Merge 87ec9b73c1 into c7ba9ee75c

Closes #1091

.github/workflows/build.yml

@@ -49,6 +49,8 @@ jobs:
             version: "40"
           - distro: fedora
             version: "41"
+          - distro: fedora
+            version: "42"
 
     steps:
       - name: Checkout

.github/workflows/ci.yml

@@ -306,7 +306,7 @@ jobs:
     strategy:
       matrix:
         distro: ["fedora"]
-        version: ["40", "41"]
+        version: ["40", "41", "42"]
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -395,6 +395,8 @@ jobs:
             version: "40"
           - distro: fedora
             version: "41"
+          - distro: fedora
+            version: "42"
 
     steps:
       - name: Checkout

BUILD.md

@@ -109,28 +109,6 @@ sudo dnf install -y rpm-build podman python3 python3-devel python3-poetry-core \
     pipx qt6-qtbase-gui
 ```
 
-<table>
-  <tr>
-      <td>
-<details>
-  <summary><i>:memo: Expand this section if you are on Fedora 41.</i></summary>
-  </br>
-
-  The default Python version that ships with Fedora 41 (3.13) is not
-  compatible with PySide6, which requires Python 3.12 or earlier.
-
-  You can install Python 3.12 using the `python3.12` package.
-
-  ```bash
-  sudo dnf install -y python3.12
-  ```
-
-  Poetry will automatically pick up the correct version when running.
-</details>
-    </td>
-  </tr>
-</table>
-
 Install Poetry using `pipx`:
 
 ```sh

CHANGELOG.md

@@ -8,6 +8,7 @@ since 0.4.1, and this project adheres to [Semantic Versioning](https://semver.or
 ## [Unreleased](https://github.com/freedomofpress/dangerzone/compare/v0.8.1...HEAD)
 
 - Platform support: Drop support for Ubuntu Focal, since it's nearing end-of-life ([#1018](https://github.com/freedomofpress/dangerzone/issues/1018))
+- Platform support: Add support for Fedora 42 ([#1091](https://github.com/freedomofpress/dangerzone/issues/1091))
 
 ## [0.8.1](https://github.com/freedomofpress/dangerzone/compare/v0.8.1...0.8.0)
 

INSTALL.md

@@ -1,8 +1,41 @@
+## Operating System support
+
+Dangerzone can run on various Operating Systems (OS), and has automated tests
+for most of them.
+This section explains which OS we support, how long we support each version, and
+how do we test Dangerzone against these.
+
+You can find general support information in this table, and more details in the
+following sections.
+
+(Unless specified, the architecture of the OS is AMD64)
+
+| Distribution  | Supported versions        | Automated tests        | Manual QA         |
+| ------------  | ------------------------- | ---------------------- | ----------------- |
+| Windows       | 2 last versions           | 🗹 (`windows-latest`) ◎ | Last version only |
+| macOS intel   | 3 last versions           | 🗹 (`macos-13`) ◎       | Last version only |
+| macOS silicon | 3 last versions           | 🗹 (`macos-latest`) ◎   | Last version only |
+| Ubuntu        | Follow upstream support ✰ | 🗹                      | 🗹                 |
+| Debian        | Current stable, Oldstable and LTS releases | 🗹     | 🗹                 |
+| Fedora        | Follow upstream support   | 🗹                      | 🗹                 |
+| Qubes OS      | [Beta support](https://github.com/freedomofpress/dangerzone/issues/413) ✢ | 🗷 | Latest Fedora template |
+| Tails         | Only the latest version   | 🗷 | Last release only |
+
+Notes:
+
+✰ Support for Ubuntu Focal [was dropped](https://github.com/freedomofpress/dangerzone/issues/1018)
+
+✢ Qubes OS support assumes the use of a Fedora template. The supported versions follow our general support for Fedora.
+
+◎ More information about where that points [in the runner-images repository](https://github.com/actions/runner-images/tree/main)
+
 ## MacOS
 
 - Download [Dangerzone 0.8.1 for Mac (Apple Silicon CPU)](https://github.com/freedomofpress/dangerzone/releases/download/v0.8.1/Dangerzone-0.8.1-arm64.dmg)
 - Download [Dangerzone 0.8.1 for Mac (Intel CPU)](https://github.com/freedomofpress/dangerzone/releases/download/v0.8.1/Dangerzone-0.8.1-i686.dmg)
 
+> [!TIP] We support the versions of macOS that are still within Apple's servicing timeline. Apple usually provides security updates for the latest 3 releases, but this isn’t consistently applied and security fixes aren’t guaranteed for the non-latest releases. We are also dependent on [Docker Desktop windows support](https://docs.docker.com/desktop/setup/install/mac-install/)
+
 You can also install Dangerzone for Mac using [Homebrew](https://brew.sh/): `brew install --cask dangerzone`
 
 > **Note**: you will also need to install [Docker Desktop](https://www.docker.com/products/docker-desktop/).
@@ -17,11 +50,29 @@ You can also install Dangerzone for Mac using [Homebrew](https://brew.sh/): `bre
 > This program needs to run alongside Dangerzone at all times, since it is what allows Dangerzone to
 > create the secure environment.
 
+> [!TIP] We generally support the versions of Windows that are still within [Microsoft’s servicing timeline](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet).
+> 
+> Docker sets the bottom line:
+>
+> > Docker only supports Docker Desktop on Windows for those versions of Windows that are still within [Microsoft’s servicing timeline](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet). Docker Desktop is not supported on server versions of Windows, such as Windows Server 2019 or Windows Server 2022. 
+
+
 ## Linux
+
 On Linux, Dangerzone uses [Podman](https://podman.io/) instead of Docker Desktop for creating
 an isolated environment. It will be installed automatically when installing Dangerzone.
 
+> [!TIP] We support Ubuntu, Debian, and Fedora versions that are still within
+> their respective servicing timelines, with a few twists:
+
+> - Ubuntu: We follow upstream support with an extra cutoff date. No support for
+>   versions prior to the second oldest LTS release.
+> - Fedora: We follow upstream support
+> - Debian: current stable, oldstable and LTS releases.
+
+
 Dangerzone is available for:
+
 - Ubuntu 24.10 (oracular)
 - Ubuntu 24.04 (noble)
 - Ubuntu 22.04 (jammy)

README.md

@@ -22,6 +22,8 @@ Follow the instructions for each platform:
 * [Qubes OS (beta)](https://github.com/freedomofpress/dangerzone/blob/v0.8.0/INSTALL.md#qubes-os)
 * [Tails](https://github.com/freedomofpress/dangerzone/blob/v0.8.1/INSTALL.md#tails)
 
+You can read more about our operating system support [here](https://github.com/freedomofpress/dangerzone/blob/v0.8.1/INSTALL.md#operating-system-support).
+
 ## Some features
 
 - Sandboxes don't have network access, so if a malicious document can compromise one, it can't phone home

dangerzone/gui/main_window.py

@@ -3,6 +3,7 @@ import os
 import platform
 import tempfile
 import typing
+from multiprocessing import freeze_support
 from multiprocessing.pool import ThreadPool
 from pathlib import Path
 from typing import List, Optional
@@ -1220,6 +1221,9 @@ class DocumentsListWidget(QtWidgets.QListWidget):
     def start_conversion(self) -> None:
         if not self.thread_pool_initized:
             max_jobs = self.dangerzone.isolation_provider.get_max_parallel_conversions()
+            # Call freeze_support() to avoid passing unknown options to the subprocess.
+            # See https://github.com/freedomofpress/dangerzone/issues/873
+            freeze_support()
             self.thread_pool = ThreadPool(max_jobs)
 
         for doc in self.docs_list:

dev_scripts/env.py

@@ -103,14 +103,6 @@ RUN apt-get update \
     && rm -rf /var/lib/apt/lists/*
 """
 
-# NOTE: Fedora 41 comes with Python 3.13 installed. Our Python project is not compatible
-# yet with Python 3.13, because PySide6 cannot work with this Python version. To
-# sidestep this, install Python 3.12 *only* in dev environments.
-DOCKERFILE_BUILD_DEV_FEDORA_41_DEPS = r"""
-# Install Python 3.12 since our project is not compatible yet with Python 3.13.
-RUN dnf install -y python3.12
-"""
-
 # FIXME: Install Poetry on Fedora via package manager.
 DOCKERFILE_BUILD_DEV_FEDORA_DEPS = r"""
 RUN dnf install -y git rpm-build podman python3 python3-devel python3-poetry-core \
@@ -538,8 +530,6 @@ class Env:
 
         if self.distro == "fedora":
             install_deps = DOCKERFILE_BUILD_DEV_FEDORA_DEPS
-            if self.version == "41":
-                install_deps += DOCKERFILE_BUILD_DEV_FEDORA_41_DEPS
         else:
             # Use Qt6 in all of our Linux dev environments, and add a missing
             # libxcb-cursor0 dependency

dev_scripts/qa.py

@@ -327,28 +327,6 @@ sudo dnf install -y rpm-build podman python3 python3-devel python3-poetry-core \
     pipx qt6-qtbase-gui
 ```
 
-<table>
-  <tr>
-      <td>
-<details>
-  <summary><i>:memo: Expand this section if you are on Fedora 41.</i></summary>
-  </br>
-
-  The default Python version that ships with Fedora 41 (3.13) is not
-  compatible with PySide6, which requires Python 3.12 or earlier.
-
-  You can install Python 3.12 using the `python3.12` package.
-
-  ```bash
-  sudo dnf install -y python3.12
-  ```
-
-  Poetry will automatically pick up the correct version when running.
-</details>
-    </td>
-  </tr>
-</table>
-
 Install Poetry using `pipx`:
 
 ```sh
@@ -1044,6 +1022,10 @@ class QAFedora(QALinux):
         )
 
 
+class QAFedora42(QAFedora):
+    VERSION = "42"
+
+
 class QAFedora41(QAFedora):
     VERSION = "41"