lp:ubuntu/wily-proposed/click-reviewers-tools

Created by Ubuntu Package Importer on 2015-05-28 and last modified on 2015-10-09
Get this branch:
bzr branch lp:ubuntu/wily-proposed/click-reviewers-tools
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

34. By Jamie Strandboge on 2015-10-09

[ Jamie Strandboge ]
* multiple 'desktop' hooks should only be 'info' these days (LP: #1496402)
* verify snaps that use 'bus-name' are of 'type: framework'
* clickreviews/cr_lint.py:
  - snappy package.yaml defaults to 'architectures' and 'architecture' is
    deprecated. Adjust and add a warning for deprecation.
  - arm64 is a valid architecture now
  - don't warn on libc6 libraries with check_external_symlinks
  - don't traceback on broken symlinks when checking for hardcoded paths
    (LP: #1502962)
* clickreviews/cr_security.py: don't complain about missing AppArmor
  template vars if we detect this is unconfined boilerplate policy

33. By Jamie Strandboge on 2015-09-10

[ Alberto Mardegan ]
* clickreviews/cr_online_accounts.py: Do not check for "type" element in OA
  .service files
* clickreviews/cr_online_accounts.py: Support the new "accounts" hook

[ Jamie Strandboge ]
* clickreviews/cr_common.py: add peer_hooks_link to __init__ and use it
  as the link for missing and disallowed hooks
* clickreviews/cr_online_accounts.py: set peer_hooks_link to use
  https://wiki.ubuntu.com/SecurityTeam/Specifications/OnlineAccountsConfinement
* clickreviews/tests/test_cr_online_accounts.py: don't stub or check for
  "type" element in OA .service files
* Makefile: make sure check-names.list is up to date via 'make check'

[ Ricardo Kirkner ]
* Refactor to abstract check name generation.
  This will be used in a follow up branch to normalize check names in a way
  that allows extracting semantic meaning of check names from review results
  data.
* build name from review_type, prefix, app and extra parts using : as
  separator
* list all possible check types by running tests and extracting seen check
  names

[ Daniel Holbach ]
* Fix pep8 issues.

32. By Jamie Strandboge on 2015-07-09

* data/apparmor-easyprof-ubuntu.json: add "keep-display-on" to ubuntu
  common policy
* cr_security.py:
  - webapps may use "keep-display-on"
  - error if security-policy specified in snaps
* cr_lint.py:
  - give link to frameworks guide if framework specified
  - do not error if apparmor-profile specified with snap (handled by above
    change)

31. By Jamie Strandboge on 2015-07-07

* cr_security.py:
  - webview is not required with ubuntu-account-plugin
  - bin-path and systemd hooks shouldn't be used any more to ascertain if an
    app is a service or binary since snappy build is no longer adding them
    and snappy install ignores them (LP: #1472296)
* cr_common.py: comment that snappy-systemd hook is deprecated
* cr_lint.py: comment that snappy-systemd hook is deprecated
* cr_systemd.py:
  - directly parse package.yaml instead of parsing deprecated snappy-systemd
    hook
  - remove snappy-systemd hook checks now that it is ignored by snappy
    install in stable releases
* cr_bin_path.py: remove bin-path hook checks now that it is ignored by
  snappy install in stable releases

30. By Jamie Strandboge on 2015-06-26

* cr_security.py: verify required and allowed policy groups with the
  ubuntu-account-plugin template (LP: #1468792)
* cr_systemd.py: whitespace pep8 fixes for trusty to fix FTBFS in SDK
  staging ppa

29. By Jamie Strandboge on 2015-06-25

* README: add notes on where to upload review tools to keep projects in sync
* cr_online_accounts.py: account-provider and account-qml-plugin can now be
  allowed if used with apparmor (LP: #1219644)
* cr_security.py:
  - verify when account-provider and account-qml-plugin are used that the
    security manifest uses the "ubuntu-account-plugin" template
  - correctly update the cached json if needed
* apparmor_policy.py: fix bug that prevented get_policy_file() from working

28. By Jamie Strandboge on 2015-06-10

[ Jamie Strandboge ]
* Makefile: perform run-pyflakes in check target
* cr_systemd.py: add bus-name checks and update testsuite
* add security yaml checks
* cr_lint.py: don't allow same key in 'binaries' and 'services'
* cr_lint.py: implement hashes.yaml checks
* update README
* cr_desktop.py: add check to help transition away from obsoleted
  ubuntu-html5-app-launcher
* cr_common.py: remove snappy 'integration' checks
* cr_systemd.py: implement ports checks
* cr_systemd.py, cr_bin_path.py: error out if services or binaries is empty,
  repectively
* cr_lint.py: update pkgname checks for snaps-- shouldn't have '.' in the
  name
* cr_lint.py: add snappy-config checks
* cr_lint.py: maintainer isn't needed in compat click manifest for snaps
  that don't specify vendor
* debian/control: Depends on binutils (for 'ar')

[ Marcus Tomlinson ]
* cr_scope.py: add "keywords" to the list of optional scope .ini keys

27. By Jamie Strandboge on 2015-05-01

cr_security.py: add ubuntu-sdk-15.04 framework and policy version
(LP: #1449368)

26. By Daniel Holbach on 2015-04-20

[ Michael Vogt ]
* Fixed a number of issues raised by pyflakes.

[ Ricardo Kirkner ]
* support overrides in all click-check scripts
* refactored click checks to avoid duplication
* handle checks from branch as well as installed system-wide when running
  all checks

[ Jamie Strandboge ]
* update bin-path tests for new binaries yaml
* 'oem' is a valid type
* handle missing 'hooks' in manifest with oem snaps (LP: #1434279)
* cr_common.py: add config, immutable-config and oem in support of oem snaps
* obsolete framework click hook and meta/*.framework
* don't allow 'type: framework' to specify 'frameworks'
* fix click-show-files with native snaps
* click-show-files should show package.yaml
* add framework policy checks
* update systemd tests to check package.yaml
* .strip() whitespace in control_description_match
* check_package_filename() store downloads packages with _all instead of
  _multi. Account for that. We may want to remove this check entirely.
* cr_security.py: adjust for ubuntu-core/15.04 policy changes
* cr_security.py: policy_vendor is no longer redflagged
* cr_lint.py: don't strip 'all' from compat architecture list on snappy
* cr_lint.py: don't review unused control['Architecture'] on snappy

[ Fabian Ezequiel Gallina ]
* fix missing import on clickreviews/cr_framework.py
* add test for non-string framework

[ Alex Abreu ]
* fix webapp exec with no homepage url or with exec field code (LP:
  #1441185)

[ James Westby ]
* Drop the checks on the package name in the filename.
  The filename doesn't matter, and the store generates it anyway,
  so checking it is a waste, and keeps breaking as we change the
  rules.

25. By Jamie Strandboge on 2015-03-18

* don't fail if DEBIAN/md5sums doesn't exist with snap packages. The snap
  package format uses a different method for integrity checking
* add bin/click-check-systemd
* adjust bin/click-run-checks to call click-check-systemd

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/wily/click-reviewers-tools
This branch contains Public information 
Everyone can see this information.

Subscribers