From ca65a78a9ace0aeb2565df0da171727c04c33970 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Tue, 10 Sep 2013 09:39:40 +0200
Subject: webapp: close database cursors

Leaking them can result in running out of available filedescriptors.
---
 webapp.py | 98 ++++++++++++++++++++++++++++++++-------------------------------
 1 file changed, 50 insertions(+), 48 deletions(-)

diff --git a/webapp.py b/webapp.py
index d5f076e..4478ba0 100755
--- a/webapp.py
+++ b/webapp.py
@@ -1,5 +1,6 @@
 #!/usr/bin/python
 
+import contextlib
 import datetime
 import optparse
 import sqlite3
@@ -98,42 +99,43 @@ class Application(object):
             return e
 
     def get_details(self, package):
-        cur = self.db.cursor()
-        cur.execute("SELECT id, version, architecture FROM package WHERE name = ?;",
-                    (package,))
-        row = cur.fetchone()
-        if not row:
-            raise NotFound()
-        pid, version, architecture = row
-        details = dict(pid=pid,
-                       package=package,
-                       version=version,
-                       architecture=architecture)
-        cur.execute("SELECT count(filename), sum(size) FROM content WHERE pid = ?;",
-                    (pid,))
-        num_files, total_size = cur.fetchone()
+        with contextlib.closing(self.db.cursor()) as cur:
+            cur.execute("SELECT id, version, architecture FROM package WHERE name = ?;",
+                        (package,))
+            row = cur.fetchone()
+            if not row:
+                raise NotFound()
+            pid, version, architecture = row
+            details = dict(pid=pid,
+                           package=package,
+                           version=version,
+                           architecture=architecture)
+            cur.execute("SELECT count(filename), sum(size) FROM content WHERE pid = ?;",
+                        (pid,))
+            num_files, total_size = cur.fetchone()
         if total_size is None:
             total_size = 0
         details.update(dict(num_files=num_files, total_size=total_size))
         return details
 
     def get_dependencies(self, pid):
-        cur = self.db.cursor()
-        cur.execute("SELECT required FROM dependency WHERE pid = ?;",
-                    (pid,))
-        return set(row[0] for row in fetchiter(cur))
+        with contextlib.closing(self.db.cursor()) as cur:
+            cur.execute("SELECT required FROM dependency WHERE pid = ?;",
+                        (pid,))
+            return set(row[0] for row in fetchiter(cur))
 
     def cached_sharedstats(self, pid):
-        cur = self.db.cursor()
         sharedstats = {}
-        cur.execute("SELECT pid2, package.name, f1.name, f2.name, files, size FROM sharing JOIN package ON sharing.pid2 = package.id JOIN function AS f1 ON sharing.fid1 = f1.id JOIN function AS f2 ON sharing.fid2 = f2.id WHERE pid1 = ? AND f1.eqclass = f2.eqclass;",
-                    (pid,))
-        for pid2, package2, func1, func2, files, size in fetchiter(cur):
-            curstats = sharedstats.setdefault(
-                    function_combination(func1, func2), list())
-            if pid2 == pid:
-                package2 = None
-            curstats.append(dict(package=package2, duplicate=files, savable=size))
+        with contextlib.closing(self.db.cursor()) as cur:
+            cur.execute("SELECT pid2, package.name, f1.name, f2.name, files, size FROM sharing JOIN package ON sharing.pid2 = package.id JOIN function AS f1 ON sharing.fid1 = f1.id JOIN function AS f2 ON sharing.fid2 = f2.id WHERE pid1 = ? AND f1.eqclass = f2.eqclass;",
+                        (pid,))
+            for pid2, package2, func1, func2, files, size in fetchiter(cur):
+                curstats = sharedstats.setdefault(
+                        function_combination(func1, func2), list())
+                if pid2 == pid:
+                    package2 = None
+                curstats.append(dict(package=package2, duplicate=files,
+                                     savable=size))
         return sharedstats
 
     def show_package(self, package):
@@ -206,12 +208,12 @@ class Application(object):
         return html_response(detail_template.stream(params))
 
     def show_hash(self, function, hashvalue):
-        cur = self.db.cursor()
-        cur.execute("SELECT package.name, content.filename, content.size, f2.name FROM hash JOIN content ON hash.cid = content.id JOIN package ON content.pid = package.id JOIN function AS f2 ON hash.fid = f2.id JOIN function AS f1 ON f2.eqclass = f1.eqclass WHERE f1.name = ? AND hash = ?;",
-                    (function, hashvalue,))
-        entries = [dict(package=package, filename=filename, size=size,
-                        function=otherfunc)
-                   for package, filename, size, otherfunc in fetchiter(cur)]
+        with contextlib.closing(self.db.cursor()) as cur:
+            cur.execute("SELECT package.name, content.filename, content.size, f2.name FROM hash JOIN content ON hash.cid = content.id JOIN package ON content.pid = package.id JOIN function AS f2 ON hash.fid = f2.id JOIN function AS f1 ON f2.eqclass = f1.eqclass WHERE f1.name = ? AND hash = ?;",
+                        (function, hashvalue,))
+            entries = [dict(package=package, filename=filename, size=size,
+                            function=otherfunc)
+                       for package, filename, size, otherfunc in fetchiter(cur)]
         if not entries:
             raise NotFound()
         params = dict(function=function, hashvalue=hashvalue, entries=entries,
@@ -219,21 +221,21 @@ class Application(object):
         return html_response(hash_template.render(params))
 
     def show_source(self, package):
-        cur = self.db.cursor()
-        cur.execute("SELECT name FROM package WHERE source = ?;",
-                    (package,))
-        binpkgs = dict.fromkeys(pkg for pkg, in fetchiter(cur))
-        if not binpkgs:
-            raise NotFound
-        cur.execute("SELECT p1.name, p2.name, f1.name, f2.name, sharing.files, sharing.size FROM sharing JOIN package AS p1 ON sharing.pid1 = p1.id JOIN package AS p2 ON sharing.pid2 = p2.id JOIN function AS f1 ON sharing.fid1 = f1.id JOIN function AS f2 ON sharing.fid2 = f2.id WHERE p1.source = ?;",
-                    (package,))
-        for binary, otherbin, func1, func2, files, size in fetchiter(cur):
-            entry = dict(package=otherbin,
-                         funccomb=function_combination(func1, func2),
-                         duplicate=files, savable=size)
-            oldentry = binpkgs.get(binary)
-            if not (oldentry and oldentry["savable"] >= size):
-                binpkgs[binary] = entry
+        with contextlib.closing(self.db.cursor()) as cur:
+            cur.execute("SELECT name FROM package WHERE source = ?;",
+                        (package,))
+            binpkgs = dict.fromkeys(pkg for pkg, in fetchiter(cur))
+            if not binpkgs:
+                raise NotFound
+            cur.execute("SELECT p1.name, p2.name, f1.name, f2.name, sharing.files, sharing.size FROM sharing JOIN package AS p1 ON sharing.pid1 = p1.id JOIN package AS p2 ON sharing.pid2 = p2.id JOIN function AS f1 ON sharing.fid1 = f1.id JOIN function AS f2 ON sharing.fid2 = f2.id WHERE p1.source = ?;",
+                        (package,))
+            for binary, otherbin, func1, func2, files, size in fetchiter(cur):
+                entry = dict(package=otherbin,
+                             funccomb=function_combination(func1, func2),
+                             duplicate=files, savable=size)
+                oldentry = binpkgs.get(binary)
+                if not (oldentry and oldentry["savable"] >= size):
+                    binpkgs[binary] = entry
         params = dict(source=package, packages=binpkgs, urlroot="..")
         return html_response(source_template.render(params))
 
-- 
cgit v1.2.3


From 786c4f93ea318a3c22479f80531594435fb036c3 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Wed, 11 Sep 2013 08:35:41 +0200
Subject: webapp: open cursors less often

On the main instance opening cursors equals initiating a connection.
Unfortunately sqlite3.Connection.close does not close filedescriptors.
So just open less cursors to leak filedescriptors less often.
---
 webapp.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapp.py b/webapp.py
index 4478ba0..665ac23 100755
--- a/webapp.py
+++ b/webapp.py
@@ -166,6 +166,7 @@ class Application(object):
         cursize = -1
         files = dict()
         minmatch = 2 if pid1 == pid2 else 1
+        cur2 = self.db.cursor()
         for cid, filename, size, hashvalue in fetchiter(cur):
             if cursize != size:
                 for entry in files.values():
@@ -181,13 +182,12 @@ class Application(object):
             entry = dict(filenames=set((filename,)), size=size, matches={})
             files[hashvalue] = entry
 
-            cur2 = self.db.cursor()
             cur2.execute("SELECT fa.name, ha.hash, fb.name, filename FROM hash AS ha JOIN hash AS hb ON ha.hash = hb.hash JOIN content ON hb.cid = content.id JOIN function AS fa ON ha.fid = fa.id JOIN function AS fb ON hb.fid = fb.id WHERE ha.cid = ? AND pid = ?;",
                          (cid, pid2))
             for func1, hashvalue, func2, filename in fetchiter(cur2):
                 entry["matches"].setdefault(filename, {})[func1, func2] = \
                         hashvalue
-            cur2.close()
+        cur2.close()
         cur.close()
 
         for entry in files.values():
-- 
cgit v1.2.3


From d228c0a4a5827325bca47d63ea287c7cb56537ea Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Thu, 3 Oct 2013 08:51:41 +0200
Subject: work around python-debian's #670679

---
 dedup/debpkg.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dedup/debpkg.py b/dedup/debpkg.py
index d8cc22f..2d67135 100644
--- a/dedup/debpkg.py
+++ b/dedup/debpkg.py
@@ -16,8 +16,8 @@ def process_control(control_contents):
         source = package
     version = control["version"].encode("ascii")
     architecture = control["architecture"].encode("ascii")
-
-    depends = set(dep[0]["name"].encode("ascii")
+    # deb822 currently returns :any dependencies raw. see #670679
+    depends = set(dep[0]["name"].split(u':', 1)[0].encode("ascii")
                   for dep in control.relations.get("depends", ())
                   if len(dep) == 1)
     return dict(package=package, source=source, version=version,
-- 
cgit v1.2.3


From 17597b5e828f9bbc9b0159102b173c284c23a140 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Wed, 19 Feb 2014 07:54:21 +0100
Subject: DecompressedHash should fail on trailing input

Otherwise all files smaller than 10 bytes are successfully hashed to the
hash of the empty input when using the GzipDecompressor.

Reported-By: Olly Betts
---
 dedup/hashing.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/dedup/hashing.py b/dedup/hashing.py
index 002eda8..5f015b2 100644
--- a/dedup/hashing.py
+++ b/dedup/hashing.py
@@ -49,9 +49,13 @@ class DecompressedHash(object):
 
     def hexdigest(self):
         if not hasattr(self.decompressor, "flush"):
+            if self.decompressor.unused_data:
+                raise ValueError("decompressor did not consume all data")
             return self.hashobj.hexdigest()
         tmpdecomp = self.decompressor.copy()
         data = tmpdecomp.flush()
+        if tmpdecomp.unused_data:
+            raise ValueError("decompressor did not consume all data")
         tmphash = self.hashobj.copy()
         tmphash.update(data)
         return tmphash.hexdigest()
-- 
cgit v1.2.3


From d467a2a4e85d4b6f09bd2e3dc70466bfcc45a577 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Wed, 19 Feb 2014 14:19:56 +0100
Subject: GzipDecompressor: don't treat checksum as garbage trailer

---
 dedup/compression.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/dedup/compression.py b/dedup/compression.py
index 869c49f..4ce258c 100644
--- a/dedup/compression.py
+++ b/dedup/compression.py
@@ -5,8 +5,11 @@ class GzipDecompressor(object):
     """An interface to gzip which is similar to bz2.BZ2Decompressor and
     lzma.LZMADecompressor."""
     def __init__(self):
+        self.sawheader = False
         self.inbuffer = b""
         self.decompressor = None
+        self.crc = 0
+        self.size = 0
 
     def decompress(self, data):
         """
@@ -16,6 +19,8 @@ class GzipDecompressor(object):
         while True:
             if self.decompressor:
                 data = self.decompressor.decompress(data)
+                self.crc = zlib.crc32(data, self.crc)
+                self.size += len(data)
                 unused_data = self.decompressor.unused_data
                 if not unused_data:
                     return data
@@ -45,13 +50,20 @@ class GzipDecompressor(object):
                 return b""
             data = self.inbuffer[skip:]
             self.inbuffer = b""
+            self.sawheader = True
             self.decompressor = zlib.decompressobj(-zlib.MAX_WBITS)
 
     @property
     def unused_data(self):
         if self.decompressor:
             return self.decompressor.unused_data
+        elif not self.sawheader:
+            return self.inbuffer
         else:
+            expect = struct.pack("<ll", self.crc, self.size)
+            if self.inbuffer.startswith(expect) and \
+                    self.inbuffer[len(expect):].replace("\0", "") == "":
+                return b""
             return self.inbuffer
 
     def flush(self):
@@ -67,6 +79,9 @@ class GzipDecompressor(object):
         new.inbuffer = self.inbuffer
         if self.decompressor:
             new.decompressor = self.decompressor.copy()
+        new.sawheader = self.sawheader
+        new.crc = self.crc
+        new.size = self.size
         return new
 
 class DecompressedStream(object):
-- 
cgit v1.2.3


From 332ac9eafb235443f163c606ced95dcbd615815e Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Wed, 19 Feb 2014 14:21:20 +0100
Subject: blacklist content rather than hashes

Otherwise the gzip hash cannot tell the empty stream and the
compressed empty stream apart.
---
 dedup/hashing.py | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 importpkg.py     | 15 +++++----------
 2 files changed, 55 insertions(+), 10 deletions(-)

diff --git a/dedup/hashing.py b/dedup/hashing.py
index 5f015b2..70f6268 100644
--- a/dedup/hashing.py
+++ b/dedup/hashing.py
@@ -1,3 +1,5 @@
+import itertools
+
 class HashBlacklist(object):
     """Turn a hashlib-like object into a hash that returns None for some
     blacklisted hashes instead of the real hash value.
@@ -29,6 +31,54 @@ class HashBlacklist(object):
     def copy(self):
         return HashBlacklist(self.hashobj.copy(), self.blacklist)
 
+class HashBlacklistContent(object):
+    """Turn a hashlib-like object into a hash that returns None for some
+    blacklisted content instead of the real hash value. Unlike HashBlacklist,
+    not the output of the hash is considered, but its input."""
+
+    def __init__(self, hashobj, blacklist=(), maxlen=None):
+        """
+        @param hashobj: a hashlib-like object
+        @param blacklist: an object providing __contains__.
+            hash inputs which are contained in the blacklist
+            are turned into None values
+        @param maxlen: the maximum length of a blacklisted input.
+            Defaults to max(map(len, blacklist)), so if it is absent,
+            the blacklist must support iteration.
+        """
+        self.hashobj = hashobj
+        self.blacklist = blacklist
+        if maxlen is None:
+            # the chain avoids passing the empty sequence to max
+            maxlen = max(itertools.chain((0,), itertools.imap(len, blacklist)))
+        self.maxlen = maxlen
+        self.stored = ""
+
+    @property
+    def name(self):
+        return self.hashobj.name
+
+    def update(self, data):
+        if self.stored is not None:
+            self.stored += data
+            if len(self.stored) > self.maxlen:
+                self.stored = None
+        self.hashobj.update(data)
+
+    def digest(self):
+        if self.stored is not None and self.stored in self.blacklist:
+            return None
+        return self.hashobj.digest()
+
+    def hexdigest(self):
+        if self.stored is not None and self.stored in self.blacklist:
+            return None
+        return self.hashobj.hexdigest()
+
+    def copy(self):
+        return HashBlacklistContent(self.hashobj.copy(), self.blacklist,
+                                    self.maxlen)
+
 class DecompressedHash(object):
     """Apply a decompression function before the hash. This class provides the
     hashlib interface (update, hexdigest, copy) excluding digest and name."""
diff --git a/importpkg.py b/importpkg.py
index 54f6181..cb16f97 100755
--- a/importpkg.py
+++ b/importpkg.py
@@ -16,26 +16,21 @@ import yaml
 
 from dedup.arreader import ArReader
 from dedup.debpkg import process_control, get_tar_hashes
-from dedup.hashing import HashBlacklist, DecompressedHash, SuppressingHash, \
-    HashedStream
+from dedup.hashing import DecompressedHash, SuppressingHash, HashedStream, \
+        HashBlacklistContent
 from dedup.compression import GzipDecompressor, DecompressedStream
 from dedup.image import GIFHash, PNGHash
 
-boring_sha512_hashes = set((
-    # ""
-    "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
-    # "\n"
-    "be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09"))
+boring_content = set(("", "\n"))
 
 def sha512_nontrivial():
-    return HashBlacklist(hashlib.sha512(), boring_sha512_hashes)
+    return HashBlacklistContent(hashlib.sha512(), boring_content)
 
 def gziphash():
     hashobj = DecompressedHash(GzipDecompressor(), hashlib.sha512())
     hashobj = SuppressingHash(hashobj, (ValueError, zlib.error))
     hashobj.name = "gzip_sha512"
-    # don't blacklist boring hashes for gzip to get gzip issues right
-    return hashobj
+    return HashBlacklistContent(hashobj, boring_content)
 
 def pnghash():
     hashobj = PNGHash(hashlib.sha512())
-- 
cgit v1.2.3


From 7389e4b00f6add611e8d6b318654056097d6d546 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Fri, 21 Feb 2014 21:59:04 +0100
Subject: update_sharing: weaken assumptions about db layout

Hash functions are partitioned into equivalence classes. We are
generally only interested in sharing among hash functions with the same
equivalence class, but the algorithm would compute any sharing. While
the current layout never produces the same hashes for functions in
difference equivalence classes (for different output length), that may
change in future.

Also allow hash functions, that belong to no equivalence class at all
(eqclass = NULL) as a means to add additional metadata to content
without computing any sharing for it.
---
 update_sharing.py | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/update_sharing.py b/update_sharing.py
index 1ff0fd8..ca6890b 100755
--- a/update_sharing.py
+++ b/update_sharing.py
@@ -47,14 +47,20 @@ def main(db):
     readcur = db.cursor()
     readcur.execute("SELECT hash FROM hash GROUP BY hash HAVING count(*) > 1;")
     for hashvalue, in fetchiter(readcur):
-        cur.execute("SELECT content.pid, content.id, content.filename, content.size, hash.fid FROM hash JOIN content ON hash.cid = content.id WHERE hash = ?;",
+        cur.execute("SELECT function.eqclass, content.pid, content.id, content.filename, content.size, hash.fid FROM hash JOIN content ON hash.cid = content.id JOIN function ON hash.fid = function.id AND function.eqclass IS NOT NULL WHERE hash = ?;",
                     (hashvalue,))
-        rows = cur.fetchall()
-        print("processing hash %s with %d entries" % (hashvalue, len(rows)))
-        pkgdict = compute_pkgdict(rows)
-        cur.executemany("INSERT OR IGNORE INTO duplicate (cid) VALUES (?);",
-                        [(row[1],) for row in rows])
-        process_pkgdict(cur, pkgdict)
+        rowdict = dict()
+        for row in cur.fetchall():
+            rowdict.setdefault(row[0], []).append(row[1:])
+        for eqclass, rows in rowdict.items():
+            if len(rows) < 2:
+                print("skipping hash %s class %d with too few entries" % (hashvalue, eqclass))
+                continue
+            print("processing hash %s class %d with %d entries" % (hashvalue, eqclass, len(rows)))
+            pkgdict = compute_pkgdict(rows)
+            cur.executemany("INSERT OR IGNORE INTO duplicate (cid) VALUES (?);",
+                            [(row[1],) for row in rows])
+            process_pkgdict(cur, pkgdict)
     cur.execute("INSERT INTO issue (cid, issue) SELECT content.id, 'file named something.gz is not a valid gzip file' FROM content WHERE content.filename LIKE '%.gz' AND NOT EXISTS (SELECT 1 FROM hash JOIN function ON hash.fid = function.id WHERE hash.cid = content.id AND function.name = 'gzip_sha512');")
     cur.execute("INSERT INTO issue (cid, issue) SELECT content.id, 'png image not named something.png' FROM content JOIN hash ON content.id = hash.cid JOIN function ON hash.fid = function.id WHERE function.name = 'png_sha512' AND lower(filename) NOT LIKE '%.png';")
     cur.execute("INSERT INTO issue (cid, issue) SELECT content.id, 'gif image not named something.gif' FROM content JOIN hash ON content.id = hash.cid JOIN function ON hash.fid = function.id WHERE function.name = 'gif_sha512' AND lower(filename) NOT LIKE '%.gif';")
-- 
cgit v1.2.3


