Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.3.0 2020-02-26T17:59:31Z 2020-02-26T17:59:31Z Julian Andres Klode julian.klode@canonical.com 2020-02-26T17:26:13Z urn:sha1:d36b06d7eb300ca5cbee22b4fcedaefc80585da1 2020-02-26T13:32:36Z Julian Andres Klode julian.klode@canonical.com 2020-02-26T13:32:36Z urn:sha1:43b418a68d8e64b4f0220e730ccf7441e2796ea6 2020-02-26T13:19:10Z Julian Andres Klode julian.klode@canonical.com 2020-02-26T13:19:10Z urn:sha1:d77c1c7db760ae21d703b8b0f129379e54918bf7 These were hidden behind the d-pointer previously. 2020-02-26T13:16:17Z Julian Andres Klode julian.klode@canonical.com 2020-02-26T13:15:24Z urn:sha1:d31f807a8d3f031d5efc5c3be9b76f9a9ac22d5d 2019-06-12T13:02:55Z Julian Andres Klode julian.klode@canonical.com 2019-06-12T11:47:46Z urn:sha1:82b881caafa0c82b20db3900f8b76cebd8a393a4 2018-02-19T15:05:01Z Julian Andres Klode julian.klode@canonical.com 2018-01-29T15:15:41Z urn:sha1:9e5899cac1a6367e3769af52a724821880e538f6 By restricting the Date field to be in the past, an attacker cannot just create a repository from the future that would be accepted as a valid update for a repository. This check can be disabled by Acquire::Check-Date set to false. This will also disable Check-Valid-Until and any future date related checking, if any - the option means: "my computers date cannot be trusted." Modify the tests to allow repositories to be up to 10 hours in the future, so we can keep using hours there to simulate time changes. 2017-07-12T11:57:51Z Julian Andres Klode jak@debian.org 2017-07-12T11:40:41Z urn:sha1:87274d0f22e1dfd99b2e5200e2fe75c1b804eac3 This makes it easier to see which headers includes what. The changes were done by running git grep -l '#\s*include' \ | grep -E '.(cc|h)$' \ | xargs sed -i -E 's/(^\s*)#(\s*)include/\1#\2 include/' To modify all include lines by adding a space, and then running ./git-clang-format.sh. 2017-06-28T17:18:47Z David Kalnischkies david@kalnischkies.de 2017-05-28T11:24:33Z urn:sha1:96ebab48c25fcd1ee83729cdba4be8a6343a8766 This gives the repository owner a chance to explain why this change was needed – e.g. explaining the organisational changes or simply detailing the changes in the new release made. Note that this URI is also shown if the change is accepted, so it also draws attention to release notes of minor updates (if users watch apt output closely). 2017-06-28T17:18:47Z David Kalnischkies david@kalnischkies.de 2017-04-12T15:39:06Z urn:sha1:081fbea14d12f79c8d91ce4fe1f1004c7bc08656 The value of Origin, Label, Codename and co can be used in user configuration from apts own pinning to unattended upgrades. A repository changing this values can therefore have serious effects on the behaviour of apt and other tools using these values. In a first step we will generate error messages for these changes now explaining the need for explicit confirmation and provide config options and commandline flags to accept them. 2017-06-26T21:31:15Z David Kalnischkies david@kalnischkies.de 2017-05-28T17:18:30Z urn:sha1:d7c92411dc1f4c6be098d1425f9c1c075e0c2154 If we couldn't find an entry for a Sources file we would generate an error while for a Packages file we would silently skip it due to assuming it is missing because it is empty. We can do better by checking if the repository declares that it supports a component we want to get the file from and if not say so and hint at the user making a typo. An example were this helps is mozilla.debian.net which dropped the firefox-aurora component (as upstream did) meaning no upgrades until the user notices manually that the repository doesn't provide packages anymore. With this commit warnings are raised hopefully causing the user to investigate what is wrong (sooner).