Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tarbomb in release src tarball file #19066

Open
eleksir opened this issue Mar 12, 2022 · 5 comments
Open

Tarbomb in release src tarball file #19066

eleksir opened this issue Mar 12, 2022 · 5 comments
Labels
good first issue Hacktoberfest kind/package reviewed/confirmed

Comments

@eleksir
Copy link

@eleksir eleksir commented Mar 12, 2022

Gitea Version

1.16.3

Git Version

N/A

Operating System

N/A

How are you running Gitea?

tar xf gitea-src-1.16.3.tar.gz

Database

No response

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

N/A

Description

Gitea official src, gitea-src-1.16.3.tar.gz, (from releases page at github, particulary at release of 1.16.3) contains tarbomb. Such behavior is considered bad etiquette on the part of the archive's creator.

Expected behavior is (after untarring) to find this pile of files in subdir named gitea-src-1.16.3 or even better in subdir named gitea-1.16.3.

Screenshots

N/A
@wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf
Copy link
Contributor

@wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf commented Mar 12, 2022

fair point, IMO, this shouldn't be hard to fix.
what I usually tend to do anyway is automaticaly create a folder for pretty much any archive I am untarring, then use tar with -C newfolder. those times I forget to prepare a folder hurt, though.

@lunny
Copy link
Member

@lunny lunny commented Mar 14, 2022

That's generated by Github I think, maybe you should submit an issue to them?

@eleksir
Copy link
Author

@eleksir eleksir commented Mar 15, 2022

twpayne/chezmoi#1576

absolutely same thing but it was resolved without Github intervention.

@techknowlogick
Copy link
Member

@techknowlogick techknowlogick commented Mar 15, 2022

gitea-src-1.16.3.tar.gz (and similar) is a custom tar that we create in the make-release step of CI, so it would need to be updated in our CI.

@zeripath
Copy link
Contributor

@zeripath zeripath commented Mar 16, 2022
edited

We'd need to use --transform or --xform option in the tar within the release-sources target in the Makefile here:

gitea/Makefile

Line 648 in ed1d95c

tar $(addprefix $(EXCL),$(TAR_EXCLUDES)) -czf $(DIST)/release/gitea-src-$(VERSION).tar.gz .

@eleksir would you like to test and propose a PR?

documentation for the tar command and the --transform option can be found here:

https://www.gnu.org/software/tar/manual/html_section/transform.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Hacktoberfest kind/package reviewed/confirmed
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants
@lunny @techknowlogick @zeripath @eleksir @wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf