Hans-Christoph Steiner
b669ce654d
gitlab-ci: only trigger safety job if API key is present
2024-09-09 15:52:28 +00:00
Hans-Christoph Steiner
3c03fef28f
safety: clarify reason to ignore CVE
2024-09-09 15:52:28 +00:00
Hans-Christoph Steiner
adf9dcb93e
Merge branch 'walk-straight' into 'master'
...
Correct traversing cibase
See merge request fdroid/fdroidserver!1519
2024-09-08 18:16:07 +00:00
SilentGhost
8e89cf511d
Correct traversing cibase
...
Partly revert d9aab228
and fix bug introduced in 548f73d9
:
modifying list that is being iterated over
2024-09-06 15:05:36 +02:00
Hans-Christoph Steiner
88a23f3a33
Merge branch 'config_lint' into 'master'
...
lint: check for valid keys in config files
See merge request fdroid/fdroidserver!1516
2024-09-05 11:28:49 +00:00
linsui
0ad2820b6f
lint: check config keys
2024-09-05 18:54:46 +08:00
linsui
debac3fd61
lint.py: format
2024-09-05 02:09:55 +08:00
Hans-Christoph Steiner
634466f8a5
Merge branch 'lock' into 'master'
...
scanner: fix build_dir type
See merge request fdroid/fdroidserver!1515
2024-09-04 16:08:04 +00:00
linsui
9b633fb827
scanner: fix build_dir type
2024-09-04 23:58:09 +08:00
Hans-Christoph Steiner
745f01a96c
Merge branch 'lock' into 'master'
...
scanner: support workspace for lock files
See merge request fdroid/fdroidserver!1513
2024-09-04 14:55:40 +00:00
linsui
3a4a4190aa
scanner: add test files into MANIFEST.in
2024-09-04 16:44:48 +02:00
linsui
632959ae35
scanner: fix test
...
The suss rule is updated
2024-09-04 22:32:48 +08:00
linsui
4e829e2f19
scanner: fix npm lock file name
2024-09-04 22:32:48 +08:00
linsui
9482ddfbe3
scanner: support workspace for lock files
2024-09-04 22:32:48 +08:00
Hans-Christoph Steiner
f337ef95a9
Merge branch 'ci-safety-fix' into 'master'
...
safety: update to 3.x and make two CVEs just a warning
See merge request fdroid/fdroidserver!1509
2024-09-04 13:39:17 +00:00
Hans-Christoph Steiner
d9e9618c56
gitlab-ci: port to Safety 3.x and move to own job
...
https://docs.safetycli.com/safety-docs/installation/gitlab
https://docs.safetycli.com/safety-docs/administration/safety-policy-files
2024-09-04 13:38:44 +00:00
Hans-Christoph Steiner
b1084c0b8a
WIP safety: make CVE-2024-6345 just a warning
2024-09-04 13:38:44 +00:00
Hans-Christoph Steiner
ef247bc97a
safety: make CVE-2024-5569 just a warning
...
We get these packages from Debian, zipp is not used in production, and its
only a DoS.
2024-09-04 13:38:44 +00:00
Hans-Christoph Steiner
3a1bbb54aa
Merge branch 'lock' into 'master'
...
scanner: error on dependency files without lock file
Closes #1200
See merge request fdroid/fdroidserver!1504
2024-08-31 13:13:02 +00:00
linsui
9ccb3b5f0d
Remove comment of google mave repo to workground a bug of ruff
2024-08-31 02:45:14 +08:00
linsui
8884732114
scanner.py: skip format on hex literal
2024-08-31 01:47:26 +08:00
Hans-Christoph Steiner
65f768e1cf
black: fdroidserver/scanner.py now complies
2024-08-30 13:47:20 +02:00
linsui
1d796b734f
scanner: error on dependency files without lock file
2024-08-30 13:46:17 +02:00
linsui
c3644464ff
scanner.py: format
2024-08-30 13:46:17 +02:00
linsui
3782eddc4d
Add ruff rule
2024-08-30 13:46:17 +02:00
Hans-Christoph Steiner
9684eade0d
Merge branch 'fix/duplicated-sign' into 'master'
...
fix(nightly): workaround for broken os.walk and more logging
See merge request fdroid/fdroidserver!1512
2024-08-30 10:22:55 +00:00
WrenIX
d1d1eb4c53
chore(nightly): improve log messages
2024-08-29 09:58:27 +02:00
WrenIX
d9aab228e2
fix(nightly): workaround for broken os.walk and more logging
2024-08-29 00:51:30 +02:00
Hans-Christoph Steiner
5276d9880f
Merge branch 'gradle-release-checksums.py' into 'master'
...
update to gradle v8.10
See merge request fdroid/fdroidserver!1508
2024-08-17 19:12:48 +00:00
fdroid-bot
170b6d4648
gradle v8.10
2024-08-15 15:47:52 +00:00
Hans-Christoph Steiner
84150be5d0
Merge branch 'reset-server' into 'master'
...
