The v6.0 build-system hardening arc lands 5 of the 10 improvements
proposed in local/docs/BUILD-SYSTEM-IMPROVEMENTS.md. All scripts
have unit tests (62 -> 86, all pass in <1s) and the new 'lint-recipe'
Gitea Actions job runs on every PR.
Per-recipe audit & lint scripts (catch R1/R2 violations BEFORE cook):
* audit-patch-idempotency.py — verifies external patches in
local/patches/ still apply against the upstream pinned rev.
Caught 1 real bug on first run: libdrm/02-redox-dispatch.patch
hunk at xf86drm.c:321 no longer matches libdrm-2.4.125.
* audit-kf6-deps.py — fetches upstream, scans for
find_package(KF6Xxx REQUIRED), compares to recipe deps. Catches
missing + dead dependencies in every kf6-* and qt* recipe.
* classify-cook-failure.py — 17-rule cook-failure classifier.
10-30s diagnosis vs 5-10min manual. exit code is intentionally
inverted (0=novel failure, 1=known fix) for CI signal.
* lint-recipe.py — 7-rule recipe lint: R1-NO-PATCH-FILE,
R1-PATH-SOURCE, R2-INLINE-SED, R2-PATCHES-DIR-UNUSED,
NO-LEGACY-MAKE, R1-LEGACY-APPLY-PATCHES, DEP-NOT-FOUND.
1.1s for 171 recipes (down from 60s+ in v1 via recipe-index
precomputation). Strict mode promotes warnings to errors.
Build-system convenience:
* repair-cook.sh — incremental-build optimizer.
Equivalent to 'repo cook <pkg>' but with a fast-path that
skips configure when CMakeCache.txt is newer than source AND
external patches haven't changed. 30-60s vs 5-10min on KF6
recipes. make repair.<pkg> / make clean-repair.<pkg> targets.
* migrate-kf6-seds-to-patches.sh — migration skeleton for
converting 56 inline 'sed -i' chains across the KF6 recipes
to durable external patches in local/patches/<name>/.
Gitea Actions (host-execution, no Docker):
* .gitea/workflows/build-system.yml — 8-job pipeline:
unit-tests, lint-offline, lint-network (nightly),
lint-recipe (NEW), lint-docs, build-mini, build-full,
smoke (QEMU boot).
* .gitea/RUNNER-SETUP.md — one-time Manjaro/Arch host setup.
Build script hardening:
* build-redbear.sh — when a low-level source (relibc,
kernel, base, bootloader, installer) is newer than its pkgar,
clean build/ and sysroot/ across all recipes too. Low-level
package changes leave autotools packages (pcre2, gettext,
libiconv, ...) with stale configure/libtool scripts referencing
the old runtime, causing 'libtool version mismatch' and
'not a valid libtool object' errors. Cleaning forces
re-configuration; stage/ and source/ are preserved so the
cookbook skips unchanged packages that don't use autotools.
* Makefile — wire lint-cook-failure,
lint-cook-failure-explain, lint-recipe, lint-recipe.%,
lint-recipe.strict, lint-recipe.%.strict, repair.%,
clean-repair.%, test-lint-scripts[-quiet]. Replace the
legacy 'validate-patches' target with a deprecation notice
pointing at validate-sources.
Documentation:
* BUILD-SYSTEM-IMPROVEMENTS.md — mark #2 and #5 DONE; full
implementation notes; updated Make-targets table.
* BUILD-SYSTEM-V6-HARDENING-POSTMORTEM.md (NEW) — 226-line durable
record of the 8-session arc: 32 findings categorized, 5 P0
audit-script bugs fixed, 6 over-broad multi-pattern rules
discovered + fixed, test coverage 86/86 in <1s, 7/10
improvements DONE.
* SCRIPT-BEHAVIOR-MATRIX.md — apply-patches.sh row marked
LEGACY/ARCHIVED; build-redbear.sh row no longer claims to
call it.
* boot-logs/README.md (NEW) — frozen-evidence policy:
'do not edit' rule for REDBEAR-FULL-BOOT-*-RESULTS.md files.
* libdrm/02-redox-dispatch.patch.README (NEW) — 8-step regen
procedure for the broken hunk.
Cleanup:
* local/cache/README.md deleted (1-line placeholder).
* legacy 'make validate-patches' target removed.
Per build-system improvement #5: lint-recipe.py's first run on
the live tree surfaced 1 broken-patch reference (redbear-sessiond),
1 dangling cookbook_apply_patches call (tc), 19 sed -i calls in
sddm (warning — cookbook_apply_patches present, drop-x11.py
migration in progress), 4 sed -i calls in qt6-wayland-smoke
(uncovers the same bug class the libwayland fix prevented).
2.2 KiB
Red Bear OS QEMU Boot Logs
This directory contains frozen QEMU boot evidence captured during validation runs of
the Red Bear OS desktop target (redbear-full). The files here are point-in-time
records and must not be edited to "update" build commands or package versions —
doing so would invalidate them as historical evidence.
What lives here
| File | What it captures |
|---|---|
REDBEAR-FULL-BOOT-RESULTS.md |
Reference QEMU boot capture (2026-06-09) |
REDBEAR-FULL-BOOT-EXTENDED-RESULTS.md |
Extended QEMU boot capture |
REDBEAR-FULL-BOOT-POST-VIRTIO-BLKD-FIX-RESULTS.md |
Post-virtio-blk fix boot capture (before/after record) |
Why these are frozen
These files are the project's ground-truth evidence that a specific Red Bear build booted, reached specific init stages, and exposed specific subsystem states at a specific commit. They are the only place where "this is what we saw" is preserved verbatim. Editing them retroactively — even to fix typos — would compromise the evidentiary value.
If a build command in here looks wrong
If a build command in one of these files looks outdated, the fix is not to edit the log. The correct action is one of:
- The command is still correct as-written. It was the right command at the time. Leave the log alone.
- The command is outdated and the corresponding validation is being re-run.
Write a NEW log file (e.g.
REDBEAR-FULL-BOOT-POST-QEMU-XYZ-FIX-RESULTS.md) with the new run's evidence. Do not edit the old one. - The command is wrong and no new validation is planned. Add a one-line
note at the bottom of the file: "Note: command X is now deprecated, see
local/docs/BUILD-SYSTEM-IMPROVEMENTS.mdfor current usage." Do not rewrite the original line.
Building the current redbear-full target
The canonical v6.0 build command is:
./local/scripts/build-redbear.sh redbear-full
This script enforces the v6.0 policies (local-over-WIP recipe priority, overlay
integrity, submodule hygiene, firmware presence warning) that bare make all /
make live invocations from older logs do not enforce.
QEMU boot
make qemu CONFIG_NAME=redbear-mini # Boot the latest built image in QEMU