From af2cb89427e3d8144bed7eca05269a455f22fd03 Mon Sep 17 00:00:00 2001 From: davidovski Date: Tue, 9 Nov 2021 20:21:27 +0000 Subject: no auto key imports --- src/verbs/sync.py | 36 +++++++++++++++++++++++++++++++----- 1 file changed, 31 insertions(+), 5 deletions(-) (limited to 'src/verbs/sync.py') diff --git a/src/verbs/sync.py b/src/verbs/sync.py index 8b6e5e3..443a698 100644 --- a/src/verbs/sync.py +++ b/src/verbs/sync.py @@ -15,13 +15,15 @@ def list_packages(url): for line in response.split("\n") if len(line.split()) > 0 } -def sync_packages(repo, sources): +def sync_packages(repo, sources, verbose=False): packages = {} total = 0 completed = 0 for source,url in sources.items(): listed = list_packages(url + repo if url[-1] == "/" else f"/{repo}") + if len(listed) == 0 and verbose: + print(colors.BG_RED + f"No packages found in {source}/{repo}" + colors.RESET) total += len(listed) for p in listed: if not p in packages: @@ -32,7 +34,7 @@ def sync_packages(repo, sources): util.loading_bar(completed, total, f"Syncing {repo}") return packages -def validate_packages(packages, repo): +def validate_packages(packages, repo, verbose=False): output = {} completed = 0 total = len(packages) @@ -66,21 +68,45 @@ def save_package_list(validated, location): file.write("checksum=" + info["checksum"] + "\n") file.write("sources=" + " ".join([source for source in info["sources"]])) - +###### !!! ####### +# THIS SHOULD BE A USER ACTION +# security problem to automatically decide to verify keys +# users should do this manually whenever they add a new source +###### !!! ####### +def import_key(source, url, verbose=False): + keyname = "xi.pub" + status, response = curl(url + keyname if url[-1] == "/" else f"/{keyname}") + + if status == 200: + key_path = os.path.join(config["dir"]["keychain"], source + ".pub") + with open(key_path, "w"): + key_path.write(key_path) + + elif verbose: + print(colors.BG_RED + f"" + colors.RESET) def sync(args, options, config): sources = config["sources"] repos = config["repos"] + v = options["v"] + for repo in repos: - packages = sync_packages(repo, sources) + packages = sync_packages(repo, sources, verbose=v) # find the most popular hash to use - validated = validate_packages(packages, repo) + validated = validate_packages(packages, repo, verbose=v) save_package_list(validated, os.path.join(config["dir"]["packages"], repo)) num_packages = len(validated) util.loading_bar(num_packages, num_packages, f"Synced {repo}") print(colors.RESET) + + + #total = len(sources) + #completed = 0 + #for source, url in sources: + #compelted += 1 + #util.loading_bar(completed, total, f"Importing keys") -- cgit v1.2.1