The covered timespan is a bit longer than usual and even if it encompasses the end of the year holidays, the number of changes in the various Sailfish OS repositories is really large. Let's highlight some of the changes that will likely be part of the next release:
- many library updates, fixing CVEs, like in
libtifforbluez5, - connectivity fixes in IPv6 networks with the work on CLAT in
connman, - a new "in-line" way to reply to notification (see changes in the repositories related to the user interface),
- immediate locking of the device when taping on the lock icon in the top menu,
- and for developpers, version upgrades of different base tools, libraries and compilers. If not yet merged in, definitely worked on are a GCC update to 10, a
glibcupdate to 2.38, an LLVM update to 15, arustupdate to 1.75 andglib2update to 2.78.
About version updates, this repository roundup is not mentioning enough the work of flypig (and many other contributors) on updating the browser to ESR91. Finally, a special mention also to attah who's contributed to a significant amount of package upgrades in the past weeks and months.
libqofono, Qt bindings for Ofono, pvuorela, while checking for a bug in Ofono / QOfono, commited some code changes bringing more context on DBus errors.
-
bluez5, the Linux Bluetooth stack, mal worked on moving to version 5.76. This also fixes some recent CVE issues and replace an earlier attempt at fixing those. -
kf5bluezqt, the KDE framework handling Bluetooth, pvuorela updated it to 5.112.0. -
messagingframework, the email Qt framework, pvuorela upstreamed one of the patch used by Sailfish OS for a long time and thus rework the packaging to remove this patch. This patch introduced the possibility to ignore SSL errors on connections. -
nghttp2, a server and proxy HTTP 2 implementation, mal updated it to 1.58.0. -
c-ares, a library that performs asynchronous DNS operations, mal updated it to 1.23.0. -
ssu-sysinfo, tools and libraries for getting ssu information, abranson's patch exposing Bluetooth tethering hardware feature has been merged in. -
nemo-qml-plugin-systemsettings, a QML component used by the Settings app, abranson exposed Bluetooth tethering hardware feature. -
libphonenumber, a library for manipulating international phone numbers, mal upgraded it to 8.13.27. -
wpa_supplicant, for accessing WPA and WPA2 protected WiFi networks, pvuorela reenabled WEP. -
connman, the connection manager, LaakkonenJussi pulled a patch from upstream fixing an issue with timezone in case of an empty subpath and another one fixing CVE-2023-28488. Several commits went in related to the work on the CLAT dual-index support. -
nemo-qml-plugin-email, QML bindings for emails, dcaliste fixed a crash when removing attachments from a draft. He also provide a getter in the attachment model to expose the file size, so it can be displayed in the attachment list in the email composer. -
nfcd, the daemon for near field communication, slava is working on card emulation.
-
libvpx, a VP8/VP9 video codec library, mal updated it to 1.13.1. -
pulseaudio, the sound daemon and much more, pvuorela removed theintltoolbuild dependency. -
gst-droid, plugin for GStreamer allowing to use hardware accelerated codecs, b100dian is working on adding stters and getters to control the sharpening and noise reduction from Camera2 API. -
gupnp, the GLib UPnP library, mal proposed an update to 1.6.6, and also to update theavplugin to 0.14.1 and thedlnaone to 0.12.0, also moving the repositories to use submodule. -
rygel, a collection of UPnP/DLNA services, mal worked on a upgrade to 0.42.5. -
libsndfile, a library for reading and writing sound files, vigejolla updated it to 1.2.2, fixing CVE-2022-33065. -
libtiff, a library to read TIFF image files, vigejolla updated it to 4.6.0, also fixing CVE-2023-6277.
-
lipstick, the home screen code (open source parts), pvuorela introduced a new hint to be able to store the priviledge level of notifications. -
commhistory-daemon, the daemon handling call and message history, pvuorela changed the reply method for SMS, switching to a inline text one. -
sailjail-permissions, the configuration files for system-wide sandbox permissions, pvuorela dropped the legacyorg.nemomobile.qmlmessagesD-Bus service exposed by the messages application. -
nemo-qml-plugin-notifications, QML bindings to the Freedesktop notification system, pvuorela added support for a hint called "resident", so notification is not automatically discarded when an action is done, but need to be explicitely removed by the user or the sender. -
mce, a framework exposing hardware status of display, buttons…, spiiroin provided a patch to use the kernel time to filter multipress of the power button, instead of an internal timer. This pull request also changes the display off command to use a bitmask instead of values, adding a mask asking to lock the device, see the commit message. As explain in that commit, this mask is now used by default, meaning that tapping the lock icon in the top menu will actually immediately lock the device and not just turn the screen off. It is possible to get back to the old behaviour withmcetool --set-display-off-override=disabled. -
nemo-qml-plugin-devicelock, QML bindings for device lock access, spiiroin ensured that the manual locking is properly honoured and don't start a timer.
-
dconf, save user or system properties, pvuorela removed the build dependency onintltoolsince the dconf editor has been split out of the repository for more than 8 years already. -
libsoup, the web access library based on GObject, pvuorela updated it to 2.74.3. -
cups, the standards-based printing system, mal has upgraded it to 2.4.7. -
tracker, desktop-neutral metadata database and search tool, pvuorela removed the build dependency onintltooland also fromtracker-miners. -
glib-networking, network extensions for GLib, pvuorela removed the build dependency onintltooland usegettextinstead. attah is also proposing an update to 2.78.0. -
shared-mime-info, the Freedesktop MIME info database, pvuorela updated it to 2.4. -
systemd, a system and service manager, pvuorela changed the build dependency fromintltooltogettext. mal included a backport detectingstatxcall fromstat.h. -
abseil-cpp, a C++ library designed to augment the C++ standard library, nephros updated it as a dependency ofprotobufbeing itself required by various applications in Chum. -
libgcrypt, a general purpose cryptographic library, mal updated it to 1.10.3. -
libpng, the library to read Portable Network Graphic formats, attah updated it to 1.6.40. -
aspell, a spell checker, markolemmetty updated it to 0.60.8.1, fixing CVE-2019-25051 vulnerability. -
libxml2, an XML parsing library, markolemmetty addressed CVE-2023-45322 in an update to 2.12.3. -
gssdp, the GLib SSDP resource discovery library, mal proposed its update to 1.6.3. -
iptables, tools for managing Linux kernel packet filtering capabilities, *attah updated it to 1.8.10.
-
gcc, the GNU compiler collection, mal submitted a push request to move to version 10.3 (from 2021), while GCC is currently in version 8. -
ltrace, a tool to log dynamic library calls, mal updated it to latest upstream version. -
extra-cmake-modules, , pvuorela upgraded it to version 5.112. This was required to upgrade KDE Bluez stack. -
qml-rpm-macros, RPM macros to handle QML, pvuorela updated the dependency tool to properly treat comment lines, like the one generated by recent version of ECMQmlModule. -
file, the command-line utility to determine file types, mal suggested to update to version 5.45. -
git, the famous version control, mal updated it to 2.43.0. -
vim, the text editor, mal updated it to 9.0.2167. -
byacc, a parser generator, mal updated it to 20230521. -
less, the utility than can do more, mal updated it to 649. -
build-compare, scripts to find out if the build result differs to a former build, keto has merged the upgrade of the package to upstream version 2023.06.17. -
zlib, the compression library, mal merged in his pull request to update zlib to version 1.3. -
e2fsprogs, utilities to manage ext2, ext3 and ext4 file systems, mal updated it to 1.47.0. -
libarchive, a library to handle compressed formats, mal updated it to 3.7.2. -
elfutils, tools to manage dynamic libraries, mal updated it to 0.190. -
udisks2, the udisks daemon serves as an interface to system block devices, pvuorela removed the build dependency onintltoolsince upstream moved togettextin 2019. -
libgsf, a library to read structured files, pvuorela removed unnecessary build dependencies (intltoolandperl-XML-parser). -
python3-imaging, a Python module to handle images, pvuorela changed the dependency forpython3-develinstead ofpython2. -
sudo, command line tool to gain super user priviledges, mal updated it to 1.9.15.p4. -
tcpdump, a network traffic monitoring tool, mal updated it to 4.99.4. -
screen, a screen manager that supports multiple logins on one terminal, mal updated it to 4.9.1. -
gobject-introspection, a tool to create bindings from C code, pvuorela removed the unnecessary build dependency onintltool. -
python-lxml, python bindings forlibxml2andlibxslt, nephros packaged the documentation in a different RPM, saving 1.1MB of installed disk space. -
libcap, a library for Linux that uses POSIX capabilities, mal updated it to 2.69. -
sdk-setup, part of the Sailfish SDK, vigejolla fixed the test ensuring tabs are allowed in spec files. -
lua, the scripting language, pvuorela updated it to 5.4.6 and updatedlua-posixto 36.2.1. -
pcre2, the regular expression library, mal introduced it in Sailfish OS from the packaging in Fedora. -
glib2, the Glib library from GTK / Gnome, mal worked on an upgrade to 2.78.3. -
openssh, the OpenSSH implementation of SSH protocol, mal updated it to 9.6p1. -
glibc, the C library, mal fixed a compiler issue with variable definitions being present several times, which confuse some specific linkers. -
rust, the memory safe programming language, rubdos and direc85 are working on updating to Rust 1.75.0. -
tar, the file aggregation tool, attah updated it to 1.35. -
meego-rpm-config, specific rpm configuration files for Sailfish OS, Thaodan proposed to change three elements in the RPM macro definitions: remove the (modified) copy of%make_installin favour of%qmake5_installwhen applicable, removing oflafiles (internal files generated blibtool) from packages through a newbrp-remove-la-filesscript, and an explicit handling of static libraries. -
osc, the command line interface to work with OBS (the Open Build Service), Thaodan updated it to latest version 1.5.1. -
rpm, a software package format and tools, on post installation, the RPM database is now reinitialised, instead of copying the database files thanks to keto's work. Taodan fixed a packaging issue when dependencies were hard-coded instead of letting the tool to determine them by itself. mal simplified the packaging of the Python distribution by using%py3_buildand%py3_installmacros. -
zypper, a package manager, mal proposed to update it to 1.14.68 and its library companion to 17.31.27. -
grep, the searching command line tool, mal updated it to 3.11. -
qemu-usermode, a universal CPU emulator, mal changed thestatxcall to use the one fromglibcinstead of the syscall one. Like that sb2 will be able to intercept the call. -
fakeroot, gives a fake root environment, mal updated it to 1.29, but the merge is still pending on a generalglibcupdate. -
scratchbox2, the cross-compilation tool used by the SDK, vigejolla corrected an improper detection ofccache. mal proposed to add a wrapper forstatxcall.