In D17078#363886, @apol wrote:

In D17078#363772, @anthonyfieroni wrote:

You can't change parameters in methods or constructors, it's a BIC.

https://community.kde.org/Policies/Binary_Compatibility_Issues_With_C%2B%2B

OK, I've already committed (commit 86989e34ccc81c9695c8e638ea8fee1b6343d267) but if our git servers don't close this review request it should be OK for you to close this.

Not asking about source-dir/build-dir (but mentioning them in the resulting file) was deliberate, as a way of reducing the number of options that must be completed to go from nothing to a working configuration.

Thanks for the Windows build improvement. This is good to commit to Juk.

In R365:cabaa3435d5a627d658ad05dd96503a002d39f7a#3708827, @romangg wrote:

The problem seems to only occur if one tries to run the script from the source directory. After make install running from /usr/bin/ works. Not sure if this is intended, normally one would expect a script to run from the source directory. But if it is intended https://community.kde.org/Guidelines_and_HOWTOs/Build_from_source#Install_kdesrc-build must be changed.

Sorry about that! Should be fixed in 7295eaca3093c127ddafe832a17f6dc6b5eedc2e

I've added shell support for /etc/os-release at commit f3f100de6410d5ad9b84bef2d237ee2540e0f043

Anyone have a chance to look at this?

Still in action. Latest updates (in the make_it_mojo branch) significantly simplify the event-driven logic by moving the event handling in a big huge chain of promise->thens.

I agree as maintainer that this would be useful.

It occurred to me while I was at work today that an attacker in position to MITM the search result we get back would also be able to MITM the lyrics page directly. Given that I'm less worried about whitelisting as that is barely even a speedbump. Encoding is technically still a good idea but I think the default mode should be enough for most normal pages.

Wikia doesn't support HTTPS so I'm at least a little leery of just dumping potentially-malicious output into a clickable link. A simple whitelist might be sufficient to at least make an attack along this vector more annoying than it would be worth.

I vaguely remember this being required, it probably got dropped in the port to KF5 by accident. I concur with your diagnosis and suggested fix. Please commit!

Sorry, if I'd been able to check this earlier I'd have warned against pushing, this was the kind of concern I was addressing with my earlier comment about FreeBSD. I had run into a lot of those issues when trying to get KF5 to build on Alpine.

The ECM documentation points to a specific change that may be related: https://api.kde.org/ecm/kde-module/KDECMakeSettings.html#build-settings

I don't know the cause myself but the ECM version works up until 5.38.0 in my own testing. So presumably the change in behavior is something introduced in that release of ECM?

I'd say to leave the code alone if this the change isn't needed to fix a bug.

LGTM and there's been plenty of time for a NAK. I say let's commit.

As long as older versions of LLVM result in the Python binding generation step being skipped completely (we already check for libclang in the find-package for this, right?), I don't think the dependency increase is a problem.