almet/dangerzone
1
0
Fork 0
mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-05-02 11:42:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

Compare commits

base: almet:3e229802af542c97694c9923bf39160efd9e5afc
Branches Tags
almet:main
almet:independent-container-updates
almet:podman-embed
almet:uv-take3
almet:revamp-docs
almet:global-settings
almet:v0.8.1-readme-fix
almet:test-large/969-pytest-group
almet:test/image-publication-cosign-apyrgio
almet:0.8.1-2-fedora
almet:test/image-publication-cosign
almet:1071-quilt
almet:0.8.1-trixie
almet:test/1046-reproducibility-2
almet:sequoia-key-retrieval
almet:test/ubuntu-24-bump
almet:fix-trixie-sq
almet:test/uv
almet:test/wip-reproducible-containers
almet:poetry-export-plugin
almet:test-poetry-export
almet:0.8.1-merge
almet:wip-reproducible-containers
almet:test/2024-11-ubuntu-24-ci
almet:feature-doit
almet:ci-depend-deb
almet:test/macos-runner
almet:ci-win-run-buit-artifact
almet:hotfix-0.7.1
almet:625-host-stream-4
almet:2024-10-fedora-41
almet:625-host-stream-2
almet:merge-hotfix-0.7.1-ci
almet:hotfix-0.7.1-ci
almet:193-instal-fail-wip
almet:test-ci
almet:revert-trixie
almet:hotfix-0.7.0
almet:850-pymupdf-musl
almet:2024-06-fix-runc-secomp
almet:2024-06-update-screenshots
almet:2024-06-docker-desktop-version-check
almet:almet/small-improvements
almet:681-upgrade-circleci-runners
almet:2024-04-pin-mupdf
almet:2024-02_v0.6.0-large-test
almet:424-file-viewer
almet:2023-12-trivy
almet:2023-11-main-largetest-comparison
almet:334-large-test-gh-actions
almet:221-user-ns
almet:v0.9.0
almet:v0.9.0-rc1
almet:v0.8.1
almet:v0.8.0
almet:v0.8.0-rc1
almet:v0.7.1
almet:v0.7.0-2
almet:v0.7.0
almet:v0.6.1
almet:v0.6.1-rc1
almet:v0.6.0-2
almet:v0.6.0
almet:v0.6.0-rc2
almet:v0.6.0-rc1
almet:v0.5.1
almet:v0.5.0
almet:v0.4.2
almet:v0.4.1
almet:v0.4.1-rc3
almet:v0.4.1-rc2
almet:v0.4.1-rc1
almet:v0.4.0-2
almet:v0.4.0
almet:v0.3.2
almet:dev-v0.3.2-rc3
almet:dev-v0.3.2-rc2
almet:dev-v0.3.2-rc1
almet:v0.3.1
almet:v0.3
almet:v0.3.dev1
almet:dev-v0.3.dev1
almet:v0.2.1
almet:v0.2
almet:v0.1.5
almet:v0.1.4
almet:v0.1.3
almet:v0.1.2
almet:v0.1.1
almet:v0.1
almet:v0.0.3
almet:v0.0.2
almet:v0.0.1
..
compare: almet:44a57d3d66a65ab87ea578113c46adbfa05900a8
Branches Tags
almet:independent-container-updates
almet:podman-embed
almet:main
almet:uv-take3
almet:revamp-docs
almet:global-settings
almet:v0.8.1-readme-fix
almet:test-large/969-pytest-group
almet:test/image-publication-cosign-apyrgio
almet:0.8.1-2-fedora
almet:test/image-publication-cosign
almet:1071-quilt
almet:0.8.1-trixie
almet:test/1046-reproducibility-2
almet:sequoia-key-retrieval
almet:test/ubuntu-24-bump
almet:fix-trixie-sq
almet:test/uv
almet:test/wip-reproducible-containers
almet:poetry-export-plugin
almet:test-poetry-export
almet:0.8.1-merge
almet:wip-reproducible-containers
almet:test/2024-11-ubuntu-24-ci
almet:feature-doit
almet:ci-depend-deb
almet:test/macos-runner
almet:ci-win-run-buit-artifact
almet:hotfix-0.7.1
almet:625-host-stream-4
almet:2024-10-fedora-41
almet:625-host-stream-2
almet:merge-hotfix-0.7.1-ci
almet:hotfix-0.7.1-ci
almet:193-instal-fail-wip
almet:test-ci
almet:revert-trixie
almet:hotfix-0.7.0
almet:850-pymupdf-musl
almet:2024-06-fix-runc-secomp
almet:2024-06-update-screenshots
almet:2024-06-docker-desktop-version-check
almet:almet/small-improvements
almet:681-upgrade-circleci-runners
almet:2024-04-pin-mupdf
almet:2024-02_v0.6.0-large-test
almet:424-file-viewer
almet:2023-12-trivy
almet:2023-11-main-largetest-comparison
almet:334-large-test-gh-actions
almet:221-user-ns
almet:v0.9.0
almet:v0.9.0-rc1
almet:v0.8.1
almet:v0.8.0
almet:v0.8.0-rc1
almet:v0.7.1
almet:v0.7.0-2
almet:v0.7.0
almet:v0.6.1
almet:v0.6.1-rc1
almet:v0.6.0-2
almet:v0.6.0
almet:v0.6.0-rc2
almet:v0.6.0-rc1
almet:v0.5.1
almet:v0.5.0
almet:v0.4.2
almet:v0.4.1
almet:v0.4.1-rc3
almet:v0.4.1-rc2
almet:v0.4.1-rc1
almet:v0.4.0-2
almet:v0.4.0
almet:v0.3.2
almet:dev-v0.3.2-rc3
almet:dev-v0.3.2-rc2
almet:dev-v0.3.2-rc1
almet:v0.3.1
almet:v0.3
almet:v0.3.dev1
almet:dev-v0.3.dev1
almet:v0.2.1
almet:v0.2
almet:v0.1.5
almet:v0.1.4
almet:v0.1.3
almet:v0.1.2
almet:v0.1.1
almet:v0.1
almet:v0.0.3
almet:v0.0.2
almet:v0.0.1

6 commits
3e229802af ... 44a57d3d66

Author SHA1 Message Date
Alexis Métaireau
44a57d3d66
Merge 6cb9f46cae into 68f8338d20 2024-10-30 19:11:07 +01:00
Alex Pyrgiotis
68f8338d20
Revert "Disable gVisor's DirectFS feature." 
This reverts commit 73b0f8b7d4.
Unfortunately, disabling DirectFS causes a problem in Linux systems that
enable Yama mode 2. Turns out that Tails is such a system, so we have to
revert this change, if we want to support it.

Refs #982
 2024-10-30 19:10:26 +01:00
Alex Pyrgiotis
d561878e03
tests: Restore previously mocked function 
Restore the `isolation_provider.base.kill_process_group()` function,
which was previously mocked, at the end of the
`test_linger_unkillable()` test. This function is initially mocked, in
order to simulate a hang process. After the mocking completes, the test
needs the original function once more, in order to actually kill the
spawned process.
 2024-10-30 16:45:45 +01:00
Alexis Métaireau
59e1666c28
Drop support for Ubuntu Mantic (23.10), which is EOL since 11 Jul 2024. 2024-10-30 16:43:50 +01:00
jkarasti
95d7d8a4d9
Fix: Error with cx_freeze when building the windows executables 2024-10-30 17:41:15 +02:00
jkarasti
ed2791bbbc
Revert: "fix win build failure due to package autodiscovery" 
This reverts commit 4d9f729654.

