Update KDE tray permission error #114
Conversation
As of Qt 6.2 the tray works as expected without extra permissions. This version should be in all supported KDE runtimes. Using org.kde.* is not a correct permission and is a security risk. Closes #66
TingPing
force-pushed
the
pgriffis/kde-tray
branch
from
922aa65
to
d68ed80
Compare
|
We cannot introduce a breaking change like this without at least opening an issue against affected apps. |
Those seem overly abusive. I haven't heard reports of the tray working or not, so let's be on the careful side for now. If that fails, we can revert this. I used this to do an inventory: https://github.com/search?q=org%3Aflathub+--own-name%3Dorg.kde&type=code Some also use `--talk-name` but less frequently, and we already do have such an entry. Most people seem to do the wildcard, but according to this: flathub-infra/flatpak-builder-lint#114 > As of Qt 6.2 the tray works as expected without extra > permissions. This version should be in all supported KDE runtimes. > > Using org.kde.* is not a correct permission and is a security risk. So let's just drop this completely and see what happens.
Those seem overly abusive. I haven't heard reports of the tray working or not, so let's be on the careful side for now. If that fails, we can revert this. I used this to do an inventory: https://github.com/search?q=org%3Aflathub+--own-name%3Dorg.kde&type=code Some also use `--talk-name` but less frequently, and we already do have such an entry. Most people seem to do the wildcard, but according to this: flathub-infra/flatpak-builder-lint#114 > As of Qt 6.2 the tray works as expected without extra > permissions. This version should be in all supported KDE runtimes. > > Using org.kde.* is not a correct permission and is a security risk. So let's just drop this completely and see what happens.
I'm opening issues/PRs to convert apps from using |
|
Can this be landed? I think I dealt with most of them, only 6 of my PRs are open right now https://github.com/search?q=author%3Abbhtt+is%3Apr+%22drop+org.kde%22+org%3Aflathub&type=pullrequests&p=1, most being merged. Initially only, Discord, Discord Canary, Dropbox, Zoom and 1 or 2 from here https://github.com/search?q=author%3Abbhtt+is%3Aissue+%22drop+org.kde%22+org%3Aflathub&type=issues will need an exception. |
|
That was for
A few like discord needs them, a few still have unmerged PRs. |
|
Yeah, |
|
So this will break discord, zoom & co which is then reason for not making it until they're fixed/exempted. |
|
Probably will add exemptions to them. |
|
Ok, I went through this again
Only two are actionable (I'll open PR or issue) https://github.com/flathub/com.hunterwittenborn.Celeste and https://github.com/flathub/org.tribler.Tribler The rest all have a) open and working PRs |
As of Qt 6.2 the tray works as expected without extra permissions. This version should be in all supported KDE runtimes.
Using org.kde.* is not a correct permission and is a security risk.
Closes #66