAX];
- 	struct archive *mtree;
- 	struct archive_entry *entry = NULL;
- 	size_t file_count = 0;
-@@ -267,7 +266,6 @@ int check_pkg_full(alpm_pkg_t *pkg)
- 		pm_printf(ALPM_LOG_ERROR, _("path too long: %s%s\n"), root, "");
- 		return 1;
- 	}
-	strcpy(filepath, root);
- 
- 	pkgname = alpm_pkg_get_name(pkg);
- 	mtree = alpm_pkg_mtree_open(pkg);
-@@ -282,6 +280,8 @@ int check_pkg_full(alpm_pkg_t *pkg)
- 	while(alpm_pkg_mtree_next(pkg, mtree, &entry) == ARCHIVE_OK) {
- 		struct stat st;
- 		const char *path = archive_entry_pathname(entry);
-+		char filepath[PATH_MAX];
-+		int filepath_len;
- 		mode_t type;
- 		size_t file_errors = 0;
- 		int backup = 0;
-@@ -292,31 +292,37 @@ int check_pkg_full(alpm_pkg_t *pkg)
- 			path += 2;
- 		}
- 
-		if(strcmp(path, ".INSTALL") == 0) {
-			char filename[PATH_MAX];
-			snprintf(filename, PATH_MAX, "%slocal/%s-%s/install",
-					alpm_option_get_dbpath(config->handle) + 1,
-					pkgname, alpm_pkg_get_version(pkg));
-			archive_entry_set_pathname(entry, filename);
-			path = archive_entry_pathname(entry);
-		} else if(strcmp(path, ".CHANGELOG") == 0) {
-			char filename[PATH_MAX];
-			snprintf(filename, PATH_MAX, "%slocal/%s-%s/changelog",
-					alpm_option_get_dbpath(config->handle) + 1,
-					pkgname, alpm_pkg_get_version(pkg));
-			archive_entry_set_pathname(entry, filename);
-			path = archive_entry_pathname(entry);
-		} else if(*path == '.') {
-			continue;
-		}
-+		if(*path == '.') {
-+			const char *dbfile = NULL;
- 
-		file_count++;
-+			if(strcmp(path, ".INSTALL") == 0) {
-+				dbfile = "install";
-+			} else if(strcmp(path, ".CHANGELOG") == 0) {
-+				dbfile = "changelog";
-+			} else {
-+				continue;
-+			}
- 
-		if(rootlen + 1 + strlen(path) > PATH_MAX) {
-			pm_printf(ALPM_LOG_WARNING, _("path too long: %s%s\n"), root, path);
-			continue;
-+			/* Do not append root directory as alpm_option_get_dbpath is already
-+			 * an absoute path */
-+			filepath_len = snprintf(filepath, PATH_MAX, "%slocal/%s-%s/%s",
-+					alpm_option_get_dbpath(config->handle),
-+					pkgname, alpm_pkg_get_version(pkg), dbfile);
-+			if(filepath_len >= PATH_MAX) {
-+				pm_printf(ALPM_LOG_WARNING, _("path too long: %slocal/%s-%s/%s\n"),
-+						alpm_option_get_dbpath(config->handle),
-+						pkgname, alpm_pkg_get_version(pkg), dbfile);
-+				continue;
-+			}
-+		} else {
-+			filepath_len = snprintf(filepath, PATH_MAX, "%s%s", root, path);
-+			if(filepath_len >= PATH_MAX) {
-+				pm_printf(ALPM_LOG_WARNING, _("path too long: %s%s\n"), root, path);
-+				continue;
-+			}
- 		}
-		strcpy(filepath + rootlen, path);
-+
-+		file_count++;
- 
- 		exists = check_file_exists(pkgname, filepath, rootlen, &st);
- 		if(exists == 1) {