rpms
/
flatpak-builder
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c-beta
rpms:c8-beta
rpms:i9c-beta
rpms:c9-beta
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
..
compare: rpms:i10cs
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c-beta
rpms:c8-beta
rpms:i9c-beta
rpms:c9-beta
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9

No commits in common. 'c9' and 'i10cs' have entirely different histories.
c9 ... i10cs

4 changed files with 115 additions and 112 deletions
Show Stats

2
.flatpak-builder.metadata
Unescape View File

@ -1 +1 @@
59c5dcd6363c3b6bdc0be773d41d1038a92a80d1 SOURCES/flatpak-builder-1.2.2.tar.xz 9837a2e60e05abbe720d7d0361eb5907abdb4895 SOURCES/flatpak-builder-1.4.1.tar.xz

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/flatpak-builder-1.2.2.tar.xz SOURCES/flatpak-builder-1.4.1.tar.xz

77
SOURCES/flatpak-builder-source-archive-source-file-Deprecate-MD5-and-SHA1-ha.patch
Unescape View File

@ -1,77 +0,0 @@
From dfcc0717abaf30d1c0ac76becbe7e334b6a31a3e Mon Sep 17 00:00:00 2001
From: Debarshi Ray <debarshir@gnome.org>
Date: Mon, 31 Jan 2022 15:16:12 +0100
Subject: [PATCH] source-archive, source-file: Deprecate MD5 and SHA1 hashes
... because of their weaknesses, and show a warning suggesting SHA256
instead.
The new test cases were removed from this commit to simplify the
downstream build.
https://github.com/flatpak/flatpak-builder/pull/459
https://bugzilla.redhat.com/show_bug.cgi?id=1935509
---
src/builder-source-archive.c | 12 ++++++++++++
src/builder-source-file.c | 12 ++++++++++++
2 files changed, 24 insertions(+)
diff --git a/src/builder-source-archive.c b/src/builder-source-archive.c
index c93f84efc84c..04eafe44cd01 100644
--- a/src/builder-source-archive.c
+++ b/src/builder-source-archive.c
@@ -230,11 +230,23 @@ builder_source_archive_set_property (GObject *object,
case PROP_MD5:
g_free (self->md5);
self->md5 = g_value_dup_string (value);
+ if (self->md5 != NULL && self->md5[0] != '\0')
+ {
+ g_printerr ("The \"md5\" source property is deprecated due to the weakness of MD5 hashes.\n");
+ g_printerr ("Use the \"sha256\" property for the more secure SHA256 hash.\n");
+ }
+
break;
case PROP_SHA1:
g_free (self->sha1);
self->sha1 = g_value_dup_string (value);
+ if (self->sha1 != NULL && self->sha1[0] != '\0')
+ {
+ g_printerr ("The \"sha1\" source property is deprecated due to the weakness of SHA1 hashes.\n");
+ g_printerr ("Use the \"sha256\" property for the more secure SHA256 hash.\n");
+ }
+
break;
case PROP_SHA256:
diff --git a/src/builder-source-file.c b/src/builder-source-file.c
index 715803d510bb..8a4077246cda 100644
--- a/src/builder-source-file.c
+++ b/src/builder-source-file.c
@@ -154,11 +154,23 @@ builder_source_file_set_property (GObject *object,
case PROP_MD5:
g_free (self->md5);
self->md5 = g_value_dup_string (value);
+ if (self->md5 != NULL && self->md5[0] != '\0')
+ {
+ g_printerr ("The \"md5\" source property is deprecated due to the weakness of MD5 hashes.\n");
+ g_printerr ("Use the \"sha256\" property for the more secure SHA256 hash.\n");
+ }
+
break;
case PROP_SHA1:
g_free (self->sha1);
self->sha1 = g_value_dup_string (value);
+ if (self->sha1 != NULL && self->sha1[0] != '\0')
+ {
+ g_printerr ("The \"sha1\" source property is deprecated due to the weakness of SHA1 hashes.\n");
+ g_printerr ("Use the \"sha256\" property for the more secure SHA256 hash.\n");
+ }
+
break;
case PROP_SHA256:
--
2.34.1

