Release 2.1.0

- Add -bs (bad security) option
- Fix Issue 57 (SPDX spelling error #39)
- Fix Issue 59 (meson install settings)
- Fix Issue 55 (npd)
- Fix Issue 56 (npd)
- Fix Issue 58 (#40 config)
- Improve release procedure
- Add miniscule test suite
- Adjust Cagebreak to wlroots 0.16.2
- New GPG Keys

Bugs.md

@@ -1120,3 +1120,53 @@ Cagebreak was not compatible with clang 15 and POSIX which was causing issues
 with building under FreeBSD.
 
 Thanks to Jan Beich for pointing this out and providing a PR.
+
+## Issue 55
+
+  * github issue number: N/A
+  * Fixed: 2.1.0
+
+Prior to release 2.1.0, cagebreak sometimes crased due to a null pointer
+derefrence when the cursor was moved.
+
+## Issue 56
+
+  * github issue numner: N/A
+  * Fixed: 2.1.0
+
+Prior to release 2.1.0, the following workflow caused cagebreak to
+crash:
+
+  * Split an empty workspace.
+  * Open 2 windows on the left tile.
+  * exchangeright
+  * focus left
+  * cycle views
+
+The reason for this is that the ipc send event did not handle
+focussing the background correctly when cycling.
+
+## Issue 57
+
+  * github issue number: #39
+  * Fixed: 2.1.0
+
+maxhbr pointed out that there was a spelling mistake in the
+SPDX-License-Identifier.
+
+## Issue 58
+
+  * github issue number: #40
+  * Fixed: 2.1.0
+
+Prior to version 2.1.0, the logic behind configuration file loading was
+broken. This had the effect, that the default configuration file was not
+loaded when the user-specific config file was not present, instead
+leading to a termination of cagebreak.
+
+## Issue 59
+
+  * github issue number: N/A
+  * Fixed: 2.1.0
+
+Prior to release 2.1.0 `meson install` did not work perfectly.

Changelog.md

@@ -106,3 +106,16 @@ Changelog:
   * Disable outputs when unable to set any mode (crashed previously)
   * Add Code of Conduct
   * Print version number on startup
+
+## Release 2.1.0
+
+  * Add -bs (bad security) option
+  * Fix Issue 57 (SPDX spelling error #39)
+  * Fix Issue 59 (meson install settings)
+  * Fix Issue 55 (npd)
+  * Fix Issue 56 (npd)
+  * Fix Issue 58 (#40 config)
+  * Improve release procedure
+  * Add miniscule test suite
+  * Adjust Cagebreak to wlroots 0.16.2
+  * New GPG Keys

Hashes.md

@@ -1,5 +1,25 @@
 # Hashes
 
+2.1.0 cagebreak
+
+  * sha 256: 0c90ba529ffc916306a1ca04d4c56a800c62a98d184d3cfcc2ce67dcdffad324
+  * sha 512: 097007da750c8acd09ee63159aeff5a5584cbab45525bd8fe81a379da5cc0e9f2bf776b809122d1b599f4716ef7feb0ccc0cf98be47a71d4819e2a8cd7a2f495
+
+2.1.0 cagebreak.1
+
+  * sha 256: 6509c9126a9a140c517111f9352bf787a31dd8451fa9976135fc1dfbe40ed23d
+  * sha 512: 96a8c3d5b9677a95255c09b3674559aea7ff130370baa1cce40212501cb288c047048cf9bfbf78bc2cfab35e346fd49ef6b9d5d67f8ab5d07f8991f66e8de3aa
+
+2.1.0 cagebreak-config.5
+
+  * sha 256: dbccee812d59209ddad73b376bfbb823611e2a8a92078b55e847ab678122bd54
+  * sha 512: a8d0b31007208d7ca38f691ded77d9f13318f47046d9237efd6738d0e10dd8402a35fc48230e72493b17aeeb174cb246440301626a1cd5a48c7d03d0800d0128
+
+2.1.0 cagebreak-socket.7
+
+  * sha 256: e7b85f15665da4a4422ad223b4b2748ff4315d315a8b108df279ff3b13b8c4c9
+  * sha 512: 01dc53b4867ebc18f0091c3b1a239a89959403686c05e5e22aebf8155a46b82492b9aed27198a78e2777a9ff44b03f6e10ca82283062a29e1fa0114b97bb36a3
+
 2.0.1 cagebreak
 
   * sha 256: 3d7cdf511976248614617b1738246a3c5fa94543838e798c0c3a9aec325027b9

LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2020-2022 The Cagebreak authors
+Copyright (c) 2020-2023 The Cagebreak authors
 Copyright (c) 2018-2020 Jente Hidskes
 Copyright (c) 2019 The Sway authors
 

README.md

@@ -1,6 +1,6 @@
 # Cagebreak: A Wayland Tiling Compositor
 
-[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/6532/badge)](https://bestpractices.coreinfrastructure.org/projects/6532) [![Packaging status](https://repology.org/badge/tiny-repos/cagebreak.svg)](https://repology.org/project/cagebreak/versions) [![AUR package](https://repology.org/badge/version-for-repo/aur/cagebreak.svg?minversion=2.0.1)](https://repology.org/project/cagebreak/versions)
+[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/6532/badge)](https://bestpractices.coreinfrastructure.org/projects/6532) [![Packaging status](https://repology.org/badge/tiny-repos/cagebreak.svg)](https://repology.org/project/cagebreak/versions) [![AUR package](https://repology.org/badge/version-for-repo/aur/cagebreak.svg?minversion=2.1.0)](https://repology.org/project/cagebreak/versions)
 
 ## Quick Introduction
 
@@ -148,7 +148,7 @@ Cagebreak was originally built to suit the needs of its creators. This section o
 how we intended some parts of cagebreak and might ease learning how to use cagebreak a
 little bit. Please note that this does not replace the man pages or the FAQ.
 Also, this is in no way intended as a guide on how cagebreak must be used but rather
-as a source of inspiration and of explanations for why certain particularities.
+as a source of inspiration and explanations for certain particularities.
 
 1. Cagebreak is keyboard-based. Everything regarding cagebreak can be done
    through the keyboard and it is our view that it should be. This does not mean
@@ -287,6 +287,49 @@ and after
 #endif
 ```
 
+### Test Suite
+
+```
+meson test -C build
+```
+
+invokes all tests. This is required for a release to occur.
+
+There are four test suites:
+
+  * basic: tests actual outward-facing functionality
+    * Note optional dependencies for efficient socket interaction
+      * nc (openbsd-netcat)
+      * jq
+  * devel: tests internal properties of the repository
+    * Note potentially heavier dependencies such as
+      * shellcheck
+      * clang-format
+  * devel-long: applies more costly testing
+    * Note potentially heavier dependencies such as
+      * scan-build (static analysis (including security-relevant issues))
+  * release: tests release specific considerations
+    * Note that this is only expected to pass just before
+      a release. This checks mostly administrative things
+      to check that a release is ready.
+
+Every commit should pass at least the basic and devel suites.
+
+It is expected that cagebreak passes at least the
+basic, devel and devel-long suites when commits are pushed:
+
+```
+meson test -C build --suite basic --suite devel
+```
+
+The basic suite can be used to test a binary. This is
+useful for PKGBUILDs and their equivalents in other
+systems.
+
+```
+meson test -C build --suite basic
+```
+
 ### Fuzzing
 
 Along with the project source code, a fuzzing framework based on `libfuzzer` is
@@ -305,7 +348,7 @@ CC=clang meson setup build -Dfuzz=true -Db_sanitize=address,undefined -Db_lundef
 ninja -C build/
 mkdir build/fuzz_corpus
 cp examples/config build/fuzz_corpus/
-WLR_BACKENDS=headless ./build/fuzz/fuzz-parse -jobs=12 -max_len=50000 -close_fd_mask=3 build/fuzz_corpus/
+WLR_BACKENDS=headless ./build/fuzz-parse -jobs=12 -max_len=50000 -close_fd_mask=3 build/fuzz_corpus/
 ```
 
 You may want to tweak `-jobs` or add other options depending on your own setup.
@@ -376,6 +419,8 @@ keys.
   * AA927AFD50AF7C6810E69FE8274F2C605359E31B
   * BE2DED372287BC4EB2213E13A0C743848A638955
   * 0F3476E4B2404F95EC41600683D5810F7911B020
+  * 4E82C72C6B3E58A7BC4FF8554909F84CA83BB867
+  * 5AEB1A2EB0D13F67E306AC59DC0CC81BE006FD85
 
 Should we at any point retire a key, we will only replace it with keys signed
 by at least one of the above collection.
@@ -415,8 +460,6 @@ The release procedure outlines the process for a release to occur.
   * [ ] Adjust version number
     * [ ] meson.build
     * [ ] git tag
-    * [ ] man pages
-    * [ ] README.md repology badges minversion
   * [ ] Relevant Documentation completed
     * [ ] New features
       * [ ] man pages
@@ -430,16 +473,15 @@ The release procedure outlines the process for a release to occur.
     * [ ] Check features for SECURITY.md relevance (changes to socket scope
           for example)
       * [ ] Synchronize any socket changes to cagebreak-socket man page
+    * [ ] Updated internal wiki
+    * [ ] Added new files to meson.build or hardcoded testing variable
     * [ ] Fixed bugs documented in Bugs.md
       * [ ] Include issue discussion from github, where applicable
   * [ ] Testing
     * [ ] Manual testing
     * [ ] Libfuzzer testing
-    * [ ] Build version without xwayland support
-  * [ ] meson.build reproducible build versions are current archlinux libraries and gcc
+  * [ ] Arch Build System is up to date
   * [ ] wlr_xdg_shell version check
-  * [ ] `ninja -C build clang-format` makes no changes
-  * [ ] `ninja -C build scan-build` shows no issues
   * [ ] Cagebreak is reproducible on multiple machines
   * [ ] Documented reproducible build artefacts
     * [ ] Hashes of the artefacts in Hashes.md
@@ -449,6 +491,7 @@ The release procedure outlines the process for a release to occur.
       * [ ] `gpg --detach-sign -u keyid cagebreak.1`
       * [ ] `gpg --detach-sign -u keyid cagebreak-config.5`
       * [ ] `gpg --detach-sign -u keyid cagebreak-socket.7`
+  * [ ] `meson test -C build`
   * [ ] `git add` relevant files
   * [ ] `git commit`
   * [ ] `git push origin development`
@@ -568,5 +611,24 @@ see [SECURITY.md](SECURITY.md).
 
 ## License
 
-MIT, please see [LICENSE](https://github.com/project-repo/cagebreak/blob/master/LICENSE).
-
+Copyright (c) 2020-2023 The Cagebreak authors
+Copyright (c) 2018-2020 Jente Hidskes
+Copyright (c) 2019 The Sway authors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

SECURITY.md

@@ -42,6 +42,7 @@ in `keys/` and sign your message with your own key.
 * B15B92642760E11FE002DE168708D42451A94AB5
 * F8DD9F8DD12B85A28F5827C4678E34D2E753AA3C
 * 3ACEA46CCECD59E4C8222F791CBEB493681E8693
+* 0A268C188D7949FEB39FD1462F2AD980247E4918
 
 Note that our keys are signed by cagebreak signing keys.
 
@@ -62,7 +63,8 @@ screens, ipc and potentially other documented local channels.
 ### STRIDE Threat List
 
 This is not a thorough analysis, just an overview of the ways in which cagebreak
-has (no) attack surface.
+has (no) attack surface. Please reference the man pages for details but especially
+the -e and --bs options.
 
 #### Spoofing
 

cagebreak.c

@@ -1,11 +1,12 @@
 // Copyright 2020 - 2023, project-repo and the cagebreak contributors
-// SPDX -License-Identifier: MIT
+// SPDX-License-Identifier: MIT
 
 #define _DEFAULT_SOURCE
 
 #include "config.h"
 
 #include <fontconfig/fontconfig.h>
+#include <getopt.h>
 #include <pango.h>
 #include <pango/pangocairo.h>
 #include <signal.h>
@@ -128,17 +129,26 @@ usage(FILE *file, const char *const cage) {
 	        " -e\t\t Enable socket\n"
 	        " -h\t\t Display this help message\n"
 	        " -s\t\t Show information about the current setup and exit\n"
-	        " -v\t\t Show the version number and exit\n",
+	        " -v\t\t Show the version number and exit\n"
+	        " --bs\t\t \"bad security\": Enable features with potential "
+	        "security implications (see man page)\n",
 	        cage);
 }
 
 static bool
 parse_args(struct cg_server *server, int argc, char *argv[],
            char **config_path) {
-	int c;
+	int c, option_index;
 	server->enable_socket = false;
-	while((c = getopt(argc, argv, "c:hvse")) != -1) {
+	static struct option long_options[] = {{"bs", no_argument, 0, 0},
+	                                       {0, 0, 0, 0}};
+#ifndef __clang_analyzer__
+	while((c = getopt_long(argc, argv, "c:hvse", long_options,
+	                       &option_index)) != -1) {
 		switch(c) {
+		case 0:
+			server->bs = true;
+			break;
 		case 'h':
 			usage(stdout, argv[0]);
 			return false;
@@ -167,6 +177,7 @@ parse_args(struct cg_server *server, int argc, char *argv[],
 		usage(stderr, argv[0]);
 		return false;
 	}
+#endif
 
 	return true;
 }
@@ -197,7 +208,7 @@ set_configuration(struct cg_server *server,
 			if(line == NULL) {
 				wlr_log(WLR_ERROR, "Could not allocate buffer for reading "
 				                   "configuration file.");
-				return 1;
+				return 2;
 			}
 		}
 		if(strlen(line) == 0) {
@@ -275,6 +286,7 @@ main(int argc, char *argv[]) {
 	wl_list_init(&server.output_priorities);
 
 	int ret = 0;
+	server.bs = 0;
 
 	char *config_path = NULL;
 	if(!parse_args(&server, argc, argv, &config_path)) {
@@ -611,7 +623,7 @@ main(int argc, char *argv[]) {
 		wlr_log_errno(WLR_ERROR, "Unable to set WAYLAND_DISPLAY.",
 		              "Clients may not be able to connect");
 	} else {
-		fprintf(stderr,
+		fprintf(stdout,
 		        "Cagebreak " CG_VERSION " is running on Wayland display %s\n",
 		        socket);
 	}
@@ -623,7 +635,7 @@ main(int argc, char *argv[]) {
 	if(show_info) {
 		char *msg = server_show_info(&server);
 		if(msg != NULL) {
-			fprintf(stderr, "%s", msg);
+			fprintf(stdout, "%s", msg);
 			free(msg);
 		} else {
 			wlr_log(WLR_ERROR, "Failed to get info on cagebreak setup\n");
@@ -632,27 +644,25 @@ main(int argc, char *argv[]) {
 	}
 
 	{ // config_file should only be visible as long as it is valid
+		int conf_ret = 1;
 		char *config_file = get_config_file(config_path);
 		if(config_file == NULL) {
 			wlr_log(WLR_ERROR, "Unable to get path to config file");
 			ret = 1;
 			goto end;
+		} else {
+			conf_ret = set_configuration(&server, config_file);
+			free(config_file);
 		}
-		int conf_ret = set_configuration(&server, config_file);
-
-		// Configurtion file not found
-		if(conf_ret != 0) {
-			if(config_file == NULL) {
-				char *default_conf = "/etc/xdg/cagebreak/config";
-				wlr_log(WLR_INFO, "Loading default configuration file: \"%s\"",
-				        default_conf);
-				conf_ret = set_configuration(&server, default_conf);
-			} else {
-				conf_ret = 1;
-			}
+
+		// Configuration file not found
+		if(conf_ret == 1) {
+			char *default_conf = "/etc/xdg/cagebreak/config";
+			wlr_log(WLR_INFO, "Loading default configuration file: \"%s\"",
+			        default_conf);
+			conf_ret = set_configuration(&server, default_conf);
 		}
 
-		free(config_file);
 		if(conf_ret != 0 || !server.running) {
 			ret = 1;
 			goto end;