From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id C87A7731B5 for ; Mon, 5 Jul 2021 15:51:11 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id B3181202D7 for ; Mon, 5 Jul 2021 15:50:41 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id C4D87202A3 for ; Mon, 5 Jul 2021 15:50:39 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 8A63540BCF for ; Mon, 5 Jul 2021 15:50:39 +0200 (CEST) From: Fabian Ebner To: pve-devel@lists.proxmox.com Date: Mon, 5 Jul 2021 15:50:29 +0200 Message-Id: <20210705135033.101390-3-f.ebner@proxmox.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210705135033.101390-1-f.ebner@proxmox.com> References: <20210705135033.101390-1-f.ebner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.575 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH proxmox-apt 2/3] repository check: limit 'stable' to Proxmox and Debian origin X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Jul 2021 13:51:11 -0000 For foreign repositories, it's a better heuristic to assume it's used in a non-dangerous (i.e. no sudden major upgrade on release day) way. Reported-by: Dominik Csapak Signed-off-by: Fabian Ebner --- src/repositories/file.rs | 57 ++++++++++++++++++---------------------- src/repositories/mod.rs | 12 ++++----- 2 files changed, 30 insertions(+), 39 deletions(-) diff --git a/src/repositories/file.rs b/src/repositories/file.rs index 49cc358..b5bdb77 100644 --- a/src/repositories/file.rs +++ b/src/repositories/file.rs @@ -298,12 +298,31 @@ impl APTRepositoryFile { Ok(()) } - /// Checks if old or unstable suites are configured and also that the - /// `stable` keyword is not used. - pub fn check_suites(&self) -> Result, Error> { + /// Checks if old or unstable suites are configured, and also tries to + /// determine the origin of each repository. + pub fn check(&self) -> Result, Error> { let mut infos = vec![]; for (n, repo) in self.repositories.iter().enumerate() { + let mut origin = match repo.get_cached_origin() { + Ok(option) => option, + Err(_) => None, + }; + + if origin.is_none() { + origin = repo.origin_from_uris(); + } + + if let Some(ref origin) = origin { + infos.push(APTRepositoryInfo { + path: self.path.clone(), + index: n, + kind: "origin".to_string(), + property: None, + message: origin.to_string(), + }); + } + if !repo.types.contains(&APTRepositoryPackageType::Deb) { continue; } @@ -353,7 +372,9 @@ impl APTRepositoryFile { } } - if repo.has_suite_variant("stable") { + if (origin == Some("Proxmox".to_string()) || origin == Some("Debian".to_string())) + && repo.has_suite_variant("stable") + { add_info( "warning".to_string(), "use the name of the stable distribution instead of 'stable'!".to_string(), @@ -363,32 +384,4 @@ impl APTRepositoryFile { Ok(infos) } - - /// Checks for official URIs. - pub fn check_uris(&self) -> Vec { - let mut infos = vec![]; - - for (n, repo) in self.repositories.iter().enumerate() { - let mut origin = match repo.get_cached_origin() { - Ok(option) => option, - Err(_) => None, - }; - - if origin.is_none() { - origin = repo.origin_from_uris(); - } - - if let Some(origin) = origin { - infos.push(APTRepositoryInfo { - path: self.path.clone(), - index: n, - kind: "origin".to_string(), - property: None, - message: origin, - }); - } - } - - infos - } } diff --git a/src/repositories/mod.rs b/src/repositories/mod.rs index 7bac333..6dd07f0 100644 --- a/src/repositories/mod.rs +++ b/src/repositories/mod.rs @@ -43,18 +43,16 @@ fn common_digest(files: &[APTRepositoryFile]) -> [u8; 32] { openssl::sha::sha256(&common_raw[..]) } -/// Provides additional information about the repositories. +/// Currently checks if old or unstable suites are configured, and also tries to +/// determine the origin of each repository. /// -/// The kind of information can be: -/// `warnings` for bad suites. -/// `ignore-pre-upgrade-warning` when the next stable suite is configured. -/// `badge` for official URIs. +/// For problems, the kind of info will be `warning` for enabled repositories +/// and `info` for disabled repositories. For the origin, the kind is `origin`. pub fn check_repositories(files: &[APTRepositoryFile]) -> Result, Error> { let mut infos = vec![]; for file in files.iter() { - infos.append(&mut file.check_suites()?); - infos.append(&mut file.check_uris()); + infos.append(&mut file.check()?); } Ok(infos) -- 2.30.2