From c15cbb368c89ed4c7e063897212f6d4679bda373714e3919c09edc4336160f33 Mon Sep 17 00:00:00 2001
From: Dominique Leuenberger <dimstar@opensuse.org>
Date: Fri, 19 Apr 2024 11:45:57 +0000
Subject: [PATCH] Accepting request 1169145 from GNOME:Next

- Don't allow an executable name to be misinterpreted as a
      command-line option for bwrap(1). This prevents a sandbox
      escape where a malicious or compromised app could ask
      xdg-desktop-portal to generate a .desktop file with access to
      files outside the sandbox. (CVE-2024-32462, boo#1223110).
    - Pass the -export-dynamic linker option as
      -Wl,-export-dynamic, fixing build failures with clang 18 and
      lld 18.
    - Fix a double-free when installation is cancelled.
    - Fix installed-tests failure with "FUSERMOUNT: unbound
      variable".
- Changes from version 1.15.7:
    - Automatically remove obsolete driver versions and other
      autopruned refs.
    - --socket=inherit-wayland-socket.
    - Automatically reload D-Bus session bus configuration after
      installing or upgrading apps, to pick up any exported D-Bus
      services.
    - Don't parse <developer><name/></developer> as the application
      name.
    - Don't refuse to start apps when there is no D-Bus system bus
      available.
    - Don't try to repeat migration of apps whose data was migrated
      to a new name and then deleted.
    - Improve handling of mixed locales on systems with
      systemd-localed.
    - Improve display of ellipsized columns in wide terminals.
    - Make flatpak info -e look for extensions in all
      installations.
    - Fix warnings from newer GLib versions.

OBS-URL: https://build.opensuse.org/request/show/1169145
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/flatpak?expand=0&rev=194
---
 flatpak.changes | 102 ++++++++++++++++++++++++++++++------------------
 flatpak.spec    |  12 +++---
 2 files changed, 70 insertions(+), 44 deletions(-)

diff --git a/flatpak.changes b/flatpak.changes
index 37bb1fa..9be459d 100644
--- a/flatpak.changes
+++ b/flatpak.changes
@@ -3,48 +3,72 @@ Fri Apr 19 08:05:28 UTC 2024 - Robert Frohl <rfrohl@suse.com>
 
 - Update to version 1.15.8:
   + Security fixes:
-    - Don't allow an executable name to be misinterpreted as a command-line
-      option for bwrap(1). This prevents a sandbox escape where a malicious
-      or compromised app could ask xdg-desktop-portal to generate a .desktop
-      file with access to files outside the sandbox. (CVE-2024-32462, boo#1223110)
+    - Don't allow an executable name to be misinterpreted as a
+      command-line option for bwrap(1). This prevents a sandbox
+      escape where a malicious or compromised app could ask
+      xdg-desktop-portal to generate a .desktop file with access to
+      files outside the sandbox. (CVE-2024-32462, boo#1223110).
   + Other bug fixes:
-    - Pass the -export-dynamic linker option as -Wl,-export-dynamic,
-      fixing build failures with clang 18 and lld 18
-    - Fix a double-free when installation is cancelled
-    - Fix installed-tests failure with "FUSERMOUNT: unbound variable"
-    - Translation updates: pt_BR, tr
-
-- Update to version 1.15.7:
+    - Pass the -export-dynamic linker option as
+      -Wl,-export-dynamic, fixing build failures with clang 18 and
+      lld 18.
+    - Fix a double-free when installation is cancelled.
+    - Fix installed-tests failure with "FUSERMOUNT: unbound
+      variable".
+- Changes from version 1.15.7:
   + New features:
-    - Automatically remove obsolete driver versions and other autopruned refs
-    - --socket=inherit-wayland-socket
-    - Automatically reload D-Bus session bus configuration after installing
-     or upgrading apps, to pick up any exported D-Bus services
+    - Automatically remove obsolete driver versions and other
+      autopruned refs.
+    - --socket=inherit-wayland-socket.
+    - Automatically reload D-Bus session bus configuration after
+      installing or upgrading apps, to pick up any exported D-Bus
+      services.
   + Bug fixes:
-    - Don't parse <developer><name/></developer> as the application name
-    - Don't refuse to start apps when there is no D-Bus system bus available
-    - Don't try to repeat migration of apps whose data was migrated to a new
-      name and then deleted
-    - Improve handling of mixed locales on systems with systemd-localed
-    - Improve display of ellipsized columns in wide terminals
-    - Make flatpak info -e look for extensions in all installations
-    - Fix warnings from newer GLib versions
-    - Always set the container environment variable
-    - Always let the app inherit redirected file descriptors
-    - In flatpak ps, add xdg-desktop-portal-gnome to the list of backends
-      we'll use to learn which apps are running in the background
-    - Don't use WAYLAND_SOCKET unless given --socket=inherit-wayland-socket
-    - Use fusermount3 if compiled with FUSE 3, overridable with -Dsystem_fusermount compile-time option
-    - Avoid leaking a temporary variable from /etc/profile.d/flatpak.sh into the shell environment
-    - Improve async-signal safety
-    - Fix various memory leaks
-    - Avoid undefined behaviour of signed left-shift when storing object IDs in a hash table
-    - Detect the correct gtk-doc when cross-compiling
-    - Detect the correct wayland-scanner when cross-compiling
-    - Documentation improvements
-    - Skip more tests when FUSE isn't available
-    - Translation updates
-- add libglnx.patch to fix meson function detection
+    - Don't parse <developer><name/></developer> as the application
+      name.
+    - Don't refuse to start apps when there is no D-Bus system bus
+      available.
+    - Don't try to repeat migration of apps whose data was migrated
+      to a new name and then deleted.
+    - Improve handling of mixed locales on systems with
+      systemd-localed.
+    - Improve display of ellipsized columns in wide terminals.
+    - Make flatpak info -e look for extensions in all
+      installations.
+    - Fix warnings from newer GLib versions.
+    - Always set the container environment variable.
+    - Always let the app inherit redirected file descriptors.
+    - In flatpak ps, add xdg-desktop-portal-gnome to the list of
+      backends we'll use to learn which apps are running in the
+      background.
+    - Don't use WAYLAND_SOCKET unless given
+      --socket=inherit-wayland-socket.
+    - Use fusermount3 if compiled with FUSE 3, overridable with
+      -Dsystem_fusermount compile-time option.
+    - Avoid leaking a temporary variable from
+      /etc/profile.d/flatpak.sh into the shell environment.
+    - Improve async-signal safety.
+    - Fix various memory leaks.
+    - Avoid undefined behaviour of signed left-shift when storing
+      object IDs in a hash table.
+    - Detect the correct gtk-doc when cross-compiling.
+    - Detect the correct wayland-scanner when cross-compiling.
+    - Documentation improvements.
+    - Skip more tests when FUSE isn't available.
+    - Updated translations.
+- Add libglnx.patch: fix meson function detection.
+- Switch build system to meson:
+  + Add meson BuildRequires.
+  + Switch configure/make_build/make_install macros to
+    meson/meson_build/meson_install, preserving the configure
+    parameters as close as possible:
+    --disable-silent-rules => obsoleted
+    --with-system-bubblewrap => -Dsystem_bubblewrap=bwrap
+    --with-curl => -Dhttp_backend=curl
+- Add pkgconfig(malcontent-0) BuildRequires: enable malcontent
+  support.
+- Enable test suite: call meson_test in check section.
+- Add socat BuildRequires: needed by the test suite.
 
