Ian Eure <ian@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.Received: (at 71832) by debbugs.gnu.org; 21 Jul 2024 16:19:53 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 21 12:19:53 2024 Received: from localhost ([127.0.0.1]:55887 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1sVZHs-0001bs-PH for submit <at> debbugs.gnu.org; Sun, 21 Jul 2024 12:19:52 -0400 Received: from fhigh1-smtp.messagingengine.com ([103.168.172.152]:43687) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1sVZHq-0001bY-0s; Sun, 21 Jul 2024 12:19:50 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailfhigh.nyi.internal (Postfix) with ESMTP id E37451140111; Sun, 21 Jul 2024 12:19:42 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Sun, 21 Jul 2024 12:19:42 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm2; t=1721578782; x=1721665182; bh=ue /YEHpopjy7N9HpUGq7KkPRTpcGAPHYdTG7yXliI+8=; b=PiZpb0GjzTrk1TAKbj FnWMBDbpxDXX/UHN08Wb3bYLN+1a27oSnPuYROP7ukeusQTxNx8UzDHxg7k47qro RAeAPizhZcfx1F1eDzx8kEKVFkN0oHMoEaQTIE/6/mgfugPqAnVFzaL1u4mSyh4U f1W7mcJ2fmtF1mkLq4OM27vEo90xD54Q50Y1HFtdeEnOhcywfXgVr8xdDHfeoHEd kfltgT083eGHHgH9AWVTc6JWqNtFKRJ4tU4gFj4mqKkY4sCmpM5Nuc1T0A2mH2fd 5tZn6SeCMgWjk+oDBSwjvISTZjEpavN7EMKT38DwA86K1OWoev4enkKJKWzohzdk ZWyQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; t=1721578782; x=1721665182; bh=ue/YEHpopjy7N 9HpUGq7KkPRTpcGAPHYdTG7yXliI+8=; b=gh9CY0o2NXIjwj8GU49YRLlp3cp8L 3nWodB6Ba85z7ue4LpCwF57lV0MHUikLh7hoGLW6WNcl6jI6+KPt2UZam+ZVB35R mZWUUjeKdHhc3+4IQW3ejlPrxKAhvVYdGE12x+JLF7yDglo1BMKdktvtf7rg7B8e yUSPC56XvAtIimU7ZIMp0cZGxRyWgmWGSCupuWYlFeigjcuf4eGyism4H+ZVruxG JEjkeAuokTWgrDCIs5OTLuY2La7G+lJ40TQKpEwBbZB3XDnSPQxaBTVrZPW1XWW9 uvX4juScTzgXeplW9IC4Pq0fwHmJpvFsBIJBupFKtd8jvUUw6Lhuh+2cQ== X-ME-Sender: <xms:HjWdZmqySmI9kwAS9DVm3x3ZuyrgYtq3EcxFCjAVQiVATdtwq5TpAA> <xme:HjWdZkpPx6M-CFKUtxtRPdnGLlgf127ePZNjWEaVaFu691GQ9-LeemaFIoAEF2p_b -b3sMzotLNF8gs8RA> X-ME-Received: <xmr:HjWdZrOWsQjf6MZFKHuyRMfnrZv7D-bcl3gqi9EBG7t9kt_pH4EFnqx0IY6xIzlpGXpvGKiS_sHmMNbvERG2C_m3YhFchEh0Cn8> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrheehgddutdduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpegfhffvvefufffkgggtgfesthhqre dttderjeenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgvtgdr thhvqeenucggtffrrghtthgvrhhnpeeiveevledvveevteekfeekgefgfedttddvveeugf eufedtfeeghfeiudehueevieenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhep mhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvh X-ME-Proxy: <xmx:HjWdZl5o6axhXhwx1NhNn9jww0TA489SX5dC3Erm-D9iCZfTVcBrbQ> <xmx:HjWdZl6oEUp-eMqqLY3X9L7vC5vGLz1aFlvf8UNITChNLp45sSb-RA> <xmx:HjWdZljAV6JiCX-p-IowJGGNxvXP3huFwjSvHizq6C-_qNBXHv__6w> <xmx:HjWdZv6G6Qnw9TTe_qKRznLkkKjFXIkZTrBHjuUllYLTeT_tEdmRtw> <xmx:HjWdZlEjOvin5MVSB0f9j30ZRHSkpC2M88yBsNrh91J1iYuWDxm08B6u> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 21 Jul 2024 12:19:42 -0400 (EDT) User-agent: mu4e 1.8.13; emacs 28.2 From: Ian Eure <ian@HIDDEN> To: control <at> debbugs.gnu.org Subject: Re: [PATCH 0/2] Add nss-latest; updte Librewolf to 127.0.2-2. Date: Sun, 21 Jul 2024 09:17:46 -0700 Message-ID: <87le1uu38i.fsf@meson> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71832 Cc: 71832 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) retitle 71832 [PATCH v4 0/3] Add nss-rapid; update Librewolf to=20 128.0-2 thanks > Hello, > > I have pushed the patch of #71882 to fix the build on non-x86=20 > architectures. > I could still build on x86_64, but could still not build on=20 > aarch64; but > the latter failure is probably due to a lack of memory (the=20 > configure phase > passes now, but the build fails later on with a SIGKILL). > > As this means that the librewolf update of #71832 needs to be=20 > rebased, > I am cc-ing this bug. > > Andreas Thank you, I=E2=80=99ve rebased and updated. Thanks, =E2=80=94 Ian
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 17 Jul 2024 03:06:55 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jul 16 23:06:54 2024
Received: from localhost ([127.0.0.1]:34785 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sTv0H-0007qB-06
for submit <at> debbugs.gnu.org; Tue, 16 Jul 2024 23:06:54 -0400
Received: from fout8-smtp.messagingengine.com ([103.168.172.151]:42601)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sTv09-0007pC-Ug
for 71832 <at> debbugs.gnu.org; Tue, 16 Jul 2024 23:06:49 -0400
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47])
by mailfout.nyi.internal (Postfix) with ESMTP id D98FC1388BE8;
Tue, 16 Jul 2024 23:06:37 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute6.internal (MEProxy); Tue, 16 Jul 2024 23:06:37 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:content-type:date
:date:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to; s=fm1; t=1721185597;
x=1721271997; bh=bDdTnFZzAmUfWuQ+SYr4i3NpVQwy16mP46UVccJ35BA=; b=
LpUJsA7dX6l4dGWLkWckchodFs1T0b6M+o0PevcapiMuLDdtzzCqw2e05kqkTHLr
WnvvHTGZITtv3w68FyfFJX7vIMqCnznlEqnz5hj+jj6VSMNFkYIGKo3H9mdieB0t
J0AQZC/nE+lqh97TQmjtQa6VTdW5OOVkbi6jB//9vrj1Vbd6krYhSrWdz1QzUakR
WdiugcEoyK6ia4gob3sBRykIuboiFmVHA5TUBdLewI3B6LJ8BAUf2iM61BTsBopT
VydVzTcyh4CnudVJlXVaBC4+RbwKHxjl9V2gaGwPzONto1Y+XEgqwJ8pP3Q48tEi
qNGTdZcRtyOe0jPBtEy4tA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:content-type:date:date:feedback-id:feedback-id
:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1721185597; x=
1721271997; bh=bDdTnFZzAmUfWuQ+SYr4i3NpVQwy16mP46UVccJ35BA=; b=L
BgtGQIorrntwoWb5kIc/Nb4DGUFuqCG5NytnIoCRMcRHaaQUN5DKv2dVaQ3Fhp8d
yCCGj+fJifzT3/MSk6vYahk1DQIB8zXm07NPI1k+fsDbdexe1c4pJ/BjoRWwrHZ6
IifUdAdLiGDKmT+RnFRcxFNAl0sdoZ4tih7ydxsKpmFaUmdkoRuWgpjMDwiTSfu1
ooz5dUluZ/e5tRMnTSUdZUaSBePEkv1EZm6hCGRQP59/JWlgMJ5ysoU/GLt21yl8
A5kxRzrKDn9T/TgMyPbtZhwuxpznCMpOtO1y76yds2V4Ep+vnVaErlED3sXQXEL7
/g1eGcDM6L1gRzXYRyR5A==
X-ME-Sender: <xms:PTWXZheeA8Kf7HQQCS3q1BL6tu8qfqDDrCQwtBFPUMUNIDCxG0x5hg>
<xme:PTWXZvMVvdJN4es0kwjHryGmy-heAMhS5DVovicKXLT4HP2UihtdpxHWff132ea0w
Pf9agYADeAFutOoLw>
X-ME-Received: <xmr:PTWXZqgCn4mFNCUIiMNDQiUlGV_eguSzA2lZ0PxgX8yLASel-eYIeyoyAdQ0I9gEjXLr6UT9yBcsS7Vc5DCk0GfEkb-KKfzMXK_YSb3il51jHUt010E0Mw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrgeehgdeilecutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhggtgfgsehtke
ertdertdejnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghnsehrvghtrhhoshhpvggt
rdhtvheqnecuggftrfgrthhtvghrnhepiefhvefggedtueekjefgieefgfduleeggeetff
dvveeuueffudevhfeivddukeeinecuffhomhgrihhnpehsvggrrhgthhhfohigrdhorhhg
pdhgnhhurdhorhhgpdgtohhnthgvnhhtrdhrvggrugdpmhhoiihilhhlrgdrohhrghdpgh
gvthgrugguohhnshdrshgvrghrtghhpdhgvghtrgguughonhhsrdhlihhnkhdpghhithhh
uhgsrdgtohhmpdhlihgsrhgvfiholhhfrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd
enucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhv
X-ME-Proxy: <xmx:PTWXZq992tx_4Z3fxQKFvfG5c1dbTYB9riwYP9Q40ITHl4sITN6P7w>
<xmx:PTWXZtuBijH360xqiW2Z4IPe6HTZ6SjSE2A6EQEw4m6SoAzmd2kTNg>
<xmx:PTWXZpGobqlBQ95RSZejjo5BeSyDdbP86RmLc-VZ7s4x_Aksy6lD6g>
<xmx:PTWXZkOd2SVAT5WIu_R09sZvFuQsadmy4SZ3H6HXf6Gha46IfZU_pw>
<xmx:PTWXZm7P8-_0INzcsPg3Fh3DGxA1qIVaYqWtsVULhSJUynZswDFjsTpE>
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue,
16 Jul 2024 23:06:36 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH v4 3/3] gnu: librewolf: Update to 128.0-2
Date: Tue, 16 Jul 2024 20:06:19 -0700
Message-ID: <20240717030619.26631-4-ian@HIDDEN>
X-Mailer: git-send-email 2.45.2
In-Reply-To: <20240717030619.26631-1-ian@HIDDEN>
References: <20240717030619.26631-1-ian@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* gnu/packages/librewolf.scm (librewolf): Update to 128.0-2. Reorganize
module to improve usability and reduce duplication. The Rust package and
build ID are now at the top of the file. The librewolf-source variable has
been replaced with the make-librewolf-source procedure, centralizing versions
& hashes in the librewolf package definition. Dedent some of the package’s
arguments to improve readability.
Change-Id: I15f8a2aa1fae07e0497ab5511d10af0c1f70cc2e
Change-Id: I6282c62937d7f59c0d0e5521c8d35f35df58982b
---
gnu/packages/librewolf.scm | 1049 ++++++++++++++++++------------------
1 file changed, 528 insertions(+), 521 deletions(-)
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index 3e46477724..5e5988860a 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -94,6 +94,18 @@ (define-module (gnu packages librewolf)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xorg))
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/kinds/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+;; 1.75 is the default in Guix, 1.77 is the minimum for Librewolf.
+(define rust-librewolf rust-1.77)
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+;; ex: date '+%Y%m%d%H%M%S'
+(define %librewolf-build-id "20240626133423")
+
(define (firefox-source-origin version hash)
(origin
(method url-fetch)
@@ -115,11 +127,14 @@ (define (librewolf-source-origin version hash)
(define computed-origin-method (@@ (guix packages) computed-origin-method))
-(define librewolf-source
- (let* ((ff-src (firefox-source-origin "126.0.1" "0fr679rcwshwpfxidc55b2xsn4pmrr7p9ix4rr2mv2k7kwsjcc7n"))
- (version "126.0.1-1")
- (lw-src (librewolf-source-origin version "0cac80073vkzd85ai9rbnwixs1h9bpy4dj2ri6jxdlqsy5d663km")))
-
+(define* (make-librewolf-source version #:key firefox-hash librewolf-hash)
+ (let* ((ff-src (firefox-source-origin
+ (car (string-split version #\-))
+ firefox-hash))
+ (version version)
+ (lw-src (librewolf-source-origin
+ version
+ librewolf-hash)))
(origin
(method computed-origin-method)
(file-name (string-append "librewolf-" version ".source.tar.gz"))
@@ -163,11 +178,6 @@ (define librewolf-source
(("^ff_source_tarball:=.*")
(string-append "ff_source_tarball:=" #+ff-src)))
- ;; Remove encoding_rs patch, it doesn't build with Rust 1.75.
- (substitute* '("assets/patches.txt")
- (("patches/encoding_rs.patch\\\n$")
- ""))
-
;; Stage locales.
(begin
(format #t "Staging locales...~%")
@@ -205,526 +215,523 @@ (define librewolf-source
".source.tar.gz")
#$output))))))))
-;; Define the versions of rust needed to build librewolf, trying to match
-;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
-;; https://searchfox.org under the particular firefox release, like
-;; mozilla-esr102.
-(define rust-librewolf rust) ; 1.75 is the default in Guix, 1.65 is the minimum.
-
-;; Update this id with every update to its release date.
-;; It's used for cache validation and therefore can lead to strange bugs.
-;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20240607212143")
-
(define-public librewolf
- (package
- (name "librewolf")
- (version "126.0.1-1")
- (source librewolf-source)
- (build-system gnu-build-system)
- (arguments
- (list
- #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
- `("--enable-application=browser"
-
- ;; Configuration
- "--without-wasm-sandboxed-libraries"
- "--with-system-jpeg"
- "--with-system-zlib"
- "--with-system-png"
- "--with-system-webp"
- "--with-system-icu"
- "--with-system-libvpx"
- "--with-system-libevent"
- "--with-system-ffi"
- "--enable-system-pixman"
- "--enable-jemalloc"
-
- ;; see https://bugs.gnu.org/32833
- "--with-system-nspr"
- "--with-system-nss"
-
- ,(string-append "--with-clang-path=" clang
- "/bin/clang")
- ,(string-append "--with-libclang-path=" clang
- "/lib")
-
- ;; Distribution
- "--with-distribution-id=org.guix"
- "--with-app-name=librewolf"
- "--with-app-basename=LibreWolf"
- "--with-branding=browser/branding/librewolf"
-
- ;; Features
- "--disable-tests"
- "--disable-updater"
- "--enable-pulseaudio"
- "--disable-crashreporter"
- "--allow-addon-sideload"
- "--with-unsigned-addon-scopes=app,system"
-
- ;; switch only available on x86, whereas EME
- ;; is not supported on other targets
- ,@(if #$(target-x86?) '("--disable-eme") '())
-
- ;; Build details
- "--disable-debug"
- "--enable-rust-simd"
- "--enable-release"
- "--enable-optimize"
- "--enable-strip"
- "--enable-hardening"
- "--disable-elf-hack"))
- #:imported-modules %cargo-utils-modules
- #:modules `((ice-9 regex)
- (ice-9 string-fun)
- (ice-9 ftw)
- (srfi srfi-1)
- (srfi srfi-26)
- (rnrs bytevectors)
- (rnrs io ports)
- (guix elf)
- (guix build gremlin)
- ,@%gnu-build-system-modules)
- #:phases #~(modify-phases %standard-phases
- (add-after 'unpack 'fix-preferences
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((port (open-file "browser/app/profile/firefox.js"
- "a")))
- (define (write-setting key value)
- (format port "~%pref(\"~a\", ~a);~%" key value)
- (format #t
+ (let ((version "128.0-2"))
+ (package
+ (name "librewolf")
+ (version version)
+ (source (make-librewolf-source
+ version
+ #:firefox-hash
+ "0wjiz7pahsqj7ibkyq9gggigq1hg983z50d0cbhs2pi3zgz1y9v5"
+ #:librewolf-hash
+ "0239m5r5nfn291slpxh1qhj3g3q2pskyp967ahvn7nbsqlvjyhag"))
+
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags
+ #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ ;; switch only available on x86, whereas EME
+ ;; is not supported on other targets
+ ,@(if #$(target-x86?) '("--disable-eme") '())
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
"fix-preferences: setting value of ~a to ~a~%" key
value))
- ;; We should allow the sandbox to read the store directory,
- ;; because the sandbox has access to /usr on FHS distros.
- (write-setting
- "security.sandbox.content.read_path_whitelist"
- (string-append "\""
- (%store-directory) "/\""))
-
- ;; XDG settings should be managed by Guix.
- (write-setting "browser.shell.checkDefaultBrowser"
- "false")
- (close-port port))))
- (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
- (libavcodec (string-append ffmpeg
- "/lib/libavcodec.so")))
- ;; Arrange to load libavcodec.so by its absolute file name.
- (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
- (("libavcodec\\.so")
- libavcodec)))))
- (add-after 'patch-source-shebangs 'patch-cargo-checksums
- (lambda _
- (use-modules (guix build cargo-utils))
- (let ((null-hash
- ;; This is the SHA256 output of an empty string.
- (string-append
- "e3b0c44298fc1c149afbf4c8996fb924"
- "27ae41e4649b934ca495991b7852b855")))
- (for-each (lambda (file)
- (format #t
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
"patch-cargo-checksums: patching checksums in ~a~%"
file)
- (substitute* file
- (("(checksum = )\".*\"" all name)
- (string-append name "\"" null-hash
- "\""))))
- (find-files "." "Cargo\\.lock$"))
- (for-each generate-all-checksums
- '("build"
- "dom/media"
- "dom/webauthn"
- "gfx"
- "intl"
- "js"
- "media"
- "modules"
- "mozglue/static/rust"
- "netwerk"
- "remote"
- "security/manager/ssl"
- "servo"
- "storage"
- "third_party/rust"
- "toolkit"
- "xpcom/rust"
- "services")))))
- (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
- (lambda _
- ;; Remove --frozen flag from cargo invokation, otherwise it'll
- ;; complain that it's not able to change Cargo.lock.
- ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
- (substitute* "build/RunCbindgen.py"
- (("args.append\\(\"--frozen\"\\)") "pass"))))
- (delete 'bootstrap)
- (add-before 'configure 'patch-SpeechDispatcherService.cpp
- (lambda _
- (let* ((lib "libspeechd.so.2")
- (file (string-append
- "dom/media/webspeech/synth/"
- "speechd/SpeechDispatcherService.cpp"))
- (old-content (call-with-input-file file
- get-string-all)))
- (substitute
- file
- `((,(format #f "~s" lib) unquote
- (lambda (line _)
- (string-replace-substring
- line lib
- (string-append #$speech-dispatcher
- "/lib/" lib))))))
- (if (string=? old-content
- (call-with-input-file file
- get-string-all))
- (error
- "substitute did nothing, phase requires an update")))))
- (add-before 'configure 'set-build-id
- ;; Build will write the timestamp to output, which is harmful
- ;; for reproducibility, so change it to a fixed date. Use a
- ;; separate phase for easier modification with inherit.
- (lambda _
- (setenv "MOZ_BUILD_DATE"
- #$%librewolf-build-id)))
- (replace 'configure
- (lambda* (#:key inputs outputs configure-flags
- #:allow-other-keys)
- (setenv "AUTOCONF"
- (string-append (assoc-ref inputs "autoconf")
- "/bin/autoconf"))
- (setenv "SHELL"
- (which "bash"))
- (setenv "CONFIG_SHELL"
- (which "bash"))
- (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
- "system")
- ;; This should use the host info probably (does it
- ;; build on non-x86_64 though?)
- (setenv "GUIX_PYTHONPATH"
- (string-append (getcwd)
- "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
-
- ;; Use Clang, Clang is 2x faster than GCC
- (setenv "AR" "llvm-ar")
- (setenv "NM" "llvm-nm")
- (setenv "CC" "clang")
- (setenv "CXX" "clang++")
- (setenv "MOZ_NOSPAM" "1")
- (setenv "MOZ_APP_NAME" "librewolf")
-
- (setenv "MOZBUILD_STATE_PATH"
- (getcwd))
-
- (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
- (out (assoc-ref outputs "out"))
- (flags (cons (string-append "--prefix=" out)
- configure-flags)))
- (format #t "build directory: ~s~%"
- (getcwd))
- (format #t "configure flags: ~s~%" flags)
-
- (define write-flags
- (lambda flags
- (display (string-join (map (cut string-append
- "ac_add_options " <>)
- flags) "\n"))
- (display "\n")))
- (with-output-to-file mozconfig
- (lambda ()
- (apply write-flags flags)
- ;; The following option unsets Telemetry
- ;; Reporting. With the Addons Fiasco,
- ;; Mozilla was found to be collecting
- ;; user's data, including saved passwords
- ;; and web form data, without users
- ;; consent. Mozilla was also found
- ;; shipping updates to systems without
- ;; the user's knowledge or permission.
