Aleksa Sarai
Aleksa Sarai
> It needs a temporary go.mod, otherwise -modfile=vendor.mod won't work. Ah. I can add the temporary copying logic for these builds if it's necessary. > I know we split these...
@thaJeztah I've fixed the `go.mod` issue, it all works now. :smile_cat:
Rebased. @thaJeztah Did you want me to go the route of making the documentation be pre-built and then verified in CI? I think packaging things this way is better for...
It seems that there's no way to `Readlink` with `io/fs.FS`, and it also seems that they expect implementations to follow trailing symlinks (though the docs seem a little unclear). So...
I'll test this over the weekend, though since the source is KanjiVG I would expect the stroke order information to be accurate for Japanese (as long as it was parsed...
I've been busy with other things recently. I will migrate to GHA when I have some time next week.
https://github.com/cyphar/filepath-securejoin/pull/13 has an implementation of most of this, though it only works for privileged users and on a new enough kernel (Linux 5.8-ish).
@shlevy If you're still interested in this, it is possible to create a handle like this using `open_tree(OPEN_TREE_CLONE)`. The file descriptor you get is the root of a bind-mount in...
With the new mount API, a privileged user can create a private handle with `fsopen` or `open_tree`. Since Linux 5.12 (torvalds/linux@ee2e3f50629f), `open_tree`-based anonymous mounts are completely race-free to use, though...
https://github.com/cyphar/filepath-securejoin/pull/13 is a Go implementation of this, for reference. There were a couple of snags I didn't anticipate: 1. To get feature parity between `openat2(RESOLVE_IN_ROOT)` and our userspace emulated version,...