Hans-Christoph Steiner
98a2f70e38
fix intermittent test failure
...
For some reason, the parser stopped working intermittently, even
though the format has been the same since aapt 23 or earlier. Then
also, some of the test cases pointed to symlinks that were no longer
generated, and one test app now has a blank versionName.
Strange that this wasn't caught in the gitlab-ci runs. !484
FAIL: test_get_api_id_aapt (__main__.CommonTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "./common.TestCase", line 578, in testA_get_api_id_aapt
self.assertEqual(versionName, vn)
AssertionError: '0.1' != "0.1' platformBuildVersionName='4.3.1-1425645"
- 0.1
+ 0.1' platformBuildVersionName='4.3.1-1425645
2018-05-03 13:46:42 +02:00
Hans-Christoph Steiner
0e5ed1bb11
reusable method for checking if a value is a resId or not
...
I wrote this for the previous commit, but since aapt does not recognize
SDK Version values that are string resources, I made this do the same thing
2018-04-26 15:19:41 +02:00
Hans-Christoph Steiner
e17815e9f0
handle bad SDK Version values in APKs
...
Even though it is invalid to have *SdkVersion in AndroidManifest.xml set as
anything but an integer, sometimes people manage to get something in there.
`fdroid update` needs to be able to handle all that.
* https://developer.android.com/guide/topics/manifest/uses-sdk-element#min
* https://gitlab.com/souch/SMSbypass/blob/v0.9/app/src/main/AndroidManifest.xml#L29
* https://gitlab.com/souch/SMSbypass/blob/v0.9/app/src/main/res/values/strings.xml#L27
admin#65
2018-04-26 15:19:41 +02:00
Hans-Christoph Steiner
74c6555c71
index: ensure index.xml timestamp is in UTC, closes #481
...
use verbose but safe syntax so this works with all versions of sed, e.g. osx
2018-04-25 16:35:22 +02:00
Hans-Christoph Steiner
de35f1b05b
update: handle APKs with a blank versionName
...
Instead of just crashing, first try to use the versionName as written in the
build metadata, otherwise just let it be blank. A blank versionName will
cause fdroidclient < 1.3 to crash. Blank versionNames are not allowed in
the .txt metadata format, only .yml.
closes #477
closes #478
closes fdroidclient#1416
closes fdroidclient#1417
closes fdroidclient#1418
fdroiddata!3061
2018-04-17 12:36:49 +02:00
Hans-Christoph Steiner
9bf9159a77
update: use only 7 chars of SHA256 for non-APK version name
...
#460
2018-04-17 12:36:49 +02:00
Hans-Christoph Steiner
74c0e98d82
update index metadata tests for 673a3517d3
2018-04-16 11:47:48 +02:00
Hans-Christoph Steiner
673a3517d3
add test of Android TV "activity banner" graphic
...
!491
https://developer.android.com/guide/topics/manifest/activity-element.html#banner
https://developer.android.com/training/tv/start/start.html#banner
2018-04-16 11:37:11 +02:00
Jonas Kalderstam
9e4459d7d1
Add test for when apk icon src could not be found
...
An APK (Netflix) was found to have the following icon filename:
\u2003\u2009\n.xml
This breaks the aapt dump parsing because it iterates line by line and
this filename goes across two lines. Consequently, icon_src will be
None (default value) when it is passed to the icons parser.
2018-03-27 18:39:59 +02:00
Hans-Christoph Steiner
d98d8c2e52
update: do not crash with androguard when working with apps without icons
...
For example, SpeedoMeterApp.main_1.apk
2018-03-12 17:55:45 +01:00
Hans-Christoph Steiner
7d79780df0
tests: checkupdates now requires a clean git repo state
2018-03-06 20:50:23 +01:00
Hans-Christoph Steiner
8f30c892c5
VercodeOperation: only allow simple math expresssions and %c
2018-03-05 09:45:58 +01:00
Hans-Christoph Steiner
498ea5d609
lint: ban all dangerous HTML tags
...
* https://en.wikipedia.org/wiki/HTML_sanitization
* https://asostack.com/enhance-your-google-play-store-description-with-rich-formatting-and-emojis-5f50ff354e5f
2018-02-27 12:09:54 +01:00
Hans-Christoph Steiner
e75bf70be6
signatures: future-proof fetching app ID info from APK
...
We're not using platformBuildVersionName and it might go away just like it
appeared: with no good reason or announcement.
2018-02-22 15:08:55 +01:00
Hans-Christoph Steiner
089712c012
tests: do not automatically run install.TestCase, its troublesome
...
`fdroid install` is rarely used, if at all, and the test frequently fails
for no reason in gitlab-ci, because it can't start the adb server.
2018-02-22 15:08:54 +01:00
Hans-Christoph Steiner
52b3436ff6
make is_apk_and_debuggable() default to using androguard before aapt
2018-02-22 15:08:53 +01:00
Hans-Christoph Steiner
40fac10ebc
update: extract and store XML icons
...
These can then be used by the client.
#344
#392
2018-02-15 14:28:45 +01:00
Hans-Christoph Steiner
05eef5a454
metadata: add new Translation app field for URL for contributions
...
This is a field requested from a bunch of translators so they can easily
find where to translate apps:
https://forum.f-droid.org/t/translation-field-for-app-entries/1403/5
2018-02-05 15:45:12 +01:00
relan
86f34ee70a
build: make per-build hard time limit customizable
...
Add "timeout=n" metadata field that overrides build timeout (in seconds).
The default is 7200, i.e. 2 hours.
2018-01-30 11:14:50 +03:00
Hans-Christoph Steiner
d3caf09421
use standard User-Agent in check-fdroid-apk
2018-01-26 10:18:41 +01:00
Hans-Christoph Steiner
513c95894c
build: remove unused, unmaintained Kivy build method
...
This code has never been used and contains some insecure uses of shell=True
Building Kivy apps should be done with the buildozer=yes method. The
buildozer method should probably be moved to a provisioner once that is in
place.
2018-01-23 23:16:05 +01:00
Hans-Christoph Steiner
dfbe114af3
new script to audit the FDroid.apk on https://f-droid.org
...
This makes sure its signed by the F-Droid key.
2018-01-05 14:08:14 +01:00
Hans-Christoph Steiner
6d32b68016
tests: correct package names in stats/known_apks.txt
...
This doesn't seem to affect the tests either way, but it is good to have
things correct there.
2017-12-28 23:07:26 +01:00
Hans-Christoph Steiner
e451ec0079
common: fix bug in new SHA-256 signatures for >= android-18
...
Luckily, this is only used in `fdroid nightly` so far.
2017-12-28 23:07:26 +01:00
Hans-Christoph Steiner
109eb928e8
aapt 26.0.0 is required to properly parse permissions and label
...
#236
closes #395
aapt 26.0.0 outputs the permissions correctly
closes #306
aapt 26.0.0 now outputs: application-label:'K-9 Mail'
2017-12-28 23:07:26 +01:00
mimi89999
455dcc34d8
Add Nextcloud and DavDroid test case
2017-12-27 11:51:57 +01:00
mimi89999
90c7dd29df
gradle file: use flavour specific versionCode/versionName, fall back to parsing line by line
2017-12-23 17:12:54 +01:00
mimi89999
918bd15c45
Revert: gradle file: use flavour specific versionCode/versionName, fall back to parsing line by line
2017-12-23 12:57:34 +01:00
Hans-Christoph Steiner
173a35b190
tests: only generate keystores when that is actually being tested
...
Generating a keystore is quite slow since it means a new RSA key is created.
That only needs to happen in the tests that check that it actually happened,
otherwise the test can just reuse the stored test keystore.
closes #432
2017-12-20 23:46:37 +01:00
Hans-Christoph Steiner
39b76b0eda
scanner: fix tests so they work on all tested platforms
...
The standard test configuration is needed to make the tests reliably. Also,
these tests used some odd yield logic. Who knows what exactly failed, but
these tests should be reliable.
* https://gitlab.com/fdroid/fdroidserver/-/jobs/44984595
* https://gitlab.com/fdroid/fdroidserver/-/jobs/44984596
* https://travis-ci.org/f-droid/fdroidserver/builds/318071369
2017-12-19 22:51:40 +01:00
Hans-Christoph Steiner
86c5598307
Merge branch 'whitelist-firebase' into 'master'
...
