apt - Debians commandline package manager

	Commit message (Collapse)	Author	Age	Files	Lines
*	ftparchive: Do not pass through disabled hashes in Sources	Julian Andres Klode	2017-09-09	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	When writing a Sources files hashes that were already present in the .dsc were always copied through (or modified), even if disabled. Remove them instead when they are disabled, otherwise we end up with hashes for tarballs and stuff but not for dsc files (as the dsc obviously does not hash itself). Also adjust the tests: test-compressed-indexes relied on Files being present in showsrc, and test-apt-update-weak-hashes expected the tarball to be downloaded when an archive only has MD5 and we are requiring SHA256 because that used to work because the tarball was always included. Closes: #872963
*	add insecure (and weak) allow-options for sources.list	David Kalnischkies	2016-06-22	1	-7/+22
\| \| \| \| \| \| \| \|	Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories.
*	better error message for insufficient hashsums	David Kalnischkies	2016-06-22	1	-3/+32
\| \| \| \| \| \| \| \|	Downloading and saying "Hash Sum mismatch" isn't very friendly from a user POV, so with this change we try to detect such cases early on and report it, preferably before download even started. Closes: 827758
*	handle weak-security repositories as unauthenticated	David Kalnischkies	2016-06-22	1	-20/+138
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	APT can be forced to deal with repositories which have no security features whatsoever, so just giving up on repositories which "just" fail our current criteria of good security features is the wrong incentive. Of course, repositories are better of fixing their setup to provide the minimum of security features, but sometimes this isn't possible: Historic repositories for example which do not change (anymore). That also fixes problem with repositories which are marked as trusted, but are providing only weak security features which would fail the parsing of the Release file. Closes: 827364
*	drop confusing comma from no strong hash message	David Kalnischkies	2016-03-25	1	-1/+1
\|
*	Report non-transient errors as errors, not as warnings	Julian Andres Klode	2016-03-16	1	-2/+2
\| \| \| \| \|	This makes it easier to understand what really is an error and what not.
*	show a more descriptive error for weak Release files	David Kalnischkies	2015-12-14	1	-0/+40
	If we can't work with the hashes we parsed from the Release file we display now an error message if the Release file includes only weak hashes instead of downloading the indexes and failing to verify them with "Hash Sum mismatch" even through the hashes didn't mismatch (they were just weak). If for some (unlikely) reason we have got weak hashes only for individual targets we will show a warning to this effect (again, befor downloading and failing the index itself). Closes: 806459