Age | Commit message (Collapse) | Author |
|
|
|
|
|
Reviewed-By: Helge Kreutzmann <debian@helgefjell.de>
|
|
Closes: #912022
|
|
Support subkeys and multiple keyrings in Signed-By options
See merge request apt-team/apt!27
|
|
apt-get.8: mention --only-source in 'source' and 'build-dep' description
See merge request apt-team/apt!24
|
|
Closes: #910941
|
|
|
|
Including a block-element like informalexample in a para is legal, but
the documentation of the para tag hints that some processing systems may
have difficulties handling this – so lets just move it out of the block
and be happy as it is (again?) displayed.
Closes: #909712
|
|
|
|
|
|
do not suggest that 'source' and 'build-dep' arguments are binary
package names only
|
|
A user can specify multiple fingerprints for a while now, so its seems
counter-intuitive to support only one keyring, especially if this isn't
really checked or enforced and while unlikely mixtures of both should
work properly, too, instead of a kinda random behaviour.
|
|
|
|
|
|
|
|
|
|
Closes: #900602
|
|
120s is an insanely high default time out, lower it to 30s
to make things a bit nicer.
|
|
This shouldn't make a practical difference for most people, but for edge
cases it avoids DNS lookups and additionally prevents us from perfoming
unneeded SRV requests, too.
|
|
The boilerplate stems from automatic processing of these files as
most (with the exception of po/nl.po) are one-off (partial)
translations from years past.
Gbp-Dch: Ignore
|
|
Prompted-by: Jakub Wilk <jwilk@debian.org>
|
|
The formatting is very basic and more should probably be done, but we at
least get the files out of the root directory which in case of the
various READMEs was confusing salsa which one display as (central) README.
|
|
Reported-By: codespell & spellintian
Gbp-Dch: Ignore
|
|
|
|
Closes: 679580
|
|
|
|
[jak: Fix invalid empty line]
Closes: #895117
|
|
This reverts commit 57a00c50b14a49ed91816e3f4467e0f2e57ee772.
|
|
pu/zstd
See merge request apt-team/apt!8
|
|
Reported-By: Mattia Rizzolo on IRC
|
|
Closes: 679580
|
|
Reported-By: lintian spelling-error-in-manpage
|
|
We just enabled https on changelogs.ubuntu.com, let's use it.
|
|
zstd is a compression algorithm developed by facebook. At level 19,
it is about 6% worse in size than xz -6, but decompression is multiple
times faster, saving about 40% install time, especially with eatmydata
on cloud instances.
|
|
|
|
Check that Date of Release file is not in the future
See merge request apt-team/apt!3
|
|
By restricting the Date field to be in the past, an attacker cannot
just create a repository from the future that would be accepted as
a valid update for a repository.
This check can be disabled by Acquire::Check-Date set to false. This
will also disable Check-Valid-Until and any future date related checking,
if any - the option means: "my computers date cannot be trusted."
Modify the tests to allow repositories to be up to 10 hours in the
future, so we can keep using hours there to simulate time changes.
|
|
|
|
The interesting takeaway here is perhaps that 'chmod +w' is effected by
the umask – obvious in hindsight of course. The usual setup helps with
hiding that applying that recursively on all directories (and files)
isn't correct. Ensuring files will not be stored with the wrong
permissions even if in strange umask contexts is trivial in comparison.
Fixing the test also highlighted that it wasn't bulletproof as apt will
automatically fix the permissions of the directories it works with, so
for this test we actually need to introduce a shortcut in the code.
Reported-By: Ubuntu autopkgtest CI
|
|
|
|
|
|
References: https://lists.debian.org/debian-l10n-english/2018/01/msg00002.html
|
|
Allow specifying an alternative path to the InRelease file, so
you can have multiple versions of a repository, for example.
Enabling this option disables fallback to Release and Release.gpg,
so setting it to InRelease can be used to ensure that only that
will be tried.
We add two test cases: One for checking that it works, and another
for checking that the fallback does not happen.
Closes: #886745
|
|
The appended "partial" should not be translated, but some translations
got this wrong and now that there is also "auxfiles" we can just fix
that problem by hiding these untranslatables from the translators.
Gbp-Dch: Ignore
|
|
|
|
The mirror method is undocumented since 0.7.24, now with the
reimplementation it is high time to get something written about it.
|
|
If a method needs a file to operate like e.g. mirror needs to get a list
of mirrors before it can redirect the the actual requests to them. That
could easily be solved by moving the logic into libapt directly, but by
allowing a method to request other methods to do something we can keep
this logic contained in the method and allow e.g. also methods which
perform binary patching or similar things.
Previously they would need to implement their own acquire system inside
the existing one which in all likelyhood will not support the same
features and methods nor operate with similar security compared to what
we have already running 'above' the requesting method. That said, to
avoid methods producing conflicts with "proper" files we are downloading
a new directory is introduced to keep the auxiliary files in.
[The message magic number 351 is a tribute to the german Grundgesetz
article 35 paragraph 1 which defines that all authorities of the
state(s) help each other on request.]
|
|
Same reasoning as with the previous commit for http with the added
benefit of moving the hard to discover and untranslated example config
into a manpage which could be translated.
|
|
We had documentation for the http transport in our "catch-all" apt.conf
manpage, but it seems benefitial to document transports in their own
manpage instead of pushing them all into one.
|