Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.3_exp3 2016-06-22T12:51:31Z 2016-06-22T12:51:31Z Julian Andres Klode jak@debian.org 2016-06-22T12:51:31Z urn:sha1:14e325c7e4b33e8fc6d33b99d1ffd3b934d26ed0 Quite a huge churn of new strings. 2016-06-22T12:05:01Z David Kalnischkies david@kalnischkies.de 2016-06-20T18:50:43Z urn:sha1:d03b947b0ce4f87d7d5cc48d4d274ab3bd0b289a Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories. 2016-06-22T12:05:01Z David Kalnischkies david@kalnischkies.de 2016-03-18T13:46:24Z urn:sha1:952ee63b0af14a534c0aca00c11d1a99be6b22b2 With this commit all APT-based clients default to refusing to work with unsigned or otherwise insufficently secured repositories. In terms of apt and apt-get this changes nothing, but it effects all tools using libapt like aptitude, synaptic or packagekit. The exception remains apt-get for stretch for now as this might break too many scripts/usecases too quickly. The documentation is updated and extended to reflect how to opt out or in on this behaviour change. Closes: 808367 2016-06-20T11:49:31Z David Kalnischkies david@kalnischkies.de 2016-06-20T11:49:31Z urn:sha1:9515ed7bcdb32c7985ca83d309beda7155d02136 There is a subtile difference between an empty setting and "DIRECT" in the configuration as the later overrides the generic settings while the earlier does not. Also, non-zero exitcodes should really be reported as an error rather than silently discarded. 2016-06-11T15:25:20Z Julian Andres Klode jak@debian.org 2016-06-11T15:24:13Z urn:sha1:5ff8dd6bd1c30c29a7398e339d3bdeaffe2f4489 2016-06-08T15:27:19Z David Kalnischkies david@kalnischkies.de 2016-06-08T11:44:29Z urn:sha1:007d8b488787f4c33ced5937f22f99f1b759088a Most (if not all) solvers should be able to run perfectly fine without root privileges as they get the entire state they are supposed to work on via stdin and do not perform any action directly, but just pass suggestions on via stdout. The new default is to run them all as _apt hence, but each solver can configure another user if it chooses/must. The security benefits are minimal at best, but it helps preventing silly mistakes (see 35f3ed061f10a25a3fb28bc988fddbb976344c4d) and that is always good. Note that our 'apt' and 'dump' solver already dropped privileges if they had them. 2016-05-27T12:08:44Z David Kalnischkies david@kalnischkies.de 2016-05-27T10:08:32Z urn:sha1:124e6916b7b02984803ff8217e8163947aae2882 libapt allows to configure compressors to be used by its system via configuration implemented in 03bef78461c6f443187b60799402624326843396, but that was never really documented and also only partly working, which also explains why the tests weren't using it… 2016-05-24T08:46:47Z David Kalnischkies david@kalnischkies.de 2016-05-24T08:37:57Z urn:sha1:40ebab6ac9dcbbebd3c3e6d70eee0d6e3ab36520 Reported-By: lintian: spelling-error-in-manpage Git-Dch: Ignore 2016-05-20T12:18:36Z David Kalnischkies david@kalnischkies.de 2016-05-06T12:21:02Z urn:sha1:43c71fad3a51d841132ba15a7a5930e1ee4126ed This allows to differentiate properly between 'apt-get upgrade', 'apt upgrade' and 'apt full-upgrade'. 2016-05-16T15:18:49Z David Kalnischkies david@kalnischkies.de 2016-05-16T15:18:49Z urn:sha1:6a5f38e99303e53f2b593442a5c1ace104c155b7 --show-upgraded is the default since 906fbf8886926eeb302332d997c9bd861291e155 so documenting it as if it would be an option having an effect as is feels wrong and we do the same for other options like install-recomends, download, …, too. This commit also removes -u from the documentation, but still supports it in the commandline parsing. Eventually we should deprecate the short option, but for now lets just stop documenting it. Closes: 824456