Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.7.0 2018-05-29T11:04:59Z 2018-05-29T11:04:59Z David Kalnischkies david@kalnischkies.de 2018-05-26T19:26:03Z urn:sha1:f6655a1138a11e80884959014939a25f23a1e308 Using the time of day for this is slightly wrong just like it is for progress, just less visible. 2018-05-28T15:59:38Z David Kalnischkies david@kalnischkies.de 2018-05-26T19:28:55Z urn:sha1:2fc09a90e7e62a4c3e4a67506bf90fcf4c6ccfaf The Stats method isn't called anywhere, was partly commented out before, but we keep updating the time for it – lets avoid this pointless busywork. Gbp-Dch: Ignore 2018-05-24T12:31:31Z Julian Andres Klode julian.klode@canonical.com 2018-05-24T12:31:31Z urn:sha1:329a4a6159f1972ff5ec7bc2db26430f26dc61f3 120s is an insanely high default time out, lower it to 30s to make things a bit nicer. 2018-05-07T11:41:31Z Guillem Jover guillem@debian.org 2018-05-06T20:32:41Z urn:sha1:164f1b78d1849a0f33df7352875f86e28f5de06a Prompted-by: Jakub Wilk <jwilk@debian.org> 2018-01-03T17:55:41Z David Kalnischkies david@kalnischkies.de 2017-10-27T16:39:36Z urn:sha1:57fa854e4cdb060e87ca265abd5a83364f9fa681 Embedding an entire acquire stack and HTTP logic in the mirror method made it rather heavy weight and fragile. This reimplement goes the other way by doing only the bare minimum in the method itself and instead redirect the actual download of files to their proper methods. The reimplementation drops the (in the real world) unused query-string feature as it isn't really implementable in the new architecture. 2017-12-13T22:56:29Z David Kalnischkies david@kalnischkies.de 2017-10-25T22:57:26Z urn:sha1:47c0bdc310c8cd62374ca6e6bb456dd183bdfc07 The Fail method for acquire methods has a boolean parameter indicating the transient-nature of a reported error. The problem with this is that Fail is called very late at a point where it is no longer easily identifiable if an error is indeed transient or not, so some calls were and some weren't and the acquire system would later mostly ignore the transient flag and guess by using the FailReason instead. Introducing a tri-state enum we can pass the information about fatal or transient errors through the callstack to generate the correct fails. 2017-11-19T12:59:30Z Julian Andres Klode jak@debian.org 2017-11-19T12:52:57Z urn:sha1:191b2352e5ed4949075d7db2f7ca938a79b8221e We accidentally regressed here in 1.5 when replacing the https method. 2017-10-22T21:38:31Z Julian Andres Klode jak@debian.org 2017-10-22T21:34:03Z urn:sha1:32bcbd73e0988d2d2237690ffae33b4f5cc5ff81 This reduces the number of syscalls to about 140 from about 350 or so, significantly reducing security risks. Also change prepare-release to ignore the architecture lists in the build dependencies when generating the build-depends package for travis. We might want to clean up things a bit more and/or move it somewhere else. 2017-10-22T16:52:16Z Julian Andres Klode jak@debian.org 2017-10-21T13:44:43Z urn:sha1:1a76517470ebc2dd3f96e39ebe6f3706d6dd78da This avoids running the Proxy-Auto-Detect script inside the untrusted (well, less trusted for now) sandbox. This will allow us to restrict the http method from fork()ing or exec()ing via seccomp. 2017-07-26T17:09:04Z David Kalnischkies david@kalnischkies.de 2017-07-07T20:21:44Z urn:sha1:881ec045b6660e2fe0c6953720260e380ceeeb99 Opening the file before we drop privileges in the methods allows us to avoid chowning in the acquire main process which can apply to the wrong file (imagine Binary scoped settings) and surprises users as their permission setup is overridden. There are no security benefits as the file is open, so an evil method could as before read the contents of the file, but it isn't worse than before and we avoid permission problems in this setup.