diff options
Diffstat (limited to 't')
87 files changed, 852 insertions, 337 deletions
diff --git a/t/Makefile b/t/Makefile index 882d26eee3..46cd5fc527 100644 --- a/t/Makefile +++ b/t/Makefile @@ -71,12 +71,10 @@ clean-chainlint: check-chainlint: @mkdir -p '$(CHAINLINTTMP_SQ)' && \ - err=0 && \ - for i in $(CHAINLINTTESTS); do \ - $(CHAINLINT) <chainlint/$$i.test | \ - sed -e '/^# LINT: /d' >'$(CHAINLINTTMP_SQ)'/$$i.actual && \ - diff -u chainlint/$$i.expect '$(CHAINLINTTMP_SQ)'/$$i.actual || err=1; \ - done && exit $$err + sed -e '/^# LINT: /d' $(patsubst %,chainlint/%.test,$(CHAINLINTTESTS)) >'$(CHAINLINTTMP_SQ)'/tests && \ + sed -e '/^[ ]*$$/d' $(patsubst %,chainlint/%.expect,$(CHAINLINTTESTS)) >'$(CHAINLINTTMP_SQ)'/expect && \ + $(CHAINLINT) '$(CHAINLINTTMP_SQ)'/tests | grep -v '^[ ]*$$' >'$(CHAINLINTTMP_SQ)'/actual && \ + diff -u '$(CHAINLINTTMP_SQ)'/expect '$(CHAINLINTTMP_SQ)'/actual test-lint: test-lint-duplicates test-lint-executable test-lint-shell-syntax \ test-lint-filenames diff --git a/t/chainlint.sed b/t/chainlint.sed index 8a25c5b855..dc4ce37cb5 100644 --- a/t/chainlint.sed +++ b/t/chainlint.sed @@ -24,9 +24,9 @@ # in order to avoid misinterpreting the ")" in constructs such as "x=$(...)" # and "case $x in *)" as ending the subshell. # -# Lines missing a final "&&" are flagged with "?!AMP?!", and lines which chain -# commands with ";" internally rather than "&&" are flagged "?!SEMI?!". A line -# may be flagged for both violations. +# Lines missing a final "&&" are flagged with "?!AMP?!", as are lines which +# chain commands with ";" internally rather than "&&". A line may be flagged +# for both violations. # # Detection of a missing &&-link in a multi-line subshell is complicated by the # fact that the last statement before the closing ")" must not end with "&&". @@ -47,8 +47,8 @@ # "?!AMP?!" violation is removed from the "bar" line (retrieved from the "hold" # area) since the final statement of a subshell must not end with "&&". The # final line of a subshell may still break the &&-chain by using ";" internally -# to chain commands together rather than "&&", so "?!SEMI?!" is never removed -# from a line (even though "?!AMP?!" might be). +# to chain commands together rather than "&&", but an internal "?!AMP?!" is +# never removed from a line even though a line-ending "?!AMP?!" might be. # # Care is taken to recognize the last _statement_ of a multi-line subshell, not # necessarily the last textual _line_ within the subshell, since &&-chaining @@ -62,26 +62,20 @@ # receives similar treatment. # # Swallowing here-docs with arbitrary tags requires a bit of finesse. When a -# line such as "cat <<EOF >out" is seen, the here-doc tag is moved to the front -# of the line enclosed in angle brackets as a sentinel, giving "<EOF>cat >out". +# line such as "cat <<EOF" is seen, the here-doc tag is copied to the front of +# the line enclosed in angle brackets as a sentinel, giving "<EOF>cat <<EOF". # As each subsequent line is read, it is appended to the target line and a # (whitespace-loose) back-reference match /^<(.*)>\n\1$/ is attempted to see if # the content inside "<...>" matches the entirety of the newly-read line. For # instance, if the next line read is "some data", when concatenated with the -# target line, it becomes "<EOF>cat >out\nsome data", and a match is attempted +# target line, it becomes "<EOF>cat <<EOF\nsome data", and a match is attempted # to see if "EOF" matches "some data". Since it doesn't, the next line is # attempted. When a line consisting of only "EOF" (and possible whitespace) is -# encountered, it is appended to the target line giving "<EOF>cat >out\nEOF", +# encountered, it is appended to the target line giving "<EOF>cat <<EOF\nEOF", # in which case the "EOF" inside "<...>" does match the text following the # newline, thus the closing here-doc tag has been found. The closing tag line # and the "<...>" prefix on the target line are then discarded, leaving just -# the target line "cat >out". -# -# To facilitate regression testing (and manual debugging), a ">" annotation is -# applied to the line containing ")" which closes a subshell, ">>" to a line -# closing a nested subshell, and ">>>" to a line closing both at once. This -# makes it easy to detect whether the heuristics correctly identify -# end-of-subshell. +# the target line "cat <<EOF". #------------------------------------------------------------------------------ # incomplete line -- slurp up next line @@ -94,9 +88,9 @@ # here-doc -- swallow it to avoid false hits within its body (but keep the # command to which it was attached) -/<<[ ]*[-\\'"]*[A-Za-z0-9_]/ { - s/^\(.*\)<<[ ]*[-\\'"]*\([A-Za-z0-9_][A-Za-z0-9_]*\)['"]*/<\2>\1<</ - s/[ ]*<<// +/<<-*[ ]*[\\'"]*[A-Za-z0-9_]/ { + /"[^"]*<<[^"]*"/bnotdoc + s/^\(.*<<-*[ ]*\)[\\'"]*\([A-Za-z0-9_][A-Za-z0-9_]*\)['"]*/<\2>\1\2/ :hered N /^<\([^>]*\)>.*\n[ ]*\1[ ]*$/!{ @@ -106,6 +100,7 @@ s/^<[^>]*>// s/\n.*$// } +:notdoc # one-liner "(...) &&" /^[ ]*!*[ ]*(..*)[ ]*&&[ ]*$/boneline @@ -126,7 +121,7 @@ b # "&&" (but not ";" in a string) :oneline /;/{ - /"[^"]*;[^"]*"/!s/^/?!SEMI?!/ + /"[^"]*;[^"]*"/!s/;/; ?!AMP?!/ } b @@ -136,11 +131,15 @@ b h bnextln } -# "(..." line -- split off and stash "(", then process "..." as its own line +# "(..." line -- "(" opening subshell cuddled with command; temporarily replace +# "(" with sentinel "^" and process the line as if "(" had been seen solo on +# the preceding line; this temporary replacement prevents several rules from +# accidentally thinking "(" introduces a nested subshell; "^" is changed back +# to "(" at output time x -s/.*/(/ +s/.*// x -s/(// +s/(/^/ bslurp :nextln @@ -157,8 +156,10 @@ s/.*\n// /"[^'"]*'[^'"]*"/!bsqstr } :folded -# here-doc -- swallow it -/<<[ ]*[-\\'"]*[A-Za-z0-9_]/bheredoc +# here-doc -- swallow it (but not "<<" in a string) +/<<-*[ ]*[\\'"]*[A-Za-z0-9_]/{ + /"[^"]*<<[^"]*"/!bheredoc +} # comment or empty line -- discard since final non-comment, non-empty line # before closing ")", "done", "elsif", "else", or "fi" will need to be # re-visited to drop "suspect" marking since final line of those constructs @@ -171,12 +172,12 @@ s/.*\n// /"[^"]*#[^"]*"/!s/[ ]#.*$// } # one-liner "case ... esac" -/^[ ]*case[ ]*..*esac/bchkchn +/^[ ^]*case[ ]*..*esac/bchkchn # multi-line "case ... esac" -/^[ ]*case[ ]..*[ ]in/bcase +/^[ ^]*case[ ]..*[ ]in/bcase # multi-line "for ... done" or "while ... done" -/^[ ]*for[ ]..*[ ]in/bcont -/^[ ]*while[ ]/bcont +/^[ ^]*for[ ]..*[ ]in/bcont +/^[ ^]*while[ ]/bcont /^[ ]*do[ ]/bcont /^[ ]*do[ ]*$/bcont /;[ ]*do/bcont @@ -187,7 +188,7 @@ s/.*\n// /||[ ]*exit[ ]/bcont /||[ ]*exit[ ]*$/bcont # multi-line "if...elsif...else...fi" -/^[ ]*if[ ]/bcont +/^[ ^]*if[ ]/bcont /^[ ]*then[ ]/bcont /^[ ]*then[ ]*$/bcont /;[ ]*then/bcont @@ -200,15 +201,15 @@ s/.*\n// /^[ ]*fi[ ]*[<>|]/bdone /^[ ]*fi[ ]*)/bdone # nested one-liner "(...) &&" -/^[ ]*(.*)[ ]*&&[ ]*$/bchkchn +/^[ ^]*(.*)[ ]*&&[ ]*$/bchkchn # nested one-liner "(...)" -/^[ ]*(.*)[ ]*$/bchkchn +/^[ ^]*(.*)[ ]*$/bchkchn # nested one-liner "(...) >x" (or "2>x" or "<x" or "|x") -/^[ ]*(.*)[ ]*[0-9]*[<>|]/bchkchn +/^[ ^]*(.*)[ ]*[0-9]*[<>|]/bchkchn # nested multi-line "(...\n...)" -/^[ ]*(/bnest +/^[ ^]*(/bnest # multi-line "{...\n...}" -/^[ ]*{/bblock +/^[ ^]*{/bblock # closing ")" on own line -- exit subshell /^[ ]*)/bclssolo # "$((...))" -- arithmetic expansion; not closing ")" @@ -230,16 +231,18 @@ s/.*\n// # string and not ";;" in one-liner "case...esac") /;/{ /;;/!{ - /"[^"]*;[^"]*"/!s/^/?!SEMI?!/ + /"[^"]*;[^"]*"/!s/;/; ?!AMP?!/ } } # line ends with pipe "...|" -- valid; not missing "&&" /|[ ]*$/bcont # missing end-of-line "&&" -- mark suspect -/&&[ ]*$/!s/^/?!AMP?!/ +/&&[ ]*$/!s/$/ ?!AMP?!/ :cont # retrieve and print previous line x +s/^\([ ]*\)^/\1(/ +s/?!HERE?!/<</g n bslurp @@ -280,8 +283,7 @@ bfolded # found here-doc -- swallow it to avoid false hits within its body (but keep # the command to which it was attached) :heredoc -s/^\(.*\)<<[ ]*[-\\'"]*\([A-Za-z0-9_][A-Za-z0-9_]*\)['"]*/<\2>\1<</ -s/[ ]*<<// +s/^\(.*\)<<\(-*[ ]*\)[\\'"]*\([A-Za-z0-9_][A-Za-z0-9_]*\)['"]*/<\3>\1?!HERE?!\2\3/ :hdocsub N /^<\([^>]*\)>.*\n[ ]*\1[ ]*$/!{ @@ -295,7 +297,15 @@ bfolded # found "case ... in" -- pass through untouched :case x +s/^\([ ]*\)^/\1(/ +s/?!HERE?!/<</g n +:cascom +/^[ ]*#/{ + N + s/.*\n// + bcascom +} /^[ ]*esac/bslurp bcase @@ -303,7 +313,7 @@ bcase # that line legitimately lacks "&&" :else x -s/?!AMP?!// +s/\( ?!AMP?!\)* ?!AMP?!$// x bcont @@ -311,7 +321,7 @@ bcont # "suspect" from final contained line since that line legitimately lacks "&&" :done x -s/?!AMP?!// +s/\( ?!AMP?!\)* ?!AMP?!$// x # is 'done' or 'fi' cuddled with ")" to close subshell? /done.*)/bclose @@ -322,11 +332,18 @@ bchkchn :nest x :nstslrp +s/^\([ ]*\)^/\1(/ +s/?!HERE?!/<</g n +:nstcom +# comment -- not closing ")" if in comment +/^[ ]*#/{ + N + s/.*\n// + bnstcom +} # closing ")" on own line -- stop nested slurp /^[ ]*)/bnstcl -# comment -- not closing ")" if in comment -/^[ ]*#/bnstcnt # "$((...))" -- arithmetic expansion; not closing ")" /\$(([^)][^)]*))[^)]*$/bnstcnt # "$(...)" -- command substitution; not closing ")" @@ -337,7 +354,6 @@ n x bnstslrp :nstcl -s/^/>>/ # is it "))" which closes nested and parent subshells? /)[ ]*)/bslurp bchkchn @@ -345,7 +361,15 @@ bchkchn # found multi-line "{...\n...}" block -- pass through untouched :block x +s/^\([ ]*\)^/\1(/ +s/?!HERE?!/<</g n +:blkcom +/^[ ]*#/{ + N + s/.*\n// + bblkcom +} # closing "}" -- stop block slurp /}/bchkchn bblock @@ -354,16 +378,22 @@ bblock # since that line legitimately lacks "&&" and exit subshell loop :clssolo x -s/?!AMP?!// +s/\( ?!AMP?!\)* ?!AMP?!$// +s/^\([ ]*\)^/\1(/ +s/?!HERE?!/<</g p x -s/^/>/ +s/^\([ ]*\)^/\1(/ +s/?!HERE?!/<</g b # found closing "...)" -- exit subshell loop :close x +s/^\([ ]*\)^/\1(/ +s/?!HERE?!/<</g p x -s/^/>/ +s/^\([ ]*\)^/\1(/ +s/?!HERE?!/<</g b diff --git a/t/chainlint/arithmetic-expansion.expect b/t/chainlint/arithmetic-expansion.expect index 09457d3196..46ee1046af 100644 --- a/t/chainlint/arithmetic-expansion.expect +++ b/t/chainlint/arithmetic-expansion.expect @@ -2,8 +2,8 @@ foo && bar=$((42 + 1)) && baz ->) && +) && ( -?!AMP?! bar=$((42 + 1)) + bar=$((42 + 1)) ?!AMP?! baz ->) +) diff --git a/t/chainlint/bash-array.expect b/t/chainlint/bash-array.expect index c4a830d1c1..4c34eaee45 100644 --- a/t/chainlint/bash-array.expect +++ b/t/chainlint/bash-array.expect @@ -2,9 +2,9 @@ foo && bar=(gumbo stumbo wumbo) && baz ->) && +) && ( foo && bar=${#bar[@]} && baz ->) +) diff --git a/t/chainlint/blank-line.expect b/t/chainlint/blank-line.expect index 3be939ed38..f76fde1ffb 100644 --- a/t/chainlint/blank-line.expect +++ b/t/chainlint/blank-line.expect @@ -1,4 +1,4 @@ ( nothing && something ->) +) diff --git a/t/chainlint/blank-line.test b/t/chainlint/blank-line.test index f6dd14302b..0fdf15b3e1 100644 --- a/t/chainlint/blank-line.test +++ b/t/chainlint/blank-line.test @@ -3,7 +3,7 @@ nothing && something -# LINT: swallow blank lines since final _statement_ before subshell end is +# LINT: ignore blank lines since final _statement_ before subshell end is # LINT: significant to "&&"-check, not final _line_ (which might be blank) diff --git a/t/chainlint/block-comment.expect b/t/chainlint/block-comment.expect new file mode 100644 index 0000000000..d10b2eeaf2 --- /dev/null +++ b/t/chainlint/block-comment.expect @@ -0,0 +1,6 @@ +( + { + echo a && + echo b + } +) diff --git a/t/chainlint/block-comment.test b/t/chainlint/block-comment.test new file mode 100644 index 0000000000..df2beea888 --- /dev/null +++ b/t/chainlint/block-comment.test @@ -0,0 +1,8 @@ +( + { + # show a + echo a && + # show b + echo b + } +) diff --git a/t/chainlint/block.expect b/t/chainlint/block.expect index fed7e89ae8..da60257ebc 100644 --- a/t/chainlint/block.expect +++ b/t/chainlint/block.expect @@ -7,6 +7,6 @@ bar && { echo c -?!AMP?! } + } ?!AMP?! baz ->) +) diff --git a/t/chainlint/block.test b/t/chainlint/block.test index d859151af1..0a82fd579f 100644 --- a/t/chainlint/block.test +++ b/t/chainlint/block.test @@ -1,6 +1,5 @@ ( -# LINT: missing "&&" in block not currently detected (for consistency with -# LINT: --chain-lint at top level and to provide escape hatch if needed) +# LINT: missing "&&" after first "echo" foo && { echo a diff --git a/t/chainlint/broken-chain.expect b/t/chainlint/broken-chain.expect index 55b0f42a53..cfb58fb6b9 100644 --- a/t/chainlint/broken-chain.expect +++ b/t/chainlint/broken-chain.expect @@ -1,6 +1,6 @@ ( foo && -?!AMP?! bar + bar ?!AMP?! baz && wop ->) +) diff --git a/t/chainlint/broken-chain.test b/t/chainlint/broken-chain.test index 3cc67b65d0..2a44aa73b7 100644 --- a/t/chainlint/broken-chain.test +++ b/t/chainlint/broken-chain.test @@ -1,6 +1,6 @@ ( foo && -# LINT: missing "&&" from 'bar' +# LINT: missing "&&" from "bar" bar baz && # LINT: final statement before closing ")" legitimately lacks "&&" diff --git a/t/chainlint/case-comment.expect b/t/chainlint/case-comment.expect new file mode 100644 index 0000000000..1e4b054bda --- /dev/null +++ b/t/chainlint/case-comment.expect @@ -0,0 +1,8 @@ +( + case "$x" in + x) foo ;; + *) + bar + ;; + esac +) diff --git a/t/chainlint/case-comment.test b/t/chainlint/case-comment.test new file mode 100644 index 0000000000..641c157b98 --- /dev/null +++ b/t/chainlint/case-comment.test @@ -0,0 +1,11 @@ +( + case "$x" in + # found foo + x) foo ;; + # found other + *) + # treat it as bar + bar + ;; + esac +) diff --git a/t/chainlint/case.expect b/t/chainlint/case.expect index 41f121fbbf..31f280d8ce 100644 --- a/t/chainlint/case.expect +++ b/t/chainlint/case.expect @@ -4,16 +4,16 @@ *) bar ;; esac && foobar ->) && +) && ( case "$x" in x) foo ;; *) bar ;; -?!AMP?! esac + esac ?!AMP?! foobar ->) && +) && ( case "$x" in 1) true;; esac && -?!AMP?! case "$y" in 2) false;; esac + case "$y" in 2) false;; esac ?!AMP?! foobar ->) +) diff --git a/t/chainlint/case.test b/t/chainlint/case.test index 5ef6ff7db5..4cb086bf87 100644 --- a/t/chainlint/case.test +++ b/t/chainlint/case.test @@ -1,5 +1,5 @@ ( -# LINT: "...)" arms in 'case' not misinterpreted as subshell-closing ")" +# LINT: "...)" arms in "case" not misinterpreted as subshell-closing ")" case "$x" in x) foo ;; *) bar ;; @@ -7,7 +7,7 @@ foobar ) && ( -# LINT: missing "&&" on 'esac' +# LINT: missing "&&" on "esac" case "$x" in x) foo ;; *) bar ;; @@ -15,7 +15,7 @@ foobar ) && ( -# LINT: "...)" arm in one-liner 'case' not misinterpreted as closing ")" +# LINT: "...)" arm in one-liner "case" not misinterpreted as closing ")" case "$x" in 1) true;; esac && # LINT: same but missing "&&" case "$y" in 2) false;; esac diff --git a/t/chainlint/close-nested-and-parent-together.expect b/t/chainlint/close-nested-and-parent-together.expect index 2a910f9d66..72d482f76d 100644 --- a/t/chainlint/close-nested-and-parent-together.expect +++ b/t/chainlint/close-nested-and-parent-together.expect @@ -1,4 +1,3 @@ -( -cd foo && +(cd foo && (bar && ->>> baz)) + baz)) diff --git a/t/chainlint/close-subshell.expect b/t/chainlint/close-subshell.expect index 184688718a..0f87db9ae6 100644 --- a/t/chainlint/close-subshell.expect +++ b/t/chainlint/close-subshell.expect @@ -1,25 +1,25 @@ ( foo ->) && +) && ( bar ->) >out && +) >out && ( baz ->) 2>err && +) 2>err && ( boo ->) <input && +) <input && ( bip ->) | wuzzle && +) | wuzzle && ( bop ->) | fazz fozz && +) | fazz fozz && ( bup ->) | +) | fuzzle && ( yop ->) +) diff --git a/t/chainlint/command-substitution.expect b/t/chainlint/command-substitution.expect index ad4118e537..c72e4df9e7 100644 --- a/t/chainlint/command-substitution.expect +++ b/t/chainlint/command-substitution.expect @@ -2,8 +2,8 @@ foo && bar=$(gobble) && baz ->) && +) && ( -?!AMP?! bar=$(gobble blocks) + bar=$(gobble blocks) ?!AMP?! baz ->) +) diff --git a/t/chainlint/comment.expect b/t/chainlint/comment.expect index 3be939ed38..f76fde1ffb 100644 --- a/t/chainlint/comment.expect +++ b/t/chainlint/comment.expect @@ -1,4 +1,4 @@ ( nothing && something ->) +) diff --git a/t/chainlint/complex-if-in-cuddled-loop.expect b/t/chainlint/complex-if-in-cuddled-loop.expect index 9674b88cf2..2fca183409 100644 --- a/t/chainlint/complex-if-in-cuddled-loop.expect +++ b/t/chainlint/complex-if-in-cuddled-loop.expect @@ -1,10 +1,9 @@ -( -for i in a b c; do +(for i in a b c; do if test "$(echo $(waffle bat))" = "eleventeen" && test "$x" = "$y"; then : else echo >file fi -> done) && + done) && test ! -f file diff --git a/t/chainlint/complex-if-in-cuddled-loop.test b/t/chainlint/complex-if-in-cuddled-loop.test index 571bbd85cd..5efeda58b2 100644 --- a/t/chainlint/complex-if-in-cuddled-loop.test +++ b/t/chainlint/complex-if-in-cuddled-loop.test @@ -1,4 +1,4 @@ -# LINT: 'for' loop cuddled with "(" and ")" and nested 'if' with complex +# LINT: "for" loop cuddled with "(" and ")" and nested "if" with complex # LINT: multi-line condition; indented with spaces, not tabs (for i in a b c; do if test "$(echo $(waffle bat))" = "eleventeen" && diff --git a/t/chainlint/cuddled-if-then-else.expect b/t/chainlint/cuddled-if-then-else.expect index ab2a026fbc..1d8ed58c49 100644 --- a/t/chainlint/cuddled-if-then-else.expect +++ b/t/chainlint/cuddled-if-then-else.expect @@ -1,7 +1,6 @@ -( -if test -z ""; then +(if test -z ""; then echo empty else echo bizzy -> fi) && + fi) && echo foobar diff --git a/t/chainlint/cuddled-if-then-else.test b/t/chainlint/cuddled-if-then-else.test index eed774a9d6..7c53f4efe3 100644 --- a/t/chainlint/cuddled-if-then-else.test +++ b/t/chainlint/cuddled-if-then-else.test @@ -1,4 +1,4 @@ -# LINT: 'if' cuddled with "(" and ")"; indented with spaces, not tabs +# LINT: "if" cuddled with "(" and ")"; indented with spaces, not tabs (if test -z ""; then echo empty else diff --git a/t/chainlint/cuddled-loop.expect b/t/chainlint/cuddled-loop.expect index 8c0260d7f1..9cf260708e 100644 --- a/t/chainlint/cuddled-loop.expect +++ b/t/chainlint/cuddled-loop.expect @@ -1,5 +1,4 @@ -( - while read x +( while read x do foobar bop || exit 1 -> done <file ) && + done <file ) && outside subshell diff --git a/t/chainlint/cuddled-loop.test b/t/chainlint/cuddled-loop.test index a841d781f0..3c2a62f751 100644 --- a/t/chainlint/cuddled-loop.test +++ b/t/chainlint/cuddled-loop.test @@ -1,4 +1,4 @@ -# LINT: 'while' loop cuddled with "(" and ")", with embedded (allowed) +# LINT: "while" loop cuddled with "(" and ")", with embedded (allowed) # LINT: "|| exit {n}" to exit loop early, and using redirection "<" to feed # LINT: loop; indented with spaces, not tabs ( while read x diff --git a/t/chainlint/cuddled.expect b/t/chainlint/cuddled.expect index b506d46221..c3e0be4047 100644 --- a/t/chainlint/cuddled.expect +++ b/t/chainlint/cuddled.expect @@ -1,21 +1,17 @@ -( -cd foo && +(cd foo && bar ->) && +) && -( -?!AMP?!cd foo +(cd foo ?!AMP?! bar ->) && +) && ( cd foo && -> bar) && + bar) && -( -cd foo && -> bar) && +(cd foo && + bar) && -( -?!AMP?!cd foo -> bar) +(cd foo ?!AMP?! + bar) diff --git a/t/chainlint/cuddled.test b/t/chainlint/cuddled.test index 0499fa4180..257b5b5eed 100644 --- a/t/chainlint/cuddled.test +++ b/t/chainlint/cuddled.test @@ -1,5 +1,4 @@ -# LINT: first subshell statement cuddled with opening "("; for implementation -# LINT: simplicity, "(..." is split into two lines, "(" and "..." +# LINT: first subshell statement cuddled with opening "(" (cd foo && bar ) && diff --git a/t/chainlint/exit-loop.expect b/t/chainlint/exit-loop.expect index 84d8bdebc0..f76aa60466 100644 --- a/t/chainlint/exit-loop.expect +++ b/t/chainlint/exit-loop.expect @@ -5,7 +5,7 @@ bar && baz done ->) && +) && ( while true do @@ -13,7 +13,7 @@ bar && baz done ->) && +) && ( i=0 && while test $i -lt 10 @@ -21,4 +21,4 @@ echo $i || exit i=$(($i + 1)) done ->) +) diff --git a/t/chainlint/exit-subshell.expect b/t/chainlint/exit-subshell.expect index bf78454f74..da80339f78 100644 --- a/t/chainlint/exit-subshell.expect +++ b/t/chainlint/exit-subshell.expect @@ -2,4 +2,4 @@ foo || exit 1 bar && baz ->) +) diff --git a/t/chainlint/for-loop.expect b/t/chainlint/for-loop.expect index c33cf56ee7..6671b8cd84 100644 --- a/t/chainlint/for-loop.expect +++ b/t/chainlint/for-loop.expect @@ -1,11 +1,11 @@ ( for i in a b c do -?!AMP?! echo $i - cat -?!AMP?! done + echo $i ?!AMP?! + cat <<-EOF + done ?!AMP?! for i in a b c; do echo $i && cat $i done ->) +) diff --git a/t/chainlint/for-loop.test b/t/chainlint/for-loop.test index 7db76262bc..6cb3428158 100644 --- a/t/chainlint/for-loop.test +++ b/t/chainlint/for-loop.test @@ -1,17 +1,17 @@ ( -# LINT: 'for', 'do', 'done' do not need "&&" +# LINT: "for", "do", "done" do not need "&&" for i in a b c do -# LINT: missing "&&" on 'echo' +# LINT: missing "&&" on "echo" echo $i # LINT: last statement of while does not need "&&" cat <<-\EOF bar EOF -# LINT: missing "&&" on 'done' +# LINT: missing "&&" on "done" done -# LINT: 'do' on same line as 'for' +# LINT: "do" on same line as "for" for i in a b c; do echo $i && cat $i diff --git a/t/chainlint/here-doc-close-subshell.expect b/t/chainlint/here-doc-close-subshell.expect index f011e335e5..2af9ced71c 100644 --- a/t/chainlint/here-doc-close-subshell.expect +++ b/t/chainlint/here-doc-close-subshell.expect @@ -1,2 +1,2 @@ ( -> cat) + cat <<-INPUT) diff --git a/t/chainlint/here-doc-multi-line-command-subst.expect b/t/chainlint/here-doc-multi-line-command-subst.expect index e5fb752d2f..f8b3aa73c4 100644 --- a/t/chainlint/here-doc-multi-line-command-subst.expect +++ b/t/chainlint/here-doc-multi-line-command-subst.expect @@ -1,5 +1,5 @@ ( - x=$(bobble && -?!AMP?!>> wiffle) + x=$(bobble <<-END && + wiffle) ?!AMP?! echo $x ->) +) diff --git a/t/chainlint/here-doc-multi-line-string.expect b/t/chainlint/here-doc-multi-line-string.expect index 32038a070c..2578191ca8 100644 --- a/t/chainlint/here-doc-multi-line-string.expect +++ b/t/chainlint/here-doc-multi-line-string.expect @@ -1,4 +1,4 @@ ( -?!AMP?! cat && echo "multi-line string" + cat <<-TXT && echo "multi-line string" ?!AMP?! bap ->) +) diff --git a/t/chainlint/here-doc.expect b/t/chainlint/here-doc.expect index 534b065e38..110059ba58 100644 --- a/t/chainlint/here-doc.expect +++ b/t/chainlint/here-doc.expect @@ -1,9 +1,7 @@ -boodle wobba gorgo snoot wafta snurb && +boodle wobba gorgo snoot wafta snurb <<EOF && -cat >foo && +cat <<-Arbitrary_Tag_42 >foo && -cat >bar && +cat <<zump >boo && -cat >boo && - -horticulture +horticulture <<EOF diff --git a/t/chainlint/here-doc.test b/t/chainlint/here-doc.test index ad4ce8afd9..3f5f92cad3 100644 --- a/t/chainlint/here-doc.test +++ b/t/chainlint/here-doc.test @@ -14,13 +14,6 @@ boz woz Arbitrary_Tag_42 -# LINT: swallow 'quoted' here-doc -cat <<'FUMP' >bar && -snoz -boz -woz -FUMP - # LINT: swallow "quoted" here-doc cat <<"zump" >boo && snoz diff --git a/t/chainlint/if-in-loop.expect b/t/chainlint/if-in-loop.expect index 03d3ceb22d..03b82a3e58 100644 --- a/t/chainlint/if-in-loop.expect +++ b/t/chainlint/if-in-loop.expect @@ -3,10 +3,10 @@ do if false then -?!AMP?! echo "err" + echo "err" ?!AMP?! exit 1 -?!AMP?! fi + fi ?!AMP?! foo -?!AMP?! done + done ?!AMP?! bar ->) +) diff --git a/t/chainlint/if-in-loop.test b/t/chainlint/if-in-loop.test index daf22da164..f0cf19cfad 100644 --- a/t/chainlint/if-in-loop.test +++ b/t/chainlint/if-in-loop.test @@ -3,13 +3,13 @@ do if false then -# LINT: missing "&&" on 'echo' +# LINT: missing "&&" on "echo" echo "err" exit 1 -# LINT: missing "&&" on 'fi' +# LINT: missing "&&" on "fi" fi foo -# LINT: missing "&&" on 'done' +# LINT: missing "&&" on "done" done bar ) diff --git a/t/chainlint/if-then-else.expect b/t/chainlint/if-then-else.expect index 5953c7bfbc..44d86c3597 100644 --- a/t/chainlint/if-then-else.expect +++ b/t/chainlint/if-then-else.expect @@ -1,19 +1,20 @@ ( if test -n "" then -?!AMP?! echo very + echo very ?!AMP?! echo empty elif test -z "" + then echo foo else echo foo && - cat -?!AMP?! fi + cat <<-EOF + fi ?!AMP?! echo poodle ->) && +) && ( if test -n ""; then echo very && -?!AMP?! echo empty - if ->) + echo empty + fi +) diff --git a/t/chainlint/if-then-else.test b/t/chainlint/if-then-else.test index 9bd8e9a4c6..2055336c2b 100644 --- a/t/chainlint/if-then-else.test +++ b/t/chainlint/if-then-else.test @@ -1,28 +1,29 @@ ( -# LINT: 'if', 'then', 'elif', 'else', 'fi' do not need "&&" +# LINT: "if", "then", "elif", "else", "fi" do not need "&&" if test -n "" then -# LINT: missing "&&" on 'echo' +# LINT: missing "&&" on "echo" echo very -# LINT: last statement before 'elif' does not need "&&" +# LINT: last statement before "elif" does not need "&&" echo empty elif test -z "" -# LINT: last statement before 'else' does not need "&&" + then +# LINT: last statement before "else" does not need "&&" echo foo else echo foo && -# LINT: last statement before 'fi' does not need "&&" +# LINT: last statement before "fi" does not need "&&" cat <<-\EOF bar EOF -# LINT: missing "&&" on 'fi' +# LINT: missing "&&" on "fi" fi echo poodle ) && ( -# LINT: 'then' on same line as 'if' +# LINT: "then" on same line as "if" if test -n ""; then echo very && echo empty - if + fi ) diff --git a/t/chainlint/incomplete-line.expect b/t/chainlint/incomplete-line.expect index 2f3ebabdc2..ffac8f9018 100644 --- a/t/chainlint/incomplete-line.expect +++ b/t/chainlint/incomplete-line.expect @@ -1,4 +1,4 @@ line 1 line 2 line 3 line 4 && ( line 5 line 6 line 7 line 8 ->) +) diff --git a/t/chainlint/inline-comment.expect b/t/chainlint/inline-comment.expect index fc9f250ac4..dd0dace077 100644 --- a/t/chainlint/inline-comment.expect +++ b/t/chainlint/inline-comment.expect @@ -1,9 +1,8 @@ ( foobar && -?!AMP?! barfoo + barfoo ?!AMP?! flibble "not a # comment" ->) && +) && -( -cd foo && -> flibble "not a # comment") +(cd foo && + flibble "not a # comment") diff --git a/t/chainlint/loop-in-if.expect b/t/chainlint/loop-in-if.expect index 088e622c31..e1be42376c 100644 --- a/t/chainlint/loop-in-if.expect +++ b/t/chainlint/loop-in-if.expect @@ -3,10 +3,10 @@ then while true do -?!AMP?! echo "pop" + echo "pop" ?!AMP?! echo "glup" -?!AMP?! done + done ?!AMP?! foo -?!AMP?! fi + fi ?!AMP?! bar ->) +) diff --git a/t/chainlint/loop-in-if.test b/t/chainlint/loop-in-if.test index 93e8ba8e4d..dfcc3f98fb 100644 --- a/t/chainlint/loop-in-if.test +++ b/t/chainlint/loop-in-if.test @@ -3,13 +3,13 @@ then while true do -# LINT: missing "&&" on 'echo' +# LINT: missing "&&" on "echo" echo "pop" echo "glup" -# LINT: missing "&&" on 'done' +# LINT: missing "&&" on "done" done foo -# LINT: missing "&&" on 'fi' +# LINT: missing "&&" on "fi" fi bar ) diff --git a/t/chainlint/multi-line-nested-command-substitution.expect b/t/chainlint/multi-line-nested-command-substitution.expect index 59b6c8b850..300058341b 100644 --- a/t/chainlint/multi-line-nested-command-substitution.expect +++ b/t/chainlint/multi-line-nested-command-substitution.expect @@ -3,16 +3,16 @@ x=$( echo bar | cat ->> ) && + ) && echo ok ->) | +) | sort && ( bar && x=$(echo bar | cat ->> ) && + ) && y=$(echo baz | ->> fip) && + fip) && echo fail ->) +) diff --git a/t/chainlint/multi-line-string.expect b/t/chainlint/multi-line-string.expect index 170cb59993..ab0dadf748 100644 --- a/t/chainlint/multi-line-string.expect +++ b/t/chainlint/multi-line-string.expect @@ -1,15 +1,9 @@ ( x="line 1 line 2 line 3" && -?!AMP?! y='line 1 line2' + y="line 1 line2" ?!AMP?! foobar ->) && -( - echo "there's nothing to see here" && - exit ->) && +) && ( echo "xyz" "abc def ghi" && - echo 'xyz' 'abc def ghi' && - echo 'xyz' "abc def ghi" && barfoo ->) +) diff --git a/t/chainlint/multi-line-string.test b/t/chainlint/multi-line-string.test index 287ab89705..4a0af2107d 100644 --- a/t/chainlint/multi-line-string.test +++ b/t/chainlint/multi-line-string.test @@ -3,25 +3,13 @@ line 2 line 3" && # LINT: missing "&&" on assignment - y='line 1 - line2' + y="line 1 + line2" foobar ) && ( -# LINT: apostrophe (in a contraction) within string not misinterpreted as -# LINT: starting multi-line single-quoted string - echo "there's nothing to see here" && - exit -) && -( echo "xyz" "abc def ghi" && - echo 'xyz' 'abc - def - ghi' && - echo 'xyz' "abc - def - ghi" && barfoo ) diff --git a/t/chainlint/negated-one-liner.expect b/t/chainlint/negated-one-liner.expect index cf18429d03..ad4c2d949e 100644 --- a/t/chainlint/negated-one-liner.expect +++ b/t/chainlint/negated-one-liner.expect @@ -1,5 +1,5 @@ ! (foo && bar) && ! (foo && bar) >baz && -?!SEMI?!! (foo; bar) && -?!SEMI?!! (foo; bar) >baz +! (foo; ?!AMP?! bar) && +! (foo; ?!AMP?! bar) >baz diff --git a/t/chainlint/nested-cuddled-subshell.expect b/t/chainlint/nested-cuddled-subshell.expect index c2a59ffc33..2a86885ee6 100644 --- a/t/chainlint/nested-cuddled-subshell.expect +++ b/t/chainlint/nested-cuddled-subshell.expect @@ -1,19 +1,19 @@ ( (cd foo && bar ->> ) && + ) && (cd foo && bar -?!AMP?!>> ) + ) ?!AMP?! ( cd foo && ->> bar) && + bar) && ( cd foo && -?!AMP?!>> bar) + bar) ?!AMP?! (cd foo && ->> bar) && + bar) && (cd foo && -?!AMP?!>> bar) + bar) ?!AMP?! foobar ->) +) diff --git a/t/chainlint/nested-here-doc.expect b/t/chainlint/nested-here-doc.expect index 0c9ef1cfc6..e3bef63f75 100644 --- a/t/chainlint/nested-here-doc.expect +++ b/t/chainlint/nested-here-doc.expect @@ -1,7 +1,7 @@ -cat >foop && +cat <<ARBITRARY >foop && ( - cat && -?!AMP?! cat + cat <<-INPUT_END && + cat <<-EOT ?!AMP?! foobar ->) +) diff --git a/t/chainlint/nested-subshell-comment.expect b/t/chainlint/nested-subshell-comment.expect index 15b68d4373..be4b27a305 100644 --- a/t/chainlint/nested-subshell-comment.expect +++ b/t/chainlint/nested-subshell-comment.expect @@ -2,10 +2,8 @@ foo && ( bar && - # bottles wobble while fiddles gobble - # minor numbers of cows (or do they?) baz && snaff -?!AMP?!>> ) + ) ?!AMP?! fuzzy ->) +) diff --git a/t/chainlint/nested-subshell-comment.test b/t/chainlint/nested-subshell-comment.test index 0ff136ab3c..0215cdb192 100644 --- a/t/chainlint/nested-subshell-comment.test +++ b/t/chainlint/nested-subshell-comment.test @@ -7,7 +7,7 @@ # minor numbers of cows (or do they?) baz && snaff -# LINT: missing "&&" on ')' +# LINT: missing "&&" on ")" ) fuzzy ) diff --git a/t/chainlint/nested-subshell.expect b/t/chainlint/nested-subshell.expect index c8165ad19e..41a48adaa2 100644 --- a/t/chainlint/nested-subshell.expect +++ b/t/chainlint/nested-subshell.expect @@ -3,10 +3,10 @@ ( echo a && echo b ->> ) >file && + ) >file && cd foo && ( echo a echo b ->> ) >file ->) + ) >file +) diff --git a/t/chainlint/nested-subshell.test b/t/chainlint/nested-subshell.test index 998b05a47d..440ee9992d 100644 --- a/t/chainlint/nested-subshell.test +++ b/t/chainlint/nested-subshell.test @@ -7,7 +7,6 @@ cd foo && ( -# LINT: nested multi-line subshell not presently checked for missing "&&" echo a echo b ) >file diff --git a/t/chainlint/not-heredoc.expect b/t/chainlint/not-heredoc.expect new file mode 100644 index 0000000000..2e9bb135fe --- /dev/null +++ b/t/chainlint/not-heredoc.expect @@ -0,0 +1,14 @@ +echo "<<<<<<< ours" && +echo ourside && +echo "=======" && +echo theirside && +echo ">>>>>>> theirs" && + +( + echo "<<<<<<< ours" && + echo ourside && + echo "=======" && + echo theirside && + echo ">>>>>>> theirs" ?!AMP?! + poodle +) >merged diff --git a/t/chainlint/not-heredoc.test b/t/chainlint/not-heredoc.test new file mode 100644 index 0000000000..9aa57346cd --- /dev/null +++ b/t/chainlint/not-heredoc.test @@ -0,0 +1,16 @@ +# LINT: "<< ours" inside string is not here-doc +echo "<<<<<<< ours" && +echo ourside && +echo "=======" && +echo theirside && +echo ">>>>>>> theirs" && + +( +# LINT: "<< ours" inside string is not here-doc + echo "<<<<<<< ours" && + echo ourside && + echo "=======" && + echo theirside && + echo ">>>>>>> theirs" + poodle +) >merged diff --git a/t/chainlint/one-liner.expect b/t/chainlint/one-liner.expect index 237f227349..57a7a444c1 100644 --- a/t/chainlint/one-liner.expect +++ b/t/chainlint/one-liner.expect @@ -2,8 +2,8 @@ (foo && bar) | (foo && bar) >baz && -?!SEMI?!(foo; bar) && -?!SEMI?!(foo; bar) | -?!SEMI?!(foo; bar) >baz +(foo; ?!AMP?! bar) && +(foo; ?!AMP?! bar) | +(foo; ?!AMP?! bar) >baz && (foo "bar; baz") diff --git a/t/chainlint/one-liner.test b/t/chainlint/one-liner.test index ec9acb9825..be9858fa29 100644 --- a/t/chainlint/one-liner.test +++ b/t/chainlint/one-liner.test @@ -3,10 +3,10 @@ (foo && bar) | (foo && bar) >baz && -# LINT: top-level one-liner subshell missing internal "&&" +# LINT: top-level one-liner subshell missing internal "&&" and broken &&-chain (foo; bar) && (foo; bar) | -(foo; bar) >baz +(foo; bar) >baz && # LINT: ";" in string not misinterpreted as broken &&-chain (foo "bar; baz") diff --git a/t/chainlint/p4-filespec.expect b/t/chainlint/p4-filespec.expect index 98b3d881fd..1290fd1ff2 100644 --- a/t/chainlint/p4-filespec.expect +++ b/t/chainlint/p4-filespec.expect @@ -1,4 +1,4 @@ ( p4 print -1 //depot/fiddle#42 >file && foobar ->) +) diff --git a/t/chainlint/pipe.expect b/t/chainlint/pipe.expect index 211b901dbc..2cfc028297 100644 --- a/t/chainlint/pipe.expect +++ b/t/chainlint/pipe.expect @@ -3,6 +3,6 @@ bar | baz && fish | -?!AMP?! cow + cow ?!AMP?! sunder ->) +) diff --git a/t/chainlint/pipe.test b/t/chainlint/pipe.test index e6af4de916..dd82534c66 100644 --- a/t/chainlint/pipe.test +++ b/t/chainlint/pipe.test @@ -4,7 +4,7 @@ bar | baz && -# LINT: final line of pipe sequence ('cow') lacking "&&" +# LINT: final line of pipe sequence ("cow") lacking "&&" fish | cow diff --git a/t/chainlint/semicolon.expect b/t/chainlint/semicolon.expect index 1d79384606..ed0b3707ae 100644 --- a/t/chainlint/semicolon.expect +++ b/t/chainlint/semicolon.expect @@ -1,20 +1,19 @@ ( -?!AMP?!?!SEMI?! cat foo ; echo bar -?!SEMI?! cat foo ; echo bar ->) && + cat foo ; ?!AMP?! echo bar ?!AMP?! + cat foo ; ?!AMP?! echo bar +) && ( -?!SEMI?! cat foo ; echo bar && -?!SEMI?! cat foo ; echo bar ->) && + cat foo ; ?!AMP?! echo bar && + cat foo ; ?!AMP?! echo bar +) && ( echo "foo; bar" && -?!SEMI?! cat foo; echo bar ->) && + cat foo; ?!AMP?! echo bar +) && ( -?!SEMI?! foo; ->) && -( -cd foo && + foo; +) && +(cd foo && for i in a b c; do -?!SEMI?! echo; -> done) + echo; + done) diff --git a/t/chainlint/semicolon.test b/t/chainlint/semicolon.test index d82c8ebbc0..67e1192c50 100644 --- a/t/chainlint/semicolon.test +++ b/t/chainlint/semicolon.test @@ -15,11 +15,11 @@ cat foo; echo bar ) && ( -# LINT: unnecessary terminating semicolon +# LINT: semicolon unnecessary but legitimate foo; ) && (cd foo && for i in a b c; do -# LINT: unnecessary terminating semicolon +# LINT: semicolon unnecessary but legitimate echo; done) diff --git a/t/chainlint/subshell-here-doc.expect b/t/chainlint/subshell-here-doc.expect index 74723e7340..029d129299 100644 --- a/t/chainlint/subshell-here-doc.expect +++ b/t/chainlint/subshell-here-doc.expect @@ -1,11 +1,10 @@ ( - echo wobba gorgo snoot wafta snurb && -?!AMP?! cat >bip - echo >bop ->) && + echo wobba gorgo snoot wafta snurb <<-EOF && + cat <<EOF >bip ?!AMP?! + echo <<-EOF >bop +) && ( - cat >bup && - cat >bup2 && - cat >bup3 && + cat <<-ARBITRARY >bup && + cat <<-ARBITRARY3 >bup3 && meep ->) +) diff --git a/t/chainlint/subshell-here-doc.test b/t/chainlint/subshell-here-doc.test index f6b3ba4214..d40eb65583 100644 --- a/t/chainlint/subshell-here-doc.test +++ b/t/chainlint/subshell-here-doc.test @@ -8,10 +8,10 @@ nevermore... EOF -# LINT: missing "&&" on 'cat' +# LINT: missing "&&" on "cat" cat <<EOF >bip fish fly high - EOF +EOF # LINT: swallow here-doc (EOF is last line of subshell) echo <<-\EOF >bop @@ -27,10 +27,6 @@ glink FIZZ ARBITRARY - cat <<-'ARBITRARY2' >bup2 && - glink - FIZZ - ARBITRARY2 cat <<-"ARBITRARY3" >bup3 && glink FIZZ diff --git a/t/chainlint/subshell-one-liner.expect b/t/chainlint/subshell-one-liner.expect index 51162821d7..b7015361bf 100644 --- a/t/chainlint/subshell-one-liner.expect +++ b/t/chainlint/subshell-one-liner.expect @@ -2,13 +2,13 @@ (foo && bar) && (foo && bar) | (foo && bar) >baz && -?!SEMI?! (foo; bar) && -?!SEMI?! (foo; bar) | -?!SEMI?! (foo; bar) >baz && + (foo; ?!AMP?! bar) && + (foo; ?!AMP?! bar) | + (foo; ?!AMP?! bar) >baz && (foo || exit 1) && (foo || exit 1) | (foo || exit 1) >baz && -?!AMP?! (foo && bar) -?!AMP?!?!SEMI?! (foo && bar; baz) + (foo && bar) ?!AMP?! + (foo && bar; ?!AMP?! baz) ?!AMP?! foobar ->) +) diff --git a/t/chainlint/t7900-subtree.expect b/t/chainlint/t7900-subtree.expect index c9913429e6..1cccc7bf7e 100644 --- a/t/chainlint/t7900-subtree.expect +++ b/t/chainlint/t7900-subtree.expect @@ -1,10 +1,10 @@ ( chks="sub1sub2sub3sub4" && - chks_sub=$(cat | sed 's,^,sub dir/,' ->>) && + chks_sub=$(cat <<TXT | sed "s,^,sub dir/," +) && chkms="main-sub1main-sub2main-sub3main-sub4" && - chkms_sub=$(cat | sed 's,^,sub dir/,' ->>) && + chkms_sub=$(cat <<TXT | sed "s,^,sub dir/," +) && subfiles=$(git ls-files) && check_equal "$subfiles" "$chkms$chks" ->) +) diff --git a/t/chainlint/t7900-subtree.test b/t/chainlint/t7900-subtree.test index 277d8358df..02f3129232 100644 --- a/t/chainlint/t7900-subtree.test +++ b/t/chainlint/t7900-subtree.test @@ -3,7 +3,7 @@ sub2 sub3 sub4" && - chks_sub=$(cat <<TXT | sed 's,^,sub dir/,' + chks_sub=$(cat <<TXT | sed "s,^,sub dir/," $chks TXT ) && @@ -11,7 +11,7 @@ TXT main-sub2 main-sub3 main-sub4" && - chkms_sub=$(cat <<TXT | sed 's,^,sub dir/,' + chkms_sub=$(cat <<TXT | sed "s,^,sub dir/," $chkms TXT ) && diff --git a/t/chainlint/while-loop.expect b/t/chainlint/while-loop.expect index 13cff2c0a5..0d3a9b3d12 100644 --- a/t/chainlint/while-loop.expect +++ b/t/chainlint/while-loop.expect @@ -1,11 +1,11 @@ ( while true do -?!AMP?! echo foo - cat -?!AMP?! done + echo foo ?!AMP?! + cat <<-EOF + done ?!AMP?! while true; do echo foo && cat bar done ->) +) diff --git a/t/chainlint/while-loop.test b/t/chainlint/while-loop.test index f1df085bf0..d09fb016e4 100644 --- a/t/chainlint/while-loop.test +++ b/t/chainlint/while-loop.test @@ -1,17 +1,17 @@ ( -# LINT: 'while, 'do', 'done' do not need "&&" +# LINT: "while", "do", "done" do not need "&&" while true do -# LINT: missing "&&" on 'echo' +# LINT: missing "&&" on "echo" echo foo # LINT: last statement of while does not need "&&" cat <<-\EOF bar EOF -# LINT: missing "&&" on 'done' +# LINT: missing "&&" on "done" done -# LINT: 'do' on same line as 'while' +# LINT: "do" on same line as "while" while true; do echo foo && cat bar diff --git a/t/helper/test-trace2.c b/t/helper/test-trace2.c index f93633f895..59b124bb5f 100644 --- a/t/helper/test-trace2.c +++ b/t/helper/test-trace2.c @@ -262,8 +262,9 @@ static int print_usage(void) * [] the "cmd_name" event has been generated. * [] this writes various "def_param" events for interesting config values. * - * We further assume that if we return (rather than exit()), trace2_cmd_exit() - * will be called by test-tool.c:cmd_main(). + * We return from here and let test-tool.c::cmd_main() pass the exit + * code to common-main.c::main(), which will use it to call + * trace2_cmd_exit(). */ int cmd__trace2(int argc, const char **argv) { diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh index a3f285f515..3e7ee1386a 100644 --- a/t/lib-gpg.sh +++ b/t/lib-gpg.sh @@ -90,7 +90,12 @@ test_lazy_prereq RFC1991 ' GPGSSH_KEY_PRIMARY="${GNUPGHOME}/ed25519_ssh_signing_key" GPGSSH_KEY_SECONDARY="${GNUPGHOME}/rsa_2048_ssh_signing_key" GPGSSH_KEY_UNTRUSTED="${GNUPGHOME}/untrusted_ssh_signing_key" +GPGSSH_KEY_EXPIRED="${GNUPGHOME}/expired_ssh_signing_key" +GPGSSH_KEY_NOTYETVALID="${GNUPGHOME}/notyetvalid_ssh_signing_key" +GPGSSH_KEY_TIMEBOXEDVALID="${GNUPGHOME}/timeboxed_valid_ssh_signing_key" +GPGSSH_KEY_TIMEBOXEDINVALID="${GNUPGHOME}/timeboxed_invalid_ssh_signing_key" GPGSSH_KEY_WITH_PASSPHRASE="${GNUPGHOME}/protected_ssh_signing_key" +GPGSSH_KEY_ECDSA="${GNUPGHOME}/ecdsa_ssh_signing_key" GPGSSH_KEY_PASSPHRASE="super_secret" GPGSSH_ALLOWED_SIGNERS="${GNUPGHOME}/ssh.all_valid.allowedSignersFile" @@ -105,21 +110,63 @@ test_lazy_prereq GPGSSH ' echo $ssh_version | grep -q "find-principals:missing signature file" test $? = 0 || exit 1; - # some broken versions of ssh-keygen segfault on find-principals; - # avoid testing with them. - ssh-keygen -Y find-principals -f /dev/null -s /dev/null - test $? = 139 && exit 1 - + # Setup some keys and an allowed signers file mkdir -p "${GNUPGHOME}" && chmod 0700 "${GNUPGHOME}" && (setfacl -k "${GNUPGHOME}" 2>/dev/null || true) && ssh-keygen -t ed25519 -N "" -C "git ed25519 key" -f "${GPGSSH_KEY_PRIMARY}" >/dev/null && - echo "\"principal with number 1\" $(cat "${GPGSSH_KEY_PRIMARY}.pub")" >> "${GPGSSH_ALLOWED_SIGNERS}" && ssh-keygen -t rsa -b 2048 -N "" -C "git rsa2048 key" -f "${GPGSSH_KEY_SECONDARY}" >/dev/null && - echo "\"principal with number 2\" $(cat "${GPGSSH_KEY_SECONDARY}.pub")" >> "${GPGSSH_ALLOWED_SIGNERS}" && ssh-keygen -t ed25519 -N "${GPGSSH_KEY_PASSPHRASE}" -C "git ed25519 encrypted key" -f "${GPGSSH_KEY_WITH_PASSPHRASE}" >/dev/null && - echo "\"principal with number 3\" $(cat "${GPGSSH_KEY_WITH_PASSPHRASE}.pub")" >> "${GPGSSH_ALLOWED_SIGNERS}" && - ssh-keygen -t ed25519 -N "" -f "${GPGSSH_KEY_UNTRUSTED}" >/dev/null + ssh-keygen -t ecdsa -N "" -f "${GPGSSH_KEY_ECDSA}" >/dev/null && + ssh-keygen -t ed25519 -N "" -C "git ed25519 key" -f "${GPGSSH_KEY_UNTRUSTED}" >/dev/null && + + cat >"${GPGSSH_ALLOWED_SIGNERS}" <<-EOF && + "principal with number 1" $(cat "${GPGSSH_KEY_PRIMARY}.pub")" + "principal with number 2" $(cat "${GPGSSH_KEY_SECONDARY}.pub")" + "principal with number 3" $(cat "${GPGSSH_KEY_WITH_PASSPHRASE}.pub")" + "principal with number 4" $(cat "${GPGSSH_KEY_ECDSA}.pub")" + EOF + + # Verify if at least one key and ssh-keygen works as expected + echo "testpayload" | + ssh-keygen -Y sign -n "git" -f "${GPGSSH_KEY_PRIMARY}" >gpgssh_prereq.sig && + ssh-keygen -Y find-principals -f "${GPGSSH_ALLOWED_SIGNERS}" -s gpgssh_prereq.sig && + echo "testpayload" | + ssh-keygen -Y verify -n "git" -f "${GPGSSH_ALLOWED_SIGNERS}" -I "principal with number 1" -s gpgssh_prereq.sig +' + +test_lazy_prereq GPGSSH_VERIFYTIME ' + # Check if ssh-keygen has a verify-time option by passing an invalid date to it + ssh-keygen -Overify-time=INVALID -Y check-novalidate -s doesnotmatter 2>&1 | grep -q -F "Invalid \"verify-time\"" && + + # Set up keys with key lifetimes + ssh-keygen -t ed25519 -N "" -C "timeboxed valid key" -f "${GPGSSH_KEY_TIMEBOXEDVALID}" >/dev/null && + key_valid=$(cat "${GPGSSH_KEY_TIMEBOXEDVALID}.pub") && + ssh-keygen -t ed25519 -N "" -C "timeboxed invalid key" -f "${GPGSSH_KEY_TIMEBOXEDINVALID}" >/dev/null && + key_invalid=$(cat "${GPGSSH_KEY_TIMEBOXEDINVALID}.pub") && + ssh-keygen -t ed25519 -N "" -C "expired key" -f "${GPGSSH_KEY_EXPIRED}" >/dev/null && + key_expired=$(cat "${GPGSSH_KEY_EXPIRED}.pub") && + ssh-keygen -t ed25519 -N "" -C "not yet valid key" -f "${GPGSSH_KEY_NOTYETVALID}" >/dev/null && + key_notyetvalid=$(cat "${GPGSSH_KEY_NOTYETVALID}.pub") && + + # Timestamps outside of test_tick span + ts2005a=20050401000000 ts2005b=200504020000 && + # Timestamps within test_tick span + ts2005c=20050407000000 ts2005d=200504100000 && + # Definitely not yet valid / expired timestamps + ts2000=20000101000000 ts2999=29990101000000 && + + cat >>"${GPGSSH_ALLOWED_SIGNERS}" <<-EOF && + "timeboxed valid key" valid-after="$ts2005c",valid-before="$ts2005d" $key_valid" + "timeboxed invalid key" valid-after="$ts2005a",valid-before="$ts2005b" $key_invalid" + "principal with expired key" valid-before="$ts2000" $key_expired" + "principal with not yet valid key" valid-after="$ts2999" $key_notyetvalid" + EOF + + # and verify ssh-keygen verifies the key lifetime + echo "testpayload" | + ssh-keygen -Y sign -n "git" -f "${GPGSSH_KEY_EXPIRED}" >gpgssh_verifytime_prereq.sig && + ! (ssh-keygen -Y verify -n "git" -f "${GPGSSH_ALLOWED_SIGNERS}" -I "principal with expired key" -s gpgssh_verifytime_prereq.sig) ' sanitize_pgp() { diff --git a/t/perf/p2000-sparse-operations.sh b/t/perf/p2000-sparse-operations.sh index bfd332120c..cb777c74a2 100755 --- a/t/perf/p2000-sparse-operations.sh +++ b/t/perf/p2000-sparse-operations.sh @@ -113,5 +113,9 @@ test_perf_on_all git checkout -f - test_perf_on_all git reset test_perf_on_all git reset --hard test_perf_on_all git reset -- does-not-exist +test_perf_on_all git diff +test_perf_on_all git diff --cached +test_perf_on_all git blame $SPARSE_CONE/a +test_perf_on_all git blame $SPARSE_CONE/f3/a test_done diff --git a/t/t1092-sparse-checkout-compatibility.sh b/t/t1092-sparse-checkout-compatibility.sh index f8270943aa..49f70a6569 100755 --- a/t/t1092-sparse-checkout-compatibility.sh +++ b/t/t1092-sparse-checkout-compatibility.sh @@ -415,7 +415,7 @@ test_expect_success 'checkout and reset --hard' ' test_all_match git reset --hard update-folder2 ' -test_expect_success 'diff --staged' ' +test_expect_success 'diff --cached' ' init_repos && write_script edit-contents <<-\EOF && @@ -424,10 +424,10 @@ test_expect_success 'diff --staged' ' run_on_all ../edit-contents && test_all_match git diff && - test_all_match git diff --staged && + test_all_match git diff --cached && test_all_match git add README.md && test_all_match git diff && - test_all_match git diff --staged + test_all_match git diff --cached ' # NEEDSWORK: sparse-checkout behaves differently from full-checkout when @@ -444,8 +444,8 @@ test_expect_success 'diff with renames and conflicts' ' test_all_match git checkout rename-base && test_all_match git checkout $branch -- . && test_all_match git status --porcelain=v2 && - test_all_match git diff --staged --no-renames && - test_all_match git diff --staged --find-renames || return 1 + test_all_match git diff --cached --no-renames && + test_all_match git diff --cached --find-renames || return 1 done ' @@ -464,8 +464,8 @@ test_expect_success 'diff with directory/file conflicts' ' test_all_match git checkout $branch && test_all_match git checkout rename-base -- . && test_all_match git status --porcelain=v2 && - test_all_match git diff --staged --no-renames && - test_all_match git diff --staged --find-renames || return 1 + test_all_match git diff --cached --no-renames && + test_all_match git diff --cached --find-renames || return 1 done ' @@ -486,21 +486,36 @@ test_expect_success 'log with pathspec outside sparse definition' ' test_expect_success 'blame with pathspec inside sparse definition' ' init_repos && - test_all_match git blame a && - test_all_match git blame deep/a && - test_all_match git blame deep/deeper1/a && - test_all_match git blame deep/deeper1/deepest/a + for file in a \ + deep/a \ + deep/deeper1/a \ + deep/deeper1/deepest/a + do + test_all_match git blame $file + done ' -# TODO: blame currently does not support blaming files outside of the -# sparse definition. It complains that the file doesn't exist locally. -test_expect_failure 'blame with pathspec outside sparse definition' ' +# Without a revision specified, blame will error if passed any file that +# is not present in the working directory (even if the file is tracked). +# Here we just verify that this is also true with sparse checkouts. +test_expect_success 'blame with pathspec outside sparse definition' ' init_repos && + test_sparse_match git sparse-checkout set && - test_all_match git blame folder1/a && - test_all_match git blame folder2/a && - test_all_match git blame deep/deeper2/a && - test_all_match git blame deep/deeper2/deepest/a + for file in a \ + deep/a \ + deep/deeper1/a \ + deep/deeper1/deepest/a + do + test_sparse_match test_must_fail git blame $file && + cat >expect <<-EOF && + fatal: Cannot lstat '"'"'$file'"'"': No such file or directory + EOF + # We compare sparse-checkout-err and sparse-index-err in + # `test_sparse_match`. Given we know they are the same, we + # only check the content of sparse-index-err here. + test_cmp expect sparse-index-err + done ' test_expect_success 'checkout and reset (mixed)' ' @@ -936,6 +951,64 @@ test_expect_success 'sparse-index is not expanded: merge conflict in cone' ' ) ' +test_expect_success 'sparse index is not expanded: diff' ' + init_repos && + + write_script edit-contents <<-\EOF && + echo text >>$1 + EOF + + # Add file within cone + test_sparse_match git sparse-checkout set deep && + run_on_all ../edit-contents deep/testfile && + test_all_match git add deep/testfile && + run_on_all ../edit-contents deep/testfile && + + test_all_match git diff && + test_all_match git diff --cached && + ensure_not_expanded diff && + ensure_not_expanded diff --cached && + + # Add file outside cone + test_all_match git reset --hard && + run_on_all mkdir newdirectory && + run_on_all ../edit-contents newdirectory/testfile && + test_sparse_match git sparse-checkout set newdirectory && + test_all_match git add newdirectory/testfile && + run_on_all ../edit-contents newdirectory/testfile && + test_sparse_match git sparse-checkout set && + + test_all_match git diff && + test_all_match git diff --cached && + ensure_not_expanded diff && + ensure_not_expanded diff --cached && + + # Merge conflict outside cone + # The sparse checkout will report a warning that is not in the + # full checkout, so we use `run_on_all` instead of + # `test_all_match` + run_on_all git reset --hard && + test_all_match git checkout merge-left && + test_all_match test_must_fail git merge merge-right && + + test_all_match git diff && + test_all_match git diff --cached && + ensure_not_expanded diff && + ensure_not_expanded diff --cached +' + +test_expect_success 'sparse index is not expanded: blame' ' + init_repos && + + for file in a \ + deep/a \ + deep/deeper1/a \ + deep/deeper1/deepest/a + do + ensure_not_expanded blame $file + done +' + # NEEDSWORK: a sparse-checkout behaves differently from a full checkout # in this scenario, but it shouldn't. test_expect_success 'reset mixed and checkout orphan' ' diff --git a/t/t2018-checkout-branch.sh b/t/t2018-checkout-branch.sh index 93be1c0eae..3e93506c04 100755 --- a/t/t2018-checkout-branch.sh +++ b/t/t2018-checkout-branch.sh @@ -148,7 +148,7 @@ test_expect_success 'checkout -b to an existing branch fails' ' test_expect_success 'checkout -b to @{-1} fails with the right branch name' ' git checkout branch1 && git checkout branch2 && - echo >expect "fatal: A branch named '\''branch1'\'' already exists." && + echo >expect "fatal: a branch named '\''branch1'\'' already exists" && test_must_fail git checkout -b @{-1} 2>actual && test_cmp expect actual ' diff --git a/t/t3200-branch.sh b/t/t3200-branch.sh index 8c5c1ccf33..8a619d785e 100755 --- a/t/t3200-branch.sh +++ b/t/t3200-branch.sh @@ -168,6 +168,13 @@ test_expect_success 'git branch -M foo bar should fail when bar is checked out' test_must_fail git branch -M bar foo ' +test_expect_success 'git branch -M foo bar should fail when bar is checked out in worktree' ' + git branch -f bar && + test_when_finished "git worktree remove wt && git branch -D wt" && + git worktree add wt && + test_must_fail git branch -M bar wt +' + test_expect_success 'git branch -M baz bam should succeed when baz is checked out' ' git checkout -b baz && git branch bam && @@ -888,7 +895,7 @@ test_expect_success '--set-upstream-to fails on a missing src branch' ' ' test_expect_success '--set-upstream-to fails on a non-ref' ' - echo "fatal: Cannot setup tracking information; starting point '"'"'HEAD^{}'"'"' is not a branch." >expect && + echo "fatal: cannot set up tracking information; starting point '"'"'HEAD^{}'"'"' is not a branch" >expect && test_must_fail git branch --set-upstream-to HEAD^{} 2>err && test_cmp expect err ' @@ -975,7 +982,7 @@ test_expect_success 'disabled option --set-upstream fails' ' test_expect_success '--set-upstream-to notices an error to set branch as own upstream' ' git branch --set-upstream-to refs/heads/my13 my13 2>actual && cat >expect <<-\EOF && - warning: Not setting branch my13 as its own upstream. + warning: not setting branch my13 as its own upstream EOF test_expect_code 1 git config branch.my13.remote && test_expect_code 1 git config branch.my13.merge && diff --git a/t/t3409-rebase-environ.sh b/t/t3409-rebase-environ.sh new file mode 100755 index 0000000000..83ffb39d9f --- /dev/null +++ b/t/t3409-rebase-environ.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +test_description='git rebase interactive environment' + +. ./test-lib.sh + +test_expect_success 'setup' ' + test_commit one && + test_commit two && + test_commit three +' + +test_expect_success 'rebase --exec does not muck with GIT_DIR' ' + git rebase --exec "printf %s \$GIT_DIR >environ" HEAD~1 && + test_must_be_empty environ +' + +test_expect_success 'rebase --exec does not muck with GIT_WORK_TREE' ' + git rebase --exec "printf %s \$GIT_WORK_TREE >environ" HEAD~1 && + test_must_be_empty environ +' + +test_done diff --git a/t/t4126-apply-empty.sh b/t/t4126-apply-empty.sh index a361e79a81..82284d2f45 100755 --- a/t/t4126-apply-empty.sh +++ b/t/t4126-apply-empty.sh @@ -11,6 +11,8 @@ test_expect_success setup ' git add empty && test_tick && git commit -m initial && + git commit --allow-empty -m "empty commit" && + git format-patch --always HEAD~ >empty.patch && for i in a b c d e do echo $i @@ -27,30 +29,42 @@ test_expect_success setup ' ' test_expect_success 'apply empty' ' - git reset --hard && rm -f missing && + test_when_finished "git reset --hard" && git apply patch0 && test_cmp expect empty ' +test_expect_success 'apply empty patch fails' ' + test_when_finished "git reset --hard" && + test_must_fail git apply empty.patch && + test_must_fail git apply - </dev/null +' + +test_expect_success 'apply with --allow-empty succeeds' ' + test_when_finished "git reset --hard" && + git apply --allow-empty empty.patch && + git apply --allow-empty - </dev/null +' + test_expect_success 'apply --index empty' ' - git reset --hard && rm -f missing && + test_when_finished "git reset --hard" && git apply --index patch0 && test_cmp expect empty && git diff --exit-code ' test_expect_success 'apply create' ' - git reset --hard && rm -f missing && + test_when_finished "git reset --hard" && git apply patch1 && test_cmp expect missing ' test_expect_success 'apply --index create' ' - git reset --hard && rm -f missing && + test_when_finished "git reset --hard" && git apply --index patch1 && test_cmp expect missing && git diff --exit-code diff --git a/t/t4202-log.sh b/t/t4202-log.sh index 7884e3d46b..2ced7e9d81 100755 --- a/t/t4202-log.sh +++ b/t/t4202-log.sh @@ -952,6 +952,43 @@ test_expect_success 'decorate-refs-exclude and simplify-by-decoration' ' test_cmp expect.decorate actual ' +test_expect_success 'decorate-refs with implied decorate from format' ' + cat >expect <<-\EOF && + side-2 (tag: side-2) + side-1 + EOF + git log --no-walk --format="%s%d" \ + --decorate-refs="*side-2" side-1 side-2 \ + >actual && + test_cmp expect actual +' + +test_expect_success 'implied decorate does not override option' ' + cat >expect <<-\EOF && + side-2 (tag: refs/tags/side-2, refs/heads/side) + side-1 (tag: refs/tags/side-1) + EOF + git log --no-walk --format="%s%d" \ + --decorate=full side-1 side-2 \ + >actual && + test_cmp expect actual +' + +test_expect_success 'decorate-refs and simplify-by-decoration without output' ' + cat >expect <<-\EOF && + side-2 + initial + EOF + # Do not just use a --format without %d here; we want to + # make sure that we did not accidentally turn on displaying + # the decorations, too. And that requires one of the regular + # formats. + git log --decorate-refs="*side-2" --oneline \ + --simplify-by-decoration >actual.raw && + sed "s/^[0-9a-f]* //" <actual.raw >actual && + test_cmp expect actual +' + test_expect_success 'log.decorate config parsing' ' git log --oneline --decorate=full >expect.full && git log --oneline --decorate=short >expect.short && @@ -1677,6 +1714,24 @@ test_expect_success GPGSSH 'setup sshkey signed branch' ' git commit -S -m signed_commit ' +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'create signed commits with keys having defined lifetimes' ' + test_config gpg.format ssh && + touch file && + git add file && + + echo expired >file && test_tick && git commit -a -m expired -S"${GPGSSH_KEY_EXPIRED}" && + git tag expired-signed && + + echo notyetvalid >file && test_tick && git commit -a -m notyetvalid -S"${GPGSSH_KEY_NOTYETVALID}" && + git tag notyetvalid-signed && + + echo timeboxedvalid >file && test_tick && git commit -a -m timeboxedvalid -S"${GPGSSH_KEY_TIMEBOXEDVALID}" && + git tag timeboxedvalid-signed && + + echo timeboxedinvalid >file && test_tick && git commit -a -m timeboxedinvalid -S"${GPGSSH_KEY_TIMEBOXEDINVALID}" && + git tag timeboxedinvalid-signed +' + test_expect_success GPGSM 'log x509 fingerprint' ' echo "F8BF62E0693D0694816377099909C779FA23FD65 | " >expect && git log -n1 --format="%GF | %GP" signed-x509 >actual && @@ -1714,6 +1769,31 @@ test_expect_success GPGSSH 'log --graph --show-signature ssh' ' grep "${GOOD_SIGNATURE_TRUSTED}" actual ' +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'log shows failure on expired signature key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git log --graph --show-signature -n1 expired-signed >actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'log shows failure on not yet valid signature key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git log --graph --show-signature -n1 notyetvalid-signed >actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'log show success with commit date and key validity matching' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git log --graph --show-signature -n1 timeboxedvalid-signed >actual && + grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual && + ! grep "${GPGSSH_BAD_SIGNATURE}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'log shows failure with commit date outside of key validity' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git log --graph --show-signature -n1 timeboxedinvalid-signed >actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + test_expect_success GPG 'log --graph --show-signature for merged tag' ' test_when_finished "git reset --hard && git checkout main" && git checkout -b plain main && diff --git a/t/t5504-fetch-receive-strict.sh b/t/t5504-fetch-receive-strict.sh index 6e5a9c20e7..b0b795aca9 100755 --- a/t/t5504-fetch-receive-strict.sh +++ b/t/t5504-fetch-receive-strict.sh @@ -292,7 +292,7 @@ test_expect_success 'push with receive.fsck.missingEmail=warn' ' receive.fsck.missingEmail warn && git push --porcelain dst bogus >act 2>&1 && grep "missingEmail" act && - test_i18ngrep "Skipping unknown msg id.*whatever" act && + test_i18ngrep "skipping unknown msg id.*whatever" act && git --git-dir=dst/.git branch -D bogus && git --git-dir=dst/.git config --add \ receive.fsck.missingEmail ignore && diff --git a/t/t5516-fetch-push.sh b/t/t5516-fetch-push.sh index 7831a38dde..837a49642a 100755 --- a/t/t5516-fetch-push.sh +++ b/t/t5516-fetch-push.sh @@ -1778,6 +1778,38 @@ test_expect_success 'denyCurrentBranch and worktrees' ' test_must_fail git -C cloned push origin HEAD:new-wt && test_config receive.denyCurrentBranch updateInstead && git -C cloned push origin HEAD:new-wt && + test_path_exists new-wt/first.t && test_must_fail git -C cloned push --delete origin new-wt ' + +test_expect_success 'denyCurrentBranch and bare repository worktrees' ' + test_when_finished "rm -fr bare.git" && + git clone --bare . bare.git && + git -C bare.git worktree add wt && + test_commit grape && + git -C bare.git config receive.denyCurrentBranch refuse && + test_must_fail git push bare.git HEAD:wt && + git -C bare.git config receive.denyCurrentBranch updateInstead && + git push bare.git HEAD:wt && + test_path_exists bare.git/wt/grape.t && + test_must_fail git push --delete bare.git wt +' + +test_expect_success 'refuse fetch to current branch of worktree' ' + test_when_finished "git worktree remove --force wt && git branch -D wt" && + git worktree add wt && + test_commit apple && + test_must_fail git fetch . HEAD:wt && + git fetch -u . HEAD:wt +' + +test_expect_success 'refuse fetch to current branch of bare repository worktree' ' + test_when_finished "rm -fr bare.git" && + git clone --bare . bare.git && + git -C bare.git worktree add wt && + test_commit banana && + test_must_fail git -C bare.git fetch .. HEAD:wt && + git -C bare.git fetch -u .. HEAD:wt +' + test_done diff --git a/t/t5553-set-upstream.sh b/t/t5553-set-upstream.sh index 9c12c0f8c3..48050162c2 100755 --- a/t/t5553-set-upstream.sh +++ b/t/t5553-set-upstream.sh @@ -91,6 +91,17 @@ test_expect_success 'fetch --set-upstream with valid URL sets upstream to URL' ' check_config_missing other2 ' +test_expect_success 'fetch --set-upstream with a detached HEAD' ' + git checkout HEAD^0 && + test_when_finished "git checkout -" && + cat >expect <<-\EOF && + warning: could not set upstream of HEAD to '"'"'main'"'"' from '"'"'upstream'"'"' when it does not point to any branch. + EOF + git fetch --set-upstream upstream main 2>actual.raw && + grep ^warning: actual.raw >actual && + test_cmp expect actual +' + # tests for pull --set-upstream test_expect_success 'setup bare parent pull' ' @@ -178,4 +189,15 @@ test_expect_success 'pull --set-upstream with valid URL and branch sets branch' check_config_missing other2 ' +test_expect_success 'pull --set-upstream with a detached HEAD' ' + git checkout HEAD^0 && + test_when_finished "git checkout -" && + cat >expect <<-\EOF && + warning: could not set upstream of HEAD to '"'"'main'"'"' from '"'"'upstream'"'"' when it does not point to any branch. + EOF + git pull --no-rebase --set-upstream upstream main 2>actual.raw && + grep ^warning: actual.raw >actual && + test_cmp expect actual +' + test_done diff --git a/t/t6200-fmt-merge-msg.sh b/t/t6200-fmt-merge-msg.sh index 06c5fb5615..6e10a539ce 100755 --- a/t/t6200-fmt-merge-msg.sh +++ b/t/t6200-fmt-merge-msg.sh @@ -91,6 +91,26 @@ test_expect_success GPGSSH 'created ssh signed commit and tag' ' git tag -s -u"${GPGSSH_KEY_UNTRUSTED}" -m signed-ssh-tag-msg-untrusted signed-untrusted-ssh-tag left ' +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'create signed tags with keys having defined lifetimes' ' + test_when_finished "test_unconfig commit.gpgsign" && + test_config gpg.format ssh && + git checkout -b signed-expiry-ssh && + touch file && + git add file && + + echo expired >file && test_tick && git commit -a -m expired -S"${GPGSSH_KEY_EXPIRED}" && + git tag -s -u "${GPGSSH_KEY_EXPIRED}" -m expired-signed expired-signed && + + echo notyetvalid >file && test_tick && git commit -a -m notyetvalid -S"${GPGSSH_KEY_NOTYETVALID}" && + git tag -s -u "${GPGSSH_KEY_NOTYETVALID}" -m notyetvalid-signed notyetvalid-signed && + + echo timeboxedvalid >file && test_tick && git commit -a -m timeboxedvalid -S"${GPGSSH_KEY_TIMEBOXEDVALID}" && + git tag -s -u "${GPGSSH_KEY_TIMEBOXEDVALID}" -m timeboxedvalid-signed timeboxedvalid-signed && + + echo timeboxedinvalid >file && test_tick && git commit -a -m timeboxedinvalid -S"${GPGSSH_KEY_TIMEBOXEDINVALID}" && + git tag -s -u "${GPGSSH_KEY_TIMEBOXEDINVALID}" -m timeboxedinvalid-signed timeboxedinvalid-signed +' + test_expect_success 'message for merging local branch' ' echo "Merge branch ${apos}left${apos}" >expected && @@ -104,7 +124,7 @@ test_expect_success 'message for merging local branch' ' test_expect_success GPG 'message for merging local tag signed by good key' ' git checkout main && git fetch . signed-good-tag && - git fmt-merge-msg <.git/FETCH_HEAD >actual 2>&1 && + git fmt-merge-msg <.git/FETCH_HEAD >actual && grep "^Merge tag ${apos}signed-good-tag${apos}" actual && grep "^# gpg: Signature made" actual && grep "^# gpg: Good signature from" actual @@ -113,7 +133,7 @@ test_expect_success GPG 'message for merging local tag signed by good key' ' test_expect_success GPG 'message for merging local tag signed by unknown key' ' git checkout main && git fetch . signed-good-tag && - GNUPGHOME=. git fmt-merge-msg <.git/FETCH_HEAD >actual 2>&1 && + GNUPGHOME=. git fmt-merge-msg <.git/FETCH_HEAD >actual && grep "^Merge tag ${apos}signed-good-tag${apos}" actual && grep "^# gpg: Signature made" actual && grep -E "^# gpg: Can${apos}t check signature: (public key not found|No public key)" actual @@ -123,7 +143,8 @@ test_expect_success GPGSSH 'message for merging local tag signed by good ssh key test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && git checkout main && git fetch . signed-good-ssh-tag && - git fmt-merge-msg <.git/FETCH_HEAD >actual 2>&1 && + git fmt-merge-msg <.git/FETCH_HEAD >actual && + grep "^Merge tag ${apos}signed-good-ssh-tag${apos}" actual && grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual && ! grep "${GPGSSH_BAD_SIGNATURE}" actual ' @@ -132,11 +153,50 @@ test_expect_success GPGSSH 'message for merging local tag signed by unknown ssh test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && git checkout main && git fetch . signed-untrusted-ssh-tag && - git fmt-merge-msg <.git/FETCH_HEAD >actual 2>&1 && + git fmt-merge-msg <.git/FETCH_HEAD >actual && + grep "^Merge tag ${apos}signed-untrusted-ssh-tag${apos}" actual && grep "${GPGSSH_GOOD_SIGNATURE_UNTRUSTED}" actual && ! grep "${GPGSSH_BAD_SIGNATURE}" actual && grep "${GPGSSH_KEY_NOT_TRUSTED}" actual ' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'message for merging local tag signed by expired ssh key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git checkout main && + git fetch . expired-signed && + git fmt-merge-msg <.git/FETCH_HEAD >actual && + grep "^Merge tag ${apos}expired-signed${apos}" actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'message for merging local tag signed by not yet valid ssh key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git checkout main && + git fetch . notyetvalid-signed && + git fmt-merge-msg <.git/FETCH_HEAD >actual && + grep "^Merge tag ${apos}notyetvalid-signed${apos}" actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'message for merging local tag signed by valid timeboxed ssh key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git checkout main && + git fetch . timeboxedvalid-signed && + git fmt-merge-msg <.git/FETCH_HEAD >actual && + grep "^Merge tag ${apos}timeboxedvalid-signed${apos}" actual && + grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual && + ! grep "${GPGSSH_BAD_SIGNATURE}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'message for merging local tag signed by invalid timeboxed ssh key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git checkout main && + git fetch . timeboxedinvalid-signed && + git fmt-merge-msg <.git/FETCH_HEAD >actual && + grep "^Merge tag ${apos}timeboxedinvalid-signed${apos}" actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + test_expect_success 'message for merging external branch' ' echo "Merge branch ${apos}left${apos} of $(pwd)" >expected && diff --git a/t/t7031-verify-tag-signed-ssh.sh b/t/t7031-verify-tag-signed-ssh.sh index 06c9dd6c93..1cb36b9ab8 100755 --- a/t/t7031-verify-tag-signed-ssh.sh +++ b/t/t7031-verify-tag-signed-ssh.sh @@ -48,6 +48,23 @@ test_expect_success GPGSSH 'create signed tags ssh' ' git tag -u"${GPGSSH_KEY_UNTRUSTED}" -m eighth eighth-signed-alt ' +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'create signed tags with keys having defined lifetimes' ' + test_when_finished "test_unconfig commit.gpgsign" && + test_config gpg.format ssh && + + echo expired >file && test_tick && git commit -a -m expired -S"${GPGSSH_KEY_EXPIRED}" && + git tag -s -u "${GPGSSH_KEY_EXPIRED}" -m expired-signed expired-signed && + + echo notyetvalid >file && test_tick && git commit -a -m notyetvalid -S"${GPGSSH_KEY_NOTYETVALID}" && + git tag -s -u "${GPGSSH_KEY_NOTYETVALID}" -m notyetvalid-signed notyetvalid-signed && + + echo timeboxedvalid >file && test_tick && git commit -a -m timeboxedvalid -S"${GPGSSH_KEY_TIMEBOXEDVALID}" && + git tag -s -u "${GPGSSH_KEY_TIMEBOXEDVALID}" -m timeboxedvalid-signed timeboxedvalid-signed && + + echo timeboxedinvalid >file && test_tick && git commit -a -m timeboxedinvalid -S"${GPGSSH_KEY_TIMEBOXEDINVALID}" && + git tag -s -u "${GPGSSH_KEY_TIMEBOXEDINVALID}" -m timeboxedinvalid-signed timeboxedinvalid-signed +' + test_expect_success GPGSSH 'verify and show ssh signatures' ' test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && ( @@ -80,6 +97,31 @@ test_expect_success GPGSSH 'verify and show ssh signatures' ' ) ' +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'verify-tag exits failure on expired signature key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + test_must_fail git verify-tag expired-signed 2>actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'verify-tag exits failure on not yet valid signature key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + test_must_fail git verify-tag notyetvalid-signed 2>actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'verify-tag succeeds with tag date and key validity matching' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git verify-tag timeboxedvalid-signed 2>actual && + grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual && + ! grep "${GPGSSH_BAD_SIGNATURE}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'verify-tag failes with tag date outside of key validity' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + test_must_fail git verify-tag timeboxedinvalid-signed 2>actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + test_expect_success GPGSSH 'detect fudged ssh signature' ' test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && git cat-file tag seventh-signed >raw && diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh index d65a0171f2..9882b69ae2 100755 --- a/t/t7510-signed-commit.sh +++ b/t/t7510-signed-commit.sh @@ -228,7 +228,7 @@ test_expect_success GPG 'detect fudged signature with NUL' ' ' test_expect_success GPG 'amending already signed commit' ' - git checkout fourth-signed^0 && + git checkout -f fourth-signed^0 && git commit --amend -S --no-edit && git verify-commit HEAD && git show -s --show-signature HEAD >actual && diff --git a/t/t7528-signed-commit-ssh.sh b/t/t7528-signed-commit-ssh.sh index badf3ed320..f47e995179 100755 --- a/t/t7528-signed-commit-ssh.sh +++ b/t/t7528-signed-commit-ssh.sh @@ -73,7 +73,46 @@ test_expect_success GPGSSH 'create signed commits' ' git tag eleventh-signed $(cat oid) && echo 12 | git commit-tree --gpg-sign="${GPGSSH_KEY_UNTRUSTED}" HEAD^{tree} >oid && test_line_count = 1 oid && - git tag twelfth-signed-alt $(cat oid) + git tag twelfth-signed-alt $(cat oid) && + + echo 13>file && test_tick && git commit -a -m thirteenth -S"${GPGSSH_KEY_ECDSA}" && + git tag thirteenth-signed-ecdsa +' + +test_expect_success GPGSSH 'sign commits using literal public keys with ssh-agent' ' + test_when_finished "test_unconfig commit.gpgsign" && + test_config gpg.format ssh && + eval $(ssh-agent) && + test_when_finished "kill ${SSH_AGENT_PID}" && + ssh-add "${GPGSSH_KEY_PRIMARY}" && + echo 1 >file && git add file && + git commit -a -m rsa-inline -S"$(cat "${GPGSSH_KEY_PRIMARY}.pub")" && + echo 2 >file && + test_config user.signingkey "$(cat "${GPGSSH_KEY_PRIMARY}.pub")" && + git commit -a -m rsa-config -S && + ssh-add "${GPGSSH_KEY_ECDSA}" && + echo 3 >file && + git commit -a -m ecdsa-inline -S"key::$(cat "${GPGSSH_KEY_ECDSA}.pub")" && + echo 4 >file && + test_config user.signingkey "key::$(cat "${GPGSSH_KEY_ECDSA}.pub")" && + git commit -a -m ecdsa-config -S +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'create signed commits with keys having defined lifetimes' ' + test_when_finished "test_unconfig commit.gpgsign" && + test_config gpg.format ssh && + + echo expired >file && test_tick && git commit -a -m expired -S"${GPGSSH_KEY_EXPIRED}" && + git tag expired-signed && + + echo notyetvalid >file && test_tick && git commit -a -m notyetvalid -S"${GPGSSH_KEY_NOTYETVALID}" && + git tag notyetvalid-signed && + + echo timeboxedvalid >file && test_tick && git commit -a -m timeboxedvalid -S"${GPGSSH_KEY_TIMEBOXEDVALID}" && + git tag timeboxedvalid-signed && + + echo timeboxedinvalid >file && test_tick && git commit -a -m timeboxedinvalid -S"${GPGSSH_KEY_TIMEBOXEDINVALID}" && + git tag timeboxedinvalid-signed ' test_expect_success GPGSSH 'verify and show signatures' ' @@ -122,6 +161,31 @@ test_expect_success GPGSSH 'verify-commit exits failure on untrusted signature' grep "${GPGSSH_KEY_NOT_TRUSTED}" actual ' +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'verify-commit exits failure on expired signature key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + test_must_fail git verify-commit expired-signed 2>actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'verify-commit exits failure on not yet valid signature key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + test_must_fail git verify-commit notyetvalid-signed 2>actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'verify-commit succeeds with commit date and key validity matching' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git verify-commit timeboxedvalid-signed 2>actual && + grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual && + ! grep "${GPGSSH_BAD_SIGNATURE}" actual +' + +test_expect_success GPGSSH,GPGSSH_VERIFYTIME 'verify-commit exits failure with commit date outside of key validity' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + test_must_fail git verify-commit timeboxedinvalid-signed 2>actual && + ! grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual +' + test_expect_success GPGSSH 'verify-commit exits success with matching minTrustLevel' ' test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && test_config gpg.minTrustLevel fully && @@ -217,7 +281,7 @@ test_expect_success GPGSSH 'amending already signed commit' ' test_config gpg.format ssh && test_config user.signingkey "${GPGSSH_KEY_PRIMARY}" && test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && - git checkout fourth-signed^0 && + git checkout -f fourth-signed^0 && git commit --amend -S --no-edit && git verify-commit HEAD && git show -s --show-signature HEAD >actual && |