From b38f14ab3fb72ca1578d7e6bb09178e6fbebba76 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sun, 23 Feb 2014 15:44:03 +0100
Subject: webapp: fix eqclass usage in package comparison

When comparing two packages, objects would be considered duplicates
without considering whether the respective hash functions are comparable
by checking their equivalence classes. The current set of hash functions
does not expose this bug.
---
 webapp.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapp.py b/webapp.py
index 665ac23..fd6d685 100755
--- a/webapp.py
+++ b/webapp.py
@@ -182,7 +182,7 @@ class Application(object):
             entry = dict(filenames=set((filename,)), size=size, matches={})
             files[hashvalue] = entry
 
-            cur2.execute("SELECT fa.name, ha.hash, fb.name, filename FROM hash AS ha JOIN hash AS hb ON ha.hash = hb.hash JOIN content ON hb.cid = content.id JOIN function AS fa ON ha.fid = fa.id JOIN function AS fb ON hb.fid = fb.id WHERE ha.cid = ? AND pid = ?;",
+            cur2.execute("SELECT fa.name, ha.hash, fb.name, filename FROM hash AS ha JOIN hash AS hb ON ha.hash = hb.hash JOIN content ON hb.cid = content.id JOIN function AS fa ON ha.fid = fa.id JOIN function AS fb ON hb.fid = fb.id WHERE ha.cid = ? AND pid = ? AND fa.eqclass = fb.eqclass;",
                          (cid, pid2))
             for func1, hashvalue, func2, filename in fetchiter(cur2):
                 entry["matches"].setdefault(filename, {})[func1, func2] = \
-- 
cgit v1.2.3


From 8ccd5205f77276b333c56efb8271a0ddf11590a0 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sun, 23 Feb 2014 17:29:41 +0100
Subject: fix spelling mistake

Reported-By: Stefan Kaltenbrunner
---
 dedup/templates/index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dedup/templates/index.html b/dedup/templates/index.html
index 7c9000f..169027e 100644
--- a/dedup/templates/index.html
+++ b/dedup/templates/index.html
@@ -28,7 +28,7 @@
 {% block content %}
 <h1>Debian duplication detector</h1>
 <ul>
-<li>To inspect a particlar binary package, go to <pre>binary/&lt;packagename&gt;</pre> Example: <a href="binary/git">binary/git</a>
+<li>To inspect a particular binary package, go to <pre>binary/&lt;packagename&gt;</pre> Example: <a href="binary/git">binary/git</a>
     <div style="display:none" id="form_div"><fieldset>
             <legend>Inspect package</legend>
             <noscript><b>This form is dysfunctional when javascript is not enabled</b></noscript>
-- 
cgit v1.2.3


From 8d4c5512edbdcdd1063a7e6508f398a5a57981be Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sun, 23 Feb 2014 18:19:35 +0100
Subject: spell check comments

---
 dedup/hashing.py | 2 +-
 dedup/image.py   | 2 +-
 importpkg.py     | 4 ++--
 webapp.py        | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/dedup/hashing.py b/dedup/hashing.py
index 70f6268..a8a46c7 100644
--- a/dedup/hashing.py
+++ b/dedup/hashing.py
@@ -115,7 +115,7 @@ class DecompressedHash(object):
 
 class SuppressingHash(object):
     """A hash that silences exceptions from the update and hexdigest methods of
-    a hashlib-like object. If an exception has occured, hexdigest always
+    a hashlib-like object. If an exception has occurred, hexdigest always
     returns None."""
     def __init__(self, hashobj, exceptions=()):
         """
diff --git a/dedup/image.py b/dedup/image.py
index c1f2de0..ef17989 100644
--- a/dedup/image.py
+++ b/dedup/image.py
@@ -4,7 +4,7 @@ import struct
 import PIL.Image
 
 class ImageHash(object):
-    """A hash on the contents of an image datat type supported by PIL. This
+    """A hash on the contents of an image data type supported by PIL. This
     disregards mode, depth and meta information. Note that due to limitations
     in PIL and the image format (interlacing) the full contents are stored and
     decoded in hexdigest."""
diff --git a/importpkg.py b/importpkg.py
index cb16f97..aeccda5 100755
--- a/importpkg.py
+++ b/importpkg.py
@@ -1,7 +1,7 @@
 #!/usr/bin/python
-"""This tool reads a debian package from stdin and emits a yaml stream on
+"""This tool reads a Debian package from stdin and emits a yaml stream on
 stdout.  It does not access a database. Therefore it can be run in parallel and
-on multiple machines. The generated yaml conatins multiple documents. The first
+on multiple machines. The generated yaml contains multiple documents. The first
 document contains package metadata. Then a document is emitted for each file.
 And finally a document consisting of the string "commit" is emitted."""
 
diff --git a/webapp.py b/webapp.py
index fd6d685..2fd69bb 100755
--- a/webapp.py
+++ b/webapp.py
@@ -151,7 +151,7 @@ class Application(object):
         return html_response(package_template.render(params))
 
     def compute_comparison(self, pid1, pid2):
-        """Compute a sequence of comparison objects ordery by the size of the
+        """Compute a sequence of comparison objects ordered by the size of the
         object in the first package. Each element of the sequence is a dict
         defining the following keys:
          * filenames: A set of filenames in package 1 (pid1) all referring to
-- 
cgit v1.2.3


From bb0aea9971bc79d8787d8f034022d0ca803fcab3 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sat, 8 Mar 2014 09:48:17 +0100
Subject: schema: make syntax compatible with postgres

