Release Notes for Alpine 3.15.0: Difference between revisions
(→Important changes: sudo deprecation notice) |
(→New features and noteworthy new packages: overlaytmpfsflags) |
||
Line 26: | Line 26: | ||
Complete support for [[UEFI Secure Boot]] realized by package {{pkg|secureboot-hook}} and {{pkg|efi-mkkeys}}. | Complete support for [[UEFI Secure Boot]] realized by package {{pkg|secureboot-hook}} and {{pkg|efi-mkkeys}}. | ||
=== Support overlaytimpfs mount options === | |||
It is now possible to use tmpfs(5) mount options with <code> overlaytmpfsflags</code>, when using <code>overlaytmpfs</code>, see mkinitfs-bootparams(7). Also, <code>rootflags</code> and <code>rootfstype</code> options are now picked up for the underlying rootfs mount. | |||
=== Support for out-of-tree kernel modules built from source === | === Support for out-of-tree kernel modules built from source === |
Revision as of 18:43, 19 November 2021
Important changes
New package signing keys
New signing keys have been generated for v3.15 ongoing. The key size has been increased from 2048 bits to 4096 bits. Make sure you have alpine-keys-2.4-r0
or later before upgrading to 3.15 (or downgrading from edge).
MIPS64 discontinued
The build hardware we use for building the packages is broken and the architecture is EOL, so there is no new hardware available anymore. As a consequence, there will be no v3.15 release for mips64, and existing releases can no longer receive security updates, so continued use of this architecture is not recommended.
radvd no longer enables ipv6 forwarding
The radvd init script no longer enables ipv6 forwarding. To enable ipv6 forwarding (necessary for most networks), add net.ipv6.conf.all.forwarding=1
to /etc/sysctl.conf or to a file in /etc/sysctl.d.
Move from sudo to doas
doas is the default temporary privilege escalation tool. You are advised to migrate from sudo to doas as 3.15 will be the last release to support sudo throughout its full lifecycle, in 3.16 sudo will be moved from main to community.
New features and noteworthy new packages
Compressed kernel modules
Kernel modules are now compressed using gzip.
UEFI Secure Boot
Complete support for UEFI Secure Boot realized by package secureboot-hook and efi-mkkeys.
Support overlaytimpfs mount options
It is now possible to use tmpfs(5) mount options with overlaytmpfsflags
, when using overlaytmpfs
, see mkinitfs-bootparams(7). Also, rootflags
and rootfstype
options are now picked up for the underlying rootfs mount.
Support for out-of-tree kernel modules built from source
Alpine Kernel Module Support (akms) – support for building out-of-tree Linux kernel modules from source in an automated and organized fashion. It’s like DKMS, but designed specifically for Alpine Linux.
PostgreSQL multiple major versions
PostgreSQL packaging has been reworked to allow multiple major versions of PostgreSQL server to be installed side by side. This makes it possible to allow to upgrade PostgreSQL cluster from one major version to the next using pg_upgrade
tool, and also to run an older major version of PostgreSQL on the latest version of Alpine Linux. The latest PostgreSQL version can be installed simply with apk add postgresql
as before. If you need an older major version, install the specific package, e.g. postgresql13. You can switch between installed major versions using command pg_versions
.
See #27275 for more information.
Rofi for Wayland
Rofi can now be used on Wayland desktops thanks to the fork rofi-wayland.
Encrypted Data Disk and System Disk modes
setup-disk
(alpine-conf) now supports encrypted Data Disk and System Disk modes.
Significant updates
5.15 LTS kernels
linux-lts and linux-virt upgraded to 5.15
Note: If you are using ZFS and depend on symlinks under /dev/zvol/ some are sporadically not created during boot, this is known upstream by OpenZFS and we track the issue here.
Ruby 3.0.2
Ruby has been upgraded to version 3.0.2.
Packages ruby-minitest, ruby-net-telnet, ruby-power_assert, ruby-sdbm, ruby-test-unit, ruby-xmlrpc, ruby-webrick has been moved from ruby aport to separate aports. Please note that since they don’t inherit the version from the ruby aport anymore, their new (real) version is lower than before!
Subpackages ruby-bigdecimal, ruby-etc, ruby-fiddle, ruby-gdbm, ruby-io-console, ruby-irb, and ruby-json have been merged into ruby-libs.
LLVM12 added
LLVM12 is now available.
KDE
KDE Plasma has been upgraded to version 5.23, and KDE Applications have been upgraded to 21.08. Plasma Mobile Gear has been upgraded to 21.10.
Node.js
Node.js (LTS) has been upgraded to version 16.13.0. nodejs-current has been upgraded to 17.0.1.
PHP
PHP 7.4 started to phase out (1 year of security support left). Transition to 8.0 is not finished yet as some app still require old version.
PostgreSQL 14
PostgreSQL has been upgraded to version 14.0. Since this release, multiple major versions are provided, currently: 12, 13, and 14.
Support for Just-in-time compilation (JIT) has been moved into subpackage postgresql-jit.
libpq is now built without LDAP support which reduces number of installed dependencies. Note that this does not affect the LDAP support in PostgreSQL server, it’s preserved.
Mercurial
mercurial has been upgraded to 5.9.3
Dlang build tools (DMD, DUB, LDC) have been updated
Both compilers have been updated to frontend version v2.098.0 (LDC equivalent: v1.28.0). Dub has been updated to v1.27.0. LDC now always uses `--export-dynamic` so that code compiled without debug infos (`-g`) will still have the function name in its stack trace.
OpenJDK 17 added
The latest OpenJDK LTS version (17) has been added to this release and is available via the community repository.
GNOME 41
Most GNOME packages have been upgraded to version 41.
Crystal
crystal has been upgraded to version 1.2.2.
Kea
kea has been upgraded to version 2.0.0.
OpenLDAP
openldap has been upgraded to version 2.6.0.
Rust
rust has been upgraded to version 1.56.1.
Significant removals
QtWebKit was removed due to lack of upstream support
qt5-qtwebkit, kdewebkit, wkhtmltopdf, and py3-pdfkit have been removed due to known vulnerabilities and lack of upstream support for qtwebkit. Other programs have been adjusted to use qt5-qtwebengine where appropriate. The most direct replacement for wkhtmltopdf is weasyprint, which is available in the Alpine Linux community repository. puppeteer and pandoc are also options, depending on your needs. See #12888 for more information.
PostgreSQL
postgresql-dev has been split into libpq-dev, libecpg-dev, and postgresql-dev
(this is provided by postgresql14-dev, postgresql13-dev etc.). Basically, only PostgreSQL extensions should use postgresql-dev in makedepends
; all other aports should use libpq-dev and/or libecpg-dev (there are some exceptions though).
PostgreSQL extensions (typically packages with postgresql-
prefix) should use postgresql-dev in makedepends
– this will install the latest postgresql<majorver>-dev
package, unless there’s a dependency on a specific postgresql version in the dependency graph (which shouldn’t be).
Each aport providing a PostgreSQL extension must explicitly depend on specific postgresql<majorver>
package, not postgresql
provider. This should be solved by adding the following into the package
function (!) in each aport that provides PostgreSQL extension:
depends="postgresql$(pg_config --major-version)"