 -------------------------------------------------------------------
 Tue Mar 19 08:06:34 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
diff --git a/flatpak.spec b/flatpak.spec
index 37d4bdc..70d0083 100644
--- a/flatpak.spec
+++ b/flatpak.spec
@@ -54,7 +54,6 @@ Patch1:         libglnx.patch
 
 BuildRequires:  bison
 BuildRequires:  bubblewrap >= %{bubblewrap_version}
-BuildRequires:  cmake
 BuildRequires:  docbook-xsl-stylesheets
 BuildRequires:  gtk-doc
 BuildRequires:  intltool >= 0.35.0
@@ -62,7 +61,6 @@ BuildRequires:  libcap-devel
 BuildRequires:  libgpg-error-devel
 BuildRequires:  libgpgme-devel >= 1.1.8
 BuildRequires:  libtool
-BuildRequires:  malcontent-devel
 BuildRequires:  meson
 BuildRequires:  pkgconfig
 BuildRequires:  python3-pyparsing
@@ -90,6 +88,7 @@ BuildRequires:  pkgconfig(libseccomp)
 BuildRequires:  pkgconfig(libsystemd)
 BuildRequires:  pkgconfig(libxml-2.0) >= 2.4
 BuildRequires:  pkgconfig(libzstd) >= 0.8.1
+BuildRequires:  pkgconfig(malcontent-0)
 BuildRequires:  pkgconfig(ostree-1) >= %{ostree_version}
 BuildRequires:  pkgconfig(polkit-gobject-1)
 BuildRequires:  pkgconfig(systemd)
@@ -169,8 +168,8 @@ more information.
 Summary:        Add Flathub repository to system flatpak
 Group:          System/Packages
 Requires:       flatpak
-Requires(postun):flatpak
-Requires(postun):sed
+Requires(postun): flatpak
+Requires(postun): sed
 %if 0%{?suse_version} > 1600
 Supplements:    flatpak
 %endif
@@ -211,7 +210,7 @@ sed -i -e '1s,#!%{_bindir}/env python3,#!%{_bindir}/python3,' scripts/flatpak-*
 
 %build
 %meson \
-        -Dsystem_bubblewrap=bwrap \
+        -Dsystem_bubblewrap=%{_bindir}/bwrap \
         -Dhttp_backend=curl \
         -Ddbus_config_dir=%{_dbusconfigdir} \
         -Dsystem_dbus_proxy=%{_bindir}/xdg-dbus-proxy \
@@ -255,6 +254,9 @@ install -D -m 644 -t %{buildroot}%{_sysconfdir}/flatpak/remotes.d %{SOURCE5}
 
 %find_lang %{name}
 
+%check
+%meson_test
+
 %pre -n system-user-flatpak -f system-user-flatpak.pre
 %post   -n %{libname} -p /sbin/ldconfig
 %postun -n %{libname} -p /sbin/ldconfig