#!/bin/sh -ef
#
# This is a simple package manager written in POSIX 'sh' for
# KISS Linux, utilizing the core UNIX utilities where needed.
#
# Disable warnings against word-splitting and globbing.
# They are used *safely* throughout this script as globbing
# is globally disabled and assumptions can be made about the input.
# shellcheck disable=2046,2086
#
# The script runs with 'set -e' enabled. It will exit on any
# non-zero return code. This ensures that no function continues
# if it fails at any point.
#
# Keep in mind that this involves extra code in the case where
# an error is optional and/or required.
#
# Where possible the package manager should check things first,
# die if necessary and continue if all is well.
#
# The code below conforms to shellcheck's rules. However, some
# lint errors *are* disabled as they relate to unexpected
# behavior (which we do expect).
#
# KISS is available under the MIT license.
#
# - Dylan Araps.

die() {
    # Print a message and exit with '1' (error).
    printf '\033[1;31m!>\033[m %s.\n' "$@" >&2
    exit 1
}

log() {
    # Print a message prettily.
    printf '\033[1;32m->\033[m %s.\n' "$@"
}

pkg_lint() {
    # Check that each mandatory file in the package entry exists.
    log "[$1] Checking repository files"

    repo_dir=$(pkg_find "$1")

    cd "$repo_dir" || die "'$repo_dir' not accessible"
    [ -f sources ] || die "[$1] Sources file not found"
    [ -x build ]   || die "[$1] Build file not found or not executable"
    [ -s version ] || die "[$1] Version file not found or empty"

    # Ensure that the release field in the version file is set
    # to something. The above test checks for the version field inclusively.
    read -r _ release < version
    [ "$release" ] || die "Release field not found in version file"
}

pkg_find() {
    # Figure out which repository a package belongs to by
    # searching for directories matching the package name
    # in $KISS_PATH/*.
    [ "$KISS_PATH" ] || die "\$KISS_PATH needs to be set"

    # Find the repository containing a package.
    # Searches installed packages if the package is absent
    # from the repositories.
    set -- "$1" $(IFS=:; find $KISS_PATH "$KISS_ROOT/$pkg_db" \
                              -maxdepth 1 -name "$1")

    # A package may also not be found due to a repository not being
    # readable by the current user. Either way, we need to die here.
    [ "$2" ] || die "Package '$1' not in any repository"

    printf '%s\n' "$2"
}

pkg_list() {
    # List installed packages. As the format is files and
    # directories, this just involves a simple for loop and
    # file read.

    # Change directories to the database. This allows us to
    # avoid having to 'basename' each path. If this fails,
    # set '$1' to mimic a failed glob which indicates that
    # nothing is installed.
    cd "$KISS_ROOT/$pkg_db" 2>/dev/null ||
        set -- "$KISS_ROOT/$pkg_db/"\*

    # Optional arguments can be passed to check for specific
    # packages. If no arguments are passed, list all. As we
    # loop over '$@', if there aren't any arguments we can
    # just set the directory contents to the argument list.
    [ "$1" ] || { set +f; set -f -- *; }

    # If the 'glob' above failed, exit early as there are no
    # packages installed.
    [ "$1" = "$KISS_ROOT/$pkg_db/"\* ] && return 1

    # Loop over each package and print its name and version.
    for pkg; do
        [ -d "$pkg" ] || {
            log "Package '$pkg' is not installed"
            return 1
        }

        read -r 2>/dev/null < "$pkg/version" || REPLY=null
        printf '%s\n' "$pkg $REPLY"
    done
}

pkg_sources() {
    # Download any remote package sources. The existence of local
    # files is also checked.
    log "[$1] Downloading sources"

    # Store each downloaded source in a directory named after the
    # package it belongs to. This avoid conflicts between two packages
    # having a source of the same name.
    mkdir -p "$src_dir/$1" && cd "$src_dir/$1"

    repo_dir=$(pkg_find "$1")

    while read -r src _; do
        case $src in
            # Remote source.
            *://*)
                [ -f "${src##*/}" ] && {
                    log "[$1] Found cached source '${src##*/}'"
                    continue
                }

                wget "$src" || {
                    rm -f "${src##*/}"
                    die "[$1] Failed to download $src"
                }
            ;;

