Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.9.1 2024-02-20T12:49:04Z 2024-02-20T12:49:04Z Julian Andres Klode julian.klode@canonical.com 2024-02-20T12:43:08Z urn:sha1:40a75722c43ae24cb9a99d6730a3b25b65819c49 This was automated with sed and git-clang-format, and then I had to fix up the top of policy.cc by hand as git-clang-format accidentally indented it by two spaces. 2020-05-18T13:55:36Z David Kalnischkies david@kalnischkies.de 2020-05-18T09:55:54Z urn:sha1:c470d92366d7c3c239a689f0a10d6d0d9daafbff Our testcases had their own implementation of GetTempFile with the feature of a temporary file with a choosen suffix. Merging this into GetTempFile lets us drop this duplicate and hence test more our code rather than testing our helpers for test implementation. And then hashsums_test had another implementation… and extracttar wasn't even trying to use a real tempfile… one GetTempFile to rule them all! That also ensures that these tempfiles are created in a temporary directory rather than the current directory which is a nice touch and tries a little harder to clean up those tempfiles. 2020-02-18T11:48:38Z Julian Andres Klode julian.klode@canonical.com 2020-02-18T11:48:38Z urn:sha1:e8016805b87bead8eb3dff0d0559c5d9590b721b Remove all code scheduled to be removed after 5.90, and fix files to include files they previously got from hashes.h including more headers. 2020-01-14T12:10:36Z Julian Andres Klode julian.klode@canonical.com 2020-01-07T20:05:27Z urn:sha1:5872a2e7dd308e49a063a20da1beb40a32d1e9b2 2018-05-04T16:42:37Z David Kalnischkies david@kalnischkies.de 2018-05-04T16:24:57Z urn:sha1:1d77c915005f7630949e2ce706055ee3235009b6 GTest has a bunch of undefined macros which causes the compiler to spit out warnings for each one on each test file. There isn't much we can do, so we just disable the warning for the testcases. Other warnings like sign-promo and sign-compare we can avoid by being more explicit about our expected integer constants being unsigned. As we are just changing testcases, there is no user visible change which would deserve to be noted in the changelog. Gbp-Dch: Ignore Reported-By: gcc-8 2017-07-12T11:57:51Z Julian Andres Klode jak@debian.org 2017-07-12T11:40:41Z urn:sha1:87274d0f22e1dfd99b2e5200e2fe75c1b804eac3 This makes it easier to see which headers includes what. The changes were done by running git grep -l '#\s*include' \ | grep -E '.(cc|h)$' \ | xargs sed -i -E 's/(^\s*)#(\s*)include/\1#\2 include/' To modify all include lines by adding a space, and then running ./git-clang-format.sh. 2016-08-10T14:11:43Z Julian Andres Klode jak@debian.org 2016-08-07T16:22:14Z urn:sha1:06c2b40b9b9094f4f6391bd1d17cfc3725313070 Add support for our GTest based unit tests. By default, CMake will look in /usr/src/gtest for the external GTest project, but this can be overriden by defining GTEST_ROOT when invoking cmake. Gbp-Dch: ignore 2016-03-13T12:01:14Z Julian Andres Klode jak@debian.org 2016-03-13T11:21:09Z urn:sha1:51c04562559d0924aa52cc8c9b69901bc8a5c945 SHA1 is not reasonably secure anymore, so we should not consider it usable anymore. The test suite is adjusted to account for this. 2015-09-01T12:19:44Z David Kalnischkies david@kalnischkies.de 2015-09-01T11:58:00Z urn:sha1:63d609985eb7eefa5f2332bfe4fab96f017760a1 We want to declare some hashes as not enough for security, so that a user will need --allow-unauthenticated or similar to get data secured only by those hashes, but we can still us these hashes for integrity checks if we got them. 2015-06-09T10:57:35Z David Kalnischkies david@kalnischkies.de 2015-06-06T10:28:00Z urn:sha1:448c38bdcd72b52f11ec5f326f822cf57653f81c Having every item having its own code to verify the file(s) it handles is an errorprune process and easy to break, especially if items move through various stages (download, uncompress, patching, …). With a giant rework we centralize (most of) the verification to have a better enforcement rate and (hopefully) less chance for bugs, but it breaks the ABI bigtime in exchange – and as we break it anyway, it is broken even harder. It shouldn't effect most frontends as they don't deal with the acquire system at all or implement their own items, but some do and will need to be patched (might be an opportunity to use apt on-board material). The theory is simple: Items implement methods to decide if hashes need to be checked (in this stage) and to return the expected hashes for this item (in this stage). The verification itself is done in worker message passing which has the benefit that a hashsum error is now a proper error for the acquire system rather than a Done() which is later revised to a Failed().