summaryrefslogtreecommitdiff
path: root/app
Commit message (Collapse)AuthorAgeFilesLines
* app: Port transaction subclasses to use add_rebase_and_uninstall()Philip Withnall2023-03-302-31/+2
| | | | | | | | | | This fixes the possible situation where an eol-rebase app can be uninstalled and the new version not correctly installed (due to, for example, the install op failing due to a lack of disk space). Signed-off-by: Philip Withnall <pwithnall@endlessos.org> Fixes: #3991
* run: Make it clearer that rest_argv_start is not used uninitializedSimon McVittie2023-03-201-2/+3
| | | | | | | | rest_argv_start is initialized whenever rest_argc != 0, so the previous code was in fact safe; but this wasn't obvious to either a human reader or the compiler, and some gcc versions warn here. Signed-off-by: Simon McVittie <smcv@collabora.com>
* cli-transaction: Escape any special characters in the EOL reasonSimon McVittie2023-03-161-1/+4
| | | | | | CVE-2023-28101, GHSA-h43h-fwqx-mpp8 Signed-off-by: Simon McVittie <smcv@collabora.com>
* Ensure special characters in permissions and metadata are escapedRyan Gonzalez2023-03-163-7/+18
| | | | | | | | | This prevents someone from placing special characters in order to manipulate the appearance of the permissions list. CVE-2023-28101, GHSA-h43h-fwqx-mpp8 Signed-off-by: Ryan Gonzalez <ryan.gonzalez@collabora.com>
* list: Show a warning if we can't load the current versionSimon McVittie2023-02-081-2/+8
| | | | | | | Conceptually similar to the previous commit, except it didn't crash before, just didn't display anything. Signed-off-by: Simon McVittie <smcv@collabora.com>
* list: Handle error in flatpak_dir_load_deployed()Simon McVittie2023-02-081-1/+11
| | | | | | | | | flatpak_dir_load_deployed() can fail and return NULL. If that happens, there is a semi-installed but broken app, and we should show a warning rather than crashing. Resolves: https://github.com/flatpak/flatpak/issues/5293 Signed-off-by: Simon McVittie <smcv@collabora.com>
* Revert "Add support for files generated by appstreamcli compose (#5277)"Patrick Griffis2023-02-041-6/+6
| | | | This reverts commit 88f7ecd000f84b75bd055ad6b6f92d7881e5e377.
* Add support for files generated by appstreamcli compose (#5277)Luna2023-02-041-6/+6
| | | | Co-authored-by: Bartłomiej Piotrowski <b@bpiotrowski.pl> Co-authored-by: Jamie Murphy <hello@itsjamie.dev>
* trivial: Trim some long lines, etc.Phaedrus Leeds2023-01-021-12/+22
|
* repair: Fix off-by-one error in fancy outputPhaedrus Leeds2023-01-021-1/+1
| | | | Fixes https://github.com/flatpak/flatpak/issues/5204
* common: Make flatpak_debug2() use the same domain as g_debug()Simon McVittie2022-12-151-2/+2
| | | | | | | | | | | | | | | | | | | | | | Now that we are logging `flatpak -v` messages with log level INFO, and printing INFO messages in the same way as DEBUG, we can reserve log level DEBUG for `flatpak -v -v` messages. This means we no longer need a weird secondary debug domain. There is a very small behaviour change here: G_MESSAGES_DEBUG=flatpak is now similar to `flatpak -v -v` (previously `flatpak -v`), and G_MESSAGES_DEBUG=flatpak2 no longer has any effect. This seems more in line with what would be expected from a GLib-based application. In flatpak(1) and the system helper, this does not change behaviour other than that: the same messages are logged by `-v` and by `-v -v` as before. In daemons that do not implement `-v -v` (the OCI authenticator, portal and session helper), it continues to be necessary to use G_MESSAGES_DEBUG to see flatpak_debug2() messages. Signed-off-by: Simon McVittie <smcv@collabora.com>
* app: Use g_info() for messages that will be shown by flatpak -vSimon McVittie2022-12-1513-45/+45
