mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-11-18 05:00:29 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
8982 commits 1 branch 69 tags 38 MiB
Commit graph

3713 commits

Author SHA1 Message Date
Hans-Christoph Steiner
523b5f4777 server: smooth out btlog transfer for offline signing setups 
It turns out it is error prone to `git push` to a non-bare git repo. For
the offline signing machine, the git remote needs to be a regular git repo
in a directory on a thumbdrive so that once the thumbdrive is plugged into
an online machine, that git repo can be transferred to the online machine.
 2017-07-17 11:38:15 +02:00
Izzy
54a646bd93 have fallback for XML icons also consider res/mipmap* 
several apps (e.g.
[FastHub](http://apt.qumran.org/fdroid/index/apk/com.fastaccess.github)
and [Monety](http://apt.qumran.org/fdroid/index/apk/open.currency)) have
their ic_launcher.png files not in res/drawable*dpi/, but in
res/mipmap*/ -- so the regex has been adjusted by this patch.

Additionally: if the only icon for a given resolution was an XML without
existing fallback-PNG, it should be considered "non existent" (ie.
"empty_density").
 2017-07-17 00:54:33 +02:00
Hans-Christoph Steiner
830e788401 Merge branch 'metadata' into 'master' 
--create-metadata: use yaml.dump() and (if exists) template.yml

See merge request !305
 2017-07-10 09:08:45 +00:00
Izzy
dd69490821 --create-metadata: only set default empty values if not using template.py 2017-07-08 14:41:19 +02:00
Izzy
4d375a585d enable user to have presets for metadata by using a template.yml (see #345) 2017-07-08 14:21:49 +02:00
Izzy
732de91aa7 make --create-metadata use yaml.dump instead of ruamel (solves #345) 2017-07-08 14:07:11 +02:00
Hans-Christoph Steiner
25f96e1911 ensure that mirror URLs always include the repodir 
Since the mirror URLs are per repo section (repo/archive), the mirror URLs
must include the repodir at the end.  This was missing for servergitmirrors

found by @cde when working on fdroidclient#35
 2017-07-07 15:50:11 +02:00
mimi89999
a427bb7b56
Also search for apk in build/outputs/apk/release 2017-07-07 12:21:09 +02:00
Hans-Christoph Steiner
b0a8d4163d Merge branch 'metadata' into 'master' 
--create-metadata: make sure apk[name] is not empty

See merge request !302
 2017-07-06 22:49:26 +00:00
Izzy
8ea06ce83e --create-metadata: make sure apk[name] is not empty 2017-07-07 00:18:08 +02:00
Hans-Christoph Steiner
dfb07808d3 support configing buildserver VM per-build with sudo= 
This adds the 'sudo' build field, which is just a script that is run as
root.  For more info, see the issue that this closes:

refs #318
closes #317
 2017-07-06 17:29:23 +02:00
Hans-Christoph Steiner
abe422fd7a handle App instance with no Builds when writing YAML 2017-07-06 16:00:44 +02:00
Hans-Christoph Steiner
3e6b7062b6 update: remove ruamel requirement, and improve '--create-metadata' 
If ruamel.yaml is not available, this will fallback to using PyYAML. This
also adds some blank fields to the newly created template to make it easy
for human editors to fill in.

closes #343
 2017-07-06 13:31:42 +02:00
Hans-Christoph Steiner
4a15208b84 update: update openssl KnownVuln scan to handle all recent versions 
Thanks to @bubu for reporting!
 2017-07-06 13:31:42 +02:00
Hans-Christoph Steiner
10a607ede3 update: find PNG when recommended icon is an XML file 
APKs can now use XML files for vector graphics like the app icon. `aapt`
returns the XML file by default, and perhaps also androguard.  This
checks if the icon is an XML file, and if so, it tries to find a PNG in
the APK with the same name and density to use instead

closes #322

This should also ultimately make the XML file available as an icon source
as well fdroidclient#1091
 2017-07-06 12:25:48 +02:00
Hans-Christoph Steiner
c14cbeb0a5 update: normalize var name to apkzip 2017-07-06 12:25:48 +02:00
Hans-Christoph Steiner
df99c85ca6 support manually adding per-build antiFeatures in metadata 
For cases like the OpenVPN vuln that was recently announced, it is useful
for fdroiddata maintainers to be able to mark builds that have known
vulnerabilities.
 2017-07-06 12:25:48 +02:00
Michael Pöhn
20afa0e861 lint: check all build fields against accepted list 
This makes sure there are no typoed or wrong build fields in all metadata
files.
 2017-07-06 12:25:48 +02:00
Hans-Christoph Steiner
b34d5c83b9 Merge branch '343-ruamel-yaml-version-check' into 'master' 
check version of ruamel.yaml and raise according error message

See merge request !301
 2017-07-06 08:10:14 +00:00
Michael Pöhn
4ca57ebfbb check version of ruamel.yaml and raise according error message 2017-07-06 09:07:54 +02:00
Hans-Christoph Steiner
ebef1ae57d Merge branch 'antifeature' into 'master' 
added new AntiFeature: ApplicationDebuggable

See merge request !298
 2017-07-05 20:34:35 +00:00
Izzy
2c8bacde42 create_metadata: do not skip APK files having no name 2017-07-05 20:31:21 +00:00
Izzy
4d9c60d352 added new AntiFeature: ApplicationDebuggable 
Useful e.g. for "test repositories" to indicate an app was compiled with
"application-debuggable"
 2017-07-04 21:15:04 +02:00
Hans-Christoph Steiner
6d7fd5f07c Merge branch 'ndk' into 'master' 
NDK r14b and r15b

See merge request !293
 2017-07-04 14:34:42 +02:00
Michael Pöhn
1b362c2183 correct yaml-rewriting for buildozer flag 2017-07-04 13:27:45 +02:00
Michael Pöhn
0980fb4df8 import ruamel.ymal only when re-writing yaml metadata 2017-07-04 11:51:08 +02:00
Michael Pöhn
19d422da86 rewritemeta yaml: fixed boolen mapping for build flags 2017-07-04 11:51:08 +02:00
Michael Pöhn
cfd3e84250 use stored metadatapath instead of guessing it 2017-07-04 11:51:08 +02:00
Michael Pöhn
056a28f897 fix indentation 2017-07-04 11:51:08 +02:00
Hans-Christoph Steiner
3cb936ae92 fdroid update --create-metadata now outputs YAML format 
As part of the push towards using YAML as the main metadata format, this
makes the blank template be a .yml file.
 2017-07-04 11:51:08 +02:00
Michael Pöhn
75ebb6e8cc fix building with yml metadata 2017-07-04 11:51:08 +02:00
Michael Pöhn
7ab197be2e completed ordered yaml field list 2017-07-04 11:51:08 +02:00
Michael Pöhn
f1e0089931 prettify write_yaml metadata 2017-07-04 11:51:08 +02:00
Michael Pöhn
7aa92abebc yaml rewrite version code as int 2017-07-04 11:51:08 +02:00
Michael Pöhn
f9d4007ea6 rewrite metadata builds list to yaml 2017-07-04 11:51:08 +02:00
Michael Pöhn
fbd5e8772c yaml metadata rewrite: correct blank line 2017-07-04 11:51:08 +02:00
Michael Pöhn
735b7d0f33 fixed pyflakes/pep warings 2017-07-04 11:51:08 +02:00
Michael Pöhn
0f90ab9aac rewrite to yaml works for app data now (builds still missing) 2017-07-04 11:51:08 +02:00
relan
86b403b599 makebuildserver: add NDK r15b 2017-07-04 11:44:25 +03:00
relan
ecdb2c685a makebuildserver: fix NDK r14b provisioning 
Replace r14 with r14b after a57bff7.
 2017-07-04 10:46:52 +03:00
Torsten Grote
0bbe0c5db0
Break up the scan_apk() method and rename it to process_apk() 2017-07-03 18:37:01 -03:00
Hans-Christoph Steiner
56ee5de2bd update: invalidate cache if allow_disabled_algorithms changes 
Since the cache contains implicitly the result of the jarsigner verify,
if the allow_disabled_algorithms config changes, then the apkcache is
invalid.
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
e75cabfe77 update: write cache file if anything has changed it 
This fixes a bug introduced in 04db6870 where cachechanged for scan_apks()
was set only by the last call to scan_apk().
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
39fd664778 update: create 'archive/' if needed when moving APKs 
Normally, just 'repo/' is created by default, e.g. `fdroid init`. If APKs
are dumped into 'repo/', then have invalid signatures, then they'll be
automatically moved to 'archive/', which therefore needs to exist.
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
746d4bd4cf update: allow_disabled_algorithms option to keep MD5 sigs in repo 
The new policy is to move APKs with invalid signatures to the archive,
and only add those APKs to the archive's index if they have valid MD5
signatures.

closes #323
closes #292
 2017-07-03 10:02:51 +02:00
Hans-Christoph Steiner
b7260ea854 update: allow deprecated signatures only in the archive 
In April 2017, Oracle's jarsigner and Google's apksigner both switched to
considering any APK signature that uses MD5 as unsigned.  Any old build
is likely to have a MD5 signature.  This sets up the archive as the only
place where these "disabled algorithms" are allowed in the repo, and
marks any APK signed by a "disabled algorithm" as having a "known
vulnerability"

This also now automatically moves APKs with invalid signatures to the
archive section.

#323
 2017-06-28 23:53:42 +02:00
Hans-Christoph Steiner
0047f19d56 update: move duplicated code into move_apk_between_sections() 2017-06-28 23:53:42 +02:00
Hans-Christoph Steiner
e1492148fa fix "Archive Policy:" field, APKs can move in/out of archive 
The original logic was checking keepversions against the len() of ALL the
APKs in the repo/archive.  The correct thing is to check against the
number of APKs available for the given packageName/appid.

closes #166
 2017-06-28 23:53:42 +02:00
Hans-Christoph Steiner
7de6e4dfed init: update docs links for next steps 2017-06-28 23:14:57 +02:00
Hans-Christoph Steiner
214c9f7a2b lint: check file extension for metadata 
This helps keep fdroiddata clean, on @krt's request.

closes #222
 2017-06-28 23:14:57 +02:00