summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-02-10cli: Split common update args into a base classMichał Górny
2018-02-10cli: Correct the description of default path in createMichał Górny
2018-02-10cli: Split common OpenPGP logic into a base classMichał Górny
2018-02-10cli: Split argument processing into separate methodMichał Górny
2018-02-09cli: Start abstracting out commands into objectsMichał Górny
2018-02-09Bump to 11.1Michał Górny
2018-02-09Restore allow_xdev default to false for bugfix releaseMichał Górny
2018-02-08recursiveloader: Allow cross-device processing by defaultMichał Górny
2018-02-08recursiveloader: Control storing Manifest device explicitlyMichał Górny
Add an explicit keyword argument to control when st_dev of Manifest is stored as Manifest device. It does not make any real difference at the moment (since st_dev of sub-Manifests is forced to match that of top Manifest) but it will be useful in the future.
2018-02-08find_top_level: Support crossing filesystem boundariesMichał Górny
Default to allow crossing filesystem boundaries when looking for top-level Manifest. There is no real reason to prevent that, and it breaks the verification for overlayfs users.
2018-02-08find_top_level: Remove broken cross-device testMichał Górny
Remove the cross-device test that wrongly assumed we will be traversing logical parent directories rather than physical. In other words, '..' in the symlinked filesystem will never contain the Manifest file.
2018-02-08find_top_level: Remove duplicate m_path declarationMichał Górny
2018-02-08openpgp: Do not wipe the environment in isolated modeMichał Górny
Do not wipe the complete environment when running in isolated mode as this had unintended side effect of wiping PATH. Since there is no real reasons to pursue a proper whitelist for this, just preserve the environment while overriding GNUPGHOME and TZ appropriately.
2018-02-08openpgp: Fix duplicate message in key import/refresh exceptionsMichał Górny
2018-02-03tox: Fix collecting coverage for multiprocessingMichał Górny
2018-02-02Bump to v11.0Michał Górny
2018-02-02recursiveloader: Detect symlink loops explicitlyMichał Górny
2018-02-02recursiveloader: Check for cross-device directories earlier in loopMichał Górny
Check for cross-device directory when starting to process the directory rather than for each subdirectory to be processed. This will avoid double stat() call in the future. It also means that cross-device exceptions are raised a little later, when recurring into the directory rather than before doing that. However, the starting directory is now also tested.
2018-02-02recursiveloader: Do not recur into directories when file was expectedMichał Górny
When verifying, do not let os.walk() recur into a directory for which we have an entry requesting it to be a file. The verification is going to fail on the directory entry anyway, so there is no point in seeking matches further and this could have currently resulted in crossing filesystem boundaries (since the cross-fs test is deferred to verifying thread).
2018-02-02openpgp: Fix handling OpenPGPNoImplementation in testsMichał Górny
2018-02-01cli: Unify exception handling and fix it to catch all gemato exceptionsMichał Górny
2018-02-01openpgp: Use assertion for home-after-close()Michał Górny
2018-02-01openpgp: Replace RuntimeError with dedicated for import/refresh errorsMichał Górny
2018-02-01exceptions: Add a base OpenPGPRuntimeError classMichał Górny
2018-02-01exceptions: Add a GematoException base class for all custom exceptionsMichał Górny
2018-02-01openpgp: Add tests for expired signatureMichał Górny
2018-02-01manifest: Remove unused openpgp module importMichał Górny
2018-02-01cli: Fix missing explicit importsMichał Górny
2018-01-30openpgp: Set trust-model via config fileMichał Górny
2018-01-25Bump to 10.3Michał Górny
2018-01-25openpgp: Fix reading time_t timestamps as UTCMichał Górny
2018-01-24Bump to 10.2Michał Górny
2018-01-24openpgp: Fix GnuPG use to report UTC timestampsMichał Górny
2018-01-24Bump to 10.1Michał Górny
2018-01-24cli: Print Manifest timestamp as wellMichał Górny
2018-01-24cli: Print OpenPGP signature info when verifyingMichał Górny
2018-01-24Expose Manifest signature data in Manifest classesMichał Górny
2018-01-24openpgp: Return basic signature data when verifying signaturesMichał Górny
2018-01-24openpgp: Refactor status processing not to stop on GOODSIGMichał Górny
2018-01-23Bump to v10.0Michał Górny
2018-01-19Refresh OpenPGP keys before verificationMichał Górny
Always refresh OpenPGP keys before starting the verification process. This ensures that the key has not been revoked, and also reduces the risk of using an expired key.
2018-01-16openpgp: Combine common code more, and remove redundant classMichał Górny
2018-01-16openpgp: Reject signatures made with expired & revoked keysMichał Górny
2018-01-16openpgp: Pass "--trust-model always" when using isolated envMichał Górny
Always trust keys in isolated env since we are explicitly importing them. This does not make any real difference but it skips unnecessary trust management.
2018-01-16openpgp: Do not call gpgconf, more trouble than benefitMichał Górny
It turns out that 'gpgconf --kill' is not supported by gpg-2.0. Given that removing the homedir will cause the agent to quit, and that we need to explicitly handle race conditions between the cleanup and agent quitting anyway, let's just go straight for removal.
2018-01-16openpgp: Move _spawn_gpg() helper into the classMichał Górny
2018-01-16openpgp: Refactor to use class for system environment as wellMichał Górny
2018-01-16Bump version to 9.3Michał Górny
2018-01-04Fix overwriting exception messagesMichał Górny
2018-01-04tox: backports.lzma 0.0.9 is broken on pypyMichał Górny
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-21 14:50:12 +0000