BTCPrivate
/
BTCP-Rebase
mirror of https://github.com/BTCPrivate/BTCP-Rebase.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
BTCP-Rebase/contrib/devtools
History
Cory Fields aa26ee0101
release: Add security/export checks to gitian and fix current failures 
- fix parsing of BIND_NOW with older readelf
- add _IO_stdin_used to ignored exports

For details see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634261#109

- add check-symbols and check-security make targets

These are not added to the default checks because some of them depend on
release-build configs.

- always link librt for glibc back-compat builds

glibc absorbed clock_gettime in 2.17. librt (its previous location) is safe to
link in anyway for back-compat.

Fixes #7420

- add security/symbol checks to gitian

Github-Pull: #7424
Rebased-From: cd27bf51e0 475813ba5b f3d3eaf78e a8ce872118 a81c87fafc
 		2016-01-27 11:33:33 +01:00
..
README.md Bump copyright headers to 2015 2016-01-05 14:13:33 +01:00
clang-format.py [devtools] add clang-format.py 2015-10-15 19:43:16 +02:00
fix-copyright-headers.py Bump copyright headers to 2015 2016-01-05 14:13:33 +01:00
git-subtree-check.sh Add git-subtree-check.sh script 2015-04-02 17:52:52 -07:00
github-merge.sh devtools: don't push if signing fails in github-merge 2015-09-18 06:03:17 +02:00
optimize-pngs.py [trivial] Make optimize-pngs.py also cover share/pixmaps 2015-10-09 17:09:05 +02:00
security-check.py release: Add security/export checks to gitian and fix current failures 2016-01-27 11:33:33 +01:00
symbol-check.py release: Add security/export checks to gitian and fix current failures 2016-01-27 11:33:33 +01:00
test-security-check.py devtools: Add security-check.py 2015-10-22 03:35:38 +02:00
update-translations.py Bugfix: update-translations: Allow numerus translations to omit %n specifier (usually when it only has one possible value) 2016-01-04 12:01:01 +01:00

README.md

Contents

This directory contains tools for developers working on this repository.

clang-format.py

A script to format cpp source code according to .clang-format. This should only be applied to new files or files which are currently not actively developed on. Also, git subtrees are not subject to formatting.

fix-copyright-headers.py

Every year newly updated files need to have its copyright headers updated to reflect the current year. If you run this script from the root folder it will automatically update the year on the copyright header for all source files if these have a git commit from the current year.

For example a file changed in 2015 (with 2015 being the current year):

// Copyright (c) 2009-2013 The Bitcoin Core developers

would be changed to:

// Copyright (c) 2009-2015 The Bitcoin Core developers

git-subtree-check.sh

Run this script from the root of the repository to verify that a subtree matches the contents of the commit it claims to have been updated to.

To use, make sure that you have fetched the upstream repository branch in which the subtree is maintained:

Usage: git-subtree-check.sh DIR COMMIT

COMMIT may be omitted, in which case HEAD is used.

github-merge.sh

A small script to automate merging pull-requests securely and sign them with GPG.

For example:

./github-merge.sh bitcoin/bitcoin 3077

(in any git repository) will help you merge pull request #3077 for the bitcoin/bitcoin repository.

What it does:

  • Fetch master and the pull request.
  • Locally construct a merge commit.
  • Show the diff that merge results in.
  • Ask you to verify the resulting source tree (so you can do a make check or whatever).
  • Ask you whether to GPG sign the merge commit.
  • Ask you whether to push the result upstream.

This means that there are no potential race conditions (where a pullreq gets updated while you're reviewing it, but before you click merge), and when using GPG signatures, that even a compromised github couldn't mess with the sources.

Setup

Configuring the github-merge tool for the bitcoin repository is done in the following way:

git config githubmerge.repository bitcoin/bitcoin
git config githubmerge.testcmd "make -j4 check" (adapt to whatever you want to use for testing)
git config --global user.signingkey mykeyid (if you want to GPG sign)

optimize-pngs.py

A script to optimize png files in the bitcoin repository (requires pngcrush).

security-check.py and test-security-check.py

Perform basic ELF security checks on a series of executables.

symbol-check.py

A script to check that the (Linux) executables produced by gitian only contain allowed gcc, glibc and libstdc++ version symbols. This makes sure they are still compatible with the minimum supported Linux distribution versions.

Example usage after a gitian build:

find ../gitian-builder/build -type f -executable | xargs python contrib/devtools/symbol-check.py

If only supported symbols are used the return value will be 0 and the output will be empty.

If there are 'unsupported' symbols, the return value will be 1 a list like this will be printed:

.../64/test_bitcoin: symbol memcpy from unsupported version GLIBC_2.14
.../64/test_bitcoin: symbol __fdelt_chk from unsupported version GLIBC_2.15
.../64/test_bitcoin: symbol std::out_of_range::~out_of_range() from unsupported version GLIBCXX_3.4.15
.../64/test_bitcoin: symbol _ZNSt8__detail15_List_nod from unsupported version GLIBCXX_3.4.15

update-translations.py

Run this script from the root of the repository to update all translations from transifex. It will do the following automatically:

  • fetch all translations
  • post-process them into valid and committable format
  • add missing translations to the build system (TODO)

See doc/translation-process.md for more information.