click-reviewers-tools (0.35) xenial; urgency=medium [ Jamie Strandboge ] * clickreviews/cr_systemd.py: - add checks for listen-stream, socket, socket-user and socket-group - remove vendor checks with bus-name (LP: #1510522) * clickreviews/cr_security.py: - make sure that the generated profile name is under the current 253 character maximum. This might have to be adjusted after the AppArmor stacking work is completed (LP: #1499544) - adjust for xenial snappy defaulting to using 'network-client' instead of 'networking' - use 'NEEDS REVIEW' instead of 'MANUAL REVIEW' * clickreviews/cr_lint.py: - check if package ships .click directory - add a few more vcs files - remove vendor-specific checks. 'vendor' is still allowed for compatibility with older snappy versions, but no formatting checks are performed (LP: #1510522) - 'Maintainer' checks in the click manifest should only be done with click packages (LP: #1510522) - don't prompt manual review when find .excludes file - add kernel and os as valid snap types - remove package filename checks. They were meaningless and hard to maintain - sort unknown snappy yaml keys - use 'NEEDS REVIEW' instead of 'MANUAL REVIEW' * clickreviews/cr_common.py: - add valid yaml keys for kernel snaps - add a couple more mime types for detecting binaries (useful for arm kernels) * update data/apparmor-easyprof-ubuntu.json for 16.04 policy * Makefile: add json syntax check * several changes for squashfs snaps that won't have a click manifest, etc. Importantly, this means that only package.yaml is looked at and a lot of click specific tests can be skipped - cr_common.py: + rename a few variable to not be click specific + add self.pkgfmt + adjust __init__() to conditionally use package.yaml on squashfs, otherwise click manifest + make click data structure initialization conditional on if click or not (eg, don't run hooks code on squashfs images) - adjust clickreviews/cr_* to conditionally run certain click-only tests on click packages - adjust architecture checks to use self.pkg_arch and rename control_architecture_specified_needed as architecture_specified_needed - cr_security.py: + revamp to use package.yaml on non-click instead of now nonexistent security manifest + update push-helper template test to not make hooks specific + network-client should not be allowed with push helpers either + conditionally look for INSTALL_DIR on 16.04 systems in security-policy + adjust security-override checks on 16.04 to follow 16.04 yaml + make click manifest checks conditional on if click - cr_tests.py: mock _pkgfmt_type(), _pkgfmt_version() and _is_squashfs()
[ Michael Nelson ] * add support for non-mocked tests [ Michael Vogt ] * add support for squashfs snaps (currently will trigger manual review) [ Daniel Holbach ] * Pass absolute path of click or snap file - that way it's safe even if we chdir (LP: #1514346). * Allow translated scope .ini fields to have 3 letters as their lang_code identifier, ie. 'ast'. (LP: #1517017) * Ensure "urls" is not empty (LP: #1522777) [ James Tait ] * Add a handful of links to askubuntu questions to explain some of the rejection messages. [ Alberto Mardegan ] * Allow "accounts" hook since the 15.04.1 framework * Online Accounts: update to latest plugin hook format (LP: #1520605) [ Marcus Tomlinson ] * Forbid the internal "DebugMode" scope.ini key from making its way into the store (LP: #1511063) Date: Mon, 14 Dec 2015 16:09:52 -0600 Changed-By: Jamie Strandboge <ja...@ubuntu.com> Maintainer: Ubuntu Appstore Developers <ubuntu-appstore-develop...@lists.launchpad.net> https://launchpad.net/ubuntu/+source/click-reviewers-tools/0.35
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 14 Dec 2015 16:09:52 -0600 Source: click-reviewers-tools Binary: click-reviewers-tools Architecture: source Version: 0.35 Distribution: xenial Urgency: medium Maintainer: Ubuntu Appstore Developers <ubuntu-appstore-develop...@lists.launchpad.net> Changed-By: Jamie Strandboge <ja...@ubuntu.com> Description: click-reviewers-tools - tools to review click packages Launchpad-Bugs-Fixed: 1499544 1510522 1511063 1514346 1517017 1520605 1522777 Changes: click-reviewers-tools (0.35) xenial; urgency=medium . [ Jamie Strandboge ] * clickreviews/cr_systemd.py: - add checks for listen-stream, socket, socket-user and socket-group - remove vendor checks with bus-name (LP: #1510522) * clickreviews/cr_security.py: - make sure that the generated profile name is under the current 253 character maximum. This might have to be adjusted after the AppArmor stacking work is completed (LP: #1499544) - adjust for xenial snappy defaulting to using 'network-client' instead of 'networking' - use 'NEEDS REVIEW' instead of 'MANUAL REVIEW' * clickreviews/cr_lint.py: - check if package ships .click directory - add a few more vcs files - remove vendor-specific checks. 