namcap - package analysis utility
namcap [options] <package|PKGBUILD> [package|PKGBUILD] ...
namcap is a package analysis utility that looks for problems with Arch Linux packages or their PKGBUILD files. It can apply rules to the file list, the files themselves, or individual PKGBUILD files.
Rules return lists of messages. Each message can be one of three types: error, warning, or information (think of them as notes or comments). Errors (designated by 'E:') are things that namcap is very sure are wrong and need to be fixed. Warnings (designated by 'W:') are things that namcap thinks should be changed but if you know what you're doing then you can leave them. Information (designated 'I:') are only shown when you use the info argument. Information messages give information that might be helpful but isn't anything that needs changing.
- -e RULELIST, --exclude=RULELIST
- Do not run RULELIST rules on the package
- -i, --info
- display information messages
- -L, --list
- return a list of valid rules and their descriptions
- -m, --machine-readable
- displays easily parseable namcap tags instead of the normal human readable description; for example using non-fhs-man-page instead of "Non-FHS man page (%s) found. Use /usr/share/man instead". A full list of namcap tags along with their human readable descriptions can be found at /usr/share/namcap/tags.
- -r RULELIST, --rules=RULELIST
- only apply RULELIST rules to the package
- RULELIST is a comma-separated list of rule names
- -v, --version
- print version and exit
- Verifies that array variables are actually arrays and not strings
- Verifies that backup entries don't begin with /
- Looks for references to i686 and i586 and tells you to use $CARCH instead
- Checks a PKGBUILD to verify that the package name has no upper case characters
- Checks a package to verify that the package name has no upper case characters
- Makes sure that a PKGBUILD includes valid checksums
- This module runs ldd on all executables, gets the link-level dependencies,
finds the smallest subset of dependencies that cover the link-level
dependencies, and compares that list to the depends of the package. It
returns messages in three cases: dependency detected and not included,
dependency included but already satisfied, and dependency included and not
needed. These suggestions are just guidelines and all package builders
should take this into account (i.e. you're smarter than namcap is)
Some cases where namcap fails are dlopen() and obscure links. dlopen()'d libraries don't show up because they are loaded at run time: in the case of a program that loads plugins. Obscure links are the cases where only a small portion of the package needs something to run; usually, the small portion won't be accessed unless that thing is installed (i.e. a java plugin for mozilla included in the java package).
- Checks the directory names in the package file list for standard directories (i.e. /etc, /usr/bin, /usr/lib). All files in directories that are non-standard are returned
- Gives an error if it finds ELF (binary) files outside the standard paths (/bin, /usr/bin, etc.)
- Looks for directories in a package that don't contain any files
- Verifies that extra variables start with an underscore
- Verifies correct installation of info pages
- Verifies correct installation of man pages
- Verifies that all files are owned by root:root and not some other user or group
- Checks for generated GNOME mime files
- Checks whether the hicolor icon cache is updated when a package installs files in /usr/share/icons/hicolor
- Verifies that a package does not contain the info directory file (/usr/share/info/dir)
- Any PKGBUILDs that refer to files in $startdir are incorrect
- Warns if libtool (*.la) files are present
- Verifies that the licenses variable has been filled in in a PKGBUILD.
- Verifies that the licenses variable has been filled in in a package. For packages with a custom license it checks whether the license file has been installed in /usr/share/licenses/$pkgname/
- Searches for perllocal.pod. perllocal.pod is a nasty file that's included during most perl module installations
- Checks basic file and and directory permissions. It returns warnings about world readable bits not being set, world writable bits being set, and world executable bit not being set for directories
- Gives an error if a binary has RPATH set to something other than /usr/lib
- Gives an error if a binary has RUNPATH set to something other than /usr/lib, /usr/lib32
- Verifies that there aren't any scrollkeeper directories
- Warns if a PKGBUILD is downloading from a specific sourceforge mirror instead of the generic downloads.sourceforge.net
- Finds out symbolic and hard links which do not point to a valid path in the package
- For package maintainers, this module verifies that we have remembered to add a Maintainer and Contributor comment.
- Verifies that we have the url variable set in the PKGBUILD
- Verifies that we have the url variable set in the package file
Copyright © 2003-2009 Jason Chu
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Jason Chu <email@example.com> Abhishek Dasgupta <firstname.lastname@example.org> Hugo Doria <email@example.com> Dan McGee <firstname.lastname@example.org> Allan McRae <email@example.com> Jesse Young <firstname.lastname@example.org> JJDaNiMoTh <email@example.com> Kyle Keen <firstname.lastname@example.org>
|June 23, 2022||namcap 3.3.1|