1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-14 19:10:11 +01:00
Commit Graph

54 Commits

Author SHA1 Message Date
Marcus Hoffmann
af707cd1cb setup.py: don't use pyasn1 to 0.3.3 until pyasn1-modules is updated to support it
Latest pyasn1-modules hard codes pyasn1-0.3.2, so this currently break our tests.
Ref: https://github.com/etingof/pyasn1-modules/issues/4
2017-08-27 21:58:40 +00:00
Hans-Christoph Steiner
96aacf1752 add missing comma in setup.py 2017-07-26 11:25:51 -07:00
Hans-Christoph Steiner
5eb85deeaf Bump to 0.8 2017-07-25 22:19:49 -07:00
Hans-Christoph Steiner
5feaafa1bd update pypi "classifiers" 2017-07-25 22:19:49 -07:00
Hans-Christoph Steiner
c7034bfaea update file list in setup.py 2017-07-25 22:19:48 -07:00
Michael Pöhn
54963506a0 set required minimum ruamel.yaml version 2017-07-04 11:51:08 +02:00
Michael Pöhn
c46dec925e add ruamel.yaml to setup.py 2017-07-04 11:51:08 +02:00
Hans-Christoph Steiner
4b03c3d42d buildserver: replace custom code with python-vagrant
I ran into some annoying issues with UTF-8 output in the vagrant logs, and
it was hard to solve.  So I switched to using python-vagrant, which handles
it all for us.  Its been around since 2012, has a number of contributors,
and is still actively maintained, so it seems like a good bet. I also
packaged it for Debian, including a backport in jessie-backports.

On Debian/jessie, do `apt-get install python3-vagrant/jessie-backports`
2017-05-23 20:04:08 +02:00
Torsten Grote
6552c1fa49
Fix installs with pip --user 2017-04-03 09:55:20 -03:00
Kevin C. Krinke
df27bae6a0 dscanner - Drozer based post-build dynamic vulnerability scanner command
* New command `dscanner`, enables one to scan signed APKs with Drozer
 * Drozer is a dynamic vulnerability scanner for Android
 * Drozer runs in a emulator or on-device, this new `dscanner` command...
  * starts a docker image with Drozer and the Android Emulator pre-installed,
  * loads the signed APK into the emulator
  * activates Drozer automated tests for the APK
  * gathers the report output and places it next to the original APK
 * The Drozer docker image can be:
  * cached locally for re-use (just don't run --clean*)
  * retrieved from dockerhub.com for more efficient runtime
  * or be built from scratch (in the new "./docker" directory)
 * New "Vulnerability Scanning" documentation section (run gendocs.sh)
2016-12-06 14:00:44 +01:00
Daniel Martí
34f451361f Bump to 0.7.0 2016-09-11 11:52:11 +02:00
Hans-Christoph Steiner
714b3b9ff6 makebuildserver: use original names for downloaded SDK components
It will make it a lot easier to manage the cache if we use the original
file names, which often include the file version.  This also changes the
download process to be resumable if there is a partial file in the cache,
and switches from calling wget on the command line to using the python libs
'requests' and 'clint' to provide a similar experience.  While its not so
important for this particular bit of code to use those libraries, I think
those two will allow us to provide a better user experience throughout the
whole of fdroidserver.

In this case, it is already doing special tricks fetching the file size
from the server before trying to download it.  I suppose this code could
instead check if the file exists, and if so, check the hash sum.  I think
that would be slower for most people since checking the hash on large files
takes a noticeable about of time, while a HTTP HEAD request is pretty tiny.
2016-06-14 14:21:59 +02:00
Hans-Christoph Steiner
19189b9b04 import app into fdroid directly from git clone
This adds a new method for `fdroid import` that will generate the fdroidserver
metadata based on a local git repo.  This new mode generates the metadata in
the new .fdroid.yaml format in the git repo itself.  It is intended as a quick
way to get starting building apps using the fdroidserver tools.
2016-03-23 17:16:28 +01:00
Daniel Martí
99edd64372 Switch all headers to python3 2016-03-10 16:43:36 +00:00
Hans-Christoph Steiner
3685ba16f7 setup.py: fix missing comma in classifiers 2016-02-18 11:47:02 +01:00
Daniel Martí
05bcf8abd6 Bump to 0.6.0 2016-02-18 09:15:47 +00:00
Hans-Christoph Steiner
b33add9ce7 name makebuildserver config the same as the script
This keeps the numbers of names down to a minimum, and since the config
is placed right next to the script, this keeps tab completion working
nicely when the config file is in place.

The old file name is still supported.
2016-01-21 15:34:55 +01:00
Daniel Martí
23b7f544c1 Bump to 0.5.0 2015-11-12 19:09:50 +01:00
NeroBurner
694a4ce7da Add asynchronous filereader, fix python3 lockups 2015-09-20 20:57:53 +02:00
NeroBurner
9e8d9bebfa Update Licence in setup.py to AGPLv3 2015-09-16 22:55:22 +02:00
Daniel Martí
055759cf76 Rewrite scanner logic
Initially, the scanner used libmagic which used magic numbers in the file's
content to detect what kind of file it appears to be. Since that library isn't
available on all systems, we added support for two other libraries, mimetypes
amongst them.

The issue with mimetypes is that it only uses the file's extension, not its
actual content. So this ends in variable behaviour depending on what system
you're using fdroidserver on. For example, an executable binary without
extension would be ignored if mimetypes was being used.

We now drop all libraries - mimetypes too as it depends on the system's
mime.types file - and instead check extensions ourselves. On top of that, do
a simple binary content check to find binary executables that don't have an
extension.

The new in-house code without any dependencies doesn't add any new checks, so
no builds should break. The current checks still work:

 % fdroid scanner app.openconnect:1029
[...]
Found executable binary at assets/raw/armeabi/curl
Found executable binary at assets/raw/mips/curl
Found executable binary at assets/raw/x86/curl
Found JAR file at lib/XposedBridgeApi-54.jar
Found JAR file at libs/acra-4.5.0.jar
Found JAR file at libs/openconnect-wrapper.jar
Found JAR file at libs/stoken-wrapper.jar
Found shared library at libs/armeabi/libopenconnect.so
Found shared library at libs/armeabi/libstoken.so
Found shared library at libs/mips/libopenconnect.so
Found shared library at libs/mips/libstoken.so
Found shared library at libs/x86/libopenconnect.so
Found shared library at libs/x86/libstoken.so
2015-09-13 22:17:37 -07:00
Hans-Christoph Steiner
32e257d742 support app metadata in YAML format
YAML is a format that is quite similar to the .txt format, but is a
widespread standard that has editing modes in popular editors.  It is also
easily parsable in python.

The .pickle for testing is a lightly edited version of the real metadata
for org.videolan.vlc:

 * comments were removed
2015-09-01 11:39:51 +02:00
Daniel Martí
59883851ae Bump to 0.4.0 2015-08-04 23:01:16 -07:00
Nico Alt
94881ba10d Correct filename in setup.py 2015-08-04 21:02:06 +02:00
Hans-Christoph Steiner
82acf3a0f8 let setuptools determine the base install path on OSX
Instead of trying to guess which absolute path and .egg name
everything will be installed into, just use a relative path and the
setup process will do the right thing (so far, at least).
2015-08-03 22:17:20 +02:00
Hans-Christoph Steiner
752b258ba7 get MIME types without strictly requiring python-magic
There are two forms of python-magic, one included in libmagic that is
default on Debian, and another Python wrapper for libmagic that is
called 'python-magic' on pypi.  Those both rely on the compiled binary
library libmagic.  For platforms without good package management, fallback
to using the built-in 'mimetypes' library if 'magic' is not available.

This supports OSX, Windows, and BSD.
2015-08-01 00:38:41 +02:00
Hans-Christoph Steiner
37694a6155 fix installing via OSX's easy_install 2015-08-01 00:38:41 +02:00
Hans-Christoph Steiner
f625005ec3 remove dependency on wget for 'build' and 'verify'
To make the core tools portable to platforms like Mac OS X and Windows,
remove the dependency on wget and instead use Python Requests, which
probably has better performance anyway.
2015-07-24 11:53:14 -07:00
Daniel Martí
b1053ac1a7 Bump to 0.3.0 2015-01-02 22:19:24 +01:00
Daniel Martí
14f654fabc Apply some autopep8-python2 suggestions 2014-12-31 16:44:06 +01:00
Daniel Martí
6e2d0a9e1e Replace getsig.java with a pure python implementation
Special thanks to deki for helping out with the certificate encodings:
https://gitlab.com/snippets/1842

