]> Nutra Git (v2) - gamesguru/feather.git/commitdiff
projects / gamesguru / feather.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8212d40)
guix: fix release archive permissions
authortobtoht <tob@featherwallet.org>
Thu, 12 Oct 2023 19:50:36 +0000 (21:50 +0200)
committertobtoht <tob@featherwallet.org>
Thu, 12 Oct 2023 21:11:47 +0000 (23:11 +0200)
thanks to MoneroArbo for submitting their built attestation, which lead
to the discovery of this defect

contrib/flatpak/make_flatpak.sh patch | blob | history
contrib/guix/libexec/build.sh patch | blob | history

diff --git a/contrib/flatpak/make_flatpak.sh b/contrib/flatpak/make_flatpak.sh
index 7e12a3da75cfcccaa17bacee44fc913a6ab2d5ef..72e53e4f1de7f3d97780059d2a816f65c391c1ac 100644 (file)
--- a/contrib/flatpak/make_flatpak.sh
+++ b/contrib/flatpak/make_flatpak.sh
@@ -1,5 +1,7 @@
 #!/usr/bin/env bash
-set -ex
+export LC_ALL=C
+set -ex -o pipefail
+export TZ=UTC
 
 APP_ID="org.featherwallet.Feather"
 
@@ -17,7 +19,7 @@ mkdir build
 cd build
 
 mkdir export
-cp -a /feather/contrib/flatpak/share export
+cp -r /feather/contrib/flatpak/share export
 rm -rf export/share/app-info
 
 # Copy the metadata file
@@ -33,7 +35,7 @@ cp /feather/contrib/depends/x86_64-linux-gnu/bin/startup .
 cp /feather-bin feather
 
 # Copy metadata
-cp -a /feather/contrib/flatpak/share .
+cp -r /feather/contrib/flatpak/share .
 touch --no-dereference --date="@${SOURCE_DATE_EPOCH}" share/metainfo/${APP_ID}.metainfo.xml
 gzip -c share/metainfo/${APP_ID}.metainfo.xml > share/app-info/xmls/${APP_ID}.xml.gz
 
@@ -83,10 +85,10 @@ ln -s "/${GUIX_PROFILE}/share/xml" share/xml
 # Setup profile symlink
 ln -s "/${GUIX_PROFILE}" profile
 
-chmod -R 555 .
-
 cd /tmp-output
 
+chmod -R 755 .
+
 find . -print0 \
     | xargs -0r touch --no-dereference --date="@${SOURCE_DATE_EPOCH}"
 find . \
diff --git a/contrib/guix/libexec/build.sh b/contrib/guix/libexec/build.sh
index d535f7c7393c7dc1f354502e35448ebc0f8fe90b..fa53f31f95d880ee886b7b13dbcebbee1fa080b0 100755 (executable)
--- a/contrib/guix/libexec/build.sh
+++ b/contrib/guix/libexec/build.sh
@@ -234,7 +234,11 @@ GIT_ARCHIVE="${DIST_ARCHIVE_BASE}/${DISTNAME}.tar.gz"
 if [ ! -e "$GIT_ARCHIVE" ]; then
     mkdir -p "$(dirname "$GIT_ARCHIVE")"
     git rev-parse --short=12 HEAD > githash.txt
-    ( git ls-files --recurse-submodules ; echo "githash.txt" ) | cat | tar --transform "s,^,${DISTNAME}/," -caf ${GIT_ARCHIVE} -T-
+    ( git ls-files --recurse-submodules ; echo "githash.txt" ) \
+    | cat \
+    | sort \
+    | tar --create --transform "s,^,${DISTNAME}/," --mode='u+rw,go+r-w,a+X' --files-from=- \
+    | gzip -9n > ${GIT_ARCHIVE}
     sha256sum "$GIT_ARCHIVE"
 fi
 
Unnamed repository; edit this file 'description' to name the repository.