Merge pull request #4245 from lazka/pacman-update-6

Update pacman

pacman/0007-test-fixes.patch

@@ -11,7 +11,7 @@ diff --git a/test/pacman/pmtest.py b/test/pacman/pmtest.py
 index 94b0930..bc4f2e3 100644
 --- a/test/pacman/pmtest.py
 +++ b/test/pacman/pmtest.py
-@@ -294,8 +294,10 @@ class pmtest(object):
+@@ -294,8 +294,10 @@ def run(self, pacman):
          # Change to the tmp dir before running pacman, so that local package
          # archives are made available more easily.
          time_start = time.time()

pacman/0008-Remove-everything-related-to-sudo-fakeroot-file-perm.patch

@@ -326,7 +326,7 @@ diff --git a/test/pacman/pmtest.py b/test/pacman/pmtest.py
 index bc4f2e3..f008f22 100644
 --- a/test/pacman/pmtest.py
 +++ b/test/pacman/pmtest.py
-@@ -239,19 +239,6 @@ class pmtest(object):
+@@ -239,19 +239,6 @@ def run(self, pacman):
          vprint("\tpacman %s" % self.args)
  
          cmd = []

pacman/0016-Remove-ldconfig.patch

@@ -153,7 +153,7 @@ index 184f94d..5e042fd 100755
      parser.add_option("--review", action = "store_true",
                        dest = "review", default = False,
                        help = "review test files, test output, and saved logs")
-@@ -146,7 +143,6 @@ if __name__ == "__main__":
+@@ -146,7 +143,6 @@ def create_parser():
      env.pacman["valgrind"] = opts.valgrind
      env.pacman["manual-confirm"] = opts.manualconfirm
      env.pacman["scriptlet-shell"] = opts.scriptletshell
@@ -165,7 +165,7 @@ diff --git a/test/pacman/pmtest.py b/test/pacman/pmtest.py
 index f008f22..e6a3fbd 100644
 --- a/test/pacman/pmtest.py
 +++ b/test/pacman/pmtest.py
-@@ -133,12 +133,10 @@ class pmtest(object):
+@@ -133,12 +133,10 @@ def generate(self, pacman):
          logdir = os.path.join(self.root, os.path.dirname(util.LOGFILE))
          etcdir = os.path.join(self.root, os.path.dirname(util.PACCONF))
          bindir = os.path.join(self.root, "bin")
@@ -179,7 +179,7 @@ index f008f22..e6a3fbd 100644
          for sys_dir in sys_dirs:
              if not os.path.isdir(sys_dir):
                  vprint("\t%s" % sys_dir[len(self.root)+1:])
-@@ -147,10 +145,6 @@ class pmtest(object):
+@@ -147,10 +145,6 @@ def generate(self, pacman):
          shutil.copy("/bin/sh", bindir)
          if shell != "bin/sh":
              shutil.copy("/bin/sh", os.path.join(self.root, shell))

pacman/0032-pacman-key-pass-allow-weak-key-signatures-during-imp.patch

@@ -0,0 +1,40 @@
+From 490334306c2e906ed97f09bd4a87f2afed200029 Mon Sep 17 00:00:00 2001
+From: Christoph Reiter <reiter.christoph@gmail.com>
+Date: Fri, 8 Dec 2023 12:55:32 +0100
+Subject: [PATCH 32/N] pacman-key: pass --allow-weak-key-signatures during
+ import
+
+Our keyring contains SHA1 signatures, which gnupg 2.4 no longer imports
+by default. We can't easily get rid of them now, so allow them for now.
+
+See https://github.com/msys2/MSYS2-keyring/issues/45
+---
+ scripts/pacman-key.sh.in | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
+index c667006..50965a5 100644
+--- a/scripts/pacman-key.sh.in
++++ b/scripts/pacman-key.sh.in
+@@ -319,7 +319,9 @@ populate_keyring() {
+ 	# Add keys from requested keyrings
+ 	for keyring in "${KEYRINGIDS[@]}"; do
+ 		msg "$(gettext "Appending keys from %s.gpg...")" "$keyring"
+-		"${GPG_PACMAN[@]}" --quiet --import "${KEYRING_IMPORT_DIR}/${keyring}.gpg"
++		# FIXME: --allow-weak-key-signatures is a workaround for
++		# https://github.com/msys2/MSYS2-keyring/issues/45
++		"${GPG_PACMAN[@]}" --allow-weak-key-signatures --quiet --import "${KEYRING_IMPORT_DIR}/${keyring}.gpg"
+ 	done
+ 
+ 	# Read the trusted key IDs to an array. Because this is an ownertrust
+@@ -566,7 +568,9 @@ refresh_keys() {
+ 		done
+ 
+ 		# if no key was found, fall back to using the keyservers (with the key fingerprint instead)
+-		if (( $? )) &&  ! "${GPG_PACMAN[@]}" --refresh-keys "$id"; then
++		# FIXME: --allow-weak-key-signatures is a workaround for
++		# https://github.com/msys2/MSYS2-keyring/issues/45
++		if (( $? )) &&  ! "${GPG_PACMAN[@]}" --allow-weak-key-signatures --refresh-keys "$id"; then
+ 			error "$(gettext "Could not update key: %s")" "$id"
+ 			ret=1
+ 		fi

pacman/PKGBUILD

@@ -4,10 +4,11 @@
 
 pkgname=pacman
 pkgver=6.0.2
-pkgrel=11
+pkgrel=12
 pkgdesc="A library-based package manager with dependency support (MSYS2 port)"
 arch=('i686' 'x86_64')
 url="https://www.archlinux.org/pacman/"
+msys2_repository_url="https://github.com/msys2/msys2-pacman"
 license=('spdx:GPL-2.0-or-later')
 depends=('bash>=4.2.045'
          'gettext'
@@ -72,7 +73,8 @@ source=(pacman-${pkgver}::git+https://gitlab.archlinux.org/pacman/pacman.git#com
         0028-Add-a-CI-job.patch
         0029-Fix-building-staticlibs-with-LTO.patch
         0030-Make-lint_pkgbuild-opt-in-via-MAKEPKG_LINT_PKGBUILD-.patch
-        0031-libmakepkg-fix-compatibility-with-bash-5.2-patsub_re.patch)
+        0031-libmakepkg-fix-compatibility-with-bash-5.2-patsub_re.patch
+        0032-pacman-key-pass-allow-weak-key-signatures-during-imp.patch)
 validpgpkeys=('6645B0A8C7005E78DB1D7864F99FFE0FEAE999BD'  # Allan McRae <allan@archlinux.org>
               'B8151B117037781095514CA7BBDFFC92306B1121') # Andrew Gregory (pacman) <andrew@archlinux.org>
 sha256sums=('SKIP'
@@ -86,8 +88,8 @@ sha256sums=('SKIP'
             'ca1ec64e74ed557ccf3db8d0ff5e22a52b0b52b6451454f76fd02d1eac082484'
             'cdcdcdbc4496caa852131c72f65ac770d68fec09e259509b1398a99e6e9dc5d6'
             '4b3e3cd1ba7d0f513b75a83b27550f308a4a6731427ed27fc7fedf5aa57d57b2'
-            '305c98e5b9f26787eeaa48ac541dcaf69eb988221b2e1a60e0c097b5b64824aa'
-            '8e0ff83f6183e94026e2c7fc603e3dfc06702a002d59c7a3c42795e3ccd0df1e'
+            'd49fd3812a824dceb2198bac392b7b635bf96ec4382ac899f9c3dac55ec6aeff'
+            '98b7e35864a3a24bb882a2eeab1b1c4db28f4c4d15af1e4340a35e0afb3877f1'
             '11cfe55af4ebe46427f55ef4e02fd5862b9936dcc0cae46a2b9693dcd676a17e'
             '27d65613f58f3c114eda732a5683bfe10c48f36a576e5fa913492f55e8152a92'
             'c554b9fdccb3815e9db3594533fe2a9c890049d02eb884b19ac3c892e09910b6'
@@ -95,7 +97,7 @@ sha256sums=('SKIP'
             '3061622244395175c7330d369f464c4a65c7e75b97dcc13437e8561fa29150fc'
             '9508ddbc126e97bcfb9e0c9c8de6573f3abbf8b2d18814ce2c8576b285eca502'
             '90aab35cf01950423638b7af3c3931d4a342b3671086814b99d53e3f847f3736'
-            'b5945ecf365acee5fb4caca51caf1d6fe2da050eb33127e0b4b00b74202aa616'
+            '9ade03d4ce8644542f79d847852bf37714567b99d5b183cb7d10a5f53597dcde'
             '6c5e124d483b64e7b0ad7aa001c943550d5be76965f2272708083b0995c99af2'
             '5d27de39618780371a627ed020624bdce05b3e11784b23941e9f5248e7087f3f'
             '7285a21f2c1082ca51befe90daaea19784c22a839e94da882d0d80f23a9f03e3'
@@ -110,7 +112,8 @@ sha256sums=('SKIP'
             '347222818ffbbc2b72bfe7cdb9e00247cae240372ac629aa5fd1e9386813d9ca'
             '80796220c074856f55a63d4ef576f5b5d45cfa4fdc5701b5c7f384e5d92d72bd'
             '7b8588bb8ac9c2c74bc5b537e3e17ea90c81d8cf70ea2bd8ff48e3583c24d67f'
-            'c5cd177455d2f403f1d7d6dc7f9d19925c8b7662f1984ed9eae91af0f49697b2')
+            'c5cd177455d2f403f1d7d6dc7f9d19925c8b7662f1984ed9eae91af0f49697b2'
+            'a2a77d0f37133874b4ee2636569afccebcc1b972833b215cd9c756a4c202ea30')
 
 apply_git_with_msg() {
   for _patch in "$@"
@@ -157,7 +160,8 @@ prepare() {
   0028-Add-a-CI-job.patch \
   0029-Fix-building-staticlibs-with-LTO.patch \
   0030-Make-lint_pkgbuild-opt-in-via-MAKEPKG_LINT_PKGBUILD-.patch \
-  0031-libmakepkg-fix-compatibility-with-bash-5.2-patsub_re.patch
+  0031-libmakepkg-fix-compatibility-with-bash-5.2-patsub_re.patch \
+  0032-pacman-key-pass-allow-weak-key-signatures-during-imp.patch
 }
 
 build() {