Package repos come from untrusted sources, in terms of the buildserver. They
should be handled in VMs and containers as much as possible to avoid
vulnerabilities. As far as I could tell, `fdroid update` only has a single
place where it executes any VCS system: if there is .fdroid.yml present in
a package repo, then it will fetch the commit ID using git.
For better security properties, this implements a simple function to just
read the files to get that commit ID. The function that executes git to do
the same thing is relabeled "unsafe". That is used for status JSON
everywhere, but that runs on fdroiddata.git and fdroidserver.git, which are
trusted repos.
The unsafe version is also used in places where git.Repo() is needed for
other things.
`keypass: {env: keypass}` has been in use in production repos for
years. That is not anything new. It makes it possible to maintain
_config.yml_ publicly even when it needs secrets. This change makes
sure it is possible to use {env: foo} syntax anywhere where a string
value is valid. The "list of dicts" values can be str, list of str or
list of dicts with str.
Before the {env: keypass} syntax, the actual password was just inline
in the config file. Before this commit, it was only possible to use
{env: key} syntax in simple, string-only configs, e.g. from
examples/config.yml:
This outputs YAML in a string that is suitable for use in regexps
and string replacements, as well as complete files. It is therefore
explicitly set up to avoid writing out headers and footers.
This is a key piece of the ongoing `PUBLISH` _config.yml_ migration. There was uneven implementation of which YAML parser to use, and that could lead to bugs where one parser might read a value one way, and a different parser will read the value a different way. I wanted to be sure that YAML 1.2 would always work.
This makes all code that handles config files use the same `ruamel.yaml` parsers. This only touches other usages of YAML parsers when there is overlap. This does not port all of _fdroidserver_ to `ruamel.yaml` and YAML 1.2. The metadata files should already be YAML 1.2 anyway.
# Conflicts:
# fdroidserver/lint.py
This makes it easy to track all the places that use config.yml, and
hopefully makes things feel cleaner. This also standardizes all places
where config.yml is written out to use UTF-8 as the file encoding.
This also includes a lot of black code format fixes.
This name always confuses me, since there is also test_common.py. And this
module is not actually a test suite, even though it starts with "test".
This also makes for better tab completion, e.g.
python3 -m unittest tests/te[Tab] -> tests/test_
ZipFile.namelist() produces a string per file. The filename could contain
newline chars, including at the beginning and end. ^$ in regex matches
around newline chars. \A\Z matches the beginning/end of the full string.
This is exactly the same as obfusk's r'\AMETA-INF/(?s:.)*\.(DSA|EC|RSA)\Z'
but in a readable format that is also easily searchable, and standard for
this code base.
https://github.com/obfusk/fdroid-fakesigner-poc/blob/master/fdroidserver-regex.patch#1251
