Bump version to 20151002

This is needed in order to use GPG's auto-key-retrieve keyserver option,
otherwise the keyring will get copied to the chroot before the required
keys are retrieved during 'makepkg --verifysource'.

Makefile

@@ -1,4 +1,4 @@
-V=20141224
+V=20151002
 
 PREFIX = /usr/local
 

commitpkg.in

@@ -147,7 +147,7 @@ for _arch in ${arch[@]}; do
 			if [[ -n $GPGKEY ]]; then
 				SIGNWITHKEY="-u ${GPGKEY}"
 			fi
-			gpg --detach-sign --use-agent ${SIGNWITHKEY} "${pkgfile}" || die
+			gpg --detach-sign --use-agent --no-armor ${SIGNWITHKEY} "${pkgfile}" || die
 		fi
 		if ! gpg --verify "$sigfile" >/dev/null 2>&1; then
 			die "Signature %s.sig is incorrect!" "$pkgfile"

makechrootpkg.in

@@ -66,60 +66,6 @@ usage() {
 	exit 1
 }
 
-orig_argv=("$@")
-
-while getopts 'hcur:I:l:nTD:d:' arg; do
-	case "$arg" in
-		c) clean_first=true ;;
-		D) bindmounts_ro+=(--bind-ro="$OPTARG") ;;
-		d) bindmounts_rw+=(--bind="$OPTARG") ;;
-		u) update_first=true ;;
-		r) passeddir="$OPTARG" ;;
-		I) install_pkgs+=("$OPTARG") ;;
-		l) copy="$OPTARG" ;;
-		n) run_namcap=true; makepkg_args+=(-i) ;;
-		T) temp_chroot=true; copy+="-$$" ;;
-		h|*) usage ;;
-	esac
-done
-
-[[ ! -f PKGBUILD && -z "${install_pkgs[*]}" ]] && die 'This must be run in a directory containing a PKGBUILD.'
-
-check_root "$0" "${orig_argv[@]}"
-
-# Canonicalize chrootdir, getting rid of trailing /
-chrootdir=$(readlink -e "$passeddir")
-[[ ! -d $chrootdir ]] && die "No chroot dir defined, or invalid path '%s'" "$passeddir"
-[[ ! -d $chrootdir/root ]] && die "Missing chroot dir root directory. Try using: mkarchroot %s/root base-devel" "$chrootdir"
-
-# Detect chrootdir filesystem type
-chroottype=$(stat -f -c %T "$chrootdir")
-
-if [[ ${copy:0:1} = / ]]; then
-	copydir=$copy
-else
-	copydir="$chrootdir/$copy"
-fi
-
-# Pass all arguments after -- right to makepkg
-makepkg_args+=("${@:$OPTIND}")
-
-# See if -R was passed to makepkg
-for arg in "${@:OPTIND}"; do
-	case ${arg%%=*} in
-		-*R*|--repackage)
-			repack=true
-			break 2
-			;;
-	esac
-done
-
-if [[ -n $SUDO_USER ]]; then
-	eval "USER_HOME=~$SUDO_USER"
-else
-	USER_HOME=$HOME
-fi
-
 # {{{ functions
 load_vars() {
 	local makepkg_conf="$1" var
@@ -207,10 +153,12 @@ prepare_chroot() {
 		echo 'BUILDDIR="/build"' >> "$copydir/etc/makepkg.conf"
 	fi
 
-	# Read .makepkg.conf and .gnupg/pubring.gpg even if called via sudo
-	if [[ -r "$USER_HOME/.gnupg/pubring.gpg" ]]; then
-		install -D "$USER_HOME/.gnupg/pubring.gpg" \
-			   "$copydir/build/.gnupg/pubring.gpg"
+	# Read .makepkg.conf and gnupg pubring
+	if [[ -r $USER_HOME/.gnupg/pubring.kbx ]]; then
+		install -D "$USER_HOME/.gnupg/pubring.kbx" "$copydir/build/.gnupg/pubring.kbx"
+	fi
+	if [[ -r $USER_HOME/.gnupg/pubring.gpg ]]; then
+		install -D "$USER_HOME/.gnupg/pubring.gpg" "$copydir/build/.gnupg/pubring.gpg"
 	fi
 
 	mkdir -p "$copydir/pkgdest"
@@ -363,6 +311,60 @@ move_products() {
 }
 # }}}
 
+orig_argv=("$@")
+
+while getopts 'hcur:I:l:nTD:d:' arg; do
+	case "$arg" in
+		c) clean_first=true ;;
+		D) bindmounts_ro+=(--bind-ro="$OPTARG") ;;
+		d) bindmounts_rw+=(--bind="$OPTARG") ;;
+		u) update_first=true ;;
+		r) passeddir="$OPTARG" ;;
+		I) install_pkgs+=("$OPTARG") ;;
+		l) copy="$OPTARG" ;;
+		n) run_namcap=true; makepkg_args+=(-i) ;;
+		T) temp_chroot=true; copy+="-$$" ;;
+		h|*) usage ;;
+	esac
+done
+
+[[ ! -f PKGBUILD && -z "${install_pkgs[*]}" ]] && die 'This must be run in a directory containing a PKGBUILD.'
+
+check_root "$0" "${orig_argv[@]}"
+
+# Canonicalize chrootdir, getting rid of trailing /
+chrootdir=$(readlink -e "$passeddir")
+[[ ! -d $chrootdir ]] && die "No chroot dir defined, or invalid path '%s'" "$passeddir"
+[[ ! -d $chrootdir/root ]] && die "Missing chroot dir root directory. Try using: mkarchroot %s/root base-devel" "$chrootdir"
+
+# Detect chrootdir filesystem type
+chroottype=$(stat -f -c %T "$chrootdir")
+
+if [[ ${copy:0:1} = / ]]; then
+	copydir=$copy
+else
+	copydir="$chrootdir/$copy"
+fi
+
+# Pass all arguments after -- right to makepkg
+makepkg_args+=("${@:$OPTIND}")
+
+# See if -R was passed to makepkg
+for arg in "${@:OPTIND}"; do
+	case ${arg%%=*} in
+		-*R*|--repackage)
+			repack=true
+			break 2
+			;;
+	esac
+done
+
+if [[ -n $SUDO_USER ]]; then
+	eval "USER_HOME=~$SUDO_USER"
+else
+	USER_HOME=$HOME
+fi
+
 umask 0022
 
 load_vars "$USER_HOME/.makepkg.conf"
@@ -382,10 +384,10 @@ $update_first && arch-nspawn "$copydir" \
 
