forked from Mirrors/flatpak-builder
606 lines
27 KiB
Plaintext
606 lines
27 KiB
Plaintext
Major changes in 0.8.0
|
|
======================
|
|
|
|
This is the first release in a new series of stable releases called
|
|
0.8.x. New features will be added to 0.9.x, and only bugfixes will be
|
|
backported to 0.8.x. The featureset of this release is a good base to
|
|
target if you're creating flatpaks that should be widely usable.
|
|
|
|
This release technically requires only OSTree 2016.14, and it build
|
|
fine with this, but we recommend using OSTree 2016.15, because of the
|
|
change in how it verifies the checksums of commits in delta files.
|
|
|
|
* Flatpakrepo files now support a RuntimeRepo= key which points to
|
|
a flatpakrepo file. This means the user don't have to manually
|
|
configure a remote for the runtime, just reply to the prompt
|
|
to automatically do this when installing the app.
|
|
* We now support dependencies when installing bundles. This includes
|
|
required runtimes, related refs, and the equivalent of RuntimeRepo.
|
|
* The support for OCI in flatpak has been updated to the latest
|
|
OCI spec version, and support has been added to directly install
|
|
flatpak applications from an OCI image.
|
|
* In flatpak install, the --from and --bundle options are now optional
|
|
if the argument has the correct suffix (.flatpakref and .flatpak)
|
|
* Flatpak install now supports -y to let you avoid interactive prompts.
|
|
* build-finish: We now export mime type files with the right name.
|
|
* build-finish: New --require-version option let you specify a particular
|
|
version of flatpak, and older version of flatpak will not install
|
|
or update to the new version.
|
|
* build-sign: Allow signing all apps by omitting the id.
|
|
* Fix regression in the document portal when adding named files.
|
|
* build-import-bundle now signs the commit if you specify a gpg key.
|
|
* Flatpak now reads configuration from /etc/flatpak/installations.d
|
|
which lets you support multiple system-level installation paths.
|
|
These can be accessed with new --installation=... arguments to
|
|
most of the commands.
|
|
* flatpak-builder: Support --jobs=N to limit parallel builds
|
|
* flatpak-builder: Patch source got new options property that lets
|
|
you pass arguments to patch.
|
|
* flatpak-builder: New generic "buildsystem: type" option that
|
|
replace the (now deprecated) "cmake: true" option. This
|
|
supports "autotools", "cmake" and "meson".
|
|
|
|
Major changes in 0.6.14
|
|
=======================
|
|
* Update bundled bubblewrap to 0.1.4 which has some nice bugfixes.
|
|
If you are using an external bubblewrap it is recommended, but
|
|
not required to update.
|
|
* Requires OSTree 2016.14, which allows us to drop some old
|
|
workarounds.
|
|
* When installing an application system-wide, don't consider
|
|
dependencies that are installed for the user only.
|
|
* Flatpak install --from now tries to re-use existing remotes to
|
|
avoid creating unnecessary origin remotes.
|
|
* Using --filesystem=$dir when $dir is a symlink-to-directory now works.
|
|
* Using --filesystem=$file to expose unix sockets to the app is now
|
|
allowed.
|
|
* By default all the directories in ~/.var/app (except the app), as
|
|
well as ~/.local/share/flatpak are hidden in the sandbox.
|
|
* New option --filesystem=$dir:create which will create the destination
|
|
if it did not previously exist.
|
|
* --filesystem= now supports for xdg-[config|cache|data]. This
|
|
allows you access to the host versions of these xdg dirs. Additionally
|
|
if you use these with a subdirectory, like:
|
|
--filesystem=xdg-config/subdir
|
|
then that subdirectory on the host will be shared with the per-app
|
|
instance of the xdg-dir.
|
|
* Builder now correctly handles app-ids that have dashes in them.
|
|
Previously this generated invalid ids for the debuginfo and locale
|
|
extensions.
|
|
* The experimental OCI file format support was changed from creating an
|
|
OCI container to creating an OCI image.
|
|
* Fix regression where "flatpak update --appstream remotename" broke
|
|
|
|
Major changes in 0.6.13
|
|
=======================
|
|
* The command line arguments for install/update/uninstall changed
|
|
|
|
These used to take an application id and an optional branch name as
|
|
two arguments. This meant you could not specify multiple apps
|
|
to install in a single command. So, instead of having the branch
|
|
as a separate argument we now support partial references.
|
|
If you only specify an id we try to match the rest as best we
|
|
can depending on what is installed/available, but if this
|
|
matches multiple things you have to specify more details.
|
|
|
|
For example you can use:
|
|
* org.my.App//stable - Any compatible arch, stable branch
|
|
* org.my.App/x86_64 - x86-64, look for available branch
|
|
* org.my.App/x86_64/stable - exact reference
|
|
|
|
This means install/update/uninstall can now install multiple apps
|
|
in a single operation.
|
|
|
|
* Application runtime depencenies are checked/downloaded
|
|
|
|
Whenever you install or update an application we check that the
|
|
required runtime is installed. If not, we check if it is available
|
|
in any configured remote, and if found asks the user if/where to
|
|
install it from. If it is not found, the install/update fails.
|
|
|
|
You can mark remotes as --no-use-for-deps, which means flatpak will
|
|
never search for runtime dependencies in such remotes. This makes
|
|
the dependency search faster if you have app-only remotes.
|
|
It is recommended that app-only .flatpakrepo file define this
|
|
by specifying NoDeps=true.
|
|
|
|
* remote-add and install --from now supports uris
|
|
|
|
This means you can install flatpakrefs and flatpakrepos in a
|
|
single command like so:
|
|
|
|
* flatpak remote-add --from gnome https://sdk.gnome.org/gnome.flatpakrepo
|
|
* flatpak install --from https://sdk.gnome.org/gedit.flatpakref
|
|
|
|
* flatpak run can now launch a runtime directly
|
|
|
|
For example, "flatpak run org.gnome.Platform//3.22" will launch a shell
|
|
inside a sandboxy with the gnome 3.22 runtime and an empty /app.
|
|
This is useful for development and testing.
|
|
|
|
* included bubblewrap was bumped to 0.1.3 which has a security fix
|
|
* Support for defining the default branch per remote
|
|
* remote-add/modify: --update-metadata pulls current title and default branch
|
|
from remote summary file
|
|
* Applications can now list a set of URIs that will be downloaded with the
|
|
application. The app can then extract these and use as a part of the
|
|
application data. This is useful for applications using freely downloadable
|
|
parts that can't be redistributed elsewhere.
|
|
* flatpak-builder: Support --finish-only and --allow-missing-runtimes
|
|
* flatpak-builder: Support app layering
|
|
|
|
An app can define a "base" application which is used for the initial
|
|
content before the application is built. This way applications can
|
|
be built in a layered fashion.
|
|
|
|
* dbus proxy: The filtering has been tightened up
|
|
* build-finish: Now exports icons for themes other than hicolor too
|
|
* There is support in the app metadata for generic policies.
|
|
|
|
These are read and propagated and supports overriding, but are
|
|
not otherwise interpreted by flatpak. They can be used by other
|
|
host services as static permissions for the application.
|
|
|
|
* Support for extensions directories
|
|
|
|
In addition to using flatpak maintained runtime as an extensions
|
|
flatpak can now use raw directories in ~/.local/share/flatpak/extension
|
|
and /var/lib/flatpak/extension. For example, if you create a
|
|
directory called org.freedesktop.Platform.GStreamer.MyPlugins/x86_64/1.4
|
|
there it will be used as a source for gstreamer plugins for all
|
|
runtimes based on the freedesktop 1.4 runtime.
|
|
|
|
Major changes in 0.6.12
|
|
=======================
|
|
* Partial revert in application id rules. Application ids
|
|
can now only have dashes in the last element. This allows
|
|
apps to export files such as org.my.App-extra.desktop which
|
|
was used by the libreoffice builds.
|
|
* By default the kernel keyring is not accessable, as it is
|
|
not containable.
|
|
* Some robustness fixes for build-commit-from
|
|
* Better error messages
|
|
* flatpak update --appstream now updates for all remotes
|
|
* Made flatpak enter work, and you can now use any pid in the sandbox.
|
|
However, it requires root permissions.
|
|
* Support for --device=kvm for /dev/kvm access
|
|
* Support for --allow=multiarch to support non-primary arch support.
|
|
For example running i686 code in an x86_64 app.
|
|
* Add new default-branch setting for the remote configuration
|
|
|
|
Major changes in 0.6.11
|
|
=======================
|
|
|
|
* Dashes are now allowed in application ids. However, to still work with
|
|
symbolic icon names, they may not end with "-symbolic".
|
|
* HostCommand now handles ptys correctly
|
|
* Various documentation updates
|
|
* New FLATPAK_CHECK_VERSION macro in libflatpak
|
|
* HostCommand now returns the real PID rather than a fake one.
|
|
* Fix regression in flatpak update --appstream
|
|
* Fix regression installing bundles without origin urls
|
|
* New flatpak-builder option --show-deps lists all the files
|
|
the manifest depends on.
|
|
|
|
Major changes in 0.6.10
|
|
=======================
|
|
|
|
* Dropped requirement for systemd --user.
|
|
The way we detect if an process we're talking to is sandboxed, and
|
|
what application id it has doesn't use cgroups anymore, which means
|
|
that the dependency on systemd in the user session is now optional.
|
|
This also means the --no-desktop argument is not needed any more.
|
|
(It is still accepted but does nothing.)
|
|
* Initial support has been added for .flatpakref files. These are simple key
|
|
value files similar to .flatpakrepo files, however they specify an application
|
|
to install in addition to the repo information. For example, gedit can be
|
|
installed by downloading https://sdk.gnome.org/gedit.flatpakref and running:
|
|
flatpak install --from gedit.flatpakref
|
|
There is also library support for this so it can be added to graphical
|
|
installers (such as gnome-software).
|
|
* Requires OSTree 2016.10. The change in how OSTree handles mtimes in
|
|
checkouts that was introduced in 2016.7 has been reverted, and
|
|
the required changes in Flatpak has been made. This means that
|
|
flatpak now depends on OSTree 2016.10.
|
|
* Requires Bubblewrap 0.1.2 for builds using the system bubblewrap.
|
|
Builds using the included copy need no changes.
|
|
* The $XDG_RUNTIME_DIR/flatpak-info file has added information
|
|
about the running application, and is now also securely available
|
|
for a running application from the host as "/proc/$fd/root/.flatpak-info".
|
|
This is what is used to identify remote apps instead of the cgroup
|
|
info.
|
|
* A new run permission --allow=devel has been added. An application with
|
|
this permission is allowed to use ptrace and perf. This was previously
|
|
only available during "flatpak build" and "flatpak run -d". This
|
|
is useful if you're packaging e.g. an IDE.
|
|
* When an application is updated or removed a /app/.updated or /app/.removed
|
|
file is created for running instances. This can be used by applications to
|
|
trigger e.g. a restart for the new version.
|
|
* A new dbus request "HostCommand" has been added to org.freedesktop.Flatpak.
|
|
This lets you run any command on the host, and is therefore clearly not
|
|
sandboxed, so access to this should be limited. However, it is very useful
|
|
if you're using flatpak mainly as a distribution mechanism, for a non-sandboxed
|
|
application.
|
|
* flatpak-builder now supports running from inside a flatpak, by auto-detecting
|
|
this and using the HostCommand service to run recursive flatpaks.
|
|
* Consecutive calls to flatpak build-update-repo has been speed up.
|
|
* The document portal now allows sandboxed applications to create references
|
|
to files in /app and /usr (in the app/runtime).
|
|
* The update process noew doesn't stop at the first failure.
|
|
|
|
Major changes in 0.6.9
|
|
======================
|
|
|
|
* Dropped dependency on libgsystem
|
|
* Allow passing partial refs whenever a CLI command takes
|
|
an app or runtime name.
|
|
* New command build-commit-from creates a new commit based
|
|
on the contents of another commit (optionally from another
|
|
local repo).
|
|
* The sandbox now contains $XDG_RUNTIME_DIR/app/$APPID from the
|
|
host (and the directory is created if needed).
|
|
* update: Better output, and faster for the no updates case
|
|
* build-export: Don't make most validation errors fail, instead
|
|
just print a warning.
|
|
* builder: Support local path references for git sources
|
|
* builder: Better handling of recursive git submodules
|
|
* builder: Fixed issues with the .pyc mtime rewriting
|
|
* builder: Handle symbolic icons for rename-icon
|
|
* builder: Add --stop-at=$module to do partial builds
|
|
* builder: Add --sandbox flag to disable the build from escaping
|
|
from the sandbox via build-args.
|
|
|
|
Major changes in 0.6.8
|
|
======================
|
|
|
|
* Requires OSTree 2016.7, allowing us to enable use of static delta
|
|
for system downloads again.
|
|
* Support --no-desktop which allows you to run a flatpak app outside
|
|
a desktop, with some loss of functionallity (for example, there
|
|
will be no systemd --user scope created for the app)..
|
|
* More documentation.
|
|
* Memory leak fixes.
|
|
* Initial support for rpms as flatpak-builder archive sources.
|
|
* Start work on translating the CLI.
|
|
* Install systemd config snippet to set the right XDG_DATA_DIRS path.
|
|
* Support --arch in flatpak list.
|
|
* Support access() in the document portal.
|
|
* Validate exported desktop files.
|
|
|
|
Major changes in 0.6.7
|
|
======================
|
|
|
|
* Automatically download and update related references such
|
|
as locales when using the CLI.
|
|
* lib: Support for getting related references
|
|
* Document metadata format
|
|
* Support build using system-installed bwrap
|
|
* Allow access to the journal socket in the sandbox
|
|
* builder: Support applying patches with git (useful for binary diffs)
|
|
* Require ostree 2016.6
|
|
|
|
Major changes in 0.6.6
|
|
======================
|
|
|
|
* Better support for multi-arch (for instance, will automatically install
|
|
i386-only app on x86_64 without user having to specify --arch).
|
|
* Support --device=all to access the full host /dev
|
|
* More command line support for managing exported documents
|
|
* Extended API for the document portal: Lookup, Info, List
|
|
* flatpak-builder: Support initializing /var from a runtime
|
|
extension.
|
|
* Disable static deltas when updating via the system helper to
|
|
work around bug in ostree.
|
|
|
|
Major changes in 0.6.5
|
|
======================
|
|
|
|
* Documentation improvements
|
|
* builder: Check that the specified command exists after build is done
|
|
* builder: Fix up mtime in headers for python precompiled files
|
|
* builder: Allow submodules and including modules from other json files
|
|
* system-helper builds are optional (--disable-system-helper)
|
|
* system-helper: Support installing from local remotes and bundles
|
|
* Improved support for --subpath installs, including libflatpak support
|
|
* Improved command line completion
|
|
|
|
Major changes in 0.6.4
|
|
======================
|
|
|
|
* Fix an issue where flatpak sometimes created empty "repo"
|
|
directories in the CWD
|
|
|
|
Major changes in 0.6.3
|
|
======================
|
|
|
|
* Fix resolv.conf regression in `flatpak build`
|
|
* Fix LD_LIBRARY_PATH override support in `flatpak build`
|
|
* Support forwarding app permissions in `flatpak-builder --run`
|
|
* Flatpak is now smarter about the default branch to use in most operations
|
|
* update will not fail on the first error if updating several things
|
|
* New much more complete bash completion system
|
|
* Faster installations
|
|
* Support new keyfile format for remote-add --from=file
|
|
|
|
Major changes in 0.6.2
|
|
======================
|
|
|
|
* Fixed no-network support regression in setuid mode.
|
|
* Fixed creation of root-owned file in home dir when using sudo in some cases
|
|
* New --with-privileged-group configure option
|
|
|
|
Major changes in 0.6.1
|
|
======================
|
|
|
|
* Fixed support for systems without user namespaces (default for Arch) or
|
|
unprivileged support for user namespaces (default for Debian).
|
|
* Fix memory leak during install/update.
|
|
* update: Fix support for --arch.
|
|
* Set the right location for the system directory in the environment.
|
|
* system-helper: Support updating without deploying (needed for
|
|
gnome-software support).
|
|
* lib: Fix support for updates
|
|
|
|
Major changes in 0.6.0
|
|
======================
|
|
|
|
Renamed from xdg-app to Flatpak. Existing repositories should keep
|
|
working, and locally user installed apps/runtime will be migrated
|
|
automatically. However, there are some things that you have to be
|
|
aware of:
|
|
* The command names are now flatpak/flatpak-builder
|
|
* System-wide installed apps/runtimes need to be reinstalled
|
|
* flatpak-builder uses a ".flatpak-builder" subdirectory instead
|
|
of ".xdg-app-builder".
|
|
* The bus name and interface name for the permission
|
|
store is changed, it was in org.freedesktop.XdgApp, but is
|
|
now in org.freedesktop.impl.portal.DesktopPortal.
|
|
* The installation migration is a one-time operation so you can't
|
|
go back to xdg-app after updating.
|
|
* The library API (and name) changed due to the rename.
|
|
|
|
Other changes:
|
|
* Flatpak now hard-requires ostree 2016.5
|
|
* Switch from using xdg-app-helper to an included version of bubblewrap:
|
|
https://github.com/projectatomic/bubblewrap
|
|
* Added a policykit-based system helper that allows you to authenticate
|
|
via polkit to install into the system repository.
|
|
* Added an experimental command to export/import applications and runtimes
|
|
as an OCI tarball.
|
|
* builder: Fix creation of locale extensions if there was no locale data in the
|
|
build.
|
|
* Its now possible to disable/enable configured remotes.
|
|
* A lot of new tests where added, and we now support installed tests.
|
|
* builder now has an optional --arch argument for multiarch building.
|
|
* Builder modules can be disabled with "disabled": true.
|
|
* Using --filesystem=/tmp now hides the system X11 sockets.
|
|
|
|
|
|
Major changes in 0.5.2
|
|
======================
|
|
|
|
* The way locale extensions work has changed. Now we build a single extension
|
|
for all locales, but we allow you to specify a subset of it during installation
|
|
and update time using the --subpath commandline flag.
|
|
The main reason for this is that the many extensions didn't scale, both in
|
|
technical terms (large ostree summary file size), but also in terms of the
|
|
UI listing hundreds of uninteresting things.
|
|
* We no longer use sizes in the commit objects to get installed and download size,
|
|
instead we store some extra metadata in the summary file. This allows us
|
|
to get much faster access to these, as with recent ostree versions we can
|
|
cache the summary file.
|
|
* New command xdg-app build-sign that lets you sign a commit at any time.
|
|
* New argument xdg-app build --force-clean that removes pre-existing build dirs.
|
|
* xdg-app run now uses the "current" version as the default if you specify no
|
|
branch or arch. It used to default to the "master" branch. This will default
|
|
to the last installed version, but can be changed with xdg-app make-current.
|
|
* Added config-opts to the build-options in xdg-app-builder. This allows you
|
|
to extend the configure flags in an arch dependent way.
|
|
* Documentation updates
|
|
|
|
Major changes in 0.5.1
|
|
=======================
|
|
* Make xdg-app-builder --build-only not export the results
|
|
* Create all-in-one Locale extension that combines all the locale extensions
|
|
* Extract icons for all appdata nodes when creating appstream
|
|
* Documentation updates
|
|
* Better handling of metadata in xdg-app-builder cache
|
|
* Respect the specified branch when exporting in xdg-app-builder
|
|
* Fix support for multi-arch with i386 userspace and 64bit kernel
|
|
* Avoid deprecated 32bit capabilities syscalls
|
|
|
|
Major changes in 0.5.0
|
|
=======================
|
|
* Some libxdg-app API additions for handling bundles
|
|
* Default to /bin/sh as user shell in sandbox
|
|
* Fix detection of which apps are in use during uninstall
|
|
* New implementation of fuse filesystem for document portal.
|
|
It is now cleaner and works on 32bit.
|
|
* Honor the noenumerate flag on remotes in CLI and libxdg-app.
|
|
* Add change notification for permissions store
|
|
* Require signed summaries for gpg-signed remotes
|
|
* Fix summary signatures of deltas in xdg-app build-update.
|
|
|
|
Major changes in 0.4.13
|
|
=======================
|
|
* Fix misgeneration of appdata xml in some cases
|
|
* Various improvements to bundles, and support in libxdgapp
|
|
* Add sources to Debug extensions created by xdg-app-builder
|
|
* Allow specifying subdirs of xdg-* dirs, for instance:
|
|
--filesystem=xdg-download/some-dir
|
|
* Add support for --filesystem=xdg-run/subdir which means
|
|
XDG_RUNTIME_DIR dir, rather than xdg-user-dirs.
|
|
* Add --generate-static-deltas option to build-update-repo.
|
|
|
|
Major changes in 0.4.12
|
|
=======================
|
|
* Fix crashes.
|
|
* Update exports when removing apps.
|
|
* Remove appstream and repo refs when removing a remote.
|
|
* Add some build options to make libxdg-app usable inside a sandbox.
|
|
* xdg-app-builder builds are now in the .xdg-app-builder/build subdir.
|
|
* Make system repo bare-user to avoid creating any setuid binaries.
|
|
* Add xdg-app-builder --run operation that runs a command with the
|
|
build environment set up.
|
|
* Support creating locale extensions with xdg-app-builder.
|
|
* Add support for tags to metadata.
|
|
* Put runtime info and tags in the appstream data
|
|
|
|
Major changes in 0.4.11
|
|
=======================
|
|
* Fix assertion when installing runtime
|
|
|
|
Major changes in 0.4.10
|
|
=======================
|
|
* App desktop files and icons were not being exported to the desktop
|
|
|
|
Major changes in 0.4.9
|
|
======================
|
|
* Fix crash at end of runtime install.
|
|
* xdg-app-builder has a new source type "shell" which lets you run arbitrary
|
|
shell commands.
|
|
* Allow apps with writable homedir access to modify the xdg-app repos.
|
|
* New xdg-app info command gives you status of an installed app or runtime.
|
|
* The xdg-app-builder cache now contains the sdk commit id, so that a new
|
|
version of the sdk invalidates the cache.
|
|
* Fixed a regression in the xdg-app install-app backwards compatibility
|
|
handling.
|
|
* xdg-app now gives the application access to the deployment path, which can
|
|
be used to give host-side services access to app files (such as help
|
|
documents).
|
|
* build-export no longer exports appstream files, and when generating appstream
|
|
files we don't need them to be.
|
|
* The default architecture tag used by xdg-app is now made canonical when needed
|
|
(i.e. on arm/x86/mips).
|
|
|
|
Major changes in 0.4.8
|
|
======================
|
|
* Changed global installation directory to /var/lib/xdg-app (not /var/xdg-app).
|
|
* Add support for a dbus filtering on the system bus.
|
|
* Choosing user namespaces or setuid is now a runtime option, not build time.
|
|
* Fix xml-escaping in the appstream generation.
|
|
* Various build fixes.
|
|
* Added some more documentation for the library.
|
|
* Disable support for running apps on systems without a systemd user session.
|
|
* Fix uninitialized memory read in xdg-app-builder during git checkouts.
|
|
* Correctly handle disabled git submodules in xdg-app-builder
|
|
* Fix hiding of non-exported symbols in libxdgapp
|
|
|
|
Major changes in 0.4.7
|
|
======================
|
|
* Enabled build of libxdg-app by default, now the API is stable
|
|
enough for e.g. gnome-software to use it.
|
|
* Restructured the command line interface to xdg-app, it is now
|
|
more streamlined and easy to use. For instance, to install
|
|
both apps or runtimes, now use "xdg-app install $name".
|
|
The old commands still work, but are deprecated and not
|
|
in the docs.
|
|
* xdg-app-builder has gotten a bunch of new features that
|
|
makes it easier to build apps, and some initial work to
|
|
make it possible to create runtimes using it
|
|
* build-export now finds and export any app-info installed by
|
|
the app, and build-update-repo collects all such exports
|
|
into a per-repo branch for appstream and icons.
|
|
* The client (and libs) support for locally mirroring the appstream
|
|
branch for each remote. This allows use to create graphical appstores
|
|
with user-readable information and icons.
|
|
* On the client side one can now specify priorities for each
|
|
remote.
|
|
|
|
Major changes in 0.4.6
|
|
======================
|
|
* Added an initial version of libxdg-app, a highlevel library
|
|
intended to be used by user interface frontends to xdg-app.
|
|
It is not yet API stable, so it is disabled by default.
|
|
Enable with --enable-libxdgapp
|
|
* Added xdg-app-builder, a separate tool that makes it easier to build
|
|
applications with external dependencies.
|
|
* Add support for single-file bundles, which can be a useful way
|
|
to distribute apps on e.g. a usb stick. Only works with the
|
|
latest version of ostree.
|
|
* Always allow apps to talk to the built-in portals
|
|
* Support granting read-only access to the filesystem with e.g. --filesystem=host:ro
|
|
* Add /run/user/$uid/xdg-app-info file that contains the current permissions of the app
|
|
* Add --writable-sdk option to xdg-app build-init
|
|
* Add file locking to better handle concurrent xdg-app operations like update and install
|
|
* Various fixes
|
|
|
|
Major changes in 0.4.5
|
|
======================
|
|
* Support signing commits in build-export
|
|
* Correctly handle symlinks in host root when app has host-fs access
|
|
* Always regenerate summary after build-export
|
|
* Make uninstall a bit more robust
|
|
* Install the dbus introspection files
|
|
* Add human readable size to build-export report
|
|
* Add /dev/ptmx symlink in app
|
|
* Fix apps not getting SIGCHILD
|
|
* Only expose minimal /etc/[passwd|group] in app
|
|
|
|
Major changes in 0.4.4
|
|
======================
|
|
* Fix race condition in fuse fs
|
|
* Don't save uid/gid/xattrs in build-export
|
|
* run: Handle existing mounts with spaces in them
|
|
* propagate xauth cookies to sandbox
|
|
|
|
Major changes in 0.4.3
|
|
======================
|
|
* Build with older ostree
|
|
* Add --nofilesystem flag to e.g. xdg-app run
|
|
* Add xdg-app dump-runtime command
|
|
|
|
Major changes in 0.4.2.1
|
|
======================
|
|
* Fix dbus proxy
|
|
|
|
Major changes in 0.4.2
|
|
======================
|
|
* Fix build with older versions of glib
|
|
* Fix regression in filesystem access configuration
|
|
* Make seccomp use optional (for arches without it)
|
|
* Add xdg-app enter command to enter a running sandbox
|
|
* Fix /var/cache being readonly
|
|
* Add /var/data and /var/config shortcuts for per-app data
|
|
* Minor fixes to bash completion
|
|
|
|
Major changes in 0.4.1
|
|
======================
|
|
* Fixed a parallel build issue
|
|
* Fixed a build issue where openat() didn't get a mode passed
|
|
* Don't block ptrace and perf in debug and build runs
|
|
* Put nvidia drivers in sandbox if DRI allowed
|
|
* Support specifying a version for runtime extensions
|
|
|
|
Major changes in 0.4.0
|
|
======================
|
|
* A new permissions store was added to the dbus api.
|
|
This can be used by portal implementations that want to store
|
|
per-app permissions for objects.
|
|
* The document portal was added. This is a dbus api
|
|
which you can use to create document ids and assign
|
|
apps permissions to see these documents. The documents
|
|
themselves are accessed via a custom fuse filesystem.
|
|
* perf and strace are now blocked via the seccomp filters
|
|
* You can now override application metadata on a system
|
|
and per-user level, giving apps more or less access
|
|
than what they request.
|
|
* New command modify-remote added which lets you change
|
|
configuration of a remote after it has been added with
|
|
add-remote.
|
|
* Support for adding trusted gpg keys on a per-remote basis
|
|
has been added to add-remote and modify-remote.
|
|
* The repo-contents command has been renamed to ls-remote
|
|
to better match the other commands.
|
|
* The list-remotes command can now show more information
|
|
about the remotes.
|
|
* The bash completion implementation has been improved.
|
|
|
|
Major changes in 0.3.6
|
|
======================
|
|
|
|
* Fix a typo in the socket seccomp rules that made ipv6 not work
|
|
* Export the users fonts (~/.local/share/fonts or ~/.fonts) in the sandbox
|
|
* Fix seccomp rules to work on i386
|
|
* Make exposing xdg user dirs work right
|