| Commit message (Collapse) | Author | Age |
| |
|
|\
| |
| | |
disable-common.inc: add more suid programs
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Programs:
$ pacman -Qo fusermount3 groupmems mount.cifs wall write
/usr/bin/fusermount3 is owned by fuse3 3.16.1-1
/usr/bin/groupmems is owned by shadow 4.14.0-4
/usr/bin/mount.cifs is owned by cifs-utils 7.0-3
/usr/bin/wall is owned by util-linux 2.39.2-1
/usr/bin/write is owned by util-linux 2.39.2-1
|
|/ |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/8ca2b8b2ece13480cda6dacd3511b49857a23c09...1b05615854632b887b69ae1be8cbefe72d3ae423)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |
|
|
|
|
|
|
|
| |
* Create termshark.profile
* firecfg.config: add termshark support
* termshark: CLI hardening
|
| |
|
| |
|
|
|
|
|
| |
* Update nicotine.profile
* dbus.user set to filter
|
|\
| |
| | |
New profile: tidal-hifi
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
modified src/firecfg/firecfg.config to add tidal-hifi
created etc/profile-m-z/tidal-hifi.profile
closes: #6008
Apply suggestions from code review
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|
|\ \
| | |
| | | |
ci: allow running workflows manually
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add `on.workflow_dispatch`.
See:
* https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatch
* https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch
|
|\ \ \
| | | |
| | | | |
New profile: floorp
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
From Breezy's documentation[1] [2]:
> Breezy is a friendly fork of the Bazaar (bzr) project, hosted on
> http://bazaar.canonical.com/. It is backwards compatibility with
> Bazaar's disk format and protocols. One of the key differences with
> Bazaar is that Breezy runs on Python 3, rather than on Python 2.
breezy is also the drop-in replacement for bazaar on Arch Linux since
pacman 6.0.2-8[3].
> By default, Breezy provides support for both the Bazaar and Git file
> formats.
Note: The profile is implemented as a git redirect.
[1] https://github.com/breezy-team/breezy
[2] https://www.breezy-vcs.org/
[3] https://gitlab.archlinux.org/archlinux/packaging/packages/pacman/-/commit/c68a4e6602e3488fa093a18d35202c76a730faf6
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* disable-programs.inc: add lettura support
* Create lettura.profile
* firecfg.config: add lettura
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.8 to 2.21.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/6a28655e3dcb49cb0840ea372fd6d17733edd8a4...ddccb873888234080b77e9bc2d4764d5ccaaccf9)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|/ / |
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.7 to 2.21.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/04daf014b50eaf774287bf3f0f1869d4b4c4b913...6a28655e3dcb49cb0840ea372fd6d17733edd8a4)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/3df4ab11eba7bda6032a0b82a6bb43b11571feac...8ade135a41bc03ea155e62e844d188df1ea18608)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This amends commit dd5539012 ("profiles: refactor log viewers (#5996)",
2023-09-23).
Commands used:
git mv \
etc/profile-m-z/profile-m-z/profile-m-z/system-log-common.profile \
etc/profile-m-z/system-log-common.profile
rmdir etc/profile-m-z/profile-m-z/profile-m-z/
rmdir etc/profile-m-z/profile-m-z/
|
|
|
| |
Co-authored-by: pirate486743186 <>
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
* profiles: refactor log viewers
Introduces system-log-common.profile as a common profile for existing
GUI log viewer applications.
* system-log-common: enable no3d
|
|\
| |
| | |
modif: keep pipewire group unless nosound is used
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This group is apparently used on Gentoo[1].
Currently only the "audio" supplementary group is kept.
Fixes #5992.
See also commit f32938669 ("Keep vglusers group unless no3d is used
(virtualgl)", 2022-01-07) / PR #4851.
[1] https://wiki.gentoo.org/wiki/PipeWire
Reported-by: @amano-kenji
|
| |
| |
| |
| | |
Add directories to config so Factorio runs correctly.
|
| | |
|
| | |
|
| |
| |
| | |
New TelegramWebApps uses another directory for saving local storage.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.5 to 2.21.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/00e563ead9f72a8461b24876bee2d0c2e8bd2ee8...04daf014b50eaf774287bf3f0f1869d4b4c4b913)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \
| | |
| | | |
profiles: fix commented code and eol comments
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Main changes:
* Remove the space after `#` for commented code lines to distinguish
them from normal comments
* Use `#` instead of `-` for comments at the end of the line so that
commented code lines work after being uncommented
Commands used to search and replace:
arg0="$(cat contrib/syntax/lists/profile_commands_arg0.list |
LC_ALL=C sort -u | tr '\n' '|' | sed -e 's/|$//' -e 's/\./\\./g')"
arg1="$(cat contrib/syntax/lists/profile_commands_arg1.list |
LC_ALL=C sort -u | tr '\n' '|' | sed -e 's/|$//' -e 's/\./\\./g')"
git ls-files -z -- etc/inc etc/profile* | xargs -0 -I '{}' \
sh -c "printf '%s\n' \"\$(sed -E \
-e 's/^# ($arg0)( [#-]-? .*)?\$/#\\1\\2/' \
-e 's/^# ($arg1)( [^ ]*)?( [#-]-? .*)?\$/#\\1\\2\\3/' \
-e 's/^# (whitelist \\$)/#\\1/' \
-e 's/^(#[^ ].+) --? /\\1 # /' \
'{}')\" >'{}'"
Commands used to check for leftover entries:
arg0="$(cat contrib/syntax/lists/profile_commands_arg0.list |
LC_ALL=C sort -u | tr '\n' '|' | sed -e 's/|$//' -e 's/\./\\./g')"
arg1="$(cat contrib/syntax/lists/profile_commands_arg1.list |
LC_ALL=C sort -u | tr '\n' '|' | sed -e 's/|$//' -e 's/\./\\./g')"
git grep -E "^# ($arg0|$arg1)( +|$)" -- etc/inc etc/profile*
See also commit 30f9ad908 ("build: improve comments in firecfg.config",
2023-08-05) / PR #5942.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changes:
* Turn very long end-of-line comments into normal comments
* Turn multi-line end-of-line comments into normal comments
* Fix a comment being below instead of above the relevant entry
* Turn some comments that look like code into end-of-line comments
|
| |/
|/| |
|
|/
|
|
|
|
|
|
| |
Closes https://github.com/netblue30/firejail/issues/5990
Arduino IDE: https://github.com/arduino/arduino-ide
PlatformIO: https://github.com/platformio
Signed-off-by: Marek Küthe <m.k@mk16.de>
|
|
|
|
|
|
| |
Fix the list generation and run `make syntax`.
Relates to #5627.
|
|
|
|
| |
The latest Neochat package on Arch (23.08.0-2, with libquotient
0.8.1.1-1) crashes otherwise.
|
|
|
| |
Fixes #5974.
|