summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2020-01-26add apk-world(8)Drew DeVault2-1/+64
2020-01-26Initial riggings for man pages, add apk(8)Drew DeVault4-3/+179
This commit sets up the build system to compile man pages with scdoc, and adds the first man page: apk(8).
2020-01-26.gitignore: add compiled man pagesDrew DeVault1-0/+2
2020-01-25don't use hardcoded checksum buffer sizesReid Rankin2-5/+8
2020-01-25document mysterious SHA-1 blob in database.cReid Rankin1-0/+2
2020-01-25don't ignore md parameter to apk_fileinfo_hash_xattr_array()Reid Rankin1-1/+1
2020-01-24db: additional clean up and hardening for apk extractionTimo Teräs1-15/+16
This enforces all scripts to be in the control block, and all data files to be in data block. Ignoring of dot files in root is added back: packages without any real files will ship one ".dummy" item in the data block to trigger processing and validation to work.
2020-01-24Harden signature verification processReid Rankin2-29/+32
This mostly boils down to making sure control_started and data_started are consistently used to gate actions, instead of relying whether on file names start with a '.'. None of the weaknesses this fixes are exploitable, but they might have become so after changes to seemingly-unrelated code, so it's good to clean them up.
2020-01-24Improve documentation of signature verification processReid Rankin1-7/+19
2020-01-24manifest: fix package file processingReid Rankin1-4/+7
This change ensures that apk_sign_ctx_process_file() and apk_sign_ctx_parse_pkginfo_line() are called during archive processing, allowing discovery of signatures and the data section checksum. Fixes a bug uncovered by commit f123d77e.
2020-01-11io: use min() instead of MIN()Timo Teräs1-5/+4
2020-01-11archive: make apk_tar_parse check and close input streamTimo Teräs5-54/+26
simplifies other code quite a bit
2020-01-11io: convert bstream mmap to istream, remove the now obsolete bstream machineryTimo Teräs2-244/+65
2020-01-11convert remaining locations to use istream instead of bstreamTimo Teräs8-156/+161
2020-01-11istream, archive, db: convert db and tar function to use istreamTimo Teräs8-156/+224
2020-01-11istream: add buffering capabilityTimo Teräs5-103/+109
Convert all implementations to do buffering. This is in preparation to remove bstream interface as redundant. istream_read() will return full reads unless end-of-file. The backends can return short reads to optimize buffering or due to other reasons like boundary change for gz.
2020-01-11archive: remove support for old packages without xattr checksumsTimo Teräs6-52/+14
2020-01-10remove obsolete md5.hTimo Teräs1-60/+0
2020-01-09database.c: drop GNU extension for fnmatchDrew DeVault1-1/+1
The non-wildcard version of the function is case-sensitive anyway.
2020-01-06io: remove the now unused pid association with istreamTimo Teräs2-32/+8
2020-01-06io: remove unused size parameter from bstream closeTimo Teräs5-44/+34
2020-01-05info: Remove short options for --install-if, --rinstall-ifMatthew McGill1-4/+4
The "apk info" option --install-if, which had the short option -i, was being shadowed by the apk global option --interactive, which has the same short option. To fix this issue the short option for --install-if was removed, as has been done in other cases where an applet short option would be shadowed by a global short option. The short option for --rinstall-if was also removed for consistency, since it is the complement of --install-if.
2020-01-05commit: make use of the apk_get_human_unit functionSören Tempel1-11/+8
2020-01-05Humanize size output of `apk info`Sören Tempel3-4/+27
This commits adds a function for receiving the closet byte unit and the size in that unit for a given size_t. The function doesn't return a string since dynamic memory allocation (or a static buffer) would be required to implement this properly. Discussion: It might be useful to add a command line flag for disabling this behaviour in order to retain compatibility with the previous apk info output format.
2019-12-30lua: fix build and update to lua5.3Timo Teräs4-19/+24
Fixes #8360
2019-12-29del: report non-matching names and install-if rule non-deletionTimo Teräs3-30/+39
2019-12-27Revert "search: remove from APK_COMMAND_GROUP_QUERY"Timo Teräs1-0/+1
This reverts commit d379edd5bf960de8089b9f2083fc6f14b79e7bba. Requested multiple times. Let's enable this for now. For v3.0, we reconsider which applets to keep and remove the ones not needed.
2019-12-27db: parse tabulator as repository separator charTimo Teräs1-0/+1
Fixes #10662
2019-12-18io: use proper base struct types for method implementationsTimo Teräs5-86/+68
2019-12-12upgrade: implement --ignore to exclude some packages from upgradenrybowski5-4/+29
2019-11-22Don't unpack files to system rootFredrik Gustafsson1-1/+5
When unpacking a file that is in root, it got a temporary file name /.apk... however if the --root option was used it should have the name root/.apk... otherwise unpacking will fail if the user does not have write access to /. Signed-off-by: Fredrik Gustafsson <fredrigu@axis.com>
2019-11-21Add debian to CI buildsFredrik Gustafsson1-3/+15
Replace dash (default sh) with bash to make tests work.
2019-11-20Add CI testing, run compile and test on pushFredrik Gustafsson1-0/+13
2019-11-18add: always use UTC for virtual package versionsMax Rees2-2/+1
2019-11-18Make tests pass and introduce a memory leakFredrik Gustafsson1-1/+1
Since 37fbafcd928c466c82c892a7868d686d710e5d07 the tests hasn't worked since a string on the stack was added as version for a virtual package. Instead create the version string on the heap and then simply leak it. A short running program as apk shouldn't need to worry about memory leaks.
2019-11-13travis: fix dependencies to match v3.10 instead of edgeJakub Jirutka1-1/+1
2019-11-13travis: update dependenciesJakub Jirutka1-2/+2
2019-11-13travis: update alpine-chroot-install to 0.11.0Jakub Jirutka1-2/+2
2019-11-13travis: change dist to bionicJakub Jirutka1-1/+1
2019-07-02add: fix virtual package id generationTimo Teräs1-16/+35
Fixes 37fbafcd by adding more input to the hash than just second grained time stamp - collisions would happen when running apk scripted. For virtual package the hash works only as unique identifier, so try to add elements that should make it unique in most cases. Fixes #10648
2019-06-05apk-tools-2.10.4v2.10.4Timo Teräs1-1/+1
2019-06-05reset TZ when running solver tests as some output has local timeTimo Teräs3-2/+3
Fixes commits 37fbafcd and 1c47f374.
2019-06-05print usage and exit with error on invalid argumentsTimo Teräs2-6/+29
Add also some testing to make sure help, long help and handling of invalid arguments works as expected. Based on pull request #19 originally by Laurent Arnoud (@spk).
2019-06-05fix all applets to return -ENOTSUP if it's unrecognizedTimo Teräs5-5/+5
The return -1 seems to have been left over from earlier code, and could have been treated as -EPERM. This helps to fix the other command line handling that potentially require changing.
2019-06-05solver: fix common dependency merging to inherit pinning and flagsTimo Teräs1-3/+7
Notably this fixes occasional issues when doing upgrade with multiple versions of same packages. Without this the upgrade flag is not always propagated properly down the dependency chain.
2019-06-03use fixed system time in test mode to have fixed test outputTimo Teräs7-6/+18
fixes test suite regression from previous commit
2019-06-03add: make virtual packages upgradeable (ref #9957)Timo Teräs1-3/+12
Originally the virtual packages could have dependencies added to it. However, commit b06e3b99 broke this behaviour to fix error reporting. The root cause however was that the virtual depedency package was not properly versioned. This fixes to use current date/time as the package version, and constructs the "faked" package hash from it. This effectively makes "add -t virtpkg deps.." replace the dependencies which should be the desired behaviour for "abuild deps". 'world' dependency to the generated virtual package is also now versioned to make sure it get's upgraded.
2019-05-28Fix compile with glibcIan Douglas Scott1-1/+1
2019-05-01list: Detect orphaned packages correctlyA. Wilcox1-2/+2
BIT(1) corresponds with decimal 2, which is the first available repository. Before this fix, `apk list -O` would list every package installed from the first available repository, which is the 'system' repository on most Adélie Linux computers. After this fix, `apk list -O` correctly lists only the packages which are no longer available.
2019-02-13fix strncpy bounds errorsTimo Teräs5-6/+26
error: 'strncpy' specified bound 4096 equals destination size [-Werror=stringop-truncation] Based on patch by Elan Ruusamäe <glen@delfi.ee>