@hjuutilainen hjuutilainen released this Mar 5, 2018 · 10 commits to master since this release

Assets 3

1.0.4 (March 05, 2018)

FIXES:

  • All GitHub API requests are now performed using curl. This fixes TLS errors with
    GitHubReleasesInfoProvider processor and autopkg search functionality on macOS 10.12
    and earlier. (GH-408)

IMPROVEMENTS:

  • A GitHub token can now be specified in AutoPkg preferences (GITHUB_TOKEN) or in a file: ~/.autopkg_gh_token (Original PR was GH-407, code merged here as part of GH-408: 8e0f19b)
  • In parent trust info, store paths within user home as ~/some/path. When verifying
    trust info, expand ~ to current user home directory.
  • FlatPkgUnpacker, PkgPayloadUnpacker and PkgRootCreator will now create intermediary
    directories (GH-401)
  • URLDownloader and URLTextSearcher now accept curl_opts input variable to provide
    additional arguments to curl (GH-384, GH-386)

@gregneagle gregneagle released this Sep 22, 2017 · 27 commits to master since this release

Assets 3

1.0.3 (September 22, 2017)

FIXES:

  • Better handling of bundle items in MunkiImporter (GH-352)
  • Prevent stack trace when parent recipe does not exist (GH-363)

IMPROVEMENTS:

  • DmgCreator now explicitly specifies HFS+ format when creating disk images.
    Avoids an issue where APFS images were created under High Sierra,
    potentially causing issues with machines running older macOS versions.
    (GH-357)
  • Improvements to CodeSignatureVerifier (GH-373)
    • Added strict_verification variable to control whether to pass --strict,
      --no-strict or nothing at all to codesign.
    • Added deep_verification variable to control whether to pass --deep to
      codesign or not. Deep verification was previously on by default (and
      still is) but it can now be explicitly disabled.
    • Added codesign_additional_arguments variable for specifying additional
      arguments for codesign tool.
    • Removed the .app file extension checking and no longer require the input to
      be a specific file type. Only check for .pkg, .mpkg or .xip extensions and
      pass those to pkgutil, everything else should go to codesign.

@timsutton timsutton released this Apr 7, 2017 · 50 commits to master since this release

Assets 3

1.0.2 (April 07, 2017)

FIXES:

  • Trust info is ignored if it is ever present in a recipe which is not an override,
    and warns if any such trust info is found (GH-334)
  • Fix a regression in PlistReader and handling disk images
  • PkgCopier can now mount a diskimage in the source path even if its extension is not
    .dmg (GH-349)

IMPROVEMENTS:

  • If an autopkg run has recipes failing due to trust verification failure, this is
    clarified in the output as the reason for the failure.
  • URLDownloader now handles file sizes in FTP server responses, avoiding repeated
    downloads from ftp:// server URLs (GH-338)
  • FileFinder can now mount DMG files given as part of its input pattern (GH-263)
  • When PkgCreator logs Invalid version, it now includes the offending version string
    in this output (GH-343)

@timsutton timsutton released this Nov 30, 2016 · 74 commits to master since this release

Assets 3

1.0.1 (November 30, 2016)

FIXES:

  • Fix a crash when parsing a plaintext --recipe-list containing a single item
    (GH-323)

@timsutton timsutton released this Nov 17, 2016 · 78 commits to master since this release

Assets 3

This is the official release of AutoPkg 1.0. There were no changes from Release Candidate 1.