---
 schema.sql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/schema.sql b/schema.sql
index 2ab7ca7..f6b1a7c 100644
--- a/schema.sql
+++ b/schema.sql
@@ -1,7 +1,7 @@
 CREATE TABLE package (id INTEGER PRIMARY KEY, name TEXT UNIQUE, version TEXT, architecture TEXT, source TEXT);
 CREATE TABLE content (id INTEGER PRIMARY KEY, pid INTEGER, filename TEXT, size INTEGER, FOREIGN KEY (pid) REFERENCES package(id) ON DELETE CASCADE);
 CREATE TABLE function (id INTEGER PRIMARY KEY, name TEXT UNIQUE NOT NULL, eqclass INTEGER);
-INSERT INTO function (name, eqclass) VALUES ("sha512", 1), ("gzip_sha512", 1), ("png_sha512", 2), ("gif_sha512", 2);
+INSERT INTO function (id, name, eqclass) VALUES (1, 'sha512', 1), (2, 'gzip_sha512', 1), (3, 'png_sha512', 2), (4, 'gif_sha512', 2);
 CREATE TABLE hash (cid INTEGER, fid INTEGER NOT NULL, hash TEXT, FOREIGN KEY (cid) REFERENCES content(id) ON DELETE CASCADE, FOREIGN KEY (fid) REFERENCES function(id));
 CREATE TABLE dependency (pid INTEGER, required TEXT, FOREIGN KEY (pid) REFERENCES package(id) ON DELETE CASCADE);
 CREATE INDEX content_package_size_index ON content (pid, size);
-- 
cgit v1.2.3


From 03d6cc0a5ac4d546f234d8326551f2ee35e0f1a5 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Mon, 21 Apr 2014 12:50:15 +0200
Subject: autoimport: support protocols besides http

---
 autoimport.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/autoimport.py b/autoimport.py
index d44c012..9c4c73e 100755
--- a/autoimport.py
+++ b/autoimport.py
@@ -60,7 +60,7 @@ def process_pkg(name, pkgdict, outpath):
     importcmd = ["python", "importpkg.py"]
     if "sha256hash" in pkgdict:
         importcmd.extend(["-H", pkgdict["sha256hash"]])
-    if filename.startswith("http://"):
+    if filename.startswith(("http://", "https://", "ftp://", "file://")):
         with open(outpath, "w") as outp:
             dl = subprocess.Popen(["curl", "-s", filename],
                                   stdout=subprocess.PIPE, close_fds=True)
@@ -95,7 +95,7 @@ def main():
     pkgs = {}
     for d in args:
         print("processing %s" % d)
-        if d.startswith("http://"):
+        if d.startswith(("http://", "https://", "ftp://", "file://")):
             process_http(pkgs, d)
         elif os.path.isdir(d):
             process_dir(pkgs, d)
-- 
cgit v1.2.3


From 6a62d49350d44176de08afa980a47017007f4a3c Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sun, 11 May 2014 15:25:46 +0200
Subject: webapp: allow git-like hash truncation

---
 webapp.py | 30 +++++++++++++++++++++++-------
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/webapp.py b/webapp.py
index 2fd69bb..9612c38 100755
--- a/webapp.py
+++ b/webapp.py
@@ -8,7 +8,8 @@ from wsgiref.simple_server import make_server
 
 import jinja2
 from werkzeug.exceptions import HTTPException, NotFound
-from werkzeug.routing import Map, Rule, RequestRedirect
+from werkzeug.routing import Map, Rule
+from werkzeug.utils import redirect
 from werkzeug.wrappers import Request, Response
 from werkzeug.wsgi import SharedDataMiddleware
 
@@ -61,6 +62,12 @@ def html_response(unicode_iterator, max_age=24 * 60 * 60):
     resp.expires = datetime.datetime.now() + datetime.timedelta(seconds=max_age)
     return resp
 
+class InternalRedirect(Exception):
+    def __init__(self, target, code=301):
+        Exception.__init__(self)
+        self.target = target
+        self.code = code
+
 class Application(object):
     def __init__(self, db):
         self.db = db
@@ -84,17 +91,18 @@ class Application(object):
             elif endpoint == "hash":
                 if args["function"] == "image_sha512":
                     # backwards compatibility
-                    raise RequestRedirect("%s/hash/png_sha512/%s" %
-                                          (request.environ["SCRIPT_NAME"],
-                                           args["hashvalue"]))
+                    raise InternalRedirect("/hash/png_sha512/%s" %
+                                           args["hashvalue"])
                 return self.show_hash(args["function"], args["hashvalue"])
             elif endpoint == "index":
                 if not request.environ["PATH_INFO"]:
-                    raise RequestRedirect(request.environ["SCRIPT_NAME"] + "/")
+                    raise InternalRedirect("/")
                 return html_response(index_template.render(dict(urlroot="")))
             elif endpoint == "source":
                 return self.show_source(args["package"])
             raise NotFound()
+        except InternalRedirect as r:
+            return redirect(request.environ["SCRIPT_NAME"] + r.target, r.code)
         except HTTPException as e:
             return e
 
@@ -214,8 +222,16 @@ class Application(object):
             entries = [dict(package=package, filename=filename, size=size,
                             function=otherfunc)
                        for package, filename, size, otherfunc in fetchiter(cur)]
-        if not entries:
-            raise NotFound()
+            if not entries:
+                # Assumption: '~' serves as an infinite character larger than
+                # any other character in the hash column.
+                cur.execute("SELECT DISTINCT hash.hash FROM hash JOIN function ON hash.fid = function.id WHERE function.name = ? AND hash.hash >= ? AND hash.hash <= ? LIMIT 2;",
+                            (function, hashvalue, hashvalue + '~'))
+                values = cur.fetchall()
+                if len(values) == 1:
+                    raise InternalRedirect("/hash/%s/%s" %
+                                           (function, values[0][0]), 302)
+                raise NotFound()
         params = dict(function=function, hashvalue=hashvalue, entries=entries,
                       urlroot="../..")
         return html_response(hash_template.render(params))
-- 
cgit v1.2.3


From cb3900603b79731891adbe44a1a1b3eb19f16cad Mon Sep 17 00:00:00 2001
From: Guillem Jover <guillem@debian.org>
Date: Thu, 8 May 2014 01:46:21 +0200
Subject: dedup.arreader: remove trailing slash from ar members

The GNU ar format adds a trailing slash to the member names, normalize
the member names to take this into account.

