forked from flatpak/flatpak-builder
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NEWS
453 lines (347 loc) · 15.4 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
Changes in 1.4.3
================
* Always set `CMAKE_INSTALL_LIBDIR` with cmake buildsystems
* Update libglnx submodule to latest commit
Changes in 1.4.2
================
* Fix missing test files in the generated tarballs
* Fix possible empty id in provides when renaming
* Fix minor memory leaks
Changes in 1.4.1
================
* Add support for `autoprune-unless` in extensions
* Add `disable-http-decompression` option to archive/file sources
* Change `rename-desktop-file` and `rename-appdata-file` to also set the launchable or provide the old id if needed
Changes in 1.4.0
================
* Document that `app-id` is deprecated in favor of `id`
Changes in 1.3.5
================
This is a development release that will eventually become 1.4.x.
* Add `rename-mime-file` and `rename-mime-icons` properties
* Re-implement support for `data:` URIs
* Set download speed timeout for HTTP downloads
* Enabled compressed HTTP downloads
* Use `meson setup` with `meson` buildsystem to avoid warning
* Fix libappstream not handling ID's ending with `.desktop`
* Fix ostree deployment on 64-bit inode filesystems
Changes in 1.3.4
================
This is a development release that will eventually become 1.4.x.
* Replace appstream-glib with libappstream
* Run tests in parallel respecting number of jobs set
* Add missing `secret-env` and `secret-opts` keys to the JSON schema
* Improve parsing of git submodules
* Meson build fixes
Changes in 1.3.3
================
This is a development release that will eventually become 1.4.x.
* Add `installed_tests` option to meson project
* Fix libglnx meson subproject when built from autotools dist
* Fix tests not running in parallel under meson
Changes in 1.3.2
================
This is a development release that will eventually become 1.4.x.
* Add meson buildsystem; The autotools build system will be removed in a future release
* Add `referer` property to file/archive sources to set the HTTP `Referer` header
* Fix `no-autodownload` in extensions incorrectly setting `autodelete`
* Reduce verbosity of unzip usage
* Ignore `$schema` properties in manifests so editors can use our JSON schema
* Change git usage to be more forgiving about submodules in `.gitmodules`
Changes in 1.3.1
================
This is a development release that will eventually become 1.4.x.
* Deprecate SHA1 and MD5 hashes for sources
* Remove all usage of libsoup (bumps GLib requirement to 2.66)
* Fix errors in included manifests not being fatal
* Fix crash on empty manifests or incorrect JSON type
* Various updates to the JSON Schema
Changes in 1.2.2
================
This is a security update to resolve CVE-2022-21682.
Upgrading both Flatpak and flatpak-builder is required.
CVE-2022-21682 is a vulnerability in how flatpak-builder uses flatpak,
which can cause `flatpak-builder --mirror-screenshots-url` commands to be
allowed to create directories outside the build directory.
flatpak-builder >= 1.2.2 uses a new option `--nofilesystem=host:reset`
to cancel out filesystem permissions in the application manifest and
overrides. This is only effective when using Flatpak >= 1.12.4, or a
version that has a backport of the `--nofilesystem=host:reset` feature
(such as 1.10.x versions >= 1.10.7).
When using an older version of Flatpak, this version of flatpak-builder
will still work, but it will show a warning: "Unexpected filesystem
suffix reset, ignoring". In this situation, it is still vulnerable
to CVE-2022-21682.
Other changes:
* Make FUSE 2 optimizations opt-in.
By default, this version of flatpak-builder is compatible with versions
of ostree that have been compiled against either FUSE 2 or FUSE 3.
Older distributions that use FUSE 2 can configure --with-fuse=2 for better
performance, but the resulting flatpak-builder executable will not work
with versions of ostree >= 2022.1 that have been compiled with FUSE 3
(this is the same behaviour as in 1.2.1).
* Make the JSON schema introduced in 1.2.1 more complete
Changes in 1.2.1
================
* Fix debuginfo being re-processed multiple times in a manifest
* Change manifest parsing issues from warnings to fatal errors
* Add `.tar.zst` archive support
* Fix auto-detection of `.7z` archives
* Install a JSON schema for manifest format
* Documentation updates
Changes in 1.2.0
================
* Documentation updates
* Add missing newlines in some output
* Fix missing error check in the new inline data support
Changes in 1.1.2
================
* New secret-opts feature lets you pass e.g. CI secrets into the build.
* Support content-encoding when downloading.
* New inline data source allowing easy creation of files from embedded content from
the manifest.
Changes in 1.1.1
================
This is the first unstable relase in preparation for 1.2.0
* We now use the external debugedit project instead of using an internal copy.
