Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.7.2 2023-06-27T17:21:47Z 2023-06-27T17:21:47Z Julian Andres Klode julian.klode@canonical.com 2023-06-27T17:14:43Z urn:sha1:aba813975abb880f8b27d659147f7760c02f99e7 We want to gently steer users towards having Signed-By for each source such that we can retire a shared keyring across sources which improves resilience against configuration issues and incompetent malicious actors. 2023-05-24T09:22:44Z Julian Andres Klode julian.klode@canonical.com 2023-05-17T15:18:33Z urn:sha1:48cbc5413fb2a0e490c2282b9df65da96ad7a9f2 This will attempt to fallback to a per-server setting if we could not determine a value from the release file. 2023-05-02T13:23:14Z Julian Andres Klode julian.klode@canonical.com 2023-02-22T13:14:52Z urn:sha1:a19f606aad717fe5c9c69237c3af53feb547115e Provide snapshot support for offical Debian and Ubuntu archives. There are two ways to enable snapshots for sources: 1. Add Snapshot: yes to your sources file ([snapshot=yes]). This will allow you to specify a snapshot to use when updating or installing using the --snapshot,-S option. 2. Add Snapshot: ID to your sources files to request a specific snapshot for this source. Snapshots are discovered using Label and Origin fields in the Release file of the main source, hence you need to have updated the source at least once before you can use snapshots. The Release file may also declare a snapshots server to use, similar to Changelogs, it can contain a Snapshots field with the values: 1. `Snapshots: https://example.com/@SNAPSHOTID@` where `@SNAPSHOTID@` is a placeholder that is replaced with the requested snapshot id 2. `Snapshots: no` to disable snapshot support for this source. Requesting snapshots for this source will result in a failure to load the source. The implementation adds a SHADOWED option to deb source entries, and marks the main entry as SHADOWED when a snapshot has been requested, which will cause it to be updated, but not included in the generated cache. The concern here was that we need to keep generating the shadowed entries because the cleanup in `apt update` deletes any files not queued for download, so we gotta keep downloading the main source. This design is not entirely optimal, but avoids the pitfalls of having to reimplement list cleanup. Gaps: - Ubuntu Pro repositories and PPAs are not yet supported. 2023-05-02T13:16:54Z Julian Andres Klode julian.klode@canonical.com 2023-04-11T14:37:51Z urn:sha1:3625351722e67903dc34993fe318e50863bd2d31 This runs update before opening the cache and sources.list for installing/upgrading. 2023-02-04T16:56:41Z David Kalnischkies david@kalnischkies.de 2023-01-29T22:24:43Z urn:sha1:9712edf6151308148518058bfbd5ccd937509143 In an ideal world everyone would read release notes, but if the last sources.list change is any indication a lot of people wont. This is even more a problem in so far as apt isn't producing errors for invalid repositories, but instead carries on as normal even through it will not be able to install upgrades for the moved packages. This commit implements two scenarios and prints a notice in those cases pointing to the release notes: a) User has 'non-free' but not 'non-free-firmware' b) User has a firmware package which isn't available from anywhere Both only happen if we are talking about a repository which identifies itself as one of Debian and is for a release codenamed bookworm (or sid). Note that as (usually) apt/oldstable is used to upgrade to the new stable release these suggestions only show for users after they have upgraded to bookworm on apt command line usage after that. 2023-01-29T23:55:30Z David Kalnischkies david@kalnischkies.de 2023-01-29T16:30:28Z urn:sha1:7e7eb113587230aeb9fe745b2eeac44e634999f5 This changes a lot of lines technically, but its easy enough to unfuzzy the translations as most of the mentions are examples to be copied literally in translations (sadly po4a isn't clever enough for this). 2022-07-24T13:44:13Z Julian Andres Klode julian.klode@canonical.com 2022-07-24T13:44:13Z urn:sha1:518746f7e03115eb7bdf894d23e74ae115c8717b 2022-06-28T12:25:18Z Julian Andres Klode julian.klode@canonical.com 2022-06-24T14:09:24Z urn:sha1:db131677bee45c86031d37d7b451e6ece692efb2 This is a lot closer to the original implementation in update-manager, but still has a couple of differences that might cause bugs: - When checking whether a version is a security update, we only check versions in between and not any later version. This happens mostly because we do not know the suite, so we just check if there is any version between the installed version and our target that is a security update - We only keep already installed packages, as we run before the resolver. update-manager first runs the resolver, and then marks for keep all packages that were upgraded or newly installed that are phasing (afaict). This approach has a significant caveat that if you have version 1 installed from a release pocket, version 2 is in security, and version 3 is phasing in updates, that it installs version 3 rather than 2 from security as the policy based implementation does. It also means that apt install does not respect phasing and would always install version 3 in such a scenario. LP: #1979244 2021-11-17T16:32:18Z Julian Andres Klode julian.klode@canonical.com 2021-11-17T15:29:09Z urn:sha1:891efe3b201a104445ea723a3a5b9b434a78c364 Suggesting the removal of Essential and Protected packages as a solution leads to situations where YouTubers end up removing their desktop. Let's not remove such packages ourselves. 2021-10-18T13:37:47Z Julian Andres Klode jak@debian.org 2021-10-18T13:37:47Z urn:sha1:efa3528de4277a3d5195c5ce875e7ee960726239 Add AllowRange option to disable HTTP Range usage See merge request apt-team/apt!188