Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.6_alpha6 2018-01-03T18:42:45Z 2018-01-03T18:42:45Z David Kalnischkies david@kalnischkies.de 2017-11-18T13:21:14Z urn:sha1:8aadb98849ba2555f4596042c888da451d965dfd Gbp-Dch: Ignore 2018-01-03T17:55:41Z David Kalnischkies david@kalnischkies.de 2017-08-12T14:21:13Z urn:sha1:ef9677831f62a1554a888ebc7b162517d7881116 If a method needs a file to operate like e.g. mirror needs to get a list of mirrors before it can redirect the the actual requests to them. That could easily be solved by moving the logic into libapt directly, but by allowing a method to request other methods to do something we can keep this logic contained in the method and allow e.g. also methods which perform binary patching or similar things. Previously they would need to implement their own acquire system inside the existing one which in all likelyhood will not support the same features and methods nor operate with similar security compared to what we have already running 'above' the requesting method. That said, to avoid methods producing conflicts with "proper" files we are downloading a new directory is introduced to keep the auxiliary files in. [The message magic number 351 is a tribute to the german Grundgesetz article 35 paragraph 1 which defines that all authorities of the state(s) help each other on request.] 2018-01-03T17:55:41Z David Kalnischkies david@kalnischkies.de 2017-08-09T21:26:19Z urn:sha1:02567e3084d2faec92e8bf248e89fda6452e634b The format isn't too hard to get right, but it gets funny with multiline fields (which we don't really have yet) and its just easier to deal with it once and for all which can be reused for more messages later. 2017-12-24T09:31:29Z David Kalnischkies david@kalnischkies.de 2017-12-24T09:31:29Z urn:sha1:5ba048a475cfd728906875327ddceed4614a1c9d If the cache needs to grow to make room to insert volatile files like deb files into the cache we were remapping null-pointers making them non-null-pointers in the process causing trouble later on. Only the current Releasefile pointer can currently legally be a nullpointer as volatile files have no release file they belong to, but for safety the pointer to the current Packages file is equally guarded. The option APT::Cache-Start can be used to workaround this problem. Reported-By: Mattia Rizzolo on IRC 2017-12-14T20:55:26Z David Kalnischkies david@kalnischkies.de 2017-12-14T20:05:50Z urn:sha1:8876bf372f8bf5bc12767a2531587f004e38dc74 For the failure propagation testing we try to connect to a port which isn't open – you would think that this has a rather limited set of failure modes but it turns out that there are various ways this can fail, so instead of trying to guess all error message we just accept any. Reported-By: travis-ci Gbp-Dch: Ignore 2017-12-13T22:56:29Z David Kalnischkies david@kalnischkies.de 2017-10-27T17:09:45Z urn:sha1:355e1aceac1dd05c4c7daf3420b09bd860fd169d For deb files we always supported falling back from one server to the other if one failed to download the deb, but that was hardwired in the handling of this specific item. Moving this alongside the retry infrastructure we can implement it for all items and allow methods to use this as well by providing additional URIs in a redirect. 2017-12-13T22:56:29Z David Kalnischkies david@kalnischkies.de 2017-10-25T23:09:48Z urn:sha1:dff555d40bb9776b5b809e06527e46b15e78736c Moving the Retry-implementation from individual items to the worker implementation not only gives every file retry capability instead of just a selected few but also avoids needing to implement it in each item (incorrectly). 2017-12-13T22:52:07Z David Kalnischkies david@kalnischkies.de 2017-12-12T20:31:35Z urn:sha1:b857d586edeb3639d996a75fccd55ebea370b491 If we perform candidate switching in requests like "apt install foo/bar" we should first check if the dependencies of foo from release bar are already satisfied by what is already installed before checking if the candidate (or switched candidate) would. 2017-12-13T22:51:57Z David Kalnischkies david@kalnischkies.de 2017-11-22T12:42:31Z urn:sha1:197c53951430bcb267ddd6e398439a8a5d9a83ad If a InRelease file fails to download with a non-404 error we assumed there is some general problem with repository like a webportal or your are blocked from access (wrong auth, Tor, …). Turns out some server like S3 return 403 if a file doesn't exist. Allowing this in general seems like a step backwards as 403 is a reasonable response if auth failed, so failing here seems better than letting those users run into problems. What we can do is show our insecure warnings through and allow the failures for insecure repos: If the repo is signed it is easy to add an InRelease file and if not you are setup for trouble anyhow. References: cbbf185c3c55effe47f218a07e7b1f324973a8a6 2017-11-22T20:35:51Z Julian Andres Klode jak@debian.org 2017-11-19T15:11:33Z urn:sha1:b85851e510bdf13cef770981f76a403bc20b12da We did not strip away profiling messages when we were diffing from stdin (-). Just always write temporary files and strip from them. We also had a problem when stripping ...profiling: from a line and the next line starts with profiling. Split the sed into two calls so we first remove complete profiling: lines before fixing the ...profiling: cases.