The new subcommands operate on a single APPID:VERSIONCODE pair, so this new
function fetches the metadata needed for that operation, and includes any
required checks.
The algorithm came from:
uniqx/fdroidserver@2b779e6599
This reworking of it includes:
* removed `check_disabled`, seems like the scheduler should handle that? If
it is required, it can be added later.
* standard variable names
* fixed spelling errors and hopefully improved docstrings
* black format
* added tests
* standardized the strings, made them localizable
Git will use the username/hostname to set the Author and Committer fields
if the config items user.name and user.email are not set. This might
inadvertently leak info about the machine that is hosting the deploy
process. So this changes it to be a hardcoded value, unless the repo
environment has explicitly set these values either in the Git config or in
environment variables.
This is included here and not there because it relies on lots of stuff that
was refactored. !1666 was broken out to get the fix out for fdroidclient
as soon as possible.
Oftentimes, the file that is copied is stripped, in which case, the file
size is different. Using a file size check here means it will rerun the
strip and copy every time `fdroid update` is run for any image that needs
to be stripped. If the source's ctime is newer than the destination, then
the process should run since it is a newly created file. Even more so with
mtime, since the destination's mtime is reset based on the source's.
Package repos come from untrusted sources, in terms of the buildserver. They
should be handled in VMs and containers as much as possible to avoid
vulnerabilities. As far as I could tell, `fdroid update` only has a single
place where it executes any VCS system: if there is .fdroid.yml present in
a package repo, then it will fetch the commit ID using git.
For better security properties, this implements a simple function to just
read the files to get that commit ID. The function that executes git to do
the same thing is relabeled "unsafe". That is used for status JSON
everywhere, but that runs on fdroiddata.git and fdroidserver.git, which are
trusted repos.
The unsafe version is also used in places where git.Repo() is needed for
other things.
!1627 missed this, so stages only get included in running.json. That means
the stages info is only visible while update is running, making it hard to
use.
