Mailinglist Archive: opensuse-factory (649 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20170810 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20170810

When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.

Packages changed:
SDL2
WindowMaker-applets
ceph (12.1.1+git.1500447879.e5aac115d7 -> 12.1.2+git.1501684697.aa6b0153ef)
cmake
flatpak (0.9.1 -> 0.8.7)
fontconfig (2.12.3 -> 2.12.4)
gd (2.2.3 -> 2.2.4)
gdk-pixbuf (2.36.6 -> 2.36.7)
gnome-documents (3.24.2 -> 3.24.3)
gnome-keyring
goffice (0.10.34 -> 0.10.35)
hexchat (2.12.3 -> 2.12.4)
hylafax+
installation-images-Kubic (14.320 -> 14.323)
java-1_8_0-openjdk (1.8.0.141 -> 1.8.0.144)
libdnet
libostree (2017.3 -> 2017.8)
libotf
libqb (1.0.1+git20170306.59eacf0 -> 1.0.2)
libvirt (3.5.0 -> 3.6.0)
nfs-utils
pkcs11-helper (1.11 -> 1.22)
polari (3.24.1 -> 3.24.2)
python-cryptography (1.9 -> 2.0.3)
python-enum34 (1.1.3 -> 1.1.6)
python-numpy
rollback-helper
scim (1.4.15+git20150804.187a1fd -> 1.4.18)
sendmail
texlive
yast2-instserver (3.1.5 -> 3.3.0)

=== Details ===

==== SDL2 ====

- Do not BuildRequires pkgconfig(fcitx) on SLE (not shipped anymore
since SLE12 SP2).

==== WindowMaker-applets ====

- Fix invalid XPM icon paths in /etc/wmmount
bsc#1046193: wmmount doesn't start
- Modified: wmmount-1.0-beta2.dif

==== ceph ====
Version update (12.1.1+git.1500447879.e5aac115d7 ->
12.1.2+git.1501684697.aa6b0153ef)
Subpackages: librados2 librbd1

- Update to version 12.1.2+git.1501684697.aa6b0153ef:
+ upstream luminous v12.1.2 release candidate
+ latest upstream master (e27a78c9ed3984b54a312ced3ad67fcc8f464fc0)
* mon: add mgr metdata commands, and overall 'versions' command for all
daemon versions (bsc#1050063, pr#16460)
- Update to version 12.1.1+git.1501669490.04d0738487:
+ mon: extensible output format for health checks
- Update to version 12.1.1+git.1501501507.6dd9e8fd8c:
+ update to latest upstream master (fa70335db25f2b661b329d5d8f37039b77f2d1ae)
+ spec file:
* build/ops: rpm: Drop legacy libxio support (pr#16449)
+ Other notable changes:
* osd: moved OpFinisher logic from OSDOp to OpContext (pr#16617)
- Update to version 12.1.1+git.1501231943.67577225bc
+ Notable changes:
* rgw_file: properly & |'d flags (bsc#1047977)

==== cmake ====

- Buildrequire libcurl-mini-devel for TW to avoid cycles

==== flatpak ====
Version update (0.9.1 -> 0.8.7)
Subpackages: flatpak-builder libflatpak0