The error described in #178 doesen't happen anymore so this workaround is not needed.
 2024-10-30 17:41:15 +02:00
9 changed files with 7 additions and 26 deletions
Show stats Expand all files Collapse all files

2
.github/workflows/build.yml vendored
View file

@ -33,8 +33,6 @@ jobs:
version: "20.04" version: "20.04"
- distro: ubuntu - distro: ubuntu
version: "22.04" version: "22.04"
- distro: ubuntu
version: "23.10"
- distro: ubuntu - distro: ubuntu
version: "24.04" version: "24.04"
- distro: ubuntu - distro: ubuntu

2
.github/workflows/check_repos.yml vendored
View file

@ -23,8 +23,6 @@ jobs:
version: "24.10" # oracular version: "24.10" # oracular
- distro: ubuntu - distro: ubuntu
version: "24.04" # noble version: "24.04" # noble
- distro: ubuntu
version: "23.10" # mantic
- distro: ubuntu - distro: ubuntu
version: "22.04" # jammy version: "22.04" # jammy
- distro: ubuntu - distro: ubuntu

6
.github/workflows/ci.yml vendored
View file

@ -159,8 +159,6 @@ jobs:
version: "20.04" version: "20.04"
- distro: ubuntu - distro: ubuntu
version: "22.04" version: "22.04"
- distro: ubuntu
version: "23.10"
- distro: ubuntu - distro: ubuntu
version: "24.04" version: "24.04"
- distro: ubuntu - distro: ubuntu
@ -229,8 +227,6 @@ jobs:
version: "20.04" version: "20.04"
- distro: ubuntu - distro: ubuntu
version: "22.04" version: "22.04"
- distro: ubuntu
version: "23.10"
- distro: ubuntu - distro: ubuntu
version: "24.04" version: "24.04"
- distro: ubuntu - distro: ubuntu
@ -350,8 +346,6 @@ jobs:
version: "20.04" version: "20.04"
- distro: ubuntu - distro: ubuntu
version: "22.04" version: "22.04"
- distro: ubuntu
version: "23.10"
- distro: ubuntu - distro: ubuntu
version: "24.04" version: "24.04"
- distro: ubuntu - distro: ubuntu

1
INSTALL.md
View file

@ -11,7 +11,6 @@ an isolated environment. It will be installed automatically when installing Dang
Dangerzone is available for: Dangerzone is available for:
- Ubuntu 24.10 (oracular) - Ubuntu 24.10 (oracular)
- Ubuntu 24.04 (noble) - Ubuntu 24.04 (noble)
- Ubuntu 23.10 (mantic)
- Ubuntu 22.04 (jammy) - Ubuntu 22.04 (jammy)
- Ubuntu 20.04 (focal) - Ubuntu 20.04 (focal)
- Debian 13 (trixie) - Debian 13 (trixie)

3
dangerzone/gvisor_wrapper/entrypoint.py
View file

@ -142,9 +142,6 @@ runsc_argv = [
"--rootless=true", "--rootless=true",
"--network=none", "--network=none",
"--root=/home/dangerzone/.containers", "--root=/home/dangerzone/.containers",
# Disable DirectFS for to make the seccomp filter even stricter,
# at some performance cost.
"--directfs=false",
] ]
if os.environ.get("RUNSC_DEBUG"): if os.environ.get("RUNSC_DEBUG"):
runsc_argv += ["--debug=true", "--alsologtostderr=true"] runsc_argv += ["--debug=true", "--alsologtostderr=true"]

