Merge branch 'main' into louis/self-update-gpg-verify

Author: louisunlimited

Package.resolved

@@ -1,4 +1,4 @@
-// swift-tools-version:6.0
+// swift-tools-version:6.2
 
 import PackageDescription
 
@@ -31,6 +31,7 @@ let package = Package(
         .package(url: "https://github.com/apple/swift-openapi-generator", from: "1.7.2"),
         .package(url: "https://github.com/apple/swift-openapi-runtime", from: "1.8.2"),
         .package(url: "https://github.com/apple/swift-system", from: "1.4.2"),
+        .package(url: "https://github.com/swiftlang/swift-subprocess", exact: "0.2.1", traits: []),
         // This dependency provides the correct version of the formatter so that you can run `swift run swiftformat Package.swift Plugins/ Sources/ Tests/`
         .package(url: "https://github.com/nicklockwood/SwiftFormat", exact: "0.49.18"),
     ],
@@ -67,6 +68,7 @@ let package = Package(
                 .product(name: "OpenAPIRuntime", package: "swift-openapi-runtime"),
                 .product(name: "OpenAPIAsyncHTTPClient", package: "swift-openapi-async-http-client"),
                 .product(name: "SystemPackage", package: "swift-system"),
+                .product(name: "Subprocess", package: "swift-subprocess"),
             ],
             swiftSettings: swiftSettings,
             plugins: ["GenerateCommandModels"]

Package.swift

@@ -1,4 +1,5 @@
 import Foundation
+import Subprocess
 import SwiftlyCore
 import SystemPackage
 
@@ -263,7 +264,13 @@ public struct Linux: Platform {
         }
 
         if requireSignatureValidation {
-            guard (try? self.runProgram("gpg", "--version", quiet: true)) != nil else {
+            let result = try await run(
+                .name("gpg"),
+                arguments: ["--version"],
+                output: .discarded
+            )
+
+            if !result.terminationStatus.isSuccess {
                 var msg = "gpg is not installed. "
                 if let manager {
                     msg += """
@@ -278,7 +285,7 @@ public struct Linux: Platform {
                 throw SwiftlyError(message: msg)
             }
 
-            try await importGpgKeys(ctx)
+            try await self.importGpgKeys(ctx)
         }
 
         guard let manager = manager else {
@@ -304,7 +311,12 @@ public struct Linux: Platform {
         do {
             switch manager {
             case "apt-get":
-                if let pkgList = try await self.runProgramOutput("dpkg", "-l", package) {
+                let result = try await run(.name("dpkg"), arguments: ["-l", package], output: .string(limit: 100 * 1024))
+                if !result.terminationStatus.isSuccess {
+                    return false
+                }
+
+                if let pkgList = result.standardOutput {
                     // The package might be listed but not in an installed non-error state.
                     //
                     // Look for something like this:
@@ -318,8 +330,8 @@ public struct Linux: Platform {
                 }
                 return false
             case "yum":
-                try self.runProgram("yum", "list", "installed", package, quiet: true)
-                return true
+                let result = try await run(.name("yum"), arguments: ["list", "installed", package], output: .discarded)
+                return result.terminationStatus.isSuccess
             default:
                 return true
             }
@@ -379,7 +391,15 @@ public struct Linux: Platform {
                 tmpDir / String(name)
             }
 
-            try self.runProgram((tmpDir / "swiftly").string, "init")
+            let config = Configuration(
+                executable: .path(tmpDir / "swiftly"),
+                arguments: ["init"]
+            )
+
+            let result = try await run(config, output: .standardOutput, error: .standardError)
+            if !result.terminationStatus.isSuccess {
+                throw RunProgramError(terminationStatus: result.terminationStatus, config: config)
+            }
         }
     }
 
