summaryrefslogtreecommitdiff
path: root/libre
AgeCommit message (Collapse)Author
2022-01-10updpkg: libre/linux-libre-hardened 5.15.12.hardened1-1David P
Signed-off-by: David P <megver83@parabola.nu>
2022-01-10updpkg: libre/linux-libre-pae 5.15.12-1David P
Signed-off-by: David P <megver83@parabola.nu>
2022-01-08systemd-250.1-1.parabola1: updating versionOmar Vega Ramos
2022-01-06pacman: hardcode the architecture in pacman.conf to avoid breaking systemsDenis 'GNUtoo' Carikli
Without that fix, when creating a chroot with the following commands on Parabola x86_64, the resulting chroot is 64bit: # mkdir rootfs # pacstrap -C /usr/share/pacman/defaults/pacman.conf.i686 ./rootfs/ # file rootfs/usr/bin/pacman rootfs/usr/bin/pacman: ELF 64-bit LSB pie executable, x86-64, [...] In addition, if we run Parabola i686 on an x86_64 computer with linux-libre-64, and that we try to install packages (after pacman -Sy), some packages will refuse to be installed because they have dependencies on 64bit libraries packages while we have 32bit ones instead: # pacman -S e2fsprogs resolving dependencies... looking for conflicting packages... error: failed to prepare transaction (could not satisfy dependencies) :: installing e2fsprogs (1.46.5-1) breaks dependency 'libss.so=2-32' required by krb5 :: installing e2fsprogs (1.46.5-1) breaks dependency 'libcom_err.so=2-32' required by krb5 but packages without such dependencies (like xterm or coreutils) can be installed without warnings and we end up with non-working packages: # pacman -S xterm [the installation proceeds] # file /usr/bin/xterm /usr/bin/xterm: ELF 64-bit LSB pie executable, x86-64, [...] # xterm bash: /usr/bin/xterm: No such file or directory So it's a good idea to hardcode the architecture by default. The Arch Linux 32 installer uses auto to auto-detect the CPU currently in use to select matching repositories. But in Parabola, for x86 32bit we only have one i686 repository and no pentium4 or i586. In addition, all the Parabola installers don't depend on auto (the multi architecture installer has two complete Parabola systems, one for i686 and one for x86_64, so it doesn't need auto). Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2022-01-05Update libre/your-freedomParabola automatic package builder
2022-01-05updpkg: libre/nextcloud-client 2:3.4.1-1.parabola1David P
Signed-off-by: David P <megver83@parabola.nu>
2022-01-05updpkg: libre/linux-libre-lts 5.10.89-1David P
Signed-off-by: David P <megver83@parabola.nu>
2022-01-04updpkg: libre/linux-libre 5.15.12-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-12-31systemd-250-4.parabola1: updating versionOmar Vega Ramos
2021-12-16uboot4extlinux-sunxi: Fix u-boot FSDG complianceDenis 'GNUtoo' Carikli
U-boot contains some nonfree software, for instance nonfree microcode in arch/x86/dts/microcode/, so this commit removes that. This commit also removes instructions to install nonfree software. While these instructions were not shipped in any of the binary pakcages generated by this PKGBUILD, it's still a good idea to also clean that up in the long run: - Parabola has also PKGBUILDs for other SOCs, and ideally we could expand to cover as many computers as possible if the computers are supported in upstream projects (like u-boot) and that they don't require too much extra maintenance. Having already a cleaned up u-boot to base the PKGBUILDs on could help factorizing the code and sharing the work on the u-boot code review process. - Other FSDG compliant distributions already have u-boot (like Guix) or might be interested in shipping u-boot (like Replicant), so it would be a good idea not to duplicate the work again and again. In the future the code that removes the nonfree software and the problematic documentation should be moved in a reusable script (that could still be run in mksource), possibly in its own package, in order to be reusable accross different distributions and u-boot PKGBUILDs. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-12-15systemd-249.7-2.parabola1: updating versionOmar Vega Ramos
2021-12-11add ip-connect.info mirrorbill-auger
2021-12-10[iceweasel]: update branding checksumbill-auger
2021-12-10libre/iceweasel: Bump to 95.0 with upstream changesgrizzlyuser
2021-12-07libre/iceweasel: update to 94.0 from upstreamsgrizzlyuser
2021-12-07[rz-cutter]: add pkgbill-auger
2021-12-08Update libre/your-freedomParabola automatic package builder
2021-12-05[qtcreator]: tweak for i686bill-auger
2021-12-05[qtcreator]: upgrade to v6.0.0bill-auger
2021-12-05[qtcreator]: upgrade to v5.0.3bill-auger
2021-12-05[quassel]: pin to current 'icu' sodepsbill-auger
2021-11-30Update libre/your-freedomParabola automatic package builder
2021-11-30[pacman]: minimize per-arch keyring dependsbill-auger
2021-11-30housekeepingbill-auger
2021-11-30[blender]: tweak for 32bit targetsbill-auger
2021-11-30[libre-testing/icedove]: add packagebill-auger
2021-11-28Update libre/parabola-keyringParabola automatic package builder
2021-11-28libre: netpbm: Add forgetten patches from Arch LinuxDenis 'GNUtoo' Carikli
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-28libre: netpbm: update to 10.73.36 by syncing with Arch LinuxDenis 'GNUtoo' Carikli
According to Wikipedia: "GIF images are compressed using the Lempel–Ziv–Welch (LZW) lossless data compression technique to reduce the file size without degrading the visual quality. This compression technique was patented in 1985. Controversy over the licensing agreement between the software patent holder, Unisys, and CompuServe in 1994 spurred the development of the Portable Network Graphics (PNG) standard. By 2004 all the relevant patents had expired."[1]. So we can safely stop removing GIF related code on the basis of patents alone. [1]https://en.wikipedia.org/wiki/GIF Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-25[icu-compat]: upgrade to v69bill-auger
2021-11-25[icu-compat-67]: rename to 'icu-compat-67'bill-auger
2021-11-25[icu-65-compat][icu-compat-65]: rename package to 'icu-compat-65'bill-auger
2021-11-25updpkg: libre/kdevelop 5.6.2-6.parabola1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-11-24Update libre/parabola-keyringParabola automatic package builder
2021-11-23Update libre/parabola-keyringParabola automatic package builder
2021-11-23[quassel]: rebuild against latest libldapbill-auger
2021-11-23Update libre/your-freedomParabola automatic package builder
2021-11-21libre: texlive-bin: bump package revision to workaround expired keyDenis 'GNUtoo' Carikli
Without that fix, we have the following error while installing or upgrading texlive-bin: error: texlive-bin: signature from "bill-auger <bill-auger@peers.community>" is unknown trust :: File /var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)). This is because the corresponding gpg key is expired: $ gpg --verify /var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz.sig gpg: assuming signed data in '/var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz' gpg: Signature made mer. 03 nov. 2021 03:02:20 CET gpg: using RSA key FBCC5AD7421197B7ABA72853908710913E8C7778 gpg: Good signature from "bill-auger <bill-auger@peers.community>" [unknown] gpg: aka "bill-auger <mr.j.spam.me@gmail.com>" [unknown] gpg: aka "bill-auger <bill-auger@programmer.net>" [unknown] gpg: aka "[jpeg image of size 6017]" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 3954 A7AB 837D 0EA9 CFA9 7989 25DB 7D9B 5A8D 4B40 Subkey fingerprint: FBCC 5AD7 4211 97B7 ABA7 2853 9087 1091 3E8C 7778 Key expirations often happen when because there are conflicting best security practices with key expiration dates: for long term software releases, it's better if the key don't have too short expiration dates, especially if users can't easily update the key, but short key expirations help a lot for security and for uses cases like mail, if you loose your key, having a short expiration date will ensure that people will (shortly) stop sending you mail that you can't decrypt. In addition keeping a key always up to date can in some case be very complex. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: asciidoc: sync with Arch Linux by updating to 9.1.0-1Denis 'GNUtoo' Carikli
The changes and rationale was added as well from information that comes from the bug #717 [1]. [1]https://labs.parabola.nu/issues/717 Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: asciidoc: bump package revision to workaround expired keyDenis 'GNUtoo' Carikli
Without that fix, we have the following error while installing or upgrading asciidoc: | > error: asciidoc: signature from "bill-auger <bill-auger@peers.community>" is unknown trust | > :: File /var/cache/pacman/pkg/asciidoc-8.6.10-2.parabola1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)). | > Do you want to delete it? [Y/n] error: failed to commit transaction (invalid or corrupted package) This is because the corresponding gpg key is expired. Key expirations often happen when because there are conflicting best security practices with key expiration dates: for long term software releases, it's better if the key don't have too short expiration dates, especially if users can't easily update the key, but short key expirations help a lot for security and for uses cases like mail, if you loose your key, having a short expiration date will ensure that people will (shortly) stop sending you mail that you can't decrypt. In addition keeping a key always up to date can in some case be very complex. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: pacman-mirrorlist: bump package revision to workaround expired keyDenis 'GNUtoo' Carikli
