diff options
author | Techcable | 2022-08-06 19:11:24 -0700 |
---|---|---|
committer | Techcable | 2022-08-21 20:35:53 -0700 |
commit | 53bd12acccc144bd6617b7d790429da12a4d1700 (patch) | |
tree | ddb659a16ecf650452a5ce6fb454d31bf590a94d /PKGBUILD | |
parent | afd0dde8194ab686f13e13ac34d8517ac4464084 (diff) | |
download | aur-53bd12acccc144bd6617b7d790429da12a4d1700.tar.gz |
Automatically use latest nightly version of Zig
Downloads directly from https://ziglang.org/download
GPG verification of downloaded files is not currently possible because Zig nightly binaries aren't signed.
See github issue https://github.com/ziglang/zig/issues/4945 for details
Using hardcoded sha256 is also impossible because this is an auto-updating package
Therefore, there is no security beyonnd the basic integrity of a https:// network connection (although that is still some security, you would have to forge a signed HTTPS certificate to intercept).
This commit also changes the versioning scheme to match
the upstream downloads (and be compatible with the main zig package)
This requires incrementing the "epoch"
This change also changes the package to supports multiple architectures (both x86_64 and ARM64)
Diffstat (limited to 'PKGBUILD')
-rw-r--r-- | PKGBUILD | 71 |
1 files changed, 60 insertions, 11 deletions
@@ -1,26 +1,75 @@ # Maintainer: Kaizhao Zhang <zhangkaizhao@gmail.com> - -_buildver=0.10.0-dev.2977+7d2e14267 +# Contributor: Techcable <$USER @ techcable.net> pkgname=zig-dev-bin -pkgver=20220712 +# Old versions of zig-dev-bin used date as pkgver (pkgver=20220712) +# +# Now we use something consistent with zig internal versioning. +# Without changing the epoch, the old version scheme would be considered +# "newer" greater than the new version scheme +epoch=1 +# NOTE: Hyphen -> underscore +pkgver=0.10.0_dev.3475+b3d463c9e pkgrel=1 pkgdesc="A general-purpose programming language and toolchain for maintaining robust, optimal, and reusable software" -arch=('x86_64') +arch=('x86_64' 'aarch64') url="https://ziglang.org/" license=('MIT') +makedepends=(curl jq) options=('!strip') provides=('zig') conflicts=('zig') -source=( - "https://ziglang.org/builds/zig-linux-x86_64-${_buildver}.tar.xz" -) -sha256sums=( - '22faf5006338de0682bb4c62dc0f73e4df5fb837ecaff21570e4ed39dc63b9c1' -) +# NOTE: We don't include the "real" source until build() +source=() +# GPG verification is not currently possible because Zig binaries aren't signed +# Hardcoded sha256 not possible because this is a an auto-updating (nightly) package +# +# Zig Issue for signed binaries: https://github.com/ziglang/zig/issues/4945 +sha256sums=() + +pkgver() { + local index_file="${srcdir}/zig-version-index.json"; + # Invalidate old verison-index.json + # + # If we put version-index in `source` then it would be cached... + if [[ -x "$index_file" ]]; then + rm "$index_file"; + fi + curl -sS "https://ziglang.org/download/index.json" -o "$index_file" + jq -r .master.version "$index_file" | sed 's/-/_/' +} + +prepare() { + local newver="$(pkgver)"; + pushd "${srcdir}" > /dev/null; + local index_file="zig-version-index.json"; + local newurl="$(jq -r ".master.\"${CARCH}-linux\".tarball" $index_file)"; + local newfile="zig-linux-${CARCH}-${newver}.tar.xz"; + source+=("${newfile}:${newurl}") + local expected_hash="$(jq -r ".master.\"${CARCH}-linux\".shasum" "$index_file")" + sha256sums+=("$newhash") + if [[ -f "$newfile" ]]; then + echo "Reusing existing $newfile"; + else + echo "Downloading Zig $newver from $newurl" >&2; + curl -Ss "$newurl" -o "$newfile"; + fi; + echo "" >&2 + echo "WARNING: No way to GPG/SHA verify the version ahead of time" >&2 + echo "See Zig issue https://github.com/ziglang/zig/issues/4945 for signed binaries" >&2; + echo "" >&2; + local actual_hash="$(sha256sum "$newfile" | grep -oE '^\w+')" + if [[ "$expected_hash" != "$actual_hash" ]]; then + echo "ERROR: Expected hash $expected_hash for $newfile, but got $actual_hash" >&2; + exit 1; + fi; + echo "Extracting file"; + tar -xf "$newfile"; + popd > /dev/null; +} package() { - cd "${srcdir}/zig-linux-x86_64-${_buildver}" + cd "${srcdir}/zig-linux-${CARCH}-${pkgver//_/-}" install -d "${pkgdir}/usr/bin" install -d "${pkgdir}/usr/lib/zig" cp -R lib "${pkgdir}/usr/lib/zig/lib" |