def fix_homepage(http_url):
if not http_url.startswith('http:'):
return http_url
https_url = 'https:' + http_url[len('http:'):]
result = urllib.parse.urlparse(http_url)
if result.netloc in known_https:
return https_url
if not net_access_allowed():
return http_url
# Fall back to just comparing the two
headers = {'User-Agent': USER_AGENT}
try:
http_contents = urlopen(Request(http_url, headers=headers),
timeout=DEFAULT_URLLIB_TIMEOUT).read()
except ERRORS as e:
sys.stderr.write('Unable to access HTTP version of homepage %s: %s' %
(http_url, e))
return http_url
try:
https_contents = urlopen(Request(https_url, headers=headers),
timeout=DEFAULT_URLLIB_TIMEOUT).read()
except ERRORS as e:
sys.stderr.write('Unable to access HTTPS version of homepage %s: %s' %
(https_url, e))
return http_url
if same_page(http_contents, https_contents):
return https_url
return http_url
def migrate_from_obsolete_infra(control):
vcs_type, vcs_url, unused_subpath = get_vcs_info(control)
if vcs_type is None:
return
if not is_on_obsolete_host(vcs_url):
return
package = control["Source"]
maintainer_email = parseaddr(control["Maintainer"])[1]
old_vcs_browser = control.get('Vcs-Browser')
old_vcs_type = vcs_type
old_vcs_url = vcs_url
try:
(vcs_type, vcs_url, vcs_browser) = find_new_urls(
vcs_type, vcs_url, package, maintainer_email,
net_access=net_access_allowed())
except NewRepositoryURLUnknown:
return
fixed_lintian_tag(
'source', "vcs-obsolete-in-debian-infrastructure",
info='vcs-%s %s' % (old_vcs_type.lower(), old_vcs_url))
if (("Vcs-Cvs" in control and re.match(
r"\@(?:cvs\.alioth|anonscm)\.debian\.org:/cvsroot/",
control["Vcs-Cvs"])) or
("Vcs-Svn" in control and
"viewvc" in control["Vcs-Browser"])):
fixed_lintian_tag(
'source', "vcs-field-bitrotted",
info='%s %s' % (old_vcs_url or '', old_vcs_browser or ''))
for hdr in ["Vcs-Git", "Vcs-Bzr", "Vcs-Hg", "Vcs-Svn"]:
if hdr == "Vcs-" + vcs_type:
continue
try:
del control[hdr]
except KeyError:
pass
control["Vcs-" + vcs_type] = vcs_url
if vcs_browser is not None:
control["Vcs-Browser"] = vcs_browser
else:
try:
del control["Vcs-Browser"]
except KeyError:
pass
async def valid_bug(package, bug):
if not net_access_allowed():
return None
global debbugs
if debbugs is None:
from lintian_brush.debbugs import DebBugs
_debbugs = DebBugs()
try:
await _debbugs.connect()
except ImportError:
# No asynpcg?
return None
except socket.gaierror as e:
warn('Unable to connect to debbugs: %s' % e)
return None
debbugs = _debbugs
return await debbugs.check_bug(package, bug)
async def package_exists(package, release, version_info):
if not net_access_allowed():
try:
return (package
in os.environ['%s_PACKAGES' % release.upper()].split(','))
except KeyError:
return None
try:
from lintian_brush.udd import connect_udd_mirror
except ModuleNotFoundError:
return None
async with await connect_udd_mirror() as udd:
query = 'SELECT True FROM packages WHERE release = $2 AND package = $1'
args = [package, release]
if version_info is not None:
version_cmp, version = version_info
query += ' AND version %s $3' % VERSION_CMP_SQL[version_cmp]
args.append(version)
row = await udd.fetchrow(query, *args)
return bool(row)
def guess_description(binary_name, all_binaries, summary=None):
if len(all_binaries) != 1:
# TODO(jelmer): Support handling multiple binaries
return None
upstream_metadata = guess_upstream_metadata(
'.', trust_package(), net_access_allowed())
if summary is None:
summary = upstream_metadata.get('X-Summary')
try:
upstream_description = textwrap_description(upstream_metadata['X-Description'])
except KeyError:
# Better than nothing..
return summary
if summary is None:
if len(upstream_description) == 1:
return upstream_description[0].rstrip('\n')
return None
lines = [line if line else '.' for line in upstream_description]
description = summary + "\n" + ''.join([" %s\n" % line for line in lines])
return description.rstrip('\n')
if (not os.path.exists('debian/upstream/metadata')
and not missing_file_issue.should_fix()):
sys.exit(0)
with YamlUpdater('debian/upstream/metadata') as editor:
if isinstance(editor.code, str):
sys.exit(0)
upstream_metadata = {
k: UpstreamDatum(k, v, 'certain')
for (k, v) in editor.code.items() if v is not None
}
minimum_certainty = os.environ.get('MINIMUM_CERTAINTY')
net_access = net_access_allowed()
# Downgrade minimum certainty, since check_upstream_metadata can
# upgrade it to "certain" later.
initial_minimum_certainty = ('likely' if net_access
and minimum_certainty == 'certain' else
minimum_certainty)
# Do some guessing based on what's in the package
update_from_guesses(
upstream_metadata,
filter_bad_guesses(
guess_upstream_metadata_items(
'.',
trust_package=trust_package(),
minimum_certainty=initial_minimum_certainty)))
# these. The method below (involving uscan) doesn't work from e.g. sbuild
# hosts.
def stock_replace(line):
for hostname in ['code.launchpad.net', 'launchpad.net', 'ftp.gnu.org']:
line = line.replace('http://%s/' % hostname, 'https://%s/' % hostname)
return line
update_watchfile(stock_replace)
report_result("Use secure URI in debian/watch.")
if not watchfile_has_http():
sys.exit(0)
if not net_access_allowed():
sys.exit(0)
def run_uscan_dehs():
return subprocess.check_output(['uscan', '--dehs', '--report'],
stderr=subprocess.PIPE)
try:
before = run_uscan_dehs()
except subprocess.CalledProcessError:
# Before doesn't work :(
sys.exit(0)
net_access_allowed,
report_result,
LintianIssue,
)
from lintian_brush.vcs import find_secure_vcs_url
updated = set()
lp_note = False
with control as updater:
for key, value in updater.source.items():
if not key.startswith('Vcs-'):
continue
if value.startswith('lp:'):
lp_note = True
newvalue = find_secure_vcs_url(value, net_access=net_access_allowed())
if newvalue is None:
# We can't find a secure version :(
continue
if newvalue == value:
# The URL was already secure
continue
issue = LintianIssue('source',
"vcs-field-uses-insecure-uri",
info='%s %s' % (key, updater.source[key]))
if issue.should_fix():
updater.source[key] = newvalue
updated.add(key)
issue.report_fixed()
if len(updated) == 1: