diff --git a/ChangeLog.rss b/ChangeLog.rss index 6eb7f4e8b..2ed2b8c81 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,43 @@ Tracking Slackware development in git. en-us urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f - Tue, 1 Feb 2022 04:37:04 GMT - Tue, 1 Feb 2022 07:59:42 GMT + Tue, 1 Feb 2022 08:27:47 GMT + Tue, 1 Feb 2022 16:59:39 GMT maintain_current_git.sh v 1.13 + + Tue, 1 Feb 2022 08:27:47 GMT + Tue, 1 Feb 2022 08:27:47 GMT + https://git.slackware.nl/current/tag/?h=20220201082747 + 20220201082747 + + +kde/kate-21.12.1-x86_64-2.txz: Rebuilt. + Fix missing validation of binaries executed via QProcess. + Thanks to Heinz Wiesinger. + For more information, see: + https://kde.org/info/security/advisory-20220131-1.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853 + (* Security fix *) + ]]> + + + + Tue, 1 Feb 2022 05:35:21 GMT + Tue, 1 Feb 2022 05:35:21 GMT + https://git.slackware.nl/current/tag/?h=20220201053521 + 20220201053521 + + +Hey, my shiny brass lamp is almost out of fuel! +a/rpm2tgz-1.2.2-x86_64-6.txz: Rebuilt. + Don't use --no-absolute-filenames, because inexplicably it also strips the + leading '/' from symlink targets, generally creating a broken symlink. + The problem we were attempting to fix is far less common than symlinks to + absolute filenames, so we'll revert this for further consideration. + Thanks to pghvlaans. + ]]> + + Tue, 1 Feb 2022 04:37:04 GMT Tue, 1 Feb 2022 04:37:04 GMT diff --git a/ChangeLog.txt b/ChangeLog.txt index 334fea061..7ef64dbdf 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,21 @@ +Tue Feb 1 08:27:47 UTC 2022 +kde/kate-21.12.1-x86_64-2.txz: Rebuilt. + Fix missing validation of binaries executed via QProcess. + Thanks to Heinz Wiesinger. + For more information, see: + https://kde.org/info/security/advisory-20220131-1.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853 + (* Security fix *) ++--------------------------+ +Tue Feb 1 05:35:21 UTC 2022 +Hey, my shiny brass lamp is almost out of fuel! +a/rpm2tgz-1.2.2-x86_64-6.txz: Rebuilt. + Don't use --no-absolute-filenames, because inexplicably it also strips the + leading '/' from symlink targets, generally creating a broken symlink. + The problem we were attempting to fix is far less common than symlinks to + absolute filenames, so we'll revert this for further consideration. + Thanks to pghvlaans. ++--------------------------+ Tue Feb 1 04:37:04 UTC 2022 The sepulchral voice intones, "The cave is now closed." kde/falkon-3.2.0-x86_64-1.txz: Upgraded. diff --git a/FILELIST.TXT b/FILELIST.TXT index 79fc5fc78..1ec83edf4 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Tue Feb 1 04:56:51 UTC 2022 +Tue Feb 1 08:30:47 UTC 2022 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2022-02-01 04:50 . +drwxr-xr-x 12 root root 4096 2022-02-01 08:27 . -rw-r--r-- 1 root root 10064 2016-06-30 18:39 ./ANNOUNCE.14_2 -rw-r--r-- 1 root root 15913 2022-01-18 20:05 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1096928 2022-02-01 04:50 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-02-01 04:50 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1097586 2022-02-01 05:38 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-02-01 05:38 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 1861141 2022-02-01 04:55 ./ChangeLog.txt +-rw-r--r-- 1 root root 1861968 2022-02-01 08:27 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-01-29 19:23 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,10 +25,10 @@ drwxr-xr-x 2 root root 4096 2022-01-29 19:23 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1427966 2022-02-01 04:49 ./FILELIST.TXT +-rw-r--r-- 1 root root 1428832 2022-02-01 05:38 ./FILELIST.TXT -rw-r--r-- 1 root root 0 2022-01-27 22:50 ./FILE_LIST -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY --rw-r--r-- 1 root root 864745 2022-02-01 04:48 ./PACKAGES.TXT +-rw-r--r-- 1 root root 864745 2022-02-01 08:30 ./PACKAGES.TXT -rw-r--r-- 1 root root 8564 2016-06-28 21:33 ./README.TXT -rw-r--r-- 1 root root 3635 2022-01-29 19:14 ./README.initrd -rw-r--r-- 1 root root 34162 2022-01-30 20:35 ./README_CRYPT.TXT @@ -744,13 +744,13 @@ drwxr-xr-x 2 root root 4096 2012-09-20 18:06 ./patches -rw-r--r-- 1 root root 575 2012-09-20 18:06 ./patches/FILE_LIST -rw-r--r-- 1 root root 14 2012-09-20 18:06 ./patches/MANIFEST.bz2 -rw-r--r-- 1 root root 224 2012-09-20 18:06 ./patches/PACKAGES.TXT -drwxr-xr-x 17 root root 4096 2022-02-01 04:48 ./slackware64 --rw-r--r-- 1 root root 337498 2022-02-01 04:48 ./slackware64/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-02-01 04:48 ./slackware64/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 418557 2022-02-01 04:47 ./slackware64/FILE_LIST --rw-r--r-- 1 root root 4207271 2022-02-01 04:47 ./slackware64/MANIFEST.bz2 +drwxr-xr-x 17 root root 4096 2022-02-01 08:30 ./slackware64 +-rw-r--r-- 1 root root 337498 2022-02-01 08:30 ./slackware64/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-02-01 08:30 ./slackware64/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 418557 2022-02-01 08:29 ./slackware64/FILE_LIST +-rw-r--r-- 1 root root 4194449 2022-02-01 08:29 ./slackware64/MANIFEST.bz2 lrwxrwxrwx 1 root root 15 2009-08-23 23:34 ./slackware64/PACKAGES.TXT -> ../PACKAGES.TXT -drwxr-xr-x 2 root root 32768 2022-01-30 20:50 ./slackware64/a +drwxr-xr-x 2 root root 32768 2022-02-01 05:37 ./slackware64/a -rw-r--r-- 1 root root 327 2022-01-16 05:08 ./slackware64/a/aaa_base-15.0-x86_64-3.txt -rw-r--r-- 1 root root 10616 2022-01-16 05:08 ./slackware64/a/aaa_base-15.0-x86_64-3.txz -rw-r--r-- 1 root root 163 2022-01-16 05:08 ./slackware64/a/aaa_base-15.0-x86_64-3.txz.asc @@ -1037,9 +1037,9 @@ drwxr-xr-x 2 root root 32768 2022-01-30 20:50 ./slackware64/a -rw-r--r-- 1 root root 421 2021-02-13 11:14 ./slackware64/a/reiserfsprogs-3.6.27-x86_64-4.txt -rw-r--r-- 1 root root 221668 2021-02-13 11:14 ./slackware64/a/reiserfsprogs-3.6.27-x86_64-4.txz -rw-r--r-- 1 root root 163 2021-02-13 11:14 ./slackware64/a/reiserfsprogs-3.6.27-x86_64-4.txz.asc --rw-r--r-- 1 root root 396 2022-01-29 05:55 ./slackware64/a/rpm2tgz-1.2.2-x86_64-5.txt --rw-r--r-- 1 root root 5788 2022-01-29 05:55 ./slackware64/a/rpm2tgz-1.2.2-x86_64-5.txz --rw-r--r-- 1 root root 163 2022-01-29 05:55 ./slackware64/a/rpm2tgz-1.2.2-x86_64-5.txz.asc +-rw-r--r-- 1 root root 396 2022-02-01 05:25 ./slackware64/a/rpm2tgz-1.2.2-x86_64-6.txt +-rw-r--r-- 1 root root 5768 2022-02-01 05:25 ./slackware64/a/rpm2tgz-1.2.2-x86_64-6.txz +-rw-r--r-- 1 root root 163 2022-02-01 05:25 ./slackware64/a/rpm2tgz-1.2.2-x86_64-6.txz.asc -rw-r--r-- 1 root root 465 2021-11-11 16:25 ./slackware64/a/sdparm-1.12-x86_64-2.txt -rw-r--r-- 1 root root 97412 2021-11-11 16:25 ./slackware64/a/sdparm-1.12-x86_64-2.txz -rw-r--r-- 1 root root 163 2021-11-11 16:25 ./slackware64/a/sdparm-1.12-x86_64-2.txz.asc @@ -1635,7 +1635,7 @@ drwxr-xr-x 2 root root 4096 2022-01-29 19:26 ./slackware64/k -rw-r--r-- 1 root root 1171 2022-01-29 19:14 ./slackware64/k/maketag -rw-r--r-- 1 root root 1171 2022-01-29 19:14 ./slackware64/k/maketag.ez -rw-r--r-- 1 root root 18 2022-01-29 19:14 ./slackware64/k/tagfile -drwxr-xr-x 2 root root 86016 2022-02-01 04:47 ./slackware64/kde +drwxr-xr-x 2 root root 86016 2022-02-01 08:29 ./slackware64/kde -rw-r--r-- 1 root root 382 2022-01-06 21:36 ./slackware64/kde/akonadi-21.12.1-x86_64-1.txt -rw-r--r-- 1 root root 2541268 2022-01-06 21:36 ./slackware64/kde/akonadi-21.12.1-x86_64-1.txz -rw-r--r-- 1 root root 163 2022-01-06 21:36 ./slackware64/kde/akonadi-21.12.1-x86_64-1.txz.asc @@ -1839,9 +1839,9 @@ drwxr-xr-x 2 root root 86016 2022-02-01 04:47 ./slackware64/kde -rw-r--r-- 1 root root 385 2022-01-08 22:27 ./slackware64/kde/karchive-5.90.0-x86_64-1.txt -rw-r--r-- 1 root root 106528 2022-01-08 22:27 ./slackware64/kde/karchive-5.90.0-x86_64-1.txz -rw-r--r-- 1 root root 163 2022-01-08 22:27 ./slackware64/kde/karchive-5.90.0-x86_64-1.txz.asc --rw-r--r-- 1 root root 469 2022-01-06 22:00 ./slackware64/kde/kate-21.12.1-x86_64-1.txt --rw-r--r-- 1 root root 8636344 2022-01-06 22:00 ./slackware64/kde/kate-21.12.1-x86_64-1.txz --rw-r--r-- 1 root root 163 2022-01-06 22:00 ./slackware64/kde/kate-21.12.1-x86_64-1.txz.asc +-rw-r--r-- 1 root root 469 2022-02-01 08:18 ./slackware64/kde/kate-21.12.1-x86_64-2.txt +-rw-r--r-- 1 root root 8637800 2022-02-01 08:18 ./slackware64/kde/kate-21.12.1-x86_64-2.txz +-rw-r--r-- 1 root root 163 2022-02-01 08:18 ./slackware64/kde/kate-21.12.1-x86_64-2.txz.asc -rw-r--r-- 1 root root 357 2022-01-06 22:35 ./slackware64/kde/katomic-21.12.1-x86_64-1.txt -rw-r--r-- 1 root root 1462264 2022-01-06 22:35 ./slackware64/kde/katomic-21.12.1-x86_64-1.txz -rw-r--r-- 1 root root 163 2022-01-06 22:35 ./slackware64/kde/katomic-21.12.1-x86_64-1.txz.asc @@ -5610,11 +5610,11 @@ drwxr-xr-x 2 root root 4096 2021-02-15 19:33 ./slackware64/y -rw-r--r-- 1 root root 1486956 2021-02-13 13:56 ./slackware64/y/nethack-3.6.6-x86_64-3.txz -rw-r--r-- 1 root root 163 2021-02-13 13:56 ./slackware64/y/nethack-3.6.6-x86_64-3.txz.asc -rw-r--r-- 1 root root 26 2020-12-30 21:55 ./slackware64/y/tagfile -drwxr-xr-x 18 root root 4096 2022-02-01 04:49 ./source --rw-r--r-- 1 root root 585058 2022-02-01 04:49 ./source/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-02-01 04:49 ./source/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 814191 2022-02-01 04:49 ./source/FILE_LIST --rw-r--r-- 1 root root 23339060 2022-02-01 04:49 ./source/MANIFEST.bz2 +drwxr-xr-x 18 root root 4096 2022-02-01 08:30 ./source +-rw-r--r-- 1 root root 585568 2022-02-01 08:30 ./source/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-02-01 08:30 ./source/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 814778 2022-02-01 08:30 ./source/FILE_LIST +-rw-r--r-- 1 root root 23356978 2022-02-01 08:30 ./source/MANIFEST.bz2 -rw-r--r-- 1 root root 1314 2006-10-02 04:40 ./source/README.TXT drwxr-xr-x 122 root root 4096 2022-01-29 05:54 ./source/a -rw-r--r-- 1 root root 1847 2022-01-21 19:54 ./source/a/FTBFSlog @@ -6453,7 +6453,7 @@ drwxr-xr-x 2 root root 4096 2022-01-29 05:46 ./source/a/rpm2tgz/patches -rw-r--r-- 1 root root 743 2022-01-29 05:53 ./source/a/rpm2tgz/patches/0011-ignore-rpm2cpio-error-code.patch.gz -rw-r--r-- 1 root root 7339 2022-01-29 05:31 ./source/a/rpm2tgz/rpm2targz -rw-r--r-- 1 root root 986 2006-12-23 06:51 ./source/a/rpm2tgz/rpm2targz.README --rwxr-xr-x 1 root root 4624 2022-01-29 05:52 ./source/a/rpm2tgz/rpm2tgz.SlackBuild +-rwxr-xr-x 1 root root 4751 2022-02-01 05:24 ./source/a/rpm2tgz/rpm2tgz.SlackBuild -rw-r--r-- 1 root root 854 2010-02-23 21:02 ./source/a/rpm2tgz/rpmoffset.c -rw-r--r-- 1 root root 851 2018-02-27 06:13 ./source/a/rpm2tgz/slack-desc drwxr-xr-x 2 root root 4096 2021-04-22 18:04 ./source/a/sdparm @@ -7903,7 +7903,7 @@ drwxr-xr-x 2 root root 16384 2021-12-22 20:02 ./source/kde/kde/build -rw-r--r-- 1 root root 2 2021-11-04 17:58 ./source/kde/kde/build/kapman -rw-r--r-- 1 root root 2 2021-11-04 17:58 ./source/kde/kde/build/kapptemplate -rw-r--r-- 1 root root 2 2021-10-10 18:07 ./source/kde/kde/build/karchive --rw-r--r-- 1 root root 2 2021-11-04 17:58 ./source/kde/kde/build/kate +-rw-r--r-- 1 root root 2 2022-02-01 08:17 ./source/kde/kde/build/kate -rw-r--r-- 1 root root 2 2021-11-04 17:58 ./source/kde/kde/build/katomic -rw-r--r-- 1 root root 2 2021-09-30 17:57 ./source/kde/kde/build/kaudiocreator -rw-r--r-- 1 root root 2 2021-11-13 17:18 ./source/kde/kde/build/kauth @@ -8375,8 +8375,13 @@ drwxr-xr-x 2 root root 4096 2018-08-10 22:34 ./source/kde/kde/patch/dolph drwxr-xr-x 2 root root 4096 2015-01-14 13:43 ./source/kde/kde/patch/kalgebra -rw-r--r-- 1 root root 310 2020-07-19 02:11 ./source/kde/kde/patch/kalgebra.patch -rw-r--r-- 1 root root 440 2021-08-13 03:13 ./source/kde/kde/patch/kalgebra/kalgebra_ncurses_linking.diff -drwxr-xr-x 2 root root 4096 2021-04-22 18:31 ./source/kde/kde/patch/kate --rw-r--r-- 1 root root 274 2020-07-19 02:11 ./source/kde/kde/patch/kate.patch +drwxr-xr-x 2 root root 4096 2022-02-01 08:15 ./source/kde/kde/patch/kate +-rw-r--r-- 1 root root 1149 2022-02-01 08:16 ./source/kde/kde/patch/kate.patch +-rw-r--r-- 1 root root 3710 2022-02-01 08:12 ./source/kde/kde/patch/kate/361dd43e42994829dbdb35e78fb7698d27cbb0e2.patch +-rw-r--r-- 1 root root 3609 2022-02-01 08:13 ./source/kde/kde/patch/kate/6fc3bf6e5bd540e842e32c4a959c2158c8573be5.patch +-rw-r--r-- 1 root root 38317 2022-02-01 08:14 ./source/kde/kde/patch/kate/7e08a58fb50d28ba96aedd5f5cd79a9479b4a0ad.patch +-rw-r--r-- 1 root root 2329 2022-02-01 08:13 ./source/kde/kde/patch/kate/92a9c65e30b4b63b8b116eb5c8dcb1e1a2d867bc.patch +-rw-r--r-- 1 root root 7909 2022-02-01 08:14 ./source/kde/kde/patch/kate/c5d66f3b70ae4778d6162564309aee95f643e7c9.patch -rw-r--r-- 1 root root 2730 2021-08-13 02:32 ./source/kde/kde/patch/kate/kate_runasroot.patch drwxr-xr-x 2 root root 4096 2020-04-22 08:39 ./source/kde/kde/patch/kdeconnect-kde -rw-r--r-- 1 root root 198 2020-07-19 02:14 ./source/kde/kde/patch/kdeconnect-kde.patch @@ -11933,17 +11938,17 @@ drwxr-xr-x 2 root root 4096 2021-09-25 00:06 ./source/n/cifs-utils -rw-r--r-- 1 root root 48 2018-11-15 17:49 ./source/n/cifs-utils/cifs-utils.url -rw-r--r-- 1 root root 1061 2018-02-27 06:13 ./source/n/cifs-utils/slack-desc drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/conntrack-tools --rw-r--r-- 1 root root 419642 2020-04-01 17:27 ./source/n/conntrack-tools/conntrack-tools-1.4.6.tar.lz --rwxr-xr-x 1 root root 3634 2021-02-13 05:32 ./source/n/conntrack-tools/conntrack-tools.SlackBuild --rw-r--r-- 1 root root 44 2020-04-02 18:37 ./source/n/conntrack-tools/conntrack-tools.url --rw-r--r-- 1 root root 1092 2018-05-28 18:00 ./source/n/conntrack-tools/slack-desc -drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/crda --rw-r--r-- 1 root root 61500 2019-11-01 18:08 ./source/n/crda/crda-4.14.tar.xz --rwxr-xr-x 1 root root 4281 2021-02-13 05:32 ./source/n/crda/crda.SlackBuild --rw-r--r-- 1 root root 113 2019-11-01 19:04 ./source/n/crda/crda.url --rw-r--r-- 1 root root 425 2015-03-21 20:15 ./source/n/crda/get_regdb.sh --rw-r--r-- 1 root root 861 2018-02-27 06:13 ./source/n/crda/slack-desc --rw-r--r-- 1 root root 488 2019-06-03 21:45 ./source/n/crda/wireless-regdb-2019.06.03.tar.sign +-rw-r--r-- 1 root root 419642 2020-04-01 17:27 ./source/n/conntrack-tools/conntrack-tools-1.4.6.tar.lz +-rwxr-xr-x 1 root root 3634 2021-02-13 05:32 ./source/n/conntrack-tools/conntrack-tools.SlackBuild +-rw-r--r-- 1 root root 44 2020-04-02 18:37 ./source/n/conntrack-tools/conntrack-tools.url +-rw-r--r-- 1 root root 1092 2018-05-28 18:00 ./source/n/conntrack-tools/slack-desc +drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/n/crda +-rw-r--r-- 1 root root 61500 2019-11-01 18:08 ./source/n/crda/crda-4.14.tar.xz +-rwxr-xr-x 1 root root 4281 2021-02-13 05:32 ./source/n/crda/crda.SlackBuild +-rw-r--r-- 1 root root 113 2019-11-01 19:04 ./source/n/crda/crda.url +-rw-r--r-- 1 root root 425 2015-03-21 20:15 ./source/n/crda/get_regdb.sh +-rw-r--r-- 1 root root 861 2018-02-27 06:13 ./source/n/crda/slack-desc +-rw-r--r-- 1 root root 488 2019-06-03 21:45 ./source/n/crda/wireless-regdb-2019.06.03.tar.sign -rw-r--r-- 1 root root 23176 2019-06-03 21:45 ./source/n/crda/wireless-regdb-2019.06.03.tar.xz -rw-r--r-- 1 root root 55 2018-02-05 06:31 ./source/n/crda/wireless-regdb.url drwxr-xr-x 2 root root 4096 2022-01-05 19:57 ./source/n/curl diff --git a/source/a/rpm2tgz/rpm2tgz.SlackBuild b/source/a/rpm2tgz/rpm2tgz.SlackBuild index 00ebb5bcb..7aae64cbd 100755 --- a/source/a/rpm2tgz/rpm2tgz.SlackBuild +++ b/source/a/rpm2tgz/rpm2tgz.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=rpm2tgz VERSION=1.2.2 -BUILD=${BUILD:-5} +BUILD=${BUILD:-6} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -78,10 +78,12 @@ cat $CWD/rpm2targz > $PKG/usr/bin/rpm2targz zcat $CWD/patches/0007-Add-support-for-.txz-packages-and-rpm2txz-symlink.patch.gz | patch -p1 || exit 1 zcat $CWD/patches/0008-Avoid-none-values-in-slack-desc.patch.gz | patch -p1 || exit 1 zcat $CWD/patches/0009-Add-c-option-just-as-makepkg-c-y.patch.gz | patch -p1 || exit 1 - # Make sure that if someone created an RPM with absolute filenames that we - # don't allow it to write all over the / directory when we're just trying - # to extract it to make the .tgz: - zcat $CWD/patches/0010-no-absolute-filenames-extracting-cpio.patch.gz | patch -p1 || exit 1 + ## NO - cpio is stupid and strips the leading '/' from symlinks to absolute + ## paths with --no-absolute-filenames. :-/ + ## Make sure that if someone created an RPM with absolute filenames that we + ## don't allow it to write all over the / directory when we're just trying + ## to extract it to make the .tgz: + #zcat $CWD/patches/0010-no-absolute-filenames-extracting-cpio.patch.gz | patch -p1 || exit 1 # Allow ignoring rpm2cpio error code. Some RPMs can be extracted, but # throw an error anyway. zcat $CWD/patches/0011-ignore-rpm2cpio-error-code.patch.gz | patch -p1 || exit 1 diff --git a/source/kde/kde/build/kate b/source/kde/kde/build/kate index d00491fd7..0cfbf0888 100644 --- a/source/kde/kde/build/kate +++ b/source/kde/kde/build/kate @@ -1 +1 @@ -1 +2 diff --git a/source/kde/kde/patch/kate.patch b/source/kde/kde/patch/kate.patch index 59df062a0..df3032eda 100644 --- a/source/kde/kde/patch/kate.patch +++ b/source/kde/kde/patch/kate.patch @@ -1,3 +1,10 @@ # Allow Kate to be started by the root user; disallowing this is not # a decision that a developer should make for the user, it is patronizing: cat $CWD/patch/kate/kate_runasroot.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } + +# Fix KTextEditor/Kate: Missing validation of binaries executed via QProcess (CVE-2022-23853) +cat $CWD/patch/kate/361dd43e42994829dbdb35e78fb7698d27cbb0e2.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +cat $CWD/patch/kate/6fc3bf6e5bd540e842e32c4a959c2158c8573be5.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +cat $CWD/patch/kate/92a9c65e30b4b63b8b116eb5c8dcb1e1a2d867bc.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +cat $CWD/patch/kate/c5d66f3b70ae4778d6162564309aee95f643e7c9.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +cat $CWD/patch/kate/7e08a58fb50d28ba96aedd5f5cd79a9479b4a0ad.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/kde/kde/patch/kate/361dd43e42994829dbdb35e78fb7698d27cbb0e2.patch b/source/kde/kde/patch/kate/361dd43e42994829dbdb35e78fb7698d27cbb0e2.patch new file mode 100644 index 000000000..4f7237aaa --- /dev/null +++ b/source/kde/kde/patch/kate/361dd43e42994829dbdb35e78fb7698d27cbb0e2.patch @@ -0,0 +1,87 @@ +From 361dd43e42994829dbdb35e78fb7698d27cbb0e2 Mon Sep 17 00:00:00 2001 +From: Mark Nauwelaerts +Date: Mon, 13 Dec 2021 20:52:57 +0100 +Subject: [PATCH] lspclient: consider some additional server capabilities + +--- + addons/lspclient/lspclientprotocol.h | 14 +++++++++++++- + addons/lspclient/lspclientserver.cpp | 9 ++++++++- + addons/lspclient/lspclientservermanager.cpp | 2 +- + 3 files changed, 22 insertions(+), 3 deletions(-) + +diff --git a/addons/lspclient/lspclientprotocol.h b/addons/lspclient/lspclientprotocol.h +index 0fb7f4485..9de0ec511 100644 +--- a/addons/lspclient/lspclientprotocol.h ++++ b/addons/lspclient/lspclientprotocol.h +@@ -21,6 +21,8 @@ + #include + #include + ++#include ++ + // Following types roughly follow the types/interfaces as defined in LSP protocol spec + // although some deviation may arise where it has been deemed useful + // Moreover, to avoid introducing a custom 'optional' type, absence of an optional +@@ -51,6 +53,16 @@ struct LSPResponseError { + + enum class LSPDocumentSyncKind { None = 0, Full = 1, Incremental = 2 }; + ++struct LSPSaveOptions { ++ bool includeText = false; ++}; ++ ++// only used parts for now ++struct LSPTextDocumentSyncOptions { ++ LSPDocumentSyncKind change = LSPDocumentSyncKind::None; ++ std::optional save; ++}; ++ + struct LSPCompletionOptions { + bool provider = false; + bool resolveProvider = false; +@@ -81,7 +93,7 @@ struct LSPWorkspaceFoldersServerCapabilities { + }; + + struct LSPServerCapabilities { +- LSPDocumentSyncKind textDocumentSync = LSPDocumentSyncKind::None; ++ LSPTextDocumentSyncOptions textDocumentSync; + bool hoverProvider = false; + LSPCompletionOptions completionProvider; + LSPSignatureHelpOptions signatureHelpProvider; +diff --git a/addons/lspclient/lspclientserver.cpp b/addons/lspclient/lspclientserver.cpp +index 8739d46c9..a7094fde2 100644 +--- a/addons/lspclient/lspclientserver.cpp ++++ b/addons/lspclient/lspclientserver.cpp +@@ -344,8 +344,15 @@ static void from_json(LSPServerCapabilities &caps, const QJsonObject &json) + }; + + auto sync = json.value(QStringLiteral("textDocumentSync")); +- caps.textDocumentSync = static_cast( ++ caps.textDocumentSync.change = static_cast( + (sync.isObject() ? sync.toObject().value(QStringLiteral("change")) : sync).toInt(static_cast(LSPDocumentSyncKind::None))); ++ if (sync.isObject()) { ++ auto syncObject = sync.toObject(); ++ auto save = syncObject.value(QStringLiteral("save")); ++ if (save.isObject() || save.toBool()) { ++ caps.textDocumentSync.save = {save.toObject().value(QStringLiteral("includeText")).toBool()}; ++ } ++ } + caps.hoverProvider = toBoolOrObject(json.value(QStringLiteral("hoverProvider"))); + from_json(caps.completionProvider, json.value(QStringLiteral("completionProvider"))); + from_json(caps.signatureHelpProvider, json.value(QStringLiteral("signatureHelpProvider"))); +diff --git a/addons/lspclient/lspclientservermanager.cpp b/addons/lspclient/lspclientservermanager.cpp +index 1fbcf928f..1e03801ea 100644 +--- a/addons/lspclient/lspclientservermanager.cpp ++++ b/addons/lspclient/lspclientservermanager.cpp +@@ -931,7 +931,7 @@ private: + auto it = m_docs.find(doc); + if (it != m_docs.end() && it->server) { + const auto &caps = it->server->capabilities(); +- if (caps.textDocumentSync == LSPDocumentSyncKind::Incremental) { ++ if (caps.textDocumentSync.change == LSPDocumentSyncKind::Incremental) { + return &(*it); + } + } +-- +GitLab + diff --git a/source/kde/kde/patch/kate/6fc3bf6e5bd540e842e32c4a959c2158c8573be5.patch b/source/kde/kde/patch/kate/6fc3bf6e5bd540e842e32c4a959c2158c8573be5.patch new file mode 100644 index 000000000..cdbde70ff --- /dev/null +++ b/source/kde/kde/patch/kate/6fc3bf6e5bd540e842e32c4a959c2158c8573be5.patch @@ -0,0 +1,71 @@ +From 6fc3bf6e5bd540e842e32c4a959c2158c8573be5 Mon Sep 17 00:00:00 2001 +From: Mark Nauwelaerts +Date: Mon, 13 Dec 2021 21:36:50 +0100 +Subject: [PATCH] lspclient: send didSave notification if so requested + +--- + addons/lspclient/lspclientserver.cpp | 7 +++++-- + addons/lspclient/lspclientservermanager.cpp | 15 +++++++++++++++ + 2 files changed, 20 insertions(+), 2 deletions(-) + +diff --git a/addons/lspclient/lspclientserver.cpp b/addons/lspclient/lspclientserver.cpp +index a7094fde2..9fb5844cd 100644 +--- a/addons/lspclient/lspclientserver.cpp ++++ b/addons/lspclient/lspclientserver.cpp +@@ -1255,7 +1255,8 @@ private: + {QStringLiteral("documentSymbol"), QJsonObject{{QStringLiteral("hierarchicalDocumentSymbolSupport"), true}} }, + {QStringLiteral("publishDiagnostics"), QJsonObject{{QStringLiteral("relatedInformation"), true}}}, + {QStringLiteral("codeAction"), codeAction}, +- {QStringLiteral("semanticTokens"), semanticTokens} ++ {QStringLiteral("semanticTokens"), semanticTokens}, ++ {QStringLiteral("synchronization"), QJsonObject{{QStringLiteral("didSave"), true}}}, + }, + }, + {QStringLiteral("window"), +@@ -1475,7 +1476,9 @@ public: + void didSave(const QUrl &document, const QString &text) + { + auto params = textDocumentParams(document); +- params[QStringLiteral("text")] = text; ++ if (!text.isNull()) { ++ params[QStringLiteral("text")] = text; ++ } + send(init_request(QStringLiteral("textDocument/didSave"), params)); + } + +diff --git a/addons/lspclient/lspclientservermanager.cpp b/addons/lspclient/lspclientservermanager.cpp +index 1e03801ea..551926e23 100644 +--- a/addons/lspclient/lspclientservermanager.cpp ++++ b/addons/lspclient/lspclientservermanager.cpp +@@ -833,6 +833,7 @@ private: + connect(doc, &KTextEditor::Document::aboutToClose, this, &self_type::untrack, Qt::UniqueConnection); + connect(doc, &KTextEditor::Document::destroyed, this, &self_type::untrack, Qt::UniqueConnection); + connect(doc, &KTextEditor::Document::textChanged, this, &self_type::onTextChanged, Qt::UniqueConnection); ++ connect(doc, &KTextEditor::Document::documentSavedOrUploaded, this, &self_type::onDocumentSaved, Qt::UniqueConnection); + // in case of incremental change + connect(doc, &KTextEditor::Document::textInserted, this, &self_type::onTextInserted, Qt::UniqueConnection); + connect(doc, &KTextEditor::Document::textRemoved, this, &self_type::onTextRemoved, Qt::UniqueConnection); +@@ -976,6 +977,20 @@ private: + } + } + ++ void onDocumentSaved(KTextEditor::Document *doc, bool saveAs) ++ { ++ if (!saveAs) { ++ auto it = m_docs.find(doc); ++ if (it != m_docs.end() && it->server) { ++ auto server = it->server; ++ const auto &saveOptions = server->capabilities().textDocumentSync.save; ++ if (saveOptions) { ++ server->didSave(doc->url(), saveOptions->includeText ? doc->text() : QString()); ++ } ++ } ++ } ++ } ++ + void onMessage(bool isLog, const LSPLogMessageParams ¶ms) + { + // determine server description +-- +GitLab + diff --git a/source/kde/kde/patch/kate/7e08a58fb50d28ba96aedd5f5cd79a9479b4a0ad.patch b/source/kde/kde/patch/kate/7e08a58fb50d28ba96aedd5f5cd79a9479b4a0ad.patch new file mode 100644 index 000000000..456f33618 --- /dev/null +++ b/source/kde/kde/patch/kate/7e08a58fb50d28ba96aedd5f5cd79a9479b4a0ad.patch @@ -0,0 +1,918 @@ +From 7e08a58fb50d28ba96aedd5f5cd79a9479b4a0ad Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann +Date: Mon, 24 Jan 2022 19:07:37 +0000 +Subject: [PATCH] improve QProcess handling + +ensure we take executables from PATH for execution instead possibly from current working directory +or the working directory set for the QProcess +--- + addons/compiler-explorer/compiledbreader.cpp | 4 +- + addons/externaltools/katetoolrunner.cpp | 9 +++- + addons/gdbplugin/debugview.cpp | 17 +++++++- + addons/git-blame/commitfilesview.cpp | 17 +++++--- + addons/git-blame/kategitblameplugin.cpp | 8 +++- + addons/kate-ctags/gotosymbolmodel.cpp | 15 +++++-- + addons/project/comparebranchesview.cpp | 4 +- + addons/project/filehistorywidget.cpp | 14 +++++-- + addons/project/git/gitutils.cpp | 41 +++++++++++++++---- + addons/project/gitwidget.cpp | 19 +++++++-- + addons/project/kateprojectindex.cpp | 9 +++- + .../kateprojectinfoviewcodeanalysis.cpp | 9 +++- + addons/project/kateprojectworker.cpp | 32 +++++++++++---- + addons/project/stashdialog.cpp | 20 ++++----- + addons/project/stashdialog.h | 2 +- + addons/replicode/replicodeview.cpp | 9 ++++ + addons/xmlcheck/plugin_katexmlcheck.cpp | 8 ++++ + kate/katefileactions.cpp | 17 ++++---- + kate/katefileactions.h | 4 +- + kate/katemwmodonhddialog.cpp | 6 ++- + kate/katemwmodonhddialog.h | 1 + + kate/kateviewspace.cpp | 7 +++- + shared/gitprocess.h | 16 +++++++- + 23 files changed, 217 insertions(+), 71 deletions(-) + +diff --git a/addons/compiler-explorer/compiledbreader.cpp b/addons/compiler-explorer/compiledbreader.cpp +index 74e83638e..ab9ebc483 100644 +--- a/addons/compiler-explorer/compiledbreader.cpp ++++ b/addons/compiler-explorer/compiledbreader.cpp +@@ -21,7 +21,9 @@ std::optional getDotGitPath(const QString &repo) + { + /* This call is intentionally blocking because we need git path for everything else */ + QProcess git; +- setupGitProcess(git, repo, {QStringLiteral("rev-parse"), QStringLiteral("--absolute-git-dir")}); ++ if (!setupGitProcess(git, repo, {QStringLiteral("rev-parse"), QStringLiteral("--absolute-git-dir")})) { ++ return std::nullopt; ++ } + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + if (git.exitStatus() != QProcess::NormalExit || git.exitCode() != 0) { +diff --git a/addons/externaltools/katetoolrunner.cpp b/addons/externaltools/katetoolrunner.cpp +index 10a5d7226..e14940ad7 100644 +--- a/addons/externaltools/katetoolrunner.cpp ++++ b/addons/externaltools/katetoolrunner.cpp +@@ -14,6 +14,7 @@ + #include + #include + #include ++#include + + KateToolRunner::KateToolRunner(std::unique_ptr tool, KTextEditor::View *view, QObject *parent) + : QObject(parent) +@@ -40,6 +41,12 @@ KateExternalTool *KateToolRunner::tool() const + + void KateToolRunner::run() + { ++ // always only execute the tool from PATH ++ const auto fullExecutable = QStandardPaths::findExecutable(m_tool->executable); ++ if (fullExecutable.isEmpty()) { ++ return; ++ } ++ + if (!m_tool->workingDir.isEmpty()) { + m_process->setWorkingDirectory(m_tool->workingDir); + } else if (m_view) { +@@ -72,7 +79,7 @@ void KateToolRunner::run() + }); + + const QStringList args = KShell::splitArgs(m_tool->arguments); +- m_process->start(m_tool->executable, args); ++ m_process->start(fullExecutable, args); + } + + void KateToolRunner::waitForFinished() +diff --git a/addons/gdbplugin/debugview.cpp b/addons/gdbplugin/debugview.cpp +index 9505daa25..d8c868d7a 100644 +--- a/addons/gdbplugin/debugview.cpp ++++ b/addons/gdbplugin/debugview.cpp +@@ -12,7 +12,9 @@ + #include "debugview.h" + + #include ++#include + #include ++#include + #include + + #include +@@ -48,7 +50,20 @@ void DebugView::runDebugger(const GDBTargetConf &conf, const QStringList &ioFifo + if (conf.executable.isEmpty()) { + return; + } ++ + m_targetConf = conf; ++ ++ // no chance if no debugger configured ++ if (m_targetConf.gdbCmd.isEmpty()) { ++ return; ++ } ++ ++ // only run debugger from PATH or the absolute executable path we specified ++ const auto fullExecutable = QFileInfo(m_targetConf.gdbCmd).isAbsolute() ? m_targetConf.gdbCmd : QStandardPaths::findExecutable(m_targetConf.gdbCmd); ++ if (fullExecutable.isEmpty()) { ++ return; ++ } ++ + if (ioFifos.size() == 3) { + m_ioPipeString = QStringLiteral("< %1 1> %2 2> %3").arg(ioFifos[0], ioFifos[1], ioFifos[2]); + } +@@ -69,7 +84,7 @@ void DebugView::runDebugger(const GDBTargetConf &conf, const QStringList &ioFifo + + connect(&m_debugProcess, static_cast(&QProcess::finished), this, &DebugView::slotDebugFinished); + +- m_debugProcess.start(m_targetConf.gdbCmd, QStringList()); ++ m_debugProcess.start(fullExecutable, QStringList()); + + m_nextCommands << QStringLiteral("set pagination off"); + m_state = ready; +diff --git a/addons/git-blame/commitfilesview.cpp b/addons/git-blame/commitfilesview.cpp +index 26e484a4a..667b423b2 100644 +--- a/addons/git-blame/commitfilesview.cpp ++++ b/addons/git-blame/commitfilesview.cpp +@@ -263,7 +263,9 @@ static void createFileTree(QStandardItem *parent, const QString &basePath, const + static std::optional getGitCmdOutput(const QString &workDir, const QStringList &args) + { + QProcess git; +- setupGitProcess(git, workDir, args); ++ if (!setupGitProcess(git, workDir, args)) { ++ return {}; ++ } + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + if (git.exitStatus() != QProcess::NormalExit || git.exitCode() != 0) { +@@ -365,9 +367,12 @@ void CommitDiffTreeView::openCommit(const QString &hash, const QString &filePath + m_commitHash = hash; + + QProcess *git = new QProcess(this); +- setupGitProcess(*git, +- QFileInfo(filePath).absolutePath(), +- {QStringLiteral("show"), hash, QStringLiteral("--numstat"), QStringLiteral("--pretty=oneline"), QStringLiteral("-z")}); ++ if (!setupGitProcess(*git, ++ QFileInfo(filePath).absolutePath(), ++ {QStringLiteral("show"), hash, QStringLiteral("--numstat"), QStringLiteral("--pretty=oneline"), QStringLiteral("-z")})) { ++ delete git; ++ return; ++ } + connect(git, &QProcess::finished, this, [this, git, filePath](int e, QProcess::ExitStatus s) { + git->deleteLater(); + if (e != 0 || s != QProcess::NormalExit) { +@@ -440,7 +445,9 @@ void CommitDiffTreeView::showDiff(const QModelIndex &idx) + { + const QString file = idx.data(FileItem::Path).toString(); + QProcess git; +- setupGitProcess(git, m_gitDir, {QStringLiteral("show"), m_commitHash, QStringLiteral("--"), file}); ++ if (!setupGitProcess(git, m_gitDir, {QStringLiteral("show"), m_commitHash, QStringLiteral("--"), file})) { ++ return; ++ } + git.start(QProcess::ReadOnly); + + if (git.waitForStarted() && git.waitForFinished(-1)) { +diff --git a/addons/git-blame/kategitblameplugin.cpp b/addons/git-blame/kategitblameplugin.cpp +index d0354cc75..ae0f8c106 100644 +--- a/addons/git-blame/kategitblameplugin.cpp ++++ b/addons/git-blame/kategitblameplugin.cpp +@@ -255,7 +255,9 @@ void KateGitBlamePluginView::startBlameProcess(const QUrl &url) + QDir dir{url.toLocalFile()}; + dir.cdUp(); + +- setupGitProcess(m_blameInfoProc, dir.absolutePath(), {QStringLiteral("blame"), QStringLiteral("-p"), QStringLiteral("./%1").arg(fileName)}); ++ if (!setupGitProcess(m_blameInfoProc, dir.absolutePath(), {QStringLiteral("blame"), QStringLiteral("-p"), QStringLiteral("./%1").arg(fileName)})) { ++ return; ++ } + m_blameInfoProc.start(QIODevice::ReadOnly); + m_blameUrl = url; + } +@@ -270,7 +272,9 @@ void KateGitBlamePluginView::startShowProcess(const QUrl &url, const QString &ha + QDir dir{url.toLocalFile()}; + dir.cdUp(); + +- setupGitProcess(m_showProc, dir.absolutePath(), {QStringLiteral("show"), hash, QStringLiteral("--numstat")}); ++ if (!setupGitProcess(m_showProc, dir.absolutePath(), {QStringLiteral("show"), hash, QStringLiteral("--numstat")})) { ++ return; ++ } + m_showProc.start(QIODevice::ReadOnly); + } + +diff --git a/addons/kate-ctags/gotosymbolmodel.cpp b/addons/kate-ctags/gotosymbolmodel.cpp +index 6c547e379..0c116090f 100644 +--- a/addons/kate-ctags/gotosymbolmodel.cpp ++++ b/addons/kate-ctags/gotosymbolmodel.cpp +@@ -8,6 +8,7 @@ + #include + #include + #include ++#include + + GotoSymbolModel::GotoSymbolModel(QObject *parent) + : QAbstractTableModel(parent) +@@ -58,16 +59,24 @@ void GotoSymbolModel::refresh(const QString &filePath) + m_rows.clear(); + endResetModel(); + ++ // only use ctags from PATH ++ static const auto fullExecutablePath = QStandardPaths::findExecutable(QStringLiteral("ctags")); ++ if (fullExecutablePath.isEmpty()) { ++ beginResetModel(); ++ m_rows.append(SymbolItem{i18n("CTags executable not found."), -1, QIcon()}); ++ endResetModel(); ++ return; ++ } ++ + QProcess p; +- p.start(QStringLiteral("ctags"), {QStringLiteral("-x"), QStringLiteral("--_xformat=%{name}%{signature}\t%{kind}\t%{line}"), filePath}); ++ p.start(fullExecutablePath, {QStringLiteral("-x"), QStringLiteral("--_xformat=%{name}%{signature}\t%{kind}\t%{line}"), filePath}); + + QByteArray out; + if (p.waitForFinished()) { + out = p.readAllStandardOutput(); + } else { +- qWarning() << "Ctags failed"; + beginResetModel(); +- m_rows.append(SymbolItem{i18n("CTags executable not found."), -1, QIcon()}); ++ m_rows.append(SymbolItem{i18n("CTags executable failed to execute."), -1, QIcon()}); + endResetModel(); + return; + } +diff --git a/addons/project/comparebranchesview.cpp b/addons/project/comparebranchesview.cpp +index 48d1d2633..7cf585f66 100644 +--- a/addons/project/comparebranchesview.cpp ++++ b/addons/project/comparebranchesview.cpp +@@ -158,7 +158,9 @@ void CompareBranchesView::showDiff(const QModelIndex &idx) + { + auto file = idx.data(Qt::UserRole).toString().remove(m_gitDir + QLatin1Char('/')); + QProcess git; +- setupGitProcess(git, m_gitDir, {QStringLiteral("diff"), QStringLiteral("%1...%2").arg(m_fromBr).arg(m_toBr), QStringLiteral("--"), file}); ++ if (!setupGitProcess(git, m_gitDir, {QStringLiteral("diff"), QStringLiteral("%1...%2").arg(m_fromBr).arg(m_toBr), QStringLiteral("--"), file})) { ++ return; ++ } + git.start(QProcess::ReadOnly); + + if (git.waitForStarted() && git.waitForFinished(-1)) { +diff --git a/addons/project/filehistorywidget.cpp b/addons/project/filehistorywidget.cpp +index 626016a6b..14857e178 100644 +--- a/addons/project/filehistorywidget.cpp ++++ b/addons/project/filehistorywidget.cpp +@@ -231,9 +231,12 @@ FileHistoryWidget::~FileHistoryWidget() + // git log --format=%H%n%aN%n%aE%n%at%n%ct%n%P%n%B --author-date-order + void FileHistoryWidget::getFileHistory(const QString &file) + { +- setupGitProcess(m_git, +- QFileInfo(file).absolutePath(), +- {QStringLiteral("log"), QStringLiteral("--format=%H%n%aN%n%aE%n%at%n%ct%n%P%n%B"), QStringLiteral("-z"), file}); ++ if (!setupGitProcess(m_git, ++ QFileInfo(file).absolutePath(), ++ {QStringLiteral("log"), QStringLiteral("--format=%H%n%aN%n%aE%n%at%n%ct%n%P%n%B"), QStringLiteral("-z"), file})) { ++ Q_EMIT errorMessage(i18n("Failed to get file history: git executable not found in PATH"), true); ++ return; ++ } + + connect(&m_git, &QProcess::readyReadStandardOutput, this, [this] { + auto commits = parseCommits(m_git.readAllStandardOutput().split(0x00)); +@@ -258,7 +261,10 @@ void FileHistoryWidget::itemClicked(const QModelIndex &idx) + + const auto commit = idx.data(CommitListModel::CommitRole).value(); + +- setupGitProcess(git, fi.absolutePath(), {QStringLiteral("show"), QString::fromUtf8(commit.hash), QStringLiteral("--"), m_file}); ++ if (!setupGitProcess(git, fi.absolutePath(), {QStringLiteral("show"), QString::fromUtf8(commit.hash), QStringLiteral("--"), m_file})) { ++ return; ++ } ++ + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + if (git.exitStatus() != QProcess::NormalExit || git.exitCode() != 0) { +diff --git a/addons/project/git/gitutils.cpp b/addons/project/git/gitutils.cpp +index ea8dd8823..8b494c16f 100644 +--- a/addons/project/git/gitutils.cpp ++++ b/addons/project/git/gitutils.cpp +@@ -15,7 +15,10 @@ + bool GitUtils::isGitRepo(const QString &repo) + { + QProcess git; +- setupGitProcess(git, repo, {QStringLiteral("rev-parse"), QStringLiteral("--is-inside-work-tree")}); ++ if (!setupGitProcess(git, repo, {QStringLiteral("rev-parse"), QStringLiteral("--is-inside-work-tree")})) { ++ return false; ++ } ++ + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + return git.readAll().trimmed() == "true"; +@@ -27,7 +30,10 @@ std::optional GitUtils::getDotGitPath(const QString &repo) + { + /* This call is intentionally blocking because we need git path for everything else */ + QProcess git; +- setupGitProcess(git, repo, {QStringLiteral("rev-parse"), QStringLiteral("--absolute-git-dir")}); ++ if (!setupGitProcess(git, repo, {QStringLiteral("rev-parse"), QStringLiteral("--absolute-git-dir")})) { ++ return std::nullopt; ++ } ++ + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + if (git.exitStatus() != QProcess::NormalExit || git.exitCode() != 0) { +@@ -57,7 +63,10 @@ QString GitUtils::getCurrentBranchName(const QString &repo) + + for (int i = 0; i < 3; ++i) { + QProcess git; +- setupGitProcess(git, repo, argsList[i]); ++ if (!setupGitProcess(git, repo, argsList[i])) { ++ return QString(); ++ } ++ + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + if (git.exitStatus() == QProcess::NormalExit && git.exitCode() == 0) { +@@ -73,7 +82,10 @@ QString GitUtils::getCurrentBranchName(const QString &repo) + GitUtils::CheckoutResult GitUtils::checkoutBranch(const QString &repo, const QString &branch) + { + QProcess git; +- setupGitProcess(git, repo, {QStringLiteral("checkout"), branch}); ++ if (!setupGitProcess(git, repo, {QStringLiteral("checkout"), branch})) { ++ return CheckoutResult{}; ++ } ++ + git.start(QProcess::ReadOnly); + CheckoutResult res; + res.branch = branch; +@@ -91,7 +103,11 @@ GitUtils::CheckoutResult GitUtils::checkoutNewBranch(const QString &repo, const + if (!fromBranch.isEmpty()) { + args.append(fromBranch); + } +- setupGitProcess(git, repo, args); ++ ++ if (!setupGitProcess(git, repo, args)) { ++ return CheckoutResult{}; ++ } ++ + git.start(QProcess::ReadOnly); + CheckoutResult res; + res.branch = newBranch; +@@ -132,7 +148,10 @@ QVector GitUtils::getAllBranchesAndTags(const QString &repo, R + args.append(QStringLiteral("--sort=-taggerdate")); + } + +- setupGitProcess(git, repo, args); ++ if (!setupGitProcess(git, repo, args)) { ++ return {}; ++ } ++ + git.start(QProcess::ReadOnly); + QVector branches; + if (git.waitForStarted() && git.waitForFinished(-1)) { +@@ -166,7 +185,10 @@ std::pair GitUtils::getLastCommitMessage(const QString &repo) + { + // git log -1 --pretty=%B + QProcess git; +- setupGitProcess(git, repo, {QStringLiteral("log"), QStringLiteral("-1"), QStringLiteral("--pretty=%B")}); ++ if (!setupGitProcess(git, repo, {QStringLiteral("log"), QStringLiteral("-1"), QStringLiteral("--pretty=%B")})) { ++ return {}; ++ } ++ + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + if (git.exitCode() != 0 || git.exitStatus() != QProcess::NormalExit) { +@@ -197,7 +219,10 @@ GitUtils::Result GitUtils::deleteBranches(const QStringList &branches, const QSt + args << branches; + + QProcess git; +- setupGitProcess(git, repo, args); ++ if (!setupGitProcess(git, repo, args)) { ++ return {}; ++ } ++ + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + QString out = QString::fromLatin1(git.readAllStandardError()) + QString::fromLatin1(git.readAllStandardOutput()); +diff --git a/addons/project/gitwidget.cpp b/addons/project/gitwidget.cpp +index 2b19781c0..77499dad8 100644 +--- a/addons/project/gitwidget.cpp ++++ b/addons/project/gitwidget.cpp +@@ -514,8 +514,9 @@ void GitWidget::launchExternalDiffTool(const QString &file, bool staged) + args.append(file); + + QProcess git; +- setupGitProcess(git, m_gitPath, args); +- git.startDetached(); ++ if (setupGitProcess(git, m_gitPath, args)) { ++ git.startDetached(); ++ } + } + + void GitWidget::commitChanges(const QString &msg, const QString &desc, bool signOff, bool amend) +@@ -745,7 +746,12 @@ void GitWidget::branchCompareFiles(const QString &from, const QString &to) + auto args = QStringList{QStringLiteral("diff"), QStringLiteral("%1...%2").arg(from).arg(to), QStringLiteral("--name-status")}; + + QProcess git; +- setupGitProcess(git, m_gitPath, args); ++ ++ // early out if we can't find git ++ if (!setupGitProcess(git, m_gitPath, args)) { ++ return; ++ } ++ + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + if (git.exitStatus() != QProcess::NormalExit || git.exitCode() != 0) { +@@ -767,7 +773,12 @@ void GitWidget::branchCompareFiles(const QString &from, const QString &to) + + // get --num-stat + args = QStringList{QStringLiteral("diff"), QStringLiteral("%1...%2").arg(from).arg(to), QStringLiteral("--numstat"), QStringLiteral("-z")}; +- setupGitProcess(git, m_gitPath, args); ++ ++ // early out if we can't find git ++ if (!setupGitProcess(git, m_gitPath, args)) { ++ return; ++ } ++ + git.start(QProcess::ReadOnly); + if (git.waitForStarted() && git.waitForFinished(-1)) { + if (git.exitStatus() != QProcess::NormalExit || git.exitCode() != 0) { +diff --git a/addons/project/kateprojectindex.cpp b/addons/project/kateprojectindex.cpp +index a7d9ec9c1..9fc5b64cb 100644 +--- a/addons/project/kateprojectindex.cpp ++++ b/addons/project/kateprojectindex.cpp +@@ -9,6 +9,7 @@ + + #include + #include ++#include + + /** + * include ctags reading +@@ -73,6 +74,12 @@ void KateProjectIndex::loadCtags(const QStringList &files, const QVariantMap &ct + */ + m_ctagsIndexFile->close(); + ++ // only use ctags from PATH ++ static const auto fullExecutablePath = QStandardPaths::findExecutable(QStringLiteral("ctags")); ++ if (fullExecutablePath.isEmpty()) { ++ return; ++ } ++ + /** + * try to run ctags for all files in this project + * output to our ctags index file +@@ -85,7 +92,7 @@ void KateProjectIndex::loadCtags(const QStringList &files, const QVariantMap &ct + for (const QVariant &optVariant : opts) { + args << optVariant.toString(); + } +- ctags.start(QStringLiteral("ctags"), args); ++ ctags.start(fullExecutablePath, args); + if (!ctags.waitForStarted()) { + return; + } +diff --git a/addons/project/kateprojectinfoviewcodeanalysis.cpp b/addons/project/kateprojectinfoviewcodeanalysis.cpp +index 21cd26a84..23b82c45e 100644 +--- a/addons/project/kateprojectinfoviewcodeanalysis.cpp ++++ b/addons/project/kateprojectinfoviewcodeanalysis.cpp +@@ -13,6 +13,7 @@ + + #include + #include ++#include + #include + #include + +@@ -134,14 +135,18 @@ void KateProjectInfoViewCodeAnalysis::slotStartStopClicked() + connect(m_analyzer, &QProcess::readyRead, this, &KateProjectInfoViewCodeAnalysis::slotReadyRead); + connect(m_analyzer, static_cast(&QProcess::finished), this, &KateProjectInfoViewCodeAnalysis::finished); + +- m_analyzer->start(m_analysisTool->path(), m_analysisTool->arguments()); ++ // ensure we only run the code analyzer from PATH ++ const QString fullExecutable = QStandardPaths::findExecutable(m_analysisTool->path()); ++ if (!fullExecutable.isEmpty()) { ++ m_analyzer->start(fullExecutable, m_analysisTool->arguments()); ++ } + + if (m_messageWidget) { + delete m_messageWidget; + m_messageWidget = nullptr; + } + +- if (!m_analyzer->waitForStarted()) { ++ if (fullExecutable.isEmpty() || !m_analyzer->waitForStarted()) { + m_messageWidget = new KMessageWidget(this); + m_messageWidget->setCloseButtonVisible(true); + m_messageWidget->setMessageType(KMessageWidget::Warning); +diff --git a/addons/project/kateprojectworker.cpp b/addons/project/kateprojectworker.cpp +index d1979d1ec..831dae89b 100644 +--- a/addons/project/kateprojectworker.cpp ++++ b/addons/project/kateprojectworker.cpp +@@ -18,6 +18,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -442,10 +443,12 @@ QVector KateProjectWorker::filesFromGit(const QDir &dir, bool recursive + + QVector KateProjectWorker::gitFiles(const QDir &dir, bool recursive, const QStringList &args) + { ++ QVector files; + QProcess git; +- setupGitProcess(git, dir.absolutePath(), args); ++ if (!setupGitProcess(git, dir.absolutePath(), args)) { ++ return files; ++ } + git.start(QProcess::ReadOnly); +- QVector files; + if (!git.waitForStarted() || !git.waitForFinished(-1)) { + return files; + } +@@ -466,13 +469,18 @@ QVector KateProjectWorker::gitFiles(const QDir &dir, bool recursive, co + + QVector KateProjectWorker::filesFromMercurial(const QDir &dir, bool recursive) + { ++ // only use version control from PATH + QVector files; ++ static const auto fullExecutablePath = QStandardPaths::findExecutable(QStringLiteral("hg")); ++ if (fullExecutablePath.isEmpty()) { ++ return files; ++ } + + QProcess hg; + hg.setWorkingDirectory(dir.absolutePath()); + QStringList args; + args << QStringLiteral("manifest") << QStringLiteral("."); +- hg.start(QStringLiteral("hg"), args, QProcess::ReadOnly); ++ hg.start(fullExecutablePath, args, QProcess::ReadOnly); + if (!hg.waitForStarted() || !hg.waitForFinished(-1)) { + return files; + } +@@ -493,7 +501,12 @@ QVector KateProjectWorker::filesFromMercurial(const QDir &dir, bool rec + + QVector KateProjectWorker::filesFromSubversion(const QDir &dir, bool recursive) + { ++ // only use version control from PATH + QVector files; ++ static const auto fullExecutablePath = QStandardPaths::findExecutable(QStringLiteral("svn")); ++ if (fullExecutablePath.isEmpty()) { ++ return files; ++ } + + QProcess svn; + svn.setWorkingDirectory(dir.absolutePath()); +@@ -504,7 +517,7 @@ QVector KateProjectWorker::filesFromSubversion(const QDir &dir, bool re + } else { + args << QStringLiteral("--depth=files"); + } +- svn.start(QStringLiteral("svn"), args, QProcess::ReadOnly); ++ svn.start(fullExecutablePath, args, QProcess::ReadOnly); + if (!svn.waitForStarted() || !svn.waitForFinished(-1)) { + return files; + } +@@ -555,18 +568,21 @@ QVector KateProjectWorker::filesFromSubversion(const QDir &dir, bool re + + QVector KateProjectWorker::filesFromDarcs(const QDir &dir, bool recursive) + { ++ // only use version control from PATH + QVector files; ++ static const auto fullExecutablePath = QStandardPaths::findExecutable(QStringLiteral("darcs")); ++ if (fullExecutablePath.isEmpty()) { ++ return files; ++ } + +- const QString cmd = QStringLiteral("darcs"); + QString root; +- + { + QProcess darcs; + darcs.setWorkingDirectory(dir.absolutePath()); + QStringList args; + args << QStringLiteral("list") << QStringLiteral("repo"); + +- darcs.start(cmd, args, QProcess::ReadOnly); ++ darcs.start(fullExecutablePath, args, QProcess::ReadOnly); + + if (!darcs.waitForStarted() || !darcs.waitForFinished(-1)) { + return files; +@@ -590,7 +606,7 @@ QVector KateProjectWorker::filesFromDarcs(const QDir &dir, bool recursi + darcs.setWorkingDirectory(dir.absolutePath()); + args << QStringLiteral("list") << QStringLiteral("files") << QStringLiteral("--no-directories") << QStringLiteral("--pending"); + +- darcs.start(cmd, args, QProcess::ReadOnly); ++ darcs.start(fullExecutablePath, args, QProcess::ReadOnly); + + if (!darcs.waitForStarted() || !darcs.waitForFinished(-1)) { + return files; +diff --git a/addons/project/stashdialog.cpp b/addons/project/stashdialog.cpp +index c623182a8..bddedf709 100644 +--- a/addons/project/stashdialog.cpp ++++ b/addons/project/stashdialog.cpp +@@ -32,6 +32,8 @@ + + #include + ++#include ++ + constexpr int StashIndexRole = Qt::UserRole + 2; + + class StashFilterModel final : public QSortFilterProxyModel +@@ -218,11 +220,10 @@ void StashDialog::slotReturnPressed() + hide(); + } + +-QProcess *StashDialog::gitp() ++QProcess *StashDialog::gitp(const QStringList &arguments) + { + auto git = new QProcess(this); +- git->setProgram(QStringLiteral("git")); +- git->setWorkingDirectory(m_gitPath); ++ setupGitProcess(*git, m_gitPath, arguments); + return git; + } + +@@ -242,7 +243,7 @@ void StashDialog::stash(bool keepIndex, bool includeUntracked) + args.append(m_lineEdit.text()); + } + +- auto git = gitp(); ++ auto git = gitp(args); + connect(git, &QProcess::finished, this, [this, git](int exitCode, QProcess::ExitStatus es) { + if (es != QProcess::NormalExit || exitCode != 0) { + qWarning() << git->errorString(); +@@ -253,14 +254,12 @@ void StashDialog::stash(bool keepIndex, bool includeUntracked) + Q_EMIT done(); + git->deleteLater(); + }); +- git->setArguments(args); + git->start(QProcess::ReadOnly); + } + + void StashDialog::getStashList() + { +- auto git = gitp(); +- git->setArguments({QStringLiteral("stash"), QStringLiteral("list")}); ++ auto git = gitp({QStringLiteral("stash"), QStringLiteral("list")}); + git->start(QProcess::ReadOnly); + + QList stashList; +@@ -293,11 +292,11 @@ void StashDialog::getStashList() + + void StashDialog::popStash(const QByteArray &index, const QString &command) + { +- auto git = gitp(); + QStringList args{QStringLiteral("stash"), command}; + if (!index.isEmpty()) { + args.append(QString::fromUtf8(index)); + } ++ auto git = gitp(args); + + connect(git, &QProcess::finished, this, [this, command, git](int exitCode, QProcess::ExitStatus es) { + if (es != QProcess::NormalExit || exitCode != 0) { +@@ -320,7 +319,6 @@ void StashDialog::popStash(const QByteArray &index, const QString &command) + Q_EMIT done(); + git->deleteLater(); + }); +- git->setArguments(args); + git->start(QProcess::ReadOnly); + } + +@@ -339,9 +337,8 @@ void StashDialog::showStash(const QByteArray &index) + if (index.isEmpty()) { + return; + } +- auto git = gitp(); + +- QStringList args{QStringLiteral("stash"), QStringLiteral("show"), QStringLiteral("-p"), QString::fromUtf8(index)}; ++ auto git = gitp({QStringLiteral("stash"), QStringLiteral("show"), QStringLiteral("-p"), QString::fromUtf8(index)}); + + connect(git, &QProcess::finished, this, [this, git](int exitCode, QProcess::ExitStatus es) { + if (es != QProcess::NormalExit || exitCode != 0) { +@@ -353,6 +350,5 @@ void StashDialog::showStash(const QByteArray &index) + git->deleteLater(); + }); + +- git->setArguments(args); + git->start(QProcess::ReadOnly); + } +diff --git a/addons/project/stashdialog.h b/addons/project/stashdialog.h +index a18d42ab9..417690757 100644 +--- a/addons/project/stashdialog.h ++++ b/addons/project/stashdialog.h +@@ -56,7 +56,7 @@ protected Q_SLOTS: + void slotReturnPressed() override; + + private: +- QProcess *gitp(); ++ QProcess *gitp(const QStringList &arguments); + void stash(bool keepIndex, bool includeUntracked); + void getStashList(); + void popStash(const QByteArray &index, const QString &command = QStringLiteral("pop")); +diff --git a/addons/replicode/replicodeview.cpp b/addons/replicode/replicodeview.cpp +index 0199f46ce..7f70ee1ea 100644 +--- a/addons/replicode/replicodeview.cpp ++++ b/addons/replicode/replicodeview.cpp +@@ -8,7 +8,9 @@ + + #include "replicodeconfig.h" + #include "replicodesettings.h" ++ + #include ++#include + #include + #include + +@@ -116,7 +118,14 @@ void ReplicodeView::runReplicode() + } + + KConfigGroup config(KSharedConfig::openConfig(), QStringLiteral("Replicode")); ++ + QString executorPath = config.readEntry("replicodePath", QString()); ++ ++ // ensure we only call replicode from PATH if not given as absolute path already ++ if (!executorPath.isEmpty() && !QFileInfo(executorPath).isAbsolute()) { ++ executorPath = QStandardPaths::findExecutable(executorPath); ++ } ++ + if (executorPath.isEmpty()) { + QMessageBox::warning(m_mainWindow->window(), + i18nc("@title:window", "Replicode Executable Not Found"), +diff --git a/addons/xmlcheck/plugin_katexmlcheck.cpp b/addons/xmlcheck/plugin_katexmlcheck.cpp +index f1d52f3a7..3971550cd 100644 +--- a/addons/xmlcheck/plugin_katexmlcheck.cpp ++++ b/addons/xmlcheck/plugin_katexmlcheck.cpp +@@ -304,10 +304,18 @@ bool PluginKateXMLCheckView::slotValidate() + s << kv->document()->text(); + s.flush(); + ++ // ensure we only execute xmllint from PATH or application package + QString exe = QStandardPaths::findExecutable(QStringLiteral("xmllint")); + if (exe.isEmpty()) { + exe = QStandardPaths::locate(QStandardPaths::ApplicationsLocation, QStringLiteral("xmllint")); + } ++ if (exe.isEmpty()) { ++ KMessageBox::error(nullptr, ++ i18n("Error: Failed to find xmllint. Please make " ++ "sure that xmllint is installed. It is part of libxml2.")); ++ return false; ++ } ++ + // qDebug() << "exe=" < + #include + #include ++#include + #include + + void KateFileActions::copyFilePathToClipboard(KTextEditor::Document *doc) +@@ -137,17 +138,13 @@ void KateFileActions::deleteDocumentFile(QWidget *parent, KTextEditor::Document + } + } + +-QStringList KateFileActions::supportedDiffTools() ++QVector> KateFileActions::supportedDiffTools() + { +- // LATER: check for program existence and set some boolean value accordingly +- // Can this be even done in an easy way when we don't use the absolute path to the executable? +- // See https://stackoverflow.com/questions/42444055/how-to-check-if-a-program-exists-in-path-using-qt +- +- QStringList resultList; +- resultList.push_back(QStringLiteral("kdiff3")); +- resultList.push_back(QStringLiteral("kompare")); +- resultList.push_back(QStringLiteral("meld")); +- ++ // query once if the tools are there in the path and store that ++ // we will disable the actions for the tools not found ++ static QVector> resultList{{QStringLiteral("kdiff3"), QStandardPaths::findExecutable(QStringLiteral("kdiff3"))}, ++ {QStringLiteral("kompare"), QStandardPaths::findExecutable(QStringLiteral("kompare"))}, ++ {QStringLiteral("meld"), QStandardPaths::findExecutable(QStringLiteral("meld"))}}; + return resultList; + } + +diff --git a/kate/katefileactions.h b/kate/katefileactions.h +index 524d81097..77cc5b0bf 100644 +--- a/kate/katefileactions.h ++++ b/kate/katefileactions.h +@@ -51,9 +51,9 @@ void openFilePropertiesDialog(KTextEditor::Document *document); + void deleteDocumentFile(QWidget *parent, KTextEditor::Document *document); + + /** +- * @returns a list of supported diff tools (names of the executables) ++ * @returns a list of supported diff tools (names of the executables + paths to them, empty if not found in PATH) + */ +-QStringList supportedDiffTools(); ++QVector> supportedDiffTools(); + + /** + * Runs an external program to compare the underlying files of two given documents. +diff --git a/kate/katemwmodonhddialog.cpp b/kate/katemwmodonhddialog.cpp +index e0041d858..d7c79e4d4 100644 +--- a/kate/katemwmodonhddialog.cpp ++++ b/kate/katemwmodonhddialog.cpp +@@ -22,6 +22,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -52,6 +53,7 @@ public: + + KateMwModOnHdDialog::KateMwModOnHdDialog(DocVector docs, QWidget *parent, const char *name) + : QDialog(parent) ++ , m_fullDiffPath(QStandardPaths::findExecutable(QStringLiteral("diff"))) + , m_proc(nullptr) + , m_diffFile(nullptr) + , m_blockAddDocument(false) +@@ -108,6 +110,7 @@ KateMwModOnHdDialog::KateMwModOnHdDialog(DocVector docs, QWidget *parent, const + "file for the selected document, and shows the difference with the " + "default application. Requires diff(1).")); + hb->addWidget(btnDiff); ++ btnDiff->setEnabled(!m_fullDiffPath.isEmpty()); + connect(btnDiff, &QPushButton::clicked, this, &KateMwModOnHdDialog::slotDiff); + + // Dialog buttons +@@ -288,9 +291,10 @@ void KateMwModOnHdDialog::slotDiff() + m_diffFile->open(); + + // Start a KProcess that creates a diff ++ // We use the full path to don't launch some random "diff" in current working directory + m_proc = new KProcess(this); + m_proc->setOutputChannelMode(KProcess::MergedChannels); +- *m_proc << QStringLiteral("diff") << QStringLiteral("-ub") << QStringLiteral("-") << doc->url().toLocalFile(); ++ *m_proc << m_fullDiffPath << QStringLiteral("-ub") << QStringLiteral("-") << doc->url().toLocalFile(); + connect(m_proc, &KProcess::readyRead, this, &KateMwModOnHdDialog::slotDataAvailable); + connect(m_proc, static_cast(&KProcess::finished), this, &KateMwModOnHdDialog::slotPDone); + +diff --git a/kate/katemwmodonhddialog.h b/kate/katemwmodonhddialog.h +index 11c09eab7..6fa245726 100644 +--- a/kate/katemwmodonhddialog.h ++++ b/kate/katemwmodonhddialog.h +@@ -51,6 +51,7 @@ private: + class QTreeWidget *twDocuments; + class QDialogButtonBox *dlgButtons; + class QPushButton *btnDiff; ++ QString m_fullDiffPath; + KProcess *m_proc; + QTemporaryFile *m_diffFile; + QStringList m_stateTexts; +diff --git a/kate/kateviewspace.cpp b/kate/kateviewspace.cpp +index dba2fb973..af3bb8d34 100644 +--- a/kate/kateviewspace.cpp ++++ b/kate/kateviewspace.cpp +@@ -678,8 +678,11 @@ void KateViewSpace::showContextMenu(int idx, const QPoint &globalPos) + + if (mCompareWithActive->isEnabled()) { + for (auto &&diffTool : KateFileActions::supportedDiffTools()) { +- QAction *compareAction = mCompareWithActive->addAction(diffTool); +- compareAction->setData(diffTool); ++ QAction *compareAction = mCompareWithActive->addAction(diffTool.first); ++ ++ // we use the full path to safely execute the tool, disable action if no full path => tool not found ++ compareAction->setData(diffTool.second); ++ compareAction->setEnabled(!diffTool.second.isEmpty()); + } + } + +diff --git a/shared/gitprocess.h b/shared/gitprocess.h +index 47b98b696..b0d79fac6 100644 +--- a/shared/gitprocess.h ++++ b/shared/gitprocess.h +@@ -7,6 +7,7 @@ + #pragma once + + #include ++#include + + /** + * small helper function to setup a QProcess based "git" command. +@@ -17,10 +18,20 @@ + * @param process process to setup for git + * @param workingDirectory working directory to use for process + * @param arguments arguments to pass to git ++ * @return could set setup the process or did that fail, e.g. because the git executable is not available? + */ +-inline void setupGitProcess(QProcess &process, const QString &workingDirectory, const QStringList &arguments) ++inline bool setupGitProcess(QProcess &process, const QString &workingDirectory, const QStringList &arguments) + { +- process.setProgram(QStringLiteral("git")); ++ // only use git from PATH ++ static const auto gitExecutable = QStandardPaths::findExecutable(QStringLiteral("git")); ++ if (gitExecutable.isEmpty()) { ++ // ensure we have no valid QProcess setup ++ process.setProgram(QString()); ++ return false; ++ } ++ ++ // setup program and arguments, ensure we do run git in the right working directory ++ process.setProgram(gitExecutable); + process.setWorkingDirectory(workingDirectory); + process.setArguments(arguments); + +@@ -37,4 +48,5 @@ inline void setupGitProcess(QProcess &process, const QString &workingDirectory, + QProcessEnvironment env = QProcessEnvironment::systemEnvironment(); + env.insert(QStringLiteral("GIT_OPTIONAL_LOCKS"), QStringLiteral("0")); + process.setProcessEnvironment(env); ++ return true; + } +-- +GitLab + diff --git a/source/kde/kde/patch/kate/92a9c65e30b4b63b8b116eb5c8dcb1e1a2d867bc.patch b/source/kde/kde/patch/kate/92a9c65e30b4b63b8b116eb5c8dcb1e1a2d867bc.patch new file mode 100644 index 000000000..6900a46c0 --- /dev/null +++ b/source/kde/kde/patch/kate/92a9c65e30b4b63b8b116eb5c8dcb1e1a2d867bc.patch @@ -0,0 +1,39 @@ +From 92a9c65e30b4b63b8b116eb5c8dcb1e1a2d867bc Mon Sep 17 00:00:00 2001 +From: Waqar Ahmed +Date: Sun, 16 Jan 2022 18:39:50 +0500 +Subject: [PATCH] step down warning level when LSP not found + +Currently it gives an error which results in the widget popping up +everytime you open a file for which you don't have LSP. However, one may +have intentionally not installed the LSP for a language. + +BUG: 448549 +--- + addons/lspclient/lspclientservermanager.cpp | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/addons/lspclient/lspclientservermanager.cpp b/addons/lspclient/lspclientservermanager.cpp +index 551926e23..24e3f275b 100644 +--- a/addons/lspclient/lspclientservermanager.cpp ++++ b/addons/lspclient/lspclientservermanager.cpp +@@ -737,13 +737,13 @@ private: + server.reset(new LSPClientServer(cmdline, root, realLangId, serverConfig.value(QStringLiteral("initializationOptions")), folders)); + connect(server.data(), &LSPClientServer::stateChanged, this, &self_type::onStateChanged, Qt::UniqueConnection); + if (!server->start()) { +- QString errorMessage = i18n("Failed to start server: %1", cmdline.join(QLatin1Char(' '))); ++ QString message = i18n("Failed to start server: %1", cmdline.join(QLatin1Char(' '))); + const auto url = serverConfig.value(QStringLiteral("url")).toString(); + if (!url.isEmpty()) { +- errorMessage += QStringLiteral("\n") + i18n("Please check your PATH for the binary"); +- errorMessage += QStringLiteral("\n") + i18n("See also %1 for installation or details", url); ++ message += QStringLiteral("\n") + i18n("Please check your PATH for the binary"); ++ message += QStringLiteral("\n") + i18n("See also %1 for installation or details", url); + } +- showMessage(errorMessage, KTextEditor::Message::Error); ++ showMessage(message, KTextEditor::Message::Warning); + } else { + showMessage(i18n("Started server %2: %1", cmdline.join(QLatin1Char(' ')), serverDescription(server.data())), + KTextEditor::Message::Positive); +-- +GitLab + diff --git a/source/kde/kde/patch/kate/c5d66f3b70ae4778d6162564309aee95f643e7c9.patch b/source/kde/kde/patch/kate/c5d66f3b70ae4778d6162564309aee95f643e7c9.patch new file mode 100644 index 000000000..cc3f058d7 --- /dev/null +++ b/source/kde/kde/patch/kate/c5d66f3b70ae4778d6162564309aee95f643e7c9.patch @@ -0,0 +1,124 @@ +From c5d66f3b70ae4778d6162564309aee95f643e7c9 Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann +Date: Thu, 20 Jan 2022 21:00:09 +0100 +Subject: [PATCH] avoid that we execute LSP binaries from cwd + +QProcess will just use current working directory as +fallback + +that allows to execute un-wanted binaries by accident +--- + addons/lspclient/lspclientservermanager.cpp | 87 ++++++++++++--------- + 1 file changed, 51 insertions(+), 36 deletions(-) + +diff --git a/addons/lspclient/lspclientservermanager.cpp b/addons/lspclient/lspclientservermanager.cpp +index 24e3f275b..e78b4aa2d 100644 +--- a/addons/lspclient/lspclientservermanager.cpp ++++ b/addons/lspclient/lspclientservermanager.cpp +@@ -707,52 +707,67 @@ private: + } + + if (cmdline.length() > 0) { ++ // ensure we always only take the server executable from the PATH or user defined paths ++ // QProcess will take the executable even just from current working directory without this => BAD ++ auto cmd = QStandardPaths::findExecutable(cmdline[0]); ++ + // optionally search in supplied path(s) +- auto vpath = serverConfig.value(QStringLiteral("path")).toArray(); +- if (vpath.size() > 0) { +- auto cmd = QStandardPaths::findExecutable(cmdline[0]); +- if (cmd.isEmpty()) { +- // collect and expand in case home dir or other (environment) variable reference is used +- QStringList path; +- for (const auto &e : vpath) { +- auto p = e.toString(); +- editor->expandText(p, view, p); +- path.push_back(p); +- } +- cmd = QStandardPaths::findExecutable(cmdline[0], path); +- if (!cmd.isEmpty()) { +- cmdline[0] = cmd; +- } ++ const auto vpath = serverConfig.value(QStringLiteral("path")).toArray(); ++ if (cmd.isEmpty() && !vpath.isEmpty()) { ++ // collect and expand in case home dir or other (environment) variable reference is used ++ QStringList path; ++ for (const auto &e : vpath) { ++ auto p = e.toString(); ++ editor->expandText(p, view, p); ++ path.push_back(p); + } ++ cmd = QStandardPaths::findExecutable(cmdline[0], path); + } +- // an empty list is always passed here (or null) +- // the initial list is provided/updated using notification after start +- // since that is what a server is more aware of +- // and should support if it declares workspace folder capable +- // (as opposed to the new initialization property) +- LSPClientServer::FoldersType folders; +- if (useWorkspace) { +- folders = QList(); +- } +- server.reset(new LSPClientServer(cmdline, root, realLangId, serverConfig.value(QStringLiteral("initializationOptions")), folders)); +- connect(server.data(), &LSPClientServer::stateChanged, this, &self_type::onStateChanged, Qt::UniqueConnection); +- if (!server->start()) { +- QString message = i18n("Failed to start server: %1", cmdline.join(QLatin1Char(' '))); ++ ++ // we can only start the stuff if we did find the binary in the paths ++ if (!cmd.isEmpty()) { ++ // use full path to avoid security issues ++ cmdline[0] = cmd; ++ ++ // an empty list is always passed here (or null) ++ // the initial list is provided/updated using notification after start ++ // since that is what a server is more aware of ++ // and should support if it declares workspace folder capable ++ // (as opposed to the new initialization property) ++ LSPClientServer::FoldersType folders; ++ if (useWorkspace) { ++ folders = QList(); ++ } ++ server.reset(new LSPClientServer(cmdline, root, realLangId, serverConfig.value(QStringLiteral("initializationOptions")), folders)); ++ connect(server.data(), &LSPClientServer::stateChanged, this, &self_type::onStateChanged, Qt::UniqueConnection); ++ if (!server->start()) { ++ QString message = i18n("Failed to start server: %1", cmdline.join(QLatin1Char(' '))); ++ const auto url = serverConfig.value(QStringLiteral("url")).toString(); ++ if (!url.isEmpty()) { ++ message += QStringLiteral("\n") + i18n("Please check your PATH for the binary"); ++ message += QStringLiteral("\n") + i18n("See also %1 for installation or details", url); ++ } ++ showMessage(message, KTextEditor::Message::Warning); ++ } else { ++ showMessage(i18n("Started server %2: %1", cmdline.join(QLatin1Char(' ')), serverDescription(server.data())), ++ KTextEditor::Message::Positive); ++ using namespace std::placeholders; ++ server->connect(server.data(), &LSPClientServer::logMessage, this, std::bind(&self_type::onMessage, this, true, _1)); ++ server->connect(server.data(), &LSPClientServer::showMessage, this, std::bind(&self_type::onMessage, this, false, _1)); ++ server->connect(server.data(), &LSPClientServer::workDoneProgress, this, &self_type::onWorkDoneProgress); ++ server->connect(server.data(), &LSPClientServer::workspaceFolders, this, &self_type::onWorkspaceFolders, Qt::UniqueConnection); ++ } ++ } else { ++ // we didn't find the server binary at all! ++ QString message = i18n("Failed to find server binary: %1", cmdline[0]); + const auto url = serverConfig.value(QStringLiteral("url")).toString(); + if (!url.isEmpty()) { + message += QStringLiteral("\n") + i18n("Please check your PATH for the binary"); + message += QStringLiteral("\n") + i18n("See also %1 for installation or details", url); + } + showMessage(message, KTextEditor::Message::Warning); +- } else { +- showMessage(i18n("Started server %2: %1", cmdline.join(QLatin1Char(' ')), serverDescription(server.data())), +- KTextEditor::Message::Positive); +- using namespace std::placeholders; +- server->connect(server.data(), &LSPClientServer::logMessage, this, std::bind(&self_type::onMessage, this, true, _1)); +- server->connect(server.data(), &LSPClientServer::showMessage, this, std::bind(&self_type::onMessage, this, false, _1)); +- server->connect(server.data(), &LSPClientServer::workDoneProgress, this, &self_type::onWorkDoneProgress); +- server->connect(server.data(), &LSPClientServer::workspaceFolders, this, &self_type::onWorkspaceFolders, Qt::UniqueConnection); + } ++ + serverinfo.settings = serverConfig.value(QStringLiteral("settings")); + serverinfo.started = QTime::currentTime(); + serverinfo.url = serverConfig.value(QStringLiteral("url")).toString(); +-- +GitLab +