Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.7.0_alpha1 2018-05-24T12:31:31Z 2018-05-24T12:31:31Z Julian Andres Klode julian.klode@canonical.com 2018-05-24T12:31:31Z urn:sha1:329a4a6159f1972ff5ec7bc2db26430f26dc61f3 120s is an insanely high default time out, lower it to 30s to make things a bit nicer. 2018-05-07T11:41:31Z Guillem Jover guillem@debian.org 2018-05-06T20:32:41Z urn:sha1:164f1b78d1849a0f33df7352875f86e28f5de06a Prompted-by: Jakub Wilk <jwilk@debian.org> 2018-03-12T07:56:59Z Julian Andres Klode julian.klode@canonical.com 2018-03-08T08:33:39Z urn:sha1:4de4200ec2717e777bbf99ed82d1b4344f078ec2 zstd is a compression algorithm developed by facebook. At level 19, it is about 6% worse in size than xz -6, but decompression is multiple times faster, saving about 40% install time, especially with eatmydata on cloud instances. 2018-02-19T15:06:06Z Julian Andres Klode jak@debian.org 2018-02-19T15:06:06Z urn:sha1:928ecff984be22632c27a69e072741e74491292c Check that Date of Release file is not in the future See merge request apt-team/apt!3 2018-02-19T15:05:01Z Julian Andres Klode julian.klode@canonical.com 2018-01-29T15:15:41Z urn:sha1:9e5899cac1a6367e3769af52a724821880e538f6 By restricting the Date field to be in the past, an attacker cannot just create a repository from the future that would be accepted as a valid update for a repository. This check can be disabled by Acquire::Check-Date set to false. This will also disable Check-Valid-Until and any future date related checking, if any - the option means: "my computers date cannot be trusted." Modify the tests to allow repositories to be up to 10 hours in the future, so we can keep using hours there to simulate time changes. 2018-02-19T14:56:09Z David Kalnischkies david@kalnischkies.de 2018-02-02T18:14:09Z urn:sha1:b3e7a16265e7c6c3b6892b9ec8a787d692ced6e6 The interesting takeaway here is perhaps that 'chmod +w' is effected by the umask – obvious in hindsight of course. The usual setup helps with hiding that applying that recursively on all directories (and files) isn't correct. Ensuring files will not be stored with the wrong permissions even if in strange umask contexts is trivial in comparison. Fixing the test also highlighted that it wasn't bulletproof as apt will automatically fix the permissions of the directories it works with, so for this test we actually need to introduce a shortcut in the code. Reported-By: Ubuntu autopkgtest CI 2018-02-19T14:56:09Z David Kalnischkies david@kalnischkies.de 2018-01-25T16:14:49Z urn:sha1:887e331abb6ac0a850e5d53de55f43c9ebdee5a2 2018-01-03T17:55:41Z David Kalnischkies david@kalnischkies.de 2017-11-22T23:58:00Z urn:sha1:c28682430a27f75ceb8cc8dff78b3a560fd68399 Same reasoning as with the previous commit for http with the added benefit of moving the hard to discover and untranslated example config into a manpage which could be translated. 2018-01-03T14:31:36Z Julian Andres Klode jak@debian.org 2018-01-02T21:15:50Z urn:sha1:3bbd328396745d0dd6c5585935040082a2c41e3e Try establishing connections in alternating address families in rapid intervals of 250 ms, adding more connections to the wait list until one succeeds (RFC 8305, happy eyeballs 2). It is important that WaitAndCheckErrors() waits until it has a successful connection, a time out, or all connections failed - otherwise the timing between tries might be wrong, and the final long wait might exit early because one connection failed without trying the others. Timing wise, this only works correctly on Linux, as select() counts down there. But we rely on that in some other places too, so this is not the time to fix that. Timeouts are only reported in the final long wait - the short inner waits are expected to time out more often, and multiple times, we do not want to report them. Closes: #668948 LP: #1308200 Gbp-Dch: paragraph 2017-10-25T22:02:33Z Julian Andres Klode jak@debian.org 2017-10-25T21:16:09Z urn:sha1:39656a6f79e48f86d31c53a939481c07aceca352 This should help debugging crashes. The signal handler is a C++11 lambda, yay! Special care has been taken to only use signal handler -safe functions inside there.