Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.1.4 2015-12-06T13:46:11Z 2015-12-06T13:46:11Z David Kalnischkies david@kalnischkies.de 2015-12-06T13:46:11Z urn:sha1:804419029ab1b969c8d2dedb9b3443225058521f After e75e5879 the reason for an implicit dependency on debianutils (which is essential for debian, but likely not on other systems) was just two uses of run-parts, which can be replaced with the a lot more portable find-piped-into-sort duo. 2015-12-06T13:03:35Z David Kalnischkies david@kalnischkies.de 2015-12-06T13:03:35Z urn:sha1:e75e5879c0e8d232a2e8f045685beeb8c965aba4 which is a debian specific tool packaged in debianutils (essential) while command is a shell builtin defined by POSIX. Closes: 807144 Thanks: Mingye Wang for the suggestion. 2015-12-02T11:59:23Z David Kalnischkies david@kalnischkies.de 2015-12-02T11:43:33Z urn:sha1:430481e794a3fa2e75022c67e129b54d192ad54c This should make it more obvious that CHANGEPATH is a placeholder which apt will replace with a package specific path rather than a string constant. Mail-Reference: <87d1upgvaf.fsf@deep-thought.43-1.org> Mail-Archive: https://lists.debian.org/debian-dak/2015/12/msg00005.html 2015-12-02T11:59:23Z David Kalnischkies david@kalnischkies.de 2015-12-02T11:56:04Z urn:sha1:39f96d07cfe61f5e87279a704baed85f1468bc57 'Regression' of 7d19ee92f2368a40e739cb27d22d6d28f37ebf45, just that it now works more as expected than previously. Of course, build-essentials are implicitly also build dependencies, so by definition all packages have build dependencies, but that isn't what this message wants to say and it isn't what the user expects. Git-Dch: Ignore 2015-12-01T13:26:05Z David Kalnischkies david@kalnischkies.de 2015-12-01T13:09:23Z urn:sha1:f359b7e8c03884cd9f097d4b3ff8b8b8be8053ba Otherwise a user is subject to unexpected content-injection depending on which directory she happens to start apt in. This also cleans up the code requiring less implementation details in build-dep which is always good. Technically, this is an ABI break as we override virtual methods, but that they weren't overridden was a mistake resulting in pure classes, which shouldn't be pure, so they were unusable – and as they are new in 1.1 nobody is using them yet (and hopefully ever as they are borderline implementation details). Closes: 806693 2015-11-29T13:32:29Z David Kalnischkies david@kalnischkies.de 2015-11-29T13:27:25Z urn:sha1:3dd64b9c53b63ed82e59971614ec1dc242621d9b Regression of 14341a7ee1ca3dbcdcdbe10ad19b947ce23d972d. Reported-By: Julian Andres Klode <jak@debian.org> 2015-11-29T13:05:38Z David Kalnischkies david@kalnischkies.de 2015-11-29T13:05:38Z urn:sha1:3d284148090b6349c216407bb2766bd8f6a962f0 Git-Dch: Ignore 2015-11-29T12:36:28Z Andreas Cadhalpun andreas.cadhalpun@googlemail.com 2015-11-29T12:36:28Z urn:sha1:321213f0dcdcdaab04e01663e7a047b261400c9c The relevant testcases are in test/integration/test-apt-get-source. There is a test for #731853 that is supposed to "ensure that apt will pick the higher version number" of 0.0.1 (stable) and 0.1 (stable). However, this works by pure chance, as simply reversing the order of the two insertsource lines makes the test fail. So #731853 isn't really fixed, yet. Actually, that's related to the problem I reported, as the underlying issue for both is the same: In the FindSrc function apt chooses a new 'best hit', if either * there is a target release and it matches the release of the package, * or the version of the package is higher than the last best hit. Consider having 1.0 (stable), 2.0 (unstable) and 1.5 (unstable), in this order. Looking for the version in stable, apt first selects 1.0, because the release matches the target release, but then subsequently selects 2.0, because the version is higher. Looking for the version in unstable, apt first selects 2.0, because the release matches the target release, but then subsequently selects 1.5, because the release also matches the target release. The correct way would be to choose a new 'best hit', if either * there is a target release and it matches the release of the package, * or there is no target release and the version is higher than the last best hit. Closes: 746412 Mail-Reference: <565A604B.7090104@googlemail.com> Mail-Archive: https://lists.debian.org/debian-devel/2015/11/msg00470.html 2015-11-28T12:30:29Z David Kalnischkies david@kalnischkies.de 2015-11-28T12:17:57Z urn:sha1:ebca2f254ca96ad7ad855dca6e76c9d1c792c4a0 Dropping privileges is an involved process for code and system alike so ideally we want to verify that all the work wasn't in vain. Stuff designed to sidestep the usual privilege checks like fakeroot (and its many alternatives) have their problem with this through, partly through missing wrapping (#806521), partly as e.g. regaining root from an unprivileged user is in their design. This commit therefore disables most of these checks by default so that apt runs fine again in a fakeroot environment. Closes: 806475 2015-11-28T12:27:06Z David Kalnischkies david@kalnischkies.de 2015-11-28T00:27:49Z urn:sha1:eab57e0807c08fe8d3a5dcf02809c830f99fd972 debci seems to have a cleaner environment now and even if not we could never guess nogroup, so figure it out properly via 'id'. Git-Dch: Ignore