#!/bin/sh -ef
# shellcheck source=/dev/null
#
# This is a simple package manager written in POSIX 'sh' for use
# in KISS Linux (https://k1ss.org).
#
# This script runs with '-ef' meaning:
# '-e': Abort on any non-zero exit code.
# '-f': Disable globbing globally.
#
# [1] Warnings related to word splitting and globbing are disabled.
# All word splitting in this script is *safe* and intentional.
#
# Dylan Araps.

log() {
    # Print a message prettily.
    #
    # All messages are printed to stderr to allow the user to hide build
    # output which is the only thing printed to stdout.
    #
    # '\033[1;32m'        Set text to color '2' and make it bold.
    # '\033[m':           Reset text formatting.
    # '${3:-->}':         If the 3rd argument is missing, set prefix to '->'.
    # '${2:+\033[1;3Xm}': If the 2nd argument exists, set text style of '$1'.
    # '${2:+\033[m}':     If the 2nd argument exists, reset text formatting.
    printf '\033[1;33m%s \033[m%b%s\033[m %s\n' \
           "${3:-->}" "${2:+\033[1;36m}" "$1" "$2" >&2
}

die() {
    # Print a message and exit with '1' (error).
    log "$1" "$2" "!>"
    exit 1
}

contains() {
    # Check if a "string list" contains a word.
    case " $1 " in *" $2 "*) return 0; esac; return 1
}

prompt() {
    # Ask the user for some input.
    [ "$1" ] && log "$1"
    log "Continue?: Press Enter to continue or Ctrl+C to abort here"

    # POSIX 'read' has none of the "nice" options like '-n', '-p'
    # etc etc. This is the most basic usage of 'read'.
    # '_' is used as 'dash' errors when no variable is given to 'read'.
    read -r _
}

as_root() {
    # Simple function to run a command as root using either 'sudo',
    # 'doas' or 'su'. Hurrah for choice.
    [ "$uid" = 0 ] || log "Using '${su:-su}'"

    case $su in
        *sudo) sudo -E  -- "$@" ;;
        *doas) doas     -- "$@" ;;
        *)     su -pc "$* <&3" 3<&0 </dev/tty ;;
    esac
}

esc() {
    # Escape all required characters in both the search and
    # replace portions of two strings for use in a 'sed' call
    # as "plain-text".
    printf 's/^%s$/%s/' \
        "$(printf %s "$1" | sed 's/[]\/$*.^[]/\\&/g')" \
        "$(printf %s "$2" | sed 's/[\/&]/\\&/g')"
}

pop() {
    # Remove an item from a "string list". This allows us
    # to remove a 'sed' call and reuse this code throughout.
    del=$1
    shift

    for i; do [ "$i" = "$del" ] || printf %s " $i "; done
}

run_hook() {
    [ "$KISS_HOOK" ] || return 0

    log "$2" "Running $1 hook"

    TYPE=$1 PKG=$2 DEST=$3 . "$KISS_HOOK"
}

pkg_lint() {
    # Check that each mandatory file in the package entry exists.
    log "$1" "Checking repository files"

    repo_dir=$(pkg_find "$1")

    cd "$repo_dir" || die "'$repo_dir' not accessible"
    [ -f sources ] || die "$1" "Sources file not found"
    [ -x build ]   || die "$1" "Build file not found or not executable"
    [ -s version ] || die "$1" "Version file not found or empty"

    read -r _ release < version
    [ "$release" ] || die "Release field not found in version file"

    [ "$2" ] || [ -f checksums ] || die "$pkg" "Checksums are missing"
}

pkg_find() {
    # Figure out which repository a package belongs to by
    # searching for directories matching the package name
    # in $KISS_PATH/*.
    [ "$KISS_PATH" ] || die "\$KISS_PATH needs to be set"

    # Turn the argument list into variables as we reset
    # the list below.
    query=$1
    match=$2

    # This ugly mess appends '/.' to the end of each path in
    # '$KISS_PATH' as POSIX 'find' has no '-mindepth'/'-maxdepth'.
    # See: https://unix.stackexchange.com/a/330372
    IFS=:; set --
    for path in $KISS_PATH; do set -- "$@" "$path/."; done
    IFS=$old_ifs

    # Find the repository containing a package.
    # Searches installed packages if the package is absent
    # from the repositories. This ugly mess is thanks to POSIX
    # find which has no '-mindepth'/'-maxdepth', etc.
    # See: https://unix.stackexchange.com/a/330372
    # See [1] at top of script.
    # shellcheck disable=2046,2086
    set -- $(find "$@" "$sys_db/." \( ! -name . -prune \) \
        ! -name .git -a -name "$query" -type d)

    # A package may also not be found due to a repository not being
    # readable by the current user. Either way, we need to die here.
    [ "$1" ] || die "Package '$query' not in any repository"

    # Show all search results if called from 'kiss search', else
    # print only the first match.
    [ "$match" ] && printf '%s\n' "$@" || printf '%s\n' "$1"
}

pkg_list() {
    # List installed packages. As the format is files and
    # directories, this just involves a simple for loop and
    # file read.

    # Change directories to the database. This allows us to
    # avoid having to 'basename' each path. If this fails,
    # set '$1' to mimic a failed glob which indicates that
    # nothing is installed.
    cd "$sys_db" 2>/dev/null || set -- "$sys_db/"\*

    # Optional arguments can be passed to check for specific
    # packages. If no arguments are passed, list all. As we
    # loop over '$@', if there aren't any arguments we can
    # just set the directory contents to the argument list.
    [ "$1" ] || { set +f; set -f -- *; }

    # If the 'glob' above failed, exit early as there are no
    # packages installed.
    [ "$1" = "$sys_db/"\* ] && return 1

    # Loop over each package and print its name and version.
    for pkg; do
        [ -d "$pkg" ] || { log "$pkg" "not installed"; return 1; }

        read -r version 2>/dev/null < "$pkg/version" || version=null
        printf '%s\n' "$pkg $version"
    done
}

pkg_sources() {
    # Download any remote package sources. The existence of local
    # files is also checked.
    log "$1" "Downloading sources"

    # Store each downloaded source in a directory named after the
    # package it belongs to. This avoid conflicts between two packages
    # having a source of the same name.
    mkdir -p "$src_dir/$1" && cd "$src_dir/$1"

    repo_dir=$(pkg_find "$1")

    while read -r src dest || [ "$src" ]; do
        # Comment.
        if [ -z "${src##\#*}" ]; then :

        # Remote source (cached).
        elif [ -f "${src##*/}" ]; then
            log "$1" "Found cached source '${src##*/}'"

        # Remote git repository.
        elif [ -z "${src##git+*}" ]; then
            # This is a checksums check, skip it.
            [ "$2" ] && continue

            mkdir -p "$mak_dir/$1/$dest"

            # Run in a subshell to keep the variables, path and
            # argument list local to each loop iteration.
            (
                repo_src=${src##git+}

                log "$1" "Cloning ${repo_src%[@#]*}"

                # Git has no option to clone a repository to a
                # specific location so we must do it ourselves
                # beforehand.
                cd "$mak_dir/$1/$dest" || die 2>/dev/null

                # Clear the argument list as we'll be overwriting
                # it below based on what kind of checkout we're
                # dealing with.
                set -- "$repo_src"

                # If a branch was given, shallow clone it directly.
                # This speeds things up as we don't have to grab
                # a lot of unneeded commits.
                [ "${src##*@*}" ] ||
                    set -- -b "${src##*@}" "${repo_src%@*}"

                # Maintain compatibility with older versions of
                # kiss by shallow cloning all branches. This has
                # the added benefit of allowing checkouts of
                # specific commits in specific branches.
                [ "${src##*#*}" ] ||
                    set -- --no-single-branch "${repo_src%#*}"

                # Always do a shallow clone as we will unshallow it if
                # needed later (when a commit is desired).
                git clone --depth=1 "$@" .

            ) || die "$1" "Failed to clone $src"

        # Remote source.
        elif [ -z "${src##*://*}" ]; then
            log "$1" "Downloading $src"

            curl "$src" -fLo "${src##*/}" || {
                rm -f "${src##*/}"
                die "$1" "Failed to download $src"
            }

        # Local source.
        elif [ -f "$repo_dir/$src" ]; then
            log "$1" "Found local file '$src'"

        else
            die "$1" "No local file '$src'"
        fi
    done < "$repo_dir/sources"
}

pkg_extract() {
    # Extract all source archives to the build directory and copy over
    # any local repository files.
    log "$1" "Extracting sources"

    repo_dir=$(pkg_find "$1")

    while read -r src dest || [ "$src" ]; do
        mkdir -p "$mak_dir/$1/$dest" && cd "$mak_dir/$1/$dest"

        case $src in
            # Git repository with supplied commit hash.
            git+*\#*)
                log "Checking out ${src##*#}"

                # A commit was requested, unshallow the repository.
                # This will convert it to a regular repository with
                # full history.
                git fetch --unshallow

                # Try to checkout the repository. If we fail here,
                # the requested commit doesn't exist.
                git -c advice.detachedHead=false checkout "${src##*#}" ||
                    die "Commit hash ${src##*#} doesn't exist"
            ;;

            # Git repository, comment or blank line.
            git+*|\#*|'') continue ;;

            # Only 'tar' archives are currently supported for extraction.
            # Any other file-types are simply copied to '$mak_dir' which
            # allows for manual extraction.
            *://*.tar|*://*.tar.??|*://*.tar.???|*://*.tar.????|*://*.tgz)
                "$tar" xf "$src_dir/$1/${src##*/}" --strip-components 1 ||
                    die "$1" "Couldn't extract ${src##*/}"
            ;;

            *)
                # Local file.
                if [ -f "$repo_dir/$src" ]; then
                    cp -f "$repo_dir/$src" .

                # Remote file.
                elif [ -f "$src_dir/$1/${src##*/}" ]; then
                    cp -f "$src_dir/$1/${src##*/}" .

                else
                    die "$1" "Local file $src not found"
                fi
            ;;
        esac
    done < "$repo_dir/sources"
}

pkg_depends() {
    # Resolve all dependencies and generate an ordered list.
    repo_dir=$(pkg_find "$1")

    # This does a depth-first search. The deepest dependencies are
    # listed first and then the parents in reverse order.
    contains "$deps" "$1" || {
        # Filter out non-explicit, aleady installed dependencies.
        # Only filter installed if called from 'pkg_build()'.
        [ "$pkg_build" ] && [ -z "$2" ] &&
            (pkg_list "$1" >/dev/null) && return

        # Recurse through the dependencies of the child packages.
        while read -r dep _ || [ "$dep" ]; do
            [ "${dep##\#*}" ] && pkg_depends "$dep"
        done 2>/dev/null < "$repo_dir/depends" ||:

        # After child dependencies are added to the list,
        # add the package which depends on them.
        [ "$2" = explicit ] || deps="$deps $1 "
    }
}

pkg_order() {
    # Order a list of packages based on dependence and
    # take into account pre-built tarballs if this is
    # to be called from 'kiss i'.
    order=; redro=; deps=

    for pkg; do
        case $pkg in
            *.tar.gz) deps="$deps $pkg " ;;
            *)        pkg_depends "$pkg" raw
        esac
    done

    # Filter the list, only keeping explicit packages.
    # The purpose of these two loops is to order the
    # argument list based on dependence.
    for pkg in $deps; do
        ! contains "$*" "$pkg" || {
            order="$order $pkg "
            redro=" $pkg $redro"
        }
    done

    deps=
}

pkg_strip() {
    # Strip package binaries and libraries. This saves space on the
    # system as well as on the tar-balls we ship for installation.

    # Package has stripping disabled, stop here.
    [ -f "$mak_dir/$pkg/nostrip" ] && return

    log "$1" "Stripping binaries and libraries"

    # Strip only files matching the below ELF types.
    # NOTE: 'readelf' is used in place of 'file' as
    #       it allows us to remove 'file' from the
    #       core repositories altogether.
    find "$pkg_dir/$1" -type f | while read -r file; do
        case $(readelf -h "$file" 2>/dev/null) in
            *" DYN "*)  strip_opt=unneeded ;;
            *" EXEC "*) strip_opt=all ;;
            *" REL "*)  strip_opt=debug ;;
            *) continue
        esac

        # Suppress errors here as some binaries and libraries may
        # fail to strip. This is OK.
        strip "--strip-$strip_opt" "$file" 2>/dev/null ||:
    done
}

pkg_fixdeps() {
    # Dynamically look for missing runtime dependencies by checking
    # each binary and library with 'ldd'. This catches any extra
    # libraries and or dependencies pulled in by the package's
    # build suite.
    log "$1" "Checking for missing dependencies"

    # Go to the directory containing the built package to
    # simplify path building.
    cd "$pkg_dir/$1/$pkg_db/$1"

    # Make a copy of the depends file if it exists to have a
    # reference to 'diff' against.
    if [ -f depends ]; then
        cp -f depends "$mak_dir/d"
        dep_file=$mak_dir/d
    else
        dep_file=/dev/null
    fi

    # Generate a list of all installed manifests.
    pkg_name=$1
    set +f
    set -f -- "$sys_db/"*/manifest

    # Get a list of binaries and libraries, false files
    # will be found, however it's faster to get 'ldd' to check
    # them anyway than to filter them out.
    find "$pkg_dir/$pkg_name/" -type f 2>/dev/null |

    while read -r file; do
        # Run 'ldd' on the file and parse each line. The code
        # then checks to see which packages own the linked
        # libraries and it prints the result.
        ldd "$file" 2>/dev/null | while read -r dep; do
            # Skip lines containing 'ldd'.
            [ "${dep##*ldd*}" ] || continue

            # Extract the file path from 'ldd' output.
            dep=${dep#* => }
            dep=${dep% *}

            # Figure out which package owns the file.
            dep=$("$grep" -lFx "${dep##$KISS_ROOT}" "$@")

            # Extract package name from 'grep' match.
            dep=${dep%/*}
            dep=${dep##*/}

            case $dep in
                # Skip listing these packages as dependencies.
                musl|gcc|${PWD##*/}|"") ;;
                *) printf '%s\n' "$dep" ;;
            esac
        done ||:
    done >> depends

    # Remove duplicate entries from the new depends file.
    # This removes duplicate lines looking *only* at the
    # first column.
    sort -uk1,1 -o depends depends 2>/dev/null ||:

    # Display a diff of the new dependencies against the old ones. 
    diff "$dep_file" depends 2>/dev/null ||:

    # Remove the depends file if it is empty.
    [ -s depends ] || rm -f depends
}

pkg_manifest() (
    # Generate the package's manifest file. This is a list of each file
    # and directory inside the package. The file is used when uninstalling
    # packages, checking for package conflicts and for general debugging.
    log "$1" "Generating manifest"

    # This function runs as a sub-shell to avoid having to 'cd' back to the
    # prior directory before being able to continue.
    cd "$pkg_dir/$1"

    # find: Print all files and directories and append '/' to directories.
    # sort: Sort the output in *reverse*. Directories appear *after* their
    #       contents.
    # sed:  Remove the first character in each line (./dir -> /dir) and
    #       remove all lines which only contain '.'.
    find . -type d -exec printf '%s/\n' {} + -o -print |
        sort -r | sed '/^\.\/$/d;ss.ss' > "$pkg_dir/$1/$pkg_db/$1/manifest"
)

pkg_etcsums() (
    # Generate checksums for each configuration file in the package's
    # /etc/ directory for use in "smart" handling of these files.
    log "$1" "Generating etcsums"

    # This function runs as a sub-shell to avoid having to 'cd' back to the
    # prior directory before being able to continue.
    cd "$pkg_dir/$1/etc" 2>/dev/null || return 0; cd ..

    find etc -type f -exec sha256sum {} + > "$pkg_dir/$1/$pkg_db/$1/etcsums"
)

pkg_tar() {
    # Create a tar-ball from the built package's files.
    # This tar-ball also contains the package's database entry.
    log "$1" "Creating tar-ball"

    # Read the version information to name the package.
    read -r version release < "$(pkg_find "$1")/version"

    # Create a tar-ball from the contents of the built package.
    "$tar" zpcf "$bin_dir/$1#$version-$release.tar.gz" -C "$pkg_dir/$1" . ||
        die "$1" "Failed to create tar-ball"

    log "$1" "Successfully created tar-ball"
}

pkg_build() {
    # Build packages and turn them into packaged tar-balls. This function
    # also checks checksums, downloads sources and ensure all dependencies
    # are installed.
    pkg_build=1

    log "Resolving dependencies"

    for pkg; do
        contains "$explicit" "$pkg" || {
            pkg_depends "$pkg" explicit

            # Mark packages passed on the command-line
            # separately from those detected as dependencies.
            explicit="$explicit $pkg "
        }
    done

    [ "$pkg_update" ] || explicit_build=$explicit

    # If an explicit package is a dependency of another explicit
    # package, remove it from the explicit list as it needs to be
    # installed as a dependency.
    # shellcheck disable=2086
    for pkg; do
        contains "$deps" "$pkg" && explicit=$(pop "$pkg" $explicit)
    done

    # See [1] at top of script.
    # shellcheck disable=2046,2086
    set -- $deps $explicit

    log "Building: $*"

    # Only ask for confirmation if more than one package needs to be built.
    [ $# -gt 1 ] || [ "$pkg_update" ] && prompt

    log "Checking to see if any dependencies have already been built"
    log "Installing any pre-built dependencies"

    # Install any pre-built dependencies if they exist in the binary
    # directory and are up to date.
    for pkg; do
        # Don't check for a pre-built package if it was passed
        # to KISS directly.
        contains "$explicit_build" "$pkg" || {
            # Figure out the version and release.
            read -r version release < "$(pkg_find "$pkg")/version"

            # Install any pre-built binaries if they exist.
            # This calls 'args' to inherit a root check
            # to 'su' to elevate permissions.
            [ -f "$bin_dir/$pkg#$version-$release.tar.gz" ] && {
                log "$pkg" "Found pre-built binary, installing"
                (KISS_FORCE=1 args i "$bin_dir/$pkg#$version-$release.tar.gz")

                # Remove the now installed package from the build list.
                # See [1] at top of script.
                # shellcheck disable=2046,2086
                set -- $(pop "$pkg" "$@")
            }
        }
    done

    for pkg; do pkg_lint "$pkg"; done
    for pkg; do pkg_sources "$pkg"; done

    pkg_verify "$@"

    # Finally build and create tarballs for all passed packages and
    # dependencies.
    for pkg; do
        log "$pkg" "Building package ($((in = in + 1))/$#)"

        pkg_extract "$pkg"
        repo_dir=$(pkg_find "$pkg")

        # Install built packages to a directory under the package name
        # to avoid collisions with other packages.
        mkdir -p "$pkg_dir/$pkg/$pkg_db"

        # Move to the build directory.
        cd "$mak_dir/$pkg"

        log "$pkg" "Starting build"

        run_hook pre-build "$pkg" "$pkg_dir/$pkg"

        # Call the build script, log the output to the terminal
        # and to a file. There's no PIPEFAIL in POSIX shelll so
        # we must resort to tricks like killing the script ourselves.
        { "$repo_dir/build" "$pkg_dir/$pkg" 2>&1 || {
            log "$pkg" "Build failed"
            log "$pkg" "Log stored to $log_dir/$pkg-$time-$pid"
            run_hook build-fail "$pkg" "$pkg_dir/$pkg"
            pkg_clean
            kill 0
        } } | tee "$log_dir/$pkg-$time-$pid"

        # Delete the log file if the build succeeded to prevent
        # the directory from filling very quickly with useless logs.
        [ "$KISS_KEEPLOG" = 1 ] || rm -f "$log_dir/$pkg-$time-$pid"

        # Copy the repository files to the package directory.
        # This acts as the database entry.
        cp -LRf "$repo_dir" "$pkg_dir/$pkg/$pkg_db/"

        # We never ever want this. Let's end the endless conflicts
        # and remove it. This will be the only exception for a
        # specific removal of this kind.
        rm -f "$pkg_dir/$pkg/usr/lib/charset.alias"

        log "$pkg" "Successfully built package"

        run_hook post-build "$pkg" "$pkg_dir/$pkg"

        # Create the manifest file early and make it empty.
        # This ensures that the manifest is added to the manifest.
        : > "$pkg_dir/$pkg/$pkg_db/$pkg/manifest"

        # If the package contains '/etc', add a file called
        # 'etcsums' to the manifest. See comment directly above.
        [ -d "$pkg_dir/$pkg/etc" ] &&
            : > "$pkg_dir/$pkg/$pkg_db/$pkg/etcsums"

        pkg_strip    "$pkg"
        pkg_fixdeps  "$pkg"
        pkg_manifest "$pkg"
        pkg_etcsums  "$pkg"
        pkg_tar      "$pkg"

        # Install only dependencies of passed packages.
        # Skip this check if this is a package update.
        contains "$explicit" "$pkg" && [ -z "$pkg_update" ] && continue

        log "$pkg" "Needed as a dependency or has an update, installing"

        (KISS_FORCE=1 args i "$pkg")
    done

    # End here as this was a system update and all packages have been installed.
    [ "$pkg_update" ] && return

    log "Successfully built package(s)"

    # Turn the explicit packages into a 'list'.
    # See [1] at top of script.
    # shellcheck disable=2046,2086
    set -- $explicit

    # Only ask for confirmation if more than one package needs to be installed.
    [ $# -gt 1 ] && prompt "Install built packages? [$*]" && {
        args i "$@"
        return
    }

    log "Run 'kiss i $*' to install the package(s)"
}

pkg_checksums() {
    # Generate checksums for packages.
    repo_dir=$(pkg_find "$1")

    while read -r src _ || [ "$src" ]; do
        # Comment.
        if [ -z "${src##\#*}" ]; then
            continue

        # File is local to the package.
        elif [ -f "$repo_dir/$src" ]; then
            src_path=$repo_dir/${src%/*}

        # File is remote and was downloaded.
        elif [ -f "$src_dir/$1/${src##*/}" ]; then
            src_path=$src_dir/$1

        # File is a git repository.
        elif [ -z "${src##git+*}" ]; then
            printf 'git  %s\n' "$src"
            continue

        # Die here if source for some reason, doesn't exist.
        else
            die "$1" "Couldn't find source '$src'"
        fi

        # An easy way to get 'sha256sum' to print with the 'basename'
        # of files is to 'cd' to the file's directory beforehand.
        (cd "$src_path" && sha256sum "${src##*/}") ||
            die "$1" "Failed to generate checksums"
    done < "$repo_dir/sources"
}

pkg_verify() {
    # Verify all package checksums. This is achieved by generating
    # a new set of checksums and then comparing those with the old
    # set.
    for pkg; do
        pkg_checksums "$pkg" | cmp -s - "$(pkg_find "$pkg")/checksums" || {
            log "$pkg" "Checksum mismatch"

            # Instead of dying above, log it to the terminal. Also define a
            # variable so we *can* die after all checksum files have been
            # checked.
            mismatch="$mismatch$pkg "
        }
    done

    [ -z "$mismatch" ] || die "Checksum mismatch with: ${mismatch% }"
}

pkg_conflicts() {
    # Check to see if a package conflicts with another.
    log "$2" "Checking for package conflicts"

    # Filter the tarball's manifest and select only files
    # and any files they resolve to on the filesystem
    # (/bin/ls -> /usr/bin/ls).
    "$tar" xf "$1" -O "./$pkg_db/$2/manifest" | while read -r file; do
        case $file in */) continue; esac

        printf '%s/%s\n' \
            "$(readlink -f "$KISS_ROOT/${file%/*}" 2>/dev/null)" \
            "${file##*/}"
    done > "$cac_dir/$pid-m"

    p_name=$2

    # Generate a list of all installed package manifests
    # and remove the current package from the list.
    # shellcheck disable=2046,2086
    set -- $(set +f; pop "$sys_db/$p_name/manifest" "$sys_db"/*/manifest)

    [ -s "$cac_dir/$pid-m" ] || return 0

    # Enable alternatives automatically if it is safe to do so.
    # This checks to see that the package that is about to be installed
    # doesn't overwrite anything it shouldn't in '/var/db/kiss/installed'.
    "$grep" -Fxf "$cac_dir/$pid-m" -- "$@" |
    "$grep" -q ":/var/db/kiss/installed/" || choice_auto=1

    # Use 'grep' to list matching lines between the to
    # be installed package's manifest and the above filtered
    # list.
    if [ "$KISS_CHOICE" != 0 ] && [ "$choice_auto" = 1 ]; then
        "$grep" -Fxf "$cac_dir/$pid-m" -- "$@" |

        # This is a novel way of offering an "alternatives" system.
        # It is entirely dynamic and all "choices" are created and
        # destroyed on the fly.
        #
        # When a conflict is found between two packages, the file
        # is moved to a directory called "choices" and its name
        # changed to store its parent package and its intended
        # location.
        #
        # The package's manifest is then updated to reflect this
        # new location.
        #
        # The 'kiss choices' command parses this directory and
        # offers you the CHOICE of *swapping* entries in this
        # directory for those on the filesystem.
        #
        # The choices command does the same thing we do here,
        # it rewrites manifests and moves files around to make
        # this work.
        #
        # Pretty nifty huh?
        while IFS=: read -r _ con; do
            log "$p_name" "Found conflict ($con), adding choice"

            # Create the "choices" directory inside of the tarball.
            # This directory will store the conflicting file.
            mkdir -p "$tar_dir/$p_name/${cho_dir:=var/db/kiss/choices}"

            # Construct the file name of the "db" entry of the
            # conflicting file. (pkg_name>usr>bin>ls)
            con_name=$(printf %s "$con" | sed 's|/|>|g')

            # Move the conflicting file to the choices directory
            # and name it according to the format above.
            mv -f "$tar_dir/$p_name/$con" \
                  "$tar_dir/$p_name/$cho_dir/$p_name$con_name" 2>/dev/null || {
                log "File must be in ${con%/*} and not a symlink to it"
                log "This usually occurs when a binary is installed to"
                log "/sbin instead of /usr/bin (example)"
                log "Before this package can be used as an alternative,"
                log "this must be fixed in $p_name. Contact the maintainer"
                die "by checking 'git log' or by running 'kiss-maintainer'"
            }

            # Rewrite the package's manifest to update its location
            # to its new spot (and name) in the choices directory.
            sed -i "$(esc "$con" "/$cho_dir/$p_name$con_name")" \
                "$tar_dir/$p_name/$pkg_db/$p_name/manifest"
        done

    elif "$grep" -Fxf "$cac_dir/$pid-m" -- "$@"; then
        log "Package '$p_name' conflicts with another package" "" "!>"
        log "Run 'KISS_CHOICE=1 kiss i $p_name' to add conflicts" "" "!>"
        die "as alternatives."
    fi
}

pkg_swap() {
    # Swap between package alternatives.
    pkg_list "$1" >/dev/null

    alt=$(printf %s "$1$2" | sed 's|/|>|g')
    cd "$sys_db/../choices"

    [ -f "$alt" ] || [ -h "$alt" ] ||
        die "Alternative '$1 $2' doesn't exist"

    if [ -f "$2" ]; then
        # Figure out which package owns the file we are going to
        # swap for another package's.
        #
        # Print the full path to the manifest file which contains
        # the match to our search.
        pkg_owns=$(set +f; "$grep" -lFx "$2" "$sys_db/"*/manifest) ||:

        # Extract the package name from the path above.
        pkg_owns=${pkg_owns%/*}
        pkg_owns=${pkg_owns##*/}

        [ "$pkg_owns" ] ||
            die "File '$2' exists on filesystem but isn't owned"

        log "Swapping '$2' from '$pkg_owns' to '$1'"

        # Convert the current owner to an alternative and rewrite
        # its manifest file to reflect this.
        cp  -Pf "$2" "$pkg_owns>${alt#*>}"
        sed -i "$(esc "$2" "$PWD/$pkg_owns>${alt#*>}")" \
            "../installed/$pkg_owns/manifest"
    fi

    # Convert the desired alternative to a real file and rewrite
    # the manifest file to reflect this. The reverse of above.
    mv  -f "$alt" "$2"
    sed -i "$(esc "$PWD/$alt" "$2")" "../installed/$1/manifest"
}

pkg_remove() {
    # Remove a package and all of its files. The '/etc' directory
    # is handled differently and configuration files are *not*
    # overwritten.
    pkg_list "$1" >/dev/null || return

    set +f

    # Make sure that nothing depends on this package.
    [ "$2" = check ] && for file in "$sys_db/"*; do
        # Check each depends file for the package and if it's
        # a run-time dependency, append to the $required_by string.
        "$grep" -qFx "$1" "$file/depends" 2>/dev/null &&
            required_by="$required_by'${file##*/}', "
    done

    [ "$required_by" ] &&
        die "$1" "Package is required by ${required_by%, }"

    set -f

    # Block being able to abort the script with 'Ctrl+C' during removal.
    # Removes all risk of the user aborting a package removal leaving
    # an incomplete package installed.
    trap '' INT

    if [ -x "$sys_db/$1/pre-remove" ]; then
        log "$1" "Running pre-remove script"
        "$sys_db/$1/pre-remove" ||:
    fi

    while read -r file; do
        # The file is in '/etc' skip it. This prevents the package
        # manager from removing user edited configuration files.
        [ "${file##/etc/*}" ] || continue

        if [ -d "$KISS_ROOT/$file" ]; then
            rmdir "$KISS_ROOT/$file" 2>/dev/null || continue
        else
            rm -f "$KISS_ROOT/$file"
        fi
    done < "$sys_db/$1/manifest"

    # Reset 'trap' to its original value. Removal is done so
    # we no longer need to block 'Ctrl+C'.
    trap pkg_clean EXIT INT

    log "$1" "Removed successfully"
}

pkg_install() {
    # Install a built package tar-ball.

    # Install can also take the full path to a tar-ball.
    # We don't need to check the repository if this is the case.
    if [ -f "$1" ] && [ -z "${1%%*.tar.gz}" ] ; then
        tar_file=$1

    else
        # Read the version information to name the package.
        read -r version release < "$(pkg_find "$1")/version"

        # Construct the name of the package tarball.
        tar_file=$bin_dir/$1\#$version-$release.tar.gz

        [ -f "$tar_file" ] ||
            die "Package '$1' has not been built, run 'kiss build $1'"
    fi

    # Figure out which package the tar-ball installs by checking for
    # a database entry inside the tar-ball. If no database entry exists,
    # exit here as the tar-ball is *most likely* not a KISS package.
    pkg_name=$("$tar" tf "$tar_file" | "$grep" -x "\./$pkg_db/.*/version") ||
        die "'${tar_file##*/}' is not a valid KISS package"

    pkg_name=${pkg_name%/*}
    pkg_name=${pkg_name##*/}

    mkdir -p "$tar_dir/$pkg_name"

    # Extract the tar-ball to catch any errors before installation begins.
    "$tar" pxf "$tar_file" -C "$tar_dir/$pkg_name" ||
        die "$pkg_name" "Failed to extract tar-ball"

    log "$pkg_name" "Checking that all dependencies are installed"

    # Make sure that all run-time dependencies are installed prior to
    # installing the package.
    [ -f "$tar_dir/$pkg_name/$pkg_db/$pkg_name/depends" ] &&
    [ -z "$KISS_FORCE" ] &&
        while read -r dep dep_type || [ "$dep" ]; do
            [ "${dep##\#*}" ] || continue
            [ "$dep_type" ]   || pkg_list "$dep" >/dev/null ||
                install_dep="$install_dep'$dep', "
        done < "$tar_dir/$pkg_name/$pkg_db/$pkg_name/depends"

    [ "$install_dep" ] && die "$1" "Package requires ${install_dep%, }"

    run_hook pre-install "$pkg_name" "$tar_dir/$pkg_name"

    pkg_conflicts "$tar_file" "$pkg_name"

    log "$pkg_name" "Installing package incrementally"

    # Block being able to abort the script with Ctrl+C during installation.
    # Removes all risk of the user aborting a package installation leaving
    # an incomplete package installed.
    trap '' INT

    # If the package is already installed (and this is an upgrade) make a
    # backup of the manifest and etcsums files.
    cp -f "$sys_db/$pkg_name/manifest" "$mak_dir/m" 2>/dev/null ||:
    cp -f "$sys_db/$pkg_name/etcsums"  "$mak_dir/c" 2>/dev/null ||:

    # This is repeated multiple times. Better to make it a function.
    pkg_rsync() {
        rsync --chown=root:root --chmod=Du-s,Dg-s,Do-s \
              -WhHKa --no-compress --exclude /etc "$1" \
              "$tar_dir/$pkg_name/" "$KISS_ROOT/"
    }

    # Install the package by using 'rsync' and overwrite any existing files
    # (excluding '/etc/').
    pkg_rsync --info=progress2

    [ -d "$tar_dir/$pkg_name/etc" ] && (
        cd "$tar_dir/$pkg_name"

        # Create all directories beforehand.
        find etc -type d | while read -r dir; do
            mkdir -p "$KISS_ROOT/$dir"
        done

        # Handle files in /etc/ based on a 3-way checksum check.
        find etc ! -type d | while read -r file; do
            {
                sum_new=$(sha256sum "$file")
                sum_sys=$(cd "$KISS_ROOT/"; sha256sum "$file")
                sum_old=$("$grep" "$file$" "$mak_dir/c")
            } 2>/dev/null ||:

            log "$pkg_name" "Doing 3-way handshake for $file"
            printf '%s\n' "Previous: ${sum_old:-null}"
            printf '%s\n' "System:   ${sum_sys:-null}"
            printf '%s\n' "New:      ${sum_new:-null}"

            # Use a case statement to easily compare three strings at
            # the same time. Pretty nifty.
            case ${sum_old:-null}${sum_sys:-null}${sum_new} in
                # old = Y, sys = X, new = Y
                ${sum_new}${sum_sys}${sum_old})
                    log "Skipping $file"
                    continue
                ;;