- ;; As a result of this, use the following
- ;; command to permanently disable
- ;; telemetry reporting.
- (display "unset MOZ_TELEMETRY_REPORTING\n")
- (display "mk_add_options MOZ_CRASHREPORTER=0\n")
- (display "mk_add_options MOZ_DATA_REPORTING=0\n")
- (display
- "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
- (display
- "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
- (setenv "MOZCONFIG" mozconfig))
- (invoke "./mach" "configure")))
- (add-before 'build 'fix-addons-placeholder
- (lambda _
- (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
- (("addons.mozilla.org")
- "gnuzilla.gnu.org"))))
- (replace 'build
- (lambda* (#:key (make-flags '())
- (parallel-build? #t) #:allow-other-keys)
- (apply invoke "./mach" "build"
- ;; mach will use parallel build if possible by default
- `(,@(if parallel-build?
- '()
- '("-j1")) ,@make-flags))))
- (add-after 'build 'neutralise-store-references
- (lambda _
- ;; Mangle the store references to compilers &
- ;; other build tools in about:buildconfig,
- ;; reducing the package's closure by 1 GiB on
- ;; x86-64.
- (let* ((build-dir (car (scandir "."
- (cut string-prefix?
- "obj-" <>))))
- (file (string-append build-dir
- "/dist/bin/chrome/toolkit/"
- "content/global/buildconfig.html")))
- (substitute* file
- (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
- (regexp-quote (%store-directory)))
- _ store hash)
- (string-append store
- (string-take hash 8)
- "<!-- Guix: not a runtime dependency -->"
- (string-drop hash 8)))))))
- (replace 'install
- (lambda _
- (invoke "./mach" "install")))
- (add-after 'install 'remove-duplicate-bin
- (lambda* (#:key outputs #:allow-other-keys)
- (delete-file (string-append #$output
- "/lib/librewolf/librewolf-bin"))))
- (add-after 'install 'wrap-glxtest
- ;; glxtest uses dlopen() to load mesa and pci
- ;; libs, wrap it to set LD_LIBRARY_PATH.
- (lambda* (#:key inputs outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (libs (map
- (lambda (lib-name)
- (string-append (assoc-ref inputs
- lib-name)
- "/lib"))
- '("mesa" "pciutils"))))
- (wrap-program (car (find-files lib "^glxtest$"))
- `("LD_LIBRARY_PATH" prefix ,libs)))))
- (add-after 'install 'patch-config
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((lib (string-append #$output "/lib/librewolf"))
- (config-file "librewolf.cfg"))
-
- ;; Required for Guix packaged extensions
- ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
- ;; Default is 5.
- (substitute* (in-vicinity lib config-file)
- (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
- "defaultPref(\"extensions.enabledScopes\", 13)"))
- ;; Use Mozzarella addons repo.
- (call-with-port
- (open-file
- (in-vicinity lib config-file)
- "a")
- (lambda (port)
- ;; Add-ons panel (see settings.js in Icecat source).
- (for-each
- (lambda (pref)
- (format port
- "defaultPref(~s, ~s);~%"
- (car pref)
- (cdr pref)))
- `(("extensions.getAddons.search.browseURL"
- ,(string-append
- "https://gnuzilla.gnu.org/mozzarella/"
- "search.php?q=%TERMS%"))
- ("extensions.getAddons.get.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.link.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.discovery.api_url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.langpacks.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("lightweightThemes.getMoreURL" .
- "https://gnuzilla.gnu.org/mozzarella"))))))))
- (add-after 'install 'wrap-program
- (lambda* (#:key inputs outputs #:allow-other-keys)
- ;; The following two functions are from Guix's icecat package in
- ;; (gnu packages gnuzilla). See commit
- ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
- (define (runpath-of lib)
- (call-with-input-file lib
- (compose elf-dynamic-info-runpath elf-dynamic-info
- parse-elf get-bytevector-all)))
- (define (runpaths-of-input label)
- (let* ((dir (string-append (assoc-ref inputs label)
- "/lib"))
- (libs (find-files dir "\\.so$")))
- (append-map runpath-of libs)))
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (libs (map
- (lambda (lib-name)
- (string-append (assoc-ref inputs
- lib-name)
- "/lib"))
- '("mesa" "libpng-apng" "libnotify" "libva"
- "pulseaudio" "gtk+" "pipewire"
- ;; For U2F and WebAuthn
- "eudev")))
-
- ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
- ;; and must be explicitly given access to files it needs.
- ;; Rather than adding the whole store (as Nix had
- ;; upstream do, see
- ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
- ;; linked upstream patches), we can just follow the
- ;; runpaths of the needed libraries to add everything to
- ;; LD_LIBRARY_PATH. These will then be accessible in the
- ;; RDD sandbox.
- (rdd-whitelist (map (cut string-append <> "/")
- (delete-duplicates (append-map
- runpaths-of-input
- '("mesa"
- "ffmpeg")))))
- (gtk-share (string-append (assoc-ref inputs
- "gtk+")
- "/share")))
- (wrap-program (car (find-files lib "^librewolf$"))
- `("LD_LIBRARY_PATH" prefix
- (,@libs ,@rdd-whitelist))
- `("XDG_DATA_DIRS" prefix
- (,gtk-share))
- `("MOZ_LEGACY_PROFILES" =
- ("1"))
- `("MOZ_ALLOW_DOWNGRADE" =
- ("1"))))))
- (add-after 'wrap-program 'install-desktop-entry
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((desktop-file
- "taskcluster/docker/firefox-snap/firefox.desktop")
- (applications (string-append #$output
- "/share/applications")))
- (substitute* desktop-file
- (("^Exec=firefox")
- (string-append "Exec="
- #$output "/bin/librewolf"))
- ;; "Firefox" -> "LibreWolf" everywhere
- (("Firefox")
- "LibreWolf")
- ;; Remove non-Latin translations.
- (("^Name\\[(ar|bn)\\].*$")
- "")
- (("^Icon=.*")
- (string-append "Icon="
- #$output
- "/share/icons/hicolor/128x128/apps/librewolf.png
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build"
+ "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("args.append\\(\"--frozen\"\\)") "pass"))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa and pci
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "pciutils"))))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix ,libs)))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ `(("extensions.getAddons.search.browseURL"
+ ,(string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%"))
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "libpng-apng" "libnotify" "libva"
+ "pulseaudio" "gtk+" "pipewire"
+ ;; For U2F and WebAuthn
+ "eudev")))
+
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,@libs ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
"))
- ;; These commands were changed.
- (("-NewWindow")
- "-new-window")
- (("-NewPrivateWindow")
- "-new-private-window")
- (("StartupNotify=true")
- "StartupNotify=true
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
StartupWMClass=Navigator"))
- (copy-file desktop-file "librewolf.desktop")
- (install-file "librewolf.desktop" applications))))
- (add-after 'install-desktop-entry 'install-icons
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((icon-source-dir (string-append #$output
- "/lib/librewolf/browser/"
- "chrome/icons/default")))
- (for-each (lambda (size)
- (let ((dest (string-append #$output
- "/share/icons/hicolor/"
- size
- "x"
- size
- "/apps")))
- (mkdir-p dest)
- (symlink (string-append icon-source-dir
- "/default" size ".png")
- (string-append dest
- "/librewolf.png"))))
- '("16" "32" "48" "64" "128"))))))
-
- ;; Test will significantly increase build time but with little rewards.
- #:tests? #f
-
- ;; WARNING: Parallel build will consume lots of memory!
- ;; If you have encountered OOM issue in build phase, try disable it.
- #:parallel-build? #t
-
- ;; Some dynamic lib was determined at runtime, so rpath check may fail.
- #:validate-runpath? #f))
- (inputs (list bash-minimal
- bzip2
- cairo
- cups
- dbus-glib
- freetype
- ffmpeg
- gdk-pixbuf
- glib
- gtk+
- gtk+-2
- hunspell
- icu4c-73
- jemalloc
- libcanberra
- libevent
- libffi
- libgnome
- libjpeg-turbo
- libnotify
- libpng-apng
- libva
- libvpx
- libwebp
- libxcomposite
- libxft
- libxinerama
- libxscrnsaver
- libxt
- mesa
- mit-krb5
- nspr
- nss/fixed
- pango
- pciutils
- pipewire
- pixman
- pulseaudio
- speech-dispatcher
- sqlite
- startup-notification
- eudev
- unzip
- zip
- zlib))
- (native-inputs (list alsa-lib
- autoconf-2.13
- `(,rust-librewolf "cargo")
- clang-18
- llvm-18
- m4
- nasm
- node-lts
- perl
- pkg-config
- python
- rust-librewolf
- rust-cbindgen-0.26
- which
- yasm))
- (home-page "https://librewolf.net/")
- (synopsis
- "Custom version of Firefox, focused on privacy, security and freedom")
- (description
- "LibreWolf is designed to increase protection against tracking and
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss-rapid
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang-18
+ llvm-18
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
fingerprinting techniques, while also including a few security improvements.
This is achieved through our privacy and security oriented settings and
patches. LibreWolf also aims to remove all the telemetry, data collection and
annoyances, as well as disabling anti-freedom features like DRM.")
- (license license:mpl2.0)))
+ (license license:mpl2.0))))
--
2.45.2
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 17 Jul 2024 03:06:50 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jul 16 23:06:49 2024
Received: from localhost ([127.0.0.1]:34783 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sTv0D-0007pw-D3
for submit <at> debbugs.gnu.org; Tue, 16 Jul 2024 23:06:49 -0400
Received: from fout8-smtp.messagingengine.com ([103.168.172.151]:33735)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sTv08-0007pA-Fz
for 71832 <at> debbugs.gnu.org; Tue, 16 Jul 2024 23:06:44 -0400
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
by mailfout.nyi.internal (Postfix) with ESMTP id 6AE2C1388BBF;
Tue, 16 Jul 2024 23:06:36 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute2.internal (MEProxy); Tue, 16 Jul 2024 23:06:36 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:date:date:from:from
:in-reply-to:in-reply-to:message-id:mime-version:references
:reply-to:subject:subject:to:to; s=fm1; t=1721185596; x=
1721271996; bh=3tkduaXMWRdzQeeeeXA7Wtyw1cnF40lifR2tCrRdizE=; b=N
chP0HVFa8KtUpn7FehygAYjIpLlVpoYjqsy0YY8qmdoCqK4RqtI4irhEFH58YkFr
vReCX8U7rtDXumQcqba2wyJQkspioqjDz6v+Mc/9wSnrHGbhlP8K2zIGbRJiFaaQ
w+N3TnSWAkG90HXcI2+qdIEGFuBVAge5Wms+6ACwyEx1sxft1hJhnMLbXP6mF5ss
BjZvmVt8wQeMODJYJK/iCbwXb4U9Blde/Lp3HryEKKh2f+4+v7gCQJ5f+U/W1GdV
8mcExAELAZg4Dtpa1NY7iaCzo3Zr11IyvbIYxg2ngLzd8m2F5AjtiMJXVaOkqDYY
IXZPIfsBgTQreY5RTwU7w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:date:date:feedback-id:feedback-id:from:from
:in-reply-to:in-reply-to:message-id:mime-version:references
:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1721185596; x=
1721271996; bh=3tkduaXMWRdzQeeeeXA7Wtyw1cnF40lifR2tCrRdizE=; b=t
J9c8tmTX38+6t1IqWZ5S4KDDtXPt3opD26hz1hsOMu1Nj1I8fc7h3cm1FB6NXeAM
iolOh+uKIwTejRpjl/PjEzDDjpXqp37OuIadG9FYV6NCFxThEh2rksBoZKWcE0jc
YvpcYxpIBKAFnjq5LKvm5jUM75GfF1g2nVfF9BWWUIi1JolHlSLg7Fx9Mkd3pQw7
KHecCR9UV3snaalAr9A8EoouDHSDx9vkbCXpiMcBsp/E1fijE8gjqc67UoFeL9ZB
0T7EqY/efv/AxS8D+L/j+WyDYtfjkchi016Fgn05wKI7jGjDXSCMllA+LAoKfidg
tRvzwmpLDXFUnDZdjy6xQ==
X-ME-Sender: <xms:OzWXZruSLD_C4nPRkEE8mgV-xPe4fph1ARbiACK_Zw2NqNaSUJtP0Q>
<xme:OzWXZseXKKgim15AKZIO4BONKF_uDxntn8GZYrnebkZBmcwJpECIqb6GIHs6ayytw
IssnC8QaL6ATyGa6Q>
X-ME-Received: <xmr:OzWXZuzBeYZSJEwg7WInbfzfAhcFcsywGUYCTg2C_Mprd6vHU2LG8o31FHbfIxNO5w66UT5x0HfFHFVuos0zUr6TYZjJ5wH9AHj-UZuILy3NnhqX4T9Hgg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrgeehgdeilecutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhgggfestdekre
dtredttdenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgvtgdr
thhvqeenucggtffrrghtthgvrhhnpeevveejffduvdetieeutefgueekvdefieeuvdevle
efgefhudelfeetvdfgfeegjeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhep
mhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvh
X-ME-Proxy: <xmx:OzWXZqMFhViw-amt3lBEesz6AgIb3q-rR0QGTVkW1G_9fRsxh_nheA>
<xmx:OzWXZr-cO_yO48VTto_KogiAWe3tPs0AKm0lghEpwkY_ufklEJHiUA>
<xmx:OzWXZqXzL5d1atJK6Hmh61a1rpH30uf-QZkWTHkEqKkjcC1WxaImQw>
<xmx:OzWXZseMCpkVjO0UjLwCe6aq0juto6va24h1iX1nWyKeid4TpG-NDg>
<xmx:PDWXZtLib4-zPAa_I7JbkEvGA1Nd7FERDl_GEb_A-P-npGKD5reSX_5E>
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue,
16 Jul 2024 23:06:34 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH v4 2/3] gnu: gnuzilla: Add skr to all-mozilla-locales.
Date: Tue, 16 Jul 2024 20:06:18 -0700
Message-ID: <20240717030619.26631-3-ian@HIDDEN>
X-Mailer: git-send-email 2.45.2
In-Reply-To: <20240717030619.26631-1-ian@HIDDEN>
References: <20240717030619.26631-1-ian@HIDDEN>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* (gnuzilla): Add skr to all-mozilla-locales.
Change-Id: If996048792a53dffb55b7e16e69370dd72fc78e3
---
gnu/packages/gnuzilla.scm | 1 +
1 file changed, 1 insertion(+)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 3e7818ba43..98dd67a5dd 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -508,6 +508,7 @@ (define-public all-mozilla-locales
("0xndsph4v725q3xcpmxxjb9vxv19sssqnng82m9215cdsv9klgpb" "bf5f6e362f6f" "sco")
("0l70n8817mbmbc09fsnn2aqjj9k9dhad2gmzgphmiilf9mqm2dpf" "1f705c926a99" "si")
("19bqjazazww08chd1qc08dsnr2521088jq5jd4j3185yb1ypm3nr" "c1bd10d70325" "sk")
+ ("12q1nv6z4bk8yaw3vhl9xs41i7kpx1415mwg635v76fx8h94ycl3" "00eaf8d9e83b" "skr")
("11nmjmy2j249588ahg4mh9lxdqr476jbh28a07qxxibfa76j9vk3" "44be3cbf69b6" "sl")
("1ww35141nixg2s03kfmmq9fk6m3qiz2vg7p5a85shjp7i89pyj1d" "800576ff8ef9" "son")
("1q7nfybwc8mxdwi9fpvfhayq18mykzygkpakr5ngfz2316k8lf5r" "4de8638ac27f" "sq")
--
2.45.2
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 17 Jul 2024 03:06:46 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jul 16 23:06:46 2024
Received: from localhost ([127.0.0.1]:34778 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sTv09-0007pc-GK
for submit <at> debbugs.gnu.org; Tue, 16 Jul 2024 23:06:46 -0400
Received: from fout8-smtp.messagingengine.com ([103.168.172.151]:49427)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sTv06-0007p8-Ou
for 71832 <at> debbugs.gnu.org; Tue, 16 Jul 2024 23:06:44 -0400
Received: from compute8.internal (compute8.nyi.internal [10.202.2.227])
by mailfout.nyi.internal (Postfix) with ESMTP id 9E7471388BF2;
Tue, 16 Jul 2024 23:06:34 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute8.internal (MEProxy); Tue, 16 Jul 2024 23:06:34 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:date:date:from:from
:in-reply-to:in-reply-to:message-id:mime-version:references
:reply-to:subject:subject:to:to; s=fm1; t=1721185594; x=
1721271994; bh=32gTw2qpZBuTpDtOIJBcpq9GV+yisc2O5jgrLr3Dqmk=; b=o
vdWwIdS4RKdxfxYTyzblxfpd+z73WJtUeRnPBwX9MeWFObhtq+li6a0wf3vsCl47
UH373sA9KlrdALJQb8E6XrLL1xzuO9xq/xTQMhCmfqzOWJQWBLcH7rh672ASXu+A
jEFCXk3yxPVTapIdNmG95MXhTrGoHowxAKljotwJR3yOfw3wwn0nl+6GdS1E0gqF
fHzYnnfWnvJDe2Yq6Ine8BJv2zWbzRpvPbRWWTL/kUKrGidhfiju9vBam+TbWK7x
vs6+yZ87yn7lpj6sz562xnEKbjELyJscymrBru2BrqDhG5IbTbwBjvQntTEA2WLS
RDQUjAAei+aewlGfUliyw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:date:date:feedback-id:feedback-id:from:from
:in-reply-to:in-reply-to:message-id:mime-version:references
:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1721185594; x=
1721271994; bh=32gTw2qpZBuTpDtOIJBcpq9GV+yisc2O5jgrLr3Dqmk=; b=K
BiYPNzWC6xdYNjknor+TTdMu2QpwqLsD9jtewzDqnAHv9X8MT4usl0i2TwjS2DjQ
cgnC6GwBQnB00yyFb5neYXaLHRGZvIiCHVIrXuGxSO/UhtkUOPdvOuAsu7ReV4b1
p8p95wSjKf0CSParaobHb9VUKS1EC4LaMIb4FaGk/Lg+8CvhfaODtHJ7sq7aWdP9
Dd+kwN5cZt+P/DxjwHkH7bev0HCjJYz8Fqmw0uZ/ByHg1Y+XKq/Tlww4/ex79Xi/
6vI5WnW17DJcG1KzElcu6br4HDBv09srMrdA23ksfYxwjsISjS3YLqsBBBY7SddA
JqpJ+RTc/gQYx27GwRUxw==
X-ME-Sender: <xms:OTWXZlMRH4zen4PQbEYOXJ0llDgmH_0q0xKRLjxvIT45IFRRfdh6Xg>
<xme:OTWXZn8ORc2sc7xq96EE5IL4TwaU9ng1DYwgjj2cQGhodLrKJEAdKd0Ht2FfpaKlY
4fw4hZTkXf3mcpdeQ>
X-ME-Received: <xmr:OTWXZkSe4ecwSQrp_s3OyVScFyUEwMSmQsDX26k6qwlXSFHT2u44LAc-aZ2VYYVE7ycPUmykEUd0vygfxMCWu8XaV5ptSiY4Lx4hgu-5meY48pjdDzjHIw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrgeehgdeikecutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhgggfestdekre
dtredttdenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgvtgdr
thhvqeenucggtffrrghtthgvrhhnpefgteeiffdvleejleeiieevgeegleegieevjeekfe
evledugfehteetgfeuffevhfenucffohhmrghinhepmhhoiihilhhlrgdrohhrghenucev
lhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvg
htrhhoshhpvggtrdhtvh
X-ME-Proxy: <xmx:OTWXZhvn1JIIynIe-fswGRhvNbJmdWWgQvnxR6O_6dbkV8O8drupCA>
<xmx:OTWXZtdscH_QrlzaVntSwRgMXUPGrSrK3R3T2HQhOE3lypdToo-qQQ>
<xmx:OTWXZt0dwo3OSo2K29kwL12QkNr1UTkK37GP2HJMmBHg2NhZ_1ZYEA>
<xmx:OTWXZp_W1GI4qyeppZthYlBTWtkhXdsOg56BAiSI4AtsvQfQAr_kYQ>
<xmx:OjWXZuqd9UHZgbvbFs6w19TkU8RFnL16mrao1hz_ZnwhwOxeJ98beTNr>
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue,
16 Jul 2024 23:06:32 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH v4 1/3] gnu: Add nss-rapid.
Date: Tue, 16 Jul 2024 20:06:17 -0700
Message-ID: <20240717030619.26631-2-ian@HIDDEN>
X-Mailer: git-send-email 2.45.2
In-Reply-To: <20240717030619.26631-1-ian@HIDDEN>
References: <20240717030619.26631-1-ian@HIDDEN>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* gnu/packages/nss.scm (nss-rapid): New variable.
Change-Id: I2bdd2119fb0c857feae9eb2e47a28909b8228cd7
---
gnu/packages/nss.scm | 80 ++++++++++++++++++++++++++++++++++++++++----
1 file changed, 74 insertions(+), 6 deletions(-)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index d558079f44..33ebabc829 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,6 +106,9 @@ (define-public nspr-4.32
(base32
"0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv"))))))
+;; nss should track ESRs, but currently doesn't. When the next ESR it out, it
+;; should get updated.
+
(define-public nss
(package
(name "nss")
@@ -153,13 +156,13 @@ (define-public nss
;; Ensure we are building for the (%current-target-system).
#$@(if (%current-target-system)
#~((string-append
- "OS_TEST="
- (string-take #$(%current-target-system)
- (string-index #$(%current-target-system) #\-)))
+ "OS_TEST="
+ (string-take #$(%current-target-system)
+ (string-index #$(%current-target-system) #\-)))
(string-append
- "KERNEL=" (cond (#$(target-hurd?) "gnu")
- (#$(target-linux?) "linux")
- (else ""))))
+ "KERNEL=" (cond (#$(target-hurd?) "gnu")
+ (#$(target-linux?) "linux")
+ (else ""))))
#~())
#$@(if (%current-target-system)
#~("CROSS_COMPILE=1")
@@ -303,6 +306,71 @@ (define-public nss/fixed
(invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))))))))))
+;; nss-rapid tracks the rapid release channel. Unless your package requires a
+;; newer version, you should prefer the `nss' package, which tracks the ESR
+;; channel.
+;;
+;; See https://wiki.mozilla.org/NSS:Release_Versions
+;; and https://wiki.mozilla.org/Rapid_Release_Model
+
+(define-public nss-rapid
+ (package
+ (inherit nss)
+ (name "nss-rapid")
+ (version "3.102")
+ (source (origin
+ (inherit (package-source nss))
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "0yrhrgk6050ilnmhpxpknlkpqh56rizp7pmw9yiiinsn93r076y2"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nss)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (if tests?
+ (begin
+ ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for
+ ;; testing. The latter requires a working DNS or /etc/hosts.
+ (setenv "DOMSUF" "localdomain")
+ (setenv "USE_IP" "TRUE")
+ (setenv "IP_ADDRESS" "127.0.0.1")
+
+ ;; This specific test is looking at performance "now
+ ;; verify that we can quickly dump a database", and
+ ;; we're not testing performance here (especially
+ ;; since we're using faketime), so raise the
+ ;; threshold
+ (substitute* "nss/tests/dbtests/dbtests.sh"
+ ((" -lt 5") " -lt 50"))
+
+ ;; Since the test suite is very lengthy, run the test
+ ;; suite once, not thrice as done by default, by
+ ;; selecting only the 'standard' cycle.
+ (setenv "NSS_CYCLES" "standard")
+
+ ;; The "PayPalEE.cert" certificate expires every six months,
+ ;; leading to test failures:
+ ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
+ ;; work around that, set the time to roughly the release date.
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
+ (format #t "test suite not run~%"))))))))
+ (synopsis "Network Security Services (Rapid Release)")
+ (description
+ "Network Security Services (@dfn{NSS}) is a set of libraries designed to
+support cross-platform development of security-enabled client and server
+applications. Applications built with NSS can support SSL v2 and v3, TLS,
+PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
+security standards.
+
+This package tracks the Rapid Release channel, which updates frequently.")))
(define-public nsncd
(package
(name "nsncd")
--
2.45.2
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.Received: (at 71832) by debbugs.gnu.org; 17 Jul 2024 03:06:45 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jul 16 23:06:45 2024 Received: from localhost ([127.0.0.1]:34776 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1sTv09-0007pZ-5r for submit <at> debbugs.gnu.org; Tue, 16 Jul 2024 23:06:45 -0400 Received: from fhigh5-smtp.messagingengine.com ([103.168.172.156]:60083) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1sTv05-0007p5-8B for 71832 <at> debbugs.gnu.org; Tue, 16 Jul 2024 23:06:43 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailfhigh.nyi.internal (Postfix) with ESMTP id AB7E81148082; Tue, 16 Jul 2024 23:06:32 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Tue, 16 Jul 2024 23:06:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm1; t=1721185592; x=1721271992; bh=NW FPVFUQECYBzkyyQdSl5goY+4mLE64LsrHx/7mzFHU=; b=xdnLzYMC8p1/K7BBT/ u21GUeLTYhBfc32AFAULUeKZUjLvpWNhdq97YIrALYOrVs50Xp0UyNc/H3K63WW4 0sJpLmh+skqNz3w+NyFu0+qqmqVtKS7+2SQ/z9lfGPE/p5+Dq0ug73VqtdX+5aHU elz2DCaFcGRUDiM4URB3q4/2YU8Xyk1PLZmC9C/QiInun3GQAWild2NSdvVHZlxU vee2ZhPWgvQuKPZ2CR7/tHDG7u2Sp4lgddlehZ1VglKsjT01Y+j5lapLT54htX5j 0y0VbANnD2iTL2YZcS7NdHGTP3QvbuKgt3UWdtohA6h9+J0m+tUgrOcUiJ8T4Pl1 t7Aw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1721185592; x=1721271992; bh=NWFPVFUQECYBz kyyQdSl5goY+4mLE64LsrHx/7mzFHU=; b=sXc3kMkjEaWX6qNy8SgzK2YQa/Fiy d5XTMIFptTAffvfOfWR0E+qlZBWiUZQmt3wZFFyB+qVv84OguSDLLwGk8ogCXyzc hKuPKlPWzQJgYeUM1/cr9qtSQ/2aOtZhF0aKHmeGf2eD7MbaWVlFJ5xq48SA3Hzi 2EjbGNh/N7G9wBIDd+vrVF1qylz4uI7ihrJo9aaMbCNwBW+boJ+o9j3kLjLUvxtX 6ybN7yLXWnQh5uCRzeswKx3RZgcJLby5Tpw0gkCM7OV3JljEYMonE5AA7CB0BrMN dEXsEbDvMHmk7TqFf4HJQDhelRhy5cJztAScjcY1zWZ2hEjNWiWLY6H1A== X-ME-Sender: <xms:NzWXZgT0ylF7qeeX5jTIvLViSinAsssMPl9ZI07FMEHSFTwLzKw2cQ> <xme:NzWXZtyZS97_8MTsoNJX2sC7bMnavaC5pBWtey9E34L_Gv_MHyhDjvCJoQKqEPA1C X7SYfV284QevXagWw> X-ME-Received: <xmr:NzWXZt2CnChKAkRKZ9kzrS2MPYCbv5-HKmrWwkT3D20mAVki5JvHUj_2YeWuSNLwyv0eG6jaBerX06tGwUlSf_xUSFBYRmxoKS-W__aXuvWITF3DVxmFOQ> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrgeehgdeilecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofggtgfgsehtkeertd ertdejnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghnsehrvghtrhhoshhpvggtrdht vheqnecuggftrfgrthhtvghrnhepgfeukeffjedugfdvveetleetiedtueduudffhfeuhf eihfejteeuhffgteetvdetnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehm rghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:NzWXZkCy1XYoNMFBEjIggxFYWWhJTD9FNszfS7AnTB8kp_GQnUxLEg> <xmx:NzWXZpgpZqZ1xtgMn8rGVLv6rwWu9ZkeMxLB-QTM8lfjtf9dVMU2tg> <xmx:NzWXZgri5EutZ1Fg3ey1-Fg9qlWoiJ_iSIC05zdWWvRIzL9oA6BGxg> <xmx:NzWXZsjLXnOqRQ2Qq5EIddtwppC6j85cWlX5ISkdhrYgG9tPoMTDPg> <xmx:ODWXZsvRww42i6v04rYDQ485DipGxgNtYyBhOPebHrapPvED5V_dnPaX> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 16 Jul 2024 23:06:30 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 71832 <at> debbugs.gnu.org Subject: [PATCH v4 0/3] Add nss-rapid; update Librewolf to 128.0-2 Date: Tue, 16 Jul 2024 20:06:16 -0700 Message-ID: <20240717030619.26631-1-ian@HIDDEN> X-Mailer: git-send-email 2.45.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71832 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) # vs. v3 of these patches, this series: - Rebases to integrate #71832. - Update Librewolf to 128.0-2, the current version. - Update nss-rapid to 3.102, the current rapid release version. - Add the skr locale, needed by Firefox 128.x, which is Librewolf’s upstream. Ian Eure (3): gnu: Add nss-rapid. gnu: gnuzilla: Add skr to all-mozilla-locales. gnu: librewolf: Update to 128.0-2 gnu/packages/gnuzilla.scm | 1 + gnu/packages/librewolf.scm | 1049 ++++++++++++++++++------------------ gnu/packages/nss.scm | 80 ++- 3 files changed, 603 insertions(+), 527 deletions(-) -- 2.45.2
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.Received: (at 71832) by debbugs.gnu.org; 8 Jul 2024 08:56:19 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jul 08 04:56:19 2024 Received: from localhost ([127.0.0.1]:49642 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1sQkAV-0007qa-3e for submit <at> debbugs.gnu.org; Mon, 08 Jul 2024 04:56:19 -0400 Received: from hera.aquilenet.fr ([185.233.100.1]:59350) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <andreas@HIDDEN>) id 1sQkAS-0007qI-AG; Mon, 08 Jul 2024 04:56:17 -0400 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 3826B80F; Mon, 8 Jul 2024 10:55:35 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at hera.aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rAkPFncnelyi; Mon, 8 Jul 2024 10:55:34 +0200 (CEST) Received: from jurong (unknown [IPv6:2001:861:c4:f2f0::c64]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 9818926F; Mon, 8 Jul 2024 10:55:34 +0200 (CEST) Date: Mon, 8 Jul 2024 10:55:33 +0200 From: Andreas Enge <andreas@HIDDEN> To: 71882-done <at> debbugs.gnu.org, 71832 <at> debbugs.gnu.org Subject: Closing one bug Message-ID: <ZouphUGFYPpDQVqT@jurong> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 71832 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Hello, I have pushed the patch of #71882 to fix the build on non-x86 architectures. I could still build on x86_64, but could still not build on aarch64; but the latter failure is probably due to a lack of memory (the configure phase passes now, but the build fails later on with a SIGKILL). As this means that the librewolf update of #71832 needs to be rebased, I am cc-ing this bug. Andreas
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 2 Jul 2024 00:21:28 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jul 01 20:21:28 2024
Received: from localhost ([127.0.0.1]:35173 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sORGw-0005CR-9K
for submit <at> debbugs.gnu.org; Mon, 01 Jul 2024 20:21:28 -0400
Received: from fhigh5-smtp.messagingengine.com ([103.168.172.156]:50651)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sORGr-0005Bm-JP
for 71832 <at> debbugs.gnu.org; Mon, 01 Jul 2024 20:21:24 -0400
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
by mailfhigh.nyi.internal (Postfix) with ESMTP id 9F91211401AF;
Mon, 1 Jul 2024 20:21:15 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute1.internal (MEProxy); Mon, 01 Jul 2024 20:21:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:content-type:date
:date:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to; s=fm1; t=1719879675;
x=1719966075; bh=HGx6+r3u8Pfo1WG5zuxQ70ICaN8Yur/1iQ4wEZ3GFXk=; b=
AuADucbTWnh0DSQJTLqwiQWR36VUirErzvHkdMI1Rq5+BABmabdjoNvOTinkzQYz
ZNQ5xUPAlpRTno9yXrhSLMc6dXFv5vBt6c/gOv35RcF45ahDUxHM+fuuusPpjzYB
eX9cP9rlwKS7hfZ6JKR73jBrAk+FC1duy9a5XB9GwoIjNT02aiONWz5CgP1juicn
Pu1EVAjSAh3tDkuRkjTvKdh+UfpJCeKJHUN4OIKGkn8C1kyfPUuDkqxWO0jUULac
x4RnI8MFAxxjJC9IryXCTjku7IMtMJfrgIx6G3vdrIPOo0BAAmoBnb/RyBqb2m7m
VTH/zm2FOnN8zXCu16cd7g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:content-type:date:date:feedback-id:feedback-id
:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1719879675; x=
1719966075; bh=HGx6+r3u8Pfo1WG5zuxQ70ICaN8Yur/1iQ4wEZ3GFXk=; b=b
eoTHdBFuaV/SKA4PBh8nc8pUkxlBc2rzPNs+36TVb2N6qegqbJihHO2BuUF+Vjoa
SSeHLOPjv3MrJiD1mktyfts9AAXFao2MXcL4iba5+E45JIsMH7R9AxsJhZk8JHnd
jbS/An2wn8MgBYp/NaOOeoFhhax1S5KZ/PghslKi+65FCY1JibR5A3C8nXZqOM64
O8yxqyqg2oLFXdQZzBTL9ExG4zyvfc5HQ5CWhu6a/ARuArQPxdpKKa8wMHkqqpEW
CKcdWYZHkC+zXwIcQxHSrvjycj/pPYMhEeoTLZJbmC56OeGyraMiAyMnjnaI5lIA
gXCU0BwhzhFbijggTHswg==
X-ME-Sender: <xms:-0eDZvzayKvzNDKQdoXfMrW8-mtjzxlcvB3VW4kXrwbiXQx_1aIXlw>
<xme:-0eDZnTBiUlRvp_fch3FRG9ac_ydrrr2no35MXPhDC5WO5JsFIB7pfhtYmm1mhwPD
XfCNkXN1T_yKxsllw>
X-ME-Received: <xmr:-0eDZpXuxfkuNyWNrAeburf38EJYF9PL52Q4od8lJeATjYE8BR5joeClcppm8FLmtqvqkWeTuTvAaZ4k4PvtssqoYH5Pjab1Vpk6el6IAktDa9dtKmm3EA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrudeggdefvdcutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhggtgfgsehtke
ertdertdejnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghnsehrvghtrhhoshhpvggt
rdhtvheqnecuggftrfgrthhtvghrnhepiefhvefggedtueekjefgieefgfduleeggeetff
dvveeuueffudevhfeivddukeeinecuffhomhgrihhnpehsvggrrhgthhhfohigrdhorhhg
pdhgnhhurdhorhhgpdgtohhnthgvnhhtrdhrvggrugdpmhhoiihilhhlrgdrohhrghdpgh
gvthgrugguohhnshdrshgvrghrtghhpdhgvghtrgguughonhhsrdhlihhnkhdpghhithhh
uhgsrdgtohhmpdhlihgsrhgvfiholhhfrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd
enucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhv
X-ME-Proxy: <xmx:-0eDZpjf35lN23oz1bp6LuN-h9vAQXy8fLihP806FYJ_goTiDajv0Q>
<xmx:-0eDZhCImNNMAojjU8mbu7ypnV8Jsvncq4dM8Amt2l7Ec__Jdjq-4w>
<xmx:-0eDZiLr1vFGoHSXbQzLZhp5ui8Kq6WleGkHfj9oRjFv3Gv__vzbPA>
<xmx:-0eDZgA7uMEgNN6685JCTwq5ReiGNwMAHQlEpZmIfHohtP8EwpQpvg>
<xmx:-0eDZkOHRlpvOvpkZv6sYyAc77Z0k2B2UHojjuoJLcIWtDqprrdDpRcc>
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon,
1 Jul 2024 20:21:14 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH v3 2/2] gnu: librewolf: Update to 127.0.2-1.
Date: Mon, 1 Jul 2024 17:21:03 -0700
Message-ID: <20240702002103.9015-3-ian@HIDDEN>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <20240702002103.9015-1-ian@HIDDEN>
References: <20240702002103.9015-1-ian@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* gnu/packages/librewolf.scm (librewolf): Update to 127.0.2-1. Reorganize
module to improve usability and reduce duplication. The Rust package and
build ID are now at the top of the file. The librewolf-source variable has
been replaced with the make-librewolf-source procedure, centralizing versions
& hashes in the librewolf package definition. Dedent some of the package’s
arguments to improve readability.
Change-Id: I15f8a2aa1fae07e0497ab5511d10af0c1f70cc2e
---
gnu/packages/librewolf.scm | 1044 ++++++++++++++++++------------------
1 file changed, 526 insertions(+), 518 deletions(-)
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index c84bcaf3ce..a400080dcb 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -93,6 +93,18 @@ (define-module (gnu packages librewolf)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xorg))
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/kinds/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+;; 1.75 is the default in Guix, 1.77 is the minimum for Librewolf.
+(define rust-librewolf rust-1.77)
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+;; ex: date '+%Y%m%d%H%M%S'
+(define %librewolf-build-id "20240626133423")
+
(define (firefox-source-origin version hash)
(origin
(method url-fetch)
@@ -114,11 +126,14 @@ (define (librewolf-source-origin version hash)
(define computed-origin-method (@@ (guix packages) computed-origin-method))
-(define librewolf-source
- (let* ((ff-src (firefox-source-origin "126.0.1" "0fr679rcwshwpfxidc55b2xsn4pmrr7p9ix4rr2mv2k7kwsjcc7n"))
- (version "126.0.1-1")
- (lw-src (librewolf-source-origin version "0cac80073vkzd85ai9rbnwixs1h9bpy4dj2ri6jxdlqsy5d663km")))
-
+(define* (make-librewolf-source version #:key firefox-hash librewolf-hash)
+ (let* ((ff-src (firefox-source-origin
+ (car (string-split version #\-))
+ firefox-hash))
+ (version version)
+ (lw-src (librewolf-source-origin
+ version
+ librewolf-hash)))
(origin
(method computed-origin-method)
(file-name (string-append "librewolf-" version ".source.tar.gz"))
@@ -162,11 +177,6 @@ (define librewolf-source
(("^ff_source_tarball:=.*")
(string-append "ff_source_tarball:=" #+ff-src)))
- ;; Remove encoding_rs patch, it doesn't build with Rust 1.75.
- (substitute* '("assets/patches.txt")
- (("patches/encoding_rs.patch\\\n$")
- ""))
-
;; Stage locales.
(begin
(format #t "Staging locales...~%")
@@ -204,523 +214,521 @@ (define librewolf-source
".source.tar.gz")
#$output))))))))
-;; Define the versions of rust needed to build librewolf, trying to match
-;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
-;; https://searchfox.org under the particular firefox release, like
-;; mozilla-esr102.
-(define rust-librewolf rust) ; 1.75 is the default in Guix, 1.65 is the minimum.
-
-;; Update this id with every update to its release date.
-;; It's used for cache validation and therefore can lead to strange bugs.
-;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20240607212143")
-
(define-public librewolf
- (package
- (name "librewolf")
- (version "126.0.1-1")
- (source librewolf-source)
- (build-system gnu-build-system)
- (arguments
- (list
- #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
- `("--enable-application=browser"
-
- ;; Configuration
- "--without-wasm-sandboxed-libraries"
- "--with-system-jpeg"
- "--with-system-zlib"
- "--with-system-png"
- "--with-system-webp"
- "--with-system-icu"
- "--with-system-libvpx"
- "--with-system-libevent"
- "--with-system-ffi"
- "--enable-system-pixman"
- "--enable-jemalloc"
-
- ;; see https://bugs.gnu.org/32833
- "--with-system-nspr"
- "--with-system-nss"
-
- ,(string-append "--with-clang-path=" clang
- "/bin/clang")
- ,(string-append "--with-libclang-path=" clang
- "/lib")
-
- ;; Distribution
- "--with-distribution-id=org.guix"
- "--with-app-name=librewolf"
- "--with-app-basename=LibreWolf"
- "--with-branding=browser/branding/librewolf"
-
- ;; Features
- "--disable-tests"
- "--disable-updater"
- "--enable-pulseaudio"
- "--disable-crashreporter"
- "--allow-addon-sideload"
- "--with-unsigned-addon-scopes=app,system"
- "--disable-eme"
-
- ;; Build details
- "--disable-debug"
- "--enable-rust-simd"
- "--enable-release"
- "--enable-optimize"
- "--enable-strip"
- "--enable-hardening"
- "--disable-elf-hack"))
- #:imported-modules %cargo-utils-modules
- #:modules `((ice-9 regex)
- (ice-9 string-fun)
- (ice-9 ftw)
- (srfi srfi-1)
- (srfi srfi-26)
- (rnrs bytevectors)
- (rnrs io ports)
- (guix elf)
- (guix build gremlin)
- ,@%gnu-build-system-modules)
- #:phases #~(modify-phases %standard-phases
- (add-after 'unpack 'fix-preferences
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((port (open-file "browser/app/profile/firefox.js"
- "a")))
- (define (write-setting key value)
- (format port "~%pref(\"~a\", ~a);~%" key value)
- (format #t
+ (let ((version "127.0.2-2"))
+ (package
+ (name "librewolf")
+ (version version)
+ (source (make-librewolf-source
+ version
+ #:firefox-hash
+ "1s73fdp7k60058ylyvlixq13k5hfbmj6k1y42fmzqlpg7n62lyqb"
+ #:librewolf-hash
+ "1f4xz496x1nf7lmvk50hakj9p6q0kzxl5f9s2k0b6kczvyc8gw5n"))
+
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags
+ #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
"fix-preferences: setting value of ~a to ~a~%" key
value))
- ;; We should allow the sandbox to read the store directory,
- ;; because the sandbox has access to /usr on FHS distros.
- (write-setting
- "security.sandbox.content.read_path_whitelist"
- (string-append "\""
- (%store-directory) "/\""))
-
- ;; XDG settings should be managed by Guix.
- (write-setting "browser.shell.checkDefaultBrowser"
- "false")
- (close-port port))))
- (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
- (libavcodec (string-append ffmpeg
- "/lib/libavcodec.so")))
- ;; Arrange to load libavcodec.so by its absolute file name.
- (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
- (("libavcodec\\.so")
- libavcodec)))))
- (add-after 'patch-source-shebangs 'patch-cargo-checksums
- (lambda _
- (use-modules (guix build cargo-utils))
- (let ((null-hash
- ;; This is the SHA256 output of an empty string.
- (string-append
- "e3b0c44298fc1c149afbf4c8996fb924"
- "27ae41e4649b934ca495991b7852b855")))
- (for-each (lambda (file)
- (format #t
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
"patch-cargo-checksums: patching checksums in ~a~%"
file)
- (substitute* file
- (("(checksum = )\".*\"" all name)
- (string-append name "\"" null-hash
- "\""))))
- (find-files "." "Cargo\\.lock$"))
- (for-each generate-all-checksums
- '("build"
- "dom/media"
- "dom/webauthn"
- "gfx"
- "intl"
- "js"
- "media"
- "modules"
- "mozglue/static/rust"
- "netwerk"
- "remote"
- "security/manager/ssl"
- "servo"
- "storage"
- "third_party/rust"
- "toolkit"
- "xpcom/rust"
- "services")))))
- (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
- (lambda _
- ;; Remove --frozen flag from cargo invokation, otherwise it'll
- ;; complain that it's not able to change Cargo.lock.
- ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
- (substitute* "build/RunCbindgen.py"
- (("args.append\\(\"--frozen\"\\)") "pass"))))
- (delete 'bootstrap)
- (add-before 'configure 'patch-SpeechDispatcherService.cpp
- (lambda _
- (let* ((lib "libspeechd.so.2")
- (file (string-append
- "dom/media/webspeech/synth/"
- "speechd/SpeechDispatcherService.cpp"))
- (old-content (call-with-input-file file
- get-string-all)))
- (substitute
- file
- `((,(format #f "~s" lib) unquote
- (lambda (line _)
- (string-replace-substring
- line lib
- (string-append #$speech-dispatcher
- "/lib/" lib))))))
- (if (string=? old-content
- (call-with-input-file file
- get-string-all))
- (error
- "substitute did nothing, phase requires an update")))))
- (add-before 'configure 'set-build-id
- ;; Build will write the timestamp to output, which is harmful
- ;; for reproducibility, so change it to a fixed date. Use a
- ;; separate phase for easier modification with inherit.
- (lambda _
- (setenv "MOZ_BUILD_DATE"
- #$%librewolf-build-id)))
- (replace 'configure
- (lambda* (#:key inputs outputs configure-flags
- #:allow-other-keys)
- (setenv "AUTOCONF"
- (string-append (assoc-ref inputs "autoconf")
- "/bin/autoconf"))
- (setenv "SHELL"
- (which "bash"))
- (setenv "CONFIG_SHELL"
- (which "bash"))
- (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
- "system")
- ;; This should use the host info probably (does it
- ;; build on non-x86_64 though?)
- (setenv "GUIX_PYTHONPATH"
- (string-append (getcwd)
- "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
-
- ;; Use Clang, Clang is 2x faster than GCC
- (setenv "AR" "llvm-ar")
- (setenv "NM" "llvm-nm")
- (setenv "CC" "clang")
- (setenv "CXX" "clang++")
- (setenv "MOZ_NOSPAM" "1")
- (setenv "MOZ_APP_NAME" "librewolf")
-
- (setenv "MOZBUILD_STATE_PATH"
- (getcwd))
-
- (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
- (out (assoc-ref outputs "out"))
- (flags (cons (string-append "--prefix=" out)
- configure-flags)))
- (format #t "build directory: ~s~%"
- (getcwd))
- (format #t "configure flags: ~s~%" flags)
-
- (define write-flags
- (lambda flags
- (display (string-join (map (cut string-append
- "ac_add_options " <>)
- flags) "\n"))
- (display "\n")))
- (with-output-to-file mozconfig
- (lambda ()
- (apply write-flags flags)
- ;; The following option unsets Telemetry
- ;; Reporting. With the Addons Fiasco,
- ;; Mozilla was found to be collecting
- ;; user's data, including saved passwords
- ;; and web form data, without users
- ;; consent. Mozilla was also found
- ;; shipping updates to systems without
- ;; the user's knowledge or permission.
- ;; As a result of this, use the following
- ;; command to permanently disable
- ;; telemetry reporting.
- (display "unset MOZ_TELEMETRY_REPORTING\n")
- (display "mk_add_options MOZ_CRASHREPORTER=0\n")
- (display "mk_add_options MOZ_DATA_REPORTING=0\n")
- (display
- "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
- (display
- "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
- (setenv "MOZCONFIG" mozconfig))
- (invoke "./mach" "configure")))
- (add-before 'build 'fix-addons-placeholder
- (lambda _
- (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
- (("addons.mozilla.org")
- "gnuzilla.gnu.org"))))
- (replace 'build
- (lambda* (#:key (make-flags '())
- (parallel-build? #t) #:allow-other-keys)
- (apply invoke "./mach" "build"
- ;; mach will use parallel build if possible by default
- `(,@(if parallel-build?
- '()
- '("-j1")) ,@make-flags))))
- (add-after 'build 'neutralise-store-references
- (lambda _
- ;; Mangle the store references to compilers &
- ;; other build tools in about:buildconfig,
- ;; reducing the package's closure by 1 GiB on
- ;; x86-64.
- (let* ((build-dir (car (scandir "."
- (cut string-prefix?
- "obj-" <>))))
- (file (string-append build-dir
- "/dist/bin/chrome/toolkit/"
- "content/global/buildconfig.html")))
- (substitute* file
- (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
- (regexp-quote (%store-directory)))
- _ store hash)
- (string-append store
- (string-take hash 8)
- "<!-- Guix: not a runtime dependency -->"
- (string-drop hash 8)))))))
- (replace 'install
- (lambda _
- (invoke "./mach" "install")))
- (add-after 'install 'remove-duplicate-bin
- (lambda* (#:key outputs #:allow-other-keys)
- (delete-file (string-append #$output
- "/lib/librewolf/librewolf-bin"))))
- (add-after 'install 'wrap-glxtest
- ;; glxtest uses dlopen() to load mesa and pci
- ;; libs, wrap it to set LD_LIBRARY_PATH.
- (lambda* (#:key inputs outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (libs (map
- (lambda (lib-name)
- (string-append (assoc-ref inputs
- lib-name)
- "/lib"))
- '("mesa" "pciutils"))))
- (wrap-program (car (find-files lib "^glxtest$"))
- `("LD_LIBRARY_PATH" prefix ,libs)))))
- (add-after 'install 'patch-config
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((lib (string-append #$output "/lib/librewolf"))
- (config-file "librewolf.cfg"))
-
- ;; Required for Guix packaged extensions
- ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
- ;; Default is 5.
- (substitute* (in-vicinity lib config-file)
- (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
- "defaultPref(\"extensions.enabledScopes\", 13)"))
- ;; Use Mozzarella addons repo.
- (call-with-port
- (open-file
- (in-vicinity lib config-file)
- "a")
- (lambda (port)
- ;; Add-ons panel (see settings.js in Icecat source).
- (for-each
- (lambda (pref)
- (format port
- "defaultPref(~s, ~s);~%"
- (car pref)
- (cdr pref)))
- `(("extensions.getAddons.search.browseURL"
- ,(string-append
- "https://gnuzilla.gnu.org/mozzarella/"
- "search.php?q=%TERMS%"))
- ("extensions.getAddons.get.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.link.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.discovery.api_url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.langpacks.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("lightweightThemes.getMoreURL" .
- "https://gnuzilla.gnu.org/mozzarella"))))))))
- (add-after 'install 'wrap-program
- (lambda* (#:key inputs outputs #:allow-other-keys)
- ;; The following two functions are from Guix's icecat package in
- ;; (gnu packages gnuzilla). See commit
- ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
- (define (runpath-of lib)
- (call-with-input-file lib
- (compose elf-dynamic-info-runpath elf-dynamic-info
- parse-elf get-bytevector-all)))
- (define (runpaths-of-input label)
- (let* ((dir (string-append (assoc-ref inputs label)
- "/lib"))
- (libs (find-files dir "\\.so$")))
- (append-map runpath-of libs)))
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (libs (map
- (lambda (lib-name)
- (string-append (assoc-ref inputs
- lib-name)
- "/lib"))
- '("mesa" "libpng-apng" "libnotify" "libva"
- "pulseaudio" "gtk+" "pipewire"
- ;; For U2F and WebAuthn
- "eudev")))
-
- ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
- ;; and must be explicitly given access to files it needs.
- ;; Rather than adding the whole store (as Nix had
- ;; upstream do, see
- ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
- ;; linked upstream patches), we can just follow the
- ;; runpaths of the needed libraries to add everything to
- ;; LD_LIBRARY_PATH. These will then be accessible in the
- ;; RDD sandbox.
- (rdd-whitelist (map (cut string-append <> "/")
- (delete-duplicates (append-map
- runpaths-of-input
- '("mesa"
- "ffmpeg")))))
- (gtk-share (string-append (assoc-ref inputs
- "gtk+")
- "/share")))
- (wrap-program (car (find-files lib "^librewolf$"))
- `("LD_LIBRARY_PATH" prefix
- (,@libs ,@rdd-whitelist))
- `("XDG_DATA_DIRS" prefix
- (,gtk-share))
- `("MOZ_LEGACY_PROFILES" =
- ("1"))
- `("MOZ_ALLOW_DOWNGRADE" =
- ("1"))))))
- (add-after 'wrap-program 'install-desktop-entry
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((desktop-file
- "taskcluster/docker/firefox-snap/firefox.desktop")
- (applications (string-append #$output
- "/share/applications")))
- (substitute* desktop-file
- (("^Exec=firefox")
- (string-append "Exec="
- #$output "/bin/librewolf"))
- ;; "Firefox" -> "LibreWolf" everywhere
- (("Firefox")
- "LibreWolf")
- ;; Remove non-Latin translations.
- (("^Name\\[(ar|bn)\\].*$")
- "")
- (("^Icon=.*")
- (string-append "Icon="
- #$output
- "/share/icons/hicolor/128x128/apps/librewolf.png
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build"
+ "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("args.append\\(\"--frozen\"\\)") "pass"))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa and pci
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "pciutils"))))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix ,libs)))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ `(("extensions.getAddons.search.browseURL"
+ ,(string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%"))
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "libpng-apng" "libnotify" "libva"
+ "pulseaudio" "gtk+" "pipewire"
+ ;; For U2F and WebAuthn
+ "eudev")))
+
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,@libs ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
"))
- ;; These commands were changed.
- (("-NewWindow")
- "-new-window")
- (("-NewPrivateWindow")
- "-new-private-window")
- (("StartupNotify=true")
- "StartupNotify=true
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
StartupWMClass=Navigator"))
- (copy-file desktop-file "librewolf.desktop")
- (install-file "librewolf.desktop" applications))))
- (add-after 'install-desktop-entry 'install-icons
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((icon-source-dir (string-append #$output
- "/lib/librewolf/browser/"
- "chrome/icons/default")))
- (for-each (lambda (size)
- (let ((dest (string-append #$output
- "/share/icons/hicolor/"
- size
- "x"
- size
- "/apps")))
- (mkdir-p dest)
- (symlink (string-append icon-source-dir
- "/default" size ".png")
- (string-append dest
- "/librewolf.png"))))
- '("16" "32" "48" "64" "128"))))))
-
- ;; Test will significantly increase build time but with little rewards.
- #:tests? #f
-
- ;; WARNING: Parallel build will consume lots of memory!
- ;; If you have encountered OOM issue in build phase, try disable it.
- #:parallel-build? #t
-
- ;; Some dynamic lib was determined at runtime, so rpath check may fail.
- #:validate-runpath? #f))
- (inputs (list bash-minimal
- bzip2
- cairo
- cups
- dbus-glib
- freetype
- ffmpeg
- gdk-pixbuf
- glib
- gtk+
- gtk+-2
- hunspell
- icu4c-73
- jemalloc
- libcanberra
- libevent
- libffi
- libgnome
- libjpeg-turbo
- libnotify
- libpng-apng
- libva
- libvpx
- libwebp
- libxcomposite
- libxft
- libxinerama
- libxscrnsaver
- libxt
- mesa
- mit-krb5
- nspr
- nss/fixed
- pango
- pciutils
- pipewire
- pixman
- pulseaudio
- speech-dispatcher
- sqlite
- startup-notification
- eudev
- unzip
- zip
- zlib))
- (native-inputs (list alsa-lib
- autoconf-2.13
- `(,rust-librewolf "cargo")
- clang-18
- llvm-18
- m4
- nasm
- node-lts
- perl
- pkg-config
- python
- rust-librewolf
- rust-cbindgen-0.26
- which
- yasm))
- (home-page "https://librewolf.net/")
- (synopsis
- "Custom version of Firefox, focused on privacy, security and freedom")
- (description
- "LibreWolf is designed to increase protection against tracking and
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss-latest
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang-18
+ llvm-18
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
fingerprinting techniques, while also including a few security improvements.
This is achieved through our privacy and security oriented settings and
patches. LibreWolf also aims to remove all the telemetry, data collection and
annoyances, as well as disabling anti-freedom features like DRM.")
- (license license:mpl2.0)))
+ (license license:mpl2.0))))
--
2.45.1
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 2 Jul 2024 00:21:24 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jul 01 20:21:24 2024
Received: from localhost ([127.0.0.1]:35171 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sORGt-0005C7-Ji
for submit <at> debbugs.gnu.org; Mon, 01 Jul 2024 20:21:24 -0400
Received: from fhigh5-smtp.messagingengine.com ([103.168.172.156]:40065)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sORGq-0005Bk-JV
for 71832 <at> debbugs.gnu.org; Mon, 01 Jul 2024 20:21:22 -0400
Received: from compute7.internal (compute7.nyi.internal [10.202.2.48])
by mailfhigh.nyi.internal (Postfix) with ESMTP id 9FF64114018E;
Mon, 1 Jul 2024 20:21:14 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute7.internal (MEProxy); Mon, 01 Jul 2024 20:21:14 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:date:date:from:from
:in-reply-to:in-reply-to:message-id:mime-version:references
:reply-to:subject:subject:to:to; s=fm1; t=1719879674; x=
1719966074; bh=LmCjBBGxTnzhSaAdOd/Kr2DAWUyzcvU2yaZlIkzLcEk=; b=i
TRAUEgfqRmhIDYbV5ZY4vnxk/gTBvx4w4T4QFKp1+3aJtVelpVT9PybUq7uFKQvE
dFHjkVgau7ObAJTrGrwnUn9yL0EHjlNYvhEGUeKYxWNnr6L39pk7jZ6xoUSTh8BZ
KKEJ02V2woKP4NCdjzaktGYruR26gw60s/3q3i2s76ZfIWjHyj0mUM6IHt5+S5Ih
xdXIFFhdOVNoz8u/wwkXI2AKbqYu2MpGZ2HIl/0dA0cyXmGx7CMvHEKnGcXVUwjq
8FDI855m+jwi9x60kuW8UTfmNU/yu+jLzIHZoaq9v2VNgGVcStmrfjYXC8ot6fEs
6+qa552EEomAHPqmLgDvw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:date:date:feedback-id:feedback-id:from:from
:in-reply-to:in-reply-to:message-id:mime-version:references
:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1719879674; x=
1719966074; bh=LmCjBBGxTnzhSaAdOd/Kr2DAWUyzcvU2yaZlIkzLcEk=; b=E
4FiYukmJ1OBo9j5+ilBfSmolmnfO9b87GBF/SERuCHdyvvJKatcxeqtTTSsdRpjn
bGADOQobhptb0iTiyOy9u6nIX/77Y5ryboHklq1LSQIbX+6ggLQlua4DUDaAFFgZ
UrbXNB/ojE3vVLjM/0lVIbss06eR6SiWVeDbncJZ4LPN1tBrZKed0TurhSuQoBMt
vctc9n8lLN5X/YWx8PIsPrNwMpGqfglR8v7rCG+xD4ZXf8st3pe4PRQAnAru0G8v
RMYDJQWhmyG6IZuDjiPovaTQbu96x+OH2RMKaIk3NfWGcHv/hsuc+LOcue4G19PK
sbUGfcGbU7lJKzsh1JcWQ==
X-ME-Sender: <xms:-keDZlgJrKXqfz51Kn-nI29juSXNc-9jPuxe30BRtNs6_msfEH62Rg>
<xme:-keDZqAmu0_BfJkJxSmGdPx6QVwgoB0xCsDlWUXpy8YlNlhpiKL20_mlsKBlvkTn9
zdlf2rqpDt0wtJFAw>
X-ME-Received: <xmr:-keDZlGKQ2p09OIDhXxuQeMMRQgSOurTqVU3Pca3yhdsXGCRSlfwwR6iyfHSpcqjzw2aUKuY8K1eYTToJwM8BS3esIyvbikzrou2d20lArERXdtFK88m6w>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrudeggdeffecutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhgggfestdekre
dtredttdenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgvtgdr
thhvqeenucggtffrrghtthgvrhhnpefgteeiffdvleejleeiieevgeegleegieevjeekfe
evledugfehteetgfeuffevhfenucffohhmrghinhepmhhoiihilhhlrgdrohhrghenucev
lhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvg
htrhhoshhpvggtrdhtvh
X-ME-Proxy: <xmx:-keDZqQWlvK-dYxhbnqhBf2BZmCiZZKe8pr2MESkt5ttpGMDZ_7P0w>
<xmx:-keDZizAsnUkGPiEeoaAueIm59icIp4zsM0H0gtvyfcXYFmUdc7C7g>
<xmx:-keDZg73OYeMlv2PAqCCYoJSmnsgLLnDtgHdfSZhMGocUVZd2x9ZgA>
<xmx:-keDZnxWKv-dTiE5vDlulYiBb9ITRq0NXF3gBDm4DyZqfqavjLOVFw>
<xmx:-keDZt8mjQiYZnjba7m6gng_RDU42ELoc1t9x2Kg7jMY_t1-vP3tNX-n>
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon,
1 Jul 2024 20:21:13 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH v3 1/2] gnu: Add nss-rapid.
Date: Mon, 1 Jul 2024 17:21:02 -0700
Message-ID: <20240702002103.9015-2-ian@HIDDEN>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <20240702002103.9015-1-ian@HIDDEN>
References: <20240702002103.9015-1-ian@HIDDEN>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* gnu/packages/nss.scm (nss-rapid): New variable.
Change-Id: I2bdd2119fb0c857feae9eb2e47a28909b8228cd7
---
gnu/packages/nss.scm | 80 ++++++++++++++++++++++++++++++++++++++++----
1 file changed, 74 insertions(+), 6 deletions(-)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index d558079f44..4e892ce649 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,6 +106,9 @@ (define-public nspr-4.32
(base32
"0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv"))))))
+;; nss should track ESRs, but currently doesn't. When the next ESR it out, it
+;; should get updated.
+
(define-public nss
(package
(name "nss")
@@ -153,13 +156,13 @@ (define-public nss
;; Ensure we are building for the (%current-target-system).
#$@(if (%current-target-system)
#~((string-append
- "OS_TEST="
- (string-take #$(%current-target-system)
- (string-index #$(%current-target-system) #\-)))
+ "OS_TEST="
+ (string-take #$(%current-target-system)
+ (string-index #$(%current-target-system) #\-)))
(string-append
- "KERNEL=" (cond (#$(target-hurd?) "gnu")
- (#$(target-linux?) "linux")
- (else ""))))
+ "KERNEL=" (cond (#$(target-hurd?) "gnu")
+ (#$(target-linux?) "linux")
+ (else ""))))
#~())
#$@(if (%current-target-system)
#~("CROSS_COMPILE=1")
@@ -303,6 +306,71 @@ (define-public nss/fixed
(invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))))))))))
+;; nss-rapid tracks the rapid release channel. Unless your package requires a
+;; newer version, you should prefer the `nss' package, which tracks the ESR
+;; channel.
+;;
+;; See https://wiki.mozilla.org/NSS:Release_Versions
+;; and https://wiki.mozilla.org/Rapid_Release_Model
+
+(define-public nss-rapid
+ (package
+ (inherit nss)
+ (name "nss-rapid")
+ (version "3.101")
+ (source (origin
+ (inherit (package-source nss))
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1rw5xpclsy174znvxcb4d4zgjwadxy45mbh0wvkm3fxpnkq4i5w5"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nss)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (if tests?
+ (begin
+ ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for
+ ;; testing. The latter requires a working DNS or /etc/hosts.
+ (setenv "DOMSUF" "localdomain")
+ (setenv "USE_IP" "TRUE")
+ (setenv "IP_ADDRESS" "127.0.0.1")
+
+ ;; This specific test is looking at performance "now
+ ;; verify that we can quickly dump a database", and
+ ;; we're not testing performance here (especially
+ ;; since we're using faketime), so raise the
+ ;; threshold
+ (substitute* "nss/tests/dbtests/dbtests.sh"
+ ((" -lt 5") " -lt 50"))
+
+ ;; Since the test suite is very lengthy, run the test
+ ;; suite once, not thrice as done by default, by
+ ;; selecting only the 'standard' cycle.
+ (setenv "NSS_CYCLES" "standard")
+
+ ;; The "PayPalEE.cert" certificate expires every six months,
+ ;; leading to test failures:
+ ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
+ ;; work around that, set the time to roughly the release date.
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
+ (format #t "test suite not run~%"))))))))
+ (synopsis "Network Security Services (Rapid Release)")
+ (description
+ "Network Security Services (@dfn{NSS}) is a set of libraries designed to
+support cross-platform development of security-enabled client and server
+applications. Applications built with NSS can support SSL v2 and v3, TLS,
+PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
+security standards.
+
+This package tracks the Rapid Release channel, which updates frequently.")))
(define-public nsncd
(package
(name "nsncd")
--
2.45.1
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.Received: (at 71832) by debbugs.gnu.org; 2 Jul 2024 00:21:23 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jul 01 20:21:23 2024 Received: from localhost ([127.0.0.1]:35169 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1sORGt-0005C5-A5 for submit <at> debbugs.gnu.org; Mon, 01 Jul 2024 20:21:23 -0400 Received: from fhigh5-smtp.messagingengine.com ([103.168.172.156]:38311) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1sORGq-0005Bi-07 for 71832 <at> debbugs.gnu.org; Mon, 01 Jul 2024 20:21:22 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailfhigh.nyi.internal (Postfix) with ESMTP id C4C3A1140116; Mon, 1 Jul 2024 20:21:13 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Mon, 01 Jul 2024 20:21:13 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm1; t=1719879673; x=1719966073; bh=Mv AcYnKJu33ywpj0I6+EBlk2cw8vi+SnMa5HkfQrWzg=; b=RqpC2H9fLugVhLbtXm lsGchdRpiVQ8CyXqX1Bcu1u7LGTbT3wMnhJA1w7sMPpPyA2Vqf4c3Hh+6T83juK6 L9LOGkidJ8i3F16rh4MsIxqytFAnw/qQSH2+VYqe+S7TxAw3hlmM/Nqb4rajmLya HiHOwvUwGDTJv1seZvTA7ae0ASmZyqRKCswkRo2yZzfnOjvGS8srT9ss6j3WyWhd 36gdOb9pK0/MCP48q7dtSYnadrOihDXOOgjv7PdY5Q9f6dGiZKchKj+A/dE91YUk 2Guhy8Agc4QPm7s247SHB0/JsL78vFOPXUnUSsIRyjoiAD4emeBdqZUcZx/xxmtu 2B6A== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1719879673; x=1719966073; bh=MvAcYnKJu33yw pj0I6+EBlk2cw8vi+SnMa5HkfQrWzg=; b=hXB2fJXIXuWGTmhyw7cVz/SIa3PR/ FutaDBZW9hM4/1cLlHUhEJm0a7eiet1nrTl0ImTlV65EES7qTrhPLkfU2jii6Zti GLw97+3GjXBNRxnzqicb7YLSIw14JcLOXhK8IGWR1OSnF/eE134m0ZMET9ubGgZa o67psES1U5g3YvWFqm+hQx9uTxdgrOd7pRRLoyBv/5eze9aHIL3K83SIXgeLZTAf sXb0AGbNMxx7IRzQ3q+TIbzwedfAi4cHj65mOhpUHLpj6NE5VtDxZ837F/E+e4vR YO7oSVcd2Bbb/x2fV39sKJOlfM06MEEuwAr7F1Ho+rDoxU4EOtr9f6Dlg== X-ME-Sender: <xms:-EeDZvK1OWj-yTVt2Y1RfG2t7Z_YNPxoSGuLn6bmWwFQr70TWNpoDA> <xme:-EeDZjIAGBnnlo3MGfgyasRaSp5ErNs3CCFfeeTXR4sEziH-QQLAMYhx4RU85Cd1v -rsTpUYQfVl7TWGPA> X-ME-Received: <xmr:-EeDZntZ3cDplMQuOdYl2nOpy6c7zTjFquCtL4XB4nyCYAYD2OwVJ90fg8mO6UsLzhxXy7G4Y3V3lbkMpPstged6y2Ta-0RM4q0K5PrFzRGBioKJdyhfKQ> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrudeggdefvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofggtgfgsehtkeertd ertdejnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghnsehrvghtrhhoshhpvggtrdht vheqnecuggftrfgrthhtvghrnhepgfeukeffjedugfdvveetleetiedtueduudffhfeuhf eihfejteeuhffgteetvdetnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehm rghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:-EeDZoYH62jovRPNPN5L6vwg0gHLeIu9k3zFibvV_csW2Ft35GWWgw> <xmx:-EeDZmZcoDS1GPzPn5sC3cvTQR8MisTIxye7RAs5nzau4pIRHiE3hA> <xmx:-EeDZsCXOZ6wWb9FaGCt36WdiBb-Y8kpTt8yA9xBscm5FLPVgiwzfQ> <xmx:-EeDZkauefSOWuPMlIc8ELoBFdPn-mUguooJcSIo5iaGZSM3m_NWQA> <xmx:-UeDZllQmNOOvh5DXE9BWOXoviBSvbmguEdZJXilg7Q8Afjsij4YiQ5Y> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 1 Jul 2024 20:21:11 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 71832 <at> debbugs.gnu.org Subject: [PATCH v3 0/2] Add nss-rapid; updte Librewolf to 127.0.2-2. Date: Mon, 1 Jul 2024 17:21:01 -0700 Message-ID: <20240702002103.9015-1-ian@HIDDEN> X-Mailer: git-send-email 2.45.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71832 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Updated with discussion from guix-devel: - nss rapid release package is now named `nss-rapid'. - Synposis and description clarify what this means. - Comments added above nss-rapid with packager guidance. Ian Eure (2): gnu: Add nss-rapid. gnu: librewolf: Update to 127.0.2-1. gnu/packages/librewolf.scm | 1044 ++++++++++++++++++------------------ gnu/packages/nss.scm | 80 ++- 2 files changed, 600 insertions(+), 524 deletions(-) -- 2.45.1
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.Received: (at 71832) by debbugs.gnu.org; 29 Jun 2024 21:01:11 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 29 17:01:11 2024 Received: from localhost ([127.0.0.1]:53735 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1sNfC3-0000ez-9h for submit <at> debbugs.gnu.org; Sat, 29 Jun 2024 17:01:11 -0400 Received: from wfout6-smtp.messagingengine.com ([64.147.123.149]:34723) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1sNfC0-0000ej-EQ for 71832 <at> debbugs.gnu.org; Sat, 29 Jun 2024 17:01:09 -0400 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailfout.west.internal (Postfix) with ESMTP id 6AD361C0009A; Sat, 29 Jun 2024 13:22:15 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Sat, 29 Jun 2024 13:22:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm1; t=1719681735; x=1719768135; bh=ua BIijiVOvk+gq2zfJc1w1Ne0bSGgQgSdg2pGo+L2IE=; b=gHVMOl2kdJ/1UGe16C uMm4NFDbTW0TaykqNYTmlIbMDLmxbST0V5O62/zpHPCV2HfkTg6s1tCDnOkHxZij 6FQJ3RycO2ukS1R3GxEEleWrAHSygIrw1PlTMDfVyTJYcK+HZMoekURDaW5G8hTY jlfyKRXTunUXR3/6nfWiNf8CsrLeSNDE2xMXHGiDoIC83JQ3DtVcCuhWW8am97yy +tDhxdKoH7DU5D4L7oJjfnXvbkNrQ2xkBAGPGf4PGH/wI8VWobH6XiS8z1olhLGa 3muPAeaVTN5+hK859ZDnIc+fKP5WI28OxUXzXp32+weSDJ8wuc3RBcNkyFmNP4My qr8A== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1719681735; x=1719768135; bh=uaBIijiVOvk+g q2zfJc1w1Ne0bSGgQgSdg2pGo+L2IE=; b=Qlu0K3XWjkXgKHCAMNpMIbOW6bnev ro5WFDMqNNzA2tnGT8QYJc7AH0VJpjCpiaFBZ4zCgrw/oTOYK8Wn7WyFUxyeVxev 6q7gOmREzjAQwr3he/jsTs4C+/i/G4N+iJE68JSTxX24VM9hpd6jvA38qUwsXUue boXLwym0pTG9AL9x/d74TDxhBwk56Uoe0Md/6KziKRz/yScgyFIUpiE9zLaM5Luj arDSM2W/xQbzzrYYtroGCZ7iSdOOvLmwHuumwWPCHvJpuUAmGD/Y+i6b9OUK7AwD lAH5CkNc1uO9EtgF+L5ySI8dyIelY8y7Q6C1PzuhE/nYchrAteljkEnAQ== X-ME-Sender: <xms:xkKAZtl-XFUsuKxPpWvYiGT3ec3P84dlW4FFQ6kUXYnEjD8PAulFtw> <xme:xkKAZo0UW9jity8tqkZCPuxt7kyVJp_4sbcS9WmZ1Q2ZR_XjEQdDp8-liZAhXHkX1 _aEh2Xsa8wR6YU2Gg> X-ME-Received: <xmr:xkKAZjrGmiJb2ggZ53CxtkgMlHlNY_KUcz89C5QaWaOzI0sO4OLx3JM4sgCiGIpWmt86CdEZqMl2ansSMXP1EUXfO9mZaMDe_02y0vnx1sOJ6PxQp5QO2Q> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrtdelgdduudefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffogggtgfesthekre dtredtjeenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgvtgdr thhvqeenucggtffrrghtthgvrhhnpefgueekffejudfgvdevteelteeitdeuuddufffhue fhiefhjeetuefhgfettedvteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhep mhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvh X-ME-Proxy: <xmx:xkKAZtnuWRgDrAM33KlmcGvHUOQrN__NdWVk92IP29AMzHbiGsM8Pg> <xmx:xkKAZr1sMcXnLub0VC6clwRhjzweCjZsvuNckXGDlaMbQcToCYMW2Q> <xmx:xkKAZsu23wKwgcgkRbwN64qh2BWsVdiUG1LUazmS3CikUft8_yzo9g> <xmx:xkKAZvXHPDfugLX-KF0nuDvwIQgdQ0OhYgSXn8aNp_q6mssna4VGKg> <xmx:x0KAZpB0BPUXWRXNVp8fitzF2cXvT5YNuZLW53uhIIsS8F0oBhZLIuL0> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 29 Jun 2024 13:22:14 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 71832 <at> debbugs.gnu.org Subject: [PATCH v2 0/2] Add nss-latest; update Librewolf to 127.0.2-2 Date: Sat, 29 Jun 2024 10:22:07 -0700 Message-ID: <20240629172209.26420-1-ian@HIDDEN> X-Mailer: git-send-email 2.45.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71832 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Realized that I didn't remove the backout of the encoding_rs patch which was added for 126.x. The browser built and worked, but that change isn’t needed anymore; remove it. Ian Eure (2): gnu: Add nss-latest. gnu: librewolf: Update to 127.0.2-1. gnu/packages/librewolf.scm | 1044 ++++++++++++++++++------------------ gnu/packages/nss.scm | 67 ++- 2 files changed, 587 insertions(+), 524 deletions(-) -- 2.45.1
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 29 Jun 2024 20:51:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 29 16:51:16 2024
Received: from localhost ([127.0.0.1]:53708 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sNf2R-0000NQ-JY
for submit <at> debbugs.gnu.org; Sat, 29 Jun 2024 16:51:16 -0400
Received: from wfhigh6-smtp.messagingengine.com ([64.147.123.157]:46685)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sNf2I-0000Mf-HG
for 71832 <at> debbugs.gnu.org; Sat, 29 Jun 2024 16:51:10 -0400
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
by mailfhigh.west.internal (Postfix) with ESMTP id 48C9618000CC;
Sat, 29 Jun 2024 13:22:17 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
by compute5.internal (MEProxy); Sat, 29 Jun 2024 13:22:17 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:date:date:from:from
:in-reply-to:in-reply-to:message-id:mime-version:references
:reply-to:subject:subject:to:to; s=fm1; t=1719681736; x=
1719768136; bh=xJ5vDGQmMCogEZ9Ltpxs299XYYgKmWbiY6+ONSDlUOw=; b=r
nvmCYjCIKcnGfMHw2sMqFbXpTlY8RTgF888dnDgHr9oa3pjdbkY/kohbZPx/xpOS
9UWRCaATk5ElXUkWhgpDV+wktofJE7vzUMlGx6mYpNeUDD05Inrfok1OrUXEotJT
IDcaNip//QmIYn6Op6PEMRftQITIWSRjegzojUmy6z2qllIiB5W5Di+8Q/rA7NTX
LXI7tGeUZ9KHAlJgY4f/DzzNAqPecDzI6hUnq2W0kC9oBVe9Mf6s8lz/zQ5yKsDc
b3aDpiAvtczfigcHlNwIYVkM6BKIK6fcUaumDH4Tv1EyRpGlOc4GLo4DU8H0ShXw
9rQTkFFMD6UhFVRcdQ8Cg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:date:date:feedback-id:feedback-id:from:from
:in-reply-to:in-reply-to:message-id:mime-version:references
:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1719681736; x=
1719768136; bh=xJ5vDGQmMCogEZ9Ltpxs299XYYgKmWbiY6+ONSDlUOw=; b=s
rE9dmer4tMjLFGglpJiGhlNXnNysnJbtdbpmbxGV7PpQiatXSs/LH7Ls/ygASDk3
vmm9iIcQU0B5JScyH+zECH/3eBca53XetMr9jfdSFHNXCOYOTJx3feSjDjrgW+bh
LFXyJfCedSpyHD/NU7JHxNaOKpjSQeZDbRITwuL7kNkJuMIsw/bcCy93UNftSYFn
NhIG1Uw69rltjXE4Ff4D7WtFKbboHm6Zupbs5GpcjAfb51ODbkOZozxZwLlnIpf8
PQsELO3g8JCQrYj3HfQsrvGUSXhW/T4eTmME8rxnMzHG+nFeJ6MhL9O9VT56hB4A
vddsGSSP+KCVEX3fZgSjQ==
X-ME-Sender: <xms:yEKAZiHN_sXjM3ApmspJ43aULAduZatmnefE34hqTYagRJnVXxWNDg>
<xme:yEKAZjUZKzpJMZ_jF4Tv9cu_PM-PBBq4pe0XWg_hMZV13i5eR8FckDYP0_wJMMLXG
iBJczAovTqdxIrxtg>
X-ME-Received: <xmr:yEKAZsKxO6e5m1GH08ffbwuaUl6E765YmwiE2Tae1XYJjLUfPuLbfZLxhE8xIKJfhPV9khL9ku9GiILor-DG0BdzjFbhO8erqNIWU5e_Up_BT0fEq1aj1Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrtdelgdduudefucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffojghfggfgsedtke
ertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghnsehrvghtrhhoshhpvggt
rdhtvheqnecuggftrfgrthhtvghrnhepgfetieffvdeljeelieeiveeggeelgeeiveejke
efveeludfgheettefgueffvefhnecuffhomhgrihhnpehmohiiihhllhgrrdhorhhgnecu
vehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrh
gvthhrohhsphgvtgdrthhv
X-ME-Proxy: <xmx:yEKAZsFn2jVX6DvskD33qlldOM_g8Wn7q3H8vmeAPT04KeFRCs9j8Q>
<xmx:yEKAZoVXZWcaqr806dd1RWzu9GJitxE6jKexl-HrCJX7BXyce5e2tw>
<xmx:yEKAZvNdSpioZ4c-cUoCMqJR2L-CATeQ4DddtsbbLnYob_4ts6p2aw>
<xmx:yEKAZv3js3AKUaLZNwSt_KLetLI2J2Cz__8ASbtlZnDBIAIMQVacFA>
<xmx:yEKAZljwb0NDNVCOUTMu6nc1vuj_1EtHbfBgsG5cyG5YdBP2vWtRanbM>
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat,
29 Jun 2024 13:22:15 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH v2 1/2] gnu: Add nss-latest.
Date: Sat, 29 Jun 2024 10:22:08 -0700
Message-ID: <20240629172209.26420-2-ian@HIDDEN>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <20240629172209.26420-1-ian@HIDDEN>
References: <20240629172209.26420-1-ian@HIDDEN>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* gnu/packages/nss.scm (nss-latest): New variable.
Change-Id: Ifdc215090a20dee1bde83013852ef21b6cfd9979
---
gnu/packages/nss.scm | 67 ++++++++++++++++++++++++++++++++++++++++----
1 file changed, 61 insertions(+), 6 deletions(-)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index d558079f44..6b45e59ea8 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,6 +106,9 @@ (define-public nspr-4.32
(base32
"0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv"))))))
+;; nss should track ESRs, but currently doesn't. When the next ESR it out, it
+;; should get updated.
+
(define-public nss
(package
(name "nss")
@@ -153,13 +156,13 @@ (define-public nss
;; Ensure we are building for the (%current-target-system).
#$@(if (%current-target-system)
#~((string-append
- "OS_TEST="
- (string-take #$(%current-target-system)
- (string-index #$(%current-target-system) #\-)))
+ "OS_TEST="
+ (string-take #$(%current-target-system)
+ (string-index #$(%current-target-system) #\-)))
(string-append
- "KERNEL=" (cond (#$(target-hurd?) "gnu")
- (#$(target-linux?) "linux")
- (else ""))))
+ "KERNEL=" (cond (#$(target-hurd?) "gnu")
+ (#$(target-linux?) "linux")
+ (else ""))))
#~())
#$@(if (%current-target-system)
#~("CROSS_COMPILE=1")
@@ -303,6 +306,58 @@ (define-public nss/fixed
(invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))))))))))
+;; nss-latest tracks the latest released version.
+
+(define-public nss-latest
+ (package
+ (inherit nss)
+ (name "nss-latest")
+ (version "3.101")
+ (source (origin
+ (inherit (package-source nss))
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1rw5xpclsy174znvxcb4d4zgjwadxy45mbh0wvkm3fxpnkq4i5w5"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nss)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (if tests?
+ (begin
+ ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for
+ ;; testing. The latter requires a working DNS or /etc/hosts.
+ (setenv "DOMSUF" "localdomain")
+ (setenv "USE_IP" "TRUE")
+ (setenv "IP_ADDRESS" "127.0.0.1")
+
+ ;; This specific test is looking at performance "now
+ ;; verify that we can quickly dump a database", and
+ ;; we're not testing performance here (especially
+ ;; since we're using faketime), so raise the
+ ;; threshold
+ (substitute* "nss/tests/dbtests/dbtests.sh"
+ ((" -lt 5") " -lt 50"))
+
+ ;; Since the test suite is very lengthy, run the test
+ ;; suite once, not thrice as done by default, by
+ ;; selecting only the 'standard' cycle.
+ (setenv "NSS_CYCLES" "standard")
+
+ ;; The "PayPalEE.cert" certificate expires every six months,
+ ;; leading to test failures:
+ ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
+ ;; work around that, set the time to roughly the release date.
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
+ (format #t "test suite not run~%"))))))))))
+
(define-public nsncd
(package
(name "nsncd")
--
2.45.1
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 29 Jun 2024 20:51:15 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 29 16:51:15 2024
Received: from localhost ([127.0.0.1]:53706 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sNf2P-0000NL-2y
for submit <at> debbugs.gnu.org; Sat, 29 Jun 2024 16:51:15 -0400
Received: from wfhigh6-smtp.messagingengine.com ([64.147.123.157]:56825)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sNf2I-0000Me-HH
for 71832 <at> debbugs.gnu.org; Sat, 29 Jun 2024 16:51:10 -0400
Received: from compute7.internal (compute7.nyi.internal [10.202.2.48])
by mailfhigh.west.internal (Postfix) with ESMTP id F230118000D3;
Sat, 29 Jun 2024 13:22:18 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
by compute7.internal (MEProxy); Sat, 29 Jun 2024 13:22:19 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:content-type:date
:date:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to; s=fm1; t=1719681738;
x=1719768138; bh=HGx6+r3u8Pfo1WG5zuxQ70ICaN8Yur/1iQ4wEZ3GFXk=; b=
oOoYIOJUH/jGrfNwVeOiKNKUfkpTGY5OLCaCHF8k6Vart3YnnipDUpyQFlGjf76I
w2R35B5rOY8YWeFnELlLHyFKtNPetHSXPY0zAqDGA57sqUhvIQlw3OsGfcv1x3fD
DAn8PS/ZJI1R+3oqAJNTby/OGe6qAJ9cNbDaAnre9dCKG7QOlZGn2jE/Kz97XTq3
oq7cY7OGHssHB5TIPWsQSCNV1e5kLyspMHC44Q2b+5PSkZKWNqOFzwA3M91aMMnn
Jpl2kFADRtvAfkvn5jlYUE+JeAuNg9QZBvFSKgtQphMIeYXasahKvbpdYqRNXLPg
GynpxYHrXRvtr1nsVopy8A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:content-type:date:date:feedback-id:feedback-id
:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1719681738; x=
1719768138; bh=HGx6+r3u8Pfo1WG5zuxQ70ICaN8Yur/1iQ4wEZ3GFXk=; b=L
Wd/NA6rwrxBu74kAnrO2a0z9z7xkHoDKLNqYrD09r97G1rBqVxLc11ZP7M8bezE7
e3/jRUm6Fj+8Jt1ZCf6hKZoTlSfokxP2QHuCTYWCCbJSd289gEqawOp0wXvk7Npm
d70VViXE4uVNdEGdwCCPsfQYSZaH3MwyUsaAkh4Dz1HYhGbVXVJu9PGV85sIq14J
ueCX3lZJM979OOJ+VgKm2VgRe34UHr2vJZR0DoJOQkv1YHYLY+oGSf/Eb5TbnEgv
mx0HxK1Y7GK21wHM9gZ+squ58+rvOJ9yFFU0dFQRoH3+xwN5oQzXsVxMXl2mKX34
0VPX+6xizl39OqSe/n3RQ==
X-ME-Sender: <xms:ykKAZjxb5Niqr9R0lXesuHaF63msgJFo0vzeVPb6eC5ONs8FGu6xiQ>
<xme:ykKAZrTceO6EbqfPuKxWBjjFN2BeRlH-QAxufaaz29ydskOfkOnGaspmDtsOl5gWT
tWXixKVCxNqp-MjWg>
X-ME-Received: <xmr:ykKAZtUIEKVwp7PFAC4WmShVYsI4SHQ_1oAZxKXIsPGh7YmiEuhP-YFux7Oz7-6wTKwc6nsRqdgNDqHlSvwHrzwWnuN2usvKzFcZzxP8g6E6iX8l1lhbwA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrtdelgdduudefucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffojghfgggtgfesth
ekredtredtjeenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgv
tgdrthhvqeenucggtffrrghtthgvrhhnpeeihfevgfegtdeukeejgfeifefgudelgeegte
ffvdevueeuffduvefhiedvudekieenucffohhmrghinhepshgvrghrtghhfhhogidrohhr
ghdpghhnuhdrohhrghdptghonhhtvghnthdrrhgvrggupdhmohiiihhllhgrrdhorhhgpd
hgvghtrgguughonhhsrdhsvggrrhgthhdpghgvthgrugguohhnshdrlhhinhhkpdhgihht
hhhusgdrtghomhdplhhisghrvgifohhlfhdrnhgvthenucevlhhushhtvghrufhiiigvpe
dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvh
X-ME-Proxy: <xmx:ykKAZtiMAs9C0gYsHpJW4SZ1WJr6wXuTtDWH0mYc_LSwWcckGk4Qzw>
<xmx:ykKAZlDMA9K884WFH5TC9xG24EhR5FYz1VHCfEPHdxYm_Hk3lUQcng>
<xmx:ykKAZmJ61A-1AYk5pkMhtnWpdS9j9n87EUwiFcC1rxhh49MVs4_4nQ>
<xmx:ykKAZkC5YeQoWLrbUKOYUd252BhgN1eeWl3ioIeAl0W-OFX9KhY0DA>
<xmx:ykKAZoMTvmLUaKr77ZOXLyxmdorjUc94bc2Gr9TnEi5R2jkHrumW63nV>
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat,
29 Jun 2024 13:22:17 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH v2 2/2] gnu: librewolf: Update to 127.0.2-1.
Date: Sat, 29 Jun 2024 10:22:09 -0700
Message-ID: <20240629172209.26420-3-ian@HIDDEN>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <20240629172209.26420-1-ian@HIDDEN>
References: <20240629172209.26420-1-ian@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* gnu/packages/librewolf.scm (librewolf): Update to 127.0.2-1. Reorganize
module to improve usability and reduce duplication. The Rust package and
build ID are now at the top of the file. The librewolf-source variable has
been replaced with the make-librewolf-source procedure, centralizing versions
& hashes in the librewolf package definition. Dedent some of the package’s
arguments to improve readability.
Change-Id: I15f8a2aa1fae07e0497ab5511d10af0c1f70cc2e
---
gnu/packages/librewolf.scm | 1044 ++++++++++++++++++------------------
1 file changed, 526 insertions(+), 518 deletions(-)
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index c84bcaf3ce..a400080dcb 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -93,6 +93,18 @@ (define-module (gnu packages librewolf)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xorg))
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/kinds/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+;; 1.75 is the default in Guix, 1.77 is the minimum for Librewolf.
+(define rust-librewolf rust-1.77)
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+;; ex: date '+%Y%m%d%H%M%S'
+(define %librewolf-build-id "20240626133423")
+
(define (firefox-source-origin version hash)
(origin
(method url-fetch)
@@ -114,11 +126,14 @@ (define (librewolf-source-origin version hash)
(define computed-origin-method (@@ (guix packages) computed-origin-method))
-(define librewolf-source
- (let* ((ff-src (firefox-source-origin "126.0.1" "0fr679rcwshwpfxidc55b2xsn4pmrr7p9ix4rr2mv2k7kwsjcc7n"))
- (version "126.0.1-1")
- (lw-src (librewolf-source-origin version "0cac80073vkzd85ai9rbnwixs1h9bpy4dj2ri6jxdlqsy5d663km")))
-
+(define* (make-librewolf-source version #:key firefox-hash librewolf-hash)
+ (let* ((ff-src (firefox-source-origin
+ (car (string-split version #\-))
+ firefox-hash))
+ (version version)
+ (lw-src (librewolf-source-origin
+ version
+ librewolf-hash)))
(origin
(method computed-origin-method)
(file-name (string-append "librewolf-" version ".source.tar.gz"))
@@ -162,11 +177,6 @@ (define librewolf-source
(("^ff_source_tarball:=.*")
(string-append "ff_source_tarball:=" #+ff-src)))
- ;; Remove encoding_rs patch, it doesn't build with Rust 1.75.
- (substitute* '("assets/patches.txt")
- (("patches/encoding_rs.patch\\\n$")
- ""))
-
;; Stage locales.
(begin
(format #t "Staging locales...~%")
@@ -204,523 +214,521 @@ (define librewolf-source
".source.tar.gz")
#$output))))))))
-;; Define the versions of rust needed to build librewolf, trying to match
-;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
-;; https://searchfox.org under the particular firefox release, like
-;; mozilla-esr102.
-(define rust-librewolf rust) ; 1.75 is the default in Guix, 1.65 is the minimum.
-
-;; Update this id with every update to its release date.
-;; It's used for cache validation and therefore can lead to strange bugs.
-;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20240607212143")
-
(define-public librewolf
- (package
- (name "librewolf")
- (version "126.0.1-1")
- (source librewolf-source)
- (build-system gnu-build-system)
- (arguments
- (list
- #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
- `("--enable-application=browser"
-
- ;; Configuration
- "--without-wasm-sandboxed-libraries"
- "--with-system-jpeg"
- "--with-system-zlib"
- "--with-system-png"
- "--with-system-webp"
- "--with-system-icu"
- "--with-system-libvpx"
- "--with-system-libevent"
- "--with-system-ffi"
- "--enable-system-pixman"
- "--enable-jemalloc"
-
- ;; see https://bugs.gnu.org/32833
- "--with-system-nspr"
- "--with-system-nss"
-
- ,(string-append "--with-clang-path=" clang
- "/bin/clang")
- ,(string-append "--with-libclang-path=" clang
- "/lib")
-
- ;; Distribution
- "--with-distribution-id=org.guix"
- "--with-app-name=librewolf"
- "--with-app-basename=LibreWolf"
- "--with-branding=browser/branding/librewolf"
-
- ;; Features
- "--disable-tests"
- "--disable-updater"
- "--enable-pulseaudio"
- "--disable-crashreporter"
- "--allow-addon-sideload"
- "--with-unsigned-addon-scopes=app,system"
- "--disable-eme"
-
- ;; Build details
- "--disable-debug"
- "--enable-rust-simd"
- "--enable-release"
- "--enable-optimize"
- "--enable-strip"
- "--enable-hardening"
- "--disable-elf-hack"))
- #:imported-modules %cargo-utils-modules
- #:modules `((ice-9 regex)
- (ice-9 string-fun)
- (ice-9 ftw)
- (srfi srfi-1)
- (srfi srfi-26)
- (rnrs bytevectors)
- (rnrs io ports)
- (guix elf)
- (guix build gremlin)
- ,@%gnu-build-system-modules)
- #:phases #~(modify-phases %standard-phases
- (add-after 'unpack 'fix-preferences
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((port (open-file "browser/app/profile/firefox.js"
- "a")))
- (define (write-setting key value)
- (format port "~%pref(\"~a\", ~a);~%" key value)
- (format #t
+ (let ((version "127.0.2-2"))
+ (package
+ (name "librewolf")
+ (version version)
+ (source (make-librewolf-source
+ version
+ #:firefox-hash
+ "1s73fdp7k60058ylyvlixq13k5hfbmj6k1y42fmzqlpg7n62lyqb"
+ #:librewolf-hash
+ "1f4xz496x1nf7lmvk50hakj9p6q0kzxl5f9s2k0b6kczvyc8gw5n"))
+
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags
+ #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
"fix-preferences: setting value of ~a to ~a~%" key
value))
- ;; We should allow the sandbox to read the store directory,
- ;; because the sandbox has access to /usr on FHS distros.
- (write-setting
- "security.sandbox.content.read_path_whitelist"
- (string-append "\""
- (%store-directory) "/\""))
-
- ;; XDG settings should be managed by Guix.
- (write-setting "browser.shell.checkDefaultBrowser"
- "false")
- (close-port port))))
- (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
- (libavcodec (string-append ffmpeg
- "/lib/libavcodec.so")))
- ;; Arrange to load libavcodec.so by its absolute file name.
- (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
- (("libavcodec\\.so")
- libavcodec)))))
- (add-after 'patch-source-shebangs 'patch-cargo-checksums
- (lambda _
- (use-modules (guix build cargo-utils))
- (let ((null-hash
- ;; This is the SHA256 output of an empty string.
- (string-append
- "e3b0c44298fc1c149afbf4c8996fb924"
- "27ae41e4649b934ca495991b7852b855")))
- (for-each (lambda (file)
- (format #t
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
"patch-cargo-checksums: patching checksums in ~a~%"
file)
- (substitute* file
- (("(checksum = )\".*\"" all name)
- (string-append name "\"" null-hash
- "\""))))
- (find-files "." "Cargo\\.lock$"))
- (for-each generate-all-checksums
- '("build"
- "dom/media"
- "dom/webauthn"
- "gfx"
- "intl"
- "js"
- "media"
- "modules"
- "mozglue/static/rust"
- "netwerk"
- "remote"
- "security/manager/ssl"
- "servo"
- "storage"
- "third_party/rust"
- "toolkit"
- "xpcom/rust"
- "services")))))
- (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
- (lambda _
- ;; Remove --frozen flag from cargo invokation, otherwise it'll
- ;; complain that it's not able to change Cargo.lock.
- ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
- (substitute* "build/RunCbindgen.py"
- (("args.append\\(\"--frozen\"\\)") "pass"))))
- (delete 'bootstrap)
- (add-before 'configure 'patch-SpeechDispatcherService.cpp
- (lambda _
- (let* ((lib "libspeechd.so.2")
- (file (string-append
- "dom/media/webspeech/synth/"
- "speechd/SpeechDispatcherService.cpp"))
- (old-content (call-with-input-file file
- get-string-all)))
- (substitute
- file
- `((,(format #f "~s" lib) unquote
- (lambda (line _)
- (string-replace-substring
- line lib
- (string-append #$speech-dispatcher
- "/lib/" lib))))))
- (if (string=? old-content
- (call-with-input-file file
- get-string-all))
- (error
- "substitute did nothing, phase requires an update")))))
- (add-before 'configure 'set-build-id
- ;; Build will write the timestamp to output, which is harmful
- ;; for reproducibility, so change it to a fixed date. Use a
- ;; separate phase for easier modification with inherit.
- (lambda _
- (setenv "MOZ_BUILD_DATE"
- #$%librewolf-build-id)))
- (replace 'configure
- (lambda* (#:key inputs outputs configure-flags
- #:allow-other-keys)
- (setenv "AUTOCONF"
- (string-append (assoc-ref inputs "autoconf")
- "/bin/autoconf"))
- (setenv "SHELL"
- (which "bash"))
- (setenv "CONFIG_SHELL"
- (which "bash"))
- (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
- "system")
- ;; This should use the host info probably (does it
- ;; build on non-x86_64 though?)
- (setenv "GUIX_PYTHONPATH"
- (string-append (getcwd)
- "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
-
- ;; Use Clang, Clang is 2x faster than GCC
- (setenv "AR" "llvm-ar")
- (setenv "NM" "llvm-nm")
- (setenv "CC" "clang")
- (setenv "CXX" "clang++")
- (setenv "MOZ_NOSPAM" "1")
- (setenv "MOZ_APP_NAME" "librewolf")
-
- (setenv "MOZBUILD_STATE_PATH"
- (getcwd))
-
- (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
- (out (assoc-ref outputs "out"))
- (flags (cons (string-append "--prefix=" out)
- configure-flags)))
- (format #t "build directory: ~s~%"
- (getcwd))
- (format #t "configure flags: ~s~%" flags)
-
- (define write-flags
- (lambda flags
- (display (string-join (map (cut string-append
- "ac_add_options " <>)
- flags) "\n"))
- (display "\n")))
- (with-output-to-file mozconfig
- (lambda ()
- (apply write-flags flags)
- ;; The following option unsets Telemetry
- ;; Reporting. With the Addons Fiasco,
- ;; Mozilla was found to be collecting
- ;; user's data, including saved passwords
- ;; and web form data, without users
- ;; consent. Mozilla was also found
- ;; shipping updates to systems without
- ;; the user's knowledge or permission.
- ;; As a result of this, use the following
- ;; command to permanently disable
- ;; telemetry reporting.
- (display "unset MOZ_TELEMETRY_REPORTING\n")
- (display "mk_add_options MOZ_CRASHREPORTER=0\n")
- (display "mk_add_options MOZ_DATA_REPORTING=0\n")
- (display
- "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
- (display
- "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
- (setenv "MOZCONFIG" mozconfig))
- (invoke "./mach" "configure")))
- (add-before 'build 'fix-addons-placeholder
- (lambda _
- (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
- (("addons.mozilla.org")
- "gnuzilla.gnu.org"))))
- (replace 'build
- (lambda* (#:key (make-flags '())
- (parallel-build? #t) #:allow-other-keys)
- (apply invoke "./mach" "build"
- ;; mach will use parallel build if possible by default
- `(,@(if parallel-build?
- '()
- '("-j1")) ,@make-flags))))
- (add-after 'build 'neutralise-store-references
- (lambda _
- ;; Mangle the store references to compilers &
- ;; other build tools in about:buildconfig,
- ;; reducing the package's closure by 1 GiB on
- ;; x86-64.
- (let* ((build-dir (car (scandir "."
- (cut string-prefix?
- "obj-" <>))))
- (file (string-append build-dir
- "/dist/bin/chrome/toolkit/"
- "content/global/buildconfig.html")))
- (substitute* file
- (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
- (regexp-quote (%store-directory)))
- _ store hash)
- (string-append store
- (string-take hash 8)
- "<!-- Guix: not a runtime dependency -->"
- (string-drop hash 8)))))))
- (replace 'install
- (lambda _
- (invoke "./mach" "install")))
- (add-after 'install 'remove-duplicate-bin
- (lambda* (#:key outputs #:allow-other-keys)
- (delete-file (string-append #$output
- "/lib/librewolf/librewolf-bin"))))
- (add-after 'install 'wrap-glxtest
- ;; glxtest uses dlopen() to load mesa and pci
- ;; libs, wrap it to set LD_LIBRARY_PATH.
- (lambda* (#:key inputs outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (libs (map
- (lambda (lib-name)
- (string-append (assoc-ref inputs
- lib-name)
- "/lib"))
- '("mesa" "pciutils"))))
- (wrap-program (car (find-files lib "^glxtest$"))
- `("LD_LIBRARY_PATH" prefix ,libs)))))
- (add-after 'install 'patch-config
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((lib (string-append #$output "/lib/librewolf"))
- (config-file "librewolf.cfg"))
-
- ;; Required for Guix packaged extensions
- ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
- ;; Default is 5.
- (substitute* (in-vicinity lib config-file)
- (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
- "defaultPref(\"extensions.enabledScopes\", 13)"))
- ;; Use Mozzarella addons repo.
- (call-with-port
- (open-file
- (in-vicinity lib config-file)
- "a")
- (lambda (port)
- ;; Add-ons panel (see settings.js in Icecat source).
- (for-each
- (lambda (pref)
- (format port
- "defaultPref(~s, ~s);~%"
- (car pref)
- (cdr pref)))
- `(("extensions.getAddons.search.browseURL"
- ,(string-append
- "https://gnuzilla.gnu.org/mozzarella/"
- "search.php?q=%TERMS%"))
- ("extensions.getAddons.get.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.link.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.discovery.api_url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.langpacks.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("lightweightThemes.getMoreURL" .
- "https://gnuzilla.gnu.org/mozzarella"))))))))
- (add-after 'install 'wrap-program
- (lambda* (#:key inputs outputs #:allow-other-keys)
- ;; The following two functions are from Guix's icecat package in
- ;; (gnu packages gnuzilla). See commit
- ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
- (define (runpath-of lib)
- (call-with-input-file lib
- (compose elf-dynamic-info-runpath elf-dynamic-info
- parse-elf get-bytevector-all)))
- (define (runpaths-of-input label)
- (let* ((dir (string-append (assoc-ref inputs label)
- "/lib"))
- (libs (find-files dir "\\.so$")))
- (append-map runpath-of libs)))
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (libs (map
- (lambda (lib-name)
- (string-append (assoc-ref inputs
- lib-name)
- "/lib"))
- '("mesa" "libpng-apng" "libnotify" "libva"
- "pulseaudio" "gtk+" "pipewire"
- ;; For U2F and WebAuthn
- "eudev")))
-
- ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
- ;; and must be explicitly given access to files it needs.
- ;; Rather than adding the whole store (as Nix had
- ;; upstream do, see
- ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
- ;; linked upstream patches), we can just follow the
- ;; runpaths of the needed libraries to add everything to
- ;; LD_LIBRARY_PATH. These will then be accessible in the
- ;; RDD sandbox.
- (rdd-whitelist (map (cut string-append <> "/")
- (delete-duplicates (append-map
- runpaths-of-input
- '("mesa"
- "ffmpeg")))))
- (gtk-share (string-append (assoc-ref inputs
- "gtk+")
- "/share")))
- (wrap-program (car (find-files lib "^librewolf$"))
- `("LD_LIBRARY_PATH" prefix
- (,@libs ,@rdd-whitelist))
- `("XDG_DATA_DIRS" prefix
- (,gtk-share))
- `("MOZ_LEGACY_PROFILES" =
- ("1"))
- `("MOZ_ALLOW_DOWNGRADE" =
- ("1"))))))
- (add-after 'wrap-program 'install-desktop-entry
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((desktop-file
- "taskcluster/docker/firefox-snap/firefox.desktop")
- (applications (string-append #$output
- "/share/applications")))
- (substitute* desktop-file
- (("^Exec=firefox")
- (string-append "Exec="
- #$output "/bin/librewolf"))
- ;; "Firefox" -> "LibreWolf" everywhere
- (("Firefox")
- "LibreWolf")
- ;; Remove non-Latin translations.
- (("^Name\\[(ar|bn)\\].*$")
- "")
- (("^Icon=.*")
- (string-append "Icon="
- #$output
- "/share/icons/hicolor/128x128/apps/librewolf.png
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build"
+ "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("args.append\\(\"--frozen\"\\)") "pass"))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa and pci
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "pciutils"))))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix ,libs)))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ `(("extensions.getAddons.search.browseURL"
+ ,(string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%"))
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "libpng-apng" "libnotify" "libva"
+ "pulseaudio" "gtk+" "pipewire"
+ ;; For U2F and WebAuthn
+ "eudev")))
+
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,@libs ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
"))
- ;; These commands were changed.
- (("-NewWindow")
- "-new-window")
- (("-NewPrivateWindow")
- "-new-private-window")
- (("StartupNotify=true")
- "StartupNotify=true
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
StartupWMClass=Navigator"))
- (copy-file desktop-file "librewolf.desktop")
- (install-file "librewolf.desktop" applications))))
- (add-after 'install-desktop-entry 'install-icons
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((icon-source-dir (string-append #$output
- "/lib/librewolf/browser/"
- "chrome/icons/default")))
- (for-each (lambda (size)
- (let ((dest (string-append #$output
- "/share/icons/hicolor/"
- size
- "x"
- size
- "/apps")))
- (mkdir-p dest)
- (symlink (string-append icon-source-dir
- "/default" size ".png")
- (string-append dest
- "/librewolf.png"))))
- '("16" "32" "48" "64" "128"))))))
-
- ;; Test will significantly increase build time but with little rewards.
- #:tests? #f
-
- ;; WARNING: Parallel build will consume lots of memory!
- ;; If you have encountered OOM issue in build phase, try disable it.
- #:parallel-build? #t
-
- ;; Some dynamic lib was determined at runtime, so rpath check may fail.
- #:validate-runpath? #f))
- (inputs (list bash-minimal
- bzip2
- cairo
- cups
- dbus-glib
- freetype
- ffmpeg
- gdk-pixbuf
- glib
- gtk+
- gtk+-2
- hunspell
- icu4c-73
- jemalloc
- libcanberra
- libevent
- libffi
- libgnome
- libjpeg-turbo
- libnotify
- libpng-apng
- libva
- libvpx
- libwebp
- libxcomposite
- libxft
- libxinerama
- libxscrnsaver
- libxt
- mesa
- mit-krb5
- nspr
- nss/fixed
- pango
- pciutils
- pipewire
- pixman
- pulseaudio
- speech-dispatcher
- sqlite
- startup-notification
- eudev
- unzip
- zip
- zlib))
- (native-inputs (list alsa-lib
- autoconf-2.13
- `(,rust-librewolf "cargo")
- clang-18
- llvm-18
- m4
- nasm
- node-lts
- perl
- pkg-config
- python
- rust-librewolf
- rust-cbindgen-0.26
- which
- yasm))
- (home-page "https://librewolf.net/")
- (synopsis
- "Custom version of Firefox, focused on privacy, security and freedom")
- (description
- "LibreWolf is designed to increase protection against tracking and
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss-latest
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang-18
+ llvm-18
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
fingerprinting techniques, while also including a few security improvements.
This is achieved through our privacy and security oriented settings and
patches. LibreWolf also aims to remove all the telemetry, data collection and
annoyances, as well as disabling anti-freedom features like DRM.")
- (license license:mpl2.0)))
+ (license license:mpl2.0))))
--
2.45.1
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 29 Jun 2024 04:00:23 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 29 00:00:22 2024
Received: from localhost ([127.0.0.1]:36614 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sNPG8-0000kU-OY
for submit <at> debbugs.gnu.org; Sat, 29 Jun 2024 00:00:22 -0400
Received: from fout7-smtp.messagingengine.com ([103.168.172.150]:41073)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sNPG5-0000jz-Fl
for 71832 <at> debbugs.gnu.org; Sat, 29 Jun 2024 00:00:19 -0400
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
by mailfout.nyi.internal (Postfix) with ESMTP id D32141380476;
Sat, 29 Jun 2024 00:00:12 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute2.internal (MEProxy); Sat, 29 Jun 2024 00:00:12 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:content-type:date
:date:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to; s=fm1; t=1719633612;
x=1719720012; bh=ACdljprjJzTgh+JuteHGtpKancSTIq3wX+VrH0j/gvc=; b=
aT7H9niME6XIkUogd2xso3dm7m+YSttQNLNN952ODVu9yV4U2CF09N9SgqE9MWwG
Ah2x1J3jvkQtD0mmOhL0Ai+nDaKoqTm9KKze/uIjNsPKprsM4i80cmlm2DljII6P
p/yT/GOmomYHKDQiOEbh9S6wSszSb0QjVx0gKE5q8qBaqqNUbAUnVeQ2Tz8FaAzn
asCmaq5ROdpENZ+v/HFxw9vnCJHdNvFMuOubP8NGIgSknrVF1DAw0IAWKRLbAABs
/gnOP8GihZFkeTCWvcML+39K32RC0h7GFmw7Y5ldQAobOj7aI/v7QmcS8rm6eMAA
J6lkonD4DDDJC2myXm8GIQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:content-type:date:date:feedback-id:feedback-id
:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1719633612; x=
1719720012; bh=ACdljprjJzTgh+JuteHGtpKancSTIq3wX+VrH0j/gvc=; b=P
uHuEGPEtnfJ3dzQOZedkdk5OlIfOx8/vjxOMbdHrJmdINclQ8ZHinMCoH33c/YxI
UWMI1YsCQmv2Mas6hSYESI8afEYMw6/C2z+q+n3B/Znu1ze17XJhY336lFVL8RQ4
QjBCXYKq5G3FB9XqTtcs0ql6Ohxmj6sSsQADVVr0isjxwpnOfy3UFYLlhPciL/GM
ZQqhQT50JsGFJ2EpOa+4m19aSyn/RjCOrPrmnQVxINRBhSN0f7ipnyy/d7YJCeL/
ucBZkckNLYY5MRZXAwcc3cZXyEUu93g2epj+X9EJ9LOo+8odnKiWktraFCPl2c+w
D8nLZnIeTaGNbChwfUmug==
X-ME-Sender: <xms:zIZ_ZpfNFoIraWQfy6WxZ5Y0l-L4Cb-ytfdbHUsTqwnz960Rwv8YRA>
<xme:zIZ_ZnNPlaG6bMewtdE5Rnx1S_SD7zMWxWzXSwDTpAXZjBvTu1VhTi0imGFgS_sB1
fL1ts6nUVRw0x9x1w>
X-ME-Received: <xmr:zIZ_Zih-WOHeUZCmY0ld78MMCAgfox7LintC1wI4TlKT2TdB7YQ-TS8FIV5SeIavsv6LOSHF6nhnvCNOA0G8pOnWar0zBBaF9gMHwkYDP8-83-UHapeksw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrtdekgdejkecutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhggtgfgsehtke
ertdertdejnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghnsehrvghtrhhoshhpvggt
rdhtvheqnecuggftrfgrthhtvghrnhepiefhvefggedtueekjefgieefgfduleeggeetff
dvveeuueffudevhfeivddukeeinecuffhomhgrihhnpehsvggrrhgthhhfohigrdhorhhg
pdhgnhhurdhorhhgpdgtohhnthgvnhhtrdhrvggrugdpmhhoiihilhhlrgdrohhrghdpgh
gvthgrugguohhnshdrshgvrghrtghhpdhgvghtrgguughonhhsrdhlihhnkhdpghhithhh
uhgsrdgtohhmpdhlihgsrhgvfiholhhfrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd
enucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhv
X-ME-Proxy: <xmx:zIZ_Zi8TybW3lNO3TSoyQE8I2OFTOdvspzydJidyj37ijWEYqscPyg>
<xmx:zIZ_ZlspcbvThTU6asqNzVafsk1EtnnGZD-jIErRHrjddBPm4pl_Xw>
<xmx:zIZ_ZhH6IAUtW1q7hancnVUCIZnBMFiQxNANIk6liBdcrN99T6mjGg>
<xmx:zIZ_ZsNQ_4deacHqjcunz4_wS1RZl2e02EPb4t-jglJEP4tMCwpscg>
<xmx:zIZ_Zu7mN64J9lWVOtR9ENlxjd3vdZgMcyERRugTMjNm2VY9O3Dm9IcC>
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat,
29 Jun 2024 00:00:11 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH 2/2] gnu: librewolf: Update to 127.0.2-1.
Date: Fri, 28 Jun 2024 20:59:57 -0700
Message-ID: <20240629035957.21688-2-ian@HIDDEN>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <20240629035957.21688-1-ian@HIDDEN>
References: <20240629035957.21688-1-ian@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* gnu/packages/librewolf.scm (librewolf): Update to 127.0.2-1. Reorganize
module to improve usability and reduce duplication. The Rust package and
build ID are now at the top of the file. The librewolf-source variable has
been replaced with the make-librewolf-source procedure, centralizing versions
& hashes in the librewolf package definition. Dedent some of the package’s
arguments to improve readability.
Change-Id: I15f8a2aa1fae07e0497ab5511d10af0c1f70cc2e
---
gnu/packages/librewolf.scm | 1039 ++++++++++++++++++------------------
1 file changed, 526 insertions(+), 513 deletions(-)
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index c84bcaf3ce..7f8579e8dd 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -93,6 +93,18 @@ (define-module (gnu packages librewolf)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xorg))
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/kinds/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+;; 1.75 is the default in Guix, 1.77 is the minimum for Librewolf.
+(define rust-librewolf rust-1.77)
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+;; ex: date '+%Y%m%d%H%M%S'
+(define %librewolf-build-id "20240626133423")
+
(define (firefox-source-origin version hash)
(origin
(method url-fetch)
@@ -114,11 +126,14 @@ (define (librewolf-source-origin version hash)
(define computed-origin-method (@@ (guix packages) computed-origin-method))
-(define librewolf-source
- (let* ((ff-src (firefox-source-origin "126.0.1" "0fr679rcwshwpfxidc55b2xsn4pmrr7p9ix4rr2mv2k7kwsjcc7n"))
- (version "126.0.1-1")
- (lw-src (librewolf-source-origin version "0cac80073vkzd85ai9rbnwixs1h9bpy4dj2ri6jxdlqsy5d663km")))
-
+(define* (make-librewolf-source version #:key firefox-hash librewolf-hash)
+ (let* ((ff-src (firefox-source-origin
+ (car (string-split version #\-))
+ firefox-hash))
+ (version version)
+ (lw-src (librewolf-source-origin
+ version
+ librewolf-hash)))
(origin
(method computed-origin-method)
(file-name (string-append "librewolf-" version ".source.tar.gz"))
@@ -204,523 +219,521 @@ (define librewolf-source
".source.tar.gz")
#$output))))))))
-;; Define the versions of rust needed to build librewolf, trying to match
-;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
-;; https://searchfox.org under the particular firefox release, like
-;; mozilla-esr102.
-(define rust-librewolf rust) ; 1.75 is the default in Guix, 1.65 is the minimum.
-
-;; Update this id with every update to its release date.
-;; It's used for cache validation and therefore can lead to strange bugs.
-;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20240607212143")
-
(define-public librewolf
- (package
- (name "librewolf")
- (version "126.0.1-1")
- (source librewolf-source)
- (build-system gnu-build-system)
- (arguments
- (list
- #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
- `("--enable-application=browser"
-
- ;; Configuration
- "--without-wasm-sandboxed-libraries"
- "--with-system-jpeg"
- "--with-system-zlib"
- "--with-system-png"
- "--with-system-webp"
- "--with-system-icu"
- "--with-system-libvpx"
- "--with-system-libevent"
- "--with-system-ffi"
- "--enable-system-pixman"
- "--enable-jemalloc"
-
- ;; see https://bugs.gnu.org/32833
- "--with-system-nspr"
- "--with-system-nss"
-
- ,(string-append "--with-clang-path=" clang
- "/bin/clang")
- ,(string-append "--with-libclang-path=" clang
- "/lib")
-
- ;; Distribution
- "--with-distribution-id=org.guix"
- "--with-app-name=librewolf"
- "--with-app-basename=LibreWolf"
- "--with-branding=browser/branding/librewolf"
-
- ;; Features
- "--disable-tests"
- "--disable-updater"
- "--enable-pulseaudio"
- "--disable-crashreporter"
- "--allow-addon-sideload"
- "--with-unsigned-addon-scopes=app,system"
- "--disable-eme"
-
- ;; Build details
- "--disable-debug"
- "--enable-rust-simd"
- "--enable-release"
- "--enable-optimize"
- "--enable-strip"
- "--enable-hardening"
- "--disable-elf-hack"))
- #:imported-modules %cargo-utils-modules
- #:modules `((ice-9 regex)
- (ice-9 string-fun)
- (ice-9 ftw)
- (srfi srfi-1)
- (srfi srfi-26)
- (rnrs bytevectors)
- (rnrs io ports)
- (guix elf)
- (guix build gremlin)
- ,@%gnu-build-system-modules)
- #:phases #~(modify-phases %standard-phases
- (add-after 'unpack 'fix-preferences
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((port (open-file "browser/app/profile/firefox.js"
- "a")))
- (define (write-setting key value)
- (format port "~%pref(\"~a\", ~a);~%" key value)
- (format #t
+ (let ((version "127.0.2-2"))
+ (package
+ (name "librewolf")
+ (version version)
+ (source (make-librewolf-source
+ version
+ #:firefox-hash
+ "1s73fdp7k60058ylyvlixq13k5hfbmj6k1y42fmzqlpg7n62lyqb"
+ #:librewolf-hash
+ "1f4xz496x1nf7lmvk50hakj9p6q0kzxl5f9s2k0b6kczvyc8gw5n"))
+
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags
+ #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
"fix-preferences: setting value of ~a to ~a~%" key
value))
- ;; We should allow the sandbox to read the store directory,
- ;; because the sandbox has access to /usr on FHS distros.
- (write-setting
- "security.sandbox.content.read_path_whitelist"
- (string-append "\""
- (%store-directory) "/\""))
-
- ;; XDG settings should be managed by Guix.
- (write-setting "browser.shell.checkDefaultBrowser"
- "false")
- (close-port port))))
- (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
- (libavcodec (string-append ffmpeg
- "/lib/libavcodec.so")))
- ;; Arrange to load libavcodec.so by its absolute file name.
- (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
- (("libavcodec\\.so")
- libavcodec)))))
- (add-after 'patch-source-shebangs 'patch-cargo-checksums
- (lambda _
- (use-modules (guix build cargo-utils))
- (let ((null-hash
- ;; This is the SHA256 output of an empty string.
- (string-append
- "e3b0c44298fc1c149afbf4c8996fb924"
- "27ae41e4649b934ca495991b7852b855")))
- (for-each (lambda (file)
- (format #t
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
"patch-cargo-checksums: patching checksums in ~a~%"
file)
- (substitute* file
- (("(checksum = )\".*\"" all name)
- (string-append name "\"" null-hash
- "\""))))
- (find-files "." "Cargo\\.lock$"))
- (for-each generate-all-checksums
- '("build"
- "dom/media"
- "dom/webauthn"
- "gfx"
- "intl"
- "js"
- "media"
- "modules"
- "mozglue/static/rust"
- "netwerk"
- "remote"
- "security/manager/ssl"
- "servo"
- "storage"
- "third_party/rust"
- "toolkit"
- "xpcom/rust"
- "services")))))
- (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
- (lambda _
- ;; Remove --frozen flag from cargo invokation, otherwise it'll
- ;; complain that it's not able to change Cargo.lock.
- ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
- (substitute* "build/RunCbindgen.py"
- (("args.append\\(\"--frozen\"\\)") "pass"))))
- (delete 'bootstrap)
- (add-before 'configure 'patch-SpeechDispatcherService.cpp
- (lambda _
- (let* ((lib "libspeechd.so.2")
- (file (string-append
- "dom/media/webspeech/synth/"
- "speechd/SpeechDispatcherService.cpp"))
- (old-content (call-with-input-file file
- get-string-all)))
- (substitute
- file
- `((,(format #f "~s" lib) unquote
- (lambda (line _)
- (string-replace-substring
- line lib
- (string-append #$speech-dispatcher
- "/lib/" lib))))))
- (if (string=? old-content
- (call-with-input-file file
- get-string-all))
- (error
- "substitute did nothing, phase requires an update")))))
- (add-before 'configure 'set-build-id
- ;; Build will write the timestamp to output, which is harmful
- ;; for reproducibility, so change it to a fixed date. Use a
- ;; separate phase for easier modification with inherit.
- (lambda _
- (setenv "MOZ_BUILD_DATE"
- #$%librewolf-build-id)))
- (replace 'configure
- (lambda* (#:key inputs outputs configure-flags
- #:allow-other-keys)
- (setenv "AUTOCONF"
- (string-append (assoc-ref inputs "autoconf")
- "/bin/autoconf"))
- (setenv "SHELL"
- (which "bash"))
- (setenv "CONFIG_SHELL"
- (which "bash"))
- (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
- "system")
- ;; This should use the host info probably (does it
- ;; build on non-x86_64 though?)
- (setenv "GUIX_PYTHONPATH"
- (string-append (getcwd)
- "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
-
- ;; Use Clang, Clang is 2x faster than GCC
- (setenv "AR" "llvm-ar")
- (setenv "NM" "llvm-nm")
- (setenv "CC" "clang")
- (setenv "CXX" "clang++")
- (setenv "MOZ_NOSPAM" "1")
- (setenv "MOZ_APP_NAME" "librewolf")
-
- (setenv "MOZBUILD_STATE_PATH"
- (getcwd))
-
- (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
- (out (assoc-ref outputs "out"))
- (flags (cons (string-append "--prefix=" out)
- configure-flags)))
- (format #t "build directory: ~s~%"
- (getcwd))
- (format #t "configure flags: ~s~%" flags)
-
- (define write-flags
- (lambda flags
- (display (string-join (map (cut string-append
- "ac_add_options " <>)
- flags) "\n"))
- (display "\n")))
- (with-output-to-file mozconfig
- (lambda ()
- (apply write-flags flags)
- ;; The following option unsets Telemetry
- ;; Reporting. With the Addons Fiasco,
- ;; Mozilla was found to be collecting
- ;; user's data, including saved passwords
- ;; and web form data, without users
- ;; consent. Mozilla was also found
- ;; shipping updates to systems without
- ;; the user's knowledge or permission.
- ;; As a result of this, use the following
- ;; command to permanently disable
- ;; telemetry reporting.
- (display "unset MOZ_TELEMETRY_REPORTING\n")
- (display "mk_add_options MOZ_CRASHREPORTER=0\n")
- (display "mk_add_options MOZ_DATA_REPORTING=0\n")
- (display
- "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
- (display
- "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
- (setenv "MOZCONFIG" mozconfig))
- (invoke "./mach" "configure")))
- (add-before 'build 'fix-addons-placeholder
- (lambda _
- (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
- (("addons.mozilla.org")
- "gnuzilla.gnu.org"))))
- (replace 'build
- (lambda* (#:key (make-flags '())
- (parallel-build? #t) #:allow-other-keys)
- (apply invoke "./mach" "build"
- ;; mach will use parallel build if possible by default
- `(,@(if parallel-build?
- '()
- '("-j1")) ,@make-flags))))
- (add-after 'build 'neutralise-store-references
- (lambda _
- ;; Mangle the store references to compilers &
- ;; other build tools in about:buildconfig,
- ;; reducing the package's closure by 1 GiB on
- ;; x86-64.
- (let* ((build-dir (car (scandir "."
- (cut string-prefix?
- "obj-" <>))))
- (file (string-append build-dir
- "/dist/bin/chrome/toolkit/"
- "content/global/buildconfig.html")))
- (substitute* file
- (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
- (regexp-quote (%store-directory)))
- _ store hash)
- (string-append store
- (string-take hash 8)
- "<!-- Guix: not a runtime dependency -->"
- (string-drop hash 8)))))))
- (replace 'install
- (lambda _
- (invoke "./mach" "install")))
- (add-after 'install 'remove-duplicate-bin
- (lambda* (#:key outputs #:allow-other-keys)
- (delete-file (string-append #$output
- "/lib/librewolf/librewolf-bin"))))
- (add-after 'install 'wrap-glxtest
- ;; glxtest uses dlopen() to load mesa and pci
- ;; libs, wrap it to set LD_LIBRARY_PATH.
- (lambda* (#:key inputs outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (libs (map
- (lambda (lib-name)
- (string-append (assoc-ref inputs
- lib-name)
- "/lib"))
- '("mesa" "pciutils"))))
- (wrap-program (car (find-files lib "^glxtest$"))
- `("LD_LIBRARY_PATH" prefix ,libs)))))
- (add-after 'install 'patch-config
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((lib (string-append #$output "/lib/librewolf"))
- (config-file "librewolf.cfg"))
-
- ;; Required for Guix packaged extensions
- ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
- ;; Default is 5.
- (substitute* (in-vicinity lib config-file)
- (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
- "defaultPref(\"extensions.enabledScopes\", 13)"))
- ;; Use Mozzarella addons repo.
- (call-with-port
- (open-file
- (in-vicinity lib config-file)
- "a")
- (lambda (port)
- ;; Add-ons panel (see settings.js in Icecat source).
- (for-each
- (lambda (pref)
- (format port
- "defaultPref(~s, ~s);~%"
- (car pref)
- (cdr pref)))
- `(("extensions.getAddons.search.browseURL"
- ,(string-append
- "https://gnuzilla.gnu.org/mozzarella/"
- "search.php?q=%TERMS%"))
- ("extensions.getAddons.get.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.link.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.discovery.api_url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("extensions.getAddons.langpacks.url" .
- "https://gnuzilla.gnu.org/mozzarella")
- ("lightweightThemes.getMoreURL" .
- "https://gnuzilla.gnu.org/mozzarella"))))))))
- (add-after 'install 'wrap-program
- (lambda* (#:key inputs outputs #:allow-other-keys)
- ;; The following two functions are from Guix's icecat package in
- ;; (gnu packages gnuzilla). See commit
- ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
- (define (runpath-of lib)
- (call-with-input-file lib
- (compose elf-dynamic-info-runpath elf-dynamic-info
- parse-elf get-bytevector-all)))
- (define (runpaths-of-input label)
- (let* ((dir (string-append (assoc-ref inputs label)
- "/lib"))
- (libs (find-files dir "\\.so$")))
- (append-map runpath-of libs)))
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (libs (map
- (lambda (lib-name)
- (string-append (assoc-ref inputs
- lib-name)
- "/lib"))
- '("mesa" "libpng-apng" "libnotify" "libva"
- "pulseaudio" "gtk+" "pipewire"
- ;; For U2F and WebAuthn
- "eudev")))
-
- ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
- ;; and must be explicitly given access to files it needs.
- ;; Rather than adding the whole store (as Nix had
- ;; upstream do, see
- ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
- ;; linked upstream patches), we can just follow the
- ;; runpaths of the needed libraries to add everything to
- ;; LD_LIBRARY_PATH. These will then be accessible in the
- ;; RDD sandbox.
- (rdd-whitelist (map (cut string-append <> "/")
- (delete-duplicates (append-map
- runpaths-of-input
- '("mesa"
- "ffmpeg")))))
- (gtk-share (string-append (assoc-ref inputs
- "gtk+")
- "/share")))
- (wrap-program (car (find-files lib "^librewolf$"))
- `("LD_LIBRARY_PATH" prefix
- (,@libs ,@rdd-whitelist))
- `("XDG_DATA_DIRS" prefix
- (,gtk-share))
- `("MOZ_LEGACY_PROFILES" =
- ("1"))
- `("MOZ_ALLOW_DOWNGRADE" =
- ("1"))))))
- (add-after 'wrap-program 'install-desktop-entry
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((desktop-file
- "taskcluster/docker/firefox-snap/firefox.desktop")
- (applications (string-append #$output
- "/share/applications")))
- (substitute* desktop-file
- (("^Exec=firefox")
- (string-append "Exec="
- #$output "/bin/librewolf"))
- ;; "Firefox" -> "LibreWolf" everywhere
- (("Firefox")
- "LibreWolf")
- ;; Remove non-Latin translations.
- (("^Name\\[(ar|bn)\\].*$")
- "")
- (("^Icon=.*")
- (string-append "Icon="
- #$output
- "/share/icons/hicolor/128x128/apps/librewolf.png
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build"
+ "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("args.append\\(\"--frozen\"\\)") "pass"))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa and pci
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "pciutils"))))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix ,libs)))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ `(("extensions.getAddons.search.browseURL"
+ ,(string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%"))
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "libpng-apng" "libnotify" "libva"
+ "pulseaudio" "gtk+" "pipewire"
+ ;; For U2F and WebAuthn
+ "eudev")))
+
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,@libs ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
"))
- ;; These commands were changed.
- (("-NewWindow")
- "-new-window")
- (("-NewPrivateWindow")
- "-new-private-window")
- (("StartupNotify=true")
- "StartupNotify=true
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
StartupWMClass=Navigator"))
- (copy-file desktop-file "librewolf.desktop")
- (install-file "librewolf.desktop" applications))))
- (add-after 'install-desktop-entry 'install-icons
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((icon-source-dir (string-append #$output
- "/lib/librewolf/browser/"
- "chrome/icons/default")))
- (for-each (lambda (size)
- (let ((dest (string-append #$output
- "/share/icons/hicolor/"
- size
- "x"
- size
- "/apps")))
- (mkdir-p dest)
- (symlink (string-append icon-source-dir
- "/default" size ".png")
- (string-append dest
- "/librewolf.png"))))
- '("16" "32" "48" "64" "128"))))))
-
- ;; Test will significantly increase build time but with little rewards.
- #:tests? #f
-
- ;; WARNING: Parallel build will consume lots of memory!
- ;; If you have encountered OOM issue in build phase, try disable it.
- #:parallel-build? #t
-
- ;; Some dynamic lib was determined at runtime, so rpath check may fail.
- #:validate-runpath? #f))
- (inputs (list bash-minimal
- bzip2
- cairo
- cups
- dbus-glib
- freetype
- ffmpeg
- gdk-pixbuf
- glib
- gtk+
- gtk+-2
- hunspell
- icu4c-73
- jemalloc
- libcanberra
- libevent
- libffi
- libgnome
- libjpeg-turbo
- libnotify
- libpng-apng
- libva
- libvpx
- libwebp
- libxcomposite
- libxft
- libxinerama
- libxscrnsaver
- libxt
- mesa
- mit-krb5
- nspr
- nss/fixed
- pango
- pciutils
- pipewire
- pixman
- pulseaudio
- speech-dispatcher
- sqlite
- startup-notification
- eudev
- unzip
- zip
- zlib))
- (native-inputs (list alsa-lib
- autoconf-2.13
- `(,rust-librewolf "cargo")
- clang-18
- llvm-18
- m4
- nasm
- node-lts
- perl
- pkg-config
- python
- rust-librewolf
- rust-cbindgen-0.26
- which
- yasm))
- (home-page "https://librewolf.net/")
- (synopsis
- "Custom version of Firefox, focused on privacy, security and freedom")
- (description
- "LibreWolf is designed to increase protection against tracking and
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss-latest
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang-18
+ llvm-18
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
fingerprinting techniques, while also including a few security improvements.
This is achieved through our privacy and security oriented settings and
patches. LibreWolf also aims to remove all the telemetry, data collection and
annoyances, as well as disabling anti-freedom features like DRM.")
- (license license:mpl2.0)))
+ (license license:mpl2.0))))
--
2.45.1
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
Received: (at 71832) by debbugs.gnu.org; 29 Jun 2024 04:00:15 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 29 00:00:15 2024
Received: from localhost ([127.0.0.1]:36609 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sNPG3-0000k8-6s
for submit <at> debbugs.gnu.org; Sat, 29 Jun 2024 00:00:15 -0400
Received: from fout7-smtp.messagingengine.com ([103.168.172.150]:34159)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ian@HIDDEN>) id 1sNPG0-0000ik-OO
for 71832 <at> debbugs.gnu.org; Sat, 29 Jun 2024 00:00:13 -0400
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47])
by mailfout.nyi.internal (Postfix) with ESMTP id 4C0941380481;
Sat, 29 Jun 2024 00:00:07 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute6.internal (MEProxy); Sat, 29 Jun 2024 00:00:07 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h=
cc:cc:content-transfer-encoding:content-type:date:date:from:from
:in-reply-to:message-id:mime-version:reply-to:subject:subject:to
:to; s=fm1; t=1719633607; x=1719720007; bh=xJ5vDGQmMCogEZ9Ltpxs2
99XYYgKmWbiY6+ONSDlUOw=; b=hyb9VahKAVIztY15ghg4y0LeeQe89qXMvIKG5
CII5hfHXKI2R4qClXv8uBjLw1Uxr51q2HvpuYGeNgN/DM+2fNbPKiV3auhnLug/w
G4U78dV+Rbd63aYkgomfwsHISQcOTAUqJxlPW6TESP++qsvMkfEicAzAa7Frde/W
HjxM096V7LxlPNwhspVWMxeTA5H7mcZwJDUpvcWr6xaujFKT2vgo5Hq2AuAMSFvd
3mXKYT45EeXh/sKuFGdiM987APRDybIgRSBs1TAIt2NcgXHyqMtTP30KOkAbVNFd
os8tWb2+qVCmBxeNsoZyVCv2XpZ2tDdKsKhPqER/ZisEB+htw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:date:date:feedback-id:feedback-id:from:from
:in-reply-to:message-id:mime-version:reply-to:subject:subject:to
:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
fm2; t=1719633607; x=1719720007; bh=xJ5vDGQmMCogEZ9Ltpxs299XYYgK
mWbiY6+ONSDlUOw=; b=UlWZRYfdSEF3o71ljKrIcOhAuaU3NkA3yjy2BVY58/ex
dTCtEwthUZwKmDzvo6onL4f6pO0lnbrLfpmhV19IyRBXDBeNw4kE9+xgoKTYK7Qc
JPBItbltPq7PyvNtUbwSQO6vvqxgu5bL/s+Jj0FaYmJQPNy29e5Uey4VJ0yluZFb
5Nrc6MRs2tPpQHDgcHjU/wHYmrpWIKRHx7hLu2mVDofvQCZaGqrsK9pXkqcjNgLe
gAbtnNjwW66P/wYC+cymwDzEMoITMPDMNv9FTvJtpIEmCuaKfe0k0/MyHI/vUe5Z
7vMdkFj38qi+KyxfBHf56JNShEW2bj1r8ovBUbQdWg==
X-ME-Sender: <xms:xoZ_ZiGMYuuR3pjrf5bv0CK9EzAl8n1KRX9WNxXXVesIiSV4fZzyMw>
<xme:xoZ_ZjVsPdecr-evfqPdzAUrHUf_F4F0nhtPnQyauIrK8-zE1lELn0nXqwYMZsdrg
V1meIGiB57hw3S16A>
X-ME-Received: <xmr:xoZ_ZsIIm4LUmHYHQMFCot-HGiVTF-ZTA4IekVw3f8A_LZeDw9zIwOok_UsidsHoTYRI4ni5g67VpHRG-7tpBAaZQEwcG72WuYkegASx5sTfz8-tyx_T-Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrtdekgdejjecutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgggfestdekredtre
dttdenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgvtgdrthhv
qeenucggtffrrghtthgvrhhnpefgvdejhfelhfeftdeileelfedvhfefffetfeeuteelgf
dvleffleevgfefueekjeenucffohhmrghinhepmhhoiihilhhlrgdrohhrghenucevlhhu
shhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvghtrh
hoshhpvggtrdhtvh
X-ME-Proxy: <xmx:x4Z_ZsFynHmaPfYBrXiVu8qRdxPsjdPLMclT0nBNQHgREh82pmZa6A>
<xmx:x4Z_ZoUG5roc5zcYLoklc7D9DQot3y39hdgM7BnT99IAKrqljoqhUg>
<xmx:x4Z_ZvPgThf4NheJrkk0UbSv8d4DCfSfwj9gPFyv2Wii7uiDrsWtXw>
<xmx:x4Z_Zv2qUVfSozD5yHM4TeZAjPryz0rdnf0MLJhG0yoNMZmkMhVC6w>
<xmx:x4Z_Zlh_tz58_6Ke8A133q5xTfUyXnFMXZUI87xj2SN7VKKpxAKRVJi->
Feedback-ID: id9014242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat,
29 Jun 2024 00:00:06 -0400 (EDT)
From: Ian Eure <ian@HIDDEN>
To: 71832 <at> debbugs.gnu.org
Subject: [PATCH 1/2] gnu: Add nss-latest.
Date: Fri, 28 Jun 2024 20:59:56 -0700
Message-ID: <20240629035957.21688-1-ian@HIDDEN>
X-Mailer: git-send-email 2.45.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 71832
Cc: Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
* gnu/packages/nss.scm (nss-latest): New variable.
Change-Id: Ifdc215090a20dee1bde83013852ef21b6cfd9979
---
gnu/packages/nss.scm | 67 ++++++++++++++++++++++++++++++++++++++++----
1 file changed, 61 insertions(+), 6 deletions(-)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index d558079f44..6b45e59ea8 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,6 +106,9 @@ (define-public nspr-4.32
(base32
"0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv"))))))
+;; nss should track ESRs, but currently doesn't. When the next ESR it out, it
+;; should get updated.
+
(define-public nss
(package
(name "nss")
@@ -153,13 +156,13 @@ (define-public nss
;; Ensure we are building for the (%current-target-system).
#$@(if (%current-target-system)
#~((string-append
- "OS_TEST="
- (string-take #$(%current-target-system)
- (string-index #$(%current-target-system) #\-)))
+ "OS_TEST="
+ (string-take #$(%current-target-system)
+ (string-index #$(%current-target-system) #\-)))
(string-append
- "KERNEL=" (cond (#$(target-hurd?) "gnu")
- (#$(target-linux?) "linux")
- (else ""))))
+ "KERNEL=" (cond (#$(target-hurd?) "gnu")
+ (#$(target-linux?) "linux")
+ (else ""))))
#~())
#$@(if (%current-target-system)
#~("CROSS_COMPILE=1")
@@ -303,6 +306,58 @@ (define-public nss/fixed
(invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))))))))))
+;; nss-latest tracks the latest released version.
+
+(define-public nss-latest
+ (package
+ (inherit nss)
+ (name "nss-latest")
+ (version "3.101")
+ (source (origin
+ (inherit (package-source nss))
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1rw5xpclsy174znvxcb4d4zgjwadxy45mbh0wvkm3fxpnkq4i5w5"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nss)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (if tests?
+ (begin
+ ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for
+ ;; testing. The latter requires a working DNS or /etc/hosts.
+ (setenv "DOMSUF" "localdomain")
+ (setenv "USE_IP" "TRUE")
+ (setenv "IP_ADDRESS" "127.0.0.1")
+
+ ;; This specific test is looking at performance "now
+ ;; verify that we can quickly dump a database", and
+ ;; we're not testing performance here (especially
+ ;; since we're using faketime), so raise the
+ ;; threshold
+ (substitute* "nss/tests/dbtests/dbtests.sh"
+ ((" -lt 5") " -lt 50"))
+
+ ;; Since the test suite is very lengthy, run the test
+ ;; suite once, not thrice as done by default, by
+ ;; selecting only the 'standard' cycle.
+ (setenv "NSS_CYCLES" "standard")
+
+ ;; The "PayPalEE.cert" certificate expires every six months,
+ ;; leading to test failures:
+ ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
+ ;; work around that, set the time to roughly the release date.
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
+ (format #t "test suite not run~%"))))))))))
+
(define-public nsncd
(package
(name "nsncd")
--
2.45.1
guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.Received: (at submit) by debbugs.gnu.org; 29 Jun 2024 03:57:28 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Jun 28 23:57:27 2024 Received: from localhost ([127.0.0.1]:36602 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1sNPDL-0000ce-MU for submit <at> debbugs.gnu.org; Fri, 28 Jun 2024 23:57:27 -0400 Received: from lists.gnu.org ([209.51.188.17]:49360) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1sNPDJ-0000cU-If for submit <at> debbugs.gnu.org; Fri, 28 Jun 2024 23:57:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ian@HIDDEN>) id 1sNPDJ-0003we-OC for guix-patches@HIDDEN; Fri, 28 Jun 2024 23:57:25 -0400 Received: from fout7-smtp.messagingengine.com ([103.168.172.150]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ian@HIDDEN>) id 1sNPDH-0002Nu-Fm for guix-patches@HIDDEN; Fri, 28 Jun 2024 23:57:25 -0400 Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailfout.nyi.internal (Postfix) with ESMTP id B45A11380476; Fri, 28 Jun 2024 23:57:20 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Fri, 28 Jun 2024 23:57:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm1; t=1719633440; x=1719719840; bh=ge 768emLCP8D3D/TY3QQMi2R2w7nud9EVT81un0rCGc=; b=Z6Eh33Uj7KzCzlM8W7 ltlqcgdnjsITiTpXk8gBky34Btd+SqShO8fnFTUqdXxYzsakuryx18+wXQKzvIPv leGWCOvVnNp6P0BOlMHlAuDnA7Y21YnCuTty1RfyzAG8NRnV8S/LlcHnZfG9C1+U BM+IvLtNk6GbZnD9lIHUGmHgMweRzSWmeLA+sRzEacr6pYcrM7dqv3DpRdTD44+a htzZ5f+UwwwJ2nqZqk5GNEknpq4OUsYevIzCXImlOdKMTBqFMExrFOFkM7Gw14rp /OmA5P0IF5uq0sPa7342retT284SG5Cc7dw/dcrVQUeUMDFmEEH8bESrXUbCQTNL MHPw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1719633440; x=1719719840; bh=ge768emLCP8D3 D/TY3QQMi2R2w7nud9EVT81un0rCGc=; b=YoBUuiNp+KsCgR76pN0LH9av/9aaY 4NcF4G76hghe0Wxk2osuWcJlNTYsDjNYf/38FHnTQ7jtkKCjk3OQ9Nypc7UsTihr 6xprxc1d0XfRhbf4DR9WxZmZXUf581Ld3KJMaEVLgw2x0H4dhAZN+d581kRw/2RT KuxXVFBQbcdziJu5OkB9OvazxJTtIm0SmY96eOUciBltZsz5Qwe4JkX49jLdZK2/ MNMvzsDV0uQDlnAUgfR+Emi4wG861fePrfp2yErDWCCj8RzT/HvkQhU875HVR5Kr EAWnLp7Q1HmyepNQWp96EXCRL8ZTFRuqTFs22rBlGLmWuozSGUl6Zz4hQ== X-ME-Sender: <xms:IIZ_ZkC6XlQU34Ay4GHNEVFmtLswbd_rzN1MQrvF0PRusisGOyzF-Q> <xme:IIZ_ZmjpoIIK5cHg7jN_cYoiCKFN6o7sS9156LK1ziIXmFiaBVrgH205PBCH57mm3 4xXlcb9_kA0oMI8JQ> X-ME-Received: <xmr:IIZ_Znkpd4M-XwMvj2jUl_k71NDeR2KmFPdwOFyD4de6qwM0mBJdNXGqy4HGOl1IM0OAjhUbnQ9Llc7py0p0lOIgLKm_cM2wi787nLq7X2QEoHJWG9hktg> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrtdekgdejjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofggtgfgsehtkeertd ertdejnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghnsehrvghtrhhoshhpvggtrdht vheqnecuggftrfgrthhtvghrnhepjeeugfehgffffeethedvtdduudethfdvtdefudfhud fgvddvueelgfefhfehhfehnecuffhomhgrihhnpehgnhhurdhorhhgnecuvehluhhsthgv rhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsph gvtgdrthhv X-ME-Proxy: <xmx:IIZ_ZqzKbneaQAisQJ15hovobui2ArGi4tJWeEhc3dWc1kTnYZn7fw> <xmx:IIZ_ZpSXFp-cizPgobOZWlk90W9Xzav8jOVkGh9M1RN--jpylGj3GQ> <xmx:IIZ_ZlYeJJ6J2eW3IHd6HPEcLvDTnaHURaCyUq96AmteHED1hY-Mjw> <xmx:IIZ_ZiTAh8aad0TJ9Ybs_wyd7vjuoNSvM8RLIsxM9BcLP1rbQSKMwQ> <xmx:IIZ_ZkeDPRv7JrTVhwaGR2qt8B_zi3fjdCpseYZ4GWxQncdnM_C8FNMB> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 28 Jun 2024 23:57:19 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: guix-patches@HIDDEN Subject: [PATCH 0/2] Add nss-latest; updte Librewolf to 127.0.2-2. Date: Fri, 28 Jun 2024 20:57:16 -0700 Message-ID: <20240629035716.21504-1-ian@HIDDEN> X-Mailer: git-send-email 2.45.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=103.168.172.150; envelope-from=ian@HIDDEN; helo=fout7-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.6 (-) X-Debbugs-Envelope-To: submit Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.6 (--) This patch series begins implementing my proposal for nss[1], by adding nss-latest (at version 3.101). When the next ESR is out, I’ll update and ungraft the other nss, as proposed. It also updates Librewolf to 127.0.2-2, the latest version. Librewolf 127.x requires nss >= 3.100, so both patches are combined in this series. LW also builds with Rust 1.77 now, since that’s the new minimum version (and the default version used by upstream Firefox builds). [1]: https://lists.gnu.org/archive/html/guix-devel/2024-06/msg00318.html Ian Eure (2): gnu: Add nss-latest. gnu: librewolf: Update to 127.0.2-1. gnu/packages/librewolf.scm | 1039 ++++++++++++++++++------------------ gnu/packages/nss.scm | 67 ++- 2 files changed, 587 insertions(+), 519 deletions(-) -- 2.45.1
Ian Eure <ian@HIDDEN>:guix-patches@HIDDEN.
Full text available.guix-patches@HIDDEN:bug#71832; Package guix-patches.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.