- Update to version 0.8.7:
+ This is a minor security update, matching the behaviour on
master where we avoid ever creating setuid files or
world-writable directories. However, the fix is more localized
and does not require a new ostree.
+ After pulling from a remote, always verify that the staged new
files and directories have safe permissions.
+ Ensure ~/.local/share/flatpak is not readable to other users,
to avoid anyone ever seeing possibly world-writeable
directories therein.
+ Fix double-setting a error in case of errors when pulling.
+ Fix timeout in testcase.
- Update to version 0.8.6:
+ TMPDIR is now unset in the sandbox, if set on the host. Each
sandbox has a personal /tmp that is used.
+ Flatpak run now works if /tmp is a symlink on the host.
+ /etc/hosts and /etc/hosts.conf from the host are now exposed in
the sandbox in addition to /etc/resolv.conf.
+ flatpak now stores the app id in the X-Flatpak key when
exporting a desktop file.
+ Exports are now whitelisted, and the only thing you can
export are: desktop files, icons, dbus services.
This is somewhat different from the 0.9.x series, where als
mime definitions, and gnome-shell search providers are allowed.
+ Fixed minor race condition in portal application
identification.
+ Support WAYLAND_DISPLAY environment var.
+ dbus-portal: Fix handling of NameHasOwner.
+ run: Allow regular files for --filesystem=xdg-config/path.
+ run: Allow --filesystem=xdg-config/subdir:ro (previously
it needed to be writable).
+ Support for updating to new gpg keys and url when using
flatpak remote-modify --update-metadata. This is a manual
operation in 0.8.x but is automatic in the 0.9.x series.
- Update to version 0.8.5:
+ Fixed a use-after-free and some leaks in the dbus-proxy. This
is not currently believed to be exploitable, but the proxy is a
security boundary, so we still recommend to update.
+ Regular updates now never allow updates to an older version
than what is currently installed (unless you explicitly specify
an old commit id). This closes a hole where a MITM attacker can
force clients to downgrade to an earlier (gpg-signed) version
of the application.
+ The automatic detection of --from in flatpak install now
detects flatpakref extensions even in URIs that end in a query
string such as
https://git.gnome.org/browse/gnome-apps-nightly/plain/gedit.flatpakref?h=stable
+ The detection of "unmaintained" system extensions was broken,
and in some cases these extensions were not found. This now
always works.
+ Flatpak now builds with latest OSTree. This required some
fixing for multiple definitions of the g_auto* macros as OSTree
now exports those.
+ We no longer rely on ostree trivial-httpd for the tests,
because this is optional in later versions of ostree. Instead
we use the python SimpleHTTPServer.
+ The minimum glib version has been corrected to 2.44.
+ The minumum automake version has been increased to 1.13.4
because some older version didn't work.
- Update to version 0.8.4:
+ Fix no-systemd-user warning (it doesn't affect sandboxing
anymore).
+ run: propagate wildcard xauth entries to app bundle.
+ Don't remove origin remotes if some other ref uses it.
+ Fix repeated download of locates on update.
+ update: Don't update related refs from different remote.
+ Initialize g_autofree string to NULL, not to crash when early
returning.
+ document portal: Disable spice_read as it seems broken.
+ Return the container from flatpak_get_system_installations().
+ Don't include newlines in error messages.
+ utils: Fix list_unmtainained_refs.
+ Avoid possible null dereference.
+ utils: Fix flatpak_bundle_load typo.
+ list: Don't check error twice.
+ list-remotes: Handle remotes with no url specified.
+ run: Handle error when enumerating /etc.
+ zero-mtime: Handle error when enumerating directory.
+ Fix error check when loading configuration.
+ Support runtime-less extra-data.
+ flatpak_list_extensions: Break out code into helper.
+ extensions: Support multiple versions.
+ Append flatpak data dirs if XDG_DATA_DIRS is already set
(gh#flatpak/flatpak#611).
+ appstream: Don't add runtime to flatpak bundle tag for
runtimes.
+ Split extra-data setup and fetch.
+ Improve progress calculation.
+ profile: Don't add flatpak to XDG_DATA_DIRS if its already
there.
+ Updated translations.
- Drop flatpak-propagate-xauth-wildcard.patch: fixed upstream.
- Update to version 0.8.3:
+ In addition to the regular list of bugfixes this stable release
include backports of the updated OpenGL support from master.
This, in combination with the work in the runtime allows
flatpak to work out of the box with out-of-tree OpenGL drivers,
including the nvidia driver.
+ Additionally, due to some complicated issues wrt ptrace and
user namespaces this version disables the use of user
namespaces if bubblewrap is setuid, as it cause problems for
the way flatpak portals identifies applications.
+ Better handling of errors for extra-data.
+ Handle extra-data properly for runtimes (as well as apps).
+ Respect required version for runtimes (as well as apps).
+ flatpak list: Don't break if some local ref is not deployed.
+ builder:
- Look for appstream data in /app/share/metadata also.
- Fix buildsystem=cmake builds.
+ Add progress reporting to extra-data download.
+ Fix uid/gid for directories in document portal.
+ Updated translations.
- Add flatpak-propagate-xauth-wildcard.patch which ensures
applications have the right to communicate with the X server.
(gh#flatpak/flatpak#569).
- Update to version 0.8.2:
+ This is a bugfix and security update:
- Some of the bind-mounts that flatpak sets up were not
read-only as they should have. This includes: extensions,
system fonts, resolv.conf, localtime and machine-id. Many of
these are typically only writable by root, but some, like the
user-specific fonts and user-installed extensions could be
modified from the sandbox.
+ Other fixes:
- There are new configure options for where to install dbus
configuration.
- Broken symlinks in the root directory no longer break flatpak
run.
- flatpak run with HOME in /var now works.
- dri access now also handles mali devices.
- install handles --arch when installing flatpakrefs.
- system-helper activation fixed on systemd-less setups.
- dbus-proxy now works without /run.
- During installation, failing to update a dependency is now
not fatal.
- /etc is now fully writable when building runtimes.
- --filesystem=xdg-config/foo now sets up the bind-mount from
the host dir even when not using :create.
- Update to version 0.8.1:
+ This is a bugfix and security update (CVE-2017-5226):
- Flatpak now uses seccomp to disallow the TIOCSTI ioctl in the
sandbox, which works around the possibility to inject text on
the controlling tty (CVE-2017-5226).
- This was previously fixed in bubblewrap in 0.1.6, but that
change has now been reverted as it introduced other problems
for flatpak.
+ Update bundled bubblewrap to 0.1.7.
+ Fix writing new file with O_EXCL in the document portal.
+ Allow appstream data that doesn't have .desktop in the
component id, such as data for runtimes.
+ Drop json-glib dependency from 1.2 to 1.0.
+ Builder: Fail if unable to read included file.
+ OCI: Ensure exported layers are readable by everyone.
+ Fix extra-data download in gnome-software.
+ Fix update-mime-database trigger when installing via the system
helper.
+ Updating an app by installing a newer bundle now works again.
+ Make /var/tmp not be on a tmpfs (it is now in
~/.var/app/$appid/cache/tmp).
+ Updated documentation.
+ Updated translations.
- Update to version 0.8.0:
+ This is the first release in a new series of stable releases
called 0.8.x. New features will be added to 0.9.x, and only
bugfixes will be backported to 0.8.x. The featureset of this
release is a good base to target if you're creating flatpaks
that should be widely usable.
+ This release technically requires only OSTree 2016.14, and it
build fine with this, but we recommend using OSTree 2016.15,
because of the change in how it verifies the checksums of
commits in delta files.
+ Flatpakrepo files now support a RuntimeRepo= key which points
to a flatpakrepo file. This means the user don't have to
manually configure a remote for the runtime, just reply to the
prompt to automatically do this when installing the app.
+ We now support dependencies when installing bundles. This
includes required runtimes, related refs, and the equivalent of
RuntimeRepo.
+ The support for OCI in flatpak has been updated to the latest
OCI spec version, and support has been added to directly
install flatpak applications from an OCI image.
+ In flatpak install, the --from and --bundle options are now
optional if the argument has the correct suffix (.flatpakref
and .flatpak).
+ Flatpak install now supports -y to let you avoid interactive
prompts.
+ build-finish:
- We now export mime type files with the right name.
- New --require-version option let you specify a particular
version of flatpak, and older version of flatpak will not
install or update to the new version.
+ build-sign: Allow signing all apps by omitting the id.
+ Fix regression in the document portal when adding named files.
+ build-import-bundle now signs the commit if you specify a gpg
key.
+ Flatpak now reads configuration from
/etc/flatpak/installations.d which lets you support multiple
system-level installation paths. These can be accessed with
new --installation=... arguments to most of the commands.
+ flatpak-builder:
- Support --jobs=N to limit parallel builds.
- Patch source got new options property that lets you pass
arguments to patch.
- New generic "buildsystem: type" option that replace the (now
deprecated) "cmake: true" option. This supports "autotools",
"cmake" and "meson".
- Update to version 0.6.14:
+ Update bundled bubblewrap to 0.1.4 which has some nice
bugfixes.
+ Requires OSTree 2016.14, which allows us to drop some old
workarounds.
+ When installing an application system-wide, don't consider
dependencies that are installed for the user only.
+ Flatpak install --from now tries to re-use existing remotes to
avoid creating unnecessary origin remotes.
+ Using --filesystem=$dir when $dir is a symlink-to-directory now
works.
+ Using --filesystem=$file to expose unix sockets to the app is
now allowed.
+ By default all the directories in ~/.var/app (except the app),
as well as ~/.local/share/flatpak are hidden in the sandbox.
+ New option --filesystem=$dir:create which will create the
destination if it did not previously exist.
+ --filesystem= now supports for xdg-[config|cache|data]. This
allows you access to the host versions of these xdg dirs.
Additionally if you use these with a subdirectory, like:
- -filesystem=xdg-config/subdir then that subdirectory on the
host will be shared with the per-app instance of the xdg-dir.
+ Builder now correctly handles app-ids that have dashes in them.
Previously this generated invalid ids for the debuginfo and
locale extensions.
+ The experimental OCI file format support was changed from
creating an OCI container to creating an OCI image.
+ Fix regression where "flatpak update --appstream remotename"
broke.
- Require flatpak by flatpak-devel: xdg-desktop-portal expects to
find org.freedesktop.portal.Documents.xml, which is part of
flatpak. It's fair to assume everything to be present when
pulling in the -devel package.
- Update to version 0.6.13:
+ The command line arguments for install/update/uninstall
changed.
+ Application runtime depencenies are checked/downloaded.
+ remote-add and install --from now supports uris.
+ flatpak run can now launch a runtime directly.
+ Updated bubblewrap to 0.1.3 (CVE-2016-8659).
+ Support for defining the default branch per remote.
+ remote-add/modify: --update-metadata pulls current title and
default branch from remote summary file.
+ Applications can now list a set of URIs that will be downloaded
with the application.
+ flatpak-builder: Support --finish-only and
- -allow-missing-runtimes.
+ flatpak-builder: Support app layering.
+ dbus proxy: The filtering has been tightened up.
+ build-finish: Now exports icons for themes other than hicolor
too.
+ There is support in the app metadata for generic policies.
+ Support for extensions directories.
- Update to version 0.6.12:
+ Partial revert in application id rules. Application ids can now
only have dashes in the last element. This allows apps to
export files such as org.my.App-extra.desktop which was used by
the libreoffice builds.
+ By default the kernel keyring is not accessable, as it is not
containable.
+ Some robustness fixes for build-commit-from.
+ Better error messages.
+ flatpak update --appstream now updates for all remotes.
+ Made flatpak enter work, and you can now use any pid in the
sandbox. However, it requires root permissions.
+ Support for --device=kvm for /dev/kvm access.
+ Support for --allow=multiarch to support non-primary arch
support. For example running i686 code in an x86_64 app.
+ Add new default-branch setting for the remote configuration.
- Changes from version 0.6.11:
+ Dashes are now allowed in application ids. However, to still
work with symbolic icon names, they may not end with
"-symbolic".
+ HostCommand now handles ptys correctly.
+ Various documentation updates.
+ New FLATPAK_CHECK_VERSION macro in libflatpak.
+ HostCommand now returns the real PID rather than a fake one.
+ Fix regression in flatpak update --appstream.
+ Fix regression installing bundles without origin urls.
+ New flatpak-builder option --show-deps lists all the files the
manifest depends on.
- Update to version 0.6.10:
+ Dropped requirement for systemd --user. The way we detect if an
process we're talking to is sandboxed, and what application id
it has doesn't use cgroups anymore, which means that the
dependency on systemd in the user session is now optional. This
also means the --no-desktop argument is not needed any more.
(It is still accepted but does nothing.)
+ Initial support has been added for .flatpakref files. These are
simple key value files similar to .flatpakrepo files, however
they specify an application to install in addition to the repo
information. For example, gedit can be installed by downloading
https://sdk.gnome.org/gedit.flatpakref and running: flatpak
install --from gedit.flatpakref There is also library support
for this so it can be added to graphical installers (such as
gnome-software).
+ Requires OSTree 2016.10. The change in how OSTree handles
mtimes in checkouts that was introduced in 2016.7 has been
reverted, and the required changes in Flatpak has been made.
This means that flatpak now depends on OSTree 2016.10.
+ Requires Bubblewrap 0.1.2 for builds using the system
