canoeboot-mirror/cbwww
1
0
Fork 0
mirror of https://codeberg.org/canoeboot/cbwww.git synced 2025-07-04 04:27:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
cbwww/site/news/canoeboot2506.md
Leah Rowe 8606571920 remove errant pic 
Signed-off-by: Leah Rowe <leah@libreboot.org>
2025-07-03 09:50:58 +01:00

1421 lines
75 KiB
Markdown
Raw Permalink Blame History

% Canoeboot 25.06 "Onerous Olive" released!
% Leah Rowe
% 30 June 2025
A corresponding [Libreboot 25.06](https://libreboot.org/news/libreboot2506.html)
release is also available.
There *was* a Canoeboot 25.04 release in April 2025, but that is retroactively
regarded as an RC of 25.06. The original 25.06 release announcement showed
changes since 25.04, but the changelog is now relative to December 2024.
This reflects the [revised release schedule](revisions.md). It means that the
changelog is much bigger, and also includes the changes that went in
Canoeboot 25.04.
Today's Canoeboot 25.06 revision is a *stable release*, whereas the previous
stable release was Canoeboot 20241207. This revised release log lists all
changes as of today, 30 June 2025, since the Canoeboot 20241207 release of
December 2024.
<img tabindex=1 class="r" src="https://av.canoeboot.org/t60logo.jpg" /><span class="f"><img src="https://av.canoeboot.org/t60logo.jpg" /></span>
Open source BIOS/UEFI firmware
----------------------------
Canoeboot is a free/open source BIOS/UEFI replacement on x86 and ARM, providing
boot firmware that initialises the hardware in your computer, to then load an
operating system (e.g. Linux/BSD). It is specifically
a *[coreboot distribution](../docs/maintain/)*,
in the same way that Debian is a Linux distribution. It provides an automated
build system to produce coreboot ROM images with a variety of payloads such as
GRUB or SeaBIOS, with regular well-tested releases to make coreboot as easy
to use as possible for non-technical users. From a project management perspective,
this works in *exactly* the same way as a Linux distro, providing a source-based
package manager (called lbmk) which patches sources and compiles coreboot images.
It makes use of [coreboot](https://www.coreboot.org/) for hardware initialisation,
and then a payload such as [SeaBIOS](https://www.seabios.org/SeaBIOS)
or GRUB to boot your operating
system; on ARM(chromebooks) and certain x86 mainboards, we provide *U-Boot* (as
a coreboot payload), which provides a lightweight UEFI implementation..
Sumarised list of changes
-------------------------
This section provides a brief overview, summarising all of the changes. The
next sections (after this) show *all* changes in detail.
The most important changes are, thus:
New mainboards:
* Acer Q45T-AM support added (similar to G43T-AM3 mainboard)
* Dell Latitude E5420, E5520, E5530, E6220, E6230, E6320, E6330, E6420, E6430,
E6520, E6530
* Dell OptiPlex 7010 SFF, 9020 SFF, 9020 MT
* HP Elite 8200 SFF, 8300 CMT, 8300 USDT
* Dell Precision T1650
* ThinkPad T420, T420s, T430, T440p, T520, T530, W530, W541, X220, X230, X230T
Revision updates:
* GRUB, SeaBIOS, Untitled, flashprog, U-Boot, uefitool have all been updated
to newer revisions, from ~April 2025.
Security:
* GRUB has has *a lot* of security fixes applied to it from upstream, including
a very large series of *73* major security fixes, and a few minor tweaks
after the fact.
* Globbing issues fixed in the Canoeboot build system, cbmk. Better error
handling in general.
Feature changes:
* Better, more reliable caching of Git repositories and files during download.
Re-builds of sources make better use of local caching, instead of downloading
from scratch every time (e.g. coreboot and GRUB sources).
* Non-root USB hub support added to GRUB, for xHCI devices
* GRUB: better LVM scanning, for auto-boot especially with encrypted `/boot/`;
Linux distros are easier to handle, in general.
* Better MAC address handling, on IFD-based systems. Insertion of MAC addresses
is done by default, randomised by default, unless overridden by the user.
Config changes:
* Removed unnecessary sources by default, to make source archives smaller. Only
the sources needed to build the binaries are included, in many cases.
* Updated various dependencies configs, for installing build dependencies in
various Linux distros (for the `./build dependencies` command which installs
them in your distro).
Bug fixes:
* Better checksum verification for project files, when deciding whether to
re-build a given upstream source.
* General build system fixes, making the build process more reliable, with
much stricter error handling (and some false error conditions have also been
removed).
* GRUB payload: Mark E820 reserved for cbmem, which means that you no longer
need `iomem=relaxed` (kernel option) at boot time, to access the cbmem console.
* Use `x` instead of `?` in nvmutil, as a character for randomness in MAC
addresses, to work around a design quirk in ZSH.
* Where files are operated on post-build, e.g. coreboot images, more strictly
operate on them first, erroring out more reliably when a fault occurs; prevent
bad files from being copied to final build destinations. This reduces the
chance of bad/corrupt build artifacts being present in release builds.
This, and more, has all been done. There was also a general focus on heavily
auditing the build system, cbmk, so as to clean up the code. The amount of
overall code in lbmk was *reduced*, without removing functionality.
These next sections will repeat many of the above items, but in more detail.
Detailed list of changes
-------------------------
### Board support
This board, which was also added in Canoeboot 25.04, is available
in Canoeboot 25.06:
* Acer Q45T-AM support added (similar to G43T-AM3 mainboard)
The following boards have been added since the Canoeboot 25.04 release:
* Dell OptiPlex 7010 SFF desktop
* Dell OptiPlex 9020 SFF desktop
* Dell OptiPlex 9020 MT desktop
* Dell Latitude E5420 laptop
* Dell Latitude E5520 laptop
* Dell Latitude E5530 laptop
* Dell Latitude E6220 laptop
* Dell Latitude E6230 laptop
* Dell Latitude E6320 laptop
* Dell Latitude E6330 laptop
* Dell Latitude E6420 laptop
* Dell Latitude E6430 laptop
* Dell Latitude E6520 laptop
* Dell Latitude E6530 laptop
* HP Elite 8200 SFF desktop
* HP Elite 8300 CMT desktop
* HP Elite 8300 USDT desktop
* Dell Precision T1650 desktop
* Lenovo ThinkPad T420 laptop
* Lenovo ThinkPad T420s laptop
* Lenovo ThinkPad T430 laptop
* Lenovo ThinkPad T440p laptop
* Lenovo ThinkPad T520 laptop
* Lenovo ThinkPad T530 laptop
* Lenovo ThinkPad W530 laptop
* Lenovo ThinkPad W541 laptop
* Lenovo ThinkPad X220 laptop
* Lenovo ThinkPad X230 laptop
* Lenovo ThinkPad X230T laptop
These newer boards also happen to work just fine without microcode updates,
which is great since Canoeboot doesn't provide such updates at all.
The priority for the first half of 2025 has been on further auditing the
Canoeboot build system, so fewer board ports were added. More board ports
will be added instead in the December 2025 release (a lot more).
These boards use Intel ME, and they're inherited from Libreboot; in Canoeboot,
we tell the user to avoid re-flashing the original Intel ME, but still
disable the ME after early bringup, using a specially modified Intel
Flash Descriptor that sets the altMeDisable (HAP) bit - additionally, we
use Soft Temporary ME Disable in coreboot.
The flash is divided into regions:
* Intel Flash Descriptor (data configuring the hardware, including regions)
* Intel GbE region (gigabit ethernet config)
* Intel ME
* BIOS region
Canoeboot flashes all of these, *except* Intel ME. The ME region is skipped.
Canoeboot *itself* doesn't distribute Intel ME at all. You simply skip re-flashing
the one you already have, while disabling it during early boot time by setting
the HAP bit.
This is functionally equivalent to running `me_cleaner`, in that only the
ROMP and BUP modules are executed; the ME initialises itself but then shuts
down, during early boot. Using `me_cleaner` itself cannot be done in Canoeboot,
because that would mean either distributing (directly or indirectly) or
otherwise handling `me.bin`, which would go against Canoeboot policy.
Therefore, when installing Canoeboot on these newer machines, you can flash
just the BIOS region of the flash, and the IFD/GbE regions. In this way,
Canoeboot still provides a fully free coreboot distro on these machines.
This differs greatly from the Libreboot implementation, which downloads an
Intel ME at build time, shrinks it using mecleaner, and shrinks the ME region,
enlarging the BIOS region; as a result, Libreboot can build full images, where
all of the flash can be reprogrammed without issue.
This is because of differences in Libreboot and Canoeboot policies, which you
can learn by reading their policies:
* [Libreboot Binary Blob Reduction Policy](https://libreboot.org/news/policy.html)
* [Canoeboot Binary Blob Extermination Policy](policy.md)
Canoeboot provides more information about this in the [following
guide](../docs/install/ivy_has_common.md), which is also referenced in
the new Canoeboot installation instructions for these machines.
This change has been made, so as to expand the hardware support by Canoeboot,
while still complying with its zero-blob policy. Canoeboot *remains* a
fully *free software* coreboot distribution.
The HP EliteBook laptops (from Libreboot) were not added yet, because they
use EC firmware in-flash, and a reliable method to re-use what's there at
the factory has not yet been implemented, but I have successfully determined
that HP EliteBooks are also feasible, so these will be added in a future
Canoeboot release, most likely the Canoeboot 25.12 release planned for
December 2025.
### Revision updates
In descending order from latest changes to earliest changes:
* GRUB: Update to revision 73d1c959e (14 March 2025)
* Bump SeaBIOS to to rev 9029a010, 4 March 2025
* Updated Untitled to newer LBSSG repository.
* Bump flashprog to rev e060018 (1 March 2025)
* Bump U-Boot on ARM64 boards to U-Boot v2025.04. Patching courtesy of
Alper Nebi Yasak.
* Merged coreboot/next with coreboot/default
* Bump coreboot/next to rev c247f62749b as of 20 April 2025
* Bump coreboot/default to rev c247f62749b as of 20 April 2025
* Bump flashprog to revision eb2c041 (14 Nov 2024).
The GRUB revision includes a number of critical CVE fixes, and regression
fixes, that were also included in Libreboot 20241206 rev11. Some later fixes
are also present, such as wiping LUKS keys from memory after successfully
booting Linux (Linux handles LUKS itself, and starts the process again).
The NASM version was updated to version 2.16.03 on coreboot/fam15h, to prevent
build errors, instead of fixing the old NASM 2.14.02. Tested on Debian Sid
Experimental, with GCC15-based toolchain, and on Fedora 42.
PICO support: Reverted to the old pico serprog/sdk repositories used
in Libreboot 20240612. This is temporary, because pico2 support is currently
broken, so this release only has pico1 support, when dealing with Rpi Pico
devices. Upstream pico-serprog works fine on pico2, so this will be fixed
in and re-updated again in a future revision release. The pico2 update images
were retroactively removed from the 20241206 release on rsync.
A patch from upstream was backported to the old pico-sdk version, so that it
builds correctly on newer GCC15 (tested on Debian Sid with "Experimental"
packages enabled).
### Licensing
* Added SPDX license headers to almost every configuration file in cbmk.
### Security
These can be considered bug fixes, but these are special fixes that are of
massive concern to users.
* This GRUB change was merged, in the aforementioned revision
update: `dbc0eb5bd disk/cryptodisk: Wipe the passphrase from memory` - this
wipes the LUKS key from memory, after GRUB exits, where one was created
by GRUB while unlocking a given volume.
* Merged *73* critical CVE fixes into the GNU GRUB source code, from upstream.
* Stricter use of pledge and unveil in the nvmutil source code.
* *Much* safer `./mk inject`. It used to be that the tarballs were extracted
and files inserted into the extracted images, but the tarballs were left
unmodified; many users thought then that they should extract the tarball
and flash that, which lead to bricks. And it was easy to flash uninjected
images, where files (e.g. Intel ME) are needed, so now ROM images are padded
by one byte, to prevent flashing, and the user is strongly reminded to
inject files first; upon running the `./mk inject` commands, these images
are then safe to flash.
* Fix globbing issues in lbmk by double-quoting variables everywhere, and
generally making sure that certain characters are escaped properly when
necessary. To reduce the chance of bad commands being run by mistake or
intentionally.
* Removed auto-confirm on `./mk dependencies` commands, to mitigate the risk
of a buggy package manager on the user's distro possibly removing many
packages. Now the user must confirm their choice, e.g. when a conflict
occurs, instead of the package manager already deciding for the user.
### Feature changes
In descending order from latest changes to earliest changes:
* `init.sh`: looser `XBMK_THREADS` validation; correct it on child instances,
if it's not set, or set incorrectly.
* `get.sh`: use subshells on `try_` functions, wrapped in an error handler
so as to provide more verbose output under fault conditions. This makes it
easier to debug when a download fails.
* `git.sh`: Re-implement redundant git downloads, more reliably than before; all
repositories are now cached, reliably, including submodules, even when upstream
repo links differ wildly. This reduces the amount of internet bandwidth used,
when handling multiple builds.
* `release.sh`: build in tmp directory first, leaving old files behind under
fault conditions, for further analysis
* `inject.sh`: re-add mac address confirmation, for user-friendliness, when
running the inject commands.
* `init.sh`: Resolve `XBMK_CACHE` via readlink
* `init.sh`: Use `readlink` in `pybin()`, with realpath only as fallback. This
makes the function more redundant, working on more systems by default.
* `lib.sh`: support any command on `find_exec()` (later renamed); this is a
generic function, that implements a while loop for a given set of files,
based on the output a command that generates those paths. This is operated
on by a function, defined when calling find\_exec. This unifies all use of
while loops on lists of files and directories, throughout xbmk, rather
than re-implementing the for/while loops each time.
* `inject.sh`: simplify kconfig scanning by using the `fe_` with a new
function, `scankconfig()`. This new function checks *all* coreboot configs
for a given target, whereas the old behaviour only resulted in the *first*
config being checked. In practise, this causes no real behaviour changes.
* `rom.sh`: Print the rom image path being generated
* `lib.sh`: Add warning if x_ is called without args
* `init.sh`: More verbose error info, on non-zero exits.
* `util/nvmutil`: Within each 4KB part, only handle 4KB, even if the block
size is bigger. This means using less memory, and modification of anything
past 4KB is not required.
* `util/nvmutil`: Support 16KB and 128KB GbE files, in addition to the
usual 8KB files. The size is based on the block size of the flash you use.
* Added non-root USB3 hub support to GRUB on the xHCI implementation, courtesy
of a patch from Nitrokey.
* GRUB: Scan LUKS inside *every* LVM, to support the uncommon use case where
LUKS is inside LVM, instead of LVM inside LUKS. It is theoretically possible,
even if ill advised.
* GRUB: Scan *every* LVM device, where available, as a fallback at boot time
when all else fails.
* Release ROMs prefixed with a "DO NOT FLASH" warning and padded by one byte,
where vendor files are required. The `./mk inject` commands remove this
prefix/padding, after vendor files are inserted and checksums verified.
* Better detecting of whether vendor files are needed, and confirmation to
the user while running `./mk inject` commands.
* Allow restoring the default MAC address on `./mk inject` commands, by using
the `setmac restore` arguments.
* Randomise the MAC address by default, where applicable, when running
the `./mk inject` commands, because lots of users previously flashed without
changing it, so lots of users had generic MAC addresses.
The `setmac keep` argument prevents this from happening, where desired.
* `include/vendor.sh`: More user-friendly debug messages, for the user to
know what's going on.
* `util/nvmutil`: Add uninstall command to the Makefile
* `util/nvmutil`: Add distclean command to the Makefile
* `util/nvmutil`: Nicer hexdump display, similar to `hexdump -C`.
* Support a `re` argument in `./mk dependencies` Fedora commands, for
re-installation of packages as desired.
* Support `--reinstall` in the `./mk dependencies debian` command, when the
user wants to re-install dependencies.
* Put temporary `PATH` directory in the normal `XBMK_CACHE` directory, and
clear it whenever a new parent instance of the build system is executed.
This is used for the GCC/GNAT matched symlinks, for example, or the python
symlink created at startup.
* Pico 2 support briefly added, but was a bit buggy for now, so it's removed
in this release, and was retroactively removed in rsync for the
Libreboot 20241206 release; this will be re-added in a future release.
* Added GRUB-first payload setups as an option, but not enabled by default.
The user can add `payload_grubsea="y"` in the `target.cfg` file for a given
mainboard.
* Insert GRUB backgrounds in CBFS instead of GRUB memdisk, which makes
GRUB background images easier to replace.
### Configuration changes
<img tabindex=1 class="r" src="https://av.libreboot.org/rpi_pico/soic16_x200.webp" /><span class="f"><img src="https://av.libreboot.org/rpi_pico/soic16_x200.webp" /></span>
In descending order from the latest changes to the earliest changes:
* ifd/hp8300usdt: set the HAP bit by default; it was previously not set, but
the `me_cleaner` config was nonetheless used, and ME Soft Temporary Disable
was also used. As a result, this change is basically redundant, but otherwise
technically correct (more so than the previous behaviour).
* coreboot: Remove unused vboot tests (futility tests), to shrink the size of
release tarballs.
* `dependencies/debian`: add `libx86`
* A GRUB configuration change was made, fixing auto-scanning of LVMs when
doing cryptomount.
* Added `gnutls-devel` to Fedora 41 dependencies.
* Added `libx86` to Arch dependencies, needed for the `int` utility.
* Added `less` to Arch dependencies, because it's needed for certain commands
e.g. git commands.
* GRUB: Use the codeberg mirror first, to mitigate GNU mirrors often being
slow or rate limited, e.g. for gnulib downloads.
* fedora41/dependencies: add libuuid-devel
* Added `uuid-devel` to fedora41 dependencies
* flashprog: Disable `-Werror` to prevent minor warnings being treated as errors.
### Bug fixes
<img tabindex=1 class="r" src="https://av.libreboot.org/rpi/wson8/0003.jpg" /><span class="f"><img src="https://av.libreboot.org/rpi/wson8/0003.jpg" /></span>
This combines both build system fixes, and changes to upstream sources (e.g.
coreboot and various payloads like SeaBIOS/GRUB, utilities like flashprog, and
so on).
The following bug fixes have been merged (in descending order from the latest
changes to the earliest changes):
* `tree.sh`: add sha512 error for `check_project_hashes()`. Handle errors
in `sha512sum` and `awk`; also check that `project.hash` exists and error
out if it doesn't, when checking a given project hash. We know that the
project hash file should always exist, and always be read; technically,
find might not yield results, but then an empty file would be produced.
the empty file edge-case scenario would already have resulted in an error
exit inside `configure_project()`, so that's already covered.
* `tree.sh`: add error checking in `check_project_hashes()`, when reading
the `old_pjhash` variable; we need to error out where a read error occurs.
such an error is extremely unlikely, so this fix is largely theoretical and
preventative.
* `tree.sh`: more reliable clean in `run_make_command()`; don't do a no-op if
it fails, instead fall back to the `clean` method, and throw an error
if *that* fails. The no-op existed because not all projects have distclean,
but we always intend for them to be cleaned. This therefore prevents
further unhandled error conditions, in such edge cases.
* put coreboot utils in `elf/coreboot/TREE`, to prevent old binaries from
still being used when a code change is made.
* `release.sh`: use printf to create version files, instead of copying the
version files, because they don't exist in some cases, so this prevents
an error condition.
* `init.sh`: error out if .git/ is a symlink; this is a preventative bug fix,
to prevent future unknown bugs in such a scenario.
* `get.sh`: Properly error out if `tmpclone()` fails, where it previously
failed to throw an error under certain fault conditions.
* `tree.sh`: Don't auto-run make-oldconfig; it now must be applied permanently,
via e.g. `./mk -u` commands. Otherwise, undesirable changes can sometimes
be made during build time, especially on projects that don't use scons
quite as reliably, as in the U-Boot build system.
* `get.sh`: re-generate remotes every time, on cached Git repositories, so
that configuration changes in `config/git/` are automatically applied when
dealing with multiple versions of a given upstream project.
* `release.sh`: copy version files to `rsrc` (release source directory),
otherwise an `unknown` version number is erroneously created. This fixes
a regression caused by previous optimisation to `init.sh`
* xbmk: add fake config makefile args to `flashprog`, and `pcsx-redux`, to
prevent `./mk -u` (without additional arguments) from erroneously exiting
with error status. otherwise, an error can occur in such conditions if
a Makefile has not yet been created.
* `rom.sh`: skip running `copyps1bios()` on dry builds, otherwise
running `./mk -d` without argument will cause an error.
* `tree.sh`: Don't run make-clean on dry runs (`./mk -d`), to prevent error
conditions while building GRUB, if `./mk -d` is passed without additional
argument, since the latter requiires running autoconf to get a Makefile in
the GRUB build system.
* `get.sh`: add missing check in `fetch_project()`; we were checking the
main URL on a download, but not the backup URL.
* `get.sh`: stricter URL check in `xbmkget()`; throw an error if a URL is
empty, rather than skipping to the next. If a URL is set but fails, then
falling back to the next is OK (or throw an error if the backup is set,
and also failed).
* `get.sh`: Make `xbmkget` always throw an error upon exiting the loop check;
it was previously throwing an error if the for loop returned with zero status.
Depending on the sh implementation, or changes made in the future, this could
cause unpredictable buggy behaviour. Therefore, the error exit is much
stricter now, and less ambiguous, to prevent future bugs, because it is
imperative that execution must never continue under fault conditions. If a
file or repository is successfully handled, a return (zero) occurs, otherwise
the loop exits and a non-zero exit occurs.
* `tree.sh`: fix up `copy_elf()`, or specifically fix a bad `for` loop,
because shorthand conditionals are used and the way they were used can be
buggy on some sh implementations, so they are terminated more explicitly.
* xbmk: stricter handling of files on while loops, to prevent instances where
execution continues under fault conditions. This prevents other, less
predictable bugs in the future.
* `init.sh`: Hardcode `XBMK_CACHE` for integrity; this is a bug fix, because
there's too much that can be wrong with this being configurable, so now it
is hardcoded at runtime. It was never intended to be configurable anyway.
* `init.sh`: check/validate version/versiondate once read, in child instances
of xbmk, to further verify that they were previously set, and set correctly.
This is theoretically a preventative bug fix.
* `init.sh`: force an error condition if the xbmk version was not read. This
prevents further erroneous state within xbmk.
* `init.sh`: check the `lock` file BEFORE `git init`, to prevent erroneous
initialisation while another xbmk parent instance is running.
* `init.sh`: return from xbmk child instances in `set_env()` instead. This is
easier than the previous check, preventing the initialisation of a git repo
and/or recreation of xbmktmp and xbmklocal by erroneoues parent executions
of xbmk while another parent is running - the latter of which could have
caused a massively unpredictable build failure, so this is also a
preemptive bug fix, fixing and preventing all kinds of weird unknown bugs.
* `release.sh`: don't move `src/docs/` to `docs/` inside release archives,
because otherwise `./mk -b` will fail, inside release archives.
* `get.sh` submodules: Don't delete files recursively. Use `rm -R` instead
of `rm -Rf`, on files.
* `git.sh`: Only create destination repo on success; don't leave a broken cache
laying around, which would otherwise break the build system under certain
conditions.
* `release.sh`: removed an unnecessary `src_dirname` variable
* `release.sh`: delete tmp/cache from release tarballs
* `inject.sh`: Remove confusing path on tar creation; that is, don't print said
path, because temporary paths are printed during this, when creating tarballs.
In this file, the correct path is printed at the end of the process, when
handling an images tarball.
* `tree.sh`: only create elfdir in `copy_elf()`, to prevent empty directories
being created where a project provides `build.list`, but where no actual
configs are being built on a given target name.
* `mk`: add missing error handli for `mk -f` (when doing releases)
* `git.sh`: hard fail if git am fails (regression fix)
* `git.sh`: Hard fail if reset fails; allowing re-try when cloning fails, but
the reset-fail scenario didn't cause any exit at all. This is fixed now.
* `init.sh`: Only check `XBMK_CACHE` if it exists
* `grub.cfg`: fix trying to boot all logical volumes after unlocking an encrypted
volume; this makes booting LVMs more reliable, on encrypted boot setups.
* `init.sh`: also allow `XBMK_RELEASE=Y` or `=N`, not just `n` and `y`,
because some people use uppercase here. This is considered a bug fix, but
could just as easily have been in the features section.
* `init.sh`: check `XBMK_CACHE` is a directory instead of a file.
* `init.sh`: run `set_version` *before* `set_env`, to prevent a future situation
where the version is not set correctly. In general, the version should always
be set as early as poessible when running xbmk.
* `lib.sh`: re-add missing break in fe/fx\_, that caused improper exits (or non
exits) in some cases.
* `singletree/elfcheck`: use `fx_`, not `fe_`; this is a less strict test, to
prevent certain errors under specific edge-case conditions.
* `rom.sh`: Safer `cprom()`; don't insert special files like GRUB keymaps AFTER
copying the system ROM to the final destination; do it BEFORE, instead, to
ensure that bad images aren't left in place under fault conditions.
* `rom.sh`: specifically check keymaps in `cprom()`; it previously checked
whether a setup is *not* seauboot, which was valid, but future conditionals
would break this check. the code has been changed in advance, to prevent bugs
in a future revision of xbmk.
* `mk`: Fix bad error handling for `gnu_setver`; I accidentally mixed and/or in
a shorthand conditional statement, which leads to buggy behaviour in various
implementations of sh.
* GRUB: Mark E820 reserved on coreboot memory, to fix cbmem when running
with strict `/dev/mem` access; otherwise, restrictions on access to memory
below 1MB will cause an error when trying to access the cbmem console.
* `lib.sh`: set `-u -e` in `err()` in case they were set `+u +e` in other parts
of xbmk.
* `init.sh`: Silence the output of git config --global
* `init.sh`: Run git name/email check before init; otherwise, it returns if
init is already done, which could lead to an error later when building
coreboot.
* `lib.sh`: stricter `xbmk_err` check in `err()`
* `lib.sh`: simplify err-not-set handling
* `lib.sh` err: add missing redirect to stderr
* xbmk: MUCH safer `err` function; make it an actual function, instead of
a variable. Initially, this function was made to then check a variable,
that refers to a function, and a fallback was provided for non-zero exit
in case the pointed function didn't, but it was later made to be just a
simple function that exits with a message. Code equals bugs, so fewer lines
of code will yield fewer bugs.
* `lib.sh`: Make x_ err if first arg is empty; this is a preventative bug fix,
to make the build system still exit under such conditions, but it would
result in an empty error message.
* `lib.sh`: Make err_ always exit no matter what; this is a preventative bug
fix, just making the exit stricter in all cases.
* `mk`: re-make gnupath/ after handling crossgcc, rather than deleting files
within. This makes the creation of it more reliable.
* `mk`: re-make gnupath/ for each cross compiler, to ensure that no stagnant
build artifacts are re-used
* `inject.sh`: Stricter TBFW handling; don't copy it until it has been
properly padded to the correct size.
* `init.sh`: *Re-create* tmpdirs on parent instance, to ensure that they are
not cluttered with old files that might cause weird bugs in the future; this
is a preventative bug fix.
* `init.sh`: Always create xbmklocal, to prevent errors in the case when it
isn't created automatically in certain child instances, like when running
a *release* copy of the build system, during release builds.
* `lib.sh`: Fix bad touch command
* `inject.sh`: always re-build nvmutil, so that changes to it are automatically
re-applied when running the build system again. (and only build it once,
for a given instance of xbmk)
* `util/nvmutil`: use `x`, not `?`, for random characters, while still
supporting `?` for backwards compatibility. This is because ZSH errors out
when providing the old characters, in some setups. Use of `x` is more
reliable, across several implementations of sh, e.g. `xx:xx:xx:xx:xx:xx`
would be a full random MAC address.
* `lib.sh` find\_ex: explicitly create the tmp file, to prevent errors, which
were nonetheless unlikely to begin with.
* `init.sh`: Explicitly create the xbmktmp directory (make sure to do this
when creating this which is a temporary directory).
* `lib.sh`: add fe_ which is fx_ but err on find
* xbmk: unified execution on `find` commands. Handle it with a new special
function that is common across the build system.
* `mk`: Download vendorfiles before building release, to mitigate intermittent
internet connectivity during release builds, otherwise a release build could
fail. This way, all downloads are done simultaneously, since downloads are
the fastest part, even on a crap internet connection.
* Revert AHCI reset patch for SeaBIOS, which caused AHCI not to work in SeaBIOS
on the 25.04 release; the latter was also revised, to fix this. SeaBIOS has
since added a new release, which includes a fix that delays AHCI reset, to
mitigate in cases where the controller isn't ready sooner. However, this
release simply reverts the AHCI reset patch for now. The AHCI reset plus delay
will be present in Canoeboot's next release, after 25.06.
* lenovo/t420: Add missing text-mode configuration
* coreboot (all trees): Added patch fixing GMP build errors on modern
GCC15 hostcc.
* coreboot (all trees): Fixed building of crossgcc with newer GCC15. Patches
courtesy of Alper Nebi Yasak.
* coreboot (all trees): Added a patch to fix building coreboot utils with
newer GCC15.
* dependencies/debian: Fixed the libusb package name for newer Debian releases,
courtesy of Alper Nebi Yasak.
* SeaBIOS: Fixed `malloc_fn` function pointers in the `romfile` patch, courtesy
of Alper Nebi Yasak. Fix build errors on GCC 15.
* `include/lib.sh`: Force use of System Python e.g. `/usr/bin/python`, when
a python venv is detected. This prevents the build system from hanging.
* coreboot `g43t_am3`: Fixed the `data.vbt` path.
* Alper Nebi Yasak fixed the Python 2/3 detection in some edge cases when
the `python` command is python2.
* `include/lib.sh` (later `init.sh`): Do root check *first*, right after
the dependencies check, whereas it previously did the python check before
checking for root user.
* lbmk: Don't use TMPDIR directly, use another variable containing its value,
and make sure it doesn't get changed wrongly. This reduces the possibility
of accidentally leaving old tmp files laying around.
* `include/lib.sh`: `tar` commands now return an exit with error, if a fault
occurs, whereas it didn't before, due to piped output. This is done
using the `x_` wrapper on tar commands, to provide error exits.
* `mk`: function `check_project_hashes` now returns an error, if the sha512sum
command fails. It previously didn't, due to piped outputs. It's now mitigated
by using `x_` on piped commands, for error exits.
* Forking of lbmk parent instance to child instance isno longer handled by
variables. It's been simplified, to only be based on whether TMPDIR is set,
and it's generally more robust now in this release. The old code sometimes
broke under certain edge cases.
* `include/vendor.sh` (later renaming to `inject.sh`): General code cleanup,
about 100 sloc removed without reducing features.
* lbmk: Initialise `PATH` to a standard string if not set, on the parent
instance of lbmk.
* lbmk: Use `pwd` instead of the `PWD` variable, resetting the latter safely
as lbmk runs. This prevents lbmk from changing directory to an erroneous
system path, if `PWD` wasn't properly set for some reason. This is a
preventative bug fix, because no actual issue ever occured in practise.
* Much safer Python version check at lbmk startup, using data structures that
are provided universally by all Python implementations, instead of
relying on the output of `--version`.
* Fixed T480 backlight controls, courtesy of a patch from Mate Kukri.
* Set up Python in `PATH` when lbmk starts, to ensure that it is always
version 3. This is checked at startup.
* `include/vendor.sh`: Allow setting a MAC address even if vendor files aren't
needed.
* `util/nvmutil`: Honour the `INSTALL` variable, if set by the user, otherwise
it is set to `install` by default.
* `util/nvmutil`: Don't do `clean` when running `uninstall`.
* `util/nvmutil`: Proper DESTDIR/PREFIX handling, whereas it was not handled
properly at all before.
* `util/nvmutil`: Only set CC/CFLAGS if unset, and use sensible defaults.
* Fixed various shellcheck errors in lbmk.
* Debian dependencies: replace liblz4-tool with lz4 and liblz4-dev. The latter
is also available in Debian Trixie and Sid, at this time, in addition to
Debian Bookworm, so it works on all of them.
* U-Boot (x86): Fixed a bug since Swig 4.3.0 changed the syntax for its
language-specific AppendOut functions. A patch from upstream was backported,
and the patch is also compatible with older versions of Swig.
* In lbmk scripts, use `command -v` instead of `which`, to find the locations
of certain binaries. This is a bug fix, since `which` is non-standard and
so could break on some setups.
* Crossgcc: when building it for coreboot, fix mismatching GCC/GNAT versions
so that they match, if multiple versions are present. This was done because
Debain Trixie initially had GCC 14 and GNAT 13, whereas we need GNAT to build
the Intel video init code on many mainboards.
* `dependencies/debian`: Fix the `python3-distutils` package, renamed it
to `python3-distutils-extra`, which works on bookworm *and* newer, but the
former did not.
* `git.sh`: don't initialise the `livepull` variable globally, reset it per
target instead, to prevent some repositories from being wrongly re-cloned.
* Safer exit when running the `./mk dependencies` commands, so that lbmk is
more likely to exit, because it was theoretically possible that it might
not under certain edge cases.
* Add tarballs and gpg signatures to `.gitignore`
### General code cleanup
<img tabindex=1 class="r" src="https://av.libreboot.org/rpi/wson8/0007.jpg" /><span class="f"><img src="https://av.libreboot.org/rpi/wson8/0007.jpg" /></span>
Another bug focus in this release was to clean up the logic of Canoeboot's
build system, and fix several bugs, especially those relating to error handling.
A lot of cleanup was done on the init functions used by the build system, to
initialise common variables, such as environmental variables, and temporary
files and/or directories; such logic was moved to a new script called `init.sh`.
In descending order from the latest changes to the earliest changes:
* `lib.sh`: simplify `setvars()`
* `lib.sh`: simplify `chkvars()`
* `mk`: simplify `main()`
* `get.sh`: simplify `fetch_project()`
* `get.sh`: simplify `try_copy()`
* `get.sh`: tidy up `bad_checksum()`
* `get.sh`: simplify `fetch_targets()`
* general cleanup in `get.sh` and `vendor.sh`
* xbmk: rename `xbmklocal`/`xbmktmp` variables (shorten them)
* `get.sh`: consolidate printf statements
* `get.sh`: remove redundant printf in `fetch_project()`
* `get.sh`: remove superfluous command in `try_git()`
* `rom.sh`: simplify `mkcoreboottar()`
* `rom.sh`: rename `mkvendorfiles()`, which actually handles general init
tasks, including the processing of vendor files where appropriate.
* `rom.sh`: simplify ccache handling for coreboot; make-oldconfig wasn't
needed at all, when cooking configs to enable ccache, so the *cook* function
became much smaller and was then merged with `mkvendorfiles()`
* `rom.sh`: simplify u-boot payload handling, by using a single variable name
that defines the type of U-Boot tree. This allows several other U-Boot-related
checks to be greatly simplified, as they were.
* `vendor.sh`: add a colon at the end of a `for` loop
* `get.sh`: make `xbmkget()` easier to understand, by not using shorthand
conditional statements in the for loop handling a repository or file
download.
* `init.sh`: merge `xbmk_lock()` with `xbmk_set_env()`
* `init.sh`: set pyver from `set_env()` instead of the main function.
* `init.sh`: merge `xbmk_mkdirs()` with `set_env()`
* `init.sh`: only update version files on parent, to speed up xbmk
* `init.sh`: simplify unknown version creation, where none was created and
no Git metadata exists.
* `init.sh`: only set xbmk version on parent instance; we only need to read
what was set, on child instances. In other words, apply the principle of
least privelege.
* `init.sh`: initialise variables AFTER path, to avoid unnecessary work inside
child instances of xbmk.
* `init.sh`: merge `create_pathdirs()` with `set_pyver()`
* `init.sh`: Set python version only on parent instances of xbmk, to speed
up operation of the xbmk build system.
* `init.sh`: `xbmk_create_tmpdir()` to `xbmk_mkdirs()`
* `init.sh`: move `gnupath` creation to `create_tmpdir()`
* `init.sh`: move PATH init to `set_env()`
* `inject.sh`: shorten the `nukemode` variable name
* `get.sh`: simplify `bad_checksum()`
* `release.sh`: use `x_()` on find command for `nuke()`, so as to remove the
need for a more complicated while loop inside said function.
* `get.sh`: move `nuke()` to `release.sh` and only run it on releases; don't
do it on normal xbmk Git. It's only needed in the former context, because
that has to do with distribution by the project, and this makes
development easier. Therefore, files are only purged within the release
archives, but not during development.
* `release.sh`: simplify `prep_release_bin()`
* `get.sh`: simplify `tmpclone()`
* `get.sh`: simplify `nuke()` by using `fx_` for the file loop
* `get.sh`: simplify `try_copy()`
* `get.sh`: simplify `fetch_submodules()` config check
* `get.sh`: simplify `fetch_submodules()` by using `xbmkget()` for everything,
instead of implementing redundant logic in the build system.
* `git.sh`: rename to `get.sh`
* `rom.sh`: reduce indendation in `check_coreboot_utils`; simplify the for
loop by replacing it with a call to `fx_` instead.
* `release.sh`: simplify `release()`
* `release.sh`: clean up the `vdir` after release
* `release.sh`: removed an unnecessary `mkdir` command
* `release.sh`: split up `build_release()` into smaller functions
* `lib.sh`: remove `rmgit()`
* `lib.sh`: remove the unnecessary `mk()` function
* `lib.sh`: move `xbmkget()` to `git.sh`
* `lib.sh`: move `mksha512sum()` to `vendor.sh`
* `lib.sh`: split up `try_file()` into smaller functions
* `lib.sh`: move `_ua` to `try_file()`
* `inject.sh`: remove the `hashfiles` variable
* `inject.sh`: define `xchanged` here instead
* `lib.sh`: use `fx_` in `rmgit()`
* `lib.sh`: split up `xbmkget()` into smaller functions
* `inject.sh`: only compile nvmutil if needed
* `inject.sh`: simplified serprog check
* `inject.sh`: further cleanup for `vendor.sh`, such that all vendor-download
functions are only defined in `vendor.sh`; this means that the Canoeboot
version of the file can remain in much closer sync, with fewer differences.
* `tree.sh`: simplified srcdir check on make-clean
* `inject.sh`: split up the inject functions into smaller functions for
each specific task. (for inserting MAC addresses)
* xbmk: use `x_` instead of `err`, where appropriate, because it handles
globbing perfectly these days, and `x_` is cleaner in most cases.
* `mk`: remove unnecessary line break
* `mk`: re-split tree logic to new file, `include/tree.sh`
* `mk`: move release functions to `include/release.sh`
* `git.sh`: use `setvars()` for fail variables
* `init.sh`: remove useless export; variables that are y/n can just be reset
to `n` if not set to `y`, for simplicity.
* `init.sh`: export `LOCALVERSION` in `set_env` instead of `set_version`.
* `inject.sh`: simplified MAC address handling
* `inject.sh`: Simplify `patch_release_roms()`
* `lib.sh`: Remove useless command in `err()`
* `lib.sh`: Simplified `fx_()` and removed `fe_()`; fe didn't prefix `x_` to
a given command, but fx did. Now, it is prefix manually, for greater control,
on commands that need stricter error handling, while it can be avoided on
commands where strict error handling is unfeasible.
* `mk`: Create serprog tarballs here instead; `rom.sh` was simplified to use
mkhelp when building actual images.
* build serprog images using `fx_` *defined inside mkhelper*, to tidy up xbmk
* `rom.sh`: build serprog images with `fx_`, rather than implementing a
specific for loop.
* `git.sh`: Simplify git am handling by using the new `fe_` or `fx_` function,
instead of making a specific while loop.
* `inject.sh`: remove an unused function
* `init.sh`: New function `dx_` to execute path files; this is used instead
of for loops all around xbmk, to simplify operations where the output of
a file search is used as argument to a function.
* `lib.sh` `find_ex`: Write sort errors to `/dev/null`
* `lib.sh` `x_()`: Remove warning of empty args; it's really not required,
since it's obvious anyway in the resulting final error message.
* xbmk: Replace `err()` with much simpler implementation, for reliability
and bug prevention.
* `rom.sh`: simplify `mkseagrub()`
* `mk`: simplify `elfcheck()`
* `lib.sh`: simplify `singletree()`
* `git.sh`: move `singletree()` to `lib.sh`
* `lib.sh`: simplify `err()`
* `init.sh`: single-quote xbmklock in `xbmk_lock()`
* `init.sh`: define lock file in a variable instead; this makes it more
flexible, because the path can be checked and then re-used nicely.
* `init.sh`: tidy up `xbmk_child_exec()`; make the command style more consistent
* `lib.sh`: rename errx to xmsg
* `init.sh`: tidy up the python version check
* `init.sh`: move non-init functions to `lib.sh`
* `init.sh`: simplify dependencies handling
* `rom.sh`: tidy up `copyps1bios()`
* `mk`: tidy up xgccargs handling
* `mk`: generally removed dead code
* `init.sh`: tidy up pathdir creation
* `mk`: tidy up `check_cross_compiler()`
* `mk`: reduce indentation in `check_cross_compiler()`
* `mk`: Allow use of x_ on prefix functions
* `mk`: tidy up `check_project_hashes()` sha512sum check
* `mk`: simplify `check_gnu_path()`
* `inject.sh`: general code cleanup
* xbmk: Unified local ./tmp handling
* `lib.sh`: redirect find errors to `/dev/null` to prevent clutter on
the user's terminal
* `init.sh`: unified handling of ./tmp
* `mk`: include rom.sh directly
* `lib.sh`: Simplify rmgit()
* `lib.sh`: support multiple arguments in remkdir()
* `lib.sh`: simplify remkdir()
* xbmk: move x_() to `lib.sh`
* `init.sh`: move setvars/err_ to lib.sh
* `init.sh`: Generally modularised it, moving separate tasks into separate
functions, rathher than having it be one big monolith.
* `vendor.sh` was renamed to `inject.sh`, so that future changes can be
in better sync between lbmk and cbmk on this file, because the cbmk version
has the MAC address changer (but no vendorfile handling). In the future,
this will be split so that `vendor.sh` exists again, containing only the
vendorfile handling, and `inject.sh` will only handle MAC addresses.
* `init.sh`: Several variables were moved out of this file and elsewwhere in
lbmk.
* Moved the `singletree` function to `git.sh` instead of `lib.sh`
* Moved the `cbfs` function from `lib.sh` to `rom.sh`.
* `include/lib.sh`: Use a more top-down function order, more clear, and it was
split into an extra file `init.sh` that does the most basic lbmk initialisation
at startup, whereas what remains in `lib.sh` really are generic library
functions used throughout lbmk.
* `include/git.sh`: Removed unused crossgcc linking feature, because we don't
use it anymore (coreboot trees have their own crossgcc and never link to
another these days). Libreboot used to have many more coreboot trees, some
of which re-used crossgcc from another tree. Similarly, the accompanying
variable `tree_depend` is no longer handled. The `xtree` variable is still
handled, because projects like U-Boot use that to configure crossgcc.
* include/vendor.sh: Removed unnecessary check against the ROM image size.
Generally simplified the processing of release images.
* include/git.sh`: Removed many redundant functions, merging several of them.
* `include/mrc.sh`: Fixed a bad print, making proper use of a string inside
a printf statement.
* Simplified many file checks in lbmk, by using the `e` function.
* Removed a bunch of useless `eval` commands in general, throughout lbmk,
making the code much cleaner.
* lbmk: the `x_` function is now used much more aggressively, for error
handling, simplifying error handling in lbmk overall.
* `mk` main script: Merged the `trees` script with it, so now it's all one
script. The `mk` script is now the only executable script in lbmk.
* `mk` (main script): The `roms` command is removed (legacy / obsolete).
* The version/versiondate files are now dotfiles, to hide during operation.
* `include/lib.sh`: Hardcoded projectname/projectsite variables, instead
of storing them in a file.
* `trees` script: Unified handling of flags (same string used in error output),
to ensure that error(usage) messages always match.
* `trees` script (later merged into `mk`): Removed a lot of old bloat.
* `util/nvmutil`: Make the checksum word position a define. Generally cleaned
up a lot of code to make it clearer for the reader. Added more verbose
messages to the user, confirming things such as how much was read or written
on the user's file system. Various miscallaneous bug fixes (edge cases that
were unlikely to ever be triggered).
* `util/nvmutil`: More efficient use of memory when handling files.
* `util/nvmutil`: Much cleaner handling of user input.
* `util/nvmutil: More granular MAC address parsing errors, easy for debugging.
* `util/nvmutil`: Make the Gbe Checksum a define, for readibility.
* `util/nvmutil`: Obey the 79-character-per-line limit, as per lbmk coding
style.
* `util/nvmutil`: Tidied up several pledge calls
* Removed use of several unnecessary subshells and `eval` statements in lbmk.
* `trees`: Later, the GCC/GNAT matching feature was rewritten to work both ways,
where an older GCC was matched to GNAT and vice versa, whereas it previously
only went one way. `gcc` and `gnat` are manipulated in `PATH` to ensure that
the user has a consistent version of both.
* `path.sh` later merged into the `trees` script (which later merged
into the main `mk` script). This `path.sh` is what contained the first
implementation of the GNAT/GCC version matching feature.
* `path.sh`: Remove unnecessary shebang, and the same on other `include/`
scripts. NOTE: `path.sh` was later merged into `lib.sh`, which then became
split into `init.sh` in later changes (see above).
* Removed legacy build system commands e.g. `./build` and `./update`; now
only the newer `./mk` commands are supported. This and the change below was
briefly reverted, for the 20241206 revisions, but then re-introduced.
Git log
-------
This log shows all changes in today's release, from 30 June 2025, ever
since the Libreboot 20241206 release of 6 December 2025:
```
* 64b76b4e3a Canoeboot 25.06 release
* 126dff455b tree.sh: add sha512 error for check_project_hashes
* 08a9837216 tree.sh: add error check in check_project_hashes()
* e1664be01e tree.sh: more reliable clean in run_make_command
* 1843f71577 inject.sh: add missing semicolons
* 3567d95860 put coreboot utils in elf/coreboot/TREE
* 885016c0c2 release.sh: use printf to create version files
* eeb9954179 lib.sh: simplify setvars()
* bc0a2a9b75 lib.sh: simplify chkvars()
* 3657ed8677 mk: simplify main()
* ee92a228c3 get.sh: simplify fetch_project()
* bbc35fe6e6 get.sh: simplify try_copy()
* b9f78f2aff get.sh: tidy up bad_checksum()
* ff77de4a9d get.sh: simplify fetch_targets()
* 405215bc34 general cleanup in get.sh
* 21352b990e xbmk: rename xbmklocal/xbmktmp variables
* fcfc43aced get.sh: consolidate printf statements
* 46c0eb5ff4 get.sh: remove redundant printf in fetch_project
* 77b79d3581 get.sh: remove superfluous command in try_git()
* 7b8185f460 init.sh: error out if .git/ is a symlink
* 2b8ccfbe5b get.sh: Properly error out if tmpclone fails
* ff06b30ca5 tree.sh: Don't auto-run make-oldconfig
* 173f304fd7 rom.sh: simplify mkcoreboottar()
* 0854e99cfe rom.sh: rename mkvendorfiles
* 00ab60e762 rom.sh: simplify ccache handling for coreboot
* 82bb342a63 rom.sh: simplify u-boot payload handling
* 463cdd8128 coreboot: Remove unused vboot tests
* a70d8afc30 get.sh: Always update git remotes
* 77ad7a0ca3 get.sh: re-generate remotes every time
* e209646018 release.sh: copy version files to rsrc
* ada8a6dd7b xbmk: add fake config makefile args to flashprog
* 069aa21567 rom.sh: skip copyps1bios on dry builds
