Bjørn Lie
e9a45fa6ac
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/flatpak?expand=0&rev=212
4004 lines
176 KiB
Plaintext
4004 lines
176 KiB
Plaintext
-------------------------------------------------------------------
|
|
Thu Nov 28 21:57:18 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.15.12:
|
|
+ Return to using the process ID of the Flatpak app in the cgroup
|
|
name. Using the instance ID in 1.15.11 caused crashes when
|
|
installing apps, extensions or runtimes that use the "extra
|
|
data" mechanism, which does not set up an instance ID.
|
|
- Changes from version 1.15.11:
|
|
+ Dependencies:
|
|
- In distributions that compile Flatpak to use a separate
|
|
xdg-dbus-proxy executable, version 0.1.6 is recommended (but
|
|
not required).
|
|
- The minimum xdg-dbus-proxy continues to be 0.1.0.
|
|
+ Enhancements:
|
|
- Allow applications like WebKit to connect the AT-SPI
|
|
accessibility tree of processes in a sub-sandbox with the
|
|
tree in the main process.
|
|
. New sandboxing parameter flatpak run --a11y-own-name, which
|
|
is like --own-name but for the accessibility bus.
|
|
. flatpak-portal API v7: add new sandbox-a11y-own-names
|
|
option, which accepts names matching ${FLATPAK_ID}.*
|
|
. Apps may call the org.a11y.atspi.Socket.Embedded method on
|
|
names matching ${FLATPAK_ID}.Sandboxed.* by default
|
|
. flatpak run -vv $app_id shows all applicable sandboxing
|
|
parameters and their source, including overrides, as debug
|
|
messages
|
|
- Introduce USB device listing
|
|
. Apps can list which USB devices they want to access ahead
|
|
of time by using the --usb parameter. Check the manpages
|
|
for the more information about the accepted syntax.
|
|
. Denying access to USB devices is also possible with the
|
|
--no-usb parameter. The syntax is equal to --usb.
|
|
. Both options merely store metadata, and aren't used by
|
|
Flatpak itself. This metadata is intended to be used by the
|
|
(as of now, still in progress) USB portal to decide which
|
|
devices the app can enumerate and request access.
|
|
- Add support for KDE search completion
|
|
- Use the instance id of the Flatpak app as part of the cgroup
|
|
name. This better matches the naming conventions for cgroup.
|
|
+ Bug fixes:
|
|
- Update libglnx to 2024-08-23
|
|
- fix build in environments that use -Werror=return-type, such
|
|
as openSUSE Tumbleweed
|
|
- add a fallback definition for G_PID_FORMAT with older GLib
|
|
- avoid warnings for g_steal_fd() with newer GLib
|
|
- improve compatibility of g_closefrom() backport with newer
|
|
GLib
|
|
- Update meson wrap file for xdg-dbus-proxy to version 0.1.6:
|
|
- compatibility with D-Bus implementations that pipeline the
|
|
authentication handshake, such as sd-bus and zbus
|
|
- compatibility with D-Bus implementations that use
|
|
non-consecutive serial numbers, such as godbus and zbus
|
|
- broadcast signals can be allowed without having to add TALK
|
|
permission
|
|
- fix memory leaks
|
|
+ Internal changes:
|
|
- Better const-correctness
|
|
- Fix a shellcheck warning in the tests
|
|
- Drop libglnx.patch: Fixed upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 15 11:54:41 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Drop rcFOO symlinks (PED-266).
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 2 15:16:49 UTC 2024 - Robert Frohl <rfrohl@suse.com>
|
|
|
|
- Explicitly BuildRequire selinux-policy-targeted to allow
|
|
selinux_relabel_* in scriptlets to work on other codestreams
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 14 16:07:15 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.15.10:
|
|
+ Dependencies: In distributions that compile Flatpak to use a
|
|
separate bubblewrap (bwrap) executable, version 0.10.0 is
|
|
required. This version adds a new feature which is required by
|
|
the security fix in this release.
|
|
+ Security fixes: Don't follow symbolic links when mounting
|
|
persistent directories (--persist option). This prevents a
|
|
sandbox escape where a malicious or compromised app could edit
|
|
the symlink to point to a directory that the app should not
|
|
have been allowed to read or write. (CVE-2024-42472,
|
|
GHSA-7hgv-f2j8-xw87, bsc#1229157)
|
|
+ Documentation: Mark the 1.12.x and 1.10.x branches as
|
|
end-of-life
|
|
+ Other bug fixes: Fix several memory leaks
|
|
+ Internal changes:
|
|
- Record a log file when running build-time tests with
|
|
AddressSanitizer
|
|
- Add initial suppressions file for AddressSanitizer
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 8 12:33:34 UTC 2024 - Imo Hester <vortex@z-ray.de>
|
|
|
|
- As per documentation from flatpak 1.0: add weak dep on
|
|
p11-kit-server for certificate transfer (boo#1188902)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 14 13:51:38 UTC 2024 - pgajdos@suse.com
|
|
|
|
- remove dependency on /usr/bin/python3 using
|
|
%python3_fix_shebang macro, [bsc#1212476]
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 23 13:23:52 UTC 2024 - Robert Frohl <rfrohl@suse.com>
|
|
|
|
- disable parental controls for now by using '-Dmalcontent=disabled', to work around
|
|
issues with xdg-desktop-portal
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 19 08:05:28 UTC 2024 - Robert Frohl <rfrohl@suse.com>
|
|
|
|
- Update to version 1.15.8:
|
|
+ Security fixes:
|
|
- Don't allow an executable name to be misinterpreted as a
|
|
command-line option for bwrap(1). This prevents a sandbox
|
|
escape where a malicious or compromised app could ask
|
|
xdg-desktop-portal to generate a .desktop file with access to
|
|
files outside the sandbox. (CVE-2024-32462, boo#1223110).
|
|
+ Other bug fixes:
|
|
- Pass the -export-dynamic linker option as
|
|
-Wl,-export-dynamic, fixing build failures with clang 18 and
|
|
lld 18.
|
|
- Fix a double-free when installation is cancelled.
|
|
- Fix installed-tests failure with "FUSERMOUNT: unbound
|
|
variable".
|
|
- Changes from version 1.15.7:
|
|
+ New features:
|
|
- Automatically remove obsolete driver versions and other
|
|
autopruned refs.
|
|
- --socket=inherit-wayland-socket.
|
|
- Automatically reload D-Bus session bus configuration after
|
|
installing or upgrading apps, to pick up any exported D-Bus
|
|
services.
|
|
+ Bug fixes:
|
|
- Don't parse <developer><name/></developer> as the application
|
|
name.
|
|
- Don't refuse to start apps when there is no D-Bus system bus
|
|
available.
|
|
- Don't try to repeat migration of apps whose data was migrated
|
|
to a new name and then deleted.
|
|
- Improve handling of mixed locales on systems with
|
|
systemd-localed.
|
|
- Improve display of ellipsized columns in wide terminals.
|
|
- Make flatpak info -e look for extensions in all
|
|
installations.
|
|
- Fix warnings from newer GLib versions.
|
|
- Always set the container environment variable.
|
|
- Always let the app inherit redirected file descriptors.
|
|
- In flatpak ps, add xdg-desktop-portal-gnome to the list of
|
|
backends we'll use to learn which apps are running in the
|
|
background.
|
|
- Don't use WAYLAND_SOCKET unless given
|
|
--socket=inherit-wayland-socket.
|
|
- Use fusermount3 if compiled with FUSE 3, overridable with
|
|
-Dsystem_fusermount compile-time option.
|
|
- Avoid leaking a temporary variable from
|
|
/etc/profile.d/flatpak.sh into the shell environment.
|
|
- Improve async-signal safety.
|
|
- Fix various memory leaks.
|
|
- Avoid undefined behaviour of signed left-shift when storing
|
|
object IDs in a hash table.
|
|
- Detect the correct gtk-doc when cross-compiling.
|
|
- Detect the correct wayland-scanner when cross-compiling.
|
|
- Documentation improvements.
|
|
- Skip more tests when FUSE isn't available.
|
|
- Updated translations.
|
|
- Add libglnx.patch: fix meson function detection.
|
|
- Switch build system to meson:
|
|
+ Add meson BuildRequires.
|
|
+ Switch configure/make_build/make_install macros to
|
|
meson/meson_build/meson_install, preserving the configure
|
|
parameters as close as possible:
|
|
--disable-silent-rules => obsoleted
|
|
--with-system-bubblewrap => -Dsystem_bubblewrap=bwrap
|
|
--with-curl => -Dhttp_backend=curl
|
|
- Add pkgconfig(malcontent-0) BuildRequires: enable malcontent
|
|
support.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 19 08:06:34 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Make flatpak-remote-flathub only supplement flatpak in TW
|
|
(bsc#1221662).
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 7 11:21:12 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Add a flatpak-selinux subpackage that provides a SELinux policy
|
|
module (boo#1220591).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 14 19:34:15 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.15.6:
|
|
+ In distributions that compile Flatpak to use a separate
|
|
bubblewrap (bwrap) executable, version 0.8.0 is now required.
|
|
+ Enabling the optional Wayland security context feature requires
|
|
libwayland-client, wayland-scanner >= 1.15 and
|
|
wayland-protocols >= 1.32.
|
|
+ Add --device=input, for access to evdev devices in /dev/input
|
|
+ Update bundled copy of bubblewrap to version 0.8.0, and rely on
|
|
its features:
|
|
+ Improve error message if seccomp is disabled in kernel config
|
|
+ Security hardening: set user namespace limit to 0, to prevent
|
|
creation of nested user namespaces in a more robust way
|
|
+ For subsandboxes started by flatpak-portal, inherit
|
|
environment variables from the flatpak run that started the
|
|
original instance rather than from flatpak-portal, fixing
|
|
behaviour of FLATPAK_GL_DRIVERS and similar features
|
|
+ Stop http transfers if a download in progress becomes very slow
|
|
+ Make it easier to configure extra languages, by picking them up
|
|
from AccountsService if configured there
|
|
+ Add new flatpak_transaction_add_rebase_and_uninstall() API,
|
|
allowing end-of-life apps to be replaced by their intended
|
|
replacement more reliably
|
|
+ Create a private Wayland socket with the "security context"
|
|
extension if available, allowing the compositor to identify
|
|
connections from sandboxed apps as belonging to the sandbox
|
|
+ Update libglnx to 2023-08-29
|
|
+ Use features of newer GLib versions if available
|
|
+ Turn off system-level crash reporting infrastructure during
|
|
some unit tests that involve intentional assertion failures
|
|
+ Add anchors to link to sections of flatpak-metadata
|
|
documentation
|
|
+ Bug fixes:
|
|
- Avoid warnings processing symbolic links with GLib >= 2.77.0,
|
|
and with GLib 2.76.0 (GLib 2.76.1 or later silences these
|
|
warnings)
|
|
- Bypass page cache for backend requests in revokefs, fixing
|
|
installation errors with libostree 2023.4
|
|
- Show AppStream metadata in flatpak remote-info as intended
|
|
- Don't let Flatpak apps inherit VK_DRIVER_FILES or
|
|
VK_ICD_FILENAMES from the host system, which would be wrong
|
|
for the sandbox
|
|
- Fix build failure with prereleases of libappstream 0.17.x
|
|
- Forward-compatibility with libappstream 1.0
|
|
- Fix installation with Meson if configured with
|
|
-Dauto_sideloading=true
|
|
- Fix a memory leak
|
|
- Fix compiler warnings
|
|
- Make the tests fail more comprehensibly if a required tool is
|
|
missing
|
|
- Clean up /var/tmp/flatpak-cache-* directories on boot
|
|
- Don't force GIO_USE_VFS=local for programs launched via
|
|
flatpak-spawn
|
|
- Clarify documentation for D-Bus name ownership
|
|
+ Internal changes:
|
|
- Split up large source files into smaller modules, reducing
|
|
internal circular dependencies
|
|
- Re-synchronize code backported from GLib with the version in
|
|
GLib
|
|
- Clarify documentation for D-Bus name ownership
|
|
- Make the flags used to apply "extra data" clearer
|
|
- Use glnx_opendirat() where possible
|
|
+ Updated translations.
|
|
- Add pkgconfig(wayland-client), pkgconfig(wayland-scanner) and
|
|
pkgconfig(wayland-protocols) BuildRequires and pass
|
|
with-wayland-security-context=yes to configure: Enable the
|
|
optional Wayland security context.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 2 20:23:29 UTC 2023 - Luciano Santos <luc14n0@opensuse.org>
|
|
|
|
- Add update-user-flatpaks service and timer Systemd units - based
|
|
on update-system-flatpaks.{service,timer} - to help users keep
|
|
their user installed flatpaks up to date.
|
|
- Prefix /etc/flatpak/remotes.d/flathub.flatpakrepo with %config
|
|
macro to mark it as a configuration file.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 17 16:20:57 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.15.4 (CVE-2023-28101, CVE-2023-28100):
|
|
+ Escape special characters when displaying permissions and
|
|
metadata, preventing malicious apps from manipulating the
|
|
appearance of the permissions list using crafted metadata
|
|
(CVE-2023-28101, bsc#1209410).
|
|
+ If a Flatpak app is run on a Linux virtual console (tty1, tty2,
|
|
etc.), don't allow copy/paste via the TIOCLINUX ioctl
|
|
(CVE-2023-28100, bsc#1209411). Note that this is specific to virtual
|
|
consoles: Flatpak is not vulnerable to this if run from a
|
|
graphical terminal emulator such as xterm, gnome-terminal or
|
|
Konsole.
|
|
+ Document the path used for flatpak override.
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 17 10:06:34 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.15.3:
|
|
+ Build system: Building this version of Flatpak with Meson is
|
|
recommended. The source release flatpak-1.15.3.tar.xz no longer
|
|
contains Autotools-generated files, although this version can
|
|
still be built using Autotools after running ./autogen.sh.
|
|
Future versions are likely to remove the Autotools buildsystem.
|
|
+ Bug fixes:
|
|
- When splitting an upgrade into two steps (download without
|
|
installing, and then upgrade without allowing further
|
|
downloads) like GNOME Software does, if an app is marked EOL
|
|
and superseded by a replacement, don't remove the superseded
|
|
app in the first step, which would result in the replacement
|
|
incorrectly not being installed.
|
|
- Fix a crash when --socket=gpg-agent is used.
|
|
- Fix a crash when listing apps if one of them is broken or
|
|
misconfigured.
|
|
- If an app has invalid syntax in its overrides or metadata,
|
|
mention the filename in the error message.
|
|
- Unset $GDK_BACKEND for apps, ensuring GTK apps with
|
|
--socket=fallback-x11 can work.
|
|
- Fix a deprecation warning when compiled with curl >= 7.85.
|
|
+ Updated translations.
|
|
+ Internal changes: Better diagnostic messages for why runtimes
|
|
are or are not considered unused.
|
|
- Changes from version 1.15.2:
|
|
+ Bug fixes:
|
|
- Never try to export a parent of reserved directories as a
|
|
--filesystem, for example /run, which would prevent the app
|
|
from starting.
|
|
- Never try to export a --filesystem below /run/flatpak or
|
|
/run/host, which could similarly prevent the app from
|
|
starting.
|
|
- The above change also fixes apps not starting if a
|
|
--filesystem is a symlink to the root directory.
|
|
- Show a warning when the --filesystem exists but cannot be
|
|
shared with the sandbox.
|
|
- Display the intended messages for flatpak repair.
|
|
- Exporting an app to an existing repository on a CIFS
|
|
filesystem now works as intended.
|
|
- Unset $GIO_EXTRA_MODULES for apps, avoiding misbehaviour in
|
|
some GLib apps when set to a path on the host.
|
|
- Unset $XKB_CONFIG_ROOT for apps, avoiding crashes in GTK and
|
|
Qt apps under Wayland when this variable is set to a path not
|
|
available in the sandbox.
|
|
- When using the fish shell, avoid duplicate XDG_DATA_DIRS
|
|
entries if the profile script is sourced more than once.
|
|
- Update included copy of bubblewrap to 0.7.0 for better error
|
|
messages.
|
|
- Install SELinux files correctly when building with Meson
|
|
+ Internal changes:
|
|
- Update included copy of libglnx
|
|
- flatpak -v now uses the INFO log level, and flatpak -vv uses
|
|
the DEBUG log level in the flatpak log domain. Previously,
|
|
the extra messages that were logged by flatpak -vv were in a
|
|
separate "flatpak2" log domain. G_MESSAGES_DEBUG=flatpak
|
|
previously had an effect similar to flatpak -v, and is now
|
|
more similar to flatpak -vv.
|
|
- Changes from version 1.15.1:
|
|
+ Dependencies: When building with Meson, gpgme 1.8.0 is now
|
|
required. Older versions can still be used by building with
|
|
Autotools.
|
|
+ Features: If an old temporary deploy directory was leaked by
|
|
versions before #5146, clean it up the next time the same app
|
|
is updated.
|
|
+ Bug fixes:
|
|
- If an app update is blocked by parental controls policies,
|
|
clean up the temporary deploy directory.
|
|
- Fix Autotools build with versions of gpgme that no longer
|
|
provide gpgme-config(1).
|
|
- Fix a possible parallel build failure with Meson.
|
|
- Fix a compiler warning on 32-bit architectures.
|
|
- When building with Autotools, be more consistent about
|
|
applying compiler warning flags.
|
|
- Unset $TEMP, $TEMPDIR and $TMP for apps, the same as $TMPDIR.
|
|
- Treat /efi the same as /boot/efi.
|
|
- Changes from version 1.15.0:
|
|
+ Build system:
|
|
- Flatpak can now be compiled using Meson instead of Autotools.
|
|
This requires Meson 0.53.0 or later, and Python 3.5 or later.
|
|
- The Autotools build system is likely to be removed during
|
|
either the 1.15.x or 1.17.x cycle.
|
|
+ New features:
|
|
- Allow the modify_ldt system call as part of
|
|
--allow=multiarch. This increases attack surface, but is
|
|
required when running 16-bit executables in some versions of
|
|
Wine.
|
|
- Share gssproxy socket, which acts like a portal for Kerberos
|
|
authentication. This lets apps use Kerberos authentication
|
|
without needing a sandbox hole.
|
|
- Add a httpbackend variable to flatpak.pc, allowing dependent
|
|
projects like GNOME Software to detect whether they are
|
|
compatible with libflatpak.
|
|
+ Bug fixes:
|
|
- Terminate the flatpak-session-helper and flatpak-portal
|
|
services when the session ends, so that applications will not
|
|
inherit outdated Wayland and X11 socket addresses.
|
|
- When using fish shell, don't overwrite a previously-set
|
|
XDG_DATA_DIRS.
|
|
- Don't try to enable HTTP 2 if linked to a libcurl version
|
|
that doesn't support it.
|
|
- Stop systemd reporting the session-helper as failed when
|
|
terminated by a signal.
|
|
- Fix a warning when listing a document with no permissions.
|
|
- Fix compilation with GLib 2.66.x (as used in Debian 11).
|
|
- Fix compilation with GLib 2.58.x (as used in Debian 10).
|
|
- Make generated files more reproducible.
|
|
+ Internal changes:
|
|
- Update project logo in README.
|
|
- Update libglnx subproject.
|
|
+ Updated translations.
|
|
- Add libtool BuildRequires and pass autogen.sh, bootstrapping
|
|
build is now needed.
|
|
- Add gtk-doc and xmlto BuildRequires and pass enable-documentation
|
|
and enable-gtk-doc to configure, building documentation manually.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 16 16:15:42 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.14.4 (CVE-2023-28101, CVE-2023-28100):
|
|
+ Escape special characters when displaying permissions and
|
|
metadata, preventing malicious apps from manipulating the
|
|
appearance of the permissions list using crafted metadata
|
|
(CVE-2023-28101, boo#1209410).
|
|
+ If a Flatpak app is run on a Linux virtual console (tty1, tty2,
|
|
etc.), don't allow copy/paste via the TIOCLINUX ioctl
|
|
(CVE-2023-28100). Note that this is specific to virtual
|
|
consoles: Flatpak is not vulnerable to this if run from a
|
|
graphical terminal emulator such as xterm, gnome-terminal or
|
|
Konsole. (boo#1209411)
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 27 14:07:03 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.14.3:
|
|
+ When splitting an upgrade into two steps (download without
|
|
installing, and then upgrade without allowing further
|
|
downloads) like GNOME Software does, if an app is marked EOL
|
|
and superseded by a replacement, don't remove the superseded
|
|
app in the first step, which would result in the replacement
|
|
incorrectly not being installed.
|
|
+ Fix a crash when --socket=gpg-agent is used.
|
|
+ Fix a crash when listing apps if one of them is broken or
|
|
misconfigured.
|
|
+ If an app has invalid syntax in its overrides or metadata,
|
|
mention the filename in the error message.
|
|
+ Unset $GDK_BACKEND for apps, ensuring GTK apps with
|
|
--socket=fallback-x11 can work.
|
|
+ Never try to export a parent of reserved directories as a
|
|
--filesystem, for example /run, which would prevent the app
|
|
from starting.
|
|
+ Never try to export a --filesystem below /run/flatpak or
|
|
/run/host, which could similarly prevent the app from starting.
|
|
+ The above change also fixes apps not starting if a --filesystem
|
|
is a symlink to the root directory.
|
|
+ Show a warning when the --filesystem exists but cannot be
|
|
shared with the sandbox.
|
|
- Drop flatpak-fix-gpg-agent-double-free.patch: Fixed upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 23 08:41:51 UTC 2023 - Alynx Zhou <alynx.zhou@suse.com>
|
|
|
|
- Add flatpak-fix-gpg-agent-double-free.patch: stdout stream of a
|
|
subprocess is owned by the subprocess, not the caller, so don't
|
|
use g_autoptr for it to prevent double free (bsc#1207434).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 6 18:22:23 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.14.2:
|
|
+ The INFO log level is now treated the same as the DEBUG log
|
|
level by flatpak -v, to make backports from 1.15.x simpler.
|
|
+ Bug fixes:
|
|
- Display the intended messages for flatpak repair.
|
|
- Exporting an app to an existing repository on a CIFS
|
|
filesystem now works as intended.
|
|
- Unset $GIO_EXTRA_MODULES for apps, avoiding misbehaviour in
|
|
some GLib apps when set to a path on the host.
|
|
- Unset $XKB_CONFIG_ROOT for apps, avoiding crashes in GTK and
|
|
Qt apps under Wayland when this variable is set to a path not
|
|
available in the sandbox.
|
|
- Unset $KRB5CCNAME for apps.
|
|
- When using the fish shell, avoid duplicate XDG_DATA_DIRS
|
|
entries if the profile script is sourced more than once.
|
|
- Package flatpak-remote-flathub sub-package as noarch.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 11 14:56:17 UTC 2023 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Fix the "Requires" version of bubblewrap to be the same as
|
|
"BuildRequires" (>= 0.5.0).
|
|
- Use a macro to define the versions required of bubblewrap,
|
|
ostree and xdg_dbus_proxy to avoid having the same issue in
|
|
the future again.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 18 17:38:02 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.14.1:
|
|
+ New features: Add a httpbackend variable to flatpak.pc,
|
|
allowing dependent projects like GNOME Software to detect
|
|
whether they are compatible with libflatpak.
|
|
+ Bugs fixed:
|
|
- Terminate the flatpak-session-helper and flatpak-portal
|
|
services when the session ends, so that applications will not
|
|
inherit outdated Wayland and X11 socket addresses.
|
|
- When using fish shell, don't overwrite a previously-set
|
|
XDG_DATA_DIRS.
|
|
- Don't try to enable HTTP 2 if linked to a libcurl version
|
|
that doesn't support it.
|
|
- Stop systemd reporting the session-helper as failed when
|
|
terminated by a signal.
|
|
- Fix a warning when listing a document with no permissions.
|
|
- Fix compilation with GLib 2.66.x (as used in Debian 11).
|
|
- Fix compilation with GLib 2.58.x (as used in Debian 10).
|
|
- Fix a compiler warning on 32-bit architectures.
|
|
- If an app update is blocked by parental controls policies,
|
|
clean up the temporary deploy directory.
|
|
- Fix Autotools build with versions of gpgme that no longer
|
|
provide gpgme-config(1).
|
|
- When building with Autotools, be more consistent about
|
|
applying compiler warning flags.
|
|
- Unset $TEMP, $TEMPDIR and $TMP for apps, the same as $TMPDIR.
|
|
- Treat /efi the same as /boot/efi.
|
|
- Make generated files more reproducible.
