Karl/BobStore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,724 Commits 2 Branches 249 Tags
Commit Graph

186 Commits

Author SHA1 Message Date
Hans-Christoph Steiner
421270ad5f handle implied READ_EXTERNAL_STORAGE permissions 
Having _WRITE_EXTERNAL_STORAGE_ will implied _READ_EXTERNAL_STORAGE_:
https://developer.android.com/reference/android/Manifest.permission#READ_EXTERNAL_STORAGE

closes #1702
 2019-02-14 15:33:57 +01:00
Hans-Christoph Steiner
1deec1c9b3 sanitize all packageNames from the index 
This is insurance to make sure that packageNames are not abused for
exploiting F-Droid.  The database queries already use SQL Prepared
Statements, but who know what else might be exploitable.

fdroid/fdroidclient#1588
 2019-01-03 14:52:32 +01:00
Hans-Christoph Steiner
26c1ef3033 move RepoXMLHandler to org.fdroid.fdroid.data 
This should be lumped with the classes it uses.
 2019-01-03 14:52:32 +01:00
Hans-Christoph Steiner
9c8cc20a80 validate all data in repo push requests 
This should get us closer towards not having to trust the server.

fdroid/fdroidclient#1588

https://stackoverflow.com/questions/5205339/regular-expression-matching-fully-qualified-class-names/5205467
 2019-01-03 14:52:32 +01:00
Peter Serwylo
d82023b943 Add test for loading app icons from correct repository 2018-12-22 19:34:23 +11:00
Hans-Christoph Steiner
e0f346d4b4 fix repo tests after change in mirror list logic 
Why didn't these tests fail earlier?

this should have been included in ac1a5e0ad8bed1c658885c8f6142367a3812815d
fdroid/fdroidclient!769
 2018-12-21 15:26:02 +01:00
Hans-Christoph Steiner
0e5dd45859 fix a couple missed renames for IndexUpdater 
* 0e6b4acabf72050e47dc80a273f5a5d1ec4ce222
* fdroid/fdroidclient!767
 2018-12-21 00:06:15 +01:00
Hans-Christoph Steiner
0e6b4acabf
rename RepoUpdater to IndexUpdater 2018-12-17 17:17:28 +01:00
Hans-Christoph Steiner
c1db27715c switch all SDK version values to integers, as per definition 
```
sed -E -i 's,("[a-z]+SdkVersion": )"([0-9]+)",\1 \2,' app/src/test/resources/*.json
```

* fdroid/fdroidserver!596
* fdroid/fdroidserver#593
* fdroid/fdroidserver#596
 2018-12-06 16:07:56 +00:00
Hans-Christoph Steiner
eb023887a5 fix checkstyle complaints 
* LocalFinalVariableName
* EqualsAvoidNull
* EmptyLineSeparator
* SeparatorWrap
* LineLength
 2018-10-18 15:07:54 +02:00
Hans-Christoph Steiner
409846e199 force DBHelperTest.canAddAdditionalRepos() to run on CI 2018-10-18 15:07:54 +02:00
Hans-Christoph Steiner
6dd4523d3c clean up whitespace in repo descriptions 
This cleans up the whitespace in the description item, since the
XML parsing will include the linefeeds and indenting in the description.
 2018-10-18 15:07:54 +02:00
Hans-Christoph Steiner
1788546267 rename parseXmlRepos to parseAdditionalReposXml 2018-10-18 15:07:54 +02:00
Hans-Christoph Steiner
aace086da4 separate defaultRepos from initialRepos, which includes additionalRepos 2018-10-18 15:07:53 +02:00
Hans-Christoph Steiner
e8264d7dbb rename REPO_XML_ARG_COUNT to REPO_XML_ITEM_COUNT 2018-10-18 15:07:53 +02:00
Hans-Christoph Steiner
95c375ac26 fix DBHelperTest to actually load and parse additional_repos.xml 2018-10-18 15:07:53 +02:00
Dimitri Rusin
dd08655d43 changed the tests: now testing only DBHelper.parseXmlRepos() 2018-09-20 19:12:14 +00:00
Dimitri Rusin
dc19b11ae1 finished additional repos test 2018-09-17 13:54:15 +00:00
Dimitri Rusin
59d0f7d6be some minor style changes 2018-09-17 13:54:15 +00:00
Dimitri Rusin
324cb2998b minor style changes 2018-09-17 13:54:15 +00:00
Dimitri Rusin
27e0eaad9e implemented creating xml file on oem partition; not sure whether it works cause gradle runs forever (>20min) 2018-09-17 13:54:15 +00:00
Dimitri Rusin
895166e9db started implementing test 2018-09-17 13:54:15 +00:00
Hans-Christoph Steiner
e215c26517 tests: ensure all database usages are properly closed 
Leaving lots of DB connections open seems to make OpenJDK crash a lot,
giving false fails for the CI tests.
 2018-08-17 10:09:59 +02:00
Hans-Christoph Steiner
90acd75b90 purge broken, semi-used root filtering preference 
RequiresRoot should become an Anti-Feature or <uses-feature> or
something like that. Having it a one-off makes it too brittle

fdroid/fdroidclient#928
 2018-07-30 18:03:12 +02:00
Hans-Christoph Steiner
109a927a68 show downloading header on Downloading/PendingInstall status 
PendingInstall means that the user considers the install still in process,
like when F-Droid gets killed in the background.  There is unfortunately no
reliable way currently to ensure that removePendingInstall() is called when
the app is finally installed so we can't use it here.

This reverts a small part of 1c50e2891054b629e2af6b2d0b1fc89e0b1cf18b

closes fdroid/fdroidclient#1527
fdroid/fdroidclient#1532
 2018-07-30 18:02:03 +02:00
Hans-Christoph Steiner
1c50e28910 use new PendingInstall mechanism to control AppDetails buttons 
This should hopefully give more reliable display/hiding of the buttons.

refs #1357
 2018-07-21 00:49:53 +02:00
Hans-Christoph Steiner
d9781d735c ban internal Repo vars from being set by the index JSON 
These things should never be settable from the server.
 2018-07-11 16:05:53 +02:00
Hans-Christoph Steiner
5ffec23b2f set default values of preferences only in preferences.xml 
This removes a layer of redundancy where there were defaults set in the
Preferences class, as well as in preferences.xml.  This makes it possible
for whitelabel versions to change the default values of the preferences by
changing it only in preferences.xml.
 2018-06-18 16:46:26 +02:00
Hans-Christoph Steiner
ea80704598 split up everything into 'full' and 'basic' build flavor 
"full" is the original F-Droid app with all the features.  It should still
build the exact same app after this change.  "basic" is the smallest
version of F-Droid possible.  It does not yet build, nor work.
 2018-06-15 23:27:03 +02:00
Hans-Christoph Steiner
b13394fdb0 run all Robolectric tests against the target SDK 2018-06-13 13:55:06 +02:00
Hans-Christoph Steiner
a3d9850a42 update to latest robolectric 3.8 and mockito 2.7.22 
http://robolectric.org/getting-started/#building-with-gradle
 2018-04-19 15:51:44 +02:00
Hans-Christoph Steiner
14474aed01 reenable line length errors on ProperMultiRepoUpdaterTest 2018-04-19 15:51:44 +02:00
Hans-Christoph Steiner
dfc6524fc1 switch Robolectric to use compile SDK version 2018-04-19 15:51:44 +02:00
Hans-Christoph Steiner
36c76070e5 Apk.versionName can be null, and the code should handle it 
closes #1418
 2018-04-17 15:30:56 +02:00
Hans-Christoph Steiner
615e559ce1 only prompt to swap back to proper swap URLs 
Before, it was possible to annoy the user by sending HTTP POST with any
repo URL in it.
 2018-04-13 00:20:52 +02:00
Hans-Christoph Steiner
34381f9cfb simplify creation of Repo instances in tests 
Creating a Repo instance first seems totally redundant and confusing.
 2018-03-29 22:33:42 +02:00
Hans-Christoph Steiner
cc540301d1 purge all references to ICON_URL_LARGE, its unused 
This was only partially hooked up and often not even populated.
It was added in 4895e2d790ec3b91fa4271a24e1ea0ae69d362f4, but things have
changed a lot now.  We should be moving towards preferring the drawable XML
vector icons, which will scale nicely for all DPIs.
 2018-03-21 20:10:37 +01:00
Marcus Hoffmann
10e2bf2a7c
add liberapay field and donation option 
This add the liberapayID index field to the local db and then displays a
donation badge for apps that provide this.
 2018-02-15 19:58:12 +01:00
Hans-Christoph Steiner
6d011c3895 use triedEmptyUpdate methods in Preferences throughout the codebase 
We have these methods, they should be used!
 2018-01-31 16:20:23 +01:00
Hans-Christoph Steiner
d8879dd425 make DBHelper follow the Java Singleton pattern 
It was already behaving like a singleton, but the code was spread around in
other classes.  DBHelper does not use a private constructor though since
the tests prevent it.
 2018-01-31 16:20:23 +01:00
Michael Pöhn
96def8adca added parsing for repository signing key property to provisioning files 2018-01-25 23:28:15 +01:00
Michael Pöhn
4a5ad0a33d implemented parser for (repository) provisioning 2018-01-25 23:28:15 +01:00
Hans-Christoph Steiner
55aa8e9aa6 use standard buffer size for Utils.getBinaryHash() 
While a large buffer might make things slightly faster, the smaller buffer
size should play much nicer when F-Droid is doing things in the background.
Since calculating the hash is part of the update procedure, which can now
happen in the background, this method will be often running in the
background.

The tests showed no difference in time between the large and small buffer.
 2018-01-12 13:50:32 +01:00
Hans-Christoph Steiner
92f94ef195 Merge branch 'trim-names-and-summaries' into 'master' 
Trim names and summaries

See merge request fdroid/fdroidclient!613
 2017-12-01 11:17:12 +00:00
Hans-Christoph Steiner
427d0d0aa0 add 'debug' to applicationId and versionName for debug builds 2017-11-23 10:55:13 +01:00
Jonas Kalderstam
44d984786f Trim names and summaries on database insert 
When metadata is read from localized files such as
Fastlane/Triple-Play the names/summaries get stored on the server with
a trailing newline. This is not a problem when displaying as HTML as
in a browser but causes unwanted whitespace in the app.

See also https://gitlab.com/fdroid/fdroidserver/merge_requests/375,
and https://gitlab.com/fdroid/fdroidclient/issues/1114
 2017-11-20 00:36:12 +01:00
Peter Serwylo
0551b0d1fc Allow user to ignore messages about vulnerable apps 2017-09-27 15:03:03 +10:00
Peter Serwylo
5f64985b34 Added 'ignore vuln' preference for apps 2017-09-27 15:03:03 +10:00
Peter Serwylo
7424220c02 Add apps with known vulnerabilities to updates tab. 
Currently only supports "Uninstall", but will soon also support "Upgrade
to a newer version".
 2017-09-27 15:03:03 +10:00
Peter Serwylo
504854547b Add query to get installed apps with known vuln + tests. 
Note that I don't think the query will work correctly across multiple repos,
because it is currently only querying the app with the "preferred
metadata".
 2017-09-27 15:03:02 +10:00