Signed-off-by: Guillem Jover <guillem@debian.org>
---
 dedup/arreader.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dedup/arreader.py b/dedup/arreader.py
index d74ae37..e53efd9 100644
--- a/dedup/arreader.py
+++ b/dedup/arreader.py
@@ -45,7 +45,7 @@ class ArReader(object):
         if not file_header:
             raise EOFError("end of archive found")
         parts = struct.unpack("16s 12s 6s 6s 8s 10s 2s", file_header)
-        parts = [p.rstrip(b" ") for p in parts]
+        parts = [p.rstrip(b"/ ") for p in parts]
         if parts.pop() != self.file_magic:
             raise ValueError("ar file header not found")
         self.remaining = int(parts[5])
-- 
cgit v1.2.3


From ddaa08f7a63a1fedf4c1f2804873199dd5182142 Mon Sep 17 00:00:00 2001
From: Guillem Jover <guillem@debian.org>
Date: Wed, 7 May 2014 21:06:38 +0200
Subject: importpkg: add support for control.tar and control.tar.xz

dpkg supports those since 1.17.6.

Signed-off-by: Guillem Jover <guillem@debian.org>
---
 dedup/debpkg.py |  2 +-
 importpkg.py    | 61 +++++++++++++++++++++++++++++++++++----------------------
 2 files changed, 39 insertions(+), 24 deletions(-)

diff --git a/dedup/debpkg.py b/dedup/debpkg.py
index 2d67135..dbee849 100644
--- a/dedup/debpkg.py
+++ b/dedup/debpkg.py
@@ -3,7 +3,7 @@ from debian import deb822
 from dedup.hashing import hash_file
 
 def process_control(control_contents):
-    """Parses the contents of a control file from a control.tar.gz of a Debian
+    """Parses the contents of a control file from a control.tar of a Debian
     package and returns a dictionary containing the fields relevant to dedup.
     @type control_contents: bytes
     @rtype: {str: object}
diff --git a/importpkg.py b/importpkg.py
index aeccda5..7482c4f 100755
--- a/importpkg.py
+++ b/importpkg.py
@@ -54,41 +54,56 @@ def process_package(filelike, hash_functions):
         except EOFError:
             raise ValueError("data.tar not found")
         if name == "control.tar.gz":
-            if state != "start":
-                raise ValueError("unexpected control.tar.gz")
-            state = "control"
+            new_state = "control"
             tf = tarfile.open(fileobj=af, mode="r|gz")
-            for elem in tf:
-                if elem.name != "./control":
-                    continue
-                if state != "control":
-                    raise ValueError("duplicate control file")
-                state = "control_file"
-                yield process_control(tf.extractfile(elem).read())
-                break
-            continue
+        elif name == "control.tar.xz":
+            new_state = "control"
+            zf = DecompressedStream(af, lzma.LZMADecompressor())
+            tf = tarfile.open(fileobj=zf, mode="r|")
+        elif name == "control.tar":
+            new_state = "control"
+            tf = tarfile.open(fileobj=af, mode="r|")
         elif name == "data.tar.gz":
+            new_state = "data"
             tf = tarfile.open(fileobj=af, mode="r|gz")
         elif name == "data.tar.bz2":
+            new_state = "data"
             tf = tarfile.open(fileobj=af, mode="r|bz2")
         elif name == "data.tar.xz":
+            new_state = "data"
             zf = DecompressedStream(af, lzma.LZMADecompressor())
             tf = tarfile.open(fileobj=zf, mode="r|")
         elif name == "data.tar":
+            new_state = "data"
             tf = tarfile.open(fileobj=af, mode="r|")
         else:
             continue
-        if state != "control_file":
-            raise ValueError("missing control file")
-        for name, size, hashes in get_tar_hashes(tf, hash_functions):
-            try:
-                name = name.decode("utf8")
-            except UnicodeDecodeError:
-                print("warning: skipping filename with encoding error")
-                continue # skip files with non-utf8 encoding for now
-            yield dict(name=name, size=size, hashes=hashes)
-        yield "commit"
-        break
+        if new_state == "control":
+            if state != "start":
+                raise ValueError("unexpected control.tar")
+            state = new_state
+            for elem in tf:
+                if elem.name != "./control":
+                    continue
+                if state != "control":
+                    raise ValueError("duplicate control file")
+                state = "control_file"
+                yield process_control(tf.extractfile(elem).read())
+                break
+            continue
+        elif new_state == "data":
+            if state != "control_file":
+                raise ValueError("missing control file")
+            state = new_state
+            for name, size, hashes in get_tar_hashes(tf, hash_functions):
+                try:
+                    name = name.decode("utf8")
+                except UnicodeDecodeError:
+                    print("warning: skipping filename with encoding error")
+                    continue # skip files with non-utf8 encoding for now
+                yield dict(name=name, size=size, hashes=hashes)
+            yield "commit"
+            break
 
 def process_package_with_hash(filelike, hash_functions, sha256hash):
     hstream = HashedStream(filelike, hashlib.sha256())
-- 
cgit v1.2.3


From e2d7f5e1e1ef06c28ca432bc070595b87d78ac85 Mon Sep 17 00:00:00 2001
From: Guillem Jover <guillem@debian.org>
Date: Thu, 8 May 2014 01:50:48 +0200
Subject: importpkg: add support for data.tar.lzma

Creating packages with lzma compression has been deprecated since dpkg
1.16.4, but there might be some of those in the wild and supporting them
is strightforward when xz is already supported.

Signed-off-by: Guillem Jover <guillem@debian.org>
---
 importpkg.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/importpkg.py b/importpkg.py
index 7482c4f..247965f 100755
--- a/importpkg.py
+++ b/importpkg.py
@@ -69,6 +69,10 @@ def process_package(filelike, hash_functions):
         elif name == "data.tar.bz2":
             new_state = "data"
             tf = tarfile.open(fileobj=af, mode="r|bz2")
+        elif name == "data.tar.lzma":
+            new_state = "data"
+            zf = DecompressedStream(af, lzma.LZMADecompressor())
+            tf = tarfile.open(fileobj=zf, mode="r|")
         elif name == "data.tar.xz":
             new_state = "data"
             zf = DecompressedStream(af, lzma.LZMADecompressor())
-- 
cgit v1.2.3


From 0097cdc7ffa881427f72ac35428de4214a26d834 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sun, 11 May 2014 15:57:36 +0200
Subject: importpkg: reduce copy&paste

---
 importpkg.py | 48 +++++++++++++++---------------------------------
 1 file changed, 15 insertions(+), 33 deletions(-)

diff --git a/importpkg.py b/importpkg.py
index 247965f..06d9da4 100755
--- a/importpkg.py
+++ b/importpkg.py
@@ -44,6 +44,15 @@ def gifhash():
     hashobj.name = "gif_sha512"
     return hashobj
 
+def decompress_tar(filelike, extension):
+    if extension in (".lzma", ".xz"):
+        filelike = DecompressedStream(filelike, lzma.LZMADecompressor())
+        extension = ""
+    if extension not in ("", ".gz", ".bz2"):
+        raise ValueError("unknown compression format with extension %r" %
+                         extension)
+    return tarfile.open(fileobj=filelike, mode="r|" + extension[1:])
+
 def process_package(filelike, hash_functions):
     af = ArReader(filelike)
     af.read_magic()
@@ -53,39 +62,11 @@ def process_package(filelike, hash_functions):
             name = af.read_entry()
         except EOFError:
             raise ValueError("data.tar not found")
-        if name == "control.tar.gz":
-            new_state = "control"
-            tf = tarfile.open(fileobj=af, mode="r|gz")
-        elif name == "control.tar.xz":
-            new_state = "control"
-            zf = DecompressedStream(af, lzma.LZMADecompressor())
-            tf = tarfile.open(fileobj=zf, mode="r|")
-        elif name == "control.tar":
-            new_state = "control"
-            tf = tarfile.open(fileobj=af, mode="r|")
-        elif name == "data.tar.gz":
-            new_state = "data"
-            tf = tarfile.open(fileobj=af, mode="r|gz")
-        elif name == "data.tar.bz2":
-            new_state = "data"
-            tf = tarfile.open(fileobj=af, mode="r|bz2")
-        elif name == "data.tar.lzma":
-            new_state = "data"
-            zf = DecompressedStream(af, lzma.LZMADecompressor())
-            tf = tarfile.open(fileobj=zf, mode="r|")
-        elif name == "data.tar.xz":
-            new_state = "data"
-            zf = DecompressedStream(af, lzma.LZMADecompressor())
-            tf = tarfile.open(fileobj=zf, mode="r|")
-        elif name == "data.tar":
-            new_state = "data"
-            tf = tarfile.open(fileobj=af, mode="r|")
-        else:
-            continue
-        if new_state == "control":
+        if name.startswith("control.tar"):
             if state != "start":
                 raise ValueError("unexpected control.tar")
-            state = new_state
+            state = "control"
+            tf = decompress_tar(af, name[11:])
             for elem in tf:
                 if elem.name != "./control":
                     continue
@@ -95,10 +76,11 @@ def process_package(filelike, hash_functions):
                 yield process_control(tf.extractfile(elem).read())
                 break
             continue
-        elif new_state == "data":
+        elif name.startswith("data.tar"):
             if state != "control_file":
                 raise ValueError("missing control file")
-            state = new_state
+            state = "data"
+            tf = decompress_tar(af, name[8:])
             for name, size, hashes in get_tar_hashes(tf, hash_functions):
                 try:
                     name = name.decode("utf8")
-- 
cgit v1.2.3


From b343a67cde7d37ff01674d2cd399e874ea0aaccc Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sun, 11 May 2014 15:59:46 +0200
Subject: update copyright information

---
 COPYING | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/COPYING b/COPYING
index 713eee2..05212f8 100644
--- a/COPYING
+++ b/COPYING
@@ -1,10 +1,11 @@
 Main author:
 
-Copyright (C) 2013 Helmut Grohne <helmut@subdivi.de>
+Copyright (C) 2013-2014 Helmut Grohne <helmut@subdivi.de>
 
-Contributor:
+Contributors:
 
 Copyright (C) 2013 Jan Lühr (javascript for webapp.py)
+Copyright (C) 2014 Guillem Jover <guillem@debian.org>
 
 All rights reserved.
 
-- 
cgit v1.2.3


From bd1a5eb04cf1cb3dc69537c8cdda6130342223e6 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sat, 14 Jun 2014 10:19:55 +0200
Subject: add documentation to schema.sql

Thanks to Peter Palfrader for explaining what information is needed and
reviewing the documentation.
---
 schema.sql | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 50 insertions(+), 8 deletions(-)

diff --git a/schema.sql b/schema.sql
index f6b1a7c..35f82ca 100644
--- a/schema.sql
+++ b/schema.sql
@@ -1,13 +1,48 @@
-CREATE TABLE package (id INTEGER PRIMARY KEY, name TEXT UNIQUE, version TEXT, architecture TEXT, source TEXT);
-CREATE TABLE content (id INTEGER PRIMARY KEY, pid INTEGER, filename TEXT, size INTEGER, FOREIGN KEY (pid) REFERENCES package(id) ON DELETE CASCADE);
-CREATE TABLE function (id INTEGER PRIMARY KEY, name TEXT UNIQUE NOT NULL, eqclass INTEGER);
-INSERT INTO function (id, name, eqclass) VALUES (1, 'sha512', 1), (2, 'gzip_sha512', 1), (3, 'png_sha512', 2), (4, 'gif_sha512', 2);
-CREATE TABLE hash (cid INTEGER, fid INTEGER NOT NULL, hash TEXT, FOREIGN KEY (cid) REFERENCES content(id) ON DELETE CASCADE, FOREIGN KEY (fid) REFERENCES function(id));
-CREATE TABLE dependency (pid INTEGER, required TEXT, FOREIGN KEY (pid) REFERENCES package(id) ON DELETE CASCADE);
+CREATE TABLE package (		-- binary Debian packages.
+	id INTEGER PRIMARY KEY,
+	name TEXT UNIQUE,	-- binary package name
+	version TEXT,		-- Debian version
+	architecture TEXT,
+	source TEXT);		-- name of the source package it was built from
+CREATE TABLE content (		-- a file contained in a binary package
+	id INTEGER PRIMARY KEY,
+	pid INTEGER NOT NULL REFERENCES package(id) ON DELETE CASCADE,
+				-- which package the file is contained in
+	filename TEXT,
+	size INTEGER);
+CREATE TABLE function (			-- hash functions
+	id INTEGER PRIMARY KEY,
+	name TEXT UNIQUE NOT NULL,
+	eqclass INTEGER);		-- hash values of different hash functions are comparable if they share an eqclass
+INSERT INTO function (id, name, eqclass) VALUES
+	(1, 'sha512', 1),
+	(2, 'gzip_sha512', 1),
+	(3, 'png_sha512', 2),
+	(4, 'gif_sha512', 2);
+CREATE TABLE hash (		-- hash values of files in binary packages
+	cid INTEGER NOT NULL REFERENCES content(id) ON DELETE CASCADE,
+				-- which file has been hashed
+	fid INTEGER NOT NULL REFERENCES function(id),
+				-- using which function
+	hash TEXT);		-- textual hash value
+CREATE TABLE dependency (	-- binary package dependencies
+	pid INTEGER NOT NULL REFERENCES package(id) ON DELETE CASCADE,
+				-- the package carries a Depends: header
+	required TEXT);		-- the name of a package that is dependet upon without alternative
 CREATE INDEX content_package_size_index ON content (pid, size);
 CREATE INDEX hash_cid_index ON hash (cid);
 CREATE INDEX hash_hash_index ON hash (hash);
 
+-- All tables below this line can be recomputed from the tables above.
+-- Recomputation is done using the update_sharing.py script.
+
+-- The sharing table caches two values for each pair of packages pid1, pid2 and
+-- pair of hash functions fid1, fid2:
+--  * files is the number of files in pid1 that could be eliminated by reusing
+--    files from pid2. Since the functions may be different, this may mean
+--    replacing a compressed file with an uncompressed one.
+--  * size is the number of bytes that would be freed by doing the above.
+-- Note: If pid1=pid2, one copy of each file must be preserved.
 CREATE TABLE sharing (
 	pid1 INTEGER NOT NULL REFERENCES package(id) ON DELETE CASCADE,
 	pid2 INTEGER NOT NULL REFERENCES package(id) ON DELETE CASCADE,
@@ -16,5 +51,12 @@ CREATE TABLE sharing (
 	files INTEGER,
 	size INTEGER);
 CREATE INDEX sharing_insert_index ON sharing (pid1, pid2, fid1, fid2);
-CREATE TABLE duplicate (cid INTEGER PRIMARY KEY, FOREIGN KEY (cid) REFERENCES content(id) ON DELETE CASCADE);
-CREATE TABLE issue (cid INTEGER REFERENCES content(id) ON DELETE CASCADE, issue TEXT);
+-- The duplicate table caches all files that have any non-unique hash value.
+CREATE TABLE duplicate (
+	cid INTEGER PRIMARY KEY REFERENCES content(id) ON DELETE CASCADE);
+-- The issue table contains auxillary notices per file. For example, when a
+-- filename ends in ".gz", but is not gzip decompressible (has no gzip_sha512
+-- hash), it is recorded here.
+CREATE TABLE issue (
+	cid INTEGER REFERENCES content(id) ON DELETE CASCADE,
+	issue TEXT);
-- 
cgit v1.2.3


From d48c3c208ee6ba54225b3eb68ce5c9f3c894bfa4 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sat, 14 Jun 2014 12:08:09 +0200
Subject: improve schema documentation

wording, more NOT NULLs, some more explanations
---
 schema.sql | 47 ++++++++++++++++++++++++++++++++---------------
 1 file changed, 32 insertions(+), 15 deletions(-)

diff --git a/schema.sql b/schema.sql
index 35f82ca..99ae7e5 100644
--- a/schema.sql
+++ b/schema.sql
@@ -1,34 +1,47 @@
-CREATE TABLE package (		-- binary Debian packages.
+CREATE TABLE package (		-- binary Debian packages
 	id INTEGER PRIMARY KEY,
-	name TEXT UNIQUE,	-- binary package name
+	name TEXT UNIQUE NOT NULL,
+	-- binary package name
 	version TEXT,		-- Debian version
 	architecture TEXT,
 	source TEXT);		-- name of the source package it was built from
+
 CREATE TABLE content (		-- a file contained in a binary package
 	id INTEGER PRIMARY KEY,
 	pid INTEGER NOT NULL REFERENCES package(id) ON DELETE CASCADE,
-				-- which package the file is contained in
-	filename TEXT,
-	size INTEGER);
+	-- which package the file is contained in
+	filename TEXT NOT NULL,
+	size INTEGER NOT NULL);
+
 CREATE TABLE function (			-- hash functions
 	id INTEGER PRIMARY KEY,
 	name TEXT UNIQUE NOT NULL,
-	eqclass INTEGER);		-- hash values of different hash functions are comparable if they share an eqclass
+	eqclass INTEGER);
+	-- hash values of different hash functions are comparable if they share
+	-- an eqclass
+
 INSERT INTO function (id, name, eqclass) VALUES
 	(1, 'sha512', 1),
 	(2, 'gzip_sha512', 1),
+	-- decompress a gzip file, then hash
 	(3, 'png_sha512', 2),
+	-- decompress a PNG file, hash RGBA image contents + dimension
 	(4, 'gif_sha512', 2);
+	-- decompress a GIF file, hash RGBA image contents + dimension
+
 CREATE TABLE hash (		-- hash values of files in binary packages
 	cid INTEGER NOT NULL REFERENCES content(id) ON DELETE CASCADE,
-				-- which file has been hashed
+	-- which file has been hashed
 	fid INTEGER NOT NULL REFERENCES function(id),
-				-- using which function
-	hash TEXT);		-- textual hash value
+	-- using which function
+	hash TEXT NOT NULL);	-- textual hash value
+
 CREATE TABLE dependency (	-- binary package dependencies
 	pid INTEGER NOT NULL REFERENCES package(id) ON DELETE CASCADE,
-				-- the package carries a Depends: header
-	required TEXT);		-- the name of a package that is dependet upon without alternative
+	-- the package that carries a Depends: header
+	required TEXT NOT NULL);
+	-- the name of a package that is depended upon without alternative
+
 CREATE INDEX content_package_size_index ON content (pid, size);
 CREATE INDEX hash_cid_index ON hash (cid);
 CREATE INDEX hash_hash_index ON hash (hash);
@@ -48,15 +61,19 @@ CREATE TABLE sharing (
 	pid2 INTEGER NOT NULL REFERENCES package(id) ON DELETE CASCADE,
 	fid1 INTEGER NOT NULL REFERENCES function(id),
 	fid2 INTEGER NOT NULL REFERENCES function(id),
-	files INTEGER,
-	size INTEGER);
+	files INTEGER NOT NULL,
+	size INTEGER NOT NULL);
 CREATE INDEX sharing_insert_index ON sharing (pid1, pid2, fid1, fid2);
+
 -- The duplicate table caches all files that have any non-unique hash value.
+-- It is used in webapp.py to speed up one query, but could be dropped
+-- otherwise.
 CREATE TABLE duplicate (
 	cid INTEGER PRIMARY KEY REFERENCES content(id) ON DELETE CASCADE);
+
 -- The issue table contains auxillary notices per file. For example, when a
 -- filename ends in ".gz", but is not gzip decompressible (has no gzip_sha512
 -- hash), it is recorded here.
 CREATE TABLE issue (
-	cid INTEGER REFERENCES content(id) ON DELETE CASCADE,
-	issue TEXT);
+	cid INTEGER NOT NULL REFERENCES content(id) ON DELETE CASCADE,
+	issue TEXT NOT NULL);		-- a human readable comment on the file
-- 
cgit v1.2.3