1.0.0 (November 16, 2016)

ADDITIONS:

  • New audit verb, used to output helpful information about any recipes that:
    • Are missing a CodeSignatureVerifier step
    • Use non-HTTP URLs for downloads
    • Supply their own processors and thus will run code not provided by AutoPkg itself
    • Use processors that may potentially be modifying the original software
      downloaded from the vendor
  • New verify-trust-info and update-trust-info verbs. These can be used to
    add "trust" hash information to a recipe override. If a parent recipe and/or
    its processor(s) is later updated (typically via a third-party recipe repo and
    running autopkg repo-update against this or all recipe repos), this
    trust information will be invalid and prevent the recipe from running
    until the trust information has been updated. Running verify-trust-info with
    additional verbosity will print out full diffs of upstream changes made since
    the last trust information was recorded, and update-trust-info will update
    it to match the current state of parent recipes. This behaviour can be bypassed
    using the FAIL_RECIPES_WITHOUT_TRUST_INFO AutoPkg preference. See the
    wiki article for more information.
  • New AppPkgCreator processor, a single processor replacing the several steps
    previously required for building a package from an application bundle.
  • Support for "rich" recipe lists in property list format, which can specify
    pre/post-processors and additional input variables for that specific run. See the
    Running Multpiple Recipes article for more details.

FIXES:

  • Fix SparkleUpdateInfoProvider ignoring appcast_request_headers argument since
    switching from urllib2 to curl. (GH-277)
  • Miscellaneous fixes to better handle unicode in autopkg message output.
    (GH-299)
  • Fix GitHub API error on autopkg search for a recipe name containing spaces.
    (GH-305)

IMPROVEMENTS:

  • URLDownloader now passes --fail option so that most 400-class error codes
    will result in a failed recipe run. (GH-284)
  • AutoPkg now reports an exit code of 70 if any recipe in an autopkg run
    fails. Eventually other exit codes may later be added to report on other
    specific behavior. (GH-297)
  • MunkiImporter now accepts an uninstaller_pkg_path input variable, used to
    copy Adobe uninstaller packages and set uninstaller_item_location in pkginfos.
  • MunkiImporter should now be able to detect existing Adobe CCP-built package
    items in a Munki repo as generated by makepkginfo in Munki tools version 2.8.0
    and higher.

@timsutton timsutton released this Mar 18, 2016 · 146 commits to master since this release

Assets 3

0.6.1 (March 18, 2016)

FIXES:

  • Fix too-restrictive 600 permissions on files downloaded by curl. This caused an issue
    where a file copied to either a local or remote Munki repo may not be readable by the
    webserver. Modes of downloaded files are now set to 644.

@timsutton timsutton released this Mar 15, 2016 · 150 commits to master since this release

Assets 3

0.6.0 (March 15, 2016)

CHANGES:

  • URLDownloader, URLTextSearcher and SparkleUpdateInfoProvider now all use
    the /usr/bin/curl binary for performing HTTP requests. This resolves
    several ongoing issues with Apple's Python urllib2 module and SSL.
    CURLDownloader and CURLTextSearcher processors refer internally to the same
    processors, and recipes using them can be safely switched back to the
    "standard" versions.
    An alternate cURL binary can be specified using the CURL_PATH input variable.
  • The BrewCaskInfoProvider processor is now deprecated. The Cask DSL has added
    over time logic for specifying URLs that requires the ability to actually invoke Ruby
    code, and this processor was never widely used. It will remain in AutoPkg for
    some time but will not function with all Cask files.
  • CodeSignatureVerifier: the use of expected_authority_names to verify .app
    bundles is now deprecated, and will be removed in a future AutoPkg release. Use
    requirement instead. (GH-256)

FIXES:

  • CodeSignatureVerifier: globbing is performed on all paths, rather than only
    within a disk image path. (GH-252)

IMPROVEMENTS:

  • URLDownloader: support for 'CHECK_FILESIZE_ONLY' input variable,
    which skips checks for Last-Modified and ETag headers when checking whether a
    download has changed on the server, and uses only the file size. This is useful
    for recipes that redirect to various mirrors for downloads, where these server
    header values differ, causing repeated downloads. This can be set in a recipe's
    Input section, or like any other variable it can also be altered on the CLI using
    the '--key/-k' option during any given run, for example:
    autopkg run -k CHECK_FILESIZE_ONLY=true VLC.munki
  • CodeSignatureVerifier: support for xip archives
  • Unarchiver: support for gzip archives

@timsutton timsutton released this Jan 13, 2016 · 176 commits to master since this release

