Releases: ostreedev/ostree
Releases · ostreedev/ostree
2023.4
Notable bugfixes
This is a simple patch that is a candidate for backporting to e.g. stable distribution/OS versions of ostree.
New features
composefs
See the documentation.
- Add initial composefs integration by @alexlarsson in #2640
- Composefs followups by @cgwalters in #2872
- composefs: Add some basic docs by @cgwalters in #2885
- composefs: Avoid double unref by @cgwalters in #2890
- lib: Rework composefs metadata, drop custom signatures by @cgwalters in #2891
- composefs: Change how we do signatures by @alexlarsson in #2879
ostree=aboot for Android Boot
- Add ostree=aboot for signed Android Boot Images by @ericcurtin in #2877
HTTP/pull fixes
- ostree-fetcher-curl: explicitly use HTTP1.1 when HTTP2 is disabled by @daissi in #2886
- Increase the metadata size limit to 128MB by @barthalion in #2865
- fetcher: Always open tmpfiles in repo location by @cgwalters in #2875
Other changes
- tests: A bit more xshell porting by @cgwalters in #2860
- lib/deploy: Use
fallocatefor early prune space check by @jlebon in #2866 - prepare-root: Move sysroot.tmp creation earlier by @cgwalters in #2864
- lib/deploy: Disambiguate error messages for early prune space check by @dustymabe in #2870
- lib/deploy: skip fallocate call when requested size is 0 by @dustymabe in #2871
- test-concurrency: Don't lower timeout by @cgwalters in #2882
- build(deps): bump composefs from
af8e1a7toc9188cdby @dependabot in #2881 - pull: Add error prefixing for corrupt checksums by @cgwalters in #2884
- fix build with lld linker by @kraj in #2880
- Add more error prefixing when parsing commit objects by @cgwalters in #2888
New Contributors
- @dustymabe made their first contribution in #2870
- @aospan made their first contribution in #2874
- @barthalion made their first contribution in #2865
- @kraj made their first contribution in #2880
- @daissi made their first contribution in #2886
Full Changelog: v2023.3...v2023.4
Contributors
cgwalters, barthalion, and 8 other contributors
Assets 3
2023.3
Release 2023.3
NOTE: As usual, some of these commits are actually for the Rust bindings,
which are versioned and released separately.
Colin Walters (14):
configure: post-release version bump
treegen: Require at least one mutation
ci: Turn off errors for deprecated-declarations
ci: Drop workaround for fedora-release-container
rust: Bump MSRV to 1.64
build-sys: Squash automake conditional warning re `.PHONY`
Add clang formatting infrastructure
lib: clang-format `ostree.h`
tree-wide: Fix various include ordering issues
lib: Fix one include
clang-format: Don't align backslashes
tree-wide: Run clang-format
ci: Validate clang-format
tests/inst: Add xshell and use it in one place
Dan Nicholson (3):
tests: Ensure real GIO backends aren't used
ci: Add test configuration with soup3
fetcher/soup3: Rewrite without threads
Daniel Kolesa (1):
fetcher: add libsoup3 backend
Jonathan Lebon (10):
lib/sysroot-cleanup: Convert bootdir listing to dfd-relative
lib/sysroot-cleanup: Make some static utility functions global
lib/sysroot-cleanup: Drop dead code
lib/sysroot-cleanup: Factor out bootfs cleanup
lib/sysroot-cleanup: Make bootfs cleanup function global
libotutil: add utility functions for calculating directory size
lib/sysroot-deploy: Nuke `finalize-failure.stamp` on successful finalization
tests/kola: delete unused .gitignore
tests/kolainst: Add `make localinstall`
lib/sysroot-deploy: Add experimental support for automatic early prune
Joseph Marrero (2):
Release 2023.3
configure: post-release version bump
Philip Withnall (1):
lib/fetcher: Add some debugging messages to the libsoup request path
Full Changelog: v2023.2...v2023.3
2023.2
Release 2023.2
NOTE: As usual, some of these commits are actually for the Rust bindings,
which are versioned and released separately.
Though speaking of bindings in general,
there's a lot of cleanup that landed to the annotations around
nullability in general, which should improve ergonomics. These
changes will be reflected in a future release of the Rust bindings
specifically too.
Otherwise, we have some small tweaks and improvements in various places,
from a performance improvement in commits to test suite fixes.
A notable thing that landed here is fixes for recent GLibs introducing
warnings around unset standard::size.
