Add external link to UserOptions
Improve intro description of Packages
Provide info whether user is logged in to JS
Add & update translations
Add light/dark favicon switch
backend.py: new linter version requires encoding
Fix python linting f-string errors
Rename Data Collection card to Threat Detection
Don't set socket when starting WSGIServer
Respond with 401 and rename the file
NPM audit fix

(cherry picked from commit 76693330)

We have two services that indicate boot finish. Those are
start-indicator and rainbow. They have start level 99 but these services
have it set as well and thus sometimes start after indicator. The result
is that tests relying on indicator can initially fail because they just
start too early.
It is also a good idea to just not keep 99 level for use like
start-indicator so this moves all services to earlier level rather than
just affected ones.

The dependency on create_notification includes gettext-tools that
conflicts with gettext and prevents continuation of migration.

There is probably not other solution than just removing this dependency.
We can't use trick with virtual package as we are using old updater at
that moment that considers it as error.

Glenn Strauss authored 3 years ago and Michal Vasilek committed 3 years ago

* add a patch to fix fix use-after-free bug in mod_alias
* refresh patches
* remove an upstreamed meson-zstd patch

* refresh patches
* remove disabling kres_gen_test - this was disabled because it broke
  cross compilation in 5.4.0, but is now fixed.

this bug resulted in crontab -e failing when $EDITOR was not set because
the configure script detected vi path from the host system which is
probably /usr/bin/vi, but OpenWrt has vi in /bin/vi

Compile and run tested on Turris 1.1, powerpc8540

Remove PKG_MAINTAINER line as this package is in our repository and thus
we maintain it. Also, this version was not in OpenWrt. There is a newer
version for OpenWrt 21.02+

In the past the tos3to4-early was installed alongside of updater but
that wasn't ideal so it was moved to be installed later with latest
version of updater after the first replan. This created issue that
script that should allow newest updater to run wasn't installed and
executed. At the same time we do not want to install tos3to4-early due
to its dependencies that we can't simply overcome in the old updater.
The alternative is to simply introduce tos3to4-earliest that contains
the simple localrepo removal script. This is going to be dependency of
updater and thus installed before the new version is installed.

Nor-update is provided by package turris-nor-update, which installs
nor-update into /usr/sbin

The original check was that master can be pushed only with develop
branch. It is what we mostly want but there are cases when we do not
update develop and only master that are valid as well. The example of
such operation is merge of develop to master, which is always
fast-forward due to our workflow.

This halts push only if master commit is not ancestor of develop instead
of halting it always when develop is not being updated.

This reverts commit 14abc044.

This reverts Foris part as well. The reForis part was reverted in
33ab8eff.
It turns out that my assumption that both Foris and reForis behave the
same that lead to only partial revert was invalid and Foris as it seems
it all right. This matches the behavior of reForis.

The second patch is fix. This backports patch that fixes issues with
scripts terminating but not correctly closing all outputs results into
hang.

The first patch is a feature. The turris-build repository contains
second part of it and it is already merged. It is not desirable to
release new version of updater because of other changes thus backporting
only this patch is a good solution.

Similarly to ebc12ecdb66a9261ba3d5cd06e87588764ac53aea2c64bd4c226f13cc2bf77d4

The `--` there was originally intended to disable processing of options
and thus protect against situation where password starts with dash. It
turns out that python processes arguments in such a way that anything
after command specification is automatically considered as argument and
not as option for python interpreter.

This also sets it to explicitly call Python3 compared to python as that
might call Python 2 that is not in package's dependencies and thus the
code might break if it would be called with it.

In recent update to version 2.2, I forgot to remove patch, which was
backported to fix issues which happened on blue Turris, powerpc.

Fixes: b508118a ("sentinel-minipot:
update to version 2.2")

- Update copyright
- Since version 2.2, there are required two dependencies: logc and
logc-argp.

The previous tarball is no longer available and it was necessary to push
a new container due to recent GitLab wipe and create new files again.

The content is still the same.

Added:
- Scripts that use storage for Lighttpd temporally files

This reverts commit 14abc044.

The issue with reforis starting was that both reforis and lighttpd were
creating FCGI socket. Thus lighttpd created socket and send request to
it while reForis replaced that socket when it initialized and thus never
get the initial request. The removal of socket configuration solves the
issue and the patch added here is that fix.

Fixes: CVE-2021-33880

* Use color-scheme detection for theme
* Sync translations with Turris OS
* Improve cards transitions
* Fix headline in README

Changed:
* Increase persistent logs size to 100 MB in logrotate config
* Refactor srv init script
* Restart rainbow service instead of hardcoded set to white in srv init script

Fixed
* Handle missing /srv directory in srv init script
* Prevent to manipulate programmable LEDs on routers without rainbow command in srv init script

Going to /netdata resulted in CSS and JS not being loaded which made
netdata unusable.

* faster rendering of snapshots table
* unified management of temporary files
* used credentials file for samba

Fixed:
* networks: fix reading multiple interfaces of wan (e.g. bridge)
* wan: ipv6_address in 6in4 may contain prefix as well

* Add & update translations
* Replace `attack detection` by `threat detection`
* NPM audit fix

Martin Prudek authored 3 years ago and Karel Koci committed 3 years ago

Term 'data collection' is no longer desired. We should replace it
wherever possible with terms like:
 - Turris Security
 - Turris Sentinel
 - Threat detection