* [bug#28004] Chromium
@ 2017-08-07 19:58 Marius Bakke
2017-08-07 20:23 ` ng0
` (7 more replies)
0 siblings, 8 replies; 91+ messages in thread
From: Marius Bakke @ 2017-08-07 19:58 UTC (permalink / raw)
To: 28004
[-- Attachment #1.1: Type: text/plain, Size: 435 bytes --]
Hello Guix!
Attached is a patch for Chromium, a popular web browser.
It requires the new ld wrapper from 'core-updates' and a very powerful
build machine (a quad-core Sandy Bridge Xeon uses 2-3 hours).
Note that I cannot guarantee timely delivery of security updates. Major
version upgrades are hugely painful, and almost always contain many
high-severity fixes. Should we mention that in the description?
Happy for any feedback.
[-- Attachment #1.2: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 43663 bytes --]
From 8679de14536a8ff12cc6a7da5c51d669bd23fbe6 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm: New file.
* gnu/packages/patches/chromium-disable-api-keys-warning.patch,
gnu/packages/patches/chromium-disable-third-party-cookies.patch,
gnu/packages/patches/chromium-gn-bootstrap.patch,
gnu/packages/patches/chromium-system-icu.patch,
gnu/packages/patches/chromium-system-libevent.patch,
gnu/packages/patches/chromium-system-nspr.patch,
gnu/packages/patches/chromium-system-libxml.patch: New files.
* gnu/local.mk: Record it.
---
gnu/local.mk | 8 +
gnu/packages/chromium.scm | 594 +++++++++++++++++++++
.../chromium-disable-api-keys-warning.patch | 17 +
.../chromium-disable-third-party-cookies.patch | 13 +
gnu/packages/patches/chromium-gn-bootstrap.patch | 13 +
gnu/packages/patches/chromium-system-icu.patch | 15 +
.../patches/chromium-system-libevent.patch | 84 +++
gnu/packages/patches/chromium-system-libxml.patch | 29 +
gnu/packages/patches/chromium-system-nspr.patch | 65 +++
9 files changed, 838 insertions(+)
create mode 100644 gnu/packages/chromium.scm
create mode 100644 gnu/packages/patches/chromium-disable-api-keys-warning.patch
create mode 100644 gnu/packages/patches/chromium-disable-third-party-cookies.patch
create mode 100644 gnu/packages/patches/chromium-gn-bootstrap.patch
create mode 100644 gnu/packages/patches/chromium-system-icu.patch
create mode 100644 gnu/packages/patches/chromium-system-libevent.patch
create mode 100644 gnu/packages/patches/chromium-system-libxml.patch
create mode 100644 gnu/packages/patches/chromium-system-nspr.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index acdadd629..8fb6e63ce 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -86,6 +86,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/certs.scm \
%D%/packages/check.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cmake.scm \
%D%/packages/code.scm \
@@ -540,6 +541,13 @@ dist_patch_DATA = \
%D%/packages/patches/chicken-CVE-2017-6949.patch \
%D%/packages/patches/chicken-CVE-2017-11343.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-disable-api-keys-warning.patch \
+ %D%/packages/patches/chromium-disable-third-party-cookies.patch \
+ %D%/packages/patches/chromium-gn-bootstrap.patch \
+ %D%/packages/patches/chromium-system-libevent.patch \
+ %D%/packages/patches/chromium-system-libxml.patch \
+ %D%/packages/patches/chromium-system-icu.patch \
+ %D%/packages/patches/chromium-system-nspr.patch \
%D%/packages/patches/clang-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clucene-pkgconfig.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..81bcb8f05
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,594 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define opus+custom
+ (package (inherit opus)
+ (arguments
+ `(;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ #:configure-flags '("--enable-custom-modes")
+ ,@(package-arguments opus)))))
+
+;; Chromium since 58 depends on an unreleased libvpx. So, we
+;; package the latest master branch as of 2017-08-05.
+(define libvpx+experimental
+ (package
+ (inherit libvpx)
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libvpx")
+ (commit "cbb83ba4aa99b40b0b4a2a407bfd6d0d8be87d1f")))
+ (file-name "libvpx-for-chromium-checkout")
+ (sha256
+ (base32
+ "1rj4ag0zg8c7cn4a9q75vslk5wc7vqy119k669286lxy8dvarh86"))))
+ ;; TODO: Make libvpx configure flags overrideable.
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (setenv "CONFIG_SHELL" (which "bash"))
+ (let ((out (assoc-ref outputs "out")))
+ (setenv "LDFLAGS"
+ (string-append "-Wl,-rpath=" out "/lib"))
+ (zero? (system* "./configure"
+ "--enable-shared"
+ "--as=yasm"
+ ;; Limit size to avoid CVE-2015-1258
+ "--size-limit=16384x16384"
+ ;; Spatial SVC is an experimental VP9 encoder
+ ;; used by some packages (i.e. Chromium).
+ "--enable-experimental"
+ "--enable-spatial-svc"
+ (string-append "--prefix=" out)))))))
+ #:tests? #f)))) ; No tests.
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "60.0.3112.90")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "1rirhwvccidza4q4z1gqdwcd9v1bymh1m9r2cq8jhiabfrjpjbxl"))
+ (patches (search-patches
+ "chromium-gn-bootstrap.patch"
+ "chromium-system-nspr.patch"
+ "chromium-system-icu.patch"
+ "chromium-system-libevent.patch"
+ "chromium-system-libxml.patch"
+ "chromium-disable-api-keys-warning.patch"
+ "chromium-disable-third-party-cookies.patch"))
+ (modules '((srfi srfi-1)
+ (guix build utils)))
+ (snippet
+ '(begin
+ ;; Replace GN files from third_party with shims for building
+ ;; against system libraries. Keep this list in sync with
+ ;; "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("freetype.gn" . "third_party/freetype/BUILD.gn")
+ '("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ '("libxml.gn" . "third_party/libxml/BUILD.gn")
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f ; How?
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it's not recognized when passed.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'remove-bundled-software
+ (lambda _
+ (let ((keep-libs
+ (list
+ ;; Third party folders that cannot be deleted yet.
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ; glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/numerics"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/murmurhash"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/boringssl"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/third_party/py_vulcanize"
+ "third_party/catapult/third_party/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/third_party/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ ;; XXX Needed by pdfium since 59.
+ "third_party/freetype"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml/chromium"
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/modp_b64"
+ "third_party/mt19937ar"
+ "third_party/node"
+ "third_party/node/node_modules/vulcanize/third_party/UglifyJS2"
+ "third_party/openmax_dl"
+ "third_party/ots"
+ "third_party/pdfium" ;TODO: can be built standalone.
+ "third_party/pdfium/third_party"
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/smhasher"
+ ;; XXX the sources that include this are generated.
+ "third_party/speech-dispatcher"
+ "third_party/spirv-headers"
+ "third_party/spirv-tools-angle"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/vulkan"
+ "third_party/vulkan-validation-layers"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol")))
+ ;; FIXME: implement as source snippet. This traverses
+ ;; any "third_party" directory and deletes files that are:
+ ;; * not ending with ".gn" or ".gni"; or
+ ;; * not explicitly named as argument (folder or file).
+ (zero? (apply system* "python"
+ "build/linux/unbundle/remove_bundled_libraries.py"
+ "--do-remove" keep-libs)))))
+ (add-after 'remove-bundled-software 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/tracked_objects.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (append (find-files "third_party/opus/src/celt")
+ (find-files "third_party/opus/src/src")
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus"))))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute* "breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "is_official_build=false"
+ "is_clang=false"
+ "use_gold=false"
+ "linux_use_bundled_binutils=false"
+ "use_sysroot=false"
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ "override_build_date=\"01 01 2000 05:00:00\""
+ ;; Don't fail when using deprecated ffmpeg features.
+ "treat_warnings_as_errors=false"
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ; Don't use tcmalloc.
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if necessary.
+ ;; https://www.chromium.org/developers/how-tos/api-keys
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+
+ "use_system_libjpeg=true"
+ ;; This is currently not supported on Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;; "use_system_sqlite=true"
+ "use_gtk3=true"
+ "use_gconf=false" ; deprecated by gsettings
+ "use_gnome_keyring=false" ; deprecated by libsecret
+ "use_xkbcommon=true"
+ "link_pulseaudio=true"
+ "use_openh264=true"
+
+ ;; Don't arbitrarily restrict formats supported by our ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libjpeg=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ; 2.0
+ "rtc_build_libyuv=true"
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "gcc")
+ (setenv "CXX" "g++")
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (zero? (system* "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v"))
+ ;; Generate ninja build files.
+ (zero? (system* "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " "))))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (zero? (system* "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome"))))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(so|bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (mkdir-p applications)
+ (call-with-output-file (string-append applications
+ "/chromium.desktop")
+ (lambda (port)
+ (format port
+ "[Desktop Entry]~@
+ Name=Chromium~@
+ Comment=~a~@
+ Exec=~a~@
+ Icon=chromium.png~@
+ Type=Application~%" ,synopsis exe)))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p man)
+ (copy-file "chrome.1" (string-append man "/chromium.1"))
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ CHROMIUM_FLAGS=\"--disable-background-networking\"~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\"$CHROMIUM_FLAGS --disable-extensions\"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("git" ,git) ; last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ;; Headers.
+ ("curl" ,curl)
+ ("valgrind" ,valgrind)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("udev" ,eudev)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c)
+ ("jsoncpp" ,jsoncpp)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser using the @code{Blink} rendering engine.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; software with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
diff --git a/gnu/packages/patches/chromium-disable-api-keys-warning.patch b/gnu/packages/patches/chromium-disable-api-keys-warning.patch
new file mode 100644
index 000000000..c7e219f40
--- /dev/null
+++ b/gnu/packages/patches/chromium-disable-api-keys-warning.patch
@@ -0,0 +1,17 @@
+Disable warning about missing API keys.
+
+Copied from:
+
+https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/google-api-warning.patch
+
+--- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc
++++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc
+@@ -816,8 +816,6 @@ void StartupBrowserCreatorImpl::AddInfoB
+ !command_line_.HasSwitch(switches::kTestType) &&
+ !command_line_.HasSwitch(switches::kEnableAutomation)) {
+ chrome::ShowBadFlagsPrompt(browser);
+- GoogleApiKeysInfoBarDelegate::Create(InfoBarService::FromWebContents(
+- browser->tab_strip_model()->GetActiveWebContents()));
+ ObsoleteSystemInfoBarDelegate::Create(InfoBarService::FromWebContents(
+ browser->tab_strip_model()->GetActiveWebContents()));
+
diff --git a/gnu/packages/patches/chromium-disable-third-party-cookies.patch b/gnu/packages/patches/chromium-disable-third-party-cookies.patch
new file mode 100644
index 000000000..0694c35f3
--- /dev/null
+++ b/gnu/packages/patches/chromium-disable-third-party-cookies.patch
@@ -0,0 +1,13 @@
+Disable third party cookies by default.
+
+--- a/components/content_settings/core/browser/cookie_settings.cc
++++ b/components/content_settings/core/browser/cookie_settings.cc
+@@ -101,7 +101,7 @@ void CookieSettings::GetCookieSettings(
+ void CookieSettings::RegisterProfilePrefs(
+ user_prefs::PrefRegistrySyncable* registry) {
+ registry->RegisterBooleanPref(
+- prefs::kBlockThirdPartyCookies, false,
++ prefs::kBlockThirdPartyCookies, true,
+ user_prefs::PrefRegistrySyncable::SYNCABLE_PREF);
+ }
+
diff --git a/gnu/packages/patches/chromium-gn-bootstrap.patch b/gnu/packages/patches/chromium-gn-bootstrap.patch
new file mode 100644
index 000000000..6d1dcb166
--- /dev/null
+++ b/gnu/packages/patches/chromium-gn-bootstrap.patch
@@ -0,0 +1,13 @@
+description: add file needed to build gn
+author: Michael Gilbert <mgilbert@debian.org>
+
+--- a/tools/gn/bootstrap/bootstrap.py
++++ b/tools/gn/bootstrap/bootstrap.py
+@@ -490,6 +490,7 @@ def write_gn_ninja(path, root_gen_dir, o
+ 'base/sys_info.cc',
+ 'base/task_runner.cc',
+ 'base/task_scheduler/delayed_task_manager.cc',
++ 'base/task_scheduler/environment_config.cc',
+ 'base/task_scheduler/post_task.cc',
+ 'base/task_scheduler/priority_queue.cc',
+ 'base/task_scheduler/scheduler_lock_impl.cc',
diff --git a/gnu/packages/patches/chromium-system-icu.patch b/gnu/packages/patches/chromium-system-icu.patch
new file mode 100644
index 000000000..c35c1b75c
--- /dev/null
+++ b/gnu/packages/patches/chromium-system-icu.patch
@@ -0,0 +1,15 @@
+description: maintain compatibility with system icu library
+author: Michael Gilbert <mgilbert@debian.org>
+
+--- a/BUILD.gn
++++ b/BUILD.gn
+@@ -657,8 +657,7 @@ group("gn_all") {
+ }
+ }
+
+- if ((is_linux && !is_chromeos && !is_chromecast) || (is_win && use_drfuzz) ||
+- (use_libfuzzer && is_mac)) {
++ if (false) {
+ deps += [
+ "//testing/libfuzzer/fuzzers",
+ "//testing/libfuzzer/tests:libfuzzer_tests",
diff --git a/gnu/packages/patches/chromium-system-libevent.patch b/gnu/packages/patches/chromium-system-libevent.patch
new file mode 100644
index 000000000..91fc9e3b5
--- /dev/null
+++ b/gnu/packages/patches/chromium-system-libevent.patch
@@ -0,0 +1,84 @@
+description: build using system libevent
+author: Michael Gilbert <mgilbert@debian.org>
+
+https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/system/event.patch
+
+--- a/third_party/webrtc/base/task_queue_libevent.cc
++++ b/third_party/webrtc/base/task_queue_libevent.cc
+@@ -15,7 +15,7 @@
+ #include <string.h>
+ #include <unistd.h>
+
+-#include "base/third_party/libevent/event.h"
++#include <event.h>
+ #include "webrtc/base/checks.h"
+ #include "webrtc/base/logging.h"
+ #include "webrtc/base/task_queue_posix.h"
+--- a/tools/gn/bootstrap/bootstrap.py
++++ b/tools/gn/bootstrap/bootstrap.py
+@@ -609,26 +609,6 @@ def write_gn_ninja(path, root_gen_dir, o
+ 'base/time/time_now_posix.cc',
+ 'base/trace_event/heap_profiler_allocation_register_posix.cc',
+ ])
+- static_libraries['libevent'] = {
+- 'sources': [
+- 'base/third_party/libevent/buffer.c',
+- 'base/third_party/libevent/evbuffer.c',
+- 'base/third_party/libevent/evdns.c',
+- 'base/third_party/libevent/event.c',
+- 'base/third_party/libevent/event_tagging.c',
+- 'base/third_party/libevent/evrpc.c',
+- 'base/third_party/libevent/evutil.c',
+- 'base/third_party/libevent/http.c',
+- 'base/third_party/libevent/log.c',
+- 'base/third_party/libevent/poll.c',
+- 'base/third_party/libevent/select.c',
+- 'base/third_party/libevent/signal.c',
+- 'base/third_party/libevent/strlcpy.c',
+- ],
+- 'tool': 'cc',
+- 'include_dirs': [],
+- 'cflags': cflags + ['-DHAVE_CONFIG_H'],
+- }
+
+ if is_linux or is_aix:
+ ldflags.extend(['-pthread'])
+@@ -660,13 +640,7 @@ def write_gn_ninja(path, root_gen_dir, o
+ 'base/allocator/allocator_shim.cc',
+ 'base/allocator/allocator_shim_default_dispatch_to_glibc.cc',
+ ])
+- libs.extend(['-lrt', '-latomic', '-lnspr4'])
+- static_libraries['libevent']['include_dirs'].extend([
+- os.path.join(SRC_ROOT, 'base', 'third_party', 'libevent', 'linux')
+- ])
+- static_libraries['libevent']['sources'].extend([
+- 'base/third_party/libevent/epoll.c',
+- ])
++ libs.extend(['-lrt', '-latomic', '-lnspr4', '-levent'])
+ else:
+ libs.extend(['-lrt'])
+ static_libraries['base']['sources'].extend([
+@@ -703,12 +677,6 @@ def write_gn_ninja(path, root_gen_dir, o
+ 'base/time/time_mac.cc',
+ 'base/threading/platform_thread_mac.mm',
+ ])
+- static_libraries['libevent']['include_dirs'].extend([
+- os.path.join(SRC_ROOT, 'base', 'third_party', 'libevent', 'mac')
+- ])
+- static_libraries['libevent']['sources'].extend([
+- 'base/third_party/libevent/kqueue.c',
+- ])
+
+ libs.extend([
+ '-framework', 'AppKit',
+--- a/base/message_loop/message_pump_libevent.cc
++++ b/base/message_loop/message_pump_libevent.cc
+@@ -14,7 +14,7 @@
+ #include "base/files/file_util.h"
+ #include "base/logging.h"
+ #include "base/posix/eintr_wrapper.h"
+-#include "base/third_party/libevent/event.h"
++#include <event.h>
+ #include "base/time/time.h"
+ #include "base/trace_event/trace_event.h"
+ #include "build/build_config.h"
diff --git a/gnu/packages/patches/chromium-system-libxml.patch b/gnu/packages/patches/chromium-system-libxml.patch
new file mode 100644
index 000000000..23c42d79c
--- /dev/null
+++ b/gnu/packages/patches/chromium-system-libxml.patch
@@ -0,0 +1,29 @@
+description: system libxml2 2.9.4 does not yet provide XML_PARSE_NOXXE
+author: Michael Gilbert <mgilbert@debian.org>
+
+Copied from:
+
+https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/system/libxml.patch
+
+--- a/third_party/libxml/chromium/libxml_utils.cc
++++ b/third_party/libxml/chromium/libxml_utils.cc
+@@ -24,8 +24,7 @@ XmlReader::~XmlReader() {
+
+ bool XmlReader::Load(const std::string& input) {
+ const int kParseOptions = XML_PARSE_RECOVER | // recover on errors
+- XML_PARSE_NONET | // forbid network access
+- XML_PARSE_NOXXE; // no external entities
++ XML_PARSE_NONET; // forbid network access
+ // TODO(evanm): Verify it's OK to pass NULL for the URL and encoding.
+ // The libxml code allows for these, but it's unclear what effect is has.
+ reader_ = xmlReaderForMemory(input.data(), static_cast<int>(input.size()),
+@@ -35,8 +34,7 @@ bool XmlReader::Load(const std::string&
+
+ bool XmlReader::LoadFile(const std::string& file_path) {
+ const int kParseOptions = XML_PARSE_RECOVER | // recover on errors
+- XML_PARSE_NONET | // forbid network access
+- XML_PARSE_NOXXE; // no external entities
++ XML_PARSE_NONET; // forbid network access
+ reader_ = xmlReaderForFile(file_path.c_str(), NULL, kParseOptions);
+ return reader_ != NULL;
+ }
diff --git a/gnu/packages/patches/chromium-system-nspr.patch b/gnu/packages/patches/chromium-system-nspr.patch
new file mode 100644
index 000000000..5f2cca0c3
--- /dev/null
+++ b/gnu/packages/patches/chromium-system-nspr.patch
@@ -0,0 +1,65 @@
+description: use system nspr library
+author: Michael Gilbert <mgilbert@debian.org>
+
+--- a/base/time/pr_time_unittest.cc
++++ b/base/time/pr_time_unittest.cc
+@@ -7,7 +7,7 @@
+
+ #include "base/compiler_specific.h"
+ #include "base/macros.h"
+-#include "base/third_party/nspr/prtime.h"
++#include <nspr/prtime.h>
+ #include "base/time/time.h"
+ #include "build/build_config.h"
+ #include "testing/gtest/include/gtest/gtest.h"
+--- a/base/time/time.cc
++++ b/base/time/time.cc
+@@ -14,7 +14,7 @@
+ #include "base/logging.h"
+ #include "base/macros.h"
+ #include "base/strings/stringprintf.h"
+-#include "base/third_party/nspr/prtime.h"
++#include <nspr/prtime.h>
+ #include "build/build_config.h"
+
+ namespace base {
+--- a/tools/gn/bootstrap/bootstrap.py
++++ b/tools/gn/bootstrap/bootstrap.py
+@@ -510,7 +510,6 @@ def write_gn_ninja(path, root_gen_dir, o
+ 'base/third_party/dmg_fp/dtoa_wrapper.cc',
+ 'base/third_party/dmg_fp/g_fmt.cc',
+ 'base/third_party/icu/icu_utf.cc',
+- 'base/third_party/nspr/prtime.cc',
+ 'base/threading/non_thread_safe_impl.cc',
+ 'base/threading/post_task_and_reply_impl.cc',
+ 'base/threading/sequenced_task_runner_handle.cc',
+@@ -661,7 +660,7 @@ def write_gn_ninja(path, root_gen_dir, o
+ 'base/allocator/allocator_shim.cc',
+ 'base/allocator/allocator_shim_default_dispatch_to_glibc.cc',
+ ])
+- libs.extend(['-lrt', '-latomic'])
++ libs.extend(['-lrt', '-latomic', '-lnspr4'])
+ static_libraries['libevent']['include_dirs'].extend([
+ os.path.join(SRC_ROOT, 'base', 'third_party', 'libevent', 'linux')
+ ])
+--- a/base/BUILD.gn
++++ b/base/BUILD.gn
+@@ -58,6 +58,9 @@ config("base_flags") {
+ "-Wno-char-subscripts",
+ ]
+ }
++ ldflags = [
++ "-lnspr4",
++ ]
+ }
+
+ config("base_implementation") {
+@@ -868,8 +871,6 @@ component("base") {
+ "third_party/dmg_fp/g_fmt.cc",
+ "third_party/icu/icu_utf.cc",
+ "third_party/icu/icu_utf.h",
+- "third_party/nspr/prtime.cc",
+- "third_party/nspr/prtime.h",
+ "third_party/superfasthash/superfasthash.c",
+ "third_party/valgrind/memcheck.h",
+ "threading/non_thread_safe.h",
--
2.14.0
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
@ 2017-08-07 20:23 ` ng0
2017-08-07 21:16 ` Marius Bakke
2017-08-10 5:31 ` Efraim Flashner
` (6 subsequent siblings)
7 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2017-08-07 20:23 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1245 bytes --]
Hi Marius,
Marius Bakke transcribed 43K bytes:
> Hello Guix!
>
> Attached is a patch for Chromium, a popular web browser.
Nice! I've been using this from your branch for a while now,
works just fine :)
Is this not affected by the chromium discussion which happened
a while back? Can we include this? I'm all for this, because I
mainly use it for websites where firefox/icecat doesn't work so
well, and building it locally takes a very long time.
(Pro-tip: Don't offload from very powerful laptops to 10 year
old computers with 2 cores ;))
> It requires the new ld wrapper from 'core-updates' and a very powerful
> build machine (a quad-core Sandy Bridge Xeon uses 2-3 hours).
But to notice: it builds with less than 3GB RAM.
> Note that I cannot guarantee timely delivery of security updates. Major
> version upgrades are hugely painful, and almost always contain many
> high-severity fixes. Should we mention that in the description?
>
> Happy for any feedback.
>
Shouldn't you mention defines in addition to the define-public aswell,
or don't we do that?
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-07 20:23 ` ng0
@ 2017-08-07 21:16 ` Marius Bakke
2017-08-08 5:53 ` ng0
2017-08-08 13:18 ` ng0
0 siblings, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2017-08-07 21:16 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1824 bytes --]
ng0 <ng0@infotropique.org> writes:
> Hi Marius,
>
> Marius Bakke transcribed 43K bytes:
>> Hello Guix!
>>
>> Attached is a patch for Chromium, a popular web browser.
>
> Nice! I've been using this from your branch for a while now,
> works just fine :)
> Is this not affected by the chromium discussion which happened
> a while back? Can we include this? I'm all for this, because I
> mainly use it for websites where firefox/icecat doesn't work so
> well, and building it locally takes a very long time.
I believe this is within the Free System Distribution Guidelines. DRM
("Widevine") is disabled at build time, and the Web Store is
non-functional without the end user explicitly enabling it.
There are some grey areas though. The browser may interact with certain
non-free APIs (apart from regular browser duties) such as translation or
prediction services. These features are optional, but some are enabled
by default, and difficult to maintain patches for (I've tried).
However, I have verified that it does not send any unsolicited requests
with the current command-line options, apart from the very first launch
which spawns a login prompt (help wanted!). Without either of those
flags the browser "calls home" every time it starts.
>> Note that I cannot guarantee timely delivery of security updates. Major
>> version upgrades are hugely painful, and almost always contain many
>> high-severity fixes. Should we mention that in the description?
>>
>> Happy for any feedback.
>>
>
> Shouldn't you mention defines in addition to the define-public aswell,
> or don't we do that?
Not for new files (modules), typically. I don't think Magit can fill out
those variable names (by pressing C on the hunks) either ;-) But it
should probably go in web-browsers.scm anyway.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-07 21:16 ` Marius Bakke
@ 2017-08-08 5:53 ` ng0
2017-08-08 13:18 ` ng0
1 sibling, 0 replies; 91+ messages in thread
From: ng0 @ 2017-08-08 5:53 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2776 bytes --]
Marius Bakke transcribed 2.4K bytes:
> ng0 <ng0@infotropique.org> writes:
>
> > Hi Marius,
> >
> > Marius Bakke transcribed 43K bytes:
> >> Hello Guix!
> >>
> >> Attached is a patch for Chromium, a popular web browser.
> >
> > Nice! I've been using this from your branch for a while now,
> > works just fine :)
> > Is this not affected by the chromium discussion which happened
> > a while back? Can we include this? I'm all for this, because I
> > mainly use it for websites where firefox/icecat doesn't work so
> > well, and building it locally takes a very long time.
