feat: add AppArmor profile to FPM targets to pair with afterInstall and afterRemove template scripts
#8636
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
🦋 Changeset detectedLatest commit: 9110622 The changes in this PR will be included in the next version bump. This PR includes changesets to release 8 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Closed
6 tasks
|
Who do we need to bug to get that merged? |
This was referenced Nov 5, 2024
3 tasks
|
Released in 26.0.0-alpha.6 |
6 tasks
GarboMuffin
added a commit
to TurboWarp/desktop
that referenced
this pull request
Jan 25, 2025
To include this patch: electron-userland/electron-builder#8636
mmaietta
pushed a commit
that referenced
this pull request
Jan 26, 2025
## 26.0.0 ### Major Changes - [#8782](#8782) [`633490cb`](633490c) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: removing conditional logic that would build HFS+ dmg on non-arm64 macs as HFS+ was sunset in macos 15.2 - [#8582](#8582) [`6a9597b4`](6a9597b) Thanks [@mmaietta](https://github.com/mmaietta)! - chore: remove deprecated fields from `winOptions` and `macOptions`. (For `winOptions` signing configuration, it has been moved to `win.signtoolOptions` in order to support `azureOptions` as a separate field and avoid bloating `win` configuration object. For `macOptions`, notarize options has been deprecated in favor of env vars for quite some time. Env vars are much more secure) - [#8572](#8572) [`0dbe357a`](0dbe357) Thanks [@mmaietta](https://github.com/mmaietta)! - feat: allowing additional entries in .desktop file, such as `[Desktop Actions <actionName>]`. Requires changing configuration `desktop` property to object to be more extensible in the future - [#8562](#8562) [`b8185d48`](b8185d4) Thanks [@beyondkmp](https://github.com/beyondkmp)! - support including node_modules in other subdirectories ### Minor Changes - [#8787](#8787) [`cdf18d9a`](cdf18d9) Thanks [@mmaietta](https://github.com/mmaietta)! - feat: add `pwsh` detection to enable azure trusted signing within docker image - [#8711](#8711) [`6f0fb8e4`](6f0fb8e) Thanks [@hrueger](https://github.com/hrueger)! - Add `host` property to support self-hosted Keygen instances - [#8636](#8636) [`88cc0b06`](88cc0b0) Thanks [@mmaietta](https://github.com/mmaietta)! - feat: add support for AppArmor with template profile and configuration property - [#8609](#8609) [`d672b04b`](d672b04) Thanks [@iongion](https://github.com/iongion)! - feat: support completely custom AppxManifest.xml - [#8607](#8607) [`f123628c`](f123628) Thanks [@mmaietta](https://github.com/mmaietta)! - feat: allow disabling of building a universal windows installer - [#8588](#8588) [`8434e10d`](8434e10) Thanks [@mmaietta](https://github.com/mmaietta)! - feat: adding integration with @electron/fuses - [#8570](#8570) [`c8484305`](c848430) Thanks [@mmaietta](https://github.com/mmaietta)! - feat: migrate to official `electron/asar` packaging - [#8525](#8525) [`13f55a3e`](13f55a3) Thanks [@mmaietta](https://github.com/mmaietta)! - feat: migrate `electronDist` to be an electron-builder `Hook` - [#8394](#8394) [`ae9221d9`](ae9221d) Thanks [@xyloflake](https://github.com/xyloflake)! - feat: Implement autoupdates for pacman - [#8741](#8741) [`eacbbf59`](eacbbf5) Thanks [@0xlau](https://github.com/0xlau)! - Add `forcePathStyle` option to S3Options ### Patch Changes - [#8575](#8575) [`dfa35c32`](dfa35c3) Thanks [@doctolivier](https://github.com/doctolivier)! - chore(deps): update @electron/rebuild to v3.7.0 - [#8576](#8576) [`3eab7143`](3eab714) Thanks [@beyondkmp](https://github.com/beyondkmp)! - fix: packages in the workspace not being under node_modules - [#8577](#8577) [`e9eef0c1`](e9eef0c) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: add additional default exclusions to copy logic - [#8596](#8596) [`e0b0e351`](e0b0e35) Thanks [@mmaietta](https://github.com/mmaietta)! - chore: refactor files for publishing to electron-publish - [#8601](#8601) [`215fc36b`](215fc36) Thanks [@mmaietta](https://github.com/mmaietta)! - Revert "fix(win): use appInfo description as primary entry for FileDescription" to resolve [#8599](#8599) - [#8603](#8603) [`712a8bce`](712a8bc) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: checking relative path without separator as that doesn't work on Windows - [#8604](#8604) [`d4ea0d99`](d4ea0d9) Thanks [@beyondkmp](https://github.com/beyondkmp)! - chore(deps): update app-builder-bin to 5.0.0-alpha.11 - [#8606](#8606) [`a0e635c1`](a0e635c) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: add quotes to surround file path during azure signing to handle files with spaces - [#8627](#8627) [`2a3195d9`](2a3195d) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: add rfc3161 timestamp entry as default for azure signing to resolve Windows Defender alert - [#8631](#8631) [`dcd91a1f`](dcd91a1) Thanks [@olivereisenhut](https://github.com/olivereisenhut)! - fix: Remove path from published binaries - [#8632](#8632) [`645e2abd`](645e2ab) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: only sign concurrently when using local signtool. azure can't be in parallel due to resources being locked during usage - [#8637](#8637) [`667ab2f8`](667ab2f) Thanks [@mmaietta](https://github.com/mmaietta)! - chore: migrate default recommends and default depends for fpm from app-builder-bin to JS code - [#8645](#8645) [`f4d40f91`](f4d40f9) Thanks [@beyondkmp](https://github.com/beyondkmp)! - fix: smart unpack for local module with dll - [#8653](#8653) [`796e1a07`](796e1a0) Thanks [@IsaacAderogba](https://github.com/IsaacAderogba)! - fix: cscIKeyPassword must support empty string arguments - [#8654](#8654) [`9e11358f`](9e11358) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: check ResolvedFileSet src when verifying symlinks to be within project directory - [#8661](#8661) [`6a294c97`](6a294c9) Thanks [@t3chguy](https://github.com/t3chguy)! - chore: remove stale handler for `extend-info` in electronMac plist creation - [#8689](#8689) [`1d7f87c1`](1d7f87c) Thanks [@Lemonexe](https://github.com/Lemonexe)! - fix(win): corrupt asar integrity file path on crossplatform build - [#8693](#8693) [`6a6bed46`](6a6bed4) Thanks [@renovate](https://github.com/apps/renovate)! - fix(deps): update dependency cross-spawn to v7.0.5 [security] - [#8714](#8714) [`66334502`](6633450) Thanks [@kttmv](https://github.com/kttmv)! - chore: Remove informal Russian messages in the NSIS installer - [#8715](#8715) [`4c394d54`](4c394d5) Thanks [@beyondkmp](https://github.com/beyondkmp)! - fix: does not work with NPM workspaces - [#8717](#8717) [`9381513d`](9381513) Thanks [@beyondkmp](https://github.com/beyondkmp)! - fix(deps): update dependency eslint to v9.16.0 [security] - [#8783](#8783) [`a5558e33`](a5558e3) Thanks [@mmaietta](https://github.com/mmaietta)! - chore(deps): upgrade cross spawn 7.0.6 - [#8805](#8805) [`c6d6b6e5`](c6d6b6e) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: ASAR files in extraResources are not included in integrity calculations - [`a1ee0419`](a1ee041) Thanks [@mmaietta](https://github.com/mmaietta)! - fix: use FileCopier for copying files and queue creation of symlinks ## electron-updater 6.4.0 ### Minor Changes - [#8711](#8711) [`6f0fb8e4`](6f0fb8e) Thanks [@hrueger](https://github.com/hrueger)! - Add `host` property to support self-hosted Keygen instances - [#8633](#8633) [`96f5c3eb`](96f5c3e) Thanks [@mmaietta](https://github.com/mmaietta)! - feat(updater): allow usage of `autoRunAppAfterInstall` on mac updater - [#8394](#8394) [`ae9221d9`](ae9221d) Thanks [@xyloflake](https://github.com/xyloflake)! - feat: Implement autoupdates for pacman ### Patch Changes - [#8802](#8802) [`4a68fd2d`](4a68fd2) Thanks [@erijo](https://github.com/erijo)! - fix(linux): AppImage update fails when filename contains spaces - [#8623](#8623) [`cfa67c01`](cfa67c0) Thanks [@DamonYu6](https://github.com/DamonYu6)! - fix: copyFileSync operation will block the main thread - [#8695](#8695) [`819eff7b`](819eff7) Thanks [@peter-sanderson](https://github.com/peter-sanderson)! - fix: respect `disableDifferentialDownload` flag for AppImage
3 tasks
1 task
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Also adds new linux config entry for providing the file path to your own custom/template app armor profile (within build resources dir)
Implements: #8635
Tested on Ubuntu 22 + 24 VMs and Fedora 40 VM
Ubuntu 24 logs:
Without AppArmor template
With AppArmor template supplied by electron-builder: