-
Notifications
You must be signed in to change notification settings - Fork 132
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update KDE tray permission error #114
Conversation
As of Qt 6.2 the tray works as expected without extra permissions. This version should be in all supported KDE runtimes. Using org.kde.* is not a correct permission and is a security risk. Closes #66
922aa65
to
d68ed80
Compare
We cannot introduce a breaking change like this without at least opening an issue against affected apps. |
Those seem overly abusive. I haven't heard reports of the tray working or not, so let's be on the careful side for now. If that fails, we can revert this. I used this to do an inventory: https://github.com/search?q=org%3Aflathub+--own-name%3Dorg.kde&type=code Some also use `--talk-name` but less frequently, and we already do have such an entry. Most people seem to do the wildcard, but according to this: flathub-infra/flatpak-builder-lint#114 > As of Qt 6.2 the tray works as expected without extra > permissions. This version should be in all supported KDE runtimes. > > Using org.kde.* is not a correct permission and is a security risk. So let's just drop this completely and see what happens.
Those seem overly abusive. I haven't heard reports of the tray working or not, so let's be on the careful side for now. If that fails, we can revert this. I used this to do an inventory: https://github.com/search?q=org%3Aflathub+--own-name%3Dorg.kde&type=code Some also use `--talk-name` but less frequently, and we already do have such an entry. Most people seem to do the wildcard, but according to this: flathub-infra/flatpak-builder-lint#114 > As of Qt 6.2 the tray works as expected without extra > permissions. This version should be in all supported KDE runtimes. > > Using org.kde.* is not a correct permission and is a security risk. So let's just drop this completely and see what happens.
I'm opening issues/PRs to convert apps from using |
Can this be landed? I think I dealt with most of them, only 6 of my PRs are open right now https://github.com/search?q=author%3Abbhtt+is%3Apr+%22drop+org.kde%22+org%3Aflathub&type=pullrequests&p=1, most being merged. Initially only, Discord, Discord Canary, Dropbox, Zoom and 1 or 2 from here https://github.com/search?q=author%3Abbhtt+is%3Aissue+%22drop+org.kde%22+org%3Aflathub&type=issues will need an exception. |
That was for
A few like discord needs them, a few still have unmerged PRs. |
Yeah, |
So this will break discord, zoom & co which is then reason for not making it until they're fixed/exempted. |
Probably will add exemptions to them. |
Ok, I went through this again
Only two are actionable (I'll open PR or issue) https://github.com/flathub/com.hunterwittenborn.Celeste and https://github.com/flathub/org.tribler.Tribler The rest all have a) open and working PRs |
As of Qt 6.2 the tray works as expected without extra permissions. This version should be in all supported KDE runtimes.
Using org.kde.* is not a correct permission and is a security risk.
Closes #66