mirror of
https://github.com/sudoxnym/fdroiddata.git
synced 2026-04-15 03:57:13 +00:00
33481756ef
We need a strong link between the source repo URL and our buildserver. HTTP redirects have a number of issues, and are unnecessary in our use case. Once this is complete, then the buildserver can set http.followRedirects to false, and we could also set the buildserver to fetch source over Tor to avoid targetting it. Right now, gitlab.com only allows git fetches over Tor if it is hitting a direct URL. gitlab.com/s redirect logic will trigger Cloudflare captures otherwise. * https://bugs.debian.org/79002 * https://www.debian.org/security/2019/dsa-4371 * https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html * fdroidclient#1041 |
||
|---|---|---|
| .. | ||
| audit-gradle.py | ||
| build-contains-signatures.py | ||
| check-for-unattached-signatures.py | ||
| check-git-repo-availability.py | ||
| check-keyalias-collision.py | ||
| check-localized-metadata.py | ||
| check-metadata-summary-whitespace.py | ||
| find-changed-builds.py | ||
| fix-ellipsis.sh | ||
| make-summary-translatable.py | ||
| png-pre-compress | ||
| README.md | ||
| rewrite-git-redirects.py | ||
| schedule-issuebot.py | ||
| trigger-issuebot | ||
Some tools for F-Droid Data written in Python
audit-gradle.py
build-contains-signatures.py
Dependencies
check-for-unattached-signatures.py
Apps with reproducible builds include the APK Signature files in the metadata. If there is no matching entry in Builds:, then those files are useless cruft.