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Nov 13 20:49:05 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Add and recommend a package flatpak-remote-flathub which adds
|
|
the Flathub repository (boo#1186315)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 1 07:20:51 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Drop pkgconfig(libsoup-2.4) BuildRequires: rely on the curl
|
|
backend. Following this, pass --with-curl to configure.
|
|
- Add pkgconfig(libxml-2.0) BuildRequires, exsisting dependency,
|
|
previously pulled in by libsoup.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 30 19:50:38 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Update to version 1.14.0:
|
|
+ Improved support for sideloading.
|
|
+ Allow sub-sandboxes to own MPRIS names on the session bus.
|
|
+ Commands that accept "--user" will now also take "-u" as an alias
|
|
for that.
|
|
+ The CLI now properly informs the user of which apps are
|
|
(indirectly) using end-of-life runtime extensions in end-of-life
|
|
info messages.
|
|
+ The CLI now takes into account operations in the pending
|
|
transaction when printing end-of-life messages.
|
|
+ The uninstall command now asks for confirmation before removing
|
|
in-use runtimes or runtime extensions.
|
|
+ A "--socket=gpg-agent" option is now recognized by "flatpak run"
|
|
and related commands.
|
|
+ Curl supported as default HTTP backend.
|
|
+ Uses Fuse 3.
|
|
+ Implement support for rewriting dynamic launchers when an app
|
|
is renamed.
|
|
+ Add --include-sdk/debug options to install command to install
|
|
SDK/debuginfo along with a ref.
|
|
+ defense in depth against arbitrary file deletion by
|
|
flatpak-system-helper when using very old libostree
|
|
(boo#1202639).
|
|
+ Updated translations.
|
|
- Replace pkgconfig(fuse) BuildRequires with pkgconfig(fuse3):
|
|
Follow upstreams port to fuse3.
|
|
- Add pkgconfig(libcurl) BuildRequires: enable the new HTTP
|
|
backend.
|
|
- Drop gtk-doc BuildRequires and no longer pass --enable-gtk-doc to
|
|
configure: no longer supported.
|
|
- Drop libtool BuildRequires: no need to bootstrap the tarball.
|
|
- Replace pkgconfig(appstream-glib) BuildRequires with
|
|
pkgconfig(appstream): match what configure checks for.
|
|
- Add pkgconfig(gdk-pixbuf-2.0): verified dependency that was
|
|
implicitly included by appstream-glib before.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 15 14:05:05 UTC 2022 - Benjamin Greiner <code@bnavigator.de>
|
|
|
|
- variant-schema-compiler requires the Python module pyparsing
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jul 3 08:33:14 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Correct Supplements for flatpak-zsh-completion boo#1201113
|
|
- package LICENSE file in every package
|
|
- make flatpak-zsh-completion and system-user-flatpak noarch
|
|
- add update-system-flatpaks timer that updates installed flatpaks
|
|
daily if enabled
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 15 18:47:24 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Update to version 1.12.7:
|
|
+ allow networked access to X11 and PulseAudio services if that
|
|
is configured, and the application has network access
|
|
+ Absolute paths in WAYLAND_DISPLAY now work
|
|
+ Allow apps that were built with Flatpak 1.13.x to export
|
|
AppStream metadata in share/metainfo
|
|
+ Most commands now work if /var/lib/flatpak exists but
|
|
/var/lib/flatpak/repo does not, and will automatically populate
|
|
the repo directory if possible
|
|
+ Consistently pass relative subpaths to libostree, working
|
|
around a bug in libostree < 2021.6 when used with GLib >= 2.71
|
|
+ Fix some memory leaks in GVariant data processing
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 22 06:48:37 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Update to version 1.12.6:
|
|
+ Fix a bug that sometimes caused repo corruption in case
|
|
downloads are interrupted or canceled, necessitating a
|
|
"flatpak repair" to recover
|
|
+ More reliably detect the GTK theme
|
|
+ Fix history command unit test in some edge cases
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 13 21:10:28 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- drop apparently unused libdwarf buildrequires
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 11 20:20:05 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Update to version 1.12.5:
|
|
+ Detect and remove left-over data from
|
|
/var/lib/flatpak/appstream
|
|
+ Fix display bugs in flatpak history
|
|
+ Don't set up an unnecessary polkit agent for flatpak history
|
|
+ Don't propagate GStreamer-related environment variables into
|
|
sandbox
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 18 20:52:06 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Update to 1.12.4:
|
|
+ reverting non-backwards-compatible behaviour changes in the
|
|
solution previously chosen for CVE-2022-21682 (boo#1194611)
|
|
Fix will be in flatpak-builder 1.2.2.
|
|
+ Clarify documentation of --nofilesystem
|
|
+ Improve unit test coverage around --filesystem and
|
|
--nofilesystem
|
|
+ Restore compatibility with older appstream-glib versions,
|
|
fixing a regression in 1.12.3
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 12 20:40:35 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Update to 1.12.3:
|
|
+ CVE-2021-43860: a malicious repository could have sent invalid
|
|
application metadata in a way that hides some of the app
|
|
permissions displayed during installation (boo#1194610)
|
|
+ CVE-2022-21682: flatpak-builder could allow
|
|
--mirror-screenshots-url commands to create directories outside
|
|
of the build directory (boo#1194611)
|
|
+ Extra-data downloading now properly handles compressed
|
|
content-encodings which fixes checksum verification
|
|
+ Note: In some corner case server setups this may require the
|
|
extra-data checksum to be changed
|
|
+ Avoid unnecessary policy-kit dialog due to auto-pinning when
|
|
installing runtimes
|
|
+ Better handling of updates of extensions that exist in multiple
|
|
repositories
|
|
+ Fixed (initial) installation apps with renamed ids
|
|
+ Fixed regression in updates from no-enumerate remotes
|
|
+ We now verify checksums of summary caches, to better handle
|
|
local file corruption
|
|
+ Improved cli output for non-terminal targets
|
|
+ Flatpak run --session-bus now works
|
|
+ Fix build with PyParsing >= 3.0.4
|
|
+ Fixed "Since" annotations on FlatpakTransaction signals
|
|
+ bash auto completion now doesn't complete on command name
|
|
aliases
|
|
+ Minor improvements to the search command
|
|
+ Minor improvements to the list command
|
|
+ Minor improvements to the repair command
|
|
+ Add more tests
|
|
+ Updated translations.
|
|
- Drop support-new-pyparsing.patch: Fixed upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 9 04:29:19 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com>
|
|
|
|
- Add patch support-new-pyparsing.patch:
|
|
* Support pyparsing >= 3.0.4.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 13 19:26:14 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Update to 1.12.2:
|
|
+ Install translations referenced by LANG, LANGUAGE or LC_ALL
|
|
+ Fix error handling for the syscalls that are blocked when not
|
|
using --devel
|
|
+ Improve diagnostic messages when seccomp rules cannot be
|
|
applied
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Oct 9 12:12:12 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.12.1:
|
|
+ The security fix in the 1.12.0 release failed when used with
|
|
some older versions of libseccomp (that don't know about the
|
|
new syscalls).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 8 14:39:24 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.12.0:
|
|
+ This is the first stable release in the 1.12.x series. The
|
|
major changes in this series is the support for better control
|
|
of sub-sandboxes, as used by the steam flatpak.
|
|
+ In addition, this release fixes a security vulnerability in the
|
|
portal support. Some recently added syscalls were not blocked
|
|
by the seccomp rules which allowed the application to create
|
|
sub-sandboxes which can confuse the sandboxing verification
|
|
mechanisms of the portal. This has been fixed by extending the
|
|
seccomp rules (boo#1191507, CVE-2021-41133)
|
|
+ Some test fixes
|
|
+ Support for specifying the flatpak binary to use during exports
|
|
+ Install translations for all languages in the locale, not just
|
|
the ones in LC_MESSAGES.
|
|
+ Fix progress reporting in flatpak fsck
|
|
+ Handle cases where /var/tmp is a symlink
|
|
+ Expose /etc/gai.conf to the sandbox
|
|
+ Fix the parental control checks for root
|
|
+ Handle missing /etc/ld.so.cache (musl)
|
|
+ Updated translations
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 25 20:54:23 UTC 2021 - andy great <andythe_great@pm.me>
|
|
|
|
- Update to version 1.11.3.
|
|
* Bug fixes:
|
|
* Don't inherit an unusual $XDG_RUNTIME_DIR setting into the sandbox,
|
|
fixing a regression introduced when CVE-2021-21261 was fixed in
|
|
1.8.5 and 1.10.0
|
|
* Update the included copy of bubblewrap (flatpak-bwrap) to 0.5.0
|
|
* Better diagnostics when a --bind or other bind-mount fails
|
|
* Create non-directories with safer permissions
|
|
* Allow mounting an non-directory over an existing non-directory
|
|
* Silence kernel messages for our bind-mounts
|
|
* Improve ability to bind-mount directories on case-insensitive
|
|
filesystems
|
|
* Don't ask user which remote to download from if there is only
|
|
one option
|
|
* Internal changes:
|
|
* Improve test coverage
|
|
* Spelling fixes
|
|
* Translation updates: Brazilian Portuguese, Russian, Spanish, Ukrainian
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 18 17:15:03 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>
|
|
|
|
- Add now working CONFIG parameter to sysusers generator
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 18 08:22:03 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
|
|
|
|
- Update to version 1.11.2:
|
|
+ Bug fixes:
|
|
- Fix logic error when migrating AppStream XML
|
|
- Improve error-checking
|
|
- Fix various memory and file descriptor leaks, in particular
|
|
with flatpak-spawn --env=...
|
|
- Fix fd confusion in flatpak-spawn --env=... --forward-fd=...,
|
|
which caused "Steam Linux Runtime" containers to fail to start
|
|
- Avoid a crash when looking up summary for a ref without an arch
|
|
- Improve handling of refs belonging to more than one
|
|
architecture, e.g. for cross-compilation
|
|
- Don't abort uninstall if deploy metadata is missing
|
|
- Don't fail transaction if searching for dependencies fails
|
|
in one remote
|
|
- Fix test failure when running tests as root
|
|
- Improve error message for 'sudo flatpak run'
|
|
+ Internal changes:
|
|
- Improve printf format string validation
|
|
- Improve test coverage
|
|
- Reduce risk of accidentally hard-coding x86 in the tests
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 27 10:41:14 UTC 2021 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Update to version 1.11.1:
|
|
+ New features:
|
|
- All instances of the same app-ID share their /tmp directory
|
|
- All instances of the same app-ID share their $XDG_RUNTIME_DIR
|
|
- Instances of the same app-ID can optionally share their
|
|
/dev/shm directory (enabled by a new --allow flag,
|
|
--allow=per-app-dev-shm)
|
|
- Allow a subsandbox to have a different /usr and/or /app.
|
|
- Steam will use this to launch games with its own container
|
|
runtime as /usr (the "Steam Linux Runtime" mechanism).
|
|
- enter: Improve support for TUI programs like gdb
|
|
- build-update-repo: Add a higher-performance reimplementation
|
|
of ostree prune specialized for archive-mode repositories
|
|
+ Bug fixes:
|
|
- Fix deploys of local remotes in system-helper
|
|
- Fix test failures on non-x86_64 systems
|
|
- Fix two intermittent test failures
|
|
- Make polkit queries non-interactive when operating in
|
|
non-interactive mode
|
|
- Use a local main-context when using libsoup in a thread
|
|
- create-usb: Skip copying extra-data flatpaks
|
|
- OCI: Switch to pax-format tar archives
|
|
- history: Handle transaction log entries with empty REF field
|
|
- portal: Fix flatpak-spawn --clear-env on OSs where flatpak
|
|
is not on the fallback PATH, such as NixOS
|
|
- Fix various issues detected by scan-build
|
|
+ Internal changes:
|
|
- Use GNU bison to build parse-datetime.y
|
|
- Add information about security support and security
|
|
vulnerability reporting (see SECURITY.md)
|
|
- Move all git submodules into subprojects/ directory
|
|
- Several sockets are now created in /run/flatpak in the
|
|
sandbox, with symbolic links in $XDG_RUNTIME_DIR
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 10 14:27:26 UTC 2021 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Update to version 1.10.2:
|
|
+ This is a security update which fixes a potential attack where
|
|
a flatpak application could use custom formated .desktop files
|
|
to gain access to files on the host system.
|
|
+ Fix memory leaks
|
|
+ Some test fixes
|
|
+ Documentation updates
|
|
+ G_BEGIN/END_DECLS added to library headders for c++ use
|
|
+ Fix for X11 cookies on OpenSUSE
|
|
+ Spawn portal better handles non-utf8 filenames
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 28 08:00:53 UTC 2021 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Flatpak only requires glib 2.44, not 2.60
|
|
- Update ostree version required to 2020.8
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 24 17:24:36 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- Update to version 1.10.1:
|
|
+ Fix flatpak build on systems with setuid bwrap
|
|
+ Fix some compiler warnings
|
|
+ Fix crash on updating apps with no deploy data
|
|
+ Updated translations.
|
|
- Remove deprecated texinfo packaging macros.
|
|
- Switch to upstream release tarball.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 15 16:06:24 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.10.0:
|
|
+ The major new feature in this series compared to 1.8 is the
|
|
support for the new repo format which should make updates
|
|
faster and download less data.
|
|
+ The systemd generator snippets now call flatpak
|
|
--print-updated-env in place of a bunch of shell for better
|
|
login performance.
|
|
+ The .profile snippets now disable GVfs when calling flatpak to
|
|
avoid spawning a gvfs daemon when logging in via ssh.
|
|
+ Build fixes for GCC 11.
|
|
+ Flatpak now finds the pulseaudio sockets better in uncommon
|
|
configurations.
|
|
+ Sandboxes with network access it now also has access to the
|
|
systemd-resolved socket to do dns lookups.
|
|
+ Flatpak supports unsetting env vars in the sandbox using
|
|
--unset-env, and --env=FOO= now sets FOO to the empty string
|
|
instead of unsetting it.
|
|
+ Similarly the spawn portal has an option to unset an env var.
|
|
+ The spawn portal now has an option to share the pid namespace
|
|
with the sub-sandbox.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 15 16:02:40 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.8.5 (CVE-2021-21261):
|
|
+ This is a security update that fixes a sandbox escape where a
|
|
malicious application can execute code outside the sandbox by
|
|
controlling the environment of the "flatpak run" command when
|
|
spawning a sub-sandbox (boo#1180996)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 7 20:28:03 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.8.4:
|
|
+ Fix support for ppc64.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 30 15:54:11 UTC 2020 - Frederic Crozat <fcrozat@suse.com>
|
|
|
|
- Move flatpak-bisect and flatpak-coredumpctl to devel subpackage,
|
|
allow to remove python3 dependency on main package.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Dec 15 10:36:42 UTC 2020 - Martin Liška <mliska@suse.cz>
|
|
|
|
- Enable LTO (boo#1133124) as gobject-introspection works fine with LTO.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 23 17:30:01 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Update to version 1.8.3:
|
|
+ Fixed progress reporting for OCI and extra-data.
|
|
+ The in-memory summary cache is more efficient.
|
|
+ Fixed authentication getting stuck in a loop in some cases.
|
|
+ Fixed authentication error reporting.
|
|
+ We now extract OCI info for runtimes as well as apps.
|
|
+ Fixed crash if anonymous authentication fails and -y is
|
|
specified.
|
|
+ flatpak info now only looks at the specified installation if
|
|
one is specified.
|
|
+ Better error reporting for server HTTP errors during download.
|
|
+ Uninstall now removes applications before the runtime it
|
|
depends on.
|
|
+ Fixed test-suite to pass with the latest OSTree version.
|
|
+ Fixed dbus environment variables in flatpak enter.
|
|
+ Avoid updating metadata from the remote when uninstalling.
|
|
+ Fixed error message handling in various places.
|
|
+ FlatpakTransaction now verifies all passed in refs to avoid.
|
|
+ potential issues with invalid names.
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Aug 22 13:10:16 UTC 2020 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.8.2:
|
|
+ Added validation of collection id settings for remotes.
|
|
+ Fix seccomp filters on s390.
|
|
+ Robustness fixes to the spawn portal.
|
|
+ Fix support for masking update in the system installation.
|
|
+ Better support for distros with uncommon models of merged /usr.
|
|
+ Cache responses from localed/AccountService.
|
|
+ Fix hangs in cases where xdg-dbus-proxy fails to start.
|
|
+ Fix double-free in cups socket detection.
|
|
+ OCI authenticator now doesn't ask for auth in case of http
|
|
errors.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 19 07:44:25 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Fix invalid usage of %{_libexecdir} to reference systemd
|
|
directories.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 10 08:55:59 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Update to version 1.8.1:
|
|
* Avoid calling authenticator in update if ref didn't change
|
|
* Don't fail transaction if ref is already installed (after
|
|
transaction start)
|
|
* Fix flatpak run handling of userns in the --device=all case
|
|
* Fix handling of extensions from different remotes
|
|
* Fix flatpak run --no-session-bus
|
|
* Updated translations
|
|
|
|
- Update to version 1.8.0:
|
|
* FlatpakTransaction has a new signal "install-authenticator"
|
|
which clients can handle to install authenticators needed for
|
|
the transaction. This is done in the CLI commands.
|
|
* We now always expose the host timezone data, allowing us the
|
|
expose the host /etc/localtime in a way that works better,
|
|
fixing several apps that had timezone issues.
|
|
* Fix flatpak enter which didn't work in some cases.
|
|
* We now ship a systemd unit (not installed by default) to
|
|
automatically detect plugged in usb sticks with sideload repos.
|
|
* By default we no longer install the gdm env.d file, as the
|
|
systemd generators work better.
|
|
* create-usb now exports partial commits by default
|
|
* Fix handling of docker media types in oci remotes
|
|
* Fix subjects in remote-info --log output
|
|
|
|
- Remove source file used to generate a flatpak user on the system
|
|
since it's now included by upstream:
|
|
* system-user-flatpak.conf
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 7 10:26:44 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com>
|
|
|
|
- Fixes for %_libexecdir changing to /usr/libexec
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 25 21:10:14 UTC 2020 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.6.4:
|
|
+ This release backports some of the OCI authenticator fixes from
|
|
the 1.7 series, and should now be able to host flatpak images
|
|
on e.g. docker hub.
|
|
+ Other changes:
|
|
- Fix a use-after free in libflatpak.
|
|
- Don't list p2p downgrades in list of available updates.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 16 02:21:39 UTC 2020 - Yifan Jiang <yfjiang@suse.com>
|
|
|
|
- Create a skeleton flatpak repo using "flatpak remotes" instead
|
|
of a manually created directory (bsc#1172316, bsc#1169619,
|
|
bsc#1170416).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 18 08:53:10 UTC 2020 - Yifan Jiang <yfjiang@suse.com>
|
|
|
|
- When SLE uses GNOME desktop environment, GNOME Software is
|
|
automatically started to provide key update features. During the
|
|
startup, it setups flatpak repository so that related features
|
|
can function properly. In a system environment of no flatpak
|
|
repository has ever been setup before, this triggers
|
|
"org.freedesktop.Flatpak.modify-repo" polkit action.
|
|
|
|
Therefore in systems which use a restrictive security policy
|
|
(eg. SLES) for the aforementioned policy action, a polkit
|
|
authentication dialog will pop up without any user interaction
|
|
for the first time login. This is not user friendly.
|
|
|
|
This submission creates /var/lib/flatpak/repo at package
|
|
installation to avoid such a confusing authentication pop-up, at
|
|
nearly 0 cost of security compromise (bsc#1169619, bsc#1170416).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 6 14:31:20 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Require bubblewrap 0.4.1
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 6 09:32:31 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Update to version 1.6.3:
|
|
+ The main change in this version is a fix for a regression in
|
|
the progress calculation for applications using extra-data.
|
|
Additionally the bundled version of bubblewrap is updated to
|
|
0.4.1 which fixes a security issue in some cases. See
|
|
GHSA-j2qp-rvxj-43vj for details.
|
|
+ Don't break if users primary gid is not in the nsswitch
|
|
database
|
|
+ Fix crash in flatpak repair if no remotes are configured
|
|
+ Some updates to the oci authenticator
|
|
+ Retry downloads of extra data
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 16 17:22:44 UTC 2020 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Drop obsolete _servicedata file.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 13 15:57:51 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Update to version 1.6.2:
|
|
+ Due to a combination of some behaviour in flatpak and recent
|
|
versions of ostree we at some point lost the use of deltas for
|
|
the initial install case, instead always falling back to a full
|
|
ostree operation which is a lot less efficient for pulls with
|
|
many small files like a runtime. This caused some very slow
|
|
installs from e.g. flathub, so it's recommended to update to
|
|
this version to get better install performance.
|
|
+ We now correctly handle TMPDIR env var overrides when bwrap is
|
|
setuid
|
|
+ Disallow running "flatpak run" under sudo (as it doesn't work
|
|
and causes issues)
|
|
+ Fix build with older versions of glib
|
|
+ Minor documentation updates
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 30 16:56:01 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Update to version 1.6.1:
|
|
+ This is a (mild) security update. Flatpak 1.6.0 added the
|
|
ability for an application to request it to be updated, as long
|
|
as the new version doesn't require new permissions.
|
|
Unfortunately in some special cases, if an app had access to
|
|
the home directory, but not the rest of the filesystem it would
|
|
still allow a self-update where the new version could access
|
|
some files outside the home directory.
|
|
+ New permission --device=shm giving access to host /dev/shm, as
|
|
needed for jack.
|
|
+ Generated correct download size in build-commit-from
|
|
+ sub-sandbox now allows the child to share the gpu of the caller
|
|
has full device access
|
|
+ Fix crash with disabled remotes
|
|
+ Fix builds with older versions of glib
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jan 25 14:07:31 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- No longer recommend -lang: supplements are in use
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 14 11:23:06 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Update dependencies required by flatpak 1.6.0 .
|
|
- Require xdg-dbus-proxy instead of building the (outdated)
|
|
builtin version.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 30 10:00:24 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Change %_prefix/lib to %_libexecdir: Makefile installs the file
|
|
explicitly into libexecdir. Let's be ready in case this path is
|
|
going to change.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 27 10:23:14 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Co-own /usr/lib/systemd/user-environment-generators. We don't
|
|
want to forcibly pull in systemd into the buildroot just to own
|
|
this directory.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 20 22:44:39 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.6.0:
|
|
+ This is the first stable release in the 1.6 series, main
|
|
changes since 1.4 is the support for protected content and
|
|
improvements in the self-sandboxing support.
|
|
+ There is one change in the support for OCI remotes, we now only
|
|
support the use of labels, not annotations, as labels work with
|
|
more registries. This means pre-existing OCI flatpak registries
|
|
(like fedora) may need some changes.
|
|
+ New permissions --socket=cups for direct cups access.
|
|
+ Fix some leaks.
|
|
+ Fix reporting of progress with latest version of ostree.
|
|
+ New no-interaction flag for authenticators.
|
|
+ Support for auto-installing authenticators from a flatpak
|
|
remote.
|
|
+ Warn less about unset XDG_DATA_DIRS.
|
|
+ Don't poll for updates in the portal when on a metered
|
|
connection.
|
|
- Modernize spec with current macros.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 25 16:59:29 UTC 2019 - Frederic Crozat <fcrozat@suse.com>
|
|
|
|
- Package empty /etc/flatpak/remotes.d.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 20 12:53:08 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Add pkgconfig(libsystemd) BuildRequires (boo#1157126).
|
|
- Drop systemd_requires: strictly speaking, we do not require
|
|
systemd.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 21 19:10:42 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.4.3:
|
|
+ Fix crash in revokefs.
|
|
+ Handle 'versions' extension key (in addition to 'version') when
|
|
checking for local extensions, which was causing us to
|
|
uninstall some actually used extensions with uninstall
|
|
--unused.
|
|
+ The 'required-flatpak' metadata key now supports listing
|
|
multiple versions to support backported features.
|
|
+ Fix crash with older versions of polkit.
|
|
+ Fix installation of bundles.
|
|
+ Fix crash on deploy error.
|
|
+ Support building bundles of apps installed from a remote.
|
|
+ OCI: Fix handling of locally cached icons.
|
|
+ Fix crash when listing unconfigured remotes.
|
|
+ Ignore differences in trailing slashes for repo uris.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 8 12:53:30 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Add system-user-flatpak.conf: generate a flatpak user for the
|
|
system helper (boo#1137537).
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 3 08:27:20 UTC 2019 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Update to version 1.4.2:
|
|
* Support extra_data in extensions.
|
|
* Handle double slashes ("//") in XDG_DATA_DIRS.
|
|
* Fix detection of local related refs.
|
|
- jsc#SLE-7171
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 14 09:33:16 UTC 2019 - Antonio Larrosa <alarrosa@suse.com>
|
|
|
|
- Add a _dbusconfigdir variable in the spec file so we install the
|
|
flatpak-system-helper config file in a location actually read by
|
|
dbus, which didn't support having config files in /usr/share
|
|
until 1.9.18 (first introduced in SLE15).
|
|
- Remove the systemd environment generator if building with
|
|
systemd < 233 which doesn't support environment generators.
|
|
- Rename the libflapak-doc.xml file which has a typo in the name
|
|
upstream.
|
|
- BuildRequire libgpgme-devel, not libqgpgme-devel which is not
|
|
really needed.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 13 23:13:29 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.4.1:
|
|
+ There was an accidental ABI break in libflatpak in 1.4.0
|
|
compared to the 1.2.x ABI which caused crashes in apps like
|
|
gnome-software.
|
|
+ This has been fixed in this release so it is now ABI compatible
|
|
with 1.2.x, but NOT compatible with 1.4.0. It is recommended
|
|
that all distributions that shipped 1.4.0 update to 1.4.1 and
|
|
rebuild all dependencies of libflatpak.
|
|
+ Make ABI compatible with 1.2.x.
|
|
+ Fix some potential crashes.
|
|
+ Fix some corner case where it was impossible to remove a
|
|
remote.
|
|
+ Restore support for file: uris in the RuntimeRepo key in
|
|
flatpakref files.
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 29 07:14:13 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 1.4.0:
|
|
+ This is the new stable series, ending the 1.3.x series. The
|
|
major changes since the 1.2.x is the improved I/O use for
|
|
system-installed applications, and the new format for
|
|
pre-configured remotes.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 13 07:45:05 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Replace systemd-gtk BuildRequires with pkgconfig(systemd): make
|
|
the build cheaper by not having to wait for the 'real' systemd
|
|
package to have built, but allow to use systemd-mini. The change
|
|
in the stack causing this was polkit dropping its hard dep on
|
|
systemd.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat May 11 20:53:45 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Add systemd-gtk BuildRequires: Needed now after changes elsewhere
|
|
in the stack.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 24 09:45:40 UTC 2019 - Martin Liška <mliska@suse.cz>
|
|
|
|
- Disable LTO (boo#1133124).
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 28 13:05:50 UTC 2019 - Andrei Dziahel <develop7@develop7.info>
|
|
|
|
- Update to verson 1.2.4 (CVE-2019-10063):
|
|
+ It has been discovered that the previous fix for CVE-2017-5226,
|
|
which uses seccomp to prevent sandboxed apps from using the
|
|
(dangerous) TIOCSTI ioctl was only incomplete on 64bit arches.
|
|
This is now fixed (boo#1130637, gh#flatpak/flatpak#2782).
|
|
+ seccomp: Only compare the low 32bit of the TIOCSTI ioctl args.
|
|
+ Support multiple nvidia cards on the machine
|
|
+ Fix support for systems where XDG_RUNTIME_DIR is /var/run which
|
|
is a symlink like gentoo.
|
|
+ Fix potential crash when updating apps.
|
|
+ flatpak list --arch now works correctly again.
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 13 08:06:06 UTC 2019 - alarrosa@suse.com
|
|
|
|
- Update to version 1.2.3:
|
|
+ Don't expose /proc in apply_extra script sandbox. The CVE-2019-5736
|
|
runc vulnerability is about using /proc/self/exe to modify the host
|
|
side binary from the sandbox. This mostly does not affect flatpak
|
|
since the flatpak sandbox is not run with root permissions.
|
|
However, there is one case (running the apply_extra script for
|
|
system installs) where this happens, so this release contains a fix
|
|
for that.
|
|
- Update to version 1.2.2:
|
|
+ Reverted green checkbox as they caused table alignment issues
|
|
+ Fix a division by zero if the terminal reports a zero terminal
|
|
width (which happens in the flathub build environment).
|
|
- Update to version 1.2.1:
|
|
+ Ensure flatpak builds with older versions of glib and
|
|
appstream-glib.
|
|
+ build-commit-from: Fix the new --extra-id option.
|
|
+ build-export: Allow disabling the sandboxing of the icon validator
|
|
and do so during the tests.
|
|
+ profile: Don't break if debug logging is enabled.
|
|
+ Better handling of the appdata release attribute.
|
|
+ Don't install polkit agent when not needed, avoiding some
|
|
unnecessary log lines in some cases.
|
|
+ Fix the output of the sandboxed icon validator not being visible.
|
|
+ builld-init: Allow specifying a full ref for the sdk, which is
|
|
used to select the branch name when checking sdk extensions.
|
|
+ Make the ok checks in the output green
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 28 20:58:56 UTC 2019 - bjorn.lie@gmail.com
|
|
|
|
- Update to version 1.2.0:
|
|
+ Ensure DeployCollectionID works in flatpakrepo files in all
|
|
cases.
|
|
+ Don't error out with empty installations in uninstall.
|
|
+ Add helper that validates icon files during export.
|
|
+ Don't allow root to modify the (non-root) per-user flatpak
|
|
installation, as this risks causing problems later.
|
|
+ Remove some incorrect warnings from flatpak repair.
|
|
+ Allow multiple name segments after prefix when exporting files.
|
|
+ Allow specification of ellipsization in --colums options.
|
|
+ Handle dates as well as timestamps in appdata
|
|
+ Fixed a bug where flatpak remote-delete removed too many refs.
|
|
+ Now we use raw terminal mode during a transaction to a avoid
|
|
problems with input during the operation causing problems with
|
|
escape sequences.
|
|
+ Generate a fontconfig directory remapping snippet as will be
|
|
needed for newer versions of fontconfig.
|
|
+ Support --extra-collection-id in build-commit-from to bind the
|
|
commit to multiple collection ids. This is work in progress in
|
|
ostree.
|
|
- Add pkgconfig(dconf) BuildRequires: New dependency.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 13 12:54:42 UTC 2018 - alarrosa@suse.com
|
|
|
|
- Update to version 1.0.6:
|
|
+ This release fixes an issue that lets system-wide installed
|
|
applications create setuid root files inside their app dir
|
|
(somewhere in /var/lib/flatpak/app). Setuid support is disabled
|
|
inside flatpaks, so such files are only a risk if the user runs
|
|
them manually outside flatpak. Installing a flatpak system-wide
|
|
needs root access, so this isn't a privilege elevation for
|
|
non-root users.
|
|
+ The permissions of the files created by the apply_extra script
|
|
is canonicalized and the script itself is run without any
|
|
capabilities.
|
|
+ Better matching of existing remotes when the local and remote
|
|
configuration differs wrt collection ids.
|
|
+ New flatpakrepo DeployCollectionID replaces CollectionID, doing
|
|
the same thing. It is recommended to use this instead because
|
|
older versions of flatpak has bugs in the support of collection
|
|
ids, and this key will only be respected in versions where it
|
|
works.
|
|
+ The X11 socket is now mounted read-only.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 13 12:29:18 UTC 2018 - alarrosa@suse.com
|
|
|
|
- Mark flatpak.sh as %config and move the systemhelper dbus config
|
|
file under /usr
|
|
- Remove the flatpak-rpmlintrc file that is no longer needed.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 16 10:09:01 UTC 2018 - matthias.gerstner@suse.com
|
|
|
|
- Make polkit_rules_usability.patch effective by adding a 60- prefix
|
|
to the rules file. This will cause it to be executed before the
|
|
polkit-default-privs are executed (bsc#984817).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 13 08:55:03 UTC 2018 - alarrosa@suse.com
|
|
|
|
- Update to version 1.0.5:
|
|
+ Make the /etc -> /usr/etc bind-mounts read-only.
|
|
+ Make various app-specific configuration files read-only.
|
|
+ flatpak is more picky about remote names to avoid problems with
|
|
storing weird names in the ostree config.
|
|
+ A segfault in libflatpak handling of bundles was fixed.
|
|
+ Updated translations
|
|
+ Fixed a regression in flatpak run that caused problems running
|
|
user-installed apps when the system installation was broken.
|
|
+ Implicity grant MPRIS2 permissions
|
|
- Changes from version 1.0.4:
|
|
+ Flatpak 0.99.1 removed the inheritance of permissions from the
|
|
runtime due to concerns with dynamic app permissions. Due to
|
|
popular requests, this version re-introduces such inheritance,
|
|
but does it instead at build time. This solved the issues with
|
|
dynamic permissions while still allowing runtimes to have
|
|
default permissions. Apps can disable this by passing
|
|
--no-inherit-permissions to build-finish.
|
|
+ The sandbox now always includes a /etc/timezone file, following
|
|
the (old) debian standard for this. This is needed, because the
|
|
more modern way of exposing the timezone name by having
|
|
/etc/localtime be a symlink into /usr/share/zoneinfo doesn't
|
|
work when exposing the host timezone.
|
|
+ All apps now have automatic permissions to own their own app id
|
|
as a subname of org.mpris.MediaPlayer2.
|
|
+ We now properly re-load remote state in FlatpakTransaction if
|
|
the metadata was updated for the remote.
|
|
+ The signature of the FlatpakTransaction::operation-done signal
|
|
was wrong in the header and has now been corrected to the
|
|
signature that is actually emitted.
|
|
+ A crash was fixed when reading invalid .flatpakref files.
|
|
+ A crash during updates when a local ref was unexpectedly
|
|
missing was fixed.
|
|
+ An error case on uninstalling was incorrectly returning success
|
|
even thought there was an error.
|
|
+ flatpak_installation_modify_remote did not correctly save the
|
|
nodeps state.
|
|
+ flatpak_installation_load_app_overrides() was improperly
|
|
returning freed memory.
|
|
+ The tarball now ships with an icon (flatpak.png).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 19 12:05:14 UTC 2018 - alarrosa@suse.com
|
|
|
|
- Add rpmlintrc to ignore files being installed under /etc not
|
|
marked as %config (since they're not).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 16 10:14:52 UTC 2018 - alarrosa@suse.com
|
|
|
|
- Don't run "flatpak remote-list --system" on %post anymore since
|
|
it's not needed nowadays. Also let /var/lib/flatpak be created on
|
|
demand since writing to /var should be avoided for transactional
|
|
updates (boo#1111385, fate#325524).
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 11 16:30:24 UTC 2018 - alarrosa@suse.com
|
|
|
|
- Update to version 1.0.3:
|
|
+ run: You can now use --system to run an app that otherwise
|
|
would run the user version.
|
|
+ New permission --allow=canbus that filters out access to AF_CAN
|
|
sockets.
|
|
+ lib: New install flags FLATPAK_INSTALL_FLAGS_NO_TRIGGERS and
|
|
new function flatpak_installation_run_triggers()
|
|
+ lib: Better error reporting, including some new error values
|
|
that replace the generic FAILED.
|
|
+ uninstall --unused: Improve handling of which .Locale
|
|
extensions are used
|
|
+ run: Make flatpak run on systems where $XDG_RUNTIME_DIR
|
|
contains a symlink beneath /var (commonly /var/run -> /run).
|
|
+ Don't export any desktop/dbus/mimetype files in subdirectories.
|
|
+ build-init: We now record the base ref (if used) in the
|
|
metadata. Nothing uses this atm, but it can be used by tools.
|
|
+ We now respect the upstream ostree.deploy-collection-id instead
|
|
of the flatpak-specific xa.collection-id metadata key to decide
|
|
whether to switch to collection ids for a remote. This is
|
|
useful, because if you use the new one, only new clients (that
|
|
support it better) will use it.
|
|
+ create-usb: Fix assertion failure in some error cases
|
|
+ create-usb: Always create archive-z2 repos
|
|
+ create-usb: Don't create unnecessary summary in repo
|
|
+ permissions: Avoid errors if there is no permissions table
|
|
+ repo: Fix flatpak repo sometimes using the wrong
|
|
ostree-metadata ref.
|
|
+ Avoid fsync when updating $installation/.changed.
|
|
+ Add the missing appstream2 ref to the xa.cache metadata
|
|
+ The test-suite got some modifications to make it easier to
|
|
maintain.
|
|
+ Documentation updates
|
|
+ Translation updates
|
|
- Changges from version 1.0.2:
|
|
+ The dbus proxy is now available in a separate git module,
|
|
xdg-dbus-portal, which is imported into flatpak as a submodule.
|
|
It is possible to build flatpak against the system
|
|
xdg-dbus-portal instead, but this is not currently very useful
|
|
as no other applications yet depend on xdg-dbus-portal.
|
|
+ Build regressions with older versions of glib have been fixed.
|
|
+ Flatpak ps now also tracks the pid the main process inside the
|
|
sandbox.
|
|
+ Added flatpak override --reset to reset overrides for an app.
|
|
+ Added flatpak override --show to show overrides for an app.
|
|
+ flatpak install now automatically pick user or system based on
|
|
the remote name given (unless the remote exists in both).
|
|
+ flatpak uninstall --unused now does not remove SDKs if some
|
|
installed app refers to them.
|
|
+ Fixed bug where flatpak uninstall --unused prompted for
|
|
uninstall twice.
|
|
+ Set IO class on the system helper to "idle", which should
|
|
cause background updates to affect the system less.
|
|
+ Fixed regression in flatpak uninstall --no-related.
|
|
+ Better handling of empty collection ids in flatpak bundles.
|
|
+ Cleaned up some error messages.
|
|
+ Various documentation fixes and cleanups.
|
|
+ Updated translations.
|
|
- Changes from version 1.0.1:
|
|
+ This fixes various build and test failures that were detected
|
|
when packaging 1.0, as well as translations and doc udpates.
|
|
It also has some minor features, including a new subcommand
|
|
"flatpak ps" to list the running flatpak instances for your
|
|
user.
|
|
+ Print application tags in the prompt when installing/updating.
|
|
+ Make sure we don't accidentally leak the host /proc into
|
|
the sandbox.
|
|
+ Translation updates.
|
|
+ Added a "flatpak ps" command that lists running flatpak
|
|
instances.
|
|
+ Improve error reporting when exporting documents.
|
|
+ Improve detection of dynamic p2p remotes.
|
|
+ Build fixes for older versions of glib.
|
|
+ Fix threading issue in the OCI support that was causing the
|
|
installed tests to sometimes fail.
|
|
+ Fix OCI AppStream support on 32bit architectures.
|
|
+ Fix utf8 issue in the dbus API description.
|
|
+ Some install fixes to make installed tests work
|
|
+ Make the tests work with python3 (as well as python2)
|
|
+ Improve introspection annotations in libflatpak
|
|
+ Improve libflatpak API docs
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 27 09:00:17 UTC 2018 - opensuse-packaging@opensuse.org
|
|
|
|
- Update to version 1.0.0:
|
|
+ Flatpak 1.0 marks a significant improvement in performance and
|
|
reliability, and includes a big collection of bug fixes. 1.0
|
|
also includes a collection of new features.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 13 21:31:09 UTC 2018 - opensuse-packaging@opensuse.org
|
|
|
|
- Update to version 0.99.3:
|
|
+ Fixed case where system install would sometimes fail due to the
|
|
system-helper idle exiting.
|
|
+ Support installing flatpakref files in FlatpakTransaction,
|
|
including a new signal add-new-remote for when remotes might be
|
|
added.
|
|
+ Added some new FlatpakError codes.
|
|
+ We now support .flatpakrepo files with no gpg signatures.
|
|
+ Fix crash in system-helper when updating appstream.
|
|
+ New command create-usb which can be used to prepare an repo for
|
|
offline updates.
|
|
+ Fix some non-handled cases of the CLI not working when
|
|
/var/lib/flatpak doesn't exist.
|
|
+ Fix crash when running with a gid that is not in /etc/groups.
|
|
+ Add new permission-* commands to interact with the permissions
|
|
store from the portals.
|
|
+ Include appdata in OCI bundle.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 23 15:13:44 UTC 2018 - matthias.gerstner@suse.com
|
|
|
|
- polkit_rules_usability.patch: Improve usability by allowing
|
|
members of the group 'wheel' to bypass polkit authentication
|
|
checks when locally logged in (bnc#984817). This adds a few
|
|
polkit actions to the rules that are not covered by upstream,
|
|
because they are set to 'yes' for active users by default. On
|
|
SUSE we require 'auth_admin' for regular users, however.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 28 02:54:24 UTC 2018 - luc14n0@linuxmail.org
|
|
|
|
- Update to version 0.99.2:
|
|
+ Updated translations.
|
|
- Changes from version 0.99.1:
|
|
+ This is the first pre-release before flatpak 1.0. This is
|
|
considered feature-complete and no features or major changes
|
|
before 1.0 are expected, only bugfixes.
|
|
+ Flatpak install/update/uninstall now lists all the operations
|
|
that it will do and asks for confirmation before starting.
|
|
+ In the above confirmation the permissions (new permissions for
|
|
updates) are shown for all applications.
|
|
+ P2P updates are more efficient.
|
|
+ system-wide installation uses less fsync calls so installation
|
|
should be faster.
|
|
+ New ssh agent permissions allows granting an app ssh access.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 15 03:24:22 UTC 2018 - luc14n0@linuxmail.org
|
|
|
|
- Update to version 0.11.8.3:
|
|
+ Fix a 25 second timeout on startup if using p11-kit < 0.23.10.
|
|
+ Minor change in dbus proxy default filter, now broadcasts are
|
|
not accepted from portals.
|
|
- Changes from version 0.11.8.2:
|
|
+ Fix crash when building some apps.
|
|
+ Allow multiple appstream components per app.
|
|
+ Fix handling of gl drivers in uninstall --unused.
|
|
+ Don't prompt if nothing changed in uninstall --unused.
|
|
+ Updated translations.
|
|
- Changes from version 0.11.8.1:
|
|
+ Fixed regression running apps with --own=* permissions.
|
|
- Changes from version 0.11.8:
|
|
+ Flatpak uninstall now accepts --all to remove everything and
|
|
--unused to remove unused runtimes.
|
|
+ New command "flatpak repair" allows checking and repairing a
|
|
flatpak installation.
|
|
+ New permission --allow=bluetooth allows use of AF_BLUETOOTH
|
|
sockets.
|
|
+ If p11-kit-server is installed on the host, this is now used to
|
|
forward the host certificate trust store to the sandboxed app.
|
|
+ Flatpak uninstall now does not allow you to remove a runtime if
|
|
some installed app requires it.
|
|
+ Now tab-completion for zsh is offered.
|
|
+ New installations of flatpak now defaults to bare-user-only
|
|
repos, which means that it works with filesystems that don't
|
|
support xattrs.
|
|
+ New flatpak info options: --show-location, --show-runtime,
|
|
--show-sdk.
|
|
+ New flatpak remote-info options: --show-runtime, --show-sdk
|
|
+ p2p operations now work when offline.
|
|
+ Work around hanging on app startup on blocking autofs mounts.
|
|
+ Various optimizations make installation and updates faster.
|
|
+ Multiple extension versions matches when auto-downloading
|
|
extensions are respected now.
|
|
+ Commands like "flatpak info/list/remotes/seach" now work
|
|
properly if /var/lib/flatpak doesn't exist.
|
|
- Add subpackage flatpak-zsh-completion to follow upstream zsh
|
|
tab-completion addition.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 17 08:59:17 UTC 2018 - duyizhaozj321@yahoo.com
|
|
|
|
- Update to version 0.11.7:
|
|
* Fix regression in installing .flatpak bundles
|
|
- Changes in version 0.11.6:
|
|
* Further work on the export filename regression, now also fixes the
|
|
same issue as in 0.11.5 but in flatpak build-finish.
|
|
* Fix segfault when installing from .flatpakref in gnome-software
|
|
* Build yacc parser from source.
|
|
* Don't tab-complete Sources/Locale/Debug extension by default.
|
|
* Fix tests on debian.
|
|
- Changes in version 0.11.5:
|
|
* Fix a regression which caused installation of epiphany and
|
|
other apps that export multiple .service files to fail.
|
|
* Fix appstream updates in p2p mode.
|
|
* Don't distribute generated gdbus code with tarball.
|
|
* Add documentation for the flatpak portal
|
|
- Changes in version 0.11.4:
|
|
* flatpak remove is now an alias for flatpak uninstall.
|
|
* flatpak uninstall now picks system or user automatically if not specified
|
|
* New appstream branch format which is more efficient to distribute, the
|
|
old is still generated for backwards compat.
|
|
* Appstream data now contains compatible arches (for applications
|
|
that doesn't exist for the primary arch). For example, an
|
|
i386-only app is now listed in the x86-64 appstream.
|
|
* The flatpak version is included in the user agent when downloading.
|
|
* The Flatpak-Ref http header is set to the currently installing ref when
|
|
downloading.
|
|
* New argument --timestamp in build-commit-from.
|
|
* When updating many apps we now only prune the local repo when all
|
|
updates are done, making multi-app updates faster.
|
|
* flatpak build now always allows multiarch use.
|
|
* flatpak build now mounts app extensions during build.
|
|
* flatpak build-init now supports --extension to add extension points earlier
|
|
than build-finish. Also build-finish now supports --remove-extension.
|
|
* New flatpak portal allows applications to sandbox themselves and restart a
|
|
newer version of themselves.
|
|
* New flatpak run options: --no-a11y-bus, --no-documents-portal.
|
|
* Initial support for end-of-life:ing applications.
|
|
* New option X-Flatpak-RunOptions in exported desktop/files allow you to specify
|
|
no-a11y-bus and no-documents-portal.
|
|
* Support for tagged extension points, which is useful if you want to use
|
|
the same extension id (but maybe different versions) multiple times in an app.
|
|
* We now export .service files for names that the app is allowed to own on
|
|
the session bus.
|
|
* libflatpak got new methods for listing remotes by type.
|
|
* libflatpak now has support in FlatpakRemoteRef for getting remote metadata
|
|
such as end-of-life, download size, metadata etc.
|
|
* There was some internal restructuring on how installs/updates are done
|
|
which should improve performance and maintainability.
|
|
- Changes in version 0.11.3:
|
|
* Fix "open with" and flatpak run --file-forwarding crash
|
|
* Fix build with glibc 2.27
|
|
- Changes in version 0.11.2:
|
|
* Remove fuse dependency, since we don't ship document portal anymore
|
|
* Fix various issues with /home being a symlink to /var/home (atomic)
|
|
* Allow downgrades when using collection ids
|
|
* Search on all supported architectures
|
|
- Changes in version 0.11.1:
|
|
* Remove document portal and permission store
|
|
* Add --socket=fallback-x11 permission
|
|
* Fix dbus proxy vulnerability in authentication phase
|
|
* Allow personality syscall in devel mode
|
|
* commit-from: Migrate static deltas with commit
|
|
* Add "network" storage type for installations
|
|
* Add flatpak info --show-permissions
|
|
* Add flatpak info --file-access
|
|
* search: Update appstream (if stale) before searching
|
|
* Make libflatpak work when /var/lib/flatpak is empty
|
|
* build-bundle: Add --from-commit option
|
|
* Allow appstream ids that don't end in .desktop
|
|
* Make permission handling ignore unknown permissions for forwards
|
|
compatibility
|
|
* Removed incorrect error message in update --appdata when there
|
|
was no updates
|
|
* Fix handling of abort in the duplicate remote prompt
|
|
* Fix division by zero in progress calculation
|
|
* Fix flatpak remote-info --show-metadata
|
|
* Fixed crash when installing some flatpak bundle files
|
|
* Fix installation of telegram
|
|
* remote-ls -u only considers app from the origin remote
|
|
* Fix assertion error in extra-data progress reporting
|
|
* Report nicer errors when trying to downgrade as non-root
|
|
* pulseaudio: Try to find pulseaudio socket better
|
|
* Fixed some warnings reported by coverity
|
|
* Cleaned up code by splitting up some large source files
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 5 14:55:20 UTC 2018 - fcrozat@suse.com
|
|
|
|
- Do not build document portal anymore, rely on
|
|
xdg-desktop-portal/-gtk instead. Add corresponding dependency.
|
|
- Build with --with-system-bubblewrap and Add corresponding
|
|
build and runtime dependency.
|
|
- Remove --with-dwarf-header configure flag, it no longer exists.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 28 16:25:27 UTC 2018 - dimstar@opensuse.org
|
|
|
|
- Modernize spec-file by calling spec-cleaner
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 14 23:23:20 UTC 2018 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.10.4:
|
|
* allow personality syscall in devel mode
|
|
* configure: Fix copy_file_range detection
|
|
* Add --disable-document-portal configure option
|
|
* lib: Make gnome-software work with an empty /var/lib/flatpak
|
|
* dir: Emit an error on non-root downgrade attempts
|
|
* common/dir: Skip progress reporting while setting up extra-data
|
|
* doc: Fix docs for --update-appstream
|
|
* flatpak remote-ls -u: only consider apps from the current remote
|
|
* extract_appstream: allow component IDs not to end in .desktop
|
|
* common/dir: Fix a memory leak
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 05 14:23:03 UTC 2018 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.10.3:
|
|
+ Fix vulnerability in dbus proxy.
|
|
+ Fix incorrect error message in update --appstream.
|
|
+ Ignore unknown permission requests.
|
|
+ remote-info: Fix --show-metadata behavior.
|
|
+ common: Fix division by zero when calculate progress.
|
|
+ common/dir: Add a missing OstreeAsyncProgress default key.
|
|
+ lib/installation: Fix install/update_full() subpaths
|
|
annotation.
|
|
+ app: Fix "multiple installations" prompt.
|
|
+ common/dir: Use an actual function for autoptr support without
|
|
P2P.
|
|
+ Update Polish translation.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 22 10:58:05 UTC 2017 - alarrosa@suse.com
|
|
|
|
- Update to version 0.10.2.1:
|
|
+ Fixed crash when installing some flatpak bundle files
|
|
+ Fix installation of telegram
|
|
+ Fixed some warnings reported by coverity
|
|
+ Some leaks fixed
|
|
+ Fixed typo in error message
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 20 10:57:05 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.10.2:
|
|
+ flatpak update now updates from both system and user
|
|
installations by default.
|
|
+ flatpak update is less noisy when updating appstream info.
|
|
+ All the remote-* commands now by default automatically decide
|
|
to use --user or --system based on the given remote name.
|
|
+ flatpak remote-ls with no remote lists the content of all
|
|
remotes.
|
|
+ Fixed regression that made xdg-user-dirs and theme selection
|
|
for kde apps break.
|
|
+ flatpak override with no argument now overrides globally, i.e.
|
|
for all apps.
|
|
+ flatpak override now supports --nofilesystem properly. For
|
|
example flatpak override --nofilesystem=~/.ssh hides the ssh
|
|
dir for all apps, even those who have homedir access.
|
|
+ flatpak install now takes a --reinstall argument which
|
|
uninstalls a previously installed version if necessary. This is
|
|
very useful when you want to install a new version from a
|
|
different source.
|
|
+ flatpak install now allows you to pass an absolute pathname as
|
|
remote name, which will create a temporary remote and install
|
|
from that. The remote will be removed when the app is
|
|
uninstalled. This is very useful during development and
|
|
testing.
|
|
+ Flatpak now creates CLI wrappers for all installed apps, so if
|
|
you add /var/lib/flatpak/exports/bin or
|
|
~/.local/share/flatpak/exports/bin to your PATH you can easily
|
|
start flatpak apps by their application id.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 27 08:40:56 UTC 2017 - aplazas@suse.com
|
|
|
|
- Update to version 0.10.1:
|
|
+ New command "flatpak remote-info" shows information about
|
|
applications in a remote. In particular the --log operation
|
|
shows the history and can be used in combination with flatpak
|
|
update --commit=XYZ to roll back to a previous version.
|
|
+ New command "flatpak search" which allows you to search the
|
|
appstream data from the commandline.
|
|
+ flatpak update now updates appstream data for all configured
|
|
remotes, which is important for search to work.
|
|
+ Allow automatic installation of gtk themes matching the active
|
|
theme.
|
|
+ Handle the case when /etc/resolv.conf is a symlink.
|
|
+ /usr an /etc are now expose in /run/host in the app if the app
|
|
has full filesystem access.
|
|
+ flatpak remote-add now works as a user when /var/lib/flatpak is
|
|
empty, allowing flatpak to work on stateless systems.
|
|
+ Add support for flatpak build --log-session/system-bus, similar
|
|
to what flatpak run already does.
|
|
+ flatpak build --readonly runs with the target directory
|
|
(normally /app) mounted read-only.
|
|
+ Fall back to LD_LIBRARY_PATH if a runtime doesn't have
|
|
/usr/bin/ldconfig.
|
|
+ Updated the support for OCI remotes. This is work in progress
|
|
and still disabled by default though.
|
|
+ Updated translations.
|
|
- Add pkgconfig(appstream-glib) BuildRequires: New dependency.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 26 11:08:27 UTC 2017 - aplazas@suse.com
|
|
|
|
- Update to version 0.10.0:
|
|
+ Added the flatpak config option which can set the language
|
|
settings.
|
|
+ Fix issue where sometimes ld.so.conf were not generated.
|
|
+ /dev/mali0 is added to --device=dri.
|
|
+ Work around ostree static delta issues in some cases.
|
|
- Changes from version 0.9.99:
|
|
+ Requires ostree 2017.12 for important pull stability fix.
|
|
+ New libflatpak API: flatpak_dir_cleanup_undeployed_refs,
|
|
flatpak_installation_prune_local_repo,
|
|
flatpak_installation_remove_local_ref_sync,
|
|
flatpak_installation_cleanup_local_refs_sync.
|
|
+ build: FLATPAK_ID and FLATPAK_ARCH are now set in the
|
|
environment when building.
|
|
+ update: Don't fail the entire update if some remote fails to
|
|
update its metadata.
|
|
+ run: /.flatpak-info now lists exact commits and extensions in
|
|
use.
|
|
+ run: We now use a per-app ld.so.cache file whenn running. This
|
|
should speed things up, and allows ldconfig to report the
|
|
correct results.
|
|
+ The verbose mode was changed into two levels, use -vv to show
|
|
the more detailed info, which currently only contains the full
|
|
bubblewrap argument lists.
|
|
+ run: Some common problematic host environment variables are now
|
|
unset in the sandbox (PYTHONPATH, PERLLIB, PERL5LIB and
|
|
XCURSOR_PATH).
|
|
+ run: Fixed failure when a higher prio extensions depended on a
|
|
lower prio one.
|
|
+ run: The extension ld path order is now: app extensions, app,
|
|
runtime extension, runtime. This was previously incorrect in
|
|
that the app could override app extensions.
|
|
+ Extensions are now not downloaded if a matching unmaintained
|
|
extension is already installed.
|
|
+ Preemptive changes to handle new bubblewrap change which
|
|
doesn't user /newroot.
|
|
+ document portal: Disable debug spew that was accidentally
|
|
enabled.
|
|
+ build-finish: New --extension-priority option.
|
|
+ run: Fix regression in --persist in 0.9.98.
|
|
+ run: Use sealed memfds (instead of just temporary files) when
|
|
passing data to bubblewrap.
|
|
+ Updated translations.
|
|
- Changes from version 0.9.98.2:
|
|
+ Fix permission denied when using the system-helper.
|
|
- Changes from version 0.9.98.1:
|
|
+ run: Fix homedir access if the app has --filesystem=host
|
|
access.
|
|
+ build-update: Fix appstream update in case one arch didn't
|
|
change.
|
|
+ Updated translations.
|
|
- Changes from version 0.9.98:
|
|
+ libflatpak now correctly finds metadata for subset
|
|
installations (like locale data).
|
|
+ flatpak build now supports --appdir which exposes the per-app
|
|
directory in the user homedir. This is useful when testing
|
|
builds.
|
|
+ The host fontconfig caches are exposed to the sandbox, next to
|
|
the fonts in /run/host. This will (pending fontconfig work)
|
|
allow sharing host fontconfig caches, allowing much faster
|
|
initial startup for flatpak apps.
|
|
+ flatpak install now supports --no-pull.
|
|
+ Added new extension property "locale-subset", which makes the
|
|
extension point act like a locale extension (i.e. only install
|
|
the subset configured by the locale).
|
|
+ flatpak remote-add --oci is disabled for now, as this is not up
|
|
to date with the latest OCI work, and we don't want to break
|
|
existing deployments if this has to change when this lands.
|
|
+ Parallel installation/updates are now safe because we take a
|
|
filesystem lock whenever we prune the local ostree repo.
|
|
+ Flatpak run now works when important paths like $HOME, etc, are
|
|
symlinks.
|
|
+ The ostree min-free-space property is is set to zero by default
|
|
for the flatpak repos. This was causing a lot of problems for
|
|
people, but the feature is still there if you manually enable
|
|
it.
|
|
+ Updated translations.
|
|
+ Require ostree 2017.12.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 14 12:44:06 UTC 2017 - fezhang@suse.com
|
|
|
|
- Drop the SLE12 / Leap42 conditional definition for _userunitdir.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 14 08:23:56 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.9.12:
|
|
+ Fixed a regression in extra-data installation.
|
|
+ Don't expose the a11y bus in flatpak build.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 13 16:11:17 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.9.11:
|
|
+ You can now show all outstanding updates with: flatpak
|
|
remote-ls --updates.
|
|
+ The dbus filter "org.name.*" now means all subnames of
|
|
org.name, not just the first level. This matches how dbus
|
|
arg0namespace works, and how the comming dbus container support
|
|
will work.
|
|
+ Fixed segfault on update.
|
|
+ Better commandline tab completion.
|
|
+ Flatpak now exposes host icons readonly as
|
|
/run/host/share/icons to the sandbox.
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 13 12:01:40 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.9.10:
|
|
+ Fix regression in dbus proxy that causes some apps to not work
|
|
in 0.9.9.
|
|
- Changes from version 0.9.9:
|
|
+ flatpak-builder was split out into its own module:
|
|
https://github.com/flatpak/flatpak-builder
|
|
+ When downloading to a temporary directory for later install to
|
|
the system repo we now write to /var/tmp instead of $HOME. This
|
|
is more likely to be the same filesystem as /var/lib/flatpak,
|
|
and thus will not run into issues with e.g. filesystem full.
|
|
+ We now get the default language list from AccountService if
|
|
possible.
|
|
+ A regression that made --devel crash was fixed.
|
|
+ New feature for flatpakrefs, SuggestRemoteName=remotename will
|
|
cause flatpak to ask if you want to create a generic (not app
|
|
specific) remote for the repo url.
|
|
+ flatpak build now does not die with the parent by default, you
|
|
have to pass --die-with-parent. This was done because
|
|
die-with-parent uses PR_SET_PDEATHSIG which does not work well
|
|
if the parent is threaded, like e.g. gnome-software is.
|
|
+ We now always re-set the personality in the sandboxed process
|
|
in order to avoid inheriting weird settings.
|
|
+ We now share a single dbus proxy instance for all proxies for a
|
|
sandbox. dbus-proxy now properly disallows old-style
|
|
eavesdropping.
|
|
+ We now support accessibility by starting a customized dbus
|
|
proxy for the a11y bus.
|
|
- Drop flatpak-builder sub-package, it is now it's own project.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 8 15:56:57 UTC 2017 - jengelh@inai.de
|
|
|
|
- Update summaries.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 24 09:55:39 UTC 2017 - dimstar@opensuse.org
|
|
|
|
- Drop flatpak-rpmlintrc: no longer needed.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 24 09:01:20 UTC 2017 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.9.8:
|
|
+ Core:
|
|
- Experimental support for peer2peer installation, enable with
|
|
--enable-p2p.
|
|
- Add default language setting to flatpak config. Defaults to
|
|
all locales for system installs and the users locale for
|
|
per-user installs.
|
|
- build-update-repo: Now always keeps the two latest deltas
|
|
around to avoid race conditions with outstanding downloads at
|
|
the time or running the update.
|
|
- Support loading extra data from local lookaside cache.
|
|
+ Flatpak-builder:
|
|
- Set terminal title to the currently building module
|
|
- Added ability to specify http url for sources mirror with
|
|
--extra-sources-url.
|
|
- --install-deps-from=REMOTE installs the dependencies needed
|
|
for the manifest.
|
|
- New option --delete-build-dirs to always delete build
|
|
directories, even on a failed build.
|
|
- New property "add-extension" makes it nicer to create
|
|
extension points.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 21 00:09:07 UTC 2017 - aplazas@suse.com
|
|
|
|
- Update to version 0.9.7:
|
|
+ app/repo: Factor out common GVariant operation.
|
|
+ build:
|
|
- Include config.h using CPPFLAGS.
|
|
- Check for system extensions before any other C compiling.
|
|
- Only run each instance of gdbus-codegen once.
|
|
- Re-run gdbus-codegen if the Makefile changes.
|
|
+ builder:
|
|
- Allow building modules with no sources if buildsystem=simple.
|
|
- Use build-args during cleanup.
|
|
- Rearrange args to do_export() to make mandatory ones obvious.
|
|
- When bundling git sources, reuse cache.
|
|
+ common:
|
|
- Use bulk OstreeAsyncProgress API for setting keys.
|
|
- Split out self and repo arguments for a static function.
|
|
+ common/dir:
|
|
- Factor out common code for getting repo metadata.
|
|
- Factor out common code to get and load the summary file.
|
|
- Factor out body of update_remote_configuration_for_summary().
|
|
+ dbus-proxy:
|
|
- Make miscellaneous globals static.
|
|
- Don't clear dbus_address twice.
|
|
+ docs: Remove --version from flatpak-build docs.
|
|
+ flatpak_dir_read_latest: Return NULL, not FALSE on error.
|
|
+ tests:
|
|
- Add TEST_SKIP_CLEANUP env var for skipping test cleanup.
|
|
- Add base-64 GPG keys to libtest declarations.
|
|
+ .gitignore: Ignore all generated man pages.
|
|
+ One more try at not distributing gdbus-codegen-generated
|
|
sources.
|
|
+ Update Ukrainian translation.
|
|
+ Fix example.
|
|
+ Add nullable annotations for progress callbacks.
|
|
+ Update pofiles.
|
|
- Changes from version 0.9.6:
|
|
+ builder:
|
|
- Allow .pyc files without .py.
|
|
- Add inherit-extensions features.
|
|
- Better handling of default-branch.
|
|
- Add ExtensionOf group to created extensions (Debug/Locale).
|
|
+ builder: Inherit parent version for inherited extension.
|
|
+ build-export: Canonicalize file permissions.
|
|
+ builder-options: Fix setting CPPFLAGS.
|
|
+ ci:
|
|
- mv .redhat-ci.yml → .papr.yml.
|
|
- Rework to be based on FAH + priv container.
|
|
- Build ostree from git master.
|
|
+ dir:
|
|
- Fix a minor memory leak.
|
|
- Ensure we return on pull error to avoid error-overwrites.
|
|
- Ensure ~/.local/share/flatpak is 0700.
|
|
+ doc: Remove duplicate list entry from flatpak-remote.xml.
|
|
+ export: Record flatpak version in default commit version.
|
|
+ info: Make --show-metadata machine parseable.
|
|
+ install: Manually save summary[.sig] in cache repo.
|
|
+ ls-remote: Drop unused variable.
|
|
+ run: Fix use-after-free in case you were exporting the same
|
|
path twice.
|
|
+ testlibrary: Call g_assert_no_error first.
|
|
+ tests:
|
|
- Add tests for no world writable dirs & no setuid files.
|
|
- Increase timeouts waiting for file notification.
|
|
+ utils: Fix minor formatting issue in gtk-doc comment.
|
|
+ xdp-fuse: Add parentheses to clarify precedence in a
|
|
conditional.
|
|
+ xdp-main: Fix a typo in a comparison.
|
|
+ Don't distribute gdbus-codegen-generated source in tarballs.
|
|
+ Update Czech translation.
|
|
+ Use new libostree APIs to reject world-writable/suid content.
|
|
+ Default to bare-user-only repo.
|
|
+ Unless forced via FLATPAK_OSTREE_REPO_MODE user bare-user for
|
|
cache repo.
|
|
+ Force the cache repo to use the bare-user mode.
|
|
+ Re-create the cache repo if it is not bare-user.
|
|
+ Manually copy summary for update and appdata too.
|
|
+ Update pofiles.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 21 00:09:06 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Add flatpak-rpmlintrc as source while we wait for boo#1012961 to
|
|
be resolved. Once this happens, feel free to nuke all traces of
|
|
this change.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 21 00:09:05 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.9.5:
|
|
+ Fix installation of test-keyring2
|
|
+ Don't error out when updating metadata for disabled remotes
|
|
+ export: Store the app id in the X-Flatpak key
|
|
+ run: Handle file paths when forwarding uris
|
|
+ Automatically use a separate builddir with Meson
|
|
+ documents: paths in the apps dir ar always accessible
|
|
+ builder: Don't warn for unknown properties starting with x-
|
|
+ document portal: Fix race condition when unmounting old version
|
|
+ document store: Document as-needed functionality of AddFull
|
|
+ extra-data: Print exit status if apply_extra_data script fails
|
|
+ run: Add debug sprew for all bwrap arguments
|
|
+ build-update-repo: Remove unwanted deltas before updating
|
|
summary
|
|
+ list: Don't list .Locale and .Debug by default (override with
|
|
-a)
|
|
+ remote-ls: Don't show Locale/Debug and secondary arches by
|
|
default.
|
|
+ list/remote-ls: Also ignore .Sources by default
|
|
+ Handle app ids with dashes when ignoring locale/debug.
|
|
+ dbus-portal: Fix return value type of filtered NameHasOwner
|
|
+ builder: Add --export-only feature
|
|
+ run: Allow regular files for --filesystem=xdg-config/path
|
|
+ run: Allow --filesystem=xdg-*/subdir:ro
|
|
+ build-commit-from: Don't copy old xa.ref in metadata
|
|
- Changes from version 0.9.4:
|
|
+ Improve display of partial extension sizes
|
|
+ flatpak-run.c: valid locations, not types
|
|
+ Ensure commits are available when checking for extra-data
|
|
+ libglnx: Bump to latest master, use new file copy API
|
|
+ Document some environment variables (#754)
|
|
+ Revise the flatpak repo command slightly
|
|
+ repo command: use FlatpakTablePrinter
|
|
+ table printer: Introduce a cell struct
|
|
+ table printer: Support column alignment
|
|
+ repo: Improve formatting of size columns
|
|
+ table printer: Support column titles
|
|
+ table printer: Only show titles on ttys
|
|
+ repo: Set column titles
|
|
+ table printer: move to its own source files
|
|
+ Add an API to get the summary of a remote
|
|
+ Make flatpak remote-ls show more details
|
|
+ scripts: Fix flatpak-bisect log
|
|
+ Add the possibility of installing/updating without static
|
|
deltas
|
|
+ Add a helper for formatted output
|
|
+ Use the new output helper
|
|
+ Add table printer api for number columns
|
|
+ table printer: Use localeconv for decimal point
|
|
+ repo: Use the new number column support
|
|
+ remote-ls: Improve the output
|
|
+ list: Improve output formatting
|
|
+ remotes: Improve output formatting
|
|
+ Improve info output
|
|
+ Fix compiler warnings
|
|
+ Don't use escape sequences unless on a tty
|
|
+ info: Preserve the previous output format
|
|
+ Update the man page a bit
|
|
+ info: Use flatpak_fancy_output
|
|
+ Add macros for common ANSI tty escape codes
|
|
+ info/list: Move subpath list to info
|
|
+ Fix man page typo
|
|
+ Don't crash if there's more titles than columns
|
|
+ Unset TMPDIR in the sandbox
|
|
+ Generate fd-passing arguments for document portal
|
|
+ Include the generated document portal code in common
|
|
+ Implement file forwarding for flatpak_run_app
|
|
+ Enable file forwarding in flatpak run
|
|
+ Document the --file-forwarding option
|
|
+ Handle %f when exporting desktop files
|
|
+ Handle %u as well for file forwarding
|
|
+ Enable file forwarding for %u as well
|
|
+ Handle document portal absence
|
|
+ Don't get the doc mount path twice
|
|
+ run: Handle forwarding uris better
|
|
+ run: Use flatpak_has_path_prefix instead of hand rolling
|
|
+ run: Properly handle canonicalization in file exports
|
|
+ run: Clean up the exports handling code
|
|
+ run: Only forward as document if the target app can't see the
|
|
file
|
|
+ builder: Fix ldflags support
|
|
+ build: Fix fallout from the TMPDIR unset
|
|
+ remote-ls: Fix up the column titles
|
|
+ run: Handle the case where /tmp on the host is a symlink
|
|
+ Update to bubblewrap 0.1.8 for die-with-parent
|
|
+ build: Kill sandbox when flatpak build dies
|
|
+ Expose host /etc/hosts and /etc/host.conf
|
|
+ install: Make already-installed a warning, not an error
|
|
+ Move caches to ~/.cache
|
|
+ tests: Fix race condition in tmp webserver
|
|
+ Use clearer terminology in docs about extensions
|
|
+ info: Print some more information
|
|
+ Fix tests by setting XDG_CACHE_HOME
|
|
+ install: Handle no-static-delta in --user installs too
|
|
+ common: Remove unused flatpak_dir_install_or_update
|
|
+ remote-modify: Never update explicitly set values
|
|
+ common: Add flatpak_dir_update_remote_configuration_for_summary
|
|
+ common: Store the summary signature in the cache too
|
|
+ common: Drop verbose log of using cached summary
|
|
+ remote-modify: Don't modify if no arguments are specified
|
|
+ remote-modify: Implement --update-metadata as a system-helper
|
|
method
|
|
+ transaction: Always update metadata for remotes on
|
|
update/install
|
|
+ update: Split update into check_for_update and update
|
|
+ Optimize flatpak_variant_bsearch_str
|
|
+ Use flatpak_variant_bsearch_str to lookup in summary cache
|
|
+ Optimize flatpak_summary_match_subrefs
|
|
+ remote-add/modify: Break out gpg loading code to helper
|
|
+ update_remote_configuration_for_summary: Never use
|
|
system-helper
|
|
+ Add support for adding new gpg keys via signed summary
|
|
+ install: Fix automatic metadata update
|
|
+ Support build-update-repo --redirect-url=
|
|
+ Add a missing return
|
|
+ Drop an unused variable
|
|
+ repo: Print out redirect url too
|
|
+ Make it possible to unset values in update-repo
|
|
+ Update docs for build-update-repo
|
|
+ Document is-set keys in repo config
|
|
+ Add a marker to rewritten desktop files
|
|
+ tests: Make it possible to create multiple test repos
|
|
+ tests: Allow overriding GPG args
|
|
+ tests: Add a second gpg keyring
|
|
+ tests: Add new test-repo.sh with initial GPG tests
|
|
+ tests: Add tests for --redirect-url and new GPG key
|
|
+ tests: run test-repo.sh with system repo too
|
|
+ repo: Print out gpg key hash too
|
|
+ Don't use gdbus-codegen autoptr generation
|
|
+ common: Break out the flatpak progress calculator to a helper
|
|
method.
|
|
+ Improve error wording
|
|
+ Remove unused variables
|
|
+ Remove an unused autoptr definition
|
|
+ Add workaround to flatpak_repo_collect_sizes for uncommited
|
|
objects
|
|
+ export: Add install/download size and metadata to commit
|
|
+ build-update-repo: Use the size/metadata info in the commit
|
|
object
|
|
+ builder: Use mkdtemp for initial git/bzr checkout
|
|
+ builder: Allow specifying the git commit if the branch is a tag
|
|
+ fix clang warning
|
|
+ update-metadata: silently ignore for non-signed system-helper
|
|
case
|
|
+ remote-add: Use the new system-helper for initial metadata
|
|
update
|
|
+ remote-ls: Don't rely on active symlink value, use deploy data
|
|
+ deploy: Uncouple active link from checksum
|
|
+ deploy: Append the subdirs to the checkout dir
|
|
+ update: flatpak update --subpath= means all subpaths
|
|
+ update: If resused ostree repo fails, blow it away and create
|
|
new
|
|
+ update: Fix update for partial commits with system-helper
|
|
+ deploy: Verify that xa.metadata in the commit matches the
|
|
deployed file
|
|
+ install: Limit the exported file to a whitelist
|
|
+ Disable exported search providers by default
|
|
+ exports: Fix up exporting of dbus service files
|
|
+ Rewrite exported mimetype files
|
|
+ Document flatpakrepo format extensions
|
|
+ Document flatpakref format extensions
|
|
+ dir: Report progress more frequently
|
|
+ Require latest flatpak (2017.5)
|
|
+ builder: Take "buildsystem" into consideration for cache
|
|
freshness
|
|
+ builder: Add a install-rule to allow customized install
|
|
+ run: Fix race condition in app identification
|
|
+ Improve progress report calculation
|
|
+ Use the nicer progress reporting for the CLI too
|
|
+ Require ostree 2017.6 for the new progress APIs
|
|
+ progress: Use the new atomic progress API
|
|
+ progress: Simplify the progress calculations
|
|
+ progress: Tweak metadata part of download
|
|
+ progress: Don't report ??? in the bar while estimating
|
|
+ Remove unused variable
|
|
+ Bump libglnx, port to new tmpfile API
|
|
+ Update to latest libglnx with tmpfile error fix
|
|
+ Update to a libglnx that has GLnxTmpfiles fixed
|
|
+ builder: Better debug output from the rofiles-fuse code
|
|
+ builder: More GLnxTmpfile fixes
|
|
+ OCI: Properly initialize all used progress fields
|
|
+ builder: Fix segfault if appstream-compose fails
|
|
+ complete: Don't read outside string
|
|
+ Add version property to all dbus interfaces
|
|
+ document-portal: Add AddFull() operation
|
|
+ document-portal: Bump version to 2 due to new AddFull method
|
|
+ builder: Make c/cxx/ldflags not override env
|
|
+ builder: Update doc for latest cflags vs env var change
|
|
+ builder: Add CPPFLAGS similar to the existing flags
|
|
+ Update to latest libglnx and use the new GLnxTmpFile API
|
|
+ Remove unused variable
|
|
+ Add some hints when icons are not found
|
|
+ Correct mountpoint handling
|
|
+ Small documentation improvements
|
|
+ common: Expose FlatpakExports
|
|
+ common: Add flatpak_find_current_ref helper
|
|
+ run: Use new flatpak_find_current_ref helper.
|
|
+ common: Add flatpak_context_load_for_app helper
|
|
+ document-portal: Lock just once in AddFull for many paths
|
|
+ document-portal: Add XDP_ADD_FLAGS_AS_NEEDED_BY_APP to AddFull
|
|
+ lib: Add flatpak_installation_update_appstream_full_sync with
|
|
progress
|
|
+ Remove unused variables
|
|
+ lib: Fix update checking
|
|
+ builder: Add support for screenshot mirroring
|
|
+ Use the CLI progress for update --appstream too
|
|
+ export: Always set a xa.ref commit metadata
|
|
+ progress: Update at 300msec on the CLI
|
|
+ deploy: Ensure xa.ref, if set, is correct
|
|
+ Dist test-keyring2 dir
|
|
- Changes from version 0.9.3:
|
|
+ builder-manifest: Rename localized icon fields as well
|
|
+ build-update-repo: g_warning doesn't need newlines in the
|
|
message
|
|
+ docs: Add flatpak make-current to the list of commands
|
|
+ doc: Align build commands with --help
|
|
+ docs: Add a / to all mentions of installations.d
|
|
+ doc: Add a manpage for the repo config format
|
|
+ docs: Add a man page for installation files
|
|
+ Fix --help output for --installation
|
|
+ doc: Include all man pages in html
|
|
+ appstream: Don't strip .desktop extension if thats the actual
|
|
id
|
|
+ flatpak-builder: bundle module sources as runtime
|
|
+ Bundle sources: add support for bzr
|
|
+ Bundle sources: add support to bundle patches as well
|
|
+ Bundle sources: add flag --bundle-sources to control the
|
|
bundling
|
|
+ Bundle sources: the path is always sources
|
|
+ Bundle sources: allow use case to mix local and online sources
|
|
+ Bundle sources: rename option to --extra-sources=DIR
|
|
+ Bundle sources: use git clone --shared for local sources
|
|
checkout
|
|
+ Bundle sources: bundle the manifest
|
|
+ Bundle source: use C-style comments
|
|
+ Bundle sources: initialize app_dir_path later
|
|
+ Bundle sources, git_get_mirror_dir: able to pass NULL for
|
|
is_local
|
|
+ Bundle sources, bzr: set error when repo can not be found
|
|
+ Bundle sources: bundling has to happen before the extracting
|
|
+ Improve html generation
|
|
+ Add some structure to the generated html
|
|
+ Fix a typo in a comment
|
|
+ run: Handle non-default WAYLAND_DISPLAY
|
|
+ Drop useless options from flatpak info
|
|
+ Avoid confusing behavior of flatpak info
|
|
+ Add more useful options to flatpak info
|
|
+ Add a --show-extensions option to flatpak info
|
|
+ Fix the testsuite
|
|
+ flatpak info: Show more information for extensions
|
|
+ flatpak info: Properly handle unmaintained extensions
|
|
+ Fix a compiler warning
|
|
+ builder-module: add "bootstrap.sh" to autogen_names
|
|
+ Add a repo command
|
|
+ Document flatpak repo command
|
|
+ Quiet compiler warnings
|
|
+ Don't fail the build if rofiles-fuse is not available
|
|
+ Make it a warning
|
|
+ docs: Fix a typo
|
|
+ Document build-extension
|
|
+ More metadata docs
|
|
+ build: Ensure we add the default dbus permissions
|
|
+ builder: handle module-relative paths for json includes
|
|
+ builder: Load source files from the directory of the module
|
|
+ build: Always set personality to linux32 when cross-building
|
|
+ builder: Print warnings for unknown properties
|
|
+ Report full version in http user agent
|
|
+ builder: Ignore --extra-data in flatpak-builder --run
|
|
+ docs: Mention that rename-icon should not have an extension
|
|
+ build-update-repo: Add internal function to create a single
|
|
delta
|
|
+ build-update-repo: Spawn subprocesses when generating deltas
|
|
+ builder: Use module-relative paths for archive sources too
|
|
+ builder: Take build-commands into consideration for rebuild
|
|
+ docs: Typo fix: "flatpack-builder" -> "flatpak-builder"
|
|
+ builder: Use flatpak_mkdir_p instead of query + mkdir
|
|
+ common: Add flatpak_build_file[_va] helper
|
|
+ builder: Add builder_context_find_in_sources_dirs
|
|
+ builder: Use context_find_in_sources_dirs to simplify code
|
|
+ Extend flatpak-builder test
|
|
+ builder: Make git patch apply verbose by default
|
|
+ Don't bundle inline (data:) URIs
|
|
+ builder: Drop the storing of local files to data: uris
|
|
+ fixup! common: Add flatpak_build_file[_va] helper
|
|
+ builder: Convert bundle sources to cached stage
|
|
+ builder: Change how we handle pre-existing git sources
|
|
+ builder: Update bzr bundling
|
|
+ export: Always make directories accessible
|
|
+ builder: Strip trailing whitespace in git submodule urls
|
|
+ builder: Add progress reporing while downloading
|
|
+ builder: Fix up unused variable warnings from clang
|
|
- Changes from version 0.9.2:
|
|
+ Fix typo
|
|
+ Revert "Fix typo"
|
|
+ builder: Remove all SDK extension from the platform
|
|
+ Re-fix typo
|
|
+ builder: Handle absolute paths in command
|
|
+ builder: Add --default-branch=BRANCH
|
|
+ build-export: Export all files with canonical permissions
|
|
+ document more metadata keys
|
|
+ Fix pofiles typo
|
|
+ Bump libglnx, use new glnx_throw(), fix callers
|
|
+ Import ostree's compiler warnings, fix up callers
|
|
+ Fix build if libdwarf dir missing
|
|
+ Correctly find system unmaintained extensions
|
|
+ Stop using ostree trivial-httpd
|
|
+ Drop -Werror for aggregate-returns
|
|
+ Add forgotten file
|
|
+ Removed a commented string
|
|
+ builder: Add a hint about --force-clean
|
|
+ test-webserver.sh: Remove accidental debug spew
|
|
+ tests: Don't leak SimpleHTTPServers
|
|
+ Add new API to the docs
|
|
+ OCI: Verify that loaded OCI blobs have the correct checksum
|
|
+ builder: Don't pass --require-version along to build
|
|
+ Add flatpak_oci_registry_get_uri
|
|
+ FlatpakDir: Break out helper
|
|
flatpak_dir_lookup_ref_from_summary
|
|
+ oci: Break out get_digest_subpath helper function
|
|
+ OCI: fstat in local_open_file helper
|
|
+ OCI: Add flatpak_oci_registry_mirror_blob
|
|
+ OCI: Add flatpak_archive_read_open_fd_with_checksum
|
|
+ OCI: flatpak_pull_from_oci - verify manifest ref
|
|
+ OCI: Verify layer checksum while applying
|
|
+ OCI: Support OCI with system-helper by mirroring OCI repo
|
|
+ update: Don't check for update short-circuit if we're not
|
|
pulling
|
|
+ OCI: Add flatpak_oci_sign_data
|
|
+ OCI: Add support for strict and mandatory json properties
|
|
+ OCI: Add json format for atomic-based signatures
|
|
+ OCI: Support signing build-bundld --oci output
|
|
+ OCI: Verify signatures
|
|
+ OCI: Fix signature checks on updates
|
|
+ OCI: Use gpg signatures in tests-oci.sh
|
|
+ utils: Prepare for libostree 2017.4 defining autocleanups
|
|
+ Split the manifest file docs off
|
|
+ CI: Add gpgme-devel to CI build environment
|
|
+ Fix ostree autoptr checks for git master
|
|
+ Fix unused variable errors reported by clang
|
|
+ builder: make appstream-compose failure fatal
|
|
+ dbus-proxy: Make Buffer refcounted
|
|
+ dbus-proxy: Fix use-after free in header parsing
|
|
+ dbus: proxy fix leak in get_arg0_string
|
|
+ dbus-proxy: Fix leak of get_arg0_string return value
|
|
+ dbus-proxy: Fix leak in setup phase
|
|
+ system-helper: Fix check for downgrade
|
|
+ update: Only allow downgrades if a commit is explicitly
|
|
specified
|
|
+ Handle uris better when detecting .flatpak[repo,ref] suffix
|
|
+ Use ostree's BARE_USER_ONLY flag (#674)
|
|
+ Build with large file support
|
|
+ Use correct format string for guint64 on 32-bit
|
|
+ builder: Add disable-fsckobjects to git sources
|
|
+ builder: Add commit property to git source
|
|
+ builder: Support sdk-extensions also for apps
|
|
+ Updated translations.
|
|
- Add libqgpgme-devel BuildRequires: New dependency.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 21 00:09:01 UTC 2017 - adrien.plazas@suse.com
|
|
|
|
- Update to version 0.9.1:
|
|
+ The flatpak-builder build cache now uses the rofiles-fuse
|
|
ostree feature.
|
|
+ The cflags and cxxflags module properties now work by
|
|
appending, rather that replacing, when there are multiple
|
|
values specified.
|
|
+ Do not invalidate build cache when the installed version of the
|
|
SDK changed by default. Use --rebuild-on-sdk-change to force
|
|
rebuild otherwise.
|
|
+ The build cache is now per-arch.
|
|
+ New buildsystem "cmake-ninja" which works like "cmake", but
|
|
builds using ninja.
|
|
+ New buildsystem "simple" which just runs a set of shell
|
|
commands specified in the "build-commands" property.
|
|
+ flatpak-builder now has build-runtime and build-extension
|
|
properties that makes it easier to build runtimes and
|
|
extensions.
|
|
+ FLATPAK_DEST is set in the build environment to the
|
|
installation destination.
|
|
+ flatpak-builder now supports --from-git=URL which pulls the
|
|
json manifest and related files directly from a git repo.
|
|
+ modules have a new no-make-install property which skips the
|
|
make install step.
|
|
+ Modules and sources have only-arches and skip-arches
|
|
properties, which lets you enable/disable them based on the
|
|
build architecture.
|
|
+ build-options has a new property ldflags, which is similar to
|
|
cflags and cxxflags.
|
|
+ flatpak build (and thus flatpak-builder --run) now supports
|
|
dbus proxies when needed.
|
|
+ All git repos are cloned with fsckObjects=true, which means we
|
|
verify that the repos are valid.
|
|
+ New flatpak-builder argument --build-shell=MODULE extracts and
|
|
prepares the sources for a specified module and then starts a
|
|
build sandbox inside it.
|
|
+ build-export: Now supports --timestamp=ISO-8601-TIMESTAMP,
|
|
which allows you to create reproducible commits.
|
|
+ The OCI support has been updated to the latest version of the
|
|
OCI image specification format.
|
|
+ There is a new flatpak-bisect script that can be used to bisect
|
|
flatpak applications, looking for regressions.
|
|
+ flatpak list got a revamp. It now shows more information, and
|
|
shows both apps and runtimes by default.
|
|
+ flatpak remote-list was renamed flatpak remotes in order to
|
|
minimize confusion with flatpak remote-ls. The old name is
|
|
deprecated but still works.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 20 20:12:58 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.8.7:
|
|
+ This is a minor security update, matching the behaviour on
|
|
master where we avoid ever creating setuid files or
|
|
world-writable directories. However, the fix is more localized
|
|
and does not require a new ostree.
|
|
+ After pulling from a remote, always verify that the staged new
|
|
files and directories have safe permissions.
|
|
+ Ensure ~/.local/share/flatpak is not readable to other users,
|
|
to avoid anyone ever seeing possibly world-writeable
|
|
directories therein.
|
|
+ Fix double-setting a error in case of errors when pulling.
|
|
+ Fix timeout in testcase.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 20 20:12:42 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.8.6:
|
|
+ TMPDIR is now unset in the sandbox, if set on the host. Each
|
|
sandbox has a personal /tmp that is used.
|
|
+ Flatpak run now works if /tmp is a symlink on the host.
|
|
+ /etc/hosts and /etc/hosts.conf from the host are now exposed in
|
|
the sandbox in addition to /etc/resolv.conf.
|
|
+ flatpak now stores the app id in the X-Flatpak key when
|
|
exporting a desktop file.
|
|
+ Exports are now whitelisted, and the only thing you can
|
|
export are: desktop files, icons, dbus services.
|
|
This is somewhat different from the 0.9.x series, where als
|
|
mime definitions, and gnome-shell search providers are allowed.
|
|
+ Fixed minor race condition in portal application
|
|
identification.
|
|
+ Support WAYLAND_DISPLAY environment var.
|
|
+ dbus-portal: Fix handling of NameHasOwner.
|
|
+ run: Allow regular files for --filesystem=xdg-config/path.
|
|
+ run: Allow --filesystem=xdg-config/subdir:ro (previously
|
|
it needed to be writable).
|
|
+ Support for updating to new gpg keys and url when using
|
|
flatpak remote-modify --update-metadata. This is a manual
|
|
operation in 0.8.x but is automatic in the 0.9.x series.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 20 20:12:04 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.8.5:
|
|
+ Fixed a use-after-free and some leaks in the dbus-proxy. This
|
|
is not currently believed to be exploitable, but the proxy is a
|
|
security boundary, so we still recommend to update.
|
|
+ Regular updates now never allow updates to an older version
|
|
than what is currently installed (unless you explicitly specify
|
|
an old commit id). This closes a hole where a MITM attacker can
|
|
force clients to downgrade to an earlier (gpg-signed) version
|
|
of the application.
|
|
+ The automatic detection of --from in flatpak install now
|
|
detects flatpakref extensions even in URIs that end in a query
|
|
string such as https://git.gnome.org/browse/gnome-apps-nightly/plain/gedit.flatpakref?h=stable
|
|
+ The detection of "unmaintained" system extensions was broken,
|
|
and in some cases these extensions were not found. This now
|
|
always works.
|
|
+ Flatpak now builds with latest OSTree. This required some
|
|
fixing for multiple definitions of the g_auto* macros as OSTree
|
|
now exports those.
|
|
+ We no longer rely on ostree trivial-httpd for the tests,
|
|
because this is optional in later versions of ostree. Instead
|
|
we use the python SimpleHTTPServer.
|
|
+ The minimum glib version has been corrected to 2.44.
|
|
+ The minumum automake version has been increased to 1.13.4
|
|
because some older version didn't work.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 10 20:58:11 UTC 2017 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.8.4:
|
|
+ Fix no-systemd-user warning (it doesn't affect sandboxing
|
|
anymore).
|
|
+ run: propagate wildcard xauth entries to app bundle.
|
|
+ Don't remove origin remotes if some other ref uses it.
|
|
+ Fix repeated download of locates on update.
|
|
+ update: Don't update related refs from different remote.
|
|
+ Initialize g_autofree string to NULL, not to crash when early
|
|
returning.
|
|
+ document portal: Disable spice_read as it seems broken.
|
|
+ Return the container from flatpak_get_system_installations().
|
|
+ Don't include newlines in error messages.
|
|
+ utils: Fix list_unmtainained_refs.
|
|
+ Avoid possible null dereference.
|
|
+ utils: Fix flatpak_bundle_load typo.
|
|
+ list: Don't check error twice.
|
|
+ list-remotes: Handle remotes with no url specified.
|
|
+ run: Handle error when enumerating /etc.
|
|
+ zero-mtime: Handle error when enumerating directory.
|
|
+ Fix error check when loading configuration.
|
|
+ Support runtime-less extra-data.
|
|
+ flatpak_list_extensions: Break out code into helper.
|
|
+ extensions: Support multiple versions.
|
|
+ Append flatpak data dirs if XDG_DATA_DIRS is already set
|
|
(gh#flatpak/flatpak#611).
|
|
+ appstream: Don't add runtime to flatpak bundle tag for
|
|
runtimes.
|
|
+ Split extra-data setup and fetch.
|
|
+ Improve progress calculation.
|
|
+ profile: Don't add flatpak to XDG_DATA_DIRS if its already
|
|
there.
|
|
+ Updated translations.
|
|
- Drop flatpak-propagate-xauth-wildcard.patch: fixed upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 21 16:42:32 UTC 2017 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.8.3:
|
|
+ In addition to the regular list of bugfixes this stable release
|
|
include backports of the updated OpenGL support from master.
|
|
This, in combination with the work in the runtime allows
|
|
flatpak to work out of the box with out-of-tree OpenGL drivers,
|
|
including the nvidia driver.
|
|
+ Additionally, due to some complicated issues wrt ptrace and
|
|
user namespaces this version disables the use of user
|
|
namespaces if bubblewrap is setuid, as it cause problems for
|
|
the way flatpak portals identifies applications.
|
|
+ Better handling of errors for extra-data.
|
|
+ Handle extra-data properly for runtimes (as well as apps).
|
|
+ Respect required version for runtimes (as well as apps).
|
|
+ flatpak list: Don't break if some local ref is not deployed.
|
|
+ builder:
|
|
- Look for appstream data in /app/share/metadata also.
|
|
- Fix buildsystem=cmake builds.
|
|
+ Add progress reporting to extra-data download.
|
|
+ Fix uid/gid for directories in document portal.
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 15 15:28:07 UTC 2017 - adrien.plazas@suse.com
|
|
|
|
- Add flatpak-propagate-xauth-wildcard.patch which ensures
|
|
applications have the right to communicate with the X server.
|
|
(gh#flatpak/flatpak#569).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 10 16:45:25 UTC 2017 - kamikazow@opensuse.org
|
|
|
|
- Update to version 0.8.2:
|
|
+ This is a bugfix and security update:
|
|
- Some of the bind-mounts that flatpak sets up were not
|
|
read-only as they should have. This includes: extensions,
|
|
system fonts, resolv.conf, localtime and machine-id. Many of
|
|
these are typically only writable by root, but some, like the
|
|
user-specific fonts and user-installed extensions could be
|
|
modified from the sandbox.
|
|
+ Other fixes:
|
|
- There are new configure options for where to install dbus
|
|
configuration.
|
|
- Broken symlinks in the root directory no longer break flatpak
|
|
run.
|
|
- flatpak run with HOME in /var now works.
|
|
- dri access now also handles mali devices.
|
|
- install handles --arch when installing flatpakrefs.
|
|
- system-helper activation fixed on systemd-less setups.
|
|
- dbus-proxy now works without /run.
|
|
- During installation, failing to update a dependency is now
|
|
not fatal.
|
|
- /etc is now fully writable when building runtimes.
|
|
- --filesystem=xdg-config/foo now sets up the bind-mount from
|
|
the host dir even when not using :create.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 10 16:45:02 UTC 2017 - kamikazow@opensuse.org
|
|
|
|
- Update to version 0.8.1:
|
|
+ This is a bugfix and security update (CVE-2017-5226):
|
|
- Flatpak now uses seccomp to disallow the TIOCSTI ioctl in the
|
|
sandbox, which works around the possibility to inject text on
|
|
the controlling tty (CVE-2017-5226).
|
|
- This was previously fixed in bubblewrap in 0.1.6, but that
|
|
change has now been reverted as it introduced other problems
|
|
for flatpak.
|
|
+ Update bundled bubblewrap to 0.1.7.
|
|
+ Fix writing new file with O_EXCL in the document portal.
|
|
+ Allow appstream data that doesn't have .desktop in the
|
|
component id, such as data for runtimes.
|
|
+ Drop json-glib dependency from 1.2 to 1.0.
|
|
+ Builder: Fail if unable to read included file.
|
|
+ OCI: Ensure exported layers are readable by everyone.
|
|
+ Fix extra-data download in gnome-software.
|
|
+ Fix update-mime-database trigger when installing via the system
|
|
helper.
|
|
+ Updating an app by installing a newer bundle now works again.
|
|
+ Make /var/tmp not be on a tmpfs (it is now in
|
|
~/.var/app/$appid/cache/tmp).
|
|
+ Updated documentation.
|
|
+ Updated translations.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 22 14:43:23 UTC 2016 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.8.0:
|
|
+ This is the first release in a new series of stable releases
|
|
called 0.8.x. New features will be added to 0.9.x, and only
|
|
bugfixes will be backported to 0.8.x. The featureset of this
|
|
release is a good base to target if you're creating flatpaks
|
|
that should be widely usable.
|
|
+ This release technically requires only OSTree 2016.14, and it
|
|
build fine with this, but we recommend using OSTree 2016.15,
|
|
because of the change in how it verifies the checksums of
|
|
commits in delta files.
|
|
+ Flatpakrepo files now support a RuntimeRepo= key which points
|
|
to a flatpakrepo file. This means the user don't have to
|
|
manually configure a remote for the runtime, just reply to the
|
|
prompt to automatically do this when installing the app.
|
|
+ We now support dependencies when installing bundles. This
|
|
includes required runtimes, related refs, and the equivalent of
|
|
RuntimeRepo.
|
|
+ The support for OCI in flatpak has been updated to the latest
|
|
OCI spec version, and support has been added to directly
|
|
install flatpak applications from an OCI image.
|
|
+ In flatpak install, the --from and --bundle options are now
|
|
optional if the argument has the correct suffix (.flatpakref
|
|
and .flatpak).
|
|
+ Flatpak install now supports -y to let you avoid interactive
|
|
prompts.
|
|
+ build-finish:
|
|
- We now export mime type files with the right name.
|
|
- New --require-version option let you specify a particular
|
|
version of flatpak, and older version of flatpak will not
|
|
install or update to the new version.
|
|
+ build-sign: Allow signing all apps by omitting the id.
|
|
+ Fix regression in the document portal when adding named files.
|
|
+ build-import-bundle now signs the commit if you specify a gpg
|
|
key.
|
|
+ Flatpak now reads configuration from
|
|
/etc/flatpak/installations.d which lets you support multiple
|
|
system-level installation paths. These can be accessed with
|
|
new --installation=... arguments to most of the commands.
|
|
+ flatpak-builder:
|
|
- Support --jobs=N to limit parallel builds.
|
|
- Patch source got new options property that lets you pass
|
|
arguments to patch.
|
|
- New generic "buildsystem: type" option that replace the (now
|
|
deprecated) "cmake: true" option. This supports "autotools",
|
|
"cmake" and "meson".
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 29 15:00:20 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.6.14:
|
|
+ Update bundled bubblewrap to 0.1.4 which has some nice
|
|
bugfixes.
|
|
+ Requires OSTree 2016.14, which allows us to drop some old
|
|
workarounds.
|
|
+ When installing an application system-wide, don't consider
|
|
dependencies that are installed for the user only.
|
|
+ Flatpak install --from now tries to re-use existing remotes to
|
|
avoid creating unnecessary origin remotes.
|
|
+ Using --filesystem=$dir when $dir is a symlink-to-directory now
|
|
works.
|
|
+ Using --filesystem=$file to expose unix sockets to the app is
|
|
now allowed.
|
|
+ By default all the directories in ~/.var/app (except the app),
|
|
as well as ~/.local/share/flatpak are hidden in the sandbox.
|
|
+ New option --filesystem=$dir:create which will create the
|
|
destination if it did not previously exist.
|
|
+ --filesystem= now supports for xdg-[config|cache|data]. This
|
|
allows you access to the host versions of these xdg dirs.
|
|
Additionally if you use these with a subdirectory, like:
|
|
--filesystem=xdg-config/subdir then that subdirectory on the
|
|
host will be shared with the per-app instance of the xdg-dir.
|
|
+ Builder now correctly handles app-ids that have dashes in them.
|
|
Previously this generated invalid ids for the debuginfo and
|
|
locale extensions.
|
|
+ The experimental OCI file format support was changed from
|
|
creating an OCI container to creating an OCI image.
|
|
+ Fix regression where "flatpak update --appstream remotename"
|
|
broke.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 3 17:10:34 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Require flatpak by flatpak-devel: xdg-desktop-portal expects to
|
|
find org.freedesktop.portal.Documents.xml, which is part of
|
|
flatpak. It's fair to assume everything to be present when
|
|
pulling in the -devel package.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 26 09:23:14 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.6.13:
|
|
+ The command line arguments for install/update/uninstall
|
|
changed.
|
|
+ Application runtime depencenies are checked/downloaded.
|
|
+ remote-add and install --from now supports uris.
|
|
+ flatpak run can now launch a runtime directly.
|
|
+ Updated bubblewrap to 0.1.3 (CVE-2016-8659).
|
|
+ Support for defining the default branch per remote.
|
|
+ remote-add/modify: --update-metadata pulls current title and
|
|
default branch from remote summary file.
|
|
+ Applications can now list a set of URIs that will be downloaded
|
|
with the application.
|
|
+ flatpak-builder: Support --finish-only and
|
|
--allow-missing-runtimes.
|
|
+ flatpak-builder: Support app layering.
|
|
+ dbus proxy: The filtering has been tightened up.
|
|
+ build-finish: Now exports icons for themes other than hicolor
|
|
too.
|
|
+ There is support in the app metadata for generic policies.
|
|
+ Support for extensions directories.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 10 17:41:27 UTC 2016 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.6.12:
|
|
+ Partial revert in application id rules. Application ids can now
|
|
only have dashes in the last element. This allows apps to
|
|
export files such as org.my.App-extra.desktop which was used by
|
|
the libreoffice builds.
|
|
+ By default the kernel keyring is not accessable, as it is not
|
|
containable.
|
|
+ Some robustness fixes for build-commit-from.
|
|
+ Better error messages.
|
|
+ flatpak update --appstream now updates for all remotes.
|
|
+ Made flatpak enter work, and you can now use any pid in the
|
|
sandbox. However, it requires root permissions.
|
|
+ Support for --device=kvm for /dev/kvm access.
|
|
+ Support for --allow=multiarch to support non-primary arch
|
|
support. For example running i686 code in an x86_64 app.
|
|
+ Add new default-branch setting for the remote configuration.
|
|
- Changes from version 0.6.11:
|
|
+ Dashes are now allowed in application ids. However, to still
|
|
work with symbolic icon names, they may not end with
|
|
"-symbolic".
|
|
+ HostCommand now handles ptys correctly.
|
|
+ Various documentation updates.
|
|
+ New FLATPAK_CHECK_VERSION macro in libflatpak.
|
|
+ HostCommand now returns the real PID rather than a fake one.
|
|
+ Fix regression in flatpak update --appstream.
|
|
+ Fix regression installing bundles without origin urls.
|
|
+ New flatpak-builder option --show-deps lists all the files the
|
|
manifest depends on.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 19 17:51:42 UTC 2016 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.6.10:
|
|
+ Dropped requirement for systemd --user. The way we detect if an
|
|
process we're talking to is sandboxed, and what application id
|
|
it has doesn't use cgroups anymore, which means that the
|
|
dependency on systemd in the user session is now optional. This
|
|
also means the --no-desktop argument is not needed any more.
|
|
(It is still accepted but does nothing.)
|
|
+ Initial support has been added for .flatpakref files. These are
|
|
simple key value files similar to .flatpakrepo files, however
|
|
they specify an application to install in addition to the repo
|
|
information. For example, gedit can be installed by downloading
|
|
https://sdk.gnome.org/gedit.flatpakref and running: flatpak
|
|
install --from gedit.flatpakref There is also library support
|
|
for this so it can be added to graphical installers (such as
|
|
gnome-software).
|
|
+ Requires OSTree 2016.10. The change in how OSTree handles
|
|
mtimes in checkouts that was introduced in 2016.7 has been
|
|
reverted, and the required changes in Flatpak has been made.
|
|
This means that flatpak now depends on OSTree 2016.10.
|
|
+ Requires Bubblewrap 0.1.2 for builds using the system
|
|
bubblewrap. Builds using the included copy need no changes.
|
|
+ The $XDG_RUNTIME_DIR/flatpak-info file has added information
|
|
about the running application, and is now also securely
|
|
available for a running application from the host as
|
|
"/proc/$fd/root/.flatpak-info". This is what is used to
|
|
identify remote apps instead of the cgroup info.
|
|
+ A new run permission --allow=devel has been added. An
|
|
application with this permission is allowed to use ptrace and
|
|
perf. This was previously only available during "flatpak build"
|
|
and "flatpak run -d". This is useful if you're packaging e.g.
|
|
an IDE.
|
|
+ When an application is updated or removed a /app/.updated or
|
|
/app/.removed file is created for running instances. This can
|
|
be used by applications to trigger e.g. a restart for the new
|
|
version.
|
|
+ A new dbus request "HostCommand" has been added to
|
|
org.freedesktop.Flatpak. This lets you run any command on the
|
|
host, and is therefore clearly not sandboxed, so access to this
|
|
should be limited. However, it is very useful if you're using
|
|
flatpak mainly as a distribution mechanism, for a non-sandboxed
|
|
application.
|
|
+ flatpak-builder now supports running from inside a flatpak, by
|
|
auto-detecting this and using the HostCommand service to run
|
|
recursive flatpaks.
|
|
+ Consecutive calls to flatpak build-update-repo has been speed
|
|
up.
|
|
+ The document portal now allows sandboxed applications to create
|
|
references to files in /app and /usr (in the app/runtime).
|
|
+ The update process now doesn't stop at the first failure.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 06 15:34:26 UTC 2016 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.6.9:
|
|
+ Dropped dependency on libgsystem.
|
|
+ Allow passing partial refs whenever a CLI command takes an app
|
|
or runtime name.
|
|
+ New command build-commit-from creates a new commit based on the
|
|
contents of another commit (optionally from another local
|
|
repo).
|
|
+ The sandbox now contains $XDG_RUNTIME_DIR/app/$APPID from the
|
|
host (and the directory is created if needed).
|
|
+ update: Better output, and faster for the no updates case.
|
|
+ build-export: Don't make most validation errors fail, instead
|
|
just print a warning.
|
|
+ builder:
|
|
- Support local path references for git sources.
|
|
- Better handling of recursive git submodules.
|
|
- Fixed issues with the .pyc mtime rewriting.
|
|
- Handle symbolic icons for rename-icon.
|
|
- Add --stop-at=$module to do partial builds.
|
|
- Add --sandbox flag to disable the build from escaping from
|
|
the sandbox via build-args.
|
|
+ Updated translations.
|
|
- Drop pkgconfig(libgsystem) BuildRequires following upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 16 09:39:38 UTC 2016 - dmacvicar@suse.de
|
|
|
|
- Update to version 0.6.8:
|
|
+ Requires OSTree 2016.7, allowing to enable use of static delta
|
|
for system downloads again.
|
|
+ Support --no-desktop which allows you to run a flatpak app
|
|
outside a desktop, with some loss of functionallity
|
|
(for example, there will be no systemd --user scope created for
|
|
the app)..
|
|
+ More documentation.
|
|
+ Memory leak fixes.
|
|
+ Initial support for rpms as flatpak-builder archive sources.
|
|
+ Start work on translating the CLI.
|
|
+ Install systemd config snippet to set the right XDG_DATA_DIRS
|
|
path.
|
|
+ Support --arch in flatpak list.
|
|
+ Support access() in the document portal.
|
|
+ Validate exported desktop files.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 19 17:58:13 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Change /usr/bin/tar Requires to /bin/tar: this has never been
|
|
moved to /usr/bin.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jul 02 11:51:25 UTC 2016 - zaitor@opensuse.org
|
|
|
|
- Update to version 0.6.7:
|
|
+ Expand the flatpak run --devel docs.
|
|
+ Add an option for journal sockets.
|
|
+ Document new socket option.
|
|
+ Fix builddir option type in flatpak-builder documentation.
|
|
+ document portal: don't reply to GetMountPoint() until ready.
|
|
+ Downgrade failure to get document portal from warning to
|
|
message.
|
|
+ tests: don't treat helper scripts as though they were tests.
|
|
+ Run tests with a private XDG_RUNTIME_DIR.
|
|
+ Add BWRAP and --with-system-bubblewrap configure arguments.
|
|
+ test-basic: do not fail in non-English locales.
|
|
+ Update to latest libglnx with lock release fix.
|
|
+ fix warning.
|
|
+ Fix leak in flatpak-installed-ref.
|
|
+ utils: Add flatpak_spawnv() helper.
|
|
+ builder: Add "use-git" option for patch source type.
|
|
+ Make journal always available in the sandbox.
|
|
+ builder: Report errors to stderr, not stdout.
|
|
+ tests: Add test for "use-git" patch application.
|
|
+ tests/test-builder.sh: Re-silence flatpak-builder.
|
|
+ tests: Test install/updates with static deltas.
|
|
+ extensions: Minor cleanup.
|
|
+ Add tests for extensions.
|
|
+ extensions: Always create a tmpfs for subdirectory extensions.
|
|
+ common: Remove unused functions.
|
|
+ utils: Add flatpak_get_current_locale_subpaths().
|
|
+ utils: Add flatpak_summary_match_subrefs.
|
|
+ builder: Strip "." from locale names too.
|
|
+ FlatpakDir: Add flatpak_dir_find_remote/local_related.
|
|
+ Add flatpak_dir_install_or_update.
|
|
+ Install/update/uninstall related refs.
|
|
+ builder: Set the new extension properties.
|
|
+ Bump version number since last release.
|
|
+ Document the metadata format.
|
|
+ lib: Support listing related refs.
|
|
+ Add some code I used to test the new related refs code.
|
|
+ doc/flatpak-metadata: Add some extra clarifications.
|
|
+ Update NEWS.
|
|
+ Require ostree 2016.6.
|
|
+ builder: Clear mtime to 1, not 0, to match what new ostree
|
|
does.
|
|
+ Remove unused variables.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 28 08:33:41 UTC 2016 - fcrozat@suse.com
|
|
|
|
- Update to version 0.6.6:
|
|
+ lib: Add flatpak_get_supported_arches.
|
|
+ Add flatpak --supported-arches.
|
|
+ common: Make some internal functions static.
|
|
+ update: Always look at all existing apps when updating.
|
|
+ Disable static deltas for system-helper updates.
|
|
+ Make finding refs handle multi-arch.
|
|
+ make-current: Use find_installed_ref().
|
|
+ remote-ls: Better multiarch support.
|
|
- Changes from 0.6.5:
|
|
+ Documentation improvements
|
|
+ builder: Check that the specified command exists after build is
|
|
done.
|
|
+ builder: Fix up mtime in headers for python precompiled files.
|
|
+ builder: Allow submodules and including modules from other json
|
|
files.
|
|
+ system-helper builds are optional (--disable-system-helper).
|
|
+ system-helper: Support installing from local remotes and
|
|
bundles.
|
|
+ Improved support for --subpath installs, including libflatpak
|
|
support.
|
|
+ Improved command line completion.
|
|
- Create /var/lib/flatpak directory, own it and ensure system wide
|
|
repo exists when installing / updating flatpak package.
|
|
- Add pkgconfig(libarchive) >= 2.8.0 and gtk-doc to BuildRequires.
|
|
- Replace libelf-devel for pkgconfig(libelf) BuildRequires.
|
|
- Bump ostree minimal requirements to 2016.5.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 8 08:09:11 UTC 2016 - tchvatal@suse.com
|
|
|
|
- Version update to 0.6.4:
|
|
+ Rename to flatpack
|
|
+ New homepage and download url
|
|
+ Various fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 20 11:19:06 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.5.2:
|
|
+ The way locale extensions work has changed. Now we build a
|
|
single extension for all locales, but we allow you to specify a
|
|
subset of it during installation and update time using the
|
|
--subpath commandline flag. The main reason for this is that
|
|
the many extensions didn't scale, both in technical terms
|
|
(large ostree summary file size), but also in terms of the UI
|
|
listing hundreds of uninteresting things.
|
|
+ We no longer use sizes in the commit objects to get installed
|
|
and download size, instead we store some extra metadata in the
|
|
summary file. This allows us to get much faster access to
|
|
these, as with recent ostree versions we can cache the summary
|
|
file.
|
|
+ New command xdg-app build-sign that lets you sign a commit at
|
|
any time.
|
|
+ New argument xdg-app build --force-clean that removes
|
|
pre-existing build dirs.
|
|
+ xdg-app run now uses the "current" version as the default if
|
|
you specify no branch or arch. It used to default to the
|
|
"master" branch. This will default to the last installed
|
|
version, but can be changed with xdg-app make-current.
|
|
+ Added config-opts to the build-options in xdg-app-builder. This
|
|
allows you to extend the configure flags in an arch dependent
|
|
way.
|
|
+ Documentation updates.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 08 14:33:59 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.5.1:
|
|
+ xdg-app-builder: Don't export if --build-only specified.
|
|
+ Prefer non-subdir extensions over subdir ones..
|
|
+ builder: Build single every-locale extension.
|
|
+ Extract icons for all appstream components.
|
|
+ Document xdg-app-build-bundle.
|
|
+ Align contents of xdg-app.1 with xdg-app --help.
|
|
+ Don't check that the name is a branch.
|
|
+ Add xdg-app info to docs.
|
|
+ builder: Use the right field for the platform cache checksum.
|
|
+ builder: Checksum metadata-platform contents for cache too.
|
|
+ builder: Actually respect the defined branch.
|
|
+ Fix indentation.
|
|
+ Support endianness markers in bundle files.
|
|
+ seccomp: Always try to do the socket filtering, but don't fail
|
|
if not supported.
|
|
+ seccomp: Allow running the target arch.
|
|
+ doc: Minor reshuffling.
|
|
+ XdgAppInstallation: Fix a doc typo.
|
|
+ version information: Add documentaiton.
|
|
+ XdgAppError: Add documentation.
|
|
+ XdgAppInstallation: Add documentation.
|
|
+ XdgAppRef: Add documentation.
|
|
+ XdgAppInstalledRef: Add documentation.
|
|
+ XdgAppRemoteRef: Add documentation.
|
|
+ XdgAppRemote: Add documentation.
|
|
+ docs: Pick up the version number automatically.
|
|
+ docs: No need for a deprecated index.
|
|
+ docs: Exclude more private headers.
|
|
+ docs: Fix a typo.
|
|
+ docs: Hide class structs.
|
|
+ doc: Add xdg_app_installation_install_bundle.
|
|
+ More class hiding.
|
|
+ docs: Document XdgProgressCallback.
|
|
+ helper: Use 64bit capset/capget versions.
|
|
+ Release 0.5.1.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 17 10:31:33 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.5.0:
|
|
+ Change xdg_app_bundle_ref_get_appdata to
|
|
xdg_app_bundle_ref_get_appstream.
|
|
+ Update test-lib.c with the appstream api change.
|
|
+ lib: Fix a tiny leak.
|
|
+ lib: Add xdg_app_bundle_ref_get_origin().
|
|
+ Search for dwarf.h in configure.
|
|
+ Post release version bump.
|
|
+ Force /bin/sh as a shell.
|
|
+ Ensure that the .ref file is always replaced.
|
|
+ Get the new glnx_fd_close.
|
|
+ Reimplement fuse backend.
|
|
+ Now newlines needed in g_debug calls.
|
|
+ Don't enumerate noenumerate remotes.
|
|
+ document portal: Avoid some deadlock.
|
|
+ fuse: Store basename in dir so we don't have to keep looking it
|
|
up.
|
|
+ Flesh out document portal tests.
|
|
+ xdg-app-buildeR: Remove unnecessary spew.
|
|
+ No need for newlines in g_debug messages.
|
|
+ Never use gvfs in the session helper.
|
|
+ Avoid warning about refing null GVariant.
|
|
+ Add change notification for the permissions store.
|
|
+ Don't unnecessarily grow the buffer when loading files.
|
|
+ Enabling gpg means require both signed commits and summaries.
|
|
+ Update summary after generating deltas.
|
|
+ Bump version to 0.5.0.
|
|
+ Update NEWS.
|
|
+ Add major_version to binary age.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 11 12:50:11 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.13:
|
|
+ Fix xml printing of nodes with no children.
|
|
+ Set xdg-app as the log domain.
|
|
+ docs: Add docs for shell sources.
|
|
+ Add a file header to bundles.
|
|
+ builder: Add builder_get_debuginfo_file_references.
|
|
+ builder: Build runtimes in /run/build-runtime.
|
|
+ builder: Add sources referenced from debuginfo into Debug
|
|
runtime.
|
|
+ Make /run/build and /run/build-runtime symlinks to the right
|
|
place.
|
|
+ build-bundle: Add metadata file as metadata element.
|
|
+ Fix typos in header.
|
|
+ common: Break out bundle loader to helper utility.
|
|
+ Remove unused variable.
|
|
+ lib: Add XdgAppBundleRef.
|
|
+ bundles: Verify that the header metadata matches the deployed
|
|
one at install.
|
|
+ common: Move part of bundle install to helper functions.
|
|
+ Remove origin repos on uninstall.
|
|
+ Add test scripts that create trivial a runtime and app.
|
|
+ Add make-test-bundles.sh.
|
|
+ bundles: Don't lock during pull.
|
|
+ lib: Add xdg_app_installation_install_bundle.
|
|
+ Fix some compiler warning (unused vars).
|
|
+ Allow specifying subdir of xdg dir, like:
|
|
--filesytem=xdg-download/subdir.
|
|
+ Support --filesystem=xdg-run/foo.
|
|
+ common: Break out xml appstream rewriting to helper functions.
|
|
+ Add appdata to test apps.
|
|
+ common: Add xdg_app_read_stream helper.
|
|
+ common: Add and use xdg_app_appstream_xml_root_to_data.
|
|
+ build-bundle: Extract appdata and icons into metadata.
|
|
+ lib: Add XdgAppBundleRef api to get appdata and icons.
|
|
+ build-update-repo: Add --generate-static-deltas option.
|
|
+ lib: Add xdg_app_bundle_ref_get_installed_size().
|
|
+ Update version to 0.4.13.
|
|
- Add libdwarf-devel BuildRequires: new dependency.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 11 12:49:56 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.12:
|
|
+ Update exports on uninstall too.
|
|
+ Pass location of exports to triggers as arg1.
|
|
+ Add option to disable sandbox triggers.
|
|
+ Update exports on uninstall via library too.
|
|
+ builder: Put all builds in a .xdg-app-builder/build subdir.
|
|
+ helper: If stdout is a tty, mount tty as /dev/console.
|
|
+ When rewriting Exec lines, don't use full bindir.
|
|
+ Revert "When rewriting Exec lines, don't use full bindir".
|
|
+ Allow overriding XDG_APP_BINDIR using make vars.
|
|
+ Work around race when doing first initial appstream checkout.
|
|
+ info: Fix support for system installed runtimes (typo).
|
|
+ Make system repo bare-user too, to avoid any chance of creating
|
|
setuid bits.
|
|
+ helper: drop caps in launcher.
|
|
+ builder: Report errors if eu_strip fails.
|
|
+ lib: Return GBytes from xdg_app_installed_ref_load_metadata().
|
|
+ lib: Add xdg_app_installation_get_path.
|
|
+ builder: Always create unversioned symlinks while building
|
|
modules.
|
|
+ builder: Add build_context_get_build_dir().
|
|
+ builder: Move CFLAGS/CXXFLAGS handling into BuilderOptions.
|
|
+ builder: Add support for --run to start a command in the
|
|
build dir.
|
|
+ builder: Support local archives with path property.
|
|
+ build-init: Support --tag=FOO.
|
|
+ builder: Support tags.
|
|
+ deploy: Add metadata tags to exported desktop files.
|
|
+ appstream: Add runtime, sdk and tags to appstream xml.
|
|
+ Add xdg_app_installation_get_remote_by_name.
|
|
+ Remove all appstream checkouts and mirrored refs when deleting
|
|
remote.
|
|
+ common: Add XDG_APP_CP_FLAGS_MOVE support.
|
|
+ Add docs for appstream-compose option.
|
|
+ builder: Support separating out locale data.
|
|
+ Move migrate_locales to builder-utils.c.
|
|
+ Migrate locales after importing parent runtime.
|
|
+ Add support for separated locales when creating platforms.
|
|
+ Always create /etc/passwd,group,resolve.conf,machine-id when
|
|
deploying.
|
|
+ Fix use after free.
|
|
+ helper: Put monitor path in /run/host instead of
|
|
/run/user/$uid.
|
|
+ When deploying, always make /etc/resolve.conf a symlink into
|
|
the monitor dir.
|
|
+ Release 0.4.12.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 16 09:59:06 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.11:
|
|
+ install: Fix assertion on runtime install
|
|
+ Release 0.4.11
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 16 09:58:55 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.10:
|
|
+ Fix some g_propagate_error typos
|
|
+ builder: Avoid reusing set GError
|
|
+ Make sure we export files during install
|
|
+ Updated for release
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 16 09:58:44 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.9:
|
|
+ install: Only set current for apps, not for runtimes
|
|
+ builder: Add shell source
|
|
+ helper: Make ~/.local/share/xdg-app writable again (if you have
|
|
homedir access)
|
|
+ builder: Use non-parallel-make option instead of looking at
|
|
.NONPARALLEL
|
|
+ Add xdg-app info command
|
|
+ builder: Store exact sdk commit id in the build cache and
|
|
manifest
|
|
+ lib: Fix crash during uninstall
|
|
+ install-app: Actually look for apps, not runtimes
|
|
+ common: Always resolve active symlink when looking up deploy
|
|
dir
|
|
+ Add app-path to the xdg-app-info in the sandbox
|
|
+ app-utils: typo
|
|
+ Don't export app-info files
|
|
+ builder: Use predictable names for build dirs
|
|
+ Make arches canonical
|
|
+ Bump version to 0.4.9
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 16 09:58:34 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.8:
|
|
+ update-repo: Escape text when writing xml
|
|
+ docs: Fix gtk-doc documentation
|
|
+ helper: Make user namespace support vs setuid a runtime, not
|
|
build-time option
|
|
+ Require some way to set cgroup for apps (currently systemd
|
|
--user)
|
|
+ Avoid gtk-doc warnings: multiple ID for constraint linkend
|
|
+ Complete documentation for XdgAppInstallation
|
|
+ Document the structs in libxdg-app
|
|
+ Fix some misc. gtk-doc warnings
|
|
+ lib: Add some missing docs
|
|
+ lib: Fix up doc details
|
|
+ Make xauth use optional
|
|
+ Finish the optional xauth work
|
|
+ Fix include order to build with older libsoup versions
|
|
+ helper: Update the error messages to not refer to
|
|
--disable-userns
|
|
+ utils: Fix nul termination of xdg_app_spawn output
|
|
+ builder: Skip checking out disabled submodules
|
|
+ builder: Style fixes
|
|
+ Build top-level directory before building documentation
|
|
+ Hide non-public symbols from libglnx and libxdgapp-common
|
|
+ Rename xdg-app-session.service to the recommended name
|
|
+ Add systemd user units corresponding to the D-Bus session
|
|
services
|
|
+ .gitignore: ignore tests and their results
|
|
+ test-doc-portal: split out global setup/teardown into functions
|
|
+ test-doc-portal: skip all tests if no FUSE
|
|
+ Consistently call g_assert_no_error before other assertions
|
|
+ Move XDG_APP_SYSTEMDIR to /var/lib/xdg-app or similar
|
|
+ Support a proxy on the system bus similar to the one on the
|
|
session bus
|
|
+ Disable gtkdoc-check by default for now
|
|
+ Distribute .service.in files in tarballs
|
|
+ Remove unset variable from EXTRA_DIST
|
|
+ Update tests' dependencies for commit 2f38ec65
|
|
+ Release 0.4.8
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 16 09:58:23 UTC 2016 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.7:
|
|
+ libglnx: Update to get glib 2.44 build fix
|
|
+ lib: Change how listing installed refs work
|
|
+ lib: Return GPtrArray from xdg_app_remote_list_refs_sync
|
|
+ lib: Always use "branch" not "version" in API
|
|
+ apps: Use "branch", not "version" when talking about app
|
|
branches
|
|
+ lib: get_current => get_is_current
|
|
+ lib: Move fetch_metadata_sync from RemoteRef to Remote
|
|
+ lib: Move app launching to XdgAppInstallation
|
|
+ lib: Move all sync operations from XdgAppRemote to
|
|
XdgAppInstallation
|
|
+ lib: Make list_remotes return a GPtrArray
|
|
+ lib: Add xdg_app_ref_format_ref
|
|
+ lib: Add xdg_app_installation_list_installed_refs_for_update
|
|
+ common: Add xdg_app_strcmp0_ptr and use it in all
|
|
g_ptr_array_sort calls
|
|
+ ls-remote: Support showing remote commit ids
|
|
+ list-*: Show active commit ids
|
|
+ app: Limit commit id output to 12 chars
|
|
+ app: Use space, not tab to delimit columns
|
|
+ app: Support --no-pull and --no-deploy in the install and
|
|
update commands
|
|
+ common: Add xdg_app_dir_read_latest helper
|
|
+ lib: Expose latest_commit on installed app and let you use it
|
|
+ lib: Always initialize the repo on Installation creation
|
|
+ lib: Add cancellable to Installation constructors
|
|
+ apps: Make it more obvious that system repo is default
|
|
+ list-remotes: Default to list only system remotes
|
|
+ install-bundle: Make the repo title shorter
|
|
+ lib/app: Add support for repo priorities
|
|
+ builder: Add --disable-updates
|
|
+ XdgAppDir: Touch .changes file each time something changes
|
|
+ lib: Add xdg_app_installation_create_monitor
|
|
+ XdgAppDir: Remove leftover spew
|
|
+ build-finish: Add --no-exports
|
|
+ build-export: Add --runtime commit support
|
|
+ build-export: Look in the right keyfile group when exporting
|
|
runtimes
|
|
+ add-remote: Fix typo in prio handling
|
|
+ add-remote: Fix typo in no-enumerate handling
|
|
+ build-export: FLAGS_GENERATE_SIZES when commiting
|
|
+ builder: Print all files removed by cleanup
|
|
+ builder: Use libelf to detect elf files
|
|
+ builder: Add support for separating out debuginfo
|
|
+ builder: Break out helpers for path matching
|
|
+ builder: Pass down keep-build-dirs via BuildContext
|
|
+ builder: Pass down global cleanups via BuildContext
|
|
+ builder: Match debuginfo files against regular cleanup patterns
|
|
+ builder: Clean up how the commit filters work
|
|
+ common: Move path_match_prefix to common
|
|
+ export: Support --exclude
|
|
+ builder: Create metadata.debuginfo if debug info exists
|
|
+ export: Allow custom source for "files" and "metadata"
|
|
+ run: Fix support for app extensions
|
|
+ builder: Add support for exporting with --repo=foo
|
|
+ export: Add docs for the new command line arguments
|
|
+ build-finish: Don't leave empty directories in the exports dir
|
|
+ helper: Print nicer error messages when user namespaces don't
|
|
work.
|
|
+ run: Be more flexible with --runtime option, and add
|
|
--runtime-version
|
|
+ helper: Add missing arguments to usage output
|
|
+ helper: Allow specifying initial cwd
|
|
+ build: Add --bind-mount and --build-dir arguments
|
|
+ builder: Run builds in /run/build/$modulename
|
|
+ helper: Align help output
|
|
+ builder: Add option to enable ccache use in build
|
|
+ builder: Pass --body, --subject and --gpg-sign to build-export
|
|
+ builder: Don't break if ccache not enabled.
|
|
+ builder: Add some more spew when exporting
|
|
+ builder: Fix handling of builddir
|
|
+ install: Fix printing of NULL in already-installed error
|
|
message
|
|
+ builder: Fix up cleanup matching
|
|
+ builder: Add support for rename-appdata-file option
|
|
+ build-finish: Export appdata files
|
|
+ builder: Change the way the cache is indexed
|
|
+ xdg-app: Deprecate install/update/uninstall-app/runtime
|
|
+ xdg-app: Update the command names and make nicer usage output
|
|
+ docs: Update for the new command names
|
|
+ Merge list-apps and list-runtimes into single list command
|
|
+ remote-ls: Regularize --runtime and --app user
|
|
+ completion: Update to the new cli commands
|
|
+ builder: Also apply cleanup to changes in usr
|
|
+ XdgAppDir: Add helper to fetch the size info for a commit
|
|
+ lib: xdg_app_installation_fetch_remote_size_sync
|
|
+ builder: Add some spew when downloading files
|
|
+ Better handling of the title in the summary
|
|
+ common: Add XdgAppTempDir which cleans up temporary directories
|
|
+ build-repo-update: Update appdata branch using appdata-builder
|
|
+ xdg_app_installation_list_remote_refs_sync: Don't crash on
|
|
weird refs
|
|
+ build-update-repo: Add --appdata update option
|
|
+ XdgAppDir: Document some args to xdg_app_dir_fetch_sizes
|
|
+ lib: Add xdg_app_installation_update_appdata_sync
|
|
+ builder: Don't delete the APPDIR directory
|
|
+ docs: Add missing full stops in xdg-app-builder manpage
|
|
+ cache: Remove target directory before checking out cache
|
|
+ build-export: Add --include option
|
|
+ builder: Correctly handling non-existing app dir when applying
|
|
cache
|
|
+ builder: Allow building runtime sdks (based on existing sdk)
|
|
+ Builder: Support commiting a platform
|
|
+ builder: Fix random crash due to uninitialized memory
|
|
+ cache: Don't fail to create cache if parent dir is not created
|
|
+ The plural of appdata is appstream
|
|
+ Add support to gpg sign summaries and appstream
|
|
+ builder: Handle modules with invalid refname characters in the
|
|
cache
|
|
+ override: Fix error if override file doesn't already exist
|
|
+ build-update-repo: Add --prune and --prune-depth options
|
|
+ override: Fix warning
|
|
+ Remove unused variables
|
|
+ Fix possible read of uninitialized variable
|
|
+ builder: Fix error with va_start use
|
|
+ builder: Remove leftover debug spew
|
|
+ lib: Add getter for installed size on InstalledRef
|
|
+ lib: Add xdg_app_remote_get_appstream_dir
|
|
+ build-finish: Fix exports
|
|
+ lib: update_appstream - work around main context issue
|
|
+ update-appstream: Don't fail badly if remote has not appstream
|
|
branch
|
|
+ lib: Allow passing NULL for remote name in update_appstream
|
|
+ appstream: Don't try to remove old appstream if it doesn't
|
|
exist
|
|
+ Revert "lib: Allow passing NULL for remote name in
|
|
update_appstream"
|
|
+ builder: Put debuginfo in the right place for runtimes
|
|
+ common: Add xdg_app_list_extensions util
|
|
+ run: Use the new xdg_app_list_extensions helper
|
|
+ build-init: Add --sdk-extension
|
|
+ builder: Support sdk-extensions
|
|
+ builder: Add platform-extensions
|
|
+ appstream: Add timestamp which is updated each time the
|
|
appstream is pulled
|
|
+ lib: Add xdg_app_ref_parse
|
|
+ build-finish: Export app-info, not appdata
|
|
+ build-update-repo: Update the appstream using a GMarkup parser
|
|
on the app-info files
|
|
+ utils: Extract the xml helpers
|
|
+ build: When using a writable /usr, don't use runtime extensions
|
|
+ xdg-app-utils: Add autocleanup for GZlib*
|
|
+ common: Add xdg_app_cp_a
|
|
+ build-init: Don't copy uid/gid when initializing a writable sdk
|
|
+ common: fix handling of no_chown in xdg_app_cp_a
|
|
+ build-init: Also use the new cp_a for sdk extensions
|
|
+ build-export: Never export files you can't read
|
|
+ builder: Add some spew before build-init
|
|
+ builder: Add spew when commiting to cache
|
|
+ XdgAppDir: Make sure we always constole end status lines that
|
|
we start
|
|
+ dir: Properly finish OstreeAsyncProgress objects
|
|
+ lib: Properly finishe OstreeAsyncProgress objects
|
|
+ update: Make both branch and name optional
|
|
+ Move the GZlib* autoptr backport to libglnx
|
|
+ builder: support using appstream-compose to create appstream
|
|
files
|
|
+ Always build libxmlapp
|
|
+ update-appstream: Fix crash in case there are no 128x128 icons
|
|
+ Update NEWS for release
|
|
+ Bump version to 0.4.7
|
|
- Add libelf-devel BuildRequires: new dependency.
|
|
- Split out new packages: libxdg-app0, typelib-1_0-XdgApp-1_0 and
|
|
a -devel package.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 24 01:03:35 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.6:
|
|
+ utils: Add xdg_app_supports_bundles
|
|
+ add build-bundle command
|
|
+ Add install-bundle command
|
|
+ Add completion for bundle ops
|
|
+ Drop dump-runtime command for now
|
|
+ Always make it possible to talk to the built in portals
|
|
+ Add xdg-app.pc file with variable for interfaces_dir
|
|
+ lib: Export xdg_app_context_set_session_bus_policy
|
|
+ deploy: Explicitly pull from the origin
|
|
+ Add autoptr cleanup backport for SoupUri
|
|
+ Handle PWD env var correctly when spawning apps/builds
|
|
+ build: Set fs access before applying args so you can
|
|
override it
|
|
+ Add xdg-app-builder
|
|
+ builder: Add --build-only argument
|
|
+ xdg-app-builder: Update docs
|
|
+ Correct license, we're LGPL 2+, not 3+
|
|
+ Remove unused helper function
|
|
+ xdg-app run: Fix support for --filesystem=~/dir
|
|
+ Support defining read-only filesystem access
|
|
+ portals: Only give blanket access to session-*.scope systemd
|
|
cgroup
|
|
+ Create xdg-app-info file in user runtime dir with effective
|
|
state
|
|
+ Add standard errors needed for portal
|
|
+ Rename lib/ to common/ in preparation for public xdg-app
|
|
library
|
|
+ builder: Add support for cmake and forced builddir
|
|
+ builder: Add more headers around the spew for each new module
|
|
+ builder: builddir != srcdir was broken becasue we never created
|
|
the buildir
|
|
+ builder: Fix typo in cmake support
|
|
+ Remove leftover semicolon
|
|
+ builder: Add submodule support for git sources
|
|
+ builder: Add post-install script support
|
|
+ builder: Add docs for post-install
|
|
+ Add script source type
|
|
+ builder: Support building from a subdirectory of the sources
|
|
+ Remove stray semicolons
|
|
+ xdg-app-utils: Correct SoupUri -> SoupURI typo.
|
|
+ builder: Build with "make", not "make all"
|
|
+ Update libglnx for new backports
|
|
+ Fix some warnings
|
|
+ builder: Fix build with g_autoptr backports
|
|
+ builder: Consider the build_option when checksumming
|
|
+ builder: Add support for copy-icon option
|
|
+ builder: Error out if rename_error is set but not found
|
|
+ builder: Don't use ":" in uri-as-filename
|
|
+ Docs: Fix some tiny typos
|
|
+ document portal: Add AddNamed method for host-side use
|
|
+ builder: Merge spawn helpers to single base helper
|
|
+ ls-remote: Remove unnecessary code
|
|
+ Initial version of libxdg-app
|
|
+ build: Fix include path for builddir != srcdir
|
|
+ build: Switch to olddir after autoreconf
|
|
+ builder: Be a bit more verbose when pulling VCS
|
|
+ builder: Prune old branches when updating mirror
|
|
+ Add introspection check
|
|
+ XdgAppDir: Add some helpers for handling remotes
|
|
+ list/ls-remotes: Use the new remote helpers
|
|
+ lib: Use the new remote helpers
|
|
+ Add introspection support to libxdg-app
|
|
+ Add xdg_app_dir_fetch_remote_title and remote old custom
|
|
summary fetcher
|
|
+ Annotate transfer rules for ambiguous return values
|
|
+ Add no-enumerate flag to remote and set if for bundle origin
|
|
remotes
|
|
+ lib: Make getters for XdgAppRemote return copies of strings for
|
|
options
|
|
+ helper: Allow exec on the tmpfs.