>
> I believe this is within the Free System Distribution Guidelines.
What I meant was this long discussion about "QTWebengine is nonfree",
but as far as I experienced in being one of the early users of chromium
for a long time, it doesn't depend on anything Qt and doesn't bundle it.
So without having the time this morning to refresh the discussion, I think
it was about Chromium as a part for other software which is provided
through QtWebengine (Or maybe I'm tired and write only almost nonsense).
> DRM
> ("Widevine") is disabled at build time, and the Web Store is
> non-functional without the end user explicitly enabling it.
>
> There are some grey areas though. The browser may interact with certain
> non-free APIs (apart from regular browser duties) such as translation or
> prediction services. These features are optional, but some are enabled
> by default, and difficult to maintain patches for (I've tried).
>
> However, I have verified that it does not send any unsolicited requests
> with the current command-line options, apart from the very first launch
> which spawns a login prompt (help wanted!). Without either of those
> flags the browser "calls home" every time it starts.
>
> >> Note that I cannot guarantee timely delivery of security updates. Major
> >> version upgrades are hugely painful, and almost always contain many
> >> high-severity fixes. Should we mention that in the description?
> >>
> >> Happy for any feedback.
> >>
> >
> > Shouldn't you mention defines in addition to the define-public aswell,
> > or don't we do that?
>
> Not for new files (modules), typically. I don't think Magit can fill out
> those variable names (by pressing C on the hunks) either ;-) But it
> should probably go in web-browsers.scm anyway.
Isn't web-browsers just for smaller browsers? we have gnuzilla, and I'm
about to add palemoon when I have analysed and cleaned up my build of it.
Of course we coukd add them all to web-browser, the file won't become too large.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-07 21:16 ` Marius Bakke
2017-08-08 5:53 ` ng0
@ 2017-08-08 13:18 ` ng0
2017-08-08 14:22 ` ng0
1 sibling, 1 reply; 91+ messages in thread
From: ng0 @ 2017-08-08 13:18 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2479 bytes --]
Marius Bakke transcribed 2.4K bytes:
> ng0 <ng0@infotropique.org> writes:
>
> > Hi Marius,
> >
> > Marius Bakke transcribed 43K bytes:
> >> Hello Guix!
> >>
> >> Attached is a patch for Chromium, a popular web browser.
> >
> > Nice! I've been using this from your branch for a while now,
> > works just fine :)
> > Is this not affected by the chromium discussion which happened
> > a while back? Can we include this? I'm all for this, because I
> > mainly use it for websites where firefox/icecat doesn't work so
> > well, and building it locally takes a very long time.
>
> I believe this is within the Free System Distribution Guidelines. DRM
> ("Widevine") is disabled at build time, and the Web Store is
> non-functional without the end user explicitly enabling it.
>
> There are some grey areas though. The browser may interact with certain
> non-free APIs (apart from regular browser duties) such as translation or
> prediction services. These features are optional, but some are enabled
> by default, and difficult to maintain patches for (I've tried).
>
> However, I have verified that it does not send any unsolicited requests
> with the current command-line options, apart from the very first launch
> which spawns a login prompt (help wanted!). Without either of those
> flags the browser "calls home" every time it starts.
>
> >> Note that I cannot guarantee timely delivery of security updates. Major
> >> version upgrades are hugely painful, and almost always contain many
> >> high-severity fixes. Should we mention that in the description?
> >>
> >> Happy for any feedback.
> >>
> >
> > Shouldn't you mention defines in addition to the define-public aswell,
> > or don't we do that?
>
> Not for new files (modules), typically. I don't think Magit can fill out
> those variable names (by pressing C on the hunks) either ;-) But it
> should probably go in web-browsers.scm anyway.
Unless someone else is already building this, I'm giving it a spin.
I guess you changed some things since the version of yours I have in
here: https://gitlab.com/ng0_guix/packages/blob/master/ng0/packages/chromium.scm
so I have to rebuild it.
It might take a while because I'm offloading to something much slower
but which doesn't care about heat as much as a this one ;)
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-08 13:18 ` ng0
@ 2017-08-08 14:22 ` ng0
2017-08-08 15:44 ` ng0
0 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2017-08-08 14:22 UTC (permalink / raw)
To: Marius Bakke, 28004
[-- Attachment #1: Type: text/plain, Size: 2736 bytes --]
ng0 transcribed 3.4K bytes:
> Marius Bakke transcribed 2.4K bytes:
> > ng0 <ng0@infotropique.org> writes:
> >
> > > Hi Marius,
> > >
> > > Marius Bakke transcribed 43K bytes:
> > >> Hello Guix!
> > >>
> > >> Attached is a patch for Chromium, a popular web browser.
> > >
> > > Nice! I've been using this from your branch for a while now,
> > > works just fine :)
> > > Is this not affected by the chromium discussion which happened
> > > a while back? Can we include this? I'm all for this, because I
> > > mainly use it for websites where firefox/icecat doesn't work so
> > > well, and building it locally takes a very long time.
> >
> > I believe this is within the Free System Distribution Guidelines. DRM
> > ("Widevine") is disabled at build time, and the Web Store is
> > non-functional without the end user explicitly enabling it.
> >
> > There are some grey areas though. The browser may interact with certain
> > non-free APIs (apart from regular browser duties) such as translation or
> > prediction services. These features are optional, but some are enabled
> > by default, and difficult to maintain patches for (I've tried).
> >
> > However, I have verified that it does not send any unsolicited requests
> > with the current command-line options, apart from the very first launch
> > which spawns a login prompt (help wanted!). Without either of those
> > flags the browser "calls home" every time it starts.
> >
> > >> Note that I cannot guarantee timely delivery of security updates. Major
> > >> version upgrades are hugely painful, and almost always contain many
> > >> high-severity fixes. Should we mention that in the description?
> > >>
> > >> Happy for any feedback.
> > >>
> > >
> > > Shouldn't you mention defines in addition to the define-public aswell,
> > > or don't we do that?
> >
> > Not for new files (modules), typically. I don't think Magit can fill out
> > those variable names (by pressing C on the hunks) either ;-) But it
> > should probably go in web-browsers.scm anyway.
>
> Unless someone else is already building this, I'm giving it a spin.
>
> I guess you changed some things since the version of yours I have in
> here: https://gitlab.com/ng0_guix/packages/blob/master/ng0/packages/chromium.scm
> so I have to rebuild it.
> It might take a while because I'm offloading to something much slower
> but which doesn't care about heat as much as a this one ;)
Patch itself LGTM, I'm now waiting on the build to finish in the
next couple of hours.
Thanks for your work on this!
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-08 14:22 ` ng0
@ 2017-08-08 15:44 ` ng0
2017-08-08 18:59 ` ng0
2017-08-08 19:51 ` Leo Famulari
0 siblings, 2 replies; 91+ messages in thread
From: ng0 @ 2017-08-08 15:44 UTC (permalink / raw)
To: Marius Bakke, 28004
[-- Attachment #1: Type: text/plain, Size: 4611 bytes --]
ng0 transcribed 3.7K bytes:
> ng0 transcribed 3.4K bytes:
> > Marius Bakke transcribed 2.4K bytes:
> > > ng0 <ng0@infotropique.org> writes:
> > >
> > > > Hi Marius,
> > > >
> > > > Marius Bakke transcribed 43K bytes:
> > > >> Hello Guix!
> > > >>
> > > >> Attached is a patch for Chromium, a popular web browser.
> > > >
> > > > Nice! I've been using this from your branch for a while now,
> > > > works just fine :)
> > > > Is this not affected by the chromium discussion which happened
> > > > a while back? Can we include this? I'm all for this, because I
> > > > mainly use it for websites where firefox/icecat doesn't work so
> > > > well, and building it locally takes a very long time.
> > >
> > > I believe this is within the Free System Distribution Guidelines. DRM
> > > ("Widevine") is disabled at build time, and the Web Store is
> > > non-functional without the end user explicitly enabling it.
> > >
> > > There are some grey areas though. The browser may interact with certain
> > > non-free APIs (apart from regular browser duties) such as translation or
> > > prediction services. These features are optional, but some are enabled
> > > by default, and difficult to maintain patches for (I've tried).
> > >
> > > However, I have verified that it does not send any unsolicited requests
> > > with the current command-line options, apart from the very first launch
> > > which spawns a login prompt (help wanted!). Without either of those
> > > flags the browser "calls home" every time it starts.
> > >
> > > >> Note that I cannot guarantee timely delivery of security updates. Major
> > > >> version upgrades are hugely painful, and almost always contain many
> > > >> high-severity fixes. Should we mention that in the description?
> > > >>
> > > >> Happy for any feedback.
> > > >>
> > > >
> > > > Shouldn't you mention defines in addition to the define-public aswell,
> > > > or don't we do that?
> > >
> > > Not for new files (modules), typically. I don't think Magit can fill out
> > > those variable names (by pressing C on the hunks) either ;-) But it
> > > should probably go in web-browsers.scm anyway.
> >
> > Unless someone else is already building this, I'm giving it a spin.
> >
> > I guess you changed some things since the version of yours I have in
> > here: https://gitlab.com/ng0_guix/packages/blob/master/ng0/packages/chromium.scm
> > so I have to rebuild it.
> > It might take a while because I'm offloading to something much slower
> > but which doesn't care about heat as much as a this one ;)
>
> Patch itself LGTM, I'm now waiting on the build to finish in the
> next couple of hours.
x86_64 architecture, builds fails at this point:
[6247/27388] STAMP obj/mojo/common/common.stamp
[6248/27388] ACTION //net/http:generate_transport_security_state(//build/toolchain/linux:x64)
FAILED: gen/net/http/transport_security_state_static.h
python ../../build/gn_run_binary.py transport_security_state_generator ../../net/http/transport_security_state_static.json ../../net/http/transport_security_state_static.pins ../../net/http/transport_security_state_static.template gen/net/http/transport_security_state_static.h
./transport_security_state_generator: error while loading shared libraries: libglib-2.0.so.0: cannot open shared object file: No such file or directory
transport_security_state_generator failed with exit code 127
[6249/27388] AR obj/sandbox/linux/libsandbox_services.a
ninja: build stopped: subcommand failed.
phase `build' failed after 1777.2 seconds
builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 1
@ build-failed /gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv - 1 builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 1
derivation '/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' offloaded to '192.168.1.179' failed: build of `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed
@ build-failed /gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv - 1 builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 100
guix build: error: build failed: build of `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed
Have you experienced this before?
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-08 15:44 ` ng0
@ 2017-08-08 18:59 ` ng0
2017-08-08 19:51 ` Leo Famulari
1 sibling, 0 replies; 91+ messages in thread
From: ng0 @ 2017-08-08 18:59 UTC (permalink / raw)
To: Marius Bakke, 28004
[-- Attachment #1: Type: text/plain, Size: 5021 bytes --]
ng0 transcribed 5.5K bytes:
> ng0 transcribed 3.7K bytes:
> > ng0 transcribed 3.4K bytes:
> > > Marius Bakke transcribed 2.4K bytes:
> > > > ng0 <ng0@infotropique.org> writes:
> > > >
> > > > > Hi Marius,
> > > > >
> > > > > Marius Bakke transcribed 43K bytes:
> > > > >> Hello Guix!
> > > > >>
> > > > >> Attached is a patch for Chromium, a popular web browser.
> > > > >
> > > > > Nice! I've been using this from your branch for a while now,
> > > > > works just fine :)
> > > > > Is this not affected by the chromium discussion which happened
> > > > > a while back? Can we include this? I'm all for this, because I
> > > > > mainly use it for websites where firefox/icecat doesn't work so
> > > > > well, and building it locally takes a very long time.
> > > >
> > > > I believe this is within the Free System Distribution Guidelines. DRM
> > > > ("Widevine") is disabled at build time, and the Web Store is
> > > > non-functional without the end user explicitly enabling it.
> > > >
> > > > There are some grey areas though. The browser may interact with certain
> > > > non-free APIs (apart from regular browser duties) such as translation or
> > > > prediction services. These features are optional, but some are enabled
> > > > by default, and difficult to maintain patches for (I've tried).
> > > >
> > > > However, I have verified that it does not send any unsolicited requests
> > > > with the current command-line options, apart from the very first launch
> > > > which spawns a login prompt (help wanted!). Without either of those
> > > > flags the browser "calls home" every time it starts.
> > > >
> > > > >> Note that I cannot guarantee timely delivery of security updates. Major
> > > > >> version upgrades are hugely painful, and almost always contain many
> > > > >> high-severity fixes. Should we mention that in the description?
> > > > >>
> > > > >> Happy for any feedback.
> > > > >>
> > > > >
> > > > > Shouldn't you mention defines in addition to the define-public aswell,
> > > > > or don't we do that?
> > > >
> > > > Not for new files (modules), typically. I don't think Magit can fill out
> > > > those variable names (by pressing C on the hunks) either ;-) But it
> > > > should probably go in web-browsers.scm anyway.
> > >
> > > Unless someone else is already building this, I'm giving it a spin.
> > >
> > > I guess you changed some things since the version of yours I have in
> > > here: https://gitlab.com/ng0_guix/packages/blob/master/ng0/packages/chromium.scm
> > > so I have to rebuild it.
> > > It might take a while because I'm offloading to something much slower
> > > but which doesn't care about heat as much as a this one ;)
> >
> > Patch itself LGTM, I'm now waiting on the build to finish in the
> > next couple of hours.
>
> x86_64 architecture, builds fails at this point:
>
> [6247/27388] STAMP obj/mojo/common/common.stamp
> [6248/27388] ACTION //net/http:generate_transport_security_state(//build/toolchain/linux:x64)
> FAILED: gen/net/http/transport_security_state_static.h
> python ../../build/gn_run_binary.py transport_security_state_generator ../../net/http/transport_security_state_static.json ../../net/http/transport_security_state_static.pins ../../net/http/transport_security_state_static.template gen/net/http/transport_security_state_static.h
> ./transport_security_state_generator: error while loading shared libraries: libglib-2.0.so.0: cannot open shared object file: No such file or directory
> transport_security_state_generator failed with exit code 127
> [6249/27388] AR obj/sandbox/linux/libsandbox_services.a
> ninja: build stopped: subcommand failed.
> phase `build' failed after 1777.2 seconds
> builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 1
> @ build-failed /gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv - 1 builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 1
> derivation '/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' offloaded to '192.168.1.179' failed: build of `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed
> @ build-failed /gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv - 1 builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 100
> guix build: error: build failed: build of `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed
>
> Have you experienced this before?
As efraim pointed out I missed the part where you wrote that
it is for core-updates. I just assumed it worked like it is
on master because what I had locally (chromium 58) works on
master).
Someone else must test it then.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-08 15:44 ` ng0
2017-08-08 18:59 ` ng0
@ 2017-08-08 19:51 ` Leo Famulari
2017-08-08 20:46 ` ng0
1 sibling, 1 reply; 91+ messages in thread
From: Leo Famulari @ 2017-08-08 19:51 UTC (permalink / raw)
To: Marius Bakke, 28004
[-- Attachment #1: Type: text/plain, Size: 1967 bytes --]
On Tue, Aug 08, 2017 at 03:44:22PM +0000, ng0 wrote:
> x86_64 architecture, builds fails at this point:
>
> [6247/27388] STAMP obj/mojo/common/common.stamp
> [6248/27388] ACTION //net/http:generate_transport_security_state(//build/toolchain/linux:x64)
> FAILED: gen/net/http/transport_security_state_static.h
> python ../../build/gn_run_binary.py transport_security_state_generator ../../net/http/transport_security_state_static.json ../../net/http/transport_security_state_static.pins ../../net/http/transport_security_state_static.template gen/net/http/transport_security_state_static.h
> ./transport_security_state_generator: error while loading shared libraries: libglib-2.0.so.0: cannot open shared object file: No such file or directory
> transport_security_state_generator failed with exit code 127
> [6249/27388] AR obj/sandbox/linux/libsandbox_services.a
> ninja: build stopped: subcommand failed.
> phase `build' failed after 1777.2 seconds
> builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 1
> @ build-failed /gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv - 1 builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 1
> derivation '/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' offloaded to '192.168.1.179' failed: build of `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed
> @ build-failed /gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv - 1 builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 100
> guix build: error: build failed: build of `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed
>
> Have you experienced this before?
Based on discussion on #guix, this package is based on core-updates. Did
you try building it on core-updates?
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-08 19:51 ` Leo Famulari
@ 2017-08-08 20:46 ` ng0
0 siblings, 0 replies; 91+ messages in thread
From: ng0 @ 2017-08-08 20:46 UTC (permalink / raw)
To: Leo Famulari; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2532 bytes --]
Leo Famulari transcribed 3.0K bytes:
> On Tue, Aug 08, 2017 at 03:44:22PM +0000, ng0 wrote:
> > x86_64 architecture, builds fails at this point:
> >
> > [6247/27388] STAMP obj/mojo/common/common.stamp
> > [6248/27388] ACTION //net/http:generate_transport_security_state(//build/toolchain/linux:x64)
> > FAILED: gen/net/http/transport_security_state_static.h
> > python ../../build/gn_run_binary.py transport_security_state_generator ../../net/http/transport_security_state_static.json ../../net/http/transport_security_state_static.pins ../../net/http/transport_security_state_static.template gen/net/http/transport_security_state_static.h
> > ./transport_security_state_generator: error while loading shared libraries: libglib-2.0.so.0: cannot open shared object file: No such file or directory
> > transport_security_state_generator failed with exit code 127
> > [6249/27388] AR obj/sandbox/linux/libsandbox_services.a
> > ninja: build stopped: subcommand failed.
