apt/apt-pkg/deb, branch 1.2.3Debians commandline package managerhttps://git.kalnischkies.de/apt/atom?h=1.2.32016-01-27T15:39:52Zonly warn about missing/invalid Date field for now2016-01-27T15:39:52ZDavid Kalnischkiesdavid@kalnischkies.de2016-01-27T14:28:17Zurn:sha1:6fc2e03084c7e027c2b9a63c1fe99ff743aae3b6
The Date field in the Release file is useful to avoid allowing an
attacker to 'downgrade' a user to earlier Release files (and hence to
older states of the archieve with open security bugs). It is also needed
to allow a user to define min/max values for the validation of a Release
file (with or without the Release file providing a Valid-Until field).
APT wasn't formally requiring this field before through and (agrueable
not binding and still incomplete) online documentation declares it
optional (until now), so we downgrade the error to a warning for now to
give repository creators a bit more time to adapt – the bigger ones
should have a Date field for years already, so the effected group should
be small in any case.
It should be noted that earlier apt versions had this as an error
already, but only showed it if a Valid-Until field was present (or the
user tried to used the configuration items for min/max valid-until).
Closes: 809329
convert Version() and Architecture() to APT::StringView2016-01-26T22:18:05ZDavid Kalnischkiesdavid@kalnischkies.de2016-01-26T22:18:05Zurn:sha1:8efd5947bf7de0fc3db51b4871bcf3522018761d
Part of hidden classes, so conversion is abi-free.
Git-Dch: Ignore
remove unused Description methods in listparsers2016-01-26T20:58:57ZDavid Kalnischkiesdavid@kalnischkies.de2016-01-26T20:58:57Zurn:sha1:02ceb810fe0de9b267a8b6a302505967afce6b5a
These virtual methods are implemented in hidden classes, so we can drop
them without breaking the ABI.
Git-Dch: Ignore
parse version correctly from binary Source field2016-01-26T18:17:11ZDavid Kalnischkiesdavid@kalnischkies.de2016-01-26T18:17:11Zurn:sha1:d17f2b1b748c8d297474707cfc9706f673ef0346
In commit a221efc331693f8905da870141756c892911c433 I promoted the source
package name and version to the binary cache for faster access by e.g.
EDSP, but due to changing the interpretation length to soon we always
ignored the version part of the Source field, so that packages ended up
having the binary version as source version – which while usually just
fine it is wrong for binary rebuilds.
Closes: 812492
reimplement build-dep via apts normal resolver2016-01-25T17:15:44ZDavid Kalnischkiesdavid@kalnischkies.de2016-01-21T22:22:00Zurn:sha1:a249b3e6fd798935a02b769149c9791a6fa6ef16
build-dep was implemented by parsing the build-dependencies of a package
and figuring out which packages to install/remove based on this. That
means that for the first level of dependencies build-dep was
implementing its very own resolver with all the benefits (aka: bugs)
this gives us for not using the existing resolver for all levels.
Making this work involves generating a dummy binary package with fitting
Depends and Conflicts and as we can't create them out of thin air the
cache generation needs to be involved so we end up writing a Packages
file which we want to parse – after we have parsed the other Packages
files already. With .dsc/.deb files we could add them before we started
parsing anything.
With a bit of care we can avoid generating too much data we have to
throw away again (as many parts assume that e.g. the count of packages
doesn't change midair), so that on a speed front there shouldn't be
much of a difference, but output can be slightly confusing as if we have
a completely valid cache on disk the "Reading package lists... Done" is
printed two times – but apt is pretty quick about it in that case.
Closes: #137560, #444930, #489911, #583914, #728317, #812173
treat an empty dependency field just like it doesn't exist2016-01-25T17:15:44ZDavid Kalnischkiesdavid@kalnischkies.de2016-01-20T11:24:48Zurn:sha1:bc6b2bfa08fe5fb8eff65d04d81302d161956641
Git-Dch: Ignore
Use c++11 for loop in AptHistoryRequestingUser2016-01-25T16:17:54ZMichael Vogtmvo@debian.org2016-01-25T16:17:54Zurn:sha1:48fe8dff592f6769bf2c67b8e7befd7091068f7d
Git-Dch: ignore
Store "Requested-By" user in history.log in a simpler format2016-01-25T15:49:48ZMichael Vogtmvo@debian.org2016-01-25T15:49:48Zurn:sha1:46e88ba252230858abe891d5815fce884d3cf35d
Git-Dch: ignore
Thanks: David Kalnischkies
Log calling SUDO_USER or PKEXEC_UID in history.log2016-01-25T13:44:42ZMichael Vogtmvo@debian.org2016-01-25T13:44:42Zurn:sha1:a6fd0c5cc412afd5dac7a9952cab741e48342488
Thanks: Thomas Reusch
use APT::StringView for GrabWord2016-01-15T17:19:16ZDavid Kalnischkiesdavid@kalnischkies.de2016-01-15T16:54:43Zurn:sha1:3b4045fc31baf3aa580bd695695d579c30a481b8
Git-Dch: Ignore