From 1c8401be25e4749a2eee5ddc77ce7c6ac880c910 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Thu, 24 Aug 2023 20:19:41 +0100
Subject: much, much stricter, more verbose error handling

lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.

also: in "fetch", remove the downloaded program
if fail() was called.

this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.

where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.

also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.

also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout

as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error

mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.

certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds

certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.

doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 resources/scripts/misc/versioncheck | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'resources/scripts/misc/versioncheck')

diff --git a/resources/scripts/misc/versioncheck b/resources/scripts/misc/versioncheck
index 9ca82091..73fbb140 100755
--- a/resources/scripts/misc/versioncheck
+++ b/resources/scripts/misc/versioncheck
@@ -19,6 +19,10 @@
 [ "x${DEBUG+set}" = 'xset' ] && set -v
 set -u
 
+. "include/err.sh"
+
+project="$(cat projectname)"
+
 version="version-unknown"
 [ -f version ] && version="$(cat version)"
 version_="${version}"
@@ -37,3 +41,8 @@ if [ -e ".git" ]; then
 	    versiondate="${versiondate_}"
 	printf "%s\n" "${versiondate}" > versiondate
 fi
+
+if [ "${versiondate}" = "version-date-unknown" ] || \
+    [ "${version}" = "version-unknown" ]; then
+	err "cannot determine ${projectname} revision"
+fi
-- 
cgit v1.2.1