fixes #5 https://gitlab.com/fdroid/fdroidserver/issues/5
2014-11-07 09:20:14 +00:00
Daniel Martí
880f75110e Add setup.py to pep8+pyflakes hook, fix it 2014-08-16 11:51:23 +02:00
Daniel Martí
b66ff53976 Bump version to 0.2.1 2014-08-02 13:44:48 +02:00
Hans-Christoph Steiner
1bde10a642 default to Pillow for Python Imaging, that's what most people use now
PIL is the old standard Python Imaging.  Pillow is a fork where development
is actually continuing.  It seems that all the distros are also switching
from PIL to Pillow, including Debian, Ubuntu, Fedora, brew, MacPorts, etc.
2014-07-17 12:32:35 -04:00
Hans-Christoph Steiner
22473e2052 set version to v0.2 2014-06-26 20:47:36 -04:00
Hans-Christoph Steiner
37d6d87ff7 fix PEP8 "E226 missing whitespace around arithmetic operator" 2014-05-06 14:36:33 -04:00
Hans-Christoph Steiner
98033f3270 if the AWS S3 bucket does not exist, create it
This makes the AWS S3 setup dead simple: just put in a awsbucket name of
your choosing, set the AWS credentials, and it'll do the rest, whether the
bucket exists already or not.  S3 buckets are trivial to delete too, in
case of error: `s3cmd rb s3://mybadbucketname`.
2014-04-22 23:13:38 -04:00
Hans-Christoph Steiner
f0def08add support cloud storage with libcloud, starting with Amazon AWS S3
apache-libcloud enables uploading to basically any cloud storage service.
This is the first implementation that allows `fdroid server` to push a repo
up to a AWS S3 'bucket'.  Supporting other cloud storage services should
mostly be a matter of finding the libcloud "Provider" and setting the
access creditials.

fixes #3137 https://dev.guardianproject.info/issues/3137
2014-04-22 23:13:37 -04:00
Hans-Christoph Steiner
3829d37d34 support repo signing with a key on a smartcard
This assumes that the smartcard is already setup with a signing key.  init
does not generate a key on the smartcard, and skips genkey() if things are
configured to use a smartcard.

This also does not touch APK signing because that is a much more elaborate
question, since each app is signed by its own key.
2014-04-07 16:00:18 -04:00
Hans-Christoph Steiner
947a6d57d2 'ssh' python module no longer needed, only 'paramiko' 2014-04-03 12:34:01 -04:00
Hans-Christoph Steiner
bb15611ed1 setup.py: include 'ssh' and 'mwclient' as required libraries 2014-04-02 19:49:02 -04:00
Hans-Christoph Steiner
f918323e91 build and install getsig.class with setup.py 2014-04-02 17:54:21 -04:00
Hans-Christoph Steiner
1b130950fd include prefix in data_files install path so it installs correctly
setuptools wants to stick any relative install path in data_files into the
.egg package.  Things are not setup to use the egg now.  We might want to
consider using sticking files into the egg via pkg_resource in the future.
2014-04-02 17:54:21 -04:00
Hans-Christoph Steiner
434eab6606 downcase setup.py name to match the name in the repo, Debian package, etc. 2014-04-02 17:49:07 -04:00
Hans-Christoph Steiner
8ef6546f81 move fdroid-icon.png to examples/ 2014-04-01 18:04:36 -04:00
Hans-Christoph Steiner
a31f4571c2 fix example files install in setup.py
This also makes the file layout in git basically the same as the installed
file layout, using an examples/ dir.  I'm not sure if config.buildserver.py
is an example conf file, or a conf file that is actually in use, so I did
not move it.
2014-03-31 21:29:51 -04:00
moparisthebest
8e40b59c00 Support both debian's and pypi's python-magic libraries, which are different... 2014-02-16 22:42:16 -05:00
Daniel Martí
9fb006b567 Remove python-magic pip dep to avoid magic modules confusion
We use the one from the 'file' package, not the standalone one found on PIP.
2014-02-17 17:26:32 +01:00
Daniel Martí
38cb88b7ef Add fd-commit as script on setup.py 2014-01-15 23:02:02 +01:00
Daniel Martí
e4732047c1 Fix email, url and docs in setup.py 2014-01-08 18:17:22 +01:00