click-reviewers-tools (0.24) vivid; urgency=medium

  * don't fail if DEBIAN/md5sums doesn't exist with snap packages. The snap
    package format uses a different method for integrity checking
  * add bin/click-check-systemd
  * adjust bin/click-run-checks to call click-check-systemd

 -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 18 Mar 2015 14:27:51 -0500

click-reviewers-tools (0.23) vivid; urgency=medium

  * fix pep8 warning when building on trusty

 -- Jamie Strandboge <jamie@ubuntu.com>  Mon, 09 Mar 2015 15:42:08 -0500

click-reviewers-tools (0.22) vivid; urgency=medium

  [ Alexandre Abreu ]
  * Relax the rule that states that webapps with a model search path shouldn't
    have url patterns listed in the command line. In order to avoid confusion,
    we allow this to happen (and it already works fine the command line
    patterns being appended to the locally defined ones). (LP: #1406643)

  [ Jamie Strandboge ]
  * add testsuite test to verify apparmor-profile can't be specified with
    apparmor
  * add apparmor-profile hook tests
  * fix test_check_optional_domain_suffix_without_protocol2() to actually test
    with 'nonexistent' key
  * debian/control:
    - add python3-yaml to Build-Depends and Depends
    - update Vcs-Bzr to point to lp:click-reviewers-tools
  * add snappy-systemd hook tests and update the testsuite accordingly
  * apparmor-profile hook may be used anywhere apparmor can be, but not with
    apparmor itself (apparmor-profile is still redflagged)
  * implement snappy package.yaml lint tests
  * implement snappy package.yaml services tests
  * implement snappy readme.md lint tests
  * implement snappy package.yaml binaries tests
  * one more snappy workaround for check_package_filename()

 -- Jamie Strandboge <jamie@ubuntu.com>  Mon, 09 Mar 2015 15:08:44 -0500

click-reviewers-tools (0.21) vivid; urgency=medium

  [ Pete Woods ]
  * Add childscopes field to recognised list.
  * Add documentation link of the scope config files:
    CONFIGFILES in lp:unity-scopes-api.

  [ Michael Vogt ]
  * snappy: add two new optional fields: source, type.

  [ Jamie Strandboge ]
  * also use ubuntu-devel-discuss@lists.ubuntu.com to signify a core-app
  * calculate arch correctly in check_package_filename()
  * add ubuntu-core-15.04 to self.major_framework_policy
  * add checks for self.major_framework_policy to policy_vendor checks
  * bin-path should no longer require snappy-systemd hook
  * warn, don't error, on 'Could not find compiled binaries for architecture'
    since it might be ok to, for example, ship a shell script but you only
    want it on ARM devices
  * apparmor-profile is an allowed hook, but a redflagged one
  * don't error that apparmor is missing if apparmor-profile is present

  [ Daniel Holbach ]
  * Deal with multi-arch clicks properly. (LP: #1395204)

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Tue, 03 Mar 2015 14:17:13 +0100

click-reviewers-tools (0.20) vivid; urgency=medium

  [ Martin Albisetti ]
  * Remove checks that validate namespaces and email addresses, those are
    better suited for the store, which knows the information about the
    uploading user. (LP: #1408644)

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Wed, 14 Jan 2015 12:12:25 +0100

click-reviewers-tools (0.19) vivid; urgency=medium

  [ Ricardo Kirkner ]
  * fetch framework data before running framework related checks
  * use mtime instead of ctime to check remote file freshness
  * allow specifying overrides for framework checks
  * handle case when overrides data is malformed

  [ Alexandre Abreu ]
  * add support for local html5 app launch mode for webapp-container
    (LP: #1388988)

  [ Jamie Strandboge ]
  * open scopes .ini file as utf8 (LP: #1371692)
  * allow for translatable fields in the scopes .ini file (LP: #1392133)
  * don't require desktop hook with systemd or framework
  * com.ubuntu.snappy can use ubuntu-devel-discuss@lists.ubuntu.com
    (LP: #1395007)
  * add bin-path click hook checks and tests (LP: #1395001)
  * add preliminary framework hook checks and tests (LP: #1395004)
  * refactor hooks checks into parent class (LP: #1395005)
  * sort click-review results in print_findings
  * add preliminary systemd hook checks and tests
  * update apparmor policy json and adjust security checks to properly handle
    different policy vendors
  * update data/apparmor-easyprof-ubuntu.json for 1.3
  * don't warn if specifying 'default' with ubuntu-snappy vendor
  * systemd hook renamed to snappy-systemd
  * allow filenames to end with .snap
  * allow flat namesapces in check_maintainer_email()

  [ Daniel Holbach ]
  * Add askubuntu explanation for policy_version_is_highest.
  * Add askubuntu explanation for debug builds. (LP: #1390163)

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Tue, 16 Dec 2014 17:07:36 +0100

click-reviewers-tools (0.18) utopic; urgency=medium

  * Let setup.py handle non-ascii characters in d/changelog.

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Wed, 15 Oct 2014 10:32:57 +0200

click-reviewers-tools (0.17) utopic; urgency=medium

  * webapps may use content_exchange_source (LP: #1380694)
  * online accounts shouldn't specify id and should warn when they do.
    (LP: #1380534)
  * click-show-files: cleanup unpack directory at end

 -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 14 Oct 2014 11:35:43 -0500

click-reviewers-tools (0.16) utopic; urgency=medium

  * add i386 and amd64 to self.valid_control_architectures

 -- Jamie Strandboge <jamie@ubuntu.com>  Thu, 09 Oct 2014 09:02:55 -0500

click-reviewers-tools (0.15) utopic; urgency=medium

  * don't error in check_application() if no scope or desktop hook when pay-ui
    hook is present
  * updates for push security checks:
    - apps may specify push-notification-client
    - push-helpers must use the new 'ubuntu-push-helper' template

 -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 08 Oct 2014 15:15:53 -0500

click-reviewers-tools (0.14) utopic; urgency=medium

  * don't error when account-provider and account-qml-plugin does not also
    have apparmor policy. There is no policy for these yet so the errors
    are confusing
  * add Makefile for some convenience functions
  * reuse the unpacked click dir

 -- Jamie Strandboge <jamie@ubuntu.com>  Thu, 02 Oct 2014 15:15:58 -0500

click-reviewers-tools (0.13) utopic; urgency=medium

  * reduce to 'info' when security policy does not end with .apparmor
    (LP: #1358317)

 -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 01 Oct 2014 08:09:42 -0500

click-reviewers-tools (0.12) utopic; urgency=medium

  [ Jamie Strandboge ]
  * traceback in a more friendly way if the json can't be parsed
  * adjust click-review --sdk to start reporting again (LP: #1375787)
  * add additional tests for online accounts (LP: #1357211)
  * explicitly mark 'networking' as bad policy group when using
    push-notification-client (it was already implicitly bad)

 -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 01 Oct 2014 07:14:33 -0500

click-reviewers-tools (0.11) utopic; urgency=medium

  [ Jamie Strandboge ]
  * allow 'accounts' policy group with network scopes.
  * fix fetch URL for apparmor json to point to json file, not html page
    (LP: #1375326)
  * check if security policy does not end with .apparmor (LP: #1358317)
  * cleanup all the temp directories on shutdown (LP: #1370577)
  * shouldn't warn when app is coreapp when it uses x-source or x-test
    (LP: #1371180)

  [ Daniel Holbach ]
  * be clearer about unloadable ClickReview classes.

 -- Jamie Strandboge <jamie@ubuntu.com>  Mon, 29 Sep 2014 17:01:58 -0500

click-reviewers-tools (0.10) utopic; urgency=medium

  [ Daniel Holbach ]
  * Split out code to find Click*Review classes in the clickreviews package
    into its own module, add tests for it.
  * Refactor bin/click-review to make it easier to extend.
  * Add --sdk option, so the SDK can start using it. (LP: #1363857)
  * Safeguard against broken clickreviews check modules, or modules that are
    still in development. (LP: #1364449)

  [ Jamie Strandboge ]
  * There is now a special pay-ui hook instead of the payui app reusing the
    desktop hook. We added a check for manual review for when the 'pay-ui' 
    hook was implemented in previous commits, but now we should adjust the 
    cr_desktop.py hook to not error when the pay-ui hook is specified but 
    the desktop hook is not.
  * The accounts policy group is now a common policy group (14.10) and 
    webapps more fully integrate with accounts these days, so don't flag 
    accounts as unusual any more.
  * Mark checks requiring manual review by using a special key in the json
    data.
  * Add commented out camera policy group to list of ok policygroups for 
    webapps.

  [ Ricardo Kirkner ]
  * Updated frameworks.json using myapps api. (LP: #1363096)

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Wed, 24 Sep 2014 16:10:43 +0200

click-reviewers-tools (0.9) utopic; urgency=medium

  [ Jamie Strandboge ]
  * data/frameworks.json: add ubuntu-sdk-14.10-qml-dev3
  * make missing --enable-back-forward informational for webapp desktop file
    checks

  [ Daniel Holbach ]
  * special-case 'com.ubuntu.scopes'.

  [ Pete Woods ]
  * Match scope review with actual ini file specifications. (LP: #1350427)
  * Point to the correct scope ini path.

  [ Daniel Holbach ]
  * Add 'click-review', a more versatile approach to what 'click-run-checks'
    was doing. (LP: #1355215)
  * Run pep8 during the build.