Whitelist some open-source firebase libs
See merge request fdroid/fdroidserver!411
2017-12-18 12:30:30 +00:00
Jan Berkel
365834d3ea
Convert to string
2017-12-15 00:58:46 +01:00
Jan Berkel
5dee23f7a6
Add a simple test for scanner
2017-12-15 00:37:52 +01:00
Hans-Christoph Steiner
bde0558d82
update: reject APKs with invalid file sig, probably Janus exploits
...
This just checks the first four bytes of the APK file, aka the "file
signature", to make sure it is the ZIP signature and not the DEX signature.
This was checked against the test APK, and I ran it against some known
malware and all of f-droid.org to make sure it works.
All valid ZIP files (therefore APK files) should start with the ZIP
Local File Header of four bytes.
https://www.guardsquare.com/en/blog/new-android-vulnerability-allows-attackers-modify-apps-without-affecting-their-signatures
2017-12-14 16:57:22 +01:00
Hans-Christoph Steiner
ca50adb2e5
update: switch tests to using standardized setUp() method
2017-12-14 16:57:22 +01:00
Hans-Christoph Steiner
61aac0503a
Merge branch 'fixFlavor' into 'master'
...
Regex only for flavor blocks: flavor { ... }
See merge request fdroid/fdroidserver!407
2017-12-14 16:56:01 +01:00
Hans-Christoph Steiner
bec4f7d547
add Conversations as gradle flavor test case
2017-12-14 16:52:02 +01:00
Andrea Scarpino
19a83b6219
Add Liberapay support
2017-12-12 11:53:31 +01:00
Hans-Christoph Steiner
6228162cbd
handle jarsigner/apksigner output cleanly for rational logging
...
These were both spamming the output with lots of confusing messages, even
when --verbose was not used. Jarsigner especially has confusing messages,
since it has warnings that do not pertain to APK signatures at all, like
the ones about timestamps and missing Certificate Authority.
closes #405
2017-12-07 17:32:14 +01:00
Hans-Christoph Steiner
05abbfbabd
gitlab-ci: move sdist test run to new fedora job
...
A full run of the test suite takes quite a bit of time. This removes one
of the 3 runs from the main 'tests' job, and puts it into the Fedora job.
That test run is mostly to make sure the setup.py and source tarball are
correctly, so that doesn't affect merge requests very often.
This also tests `pip install --user`, which was not really being tested
before.
2017-12-06 20:20:17 +01:00
Marcus Hoffmann
bfe2c00834
common.testCase: fix find_sdk_tools when aapt is installed in /usr/bin
...
The testlogic was broken when having both aapt in /usr/bin and also as
part of the android sdk.
2017-12-06 12:30:47 +01:00
Hans-Christoph Steiner
1c3a4479ab
add common.sign_apk() for nighly as test for using in publish
...
Since the MD5 migration was quite a bit of work, it makes sense to start
on moving away from SHA1 as much as possible while it is easy to do. SHA256
will only work in APK signatures on android-18 (4.3) or newer. So if an
APK has a minSdkVersion of 18 or newer, then sign with SHA256.
https://issuetracker.google.com/issues/36956587
https://android-review.googlesource.com/c/platform/libcore/+/44491
2017-12-04 22:52:41 +01:00
Hans-Christoph Steiner
3f4e93bf86
Merge branch 'metadataFlavours' into 'master'
...
Add flavour to metadata
See merge request fdroid/fdroidserver!370
2017-12-02 20:51:24 +00:00
tobiasKaminsky
d5ecb34df7
add flavour to metadata
2017-12-01 15:25:00 +01:00
Hans-Christoph Steiner
5b22ff7dc6
tests: use standard dir setup so all tests start in same dir
2017-11-30 17:32:53 +01:00
Hans-Christoph Steiner
3ff4b656c6
tests: name temp test dir after test function that used it
2017-11-30 17:32:53 +01:00
Hans-Christoph Steiner
30b2f5a48a
build: sort fdroid build --all
by most recently changed first
2017-11-30 17:32:53 +01:00
Hans-Christoph Steiner
c7c40cb59f
PEP8 fixes
2017-11-30 13:42:37 +01:00
tobiasKaminsky
33aee96ed9
added test case
2017-11-30 11:12:18 +01:00
Hans-Christoph Steiner
743ef9ba00
rename test files to work round filename length limits
...
It seems a lot of things like tar, Windows, some filesystems, etc. do not
handle long filenames. #416
2017-11-27 16:57:30 +01:00