ci: try fix ext

Reviewed-on: artix/artools#96

.github/workflows/lint.yaml

@@ -0,0 +1,28 @@
+name: Artools shellcheck
+run-name: ${{ gitea.actor }}
+on:
+  push:
+    branches:
+      - ci
+    tags:
+      - 0.*
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout repo
+        uses: actions/checkout@main
+      - name: Run ShellCheck shell-linter
+        uses: azohra/shell-linter@latest
+        with:
+          path: "src/base/*.in,src/pkg/*.in,src/iso/*.in"
+          severity: "error"
+      - name: Run ShellCheck action-shellcheck
+        uses: ludeeus/action-shellcheck@master
+        env:
+          SHELLCHECK_OPTS: -x -s bash
+        with:
+          additional_files: "src/base/*.in*"
+          #scandir: 'src/base'
+

Makefile

@@ -1,6 +1,6 @@
 SHELL=/bin/bash
 
-V=0.31
+V=0.32
 BUILDTOOLVER ?= $(V)
 
 CHROOTVER=0.12

config/makepkg/x86_64.conf

@@ -44,7 +44,8 @@ CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fexceptions \
         -Wp,-D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security \
         -fstack-clash-protection -fcf-protection"
 CXXFLAGS="$CFLAGS -Wp,-D_GLIBCXX_ASSERTIONS"
-LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
+LDFLAGS="-Wl,-O1 -Wl,--sort-common -Wl,--as-needed -Wl,-z,relro -Wl,-z,now \
+         -Wl,-z,pack-relative-relocs"
 LTOFLAGS="-flto=auto"
 RUSTFLAGS=""
 #-- Make Flags: change this for DistCC/SMP systems

src/lib/pkg/admin.sh

@@ -15,6 +15,7 @@ artixpkg_admin_usage() {
     COMMANDS
         transfer          Transfer obsolete repository to landfill
         query             Query maintainers and topics
+        topic             Manage topics
 
     OPTIONS
         -h, --help     Show this help text
@@ -55,6 +56,14 @@ artixpkg_admin() {
             artixpkg_admin_query "$@"
             exit 0
         ;;
+        topic)
+            _ARTOOLS_COMMAND+=" $1"
+            shift
+            # shellcheck source=src/lib/pkg/admin/query.sh
+            source "${LIBDIR}"/pkg/admin/topic.sh
+            artixpkg_admin_topic "$@"
+            exit 0
+        ;;
         -*)
             die "invalid argument: %s" "$1"
         ;;

src/lib/pkg/admin/query.sh

@@ -19,8 +19,8 @@ artixpkg_admin_query_usage() {
         -h, --help                 Show this help text
 
     EXAMPLES
-        $ ${COMMAND} --maintainer maintainer-mynickname
+        $ ${COMMAND} --maintainer tux
-        $ ${COMMAND} --topic myopic
+        $ ${COMMAND} --topic mytopic
 _EOF_
 }
 

