| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
| |
We don't really care about solver progress messages in testing;
hide them when comparing output, and hide them better than before.
Previously testsuccessequal ... --solver 3.0 behaved differently
than tests run with globally forced on 3.0 solver.
Stop cleaning up autoremovals, but do clean up "Calculating upgrade"
as well.
|
| |
|
|
|
| |
Implement the moving of the auto bit. The whole auto-bit management
is not entirely optimal yet, but this works.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Dependencies shared by all versions are enqueued at the package
level, so avoid enqueuing duplicates at the version level. This
presumably has no meaningful impact on performance, potentially
a negative performance impact on some workloads as we now need
to find the duplicates again; it can become useful when there
is a lot of backtracking.
More importantly though this improves error messages, because
now we can say that "all versions of foo depend on X", rather
than saying "foo=1 depends on X" and you are left wondering
why we did not select "foo=2".
In this commit though, improved error messages are not implemented,
they depend on redesigning the reason tracking to use clauses.
Also the rationale tracking includes a lot more dependencies of
the form "pkg:arch=version -> pkg:arch" which are annoying. Improved
error messages should fold them into one node.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of expensive rescoring of all outstanding items, use
unit propagation to find new units after conflicts.
We still count the items when adding them; but unless they are
0 or 1, which they should not be, they don't have any effect:
The size field is now effectively static.
If the size of an optional clause changed to 1, it is inserted
a second time, and then moves up to the top of the optional
items per the Work::operator< rules.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This allows it to work with solver3 before that feature is implemented.
This essentially reverts the change to that test made in
119a8d0ed19a4e946591b9aef7d662e14ca7ece5
|
| |
|
|
|
|
|
|
|
|
| |
When we call an EDSP solver from ResolveByKeep(), we are not
in an upgrade context: In an upgrade context, we call the solver
directly from upgrade.cc instead of doing any Resolve() or
ResolveByKeep() calls.
This fixes the test-bug-602412-dequote-redirect test case,
where ResolveByKeep() was called as part of --fix-missing
|
| |
|
|
|
| |
The 3.0 solver does not support upgrade arguments to override the
policy.
|
| |
|
|
|
|
|
| |
Our upgrade policy does not support specifying packagenames to
upgrade commands that are not subject to the policy. It's possible
this can be addressed at a later time, but let's not block the rest
of the test from running.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We inadvertently performed a global ordering of all possible
solutions for the or group using CompareProviders3.
This however is not correct, as we lose the ordering of the
dependency group *too* much. Mostly this has no effect, but
you can see for example in test-explore-or-groups-in-markinstall
various instances of it.
Adjust said test case to work with the 3.0 solver to the extent
possible under the current design. The 3.0 solver does Recommends
after processing any manually installed packages; as such the
various Recommends test cases do not work: A `Recommends: okay|upgrade`
will not upgrade `upgrade` if it visited `upgrade` first.
This may change at a future time, but the correct semantics for
Recommends are not entirely clear. Notably, the existing solver
is not always consistent. You can see here where they matter,
but recently I added test-solver-recommends-depends in which
the Recommends do not influence the choice of other Depends.
|
| |
|
|
|
|
|
|
| |
Phased updates are ignored when strict pinning is on; such that
only the installed version will be available. By design of SAT
solvers, this means that the version selection clause is unit,
and hence the version can be directly propagated, i.e. that
choice is safe.
|
| |
|
|
|
|
| |
This fixes the difference in test-unpack-different-version-unpacked,
but more importantly this is needed for phasing to be displayed
correctly once that is implemented.
|
| |
|
|
|
| |
Fix the test cases we can fix directly; add annotations where we
know what work is needed, next we'll look at the other bugs.
|
| |
|
|
| |
Strip everything after "#" and spaces before it.
|
| |
|
|
|
|
|
|
| |
This is a bit gnarly, but dist-upgrade is mapped to
is an upgrade + removals allowed + installs allowed
:D
|
| |
|
|
|
|
| |
Restore the depcache's MarkRequired logic for 3.0 solver; and
change the MarkInstall() call to pass a more correct value for
FromUser, to not override an existing automatic status.
|
| |
|
|
|
|
| |
We forgot this in the previous iteration. This makes the reasoning
in the test cases much nicer and apt-test's mantic-to-noble-jak.edsp
now finishes rather than running into the timeout (potentially forever).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of utilizing the reverse depends functionality of the cache
and marking all possible reverse dependencies for removal, mark them
ourselves by keeping track of reverse-implication-clauses.
Notably, this improves the reverse dependency rejection substantially:
The previous RejectReverseDependencies() function did not handle
Provides.
For this to work correctly right now, we need to discover optional
clauses too when queuing them. This is somewhat suboptimal as we
technically we don't care if they become unsat, we just waste time
tracking them.
The tests get a bit awkward, but oh well, we use what we can
use.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we have discovered all clauses for a version, discover
each possible solution for the clauses. This means that when
Discover(foo) is called _anything_ that could lead to foo becoming
uninstallable is translated; so we can extend this next by keeping
a list of reverse dependencies for each package and rejecting
those.
We limit the discovery to those variables that we did not already
enqueue as a negative fact at the root level, as those can never
become true.
We are utilizing a queue here which is not the most performant
solution possible, but where it excels is in producing usable
stack traces when debugging. Traversing the entire dependency
tree using recursion can easily produce thousand levels of
recursion.
The queue means that we discover packages in a breadth-first
manner compatible with the order in which we propagate dependencies,
which is helpful for consistency.
The queue did not appear as a bottleneck in benchmarking. If it did,
we could switch to a grow-only ring buffer (std::queue's underlying
deque also shrinks automatically which is suboptimal).
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If a dependency can be satisfied by all versions of a package,
add the package to the clause instead of the version object.
This works only if there are no providers for the package: Providers
are quite hard to enumerate over and make sure that all versions of
a package satisfy the provider dependency.
Implement arbitrary selection between packages and versions for
the CompareProviders class: We pick the best version for each package
and then pit them against each other.
|
| |
|
|
|
|
|
|
|
|
|
| |
The `--skip` option was introduced in commit
1fbdc04be7547b8c4bb84f400329415ea0bc60b5, and it was broken straight
from the start for the case where `TESTTORUN` is not set (see last hunk
in this commit, the mistake is obvious).
It went unnoticed as the GitLab CI runs tests with the `-j` option, so
`TESTTORUN` is set. While ci.debian.net runs without -j, but doesn't
skip any test, so it doesn't trigger the bug either.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Just propagate the stored clauses after we have discovered them;
this is quite straightforward. We now more reliably discover common
dependencies at the package level, adjust the test case accordingly.
The next step is to make discovery recursive, or iterative, to build
an entire recursive tree from all roots, and then we can reject reverse
dependencies based on it.
A bunch of refactorings are needed in the process. We remove the
useless Hint enumeration and insert a flags struct into the State,
such that we can record whether a package/version has been
discovered, to avoid spending double time on discovery.
|
| |
|
|
|
|
|
| |
This is not *purely* a refactoring, we accidentally used the
version of the dependency when enqueuing conflicts rather than
the reason, so the conflict string in the test case is different;
the logging had the same issue.
|
| |
|
|
| |
That just needs using '-' to replace spaces in Origin to get the keyring file name.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of directly propagating in a recursive fashion,
queue propagations in a queue and work on them in a loop
per the miniSAT paper.
We call Propagate() only at the end of the FromDepCache()
function and then in the Solve loop. Delaying the initial
propagation means that we get a stronger reasoning:
Assume you have x->a->b->c, y->c and you install x,y:
- Previously we traversed: x, y, x->a, a->b, b->c, (y->c)
- but now we traverse: x, y, x->a, y->c, a->b, (b->c)
Notably c now has the implication y->c instead of x->a->b->c.
Inside the solver we need to call Propagate in a loop:
Propagating facts can fail and we then backtrack. If backtracking
is succesful, we have gained a new fact to propagate.
|
| |
|
|
|
|
| |
This is more or less unused; but it particularly has the bad
problem of forcing new unsat recommends to be solved *before*
dependencies. Which is awkward.
|
| |
|
|
|
| |
If both items are optional, unit items should be processed
first.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This handles rewriting .list entries to .sources ones; the
only options handled are
- signed-by => Signed-By
- trusted => Trusted
The options to specify architectures, check-valid-until, etc.
are not supported as they are not exposed in the code. We
probably should refactor the parser at some point so we can
actually read the parsed entry rather than the abstract objects
we create from it.
This can be improved further:
- Keyrings from /etc/apt/trusted.gpg.d should be moved to
/etc/apt/keyrings.
- automatic detection by trying to verify using each keyring
in trusted.gpg.d until we find the right one and then using
that for Signed-By rather than leave some sources empty.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This should remain a warning case for now. So push the errors
to a stack and see if we can find any file.
Explictly warn again if Dir::Etc::trusted is set, as it is like
_super_ deprecated.
Reported-By: Cyril Brulebois <kibi@debian.org> in Bug#1032131
|
| |
|
|
|
|
|
|
|
|
| |
This warning has been superseded by the missing sources.list
notice (which will also become a warning shortly)
Adjust the sqv exit to avoid introducing a new spurious
"No good signature" that we did not reach before.
moo
|
| |
|
|
|
|
| |
Warn about the missing field there and suggest the transition
to deb822 .sources files if we found any non-deb822 source
without signed-by.
|
| |
|
|
|
|
|
|
| |
The test was failing for me as the PGP signature contained "GeviljGB"
which is clearly not the evil we are looking for. Sadly, reproducing
this is hard, but random failures of the test suite are annoying, so
lets grep for a bit longer strings that can't happen in the signature
block to avoid this particular problem.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some reason ~ that I don't know and can't come up with on the spot ~
we output the Pre-Depends field as PreDepends in the translated
user-visible output and I accidentally copied that over to the
untranslated variant that replaced the embedded copy (with a dash)
in the EDSP generator.
Code-copies and implementation details littered all over the place are
apparently sometimes a good bug-free thing, too…
Regression-of: 6828ae2c2f9268c8187f0fa91b3c464ed84a8476
Closes: #1093254
|
| |
|
|
|
| |
Add some more test cases where only one of the sources is bad;
and switch to htp to make the order more reliable.
|
| |
|
|
|
|
|
|
|
| |
They were implemented to help a tiny bit in notifying users even if they
didn't read the Release notes (or didn't realize it would apply to them)
that they likely have to change their sources.list entries, but that
transition is now over for a while, so everyone who should have seen it
has hopefully reacted to it and so all this code now does is waste
space, time and idly waiting for false positives.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Streamlining the rules around the Section field and especially what
happens if its isn't present are a good idea in general, but for testing
proposes we want a package without a section ~ something dpkg and co do
not want us to have for good reasons (outside of tests).
While a real nosection package would interact with more of our code, for
this test we don't really need a real one and so we can adopt to the new
reality of encountering such packages only if they are already
installed instead of trying to build a sectionless package by hand.
The other failure is a simple and trivial string change around the
formatting of the version number in dpkg error message about file
overrides, which we can resolve by just not looking at the version to
sidestep dealing with the formatting difference.
References: https://lists.debian.org/debian-dpkg/2024/12/msg00010.html
Closes: #1092090
|
| |
|
|
|
| |
This is the correct check to find out whether we have built
with sqv support.
|
| |
|
|
|
|
|
|
|
|
|
| |
We inadvertently did not discard pending errors when the
fallback to Dir::Etc::trusted succeeded, do so.
Also add some quick safety checks to make sure we enter the
verification in a good state, and that if somehow errors are
pending after a verification we return false.
Closes: #1091679
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new sqv method uses sequoia's sqv tool to verify files. The
tool's interface is quite simple: It returns 0 on success, and
prints one line per good signer with the fingerprint.
sqv has a configurable crypto policy. We have defined apt-specific
override mechanisms for sequoia's standard policy, allowing both
users, distributions, and apt package to provide overrides for
Sequoia's default policy in meaningful ways.
The sqv method will be built and be the standard method for
verifying OpenPGP signatures provided that `sqv` is in the
PATH during building. It is not built if there was no sqv
at build time, so you need a rebuild to enable sqv later
on.
On the flip side, the gpgv method is always built, but it
does need to be always built: If APT::Key::GPGVCommand is
set, we need to fallback to it - this is important to
support existing users of that interface such as
mmdebstrap. Also we want to fall back to it when /usr/bin/sqv
disappears - for example in our CI :D
A couple of concessions have been made for test suite purposes:
- Failure to split a clearsigned file only shows the summary,
as the gpgv method also only showed it, and no details why
it failed.
- We write "Got GOODSIG <fingerprint>" in debug mode to mimic
the gpgv code to keep the test suite happy.
- In various places in the test suite we assert minimal output
from sqv, but sqv's human output is not intended to be stable.
This will incur additional work when it breaks. However we do
not _parse_ the output, so actual operation of apt is unaffected.
A couple of things are suboptimal here:
- We are still doing clearsigned splitting ourselves. sqv only
has support for detached signatures right now, whereas sqopv
has support for clearsigned files as well (but sqopv does not
provide any reasons for why signature verification fails or
means to set a policy).
- Deprecation of algorithms happens on a timebomb basis in
sequoia. We have no means to give users warnings ahead of
time if their configuration is outdated.
We have implemented various bits that probably should be going away:
- Fallback to trusted.gpg
This is just annoying...
- Support for fingerprints in Signed-By (no subkey matching though)
The extra work here is arguably less compared to gpgv.
- Check the keyring for correctness.
With Signed-By everywhere, we should just error out rather than
skip broken keyrings.
Moo
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the test case for MD5 and expired signatures, as we can't
create them (can't set signing digest, and can't set signature
expiry).
Tests for them have been added to test-method-gpgv instead.
We override sq in a function with cert-store and key-store
set to none.
This supports both sq 0.40 and sq 1.0.
|
| | |
|
| |
|
|
|
| |
Add new fields `APT-Pin`, `APT-Candidate`, and `APT-Release` to the
output, same as in EDSP (limited to one release for now).
|
| |
|
|
|
|
|
|
|
|
|
| |
There could be | or ; or other stuff in PAGER that needs
special handling, let's encode a list of known-good characters
instead. This covers all known pagers.
You could also try to execvp() PAGER in its entirety and if
it fails with ENOENT fall back to the shell but then you
don't get correct error handling if the pager really doesn't
exist (in which case we should abort trying to page).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Automatically show the output of `show`, `policy`, `list`,
`search`, `showsrc` in a pager.
The pager setup is inspired by git's pager setup. Notably,
the pager is found using APT_PAGER and PAGER variables.
We wait for the pager to be setup somewhat correctly by
using a notify pipe to figure out whether execvp() was
succesful - then the pipe will read EOF as the other end
got closed by CLOEXEC during exec - or not, then the pipe
will contain an errno.
We set up the correct handlers for signals and exit to close
the fds and wait for the pager. Notably inside the signal
handler we cannot flush our streams, only close them, so
there is some duplication.
We call the InitOutputPager() function from inside the
various Do...() functions rather than setting it up
generally in InitOutput(). Doing so allows us to first
render the progress without a pager, and then setup
the pager for the content only which improves user
experience.
When we setup a pager we also take care to disable
standard input, as we should not be prompting users
while a pager is running (the pager will be reading
from the tty directly). We do this by dup2-ing() a
/dev/null over it; if we just close()d the fd, another
open() might reuse the fd number and problems could
occur.
|
| |
|
|
|
|
|
|
| |
We tried to access str.size() - 1 on a 0-sized string, which
does not work, and now that we build with assertions triggers
it.
Closes: #1090068
|
| | |
|