aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
...
* New profile: rymdport.profile (#6251)Libravatar glitsj162024-03-18
| | | | | | Description: Encrypted sharing of files, folders, and text between devices. https://github.com/Jacalz/rymdport
* New profile: localsend_app.profile (#6244)Libravatar glitsj162024-03-18
| | | | | Description: An open source cross-platform alternative to AirDrop. https://github.com/localsend/localsend
* New profile: editorconfiger.profile (#6235)Libravatar glitsj162024-03-18
| | | | | | | Description: Plain tool to validate and compare .editorconfig files. https://github.com/aegoroff/editorconfiger https://aur.archlinux.org/packages/editorconfiger https://aur.archlinux.org/packages/editorconfiger-bin
* build(deps): bump github/codeql-action from 3.24.6 to 3.24.7Libravatar dependabot[bot]2024-03-18
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.6 to 3.24.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/8a470fddafa5cbb6266ee11b37ef4d8aae19c571...3ab4101902695724f9365a384f86c1074d94e18c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 4.1.1 to 4.1.2Libravatar dependabot[bot]2024-03-18
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/b4ffde65f46336ab88eb53be808477a3936bae11...9bb56186c3b09b4f86b1c65136769dd318469633) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* New profile: koreader.profile (#6243)Libravatar glitsj162024-03-16
| | | | | Description: Ebook reader application. https://koreader.rocks/
* New profile: dexios.profile (#6234)Libravatar glitsj162024-03-16
| | | | | | Description: CLI encryption tool https://github.com/brxken128/dexios https://aur.archlinux.org/packages/dexios-bin
* firejail-local: be less restrictive with torbrowser-launcherLibravatar glitsj162024-03-16
| | | Cfr. https://github.com/netblue30/firejail/issues/6269#issuecomment-2002021790.
* New profile: deadlink.profile (#6233)Libravatar glitsj162024-03-15
| | | | | | Description: Checks and fixes URLs in code and documentation. https://github.com/nschloe/deadlink https://aur.archlinux.org/packages/deadlink
* New profile: cloneit (#6232)Libravatar glitsj162024-03-15
| | | | | | | | Description: A CLI tool to download specific GitHub directories or files. https://github.com/alok8bb/cloneit https://aur.archlinux.org/packages/cloneit-git
* New profile: statusof.profile (#6253)Libravatar glitsj162024-03-14
| | | | | Description: Python script to check the status of a list of URLs. https://github.com/Arthurdw/statusof
* New profile: lyriek.profile (#6245)Libravatar glitsj162024-03-14
| | | | | | Description: A multi-threaded GTK application to fetch lyrics of currently playing songs. https://gitlab.com/bartwillems/lyriek
* New profile: erd.profile (#6236)Libravatar glitsj162024-03-14
| | | | | | | | | | Description: Multi-threaded file-tree visualizer and disk usage analyzer. https://github.com/solidiquis/erdtree https://archlinux.org/packages/extra/x86_64/erdtree/ Note: The repo and package are called `erdtree`, but the executable is `erd`.
* New profile: bpftop.profile (#6231)Libravatar glitsj162024-03-14
| | | | | | | | Description: Dynamic real-time view of running eBPF programs. https://github.com/Netflix/bpftop https://aur.archlinux.org/packages/bpftop https://aur.archlinux.org/packages/bpftop-bin https://aur.archlinux.org/packages/bpftop-git
* RELNOTES: add feature and build itemsLibravatar Kelvin M. Klann2024-03-14
| | | | Relates to #6260 #6261 #6268.
* docs: firecfg: note different .desktop naming schemes (#6268)Libravatar Kelvin M. Klann2024-03-14
| | | | | | | | Based on the discussion at #5063. Misc: The `\&` is used to escape the dot in `.desktop` (see roff(7)). This amends commit a9c851ee4 ("firecfg: use ignorelist also for .desktop files", 2024-01-08) / PR #6153.
* qt6ct: add dbus-filtering rules (#6272)Libravatar glitsj162024-03-12
| | | | | | Add support for qt6ct packages that use XDG desktop portal. https://github.com/MikeWalrus/qt6ct#branch=colorscheme-portal https://aur.archlinux.org/packages/qt6ct-xdg-colorscheme-git
* torbrowser-launcher fixes (#6270)Libravatar glitsj162024-03-09
| | | | | | | | | | | | | | | Apparently Tor Browser 13.0.11 (based on Mozilla Firefox 115.8.0esr) changed a few things. The former versions installed under `${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser` and now under `${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser/Browser`. All of our tor-browser-foo.profile profiles redirect to torbrowser-launcher.profile and are covered by the fixes. torbrowser.profile was not tested. It redirects to firefox-common.profile and seems to be Gentoo-specific. Fixes #6269.
* Merge pull request #6261 from kmk3/sort-py-strip-commasLibravatar Kelvin M. Klann2024-03-08
|\ | | | | build: sort.py: filter empty and duplicate items
| * build: sort.py: filter empty and duplicate itemsLibravatar Kelvin M. Klann2024-03-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Note: This seems to already be done for `protocol` lines. Before: $ ./contrib/sort.py test.profile sort.py: checking 1 profile(s)... test.profile:1:-private-etc ,,bar,,foo,,bar,,, test.profile:1:+private-etc ,,,,,,,bar,bar,foo test.profile:2:-protocol ,,unix,,bluetooth,,unix,,inet,,, test.profile:2:+protocol unix,inet,bluetooth [ Fixed ] test.profile After: $ ./contrib/sort.py test.profile sort.py: checking 1 profile(s)... test.profile:1:-private-etc ,,bar,,foo,,bar,,, test.profile:1:+private-etc bar,foo test.profile:2:-protocol ,,unix,,bluetooth,,unix,,inet,,, test.profile:2:+protocol unix,inet,bluetooth [ Fixed ] test.profile
* | landlock: use PATH macro in landlock-common.inc (#6260)Libravatar Kelvin M. Klann2024-03-08
| | | | | | | | | | | | | | | | | | | | | | To reduce duplication. Support for it was added on commit bf5a99360 ("landlock: add support for PATH macro", 2023-12-22). See also commit 19e108248 ("landlock: expand simple macros in commands", 2023-11-11) / PR #6125. Relates to #6078.
* | firecfg.config: add floorp (#6263)Libravatar D357R0Y3R2024-03-08
| |
* | profiles: remove blacklisting of qt5ct/qt6ct paths (#6266)Libravatar glitsj162024-03-06
| | | | | | | | | | | | | | | | Blacklisting qt5ct/qt6ct configuration and data paths breaks styling in all apps that use them. This was working as expected before #6249 and #6250, so remove the blacklisting.
* | New profile: green-recoder.profile (#6237)Libravatar glitsj162024-03-05
| | | | | | | | | | | | | | Simple screen recorder for Linux desktop, supports Wayland & Xorg. https://github.com/dvershinin/green-recorder https://aur.archlinux.org/packages/green-recorder https://aur.archlinux.org/packages/green-recorder-git
* | disable-programs.inc: blacklist /tmp/lwjgl_*Libravatar Kelvin M. Klann2024-03-05
| | | | | | | | | | | | | | Fix `noblacklist` entry without an equivalent `blacklist` entry. Added on commit 1a2e8ab85 ("multimc: instances not running, because of missing permissions", 2024-02-19) / PR #6216.
* | ssh: whitelist gcr-ssh-agent unix socket (#6258)Libravatar Michele Sorcinelli2024-03-05
| | | | | | | | | | | | | | | | | | Since gnome-keyring 1.46, the ssh-agent functionality has been removed and gcr-ssh-agent is the recommended alternative. Source: - https://gitlab.gnome.org/GNOME/gcr/-/merge_requests/67 - https://wiki.archlinux.org/title/GNOME/Keyring#SSH_keys
* | archiver-common: add mkinitcpio support to private-etc (#5656)Libravatar glitsj162024-03-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mkinitcpio (used to generate initramfs images) supports several compression formats: https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/blob/master/mkinitcpio.conf#L54-L64. On Arch Linux (based distributions) at least this implies the supported archivers to have access to mkinitcpio-related files under /etc. This was no problem before 29da82d added `private-etc` to `archivers-common.profile`. This adds the now needed extra private-etc items to archiver-common.profile, for mkinitcpio's supported compressors (which seem to be at least cpio, gzip and zstd). Relates to #5610.
