Skip to content

Releases: ostreedev/ostree

2018.5

11 May 14:34
v2018.5
Compare
Choose a tag to compare

This release has a number of features, as well as the usual
collection of bugfixes (none critical). On the host management
side, we landed a design to do "staged" deployments. There's
some more information in the issue.

I've seen many, many people hit the "where did my changes in /etc go"
problem, and this will go a long way towards addressing that. We
believe the design is fairly good, and the new public API should
be considered stable. However, the ostree admin commandline only
uses it with an experimental OSTREE_EX_STAGE_DEPLOYMENTS=1. Please
try this out - the plan is to eventually make this the default.
Today rpm-ostree gained a config file option to enable it
persistently in this PR.

Another notable feature is that upon encountering an error, fsck
will now mark the commits which contain that object as "partial", which
in turn means that a future ostree pull will re-download the objects.
This makes recovering from corruption much easier. As part of this
work, an API was added which can traverse the tree and gather parent pointers.
More information in this PR.

Finally on the feature side, we have enabled repository locking by default.
This uses file locks and is hence for multiple process exclusion. For example,
EndlessOS today has both flatpak and their host updater writing to the system
repository. Currently, the locking only applies for commit and prune operations,
which are the most common sources of concurrency issues. This will
be extended over time. If you want to disable locking, set locking=false
in the repository configuration.
More information in this PR.

Bugfixes are mostly things like a fix for flatpak on filesystems which
implement reflinks, some memory leaks squashed in the commit path. And
the fix in PR 1537 is
fairly notable as it avoids ugly behavior incorrectly scanning all files
in newly-created repositories that didn't have the legacy uncompressed-objects-cache
directory.

Additionally there are test suite improvements, documentation patches.
The tests are all now fully Python 3 compatible.

Thanks to all contributors!

Alexander Larsson (3 PRs, 4 commits)
  Don't write to parent repo (#1524)
  pull: Don't save summary to cache before validating signatures (#1529)
  PR: #1533
    fsck: Mark commits with missing or deleted object partial
    lib/repo: Add ostree_repo_traverse_commit_union_with_parents

Colin Walters (30 PRs, 44 commits)
  Add concept of "staged" deployment (#1503)
  lib/deltas: Some misc declare-and-initialize porting (#1511)
  Post-release version bump (#1512)
  tests: Merge installed/ and fedora-str/ directories (#1513)
  lib/deploy: Port final bootconfig writing to new style (#1515)
  tests/installed: Fix TESTS= being empty (#1516)
  ci: Drop patches when building RPM (#1530)
  switchroot: Don't log if running as pid1, minor code style cleanups (#1531)
  lib/sysroot: Move staged into deployment list, rework handling (#1539)
  README.md: Fix docs link to COPYING (#1554)
  lib/repo: Enable locking by default, but drop external API (#1555)
  deploy: Return staged deployment (#1559)
  repo: Add checksum to error message opening unreadable object (#1564)
  lib/deploy: Do post-ops when removing staged commit (#1570)
  deploy: Use fdatasync() for new kernel/initramfs by default (#1571)
  lib: Use `Locking:` term in docs (#1572)
  tests: Tweak staged-deploy test to be faster (#1573)
  README: Tweak licensing description (#1574)
  tests: Fix installed tests more (#1577)
  ci: Drop str hotpatch (#1582)
  ci: Switch libgcrypt URL (#1584)
  Release 2018.5 (#1585)
  PR: #1514
    lib/deploy: Split /etc merge into two stages
    lib/deploy: Set kargs in one place
  PR: #1535
    tests/installed: Move tasks into tasks/  directory
    tests: Better error message if target is not a symlink
    sysroot: Split out a helper function to delete a deployment dir
    tests/installed: Move auto-build logic to playbook-run.sh
    bin: Hide `admin instutil` command
  PR: #1538
    deploy: Clean up bootserial assignment function
    sysroot: Clean up origin loading function
    deploy: Silently do nothing if passed same set of deployments
  PR: #1548
    tests: Disable itest-pull.sh since it is too slow
    tests: Lower retry timeout to 5s
    fsck: Only print "marking commit partial" once
    tests/installed: Make reboot task less racy
    (and 1 commits from other authors)
  PR: #1558
    bin/deploy: Avoid loading merge deployment kargs unless necessary
    lib/deploy: Fix staged deployments with no kargs
  PR: #1567
    deploy: Don't prune repo at finalization time by default
    bin/admin-cleanup: Port to decl-and-initialize style
  PR: #1568
    lib/deploy: Throw an error if trying to stage when not ostree-booted
    lib/sysroot: Maintain one variable for "root is ostree booted"
  PR: #1583
    lib/sysroot: Add OSTREE_EX_STAGE_DEPLOYMENTS environment variable
    tests/installed: Disable all rpmmd repos

Giuseppe Scrivano (1 PR, 1 commit)
  commit, payload-reflink: do not write to the parent repo (#1525)

Jonathan Lebon (12 PRs, 16 commits)
  ci: turn gating back on for most testsuites (#1536)
  ci: use gpgme scratch build to workaround issues (#1540)
  ci: Temporary libgcrypt workaround for older kernels (#1547)
  ci: mark some ci testsuites as required again (#1552)
  ci: drop BDB1539 workaround (#1553)
  libglnx: Bump to fix F28 compilation (#1580)
  docs: Add "Hello World" example (#1581)
  PR: #1546
    tests: Port the last python2 script to python3
    tests/installed: Prefer python3 over python2
  PR: #1548
    tests/installed: increase async retries to 500
    (and 4 commits from other authors)
  PR: #1556
    lib/deploy: Also compare deployment csum versions
    lib/deploy: Factor out function to get deployment kargs
  PR: #1560
    man/ostree-init: Briefly describe various modes
    man/ostree: Document --repo option a bit more
  PR: #1575
    lib/commit: Fix function name typo in docstring
    lib/deploy: Add semi-colon in post-deployment msg

Matthew Leeds (8 PRs, 11 commits)
  lib/repo: Add timestamps to OstreeRepoFinderResult (#1518)
  lib/repo-pull: Document all options in pull_from_remotes_async (#1519)
  tests: Fix unit test for ref-binding metadata (#1520)
  lib/repo-pull: Improve error message when no summary is found (#1522)
  lib: Fix a few comments (#1526)
  lib/repo-pull: Rename a variable for clarity (#1528)
  PR: #1521
    libotutil/checksum-utils: Fix memory management
    lib/commit: Fix a memory leak of OtChecksum
  PR: #1543
    man: Add man page for create-usb
    create-usb: Update summary in destination repo
    tests: Fix typo in unit test

Owen W. Taylor (1 PR, 1 commit)
  Don't scan uncompressed_objects_dir if it doesn't exist (#1537)

Sam Spilsbury (1 PR, 1 commit)
  avahi: Don't complain with g_warning if the daemon wasn't running (#1542)

Simon McVittie (1 PR, 1 commit)
  build: Don't distribute Bison-generated parser in dist tarballs (#1563)

Tobias Mueller (1 PR, 1 commit)
  repo: handle GPG_ERR_AMBIGUOUS_NAME in sign_data (#1579)

Git-EVTag-v0-SHA512: a36ec85eaed518e9808fd572e801156171c8b7c8f043b5d151492ff94544e6d2a1fd2104de848605a32630b778739452500127e90ead78e29c405b20e1b97cca

2018.4

22 Mar 21:39
v2018.4
Compare
Choose a tag to compare

A quick turnaround after 2018.3 to include one main PR: #1508

"switchroot: Ensure /run/ostree-booted is created even without initramfs"

This fixes ostree when booting without an initramfs. Thanks to @akiernan for the
bug report and helping review the fix! I'm working on enhancing the test suite,
which will help in adding some coverage here.

Colin Walters (6 PRs, 10 commits)
  Post-release version bump (#1506)
  ci/papr: Fix artifacts (#1507)
  switchroot: Ensure /run/ostree-booted is created even without initramfs (#1508)
  lib/deltas: Squash some GCC maybe-uninitialized warnings (#1510)
  Release 2018.4 (#1512)
  PR: #1509
    tests/payload-link: Just test a single duplicate object
    tests: Small tweaks for local iteration
    tests/installed: Use temporary directories more consistently
    tests/str: Verify standard-test-roles is installed
    tests/str: Rework sysinstall-tests to be an entrypoint


Git-EVTag-v0-SHA512: ad47f2566b56f852982235224bc5256f1ac682da78579998b6ebcef719691c9dc2d9987691ee98730c7776da48c7ff50b02f55cbf5e7355a12627cb2843dcf51
-----BEGIN PGP SIGNATURE-----

iQFHBAABCgAxFiEEq5KKnPjdBikJw3u93EX9WSHBPwsFAlq0IgQTHHdhbHRlcnNA
dmVyYnVtLm9yZwAKCRDcRf1ZIcE/C2tDB/9daUpx5+lMfTBnBZdvHopnkmd1XaKS
zCeg813L54BxrmReUeRAZWjTmizqd+yQJoxkA/ioTkERH3H1p3VI6EoaeerSfukc
tFytvX11KNTk9ereBC1zg8eC5jLePMO1XHyrNi2TZ7F4da8sWQ8SJ8JiJFnlkZ+d
PagsZxPFN/7l2P8IczB+9wsYY155xDFNW1lWHA3Gm9hcvsl0gehy+VOJcB79CyX+
9nEPhurN+L6AAU9l6ECVUiY1zCYxvsoXduHEj9KlieK+exkbNsc0Ho4EEk3xd+HB
iv3vexsSFUvtQZBuq16/G4+Dv8SHwTGGuc8cP6MLHXlPMrTXyECjOZOp
=zaOP
-----END PGP SIGNATURE-----

2018.3

21 Mar 17:11
v2018.3
Compare
Choose a tag to compare

Keeping up with our ~monthly cadence. A variety of contributors here again, it's
great to see! There's two notable features, and a variety of non-critical bugfixes.

On the features side we have:

  • sysroot: Add concept of deployment "pinning" 📌 (#1464)
  • ostree: introduce PAYLOAD_LINK object type (#1443)

(EDIT: Also lib/fetcher: Allow clients to append to User-Agent (#1496))

By default libostree prunes older deployments; the pinning feature allows you to
explicitly retain them until unpinned. This is useful for major version updates.

The PAYLOAD_LINK functionality allows libostree to do content-based
deduplication. Previously, if e.g. a file changes in metadata (mode, owner,
xattrs such as SELinux labels), we can't make a plain Unix hardlink, and hence
by default end up with a new copy on disk. However, the Linux kernel has
standardized "reflinks" and some filesystems support them, including modern
versions of XFS. When reflinks are available, this functionality causes
libostree to compute a content-only payload, and when importing an object, if it
matches in content with an existing object, to use reflinks to deduplicate, while
using different inodes.

Finally, the HTTP User-Agent API is intended for higher level tools linking to libostree where one wants to expose the app version as well.

Beyond that, as mentioned above we have a variety of non-critical fixes such
as memory leaks, test suite improvements, correctly printing the "would be pruned"
size when using prune --no-prune, etc.

Thanks to all contributors!

Colin Walters (15 PRs, 20 commits)
  build-sys: Post-release version bump (#1455)
  ci: Rework installed tests to use Fedora Standard Test interface (#1462)
  bash-completion: Remove `admin` completions (#1468)
  prune: Error if --static-deltas-only without --delete-commit (#1482)
  lib/repo: Do account for size with prune --no-prune (#1483)
  docs/prune: Document that --static-deltas-only isn't that useful (#1484)
  repo/refs: Clean up error prefixing (#1485)
  tests/str: Rework invocation (#1493)
  tests: Avoid generating lots of output in itest-payload-link (#1494)
  lib/deploy: Port various functions to declare-and-initialize (#1499)
  main, status: Factor out deployment printing into helper (#1504)
  Release 2018.3 (#1506)
  PR: #1464
    sysroot: Add concept of deployment "pinning" 📌
    sysroot: Add API to clean up transient keys in origin files
    sysroot: Bump mtime when writing an origin file
  PR: #1497
    sysroot: Rework how we find booted deployment
    sysroot: Track whether /run/ostree-booted exists
    lib/deploy: Port deployment checkout func to new style
  PR: #1505
    lib/deploy: Have internal origin writing API take sepolicy
    lib/deploy: Use in-function error prefixing more

Giuseppe Scrivano (1 PR, 3 commits)
  PR: #1443
    commit: add logic for .payload-link
    ostree: introduce PAYLOAD_LINK object type
    ostree-repo-private: remove declaration for _ostree_repo_find_object

Jeremy Hiatt (1 PR, 1 commit)
  lib/repo: Fix multi-signature support when generating summary files (#1489)

Joaquim Rocha (1 PR, 1 commit)
  pull: Ignore the cancellable when aborting a transaction (#1492)

Jonathan Lebon (2 PRs, 2 commits)
  lib/fetcher: Allow clients to append to User-Agent (#1496)
  lib/core: Support <remote>: syntax when listing refs (#1500)

Jonathan Lebon (1 PR, 1 commit)
  lib/sysroot: Fix retrieving non-booted pending deployment (#1472)

Luca Bruno (1 PR, 1 commit)
  rust/bupsplit: minor idiomatic fixes (#1502)

Matthew Leeds (6 PRs, 6 commits)
  lib/repo-finder-mount: Fix path to flatpak repo (#1471)
  lib/repo-finder-mount: Update comment about paths (#1473)
  lib/repo-pull: Fix free function for hash table (#1474)
  lib/remote: Fix memory leak (#1476)
  lib/repo-finder-mount: Improve debug message (#1477)
  lib: Fix memory leaks of OstreeRemote (#1478)

Rasmus Thomsen (1 PR, 1 commit)
  configure: add option for libsystemd (#1490)

Simon McVittie (2 PRs, 5 commits)
  Use Python 3 for tests (#1463)
  PR: #1457
    tests/bootloader-entries-crosscheck: Use Python 3-friendly sorting
    test-concurrency: Explicitly use floor division
    test-concurrency: Replace range with xrange
    test-concurrency: Use Python 3 syntax for octal


Git-EVTag-v0-SHA512: 00afcacb0ad3b8c2c42c2d3e44e1c807a0dbb65beb2ba888ceab459c603d8c1e5ef380abb0a77c02eacba839b0a3b6138a92a0f05e4c2bfe04eeefe41081e6bf
-----BEGIN PGP SIGNATURE-----

iQFHBAABCgAxFiEEq5KKnPjdBikJw3u93EX9WSHBPwsFAlqyj8ITHHdhbHRlcnNA
dmVyYnVtLm9yZwAKCRDcRf1ZIcE/C3p2CACNSfFslraxxBLtJxR6hWnz1r7g1m+N
7v6UdXPLHNOZ85EPV6x9M35on1rVgFCPofwU/nX6yn+QDJV0IyRfKOonqfb7gIDv
jB7r0+bpxHDJXPfCdkTGeZIo7gsnuaerqIlNGSAjinLem0p+w569PD2a5rzQEkym
yLg4cD9ib0MlNINNrH+/jyVJ6da4+yLF2jQ91NNnu1v2HzBzfuyGPVI6T7+1Nx9I
GRzqe2vcZsWLQwnaBHJ5GVXZQSlgzPDqdI3Q/uTW7kG4OD2Qw4TYKw9PsfXzBHLg
GWsWrxoR0A4gFsSQe0xYhTi88Sq5zZNehLEN/5gEwZMqB6yvkl6J3Nie
=K4BR
-----END PGP SIGNATURE-----

2018.2

15 Feb 15:00
v2018.2
Compare
Choose a tag to compare

We're keeping up with the approximately-monthly release cycle. There's
mostly a collection of smaller fixes here, with some enhancements.
I'm biased but my personal favorite is #1438 since it makes
the output of findmnt rather significantly nicer on this workstation
where I have container tooling creating sub-mounts in /var that are
no longer replicated in /sysroot.

For the embedded space, #1411 for devicetree support is likely interesting,
and is related to a discussion on the mailing list:
https://mail.gnome.org/archives/ostree-list/2018-February/msg00001.html

Jonathan's PR #1441 to add callback filtering to checkout
was necessary for us to re-implement some hairy logic from librpm
around "file coloring"; see coreos/rpm-ostree#1227
We're getting quite far along now in having rpm-ostree be a truly
hybrid system, supporting the existing RPM ecosystem.

Marcus definitely wins the "lines changed" count this cycle by adding
SPDX-License-Identifier to all of the C source files (#1439). This happened
because we relicensed the documentation to dual CC BY-SA and GFDL in #1432
to enable a Wikipedia page which I just
noticed exists now!

It's great to see all of the interest in and use of libostree across
the board, and thanks to all contributors!

Alex Kiernan (2 PRs, 2 commits)
  switchroot: Fix split source/build directory (#1445)
  Fix static-compiler when CC includes args (#1454)

Colin Walters (13 PRs, 13 commits)
  ci: Run a subset ⊂ of rpm-ostree's tests (#771)
  ci: Bump flatpak version (and build to f27) (#1400)
  build-sys: Post-release version bump (#1417)
  lib/pull: Port a few functions to new style (#1424)
  ci/papr: Update most contexts to f27 (#1426)
  bin/delta: Fix compilation with relative subdirs --filename (#1427)
  docs: Dual license under CC BY-SA and the GFDL (#1432)
  switchroot: Ensure /sysroot is set to "private" propagation (#1438)
  deploy: SELinux-relabel installed kernel/initramfs data (#1444)
  repo: Create uncompressed-object-cache dir dynamically (#1446)
  core: Add API (and standard concept for) content checksum (#1449)
  fetcher: Drop max queue size assertion in libsoup/libcurl backends (#1453)
  Release 2018.2 (#1455)

Jonathan Lebon (2 PRs, 4 commits)
  lib/checkout: add filter API to skip over files (#1441)
  PR: #1442
    bin/checkout: add --selinux-policy switch
    tests/installed: support TESTS filter
    libotutil: factor out utility to parse file by line

Marcus Folkesson (1 PR, 1 commit)
  Add SPDX-License-Identifier to source files (#1439)

Matthew Leeds (5 PRs, 5 commits)
  man: Add man page for find-remotes (#1410)
  find-remotes: Minor fixes to --finders code (#1414)
  man: Update ostree-summary.xml (#1416)
  lib/pull: Allow specific commits in P2P updates (#1425)
  lib/pull: Properly remove temporary remotes (#1450)

Philip Withnall (1 PR, 1 commit)
  lib/core: Expand documentation for ostree_parse_refspec() (#1437)

William Manley (2 PRs, 4 commits)
  PR: #1411
    Add support for devicetree files alongside the kernel and initramfs
    syslinux: Add support for DEVICETREE from bootloader spec
  PR: #1418
    ostree admin deploy: Add --no-prune option
    ostree admin deploy: Refactor bringing cleaning into `main`

Git-EVTag-v0-SHA512: cbb96ab975e3430d3dcb0552b8b9fec4c32c3d289343a66b304f3d937d56d60f635791b7c31da4118545ecbaec18130cef5d077429b0e0c39fbb235dc7f960b6

2018.1

15 Jan 15:44
v2018.1
Compare
Choose a tag to compare

One of the most notable things in this release is patches
from Gatis Paeglis and William Manley to fix up libostree's
support for systems without an initramfs (prominent in the
embedded/appliance case).

Just as a side note: On the flip side some initial testing of a Fedora Atomic
Host (which uses libostree) was done on an IBM S390x system - real mainframe
hardware. Just like the Linux kernel and systemd, the vision for libostree is to
span a wide range of use cases like this.

Related to this, build patches were contributed by Anton Gerasimov and Marcus
Folkesson - per the above we try to keep our feature set
configurable.

Next I want to note a major new feature landed in this
release that we will be using in rpm-ostree; --copyup support
for rofiles-fuse: #1382
For a long time we were trying to change the Fedora RPM package
scripts to be "pure rofiles" compatible, but I finally decided
to punt on that due to glibc. I suspect other people maintaining
build systems may be in a similar situation.

Also, I landed a series of hardening patches against path
traversal; as I say in the PR set, since we've checked this
in the HTTP code since the start I think we're generally safe:
#1412

There are a variety of other changes here; see
the linked PRs below for more information.

Thanks a lot to all contributors!

Anton Gerasimov (1 PR, 1 commit)
PR: #1397
build-sys: Allow building with curl, but without libsoup
(and 1 commits from other authors)

Colin Walters (9 PRs, 13 commits)
rofiles: Add --copyup option (#1382)
rofiles: Fix --copyup when creating a new file (#1396)
grub2: Exit gracefully if there's no system ostree repository (#1399)
lib/fetcher: Add version to USER_AGENT string (#1406)
Release 2018.1 (#1413)
PR: #1387
build-sys: Post-release version bump
ci: Make rust build nonblocking for now
PR: #1391
Revert "ci: Make rust build nonblocking for now"
build-sys: Link with -ldl for rust build
PR: #1397
bin: Fix cookie builtin build with curl but no soup
(and 1 commits from other authors)
PR: #1412
lib: Validate metadata structure more consistently during pull
lib/checkout: Validate pathnames during checkout
tests: Add a test case for path traversal in a dirtree

Gatis Paeglis (1 PR, 4 commits)
PR: #1401
ostree-grub-generator: update outdated comment
Support for booting without initramfs
deploy: add --karg-none argument
ostree-prepare-root: enabler for simpler kernel arg
(and 1 commits from other authors)

Jonathan Lebon (2 PRs, 4 commits)
tests/libtest-core: support multiple literal checks (#1409)
PR: #1402
bash/ostree: add missing --add-metadata option
bin/commit: add --keep-metadata option
bin/commit: move parent checking code higher up

Marcus Folkesson (1 PR, 1 commit)
lib/pull: allways include ostree-repo-pull-private.h (#1389)

Matthew Leeds (1 PR, 2 commits)
PR: #1407
tests: Use --finders option for find-remotes
find-remotes: Add --finders option

Philip Withnall (1 PR, 1 commit)
build: Fix typo in -Wparentheses warning (#1388)

Simon McVittie (2 PRs, 2 commits)
tests: Don't assume uid == primary gid (#1390)
tests: Assert that byte-order is swapped on LE but not BE CPUs (#1393)

Will Thompson (1 PR, 1 commit)
ostree-grub-generator: fix typo in comment (#1398)

William Manley (1 PR, 1 commit)
PR: #1401
Tests: test-no-initramfs: Test both legacy and new kernel locations
(and 4 commits from other authors)

2017.15

20 Dec 09:36
v2017.15
Compare
Choose a tag to compare

The headlining feature in this release is support for
repository locking, contributed by Dan Nicholson. Currently it is
disabled by default; add locking=true in a repository configuration
file to enable. This feature should be considered as "tech preview"; it's
highly likely we'll stabilize it in its current form, but it's possible something
will change. Currently the locking only protects commit + prune; there is
a large pending PR to extend locking to many more APIs and commands.

Several new APIs were added; for example libostree now has a convenient
API to break a hardlink, which happens in e.g. rpm-ostree in several places
such as handling the RPM database.

Also, multithreading support in the commit APIs was cleaned up and clarified.
It's now possible to call transaction_set_ref() from multiple threads, which
rpm-ostree uses now to import RPMs to OSTree in parallel.

We're tracking an issue with http2+libcurl (#1362) and while I've been too
cowardly to pull out wireshark and gdb to fully track this down, it looks like
there are a number of issues still floating around HTTP2+libcurl (some are
server bugs), that we added support at both build and runtime to disable http2.

The fsck command learned how to verify ref bindings, and relatedly,
the commit command gained a --unbound option to skip creating ref bindings.

Thanks to all contributors

Colin Walters (21 PRs, 26 commits)
  lib/repo: Add MT support for transaction_set_ref(), clarify MT rules (#1358)
  build-sys: Post-release version bump (#1361)
  lib/repo-file: Add casts to appease GLib g_object_ref cast PR (#1363)
  lib/commit: Refactor file commits to separate subdir from content (#1365)
  pull: Add http2=false remote config option (#1368)
  docs/related: Add Balena (#1369)
  lib/commit: Fix memleak in bare-user devino hit path (#1370)
  lib/commit: Use more direct path for regfile commits (#1371)
  build-sys: Add --disable-http2 (#1373)
  lib/repo: Add an API to mark a commit as partial (#1376)
  bin/fsck: Make ref binding verification optional (#1379)
  bin/commit: Support creating "unbound" commits (#1380)
  bin/refs: Disallow aliases to remote refs (#1381)
  Bump libglnx, use "n items" progress for fsck (#1383)
  build-sys: Use -fno-strict-aliasing by default (#1384)
  Release 2017.15 (#1386)
  PR: #1343
    tests: Test concurrent operations
    lib/repo: Add some error prefixing in commit, repo create
    (and 4 commits from other authors)
  PR: #1364
    tests: Change test-corruption to use fatal()
    Add public API for fsck, use it before loading metadata
  PR: #1372
    bin/show: Add --no-byteswap
    bin/commit: Add --add-metadata that accepts g_variant_print() format
  PR: #1375
    lib/repo: Disable locking by default, add locking=true boolean
    lib/repo: Make locking timeout configurable
  PR: #1378
    lib/core: Optimize breaking hardlinks for regfiles
    lib/core: Add a "break hardlink" API

Dan Nicholson (1 PR, 4 commits)
  PR: #1343
    lib/prune: Take exclusive repository lock
    lib/commit: Add repository locking during transactions
    lib/repo: Add locking auto cleanup handler
    lib/repo: Add repo locking mechanism
    (and 2 commits from other authors)

Matthew Leeds (1 PR, 1 commit)
  lib/repo: Properly list remotes of parent repos (#1366)

Philip Withnall (1 PR, 11 commits)
  PR: #1347
    tests: Expand fsck unit tests to cover checks on bindings
    tests: Fix LC_ALL for systems which use .utf8 suffixes
    ostree/commit: Allow --orphan and --bind-ref to be specified together
    ostree/fsck: Add --verify-back-refs option
    lib/repo: Clarify documentation for ostree_repo_list_refs{,_ext}()
    ostree/fsck: Handle refspecs from ostree_repo_list_refs()
    ostree/fsck: Verify commit bindings for each ref
    lib/static-delta: Drop duplicated declaration from private header
    lib/pull: Fix capitalisation in binding verification error messages
    lib/pull: Split verify_bindings() out into a cmdprivate method
    ostree/fsck: Factor out common commit checking code

Sam Thursfield (1 PR, 1 commit)
  README.md: Link to BuildStream (#1360)

Git-EVTag-v0-SHA512: 67edb397e64223ecd05c1285e9cf3da6087a8794d8ecdf1a7c66a56cb3afb042a43184224e61aa8631308bddd5bf5e45587c9b05268a36fe2c676869b522249a

2017.14

04 Dec 18:55
v2017.14
Compare
Choose a tag to compare

This release is almost entirely bugfixes. One notable
fix is a read-after-free when libcurl is finalizing that some
people have hit.

There are a number of improvements around the ${repo}/tmp directory and the
per-transaction staging directory in preparation for adding locking in a future
release. This release should already help avoid several failures when doing
concurrent commits; the aim of the locking work will support concurrent prunes
and commits.

I'm using a new script to generate the shortlog with PR numbers included below:

Thanks to all contributors!

Alexander Larsson (1 PR, 1 commit)
  rofiles-fuse: Fix utime() support (#1351)

Carlos Alberto Lopez Perez (1 PR, 1 commit)
  grub-generator: If OSTREE_BOOT_PARTITION is not set, default to /boot (#1326)

Colin Walters (15 PRs, 18 commits)
  build: Add -Werror=undef by default, fix fallout (#1320)
  lib/pull: Avoid error if current with --require-static-deltas (#1323)
  build-sys: Post-release version bump (#1324)
  build: Work around -Wundef with older GLib (#1327)
  build: Also fix -Werror=undef for old libsoup (#1328)
  deltas: Don't try to rollsum/bsdiff .xz files (#1333)
  lib/traverse: Port to new style (#1338)
  bin: Port a few commands (diff,remote,static-delta) to new style (#1344)
  fetcher/curl: Stop using CURLOPT_LOW_SPEED_TIME/_LIMIT (#1349)
  lib/commit: Use direct repo writes if fsync is disabled (#1354)
  lib/repo: Add a new private API for bare content writes (#1355)
  tests/delta-crosscheck: Disable fsync (#1356)
  lib/repo: Add a DEVINO_CANONICAL commit modifier flag (#1357)
  Release 2017.14 (#1359)
  PR: #1352
    lib/repo: Verify txn stagedir existence after locking
    lib/commit: Move txn stagedir deletion/unlock into one place
    ci: Really show test-suite.log on travis
    tests: Run python tests with stdout unbuffered
    lib/commit: Minor refactoring of tmpdir cleanup code
    lib/commit: Reuse txn dir for tmpfiles

Dan Nicholson (6 PRs, 15 commits)
  tests: Don't symlink rofiles-fuse if it's disabled (#1325)
  bin/summary: Fix --raw option (#1336)
  PR: #1322
    lib/pull: Skip ostree_repo_resolve_keyring_for_collection for bindings
    lib/core: Fix documentation comment in ostree_validate_collection_id
    build: Define OSTREE_ENABLE_EXPERIMENTAL_API for g-ir-scanner
    build: Ensure enumtypes.h is built before enumtypes.c
  PR: #1337
    Revert "lib/pull: Skip ostree_repo_resolve_keyring_for_collection for bindings"
    lib: Include OstreeRemote and OstreeCollectionRef in GIR
    lib/remote: Export ostree_remote_get_type symbol
  PR: #1346
    lib/repo: Don't delete new tmpdir if it can't be locked
    lib/repo: Handle race with existing tmpdir being deleted
    lib/repo: Restore tmpdir reusing out parameter
    lib/repo: Add debug messages when allocating tmpdir
  PR: #1352
    lib/repo: Verify txn stagedir existence after locking
    lib/commit: Move txn stagedir deletion/unlock into one place
    ci: Really show test-suite.log on travis
    tests: Run python tests with stdout unbuffered
    lib/commit: Minor refactoring of tmpdir cleanup code
    lib/commit: Reuse txn dir for tmpfiles

Dusty Mabe (1 PR, 1 commit)
  add back helpful --allow-downgrade err message (#1348)

Joaquim Rocha (1 PR, 1 commit)
  lib/remote: Add a method to return the URL (#1353)

Jonathan Lebon (1 PR, 2 commits)
  PR: #1350
    ci: Make sure we save gtdr test results on failures
    papr: Bump primary to f27

Kalev Lember (1 PR, 1 commit)
  fetcher/curl: Fix invalid memory access in finalize() (#1332)

Philip Withnall (3 PRs, 5 commits)
  build: Add a TODO comment about improving glib-mkenums usage in future (#1330)
  PR: #1335
    lib/repo: Add gtk-doc comment to OstreeRepoCommitState
    lib/repo: Add OSTREE_REPO_COMMIT_STATE_NORMAL to represent most commits
  PR: #1341
    lib/repo: Fix a memory leak of options in ostree_repo_create()
    lib/repo: Add (transfer) annotations to various GHashTable arguments

Will Thompson (1 PR, 1 commit)
  build: fix "executible" typo (#1345)


Git-EVTag-v0-SHA512: 006947e52f45c4a2f7bb11549b666f26727359ab9bb1ec9541ed516b74ec8430356586bfde1b618ac172901ea49227539ac3f80d1efa01ef927d5d89f0b48d85

2017.13

02 Nov 14:34
v2017.13
Compare
Choose a tag to compare

A lot of across-the-board improvements here; the pure bugfixes are mostly in the
experimental Avahi bits, hardening the FIFREEZE on /boot code, explicit
errors when trying to commit non-UTF8 filenames, and finally a number of fixes
around our use of mmap.

One slight backwards-incompatible change (but I doubt it'll break anyone):
Disallow refs starting with a non-letter or digit
If this does affect you, please let us know ASAP.
PR: #1286

For improvements, first up, Alex changed the static delta
code to avoid holding everything in memory; this is a substantial
improvement for large deltas, and also for flatpak which uses
deltas as a "bundle" format.
PR: #1309

A few notable changes:

commit: Add _CONSUME modifier flag
You probably want to use this by default for your build/package
systems.
PR: #1255

core: Add standard SOURCE_TITLE metadata key
This one I think is conceptually quite interesting; for many people, their
ostree commits are derived from something else that has its own versioning,
and it's useful to show that explicitly. I encourage ostree-based build systems
to consider rendering human-readable information about your builds into this
standardized metadata key.
PR: #1296

On the command line side, Ruixin Bao for cleaning
up the --help output significantly.
PR: #1267

And thanks to Simon McVittie for his regular fixups to the tests
to ensure they keep running in Debian!

Full shortlog below:

Alexander Larsson (4):
      Add OtVariantBuilder
      static deltas: Use OtVariantBuilder to create deltas
      static-delta-compilation: Move some things around
      static deltas: Process each part as soon as its done

Colin Walters (58):
      lib/commit: Add some gtk-doc and internal doc comments
      lib/sysroot: Add some more comments
      lib/pull: Fix regression with pull-local for nonexistent refs
      lib/syslinux: Port to fd-relative
      lib/uboot: Port to fd-relative
      lib/pull: Minor cleanup to metadata scanning function, add docs
      lib/core: Init struct stat buffer
      lib/sysroot: Fix pointer going out of scope in unlock code
      Deduplicate and fix up our use of mmap()
      lib/utils: Port a bit to decl-after-stmt style
      lib/pull: Change fetcher to return O_TMPFILE
      lib/util: Delete some unused functions
      lib/deltas: Move variant read helper into the deltas code
      commit: Add _CONSUME modifier flag
      lib: Add a lighter weight internal checksum wrapper
      lib/core: (refactor) Drop wrapper and unneeded args for variant writing
      lib/core: Port a few functions to decl-after-stmt
      lib/core: Use GBytes for file headers
      lib/commit: Make -path commit helper API private
      tree-wide: Update to new libglnx fd APIs
      lib/deploy: Use _exit() for FIFREEZE watchdog
      lib/deltas: Check cancellable during processing
      lib/pull: Drop duplicate/different error for GPG but no detached meta
      lib/pull: Also do commit GPG verification before writing
      tests/basic: Add missing ${COMMIT_ARGS} for bare-user-only
      lib/commit: Implement "adoption" with CONSUME flag
      lib: Use a common helper function to compare checksums
      lib/sysroot: Fix error handling when mounting overlayfs fails
      tests: Add test-pull-bareuseronly
      lib/deltas: Use fastpath for regfile writes for bare-user-only
      lib/deltas: Use pread() instead of lseek()+read()
      lib/commit: Avoid trying to delete `.` with _CONSUME flag
      lib/commit: Fix indentation in file commit code
      lib/commit: Use direct fd xattr operations again on regular files
      syntax-check: Add a rule to enforce glnx_autofd over glnx_fd_close
      lib/pull: Update summary checksum code to use new checksum API
      lib/repo: Update summary code to use newer hashing API
      lib/commit: (refactor) Clean up delta bare write API
      Disallow refs starting with a non-letter or digit
      lib/checkout: For "process whiteouts" mode, replace directories too
      repo: Add wrapper function for setting devino cache on checkout opts
      docs/related-projects: Add Google Usenix link
      bin/status: Port to new style
      bin/status: Inline metadata parsing for versions
      core: Add standard SOURCE_TITLE metadata key
      lib/commit: Fix hardlink checkout commit with bare-user + mod xattrs
      ci: Update centos container to current again
      tree-wide: Use autoptr for OstreeKernelArgs
      lib/repo: Fix loading commitstate with parent repos
      lib/deltas: Fix change to use pread() in write opcode
      lib: Minor static delta fixes
      lib/pull: When --require-static-deltas, use them even for file:/// repos
      lib/pull: Delete unused "exampleos" code
      bin/delta-compilation: Add a "progress bar" for bsdiff generation
      deltas: Add an if0'd bit to print bsdiff objects
      tests: Add a "pull-test2" that uses slightly more realistic content
      Update libglnx
      Release 2017.13

Dan Nicholson (4):
      lib/deploy: Ignore FIFREEZE/FITHAW errors when already in state
      build: Fix bsdiff Makefile circular dependency
      build: Do *.am.inc substitutions from make correctly
      lib/repo: Properly handle NULL homedir when signing commit

Jonathan Lebon (12):
      build-sys: Post-release version bump
      app/main: use HAVE_LIBCURL_OR_LIBSOUP for pull CLI
      ci: really turn on warnings
      tree: fix compiler warnings
      lib/commit: minor coverity fix
      libotutil/checksum-utils: fix openssl compilation
      ci: compile f26/c7-primary with libcurl/openssl
      tests: drop unused variable
      ostree/checksum: port to new decl style
      lib/core: add ostree_checksum_file_at API
      lib/checkout: fallback to checksum for UNION_IDENTICAL
      lib/commit: fix checking flag with bitwise OR

Marcus Folkesson (1):
      docs: mention the $OSTREE_REPO environment variable

Matthew Leeds (2):
      lib/gpg: Print debug info when reading GPG keys
      lib/utils: Check for invalid UTF-8 in filenames

Philip Withnall (10):
      lib/bloom: Add some missing preconditions on n_bytes
      lib/repo-commit: Import detached metadata even if hardlink exists
      docs: Clarify %NULL argument to ostree_sysroot_new()
      lib/repo: Clarify that ostree_repo_remote_fetch_summary() doesn’t verify
      lib/repo-finder-avahi: Fix a leak in a GVariantIter loop
      lib/repo-finder: Add OstreeRepoFinderOverride
      lib/sysroot: Expand docs for ostree_sysroot_get_repo()
      lib/repo-finder-avahi: Fix memory corruption of a GVariantIter
      lib/repo-finder-mount: Fix propagating NULL errors
      lib/repo-finder-mount: Ignore mounts which have a ‘system’ file system

Ruixin Bao (3):
      ostree: Describe subcommands in help output
      ostree: move flags into command struct, pass down through builtins
      ostree: provide command description in a better place

Shaun Taheri (1):
      static deltas: Set optional flag for superblock

Simon McVittie (3):
      Cope with xattr syscalls raising EOPNOTSUPP
      Make sure *.am.inc are up to date before `make dist`
      ostree-system-generator: Include <libglnx.h> for autocleanups

Git-EVTag-v0-SHA512: ccfdad2f0fb324404c1d8886fb415dbf6447ea369ffbd7047c687e167461234c569c3492e7700d975ee92ca8e8951d6eb90e6c52b231e3e23db72a5ed724486e

2017.12

02 Oct 17:11
v2017.12
Compare
Choose a tag to compare

Release 2017.12

Quite a lot in this release. First, on the notable bugfix side,
we fixed an issue where background threads could remain alive
after an error was encountered during pulls. Particularly
for projects like flatpak that do multiple pulls in process, this
is an important fix.
PR: #1185

Another important change related to pulls is that libostree now
performs checksums when mirroring again.
The intent here was to speed up mirroring, but it led to a confusing security
story. Now it's easier to explain: for HTTP pulls we verify checksums
(and this can be disabled), for local filesystem pulls we don't,
(but it can be enabled). We've always verified checksums by
default when pulling from an archive repository into a non-archive.
PR: #1212

Anton Gerasimov contributed a change to the libcurl backend
to support PKCS#11 URIs, useful for storing certificates in a
hardware or software enclave.
PR: #1183

The schema for the experimental OstreeRepoFinderMount API to find OSTree
repos on removable media has changed incompatibly, so that the media doesn’t
need to contain two similar lists of refs. It will now look in .ostree/repos.d,
.ostree/repo, ostree/repo and var/lib/flatpak paths on removable media.
PR: #1179

Similarly, the experimental ostree_repo_resolve_keyring_for_collection() API
has changed to return an OstreeRemote containing the keyring, rather than just
the keyring, making it more generally useful.
PR: #1202

The bloom filter used when finding refs from remote peers has been fixed to
work correctly on 32-bit architectures (such as ARM). This doesn’t change the
bloom filter format, but will require bloom filters created on 32-bit
architectures to be regenerated in order for advertisements from those machines
to work.
PR: #1231

Repositories which have a collection ID set will now put their repository
metadata in an ostree-metadata ref when ostree summary --update is run, in
addition to putting it in the summary file. This is part of a plan to securely
allow unsigned summary files for peer-to-peer pulling of refs. This won’t
happen for repositories which don’t have a collection ID set, or if
--enable-experimental-api is not configured.
PR: #1158

A new ostree create-usb command has been added (if configured with
--enable-experimental-api) which can be used to put refs from repositories onto
removable media in a format which can be detected by OstreeRepoFinderMount.
For example, to allow easy sharing of flatpaks or OS updates between offline
machines.
PR: #1182

OstreeRepo has gained hash() and equal() methods, so it can now easily be used
in a hash table based on its device number and inode, rather than using its
path.
PR: #1179
PR: #1205

A minor bug was fixed in rofiles-fuse, which would cause files to be
created with random mode bits if called for O_RDONLY.
PR: #1200

For clients that use OstreeRepoDevInoCache, a bug was fixed which
caused libostree to ignore callbacks that allow modifying file modes,
ownership, and extended attributes.
PR: #1170

libostree now supports --with-crypto=gnutls. Like the OpenSSL
support, this is currently just checksums, but Jussi Laako
is driving this towards making the GPG
dependency optional and supporting other signature methods.
PR: #1189

In previous releases, libostree learned how to make hardlinks
for local pulls. But if we couldn't hardlink (e.g. the devices
were separate), the local pull code went through a much slower
generic path that included re-checksumming
objects. Now there's a copy/reflink fast path that uses
FICLONE/copy_file_range() directly if possible. This can be
substantially faster.
PR: #1197

ostree prune learned a new --only-branch option. This
can be a lot more convenient for release engineering tasks.
PR: #1127

As usual, more work was done to improve the testsuite. It should
now be able to better detect tmpfs/overlayfs environments. The
upstream CI now also runs tests in a non-overlayfs environment
for better coverage.
PR: #1217
PR: #1170

Anton Gerasimov (1):
      Add support for pkcs11 URIs in TLS client key/certificate

Colin Walters (38):
      lib/repo: Port gpg signing function to new code style
      lib/checkout: Do UNION_FILES via atomic renameat()
      lib/pull: Drop partial fetch code from libsoup backend
      Update libglnx
      tests/prune: Factor out a helper for counting commits in the repo
      bin/prune: Add --only-branch
      ci: Use distro-sync instead of upgrade
      tree-wide: Some glnx_fstatat_allow_noent() porting
      lib/repo: Minor cleanup to object import function
      lib/pull: Wait for pending ops to complete on error
      tests/libtest: Factor out user xattr detection
      lib/repo: Don't syncfs or fsync() dirs if fsync opt is disabled
      lib/repo: Move alloca() outside of loop
      lib/checkout: Squash a gcc maybe-uninitialized warning
      tree-wide: Squash a few warnings when building with no features
      lib: Move bareuseronly verification into commit/core
      lib/commit: Don't try to call linkat() for import on distinct devices
      ci: Add an "all options disabled" context
      lib/repo: Use correct name for tmpdir lockfile
      tree-wide: Remove Emacs modelines
      lib/core: Add static assertions for OstreeRepoMode enum values
      lib: Define an alias OSTREE_REPO_MODE_ARCHIVE
      lib/commit: Some misc porting to decl-after-stmnt
      lib/commit: Add a copy fastpath for imports
      bin/pull: Fix description of --untrusted
      lib/pull: Minor refactoring of metadata scanning function
      lib/pull: Refactor to use OstreeRepoImportFlags internally
      lib/pull: Default checksum for archive mirror, add TRUSTED_HTTP flag
      tests,ci: Move "test-basic" (bare mode) to installed test
      lib/pull: Add status for imported objects
      ci: Record primary context results using g-d-t-r --log-directory
      lib/diff: Add compile-time ABI check on 64 bit arches
      tests/commit-sign: Update a bit to more modern style
      lib/pull: Don't request deltas for unchanged commits
      tree-wide: Bump libglnx, port to new lockfile init
      tests: Add 404 tests for dirtree objects too
      libarchive: Fix assertion error if used with CANONICAL_PERMISSIONS
      Release 2017.12

Jonathan Lebon (11):
      build-sys: Post-release version bump
      rofiles-fuse: also pass mode for O_RDONLY
      tests: allow specifying tmpdir
      tests/libtest: check that we have setfattr
      Add a .vimrc and .editorconfig
      lib/commit: add comments to explain dir commit path
      lib/commit: fix using uninitialized var
      tests/libtest.sh: always nuke repo and files
      lib/commit: don't query devino cache for modified files
      tests: check for relabeling rather than overlay
      tests/installed: also run test-basic-c

Jussi Laako (1):
      Add --with-crypto=gnutls

Matthew Leeds (1):
      lib/pull: Clarify use of unsigned summary support

Philip Withnall (21):
      lib/repo: Add ostree_repo_equal() for comparing repos
      lib/repo-finder-mount: Change the schema for finding repos on volumes
      lib/repo: Drop outdated FIXME comment from ostree-repo.h
      lib/repo: Add ostree_repo_hash() and tests
      lib/repo-finder-mount: Add var/lib/flatpak as a well-known directory
      src/pull: Support local pulls for collection–refs
      create-usb: Add a create-usb command to complement OstreeRepoFinderMount
      lib/repo-refs: Add first version of ostree_repo_resolve_collection_ref()
      lib/repo-pull: Use resolve() instead of list() in fetch_ref_contents()
      lib/repo-pull: Fix a potential minor leak
      lib/repo: Change resolve_keyring_for_collection() to return a remote
      lib/remote: Store name of remote providing keyring for dynamic remotes
      lib/repo-pull: Fix remote names in refspecs from non-mirror P2P pulls
      tests: Add a manual integration test for OstreeRepoFinderMount
      tests: Update some tests to use OSTREE_REPO_MODE_ARCHIVE not ARCHIVE_Z2
      tests/repo: Drop modeline from top of file
      lib/bloom: Fix bloom hashing on 32-bit architectures
      lib/bloom: Fix a -Wconversion warning in OstreeBloom
      man: Fix a copypasta error in ostree-summary.xml
      ostree/summary: Eliminate redundant gotos from error handling path
      ostree/summary: Generate an ostree-metadata ref when updating summary

Simon McVittie (4):
      tests: Fix JavaScript tests with gjs 1.50.0
      test-help.sh: Skip trivial-httpd if enabled
      tests: Explicitly unset LANGUAGE after setting LC_ALL
      tests: Reset umask to 022 while creating test repository

yceh (1):
      bin/commit: Fix build failure when libarchive is not used


Git-EVTag-v0-SHA512: bfa0b7eceb4e4ac915d7ed0a352fa778e47d2ac2bac75fd895ede1f5bcbb65c44848505eb785bac45d57c5574f0ac1d3accb6c323617582cb25c55bc229a3294

2017.11

14 Sep 16:19
v2017.11
Compare
Choose a tag to compare

This release has a few new features, some UX improvements for the command
line, and a variety of bugfixes.

First off though is this commit: docs/build: s/libOSTree/libostree/.
The project is now more canonically called "libostree", though "OSTree"
and "ostree" are also fine.

The most important bugfix for anyone using rofiles-fuse (typically
build systems, rpm-ostree also uses it) is:

Alexander Larsson (1):
rofiles-fuse: Fix lchown() and hardlink verification for symlinks
#1137

On the features side, we've added a few new APIs to the libarchive
importing and checkout path that will be used by rpm-ostree. This
should be of interest to anyone using libostree for build systems
or underlying a hybrid image/package system like rpm-ostree. For
example rpm-ostree automatically converts RPMs that have content
in /boot: coreos/rpm-ostree#969
using the new libarchive filtering that landed here in libostree.
This is because ostree doesn't support updating anything in /boot
besides the bootloader configuration.

Another good example of a package system integration change is the
new OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_IDENTICAL - this matches
the RPM semantic of merging identical files. Thanks to
Ruixin Bao!
#1105

Also on the host system side, there is a new (canonical) place
for build systems to put the kernel/initramfs: /usr/lib/modules/$kver.
This change matches the current Fedora kernel RPM, and was originally
inspired by changes coming from the systemd camp. More information:
#1079

Guy Shapiro contributed a change to have all of the deployments
show up in the uboot configuration, to help enable automatic fallback
if a new OS fails to boot.
#1138

Colin Walters did a lot of style cleanups, some "error prefixing"
work to ensure we produce understandable errors in more situations,
and one other notable cleanup:
boot: Add a tmpfiles.d snippet to clean up /var/tmp/ostree-ovl.XXX
This should be nice for anyone who uses ostree admin unlock frequently.

Dan Nicholson has been doing a lot of work on improving libostree's
management of configuration for remotes:
#1155

Jonathan Lebon did a lot of cleanup in the command line parsing
and fixes for --help, and also helped with the new --selinux-label
option for ostree commit. (And also did tons and tons of code review!)

Robert McQueen has been continuing work on fixing up libostree's handling of
GPG keys that have subkeys - there's now:
lib/gpg: Add _FINGERPRINT_PRIMARY to OstreeGpgVerifyResult
which effectively reverts an earlier change to make the primary key
show up as the main fingerprint.

Philip Withnall and Simon McVittie contributed build system and test
fixes.

$ git shortlog v2017.10..6c0738a000800856d09774d50d16d84c1b537a7b
Alexander Larsson (1):
      rofiles-fuse: Fix lchown() and hardlink verification for symlinks

Colin Walters (46):
      build-sys: Post-release version bump
      boot: Add a tmpfiles.d snippet to clean up /var/tmp/ostree-ovl.XXX
      bin: Squash some -Wuninit warnings with porting to new style
      lib/sysroot: Support /usr/lib/modules/$kver for kernel/initramfs
      docs/build: s/libOSTree/libostree/
      lib/deploy: Add .img to end of initramfs in /usr/lib/modules
      lib/pull: Add support for timestamp-check option, use in upgrader
      lib/commit: Remove duplicated function for filter processing
      lib/commit: Honor commit filter for libarchive --tar-autocreate-parents
      build/maint.mk: Comment out setting of LC_ALL
      bin/main: Remove duplicated usage output on unknown commands
      lib/repo: Add some assertions for ABI sizes
      bin/commit: Add --selinux-policy option
      libarchive: Add support for translating paths during commit
      tree-wide: Replace archive-z2 with archive
      bin/prune: Port to new style
      bin/admin: Port switch,upgrade to new style
      bin/admin: Check for booted deployment to see if we should reboot
      bin/admin: Change init-fs to stop loading a sysroot to init one
      bin/admin: Do sysroot loading during argument parsing
      bin/admin: Check for booted sysroot for root-required commands
      ci: Hackaround Fedora rpm/libdb/glibc issue
      lib/repo: Add apidoc for repo properties
      lib/repo: Add error prefixing during hardlink object import
      bin/local-pull: Clarify docs, add more tests for corrupted local pulls
      lib/sysroot: A bit more new style porting
      lib/gpg: Use nicer helper for gpg error messages
      lib/gpg: Port a few misc gpg functions to new style
      tests/rofiles-fuse: Add tests for chmod/chown
      tree-wide: Use helpers for unlinkat()
      lib/commit: Update docs/code style for ostree_repo_scan_hardlinks()
      lib/pull: Only look for cookie files for non-local remotes
      lib/pull: A bit of new style porting
      lib/commit: Add some error prefixing for txn commit/tmpdir
      lib/sysroot: Use fd-relative acccess for bootversion cleanup
      tree-wide: Add error prefixing for most remaining syscalls
      lib/grub2: Port some to new code style
      lib: Add a private helper to abort txns, use in sysroot cleanup
      lib/syslinux: Port to new code style
      ci: Fixate CentOS container image until rpm-md repos sync
      lib/sysroot: Use direct g_mkdtemp() for overlay tmpdir
      build-sys: Add -Werror=switch
      lib/repo: Port tmpdir locking func to new style
      lib/checkout: Rename disjoint union, change to merge identical files
      tests: Port some bits of C to new style
      Release 2017.11

Dan Nicholson (4):
      repo: Fix non-system remotes-config-dir usage
      sysroot: Reload config after setting sysroot kind
      repo: Add add-remotes-config-dir option
      repo: Ensure new config doesn't set remotes in separate file

Guy Shapiro (3):
      lib/sysroot: fix placement for not-default deployment
      uboot: move system uEnv merge to new function, clean up
      uboot: add non-default deployments to uEnv.txt

Jonathan Lebon (12):
      tests: fix admin upgrade timestamp file check
      pull: better description for --mirror
      ostree-sysroot: convert function to new style
      ostree-sysroot: make simple_write_deployment smarter
      commit: filter out selinux label before commit
      bin/main: Print usage when no command given
      bin/config: Tweak parameter string
      tests/test-help.sh: Rework and strengthen checks
      bin/admin: Don't require root for instutil
      bin/static-delta: Convert to new style and tweak output
      bin/admin: Don't load sysroot for root commands
      bin/remote: don't load repo on root command

Matthew Leeds (5):
      lib/repo-refs: Include remote refs when using collections
      lib/repo-refs: Fix typos in last commit
      tests: Make the deployment mutable in test-sysroot.js
      tests: Check "refs -c PREFIX" behavior
      lib/repo: Update outdated comment

Philip Withnall (2):
      build: Add distcheck configure flags to fix systemd and bash-completion
      build: Ensure ostree-tmpfiles.conf is distributed

Robert McQueen (3):
      lib/gpg: Add _FINGERPRINT_PRIMARY to OstreeGpgVerifyResult
      lib/gpg: Correct missing line prefix with bad signatures
      lib/gpg: Provide the public key to the duplicate check

Ruixin (1):
      checkout: add an extra checkout_overwrite mode

Simon McVittie (6):
      test-libarchive-import: Skip if extended attributes are unsupported
      test-pull-bareuser.sh: This test uses bare-user, hence needs xattrs
      libtest: Allow skipping single checks without user xattrs
      basic-test: Skip explicit uses of bare-user if no user xattrs
      test-basic-user-only: Skip final step if no user xattrs
      Remove shebang from bash completions

Git-EVTag-v0-SHA512: 2b541ac9e19ad265e6b95bf04d2d3bb0efedf95e301709e0261ca74401b4fb3f8431d39c312527537cd3bb94c6870adb5c71b477a8684ac2b04807b50770bb9d