Request for classic confinement: cpeditor

coder3101 · May 1, 2021, 5:59pm

cpeditor is cross-platform Qt based IDE specially designed for competitive programmers. It helps automating steps like compiling, running, submitting and debugging (in future) code written in C++, Python and Java. It executes a compiler process to compile the user code, upon successful compilation it runs the produced binary by providing input to stdin (called testcases) and monitor for output (on stdout), which it compares against expected output and then gives verdict whether code is logically correct or not. It repeats this process for number of testcases provided.

There are other stuff like code formatting, language server etc.

In order to function properly, it needs classic confinement. Here are some of the reasons for which it should not be sandboxed.

Application needs to execute binaries inside /usr/bin, which isnt possible in sanboxed apps.
If we only used few binaries, I could have packaged them all in the snap but we use too many of binaries to function. Here is a list of them c++ (gcc/clang), python2/3, openjdk/jre(other variants that user can use), clang-format/clangd yapf/autopep and the list goes on and things will be added as development proceeds.
Uses /tmp directory to create intermediate binaries and unsaved sources, which can be examined by user in a debugger (since we dont support debugger in IDE as of now).

Here is the snapcraft.yaml

name: cpeditor
base: core20
grade: stable
confinement: classic
adopt-info: cpeditor

package-repositories:
        - type: apt
          formats: [deb, deb-src]
          components: [main]
          suites: [focal]
          key-id: C65D51784EDC19A871DBDBB710C56D0DE9977759
          url: http://ppa.launchpad.net/beineri/opt-qt-5.15.2-focal/ubuntu

apps:
        cpeditor:
                common-id: cpeditor.desktop
                command: usr/bin/cpeditor
                plugs:
                        - home
                        - opengl
                        - network
                        - network-bind
                        - pulseaudio

parts:
        cpeditor:
                parse-info:
                        - usr/share/metainfo/cpeditor.appdata.xml
                plugin: cmake
                build-packages:
                        - build-essential
                        - qt515base
                        - qt515tools
                        - libgl1-mesa-dev
                stage-packages:
                        - qt515base
                source: https://github.com/cpeditor/cpeditor/releases/download/6.7.2/cpeditor.tar.xz
                cmake-parameters:
                        - -DCMAKE_INSTALL_PREFIX=/usr
                        - -DCMAKE_BUILD_TYPE=Release
                override-prime: |
                        snapcraftctl prime
                        sed -i 's|Icon=.*|Icon=${SNAP}/usr/share/icons/hicolor/512x512/apps/cpeditor.png|g' $SNAPCRAFT_PRIME/usr/share/applications/cpeditor.desktop

We use latest Qt version 5.15.2 with plan to move to Qt 6.0 once a ppa is available. I could not find any other way to get latest Qt, but hope someone can help improve it further.

Application: https://github.com/cpeditor/cpeditor

emitorino · May 7, 2021, 6:12pm

This request follows under the supported IDE category to request classic confinement so requirements are understood.

@Igor could you please perform publisher vetting?

Igor · May 10, 2021, 11:18am

@coder3101 Hey there, what is the official email/support for cpeditor please?

coder3101 · May 10, 2021, 4:11pm

officialcpeditor@gmail.com : Official email address
ashar786khan@gmail.com : My email address with registered snap name (cpeditor)

emitorino · May 13, 2021, 6:14pm

Hey @coder3101,

Are you willing to update the installations instructions on https://cpeditor.org/docs/installation/ once the snap is published? This helps on the vetting process.

coder3101 · May 13, 2021, 6:28pm

Yes, we will update the docs and also add GitHub Actions pipeline so different branches (alpha, beta, stable) are automatically build and published to snap store.

coder3101 · May 22, 2021, 9:19am

Any update on this, I have opened the Pull request for updating Installation instruction and for creating new edge release on push to master.

Doc update PR: https://github.com/cpeditor/cpeditor.github.io/pull/166
Pipeline for publishing snap on push: https://github.com/cpeditor/cpeditor/pull/835

When pushing the snap, it fails saying “REVIEW Required” for classic snap. How long until its approved?

alexmurray · May 27, 2021, 3:47am

@igor may be able to update on the progress of vetting. Once that is done then I can proceed with granting the override for classic confinement and the snap will pass automated review and can be published.

Igor · May 27, 2021, 11:47am

Unfortunately, based on the information provided and the criteria the security team have defined in place, I am unable to vet the publisher.

@coder3101 a generic gmail address is not sufficient to match the ownership to product/domain. If you can rectify that, I’ll be happy to +1 on this, but at the moment, I cannot.

coder3101 · May 27, 2021, 2:01pm

cpeditor.org belong to us, If you want me to put some DNS TXT for the domain please let me know.

By the way, GitHub has already verified our domain, doesn’t it help?

coder3101 · June 8, 2021, 2:47pm

@Igor Github has already verified our domain cpeditor.org and I am the owner of that organization.

Any other way you want me to verify?

Igor · June 9, 2021, 2:13pm

The simplest would be a cpeditor email associated with the domain, I think.

coder3101 · June 12, 2021, 8:34am

@Igor this is our support email address associated with domain support@cpeditor.org

Igor · June 14, 2021, 11:03am

+1 from me, I verified the publisher.

coder3101 · June 14, 2021, 7:22pm

@alexmurray @Igor has verified it. Please proceed with granting the override for classic confinement.

alexmurray · June 15, 2021, 5:23am

Thanks @Igor, classic confinement override granted, this is now live.