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Wed, 20 Aug 2014 16:03:35 +0200

click-reviewers-tools (0.8) utopic; urgency=medium

  [ Zoltan Balogh ]
  * Give an error if the app is using deprecated Friends API (LP: #1340869)

  [ Martin Albisetti, Daniel Holbach ]
  * refactor the way we handle frameworks into a central static list which
    should be easy to update.

  [ Jamie Strandboge ]
  * updated clickreviews/cr_tests.py for 14.10*dev2
  * bin/repack-click: use -Zgzip when repacking to remain compatible with
    debfile (ie, click install)
  * warn on new hooks
  * implement url-dispatcher hook checks
  * implement scope hook checks
  * implement content-hub hook checks
  * debian/control: Build-Depends and Depends on python3-lxml
  * implement account-* hook checks
  * redflag the upcoming pay-ui hook
  * update security tests to not require apparmor-easyprof-ubuntu or
    apparmor-easyprof by using a static list to ease updating
  * debian/control: drop Build-Depends and Depends on apparmor-easyprof and
    apparmor-easyprof-ubuntu
  * update data/apparmor-easyprof-ubuntu.json to not include friends policy
    group in 1.2 (LP: #1340869)
  * refactor the way we handle apparmor policy into a central static list
    which should be easy to update.
  * implement push-helper tests (LP: #1346481)

  [ Daniel Holbach ]
  * refer to documentation about click in case we encounter .deb packages.
  * fix some pep8 warnings.

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Fri, 25 Jul 2014 16:20:24 +0200

click-reviewers-tools (0.7.1) utopic; urgency=medium

  * Merge r198:
    [ Jamie Strandboge ]
    -  ubuntu-scope-local-content template is no longer available.

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Thu, 05 Jun 2014 16:21:33 +0200

click-reviewers-tools (0.7) utopic; urgency=medium

  [ Daniel Holbach ]
  * clickreviews/cr_lint.py: add link to more info about "Please use newer
    framework". Thanks Alan Pope.

  [ Jamie Strandboge ]
  * add 14.10 frameworks. Thanks Martin Albisetti for initial patch
  * 13.10 frameworks should be deprecated instead of obsolete and warn when
    using deprecated framework
  * add click scopes checks
  * special case ubuntu-devel-discuss@lists.ubuntu.com
  * implement check_hooks() lint tests
  * debian/control: Depends on apparmor-easyprof-ubuntu >= 1.2.2
    (LP: #1324121)

 -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 28 May 2014 23:48:04 +0200

click-reviewers-tools (0.6) utopic; urgency=medium

  [ Daniel Holbach ]
  * d/control: bump apparmor-easyprof-ubuntu requirement to 1.0.44.
    This should safeguard against #1292418 (test-suite failing on saucy).
  * clickreviews/cr_desktop.py: check for deprecated execs, add
    cordova-ubuntu-2.8 to the list. (LP: #1307533)

  [ Jamie Strandboge ]
  * clickreviews/cr_security.py:
    - webview policy can be used by webapps
    - content_exchange policy can be used by webapps (LP: #1308184)
    - clickreviews/tests/test_cr_security.py: tests for above
    - warn if webview not used with ubuntu-webapp template on non-13.10
      frameworks
  * clickreviews/cr_lint.py: obsolete ubuntu-sdk-13.10 framework
  * clickreviews/cr_functional.py: warn if using UbuntuWebView 0.1

 -- Jamie Strandboge <jamie@ubuntu.com>  Mon, 28 Apr 2014 13:01:08 -0500

click-reviewers-tools (0.5) trusty; urgency=medium

  [ Jamie Strandboge ]
  * mock self.supported_policy_versions
  * support multiple frameworks on system in security tests
  * add/update tests for multiple frameworks in security tests

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Thu, 27 Feb 2014 15:30:51 +0100

click-reviewers-tools (0.4) trusty; urgency=medium

  [ Daniel Holbach ]
  * Check for broken icon paths in .desktop files. (LP: #1257429)
  * Add initial set of askubuntu answers.
  * Add ubuntu-html5-app-launcher to expected_execs.

  [ Jamie Strandboge ]
  * Documented and clarified the use of the scripts.
  * Fix crash in __del__. (LP: #1282652)
  * Add webapp-container tests.
  * Document bzr hook to run tests.

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Wed, 22 Jan 2014 17:59:26 +0100

click-reviewers-tools (0.3) trusty; urgency=medium

  * d/compat: bump to 9.
  * d/control: 
    - bump Standards-Version, 
    - drop X-Python-Version, we have X-Python3-Version,
    - programmatical -> programmatic
  * d/copyright: fix license mistake (GPL-3+ vs. GPL-3)

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Wed, 22 Jan 2014 17:38:47 +0100

click-reviewers-tools (0.2) trusty; urgency=low

  * Initial release (LP: #1230248)

 -- Daniel Holbach <daniel.holbach@ubuntu.com>  Wed, 25 Sep 2013 14:32:32 +0200