            # Local files (sources that are non-remote are assumed to be local).
            *)
                [ -f "$repo_dir/$src" ] || die "[$1] No local file '$src'"

                log "[$1] Found local file '$src'"
            ;;
        esac
    done < "$repo_dir/sources"
}

pkg_extract() {
    # Extract all source archives to the build directory and copy over
    # any local repository files.
    log "[$1] Extracting sources"

    repo_dir=$(pkg_find "$1")

    while read -r src dest; do
        mkdir -p "$mak_dir/$1/$dest" && cd "$mak_dir/$1/$dest"

        case $src in
            # Only 'tar' archives are currently supported for extraction.
            # Any other file-types are simply copied to '$mak_dir' which
            # allows you to extract them manually.
            *://*.tar*|*://*.tgz)
                tar xf "$src_dir/$1/${src##*/}" --strip-components 1 \
                || die "[$1] Couldn't extract ${src##*/}"
            ;;

            # Local files (Any non-remote source is assumed to be local).
            *)
                if [ -f "$repo_dir/$src" ]; then
                    cp -f "$repo_dir/$src" .

                elif [ -f "$src_dir/$1/${src##*/}" ]; then
                    cp -f "$src_dir/$1/${src##*/}" .

                else
                    die "[$1] Local file $src not found"
                fi
            ;;
        esac
    done < "$repo_dir/sources"
}

pkg_depends() {
    # Resolve all dependencies and install them in the right order.

    repo_dir=$(pkg_find "$1")

    # This does a depth-first search. The deepest dependencies are
    # listed first and then the parents in reverse order.
    case $missing_deps in
        # Dependency is already in list, skip it.
        *" $1 "*) ;;

        *)
            # Recurse through the dependencies of the child
            # packages. Keep doing this.
            [ -f "$repo_dir/depends" ] &&
                while read -r dep _; do
                    [ "${dep##\#*}" ] || continue
                    pkg_depends "$dep" ||:
                done < "$repo_dir/depends"

            # After child dependencies are added to the list,
            # add the package which depends on them.
            missing_deps="$missing_deps $1 "
        ;;
    esac
}

pkg_verify() {
    # Verify all package checksums. This is achieved by generating
    # a new set of checksums and then comparing those with the old
    # set.

    # Generate a second set of checksums to compare against the
    # repository's checksums for the package.
    pkg_checksums "$1" | cmp -s - "$(pkg_find "$1")/checksums" || {
        log "[$1] Checksum mismatch"

        # Instead of dying above, log it to the terminal. Also define a
        # variable so we *can* die after all checksum files have been
        # checked.
        mismatch="$mismatch$1 "
    }
}

pkg_strip() {
    # Strip package binaries and libraries. This saves space on the
    # system as well as on the tar-balls we ship for installation.

    # Package has stripping disabled, stop here.
    [ -f "$(pkg_find "$1")/nostrip" ] && return

    log "[$1] Stripping binaries and libraries"

    # Strip only files matching the below ELF types.
    find "$pkg_dir/$1" -type f | while read -r file; do
        case "$(readelf -h "$file" 2>/dev/null)" in
            *" DYN "*)
                strip_opt=--strip-unneeded
            ;;

            *" REL "*)
                strip_opt=--strip-debug
            ;;

            *" EXEC "*)
                strip_opt=--strip-all
            ;;

            *) continue ;;
        esac

        # Suppress errors here as some binaries and libraries may
        # fail to strip. This is OK.
        strip "$strip_opt" "$file" 2>/dev/null ||:
    done
}

pkg_fixdeps() {
    # Dynamically look for missing runtime dependencies by checking
    # each binary and library with 'ldd'. This catches any extra
    # libraries and or dependencies pulled in by the package's
    # build suite.
    log "[$1] Checking for missing dependencies"

