mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-11-04 14:30:30 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
8432 commits 1 branch 69 tags 38 MiB
Commit graph

8432 commits

This branch
This branch
All branches
Author SHA1 Message Date
Hans-Christoph Steiner
3c03fef28f safety: clarify reason to ignore CVE 2024-09-09 15:52:28 +00:00
Hans-Christoph Steiner
adf9dcb93e Merge branch 'walk-straight' into 'master' 
Correct traversing cibase

See merge request fdroid/fdroidserver!1519
 2024-09-08 18:16:07 +00:00
SilentGhost
8e89cf511d Correct traversing cibase 
Partly revert d9aab228 and fix bug introduced in 548f73d9:
modifying list that is being iterated over
 2024-09-06 15:05:36 +02:00
Hans-Christoph Steiner
88a23f3a33 Merge branch 'config_lint' into 'master' 
lint: check for valid keys in config files

See merge request fdroid/fdroidserver!1516
 2024-09-05 11:28:49 +00:00
linsui
0ad2820b6f lint: check config keys 2024-09-05 18:54:46 +08:00
linsui
debac3fd61 lint.py: format 2024-09-05 02:09:55 +08:00
Hans-Christoph Steiner
634466f8a5 Merge branch 'lock' into 'master' 
scanner: fix build_dir type

See merge request fdroid/fdroidserver!1515
 2024-09-04 16:08:04 +00:00
linsui
9b633fb827 scanner: fix build_dir type 2024-09-04 23:58:09 +08:00
Hans-Christoph Steiner
745f01a96c Merge branch 'lock' into 'master' 
scanner: support workspace for lock files

See merge request fdroid/fdroidserver!1513
 2024-09-04 14:55:40 +00:00
linsui
3a4a4190aa scanner: add test files into MANIFEST.in 2024-09-04 16:44:48 +02:00
linsui
632959ae35 scanner: fix test 
The suss rule is updated
 2024-09-04 22:32:48 +08:00
linsui
4e829e2f19 scanner: fix npm lock file name 2024-09-04 22:32:48 +08:00
linsui
9482ddfbe3 scanner: support workspace for lock files 2024-09-04 22:32:48 +08:00
Hans-Christoph Steiner
f337ef95a9 Merge branch 'ci-safety-fix' into 'master' 
safety: update to 3.x and make two CVEs just a warning

See merge request fdroid/fdroidserver!1509
 2024-09-04 13:39:17 +00:00
Hans-Christoph Steiner
d9e9618c56 gitlab-ci: port to Safety 3.x and move to own job 
https://docs.safetycli.com/safety-docs/installation/gitlab
https://docs.safetycli.com/safety-docs/administration/safety-policy-files
 2024-09-04 13:38:44 +00:00
Hans-Christoph Steiner
b1084c0b8a WIP safety: make CVE-2024-6345 just a warning 2024-09-04 13:38:44 +00:00
Hans-Christoph Steiner
ef247bc97a safety: make CVE-2024-5569 just a warning 
We get these packages from Debian, zipp is not used in production, and its
only a DoS.
 2024-09-04 13:38:44 +00:00
Hans-Christoph Steiner
3a1bbb54aa Merge branch 'lock' into 'master' 
scanner: error on dependency files without lock file

Closes #1200

See merge request fdroid/fdroidserver!1504
 2024-08-31 13:13:02 +00:00
linsui
9ccb3b5f0d Remove comment of google mave repo to workground a bug of ruff 2024-08-31 02:45:14 +08:00
linsui
8884732114 scanner.py: skip format on hex literal 2024-08-31 01:47:26 +08:00
Hans-Christoph Steiner
65f768e1cf black: fdroidserver/scanner.py now complies 2024-08-30 13:47:20 +02:00
linsui
1d796b734f scanner: error on dependency files without lock file 2024-08-30 13:46:17 +02:00
linsui
c3644464ff scanner.py: format 2024-08-30 13:46:17 +02:00
linsui
3782eddc4d Add ruff rule 2024-08-30 13:46:17 +02:00
Hans-Christoph Steiner
9684eade0d Merge branch 'fix/duplicated-sign' into 'master' 
fix(nightly): workaround for broken os.walk and more logging

See merge request fdroid/fdroidserver!1512
 2024-08-30 10:22:55 +00:00
WrenIX
d1d1eb4c53
chore(nightly): improve log messages 2024-08-29 09:58:27 +02:00
WrenIX
d9aab228e2
fix(nightly): workaround for broken os.walk and more logging 2024-08-29 00:51:30 +02:00
Hans-Christoph Steiner
5276d9880f Merge branch 'gradle-release-checksums.py' into 'master' 
update to gradle v8.10

See merge request fdroid/fdroidserver!1508
 2024-08-17 19:12:48 +00:00
fdroid-bot
170b6d4648 gradle v8.10 2024-08-15 15:47:52 +00:00
Hans-Christoph Steiner
84150be5d0 Merge branch 'reset-server' into 'master' 
Drop --reset-server

See merge request fdroid/fdroidserver!1507
 2024-08-15 15:45:29 +00:00
g0t mi1k
19aef075b4 Drop --reset-server 2024-08-15 15:44:59 +00:00
Jochen Sprickerhof
1ebf32321f Merge branch 'checkupdates_ignore_appname' into 'master' 
Support UpdateCheckName in dirs_with_manifest

Closes #1155

See merge request fdroid/fdroidserver!1501
 2024-07-30 11:32:59 +00:00
Jochen Sprickerhof
0edc732705
Support UpdateCheckName in dirs_with_manifest 
Closes: #1155
 2024-07-25 10:45:27 +02:00
Jochen Sprickerhof
c4db47dc47 Merge branch 'scanner-uncrash' into 'master' 
🐜 scanner: fix ScannerTool init crash

Closes #1212

See merge request fdroid/fdroidserver!1485
 2024-07-25 07:04:23 +00:00
Michael Pöhn
8cf4503a00 🐜 scanner: fix ScannerTool init crash 
When scanner.py::ScannerTool is instatiated but the calling code was
started by a call to e.g. `build.py` ScannerTool will crash. This change
makes it so that ScannerTool will intializes with a default value
instead of crashing when triging to access a non existen cli argument.

also see https://gitlab.com/fdroid/fdroidserver/-/issues/1212
 2024-07-25 06:54:42 +00:00
Jochen Sprickerhof
7f7c93e801 Merge branch 'appdirs_platformdirs' into 'master' 
Replace unmaintained appdirs by platformdirs

See merge request fdroid/fdroidserver!1496
 2024-07-25 06:46:55 +00:00
Jochen Sprickerhof
e1aaa3ce93
Replace unmaintained appdirs by platformdirs 
8734277956
 2024-07-25 08:36:45 +02:00
Jochen Sprickerhof
956c4be7e5 Merge branch 'gradle' into 'master' 
Gradle 8.9

See merge request fdroid/fdroidserver!1498
 2024-07-18 11:33:56 +00:00
StellarSand
ecd980f366 gradle 8.9 2024-07-18 02:23:45 +00:00
Jochen Sprickerhof
59f353e119 Merge branch 'prune' into 'master' 
Prune origin before fetch

See merge request fdroid/fdroidserver!1494
 2024-07-10 08:09:24 +00:00
linsui
d1856bea26 Prune origin before fetch 2024-07-10 15:33:51 +08:00
Hans-Christoph Steiner
7a9945ce88 Merge branch 'index-only-follow-up' into 'master' 
always use GitLab Pages, not Artifacts, with index-only mode

See merge request fdroid/fdroidserver!1493
 2024-07-03 09:30:23 +00:00
Hans-Christoph Steiner
fbb6772e37 always use GitLab Pages, not Artifacts, with index-only mode 
If the repo is too large, then it'll hit the GitLab Pages limit.  That is
basically impossible in index-only mode, so it should always use Pages.
 2024-07-03 09:18:22 +00:00
Hans-Christoph Steiner
034e83bfca deploy: complete index-only support for awsbucket: 2024-07-03 09:18:22 +00:00
Hans-Christoph Steiner
4a362541bd Merge branch 'gh-releases' into 'master' 
🛰️  deploy: github releases

See merge request fdroid/fdroidserver!1471
 2024-06-28 13:21:55 +00:00
Michael Pöhn
0fa88c5c20
💇 implement review nits 
Implement review nits as requested bei @eighthave in
https://gitlab.com/fdroid/fdroidserver/-/merge_requests/1471
 2024-06-27 12:28:54 +02:00
Michael Pöhn
3cf3685280
🐐 appeace bandint security warnings 
In this particular case bandit was complaining about potential path
escape exploits on urlopen. However the urls are safe enough, because
all template parameters inserted into the url are from:

 * config.yml - malicious changes to config.yml are possible that's
   already a lot bigger issue than this than redirecting github api
   calls.
 * git tags witch are present in bot the local index-v2.json file (as
   versionName) and the remote github API. (git tags don't allow the
   string '..')
 2024-06-27 12:28:41 +02:00
Michael Pöhn
aca98c1355
🏏 incorporate review feedback 2024-06-27 12:28:29 +02:00
Michael Pöhn
a87284cf80
🚥 deploy: tests for github releases deploy functions 
Add test cases for github releases function in deploy.py
 2024-06-27 12:28:16 +02:00
Michael Pöhn
242490ddc3
🎯 deploy: no releaseChannels on github releases 
Don't deploy versions of to GitHub releases where a `releaseChannels`
value is set in index-v2.json. (This usually would mean it's a alpha or
beta version.)
 2024-06-27 12:28:04 +02:00