Sync Updates for Week 29, 2024

Heya folks! It's news time!

@ReillyBrogan updated our kernels to v6.9.10 and v6.6.41 for the current and LTS branches, respectively. The BORE scheduler also got updated to v5.2.4 on linux-current. These kernel updates also have substantial changes to the initrd:

• Our previous init implementation relied on symlink hacks; these have been removed.
• Additional firmware paths have been added to the firmware scanning code to enable us to put the firmware files in additional top-level initrd directories and have them picked up correctly.
• A depmod.conf file has been added, which adds /dracut-nvidia to the kernel module search path, ordered above the existing search path. This file is only present in the initrd.
• In combination with this commit, add a /.dracut-depmod-invalidate file to the NVIDIA kernel module initrds. If this file is present, a one-shot service will run before systemd does udev/kmod things which will run depmod in the initrd, generating a new index. This solves the issue of the initrd not being aware that new kernel modules are present.
• Go through the nvidia modules and adapt them to the new changes.
• Temporarily move the nvidia-glx-driver linux-current initrd to a temporary subpackage due to user reports of issues with the 6.9 kernel
• Disable firmware initrd generation for NVIDIA drivers older than v555.x. (See clr-boot-manager: Update freestanding initrd dir #3257)

The above initrd changes make the way we do early KMS for NVIDIA a lot cleaner and more maintainable. We are looking for people to join the packaging channel on Matrix who wish to test these changes to help us further improve the process!

KDE Plasma has been updated to version 6.1.3. This is a bugfix release, adding two week's worth of translations and bugfixes. Fixes include:

• KWin Plugins nightlight: Relax custom times constraints.
• KWin Tiling: Don't put maximized windows in tile.

The full changelog can be found here.

To go along with KDE Plasma, the KDE Frameworks stack has been updated to 6.4.0. The full changelog for this is here.

MariaDB was updated to v10.11. You can read the full list of changes here. Our MariaDB package went through a number of changes, as well:

• mariadb-libs is now mariadb-common, reflecting that additional non-library files have been moved into it.
• libmariadbd.so was moved out of mariadb-common as it was unnecessary for that package, and moved into mariadb-server where it belonged. This dropped the size of mariadb-common from 18.7MB to 490KB (important because this package is frequently pulled in due to packages linking to libmariadb.so).
• Many utilities were moved between mariadb and mariadb-server, generally following how Fedora organizes the packages.
• mariabackup and related utilities were moved out of mariadb-server as they are also useful for remote servers.
• man pages were reorganized to the appropriate subpackage; removed mariadb-docs.
• Added mariadb-errmsg, which contains error message definitions used by both mariadb-embedded and mariadb-server
• Made mariadb completely stateless :tada:
• Made libdbi-drivers stateless :tada:
• Added perl-dbd-mariadb to replaceperl-dbd-mysql

OBS Studio has been updated to 30.2 this week. This release brings updates to the UI, a new Hybrid MP4 recording format, multitrack video output, as well as a bunch of fixes and improvements. It also now has Nvidia NVENC, or Nvidia Encoder, support. You can read the full release notes here.

Pipewire was updated to v1.2. It contains many fixes and improvements, which can be read about here.

Our Abseil C++ (abseil-cpp) package also went though some changes along with being updated to v20240116.2. The testing libraries were moved out of the main package and into the -devel package. This removes the dependency on gtest from the main package, and the combination of building with clang/lto and removing these files reduced the install size of abseil-cpp in half (also gtest was 1.66MB which was already larger than abseil-cpp).

The package that implements the Point-to-Point Protocol (PPP) was updated to 2.5.0. As a result, almost all of our VPN packages were touched, many of which we have no test environments for. If you use a VPN, please report any breakages so that they can be looked into! We rely on user testing and reports for these packages.

For the developers in the community, typos has been added to the Solus repository. typos is a tool to find and correct spelling mistakes in source code. It aims to be fast enough to use on large monorepositories, and have a low false-positive rate to be useful for Pull Requests. Spelling is hard; this tool makes it easier.

If you use xrdp, and are using XFCE4, xrdp-xfce4-integration has been added to the repository. You may want to install this for better access to your XFCE4 machine over xrdp.

We also have some deprecations this week. Kodi has been deprecated (again), because it had to be rebuilt for other software changes, but when building, none of the Kodi addons would build. We had already planned on deprecating it, and this provided a good opportunity to do it. Users are recommended to switch to using the flatpak version, or explore alternative software like Jellyfin.

Also deprecated are yubikey-manager-qt and ajour.

Running eopkg check will no longer report dozens of broken packages because of the usr-merge attempt and various files now being symlinks.

Our Solus Package Taskforce:tm: (we're still workshopping the name) has been hard at work this week bringing the repository up to current standards:

• Adding appstream metainfo - 216 packages (down 13) need appstream metainfo added
• Adding homepage key - 307 packages (down 12) left without homepages
• Fixing packages that do not build - 16 packages (down 2) do not build
• Replacing obsolete macros in recipes
  • cargo: 6 (down 15) packages
• Tagging packages for deprecation - 42 packages (down 2) tagged

Most of these tasks are beginner friendly, and can be a great way to learn Solus packaging. We invite anyone that has the time and inclination to join us!

If you would like to join:

1. Join Solus Packaging Room on Matrix
2. Read and practice our packaging documentation
3. Submit your first Pull Request. We recommend doing the homepage task
4. Follow along the review process until your PR gets merged
5. Continue on contributing!

Security updates

There are a handful of security updates this week. Be sure to install all of them for the latest protections against vulnerabilities!

• graalvm was updated to 22.3.3-7 (@algent). Includes security fixes for CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22044, CVE-2023-22045, CVE-2023-22049, CVE-2023-22051.
• libraw was updated to 0.21.2-19 (@algent). Includes security fixes for CVE-2023-1729.
• nasm was updated to 2.16.03-19 (@algent). Includes security fixes for CVE-2022-46456.
• openvpn was updated to 2.6.12-36 (@ReillyBrogan). Includes security fixes for CVE-2024-5594.
• qt5-base was updated to 5.15.14-106 (@joebonrichie, @ReillyBrogan, @ReillyBrogan). Includes security fixes for CVE-2024-39936.
• qt6-base was updated to 6.7.2-30 (@ReillyBrogan, @ReillyBrogan, @ReillyBrogan). Includes security fixes for CVE-2024-39936.

General updates

The full list of this week's changed packages can be seen here.

That’s all for this week, folks! We'll be here same time, same place next week for another roundup of the news!