Michael Pöhn
24d88705fa
🔍 add scanner_signature_sources
config option
...
This adds the option to configure which set of signatures `fdroid
scanner` should use, by configuring it in `config.yml`. It allows
fetching signatures in our custom json format. It also adds 3 additional
sources: 'suss', 'exodus', 'etip'
2022-11-15 09:20:26 +00:00
linsui
5a28f20301
make versionCode/build.timeout an integer
...
Co-authored-by: Jochen Sprickerhof <git@jochen.sprickerhof.de>
2022-10-14 08:42:26 +00:00
Michael Pöhn
e967fc61cf
scanner: add regression tests for signautre load logic
2022-10-06 14:50:30 +02:00
Michael Pöhn
b7233dfb2e
ignore cache write test case on older python versions
2022-10-06 12:09:07 +02:00
Michael Pöhn
59b1899d79
scanner: switch form iso8601 to unix timestamp for python3.5 support
2022-10-06 12:09:07 +02:00
Michael Pöhn
9560ed955c
avoid running into native-date object issue
...
Seem I ran into this issue: https://bugs.python.org/issue47228 This
change tries to fix it by using utcnow insteas of astimezone.
2022-10-06 12:09:07 +02:00
Michael Pöhn
0921863fa6
scanner: update suss defaults after removal of allowlisted feature
2022-10-06 12:09:07 +02:00
Michael Pöhn
a8bcaa3d70
scanner: implement caching rules for suss
2022-10-06 12:09:06 +02:00
Michael Pöhn
bfcc30b854
add --refresh to scanner
2022-10-06 12:09:06 +02:00
Michael Pöhn
1e6694112a
rename to suss
2022-10-06 12:09:06 +02:00
Michael Pöhn
c9b59b525d
fix timestamp check; remove dead code
2022-10-06 12:09:05 +02:00
Michael Pöhn
c10633eac5
convert fdroid scanner --exodus to SignatureDataController
2022-10-06 12:08:26 +02:00
Michael Pöhn
d5ef1b2e95
add --clear-cache option to scanner
2022-10-06 12:08:26 +02:00
Michael Pöhn
f56b1f3012
basic downloading for scan_binary signatures
2022-10-06 12:08:23 +02:00
Hans-Christoph Steiner
3de6063a01
scanner: open DEX/ZIP by file magic; throw errors on bad filenames
2022-09-30 17:56:15 +00:00
Hans-Christoph Steiner
aa190d532f
scanner.TestCase: manually convert to black code format
...
I manually changed some code structures to give a decent code format.
2022-09-30 17:56:15 +00:00
linsui
ac96e43e13
scanner: add some rules
2022-09-14 15:02:37 +00:00
Jochen Sprickerhof
c89a9f0e8b
Add timeout argument to requests.(get,post)
2022-09-05 17:50:10 +02:00
linsui
832ed18fca
scanner: also scan classpath
2022-08-24 21:34:55 +02:00
linsui
f99dbec012
scanner: fix maven url check for kts files
2022-08-08 15:52:47 +00:00
Michael Pöhn
ab579be6b5
add some basic tests for scanner.main
2022-07-17 15:52:52 +02:00
Michael Pöhn
42d9ac446c
get tests working on ci
2022-07-17 15:50:07 +02:00
Michael Pöhn
1c2b084410
🔧 improve scanner.scan_apk tests
...
Refactor test function it a TestCase and split into separate test cases.
Fix and improve tests for scanning apks with embedded apks.
2022-07-17 15:50:07 +02:00
Michael Pöhn
07a366a4d6
add tests for scanner.load_exodus_trackers_signatures
2022-07-17 15:50:07 +02:00
Michael Pöhn
a1677b5cb0
add test case for _exodus_compile_signatures
2022-07-17 15:50:07 +02:00
linsui
df1e0e30d5
fix tests
2022-05-07 02:17:26 +00:00
linsui
90bc8e1e8f
scan gradle.kts
2022-05-07 00:43:55 +08:00
Jochen Sprickerhof
94ccd022c4
Add apk.embedded_1.apk test
2022-05-03 14:59:52 +00:00
Jochen Sprickerhof
9c8e128064
[scanner] replace apkanalyzer by dexdump
2022-05-03 14:59:52 +00:00
Pierre Rudloff
d04c3f65c2
New com.jens.automation2 test case
2021-07-06 08:30:08 +00:00
Hans-Christoph Steiner
48c4354629
always open Android source files as UTF-8
...
Android Studio recommends "you use UTF-8 encoding whenever possible",
so this code assumes the files use UTF-8. UTF-8 is also the default
encoding on GNU/Linux and macOS.
https://sites.google.com/a/android.com/tools/knownissues/encoding
Windows will probably default to UTF16, since that's the native
encoding for files. So forcing things to use UTF-8 should help
compatibility.
2021-06-18 11:12:18 +02:00
Hans-Christoph Steiner
d05ff9db1d
easy changes to black code format in test cases
...
This does not change areas of code that should be manually reformatted.
2021-06-07 11:53:58 +02:00
Marcus Hoffmann
61736f3f50
scanner: add test for #759
2020-08-25 21:32:29 +02:00
Marcus Hoffmann
f46e99a5c4
test for #796
...
The extlib test is in build because it tests the interaction between
prepare_source with a later scan as it is run from build.py
2020-08-25 21:31:07 +02:00
Hans-Christoph Steiner
2c4e9beacb
scanner: add test with abs/rel paths as run from fdroid build
...
https://gitlab.com/fdroid/fdroidserver/-/issues/791#note_361018050
!767
2020-06-17 10:33:55 +02:00
Marcus
f84818c15e
scanner: add a simple scan for blacklisted classes after build step
...
add com.android.billing to blacklist, see
https://gitlab.com/fdroid/fdroiddata/-/issues/2070#note_360611289
2020-06-15 18:03:19 +00:00
Hans-Christoph Steiner
0837289935
scanner: fix regex for matching URLs in gradle maven{} blocks
...
closes #465
This script generated gradle-maven-blocks.yaml:
```python
import os
import re
import yaml
pat = re.compile(r'\smaven\s*{[^}]+}')
finds = set()
for root, dirs, files in os.walk('.'):
for f in files:
if '.gradle' in f:
with open(os.path.join(root, f), errors='surrogateescape') as fp:
contents = fp.read()
for m in pat.findall(contents):
finds.add(m)
with open('finds.yaml', 'w') as fp:
yaml.dump(sorted(finds), fp, default_flow_style=False)
```
2020-06-10 19:42:23 +02:00
Hans-Christoph Steiner
6590f3869e
scanner: error/warn on dex/gz/zip, closes #394
2020-06-10 19:42:23 +02:00
Hans-Christoph Steiner
ee54dbce87
scanner: safely check options, for things using this API
...
https://gitlab.com/fdroid/fdroidserver/-/issues/771#note_353495799
2020-06-10 19:42:23 +02:00
Hans-Christoph Steiner
75acf63efa
scanner: remove all gradle wrapper files
2020-06-10 19:42:23 +02:00
Hans-Christoph Steiner
d898ad0412
scanner: make AARs and JARs trigger an error
...
refs #491
2020-06-10 19:42:23 +02:00
Hans-Christoph Steiner
fc885c9b5c
scanner: test for get_gradle_compile_commands()
2020-05-27 22:09:52 +02:00
Hans-Christoph Steiner
67332d83a5
scanner: add --json option for outputting machine readable results
...
* makes per-build entries in per-app entries
* `fdroid scanner --json --verbose` will output logging messages to stderr
* removed " at line N" from one message to make them uniform keys
* this will be used in issuebot
This is a second attempt with tests for how `fdroid build` calls the
scanner functions. closes #771 . It was previously merged in !748 then
reverted in 68c072c72e
2020-05-27 08:35:14 +02:00
Marcus Hoffmann
68c072c72e
Revert "scanner: add --json option for outputting machine readable results"
...
This reverts commit cdaf62e5d9
.
See: https://gitlab.com/fdroid/fdroidserver/-/merge_requests/748#note_347769371
2020-05-24 10:24:40 +02:00
Hans-Christoph Steiner
cdaf62e5d9
scanner: add --json option for outputting machine readable results
...
* makes per-build entries in per-app entries
* `fdroid scanner --json --verbose` will output logging messages to stderr
* removed " at line N" from one message to make them uniform keys
* this will be used in issuebot
2020-05-14 21:58:48 +02:00
Hans-Christoph Steiner
3de2d0f56f
add basic test suite for gradlew-fdroid
...
!707
fdroiddata#6216
The se.manyver app is licensed MPL, the files came from:
81d247a6cd
2020-02-13 22:32:51 +01:00
Hans-Christoph Steiner
83ffeb855f
prefer build.gradle with Android Plugin as source of package/version/code
...
These days, the location that overrides all the others is in the android{}
block of the build.gradle file that loads the com.android.application
plugin. So this should be the preferred place to read these values.
test files GPL licensed: https://github.com/Integreight/1Sheeld-Android-App
2020-02-13 22:32:51 +01:00
Hans-Christoph Steiner
bfe587979d
import: make it work most of the time with git repos
...
This includes real tests too.
2020-02-13 13:51:52 +01:00
Mike Hardy
3648ef1f2e
Update scanner.TestCase to match new regex regime
...
scanning for analytics is now handled by firebase/play-services regexes
2019-11-02 18:54:54 +00:00
Hans-Christoph Steiner
afaa24f2fd
build: fix bad regexs when removing signingConfig from srclibs
...
I went through the source of all apps in fdroiddata for examples, and found
some that use readLine() for things totally unrelated to signingConfigs.
https://gitlab.com/fdroid/fdroiddata/merge_requests/4775#note_234132902
2019-10-23 12:44:47 +02:00