Michael Pöhn
e2fed09af1
make metadata template behaves well for empty values
2019-07-22 01:34:55 +02:00
Hans-Christoph Steiner
051596dd0d
tests: conditionally disable tests that can't work with apksigner
...
apksigner treats MD5 signatures as valid, fdroid does not.
2019-07-10 14:35:03 +02:00
Hans-Christoph Steiner
26af94974a
Merge branch 'rsync-buildslogs-to-webroot-repo' into 'master'
...
build: rsync buildlogs to <webroot>/repo
See merge request fdroid/fdroidserver!651
2019-07-10 08:55:04 +00:00
Michael Pöhn
2c87b5e6f9
deploy build logs: no timestamps
2019-07-06 16:48:56 +02:00
Michael Pöhn
f30983368c
build: rsync buildlogs to <webroot>/repo
2019-07-06 16:48:56 +02:00
Hans-Christoph Steiner
a248a69692
tests: skip disabled_algorithms test when apksigner is present
...
apksigner doesn't treat MD5 signatures as deprecated, so that portion of
the tests would always fail.
2019-07-04 16:45:50 +02:00
Hans-Christoph Steiner
a9aa8788e0
tests: only run source tarball test if running from git clone
2019-07-03 22:33:15 +02:00
Hans-Christoph Steiner
aa1e958360
tests: only run hooks/pre-commit if its present (not in source tarball)
2019-07-03 20:46:30 +02:00
Hans-Christoph Steiner
a0f5ee661e
tests: common.test_sign_apk requires aapt to run
2019-07-03 09:07:36 +02:00
Hans-Christoph Steiner
57b9d1e316
tests: handle when apksigner considers MD5 signatures valid
2019-07-02 22:17:06 +02:00
Michael Pöhn
66105de833
improve litecoin validation + tests
2019-05-28 11:04:43 +02:00
Michael Pöhn
06cec2041d
improve bitcoin validation regex + testcases
2019-05-07 22:43:05 +02:00
Hans-Christoph Steiner
dd2f9d60f8
publish: fix stupid error in repro-signing and add integration test
...
stoopid mistake in ea84014f9b
reported
by @CiaranG
2019-04-11 14:06:51 +02:00
Marcus
7272689ced
Merge branch 'master' into 'master'
...
Added newer ndks, gradles, latest sdk-license, and update java 1.8 version
See merge request fdroid/fdroidserver!637
2019-04-11 11:42:18 +00:00
Michael Pöhn
67731470cc
Revert "Merge branch 'write-yaml-overhaul' into 'master'"
...
This reverts merge request !630
2019-04-01 10:24:00 +00:00
Taco
457cf22361
Added newer ndks, gradles, latest sdk-license, and update java 1.8 version
2019-03-30 17:10:21 -04:00
Michael Pöhn
2683b37044
yml metadata write: do not use local functions
2019-03-19 01:01:18 +01:00
Michael Pöhn
881a79fa84
test writing all yaml fields
2019-03-18 22:45:35 +01:00
Michael Pöhn
63afc0acb5
use pyyaml for writing metadata instead of ruamel
2019-03-18 22:45:35 +01:00
Hans-Christoph Steiner
d03b121152
update: allow tests to pass when apksigner is not installed
...
This is only for the v2/v3 signatures.
fdroid/fdroidserver#627
2019-02-12 12:43:21 +01:00
Hans-Christoph Steiner
50ca3967cc
update: fix tests when running without apksigner
2019-02-03 15:50:39 +01:00
Hans-Christoph Steiner
17dc231dc9
update: fix running without androguard
...
Soon, we can rip out all the aapt parsing stuff, but not yet!
2019-02-03 15:50:39 +01:00
Michael Pöhn
dd695c650e
update: treat target and min sdk version as int
2019-02-01 09:56:21 +01:00
Hans-Christoph Steiner
d96f5ff660
support APK Signature V2 when apksigner is installed
...
This was done with much help from @uniqx. This is the first level of
supporting APK Signatures v1, v2, and v3. This is enough to include
APKs with any combo of v1/v2/v3 signatures. For this to work at all,
apksigner and androguard 3.3.3+ must be installed.
closes #399
2019-02-01 09:17:56 +01:00
Francesco Cervigni
984d276c1b
Added test aapt output files for build-tools 28.0.3
2019-01-13 19:27:02 +01:00
Michael Pöhn
31ca2092a1
yaml parsing: script build flags can now be lists
2018-11-29 21:53:37 +01:00
Michael Pöhn
c15a7508e7
write yaml script metadata as lists
2018-11-29 21:53:37 +01:00
Michael Pöhn
a21635ae2e
fix metadata test case: write yaml prebuild
2018-11-29 21:53:37 +01:00
Michael Pöhn
723815a25b
fix metadata.Testcase:test_rewrite_yaml_special_build_params
2018-11-29 21:53:37 +01:00
Michael Pöhn
d0a129c216
add test for parsing build field prebuild as string
2018-11-29 21:53:37 +01:00
Michael Pöhn
942de28fa5
yaml metadata: split prebuild build field to list
2018-11-29 21:53:37 +01:00
Hans-Christoph Steiner
57556aceee
remove redundant open() arg: encoding='utf8'
...
