| Commit message (Collapse) | Author | Age |
... | |
| | |
| | |
| | |
| | |
| | | |
* Create url-eater.profile
* RELNOTES: add url-eater to 'new profiles'
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/8f4b7f84864484a7bf31766abe9204da3cbe65b3...8e5e7e5ab8b370d6c329ec480221332ada57f0ab)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/d186a2a36cc67bfa1b860e6170d37fb9634742c7...7df0ce34898d659f95c0c4a09eaa8d4e32ee64db)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
| | |
| | |
| | | |
Relates to #5784.
|
| |\ \
| | |/
| |/| |
ci: split configure/build/install commands on gitlab
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Split them into separate steps to make it clearer in the logs which
command causes a job to fail when it does.
Note that they are already spli in the GitHub workflows:
* .github/workflows/build.yml
* .github/workflows/build-extra.yml
|
| |\ \
| | |/
| |/| |
softmaker-common.profile: add fstab to private-etc
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When using `private-etc`, the app "forgets" its product key and
asks for license activation, even though it had already been done.
Allow access to "/etc/fstab" to avoid it & the related GUI error:
The application cannot create a unique identifier.
Please make sure the application has sufficient permissions.
Fixes #5773.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Log from a recent run of build_ubuntu_package[1]:
$ ./configure && make deb && dpkg -i firejail*.deb
[...]
dpkg-deb: building package 'firejail' in 'debian.deb'.
A future release will drop --no-tag-display-limit; please use '--tag-display-limit 0' instead.
running with root privileges is not recommended!
E: firejail: latest-changelog-entry-without-new-date [usr/share/doc/firejail/changelog.Debian.gz:1]
[...]
make: *** [Makefile:341: deb] Error 2
$ command -V firejail && firejail --version
/usr/bin/bash: line 139: command: firejail: not found
[1] https://gitlab.com/Firejail/firejail_ci/-/pipelines/832916003
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is currently causing the following jobs to fail on GitLab[1]:
* build_ubuntu_package
* build_fedora_package
See commit df6ea884f ("merges, disable sort.py in profile checks
temporarely, two more private-etc profiles", 2023-02-14).
[1] https://gitlab.com/Firejail/firejail_ci/-/pipelines/832588068
|
| | |
| | |
| | |
| | | |
Relates to #5757.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Licensing-related changes are not quite the same as documentation
changes.
Relates to #5667.
|
| | |
| | |
| | |
| | | |
Relates to #5783.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.9 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/04df1262e6247151b5ac09cd2c303ac36ad3f62b...d186a2a36cc67bfa1b860e6170d37fb9634742c7)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Due to step-security/harden-runner blocking access to
objects.githubusercontent.com.
Log from a recent run of CodeQL[1] [2]:
##[group]Setup CodeQL tools
Did not find CodeQL tools version 2.12.6 in the toolcache.
Downloading CodeQL tools from https://github.com/github/codeql-action/releases/download/codeql-bundle-20230403/codeql-bundle-linux64.tar.gz. This may take a while.
connect ECONNREFUSED 54.185.253.63:443
Waiting 13 seconds before trying again
connect ECONNREFUSED 54.185.253.63:443
Waiting 12 seconds before trying again
##[error]connect ECONNREFUSED 54.185.253.63:443
##[error]Unable to download and extract CodeQL CLI
Post job cleanup.
[...]
Mon, 10 Apr 2023 07:20:18 GMT:endpoint called ip address:port 140.82.112.4:443, domain: github.com.
Mon, 10 Apr 2023 07:20:20 GMT:endpoint called ip address:port 140.82.112.6:443, domain: api.github.com.
Mon, 10 Apr 2023 07:20:23 GMT:domain not allowed: objects.githubusercontent.com.
Mon, 10 Apr 2023 07:20:23 GMT:ip address dropped: 54.185.253.63
Mon, 10 Apr 2023 07:20:23 GMT:endpoint called ip address:port 140.82.112.4:443, domain: github.com.
Mon, 10 Apr 2023 07:20:23 GMT:endpoint called ip address:port 54.185.253.63:443, domain: objects.githubusercontent.com.
Mon, 10 Apr 2023 07:20:35 GMT:domain not allowed: api.snapcraft.io.
[1] https://github.com/netblue30/firejail/pull/5781
[2] https://github.com/netblue30/firejail/actions/runs/4655304231/jobs/8238131624
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/1f99358870fe1c846a3ccba386cc2b2246836776...03bee3930647ebbf994244c21ddbc0d4933aab4f)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | | |
|
| |\ \
| | | |
| | | | |
profiles: allow lxqt config dir
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
As suggested by @glitsj16:
https://github.com/netblue30/firejail/discussions/5754#discussioncomment-5428651
Fixes #5754 (font size/dpi issues).
Reported-by: @hotcapy
|
| |\ \ \
| | | | |
| | | | | |
docs: markdown formatting and misc improvements
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Use two spaces to separate sentences to make the source easier to read
in monospace fonts (such as when editing or reviewing it), especially
for longer paragraphs. The HTML output should still look the same.
Misc: This also removes source-level ambiguity regarding abbreviations
(such as "Mr.") vs the end of sentences and enables moving between
sentences in vi with `(` and `)`, for example.
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Changes:
* Add titles to referenced issues/discussions
* Use relative links for paths
* Separate repo paths from installed paths
* Turn some links and items into lists to make them stand out
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
Put lint after builds.
|
| | | | |
| | | | |
| | | | |
| | | | | |
And clarify the distribution installation steps.
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
See https://github.com/advisories/GHSA-2q4h-h5jp-942w
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
For increased portability.
Fixes[1]:
* MD034 Bare URL used
[1] https://github.com/markdownlint/markdownlint/blob/main/docs/RULES.md
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Changes:
* Use the usual 3 instead of 5 backticks for code fences
* To improve syntax highlighting, remove the leading dollar signs for
command lines without output and set the language used
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
profile.template and sort.py have been released for a while now.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
And the surrounding paragraphs.
Attempt 2; see commit be5e5f5cd ("pull_request_template.md: restore
indentation", 2023-02-25).
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This amends commit 375468008 ("docs: remove indents on top-level lists
and tables", 2023-02-01) / PR #5674.
Relates to #2784.
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Ensure consistent line breaks around headings, lists and code blocks.
To make them more readable and also more portable (which could help when
previewing/converting files locally).
From the CommonMark Spec (version 0.30, published on 2021-06-19)[1]:
> 1.2 Why is a spec needed?
[...]
> 2. Is a blank line needed before a block quote or heading? Most
> implementations do not require the blank line. However, this can
> lead to unexpected results in hard-wrapped text, and also to
> ambiguities in parsing (note that some implementations put the
> heading inside the blockquote, while others do not). (John Gruber
> has also spoken in favor of requiring the blank lines.)[2]
>
> 3. Is a blank line needed before an indented code block?
> (`Markdown.pl` requires it, but this is not mentioned in the
> documentation, and some implementations do not require it.)
Fixes[3]:
* MD022 Headers should be surrounded by blank lines
* MD031 Fenced code blocks should be surrounded by blank lines
* MD032 Lists should be surrounded by blank lines
Environment: ruby-mdl 0.12.0-1 on Artix Linux.
[1] https://spec.commonmark.org/0.30/#why-is-a-spec-needed-
[2] http://article.gmane.org/gmane.text.markdown.general/2146
[3] https://github.com/markdownlint/markdownlint/blob/main/docs/RULES.md
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Changes:
* Replace Unicode apostrophe with an ASCII one
* Strip non-printing characters from the output of --private-etc
Commands used to get a clean manpage output:
man firejail | less
Environment: mandoc 1.14.6-1 on Artix Linux
|
| | |/ / |
|
| |\ \ \
| | | | |
| | | | | |
profiles: move read-only config entries to disable-common.inc
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Command used to search for entries:
$ git grep '^read-only ${HOME}/' -- 'etc/profile*'
Note for gpg: ~/.gnupg/gpg.conf is apparently only managed by gpgconf(1)
rather than through gpg(1) itself, in which case it does not need to be
made read-write in gpg.profile.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is an AUR helper and disable-common.inc has entries for pacman and
other system package managers.
Added on commit 6c10737f0 ("archaudit-report and cower for Arch
platforms, #1642", 2017-11-15).
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Instead of duplicating them on every profile that tries to allow opening
links in Firefox.
And make that path read-write on firefox.profile.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Note: mpv itself does not modify anything in ~/.config/mpv as far as I
know, in which case it does not need a read-write entry.
Relates to #5706 #5707 #5710.
|
| | |/ /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
They are already present on etc/inc/disable-common.inc.
First added on commit 695b67f43 ("handle ~/.config/user-dirs.dirs",
2015-11-17).
|
| | |/
| |/| |
|