androguard 4.1 uses a new lib called apkInspector instead of zipfile.ZipFile
so that it can handle usable but invalid ZIP files. It will also throw
ValueError on some things, for example:
Traceback (most recent call last):
File "/builds/eighthave/fdroidserver/fdroidserver-2.3a0/tests/update.TestCase", line 878, in test_scan_apk_bad_zip
fdroidserver.update.scan_apk(apkfile)
File "/builds/eighthave/fdroidserver/fdroidserver-2.3a0/fdroidserver/update.py", line 1586, in scan_apk
scan_apk_androguard(apk, apk_file)
File "/builds/eighthave/fdroidserver/fdroidserver-2.3a0/fdroidserver/update.py", line 1725, in scan_apk_androguard
apkobject = common.get_androguard_APK(apkfile)
File "/builds/eighthave/fdroidserver/fdroidserver-2.3a0/fdroidserver/common.py", line 2673, in get_androguard_APK
return APK(apkfile)
File "/usr/local/lib/python3.10/dist-packages/androguard/core/apk/__init__.py", line 273, in __init__
self.zip = ZipEntry.parse(filename, False)
File "/usr/local/lib/python3.10/dist-packages/apkInspector/headers.py", line 410, in parse
eocd = EndOfCentralDirectoryRecord.parse(apk_file)
File "/usr/local/lib/python3.10/dist-packages/apkInspector/headers.py", line 59, in parse
raise ValueError("End of central directory record (EOCD) signature not found")
ValueError: End of central directory record (EOCD) signature not found
/usr/lib/python3/dist-packages/androguard/core/bytecodes/apk.py:884: DeprecationWarning: This method is deprecated since 3.3.5.
It was added in 3.3.5. Debian/bullseye and Ubuntu/20.04/focal both include
new enough versions. Debian/buster's is too old (3.3.3).
This also makes androguard a hard requirement, which has been true for a
while anyway. So the code that handles androguard as an optional
requirement is removed. androguard from Debian/buster is new enough, so
this does not seem like it will cause any problems.
sed -i "s/UpdateCheckMode is set but it looks likecheckupdates hasn't been run yet/UpdateCheckMode is set but it looks like checkupdates hasn't been run yet./g" locale/*/LC_MESSAGES/fdroidserver.po
This adds a check for "testOnly" to the existing "debuggable" check, since
they are very similar. We should really be refactoring all the checks into
a more reasonable setup. Since "debuggable" and "testOnly" are both set in
the same place (`<application>` in _AndroidManifest.xml_) and are both set
by the same process (running debug builds), I thought it would be OK to
include both in the same place. Plus it was a one-line change.
Since we have limited visibility into @CiaranG's signing server, it is hard
to make changes to the publishing process, especially ones that might break
@CiaranG's automation. So `fdroid publish` mostly reports success by
moving an APK from unsigned/ to repo/. In some cases, we want immediate
failure, like in CI. So this adds `--error-on-failed` for that purpose.
The existing logic from d1ddd525c in !1225 is confusing because it adds its
own retry loop on top of the retry mechanism that is built into requests.
So this test confirms that setting `download_file(retries=3)` actually
results in more than three retries.
This will make all of the direct calls to logging level functions output
in a format that looks appropriate for the console. Previously, the default
output looked like it should be written to a log file.