                # old = X, sys = X, new = X
                # old = X, sys = Y, new = Y
                # old = X, sys = X, new = Y
                ${sum_old}${sum_old}${sum_old}|\
                ${sum_old:-null}${sum_sys}${sum_sys}|\
                ${sum_sys}${sum_old}*)
                    log "Installing $file"
                    new=
                ;;

                # All other cases.
                *)
                    log WARN "($pkg_name) saving /$file as /$file.new"
                    new=.new
                ;;
            esac

            cp -af "$file"  "$KISS_ROOT/${file}${new}"
            chown root:root "$KISS_ROOT/${file}${new}" 2>/dev/null
        done ||:
    )

    # Remove any leftover files if this is an upgrade.
    "$grep" -vFxf "$sys_db/$pkg_name/manifest" "$mak_dir/m" 2>/dev/null |

    while read -r file; do
        file=$KISS_ROOT/$file

        # Skip deleting some leftover files.
        case $file in /etc/*) continue; esac

        # Remove files.
        if [ -f "$file" ] && [ ! -L "$file" ]; then
            rm -f "$file"

        # Remove file symlinks.
        elif [ -L "$file" ] && [ ! -d "$file" ]; then
            unlink "$file" ||:

        # Skip directory symlinks.
        elif [ -L "$file" ] && [ -d "$file" ]; then :

        # Remove directories if empty.
        elif [ -d "$file" ]; then
            rmdir "$file" 2>/dev/null ||:
        fi
    done ||:

    # Install the package again to fix any non-leftover files being
    # removed above.
    { pkg_rsync --; pkg_rsync --; } ||:

    # Reset 'trap' to its original value. Installation is done so
    # we no longer need to block 'Ctrl+C'.
    trap pkg_clean EXIT INT

    if [ -x "$sys_db/$pkg_name/post-install" ]; then
        log "$pkg_name" "Running post-install script"
        "$sys_db/$pkg_name/post-install" ||:
    fi

    log "$pkg_name" "Installed successfully"
}

pkg_updates() {
    # Check all installed packages for updates. So long as the installed
    # version and the version in the repositories differ, it's considered
    # an update.
    log "Updating repositories"

    # Create a list of all repositories.
    # See [1] at top of script.
    # shellcheck disable=2046,2086
    { IFS=:; set -- $KISS_PATH; IFS=$old_ifs; }

    # Update each repository in '$KISS_PATH'. It is assumed that
    # each repository is 'git' tracked.
    for repo; do
        # Go to the root of the repository (if it exists).
        cd "$repo"
        cd "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null ||:

        [ -d .git ] || {
            log "$repo" " "
            printf '%s\n' "Not a git repository, skipping."
            continue
        }

        [ "$(git remote 2>/dev/null)" ] || {
            log "$repo" " "
            printf '%s\n' "No remote, skipping."
            continue
        }

        contains "$repos" "$PWD" || {
            repos="$repos $PWD "

            # Display a tick if signing is enabled for this
            # repository.
            case $(git config merge.verifySignatures) in
                true) log "$PWD" "[signed ✓] " ;;
                *)    log "$PWD" " "  ;;
            esac

            if [ -w "$PWD" ] && [ "$uid" != 0 ]; then
                git fetch
                git merge

            else
                [ "$uid" = 0 ] || log "$PWD" "Need root to update"

                # Find out the owner of the repository and spawn
                # git as this user below.
                #
                # This prevents 'git' from changing the original
                # ownership of files and directories in the rare
                # case that the repository is owned by a 3rd user.
                (
                    user=$(stat -c %U "$PWD")

                    [ "${user:=root}" = root ] ||
                        log "Dropping permissions to $user for pull"

                    case $su in
                        su) "$su" -c "git fetch && git merge" "$user" ;;

                        *)  "$su" -u "$user" git fetch
                            "$su" -u "$user" git merge
                    esac
                )
            fi
        }
    done

    log "Checking for new package versions"

    set +f

    for pkg in "$sys_db/"*; do
        pkg_name=${pkg##*/}

        # Read version and release information from the installed packages
        # and repository.
        read -r db_ver db_rel < "$pkg/version"
        read -r re_ver re_rel < "$(pkg_find "$pkg_name")/version"

        # Compare installed packages to repository packages.
        [ "$db_ver-$db_rel" != "$re_ver-$re_rel" ] && {
            printf '%s\n' "$pkg_name $db_ver-$db_rel ==> $re_ver-$re_rel"
            outdated="$outdated$pkg_name "
        }
    done

    set -f

    contains "$outdated" kiss && {
        log "Detected package manager update"
        log "The package manager will be updated first"

        prompt

        pkg_build kiss
        args i kiss

        log "Updated the package manager"
        log "Re-run 'kiss update' to update your system"

        exit 0
    }

    [ "$outdated" ] || {
        log "Everything is up to date"
        return
    }

    log "Packages to update: ${outdated% }"

    # Tell 'pkg_build' to always prompt before build.
    pkg_update=1

    # Build all packages requiring an update.
    # See [1] at top of script.
    # shellcheck disable=2046,2086
    {
        pkg_order $outdated
        pkg_build $order
    }

    log "Updated all packages"
}

pkg_clean() {
    # Clean up on exit or error. This removes everything related
    # to the build.
    [ "$KISS_DEBUG" != 1 ] || return

    # Block 'Ctrl+C' while cache is being cleaned.
    trap '' INT

    # Remove temporary items.
    rm -rf -- "$mak_dir" "$pkg_dir" "$tar_dir" "$cac_dir/$pid-m"
}

args() {
    # Parse script arguments manually. This is rather easy to do in
    # our case since the first argument is always an "action" and
    # the arguments that follow are all package names.
    action=$1

    # 'dash' exits on error here if 'shift' is used and there are zero
    # arguments despite trapping the error ('|| :').
    shift "$(($# > 0 ? 1 : 0))"

    # Unless this is a search, sanitize the user's input. The call to
    # 'pkg_find()' supports basic globbing, ensure input doesn't expand
    # to anything except for when this behavior is needed.
    #
    # This handles the globbing characters '*', '!', '[' and ']' as per:
    # https://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html
    [ "${action##[as]*}" ] &&
        case $@ in *\**|*\!*|*\[*|*\]*)
            die "Arguments contain invalid characters: '!*[]'"
        esac

    # Parse some arguments earlier to remove the need to duplicate code.
    case $action in
        c|checksum|s|search)
            [ "$1" ] || die "'kiss $action' requires an argument"
        ;;

        a|alternatives)
            # Rerun the script with 'su' if the user isn't root.
            # Cheeky but 'su' can't be used on shell functions themselves.
            [ -z "$1" ] || [ "$uid" = 0 ] || {
                as_root kiss "$action" "$@"
                return
            }
        ;;

        i|install|r|remove)
            [ "$1" ] || die "'kiss $action' requires an argument"

            # Rerun the script with 'su' if the user isn't root.
            # Cheeky but 'su' can't be used on shell functions themselves.
            [ "$uid" = 0 ] || {
                KISS_FORCE="$KISS_FORCE" as_root kiss "$action" "$@"
                return
            }
        ;;
    esac

    # Actions can be abbreviated to their first letter. This saves
    # keystrokes once you memorize the commands.
    case $action in
        a|alternatives)
            if [ "$1" = - ]; then
                while read -r pkg path; do
                    pkg_swap "$pkg" "$path"
                done

            elif [ "$1" ]; then
                pkg_swap "$@"

            else
                set +f

                log Alternatives:

                # Go over each alternative and format the file
                # name for listing. (pkg_name>usr>bin>ls)
                for pkg in "$sys_db/../choices"/*; do
                    printf '%s\n' "${pkg##*/}"
                done |

                sed 's|>| /|; s|>|/|g; /\*/d'

                log note "Think about what you are doing"
                log note "for this feature requires thought"
            fi
        ;;

        b|build)
            # If no arguments were passed, rebuild all packages.
            [ "$1" ] || { cd "$sys_db" && { set +f; set -f -- *; } }

            pkg_build "${@:?No packages installed}"
        ;;

        c|checksum)
            for pkg; do pkg_lint    "$pkg" c; done
            for pkg; do pkg_sources "$pkg" c; done
            for pkg; do
                pkg_checksums "$pkg" > "$(pkg_find "$pkg")/checksums"

                log "$pkg" "Generated checksums"
            done
        ;;

        i|install)
            pkg_order "$@"

            for pkg in $order; do pkg_install "$pkg"; done
        ;;

        r|remove)
            pkg_order "$@"

            for pkg in $redro; do
                pkg_remove "$pkg" "${KISS_FORCE:-check}"
            done
        ;;

        l|list)    pkg_list "$@" ;;
        u|update)  pkg_updates ;;
        s|search)  for pkg; do pkg_find "$pkg" all; done ;;
        v|version) log kiss 1.7.9 ;;

        h|help|-h|--help|'')
            log 'kiss [a|b|c|i|l|r|s|u|v] [pkg] [pkg] [pkg]'
            log 'alternatives: List and swap to alternatives'
            log 'build:        Build a package'
            log 'checksum:     Generate checksums'
            log 'install:      Install a package'
            log 'list:         List installed packages'
            log 'remove:       Remove a package'
            log 'search:       Search for a package'
            log 'update:       Check for updates'
            log 'version:      Package manager version'
        ;;

        *) die "'kiss $action' is not a valid command" ;;
    esac
}

main() {
    # Set the location to the repository and package database.
    pkg_db=var/db/kiss/installed

    # The PID of the current shell process is used to isolate directories
    # to each specific KISS instance. This allows multiple package manager
    # instances to be run at once. Store the value in another variable so
    # that it doesn't change beneath us.
    pid=${KISS_PID:-$$}

    # Store the original value of IFS so we can revert back to it if the
    # variable is ever changed.
    old_ifs=$IFS

    # Catch errors and ensure that build files and directories are cleaned
    # up before we die. This occurs on 'Ctrl+C' as well as success and error.
    trap pkg_clean EXIT INT

    # Prefer GNU grep if installed as it is much much faster than busybox's
    # implementation. Very much worth it if you value performance over
    # POSIX correctness (grep quoted to avoid shellcheck false-positive).
    grep=$(command -v ggrep) || grep='grep'

    # Prefer libarchive tar or GNU tar if installed as they are  much
    # much faster than busybox's implementation. Very much worth it if
    # you value performance.
    tar=$(command -v bsdtar || command -v gtar) || tar=tar

    # Figure out which 'sudo' command to use based on the user's choice or
    # what is available on the system.
    su=${KISS_SU:-$(command -v sudo || command -v doas)} || su=su

    # Store the date and time of script invocation to be used as the name
    # of the log files the package manager creates uring builds.
    time=$(date '+%Y-%m-%d-%H:%M')

    # Make note of the user's current ID to do root checks later on.
    # This is used enough to warrant a place here.
    uid=$(id -u)

    # This allows for automatic setup of a KISS chroot and will
    # do nothing on a normal system.
    mkdir -p "${sys_db:=$KISS_ROOT/$pkg_db}" 2>/dev/null ||:

    # Create the required temporary directories and set the variables
    # which point to them.
    mkdir -p "${cac_dir:=$KISS_ROOT${XDG_CACHE_HOME:-$HOME/.cache}/kiss}" \
             "${mak_dir:=$cac_dir/build-$pid}" \
             "${pkg_dir:=$cac_dir/pkg-$pid}" \
             "${tar_dir:=$cac_dir/extract-$pid}" \
             "${src_dir:=$cac_dir/sources}" \
             "${log_dir:=$cac_dir/logs}" \
             "${bin_dir:=$cac_dir/bin}"

    args "$@"
}

main "$@"