Christoph Reiter
e6e5bc74ad
security: list all the packages missing vuln metadata
...
It's a bit of a wall of text right now, but we need to show them
somewhere so we can fix them.
2024-12-14 10:53:14 +01:00
Christoph Reiter
73aa5d60bf
outofdate: fix total package number in case a repo filter is active
...
only count packages for the active filter
2024-12-14 10:48:46 +01:00
Christoph Reiter
d42899e01f
security: show git version as well, like everywhere else
2024-12-06 18:09:44 +01:00
Christoph Reiter
1db24694a1
Update deps
...
one small typing fix uncovered by newer mypy
2024-12-06 18:00:01 +01:00
Christoph Reiter
b6190a960b
package -> packages
...
for consistency
2024-09-15 17:07:03 +02:00
Christoph Reiter
3c7444c0a3
Get rid of the repo query param for single packages
...
We keep package names unique, and if for some reason they wouldn't be
we show both packages on that page then.
Let's not add a query param to every URL for such an edge case.
2024-09-15 17:06:51 +02:00
Christoph Reiter
106f1e42ec
More 404 reponses when things couldn't be found
2024-09-15 16:35:03 +02:00
Christoph Reiter
b6ecb4abae
Use the correct template for when no package with the name is found
...
The virtual package template doesn't cover that case
2024-09-15 16:16:38 +02:00
Christoph Reiter
aee5de581e
Fix TemplateResponse deprecation warning
...
the request should be passed as the first arg now
2024-09-15 16:13:40 +02:00
Christoph Reiter
1958c2cf98
port to new fastapi lifespan api
2024-09-15 16:10:09 +02:00
Christoph Reiter
8c0c9b65e7
Fix pydantic deprecation warning
2024-09-15 16:01:17 +02:00
Christoph Reiter
1178edde11
Sort repos by priority and not by name
...
Use the order of the repos in the config as the order for everything else.
selection inputs, package groupes etc
2024-09-15 15:42:14 +02:00
Christoph Reiter
a2d66ef817
package: fix missing version info for all provides/conflicts/replaces
2024-08-28 08:24:33 +02:00
Christoph Reiter
0ec93350fe
preload the fonts
2024-08-09 23:41:41 +02:00
Christoph Reiter
1ff07f8252
Update frontend deps; drop woff support
...
nearly everything supports woff2 now
2024-08-09 12:02:19 +02:00
Christoph Reiter
4fd8eb8cc3
Change the styling a bot for the sub-list headings
...
So it looks different to the main list headings in mobile view.
Not ideal.. but maybe better?
2024-07-23 17:41:28 +02:00
Christoph Reiter
461f08c905
package removals: show more context
...
add links, and show the dependency type
2024-07-23 09:33:11 +02:00
Christoph Reiter
fd3925efa0
Only show an outdated banner if the git version is too old
...
And not the version in the repo.
If the new version is in git, there is usually nothing to do, except
waiting for it to reach the repo.
2024-07-23 00:14:27 +02:00
Christoph Reiter
da40892968
Only show the git version in case it is different
...
In the common case it is the same, so avoid showing it twice
2024-07-22 23:50:28 +02:00
Christoph Reiter
1436216386
base: remove repo list
...
Now that the repos are listed via the sections of the binary packages,
there is no point it listing them again at the top.
2024-07-22 23:14:42 +02:00
Christoph Reiter
cd4a9ac00c
more compact
2024-07-20 17:13:38 +02:00
Christoph Reiter
97e57e0098
Move the source-only tarball to the binary package file section
...
While it's in theory a base package property, it's rarely used/usefull,
so put it to the other file stuff for now.
2024-07-20 17:07:15 +02:00
Christoph Reiter
433371ad98
Move external links into a sub list
...
To separate it visually from the rest
2024-07-20 17:05:37 +02:00
Christoph Reiter
0daf0070de
Add a link to the "source-only tarball"
2024-07-20 16:46:25 +02:00
Christoph Reiter
8b69672ee7
Fix error in case all vulns of a package have been ignored
...
We guarded in various places by whether vulns exist and then used
worst_vulnerability to select a color, but in case all are ignored
worst_vulnerability is None and things fail.
Introduce all_vulnerabilities/active_vulnerabilities/worst_active_vulnerability
properties and make sure that worst_active_vulnerability is always guarded
properly.
2024-06-30 16:01:53 +02:00
Christoph Reiter
99a86f1ca4
run: add CLI option to skip external sources
...
makes testing faster in some cases
2024-06-30 15:55:53 +02:00
Christoph Reiter
f0d1065951
base: group binary packages by repo
...
since it's not obvious which package name prefix belongs
to which repo/env
2024-06-30 15:31:15 +02:00
Christoph Reiter
60d6cb0856
Update frontend deps
2024-06-07 17:54:16 +02:00
Christoph Reiter
44a4f46ec6
anitya: don't link if explicitely disabled
...
If the PKGBUILD contains an empty anitya entry don't try to guess
the project based on the package name, just skip it.
2024-05-25 18:22:19 +02:00
Christoph Reiter
c1a941bd9b
Use the new Arch geo mirror by default
...
Less likely to be offline
2024-05-25 18:20:02 +02:00
Christoph Reiter
16c621476e
security: use the vuln sort key for sorting the package, not just the severity
...
At least for CVEs this gives us the critical CVEs for the newest year first,
since they are sorted by ID also.
2024-03-29 14:34:35 +01:00
Christoph Reiter
02d3a1bd02
Respect the new ignore_vulnerabilities field
...
It'a a list of CVE IDs or GHSA IDs which whould be ignored.
In lists we still show them, but at the end and with strike through.
For picking the worst for the tooltip button color we ignore them.
On the security page, of all are ignored, the package is skipped.
2024-03-28 11:28:12 +01:00
Christoph Reiter
fa0ec2f99a
security: link the docs
2024-03-27 17:54:06 +01:00
Christoph Reiter
7a4ce7cb15
Add anitya links to packages
...
In case the package has a anitya ID we use that, otherwise we
use the realname, which might not work or might show a list
of all matches, but better then nothing.
2024-03-27 17:51:04 +01:00
Christoph Reiter
4ef880434b
Add a page listing all found vulnerabilities
...
Also add some info to the package base if there is enough metadata
available for vulnerability matching.
2024-03-27 10:30:12 +01:00
Christoph Reiter
3c569263fd
Make ExtInfo.version optional instead of special casing an empty version
...
In case the version is an empty string it is considered newer by pacman
than for example "r123".
Instead make it optional and handle the None version everywhere.
Fixes #68
2024-03-26 13:41:57 +01:00
Christoph Reiter
b2462470bc
outofdate: also show vulnerabilities for unlinked packages
...
So we can priorize them for linking to other distros
2024-03-25 11:25:34 +01:00
Christoph Reiter
bd0fe0bcfb
Arch repos have started dropping MD5SUM from packages
2024-03-24 16:39:48 +01:00
Christoph Reiter
a752129010
pypi: normalize package names during lookup
...
After c23f1b58e4
the names in the pypi cache are normalized, so we need to match that.
2024-03-24 16:32:27 +01:00
Christoph Reiter
076ecee1f5
remove some debug prints
2024-03-24 11:35:18 +01:00
Christoph Reiter
9bdd3d22b1
Expose matched CVEs on the outofdate and the package pages
2024-03-24 11:34:00 +01:00
Christoph Reiter
2294bafcfb
Update frontend deps
2024-03-02 20:57:05 +01:00
Christoph Reiter
1c1d538324
pkgextra: get rid of internal flag
2024-01-24 08:36:46 +01:00
Christoph Reiter
d401a04bb0
Add a repology link to each package
...
There is no way to override the mapping and no version info,
we just re-use the mapping repology has for our packages.
But it's a start.
2024-01-12 17:56:18 +01:00
Christoph Reiter
eab53769bd
Split up the code for the different external sources
2024-01-12 17:40:21 +01:00
Christoph Reiter
7d7653ad35
fetch: move some blocking parsing into threads
2024-01-12 11:25:22 +01:00
Christoph Reiter
915771dd65
Add a very basic gentoo package mapper
...
I couldn't find a proper API, so while this matches lots of packages
it also includes testing/unstable versions which makes for a lot
of false positives would we use it to detect new versions, so it's
marked as a fallback provider for now.
2024-01-12 11:21:22 +01:00
Christoph Reiter
c746ac14b9
Remove pgp support
...
With the signatures being removed from the package DBs this is not needed
anymore
2023-11-04 18:51:59 +01:00
Christoph Reiter
505dfeec0a
queue: make the tooltip content a bit more compact
...
it's quite hard to read on mobile otherwise
2023-11-02 17:48:59 +01:00
Christoph Reiter
76d4b4d39b
Run pyupgrade
...
upgrade everything to 3.10+
2023-11-01 19:28:08 +01:00