-
-
Notifications
You must be signed in to change notification settings - Fork 6.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[addons] define offical repositories #18111
Conversation
I think it's ok to add a separate function to CompileInfo containing the new value. You may also need to pass it in CMakeLists.txt in the root of the repo, around line 225 (but I'm not sure on this!). |
i removed 2d71b45 as this was a testing commit that should display addon-repos in the gui. they showed up without the comment Line 10 in 2fa3866
now things are getting a little tricky, but the current commit is working.. and the log-file says: |
You can also use StringUtils::Split to pull out the repos out of the single string. |
yes, found it right now. and what i'm not sure about is the new |
I think it's good, once the PR is ready to take out of draft someone will suggest something else if there's a better way. So next you'll need to figure when an update happens how to restrict addon updates from a trusted repos to only come from trusted repos. So I think this will be to check the origin which should match a trusted repo. |
You are mistaken. It does not prevent that. |
Nice work @howie-f. I think apart from the last couple of minor comments this is looking good. Is there anything you would like to add to this before changing to a full PR? This feels to me like a full PR. |
@phunkyfish actually reworking. i'll do a push shortly and then adjust to full pr. |
excerpt from debug log:
|
That’s the ORIGIN_SYSTEM hash. Ok, can add that.
Ok, that’s true. I think in this case you would need to manually update the addon from another repo. I think we can add try and add this now or in a future PR. As there will be work on addons installing from there installed repo this may end up only being possible manually. |
then i'd come up now with this 06efd7e (hopefully doing what we want)
let's do that in a future PR and when we have a possible solution for ronie's point 5. |
regards to point #5, as kodi repo is pre-installed, it shouldn't be able to be hijacked Its origin could be set to itself (or ORIGIN_SYSTEM - maybe already is?), so it shouldn't accept updates / installs from other repos. So, only way it could be replaced is via install from zip. Or just not allow repos to be installed via zip if they are already installed. Also, a REPO should not be allowed to be updated from a different repo fullstop. In my original PR, I suggested that "UNLESS the add-on is a system addon (origin is ORIGIN_SYSTEM) then it can get an update from any trusted repos (highest version used)." Which looks like the latest commit does. |
i finally dropped the refactoring commit, as it was obsolete now, and tested with a private |
@howie-f did you address point 5 raised by ronie?
|
@phunkyfish that is unaddressed for now. wrote an idea about how to maybe solve this to the channel, but we have to decide if this is a appropiate. so i saw this as out of scope but to come. |
Ah, I hadn’t looked at slack yet today 😉 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
[addons] define offical repositories
This will make it harder for official add-on developers to get an emergency fix out when e.g. a VOD provider made infrastructure changes. Official add-ons will now fully depend on the time it takes for an update to get reviewed, accepted and pushed through the normal channels (no possibility to fast-track through their own repository). Non-official add-ons (like Netflix) will have the advantage they can publish asap through their own repository. Maybe a mechanism where packages are signed, and signatures are trusted would have been a more flexible solution here, so the user can decide what to trust in addition to the official repositories? |
Signing and signatures would be ideal. But out of scope for the initial feature set, it would have been far too much work to get this in place quickly. Once the initial feature set is done we can look at this. |
Description
This PR defines addon repositories (usually
repository.xbmc.org
) as offical.Auto-updates of addons from third-party repositories (not official) will then be denied if the checked addon is provided by both repos.
Motivation and Context
This is part 1.) "trusted repos" of addon-system-refactoring. Numbered proposals can be found here: #17677
Types of change
Checklist: