kamp/fdroidserver
1
0
Fork 0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-09-15 17:50:10 +02:00
Code Activity
4,397 Commits 1 Branch 59 Tags 52 MiB
4a15208b84
Commit Graph

4397 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hans-Christoph Steiner
4a15208b84 update: update openssl KnownVuln scan to handle all recent versions 
Thanks to @bubu for reporting!
 2017-07-06 13:31:42 +02:00
Hans-Christoph Steiner
928633ddba Merge branch 'some-data-related-fixed' into 'master' 
support manually adding per-Build Anti-Features in metadata, and other fixes

Closes #322 and #331

See merge request !296
 2017-07-06 11:29:36 +00:00
Hans-Christoph Steiner
10a607ede3 update: find PNG when recommended icon is an XML file 
APKs can now use XML files for vector graphics like the app icon. `aapt`
returns the XML file by default, and perhaps also androguard.  This
checks if the icon is an XML file, and if so, it tries to find a PNG in
the APK with the same name and density to use instead

closes #322

This should also ultimately make the XML file available as an icon source
as well fdroidclient#1091
 2017-07-06 12:25:48 +02:00
Hans-Christoph Steiner
c14cbeb0a5 update: normalize var name to apkzip 2017-07-06 12:25:48 +02:00
Hans-Christoph Steiner
2548d71600 jenkins: document build/sign test flow 2017-07-06 12:25:48 +02:00
Hans-Christoph Steiner
9a90a5071d buildserver: support any recent NDK version, with stable filenames 
Now that the download file name and type seems to have stabilized, I
think we no longer need to manually specify each new added release in
this script to unpack.

closes #331
 2017-07-06 12:25:48 +02:00
Hans-Christoph Steiner
df99c85ca6 support manually adding per-build antiFeatures in metadata 
For cases like the OpenVPN vuln that was recently announced, it is useful
for fdroiddata maintainers to be able to mark builds that have known
vulnerabilities.
 2017-07-06 12:25:48 +02:00
Michael Pöhn
20afa0e861 lint: check all build fields against accepted list 
This makes sure there are no typoed or wrong build fields in all metadata
files.
 2017-07-06 12:25:48 +02:00
Hans-Christoph Steiner
b34d5c83b9 Merge branch '343-ruamel-yaml-version-check' into 'master' 
check version of ruamel.yaml and raise according error message

See merge request !301
 2017-07-06 08:10:14 +00:00
Michael Pöhn
4ca57ebfbb check version of ruamel.yaml and raise according error message 2017-07-06 09:07:54 +02:00
Hans-Christoph Steiner
ebef1ae57d Merge branch 'antifeature' into 'master' 
added new AntiFeature: ApplicationDebuggable

See merge request !298
 2017-07-05 20:34:35 +00:00
Hans-Christoph Steiner
d28cc7337a Merge branch 'metadata' into 'master' 
create_metadata: do not skip APK files having no name

See merge request !299
 2017-07-05 20:31:23 +00:00
Izzy
2c8bacde42 create_metadata: do not skip APK files having no name 2017-07-05 20:31:21 +00:00
Izzy
4d9c60d352 added new AntiFeature: ApplicationDebuggable 
Useful e.g. for "test repositories" to indicate an app was compiled with
"application-debuggable"
 2017-07-04 21:15:04 +02:00
Hans-Christoph Steiner
b29fcde16b gitlab-ci: remove hacks need to support Debian/jessie 2017-07-04 14:53:21 +02:00
Hans-Christoph Steiner
6d7fd5f07c Merge branch 'ndk' into 'master' 
NDK r14b and r15b

See merge request !293
 2017-07-04 14:34:42 +02:00
Hans-Christoph Steiner
2508393884 Merge branch '290-make-rewrite-metadata-respect-key-word-sort-order' into 'master' 
Resolve "make `fdroid rewritemeta` respect key-word sort order for YAML files"

Closes #290

See merge request !295
 2017-07-04 12:24:17 +00:00
Michael Pöhn
6ab8551915 Merge branch '290-make-rewrite-metadata-respect-key-word-sort-order' into 'master' 
rewritemeta: respect key-word sort order for YAML files

Closes #290

See merge request !263
 2017-07-04 11:51:59 +00:00
Michael Pöhn
071ad46b55 moved some yaml test files into a separate forlder to avoid conflicts with other test cases 2017-07-04 13:35:05 +02:00
Michael Pöhn
1b362c2183 correct yaml-rewriting for buildozer flag 2017-07-04 13:27:45 +02:00
Michael Pöhn
0980fb4df8 import ruamel.ymal only when re-writing yaml metadata 2017-07-04 11:51:08 +02:00
Michael Pöhn
19d422da86 rewritemeta yaml: fixed boolen mapping for build flags 2017-07-04 11:51:08 +02:00
Michael Pöhn
cfd3e84250 use stored metadatapath instead of guessing it 2017-07-04 11:51:08 +02:00
Michael Pöhn
056a28f897 fix indentation 2017-07-04 11:51:08 +02:00
Hans-Christoph Steiner
3cb936ae92 fdroid update --create-metadata now outputs YAML format 
As part of the push towards using YAML as the main metadata format, this
makes the blank template be a .yml file.
 2017-07-04 11:51:08 +02:00
Michael Pöhn
75ebb6e8cc fix building with yml metadata 2017-07-04 11:51:08 +02:00
Michael Pöhn
54963506a0 set required minimum ruamel.yaml version 2017-07-04 11:51:08 +02:00
Michael Pöhn
fc070ee657 refactored yaml tests into metadata test case; fixed typo 2017-07-04 11:51:08 +02:00
Michael Pöhn
cdec1a5b80 add ruamel yaml to buildserver depenencies 2017-07-04 11:51:08 +02:00
Michael Pöhn
7ab197be2e completed ordered yaml field list 2017-07-04 11:51:08 +02:00
Michael Pöhn
f1e0089931 prettify write_yaml metadata 2017-07-04 11:51:08 +02:00
Michael Pöhn
7aa92abebc yaml rewrite version code as int 2017-07-04 11:51:08 +02:00
Michael Pöhn
f9d4007ea6 rewrite metadata builds list to yaml 2017-07-04 11:51:08 +02:00
Michael Pöhn
fbd5e8772c yaml metadata rewrite: correct blank line 2017-07-04 11:51:08 +02:00
Michael Pöhn
c46dec925e add ruamel.yaml to setup.py 2017-07-04 11:51:08 +02:00
Michael Pöhn
735b7d0f33 fixed pyflakes/pep warings 2017-07-04 11:51:08 +02:00
Michael Pöhn
0f90ab9aac rewrite to yaml works for app data now (builds still missing) 2017-07-04 11:51:08 +02:00
relan
86b403b599 makebuildserver: add NDK r15b 2017-07-04 11:44:25 +03:00
relan
ecdb2c685a makebuildserver: fix NDK r14b provisioning 
Replace r14 with r14b after a57bff7.
 2017-07-04 10:46:52 +03:00
Hans-Christoph Steiner
0be224b3e0 Merge branch 'repo-update-break-down' into 'master' 
Break down the update.scan_apk() method into smaller pieces

See merge request !288
 2017-07-03 22:08:43 +00:00
Torsten Grote
0bbe0c5db0
Break up the scan_apk() method and rename it to process_apk() 2017-07-03 18:37:01 -03:00
Hans-Christoph Steiner
607d1d2553 gitlab-ci: switch to new Debian/stretch image 
ci-images-server!1
 2017-07-03 20:41:26 +02:00
Hans-Christoph Steiner
e01a45d014 Merge branch 'archive-policy-fix' into 'master' 
Archive policy overhaul

Closes #323, #292, and #166

See merge request !291
 2017-07-03 09:07:08 +00:00
Hans-Christoph Steiner
f2432f7fa4 gitlab-ci: apt upgrade so that tests run with current updates 
The MD5 signature stuff was failing in tests because the CI image was
using a quite old version of Java's jarsigner, which had not yet disabled
MD5.
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
56ee5de2bd update: invalidate cache if allow_disabled_algorithms changes 
Since the cache contains implicitly the result of the jarsigner verify,
if the allow_disabled_algorithms config changes, then the apkcache is
invalid.
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
e75cabfe77 update: write cache file if anything has changed it 
This fixes a bug introduced in 04db6870 where cachechanged for scan_apks()
was set only by the last call to scan_apk().
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
5f0817d7bf tests: make sure apkcache gets created 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
39fd664778 update: create 'archive/' if needed when moving APKs 
Normally, just 'repo/' is created by default, e.g. `fdroid init`. If APKs
are dumped into 'repo/', then have invalid signatures, then they'll be
automatically moved to 'archive/', which therefore needs to exist.
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
746d4bd4cf update: allow_disabled_algorithms option to keep MD5 sigs in repo 
The new policy is to move APKs with invalid signatures to the archive,
and only add those APKs to the archive's index if they have valid MD5
signatures.

closes #323
closes #292
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
b7260ea854 update: allow deprecated signatures only in the archive 
In April 2017, Oracle's jarsigner and Google's apksigner both switched to
considering any APK signature that uses MD5 as unsigned.  Any old build
is likely to have a MD5 signature.  This sets up the archive as the only
place where these "disabled algorithms" are allowed in the repo, and
marks any APK signed by a "disabled algorithm" as having a "known
vulnerability"

This also now automatically moves APKs with invalid signatures to the
archive section.

#323
 2017-06-28 23:53:42 +02:00