flatpak compile depedencies - permissions denied - linux

I'm creating a flatpak package for vlc. Since flatpak runs in sandbox and vlc depends on lua -> guile -> bdw-gc -> libunistring.
I have to first compile all these dependencies into flatpak sandbox. However bdw-gc and libunistring`` compile perfectly, butguilefails in last step ofmake` with error:
make[1]: Leaving directory '/run/build/guile'
stripping /home/ivansek/projects/vlc/flatpak/vlc-repo2/files/bin/guile to /home/ivansek/projects/vlc/flatpak/vlc-repo2/files/lib/debug/bin/guile.debug
stripping /home/ivansek/projects/vlc/flatpak/vlc-repo2/files/lib/libguile-2.0.so.22.8.1 to /home/ivansek/projects/vlc/flatpak/vlc-repo2/files/lib/debug/lib/libguile-2.0.so.22.8.1.debug
Error: module guile: Error opening file '/home/ivansek/projects/vlc/flatpak/vlc-repo2/files/lib/debug/source/guile/libguile/scmconfig.h': Permission denied
I'm using flatpak-builder for that using manifest file as:
{
"app-id": "org.gnome.vlc",
"runtime": "org.gnome.Platform",
"runtime-version": "3.22",
"sdk": "org.gnome.Sdk",
"command": "vlc",
"finish-args": [
"--socket=x11",
"--share=network",
"--share=ipc",
"--filesystems=host"
],
"modules": [
{
"name": "bdw-gc",
"sources": [
{
"type": "archive",
"url": "http://www.hboehm.info/gc/gc_source/gc-7.6.0.tar.gz",
"sha256": "a14a28b1129be90e55cd6f71127ffc5594e1091d5d54131528c24cd0c03b7d90"
}
]
},
{
"name": "libunistring",
"sources": [
{
"type": "archive",
"url": "http://ftp.gnu.org/gnu/libunistring/libunistring-0.9.6.tar.xz",
"sha256": "2df42eae46743e3f91201bf5c100041540a7704e8b9abfd57c972b2d544de41b"
}
]
},
{
"name": "guile",
"sources": [
{
"type": "archive",
"url": "https://ftp.gnu.org/gnu/guile/guile-2.0.13.tar.xz",
"sha256": "3744f2addc282a0de627aaef048f062982b44564d54ac31ff5217972529ed88b"
}
]
},
{
"name": "autogen",
"sources": [
{
"type": "archive",
"url": "https://ftp.gnu.org/gnu/autogen/rel5.18/autogen-5.18.tar.xz",
"sha256": "0c2dce22d4306ea29a01f6e54a35ea2b42dc7cf14f9818057b785e375bfbb784"
}
]
},
{
"name": "lua",
"sources": [
{
"type": "archive",
"url": "https://www.lua.org/ftp/lua-5.3.3.tar.gz",
"sha256": "5113c06884f7de453ce57702abaac1d618307f33f6789fa870e87a59d772aca2"
}
]
},
{
"name": "vlc",
"sources": [
{
"type": "archive",
"url": "http://get.videolan.org/vlc/2.2.4/vlc-2.2.4.tar.xz",
"sha256": "1632e91d2a0087e0ef4c3fb4c95c3c2890f7715a9d1d43ffd46329f428cf53be"
}
]
}
]
}
How can I solve this problem, or what is another approach to include vlc in flatpak?

Related

Gitlab: Dependency scanner report is not shown on security dashboard

I am trying to create my own security scanner which will check dependencies. To test the functionality, I created a "mock scanner" which downloads a file from webhook, and saves it as an artifact ought to be uploaded to the server.
The artifact is uploaded successfully and in the CI output I can see the 201 code, but for some reason it is not presented in the security dashboard.
What am I doing wrong?
Thank you!
The CI job looks as following:
mysec_dependency_scanning:
stage: test
script:
- curl https://webhook.site/XXXX -o gl-dependency-scanning-report.json
- sleep 3
allow_failure: true
artifacts:
reports:
dependency_scanning: gl-dependency-scanning-report.json
The content of the json file is from the example provided by gitlab and it as following:
{
"version": "2.0",
"vulnerabilities": [
{
"id": "51e83874-0ff6-4677-a4c5-249060554eae",
"category": "dependency_scanning",
"name": "alik alik",
"message": "Regular Expression Denial of Service in debug",
"description": "alik to regular expression denial of service when untrusted user input is passed into the `o` formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.",
"severity": "Unknown",
"solution": "Upgrade to latest versions.",
"scanner": {
"id": "dadada",
"name": "dadada"
},
"location": {
"file": "yarn.lock",
"dependency": {
"package": {
"name": "debug"
},
"version": "1.0.5"
}
},
"identifiers": [
{
"type": "gemnasium",
"name": "Gemnasium-37283ed4-0380-40d7-ada7-2d994afcc62a",
"value": "37283ed4-0380-40d7-ada7-2d994afcc62a",
"url": "https://deps.sec.gitlab.com/packages/npm/debug/versions/1.0.5/advisories"
}
],
"links": [
{
"url": "https://nodesecurity.io/advisories/534"
},
{
"url": "https://github.com/visionmedia/debug/issues/501"
},
{
"url": "https://github.com/visionmedia/debug/pull/504"
}
]
},
{
"id": "5d681b13-e8fa-4668-957e-8d88f932ddc7",
"category": "dependency_scanning",
"name": "Authentication bypass via incorrect DOM traversal and canonicalization",
"message": "Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js",
"description": "Some XML DOM traversal and canonicalization APIs may be inconsistent in handling of comments within XML nodes. Incorrect use of these APIs by some SAML libraries results in incorrect parsing of the inner text of XML nodes such that any inner text after the comment is lost prior to cryptographically signing the SAML message. Text after the comment, therefore, has no impact on the signature on the SAML message.\r\n\r\nA remote attacker can modify SAML content for a SAML service provider without invalidating the cryptographic signature, which may allow attackers to bypass primary authentication for the affected SAML service provider.",
"severity": "Unknown",
"solution": "Upgrade to fixed version.\r\n",
"scanner": {
"id": "dadada",
"name": "dadada"
},
"location": {
"file": "yarn.lock",
"dependency": {
"package": {
"name": "saml2-js"
},
"version": "1.5.0"
}
},
"identifiers": [
{
"type": "gemnasium",
"name": "Gemnasium-9952e574-7b5b-46fa-a270-aeb694198a98",
"value": "9952e574-7b5b-46fa-a270-aeb694198a98",
"url": "https://deps.sec.gitlab.com/packages/npm/saml2-js/versions/1.5.0/advisories"
},
{
"type": "cve",
"name": "CVE-2017-11429",
"value": "CVE-2017-11429",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11429"
}
],
"links": [
{
"url": "https://github.com/Clever/saml2/commit/3546cb61fd541f219abda364c5b919633609ef3d#diff-af730f9f738de1c9ad87596df3f6de84R279"
},
{
"url": "https://github.com/Clever/saml2/issues/127"
},
{
"url": "https://www.kb.cert.org/vuls/id/475445"
}
]
}
],
"remediations": [
{
"fixes": [
{
"id": "5d681b13-e8fa-4668-957e-8d88f932ddc7",
}
],
"summary": "Upgrade saml2-js",
"diff": "ZGlmZiAtLWdpdCBhL...OR0d1ZUc2THh3UT09Cg==" // some content is omitted for brevity
}
]
}
I was able to fix the problem, the issue was an invalid json format.
Had to do alot of trial and error but I was able to create a working template for a dependency scanning report.
{
"version": "3.0.0",
"vulnerabilities": [
{
"id": "dfa1f7f3d56db6e1c3451a232de42f153e0335611de6f0344443d84e448ee2cf",
"category": "dddda",
"name": "dddda",
"message": "ddda",
"description": "dddda lack of validation in `index.js`.",
"cve": "dada",
"severity": "Critical",
"solution": "Upgrade to version 2.0.5 or above.",
"scanner": {
"id": "lalal",
"name": "Code_Analyzer"
},
"location": {
"file": "yarn.lock",
"dependency": {
"iid": 447,
"package": {
"name": "copy-props"
},
"version": "2.0.4"
}
},
"identifiers": [
{
"type": "dada",
"name": "dada-e9e12690-2e4d-4251-bef0-7357ddc05881",
"value": "e9e57890-5e4d-4832-bef2-7337ddc05889",
"url": "https://gitlab.com/gitlab-org/security-products/gemnasium-db/-/blob/master/npm/copy-props/CVE-2219-28503.yml"
},
{
"type": "cve",
"name": "CVE-2237-28503",
"value": "CVE-2237-28503",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2237-28503"
}
],
"links": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2237-28503"
}
]
}
],
"remediations": [],
"dependency_files": [
{
"path": "yarn.lock",
"package_manager": "yarn",
"dependencies": [
{
"iid": 447,
"dependency_path": [
{
"iid": 708
},
{
"iid": 707
}
],
"package": {
"name": "copy-props"
},
"version": "2.0.4"
}
]
}
],
"scan": {
"scanner": {
"id": "lalal",
"name": "Code_Analyzer",
"url": "https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium",
"vendor": {
"name": "lalal"
},
"version": "2.29.5"
},
"type": "dependency_scanning",
"start_time": "2021-05-03T06:47:29",
"end_time": "2021-05-03T06:47:30",
"status": "success"
}
}

Icon is not visible on release task catalog in Azure DevOps pipeline. vss-extension.json as below,

{
"manifestVersion": 1,
"id": "build-release-task",
"name": "",
"version": "1.1.9",
"publisher": " ",
"targets": [
{
"id": "Microsoft.VisualStudio.Services"
}
],
"description": "",
"categories": [
"Azure Pipelines"
],
"icons": {
"default": "images/extension-icon.png"
},
"files": [
{
"path": "buildAndReleaseTask"
},
{
"path": "images",
"addressable": true
}
],
"contributions": [
{
"id": "custom-build-release-task",
"type": "ms.vss-distributed-task.task",
"targets": [
"ms.vss-distributed-task.tasks"
],
"properties": {
"name": "buildAndReleaseTask",
"icon": "images/extension-icon.png"
}
}
]
}
You should put the icon file also in the task folder (where the .ts/.ps1 files).

Why does Alexa SDK throw an error when migrating from Dialogflow

I'm trying to migrate my action form Dialogflow, and the most important thing is the intent schema. But after uploading the .json file, the error Intent name must not be empty. Error code: MissingIntentName is thrown. Here is Intent schema.json
{
"intents": [
{
"intent": "SelectedSubjectsYes"
},
{
"intent": "UserIsOk",
"slots": [
{
"name": "okslot",
"type": "OK"
}
]
},
{
"intent": "SelectedSubjectsNo"
},
{
"intent": "UserIsNotOk",
"slots": [
{
"name": "not_okslot",
"type": "NOT_OK"
}
]
},
{
"intent": "DefaultWelcomeIntent"
},
{
"intent": "HowAreYou?"
},
{
"intent": "SelectedSubjects",
"slots": [
{
"name": "subjectslot",
"type": "SUBJECT"
}
]
}
]
}
I've in no way edited it, so why the error? Thanks in advance.
The JSON structure for interaction model is sightly different. This is how it should look now.
{
"interactionModel": {
"languageModel": {
"invocationName": "Your invocation name",
"intents": [
{
"name": "SelectedSubjectsYes",
"slots": [],
"samples": [
"provide sample for SelectedSubjectsYes intent",
"sample for SelectedSubjectsYes intent"
]
},
{
"name": "UserIsOk",
"slots": [
{
"name": "okslot",
"type": "OK"
}
],
"samples": [
"provide other samples for UserIsOk",
"I'm {okslot}",
"{okslot}"
]
},
{
"name": "SelectedSubjectsNo",
"slots": [],
"samples": [
"provide sample for SelectedSubjectsNo intent",
"sample for SelectedSubjectsNo intent"
]
},
{
"name": "UserIsNotOk",
"slots": [
{
"name": "not_okslot",
"type": "NOT_OK"
}
],
"samples": [
"provide other samples for UserIsNotOk",
"i'm {not_okslot}",
"{not_okslot}"
]
},
{
"name": "HowAreYou?",
"slots": [],
"samples": [
"provide sample for HowAreYou intent",
"sample for HowAreYou intent"
]
},
{
"name": "SelectedSubjects",
"slots": [
{
"name": "subjectslot",
"type": "SUBJECT"
}
],
"samples": [
"provide other samples for SelectedSubjects",
"i choose {subjectslot}"
]
}
],
"types": [
{
"name": "OK",
"values": [
{
"name": {
"value": "ok"
}
},
{
"name": {
"value": "yes"
}
}
]
},
{
"name": "NOT_OK",
"values": [
{
"name": {
"value": "not ok"
}
},
{
"name": {
"value": "nope"
}
}
]
},
{
"name": "SUBJECT",
"values": [
{
"name": {
"value": "Physics"
}
},
{
"name": {
"value": "Biology"
}
}
]
}
]
}
}
}
Rather than converting from Dialog flow, it's pretty easy to design one in Alexa skill builder. Also, it is recommended to use predefined AMAZON.YesIntent and AMAZON.NoIntent for "yes" or "no" utterances.

Error creating a customContent on a confluence addon

Today I was trying to create a confluence addon for my company and I've try following atlassian documents.
My problem comes trying to run the express app when adding a new customContent to the atlassian-connect.json, after running npm start I get the following error.
Failed to register with host https‍://admin:xxx#xxx.atlassian.net/wiki (200)
{"type":"INSTALL","pingAfter":300,"status":{"done":true,"statusCode":200,"con
tentType":"application/vnd.atl.plugins.task.install.err+json","subCode":"upm.
pluginInstall.error.descriptor.not.from.marketplace","source":"https‍://1a0adc
8f.ngrok.io/atlassian-connect.json","name":"https‍://1a0adc8f.ngrok.io/atlassi
an-connect.json"},"links":{"self":"/wiki/rest/plugins/1.0/pending/b88594d3-c3
c2-4760-b687-c8d860c0a377","alternate":"/wiki/rest/plugins/1.0/tasks/b88594d3
-c3c2-4760-b687-c8d860c0a377"},"timestamp":1502272147602,"userKey":"xxx","id":"xxx"}
Add-on not registered; no compatible hosts detected
This is my atlassian-connect.json file:
{
"key": "my-add-on",
"name": "Ping Pong",
"description": "My very first add-on",
"vendor": {
"name": "Angry Nerds",
"url": "https://www.atlassian.com/angrynerds"
},
"baseUrl": "{{localBaseUrl}}",
"links": {
"self": "{{localBaseUrl}}/atlassian-connect.json",
"homepage": "{{localBaseUrl}}/atlassian-connect.json"
},
"authentication": {
"type": "jwt"
},
"lifecycle": {
"installed": "/installed"
},
"scopes": [
"READ"
],
"modules": {
"generalPages": [
{
"key": "hello-world-page-jira",
"location": "system.top.navigation.bar",
"name": {
"value": "Hello World"
},
"url": "/hello-world",
"conditions": [{
"condition": "user_is_logged_in"
}]
},
{
"key": "customersViewer",
"location": "system.header/left",
"name": {
"value": "Hello World"
},
"url": "/hello-world",
"conditions": [{
"condition": "user_is_logged_in"
}]
}
],
"customContent": [
{
"key": "customer",
"name": {
"value": "Customers"
},
"uiSupport": {
"contentViewComponent": {
"moduleKey": "customersViewer"
},
"listViewComponent": {
"moduleKey": "customerList"
},
"icons": {
"item": {
"url": "/images/customers.png"
}
}
},
"apiSupport": {
"supportedContainerTypes": ["space"]
}
}
]
}
}
Does anybody has an idea on whats going on?
The contentViewComponent can't find the generalPage it is referencing in moduleKey.
From the docs:
In the snippet above, the moduleKey “customersViewer” maps to a
generalPage module we have defined in our add-on. This generalPage is
passed the context parameters we specify, and visualizes our content
accordingly.
If you change the generalPage with the key hello-world-page-confluence to customersVieweryou be able to install and get up and running.

Symfony2 composer adding own bundle requirement

How can I install a specific Bundle (for example SonataGoutteBundle) to my Symfony2 project via composer?
I tried this, but it doesn't work for me. Any ideas what's wrong?
"repositories": [
{
"type": "package",
"package": {
"name": "sonata-project/sonatagouttebundle",
"version": "dev-master",
"dist": {
"url": "https://github.com/sonata-project/SonataGoutteBundle.git",
"type": "git"
}
}
}
],
"require": {
"php": ">=5.3.3",
[...],
"sonata-project/sonatagouttebundle": "dev-master"
}
Try something like
{
"repositories": [
{
"type": "vcs",
"url": "https://github.com/sonata-project/SonataGoutteBundle.git"
}
],
"require": {
"php": ">=5.3.3",
"vendor/bundle": "dev-master"
}
}
The SonataGoutteBundle must have a composer.json
In this particular case, this would work:
"repositories": [
{
"type": "package",
"package": {
"name": "sonata-project/goutte",
"version": "dev-master",
"source": {
"url": "https://github.com/sonata-project/SonataGoutteBundle.git",
"type": "git",
"reference": "master"
}
}
}
],
"require": {
"php": ">=5.3.3",
"sonata-project/goutte": "dev-master"
}
For all options see the documentation
You should provide a link to an archive (like zip) in "dist" section. If you want to use git you should define "source" section instead:
{
"repositories": [
{
"type": "package",
"package": {
"name": "sonata-project/sonatagouttebundle",
"version": "dev-master",
"source": {
"url": "https://github.com/sonata-project/SonataGoutteBundle.git",
"type": "git",
"reference": "master"
}
}
}
],
"require": {
"php": ">=5.3.3",
"sonata-project/sonatagouttebundle": "dev-master"
}
}
More about defining custom repositories: http://getcomposer.org/doc/04-schema.md#repositories

Resources