Message ID | 20240416133838.9966-1-dziltener@lyrion.ch |
---|---|
State | New |
Headers | show |
Series | [bug#70417] Gnu: update flatpak to 1.45.5. | expand |
Hi! I've noticed you sent two distinct issues for the same patch, could you close the one that is not relevant? Thanks!
dziltener--- via Guix-patches via <guix-patches@gnu.org> writes: > From: Daniel Ziltener <dziltener@lyrion.ch> > > --- > gnu/packages/package-management.scm | 56 ++++++++++++------- > ...flatpak-unset-gdk-pixbuf-for-sandbox.patch | 4 +- > 2 files changed, 38 insertions(+), 22 deletions(-) > > diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm > index 247807c394..8f8cbbdf3e 100644 > --- a/gnu/packages/package-management.scm > +++ b/gnu/packages/package-management.scm > @@ -2022,55 +2022,64 @@ (define-public libostree > (define-public flatpak > (package > (name "flatpak") > - (version "1.14.4") > + (version "1.14.5") > (source > (origin > (method url-fetch) > - (uri (string-append "https://github.com/flatpak/flatpak/releases/download/" > - version "/flatpak-" version ".tar.xz")) > + (uri > + (string-append "https://github.com/flatpak/flatpak/releases/download/" > + version "/flatpak-" version ".tar.xz")) > (sha256 > - (base32 "16b7f7n2mms6zgm0lj3fn86ny11xjn8cd3mrk1slwhvwnv8dnd4a")) > + (base32 > + "1b7z4wzh2zgphcal95vj4x7wbr9s89p2a4c0l0g4w4xcwx6ccw2v")) > (patches > (search-patches "flatpak-fix-path.patch" > "flatpak-unset-gdk-pixbuf-for-sandbox.patch")))) > - > ;; Wrap 'flatpak' so that GIO_EXTRA_MODULES is set, thereby allowing GIO to > ;; find the TLS backend in glib-networking. > (build-system glib-or-gtk-build-system) > - > (arguments > (list > #:configure-flags > #~(list > + "--with-curl" > "--enable-documentation=no" ;; FIXME > "--enable-system-helper=no" > - "--localstatedir=/var" > (string-append "--with-system-bubblewrap=" > (assoc-ref %build-inputs "bubblewrap") > "/bin/bwrap") > (string-append "--with-system-dbus-proxy=" > (assoc-ref %build-inputs "xdg-dbus-proxy") > - "/bin/xdg-dbus-proxy")) > + "/bin/xdg-dbus-proxy") > + "--localstatedir=/var") > #:phases > #~(modify-phases %standard-phases > (add-after 'unpack 'fix-tests > - (lambda* (#:key inputs #:allow-other-keys) > + (lambda* > + (#:key inputs #:allow-other-keys) > (copy-recursively > (search-input-directory inputs "lib/locale") > "/tmp/locale") > - (for-each make-file-writable (find-files "/tmp")) > + (for-each make-file-writable > + (find-files "/tmp")) > (substitute* "tests/make-test-runtime.sh" > - (("cp `which.*") "echo guix\n") > + (("cp `which.*") > + "echo guix\n") > (("cp -r /usr/lib/locale/C\\.\\*") > (string-append "mkdir ${DIR}/usr/lib/locale/en_US; \ > cp -r /tmp/locale/*/en_US.*"))) > (substitute* "tests/libtest.sh" > - (("/bin/kill") (which "kill")) > - (("/usr/bin/python3") (which "python3"))) > + (("/bin/kill") > + (which "kill")) > + (("/usr/bin/python3") > + (which "python3"))) > #t)) > (add-after 'unpack 'p11-kit-fix > - (lambda* (#:key inputs #:allow-other-keys) > - (let ((p11-path (search-input-file inputs "/bin/p11-kit"))) > + (lambda* > + (#:key inputs #:allow-other-keys) > + (let > + ((p11-path > + (search-input-file inputs "/bin/p11-kit"))) > (substitute* "session-helper/flatpak-session-helper.c" > (("\"p11-kit\",") > (string-append "\"" p11-path "\",")) > @@ -2080,7 +2089,8 @@ (define-public flatpak > ;; Many tests fail for unknown reasons, so we just run a few basic > ;; tests. > (replace 'check > - (lambda* (#:key tests? #:allow-other-keys) > + (lambda* > + (#:key tests? #:allow-other-keys) > (when tests? > (setenv "HOME" "/tmp") > (invoke "make" "check" > @@ -2088,9 +2098,9 @@ (define-public flatpak > testcommon"))))))) > (native-inputs > (list bison > - dbus ; for dbus-daemon > + dbus ; for dbus-daemon > gettext-minimal > - `(,glib "bin") ; for glib-mkenums + gdbus-codegen > + `(,glib "bin") ; for glib-mkenums + gdbus-codegen > (libc-utf8-locales-for-target) > gobject-introspection > libcap > @@ -2105,20 +2115,24 @@ (define-public flatpak > bubblewrap > curl > dconf > - fuse-2 > + fuse > gdk-pixbuf > gpgme > json-glib > libarchive > + libcap > libostree > libseccomp > libsoup-minimal-2 > libxau > libxml2 > p11-kit > + polkit > util-linux > - xdg-dbus-proxy)) > - (propagated-inputs (list glib-networking gnupg gsettings-desktop-schemas)) > + xdg-dbus-proxy > + zstd)) > + (propagated-inputs > + (list glib-networking gnupg gsettings-desktop-schemas)) > (home-page "https://flatpak.org") > (synopsis "System for building, distributing, and running sandboxed desktop > applications") > diff --git a/gnu/packages/patches/flatpak-unset-gdk-pixbuf-for-sandbox.patch b/gnu/packages/patches/flatpak-unset-gdk-pixbuf-for-sandbox.patch > index bf9c487ba8..7773b11f7e 100644 > --- a/gnu/packages/patches/flatpak-unset-gdk-pixbuf-for-sandbox.patch > +++ b/gnu/packages/patches/flatpak-unset-gdk-pixbuf-for-sandbox.patch > @@ -9,11 +9,13 @@ of host system. > > --- a/common/flatpak-run.c > +++ b/common/flatpak-run.c > -@@ -1900,6 +1900,7 @@ static const ExportData default_exports[] = { > +@@ -1900,8 +1900,9 @@ static const ExportData default_exports[] = { > {"XKB_CONFIG_ROOT", NULL}, > {"GIO_EXTRA_MODULES", NULL}, > {"GDK_BACKEND", NULL}, > + {"GDK_PIXBUF_MODULE_FILE", NULL}, > + {"VK_DRIVER_FILES", NULL}, > + {"VK_ICD_FILENAMES", NULL}, > }; > > static const ExportData no_ld_so_cache_exports[] = { hello!, i adjust you patch to remove unneed code style adjust, and update to 1.14.6. fix CVE-2024-32462, see https://nvd.nist.gov/vuln/detail/CVE-2024-32462 push at https://git.savannah.gnu.org/cgit/guix.git/commit/?id=d115af1bcc48f07a40dafd94d1d00926d446d068
diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 247807c394..8f8cbbdf3e 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -2022,55 +2022,64 @@ (define-public libostree (define-public flatpak (package (name "flatpak") - (version "1.14.4") + (version "1.14.5") (source (origin (method url-fetch) - (uri (string-append "https://github.com/flatpak/flatpak/releases/download/" - version "/flatpak-" version ".tar.xz")) + (uri + (string-append "https://github.com/flatpak/flatpak/releases/download/" + version "/flatpak-" version ".tar.xz")) (sha256 - (base32 "16b7f7n2mms6zgm0lj3fn86ny11xjn8cd3mrk1slwhvwnv8dnd4a")) + (base32 + "1b7z4wzh2zgphcal95vj4x7wbr9s89p2a4c0l0g4w4xcwx6ccw2v")) (patches (search-patches "flatpak-fix-path.patch" "flatpak-unset-gdk-pixbuf-for-sandbox.patch")))) - ;; Wrap 'flatpak' so that GIO_EXTRA_MODULES is set, thereby allowing GIO to ;; find the TLS backend in glib-networking. (build-system glib-or-gtk-build-system) - (arguments (list #:configure-flags #~(list + "--with-curl" "--enable-documentation=no" ;; FIXME "--enable-system-helper=no" - "--localstatedir=/var" (string-append "--with-system-bubblewrap=" (assoc-ref %build-inputs "bubblewrap") "/bin/bwrap") (string-append "--with-system-dbus-proxy=" (assoc-ref %build-inputs "xdg-dbus-proxy") - "/bin/xdg-dbus-proxy")) + "/bin/xdg-dbus-proxy") + "--localstatedir=/var") #:phases #~(modify-phases %standard-phases (add-after 'unpack 'fix-tests - (lambda* (#:key inputs #:allow-other-keys) + (lambda* + (#:key inputs #:allow-other-keys) (copy-recursively (search-input-directory inputs "lib/locale") "/tmp/locale") - (for-each make-file-writable (find-files "/tmp")) + (for-each make-file-writable + (find-files "/tmp")) (substitute* "tests/make-test-runtime.sh" - (("cp `which.*") "echo guix\n") + (("cp `which.*") + "echo guix\n") (("cp -r /usr/lib/locale/C\\.\\*") (string-append "mkdir ${DIR}/usr/lib/locale/en_US; \ cp -r /tmp/locale/*/en_US.*"))) (substitute* "tests/libtest.sh" - (("/bin/kill") (which "kill")) - (("/usr/bin/python3") (which "python3"))) + (("/bin/kill") + (which "kill")) + (("/usr/bin/python3") + (which "python3"))) #t)) (add-after 'unpack 'p11-kit-fix - (lambda* (#:key inputs #:allow-other-keys) - (let ((p11-path (search-input-file inputs "/bin/p11-kit"))) + (lambda* + (#:key inputs #:allow-other-keys) + (let + ((p11-path + (search-input-file inputs "/bin/p11-kit"))) (substitute* "session-helper/flatpak-session-helper.c" (("\"p11-kit\",") (string-append "\"" p11-path "\",")) @@ -2080,7 +2089,8 @@ (define-public flatpak ;; Many tests fail for unknown reasons, so we just run a few basic ;; tests. (replace 'check - (lambda* (#:key tests? #:allow-other-keys) + (lambda* + (#:key tests? #:allow-other-keys) (when tests? (setenv "HOME" "/tmp") (invoke "make" "check" @@ -2088,9 +2098,9 @@ (define-public flatpak testcommon"))))))) (native-inputs (list bison - dbus ; for dbus-daemon + dbus ; for dbus-daemon gettext-minimal - `(,glib "bin") ; for glib-mkenums + gdbus-codegen + `(,glib "bin") ; for glib-mkenums + gdbus-codegen (libc-utf8-locales-for-target) gobject-introspection libcap @@ -2105,20 +2115,24 @@ (define-public flatpak bubblewrap curl dconf - fuse-2 + fuse gdk-pixbuf gpgme json-glib libarchive + libcap libostree libseccomp libsoup-minimal-2 libxau libxml2 p11-kit + polkit util-linux - xdg-dbus-proxy)) - (propagated-inputs (list glib-networking gnupg gsettings-desktop-schemas)) + xdg-dbus-proxy + zstd)) + (propagated-inputs + (list glib-networking gnupg gsettings-desktop-schemas)) (home-page "https://flatpak.org") (synopsis "System for building, distributing, and running sandboxed desktop applications") diff --git a/gnu/packages/patches/flatpak-unset-gdk-pixbuf-for-sandbox.patch b/gnu/packages/patches/flatpak-unset-gdk-pixbuf-for-sandbox.patch index bf9c487ba8..7773b11f7e 100644 --- a/gnu/packages/patches/flatpak-unset-gdk-pixbuf-for-sandbox.patch +++ b/gnu/packages/patches/flatpak-unset-gdk-pixbuf-for-sandbox.patch @@ -9,11 +9,13 @@ of host system. --- a/common/flatpak-run.c +++ b/common/flatpak-run.c -@@ -1900,6 +1900,7 @@ static const ExportData default_exports[] = { +@@ -1900,8 +1900,9 @@ static const ExportData default_exports[] = { {"XKB_CONFIG_ROOT", NULL}, {"GIO_EXTRA_MODULES", NULL}, {"GDK_BACKEND", NULL}, + {"GDK_PIXBUF_MODULE_FILE", NULL}, + {"VK_DRIVER_FILES", NULL}, + {"VK_ICD_FILENAMES", NULL}, }; static const ExportData no_ld_so_cache_exports[] = {
From: Daniel Ziltener <dziltener@lyrion.ch> --- gnu/packages/package-management.scm | 56 ++++++++++++------- ...flatpak-unset-gdk-pixbuf-for-sandbox.patch | 4 +- 2 files changed, 38 insertions(+), 22 deletions(-)