Hans-Christoph Steiner
4ca77a4faf
update: strip all whitespace from buildserverid
2018-03-22 23:19:54 +01:00
Hans-Christoph Steiner
8ab2deace2
Merge branch 'weblate' into 'master'
...
Weblate
See merge request fdroid/fdroidserver!483
2018-03-22 22:21:06 +00:00
Hans-Christoph Steiner
02203efe15
Weblate
2018-03-22 22:21:06 +00:00
Marcus
3ee4855945
Merge branch 'gradle-4.6' into 'master'
...
makebuildserver: add Gradle 4.6
See merge request fdroid/fdroidserver!482
2018-03-16 08:33:52 +00:00
relan
64fad95fa1
makebuildserver: add Gradle 4.6
2018-03-16 07:39:44 +03:00
Hans-Christoph Steiner
4b788b3b09
Merge branch 'master' into 'master'
...
update: handle AndroidManifest XML namespace named other than 'android'
See merge request fdroid/fdroidserver!481
2018-03-15 15:23:55 +00:00
Hans-Christoph Steiner
54242dee32
update: handle AndroidManifest XML namespace named other than 'android'
...
https://stackoverflow.com/questions/5856719/why-do-we-specify-namespace-in-android-xml-file
https://f-droid.org/repo/org.moire.ultrasonic_60.apk has:
xmlns:a="http://schemas.android.com/apk/res/android "
2018-03-15 15:56:30 +01:00
Hans-Christoph Steiner
d290eb96f9
Merge branch 'master' into 'master'
...
update: handle renameManifestPackage when extracting icons with androguard
See merge request fdroid/fdroidserver!480
2018-03-14 18:09:19 +00:00
Hans-Christoph Steiner
b5c1634320
update: handle renameManifestPackage when extracting icons with androguard
...
aapt --rename-manifest-package changes the applicationId for an app without
changing the packageName listed in AndroidManifest.xml under
<application android:package="">
2018-03-14 18:43:05 +01:00
Hans-Christoph Steiner
cd8b583db1
Merge branch 'master' into 'master'
...
update: support all official DPIs when extracting icons
See merge request fdroid/fdroidserver!479
2018-03-13 16:12:52 +00:00
Hans-Christoph Steiner
493c485755
update: support all official DPIs when extracting icons
...
https://developer.android.com/training/multiscreen/screendensities.html
2018-03-13 16:47:24 +01:00
Hans-Christoph Steiner
b445fc066b
Merge branch 'master' into 'master'
...
two update parsing fixes when using androguard
See merge request fdroid/fdroidserver!477
2018-03-13 11:36:43 +00:00
Hans-Christoph Steiner
3b09e5ee08
update: do not crash on android-26+ XML icon
...
For example:
res/drawable-v26/icon.xml
Here's the full range of possibilities, we have a lot of work to do:
$ for f in */*.apk; do unzip -l $f |grep -F icon.| grep -Eo 'res/drawable[^/]*'; done | sort -u
res/drawable
res/drawable-anydpi-v21
res/drawable-anydpi-v26
res/drawable-hdpi
res/drawable-hdpi-v11
res/drawable-hdpi-v12
res/drawable-hdpi-v4
res/drawable-hdpi-v5
res/drawable-hdpi-v6
res/drawable-hdpi-v9
res/drawable-large
res/drawable-large-hdpi-v11
res/drawable-large-hdpi-v4
res/drawable-large-ldpi-v4
res/drawable-large-mdpi
res/drawable-large-mdpi-v11
res/drawable-large-v4
res/drawable-large-xhdpi-v11
res/drawable-large-xhdpi-v4
res/drawable-large-xxhdpi-v11
res/drawable-large-xxhdpi-v4
res/drawable-ldpi
res/drawable-ldpi-v11
res/drawable-ldpi-v4
res/drawable-ldpi-v5
res/drawable-ldpi-v6
res/drawable-ldpi-v9
res/drawable-ldrtl-v17
res/drawable-mdpi
res/drawable-mdpi-v11
res/drawable-mdpi-v12
res/drawable-mdpi-v4
res/drawable-mdpi-v5
res/drawable-mdpi-v6
res/drawable-mdpi-v9
res/drawable-nodpi
res/drawable-nodpi-v4
res/drawable-tvdpi-v4
res/drawable-v11
res/drawable-v14
res/drawable-v21
res/drawable-xhdpi
res/drawable-xhdpi-v11
res/drawable-xhdpi-v12
res/drawable-xhdpi-v4
res/drawable-xhdpi-v9
res/drawable-xlarge-hdpi
res/drawable-xlarge-hdpi-v4
res/drawable-xlarge-mdpi
res/drawable-xlarge-mdpi-v4
res/drawable-xlarge-v4
res/drawable-xlarge-xhdpi-v4
res/drawable-xxhdpi
res/drawable-xxhdpi-v11
res/drawable-xxhdpi-v21
res/drawable-xxhdpi-v4
res/drawable-xxhdpi-v9
res/drawable-xxxhdpi
res/drawable-xxxhdpi-v11
res/drawable-xxxhdpi-v4
2018-03-13 12:13:23 +01:00
Hans-Christoph Steiner
e89478e529
update: do not crash on APKs without icons when using androguard
2018-03-13 11:19:19 +01:00
Hans-Christoph Steiner
2c8008356b
update: handle bad XML when using androguard
...
repo/ch.swift.willi_417101.apk had a C/Java comment in the
AndroidManifest.xml rather than an XML comment:
<uses-sdk android:minSdkVersion="16" android:targetSdkVersion="26">
</uses-sdk>
// Remove permissions introduced by the appsflyer library
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION">
</uses-permission>
2018-03-12 17:55:45 +01:00
Hans-Christoph Steiner
d98d8c2e52
update: do not crash with androguard when working with apps without icons
...
For example, SpeedoMeterApp.main_1.apk
2018-03-12 17:55:45 +01:00
Marcus
00b334689f
Merge branch 'fix_config_doc' into 'master'
...
Fix misleading java_path example
See merge request fdroid/fdroidserver!478
2018-03-12 12:37:43 +00:00
Gioacchino Mazzurco
87fdca0d90
Fix misleading java_path example
...
As you can see in fdroidserver/common.py:219
for java_version in ('7', '8', '9'):
the code look for java version without the 1. in front, after getting a
bunch of error message that JDK could't be found, investigating the code
and documentation I discovered my configuration was ignored because of
this and realized the example was wrong
2018-03-12 12:01:16 +01:00
Hans-Christoph Steiner
ef603d662b
jenkins-test: run checkupdates as final stage of test run
2018-03-11 21:36:41 +01:00
Marcus
ae8635633d
Merge branch 'master' into 'master'
...
checkupdates: Save app data to correct metadata format
Closes #461
See merge request fdroid/fdroidserver!476
2018-03-09 20:13:51 +00:00
mimi89999
aaa6b55bf7
checkupdates: Save app data to correct metadata format
...
Closes #461
2018-03-09 20:46:59 +01:00
Hans-Christoph Steiner
a576796291
jenkins-test: remove tmp hack now that androguard is available
...
Does the same thing as 9f553186e8
but for
jenkins.debian.net's profitbricks-build7-amd64 setup.
2018-03-09 13:45:51 +01:00
Hans-Christoph Steiner
02107cc5bc
gitlab-ci: make ubuntu_lts job test of fdroid/fdroidserver PPA
...
Now that androguard is working, there should be no need for a specific aapt
version. The aapt included in Ubuntu LTS should always work fine when
androguard handles the bulk of the work.
2018-03-09 12:00:31 +01:00
Hans-Christoph Steiner
4fcf69a9ef
Merge 'fix-scanner' into 'master'
...
scanner: support Gradle plugin 3.0 syntax for dependencies
fdroid/fdroidserver!475
2018-03-08 13:56:14 +01:00
Hans-Christoph Steiner
44e8f425d5
fix PEP8 formatting issue
...
fdroidserver/scanner.py:35:34: E241 multiple spaces after ','
fdroidserver/scanner.py:36:35: E241 multiple spaces after ','
fdroidserver/scanner.py:37:30: E241 multiple spaces after ','
fdroidserver/scanner.py:38:41: E241 multiple spaces after ','
fdroidserver/scanner.py:39:30: E241 multiple spaces after ','
fdroidserver/scanner.py:40:38: E241 multiple spaces after ','
fdroidserver/scanner.py:41:38: E241 multiple spaces after ','
2018-03-08 13:55:07 +01:00
relan
44d17663fd
scanner: support Gradle plugin 3.0 syntax for dependencies
...
See https://developer.android.com/studio/build/gradle-plugin-3-0-0-migration.html#new_configurations
2018-03-08 15:23:15 +03:00
Hans-Christoph Steiner
95e016695c
travis-ci: build against latest OSX 10.12 and 10.13 images
2018-03-07 15:15:28 +01:00
Hans-Christoph Steiner
8b9fe05af5
travis-ci: support old versions of OSX
2018-03-07 15:14:30 +01:00
Hans-Christoph Steiner
47b1d4b1e6
travis: brew's Python3 is now called just 'python'
...
https://discourse.brew.sh/t/brew-install-python3-fails/1756
2018-03-07 14:14:29 +01:00
Hans-Christoph Steiner
7d79780df0
tests: checkupdates now requires a clean git repo state
2018-03-06 20:50:23 +01:00
Hans-Christoph Steiner
8215bbbe9a
Merge branch 'checkupdates' into 'master'
...
tighten up checkupdates
See merge request fdroid/fdroidserver!474
2018-03-06 19:20:38 +00:00
Hans-Christoph Steiner
70d9633555
build/checkupdates/update: log current fdroiddata commit to wiki
2018-03-05 21:49:09 +01:00
Hans-Christoph Steiner
86907d2ebf
checkupdates: exit with error if fdroiddata git repo is dirty
...