146
SPECS/flatpak-builder.spec
Unescape View File

@ -1,40 +1,46 @@
%global appstream_version 0.15.0
%global debugedit_version 5.0 %global debugedit_version 5.0
%global glib2_version 2.44 %global glib2_version 2.66
%global ostree_version 2017.14 %global ostree_version 2017.14
%global flatpak_version 0.99.1 %global flatpak_version 0.99.1
Name: flatpak-builder Name: flatpak-builder
Version: 1.2.2 Version: 1.4.1
Release: 1%{?dist} Release: 3%{?dist}
Summary: Tool to build flatpaks from source Summary: Tool to build flatpaks from source
# src/builder-utils.c has portions derived from GPLv2+ code, # src/builder-utils.c has portions derived from GPLv2+ code,
# the rest is LGPLv2+ # the rest is LGPLv2+
License: LGPLv2+ and GPLv2+ License: LGPL-2.1-or-later AND GPL-2.0-or-later
URL: http://flatpak.org/ URL: https://flatpak.org/
Source0: https://github.com/flatpak/flatpak-builder/releases/download/%{version}/%{name}-%{version}.tar.xz Source0: https://github.com/flatpak/flatpak-builder/releases/download/%{version}/%{name}-%{version}.tar.xz
# https://bugzilla.redhat.com/show_bug.cgi?id=1935509 # ostree not on i686 for RHEL 10
Patch0: flatpak-builder-source-archive-source-file-Deprecate-MD5-and-SHA1-ha.patch # https://github.com/containers/composefs/pull/229#issuecomment-1838735764
%if 0%{?rhel} >= 10
ExcludeArch: %{ix86}
%endif
BuildRequires: appstream-compose >= %{appstream_version}
BuildRequires: gettext BuildRequires: gettext
BuildRequires: debugedit >= %{debugedit_version} BuildRequires: debugedit >= %{debugedit_version}
BuildRequires: docbook-dtds BuildRequires: docbook-dtds
BuildRequires: docbook-style-xsl BuildRequires: docbook-style-xsl
BuildRequires: flatpak >= %{flatpak_version} BuildRequires: flatpak >= %{flatpak_version}
BuildRequires: libcap-devel BuildRequires: libcap-devel
BuildRequires: make BuildRequires: meson
BuildRequires: pkgconfig(glib-2.0) >= %{glib2_version} BuildRequires: pkgconfig(glib-2.0) >= %{glib2_version}
BuildRequires: pkgconfig(gobject-introspection-1.0) BuildRequires: pkgconfig(gobject-introspection-1.0)
BuildRequires: pkgconfig(json-glib-1.0) BuildRequires: pkgconfig(json-glib-1.0)
BuildRequires: pkgconfig(libcurl) BuildRequires: pkgconfig(libcurl)
BuildRequires: pkgconfig(libelf) BuildRequires: pkgconfig(libelf)
BuildRequires: pkgconfig(libsoup-2.4) BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(ostree-1) >= %{ostree_version} BuildRequires: pkgconfig(ostree-1) >= %{ostree_version}
BuildRequires: pkgconfig(yaml-0.1) BuildRequires: pkgconfig(yaml-0.1)
BuildRequires: /usr/bin/xmlto BuildRequires: /usr/bin/xmlto
BuildRequires: /usr/bin/xsltproc BuildRequires: /usr/bin/xsltproc
Requires: appstream-compose >= %{appstream_version}
Requires: debugedit >= %{debugedit_version} Requires: debugedit >= %{debugedit_version}
Requires: flatpak%{?_isa} >= %{flatpak_version} Requires: flatpak%{?_isa} >= %{flatpak_version}
Requires: glib2%{?_isa} >= %{glib2_version} Requires: glib2%{?_isa} >= %{glib2_version}
@ -53,14 +59,21 @@ Recommends: /usr/bin/zstd
Recommends: ccache Recommends: ccache
# Uncommon enough that we don't want to pull them in by default # Uncommon enough that we don't want to pull them in by default
#Recommends: /usr/bin/bzr #Recommends: /usr/bin/brz
#Recommends: /usr/bin/lzip #Recommends: /usr/bin/lzip
#Recommends: /usr/bin/svn #Recommends: /usr/bin/svn
%description %description
Flatpak-builder is a tool for building flatpaks from sources. Flatpak-builder is a tool for building flatpaks from sources.
See http://flatpak.org/ for more information. See https://flatpak.org/ for more information.
%package tests
Summary: Tests for %{name}
Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
%description tests
This package contains installed tests for %{name}.
%prep %prep
@ -68,16 +81,17 @@ See http://flatpak.org/ for more information.
%build %build
%configure \ %meson -Ddocs=enabled -Dfuse=3 -Dinstalled_tests=true -Dyaml=enabled
--enable-docbook-docs \ %meson_build
--with-fuse=2 \
--with-system-debugedit
%make_build V=1
%install %install
%make_install %meson_install
install -pm 644 NEWS README.md %{buildroot}/%{_pkgdocdir}
# %%check
# %%meson_test
%files %files
@ -87,26 +101,92 @@ See http://flatpak.org/ for more information.
%{_mandir}/man1/flatpak-builder.1* %{_mandir}/man1/flatpak-builder.1*
%{_mandir}/man5/flatpak-manifest.5* %{_mandir}/man5/flatpak-manifest.5*
%files tests
%{_datadir}/installed-tests
%{_libexecdir}/installed-tests
%changelog %changelog
* Mon Feb 07 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.2.2-1 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.4.1-3
- Rebase to 1.2.2 - Bump release for October 2024 mass rebuild:
Resolves: #1999742 Resolves: RHEL-64018
* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.4.1-2
- Rebuilt for MSVSphere 10
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.4.1-2
- Bump release for June 2024 mass rebuild
* Thu Feb 08 2024 Kalev Lember <klember@redhat.com> - 1.4.1-1
- Update to 1.4.1
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Dec 12 2023 Kalev Lember <klember@redhat.com> - 1.4.0-1
- Update to 1.4.0
* Sun Nov 19 2023 Kalev Lember <klember@redhat.com> - 1.3.5-1
- Update to 1.3.5
* Mon Nov 13 2023 Debarshi Ray <rishi@fedoraproject.org> - 1.3.4-1
- Update to 1.3.4 (#2212349)
- Enable installed tests
- Disable %%check
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Feb 02 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.0.14-2 * Tue Mar 21 2023 David King <amigadave@amigadave.com> - 1.3.3-1
- Deprecate MD5 and SHA1 hashes - Update to 1.3.3 (#2179415)
Resolves: #1935509
* Thu Sep 23 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.0.14-1 * Thu Feb 09 2023 David King <amigadave@amigadave.com> - 1.3.1-1
- Update to 1.3.1 (#2159101)
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Dec 26 2022 msuchy <msuchy@redhat.com> - 1.2.3-2
- migrate to SPDX license
* Tue Nov 29 2022 David King <amigadave@amigadave.com> - 1.2.3-1
- Update to 1.2.3 (#2149163)
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Apr 01 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.2.2-3
- Work with both FUSE 2 and FUSE 3
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jan 19 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.2.2-1
- Update to 1.2.2
* Wed Jan 19 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.2.1-2
- Add 'Recommends: /usr/bin/zstd' to go with the new *.tar.zst support
* Wed Jan 19 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.2.1-1
- Update to 1.2.1
* Tue Oct 12 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.2.0-1
- Update to 1.2.0
* Thu Sep 23 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.1.2-1
- Update to 1.1.2
* Tue Aug 31 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.1.1-1
- Update to 1.1.1
* Tue Aug 31 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.0.14-1
- Update to 1.0.14 - Update to 1.0.14
Resolves: #2006557
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.12-4
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.12-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
<
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.12-4
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Mar 29 2021 Kalev Lember <klember@redhat.com> - 1.0.12-3 * Mon Mar 29 2021 Kalev Lember <klember@redhat.com> - 1.0.12-3
- Remove bzr, lzip and svn recommends as they are not common enough - Remove bzr, lzip and svn recommends as they are not common enough

Write Preview
Loading…
Cancel
Save