From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marius Bakke Subject: Re: [PATCH] gnu: Add inox. Date: Wed, 11 Jan 2017 18:48:30 +0100 Message-ID: <87y3yh7aj5.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> References: <20170110120856.17190-1-david@craven.ch> <20170110190214.GA31184@jasmine> <87o9ze8pqz.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:45874) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cRN0n-0003e2-WF for guix-devel@gnu.org; Wed, 11 Jan 2017 12:48:39 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cRN0j-0006g0-8T for guix-devel@gnu.org; Wed, 11 Jan 2017 12:48:38 -0500 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:54078) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cRN0j-0006fr-3o for guix-devel@gnu.org; Wed, 11 Jan 2017 12:48:33 -0500 In-Reply-To: List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: David Craven Cc: guix-devel --=-=-= Content-Type: text/plain David Craven writes: >> One thing that worries me about Inox is that version 53 is very old and >> likely contains known vulnerabilities. Do you know if they backport >> fixes? If not, I think we should try to stick with upstream Chromium. > > This is due to me not having worked on it for a while. Inox are just a couple > of patches and default configure flags, but it's still chromium. I'm not too > concerned with inox, but *whisper* I got the impression that there where > FSDG issues with chromium. By applying a bunch of patches and calling it > inox instead of chromium, I think it could be considered a "good faith effort", > and the problem avoided until someone complains. > > Another interesting collection of chromium patches would be: > https://github.com/Eloston/ungoogled-chromium I actually picked most of the patches from ungoogled-chromium (which includes inox and iridium), but skipped "high maintenance" ones. This started as an attempt to package that very project, but they were lagging too far behind upstream IMO. FSDG problems is the reason I haven't advertised it. At the very least, the Google integrations should be disabled and analytics removed (but Chromium can't currently build without either). I think if most of the "FIXMEs" are resolved upstream, it might be eligible for a free distro. Now that the cat is out of the box, feel free to send patches somewhere and I'll incorporate them in the branch :-) --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlh2b+4ACgkQoqBt8qM6 VPotZgf/YVbHcFnHRtnHEKAc6gTii765IydtIm/h9qiCT7jjBNNZHExCH7aN82Ww OndEByp/RFcJxG/uLLSXJYTtigUCMuaBMozeaI0nqZuAhlNBMWnzD6yAgf1Ingqq ObYl6ZVOZPMjvlKraDrXmGWzUB8P6SjqlNQfzrRTDLH5AMb4XTGF+nmZDnz+Zi02 /NvzmXxDuuI3wTTEN5DoCA+5WNBh2Ige75H8ZUpzx8vyVuHbKeN9POYiSAQjEcx1 iSB4Og7ohS0GZuNFQ0VQovz2/7jGmw3zHrT/iTX9nE0U7ir1Rz6dHIYPRtJGGlXE rkSmiMjwUVyrr7DeUzlnkolBfr8nEw== =IaWN -----END PGP SIGNATURE----- --=-=-=--