Thanks Michael for the headsup. We will update to 43 for Kinetic now
that the LTS is out we plan to go with the current version of the GNOME
libraries but backports of the changes to older series would be welcome
as we will need to do SRUs.
I think it makes sense for you as an upstream to probably do 42 which is
the last GTK3 supported version and it's probably on us to backport to
older version as needed.
** Changed in: deja-dup (Ubuntu)
Importance: Undecided => High
** Changed in: deja-dup (Ubuntu)
Assignee: (unassigned) => Sebastien Bacher (seb128)
** Changed in: deja-dup (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to deja-dup in Ubuntu.
https://bugs.launchpad.net/bugs/1973816
Title:
Deja Dup's Google support will break in September 2022 for versions <
43.3
Status in deja-dup package in Ubuntu:
Triaged
Bug description:
Hello! I'm the maintainer of Deja Dup. I was recently made aware that
Google is removing an oauth workflow that Deja Dup uses, in September.
Here's their blog post about it:
https://developers.googleblog.com/2022/02/making-oauth-flows-
safer.html
Here's the upstream bug about switching to a new oauth flow:
https://gitlab.gnome.org/World/deja-dup/-/issues/222
I've released version 43.3 with a new oauth workflow. This basically
switches us from redirecting the oauth page to a local
http://localhost:xxxx/ page being served by deja-dup and instead has
the browser launch a custom URI like
'com.googlecontent.xxx:/oauth2redirect?code=yyy', which then launches
deja-dup and gives it the correct oauth token.
The key differences for packagers is just to note that now deja-dup
will register itself as a handler for those weird URI schemes (they
are specific to deja-dup, as they include its client ids for the
service).
I think this deserves a backport to all supported releases. I can whip
up a patch for you in a bit, just wanted to get this registered as an
issue.
To be a bit more specific about what will break:
- Existing users that have already granted deja-dup access to Google will
continue to work without any issue.
- In August, users will see a warning on the oauth screen.
- And then in September, any new attempt to connect deja-dup to Google will
not work.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/deja-dup/+bug/1973816/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