| | | | | | | This brings us one step closer to being able to stop using the flatpak2 log domain for messages that are exclusive to `flatpak -v -v`. Signed-off-by: Simon McVittie <smcv@collabora.com>
* main: Treat g_info() as equivalent to g_debug()Simon McVittie2022-12-141-3/+3
| | | | | | | | | | | | | | | | | | | | | | This makes us consistent with the default behaviour of GLib, and its behaviour with G_MESSAGES_DEBUG=all. g_debug() and g_info() are the two lowest priority levels, and GLib normally silences them by default. At the moment, Flatpak uses G_LOG_LEVEL_DEBUG in the flatpak2 domain as its lowest-priority log level (only shown with flatpak -v -v), and G_LOG_LEVEL_DEBUG in the flatpak domain as its second-lowest (shown with flatpak -v or higher). I want to move towards using G_LOG_LEVEL_INFO for flatpak -v messages, and G_LOG_LEVEL_DEBUG for flapak -v -v, so that we don't need a second log domain: this is a policy I've used successfully in Flatpak-derived Steam Runtime code. This change does not fully implement that policy, but gives us a migration path towards it, by allowing us to start using g_info() for flatpak -v messages. Helps: https://github.com/flatpak/flatpak/issues/5001 Signed-off-by: Simon McVittie <smcv@collabora.com>
* Replace calls to g_memdup() with g_memdup2()Simon McVittie2022-12-122-3/+3
| | | | | | | | | | | | g_memdup() is subject to an integer overflow on 64-bit machines if the object being copied is larger than UINT_MAX bytes. I suspect none of these objects can actually be that large in practice, but it's easier to replace all the calls than it is to assess whether we need to replace them. A backport in libglnx is used on systems where GLib is older than 2.68.x. Signed-off-by: Simon McVittie <smcv@collabora.com>
* app/meson.build: Add missing depJan Alexander Steffens (heftig)2022-11-031-0/+1
| | | | | Since we include the base private headers, we need the common base sources to be generated.
* Add a Meson build systemSimon McVittie2022-10-242-0/+143
| | | | | Resolves: https://github.com/flatpak/flatpak/issues/2241 Signed-off-by: Simon McVittie <smcv@collabora.com>
* app: Fix warning when listing a document with no permissions.Robert Ancell2022-09-061-3/+4
| | | | | | (flatpak documents:2965757): GLib-CRITICAL **: 11:27:35.128: g_variant_iter_next_value: must not be called again after NULL has already been returned. This is due to the applications iterator being checked twice even though it is empty.
* Add a vim modeline and .editorconfigPhaedrus Leeds2022-08-2250-50/+50
| | | | | | | | | To make indentation work with less effort. The modeline was copied from libostree with minor modification and the .editorconfig from GLib. The advantage of having both a modeline and an editorconfig is we can work out of the box on more editor setups, and the modeline allows us to specify the style with a lot more fine grained control.
* app: Add -u alias for --userPhaedrus Leeds2022-08-161-1/+1
| | | | | | | Save folks a few keystrokes. There is a command which already has a '-u' option, document-export, but it doesn't support --user so there should be no conflict. However '-s' is used by the info command among others, so we can't use that for --system.
* enter: Don't overwrite the DISPLAYSimon McVittie2022-08-161-4/+0
| | | | | | | Now that we're using the same display number in the sandbox as on the host, we can forget about overwriting it with :99. Signed-off-by: Simon McVittie <smcv@collabora.com>
* build-export: Don't warn on missing Exec= if DBusActivatable=truePhaedrus Leeds2022-08-161-9/+10
| | | | | | The Desktop Entry spec says that Exec= is only required if DBusActivatable= is not set to true, so don't emit a warning when Exec= is missing but not required.