src/lib/pkg/admin/topic.sh

@@ -0,0 +1,139 @@
+#!/bin/bash
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+[[ -z ${ARTOOLS_INCLUDE_ADMIN_TOPIC_SH:-} ]] || return 0
+ARTOOLS_INCLUDE_ADMIN_TOPIC_SH=1
+
+set -e
+
+
+artixpkg_admin_topic_usage() {
+    local -r COMMAND=${_ARTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}}
+    cat <<- _EOF_
+    Usage: ${COMMAND} [OPTIONS] [PKGBASE]...
+
+    OPTIONS
+        -a, --add              Add a topic
+        -d, --del              Delete a topic
+        -j, --jobs N           Run up to N jobs in parallel (default: $(nproc))
+        -h, --help             Show this help text
+
+    EXAMPLES
+        $ ${COMMAND} --add mytopic libfoo
+        $ ${COMMAND} --del mytopic libbar
+        $ ${COMMAND} --add mytopic libfoo libbar
+        $ ${COMMAND} --del mytopic libfoo libbar
+_EOF_
+}
+
+
+
+artixpkg_admin_topic() {
+    if (( $# < 1 )); then
+        artixpkg_admin_topic_usage
+        exit 0
+    fi
+
+    # options
+    local pkgbases=()
+    local pkgbase
+
+    local ADD_TOPIC
+    local DEL_TOPIC
+    local ADD=0
+    local DEL=0
+    local jobs=
+    jobs=$(nproc)
+
+    local RUNCMD=${_ARTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}}
+
+    while (( $# )); do
+        case $1 in
+            -a|--add)
+                (( $# <= 1 )) && die "missing argument for %s" "$1"
+                ADD_TOPIC="$2"
+                ADD=1
+                RUNCMD+=" -a ${ADD_TOPIC}"
+                shift 2
+            ;;
+            --add=*)
+                ADD_TOPIC="${1#*=}"
+                ADD=1
+                RUNCMD+=" --add=${ADD_TOPIC}"
+                shift
+            ;;
+            -d|--del)
+                (( $# <= 1 )) && die "missing argument for %s" "$1"
+                DEL_TOPIC="$2"
+                DEL=1
+                RUNCMD+=" -d ${DEL_TOPIC}"
+                shift 2
+            ;;
+            --del=*)
+                DEL_TOPIC="${1#*=}"
+                DEL=1
+                RUNCMD+=" --del=${DEL_TOPIC}"
+                shift
+            ;;
+            -h|--help)
+                artixpkg_admin_topic_usage
+                exit 0
+            ;;
+            -j|--jobs)
+                (( $# <= 1 )) && die "missing argument for %s" "$1"
+                jobs=$2
+                shift 2
+            ;;
+            --)
+                shift
+                break
+            ;;
+            -*)
+                die "invalid argument: %s" "$1"
+            ;;
+            *)
+                break
+            ;;
+        esac
+    done
+
+    pkgbases+=("$@")
+
+    if [[ -n ${GIT_TOKEN} ]]; then
+
+        # parallelization
+        if [[ ${jobs} != 1 ]] && (( ${#pkgbases[@]} > 1 )); then
+            if [[ -n ${BOLD} ]]; then
+                export ARTOOLS_COLOR=always
+            fi
+            if ! parallel --bar --jobs "${jobs}" "${RUNCMD}" ::: "${pkgbases[@]}"; then
+                die 'Failed to manage some topic, please check the output'
+                exit 1
+            fi
+            exit 0
+        fi
+
+        for pkgbase in "${pkgbases[@]}"; do
+
+            # topics meta
+            if (( ADD )); then
+                local gitname
+                gitname=$(get_compliant_name "${pkgbase}")
+                if ! add_topic "${gitname}" "${ADD_TOPIC}"; then
+                    warning "failed to add the topic: ${ADD_TOPIC}"
+                fi
+            fi
+
+            if (( DEL )); then
+                local gitname
+                gitname=$(get_compliant_name "${pkgbase}")
+                if ! remove_topic "${gitname}" "${DEL_TOPIC}"; then
+                    warning "failed to delete the topic: ${DEL_TOPIC}"
+                fi
+            fi
+
+        done
+
+    fi
+}

src/lib/pkg/git/clone.sh

@@ -21,6 +21,7 @@ artixpkg_git_clone_usage() {
         --protocol https           Clone the repository over https
         -t, --topic=NAME           Clone all packages of the named topic
         -a, --agent=NAME           Set the CI agent (default: official)
+                                   Possible values: [official, galaxy]
         -j, --jobs N               Run up to N jobs in parallel (default: $(nproc))
         --all                      Clone all existing packages, useful for cache warming
         -h, --help                 Show this help text
@@ -28,8 +29,9 @@ artixpkg_git_clone_usage() {
     EXAMPLES
         $ ${COMMAND} libfoo linux libbar
         $ ${COMMAND} --maintainer tux
-        $ ${COMMAND} --topic myopic
+        $ ${COMMAND} --topic mytopic
-        $ ${COMMAND} -j 8 --topic myopic
+        $ ${COMMAND} -j 8 --topic mytopic
+        $ ${COMMAND} --agent galaxy libfoo
 _EOF_
 }
 
@@ -97,7 +99,7 @@ artixpkg_git_clone() {
                 shift 2
             ;;
             --agent=*)
-                CONFIGURE_OPTIONS+=("${1#*=}")
+                CONFIGURE_OPTIONS+=("${1}")
                 shift
             ;;
             --all)

src/lib/pkg/git/config.sh

@@ -34,15 +34,18 @@ artixpkg_git_config_usage() {
 
     OPTIONS
         -m, --maintainer       Set the maintainer topic via gitea api
-        -u, --upstream         Add upstream arch remote
+        -d, --drop             Drop the maintainer topic via gitea api
         -a, --agent=NAME       Set the CI agent (default: official)
+                               Possible values: [official, galaxy]
         --protocol https       Configure remote url to use https
         -j, --jobs N           Run up to N jobs in parallel (default: $(nproc))
         -h, --help             Show this help text
 
