From 9278848adf3da7f7f972d3ec53cd27ad81d978b7 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Tue, 15 Jun 2021 16:37:42 -0700 Subject: [PATCH 01/34] Add --security-opt=no-new-privileges:true to docker call --- dangerzone/container.py | 1 + 1 file changed, 1 insertion(+) diff --git a/dangerzone/container.py b/dangerzone/container.py index a0e1a5a..c003b2b 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -75,6 +75,7 @@ def documenttopixels(document_filename, pixel_dir, container_name): "run", "--network", "none", + "--security-opt=no-new-privileges:true", "-v", f"{document_filename}:/tmp/input_file", "-v", From a437906d1d7ea44f3e62bd1cac4b6af3a57061c8 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 11:16:38 -0700 Subject: [PATCH 02/34] Version bump to 0.2, update changelog, and fix all linux builds --- .circleci/config.yml | 153 ++++++++++++++++++++++++++----------- BUILD.md | 2 +- CHANGELOG.md | 7 ++ README.md | 4 +- RELEASE.md | 1 + install/linux/build_deb.py | 9 +-- install/linux/build_rpm.py | 8 +- pyproject.toml | 2 +- setup.py | 2 +- share/version.txt | 2 +- 10 files changed, 128 insertions(+), 62 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index e50226a..bb1af8b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,16 +1,16 @@ version: 2.1 jobs: - build-ubuntu-focal: + build-ubuntu-21.10: docker: - - image: ubuntu:20.04 + - image: ubuntu:21.10 steps: - run: name: Install dependencies command: | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-termcolor + apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama gem install -N rake gem install -N package_cloud - checkout @@ -23,10 +23,35 @@ jobs: name: Deploy to packagecloud.io command: | VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) - package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1_all.deb - package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1.dsc + package_cloud push firstlookmedia/code/ubuntu/impish deb_dist/dangerzone_${VERSION}-1_all.deb + package_cloud push firstlookmedia/code/ubuntu/impish deb_dist/dangerzone_${VERSION}-1.dsc - build-ubuntu-groovy: + build-ubuntu-21.04: + docker: + - image: ubuntu:21.04 + steps: + - run: + name: Install dependencies + command: | + export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true + apt-get update + apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama + gem install -N rake + gem install -N package_cloud + - checkout + - run: + name: Create the .deb package + command: | + ./install/linux/build_deb.py + dpkg -i deb_dist/dangerzone_*-1_all.deb + - run: + name: Deploy to packagecloud.io + command: | + VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + package_cloud push firstlookmedia/code/ubuntu/hirsute deb_dist/dangerzone_${VERSION}-1_all.deb + package_cloud push firstlookmedia/code/ubuntu/hirsute deb_dist/dangerzone_${VERSION}-1.dsc + + build-ubuntu-20.10: docker: - image: ubuntu:20.10 steps: @@ -35,7 +60,7 @@ jobs: command: | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-termcolor + apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama gem install -N rake gem install -N package_cloud - checkout @@ -51,17 +76,18 @@ jobs: package_cloud push firstlookmedia/code/ubuntu/groovy deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/groovy deb_dist/dangerzone_${VERSION}-1.dsc - build-debian-buster: + build-ubuntu-20.04: docker: - - image: debian:buster + - image: ubuntu:20.04 steps: - run: name: Install dependencies command: | + export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-termcolor - gem install --no-ri --no-rdoc rake - gem install --no-ri --no-rdoc package_cloud + apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama + gem install -N rake + gem install -N package_cloud - checkout - run: name: Create the .deb package @@ -72,8 +98,8 @@ jobs: name: Deploy to packagecloud.io command: | VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) - package_cloud push firstlookmedia/code/debian/buster deb_dist/dangerzone_${VERSION}-1_all.deb - package_cloud push firstlookmedia/code/debian/buster deb_dist/dangerzone_${VERSION}-1.dsc + package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1_all.deb + package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1.dsc build-debian-bullseye: docker: @@ -83,7 +109,7 @@ jobs: name: Install dependencies command: | apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-termcolor + apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama gem install -N rake gem install -N package_cloud - checkout @@ -99,36 +125,38 @@ jobs: package_cloud push firstlookmedia/code/debian/bullseye deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/debian/bullseye deb_dist/dangerzone_${VERSION}-1.dsc - build-fedora-31: + build-debian-buster: docker: - - image: fedora:31 + - image: debian:buster steps: - run: name: Install dependencies command: | - dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-termcolor - gem install package_cloud + apt-get update + apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama + gem install --no-ri --no-rdoc rake + gem install --no-ri --no-rdoc package_cloud - checkout - run: - name: Create the .rpm package + name: Create the .deb package command: | - ./install/linux/build_rpm.py - dnf install -y dist/dangerzone-*-1.noarch.rpm + ./install/linux/build_deb.py + dpkg -i deb_dist/dangerzone_*-1_all.deb - run: name: Deploy to packagecloud.io command: | VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) - package_cloud push firstlookmedia/code/fedora/31 dist/dangerzone-${VERSION}-1.noarch.rpm - package_cloud push firstlookmedia/code/fedora/31 dist/dangerzone-${VERSION}-1.src.rpm + package_cloud push firstlookmedia/code/debian/buster deb_dist/dangerzone_${VERSION}-1_all.deb + package_cloud push firstlookmedia/code/debian/buster deb_dist/dangerzone_${VERSION}-1.dsc - build-fedora-32: + build-fedora-34: docker: - - image: fedora:32 + - image: fedora:34 steps: - run: name: Install dependencies command: | - dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-termcolor + dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama gem install package_cloud - checkout - run: @@ -140,8 +168,8 @@ jobs: name: Deploy to packagecloud.io command: | VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) - package_cloud push firstlookmedia/code/fedora/32 dist/dangerzone-${VERSION}-1.noarch.rpm - package_cloud push firstlookmedia/code/fedora/32 dist/dangerzone-${VERSION}-1.src.rpm + package_cloud push firstlookmedia/code/fedora/34 dist/dangerzone-${VERSION}-1.noarch.rpm + package_cloud push firstlookmedia/code/fedora/34 dist/dangerzone-${VERSION}-1.src.rpm build-fedora-33: docker: @@ -150,7 +178,7 @@ jobs: - run: name: Install dependencies command: | - dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-termcolor + dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama gem install package_cloud - checkout - run: @@ -165,23 +193,52 @@ jobs: package_cloud push firstlookmedia/code/fedora/33 dist/dangerzone-${VERSION}-1.noarch.rpm package_cloud push firstlookmedia/code/fedora/33 dist/dangerzone-${VERSION}-1.src.rpm + build-fedora-32: + docker: + - image: fedora:32 + steps: + - run: + name: Install dependencies + command: | + dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama + gem install package_cloud + - checkout + - run: + name: Create the .rpm package + command: | + ./install/linux/build_rpm.py + dnf install -y dist/dangerzone-*-1.noarch.rpm + - run: + name: Deploy to packagecloud.io + command: | + VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + package_cloud push firstlookmedia/code/fedora/32 dist/dangerzone-${VERSION}-1.noarch.rpm + package_cloud push firstlookmedia/code/fedora/32 dist/dangerzone-${VERSION}-1.src.rpm + workflows: version: 2 build-tags: jobs: - - build-ubuntu-focal: - filters: - tags: - only: /^v.*/ - branches: - ignore: /.*/ - # - build-ubuntu-groovy: + # Ubuntu 21.10 (impish) not yet supported by packagecloud.io + # - build-ubuntu-21.10:  # filters: # tags: # only: /^v.*/ # branches: # ignore: /.*/ - - build-debian-buster: + - build-ubuntu-21.04: + filters: + tags: + only: /^v.*/ + branches: + ignore: /.*/ + - build-ubuntu-20.10: + filters: + tags: + only: /^v.*/ + branches: + ignore: /.*/ + - build-ubuntu-20.04: filters: tags: only: /^v.*/ @@ -193,7 +250,19 @@ workflows: only: /^v.*/ branches: ignore: /.*/ - - build-fedora-31: + - build-debian-buster: + filters: + tags: + only: /^v.*/ + branches: + ignore: /.*/ + - build-fedora-34: + filters: + tags: + only: /^v.*/ + branches: + ignore: /.*/ + - build-fedora-33: filters: tags: only: /^v.*/ @@ -205,9 +274,3 @@ workflows: only: /^v.*/ branches: ignore: /.*/ - # - build-fedora-33: - # filters: - # tags: - # only: /^v.*/ - # branches: - # ignore: /.*/ diff --git a/BUILD.md b/BUILD.md index c68b2da..813cceb 100644 --- a/BUILD.md +++ b/BUILD.md @@ -27,7 +27,7 @@ Create a .deb: Install dependencies: ```sh -sudo dnf install -y rpm-build python3 python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama +sudo dnf install -y rpm-build python3 python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama ``` You also need docker, either by installing the `docker` package, or by installing `docker-ce` by following [these instructions](https://docs.docker.com/install/linux/docker-ce/fedora/). diff --git a/CHANGELOG.md b/CHANGELOG.md index 8183dd1..1c8e76a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Change Log +## Dangerzone 0.2 + +- Command line support and improved terminal output +- Additional container hardening +- Fix macOS crash on quit +- Fix --custom-container CLI argument + ## Dangerzone 0.1.5 - Add support for macOS Big Sur diff --git a/README.md b/README.md index 9f77ed2..38a2625 100644 --- a/README.md +++ b/README.md @@ -10,8 +10,8 @@ _Read more about Dangerzone in the blog post [Dangerzone: Working With Suspiciou ## Getting started -- Download [Dangerzone 0.1.5 for Mac](https://github.com/firstlookmedia/dangerzone/releases/download/v0.1.5/Dangerzone.0.1.5.dmg) -- Download [Dangerzone 0.1.5 for Windows](https://github.com/firstlookmedia/dangerzone/releases/download/v0.1.5/Dangerzone.0.1.5.msi) +- Download [Dangerzone 0.2 for Mac](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone.0.2.dmg) +- Download [Dangerzone 0.2 for Windows](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone.0.2.msi) - See [installing Dangerzone](https://github.com/firstlookmedia/dangerzone/wiki/Installing-Dangerzone) on the wiki for Linux repositories You can also install Dangerzone for Mac using [Homebrew](https://brew.sh/): `brew install --cask dangerzone` diff --git a/RELEASE.md b/RELEASE.md index b745021..20126cd 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -10,6 +10,7 @@ Before making a release, all of these should be complete: * Update in `share/version.txt` * Update version and download links in `README.md` * CHANGELOG.md should be updated to include a list of all major changes since the last release +* Test CircleCI builds: Look in `.circleci/config.yml`, manually try each build in docker, and add new platforms and remove obsolete platforms * There must be a PGP-signed git tag for the version, e.g. for dangerzone 0.1.0, the tag must be `v0.1.0` Before making a release, verify the release git tag: diff --git a/install/linux/build_deb.py b/install/linux/build_deb.py index 31b8de0..6dba332 100755 --- a/install/linux/build_deb.py +++ b/install/linux/build_deb.py @@ -6,18 +6,15 @@ import inspect import subprocess import shutil -sys.path.insert( - 0, os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))) -) -import dangerzone - -version = dangerzone.dangerzone_version root = os.path.dirname( os.path.dirname( os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe()))) ) ) +with open(os.path.join(root, "share", "version.txt")) as f: + version = f.read().strip() + def run(cmd): subprocess.run(cmd, cwd=root, check=True) diff --git a/install/linux/build_rpm.py b/install/linux/build_rpm.py index 0d6c2b8..7c6300d 100755 --- a/install/linux/build_rpm.py +++ b/install/linux/build_rpm.py @@ -6,18 +6,16 @@ import inspect import subprocess import shutil -sys.path.insert( - 0, os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))) -) -import dangerzone -version = dangerzone.dangerzone_version root = os.path.dirname( os.path.dirname( os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe()))) ) ) +with open(os.path.join(root, "share", "version.txt")) as f: + version = f.read().strip() + def main(): build_path = os.path.join(root, "build") diff --git a/pyproject.toml b/pyproject.toml index 860a048..2a1df2d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "dangerzone" -version = "0.1.5" +version = "0.2" description = "Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF" authors = ["Micah Lee "] license = "MIT" diff --git a/setup.py b/setup.py index 2edcca2..a715098 100644 --- a/setup.py +++ b/setup.py @@ -23,7 +23,7 @@ setuptools.setup( license="MIT", description="Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF", url="https://github.com/firstlookmedia/dangerzone", - packages=["dangerzone"], + packages=["dangerzone", "dangerzone.gui"], data_files=[ ( "share/applications", diff --git a/share/version.txt b/share/version.txt index 2f45361..3b04cfb 100644 --- a/share/version.txt +++ b/share/version.txt @@ -1 +1 @@ -0.2 \ No newline at end of file +0.2 From 715798091dffa869a454d95ba548f69bd068a45d Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 11:19:48 -0700 Subject: [PATCH 03/34] Rename ubuntu build job names --- .circleci/config.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index bb1af8b..450edd8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,7 +1,7 @@ version: 2.1 jobs: - build-ubuntu-21.10: + build-ubuntu-impish: docker: - image: ubuntu:21.10 steps: @@ -26,7 +26,7 @@ jobs: package_cloud push firstlookmedia/code/ubuntu/impish deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/impish deb_dist/dangerzone_${VERSION}-1.dsc - build-ubuntu-21.04: + build-ubuntu-hirsute: docker: - image: ubuntu:21.04 steps: @@ -51,7 +51,7 @@ jobs: package_cloud push firstlookmedia/code/ubuntu/hirsute deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/hirsute deb_dist/dangerzone_${VERSION}-1.dsc - build-ubuntu-20.10: + build-ubuntu-groovy: docker: - image: ubuntu:20.10 steps: @@ -76,7 +76,7 @@ jobs: package_cloud push firstlookmedia/code/ubuntu/groovy deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/groovy deb_dist/dangerzone_${VERSION}-1.dsc - build-ubuntu-20.04: + build-ubuntu-focal: docker: - image: ubuntu:20.04 steps: @@ -220,25 +220,25 @@ workflows: build-tags: jobs: # Ubuntu 21.10 (impish) not yet supported by packagecloud.io - # - build-ubuntu-21.10:  + # - build-ubuntu-impish:  # filters: # tags: # only: /^v.*/ # branches: # ignore: /.*/ - - build-ubuntu-21.04: + - build-ubuntu-hirsute: filters: tags: only: /^v.*/ branches: ignore: /.*/ - - build-ubuntu-20.10: + - build-ubuntu-groovy: filters: tags: only: /^v.*/ branches: ignore: /.*/ - - build-ubuntu-20.04: + - build-ubuntu-focal: filters: tags: only: /^v.*/ From f240b8edb678c5e9135b32e29274c11a22160131 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 11:34:12 -0700 Subject: [PATCH 04/34] Fix getting version in CircleCI --- .circleci/config.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 450edd8..acfb26f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -22,7 +22,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/ubuntu/impish deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/impish deb_dist/dangerzone_${VERSION}-1.dsc @@ -47,7 +47,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/ubuntu/hirsute deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/hirsute deb_dist/dangerzone_${VERSION}-1.dsc @@ -72,7 +72,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/ubuntu/groovy deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/groovy deb_dist/dangerzone_${VERSION}-1.dsc @@ -97,7 +97,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1.dsc @@ -121,7 +121,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/debian/bullseye deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/debian/bullseye deb_dist/dangerzone_${VERSION}-1.dsc @@ -145,7 +145,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/debian/buster deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/debian/buster deb_dist/dangerzone_${VERSION}-1.dsc @@ -167,7 +167,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/fedora/34 dist/dangerzone-${VERSION}-1.noarch.rpm package_cloud push firstlookmedia/code/fedora/34 dist/dangerzone-${VERSION}-1.src.rpm @@ -189,7 +189,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/fedora/33 dist/dangerzone-${VERSION}-1.noarch.rpm package_cloud push firstlookmedia/code/fedora/33 dist/dangerzone-${VERSION}-1.src.rpm @@ -211,7 +211,7 @@ jobs: - run: name: Deploy to packagecloud.io command: | - VERSION=$(cat dangerzone/__init__.py |grep "dangerzone_version = " |cut -d '"' -f2) + VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/fedora/32 dist/dangerzone-${VERSION}-1.noarch.rpm package_cloud push firstlookmedia/code/fedora/32 dist/dangerzone-${VERSION}-1.src.rpm From 990870c4b9a72668a65d682fba1d536cfe23ec20 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 11:40:06 -0700 Subject: [PATCH 05/34] Build ubuntu:21.04 package in 20.10 containre --- .circleci/config.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index acfb26f..3978ee3 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -28,7 +28,12 @@ jobs: build-ubuntu-hirsute: docker: - - image: ubuntu:21.04 + # The ubuntu:21.04 container doesn't work in CircleCI until they update + # their docker runtime due to this bug: + # https://stackoverflow.com/questions/66319610/gpg-error-in-ubuntu-21-04-after-second-apt-get-update-during-docker-build + # So for now, we'll build the 21.04 package in a 20.10 container + # - image: ubuntu:21.04 + - image: ubuntu:20.10 steps: - run: name: Install dependencies From 0c6c05a29e542db1e8a67016062f06a727ce530c Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 13:58:30 -0700 Subject: [PATCH 06/34] Build fedora:34 package in fedora:33 container --- .circleci/config.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 3978ee3..73ec9b7 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -156,7 +156,10 @@ jobs: build-fedora-34: docker: - - image: fedora:34 + # The package_cloud ruby gem doesn't work properly when installed in fedora 34, + # so for now we'll built the fedora 34 package in a fedora:33 container + # - image: fedora:34 + - image: fedora:33 steps: - run: name: Install dependencies From 26adc1b3ab4acbab9a10407f8b20b4246a077938 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 14:06:26 -0700 Subject: [PATCH 07/34] Fix finding version in PyInstaller spec --- install/pyinstaller/pyinstaller.spec | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/install/pyinstaller/pyinstaller.spec b/install/pyinstaller/pyinstaller.spec index 20b5449..8c5b8e1 100644 --- a/install/pyinstaller/pyinstaller.spec +++ b/install/pyinstaller/pyinstaller.spec @@ -1,5 +1,4 @@ # -*- mode: python -*- -import sys import os import inspect import platform @@ -12,10 +11,9 @@ root = os.path.dirname( os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe()))) ) ) -sys.path.insert(0, root) -import dangerzone +with open(os.path.join(root, "share", "version.txt")) as f: + version = f.read().strip() -version = dangerzone.dangerzone_version print("Dangerzone version: {}".format(version)) if p == "Darwin": From 2d53acfe07bbede7af7f7c3dea4890e6effb371b Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 14:29:46 -0700 Subject: [PATCH 08/34] Make CLI symlink in macOS build --- install/macos/build_app.