'vendor' is still allowed for compatibility with older snappy versions, but no formatting checks are performed (LP: #1510522) - 'Maintainer' checks in the click manifest should only be done with click packages (LP: #1510522) - don't prompt manual review when find .excludes file - add kernel and os as valid snap types - remove package filename checks. They were meaningless and hard to maintain - sort unknown snappy yaml keys - use 'NEEDS REVIEW' instead of 'MANUAL REVIEW' * clickreviews/cr_common.py: - add valid yaml keys for kernel snaps - add a couple more mime types for detecting binaries (useful for arm kernels) * update data/apparmor-easyprof-ubuntu.json for 16.04 policy * Makefile: add json syntax check * several changes for squashfs snaps that won't have a click manifest, etc. Importantly, this means that only package.yaml is looked at and a lot of click specific tests can be skipped - cr_common.py: + rename a few variable to not be click specific + add self.pkgfmt + adjust __init__() to conditionally use package.yaml on squashfs, otherwise click manifest + make click data structure initialization conditional on if click or not (eg, don't run hooks code on squashfs images) - adjust clickreviews/cr_* to conditionally run certain click-only tests on click packages - adjust architecture checks to use self.pkg_arch and rename control_architecture_specified_needed as architecture_specified_needed - cr_security.py: + revamp to use package.yaml on non-click instead of now nonexistent security manifest + update push-helper template test to not make hooks specific + network-client should not be allowed with push helpers either + conditionally look for INSTALL_DIR on 16.04 systems in security-policy + adjust security-override checks on 16.04 to follow 16.04 yaml + make click manifest checks conditional on if click - cr_tests.py: mock _pkgfmt_type(), _pkgfmt_version() and _is_squashfs() . [ Michael Nelson ] * add support for non-mocked tests . [ Michael Vogt ] * add support for squashfs snaps (currently will trigger manual review) . [ Daniel Holbach ] * Pass absolute path of click or snap file - that way it's safe even if we chdir (LP: #1514346). * Allow translated scope .ini fields to have 3 letters as their lang_code identifier, ie. 'ast'. (LP: #1517017) * Ensure "urls" is not empty (LP: #1522777) . [ James Tait ] * Add a handful of links to askubuntu questions to explain some of the rejection messages. . [ Alberto Mardegan ] * Allow "accounts" hook since the 15.04.1 framework * Online Accounts: update to latest plugin hook format (LP: #1520605) . [ Marcus Tomlinson ] * Forbid the internal "DebugMode" scope.ini key from making its way into the store (LP: #1511063) Checksums-Sha1: 3ea4572ed204f32fd42166c36fb5c28bd426fd4c 1834 click-reviewers-tools_0.35.dsc 32edc5fb9a68b8e6b4c2698b4f49e262252796a9 119427 click-reviewers-tools_0.35.tar.gz Checksums-Sha256: 5c67dce8a4de9e0c9880d07e62343548fc0ad5a12f1c79a5e1a56ae456342484 1834 click-reviewers-tools_0.35.dsc f98b8b156a00b7970f7d6642d95a206fa8f95fdd627aae143c9feb4f5334f57c 119427 click-reviewers-tools_0.35.tar.gz Files: 674c90d850784e2f8da98b6bca04754e 1834 devel optional click-reviewers-tools_0.35.dsc 522553eaad19739624bca55eea7adc97 119427 devel optional click-reviewers-tools_0.35.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWb0H1AAoJEFHb3FjMVZVzpl8QALVWdR1xT9yxDgYmNk6AgY6P WdxHee0FODckO/BptP0zkmu9DApwKsnpD19bVqF7TXlV1wfMZA4O/qUCG3TZdBFd kZNQx7VPwcoQiMNQvtJIkDmsW19Xd+lZd1/fW2+BwVResVJhrWe4o6fpWe6ZquhY 5zqXPYUi2xNy9tiX463MKlQdjccnD4AMBKFoBSZKj6GiUUMpwVv5Hq3yJCWLGOjs EocO7mtZpNNaaYwLs2TXJ2vS0CVCBmy5eQIwGpaHpwaxUA6nXufWFCyQ8PAXT6la +ow/dqtagx+WvEF4ZWuvudsH8xh2b0mr9LaxAmGV5obH80a5jK5Qlp7WfVFkDcMe IstZgAD0YqUGJlznfin3EWEtR9uGNjUSoAWqsH1fcM8eaOMdZGu9NINqa183Ptxd DqQwzxvma4kH8ETPCH5EaR1UxVIc3rnyhXvnaDAW3bJpAmS+HxScj8rUBUbjwJdt qALXHlps+Y7wE9Zka5sr/KBDtBRP4Faa6ipZ4DvIBM3ffcgRbfpFKaNqwCSX/9h0 XquyE55QchYTjj55ThNtOGDlQN6I5x6EKXdC/KIxRQ+lBum3iXPvM46zduc/5PPv lDHXgyKl/k2HF2QBWi9wgq59Hcya5v4LI2cc7ceretSVinupvzIa/H1wAVbr4ypB M1AxZukY5AkkcnT58s/T =9Bw/ -----END PGP SIGNATURE-----
-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes