From 729087821785cfc4923a14a7aed633850119b723 Mon Sep 17 00:00:00 2001 From: sommerfeld Date: Wed, 13 May 2026 13:43:24 +0100 Subject: feat(browser): migrate librewolf to flatpak for host-isolation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Move LibreWolf from native librewolf-bin to Flathub io.gitlab.librewolf-community. Bubblewrap isolates the browser from $HOME (\\.ssh, password-store, gnupg, ssh-agent socket) at the cost of namespace chroot + IPC/network namespace isolation between content processes (mozilla bug 1756236, P3, considered defense-in-depth). seccomp-bpf — the dominant sandbox layer — is preserved. - meta/flatpak.txt: + io.gitlab.librewolf-community - meta/browser.txt: - librewolf-bin - run_onchange_after_deploy-firefox.sh.tmpl: profile path moves to ~/.var/app/io.gitlab.librewolf-community/.librewolf - dot_config/mimeapps.list: librewolf.desktop -> flatpak app id - dot_local/bin/executable_linkhandler: flatpak run wrapper - README.md: blurb + new profile path arkenfox-user.js + chezmoi user-overrides.js deploy keep working unchanged because the flatpak profile is still on the host fs. --- dot_config/mimeapps.list | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) (limited to 'dot_config/mimeapps.list') diff --git a/dot_config/mimeapps.list b/dot_config/mimeapps.list index 316e3d9..70143e9 100644 --- a/dot_config/mimeapps.list +++ b/dot_config/mimeapps.list @@ -63,7 +63,7 @@ image/x-nikon-nef=imv.desktop image/jpeg=imv.desktop image/png=imv.desktop image/gif=mpv.desktop -image/svg+xml=librewolf.desktop +image/svg+xml=io.gitlab.librewolf-community.desktop text/markdown=org.kde.okular.desktop text/plain=nvim.desktop text/x-python=nvim.desktop @@ -77,16 +77,16 @@ application/rss+xml=rss.desktop x-scheme-handler/magnet=transmission.desktop x-scheme-handler/mailto=userapp-Thunderbird-CJ20N3.desktop application/msword-template=xdot.desktop -x-scheme-handler/http=librewolf.desktop -x-scheme-handler/https=librewolf.desktop -x-scheme-handler/chrome=librewolf.desktop -text/html=librewolf.desktop -application/x-extension-htm=librewolf.desktop -application/x-extension-html=librewolf.desktop -application/x-extension-shtml=librewolf.desktop -application/xhtml+xml=librewolf.desktop -application/x-extension-xhtml=librewolf.desktop -application/x-extension-xht=librewolf.desktop +x-scheme-handler/http=io.gitlab.librewolf-community.desktop +x-scheme-handler/https=io.gitlab.librewolf-community.desktop +x-scheme-handler/chrome=io.gitlab.librewolf-community.desktop +text/html=io.gitlab.librewolf-community.desktop +application/x-extension-htm=io.gitlab.librewolf-community.desktop +application/x-extension-html=io.gitlab.librewolf-community.desktop +application/x-extension-shtml=io.gitlab.librewolf-community.desktop +application/xhtml+xml=io.gitlab.librewolf-community.desktop +application/x-extension-xhtml=io.gitlab.librewolf-community.desktop +application/x-extension-xht=io.gitlab.librewolf-community.desktop message/rfc822=userapp-Thunderbird-CJ20N3.desktop x-scheme-handler/mid=userapp-Thunderbird-CJ20N3.desktop x-scheme-handler/webcal=userapp-Thunderbird-1BJ3N3.desktop @@ -95,16 +95,16 @@ application/x-extension-ics=userapp-Thunderbird-1BJ3N3.desktop x-scheme-handler/webcals=userapp-Thunderbird-1BJ3N3.desktop [Added Associations] -x-scheme-handler/http=librewolf.desktop; -x-scheme-handler/https=librewolf.desktop; -x-scheme-handler/chrome=librewolf.desktop; -text/html=librewolf.desktop; -application/x-extension-htm=librewolf.desktop; -application/x-extension-html=librewolf.desktop; -application/x-extension-shtml=librewolf.desktop; -application/xhtml+xml=librewolf.desktop; -application/x-extension-xhtml=librewolf.desktop; -application/x-extension-xht=librewolf.desktop; +x-scheme-handler/http=io.gitlab.librewolf-community.desktop; +x-scheme-handler/https=io.gitlab.librewolf-community.desktop; +x-scheme-handler/chrome=io.gitlab.librewolf-community.desktop; +text/html=io.gitlab.librewolf-community.desktop; +application/x-extension-htm=io.gitlab.librewolf-community.desktop; +application/x-extension-html=io.gitlab.librewolf-community.desktop; +application/x-extension-shtml=io.gitlab.librewolf-community.desktop; +application/xhtml+xml=io.gitlab.librewolf-community.desktop; +application/x-extension-xhtml=io.gitlab.librewolf-community.desktop; +application/x-extension-xht=io.gitlab.librewolf-community.desktop; x-scheme-handler/mailto=userapp-Thunderbird-CJ20N3.desktop; x-scheme-handler/mid=userapp-Thunderbird-CJ20N3.desktop; x-scheme-handler/webcal=userapp-Thunderbird-1BJ3N3.desktop; -- cgit v1.3.1