Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:flatpak
User: [email protected]
Usertags: pu
[ Reason ]
New upstream bugfix release
[ Impact ]
If not accepted, various upstream bugs will go unfixed. The most
significant are:
- flatpak-kill(1) would accidentally kill its entire process group via
kill(0) if a race condition was hit, which could result in terminating
the desktop session
- a memory leak in flatpak-session-helper when privileged apps invoke a
command outside their sandbox (flatpak-spawn --host) which becomes
significant with some apps' use patterns (#1114484)
- VA-API didn't work on newer Intel GPUs that use the xe kernel driver,
because the user-space component was only installed for older Intel
GPUs that use the i915 driver; now it's installed for both
Additionally, the proposed version includes packaging changes to fix
FTBFS when using the nocheck build-profile (#1116737) which might be
useful for cross-compilation.
[ Tests ]
There's an upstream test suite, which still passes. Build-time test
coverage is limited because bubblewrap doesn't work in a chroot, and
similarly autopkgtest coverage on non-x86 is limited because nested
containers usually don't work, but the autopkgtest on amd64 runs in a
virtual machine on ci.debian.net and therefore has full coverage.
Also successfully smoke-tested on a Debian 13 GNOME desktop (uninstalled
some obsolete runtimes, installed a new app, ran some apps).
This is a fairly straightforward backport of the version in unstable,
which hasn't had any regressions reported, although admittedly it hasn't
been in unstable for very long at this stage (and hasn't reached testing
yet).
[ Risks ]
All changes are targeted bug fixes: some of the bugs being fixed are not
particularly major, but it seems better to have the fixes than not. I
reverted the more intrusive packaging changes from unstable to make this
update easier to review.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
(lightly filtered, excludes po/*.po)
[x] the issue is verified as fixed in unstable
[ Changes ]
Packaging:
d/control: All part of fixing the nocheck build-profile (#1116737).
fuse3 was previously not installed under nocheck, but that was wrong,
and it is now installed unconditionally. Similarly polkitd and socat
were previously not installed under nocheck, but actually they are
required when building "as-installed" tests, so now they are only not
installed if both nocheck and noinsttest are active, and the
flatpak-tests binary package is skipped if noinsttest is active. No
effect on official buildd builds.
d/rules: Similarly, we have to enable tests in all builds, unless both
nocheck and noinsttest are active. No effect on official buildd builds.
d/copyright: Apply Lintian fixes, be more pedantic about the difference
between the Lesser and Library General Public Licenses. No functional
change, human-readable text only.
d/libflatpak-doc.install: The new upstream bug fix release builds and
installs a document that was previously missing, fixing a regression
introduced during 1.15.x, so we need to assign that file to a package.
Upstream:
app/flatpak-builtins-build.c:
Fix fontconfig warnings during `flatpak build` which could break apps'
build-time tests
app/flatpak-builtins-kill.c:
Fix `flatpak kill` as discussed above
app/flatpak-main.c, common/flatpak-run.c, common/flatpak-utils.c (second
part), common/flatpak-utils-private.h:
Relax "running under sudo?" check so it only prevents
"sudo flatpak run ..." or "sudo flatpak --user ..." as root (which are
unlikely to be appropriate), but allows "sudo -u otheruser ..." or
"sudo -g othergroup ..."
common/flatpak-context.c:
Canonicalize special directories received from GLib before comparison,
working around a regression in GLib 2.86.1 which was fixed in 2.86.2
(not relevant to trixie and no longer relevant to unstable, but it
improves robustness)
common/flatpak-dir.c (first part):
Fix flatpak-pin(1)/flatpak-mask(1) with multiple arguments when acting
on the system-wide installation
common/flatpak-dir.c, common/flatpak-dir-private.h,
common/flatpak-installation.c, system-helper/flatpak-system-helper.c,
common/flatpak-transaction.c (second part), tests/test-bundle.sh (first part):
Implement the --reinstall option when installing a bundle (previously
it was ignored)
common/flatpak-json-oci.c:
If a Docker-style OCI registry only has one image, improve command-line
ergonomics by allowing the tag to be omitted (in practice mostly only
relevant to Fedora - other publishers like Flathub use OSTree-format
registries, which are more space-efficient)
common/flatpak-oci-registry.c:
Fix a memory leak when installing Flatpak apps from a Docker-style OCI
registry (in practice mostly only relevant to Fedora)
common/flatpak-repo-utils.c:
Fix an assertion failure in flatpak-build-import-bundle(1)
common/flatpak-transaction.c (first part):
Fix a crash in `flatpak install --include-sdk` if the app is installed
on a per-user basis but the corresponding SDK is already installed
system-wide
common/flatpak-utils.c (first part):
Install the Intel VA-API driver extension for users of the xe kernel
module, not just the i915 kernel module
common/flatpak-utils-http.c (first part):
Avoid a compiler warning about using a potentially uninitialized
variable (in practice this is a false positive, we can't actually
early-return before enumerator is assigned)
common/flatpak-utils-http.c (second and subsequent parts):
In libflatpak users like GNOME Software and KDE Discover, allow
ongoing downloads to be cancelled
doc/flatpak-spawn.xml:
Clarify documentation
doc/reference/meson.build:
Build a single-file version of the library API reference (in practice
mainly useful for docs.flatpak.org, but we might as well have it in
Debian too)
session-helper/flatpak-session-helper.c:
Fix memory leak #1114484 by using automatic memory management for a
temporary variable
tests/test-bundle.sh, tests/test-run.sh:
Avoid test failure if a required tool is not installed (no practical
effect in Debian, we do install them as dependencies)
tests/testlib.c:
Fix uninitialized parameter to fcntl F_DUPFD_CLOEXEC which can cause
test failures on some architectures
[ Other info ]
If you'd prefer to wait a few days for the corresponding unstable upload
to migrate to testing, that would be fine, but I wanted to get this
uploaded well before the 13.3 deadline.
debdiff *.dsc | filterdiff -p1 -x 'po/*.po'
diffstat after filtering:
.github/workflows/check.yml | 13 +++-
NEWS | 46 +++++++++++++++
app/flatpak-builtins-build.c | 13 ++++
app/flatpak-builtins-kill.c | 88 +++++++++++++++++++++++------
app/flatpak-main.c | 2
common/flatpak-context.c | 8 ++
common/flatpak-dir-private.h | 5 +
common/flatpak-dir.c | 44 ++++++++++----
common/flatpak-installation.c | 2
common/flatpak-json-oci.c | 22 +++----
common/flatpak-oci-registry.c | 1
common/flatpak-repo-utils.c | 4 -
common/flatpak-run.c | 2
common/flatpak-transaction.c | 4 -
common/flatpak-utils-http.c | 22 +++++--
common/flatpak-utils-private.h | 2
common/flatpak-utils.c | 8 +-
debian/changelog | 97 ++++++++++++++++++++++++++++++++
debian/control | 10 +--
debian/copyright | 13 +++-
debian/gbp.conf | 2
debian/libflatpak-doc.install | 1
debian/rules | 7 +-
doc/flatpak-spawn.xml | 4 -
doc/reference/meson.build | 25 +++++++-
meson.build | 4 -
session-helper/flatpak-session-helper.c | 2
system-helper/flatpak-system-helper.c | 4 -
tests/test-bundle.sh | 28 ++++++---
tests/test-run.sh | 22 ++++---
tests/testlib.c | 2
31 files changed, 419 insertions(+), 88 deletions(-)
diff -Nru flatpak-1.16.1/app/flatpak-builtins-build.c flatpak-1.16.2/app/flatpak-builtins-build.c
--- flatpak-1.16.1/app/flatpak-builtins-build.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/app/flatpak-builtins-build.c 2025-12-15 17:52:28.000000000 +0000
@@ -59,6 +59,17 @@
{ NULL }
};
+static void
+add_empty_font_dirs_xml (FlatpakBwrap *bwrap)
+{
+ g_autoptr(GString) xml_snippet = g_string_new ("<?xml version=\"1.0\"?>\n"
+ "<!DOCTYPE fontconfig SYSTEM \"urn:fontconfig:fonts.dtd\">\n"
+ "<fontconfig></fontconfig>\n");
+
+ if (!flatpak_bwrap_add_args_data (bwrap, "font-dirs.xml", xml_snippet->str, xml_snippet->len, "/run/host/font-dirs.xml", NULL))
+ g_warning ("Unable to add fontconfig data snippet");
+}
+
/* Unset FD_CLOEXEC on the array of fds passed in @user_data */
static void
child_setup (gpointer user_data)
@@ -559,6 +570,8 @@
instance_id, NULL, cancellable, error))
return FALSE;
+ add_empty_font_dirs_xml (bwrap);
+
for (i = 0; opt_bind_mounts != NULL && opt_bind_mounts[i] != NULL; i++)
{
char *split = strchr (opt_bind_mounts[i], '=');
diff -Nru flatpak-1.16.1/app/flatpak-builtins-kill.c flatpak-1.16.2/app/flatpak-builtins-kill.c
--- flatpak-1.16.1/app/flatpak-builtins-kill.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/app/flatpak-builtins-kill.c 2025-12-15 17:52:28.000000000 +0000
@@ -36,37 +36,91 @@
#include "flatpak-builtins.h"
#include "flatpak-instance.h"
+#define FLATPAK_BUILTIN_KILL_N_RETRIES 5
+#define FLATPAK_BUILTIN_KILL_RETRY_SLEEP_USEC (G_USEC_PER_SEC / 10)
+
static GOptionEntry options[] = {
{ NULL }
};
static gboolean
-kill_instance (const char *id,
- GError **error)
+instance_equal (FlatpakInstance *a,
+ FlatpakInstance *b)
{
- g_autoptr(GPtrArray) instances = NULL;
- int j;
- int killed = 0;
+ return g_strcmp0 (flatpak_instance_get_id (a),
+ flatpak_instance_get_id (b)) == 0;
+}
- instances = flatpak_instance_get_all ();
+static GPtrArray *
+kill_instances (GPtrArray *kill_list)
+{
+ g_autoptr(GPtrArray) instances = flatpak_instance_get_all ();
+ g_autoptr(GPtrArray) remaining =
+ g_ptr_array_new_with_free_func (g_object_unref);
- for (j = 0; j < instances->len; j++)
+ for (size_t i = 0; i < kill_list->len; i++)
{
- FlatpakInstance *instance = (FlatpakInstance *) g_ptr_array_index (instances, j);
- if (g_strcmp0 (id, flatpak_instance_get_app (instance)) == 0 ||
- strcmp (id, flatpak_instance_get_id (instance)) == 0)
+ FlatpakInstance *to_kill = g_ptr_array_index (kill_list, i);
+ pid_t pid;
+
+ if (!g_ptr_array_find_with_equal_func (instances, to_kill,
+ (GEqualFunc) instance_equal,
+ NULL))
+ {
+ g_info ("Instance %s disappeared", flatpak_instance_get_id (to_kill));
+ continue;
+ }
+
+ pid = flatpak_instance_get_child_pid (to_kill);
+ if (pid != 0)
{
- pid_t pid = flatpak_instance_get_child_pid (instance);
kill (pid, SIGKILL);
- killed++;
+ g_info ("Instance %s killed", flatpak_instance_get_id (to_kill));
+ continue;
}
+
+ g_ptr_array_add (remaining, g_object_ref (to_kill));
}
- g_info ("Killed %d instances", killed);
+ return g_steal_pointer (&remaining);
+}
+
+static gboolean
+kill_id (const char *id,
+ GError **error)
+{
+ g_autoptr(GPtrArray) instances = flatpak_instance_get_all ();
+ g_autoptr(GPtrArray) kill_list =
+ g_ptr_array_new_with_free_func (g_object_unref);
- if (killed == 0)
+ for (size_t i = 0; i < instances->len; i++)
+ {
+ FlatpakInstance *instance = g_ptr_array_index (instances, i);
+
+ if (g_strcmp0 (id, flatpak_instance_get_app (instance)) != 0 &&
+ g_strcmp0 (id, flatpak_instance_get_id (instance)) != 0)
+ continue;
+
+ g_info ("Found instance %s to kill", flatpak_instance_get_id (instance));
+
+ g_ptr_array_add (kill_list, g_object_ref (instance));
+ }
+
+ if (kill_list->len == 0)
return flatpak_fail (error, _("%s is not running"), id);
+ for (size_t i = 0; i < FLATPAK_BUILTIN_KILL_N_RETRIES && kill_list->len > 0; i++)
+ {
+ g_autoptr (GPtrArray) remaining = NULL;
+
+ if (i > 0)
+ g_usleep (FLATPAK_BUILTIN_KILL_RETRY_SLEEP_USEC);
+
+ remaining = kill_instances (kill_list);
+ g_clear_pointer (&kill_list, g_ptr_array_unref);
+ kill_list = g_steal_pointer (&remaining);
+ }
+
return TRUE;
}
@@ -77,7 +131,7 @@
GError **error)
{
g_autoptr(GOptionContext) context = NULL;
- const char *instance;
+ const char *id;
context = g_option_context_new (_("INSTANCE - Stop a running application"));
g_option_context_set_translation_domain (context, GETTEXT_PACKAGE);
@@ -97,9 +151,9 @@
return FALSE;
}
- instance = argv[1];
+ id = argv[1];
- return kill_instance (instance, error);
+ return kill_id (id, error);
}
gboolean
diff -Nru flatpak-1.16.1/app/flatpak-main.c flatpak-1.16.2/app/flatpak-main.c
--- flatpak-1.16.1/app/flatpak-main.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/app/flatpak-main.c 2025-12-15 17:52:28.000000000 +0000
@@ -375,7 +375,7 @@
* which is almost certainly not what the user intended so just consider it
* an error.
*/
- if (opt_user && running_under_sudo ())
+ if (opt_user && running_under_sudo_root ())
return flatpak_fail_error (error, FLATPAK_ERROR,
_("Refusing to operate under sudo with --user. "
"Omit sudo to operate on the user installation, "
diff -Nru flatpak-1.16.1/common/flatpak-context.c flatpak-1.16.2/common/flatpak-context.c
--- flatpak-1.16.1/common/flatpak-context.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-context.c 2025-12-15 17:52:28.000000000 +0000
@@ -44,6 +44,7 @@
#include "flatpak-error.h"
#include "flatpak-metadata-private.h"
#include "flatpak-usb-private.h"
+#include "flatpak-utils-base-private.h"
#include "flatpak-utils-private.h"
/* Same order as enum */
@@ -2939,6 +2940,8 @@
const char *rest = NULL;
const char *config_key = NULL;
g_autofree char *subpath = NULL;
+ g_autofree char *canonical_path = NULL;
+ g_autofree char *canonical_home = NULL;
if (!get_xdg_user_dir_from_string (filesystem, &config_key, &rest, &path))
{
@@ -2949,7 +2952,10 @@
if (path == NULL)
continue; /* Unconfigured, ignore */
- if (strcmp (path, g_get_home_dir ()) == 0)
+ canonical_path = flatpak_canonicalize_filename (path);
+ canonical_home = flatpak_canonicalize_filename (g_get_home_dir ());
+
+ if (strcmp (canonical_path, canonical_home) == 0)
{
/* xdg-user-dirs sets disabled dirs to $HOME, and its in general not a good
idea to set full access to $HOME other than explicitly, so we ignore
diff -Nru flatpak-1.16.1/common/flatpak-dir.c flatpak-1.16.2/common/flatpak-dir.c
--- flatpak-1.16.1/common/flatpak-dir.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-dir.c 2025-12-15 17:52:28.000000000 +0000
@@ -4460,6 +4460,9 @@
NULL, error))
return FALSE;
+ if (!_flatpak_dir_reload_config (self, NULL, error))
+ return FALSE;
+
return TRUE;
}
@@ -10299,6 +10302,7 @@
gboolean
flatpak_dir_install_bundle (FlatpakDir *self,
+ gboolean reinstall,
GFile *file,
const char *remote,
FlatpakDecomposed **out_ref,
@@ -10312,6 +10316,7 @@
g_autofree char *origin = NULL;
g_autofree char *to_checksum = NULL;
gboolean gpg_verify;
+ FlatpakHelperInstallBundleFlags install_flags = FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_NONE;
if (!flatpak_dir_check_add_remotes_config_dir (self, error))
return FALSE;
@@ -10320,9 +10325,13 @@
{
const char *installation = flatpak_dir_get_id (self);
+ if (reinstall)
+ install_flags |= FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_REINSTALL;
+
if (!flatpak_dir_system_helper_call_install_bundle (self,
flatpak_file_get_path_cached (file),
- 0, remote,
+ install_flags,
+ remote,
installation ? installation : "",
&ref_str,
cancellable,
@@ -10357,17 +10366,30 @@
{
if (strcmp (flatpak_deploy_data_get_commit (deploy_data), to_checksum) == 0)
{
- g_autofree char *id = flatpak_decomposed_dup_id (ref);
- g_set_error (error, FLATPAK_ERROR, FLATPAK_ERROR_ALREADY_INSTALLED,
- _("This version of %s is already installed"), id);
- return FALSE;
+ if (reinstall)
+ {
+ g_clear_pointer (&deploy_data, g_bytes_unref);
+ }
+ else
+ {
+ g_autofree char *id = flatpak_decomposed_dup_id (ref);
+ g_set_error (error, FLATPAK_ERROR, FLATPAK_ERROR_ALREADY_INSTALLED,
+ _("This version of %s is already installed"), id);
+ return FALSE;
+ }
}
-
- if (strcmp (remote, flatpak_deploy_data_get_origin (deploy_data)) != 0)
+ else if (strcmp (remote, flatpak_deploy_data_get_origin (deploy_data)) != 0)
{
- g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
- _("Can't change remote during bundle install"));
- return FALSE;
+ if (reinstall)
+ {
+ g_clear_pointer (&deploy_data, g_bytes_unref);
+ }
+ else
+ {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ _("Can't change remote during bundle install"));
+ return FALSE;
+ }
}
}
@@ -10423,7 +10445,7 @@
}
else
{
- if (!flatpak_dir_deploy_install (self, ref, remote, NULL, NULL, FALSE, FALSE, cancellable, error))
+ if (!flatpak_dir_deploy_install (self, ref, remote, NULL, NULL, reinstall, FALSE, cancellable, error))
return FALSE;
}
diff -Nru flatpak-1.16.1/common/flatpak-dir-private.h flatpak-1.16.2/common/flatpak-dir-private.h
--- flatpak-1.16.1/common/flatpak-dir-private.h 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-dir-private.h 2025-12-15 17:52:28.000000000 +0000
@@ -239,9 +239,11 @@
typedef enum {
FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_NONE = 0,
FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_NO_INTERACTION = 1 << 0,
+ FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_REINSTALL = 1 << 1,
} FlatpakHelperInstallBundleFlags;
-#define FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_ALL (FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_NO_INTERACTION)
+#define FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_ALL (FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_NO_INTERACTION | \
+ FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_REINSTALL)
typedef enum {
FLATPAK_HELPER_DEPLOY_APPSTREAM_FLAGS_NONE = 0,
@@ -710,6 +712,7 @@
GCancellable *cancellable,
GError **error);
gboolean flatpak_dir_install_bundle (FlatpakDir *self,
+ gboolean reinstall,
GFile *file,
const char *remote,
FlatpakDecomposed **out_ref,
diff -Nru flatpak-1.16.1/common/flatpak-installation.c flatpak-1.16.2/common/flatpak-installation.c
--- flatpak-1.16.1/common/flatpak-installation.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-installation.c 2025-12-15 17:52:28.000000000 +0000
@@ -1775,7 +1775,7 @@
if (!flatpak_dir_ensure_repo (dir_clone, cancellable, error))
return NULL;
- if (!flatpak_dir_install_bundle (dir_clone, file, remote, NULL,
+ if (!flatpak_dir_install_bundle (dir_clone, FALSE, file, remote, NULL,
cancellable, error))
return NULL;
diff -Nru flatpak-1.16.1/common/flatpak-json-oci.c flatpak-1.16.2/common/flatpak-json-oci.c
--- flatpak-1.16.1/common/flatpak-json-oci.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-json-oci.c 2025-12-15 17:52:28.000000000 +0000
@@ -553,28 +553,28 @@
FlatpakOciManifestDescriptor *
flatpak_oci_index_get_only_manifest (FlatpakOciIndex *self)
{
- int i, found = -1;
+ FlatpakOciManifestDescriptor *manifest = NULL;
if (self->manifests == NULL)
return NULL;
- for (i = 0; self->manifests[i] != NULL; i++)
+ for (size_t i = 0; self->manifests[i] != NULL; i++)
{
- const char *m_ref = flatpak_oci_manifest_descriptor_get_ref (self->manifests[i]);
+ FlatpakOciManifestDescriptor *m = self->manifests[i];
- if (m_ref == NULL)
+ if (m->parent.mediatype == NULL ||
+ (strcmp (m->parent.mediatype, FLATPAK_OCI_MEDIA_TYPE_IMAGE_MANIFEST) != 0 &&
+ strcmp (m->parent.mediatype, FLATPAK_DOCKER_MEDIA_TYPE_IMAGE_MANIFEST2) != 0))
continue;
- if (found == -1)
- found = i;
- else
+ /* multiple manifests */
+ if (manifest != NULL)
return NULL;
- }
- if (found >= 0)
- return self->manifests[found];
+ manifest = m;
+ }
- return NULL;
+ return manifest;
}
gboolean
diff -Nru flatpak-1.16.1/common/flatpak-oci-registry.c flatpak-1.16.2/common/flatpak-oci-registry.c
--- flatpak-1.16.1/common/flatpak-oci-registry.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-oci-registry.c 2025-12-15 17:52:28.000000000 +0000
@@ -123,6 +123,7 @@
g_clear_pointer (&self->base_uri, g_uri_unref);
g_free (self->uri);
g_free (self->token);
+ g_clear_pointer (&self->certificates, flatpak_certificates_free);
G_OBJECT_CLASS (flatpak_oci_registry_parent_class)->finalize (object);
}
diff -Nru flatpak-1.16.1/common/flatpak-repo-utils.c flatpak-1.16.2/common/flatpak-repo-utils.c
--- flatpak-1.16.1/common/flatpak-repo-utils.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-repo-utils.c 2025-12-15 17:52:28.000000000 +0000
@@ -3857,8 +3857,8 @@
if (metadata_contents != NULL)
metadata_size = strlen (metadata_contents);
- if (!ostree_repo_get_remote_option (repo, remote, "collection-id", NULL,
- &remote_collection_id, NULL))
+ if (!remote || !ostree_repo_get_remote_option (repo, remote, "collection-id", NULL,
+ &remote_collection_id, NULL))
remote_collection_id = NULL;
if (remote_collection_id != NULL && collection_id != NULL &&
diff -Nru flatpak-1.16.1/common/flatpak-run.c flatpak-1.16.2/common/flatpak-run.c
--- flatpak-1.16.1/common/flatpak-run.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-run.c 2025-12-15 17:52:28.000000000 +0000
@@ -2959,7 +2959,7 @@
/* This check exists to stop accidental usage of `sudo flatpak run`
and is not to prevent running as root.
*/
- if (running_under_sudo ())
+ if (running_under_sudo_root ())
return flatpak_fail_error (error, FLATPAK_ERROR,
_("\"flatpak run\" is not intended to be run as `sudo flatpak run`. "
"Use `sudo -i` or `su -l` instead and invoke \"flatpak run\" from "
diff -Nru flatpak-1.16.1/common/flatpak-transaction.c flatpak-1.16.2/common/flatpak-transaction.c
--- flatpak-1.16.1/common/flatpak-transaction.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-transaction.c 2025-12-15 17:52:28.000000000 +0000
@@ -2595,7 +2595,7 @@
return FALSE;
}
- if (sdk_op->kind != FLATPAK_TRANSACTION_OPERATION_UNINSTALL)
+ if (sdk_op && sdk_op->kind != FLATPAK_TRANSACTION_OPERATION_UNINSTALL)
{
flatpak_transaction_operation_add_related_to_op (sdk_op, op);
run_operation_before (sdk_op, op, 2);
@@ -4892,7 +4892,7 @@
op->resolved_metakey, error))
res = FALSE;
else
- res = flatpak_dir_install_bundle (priv->dir, op->bundle,
+ res = flatpak_dir_install_bundle (priv->dir, priv->reinstall, op->bundle,
op->remote, NULL,
cancellable, error);
flatpak_transaction_progress_done (progress);
diff -Nru flatpak-1.16.1/common/flatpak-utils.c flatpak-1.16.2/common/flatpak-utils.c
--- flatpak-1.16.1/common/flatpak-utils.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-utils.c 2025-12-15 17:52:28.000000000 +0000
@@ -517,7 +517,7 @@
static int have_intel = -1;
if (have_intel == -1)
- have_intel = g_file_test ("/sys/module/i915", G_FILE_TEST_EXISTS);
+ have_intel = g_file_test ("/sys/module/i915", G_FILE_TEST_EXISTS) || g_file_test ("/sys/module/xe", G_FILE_TEST_EXISTS);
return have_intel;
}
@@ -2437,7 +2437,7 @@
}
gboolean
-running_under_sudo (void)
+running_under_sudo_root (void)
{
const char *sudo_command_env = g_getenv ("SUDO_COMMAND");
g_auto(GStrv) split_command = NULL;
@@ -2447,7 +2447,9 @@
/* SUDO_COMMAND could be a value like `/usr/bin/flatpak run foo` */
split_command = g_strsplit (sudo_command_env, " ", 2);
- if (g_str_has_suffix (split_command[0], "flatpak"))
+ /* Check if sudo was used to run as root instead of non-root users
+ * using -u or -g for example. */
+ if (g_str_has_suffix (split_command[0], "flatpak") && geteuid () == 0)
return TRUE;
return FALSE;
diff -Nru flatpak-1.16.1/common/flatpak-utils-http.c flatpak-1.16.2/common/flatpak-utils-http.c
--- flatpak-1.16.1/common/flatpak-utils-http.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-utils-http.c 2025-12-15 17:52:28.000000000 +0000
@@ -281,7 +281,7 @@
{
g_autoptr(GFile) certs_dir = g_file_new_for_path (certs_path[i]);
g_autoptr(GFile) host_dir = g_file_get_child (certs_dir, hostport);
- g_autoptr(GFileEnumerator) enumerator;
+ g_autoptr(GFileEnumerator) enumerator = NULL;
g_autoptr(GError) local_error = NULL;
enumerator = g_file_enumerate_children (host_dir, G_FILE_ATTRIBUTE_STANDARD_NAME,
@@ -499,6 +499,10 @@
}
}
+ /* Check for cancellation */
+ if (g_cancellable_is_cancelled (data->cancellable))
+ return 0; /* Returning 0 (short read) makes curl abort the transfer */
+
if (data->content)
{
g_string_append_len (data->content, content_data, realsize);
@@ -594,15 +598,23 @@
}
static void
-set_error_from_curl (GError **error,
- const char *uri,
- CURLcode res)
+set_error_from_curl (GError **error,
+ const char *uri,
+ CURLcode res,
+ GCancellable *cancellable)
{
GQuark domain = G_IO_ERROR;
int code;
switch (res)
{
+ case CURLE_WRITE_ERROR:
+ /* Check if this was due to cancellation */
+ if (g_cancellable_is_cancelled (cancellable))
+ code = G_IO_ERROR_CANCELLED;
+ else
+ code = G_IO_ERROR_FAILED;
+ break;
case CURLE_COULDNT_CONNECT:
case CURLE_COULDNT_RESOLVE_HOST:
case CURLE_COULDNT_RESOLVE_PROXY:
@@ -706,7 +718,7 @@
if (res != CURLE_OK)
{
- set_error_from_curl (error, uri, res);
+ set_error_from_curl (error, uri, res, data->cancellable);
/* Make sure we clear the tmpfile stream we possible created during the request */
if (data->out_tmpfile && data->out)
diff -Nru flatpak-1.16.1/common/flatpak-utils-private.h flatpak-1.16.2/common/flatpak-utils-private.h
--- flatpak-1.16.1/common/flatpak-utils-private.h 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/common/flatpak-utils-private.h 2025-12-15 17:52:28.000000000 +0000
@@ -343,7 +343,7 @@
gboolean flatpak_validate_path_characters (const char *path,
GError **error);
-gboolean running_under_sudo (void);
+gboolean running_under_sudo_root (void);
void flatpak_set_debugging (gboolean debugging);
gboolean flatpak_is_debugging (void);
diff -Nru flatpak-1.16.1/debian/changelog flatpak-1.16.2/debian/changelog
--- flatpak-1.16.1/debian/changelog 2025-05-12 12:10:10.000000000 +0100
+++ flatpak-1.16.2/debian/changelog 2025-12-20 17:15:35.000000000 +0000
@@ -1,3 +1,100 @@
+flatpak (1.16.2-1~deb13u1) trixie; urgency=medium
+
+ * d/control, d/gbp.conf: Use debian/trixie packaging branch
+ * Summary of changes since trixie:
+ - New upstream stable release, see 1.16.2-1 changelog
+ (Closes: #1114484)
+ - Fix FTBFS with DEB_BUILD_OPTIONS=nocheck
+ (Closes: #1116737)
+ - d/copyright: Point to GNU web address instead of old FSF postal
+ address
+ - d/copyright: Clarify possible interpretations of LGPL-2
+ * Revert changes that are not appropriate for a stable update:
+ - Revert "Prefer the OpenSSL flavour of libcurl"
+ - Revert "d/control: Only require gtk-doc-tools, etc. if we are
+ building documentation"
+ - Revert "Stop build-depending on libgirepository1.0-dev"
+ - Revert "d/control: Remove Rules-Requires-Root"
+ - Revert "Normalize formatting with debputy"
+
+ -- Simon McVittie <[email protected]> Sat, 20 Dec 2025 17:15:35 +0000
+
+flatpak (1.16.2-1) unstable; urgency=medium
+
+ * New upstream stable release
+ - Fix a memory leak in flatpak-session-helper when invoking host
+ commands (flatpak-spawn --host) from privileged apps
+ (Closes: #1114484)
+ - Treat either the xe or i915 kernel module as indicating an Intel GPU,
+ not just i915, and install the appropriate VA-API extensions
+ - If using GLib 2.86.1 (specifically that version due to a regression
+ that was later fixed), avoid exposing $HOME to apps if an XDG special
+ directory such as Music is requested by the app but has been disabled
+ locally
+ - In flatpak-kill(1), make killing processes more robust, and avoid race
+ conditions that could lead to the whole process group being killed
+ - Allow `flatpak run` or `flatpak install --user` while under
+ `sudo -u otheruser` or `sudo -g`, as long as the other user is not root,
+ relaxing a check that was only intended to avoid accidents involving
+ running as root
+ - Provide an empty /run/host/font-dirs.xml during flatpak-build(1),
+ avoiding spurious warnings for processes that use fontconfig during
+ build-time tests
+ - Fix a crash in `flatpak install --include-sdk` if the app is installed
+ on a per-user basis but the corresponding SDK is already installed
+ system-wide
+ - Take the --reinstall option into account when installing a bundle
+ - Add a missing argument to fcntl F_DUPFD_CLOEXEC during Flatpak's own
+ build-time tests, fixing a test regression with newer glibc on Ubuntu
+ - Fix flatpak-pin(1)/flatpak-mask(1) with multiple arguments, by
+ reloading configuration when needed
+ - Fix an assertion failure in flatpak-build-import-bundle(1)
+ - When using the library API, allow http downloads with libcurl to be
+ cancelled
+ - If an OCI registry only has one image, allow the tag to be omitted
+ - Fix a memory leak when using an OCI registry
+ - Fix an uninitialized variable
+ - Documentation improvements
+ - Translation updates: pl
+ * d/libflatpak-doc.install:
+ Install single-file HTML documentation for the library.
+ This was built by Autotools in 1.14.x and disappeared during the switch
+ to Meson, but is now built again as a result of upstream fixes.
+
+ -- Simon McVittie <[email protected]> Fri, 19 Dec 2025 11:38:19 +0000
+
+flatpak (1.16.1-3) unstable; urgency=medium
+
+ * Fix <!nocheck> builds (Closes: #1116737)
+ - d/control: Remove <!nocheck> annotation from fuse3.
+ This is required unconditionally (even if not running tests)
+ since 1.15.7 upstream, so that the build system can autodetect
+ the distro's appropriate path to fusermount3 or fusermount.
+ - d/control, d/rules: Tighten up handling of nocheck and noinsttest.
+ The upstream build system checks for some programs that are required
+ during testing whenever the tests are compiled. If we are under both
+ the nocheck and noinsttest build profiles, don't compile the tests,
+ so that pkcheck and socat won't be needed in that configuration;
+ and otherwise, we need them in Build-Depends.
+ * d/control: Remove Rules-Requires-Root, no longer needed since trixie
+ * Normalize formatting with debputy
+
+ -- Simon McVittie <[email protected]> Tue, 30 Sep 2025 17:11:16 +0100
+
+flatpak (1.16.1-2) unstable; urgency=medium
+
+ * d/copyright: Point to GNU web address instead of old FSF postal address
+ * d/copyright: Clarify possible interpretations of LGPL-2
+ * Stop build-depending on libgirepository1.0-dev.
+ Build-depend on gobject-introspection (>= 1.80) instead.
+ libgirepository1.0-dev is not multiarch-compatible and should be removed
+ during the forky cycle.
+ * d/control: Only require gtk-doc-tools, etc. if we are building documentation
+ * Prefer the OpenSSL flavour of libcurl.
+ This is the one that upstream is going to be testing with in practice.
+
+ -- Simon McVittie <[email protected]> Thu, 14 Aug 2025 22:18:17 +0100
+
flatpak (1.16.1-1) unstable; urgency=medium
* New upstream stable release
diff -Nru flatpak-1.16.1/debian/control flatpak-1.16.2/debian/control
--- flatpak-1.16.1/debian/control 2025-05-12 12:10:10.000000000 +0100
+++ flatpak-1.16.2/debian/control 2025-12-20 17:15:35.000000000 +0000
@@ -5,6 +5,7 @@
Uploaders:
Matthias Klumpp <[email protected]>,
Simon McVittie <[email protected]>,
+# We need polkitd, socat, etc. if !nocheck || !noinsttest
Build-Depends:
attr <!nocheck>,
bison,
@@ -18,7 +19,7 @@
dh-sequence-gir,
docbook-xml <!nodoc>,
docbook-xsl <!nodoc>,
- fuse3 <!nocheck>,
+ fuse3,
gir1.2-gio-2.0-dev,
gir1.2-gobject-2.0-dev,
gnupg <!nocheck>,
@@ -54,12 +55,12 @@
meson (>= 0.53.0),
ostree (>= 2020.8) <!nocheck>,
pkgconf,
- polkitd <!nocheck>,
+ polkitd <!nocheck> <!noinsttest>,
procps,
python3:any,
python3-pyparsing,
shared-mime-info <!nocheck>,
- socat <!nocheck>,
+ socat <!nocheck> <!noinsttest>,
wayland-protocols,
xdg-dbus-proxy (>= 0.1.0),
xmlto <!nodoc>,
@@ -69,7 +70,7 @@
libostree-doc,
Standards-Version: 4.7.2
Homepage: https://flatpak.org/
-Vcs-Git: https://salsa.debian.org/debian/flatpak.git
+Vcs-Git: https://salsa.debian.org/debian/flatpak.git -b debian/trixie
Vcs-Browser: https://salsa.debian.org/debian/flatpak
Rules-Requires-Root: no
@@ -121,6 +122,7 @@
limited access to resources outside the sandbox.
Package: flatpak-tests
+Build-Profiles: <!noinsttest>
Architecture: linux-any
Section: misc
Depends:
diff -Nru flatpak-1.16.1/debian/copyright flatpak-1.16.2/debian/copyright
--- flatpak-1.16.1/debian/copyright 2025-05-12 12:10:10.000000000 +0100
+++ flatpak-1.16.2/debian/copyright 2025-12-20 17:15:35.000000000 +0000
@@ -70,9 +70,17 @@
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library. If not, see <https://www.gnu.org/licenses/>.
Comment:
+ The oldest version of the Lesser General Public License under that name
+ was version 2.1.
+ .
On Debian systems, the full text of the GNU Lesser General Public License
- version 2 can be found in the file '/usr/share/common-licenses/LGPL-2'.
+ version 2.1 can be found in the file /usr/share/common-licenses/LGPL-2.1,
+ and its predecessor the GNU Library General Public License version 2 can
+ be found in /usr/share/common-licenses/LGPL-2.
License: LGPL-2.1+
This library is free software; you can redistribute it and/or
@@ -86,8 +94,7 @@
Lesser General Public License for more details.
.
You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ License along with this library. If not, see <https://www.gnu.org/licenses/>.
Comment:
On Debian systems, the full text of the GNU Lesser General Public License
version 2.1 can be found in the file '/usr/share/common-licenses/LGPL-2.1'.
diff -Nru flatpak-1.16.1/debian/gbp.conf flatpak-1.16.2/debian/gbp.conf
--- flatpak-1.16.1/debian/gbp.conf 2025-05-12 12:10:10.000000000 +0100
+++ flatpak-1.16.2/debian/gbp.conf 2025-12-20 17:15:35.000000000 +0000
@@ -1,7 +1,7 @@
[DEFAULT]
pristine-tar = True
compression = xz
-debian-branch = debian/unstable
+debian-branch = debian/trixie
upstream-branch = upstream/1.16.x
patch-numbers = False
upstream-vcs-tag = %(version)s
diff -Nru flatpak-1.16.1/debian/libflatpak-doc.install flatpak-1.16.2/debian/libflatpak-doc.install
--- flatpak-1.16.1/debian/libflatpak-doc.install 2025-05-12 12:10:10.000000000 +0100
+++ flatpak-1.16.2/debian/libflatpak-doc.install 2025-12-20 17:15:35.000000000 +0000
@@ -1 +1,2 @@
usr/share/gtk-doc/html/flatpak
+usr/share/doc/flatpak/libflatpak-docs.html usr/share/doc/libflatpak-doc
diff -Nru flatpak-1.16.1/debian/rules flatpak-1.16.2/debian/rules
--- flatpak-1.16.1/debian/rules 2025-05-12 12:10:10.000000000 +0100
+++ flatpak-1.16.2/debian/rules 2025-12-20 17:15:35.000000000 +0000
@@ -25,6 +25,12 @@
configure_options += -Dgtkdoc=disabled
endif
+ifeq ($(filter nocheck,$(DEB_BUILD_OPTIONS))$(filter %-tests,$(binaries)),nocheck)
+configure_options += -Dinstalled_tests=false -Dtests=false
+else
+configure_options += -Dinstalled_tests=true -Dtests=true
+endif
+
override_dh_auto_configure:
rm -f app/parse-datetime.c
dh_auto_configure -- \
@@ -32,7 +38,6 @@
-Ddbus_config_dir=/usr/share/dbus-1/system.d \
-Dgdm_env_file=true \
-Dhttp_backend=curl \
- -Dinstalled_tests=true \
-Dprivileged_group=sudo \
-Drun_media_dir=/media \
-Dselinux_module=disabled \
diff -Nru flatpak-1.16.1/doc/flatpak-spawn.xml flatpak-1.16.2/doc/flatpak-spawn.xml
--- flatpak-1.16.1/doc/flatpak-spawn.xml 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/doc/flatpak-spawn.xml 2025-12-15 17:52:28.000000000 +0000
@@ -99,7 +99,9 @@
<term><option>--watch-bus</option></term>
<listitem><para>
- Make the spawned command exit if the caller disappears from the session bus
+ Make the spawned command exit when <command>flatpak-spawn</command>
+ itself exits; notably, this occurs when its connection to the
+ session bus is closed.
</para></listitem>
</varlistentry>
diff -Nru flatpak-1.16.1/doc/reference/meson.build flatpak-1.16.2/doc/reference/meson.build
--- flatpak-1.16.1/doc/reference/meson.build 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/doc/reference/meson.build 2025-12-15 17:52:28.000000000 +0000
@@ -25,7 +25,7 @@
docbook : 'dbus',
)
-gnome.gtkdoc(
+libflatpak_doc = gnome.gtkdoc(
'flatpak',
main_xml : 'libflatpak-docs.xml',
namespace : 'flatpak',
@@ -72,3 +72,26 @@
'--rebuild-types',
],
)
+
+if xmlto.found()
+ custom_target(
+ 'libflatpak-docs.html',
+ input : [
+ '../xmlto-config.xsl',
+ ],
+ output : ['libflatpak-docs.html'],
+ depends : libflatpak_doc,
+ command : [
+ xmlto,
+ '-o', meson.current_build_dir(),
+ ] + get_option('xmlto_flags') + [
+ '--skip-validation',
+ 'xhtml-nochunks',
+ '-m', '@INPUT0@',
+ fs.parent(libflatpak_doc.full_path()) / 'libflatpak-docs.xml',
+ ],
+ build_by_default : true,
+ install : true,
+ install_dir : docdir,
+ )
+endif
\ No newline at end of file
diff -Nru flatpak-1.16.1/.github/workflows/check.yml flatpak-1.16.2/.github/workflows/check.yml
--- flatpak-1.16.1/.github/workflows/check.yml 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/.github/workflows/check.yml 2025-12-15 17:52:28.000000000 +0000
@@ -12,6 +12,7 @@
- flatpak-1.10.x
- flatpak-1.12.x
- flatpak-1.14.x
+ - flatpak-1.16.x
pull_request:
paths-ignore:
- README.md
@@ -31,6 +32,7 @@
- flatpak-1.10.x
- flatpak-1.12.x
- flatpak-1.14.x
+ - flatpak-1.16.x
merge_group:
types:
- checks_requested
@@ -186,7 +188,8 @@
libfuse-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \
libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \
libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \
- libgirepository1.0-dev libappstream-dev libdconf-dev clang e2fslibs-dev meson socat libxau-dev libgdk-pixbuf2.0-dev
+ libgirepository1.0-dev libappstream-dev libdconf-dev clang e2fslibs-dev meson socat libxau-dev libgdk-pixbuf2.0-dev \
+ xmlto
- name: Check out flatpak
uses: actions/checkout@v4
with:
@@ -205,6 +208,14 @@
run: ninja -C _build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
+ - name: Upload docs
+ uses: actions/upload-artifact@v4
+ with:
+ if-no-files-found: error
+ overwrite: true
+ name: docs
+ path: |
+ _build/doc/
valgrind:
name: Run tests in valgrind
diff -Nru flatpak-1.16.1/meson.build flatpak-1.16.2/meson.build
--- flatpak-1.16.1/meson.build 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/meson.build 2025-12-15 17:52:28.000000000 +0000
@@ -4,7 +4,7 @@
project(
'flatpak',
'c',
- version : '1.16.1',
+ version : '1.16.2',
default_options: [
'warning_level=2',
],
@@ -13,7 +13,7 @@
flatpak_major_version = 1
flatpak_minor_version = 16
-flatpak_micro_version = 1
+flatpak_micro_version = 2
flatpak_extra_version = ''
flatpak_interface_age = 0
diff -Nru flatpak-1.16.1/NEWS flatpak-1.16.2/NEWS
--- flatpak-1.16.1/NEWS 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/NEWS 2025-12-15 17:52:28.000000000 +0000
@@ -1,3 +1,49 @@
+Changes in 1.16.2
+~~~~~~~~~~~~~~~~~~
+Released: 2025-12-15
+
+Enhancements:
+
+* Documentation improvements (#6240)
+
+* Support the reinstall option on bundle installations (#5546)
+
+* Enable the VA-API extension for Intel Xe GPUs (#6311)
+
+* Documentation improvements (#6348)
+
+* Add cancellation support for curl downloads (#6356)
+
+* Translation updates: pl
+
+Bug fixes:
+
+* Provide an empty /run/host/font-dirs.xml during `flatpak build` (#6138)
+
+* Fix various issues with flatpak mask and flatpak pin by reloading the repo
+ configuration after changes done via the system helper (#6073)
+
+* Fix an issue where the home directory would accidentally be accessible when a
+ bad version of glib is in use, the app has access to a standard XDG directory,
+ and that directory is not available on the system. (#6420)
+
+* `flatpak-kill` will no longer send SIGKILL to all processes in the current
+ process group (#6375)
+
+* Various bug fixes for the OCI support (#6296)
+
+* Fix various memory leaks (#6286, #6260)
+
+* Fix various crashes (#6074, #6376)
+
+Internal changes:
+
+* Testing and CI improvements (#6291)
+
+* Avoid using an uninitialised variable (#6345)
+
+* Flatpak now allows the usage of sudo for changing the user (#6371)
+
Changes in 1.16.1
~~~~~~~~~~~~~~~~~~
Released: 2025-05-10
diff -Nru flatpak-1.16.1/session-helper/flatpak-session-helper.c flatpak-1.16.2/session-helper/flatpak-session-helper.c
--- flatpak-1.16.1/session-helper/flatpak-session-helper.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/session-helper/flatpak-session-helper.c 2025-12-15 17:52:28.000000000 +0000
@@ -215,7 +215,7 @@
gsize i, j, n_fds, n_envs;
const gint *fds;
g_autofree FdMapEntry *fd_map = NULL;
- gchar **env;
+ g_auto(GStrv) env = NULL;
gint32 max_fd;
if (*arg_cwd_path == 0)
diff -Nru flatpak-1.16.1/system-helper/flatpak-system-helper.c flatpak-1.16.2/system-helper/flatpak-system-helper.c
--- flatpak-1.16.1/system-helper/flatpak-system-helper.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/system-helper/flatpak-system-helper.c 2025-12-15 17:52:28.000000000 +0000
@@ -1007,6 +1007,7 @@
g_autoptr(GFile) bundle_file = g_file_new_for_path (arg_bundle_path);
g_autoptr(GError) error = NULL;
g_autoptr(FlatpakDecomposed) ref = NULL;
+ gboolean reinstall;
g_info ("InstallBundle %s %u %s %s", arg_bundle_path, arg_flags, arg_remote, arg_installation);
@@ -1031,7 +1032,8 @@
return G_DBUS_METHOD_INVOCATION_HANDLED;
}
- if (!flatpak_dir_install_bundle (system, bundle_file, arg_remote, &ref, NULL, &error))
+ reinstall = !!(arg_flags & FLATPAK_HELPER_INSTALL_BUNDLE_FLAGS_NO_INTERACTION);
+ if (!flatpak_dir_install_bundle (system, reinstall, bundle_file, arg_remote, &ref, NULL, &error))
{
flatpak_invocation_return_error (invocation, error, "Error installing bundle");
return G_DBUS_METHOD_INVOCATION_HANDLED;
diff -Nru flatpak-1.16.1/tests/test-bundle.sh flatpak-1.16.2/tests/test-bundle.sh
--- flatpak-1.16.1/tests/test-bundle.sh 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/tests/test-bundle.sh 2025-12-15 17:52:28.000000000 +0000
@@ -24,7 +24,7 @@
skip_without_bwrap
skip_revokefs_without_fuse
-echo "1..8"
+echo "1..9"
mkdir bundles
@@ -48,6 +48,11 @@
${FLATPAK} uninstall ${U} -y org.test.Hello >&2
${FLATPAK} install ${U} -y --bundle bundles/hello.flatpak >&2
+# Installing again without reinstall option should fail...
+! ${FLATPAK} install ${U} -y --bundle bundles/hello.flatpak >&2
+# Now with reinstall option it should pass...
+${FLATPAK} install ${U} -y --bundle bundles/hello.flatpak --reinstall >&2
+
# This should have installed the runtime dependency too
assert_has_file $FL_DIR/repo/refs/remotes/test-repo/runtime/org.test.Platform/$ARCH/master
@@ -72,12 +77,6 @@
assert_has_file $FL_DIR/exports/share/icons/hicolor/64x64/apps/org.test.Hello.png
assert_has_file $FL_DIR/exports/share/icons/HighContrast/64x64/apps/org.test.Hello.png
-# Ensure triggers ran
-assert_has_file $FL_DIR/exports/share/applications/mimeinfo.cache
-assert_file_has_content $FL_DIR/exports/share/applications/mimeinfo.cache x-test/Hello
-assert_has_file $FL_DIR/exports/share/icons/hicolor/icon-theme.cache
-assert_has_file $FL_DIR/exports/share/icons/hicolor/index.theme
-
$FLATPAK list ${U} | grep org.test.Hello > /dev/null
$FLATPAK list ${U} -d | grep org.test.Hello | grep hello-origin > /dev/null
$FLATPAK list ${U} -d | grep org.test.Hello | grep current > /dev/null
@@ -93,6 +92,21 @@
ok "install app bundle"
+if command -v update-desktop-database >/dev/null &&
+ command -v update-mime-database >/dev/null &&
+ command -v gtk-update-icon-cache >/dev/null &&
+ test -f /usr/share/icons/hicolor/index.theme; then
+ # Ensure triggers ran
+ assert_has_file $FL_DIR/exports/share/applications/mimeinfo.cache
+ assert_file_has_content $FL_DIR/exports/share/applications/mimeinfo.cache x-test/Hello
+ assert_has_file $FL_DIR/exports/share/icons/hicolor/icon-theme.cache
+ assert_has_file $FL_DIR/exports/share/icons/hicolor/index.theme
+
+ ok "install app bundle triggers"
+else
+ ok "install app bundle triggers triggers # skip Dependencies not available"
+fi
+
${FLATPAK} uninstall -y --force-remove ${U} org.test.Platform >&2
assert_not_has_file $FL_DIR/repo/refs/remotes/platform-origin/runtime/org.test.Platform/$ARCH/master
diff -Nru flatpak-1.16.1/tests/testlib.c flatpak-1.16.2/tests/testlib.c
--- flatpak-1.16.1/tests/testlib.c 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/tests/testlib.c 2025-12-15 17:52:28.000000000 +0000
@@ -257,7 +257,7 @@
{
TestsStdoutToStderr *original = g_new0 (TestsStdoutToStderr, 1);
- original->fd = fcntl (STDOUT_FILENO, F_DUPFD_CLOEXEC);
+ original->fd = fcntl (STDOUT_FILENO, F_DUPFD_CLOEXEC, 3);
if (original->fd < 0)
g_error ("fcntl F_DUPFD_CLOEXEC: %s", g_strerror (errno));
diff -Nru flatpak-1.16.1/tests/test-run.sh flatpak-1.16.2/tests/test-run.sh
--- flatpak-1.16.1/tests/test-run.sh 2025-05-11 03:19:30.000000000 +0100
+++ flatpak-1.16.2/tests/test-run.sh 2025-12-15 17:52:28.000000000 +0000
@@ -24,7 +24,7 @@
skip_without_bwrap
skip_revokefs_without_fuse
-echo "1..26"
+echo "1..27"
# Use stable rather than master as the branch so we can test that the run
# command automatically finds the branch correctly
@@ -56,12 +56,6 @@
assert_not_has_file $FL_DIR/exports/share/icons/hicolor/64x64/apps/dont-export.png
assert_has_file $FL_DIR/exports/share/icons/HighContrast/64x64/apps/org.test.Hello.png
-# Ensure triggers ran
-assert_has_file $FL_DIR/exports/share/applications/mimeinfo.cache
-assert_file_has_content $FL_DIR/exports/share/applications/mimeinfo.cache x-test/Hello
-assert_has_file $FL_DIR/exports/share/icons/hicolor/icon-theme.cache
-assert_has_file $FL_DIR/exports/share/icons/hicolor/index.theme
-
$FLATPAK list ${U} | grep org.test.Hello > /dev/null
$FLATPAK list ${U} -d | grep org.test.Hello | grep test-repo > /dev/null
$FLATPAK list ${U} -d | grep org.test.Hello | grep current > /dev/null
@@ -73,6 +67,20 @@
ok "install"
+if command -v update-desktop-database >/dev/null &&
+ command -v update-mime-database >/dev/null &&
+ command -v gtk-update-icon-cache >/dev/null; then
+ # Ensure triggers ran
+ assert_has_file $FL_DIR/exports/share/applications/mimeinfo.cache
+ assert_file_has_content $FL_DIR/exports/share/applications/mimeinfo.cache x-test/Hello
+ assert_has_file $FL_DIR/exports/share/icons/hicolor/icon-theme.cache
+ assert_has_file $FL_DIR/exports/share/icons/hicolor/index.theme
+
+ ok "install triggers"
+else
+ ok "install triggers # skip Dependencies not available"
+fi
+
run org.test.Hello &> hello_out
assert_file_has_content hello_out '^Hello world, from a sandbox$'