The system version can be used, or if not an internal version is used
built using git submodules.
Note, this needs libdw 0.172, which may not be available on older distributions.
Changes in 1.0.14
=================
* Ensure that sources cannot create files outside the build directory.
* If --sandbox is enabled, ensure sources can't real files outside the
manifest directory.
Changes in 1.0.13
=================
* Fix a bug where git submodules were bundled even when disabled (whereas in
the previous release this issue was fixed for the extraction phase)
* For bundled extensions, use the specified version as the branch rather than
using the branch of the parent app
Changes in 1.0.12
=================
* Make --run work if manifest has --metadata in build-finish
* Don't try to extract git submodules if they were disabled
Changes in 1.0.11
=================
* Use brz instead of bzr fom bzr repos (if available)
* Fix `run-tests` with --sandbox and empty test-args
Changes in 1.0.10
=================
* Support for 7zip archives
* Allow overriding archive type
* Support --token-type option
Changes in 1.0.9
================
* More detailed commandline output with --verbose enabled
* Support for including yaml module snippets
* Support the CCACHE_DIR environment variable
* New option disable-submodules for git sources
* New commandline option --show-manifest
* Multiple modules with the same name in the same manifest is
now supported.
Changes in 1.0.8
================
* Support multiple instances of --install-dep-from
* Ensure shallow git mirrors are updated when the git ref changes
* Improved error reporting
Changes in 1.0.7
================
* Use the new die-with-parent feature of HostCommand when build to run in a flatpak
* Fix some details in how we create platform commits to fix font cache mtime issues.
Changes in 1.0.6
================
* Pass --noninteractive when installing for flatpak >= 1.2.0
* Doc fixes
Changes in 1.0.5
================
Due to a change in the output of "flatpak info" the support for
loading default build options from the sdk regressed with flatpak
1.2.x. This is fixed and everyone who built flatpaks with 1.2.x are
recommended to update to this release and re-build.
Changes in 1.0.4
================
* Add --add/remove-tag options
* Allow using a full ref as sdk and use the branch from that.
Changes in 1.0.3
================
* Compress changes in cache, fixing the build of large applications like libreoffice in
some cases.
* Add new default-branch manifest option to allow overridable branch name.
Changes in 1.0.2
================
* Print a warning when a YAML document has a float-like string value.
* Handle .txz archive suffixes.
* Set SOURCE_DATE_EPOCH to the mtime of the manifest in the build.
* Update python post-processor to handle python 3.7 pyc files.
* Allow unsetting env vars in the build options by setting them to null.
* Documentation improvements
Changes in 1.0.1
================
* Run appstream-util mirror-screenshots in the sandbox, rather than on
the host, as the host might not have a new enough appstream-glib.
* Fix build cache when a module has uncommon characters in the name.
Changes in 1.0.0
================
* Respect no-parallel-make with ninja
* Fixed regression in data: uris
* Warn about deprecated cmake property
* Make X-Flatpak-RenamedFrom a list
* Fix handling of mirror uris with no terminating slash
* Take arch into account for --skip-if-unchanged
* Fix --run when run inside a flatpak sandbox
* Ensure GIT commiter env var is set when applying git patches
* Keep x-* properties in the manifest when creating manifest.json
* New property `paths` in patch source to apply multiple patches.
Major changes in 0.99.3
=======================
* Add X-Flatpak-RenamedFrom key to renamed desktop files
* Set FLATPAK_BUILDER_BUILDDIR when building module
* Handle large downloads better
* Make p2p code non-optional
Major changes in 0.99.2
=======================
* Fix --install not working due to asking for confirmation
* Fix builds with latest libsoup
* New option git-init for archives
* New option use-git-am for patches
Major changes in 0.99.1
=======================
In preparation for 1.0, this release depends on a recent (0.11.8) flatpak.
* New libdir build option
* Support loading default options from sdk
* Add support for overriding c/cpp/ld/etc flags in a module
* Now uses libcurl to download things instead of soup,
which means we now support ftp urls.
* Don't prune build caches when building with --{export,finish}-only
* rename-desktop-file now handles launchables in the appdata
* archive sources support dest-filename
* archive and file sources now support mirror-urls to list
extra urls in case of network problems.
Major changes in 0.10.10
========================
* We now support yaml manifest as well as json.
* New source type "svn" to download subversion checkouts.
* New source type "dir" for local directories.
* Set FLATPAK_BUILDER_N_JOBS in environment during build.
* If not using ccache, enfore it of. This helps builds with
meson as they pick up ccache by default, which makes no
sense when there is no persistent storage for ccache to use.
