mirror of
https://github.com/flatpak/flatpak.git
synced 2026-04-08 09:01:02 -04:00
48eac4c26a
This reverts commit915ad583a7. This commit turned out to have unintended side effects. Specifically, with it we do a pull with OSTREE_REPO_PULL_FLAGS_MIRROR, and then flatpak_dir_setup_extra_data() does a non-mirror pull in the same transaction, so the ref being pulled ends up being written to disk under both refs/remotes/ and refs/mirrors/ in ostree_repo_commit_transaction(). This is a problem because only the remote ref is deleted during an uninstall, so the disk space is leaked, and we don't have the infrastructure in place to keep both refs up to date as they're updated. It would be nice to consistently use OSTREE_REPO_PULL_FLAGS_MIRROR for all pulls but that turns out to be a deep rabbit hole to go down; see the discussion in https://github.com/flatpak/flatpak/pull/3220 So revert the commit instead (with a few exceptions: keep a still-relevant FIXME comment, keep an assertion in the "out:" section, and keep a debug statement printing out the resolved rev). Note that this means that since we're no longer checking commit signatures during ref resolution, in theory remote B could try to set the same collection ID as remote A and serve a malicious update for something from remote A, but the signature would be found to be invalid during the pull phase due to our use of "ref-keyring-map" so the transaction would fail. All the other uses of OSTREE_REPO_PULL_FLAGS_MIRROR across the codebase should be kept I think: - flatpak create-usb uses it when pulling into the repo on the USB which works perfectly well with refs/mirrors/ (and the USB is mirroring the collection-refs!) - it's used when pulling into a temporary "child" repo in a few places and there it makes sense since the child repo is mirroring the refs so they can be pulled into the main repo. In fact, in the case of flatpak_dir_do_resolve_p2p_refs(), we need MIRROR since otherwise ostree_repo_resolve_collection_ref() gives us the commit on-disk rather than the just-pulled one that's in memory. (cherry picked from commit13366524d8)