     EXAMPLES
-        $ ${COMMAND} --maintainer tux
+        $ ${COMMAND} --maintainer libfoo
-        $ ${COMMAND} --upstream libfoo
+        $ ${COMMAND} --agent=galaxy libfoo
+        $ ${COMMAND} -a galaxy libfoo
+        $ ${COMMAND} --drop libfoo
         $ ${COMMAND} *
 _EOF_
 }
@@ -106,12 +109,12 @@ artixpkg_git_config() {
     local paths=()
 
     local SET_TOPIC=0
-    local UPSTREAM=0
+    local DROP_TOPIC=0
     local AGENT=
     local CI_ADDED=0
 
     # variables
-    local -r command=${_ARTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}}
+    local RUNCMD=${_ARTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}}
     local path realpath pkgbase
     local PACKAGER GPGKEY packager_name packager_email
 
@@ -123,10 +126,12 @@ artixpkg_git_config() {
         ;;
         -m|--maintainer)
             SET_TOPIC=1
+            RUNCMD+=" -m"
             shift
         ;;
-        -u|--upstream)
+        -d|--drop)
-            UPSTREAM=1
+            DROP_TOPIC=1
+            RUNCMD+=" -d"
             shift
         ;;
         -a|--agent)
@@ -215,7 +220,7 @@ artixpkg_git_config() {
         if [[ -n ${BOLD} ]]; then
             export ARTOOLS_COLOR=always
         fi
-        if ! parallel --bar --jobs "${jobs}" "${command}" ::: "${paths[@]}"; then
+        if ! parallel --bar --jobs "${jobs}" "${RUNCMD}" ::: "${paths[@]}"; then
             die 'Failed to configure some packages, please check the output'
             exit 1
         fi
@@ -269,11 +274,15 @@ artixpkg_git_config() {
                     fi
                 fi
             fi
-            if (( UPSTREAM )); then
+
-                local remote_url
+            if (( DROP_TOPIC )); then
-                remote_url="${GIT_UPSTREAM_URL}/${pkgbase}".git
+                if [[ -n ${GIT_TOKEN} ]]; then
-                if ! git remote add upstream "${remote_url}"; then
+                    local topic gitname
-                    warning "failed to set the upstream: ${remote_url}"
+                    topic="maintainer-${packager_name}"
+                    gitname=$(get_compliant_name "${pkgbase}")
+                    if ! remove_topic "${gitname}" "${topic}"; then
+                        warning "failed to drop the maintainer topic: ${topic}"
+                    fi
                 fi
             fi
 

src/lib/pkg/git/create.sh

@@ -20,7 +20,8 @@ artixpkg_git_create_usage() {
 
     OPTIONS
         -c, --clone           Clone the Git repository after creation
-        -t, --team=NAME       Assign team name [default: world]
+        -t, --team=NAME       Assign team name (default: world)
+                              Possible values: [system, world, lib32, galaxy]
         -h, --help            Show this help text
 
     EXAMPLES
@@ -35,7 +36,7 @@ artixpkg_git_create() {
     local clone=0
     local config=0
     local TEAM="${ARTIX_DB[5]}"
-    local OPTIONS=()
+    local AGENT=()
 
     local TEAMS=(
         "${ARTIX_DB[2]}"
@@ -108,12 +109,12 @@ artixpkg_git_create() {
             msg_success "Successfully created ${pkgbase}"
         fi
         if [[ ${TEAM} == ${ARTIX_DB[11]} ]]; then
-            OPTIONS+=(--agent="${TEAM}")
+            AGENT+=(--agent="${TEAM}")
         fi
         if (( clone )); then
-            artixpkg_git_clone "${OPTIONS[@]}" "${pkgbase}"
+            artixpkg_git_clone "${AGENT[@]}" "${pkgbase}"
         elif (( config )); then
-            artixpkg_git_config "${OPTIONS[@]}"
+            artixpkg_git_config "${AGENT[@]}"
         fi
 
     done

src/lib/pkg/repo.sh

@@ -11,31 +11,27 @@ source "${LIBDIR}"/pkg/db/db.sh
 set -e
 
 
-check_pkgbuild_validity() {
+show_agent() {
-    # shellcheck source=contrib/makepkg/PKGBUILD.proto
+    local agent="orion"
-    . ./PKGBUILD
+    msg "Checking agent ..."
-
+    if grep @galaxy "${REPO_CI}" &>/dev/null; then
-    # skip when there are no sources available
+        agent="taurus"
-    if (( ! ${#source[@]} )); then
-        return
     fi
+    msg2 "agent: %s" "$agent"
+}
 
-    # validate sources hash algo is at least > sha1
+has_remote_changes() {
-    local bad_algos=("cksums" "md5sums" "sha1sums")
+    local status
-    local good_hash_algo=false
+    msg "Checking for remote changes ..."
-
+    git fetch origin &>/dev/null
-    # from makepkg libmakepkg/util/schema.sh
+    status=$(git status -sb --porcelain)
-    for integ in "${known_hash_algos[@]}"; do
+    if [[ "$status" == *behind* ]]; then
-        local sumname="${integ}sums"
+        msg2 "changes: yes"
-        if [[ -n ${!sumname} ]] && ! in_array "${sumname}" "${bad_algos[@]}"; then
+        error "Remote changes detected! Please pull (%s)" "${pkgbase}"
-            good_hash_algo=true
+        return 0
-            break
-        fi
-    done
-
-    if ! $good_hash_algo; then
-        die "PKGBUILD lacks a secure cryptographic checksum, insecure algorithms: ${bad_algos[*]}"
     fi
+    msg2 "changes: no"
+    return 1
 }
 
 artixpkg_repo_usage() {

src/lib/pkg/repo/add.sh

@@ -8,6 +8,30 @@ ARTOOLS_INCLUDE_REPO_ADD_SH=1
 set -e
 
 
+check_pkgbuild_validity() {
+    # skip when there are no sources available
+    if (( ! ${#source[@]} )); then
+        return
+    fi
+
+    # validate sources hash algo is at least > sha1
+    local bad_algos=("cksums" "md5sums" "sha1sums")
+    local good_hash_algo=false
+
+    # from makepkg libmakepkg/util/schema.sh
+    for integ in "${known_hash_algos[@]}"; do
+        local sumname="${integ}sums"
+        if [[ -n ${!sumname} ]] && ! in_array "${sumname}" "${bad_algos[@]}"; then
+            good_hash_algo=true
+            break
+        fi
+    done
+
+    if ! $good_hash_algo; then
+        die "PKGBUILD lacks a secure cryptographic checksum, insecure algorithms: ${bad_algos[*]}"
+    fi
+}
+
 artixpkg_repo_add_usage() {
     local -r COMMAND=${_ARTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}}
     cat <<- _EOF_
@@ -86,45 +110,57 @@ artixpkg_repo_add() {
             fi
             ( cd "${pkgbase}" || return
 
-                if [[ ! -f PKGBUILD ]]; then
+                if ! has_remote_changes; then
-                    die "No PKGBUILD found in (%s)" "${pkgbase}"
-                fi
 
-                # shellcheck source=contrib/makepkg/PKGBUILD.proto
+                    if [[ ! -f PKGBUILD ]]; then
-                source PKGBUILD
+                        die "No PKGBUILD found in (%s)" "${pkgbase}"
-
-                update_yaml_base
-                update_yaml_add "${REBUILD}" "${ADD}" "${NOCHECK}" "${DEST}"
-
-                local commit_msg
-                commit_msg=$(get_commit_msg 'add' "${DEST}")
-
-                if [[ -n $(git status --porcelain --untracked-files=no) ]]; then
-
-                    stat_busy 'Staging files'
-                    for f in $(git ls-files --others); do
-                        git add "$f"
-                    done
-                    for f in $(git ls-files --modified); do
-                        git add "$f"
-                    done
-                    for f in $(git ls-files --deleted); do
-                        git rm "$f"
-                    done
-                    stat_done
-
-                    msg 'Commit'
-                    git commit -m "${commit_msg}"
-
-                    if (( PUSH )); then
-                        msg "Push (${pkgbase})"
-                        git push origin master
                     fi
 
-                    msg "Querying ${pkgbase} ..."
+                    # shellcheck source=contrib/makepkg/PKGBUILD.proto
-                    if ! show_db; then
+                    source PKGBUILD
-                        warning "Could not query ${REPO_DB}"
+
+                    check_pkgbuild_validity
+
+                    manage-pkgbuild-keys --export
+
+                    update_yaml_base
+                    update_yaml_add "${REBUILD}" "${ADD}" "${NOCHECK}" "${DEST}"
+
+                    local commit_msg
+                    commit_msg=$(get_commit_msg 'add' "${DEST}")
+
+                    if [[ -f .SRCINFO ]]; then
+                        rm .SRCINFO
                     fi
+
+                    if [[ -n $(git status --porcelain --untracked-files=no) ]]; then
+
+                        stat_busy 'Staging files'
+                        for f in $(git ls-files --others); do
+                            git add "$f"
+                        done
+                        for f in $(git ls-files --modified); do
+                            git add "$f"
+                        done
+                        for f in $(git ls-files --deleted); do
+                            git rm "$f"
+                        done
+                        stat_done
+
+                        msg 'Commit'
+                        git commit -m "${commit_msg}"
+
+                        if (( PUSH )); then
+                            msg "Push (${pkgbase})"
+                            git push origin master
+                        fi
+
+                        msg "Querying ${pkgbase} ..."
+                        if ! show_db; then
+                            warning "Could not query ${REPO_DB}"
+                        fi
+                    fi
+
                 fi
             )
         fi

src/lib/pkg/repo/import.sh

@@ -10,31 +10,22 @@ set -e
 
 patch_pkgbase(){
     local name="$1"
-    local pkgbuild
-    pkgbuild=PKGBUILD
-
-    sed -e 's|arch-meson|artix-meson|' -i "${pkgbuild}"
-
     case "${name}" in
-        glibc)
+        linux|linux-lts|linux-zen|linux-hardened|linux-rt*)
-            sed -e 's|{locale,systemd/system,tmpfiles.d}|{locale,tmpfiles.d}|' \
+            sed -e 's|KBUILD_BUILD_HOST=.*|KBUILD_BUILD_HOST=artixlinux|' -i PKGBUILD
-                -e '/nscd.service/d' \
-                -i "${pkgbuild}"
-        ;;
-        linux|linux-lts|linux-zen|linux-hardened|linux-rt|linux-rt-lts)
-            sed -e 's|KBUILD_BUILD_HOST=.*|KBUILD_BUILD_HOST=artixlinux|' -i "${pkgbuild}"
             sed -e 's|CONFIG_DEFAULT_HOSTNAME=.*|CONFIG_DEFAULT_HOSTNAME="artixlinux"|' \
                 -i config
         ;;
-        gstreamer|gst-plugins-*|licenses)
+        *)
             sed -e 's|https://www.archlinux.org/|https://www.artixlinux.org/|' \
                 -e 's|(Arch Linux)|(Artix Linux)|' \
-                -i "${pkgbuild}"
+                -e 's|arch-meson|artix-meson|' \
+                -i PKGBUILD
         ;;
     esac
+    git --no-pager diff PKGBUILD
 }
 
-
 artixpkg_repo_import_usage() {
     local -r COMMAND=${_ARTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}}
     cat <<- _EOF_
@@ -72,8 +63,9 @@ artixpkg_repo_import() {
         --exclude '.gitignore'
         --exclude 'README.md'
         --exclude '*.service'
-        --exclude '*.timer'
+        --exclude '.SRCINFO'
         --exclude '*.socket'
+        --exclude '*.timer'
     )
 
     while (( $# )); do
@@ -122,9 +114,8 @@ artixpkg_repo_import() {
                 fi
                 stat_done
 
-                stat_busy "Fetching upstream tags"
+                msg2 "Fetching upstream tags"
                 git fetch --tags upstream main
-                stat_done
 
                 local latest version
                 latest=$(git describe --tags FETCH_HEAD)
@@ -133,21 +124,27 @@ artixpkg_repo_import() {
                     version="${TAG}"
                 fi
 
-                stat_busy "Importing upstream changeset for ${version}"
+                if ! has_remote_changes; then
+                    show_agent
+                    msg "Querying ${pkgbase} ..."
+                    if ! show_db; then
+                        warning "Could not query ${REPO_DB}"
+                    fi
 
-                git checkout "${version}" -b "${version}" &>/dev/null
+                    git checkout "${version}" -b "${version}" &>/dev/null
-                local temp
+                    local temp
-                temp=$(mktemp -d --tmpdir "${pkgbase}.XXXXXXXXXX")
+                    temp=$(mktemp -d --tmpdir "${pkgbase}.XXXXXXXXXX")
 
-                rsync "${rsync_args[@]}" "$(pwd)"/ "${temp}"/ &>/dev/null
+                    rsync "${rsync_args[@]}" "$(pwd)"/ "${temp}"/ &>/dev/null
-                git checkout master &>/dev/null
+                    git checkout master &>/dev/null
-                git branch -D "${version}" &>/dev/null
+                    git branch -D "${version}" &>/dev/null
 
-                stat_done
+                    msg "Importing upstream changeset for ${version}"
+                    rsync "${rsync_args[@]}" "${temp}"/ "$(pwd)"/ #&>/dev/null
 
-                rsync "${rsync_args[@]}" "${temp}"/ "$(pwd)"/ #&>/dev/null
+                    msg2 "Patching ${pkgbase} ..."
-
+                    patch_pkgbase "${pkgbase}"
-                patch_pkgbase "${pkgbase}"
+                fi
             )
         fi
 

src/lib/pkg/repo/move.sh

@@ -80,38 +80,71 @@ artixpkg_repo_move() {
             fi
             ( cd "${pkgbase}" || return
 
-                if [[ ! -f PKGBUILD ]]; then
+                if ! has_remote_changes; then
-                    die "No PKGBUILD found in (%s)" "${pkgbase}"
-                fi
 
-                local commit_msg
+                    if [[ ! -f PKGBUILD ]]; then
-                commit_msg=$(get_commit_msg 'move' "${DEST}" "${SRC}")
+                        die "No PKGBUILD found in (%s)" "${pkgbase}"
+                    fi
 
-                update_yaml_move "${SRC}" "${DEST}"
+                    local commit_msg src_version dest_version
+                    commit_msg=$(get_commit_msg 'move' "${DEST}" "${SRC}")
 
-                if [[ -n $(git status --porcelain --untracked-files=no) ]]; then
+                    src_version=$(version_from_yaml "${SRC}")
+                    dest_version=$(version_from_yaml "${DEST}")
+
+                    if [[ "$src_version" != null ]]; then
+
+                        local ret
+                        ret=$(vercmp "$src_version" "$dest_version")
+
+                        if (( ret > 0 )); then
+
+                            update_yaml_move "${SRC}" "${DEST}"
+
+                            if [[ -f .SRCINFO ]]; then
+                                rm .SRCINFO
+                            fi
+
+                            if [[ -n $(git status --porcelain --untracked-files=no) ]]; then
+
+                                stat_busy 'Staging files'
+                                for f in $(git ls-files --modified); do
+                                    if [[ "$f" == "${REPO_DB}" ]]; then
+                                        git add "$f"
+                                    fi
+                                done
+                                stat_done
+
+                                msg 'Commit'
+                                git commit -m "${commit_msg}"
+
+                                if (( PUSH )); then
+                                    msg "Push (${pkgbase})"
+                                    git push origin master
+                                fi
+
+                                msg "Querying ${pkgbase} ..."
+                                if ! show_db; then
+                                    warning "Could not query ${REPO_DB}"
+                                fi
+
+                            fi
+
+                        elif (( ret < 0 )); then
+
+                            error "${pkgbase}: invalid move: version $src_version < $dest_version!"
+
+                        else
+                            error "${pkgbase}: invalid move: version $src_version = $dest_version!"
 
-                    stat_busy 'Staging files'
-                    for f in $(git ls-files --modified); do
-                        if [[ "$f" == "${REPO_DB}" ]]; then
-                            git add "$f"
                         fi
-                    done
-                    stat_done
 
-                    msg 'Commit'
+                    else
-                    git commit -m "${commit_msg}"
+                        error "${pkgbase}: invalid move: version $src_version!"
-
-                    if (( PUSH )); then
-                        msg "Push (${pkgbase})"
-                        git push origin master
                     fi
 
-                    msg "Querying ${pkgbase} ..."
-                    if ! show_db; then
-                        warning "Could not query ${REPO_DB}"
-                    fi
                 fi
+
             )
         fi
 

src/lib/pkg/repo/remove.sh

@@ -73,36 +73,40 @@ artixpkg_repo_remove() {
             fi
             ( cd "${pkgbase}" || return
 
-                if [[ ! -f PKGBUILD ]]; then
+                if ! has_remote_changes; then
-                    die "No PKGBUILD found in (%s)" "${pkgbase}"
-                fi
 
-                local commit_msg
+                    if [[ ! -f PKGBUILD ]]; then
-                commit_msg=$(get_commit_msg 'remove' "${DEST}")
+                        die "No PKGBUILD found in (%s)" "${pkgbase}"
-
-                update_yaml_remove "${DEST}"
-
-                if [[ -n $(git status --porcelain --untracked-files=no) ]]; then
-
-                    stat_busy 'Staging files'
-                    for f in $(git ls-files --modified); do
-                        if [[ "$f" == "${REPO_DB}" ]]; then
-                            git add "$f"
-                        fi
-                    done
-                    stat_done
-
-                    msg 'Commit'
-                    git commit -m "${commit_msg}"
-
-                    if (( PUSH )); then
-                        msg "Push (${pkgbase})"
-                        git push origin master
                     fi
 
-                    msg "Querying ${pkgbase} ..."
+                    local commit_msg
-                    if ! show_db; then
+                    commit_msg=$(get_commit_msg 'remove' "${DEST}")
-                        warning "Could not query ${REPO_DB}"
+
+                    update_yaml_remove "${DEST}"
+
+                    if [[ -n $(git status --porcelain --untracked-files=no) ]]; then
+
+                        stat_busy 'Staging files'
+                        for f in $(git ls-files --modified); do
+                            if [[ "$f" == "${REPO_DB}" ]]; then
+                                git add "$f"
+                            fi
+                        done
+                        stat_done
+
+                        msg 'Commit'
+                        git commit -m "${commit_msg}"
+
+                        if (( PUSH )); then
+                            msg "Push (${pkgbase})"
+                            git push origin master
+                        fi
+
+                        msg "Querying ${pkgbase} ..."
+                        if ! show_db; then
+                            warning "Could not query ${REPO_DB}"
+                        fi
+
                     fi
 
                 fi

src/lib/pkg/repo/show.sh

@@ -8,18 +8,6 @@ ARTOOLS_INCLUDE_REPO_SHOW_SH=1
 set -e
 
 
-has_changeset(){
-    git fetch origin &>/dev/null
-
-    if [[ $(git rev-parse HEAD) != $(git rev-parse @{u}) ]]; then
-        msg2 "changes: yes"
-        git status -sb
-        return 0
-    fi
-    msg2 "changes: no"
-    return 1
-}
-
 artixpkg_repo_show_usage() {
     local -r COMMAND=${_ARTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}}
     cat <<- _EOF_
@@ -84,28 +72,27 @@ artixpkg_repo_show() {
             fi
             ( cd "${pkgbase}" || return
 
-                msg "Checking origin for changes"
+                if ! has_remote_changes; then
-                if has_changeset; then
+                    if [[ ! -f PKGBUILD ]]; then
-                    warning "Remote changes detected! Please update (%s)" "${pkgbase}"
+                        die "No PKGBUILD found in (%s)" "${pkgbase}"
-                fi
+                    fi
 
-                if [[ ! -f PKGBUILD ]]; then
+                    show_agent
-                    die "No PKGBUILD found in (%s)" "${pkgbase}"
-                fi
 
-                msg "Querying ${pkgbase} ..."
+                    msg "Querying ${pkgbase} ..."
-                if ! show_db; then
+                    if ! show_db; then
-                    warning "Could not query ${REPO_DB}"
+                        warning "Could not query ${REPO_DB}"
-                fi
+                    fi
 
-                if (( SRC_BASE )); then
+                    if (( SRC_BASE )); then
-                    msg "Showing srcinfo base ..."
+                        msg "Showing srcinfo base ..."
-                    show_srcinfo_base
+                        show_srcinfo_base
-                fi
+                    fi
 
-                if (( SRC_PKGS )); then
+                    if (( SRC_PKGS )); then
-                    msg "Showing srcinfo pkgs ..."
+                        msg "Showing srcinfo pkgs ..."
-                    show_srcinfo_pkgs
+                        show_srcinfo_pkgs
+                    fi
                 fi
 
             )

src/pkg/export-pkgbuild-keys.in

@@ -1,73 +0,0 @@
-#!/bin/bash
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-LIBDIR=${LIBDIR:-'@libdir@'}
-
-# shellcheck source=src/lib/base/message.sh
-source "${LIBDIR}"/base/message.sh
-
-usage() {
-    cat <<- _EOF_
-        Usage: ${BASH_SOURCE[0]##*/}
-
-        Export the PGP keys from a PKGBUILDs validpgpkeys array into the keys/pgp/
-        subdirectory. Useful for distributing packager validated source signing
-        keys alongside PKGBUILDs.
-
-        OPTIONS
-            -h, --help      Show this help text
-_EOF_
-}
-
-# option checking
-while (( $# )); do
-    case $1 in
-        -h|--help) usage; exit 0 ;;
-        *) die "invalid argument: %s" "$1" ;;
-    esac
-done
-
-if [[ ! -f PKGBUILD ]]; then
-    die "This must be run a directory containing a PKGBUILD."
-fi
-
-mapfile -t validpgpkeys < <(
-    # shellcheck source=contrib/makepkg/PKGBUILD.proto
-    . ./PKGBUILD
-    if (( ${#validpgpkeys[@]} )); then
-        printf "%s\n" "${validpgpkeys[@]}"
-    fi
-)
-
-msg "Exporting ${#validpgpkeys[@]} PGP keys..."
-if (( ${#validpgpkeys[@]} == 0 )); then
-    exit 0
-fi
-
-trap 'rm -rf $TEMPDIR' EXIT INT TERM QUIT
-TEMPDIR=$(mktemp -d --tmpdir export-pkgbuild-keys.XXXXXXXXXX)
-
-mkdir -p keys/pgp
-error=0
-
-for key in "${validpgpkeys[@]}"; do
-    gpg --output "$TEMPDIR/$key.asc" --armor --export --export-options export-minimal "$key" 2>/dev/null
-
-    # gpg does not give a non-zero return value if it fails to export...
-    if [[ -f $TEMPDIR/$key.asc ]]; then
-        msg2 "Exported $key"
-        mv "$TEMPDIR/$key.asc" "keys/pgp/$key.asc"
-    else
-        if [[ -f keys/pgp/$key.asc ]]; then
-            warning "Failed to update key: $key"
-        else
-            error "Key unavailable: $key"
-            error=1
-        fi
-    fi
-done
-
-if (( error )); then
-    die "Failed to export all \'validpgpkeys\' entries."
-fi

src/pkg/manage-pkgbuild-keys.in

@@ -0,0 +1,97 @@
+#!/bin/bash
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+LIBDIR=${LIBDIR:-'@libdir@'}
+
+# shellcheck source=src/lib/base/message.sh
+source "${LIBDIR}"/base/message.sh
+
+
+usage() {
+    cat <<- _EOF_
+        Usage: ${BASH_SOURCE[0]##*/}
+
+        Export or import the PGP keys from a PKGBUILDs validpgpkeys array into/from the keys/pgp/
+        subdirectory. Useful for distributing packager validated source signing
+        keys alongside PKGBUILDs.
+
+        OPTIONS
+            -i, --import    Import keys
+            -e, --export    Export keys
+            -h, --help      Show this help text
+_EOF_
+}
+
+action=
+
+# option checking
+while (( $# )); do
+    case $1 in
+        -i|--import) action="import"; shift ;;
+        -e|--export) action="export"; shift ;;
+        -h|--help) usage; exit 0 ;;
+        *) die "invalid argument: %s" "$1" ;;
+    esac
+done
+
+if [[ ! -f PKGBUILD ]]; then
+    die "This must be run a directory containing a PKGBUILD."
+fi
+
+mapfile -t validpgpkeys < <(
+    # shellcheck source=contrib/makepkg/PKGBUILD.proto
+    . ./PKGBUILD
+    if (( ${#validpgpkeys[@]} )); then
+        printf "%s\n" "${validpgpkeys[@]}"
+    fi
+)
+
+if [[ "$action" == 'export' ]]; then
+    msg "Exporting ${#validpgpkeys[@]} PGP keys..."
+    if (( ${#validpgpkeys[@]} == 0 )); then
+        exit 0
+    fi
+
+    trap 'rm -rf $TEMPDIR' EXIT INT TERM QUIT
+    TEMPDIR=$(mktemp -d --tmpdir export-pkgbuild-keys.XXXXXXXXXX)
+
+    mkdir -p keys/pgp
+    error=0
+
+
+    for key in "${validpgpkeys[@]}"; do
+        gpg --output "$TEMPDIR/$key.asc" --armor --export --export-options export-minimal "$key" 2>/dev/null
+
+        # gpg does not give a non-zero return value if it fails to export...
+        if [[ -f $TEMPDIR/$key.asc ]]; then
+            msg2 "Exported $key"
+            mv "$TEMPDIR/$key.asc" "keys/pgp/$key.asc"
+        else
+            if [[ -f keys/pgp/$key.asc ]]; then
+                warning "Failed to update key: $key"
+            else
+                error "Key unavailable: $key"
+                error=1
+            fi
+        fi
+    done
+elif [[ "$action" == 'import' ]]; then
+    msg "Ensuring required PGP keys are present..."
+    for key in "${validpgpkeys[@]}"; do
+        msg2 "Checking for $key..."
+        if ! gpg --recv-keys $key || gpg --fingerprint $key; then
+            if [[ -f keys/pgp/$key.asc ]]; then
+                msg2 "Importing key from local..."
+                gpg --import keys/pgp/$key.asc
+            else
+                error "Key unavailable: $key"
+                error=1
+            fi
+        fi
+    done
+fi
+
+if (( error )); then
+    die "Failed to $action all \'validpgpkeys\' entries."
+fi