There is no longer any reason for these to be intertwined.
This deliberately avoids touching some files as much as possible because
they are super tangled and due to be replaced. Those files are:
* fdroidserver/build.py
* fdroidserver/update.py
# Conflicts:
# tests/testcommon.py
# Conflicts:
# fdroidserver/btlog.py
# fdroidserver/import_subcommand.py
androguard 4.1 uses a new lib called apkInspector instead of zipfile.ZipFile
so that it can handle usable but invalid ZIP files. It will also throw
ValueError on some things, for example:
Traceback (most recent call last):
File "/builds/eighthave/fdroidserver/fdroidserver-2.3a0/tests/update.TestCase", line 878, in test_scan_apk_bad_zip
fdroidserver.update.scan_apk(apkfile)
File "/builds/eighthave/fdroidserver/fdroidserver-2.3a0/fdroidserver/update.py", line 1586, in scan_apk
scan_apk_androguard(apk, apk_file)
File "/builds/eighthave/fdroidserver/fdroidserver-2.3a0/fdroidserver/update.py", line 1725, in scan_apk_androguard
apkobject = common.get_androguard_APK(apkfile)
File "/builds/eighthave/fdroidserver/fdroidserver-2.3a0/fdroidserver/common.py", line 2673, in get_androguard_APK
return APK(apkfile)
File "/usr/local/lib/python3.10/dist-packages/androguard/core/apk/__init__.py", line 273, in __init__
self.zip = ZipEntry.parse(filename, False)
File "/usr/local/lib/python3.10/dist-packages/apkInspector/headers.py", line 410, in parse
eocd = EndOfCentralDirectoryRecord.parse(apk_file)
File "/usr/local/lib/python3.10/dist-packages/apkInspector/headers.py", line 59, in parse
raise ValueError("End of central directory record (EOCD) signature not found")
ValueError: End of central directory record (EOCD) signature not found
/usr/lib/python3/dist-packages/androguard/core/bytecodes/apk.py:884: DeprecationWarning: This method is deprecated since 3.3.5.
It was added in 3.3.5. Debian/bullseye and Ubuntu/20.04/focal both include
new enough versions. Debian/buster's is too old (3.3.3).
This also makes androguard a hard requirement, which has been true for a
while anyway. So the code that handles androguard as an optional
requirement is removed. androguard from Debian/buster is new enough, so
this does not seem like it will cause any problems.
This adds a check for "testOnly" to the existing "debuggable" check, since
they are very similar. We should really be refactoring all the checks into
a more reasonable setup. Since "debuggable" and "testOnly" are both set in
the same place (`<application>` in _AndroidManifest.xml_) and are both set
by the same process (running debug builds), I thought it would be OK to
include both in the same place. Plus it was a one-line change.
Throughout the code, variables named "app" are instances of the App class.
In this case, this is related, but it is a dict not an App instance, since
it is being prepared for including in the index-v1.json.
make_v0() modified the apps data structure to copy an anti feature for a
specific version to all versions resulting in index-v1 and -v2 to
contain wrong anti feature annotations. This patch fixes this and adds a
test that the data structure is no longer modified.
The bug shadowed bugs in the AF implementation of -v1 and -v2 resulting
in not coping the version specific data. This is corrected as well.
This is also tested now.
For -v2 the AF dict is now sorted to make the result reproducible.
Finally The NoSourceSince AF was added as a per version and overall AF
in -v1 and is now only applied as an overall AF and the test is updated
accordingly.
