commit d0603a25 has error in type definition for mypy.
It causes ‘type’ object is not subscriptable error.
Signed-off-by: Hiroshi Miura <miurahr@linux.com>
Top level directories are `qtsdkrepository/linux_x64` or `qtsdkrepository/linux_arm64`
qtsdkrepository files are suffixed with `.linux_gcc_64` or `.linux_gcc_arm64`
Installation directory is `gcc_64` or `gcc_arm64`
* fix generate_combinations issue with Linux Qt 6.7
Qt 6.7.0 changes the default arch for Linux from gcc_64 to linux_gcc_64.
This allows the generate_combinations.py script to account for that.
Also, Qt 6.7.0 is missing a few architectures that were present in
earlier versions of Qt6. This makes sure that the script can pick those
up.
* black (v 24.1.1)
New version of black formats metadata.py differently than before
* Settings: add an option to skip checksum verification on Updates.xml
This allows aqt to work even when the server download.qt.io is
unreachable.
Signed-off-by: Alberto Mardegan <mardy@users.sourceforge.net>
* Update settings.ini
* Correct option to skip checksum verification
* Rename ignore_hash option to INSECURE_NOT_FOR_PRODUCTION_ignore_hash
* Update doc about INSECURE_NOT_FOR_PRODUCTION_ignore_hash
* Add hash_algorithm option
* Unofficial mirrors might not provide any hash for Updates.xml
* docs: update configuration.rst
express default value of hash_algorithm
Signed-off-by: Hiroshi Miura <miurahr@linux.com>
* fix: hashlib constructor with usedforsecurity=False
- Python 3.9 and later introduce a keyword argument ``usedforsecurity``
- Set to False because we use hash to check file integrity not for password hash.
Signed-off-by: Hiroshi Miura <miurahr@linux.com>
* Attempt to fix parameter type inconsistency in downloadBinaryFile
---------
Signed-off-by: Alberto Mardegan <mardy@users.sourceforge.net>
Signed-off-by: Hiroshi Miura <miurahr@linux.com>
Co-authored-by: Alberto Mardegan <mardy@users.sourceforge.net>
Co-authored-by: Hiroshi Miura <miurahr@linux.com>
Allows MetadataFactory to produce a list of architectures when the
standard Updates.xml file is present, but the expected wasm Updates.xml
file is not.
- Replace map+filter and list+filter with list comprehension expression
- Use try/except for next(Iterator)
- Add test case for altlink that cause exception on next() in get_altlink
- Avoid exit but use sys.exit
Signed-off-by: Hiroshi Miura <miurahr@linux.com>
- Introduce classes inherit argparse.ArgumentParser to suppress mypy
errors in Cli class.
- `requests.session.Session.get()` expects that `timeout` is `float | tuple[float, float] | tuple[float, None] | None`
so use `Tuple[float, float]` for timeout
- Use named tuple for modules_query
- Update test_list.py
"list-*" command needs to get a list of folder names from the html page.
The original code tries to get those folder names
from the second "<td>" of the first "<table>".
Qt mirrors have different html layouts, so the code doesn't always work.
The new code tries to get folder names
from "href" attribute of "<a>" elements.
This change allows MetadataFactory.iterate_folders to recognize when
MetadataFactory has retrieved a malformed HTML file, or an HTML file
that does not contain the table and rows that it expects to see.
If the URL is correct, it should retrieve the right page, but this is
not guaranteed, and MetadataFactory should be able to recover and
generate an appropriate error message.
One possible situation where this kind of error might occur could be
when the user is connected to a public WIFI network, but not logged in.
The router would redirect aqt to the network login page, and aqt would
have no way of knowing that it did not receive the correct page.
Aqt should be resilient to this kind of error.
Causes `get_hash` to verify the hash length, and check that the hash can
be unhexlified properly.
Fixes the interface for `get_hash` so that the caller does not have to
run `binascii.unhexlify` or verify its output.
I don't think we can really call the `Updates.xml` files that we are
parsing 'untrusted xml', because we are checking that they match the
sha256 checksum. However, I don't think there's any good reason not to
use a more secure parsing algorithm.
`MetadataFactory.fetch_http` must often download HTML pages, not
Updates.xml files. download.qt.io does not store checksums for these
files, so this particular function must be allowed to download these
pages without using a checksum.
This prevents `list-*` from printing any module whose uncompressed size
is 40 bytes or less.
I have found a couple of modules that are exactly 40 bytes, and they
include no files, only empty directories. If any user tries to install
these modules, they will think that aqt failed to install the module
without printing any error message. I prefer to avoid this issue
by preventing `aqt list-*` from printing them.
`aqt install-*` is unaffected by this change, and it can still install
modules that contain no files. It is likely that we will need to print
a warning when this occurs.
If any user disagrees with the threshold value of 40 bytes, they are
free to adjust that value to their liking in `settings.ini`.