|
|
+ lib: Add XdgAppRemoteRef subclass
|
|
+ Generate the API reference for libxdg-app
|
|
+ Add XdgAppRemoteRef do docs
|
|
+ XdgAppDeploy: Fix wrong types in finalizer
|
|
+ common: Move typedef to separate header to avoid circular deps
|
|
+ Remove unused variable
|
|
+ Move most of builtins-run to xdg_app_run_app helper
|
|
+ common: Clean up xdg_app_run_app()
|
|
+ helper: Mount dconf run dir writable, as dconf needs this.
|
|
+ xdg_app_run_app: Handle error == NULL
|
|
+ lib: Add xdg_app_installed_ref_launch()
|
|
+ lib: Add remote_name to XdgAppRemoteRef
|
|
+ lib: Rename xdg_app_remote_list_refs to
|
|
xdg_app_remote_list_refs_sync
|
|
+ lib: Add some more debug spew to test-lib
|
|
+ lib: xdg_app_remote_fetch_ref_sync
|
|
+ lib: Always load installed ref metadata each time
|
|
+ lib: Add XdgAppDir to RemoteRef private
|
|
+ lib: Fix declaration of xdg_app_installed_ref_load_metadata
|
|
+ lib: Add xdg_app_remote_ref_fetch_metadata_sync helper
|
|
+ lib: Minor indentation cleanups
|
|
+ lib: Add xdg_app_installation_load_app_overrides()
|
|
+ common: Make it explicit that XdgAppError are portal errors
|
|
+ builder: Allow git uris to be relative to the base directory
|
|
+ common: Make XdgAppDir soup session initilization threadsafe
|
|
+ builder: Make the builder manifest objects serializable to json
|
|
+ builder: Break out download_uri helper function in SourceFile
|
|
+ builder: Allow optionally specifying remote file sources
|
|
+ builder: Use SoupRequest to simplify download helpers
|
|
+ builder: Support data: uri for files
|
|
+ builder: Support specifying revision in bzr sources
|
|
+ builder: Support specifying commit ids as git branches
|
|
+ Builder: Add a resolved version of the manifest to the built
|
|
app
|
|
+ builder: Add --keep-build-dirs option
|
|
+ builder: Remove accidental leftover spew
|
|
+ builder: After fetching the mirrored git repo, set back the
|
|
right origin
|
|
+ completion: Fix completion of apps/runtimes in a remote
|
|
+ completion: Fix completion for xdg-app run
|
|
+ builder: Fix build with old glib
|
|
+ lib: Fix build with older glib
|
|
+ builder: Fix typo in patch applying
|
|
+ lib: Better fix for old glib
|
|
+ app: Fix warning if building with --disable-userns
|
|
+ lib: Fix compiler warning in test app
|
|
+ common: Fix compiler warning when built with --disable-userns
|
|
+ XdgAppDir: Add set_origin helper function
|
|
+ Bump libglnx to latest version
|
|
+ lib: Add xdg_app_installation_install
|
|
+ app: Clean up leftover removes after updates too
|
|
+ lib: Add xdg_app_installation_update
|
|
+ Fix unused variable warnings
|
|
+ helper: Properly unescape strings
|
|
+ lib: Add xdg_app_dir_undeploy_all and xdg_app_dir_remove_ref
|
|
helpers
|
|
+ common: Add xdg_app_compose_ref helper
|
|
+ Use xdg_app_compose_ref helper
|
|
+ lib: Add xdg_app_installation_uninstall
|
|
+ common: Add and use xdg_app_dir_deploy_update()
|
|
+ lib: Add custom GError codes
|
|
+ lib: Use the new installed/not-installed custom GErrors
|
|
+ Add lock file for each xdg-app dir.
|
|
+ builder: Allow specifying custom prefix
|
|
+ build-init: Allow writable sdk
|
|
+ builder: Support writable-sdk option
|
|
+ builder: Don't fsync on cache checkouts
|
|
+ builder: Store the cache in BARE_USER mode
|
|
+ lib: Fix return value type warnings
|
|
+ Bump version to 0.4.6
|
|
+ Add missing EXTRA_DIST to pass distcheck
|
|
+ builder: Add cleanup-command property
|
|
+ Add --enable-libxdgapp configure flag and disable lib by
|
|
default
|
|
+ Update NEWS for 0.4.6
|
|
- Add gobject-introspection-devel and pkgconfig(json-glib-1.0)
|
|
BuildRequires: new dependencies.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 24 01:03:09 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.5:
|
|
+ build-export: Add support for signing build
|
|
+ docs: Fix whitespace issues
|
|
+ helper: Correctly zero terminate symlink targets
|
|
+ helper: Also copy extra symlinks from /
|
|
+ Always regenerate summary after export-build
|
|
+ document-portal: Fix warning
|
|
+ uninstall: Don't fail if there is no origin
|
|
+ utils: Add xdg_app_decompose_ref()
|
|
+ Always remove all leftover app/runtime traces on uninstall
|
|
+ Correct capitalization on dbus interface filename
|
|
+ Install dbus introspection files
|
|
+ Move dbus invocation peer app detection to lib/
|
|
+ build-export: add human readable format to "Content Bytes
|
|
Written"
|
|
+ helper: give xdg-app process access to /dev/ptmx
|
|
+ helper: match whitespace to other options
|
|
+ helper: unblock SIGCHILD before execvp() of child
|
|
+ Create custom /etc/passwd and /etc/group with minimal content
|
|
+ Update to 0.4.5
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 05 13:22:12 UTC 2015 - fcrozat@suse.com
|
|
|
|
- Update to version 0.4.4:
|
|
+ build: Fix srcdir != builddir from git
|
|
+ build-export: Strip out uid/gid and xattrs
|
|
+ fuse: Disable entry cache to work around race condition
|
|
+ helper: Handle existing mounts with escaped characters
|
|
+ Propagate Xauthority details to the sandbox if X11 is enabled
|
|
- Add pkgconfig(xau) to BuildRequires.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 05 13:21:25 UTC 2015 - fcrozat@suse.com
|
|
|
|
- Update to version 0.4.3:
|
|
+ Accept -d as --show-details in all commands that support it
|
|
+ Fix regression is dbus proxy
|
|
+ utils: Add xdg_app_fail
|
|
+ Add --nofilesystem commandline arg
|
|
+ Make usage_error return FALSE
|
|
+ Add xdg-app dump-runtime command
|
|
+ cleanup: Remove trivial use of goto out
|
|
+ cleanup: Remove unused variables
|
|
+ cleanup: Simplify code using xdg_app_fail
|
|
+ Make sure we build against older ostree (without gpg import)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 05 13:20:48 UTC 2015 - fcrozat@suse.com
|
|
|
|
- Update to version 0.4.2:
|
|
+ run: When creating /etc symlinks, don't make symlinks to
|
|
symlinks
|
|
+ xdg-app build: Support extensions
|
|
+ run: Fix handling of which filesystems you can access
|
|
+ remove some unused code
|
|
+ run: Add /var/config and /var/data to sandbox
|
|
+ add-remote: Allow specifying local pathname instead of uri
|
|
+ Make seccomp optional
|
|
+ Update to libglnx for new autocleanup backports
|
|
+ Add xdg-app enter command
|
|
+ Move table printer to xdg-app-utils.c
|
|
+ list-remotes: Add support for listing both user and system
|
|
remotes
|
|
+ list-apps/runtimes: User table printer
|
|
+ bash_completion: Properly list apps when completing "run"
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 30 09:26:04 UTC 2015 - zaitor@opensuse.org
|
|
|
|
- Own %{_datadir}/dbus-1 and subfolder for openSUSE Tumbleweed.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 21 14:29:36 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.1:
|
|
+ run: Allow perf and ptrace in debug and build mode.
|
|
+ Mount nvidia device nodes in sandbox if dri allowed
|
|
+ tests: Use check_PROGRAMS as the primary
|
|
+ fuse: Supply mode when creating files
|
|
+ Support version= in extension metadata
|
|
+ Update NEWS and version to 0.4.1
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 21 14:29:17 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.4.0:
|
|
+ Import xdg-document-portal from github repo
|
|
+ Add GetMountPoint method for document portal
|
|
+ Automatically start and mount document portal in sandbox
|
|
+ document-portal: *always* use the by-app location
|
|
+ Don't list empty names in opendir
|
|
+ Change dbus name of session helper to org.freedesktop.XdgApp
|
|
+ Rename dbus file to org.freedesktop.XdgApp
|
|
+ Move gvdb to lib/
|
|
+ gvdb: Add gvdb_table_get_content
|
|
+ Initial version of XdgAppDb
|
|
+ Initial tests of the db
|
|
+ Add XdgAppError
|
|
+ Initial version of permission store
|
|
+ Make document portal use the new permission store
|
|
+ Switch document portal to use strings for document ids
|
|
+ Document portal: Store paths, not uris
|
|
+ Drop the xdp specific errors and use the xdg-app ones
|
|
+ Remove ununsed variables reported by clang
|
|
+ dbus-proxy: Fix flags arg passed to g_socket_receive_message
|
|
+ dbus-proxy: Fix incorrect check of name policy
|
|
+ dbus-proxy: Avoid clang warning
|
|
+ Fix type of return
|
|
+ Fix error check of policy parsing
|
|
+ Fix const marking of string arrays.
|
|
+ utils: Add AUTOLOCK macro
|
|
+ autogen: Fix git submodules
|
|
+ Update libglnx, use its copy of backports
|
|
+ Use g_auto(GStrv) instead of glnx_strfreev
|
|
+ helper: Add perf and ptrace to seccomp blacklist
|
|
+ Markup AUTOLOCK with unused to avoid warnings
|
|
+ fuse: Make filesystem multithreaded
|
|
+ Add xdg_app_mkstempat
|
|
+ Store and verify parent dir dev/ino and pass O_PATH fds
|
|
+ Add xdg-app export-file to export files with the document
|
|
portal
|
|
+ Add debug output for release
|
|
+ fuse: Always open files with O_NOFOLLOW
|
|
+ document-portals: Support unique documents
|
|
+ document-portal: Use xdg_app_is_valid_name() to validate app
|
|
names
|
|
+ export-files: Allow specifying app permissions
|
|
+ document-portal: Actually respect WRITE permissions
|
|
+ Add check-valgrind target
|
|
+ db: Fix leak
|
|
+ export-file: Fix leak
|
|
+ Add minimal document portal tests
|
|
+ fuse: Unmount previous fuse instance if ENOTCONN
|
|
+ fuse: Add daemonizing switch
|
|
+ test-doc-portal: Launch the portal manually
|
|
+ fuse: Properly invalidate inodes and entries
|
|
+ fuse: Raise entry cache times now that we invalidate
|
|
+ fuse: Add some more debug spew
|
|
+ document-portal: Allow dbus owner replacing
|
|
+ document portal: Move locking explicitly into portal handlers
|
|
+ export-file: Print the full document pathname
|
|
+ document portal: Correctly handle recursive documents
|
|
+ fuse: Drop DOC_DIR_INO_CLASS
|
|
+ test-doc-portal: Fix unique boolean arg
|
|
+ fuse: Add some more debug spew
|
|
+ test-doc-portal: Work around GTestDbus env unsetting
|
|
+ test-doc-portal: Add recursive file export test
|
|
+ XdgAppContext: Properly handle masking things from parent
|
|
context
|
|
+ run: Correctly report errors talking to document portal
|
|
+ document portal: Fix crashes when dbus activated
|
|
+ run: Never propagate DISPLAY if X socket not requested
|
|
+ run: Read per-app override metadata file
|
|
+ build-finish: Don't export hidden or backup files
|
|
+ XdgAppContext: Always initialize bitfields
|
|
+ run: Support system overrides as well as per-user
|
|
+ create dirs with 755, not 777
|
|
+ Add new override builtin to override app permissions
|
|
+ lib: Handle libsoup now having built-in autocleanup support
|
|
+ add modify-remote command
|
|
+ list-remotes: Add more details to remotes list
|
|
+ Fix unused label warning
|
|
+ Add XdgAppChainInputStream based on ostree version
|
|
+ add/modify-remote: Support importing trusted gpg keys
|
|
+ list-remotes: Separate columns with tab
|
|
+ docs: Update remote related docs
|
|
+ list-remotes: Use --show-details instead of --details
|
|
+ Rename repo-contents to ls-remote
|
|
+ Update docs for new/changes interface
|
|
+ bash completion: Update to match the lastest options
|
|
+ bump version to 0.4.0
|
|
+ Updated NEWS for release
|
|
+ document portal: Add support for transient documents
|
|
+ Fix distcheck issues
|
|
- Drop 0001-Finish-switch-to-glibc-s-xattr.patch: fixed upstream.
|
|
- Add pkgconfig(fuse) BuildRequires: new dependency.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 10 07:48:18 UTC 2015 - opensuse-packaging@opensuse.org
|
|
|
|
- Update to version 0.3.6:
|
|
+ helper: Fix typo in the socket-family blacklist.
|
|
+ run: Make users fonts appear in /run/host/user-fonts.
|
|
+ helper: Disable socket filters on x86.
|
|
+ Write user-dirs.dirs under app's XDG_CONFIG_HOME.
|
|
+ helper: Mount extra dirs/files only after all other mounts are
|
|
up.
|
|
+ helper: Add all possible architectures to seccomp filter.
|
|
+ Restructure directories and build.
|
|
+ Add NEWS file.
|
|
+ If home is accessible, make user-dirs.dir visible in custom
|
|
config dir.
|
|
+ Bump version to 0.3.6.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 14 08:56:22 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.3.5:
|
|
+ update: Don't remove existing deployment if there was no updates
|
|
+ Bump version to 0.3.2
|
|
+ helper: Keep any existing old mount flags when remounting
|
|
+ helper: Remove noremount hack now that we keep old mount flags
|
|
+ helper: No need for a tmpfs on /dev these days
|
|
+ configure: Add checks for docbook xsl/dtd
|
|
+ Bump version to 0.3.3
|
|
+ Avoid unnecessary escapes in desktop file exports
|
|
+ Bump version to 0.3.4
|
|
+ xdg-app.sh: /usr/local/share is also in the default
|
|
XDG_DATA_DIRS
|
|
+ Add xdg-app.env file for gdm
|
|
+ profile: Don't override pre-existing XDG_DATA_DIRS env vars
|
|
+ Bump version to 0.3.5
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 09 07:55:25 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.3.1:
|
|
+ helper: Clean up launched command line
|
|
+ Bump version to 0.3.1
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 02 12:25:36 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.3+git.20150602.d781e27:
|
|
+ Add a README
|
|
+ Make symlinks lib64 -> usr/lib64, etc if those exist in the
|
|
runtime
|
|
+ Fix debug message format string
|
|
+ dbus proxy in progress
|
|
+ Parse dbus headers
|
|
+ Add some minimal policy on send/receive
|
|
+ Flesh out filtering
|
|
+ DBusProxy: Add non-filtering mode
|
|
+ Add wildcard policies
|
|
+ Better handling of fd passing
|
|
+ dbus-proxy: Add some test policy
|
|
+ Break out dbus proxy implementation to separate file
|
|
+ Make xdg-dbus-proxy talk command line args and install it
|
|
+ Only print headers when logging
|
|
+ Allow runtime and apps to override environment variables
|
|
+ Don't clear the [Vars] group in build-finish command and
|
|
improve error reporting
|
|
+ Ignore errors in add_env_overrides()
|
|
+ Actually unset the env variable when the value is empty
|
|
+ Report error when --var option is missing '='
|
|
+ Close any unexpectedly inherited fds in helper monitor and
|
|
init.
|
|
+ xdg-dbus-proxy: Add support for syncing via fd
|
|
+ Fix path generation when recursively exporting a directory
|
|
+ xdg-app-helper: Add -S fd support
|
|
+ xdg-app run: use a dbus proxy if needed
|
|
+ Clean up filtering and allow all messages from bus to client
|
|
+ xdg-app-proxy: Only allow replies from the bus that we
|
|
requested
|
|
+ xdg-app-proxy: Only allow pending replies from client
|
|
+ xdg-app-proxy: Large rewrite of docs comment
|
|
+ xdg-app-proxy: Don't filter unicast signals
|
|
+ proxy: Don't forward method returns and errors with no
|
|
reply_serial
|
|
+ proxy: Ensure that we SEE from peers we've gotten messages from
|
|
+ proxy: unlink socket on exit
|
|
+ proxy: Free some members on finalize
|
|
+ proxy: Send initial AddMatch and GetNameOwner to handle policy
|
|
+ proxy: Remove unneeded code for old name tracking
|
|
+ Update docs wrt new ownership tracking code.
|
|
+ proxy: Fully support policies for wildcarded names
|
|
+ proxy: Update docs
|
|
+ Some typo fixes
|
|
+ Add missing space
|
|
+ proxy: Fix double-free of socket control messages
|
|
+ XdgAppDir: Add XdgAppDeploy helper object
|
|
+ Add xdg_app_find_deploy_for_ref
|
|
+ builtins-run: Use XdgAppDeploy
|
|
+ Move setting of env vars from helper to launcher
|
|
+ build: Use an strv for envp instead of a GPtrArray
|
|
+ Add xdg_app_run_apply_env_vars() helper
|
|
+ build: Apply runtime env vars
|
|
+ builtin-run: Switch over to same env helpers
|
|
+ More special casing of LD_LIBRARY_PATH
|
|
+ Support filtering of session bus
|
|
+ metadata: Rename [Vars] to [Environment Vars]
|
|
+ build-init: Don't fail if /var/run already exists
|
|
+ xdg-app build: Bind mount host resolv.conf during builds
|
|
+ Only warn if removing old commits fail
|
|
+ Bump version to 0.2
|
|
+ Fix a typo
|
|
+ Fix build with old glib
|
|
+ helper: Bind mount /sys subset
|
|
+ Add a simple profile.d snippet for XDG_DATA_DIRS
|
|
+ proxy: Minor cleanup for first byte case
|
|
+ proxy: Properly detect authentication end
|
|
+ proxy: Always read all incomming socket messages on each
|
|
mainloop callback
|
|
+ proxy: Always send all possible queued messages in main
|
|
callback
|
|
+ build: Fix srcdir != builddir from git
|
|
+ Bump version to 0.2.1
|
|
+ Change /self to /app
|
|
+ Add new XdgAppContext helper object
|
|
+ Convert all builtins to the new metadata/arg formats using
|
|
XdgAppContext
|
|
+ Make extra_dirs and lock_dirs dynammic
|
|
+ helper: Add support for read/write extra dirs
|
|
+ Add support for persistent homedirectory dirs
|
|
+ helper: If old CWD is not mapped, use $HOME
|
|
+ helper: Add support for moving files into sandbox
|
|
+ Context: Finish support for filesystems
|
|
+ run: Remove hardcoded GI_TYPELIB_PATH
|
|
+ helper: Remove backwars compat /self symlink
|
|
+ Update docs for new run command line options
|
|
+ helper: Fix errors caused by create_file() return value change
|
|
+ build: Always allow host fs access
|
|
+ build: Remove duplicated helper arguments
|
|
+ Bump version to 0.3.0
|
|
+ run: Fix typo that broke env var support
|
|
+ helper: Only call get[ug]id() once at the start
|
|
+ helper: Drop setuid and use user namespaces
|
|
+ helper: Minor cleanup of uid/gid handling
|
|
+ helper: Optionally add back setuid support
|
|
+ Add xdg_app_dir_get_origin() helper
|
|
+ Use xdg_app_dir_get_origin helper
|
|
+ Show source repo when listing apps and runtimes
|
|
+ Show version when listing apps and runtimes
|
|
+ Make /var/cache persistent (in app-data cache dir)
|
|
+ helper: Fix thinko due to create_file() return type change
|
|
+ helper: Make all helper functions static
|
|
+ Use seccomp to limit allowed syscalls
|
|
+ helper: Make ~/.local/share/xdg-app read-only in sandbox
|
|
+ helper: Don't fail if ~/.local/share/xdg-app does not exist
|
|
+ run: If session helper not available, bind-mount
|
|
/etc/resolv.conf
|
|
- Add pkgconfig(libseccomp) BuildRequires: new dependency.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 8 20:42:14 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Add ostree Requires: xdg-app can't start without its presence.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 08 09:46:56 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.1+git.20150407.fc8db2b:
|
|
+ Add COPYING to reflect license headers
|
|
+ Pass name into build-init and store in metadata
|
|
+ build-finish: Only export files with app-id prefix
|
|
+ Switch to using glibc xattrs.
|
|
+ Remove dead code in xdg-app-builtins-build-finish.c.
|
|
+ Remove dead code xdg-app-builtins-build-init.c.
|
|
+ Remove dead code xdg-app-dir.c.
|
|
+ xdg-app-builtins-list.c: Cleanup comma separator code
|
|
- Add 0001-Finish-switch-to-glibc-s-xattr.patch: complete port of
|
|
libgnx to xattr.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 23 13:11:29 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.0.1~20150323:
|
|
+ Mount system fonts in /run/host/fonts
|
|
+ deploy: Split the file rewriting and prefix checkout out from
|
|
the exporting
|
|
+ Move update_exports out of deploy/undeploy
|
|
+ Remove old code handling per-app data
|
|
+ Add xdg_app_dir_list_refs[_for_name] helpers
|
|
+ builtins-list: Use the new helper to list refs
|
|
+ uninstal: Fix the cleanup of empty dirs
|
|
+ Track which branch of an app is current
|
|
+ Add make-app-current
|
|
+ Make sure we initialize variables that auto-cleanup
|
|
+ xdg-app-dir: Move exports to update_exports
|
|
+ Import libglnx
|
|
+ Convert to g_autoptr
|
|
+ Use cleanup macros from libglnx
|
|
+ Switch to GLnxDirFd
|
|
+ Use glnx_set_error_from_errno
|
|
+ Use g_steal_pointer
|
|
+ Check for libattr header
|
|
+ fixup g_steal_pointer use
|
|
+ Fix dist
|
|
+ Require ostree 2015.3
|
|
+ helper: Manually apply bind flags recursively
|
|
+ Bump version to 0.1
|
|
+ Fix build on older glib
|
|
+ Add copyright headers
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 06 11:53:38 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Update to version 0.0.1~20150305:
|
|
+ Fix warning in add-remote if no summary.
|
|
+ Look for libcap pkg-config file for cflags to ensure we have
|
|
the headers.
|
|
+ Revert "Look for libcap pkg-config file for cflags to ensure we
|
|
have the headers".
|
|
+ Check for sys/capability.h via AC_CHECK_HEADER instead.
|
|
+ Run each app in a custom systemd user scope (if available).
|
|
+ xdg-app-helper: Flesh out usage output.
|
|
+ xdg-app-helper: Sort the command line parsing.
|
|
+ Mount /run/media if mount-host-fs.
|
|
+ Add metadata option to limit DRI access.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 19 17:05:02 UTC 2015 - dimstar@opensuse.org
|
|
|
|
- Initial package.
|
|
|