Expiring package metadata is done by checking the timestamp in package
archive file. This is intended to limit the effectiveness of a replay
attack. The onus is on the package archives to implement a secure and
reasonable policy. (Debian uses 7 days before metadata expires.)
Together with package checksums, this adds sufficient protection
against metadata replay attacks. (Bug#19479)
* lisp/emacs-lisp/package.el (package-check-timestamp): New defcustom.
(bad-timestamp): New error.
(package--parse-header-from-buffer)
(package--parse-valid-until-from-buffer)
(package--parse-last-updated-from-buffer)
(package--archive-verify-timestamp)
(package--archive-verify-not-expired)
(package--compare-archive-timestamps)
(package--check-archive-timestamp): New defuns.
(package--download-one-archive): Check timestamp of the
'archive-contents' file using above functions. It is only checked if
it exists, which makes this change backwards compatible.
* lisp/calendar/iso8601.el (iso8601-parse): Add autoload cookie.
* test/lisp/emacs-lisp/package-tests.el
(package-test-parse-valid-until-from-buffer)
(package-test-parse-last-updated-from-buffer)
(package-test-archive-verify-timestamp)
(package-test-check-archive-timestamp)
(package-test-check-archive-timestamp/not-expired)
(package-test-check-archive-timestamp/expired): New tests.
* test/lisp/emacs-lisp/package-resources/archives/older/archive-contents:
* test/lisp/emacs-lisp/package-resources/archives/newer/archive-contents:
New files.
* doc/lispref/package.texi (Package Archives, Archive Web Server):
Document how to increase the security of a package archive using
checksums, signing and timestamps.
Package checksum verification is the first step towards protecting
users of package.el against replay attacks. Signing individual
packages still allows a hostile actor to distribute an out-of-date
package containing a known security defect. To avoid that, we need to
distribute signed package metadata (the ELPA "archive-contents" file)
and checksums for the individual packages together. (Bug#19479)
A subsequent patch will add support for last-update and expiration
timestamps in "archive-contents", without which the protection against
replay attacks will be largely ineffective.
Taken together, this feature will make signing individual packages
obsolete. We will instead rely on signing the metadata, package
checksums and timestamps. Note that individual package signatures
should still be distributed for a long time still to support old
versions of Emacs.
For more on replay attacks, see:
https://www2.cs.arizona.edu/stork/packagemanagersecurity/attacks-on-package-managers.html
* lisp/emacs-lisp/package.el (package-verify-checksums): New
defcustom.
(package-desc, package--ac-desc)
(package--add-to-archive-contents, package-install-from-archive): New
fields 'size' and 'checksums'.
(package-desc-filename): New function.
(package-error): New error type.
(bad-signature): Inherit from error type 'package-error'.
(bad-checksum, bad-size): New error types.
(package-insecure-hash-algorithms): New constant.
(package--verify-package-checksum)
(package--verify-package-size): New function to verify that the
checksum and size of a package corresponds to the checksum and size
data in the "archive-contents" file on the package archive.
(package--show-verify-checksum-error): New function to show
details of an error on checksum verification.
* lisp/emacs-lisp/package-x.el (package-upload-buffer-internal):
Update to use above new fields 'size' and 'checksums'.
* test/lisp/emacs-lisp/package-tests.el (package-test-refresh-contents)
(package-test-install-single-from-archive)
(package-test-list-filter-by-archive)
(package-test-list-filter-by-status): Update tests.
(with-install-using-checksum): New macro.
(package-test-install-wrong-size-single)
(package-test-install-wrong-size-tar): New tests for size checking.
(package-test-install-with-checksum/single-valid)
(package-test-install-with-checksum/single-invalid)
(package-test-install-with-checksum/tar-valid)
(package-test-install-with-checksum/tar-invalid): New tests for
installing packages with checksums.
(package-test-verification-text)
(package-tests-valid-md5-checksum)
(package-tests-valid-sha256-checksum)
(package-tests-valid-sha512-checksum): New variables.
(package-tests--run-verify-checksums-test): New macro.
(package-test-verify-package-checksums-nil/ignore-invalid)
(package-test-verify-package-checksums-allow-missing)
(package-test-verify-package-checksums-allow-missing/missing)
(package-test-verify-package-checksums-allow-missing/ignore-unsupported)
(package-test-verify-package-checksums-t)
(package-test-verify-package-checksums-t/invalid-fails)
(package-test-verify-package-checksums-t/missing-fails)
(package-test-verify-package-checksums-all)
(package-test-verify-package-checksums-all/invalid-fails)
(package-test-verify-package-checksums-all/missing-fails)
(package-test-verify-package-checksums-all/no-supported-hash-fails)
(package-test-verify-package-checksums-all/ignore-unsupported)
(package-test-verify-package-size): New tests for the checksum
support.