Thanks to all contributors!
Colin Walters (18):
Add `sysroot.bootprefix` option
deploy: Use `semodule --refresh` if available
configure: post-release version bump
Release rust/ bindings 0.17.1
rust-bindings: Regenerate for 2023.1
rust-bindings: `Sysroot` is `Send`
itest-pull-space: Use mkfs.ext4, align to at least 512b
tests: Set size on fileinfo
Enable `trust_return_value_nullability`
Add docs and fix annotations for ostree-repo-file.c
rust: Bump semver
lib: Fix two nullable annotations
repo: Fix nullability for remote options
rust: Renerate bindings
Revert "repo: Fix nullability for remote options"
rust-bindings: Regenerate
Release 2023.2
configure: post-release version bump
Corentin Noël (3):
build: Do not include private headers in the introspection
libostree: Ignore new_and_connect in the introspection
libostree: Enhance the annotation coverage
Evan Anderson (1):
core: Ensure glib standard::size attribute is always set
Jonathan Lebon (1):
ci: update for new kolaTestIso()
Philip Withnall (1):
lib/fetcher-util: Wake up main context when a request is complete
Seppo Yli-Olli (1):
Increase buffer size for create_regular_tmpfile_linkable_with_content
Simon McVittie (5):
tests: Ensure non-root users have access to libcap tools
ostree_raw_file_to_content_stream: Make size default to 0
_ostree_zlib_file_header_new: Default size to 0
write_content_object: Don't assume file info has standard::size
Use g_steal_fd() in preference to glnx_steal_fd()
Timothée Ravier (1):
docs: Use upstream theme & update to 0.4.1
dependabot[bot] (1):
build(deps): bump libglnx from `4e44fd9` to `07e3e49`
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAg5CRAd4pqfdf6DWMgvDhrcq1x8Q
gQPSQHIoZaiiRTt68AAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
AAAAQJGTvsjNISYt6gOheoejoo2Znn3j11juGWFABJycsMqXxSBRQ7NXOZWJvctyleHVX+
QrLs/Wa0KPgo91tMoenwg=
-----END SSH SIGNATURE-----
New Contributors
- @tintou made their first contribution in #2814
- @nanonyme made their first contribution in #2831
- @evan-a-a made their first contribution in #2834
Full Changelog: v2023.1...v2023.2
Contributors
nanonyme, tintou, and evan-a-a
Assets 3
2023.1
What's Changed
- Release 2022.7 by @cgwalters in #2786
- rust: Bump to 0.17 by @cgwalters in #2787
- lib: assert more invariants by @lucab in #2788
- configure: use pkg-config with newer gpgme and gpg-error by @lucab in #2789
- fetcher: Avoid too large queues for metadata processing by @cgwalters in #2766
- lib/repo-checkout: Add ALLPERMS for musl by @akiernan in #2797
- tests: Handle musl's ERANGE mapping by @akiernan in #2798
- Replace the radix64 crate with base64 by @jeamland in #2799
- bootloader: Add an aboot (Android) bootloader backend by @ericcurtin in #2793
- tests/inst: Update hyper-staticfile to 0.9.4 by @dbnicholson in #2807
- bindings: Use default for uninitialized fields in checkout opts by @cgwalters in #2795
- ostree/prune: Calculate reachability under exclusive lock by @jlebon in #2808
- docs: Fix link to ostree-rs by @tmdh in #2810
- lib/sysroot-upgrader: add some 'nullable' annotations by @lucab in #2792
- Various CLI improvements by @dbnicholson in #2811
- ostree-metadata commit API by @dbnicholson in #1946
New Contributors
- @jeamland made their first contribution in #2799
- @ericcurtin made their first contribution in #2793
- @tmdh made their first contribution in #2810
Full Changelog: v2022.7...v2023.1
Contributors
lucab, cgwalters, and 6 other contributors
Assets 3
v2022.7
(Some of these commits are actually only for the Rust bindings;
will try to enhance the release flow to more clearly filter
those out)
On the feature front, there's new APIs for idempotent delete operations on
kernel arguments, and for handling unshare() to
manipulate (otherwise) read-only sysroot.
A few very small memory leak fixes.
Many people will be happy that we now retry HTTP requests after
receiving HTTP 500 errors.
There's a notable bugfix avoiding rebuilding SELinux policy
when creating a first deployment.