By default, open() returns a str:
https://docs.python.org/3/library/functions.html#open
By default, str is UTF-8:
https://docs.python.org/3/library/stdtypes.html#str
This used to matter on Python 2.x, but this code is 3.x only now.
2018-10-19 15:01:34 +02:00
Hans-Christoph Steiner
bfdf581201
import: use valid placeholder values for versionCode/versionName
...
fdroid/fdroidserver!559
closes fdroid/fdroidserver#548
2018-10-10 16:02:34 +02:00
Michael Pöhn
67e46694d3
add test for allowing to write placeholder values to yaml metadata files
2018-10-10 16:02:34 +02:00
Hans-Christoph Steiner
3bea689f74
add another lint field type test case
2018-10-10 16:02:34 +02:00
Hans-Christoph Steiner
e33c1c74b1
tests: include info.zwanenburg.caffeinetile in index tests
2018-10-10 16:02:34 +02:00
Hans-Christoph Steiner
8b251da79f
update: do not set targetSdkVersion if the APK is missing it
...
699b3e4c69
got it wrong for targetSdkVersion.
Also, one confusing thing is that aapt outputs "sdkVersion: '3'" for
com.politedroid_3.apk but no "sdkVersion:" for no.min.target.sdk_987.apk.
F-Droid never really supported running on android-1 or android-2, so it
seems pointless to debug support for them.
2018-10-10 15:29:02 +02:00
Hans-Christoph Steiner
85993eb2f8
lint: check fields for proper type, e.g. list vs. string
...
fdroid/fdroidserver#578
2018-10-09 23:31:24 +02:00
Hans-Christoph Steiner
6b57cb6b7c
fix strict Application ID checks
...
* upper case letters are allowed at all positions
* there must be a "." separator
2018-09-24 17:07:27 +02:00
Hans-Christoph Steiner
11d46072ab
use androguard primitives to speed up finding debuggable flag
...
androguard parses the whole APK before handing the instance back, this uses
the primitives to just find the <application android:debuggable=""> value,
then stop parsing.
#557
2018-09-21 14:56:46 +02:00
Hans-Christoph Steiner
a3cecc16a3
use partial androguard binary XML parsing to speed up APK ID lookup
...
Normally, androguard parses the entire APK before it is possible to get any
values from it. This uses androguard primitives to only attempt to parse
the AndroidManifest.xml, then to quit as soon as it gets what it needs.
This greatly speeds up the parsing (1 minute vs 60 minutes).
fdroid/fdroidserver#557
2018-09-21 14:56:46 +02:00
Hans-Christoph Steiner
4c4da3d176
update: remove 'SET' debug antifeature, closes #565
...
oops, this slipped in in 3011953d0e
Bump the metadata version to purge the cache
2018-09-18 10:57:10 +02:00
Hans-Christoph Steiner
92c4f048de
update: test scan_apk() with both aapt and androguard
...
#568
2018-09-18 10:55:51 +02:00
Hans-Christoph Steiner
807bf3d26b
build: reuse common methods for getting metadata from APKs
...
This splits out the code that gets the list of native ABIs supported, then
uses the standard methods for the rest.
2018-09-18 10:55:51 +02:00
Hans-Christoph Steiner
487c4d02f3
handle package: line output from aapt v28
...
fdroid/fdroiddata!3484
fdroid/fdroiddata!3562
fdroid/fdroidserver!548
2018-09-18 10:55:51 +02:00
Hans-Christoph Steiner
d1acef0405
tests: generate aapt output for every version to make tests easy
2018-09-18 10:55:51 +02:00
Hans-Christoph Steiner
9d12b1dc61
add strict, tested validation of Android/F-Droid package names
...
Android has stricter rules than Java for Package Names, but anything the
Python regex thinks is valid must be valid according to Java's rules too.
https://developer.android.com/studio/build/application-id
2018-09-07 14:17:39 +02:00
Hans-Christoph Steiner
5d161cc9fd
validate appid when reading metadata files
...
The metadata file must be named after the Application ID of the app it is
describing, and Android Application IDs must be valid Java Package Names.
2018-09-03 22:56:08 +02:00
Hans-Christoph Steiner
3011953d0e
convert apkcache from pickle to JSON
...
pickle can serialize executable code, while JSON is only ever pure data.
The APK cache is only ever pure data, so no need for the security risks of
pickle. For example, if some malicious thing gets write access on the
`fdroid update` machine, it can write out a custom tmp/apkcache which would
then be executed. That is not possible with JSON.
This does just ignore any existing cache and rebuilds from scratch. That is
so we don't need to maintain pickle anywhere, and to ensure there are no
glitches from a conversion from pickle to JSON.
closes #163
2018-09-03 18:07:40 +02:00
Hans-Christoph Steiner
4d13a904f3
use defusedxml to avoid DoS attacks while loading XML
2018-08-29 17:44:54 +02:00