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/install/macos/build_app.py b/install/macos/build_app.py index 040e91e..a22a9d8 100755 --- a/install/macos/build_app.py +++ b/install/macos/build_app.py @@ -67,6 +67,9 @@ def main(): os.symlink( "dangerzone", os.path.join(app_path, "Contents/MacOS/dangerzone-container"), ) + os.symlink( + "dangerzone", os.path.join(app_path, "Contents/MacOS/dangerzone-cli"), + ) print(f"○ Finished build app: {app_path}") From ef4878a4ad990df065139d487bf7261e5fcaae3c Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 15:12:41 -0700 Subject: [PATCH 09/34] Create Linux Mint packages too --- .circleci/config.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 73ec9b7..b99a22f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -101,10 +101,16 @@ jobs: dpkg -i deb_dist/dangerzone_*-1_all.deb - run: name: Deploy to packagecloud.io + # Linux Mint 20 (ulyana) and 20.1 (ulyssa) are based on Ubuntu 20.04 LTS + # https://en.wikipedia.org/wiki/Linux_Mint_version_history command: | VERSION=$(cat share/version.txt) package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1.dsc + package_cloud push firstlookmedia/code/linuxmint/ulyana deb_dist/dangerzone_${VERSION}-1_all.deb + package_cloud push firstlookmedia/code/linuxmint/ulyana deb_dist/dangerzone_${VERSION}-1.dsc + package_cloud push firstlookmedia/code/linuxmint/ulyssa deb_dist/dangerzone_${VERSION}-1_all.deb + package_cloud push firstlookmedia/code/linuxmint/ulyssa deb_dist/dangerzone_${VERSION}-1.dsc build-debian-bullseye: docker: From ebd3a841dc751e48cdf504b490382ed4f98e057c Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 15:17:11 -0700 Subject: [PATCH 10/34] Fix finding version when building Windows installer --- install/windows/build-wxs.py | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/install/windows/build-wxs.py b/install/windows/build-wxs.py index 1ce0f87..1ad211e 100644 --- a/install/windows/build-wxs.py +++ b/install/windows/build-wxs.py @@ -107,14 +107,11 @@ def build_components_xml(root, data): def main(): version_filename = os.path.join( os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))), - "dangerzone", - "__init__.py", + "share", + "version.txt", ) with open(version_filename) as f: - for line in f.readlines(): - if line.startswith("dangerzone_version ="): - version = line.split('"')[1] - break + version = f.read().strip() dist_dir = os.path.join( os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))), @@ -255,4 +252,4 @@ def main(): if __name__ == "__main__": - main() \ No newline at end of file + main() From 3105a2c22928f38eb37f54001b850944739ffabc Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 16:55:25 -0700 Subject: [PATCH 11/34] Change a bunch of stuff so Windows will work again --- BUILD.md | 3 ++- dangerzone/__init__.py | 18 ++++++++++++------ dangerzone/cli.py | 2 +- dangerzone/container.py | 4 ++-- dangerzone/global_common.py | 18 +++++++++++++----- dangerzone/gui/docker_installer.py | 4 +++- dev_scripts/dangerzone-cli.bat | 2 ++ dev_scripts/dangerzone-container.bat | 2 ++ dev_scripts/dangerzone.bat | 2 ++ 9 files changed, 39 insertions(+), 16 deletions(-) create mode 100644 dev_scripts/dangerzone-cli.bat create mode 100644 dev_scripts/dangerzone-container.bat create mode 100644 dev_scripts/dangerzone.bat diff --git a/BUILD.md b/BUILD.md index 813cceb..09d4060 100644 --- a/BUILD.md +++ b/BUILD.md @@ -106,7 +106,8 @@ poetry install After that you can launch dangerzone during development with: ``` -poetry run dangerzone +.\dev_scripts\dangerzone.bat +.\dev_scripts\dangerzone-cli.bat --help ``` ### If you want to build a .exe diff --git a/dangerzone/__init__.py b/dangerzone/__init__.py index d89750d..baf50a8 100644 --- a/dangerzone/__init__.py +++ b/dangerzone/__init__.py @@ -1,14 +1,20 @@ import os import sys -# Depending on the filename, decide if we want to run: -# dangerzone, dangerzone-cli, or dangerzone-container +if "DANGERZONE_MODE" in os.environ: + mode = os.environ["DANGERZONE_MODE"] +else: + basename = os.path.basename(sys.argv[0]) + if basename == "dangerzone-container" or basename == "dangerzone-container.exe": + mode = "container" + elif basename == "dangerzone-cli" or basename == "dangerzone-cli.exe": + mode = "cli" + else: + mode = "gui" -basename = os.path.basename(sys.argv[0]) - -if basename == "dangerzone-container" or basename == "dangerzone-container.exe": +if mode == "container": from .container import container_main as main -elif basename == "dangerzone-cli" or basename == "dangerzone-cli.exe": +elif mode == "cli": from .cli import cli_main as main else: from .gui import gui_main as main diff --git a/dangerzone/cli.py b/dangerzone/cli.py index f94ef14..0a0b6b5 100644 --- a/dangerzone/cli.py +++ b/dangerzone/cli.py @@ -22,7 +22,7 @@ def exec_container(global_common, args): # Hack to add colors to the command executing if line.startswith(b"\xe2\x80\xa3 "): print( - Fore.WHITE + "\u2023 " + Fore.LIGHTCYAN_EX + line.decode()[2:], + Fore.WHITE + "\x10 " + Fore.LIGHTCYAN_EX + line.decode()[2:], end="", ) else: diff --git a/dangerzone/container.py b/dangerzone/container.py index c003b2b..c3d00d7 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -9,7 +9,7 @@ import shutil if platform.system() == "Darwin": container_runtime = "/usr/local/bin/docker" elif platform.system() == "Windows": - container_runtime = "C:\\Program Files\\Docker\\Docker\\resources\\docker.exe" + container_runtime = "C:\\Program Files\\Docker\\Docker\\resources\\bin\\docker.exe" else: container_runtime = shutil.which("docker") @@ -25,7 +25,7 @@ def exec_container(args): args = [container_runtime] + args args_str = " ".join(pipes.quote(s) for s in args) - print("\u2023 " + args_str) # ‣ + print("\x10 " + args_str) sys.stdout.flush() with subprocess.Popen( diff --git a/dangerzone/global_common.py b/dangerzone/global_common.py index e19680d..60ac783 100644 --- a/dangerzone/global_common.py +++ b/dangerzone/global_common.py @@ -18,8 +18,13 @@ class GlobalCommon(object): def __init__(self): # Version - with open(self.get_resource_path("version.txt")) as f: - self.version = f.read().strip() + try: + with open(self.get_resource_path("version.txt")) as f: + self.version = f.read().strip() + except FileNotFoundError: + # In dev mode, in Windows, get_resource_path doesn't work properly for dangerzone-container, but luckily + # it doesn't need to know the version + self.version = "unknown" # Initialize terminal colors colorama.init(autoreset=True) @@ -409,7 +414,7 @@ class GlobalCommon(object): def get_dangerzone_container_path(self): if getattr(sys, "dangerzone_dev", False): # Look for resources directory relative to python file - return os.path.join( + path = os.path.join( os.path.dirname( os.path.dirname( os.path.abspath(inspect.getfile(inspect.currentframe())) @@ -418,6 +423,9 @@ class GlobalCommon(object): "dev_scripts", "dangerzone-container", ) + if platform.system() == "Windows": + path = f"{path}.bat" + return path else: if platform.system() == "Darwin": return os.path.join( @@ -442,7 +450,7 @@ class GlobalCommon(object): # Execute dangerzone-container args_str = " ".join(pipes.quote(s) for s in args) - print(Fore.YELLOW + "\u2023 " + Fore.CYAN + args_str) # ‣ + print(Fore.YELLOW + "\x10 " + Fore.CYAN + args_str) return subprocess.Popen( args, startupinfo=self.get_subprocess_startupinfo(), @@ -469,7 +477,7 @@ class GlobalCommon(object): ) as p: stdout_data, _ = p.communicate() lines = stdout_data.split(b"\n") - if b"\u2023 " in lines[0]: # ‣ + if b"\x10 " in lines[0]: stdout_data = b"\n".join(lines[1:]) # The user canceled, or permission denied diff --git a/dangerzone/gui/docker_installer.py b/dangerzone/gui/docker_installer.py index 150b2f2..b8a59ee 100644 --- a/dangerzone/gui/docker_installer.py +++ b/dangerzone/gui/docker_installer.py @@ -34,7 +34,7 @@ def is_docker_installed(): def is_docker_ready(global_common): # Run `docker image ls` without an error with global_common.exec_dangerzone_container(["ls"]) as p: - p.communicate() + outs, errs = p.communicate() # The user canceled, or permission denied if p.returncode == 126 or p.returncode == 127: @@ -44,6 +44,8 @@ def is_docker_ready(global_common): if p.returncode == 0: return True else: + print(outs.decode()) + print(errs.decode()) return False diff --git a/dev_scripts/dangerzone-cli.bat b/dev_scripts/dangerzone-cli.bat new file mode 100644 index 0000000..21d9afe --- /dev/null +++ b/dev_scripts/dangerzone-cli.bat @@ -0,0 +1,2 @@ +set DANGERZONE_MODE=cli +poetry run python .\dev_scripts\dangerzone %* \ No newline at end of file diff --git a/dev_scripts/dangerzone-container.bat b/dev_scripts/dangerzone-container.bat new file mode 100644 index 0000000..07b3fc3 --- /dev/null +++ b/dev_scripts/dangerzone-container.bat @@ -0,0 +1,2 @@ +set DANGERZONE_MODE=container +poetry run python .\dev_scripts\dangerzone %* \ No newline at end of file diff --git a/dev_scripts/dangerzone.bat b/dev_scripts/dangerzone.bat new file mode 100644 index 0000000..1caaaa6 --- /dev/null +++ b/dev_scripts/dangerzone.bat @@ -0,0 +1,2 @@ +set DANGERZONE_MODE=gui +poetry run python .\dev_scripts\dangerzone %* \ No newline at end of file From e91ca56646b3fe5d08200050c44bd8c4abc86af3 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 16 Jun 2021 16:59:09 -0700 Subject: [PATCH 12/34] Update release docs --- RELEASE.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/RELEASE.md b/RELEASE.md index 20126cd..7edeb88 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -73,4 +73,6 @@ Linux binaries are automatically built and deployed to repositories when a new t To publish the release: -- Create a new release on GitHub, put the changelog in the description of the release, and upload the macOS and Windows installers \ No newline at end of file +- Create a new release on GitHub, put the changelog in the description of the release, and upload the macOS and Windows installers +- Update the [Installing Dangerzone](https://github.com/firstlookmedia/dangerzone/wiki/Installing-Dangerzone) wiki page +- Update the [Dangerzone website](https://github.com/firstlookmedia/dangerzone.rocks) to link to the new installers From d125a5004bd81d155928f10510aaa50b5e59a289 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 10:31:07 -0700 Subject: [PATCH 13/34] Find docker.exe in the path, in case Docker Desktop changes its location in the future --- dangerzone/container.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dangerzone/container.py b/dangerzone/container.py index c3d00d7..5547b7c 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -9,7 +9,7 @@ import shutil if platform.system() == "Darwin": container_runtime = "/usr/local/bin/docker" elif platform.system() == "Windows": - container_runtime = "C:\\Program Files\\Docker\\Docker\\resources\\bin\\docker.exe" + container_runtime = shutil.which("docker.exe") else: container_runtime = shutil.which("docker") From 2d8649179a67d7f7f92638b42a199a1f95a5bd9c Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 10:31:14 -0700 Subject: [PATCH 14/34] Update docs --- BUILD.md | 16 ++-------------- README.md | 4 ++-- RELEASE.md | 18 ++++++++++-------- 3 files changed, 14 insertions(+), 24 deletions(-) diff --git a/BUILD.md b/BUILD.md index 09d4060..b9d40a1 100644 --- a/BUILD.md +++ b/BUILD.md @@ -134,16 +134,14 @@ cd "C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Auxiliary\ vcvars32.bat ``` -Change to a folder where you keep source code, and clone the PyInstaller git repo and checkout the `v3.6` tag: +Change to a folder where you keep source code, and clone the PyInstaller git repo and checkout the `v4.3` tag: ``` git clone https://github.com/pyinstaller/pyinstaller.git cd pyinstaller -git tag -v v4.0 +git checkout v4.3 ``` -(Note that ideally you would verify the git tag, but the PGP key that has signed the v3.5 git tag for is not published anywhere, so this isn't possible. See [this issue](https://github.com/pyinstaller/pyinstaller/issues/4430).) - The next step is to compile the bootloader. We should do this all in dangerzone's poetry shell: ``` @@ -219,14 +217,4 @@ Then back in the first command prompt, run: poetry run install\windows\step3-build-installer.bat ``` - When you're done you will have `dist\Dangerzone.msi`. - - -# Release instructions - -Before each release: - -- Update `CHANGELOG.md` -- Update the version in `pyproject.toml` -- Update the version in `dangerzone/__init__.py` diff --git a/README.md b/README.md index 38a2625..0b1a19b 100644 --- a/README.md +++ b/README.md @@ -10,8 +10,8 @@ _Read more about Dangerzone in the blog post [Dangerzone: Working With Suspiciou ## Getting started -- Download [Dangerzone 0.2 for Mac](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone.0.2.dmg) -- Download [Dangerzone 0.2 for Windows](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone.0.2.msi) +- Download [Dangerzone 0.2 for Mac](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone-0.2.dmg) +- Download [Dangerzone 0.2 for Windows](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone-0.2.msi) - See [installing Dangerzone](https://github.com/firstlookmedia/dangerzone/wiki/Installing-Dangerzone) on the wiki for Linux repositories You can also install Dangerzone for Mac using [Homebrew](https://brew.sh/): `brew install --cask dangerzone` diff --git a/RELEASE.md b/RELEASE.md index 7edeb88..78ce7f8 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -6,12 +6,14 @@ This section documents the release process. Unless you're a dangerzone developer Before making a release, all of these should be complete: -* Update `version` in `pyproject.toml` -* Update in `share/version.txt` -* Update version and download links in `README.md` -* CHANGELOG.md should be updated to include a list of all major changes since the last release -* Test CircleCI builds: Look in `.circleci/config.yml`, manually try each build in docker, and add new platforms and remove obsolete platforms -* There must be a PGP-signed git tag for the version, e.g. for dangerzone 0.1.0, the tag must be `v0.1.0` +- [ ] Update `version` in `pyproject.toml` +- [ ] Update `share/version.txt` +- [ ] Update version and download links in `README.md` +- [ ] CHANGELOG.md should be updated to include a list of all major changes since the last release +- [ ] Test CircleCI Linux builds: Look in `.circleci/config.yml`, manually try each build in docker, and add new platforms and remove obsolete platforms +- [ ] Create a test build in Windows and make sure it works +- [ ] Create a test build in mcaOS and make sure it works +- [ ] There must be a PGP-signed git tag for the version, e.g. for dangerzone 0.1.0, the tag must be `v0.1.0` Before making a release, verify the release git tag: @@ -48,7 +50,7 @@ This process ends up with the final file: dist/Dangerzone.dmg ``` -Rename `Dangerzone.dmg` to `Dangerzone $VERSION.dmg`. +Rename `Dangerzone.dmg` to `Dangerzone-$VERSION.dmg`. ## Windows release @@ -63,7 +65,7 @@ To make a Windows release, go to the Windows build machine: - Back in the first command prompt, run: `poetry run install\windows\step3-build-installer.bat` - When you're done you will have `dist\Dangerzone.msi` -Rename `Dangerzone.msi` to `Dangerzone $VERSION.msi`. +Rename `Dangerzone.msi` to `Dangerzone-$VERSION.msi`. ## Linux release From 04dcf72313c4b1b33f219da482fdae7ebdfaf831 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 11:17:55 -0700 Subject: [PATCH 15/34] Don't display ANSI art banner in GUI mode because it prevents the app from opening in macOS from Finder --- dangerzone/gui/__init__.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/dangerzone/gui/__init__.py b/dangerzone/gui/__init__.py index 2e79083..65ccddd 100644 --- a/dangerzone/gui/__init__.py +++ b/dangerzone/gui/__init__.py @@ -60,8 +60,6 @@ def gui_main(custom_container, filename): global_common = GlobalCommon() gui_common = GuiCommon(app, global_common) - global_common.display_banner() - if custom_container: success, error_message = global_common.container_exists(custom_container) if not success: From 9c645beaefb855f4d3cb7333b0fd6b28c3e6fefc Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 11:18:13 -0700 Subject: [PATCH 16/34] Switch subprocess bullet character --- dangerzone/cli.py | 4 ++-- dangerzone/container.py | 2 +- dangerzone/global_common.py | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/dangerzone/cli.py b/dangerzone/cli.py index 0a0b6b5..5cb9637 100644 --- a/dangerzone/cli.py +++ b/dangerzone/cli.py @@ -20,9 +20,9 @@ def exec_container(global_common, args): output += line.decode() # Hack to add colors to the command executing - if line.startswith(b"\xe2\x80\xa3 "): + if line.startswith(b"\xc2\xbb "): print( - Fore.WHITE + "\x10 " + Fore.LIGHTCYAN_EX + line.decode()[2:], + Fore.YELLOW + "\xbb " + Fore.LIGHTCYAN_EX + line.decode()[2:], end="", ) else: diff --git a/dangerzone/container.py b/dangerzone/container.py index 5547b7c..36e9fd3 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -25,7 +25,7 @@ def exec_container(args): args = [container_runtime] + args args_str = " ".join(pipes.quote(s) for s in args) - print("\x10 " + args_str) + print("\xbb " + args_str) sys.stdout.flush() with subprocess.Popen( diff --git a/dangerzone/global_common.py b/dangerzone/global_common.py index 60ac783..5b5c634 100644 --- a/dangerzone/global_common.py +++ b/dangerzone/global_common.py @@ -450,7 +450,7 @@ class GlobalCommon(object): # Execute dangerzone-container args_str = " ".join(pipes.quote(s) for s in args) - print(Fore.YELLOW + "\x10 " + Fore.CYAN + args_str) + print(Fore.YELLOW + "\xbb " + Fore.CYAN + args_str) return subprocess.Popen( args, startupinfo=self.get_subprocess_startupinfo(), @@ -477,7 +477,7 @@ class GlobalCommon(object): ) as p: stdout_data, _ = p.communicate() lines = stdout_data.split(b"\n") - if b"\x10 " in lines[0]: + if b"\xbb " in lines[0]: stdout_data = b"\n".join(lines[1:]) # The user canceled, or permission denied From 77ac8e7d54afcdf6683a344132e0fb00e0ec1ce6 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 11:22:41 -0700 Subject: [PATCH 17/34] Switch subprocess bullet in GUI too --- dangerzone/gui/tasks.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dangerzone/gui/tasks.py b/dangerzone/gui/tasks.py index 5b97f34..3667a15 100644 --- a/dangerzone/gui/tasks.py +++ b/dangerzone/gui/tasks.py @@ -19,9 +19,9 @@ class TaskBase(QtCore.QThread): for line in p.stdout: output += line.decode() - if line.startswith(b"\xe2\x80\xa3 "): + if line.startswith(b"\xc2\xbb "): print( - Fore.WHITE + "\u2023 " + Fore.LIGHTCYAN_EX + line.decode()[2:], + Fore.YELLOW + "\xbb " + Fore.LIGHTCYAN_EX + line.decode()[2:], end="", ) else: From 13adda0af5721ee03fdc12c102b2e5e3b2e74942 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 11:40:38 -0700 Subject: [PATCH 18/34] Change subprocess bullet character to ">" to remove all the headaches --- dangerzone/cli.py | 4 ++-- dangerzone/container.py | 2 +- dangerzone/global_common.py | 4 ++-- dangerzone/gui/tasks.py | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/dangerzone/cli.py b/dangerzone/cli.py index 5cb9637..e688c32 100644 --- a/dangerzone/cli.py +++ b/dangerzone/cli.py @@ -20,9 +20,9 @@ def exec_container(global_common, args): output += line.decode() # Hack to add colors to the command executing - if line.startswith(b"\xc2\xbb "): + if line.startswith(b"> "): print( - Fore.YELLOW + "\xbb " + Fore.LIGHTCYAN_EX + line.decode()[2:], + Fore.YELLOW + "> " + Fore.LIGHTCYAN_EX + line.decode()[2:], end="", ) else: diff --git a/dangerzone/container.py b/dangerzone/container.py index 36e9fd3..20717bf 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -25,7 +25,7 @@ def exec_container(args): args = [container_runtime] + args args_str = " ".join(pipes.quote(s) for s in args) - print("\xbb " + args_str) + print("> " + args_str) sys.stdout.flush() with subprocess.Popen( diff --git a/dangerzone/global_common.py b/dangerzone/global_common.py index 5b5c634..53ffb39 100644 --- a/dangerzone/global_common.py +++ b/dangerzone/global_common.py @@ -450,7 +450,7 @@ class GlobalCommon(object): # Execute dangerzone-container args_str = " ".join(pipes.quote(s) for s in args) - print(Fore.YELLOW + "\xbb " + Fore.CYAN + args_str) + print(Fore.YELLOW + "> " + Fore.CYAN + args_str)) return subprocess.Popen( args, startupinfo=self.get_subprocess_startupinfo(), @@ -477,7 +477,7 @@ class GlobalCommon(object): ) as p: stdout_data, _ = p.communicate() lines = stdout_data.split(b"\n") - if b"\xbb " in lines[0]: + if b"> " in lines[0]: stdout_data = b"\n".join(lines[1:]) # The user canceled, or permission denied diff --git a/dangerzone/gui/tasks.py b/dangerzone/gui/tasks.py index 3667a15..734a49c 100644 --- a/dangerzone/gui/tasks.py +++ b/dangerzone/gui/tasks.py @@ -19,9 +19,9 @@ class TaskBase(QtCore.QThread): for line in p.stdout: output += line.decode() - if line.startswith(b"\xc2\xbb "): + if line.startswith(b"> "): print( - Fore.YELLOW + "\xbb " + Fore.LIGHTCYAN_EX + line.decode()[2:], + Fore.YELLOW + "> " + Fore.LIGHTCYAN_EX + line.decode()[2:], end="", ) else: From 51414f2c9613a072c2b080d9fdbc20d39c24fc68 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 11:47:36 -0700 Subject: [PATCH 19/34] Syntax error --- dangerzone/global_common.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dangerzone/global_common.py b/dangerzone/global_common.py index 53ffb39..ba473bc 100644 --- a/dangerzone/global_common.py +++ b/dangerzone/global_common.py @@ -450,7 +450,7 @@ class GlobalCommon(object): # Execute dangerzone-container args_str = " ".join(pipes.quote(s) for s in args) - print(Fore.YELLOW + "> " + Fore.CYAN + args_str)) + print(Fore.YELLOW + "> " + Fore.CYAN + args_str) return subprocess.Popen( args, startupinfo=self.get_subprocess_startupinfo(), From 3c0dc7440766e82d8423b37bcb563d17e6c2980f Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 12:16:02 -0700 Subject: [PATCH 20/34] Change subprocess bullet character in one more places --- dangerzone/gui/common.py | 4 ++-- dangerzone/gui/tasks.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dangerzone/gui/common.py b/dangerzone/gui/common.py index cbf29bf..b6478c4 100644 --- a/dangerzone/gui/common.py +++ b/dangerzone/gui/common.py @@ -56,7 +56,7 @@ class GuiCommon(object): # Run args_str = " ".join(pipes.quote(s) for s in args) - print(Fore.YELLOW + "\u2023 " + Fore.CYAN + args_str) # ‣ + print(Fore.YELLOW + "> " + Fore.CYAN + args_str) subprocess.run(args) elif platform.system() == "Linux": @@ -76,7 +76,7 @@ class GuiCommon(object): # Open as a background process args_str = " ".join(pipes.quote(s) for s in args) - print(Fore.YELLOW + "\u2023 " + Fore.CYAN + args_str) # ‣ + print(Fore.YELLOW + "> " + Fore.CYAN + args_str) subprocess.Popen(args) def _find_pdf_viewers(self): diff --git a/dangerzone/gui/tasks.py b/dangerzone/gui/tasks.py index 734a49c..f6ece5c 100644 --- a/dangerzone/gui/tasks.py +++ b/dangerzone/gui/tasks.py @@ -39,7 +39,7 @@ class TaskBase(QtCore.QThread): if p.returncode == 126 or p.returncode == 127: self.task_failed.emit(f"Authorization failed") - elif p.returncode == 0: + elif p.returncode != 0: self.task_failed.emit(f"Return code: {p.returncode}") print("") From 0d6ba2264b831c8abcab53bff87c29fcb977100c Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 13:24:44 -0700 Subject: [PATCH 21/34] Fix linux builds --- setup.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/setup.py b/setup.py index a715098..ce53640 100644 --- a/setup.py +++ b/setup.py @@ -47,7 +47,8 @@ setuptools.setup( entry_points={ "console_scripts": [ "dangerzone = dangerzone:main", - "dangerzone-container = dangerzone:container_main", + "dangerzone-container = dangerzone:main", + "dangerzone-cli = dangerzone:main", ] }, ) From d50b0c1bedcd8159ed2d47ea6b0bb952bb62d4fa Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 14:12:44 -0700 Subject: [PATCH 22/34] Remove docker dependency in Linux and replace with podman --- .circleci/config.yml | 67 -------------------------------------- BUILD.md | 8 ++--- install/linux/build_rpm.py | 2 +- stdeb.cfg | 2 +- 4 files changed, 4 insertions(+), 75 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index b99a22f..80f3b3a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -81,37 +81,6 @@ jobs: package_cloud push firstlookmedia/code/ubuntu/groovy deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/ubuntu/groovy deb_dist/dangerzone_${VERSION}-1.dsc - build-ubuntu-focal: - docker: - - image: ubuntu:20.04 - steps: - - run: - name: Install dependencies - command: | - export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true - apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama - gem install -N rake - gem install -N package_cloud - - checkout - - run: - name: Create the .deb package - command: | - ./install/linux/build_deb.py - dpkg -i deb_dist/dangerzone_*-1_all.deb - - run: - name: Deploy to packagecloud.io - # Linux Mint 20 (ulyana) and 20.1 (ulyssa) are based on Ubuntu 20.04 LTS - # https://en.wikipedia.org/wiki/Linux_Mint_version_history - command: | - VERSION=$(cat share/version.txt) - package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1_all.deb - package_cloud push firstlookmedia/code/ubuntu/focal deb_dist/dangerzone_${VERSION}-1.dsc - package_cloud push firstlookmedia/code/linuxmint/ulyana deb_dist/dangerzone_${VERSION}-1_all.deb - package_cloud push firstlookmedia/code/linuxmint/ulyana deb_dist/dangerzone_${VERSION}-1.dsc - package_cloud push firstlookmedia/code/linuxmint/ulyssa deb_dist/dangerzone_${VERSION}-1_all.deb - package_cloud push firstlookmedia/code/linuxmint/ulyssa deb_dist/dangerzone_${VERSION}-1.dsc - build-debian-bullseye: docker: - image: debian:bullseye @@ -136,30 +105,6 @@ jobs: package_cloud push firstlookmedia/code/debian/bullseye deb_dist/dangerzone_${VERSION}-1_all.deb package_cloud push firstlookmedia/code/debian/bullseye deb_dist/dangerzone_${VERSION}-1.dsc - build-debian-buster: - docker: - - image: debian:buster - steps: - - run: - name: Install dependencies - command: | - apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama - gem install --no-ri --no-rdoc rake - gem install --no-ri --no-rdoc package_cloud - - checkout - - run: - name: Create the .deb package - command: | - ./install/linux/build_deb.py - dpkg -i deb_dist/dangerzone_*-1_all.deb - - run: - name: Deploy to packagecloud.io - command: | - VERSION=$(cat share/version.txt) - package_cloud push firstlookmedia/code/debian/buster deb_dist/dangerzone_${VERSION}-1_all.deb - package_cloud push firstlookmedia/code/debian/buster deb_dist/dangerzone_${VERSION}-1.dsc - build-fedora-34: docker: # The package_cloud ruby gem doesn't work properly when installed in fedora 34, @@ -252,24 +197,12 @@ workflows: only: /^v.*/ branches: ignore: /.*/ - - build-ubuntu-focal: - filters: - tags: - only: /^v.*/ - branches: - ignore: /.*/ - build-debian-bullseye: filters: tags: only: /^v.*/ branches: ignore: /.*/ - - build-debian-buster: - filters: - tags: - only: /^v.*/ - branches: - ignore: /.*/ - build-fedora-34: filters: tags: diff --git a/BUILD.md b/BUILD.md index b9d40a1..59674c0 100644 --- a/BUILD.md +++ b/BUILD.md @@ -5,11 +5,9 @@ Install dependencies: ```sh -sudo apt install -y dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama +sudo apt install -y podman dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama ``` -You also need docker, either by installing the [Docker snap package](https://snapcraft.io/docker), installing the `docker.io` package, or by installing `docker-ce` by following [these instructions for Ubuntu](https://docs.docker.com/install/linux/docker-ce/ubuntu/) or [for Debian](https://docs.docker.com/install/linux/docker-ce/debian/). - Run from source tree: ```sh @@ -27,11 +25,9 @@ Create a .deb: Install dependencies: ```sh -sudo dnf install -y rpm-build python3 python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama +sudo dnf install -y rpm-build podman python3 python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama ``` -You also need docker, either by installing the `docker` package, or by installing `docker-ce` by following [these instructions](https://docs.docker.com/install/linux/docker-ce/fedora/). - Run from source tree: ```sh diff --git a/install/linux/build_rpm.py b/install/linux/build_rpm.py index 7c6300d..2f07c60 100755 --- a/install/linux/build_rpm.py +++ b/install/linux/build_rpm.py @@ -29,7 +29,7 @@ def main(): print("* Building RPM package") subprocess.run( - "python3 setup.py bdist_rpm --requires='python3-pyside2,python3-appdirs,python3-click,python3-pyxdg,python3-requests,python3-colorama,(docker or docker-ce)'", + "python3 setup.py bdist_rpm --requires='podman,python3-pyside2,python3-appdirs,python3-click,python3-pyxdg,python3-requests,python3-colorama'", shell=True, cwd=root, check=True, diff --git a/stdeb.cfg b/stdeb.cfg index df13e23..519d82b 100644 --- a/stdeb.cfg +++ b/stdeb.cfg @@ -1,6 +1,6 @@ [DEFAULT] Package3: dangerzone -Depends3: python3, python3-pyside2.qtcore, python3-pyside2.qtgui, python3-pyside2.qtwidgets, python3-appdirs, python3-click, python3-xdg, python3-requests, python3-colorama +Depends3: podman, python3, python3-pyside2.qtcore, python3-pyside2.qtgui, python3-pyside2.qtwidgets, python3-appdirs, python3-click, python3-xdg, python3-requests, python3-colorama Build-Depends: dh-python, python3, python3-all Suite: bionic X-Python3-Version: >= 3.6 \ No newline at end of file From da6c3c253e597b7242e4298b00d0f2a72ade1d36 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 14:13:43 -0700 Subject: [PATCH 23/34] Make linux container runtime be podman, remove pkexec --- dangerzone/container.py | 41 ++++++++++++++++++------------------- dangerzone/global_common.py | 15 ++++---------- 2 files changed, 24 insertions(+), 32 deletions(-) diff --git a/dangerzone/container.py b/dangerzone/container.py index 20717bf..487578e 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -11,7 +11,7 @@ if platform.system() == "Darwin": elif platform.system() == "Windows": container_runtime = shutil.which("docker.exe") else: - container_runtime = shutil.which("docker") + container_runtime = shutil.which("podman") # Define startupinfo for subprocesses if platform.system() == "Windows": @@ -51,7 +51,7 @@ def container_main(): @container_main.command() -@click.option("--container-name", default="flmcode/dangerzone") +@click.option("--container-name", default="docker.io/flmcode/dangerzone") def ls(container_name): """docker image ls [container_name]""" sys.exit(exec_container(["image", "ls", container_name])) @@ -60,37 +60,36 @@ def ls(container_name): @container_main.command() def pull(): """docker pull flmcode/dangerzone""" - sys.exit(exec_container(["pull", "flmcode/dangerzone"])) + sys.exit(exec_container(["pull", "docker.io/flmcode/dangerzone"])) @container_main.command() @click.option("--document-filename", required=True) @click.option("--pixel-dir", required=True) -@click.option("--container-name", default="flmcode/dangerzone") +@click.option("--container-name", default="docker.io/flmcode/dangerzone") def documenttopixels(document_filename, pixel_dir, container_name): """docker run --network none -v [document_filename]:/tmp/input_file -v [pixel_dir]:/dangerzone [container_name] document-to-pixels""" - sys.exit( - exec_container( - [ - "run", - "--network", - "none", - "--security-opt=no-new-privileges:true", - "-v", - f"{document_filename}:/tmp/input_file", - "-v", - f"{pixel_dir}:/dangerzone", - container_name, - "document-to-pixels", - ] - ) - ) + args = ["run", "--network", "none"] + + # Linux uses podman instead of docker, and only docker uses --security-opt + if platform.system() != "Linux": + args += ["--security-opt=no-new-privileges:true"] + + args += [ + "-v", + f"{document_filename}:/tmp/input_file", + "-v", + f"{pixel_dir}:/dangerzone", + container_name, + "document-to-pixels", + ] + sys.exit(exec_container(args)) @container_main.command() @click.option("--pixel-dir", required=True) @click.option("--safe-dir", required=True) -@click.option("--container-name", default="flmcode/dangerzone") +@click.option("--container-name", default="docker.io/flmcode/dangerzone") @click.option("--ocr", required=True) @click.option("--ocr-lang", required=True) def pixelstopdf(pixel_dir, safe_dir, container_name, ocr, ocr_lang): diff --git a/dangerzone/global_common.py b/dangerzone/global_common.py index ba473bc..842957e 100644 --- a/dangerzone/global_common.py +++ b/dangerzone/global_common.py @@ -384,7 +384,7 @@ class GlobalCommon(object): if self.custom_container: return self.custom_container else: - return "flmcode/dangerzone" + return "docker.io/flmcode/dangerzone" def get_resource_path(self, filename): if getattr(sys, "dangerzone_dev", False): @@ -439,18 +439,11 @@ class GlobalCommon(object): return "/usr/bin/dangerzone-container" def exec_dangerzone_container(self, args): - # Prefix the args with the retainer runtime, and in the case linux when the user isn't in the docker group, pkexec - if platform.system() == "Linux": - if self.settings.get("linux_prefers_typing_password"): - args = ["/usr/bin/pkexec", self.dz_container_path] + args - else: - args = [self.dz_container_path] + args - else: - args = [self.dz_container_path] + args - - # Execute dangerzone-container + args = [self.dz_container_path] + args args_str = " ".join(pipes.quote(s) for s in args) print(Fore.YELLOW + "> " + Fore.CYAN + args_str) + + # Execute dangerzone-container return subprocess.Popen( args, startupinfo=self.get_subprocess_startupinfo(), From d24d59309475aebf97a8eba6861d712f5fb1d3ec Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Thu, 17 Jun 2021 14:16:27 -0700 Subject: [PATCH 24/34] Rip out everything required to make dangerzone-container run with root privs --- dangerzone/gui/__init__.py | 12 --- dangerzone/gui/common.py | 89 ------------------- ...edia.firstlook.dangerzone-container.policy | 16 ---- setup.py | 4 - share/enable_docker_service.sh | 3 - 5 files changed, 124 deletions(-) delete mode 100644 install/linux/media.firstlook.dangerzone-container.policy delete mode 100755 share/enable_docker_service.sh diff --git a/dangerzone/gui/__init__.py b/dangerzone/gui/__init__.py index 65ccddd..a0c2a45 100644 --- a/dangerzone/gui/__init__.py +++ b/dangerzone/gui/__init__.py @@ -71,18 +71,6 @@ def gui_main(custom_container, filename): # Allow Ctrl-C to smoothly quit the program instead of throwing an exception signal.signal(signal.SIGINT, signal.SIG_DFL) - # If we're using Linux and docker, see if we need to add the user to the docker group or if the user prefers typing their password - if platform.system() == "Linux": - if not gui_common.ensure_docker_group_preference(): - return - try: - if not gui_common.ensure_docker_service_is_started(): - click.echo("Failed to start docker service") - return - except AuthorizationFailed: - click.echo("Authorization failed") - return - # See if we need to install Docker... if (platform.system() == "Darwin" or platform.system() == "Windows") and ( not is_docker_installed() or not is_docker_ready(global_common) diff --git a/dangerzone/gui/common.py b/dangerzone/gui/common.py index b6478c4..4ee9bd2 100644 --- a/dangerzone/gui/common.py +++ b/dangerzone/gui/common.py @@ -142,95 +142,6 @@ class GuiCommon(object): return pdf_viewers - def ensure_docker_group_preference(self): - # If the user prefers typing their password - if self.global_common.settings.get("linux_prefers_typing_password") == True: - return True - - # Get the docker group - try: - groupinfo = grp.getgrnam("docker") - except: - # Ignore if group is not found - return True - - # See if the user is in the group - username = getpass.getuser() - if username not in groupinfo.gr_mem: - # User is not in the docker group, ask if they prefer typing their password - message = "Dangerzone requires Docker

In order to use Docker, your user must be in the 'docker' group or you'll need to type your password each time you run dangerzone.

Adding your user to the 'docker' group is more convenient but less secure, and will require just typing your password once. Which do you prefer?" - return_code = Alert( - self, - self.global_common, - message, - ok_text="I'll type my password each time", - extra_button_text="Add my user to the 'docker' group", - ).launch() - if return_code == QtWidgets.QDialog.Accepted: - # Prefers typing password - self.global_common.settings.set("linux_prefers_typing_password", True) - self.global_common.settings.save() - return True - elif return_code == 2: - # Prefers being in the docker group - self.global_common.settings.set("linux_prefers_typing_password", False) - self.global_common.settings.save() - - # Add user to the docker group - p = subprocess.run( - [ - "/usr/bin/pkexec", - "/usr/sbin/usermod", - "-a", - "-G", - "docker", - username, - ] - ) - if p.returncode == 0: - message = "Great! Now you must log out of your computer and log back in, and then you can use Dangerzone." - Alert(self, self.global_common, message).launch() - else: - message = "Failed to add your user to the 'docker' group, quitting." - Alert(self, self.global_common, message).launch() - - return False - else: - # Cancel - return False - - return True - - def ensure_docker_service_is_started(self): - if not is_docker_ready(self.global_common): - message = "Dangerzone requires Docker

Docker should be installed, but it looks like it's not running in the background.

Click Ok to try starting the docker service. You will have to type your login password." - if ( - Alert(self, self.global_common, message).launch() - == QtWidgets.QDialog.Accepted - ): - p = subprocess.run( - [ - "/usr/bin/pkexec", - self.global_common.get_resource_path( - "enable_docker_service.sh" - ), - ] - ) - if p.returncode == 0: - # Make sure docker is now ready - if is_docker_ready(self.global_common): - return True - else: - message = "Restarting docker appeared to work, but the service still isn't responding, quitting." - Alert(self, self.global_common, message).launch() - else: - message = "Failed to start the docker service, quitting." - Alert(self, self.global_common, message).launch() - - return False - - return True - class Alert(QtWidgets.QDialog): def __init__( diff --git a/install/linux/media.firstlook.dangerzone-container.policy b/install/linux/media.firstlook.dangerzone-container.policy deleted file mode 100644 index 4e0a847..0000000 --- a/install/linux/media.firstlook.dangerzone-container.policy +++ /dev/null @@ -1,16 +0,0 @@ - - - - - Run Dangerzone Container - Dangerzone needs you to authenticate to run containers - - auth_admin_keep - auth_admin_keep - auth_admin_keep - - /usr/bin/dangerzone-container - - diff --git a/setup.py b/setup.py index ce53640..67b8ecc 100644 --- a/setup.py +++ b/setup.py @@ -34,10 +34,6 @@ setuptools.setup( ["install/linux/media.firstlook.dangerzone.png"], ), ("share/dangerzone", file_list("share")), - ( - "share/polkit-1/actions", - ["install/linux/media.firstlook.dangerzone-container.policy"], - ), ], classifiers=[ "Programming Language :: Python", diff --git a/share/enable_docker_service.sh b/share/enable_docker_service.sh deleted file mode 100755 index ca0f29d..0000000 --- a/share/enable_docker_service.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -/bin/systemctl restart docker.service -/bin/systemctl enable docker.service \ No newline at end of file From 9ed3bac2b5e49468728d9d3a8e8a19c69c439399 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Mon, 21 Jun 2021 12:35:23 -0700 Subject: [PATCH 25/34] If Tails is detected, tell the container runtime to pull images over Tor --- dangerzone/container.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/dangerzone/container.py b/dangerzone/container.py index 487578e..b9b88a9 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -4,6 +4,7 @@ import subprocess import sys import pipes import shutil +import os # What is the container runtime for this platform? if platform.system() == "Darwin": @@ -28,6 +29,17 @@ def exec_container(args): print("> " + args_str) sys.stdout.flush() + # In Tails, tell the container runtime to download over Tor + if ( + platform.system() == "Linux" + and os.getlogin() == "amnesia" + and os.getuid() == 1000 + ): + env = os.environ.copy() + env["HTTP_PROXY"] = "socks5://127.0.0.1:9050" + else: + env = None + with subprocess.Popen( args, stdin=None, @@ -36,6 +48,7 @@ def exec_container(args): bufsize=1, universal_newlines=True, startupinfo=startupinfo, + env=env, ) as p: p.communicate() return p.returncode From 51bee645ed676ed82266f21e9ac227f404c4a5e9 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Mon, 21 Jun 2021 12:39:53 -0700 Subject: [PATCH 26/34] Explicitly set the container_tech to either "docker" or "podman" --- dangerzone/container.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/dangerzone/container.py b/dangerzone/container.py index b9b88a9..0b57eaa 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -8,11 +8,18 @@ import os # What is the container runtime for this platform? if platform.system() == "Darwin": - container_runtime = "/usr/local/bin/docker" + container_tech = "docker" + container_runtime = shutil.which("docker") elif platform.system() == "Windows": + container_tech = "docker" container_runtime = shutil.which("docker.exe") -else: +elif platform.system() == "Linux": + container_tech = "podman" container_runtime = shutil.which("podman") +else: + print("Unknown operating system, defaulting to Docker") + container_tech = "docker" + container_runtime = shutil.which("docker") # Define startupinfo for subprocesses if platform.system() == "Windows": @@ -84,8 +91,8 @@ def documenttopixels(document_filename, pixel_dir, container_name): """docker run --network none -v [document_filename]:/tmp/input_file -v [pixel_dir]:/dangerzone [container_name] document-to-pixels""" args = ["run", "--network", "none"] - # Linux uses podman instead of docker, and only docker uses --security-opt - if platform.system() != "Linux": + # docker uses --security-opt, podman doesn't + if container_tech == "docker": args += ["--security-opt=no-new-privileges:true"] args += [ From 9536a4db41bf0e584f510b88a15cf215ad9ea446 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Mon, 21 Jun 2021 12:53:43 -0700 Subject: [PATCH 27/34] Add install Docker Desktop to Windows/Mac build instructions --- BUILD.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/BUILD.md b/BUILD.md index 59674c0..25fd30e 100644 --- a/BUILD.md +++ b/BUILD.md @@ -42,6 +42,8 @@ Create a .rpm: ## macOS +Install [Docker Desktop](https://www.docker.com/products/docker-desktop). + Install python@3.9 from Homebrew: ``` @@ -83,6 +85,8 @@ The output is in the `dist` folder. ## Windows +Install [Docker Desktop](https://www.docker.com/products/docker-desktop). + These instructions include adding folders to the path in Windows. To do this, go to Start and type "advanced system settings", and open "View advanced system settings" in the Control Panel. Click Environment Variables. Under "System variables" double-click on Path. From there you can add and remove folders that are available in the PATH. Download Python 3.9.0, 32-bit (x86) from https://www.python.org/downloads/release/python-390/. I downloaded python-3.9.0.exe. When installing it, make sure to check the "Add Python 3.9 to PATH" checkbox on the first page of the installer. From 14fe8add588498b45b242ec979009c40192633d7 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Tue, 22 Jun 2021 09:43:32 -0700 Subject: [PATCH 28/34] Use the dangerzone cache dir for temporary files in all OSes, not just Linux --- dangerzone/common.py | 31 ++++++++++++------------------- 1 file changed, 12 insertions(+), 19 deletions(-) diff --git a/dangerzone/common.py b/dangerzone/common.py index d8630d6..9a81915 100644 --- a/dangerzone/common.py +++ b/dangerzone/common.py @@ -2,6 +2,7 @@ import os import stat import platform import tempfile +import appdirs class Common(object): @@ -11,26 +12,16 @@ class Common(object): def __init__(self): # Temporary directory to store pixel data and safe PDFs - if platform.system() == "Windows": - self.pixel_dir = tempfile.TemporaryDirectory(prefix="dangerzone-pixel-") - self.safe_dir = tempfile.TemporaryDirectory(prefix="dangerzone-safe-") - elif platform.system() == "Darwin": - # In macOS, temp dirs must be in /tmp (or a few other paths) for Docker to mount them - self.pixel_dir = tempfile.TemporaryDirectory( - prefix="/tmp/dangerzone-pixel-" - ) - self.safe_dir = tempfile.TemporaryDirectory(prefix="/tmp/dangerzone-safe-") - else: - # In Linux, temp dirs must be in the homedir for the snap package version of Docker to mount them - cache_dir = os.path.expanduser("~/.cache/dangerzone") - os.makedirs(cache_dir, exist_ok=True) - self.pixel_dir = tempfile.TemporaryDirectory( - prefix=os.path.join(cache_dir, "pixel-") - ) - self.safe_dir = tempfile.TemporaryDirectory( - prefix=os.path.join(cache_dir, "safe-") - ) + cache_dir = appdirs.user_cache_dir("dangerzone") + os.makedirs(cache_dir, exist_ok=True) + self.pixel_dir = tempfile.TemporaryDirectory( + prefix=os.path.join(cache_dir, "pixel-") + ) + self.safe_dir = tempfile.TemporaryDirectory( + prefix=os.path.join(cache_dir, "safe-") + ) + try: # Make the folders world-readable to ensure that the container has permission # to access it even if it's owned by root or someone else permissions = ( @@ -44,6 +35,8 @@ class Common(object): ) os.chmod(self.pixel_dir.name, permissions) os.chmod(self.safe_dir.name, permissions) + except: + pass # Name of input and out files self.document_filename = None From f8381749c31a2b186ebfd105e81c0e0364420c93 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Tue, 22 Jun 2021 10:49:51 -0700 Subject: [PATCH 29/34] Improve terminal colors on light-colored terminal backgrounds --- dangerzone/cli.py | 4 ++-- dangerzone/global_common.py | 2 +- dangerzone/gui/tasks.py | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/dangerzone/cli.py b/dangerzone/cli.py index e688c32..2e40e97 100644 --- a/dangerzone/cli.py +++ b/dangerzone/cli.py @@ -9,7 +9,7 @@ from .common import Common def print_header(s): click.echo("") - click.echo(Style.BRIGHT + Fore.LIGHTWHITE_EX + s) + click.echo(Style.BRIGHT + s) def exec_container(global_common, args): @@ -22,7 +22,7 @@ def exec_container(global_common, args): # Hack to add colors to the command executing if line.startswith(b"> "): print( - Fore.YELLOW + "> " + Fore.LIGHTCYAN_EX + line.decode()[2:], + Style.DIM + "> " + Style.NORMAL + Fore.CYAN + line.decode()[2:], end="", ) else: diff --git a/dangerzone/global_common.py b/dangerzone/global_common.py index 842957e..f7de028 100644 --- a/dangerzone/global_common.py +++ b/dangerzone/global_common.py @@ -441,7 +441,7 @@ class GlobalCommon(object): def exec_dangerzone_container(self, args): args = [self.dz_container_path] + args args_str = " ".join(pipes.quote(s) for s in args) - print(Fore.YELLOW + "> " + Fore.CYAN + args_str) + print(Style.DIM + "> " + Style.NORMAL + Fore.CYAN + args_str) # Execute dangerzone-container return subprocess.Popen( diff --git a/dangerzone/gui/tasks.py b/dangerzone/gui/tasks.py index f6ece5c..63227d9 100644 --- a/dangerzone/gui/tasks.py +++ b/dangerzone/gui/tasks.py @@ -21,7 +21,7 @@ class TaskBase(QtCore.QThread): if line.startswith(b"> "): print( - Fore.YELLOW + "> " + Fore.LIGHTCYAN_EX + line.decode()[2:], + Style.DIM + "> " + Style.NORMAL + Fore.CYAN + line.decode()[2:], end="", ) else: From d56c21143f53129236277d90640c4b9b8602ff56 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Tue, 22 Jun 2021 11:23:29 -0700 Subject: [PATCH 30/34] Version bump to 0.2.1 and update changelog and circleci config --- .circleci/config.yml | 14 +++++++------- CHANGELOG.md | 5 +++++ README.md | 4 ++-- pyproject.toml | 2 +- share/version.txt | 2 +- 5 files changed, 16 insertions(+), 11 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 80f3b3a..72a556d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -10,7 +10,7 @@ jobs: command: | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama + apt-get install -y git ssh ruby-dev rubygems podman python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama gem install -N rake gem install -N package_cloud - checkout @@ -40,7 +40,7 @@ jobs: command: | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama + apt-get install -y git ssh ruby-dev rubygems podman python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama gem install -N rake gem install -N package_cloud - checkout @@ -65,7 +65,7 @@ jobs: command: | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama + apt-get install -y git ssh ruby-dev rubygems podman python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama gem install -N rake gem install -N package_cloud - checkout @@ -89,7 +89,7 @@ jobs: name: Install dependencies command: | apt-get update - apt-get install -y git ssh ruby-dev rubygems python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama + apt-get install -y git ssh ruby-dev rubygems podman python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-requests python3-colorama gem install -N rake gem install -N package_cloud - checkout @@ -115,7 +115,7 @@ jobs: - run: name: Install dependencies command: | - dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama + dnf install -y podman git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama gem install package_cloud - checkout - run: @@ -137,7 +137,7 @@ jobs: - run: name: Install dependencies command: | - dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama + dnf install -y podman git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama gem install package_cloud - checkout - run: @@ -159,7 +159,7 @@ jobs: - run: name: Install dependencies command: | - dnf install -y git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama + dnf install -y podman git openssh ruby-devel make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-requests python3-colorama gem install package_cloud - checkout - run: diff --git a/CHANGELOG.md b/CHANGELOG.md index 1c8e76a..74b0718 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,10 @@ # Change Log +## Dangerzone 0.2.1 + +- Switch from Docker to Podman for Linux +- Improve CLI colors + ## Dangerzone 0.2 - Command line support and improved terminal output diff --git a/README.md b/README.md index 0b1a19b..d37aef4 100644 --- a/README.md +++ b/README.md @@ -10,8 +10,8 @@ _Read more about Dangerzone in the blog post [Dangerzone: Working With Suspiciou ## Getting started -- Download [Dangerzone 0.2 for Mac](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone-0.2.dmg) -- Download [Dangerzone 0.2 for Windows](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone-0.2.msi) +- Download [Dangerzone 0.2.1 for Mac](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone-0.2.dmg) +- Download [Dangerzone 0.2.1 for Windows](https://github.com/firstlookmedia/dangerzone/releases/download/v0.2/Dangerzone-0.2.msi) - See [installing Dangerzone](https://github.com/firstlookmedia/dangerzone/wiki/Installing-Dangerzone) on the wiki for Linux repositories You can also install Dangerzone for Mac using [Homebrew](https://brew.sh/): `brew install --cask dangerzone` diff --git a/pyproject.toml b/pyproject.toml index 2a1df2d..3ad54f4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "dangerzone" -version = "0.2" +version = "0.2.1" description = "Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF" authors = ["Micah Lee "] license = "MIT" diff --git a/share/version.txt b/share/version.txt index 3b04cfb..0c62199 100644 --- a/share/version.txt +++ b/share/version.txt @@ -1 +1 @@ -0.2 +0.2.1 From c6c011f2358fadecdabe104d0d556817c7acfb4e Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Tue, 22 Jun 2021 11:51:35 -0700 Subject: [PATCH 31/34] Change Wix config to allow upgrades --- install/windows/build-wxs.py | 25 ++++--------------------- 1 file changed, 4 insertions(+), 21 deletions(-) diff --git a/install/windows/build-wxs.py b/install/windows/build-wxs.py index 1ad211e..8c0d410 100644 --- a/install/windows/build-wxs.py +++ b/install/windows/build-wxs.py @@ -154,7 +154,7 @@ def main(): "Product", Name="Dangerzone", Manufacturer="First Look Media", - Id="f40ff0a9-ebf8-4e1e-9bce-6ab5c74fe119", + Id="*", UpgradeCode="$(var.ProductUpgradeCode)", Language="1033", Codepage="1252", @@ -203,29 +203,12 @@ def main(): Id="WixUIDialogBmp", Value="..\\..\\install\\windows\\dialog.bmp", ) - upgrade_el = ET.SubElement(product_el, "Upgrade", Id="$(var.ProductUpgradeCode)") ET.SubElement( - upgrade_el, - "UpgradeVersion", - Minimum="$(var.ProductVersion)", - OnlyDetect="yes", - Property="NEWERVERSIONDETECTED", - ) - ET.SubElement( - upgrade_el, - "UpgradeVersion", - Minimum="0.0.0", - Maximum="$(var.ProductVersion)", - IncludeMinimum="yes", - IncludeMaximum="no", - Property="OLDERVERSIONBEINGUPGRADED", - ) - condition_el = ET.SubElement( product_el, - "Condition", - Message="A newer version of this software is already installed.", + "MajorUpgrade", + AllowSameVersionUpgrades="yes", + DowngradeErrorMessage="A newer version of [ProductName] is already installed. If you are sure you want to downgrade, remove the existing installation via Programs and Features.", ) - condition_el.text = "NOT NEWERVERSIONDETECTED" build_dir_xml(product_el, data) component_ids = build_components_xml(product_el, data) From e8a348419f04585a5da37c8fd78d13b5581d0a3c Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Tue, 22 Jun 2021 12:03:29 -0700 Subject: [PATCH 32/34] Must remove InstallExecuteSequence for Wix package to build --- install/windows/build-wxs.py | 8 -------- 1 file changed, 8 deletions(-) diff --git a/install/windows/build-wxs.py b/install/windows/build-wxs.py index 8c0d410..43840e7 100644 --- a/install/windows/build-wxs.py +++ b/install/windows/build-wxs.py @@ -213,14 +213,6 @@ def main(): build_dir_xml(product_el, data) component_ids = build_components_xml(product_el, data) - install_exec_seq_el = ET.SubElement( - product_el, - "InstallExecuteSequence", - ) - ET.SubElement( - install_exec_seq_el, "RemoveExistingProducts", After="InstallValidate" - ) - feature_el = ET.SubElement(product_el, "Feature", Id="DefaultFeature", Level="1") for component_id in component_ids: ET.SubElement(feature_el, "ComponentRef", Id=component_id) From d3d417ee84fc5a8218110bcce105539710a3bd7c Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Tue, 22 Jun 2021 13:34:15 -0700 Subject: [PATCH 33/34] Strip ANSI colors from Mac GUI output to preventing crashing, and fix Mac docker path --- dangerzone/container.py | 2 +- dangerzone/gui/__init__.py | 21 ++++++++++++++++++++- poetry.lock | 14 +++++++++++++- pyproject.toml | 1 + 4 files changed, 35 insertions(+), 3 deletions(-) diff --git a/dangerzone/container.py b/dangerzone/container.py index 0b57eaa..98da8ac 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -9,7 +9,7 @@ import os # What is the container runtime for this platform? if platform.system() == "Darwin": container_tech = "docker" - container_runtime = shutil.which("docker") + container_runtime = "/usr/local/bin/docker" elif platform.system() == "Windows": container_tech = "docker" container_runtime = shutil.which("docker.exe") diff --git a/dangerzone/gui/__init__.py b/dangerzone/gui/__init__.py index a0c2a45..045d133 100644 --- a/dangerzone/gui/__init__.py +++ b/dangerzone/gui/__init__.py @@ -5,6 +5,7 @@ import platform import click import uuid from PySide2 import QtCore, QtWidgets +from strip_ansi import strip_ansi from .common import GuiCommon from .main_window import MainWindow @@ -48,10 +49,28 @@ class ApplicationWrapper(QtCore.QObject): @click.option("--custom-container") # Use this container instead of flmcode/dangerzone @click.argument("filename", required=False) def gui_main(custom_container, filename): - # Required for macOS Big Sur: https://stackoverflow.com/a/64878899 if platform.system() == "Darwin": + # Required for macOS Big Sur: https://stackoverflow.com/a/64878899 os.environ["QT_MAC_WANTS_LAYER"] = "1" + # Strip ANSI colors from stdout output, to prevent terminal colors from breaking + # the macOS GUI app + class StdoutFilter: + def __init__(self, stream): + self.stream = stream + + def __getattr__(self, attr_name): + return getattr(self.stream, attr_name) + + def write(self, data): + self.stream.write(strip_ansi(data)) + + def flush(self): + self.stream.flush() + + sys.stdout = StdoutFilter(sys.stdout) + sys.stderr = StdoutFilter(sys.stderr) + # Create the Qt app app_wrapper = ApplicationWrapper() app = app_wrapper.app diff --git a/poetry.lock b/poetry.lock index 94a767c..4613f75 100644 --- a/poetry.lock +++ b/poetry.lock @@ -296,6 +296,14 @@ category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <3.10" +[[package]] +name = "strip-ansi" +version = "0.1.1" +description = "Strip ANSI escape sequences from a string" +category = "main" +optional = false +python-versions = ">=3.6,<4.0" + [[package]] name = "termcolor" version = "1.1.0" @@ -374,7 +382,7 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = ">=3.7,<3.10" -content-hash = "72592722794667cf7cb6bea727b31eb60d710c90d488be9d10a13bbbcaa56688" +content-hash = "6db74c36125b2d3ad4d04c864c24ecbcf376d5ac75ee7402d950010cade5de96" [metadata.files] altgraph = [ @@ -551,6 +559,10 @@ shiboken2 = [ {file = "shiboken2-5.15.2-5.15.2-cp35.cp36.cp37.cp38.cp39-none-win32.whl", hash = "sha256:89c157a0e2271909330e1655892e7039249f7b79a64a443d52c512337065cde0"}, {file = "shiboken2-5.15.2-5.15.2-cp35.cp36.cp37.cp38.cp39-none-win_amd64.whl", hash = "sha256:14a33169cf1bd919e4c4c4408fffbcd424c919a3f702df412b8d72b694e4c1d5"}, ] +strip-ansi = [ + {file = "strip-ansi-0.1.1.tar.gz", hash = "sha256:5d60f239cc8a37fdd52b43c3e66e893d45ba0423115db59eca0d2eef83b07729"}, + {file = "strip_ansi-0.1.1-py3-none-any.whl", hash = "sha256:9f55280e1b0ba84dac49d4f18aa6b51b90ff766b22e4918ffc01cc87b394ecd1"}, +] termcolor = [ {file = "termcolor-1.1.0.tar.gz", hash = "sha256:1d6d69ce66211143803fbc56652b41d73b4a400a2891d7bf7a1cdf4c02de613b"}, ] diff --git a/pyproject.toml b/pyproject.toml index 3ad54f4..32144ce 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -19,6 +19,7 @@ pyxdg = {version = "*", platform = "linux"} pyobjc-core = {version = "*", platform = "darwin"} pyobjc-framework-launchservices = {version = "*", platform = "darwin"} colorama = "^0.4.4" +strip-ansi = "^0.1.1" [tool.poetry.dev-dependencies] pyinstaller = {version = "*", platform = "darwin"} From e3dc7988e9e8e97663643e713617d9f4bdad3c6d Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Tue, 22 Jun 2021 13:40:08 -0700 Subject: [PATCH 34/34] Make strip-ansi Mac-only --- dangerzone/gui/__init__.py | 3 ++- pyproject.toml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/dangerzone/gui/__init__.py b/dangerzone/gui/__init__.py index 045d133..932ddeb 100644 --- a/dangerzone/gui/__init__.py +++ b/dangerzone/gui/__init__.py @@ -5,7 +5,6 @@ import platform import click import uuid from PySide2 import QtCore, QtWidgets -from strip_ansi import strip_ansi from .common import GuiCommon from .main_window import MainWindow @@ -55,6 +54,8 @@ def gui_main(custom_container, filename): # Strip ANSI colors from stdout output, to prevent terminal colors from breaking # the macOS GUI app + from strip_ansi import strip_ansi + class StdoutFilter: def __init__(self, stream): self.stream = stream diff --git a/pyproject.toml b/pyproject.toml index 32144ce..06bf852 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -18,8 +18,8 @@ wmi = {version = "*", platform = "win32"} pyxdg = {version = "*", platform = "linux"} pyobjc-core = {version = "*", platform = "darwin"} pyobjc-framework-launchservices = {version = "*", platform = "darwin"} +strip-ansi = {version = "*", platform = "darwin"} colorama = "^0.4.4" -strip-ansi = "^0.1.1" [tool.poetry.dev-dependencies] pyinstaller = {version = "*", platform = "darwin"}