mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-09-14 06:52:39 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
9080 commits 1 branch 69 tags 35 MiB
Commit graph

17 commits

Author SHA1 Message Date
Hans-Christoph Steiner
4e7bda736c update: never execute VCS e.g. git 
Package repos come from untrusted sources, in terms of the buildserver. They
should be handled in VMs and containers as much as possible to avoid
vulnerabilities.  As far as I could tell, `fdroid update` only has a single
place where it executes any VCS system: if there is .fdroid.yml present in
a package repo, then it will fetch the commit ID using git.

For better security properties, this implements a simple function to just
read the files to get that commit ID.  The function that executes git to do
the same thing is relabeled "unsafe".  That is used for status JSON
everywhere, but that runs on fdroiddata.git and fdroidserver.git, which are
trusted repos.

The unsafe version is also used in places where git.Repo() is needed for
other things.
 2025-05-12 18:30:03 +02:00
linsui
8648954f19 import_subcommand.py: misc fixes and updates 2024-09-16 19:48:02 +08:00
linsui
faac9b38c8 import_subcommand.py: move functions from common.py 
These functions are only used in this file
 2024-09-12 22:14:28 +08:00
linsui
5da4e670dd import_subcommand.py: format 2024-09-12 22:12:06 +08:00
Hans-Christoph Steiner
18f3acc32e split out options from read_config() 
There is no longer any reason for these to be intertwined.

This deliberately avoids touching some files as much as possible because
they are super tangled and due to be replaced.  Those files are:

* fdroidserver/build.py
* fdroidserver/update.py

# Conflicts:
#	tests/testcommon.py

# Conflicts:
#	fdroidserver/btlog.py
#	fdroidserver/import_subcommand.py
 2024-05-08 16:26:46 +02:00
Gregor Düster
6c27fec94b [import] Add more docstrings 2024-05-08 15:31:29 +02:00
Licaon_Kter
a756ce0b1a Import - add more template content 2023-07-12 13:45:10 +00:00
Hans-Christoph Steiner
a8531a03a6 metadata: refactor into one function to do YAML post processing 
It used to be that there had to be separate post processing steps depending
on whether it was parsing .txt or .yml.  The .txt format is long gone!

!772
 2023-04-28 10:44:19 +02:00
Hans-Christoph Steiner
b92e280eab fix code format for new black rule 2023-03-20 14:47:48 +01:00
FestplattenSchnitzel
2dda9db1f1
Remove support for Buildozer 2023-03-09 12:03:57 +01:00
Simon Brand
4a581bdfb6 Remove path workarounds for old python versions 2023-02-15 19:25:48 +00:00
Hans-Christoph Steiner
b152916b49 fix pylint: C1803: 'local_metadata_files != []' can be simplified to 'local_metadata_files' as an empty list is falsey (use-implicit-booleaness-not-comparison) 2023-02-02 16:02:49 +01:00
linsui
5a28f20301 make versionCode/build.timeout an integer 
Co-authored-by: Jochen Sprickerhof <git@jochen.sprickerhof.de>
 2022-10-14 08:42:26 +00:00
FestplattenSchnitzel
df46eb86c3 Upgrade Buildserver VM 
Use Vagrant boxes built with cloud-team/debian-vagrant-images instead of fdroid/basebox,
Use Debian Bullseye (11) instead of Debian Stretch (9)
 2022-10-10 21:22:59 +02:00
Jochen Sprickerhof
cf0100cf11
Merge comparisons with 'in' 2022-09-05 17:14:51 +02:00
FestplattenSchnitzel
7c89e923f6 Move methods specific to import to it's module 2022-08-24 22:21:37 +02:00
FestplattenSchnitzel
7b7f863c65 [import] Rename to import_subcommand internally 
This enables normal import of the module without the need for
workarounds.
 2022-08-24 22:21:35 +02:00
Renamed from fdroidserver/import.py (Browse further)