From b03714a242dfcfdcf58fc3bd896f881572e09922 Mon Sep 17 00:00:00 2001
From: Erwan Guyader <erwan.guyader@cozycloud.cc>
Date: Fri, 9 Dec 2022 18:44:54 +0100
Subject: [PATCH] build/linux: Don't use --no-sandbox by default

  This runtime option disables the chromium sandbox. It was added as a
  default option in `electron-builder` v22.10.3 (see
  https://github.com/electron-userland/electron-builder/pull/4496)
  because the required kernel privileges might not be available on the
  user's computer (e.g. in Debian).

  However, these privileges might be available on some computers and the
  sandbox should be used in this case.
  Thankfully, `electron-builder` v22.14.8 makes this optional when using
  the build option `executableArgs` (see
  https://github.com/electron-userland/electron-builder/pull/6429).

  Since we don't have any arguments to pass to Cozy Desktop, we'll just
  add an empty argument to the list to prevent the use of `--no-sandbox`
  in the Desktop entry.
  We'll still add the option ourselves when necesary (see
  ./build/launcher-script.sh`).
---
 electron-builder.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/electron-builder.yml b/electron-builder.yml
index 0d50a878c..ad34a87ff 100644
--- a/electron-builder.yml
+++ b/electron-builder.yml
@@ -82,6 +82,7 @@ linux:
     services. Your freedom to chose is why you can trust us.
 appImage:
   artifactName: 'Cozy-Drive-${version}-${arch}.${ext}'
+  executableArgs: [" "] # do not use --no-sandbox by default (see build/launcher-script.sh for details on when it should be used)
 
 extraResources:
   - from: 'build/launcher-script.sh'