* | archivers: drop private-etc now that it's in archiver-common (#5655)Libravatar glitsj162024-03-05
| | | | | | | | | | | | | | | | Commit 29da82d added `private-etc` to `archiver-common.profile`. To avoid doubled options this PR removes it from archiver profiles which already had it. Relates to #5610.
* | iagno: ordering fixes (#5681)Libravatar glitsj162024-03-05
| |
* | New profile: qt6ct (#6250)Libravatar glitsj162024-03-05
| |
* | New profile: qt5ct (#6249)Libravatar glitsj162024-03-05
| |
* | New profiles: lz4 and redirects (#6241)Libravatar glitsj162024-03-05
| |
* | gnome-boxes: deny access to /usr/libexec (#6239)Libravatar glitsj162024-03-05
| |
* | virt-manager: deny access to /usr/libexec (#6238)Libravatar glitsj162024-03-05
| |
* | makepkg: fix ordering (#6265)Libravatar glitsj162024-03-05
| |
* | build(deps): bump github/codeql-action from 3.24.5 to 3.24.6Libravatar dependabot[bot]2024-03-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.5 to 3.24.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/47b3d888fe66b639e431abf22ebca059152f1eea...8a470fddafa5cbb6266ee11b37ef4d8aae19c571) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Add quiet to enchant-2, it has a cliLibravatar rusty-snake2024-03-03
|/
* RELNOTES: add feature and build itemsLibravatar Kelvin M. Klann2024-03-01
| | | | Relates to #6217 #6222 #6228 #6230.
* mergesLibravatar netblue302024-02-29
|
* Merge pull request #6230 from kmk3/build-reduce-inconsistenciesLibravatar netblue302024-02-29
|\ | | | | build: reduce hardcoding and inconsistencies
| * build: standardize ./configure argumentsLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | For consistency and to make it clearer where jobs differ (for example, to see where `--enable-analyzer` is used). Changes: * Always use --prefix=/usr and --enable-fatal-warnings (except in the Alpine job due to current warnings; see #6224) * Use the same argument order Note: mkdeb.sh and platform/rpm/mkrpm.sh already pass `--prefix=/usr` to ./configure.
| * build: standardize parallel make argumentsLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | | | | | | | | | | | | | | | Currently the number of make jobs used for the default build target are hardcoded and the value used varies across files. For consistency (and potentially better performance), use `make -j "$(nproc)"` everywhere that `make -j` is currently used. Kind of relates to commit 500d8f2d6 ("ci: run make in parallel where applicable", 2023-08-14) / PR #5960.
| * build: format gcov.shLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | Line-wrap the file and sort ./configure arguments.
| * ci: update top-level comment in .gitlab-ci.ymlLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | | | Format it for readability and update the descriptions to match the current jobs.
| * ci: move build_no_apparmor job near other similar jobsLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | | | To make it easier to compare and edit the main apt-based jobs in .gitlab-ci.yml.
| * ci: run check-c.yml on any C code changeLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | | | | | | | | | | | | | | | | | test/ also contains source code and cppcheck checks it: $ make cppcheck | grep 'Checking test/' Checking test/appimage/main.c ... Checking test/chroot/unchroot.c ... Checking test/filters/namespaces.c ... Checking test/seccomp-extra/memwrexe.c ... So make sure that it is included in the CI trigger paths.
| * ci: remove unnecessary dependencies and endpointsLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | Sync the build and build-clang jobs.
| * ci: add and use PKGNAME variable in in debian_ciLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | | | | | | | To reduce hardcoding. Note that this reduces duplication but the value is still hardcoded in the job; it is not sourced from TARNAME in config.mk.
| * build: add print-version target and use in CILibravatar Kelvin M. Klann2024-02-29
| | | | | | | | | | | | | | To reduce TARNAME hardcoding. Added on commit 6a89ab023 ("ci: run firejail --version after build/install", 2022-05-16) / PR #5148.
| * build: use generic wildcard on package installLibravatar Kelvin M. Klann2024-02-29
| | | | | | | | To reduce TARNAME hardcoding.
generated by cgit v1.2.3-54-g00ecf (git 2.44.0) at 2024-04-28 16:28:48 +0000