pkgcheck

Synopsis

pkgcheck [-h] [–version] [–debug] [-q] [-v] [–color BOOLEAN] {cache,ci,replay,scan,show} …

Base Options

-h, --help

show this help message and exit

--version

show this program’s version info and exit

--debug

enable debugging checks

-q, --quiet

suppress non-error messages

-v, --verbose

show verbose output

--color BOOLEAN

enable/disable color support

Subcommands

pkgcheck cache - perform cache operations

Synopsis

pkgcheck cache [-r REPO] [-h] [–debug] [-q] [-v] [–color BOOLEAN] [–cache-dir CACHE_DIR] [-l | -u | -R] [-f] [-n] [-t CACHE] [-a ARCH] [-p PROFILE] [–commits [tree-ish] | –staged [tree-ish]] [–git-remote REMOTE]

Description

Various types of caches are used by pkgcheck. This command supports running operations on them including updates and removals.

Options

--cache-dir CACHE_DIR

directory to use for storing cache files

-l, --list

list available caches

-u, --update

update caches

-R, --remove

forcibly remove caches

-f, --force

forcibly update/remove caches

-n, --dry-run

dry run without performing any changes

-t CACHE, --type CACHE

target cache types

Repo Options

-r REPO, --repo REPO

target repo

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other situations where stdout is not a tty.

Arches

-a ARCH, --arches ARCH

Comma separated list of arches to enable and disable.

To specify disabled arches prefix them with ‘-’. Note that when starting the argument list with a disabled arch an equals sign must be used, e.g. -a=-arch, otherwise the disabled arch argument is treated as an option.

By default all repo defined arches are used; however, stable-related checks (e.g. UnstableOnly) default to the set of arches having stable profiles in the target repo.

Profiles

-p PROFILE, --profiles PROFILE

Comma separated list of profiles to enable and disable for scanning. Any profiles specified in this fashion will be the only profiles that get scanned, skipping any disabled profiles. In addition, if no profiles are explicitly enabled, all profiles defined in the target repo’s profiles.desc file will be scanned except those marked as experimental (exp).

To specify disabled profiles prefix them with - which removes the from the list of profiles to be considered. Note that when starting the argument list with a disabled profile an equals sign must be used, e.g. -p=-path/to/profile, otherwise the disabled profile argument is treated as an option.

The special keywords of stable, dev, exp, and deprecated correspond to the lists of stable, development, experimental, and deprecated profiles, respectively. Therefore, to only scan all stable profiles pass the stable argument to –profiles. Additionally the keyword all can be used to scan all defined profiles in the target repo.

Git

Git repo support for various checks.

Pkgcheck can create virtual package repos from a given git repo’s history in order to provide more info for checks relating to stable requests, outdated blockers, or local commits. These virtual repos are cached and updated every run if new commits are detected.

Git repos must have a supported config in order to work properly. Specifically, pkgcheck assumes that the origin branch exists and tracks upstream.

Additionally, the origin/HEAD ref must exist. If it doesn’t, running git remote set-head origin master or similar for other branches will create it.

You can override the default git remote used for all git comparison using --git-remote.

--commits [tree-ish]

Targets are determined from the committed changes compared to a given reference that defaults to the repo’s origin.

For example, to scan all the packages that have been changed in the current branch compared to the branch named ‘old’ use pkgcheck scan --commits old. For two separate branches named ‘old’ and ‘new’ use pkgcheck scan --commits old..new.

--staged [tree-ish]

Targets are determined using all staged changes for the git repo. Unstaged changes and untracked files are ignored by temporarily stashing them during the scanning process.

--git-remote REMOTE

The git remote to be used for all operations by pkgcheck. The default value, and the recommended value is origin, but you can use any valid git remote name.

pkgcheck ci - scan repo for CI

Synopsis

pkgcheck ci [-h] [–debug] [-q] [-v] [–color BOOLEAN] [–failures FAILURES]

Options

--failures FAILURES

file path for storing failure results

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other situations where stdout is not a tty.

pkgcheck replay - replay result streams

Synopsis

pkgcheck replay [-R REPORTER] [–format FORMAT_STR] [-h] [–debug] [-q] [-v] [–color BOOLEAN] FILE

Description

Replay previous json result streams, feeding the results into a reporter.

Useful if you need to delay acting on results until it can be done in one minimal window, e.g. updating a database, or want to generate several different reports.

Positional Arguments

FILE

path to serialized results file

Reporter Options

-R REPORTER, --reporter REPORTER

Select a reporter to use for output.

Use pkgcheck show --reporters to see available options.

--format FORMAT_STR

Custom format string used to format output by FormatReporter.

Supports python format string syntax where result object attribute names surrounded by curly braces are replaced with their values (if they exist).

For example, --format '{category}/{package}/{package}-{version}.ebuild will output ebuild paths in the target repo for results relating to specific ebuild versions. If a result is for the generic package (or a higher scope), no output will be produced for that result.

Furthermore, no output will be produced if a result object is missing any requested attribute expansion in the format string. In other words, --format {foo} will never produce any output because no result has the foo attribute.

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other situations where stdout is not a tty.

pkgcheck scan - scan targets for QA issues

Synopsis

pkgcheck scan [–config CONFIG_FILE] [-r REPO] [-R REPORTER] [–format FORMAT_STR] [-h] [–debug] [-q] [-v] [–color BOOLEAN] [-f FILTER] [-j JOBS] [-t TASKS] [–cache CACHE] [–cache-dir CACHE_DIR] [–exit [ITEM]] [–net] [-C CHECKSET] [-s SCOPE] [-c CHECK] [-k KEYWORD] [-a ARCH] [-p PROFILE] [–stable-only] [–commits [tree-ish] | –staged [tree-ish]] [–git-remote REMOTE] [–glsa-dir GLSA_DIR] [–source-arches ARCH] [–timeout TIMEOUT] [–user-agent USER_AGENT] [–stabletime DAYS] [–reset-caching-per {version,package,category}] [TARGET …]

Positional Arguments

TARGET

optional targets

Config Options

--config CONFIG_FILE

Load custom pkgcheck scan settings from a given file.

Note that custom user settings override all other system and repo-level settings.

It’s also possible to disable all types of settings loading by specifying an argument of ‘false’ or ‘no’.

Repo Options

-r REPO, --repo REPO

target repo

Reporter Options

-R REPORTER, --reporter REPORTER

Select a reporter to use for output.

Use pkgcheck show --reporters to see available options.

--format FORMAT_STR

Custom format string used to format output by FormatReporter.

Supports python format string syntax where result object attribute names surrounded by curly braces are replaced with their values (if they exist).

For example, --format '{category}/{package}/{package}-{version}.ebuild will output ebuild paths in the target repo for results relating to specific ebuild versions. If a result is for the generic package (or a higher scope), no output will be produced for that result.

Furthermore, no output will be produced if a result object is missing any requested attribute expansion in the format string. In other words, --format {foo} will never produce any output because no result has the foo attribute.

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other situations where stdout is not a tty.

Main Options

-f FILTER, --filter FILTER

Support limiting targeted packages for scanning using a chosen filter.

If the ‘latest’ argument is used, only the latest package per slot of both VCS and non-VCS types will be scanned. This can either be specified individually in which case the filter will be applied globally to all checks or it can be applied to specific checksets, checks, or keywords using the syntax ‘latest:ObjName’ which would apply the filter to the keyword, check, or checkset named ObjName (in that order of precedence).

By default, some checks have filtering enabled, e.g. various network-related checks are filtered to avoid redundant or unnecessary server requests. In order to forcibly disable all filtering use the ‘no’ argument.

-j JOBS, --jobs JOBS

Number of checks to run in parallel, defaults to using all available processors.

-t TASKS, --tasks TASKS

Number of asynchronous tasks to run concurrently (defaults to 5 * CPU count).

--cache CACHE

All cache types are enabled by default, this option explicitly sets which caches will be generated and used during scanning.

To enable only certain cache types, specify them in a comma-separated list, e.g. --cache git,profiles will enable both the git and profiles caches.

To disable specific cache types prefix them with -. Note that when starting the argument list with a disabled value an equals sign must be used, e.g. --cache=-git, otherwise the disabled argument is treated as an option.

In order to disable all cache usage, it’s easiest to use --cache no instead of explicitly listing all disabled cache types.

When disabled, no caches will be saved to disk and results requiring caches (e.g. git-related checks) will be skipped.

--cache-dir CACHE_DIR

directory to use for storing cache files

--exit [ITEM]

Comma-separated list of checksets, checks, or keywords to enable and disable that trigger an exit status failure. Checkset and check arguments expand into their respective keyword sets.

If no arguments or only disabled arguments are passed, enabled arguments are the set of error level keywords.

To specify disabled keywords prefix them with -. Also, the special arguments of error, warning, style, and info correspond to the related keyword groups.

Check Selection

--net

enable checks that require network access

-C CHECKSET, --checksets CHECKSET

Comma-separated list of checksets to enable and disable for scanning.

The special argument of all corresponds to the list of all checks. Therefore, to forcibly enable all checks use -C all.

All network-related checks (which are disabled by default) can be enabled using -C net. This allows for easily running only network checks without having to explicitly list them.

-s SCOPE, --scopes SCOPE

Comma-separated list of scopes to enable and disable for scanning. Any scopes specified in this fashion will affect the checks that get run. For example, running pkgcheck with only the repo scope enabled will cause only repo-level checks to run.

Available scopes: git, profiles, eclass, repo, cat, pkg, ver

-c CHECK, --checks CHECK

Comma-separated list of checks to enable and disable for scanning. Any checks specified in this fashion will be the only checks that get run, skipping any disabled checks.

To disable checks prefix them with -. Note that when starting the argument list with a disabled check an equals sign must be used, e.g. -c=-check, otherwise the disabled check argument is treated as an option.

Additive arguments are also supported using the prefix + that adds to the default set of enabled checks. This is useful in order to enable optional checks in addition to the default set.

Use pkgcheck show --checks see all available checks.

-k KEYWORD, --keywords KEYWORD

Comma-separated list of keywords to enable and disable for scanning. Any keywords specified in this fashion will be the only keywords that get reported, skipping any disabled keywords.

To specify disabled keywords prefix them with -. Note that when starting the argument list with a disabled keyword an equals sign must be used, e.g. -k=-keyword, otherwise the disabled keyword argument is treated as an option.

The special arguments of error, warning, style, and info correspond to the related keyword groups. For example, to only scan for errors use -k error.

Use pkgcheck show --keywords to see available options.

Plugin Options

--stable-only

If enabled, for each slot, only consider redundant versions with stable keywords. This is useful for cases of cleanup after successful stabilization.

--glsa-dir GLSA_DIR

custom glsa directory

--source-arches ARCH

Comma separated list of arches to compare against for lagging stabilization.

The default arches are all stable arches (unless –arches is specified).

--stabletime DAYS

An integer number of days before a package version is flagged by StableRequestCheck. Defaults to 30 days.

Arches

-a ARCH, --arches ARCH

Comma separated list of arches to enable and disable.

To specify disabled arches prefix them with ‘-’. Note that when starting the argument list with a disabled arch an equals sign must be used, e.g. -a=-arch, otherwise the disabled arch argument is treated as an option.

By default all repo defined arches are used; however, stable-related checks (e.g. UnstableOnly) default to the set of arches having stable profiles in the target repo.

Profiles

-p PROFILE, --profiles PROFILE

Comma separated list of profiles to enable and disable for scanning. Any profiles specified in this fashion will be the only profiles that get scanned, skipping any disabled profiles. In addition, if no profiles are explicitly enabled, all profiles defined in the target repo’s profiles.desc file will be scanned except those marked as experimental (exp).

To specify disabled profiles prefix them with - which removes the from the list of profiles to be considered. Note that when starting the argument list with a disabled profile an equals sign must be used, e.g. -p=-path/to/profile, otherwise the disabled profile argument is treated as an option.

The special keywords of stable, dev, exp, and deprecated correspond to the lists of stable, development, experimental, and deprecated profiles, respectively. Therefore, to only scan all stable profiles pass the stable argument to –profiles. Additionally the keyword all can be used to scan all defined profiles in the target repo.

Git

Git repo support for various checks.

Pkgcheck can create virtual package repos from a given git repo’s history in order to provide more info for checks relating to stable requests, outdated blockers, or local commits. These virtual repos are cached and updated every run if new commits are detected.

Git repos must have a supported config in order to work properly. Specifically, pkgcheck assumes that the origin branch exists and tracks upstream.

Additionally, the origin/HEAD ref must exist. If it doesn’t, running git remote set-head origin master or similar for other branches will create it.

You can override the default git remote used for all git comparison using --git-remote.

--commits [tree-ish]

Targets are determined from the committed changes compared to a given reference that defaults to the repo’s origin.

For example, to scan all the packages that have been changed in the current branch compared to the branch named ‘old’ use pkgcheck scan --commits old. For two separate branches named ‘old’ and ‘new’ use pkgcheck scan --commits old..new.

--staged [tree-ish]

Targets are determined using all staged changes for the git repo. Unstaged changes and untracked files are ignored by temporarily stashing them during the scanning process.

--git-remote REMOTE

The git remote to be used for all operations by pkgcheck. The default value, and the recommended value is origin, but you can use any valid git remote name.

Network

--timeout TIMEOUT

timeout used for network checks

--user-agent USER_AGENT

custom user agent spoofing

Query Caching

--reset-caching-per {version,package,category}

control how often the cache is cleared (version, package or category)

pkgcheck show - show various pkgcheck info

Synopsis

pkgcheck show [-h] [–debug] [-q] [-v] [–color BOOLEAN] [-k | -c | -s | -r | -C]

Base Options

-h, --help

Show this help message and exit. To get more information see the related man page.

--debug

Enable debug checks and show verbose debug output.

-q, --quiet

Suppress non-error, informational messages.

-v, --verbose

Increase the verbosity of various output.

--color BOOLEAN

Toggle colored output support. This can be used to forcibly enable color support when piping output or other situations where stdout is not a tty.

List Options

-k, --keywords

List all available keywords.

Use -v/–verbose to show keywords sorted into the scope they run at (repository, category, package, or version) along with their descriptions.

-c, --checks

List all available checks.

Use -v/–verbose to show descriptions and possible keyword results for each check.

-s, --scopes

List all available keyword and check scopes.

Use -v/–verbose to show scope descriptions.

-r, --reporters

List all available reporters.

Use -v/–verbose to show reporter descriptions.

-C, --caches

List all available cache types.

Use -v/–verbose to show more cache information.

Keywords

List of result keywords that can be produced by pkgcheck.

Commit scope

BadCommitSummary

Local package commit with poorly formatted or unmatching commit summary.

Git commit messages for packages should be formatted in the standardized fashion described in the devmanual [1]. Specifically, a ${CATEGORY}/${PN}: or ${CATEGORY}/${P}: prefix should be used in the summary relating to the modified package.

InvalidCommitMessage

Local commit has issues with its commit message.

InvalidCommitTag

Local commit has a tag that is incompliant.

Commit tags have restrictions as to the allowed format and data used per GLEP 66 [2].

MissingSignOff

Local commit with missing sign offs.

Sign offs are required for commits as specified by GLEP 76 [3]. Note that sign off tags will be flagged if the name or email address doesn’t match the values used by the commit author.

Profiles scope

ArchesOutOfSync

profiles/arches.desc is out of sync with arch.list.

ArchesWithoutProfiles

Arches without corresponding profile listings.

BannedProfileEapi

Profile has an EAPI that is banned in the repository.

DeprecatedProfileEapi

Profile has an EAPI that is deprecated in the repository.

LaggingProfileEapi

Profile has an EAPI that is older than one of its parents.

NonexistentCategories

Category entries in profiles/categories that don’t exist in the repo.

NonexistentProfilePath

Specified profile path in profiles.desc doesn’t exist.

OutdatedProfilePackage

Profile files includes package entry that doesn’t exist in the repo

for a mentioned period of time.

This is only reported if the version was removed more than 3 months ago, or all versions of this package were removed (i.e. last-rite).

ProfileError

Erroneously formatted data in various profile files.

ProfileMissingImplicitExpandValues

Profile is missing USE_EXPAND_VALUES for implicit USE_EXPAND group.

ProfileWarning

Badly formatted data in various profile files.

UnknownCategoryDirs

Category directories that aren’t listed in a repo’s categories.

Or the categories of the repo’s masters as well.

UnknownProfileArch

Profile includes unknown ARCH.

UnknownProfilePackage

Profile files includes package entry that doesn’t exist in the repo.

UnknownProfilePackageKeywords

Profile files include package keywords that don’t exist.

UnknownProfilePackageUse

Profile files include entries with USE flags that aren’t used on any matching packages.

UnknownProfileUse

Profile files include USE flags that don’t exist.

UnknownProfileUseExpand

Profile includes nonexistent USE_EXPAND group(s).

UnknownProfileUseExpandValue

Profile defines unknown default values for USE_EXPAND group.

UnmatchedProfilePackageUnmask

The profile’s files include a package.unmask (or similar) entry which

negates a non-existent mask, i.e. it undoes a mask which doesn’t exist in the parent profile.

No atoms matching this entry were found in the parent profile to unmask.

UnusedProfileDirs

Unused profile directories detected.

BadPackageUpdate

Badly formatted package update in profiles/updates files.

MovedPackageUpdate

Entry for package already moved in profiles/updates files.

MultiMovePackageUpdate

Entry for package moved multiple times in profiles/updates files.

OldMultiMovePackageUpdate

Old entry for removed package moved multiple times in profiles/updates files.

This means that the reported pkg has been moved at least three times and finally removed from the tree. All the related lines should be removed from the update files.

OldPackageUpdate

Old entry for removed package in profiles/updates files.

RedundantPackageUpdate

Move entry to the same package/slot (source == target).

Eclass scope

EclassUnquotedVariable

Variable is used unquoted in a context where it should be quoted.

Variables like D, FILESDIR, etc may not be safe to use unquoted in some contexts.

EclassBashSyntaxError

Bash syntax error in the related eclass.

EclassDocError

Error when parsing docs for the related eclass.

Eclass docs are parsed as specified by the devmanual [4].

EclassDocMissingFunc

Undocumented function(s) in the related eclass.

EclassDocMissingVar

Undocumented variable(s) in the related eclass.

All exported variables in an eclass should be documented using eclass doc tags. Temporary variables should be unset after use so they aren’t exported.

EclassExportFuncsBeforeInherit

EXPORT_FUNCTIONS called before inherit.

The EXPORT_FUNCTIONS call should occur after all inherits are done in order to guarantee consistent behavior across all package managers.

EclassVariableScope

Eclass using variable outside its defined scope.

EclassIncorrectCopyright

Changed eclass with incorrect copyright date.

EclassInvalidCopyright

File with invalid copyright.

The file does not start with a valid copyright line. Each ebuild or eclass file must start with a copyright line of the form:

# Copyright YEARS MAIN-CONTRIBUTOR [OTHER-CONTRIBUTOR]... [and others]

Files in the Gentoo repository must use:

# Copyright YEARS Gentoo Authors

EclassInvalidLicenseHeader

File with invalid license header.

The file does not have with a valid license header.

Ebuilds and eclasses in the Gentoo repository must use:

# Distributed under the terms of the GNU General Public License v2

EclassNonGentooAuthorsCopyright

File with copyright stating owner other than “Gentoo Authors”.

The file specifies explicit copyright owner, while the Gentoo repository policy specifies that all ebuilds and eclasses must use “Gentoo Authors”. If the owner is not listed in metadata/AUTHORS, addition can be requested via bugs.gentoo.org.

EclassOldGentooCopyright

File with old Gentoo Foundation copyright.

The file still assigns copyright to the Gentoo Foundation even though it has been committed after the new copyright policy was approved (2018-10-21).

Ebuilds and eclasses in Gentoo repository must use ‘Gentoo Authors’ instead. Files in other repositories may specify an explicit copyright holder instead.

EclassReservedName

Eclass uses reserved variable or function name for package manager.

Repo scope

ConflictingAccountIdentifiers

Same UID/GID is used by multiple packages.

  • Gentoo repo specific

  • level: error

  • related check: AcctCheck

UnquotedVariable

Variable is used unquoted in a context where it should be quoted.

Variables like D, FILESDIR, etc may not be safe to use unquoted in some contexts.

  • Gentoo repo specific

  • level: warning

  • related checks:

VariableScope

Variable used outside its defined scope.

  • Gentoo repo specific

  • level: warning

  • related checks:

IncorrectCopyright

Changed file with incorrect copyright date.

  • Gentoo repo specific

  • level: warning

  • related checks:

InvalidCopyright

File with invalid copyright.

The file does not start with a valid copyright line. Each ebuild or eclass file must start with a copyright line of the form:

# Copyright YEARS MAIN-CONTRIBUTOR [OTHER-CONTRIBUTOR]... [and others]

Files in the Gentoo repository must use:

# Copyright YEARS Gentoo Authors
  • Gentoo repo specific

  • level: error

  • related checks:

InvalidLicenseHeader

File with invalid license header.

The file does not have with a valid license header.

Ebuilds and eclasses in the Gentoo repository must use:

# Distributed under the terms of the GNU General Public License v2
  • Gentoo repo specific

  • level: error

  • related checks:

NonGentooAuthorsCopyright

File with copyright stating owner other than “Gentoo Authors”.

The file specifies explicit copyright owner, while the Gentoo repository policy specifies that all ebuilds and eclasses must use “Gentoo Authors”. If the owner is not listed in metadata/AUTHORS, addition can be requested via bugs.gentoo.org.

  • Gentoo repo specific

  • level: error

  • related checks:

OldGentooCopyright

File with old Gentoo Foundation copyright.

The file still assigns copyright to the Gentoo Foundation even though it has been committed after the new copyright policy was approved (2018-10-21).

Ebuilds and eclasses in Gentoo repository must use ‘Gentoo Authors’ instead. Files in other repositories may specify an explicit copyright holder instead.

  • Gentoo repo specific

  • level: warning

  • related checks:

BinaryFile

Binary file found in the repository.

  • Gentoo repo specific

  • level: error

  • related check: RepoDirCheck

CategoryIsNotDirectory

A category was found that exists but isn’t a directory.

EmptyCategoryDir

Empty category directory in the repository.

EmptyPackageDir

Empty package directory in the repository.

DeprecatedRepoHash

Repositories manifest-hashes defines deprecated hashes.

The repository defines deprecated hashes in manifest-hashes.

EmptyProject

A project has no developers.

PotentialGlobalUse

Local USE flag is a potential global USE flag.

PotentialLocalUse

Global USE flag is a potential local USE flag.

UnknownLicenses

License(s) listed in license group(s) that don’t exist.

UnusedEclasses

Unused eclasses detected.

UnusedGlobalUse

Unused use.desc flag(s).

UnusedGlobalUseExpand

Unused global USE_EXPAND flag(s).

UnusedLicenses

Unused license(s) detected.

UnusedMirrors

Unused mirrors detected.

Category scope

CatBadlyFormedXml

Badly formed category metadata.xml.

CatInvalidXml

Invalid category metadata.xml.

CatMetadataXmlEmptyElement

Empty element in category metadata.xml file.

CatMetadataXmlIndentation

Inconsistent indentation in category metadata.xml file.

Either all tabs or all spaces should be used, not a mixture of both.

CatMetadataXmlInvalidCatRef

Invalid category reference in category metadata.xml.

CatMetadataXmlInvalidPkgRef

Invalid package reference in category metadata.xml.

CatMissingMetadataXml

Category is missing metadata.xml.

Package scope

DirectNoMaintainer

Directly added, new package with no specified maintainer.

DroppedStableKeywords

Stable keywords dropped from package.

DroppedUnstableKeywords

Unstable keywords dropped from package.

EAPIChangeWithoutRevbump

Package has changed EAPI without revbump.

The package has changed EAPI without a new revision. An EAPI bump might affect the installed files (EAPI changes, eclass functions may change behavior, new portage features might be used, etc.). The change should also be reflected in the vdb’s EAPI file.

MissingMove

Package was renamed without adding a move package update.

When moving/renaming a package, a new entry must be created in profiles/updates. See the devmanual [5] for more info.

PythonPEP517WithoutRevbump

Package has started/stopped using DISTUTILS_USE_PEP517 without revbump.

The package has started or stopped using DISTUTILS_USE_PEP517 without a new revision. PEP517 affects the files installed by a package and might lead to some files missing.

SrcUriChecksumChange

SRC_URI changing checksum without distfile rename.

SuspiciousSrcUriChange

Suspicious SRC_URI changing URI without distfile rename.

MatchingGlobalUse

Local USE flag description matches a global USE flag.

MissingLocalUseDesc

Local USE flag(s) missing descriptions.

ProbableGlobalUse

Local USE flag description closely matches a global USE flag.

ProbableUseExpand

Local USE flag that isn’t overridden matches a USE_EXPAND group.

The local USE flag starts with a prefix reserved to USE_EXPAND group, yet it is not a globally defined member of this group. According to the standing policy [6], all possible values for each USE_EXPAND must be defined and documented globally.

This warning can be fixed via moving the local flag description into appropriate profiles/desc file.

UnderscoreInUseFlag

USE flag uses underscore that is reserved for USE_EXPAND.

The USE flag name uses underscore. However, according to PMS underscores are reserved for USE_EXPAND flags [7]. The recommended replacement is hyphen (‘-‘).

UnusedLocalUse

Unused local USE flag(s).

VirtualWithSingleProvider

Virtual package with a single remaining provider.

Virtual packages are used to provide a common interface for multiple implementations of a given functionality. However, if there is only a single implementation, there is no need for a virtual package. In such case, consider adding the package to package.deprecated and removing the virtual package.

InvalidMetadataRestrict

Invalid package restrictions used in metadata.xml.

InvalidRemoteID

Package’s remote-id value incorrect for the specified type.

MaintainerNeeded

Package with missing or invalid maintainer-needed comment in metadata.xml.

MaintainerWithoutProxy

Package has a proxied maintainer without a proxy.

All package maintainers have non-@gentoo.org e-mail addresses. Most likely, this means that the package is maintained by a proxied maintainer but there is no explicit proxy (developer or project) listed. This means no Gentoo developer will be CC-ed on bug reports, and most likely no developer oversees the proxied maintainer’s activity.

MissingRemoteId

Missing remote-id which was inferred from ebuilds.

Based on URIs found in SRC_URI and HOMEPAGE, a remote-id can be suggested. If a remote-id of same type is already defined in metadata.xml, the suggestion won’t be reported. It ignores URIs ending with .diff or .patch, as they might point to a fork or developer’s space. It also ignores URIs that are conditional on USE flags.

NonexistentProjectMaintainer

Package specifying nonexistent project as a maintainer.

PkgBadlyFormedXml

Badly formed package metadata.xml.

PkgInvalidXml

Invalid package metadata.xml.

PkgMetadataXmlEmptyElement

Empty element in package metadata.xml file.

PkgMetadataXmlIndentation

Inconsistent indentation in package metadata.xml file.

Either all tabs or all spaces should be used, not a mixture of both.

PkgMetadataXmlInvalidCatRef

Invalid category reference in package metadata.xml.

PkgMetadataXmlInvalidPkgRef

Invalid package reference in package metadata.xml.

PkgMissingMetadataXml

Package is missing metadata.xml.

ProxyWithoutProxied

Package lists a proxy with no proxied maintainers.

The package explicitly lists a proxy with no proxied maintainers. Most likely, this means that the proxied maintainer has been removed but the proxy was accidentally left.

RedundantLongDescription

Package’s longdescription element in metadata.xml and DESCRIPTION are interchangeable.

The longdescription element is for providing extended information that doesn’t fit in DESCRIPTION.

WrongMaintainerType

A person-type maintainer matches an existing project.

BannedCharacter

File or directory name doesn’t abide by GLEP 31 requirements.

See the official GLEP 31 documentation [8] for details.

DuplicateFiles

Two or more identical files in FILESDIR.

EmptyFile

File in FILESDIR is empty.

EqualVersions

Ebuilds that have equal versions.

For example, cat/pn-1.0.2, cat/pn-1.0.2-r0, cat/pn-1.0.2-r00 and cat/pn-1.000.2 all have equal versions according to PMS and therefore shouldn’t exist in the same repository.

ExecutableFile

File has executable bit, but doesn’t need it.

InvalidPN

Ebuilds that have invalid package names.

InvalidUTF8

File isn’t UTF-8 compliant.

LiveOnlyPackage

Package has only had VCS-based ebuilds.

  • Gentoo repo specific

  • level: warning

  • related check: LiveOnlyCheck

MismatchedPN

Ebuilds that have different names than their parent directory.

SizeViolation

File in $FILESDIR is too large.

TotalSizeViolation

The total size of $FILESDIR is too large.

UnknownPkgDirEntry

Unknown files or directories in package directory.

Relevant for the gentoo repo only since the spec states that a package directory may contain other files or directories.

PythonMismatchedPackageName

Package name does not follow PyPI-based naming policy.

All packages in dev-python/* that are published on PyPI, must be named to match their respective PyPI names [9].

DeprecatedManifestHash

Manifest uses deprecated hashes.

The package uses deprecated hash types in its Manifest file.

InvalidManifest

Package’s Manifest file is invalid.

UnknownManifest

Manifest entries not matching any SRC_URI targets.

UnnecessaryManifest

Manifest entries for non-DIST targets on a repo with thin manifests enabled.

UnstableOnly

Package/keywords that are strictly unstable.

OldPackageName

Package uses old name which is source of pkgmove.

Package is using ${CATEGORY}/${PN} which is the source of a pkgmove. It should be updated to the destination (new name) from this repository or one of its master repositories.

Version scope

MissingAccountIdentifier

UID/GID can not be found in account package.

  • Gentoo repo specific

  • level: warning

  • related check: AcctCheck

OutsideRangeAccountIdentifier

UID/GID outside allowed allocation range.

To view the range accepted for this repository, look at the file metadata/qa-policy.conf in the section user-group-ids.

  • Gentoo repo specific

  • level: error

  • related check: AcctCheck

RedundantVersion

Redundant version(s) of a package in a specific slot.

BannedEapiCommand

Ebuild uses a banned EAPI command.

BannedPhaseCall

Ebuild calls a phase function directly.

BetterCompressionUri

URI provider has better compression suggestion.

The URI used to fetch distfile doesn’t use the best compression available from the provider. Using better compression can save bandwidth for the users and mirrors.

DeprecatedEapiCommand

Ebuild uses a deprecated EAPI command.

DeprecatedInsinto

Ebuild uses insinto where more compact commands exist.

DoublePrefixInPath

Ebuild uses two consecutive paths including EPREFIX.

Ebuild combines two path variables (or a variable and a getter), both of which include EPREFIX, resulting in double prefixing. This is the case when combining many pkg-config-based or alike getters with ED or EROOT.

For example, ${ED}$(python_get_sitedir) should be replaced with ${D}$(python_get_sitedir).

DuplicateFunctionDefinition

Function is defined multiple times. This is a definetly typo.

EbuildUnquotedVariable

Variable is used unquoted in a context where it should be quoted.

Variables like D, FILESDIR, etc may not be safe to use unquoted in some contexts.

EbuildVariableScope

Ebuild using variable outside its defined scope.

EendMissingArg

Ebuild calls eend with no arguments.

EmptyGlobalAssignment

Global scope useless empty assignment.

ExcessiveLineLength

Line is longer than 120 characters.

GlobDistdir

Filename expansion with ${DISTDIR} is unsafe.

Filename expansion could accidentally match irrelevant files in ${DISTDIR}, e.g. from other packages or other versions of the same package.

HomepageInSrcUri

${HOMEPAGE} is referenced in SRC_URI.

SRC_URI is built on top of ${HOMEPAGE}. This is discouraged since HOMEPAGE is multi-valued by design, and is subject to potential changes that should not accidentally affect SRC_URI.

IndirectInherits

Ebuild uses function from indirectly inherited eclass.

That doesn’t allow indirect inherit usage via the @INDIRECT_INHERITS eclass doc tag in a parent eclass.

InstallCompressedInfo

Compressed manpages are not supported by doinfo.

InstallCompressedManpage

Compressed manpages are not supported by doman or newman.

InternalEclassUsage

Ebuild uses internal functions or variables from eclass.

InvalidSandboxCall

Invalid call to a sandbox function.

According to PMS and the Devmanual [10], only a single item is allowed as argument for addread, addwrite, adddeny, and addpredict. Multiple path items should not be passed as a colon-separated list.

MissingInherits

Ebuild uses function from eclass that isn’t inherited.

MissingSlash

Ebuild uses a path variable missing a trailing slash.

MultipleKeywordsLines

KEYWORDS is specified across multiple lines in global scope.

Due to limitations of ekeyword it’s advised to specify KEYWORDS once on a single line in global scope [11].

NonPosixHeadTailUsage

Using of non-POSIX compliant head or tail.

The numeric argument to head or tail without -n (for example head -10) is deprecated and not POSIX compliant. To fix, prepand -n before the number [12].

ObsoleteUri

URI used is obsolete.

The URI used to fetch distfile is obsolete and can be replaced by something more modern. Note that the modern replacement usually results in different file contents, so you need to rename it (to avoid mirror collisions with the old file) and update the ebuild (for example, by removing no longer necessary vcs-snapshot.eclass).

ReadonlyVariable

Ebuild globally assigning value to a readonly variable.

RedundantDodir

Ebuild using a redundant dodir call.

ReferenceInMetadataVar

Metadata variable limited to raw text includes variable reference.

The HOMEPAGE ebuild variable entry in the devmanual [13] states only raw text should be used.

KEYWORDS must be a simple string with literal content as stated by the QA policy guide [14].

LICENSE must specify all license names verbatim, without referring to any variables. The only exception is the LICENSE variable itself, ie appending is allowed [15].

SelfAssignment

Global scope useless empty assignment.

StaticSrcUri

SRC_URI contains static value instead of the dynamic equivalent.

For example, using static text to relate to the package version in SRC_URI instead of ${P} or ${PV} where relevant.

UnnecessarySlashStrip

Ebuild uses a path variable that strips a nonexistent slash.

UnusedInherits

Ebuild inherits eclasses that are unused.

VariableOrderWrong

Variable were defined in an unexpected error.

VariableShadowed

Variable is shadowed or repeatedly declared. This is a possible typo.

DroppedKeywords

Arch keywords dropped during version bumping.

DeprecatedEclass

Package uses an eclass that is deprecated/abandoned.

DeprecatedEclassFunction

Package uses a deprecated function from an eclass.

DeprecatedEclassVariable

Package uses a deprecated variable from an eclass.

DuplicateEclassInherit

An ebuild directly inherits the same eclass multiple times.

Note that this will flag ebuilds that conditionalize global metadata by package version (or some other fashion) while inheriting the same eclass under both branches, e.g. conditional live ebuilds. In this case, shared eclasses should be loaded in a separate, unconditional inherit call.

EclassUserVariableUsage

Package uses a user variable from an eclass.

GoMissingDeps

Package sets GO_OPTIONAL but does not depend on dev-lang/go.

MisplacedEclassVar

Invalid placement of pre-inherit eclass variable in an ebuild.

All eclass variables tagged with @PRE_INHERIT must be set before the first inherit call in an ebuild.

ProvidedEclassInherit

Ebuild inherits an eclass which is already provided by another eclass.

When inheriting an eclass which declares @PROVIDES, those referenced eclasses are guaranteed to be provided by the eclass. Therefore, inheriting them in ebuilds is redundant and should be removed.

RubyMissingDeps

Package sets RUBY_OPTIONAL but does not depend on dev-lang/ruby

or virtual/rubygems.

RustMissingDeps

Package sets CARGO_OPTIONAL but does not depend on virtual/rust.

TmpfilesMissingDeps

Package sets TMPFILES_OPTIONAL but does not depend on virtual/tmpfiles.

DirectStableKeywords

Newly committed ebuild with stable keywords.

EbuildIncorrectCopyright

Changed ebuild with incorrect copyright date.

MissingSlotmove

Package SLOT was changed without adding a slotmove package update.

When changing an existing ebuild’s SLOT, a new entry must be created in profiles/updates. See the devmanual [16] for more info.

NewerEAPIAvailable

Package is eligible for a newer EAPI.

A new package version was added, using an older EAPI, than all supported by inherited eclasses. You should consider bumping the EAPI to the suggested value.

OldPythonCompat

Package still lists old targets in PYTHON_COMPAT.

RdependChange

Package RDEPEND was modified without adding a new ebuild revision.

VulnerablePackage

Packages marked as vulnerable by GLSAs.

  • Gentoo repo specific

  • level: error

  • related check: GlsaCheck

EbuildInvalidCopyright

File with invalid copyright.

The file does not start with a valid copyright line. Each ebuild or eclass file must start with a copyright line of the form:

# Copyright YEARS MAIN-CONTRIBUTOR [OTHER-CONTRIBUTOR]... [and others]

Files in the Gentoo repository must use:

# Copyright YEARS Gentoo Authors

EbuildInvalidLicenseHeader

File with invalid license header.

The file does not have with a valid license header.

Ebuilds and eclasses in the Gentoo repository must use:

# Distributed under the terms of the GNU General Public License v2

EbuildNonGentooAuthorsCopyright

File with copyright stating owner other than “Gentoo Authors”.

The file specifies explicit copyright owner, while the Gentoo repository policy specifies that all ebuilds and eclasses must use “Gentoo Authors”. If the owner is not listed in metadata/AUTHORS, addition can be requested via bugs.gentoo.org.

EbuildOldGentooCopyright

File with old Gentoo Foundation copyright.

The file still assigns copyright to the Gentoo Foundation even though it has been committed after the new copyright policy was approved (2018-10-21).

Ebuilds and eclasses in Gentoo repository must use ‘Gentoo Authors’ instead. Files in other repositories may specify an explicit copyright holder instead.

LaggingStable

Stable arches for stabilized package that are lagging from a stabling standpoint.

PotentialStable

Stable arches with potential stable package candidates.

BadDefaultUseFlags

Package IUSE contains bad default USE flags.

BadDependency

Package dependency is bad for some reason.

BadDescription

Package’s description is bad for some reason.

BadFilename

URI uses unspecific or poor filename(s).

Archive filenames should be disambiguated using -> to rename them.

BadHomepage

A package’s HOMEPAGE is bad for some reason.

See the HOMEPAGE ebuild variable entry in the devmanual [17] for more information.

BadKeywords

Packages using -* should use package.mask instead.

BadProtocol

URI uses an unsupported protocol.

Valid protocols are currently: http, https, and ftp

BannedEapi

Package’s EAPI is banned according to repo metadata.

DeprecatedDep

Package dependencies matching deprecated packages flagged in profiles/package.deprecated.

DeprecatedEapi

Package’s EAPI is deprecated according to repo metadata.

DeprecatedLicense

Deprecated license usage.

DuplicateKeywords

Packages having duplicate KEYWORDS.

InvalidBdepend

Package has invalid BDEPEND.

InvalidDepend

Package has invalid DEPEND.

InvalidEapi

Package’s EAPI is invalid.

InvalidIdepend

Package has invalid IDEPEND.

InvalidLicense

Package’s LICENSE is invalid.

InvalidPdepend

Package has invalid PDEPEND.

InvalidProperties

Package’s PROPERTIES is invalid.

InvalidRdepend

Package has invalid RDEPEND.

InvalidRequiredUse

Package’s REQUIRED_USE is invalid.

InvalidRestrict

Package’s RESTRICT is invalid.

InvalidSlot

Package’s SLOT is invalid.

InvalidSrcUri

Package’s SRC_URI is invalid.

InvalidUseFlags

Package IUSE contains invalid USE flags.

MisplacedWeakBlocker

Weak blocker is within a misplaced dependency class.

Weak blockers control whether we ignore file collisions at the point of merge, so being (exclusively) defined in DEPEND or BDEPEND is wrong.

Note that in cases where the weak blocker is also defined in RDEPEND, this warning won’t be triggered, to give leeway given this is a common ebuild pattern.

MissingLicense

Package has no LICENSE defined.

MissingLicenseRestricts

Restrictive license used without matching RESTRICT.

MissingPackageRevision

Missing package revision in =cat/pkg dependencies.

The dependency string uses the = operator without specifying a revision. This means that only -r0 of the dependency will be matched, and newer revisions of the same ebuild will not be accepted.

If any revision of the package is acceptable, the ~ operator should be used instead of =. If only the initial revision of the dependency is allowed, -r0 should be appended in order to make the intent explicit.

MissingSlotDep

Missing slot value in dependencies.

The package dependency does not specify a slot but the target package has multiple slots. The behavior for satisfying this kind of dependency is not strictly defined, and may result in either any or the newest package slot being accepted.

Please verify whether the package works with all the dependency slots. If only one slot is actually acceptable, specify it explicitly. If multiple slots are acceptable, please use either := or explicit :* slot operator. The operators are described in detail in the devmanual [18].

MissingTestRestrict

Missing RESTRICT="!test? ( test )".

Traditionally, it was assumed that IUSE=test is a special flag that is implicitly enabled when running src_test() is enabled. However, this is not standarized and packages need to explicitly specify RESTRICT="!test? ( test )" in order to guarantee that test phase will be skipped when the flag is disabled and therefore test dependencies may not be installed.

MissingUnpackerDep

Missing dependency on a required unpacker package.

Package uses an archive format for which an unpacker is not provided by the system set, and lacks an explicit dependency on the unpacker package.

MissingUri

RESTRICT=fetch isn’t set, yet no full URI exists.

MissingUseDepDefault

Package dependencies with USE dependencies missing defaults.

NonexistentBlocker

No matches for blocker dependency in repo history.

For the gentoo repo this means it was either removed before the CVS -> git transition (which occurred around 2015-08-08) or it never existed at all.

Note that this ignores slot/subslot deps and USE deps in blocker atoms.

OutdatedBlocker

Blocker dependency removed at least two years ago from the tree.

Note that this ignores slot/subslot deps and USE deps in blocker atoms.

OverlappingKeywords

Packages having overlapping arch and ~arch KEYWORDS.

RedundantUriRename

URI uses a redundant rename that doesn’t change the filename.

RequiredUseDefaults

Default USE flag settings don’t satisfy REQUIRED_USE.

The REQUIRED_USE constraints specified in the ebuild are not satisfied by the default USE flags used in one or more profiles. This means that users on those profiles may be unable to install the package out of the box, without having to modify package.use.

This warning is usually fixed via using IUSE defaults to enable one of the needed flags, modifying package.use in the most relevant profiles or modifying REQUIRED_USE.

SourcingError

Failed sourcing ebuild.

SrcUriFilenameDotPrefix

SRC_URI’s filename starts with a dot.

This is usually a mistake, as referencing empty variable before the dot. Also those files might appear as hidden in many file system viewers. Rename the filename using the -> operator.

StableKeywordsOnTestingEapi

Package has stable keywords on EAPI marked as testing-only.

StaleLiveEAPI

Live ebuild is using older an EAPI then release ebuilds.

Live ebuilds should always use an EAPI version at least as new as the release ebuilds.

TarballAvailable

URI uses .zip archive when .tar* is available.

Tarballs should be preferred over zip archives due to better compression and no extra unpack dependencies.

UnknownKeywords

Packages using unknown KEYWORDS.

UnknownLicense

License usage with no matching license file.

UnknownMirror

URI uses an unknown mirror.

UnknownProperties

Package’s PROPERTIES metadata has unknown entries.

UnknownRestrict

Package’s RESTRICT metadata has unknown entries.

UnknownUseFlags

Package IUSE contains unknown USE flags.

UnnecessaryLicense

LICENSE defined for package that is license-less.

UnsortedKeywords

Packages with unsorted KEYWORDS.

KEYWORDS should be sorted in alphabetical order with prefix keywords (those with hyphens in them, e.g. amd64-fbsd) after regular arches and globs (e.g. -*) before them.

UnstableSrcUri

SRC_URI uses unstable URIs.

This is usually a mistake, as those URIs are not guaranteed to be unchanged which might cause checksum mismatch.

UnstatedIuse

Package is reliant on conditionals that aren’t in IUSE.

UnsupportedEclassEapi

Ebuild inherits an eclass with outdated @SUPPORTED_EAPIS.

UseFlagWithoutDeps

Special USE flag with little utility and without effect on dependencies.

Various USE flags, such as “ipv6”, should be always turned on or off, and their existence is questionable, in cases were it doesn’t introduce new dependencies. Other USE flags, such as “bash-completion”, without any new dependencies, are probable violators of small files QA policy [19].

In cases where this USE flag is appropriate, you can silence this warning by adding a description to this USE flag in metadata.xml file and thus making it a local USE flag instead of global one.

VirtualKeywordsUpdate

Virtual packages with keywords that can be updated to match dependencies.

VirtualWithBdepend

Virtual package with a BDEPEND defined.

VirtualWithDepend

Virtual package with a BDEPEND defined.

DeadUrl

Package with a dead URL of some type.

HttpsUrlAvailable

URL uses http:// when https:// is available.

RedirectedUrl

Package with a URL that permanently redirects to a different site.

SSLCertificateError

Package with https:// HOMEPAGE with an invalid SSL cert.

UnusedInMastersEclasses

Eclasses detected that are unused in the master repo(s).

In other words, they’re likely to be removed so should be copied to the overlay.

UnusedInMastersGlobalUse

Global USE flags detected that are unused in the master repo(s).

In other words, they’re likely to be removed so should be copied to the overlay.

UnusedInMastersLicenses

Licenses detected that are unused in the master repo(s).

In other words, they’re likely to be removed so should be copied to the overlay.

UnusedInMastersMirrors

Mirrors detected that are unused in the master repo(s).

In other words, they’re likely to be removed so should be copied to the overlay.

MismatchedPerlVersion

A package’s normalized perl module version doesn’t match its $PV.

MissingVersionedVirtualPerlDependency

Missing version restriction for virtual perl dependency.

The virtuals virtual/perl-* stand for packages that have releases both as part of dev-lang/perl and standalone in perl-core/*. Apart from rare special cases, if you require “any” version of such a virtual, this will always be fulfilled by dev-lang/perl.

DistutilsNonPEP517Build

Ebuild uses the deprecated non-PEP517 build

MissingPythonEclass

Package depends on Python but does not use the eclasses.

All packages depending on Python are required to use one of the following python eclasses: python-r1, python-single-r1, or python-any-r1. For documentation on choosing the correct eclass, please see the Gentoo Python Guide page on eclasses [20].

PythonAnyMismatchedDepHasVersionCheck

Package has mismatch in dependencies between call to

python_gen_any_dep and python_has_version.

For every dependency used under python_gen_any_dep, a matching check for a matching python implementation in python_has_version should exist [21].

PythonAnyMismatchedUseHasVersionCheck

Package has mismatch in dependency’s use flags between call to

python_gen_any_dep and python_has_version.

For every dependency used under python_gen_any_dep, the check for a matching python implementation in python_has_version should match the exact use flags [22].

PythonCompatUpdate

PYTHON_COMPAT can be updated to support newer python version(s).

PythonEclassError

Generic python eclass error.

PythonGHDistfileSuffix

Distfile from GitHub is missing “.gh.tar.gz” suffix.

Python ebuilds frequently prefer GitHub archives over sdist tarballs published on PyPI. Since both kinds of distfiles often have the same name, “.gh.tar.gz” suffix is often used for the former to avoid filename collisions with official archives published upstream.

To solve this warning, rename the distfile in SRC_URI to include the suffix. There is no need to contact upstream, as it is done simply by adding -> ${P}.gh.tar.gz after the URI.

PythonHasVersionMissingPythonUseDep

Package calls python_has_version or has_version without

[${PYTHON_USEDEP}] suffix.

All calls to python_has_version or has_version inside python_check_deps should contain [${PYTHON_USEDEP}] suffix for the dependency argument [23].

PythonHasVersionUsage

Package uses has_version inside python_check_deps.

Ebuilds which declare the python_check_deps function (which tests Python implementations for matching dependencies) should use the special python_has_version function (instead of has_version) for enhanced log output and defaults [24].

PythonInlinePyPIURI

PyPI URI used inline instead of via pypi.eclass

PythonMissingDeps

Package is missing PYTHON_DEPS.

The python-r1 and python-single-r1 eclasses require the packages to explicitly reference ${PYTHON_DEPS} in RDEPEND (and DEPEND, if necessary); python-any-r1 requires it in DEPEND.

If Python is used conditionally, the dependency can be wrapped in appropriate USE conditionals.

PythonMissingRequiredUse

Package is missing PYTHON_REQUIRED_USE.

The python-r1 and python-single-r1 eclasses require the packages to explicitly specify REQUIRED_USE=${PYTHON_REQUIRED_USE}. If Python is used conditionally, it can be wrapped in appropriate USE conditionals.

PythonMissingSCMDependency

Package is missing BDEPEND on setuptools-scm or alike.

Packages which define SETUPTOOLS_SCM_PRETEND_VERSION should BDEPEND on dev-python/setuptools-scm or a similar package [25].

PythonRuntimeDepInAnyR1

Package depends on Python at runtime but uses any-r1 eclass.

The python-any-r1 eclass is meant to be used purely for build-time dependencies on Python. However, this package lists Python as a runtime dependency. If this is intentional, the package needs to switch to python-r1 or python-single-r1 eclass, otherwise the runtime dependency should be removed.

ConflictingChksums

Checksum conflict detected between two files.

DeprecatedChksum

A file in the chksum data does not use modern checksum set.

MatchingChksums

Two distfiles share the same checksums but use different names.

MissingChksum

A file in the chksum data lacks required checksums.

MissingManifest

SRC_URI targets missing from Manifest file.

EbuildReservedName

Ebuild uses reserved variable or function name for package manager.

EbuildSemiReservedName

Ebuild uses semi-reserved variable or function name.

Ebuild is using in global scope semi-reserved variable or function names, which is likely to clash with future EAPIs. Currently it include single-letter uppercase variables, and [A-Z]DEPEND variables.

RubyCompatUpdate

USE_RUBY can be updated to support newer ruby version(s).

SuboptimalCratesSeparator

Using - as name-version separator in CRATES is suboptimal.

The CRATES variable is a space separated list of crates. The eclass supports specifying the crate name and version as name@version and as name-version. The latter is suboptimal as it’s slower.

It is recommended to use pycargoebuild 0.7+ to generate new CRATES.

SuboptimalCratesURICall

Calling cargo_crate_uris with CRATES is suboptimal, use

${CARGO_CRATE_URIS}.

Calls to $(cargo_crate_uris) and $(cargo_crate_uris ${CRATES}) are suboptimal, and can be replaces with ${CARGO_CRATE_URIS} which is pre-computed, faster and doesn’t require sub-shell in global-scope.

StableRequest

Unstable ebuild with no changes for over 30 days.

DependencyMoved

Ebuild depends on a dependency which was pkgmoved.

NonexistentDeps

No matches exist for a package dependency.

NonsolvableDeps

No potential solution for a depset attribute.

  • Gentoo repo specific

  • level: error

  • related checks:

NonsolvableDepsInDev

No potential solution for dependency on dev profile.

NonsolvableDepsInExp

No potential solution for dependency on exp profile.

NonsolvableDepsInStable

No potential solution for dependency on stable profile.

UncheckableDep

Given dependency cannot be checked due to the number of transitive use deps in it.

VisibleVcsPkg

Package is VCS-based, but visible.

BadWhitespaceCharacter

Ebuild uses whitespace that isn’t a tab, newline, or single space.

Bash does not treat unicode whitespace characters as regular whitespace so commands or operators separated by such characters will be treated as one string. This usually causes execution errors if the characters are used for separation purposes outside of comments or regular strings.

DoubleEmptyLine

Unneeded blank lines found.

MissingEAPIBlankLine

Missing blank line after EAPI= assignment.

NoFinalNewline

Ebuild’s last line does not have a final newline.

TrailingEmptyLine

Unneeded trailing blank lines found.

WhitespaceFound

Leading or trailing whitespace found.

WrongIndentFound

Incorrect indentation whitespace found.

Checks

List of checks that can be selected to run.

By default, all checks that operate at the current scope or below will be run. In other words, if running inside a package directory in a repo, only checks that operate at a package or version scope will be run. On the other hand, when running against an entire repo, all defined checks will be run.

Commit scope

GitCommitMessageCheck

Check unpushed git commit messages for various issues.

  • Gentoo repo specific

(known results: BadCommitSummary, InvalidCommitMessage, InvalidCommitTag, MissingSignOff)

Profiles scope

RepoProfilesCheck

Scan repo for various profiles directory issues.

Including unknown arches in profiles, arches without profiles, and unknown categories.

(known results: ArchesOutOfSync, ArchesWithoutProfiles, BannedProfileEapi, DeprecatedProfileEapi, LaggingProfileEapi, NonexistentCategories, NonexistentProfilePath, ProfileError, ProfileWarning, UnknownCategoryDirs, UnusedProfileDirs)

PackageUpdatesCheck

Scan profiles/updates/* for outdated entries and other issues.

(known results: BadPackageUpdate, MovedPackageUpdate, MultiMovePackageUpdate, OldMultiMovePackageUpdate, OldPackageUpdate, RedundantPackageUpdate)

Eclass scope

EclassUnquotedVariablesCheck

Scan eclass for variables that should be quoted like D, FILESDIR, etc.

(known result: EclassUnquotedVariable)

EclassCheck

Scan eclasses for various issues.

(known results: EclassBashSyntaxError, EclassDocError, EclassDocMissingFunc, EclassDocMissingVar)

EclassParseCheck

Scan eclasses variables that are only allowed in certain scopes.

(known results: EclassExportFuncsBeforeInherit, EclassVariableScope)

GitEclassCommitsCheck

Check unpushed git eclass commits for various issues.

  • Gentoo repo specific

(known result: EclassIncorrectCopyright)

EclassHeaderCheck

Scan eclasses for incorrect copyright/license headers.

  • Gentoo repo specific

(known results: EclassInvalidCopyright, EclassInvalidLicenseHeader, EclassNonGentooAuthorsCopyright, EclassOldGentooCopyright)

EclassReservedCheck

Scan eclasses for reserved function or variable names.

(known result: EclassReservedName)

Repo scope

AcctCheck

Various checks for acct-* packages.

Verify that acct-* packages do not use conflicting, invalid or out-of-range UIDs/GIDs. This check uses a special file metadata/qa-policy.conf located within the repository. It should contain a user-group-ids section containing two keys: uid-range and gid-range, which consist of a comma separated list, either <n> for a single value or <m>-<n> for a range of values (including both ends). In case this file doesn’t exist or is wrongly defined, this check is skipped.

  • Gentoo repo specific

(known results: ConflictingAccountIdentifiers, MissingAccountIdentifier, OutsideRangeAccountIdentifier)

UnusedInMastersCheck

Check for various metadata that may be removed from master repos.

(known results: UnusedInMastersEclasses, UnusedInMastersGlobalUse, UnusedInMastersLicenses, UnusedInMastersMirrors)

EmptyDirsCheck

Scan for empty category or package directories.

  • Gentoo repo specific

(known results: EmptyCategoryDir, EmptyPackageDir)

RepoDirCheck

Scan all files in the repository for issues.

  • Gentoo repo specific

(known result: BinaryFile)

RepositoryCategories

Scan for fundamental category issues in the repository layout

(known result: CategoryIsNotDirectory)

GlobalUseCheck

Check global USE and USE_EXPAND flags for various issues.

(known results: PotentialGlobalUse, PotentialLocalUse, UnusedGlobalUse, UnusedGlobalUseExpand)

LicenseGroupsCheck

Scan license groups for unknown licenses.

(known result: UnknownLicenses)

ManifestCollisionCheck

Search Manifest entries for different types of distfile collisions.

In particular, search for matching filenames with different checksums and different filenames with matching checksums.

(known results: ConflictingChksums, MatchingChksums)

ProjectMetadataCheck

Check projects.xml for issues.

(known result: EmptyProject)

RepoManifestHashCheck

Check manifest-hashes config for issues.

(known result: DeprecatedRepoHash)

UnusedEclassesCheck

Check for unused eclasses.

(known result: UnusedEclasses)

UnusedLicensesCheck

Check for unused license files.

(known result: UnusedLicenses)

UnusedMirrorsCheck

Check for unused mirrors.

(known result: UnusedMirrors)

Category scope

CategoryMetadataXmlCheck

Category level metadata.xml scans.

(known results: CatBadlyFormedXml, CatInvalidXml, CatMetadataXmlEmptyElement, CatMetadataXmlIndentation, CatMetadataXmlInvalidCatRef, CatMetadataXmlInvalidPkgRef, CatMissingMetadataXml)

Package scope

RedundantVersionCheck

Scan for overshadowed package versions.

Scan for versions that are likely shadowed by later versions from a keywords standpoint (ignoring live packages that erroneously have keywords).

Example: pkga-1 is keyworded amd64, pkga-2 is amd64. pkga-1 can potentially be removed.

(known result: RedundantVersion)

DroppedKeywordsCheck

Scan packages for keyword dropping across versions.

(known result: DroppedKeywords)

GitPkgCommitsCheck

Check unpushed git package commits for various issues.

  • Gentoo repo specific

(known results: DirectNoMaintainer, DirectStableKeywords, DroppedStableKeywords, DroppedUnstableKeywords, EAPIChangeWithoutRevbump, EbuildIncorrectCopyright, MissingMove, MissingSlotmove, NewerEAPIAvailable, OldPythonCompat, PythonPEP517WithoutRevbump, RdependChange, SrcUriChecksumChange, SuspiciousSrcUriChange)

ImlateCheck

Scan for ebuilds that are lagging in stabilization.

(known results: LaggingStable, PotentialStable)

LocalUseCheck

Check local USE flags in metadata.xml for various issues.

(known results: MatchingGlobalUse, MissingLocalUseDesc, ProbableGlobalUse, ProbableUseExpand, UnderscoreInUseFlag, UnstatedIuse, UnusedLocalUse)

StaleLiveCheck

Check for stale live ebuilds.

(known result: StaleLiveEAPI)

VirtualProvidersCheck

Check providers of virtual packages.

(known results: VirtualWithBdepend, VirtualWithDepend, VirtualWithSingleProvider)

MissingRemoteIdCheck

Detect missing remote-ids based on SRC_URI and HOMEPAGE.

(known result: MissingRemoteId)

PackageMetadataXmlCheck

Package level metadata.xml scans.

(known results: InvalidMetadataRestrict, InvalidRemoteID, MaintainerNeeded, MaintainerWithoutProxy, NonexistentProjectMaintainer, PkgBadlyFormedXml, PkgInvalidXml, PkgMetadataXmlEmptyElement, PkgMetadataXmlIndentation, PkgMetadataXmlInvalidCatRef, PkgMetadataXmlInvalidPkgRef, PkgMissingMetadataXml, ProxyWithoutProxied, RedundantLongDescription, WrongMaintainerType)

MetadataUrlCheck

Verify metadata.xml URLs.

(known results: DeadUrl, HttpsUrlAvailable, RedirectedUrl, SSLCertificateError)

EqualVersionsCheck

Scan package ebuilds for semantically equal versions.

(known result: EqualVersions)

LiveOnlyCheck

Scan for packages with only live versions.

  • Gentoo repo specific

(known result: LiveOnlyPackage)

PkgDirCheck

Scan ebuild directory for various file-related issues.

(known results: BannedCharacter, DuplicateFiles, EmptyFile, ExecutableFile, InvalidPN, InvalidUTF8, MismatchedPN, SizeViolation, TotalSizeViolation, UnknownPkgDirEntry)

PythonPackageNameCheck

Check ebuild names in dev-python/*.

(known result: PythonMismatchedPackageName)

ManifestCheck

Manifest related checks.

Verify that the Manifest file exists, doesn’t have missing or extraneous entries, and that the required hashes are in use.

(known results: DeprecatedChksum, DeprecatedManifestHash, InvalidManifest, MissingChksum, MissingManifest, UnknownManifest, UnnecessaryManifest)

StableRequestCheck

Scan for unstable ebuilds with no changes for over 30 days.

By default, only triggered for arches with stable profiles. To check additional arches outside the stable set specify them manually using the -a/–arches option.

Note that packages with no stable keywords won’t trigger this at all. Instead they’ll be caught by the UnstableOnly check.

  • Gentoo repo specific

(known result: StableRequest)

UnstableOnlyCheck

Scan for packages that have just unstable keywords.

  • Gentoo repo specific

(known result: UnstableOnly)

Version scope

AbsoluteSymlinkCheck

Scan ebuild for dosym absolute path usage instead of relative.

(known result: AbsoluteSymlink)

BadCommandsCheck

Scan ebuild for various deprecated and banned command usage.

(known results: BannedEapiCommand, BannedPhaseCall, DeprecatedEapiCommand)

BetterCompressionCheck

Scan ebuild for URIs with better compression.

(known result: BetterCompressionUri)

DeclarationShadowedCheck

Scan ebuilds for shadowed variable assignments in global scope.

(known results: DuplicateFunctionDefinition, VariableShadowed)

DoCompressedFilesCheck

Scan ebuild for compressed files passed to do* or new**.

(known results: InstallCompressedInfo, InstallCompressedManpage)

EbuildUnquotedVariablesCheck

Scan ebuild for variables that should be quoted like D, FILESDIR, etc.

(known result: EbuildUnquotedVariable)

EendMissingArgCheck

Scan an ebuild for calls to eend with no arguments.

(known result: EendMissingArg)

GlobCheck

Scan ebuilds for unsafe glob usage.

(known result: GlobDistdir)

InheritsCheck

Scan for ebuilds with missing or unused eclass inherits.

Note that this requires using pmaint regen to generate repo metadata in order for direct inherits to be correct.

(known results: IndirectInherits, InternalEclassUsage, MissingInherits, UnusedInherits)

InsintoCheck

Scan ebuild for deprecated insinto usage.

(known result: DeprecatedInsinto)

LineLengthCheck

Scan ebuild for lines with excessive length.

(known result: ExcessiveLineLength)

MetadataVarCheck

Scan various globally assigned metadata variables for issues.

(known results: EmptyGlobalAssignment, HomepageInSrcUri, MultipleKeywordsLines, ReferenceInMetadataVar, SelfAssignment, StaticSrcUri)

NonPosixCheck

Scan ebuild for non-posix usage, code which might be not portable.

(known result: NonPosixHeadTailUsage)

ObsoleteUriCheck

Scan ebuild for obsolete URIs.

(known result: ObsoleteUri)

PathVariablesCheck

Scan ebuild for path variables with various issues.

(known results: DoublePrefixInPath, MissingSlash, UnnecessarySlashStrip)

ReadonlyVariableCheck

Scan for read-only variables that are globally assigned in an ebuild.

(known result: ReadonlyVariable)

RedundantDodirCheck

Scan ebuild for redundant dodir usage.

(known result: RedundantDodir)

SandboxCallCheck

Scan ebuilds for correct sandbox funcitons usage.

(known result: InvalidSandboxCall)

VariableOrderCheck

Scan ebuilds for variables defined in a different order than skel.ebuild dictates.

(known result: VariableOrderWrong)

VariableScopeCheck

Scan ebuilds for variables that are only allowed in certain scopes.

(known result: EbuildVariableScope)

EclassManualDepsCheck

Check for missing deps when inheriting eclasses in special mode.

(known results: GoMissingDeps, RubyMissingDeps, RustMissingDeps, TmpfilesMissingDeps)

EclassUsageCheck

Scan packages for various eclass-related issues.

(known results: DeprecatedEclass, DeprecatedEclassFunction, DeprecatedEclassVariable, DuplicateEclassInherit, EclassUserVariableUsage, MisplacedEclassVar, ProvidedEclassInherit)

GlsaCheck

Scan for vulnerable ebuilds in the tree.

Requires a GLSA directory for vulnerability info.

  • Gentoo repo specific

(known result: VulnerablePackage)

EbuildHeaderCheck

Scan ebuild for incorrect copyright/license headers.

  • Gentoo repo specific

(known results: EbuildInvalidCopyright, EbuildInvalidLicenseHeader, EbuildNonGentooAuthorsCopyright, EbuildOldGentooCopyright)

DependencyCheck

Verify dependency attributes (e.g. RDEPEND).

(known results: BadDependency, DeprecatedDep, InvalidBdepend, InvalidDepend, InvalidIdepend, InvalidPdepend, InvalidRdepend, MisplacedWeakBlocker, MissingPackageRevision, MissingUseDepDefault, UnstatedIuse)

DescriptionCheck

DESCRIPTION checks.

Check on length (<=80), too short (<10), or generic (lifted from eclass or just using the package’s name).

(known result: BadDescription)

EapiCheck

Scan for packages with banned or deprecated EAPIs.

(known results: BannedEapi, DeprecatedEapi, StableKeywordsOnTestingEapi, UnsupportedEclassEapi)

HomepageCheck

HOMEPAGE checks.

(known result: BadHomepage)

IuseCheck

IUSE validity checks.

(known results: BadDefaultUseFlags, InvalidUseFlags, UnknownUseFlags)

KeywordsCheck

Check package keywords for sanity; empty keywords, and -* are flagged.

(known results: BadKeywords, DuplicateKeywords, OverlappingKeywords, UnknownKeywords, UnsortedKeywords, VirtualKeywordsUpdate)

LicenseCheck

LICENSE validity checks.

(known results: DeprecatedLicense, InvalidLicense, MissingLicense, MissingLicenseRestricts, UnknownLicense, UnnecessaryLicense, UnstatedIuse)

MissingSlotDepCheck

Check for missing slot dependencies.

(known result: MissingSlotDep)

MissingUnpackerDepCheck

Check whether package is missing unpacker dependencies.

(known result: MissingUnpackerDep)

OutdatedBlockersCheck

Check for outdated and nonexistent blocker dependencies.

(known results: NonexistentBlocker, OutdatedBlocker)

PropertiesCheck

PROPERTIES related checks.

(known results: InvalidProperties, UnknownProperties, UnstatedIuse)

RequiredUseCheck

REQUIRED_USE validity checks.

(known results: InvalidRequiredUse, RequiredUseDefaults, UnstatedIuse)

RestrictCheck

RESTRICT related checks.

(known results: InvalidRestrict, UnknownRestrict, UnstatedIuse)

RestrictTestCheck

Check whether packages specify RESTRICT=”!test? ( test )”.

(known result: MissingTestRestrict)

SourcingCheck

Scan for packages with sourcing errors or invalid, sourced metadata variables.

(known results: InvalidEapi, InvalidSlot, SourcingError)

SrcUriCheck

SRC_URI related checks.

Verify that URIs are valid, fetchable, using a supported protocol, and don’t use unspecific filenames.

(known results: BadFilename, BadProtocol, InvalidSrcUri, MissingUri, RedundantUriRename, SrcUriFilenameDotPrefix, TarballAvailable, UnknownMirror, UnstableSrcUri, UnstatedIuse)

UseFlagsWithoutEffectsCheck

Check for USE flags without effects.

  • Gentoo repo specific

(known result: UseFlagWithoutDeps)

FetchablesUrlCheck

Verify SRC_URI URLs.

(known results: DeadUrl, HttpsUrlAvailable, RedirectedUrl, SSLCertificateError)

HomepageUrlCheck

Verify HOMEPAGE URLs.

(known results: DeadUrl, HttpsUrlAvailable, RedirectedUrl, SSLCertificateError)

PerlCheck

Perl ebuild related checks.

(known results: MismatchedPerlVersion, MissingVersionedVirtualPerlDependency)

PythonCheck

Python eclass checks.

Check whether Python eclasses are used for Python packages, and whether they don’t suffer from common mistakes.

(known results: DistutilsNonPEP517Build, MissingPythonEclass, PythonAnyMismatchedDepHasVersionCheck, PythonAnyMismatchedUseHasVersionCheck, PythonEclassError, PythonHasVersionMissingPythonUseDep, PythonHasVersionUsage, PythonMissingDeps, PythonMissingRequiredUse, PythonMissingSCMDependency, PythonRuntimeDepInAnyR1)

PythonCompatCheck

Check python ebuilds for possible PYTHON_COMPAT updates.

Supports ebuilds inheriting python-r1, python-single-r1, and python-any-r1.

(known result: PythonCompatUpdate)

PythonFetchableCheck

Perform Python-specific checks to fetchables.

(known results: PythonGHDistfileSuffix, PythonInlinePyPIURI)

EbuildReservedCheck

Scan ebuilds for reserved function or variable names.

(known results: EbuildReservedName, EbuildSemiReservedName)

RubyCompatCheck

Check ruby ebuilds for possible USE_RUBY updates.

Supports ebuilds inheriting ruby-ng.

(known result: RubyCompatUpdate)

RustCheck

Checks for rust related issues.

(known results: SuboptimalCratesSeparator, SuboptimalCratesURICall)

VisibilityCheck

Visibility dependency scans.

Check that at least one solution is possible for a pkg, checking all profiles (defined by arch.list) visibility modifiers per stable/unstable keyword.

(known results: DependencyMoved, NonexistentDeps, NonsolvableDepsInDev, NonsolvableDepsInExp, NonsolvableDepsInStable, OldPackageName, UncheckableDep, VisibleVcsPkg)

MissingWhitespaceCheck

Scan ebuild for missing whitespace.

(known result: MissingEAPIBlankLine)

WhitespaceCheck

Scan ebuild for useless whitespace.

(known results: BadWhitespaceCharacter, DoubleEmptyLine, NoFinalNewline, TrailingEmptyLine, WhitespaceFound, WrongIndentFound)

Reporters

CsvReporter

Comma-separated value reporter, convenient for shell processing.

Example:

,,,"global USE flag 'big-endian' is a potential local, used by 1 package: dev-java/icedtea-bin"
sys-apps,portage,2.1-r2,sys-apps/portage-2.1-r2.ebuild has whitespace in indentation on line 169
sys-apps,portage,2.1-r2,"rdepend  ppc-macos: unsolvable default-darwin/macos/10.4, solutions: [ >=app-misc/pax-utils-0.1.13 ]"
sys-apps,portage,2.1-r2,"no change in 75 days, keywords [ ~x86-fbsd ]"

FancyReporter

Colored output grouped by result scope.

Example:

sys-apps/portage
  WrongIndentFound: sys-apps/portage-2.1-r2.ebuild has whitespace in indentation on line 169
  NonsolvableDeps: sys-apps/portage-2.1-r2: rdepend  ppc-macos: unsolvable default-darwin/macos/10.4, solutions: [ >=app-misc/pax-utils-0.1.13 ]
  StableRequest: sys-apps/portage-2.1-r2: no change in 75 days, keywords [ ~x86 ]

FlycheckReporter

Simple line reporter done for easier integration with flycheck [26] .

FormatReporter

Custom format string reporter.

This formatter uses custom format string passed using the --format command line argument.

JsonReporter

Feed of newline-delimited JSON records.

Note that the format is newline-delimited JSON with each line being related to a separate report. To merge the objects together a tool such as jq can be leveraged similar to the following:

jq -c -s 'reduce.[]as$x({};.*$x)' orig.json > new.json

JsonStream

Generate a stream of result objects serialized in JSON.

StrReporter

Simple string reporter, pkgcheck-0.1 behaviour.

Example:

sys-apps/portage-2.1-r2: sys-apps/portage-2.1-r2.ebuild has whitespace in indentation on line 169
sys-apps/portage-2.1-r2: rdepend  ppc-macos: unsolvable default-darwin/macos/10.4, solutions: [ >=app-misc/pax-utils-0.1.13 ]
sys-apps/portage-2.1-r2: no change in 75 days, keywords [ ~x86-fbsd ]

XmlReporter

Feed of newline-delimited XML reports.

Config file support

Config files are supported by pkgcheck scan from any of four locations. Listed in order of increasing precedence these include the following:

  • system config – /etc/pkgcheck/pkgcheck.conf

  • user config – ${XDG_CONFIG_HOME}/pkgcheck/pkgcheck.conf

  • user config – ~/.config/pkgcheck/pkgcheck.conf

  • repo config – metadata/pkgcheck.conf inside an ebuild repo (only considered when the current directory is inside the repo, or when specified using --repo option)

  • custom config – specified via the --config option

Any settings from a config file with higher precedence will override matching settings from a config file with a lower precedence, e.g. repo settings override both user and system settings. Note that command line options override any matching config file setting.

In terms of file structure, basic INI formatting is required and allows creating a default section (DEFAULT) for system-wide settings or repo-specific sections. The INI key-value pairs directly relate to the available long-options supported by pkgcheck scan and their related values. See the following examples for how certain config settings affect scanning:

  • Disable selected checks by default:

    [DEFAULT]
    checks = -UnstableOnlyCheck,-RedundantVersionCheck
    
  • Disable showing info level results for the gentoo repo:

    [gentoo]
    keywords = -info
    
  • Restrict scanning to the amd64 and x86 arches/profiles for the gentoo repo:

    [gentoo]
    arches = amd64,x86
    
  • Enable network checks that require Internet access for the gentoo repo using a custom timeout of 15 seconds:

    [gentoo]
    net =
    timeout = 15
    
  • Use the JSON reporter by default and disable all cache usage:

    [DEFAULT]
    reporter = JsonReporter
    cache = no
    
  • Set the default repo to target:

    [DEFAULT]
    repo = my_overlay
    

Custom checksets can also be configured via the CHECKSETS section. In essence, a checkset is an alias for a group of checks or keywords which can either be enabled or disabled. Configured checkset names can then be used with the pkgcheck scan -C/--checkset option enabling scanning for configured, custom sets of results. See the following examples for how to configure them:

  • Assign all python-related checks to the python checkset:

    [CHECKSETS]
    python = PythonCheck,PythonCompatCheck
    
  • Checksets also support disabling, e.g. assign all results related to ManifestCheck except DeprecatedChksum to the manifests checkset:

    [CHECKSETS]
    manifests = ManifestCheck,-DeprecatedChksum
    

Reporting Bugs

Please submit an issue via github:

https://github.com/pkgcore/pkgcheck/issues

See Also

pkgcore(5)