* build-export: Explicitly allow empty Exec values in desktop fileDanilo Bargen2022-08-161-2/+7
|
* build-export: Avoid segfault if Exec line is missing from desktop fileDanilo Bargen2022-08-161-5/+7
|
* build-export: Fully ignore stdout content of icon validationPhaedrus Leeds2022-07-251-1/+3
| | | | | | | | | | | | The docs for g_spawn_sync() say: "Note that you must set the G_SPAWN_STDOUT_TO_DEV_NULL and G_SPAWN_STDERR_TO_DEV_NULL flags when passing NULL for standard_output and standard_error." So add in the stdout flag when calling flatpak-validate-icon in the build-export command. Without this, there's output in the test logs from when they're building the test app, due to https://github.com/flatpak/flatpak/pull/4803
* app: Un-split translatable strings againPhaedrus Leeds2022-07-231-15/+43
| | | | | | | | | | As with the previous commits, try not to split translatable sentences. See the discussion here about whether the "Warning: "/"Error: " prefix should be separable: https://github.com/flatpak/flatpak/pull/4963#discussion_r908326539 Also, don't translate the "(internal error..." message since internal errors shouldn't be translated to make debugging easier.
* app: Remove a duplicated else if blockPhaedrus Leeds2022-07-232-4/+0
|
* app: Un-split some translatable stringsPhaedrus Leeds2022-07-232-43/+92
| | | | | | Also make them a bit prettier while we're here Fixes https://github.com/flatpak/flatpak/issues/4877
* app: Un-split EOL translatable sentencesPhaedrus Leeds2022-07-231-32/+28
| | | | Fixes https://github.com/flatpak/flatpak/issues/4956
* uninstall: Prompt for confirmation on used runtime removalPhaedrus Leeds2022-07-211-17/+37
| | | | | | | It doesn't make a lot of sense to prompt for confirmation when an in-use extension is requested to be uninstalled, but not do so for an in-use runtime, even if (or perhaps especially since) the latter causes the transaction to fail later on.
* app: Tweak messages about dependent appsPhaedrus Leeds2022-07-212-5/+14
| | | | | | Use a "Info: " prefix which matches the message printed in print_eol_info_message(). Also make the message accurately use either the word "runtime" or "extension" as appropriate.
* uninstall: Ask for confirmation for used runtime extensionsPhaedrus Leeds2022-07-211-3/+101
| | | | | | | | Based on discussions on the issue tracker, it seems that users sometimes remove runtime extensions without really understanding whether they're in use. Add a confirmation prompt to address this. Helps: #4549
* app: Improve checking for dependent apps in EOL messagesPhaedrus Leeds2022-07-211-0/+51
| | | | | | | | | | | flatpak_dir_list_app_refs_with_runtime_extension() only works when the runtime extension it is passed and the apps it returns are both installed. Sometimes a end-of-life message is printed for a runtime that is not installed but is being installed by the current transaction, or a runtime that is installed but one of the apps that needs it is being installed by the current transaction. To cover these cases, check the operations in the current transaction when building informational messages about EOL runtimes.
* app: List apps that use a runtime extension when it's EOLPhaedrus Leeds2022-07-211-2/+56
| | | | | | | | | | | | | | | | | | | | | | | Currently if a runtime extension, e.g. org.freedesktop.Platform.html5-codecs//18.08 is used by a runtime org.kde.Platform//5.12 which itself is used by one or more apps, when we print a message to the user about html5-codecs being EOL, we don't find any apps using it and don't print any. Fix this by including apps that indirectly use a runtime extension in the "Applications using this runtime:" list. In a later commit we can re-use the helper function added here to add a confirmation dialog if the user tries to remove a runtime extension that's being used; currently we just let them remove it. This is limited to only looking in the current flatpak installation, so a per-user app using a system-wide runtime extension would not be found. This is implemented using in-memory caches because otherwise it is horribly slow; see https://github.com/flatpak/flatpak/pull/4835#discussion_r876425289 Helps: #3531
* app/flatpak-complete.c: Fix typoPhaedrus Leeds2022-07-181-1/+1
|
* app: Fix inefficiency in pin and mask commandsPhaedrus Leeds2022-07-182-6/+8
| | | | | There's no point reading data from disk on a code path that doesn't do anything with it.
* Increase verbosity of extension missing error messagesFina Wilke2022-07-171-2/+2
| | | | | Adds arch and branch to the error message to help with locating the required extension arch and branch.
* Move all use of soup APIs into flatpak-utils-httpAlexander Larsson2022-06-161-4/+0
| | | | This will allow us to make the soup dependency optional.
* http utils: Make a generic FlatpakHttpSession instead of SoupSessionAlexander Larsson2022-06-162-6/+6
| | | | | Its still just a SoupSession, but now the implementation is more centralized and can be something else down the line.
* update: Add newline before nothing to do messagePhaedrus Leeds2022-06-151-1/+4
| | | | | | This looks better in case there are warnings or info messages printed during the update operation, since those are separated from each other by newlines (at least the EOL ones).
* app: Use bold app ID for permissions headingPhaedrus Leeds2022-06-151-2/+10
|
* uninstall: Fix support for --noninteractivePhaedrus Leeds2022-06-151-0/+3
| | | | | Just copy the same way we set opt_yes in the install and update commands.
* app: Improve end-of-life info messagePhaedrus Leeds2022-06-151-17/+81
| | | | | | | I think the "app//branch" syntax is pretty ugly, and maybe not all users understand it. Helps: #3531
* app: Fix typo in debug messagePhaedrus Leeds2022-06-151-1/+1
|
* main: Don't install polkit agent when running in tests, fixing slowness.Alexander Larsson2022-06-131-0/+5
| | | | | | In the tests we don't use a systemwide helper anyway, so the polkit stuff is unnecessary. Also, for some reason this was taking a very long time for me, causing the tests to be super slow.
* build: Don't leak the destination prefixDebarshi Ray2022-06-031-2/+2
| | | | | Clearly, 'dest' can't be a 'const char *' when it's pointing at g_strdup:ed strings.
* Add --include-sdk/debug to install SDK/debuginfo along with a refRyan Gonzalez2022-05-061-0/+13
| | | | | | | | This makes it a lot easier to give guidance on using `flatpak run -d` or `flatpak-coredumpctl`, because there's an easy way to install the relevant refs. Signed-off-by: Ryan Gonzalez <ryan.gonzalez@collabora.com>
* uninstall: Make help message more accuratePhaedrus Leeds2022-04-231-1/+1
|
* app: Disable fuzzy matching if not on a ttyPhaedrus Leeds2022-04-212-3/+3
| | | | | | | | | | | | | | | | As discussed in #4848, this disables fuzzy matching entirely if stdin or stdout is not a tty, meaning that something like "flatpak install firefox" would be treated as incorrect syntax, since this syntax is intended for interactive CLI use. Even before this commit, "flatpak install firefox" would error out if run without a tty, since we don't automatically choose a matching app ID even if there is only one match. However "flatpak install -y firefox" could work before, but won't any more. People should be specifying the full app ID in any context other than a tty. This commit also introduces a new env var so the unit tests can continue to check the fuzzy matching behavior, despite them being run without a tty.
* app: Disable fuzzy ref matching when id has a periodPhaedrus Leeds2022-04-212-3/+3
| | | | | | | | | | | | | As discussed in #4848, this disables fuzzy matching when the string given has a period in it. So for example "flatpak install org.mozilla" would not offer "org.mozilla.firefox" even though the string given is a substring of the app ID. This is desirable because it helps ensure fuzzy matching is only used when the user intended to use it. As with the previous commit that fixed #4829, this does technically break backwards compatibility, but only in an interface intended for interactive use by a human, not an interface that's used programmatically, so it seems okay.
* app: Disable fuzzy ref matching when id has a slashPhaedrus Leeds2022-04-212-16/+52
| | | | Fixes https://github.com/flatpak/flatpak/issues/4829
View Lorry Controller Status