[SRU] packaged version should not check for latest release

@r0lf agreed, patches welcome.

patch this file https://github.com/kapitainsky/RcloneBrowser/blob/master/src/main_window.cpp

Thank you. I don't speak C++ but given your guidance, I guess I'd simply drop lines 583 to 597 and be done with it for Ubuntu (obviously not applicable to upstream). Does that sound about right? Given your confirmation, I'd be happy to prepare and propose such a change.

https://github.com/kapitainsky/RcloneBrowser/blob/master/src/main_window.cpp#L583-L597

I can confirm that this debdiff does the trick for me on noble

I posted this in Matrix yesterday (didn't have my Launchpad login handy):

Thank you for doing this and I completely agree - I’ve sought fixes for similar issues myself. It looks like this will drop the notice but presumably there’s still an issue with a privacy leak while the tool “phones home” that needs removing too?

Also the patch should be sent to Debian but as time is short an Ubuntu delta in the meantime seems appropriate.

It looks like the phone home behaviour is configurable, and defaults to "true" in src/preferences_dialog.cpp:

ui.checkRcloneBrowserUpdates->setChecked(
      settings->value("Settings/checkRcloneBrowserUpdates", true).toBool());
ui.checkRcloneUpdates->setChecked(
      settings->value("Settings/checkRcloneUpdates", true).toBool());

I think that:

1) We could change those to false, and that would mean that the behaviour is disabled by default, which is appropriate for distribution packaging.

2) It might be appropriate to disable those settings entirely, since for a distribution package, "checking" for updates makes no sense as it should happen by apt instead, and the user choosing to install a distribution package using apt is deliberately opting in to apt-based package update management.

Does the attached patch work? I wrote it without any testing to demonstrate how I think this would best be fixed. It should: 1) make it impossible to enable this behaviour; 2) always treat the phone home "setting" as "never phone home".

I'm not sure we have enough time to get this into Plucky, unfortunately, but at least it can be properly fixed for the future.

Note: I don't consider this patch ready for upload without actual testing. I don't intend to do that testing myself.

Patch updated.

I didn't specify that the patch is against Plucky. I agree that this should be SRU'd to Noble, but that needs to come later.

I filed a bug against the package in Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102487

Thank you Robie, for taking the ball and bringing it further. I agree with what you said and am certainly to help with testing. I am currently travelling but will try to come back to this ticket soon.

Unfortunately, this will now require an SRU to proceed since Plucky has been released.

The upstream report has now been accepted and released in Debian. Given we have no delta with Debian, this should sync to Ubuntu fairly soon after which the SRUs can start being sponsored. I'm leaving ubuntu-sponsors subscribed for now as I don't see any other impediment to sponsorship, and as stated I hope the sync should happen relatively quickly.

The package has synced:

rclone-browser (1.8.0-6) unstable; urgency=medium

  * Team upload (package under salsa debian namespace)
  * Fix privacy leak (Closes: #1102487)

 -- Eduardo Trápani <email address hidden> Fri, 25 Apr 2025 17:47:06 -0300

Okay, this appears fixed in questing; marking accordingly. Will review the uploads for SRU next.

I'm tempted to go with Robie's solution here rather than the uploads prepared earlier as it's a bit less invasive. However, I do want to test the fix works first. Will do a quick build locally and prep the uploads if it works...

Robie's fix seems to work nicely -- applying SRU template and sponsoring for noble, oracular, and plucky

Hello Rolf, or anyone else affected,

Accepted rclone-browser into plucky-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/rclone-browser/1.8.0-5ubuntu0.25.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-plucky to verification-done-plucky. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-plucky. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Rolf, or anyone else affected,

Accepted rclone-browser into oracular-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/rclone-browser/1.8.0-5ubuntu0.24.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-oracular to verification-done-oracular. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-oracular. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.