summaryrefslogtreecommitdiff
path: root/doc
AgeCommit message (Collapse)Author
2017-11-05Release 1.6~alpha4Julian Andres Klode
2017-10-28Release 1.6~alpha31.6_alpha3Julian Andres Klode
2017-10-26Release 1.6~alpha21.6_alpha2Julian Andres Klode
2017-10-26Print syscall number and arch to stderr when trapped by seccompJulian Andres Klode
This should help debugging crashes. The signal handler is a C++11 lambda, yay! Special care has been taken to only use signal handler -safe functions inside there.
2017-10-23Release 1.6~alpha11.6_alpha1Julian Andres Klode
2017-10-22Sandbox methods with seccomp-BPF; except cdrom, gpgv, rshJulian Andres Klode
This reduces the number of syscalls to about 140 from about 350 or so, significantly reducing security risks. Also change prepare-release to ignore the architecture lists in the build dependencies when generating the build-depends package for travis. We might want to clean up things a bit more and/or move it somewhere else.
2017-09-24Release 1.51.5Julian Andres Klode
2017-09-13Release 1.5~rc41.5_rc4Julian Andres Klode
2017-09-10Release 1.5~rc31.5_rc3Julian Andres Klode
2017-09-09Release 1.5~rc21.5_rc2Julian Andres Klode
2017-09-04Dutch manpage translation updateFrans Spiesschaert
Closes: #874293
2017-09-01doc: correct '--allow-releaseinfo-change-*' typosChristos Trochalakis
Closes: #873914
2017-08-24Release 1.5~rc11.5_rc1Julian Andres Klode
2017-08-17Release 1.5~beta21.5_beta2Julian Andres Klode
2017-08-17doc: Fix validity error in apt_auth.conf.5.xmlJulian Andres Klode
It contained raw text inside a refsect1 Gbp-Dch: ignore
2017-07-27doc: Add '--allow-unauthenticated' to '--force-yes'Dominik
2017-07-26show a warning for Debian shutting down FTP servicesDavid Kalnischkies
We detect the effected sources by matching Release info – that has potential by-catch of repositories which have incorrect field values, but those are better fixed now anyhow. The bigger incorrectness is that this message will not only be printed for the Debian services itself but also for all mirrors not under Debian control but serving Debian like more local/private mirrors which will not (directly) shutdown. It is likely through that many of them will follow suite with less visible announcements or break downright if their upstream source disappears, so having false-positives here seems benefitial for the user in the end.
2017-07-26update URI scheme descriptions in sources.list(5)David Kalnischkies
2017-07-26reimplement and document auth.confDavid Kalnischkies
We have support for an netrc-like auth.conf file since 0.7.25 (closing 518473), but it was never documented in apt that it even exists and netrc seems to have fallen out of usage as a manpage for it no longer exists making the feature even more arcane. On top of that the code was a bit of a mess (as it is written in c-style) and as a result the matching of machine tokens to URIs also a bit strange by checking for less specific matches (= without path) first. We now do a single pass over the stanzas. In practice early adopters of the undocumented implementation will not really notice the differences and the 'new' behaviour is simpler to document and more usual for an apt user. Closes: #811181
2017-07-12Switch from /org to /srv in example apt-ftparchive configurationPaul Wise
/org has been obsoleted by /srv for many years on debian.org hosts.
2017-07-08fix various typos reported by codespell & spellintianDavid Kalnischkies
Reported-By: codespell & spellintian Gbp-Dch: Ignore
2017-07-08Italian manpage translation updateBeatrice Torracca
Closes: 858877
2017-07-03Release 1.5~beta11.5_beta1Julian Andres Klode
2017-06-30Upload 1.5~alpha4 to experimental1.5_alpha4Julian Andres Klode
2017-06-30Upload 1.5~alpha3 to experimental1.5_alpha3Julian Andres Klode
2017-06-29Upload 1.5~alpha2 to experimental1.5_alpha2Julian Andres Klode
2017-06-28Upload 1.5~alpha1 to experimental1.5_alpha1Julian Andres Klode
2017-06-28ask for releaseinfo change interactively in aptDavid Kalnischkies
If we have a user sitting around we can let 'apt' ask the user for a confirmation rather than print errors at the end and require the user to figure out which commandline flags are needed to confirm the changes non-interactively.
2017-06-28error in update on Release information changesDavid Kalnischkies
The value of Origin, Label, Codename and co can be used in user configuration from apts own pinning to unattended upgrades. A repository changing this values can therefore have serious effects on the behaviour of apt and other tools using these values. In a first step we will generate error messages for these changes now explaining the need for explicit confirmation and provide config options and commandline flags to accept them.
2017-06-28fail instead of warn on insecure repositories in apt-getDavid Kalnischkies
The exception was made to give (script) users a one-release grace period to adapt their setup to deal with apt enforcing signing of repositories. As we are now at the start of a new release cycle its as good a time as any to lift it now. Removes-Exception: 952ee63b0af14a534c0aca00c11d1a99be6b22b2
2017-06-28Introduce Acquire::AllowTLS to turn off TLS supportJulian Andres Klode
As requested by Henrique de Moraes Holschuh, here comes an option to disable TLS support. If the option is set to false, the internal TLS layer is disabled.
2017-06-26avoid explicit types for pkg counts by autoDavid Kalnischkies
Changes nothing on the program front and as the datatypes are sufficently comparable fixes no bug either, but problems later on if we ever change the types of those and prevent us using types which are too large for the values we want to store waste (a tiny bit of) resources. Gbp-Dch: Ignore
2017-06-01Release 1.4.61.4.6Julian Andres Klode
2017-05-31Release 1.4.51.4.5Julian Andres Klode
2017-05-16Release 1.4.41.4.4Julian Andres Klode
2017-05-11Release 1.4.31.4.3Julian Andres Klode
2017-05-04Release 1.4.21.4.2Julian Andres Klode
2017-04-24Release 1.4.11.4.1Julian Andres Klode
2017-04-01Release the April Fools' release1.4Julian Andres Klode
2017-02-22Release 1.4~rc21.4_rc2Julian Andres Klode
2017-02-06Release 1.4~rc11.4_rc1Julian Andres Klode
2017-02-06Dutch manpage translation updateFrans Spiesschaert
Closes: #853762
2017-01-27Japanese manpages & program translation updatevictory
Committer-Notes: Complete files pulled from website as patches tend to be hard to work with in this context. Last-Translator not updated as wished. po-files refreshed. Mailingslist-Thread: <20170106014830.f843cd8b89243a8e57c4062c@gmail.com>
2017-01-27French manpages translation updateJean-Pierre Giraud
Committer notes: po file from #852485, patch applied from msg #2, further adapted as the patch the --fix-broken string is referring to apt instead of apt-get. Also changing the dot in "&apt-cache. &apt;" to a semicolon to fix the syntax error and refreshed to drop the outdated fuzzy comments. Closes: 852460
2017-01-19fix various typos reported by spellintianDavid Kalnischkies
Most of them in (old) code comments. The two instances of user visible string changes the po files of the manpages are fixed up as well. Gbp-Dch: Ignore Reported-By: spellintian
2017-01-19update release mappings in documentationDavid Kalnischkies
While unlikely, it would be embarrising if we would need a freeze exception for such a change, so lets do the flip now.
2017-01-17Release 1.4~beta41.4_beta4Julian Andres Klode
We are basically frozen now, but (a) this wildcard thing is a bit "explosive" to call this RC and (b) you never know if you might need to add a new tiny feature and freeze can be long...
2017-01-17Read dpkg tables to handle architecture wildcardsJulian Andres Klode
Our implementation of wildcards was rudimentary. It worked for some common ones, but it was also broken: For example, armel matched any-armel, but should match any-arm. With this commit, we load the correct tables from dpkg. Supported are both triplets and quadruplet tables (the latter introduced in dpkg 1.18.11). There are some odd things we have to deal with in the cache filter for historical and API reasons: * The character "*" must be accepted as an alternative to any - in fact it may appear anywhere in the wildcard as we also allow fnmatch() style wildcard matching on the commandline. * The code might get passed an arch with a minus at the end, for example the cmdline "install apt:any-arm-" will first try to check if any-arm- is a valid architecture. We deal with this by rejecting any wildcard ending in a minus. * Triplets are actually implemented by extending them to faux quadruplets - by prepending a "base" component for the architecture tuple, and "any" if there is a wildcard component. Once we have constructed a wildcard, it is transformed into an fnmatch() expression for historical reasons. In the future, we should really get a tuple class and implement matching in a better, more explicit way. This does for now though - it passes all the test cases and accepts all things it should accept. Closes: #748936 Thanks: James Clarke <jrtc27@jrtc27.com> for the initial patch
2017-01-05Release 1.4~beta31.4_beta3Julian Andres Klode
2016-12-31allow warning generation for non-whitelisted optionsDavid Kalnischkies
The idea is simple: Each¹ Find*( call starts with a call check if the given option (with the requested type) exists in the whitelist. The whitelist is specified via our configure-index file so that we have a better chance at keeping it current. the whitelist is loaded via a special (undocumented for now) configuration stanza and if none is loaded the empty whitelist will make it so that no warnings are shown. Much needs to be done still, but that is as good a time as any to take a snapshot of the current state and release it into the wild given that it found some bugs already and has no practical effect on users. ¹ not all in this iteration, but many