Updating Pixelfed

justdaj · February 10, 2024, 12:25pm

Pixelfed has released an critical update to patch a security issue.

I’m not sure how long this takes to appear on the Yunohost updates. Is it possible for an someone to simply run the commands to update their install via the Pixelfed Git directly, or will that break the Yunohost config?

orhtej2 · February 10, 2024, 12:48pm

Update seems to already be coming:

github.com/YunoHost-Apps/pixelfed_ynh

Update v0.11.11

YunoHost-Apps:testing ← oufmilo:testing

opened 09:00AM - 10 Feb 24 UTC

oufmilo

+3 -3

## Problem - *Description of why you made this PR* ## Solution - *And h…ow do you fix that problem* ## PR Status - [ ] Code finished and ready to be reviewed/tested - [ ] The fix/enhancement were manually tested (if applicable) ## Automatic tests Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)

justdaj · February 10, 2024, 1:30pm

Excellent. Thanks

Lapineige · February 10, 2024, 3:20pm

The package has the auto-update mechanism.
So the maximum is 24h before a pull request is generated and sent to the Continuous Integration, and if all tests pass, then it’s ready for testing.

Also I’ve subcribed to new releases notifications, so anytime a new version is available, I’m aware

I still don’t see where that is mentioned in the release notes Release v0.11.10 · pixelfed/pixelfed · GitHub
edit: dansup 🚀: "🚨 Pixelfed admins: please update ASAP to v0.11.11…" - Mastodon

It’s very likely to break. Don’t do that please

justdaj · February 10, 2024, 4:09pm

I still don’t see where that is mentioned in the release notes Release v0.11.10

Release v0.11.11 came out earlier today with the critical update

justdaj · February 19, 2024, 11:52am

Version 0.11.12 has been out for a few days, with important security fixes

orhtej2 · February 19, 2024, 12:24pm

There’s an autoupdater running for Pixelfed already, no need to announce every release!

justdaj · February 19, 2024, 12:36pm

Ok, thanks. I thought I was helping. Another version of PF coming today by the looks of it.

I will go check if a mastodon update is in the Yunohost update mix as 2.7 is out with another security fix. Must be challenging keeping up!

Lapineige · February 19, 2024, 4:59pm

As said above, and in other topics, and quite often these days on similar topics for other apps (which starts to be a bit tiring, honestly):

we are aware of any new release
the package will have a new branch available for testing without 24h after each new release, it’s automated
asking for an update (or a quicker one), or simply notifying us of a new release, don’t help progressing in packaging the update, but gives us more work to handle.

If you want to help, you can either test the new release while it’s still not published (Upgrade to v0.11.12 (including a security fix) by yunohost-bot · Pull Request #249 · YunoHost-Apps/pixelfed_ynh · GitHub right now) and report the result (and be aware it’s not guaranteed to work until enough people tried and sent some feedback) ; or you can simply publish an announcement in the forum for the end users (and contributors to the packaging) to tell them that there is a security patch that will come so they are aware that they need to update as soon as it’s available.

Packaging updates depends on volunteers time and energy, and you can be one of them without the need to be tech-savy (feel free to ask for guidance ).

system · March 20, 2024, 4:59pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.