4
dev_scripts/env.py
View file

@ -696,8 +696,6 @@ class Env:
DOCKERFILE_CONMON_UPDATE + DOCKERFILE_BUILD_DEV_DEBIAN_DEPS DOCKERFILE_CONMON_UPDATE + DOCKERFILE_BUILD_DEV_DEBIAN_DEPS
) )
elif self.distro == "ubuntu" and self.version in ( elif self.distro == "ubuntu" and self.version in (
"23.10",
"mantic",
"24.04", "24.04",
"noble", "noble",
"24.10", "24.10",
@ -784,8 +782,6 @@ class Env:
# package (see https://github.com/freedomofpress/dangerzone/issues/685) # package (see https://github.com/freedomofpress/dangerzone/issues/685)
install_deps = DOCKERFILE_CONMON_UPDATE + DOCKERFILE_BUILD_DEBIAN_DEPS install_deps = DOCKERFILE_CONMON_UPDATE + DOCKERFILE_BUILD_DEBIAN_DEPS
elif self.distro == "ubuntu" and self.version in ( elif self.distro == "ubuntu" and self.version in (
"23.10",
"mantic",
"24.04", "24.04",
"noble", "noble",
"24.10", "24.10",

5
dev_scripts/qa.py
View file

@ -978,11 +978,6 @@ class QAUbuntu2204(QADebianBased):
VERSION = "22.04" VERSION = "22.04"
class QAUbuntu2310(QADebianBased):
DISTRO = "ubuntu"
VERSION = "23.10"
class QAUbuntu2404(QADebianBased): class QAUbuntu2404(QADebianBased):
DISTRO = "ubuntu" DISTRO = "ubuntu"
VERSION = "24.04" VERSION = "24.04"

8
setup-windows.py
View file

@ -4,7 +4,6 @@ from cx_Freeze import Executable, setup
with open("share/version.txt") as f: with open("share/version.txt") as f:
version = f.read().strip() version = f.read().strip()
packages = ["dangerzone", "dangerzone.gui"]
setup( setup(
name="dangerzone", name="dangerzone",
@ -12,10 +11,13 @@ setup(
# On Windows description will show as the app's name in the "Open With" menu. See: # On Windows description will show as the app's name in the "Open With" menu. See:
# https://github.com/freedomofpress/dangerzone/issues/283#issuecomment-1365148805 # https://github.com/freedomofpress/dangerzone/issues/283#issuecomment-1365148805
description="Dangerzone", description="Dangerzone",
packages=packages,
options={ options={
"build_exe": { "build_exe": {
"packages": packages, # Explicitly specify pymupdf.util module to fix building the executables
# with cx_freeze. See https://github.com/marcelotduarte/cx_Freeze/issues/2653
# for more details.
# TODO: Upgrade to cx_freeze 7.3.0 which should include a fix.
"packages": ["dangerzone", "dangerzone.gui", "pymupdf.utils"],
"excludes": ["test", "tkinter"], "excludes": ["test", "tkinter"],
"include_files": [("share", "share"), ("LICENSE", "LICENSE")], "include_files": [("share", "share"), ("LICENSE", "LICENSE")],
"include_msvcr": True, "include_msvcr": True,

2
tests/isolation_provider/base.py
View file

@ -164,6 +164,7 @@ class IsolationProviderTermination:
terminate_proc_mock = mocker.patch.object( terminate_proc_mock = mocker.patch.object(
provider, "terminate_doc_to_pixels_proc", return_value=None provider, "terminate_doc_to_pixels_proc", return_value=None
) )
kill_pg_orig = base.kill_process_group
kill_pg_mock = mocker.patch( kill_pg_mock = mocker.patch(
"dangerzone.isolation_provider.base.kill_process_group", return_value=None "dangerzone.isolation_provider.base.kill_process_group", return_value=None
) )
@ -178,6 +179,7 @@ class IsolationProviderTermination:
# Reset the function to the original state. # Reset the function to the original state.
provider.terminate_doc_to_pixels_proc = terminate_proc_orig # type: ignore [method-assign] provider.terminate_doc_to_pixels_proc = terminate_proc_orig # type: ignore [method-assign]
base.kill_process_group = kill_pg_orig
# Really kill the spawned process, so that it doesn't linger after the tests # Really kill the spawned process, so that it doesn't linger after the tests
# complete. # complete.