Without that fix, we have the following error while installing or upgrading mkinitcpio: error: pacman-mirrorlist: signature from "bill-auger <bill-auger@peers.community>" is unknown trust :: File /var/cache/pacman/pkg/pacman-mirrorlist-20210803-1.parabola1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)). This is because the corresponding gpg key is expired. Key expirations often happen when because there are conflicting best security practices with key expiration dates: for long term software releases, it's better if the key don't have too short expiration dates, especially if users can't easily update the key, but short key expirations help a lot for security and for uses cases like mail, if you loose your key, having a short expiration date will ensure that people will (shortly) stop sending you mail that you can't decrypt. In addition keeping a key always up to date can in some case be very complex. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: mkinitcpio: bump package revision to workaround expired keyDenis 'GNUtoo' Carikli
Without that fix, we have the following error while installing or upgrading mkinitcpio: error: mkinitcpio: signature from "bill-auger <bill-auger@peers.community>" is unknown trust :: File /var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)). This is because the corresponding gpg key is expired: # gpg --recv-keys FBCC5AD7421197B7ABA72853908710913E8C7778 gpg: key 25DB7D9B5A8D4B40: public key "bill-auger <bill-auger@peers.community>" imported gpg: Total number processed: 1 gpg: imported: 1 # gpg --verify /var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst.sig gpg: assuming signed data in '/var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst' gpg: Signature made sam. 06 nov. 2021 03:41:54 CET gpg: using RSA key FBCC5AD7421197B7ABA72853908710913E8C7778 gpg: Good signature from "bill-auger <bill-auger@peers.community>" [expired] gpg: aka "bill-auger <mr.j.spam.me@gmail.com>" [expired] gpg: aka "bill-auger <bill-auger@programmer.net>" [expired] gpg: aka "[jpeg image of size 6017]" [expired] gpg: Note: This key has expired! Primary key fingerprint: 3954 A7AB 837D 0EA9 CFA9 7989 25DB 7D9B 5A8D 4B40 Subkey fingerprint: FBCC 5AD7 4211 97B7 ABA7 2853 9087 1091 3E8C 7778 Key expirations often happen when because there are conflicting best security practices with key expiration dates: for long term software releases, it's better if the key don't have too short expiration dates, especially if users can't easily update the key, but short key expirations help a lot for security and for uses cases like mail, if you loose your key, having a short expiration date will ensure that people will (shortly) stop sending you mail that you can't decrypt. In addition keeping a key always up to date can in some case be very complex. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: Add mkinitcpio mkinitcpio-30-2.parabola2-any.src.tar.gz source codebill-auger
The process of packages releases makes it very easy to forget to push a package or its source code to git: - A developer can push to abslibre and forget to build the package, or that developer might want to build the package later on for various reasons. - A developer can also push the package and forget to push the corresponding git commits to abslibre. I often am in the first case, but here we are in the later case. Fortunately the process of packages releases also makes it easy to find that source code. The source code of libre/mkinitcpio can be found here: https://repo.parabola.nu/sources/parabola/mkinitcpio-30-2.parabola1-any.src.tar.gz https://repo.parabola.nu/sources/parabola/mkinitcpio-30-2.parabola1-any.src.tar.gz.sig And we can even verify its signature: $ gpg --verify mkinitcpio-30-2.parabola2-any.src.tar.gz.sig gpg: assuming signed data in 'mkinitcpio-30-2.parabola2-any.src.tar.gz' gpg: Signature made sam. 06 nov. 2021 03:42:02 CET gpg: using RSA key FBCC5AD7421197B7ABA72853908710913E8C7778 gpg: Good signature from "bill-auger <bill-auger@peers.community>" [unknown] gpg: aka "bill-auger <mr.j.spam.me@gmail.com>" [unknown] gpg: aka "bill-auger <bill-auger@programmer.net>" [unknown] gpg: aka "[jpeg image of size 6017]" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 3954 A7AB 837D 0EA9 CFA9 7989 25DB 7D9B 5A8D 4B40 Subkey fingerprint: FBCC 5AD7 4211 97B7 ABA7 2853 9087 1091 3E8C 7778 So we can safely import the source back in abslibre. The archive has a bit more than needed for this specific situation: $ tar tf ../mkinitcpio-30-2.parabola2-any.src.tar.gz mkinitcpio/ mkinitcpio/mkinitcpio-30.tar.gz mkinitcpio/PKGBUILD mkinitcpio/.SRCINFO mkinitcpio/mkinitcpio.install mkinitcpio/mkinitcpio-30.tar.gz.sig mkinitcpio/9001-udev.patch So I only used the PKGBUILD, mkinitcpio.install and 9001-udev.patch files here as we don't commit the .SRCINFO or source tarballs to git in Parabola. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-18systemd-249.6-3.parabola1: updating versionOmar Vega Ramos
2021-11-12[blender]: upgrade to v2.93.5bill-auger
2021-11-05libre/icedove: updated to 78.9.1Andreas Grapentin
2021-11-05[icedove]: upgrade to v78.8.1bill-auger
2021-11-05[icedove]: upgrade to v78.5.0bill-auger
2021-11-05[hydrogen]: upgrade to v1.1.0bill-auger
2021-11-05[texlive-bin]: rebuild against latest popplerbill-auger