Hi! Upstream here - I think what's interesting to look at is what changes remain when applying the patches considered for a 1.6.0-2 as proposed by Axel.
I attached a diff from what would be 1.6.0-2, to what I released
upstream as 1.6.1. Looking at it in detail, only the following changes
remain (shortened where contents are irrelevant, for readability):
* Updating the upstream changelog. Not really relevant for Debian.
diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc
index 46b9a12ab..076fa0032 100644
--- a/doc/changelog.asciidoc
+++ b/doc/changelog.asciidoc
@@ -15,6 +15,26 @@ breaking changes (such as renamed commands) can happen
in minor releases.
// `Fixed` for any bug fixes.
// `Security` to invite users to upgrade in case of vulnerabilities.
+v1.6.1
+------
+
+[...]
+
v1.6.0
------
* Updating PyQt versions a requirements file.
This is only used for macOS/Windows releases I do, thus not really
relevant for Debian.
diff --git a/misc/requirements/requirements-pyqt.txt
b/misc/requirements/requirements-pyqt.txt
index 63722a679..5e2880ce2 100644
--- a/misc/requirements/requirements-pyqt.txt
+++ b/misc/requirements/requirements-pyqt.txt
@@ -1,5 +1,5 @@
# This file is automatically generated by
scripts/dev/recompile_requirements.py
-PyQt5==5.12
-PyQt5-sip==4.19.14
-PyQtWebEngine==5.12
+PyQt5==5.12.1
+PyQt5-sip==4.19.15
+PyQtWebEngine==5.12.1
* Updating the version number. Makes my life a lot easier because in
upstream bug reports I clearly see it's in fact v1.6.1, not
v1.6.0-but-almost-v1.6.1.
diff --git a/qutebrowser/__init__.py b/qutebrowser/__init__.py
index 713575646..43e9d0a86 100644
--- a/qutebrowser/__init__.py
+++ b/qutebrowser/__init__.py
@@ -26,7 +26,7 @@ __copyright__ = "Copyright 2014-2019 Florian Bruhin (The
Compiler)"
__license__ = "GPL"
__maintainer__ = __author__
__email__ = "m...@qutebrowser.org"
-__version_info__ = (1, 6, 0)
+__version_info__ = (1, 6, 1)
__version__ = '.'.join(str(e) for e in __version_info__)
__description__ = "A keyboard-driven, vim-like browser based on PyQt5."
* An assertion being added - however, with Qt 5.11 in buster it doesn't
run at all, because of the guard above (QWebEngineUrlScheme was added
in Qt 5.12).
diff --git a/qutebrowser/browser/webengine/webenginequtescheme.py
b/qutebrowser/browser/webengine/webenginequtescheme.py
index 132005878..f622ee57b 100644
--- a/qutebrowser/browser/webengine/webenginequtescheme.py
+++ b/qutebrowser/browser/webengine/webenginequtescheme.py
@@ -163,6 +163,7 @@ def init():
classes.
"""
if QWebEngineUrlScheme is not None:
+ assert not QWebEngineUrlScheme.schemeByName(b'qute').name()
scheme = QWebEngineUrlScheme(b'qute')
scheme.setFlags(QWebEngineUrlScheme.LocalScheme |
QWebEngineUrlScheme.LocalAccessAllowed)
* A configuration change for the ESlint JavaScript linter used during
development - not relevant for Debian:
diff --git a/qutebrowser/javascript/.eslintrc.yaml
b/qutebrowser/javascript/.eslintrc.yaml
index cb1bb1fcb..f4af6914b 100644
--- a/qutebrowser/javascript/.eslintrc.yaml
+++ b/qutebrowser/javascript/.eslintrc.yaml
@@ -60,3 +60,4 @@ rules:
max-lines-per-function: "off"
require-unicode-regexp: "off"
max-params: "off"
+ prefer-named-capture-group: "off"
* Changes to tests which are not run by Debian (because they need an X
server and some other dependencies):
diff --git a/tests/helpers/fixtures.py b/tests/helpers/fixtures.py
index f51f221a3..e50220c51 100644
--- a/tests/helpers/fixtures.py
+++ b/tests/helpers/fixtures.py
@@ -415,7 +415,7 @@ def qnam(qapp):
@pytest.fixture
-def webengineview(qtbot, monkeypatch):
+def webengineview(qtbot, monkeypatch, web_tab_setup):
"""Get a QWebEngineView if QtWebEngine is available."""
QtWebEngineWidgets = pytest.importorskip('PyQt5.QtWebEngineWidgets')
monkeypatch.setattr(objects, 'backend', usertypes.Backend.QtWebEngine)
diff --git a/tests/unit/browser/webengine/test_webenginesettings.py
b/tests/unit/browser/webengine/test_webenginesettings.py
index 7eea8ffa7..5746586e7 100644
--- a/tests/unit/browser/webengine/test_webenginesettings.py
+++ b/tests/unit/browser/webengine/test_webenginesettings.py
@@ -30,7 +30,9 @@ from qutebrowser.misc import objects
@pytest.fixture(autouse=True)
-def init(qapp, config_stub, cache_tmpdir, data_tmpdir):
+def init(qapp, config_stub, cache_tmpdir, data_tmpdir, monkeypatch):
+ monkeypatch.setattr(webenginesettings.webenginequtescheme, 'init',
+ lambda: None)
init_args = types.SimpleNamespace(enable_webengine_inspector=False)
webenginesettings.init(init_args)
config_stub.changed.disconnect(webenginesettings._update_settings)
* Another change to dependency versions in tox.ini, which is only used
for development testing, not relevant for Debian:
diff --git a/tox.ini b/tox.ini
index 52665dcf9..a835eeec5 100644
--- a/tox.ini
+++ b/tox.ini
@@ -29,7 +29,8 @@ deps =
pyqt59: PyQt5==5.9.2
pyqt510: PyQt5==5.10.1
pyqt511: PyQt5==5.11.3
- pyqt512: PyQtWebEngine==5.12
+ pyqt512: PyQt5==5.12.1
+ pyqt512: PyQtWebEngine==5.12.1
commands =
{envpython} scripts/link_pyqt.py --tox {envdir}
{envpython} -bb -m pytest {posargs:tests}
In summary: As far as Debian is concerned, the proposed v1.6.0-2 is
equal to the upstream v1.6.1. However, packaging the upstream v1.6.1
would avoid misunderstandings about what version people are actually
running.
Florian
--
https://www.qutebrowser.org | m...@the-compiler.org (Mail/XMPP)
GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc
I love long mails! | https://email.is-not-s.ms/
diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc
index 46b9a12ab..076fa0032 100644
--- a/doc/changelog.asciidoc
+++ b/doc/changelog.asciidoc
@@ -15,6 +15,26 @@ breaking changes (such as renamed commands) can happen in
minor releases.
// `Fixed` for any bug fixes.
// `Security` to invite users to upgrade in case of vulnerabilities.
+v1.6.1
+------
+
+Changed
+~~~~~~~
+
+- Windows/macOS releases now ship with Qt 5.12.2, which includes
+ security fixes up to Chromium 72.0.3626.121 (including CVE-2019-5786
+ which is known to be exploited in the wild).
+
+Fixed
+~~~~~
+
+- Crash when using `:config-{dict,list}-{add,remove}` with an invalid setting.
+- Functionality like hinting on pages with an element with ID `_qutebrowser`
(such as qutebrowser.org) on Qt 5.12.
+- The .desktop file in v1.6.0 was missing the "Actions" key, which is now
fixed.
+- The SVG icon now has a size of 256x256px set to comply with freedesktop
standards.
+- Setting `colors.statusbar.*.bg` to a gradient now has the expected effect of
+ the gradient spanning the entire statusbar.
+
v1.6.0
------
diff --git a/misc/requirements/requirements-pyqt.txt
b/misc/requirements/requirements-pyqt.txt
index 63722a679..5e2880ce2 100644
--- a/misc/requirements/requirements-pyqt.txt
+++ b/misc/requirements/requirements-pyqt.txt
@@ -1,5 +1,5 @@
# This file is automatically generated by scripts/dev/recompile_requirements.py
-PyQt5==5.12
-PyQt5-sip==4.19.14
-PyQtWebEngine==5.12
+PyQt5==5.12.1
+PyQt5-sip==4.19.15
+PyQtWebEngine==5.12.1
diff --git a/qutebrowser/__init__.py b/qutebrowser/__init__.py
index 713575646..43e9d0a86 100644
--- a/qutebrowser/__init__.py
+++ b/qutebrowser/__init__.py
@@ -26,7 +26,7 @@ __copyright__ = "Copyright 2014-2019 Florian Bruhin (The
Compiler)"
__license__ = "GPL"
__maintainer__ = __author__
__email__ = "m...@qutebrowser.org"
-__version_info__ = (1, 6, 0)
+__version_info__ = (1, 6, 1)
__version__ = '.'.join(str(e) for e in __version_info__)
__description__ = "A keyboard-driven, vim-like browser based on PyQt5."
diff --git a/qutebrowser/browser/webengine/webenginequtescheme.py
b/qutebrowser/browser/webengine/webenginequtescheme.py
index 132005878..f622ee57b 100644
--- a/qutebrowser/browser/webengine/webenginequtescheme.py
+++ b/qutebrowser/browser/webengine/webenginequtescheme.py
@@ -163,6 +163,7 @@ def init():
classes.
"""
if QWebEngineUrlScheme is not None:
+ assert not QWebEngineUrlScheme.schemeByName(b'qute').name()
scheme = QWebEngineUrlScheme(b'qute')
scheme.setFlags(QWebEngineUrlScheme.LocalScheme |
QWebEngineUrlScheme.LocalAccessAllowed)
diff --git a/qutebrowser/javascript/.eslintrc.yaml
b/qutebrowser/javascript/.eslintrc.yaml
index cb1bb1fcb..f4af6914b 100644
--- a/qutebrowser/javascript/.eslintrc.yaml
+++ b/qutebrowser/javascript/.eslintrc.yaml
@@ -60,3 +60,4 @@ rules:
max-lines-per-function: "off"
require-unicode-regexp: "off"
max-params: "off"
+ prefer-named-capture-group: "off"
diff --git a/tests/helpers/fixtures.py b/tests/helpers/fixtures.py
index f51f221a3..e50220c51 100644
--- a/tests/helpers/fixtures.py
+++ b/tests/helpers/fixtures.py
@@ -415,7 +415,7 @@ def qnam(qapp):
@pytest.fixture
-def webengineview(qtbot, monkeypatch):
+def webengineview(qtbot, monkeypatch, web_tab_setup):
"""Get a QWebEngineView if QtWebEngine is available."""
QtWebEngineWidgets = pytest.importorskip('PyQt5.QtWebEngineWidgets')
monkeypatch.setattr(objects, 'backend', usertypes.Backend.QtWebEngine)
diff --git a/tests/unit/browser/webengine/test_webenginesettings.py
b/tests/unit/browser/webengine/test_webenginesettings.py
index 7eea8ffa7..5746586e7 100644
--- a/tests/unit/browser/webengine/test_webenginesettings.py
+++ b/tests/unit/browser/webengine/test_webenginesettings.py
@@ -30,7 +30,9 @@ from qutebrowser.misc import objects
@pytest.fixture(autouse=True)
-def init(qapp, config_stub, cache_tmpdir, data_tmpdir):
+def init(qapp, config_stub, cache_tmpdir, data_tmpdir, monkeypatch):
+ monkeypatch.setattr(webenginesettings.webenginequtescheme, 'init',
+ lambda: None)
init_args = types.SimpleNamespace(enable_webengine_inspector=False)
webenginesettings.init(init_args)
config_stub.changed.disconnect(webenginesettings._update_settings)
diff --git a/tox.ini b/tox.ini
index 52665dcf9..a835eeec5 100644
--- a/tox.ini
+++ b/tox.ini
@@ -29,7 +29,8 @@ deps =
pyqt59: PyQt5==5.9.2
pyqt510: PyQt5==5.10.1
pyqt511: PyQt5==5.11.3
- pyqt512: PyQtWebEngine==5.12
+ pyqt512: PyQt5==5.12.1
+ pyqt512: PyQtWebEngine==5.12.1
commands =
{envpython} scripts/link_pyqt.py --tox {envdir}
{envpython} -bb -m pytest {posargs:tests}
signature.asc
Description: PGP signature
