From 37ae71354ee956984eed531df14bc9c1f44e8bf5 Mon Sep 17 00:00:00 2001 From: Kai Engert Date: Wed, 27 May 2026 17:22:02 +0200 Subject: [PATCH 1/5] Fix rnp_op_verify_get_used_recipient to support hidden recipient, related to Issue #1275 --- src/lib/rnp.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/lib/rnp.cpp b/src/lib/rnp.cpp index 6a8d6223c..957e5963a 100644 --- a/src/lib/rnp.cpp +++ b/src/lib/rnp.cpp @@ -3398,6 +3398,13 @@ try { handler.ctx = &op->rnpctx; rnp_result_t ret = process_pgp_source(&handler, op->input->src); + /* For hidden recipients, patch used_recipient with the actual key id that was used. + * kparam.last still points to the key that succeeded: the stream-parse loop breaks + * immediately after a successful encrypted_try_key(), so the key provider is not + * called again after that point. */ + if (kparam.has_hidden && kparam.last && op->used_recipient) { + op->used_recipient->keyid = kparam.last->keyid(); + } /* Allow to decrypt data ignoring the signatures check if requested */ if (op->ignore_sigs && op->validated && (ret == RNP_ERROR_SIGNATURE_INVALID)) { ret = RNP_SUCCESS; From 275a7e508896339a87b61e5c3ca6f493b57feb50 Mon Sep 17 00:00:00 2001 From: Kai Engert Date: Fri, 29 May 2026 23:41:15 +0200 Subject: [PATCH 2/5] Allow me to run some workflows manually on my fork. --- .github/workflows/centos-and-fedora.yml | 3 ++- .github/workflows/debian.yml | 3 ++- .github/workflows/lint.yml | 1 + .github/workflows/macos.yml | 3 ++- .github/workflows/opensuse.yml | 3 ++- .github/workflows/time-machine.yml | 2 +- .github/workflows/ubuntu.yml | 9 +++++---- .github/workflows/windows-msys2.yml | 3 ++- .github/workflows/windows-native.yml | 7 ++++--- 9 files changed, 21 insertions(+), 13 deletions(-) diff --git a/.github/workflows/centos-and-fedora.yml b/.github/workflows/centos-and-fedora.yml index cfb6e2caa..99e4a9096 100644 --- a/.github/workflows/centos-and-fedora.yml +++ b/.github/workflows/centos-and-fedora.yml @@ -29,6 +29,7 @@ on: - '**.nix' - 'flake.lock' - 'version.txt' + workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -167,7 +168,7 @@ jobs: cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD - exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" + exec su rnpuser -c "ctest --parallel 1 --test-dir build --output-on-failure" - name: Coverage if: env.BUILD_MODE == 'coverage' diff --git a/.github/workflows/debian.yml b/.github/workflows/debian.yml index 6fd9ca058..e9d6eebe2 100644 --- a/.github/workflows/debian.yml +++ b/.github/workflows/debian.yml @@ -30,6 +30,7 @@ on: - '**.nix' - 'flake.lock' - 'version.txt' + workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -110,7 +111,7 @@ jobs: cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD - exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" + exec su rnpuser -c "ctest --parallel 1 --test-dir build --output-on-failure" - name: Package run: cpack -G DEB -B debian --config build/CPackConfig.cmake diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 5fce5a8d6..310f90adf 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -15,6 +15,7 @@ on: - '**.md' - '**.nix' - 'flake.lock' + workflow_dispatch: jobs: clang-format: diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index c666262da..7018956ab 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -53,6 +53,7 @@ on: - '**.nix' - 'flake.lock' - 'version.txt' + workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -159,7 +160,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel ${{ env.CORES }} --test-dir build -C Debug --output-on-failure + ctest --parallel 1 --test-dir build -C Debug --output-on-failure - name: Configure and build with botan-config.cmake if: matrix.backend == 'botan3' diff --git a/.github/workflows/opensuse.yml b/.github/workflows/opensuse.yml index b21a41eeb..1b7bfed33 100644 --- a/.github/workflows/opensuse.yml +++ b/.github/workflows/opensuse.yml @@ -30,6 +30,7 @@ on: - '**.nix' - 'flake.lock' - 'version.txt' + workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -105,4 +106,4 @@ jobs: cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD - exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" + exec su rnpuser -c "ctest --parallel 1 --test-dir build --output-on-failure" diff --git a/.github/workflows/time-machine.yml b/.github/workflows/time-machine.yml index 7f69ce6f8..2e9375d33 100644 --- a/.github/workflows/time-machine.yml +++ b/.github/workflows/time-machine.yml @@ -193,4 +193,4 @@ jobs: export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD echo Running tests for "$(LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 date)" - exec su rnpuser -c "LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" + exec su rnpuser -c "LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 ctest --parallel 1 --test-dir build --output-on-failure" diff --git a/.github/workflows/ubuntu.yml b/.github/workflows/ubuntu.yml index c8cec90aa..c1b5e0eac 100644 --- a/.github/workflows/ubuntu.yml +++ b/.github/workflows/ubuntu.yml @@ -53,6 +53,7 @@ on: - '**.md' - '**.nix' - 'flake.lock' + workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -117,7 +118,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure + ctest --parallel 1 --test-dir build --output-on-failure cmake-offline-googletest-src: runs-on: ubuntu-latest @@ -152,7 +153,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure + ctest --parallel 1 --test-dir build --output-on-failure - name: Check googletest run: | @@ -198,7 +199,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure + ctest --parallel 1 --test-dir build --output-on-failure - name: Check googletest run: | @@ -270,7 +271,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel ${{ env.CORES }} --test-dir build -R rnp_tests --output-on-failure + ctest --parallel 1 --test-dir build -R rnp_tests --output-on-failure package-source: runs-on: ubuntu-latest diff --git a/.github/workflows/windows-msys2.yml b/.github/workflows/windows-msys2.yml index c187476ba..4f550e3a8 100644 --- a/.github/workflows/windows-msys2.yml +++ b/.github/workflows/windows-msys2.yml @@ -56,6 +56,7 @@ on: - '**.nix' - 'flake.lock' - 'version.txt' + workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -139,7 +140,7 @@ jobs: cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" export RNP_LOG_CONSOLE=1 - ctest --parallel ${{ env.CORES }} --test-dir build -C Debug --output-on-failure + ctest --parallel 1 --test-dir build -C Debug --output-on-failure - name: Install run: cmake --install build diff --git a/.github/workflows/windows-native.yml b/.github/workflows/windows-native.yml index 79b2cdee7..1775e1319 100644 --- a/.github/workflows/windows-native.yml +++ b/.github/workflows/windows-native.yml @@ -53,6 +53,7 @@ on: - '**.nix' - 'flake.lock' - 'version.txt' + workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -202,8 +203,8 @@ jobs: shell: bash # Sometimes running cli_tests in parallel causes instability [???] # ctest --test-dir build -R cli_tests -C Debug --output-on-failure - # ctest --parallel ${{ env.CORES }} --test-dir build -R rnp_tests -C Debug --output-on-failure - # ctest --parallel ${{ env.CORES }} --test-dir build -C Release --output-on-failure + # ctest --parallel 1 --test-dir build -R rnp_tests -C Debug --output-on-failure + # ctest --parallel 1 --test-dir build -C Release --output-on-failure run: | export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH if [[ "${{ matrix.sanitizers }}" == "on" ]]; then @@ -221,4 +222,4 @@ jobs: fi mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" - ctest --parallel ${{ env.CORES }} --test-dir build -C Release --output-on-failure + ctest --parallel 1 --test-dir build -C Release --output-on-failure From 621e0cc12335c381a0053640dc7a6dee3b224dce Mon Sep 17 00:00:00 2001 From: Kai Engert Date: Fri, 29 May 2026 23:50:09 +0200 Subject: [PATCH 3/5] remove all automatic workflows, only run manually --- .github/workflows/centos-and-fedora.yml | 29 ------------------------ .github/workflows/codeql.yml | 7 +----- .github/workflows/coverity.yml | 3 --- .github/workflows/debian.yml | 29 ------------------------ .github/workflows/dispatch.yml | 4 ---- .github/workflows/fuzzing.yml | 13 +---------- .github/workflows/lint.yml | 14 ------------ .github/workflows/macos.yml | 27 ---------------------- .github/workflows/nix.yml | 24 +------------------- .github/workflows/opensuse.yml | 29 ------------------------ .github/workflows/time-machine.yml | 30 ------------------------- .github/workflows/ubuntu.yml | 27 ---------------------- .github/workflows/windows-msys2.yml | 30 ------------------------- .github/workflows/windows-native.yml | 29 ------------------------ 14 files changed, 3 insertions(+), 292 deletions(-) diff --git a/.github/workflows/centos-and-fedora.yml b/.github/workflows/centos-and-fedora.yml index 99e4a9096..b7d9f402a 100644 --- a/.github/workflows/centos-and-fedora.yml +++ b/.github/workflows/centos-and-fedora.yml @@ -1,34 +1,5 @@ name: centos-and-fedora on: - push: - branches: - - main - - 'release/**' - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - - '.github/workflows/*.yml' - - '!.github/workflows/centos-and-fedora.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' workflow_dispatch: concurrency: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 56c35e724..adfd8bb4e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,12 +1,7 @@ name: "CodeQL" on: - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] - schedule: - - cron: "21 15 * * 6" + workflow_dispatch: jobs: analyze: diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index a1d779891..ab91c9f1e 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -1,9 +1,6 @@ name: coverity on: - schedule: - # every day at 9:00 UTC - - cron: '0 9 * * *' workflow_dispatch: jobs: diff --git a/.github/workflows/debian.yml b/.github/workflows/debian.yml index e9d6eebe2..a8e7f613b 100644 --- a/.github/workflows/debian.yml +++ b/.github/workflows/debian.yml @@ -1,35 +1,6 @@ name: debian on: - push: - branches: - - main - - 'release/**' - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - - '.github/workflows/*.yml' - - '!.github/workflows/debian.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' workflow_dispatch: concurrency: diff --git a/.github/workflows/dispatch.yml b/.github/workflows/dispatch.yml index 920641298..d662ba49e 100644 --- a/.github/workflows/dispatch.yml +++ b/.github/workflows/dispatch.yml @@ -24,10 +24,6 @@ name: dispatch on: - push: - branches: - - main - - 'release/**' workflow_dispatch: jobs: diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml index 2acb5816c..42ba0a317 100644 --- a/.github/workflows/fuzzing.yml +++ b/.github/workflows/fuzzing.yml @@ -1,18 +1,7 @@ name: fuzzing on: - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' + workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 310f90adf..2b942e596 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,20 +1,6 @@ name: lint on: - push: - branches: - - main - pull_request: - paths-ignore: - - '/.*' - - '/_*' - - '!.clang-format' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' workflow_dispatch: jobs: diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 7018956ab..71655c923 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -26,33 +26,6 @@ name: macos on: - push: - branches: - - main - - 'release/**' - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - - '.github/workflows/*.yml' - - '!.github/workflows/macos.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' workflow_dispatch: concurrency: diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index f55d9f96f..a87e5c1aa 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -1,29 +1,7 @@ name: nix on: - push: - branches: - - main - - 'release/**' - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'docs/**' - - '**.adoc' - - '**.md' - - 'ci/**' - - '.github/workflows/*.yml' - - '!.github/workflows/nix.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'docs/**' - - '**.adoc' - - '**.md' - - 'ci/**' + workflow_dispatch: jobs: build: diff --git a/.github/workflows/opensuse.yml b/.github/workflows/opensuse.yml index 1b7bfed33..e04074ded 100644 --- a/.github/workflows/opensuse.yml +++ b/.github/workflows/opensuse.yml @@ -1,35 +1,6 @@ name: opensuse on: - push: - branches: - - main - - 'release/**' - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - - '.github/workflows/*.yml' - - '!.github/workflows/opensuse.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' workflow_dispatch: concurrency: diff --git a/.github/workflows/time-machine.yml b/.github/workflows/time-machine.yml index 2e9375d33..93125545b 100644 --- a/.github/workflows/time-machine.yml +++ b/.github/workflows/time-machine.yml @@ -24,36 +24,6 @@ name: time-machine on: - push: - branches: - - main - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - - '.github/workflows/*.yml' - - '!.github/workflows/time-machine.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - - '.github/workflows/*.yml' - - '!.github/workflows/time-machine.yml' workflow_dispatch: concurrency: diff --git a/.github/workflows/ubuntu.yml b/.github/workflows/ubuntu.yml index c1b5e0eac..c74e9e12a 100644 --- a/.github/workflows/ubuntu.yml +++ b/.github/workflows/ubuntu.yml @@ -26,33 +26,6 @@ name: ubuntu on: - push: - branches: - - main - - 'release/**' - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - '.github/workflows/*.yml' - - '!.github/workflows/ubuntu.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' workflow_dispatch: concurrency: diff --git a/.github/workflows/windows-msys2.yml b/.github/workflows/windows-msys2.yml index 4f550e3a8..2ef49f8b6 100644 --- a/.github/workflows/windows-msys2.yml +++ b/.github/workflows/windows-msys2.yml @@ -27,36 +27,6 @@ name: windows-msys2 on: workflow_dispatch: - push: - branches: - - main - - 'release/**' - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - - '.github/workflows/*.yml' - - '!.github/workflows/windows-msys2.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' diff --git a/.github/workflows/windows-native.yml b/.github/workflows/windows-native.yml index 1775e1319..e64f03ad0 100644 --- a/.github/workflows/windows-native.yml +++ b/.github/workflows/windows-native.yml @@ -24,35 +24,6 @@ name: windows-native on: - push: - branches: - - main - - 'release/**' - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' - - '.github/workflows/*.yml' - - '!.github/workflows/windows-native.yml' - pull_request: - paths-ignore: - - '/*.sh' - - '/.*' - - '/_*' - - 'Brewfile' - - 'docs/**' - - '**.adoc' - - '**.md' - - '**.nix' - - 'flake.lock' - - 'version.txt' workflow_dispatch: concurrency: From 1f7ecbcc2017519cc32772c27a59968929db8430 Mon Sep 17 00:00:00 2001 From: Kai Engert Date: Sat, 30 May 2026 00:01:18 +0200 Subject: [PATCH 4/5] try to fix centos 9 mirror issue --- .github/workflows/centos-and-fedora.yml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/.github/workflows/centos-and-fedora.yml b/.github/workflows/centos-and-fedora.yml index b7d9f402a..5cc451441 100644 --- a/.github/workflows/centos-and-fedora.yml +++ b/.github/workflows/centos-and-fedora.yml @@ -76,6 +76,13 @@ jobs: with: submodules: true + - name: Fix CentOS 9 mirrors + if: contains(matrix.image.container, 'centos-9') || contains(matrix.image.container, 'centos:stream9') + run: | + sed -i 's/mirror.stream.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo + sed -i 's/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/*.repo + sed -i 's/^#baseurl/baseurl/g' /etc/yum.repos.d/*.repo + - name: Setup environment run: | set -o errexit -o pipefail -o noclobber -o nounset @@ -185,6 +192,13 @@ jobs: name: Package ${{ matrix.image.name }} SRPM steps: + - name: Fix CentOS 9 mirrors + if: contains(matrix.image.container, 'centos-9') || contains(matrix.image.container, 'centos:stream9') + run: | + sed -i 's/mirror.stream.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo + sed -i 's/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/*.repo + sed -i 's/^#baseurl/baseurl/g' /etc/yum.repos.d/*.repo + - name: Install rpm tools run: yum -y install rpm-build @@ -228,6 +242,13 @@ jobs: name: Package ${{ matrix.image.name }} RPM steps: + - name: Fix CentOS 9 mirrors + if: contains(matrix.image.container, 'centos-9') || contains(matrix.image.container, 'centos:stream9') + run: | + sed -i 's/mirror.stream.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo + sed -i 's/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/*.repo + sed -i 's/^#baseurl/baseurl/g' /etc/yum.repos.d/*.repo + - name: Install rpm tools run: yum -y install rpm-build @@ -279,6 +300,13 @@ jobs: name: RPM test on ${{ matrix.image.name }} steps: + - name: Fix CentOS 9 mirrors + if: contains(matrix.image.container, 'centos-9') || contains(matrix.image.container, 'centos:stream9') + run: | + sed -i 's/mirror.stream.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo + sed -i 's/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/*.repo + sed -i 's/^#baseurl/baseurl/g' /etc/yum.repos.d/*.repo + - name: Install prerequisites run: yum -y install sudo wget binutils From 367a2e0f11526c84aaf192e49dc4d57a77e14845 Mon Sep 17 00:00:00 2001 From: Kai Engert Date: Sat, 30 May 2026 00:12:28 +0200 Subject: [PATCH 5/5] Revert "Merge branch 'main' into fix_get_hidden_recipient" This reverts commit 622b75698ec5135c46f33b9f1b41b622231503ed, reversing changes made to 37ae71354ee956984eed531df14bc9c1f44e8bf5. --- .github/workflows/centos-and-fedora.yml | 60 ++++++++++++------------- .github/workflows/codeql.yml | 7 ++- .github/workflows/coverity.yml | 3 ++ .github/workflows/debian.yml | 32 ++++++++++++- .github/workflows/dispatch.yml | 4 ++ .github/workflows/fuzzing.yml | 13 +++++- .github/workflows/lint.yml | 15 ++++++- .github/workflows/macos.yml | 30 ++++++++++++- .github/workflows/nix.yml | 24 +++++++++- .github/workflows/opensuse.yml | 32 ++++++++++++- .github/workflows/time-machine.yml | 32 ++++++++++++- .github/workflows/ubuntu.yml | 36 ++++++++++++--- .github/workflows/windows-msys2.yml | 31 ++++++++++++- .github/workflows/windows-native.yml | 36 +++++++++++++-- 14 files changed, 304 insertions(+), 51 deletions(-) diff --git a/.github/workflows/centos-and-fedora.yml b/.github/workflows/centos-and-fedora.yml index 5cc451441..cfb6e2caa 100644 --- a/.github/workflows/centos-and-fedora.yml +++ b/.github/workflows/centos-and-fedora.yml @@ -1,6 +1,34 @@ name: centos-and-fedora on: - workflow_dispatch: + push: + branches: + - main + - 'release/**' + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' + - '.github/workflows/*.yml' + - '!.github/workflows/centos-and-fedora.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -76,13 +104,6 @@ jobs: with: submodules: true - - name: Fix CentOS 9 mirrors - if: contains(matrix.image.container, 'centos-9') || contains(matrix.image.container, 'centos:stream9') - run: | - sed -i 's/mirror.stream.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo - sed -i 's/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/*.repo - sed -i 's/^#baseurl/baseurl/g' /etc/yum.repos.d/*.repo - - name: Setup environment run: | set -o errexit -o pipefail -o noclobber -o nounset @@ -146,7 +167,7 @@ jobs: cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD - exec su rnpuser -c "ctest --parallel 1 --test-dir build --output-on-failure" + exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" - name: Coverage if: env.BUILD_MODE == 'coverage' @@ -192,13 +213,6 @@ jobs: name: Package ${{ matrix.image.name }} SRPM steps: - - name: Fix CentOS 9 mirrors - if: contains(matrix.image.container, 'centos-9') || contains(matrix.image.container, 'centos:stream9') - run: | - sed -i 's/mirror.stream.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo - sed -i 's/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/*.repo - sed -i 's/^#baseurl/baseurl/g' /etc/yum.repos.d/*.repo - - name: Install rpm tools run: yum -y install rpm-build @@ -242,13 +256,6 @@ jobs: name: Package ${{ matrix.image.name }} RPM steps: - - name: Fix CentOS 9 mirrors - if: contains(matrix.image.container, 'centos-9') || contains(matrix.image.container, 'centos:stream9') - run: | - sed -i 's/mirror.stream.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo - sed -i 's/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/*.repo - sed -i 's/^#baseurl/baseurl/g' /etc/yum.repos.d/*.repo - - name: Install rpm tools run: yum -y install rpm-build @@ -300,13 +307,6 @@ jobs: name: RPM test on ${{ matrix.image.name }} steps: - - name: Fix CentOS 9 mirrors - if: contains(matrix.image.container, 'centos-9') || contains(matrix.image.container, 'centos:stream9') - run: | - sed -i 's/mirror.stream.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo - sed -i 's/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/*.repo - sed -i 's/^#baseurl/baseurl/g' /etc/yum.repos.d/*.repo - - name: Install prerequisites run: yum -y install sudo wget binutils diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index adfd8bb4e..56c35e724 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,7 +1,12 @@ name: "CodeQL" on: - workflow_dispatch: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + - cron: "21 15 * * 6" jobs: analyze: diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index ab91c9f1e..a1d779891 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -1,6 +1,9 @@ name: coverity on: + schedule: + # every day at 9:00 UTC + - cron: '0 9 * * *' workflow_dispatch: jobs: diff --git a/.github/workflows/debian.yml b/.github/workflows/debian.yml index a8e7f613b..6fd9ca058 100644 --- a/.github/workflows/debian.yml +++ b/.github/workflows/debian.yml @@ -1,7 +1,35 @@ name: debian on: - workflow_dispatch: + push: + branches: + - main + - 'release/**' + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' + - '.github/workflows/*.yml' + - '!.github/workflows/debian.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -82,7 +110,7 @@ jobs: cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD - exec su rnpuser -c "ctest --parallel 1 --test-dir build --output-on-failure" + exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" - name: Package run: cpack -G DEB -B debian --config build/CPackConfig.cmake diff --git a/.github/workflows/dispatch.yml b/.github/workflows/dispatch.yml index d662ba49e..920641298 100644 --- a/.github/workflows/dispatch.yml +++ b/.github/workflows/dispatch.yml @@ -24,6 +24,10 @@ name: dispatch on: + push: + branches: + - main + - 'release/**' workflow_dispatch: jobs: diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml index 42ba0a317..2acb5816c 100644 --- a/.github/workflows/fuzzing.yml +++ b/.github/workflows/fuzzing.yml @@ -1,7 +1,18 @@ name: fuzzing on: - workflow_dispatch: + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 2b942e596..5fce5a8d6 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,7 +1,20 @@ name: lint on: - workflow_dispatch: + push: + branches: + - main + pull_request: + paths-ignore: + - '/.*' + - '/_*' + - '!.clang-format' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' jobs: clang-format: diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 71655c923..c666262da 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -26,7 +26,33 @@ name: macos on: - workflow_dispatch: + push: + branches: + - main + - 'release/**' + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' + - '.github/workflows/*.yml' + - '!.github/workflows/macos.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -133,7 +159,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel 1 --test-dir build -C Debug --output-on-failure + ctest --parallel ${{ env.CORES }} --test-dir build -C Debug --output-on-failure - name: Configure and build with botan-config.cmake if: matrix.backend == 'botan3' diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index a87e5c1aa..f55d9f96f 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -1,7 +1,29 @@ name: nix on: - workflow_dispatch: + push: + branches: + - main + - 'release/**' + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'docs/**' + - '**.adoc' + - '**.md' + - 'ci/**' + - '.github/workflows/*.yml' + - '!.github/workflows/nix.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'docs/**' + - '**.adoc' + - '**.md' + - 'ci/**' jobs: build: diff --git a/.github/workflows/opensuse.yml b/.github/workflows/opensuse.yml index e04074ded..b21a41eeb 100644 --- a/.github/workflows/opensuse.yml +++ b/.github/workflows/opensuse.yml @@ -1,7 +1,35 @@ name: opensuse on: - workflow_dispatch: + push: + branches: + - main + - 'release/**' + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' + - '.github/workflows/*.yml' + - '!.github/workflows/opensuse.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -77,4 +105,4 @@ jobs: cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD - exec su rnpuser -c "ctest --parallel 1 --test-dir build --output-on-failure" + exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" diff --git a/.github/workflows/time-machine.yml b/.github/workflows/time-machine.yml index 93125545b..7f69ce6f8 100644 --- a/.github/workflows/time-machine.yml +++ b/.github/workflows/time-machine.yml @@ -24,6 +24,36 @@ name: time-machine on: + push: + branches: + - main + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' + - '.github/workflows/*.yml' + - '!.github/workflows/time-machine.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' + - '.github/workflows/*.yml' + - '!.github/workflows/time-machine.yml' workflow_dispatch: concurrency: @@ -163,4 +193,4 @@ jobs: export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD echo Running tests for "$(LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 date)" - exec su rnpuser -c "LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 ctest --parallel 1 --test-dir build --output-on-failure" + exec su rnpuser -c "LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" diff --git a/.github/workflows/ubuntu.yml b/.github/workflows/ubuntu.yml index c74e9e12a..c8cec90aa 100644 --- a/.github/workflows/ubuntu.yml +++ b/.github/workflows/ubuntu.yml @@ -26,7 +26,33 @@ name: ubuntu on: - workflow_dispatch: + push: + branches: + - main + - 'release/**' + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - '.github/workflows/*.yml' + - '!.github/workflows/ubuntu.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -91,7 +117,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel 1 --test-dir build --output-on-failure + ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure cmake-offline-googletest-src: runs-on: ubuntu-latest @@ -126,7 +152,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel 1 --test-dir build --output-on-failure + ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure - name: Check googletest run: | @@ -172,7 +198,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel 1 --test-dir build --output-on-failure + ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure - name: Check googletest run: | @@ -244,7 +270,7 @@ jobs: mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" - ctest --parallel 1 --test-dir build -R rnp_tests --output-on-failure + ctest --parallel ${{ env.CORES }} --test-dir build -R rnp_tests --output-on-failure package-source: runs-on: ubuntu-latest diff --git a/.github/workflows/windows-msys2.yml b/.github/workflows/windows-msys2.yml index 2ef49f8b6..c187476ba 100644 --- a/.github/workflows/windows-msys2.yml +++ b/.github/workflows/windows-msys2.yml @@ -27,6 +27,35 @@ name: windows-msys2 on: workflow_dispatch: + push: + branches: + - main + - 'release/**' + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' + - '.github/workflows/*.yml' + - '!.github/workflows/windows-msys2.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -110,7 +139,7 @@ jobs: cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" export RNP_LOG_CONSOLE=1 - ctest --parallel 1 --test-dir build -C Debug --output-on-failure + ctest --parallel ${{ env.CORES }} --test-dir build -C Debug --output-on-failure - name: Install run: cmake --install build diff --git a/.github/workflows/windows-native.yml b/.github/workflows/windows-native.yml index e64f03ad0..79b2cdee7 100644 --- a/.github/workflows/windows-native.yml +++ b/.github/workflows/windows-native.yml @@ -24,7 +24,35 @@ name: windows-native on: - workflow_dispatch: + push: + branches: + - main + - 'release/**' + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' + - '.github/workflows/*.yml' + - '!.github/workflows/windows-native.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' @@ -174,8 +202,8 @@ jobs: shell: bash # Sometimes running cli_tests in parallel causes instability [???] # ctest --test-dir build -R cli_tests -C Debug --output-on-failure - # ctest --parallel 1 --test-dir build -R rnp_tests -C Debug --output-on-failure - # ctest --parallel 1 --test-dir build -C Release --output-on-failure + # ctest --parallel ${{ env.CORES }} --test-dir build -R rnp_tests -C Debug --output-on-failure + # ctest --parallel ${{ env.CORES }} --test-dir build -C Release --output-on-failure run: | export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH if [[ "${{ matrix.sanitizers }}" == "on" ]]; then @@ -193,4 +221,4 @@ jobs: fi mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" - ctest --parallel 1 --test-dir build -C Release --output-on-failure + ctest --parallel ${{ env.CORES }} --test-dir build -C Release --output-on-failure