Merge branch 'audit' into 'main'

Add an "audit" error level See merge request apt-team/apt!323
author: Julian Andres Klode <jak@debian.org> 2024-04-19 19:30:26 +0000
committer: Julian Andres Klode <jak@debian.org> 2024-04-19 19:30:26 +0000
commit: 235d4ab12e72aeef4bbfc59de1d6d51cacdb2e66 (patch)
tree: 2dd7fdd46601827cf88ed1211a0bcb89dfb34c1d
parent: 70103339b017a42ea71a56c27c221a79ccc3116f (diff)
parent: 858a551b50ea3871748d9196896e54b361c3d545 (diff)
9 files changed, 53 insertions, 8 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 3c491adc0..b534d56a3 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -2013,6 +2013,8 @@ void pkgAcqMetaClearSig::Failed(string const &Message,pkgAcquire::MethodConfig c
 	    return;
       }
 
+      _error->Audit(_("Repositories should provide a clear-signed InRelease file, but none found at %s."), Target.URI.c_str());
+
       // Queue the 'old' InRelease file for removal if we try Release.gpg
       // as otherwise the file will stay around and gives a false-auth
       // impression (CVE-2012-0214)
@@ -3985,7 +3987,7 @@ void pkgAcqFile::Done(string const &Message,HashStringList const &CalcHashes,
 	 _error->PushToStack();
 	 _error->Errno("pkgAcqFile::Done", "Symlinking file %s failed", DestFile.c_str());
 	 std::stringstream msg;
-	 _error->DumpErrors(msg, GlobalError::DEBUG, false);
+	 _error->DumpErrors(msg, GlobalError::NOTICE, false);
 	 _error->RevertToStack();
 	 ErrorText = msg.str();
 	 Status = StatError;
diff --git a/apt-pkg/contrib/error.cc b/apt-pkg/contrib/error.cc
index c9bb622e7..4715568d0 100644
--- a/apt-pkg/contrib/error.cc
+++ b/apt-pkg/contrib/error.cc
@@ -64,6 +64,7 @@ GEMessage(FatalE, FATAL)
 GEMessage(Errno, ERROR)
 GEMessage(WarningE, WARNING)
 GEMessage(NoticeE, NOTICE)
+GEMessage(AuditE, AUDIT)
 GEMessage(DebugE, DEBUG)
 #undef GEMessage
 									/*}}}*/
@@ -121,6 +122,7 @@ GEMessage(Fatal, FATAL)
 GEMessage(Error, ERROR)
 GEMessage(Warning, WARNING)
 GEMessage(Notice, NOTICE)
+GEMessage(Audit, AUDIT)
 GEMessage(Debug, DEBUG)
 #undef GEMessage
 									/*}}}*/
@@ -270,6 +272,7 @@ APT_HIDDEN std::ostream &operator<<(std::ostream &out, GlobalError::Item i)
 	 out << COLOR_WARN;
 	 break;
       case GlobalError::NOTICE:
+      case GlobalError::AUDIT:
 	 out << COLOR_NOTICE;
 	 break;
       default:
@@ -289,6 +292,9 @@ APT_HIDDEN std::ostream &operator<<(std::ostream &out, GlobalError::Item i)
    case GlobalError::NOTICE:
       out << 'N';
       break;
+   case GlobalError::AUDIT:
+      out << 'A';
+      break;
    case GlobalError::DEBUG:
       out << 'D';
       break;
@@ -303,6 +309,7 @@ APT_HIDDEN std::ostream &operator<<(std::ostream &out, GlobalError::Item i)
       case GlobalError::ERROR:
       case GlobalError::WARNING:
       case GlobalError::NOTICE:
+      case GlobalError::AUDIT:
 	 out << COLOR_RESET;
 	 break;
       default:
diff --git a/apt-pkg/contrib/error.h b/apt-pkg/contrib/error.h
index 35e39ee0e..792232010 100644
--- a/apt-pkg/contrib/error.h
+++ b/apt-pkg/contrib/error.h
@@ -66,6 +66,8 @@ public:									/*{{{*/
 		WARNING = 20,
 		/** \brief deprecation warnings, old fallback behavior, … */
 		NOTICE = 10,
+		/** \brief future deprecation warnings, divergence from best practices */
+		AUDIT = 5,
 		/** \brief for developers only in areas it is hard to print something directly */
 		DEBUG = 0
 	};
@@ -109,6 +111,15 @@ public:									/*{{{*/
 	 */
 	bool NoticeE(const char *Function,const char *Description,...) APT_PRINTF(3) APT_COLD;
 
+	/** \brief add an audit message with errno to the list
+	 *
+	 *  \param Function name of the function generating the error
+	 *  \param Description format string for the error message
+	 *
+	 *  \return \b false
+	 */
+	bool AuditE(const char *Function,const char *Description,...) APT_PRINTF(3) APT_COLD;
+
 	/** \brief add a debug message with errno to the list
 	 *
 	 *  \param Function name of the function generating the error
@@ -193,6 +204,18 @@ public:									/*{{{*/
 	 */
 	bool Notice(const char *Description,...) APT_PRINTF(2) APT_COLD;
 
+	/** \brief add an audit message to the list
+	 *
+	 *  An audit message highlights divergences from best practices and
+	 *  future deprecations. It my for example include additional messages
+	 *  targeted at repository owners.
+	 *
+	 *  \param Description Format string for the message
+	 *
+	 *  \return \b false
+	 */
+	bool Audit(const char *Description,...) APT_PRINTF(2) APT_COLD;
+
 	/** \brief add a debug message to the list
 	 *
 	 *  \param Description Format string for the message
diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc
index 4f87cc22b..82035ee65 100644
--- a/apt-pkg/deb/dpkgpm.cc
+++ b/apt-pkg/deb/dpkgpm.cc
@@ -1301,7 +1301,7 @@ void pkgDPkgPM::StartPtyMagic()						/*{{{*/
 	 free(d->slave);
 	 d->slave = NULL;
       }
-      _error->DumpErrors(std::cerr, GlobalError::DEBUG, false);
+      _error->DumpErrors(std::cerr, GlobalError::NOTICE, false);
    }
    _error->RevertToStack();
 }
diff --git a/apt-pkg/edsp.cc b/apt-pkg/edsp.cc
index b0ac4ae49..a02e400c2 100644
--- a/apt-pkg/edsp.cc
+++ b/apt-pkg/edsp.cc
@@ -435,7 +435,7 @@ bool EDSP::ReadResponse(int const input, pkgDepCache &Cache, OpProgress *Progres
 				if (Progress != nullptr)
 					Progress->Done();
 				Progress = nullptr;
-				_error->DumpErrors(std::cerr, GlobalError::DEBUG, false);
+				_error->DumpErrors(std::cerr, GlobalError::NOTICE, false);
 			}
 			std::string msg = SubstVar(SubstVar(section.FindS("Message"), "\n .\n", "\n\n"), "\n ", "\n");
 			if (msg.empty() == true) {
@@ -1044,7 +1044,7 @@ bool EIPP::ReadResponse(int const input, pkgPackageManager * const PM, OpProgres
 	    if (Progress != nullptr)
 	       Progress->Done();
 	    Progress = nullptr;
-	    _error->DumpErrors(std::cerr, GlobalError::DEBUG, false);
+	    _error->DumpErrors(std::cerr, GlobalError::NOTICE, false);
 	 }
 	 std::string msg = SubstVar(SubstVar(section.FindS("Message"), "\n .\n", "\n\n"), "\n ", "\n");
 	 if (msg.empty() == true) {
diff --git a/apt-private/private-cmndline.cc b/apt-private/private-cmndline.cc
index e0e00c917..b05ec8945 100644
--- a/apt-private/private-cmndline.cc
+++ b/apt-private/private-cmndline.cc
@@ -409,6 +409,7 @@ std::vector<CommandLine::Args> getCommandArgs(APT_CMD const Program, char const
    // general options
    addArg(0, "color", "APT::Color", 0);
    addArg('q', "quiet", "quiet", CommandLine::IntLevel);
+   addArg(0, "audit", "APT::Audit", 0);
    addArg('q', "silent", "quiet", CommandLine::IntLevel);
    addArg('c', "config-file", 0, CommandLine::ConfigFile);
    addArg('o', "option", 0, CommandLine::ArbItem);
@@ -601,10 +602,12 @@ unsigned short DispatchCommandLine(CommandLine &CmdL, std::vector<CommandLine::D
 
    // Print any errors or warnings found during parsing
    bool const Errors = _error->PendingError();
-   if (_config->FindI("quiet",0) > 0)
+   if (_config->FindB("APT::Audit"))
+      _error->DumpErrors(GlobalError::AUDIT);
+   else if (_config->FindI("quiet",0) > 0)
       _error->DumpErrors();
    else
-      _error->DumpErrors(GlobalError::DEBUG);
+      _error->DumpErrors(GlobalError::NOTICE);
    if (returned == false)
       return 100;
    return Errors == true ? 100 : 0;
diff --git a/apt-private/private-output.cc b/apt-private/private-output.cc
index c2e936d2c..35fe9cdca 100644
--- a/apt-private/private-output.cc
+++ b/apt-private/private-output.cc
@@ -799,10 +799,12 @@ bool YnPrompt(char const * const Question, bool const Default, bool const ShowGl
    // if we ask interactively, show warnings/notices before the question
    if (ShowGlobalErrors == true && AssumeYes == false && AssumeNo == false)
    {
-      if (_config->FindI("quiet",0) > 0)
+      if (_config->FindB("APT::Audit"))
+	 _error->DumpErrors(c2o, GlobalError::AUDIT);
+      else if (_config->FindI("quiet",0) > 0)
 	 _error->DumpErrors(c2o);
       else
-	 _error->DumpErrors(c2o, GlobalError::DEBUG);
+	 _error->DumpErrors(c2o, GlobalError::NOTICE);
    }
 
    c2o << Question << std::flush;
diff --git a/doc/apt.ent b/doc/apt.ent
index 386abd493..b502073a9 100644
--- a/doc/apt.ent
+++ b/doc/apt.ent
@@ -49,6 +49,13 @@
      </varlistentry>
 
      <varlistentry>
+      <term><option>--audit</option></term>
+      <listitem><para>Show audit (and notice) messages. This overrides the quiet option, but only for notice messages, not progress ones.
+     </para>
+     </listitem>
+     </varlistentry>
+
+     <varlistentry>
       <term><option>-c</option></term>
       <term><option>--config-file</option></term>
      <listitem><para>Configuration File; Specify a configuration file to use. 
diff --git a/doc/examples/configure-index b/doc/examples/configure-index
index 72e907507..3f6140038 100644
--- a/doc/examples/configure-index
+++ b/doc/examples/configure-index
@@ -47,6 +47,7 @@ quiet "<INT>" {
 // Options for APT in general
 APT
 {
+  Audit "<BOOL>"; // display audit messages
   Architecture "<STRING>"; // debian architecture like amd64, i386, powerpc, armhf, mips, …
   Architectures "<LIST>"; // a list of (foreign) debian architectures, defaults to: dpkg --print-foreign-architectures
   BarbarianArchitectures "<LIST>"; // a list of architectures considered too foreign to satisfy M-A:foreign
author	Julian Andres Klode <jak@debian.org>	2024-04-19 19:30:26 +0000
committer	Julian Andres Klode <jak@debian.org>	2024-04-19 19:30:26 +0000
commit	235d4ab12e72aeef4bbfc59de1d6d51cacdb2e66 (patch)
tree	2dd7fdd46601827cf88ed1211a0bcb89dfb34c1d
parent	70103339b017a42ea71a56c27c221a79ccc3116f (diff)
parent	858a551b50ea3871748d9196896e54b361c3d545 (diff)