kamp/fdroidserver
1
0
Fork 0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-10-02 09:10:11 +02:00
Code Activity
d3d48dba5e
fdroidserver/tests
History
Hans-Christoph Steiner d3d48dba5e add config.yml as default config file format 
None of the config options in config.py require Python code.  YAML is a
common config data format, and it is also used for build metadata.  It is
also much safer to use since it can be pure data, without anything
executable in it.  This also reduces the attack surface of the fdroid
process by eliminating a guaranteed place to write to get code executed.
With config.py, any exploit that can get local write access can turn that
into execute access by writing to the config.py, then cleaning up after
itself once it has what it needs.  Switching to YAML removes that vector
entirely.

Also, this removes the config_file argument.  It is not used in either
fdroidserver or repomaker.  Also, it probably wouldn't work since so
much of the code assumes that the current working dir is the root of the
repo.
2020-10-23 14:18:55 +02:00
..
build-tools Added test aapt output files for build-tools 28.0.3 2019-01-13 19:27:02 +01:00
extra remove obselete tests 2020-06-10 10:43:25 +02:00
getsig include test cases for python getsig replacement 2014-11-07 09:20:33 +00:00
gnupghome gpg-sign all valid files in the repo, including source tarballs 2016-11-07 14:53:01 +01:00
metadata purge update.scan_apk_aapt() 2020-10-22 09:53:51 +02:00
metadata-rewrite-yml Revert "Merge branch 'write-yaml-overhaul' into 'master'" 2019-04-01 10:24:00 +00:00
repo add Liberapay: field with username as data 2020-06-16 15:35:28 +02:00
signindex Support ETag when downloading repository index 2017-05-02 15:37:02 -03:00
source-files gradlew-fdroid: fix parsing when files have Windows linefeeds 2020-05-29 21:55:10 +02:00
stats tests: include info.zwanenburg.caffeinetile in index tests 2018-10-10 16:02:34 +02:00
triple-t-2 update: parse Triple-T v2.x layout 2019-10-04 14:11:40 +02:00
valid-package-names move all test metadata files to .yml format 2020-06-10 09:56:31 +02:00
xref/metadata metadata: make linkresolver an actual object 2020-06-24 23:53:35 +02:00
androguard_test.py use default accepted_formats since all the files are .yml anyway 2020-06-10 10:43:21 +02:00
bad-unicode-πÇÇ现代通用字-български-عربي1.apk rename test files to work round filename length limits 2017-11-27 16:57:30 +01:00
build.TestCase remove unused helper function 2020-10-22 09:53:51 +02:00
check-fdroid-apk use standard User-Agent in check-fdroid-apk 2018-01-26 10:18:41 +01:00
checkupdates.TestCase tests: properly name CheckupdatesTest class 2020-01-31 15:37:32 +01:00
common.TestCase add config.yml as default config file format 2020-10-23 14:18:55 +02:00
complete-ci-tests move pylint run to standalone gitlab-ci job 2018-05-14 15:25:33 +02:00
config.py use default accepted_formats since all the files are .yml anyway 2020-06-10 10:43:21 +02:00
corrupt-featureGraphic.png update: log errors on bad graphics, and then ignore the file 2019-09-26 22:06:21 +02:00
deploy.TestCase deploy: move server.py to deploy.py and remove aliases 2020-10-21 11:38:49 +02:00
description-parsing.py tests: switch to python3 2016-03-11 13:27:00 +00:00
dummy-keystore.jks added functions for storing/loading signer fingerprints to stats 2017-09-26 14:11:09 +02:00
dump_internal_metadata_format.py use default accepted_formats since all the files are .yml anyway 2020-06-10 10:43:21 +02:00
exception.TestCase added cwd setup boiler-plate to *.TestCase where missing 2018-08-14 10:34:13 +02:00
funding-usernames.yaml update: insert donation links based on FUNDING.yml 2020-06-16 15:35:26 +02:00
gradle-maven-blocks.yaml scanner: fix regex for matching URLs in gradle maven{} blocks 2020-06-10 19:42:23 +02:00
gradle-release-checksums.py gitlab-ci: check gradle checksums against official list 2019-09-12 14:18:07 +02:00
import_proxy.py import: mv reusable functions to common.py to avoid import_proxy.py 2020-03-11 13:41:13 +01:00
import.TestCase import: mv reusable functions to common.py to avoid import_proxy.py 2020-03-11 13:41:13 +01:00
index.TestCase index: generate repo icon if missing, and add tests 2020-10-07 18:56:17 +02:00
install.TestCase added cwd setup boiler-plate to *.TestCase where missing 2018-08-14 10:34:13 +02:00
IsMD5Disabled.java tests: support Java setups where MD5 is not disabled by default 2017-09-19 20:16:08 +02:00
janus.apk update: reject APKs with invalid file sig, probably Janus exploits 2017-12-14 16:57:22 +01:00
keystore.jks tests: add test for correctly handling CVC when archiving 2019-12-24 17:35:54 +01:00
lint.TestCase use default accepted_formats since all the files are .yml anyway 2020-06-10 10:43:21 +02:00
main.TestCase deploy: move server.py to deploy.py and remove aliases 2020-10-21 11:38:49 +02:00
metadata.TestCase pickle -> yaml rename 2020-09-10 18:38:43 +02:00
minimal_targetsdk_30_unsigned.apk publish: use apksigner for signing apks with targetSDK>=30 2020-09-09 18:09:28 +02:00
no_targetsdk_minsdk1_unsigned.apk fallback to minsdk when targetsdk isn't set 2020-09-14 14:12:18 +02:00
no_targetsdk_minsdk30_unsigned.apk fallback to minsdk when targetsdk isn't set 2020-09-14 14:12:18 +02:00
openssl-version-check-test.py update: update openssl KnownVuln scan to handle all recent versions 2017-07-06 13:31:42 +02:00
org.bitbucket.tickytacky.mirrormirror_1.apk update: allow_disabled_algorithms option to keep MD5 sigs in repo 2017-07-03 10:02:51 +02:00
org.bitbucket.tickytacky.mirrormirror_2.apk update: allow_disabled_algorithms option to keep MD5 sigs in repo 2017-07-03 10:02:51 +02:00
org.bitbucket.tickytacky.mirrormirror_3.apk update: allow_disabled_algorithms option to keep MD5 sigs in repo 2017-07-03 10:02:51 +02:00
org.bitbucket.tickytacky.mirrormirror_4.apk update: allow_disabled_algorithms option to keep MD5 sigs in repo 2017-07-03 10:02:51 +02:00
org.dyndns.fules.ck_20.apk use androguard if aapt isn't found 2017-05-04 23:35:17 +02:00
publish.TestCase init: force keystore to PKCS12 format 2020-09-23 16:40:37 +02:00
rewritemeta.TestCase init: force keystore to PKCS12 format 2020-09-23 16:40:37 +02:00
run-tests run-tests: exit with error if no test APKs are found 2020-10-22 09:51:12 +02:00
scanner.TestCase scanner: add test for #759 2020-08-25 21:32:29 +02:00
signatures.TestCase added cwd setup boiler-plate to *.TestCase where missing 2018-08-14 10:34:13 +02:00
SpeedoMeterApp.main_1.apk update: do not crash with androguard when working with apps without icons 2018-03-12 17:55:45 +01:00
test-gradlew-fdroid gradlew-fdroid: fix random failures due to empty $line, closes #815 2020-08-19 16:28:58 +02:00
testcommon.py rough plugin system implementation 2020-06-10 12:11:47 +02:00
update.TestCase purge update.scan_apk_aapt() 2020-10-22 09:53:51 +02:00
urzip-badcert.apk include test cases for python getsig replacement 2014-11-07 09:20:33 +00:00
urzip-badsig.apk include test cases for python getsig replacement 2014-11-07 09:20:33 +00:00
urzip-release-unsigned.apk added test case for common.isApkDebuggable() 2014-12-14 13:25:20 +01:00
urzip-release.apk added test case for common.isApkDebuggable() 2014-12-14 13:25:20 +01:00
urzip.apk tests: try fdroid update after adding an APK to an existing repo 2014-06-04 21:54:55 -04:00
v2.only.sig_2.apk support APK Signature V2 when apksigner is installed 2019-02-01 09:17:56 +01:00
vcs.TestCase fix vcs test 2020-08-25 23:09:28 +02:00