Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.7.9 2023-12-04T23:35:04Z 2023-12-04T23:35:04Z David Kalnischkies david@kalnischkies.de 2023-12-04T19:49:33Z urn:sha1:0abf584b283e3e0f040b9ec0e7153c6e52291b2a Usually this method will return the package in the most preferred architecture (e.g. native) as that is usually what the user talks about and also information wise for our internal usage the most dense. Early on in parsing Packages files through it can happen that we encounter stanzas about packages in architectures we are not even configured to know about – we have to collect them anyhow as we might be requested to show info about them or they could be in the status file and we can't ignore stanzas in the status file… trouble is that this method used to not return anything if only such an architecture was present if we later discover other architectures which causes Provides and Conflicts which are added lazily on discovery of an architecture to not be added correctly. The result is like in the testcase that apt could be instructed to install a package without respecting its negative dependencies, which is bad even if its discovered by dpkg and refused. It does only happen with unknown architectures through which mostly happens if you are unlucky (amd64 users tend to be very lucky as that sorts early) and use flat-style repositories containing multiple architectures. Reported-By: Tianyu Chen (billchenchina) on IRC 2023-06-27T17:21:47Z Julian Andres Klode julian.klode@canonical.com 2023-06-27T17:14:43Z urn:sha1:aba813975abb880f8b27d659147f7760c02f99e7 We want to gently steer users towards having Signed-By for each source such that we can retire a shared keyring across sources which improves resilience against configuration issues and incompetent malicious actors. 2023-05-24T09:22:44Z Julian Andres Klode julian.klode@canonical.com 2023-05-17T15:18:33Z urn:sha1:48cbc5413fb2a0e490c2282b9df65da96ad7a9f2 This will attempt to fallback to a per-server setting if we could not determine a value from the release file. 2023-05-02T13:23:14Z Julian Andres Klode julian.klode@canonical.com 2023-02-22T13:14:52Z urn:sha1:a19f606aad717fe5c9c69237c3af53feb547115e Provide snapshot support for offical Debian and Ubuntu archives. There are two ways to enable snapshots for sources: 1. Add Snapshot: yes to your sources file ([snapshot=yes]). This will allow you to specify a snapshot to use when updating or installing using the --snapshot,-S option. 2. Add Snapshot: ID to your sources files to request a specific snapshot for this source. Snapshots are discovered using Label and Origin fields in the Release file of the main source, hence you need to have updated the source at least once before you can use snapshots. The Release file may also declare a snapshots server to use, similar to Changelogs, it can contain a Snapshots field with the values: 1. `Snapshots: https://example.com/@SNAPSHOTID@` where `@SNAPSHOTID@` is a placeholder that is replaced with the requested snapshot id 2. `Snapshots: no` to disable snapshot support for this source. Requesting snapshots for this source will result in a failure to load the source. The implementation adds a SHADOWED option to deb source entries, and marks the main entry as SHADOWED when a snapshot has been requested, which will cause it to be updated, but not included in the generated cache. The concern here was that we need to keep generating the shadowed entries because the cleanup in `apt update` deletes any files not queued for download, so we gotta keep downloading the main source. This design is not entirely optimal, but avoids the pitfalls of having to reimplement list cleanup. Gaps: - Ubuntu Pro repositories and PPAs are not yet supported. 2023-05-02T13:16:54Z Julian Andres Klode julian.klode@canonical.com 2023-04-11T14:37:51Z urn:sha1:3625351722e67903dc34993fe318e50863bd2d31 This runs update before opening the cache and sources.list for installing/upgrading. 2023-02-04T16:56:41Z David Kalnischkies david@kalnischkies.de 2023-01-29T22:24:43Z urn:sha1:9712edf6151308148518058bfbd5ccd937509143 In an ideal world everyone would read release notes, but if the last sources.list change is any indication a lot of people wont. This is even more a problem in so far as apt isn't producing errors for invalid repositories, but instead carries on as normal even through it will not be able to install upgrades for the moved packages. This commit implements two scenarios and prints a notice in those cases pointing to the release notes: a) User has 'non-free' but not 'non-free-firmware' b) User has a firmware package which isn't available from anywhere Both only happen if we are talking about a repository which identifies itself as one of Debian and is for a release codenamed bookworm (or sid). Note that as (usually) apt/oldstable is used to upgrade to the new stable release these suggestions only show for users after they have upgraded to bookworm on apt command line usage after that. 2023-01-29T23:55:30Z David Kalnischkies david@kalnischkies.de 2023-01-29T16:30:28Z urn:sha1:7e7eb113587230aeb9fe745b2eeac44e634999f5 This changes a lot of lines technically, but its easy enough to unfuzzy the translations as most of the mentions are examples to be copied literally in translations (sadly po4a isn't clever enough for this). 2022-07-24T13:44:13Z Julian Andres Klode julian.klode@canonical.com 2022-07-24T13:44:13Z urn:sha1:518746f7e03115eb7bdf894d23e74ae115c8717b 2022-06-28T12:25:18Z Julian Andres Klode julian.klode@canonical.com 2022-06-24T14:09:24Z urn:sha1:db131677bee45c86031d37d7b451e6ece692efb2 This is a lot closer to the original implementation in update-manager, but still has a couple of differences that might cause bugs: - When checking whether a version is a security update, we only check versions in between and not any later version. This happens mostly because we do not know the suite, so we just check if there is any version between the installed version and our target that is a security update - We only keep already installed packages, as we run before the resolver. update-manager first runs the resolver, and then marks for keep all packages that were upgraded or newly installed that are phasing (afaict). This approach has a significant caveat that if you have version 1 installed from a release pocket, version 2 is in security, and version 3 is phasing in updates, that it installs version 3 rather than 2 from security as the policy based implementation does. It also means that apt install does not respect phasing and would always install version 3 in such a scenario. LP: #1979244 2021-11-17T16:32:18Z Julian Andres Klode julian.klode@canonical.com 2021-11-17T15:29:09Z urn:sha1:891efe3b201a104445ea723a3a5b9b434a78c364 Suggesting the removal of Essential and Protected packages as a solution leads to situations where YouTubers end up removing their desktop. Let's not remove such packages ourselves.