    # Go to the directory containing the built package to
    # simplify path building.
    cd "$pkg_dir/$1/$pkg_db/$1"

    # Make a copy of the depends file if it exists to have a
    # reference to 'diff' against.
    [ -f depends ] && cp -f depends depends-copy

    # Get a list of binaries and libraries, false files
    # will be found, however it's faster to get 'ldd' to check
    # them anyway than to filter them out.
    find "$pkg_dir/$1" -type f 2>/dev/null | while read -r file; do
        # Run 'ldd' on the file and parse each line. The code
        # then checks to see which packages own the linked
        # libraries and it prints the result.
        ldd "$file" 2>/dev/null | while read -r dep; do
            # Skip lines containing 'ldd'.
            [ "${dep##*ldd*}" ] || continue

            # Extract the file path from 'ldd' output.
            dep=${dep#* => }
            dep=${dep% *}

            # Traverse symlinks to get the true path to the file.
            dep=$(readlink -f "$KISS_ROOT/${dep##$KISS_ROOT}")

            # Figure out which package owns the file.
            dep=$(set +f; grep -lFx "${dep##$KISS_ROOT}" \
                            "$KISS_ROOT/$pkg_db/"*/manifest)

            # Extract package name from 'grep' match.
            dep=${dep%/*}
            dep=${dep##*/}

            case $dep in
                # Skip listing these packages as dependencies.
                musl|gcc|${PWD##*/}) ;;
                *) printf '%s\n' "$dep" ;;
            esac
        done ||:
    done >> depends-copy

    # Remove duplicate entries from the new depends file.
    # This remove duplicate lines looking *only* at the
    # first column.
    sort -u -k1,1 depends-copy > depends-new

    # Display a 'diff' of the new dependencies agaisnt
    # the old ones. '-N' treats non-existent files as blank.
    diff -N depends depends-new ||:

    # Do some clean up as this required a few temporary files.
    mv -f depends-new depends
    rm -f depends-copy
}

pkg_manifest() (
    # Generate the package's manifest file. This is a list of each file
    # and directory inside the package. The file is used when uninstalling
    # packages, checking for package conflicts and for general debugging.
    log "[$1] Generating manifest"

    # This funcion runs as a sub-shell to avoid having to 'cd' back to the
    # prior directory before being able to continue.
    cd "$pkg_dir/$1"

    # Find all files and directories in the package. Directories are printed
    # with a trailing forward slash '/'. The list is then reversed with
    # directories appearing *after* their contents.
    find . -mindepth 1 -type d -exec printf '%s/\n' {} + -or -print |
    sort -r | sed -e ss.ss > "$pkg_dir/$1/$pkg_db/$1/manifest"
)

pkg_tar() {
    # Create a tar-ball from the built package's files.
    # This tar-ball also contains the package's database entry.
    log "[$1] Creating tar-ball"

    # Read the version information to name the package.
    read -r version release < "$(pkg_find "$1")/version"

    # Create a tar-ball from the contents of the built package.
    tar zpcf "$bin_dir/$1#$version-$release.tar.gz" -C "$pkg_dir/$1" . ||
        die "[$1] Failed to create tar-ball"

    log "[$1] Successfully created tar-ball"
}

pkg_build() {
    # Build packages and turn them into packaged tar-balls. This function
    # also checks checksums, downloads sources and ensure all dependencies
    # are installed.

    log "Resolving dependencies"
    for pkg; do pkg_depends "$pkg"; done

    # Store the explicit packages so we can handle them differently
    # below. Dependencies are automatically installed but packages
    # passed to KISS aren't.
    explicit_packages=" $* "

    # Set the resolved dependency list as the function's arguments.
    set -- $missing_deps

    # The dependency solver always lists all dependencies regardless of
    # whether or not they are installed. Ensure that all explicit packages
    # are included and ensure that all installed packages are excluded.
    for pkg; do
        case $explicit_packages in
            *" $pkg "*) ;;
            *) pkg_list "$pkg" >/dev/null && continue ;;
        esac

        build_packages="$build_packages$pkg "
    done

    # Set the filtered dependency list as the function's arguments.
    set -- $build_packages

    log "Building: $*"

    # Only ask for confirmation if more than one package needs to be built.
    [ $# -gt 1 ] || [ "$pkg_update" ] && {
        log "Continue?: Press Enter to continue or Ctrl+C to abort here"

        # POSIX 'read' has none of the "nice" options like '-n', '-p'
        # etc etc. This is the most basic usage of 'read'.
        read -r || exit
    }

    log "Checking to see if any dependencies have already been built"
    log "Installing any pre-built dependencies"

    # Install any pre-built dependencies if they exist in the binary
    # directory and are up to date.
    for pkg; do
        # Don't check for a pre-built package if it was passed to KISS
        # directly.
        case $explicit_packages in
            *" $pkg "*)
                shift
                set -- "$@" "$pkg"
                continue
            ;;
        esac

        # Figure out the version and release.
        read -r version release < "$(pkg_find "$pkg")/version"

        # Remove the current package from the package list.
        shift

        # Install any pre-built binaries if they exist.
        # This calls 'args' to inherit a root check and call
        # to 'sudo' to elevate permissions.
        [ -f "$bin_dir/$pkg#$version-$release.tar.gz" ] && {
            log "[$pkg] Found pre-built binary, installing"
            args i "$bin_dir/$pkg#$version-$release.tar.gz"
            continue
        }

        # Add the removed package back to the list if it doesn't
        # have a pre-built binary.
        set -- "$@" "$pkg"
    done

    for pkg; do pkg_lint "$pkg"; done
    for pkg; do
        # Ensure that checksums exist prior to building the package.
        [ -f "$(pkg_find "$pkg")/checksums" ] || {
            log "[$pkg] Checksums are missing"

            # Instead of dying above, log it to the terminal. Also define a
            # variable so we *can* die after all checksum files have been
            # checked.
            no_sums="$no_sums$pkg "
        }
    done

    # Die here as packages without checksums were found above.
    [ "$no_sums" ] && die "Checksums missing, run 'kiss checksum ${no_sums% }'"

    for pkg; do pkg_sources "$pkg"; done
    for pkg; do pkg_verify  "$pkg"; done

    # Die here as packages with differing checksums were found above.
    [ "$mismatch" ] && die "Checksum mismatch with: ${mismatch% }"

    # Finally build and create tarballs for all passed packages and
    # dependencies.
    for pkg; do
        pkg_extract "$pkg"

        repo_dir=$(pkg_find "$pkg")

        # Install built packages to a directory under the package name
        # to avoid collisions with other packages.
        mkdir -p "$pkg_dir/$pkg/$pkg_db"

        # Move to the build directory.
        cd "$mak_dir/$pkg"

        # Call the build script.
        "$repo_dir/build" "$pkg_dir/$pkg" || die "[$pkg] Build failed"

        # Copy the repository files to the package directory.
        # This acts as the database entry.
        cp -Rf "$repo_dir" "$pkg_dir/$pkg/$pkg_db/"

        log "[$pkg] Successfully built package"

        # Create the manifest file early and make it empty.
        # This ensure that the manifest is added to the manifest...
        : > "$pkg_dir/$pkg/$pkg_db/$pkg/manifest"

        pkg_strip    "$pkg"
        pkg_fixdeps  "$pkg"
        pkg_manifest "$pkg"
        pkg_tar      "$pkg"

        # Install only dependencies of passed packages.
        # Skip this check if this is a package update.
        case $explicit_packages in
            *" $pkg "*) [ "$pkg_update" ] || continue ;;
        esac

        log "[$pkg] Needed as a dependency or has an update, installing"
        args i "$pkg"
    done

    # End here as this was a system update and all packages have been installed.
    [ "$pkg_update" ] && return

    log "Successfully built package(s)"

    # Turn the explicit packages into a 'list'.
    set -- $explicit_packages

    # Only ask for confirmation if more than one package needs to be installed.
    [ $# -gt 1 ] && {
        log "Install built packages? [$*]" \
            "Press Enter to continue or Ctrl+C to abort here"

