ProteanOS Development Kit version 2.1.0 --------------------------------------- Released: ????-??-?? New features: * "prokit build" now passes an "-a" option, if supported, to opkg to install host-architecture non-coinstallable dependencies (such as library development packages) when cross building. * Newly installed ProteanOS systems now have feeds for sections "base", "boot", "lib", "share", and "util" listed in their opkg configuration (previously only "base"). Systems of profile "dev" additionally have "dev" and "libdev" section feeds. A "src" section for architecture "src" and platform "all" has also been added. The recommended way to add these section feeds to an existing system is to install a new system of the same architecture and platform and copy its opkg configuration into the old system. * In the ProteanOS profile, the "base-files" and "config-base" packages and their dependencies are installed. Previously, all packages marked "Essential: yes" and their dependencies were installed, which was a long-standing misuse of the "Essential" field. Error handling and bug fixes: * "prokit shell", "prokit opkg", and "prokit build" now pass through relevant exit statuses. "prokit build" also no longer tries to run opkbuild after opkg exits with an error. * If prokit received a signal while running a command under chroot, it could have failed to unmount a file system on a block device. This has been improved. * An incompatibility with GNU Bash, Z shell, KornShell, MirBSD Korn Shell, and possibly others (except Almquist shell derivatives DASH and BusyBox ash) present since prokit version 2.0.0 has been fixed. * Installation commands no longer assume that the "cut" utility is usable within the root being installed. ProteanOS's busybox 1.32.0-1 manages "cut" and almost all other utility links using update-alternatives, so they aren't usable until after installation. * A potential infinite loop in the dependency solver has been fixed. * The dependency solver now solves dependencies of packages whose names contain ":" (such as coinstallable library development packages in ProteanOS). * The foreign installation service initialization script is now scheduled to run before any other initialization scripts on a newly installed system. ProteanOS Development Kit version 2.0.1 --------------------------------------- Released: 2019-09-30 Bug fixes and minor changes: * An expansion of an undefined variable in a function called during "prokit build" has been fixed. * opkg-cert (executed by "prokit install" and "prokit installer-pc") no longer prints a wrong and confusing "Clock incorrect" message after the "Invalid certificate" message when a mirror has an expired certificate. * "prokit install" and "prokit installer-pc" in the ProteanOS profile now support FTP mirrors. ProteanOS Development Kit version 2.0.0 --------------------------------------- Released: 2019-04-27 This major new release of prokit has been in development since 2014-10-13. Major new features include automatic block device mounting; new "prokit installer-pc" and "prokit mkinitramfs" commands; downloading and storing gzip-compressed package feed index files; verifying package feed index file signatures against a validated archive certificate; and fetching lists of ProteanOS architectures, platforms, and archive mirrors. Security fix: * An unsafe "eval" command has been fixed. Running prokit's "install" command with an untrusted "root" directory argument, as in the shell command `prokit install dev/trunk "root'; echo hello #"`, allows arbitrary code execution. This is fixed by Git commit 1ce4ec3. This is considered a low-impact vulnerability, because running prokit's "install" command with untrusted arguments is an unlikely use case. New dependencies: * prokit now requires OpenWrt's usign utility, which verifies ed25519 signatures compatible with OpenBSD's signify utility. An embedded copy of usign is included, which additionally requires CMake to build, or a system copy can be used instead. * prokit now requires gunzip, either sfdisk or fdisk, mke2fs, cpio, and xz from XZ Utils. Command-line interface: * "prokit install", "prokit shell", "prokit opkg", and "prokit build" now accept either a block device file name or a directory name (previously only accepting the latter). A block device is automatically mounted and unmounted on a mount point managed by prokit. * A new "prokit installer-pc" command has been added to install a PC system onto a block device. * A new "prokit mkinitramfs" command has been added to generate an initramfs containing an installed system. System installation changes: * A basic "/etc/group" file is now generated on ProteanOS systems. * "prokit install" in the ProteanOS profile now only copies "/etc/resolv.conf" and "/etc/hostname" from the host system if the platform is "dev". It also now does not enable system services on the "dev" platform. On other platforms, it enables services and sets the hostname to "proteanos". * A list of valid ProteanOS architectures and platforms is no longer hardcoded. This list could become outdated between prokit versions or even ProteanOS suites. * A list of ProteanOS package archive mirrors is no longer hardcoded. Instead, the list is fetched from the ProteanOS files site as needed. * ProteanOS package feed index files are now downloaded and stored in gzip-compressed form. * ProteanOS package feed index file signatures are now verified against the archive certificate, which in turn is validated against the root archive key. Bug fixes: * "prokit install" now only throws a "Directory ... exists" error if the specified root directory is not empty. * Two bugs related to gzip-compressed package feed index files have been fixed. Build system and code quality: * The build system now links all shell objects into the prokit executable instead of distributing shell modules that are linked into prokit at run time. * Git commit information is now shown in "prokit version" output and manual pages if built from a Git repository. * Various error conditions are now handled more cleanly. * Uses of the non-portable "%s" date format conversion specifier and "expr" command have been replaced. * The test suite is now based around the TAP protocol. * Code quality has been improved: eval commands are now safer against mistakes in input validation/escaping, echo commands have been replaced, errors are handled (making the shell "-e" option safe), an obselescent [ (test) command option has been removed, and commands are protected from variable arguments beginning with "-". ProteanOS Development Kit version 1.1.0 --------------------------------------- Released: 2014-10-08 Changes in this release: * The previously missing prokit-install(8) manual page is now distributed and installed. * Some logic of "prokit install" has been simplified as ProteanOS packages now have the necessary data files and control fields. * "prokit build" now parses substvars files without errors. * The current working directory is bind mounted within the isolated file system environment and used as the working directory for the "prokit shell" and "prokit opkg" commands. * Compatibility with older versions of opkbuild has been dropped. Before running "prokit build", make sure your ProteanOS system has version 3.0.0~beta6-1 or later of the opkbuild package. * The list of mirrors has been updated. Thanks to Morten 'Jobbe' Jakobsen for providing another mirror. * Session management has been added to allow multiple instances of prokit to run simultaneously. The first instance started will mount the basic file systems, and the last instance exited will unmount them. A mutex is used to eliminate race conditions on changes to the sessions pool. * Whitespace in arguments to "prokit shell" and "prokit build" is now preserved. * Signals are handled during active sessions with callbacks for the "prokit opkg" and "prokit build" commands, to ensure that the isolated file system environment is left in a clean state when a signal like SIGINT (Ctrl+C) is received. ProteanOS Development Kit version 1.0.0 --------------------------------------- Released: 2014-09-02 Changes in this release: * A new "prokit opkg" command has been added. * A new "prokit build" command has been added. * "prokit shell" now accepts optional command arguments. * Manual pages for prokit commands that require superuser privileges have been moved to section 8. ProteanOS Development Kit version 0.1.0 --------------------------------------- Released: 2014-08-26 This is the initial release of the ProteanOS Development Kit, in development since 2013-10-22. This is a preview release for testing, providing only the "install" and "shell" action commands. Currently, prokit approximately matches miniprokit in features, though the latter is still recommended for normal use. Copyright Information --------------------- Copyright (C) 2014, 2015, 2019 Patrick McDermott Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without any warranty.