> > phase `build' failed after 1777.2 seconds
> > builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 1
> > @ build-failed /gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv - 1 builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 1
> > derivation '/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' offloaded to '192.168.1.179' failed: build of `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed
> > @ build-failed /gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv - 1 builder for `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed with exit code 100
> > guix build: error: build failed: build of `/gnu/store/2afpy542vywbmk093dd1kzlfx74s2460-chromium-60.0.3112.90.drv' failed
> >
> > Have you experienced this before?
>
> Based on discussion on #guix, this package is based on core-updates. Did
> you try building it on core-updates?
No, I have no time for switching a system to core-updates for a moment and dealing with
whatever needs to be dealt with before I can build it there, unless core-updates is
stable.
I don't want to be the roadblock, I could test it at some point in the next 2 - 3 weeks
and this package looks like it is good to go if it builds.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
2017-08-07 20:23 ` ng0
@ 2017-08-10 5:31 ` Efraim Flashner
2017-08-31 7:36 ` ng0
2017-10-10 13:19 ` ng0
` (5 subsequent siblings)
7 siblings, 1 reply; 91+ messages in thread
From: Efraim Flashner @ 2017-08-10 5:31 UTC (permalink / raw)
To: 28004
[-- Attachment #1: Type: text/plain, Size: 1178 bytes --]
This built on aarch64 on core-updates in about 12.5 hours. I did need to
add the following substitution* to the package definition.
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
index 81bcb8f05..855779a11 100644
--- a/gnu/packages/chromium.scm
+++ b/gnu/packages/chromium.scm
@@ -346,6 +346,13 @@
(("include \"third_party/curl") "include \"curl"))
(substitute* "media/base/decode_capabilities.cc"
(("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+
#t))
(replace 'configure
(lambda* (#:key inputs outputs #:allow-other-keys)
With this addition it builds for me.
--
Efraim Flashner <efraim@flashner.co.il> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-10 5:31 ` Efraim Flashner
@ 2017-08-31 7:36 ` ng0
0 siblings, 0 replies; 91+ messages in thread
From: ng0 @ 2017-08-31 7:36 UTC (permalink / raw)
To: Efraim Flashner; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 482 bytes --]
Efraim Flashner transcribed 2.2K bytes:
> This built on aarch64 on core-updates in about 12.5 hours. I did need to
> add the following substitution* to the package definition.
As core-updates has been merged now, is this package good
to go? I could build it on my x86_64 builder this afternoon
if it requires one more check.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
2017-08-07 20:23 ` ng0
2017-08-10 5:31 ` Efraim Flashner
@ 2017-10-10 13:19 ` ng0
2017-10-11 19:52 ` Ludovic Courtès
2018-02-26 18:19 ` [bug#28004] [PATCH] gnu: Add chromium Marius Bakke
` (4 subsequent siblings)
7 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2017-10-10 13:19 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 790 bytes --]
Marius Bakke transcribed 43K bytes:
> Hello Guix!
>
> Attached is a patch for Chromium, a popular web browser.
>
> It requires the new ld wrapper from 'core-updates' and a very powerful
> build machine (a quad-core Sandy Bridge Xeon uses 2-3 hours).
>
> Note that I cannot guarantee timely delivery of security updates. Major
> version upgrades are hugely painful, and almost always contain many
> high-severity fixes. Should we mention that in the description?
>
> Happy for any feedback.
Hi,
could this patch be merged into master now?
It would be too bad to see this gathering digitial dust.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://dist.ng0.infotropique.org/dist/keys/
https://www.infotropique.org https://ng0.infotropique.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-10 13:19 ` ng0
@ 2017-10-11 19:52 ` Ludovic Courtès
2017-10-12 19:56 ` Leo Famulari
0 siblings, 1 reply; 91+ messages in thread
From: Ludovic Courtès @ 2017-10-11 19:52 UTC (permalink / raw)
To: ng0, Leo Famulari; +Cc: 28004
Hi!
ng0 <ng0@infotropique.org> skribis:
> Marius Bakke transcribed 43K bytes:
>> Hello Guix!
>>
>> Attached is a patch for Chromium, a popular web browser.
>>
>> It requires the new ld wrapper from 'core-updates' and a very powerful
>> build machine (a quad-core Sandy Bridge Xeon uses 2-3 hours).
>>
>> Note that I cannot guarantee timely delivery of security updates. Major
>> version upgrades are hugely painful, and almost always contain many
>> high-severity fixes. Should we mention that in the description?
>>
>> Happy for any feedback.
>
> Hi,
>
> could this patch be merged into master now?
Probably (I think at the time Marius submitted it the ‘ld’ wrapper
enhancements were not in ‘master’ yet.)
For the security aspect though, given that it’s a fairly critical
component, I’d like to have Leo’s opinion. Thoughts?
> It would be too bad to see this gathering digitial dust.
Indeed!
Thanks,
Ludo’.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-11 19:52 ` Ludovic Courtès
@ 2017-10-12 19:56 ` Leo Famulari
2017-10-12 20:28 ` ng0
2017-10-13 6:51 ` Ludovic Courtès
0 siblings, 2 replies; 91+ messages in thread
From: Leo Famulari @ 2017-10-12 19:56 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1840 bytes --]
On Wed, Oct 11, 2017 at 09:52:46PM +0200, Ludovic Courtès wrote:
> ng0 <ng0@infotropique.org> skribis:
> > could this patch be merged into master now?
>
> Probably (I think at the time Marius submitted it the ‘ld’ wrapper
> enhancements were not in ‘master’ yet.)
>
> For the security aspect though, given that it’s a fairly critical
> component, I’d like to have Leo’s opinion. Thoughts?
Any questions in particular?
For me, the primary question is maintenance.
As Marius pointed out when sending the patch, major version upgrades may
be difficult, and timely delivery of security updates cannot be
guaranteed. But these caveats apply to every package. [0] They aren't a
reason to exclude Chromium from Guix.
Now, if we add the Chromium package and then let if fall behind for
weeks or months, that will be a problem, and we will need to remove it.
It's relatively easy to remove packages of end-user applications, since
it's rare that other packages depend on them.
As always, I'm willing to help with security updates as much as my
volunteer schedule allows.
The other issue will be bugs caused by the use of non-bundled libraries.
Presumably, important bugs are fixed in the bundled libraries before
they are released by the upstream library (if ever). But again, this is
an issue with all of our packages. We will address these issues when we
find them.
There was a new release last month, 61.0.3163. I'd like to try updating
to it this weekend if I have the disk (does anyone know how much is
required) and computing power. Then we can push :)
[0] Users who really need to rely on the security of Chromium or Chrome
should use the "official" installation from the Chromium or Google
teams, and turn on auto-updates. Every update can be expected to fix
critical bugs.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-12 19:56 ` Leo Famulari
@ 2017-10-12 20:28 ` ng0
2017-10-13 6:51 ` Ludovic Courtès
1 sibling, 0 replies; 91+ messages in thread
From: ng0 @ 2017-10-12 20:28 UTC (permalink / raw)
To: Leo Famulari; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2250 bytes --]
Leo Famulari transcribed 2.9K bytes:
> On Wed, Oct 11, 2017 at 09:52:46PM +0200, Ludovic Courtès wrote:
> > ng0 <ng0@infotropique.org> skribis:
> > > could this patch be merged into master now?
> >
> > Probably (I think at the time Marius submitted it the ‘ld’ wrapper
> > enhancements were not in ‘master’ yet.)
> >
> > For the security aspect though, given that it’s a fairly critical
> > component, I’d like to have Leo’s opinion. Thoughts?
>
> Any questions in particular?
>
> For me, the primary question is maintenance.
>
> As Marius pointed out when sending the patch, major version upgrades may
> be difficult, and timely delivery of security updates cannot be
> guaranteed. But these caveats apply to every package. [0] They aren't a
> reason to exclude Chromium from Guix.
>
> Now, if we add the Chromium package and then let if fall behind for
> weeks or months, that will be a problem, and we will need to remove it.
> It's relatively easy to remove packages of end-user applications, since
> it's rare that other packages depend on them.
>
> As always, I'm willing to help with security updates as much as my
> volunteer schedule allows.
>
> The other issue will be bugs caused by the use of non-bundled libraries.
> Presumably, important bugs are fixed in the bundled libraries before
> they are released by the upstream library (if ever). But again, this is
> an issue with all of our packages. We will address these issues when we
> find them.
>
> There was a new release last month, 61.0.3163. I'd like to try updating
> to it this weekend if I have the disk (does anyone know how much is
> required) and computing power. Then we can push :)
Around 8 GiB for a full build as far as I know, that is when you include
debbuging symbols. So it's less than 8 GiB.
> [0] Users who really need to rely on the security of Chromium or Chrome
> should use the "official" installation from the Chromium or Google
> teams, and turn on auto-updates. Every update can be expected to fix
> critical bugs.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://dist.ng0.infotropique.org/dist/keys/
https://www.infotropique.org https://ng0.infotropique.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-12 19:56 ` Leo Famulari
2017-10-12 20:28 ` ng0
@ 2017-10-13 6:51 ` Ludovic Courtès
2017-10-18 22:41 ` Marius Bakke
1 sibling, 1 reply; 91+ messages in thread
From: Ludovic Courtès @ 2017-10-13 6:51 UTC (permalink / raw)
To: Leo Famulari; +Cc: 28004
Heya,
Leo Famulari <leo@famulari.name> skribis:
> On Wed, Oct 11, 2017 at 09:52:46PM +0200, Ludovic Courtès wrote:
>> ng0 <ng0@infotropique.org> skribis:
>> > could this patch be merged into master now?
>>
>> Probably (I think at the time Marius submitted it the ‘ld’ wrapper
>> enhancements were not in ‘master’ yet.)
>>
>> For the security aspect though, given that it’s a fairly critical
>> component, I’d like to have Leo’s opinion. Thoughts?
>
> Any questions in particular?
Not really, I was wondering about the Marius’ warning as to the
difficulty of keeping it up-to-date.
> For me, the primary question is maintenance.
>
> As Marius pointed out when sending the patch, major version upgrades may
> be difficult, and timely delivery of security updates cannot be
> guaranteed. But these caveats apply to every package. [0] They aren't a
> reason to exclude Chromium from Guix.
Right. A browser is particularly sensitive though.
> Now, if we add the Chromium package and then let if fall behind for
> weeks or months, that will be a problem, and we will need to remove it.
> It's relatively easy to remove packages of end-user applications, since
> it's rare that other packages depend on them.
>
> As always, I'm willing to help with security updates as much as my
> volunteer schedule allows.
>
> The other issue will be bugs caused by the use of non-bundled libraries.
> Presumably, important bugs are fixed in the bundled libraries before
> they are released by the upstream library (if ever). But again, this is
> an issue with all of our packages. We will address these issues when we
> find them.
Yeah.
> There was a new release last month, 61.0.3163. I'd like to try updating
> to it this weekend if I have the disk (does anyone know how much is
> required) and computing power. Then we can push :)
Sounds like a plan!
> [0] Users who really need to rely on the security of Chromium or Chrome
> should use the "official" installation from the Chromium or Google
> teams, and turn on auto-updates. Every update can be expected to fix
> critical bugs.
I get your point, but OTOH getting binaries from Google is not something
I feel like recommending. :-)
I think we should make sure that our package does not call home in any
way. That’s what I expect from a security- and privacy-conscious
distro.
WDYT?
Thanks for your feedback!
Ludo’.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-13 6:51 ` Ludovic Courtès
@ 2017-10-18 22:41 ` Marius Bakke
2017-10-19 5:48 ` ng0
` (3 more replies)
0 siblings, 4 replies; 91+ messages in thread
From: Marius Bakke @ 2017-10-18 22:41 UTC (permalink / raw)
To: Ludovic Courtès, Leo Famulari; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 697 bytes --]
Ludovic Courtès <ludo@gnu.org> writes:
> I think we should make sure that our package does not call home in any
> way. That’s what I expect from a security- and privacy-conscious
> distro.
Currently, it calls home at first launch, prompting for a login. But
I've verified that it does not send any unsolicited requests for
subsequent startups, as long as the user does not change the
command-line flags.
Anyway I'm attaching the current iteration of this patch. Chromium 62
is out today, I'll try to update this weekend and will push it after
that in lieu of other feedback.
I would be very happy if someone managed to complete the 62 upgrade
before me, however! ;-)
[-- Attachment #1.2: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 37254 bytes --]
From d6e3ef7f28a9bc4ace0c52e09b1e4bdde84e01e0 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm: New file.
* gnu/packages/patches/chromium-disable-api-keys-warning.patch,
gnu/packages/patches/chromium-disable-third-party-cookies.patch,
gnu/packages/patches/chromium-system-icu.patch: New files.
* gnu/local.mk: Record it.
---
gnu/local.mk | 4 +
gnu/packages/chromium.scm | 650 +++++++++++++++++++++
.../chromium-disable-api-keys-warning.patch | 17 +
.../chromium-disable-third-party-cookies.patch | 13 +
gnu/packages/patches/chromium-system-icu.patch | 15 +
5 files changed, 699 insertions(+)
create mode 100644 gnu/packages/chromium.scm
create mode 100644 gnu/packages/patches/chromium-disable-api-keys-warning.patch
create mode 100644 gnu/packages/patches/chromium-disable-third-party-cookies.patch
create mode 100644 gnu/packages/patches/chromium-system-icu.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index bb4724426..80be45d45 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -86,6 +86,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/certs.scm \
%D%/packages/check.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cmake.scm \
%D%/packages/cobol.scm \
@@ -557,6 +558,9 @@ dist_patch_DATA = \
%D%/packages/patches/chicken-CVE-2017-6949.patch \
%D%/packages/patches/chicken-CVE-2017-11343.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-disable-api-keys-warning.patch \
+ %D%/packages/patches/chromium-disable-third-party-cookies.patch \
+ %D%/packages/patches/chromium-system-icu.patch \
%D%/packages/patches/clang-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clisp-remove-failing-test.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..5693b70ff
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,650 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (remote-patch file-name uri hash)
+ "Return an <origin> object with the given FILE-NAME. URI must be a FTP or
+HTTP(S) URI that returns a file with the given HASH."
+ (origin
+ (method url-fetch)
+ (uri uri)
+ (sha256 (base32 hash))
+ (file-name file-name)))
+
+(define opus+custom
+ (package (inherit opus)
+ (arguments
+ `(;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ #:configure-flags '("--enable-custom-modes")
+ ,@(package-arguments opus)))))
+
+;; Chromium since 58 depends on an unreleased libvpx. So, we
+;; package the latest master branch as of 2017-10-12.
+(define libvpx+experimental
+ (package
+ (inherit libvpx)
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libvpx")
+ (commit "175b36cb6d2811c721d63277ba953ea817f32361")))
+ (file-name "libvpx-for-chromium-checkout")
+ (sha256
+ (base32
+ "1j8ni29mcj74lfsc0hsha22zzp24ig53iki0id5bdfhzl8q1rpyk"))))
+ ;; TODO: Make libvpx configure flags overrideable.
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (setenv "CONFIG_SHELL" (which "bash"))
+ (let ((out (assoc-ref outputs "out")))
+ (setenv "LDFLAGS"
+ (string-append "-Wl,-rpath=" out "/lib"))
+ (zero? (system* "./configure"
+ "--enable-shared"
+ "--as=yasm"
+ ;; Limit size to avoid CVE-2015-1258
+ "--size-limit=16384x16384"
+ ;; Spatial SVC is an experimental VP9 encoder
+ ;; used by some packages (i.e. Chromium).
+ "--enable-experimental"
+ "--enable-spatial-svc"
+ (string-append "--prefix=" out)))))))
+ #:tests? #f)))) ; No tests.