bubblewrap. Builds using the included copy need no changes.
+ The $XDG_RUNTIME_DIR/flatpak-info file has added information
about the running application, and is now also securely
available for a running application from the host as
"/proc/$fd/root/.flatpak-info". This is what is used to
identify remote apps instead of the cgroup info.
+ A new run permission --allow=devel has been added. An
application with this permission is allowed to use ptrace and
perf. This was previously only available during "flatpak build"
and "flatpak run -d". This is useful if you're packaging e.g.
an IDE.
+ When an application is updated or removed a /app/.updated or
/app/.removed file is created for running instances. This can
be used by applications to trigger e.g. a restart for the new
version.
+ A new dbus request "HostCommand" has been added to
org.freedesktop.Flatpak. This lets you run any command on the
host, and is therefore clearly not sandboxed, so access to this
should be limited. However, it is very useful if you're using
flatpak mainly as a distribution mechanism, for a non-sandboxed
application.
+ flatpak-builder now supports running from inside a flatpak, by
auto-detecting this and using the HostCommand service to run
recursive flatpaks.
+ Consecutive calls to flatpak build-update-repo has been speed
up.
+ The document portal now allows sandboxed applications to create
references to files in /app and /usr (in the app/runtime).
+ The update process now doesn't stop at the first failure.
- Update to version 0.6.9:
+ Dropped dependency on libgsystem.
+ Allow passing partial refs whenever a CLI command takes an app
or runtime name.
+ New command build-commit-from creates a new commit based on the
contents of another commit (optionally from another local
repo).
+ The sandbox now contains $XDG_RUNTIME_DIR/app/$APPID from the
host (and the directory is created if needed).
+ update: Better output, and faster for the no updates case.
+ build-export: Don't make most validation errors fail, instead
just print a warning.
+ builder:
- Support local path references for git sources.
- Better handling of recursive git submodules.
- Fixed issues with the .pyc mtime rewriting.
- Handle symbolic icons for rename-icon.
- Add --stop-at=$module to do partial builds.
- Add --sandbox flag to disable the build from escaping from
the sandbox via build-args.
+ Updated translations.
- Drop pkgconfig(libgsystem) BuildRequires following upstream.
- Update to version 0.6.8:
+ Requires OSTree 2016.7, allowing to enable use of static delta
for system downloads again.
+ Support --no-desktop which allows you to run a flatpak app
outside a desktop, with some loss of functionallity
(for example, there will be no systemd --user scope created for
the app)..
+ More documentation.
+ Memory leak fixes.
+ Initial support for rpms as flatpak-builder archive sources.
+ Start work on translating the CLI.
+ Install systemd config snippet to set the right XDG_DATA_DIRS
path.
+ Support --arch in flatpak list.
+ Support access() in the document portal.
+ Validate exported desktop files.
- Change /usr/bin/tar Requires to /bin/tar: this has never been
moved to /usr/bin.
- Update to version 0.6.7:
+ Expand the flatpak run --devel docs.
+ Add an option for journal sockets.
+ Document new socket option.
+ Fix builddir option type in flatpak-builder documentation.
+ document portal: don't reply to GetMountPoint() until ready.
+ Downgrade failure to get document portal from warning to
message.
+ tests: don't treat helper scripts as though they were tests.
+ Run tests with a private XDG_RUNTIME_DIR.
+ Add BWRAP and --with-system-bubblewrap configure arguments.
+ test-basic: do not fail in non-English locales.
+ Update to latest libglnx with lock release fix.
+ fix warning.
+ Fix leak in flatpak-installed-ref.
+ utils: Add flatpak_spawnv() helper.
+ builder: Add "use-git" option for patch source type.
+ Make journal always available in the sandbox.
+ builder: Report errors to stderr, not stdout.
+ tests: Add test for "use-git" patch application.
+ tests/test-builder.sh: Re-silence flatpak-builder.
+ tests: Test install/updates with static deltas.
+ extensions: Minor cleanup.
+ Add tests for extensions.
+ extensions: Always create a tmpfs for subdirectory extensions.
+ common: Remove unused functions.
+ utils: Add flatpak_get_current_locale_subpaths().
+ utils: Add flatpak_summary_match_subrefs.
+ builder: Strip "." from locale names too.
+ FlatpakDir: Add flatpak_dir_find_remote/local_related.
+ Add flatpak_dir_install_or_update.
+ Install/update/uninstall related refs.
+ builder: Set the new extension properties.
+ Bump version number since last release.
+ Document the metadata format.
+ lib: Support listing related refs.
+ Add some code I used to test the new related refs code.
+ doc/flatpak-metadata: Add some extra clarifications.
+ Update NEWS.
+ Require ostree 2016.6.
+ builder: Clear mtime to 1, not 0, to match what new ostree
does.
+ Remove unused variables.
- Update to version 0.6.6:
+ lib: Add flatpak_get_supported_arches.
+ Add flatpak --supported-arches.
+ common: Make some internal functions static.
+ update: Always look at all existing apps when updating.
+ Disable static deltas for system-helper updates.
+ Make finding refs handle multi-arch.
+ make-current: Use find_installed_ref().
+ remote-ls: Better multiarch support.
- Changes from 0.6.5:
+ Documentation improvements
+ builder: Check that the specified command exists after build is
done.
+ builder: Fix up mtime in headers for python precompiled files.
+ builder: Allow submodules and including modules from other json
files.
+ system-helper builds are optional (--disable-system-helper).
+ system-helper: Support installing from local remotes and
bundles.
+ Improved support for --subpath installs, including libflatpak
support.
+ Improved command line completion.
- Create /var/lib/flatpak directory, own it and ensure system wide
repo exists when installing / updating flatpak package.
- Add pkgconfig(libarchive) >= 2.8.0 and gtk-doc to BuildRequires.
- Replace libelf-devel for pkgconfig(libelf) BuildRequires.
- Bump ostree minimal requirements to 2016.5.
- Version update to 0.6.4:
+ Rename to flatpack
+ New homepage and download url
+ Various fixes
- Update to version 0.5.2:
+ The way locale extensions work has changed. Now we build a
single extension for all locales, but we allow you to specify a
subset of it during installation and update time using the
- -subpath commandline flag. The main reason for this is that
the many extensions didn't scale, both in technical terms
(large ostree summary file size), but also in terms of the UI
listing hundreds of uninteresting things.
+ We no longer use sizes in the commit objects to get installed
and download size, instead we store some extra metadata in the
summary file. This allows us to get much faster access to
these, as with recent ostree versions we can cache the summary
file.
+ New command xdg-app build-sign that lets you sign a commit at
any time.
+ New argument xdg-app build --force-clean that removes
pre-existing build dirs.
+ xdg-app run now uses the "current" version as the default if
you specify no branch or arch. It used to default to the
"master" branch. This will default to the last installed
version, but can be changed with xdg-app make-current.
+ Added config-opts to the build-options in xdg-app-builder. This
allows you to extend the configure flags in an arch dependent
way.
+ Documentation updates.
- Update to version 0.5.1:
+ xdg-app-builder: Don't export if --build-only specified.
+ Prefer non-subdir extensions over subdir ones..
+ builder: Build single every-locale extension.
+ Extract icons for all appstream components.
+ Document xdg-app-build-bundle.
+ Align contents of xdg-app.1 with xdg-app --help.
+ Don't check that the name is a branch.
+ Add xdg-app info to docs.
+ builder: Use the right field for the platform cache checksum.
+ builder: Checksum metadata-platform contents for cache too.
+ builder: Actually respect the defined branch.
+ Fix indentation.
+ Support endianness markers in bundle files.
+ seccomp: Always try to do the socket filtering, but don't fail
if not supported.
+ seccomp: Allow running the target arch.
+ doc: Minor reshuffling.
+ XdgAppInstallation: Fix a doc typo.
+ version information: Add documentaiton.
+ XdgAppError: Add documentation.
+ XdgAppInstallation: Add documentation.
+ XdgAppRef: Add documentation.
+ XdgAppInstalledRef: Add documentation.
+ XdgAppRemoteRef: Add documentation.
+ XdgAppRemote: Add documentation.
+ docs: Pick up the version number automatically.
+ docs: No need for a deprecated index.
+ docs: Exclude more private headers.
+ docs: Fix a typo.
+ docs: Hide class structs.
+ doc: Add xdg_app_installation_install_bundle.
+ More class hiding.
+ docs: Document XdgProgressCallback.
+ helper: Use 64bit capset/capget versions.
+ Release 0.5.1.
- Update to version 0.5.0:
+ Change xdg_app_bundle_ref_get_appdata to
xdg_app_bundle_ref_get_appstream.
+ Update test-lib.c with the appstream api change.
+ lib: Fix a tiny leak.
+ lib: Add xdg_app_bundle_ref_get_origin().
+ Search for dwarf.h in configure.
+ Post release version bump.
+ Force /bin/sh as a shell.
+ Ensure that the .ref file is always replaced.
+ Get the new glnx_fd_close.
+ Reimplement fuse backend.
+ Now newlines needed in g_debug calls.
+ Don't enumerate noenumerate remotes.
+ document portal: Avoid some deadlock.
+ fuse: Store basename in dir so we don't have to keep looking it
up.
+ Flesh out document portal tests.
+ xdg-app-buildeR: Remove unnecessary spew.
+ No need for newlines in g_debug messages.
+ Never use gvfs in the session helper.
+ Avoid warning about refing null GVariant.
+ Add change notification for the permissions store.
+ Don't unnecessarily grow the buffer when loading files.
+ Enabling gpg means require both signed commits and summaries.
+ Update summary after generating deltas.
+ Bump version to 0.5.0.
+ Update NEWS.
+ Add major_version to binary age.
- Update to version 0.4.13:
+ Fix xml printing of nodes with no children.
+ Set xdg-app as the log domain.
+ docs: Add docs for shell sources.
+ Add a file header to bundles.
+ builder: Add builder_get_debuginfo_file_references.
+ builder: Build runtimes in /run/build-runtime.
+ builder: Add sources referenced from debuginfo into Debug
runtime.
+ Make /run/build and /run/build-runtime symlinks to the right
place.
+ build-bundle: Add metadata file as metadata element.
+ Fix typos in header.
+ common: Break out bundle loader to helper utility.
+ Remove unused variable.
+ lib: Add XdgAppBundleRef.
+ bundles: Verify that the header metadata matches the deployed
one at install.
+ common: Move part of bundle install to helper functions.
+ Remove origin repos on uninstall.
+ Add test scripts that create trivial a runtime and app.
+ Add make-test-bundles.sh.
+ bundles: Don't lock during pull.
+ lib: Add xdg_app_installation_install_bundle.
+ Fix some compiler warning (unused vars).
+ Allow specifying subdir of xdg dir, like:
- -filesytem=xdg-download/subdir.
+ Support --filesystem=xdg-run/foo.
+ common: Break out xml appstream rewriting to helper functions.
+ Add appdata to test apps.
+ common: Add xdg_app_read_stream helper.
+ common: Add and use xdg_app_appstream_xml_root_to_data.
+ build-bundle: Extract appdata and icons into metadata.
+ lib: Add XdgAppBundleRef api to get appdata and icons.
+ build-update-repo: Add --generate-static-deltas option.
+ lib: Add xdg_app_bundle_ref_get_installed_size().
+ Update version to 0.4.13.
- Add libdwarf-devel BuildRequires: new dependency.
- Update to version 0.4.12:
+ Update exports on uninstall too.
+ Pass location of exports to triggers as arg1.
+ Add option to disable sandbox triggers.
+ Update exports on uninstall via library too.
+ builder: Put all builds in a .xdg-app-builder/build subdir.
+ helper: If stdout is a tty, mount tty as /dev/console.
+ When rewriting Exec lines, don't use full bindir.
+ Revert "When rewriting Exec lines, don't use full bindir".
+ Allow overriding XDG_APP_BINDIR using make vars.
+ Work around race when doing first initial appstream checkout.
+ info: Fix support for system installed runtimes (typo).
+ Make system repo bare-user too, to avoid any chance of creating
setuid bits.
+ helper: drop caps in launcher.
+ builder: Report errors if eu_strip fails.
+ lib: Return GBytes from xdg_app_installed_ref_load_metadata().
+ lib: Add xdg_app_installation_get_path.
+ builder: Always create unversioned symlinks while building
modules.
+ builder: Add build_context_get_build_dir().
+ builder: Move CFLAGS/CXXFLAGS handling into BuilderOptions.
+ builder: Add support for --run to start a command in the
build dir.
+ builder: Support local archives with path property.
+ build-init: Support --tag=FOO.
+ builder: Support tags.
+ deploy: Add metadata tags to exported desktop files.
+ appstream: Add runtime, sdk and tags to appstream xml.
+ Add xdg_app_installation_get_remote_by_name.
+ Remove all appstream checkouts and mirrored refs when deleting
remote.
+ common: Add XDG_APP_CP_FLAGS_MOVE support.
+ Add docs for appstream-compose option.
+ builder: Support separating out locale data.
+ Move migrate_locales to builder-utils.c.
+ Migrate locales after importing parent runtime.
+ Add support for separated locales when creating platforms.
+ Always create /etc/passwd,group,resolve.conf,machine-id when
deploying.
+ Fix use after free.
+ helper: Put monitor path in /run/host instead of
/run/user/$uid.
+ When deploying, always make /etc/resolve.conf a symlink into
the monitor dir.
+ Release 0.4.12.
- Update to version 0.4.11:
+ install: Fix assertion on runtime install
+ Release 0.4.11
- Update to version 0.4.10:
+ Fix some g_propagate_error typos
+ builder: Avoid reusing set GError
+ Make sure we export files during install
+ Updated for release
- Update to version 0.4.9:
+ install: Only set current for apps, not for runtimes
+ builder: Add shell source
+ helper: Make ~/.local/share/xdg-app writable again (if you have
homedir access)
+ builder: Use non-parallel-make option instead of looking at
.NONPARALLEL
+ Add xdg-app info command
+ builder: Store exact sdk commit id in the build cache and
manifest
+ lib: Fix crash during uninstall
+ install-app: Actually look for apps, not runtimes
+ common: Always resolve active symlink when looking up deploy
dir
+ Add app-path to the xdg-app-info in the sandbox
+ app-utils: typo
+ Don't export app-info files
+ builder: Use predictable names for build dirs
+ Make arches canonical
+ Bump version to 0.4.9
- Update to version 0.4.8:
+ update-repo: Escape text when writing xml
+ docs: Fix gtk-doc documentation
+ helper: Make user namespace support vs setuid a runtime, not
build-time option
+ Require some way to set cgroup for apps (currently systemd
- -user)
+ Avoid gtk-doc warnings: multiple ID for constraint linkend
+ Complete documentation for XdgAppInstallation
+ Document the structs in libxdg-app
+ Fix some misc. gtk-doc warnings
+ lib: Add some missing docs
+ lib: Fix up doc details
+ Make xauth use optional
+ Finish the optional xauth work
+ Fix include order to build with older libsoup versions
+ helper: Update the error messages to not refer to
- -disable-userns
+ utils: Fix nul termination of xdg_app_spawn output
+ builder: Skip checking out disabled submodules
+ builder: Style fixes
+ Build top-level directory before building documentation
+ Hide non-public symbols from libglnx and libxdgapp-common
+ Rename xdg-app-session.service to the recommended name
+ Add systemd user units corresponding to the D-Bus session
services
+ .gitignore: ignore tests and their results
+ test-doc-portal: split out global setup/teardown into functions
+ test-doc-portal: skip all tests if no FUSE
+ Consistently call g_assert_no_error before other assertions
+ Move XDG_APP_SYSTEMDIR to /var/lib/xdg-app or similar
+ Support a proxy on the system bus similar to the one on the
session bus
+ Disable gtkdoc-check by default for now
+ Distribute .service.in files in tarballs
+ Remove unset variable from EXTRA_DIST
+ Update tests' dependencies for commit 2f38ec65
+ Release 0.4.8
- Update to version 0.4.7:
+ libglnx: Update to get glib 2.44 build fix
+ lib: Change how listing installed refs work
+ lib: Return GPtrArray from xdg_app_remote_list_refs_sync
+ lib: Always use "branch" not "version" in API
+ apps: Use "branch", not "version" when talking about app
branches
+ lib: get_current => get_is_current
+ lib: Move fetch_metadata_sync from RemoteRef to Remote
+ lib: Move app launching to XdgAppInstallation
+ lib: Move all sync operations from XdgAppRemote to
XdgAppInstallation
+ lib: Make list_remotes return a GPtrArray
+ lib: Add xdg_app_ref_format_ref
+ lib: Add xdg_app_installation_list_installed_refs_for_update
+ common: Add xdg_app_strcmp0_ptr and use it in all
g_ptr_array_sort calls
+ ls-remote: Support showing remote commit ids
+ list-*: Show active commit ids
+ app: Limit commit id output to 12 chars
+ app: Use space, not tab to delimit columns
+ app: Support --no-pull and --no-deploy in the install and
update commands
+ common: Add xdg_app_dir_read_latest helper
+ lib: Expose latest_commit on installed app and let you use it
+ lib: Always initialize the repo on Installation creation
+ lib: Add cancellable to Installation constructors
+ apps: Make it more obvious that system repo is default
+ list-remotes: Default to list only system remotes
+ install-bundle: Make the repo title shorter
+ lib/app: Add support for repo priorities
+ builder: Add --disable-updates
+ XdgAppDir: Touch .changes file each time something changes
+ lib: Add xdg_app_installation_create_monitor
+ XdgAppDir: Remove leftover spew
+ build-finish: Add --no-exports
+ build-export: Add --runtime commit support
+ build-export: Look in the right keyfile group when exporting
runtimes
+ add-remote: Fix typo in prio handling
+ add-remote: Fix typo in no-enumerate handling
+ build-export: FLAGS_GENERATE_SIZES when commiting
+ builder: Print all files removed by cleanup
+ builder: Use libelf to detect elf files
+ builder: Add support for separating out debuginfo
+ builder: Break out helpers for path matching
+ builder: Pass down keep-build-dirs via BuildContext
+ builder: Pass down global cleanups via BuildContext
+ builder: Match debuginfo files against regular cleanup patterns
+ builder: Clean up how the commit filters work
+ common: Move path_match_prefix to common
+ export: Support --exclude
+ builder: Create metadata.debuginfo if debug info exists
+ export: Allow custom source for "files" and "metadata"
+ run: Fix support for app extensions
+ builder: Add support for exporting with --repo=foo
+ export: Add docs for the new command line arguments
+ build-finish: Don't leave empty directories in the exports dir
+ helper: Print nicer error messages when user namespaces don't
work.
+ run: Be more flexible with --runtime option, and add
- -runtime-version
+ helper: Add missing arguments to usage output
+ helper: Allow specifying initial cwd
+ build: Add --bind-mount and --build-dir arguments
+ builder: Run builds in /run/build/$modulename
+ helper: Align help output
+ builder: Add option to enable ccache use in build
+ builder: Pass --body, --subject and --gpg-sign to build-export
+ builder: Don't break if ccache not enabled.
+ builder: Add some more spew when exporting
+ builder: Fix handling of builddir
+ install: Fix printing of NULL in already-installed error
message
+ builder: Fix up cleanup matching
+ builder: Add support for rename-appdata-file option
+ build-finish: Export appdata files
+ builder: Change the way the cache is indexed
+ xdg-app: Deprecate install/update/uninstall-app/runtime
+ xdg-app: Update the command names and make nicer usage output
+ docs: Update for the new command names
+ Merge list-apps and list-runtimes into single list command
+ remote-ls: Regularize --runtime and --app user
+ completion: Update to the new cli commands
+ builder: Also apply cleanup to changes in usr
+ XdgAppDir: Add helper to fetch the size info for a commit
+ lib: xdg_app_installation_fetch_remote_size_sync
+ builder: Add some spew when downloading files
+ Better handling of the title in the summary
+ common: Add XdgAppTempDir which cleans up temporary directories
+ build-repo-update: Update appdata branch using appdata-builder
+ xdg_app_installation_list_remote_refs_sync: Don't crash on
weird refs
+ build-update-repo: Add --appdata update option
+ XdgAppDir: Document some args to xdg_app_dir_fetch_sizes
+ lib: Add xdg_app_installation_update_appdata_sync
+ builder: Don't delete the APPDIR directory
+ docs: Add missing full stops in xdg-app-builder manpage
+ cache: Remove target directory before checking out cache
+ build-export: Add --include option
+ builder: Correctly handling non-existing app dir when applying
cache
+ builder: Allow building runtime sdks (based on existing sdk)
+ Builder: Support commiting a platform
+ builder: Fix random crash due to uninitialized memory
+ cache: Don't fail to create cache if parent dir is not created
+ The plural of appdata is appstream
+ Add support to gpg sign summaries and appstream
+ builder: Handle modules with invalid refname characters in the
cache
+ override: Fix error if override file doesn't already exist
+ build-update-repo: Add --prune and --prune-depth options
+ override: Fix warning
+ Remove unused variables
+ Fix possible read of uninitialized variable
+ builder: Fix error with va_start use
+ builder: Remove leftover debug spew
+ lib: Add getter for installed size on InstalledRef
+ lib: Add xdg_app_remote_get_appstream_dir
+ build-finish: Fix exports
+ lib: update_appstream - work around main context issue
+ update-appstream: Don't fail badly if remote has not appstream
branch
+ lib: Allow passing NULL for remote name in update_appstream
+ appstream: Don't try to remove old appstream if it doesn't
exist
+ Revert "lib: Allow passing NULL for remote name in
update_appstream"
+ builder: Put debuginfo in the right place for runtimes
+ common: Add xdg_app_list_extensions util
+ run: Use the new xdg_app_list_extensions helper
+ build-init: Add --sdk-extension
+ builder: Support sdk-extensions
+ builder: Add platform-extensions
+ appstream: Add timestamp which is updated each time the
appstream is pulled
+ lib: Add xdg_app_ref_parse
+ build-finish: Export app-info, not appdata
+ build-update-repo: Update the appstream using a GMarkup parser
on the app-info files
+ utils: Extract the xml helpers
+ build: When using a writable /usr, don't use runtime extensions
+ xdg-app-utils: Add autocleanup for GZlib*
+ common: Add xdg_app_cp_a
+ build-init: Don't copy uid/gid when initializing a writable sdk
+ common: fix handling of no_chown in xdg_app_cp_a
+ build-init: Also use the new cp_a for sdk extensions
+ build-export: Never export files you can't read
+ builder: Add some spew before build-init
+ builder: Add spew when commiting to cache
+ XdgAppDir: Make sure we always constole end status lines that
we start
+ dir: Properly finish OstreeAsyncProgress objects
+ lib: Properly finishe OstreeAsyncProgress objects
+ update: Make both branch and name optional
+ Move the GZlib* autoptr backport to libglnx
+ builder: support using appstream-compose to create appstream
files
+ Always build libxmlapp
+ update-appstream: Fix crash in case there are no 128x128 icons
+ Update NEWS for release
+ Bump version to 0.4.7
- Add libelf-devel BuildRequires: new dependency.
- Split out new packages: libxdg-app0, typelib-1_0-XdgApp-1_0 and
a -devel package.
- Update to version 0.4.6:
+ utils: Add xdg_app_supports_bundles
+ add build-bundle command
+ Add install-bundle command
+ Add completion for bundle ops
+ Drop dump-runtime command for now
+ Always make it possible to talk to the built in portals
+ Add xdg-app.pc file with variable for interfaces_dir
+ lib: Export xdg_app_context_set_session_bus_policy
+ deploy: Explicitly pull from the origin
+ Add autoptr cleanup backport for SoupUri
+ Handle PWD env var correctly when spawning apps/builds
+ build: Set fs access before applying args so you can
override it
+ Add xdg-app-builder
+ builder: Add --build-only argument
+ xdg-app-builder: Update docs
+ Correct license, we're LGPL 2+, not 3+
+ Remove unused helper function
+ xdg-app run: Fix support for --filesystem=~/dir
+ Support defining read-only filesystem access
+ portals: Only give blanket access to session-*.scope systemd
cgroup
+ Create xdg-app-info file in user runtime dir with effective
state
+ Add standard errors needed for portal
+ Rename lib/ to common/ in preparation for public xdg-app
library
+ builder: Add support for cmake and forced builddir
+ builder: Add more headers around the spew for each new module
+ builder: builddir != srcdir was broken becasue we never created
the buildir
+ builder: Fix typo in cmake support
+ Remove leftover semicolon
+ builder: Add submodule support for git sources
+ builder: Add post-install script support
+ builder: Add docs for post-install
+ Add script source type
+ builder: Support building from a subdirectory of the sources
+ Remove stray semicolons
+ xdg-app-utils: Correct SoupUri -> SoupURI typo.
+ builder: Build with "make", not "make all"
+ Update libglnx for new backports
+ Fix some warnings
+ builder: Fix build with g_autoptr backports
+ builder: Consider the build_option when checksumming
+ builder: Add support for copy-icon option
+ builder: Error out if rename_error is set but not found
+ builder: Don't use ":" in uri-as-filename
+ Docs: Fix some tiny typos
+ document portal: Add AddNamed method for host-side use
+ builder: Merge spawn helpers to single base helper
+ ls-remote: Remove unnecessary code
+ Initial version of libxdg-app
+ build: Fix include path for builddir != srcdir
+ build: Switch to olddir after autoreconf
+ builder: Be a bit more verbose when pulling VCS
+ builder: Prune old branches when updating mirror
+ Add introspection check
+ XdgAppDir: Add some helpers for handling remotes
+ list/ls-remotes: Use the new remote helpers
+ lib: Use the new remote helpers
+ Add introspection support to libxdg-app
+ Add xdg_app_dir_fetch_remote_title and remote old custom
summary fetcher
+ Annotate transfer rules for ambiguous return values
+ Add no-enumerate flag to remote and set if for bundle origin
remotes
+ lib: Make getters for XdgAppRemote return copies of strings for
options
+ helper: Allow exec on the tmpfs.
+ lib: Add XdgAppRemoteRef subclass
+ Generate the API reference for libxdg-app
+ Add XdgAppRemoteRef do docs
+ XdgAppDeploy: Fix wrong types in finalizer
+ common: Move typedef to separate header to avoid circular deps
+ Remove unused variable
+ Move most of builtins-run to xdg_app_run_app helper
+ common: Clean up xdg_app_run_app()
+ helper: Mount dconf run dir writable, as dconf needs this.
+ xdg_app_run_app: Handle error == NULL
+ lib: Add xdg_app_installed_ref_launch()
+ lib: Add remote_name to XdgAppRemoteRef
+ lib: Rename xdg_app_remote_list_refs to
xdg_app_remote_list_refs_sync
+ lib: Add some more debug spew to test-lib
+ lib: xdg_app_remote_fetch_ref_sync
+ lib: Always load installed ref metadata each time
+ lib: Add XdgAppDir to RemoteRef private
+ lib: Fix declaration of xdg_app_installed_ref_load_metadata
+ lib: Add xdg_app_remote_ref_fetch_metadata_sync helper
+ lib: Minor indentation cleanups
+ lib: Add xdg_app_installation_load_app_overrides()
+ common: Make it explicit that XdgAppError are portal errors
+ builder: Allow git uris to be relative to the base directory
+ common: Make XdgAppDir soup session initilization threadsafe
+ builder: Make the builder manifest objects serializable to json
+ builder: Break out download_uri helper function in SourceFile
+ builder: Allow optionally specifying remote file sources
+ builder: Use SoupRequest to simplify download helpers
+ builder: Support data: uri for files
+ builder: Support specifying revision in bzr sources
+ builder: Support specifying commit ids as git branches
+ Builder: Add a resolved version of the manifest to the built
app
+ builder: Add --keep-build-dirs option
+ builder: Remove accidental leftover spew
+ builder: After fetching the mirrored git repo, set back the
right origin
+ completion: Fix completion of apps/runtimes in a remote
+ completion: Fix completion for xdg-app run
+ builder: Fix build with old glib
+ lib: Fix build with older glib
+ builder: Fix typo in patch applying
+ lib: Better fix for old glib
+ app: Fix warning if building with --disable-userns
+ lib: Fix compiler warning in test app
+ common: Fix compiler warning when built with --disable-userns
+ XdgAppDir: Add set_origin helper function
+ Bump libglnx to latest version
+ lib: Add xdg_app_installation_install
+ app: Clean up leftover removes after updates too
+ lib: Add xdg_app_installation_update
+ Fix unused variable warnings
+ helper: Properly unescape strings
+ lib: Add xdg_app_dir_undeploy_all and xdg_app_dir_remove_ref
helpers
+ common: Add xdg_app_compose_ref helper
+ Use xdg_app_compose_ref helper
+ lib: Add xdg_app_installation_uninstall
+ common: Add and use xdg_app_dir_deploy_update()
+ lib: Add custom GError codes
+ lib: Use the new installed/not-installed custom GErrors
+ Add lock file for each xdg-app dir.
+ builder: Allow specifying custom prefix
+ build-init: Allow writable sdk