Thanks to all contributors!
Colin Walters (18):
Remove readdir-rand
deploy: Don't rebuild selinux policy on first deployment
ci: Bump memory for ISO testing flow
rust: Update to cap-std 1.0
rust: Drop `openat` dependency
ci: Fix case where cosa != buildroot
rust: Update to gio 0.16
repo: Avoid potential double unwind when writing panic value
Allow missing docs on two `glib::wrapper` functions
sysroot: Add an API to initialize with mountns
rust: Regenerate with latest gir and C sources
tests/inst: Update to latest ostree-ext
tests/inst: Drop nix dependency
tests/inst: Update cap-std-ext to 1.0
tests/inst: Update sh-inline
tests: Require OSTREE_TEST_SUDO to be set to use `sudo`
ci: Add a flow that combines C build and Rust integration tests
Release 2022.7
Jonathan Lebon (4):
ci: Bump memory request, use fcosKolaTestIso
ci: Drop unnecessary outer stage
ci: Use new names for custom kola steps
ci: bump cosaPod memory requirement to 5Gi
Luca BRUNO (20):
configure: post-release version bump
lib/repo-checkout: fix typo in error message
lib/bootloader-zipl: check for errors when opening initrd
lib/static-delta: document and check parameters format
rust/tests: fix static delta generation testcase
lib/sign-ed25519: convert invariant checks to assertions
rust: regenerate bindings after latest release (2022.6)
ostree: manually patch generated files
rust: update manual helpers
ci/rust: bump linting toolchain to latest stable (1.64)
lib/repo-refs: properly return an error value
rust: update pinned gir tool to 0.15
rust/ostree-sys: regenerate for gtk-rs 0.15
rust/ostree: regenerate for gtk-rs 0.15
ci/rust: test from git using latest feature
cargo: prepare ostree 0.16.0 and ostree-sys 0.11.0
copr: only use libostree tags
ci: adjust git tags filtering
cargo: bump minimum Rust version to 1.63
ostree: manually patch generated files
Manuel Stühn (1):
Add test for generating static delta to file
Philip Withnall (4):
ot-builtin-commit: Fix a typo in a command line help string
ot-builtin-commit: Don’t mention a C function name in a help string
lib/pull: Fix a small leak when a variable is reused
ot-builtin-pull: Fix a minor leak with progress reporting
Rafael Garcia Ruiz (2):
ostree_kernel_args_contains for OstreeKernelArgs
Idempotent delete operation for OstreeKernelArgs
Ricardo Noriega (2):
Enabling retry for HTTP 500 internal server error
Add tests for cases under random 500s
Simon McVittie (2):
readdir-rand: Copy full size of struct dirent
Replace calls to g_memdup() with g_memdup2()
dependabot[bot] (2):
build(deps): bump libglnx from `26375b5` to `e701578`
build(deps): bump libglnx from `e701578` to `4e44fd9`
Git-EVTag-v0-SHA512: 9cbc7a178f1cc0dbda25ea1af5f9d4991f41c28768826c44cf2d42333c0677b22daaef6532eb075931f6c5622947780daaa1ec4a5fc64e2adef230feaed372c7
2022.6
This release contains a collection of bugfixes and enhancements. Notable fixes concern finalize-staged, which should now better support automounted partitions and skip waiting for termination signal.
A file descriptor leak has been fixed in the commit logic. The codebase has also been fixed to avoid conflicting declarations when building with latest glibc (>= 2.36). Thanks @GeorgesStavracas for both fixes!
On the feature side, there is now basic support for handling overlayfs whiteouts on checkout through a new --process-passthrough-whiteouts flag. This is useful for users that need to carry container storage embedded into ostree commits. Thanks @mangelajo for that!
The ostree rev-parse command gained a new --single flag to better support repositories containing exactly one commit.
Overall, the s390x Secure Execution (SE) logic has been reworked to stop relying on glue scripts.
Thanks to all contributors!
Andrea Perotti (1):
Fix recursive git archive reference
Colin Walters (12):
configure: post-release version bump
rust-bindings: Fix `cargo fmt`
deny.toml: Add `Unicode-DFS-2016`
Remove unused `linux/fs.h` includes
Move FIFREEZE/FITHAW ioctl invocations into linuxfsutil.c
cli/rev-parse: Port to new code style
cli/rev-parse: Add `--single` option
rust: Update to latest git
ci: Also drop seccomp on debian testing
rust: Bind `ostree_repo_list_commits_starting_with`
finalize-staged: Don't listen to `SIGTERM`, just let kernel exit us
README.md: Link otto
Dan Nicholson (3):
main: Factor out sysroot loading
finalize-staged: Ensure /boot automount doesn't expire
lib/pull: Fix max-metadata-size documentation
Georges Basile Stavracas Neto (1):
lib/commit: Unref repo on success
Huijing Hei (1):
Fix `ostree admin kargs edit-in-place` assertion when deployments are pending
Jon Oster (1):
docs: Add aktualizr and TorizonCore to related projects
Jonathan Lebon (3):
lib/commit: Directly use FICLONE for payload link
tests/kolainst/staged-deploy: parse `rpm-ostree status --json` instead
docs: Add section about staged deployments
Luca BRUNO (7):
libostree: fix a typo in annotation
lib/bootloader: assert invariants
lib/mtree: drop redundant name checks
otutil: add error handling to variant builders
lib/sign: convert invariant checks to assertions
lib/repo: properly initialize boolean variable
lib/sysroot-deploy: explicitly handle `g_variant_lookup` results
Lukas Kalbertodt (1):
Update to `libtest-mimic` 0.5.0
Miguel Angel Ajo (1):
Support overlayfs whiteouts on checkout
Nikita Dubrovskii (3):
s390x: ensure both 'root' and 'boot' luks keys exist
s390x: simplify 's390x-se-luks-gencpio' script
s390x: use 'libarchive' to modify initrd in SE case
Sam James (1):
buildutil/glibtests.m4: fix bashism
dependabot[bot] (1):
build(deps): bump libglnx from `c59eb27` to `26375b5`
git-bruh (1):
ostree-fetcher-curl: check for HTTP2 support before trying to use it
Contributors
mangelajo and GeorgesStavracas
Assets 3
2022.5
This release fixes a denial of service security issue: GHSA-gqf4-p3gv-g8vw
The core fix is in sign/ed25519: Verify signatures are minimum length in 83e6357 which should be an easily backportable commit. (There's some further changes to add test coverage for this that can be ignored)
This only affects builds that use libsodium; it is however remotely reachable (assuming that the client is talking to a compromised server; ordinarily exploiting this would require that or breaking TLS/https). Thanks to @DemiMarie for the report!
Additional highlights are:
- Greatly improved performance for
ostree pruneon large repositories - Support for in-place kargs changes
Thanks to everyone who contributed!
Chris Mucciolo (1):
docs add debos to readme distribution build tools
Colin Walters (44):
configure: post-release version bump
repo: Optimize memory use of `ostree_repo_list_objects()`
rust: Bump semver, add feature for current release
repo: Further optimize `ostree_repo_list_objects_set()`
ci: Add a flow that does a git libostree + git rust-bindings
prune: Also use object set API in `ostree_repo_prune_from_reachable()`
lib: Fix symbol versioning inheritance
tests/inst: Bump the version of ostree-ext
rust-bindings: Fix repository reference
rust-bindings: use correct README.md
rust-bindings: Update cargo package list
rust: Switch to 2021 edition
ci: Bump MSRV
rust: Use inline `format!` variables in a few places
repo: Document non-obvious way to list all commits
fsck: Don't load all object names into memory
fsck: De-indent loop
fsck: Move most commit processing into helper function
fsck: Use `load_variant_if_exists`
rust-bindings: Wire up `tests/`
cli/os-init: Port to C99 style
cli/undeploy: Port to C99 style
cli/unlock: Port to C99 style
cli/config: Port to C99 style
cli/diff: Port to C99 style
cli/gpg-sign: Port to C99 style
cli/remote-list: Port to C99 style
cli/refs: Port to C99 style
ci/rust: Enable `cap-std-apis` in default build, add a no-feature build
ci/rust: Change MSRV to `cargo check`
Fix clippy lint in cap-std bits
rust: Bump semver to 0.15
Bump to cap-std 0.25 and io-lifetimes 0.7
repo: Metadata return values from `load_file` are not nullable
tests/staged-deploy.sh: Hack around cosa systemd unit check
tests/inst: Port to cap-std
lib: Stop using old `ostree_sysroot_get_repo()` API
deny: Sync with rpm-ostree
deploy: Ensure sysroot is initialized for kargs in place
sysroot: Have `ensure_writable` also always initialize
sysroot: Add a few more assertions about `boot_fd`
sign/ed25519: Verify signatures are minimum length
rust: Add a test case for ed25519
Release 2022.5
Huijing Hei (4):
RFE: Add a hidden option to `ostree admin kargs edit-in-place` to update all existing deployments in place
Fix `ostree admin kargs edit-in-place` fails issue
Add test to verify `ostree admin kargs edit-in-place` working
Update doc about adding new function to libostree
Jonathan Lebon (2):
Drop `.packit.yaml`
tests/inst/destructive: stop disabling fedora-coreos-pinger
Matthias Beyer (1):
Fix link to rust bindings
Nikita Dubrovskii (1):
s390x: rename sd-boot to sdboot
Saqib Ali (2):
lib/prune: speed up pruning by retrieving only commits
ostree-repo: bls-append-except-default followup
Simon McVittie (1):
test-basic-c: Don't assert that extended attributes are available
Full Changelog: v2022.4...v2022.5
Contributors
DemiMarie
Assets 3
2022.4
The big change in this release is that we have merged the Rust bindings repository into the main one:
#2575
As of right now though, this is just (somewhat) simplifying development of the Rust bindings, as we can now more easily share CI configuration and a single PR can add a new API and update the Rust bindings in one step.
As of right now though, the "libostree" C library will still be buildable without depending on Rust itself. We may change that in the future; for more, please see and discuss at: #2427
There are a few other additions in this release:
- A new repository option
bls-append-except-defaultintended to help with enabling GRUB password locking - Further fixes for s390x SE
- Various CI improvements
- Several API additions and fixes to the Rust bindings (on top of the prior release)
Colin Walters (80):
configure: post-release version bump
repo: Add concurrency=send
ci: Add GH action to build
Update to 2021.2
Bump versions
Bump sys version requirement
Mark src/auto/* as generated
ci: Fix buildroot to use new official image
Update to glib 0.14
Bump versions
Add 2021.3 feature
Re-export glib, gio
Deny unused results, warn on missing docs (except auto/)
Add new GLib 0.14 variant types for metadata types
Add more documentation for --features=v2021_3
Fix build with --features=v2021_3, use in CI by default
Use glib-sys via re-exported `glib::ffi` (and similar for gio)
Release 0.12.2
lib: Export ffi too
Cargo.toml: Bump to glib 0.14.4
Release 0.12.3
Release 0.13
sys: Release 0.9.0
lib: Reexport libc::AT_FDCWD
Make `SePolicy` have `Send`
repo: Expose dfd_as_file()
(cargo-release) version 0.13.1
(cargo-release) start next development iteration 0.13.2-alpha.0
repo: Add `auto_transaction` and `TransactionGuard`
(cargo-release) version 0.13.2
(cargo-release) version 0.13.3-alpha.1
Update to 2021.5
Bump ostree-sys version
(cargo-release) version 0.13.3
(cargo-release) start next development iteration 0.13.4-alpha.0
repo: Add `require_rev` method
repo: Add an API to read and parse directory metadata
Release 0.13.4
Add a `cap-std-apis` feature with open/create
repo: Add two more cap-std APIs
Add `COMMIT_META_CONTAINER_CMD` constant
Release 0.13.5
Fast-track fix for `ostree_gpg_verify_result_get_all()`
Release 0.13.6
Add manual bindings for MutableTree reading
repo: Add `query_file` API
lib: Run `cargo fmt`
Add a `repo()` accessor to `TransactionGuard`
build-sys: Adjust for merge of ostree-rs
docs/ima: Also link the SUSE docs
cfg.mk: Don't even look at rust-bindings/
Add APIs to get xattrs from disk
tests/inst: Fix install rules for ostree-rs merger
ci: Work around GH actions `container:` + git + security bug
tests/inst: Add .gitignore
ci: Move rust-bindings CI to toplevel
rust-bindings: Remove some unused CI/test bits
Merge pull request #2602 from cgwalters/fix-docs-ci
Merge pull request #2601 from cgwalters/expose-get-xattrs
Merge pull request #2575 from cgwalters/merge-ostree-rs
ci: use cargo-deny
sysroot: Quiet one gcc `-fanalyzer` warning
sysroot: Strengthen several `g_return_if_fail` into `g_assert()`
ci: Drop gcc `-fanalyzer` by default
ci: Drop all `runAsUser: 0` in builds
Merge pull request #2608 from cgwalters/fanalyzer-fixes
ci: Move codestyle and min build to GH actions
Merge pull request #2580 from nikita-dubrovskii/sdboot_partition
Merge pull request #2612 from HuijingHei/deploy-karg-delete
Merge pull request #2605 from saqibali-2k/pr/bls-append
ci: Drop libsoup build in jenkins
ci: Drop an unused files
ci: Add a codestyle.sh
gitignore: Add ci-build/
Rename ostree-cmdprivate to drop out of introspection
Drop `OSTREE_BUILT_FEATURES` from introspection
rust-bindings: Delete committed gir files
rust-bindings: Use OSTree-1.0.gir from our own builddir
rust-bindings: Update to latest git
Release 2022.4
Dusty Mabe (1):
Merge pull request #2614 from nikita-dubrovskii/issue-2867
Felix Krull (357):
Add config file and gir files
Add initial gir output
Add external libraries and regenerate
Update names and dependencies
Add manual definition for stat
Start describing libostree
Add build files for libostree
Generate
Add some basic types and regenerate
Add a prelude module for star imports
Add a test/sample program
Add additional 'new' method to Repo
Add as much of Repo as easily possible
Integrate docs into source
Generate functions and constants
Try implementing traverse_commit by hand
Ignore Cargo.lock in libs
sample: try to extract a file from the repo
Add ObjectName wrapper to solve hashing issues
repo: change custom new method to std::path::Path-alike
repo: remove now-incorrect comment
object_name: extend ObjectName
Add RepoListRefsExtFlags
repo: implement list_refs and list_refs_ext
Add simple repo roundtrip test
Remove sample
Add Makefile
Regenerate libostree-sys
Regenerate libostree
repo: newlines
Add docs to generated files
Copy autodocs to hand-implemented methods in RepoExtManual
Generate docs for RepoExtManual
Ignore internal structs in libostree-sys
Regenerate libostree-sys
Add include to make libostree-sys tests work
Run cargo fmt on the custom code
Explicitly implement PartialEq for ObjectName to satisfy clippy
Exclude generated code from clippy
Un-bump versions
Add workspace Cargo.toml
Add CI config
Install libostree in CI
Use libostree from backports
Also install libostree-dev for libostree builds
Install libostree for everything, actually
Do release build and simply job names
Remove package stage for now
Add some metadata to libostree-sys
Add libostree-sys publish step
Fix libostree-sys publish step
Fix Gitlab URL & remove readme
Add docs build
Always build docs
Only publish for master & set docs urls
Remove release builds
Bump -sys version
Try setting up docs.rs capable build
libostree-sys: switch to docs.rs and add license file
libostree: add metadata, readme, and license file
Disable libostree docs
Strip the libostree docs
Bump -sys version
Add libostree release task
libostree-sys: remove license file
libostree: include API docs at build time using a feature flag
Remove docs targets
Build API docs with LGPL parts
Always build docs
Fix docs build hopefully
Keep only one license file in the repo root
Add a symlink to the package readme in the repo root
Move readme to repo root and copy it to the code prior to packaging
Update docs back to self-hosted
Add Gitlab badge
Bump versions
Add LICENSE to packages
Update readme a lot
Add badge-with-link to docs
Fix -sys pre-package
--allow-dirty to deal with the extra files we copy in
Add back API docs merge to Makefile
Remove lgpl-docs feature
Update readme
Add CMake to build gir
Add features
Move main crate into repo root
Move installed tools into target/tools
Exclude unnecessary files correctly
Update gitlab-ci.yml
Get rid of pre-package workaround
Reorganise gitlab-ci.yml a bit
Move libostree-sys/ to sys/
Remove some methods that are not generated correctly
Test with all features
sys: regenerate
Repo rename
Pin gir version
Remove version constants to fix build with different libostree versions
Remove unnecessary gir/* aliases
Rename libostree-sys to ostree-sys
Rename libostree to ostree
Rename libostree to ostree
Add note about crate rename
Update base gir files
Update OSTree gir and regenerate
Test sys with v2018_9 until I can get 2019.2 for CI
Add explanatory comments to ostree-sys.toml
Fix features in Repo
Build CollectionRef manually
Fix return type for CollectionRef::new
Add some sanity tests for CollectionRef
Sanity test for ObjectName
Fix a few more missing methods
Add some tests for Repo
Fix some issues with RepoFile
Add some explanatory comments to gir config
Pin rustdoc-stripper version
Add more types
sys: regenerate with external version file
Add version features
Update gir version
sys: regenerate with new gir
Add missing version features
Regenerate and update to new gir and glib-rs version
Build with older libostree version for now
Reorganise test code
Switch to generated CollectionRef
Clarify reasons for async exclude
Fix
Add docs for methods that were moved to RepoExtManual
Switch ObjectName to GString
Add some more unsorted types
Refactor tests and add test for traverse_commit
Don't allow nightly runs to fail
Add other interesting pipeline stages
Don't separately build ostree-sys with nightly
Disable CollectionRef tests on too-old features
Suppress unused import warnings in generated code
Try caching
...
2022.3
A big patch landed to update our baseline GLib requirement to 2.66
(in preparation for a libsoup update, which is also coming). Thanks
so much to Daniel Kolesa!
Various test suite improvements and documentation improvements;
we now publish man pages! Thanks Dan Nicholson.
How to use Linux IMA with ostree is now documented - this
I think is a key point in helping "bridge" between the original
goal of ostree being a "flexible" Linux system with the stronger
security guarantees of other systems that use e.g. dm-verity.
More to come here!
A few static analyzer fixes (nothing critical). Some improvements
to the test suite.
As far as bugfixes, there's a notable one to the OstreeRepoAutoTransaction
refcounting that showed up in valgrind.
And last but not least, we finally closed a longstanding conflict
between ostree and per-machine SELinux policy customizations; ostree
learned how to use bubblewrap to create a container targeting
the pending deployment to re-build the policy if necessary.
Thanks so much to all contributors!
Colin Walters (17):
configure: post-release version bump
tmpfiles: Create `/run/ostree`
tests: Stop using inventory crate
Update to nix 0.23
Update to ostree-ext 0.6
Update to rand 0.8
ci: Disable Ubuntu LTS
ci: Update docs workflow to use fcos-buildroot
Update to sh-inline 0.2
deploy: Be a bit more verbose about SELinux bits
libarchive: Handle `archive_entry_symlink()` returning NULL
fetcher/curl: Consistently check return value `curl_easy_setopt`
ci: Mask zincati for synthetic update
docs: Add new IMA document
Update docs/ima.md
Add an `ostree-boot-complete.service` to propagate staging failures
Release 2022.3
Damiano Donati (1):
README.md: update ostree-rs language binding link
Dan Nicholson (5):
man: Remove unnecessary nbsp's from ostree man page
man: Allow building HTML man pages
man: Use custom XSL stylesheet for HTML output
man: Create an HTML index
docs: Publish man pages
Daniel Kolesa (1):
glib: bump glib requirement to 2.66 and port to GUri
Jan Tojnar (1):
tests/test-cli-extensions: Fix with single-binary coreutils
Joe Talbott (1):
Add Fedora Kinoite link to index.md also.
Luca BRUNO (2):
apidoc: add missing page includes
tests: move fixture to fix installed tests
Ondrej Mosnacek (1):
deploy: Try to rebuild policy in new deployment if needed
Philip Withnall (1):
ostree-repo-pull: Take correct out path on error
Simon McVittie (5):
s390x-se-luks-gencpio: Fix shebang syntax
s390x-se-luks-gencpio: Use interoperable path for bash
test-prune: Read to the end of cut(1) output
repo: Factor out _ostree_repo_auto_transaction_new()
repo: Correctly initialize refcount of temporary transaction
Git-EVTag-v0-SHA512: 1e1ef032836c9b65dcd4de8140e4b742e73b87432c7ffa47cc7cc47e95a74680ff03f872295f8e4af316869ceabcfb74a65ec447bf005998ad1a2220fc5bbfbb
-----BEGIN PGP SIGNATURE-----
iQFHBAABCgAxFiEEq5KKnPjdBikJw3u93EX9WSHBPwsFAmJyzoYTHHdhbHRlcnNA
dmVyYnVtLm9yZwAKCRDcRf1ZIcE/C0f1B/9Zk7vSRF7HT+ErhcRmrFyTeC2bzl+C
D2lv4K4QLtwo2LgSm06GtztRIxqCGE+8g4G68VPqbh+BZ9i4HXaiI8bfIPQTCY2w
c2ITP81hdAZ23Ns8o/8qbF18usCVpjTyhzBHmgVbq+MSzsfjfjZE1yqxup2VYn1k
4T8UOQVJA2YR3TJkLLzsca1py8UkRkV9qfaTn6+VG6msuscUNrTHUkuc6kzsG6nd
Lsc8ijecusvyxpmwWHJ0LdBpBiC5mbzCdw2kIF10cl1XzNUI/2n2j26RmNx/RoW0
4Paib05G8o567PhawY653lPLP3+/SQ2HLVCQPoAv4lEL13yZ1QOVe2vO
=dt+M
-----END PGP SIGNATURE-----
2022.2
A usual collection of bugfixes and smaller enhancements. There is at least one bugfix worth calling out, which is #2549 that affects reliability of pulls with static deltas. It's a nicely self contained change, and if you aren't in a position to update to this latest release, we suggest cherry picking it.
On the feature side, there's a new ostree prune --commit-only which allow decoupling deleting unreachable (or undesired) commits from actually deleting the referenced objects, so object garbage collection can be delayed for a later time, or amortized.
The summary file now contains version information, which can help avoid fetching commits just to display that (often desired) metadata.
Another notable feature is initial read side support for the new bare-split-xattrs repository mode that was created as part of the "ostree native containers" work in https://github.com/ostreedev/ostree-rs-ext/ We haven't yet committed to marking that as production ready and stable ~forever, but it's getting close.
Thanks to all contributors!
Christian Hergert (2):
lib/util: add syslog.h for ot_journal_print()
lib/bootloader: use ot_journal_print() instead of sd-journal
Colin Walters (11):
main: Also support CLI extensions in `/usr/libexec/libostree/ext`
sysroot: Add a public `#define OSTREE_PATH_BOOTED`
deploy: Add a 5s max timeout on global filesystem `sync()`
deploy: Also log to journal if we time out global sync()
core: Mark `ostree_create_directory_metadata` as `(not nullable)`
lib/tar: Add some error prefixing
build-sys: Drop `-Werror=aggregate-return`
mtree: Use declare-and-initialize style
mtree: Load traversed subdirs when creating parents
Release 2022.2
configure: post-release version bump
Dan Nicholson (3):
github: Workaround glib/seccomp issue on Ubuntu impish
lib/repo: Add commit version metadata to summary metadata
.lgtm.yml: Fix gpgme dependency
Jonathan Lebon (9):
lib/deploy: When deleting staged deployment, delete any lock
ostree/deploy: Test finalization locking
tests/kolainst: Avoid recursive symlinks
ci/libbuild.sh: drop yum/CentOS support
ci/make-git-snapshot.sh: fix archive name
ci/make-git-snapshot.sh: auto-initialize submodules
ci/make-git-snapshot.sh: xz the archive
Add COPR integration Makefile
lib/gpg-verify-result: Add missing floating annotation
Luca BRUNO (14):
configure: post-release version bump
libotutil: avoid leaking builder memory on error
ostree: check g_setenv return value
libostree/sepolicy: get rid of a g_setenv() call
lib/commit: always validate metadata
lib/commit: reject empty metadata keys
builtin: use GCancellable and GError everywhere
lib/repo: open file only if required
lib/commit: clean up assertions
lib/core: introduce two new object types for split xattrs
lib/core: introduce 'bare-split-xattrs' mode
lib/repo: read split xattrs content from file-xattrs-link objects
lib/commit: disallow writing content in 'bare-split-xattrs' mode
tests/basic-bare-split-xattrs: add fixture, check read logic
Marco Melorio (2):
man: Fix typo in ostree-admin-switch
man: Fix typo in ostree-find-remotes
Nikita Dubrovskii (2):
s390x: add "IBM Secure Execution for Linux" support
s390x: add LUKS keyfile to 'sd-boot'
Phaedrus Leeds (2):
Fix marking static delta commits as partial
lib/repo-refs: Remove misleading newline
Saqib Ali (4):
src/ostree: Add --commit-only option to ostree prune
man/prune, bash: Add --commit-only flag for ostree prune
tests/test-prune.sh: expand testing for --commit-only
tests/test-prune.sh: Use TAP API
Simon McVittie (2):
libotutil: Avoid infinite recursion during error unwinding
Update submodule: libglnx
dependabot[bot] (2):
build(deps): bump libglnx from `803adaf` to `88da8dd`
build(deps): bump libglnx from `88da8dd` to `c71f7ae`