Assets 3

0.5.2 (January 13, 2016)

FIXES:

  • Fix for curl/CURLDownloader saving zero-byte files. (GH-237)
  • Don't prompt to search recipes when running autopkg run --recipe-list. (GH-223)
  • Fix a regression in 0.5.1 in running .install recipes on OS X 10.9 and earlier.
  • Properly handle the case of SparkleUpdateInfoProvider finding no items in an appcast feed. (GH-208)

@timsutton timsutton released this Sep 2, 2015 · 196 commits to master since this release

Assets 3

0.5.1 (September 02, 2015)

ADDITIONS:

  • New processor, PackageRequired. Can be added to recipes that require a --pkg
    argument (or PKG variable), where a public .download recipe is not feasible. (GH-207)
  • New proof-of-concept processors CURLDownloader and CURLTextSearcher, drop-in
    replacements for URLDownloader and URLTextSearcher which use cURL instead of
    Python urllib2. Can be used to mitigate issues with SSL and the system Python.

IMPROVEMENTS:

  • PathDeleter: Guard against the mistake of path_list being a single string instead
    of a list of strings. (GH-200)
  • Compatibility fixes in packaging and install daemons for future OS X releases.
  • MUNKI_PKGINFO_FILE_EXTENSION default variable can now be an empty string to
    eliminate a pkginfo file extension altogether. (GH-212)
  • MunkiImporter: When attempting to match previous versions of existing items, check bundle
    installs types in addition to well as application types. (GH-216)
  • PkgCreator: Previously, in pkg_request's chown dict, if an absolute path was
    given in path, that literal path would be used rather than relative to the pkg
    root. Now, if an absolute path is given, it will still be properly joined to the
    pkg root. (GH-220)
  • Fix issue where an unhandled exception in any recipe processor would halt the entire
    AutoPkg run and Python would abort with a traceback. The output of --report-plist
    now stores the relevant traceback within failures item dicts. (GH-147)

FIXES:

  • URLDownloader: Fix issue where URL has updated ETag/Last-Modified but a matching
    filesize, and would not continue downloading the new file. (GH-219)

@timsutton timsutton released this Jul 17, 2015 · 235 commits to master since this release

Assets 3

0.5.0 (July 17, 2015)

BREAKING CHANGES:

  • The structure of a plist output by --report-plist has changed to reflect the
    structure of the summary results described below in ADDITIONS. (GH-163)

ADDITIONS:

  • New processor, GitHubReleasesInfoProvider. Used to fetch download URLs and metadata about
    releases posted on GitHub.
  • autopkg run interactively offers suggestions for similar recipe names when a recipe can't
    be found, and also offers to search for the desired recipe on GitHub.
  • New install verb. autopkg install Firefox is equivilent to autopkg run Firefox.install
  • Processors may now define their own summary reporting data. Previously AutoPkg provided
    summary data only for several known, core processors like URLDownloader, PkgCreator, etc.
    Now AutoPkg will print out data provided within a dict value of an env key ending in
    _summary_result (see Processor Summary Reporting on the AutoPkg wiki). (GH-163)

IMPROVEMENTS:

  • SparkleUpdateInfoProvider now sets the version key based on what feed item it has
    processed. This key can be used in later steps of the recipe. (GH-166)
  • AutoPkg now warns against being run as root.
  • Use of new launchd 2.0 socket API is used by autopkgserver if running on Yosemite or
    higher. (GH-176)
  • URLDownloader is now able to decompress gzip-encoded content. (GH-184)
  • FileCreator now supports optional file_mode input variable.
  • SparkleUpdateInfoProvider processor is now skipped early if --pkg argument is given
    to autopkg run, similar to URLDownloader.

FIXES:

  • Fixes in MunkiImporter's logic when attempting to locate a matching item in a repo.
  • PkgCreator: fix an exception when setting mode on a direcotry (in chown, in
    pkg_request). (GH-177)
  • BrewCaskInfoProvider now properly interpolates '#{version}' within 'url' strings.