* bcdcfa045a tree.sh: Don't run make-clean on dry runs
* 4c0ecf17e6 GRUB: Update to revision 73d1c959e (14 March 2025)
* be598c497b get.sh: add missing check in fetch_project()
* 378a73ce42 get.sh: stricter URL check in xbmkget()
* b9886740ba get.sh: make xbmkget() easier to understand
* c130682fdf get.sh: Make xbmkget err on exiting the loop check
* 1342d74cc6 tree.sh: fix up copy_elf(), bad for loop
* b4a547caac lib.sh: Use while, not for, to process arguments
* 41ffbb640d xbmk: stricter handling of files on while loops
* b516a29482 init.sh: looser XBMK_THREADS validation
* fa59f9da76 init.sh: Hardcode XBMK_CACHE for integrity
* d92dee6781 dependencies/debian: add libx86
* 6577abc60a FSDG-compliant Sandy/Ivybridge/Haswell support
* addbd95a24 init.sh: merge xbmk_lock() with xbmk_set_env()
* 1c34d4567b init.sh: move xbmk_set_version
* a4103517ea init.sh: set pyver from set_env
* 6a3c771feb init.sh: merge xbmk_mkdirs with set_env
* de62243cd2 init.sh: check version/versiondate once read
* 6b8ee3d3b3 init.sh: error if version not read
* 08610f4145 init.sh: only update version files on parent
* 412b0a81d7 init.sh: simplify unknown version creation
* 2a6a4d765d init.sh: only set xbmk version on parent instance
* 416b1f66be init.sh: initialise variables AFTER path
* 46f09075c2 init.sh: merge create_pathdirs with set_pyver
* abf52b0394 init.sh: Set python version only on parent
* 1e4e3f36f4 init.sh: remove useless command
* ed83718cf2 init.sh: remove useless comment
* 8617375799 init.sh: xbmk_create_tmpdir to xbmk_mkdirs
* 83064459d9 init.sh: move gnupath creation to create_tmpdir
* 0389d1eadb init.sh: move PATH init to set_env
* 4aba9ef29e init.sh: check the lock file BEFORE git init
* fa2c288939 init.sh: return from child in set_env instead
* 9b1d4dfe82 inject.sh: shorten the nukemode variable name
* e34651a98a release.sh: rename relsrc to rsrc
* 1523a67729 release.sh: tidy up nuke()
* c068efec88 get.sh: remove useless message
* c660ecde62 get.sh: simplify bad_checksum()
* 2d13b4c2e2 release.sh: simplify nuke() EVEN MORE, yet again
* c20e29005f release.sh: use x_ on find command for nuke()
* 97603a43cf release.sh: simplify nuke() EVEN MORE
* 534a4d4870 get.sh: move nuke() to release.sh
* 8b646abe9a release.sh: simplify prep_release_bin()
* aeb1187a8a release.sh: don't move src/docs/
* 8cb0c224a5 get.sh: FURTHER simplify nuke()
* 8cb23315d9 get.sh: simplify tmpclone()
* 8d6244bb7f get.sh: fix bad mkdir command
* 4582a21abf inject.sh: Stronger hash verification
* fd98310f5b properly exit 1 when calling fx_
* e96dfae0b3 get.sh: simplify nuke()
* 3bfb82cb82 get.sh: fix broken printf statement
* 9c24b170c2 get.sh: use subshells on try_ functions
* 4f926ee708 get.sh: simplify try_copy()
* 36cf7892df get.sh submodules: Don't delete files recursively
* 398f265359 get.sh: simplify fetch_submodules() config check
* a3f48f3115 get.sh: simplify fetch_submodules()
* 142b79b206 get.sh: fix caching of crossgcc tarballs
* a658265a86 release.sh: Don't run prep_release with fx_
* aaa0a1ff93 git.sh: rename to get.sh
* 2d691c7377 git.sh: Only create destination repo on success
* 6199bc5b95 git.sh: cleanup
* 1dd18a9a55 git.sh: Re-implement redundant git downloads
* 176c0fa1c4 rom.sh: reduce indendation in check_coreboot_utils
* 584de778f8 release.sh: simplify release()
* ed8644177b release.sh: clean up the vdir after release
* 2ca6337b0a release.sh: remove src_dirname variable
* abfa2d1ec7 release.sh: build in tmp directory first
* d3ec7e8635 release.sh: remove unnecessary mkdir command
* b68447e75c release.sh: split up build_release()
* 4b36ba9765 release.sh: delete tmp/cache from the tarball
* 5861c25a7c lib.sh: remove rmgit()
* 1f2c8e47d4 lib.sh: remove mk()
* 19888e2cb8 lib.sh: move xbmkget() to git.sh
* 9c5f59cc42 lib.sh: remove mksha512sum()
* 279b7f20be lib.sh: split up try_file()
* 3347e3d314 lib.sh: move _ua to try_file()
* 57f68535a2 inject.sh: remove the hashfiles variable
* d07bd53b07 inject.sh: define xchanged here instead
* 47b9a261d7 lib.sh: use fx_ in rmgit()
* ed9f6338af lib.sh: split up xbmkget()
* 753af0a7a2 inject.sh: only compile nvmutil if needed
* 387f4b785b inject.sh: simplified serprog check
* 31bab5c10c remove another confusing message
* 6c3ea129a4 inject.sh: Remove confusing path on tar creation
* 3062f04c45 inject.sh: re-add mac address confirmation
* cf8ca4cdd6 inject.sh: further cleanup
* a82ca2da5f tree.sh: only create elfdir in copy_elf()
* 33debfcf1c tree.sh: simplified srcdir check on make-clean
* 2acdfefdf9 inject.sh: bring in sync with lbmk 0f931b508a8
* a170ab4118 cbmk: use x_ instead of err, where appropriate
* 5cdd377547 mk: use zero exit instead, to run trees
* c022a14c9e remove useless comment
* c9325f234e mk: remove unnecessary line break
* e22593f037 mk: re-split tree logic to include/tree.sh
* c463e8a52d mk: move release functions to idnclude/release.sh
* 966a6377a0 mk: add missing error handli for mk -f
* 718697c0e6 git.sh: re-write tmpclone without caching
* a5c5089eda git.sh: use setvars for fail variables
* 7b2671ea26 git.sh: hard fail if git am fails
* 45b6d3b3ba git.sh: Hard fail if reset fails
* e320ce60a7 init.sh: Only check XBMK_CACHE if it exists
* d99bc55f4a also fix the other grub trees
* c15ee8fc32 fix trying to boot all logical volumes after unlocking an encrypted volume
* 63cef86bdb init.sh: remove useless export
* 0a3793ad4e init.sh: also allow XBMK_RELEASE=Y or N
* 433b5de916 init.sh: Resolve XBMK_CACHE via readlink
* 5d2c94a8bd init.sh: check XBMK_CACHE is a directory instead
* f0a0f678bf init.sh: export LOCALVERSION in set_env
* 542d72192d init.sh: run set_version before set_env
* 9ccfee43e7 init.sh: Use readlink in pybin()
* 2f17c5be3b inject.sh: simplified MAC address handling
* 3900122957 lib.sh: Remove useless command in err()
* afcd0cfde6 lib.sh: Simplified fx_() and removed fe_()
* 386f3c3346 mk: Create serprog tarballs here instead
* 326f0459d9 build serprog using fe_ *defined inside mkhelper*
* 418fcce9ba rom.sh: build serprog images with fe_
* add92cd405 lib.sh: support any command on find_exec()
* bd5d85569f lib.sh: re-add missing break in fe/fx_
* eac3b96ddd git.sh: Simplify git am handling
* 6e4172b1ba inject: remove unused function
* 92374e6071 init.sh: New function dx_ to execute path files
* 1bc8055e28 inject.sh: simplify kconfig scanning
* ea8f9b59c6 lib.sh find_ex: Write sort errors to /dev/null
* 0ba013a61d lib.sh x_(): Remove warning of empty args
* e47324619d lbmk: Replace err with much simpler implementation
* 2279a1f6f6 singletree/elfcheck: use fx_, not fe_
* 1e1e65cb43 rom.sh: Print the rom image path being generated
* ffdf93bf90 rom.sh: Safer cprom()
* 1c0c88c7cb rom.sh: specifically check keymaps in cprom()
* 9342e5bb61 rom.sh: simplify mkseagrub()
* 4a9376adc4 mk: simplify elfcheck()
* e2f6e7a410 lib.sh: simplify singletree()
* 9d91c3da60 git.sh: move singletree() to lib.sh
* 877f00df1f mk: Fix bad error handling for gnu_setver
* 0156cd91c8 lib.sh: set -u -e in err()
* 7f150c3e4f GRUB: Mark E820 reserved on coreboot memory
* 22d3266a53 lib.sh: Provide error message where none is given
* 5b2d537123 init.sh: Silence the output of git config --global
* edfa4a0ddd init.sh: Run git name/email check before init
* 23755c1748 lib.sh: stricter xbmk_err check in err()
* 5150bf64a4 lib.sh: simplify err-not-set handling
* 90bd3e67c4 lib.sh: Add warning if x_ is called without args
* 78aa78c82e lib.sh: simplify err()
* 15afad4a2b init.sh: single-quote xbmklock in xbmk_lock()
* 41bc473276 init.sh: define lock file in a variable instead
* 4415865ccc init.sh: tidy up xbmk_child_exec()
* ee686cc86b lib.sh err: add missing redirect to stderr
* cd979e3b09 lbmk: MUCH safer err function
* fda09e8923 lib.sh: rename errx to xmsg
* 8eea01eceb lib.sh: Make x_ err if first arg is empty
* af309d888b lib.sh: Make err_ always exit no matter what
* 6e14ab7c09 init.sh: tidy up the python version check
* 7944fd6297 init.sh: move non-init functions to lib.sh
* 159ded1c4e init.sh: simplify dependencies handling
* 7ab7bf19f2 rom.sh: tidy up copyps1bios()
* a5519f13e1 mk: tidy up xgccargs handling
* ed441a4ba0 mk: remove useless code
* e05787d82f init.sh: tidy up pathdir creation
* 2c3f9e4e7e mk: re-make gnupath/ after handling crossgcc
* e6d3b5763d mk: tidy up check_cross_compiler
* 45513d56be mk: re-make gnupath/ for each cross compiler
* 7314903331 mk: reduce indentation in check_cross_compiler()
