From 30c30f57fe901aab2dbf86b9573fefc181716346 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 24 Oct 2023 23:53:15 +0000 Subject: profiles: Extend node stack support for pnpm (#6063) * nodejs-common: add pnpm support * disable-programs.inc: add pnpm support * Create pnpm.profile * Create pnpx.profile --- etc/inc/disable-programs.inc | 1 + etc/profile-m-z/nodejs-common.profile | 5 ++++- etc/profile-m-z/pnpm.profile | 11 +++++++++++ etc/profile-m-z/pnpx.profile | 11 +++++++++++ 4 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 etc/profile-m-z/pnpm.profile create mode 100644 etc/profile-m-z/pnpx.profile (limited to 'etc') diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 312869334..5a61bd448 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc @@ -1014,6 +1014,7 @@ blacklist ${HOME}/.local/share/orage blacklist ${HOME}/.local/share/org.kde.gwenview blacklist ${HOME}/.local/share/pix blacklist ${HOME}/.local/share/plasma_notes +blacklist ${HOME}/.local/share/pnpm blacklist ${HOME}/.local/share/profanity blacklist ${HOME}/.local/share/psi blacklist ${HOME}/.local/share/psi+ diff --git a/etc/profile-m-z/nodejs-common.profile b/etc/profile-m-z/nodejs-common.profile index 4c463521c..f301196c6 100644 --- a/etc/profile-m-z/nodejs-common.profile +++ b/etc/profile-m-z/nodejs-common.profile @@ -7,7 +7,7 @@ include nodejs-common.local # added by caller profile #include globals.local -# Note: gulp, node-gyp, npm, npx, semver and yarn are all node scripts +# Note: gulp, node-gyp, npm, npx, pnpm, pnpx, semver and yarn are all node scripts # using the `#!/usr/bin/env node` shebang. By sandboxing node the full # node.js stack will be firejailed. The only exception is nvm, which is implemented # as a sourced shell function, not an executable binary. Hence it is not @@ -22,6 +22,7 @@ ignore read-only ${HOME}/.npmrc ignore read-only ${HOME}/.nvm ignore read-only ${HOME}/.yarnrc +noblacklist ${HOME}/.local/share/pnpm noblacklist ${HOME}/.node-gyp noblacklist ${HOME}/.npm noblacklist ${HOME}/.npmrc @@ -43,6 +44,7 @@ include disable-xdg.inc # If you want whitelisting, change ${HOME}/Projects below to your node projects directory # and add the next lines to your nodejs-common.local. +#mkdir ${HOME}/.local/share/pnpm #mkdir ${HOME}/.node-gyp #mkdir ${HOME}/.npm #mkdir ${HOME}/.npm-packages @@ -52,6 +54,7 @@ include disable-xdg.inc #mkdir ${HOME}/.yarn-config #mkdir ${HOME}/.yarncache #mkfile ${HOME}/.yarnrc +#whitelist ${HOME}/.local/share/pnpm #whitelist ${HOME}/.node-gyp #whitelist ${HOME}/.npm #whitelist ${HOME}/.npm-packages diff --git a/etc/profile-m-z/pnpm.profile b/etc/profile-m-z/pnpm.profile new file mode 100644 index 000000000..08f88be43 --- /dev/null +++ b/etc/profile-m-z/pnpm.profile @@ -0,0 +1,11 @@ +# Firejail profile for pnpm +# Description: Fast, disk space efficient package manager +quiet +# This file is overwritten after every install/update +# Persistent local customizations +include pnpm.local +# Persistent global definitions +include globals.local + +# Redirect +include nodejs-common.profile diff --git a/etc/profile-m-z/pnpx.profile b/etc/profile-m-z/pnpx.profile new file mode 100644 index 000000000..a99d1232a --- /dev/null +++ b/etc/profile-m-z/pnpx.profile @@ -0,0 +1,11 @@ +# Firejail profile for pnpx +# Description: Part of the Node.js stack +quiet +# This file is overwritten after every install/update +# Persistent local customizations +include pnpx.local +# Persistent global definitions +include globals.local + +# Redirect +include nodejs-common.profile -- cgit v1.2.3-54-g00ecf