One key security property of the F-Droid ecosystem is that the sensitive
code is all stored forever in git repos and source tarballs. That means
we can easily go back and see if there where exploits and where they came
from. Therefore, checkupdates should require everything in fdroiddata be
committed to git before running.
This provides --allow-dirty to override that behavior.
Later revisions might have removed the submodules so we want to keep
going when there are no submodules present.
We still abort when there is an error initializing submodules.
Fixesfdroid/fdroidserver#231
This allows all the text to be localized via Weblate. This is a quick
overview of all the strings, but there are certainly some that were left
out.
closes#342
There were multiple conventions used in the code, but mostly it was already
using the convention from the docs, so this converts things to using that
convention:
https://docs.python.org/3/library/os.html#os.walk
Reproducible via `fdroid checkupdates --auto subreddit.android.appstore`
at fdroiddata HEAD (e76449ab).
WARNING: ...subreddit.android.appstore : Couldn't find package ID
CRITICAL: Unknown exception found!
Traceback (most recent call last):
File "/home/mvdan/.bin/fdroid", line 147, in <module>
main()
File "/home/mvdan/.bin/fdroid", line 124, in main
mod.main()
File "/home/mvdan/git/fsr/fdroidserver/checkupdates.py", line 571, in main
checkupdates_app(app)
File "/home/mvdan/git/fsr/fdroidserver/checkupdates.py", line 469, in checkupdates_app
if int(build.vercode) >= int(app.CurrentVersionCode):
TypeError: int() argument must be a string, a bytes-like object or a number, not 'NoneType'
In many cases, there are times where metadata errors need to be ignored, or
at least not stop the command from running. For example, there will
inevitably be new metadata fields added, in which case a packaged version
of fdroidserver will throw errors on each one. This adds a standard -W
flag to customize the response: ignore, default, or error.
* by default, the errors are still errors
* `fdroid readmeta -W` will just print errors
* `fdroid readmeta -Wignore` will not even print errors
https://gitlab.com/fdroid/fdroidserver/issues/150
This changes the function name to include the format of the metadata file,
and also changes the order of the args to match the parse_*_metadata()
functions.
Python 3
I tried to keep commits separate, so if anything causes trouble, it can be reverted or changed easily.
* pre-commit hooks pass
* all tests pass
* My use of `build`, `checkupdates`, `lint`, `import`, `publish` and `update` work as usual
* 2to3 does not report anything useful anymore (only useless parentheses and list() encapsulation of iterators)
* rewritemeta works exactly as usual
CC @eighthave
See merge request !88
This greatly speeds up checkupdates when UCM:Tags is used on git
repositories, especially on ones with lots of tags. The old method ran a
command per tag. The new method runs a single command and doesn't
require any sorting.
Test runs show that `fdroid checkupdates org.adaway` is down from ~13s
to ~10s on my laptop.
If we don't find the version name neither in the AndroidManifest.xml nor
in the build.grade file, we fallback to the tag the user specified to
search for.
That way we have a better version name than 'Unknown'.
This simplifies usage, goes from
build['flag']
to
build.flag
Also makes static analyzers able to detect invalid attributes as the set
is now limited in the class definition.
As a bonus, setting of the default field values is now done in the
constructor, not separately and manually.
While at it, unify "build", "thisbuild", "info", "thisinfo", etc into
just "build".
This simplifies usage, goes from
app['Foo']
to
app.Foo
Also makes static analyzers able to detect invalid attributes as the set
is now limited in the class definition.
As a bonus, setting of the default field values is now done in the
constructor, not separately and manually.
If there are multiple package ids in a build.gradle file and the first
one we don't want, checkupdates would get stuck. Make it ignore any
package id that we don't want so that it can get past that.