One key security property of the F-Droid ecosystem is that the sensitive
code is all stored forever in git repos and source tarballs. That means
we can easily go back and see if there where exploits and where they came
from. Therefore, checkupdates should require everything in fdroiddata be
committed to git before running.
This provides --allow-dirty to override that behavior.
2018-03-05 21:49:09 +01:00
Hans-Christoph Steiner
67d386d925
Merge branch 'more-security-fixes' into 'master'
...
More security fixes
See merge request fdroid/fdroidserver!471
2018-03-05 09:10:57 +00:00
Hans-Christoph Steiner
8f30c892c5
VercodeOperation: only allow simple math expresssions and %c
2018-03-05 09:45:58 +01:00
Hans-Christoph Steiner
6876e28bb4
hg: use /bin/false to clarify that it is an executable
2018-03-05 09:45:58 +01:00
Hans-Christoph Steiner
6cd8f2ffea
SVN: only allow redirects to HTTPS
...
"SVN follows HTTP 301 redirects to svn+ssh:// URLs. As a result, an
innocent looking HTTP URL can be used to trigger a Command Execution with a
301 redirect."
https://blog.recurity-labs.com/2017-08-10/scm-vulns.html#third-round-svn-and-mercurial
I scanned fdroiddata and found no suspicious redirects. Here's how:
grep -A1 '^Repo *Type: *git-svn' *.txt *.yml| sed -n 's,.*Repo:\(.*\),\1,p' > /tmp/urls.txt
import requests
with open('/tmp/urls.txt') as fp:
for line in fp:
try:
r = requests.head(line.strip())
print(r.status_code, line)
except requests.exceptions.SSLError:
print('SSLError', line)
2018-03-05 09:45:58 +01:00
Marcus
654b3cb9dc
Merge branch 'lint_fix' into 'master'
...
lint: fix update check data https check
See merge request fdroid/fdroidserver!473
2018-03-02 22:59:26 +00:00
Marcus Hoffmann
c81d5da953
lint: fix update check data https check
...
The urlver field can be '.', this was not considered in
26bfd7fb28
.
2018-03-02 23:56:49 +01:00
Marcus
c35b120ff2
Merge branch 'tighten-up-UpdateCheckData' into 'master'
...
Tighten up UpdateCheckData
See merge request fdroid/fdroidserver!470
2018-03-02 11:45:53 +00:00
Hans-Christoph Steiner
7da0747849
checkupdates: require UpdateCheckData has valid HTTPS URL
2018-03-01 23:51:36 +01:00
Hans-Christoph Steiner
26bfd7fb28
lint: require UpdateCheckData to contain only valid HTTPS URLs
2018-03-01 23:51:27 +01:00
Hans-Christoph Steiner
1c9bc32bf6
lint: tighten up HTTPS checks on URLs
2018-03-01 23:38:56 +01:00
Hans-Christoph Steiner
4197a4a64a
Merge branch 'master' into 'master'
...
update: make icon extraction less dependent on aapt
Closes fdroid-website#192
See merge request fdroid/fdroidserver!469
2018-02-28 21:42:06 +00:00
Hans-Christoph Steiner
498ea5d609
lint: ban all dangerous HTML tags
...
* https://en.wikipedia.org/wiki/HTML_sanitization
* https://asostack.com/enhance-your-google-play-store-description-with-rich-formatting-and-emojis-5f50ff354e5f
2018-02-27 12:09:54 +01:00
Hans-Christoph Steiner
b2ca49b26c
update: make icon extraction less dependent on aapt
...
For androguard, @thezero already developed a way to get all the icons after
only extracting the icon name. So this uses that for the aapt-based scans
also, to make them less brittle.
This should fix the problem where `fdroid update` was choosing the XML icon
for apps that include one, like NewPipe.
closes fdroid/fdroid-website#192
2018-02-26 23:43:42 +01:00
Hans-Christoph Steiner
01a73071c7
gitlab-ci: set metadata_v0 test to use 1.0.2 as the baseline
2018-02-23 22:48:44 +01:00
Hans-Christoph Steiner
0fa50ebcb2
rewritemeta: fix proper_format() so lint works with .yml files
2018-02-23 22:43:03 +01:00
Hans-Christoph Steiner
5a6a51a29e
Merge branch 'allow-dashes-and-underscores-in-signature-file-names-when-checking-for-reproducability' into 'master'
...
allow dashes and underscores in signature file names when checking for reproducability
See merge request fdroid/fdroidserver!468
2018-02-22 23:23:50 +00:00
Michael Pöhn
8cca83aec4
allow dashes and underscores in signature file names when checking for reproducability
2018-02-22 23:30:42 +01:00