Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.3_pre3 2016-07-30T08:14:47Z 2016-07-30T08:14:47Z David Kalnischkies david@kalnischkies.de 2016-07-30T07:57:50Z urn:sha1:7303e11ff28f920a6277c159aa46f80c007350bb Followup of b58e2c7c56b1416a343e81f9f80cb1f02c128e25. Still a regression of sorts of 8b79c94af7f7cf2e5e5342294bc6e5a908cacabf. Closes: 832044 2016-07-22T14:05:09Z David Kalnischkies david@kalnischkies.de 2016-07-22T11:04:47Z urn:sha1:01047752b34486607665db99afffa595cb2d43ce If the sources file we want to edit doesn't exist yet GetLock will create it with 640, which for a generic lockfile might be okay, but as this is a sources file more relaxed permissions are in order – and actually required as it wont be readable for unprivileged users causing warnings/errors in apt calls. Reported-By: J. Theede (musca) on IRC 2016-07-22T14:05:09Z David Kalnischkies david@kalnischkies.de 2016-07-22T10:33:45Z urn:sha1:503c7d594125f963b92047ad2d9d0644f39136c7 After editing the sources it is a good idea to (re)built the caches as they will be out-of-date and doing so helps in reporting higherlevel errors like duplicates sources.list entries, too, instead of just general parsing errors as before. 2016-07-22T14:05:09Z David Kalnischkies david@kalnischkies.de 2016-07-08T13:59:23Z urn:sha1:92296fe4b0862a04ea3d965b4cd2d4a420e3be9f We support installing ./foo.deb (and ./foo.dsc for source) for a while now, but it can be a bit clunky to work with those directly if you e.g. build packages locally in a 'central' build-area. The changes files also include hashsums and can be signed, so this can also be considered an enhancement in terms of security as a user "just" has to verify the signature on the changes file then rather than checking all deb files individually in these manual installation procedures. 2016-06-29T10:17:41Z David Kalnischkies david@kalnischkies.de 2016-06-29T07:16:53Z urn:sha1:8e99b22c31eb47d0422e9a69e83dc99bb315ded8 Julian noticed on IRC that I fall victim to a lovely false friend by calling referring to a 'planer' all the time even through these are machines to e.g. remove splinters from woodwork ("make stuff plane"). The term I meant is written in german in this way (= with a single n) but in english there are two, aka: 'planner'. As that is unreleased code switching all instances without any transitional provisions. Also the reason why its skipped in changelog. Thanks: Julian Andres Klode Gbp-Dch: Ignore 2016-06-27T09:57:12Z David Kalnischkies david@kalnischkies.de 2016-05-28T13:40:59Z urn:sha1:f74d99c6a78caafdc6e32d8cb135683b7154795c Testing the current implementation can benefit from being able to be feed an EIPP request and produce a fully compliant response. It is also a great test for EIPP in general. 2016-06-27T09:43:09Z David Kalnischkies david@kalnischkies.de 2016-05-14T16:07:12Z urn:sha1:7b197262212f49b3b355b1124edf2ba9adb73411 The very first step in introducing the "external installation planer protocol" (short: EIPP) as part of my GSoC2016 project. The description reads: APT-based tools like apt-get, aptitude, synaptic, … work with the user to figure out how their system should look like after they are done installing/removing packages and their dependencies. The actual installation/removal of packages is done by dpkg with the constrain that dependencies must be fulfilled at any point in time (e.g. to run maintainer scripts). Historically APT has a super micro-management approach to this task which hasn't aged that well over the years mostly ignoring changes in dpkg and growing into an unmaintainable mess hardly anyone can debug and everyone fears to touch – especially as more and more requirements are tacked onto it like handling cycles and triggers, dealing with "important" packages first, package sources on removable media, touch minimal groups to be able to interrupt the process if needed (e.g. unattended-upgrades) which not only sky-rocket complexity but also can be mutually exclusive as you e.g. can't have minimal groups and minimal trigger executions at the same time. 2016-06-23T07:02:54Z David Kalnischkies david@kalnischkies.de 2016-06-23T06:56:22Z urn:sha1:ae2a6be8a2155c136f9535abfbcc750c8c395cd2 Closes: 825216 2016-06-22T12:05:01Z David Kalnischkies david@kalnischkies.de 2016-06-20T18:50:43Z urn:sha1:d03b947b0ce4f87d7d5cc48d4d274ab3bd0b289a Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories. 2016-06-22T12:05:01Z David Kalnischkies david@kalnischkies.de 2016-06-18T07:59:08Z urn:sha1:60a0cb424e91acebc2bba0f9add220b474e432e6 If apt decides it can't download a file it is relatively pointless to try to tell dpkg-source to unpack it.