libgnome-bluetooth will start to offer a 2.0 library version
depending on GTK4. Given that GNOME Shell already depends on
GTK3, it cannot use this next version of gnome-bluetooth. And
since GJS will automatically try and use the latest version
available of any library, Shell must specify it wants 1.0
explicitly.
Add a required GnomeBluetooth version number when importing it
for the status indicator.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2015>
Like the old Tweener API, ease() allows to transition multiple
properties at once. If autoReverse or repeatCount are specified,
they should apply to all transitions, but right now we only set
them for the first one.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2007>
Now that we allow extensions at the lock screens, extensions
are allowed for every session mode gnome-shell would typically
change to at runtime.
This means there's little advantage to having an allowExtensions
property in the session mode definition.
This commit simplifies the code a bit by dropping the property.
Third party session modes can still lock down extensions through
gsettings if they need to.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1967>
Now extensions can specify which session modes they work in,
but specifying the login screen or unlock screen session modes in
an extensions metadata still won't work, because those session
modes disallow extensions.
This commit fixes that.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1967>
At the moment it's not realy possible to extend the login screen to do
things it doesn't have built-in support for. This means in order
to support niche use cases, those cases have to change the main
code base. For instance, oVirt and Vmware deployments want to be able
to automaticaly log in guest VMs when a user pre-authenticates through a
console on a management host. To support those use cases, we added
code to the login screen directly, even though most machines will never
be associated with oVirt or Vmware management hosts.
We also get requests from e.g. government users that need certain features
at the login screen that wouldn't get used much outside of government
deployments. For instance, we've gotten requests that a machine contains
prominently displays that it has "Top Secret" information.
All of these use cases seem like they would better handled via
extensions that could be installed in the specific deployments. The
problem is extensions only run in the user session, and get
disabled at the login screen automatically.
This commit changes that. Now extensions can specify in their metadata
via a new sessionModes property, which modes that want to run in. For
backward compatibility, if an extension doesn't specify which session
modes it works in, its assumed the extension only works in the user
session.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1967>
At the moment a session mode either allows extensions or it doesn't.
If it allows extensions, then the entire available list of
configured extensions get enabled as soon as the session mode is
entered.
Since enabling or disabling extensions is an all or nothing situation,
the code tracks whether extensions are already enabled when entering
the session mode, and if so, avoids iterating through the extension list
needlessly. It does this using a boolean named _enabled.
In the future, the extensions themselves will be given some say on
whether or not they should be enabled in a given session mode. This
means, the configured extension list may contain extensions that
shouldn't be enabled for a given session mode, and the _enabled boolean
will no longer be appropriated.
This commit drops the _enabled boolean optimization.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1967>
If a user hits escape twice really fast when coming back to
their machine to unlock it, they made end up getting presented
with a non-functional unlock screen that doesn't show their
user icon and doesn't ask for a password.
This is because showPrompt assumes that if an auth prompt already
exists, it's ready to go. That may not be true, if it's in the
process of getting torn down at the time because it's in the middle
of a cancel animation.
This commit solves the problem by ensuring the auth prompt is always
in a fresh reset state before showing it.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1999>
If the the unlock dialog gets finished before an auth dialog is
created, the code currently creates one just to tell it to finish.
This commit changes the code to skip creating the auth dialog in
that case.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1999>
Commit dd2cd6286c restricted callers of the screenshot methods to
portal implementations, gnome-settings-daemon and gnome-screenshot.
That restriction does make sense for the actual screenshot methods,
but `PickColor` is actually used by GTK in its color picker (and
therefore may be called from arbitrary applications).
Fix this by unrestricting access to `PickColor` again. Considering that
the method is always interactive, it's not very privacy/security-sensitive
anyway.
https://gitlab.gnome.org/GNOME/gtk/-/issues/4283
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1990>
Previously we used `get_image()`, which returned `cairo_surface`,
in order to create a `ClutterContent` with a screenshot of the
`MetaWindowActor`. This added a roundtrip from GPU to CPU memory.
Instead, use the new `paint_to_content()` API which lets us use a
`CoglTexture` directly as source of our `ClutterContent`.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1879>
The Eval() method is unarguably the most sensitive D-Bus method
we expose, since it allows running arbitrary code in the compositor.
It is currently tied to the `development-tools` settings that is
enabled by default. As users have become accustomed to the built-in
commands that are enabled by the same setting (restart, lg, ...),
that default cannot easily be changed.
In order to restrict the method without affecting the rather harmless
commands, guard it by the new MetaContext:unsafe-mode property instead
of the setting.
https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/3943
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1970>
Since touchpad smooth scroll events with source finger are handled by
the swipeTracker, the workspace scroll handler can focus on discrete
events.
Thanks to Mutter emulating discrete scroll events, see
meta_seat_impl_notify_scroll_continuous_in_impl in meta-seat-impl.c,
it is safe to ignore smooth scroll in the workspace scroll handler
and handle exclusively discrete events.
In addition, once high-resolution scroll events land in Mutter [1], a
mouse will be able generate non emulated smooth scroll events that
should be ignored in favour of the discrete scroll events.
Otherwise, a single mouse wheel click will scroll through multiple
workspaces at once.
[1] https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1962
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1959>
The keyboard is placed outside of the screen when shown and then slides
in via a transition that changes the translate-y property. This
translation does not affect the allocation of the Keyboard actor and as
such does not trigger any of the signals LayoutManager is connected to
to update the input region. This means the input region remains at the
original position of the actor outside of the screen and as a result on
X11 clicks will go through to the underlying window.
There was a workaround for this by queuing a relayout at the end of the
transition, but this stopped working due to optimizations avoiding
unnecessary allocation changes.
This updates that workaround to toggle the visibility of the actor
instead, which is the other signal that LayoutManager reacts to. Once
ClutterActor provides better ways to react to transforms this can
hopefully be removed entirely.
Fixes: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/4556
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1955>
Sometimes when an icon is dragged and dropped in Dash, one Favourite app icon
can appear to the right of Dash separator. This can happen when available system
resources are low and the PlaceHolder destroy animation is delayed and the
corresponding container child is still present. With this commit the separator
position is calculated correctly, even when the animation is pending.
Fixes#3966, #3799
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1804>
eee2ccac fixed window opacity being changed outside of transitions but
resulted in the final step of the transition, that would set the window
to fully opaque, being missed.
This change now moves the opacity change entirely out of allocation and
instead follows the adjustment changes directly, which still fixes the
original bug and ensures the opacity is also applied for the last step
in the transition.
Fixes: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/4561
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1957>
GJS added a console module that extensions may start using. To ensure that
extensions using console.log() and similar functions don't show up as
'Gjs-Console' in users' system logs, we should call setConsoleLogdomain()
with 'GNOME Shell'.
This GJS API addition is only accessible using ECMAScript Modules (ESM),
this commit moves shell startup to a small init.js module and adapts
CI jobs to either handle or ignore it.
We can drop the .jscheckignore file when future versions of SpiderMonkey
allow for compile checks without validating module specifiers.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1958>
!1940 added support for soup 3, including a fallback to soup 2.4
where the newer version isn't available.
Unfortunately it missed that libgweather has a hidden soup dependency,
and now gnome-shell fails to start if a weather location has been set
up and soup 3 is available.
We don't have a good way to detect that case, so hide the soup 3 support
behind a build option. Distributors are expected to switch it at the
same time as libgweather.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1966>
Unlike for the old Soup.SessionSync/SessionAsync classes,
Soup.Session:ssl-use-system-ca-file already defaults to true.
In Soup3, the behavior was made unconditional and the property
removed.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1940>
Quoting the documentation:
In libsoup 2.44 and later, you can set the session's “proxy-resolver”
property to the resolver returned by g_proxy_resolver_get_default() to
get the same effect. Note that for "plain" SoupSessions (ie, not
SoupSessionAsync or SoupSessionSync), this is done for you automatically.
libsoup 2.44 was released in 2013, so we can safely assume that Soup is
new enough to handle this for us.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1940>
The code that handles extracting extension archives currently uses
an awkward double-callback system. We can do significantly better
by using an async function and exceptions.
Partially based on code from Marco Trevisan.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1940>
Move all remaining bits to the new coding style before making
further changes.
The let → const changes are selectively done to the bits that'll
still be around at the end of the patch series.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1940>
Which better communicates what we are checking for, and is a little more
elegant than repeatedly writing:
```
Main.overview.animationInProgress && Main.overview.visibleTarget == false
```
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1440>
We hide our own "New Window" item if the app itself includes a
"new-window" action. That means that the separator between the
built-in item and desktop actions introduces a small inconsistency
depending on whether a "New Window" item is provided by the desktop
action or ourselves. There's no good reason for that from a user's
perspective, so remove the separator.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
The context menu in the overview includes actions for managing
favorites. Add those to the AppMenu class, but make it another
option as the actions would be slightly weird in the top bar menu.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
The top bar menu always corresponds to a running app, so it made
sense to include the 'Quit' item unconditionally. That won't be
the case for the overview context menus, so handle app state changes
and show/hide the item as necessary.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
Since commit fd0da9606f, we only show the "Open Windows" section
if there are at least two windows. That's another subtle difference
with the overview context menus, but while limiting the section to
a minimum of two windows makes sense where the menu always represents
a running app, it is useful to show the section even for single windows
in the dash/app grid.
Account for both uses cases by adding a corresponding option to the
constructor.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
There's a subtle difference between the top bar menu and the app
icon context menus in the overview regarding the "Open Window"
section.
The former includes skip-taskbar windows, the latter doesn't. It
clearly doesn't make sense for the context menu to include windows
that aren't shown in the overview, but skip-taskbar windows are
likely also less useful in the top bar menu.
Just settle on the behavior of the context menus and move on.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
This is the expected behavior when activating a window or app. Until
now we could rely on the menu being hidden in the overview, but as
that is about to change, make sure the menu behaves as expected.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
App windows are ordered by recency, so a focus change (correctly)
triggers the ::window-changed signal. If we rebuild the section
immediately in response, the activating item will be destroyed
before the menu's ::activate handler, with the result that the
menu remains open.
Defer the section update in that case to allow the menu to process
the ::activate signal first.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
For now the menu is only used in the top bar, where we can assume
that it exists "forever". This won't be the case when we start
reusing it elsewhere, so make sure we clean up after ourselves.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
There is a big overlap between the app menu in the top bar and the
context menu of app icons. It makes sense to unify the two both
from a design- and from a code perspective, so split out the more
modern one into a separate module as basis for a shared class.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1948>
There was a potential issue when suspend was inhibited and immediately
uninhibited again before the creation of the inhibitor has finished.
Then the new inhibitor would be kept active.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1927>
ScreenShield::_syncInhibitor() was closing (and recreating) the
inhibitor everytime it was called, even if no change was needed.
This gets called in various places, including on property changes in
the login1 dbus object. These happen by the time logind already started
suspending at which point new inhibitors can no longer be created. It is
only waiting for existing inhibitors to be closed, so closing the
inhibitor without a new inhibitor will cause the suspending to proceed
immediately if no other inhibitors are present. This can also happen
before the lock screen is shown, which will then complete after resume.
Fix this by keeping track of the expected inhibition state and only
create or close inhibitors if there was a change to that.
Fixes https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/3736
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1927>
The value can not actually be null at that point, but it's too
hard to spot for tools like coverity:
- before setting view, we chain up to the parent's acceptDrop()
- that calls _canAccept(), which we override and check for the view
Still, and extra ? doesn't hurt, and hopefully will make the tooling
happy.
CID 351269
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1950>
There is now a location portal that provides a similar role
as our agent. Settings supports that portal in its application
panel, which allows users to revisit their choice later.
Unfortunately it uses a different permission store table, so
any permissions granted (or denied) through our agent won't
show up there.
To change that, switch to the same table as the portal/Settings.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1945>
On startup desktop-icons-ng Wayland windows have skip-taskbar==FALSE so
initially pass `_isOverviewWindow` and they get added to the overview,
which is confusing to users. However almost immediately after that they
get `meta_wayland_client_hide_from_window_list` and are removed from
future overviews. So now we respond to `notify::skip-taskbar` immediately
and prevent desktop-icons-ng appearing in the startup overview too.
This is messy and ideally we'd like to know the window type immediately
on creation, but that option only exists in X11 and not Wayland.
https://gitlab.com/rastersoft/desktop-icons-ng/-/issues/137https://bugs.launchpad.net/bugs/1936643
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1925>
At least the last stable release of gjs has an issue with async
handlers for custom (i.e. defined in JS) GObject signals.
The handler still works, but evoking it prints the following warning:
JS ERROR: Error: Could not guess unspecified GValue type
We can avoid the warning by using the addAction() convenience
method, which makes for a small nice cleanup anyway.
https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/4531
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1938>
The PointerWatcher passes the current pointer position to every watch,
so we don't have to query the pointer again scrollToMousePos() is used
as watch callback.
While that should be the only use, be conservative and still query the
pointer when called without arguments.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1932>
Right now the Show Password menu is shown unconditionally for password
entries, ignoring the org.gnome.desktop.lockdown disable-show-password
key.
StShellEntry now honors that key for its peek icon, and there's little
reason for the peek icon and the menu to ever be out of sync.
This commit forces the menu and the icon to always be in sync, and
so makes the menu lock down work automatically, too.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/687>
The behavior when switching workspaces now with the touchpad gesture is
very very weird, it almost always swipes to the last workspace instead
of the next one.
So revert this change again and only swipe a single page per gesture. We
can enable long swipes again when we've figured out a proper way to
detect what the user wants (which is going to be quite challenging), see
https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/4355.
This reverts commit dfae3281b9.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1933>
ClutterVirtualInputDevice::notify_keyval() expects time to be in
microseconds but Clutter::get_current_event_time() returns the time in
milliseconds. On Wayland the generated event triggers all the warnings
in MetaDisplay::sanity_check_timestamps() due to the event time
seemingly being in the past.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1926>
Dragging a window preview in the overview is supposed to change the
opacity of the dragged actor. This however fails for minimized windows,
because Workspace::allocate() also changes the opacity of those. The
allocation gets triggered by removing the window actor from the
workspace when starting the drag. Avoid this by only changing the
opacity during the overview transitions.
Fixes https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/4292
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1847>
At the moment user switching functionality is controlled by two
settings:
org.gnome.desktop.lockdown disable-user-switching
for the panel when the session is unlocked, and
org.gnome.desktop.screensaver user-switch-enabled
for the unlock dialog when the session is locked.
Having the lockdown setting not apply when the screen is
locked is counterintuitive.
This commit makes the unlock dialog honor both settings.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1833>
Since this is a bin and not a button, and it doesn't have any click/keyboard
handling on its own (as in that case it needs a parent button wired like in
the messages list controls), it is confusing that it has can_focus set to
True. To avoid any confusion, this commit removes it without breaking anything
since it had no real use.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1920>
This one was moved to Meta.Context as well.
I don't know why the `debugexit` command quit with an error code
(it dates back all the way to commit 98bd590a5d). Terminating on
request by the user doesn't sound like an error, so don't replicate
that particular behavior.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1917>
Before this, creating a separate instance of `Location.Indicator` failed
because it tries to create export the same DBus path.
This is useful for extensions adding panels on multiple monitors. But
it also seems like a cleaner design to separate the indicator widget
from the logically separate role as a Geoclue agent.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1919>
We build controls layout using the whole monitor vertical space as
available, however extensions or external apps in X11 may reduce the
workarea size horizontally and the shell should always take care of it.
Given that we're already assuming that the allocation is monitor-based
and that we're adjusting it to the workarea, we can just make it more
explicit by using a workarea box that is used as the allocation area.
As per this, we also apply the same logic of applied to the vertical
dimension to the horizontal one.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1892>
To compute the available height for the layout we're currently using the
panel position, while this works for the current and default setup, the
shell may be configured to use a different workarea, so we should rely on
it to compute the available space, instead of a specific widget.
So get the current monitor index for the current view and use its coordinates
instead.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1892>
The background group is currently allocated taking care of the workarea
x, y offset but not of its width/height and this may lead to building a
wrongly sized workspace view when the workarea size is not matching the
monitor size (like when there are struts set).
So, take care of the difference between the workarea and monitor
absolute end coordinates to allocate the background scaled content box.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1892>
We currently disable all network items on both the lock- and login
screen. While it makes sense to be very restrictive on the lock screen,
there are some (fringe) use cases for being more permissive on the
login screen (like remote home directories only accessible via VPN).
There's precedence with the power-off/restart actions to be less
restrictive on the login screen, and since we started respecting
the `network-control` polkit action, it's possible to restore the
old behavior if desired.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1874>
NetworkManager installs a `network-control` polkit action that can
be used to disallow network configuration, except that we happily
ignore it. Add it to the conditions that turn a network section
insensitive.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1874>
Setting up a connection for an Enterprise WPA(2) encrypted wireless
network requires Settings. That's not available when windows are
disabled via the session mode, so filter out affected entries.
Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1874>