Drop --reset-server
See merge request fdroid/fdroidserver!1507
2024-08-15 15:45:29 +00:00
g0t mi1k
19aef075b4
Drop --reset-server
2024-08-15 15:44:59 +00:00
Jochen Sprickerhof
1ebf32321f
Merge branch 'checkupdates_ignore_appname' into 'master'
...
Support UpdateCheckName in dirs_with_manifest
Closes #1155
See merge request fdroid/fdroidserver!1501
2024-07-30 11:32:59 +00:00
Jochen Sprickerhof
0edc732705
Support UpdateCheckName in dirs_with_manifest
...
Closes : #1155
2024-07-25 10:45:27 +02:00
Jochen Sprickerhof
c4db47dc47
Merge branch 'scanner-uncrash' into 'master'
...
🐜 scanner: fix ScannerTool init crash
Closes #1212
See merge request fdroid/fdroidserver!1485
2024-07-25 07:04:23 +00:00
Michael Pöhn
8cf4503a00
🐜 scanner: fix ScannerTool init crash
...
When scanner.py::ScannerTool is instatiated but the calling code was
started by a call to e.g. `build.py` ScannerTool will crash. This change
makes it so that ScannerTool will intializes with a default value
instead of crashing when triging to access a non existen cli argument.
also see https://gitlab.com/fdroid/fdroidserver/-/issues/1212
2024-07-25 06:54:42 +00:00
Jochen Sprickerhof
7f7c93e801
Merge branch 'appdirs_platformdirs' into 'master'
...
Replace unmaintained appdirs by platformdirs
See merge request fdroid/fdroidserver!1496
2024-07-25 06:46:55 +00:00
Jochen Sprickerhof
e1aaa3ce93
Replace unmaintained appdirs by platformdirs
...
8734277956
2024-07-25 08:36:45 +02:00
Jochen Sprickerhof
956c4be7e5
Merge branch 'gradle' into 'master'
...
Gradle 8.9
See merge request fdroid/fdroidserver!1498
2024-07-18 11:33:56 +00:00
StellarSand
ecd980f366
gradle 8.9
2024-07-18 02:23:45 +00:00
Jochen Sprickerhof
59f353e119
Merge branch 'prune' into 'master'
...
Prune origin before fetch
See merge request fdroid/fdroidserver!1494
2024-07-10 08:09:24 +00:00
linsui
d1856bea26
Prune origin before fetch
2024-07-10 15:33:51 +08:00
Hans-Christoph Steiner
7a9945ce88
Merge branch 'index-only-follow-up' into 'master'
...
always use GitLab Pages, not Artifacts, with index-only mode
See merge request fdroid/fdroidserver!1493
2024-07-03 09:30:23 +00:00
Hans-Christoph Steiner
fbb6772e37
always use GitLab Pages, not Artifacts, with index-only mode
...
If the repo is too large, then it'll hit the GitLab Pages limit. That is
basically impossible in index-only mode, so it should always use Pages.
2024-07-03 09:18:22 +00:00
Hans-Christoph Steiner
034e83bfca
deploy: complete index-only support for awsbucket:
2024-07-03 09:18:22 +00:00
Hans-Christoph Steiner
4a362541bd
Merge branch 'gh-releases' into 'master'
...
🛰️ deploy: github releases
See merge request fdroid/fdroidserver!1471
2024-06-28 13:21:55 +00:00
Michael Pöhn
0fa88c5c20
💇 implement review nits
...
Implement review nits as requested bei @eighthave in
https://gitlab.com/fdroid/fdroidserver/-/merge_requests/1471
2024-06-27 12:28:54 +02:00
Michael Pöhn
3cf3685280
🐐 appeace bandint security warnings
...
In this particular case bandit was complaining about potential path
escape exploits on urlopen. However the urls are safe enough, because
all template parameters inserted into the url are from:
* config.yml - malicious changes to config.yml are possible that's
already a lot bigger issue than this than redirecting github api
calls.
* git tags witch are present in bot the local index-v2.json file (as
versionName) and the remote github API. (git tags don't allow the
string '..')
2024-06-27 12:28:41 +02:00
Michael Pöhn
aca98c1355
🏏 incorporate review feedback
2024-06-27 12:28:29 +02:00
Michael Pöhn
a87284cf80
🚥 deploy: tests for github releases deploy functions
...
Add test cases for github releases function in deploy.py
2024-06-27 12:28:16 +02:00