        # POSIX 'read' has none of the "nice" options like '-n', '-p'
        # etc etc. This is the most basic usage of 'read'.
        read -r && {
            args i "$@"
            return
        }
    }

    log "Run 'kiss i $*' to install the built package(s)"
}

pkg_checksums() {
    # Generate checksums for packages.
    repo_dir=$(pkg_find "$1")

    while read -r src _; do
        case $src in
            *)
                # File is local to the package.
                if [ -f "$repo_dir/$src" ]; then
                    src_path=$repo_dir/${src%/*}

                # File is remote and was downloaded.
                elif [ -f "$src_dir/$1/${src##*/}" ]; then
                    src_path=$src_dir/$1

                # Die here if source for some reason, doesn't exist.
                else
                    die "[$1] Couldn't find source '$src'"
                fi

                # An easy way to get 'sha256sum' to print with the 'basename'
                # of files is to 'cd' to the file's directory beforehand.
                (cd "$src_path" && sha256sum "${src##*/}") ||
                    die "[$1] Failed to generate checksums"
            ;;
        esac
    done < "$repo_dir/sources"
}

pkg_conflicts() {
    # Check to see if a package conflicts with another.
    # This function takes a path to a KISS tar-ball as an argument.
    log "[$2] Checking for package conflicts"

    # Save the package name as we modify the argument list below.
    tar_file=$1
    pkg_name=$2

    # Enable globbing.
    set +f

    # Generate a list of all installed package manifests.
    set -f -- "$KISS_ROOT/$pkg_db/"*/manifest

    # Go through the manifest list and filter out the
    # package which will be installed.
    for manifest; do
        shift

        case $manifest in
            */$pkg_name/manifest) continue
        esac

        set -- "$@" "$manifest"
    done

    # Extract manifest from the tar-ball and only extract files entries.
    tar xf "$tar_file" -O "./$pkg_db/$pkg_name/manifest" |
        while read -r line; do
            [ "${line%%*/}" ] && printf '%s\n' "$line"
        done |

    # Compare the package's files against all owned files on the system.
    grep -Fxf - "$@" 2>/dev/null &&
        die "Package '$pkg_name' conflicts with another package"

    # Force a '0' return code as the 'grep' above fails on success.
    :
}

pkg_remove() {
    # Remove a package and all of its files. The '/etc' directory
    # is handled differently and configuration files are *not*
    # overwritten.

    # The package is not installed, don't do anything.
    pkg_list "$1" >/dev/null || {
        log "[$1] Not installed"
        return
    }

    # Enable globbing.
    set +f

    # Make sure that nothing depends on this package.
    [ "$2" = check ] && for file in "$KISS_ROOT/$pkg_db/"*; do
        # Check each depends file for the package and if it's
        # a run-time dependency, append to the $required_by string.
        grep -qFx "$1" "$file/depends" 2>/dev/null &&
            required_by="$required_by'${file##*/}', "
    done

    # Disable globbing.
    set -f

    [ "$required_by" ] &&
        die "[$1] Package is required by ${required_by%, }" \
            "[$1] Aborting here..."

    # Block being able to abort the script with 'Ctrl+C' during removal.
    # Removes all risk of the user aborting a package removal leaving
    # an incomplete package installed.
    trap '' INT

    while read -r file; do
        # The file is in '/etc' skip it. This prevents the package
        # manager from removing user edited configuration files.
        [ "${file##/etc/*}" ] || continue

        if [ -d "$KISS_ROOT/$file" ]; then
            rmdir "$KISS_ROOT/$file" 2>/dev/null || continue
        else
            rm -f -- "$KISS_ROOT/$file"
        fi
    done < "$KISS_ROOT/$pkg_db/$1/manifest"

    # Reset 'trap' to its original value. Removal is done so
    # we no longer need to block 'Ctrl+C'.
    trap pkg_clean EXIT INT

    log "[$1] Removed successfully"
}

pkg_install() {
    # Install a built package tar-ball.

