LUTI : Creation, testing and automatic tracking of WAPT packages

The WAPT family is growing with our new tool: LUTI! We hope this little robot manages to find a place in your hearts… Or in the bookmarks bar of your browser.

What is LUTI?

LUTI is an internal tool capable of creating, testing, tracking, and automatically updating WAPT packages for the WAPT Store.

Through this article, we’re making the results publicly accessible via the LUTI website. You can access it free of charge, similar to most of our resources.

Please note, this improvement is applicable only to packages created by Tranquil IT. This tool is not intended for adaptation to your own use.

I discover LUTI!

The Origin of LUTI:

As you may know, we strive to offer the most useful, comprehensive, and secure packages possible on our WAPT Store. It’s our policy to version and test each of these packages. This ensures an additional level of quality assurance in terms of security.

Currently, there are over 6,000 packages available on the WAPT Store. Naturally, manually testing each of these packages consumes a significant amount of time. To address this, we developed LUTI to automate the testing process. This continuous integration system for WAPT packages once again ensures high-quality standards.

Of course, our commitment to delivering excellence motivated us to go a step further!

How LUTI Works:

Monitoring and Automatically Building Software Packages:

Through a regularly executed script, LUTI can monitor the version numbers of software available on the WAPT Store. As soon as a version number change is detected on the official website of the software publisher, LUTI will automatically trigger the rebuilding of the dedicated package.

 

Automatically Testing and Validating WAPT Packages:

The second task of LUTI is to test and validate the built packages. These packages are always tested on different machines and environments. Additionally, to validate a WAPT package, LUTI performs two types of tests:

  • Installation of the software from scratch.

  • Installation of the new version, overwriting the old version of the software.

LUTI also utilizes this process to run a VirusTotal analysis on the files used to build and test the package. If VirusTotal detects an issue with the package, it is blocked. Only human intervention can assess and validate the legitimacy of the package in question.

Several factors can lead to the failure of a package build: installation issues, network unavailability, etc. In such cases, you can reinitiate the package build with an “Error” status.

 

Best Security Practices with WAPT Packages:

Vous avez plusieurs options concernant les paquets que nous mettons à disposition. Les utilisateurs pressés (ou courageux) peuvent utiliser les paquets disponibles dans le dépôt “Nightly”, tandis que les plus prudents préféreront attendre quelques jours. Dans tous les cas, nous vous recommandons toujours de tester ces paquets dans un environnement dédié sur votre infrastructure avant de les déployer sur votre parc informatique.

What is VirusTotal?

VirusTotal is a website that analyzes files, domains, IPs, and URLs for free upon request using multiple antivirus engines. VirusTotal quickly detects the presence of viruses or malware. It’s important to note that VirusTotal does not provide additional protection and does not replace the need for antivirus software.

 

From LUTI to the WAPT Store:

Each WAPT package built and validated by LUTI arrives in a repository called “Nightly,” which is also freely accessible. This is a repository for “pending” packages. Users have 5 days to report any issues they encounter with a WAPT package. If no issues are reported during this period, the package is considered reliable and will be published on the WAPT Store.

 

Discover the LUTI website:

We have endeavored to create a comprehensive website that allows you to access all the important information provided by LUTI:

  • The name of each package

  • The latest version detected on the publisher’s site

  • The status, date, and version of the latest package build

  • The version currently available on the WAPT Store

  • The date of the last detection of a new version on the publisher’s site

By clicking on the name of a package, you can see what has been built by LUTI. The repository of a software can then host a package for Mac, Windows, Debian, CentOS, etc. It is also possible to know on which machines the tests are run by clicking on one of these packages. The history of packages dedicated to a software can also be viewed from the site.

Finally, you can also find the files tested with VirusTotal to verify the package in question.

And that concludes this presentation of LUTI. We hope this little robot meets your expectations! Of course, there is always room for improvement. Please don’t hesitate to give us your feedback through the comment section.

Demonstration

Group demo

07/11/2024 : 10h30 - 11h30

Let's go !