@@ -402,8 +422,8 @@ public struct Linux: Platform {
         _ ctx: SwiftlyCoreContext, toolchainFile: ToolchainFile, archive: FilePath, verbose: Bool
     ) async throws {
         // Ensure GPG keys are imported before attempting signature verification
-        try await importGpgKeys(ctx)
-        
+        try await self.importGpgKeys(ctx)
+
         if verbose {
             await ctx.message("Downloading toolchain signature...")
         }
@@ -416,11 +436,9 @@ public struct Linux: Platform {
             await ctx.message("Verifying toolchain signature...")
             do {
                 if let mockedHomeDir = ctx.mockedHomeDir {
-                    var env = ProcessInfo.processInfo.environment
-                    env["GNUPGHOME"] = (mockedHomeDir / ".gnupg").string
-                    try await sys.gpg().verify(detached_signature: sigFile, signed_data: archive).run(self, env: env, quiet: false)
+                    try await sys.gpg().verify(detached_signature: sigFile, signed_data: archive).run(environment: .inherit.updating(["GNUPGHOME": (mockedHomeDir / ".gnupg").string]), quiet: false)
                 } else {
-                    try await sys.gpg().verify(detached_signature: sigFile, signed_data: archive).run(self, quiet: !verbose)
+                    try await sys.gpg().verify(detached_signature: sigFile, signed_data: archive).run(quiet: !verbose)
                 }
             } catch {
                 throw SwiftlyError(message: "Signature verification failed: \(error).")
@@ -437,9 +455,9 @@ public struct Linux: Platform {
             if let mockedHomeDir = ctx.mockedHomeDir {
                 var env = ProcessInfo.processInfo.environment
                 env["GNUPGHOME"] = (mockedHomeDir / ".gnupg").string
-                try await sys.gpg()._import(key: tmpFile).run(self, env: env, quiet: true)
+                try await sys.gpg()._import(key: tmpFile).run(environment: .init(env), quiet: true)
             } else {
-                try await sys.gpg()._import(key: tmpFile).run(self, quiet: true)
+                try await sys.gpg()._import(key: tmpFile).run(quiet: true)
             }
         }
     }
@@ -448,8 +466,8 @@ public struct Linux: Platform {
         _ ctx: SwiftlyCoreContext, archiveDownloadURL: URL, archive: FilePath, verbose: Bool
     ) async throws {
         // Ensure GPG keys are imported before attempting signature verification
-        try await importGpgKeys(ctx)
-        
+        try await self.importGpgKeys(ctx)
+
         if verbose {
             await ctx.message("Downloading swiftly signature...")
         }
@@ -464,11 +482,9 @@ public struct Linux: Platform {
             await ctx.message("Verifying swiftly signature...")
             do {
                 if let mockedHomeDir = ctx.mockedHomeDir {
-                    var env = ProcessInfo.processInfo.environment
-                    env["GNUPGHOME"] = (mockedHomeDir / ".gnupg").string
-                    try await sys.gpg().verify(detached_signature: sigFile, signed_data: archive).run(self, env: env, quiet: false)
+                    try await sys.gpg().verify(detached_signature: sigFile, signed_data: archive).run(environment: .inherit.updating(["GNUPGHOME": (mockedHomeDir / ".gnupg").string]), quiet: false)
                 } else {
-                    try await sys.gpg().verify(detached_signature: sigFile, signed_data: archive).run(self, quiet: !verbose)
+                    try await sys.gpg().verify(detached_signature: sigFile, signed_data: archive).run(quiet: !verbose)
                 }
             } catch {
                 throw SwiftlyError(message: "Signature verification failed: \(error).")
@@ -622,7 +638,7 @@ public struct Linux: Platform {
 
     public func getShell() async throws -> String {
         let userName = ProcessInfo.processInfo.userName
-        if let entry = try await sys.getent(database: "passwd", key: userName).entries(self).first {
+        if let entry = try await sys.getent(database: "passwd", key: userName).entries().first {
             if let shell = entry.last { return shell }
         }