    for pkg; do
        # Install can also take the full path to a tar-ball.
        # We don't need to check the repository if this is the case.
        if [ -f "$pkg" ] && [ -z "${pkg%%*.tar.gz}" ] ; then
            tar_file=$pkg

        else
            # Read the version information to name the package.
            read -r version release < "$(pkg_find "$pkg")/version"

            # Construct the name of the package tarball.
            tar_name=$pkg\#$version-$release.tar.gz

            [ -f "$bin_dir/$tar_name" ] ||
                die "Package '$pkg' has not been built" \
                    "Run 'kiss build $pkg'"

            tar_file=$bin_dir/$tar_name
        fi

        # Figure out which package the tar-ball installs by checking for
        # a database entry inside the tar-ball. If no database entry exists,
        # exit here as the tar-ball is *most likely* not a KISS package.
        pkg_name=$(tar tf "$tar_file" | grep -x "\./$pkg_db/.*/version") ||
            die "'${tar_file##*/}' is not a valid KISS package"

        pkg_name=${pkg_name%/*}
        pkg_name=${pkg_name##*/}

        pkg_conflicts "$tar_file" "$pkg_name"

        mkdir -p "$tar_dir/$pkg_name"

        # Extract the tar-ball to catch any errors before installation begins.
        tar pxf "$tar_file" -C "$tar_dir/$pkg_name" ||
            die "[$pkg_name] Failed to extract tar-ball"

        log "[$pkg_name] Checking that all dependencies are installed"

        # Make sure that all run-time dependencies are installed prior to
        # installing the package.
        [ -f "$tar_dir/$pkg_name/$pkg_db/$pkg_name/depends" ] &&
            while read -r dep dep_type; do
                [ "${dep##\#*}" ] || continue
                [ "$dep_type" ]   || pkg_list "$dep" >/dev/null ||
                    install_dep="$install_dep'$dep', "
            done < "$tar_dir/$pkg_name/$pkg_db/$pkg_name/depends"

        [ "$install_dep" ] && die "[$1] Package requires ${install_dep%, }"

        log "[$pkg_name] Installing package"

        # Block being able to abort the script with Ctrl+C during installation.
        # Removes all risk of the user aborting a package installation leaving
        # an incomplete package installed.
        trap '' INT

        # If the package is already installed (and this is an upgrade) make a
        # backup of the manifest file.
        if [ -f "$KISS_ROOT/$pkg_db/$pkg_name/manifest" ]; then
            old_manifest=$(cat "$KISS_ROOT/$pkg_db/$pkg_name/manifest")
        else
            old_manifest=
        fi

        # This is repeated multiple times. Better to make it a function.
        pkg_rsync() {
            rsync --chown=root:root -HKav --exclude etc -- \
                "$tar_dir/$pkg_name/" "$KISS_ROOT/"
        }

        # Install the package by using 'rsync' and overwrite any existing files
        # (excluding '/etc/').
        pkg_rsync

        # If '/etc/' exists in the package, install it but don't overwrite.
        [ -d "$tar_dir/$pkg_name/etc" ] &&
            rsync --chown=root:root -HKav --ignore-existing \
                "$tar_dir/$pkg_name/etc" "$KISS_ROOT/"

        # Remove any leftover files if this is an upgrade.
        [ "$old_manifest" ] && {
            printf '%s\n' "$old_manifest" |
            grep -vFxf "$KISS_ROOT/$pkg_db/$pkg_name/manifest" - |

            while read -r file; do
                # Skip deleting some leftover files.
                case $file in
                    /etc/*|*bin/rm|*bin/busybox|*bin/rsync) continue ;;
                esac

                file=$KISS_ROOT/$file

                # Remove files.
                if [ -f "$file" ] && [ ! -L "$file" ]; then
                    rm -f "$file"

                # Remove file symlinks.
                elif [ -L "$file" ] && [ ! -d "$file" ]; then
                    unlink "$file" ||:

                # Skip directory symlinks.
                elif [ -L "$file" ] && [ -d "$file" ]; then
                    :

                # Remove directories if empty.
                elif [ -d "$file" ]; then
                    rmdir "$file" 2>/dev/null ||:
                fi
            done ||:
        }

