Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.7.3 2023-08-02T10:04:32Z 2023-08-02T10:04:32Z Julian Andres Klode julian.klode@canonical.com 2023-08-01T11:59:09Z urn:sha1:5576e7f76da73f3f5217f90d816cc19b6c0a5a77 If we know both SHA256, and they're different, the packages are. This approach stores the SHA256 only at runtime, avoiding the overhead of storing it on-disk, because when we update repositories we update all of them anyhow. Note that pkgCacheGenerator is hidden, so we can just modify its ABI, hooray. Closes: #931175 LP: #2029268 2023-07-12T14:49:19Z Julian Andres Klode julian.klode@canonical.com 2023-06-27T15:11:06Z urn:sha1:5dcb36e7af4bd65211ac4937e5e7feac8c85683c We did not handle multiple components properly, add a contrib component to the test case. 2023-06-27T17:21:47Z Julian Andres Klode julian.klode@canonical.com 2023-06-27T17:14:43Z urn:sha1:aba813975abb880f8b27d659147f7760c02f99e7 We want to gently steer users towards having Signed-By for each source such that we can retire a shared keyring across sources which improves resilience against configuration issues and incompetent malicious actors. 2023-05-24T09:25:33Z Julian Andres Klode julian.klode@canonical.com 2023-05-24T09:22:34Z urn:sha1:4000ee2f9064623e096d975489aec35c99982437 Separate the determination of the next level domain into its own function and split out the "we found a result" into its own break for improved readability. 2023-05-24T09:22:44Z Julian Andres Klode julian.klode@canonical.com 2023-05-24T09:07:26Z urn:sha1:4e35e5079f589700b4b5f1fc00787144bc1c58bf 2023-05-24T09:22:44Z Julian Andres Klode julian.klode@canonical.com 2023-05-17T15:18:33Z urn:sha1:48cbc5413fb2a0e490c2282b9df65da96ad7a9f2 This will attempt to fallback to a per-server setting if we could not determine a value from the release file. 2023-05-02T13:23:14Z Julian Andres Klode julian.klode@canonical.com 2023-02-22T13:14:52Z urn:sha1:a19f606aad717fe5c9c69237c3af53feb547115e Provide snapshot support for offical Debian and Ubuntu archives. There are two ways to enable snapshots for sources: 1. Add Snapshot: yes to your sources file ([snapshot=yes]). This will allow you to specify a snapshot to use when updating or installing using the --snapshot,-S option. 2. Add Snapshot: ID to your sources files to request a specific snapshot for this source. Snapshots are discovered using Label and Origin fields in the Release file of the main source, hence you need to have updated the source at least once before you can use snapshots. The Release file may also declare a snapshots server to use, similar to Changelogs, it can contain a Snapshots field with the values: 1. `Snapshots: https://example.com/@SNAPSHOTID@` where `@SNAPSHOTID@` is a placeholder that is replaced with the requested snapshot id 2. `Snapshots: no` to disable snapshot support for this source. Requesting snapshots for this source will result in a failure to load the source. The implementation adds a SHADOWED option to deb source entries, and marks the main entry as SHADOWED when a snapshot has been requested, which will cause it to be updated, but not included in the generated cache. The concern here was that we need to keep generating the shadowed entries because the cleanup in `apt update` deletes any files not queued for download, so we gotta keep downloading the main source. This design is not entirely optimal, but avoids the pitfalls of having to reimplement list cleanup. Gaps: - Ubuntu Pro repositories and PPAs are not yet supported. 2022-09-02T14:55:45Z David Kalnischkies david@kalnischkies.de 2022-09-01T13:14:52Z urn:sha1:f52c1ce9b31befb71016a20759b96b4946034fcb Not having a dpkg/status file used to be a hard error which from a boostrap perspective is suspect as in the beginning, there is no status so you would need to touch it into existence. We make a difference between factual non-existence and inaccessibility to catch mistakes in which the file is not readable for some reason, the testcase test-bug-254770-segfault-if-cache-not-buildable is an example of this. Note that apt has already figured out at this point that this is a Debian-like system which should have a dpkg/status file. This change does not effect the auto-detection and is not supposed to. 2022-09-02T14:55:45Z David Kalnischkies david@kalnischkies.de 2022-08-31T14:26:48Z urn:sha1:49f9cfba5567cd034bf729a63b3f6e9badd9bc35 Failing to properly create the status file class should be reported back to the caller so it can proceed accordingly instead of proceeding into more failures. This gives us: E: flAbsPath on /var/lib/dpkg/status failed - realpath (2: No such file or directory) E: The package lists or status file could not be parsed or opened. instead of: E: flAbsPath on /var/lib/dpkg/status failed - realpath (2: No such file or directory) E: Could not open file - open (2: No such file or directory) E: Problem opening E: The package lists or status file could not be parsed or opened. and valgrind reporting actions on uninitialised values. 2022-04-01T12:16:19Z David Kalnischkies david@kalnischkies.de 2022-04-01T09:37:26Z urn:sha1:05fae6fae95d8ef6690f3d56863e3bb6a44d424c We abstract hashes a fair bit to be able to add new ones eventually, which lead us to building the field names on the fly. We can do better through by keeping a central place for these names, too, which even helps in reducing code as we don't need the MD5 → Files dance anymore.