apt/apt-pkg/deb, branch 1.3_exp1Debians commandline package managerhttps://git.kalnischkies.de/apt/atom?h=1.3_exp12016-05-10T17:09:19ZStrip trailing commas for created signed-by fingerprint lists2016-05-10T17:09:19ZJulian Andres Klodejak@debian.org2016-05-10T17:09:19Zurn:sha1:c7b7d4da7f8b8edd9c3d6b13f0b935853ad8a039
This prevented some sources.list entries from working, an example
of which can be found in the test.
implement Identifier field for IndexTargets2016-05-08T16:15:28ZDavid Kalnischkiesdavid@kalnischkies.de2016-05-08T16:03:48Zurn:sha1:39c724b4848ef8d85c8c425f982dda85f0df1277
A frontend like apt-file is only interested in a specific set of files
and selects those easily via "Created-By". If it supports two locations
for those files through it would need to select both and a user would
need to know that implementation detail for sources.list configuration.
The "Identifier" field is hence introduced which by default has the same
value as "Created-By", but can be freely configured – especially it can
be used to give two indexes the same identifier.
implement Fallback-Of for IndexTargets2016-05-08T11:39:32ZDavid Kalnischkiesdavid@kalnischkies.de2016-05-08T09:58:36Zurn:sha1:7f2d1eef183dbebaaabe07a296d9a97e9cfd0f4a
Sometimes index files are in different locations in a repository as it
is currently the case for Contents files which are per-component in
Debian, but aren't in Ubuntu. This has historic reasons and is perhaps
changed soon, but such cases of transitions can always happen in the
future again, so we should prepare:
Introduced is a new field declaring that the current item should only be
downloaded if the mentioned item wasn't allowing for transitions without
a flagday in clients and archives.
This isn't implemented 'simpler' with multiple MetaKeys as items (could)
change their descriptions and perhaps also other configuration bits with
their location.
download arch:all also for NATIVE_ARCHITECTURE indextargets2016-05-07T14:45:35ZDavid Kalnischkiesdavid@kalnischkies.de2016-05-07T14:45:35Zurn:sha1:7c1dca1439b956a085b09c73fdbe5a66af20241b
It looks a bit strange on the outside to have multiple "native
architecture", but all is considered an implementation detail and e.g.
packages of arch:all are in dependency resolution equal to native
packages.
don't construct MetaIndex acquire items with IndexTargets2016-05-07T12:52:08ZDavid Kalnischkiesdavid@kalnischkies.de2016-05-07T12:52:08Zurn:sha1:a8f565d3f69e6dba59195469959106da3eb8f33f
We don't have to initialize the Release files with a set of IndexTargets
to acquire, but instead wait for the Release file to be acquired and
only then ask which IndexTargets to get.
Git-Dch: Ignore
let DPKG_COLORS default to our APT::Color setting2016-05-03T12:19:29ZDavid Kalnischkiesdavid@kalnischkies.de2016-05-03T12:11:30Zurn:sha1:ad24ea39b5dd0ce990a20a60b888511261ec21e1
dpkg can optionally colorize its output since 1.18.5. Currently this
defaults to 'never', but it will eventually be 'auto'. It seems
reasonable to assume that a user who has enabled/disabled colors in apt
will want to have dpkg have the same state regarding color usage.
This isn't overriding explicit settings by the user, so in case a user
feels strongly about it one way or the other there are options.
support Signed-By in Release files as a sort of HPKP2016-05-01T08:50:24ZDavid Kalnischkiesdavid@kalnischkies.de2016-04-29T14:48:16Zurn:sha1:89901946f936446f439b95f1a9a85ac942ac2c92
Users have the option since apt >= 1.1 to enforce that a Release file is
signed with specific key(s) either via keyring filename or fingerprints.
This commit adds an entry with the same name and value (except that it
doesn't accept filenames for obvious reasons) to the Release file so
that the repository owner can set a default value for this setting
effecting the *next* Release file, not the current one, which provides a
functionality similar "HTTP Public Key Pinning". The pinning is in
effect as long as the (then old) Release file is considered valid, but
it is also ignored if the Release file has no Valid-Until at all.
support multiple fingerprints in signed-by2016-05-01T08:50:24ZDavid Kalnischkiesdavid@kalnischkies.de2016-04-29T08:16:42Zurn:sha1:46e00c9062d09a642973e83a334483db1f310397
A keyring file can include multiple keys, so its only fair for
transitions and such to support multiple fingerprints as well.
don't leak on error in listparser creation2016-04-03T12:44:47ZDavid Kalnischkiesdavid@kalnischkies.de2016-03-25T12:08:06Zurn:sha1:c48ef8942d87388a67af9e2cad92171aca3be731
Git-Dch: Ignore
Reported-By: gcc -fsanitize=address
drop confusing comma from no strong hash message2016-03-25T08:31:42ZDavid Kalnischkiesdavid@kalnischkies.de2016-03-25T08:31:42Zurn:sha1:a2025a9a307bf4796e90623b002a7fa80ae814ef