1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-15 03:20:10 +01:00
Commit Graph

205 Commits

Author SHA1 Message Date
Kevin C. Krinke
df27bae6a0 dscanner - Drozer based post-build dynamic vulnerability scanner command
* New command `dscanner`, enables one to scan signed APKs with Drozer
 * Drozer is a dynamic vulnerability scanner for Android
 * Drozer runs in a emulator or on-device, this new `dscanner` command...
  * starts a docker image with Drozer and the Android Emulator pre-installed,
  * loads the signed APK into the emulator
  * activates Drozer automated tests for the APK
  * gathers the report output and places it next to the original APK
 * The Drozer docker image can be:
  * cached locally for re-use (just don't run --clean*)
  * retrieved from dockerhub.com for more efficient runtime
  * or be built from scratch (in the new "./docker" directory)
 * New "Vulnerability Scanning" documentation section (run gendocs.sh)
2016-12-06 14:00:44 +01:00
est31
ddefec33cd Add ndk 13b 2016-11-25 21:18:37 +01:00
Boris Kraut
d07b88d9f1 docs: remove one-line requirement for links 2016-11-24 07:30:03 +00:00
est31
91c5fb567a Add qt sdk support 2016-09-27 14:36:12 +02:00
Boris Kraut
42031031e6 docs: update vagrant link 2016-09-20 11:38:12 +02:00
Boris Kraut
815961acc5 Add ndk r11c 2016-08-14 00:59:31 +02:00
Daniel Martí
059d216aff Re-add NDK r12b, now fixed. 2016-08-02 11:10:31 +02:00
Ciaran Gultnieks
bf153ec247 Revert "all: add NDK r12b and set it as default"
This reverts commit 82d09560c6.

It doesn't work - the setup scripts are expecting a ".bin" file (which
is apparently a 7z archive), but what's actually got is a ".zip".

Conflicts:
	buildserver/provision-android-ndk
2016-08-01 12:38:52 +01:00
Hans-Christoph Steiner
9be1c75e58 Merge branch 'ndk-r12' into 'master'
NDK r12



See merge request !147
2016-07-18 14:50:51 +00:00
Stephen Michel
60dcc55273 Server manual phrasing matches client. "beta" -> "unstable" 2016-07-13 17:25:33 +00:00
Daniel Martí
d375318550 all: remove 32-bit buildserver code
We dropped support for 32-bit, so remove all the now unused code and
references.
2016-07-13 16:47:58 +01:00
Daniel Martí
82d09560c6 all: add NDK r12b and set it as default 2016-07-13 16:45:05 +01:00
Boris Kraut
00f940e937 docs: add archive-policy default 2016-04-14 10:28:24 +02:00
Hans-Christoph Steiner
19189b9b04 import app into fdroid directly from git clone
This adds a new method for `fdroid import` that will generate the fdroidserver
metadata based on a local git repo.  This new mode generates the metadata in
the new .fdroid.yaml format in the git repo itself.  It is intended as a quick
way to get starting building apps using the fdroidserver tools.
2016-03-23 17:16:28 +01:00
Hans-Christoph Steiner
3b20153cd7 document new fdroid build behavior with .fdroid.* metadata 2016-03-23 17:16:28 +01:00
Daniel Martí
3371aa2116 Switch README and docs to indicate python 3 2016-03-11 13:27:00 +00:00
Daniel Martí
25eb4626e7 docs: add missing maven repos 2016-02-20 07:21:17 +01:00
Daniel Martí
9800ed1a1a output= is now a glob path and can do gradle 2016-02-15 12:02:45 +00:00
Ciaran Gultnieks
3629437b09 Tidy up/fix some vagrant issues
1. It is packaged in modern versions of distros, update docs accordingly
2. 1.1 is hopelessly outdated - support 1.4 onwards
3. Check the version properly, and write a better config (previously it
   wrote the 1.1 config for 1.1 and 1.3+
4. Ensure that the default share from later versions is not present when
   building, it's only required for provisioning.
2016-01-26 22:05:31 +00:00
Dominik George
7f3434ea50
Add Author Name and Author Email fields. (Closes: #90) 2016-01-03 23:00:03 +01:00
Daniel Martí
967472408b Add NonFreeAssets anti-feature 2015-12-29 12:39:48 +01:00
Daniel Martí
03b6662324 Merge branch 'docs' into 'master'
docs: Add information on binary verification

I added a section about `Binaries:` metadata field. However, my information might be wrong or outdated, since I barely used it by now. Maybe even this field was left out on purpose...

See merge request !83
2015-12-10 11:50:36 +00:00
Boris Kraut
531a165daf docs: Adjust summary length 2015-12-10 12:42:05 +01:00
Daniel Martí
1987ee7f54 Remove gradle=main
It was only supported in txt metadata, and was unused in fdroiddata
anyway.
2015-12-03 10:56:59 +01:00
Boris Kraut
a0ee23bdb2 docs: Add information on binary verification 2015-09-29 02:19:17 +02:00
Boris Kraut
22bdcb7acf docs: Add list of trusted maven repos 2015-09-21 21:51:35 +02:00
Daniel Martí
055759cf76 Rewrite scanner logic
Initially, the scanner used libmagic which used magic numbers in the file's
content to detect what kind of file it appears to be. Since that library isn't
available on all systems, we added support for two other libraries, mimetypes
amongst them.

The issue with mimetypes is that it only uses the file's extension, not its
actual content. So this ends in variable behaviour depending on what system
you're using fdroidserver on. For example, an executable binary without
extension would be ignored if mimetypes was being used.

We now drop all libraries - mimetypes too as it depends on the system's
mime.types file - and instead check extensions ourselves. On top of that, do
a simple binary content check to find binary executables that don't have an
extension.

The new in-house code without any dependencies doesn't add any new checks, so
no builds should break. The current checks still work:

 % fdroid scanner app.openconnect:1029
[...]
Found executable binary at assets/raw/armeabi/curl
Found executable binary at assets/raw/mips/curl
Found executable binary at assets/raw/x86/curl
Found JAR file at lib/XposedBridgeApi-54.jar
Found JAR file at libs/acra-4.5.0.jar
Found JAR file at libs/openconnect-wrapper.jar
Found JAR file at libs/stoken-wrapper.jar
Found shared library at libs/armeabi/libopenconnect.so
Found shared library at libs/armeabi/libstoken.so
Found shared library at libs/mips/libopenconnect.so
Found shared library at libs/mips/libstoken.so
Found shared library at libs/x86/libopenconnect.so
Found shared library at libs/x86/libstoken.so
2015-09-13 22:17:37 -07:00
Daniel Martí
664f6e4adb manual: Don't reuse scanignore doc in scandelete 2015-09-08 15:36:18 -07:00
Daniel Martí
a782a615c6 manual: be explicit about what scandelete does 2015-09-08 15:23:45 -07:00
Hans-Christoph Steiner
19ac44c189 rewritemeta only applies to the original .txt metadata format 2015-09-01 11:53:37 +02:00
Hans-Christoph Steiner
6c44bff78b make note of JSON, XML, and YAML in the manual 2015-09-01 11:53:37 +02:00
Hans-Christoph Steiner
99d0c55fe9 Merge branch 'support-vagrant-cachier' into 'master'
Add optional support for vagrant-cachier plugin

Building the basebox is excruciating for people on slow connections. I'm particularly sensitive to this after living in Central America for awhile :)

This won't affect anyone who hasn't installed the plugin. For those who do, it creates a persistent shared folder for each box (ie. testing23.box) and detects directories to cache between VM builds (apt, gems, pip, chef cache, etc.)

(The only downside is that, for those following server setup does who are not aware what vagrant-cachier does, it might be unexpected that artifacts persist between vagrant destroys.)

See merge request !25
2015-08-26 12:44:36 +00:00
Daniel Martí
06c94b3a44 Add support for gradle properties via gradleprops 2015-08-24 15:54:05 -07:00
Hans-Christoph Steiner
6db6433e97 fix syntax error in manual generation and add ./gendocs.sh to the tests 2015-08-19 17:51:29 +02:00
Daniel Martí
4ef3875bf0 Specify that CVC 0 means infinity 2015-08-14 14:25:06 -07:00
Daniel Martí
bb2598d358 Add "Update Check Name:Ignore" 2015-08-14 10:27:16 -07:00
Hans-Christoph Steiner
70848301aa fix fdroid rewritemeta reference in manual 2015-08-05 14:05:17 +02:00
Ciaran Gultnieks
fba632cf07 Update recommended base box 2015-07-21 22:12:52 +02:00
Daniel Martí
52c2ca1fe7 Replace NDK r10d with r10e 2015-06-18 17:05:48 +02:00
Daniel Martí
4b59f913f1 Merge branch 'changelog' of https://gitlab.com/krt/fdroidserver 2015-06-03 15:52:01 +02:00
Boris Kraut
f3339daeee Update documentation to cover COMMIT, VERSION and VERCODE vars 2015-05-10 15:29:41 +02:00
Ciaran Gultnieks
ea17f08112 Note about required python version 2015-02-01 20:31:46 +00:00
Boris Kraut
ab84076154 Update docs: Add UpstreamNonFree; apps with AFs are not hidden. 2015-01-17 01:11:43 +01:00
Rancor
a144edc455 Added docs how to get platform cache files (closes #53) 2015-01-16 21:59:33 +01:00
Ciaran Gultnieks
49549f4cad Remove support for git-svn with authentication 2015-01-11 17:46:10 +00:00
Boris Kraut
b1ec8cc47a Add "Changelog:" metadata field. 2015-01-11 02:26:41 +01:00
Daniel Martí
f60f1bc59e Add NDK r10d, this time alongside r9b
Specified per-build with ndk=<version> defaulting to the oldest, r9b.
2015-01-03 00:07:01 +01:00
Kevin Cernekee
d899783884 manual: Clarify separation of Debian base box vs. F-Droid base box 2014-12-21 12:33:59 -08:00
Ciaran Gultnieks
05c2d18709 Merge branch 'update-vagrantfile' into 'master'
Update Vagrantfile and docs to clarify v1.4.3 is ok

Saw in the server docs that we were recommending 1.3.x and saying 1.4.x was broken. I've confirmed that 1.4.x works, and updated things accordingly. Higher version might work, but figured minimal change to build stuff was best :)

See merge request !24
2014-11-07 14:44:58 +00:00
Daniel Martí
1757017b8a More list comprehension fixes 2014-09-13 13:07:21 +02:00