[00:33:18]
<Yunohost Git/Infra notifications> [apps] oleole39 opened [pull request #3274](https://github.com/YunoHost/apps/pull/3274): Update security.toml generated by the new script
[00:46:51]
<orhtej2> > <@yunohostinfra:matrix.org> [apps] oleole39 opened [pull request #3274](https://github.com/YunoHost/apps/pull/3274): Update security.toml generated by the new script
Gitlab goes https://www.youtube.com/watch?v=CAyWN9ba9J8
[01:02:20]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 opened [pull request #60](https://github.com/YunoHost/apps_tools/pull/60): Update vulnerabilities database script
[01:06:36]
<Yunohost Git/Infra notifications> [apps] oleole39 edited [pull request #3274](https://github.com/YunoHost/apps/pull/3274): Update security.toml generated by the new script
[01:15:34]
<Aleks (he/him/il/lui)> 138 entries for Gitlab urhg
[01:16:14]
<Aleks (he/him/il/lui)> ah and that's only 2025 ???
[01:16:32]
<Aleks (he/him/il/lui)> 😵💫
[01:17:06]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 [commented](https://github.com/YunoHost/apps_tools/pull/60#issuecomment-3697983504) on [issue #60](https://github.com/YunoHost/apps_tools/pull/60) Update vulnerabilities database script: Also, the log warns when an app may have a "CPE" although not declared in the manifest: https://paste.yunohost.org/retig...
[01:18:58]
<Aleks (he/him/il/lui)> maybe we want to filter-out "medium" CVE idks ... like for example:
>An issue was discovered in GitLab EE affecting all versions starting with 12.3 before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. A vulnerability in certain GitLab instances could allow an attacker to cause a denial of service condition by manipulating specific API inputs.
"an attackr may be able to cause denial of service" is not really "that much" worrysome i suppose idk
[01:19:11]
<Aleks (he/him/il/lui)> would need to dig deeper to understand the zoology of CVE
[01:20:04]
<Aleks (he/him/il/lui)> but 94 of the 138 entries for Gitlab are "just" medium
[01:23:26]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 [commented](https://github.com/YunoHost/apps_tools/pull/60#issuecomment-3697993228) on [issue #60](https://github.com/YunoHost/apps_tools/pull/60) Update vulnerabilities database script: Hmm probably the modif to utils.py is not required, I had not noticed the last changes on my branch...
[01:31:49]
<Yunohost Git/Infra notifications> [borg_ynh] kay0u [commented](https://github.com/YunoHost-Apps/borg_ynh/pull/248#discussion_r2652046016) on pull request #248 Upgrade sources: > Also, does it work without adding fm: in --glob-archives? hmm yes, it does > > --glob-archives "re:^{name}-\\d...
[01:45:26]
<m606> yes (at least "publication date")
[01:45:45]
<m606> yes (at least for "publication date" of CVEs)
[01:49:02]
<m606> haven't digged either. but although hard-coded for now, severity target can be changed easily - https://github.com/YunoHost/apps_tools/blob/d1db75a0babbd1dc1141398a270b914c19a958a2/update_vulnerabilities_database/update_vulnerabilities_database.py#L42
[08:38:52]
<Yunohost Git/Infra notifications> [apps] Thovi98 pushed to update_app_levels: grav back to 8 ([4d202eab](https://github.com/YunoHost/apps/commit/4d202eabe57d91863ad78f13e0b90f814bc722c3))
[08:38:56]
<Yunohost Git/Infra notifications> [apps] Thovi98 edited [pull request #3263](https://github.com/YunoHost/apps/pull/3263): Update app levels according to CI results
[08:39:18]
<Yunohost Git/Infra notifications> [apps] Thovi98 pushed 9 commits to update_app_levels ([4d202eabe57d...633b01ee2e81](https://github.com/YunoHost/apps/compare/4d202eabe57d...633b01ee2e81))
[08:40:58]
<Yunohost Git/Infra notifications> App invoiceshelf failed all tests in job [#25899](https://ci-apps.yunohost.org/ci/job/25899) !
[08:42:50]
<Yunohost Git/Infra notifications> [apps] Thovi98 edited [pull request #3263](https://github.com/YunoHost/apps/pull/3263): Update app levels according to CI results
[08:42:52]
<Yunohost Git/Infra notifications> [apps] Thovi98 edited [pull request #3263](https://github.com/YunoHost/apps/pull/3263): Update app levels according to CI results
[08:42:54]
<Yunohost Git/Infra notifications> [apps] Thovi98 edited [pull request #3263](https://github.com/YunoHost/apps/pull/3263): Update app levels according to CI results
[08:50:08]
<Yunohost Git/Infra notifications> [apps] Thovi98 edited [pull request #3263](https://github.com/YunoHost/apps/pull/3263): Update app levels according to CI results
[08:50:11]
<Yunohost Git/Infra notifications> [apps] Thovi98 edited [pull request #3263](https://github.com/YunoHost/apps/pull/3263): Update app levels according to CI results
[09:00:21]
<Yunohost Git/Infra notifications> [apps] ericgaspar pushed to update_app_levels: Update apps.toml ([13e24ff4](https://github.com/YunoHost/apps/commit/13e24ff4f4358ef9a3a29563b68692f941037379))
[09:00:48]
<Yunohost Git/Infra notifications> [apps] ericgaspar deleted branch update_app_levels
[09:00:50]
<Yunohost Git/Infra notifications> [apps] ericgaspar merged [pull request #3263](https://github.com/YunoHost/apps/pull/3263): Update app levels according to CI results
[09:03:13]
<Yunohost Git/Infra notifications> [vaultwarden_ynh] ericgaspar pushed to testing: Update manifest.toml ([dc42e564](https://github.com/YunoHost-Apps/vaultwarden_ynh/commit/dc42e5649345f939e0591ccdfb7a5b99ee607d4e))
[09:16:56]
<Yunohost Git/Infra notifications> [borg_ynh] fflorent [commented](https://github.com/YunoHost-Apps/borg_ynh/pull/248#discussion_r2652573490) on pull request #248 Upgrade sources: > But we can have a simpler regex, for example: That would probably do the job, yes
[09:34:33]
<Yunohost Git/Infra notifications> [vaultwarden_ynh] ericgaspar pushed to testing: Merge branch testing of https://github.com/YunoHost-Apps/vaultwarden_ynh into testing ([4ef8c603](https://github.com/YunoHost-Apps/vaultwarden_ynh/commit/4ef8c603784df95a0ecbdbc704c0054ca6a2ad86))
[09:34:33]
<Yunohost Git/Infra notifications> [vaultwarden_ynh] ericgaspar pushed to testing: Update vaultwarden.env ([0572ad97](https://github.com/YunoHost-Apps/vaultwarden_ynh/commit/0572ad979899be18a15c85df717d1da956f7416a))
[09:36:30]
<Yunohost Git/Infra notifications> App mattermost goes down from level 8 to 6 in job [#26219](https://ci-apps.yunohost.org/ci/job/26219)
[10:41:09]
<Yunohost Git/Infra notifications> App dokos rises from level 2 to 6 in job [#26225](https://ci-apps.yunohost.org/ci/job/26225) !
[11:20:15]
<Yunohost Git/Infra notifications> App invidious stays broken (level 0) in job [#23789](https://ci-apps.yunohost.org/ci/job/23789)
[12:50:58]
<Yunohost Git/Infra notifications> [apps] yunohost-bot opened [pull request #3275](https://github.com/YunoHost/apps/pull/3275): Add ChromeDriver to wishlist
[12:51:31]
<Yunohost Git/Infra notifications> [apps] orhtej2 [commented](https://github.com/YunoHost/apps/pull/3275#issuecomment-3699265452) on [issue #3275](https://github.com/YunoHost/apps/pull/3275) Add ChromeDriver to wishlist: This is to address ChangeDetector benefitting from usage of Chromium content extractor
[13:12:20]
<Yunohost Git/Infra notifications> [penpot_ynh] orhtej2 pushed to orhtej2-patch-1: Update main-001.patch ([8ae7fa32](https://github.com/YunoHost-Apps/penpot_ynh/commit/8ae7fa32bf789bbe427b7a4ae3885040b187b49e))
[13:12:26]
<Yunohost Git/Infra notifications> [penpot_ynh] orhtej2 opened [pull request #174](https://github.com/YunoHost-Apps/penpot_ynh/pull/174): Update main-001.patch
[13:29:28]
<Yunohost Git/Infra notifications> [penpot_ynh] orhtej2 just made [pull request #174](https://github.com/YunoHost-Apps/penpot_ynh/pull/174) ready for review: Update main-001.patch
[13:29:33]
<Yunohost Git/Infra notifications> [penpot_ynh] orhtej2 merged [pull request #174](https://github.com/YunoHost-Apps/penpot_ynh/pull/174): Update main-001.patch
[13:29:35]
<Yunohost Git/Infra notifications> [penpot_ynh] orhtej2 deleted branch orhtej2-patch-1
[13:37:44]
<Yunohost Git/Infra notifications> [penpot_ynh] orhtej2 pushed to orhtej2-patch-1: Update install ([e392edb6](https://github.com/YunoHost-Apps/penpot_ynh/commit/e392edb6b487c73522ff0994e185ac0059363785))
[13:37:51]
<Yunohost Git/Infra notifications> [penpot_ynh] orhtej2 opened [pull request #175](https://github.com/YunoHost-Apps/penpot_ynh/pull/175): Update install
[17:45:20]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 [commented](https://github.com/YunoHost/apps_tools/pull/60#issuecomment-3697993228) on [issue #60](https://github.com/YunoHost/apps_tools/pull/60) Update vulnerabilities database script: Hmm probably the modif to utils.py is not required, I had not noticed the last changes on my branch...
[18:48:49]
<Yunohost Git/Infra notifications> [apps_tools] alexAubin [commented](https://github.com/YunoHost/apps_tools/pull/60#discussion_r2653626043) on pull request #60 Update vulnerabilities database script: suggestion 4. Go to script directory (or somewhere else actually) and create a Python Virtual environment: python3 -...
[18:49:20]
<Yunohost Git/Infra notifications> [apps_tools] alexAubin [commented](https://github.com/YunoHost/apps_tools/pull/60#discussion_r2653626921) on pull request #60 Update vulnerabilities database script: suggestion 1. for only a few apps: python3 update_vulnerabilities_database.py -c path/to/apps_cache -l path/to/apps...
[19:02:55]
<Yunohost Git/Infra notifications> [apps_tools] alexAubin [commented](https://github.com/YunoHost/apps_tools/pull/60#discussion_r2653653252) on pull request #60 Update vulnerabilities database script: Considering that this loop will do nothing in the negative case, you want to write instead python if status = Anal...
[19:06:35]
<Yunohost Git/Infra notifications> [vaultwarden_ynh] ericgaspar pushed to testing: Update manifest.toml ([532b6efc](https://github.com/YunoHost-Apps/vaultwarden_ynh/commit/532b6efc91a6bea59145bea395a73eb3f7825cb2))
[19:07:12]
<Yunohost Git/Infra notifications> [apps_tools] alexAubin [commented](https://github.com/YunoHost/apps_tools/pull/60#discussion_r2653665106) on pull request #60 Update vulnerabilities database script: Sounds like this bloc is the same for all 3 cases of the "if" so might just be simpler to factor it out ?
[19:20:33]
<Yunohost Git/Infra notifications> [apps_tools] alexAubin [commented](https://github.com/YunoHost/apps_tools/pull/60#discussion_r2653698602) on pull request #60 Update vulnerabilities database script: Uuuuuuh wokay I see this kind of stuff in every docstring but Im not sure to understand the value of listing every depe...
[21:04:41]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 [commented](https://github.com/YunoHost/apps_tools/pull/60#discussion_r2653899132) on pull request #60 Update vulnerabilities database script: yes I agree... The use case I thought of is for if one want to reuse a function for an other purpose, it makes it quick ...
[21:06:01]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 edited [pull request #60](https://github.com/YunoHost/apps_tools/pull/60): Update vulnerabilities database script
[21:07:06]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 edited [pull request #60](https://github.com/YunoHost/apps_tools/pull/60): Update vulnerabilities database script
[21:07:30]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 edited [pull request #60](https://github.com/YunoHost/apps_tools/pull/60): Update vulnerabilities database script
[21:08:35]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 edited [pull request #60](https://github.com/YunoHost/apps_tools/pull/60): Update vulnerabilities database script
[21:08:54]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 edited [pull request #60](https://github.com/YunoHost/apps_tools/pull/60): Update vulnerabilities database script
[21:31:51]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 [commented](https://github.com/YunoHost/apps_tools/pull/60#discussion_r2653932670) on pull request #60 Update vulnerabilities database script: I think I prefer the indented view personally, but I dont mind so much.
[21:32:35]
<Yunohost Git/Infra notifications> [apps_tools] oleole39 edited a [comment](https://github.com/YunoHost/apps_tools/pull/60#discussion_r2653932670) on pull request #60 Update vulnerabilities database script: I think I prefer the indented view personally to show visually whats under this condition, but I dont mind so much.
[21:52:36]
<m606> is there a "default" php version on YNH ? this is for a package of the app which does not specify the php version (and apt packages do not give a clue), so I have to select it
[21:54:37]
<Yunohost Git/Infra notifications> App discourse rises from level 3 to 7 in job [#26228](https://ci-apps.yunohost.org/ci/job/26228) !
[22:02:02]
<ewilly> > <@m606:matrix.org> is there a "default" php version on YNH ? this is for a package of the app which does not specify the php version (and apt packages do not give a clue), so I have to select it
Yep see https://github.com/YunoHost/yunohost/blob/90a6b7c85e776f7aecda2a91066bf560589c4f77/helpers/helpers.v2.1.d/php#L22
[22:06:37]
<m606> thanks. somehow I don't see why I have this error message then: https://github.com/YunoHost/yunohost/blob/90a6b7c85e776f7aecda2a91066bf560589c4f77/helpers/helpers.v2.1.d/php#L70
[22:06:56]
<m606> but actually maybe I don't need a custom phpfpm config... I'll try without
[22:18:36]
<m606> hmm no, I guess no helper `ynh_config_add_phpfpm` no phpfmp.
[22:27:09]
<Yunohost Git/Infra notifications> [vaultwarden_ynh] ericgaspar pushed to docker: Update manifest.toml ([d6e5a19a](https://github.com/YunoHost-Apps/vaultwarden_ynh/commit/d6e5a19a6cafc3ea9eaf592f8353501bcdb24861))
[22:27:37]
<Yunohost Git/Infra notifications> [vaultwarden_ynh] ericgaspar merged [pull request #300](https://github.com/YunoHost-Apps/vaultwarden_ynh/pull/300): Testing
[22:30:17]
<Yunohost Git/Infra notifications> [vaultwarden_ynh] ericgaspar pushed 84 commits to postgresql ([d4ff14fd5e0a...257ed0c6ce06](https://github.com/YunoHost-Apps/vaultwarden_ynh/compare/d4ff14fd5e0a...257ed0c6ce06))
[22:33:40]
<Aleks (he/him/il/lui)> $php_version is initialized from the phpX.Y-foobar packages that are listed in the apt dependencies of the app
[22:34:07]
<m606> `packages = ["php-mbstring", "php-imagick", "imagemagick", "php-curl", "curl", "php-apcu"]`
[22:34:23]
<Aleks (he/him/il/lui)> yeah, don't add php dependencies without specifying explicitly the version
[22:34:58]
<Aleks (he/him/il/lui)> if you don't know then, idk, use the latest php version available ? Something like 8.4 i think
[22:35:35]
<m606> better hard-coded than `ls /usr/bin -1 | grep php | tail -n 1 `?
[22:35:47]
<Aleks (he/him/il/lui)> yes
[22:36:08]
<Aleks (he/him/il/lui)> because if it's explicitly specified in the manifest, there's no ambiguity
[22:36:33]
<Aleks (he/him/il/lui)> if you try to scrap some version from /usr/bin, you don't know what you're gonna get, could be something different between bookworm and trixie, it's gonna be a mess
[22:40:21]
<m606> or can I clarify in the doc that it is not optional ? https://doc.yunohost.org/en/dev/packaging/resources#provisionupdate
[22:40:39]
<m606> is there any use case where one would not need to specify php version for a php app?
[22:40:55]
<Aleks (he/him/il/lui)> don't think so, i think the linter is supposed to warn you about not using php dependencies that do not explicitly specify the version...
[22:43:25]
<Aleks (he/him/il/lui)> https://github.com/YunoHost/package_linter/blob/fcec66c012ab20f77fd13d539e8d944a8078ad74/tests/test_scripts.py#L572-L579 merf that's the check but it's from the packaging v1 era and hasnt been adapted
[22:44:46]
<Yunohost Git/Infra notifications> App emailpoubelle stays at level 4 in job [#26231](https://ci-apps.yunohost.org/ci/job/26231)
[22:45:34]
<m606> hmm that's probably bad, but I always wait the app to be near-ready to use the linter (via the CI actually)
[22:46:15]
<Aleks (he/him/il/lui)> yeah i suppose it's not worth the hurdle to try to run the linter before the app sort of works
[23:16:09]
<Yunohost Git/Infra notifications> [penpot_ynh] yunohost-bot opened [pull request #176](https://github.com/YunoHost-Apps/penpot_ynh/pull/176): Upgrade to v2.12.1
[23:24:22]
<Yunohost Git/Infra notifications> Autoupdater just ran, here are the results:
- 32 pending update PRs
- 10 new apps PRs: discourse, dokos, filerise, jackett, jenkins, librespeed, mantis, penpot, piwigo, psitransfer
- 6 failed apps updates: atuin, fluffychat, lasuite-meet, textarea, vaultwarden, vert
See the full log here: https://paste.yunohost.org/raw/tibinihavu
Autoupdate dashboard: https://apps.yunohost.org/dash?filter=autoupdate