[neon/backports-focal/flatpak]: Summary of bulk changes made

KDE Git Services - Bulk Change null at kde.org
Tue Jan 25 15:32:52 GMT 2022


Git repository change summary for neon/backports-focal/flatpak
Pushed by jriddell into branch 'Neon/stable'.
Changed from f8960ee140ca3c1dbceb2d199016b13fd9a89220 to d9d7ea536a7f35db0e9f740b1cbb60011ad0ca0b
Acknowledgement was received that this change introduces only existing code that has been pushed to another public open source repository.

This change contains the following new commits:

Git commit b246dc00e57d40b4745e77ff1249621e17016990 by Simon McVittie on 25/08/2021 at 15:58..
Fix spelling

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/b246dc00e57d40b4745e77ff1249621e17016990

Git commit 33bb8a85ecd8d40770d3d4e2bf22e157533701ad by Simon McVittie on 26/08/2021 at 10:50..
build: Move Makefile-*.am.inc up one level

This takes them out of the directory that is "owned" by the subproject,
which will not be ignoring our Flatpak-specific generated files in
its .gitignore, and puts them in a directory that is "owned" by Flatpak,
which can ignore them.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/33bb8a85ecd8d40770d3d4e2bf22e157533701ad

Git commit 21a5fe5ff1c4b6067b9d85ff31553d021fda1864 by Simon McVittie on 26/08/2021 at 11:55..
libtest: Make sure ldconfig and capsh are in the PATH

This gives us better test coverage on Debian derivatives.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/21a5fe5ff1c4b6067b9d85ff31553d021fda1864

Git commit da76e95c91b3d082cfec1d623a4b381c3f258da3 by GitHub (on behalf of Phaedrus Leeds) on 26/08/2021 at 16:08..
Merge pull request #4384 from smcv/make-makefiles-ignorable

build: Move Makefile-*.am.inc up one level
https://invent.kde.org/neon/backports-focal/flatpak/commit/da76e95c91b3d082cfec1d623a4b381c3f258da3

Git commit dac93eecbc11759c9368ad4394b7025a6468dd63 by GitHub (on behalf of Phaedrus Leeds) on 26/08/2021 at 16:16..
Merge pull request #4385 from smcv/capsh-path

libtest: Make sure ldconfig and capsh are in the PATH
https://invent.kde.org/neon/backports-focal/flatpak/commit/dac93eecbc11759c9368ad4394b7025a6468dd63

Git commit 7bf6ecfaa22740daac66e35476c74583c707007c by Simon McVittie on 26/08/2021 at 20:40..
tests: Don't reset XDG_RUNTIME_DIR locally

If we do, it interferes with xdg-dbus-proxy, causing test failure under
some circumstances: the test passes on a development system, but fails
when run on a qemu virtual machine in Debian's autopkgtest framework.

Fixes: 6e5b02e2 "run: Don't let XDG_RUNTIME_DIR from user override the value we set"
Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/7bf6ecfaa22740daac66e35476c74583c707007c

Git commit 0c68b958e426c7b5440fac0d0227f14bdb5abbab by GitHub (on behalf of Phaedrus Leeds) on 27/08/2021 at 02:53..
Merge pull request #4386 from smcv/autopkgtest-xrd

tests: Don't reset XDG_RUNTIME_DIR locally
https://invent.kde.org/neon/backports-focal/flatpak/commit/0c68b958e426c7b5440fac0d0227f14bdb5abbab

Git commit bb20924f87dcc151d478c9199955087ca9339dcd by Alexander Larsson (on behalf of AsciiWolf) on 01/09/2021 at 06:41..
Update Czech translation
https://invent.kde.org/neon/backports-focal/flatpak/commit/bb20924f87dcc151d478c9199955087ca9339dcd

Git commit 4aa39521a90d737ebb05c7400ff32d6de2c81aa7 by GitHub (on behalf of Rodhos) on 10/09/2021 at 09:14..
Update es.po (#4396)

* Update es.po
https://invent.kde.org/neon/backports-focal/flatpak/commit/4aa39521a90d737ebb05c7400ff32d6de2c81aa7

Git commit a99b748931e6444dadb0d0c8c1565da23f755800 by Alexander Larsson (on behalf of Seppo Yli-Olli) on 10/09/2021 at 09:32..
Support dynamic export path into scripts
When flatpak-builder is running under flatpak, its
path will be /app/bin/flatpak. This path must not
be in export scripts or desktop file. This change
makes it possible for flatpak-builder flatpak to
tell flatpak what it should write to generated
files
https://invent.kde.org/neon/backports-focal/flatpak/commit/a99b748931e6444dadb0d0c8c1565da23f755800

Git commit 129077493d40d8d2f774d1575eac6cf83bcced15 by Simon McVittie on 14/09/2021 at 16:21..
security policy: Fix capitalization of GitHub

Thanks: @SethFalco
Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/129077493d40d8d2f774d1575eac6cf83bcced15

Git commit 2b2cecb07a9fd682822aee5d5c18b8e795688fd2 by Simon McVittie (on behalf of Seth Falco) on 14/09/2021 at 16:23..
fix: link to matrix chat

Resolves: https://github.com/flatpak/flatpak/pull/4413
https://invent.kde.org/neon/backports-focal/flatpak/commit/2b2cecb07a9fd682822aee5d5c18b8e795688fd2

Git commit 25e39529239382ce15a8faa4c6f97e99b11e0ca8 by Simon McVittie on 14/09/2021 at 16:25..
security policy: Specifically mention not reporting via Matrix

The Matrix room is just as public as the old IRC channel, which makes it
just as unsuitable for reporting security vulnerabilities as IRC.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/25e39529239382ce15a8faa4c6f97e99b11e0ca8

Git commit a69f891f2654d75e4a2ff9f065fa6f27ac85b834 by Alexander Larsson (on behalf of Kukuh Syafaat) on 17/09/2021 at 06:59..
Update Indonesian translation
https://invent.kde.org/neon/backports-focal/flatpak/commit/a69f891f2654d75e4a2ff9f065fa6f27ac85b834

Git commit f15f9262840a65bf8d709b9f343414947617d9cd by Alexander Larsson (on behalf of Ryan Gonzalez) on 17/09/2021 at 07:23..
Retrieve user languages for all locale categories

g_get_language_names() only returns the language names for the
LC_MESSAGES category, so mixed locale scenarios would result in missing
languages. Now, the languages are listed for each individual category.

Note that this issue was only present with the user installation. For
the system installation, the locales were queried from localed, and all
categories were checked.

In order to work on GLib versions < 2.58, the code to get language
names for a category has been backported.

Fixes #3712.
https://invent.kde.org/neon/backports-focal/flatpak/commit/f15f9262840a65bf8d709b9f343414947617d9cd

Git commit 86659a2bfbd673733fc7372454435673c18d72b9 by Alexander Larsson (on behalf of Ryan Gonzalez) on 17/09/2021 at 07:25..
repair: Fix incorrect progress when refs are skipped

Issue was shown in this comment:

https://github.com/flatpak/flatpak/issues/3542#issuecomment-917497591
https://invent.kde.org/neon/backports-focal/flatpak/commit/86659a2bfbd673733fc7372454435673c18d72b9

Git commit a96e9af37f1b77ab5d020258e79d24d856f3e9fc by Alexander Larsson (on behalf of Richard Maw) on 23/09/2021 at 07:57..
Handle /var/tmp mounts when it is a symlink

In Yocto systems /var/tmp is a symlink to /var/volatile/tmp
because in its implementation of read-only rootfs /var is read-only
so /var/volatile is mounted as a tmpfs
and a subset of the paths point into it.

This would result in flatpak emitting mount arguments of
`--symlink ../var/volatile/tmp /var/tmp --bind /var/volatile/tmp /var/volatile/tmp`
which fails because flatpak has already added `--dir /var/tmp`
and the call to symlink fails with EEXIST.

This is fixed by blacklisting /var/tmp from symlink exports
in the same way /tmp is, so the bind is emitted as
`--bind /var/tmp /var/tmp`, which results in /var/volatile/tmp
being mounted into /var/tmp.
https://invent.kde.org/neon/backports-focal/flatpak/commit/a96e9af37f1b77ab5d020258e79d24d856f3e9fc

Git commit 38c03dff324d0a5bd5872c609ee7afd5a0c3cbd2 by Alexander Larsson (on behalf of gasinvein) on 23/09/2021 at 07:58..
session-helper: Monitor gai.conf
https://invent.kde.org/neon/backports-focal/flatpak/commit/38c03dff324d0a5bd5872c609ee7afd5a0c3cbd2

Git commit 9962b6bc1ac31112fab0be3f0670b8466b5c1ec5 by Alexander Larsson (on behalf of gasinvein) on 23/09/2021 at 07:58..
run: Get gai.conf from session helper
https://invent.kde.org/neon/backports-focal/flatpak/commit/9962b6bc1ac31112fab0be3f0670b8466b5c1ec5

Git commit b4e838a0fd6ce94d09f6ccc3873462449f83b5f2 by Alexander Larsson on 23/09/2021 at 11:25..
Drop old-glib ci test as ubuntu 16.04 is no longer available

As per https://github.com/actions/virtual-environments/issues/3287
the support for ubuntu-16.04 stopped working on september 20:th, so
our CI job stopped starting.
https://invent.kde.org/neon/backports-focal/flatpak/commit/b4e838a0fd6ce94d09f6ccc3873462449f83b5f2

Git commit 8cb27763fc8131a51097c47922e1a6480ff271dd by Philip Withnall on 28/09/2021 at 12:38..
flatpak-dir: Fix parental controls checks for root

These checks were broken in commit d762a2f, as the commit failed to
consider the fact that `flatpak_dir_check_parental_controls()` is run
both in the `flatpak` CLI process run by the user, but also in the
`flatpak-system-helper` process which always runs as root, and which
handles any installations done on the system repository.

As a result, parental controls were not working for the system
repository.

Fix that by limiting the scope of the check to only pass if running
without the system helper. flatpak calls from root never go through the
system helper.

Signed-off-by: Philip Withnall <pwithnall at endlessos.org>

Fixes: #4418
https://invent.kde.org/neon/backports-focal/flatpak/commit/8cb27763fc8131a51097c47922e1a6480ff271dd

Git commit 90e6c723d63cb3558e2c9571f5bdc8c49c4dcbf9 by GitHub (on behalf of Philip Withnall) on 29/09/2021 at 10:38..
Merge pull request #4436 from pwithnall/4418-fix-parental-controls

flatpak-dir: Fix parental controls checks for root
https://invent.kde.org/neon/backports-focal/flatpak/commit/90e6c723d63cb3558e2c9571f5bdc8c49c4dcbf9

Git commit 3be48f30984966bfc6c0ec7c8ac86298dc45615c by Alexander Larsson (on behalf of Bartłomiej Piotrowski) on 04/10/2021 at 07:07..
icon-validator: Mount ld.so.cache only if it exists

On musl-based systems, /etc/ld.so.cache does not exist, causing icon validation to fail.

This has been improperly reported at [1] instead of Flatpak repo.

[1] https://github.com/flathub/com.valvesoftware.Steam/issues/638
https://invent.kde.org/neon/backports-focal/flatpak/commit/3be48f30984966bfc6c0ec7c8ac86298dc45615c

Git commit ae164573df5e168f97465b563d5c50c764b7816a by Simon McVittie on 05/10/2021 at 23:32..
Add Recommends on ca-certificates

Most Flatpak users will likely want to install from https servers.
https://invent.kde.org/neon/backports-focal/flatpak/commit/ae164573df5e168f97465b563d5c50c764b7816a

Git commit 9914dff925d9621f7602acc4848f57086944d5fd by Alexander Larsson on 08/10/2021 at 10:05..
tests: Fix test-sideload.sh if ostree is built with curl backend

The soup backend and the curl backend give slightly different error
messages, so we need to tweak the 404 assert check to match both.
https://invent.kde.org/neon/backports-focal/flatpak/commit/9914dff925d9621f7602acc4848f57086944d5fd

Git commit e26ac7586c392b5eb35ff4609fe232c52523b2cf by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 10:53..
run: Add an errno value to seccomp filters

At the moment, if we block a syscall we always make it fail with EPERM,
but this is risky: user-space libraries can start to use new replacements
for old syscalls at any time, and will often treat EPERM as a fatal error.
For new syscalls, we should make the syscall fail with ENOSYS, which is
indistinguishable from running on an older kernel and will cause fallback
to an older implementation, for example clone3() to clone().

In future we should probably move from EPERM to ENOSYS for some of the
syscalls we already block, but for now keep the status quo.

This is a prerequisite for fixing the vulnerability tracked as
GHSA-67h7-w3jq-vh4q.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/e26ac7586c392b5eb35ff4609fe232c52523b2cf

Git commit 89ae9fe74c6d445bb1b3a40e568d77cf5de47e48 by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 10:53..
run: Add cross-references for some other seccomp syscall filters

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/89ae9fe74c6d445bb1b3a40e568d77cf5de47e48

Git commit 26b12484eb8a6219b9e7aa287b298a894b2f34ca by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 10:53..
common: Add a list of recently-added Linux syscalls

Historically, syscalls could take arbitrarily-different values on
different architectures, but new syscalls are added with syscall numbers
that align on each architecture.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/26b12484eb8a6219b9e7aa287b298a894b2f34ca

Git commit a10f52a7565c549612c92b8e736a6698a53db330 by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 10:53..
run: Block clone3() in sandbox

clone3() can be used to implement clone() with CLONE_NEWUSER, allowing
a sandboxed process to get CAP_SYS_ADMIN in a new namespace and
manipulate its root directory. We need to block this so that AF_UNIX-based
socket servers (X11, Wayland, etc.) can rely on
/proc/PID/root/.flatpak-info existing for all Flatpak-sandboxed apps.

Partially fixes GHSA-67h7-w3jq-vh4q.

Thanks: an anonymous reporter
Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/a10f52a7565c549612c92b8e736a6698a53db330

Git commit 9766ee05b1425db397d2cf23afd24c7f6146a69f by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 10:53..
run: Disallow recently-added mount-manipulation syscalls

If we don't allow mount() then we shouldn't allow these either.

Partially fixes GHSA-67h7-w3jq-vh4q.

Thanks: an anonymous reporter
Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/9766ee05b1425db397d2cf23afd24c7f6146a69f

Git commit 4c34815784e9ffda5733225c7d95824f96375e36 by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 10:53..
run: Block setns()

If we don't allow unshare() or clone() with CLONE_NEWUSER, we also
shouldn't allow joining an existing (but different) namespace.

Partially fixes GHSA-67h7-w3jq-vh4q.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/4c34815784e9ffda5733225c7d95824f96375e36

Git commit 1330662f33a55e88bfe18e76de28b7922d91a999 by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 10:53..
run: Don't allow unmounting filesystems

If we don't allow mounting filesystems, we shouldn't allow unmounting
either.

Partially fixes GHSA-67h7-w3jq-vh4q.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/1330662f33a55e88bfe18e76de28b7922d91a999

Git commit 462fca2c666e0cd2b60d6d2593a7216a83047aaf by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 10:53..
run: Don't allow chroot()

If we don't allow pivot_root() then there seems no reason why we should
allow chroot().

Partially fixes GHSA-67h7-w3jq-vh4q.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/462fca2c666e0cd2b60d6d2593a7216a83047aaf

Git commit d8b8dff6701dab0fa226d5a296b04bf2cf6dbb48 by Alexander Larsson on 08/10/2021 at 10:53..
Update NEWS for release
https://invent.kde.org/neon/backports-focal/flatpak/commit/d8b8dff6701dab0fa226d5a296b04bf2cf6dbb48

Git commit 48b808e4c25df6840e489bdaefbeb9cc1b92082d by Alexander Larsson on 08/10/2021 at 10:53..
Bump version to 1.12.0
https://invent.kde.org/neon/backports-focal/flatpak/commit/48b808e4c25df6840e489bdaefbeb9cc1b92082d

Git commit 0cfd72442dd7301b0699725e25eb0552da3b5e98 by Alexander Larsson on 08/10/2021 at 11:20..
Update pofiles for release
https://invent.kde.org/neon/backports-focal/flatpak/commit/0cfd72442dd7301b0699725e25eb0552da3b5e98

Git commit 653b349ac651b6b2c062d1dc154046a4cb7b523a by Simon McVittie on 08/10/2021 at 11:50..
New upstream version 1.12.0
https://invent.kde.org/neon/backports-focal/flatpak/commit/653b349ac651b6b2c062d1dc154046a4cb7b523a

Git commit e999bf594ff68fd4de93be3514c381f63df1ae02 by Simon McVittie on 08/10/2021 at 11:51..
Update upstream source from tag 'upstream/1.12.0'

Update to upstream version '1.12.0'
with Debian dir 846e1ecb3d73eda81bcbf8071c0a0717a1a67cb4
https://invent.kde.org/neon/backports-focal/flatpak/commit/e999bf594ff68fd4de93be3514c381f63df1ae02

Git commit b2b3bec4af084361bb67a31248d44b806731df79 by Simon McVittie on 08/10/2021 at 11:58..
Drop patches, applied upstream
https://invent.kde.org/neon/backports-focal/flatpak/commit/b2b3bec4af084361bb67a31248d44b806731df79

Git commit 45a8da8033f82a242b01f26fa21b0cb20f2107b4 by Simon McVittie on 08/10/2021 at 11:58..
Update changelog
https://invent.kde.org/neon/backports-focal/flatpak/commit/45a8da8033f82a242b01f26fa21b0cb20f2107b4

Git commit 16b53b59e6666351961890c4cc385d8d27356f96 by Simon McVittie on 08/10/2021 at 11:58..
Release to unstable
https://invent.kde.org/neon/backports-focal/flatpak/commit/16b53b59e6666351961890c4cc385d8d27356f96

Git commit 4981bd2a487a1d6d82f11d0dca90825cadebbe8b by Simon McVittie on 08/10/2021 at 13:44..
Add CVE-2021-41133 reference in previous changelog entry
https://invent.kde.org/neon/backports-focal/flatpak/commit/4981bd2a487a1d6d82f11d0dca90825cadebbe8b

Git commit 06eb7c6d1ef2a972a9378961d6e402dd8eb1b619 by Simon McVittie on 08/10/2021 at 13:46..
Standards-Version: 4.6.0 (no changes required)
https://invent.kde.org/neon/backports-focal/flatpak/commit/06eb7c6d1ef2a972a9378961d6e402dd8eb1b619

Git commit 37657569ceda97704949c8a09fe9dfb55e56d543 by Simon McVittie on 08/10/2021 at 13:47..
Update Lintian overrides
https://invent.kde.org/neon/backports-focal/flatpak/commit/37657569ceda97704949c8a09fe9dfb55e56d543

Git commit fec469eb9b25afca23e976cf762edb1e8b50a62a by Simon McVittie on 08/10/2021 at 13:47..
Update changelog
https://invent.kde.org/neon/backports-focal/flatpak/commit/fec469eb9b25afca23e976cf762edb1e8b50a62a

Git commit 270701f900c8612cf1fc5e6f5a6e2eb6459708c1 by Alexander Larsson (on behalf of Simon McVittie) on 08/10/2021 at 16:44..
run: Handle unknown syscalls as intended

The error-handling here was

    if (r < 0 && r == -EFAULT)

but Alex says it was almost certainly intended to be

    if (r < 0 && r != -EFAULT)

so that syscalls not known to libseccomp are not a fatal error.

Instead of literally making that change, emit a debug message on -EFAULT
so we can see what is going on.

This temporarily weakens our defence against CVE-2021-41133
(GHSA-67h7-w3jq-vh4q) in order to avoid regressions: if the installed
version of libseccomp does not know about the recently-added syscalls,
but the kernel does, then we will not prevent non-native executables
from using those syscalls.

Resolves: https://github.com/flatpak/flatpak/issues/4458
Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit d419fa67038370e4f4c3ce8c3b5f672d4876cfc8)
https://invent.kde.org/neon/backports-focal/flatpak/commit/270701f900c8612cf1fc5e6f5a6e2eb6459708c1

Git commit f968334ea318639d9049af8fd58779edc9b2cbc2 by Alexander Larsson on 08/10/2021 at 16:58..
Bump version to 1.2.1
https://invent.kde.org/neon/backports-focal/flatpak/commit/f968334ea318639d9049af8fd58779edc9b2cbc2

Git commit afb3575d3113a8491af25af3bbc7bcf1cb5b9b33 by Alexander Larsson on 08/10/2021 at 17:12..
Update pofiles for release
https://invent.kde.org/neon/backports-focal/flatpak/commit/afb3575d3113a8491af25af3bbc7bcf1cb5b9b33

Git commit f66bdc40a751835c8be5693ae01d3031cb2076c4 by Simon McVittie on 08/10/2021 at 19:26..
New upstream version 1.12.1
https://invent.kde.org/neon/backports-focal/flatpak/commit/f66bdc40a751835c8be5693ae01d3031cb2076c4

Git commit 7b039f318aba2031e2467f3f5ef4022969a92b07 by Simon McVittie on 08/10/2021 at 19:26..
Update upstream source from tag 'upstream/1.12.1'

Update to upstream version '1.12.1'
with Debian dir e36fadc4fe926effe67357b08c26df54d72d31dd
https://invent.kde.org/neon/backports-focal/flatpak/commit/7b039f318aba2031e2467f3f5ef4022969a92b07

Git commit fbc27d1644a2d39229d19f9d71e794889182f47b by Simon McVittie on 08/10/2021 at 19:27..
Update changelog
https://invent.kde.org/neon/backports-focal/flatpak/commit/fbc27d1644a2d39229d19f9d71e794889182f47b

Git commit 31c1321b24db60676f230ac94b73035654ac140b by Simon McVittie on 08/10/2021 at 19:31..
Fix handling of syscalls only allowed by --devel
https://invent.kde.org/neon/backports-focal/flatpak/commit/31c1321b24db60676f230ac94b73035654ac140b

Git commit 395606224e92c4c7f898e69994457c609f4b4af5 by Simon McVittie on 08/10/2021 at 20:24..
d/control: Depend on libseccomp 2.5.2

For CVE-2021-41133 to be fully prevented, for now we need a libseccomp
that knows about the syscalls we're blocking. Resolving this with older
libseccomp versions will require further development.
https://invent.kde.org/neon/backports-focal/flatpak/commit/395606224e92c4c7f898e69994457c609f4b4af5

Git commit d05a8b028733579e3dd21d055d3d65b73d22c6ea by Simon McVittie on 08/10/2021 at 20:24..
Update changelog
https://invent.kde.org/neon/backports-focal/flatpak/commit/d05a8b028733579e3dd21d055d3d65b73d22c6ea

Git commit c0f2540060d696ff96e30695ce3d41678faf66b8 by Simon McVittie on 08/10/2021 at 20:25..
Release to unstable
https://invent.kde.org/neon/backports-focal/flatpak/commit/c0f2540060d696ff96e30695ce3d41678faf66b8

Git commit cbbe6a106ad944a22e3cea3338a22d9f12a03007 by Simon McVittie (on behalf of Phaedrus Leeds) on 08/10/2021 at 21:35..
NEWS: Fix a typo
https://invent.kde.org/neon/backports-focal/flatpak/commit/cbbe6a106ad944a22e3cea3338a22d9f12a03007

Git commit 03f525b92d9385ab3e3e5c41d3f7c848a4a66214 by Simon McVittie (on behalf of Phaedrus Leeds) on 08/10/2021 at 21:35..
NEWS: Fix typo of 1.12.0
https://invent.kde.org/neon/backports-focal/flatpak/commit/03f525b92d9385ab3e3e5c41d3f7c848a4a66214

Git commit 946dd5d8a88cb948a716611d587a186103d11104 by Alexander Larsson (on behalf of Piotr Drąg) on 11/10/2021 at 07:44..
Update Polish translation
https://invent.kde.org/neon/backports-focal/flatpak/commit/946dd5d8a88cb948a716611d587a186103d11104

Git commit 97e128c2c1520202486b5e165e1734cbb421568a by Alexander Larsson (on behalf of Simon McVittie) on 11/10/2021 at 07:52..
Fix handling of syscalls only allowed by --devel

This was incorrectly looking at errno instead of -r.

Fixes: 0b38b0f0 "run: Handle unknown syscalls as intended"
Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 3fc8c672676ae016f8e7cc90481b2feecbad9861)
https://invent.kde.org/neon/backports-focal/flatpak/commit/97e128c2c1520202486b5e165e1734cbb421568a

Git commit bd2c58fc27fa5e31029339dbce8eea10717015f3 by Alexander Larsson (on behalf of Simon McVittie) on 11/10/2021 at 07:52..
run: Improve error handling/diagnostics for calls into libseccomp

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 53bde36585b88a2b96bf896ed79b40ccb6a72c54)
https://invent.kde.org/neon/backports-focal/flatpak/commit/bd2c58fc27fa5e31029339dbce8eea10717015f3

Git commit 72c38fe0bd14fa16c46e161ded4d48a3b2a9cd05 by Alexander Larsson (on behalf of Simon McVittie) on 11/10/2021 at 07:52..
common: Backport g_get_language_names_with_category() more thoroughly

Even though we are going to check all the `LC_*` environment variables,
if one of them is not set, we still need to consider LANGUAGE, LC_ALL
and LANG; there is no guarantee that *every* `LC_*` environment variable
is set (and in particular, during our build-time tests, they will usually
not be).

Resolves: https://github.com/flatpak/flatpak/issues/4471
Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit ae59fb7aca24cd2579aae51978f64bf762f78569)
https://invent.kde.org/neon/backports-focal/flatpak/commit/72c38fe0bd14fa16c46e161ded4d48a3b2a9cd05

Git commit 89fb54123ace0499d7a948e37e4ca42d3e071087 by Simon McVittie on 11/10/2021 at 13:11..
NEWS: Clarify what was fixed in 1.12.1

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/89fb54123ace0499d7a948e37e4ca42d3e071087

Git commit ff0c48c780f419881d4530b13c340ee17a162ca3 by Simon McVittie on 11/10/2021 at 13:11..
NEWS: Mention CVE-2021-41133

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/ff0c48c780f419881d4530b13c340ee17a162ca3

Git commit 486b978b44a3c89270b1b226a8dfe69315d19abe by Simon McVittie on 11/10/2021 at 13:11..
NEWS: Clarify the user-facing feature enabled by improved subsandboxing

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/486b978b44a3c89270b1b226a8dfe69315d19abe

Git commit 666dc8dbcdf5cb796fd3e1febe3388a520c0e23e by Simon McVittie on 11/10/2021 at 13:17..
NEWS: Add changes so far for 1.12.2

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/666dc8dbcdf5cb796fd3e1febe3388a520c0e23e

Git commit f4db077a52070c3a7d2badfa98befe7d11f2138b by Simon McVittie on 12/10/2021 at 09:54..
Set version number to 1.12.2

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/f4db077a52070c3a7d2badfa98befe7d11f2138b

Git commit 96aafda476c2634941dfcd68a65fe13f582eefcb by Simon McVittie on 12/10/2021 at 10:16..
Regenerate .po files for release

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/96aafda476c2634941dfcd68a65fe13f582eefcb

Git commit e47c92263cf4208fe4cc152a7e2763797011dfd5 by Simon McVittie on 12/10/2021 at 10:17..
New upstream version 1.12.2
https://invent.kde.org/neon/backports-focal/flatpak/commit/e47c92263cf4208fe4cc152a7e2763797011dfd5

Git commit 9f382d85d91a9dee450f32936fa12c497d04d6c4 by Simon McVittie on 12/10/2021 at 10:17..
Update upstream source from tag 'upstream/1.12.2'

Update to upstream version '1.12.2'
with Debian dir 517cae336d0871bd9c8e41c978350b4260a50950
https://invent.kde.org/neon/backports-focal/flatpak/commit/9f382d85d91a9dee450f32936fa12c497d04d6c4

Git commit fe725058d79c9678134d486b4572c343d2d72704 by Simon McVittie on 12/10/2021 at 10:29..
New upstream stable release
https://invent.kde.org/neon/backports-focal/flatpak/commit/fe725058d79c9678134d486b4572c343d2d72704

Git commit f45884b875c304d7107b3711f41d625a47adc125 by Simon McVittie on 12/10/2021 at 10:54..
Release to unstable
https://invent.kde.org/neon/backports-focal/flatpak/commit/f45884b875c304d7107b3711f41d625a47adc125

Git commit 5f30403d2b151bf566f3d6c979ad1bd8cf6cd54c by Phaedrus Leeds on 19/10/2021 at 18:00..
CI: Add 1.12 branch
https://invent.kde.org/neon/backports-focal/flatpak/commit/5f30403d2b151bf566f3d6c979ad1bd8cf6cd54c

Git commit 12c45845930e2ab4170464773258d9d34e8de7f8 by Phaedrus Leeds (on behalf of Piotr Drąg) on 19/10/2021 at 18:02..
Update Polish translation
https://invent.kde.org/neon/backports-focal/flatpak/commit/12c45845930e2ab4170464773258d9d34e8de7f8

Git commit 438fd6b1098b154b68da9714bc46eb68cb227e10 by GitHub (on behalf of Phaedrus Leeds) on 19/10/2021 at 18:43..
Merge pull request #4493 from piotrdrag/piotrdrag/pl-update-211017-1.12.x

Update Polish translation 211017 for flatpak-1.12.x
https://invent.kde.org/neon/backports-focal/flatpak/commit/438fd6b1098b154b68da9714bc46eb68cb227e10

Git commit b53cc2c5957a8bd6439820112c42d0f882e8ab8a by Simon McVittie on 26/11/2021 at 11:38..
flatpak Recommends xdg-user-dirs

If we don't have this, the XDG special directories for documents, music,
downloads etc. will not be listed in ~/.config/user-dirs.dirs unless
configured manually; this means that app permissions that would normally
share those directories with the host, such as --filesystem=xdg-download,
will have no practical effect.

Closes: #1000609
https://invent.kde.org/neon/backports-focal/flatpak/commit/b53cc2c5957a8bd6439820112c42d0f882e8ab8a

Git commit 60b5209f9b6d991c76a3dd5bb3211a840c6d0481 by Simon McVittie on 26/11/2021 at 11:49..
Build/test-depend on dbus-daemon

We don't necessarily need a full implementation for the unit tests, but
we do need to be able to run dbus-daemon --session.
https://invent.kde.org/neon/backports-focal/flatpak/commit/60b5209f9b6d991c76a3dd5bb3211a840c6d0481

Git commit d788efe93c7e004d1e7aee587f4934479489a0e6 by Simon McVittie on 26/11/2021 at 11:49..
Depend on default-dbus-system-bus | dbus-system-bus instead of dbus

Any implementation of the system bus will do.
https://invent.kde.org/neon/backports-focal/flatpak/commit/d788efe93c7e004d1e7aee587f4934479489a0e6

Git commit 317ae9965d4c65b8abde92fd3723cbca26aa7efc by Simon McVittie on 13/12/2021 at 13:21..
Adjust Lintian overrides for current Lintian
https://invent.kde.org/neon/backports-focal/flatpak/commit/317ae9965d4c65b8abde92fd3723cbca26aa7efc

Git commit 59bd09d402fe688ba19c2f98fd0ad489579df370 by Simon McVittie on 13/12/2021 at 13:22..
Release to unstable
https://invent.kde.org/neon/backports-focal/flatpak/commit/59bd09d402fe688ba19c2f98fd0ad489579df370

Git commit 70b4a030c1c4c6396e34833c34b86142fb451c4c by Simon McVittie (on behalf of Phaedrus Leeds) on 04/01/2022 at 11:39..
doc: Clarify default setting of noenumerate/nodeps options

(cherry picked from commit f94721bef2327f9d6b4517da9a438084ea99726f)
https://invent.kde.org/neon/backports-focal/flatpak/commit/70b4a030c1c4c6396e34833c34b86142fb451c4c

Git commit 3f09faeb89dfe70edad483e8d84c3d65bd2bdf3c by Simon McVittie (on behalf of Phaedrus Leeds) on 04/01/2022 at 11:39..
Fix capitalization of "false" in flatpakref keyfiles

g_key_file_get_boolean() only accepts lower case "true" and "false", so
correct some instances of "False" in key files. This makes no functional
difference as long as the error pointer isn't checked since
g_key_file_get_boolean() also returns false when it can't parse the
value as a boolean. But it still seems good to be correct, and someone
could interpret the existence of "IsRuntime=False" as implying that
"IsRuntime=True" will work, which it doesn't.

(cherry picked from commit b0981912520de706f1e20993f3486ce83cd5787a)
https://invent.kde.org/neon/backports-focal/flatpak/commit/3f09faeb89dfe70edad483e8d84c3d65bd2bdf3c

Git commit 76d592870777b5b0f85c6508c2500c1129b88d04 by Simon McVittie (on behalf of Phaedrus Leeds) on 04/01/2022 at 11:43..
Pedantic typo fix

(cherry picked from commit 93d3cb4704af1537ff3230ddccdd5868c5e0114d)
https://invent.kde.org/neon/backports-focal/flatpak/commit/76d592870777b5b0f85c6508c2500c1129b88d04

Git commit 02b8701062c5e5c41e8f7702dd62c5cd4632043a by Simon McVittie (on behalf of Phaedrus Leeds) on 04/01/2022 at 11:43..
doc/flatpakrepo: Fix a typo

(cherry picked from commit 71a09d47d591633bc46e5012377dc29f7b3d4cc3)
https://invent.kde.org/neon/backports-focal/flatpak/commit/02b8701062c5e5c41e8f7702dd62c5cd4632043a

Git commit ad26c8e1fffa615f989cb8243d19fd17bddf322b by Simon McVittie (on behalf of Phaedrus Leeds) on 04/01/2022 at 11:43..
SECURITY.md: Update supported branches

(cherry picked from commit 4b89d92dbdbf8c7641b324c4c04b159ccc0faf09)
https://invent.kde.org/neon/backports-focal/flatpak/commit/ad26c8e1fffa615f989cb8243d19fd17bddf322b

Git commit ea322f3df0455d376755febd96a7c9677abf76f4 by Simon McVittie (on behalf of Phaedrus Leeds) on 04/01/2022 at 11:43..
dir: Fix typos in a warning

(cherry picked from commit fd4e9e84cde35ac4c763178521b7c2c5d5fe4b4f)
https://invent.kde.org/neon/backports-focal/flatpak/commit/ea322f3df0455d376755febd96a7c9677abf76f4

Git commit ffff8129572b6e6aa97855238a125f717184f25c by Simon McVittie (on behalf of Phaedrus Leeds) on 04/01/2022 at 11:43..
transaction: Fix signal Since annotations

(cherry picked from commit 20fd994c5c8bda4ea9f2b56cf3a83c15057a547f)
https://invent.kde.org/neon/backports-focal/flatpak/commit/ffff8129572b6e6aa97855238a125f717184f25c

Git commit b3dbfd99751115ec12de8268dfd705bcd7f335f0 by Simon McVittie (on behalf of JakobDev) on 04/01/2022 at 11:44..
Remove Souk from Readme

(cherry picked from commit d9b57b9c95381850310b4862c91260dd90434e4d)
https://invent.kde.org/neon/backports-focal/flatpak/commit/b3dbfd99751115ec12de8268dfd705bcd7f335f0

Git commit a0d8a1dcf30e37d0a22037883ea45d593bc8a58d by Simon McVittie (on behalf of Phaedrus Leeds) on 04/01/2022 at 11:45..
Update variant-schema-compiler to fix build

Fixes https://github.com/flatpak/flatpak/issues/4534

(cherry picked from commit 6cb4a2598eb5afe0b3471d8d5e0c9cda3efe84a0)
https://invent.kde.org/neon/backports-focal/flatpak/commit/a0d8a1dcf30e37d0a22037883ea45d593bc8a58d

Git commit 74f625a186f642629408d031322efedf1f4da1da by Phaedrus Leeds (on behalf of Jan Tojnar) on 04/01/2022 at 18:44..
tests: Allow FLATPAK_BINARY=flatpak for exports

https://github.com/flatpak/flatpak/commit/a99b748931e6444dadb0d0c8c1565da23f755800 introduced an environment variable for changing the flatpak path for exports.
On NixOS, we do not have a stable path we could use so we used to patch Flatpak to use `flatpak` program from `PATH`.
With the recent change, we drop our downstream patch in favour of setting the environment variable to `flatpak` but the tests do not expect that.

This is the test part of our former downstream patch so that tests can pass with exports using `flatpak` instead of an absolute path.
It still expects the binary path to end with `flatpak` so arbitrary `$FLATPAK_BINARY` will not work but we do not pass the environment variable to tests so we cannot do much better.

(cherry picked from commit 96dbe28cfa96e80b23fa1d8072eb36edad41279c)
https://invent.kde.org/neon/backports-focal/flatpak/commit/74f625a186f642629408d031322efedf1f4da1da

Git commit 00891111abce44aaa9abde08ed890dc56762b0b4 by Phaedrus Leeds (on behalf of Simon McVittie) on 04/01/2022 at 18:44..
tests: Generate Makefile-test-matrix.am.inc in $(srcdir)

Files that are generated manually by a maintainer and committed to git
should be in the srcdir, not the builddir.

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 647c51380c13b72adbd67e0aa83b3a2979f5c6a8)
https://invent.kde.org/neon/backports-focal/flatpak/commit/00891111abce44aaa9abde08ed890dc56762b0b4

Git commit ed6323f33c739c50d9e806af31300e7e48511f5c by Phaedrus Leeds on 04/01/2022 at 18:44..
testlibrary: Don't use g_assert()

Per the documentation, g_assert_null() is meant for unit tests.

(cherry picked from commit 0258fc82bb8eac176d45781b54920f0a27613890)
https://invent.kde.org/neon/backports-focal/flatpak/commit/ed6323f33c739c50d9e806af31300e7e48511f5c

Git commit 4fe531616337bcd2b72b22889e954d10d94fa2a3 by Phaedrus Leeds on 04/01/2022 at 18:44..
.gitignore: Update for recent changes

(cherry picked from commit 2181f4f171abf824d8e3c754e9e7415813460856)
https://invent.kde.org/neon/backports-focal/flatpak/commit/4fe531616337bcd2b72b22889e954d10d94fa2a3

Git commit f82e2a45777e6f370b9d3be787a84cddc3ed0575 by Phaedrus Leeds (on behalf of Simon McVittie) on 04/01/2022 at 18:44..
tests: Add try-syscall helper

This exercises various syscalls. It's heavily based on the one from
<https://github.com/containers/bubblewrap/pull/459>, but with the
addition of a mode to output the numeric values of various expected
errno codes, which are not otherwise available to shell scripts.

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 4ce251882c488953ca6e3734f00c5dbe2e1e3e7a)
https://invent.kde.org/neon/backports-focal/flatpak/commit/f82e2a45777e6f370b9d3be787a84cddc3ed0575

Git commit ff0f5a15b26dac28c8efd88c8d47e51751df8043 by Phaedrus Leeds (on behalf of Simon McVittie) on 04/01/2022 at 18:44..
tests: Add basic test coverage for our seccomp filters

In particular, this checks that CVE-2017-5226, CVE-2019-10063 and
CVE-2021-41133 are still prevented.

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 7c5aec474caef7aa004286cc9359611ad21d227b)
https://invent.kde.org/neon/backports-focal/flatpak/commit/ff0f5a15b26dac28c8efd88c8d47e51751df8043

Git commit 369d922d2c1546a2eb2525e40895d5f1f7f79e4b by Phaedrus Leeds (on behalf of Philip Withnall) on 04/01/2022 at 18:44..
flatpak-utils-http: Ensure to wake up the main context on error

All the other code paths which set `data->done` or `data->error` ensure
to wake up the main context so its loop exit conditions can be checked
again — this code path was missing a wakeup though.

Spotted by code inspection; I haven’t hit this in the wild.

Signed-off-by: Philip Withnall <pwithnall at endlessos.org>
(cherry picked from commit 8ff02c0e5b0c2105e1b26a1a00ec264f6482ce3e)
https://invent.kde.org/neon/backports-focal/flatpak/commit/369d922d2c1546a2eb2525e40895d5f1f7f79e4b

Git commit f95636cfe28314a1620e5365513fe56b77943cec by Phaedrus Leeds (on behalf of Will Thompson) on 04/01/2022 at 18:44..
run: Support PulseAudio socket path without unix: prefix

https://www.freedesktop.org/wiki/Software/PulseAudio/Documentation/User/ServerStrings/
says:

> If the string starts with / or unix: the remaining address string is taken as
> UNIX socket name.

but previously the string was only taken to be a UNIX socket name if it began
with "unix:".

This is an issue in practice with WSLg <https://github.com/microsoft/wslg>
which sets $PULSE_SERVER to "/mnt/wslg/PulseServer", without a "unix:" prefix.

(cherry picked from commit 7534a970a5535d57d5fa07bd5ed9eb3647cbb7dc)
https://invent.kde.org/neon/backports-focal/flatpak/commit/f95636cfe28314a1620e5365513fe56b77943cec

Git commit 456430a0540de5ea0838c495c99d8a01d21716a6 by Phaedrus Leeds (on behalf of Will Thompson) on 04/01/2022 at 18:44..
run: Add link to PulseAudio server string documentation

(cherry picked from commit bcc114383b744e3dc32c0b859fc900f9793ce6c7)
https://invent.kde.org/neon/backports-focal/flatpak/commit/456430a0540de5ea0838c495c99d8a01d21716a6

Git commit 919ada4856e3690fba52bf8f23f11b0f0e370fb1 by Phaedrus Leeds (on behalf of Will Thompson) on 04/01/2022 at 18:44..
run: Document shortcomings of PulseAudio server string parsing

These are just based on a cursory reading of the spec.

(cherry picked from commit eabbff6fefb879d6726a31afa8ae17ee144855a7)
https://invent.kde.org/neon/backports-focal/flatpak/commit/919ada4856e3690fba52bf8f23f11b0f0e370fb1

Git commit e916c8430e1588c391e9fa647fc9aa5411adf6ce by Phaedrus Leeds on 04/01/2022 at 18:44..
search: Don't strip .desktop suffix overzealously

This commit changes the search command to properly output the app ID for
IDs that end in .desktop, e.g. to print org.telegram.desktop rather than
org.telegram.

Fixes https://github.com/flatpak/flatpak/issues/4535

(cherry picked from commit 62e09b406b8a7fb517c294d2c0b149a83f2cc64b)
https://invent.kde.org/neon/backports-focal/flatpak/commit/e916c8430e1588c391e9fa647fc9aa5411adf6ce

Git commit 36b03000a8f4e466c39c16e7eb19a9b90bc03955 by Phaedrus Leeds on 04/01/2022 at 18:44..
search: Use <bundle> ID to determine flatpak app ID

The <bundle> element in the appstream data unambiguously provides the
full four-part flatpak ref, so use it to determine the app ID. But fall
back to using the <id> element, since that is required to be present.

(cherry picked from commit 39de0ef280a98f67d639444cc6ea3bcfa61c0eec)
https://invent.kde.org/neon/backports-focal/flatpak/commit/36b03000a8f4e466c39c16e7eb19a9b90bc03955

Git commit 62b414021261bc2b718d0f943e25d77fe340cef5 by Phaedrus Leeds on 04/01/2022 at 18:44..
app: Don't use carriage return for non-fancy output

flatpak_fancy_output() determines whether the output we write is
intended for e.g. a tty or e.g. a log file, the latter being "not
fancy". Currently we write carriage return characters in the not fancy
case, but change that to new lines, which are interpreted correctly by
editors such as vim (whereas a carriage return shows up as ^M since it
is not the correct newline character on Unixy operating systems).

(cherry picked from commit 86d6918a1186467fb4e26408ec1bb947dcf7ba28)
https://invent.kde.org/neon/backports-focal/flatpak/commit/62b414021261bc2b718d0f943e25d77fe340cef5

Git commit 7a72f2b78ad1ae0f2a5159e3dfb9bc7e7a0634c7 by Phaedrus Leeds on 04/01/2022 at 18:44..
build-update-repo: Don't try to generate deltas of unknown refs

Spotted this by code inspection. Ignoring such refs was clearly the
intended behavior based on the comment.

(cherry picked from commit 17fbe516c4251c08a648f5e938af3af78fbd4ab4)
https://invent.kde.org/neon/backports-focal/flatpak/commit/7a72f2b78ad1ae0f2a5159e3dfb9bc7e7a0634c7

Git commit 63606694186bd775499ec32efdcb703873d6cf87 by Phaedrus Leeds on 04/01/2022 at 18:44..
tests: Use ${FLATPAK} not flatpak

This way the flatpak command is more consistently run under valgrind
when that is enabled.

(cherry picked from commit d23793294d59125e645273d8b3518a9c19b597eb)
https://invent.kde.org/neon/backports-focal/flatpak/commit/63606694186bd775499ec32efdcb703873d6cf87

Git commit e5bec49b83964d73ce3d3ba9766f904413930ca9 by Phaedrus Leeds on 04/01/2022 at 18:44..
Make test suite logs prettier

This fixes a few issues with the unit test logs that make them ugly:
1. Currently some lines of output from a command will appear after the
   line from xtrace which has the next command, since the command was
   printing to stdout and xtrace uses stderr. E.g. "Installation complete."
   will appear after "+ flatpak --user install -y ..." but it is from the
   previous install command.
2. Lines of output have many spaces after them to pad them to the table
   width but this is not needed for non-fancy output.
3. Lines of output are mixed with output from httpd since they don't end
   with a newline character, e.g. "Installing… ▊
   4%127.0.0.1 - - [16/Nov/2021 00:18:24] "GET /..."

(cherry picked from commit 388c23cfc51b6b9f03dcdf87b11c0078f11227ea)
https://invent.kde.org/neon/backports-focal/flatpak/commit/e5bec49b83964d73ce3d3ba9766f904413930ca9

Git commit b076db2199b3a189f72213028641977526cb0f8f by Phaedrus Leeds on 04/01/2022 at 18:44..
tests: Fix a comment

(cherry picked from commit dfde010a49ed02c966ee9050e8ea4dc75033bdb6)
https://invent.kde.org/neon/backports-focal/flatpak/commit/b076db2199b3a189f72213028641977526cb0f8f

Git commit bb51ab27663350f47bb39c95166f6e905f48ce13 by Phaedrus Leeds on 04/01/2022 at 18:44..
app: Don't tab-complete on aliases

Fixes https://github.com/flatpak/flatpak/issues/4036

(cherry picked from commit 2c4c84ffee1a7b0c73f5af9dec02f63e6e1ef2ca)
https://invent.kde.org/neon/backports-focal/flatpak/commit/bb51ab27663350f47bb39c95166f6e905f48ce13

Git commit ad4401fc146e4693f7a6f5bb78823f053f440038 by Phaedrus Leeds on 04/01/2022 at 18:44..
dir: Verify subsummary checksum from disk cache

Currently we verify the checksum of indexed summary files (which have
.sub file names) before writing them to the on-disk cache, so in theory
as long as the disk I/O is successful the data integrity should be
intact when we use it via the flatpak-variant-impl-private.h helpers
generated by variant-schema-compiler. However in practice people
sometimes hit assertion failures which are what you would expect to see
if the data is corrupt, since GVariant stores some metadata such as the
"offset size" toward the end of the data, and if we read this from
serialized user data instead it will obviously be incorrect. In one case
I was able to acquire the flathub.idx, flathub.idx.sig, and
flathub-x86_64-fad08cfb10713e749f02a0e894b5d577b7e9c4931fdf9d2fdc50364c002bc925.sub
files which reproduce one of the assertion failures, and the sub file
appears to be incomplete, like the writing of it was interrupted.

We use g_file_replace_contents() when saving these to the disk, and when
not replacing an existing file that function writes directly to the
final filename, so if interrupted it would be expected to leave an
incomplete file.

This commit changes the summary file handling so that we verify the
checksum of any indexed subsummary again after reading it from disk. If
it doesn't match we delete the on-disk cache and try fetching from the
network.

Fixes #4127

(cherry picked from commit 6d74eec0a97171ef46fac7aa4017c235758a1f3d)
https://invent.kde.org/neon/backports-focal/flatpak/commit/ad4401fc146e4693f7a6f5bb78823f053f440038

Git commit 7187be0d997d2ab569a3d47c1dcdee55fc2d4f9a by Phaedrus Leeds (on behalf of Aleix Pol) on 04/01/2022 at 18:44..
en_GB l10n: Do not forget to pass the actual error message

Several of our users have been reporting this error to me, can never
tell what could be wrong.

(cherry picked from commit e28b1f31584a6fae71f51985187bc8f1755e9bd1)
https://invent.kde.org/neon/backports-focal/flatpak/commit/7187be0d997d2ab569a3d47c1dcdee55fc2d4f9a

Git commit 8e0454c98834102d4f5147a86c8a1520d887bf56 by Phaedrus Leeds on 04/01/2022 at 18:44..
testlibrary: Tweak some helper functions

This will make the next commit simpler, and in my opinion this makes the
code more readable.

(cherry picked from commit 8f85f77ff9c1b1dea02ab96771a764ff86e7c024)
https://invent.kde.org/neon/backports-focal/flatpak/commit/8e0454c98834102d4f5147a86c8a1520d887bf56

Git commit 7a0cd0ee85a8bef94d265acee07b11e5b55f39f4 by Phaedrus Leeds on 04/01/2022 at 18:44..
testlibrary: Add missing cleanup

It's easier to reason about the tests if they don't leave state behind.

(cherry picked from commit f753dd214c9a44f462ca013e7357ead8f35538aa)
https://invent.kde.org/neon/backports-focal/flatpak/commit/7a0cd0ee85a8bef94d265acee07b11e5b55f39f4

Git commit 9f2baafb44e236f51d53e4dc3a40ab69d72a9079 by Phaedrus Leeds on 04/01/2022 at 18:44..
testlibrary: Make remote existence assertions more friendly

Currently the output produced when assert_remote_in_installation() or
assert_remote_not_in_installation() fails is not helpful: it doesn't
mention the remote name or where the assertion was called from. Fix
those problems by rewriting it as a #define.

(cherry picked from commit dd48e78652079556bebfe930caad2efa09656584)
https://invent.kde.org/neon/backports-focal/flatpak/commit/9f2baafb44e236f51d53e4dc3a40ab69d72a9079

Git commit e6bd124b2cc9df48dd2a2c9df2a383fb6d95fede by Patrick Griffis on 04/01/2022 at 19:02..
run: Fix session-bus and a11y-bus args being incorrect

This would incorrectly overwrite the a11y-bus option and not set the default
session-bus options.
https://invent.kde.org/neon/backports-focal/flatpak/commit/e6bd124b2cc9df48dd2a2c9df2a383fb6d95fede

Git commit 0c89304c62e14dfb6847c2e5c73ec80a67b1bc32 by Alexander Larsson (on behalf of gasinvein) on 11/01/2022 at 10:51..
build-init: Use SDK arch for SDK extensions...

...instead of the app we're building arch.

(cherry picked from commit 30964d2baccc03873c2bdbd7b74db919d62d576f)
https://invent.kde.org/neon/backports-focal/flatpak/commit/0c89304c62e14dfb6847c2e5c73ec80a67b1bc32

Git commit e33e7283f081df810118eebe88baa8e918eb61e4 by Alexander Larsson (on behalf of Phaedrus Leeds) on 11/01/2022 at 10:51..
Fix implementation of xa.noenumerate remote option

Currently the xa.noenumerate option on a remote is documented as causing
the remote not to be used when presenting available apps/runtimes or
when searching for dependencies. The idea is that the remote is only
used for providing updates for things installed from it, and this
functionality is used when creating an origin remote for something
installed via a flatpakref file.

However, the implementation of this in flatpak_dir_list_remote_refs() is
buggy. It returns an empty set of refs even if something is both locally
installed and available from the remote. This is because it is using
hash table comparisons of FlatpkDecomposed objects (via
flatpak_decomposed_hash()) which take into account both the ref (or
refspec) and the collection ID, and the local refs' FlatpakDecomposed
objects are created from a refspec whereas the remote refs'
FlatpakDecomposed objects are created from a ref alone. We could fix
this by having them both use refspecs, but it is better to use a
collection-ref tuple for the following reasons:
(1) Changing flatpak_dir_list_all_remote_refs() to use a refspec to
create the FlatpakDecomposed objects would be a breaking change for the
other users of that function.
(2) Both the local and remote refs are from the same remote so we don't
need to use the remote name to disambiguate them, even if no collection
ID is configured.
(3) The whole point of collection IDs is to make refs uniquely
identifiable, so we're using them for the intended purpose.

In addition to fixing this bug, this commit adds a unit test in
testlibrary.c so it stays fixed.

(cherry picked from commit 7f3556d92ca7af1eaabeaf893eefa2d970433368)
https://invent.kde.org/neon/backports-focal/flatpak/commit/e33e7283f081df810118eebe88baa8e918eb61e4

Git commit 8ce5211201a4c18556c256af69796c27de48fd7f by Alexander Larsson (on behalf of Phaedrus Leeds) on 11/01/2022 at 10:51..
dir: Fix an issue with fetch_remote_ref_sync()

This commit is a follow-up to "Fix implementation of xa.noenumerate
remote option" since that turned out to break
flatpak_installation_fetch_remote_ref_sync() in some cases. I didn't see
it at the time, but flatpak_decomposed_get_collection_id() explains that
the collection ID shouldn't be set on FlatpakDecomposed objects, even
when the remote has a collection ID set, unless they are being used to
enumerate refs from a file:// URI rather than a configured remote. So
this commit changes list_remote_refs() and list_all_remote_refs() to
keep the xa.noenumerate implementation working and to get
fetch_remote_ref_sync() working again (since the latter uses
flatpak_decomposed_new_from_parts() and thus doesn't set a collection ID
on the FlatpakDecomposed object used for comparison).

(cherry picked from commit f3214c59d2f687e47ab5d9a74d8a3ef45f8e0105)
https://invent.kde.org/neon/backports-focal/flatpak/commit/8ce5211201a4c18556c256af69796c27de48fd7f

Git commit 5f8ce1d49124cd67caab5b6948ec00016ba97906 by Alexander Larsson (on behalf of Patrick Griffis) on 11/01/2022 at 10:51..
Re-enable HTTP compression

The original commit (9865ed8989befe9653fb3cd919fb5518b09274d2) disabling
it claimed it fixed OCI downloads. This no longer seems to be a problem.

This has also exposed new bugs as some servers will send
gzip compressed data when the client does not send Accept-Encoding.
If we leave this enabled that issue goes away.

(cherry picked from commit cda4967a9e2977caccafb6f72eceab1159db113f)
https://invent.kde.org/neon/backports-focal/flatpak/commit/5f8ce1d49124cd67caab5b6948ec00016ba97906

Git commit e4db35077c6d84c284774655dadec406e2ca6667 by Alexander Larsson (on behalf of Phaedrus Leeds) on 11/01/2022 at 10:51..
app: Fix behavior when installing end-of-life-rebased ref

Currently if the user specifies a ref to install that has been renamed
via the end-of-life-rebased mechanism, for example "flatpak install
com.visualstudio.code.oss", Flatpak erroneously tries to install both
the old and new versions of the app. This happens because the code
handling end-of-life-rebase conditions is written assuming the rebased
app is being updated rather than installed for the first time.

Specifically, in FlatpakCliTransaction and FlatpakQuietTransaction, in
end_of_lifed_with_rebase(), we treat a failure of
flatpak_transaction_add_uninstall() as fatal and return FALSE from the
signal handler, which means that the install operation that triggered
the signal will not be skipped (see the docs for
FlatpakTransaction::end-of-lifed-with-rebase).

So, instead check for the FLATPAK_ERROR_NOT_INSTALLED error code and
ignore it, so that the installation of the old version of the renamed
app will be properly cancelled.

Fixes https://github.com/flatpak/flatpak/issues/3754

(cherry picked from commit 3aa9a7f3a12e95e16051e43ba1a28ca837b4c3c5)
https://invent.kde.org/neon/backports-focal/flatpak/commit/e4db35077c6d84c284774655dadec406e2ca6667

Git commit 512b693dbf110fd6d22ee463137c9b9f0bcce91b by Alexander Larsson (on behalf of Phaedrus Leeds) on 11/01/2022 at 10:51..
Ensure refs are updated from their origin

It can happen that a related ref is installed from a different remote
than the thing it's related to. We always want to update things from
their origin remote. However as of now FlatpakTransaction resolves the
commit of a related ref to the one available from the main ref origin,
and later sets the remote for the operation to the installed origin (see
commit 6793d90b8). In case there is a newer commit in the main ref
origin than the installed origin, this leads to an update operation
being erroneously created, only to then error out with an HTTP 404
error, because the commit from the main ref origin is being pulled from
the installed ref origin. For specific steps to reproduce see
https://github.com/flatpak/flatpak/issues/3128#issuecomment-948948040

So, ensure that when a FLATPAK_TRANSACTION_OPERATION_INSTALL_OR_UPDATE
operation is created for something that's installed, whether it's a
related ref or something else, the remote used is always the origin. And
ensure that the remote is set correctly before the stage where the op is
resolved to a commit, to avoid the situation described above. This is
essentially a re-implementation of the fix in commit 6793d90b8.

Also, add a unit test for this behavior.

This commit also makes a few changes to documentation to make it clear
that this related-ref-different-origin situation is possible.

Fixes #3128

(cherry picked from commit 49d9052d2248de8b5f3c4c1c6ca7dfceefcbcd2f)
(only merge conflicts in tests/testlibrary.c)
https://invent.kde.org/neon/backports-focal/flatpak/commit/512b693dbf110fd6d22ee463137c9b9f0bcce91b

Git commit bd4fff12f64bc5f5461972fdf659fdb2b3422c16 by Alexander Larsson (on behalf of Phaedrus Leeds) on 11/01/2022 at 10:51..
Don't use app title from flatpakref as remote title

On two different code paths we were using the "Title" field in
flatpakref files as the title of a remote, which is incorrect. In most
cases, the remote added via the RuntimeRepo key will be the same as the
remote the app is from, so when the remote is added for the runtime, its
title will be correctly set using the Title value from the flatpakrepo
file and the app will therefore have an origin remote with a title set.
This is not currently true for flatpakref files that use
SuggestRemoteName=, see https://github.com/flatpak/flatpak/pull/4513

For flatpakref files that use a different remote than the RuntimeRepo,
we don't currently have a way for the title to be set automatically;
perhaps we should (https://github.com/flatpak/flatpak/issues/4512).

Fixes https://github.com/flatpak/flatpak/issues/4499

(cherry picked from commit 9dbd265cdd68099b62119e06f94bab43cf1f5ea9)
https://invent.kde.org/neon/backports-focal/flatpak/commit/bd4fff12f64bc5f5461972fdf659fdb2b3422c16

Git commit c7b8e3c54fb639bdd31a86b1972496fb2e0b1958 by Alexander Larsson (on behalf of Phaedrus Leeds) on 11/01/2022 at 10:51..
Change how automatic pinning is implemented

This commit re-works how we automatically "pin" runtimes that are
explicitly installed, to prevent them from being removed automatically.
In this implementation we do the update to the config as part of the
deploy, which has the following advantages:
(1) It ensures that there's never a confusing polkit prompt about
configuring the software installation when the user asked for a runtime
to be installed (https://github.com/flatpak/flatpak/issues/4200)
(2) It means we don't have to rely on the code on the error path of
flatpak_transaction_real_run() to un-pin the runtime in case something
went wrong with the installation, since we pin it almost atomically with
the deploy.

Fixes #4200

(cherry picked from commit 6f5bb3597e14a28be5953d5d773c225a86039254)
https://invent.kde.org/neon/backports-focal/flatpak/commit/c7b8e3c54fb639bdd31a86b1972496fb2e0b1958

Git commit 8db0af3e845f340bca3047297aa4bef7f979e140 by Alexander Larsson (on behalf of Phaedrus Leeds) on 11/01/2022 at 10:51..
list: Tweak logic for excluding Locale/Debug extensions

The man page states that the --all option for the list command includes
runtime extensions (e.g. that end in .Locale or .Debug) and this is the
case. When --all is omitted, we only show such extensions when the thing
they extend is not already in the list. However when you run a command
like "flatpak list --runtime --columns=application,branch", you get a
list that excludes runtime locale extensions but includes app locale
extensions, since the corresponding apps are not in the list despite
presumably being installed. This doesn't seem like the right behavior,
so tweak the logic so that app locale extensions are excluded when --all
is omitted and --runtime is used.

Strictly speaking the "extension-of" information is not guaranteed to be
present in the deploy data (which acquires it from the metadata), but in
practice it seems to be present for all but Sources extensions, and I
think it should be considered required since we are already using it to
implement functionality elsewhere in Flatpak:
https://github.com/flatpak/flatpak/issues/4585

(cherry picked from commit 470b321c63a3a20b43b7d4142ce3038edc87f808)
https://invent.kde.org/neon/backports-focal/flatpak/commit/8db0af3e845f340bca3047297aa4bef7f979e140

Git commit f809e9f9a4cbf9e0c5045ee6e5ea0d4c03f81783 by Alexander Larsson (on behalf of Phaedrus Leeds) on 11/01/2022 at 10:51..
repair: Properly mark invalid commits as partial

Commits that are found to have missing or invalid objects need to be
marked partial so that when the thing referencing them is reinstalled,
the missing objects will be pulled. libostree treats non-partial commits
as complete even if they're not, since verifying their completeness is
an expensive operation.

This exactly mirrors what the "ostree fsck" command does when it finds
corruption in a commit.

This fix is especially important because corrupt repos have been an
issue lately so we at least need repair to work properly.

Relatedly, delete invalid commit objects to ensure they are
re-downloaded, though it's not clear that code path is almost ever
reachable.

Fixes https://github.com/flatpak/flatpak/issues/4618

(cherry picked from commit 6fac58a9b90c128a28d028f8f60531513ad1498e)
https://invent.kde.org/neon/backports-focal/flatpak/commit/f809e9f9a4cbf9e0c5045ee6e5ea0d4c03f81783

Git commit 9fded3abe49e9b55067bbee32fc0ffcaa523075d by Simon McVittie (on behalf of Phaedrus Leeds) on 11/01/2022 at 23:47..
Add a test for the repair command

This should ensure that https://github.com/flatpak/flatpak/issues/4618
stays fixed.

(cherry picked from commit 45c7f5071c5341ce895c3b90268d97d08b032820)
https://invent.kde.org/neon/backports-focal/flatpak/commit/9fded3abe49e9b55067bbee32fc0ffcaa523075d

Git commit 5daba75daf666a31ea3609338177342b4f462ffa by Alexander Larsson (on behalf of Ryan Gonzalez) on 12/01/2022 at 10:52..
Fix metadata file contents after null terminators being ignored

In particular, if a null terminator is placed inside the metadata file,
Flatpak will only compare the text *before* it to the value of
xa.metadata, but the full file will be parsed when permissions are set
at runtime. This means that any app can include a null terminator in its
permissions metadata, and Flatpak will only show the user the
permissions *preceding* the terminator during install, but the
permissions *after* the terminator are applied at runtime.

Fixes GHSA-qpjc-vq3c-572j / CVE-2021-43860

Signed-off-by: Ryan Gonzalez <ryan.gonzalez at collabora.com>
(cherry picked from commit c9c3a667c09a846c0b230cf1cc8ed330028aa03c)
https://invent.kde.org/neon/backports-focal/flatpak/commit/5daba75daf666a31ea3609338177342b4f462ffa

Git commit 927c2b031821d263182a6b77ff9d713e9c64695c by Alexander Larsson on 12/01/2022 at 10:52..
Transaction: Fail the resolve if xa.metadata invalid or missing

If we fail to parse xa.metadata from the summary cache or the commit
xa.metadata we fail the resolve.

If xa.metadata is missing in the commit we fail the resolve (it is
always set in the summary cache, because summary update converts
missing xa.metadata to "", so we either get that, or cache miss which
leads to resolving from the commit.

This means that op->resolved_metadata is always set during install and
updates, which means we will show the app permissions. The transaction
will also always make sure that this data actually matches what gets
deployed.

Before this change an invalid metadata in the summary cache could lead
to a NULL resolved_metadata, which means we wouldn't print the app
permissions, yet we would still deploy some metadata file that could
have permissions. (NOTE: It would fail to deploy unless the
xa.metadata in the commit matched the metadata file, but in this
corner case we would't compare the summary and commit metadata, so
they may differ.)

(cherry picked from commit 5036bca4214d5b77e884dec42e36496a06e74081)
https://invent.kde.org/neon/backports-focal/flatpak/commit/927c2b031821d263182a6b77ff9d713e9c64695c

Git commit e9455b7a7fcfe9816eff1d0539c798f3ac864a10 by Alexander Larsson on 12/01/2022 at 10:52..
Require metadata in commit also for OCI remotes

This was disables a long time ago because the fedora remotes didn't
contain metadata, but that has been added since then. Requiring fixes
a security concern where an app claims to require no permissions (by
having no metadata in commit) but then actually requires permissions
in the installed app.

(cherry picked from commit f0f3a35f404b5bd533186095db055f8b3d135576)
https://invent.kde.org/neon/backports-focal/flatpak/commit/e9455b7a7fcfe9816eff1d0539c798f3ac864a10

Git commit 426aac432b26e527526796f9b380c47d6dc10cc8 by Alexander Larsson on 12/01/2022 at 10:52..
Ensure that bundles have metadata on install

If we have a bundle without metadata we wouldn't properly present
the permissions in the transaction.

(cherry picked from commit b250541302187ff2209b0bb1295e8223d0af860f)
https://invent.kde.org/neon/backports-focal/flatpak/commit/426aac432b26e527526796f9b380c47d6dc10cc8

Git commit b0e0bba79a08b19eb50b0c5a8dc053f23be1405d by Alexander Larsson (on behalf of Phaedrus Leeds) on 12/01/2022 at 10:52..
Add test for metadata validation

This tests for invalid metadata, missing xa.metadata and mismatched
values in xa.metadata and the real metadata, including the embedded
null leading to the hidden permissions of CVE-2021-43860.

(cherry picked from commit 2c2ce58c54b3e6c62f9c21c15efa0ba22f4bc09b)
https://invent.kde.org/neon/backports-focal/flatpak/commit/b0e0bba79a08b19eb50b0c5a8dc053f23be1405d

Git commit d36382dd4d109629aee4402463393c288ce4f846 by Alexander Larsson on 12/01/2022 at 10:53..
Make --nofilesystem=host/home remove access to subdirs of those

Previously --nofilesystem=host only removed specifically access to the
`host` permissions, and not necessarily other filesystems (like `home`
or `/some/path`). This isn't very useful to limit access because you
don't know what other filesystems the app may have access too.

We change this to mean that `--nofilesystem=host` removes *all* filesystem
access from the parent layer, and `--nofilesystem=home` removes all
file access to the homedir and paths inside it.

The available layers are, in order:

 * app permissions
 * overrides
 * commandline args

This allows you to start from scratch with the filesystem permissions
in the overrides or the commandline. This is a small change in
behaviour, but not a lot of things use --nofilesystem, and the ones
that do probably expects this behaviour.

(cherry picked from commit e2c8863fb62301cb05c64bbb32b04446e88ce11a)
https://invent.kde.org/neon/backports-focal/flatpak/commit/d36382dd4d109629aee4402463393c288ce4f846

Git commit dfa079604c7a404f2f580885e2b993cc8eee9c03 by Alexander Larsson on 12/01/2022 at 10:53..
manpages: Document the new details of --nofilesystem behaviour.

(cherry picked from commit da3e12b319094158c2afa3df380bc45a7626928c)
https://invent.kde.org/neon/backports-focal/flatpak/commit/dfa079604c7a404f2f580885e2b993cc8eee9c03

Git commit 8573fdc54fcf26921ea3e34c9dad6ef22c8ff795 by Alexander Larsson on 12/01/2022 at 10:53..
Bump version to 1.12.3
https://invent.kde.org/neon/backports-focal/flatpak/commit/8573fdc54fcf26921ea3e34c9dad6ef22c8ff795

Git commit 08cf0802875ad799c4aa96397a463586d9c337ea by Alexander Larsson on 12/01/2022 at 11:42..
Update NEWS for 1.12.3
https://invent.kde.org/neon/backports-focal/flatpak/commit/08cf0802875ad799c4aa96397a463586d9c337ea

Git commit e528dcf196816de5e267d08456d1edd6877f8f73 by Alexander Larsson on 12/01/2022 at 12:13..
Update pofiles for release
https://invent.kde.org/neon/backports-focal/flatpak/commit/e528dcf196816de5e267d08456d1edd6877f8f73

Git commit 40753028f492da115bae262fcf9a421de7dbc6d9 by Simon McVittie on 12/01/2022 at 13:13..
New upstream version 1.12.3
https://invent.kde.org/neon/backports-focal/flatpak/commit/40753028f492da115bae262fcf9a421de7dbc6d9

Git commit 7ba8e2c63c32da2e3ea2b36dbce44ebe5113a5d0 by Simon McVittie on 12/01/2022 at 13:13..
Update upstream source from tag 'upstream/1.12.3'

Update to upstream version '1.12.3'
with Debian dir 98fa3ab6b439bdc6b48e0400ff70593195771546
https://invent.kde.org/neon/backports-focal/flatpak/commit/7ba8e2c63c32da2e3ea2b36dbce44ebe5113a5d0

Git commit cadd9175ea24d6b26e6aab2130d92e7faaafb870 by Simon McVittie on 12/01/2022 at 13:26..
New upstream release
https://invent.kde.org/neon/backports-focal/flatpak/commit/cadd9175ea24d6b26e6aab2130d92e7faaafb870

Git commit 11139a125931921dd97e22354379c5c96952b6b1 by Simon McVittie on 12/01/2022 at 13:31..
d/copyright: Update
https://invent.kde.org/neon/backports-focal/flatpak/commit/11139a125931921dd97e22354379c5c96952b6b1

Git commit 0173835becd7a76208dfbfdddd9436a2dac4844c by Simon McVittie on 12/01/2022 at 13:33..
Prepare upload for unstable
https://invent.kde.org/neon/backports-focal/flatpak/commit/0173835becd7a76208dfbfdddd9436a2dac4844c

Git commit 38621b439e0763897532881a2b9d8ae9d455a2d8 by Alexander Larsson on 12/01/2022 at 18:59..
Fix 1.12.3 version reference in NEWS
https://invent.kde.org/neon/backports-focal/flatpak/commit/38621b439e0763897532881a2b9d8ae9d455a2d8

Git commit 6780cbdcb7a7cf112061ffa3c77612ec1a269960 by Simon McVittie on 13/01/2022 at 09:35..
Don't rely on AS_BUNDLE_KIND_FLATPAK existing

The appstream-glib in Ubuntu 16.04 didn't have this.

Signed-off-by: Simon McVittie <smcv at debian.org>
(cherry picked from commit 97db30f38d87a05ed1b8abf30d18a24e171c6d52)
https://invent.kde.org/neon/backports-focal/flatpak/commit/6780cbdcb7a7cf112061ffa3c77612ec1a269960

Git commit 9bb041f4576abd1e30f31869856052f1dce64cca by Simon McVittie on 17/01/2022 at 16:03..
test-override: Assert that only the expected term is negated

We weren't distinguishing here between overrides that should have been
negated (xdg-documents) and overrides that should not have been negated
(everything else).

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 4e3d1d8b7bbd4c0611b6bb44f67c6ad1734d6b7d)
https://invent.kde.org/neon/backports-focal/flatpak/commit/9bb041f4576abd1e30f31869856052f1dce64cca

Git commit 5dc5b1bb0798c8dbc7320e742f66a2770e0f9298 by Simon McVittie on 17/01/2022 at 16:03..
test-override: Assert that unimplemented suffix is ignored with a warning

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 8a44df04c88491c9e694d4a31f968b81805c2c44)
https://invent.kde.org/neon/backports-focal/flatpak/commit/5dc5b1bb0798c8dbc7320e742f66a2770e0f9298

Git commit 59dc5f783e6c40931af45267d72ec52f8bfe494b by Simon McVittie on 18/01/2022 at 16:35..
Revert "manpages: Document the new details of --nofilesystem behaviour."

The new behaviour caused regressions in some situations that previously
worked, and will be reverted.

This reverts commit 4d11f77aa7fd3e64cfa80af89d92567ab9e8e6fa.

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit dfe868d628d8bcc09e98e64b1f790a525dff9205)
https://invent.kde.org/neon/backports-focal/flatpak/commit/59dc5f783e6c40931af45267d72ec52f8bfe494b

Git commit a4291cd8e0acd43753b7abf83a52cfe3f5349d98 by Simon McVittie on 18/01/2022 at 16:35..
Revert "Make --nofilesystem=host/home remove access to subdirs of those"

This caused regressions for some previously-working use cases. For
example, some Flatpak users previously used a global
`flatpak override --nofilesystem=home` or
`flatpak override --nofilesystem=host`, but expected that individual apps
would still be able to have finer-grained filesystem access granted by the
app manifest, such as Zoom's `--filesystem=~/Documents/Zoom:create`. With
the changes in 1.12.3, this no longer has the desired result, because
`--nofilesystem=home` was special-cased to disallow inheriting the
finer-grained `--filesystem`.

This reverts commit 445bddeee657fdc8d2a0a1f0de12975400d4fc1a.

This reverts the initial solution to CVE-2022-21682, which we intend to
resolve differently, by introducing a new feature in Flatpak and making
use of it in a new flatpak-builder version.

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 917a7f5870bad7b58a964e14a133425315454a6f)
https://invent.kde.org/neon/backports-focal/flatpak/commit/a4291cd8e0acd43753b7abf83a52cfe3f5349d98

Git commit 4a93202fc8cfe42b83e7ff21a67ecdbcbd15cb48 by Simon McVittie on 18/01/2022 at 16:35..
run, override: Clarify the effect of --nofilesystem

There are two reasonable interpretations for --nofilesystem=home:
either it revokes a previous --filesystem=home (as in Flatpak 1.12.2 and
older versions), or it completely forbids access to the home directory
(as in Flatpak 1.12.3). Clarify the man pages to indicate that it only
revokes a previous --filesystem=home. This will hopefully reduce
mismatches between the design and what users expect to happen, as
in flatpak#4654.

A subsequent commit will introduce a way to get the Flatpak 1.12.3
behaviour in a way that is more backwards-compatible with Flatpak 1.12.2
and older versions.

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 7bbeed2b87b84d6d94006e25418b7f89a7784fdb)
https://invent.kde.org/neon/backports-focal/flatpak/commit/4a93202fc8cfe42b83e7ff21a67ecdbcbd15cb48

Git commit ecaabf5e9dbf85f730d78bc9b318b89f03bdc2dc by Simon McVittie on 18/01/2022 at 16:35..
test-override: Assert pre-1.12.3 behaviour of --nofilesystem=home, host

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit 813e1f0b3bef788553b9d37d1ec89c1124491a65)
https://invent.kde.org/neon/backports-focal/flatpak/commit/ecaabf5e9dbf85f730d78bc9b318b89f03bdc2dc

Git commit 47247b0987a112d462d8e38320c1a4789a2c683e by Simon McVittie on 18/01/2022 at 16:35..
test-override: Assert that --nofilesystem with suffix yields a warning

This was added as part of implementing the :reset suffix.

Signed-off-by: Simon McVittie <smcv at collabora.com>
(cherry picked from commit ab0169ee39fe72eb0cd6544e10e094cfe8cd0466)
https://invent.kde.org/neon/backports-focal/flatpak/commit/47247b0987a112d462d8e38320c1a4789a2c683e

Git commit 4eb3c2adddd7ac6be89a5ddd7ec125307bc5c6b3 by Simon McVittie on 18/01/2022 at 16:35..
context: Introduce new --nofilesystem=host:reset

This reintroduces the special case that existed in Flatpak 1.12.3, but
under a different name, so that it will be backwards-compatible. With
this change, flatpak-builder will be able to resolve CVE-2022-21682 by
using --filesystem=host:reset.

We want to implement this as a suffix rather than as a new keyword,
because unknown suffixes are ignored with a warning, rather than causing
a fatal error. This means that the new version of flatpak-builder will
be able to run against older versions of flatpak: it will still be
vulnerable to CVE-2022-21682 in that situation, but at least it will run.

Co-authored-by: Alexander Larsson <alexl at redhat.com>
(cherry picked from commit 5709f1aaed6579f0136976e14e7f3cae399134ca)
https://invent.kde.org/neon/backports-focal/flatpak/commit/4eb3c2adddd7ac6be89a5ddd7ec125307bc5c6b3

Git commit 0e2e9a55832082354d707468a03f95243b3db1fc by Simon McVittie on 18/01/2022 at 16:35..
test-exports: Exercise host:reset and related filesystem tokens

Signed-off-by: Simon McVittie <smcv at collabora.com>
Co-authored-by: Alexander Larsson <alexl at redhat.com>
(cherry picked from commit f3d12dc7930334d42cfa96a57fd68de9919f1537)
https://invent.kde.org/neon/backports-focal/flatpak/commit/0e2e9a55832082354d707468a03f95243b3db1fc

Git commit a16efca8ec2ee3b1d4f66254356c6dfd1e5351cf by Simon McVittie on 18/01/2022 at 16:35..
test-context: Exercise some corner cases for merging filesystems

Signed-off-by: Simon McVittie <smcv at collabora.com>
Co-authored-by: Alexander Larsson <alexl at redhat.com>
(cherry picked from commit fab0f8ed7c52fc58e6c550d123ede9621c760ca7)
https://invent.kde.org/neon/backports-focal/flatpak/commit/a16efca8ec2ee3b1d4f66254356c6dfd1e5351cf

Git commit f9ce3433e08e679b4b923c706e04d8dd7539a36b by Simon McVittie on 18/01/2022 at 16:35..
test-override: Exercise --nofilesystem=host:reset

Signed-off-by: Simon McVittie <smcv at collabora.com>
Co-authored-by: Alexander Larsson <alexl at redhat.com>
(cherry picked from commit 4aa70d2d7201e44c7259bf5aeae90beb733e331f)
https://invent.kde.org/neon/backports-focal/flatpak/commit/f9ce3433e08e679b4b923c706e04d8dd7539a36b

Git commit 61927c7af7a7c280a715ea332643ceff35429077 by Simon McVittie on 18/01/2022 at 16:35..
NEWS: Mention CVE-2022-21682

At the time we wrote the NEWS for 1.12.3, this CVE ID had not yet been
issued.

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/61927c7af7a7c280a715ea332643ceff35429077

Git commit 617494c63fc6f7a2ef9cd33cffe1c9c16ce6b014 by Simon McVittie on 18/01/2022 at 16:35..
NEWS: Describe what is intended to appear in 1.12.4

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/617494c63fc6f7a2ef9cd33cffe1c9c16ce6b014

Git commit d19ed758f95cd1c285d7e63acac749f68aecbe6b by Simon McVittie on 18/01/2022 at 17:34..
Release v1.12.4

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/d19ed758f95cd1c285d7e63acac749f68aecbe6b

Git commit 103ed5c02c8453580fac19e5122d150f44f6774f by Simon McVittie on 18/01/2022 at 17:38..
Regenerate translation files for release

Signed-off-by: Simon McVittie <smcv at collabora.com>
https://invent.kde.org/neon/backports-focal/flatpak/commit/103ed5c02c8453580fac19e5122d150f44f6774f

Git commit 311a69f0aeb35dc07c9cb63af701dd8fe5c06fb4 by Simon McVittie on 18/01/2022 at 17:39..
New upstream version 1.12.4
https://invent.kde.org/neon/backports-focal/flatpak/commit/311a69f0aeb35dc07c9cb63af701dd8fe5c06fb4

Git commit 7f8cb4e3014c45fab84d7a50fcbbde3a19d18092 by Simon McVittie on 18/01/2022 at 17:39..
Update upstream source from tag 'upstream/1.12.4'

Update to upstream version '1.12.4'
with Debian dir 44e61251779e40f9743aae471159ff678b79a4f7
https://invent.kde.org/neon/backports-focal/flatpak/commit/7f8cb4e3014c45fab84d7a50fcbbde3a19d18092

Git commit 090e2785cc24603b28e44c1c46ad22bb3740f6cd by Simon McVittie on 18/01/2022 at 17:58..
Reference CVE-2022-21682 in previous changelog entry

Signed-off-by: Simon McVittie <smcv at debian.org>
https://invent.kde.org/neon/backports-focal/flatpak/commit/090e2785cc24603b28e44c1c46ad22bb3740f6cd

Git commit b8aafdb5385270a853b665a3881aa91a797ca8a3 by Simon McVittie on 18/01/2022 at 18:01..
New upstream stable release
https://invent.kde.org/neon/backports-focal/flatpak/commit/b8aafdb5385270a853b665a3881aa91a797ca8a3

Git commit a23c18c98d92a445ca59c14f9bed8c77374062b7 by Simon McVittie on 18/01/2022 at 18:01..
Release to unstable
https://invent.kde.org/neon/backports-focal/flatpak/commit/a23c18c98d92a445ca59c14f9bed8c77374062b7

Git commit ecfa3c7feb4a8ec40f626d246825685f190f9a04 by Simon McVittie on 20/01/2022 at 00:20..
Stop installing flatpak-bisect and flatpak-coredumpctl as examples

They're now installed into PATH, in libflatpak-dev.
https://invent.kde.org/neon/backports-focal/flatpak/commit/ecfa3c7feb4a8ec40f626d246825685f190f9a04

Git commit 9dc81ee1acf6de2367499718d3134657f683b0e6 by Simon McVittie on 24/01/2022 at 10:24..
d/flatpak.docs: Use debhelper 11 dh_installdoc instead of dh-exec

Since debhelper compat level 11, dh_installdoc and dh_installman can look
for installed documentation in debian/tmp, making it unnecessary to
decorate d/*.install entries with <!nodoc> and use dh-exec.
https://invent.kde.org/neon/backports-focal/flatpak/commit/9dc81ee1acf6de2367499718d3134657f683b0e6

Git commit 2382290c18b6c8e903569be9263b797d17895159 by Simon McVittie on 24/01/2022 at 10:42..
Update changelog
https://invent.kde.org/neon/backports-focal/flatpak/commit/2382290c18b6c8e903569be9263b797d17895159

Git commit d9d7ea536a7f35db0e9f740b1cbb60011ad0ca0b by Jonathan Riddell on 25/01/2022 at 15:31..
package is called dbus in focal version
https://invent.kde.org/neon/backports-focal/flatpak/commit/d9d7ea536a7f35db0e9f740b1cbb60011ad0ca0b


More information about the Neon-commits mailing list