def fix_homepage(http_url): if not http_url.startswith('http:'): return http_url https_url = 'https:' + http_url[len('http:'):] result = urllib.parse.urlparse(http_url) if result.netloc in known_https: return https_url if not net_access_allowed(): return http_url # Fall back to just comparing the two headers = {'User-Agent': USER_AGENT} try: http_contents = urlopen(Request(http_url, headers=headers), timeout=DEFAULT_URLLIB_TIMEOUT).read() except ERRORS as e: sys.stderr.write('Unable to access HTTP version of homepage %s: %s' % (http_url, e)) return http_url try: https_contents = urlopen(Request(https_url, headers=headers), timeout=DEFAULT_URLLIB_TIMEOUT).read() except ERRORS as e: sys.stderr.write('Unable to access HTTPS version of homepage %s: %s' % (https_url, e)) return http_url if same_page(http_contents, https_contents): return https_url return http_url
def migrate_from_obsolete_infra(control): vcs_type, vcs_url, unused_subpath = get_vcs_info(control) if vcs_type is None: return if not is_on_obsolete_host(vcs_url): return package = control["Source"] maintainer_email = parseaddr(control["Maintainer"])[1] old_vcs_browser = control.get('Vcs-Browser') old_vcs_type = vcs_type old_vcs_url = vcs_url try: (vcs_type, vcs_url, vcs_browser) = find_new_urls( vcs_type, vcs_url, package, maintainer_email, net_access=net_access_allowed()) except NewRepositoryURLUnknown: return fixed_lintian_tag( 'source', "vcs-obsolete-in-debian-infrastructure", info='vcs-%s %s' % (old_vcs_type.lower(), old_vcs_url)) if (("Vcs-Cvs" in control and re.match( r"\@(?:cvs\.alioth|anonscm)\.debian\.org:/cvsroot/", control["Vcs-Cvs"])) or ("Vcs-Svn" in control and "viewvc" in control["Vcs-Browser"])): fixed_lintian_tag( 'source', "vcs-field-bitrotted", info='%s %s' % (old_vcs_url or '', old_vcs_browser or '')) for hdr in ["Vcs-Git", "Vcs-Bzr", "Vcs-Hg", "Vcs-Svn"]: if hdr == "Vcs-" + vcs_type: continue try: del control[hdr] except KeyError: pass control["Vcs-" + vcs_type] = vcs_url if vcs_browser is not None: control["Vcs-Browser"] = vcs_browser else: try: del control["Vcs-Browser"] except KeyError: pass
async def valid_bug(package, bug): if not net_access_allowed(): return None global debbugs if debbugs is None: from lintian_brush.debbugs import DebBugs _debbugs = DebBugs() try: await _debbugs.connect() except ImportError: # No asynpcg? return None except socket.gaierror as e: warn('Unable to connect to debbugs: %s' % e) return None debbugs = _debbugs return await debbugs.check_bug(package, bug)
async def package_exists(package, release, version_info): if not net_access_allowed(): try: return (package in os.environ['%s_PACKAGES' % release.upper()].split(',')) except KeyError: return None try: from lintian_brush.udd import connect_udd_mirror except ModuleNotFoundError: return None async with await connect_udd_mirror() as udd: query = 'SELECT True FROM packages WHERE release = $2 AND package = $1' args = [package, release] if version_info is not None: version_cmp, version = version_info query += ' AND version %s $3' % VERSION_CMP_SQL[version_cmp] args.append(version) row = await udd.fetchrow(query, *args) return bool(row)
def guess_description(binary_name, all_binaries, summary=None): if len(all_binaries) != 1: # TODO(jelmer): Support handling multiple binaries return None upstream_metadata = guess_upstream_metadata( '.', trust_package(), net_access_allowed()) if summary is None: summary = upstream_metadata.get('X-Summary') try: upstream_description = textwrap_description(upstream_metadata['X-Description']) except KeyError: # Better than nothing.. return summary if summary is None: if len(upstream_description) == 1: return upstream_description[0].rstrip('\n') return None lines = [line if line else '.' for line in upstream_description] description = summary + "\n" + ''.join([" %s\n" % line for line in lines]) return description.rstrip('\n')
if (not os.path.exists('debian/upstream/metadata') and not missing_file_issue.should_fix()): sys.exit(0) with YamlUpdater('debian/upstream/metadata') as editor: if isinstance(editor.code, str): sys.exit(0) upstream_metadata = { k: UpstreamDatum(k, v, 'certain') for (k, v) in editor.code.items() if v is not None } minimum_certainty = os.environ.get('MINIMUM_CERTAINTY') net_access = net_access_allowed() # Downgrade minimum certainty, since check_upstream_metadata can # upgrade it to "certain" later. initial_minimum_certainty = ('likely' if net_access and minimum_certainty == 'certain' else minimum_certainty) # Do some guessing based on what's in the package update_from_guesses( upstream_metadata, filter_bad_guesses( guess_upstream_metadata_items( '.', trust_package=trust_package(), minimum_certainty=initial_minimum_certainty)))
# these. The method below (involving uscan) doesn't work from e.g. sbuild # hosts. def stock_replace(line): for hostname in ['code.launchpad.net', 'launchpad.net', 'ftp.gnu.org']: line = line.replace('http://%s/' % hostname, 'https://%s/' % hostname) return line update_watchfile(stock_replace) report_result("Use secure URI in debian/watch.") if not watchfile_has_http(): sys.exit(0) if not net_access_allowed(): sys.exit(0) def run_uscan_dehs(): return subprocess.check_output(['uscan', '--dehs', '--report'], stderr=subprocess.PIPE) try: before = run_uscan_dehs() except subprocess.CalledProcessError: # Before doesn't work :( sys.exit(0)
net_access_allowed, report_result, LintianIssue, ) from lintian_brush.vcs import find_secure_vcs_url updated = set() lp_note = False with control as updater: for key, value in updater.source.items(): if not key.startswith('Vcs-'): continue if value.startswith('lp:'): lp_note = True newvalue = find_secure_vcs_url(value, net_access=net_access_allowed()) if newvalue is None: # We can't find a secure version :( continue if newvalue == value: # The URL was already secure continue issue = LintianIssue('source', "vcs-field-uses-insecure-uri", info='%s %s' % (key, updater.source[key])) if issue.should_fix(): updater.source[key] = newvalue updated.add(key) issue.report_fixed() if len(updated) == 1: