Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

neomutt: Use w3m instead of elinks, since elinks is insecure #99497

Merged
merged 1 commit into from Oct 3, 2020
Merged

neomutt: Use w3m instead of elinks, since elinks is insecure #99497

merged 1 commit into from Oct 3, 2020

Conversation

doronbehar
Copy link
Contributor

@doronbehar doronbehar commented Oct 3, 2020
edited

Ever since 5ad4389, elinks won't
evaluate (by default) hence it makes neomutt not evaluate as well, due
to elinks marked as insecure. This change makes neomutt generate
manual.txt out of manual.html with w3m instead of elinks.

Motivation for this change
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@doronbehar
neomutt: Use w3m instead of elinks, since elinks is insecure
36578e7 
Ever since 5ad4389, elinks won't
evaluate (by default) hence it makes neomutt not evaluate as well, due
to elinks marked as insecure. This change makes neomutt generate
manual.txt out of manual.html with w3m instead of elinks.
@doronbehar doronbehar mentioned this pull request Oct 3, 2020
Merged
10 tasks
@mweinelt
Copy link
Member

mweinelt commented Oct 3, 2020
edited

Does it automatically use one or the other, depending what's available?

either lynx, w3m or elinks are used for generating manual.txt out of manual.html

From #91637 (comment)

@mweinelt
Copy link
Member

mweinelt commented Oct 3, 2020

Result of nixpkgs-review pr 99497 1

1 package built:
  • neomutt

@mweinelt mweinelt merged commit c1127c6 into NixOS:master Oct 3, 2020
@andir
Copy link
Member

andir commented Oct 13, 2020

Mhm, I somehow think the proper fix would be to fix elinks, as not elinks is insecure but spidermonkey. You can build elinks without spidermonkey support and probably more software would have been unblocked. Did I miss some communication on why that wasn't done instead?

@mweinelt
Copy link
Member

mweinelt commented Oct 13, 2020
edited

None that I can remember. I didn't mind this change since it apparently only relates to building the manual.

Anyway, I can't find any package depending on elinks in nixpkgs.

@8573
Copy link
Contributor

8573 commented Oct 14, 2020

The insecure SpiderMonkey dependency was removed from elinks in #100152.

@doronbehar doronbehar deleted the pkg/neomutt branch March 2, 2023 10:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mweinelt mweinelt mweinelt approved these changes

@jfrankenau jfrankenau Awaiting requested review from jfrankenau

@erikryb erikryb Awaiting requested review from erikryb

@vrthra vrthra Awaiting requested review from vrthra

@cstrahan cstrahan Awaiting requested review from cstrahan

@Ma27 Ma27 Awaiting requested review from Ma27

Assignees
No one assigned
Labels
10.rebuild-darwin: 1-10 10.rebuild-darwin: 1 10.rebuild-linux: 1-10 10.rebuild-linux: 1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@doronbehar @mweinelt @andir @8573