 [[ -n ${install_pkgs[*]} ]] && install_packages
 
-prepare_chroot
-
 download_sources
 
+prepare_chroot
+
 if arch-nspawn "$copydir" \
 	--bind-ro="$PWD:/startdir_host" \
 	--bind-ro="$SRCDEST:/srcdest_host" \

makepkg-i686.conf

@@ -19,7 +19,7 @@ DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %
 # /usr/bin/lftpget -c
 # /usr/bin/wget
 
-#-- The the package required by makepkg to download VCS sources
+#-- The package required by makepkg to download VCS sources
 #  Format: 'protocol::package'
 VCSCLIENTS=('bzr::bzr'
             'git::git'
@@ -37,8 +37,8 @@ CHOST="i686-pc-linux-gnu"
 # -march (or -mcpu) builds exclusively for an architecture
 # -mtune optimizes for an architecture, but builds for whole processor family
 CPPFLAGS="-D_FORTIFY_SOURCE=2"
-CFLAGS="-march=i686 -mtune=generic -O2 -pipe -fstack-protector-strong --param=ssp-buffer-size=4"
-CXXFLAGS="-march=i686 -mtune=generic -O2 -pipe -fstack-protector-strong --param=ssp-buffer-size=4"
+CFLAGS="-march=i686 -mtune=generic -O2 -pipe -fstack-protector-strong"
+CXXFLAGS="-march=i686 -mtune=generic -O2 -pipe -fstack-protector-strong"
 LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro"
 #-- Make Flags: change this for DistCC/SMP systems
 #MAKEFLAGS="-j2"
@@ -50,17 +50,16 @@ DEBUG_CXXFLAGS="-g -fvar-tracking-assignments"
 # BUILD ENVIRONMENT
 #########################################################################
 #
-# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign)
+# Defaults: BUILDENV=(!distcc color !ccache check !sign)
 #  A negated environment option will do the opposite of the comments below.
 #
-#-- fakeroot: Allow building packages as a non-root user
 #-- distcc:   Use the Distributed C/C++/ObjC compiler
 #-- color:    Colorize output messages
 #-- ccache:   Use ccache to cache compilation
 #-- check:    Run the check() function if present in the PKGBUILD
 #-- sign:     Generate PGP signature file
 #
-BUILDENV=(fakeroot !distcc color !ccache check !sign)
+BUILDENV=(!distcc color !ccache check !sign)
 #
 #-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
 #-- specify a space-delimited list of hosts running in the DistCC cluster.

makepkg-x86_64.conf

@@ -19,7 +19,7 @@ DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %
 # /usr/bin/lftpget -c
 # /usr/bin/wget
 
-#-- The the package required by makepkg to download VCS sources
+#-- The package required by makepkg to download VCS sources
 #  Format: 'protocol::package'
 VCSCLIENTS=('bzr::bzr'
             'git::git'
@@ -37,8 +37,8 @@ CHOST="x86_64-unknown-linux-gnu"
 # -march (or -mcpu) builds exclusively for an architecture
 # -mtune optimizes for an architecture, but builds for whole processor family
 CPPFLAGS="-D_FORTIFY_SOURCE=2"
-CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong --param=ssp-buffer-size=4"
-CXXFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong --param=ssp-buffer-size=4"
+CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong"
+CXXFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong"
 LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro"
 #-- Make Flags: change this for DistCC/SMP systems
 #MAKEFLAGS="-j2"
@@ -50,17 +50,16 @@ DEBUG_CXXFLAGS="-g -fvar-tracking-assignments"
 # BUILD ENVIRONMENT
 #########################################################################
 #
-# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign)
+# Defaults: BUILDENV=(!distcc color !ccache check !sign)
 #  A negated environment option will do the opposite of the comments below.
 #
-#-- fakeroot: Allow building packages as a non-root user
 #-- distcc:   Use the Distributed C/C++/ObjC compiler
 #-- color:    Colorize output messages
 #-- ccache:   Use ccache to cache compilation
 #-- check:    Run the check() function if present in the PKGBUILD
 #-- sign:     Generate PGP signature file
 #
-BUILDENV=(fakeroot !distcc color !ccache check !sign)
+BUILDENV=(!distcc color !ccache check !sign)
 #
 #-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
 #-- specify a space-delimited list of hosts running in the DistCC cluster.

pacman-gnome-unstable.conf

@@ -72,6 +72,9 @@ LocalFileSigLevel = Optional
 [gnome-unstable]
 Include = /etc/pacman.d/mirrorlist
 
+[staging]
+Include = /etc/pacman.d/mirrorlist
+
 [testing]
 Include = /etc/pacman.d/mirrorlist
 
@@ -81,6 +84,9 @@ Include = /etc/pacman.d/mirrorlist
 [extra]
 Include = /etc/pacman.d/mirrorlist
 
+[community-staging]
+Include = /etc/pacman.d/mirrorlist
+
 [community-testing]
 Include = /etc/pacman.d/mirrorlist