Age | Commit message (Collapse) | Author | Files | Lines |
|
this makes the database package entry smaller, and we propbably
get more fields to installed_package later too. this cleans up
the way scripts are stored and is a preparation for supporting
triggers. some parsing for trigger meta-data. ref #45.
|
|
|
|
some hooks to package verification code were missing causing the
verification to not be done (causing pre-script to be not run).
fixes #124, #126.
|
|
it will allow to overwrite files owned by some other packages
to get upgrades right (e.g. when splitting or renaming packages)
|
|
this way we never change cwd, and relative filenames are always
parsed consistently. this also helps filename construction in many
places. this patch also changes '--root' to override location of
all configuration to be in the new root. previously it depended
on the file which one was used.
|
|
and force checksumming only when unpacking archive. otherwise
it's extra computation for nothing.
|
|
this dependency is now inserted automatically by abuild.
|
|
when failed to load an existing index.
|
|
fixes verification of non-repository packages while installing
them. this is final thing needed for full signing support
(fixes #46).
|
|
make sure cache is enabled on non-permanent rootfs setups.
some optimizations and fixes too.
|
|
smaller callback and less cases to check. also reintroduce the
oneshot digest flag, hopefully correct this time.
|
|
to not make hard error of untrusted or missing signatures
|
|
|
|
- error codes for verification failure types
- fix some fdb corruption on file migration
- combine some dependency parsing code
- fix versioned dependencies
|
|
- extract everything as .apk-new and overwrite only after data
has been checksummed
- url construction fixes (to work with simple http servers)
- end of gunzip stream fixed
- remove oneshot digesting flag for now as it's usage was broken
|
|
|
|
|
|
|
|
prefer index in the new format as signed .tar.gz.
|
|
|
|
speeds up digest calculation on some cases.
|
|
|
|
|
|
that got broke during verify implementation.
|
|
an utility to check package signature and integrity.
|
|
in future we might add datahashalg to specify the algorithm used.
|
|
change the index generation to do old index, or the new style index
where package identity is sha1 of control block and it's contained
within an .tar.gz to allow signing in future.
|
|
|
|
|
|
|
|
otherwise we don't get chechksum anymore after the changes to
support partial gzip checksumming.
|
|
this also convers scripts file to a tar archive.
|
|
snprintf is dog slow. make the blob stuff have some helper functions
so we can use them in code paths that are executed often.
|
|
some fixes on index reading code too.
|
|
in future we want to checksum on gzip boundary basis, not the
full file.
|
|
|
|
make apk_version_compare() take strings rather than blobs
add apk_pkgversion_compare(), a wrapper that takes packages
|
|
Support version numbers specified with packages. For example:
apk add 'busybox<1.14'
apk add 'squid=>3.0'
|
|
|
|
|
|
|
|
Calculate changesets directly by stabilizating the package graph instead of
recalculating the whole graph and then diffing (similar approach as seen
in 'smart' package manager). The algorithm is not complete: defferred
search space forking is missing. So you don't always get a solution on
complex graphs.
Benefits:
- usually the search state tree is smaller (less memory used)
- speed relational to changeset size, not database size (usually faster)
- touch only packages related to users request (can work on partitially
broken state; upgrades only necessary packages, fixes #7)
Also implemented:
- command prompt to confirm operation if packages are deleted or downgraded
- requesting deletion of package suggests removal of all packages depending
on the package being removed (you'll get list of packages that also get
removed if you want package X removed)
- option --simulate to see what would have been done (mainly for testing)
- an untested implementation of versioned dependencies and conflicts
A lot has changed, so expect new bugs too.
|
|
So we don't get artificial limits on the amount of dependencies
(fixes #8).
|
|
|
|
This reverts commit 600f9e7e031c9e7244e078f35ec6c8dce1011149.
My bad. This was correct.
|
|
This reverts commit 46430ceb5607ac9e395432648c6a8c1a7cbceaf1.
The problem this was suppoed to fix was fixed by letting apk_db_open()
return with same working dir.
|
|
|
|
|
|
In quiet mode e.g. "apk info -q -W <file list>" a list of dependencies
suitable for .PKGINFO is output in one line.
|
|
|