+ builder: Support writable-sdk option
+ builder: Don't fsync on cache checkouts
+ builder: Store the cache in BARE_USER mode
+ lib: Fix return value type warnings
+ Bump version to 0.4.6
+ Add missing EXTRA_DIST to pass distcheck
+ builder: Add cleanup-command property
+ Add --enable-libxdgapp configure flag and disable lib by
default
+ Update NEWS for 0.4.6
- Add gobject-introspection-devel and pkgconfig(json-glib-1.0)
BuildRequires: new dependencies.
- Update to version 0.4.5:
+ build-export: Add support for signing build
+ docs: Fix whitespace issues
+ helper: Correctly zero terminate symlink targets
+ helper: Also copy extra symlinks from /
+ Always regenerate summary after export-build
+ document-portal: Fix warning
+ uninstall: Don't fail if there is no origin
+ utils: Add xdg_app_decompose_ref()
+ Always remove all leftover app/runtime traces on uninstall
+ Correct capitalization on dbus interface filename
+ Install dbus introspection files
+ Move dbus invocation peer app detection to lib/
+ build-export: add human readable format to "Content Bytes
Written"
+ helper: give xdg-app process access to /dev/ptmx
+ helper: match whitespace to other options
+ helper: unblock SIGCHILD before execvp() of child
+ Create custom /etc/passwd and /etc/group with minimal content
+ Update to 0.4.5
- Update to version 0.4.4:
+ build: Fix srcdir != builddir from git
+ build-export: Strip out uid/gid and xattrs
+ fuse: Disable entry cache to work around race condition
+ helper: Handle existing mounts with escaped characters
+ Propagate Xauthority details to the sandbox if X11 is enabled
- Add pkgconfig(xau) to BuildRequires.
- Update to version 0.4.3:
+ Accept -d as --show-details in all commands that support it
+ Fix regression is dbus proxy
+ utils: Add xdg_app_fail
+ Add --nofilesystem commandline arg
+ Make usage_error return FALSE
+ Add xdg-app dump-runtime command
+ cleanup: Remove trivial use of goto out
+ cleanup: Remove unused variables
+ cleanup: Simplify code using xdg_app_fail
+ Make sure we build against older ostree (without gpg import)
- Update to version 0.4.2:
+ run: When creating /etc symlinks, don't make symlinks to
symlinks
+ xdg-app build: Support extensions
+ run: Fix handling of which filesystems you can access
+ remove some unused code
+ run: Add /var/config and /var/data to sandbox
+ add-remote: Allow specifying local pathname instead of uri
+ Make seccomp optional
+ Update to libglnx for new autocleanup backports
+ Add xdg-app enter command
+ Move table printer to xdg-app-utils.c
+ list-remotes: Add support for listing both user and system
remotes
+ list-apps/runtimes: User table printer
+ bash_completion: Properly list apps when completing "run"
- Own %{_datadir}/dbus-1 and subfolder for openSUSE Tumbleweed.
- Update to version 0.4.1:
+ run: Allow perf and ptrace in debug and build mode.
+ Mount nvidia device nodes in sandbox if dri allowed
+ tests: Use check_PROGRAMS as the primary
+ fuse: Supply mode when creating files
+ Support version= in extension metadata
+ Update NEWS and version to 0.4.1
- Update to version 0.4.0:
+ Import xdg-document-portal from github repo
+ Add GetMountPoint method for document portal
+ Automatically start and mount document portal in sandbox
+ document-portal: *always* use the by-app location
+ Don't list empty names in opendir
+ Change dbus name of session helper to org.freedesktop.XdgApp
+ Rename dbus file to org.freedesktop.XdgApp
+ Move gvdb to lib/
+ gvdb: Add gvdb_table_get_content
+ Initial version of XdgAppDb
+ Initial tests of the db
+ Add XdgAppError
+ Initial version of permission store
+ Make document portal use the new permission store
+ Switch document portal to use strings for document ids
+ Document portal: Store paths, not uris
+ Drop the xdp specific errors and use the xdg-app ones
+ Remove ununsed variables reported by clang
+ dbus-proxy: Fix flags arg passed to g_socket_receive_message
+ dbus-proxy: Fix incorrect check of name policy
+ dbus-proxy: Avoid clang warning
+ Fix type of return
+ Fix error check of policy parsing
+ Fix const marking of string arrays.
+ utils: Add AUTOLOCK macro
+ autogen: Fix git submodules
+ Update libglnx, use its copy of backports
+ Use g_auto(GStrv) instead of glnx_strfreev
+ helper: Add perf and ptrace to seccomp blacklist
+ Markup AUTOLOCK with unused to avoid warnings
+ fuse: Make filesystem multithreaded
+ Add xdg_app_mkstempat
+ Store and verify parent dir dev/ino and pass O_PATH fds
+ Add xdg-app export-file to export files with the document
portal
+ Add debug output for release
+ fuse: Always open files with O_NOFOLLOW
+ document-portals: Support unique documents
+ document-portal: Use xdg_app_is_valid_name() to validate app
names
+ export-files: Allow specifying app permissions
+ document-portal: Actually respect WRITE permissions
+ Add check-valgrind target
+ db: Fix leak
+ export-file: Fix leak
+ Add minimal document portal tests
+ fuse: Unmount previous fuse instance if ENOTCONN
+ fuse: Add daemonizing switch
+ test-doc-portal: Launch the portal manually
+ fuse: Properly invalidate inodes and entries
+ fuse: Raise entry cache times now that we invalidate
+ fuse: Add some more debug spew
+ document-portal: Allow dbus owner replacing
+ document portal: Move locking explicitly into portal handlers
+ export-file: Print the full document pathname
+ document portal: Correctly handle recursive documents
+ fuse: Drop DOC_DIR_INO_CLASS
+ test-doc-portal: Fix unique boolean arg
+ fuse: Add some more debug spew
+ test-doc-portal: Work around GTestDbus env unsetting
+ test-doc-portal: Add recursive file export test
+ XdgAppContext: Properly handle masking things from parent
context
+ run: Correctly report errors talking to document portal
+ document portal: Fix crashes when dbus activated
+ run: Never propagate DISPLAY if X socket not requested
+ run: Read per-app override metadata file
+ build-finish: Don't export hidden or backup files
+ XdgAppContext: Always initialize bitfields
+ run: Support system overrides as well as per-user
+ create dirs with 755, not 777
+ Add new override builtin to override app permissions
+ lib: Handle libsoup now having built-in autocleanup support
+ add modify-remote command
+ list-remotes: Add more details to remotes list
+ Fix unused label warning
+ Add XdgAppChainInputStream based on ostree version
+ add/modify-remote: Support importing trusted gpg keys
+ list-remotes: Separate columns with tab
+ docs: Update remote related docs
+ list-remotes: Use --show-details instead of --details
+ Rename repo-contents to ls-remote
+ Update docs for new/changes interface
+ bash completion: Update to match the lastest options
+ bump version to 0.4.0
+ Updated NEWS for release
+ document portal: Add support for transient documents
+ Fix distcheck issues
- Drop 0001-Finish-switch-to-glibc-s-xattr.patch: fixed upstream.
- Add pkgconfig(fuse) BuildRequires: new dependency.
- Update to version 0.3.6:
+ helper: Fix typo in the socket-family blacklist.
+ run: Make users fonts appear in /run/host/user-fonts.
+ helper: Disable socket filters on x86.
+ Write user-dirs.dirs under app's XDG_CONFIG_HOME.
+ helper: Mount extra dirs/files only after all other mounts are
up.
+ helper: Add all possible architectures to seccomp filter.
+ Restructure directories and build.
+ Add NEWS file.
+ If home is accessible, make user-dirs.dir visible in custom
config dir.
+ Bump version to 0.3.6.
- Update to version 0.3.5:
+ update: Don't remove existing deployment if there was no updates
+ Bump version to 0.3.2
+ helper: Keep any existing old mount flags when remounting
+ helper: Remove noremount hack now that we keep old mount flags
+ helper: No need for a tmpfs on /dev these days
+ configure: Add checks for docbook xsl/dtd
+ Bump version to 0.3.3
+ Avoid unnecessary escapes in desktop file exports
+ Bump version to 0.3.4
+ xdg-app.sh: /usr/local/share is also in the default
XDG_DATA_DIRS
+ Add xdg-app.env file for gdm
+ profile: Don't override pre-existing XDG_DATA_DIRS env vars
+ Bump version to 0.3.5
- Update to version 0.3.1:
+ helper: Clean up launched command line
+ Bump version to 0.3.1
- Update to version 0.3+git.20150602.d781e27:
+ Add a README
+ Make symlinks lib64 -> usr/lib64, etc if those exist in the
runtime
+ Fix debug message format string
+ dbus proxy in progress
+ Parse dbus headers
+ Add some minimal policy on send/receive
+ Flesh out filtering
+ DBusProxy: Add non-filtering mode
+ Add wildcard policies
+ Better handling of fd passing
+ dbus-proxy: Add some test policy
+ Break out dbus proxy implementation to separate file
+ Make xdg-dbus-proxy talk command line args and install it
+ Only print headers when logging
+ Allow runtime and apps to override environment variables
+ Don't clear the [Vars] group in build-finish command and
improve error reporting
+ Ignore errors in add_env_overrides()
+ Actually unset the env variable when the value is empty
+ Report error when --var option is missing '='
+ Close any unexpectedly inherited fds in helper monitor and
init.
+ xdg-dbus-proxy: Add support for syncing via fd
+ Fix path generation when recursively exporting a directory
+ xdg-app-helper: Add -S fd support
+ xdg-app run: use a dbus proxy if needed
+ Clean up filtering and allow all messages from bus to client
+ xdg-app-proxy: Only allow replies from the bus that we
requested
+ xdg-app-proxy: Only allow pending replies from client
+ xdg-app-proxy: Large rewrite of docs comment
+ xdg-app-proxy: Don't filter unicast signals
+ proxy: Don't forward method returns and errors with no
reply_serial
+ proxy: Ensure that we SEE from peers we've gotten messages from
+ proxy: unlink socket on exit
+ proxy: Free some members on finalize
+ proxy: Send initial AddMatch and GetNameOwner to handle policy
+ proxy: Remove unneeded code for old name tracking
+ Update docs wrt new ownership tracking code.
+ proxy: Fully support policies for wildcarded names
+ proxy: Update docs
+ Some typo fixes
+ Add missing space
+ proxy: Fix double-free of socket control messages
+ XdgAppDir: Add XdgAppDeploy helper object
+ Add xdg_app_find_deploy_for_ref
+ builtins-run: Use XdgAppDeploy
+ Move setting of env vars from helper to launcher
+ build: Use an strv for envp instead of a GPtrArray
+ Add xdg_app_run_apply_env_vars() helper
+ build: Apply runtime env vars
+ builtin-run: Switch over to same env helpers
+ More special casing of LD_LIBRARY_PATH
+ Support filtering of session bus
+ metadata: Rename [Vars] to [Environment Vars]
+ build-init: Don't fail if /var/run already exists
+ xdg-app build: Bind mount host resolv.conf during builds
+ Only warn if removing old commits fail
+ Bump version to 0.2
+ Fix a typo
+ Fix build with old glib
+ helper: Bind mount /sys subset
+ Add a simple profile.d snippet for XDG_DATA_DIRS
+ proxy: Minor cleanup for first byte case
+ proxy: Properly detect authentication end
+ proxy: Always read all incomming socket messages on each
mainloop callback
+ proxy: Always send all possible queued messages in main
callback
+ build: Fix srcdir != builddir from git
+ Bump version to 0.2.1
+ Change /self to /app
+ Add new XdgAppContext helper object
+ Convert all builtins to the new metadata/arg formats using
XdgAppContext
+ Make extra_dirs and lock_dirs dynammic
+ helper: Add support for read/write extra dirs
+ Add support for persistent homedirectory dirs
+ helper: If old CWD is not mapped, use $HOME
+ helper: Add support for moving files into sandbox
+ Context: Finish support for filesystems
+ run: Remove hardcoded GI_TYPELIB_PATH
+ helper: Remove backwars compat /self symlink
+ Update docs for new run command line options
+ helper: Fix errors caused by create_file() return value change
+ build: Always allow host fs access
+ build: Remove duplicated helper arguments
+ Bump version to 0.3.0
+ run: Fix typo that broke env var support
+ helper: Only call get[ug]id() once at the start
+ helper: Drop setuid and use user namespaces
+ helper: Minor cleanup of uid/gid handling
+ helper: Optionally add back setuid support
+ Add xdg_app_dir_get_origin() helper
+ Use xdg_app_dir_get_origin helper
+ Show source repo when listing apps and runtimes
+ Show version when listing apps and runtimes
+ Make /var/cache persistent (in app-data cache dir)
+ helper: Fix thinko due to create_file() return type change
+ helper: Make all helper functions static
+ Use seccomp to limit allowed syscalls
+ helper: Make ~/.local/share/xdg-app read-only in sandbox
+ helper: Don't fail if ~/.local/share/xdg-app does not exist
+ run: If session helper not available, bind-mount
/etc/resolv.conf
- Add pkgconfig(libseccomp) BuildRequires: new dependency.
- Add ostree Requires: xdg-app can't start without its presence.
- Update to version 0.1+git.20150407.fc8db2b:
+ Add COPYING to reflect license headers
+ Pass name into build-init and store in metadata
+ build-finish: Only export files with app-id prefix
+ Switch to using glibc xattrs.
+ Remove dead code in xdg-app-builtins-build-finish.c.
+ Remove dead code xdg-app-builtins-build-init.c.
+ Remove dead code xdg-app-dir.c.
+ xdg-app-builtins-list.c: Cleanup comma separator code
- Add 0001-Finish-switch-to-glibc-s-xattr.patch: complete port of
libgnx to xattr.
- Update to version 0.0.1~20150323:
+ Mount system fonts in /run/host/fonts
+ deploy: Split the file rewriting and prefix checkout out from
the exporting
+ Move update_exports out of deploy/undeploy
+ Remove old code handling per-app data
+ Add xdg_app_dir_list_refs[_for_name] helpers
+ builtins-list: Use the new helper to list refs
+ uninstal: Fix the cleanup of empty dirs
+ Track which branch of an app is current
+ Add make-app-current
+ Make sure we initialize variables that auto-cleanup
+ xdg-app-dir: Move exports to update_exports
+ Import libglnx
+ Convert to g_autoptr
+ Use cleanup macros from libglnx
+ Switch to GLnxDirFd
+ Use glnx_set_error_from_errno
+ Use g_steal_pointer
+ Check for libattr header
+ fixup g_steal_pointer use
+ Fix dist
+ Require ostree 2015.3
+ helper: Manually apply bind flags recursively
+ Bump version to 0.1
+ Fix build on older glib
+ Add copyright headers
- Update to version 0.0.1~20150305:
+ Fix warning in add-remote if no summary.
+ Look for libcap pkg-config file for cflags to ensure we have
the headers.
+ Revert "Look for libcap pkg-config file for cflags to ensure we
have the headers".
+ Check for sys/capability.h via AC_CHECK_HEADER instead.
+ Run each app in a custom systemd user scope (if available).
+ xdg-app-helper: Flesh out usage output.
+ xdg-app-helper: Sort the command line parsing.
+ Mount /run/media if mount-host-fs.
+ Add metadata option to limit DRI access.
- Initial package.

==== fontconfig ====
Version update (2.12.3 -> 2.12.4)
Subpackages: fontconfig-32bit fontconfig-devel

- Version update to 2.12.4:
* Various distcheck errors
* FcCharSetHash(): use the 'numbers' values to compute the hash
* fc-lang: gracefully handle the case where the last language initial is < 'z'
* Fix an off-by-one error in FcLangSetIndex()
* Fix erroneous test on language id in FcLangSetPromote()
* FcLangSetCompare(): fix bug when two charsets come from different "buckets"
* Treat C.UTF-8 and C.utf8 locales as built in the C library
- Remove merged upstream fontconfig-locale_c.utf8.patch
- Remove fontconfig-doc archive, the generated output is already
present in the upstream released tarball
- Remove unused configure options

==== gd ====
Version update (2.2.3 -> 2.2.4)
Subpackages: libgd3 libgd3-32bit

- Add patch gd-rounding.patch
- Set again the cflags so other archs do not fail testsuite
- Version update to 2.2.4:
* gdImageCreate() doesn't check for oversized images and as such is prone
to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283
* double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284
* potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
bsc#1022263
* DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
bsc#1022264
* Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265
- Remove patches merged/obsoleted by upstream:
* gd-config.patch
* gd-disable-freetype27-failed-tests.patch
* gd-test-unintialized-var.patch
- Add patch gd-freetype.patch taking patch from upstream for
freetype 2.7

==== gdk-pixbuf ====
Version update (2.36.6 -> 2.36.7)
Subpackages: gdk-pixbuf-devel gdk-pixbuf-query-loaders
gdk-pixbuf-query-loaders-32bit gdk-pixbuf-thumbnailer libgdk_pixbuf-2_0-0
libgdk_pixbuf-2_0-0-32bit typelib-1_0-GdkPixbuf-2_0

- Update to version 2.36.7:
+ Add tests for recent bug fixes.
+ ico, bmp, tiff: avoid integer overflows (bgo#776040,
bgo#776694, bgo#780269).
+ jpeg: error out if wrong # of channels (bgo#784866).
+ Misc.bugfixes (bgo#784583).
+ Support mimetypes: image/wmf, image/emf.
+ Updated translations.
- Drop gdk-pixbuf-cve-2017-2862-jpeg-channels.patch and
gdk-pixbuf-cve-2017-2870-tiff-mul-overflow.patch: Fixed upstream.

==== gnome-documents ====
Version update (3.24.2 -> 3.24.3)
Subpackages: gnome-documents_books-common gnome-shell-search-provider-documents

- Update to version 3.24.3:
+ Enable printing only for documents that support it.
+ Avoid CRITICALs if a primary instance is already present.

==== gnome-keyring ====
Subpackages: gnome-keyring-32bit gnome-keyring-pam gnome-keyring-pam-32bit
libgck-modules-gnome-keyring

- Drop unneeded part of
gnome-keyring-bsc932232-use-non-fips-md5.patch, to match what we
have in SLE.

==== goffice ====
Version update (0.10.34 -> 0.10.35)
Subpackages: goffice-lang libgoffice-0_10-10

- Update to version 0.10.35:
+ Fix quad-precision overflow problem.

==== hexchat ====
Version update (2.12.3 -> 2.12.4)
Subpackages: hexchat-lang

- hexchat 2.12.4:
* fix issue with timers causing ping timeouts
* fix building against OpenSSL 1.1
* fix /exec output printing invalid utf8
* replace doat plugin with an internal command
* change how tab colors interact with plugins
- verify source signature

==== hylafax+ ====
Subpackages: hylafax+-client libfaxutil5_5_9

- Drop hylafax+_rh.init
- Drop conditionals for distros we never build against in OBS
- Switch to LCMS2
- Add jbikgit-devel dependency so it is detected by configure

==== installation-images-Kubic ====
Version update (14.320 -> 14.323)

- merge gh#openSUSE/installation-images#192
- Fix the default cursor theme (bsc#1051664)
- 14.323
- Add Conflicts: otherproviders() and Provides for relevant packages.
- merge gh#openSUSE/installation-images#191
- always load dm_multipath module
- 14.322
- merge gh#openSUSE/installation-images#190
- run udev prein script in initrd (bsc#1047598)
- 14.321
- increase disk size contraints to 12GB

==== java-1_8_0-openjdk ====
Version update (1.8.0.141 -> 1.8.0.144)
Subpackages: java-1_8_0-openjdk-headless

- Update to version jdk8u144 (icedtea 3.5.1)
* Import of OpenJDK 8 u144 build 01
- S8184993: Jar file verification failing with
SecurityException: digest missing xxx
* Shenandoah
- Amend "ArrayCopy verification code fix" with 8u-specific node
hierarchy test
- Amend "Refactor asm acmp" with a few missing changes
- [backport] aarch64 store check fix
- [backport] Account "shared" out-of-LAB allocations separately
- [backport] Adaptive should not be scared of user-requested
System.gc()
- [backport] Added assertion for page alignment of heap's base
address
- [backport] Add "verify jcstress" acceptance test
- [backport] "Allocation failure" cause should not be
overwritten
- [backport] ArrayCopy verification code fix
- [backport] Assorted cleanups
- [backport] "Before Full GC" verification is too strong for
OOME-during-evac
- [backport] C1 stores constants without read barriers
- [backport] Cleanup AArch64 code
- [backport] Cleanup class unloading and string intern code
- [backport] Cleanup duplicated Shenandoah task queue
declarations
- [backport] Cleanups
- [backport] Cleanup ShenandoahBarrierSet::write_barrier
- [backport] Cleanup ShenandoahHeap::do_evacuation
- [backport] Clean up unused fields and methods
- [backport] Cleanup: update-refs check in_collection_set twice
- [backport] Code cache roots styles
- [backport] Concurrent code cache evacuation + bugfixes
- [backport] Concurrent preclean + Fix weakref precleaning
- [backport] Correct prefetch offset for marked object
iteration
- [backport] Deferred region cleanup.
- [backport] Dense ShenandoahHeapRegion printout
- [backport] Detailed ParallelCleanupTask statistics + Split
out Full GC stats for parallel cleaning
- [backport] Disable aggressive+verification test configs
(jtreg eats up last configuration)
- [backport] Do not abandon RP discovery on conc GC cancel,
do that only before Full GC
- [backport] Eliminating _num_regions variable in
ShenandoahHeap
- [backport] Ensure collection set and cset map are consistent
- [backport] Fallback to shared allocation if GCLAB is not
available
- [backport] Fast synchronizer root scanning
- [backport] "F: Code Cache Roots" is missing from gc+stats
- [backport] Fix DerivedPointerTable handling when scanning
roots twice in init-evac phase
- [backport] Fixed a few of early returns that calling
register_gc_end()
- [backport] Fix live data accounting for humongous region
- [backport] Fix memory Phis with only data uses
- [backport] Fix recycled regions zapping
- [backport] Fix up pointer volatility
- [backport] Generic verification should not trust bitmaps
- [backport] Heap/matrix verification for all reachable objects
- [backport] Heap memory usage counting not longer needs to be
atomic
- [backport] Heap region recycling should call explicit clear()
and request zapping
- [backport] Heap region verification
- [backport] Implementation of interpreter matrix barrier on
aarch64
- [backport] Implement early update references phase.
- [backport] implicit null checks broken on aarch64
- [backport] Increase timeout for EvilSyncBug test
- [backport] Lazy parallel code cache iterator
- [backport] Make statistics gathering span more operations
- [backport] Make sure atomic operations are done on
"volatile" fields
- [backport] Make sure new_active_workers is used
- [backport] Make {T,GC}LAB statistics unconditional
- [backport] Mark-compact and heuristics should consistently
process refs and unload classes
- [backport] minor fix to optimization of java mirror
comparison
- [backport] more barrier on constant oop fixes + couple small
unrelated fixes
- [backport] More collection set and matrix cleanup
- [backport] Nit: mark-compact phase 3 (Adjust Pointers) should
announce itself as "Phase 3"
- [backport] Optimize heap region size checks
- [backport] Optimize heap verification
- [backport] Out-of-TLAB evacuation should overwrite stale
copies
- [backport] Parallel code cache scanning
- [backport] Parallel verification
- [backport] Print correct message about gross times in stats
- [backport] Print heap changes in phases that actually change
heap occupancy
- [backport] Print more detailed final UR stats
- [backport] Print more details for weak ref and class
unloading stats
- [backport] Properly react on -ClassUnloading
- [backport] Purge ealier version of redefined classes during
class unloading
- [backport] Purge ratio, global, connections heuristics.
- [backport] Purge shenandoahHumongous.hpp
- [backport] Purge ShenandoahVerify(Reads|Writes)ToFromSpace.
- [backport] Reduce region retirement during tlab allocation
- [backport] Refactor asm acmp (x86, aarch64, renames)
- [backport] Refactor BrooksPointer asserts
- [backport] Refactor heap verification
- [backport] Reference processing deadlocks with
- ParallelRefProcEnabled
- [backport] Reference processors might use non-forwarded alive
checks
- [backport] Region sampling may not be enabled because last
timetick is uninitialized
- [backport] Rehash ShenandoahHeap section in hs_err
- [backport] Reinstate "Purge" block in final-mark stats
- [backport] Relax assert to not fire at safepoint
- [backport] Remove heap printing routines from ShenandoahHeap
- [backport] Remove obsolete compile_resolve_oop_runtime()
methods
- [backport] Rename final mark operations
- [backport] Rename ShenandoahBarriersForConst
- [backport] Replace ShHeapRegionSet::get with get_fast
- [backport] Report correct total garbage data. Print out
garbage and cset data with -Xlog:gc+ergo
- [backport] Report oops and fwdptrs verification failures
fully
- [backport] Result of write barrier on constant not used
- [backport] Separate Full GC root operations in GC stats
- [backport] ShenandoahCollectionSet refactor
- [backport] ShenandoahGCSession used wrong timer for full GC
- [backport] ShenandoahHeap::evacuate_object() with boolean
result flag.
- [backport] Shenandoah options should be uintx
- [backport] shenandoah_wb should fallback to slow path with
- UseTLAB + Fix aarch64 compilation error due to
shenandoah_wb change
- [backport] ShenandoahWriteBarrierNode::memory_dominates_all_paths()
assert failure when compiling methods using unsafe
- [backport] Shortcut reference processing when no work is
available
- [backport] Simplify parallel synchronizer roots iterator
- [backport] Skip RESOLVE when references update is not needed
- [backport] Stats should attribute "Resize TLABs" properly,
and mention "Pause" for init/final mark
- [backport] Stats should not record past-shutdown events
- [backport] "String/Symbol/CodeCache" -> "Str/Sym, Code Cache"
- [backport] Tests should use all heuristics and pass heap
verification + Disable aggressive+verification test configs
- [backport] Total pauses should include final-mark pauses
- [backport] Trim down native GC footprint
- [backport] Update region sampling to include TLAB/GCLAB
allocation data
- [backport] Update roots should always handle derived pointers
- [backport] Update ShenandoahHeapSampling to avoid double
counting.
- [backport] Update statistics to capture thread data
accurately
- [backport] Use CollectedHeap::base() instead of
ShenandoahHeap::first_region_bottom()
- [backport] Use lock version heap region memory allocator
- [backport] Use scoped object for gc session/phases recording
- [backport] Variable steps in adaptive heuristics
- [backport] Verification error log is truncated
- [backport] Verification levels
- [backport] Verification should assert complete bitmaps in
most phases + Disable complete bitmap verification in init
mark
- [backport] Verifier performance improvements: scan objects
once, avoid double oop checks
- [backport] Verifier should not assert cset in forwarded test
block
- [backport] Verifier should print extended info on referenced
location
- [backport] Verifier should use non-optimized root scans
- [backport] Verify marked objects
- [backport] Verify TAMS and object sizes
- [backport] write barrier can get stuck below predicates
resulting in unschedulable graph
- S8140584: nmethod::oops_do_marking_epilogue always runs
verification code
- S8180175, S8180599: Cherry-pick/synchronize
- Cleanup: Removed redundant
ClassLoaderData::clear_claimed_marks() calls
- Cleanup shared code.
- Fixed memory leak in region garbage cache
- Fix return type of
ShenandoahHeapRegion::region_size_words_jint()
- Improved comment about AArch64bit addressing in assembler.
- Leak mutex in ShenandoahTaskTerminator
- Make sure C2 arguments are not used when C2 is disabled.
- Refactor parallel ClassLoaderData iterator
- Revert G1 changes and bring shared BitMap
- Add missing cmpoops() declaration to AArch64 macro assembler.
Back out matrix related code from AArch64 interpreter.
- Fix build without precompiled headers.
- Fixed build issues on Windows
- Use aarch32 instead of arm as a directory for JIT arm 32-bit
virtual machine.

==== libdnet ====

- Fix RPM groups, trim summaries, drop pointless --with-pic.
- Switch to github
- Rename libdnet.patch to libdnet-autoreconf.patch
- Add patch to work properly on multilib systems:
* libdnet-config-multilib.patch
- Install python bindings
- Add patch for fortify-sources error libdnet-fortify.patch

==== libostree ====
Version update (2017.3 -> 2017.8)
Subpackages: libostree-1-1

- Update to version 2017.8:
+ This is a quicker release closely following 2017.7, but it
still includes a number of changes. First, a lot of work is
landing from Philip/Krzesimir for doing "collections" and
pulling content from Avahi/USB drives etc. That work is still
underneath --enable-experimental-api, but look for more from
that soon!
+ Other notable user-visible features from this cycle are:
- lib/repo: Add min-free-space-percent option, default 3%.
- Add "pull --localcache-repo".
+ An important bugfix for bare-user repo mode owners is:
lib/commit: Ensure bare-user objects are always
user-readable.
+ Besides that we have a lot of code cleanup, CI work, etc.
- Update to version 2017.7:
+ The most notable thing for this release is that for flatpak
users/distributors, this release adds a lot of (opt-in)
hardening against setuid or world-writable files. These issues
are also (to a lesser degree) applicable to ostree-based build
systems which use the bare-user repository mode. A pending
flatpak version will require this version of libostree.
+ For ostree-as-host, we fixed a major regression in SELinux
labeling for /etc (only applies to SELinux-using host systems).
+ Known issue: test-symbols.sh will fail when building from the
tarball (as opposed to a git clone).
+ Besides that, there's various smaller cleanups and fixes. It's
great to see contributors from a variety of organizations;
having libostree be a shared infrastructure layer across
distributions is a longstanding vision.
- Update to version 2017.6:
+ One of the most notable changes in this release is that we
switched to using a systemd generator for handling /var, which
means admins can now set it up as an explicit mount point. We
feel pretty confident in the code, but do test your specific
setup. One note in particular; the new model (obviously)
requires systemd, and while we tried to preserve the
non-systemd path, it wasn't explicitly tested.
+ The work to port to a new code style continues rapidly; at this
point most of the library is converted, with just the command
line remaining. I think the new style is a lot more readable
now that we rely fully on __attribute__((cleanup)).
+ Enhance the OstreeAsyncProgress reporting API, which I think is
going to be quite useful for user interface frontends (like
GNOME Software).
+ There's a smattering of smaller bugfixes; minor memory leaks,
double close() and the like. In this cycle we also beefed up
our CI/testing more - we now test both Fedora Atomic Host and
flatpak more explicitly. Contributions to extend the suite to
other distributions would be appreciated; for example, tests
for ostree-as-host on Debian. Our Travis-executed tests should
be extensible.
+ Fix some of the test suite for installed tests, and also
introspection fixes for language bindings.
+ Another feature that involved a lot of internal changes is our
handling for /etc on SELinux-based systems. We now label files
as we go rather than having a more fragile separate relabeling
path. This is also exposed as an API, which is used by
rpm-ostree now. I think this particular change highlights the
strength of "libostree" as an API that can be reused by higher
level systems.
- Changes from version 2017.5:
+ This is a bugfix release for 2017.4 to fix a regression that
broke flatpak.
- Changes from version 2017.4:
+ A notable new feature in this release is a fourth repository
mode: "bare-user-only". This is very similar to bare-user, but
canonicalizes permissions and ignores xattrs. The intended
use of this is for "non-OS" container tools such as flatpak,
where one intentionally discards the traditional file
ownership. (I'm calling this container case "non-OS" to
distinguish from other container tools where one might want to
"log in" via PAM and supporting distinct UIDs inside a single
container is valuable)
+ We have a few new APIs, such as ostree_check_version() which is
important when making use of some of the "API extensions" we
have using GVariant on e.g. ostree_repo_pull_with_options().
+ The diff is a bit larger due to us switching to a new code
style.
+ Another quite important change is that ostree trivial-httpd is
disabled by default. With a libcurl build, this is the last
part that links to libsoup. It's only needed for unit tests, so
can be subpackaged or discarded. (We're doing the latter for
Fedora).
+ Speaking of curl, we now support --with-openssl which enables
using OpenSSL's libcrypto for SHA256. This can be notably
faster. You likely want this if e.g. libcurl is already linked
to OpenSSL for you. I'm increasingly confident in the curl
code, and should be ready to recommend using it by default in
the next release or two.

==== libotf ====

- Add sig file, no keyring can't find the public key
- Remove some obsolete syntax parts

==== libqb ====
Version update (1.0.1+git20170306.59eacf0 -> 1.0.2)

- loop: don't bring runtime down for a trivial API misuse
- Upstream version cs: ef4c3a15ea3d3c5d5f9364269cd02d78a308957b
- Update to version 1.0.2
- Memleak fixes (#194)
- Allow Linux to use filesystem sockets (#248) (fate#323415)
- Upstream version cs: 608de6d59a3de0eef0fbcbd8f284acbc018daa9a (v1.0.2)

==== libvirt ====
Version update (3.5.0 -> 3.6.0)
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network
libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface
libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc
libvirt-daemon-driver-network libvirt-daemon-driver-nodedev
libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu
libvirt-daemon-driver-secret libvirt-daemon-driver-storage
libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-scsi libvirt-daemon-driver-uml
libvirt-daemon-driver-vbox libvirt-daemon-lxc libvirt-daemon-qemu
libvirt-daemon-xen libvirt-libs

- Update to libvirt 3.6.0
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Fix unit tests on s390x and ppc64
8982f3ab-util-hash-header.patch,
0b1ecf7b-virHashCodeGen-mockable.patch.
f536b0dd-tests-arch-independent-hash.patch
- Patch cleanup
- Renamed libvirtd-defaults.patch to
suse-libvirtd-disable-tls.patch
- Renamed libvirtd-init-script.patch to
suse-libvirtd-sysconfig-settings.patch
- Renamed virtlockd-init-script.patch to
suse-virtlockd-sysconfig-settings.patch
- Renamed virtlogd-init-script.patch to
suse-virtlogd-sysconfig-settings.patch
- Renamed libvirt-guests-init-script.patch to
suse-libvirt-guests-service.patch
- Combined suse-libvirtd-service.patch and
systemd-service-xen.patch to suse-libvirtd-service-xen.patch
since both patches add Xen support to libvirtd service file
- Pull OVMF-related changes from suse-qemu-conf.patch into a
new suse-ovmf-paths.patch
- Add a supportconfig plugin
libvirt-supportconfig
FATE#323661
- Remove Requires on bridge-utils
FATE#323639
- drop dependency on xen for armv6hl (not supported and does not
build)

==== nfs-utils ====
Subpackages: nfs-client nfs-doc nfs-kernel-server

- nsm-headers.patch: add missing <stdint.h>

==== pkcs11-helper ====
Version update (1.11 -> 1.22)
Subpackages: libpkcs11-helper1

- RPM group fix.
- Remove --with-pic which is only for static libs.
- Version update to 1.22:
* Support openssl-1.1
* bunch of small fixes
- Remove obsolete patch pkcs11-helper-1.06-pkgconfig.patch

==== polari ====
Version update (3.24.1 -> 3.24.2)
Subpackages: typelib-1_0-Polari-1_0

- Update to version 3.24.2:
+ Support NickServ bots that don't handle nick in identify
command (bgo#772915).
+ Improve handling of temporarily unavailble networks
(bgo#784047).
+ Fix double-toggling of room checkboxes (bgo#782969).
+ Misc. bug fixes (bgo#781686).
+ Updated translations.

==== python-cryptography ====
Version update (1.9 -> 2.0.3)
Subpackages: python2-cryptography python3-cryptography

- update to 2.0.3
- update to 2.0.2
- update to 2.0

==== python-enum34 ====
Version update (1.1.3 -> 1.1.6)

- Fix Source url
- Update to version 1.1.6

==== python-numpy ====
Subpackages: python2-numpy python3-numpy

- Add xlocale.patch:
xlocale.h: don't use obsolete <xlocale.h>

==== rollback-helper ====

- use packageand(snapper:SUSEConnect) to install with SUSEConnect
(boo#1050428)

==== scim ====
Version update (1.4.15+git20150804.187a1fd -> 1.4.18)
Subpackages: scim-gtk scim-gtk-32bit scim-gtk3 scim-lang scim-qt4

- update version 1.4.18
* define G_GNUC_BEGIN/END_IGNORE_DEPRECATIONS
* fixed a no return in non void function error
* (boo#1041268) FTBFS with GCC-7: invalid conversion
from 'char' to 'const void*'
- changes in 1.4.17
* lower the chance to clear config file
* detect the num-lock mask as well
* handle the fallback im-context correctly
* correct the text/background colors of the preedit area for GTK >= 3
* optimize all png files
* add needed includedir to support out-of-srcdir building
* fix the scim_string_view_draw() bug for GTK >= 3.20
- drop upstreamed patch:
* scim-fix-no-return-in-non-void.patch
* G_GNUC_BEGIN_IGNORE_DEPRECATIONS.patch

==== sendmail ====

- Change requirements for libmilter and sendmail-devel as
the library is also used by other MTA like postfix (boo#1049188)

==== texlive ====

- Define _GNU_SOURCE to request GNU extensions
- Avoid nasty warning about missing batchmode in ENVironment

==== yast2-instserver ====
Version update (3.1.5 -> 3.3.0)

- move from yast2 agent for reading /content to support install of
old distros, as other parts of YaST2 already drop reading of
/content (FATE#322386)
- 3.3.0


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages