pkgcheck

Synopsis

pkgcheck [-h] [--version] [--debug] [-q] [-v] [--color BOOLEAN] [--add-config SECTION KEY VALUE] [--new-config SECTION KEY VALUE] [--empty-config] [--config PATH] [--domain DOMAIN] {scan,cache,replay,show} ...

Description

pkgcheck is a QA utility based on pkgcore(5) that supports scanning ebuild repositories for various issues.

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--version

Show this program's version information and exit.

When running from within a git repo or a version installed from git the latest commit hash and date will be shown.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other sitations where stdout is not a tty.

Config Options

--add-config SECTION KEY VALUE

modify existing pkgcore config section

--new-config SECTION KEY VALUE

add new pkgcore config section

--empty-config

skip loading user/system pkgcore config

--config PATH

use custom pkgcore config file

--domain DOMAIN

custom pkgcore domain to use for this operation

Subcommands

check applets

pkgcheck scan - scan targets for QA issues

Synopsis

pkgcheck scan [--config CONFIG_FILE] [-R REPORTER] [--format FORMAT_STR] [-h] [--debug] [-q] [-v] [--color BOOLEAN] [-r REPO] [-f {latest,repo}] [-j JOBS] [-t TASKS] [--cache CACHE] [--cache-dir CACHE_DIR] [--exit [KEYWORD]] [--net] [-s SCOPE] [-c CHECK] [-k KEYWORD] [-a ARCH] [--commits [COMMIT]] [--glsa-dir GLSA_DIR] [--source-arches ARCH] [-p PROFILE] [--timeout TIMEOUT] [--user-agent USER_AGENT] [--reset-caching-per {version,package,category}] [TARGET [TARGET ...]]

Positional Arguments

TARGET

optional targets

Config Options

--config CONFIG_FILE

Load custom pkgcheck scan settings from a given file.

Note that custom user settings override all other system and repo-level settings.

It's also possible to disable all types of settings loading by specifying an argument of 'false' or 'no'.

Reporter Options

-R REPORTER, --reporter REPORTER

Select a reporter to use for output.

Use pkgcheck show --reporters to see available options.

--format FORMAT_STR

Custom format string used to format output by FormatReporter.

Supports python format string syntax where result object attribute names surrounded by curly braces are replaced with their values (if they exist).

For example, --format '{category}/{package}/{package}-{version}.ebuild will output ebuild paths in the target repo for results relating to specific ebuild versions. If a result is for the generic package (or a higher scope), no output will be produced for that result.

Furthermore, no output will be produced if a result object is missing any requested attribute expansion in the format string. In other words, --format {foo} will never produce any output because no result has the foo attribute.

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other sitations where stdout is not a tty.

Main Options

-r REPO, --repo REPO

repo to pull packages from

-f {latest,repo}, --filter {latest,repo}

Support limiting targeted packages for scanning using a chosen filter.

If the 'repo' argument is used, all package visibility mechanisms used by the package manager when resolving package dependencies such as ACCEPT_KEYWORDS, ACCEPT_LICENSE, and package.mask will be enabled.

If the 'latest' argument is used, only the latest package per slot of both VCS and non-VCS types will be scanned.

-j JOBS, --jobs JOBS

Number of checks to run in parallel, defaults to using all available processors.

-t TASKS, --tasks TASKS

Number of asynchronous tasks to run concurrently (defaults to 5 * CPU count).

--cache CACHE

All cache types are enabled by default, this option explicitly sets which caches will be generated and used during scanning.

To enable only certain cache types, specify them in a comma-separated list, e.g. --cache git,profiles will enable both the git and profiles caches.

To disable specific cache types prefix them with -. Note that when starting the argument list with a disabled value an equals sign must be used, e.g. --cache=-git, otherwise the disabled argument is treated as an option.

In order to disable all cache usage, it's easiest to use --cache no instead of explicitly listing all disabled cache types.

When disabled, no caches will be saved to disk and results requiring caches (e.g. git-related checks) will be skipped.

--cache-dir CACHE_DIR

directory to use for storing cache files

--exit [KEYWORD]

Comma separated list of keywords to enable and disable that trigger a failed exit status. If no arguments or only disabled arguments are passed, the set of error level results are used as enabled arguments.

To specify disabled keywords prefix them with -. Also, the special arguments of error, warning, and info correspond to all error, warning, and info keywords, respectively.

Check Selection

--net

enable checks that require network access

-s SCOPE, --scopes SCOPE

Comma separated list of scopes to enable and disable for scanning. Any scopes specified in this fashion will affect the checks that get run. For example, running pkgcheck with only the repo scope enabled will cause only repo-level checks to run.

Available scopes: git, profiles, eclass, repo, cat, pkg, ver

-c CHECK, --checks CHECK

Comma separated list of checks to enable and disable for scanning. Any checks specified in this fashion will be the only checks that get run, skipping any disabled checks.

To specify disabled checks prefix them with -. Note that when starting the argument list with a disabled check an equals sign must be used, e.g. -c=-check, otherwise the disabled check argument is treated as an option.

The special argument of all corresponds to the list of all checks. Therefore, to forcibly enable all checks use -c all.

In addition, all network-related checks (which are disabled by default) can be enabled using -c net. This allows for easily running only network checks without having to explicitly list them.

Use pkgcheck show --checks see available options.

-k KEYWORD, --keywords KEYWORD

Comma separated list of keywords to enable and disable for scanning. Any keywords specified in this fashion will be the only keywords that get reported, skipping any disabled keywords.

To specify disabled keywords prefix them with -. Note that when starting the argument list with a disabled keyword an equals sign must be used, e.g. -k=-keyword, otherwise the disabled keyword argument is treated as an option.

The special arguments of error, warning, and info correspond to the lists of error, warning, and info keywords, respectively. For example, to only scan for errors use -k error.

Use pkgcheck show --keywords to see available options.

Plugin Options

--glsa-dir GLSA_DIR

custom glsa directory

--source-arches ARCH

Comma separated list of arches to compare against for lagging stabilization.

The default arches are all stable arches (unless --arches is specified).

Arches

-a ARCH, --arches ARCH

Comma separated list of arches to enable and disable.

To specify disabled arches prefix them with '-'. Note that when starting the argument list with a disabled arch an equals sign must be used, e.g. -a=-arch, otherwise the disabled arch argument is treated as an option.

By default all repo defined arches are used; however, stable-related checks (e.g. UnstableOnly) default to the set of arches having stable profiles in the target repo.

Git

Git repo support for various checks.

Pkgcheck can create virtual package repos from a given git repo's history in order to provide more info for checks relating to stable requests, outdated blockers, or local commits. These virtual repos are cached and updated every run if new commits are detected.

Git repos must have a supported config in order to work properly. Specifically, pkgcheck assumes that both origin and master branches exist and relate to the upstream and local development states, respectively.

Additionally, the origin/HEAD ref must exist. If it doesn't, running git fetch origin should create it. Otherwise, using git remote set-head origin master or similar will also create the reference.

--commits [COMMIT]

For a local git repo, pkgcheck will determine targets to scan from the committed changes compared to a given reference that defaults to the repo's origin.

For example, to scan all the packages that have been changed in the current branch compared to the branch named 'old' use pkgcheck scan --commits old. For two separate branches named 'old' and 'new' use pkgcheck scan --commits old..new.

Note that will also enable eclass-specific checks if it determines any commits have been made to eclasses.

Profiles

-p PROFILE, --profiles PROFILE

Comma separated list of profiles to enable and disable for scanning. Any profiles specified in this fashion will be the only profiles that get scanned, skipping any disabled profiles. In addition, if no profiles are explicitly enabled, all profiles defined in the target repo's profiles.desc file will be scanned except those marked as experimental (exp).

To specify disabled profiles prefix them with - which removes the from the list of profiles to be considered. Note that when starting the argument list with a disabled profile an equals sign must be used, e.g. -p=-path/to/profile, otherwise the disabled profile argument is treated as an option.

The special keywords of stable, dev, exp, and deprecated correspond to the lists of stable, development, experimental, and deprecated profiles, respectively. Therefore, to only scan all stable profiles pass the stable argument to --profiles. Additionally the keyword all can be used to scan all defined profiles in the target repo.

Network

--timeout TIMEOUT

timeout used for network checks

--user-agent USER_AGENT

custom user agent spoofing

Query Caching

--reset-caching-per {version,package,category}

control how often the cache is cleared (version, package or category)

pkgcheck cache - perform cache operations

Synopsis

pkgcheck cache [-h] [--debug] [-q] [-v] [--color BOOLEAN] [--cache-dir CACHE_DIR] [-l | -u | -r] [-f] [-n] [-t CACHE] [-a ARCH] [-p PROFILE] [--commits [COMMIT]]

Optional Arguments

--cache-dir CACHE_DIR

directory to use for storing cache files

-l, --list

list available caches

-u, --update

update caches

-r, --remove

forcibly remove caches

-f, --force

forcibly update/remove caches

-n, --dry-run

dry run without performing any changes

-t CACHE, --type CACHE

target cache types

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other sitations where stdout is not a tty.

Arches

-a ARCH, --arches ARCH

Comma separated list of arches to enable and disable.

To specify disabled arches prefix them with '-'. Note that when starting the argument list with a disabled arch an equals sign must be used, e.g. -a=-arch, otherwise the disabled arch argument is treated as an option.

By default all repo defined arches are used; however, stable-related checks (e.g. UnstableOnly) default to the set of arches having stable profiles in the target repo.

Profiles

-p PROFILE, --profiles PROFILE

Comma separated list of profiles to enable and disable for scanning. Any profiles specified in this fashion will be the only profiles that get scanned, skipping any disabled profiles. In addition, if no profiles are explicitly enabled, all profiles defined in the target repo's profiles.desc file will be scanned except those marked as experimental (exp).

To specify disabled profiles prefix them with - which removes the from the list of profiles to be considered. Note that when starting the argument list with a disabled profile an equals sign must be used, e.g. -p=-path/to/profile, otherwise the disabled profile argument is treated as an option.

The special keywords of stable, dev, exp, and deprecated correspond to the lists of stable, development, experimental, and deprecated profiles, respectively. Therefore, to only scan all stable profiles pass the stable argument to --profiles. Additionally the keyword all can be used to scan all defined profiles in the target repo.

Git

Git repo support for various checks.

Pkgcheck can create virtual package repos from a given git repo's history in order to provide more info for checks relating to stable requests, outdated blockers, or local commits. These virtual repos are cached and updated every run if new commits are detected.

Git repos must have a supported config in order to work properly. Specifically, pkgcheck assumes that both origin and master branches exist and relate to the upstream and local development states, respectively.

Additionally, the origin/HEAD ref must exist. If it doesn't, running git fetch origin should create it. Otherwise, using git remote set-head origin master or similar will also create the reference.

--commits [COMMIT]

For a local git repo, pkgcheck will determine targets to scan from the committed changes compared to a given reference that defaults to the repo's origin.

For example, to scan all the packages that have been changed in the current branch compared to the branch named 'old' use pkgcheck scan --commits old. For two separate branches named 'old' and 'new' use pkgcheck scan --commits old..new.

Note that will also enable eclass-specific checks if it determines any commits have been made to eclasses.

pkgcheck replay - replay result streams

Synopsis

pkgcheck replay [-R REPORTER] [--format FORMAT_STR] [-h] [--debug] [-q] [-v] [--color BOOLEAN] FILE

Positional Arguments

FILE

path to serialized results file

Reporter Options

-R REPORTER, --reporter REPORTER

Select a reporter to use for output.

Use pkgcheck show --reporters to see available options.

--format FORMAT_STR

Custom format string used to format output by FormatReporter.

Supports python format string syntax where result object attribute names surrounded by curly braces are replaced with their values (if they exist).

For example, --format '{category}/{package}/{package}-{version}.ebuild will output ebuild paths in the target repo for results relating to specific ebuild versions. If a result is for the generic package (or a higher scope), no output will be produced for that result.

Furthermore, no output will be produced if a result object is missing any requested attribute expansion in the format string. In other words, --format {foo} will never produce any output because no result has the foo attribute.

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other sitations where stdout is not a tty.

pkgcheck show - show various pkgcheck info

Synopsis

pkgcheck show [-h] [--debug] [-q] [-v] [--color BOOLEAN] [-k | -c | -s | -r]

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other sitations where stdout is not a tty.

List Options

-k, --keywords

List all available keywords.

Use -v/--verbose to show keywords sorted into the scope they run at (repository, category, package, or version) along with their descriptions.

-c, --checks

List all available checks.

Use -v/--verbose to show descriptions and possible keyword results for each check.

-s, --scopes

List all available keyword and check scopes.

Use -v/--verbose to show scope descriptions.

-r, --reporters

List all available reporters.

Use -v/--verbose to show reporter descriptions.

Keywords

List of result keywords that can be produced by pkgcheck.

Commit scope

BadCommitSummary

Local package commit with poorly formatted or unmatching commit summary.

Git commit messages for packages should be formatted in the standardized fashion described in the devmanual 1. Specifically, a ${CATEGORY}/${PN}: or ${CATEGORY}/${P}: prefix should be used in the summary relating to the modified package.

1

https://devmanual.gentoo.org/ebuild-maintenance/git/#git-commit-message-format

InvalidCommitMessage

Local commit has issues with its commit message. - Gentoo repo specific

InvalidCommitTag

Local commit has a tag that is incompliant.

Commit tags have restrictions as to the allowed format and data used per GLEP 66 2.

2

https://www.gentoo.org/glep/glep-0066.html#commit-messages

MissingSignOff

Local commit with missing sign offs.

Sign offs are required for commits as specified by GLEP 76 3. Note that sign off tags will be flagged if the name or email address doesn't match the values used by the commit author.

3

https://www.gentoo.org/glep/glep-0076.html#certificate-of-origin

Profiles scope

EclassBashSyntaxError

Bash syntax error in the related eclass.

EclassDocError

Error when parsing docs for the related eclass.

Eclass docs are parsed as specified by the devmanual 4.

4

https://devmanual.gentoo.org/eclass-writing/#documenting-eclasses

EclassDocMissingFunc

Undocumented function(s) in the related eclass.

EclassDocMissingVar

Undocumented variable(s) in the related eclass.

All exported variables in an eclass should be documented using eclass doc tags. Temporary variables should be unset after use so they aren't exported.

EclassIncorrectCopyright

Changed eclass with incorrect copyright date. - Gentoo repo specific

EclassInvalidCopyright

File with invalid copyright.

The file does not start with a valid copyright line. Each ebuild or eclass file must start with a copyright line of the form:

# Copyright YEARS MAIN-CONTRIBUTOR [OTHER-CONTRIBUTOR]... [and others]

Files in the Gentoo repository must use:

# Copyright YEARS Gentoo Authors

EclassInvalidLicenseHeader

File with invalid license header.

The file does not have with a valid license header.

Ebuilds and eclasses in the Gentoo repository must use:

# Distributed under the terms of the GNU General Public License v2

EclassNonGentooAuthorsCopyright

File with copyright stating owner other than "Gentoo Authors".

The file specifies explicit copyright owner, while the Gentoo repository policy specifies that all ebuilds and eclasses must use "Gentoo Authors". If the owner is not listed in metadata/AUTHORS, addition can be requested via bugs.gentoo.org. - Gentoo repo specific

EclassOldGentooCopyright

File with old Gentoo Foundation copyright.

The file still assigns copyright to the Gentoo Foundation even though it has been committed after the new copyright policy was approved (2018-10-21).

Ebuilds and eclasses in Gentoo repository must use 'Gentoo Authors' instead. Files in other repositories may specify an explicit copyright holder instead. - Gentoo repo specific

ArchesWithoutProfiles

Arches without corresponding profile listings.

LaggingProfileEapi

Profile has an EAPI that is older than one of its parents.

NonexistentCategories

Category entries in profiles/categories that don't exist in the repo.

NonexistentProfilePath

Specified profile path in profiles.desc doesn't exist.

ProfileError

Erroneously formatted data in various profile files.

ProfileWarning

Badly formatted data in various profile files.

UnknownCategoryDirs

Category directories that aren't listed in a repo's categories.

Or the categories of the repo's masters as well.

UnknownProfilePackageKeywords

Profile files include package keywords that don't exist.

UnknownProfilePackageUse

Profile files include entries with USE flags that aren't used on any matching packages.

UnknownProfilePackages

Profile files include package entries that don't exist in the repo.

UnknownProfileUse

Profile files include USE flags that don't exist.

UnusedProfileDirs

Unused profile directories detected.

BadPackageUpdate

Badly formatted package update in profiles/updates files.

MovedPackageUpdate

Entry for package already moved in profiles/updates files.

MultiMovePackageUpdate

Entry for package moved multiple times in profiles/updates files.

OldMultiMovePackageUpdate

Old entry for removed package moved multiple times in profiles/updates files.

This means that the reported pkg has been moved at least three times and finally removed from the tree. All the related lines should be removed from the update files.

OldPackageUpdate

Old entry for removed package in profiles/updates files.

RedundantPackageUpdate

Move entry to the same package/slot (source == target).

Eclass scope

EclassBashSyntaxError

Bash syntax error in the related eclass.

EclassDocError

Error when parsing docs for the related eclass.

Eclass docs are parsed as specified by the devmanual 5.

5

https://devmanual.gentoo.org/eclass-writing/#documenting-eclasses

EclassDocMissingFunc

Undocumented function(s) in the related eclass.

EclassDocMissingVar

Undocumented variable(s) in the related eclass.

All exported variables in an eclass should be documented using eclass doc tags. Temporary variables should be unset after use so they aren't exported.

EclassIncorrectCopyright

Changed eclass with incorrect copyright date. - Gentoo repo specific

EclassInvalidCopyright

File with invalid copyright.

The file does not start with a valid copyright line. Each ebuild or eclass file must start with a copyright line of the form:

# Copyright YEARS MAIN-CONTRIBUTOR [OTHER-CONTRIBUTOR]... [and others]

Files in the Gentoo repository must use:

# Copyright YEARS Gentoo Authors

EclassInvalidLicenseHeader

File with invalid license header.

The file does not have with a valid license header.

Ebuilds and eclasses in the Gentoo repository must use:

# Distributed under the terms of the GNU General Public License v2

EclassNonGentooAuthorsCopyright

File with copyright stating owner other than "Gentoo Authors".

The file specifies explicit copyright owner, while the Gentoo repository policy specifies that all ebuilds and eclasses must use "Gentoo Authors". If the owner is not listed in metadata/AUTHORS, addition can be requested via bugs.gentoo.org. - Gentoo repo specific

EclassOldGentooCopyright

File with old Gentoo Foundation copyright.

The file still assigns copyright to the Gentoo Foundation even though it has been committed after the new copyright policy was approved (2018-10-21).

Ebuilds and eclasses in Gentoo repository must use 'Gentoo Authors' instead. Files in other repositories may specify an explicit copyright holder instead. - Gentoo repo specific

ArchesWithoutProfiles

Arches without corresponding profile listings.

LaggingProfileEapi

Profile has an EAPI that is older than one of its parents.

NonexistentCategories

Category entries in profiles/categories that don't exist in the repo.

NonexistentProfilePath

Specified profile path in profiles.desc doesn't exist.

ProfileError

Erroneously formatted data in various profile files.

ProfileWarning

Badly formatted data in various profile files.

UnknownCategoryDirs

Category directories that aren't listed in a repo's categories.

Or the categories of the repo's masters as well.

UnknownProfilePackageKeywords

Profile files include package keywords that don't exist.

UnknownProfilePackageUse

Profile files include entries with USE flags that aren't used on any matching packages.

UnknownProfilePackages

Profile files include package entries that don't exist in the repo.

UnknownProfileUse

Profile files include USE flags that don't exist.

UnusedProfileDirs

Unused profile directories detected.

BadPackageUpdate

Badly formatted package update in profiles/updates files.

MovedPackageUpdate

Entry for package already moved in profiles/updates files.

MultiMovePackageUpdate

Entry for package moved multiple times in profiles/updates files.

OldMultiMovePackageUpdate

Old entry for removed package moved multiple times in profiles/updates files.

This means that the reported pkg has been moved at least three times and finally removed from the tree. All the related lines should be removed from the update files.

OldPackageUpdate

Old entry for removed package in profiles/updates files.

RedundantPackageUpdate

Move entry to the same package/slot (source == target).

Repo scope

ConflictingAccountIdentifiers

Same UID/GID is used by multiple packages.

IncorrectCopyright

Changed file with incorrect copyright date. - Gentoo repo specific

  • level: warning

  • related checks:

InvalidCopyright

File with invalid copyright.

The file does not start with a valid copyright line. Each ebuild or eclass file must start with a copyright line of the form:

# Copyright YEARS MAIN-CONTRIBUTOR [OTHER-CONTRIBUTOR]... [and others]

Files in the Gentoo repository must use:

# Copyright YEARS Gentoo Authors

  • Gentoo repo specific

  • level: error

  • related checks:

InvalidLicenseHeader

File with invalid license header.

The file does not have with a valid license header.

Ebuilds and eclasses in the Gentoo repository must use:

# Distributed under the terms of the GNU General Public License v2

  • Gentoo repo specific

  • level: error

  • related checks:

NonGentooAuthorsCopyright

File with copyright stating owner other than "Gentoo Authors".

The file specifies explicit copyright owner, while the Gentoo repository policy specifies that all ebuilds and eclasses must use "Gentoo Authors". If the owner is not listed in metadata/AUTHORS, addition can be requested via bugs.gentoo.org. - Gentoo repo specific

  • level: error

  • related checks:

OldGentooCopyright

File with old Gentoo Foundation copyright.

The file still assigns copyright to the Gentoo Foundation even though it has been committed after the new copyright policy was approved (2018-10-21).

Ebuilds and eclasses in Gentoo repository must use 'Gentoo Authors' instead. Files in other repositories may specify an explicit copyright holder instead. - Gentoo repo specific

  • level: warning

  • related checks:

BinaryFile

Binary file found in the repository. - Gentoo repo specific

EmptyCategoryDir

Empty category directory in the repository. - Gentoo repo specific

EmptyPackageDir

Empty package directory in the repository. - Gentoo repo specific

EmptyProject

A project has no developers.

PotentialGlobalUse

Local USE flag is a potential global USE flag.

PotentialLocalUse

Global USE flag is a potential local USE flag.

UnknownLicenses

License(s) listed in license group(s) that don't exist.

UnusedEclasses

Unused eclasses detected.

UnusedGlobalUse

Unused use.desc flag(s).

UnusedLicenses

Unused license(s) detected.

UnusedMirrors

Unused mirrors detected.

Category scope

CatBadlyFormedXml

Badly formed category metadata.xml.

CatInvalidXml

Invalid category metadata.xml.

CatMetadataXmlEmptyElement

Empty element in category metadata.xml file.

CatMetadataXmlIndentation

Inconsistent indentation in category metadata.xml file.

Either all tabs or all spaces should be used, not a mixture of both.

CatMetadataXmlInvalidCatRef

Invalid category reference in category metadata.xml.

CatMetadataXmlInvalidPkgRef

Invalid package reference in category metadata.xml.

CatMissingMetadataXml

Category is missing metadata.xml.

Package scope

DirectNoMaintainer

Directly added, new package with no specified maintainer. - Gentoo repo specific

DroppedStableKeywords

Stable keywords dropped from package. - Gentoo repo specific

DroppedUnstableKeywords

Unstable keywords dropped from package. - Gentoo repo specific

MissingMove

Package was renamed without adding a move package update.

When moving/renaming a package, a new entry must be created in profiles/updates. See the devmanual 6 for more info.

6

https://devmanual.gentoo.org/ebuild-maintenance/package-moves/

MatchingGlobalUse

Local USE flag description matches a global USE flag.

ProbableGlobalUse

Local USE flag description closely matches a global USE flag.

ProbableUseExpand

Local USE flag that isn't overridden matches a USE_EXPAND group.

The local USE flag starts with a prefix reserved to USE_EXPAND group, yet it is not a globally defined member of this group. According to the standing policy 7, all possible values for each USE_EXPAND must be defined and documented globally.

This warning can be fixed via moving the local flag description into appropriate profiles/desc file.

7

https://devmanual.gentoo.org/general-concepts/use-flags/

UnderscoreInUseFlag

USE flag uses underscore that is reserved for USE_EXPAND.

The USE flag name uses underscore. However, according to PMS underscores are reserved for USE_EXPAND flags 8. The recommended replacement is hyphen ('-').

8

https://projects.gentoo.org/pms/7/pms.html#x1-200003.1.4

UnusedLocalUse

Unused local USE flag(s).

MaintainerNeeded

Package with missing or invalid maintainer-needed comment in metadata.xml.

MaintainerWithoutProxy

Package has a proxied maintainer without a proxy.

All package maintainers have non-@gentoo.org e-mail addresses. Most likely, this means that the package is maintained by a proxied maintainer but there is no explicit proxy (developer or project) listed. This means no Gentoo developer will be CC-ed on bug reports, and most likely no developer oversees the proxied maintainer's activity.

NonexistentProjectMaintainer

Package specifying nonexistent project as a maintainer.

PkgBadlyFormedXml

Badly formed package metadata.xml.

PkgInvalidXml

Invalid package metadata.xml.

PkgMetadataXmlEmptyElement

Empty element in package metadata.xml file.

PkgMetadataXmlIndentation

Inconsistent indentation in package metadata.xml file.

Either all tabs or all spaces should be used, not a mixture of both.

PkgMetadataXmlInvalidCatRef

Invalid category reference in package metadata.xml.

PkgMetadataXmlInvalidPkgRef

Invalid package reference in package metadata.xml.

PkgMissingMetadataXml

Package is missing metadata.xml.

RedundantLongDescription

Package's longdescription element in metadata.xml and DESCRIPTION are interchangeable.

The longdescription element is for providing extended information that doesn't fit in DESCRIPTION.

StaleProxyMaintProject

Package lists proxy-maint project but has no proxied maintainers.

The package explicitly lists proxy-maint@g.o as the only maintainer. Most likely, this means that the proxied maintainer has been removed but proxy-maint was left over.

WrongMaintainerType

A person-type maintainer matches an existing project.

BannedCharacter

File or directory name doesn't abide by GLEP 31 requirements.

See the official GLEP 31 documentation 9 for details.

9

https://www.gentoo.org/glep/glep-0031.html

DuplicateFiles

Two or more identical files in FILESDIR.

EmptyFile

File in FILESDIR is empty.

EqualVersions

Ebuilds that have equal versions.

For example, cat/pn-1.0.2, cat/pn-1.0.2-r0, cat/pn-1.0.2-r00 and cat/pn-1.000.2 all have equal versions according to PMS and therefore shouldn't exist in the same repository.

ExecutableFile

File has executable bit, but doesn't need it.

InvalidPN

Ebuilds that have invalid package names.

InvalidUTF8

File isn't UTF-8 compliant.

LiveOnlyPackage

Package has only had VCS-based ebuilds. - Gentoo repo specific

MismatchedPN

Ebuilds that have different names than their parent directory.

SizeViolation

File in $FILESDIR is too large (current limit is 20KiB).

UnknownPkgDirEntry

Unknown files or directories in package directory.

Relevant for the gentoo repo only since the spec states that a package directory may contain other files or directories.

InvalidManifest

Package's Manifest file is invalid.

UnknownManifest

Manifest entries not matching any SRC_URI targets.

UnnecessaryManifest

Manifest entries for non-DIST targets on a repo with thin manifests enabled.

UnstableOnly

Package/keywords that are strictly unstable. - Gentoo repo specific

Version scope

MissingAccountIdentifier

UID/GID can not be found in account package.

OutsideRangeAccountIdentifier

UID/GID outside allowed allocation range.

RedundantVersion

Redundant version(s) of a package in a specific slot.

BannedEapiCommand

Ebuild uses a banned EAPI command.

DeprecatedEapiCommand

Ebuild uses a deprecated EAPI command.

DeprecatedInsinto

Ebuild uses insinto where more compact commands exist.

DoublePrefixInPath

Ebuild uses two consecutive paths including EPREFIX.

Ebuild combines two path variables (or a variable and a getter), both of which include EPREFIX, resulting in double prefixing. This is the case when combining many pkg-config-based or alike getters with ED or EROOT.

For example, ${ED}$(python_get_sitedir) should be replaced with ${D}$(python_get_sitedir).

HomepageInSrcUri

${HOMEPAGE} is referenced in SRC_URI.

SRC_URI is built on top of ${HOMEPAGE}. This is discouraged since HOMEPAGE is multi-valued by design, and is subject to potential changes that should not accidentally affect SRC_URI.

IndirectInherits

Ebuild uses function from indirectly inherited eclass.

That doesn't allow indirect inherit usage via the @INDIRECT_INHERITS eclass doc tag in a parent eclass.

InternalEclassFunc

Ebuild uses internal functions from eclass.

MissingInherits

Ebuild uses function from eclass that isn't inherited.

MissingSlash

Ebuild uses a path variable missing a trailing slash.

ObsoleteUri

URI used is obsolete.

The URI used to fetch distfile is obsolete and can be replaced by something more modern. Note that the modern replacement usually results in different file contents, so you need to rename it (to avoid mirror collisions with the old file) and update the ebuild (for example, by removing no longer necessary vcs-snapshot.eclass).

RedundantDodir

Ebuild using a redundant dodir call.

StaticSrcUri

SRC_URI contains static value instead of the dynamic equivalent.

For example, using static text to relate to the package version in SRC_URI instead of ${P} or ${PV} where relevant.

UnnecessarySlashStrip

Ebuild uses a path variable that strips a nonexistent slash.

UnusedInherits

Ebuild inherits eclasses that are unused.

VariableInHomepage

HOMEPAGE includes a variable.

The HOMEPAGE ebuild variable entry in the devmanual 10 states only raw text should be used.

10

https://devmanual.gentoo.org/ebuild-writing/variables/#ebuild-defined-variables

DroppedKeywords

Arch keywords dropped during version bumping.

DeprecatedEclass

Package uses an eclass that is deprecated/abandoned.

DuplicateEclassInherits

An ebuild directly inherits the same eclass multiple times.

Note that this will flag ebuilds that conditionalize global metadata by package version (or some other fashion) while inheriting the same eclass under both branches, e.g. conditional live ebuilds. In this case, shared eclasses should be loaded in a separate, unconditional inherit call.

DirectStableKeywords

Newly committed ebuild with stable keywords. - Gentoo repo specific

EbuildIncorrectCopyright

Changed ebuild with incorrect copyright date. - Gentoo repo specific

MissingSlotmove

Package SLOT was changed without adding a slotmove package update.

When changing an existing ebuild's SLOT, a new entry must be created in profiles/updates. See the devmanual 11 for more info.

11

https://devmanual.gentoo.org/ebuild-maintenance/package-moves/

RdependChange

Package RDEPEND was modified without adding a new ebuild revision. - Gentoo repo specific

VulnerablePackage

Packages marked as vulnerable by GLSAs. - Gentoo repo specific

EbuildInvalidCopyright

File with invalid copyright.

The file does not start with a valid copyright line. Each ebuild or eclass file must start with a copyright line of the form:

# Copyright YEARS MAIN-CONTRIBUTOR [OTHER-CONTRIBUTOR]... [and others]

Files in the Gentoo repository must use:

# Copyright YEARS Gentoo Authors

EbuildInvalidLicenseHeader

File with invalid license header.

The file does not have with a valid license header.

Ebuilds and eclasses in the Gentoo repository must use:

# Distributed under the terms of the GNU General Public License v2

EbuildNonGentooAuthorsCopyright

File with copyright stating owner other than "Gentoo Authors".

The file specifies explicit copyright owner, while the Gentoo repository policy specifies that all ebuilds and eclasses must use "Gentoo Authors". If the owner is not listed in metadata/AUTHORS, addition can be requested via bugs.gentoo.org. - Gentoo repo specific

EbuildOldGentooCopyright

File with old Gentoo Foundation copyright.

The file still assigns copyright to the Gentoo Foundation even though it has been committed after the new copyright policy was approved (2018-10-21).

Ebuilds and eclasses in Gentoo repository must use 'Gentoo Authors' instead. Files in other repositories may specify an explicit copyright holder instead. - Gentoo repo specific

LaggingStable

Stable arches for stabilized package that are lagging from a stabling standpoint.

PotentialStable

Stable arches with potential stable package candidates.

BadDependency

Package dependency is bad for some reason.

BadDescription

Package's description is bad for some reason.

BadFilename

URI uses unspecific or poor filename(s).

Archive filenames should be disambiguated using -> to rename them.

BadHomepage

A package's HOMEPAGE is bad for some reason.

See the HOMEPAGE ebuild variable entry in the devmanual 12 for more information.

12

https://devmanual.gentoo.org/ebuild-writing/variables/#ebuild-defined-variables

BadKeywords

Packages using -* should use package.mask instead.

BadProtocol

URI uses an unsupported protocol.

Valid protocols are currently: http, https, and ftp

BannedEapi

Package's EAPI is banned according to repo metadata.

DeprecatedDep

Package dependencies matching deprecated packages flagged in profiles/package.deprecated.

DeprecatedEapi

Package's EAPI is deprecated according to repo metadata.

DuplicateKeywords

Packages having duplicate KEYWORDS.

InvalidBdepend

Package has invalid BDEPEND.

InvalidDepend

Package has invalid DEPEND.

InvalidEapi

Package's EAPI is invalid.

InvalidLicense

Package's LICENSE is invalid.

InvalidPdepend

Package has invalid PDEPEND.

InvalidProperties

Package's PROPERTIES is invalid.

InvalidRdepend

Package has invalid RDEPEND.

InvalidRequiredUse

Package's REQUIRED_USE is invalid.

InvalidRestrict

Package's RESTRICT is invalid.

InvalidSlot

Package's SLOT is invalid.

InvalidSrcUri

Package's SRC_URI is invalid.

InvalidUseFlags

Package IUSE contains invalid USE flags.

MissingLicense

Package has no LICENSE defined.

MissingLicenseFile

Used license(s) have no matching license file(s).

MissingLicenseRestricts

Restrictive license used without matching RESTRICT.

MissingPackageRevision

Missing package revision in =cat/pkg dependencies.

The dependency string uses the = operator without specifying a revision. This means that only -r0 of the dependency will be matched, and newer revisions of the same ebuild will not be accepted.

If any revision of the package is acceptable, the ~ operator should be used instead of =. If only the initial revision of the dependency is allowed, -r0 should be appended in order to make the intent explicit.

MissingSlotDep

Missing slot value in dependencies.

The package dependency does not specify a slot but the target package has multiple slots. The behavior for satisfying this kind of dependency is not strictly defined, and may result in either any or the newest package slot being accepted.

Please verify whether the package works with all the dependency slots. If only one slot is actually acceptable, specify it explicitly. If multiple slots are acceptable, please use either := or explicit :* slot operator. The operators are described in detail in the devmanual 13.

13

https://devmanual.gentoo.org/general-concepts/dependencies/#slot-dependencies

MissingTestRestrict

Missing RESTRICT="!test? ( test )".

Traditionally, it was assumed that IUSE=test is a special flag that is implicitly enabled when running src_test() is enabled. However, this is not standarized and packages need to explicitly specify RESTRICT="!test? ( test )" in order to guarantee that test phase will be skipped when the flag is disabled and therefore test dependencies may not be installed.

MissingUnpackerDep

Missing dependency on a required unpacker package.

Package uses an archive format for which an unpacker is not provided by the system set, and lacks an explicit dependency on the unpacker package.

MissingUri

RESTRICT=fetch isn't set, yet no full URI exists.

MissingUseDepDefault

Package dependencies with USE dependencies missing defaults.

MissingVirtualKeywords

Virtual packages with keywords missing from their dependencies.

NonexistentBlocker

No matches for blocker dependency in repo history.

For the gentoo repo this means it was either removed before the CVS -> git transition (which occurred around 2015-08-08) or it never existed at all.

Note that this ignores slot/subslot deps and USE deps in blocker atoms.

OutdatedBlocker

Blocker dependency removed at least two years ago from the tree.

Note that this ignores slot/subslot deps and USE deps in blocker atoms.

OverlappingKeywords

Packages having overlapping arch and ~arch KEYWORDS.

RedundantUriRename

URI uses a redundant rename that doesn't change the filename.

RequiredUseDefaults

Default USE flag settings don't satisfy REQUIRED_USE.

The REQUIRED_USE constraints specified in the ebuild are not satisfied by the default USE flags used in one or more profiles. This means that users on those profiles may be unable to install the package out of the box, without having to modify package.use.

This warning is usually fixed via using IUSE defaults to enable one of the needed flags, modifying package.use in the most relevant profiles or modifying REQUIRED_USE.

SourcingError

Failed sourcing ebuild.

TarballAvailable

URI uses .zip archive when .tar* is available.

Tarballs should be preferred over zip archives due to better compression and no extra unpack dependencies.

UnknownKeywords

Packages using unknown KEYWORDS.

UnknownMirror

URI uses an unknown mirror.

UnknownProperties

Package's PROPERTIES metadata has unknown entries.

UnknownRestrict

Package's RESTRICT metadata has unknown entries.

UnknownUseFlags

Package IUSE contains unknown USE flags.

UnnecessaryLicense

LICENSE defined for package that is license-less.

UnsortedKeywords

Packages with unsorted KEYWORDS.

KEYWORDS should be sorted in alphabetical order with prefix keywords (those with hyphens in them, e.g. amd64-fbsd) after regular arches and globs (e.g. -*) before them.

UnstatedIuse

Package is reliant on conditionals that aren't in IUSE.

UnsupportedEclassEapi

Ebuild inherits an eclass with outdated @SUPPORTED_EAPIS.

DeadUrl

Package with a dead URL of some type.

HttpsUrlAvailable

URL uses http:// when https:// is available.

RedirectedUrl

Package with a URL that permanently redirects to a different site.

SSLCertificateError

Package with https:// HOMEPAGE with an invalid SSL cert.

UnusedInMastersEclasses

Eclasses detected that are unused in the master repo(s).

In other words, they're likely to be removed so should be copied to the overlay.

UnusedInMastersGlobalUse

Global USE flags detected that are unused in the master repo(s).

In other words, they're likely to be removed so should be copied to the overlay.

UnusedInMastersLicenses

Licenses detected that are unused in the master repo(s).

In other words, they're likely to be removed so should be copied to the overlay.

UnusedInMastersMirrors

Mirrors detected that are unused in the master repo(s).

In other words, they're likely to be removed so should be copied to the overlay.

MismatchedPerlVersion

A package's normalized perl module version doesn't match its $PV.

MissingPythonEclass

Package depends on Python but does not use the eclasses.

All packages depending on Python are required to use one of the following python eclasses: python-r1, python-single-r1, or python-any-r1. For documentation on choosing the correct eclass, please see the Python project wiki page on eclasses 14.

14

https://wiki.gentoo.org/wiki/Project:Python/Eclasses

PythonCompatUpdate

PYTHON_COMPAT can be updated to support newer python version(s).

PythonEclassError

Generic python eclass error.

PythonMissingDeps

Package is missing PYTHON_DEPS.

The python-r1 and python-single-r1 eclasses require the packages to explicitly reference ${PYTHON_DEPS} in RDEPEND (and DEPEND, if necessary); python-any-r1 requires it in DEPEND.

If Python is used conditionally, the dependency can be wrapped in appropriate USE conditionals.

PythonMissingRequiredUse

Package is missing PYTHON_REQUIRED_USE.

The python-r1 and python-single-r1 eclasses require the packages to explicitly specify REQUIRED_USE=${PYTHON_REQUIRED_USE}. If Python is used conditionally, it can be wrapped in appropriate USE conditionals.

PythonRuntimeDepInAnyR1

Package depends on Python at runtime but uses any-r1 eclass.

The python-any-r1 eclass is meant to be used purely for build-time dependencies on Python. However, this package lists Python as a runtime dependency. If this is intentional, the package needs to switch to python-r1 or python-single-r1 eclass, otherwise the runtime dependency should be removed.

ConflictingChksums

Checksum conflict detected between two files.

DeprecatedChksum

A file in the chksum data does not use modern checksum set.

MatchingChksums

Two distfiles share the same checksums but use different names.

MissingChksum

A file in the chksum data lacks required checksums.

MissingManifest

SRC_URI targets missing from Manifest file.

StableRequest

Unstable ebuild with no changes for over 30 days. - Gentoo repo specific

NonexistentDeps

No matches exist for a package dependency.

NonsolvableDepsInDev

No potential solution for dependency on dev profile.

NonsolvableDepsInExp

No potential solution for dependency on exp profile.

NonsolvableDepsInStable

No potential solution for dependency on stable profile.

UncheckableDep

Given dependency cannot be checked due to the number of transitive use deps in it.

VisibleVcsPkg

Package is VCS-based, but visible.

BadWhitespaceCharacter

Ebuild uses whitespace that isn't a tab, newline, or single space.

Bash does not treat unicode whitespace characters as regular whitespace so commands or operators separated by such characters will be treated as one string. This usually causes execution errors if the characters are used for separation purposes outside of comments or regular strings.

DoubleEmptyLine

Unneeded blank lines found.

NoFinalNewline

Ebuild's last line does not have a final newline.

TrailingEmptyLine

Unneeded trailing blank lines found.

WhitespaceFound

Leading or trailing whitespace found.

WrongIndentFound

Incorrect indentation whitespace found.

Checks

List of checks that can be selected to run.

By default, all checks that operate at the current scope or below will be run. In other words, if running inside a package directory in a repo, only checks that operate at a package or version scope will be run. On the other hand, when running against an entire repo, all defined checks will be run.

Commit scope

GitCommitsCheck

Check unpushed git commits for various issues.

  • Gentoo repo specific

(known results: InvalidCommitMessage, InvalidCommitTag, MissingSignOff)

Profiles scope

EclassCheck

Scan eclasses for various issues.

(known results: `EclassBashSyntaxError`_, `EclassDocError`_, `EclassDocMissingFunc`_, `EclassDocMissingVar`_)

GitEclassCommitsCheck

Check unpushed git eclass commits for various issues.

  • Gentoo repo specific

(known result: `EclassIncorrectCopyright`_)

EclassHeaderCheck

Scan eclasses for incorrect copyright/license headers.

  • Gentoo repo specific

(known results: `EclassInvalidCopyright`_, `EclassInvalidLicenseHeader`_, `EclassNonGentooAuthorsCopyright`_, `EclassOldGentooCopyright`_)

RepoProfilesCheck

Scan repo for various profiles directory issues.

Including unknown arches in profiles, arches without profiles, and unknown categories.

(known results: `ArchesWithoutProfiles`_, `LaggingProfileEapi`_, `NonexistentCategories`_, `NonexistentProfilePath`_, `ProfileError`_, `ProfileWarning`_, `UnknownCategoryDirs`_, `UnusedProfileDirs`_)

PackageUpdatesCheck

Scan profiles/updates/* for outdated entries and other issues.

(known results: `BadPackageUpdate`_, `MovedPackageUpdate`_, `MultiMovePackageUpdate`_, `OldMultiMovePackageUpdate`_, `OldPackageUpdate`_, `RedundantPackageUpdate`_)

Eclass scope

EclassCheck

Scan eclasses for various issues.

(known results: `EclassBashSyntaxError`_, `EclassDocError`_, `EclassDocMissingFunc`_, `EclassDocMissingVar`_)

GitEclassCommitsCheck

Check unpushed git eclass commits for various issues.

  • Gentoo repo specific

(known result: `EclassIncorrectCopyright`_)

EclassHeaderCheck

Scan eclasses for incorrect copyright/license headers.

  • Gentoo repo specific

(known results: `EclassInvalidCopyright`_, `EclassInvalidLicenseHeader`_, `EclassNonGentooAuthorsCopyright`_, `EclassOldGentooCopyright`_)

RepoProfilesCheck

Scan repo for various profiles directory issues.

Including unknown arches in profiles, arches without profiles, and unknown categories.

(known results: `ArchesWithoutProfiles`_, `LaggingProfileEapi`_, `NonexistentCategories`_, `NonexistentProfilePath`_, `ProfileError`_, `ProfileWarning`_, `UnknownCategoryDirs`_, `UnusedProfileDirs`_)

PackageUpdatesCheck

Scan profiles/updates/* for outdated entries and other issues.

(known results: `BadPackageUpdate`_, `MovedPackageUpdate`_, `MultiMovePackageUpdate`_, `OldMultiMovePackageUpdate`_, `OldPackageUpdate`_, `RedundantPackageUpdate`_)

Repo scope

AcctCheck

Various checks for acct-* packages.

Verify that acct-* packages do not use conflicting, invalid or out-of-range UIDs/GIDs.

(known results: ConflictingAccountIdentifiers, MissingAccountIdentifier, OutsideRangeAccountIdentifier)

UnusedInMastersCheck

Check for various metadata that may be removed from master repos.

(known results: UnusedInMastersEclasses, UnusedInMastersGlobalUse, UnusedInMastersLicenses, UnusedInMastersMirrors)

EmptyDirsCheck

Scan for empty category or package directories.

  • Gentoo repo specific

(known results: EmptyCategoryDir, EmptyPackageDir)

RepoDirCheck

Scan all files in the repository for issues.

  • Gentoo repo specific

(known result: BinaryFile)

GlobalUseCheck

Check global USE and USE_EXPAND flags for various issues.

(known results: PotentialGlobalUse, PotentialLocalUse, UnusedGlobalUse)

LicenseGroupsCheck

Scan license groups for unknown licenses.

(known result: UnknownLicenses)

ManifestCollisionCheck

Search Manifest entries for different types of distfile collisions.

In particular, search for matching filenames with different checksums and different filenames with matching checksums.

(known results: ConflictingChksums, MatchingChksums)

ProjectMetadataCheck

Check projects.xml for issues.

(known result: EmptyProject)

UnusedEclassesCheck

Check for unused eclasses.

(known result: UnusedEclasses)

UnusedLicensesCheck

Check for unused license files.

(known result: UnusedLicenses)

UnusedMirrorsCheck

Check for unused mirrors.

(known result: UnusedMirrors)

Package scope

RedundantVersionCheck

Scan for overshadowed package versions.

Scan for versions that are likely shadowed by later versions from a keywords standpoint (ignoring live packages that erroneously have keywords).

Example: pkga-1 is keyworded amd64, pkga-2 is amd64. pkga-1 can potentially be removed.

(known result: RedundantVersion)

DroppedKeywordsCheck

Scan packages for keyword dropping across versions.

(known result: DroppedKeywords)

GitPkgCommitsCheck

Check unpushed git package commits for various issues.

  • Gentoo repo specific

(known results: BadCommitSummary, DirectNoMaintainer, DirectStableKeywords, DroppedStableKeywords, DroppedUnstableKeywords, EbuildIncorrectCopyright, MissingMove, MissingSlotmove, RdependChange)

ImlateCheck

Scan for ebuilds that are lagging in stabilization.

(known results: LaggingStable, PotentialStable)

LocalUseCheck

Check local USE flags in metadata.xml for various issues.

(known results: MatchingGlobalUse, ProbableGlobalUse, ProbableUseExpand, UnderscoreInUseFlag, UnstatedIuse, UnusedLocalUse)

MetadataUrlCheck

Verify metadata.xml URLs.

(known results: DeadUrl, HttpsUrlAvailable, RedirectedUrl, SSLCertificateError)

EqualVersionsCheck

Scan package ebuilds for semantically equal versions.

(known result: EqualVersions)

LiveOnlyCheck

Scan for packages with only live versions.

  • Gentoo repo specific

(known result: LiveOnlyPackage)

PkgDirCheck

Scan ebuild directory for various file-related issues.

(known results: BannedCharacter, DuplicateFiles, EmptyFile, ExecutableFile, InvalidPN, InvalidUTF8, MismatchedPN, SizeViolation, UnknownPkgDirEntry)

ManifestCheck

Manifest related checks.

Verify that the Manifest file exists, doesn't have missing or extraneous entries, and that the required hashes are in use.

(known results: DeprecatedChksum, InvalidManifest, MissingChksum, MissingManifest, UnknownManifest, UnnecessaryManifest)

StableRequestCheck

Scan for unstable ebuilds with no changes for over 30 days.

By default, only triggered for arches with stable profiles. To check additional arches outside the stable set specify them manually using the -a/--arches option.

Note that packages with no stable keywords won't trigger this at all. Instead they'll be caught by the UnstableOnly check.

  • Gentoo repo specific

(known result: StableRequest)

UnstableOnlyCheck

Scan for packages that have just unstable keywords.

  • Gentoo repo specific

(known result: UnstableOnly)

Version scope

AbsoluteSymlinkCheck

Scan ebuild for dosym absolute path usage instead of relative.

(known result: AbsoluteSymlink)

BadCommandsCheck

Scan ebuild for various deprecated and banned command usage.

(known results: BannedEapiCommand, DeprecatedEapiCommand)

InheritsCheck

Scan for ebuilds with missing or unused eclass inherits.

Note that this check won't be run by default until proper bash parsing is supported since the naive regex implementation has too many issues.

(known results: IndirectInherits, InternalEclassFunc, MissingInherits, UnusedInherits)

InsintoCheck

Scan ebuild for deprecated insinto usage.

(known result: DeprecatedInsinto)

ObsoleteUriCheck

Scan ebuild for obsolete URIs.

(known result: ObsoleteUri)

PathVariablesCheck

Scan ebuild for path variables with various issues.

(known results: DoublePrefixInPath, MissingSlash, UnnecessarySlashStrip)

RawEbuildCheck

Scan raw ebuild content for various issues.

(known results: HomepageInSrcUri, StaticSrcUri, VariableInHomepage)

RedundantDodirCheck

Scan ebuild for redundant dodir usage.

(known result: RedundantDodir)

EclassUsageCheck

Scan packages for various eclass-related issues.

(known results: DeprecatedEclass, DuplicateEclassInherits)

GlsaCheck

Scan for vulnerable ebuilds in the tree.

Requires a GLSA directory for vulnerability info.

  • Gentoo repo specific

(known result: VulnerablePackage)

EbuildHeaderCheck

Scan ebuild for incorrect copyright/license headers.

  • Gentoo repo specific

(known results: EbuildInvalidCopyright, EbuildInvalidLicenseHeader, EbuildNonGentooAuthorsCopyright, EbuildOldGentooCopyright)

DescriptionCheck

DESCRIPTION checks.

Check on length (<=150), too short (<10), or generic (lifted from eclass or just using the package's name.

(known result: BadDescription)

EapiCheck

Scan for packages with banned or deprecated EAPIs.

(known results: BannedEapi, DeprecatedEapi, UnsupportedEclassEapi)

HomepageCheck

HOMEPAGE checks.

(known result: BadHomepage)

IuseCheck

IUSE validity checks.

(known results: InvalidUseFlags, UnknownUseFlags)

KeywordsCheck

Check package keywords for sanity; empty keywords, and -* are flagged.

(known results: BadKeywords, DuplicateKeywords, MissingVirtualKeywords, OverlappingKeywords, UnknownKeywords, UnsortedKeywords)

MissingSlotDepCheck

Check for missing slot dependencies.

(known result: MissingSlotDep)

MissingUnpackerDepCheck

Check whether package is missing unpacker dependencies.

(known result: MissingUnpackerDep)

PropertiesCheck

PROPERTIES related checks.

(known results: InvalidProperties, UnknownProperties, UnstatedIuse)

RequiredUseCheck

REQUIRED_USE validity checks.

(known results: InvalidRequiredUse, RequiredUseDefaults, UnstatedIuse)

RestrictCheck

RESTRICT related checks.

(known results: InvalidRestrict, UnknownRestrict, UnstatedIuse)

RestrictTestCheck

Check whether packages specify RESTRICT="!test? ( test )".

(known result: MissingTestRestrict)

SourcingCheck

Scan for packages with sourcing errors or invalid, sourced metadata variables.

(known results: InvalidEapi, InvalidSlot, SourcingError)

SrcUriCheck

SRC_URI related checks.

Verify that URIs are valid, fetchable, using a supported protocol, and don't use unspecific filenames.

(known results: BadFilename, BadProtocol, InvalidSrcUri, MissingUri, RedundantUriRename, TarballAvailable, UnknownMirror, UnstatedIuse)

FetchablesUrlCheck

Verify SRC_URI URLs.

(known results: DeadUrl, HttpsUrlAvailable, RedirectedUrl, SSLCertificateError)

HomepageUrlCheck

Verify HOMEPAGE URLs.

(known results: DeadUrl, HttpsUrlAvailable, RedirectedUrl, SSLCertificateError)

PerlCheck

Perl ebuild related checks.

(known result: MismatchedPerlVersion)

PythonCheck

Python eclass checks.

Check whether Python eclasses are used for Python packages, and whether they don't suffer from common mistakes.

(known results: MissingPythonEclass, PythonEclassError, PythonMissingDeps, PythonMissingRequiredUse, PythonRuntimeDepInAnyR1)

PythonCompatCheck

Check python ebuilds for possible PYTHON_COMPAT updates.

Supports ebuilds inheriting python-r1, python-single-r1, and python-any-r1.

(known result: PythonCompatUpdate)

VisibilityCheck

Visibility dependency scans.

Check that at least one solution is possible for a pkg, checking all profiles (defined by arch.list) visibility modifiers per stable/unstable keyword.

(known results: NonexistentDeps, NonsolvableDepsInDev, NonsolvableDepsInExp, NonsolvableDepsInStable, UncheckableDep, VisibleVcsPkg)

WhitespaceCheck

Scan ebuild for useless whitespace.

(known results: BadWhitespaceCharacter, DoubleEmptyLine, NoFinalNewline, TrailingEmptyLine, WhitespaceFound, WrongIndentFound)

Reporters

BinaryPickleStream

Dump a binary pickle stream using the highest pickling protocol.

Unlike PickleStream which uses the most compatible pickling protocol available, this uses the newest version so it won't be compatible with older versions of Python.

For more details of the stream, see PickleStream.

CsvReporter

Comma-separated value reporter, convenient for shell processing.

Example:

,,,"global USE flag 'big-endian' is a potential local, used by 1 package: dev-java/icedtea-bin"
sys-apps,portage,2.1-r2,sys-apps/portage-2.1-r2.ebuild has whitespace in indentation on line 169
sys-apps,portage,2.1-r2,"rdepend  ppc-macos: unsolvable default-darwin/macos/10.4, solutions: [ >=app-misc/pax-utils-0.1.13 ]"
sys-apps,portage,2.1-r2,"no change in 75 days, keywords [ ~x86-fbsd ]"

FancyReporter

Colored output grouped by result scope.

Example:

sys-apps/portage
  WrongIndentFound: sys-apps/portage-2.1-r2.ebuild has whitespace in indentation on line 169
  NonsolvableDeps: sys-apps/portage-2.1-r2: rdepend  ppc-macos: unsolvable default-darwin/macos/10.4, solutions: [ >=app-misc/pax-utils-0.1.13 ]
  StableRequest: sys-apps/portage-2.1-r2: no change in 75 days, keywords [ ~x86 ]

FormatReporter

Custom format string reporter.

JsonReporter

Feed of newline-delimited JSON records.

Note that the format is newline-delimited JSON with each line being related to a separate report. To merge the objects together a tool such as jq can be leveraged similar to the following:

jq -c -s 'reduce.[]as$x({};.*$x)' orig.json > new.json

JsonStream

Generate a stream of result objects serialized in JSON.

NullReporter

Reporter used for timing tests; no output.

PickleStream

Generate a stream of pickled objects using the original pickling protocol.

For each specific target for checks, a header is pickled detailing the checks used, possible results, and search criteria.

This reporter uses the original "human-readable" protocol that is backwards compatible with earlier versions of Python.

StrReporter

Simple string reporter, pkgcheck-0.1 behaviour.

Example:

sys-apps/portage-2.1-r2: sys-apps/portage-2.1-r2.ebuild has whitespace in indentation on line 169
sys-apps/portage-2.1-r2: rdepend  ppc-macos: unsolvable default-darwin/macos/10.4, solutions: [ >=app-misc/pax-utils-0.1.13 ]
sys-apps/portage-2.1-r2: no change in 75 days, keywords [ ~x86-fbsd ]

XmlReporter

Feed of newline-delimited XML reports.

Config file support

Config files are supported by pkgcheck scan from any of three locations. Listed in order of increasing precedence these include the following:

  • system config -- /etc/pkgcheck/pkgcheck.conf

  • user config -- ~/.config/pkgcheck/pkgcheck.conf

  • repo config -- metadata/pkgcheck.conf inside an ebuild repo

Any settings from a config file with higher precedence will override matching settings from a config file with a lower precedence, e.g. repo settings override both user and system settings. Note that command line options override any matching config file setting.

In terms of file structure, basic INI formatting is required and allows creating a default section for system-wide settings or repo-specific sections. The INI key-value pairs directly relate to the available long-options supported by pkgcheck scan and their related values. See the following examples for how certain config settings affect scanning:

  • Disable selected checks by default:

    [DEFAULT]
    checks = -UnstableOnlyCheck,-RedundantVersionCheck
    
  • Disable showing info level results for the gentoo repo:

    [gentoo]
    keywords = -info
    
  • Restrict scanning to the amd64 and x86 arches/profiles for the gentoo repo:

    [gentoo]
    arches = amd64,x86
    
  • Enable network checks that require Internet access for the gentoo repo using a custom timeout of 15 seconds:

    [gentoo]
    net =
    timeout = 15
    
  • Use the JSON reporter by default and disable all cache usage:

    [DEFAULT]
    reporter = JsonReporter
    cache = no
    
  • Set the default repo to target:

    [DEFAULT]
    repo = my_overlay
    

Reporting Bugs

Please submit an issue via github:

https://github.com/pkgcore/pkgcheck/issues

You can also stop by #pkgcore on freenode.

See Also

pkgcore(5)