* f6005f17b6 mk: Allow use of x_ on prefix functions
* 4a32890198 mk: tidy up check_project_hashes() sha512sum check
* 1d988606ca mk: simplify check_gnu_path()
* f64b2affb1 inject.sh: minor code cleanup
* bb5228dc32 init.sh: *Re-create* tmpdirs on parent instance
* 0c05289152 init.sh: Always create xbmklocal
* b2c14b6759 lbmk: Unified local ./tmp handling
* 6a653729a3 lib.sh: redirect find errors to /dev/null
* 67e06ce368 lib.sh: Fix bad touch command
* 2c9f3065ee inject.sh: Only build nvmutil once
* 4ca73f9434 inject.sh: always re-build nvmutil
* e6c2fd9734 util/nvmutil: use x, not ?, for random characters
* 09f6a6b11d lib.sh find_ex: explicitly create the tmp file
* 2d05cd260d init.sh: Explicitly create the xbmktmp directory
* e32a6c96d5 init.sh: unified handling of ./tmp
* 6c7da73782 lib.sh: add fe_ which is fx_ but err on find
* afb5e7d3d5 lbmk: unified execution on find commands
* 0b9c797f32 mk: include rom.sh directly
* a13e53ba16 lib.sh: Simplify rmgit()
* 61407551ca lib.sh: support multiple arguments in remkdir()
* 4c2786daba lib.sh: simplify remkdir()
* 6348e8a93e move x_() to lib.sh
* a30fd38ae4 init.sh: move setvars/err_ to lib.sh
* d51b995528 Restore SeaBIOS 9029a010 update, but with AHCI fix
* 62f9c277f3 Revert "seabios: bump to rev 9029a010, 4 March 2025"
* 7333d71808 Canoeboot 25.04 Corny Calamity
* 2da5712128 bring coreboot revs in sync with libreboot 25.04
* 96c8dfa883 remove unused coreboot tree
* d66cfa5644 add pico-sdk backport patch fixing gcc 14.x
* b262db3b87 serprog: Remove pico2 support for the time being
* 15efc268a1 seabios: bump to rev 9029a010, 4 March 2025
* 973053479b update untitled
* 2c97b272b8 coreboot413: add alper's fix to cbfstool for gcc15
* bbe401f5f9 flashprog: bump to rev e060018 (1 March 2025)
* 64385b0dd1 lib.sh: Provide printf for mktarball
* 8a5603f98c seabios: Fix malloc_fn function pointer in romfile patch
* 892b02a215 dependencies/debian: Fix libusb package name
* db162c3662 init.sh: fix yet another double quote for dotfiles
* 41dad0d2c2 u-boot: gru: Disable INIT_SP_RELATIVE
* db79c0171e u-boot: arm64: Expand our modified defconfigs to full configs
* f34dd5cf38 u-boot: arm64: Merge our modifications into new defconfigs
* 99ade886e0 u-boot: arm64: Add new upstream defconfigs
* a710f63df3 u-boot: arm64: Rebase to v2025.04
* c3ae4a917d u-boot: arm64: Save our modifications to the upstream defconfigs
* a576fa4570 u-boot: arm64: Turn configs into defconfigs
* 34d134f2f2 init.sh: don't use eval to read version files
* b63612871d init.sh: use backslash for dotfiles in eval
* 7722e2f0d0 mk: Don't run mkhelpers if mode is set
* d85ec327c3 mk: condense main() again
* 4ff7cd3d77 init.sh: make git name/email error more useful
* ec287ca69e init.sh: move git name/mail check to xbmk_git_init
* f89e5ad87a init.sh: tidy up the git name/email check
* 76d99b8cae mk: make main() more readable
* f3caaf394e mk: move git check to init.sh xbmk_set_version
* f30892e92f init.sh: tidy up xbmk_init()
* cbf486789d mk: move git_init to init.sh
* 2c39a2bc7b init.sh: minor cleanup
* d6d8ee1d4b init.sh: clean up setvars
* ef78f88117 init.sh setvars: make err a printf for eval
* 3221ca7742 init.sh: merge xbmk_child_init with xbmk_init
* 723e979c8c init.sh: split xbmk_child_init into functions
* 0d86ef50ac init.sh: move parent fork to new function
* 68d5660cca init.sh: Provide more complete error info
* 6ebb11cf9c lib.sh: move _ua to the xbmkget function
* 2c8570c07a move variables out of init.sh to others
* 75f6b1cc1e lib.sh: rename vendor_checksum
* 5a294b183e lib.sh: move singletree() to git.sh
* 7943fab580 lib.sh: move cbfs() to rom.sh
* a16d9f35a2 re-split include/init.sh to lib.sh
* 6d54f46148 rename include/lib.sh to init.sh
* cf961e00b7 lib.sh: introduce more top-down function order
* 7dbd02fcd0 mk/git.sh: remove tree_depend variable
* 7c6039a086 git.sh: remove unused xgcc linking feature
* 2c419396d3 mk: remove unused variables (ser/xp)
* f6d81c4751 mk: simplify main()
* cc1b025df2 lib.sh: use realpath to get sys python on venv
* e281ad8659 lib.sh: Force use of System Python to prevent hang
* 88799b8db6 lib.sh: further condense the python check
* 03ff6f38b9 lib.sh: further simplify the python check
* 4d4ab8ce59 lib.sh: condense the python check
* 87edc96778 lib.sh: simplify mk()
* 63e07a44df lib.sh: simplify cbfs()
* e18af2022a lib.sh: simplify the python check
* f899a3225d mk: remove mkhelp() and use x_() instead
* 6bd6f14a19 mk: simplify handling of trees()
* 46e6169495 lib.sh: add missing copyright year
* 7786ea4250 mk: don't print confirmation of git pkg.cfg
* d9908ca648 lib.sh: Fix python3 detection when 'python' is python2
* 8affdc0bcb Update the GRUB revisions
* b665d09442 Revert "git.sh: minor cleanup"
* ec25425e55 lib.sh: perform root check even earlier
* dbf40653b2 lib.sh: tidy up opening logic (put it together)
* 46fb5786e0 lib.sh: do root check before python check
* 0fa1265106 git.sh: minor cleanup
* c8c5a0e017 lib.sh: simplify mktarball()
* 76e7c35ae2 mk: tidy up check_gnu_path()
* 2fccddb9d0 mk: simplify check_project_hashes()
* b399252309 lib.sh: fix missing s/TMPDIR/xbmktmp
* 72c83cdaeb cbmk: don't handle TMPDIR directly
* 86a96b22a5 rom.sh: minor cleanup
* 374baddbcb inject.sh: yet even more code cleanup
* e644717077 inject.sh: even more cleanup
* ec24bc4915 inject.sh: minor cleanup
* 5469f483fc git.sh: remove unnecessary comment
* 991a98caec git.sh: remove link_crossgcc()
* 1915c84376 git.sh: remove move_repo()
* 515c1782ad git.sh: remove prep_submodule()
* 519d93691f git.sh: make git_prep command clearer
* ca0aab3bfe simplify a few file checks
* 85b1996afa rom.sh: remove unnecessary check
* c3910fbc5f cbmk: minor cleanup
* 6fc23805cb lib.sh mktarball: stricter tar error handling
* 58a17c8d15 mk check_project_hashes: handle error on sha512sum
* d65d93b300 Revert "lib.sh: use eval for the command in x_"
* 0aace67a54 lib.sh: fix bad eval writing version/versiondate
* 7c98661271 lib.sh: use eval for the command in x_
* e63c14677f mk: use eval to run mkhelp commands
* f4e5879534 mk: tidy up the switch/case block in main()
* 85373b9b91 mk: tidier error handling
* d0b95ffe6e lib.sh: tidy up the error handling
* caaaf46540 rom.sh: tidy up error handling
* 7bd9fb9a7b git.sh: clean up fetch_project()
* 4d15c476b6 mk: Remove unnecessary argument checks on trees()
* 94a8fa816f inject.sh: properly call err_ in fail_inject
* ca6a3c8958 remove xbmk_parent, handle forking in lib.sh
* f3c757c2d2 lib.sh: define x_ right after err_
* 2b9881639f mk: minor cleanup
* 3b2718bd9d lib.sh: minor cleanup
* 8999d30b96 rom.sh: minor cleanup
* 32242cc03b inject.sh: tidy up check_release()
* f439230604 inject.sh: tidy up xbmk_inject()
* bbc28e73f8 inject.sh: tidy up readcfg()
* cdcdadf097 inject.sh: tidy up patch_release_roms()
* ff35a6a300 inject.sh: tidy up modify_mac_addresses()
* 67c8338acf script/trees: merge with mk and delete script/
* d4dba9140c mk: remove the legacy "roms" command
* 4cb9db2ba2 lib.sh: write version/versiondate to dotfiles
* f0dcaca4ee lib.sh: hardcode projectname/projectsite
* ba5487aa34 remove update symlink
* 062e057e87 move build to mk
* 02785da1af trees: unify the execution of mkhelper commands
* 6405f92bd4 trees: tidy up configure_project()
* 019b885cd8 build: make coreboot building an else in "roms"
* f2f4aaefb7 trees: don't build dependencies if dry=":"
* e5fefd8074 trees: unified handling of flags
* 6696e69f01 trees: simplified handling of badhash/do_make
* 28ef540e74 trees: don't set mode on ./mk -b
* dd60b2ee84 trees: don't set mod on ./mk -d
* c429fc8e3f trees: don't initialise mode to "all"
* c5dacebe44 trees: clean up some comments
* 8d27e6c786 inject.sh: simplified readkconfig()
* ca5618628b inject.sh: replace xbmkpath with xbmkpwd
* 9130750ebb lib.sh: double-quote pwd to prevent globbing
* 12e600bf5c cbmk: unified PWD handling (work directory)
* 891a7d8e63 lib.sh: initialise PATH if it's unset
* 18689092d3 move XBMKPATH to include/lib.sh
* dcc7f10ec7 cbmk: use pwd util, not PWD environmental variable
* 6e6b54cc24 clean up a few semicolons in the build system
* 7b7642dc90 trees: err if first argument is not a flag
* c2ddb7cc1f trees: err if no argument given
* aa306663c3 trees: set dry=":" on ./mk -f
* e246c22953 trees: clean up initialisation of the dry variable
* 0ee7f48c8c trees: initialise mode to "all", not ""
* 1211636df2 trees: don't abuse the mode variable on -f
* ec14ff58da trees: Add missing flag to error output
* d7063fc20d cbmk: minor code formatting cleanup
* 2c05e7e6ba grub/xhci: Remove unused patch
* 112c756a70 util/nvmutil: remove excessive comments
* b74a7f0cc6 Bump GRUB revision to add 73 security patches
* bce7fceb56 Update pico-serprog revision
* dca11e70ed util/nvmutil: Fix bad error messages on R/W
* 1b9073b39b util/nvmutil: hardened pledge on help output
* b52fc1fe66 deps/arch: genisoimage belongs to cdrtools
* 3a3b935b8b util/nvmutil: only set mac_updated at the end
* 438ebb1647 util/nvmutil: Fix bad comparison
* a70ab825b9 util/nvmutil: allow ./nvm gbe MAC
* 471ce4fbdc util/nvmutil: move "e" to swap()
* db9f7cf588 util/nvmutil: Only read up to 4KB on larger gbe
* 71f6b631e3 inject.sh: Don't show gbe filename on inject
* d96d370754 util/nvmutil: fix minor mistake (line break)
* 698b9ff63b util/nvmutil: do setmac if only filename given
* a0d7c564fb util/nvmutil: don't say write not needed if errno
* a5549b43f8 util/nvmutil: print dump *after* modification
* 5540713d16 util/nvmutil: verbosely print the written MAC
* bbdd985bea util/nvmutil: minor cleanup in cmd_dump
* 7849f23f81 util/nvmutil: show nvm words written on writeGbe
* 38bb650f12 util/nvmutil: clean up readonly check on writeGbe
* ae5772e8f7 util/nvmutil: Remove useless gbeFileChanged var
* 43e583d0b9 util/nvmutil: reset errno if any MAC updated
* 4ea5484e02 util/nvmutil: reset errno when writing a MAC
* 67ac52df84 util/nvmutil: show total number of bytes read
* 97beb4305b util/nvmutil: rename tbw/bw to tnw/nw
* 3c6198a780 util/nvmutil: err if bytes read lower than nf
* 508509e4e5 util/nvmutil: err if fewer bytes written
* 5c9edb8ffe util/nvmutil: Show bytes written in writeGbe
* b44c311db7 util/nvmutil swap(): ensure that no overflow occurs
* dcfde2e318 util/nvmutil: make swap() a bit clearer
* 06f30b9543 util/nvmutil: make 0x3f checksum position a define
* cac598f79e util/nvmutil: make 128 (nvm area) a define
* d176b56c58 util/nvmutil swap(): Only handle the nvm area
* 47d7283462 util/nvmutil: move write checks to writeGbe
* b01995d167 util/nvmutil: make cmd_swap its own function again
* 3dc1fedbe8 util/nvmutil: minor cleanup
* e2be86695a util/nvmutil: allocate less memory for setchecksum
* 741ef57efc util/nvmutil: Further reduce memory usage
* af6d6d6d59 util/nvmutil: Remove unnecessary buf16 variable
* 16d760d738 util/nvmutil: Only allocate needed memory for file
* 6c2a8010e2 util/nvmutil: Remove unnecessary buffer
* 252e2bdb71 util/nvmutil: Show specific error for bad cmd argc
* 59942196a5 util/nvmutil: cleaner argument handling
* 21400784de util/nvmutil: extreme pledge/unveil hardening
* 8f99e386a4 util/nvmutil: more minor cleanup
* 11eb4df755 util/nvmutil: more granular MAC parsing errors
* dc376cca14 util/nvmutil: more cleanup
* e6f4d11c5e remove errant comment in nvmutil
* 90f2c22826 util/nvmutil: support 16kb and 128kb gbe files
* fef744d68e util/nvmutil: Prevent unveil allowing dir access
* d68d0a8d75 typo: nvme should say nvm in nvmutil.c
* fe55e33254 util/nvmutil: General code cleanup
* 232f6b8610 grub/xhci: Add xHCI non-root-hub fixes from Nitrokey
* a6c9ebd11f add gnults-devel to fedora 41 dependencies
* 1a3c74a974 grub.cfg: scan luks *inside lvm*
* d74e906652 grub.cfg: Scan *every* LVM device
* 302d116c28 snip
* 3730a63edd Canoeboot 20250107 release
* a223a0db89 update u-boot/grub/seabios version displays
* 23db77a030 inject.sh: MAC address changer (not vendorfiles)
* 514f61d6ba pico-sdk: Remove old, unnecessary patch
* 465b18eff3 remove errant symlink
* ec7e8d3a8f Bump coreboot/next to 2f1e4e5e85, 31 December 2024
* 8829539531 rom.sh: don't run mkpicotool on dry builds
* 62d655b8dd pico-sdk: Import picotool as a dependency
* adf1a2e1a4 lib.sh: Much safer python version check
* 1b1dae36d2 set up python in PATH, ensuring that it is python3
* ac6b7c9e3a add libx86 to arch dependencies
* 24aa70869e add less to arch dependencies
* d731b07aa7 lib.sh: Set python after dependencies
* d57303e080 update my copyright years on modified scripts
* bf5979f0b2 lib.sh: Fix unescaped quotes in chkvars()
* 9baf6a72a7 Revert "fix more unescaped quotes in eval"
* c1dd3da298 fix more unescaped quotes in eval
* caa18bdcb3 fix ./mk dependencies build issue
* 43ab374ec7 rom.sh: Remove errant GRUB modules check
* 2916aee7ab submodule/grub: use codeberg for 1st gnulib mirror
* 8e30ea27ef util/nvmutil: Update AUTHORS and COPYING files
* 376b1301f5 util/nvmutil: Describe nvmutil in help output
* da32fe1928 util/nvmutil: Remove the correct binary on uninstall
* 54809f06bf util/spkmodem-recv: More correct Makefile
* ac6f3884ad util/nvmutil: Honour the INSTALL variable
* e993212146 util/nvmutil: Don't clean when doing uninstall
* 21c87a6fbf util/nvmutil: Proper DESTDIR/PREFIX handling
* 5ed1114443 util/nvmutil: Set CC and CFLAGS only if unset
* 1e494f4530 util/nvmutil: Capitalise BABA
* ba71891687 util/nvmutil: Add uninstall to Makefile
* 1310c9a58c util/nvmutil: Add distclean to Makefile
* faa78f53c2 util/nvmutil: Make the GbE checksum a define
* 227c396ca2 util/nvmutil: nicer hexdump display
* 07e8b9f35e util/nvmutil: show the correct hexdump order
* 76d87782a8 lib.sh mktarball: cleaner if statement
* 3d1fea0977 fix lbmk shellcheck errors
* 4862f6a348 lib.sh and rom.sh: update my header
* 8bdfd31498 rom.sh: handle tarballs in mkcoreboottar
* 13194ec94a util/nvmutil: Obey the 79-character per line limit
* ce0fdf183d util/nvmutil: Tidy up copyright header
* f3feac0728 util/nvmutil: Fix another straggler
* 145ff612c1 util/nvmutil: Tidy up pledge calls
* 4a83659885 compile rmodtool alongside cbfstool
* a22f272dfe fedora41/dependencies: add libuuid-devel
* de26e984df add uuid-devel to fedora41 dependencies
* 4ce13dab7a support ./mk dependencies fedora reinstall
* 9d60470a97 fix missing semicolon in grub nvme patch
* 2d860d6f66 bump seabios to rev 1602647f1 (7 November 2024)
* 5d82a911b9 Bump GRUB revision to 6811f6f09 (26 November 2024)
* b75d32be72 flashprog: Disable -Werror
* 22206cadeb bump flashprog to revision eb2c041 (14 Nov 2024)
* 1ebdb20d97 replace liblz4-tool with lz4 and liblz4-dev
* 012f530656 lib.sh dependencies: support --reinstall argument
* 33206cae60 move xbmkpath to XBMK_CACHE/
* 4a4f7abf0e Revert "Remove legacy update/vendor commands"
* 71bccad345 Fix U-Boot build issue with Swig 4.3.0
* 2608bea771 use command -v instead of which
* 3dc3a557db trees: remove unnecessary subshell
* dbf8bef5ff trees: only symlink host gcc/gnat to build xgcc
* cd93e1b615 trees: correction on check_gnu_path
* 57fafb0b73 trees: match gcc/gnat versions both ways
* f167d4aeb9 Merge path.sh into script/trees
* 444154c002 path.sh: Further cleanup
* c25ea91783 path.sh: More thorough gcc/gnat version check
* 12221b2828 path.sh: minor cleanup
* 02b1a45c6b path.sh: remove unnecessary shebang
* 5a5a7c37f5 Fix globbing issue in cbmk
* 69c5f8911d remove auto-confirm on distro dependencies
* 7ee6ec0ce9 Mitigate Debian Trixie/Sid GCC/GNAT version mismatch
* f1d9ecc468 rom.sh: Name pico directory serprog_pico
* bb6c31aa16 add 2024 to Riku's copyright header on rom.sh
* 3d738af507 pico-sdk: update to 2.1.0
* fa6ed8816e pico-serprog: enable building for multiple pico chips
* 31a0ea3537 add spdx headers to various config files
* dd6f914186 git.sh: don't initialise livepull globally
* 417accd9e0 lib.sh: Support copying files locally
* 7b8bda9977 lib.sh: Safer exit from ./mk dependencies
* 63eb43ec39 dependencies/void: add missing escape character
* daefe4f895 rom.sh: support grub-first setups
* 73920cb0a1 rom.sh: insert grub background in cbfs not memdisk
* 5ebeb65cbf add tarballs and signatures to gitignore
* 5053354644 fix another very stupid mistake
* df509aac63 fix the stupidest bug ever
```
This is about 500 changes.
Revision releases
-----------------
When certain bugs are found, releases may be re-built and re-uploaded. When
this happens, the original release is replaced with a *revision release*.
Revisions are numbered; for example, the first post-release revision
is *rev1*.
### 25.06 (30 June 2025)
No revisions, thus far. The original 25.06 release is the current revision, so
it could be considered *rev0* (revision zero).
Build testing
-------------
This release was built on the latest Debian 12.10 Bookworm release, as of
this day. It was also build-tested successfully on the latest Arch Linux updates
as of 26 June 2025.
Reference in a new issue View git blame Copy permalink