* test/lisp/emacs-lisp/package-resources/archive-contents:
* test/lisp/emacs-lisp/package-resources/checksum-invalid-1.0.el:
* test/lisp/emacs-lisp/package-resources/checksum-valid-123.el:
* test/lisp/emacs-lisp/package-resources/checksum-valid-tar-0.99.tar:
* test/lisp/emacs-lisp/package-resources/checksum-valid-tar-0.99.tar:
New test data files.
* doc/emacs/package.texi (Package Installation): Document package
checksum checking.
* etc/NEWS: Announce it.
* doc/lispref/help.texi (Help Functions): Mention help-form for
read-char-from-minibuffer and y-or-n-p.
* doc/lispref/minibuf.texi (Yes-or-No Queries): Mention help-form
for y-or-n-p.
(Multiple Queries): Mention help-form for read-char-from-minibuffer.
* lisp/files.el (find-file-noselect): Let-bind multi-line help text
to help-form for y-or-n-p.
* lisp/subr.el (read-char-choice): Mention help-form in docstring.
(read-char-from-minibuffer): Mention help-form in docstring.
(y-or-n-p-map): Remove handling of 'help'.
(y-or-n-p): Mention help-form in docstring.
When help-form is non-nil: add help-char to 'prompt', and bind
help-char to help-form-show in composed-keymap.
* doc/lispref/os.texi (System Environment): Add `path-separator'
function and `null-device' variable and function.
* etc/NEWS: Mention 'null-device' and 'path-separator'. Fix typos.
* lisp/files-x.el (path-separator, null-device): New defuns. (Bug#3736)
* lisp/net/tramp-adb.el
(tramp-adb-connection-local-default-shell-variables): Rename from
`tramp-adb-connection-local-default-profile'.
* lisp/net/tramp-integration.el
(tramp-connection-local-default-system-variables): New defvar.
Add it to connection-local profiles.
(tramp-connection-local-default-shell-variables): Rename from
`tramp-connection-local-default-profile'.
* lisp/progmodes/grep.el (grep-hello-file): New defun.
(grep-compute-defaults): Use `null-device' function for remote
case. Handle remote `hello-file'. Use `process-file-shell-command'.
(grep,grep-expand-keywords, lgrep): Use `null-device' function for
remote case.
This was problematic when minibuffer-follows-selected-frame was non-nil.
Introduce a new parameter DONT-SET-FRAME to set-window-configuration.
* doc/lispref/windows.texi (Window Configurations): Describe the new &optional
parameter to set-window-configuration.
* etc/NEWS (Lisp Changes): Note the new parameter to set-window-configuration.
* src/keyboard.c (read_char_help_form_unwind): Add a new Qnil argument to the
call of Fset_window_configuration.
* src/minibuf.c (read_minibuf): Cons up a Qt with the window configuration in
the argument to record_unwind_protect for the window configuration (twice).
* src/window.c (Fset_window_configuration): Add the new &optional parameter
and document it in the doc string. At the final do_switch_frame operation,
restore the original frame when DONT-SET-FRAME is non-nil.
(restore_window_configuration): Handle the new parameter when the supplied
argument is a cons.
* lisp/emacs-lisp/package.el (package-menu-filter-by-description):
(package-menu-filter-by-name-or-description): New commands to filter
the package menu. (Bug#44699)
(package-menu-mode-map): Bind the above new commands.
(package-menu-mode-menu): Add new commands to the menu.
* doc/emacs/package.texi (Package Menu): Document new commands.
19da602991 Fix input method translation near read-only text
5aabf2cc7f Fix display of truncated R2L lines on TTY frames
daff3bda10 Avoid crashes when a reversed glyph row starts with a comp...
b697bb91a1 ; * .gitignore: src/fingerprint.c not generated since 2019...
* lisp/international/quail.el (quail-input-method): Don't disable
input method when the character after point has the read-only
property. Suggested by Evgeny Zajcev <lg.zevlg@gmail.com>
(Bug#44466)
* doc/emacs/mule.texi (Input Methods): Document that input methods
are inhibited in read-only text.
* doc/emacs/basic.texi (Inserting Text):
Mention transient input method "iso-transl".
* lisp/leim/quail/latin-ltx.el: Use same Keywords as in other quail files.
f5d7fb3a2d (origin/emacs-27) Fix 'uudecode-decode-region-internal' in...
d4242177da Fix 'send-string-to-terminal' writing very long strings
9da0f4026c * lisp/subr.el (read-char-from-minibuffer): Doc fix. (Bug...
9899f74e4e Merge branch 'emacs-27' of git.savannah.gnu.org:/srv/git/e...
a6fcba783e Fix documentation of 'windmove-swap-states-default-keybind...
f4acd7a924 Split windows evenly when 'min-margins' parameter was set ...
53933cdf5c ; * lisp/international/mule.el (define-coding-system): Doc...
e90ffcf759 * src/w32fns.c (Fw32_register_hot_key): Doc fix. (Bug#44456)
89740e9cb5 Prevent redisplay from moving point behind user's back
5932df7435 Document that the :match function for a widget takes an ex...
1b7ab9d0ac Don't render XML declaration of an HTML document (bug#44348)
# Conflicts:
# lisp/international/mule.el
This is likely to be a more commonly wanted default value today.
* lisp/progmodes/gdb-mi.el (gdb-mi-decode-strings): Change default.
* doc/emacs/building.texi (Source Buffers): Update manual.
* etc/NEWS: Announce.
The variable now only controls whether characters are printed, not
the radix. Control chars are printed in human-readable syntax
only when special escapes such as ?\n are available. Spaces,
formatting and combining chars are excluded (bug#44155).
Done in collaboration with Juri Linkov.
* src/character.c (graphic_base_p):
* src/print.c (named_escape): New functions.
(print_object): Change semantics as described above.
(syms_of_print): Rename integer-output-format. Update doc string.
* doc/lispref/streams.texi (Output Variables):
* etc/NEWS:
* test/src/print-tests.el (print-integers-as-characters):
Rename and update according to new semantics. The test now passes.
* doc/emacs/mule.texi (Select Input Method): Rename
transient-input-method to activate-transient-input-method.
* doc/emacs/search.texi (Special Isearch):
Document isearch-transient-input-method.
* lisp/international/isearch-x.el (isearch-transient-input-method):
New function.
(isearch-process-search-multibyte-characters):
Call 'deactivate-transient-input-method' after 'read-string'.
* lisp/international/mule-cmds.el (mule-menu-keymap): Remove
duplicate menu item 'describe-input-method'. Add new menu item
'activate-transient-input-method'.
(default-transient-input-method): Rename from transient-input-method.
(current-transient-input-method)
(previous-transient-input-method): New buffer-local variables.
(deactivate-input-method): Don't add
current-transient-input-method to input-method-history.
(toggle-input-method): Call deactivate-transient-input-method
when current-transient-input-method is non-nil.
(activate-transient-input-method): Rename from transient-input-method.
(deactivate-transient-input-method): New function with body from
renamed function transient-input-method.
* lisp/isearch.el (isearch-menu-bar-map): Add new menu item
'isearch-transient-input-method'.
(isearch-mode-map): Bind 'C-x \' to isearch-transient-input-method.
(isearch-forward): Add isearch-transient-input-method to docstring.
(isearch-message-prefix): Use shorter string for narrowed buffer.
* doc/emacs/mini.texi (Basic Minibuffer): Add an entry for
minibuffer-follows-selected-frame.
* doc/lispref/minibuf.texi (Minibuffer Misc): Describe the new parameter to
minibufferp, LIVE.
* etc/NEWS: Add an entry describing the new minibuffer strategy.
* lisp/cus-start.el (minibuffer-prompt-properties--setter): Add an entry for
minibuffer-follows-selected-frame.
* lisp/minibuffer.el (minibuffer-message): Check for the current buffer being
an _active_ minibuffer rather than merely a minibuffer.
* src/frame.c (do_switch_frame): Call move_minibuffer_onto_frame.
* src/lisp.h (Top level): Add prototypes for move_minibuffer_onto_frame and
is_minibuffer.
* src/minibuf.c (minibuf_follows_frame): New function which ignores local and
let-bound values of minibuffer-follows-selected-frame.
(choose_minibuf_frame): Reformulate this function to reuse a minibuffer window
where possible, and to ensure no other frame has its minibuffer current, but
only when `minibuffer-follows-selected-frame'.
(move_minibuffer_onto_frame): New function.
(live_minibuffer_p): New function.
(Fminibufferp): Add a new &optional parameter LIVE. Reformulate, possibly
calling live_minibuffer_p.
(read_minibuf): move the incrementation of minibuf_level to before the call of
choose_minibuf_frame. Empty the miniwindows of frames without an active
minibuffer, rather than of all but the current frame.
(is_minibuffer): New function.
(read_minibuf_unwind): Note the miniwindow being restored and resize all other
miniwindows to zero size.
(minibuffer-follows-selected-frame): New configuration variable.
* src/window.c (candidate_window_p): In some scenarios, check the miniwindow
holds an active minibuffer.
* src/xdisp.c (get_window_cursor_type): Suppress the cursor for non-active
miniwindows, regardless of minibuf_level.
This library provides a fundamental reworking of the search
functionality previously found in nnir.el. It uses class-based search
engines to interface with external searching facilities, and a parsed
search query syntax that can search multiple engines.
* lisp/gnus/gnus-search.el: New library containing search
functionality for Gnus.
* doc/misc/gnus.texi: Document.
* lisp/gnus/gnus-group.el (gnus-group-make-search-group,
gnus-group-read-ephemeral-search-group): Remove references to nnir,
change meaning of prefix argument, change values of nnselect-function
and nnselect-args.
* lisp/gnus/nnselect.el: Replace references to nnir
(nnselect-request-article): Use gnus-search functions, and search
criteria.
(nnselect-request-thread, nnselect-search-thread): Use gnus-search
thread search.
(gnus-summary-make-search-group): Switch to use gnus-search function
and arguments.
* test/lisp/gnus/search-tests.el: Tests for new functionality.
* lisp/mwheel.el (mouse-wheel-scroll-amount-horizontal): New defcustom.
(mwheel-scroll): Use it.
* doc/emacs/frames.texi (Mouse Commands): Update doc about horizontal
scrolling step.
* doc/lispref/files.texi (Contents of Directories):
Fix description of directory-files, directory-empty-p and
directory-files-and-attributes.
* etc/NEWS: Fix entry for directory-files-and-attributes. Fix typos.
* lisp/dired.el (directory-empty-p): Move function from here ...
* lisp/files.el (directory-empty-p): ... to here.
* lisp/net/ange-ftp.el (ange-ftp-directory-files): Call `nreverse' later.
* lisp/net/tramp.el (tramp-handle-directory-files):
* lisp/net/tramp-adb.el
(tramp-adb-handle-directory-files-and-attributes): Do not call
`nreverse'.
* src/dired.c (Fdirectory_files)
(Fdirectory_files_and_attributes): Fix docstrings.
* test/src/dired-tests.el: Removed. Tests moved to
test/lisp/dired-tests.el.
* test/lisp/dired-tests.el (dired-test-bug27899): Tag it :unstable.
(dired-test-directory-files)
(dired-test-directory-files-and-attributes): New tests.
* doc/misc/widget.texi (Basic Types): Document what an external value
is. Document that a :match function expects the value to be in the
external format. (Bug#8717)
* doc/lispref/streams.texi (Output Variables): Add integer-output-format.
* src/print.c (print_object): In case of Lisp_Int, print integers
as characters when Vinteger_output_format is Qt, and in hex format
when Vinteger_output_format is 16.
(Vinteger_output_format): New variable.
* test/src/print-tests.el (print-integer-output-format): New test.
chat.freenode.net has been the preferred address for connecting to the
freenode IRC network for years now. Replace the occurrences of
irc.freenode.net with chat.freenode.net.
Fix bug#44070, which causes the minibuffer display to jump upon minor edit
(redisplay_window): Obey it.
* lisp/simple.el (end-of-buffer): Obey it.
* test/src/xdisp-tests.el (xdisp-tests--in-minibuffer): New macro,
extracted from `xdisp-tests--minibuffer-resizing`.
(xdisp-tests--minibuffer-resizing): Use it.
(xdisp-tests--minibuffer-scroll): New test.
* doc/lispref/commands.texi (Key Sequence Input): Add documentation for
missing special window areas. Explicitly call out window or frame.
(cherry picked from commit a105db13e1)
* doc/emacs/display.texi (Text Display): Document it.
* src/xdisp.c (get_next_display_element): Use blankp to test whether
to use the nobreak_space face (bug#44236).
* lisp/window.el (fit-mini-frame-to-buffer,
window--resize-mini-frame, fit-frame-to-buffer,
fit-frame-to-buffer-1): By default, fit a mini frame without skipping its
buffer's leading or trailing empty lines.
* src/frame.c (resize-mini-frames): Update doc-string.
* lisp/cus-start.el (resize-mini-frames): Update for customize.
* doc/lispref/minibuf.texi (resize-mini-frames): Update description.
* doc/lispref/modes.texi (Defining Minor Modes): Describe the new
:predicate keyword (bug#44232).
* lisp/emacs-lisp/easy-mmode.el (define-globalized-minor-mode):
Allow a new :predicate keyword.
(easy-mmode--globalized-predicate-p): New function.
