Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.7.3 2023-06-27T17:21:47Z 2023-06-27T17:21:47Z Julian Andres Klode julian.klode@canonical.com 2023-06-27T17:14:43Z urn:sha1:aba813975abb880f8b27d659147f7760c02f99e7 We want to gently steer users towards having Signed-By for each source such that we can retire a shared keyring across sources which improves resilience against configuration issues and incompetent malicious actors. 2023-05-02T13:23:14Z Julian Andres Klode julian.klode@canonical.com 2023-02-22T13:14:52Z urn:sha1:a19f606aad717fe5c9c69237c3af53feb547115e Provide snapshot support for offical Debian and Ubuntu archives. There are two ways to enable snapshots for sources: 1. Add Snapshot: yes to your sources file ([snapshot=yes]). This will allow you to specify a snapshot to use when updating or installing using the --snapshot,-S option. 2. Add Snapshot: ID to your sources files to request a specific snapshot for this source. Snapshots are discovered using Label and Origin fields in the Release file of the main source, hence you need to have updated the source at least once before you can use snapshots. The Release file may also declare a snapshots server to use, similar to Changelogs, it can contain a Snapshots field with the values: 1. `Snapshots: https://example.com/@SNAPSHOTID@` where `@SNAPSHOTID@` is a placeholder that is replaced with the requested snapshot id 2. `Snapshots: no` to disable snapshot support for this source. Requesting snapshots for this source will result in a failure to load the source. The implementation adds a SHADOWED option to deb source entries, and marks the main entry as SHADOWED when a snapshot has been requested, which will cause it to be updated, but not included in the generated cache. The concern here was that we need to keep generating the shadowed entries because the cleanup in `apt update` deletes any files not queued for download, so we gotta keep downloading the main source. This design is not entirely optimal, but avoids the pitfalls of having to reimplement list cleanup. Gaps: - Ubuntu Pro repositories and PPAs are not yet supported. 2023-05-02T13:16:54Z Julian Andres Klode julian.klode@canonical.com 2023-04-11T14:37:51Z urn:sha1:3625351722e67903dc34993fe318e50863bd2d31 This runs update before opening the cache and sources.list for installing/upgrading. 2023-02-04T16:56:41Z David Kalnischkies david@kalnischkies.de 2023-01-29T22:24:43Z urn:sha1:9712edf6151308148518058bfbd5ccd937509143 In an ideal world everyone would read release notes, but if the last sources.list change is any indication a lot of people wont. This is even more a problem in so far as apt isn't producing errors for invalid repositories, but instead carries on as normal even through it will not be able to install upgrades for the moved packages. This commit implements two scenarios and prints a notice in those cases pointing to the release notes: a) User has 'non-free' but not 'non-free-firmware' b) User has a firmware package which isn't available from anywhere Both only happen if we are talking about a repository which identifies itself as one of Debian and is for a release codenamed bookworm (or sid). Note that as (usually) apt/oldstable is used to upgrade to the new stable release these suggestions only show for users after they have upgraded to bookworm on apt command line usage after that. 2022-09-02T21:37:58Z David Kalnischkies david@kalnischkies.de 2022-09-02T09:07:58Z urn:sha1:e1f332324f81b589561a9d9bce8a55d4895f26ec The command line is evaluated in two steps: First all packages given are marked for install and as a second step the resolver is started on all of them in turn to get their dependencies installed. This is done so a user can provide a non-default choice on the command line and have it respected regardless of where on the command line it appears. On the other hand, the order in which dependencies are resolved can matter, so instead of using a "random" order, we now do this in the order given on the command line, so if you e.g. have a meta package pulling in non-default choices and mention it first the choices are respected predictably instead of depending on first appearance of the package name while creating the binary cache. I might have "broken" this more than a decade ago while introducing the reworked command line parsing for Multi-Arch, which also brought in the split into the two steps mentioned above which was the far more impactful 'respect user choice' change. This one should hardly matter in practice, but as the tests show, order can have surprising side effects. 2022-09-02T20:32:59Z David Kalnischkies david@kalnischkies.de 2022-08-31T14:08:54Z urn:sha1:009cf61122b7a0ac22b541035a26e6092c9ac529 Reported-By: gcc Gbp-Dch: Ignore 2022-08-08T08:22:50Z David Kalnischkies david@kalnischkies.de 2022-06-09T07:38:04Z urn:sha1:dc25210d889ebbcdfe96bd814a355961e80bccb3 Support for envvar NO_COLOR was added in 2.3.11, but with our own options we can also be a tiny bit more sensible in not overriding an explicit choice to disable colors. References: 400a6895566b67d70bcde43dc8a1cc1c7121f87d 2022-07-11T14:37:35Z Julian Andres Klode julian.klode@canonical.com 2022-07-08T11:37:41Z urn:sha1:e481022470322b50a3289d2397b42b6eeacfc6e7 Because the auto installer now also marks other binaries in the package for upgrade, we do need to run it or we don't mark those for upgrade. 2022-05-07T08:45:44Z David Kalnischkies david@kalnischkies.de 2022-04-22T15:05:36Z urn:sha1:320245536a7ad21606286d9dcf54acf3bdf096c6 Some of our headers use APT_COMPILING_APT trickery to avoid exposing too broadly details we don't want external clients to know and make use of. The flip-side is that this can lead to different compilation units seeing different definitions if they aren't all using the same config. 2022-05-07T08:45:44Z David Kalnischkies david@kalnischkies.de 2022-04-21T01:01:22Z urn:sha1:8fd65748589bb1e0b671d4a291521bfba1664c5c Our public interface doesn't use zlib for quite a while now so lets drop the last remnants as hopefully nobody depends on us bringing it in… Unlike our own private lib for transitive provision of unistd.h. References: 680b916ce7203a40ebd0a3882b9a71ca77278a67