Give warning if the apparmor file does have other extension than .apparmor
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Click Reviewers tools (obsolete) |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
From the upcoming release of the Ubuntu SDK, the manifest and apparmor files are going to be moved from the Publish page to the project editing area.
To list and offer files in the editor we need defined mime types. Both the manifest and the apparmor files need to be identified and discovered by the SDK tools. For that we need standard name for both. The manifest file is the manifest.json, but the apparmor hook is set in the manifest file and so far it accepted any file name.
In the future only *.apparmaror scheme should be accepted. In order to gracefully force the existing apps to change the apparmor file name to .apparmor we need a warning from the c-r-t when the application is using other scheme.
Related branches
Changed in click-reviewers-tools: | |
status: | New → In Progress |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in click-reviewers-tools: | |
status: | In Progress → Fix Committed |
Changed in click-reviewers-tools: | |
status: | Fix Committed → Fix Released |
The click-reviewers team discussed and we feel that marking this as a warning is too much. The majority of existing apps use a .json extension since that is what the SDK did and documentation recommended, and some people may choose not to use the SDK to develop click packages. The file extension doesn't actually matter-- the file just needs to be parseable json and then the security checks are run.
That said, I think the check is valid and useful for the SDK. I will be updating the click-reviewers -tools to retain the check, but mark is as 'info'. This means that the check won't block acceptance in the store, it supports existing apps and documention and supports users not using the sdk, but allows the sdk to look at the 'info' json and flag it within the sdk.
Here is example output: sdk_security_ extension_ foo": { manual_ review" : false,
$ ./bin/click-review --sdk <path/to/click>
= lint =
{
"error": {},
"info": {
...
"lint_
"
"text": "foo.json does not end with .apparmor (ok if not using sdk)"
},
...
"warn": {}
}