GitLab

the security implications are not as high as compared to regular
tar/unzip archiver. this is because you are anyway trusting
the package to install files anywhere in the filesystem.

this serves rather as a sanity to check against errors in created
package.

forgot to --amend my changes

user xattrs on tmpfs are not supported no non-grsec kernels,
and many times root fs is mounted without user_xattr. Thus
to allow things to go smoothly on non-grsec kernels xattr
unsupported errors are now hidden.

xattrs can be fixed still now with "apk fix --xattrs"

use ERR_PTR mechanism, and handle it at all places.

apk in alpine 3.1 already supports this optimization, but kept
the database format. now is time to start using this feature.

fixes #4040

ref #3027

Package pinning was first implemented with 'p' tag. However, it
was before any release renamed to 's', and 'p' was reserved for
package provides support for which is used now.

using space was for backwards compatibility with apk-tools 2.2.2
and earlier (from January 2012)

the location changed in apk-tools 2.1.0 (March 2011) which was
used in Alpine Linux 2.2.

In case all applet arguments are packages names (that is are not
including wildcards), return error if they do not match to some
package.

Allows running apk as an unprivileged user, e.g. with fakeroot.
Opening the lock file fails without the write permission.

there are only few combinations for that triplet, and they
occur multiple times reducing the struct sizes a bit. make
sane defaults and prepare to not write defaults to disk
to reduce on-disk installed db size.

fixes #3371

Apk used to reset directory permissions always, but this is undesirable
if user has modified the permissions - especially during tmpfs boot.
Though, it is desirable to update the permissions when packaging has
changed permissions, or a new package is installed and the merged
permission mask / owner changes.

Thus the new code updates the permissions only if:
 1) We are booting and directory is not in apkovl
 2) The directory is modified by a package install/remove/upgrade
 3) The filesystem directory permission matched database

Additionally "apk fix --directory-permissions" can be used to reset
all directory permissions to the database defaults.

Fixes #2966

Allows one arch index files to refer to other arch packages. Mostly
useful with noarch packages, but could be used e.g. to ship build
with some of packages optimized for specific cpu generation and
share most packages with the standard build.

It's real only if there's a package with actual dependency
(conflicts and install_if dependencies do not count).

allow packages in the cache's installed to be selected for installation
by the solver. add test case for the issue.

basically this makes packager's life simpler as there is no need
to list the subpkg names in replaces. this was also very error
prone and tedious job to do properly.

This implements a new protected path flag '!' to include always
matching entries in the backup mode (overlay). This is also turned
on for etc/apk to include everything there in overlay, because
the full list of repositories and signing keys need to be in
overlay - just getting them from a package is not enough during
bootstrap.

http://ewontfix.com/11/

fixes #2134

Acked-by: Natanael Copa <ncopa@alpinelinux.org>

Mistakenly allowed masked out package to be installed if it was
in cache.

fixes #1482

Wildcard matching with no names should match all packages only for
info and search applet. "apk del" would otherwise try to delete
everything, etc.

Fix also interactive mode to ask questions only if we are actually
changing something.

to show different versions of package and the repositories from
which it is available from.