* New options prepend-*-path similar to the existing append-*-path
ones, but prepending instead.
* New argument --no-shallow-clone which disables any shallow clone
optimizations.
* New inherit-sdk-extensions property similar to inherit-extensions,
but is not inherited in the platform.
* We now ignore json keys starting with "//" and "__" allowing these
to be used for comments.
* Fixed a bug that caused --install to not work properly.
* New argument --extension-tag for using the new tagged extension feature.
* The build metadata now records which extensions were produced as part
of a build.
* New property add-build-extensions allows creating exension points that
can be used during the build.
* flatpak-builder --run now also binds /run/build-runtime to the builds,
allowing it to work when building runtimes.
Major changes in 0.10.9
=======================
* Support -y argument, which passes it on to flatpak install, etc
* Fix build on glibc 2.27
Major changes in 0.10.8
=======================
* Fix build on recent glibc
Major changes in 0.10.7
=======================
* Add support for --socket=fallback-x11
* Fix assert in --install
* Fix --disable-updates for git sources
* When mirroring git repos, use a temporary download dir
* Support running flatpak-builder inside a flatpak sandbox
Major changes in 0.10.6
=======================
* New checksum types for file/archive sources: md5, sha1, sha512
* Support including source snippets from another file, similar to
how module includes are supported.
* The app id renaming in the appdata file is now more careful to
avoid renaming other parts.
* The cache default repo format for new caches is now bare-user-only
which means building with flatpak-builder works on filesystems that
don't support xattrs.
* New --install argument will install the finished build using the
new flatpak install install-directly-from-local-repo feature.
This makes it easier to test local builds.
Major changes in 0.10.5
=======================
* Add support for running tests during the build (disable with --disable-tests).
* New build-option append-pkg-config to append to PKG_CONFIG_PATH
* --state-dir option lets you reuse a single directory instead of scattered
.flatpak-builder dirs for builds, downloads and cache data.
* git: Allow updates with non-fastforwarded branched
* Don't fail if app ships both appdata and metainfo file
* Support --log-system/session-bus in --run
Major changes in 0.10.4
=======================
* Fixed source bundling of git repos with older versions of git
* Allow git sources to use "HEAD" branch
* Fixed crashes in some cases of git failure
Major changes in 0.10.3
=======================
* Yet more fixed or older versions of git. In particular, we disable
fsck during transfer when doing a shallow clone and the git version
is less than 1.8.3.2.
Major changes in 0.10.2
=======================
* Even more fixes for shallow git clones with older versions of git
* New property for git sources, disable-shallow-clone which falls
back to cloning the entire remote.
Major changes in 0.10.1
=======================
* Fix handling of shallow git clones with older versions of git
* Fix issue where flatpak-builder --run could exit if some
thread in the parent process exited, exposeb by e.g.
gnome-builder.
Major changes in 0.10.0
=======================
* We now do shallow clones of git repos when downloading if
possible.
* The way the cache works internally was slightly tweaked
which will cause all existing caches to be rebuilt.
Major changes in 0.9.99
=======================
* Fix git source bundling on older git version
* New property: appdata-license lets you easily modify the appstream license field
* New source type "extra-data" which makes it easier to use extra-data apps
* We now automatically compress debuginfo unless the no-debuginfo-compression
option is specified.
* Appstream files called .metainfo.xml are now recognized.
* New prepare-platform-commands property, similar to cleanup-platform-commands,
but run before importing all the changes from the SDK.
* We now apply all the deletions that happened in the SDK on the base when creating
the platform.
Major changes in 0.9.98
=======================
* build cache hits are now faster
* git sources have a new property "tag" which works the same as "branch", but
improves readability when referencing a git tag.
* flatpak-builder --run now passes --with-appdir which is useful when
testing uninstalled builds.
* When bundling git repos in .Sources we now make a shallow clone which uses
a lot less space.
* .Locale extensions now always set the new locale-subset property
* locale-subset is supported in the add-extension property
* build-options now also supports make-args and make-install args, which
allows per-arch make flags.
Major changes in 0.9.11
======================
Skipped 0.9.10 to sync with flatpakk
* Fix build on some arches due to lack of flatpak_get_kernel_arch symbol
* Disable ostree 3% free space check for build cache
* Add some new status terminal title updates
* Set the requested environment vars in type=shell sources commands
* Add append-path and append-ld-library-path build options
* Add buildtype=qmake
* Updated docs
Major changes in 0.9.9
======================
flatpak-builder was split out from flatpak into its own module.
* Pass --die-with-parent to all flatpak build commands