I am honestly amazed at all the things that went wrong with the commit
a0f8afb9 by sam:

- attempted to fix something that was not broken
- bumped the build dependency from go 1.14 to go 1.17, even when he had
  been warned that we try to keep backward compatibility to be able to
  build the client in standard or limited enviroments.
- if you (meaning, any future maintainer) are tempted to bump the go
  version we depend on again, please make sure that the snap, win and
  mac build procedures are updated accordingly.
- removing one extra dependency is ok, but maintaining compabilitiy for
  builds is even more importan-ter.
- you cannot just change paths of a top-level folder without grepping
  for the use of those paths. period. I see you fixed linux in
  5ed27792f38e974922a8u, but branding/ scripts still depend on that.
- if you are going to do this, please open a review process and wait for
  others to chime in.
- if you are not sure, just fucking ask.

(I better won't mention how many hours were invoiced for this commit,
because that's fucking unprofessional, lol).

on the positive side, i've learned a few things that can go to a style
guide in the near future. that's something, I guess :)

Update l10n urls after project merge

See merge request !157

It changes the transifex urls that are used for localization, updates to
related documentation as well.

Related: #614

gui/build.sh: also find qmake if it is named qmake5

See merge request !156

Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>

Signed-off-by: Sam Whited <sam@samwhited.com>

Signed-off-by: Sam Whited <sam@samwhited.com>

This removes a dependency by using the built-in go:embed functionality
introduce in Go 1.16 instead of statik for embedding files.
This means that Go 1.16+ would now be required to build the VPN.

Signed-off-by: Sam Whited <sam@samwhited.com>

Previously we saved the vendor tree in version control, making any
commit that changed a dependency rather large.
Go Modules gives us most of the advantages of vendoring except that if a
dependency which is not stored on the proxy is deleted we would lose
access to it.
For now, we can remove the vendor tree and when we get CI working again
we can possibly generate and save the vendor tree as a build artifact.

Signed-off-by: Sam Whited <sam@samwhited.com>

Sam Whited authored 3 years ago and Kali Kaneko committed 3 years ago

kali was sloppy leaving that there

Sam Whited authored 3 years ago and Kali Kaneko committed 3 years ago

Removes some GNUisms in favor of POSIX-make or generally more portable
make constructs.

Signed-off-by: Sam Whited <sam@samwhited.com>

Nil slices are valid slices of length 0, so the nil check is not needed.

Signed-off-by: Sam Whited <sam@samwhited.com>

until we include a language switcher, this is how we can test
translations.

this was failing for non-en locales

- Resolves: #590

aboutToQuit let us catch Quits coming from the osx menu or the dock.

Kali Kaneko authored 3 years ago and Kali Kaneko committed 3 years ago

- binary name is different in the osx bundle, theme won't load
- calyx is not ready for tls 1.2 yet

kali authored 3 years ago and Kali Kaneko committed 3 years ago

A vulnerability in QtIFW produces improper ACLs to be set when
installing in custom locations. This can lead to privilege escalation if
a non-privileged user overwrites the openvpn binary. Thanks to
researchers at Tenable for finding and reporting this!

Impact is considered low-medium, since an installation outside of the
suggested path is needed to trigger the issue.

Privileged execution of openvpn should be abandoned in next release, in
favor of the interactive service.

A bug upstream should be filed since other projects could be affected by
this vulnerability too.

-Resolves: #569