1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-15 11:20:32 +01:00
Commit Graph

143 Commits

Author SHA1 Message Date
Marcus Hoffmann
8961485125 remove dscanner subcommand
It's unused and unmaintained. It could  potentially be revived as a
plugin at a later point.
2020-01-31 14:17:12 +01:00
Hans-Christoph Steiner
fbdecbceb7
setup.py: ruamel.yaml >= 0.15 required for yml rewrites 2019-08-28 15:57:44 +02:00
Hans-Christoph Steiner
ce54dbfc11
setup.py: use officially documented way of including README
https://packaging.python.org/tutorials/packaging-projects/
2019-08-28 15:57:43 +02:00
Hans-Christoph Steiner
60173d35df ./setup.py release: make upload step manual so CI can run first
There is lots of CI tests for the Debian package, so it is good to first
run those Debian CI tests before uploading an fdroidserver release.
2019-07-03 20:46:40 +02:00
Michael Pöhn
67731470cc Revert "Merge branch 'write-yaml-overhaul' into 'master'"
This reverts merge request !630
2019-04-01 10:24:00 +00:00
Michael Pöhn
63afc0acb5 use pyyaml for writing metadata instead of ruamel 2019-03-18 22:45:35 +01:00
Hans-Christoph Steiner
94affe9421
version 1.2 alpha 2019-02-12 12:43:37 +01:00
Hans-Christoph Steiner
2157498dcf version 1.1.1 2019-02-03 15:50:39 +01:00
Hans-Christoph Steiner
714c6ce902
set version to 1.1 2019-01-28 17:43:39 +01:00
Hans-Christoph Steiner
877fb04e24 androguard v3.3.2 is also missing key API methods 2019-01-27 23:11:44 +01:00
Hans-Christoph Steiner
282a3e0e1d androguard v3.3.0 and v3.3.1 are missing key API methods 2019-01-27 23:00:00 +01:00
Marcus Hoffmann
e1c547cfdf Revert "Revert "Merge branch 'random-fixes' into 'master'""
This reverts commit f6f2fb0b89.

Only one of the included commit should have been reverted.
2019-01-10 14:48:29 +01:00
Marcus
f6f2fb0b89 Revert "Merge branch 'random-fixes' into 'master'"
This reverts merge request !605
2019-01-10 13:46:49 +00:00
Hans-Christoph Steiner
13bcc476a7 androguard>=3.3 fails: "AXMLParser' object has no attribute 'is_valid'"
Traceback (most recent call last):
  File "/builds/eighthave/fdroidserver/tests/build.TestCase", line 120, in test_get_apk_metadata
    vc, vn = fdroidserver.build.get_metadata_from_apk(app, build, apkfilename)
  File "/builds/eighthave/fdroidserver/fdroidserver/build.py", line 332, in get_metadata_from_apk
    appid, versionCode, versionName = common.get_apk_id(apkfile)
  File "/builds/eighthave/fdroidserver/fdroidserver/common.py", line 2126, in get_apk_id
    return get_apk_id_androguard(apkfile)
  File "/builds/eighthave/fdroidserver/fdroidserver/common.py", line 2158, in get_apk_id_androguard
    while axml.is_valid():
AttributeError: 'AXMLParser' object has no attribute 'is_valid'
2019-01-03 21:00:01 +01:00
Hans-Christoph Steiner
4d13a904f3 use defusedxml to avoid DoS attacks while loading XML 2018-08-29 17:44:54 +02:00
Hans-Christoph Steiner
d28dd3f64d bump to 1.1a 2018-06-25 10:52:07 +02:00
Hans-Christoph Steiner
c37c8bc0a5 bump to 1.0.6 2018-05-25 17:29:14 +02:00
Hans-Christoph Steiner
e986dcf985 directly use README.md for pypi, using new metadata options
* https://packaging.python.org/tutorials/packaging-projects/#description
* https://packaging.python.org/specifications/core-metadata/#description-content-type-optional
* https://blog.thea.codes/github-flavored-markdown-on-pypi/
2018-05-25 14:23:05 +02:00
Hans-Christoph Steiner
dae73be4ab bump to 1.0.5 2018-05-25 13:53:09 +02:00
Hans-Christoph Steiner
3cb4aa6c18 bump to 1.0.4 2018-05-15 12:39:18 +02:00
Hans-Christoph Steiner
6db9ba8334 androguard >= 3.1.0 is in pypi, so add it to install_requires 2018-05-14 15:25:33 +02:00
Hans-Christoph Steiner
5610b3f0d7 set pyasn1 required version to prevent conflict with pyasn1-modules
pyasn1-modules v0.2.1 requires pyasn1 <0.5.0, >=0.4.1 but for whatever
reason, `pip3 install` is not picking it up properly.  Perhaps because pip3
finds an older version of pyasn1 installed but does not upgrade it.

* https://github.com/etingof/pyasn1-modules/issues/10
* https://gitlab.com/eighthave/fdroidserver/-/jobs/67781548
2018-05-14 15:25:33 +02:00
Hans-Christoph Steiner
b82f074919 bump to 1.0.3 2018-03-22 23:19:57 +01:00
Hans-Christoph Steiner
2f563f533b bump to 1.0.2 to placate pypi
I mistakenly uploaded the dist tarball to pypi without the PGP signature.
So I deleted the release, thinking I could reupload it.  It is not possible:
https://github.com/pypa/packaging-problems/issues/74

So this is really just a bump so I can reupload to pypi.
2018-02-22 21:23:19 +01:00
Hans-Christoph Steiner
e9320017b4 Bump to 1.0.1! 2018-02-22 20:01:50 +01:00
Hans-Christoph Steiner
6d69dcddd9 use 1.0.0 for release version to make pypi happy 2018-01-03 21:41:35 +01:00
Hans-Christoph Steiner
d95859c87e Bump to 1.0!! 2018-01-03 16:51:16 +01:00
Hans-Christoph Steiner
6902160e89 remove fd-commit, no active devs use it, and requires Auto Name/Name
fd-commit and checkupdates both require that there are two name fields,
AutoName: and Name:.  This is only used for the commit messages.  Since the
current devs do it manually, we can remove the fd-commit shell script, then
focus on checkupdates when revamping AutoName/Name.

https://botbot.me/freenode/fdroid-dev/msg/82539152
2017-12-06 22:48:08 +01:00
Hans-Christoph Steiner
a0a68c7a13 setup requires Babel aka python3-babel to compile translations
https://forum.f-droid.org/t/f-droid-server-building-error/1670
2017-12-06 20:20:17 +01:00
Hans-Christoph Steiner
c98740a7d2 nightly: include 'qrcode' as dependency 2017-11-29 21:06:02 +01:00
Hans-Christoph Steiner
cee65dbfb6 Bump to 0.9.1 for release process fixes 2017-11-27 16:57:30 +01:00
Hans-Christoph Steiner
875dfd0d60 check git is on correct tag before making a release 2017-11-27 16:57:30 +01:00
Hans-Christoph Steiner
80bd6f5fe2 Bump to 1.0.dev0 2017-11-27 13:59:35 +01:00
Hans-Christoph Steiner
2c32071f24 Bump to 0.9 2017-11-27 13:59:35 +01:00
Benji Wiebe
3e20ed8590 Changed setup.py +x for easy invocation 2017-11-13 19:09:51 -06:00
Hans-Christoph Steiner
49bd5a6462 use Babel to compile localizations and include in source tarball
python3-babel was also included in the gitlab-ci docker image:
ffc08dbc1d
2017-10-19 23:28:13 +02:00
Hans-Christoph Steiner
d4865ec038 include README.rst in official release source tarball
README.rst is still the standard for Python libs.
2017-10-19 23:16:58 +02:00
Hans-Christoph Steiner
31e81e83da use pandoc to convert README.md to PyPI's reST format
PyPI and Python packages expect the description to be in reST format, which
is a lot different than Markdown.  This does the conversion if pandoc is
installed.
2017-09-25 16:35:18 +02:00
Hans-Christoph Steiner
96e71bfdb3 set minimum Python version to 3.4
We use contructs introduced in 3.4, and 3.4 is really widely available.

https://setuptools.readthedocs.io/en/latest/setuptools.html#new-and-changed-setup-keywords
2017-09-15 11:35:30 +02:00
Marcus Hoffmann
fb87751ef2 setup.py: unstick docker-py and requests dependencies
docker-py 1.10.6 is the last version released under docker-py, after that it
will be just docker, but has breaking changes, see:
https://github.com/docker/docker-py/releases/tag/2.0.0

Update the list of allowed versions of requests to docker-py master.
2017-08-17 01:53:49 +02:00
Hans-Christoph Steiner
96aacf1752 add missing comma in setup.py 2017-07-26 11:25:51 -07:00
Hans-Christoph Steiner
5eb85deeaf Bump to 0.8 2017-07-25 22:19:49 -07:00
Hans-Christoph Steiner
5feaafa1bd update pypi "classifiers" 2017-07-25 22:19:49 -07:00
Hans-Christoph Steiner
c7034bfaea update file list in setup.py 2017-07-25 22:19:48 -07:00
Michael Pöhn
54963506a0 set required minimum ruamel.yaml version 2017-07-04 11:51:08 +02:00
Michael Pöhn
c46dec925e add ruamel.yaml to setup.py 2017-07-04 11:51:08 +02:00
Hans-Christoph Steiner
4b03c3d42d buildserver: replace custom code with python-vagrant
I ran into some annoying issues with UTF-8 output in the vagrant logs, and
it was hard to solve.  So I switched to using python-vagrant, which handles
it all for us.  Its been around since 2012, has a number of contributors,
and is still actively maintained, so it seems like a good bet. I also
packaged it for Debian, including a backport in jessie-backports.

On Debian/jessie, do `apt-get install python3-vagrant/jessie-backports`
2017-05-23 20:04:08 +02:00
Torsten Grote
6552c1fa49
Fix installs with pip --user 2017-04-03 09:55:20 -03:00
Kevin C. Krinke
df27bae6a0 dscanner - Drozer based post-build dynamic vulnerability scanner command
* New command `dscanner`, enables one to scan signed APKs with Drozer
 * Drozer is a dynamic vulnerability scanner for Android
 * Drozer runs in a emulator or on-device, this new `dscanner` command...
  * starts a docker image with Drozer and the Android Emulator pre-installed,
  * loads the signed APK into the emulator
  * activates Drozer automated tests for the APK
  * gathers the report output and places it next to the original APK
 * The Drozer docker image can be:
  * cached locally for re-use (just don't run --clean*)
  * retrieved from dockerhub.com for more efficient runtime
  * or be built from scratch (in the new "./docker" directory)
 * New "Vulnerability Scanning" documentation section (run gendocs.sh)
2016-12-06 14:00:44 +01:00
Daniel Martí
34f451361f Bump to 0.7.0 2016-09-11 11:52:11 +02:00
Hans-Christoph Steiner
714b3b9ff6 makebuildserver: use original names for downloaded SDK components
It will make it a lot easier to manage the cache if we use the original
file names, which often include the file version.  This also changes the
download process to be resumable if there is a partial file in the cache,
and switches from calling wget on the command line to using the python libs
'requests' and 'clint' to provide a similar experience.  While its not so
important for this particular bit of code to use those libraries, I think
those two will allow us to provide a better user experience throughout the
whole of fdroidserver.

In this case, it is already doing special tricks fetching the file size
from the server before trying to download it.  I suppose this code could
instead check if the file exists, and if so, check the hash sum.  I think
that would be slower for most people since checking the hash on large files
takes a noticeable about of time, while a HTTP HEAD request is pretty tiny.
2016-06-14 14:21:59 +02:00
Hans-Christoph Steiner
19189b9b04 import app into fdroid directly from git clone
This adds a new method for `fdroid import` that will generate the fdroidserver
metadata based on a local git repo.  This new mode generates the metadata in
the new .fdroid.yaml format in the git repo itself.  It is intended as a quick
way to get starting building apps using the fdroidserver tools.
2016-03-23 17:16:28 +01:00
Daniel Martí
99edd64372 Switch all headers to python3 2016-03-10 16:43:36 +00:00
Hans-Christoph Steiner
3685ba16f7 setup.py: fix missing comma in classifiers 2016-02-18 11:47:02 +01:00
Daniel Martí
05bcf8abd6 Bump to 0.6.0 2016-02-18 09:15:47 +00:00
Hans-Christoph Steiner
b33add9ce7 name makebuildserver config the same as the script
This keeps the numbers of names down to a minimum, and since the config
is placed right next to the script, this keeps tab completion working
nicely when the config file is in place.

The old file name is still supported.
2016-01-21 15:34:55 +01:00
Daniel Martí
23b7f544c1 Bump to 0.5.0 2015-11-12 19:09:50 +01:00
NeroBurner
694a4ce7da Add asynchronous filereader, fix python3 lockups 2015-09-20 20:57:53 +02:00
NeroBurner
9e8d9bebfa Update Licence in setup.py to AGPLv3 2015-09-16 22:55:22 +02:00
Daniel Martí
055759cf76 Rewrite scanner logic
Initially, the scanner used libmagic which used magic numbers in the file's
content to detect what kind of file it appears to be. Since that library isn't
available on all systems, we added support for two other libraries, mimetypes
amongst them.

The issue with mimetypes is that it only uses the file's extension, not its
actual content. So this ends in variable behaviour depending on what system
you're using fdroidserver on. For example, an executable binary without
extension would be ignored if mimetypes was being used.

We now drop all libraries - mimetypes too as it depends on the system's
mime.types file - and instead check extensions ourselves. On top of that, do
a simple binary content check to find binary executables that don't have an
extension.

The new in-house code without any dependencies doesn't add any new checks, so
no builds should break. The current checks still work:

 % fdroid scanner app.openconnect:1029
[...]
Found executable binary at assets/raw/armeabi/curl
Found executable binary at assets/raw/mips/curl
Found executable binary at assets/raw/x86/curl
Found JAR file at lib/XposedBridgeApi-54.jar
Found JAR file at libs/acra-4.5.0.jar
Found JAR file at libs/openconnect-wrapper.jar
Found JAR file at libs/stoken-wrapper.jar
Found shared library at libs/armeabi/libopenconnect.so
Found shared library at libs/armeabi/libstoken.so
Found shared library at libs/mips/libopenconnect.so
Found shared library at libs/mips/libstoken.so
Found shared library at libs/x86/libopenconnect.so
Found shared library at libs/x86/libstoken.so
2015-09-13 22:17:37 -07:00
Hans-Christoph Steiner
32e257d742 support app metadata in YAML format
YAML is a format that is quite similar to the .txt format, but is a
widespread standard that has editing modes in popular editors.  It is also
easily parsable in python.

The .pickle for testing is a lightly edited version of the real metadata
for org.videolan.vlc:

 * comments were removed
2015-09-01 11:39:51 +02:00
Daniel Martí
59883851ae Bump to 0.4.0 2015-08-04 23:01:16 -07:00
Nico Alt
94881ba10d Correct filename in setup.py 2015-08-04 21:02:06 +02:00
Hans-Christoph Steiner
82acf3a0f8 let setuptools determine the base install path on OSX
Instead of trying to guess which absolute path and .egg name
everything will be installed into, just use a relative path and the
setup process will do the right thing (so far, at least).
2015-08-03 22:17:20 +02:00
Hans-Christoph Steiner
752b258ba7 get MIME types without strictly requiring python-magic
There are two forms of python-magic, one included in libmagic that is
default on Debian, and another Python wrapper for libmagic that is
called 'python-magic' on pypi.  Those both rely on the compiled binary
library libmagic.  For platforms without good package management, fallback
to using the built-in 'mimetypes' library if 'magic' is not available.

This supports OSX, Windows, and BSD.
2015-08-01 00:38:41 +02:00
Hans-Christoph Steiner
37694a6155 fix installing via OSX's easy_install 2015-08-01 00:38:41 +02:00
Hans-Christoph Steiner
f625005ec3 remove dependency on wget for 'build' and 'verify'
To make the core tools portable to platforms like Mac OS X and Windows,
remove the dependency on wget and instead use Python Requests, which
probably has better performance anyway.
2015-07-24 11:53:14 -07:00
Daniel Martí
b1053ac1a7 Bump to 0.3.0 2015-01-02 22:19:24 +01:00
Daniel Martí
14f654fabc Apply some autopep8-python2 suggestions 2014-12-31 16:44:06 +01:00
Daniel Martí
6e2d0a9e1e Replace getsig.java with a pure python implementation
Special thanks to deki for helping out with the certificate encodings:
https://gitlab.com/snippets/1842

fixes #5 https://gitlab.com/fdroid/fdroidserver/issues/5
2014-11-07 09:20:14 +00:00
Daniel Martí
880f75110e Add setup.py to pep8+pyflakes hook, fix it 2014-08-16 11:51:23 +02:00
Daniel Martí
b66ff53976 Bump version to 0.2.1 2014-08-02 13:44:48 +02:00
Hans-Christoph Steiner
1bde10a642 default to Pillow for Python Imaging, that's what most people use now
PIL is the old standard Python Imaging.  Pillow is a fork where development
is actually continuing.  It seems that all the distros are also switching
from PIL to Pillow, including Debian, Ubuntu, Fedora, brew, MacPorts, etc.
2014-07-17 12:32:35 -04:00
Hans-Christoph Steiner
22473e2052 set version to v0.2 2014-06-26 20:47:36 -04:00
Hans-Christoph Steiner
37d6d87ff7 fix PEP8 "E226 missing whitespace around arithmetic operator" 2014-05-06 14:36:33 -04:00
Hans-Christoph Steiner
98033f3270 if the AWS S3 bucket does not exist, create it
This makes the AWS S3 setup dead simple: just put in a awsbucket name of
your choosing, set the AWS credentials, and it'll do the rest, whether the
bucket exists already or not.  S3 buckets are trivial to delete too, in
case of error: `s3cmd rb s3://mybadbucketname`.
2014-04-22 23:13:38 -04:00
Hans-Christoph Steiner
f0def08add support cloud storage with libcloud, starting with Amazon AWS S3
apache-libcloud enables uploading to basically any cloud storage service.
This is the first implementation that allows `fdroid server` to push a repo
up to a AWS S3 'bucket'.  Supporting other cloud storage services should
mostly be a matter of finding the libcloud "Provider" and setting the
access creditials.

fixes #3137 https://dev.guardianproject.info/issues/3137
2014-04-22 23:13:37 -04:00
Hans-Christoph Steiner
3829d37d34 support repo signing with a key on a smartcard
This assumes that the smartcard is already setup with a signing key.  init
does not generate a key on the smartcard, and skips genkey() if things are
configured to use a smartcard.

This also does not touch APK signing because that is a much more elaborate
question, since each app is signed by its own key.
2014-04-07 16:00:18 -04:00
Hans-Christoph Steiner
947a6d57d2 'ssh' python module no longer needed, only 'paramiko' 2014-04-03 12:34:01 -04:00
Hans-Christoph Steiner
bb15611ed1 setup.py: include 'ssh' and 'mwclient' as required libraries 2014-04-02 19:49:02 -04:00
Hans-Christoph Steiner
f918323e91 build and install getsig.class with setup.py 2014-04-02 17:54:21 -04:00
Hans-Christoph Steiner
1b130950fd include prefix in data_files install path so it installs correctly
setuptools wants to stick any relative install path in data_files into the
.egg package.  Things are not setup to use the egg now.  We might want to
consider using sticking files into the egg via pkg_resource in the future.
2014-04-02 17:54:21 -04:00
Hans-Christoph Steiner
434eab6606 downcase setup.py name to match the name in the repo, Debian package, etc. 2014-04-02 17:49:07 -04:00
Hans-Christoph Steiner
8ef6546f81 move fdroid-icon.png to examples/ 2014-04-01 18:04:36 -04:00
Hans-Christoph Steiner
a31f4571c2 fix example files install in setup.py
This also makes the file layout in git basically the same as the installed
file layout, using an examples/ dir.  I'm not sure if config.buildserver.py
is an example conf file, or a conf file that is actually in use, so I did
not move it.
2014-03-31 21:29:51 -04:00
moparisthebest
8e40b59c00 Support both debian's and pypi's python-magic libraries, which are different... 2014-02-16 22:42:16 -05:00
Daniel Martí
9fb006b567 Remove python-magic pip dep to avoid magic modules confusion
We use the one from the 'file' package, not the standalone one found on PIP.
2014-02-17 17:26:32 +01:00
Daniel Martí
38cb88b7ef Add fd-commit as script on setup.py 2014-01-15 23:02:02 +01:00
Daniel Martí
e4732047c1 Fix email, url and docs in setup.py 2014-01-08 18:17:22 +01:00
Hans-Christoph Steiner
94342ee43c install sample config files in a standard location
This means they'll automatically be installed in the right place by the
packaging processes of various UNIX distros, and then that makes it easy
for the upcoming 'fdroid init' to find them.
2013-11-04 12:20:19 -05:00
Daniel Martí
2c804ef88a Switch all shebangs to 'env python2' 2013-10-31 13:27:24 +01:00
Hans-Christoph Steiner
4d79f41bea convert setup.py into working setuptools-based installer
With this setup.py, its possible to install the required packages using:
  pip install -e .

The Debian packaging will also automatically get the dependencies from
install_requires.  This does not handle the generation of the docs at all.
I have not found a straightforward way to include running ./gendocs.sh in
setup.py, but its easy to run in the Debian packaging.
2013-10-24 21:28:04 +01:00
Ciaran Gultnieks
f643b0498c Make the server tools an installable package (with distutils) - wip 2012-03-11 11:59:19 +00:00