summaryrefslogtreecommitdiff
path: root/doc
AgeCommit message (Collapse)Author
2016-07-07apt-key.8: Put (deprecated) into the term tagJulian Andres Klode
Now post-build script should no longer complain... Gbp-Dch: ignore
2016-07-02use +0000 instead of UTC by default as timezone in outputDavid Kalnischkies
All apt versions support numeric as well as 3-character timezones just fine and its actually hard to write code which doesn't "accidently" accepts it. So why change? Documenting the Date/Valid-Until fields in the Release file is easy to do in terms of referencing the datetime format used e.g. in the Debian changelogs (policy §4.4). This format specifies only the numeric timezones through, not the nowadays obsolete 3-character ones, so in the interest of least surprise we should use the same format even through it carries a small risk of regression in other clients (which encounter repositories created with apt-ftparchive). In case it is really regressing in practice, the hidden option -o APT::FTPArchive::Release::NumericTimezone=0 can be used to go back to good old UTC as timezone. The EDSP and EIPP protocols use this 'new' format, the text interface used to communicate with the acquire methods does not for compatibility reasons even if none of our methods would be effected and I doubt any other would (in these instances the timezone is 'GMT' as that is what HTTP/1.1 requires). Note that this is only true for apt talking to methods, (libapt-based) methods talking to apt will respond with the 'new' format. It is therefore strongly adviced to support both also in method input.
2016-07-02deprecate 'apt-key update' and no-op it in DebianDavid Kalnischkies
Debian isn't using 'update' anymore for years and the command is in direct conflict with our goal of not requiring gnupg anymore, so it is high time to officially declare this command as deprecated.
2016-07-01warn if apt-key is used in scripts/its output parsedDavid Kalnischkies
apt-key needs gnupg for most of its operations, but depending on it isn't very efficient as apt-key is hardly used by users – and scripts shouldn't use it to begin with as it is just a silly wrapper. To draw more attention on the fact that e.g. 'apt-key add' should not be used in favor of "just" dropping a keyring file into the trusted.gpg.d directory this commit implements the display of warnings.
2016-07-01alias apt-key list to fingerDavid Kalnischkies
There is no real point in having two commands which roughly do the same thing, especially if the difference is just in the display of the fingerprint and hence security sensitive information. Closes: 829232
2016-06-29eipp: let apt make a plan, not make stuff planeDavid Kalnischkies
Julian noticed on IRC that I fall victim to a lovely false friend by calling referring to a 'planer' all the time even through these are machines to e.g. remove splinters from woodwork ("make stuff plane"). The term I meant is written in german in this way (= with a single n) but in english there are two, aka: 'planner'. As that is unreleased code switching all instances without any transitional provisions. Also the reason why its skipped in changelog. Thanks: Julian Andres Klode Gbp-Dch: Ignore
2016-06-27eipp: rename stanza 'Install' to 'Unpack'David Kalnischkies
Freeing 'Install' for future use as an interface for "dpkg --install", which is currently not used by any existent planer, so the implementation of it itself will be delayed until then.
2016-06-27eipp: add Allow-Temporary-Remove-of-EssentialsDavid Kalnischkies
A rather special need option, but the internal planer supports this and we have a testcase for it & sometimes it is hit (as a bug through). The option itself mostly serves as a reminder for implementors that they should be careful with removes and especially temporary removes if they perform any.
2016-06-27eipp: implement Immediate-Configuration flagDavid Kalnischkies
APT has 3 modes: no immediate configuration, all packages are configured immediately and its default mode of configuring essentials and pseudo-essentials immediately only. While this seems like a job of different planers at first, it might be handy to have it as an option, too, in case a planer (like apts internal one) supports different modes where the introduction of individual planers would be counter intuitive.
2016-06-27eipp: implement version 0.1 of the protocolDavid Kalnischkies
The very first step in introducing the "external installation planer protocol" (short: EIPP) as part of my GSoC2016 project. The description reads: APT-based tools like apt-get, aptitude, synaptic, … work with the user to figure out how their system should look like after they are done installing/removing packages and their dependencies. The actual installation/removal of packages is done by dpkg with the constrain that dependencies must be fulfilled at any point in time (e.g. to run maintainer scripts). Historically APT has a super micro-management approach to this task which hasn't aged that well over the years mostly ignoring changes in dpkg and growing into an unmaintainable mess hardly anyone can debug and everyone fears to touch – especially as more and more requirements are tacked onto it like handling cycles and triggers, dealing with "important" packages first, package sources on removable media, touch minimal groups to be able to interrupt the process if needed (e.g. unattended-upgrades) which not only sky-rocket complexity but also can be mutually exclusive as you e.g. can't have minimal groups and minimal trigger executions at the same time.
2016-06-22Release 1.3~exp31.3_exp3Julian Andres Klode
Quite a huge churn of new strings.
2016-06-22add insecure (and weak) allow-options for sources.listDavid Kalnischkies
Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories.
2016-06-22forbid insecure repositories by default expect in apt-getDavid Kalnischkies
With this commit all APT-based clients default to refusing to work with unsigned or otherwise insufficently secured repositories. In terms of apt and apt-get this changes nothing, but it effects all tools using libapt like aptitude, synaptic or packagekit. The exception remains apt-get for stretch for now as this might break too many scripts/usecases too quickly. The documentation is updated and extended to reflect how to opt out or in on this behaviour change. Closes: 808367
2016-06-20implement and document DIRECT for auto-detect-proxyDavid Kalnischkies
There is a subtile difference between an empty setting and "DIRECT" in the configuration as the later overrides the generic settings while the earlier does not. Also, non-zero exitcodes should really be reported as an error rather than silently discarded.
2016-06-11Release 1.3~exp21.3_exp2Julian Andres Klode
2016-06-08edsp: drop privileges before executing solversDavid Kalnischkies
Most (if not all) solvers should be able to run perfectly fine without root privileges as they get the entire state they are supposed to work on via stdin and do not perform any action directly, but just pass suggestions on via stdout. The new default is to run them all as _apt hence, but each solver can configure another user if it chooses/must. The security benefits are minimal at best, but it helps preventing silly mistakes (see 35f3ed061f10a25a3fb28bc988fddbb976344c4d) and that is always good. Note that our 'apt' and 'dump' solver already dropped privileges if they had them.
2016-05-27fix and document on the fly compressor configDavid Kalnischkies
libapt allows to configure compressors to be used by its system via configuration implemented in 03bef78461c6f443187b60799402624326843396, but that was never really documented and also only partly working, which also explains why the tests weren't using it…
2016-05-24fix two typos in apt.conf & apt-cache manpageDavid Kalnischkies
Reported-By: lintian: spelling-error-in-manpage Git-Dch: Ignore
2016-05-20edsp: add Forbid-{New-Install,Remove} and Upgrade-AllDavid Kalnischkies
This allows to differentiate properly between 'apt-get upgrade', 'apt upgrade' and 'apt full-upgrade'.
2016-05-16document --no- as --show-upgraded is the defaultDavid Kalnischkies
--show-upgraded is the default since 906fbf8886926eeb302332d997c9bd861291e155 so documenting it as if it would be an option having an effect as is feels wrong and we do the same for other options like install-recomends, download, …, too. This commit also removes -u from the documentation, but still supports it in the commandline parsing. Eventually we should deprecate the short option, but for now lets just stop documenting it. Closes: 824456
2016-05-12edsp: warn if unexpected stanzas appear in the solutionDavid Kalnischkies
Unexpected are for examples removal requests for versions which aren't installed, installations of already installed versions & requests to install and remove a package at the same time.
2016-05-12edsp: document unique package identifiersJohannes 'josch' Schauer
Document that package identifiers must be unique (apt only uses the last action for a given identifier) and that install requests do also imply upgrades and downgrades (and thus removal of the old version). This is to prevent that solvers express an upgrade or downgrade instruction as two stanzas: a removal of the old version and an installation of the new version. Instead, a single install stanza is sufficient to express upgrade or downgrade requests.
2016-05-11Release 1.3~exp11.3_exp1Julian Andres Klode
2016-05-10edsp: support generic and solver-specific configsDavid Kalnischkies
The spec was slightly inconsistent if the preferences setting is available only as generic or specific setting & the code only supported the specific one, while for the strict-pinning was only generic… As the usual pattern for apt is to have both options we adapt the spec and code to support both as well. This also adds a purely informal "Solver" field so in case the request is saved in a file, we know to which solver the sent preferences apply. Closes: 823918
2016-05-08implement Identifier field for IndexTargetsDavid Kalnischkies
A frontend like apt-file is only interested in a specific set of files and selects those easily via "Created-By". If it supports two locations for those files through it would need to select both and a user would need to know that implementation detail for sources.list configuration. The "Identifier" field is hence introduced which by default has the same value as "Created-By", but can be freely configured – especially it can be used to give two indexes the same identifier.
2016-05-08implement Fallback-Of for IndexTargetsDavid Kalnischkies
Sometimes index files are in different locations in a repository as it is currently the case for Contents files which are per-component in Debian, but aren't in Ubuntu. This has historic reasons and is perhaps changed soon, but such cases of transitions can always happen in the future again, so we should prepare: Introduced is a new field declaring that the current item should only be downloaded if the mentioned item wasn't allowing for transitions without a flagday in clients and archives. This isn't implemented 'simpler' with multiple MetaKeys as items (could) change their descriptions and perhaps also other configuration bits with their location.
2016-05-01support Signed-By in Release files as a sort of HPKPDavid Kalnischkies
Users have the option since apt >= 1.1 to enforce that a Release file is signed with specific key(s) either via keyring filename or fingerprints. This commit adds an entry with the same name and value (except that it doesn't accept filenames for obvious reasons) to the Release file so that the repository owner can set a default value for this setting effecting the *next* Release file, not the current one, which provides a functionality similar "HTTP Public Key Pinning". The pinning is in effect as long as the (then old) Release file is considered valid, but it is also ignored if the Release file has no Valid-Until at all.
2016-05-01support multiple fingerprints in signed-byDavid Kalnischkies
A keyring file can include multiple keys, so its only fair for transitions and such to support multiple fingerprints as well.
2016-04-25Release 1.2.111.2.11Julian Andres Klode
2016-04-05releasing package apt version 1.2.101.2.10Michael Vogt
2016-03-27Release 1.2.91.2.9Julian Andres Klode
2016-03-24Release 1.2.81.2.8Julian Andres Klode
2016-03-24Japanese manpage translation updateTakuma Yamada
Closes: 818950
2016-03-15Release 1.2.71.2.7Julian Andres Klode
2016-03-08Dutch manpages translation updateFrans Spiesschaert
Closes: 817062
2016-03-07Release 1.2.61.2.6Julian Andres Klode
2016-03-07Fix several typosVeres Lajos
This effectively merges branch 'typofixes-vlajos-20150807' of github.com:vlajos/apt with the following commit: commit 13cacb3e2e2352ba701e769fc889e3344fabbf7e Author: Veres Lajos <vlajos@gmail.com> Date: Sun Aug 9 00:12:53 2015 +0100 typofix - https://github.com/vlajos/misspell_fixer It has been rebased for a better commit message.
2016-03-06Release 1.2.51.2.5Julian Andres Klode
2016-02-27Release 1.2.41.2.4Julian Andres Klode
2016-02-10Release 1.2.31.2.3Julian Andres Klode
Build system messed up the 1.2.2 commit by not updating the .po files properly, so they are now.
2016-02-04Release 1.2.21.2.2Julian Andres Klode
2016-01-25Release 1.2.11.2.1Julian Andres Klode
2016-01-15Release 1.21.2Julian Andres Klode
2016-01-14change debian related entities to a more explicit nameDavid Kalnischkies
Git-Dch: Ignore
2016-01-08Release 1.2~exp11.2_exp1Julian Andres Klode
2016-01-08keep compressed indexes in a low-cost formatDavid Kalnischkies
Downloading and storing are two different operations were different compression types can be preferred. For downloading we provide the choice via Acquire::CompressionTypes::Order as there is a choice to be made between download size and speed – and limited by whats available in the repository. Storage on the other hand has all compressions currently supported by apt available and to reduce runtime of tools accessing these files the compression type should be a low-cost format in terms of decompression. apt traditionally stores its indexes uncompressed on disk, but has options to keep them compressed. Now that apt downloads additional files we also deal with files which simply can't be stored uncompressed as they are just too big (like Contents for apt-file). Traditionally they are downloaded in a low-cost format (gz) as repositories do not provide other formats, but there might be even lower-cost formats and for download we could introduce higher-cost in the repositories. Downloading an entire index potentially requires recompression to another format, so an update takes potentially longer – but big files are usually updated via pdiffs which has to de- and re-compress anyhow and does it on the fly anyhow, so there is no extra time needed and in general it seems to be benefitial to invest the time in update to save time later on file access.
2016-01-02Italian manpages translation updateBeatrice Torracca
Closes: 809522
2015-12-30Release 1.1.101.1.10Julian Andres Klode
2015-12-27fix 3 typos/omissions in apt.conf(5)Beatrice Torracca
Closes: 809160
2015-12-27Release 1.1.91.1.9Julian Andres Klode