        # Install the package again to fix any non-leftover files being
        # removed above.
        pkg_rsync ||:
        pkg_rsync ||:

        # Reset 'trap' to its original value. Installation is done so
        # we no longer need to block 'Ctrl+C'.
        trap pkg_clean EXIT INT

        [ -x "$KISS_ROOT/$pkg_db/$pkg_name/post-install" ] && {
            log "[$pkg_name] Running post-install script"
            "$KISS_ROOT/$pkg_db/$pkg_name/post-install" ||:
        }

        log "[$pkg_name] Installed successfully"
    done
}

pkg_updates() {
    # Check all installed packages for updates. So long as the installed
    # version and the version in the repositories differ, it's considered
    # an update.

    log "Updating repositories"

    # Create a list of all repositories.
    IFS=:; set -- $KISS_PATH; IFS=$old_ifs

    # Update each repository in '$KISS_PATH'. It is assumed that
    # each repository is 'git' tracked.
    for repo; do
        cd "$repo"

        # Go to the root of the repository (if it exists).
        cd "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null ||:

        [ -d .git ] || {
            log "[$repo] Not a git repository, skipping"
            continue
        }

        case $repos in
            # If the repository has already been updated, skip it.
            *" $PWD "*) ;;
            *)
                repos="$repos $PWD "

                log "[$PWD] Updating repository"

                if [ -w "$PWD" ]; then
                    git pull
                else
                    log "[$PWD] Need root to update"
                    sudo git pull
                fi
            ;;
        esac
    done

    log "Checking for new package versions"

    # Enable globbing.
    set +f

    for pkg in "$KISS_ROOT/$pkg_db/"*; do
        pkg_name=${pkg##*/}

        # Read version and release information from the installed packages
        # and repository.
        read -r db_ver db_rel < "$pkg/version"
        read -r re_ver re_rel < "$(pkg_find "$pkg_name")/version"

        # Compare installed packages to repository packages.
        [ "$db_ver-$db_rel" != "$re_ver-$re_rel" ] && {
            printf '%s\n' "$pkg_name $db_ver-$db_rel ==> $re_ver-$re_rel"
            outdated="$outdated$pkg_name "
        }
    done

    # If the package manager has an update, handle it first.
    case $outdated in
        *" kiss "*)
            log "Detected package manager update" \
                "The package manager will be updated first" \
                "Continue?: Press Enter to continue or Ctrl+C to abort here"

            read -r || exit

            pkg_build kiss
            args i kiss

            log "Updated the package manager" \
                "Re-run 'kiss update' to update your system"

            exit 0
        ;;
    esac

    # Disable globbing.
    set -f

    # End here if no packages have an update.
    [ "$outdated" ] || {
        log "Everything is up to date"
        return
    }

    log "Packages to update: ${outdated% }"

    # Tell 'pkg_build' to always prompt before build.
    pkg_update=1

    # Build all packages requiring an update.
    pkg_build $outdated
    log "Updated all packages"
}

pkg_clean() {
    # Clean up on exit or error. This removes everything related
    # to the build.
    [ "$KISS_DEBUG" = 1 ] && return

    # Block 'Ctrl+C' while cache is being cleaned.
    trap '' INT

    # Remove temporary directories.
    rm -rf -- "$mak_dir" "$pkg_dir" "$tar_dir"
}

args() {
    # Parse script arguments manually. POSIX 'sh' has no 'getopts'
    # or equivalent built in. This is rather easy to do in our case
    # since the first argument is always an "action" and the arguments
    # that follow are all package names.
    action=$1
    shift ||:

    # Parse some arguments earlier to remove the need to duplicate code.
    case $action in
        c|checksum|s|search)
            [ "$1" ] || die "'kiss $action' requires an argument"
        ;;

        i|install|r|remove)
            [ "$1" ] || die "'kiss $action' requires an argument"

            # Rerun the script with 'sudo' if the user isn't root.
            # Cheeky but 'sudo' can't be used on shell functions themselves.
            [ "$(id -u)" = 0 ] || {
                sudo -E kiss "$action" "$@"
                return
            }
        ;;
    esac

    # Actions can be abbreviated to their first letter. This saves
    # keystrokes once you memorize the commands.
    case $action in
        b|build)
            # If no arguments were passed, rebuild all packages.
            [ "$1" ] || {
                cd "$KISS_ROOT/$pkg_db" || die "Failed to find package db"

                # Use a glob after 'cd' to generate a list of all installed
                # packages based on directory names.
                set +f; set -f -- *

                # Undo the above 'cd' to ensure we stay in the same location.
                cd - >/dev/null
            }

            pkg_build "$@"
        ;;

        c|checksum)
            for pkg; do pkg_lint    "$pkg"; done
            for pkg; do pkg_sources "$pkg"; done
            for pkg; do
                pkg_checksums "$pkg" > "$(pkg_find "$pkg")/checksums"

                log "[$pkg] Generated checksums"
            done
        ;;

        i|install)
            # Create a list of each package's dependencies.
            for pkg; do
                if [ "${pkg%%*.tar.gz}" ]; then
                    pkg_depends "$pkg"
                else
                    missing_deps="$missing_deps $pkg "
                fi
            done

            # Filter the list, only including explicit packages.
            for pkg in $missing_deps; do
                case " $* " in
                    *" $pkg "*) install_pkgs="$install_pkgs $pkg " ;;
                esac
            done

            pkg_install $install_pkgs
        ;;

        r|remove)
            log "Removing packages"

            # Create a list of each package's dependencies.
            for pkg; do pkg_depends "$pkg"; done

            # Reverse the list of dependencies filtering out anything
            # not explicitly set for removal.
            for pkg in $missing_deps; do
                case " $* " in
                    *" $pkg "*) remove_pkgs="$pkg $remove_pkgs" ;;
                esac
            done

            for pkg in $remove_pkgs; do
                pkg_list "$pkg" >/dev/null ||
                    die "[$pkg] Not installed"

                pkg_remove "$pkg" "${KISS_FORCE:-check}"
            done
        ;;

        l|list)
            pkg_list "$@"
        ;;

        u|update)
            pkg_updates
        ;;

        s|search)
            for pkg; do pkg_find "$pkg"; done
        ;;

        v|version|-v|--version)
            printf 'kiss 0.12.0\n'
        ;;

        h|help|-h|--help|'')
            log 'kiss [b|c|i|l|r|s|u] [pkg] [pkg] [pkg]' \
                'build:     Build a package' \
                'checksum:  Generate checksums' \
                'install:   Install a package' \
                'list:      List installed packages' \
                'remove:    Remove a package' \
                'search:    Search for a package' \
                'update:    Check for updates'
        ;;

        *) die "'kiss $action' is not a valid command" ;;
    esac
}

main() {
    # Set the location to the repository and package database.
    pkg_db=var/db/kiss/installed

    # The PID of the current shell process is used to isolate directories
    # to each specific KISS instance. This allows multiple package manager
    # instances to be run at once. Store the value in another variable so
    # that it doesn't change beneath us.
    pid=${KISS_PID:-$$}

    # Store the original value of IFS so we can revert back to it if the
    # variable is ever changed.
    old_ifs=$IFS

    # Catch errors and ensure that build files and directories are cleaned
    # up before we die. This occurs on 'Ctrl+C' as well as success and error.
    trap pkg_clean EXIT INT

    # Create the required temporary directories and set the variables
    # which point to them.
    mkdir -p "${cac_dir:=$KISS_ROOT${XDG_CACHE_HOME:-$HOME/.cache}/kiss}" \
             "${mak_dir:=$cac_dir/build-$pid}" \
             "${pkg_dir:=$cac_dir/pkg-$pid}" \
             "${tar_dir:=$cac_dir/extract-$pid}" \
             "${src_dir:=$cac_dir/sources}" \
             "${bin_dir:=$cac_dir/bin}" \
        || die "Couldn't create cache directories"

    args "$@"
}

main "$@"