Traceback (most recent call last):
File "/builds/eighthave/fdroidserver/tests/build.TestCase", line 120, in test_get_apk_metadata
vc, vn = fdroidserver.build.get_metadata_from_apk(app, build, apkfilename)
File "/builds/eighthave/fdroidserver/fdroidserver/build.py", line 332, in get_metadata_from_apk
appid, versionCode, versionName = common.get_apk_id(apkfile)
File "/builds/eighthave/fdroidserver/fdroidserver/common.py", line 2126, in get_apk_id
return get_apk_id_androguard(apkfile)
File "/builds/eighthave/fdroidserver/fdroidserver/common.py", line 2158, in get_apk_id_androguard
while axml.is_valid():
AttributeError: 'AXMLParser' object has no attribute 'is_valid'
I mistakenly uploaded the dist tarball to pypi without the PGP signature.
So I deleted the release, thinking I could reupload it. It is not possible:
https://github.com/pypa/packaging-problems/issues/74
So this is really just a bump so I can reupload to pypi.
fd-commit and checkupdates both require that there are two name fields,
AutoName: and Name:. This is only used for the commit messages. Since the
current devs do it manually, we can remove the fd-commit shell script, then
focus on checkupdates when revamping AutoName/Name.
https://botbot.me/freenode/fdroid-dev/msg/82539152
PyPI and Python packages expect the description to be in reST format, which
is a lot different than Markdown. This does the conversion if pandoc is
installed.
docker-py 1.10.6 is the last version released under docker-py, after that it
will be just docker, but has breaking changes, see:
https://github.com/docker/docker-py/releases/tag/2.0.0
Update the list of allowed versions of requests to docker-py master.
I ran into some annoying issues with UTF-8 output in the vagrant logs, and
it was hard to solve. So I switched to using python-vagrant, which handles
it all for us. Its been around since 2012, has a number of contributors,
and is still actively maintained, so it seems like a good bet. I also
packaged it for Debian, including a backport in jessie-backports.
On Debian/jessie, do `apt-get install python3-vagrant/jessie-backports`
* New command `dscanner`, enables one to scan signed APKs with Drozer
* Drozer is a dynamic vulnerability scanner for Android
* Drozer runs in a emulator or on-device, this new `dscanner` command...
* starts a docker image with Drozer and the Android Emulator pre-installed,
* loads the signed APK into the emulator
* activates Drozer automated tests for the APK
* gathers the report output and places it next to the original APK
* The Drozer docker image can be:
* cached locally for re-use (just don't run --clean*)
* retrieved from dockerhub.com for more efficient runtime
* or be built from scratch (in the new "./docker" directory)
* New "Vulnerability Scanning" documentation section (run gendocs.sh)
It will make it a lot easier to manage the cache if we use the original
file names, which often include the file version. This also changes the
download process to be resumable if there is a partial file in the cache,
and switches from calling wget on the command line to using the python libs
'requests' and 'clint' to provide a similar experience. While its not so
important for this particular bit of code to use those libraries, I think
those two will allow us to provide a better user experience throughout the
whole of fdroidserver.
In this case, it is already doing special tricks fetching the file size
from the server before trying to download it. I suppose this code could
instead check if the file exists, and if so, check the hash sum. I think
that would be slower for most people since checking the hash on large files
takes a noticeable about of time, while a HTTP HEAD request is pretty tiny.
This adds a new method for `fdroid import` that will generate the fdroidserver
metadata based on a local git repo. This new mode generates the metadata in
the new .fdroid.yaml format in the git repo itself. It is intended as a quick
way to get starting building apps using the fdroidserver tools.
This keeps the numbers of names down to a minimum, and since the config
is placed right next to the script, this keeps tab completion working
nicely when the config file is in place.
The old file name is still supported.