a7a4bb7001
test: improve test coverage for AppStream feature
2026-04-26 15:04:38 +02:00
2f7f726d4c
fix: reject AppStream flag for flat repos instead of silently skipping
2026-04-26 15:04:38 +02:00
43d7284657
docs: update man page and AUTHORS for AppStream support
2026-04-26 15:04:37 +02:00
02423af931
fix: prevent db cleanup from deleting AppStream pool files
2026-04-26 15:04:17 +02:00
2a228625e2
test: add system test for AppStream publish pass-through
2026-04-26 15:04:17 +02:00
16e0302f30
test: update snapshot golden files for AppStream field
2026-04-26 15:04:17 +02:00
6ecbc9ba90
test: add system tests for AppStream mirror create, edit, and update
2026-04-26 15:04:17 +02:00
7276b9621f
feat: add --with-appstream to bash/zsh shell completions
2026-04-26 15:04:17 +02:00
fb7734b5b0
test: add unit tests for AppStream pass-through feature
2026-04-26 15:04:17 +02:00
29c37293b9
feat: wire AppStream support through CLI, API, and publish
2026-04-26 15:04:17 +02:00
f25ba2e6b0
feat: propagate AppStreamFiles through snapshots
2026-04-26 15:04:17 +02:00
6a5b9ddacf
feat: add AppStream (DEP-11) download support to RemoteRepo
2026-04-26 15:04:17 +02:00
48355f65ed
Merge pull request #1542 from tonobo/reproducible-publish
...
Add SOURCE_DATE_EPOCH support for GPG signers
2026-04-26 15:01:27 +02:00
d616977904
Add SOURCE_DATE_EPOCH support for GPG signers
...
Both the external GPG signer (--faked-system-time) and internal Go
OpenPGP signer (signerConfig.Time) now honor SOURCE_DATE_EPOCH,
producing reproducible signatures alongside the plain Release file dates.
Adds system tests for both signer backends verifying byte-identical
Release, Release.gpg and InRelease across repeated publishes.
The signer tests (PublishRepo3[78]Test) are using an ed25519 key because
ed25519 signatures are deterministic by design. The Go openpgp library
uses a random nonce for DSA/ECDSA (see signature.go Sign calls using
config.Random() link below) so those signatures vary across runs
even with a fixed timestamp, making byte-identical verification impossible.
In addition to 49f342878ahttps://github.com/aptly-dev/aptly/pull/1537
Ref: https://github.com/ProtonMail/go-crypto/blob/v1.4.0/openpgp/packet/signature.go#L945-L979
2026-04-26 14:32:23 +02:00
3c068febde
Merge pull request #1541 from aptly-dev/dependabot/go_modules/github.com/cloudflare/circl-1.6.3
...
build(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3
2026-04-26 14:31:08 +02:00
76adbe49e0
build(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3
...
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl ) from 1.6.1 to 1.6.3.
- [Release notes](https://github.com/cloudflare/circl/releases )
- [Commits](https://github.com/cloudflare/circl/compare/v1.6.1...v1.6.3 )
---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
dependency-version: 1.6.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-26 12:00:02 +00:00
f6221a2413
Merge pull request #1535 from lecafard/push-qxtqtunqqqnu
...
Add edit mirror API endpoint
2026-04-26 13:57:49 +02:00
4f46cb04f5
Merge pull request #1561 from russelltg/docs
...
fix docs for Serve in API mode
2026-04-25 20:07:40 +02:00
66e814c086
fix docs for Serve in API mode
2026-04-13 10:59:47 -06:00
b3f5d96490
Add edit mirror API endpoint
2026-04-12 22:26:58 +02:00
144265122a
Merge pull request #1533 from xzhang1/add-version
...
`Release` file: support `Version` field
2026-04-12 20:09:39 +02:00
4f95d75c37
Merge pull request #1547 from aptly-dev/dependabot/pip/system/requests-2.33.0
...
build(deps): bump requests from 2.32.4 to 2.33.0 in /system
2026-04-12 20:06:48 +02:00
8db1d2e7f1
build(deps): bump requests from 2.32.4 to 2.33.0 in /system
...
Bumps [requests](https://github.com/psf/requests ) from 2.32.4 to 2.33.0.
- [Release notes](https://github.com/psf/requests/releases )
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md )
- [Commits](https://github.com/psf/requests/compare/v2.32.4...v2.33.0 )
---
updated-dependencies:
- dependency-name: requests
dependency-version: 2.33.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-12 17:26:36 +00:00
4088a811cd
ci: do not upload coverage for dependabot
2026-04-12 18:55:54 +02:00
2ac4c75fad
ci: fix coverage
2026-03-28 15:17:47 +01:00
e2ebcbb02a
Release file: support Version field
...
https://wiki.debian.org/DebianRepository/Format#Version
The Version field, if specified, shall be the version of the release.
On the other hand, if not set or set to an empty value, the Version
field will not be included in the Release file.
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com >
2026-03-03 07:38:44 +00:00
9defe70190
Merge pull request #1537 from tonobo/reproducible-publish
...
Add SOURCE_DATE_EPOCH support for reproducible builds
2026-02-28 12:46:57 +01:00
23943d47e9
Merge pull request #1531 from xzhang1/fix-testcase
...
fix `t06_publish/PublishSnapshot43Test_gold` gold error
2026-02-28 11:44:32 +01:00
49f342878a
Add SOURCE_DATE_EPOCH support for reproducible builds
...
Implement support for the SOURCE_DATE_EPOCH environment variable as
specified by reproducible-builds.org. When set, this variable overrides
the current timestamp in the Release file's Date and Valid-Until fields,
enabling reproducible filesystem publishes.
- Read SOURCE_DATE_EPOCH environment variable in Publish()
- Use the epoch timestamp for both Date and Valid-Until fields
- Gracefully fallback to current time if unset or invalid
- Add comprehensive tests for valid and invalid SOURCE_DATE_EPOCH values
2026-02-20 07:24:52 +01:00
1f29c65a95
fix t06_publish/PublishSnapshot43Test_gold gold error
...
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com >
2026-02-03 07:12:04 +00:00
a65f79eb79
Merge pull request #1479 from abregar/issues-309-691
...
Add config key for 'gpgKeys' and allow multiple keyRefs when signing with gpg, fixing Issues #309 and #691
2026-01-26 11:58:03 +01:00
c6a9f82358
multi sign: add test
2026-01-26 11:26:40 +01:00
1702537979
clearer REST api docs, put whitespace to docs to show that keyId strings are trimmed
2026-01-24 10:55:15 +01:00
12604b9379
updating REST api with multiple gpg keys support, due backwards compatibility introducing CSV under same key (gpg-key)
2026-01-24 10:55:15 +01:00
9b523e6bd5
review fix
2026-01-24 10:55:15 +01:00
aa030e3f36
system test t12_api sends empty keyRef string, making gpg fail
2026-01-24 10:55:15 +01:00
8e739524b0
system test unexpected string fix (would be helpful, but not changing the test just for this)
2026-01-24 10:55:15 +01:00
4ba4c0cba6
system test configuration fix
2026-01-24 10:55:15 +01:00
48d02918c1
documentation updated
2026-01-24 10:55:15 +01:00
d672bfa317
white space revert to minimize change
2026-01-24 10:55:15 +01:00
9a90038dd2
- #309 adding gpgKeys config key, accepting array of keyRef, cli args has precedence
...
- #691 adding handling of multiple keyRefs when signing with gpg
2026-01-24 10:55:15 +01:00
7d23196f76
Merge pull request #1529 from aptly-dev/fix/deadlocks
...
tasklist: fix deadlocks
2026-01-20 21:28:00 +01:00
2c6812934e
tasklist: fix deadlocks
...
* lock correct resources
* unlock list before queueing
2026-01-18 19:31:26 +01:00
60f3eb151b
Merge pull request #1484 from xzhang1/update_label
...
Support updating label and origin domain of publish
2026-01-17 11:44:32 +01:00
0db9797c4e
add test
2026-01-16 14:50:09 +01:00
a2ffffedc1
Support updating label and origin domain of publish
...
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com >
2026-01-16 14:50:09 +01:00
19b98c62c1
Merge pull request #1504 from bwitt/error_outofspace
...
Return error on out of space
2026-01-16 14:49:20 +01:00
06fea598e1
ci: fail on failed coverage upload
2026-01-16 13:15:43 +01:00
9a6f06d23e
unit-test: use /smallfs when non-root
2026-01-11 21:19:24 +01:00
67f6a0e458
ci: provide 1MB /smallfs to docker
2026-01-11 21:19:24 +01:00
Philip Cramer
André Roth
Tim Foerster
dependabot[bot]
Russell Greene
tom
Zhang Xiao
Ales Bregar