apt/apt-pkg, branch 1.5

apt/apt-pkg, branch 1.5_alpha1 Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.5_alpha1 2017-06-28T17:50:26Z Strip 0: epochs from the version hash 2017-06-28T17:50:26Z Julian Andres Klode jak@debian.org 2017-06-26T16:44:56Z urn:sha1:6edfda8b45dee7e1202f723b98fa962c38554c51 This should fix some issues with dpkg normalizing such values. Suprisingly enough apt treats the Version: field the same, even with epoch vs without, but not when searching, and does not strip the 0: from the output. allow frontends to override releaseinfo change behaviour 2017-06-28T17:18:47Z David Kalnischkies david@kalnischkies.de 2017-05-28T14:55:45Z urn:sha1:ca8da1bf83ecc90ba882520b79c1cda03ee7485d Having messages being printed on the error stack and confirm them by commandline flags is an okayish first step, but some frontends will probably want to have a more interactive feeling here with a proper question the user can just press yes/no for as for some frontends a commandline flag makes no sense… show a Release-Notes URI if infos were changed 2017-06-28T17:18:47Z David Kalnischkies david@kalnischkies.de 2017-05-28T11:24:33Z urn:sha1:96ebab48c25fcd1ee83729cdba4be8a6343a8766 This gives the repository owner a chance to explain why this change was needed – e.g. explaining the organisational changes or simply detailing the changes in the new release made. Note that this URI is also shown if the change is accepted, so it also draws attention to release notes of minor updates (if users watch apt output closely). error in update on Release information changes 2017-06-28T17:18:47Z David Kalnischkies david@kalnischkies.de 2017-04-12T15:39:06Z urn:sha1:081fbea14d12f79c8d91ce4fe1f1004c7bc08656 The value of Origin, Label, Codename and co can be used in user configuration from apts own pinning to unattended upgrades. A repository changing this values can therefore have serious effects on the behaviour of apt and other tools using these values. In a first step we will generate error messages for these changes now explaining the need for explicit confirmation and provide config options and commandline flags to accept them. fix some unlikely memory leaks in error cases 2017-06-26T21:31:15Z David Kalnischkies david@kalnischkies.de 2017-06-26T15:47:38Z urn:sha1:f68167a0e55c7261c9e61f0f39945cd0e908dabb The error cases are just as unlikely as the memory leaks to ever cause real problems, but lets play it safe for correctness. Reported-By: scan-build & clang Gbp-Dch: Ignore fail InRelease on non-404 HTTP errorcodes 2017-06-26T21:31:15Z David Kalnischkies david@kalnischkies.de 2017-05-29T10:37:08Z urn:sha1:cbbf185c3c55effe47f218a07e7b1f324973a8a6 There are very many HTTP errorcodes which indicate that the repository isn't available at the moment or the connection has some kind of problem. Given that we do not require Release files the result was that these errors were ignored and the user presented with a message like "Repository is no longer signed" which sends the user in the wrong direction. Instead of trying to figure out which http errorcodes indicate a global problem we accept only 404 for ignoring and consider all the rest as hard errors now causing us to stop instantly after the InRelease file and print the errorcode (with short description from server) received. show .diff/Index properly as ignored if we fallback 2017-06-26T21:31:15Z David Kalnischkies david@kalnischkies.de 2017-05-28T20:26:17Z urn:sha1:188f297a2af4c15cb1d502360d1e478644b5b810 Moving the code responsible for parsing the Index file from ::Done into the slightly earlier ::VerifyDone allows us to still "fail" the download if we can't make use of the Index for whatever reason, so that the progress log correctly displays "Ign" instead of "Get" for the file. This also makes quiet a few debug messages proper error messages (but those are still hidden by default for Ign lines). warn if an expected file can't be acquired 2017-06-26T21:31:15Z David Kalnischkies david@kalnischkies.de 2017-05-28T17:18:30Z urn:sha1:d7c92411dc1f4c6be098d1425f9c1c075e0c2154 If we couldn't find an entry for a Sources file we would generate an error while for a Packages file we would silently skip it due to assuming it is missing because it is empty. We can do better by checking if the repository declares that it supports a component we want to get the file from and if not say so and hint at the user making a typo. An example were this helps is mozilla.debian.net which dropped the firefox-aurora component (as upstream did) meaning no upgrades until the user notices manually that the repository doesn't provide packages anymore. With this commit warnings are raised hopefully causing the user to investigate what is wrong (sooner). clean archives without changing directory 2017-06-26T21:31:15Z David Kalnischkies david@kalnischkies.de 2017-04-28T16:18:28Z urn:sha1:6829c5420b4c2e434489e837cad6f3fd09fa3ab3 Adopting this change in other frontends will require source changes as well similar to our own changes in apt-private/. ident a CD without changing directory 2017-06-26T21:31:15Z David Kalnischkies david@kalnischkies.de 2017-04-28T15:43:29Z urn:sha1:e91dd46e3f65517ed9dbc6e431a56112a403cb3e