+
+(define %chromium-gn-bootstrap.patch
+ (remote-patch "chromium-gn-bootstrap.patch"
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
+chromium/files/chromium-gn-bootstrap-r14.patch?id=\
+900e6203d4015711887137bcd03c913361dbf41f"
+ "1050abvq24s1a5vd97d5ljb8bmv0wcdgkj3vk0scygkr1954qy4q"))
+
+(define %chromium-gcc-compat.patch
+ (remote-patch "chromium-gcc-compat.patch"
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
+chromium/files/chromium-gcc-r1.patch?id=506399c6ac2ace6501429925a608db9d7e502bde"
+ "0n5bc1ckq83vlfzh5k3frh7cp7hyhxii89iq2v4jg46lblqgxkqi"))
+
+(define %chromium-gcc-5-compat.patch
+ (remote-patch "chromium-gcc-5-compat.patch"
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
+chromium/files/chromium-gcc5-r1.patch?id=506399c6ac2ace6501429925a608db9d7e502bde"
+ "0jz9sg24yzimcass3c3myynp3sf2c1rasrcwh7jn1gbbj4yp7j8v"))
+
+(define %chromium-atk-compat.patch
+ (remote-patch "chromium-atk-compat.patch"
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
+chromium/files/chromium-atk-r1.patch?id=506399c6ac2ace6501429925a608db9d7e502bde"
+ "13g9g1k9f3fqpgjhnlqvf5np6m58czr57zq1fqdf5y5nfyxrl3pw"))
+
+(define %chromium-system-nspr.patch
+ (remote-patch "chromium-system-nspr.patch"
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/\
+plain/debian/patches/system/nspr.patch?id=64458c4216edd82503dc9366e2f4d80ae7c763b0"
+ "0l69sq3w9n5zygykf1gfzp1zfb7gkjk62nnvbrmkn00gzq6cc643"))
+
+(define %chromium-system-libevent.patch
+ (remote-patch "chromium-system-libevent.patch"
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/\
+plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c763b0"
+ "0vibc92kwycm8jlyfa49135nq0flm6gkrf8ic76m5rkraclijvn9"))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "61.0.3163.100")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "06r89jim9cq87668ya8wwk69hh17rl04cj94nb9c28v6mj69cda1"))
+ (patches (append (list %chromium-gn-bootstrap.patch
+ %chromium-atk-compat.patch
+ %chromium-gcc-compat.patch
+ %chromium-gcc-5-compat.patch
+ %chromium-system-nspr.patch
+ %chromium-system-libevent.patch)
+ (search-patches
+ "chromium-system-icu.patch"
+ "chromium-disable-api-keys-warning.patch"
+ "chromium-disable-third-party-cookies.patch")))
+ (modules '((srfi srfi-1)
+ (guix build utils)))
+ (snippet
+ '(begin
+ ;; Replace GN files from third_party with shims for building
+ ;; against system libraries. Keep this list in sync with
+ ;; "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("freetype.gn" . "third_party/freetype/BUILD.gn")
+ '("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ ;;'("libxml.gn" . "third_party/libxml/BUILD.gn") ;TODO
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f ; TODO: Maybe run --headless or something.
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it's not recognized when passed.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'remove-bundled-software
+ (lambda _
+ (let ((keep-libs
+ (list
+ ;; Third party folders that cannot be deleted yet.
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/libevent"
+ "base/third_party/nspr"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ; glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "buildtools/third_party/libc++"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/murmurhash"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/boringssl"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/third_party/py_vulcanize"
+ "third_party/catapult/third_party/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/third_party/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ ;; XXX Needed by pdfium since 59.
+ "third_party/freetype"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml" ;FIXME: Unbundle (again).
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/modp_b64"
+ "third_party/mt19937ar"
+ "third_party/node"
+ "third_party/node/node_modules/vulcanize/third_party/UglifyJS2"
+ "third_party/openmax_dl"
+ "third_party/ots"
+ "third_party/pdfium" ;TODO: can be built standalone.
+ "third_party/pdfium/third_party"
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/smhasher"
+ ;; XXX the sources that include this are generated.
+ "third_party/speech-dispatcher"
+ "third_party/spirv-headers"
+ "third_party/spirv-tools-angle"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/vulkan"
+ "third_party/vulkan-validation-layers"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol")))
+ ;; FIXME: implement as source snippet. This traverses
+ ;; any "third_party" directory and deletes files that are:
+ ;; * not ending with ".gn" or ".gni"; or
+ ;; * not explicitly named as argument (folder or file).
+ (zero? (apply system* "python"
+ "build/linux/unbundle/remove_bundled_libraries.py"
+ "--do-remove" keep-libs)))))
+ (add-after 'remove-bundled-software 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/tracked_objects.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (append (find-files "third_party/opus/src/celt")
+ (find-files "third_party/opus/src/src")
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus"))))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute* "breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "is_official_build=false"
+ "is_clang=false"
+ "use_gold=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ "override_build_date=\"01 01 2000 05:00:00\""
+ ;; Don't fail when using deprecated ffmpeg features.
+ "treat_warnings_as_errors=false"
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ; Don't use tcmalloc.
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if necessary.
+ ;; https://www.chromium.org/developers/how-tos/api-keys
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+
+ "use_system_libjpeg=true"
+ ;; This is currently not supported on Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;; "use_system_sqlite=true"
+ "use_gtk3=true"
+ "use_gconf=false" ; deprecated by gsettings
+ "use_gnome_keyring=false" ; deprecated by libsecret
+ "use_xkbcommon=true"
+ "link_pulseaudio=true"
+ "use_openh264=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libjpeg=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ; 2.0
+ "rtc_build_libyuv=true"
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "gcc")
+ (setenv "CXX" "g++")
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (zero? (system* "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v"))
+ ;; Generate ninja build files.
+ (zero? (system* "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " "))))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (zero? (system* "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome"))))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(so|bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (mkdir-p applications)
+ (call-with-output-file (string-append applications
+ "/chromium.desktop")
+ (lambda (port)
+ (format port
+ "[Desktop Entry]~@
+ Name=Chromium~@
+ Comment=~a~@
+ Exec=~a~@
+ Icon=chromium.png~@
+ Type=Application~%" ,synopsis exe)))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p man)
+ (copy-file "chrome.1" (string-append man "/chromium.1"))
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ CHROMIUM_FLAGS=\"--disable-background-networking\"~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\"$CHROMIUM_FLAGS --disable-extensions\"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("git" ,git) ;last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c)
+ ("jsoncpp" ,jsoncpp)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser using the @code{Blink} rendering engine.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; software with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
diff --git a/gnu/packages/patches/chromium-disable-api-keys-warning.patch b/gnu/packages/patches/chromium-disable-api-keys-warning.patch
new file mode 100644
index 000000000..c7e219f40
--- /dev/null
+++ b/gnu/packages/patches/chromium-disable-api-keys-warning.patch
@@ -0,0 +1,17 @@
+Disable warning about missing API keys.
+
+Copied from:
+
+https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/google-api-warning.patch
+
+--- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc
++++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc
+@@ -816,8 +816,6 @@ void StartupBrowserCreatorImpl::AddInfoB
+ !command_line_.HasSwitch(switches::kTestType) &&
+ !command_line_.HasSwitch(switches::kEnableAutomation)) {
+ chrome::ShowBadFlagsPrompt(browser);
+- GoogleApiKeysInfoBarDelegate::Create(InfoBarService::FromWebContents(
+- browser->tab_strip_model()->GetActiveWebContents()));
+ ObsoleteSystemInfoBarDelegate::Create(InfoBarService::FromWebContents(
+ browser->tab_strip_model()->GetActiveWebContents()));
+
diff --git a/gnu/packages/patches/chromium-disable-third-party-cookies.patch b/gnu/packages/patches/chromium-disable-third-party-cookies.patch
new file mode 100644
index 000000000..0694c35f3
--- /dev/null
+++ b/gnu/packages/patches/chromium-disable-third-party-cookies.patch
@@ -0,0 +1,13 @@
+Disable third party cookies by default.
+
+--- a/components/content_settings/core/browser/cookie_settings.cc
++++ b/components/content_settings/core/browser/cookie_settings.cc
+@@ -101,7 +101,7 @@ void CookieSettings::GetCookieSettings(
+ void CookieSettings::RegisterProfilePrefs(
+ user_prefs::PrefRegistrySyncable* registry) {
+ registry->RegisterBooleanPref(
+- prefs::kBlockThirdPartyCookies, false,
++ prefs::kBlockThirdPartyCookies, true,
+ user_prefs::PrefRegistrySyncable::SYNCABLE_PREF);
+ }
+
diff --git a/gnu/packages/patches/chromium-system-icu.patch b/gnu/packages/patches/chromium-system-icu.patch
new file mode 100644
index 000000000..c35c1b75c
--- /dev/null
+++ b/gnu/packages/patches/chromium-system-icu.patch
@@ -0,0 +1,15 @@
+description: maintain compatibility with system icu library
+author: Michael Gilbert <mgilbert@debian.org>
+
+--- a/BUILD.gn
++++ b/BUILD.gn
+@@ -657,8 +657,7 @@ group("gn_all") {
+ }
+ }
+
+- if ((is_linux && !is_chromeos && !is_chromecast) || (is_win && use_drfuzz) ||
+- (use_libfuzzer && is_mac)) {
++ if (false) {
+ deps += [
+ "//testing/libfuzzer/fuzzers",
+ "//testing/libfuzzer/tests:libfuzzer_tests",
--
2.14.2
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-18 22:41 ` Marius Bakke
@ 2017-10-19 5:48 ` ng0
2017-10-24 21:11 ` Marius Bakke
` (2 subsequent siblings)
3 siblings, 0 replies; 91+ messages in thread
From: ng0 @ 2017-10-19 5:48 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 871 bytes --]
Marius Bakke transcribed 37K bytes:
> Ludovic Courtès <ludo@gnu.org> writes:
>
> > I think we should make sure that our package does not call home in any
> > way. That’s what I expect from a security- and privacy-conscious
> > distro.
>
> Currently, it calls home at first launch, prompting for a login. But
> I've verified that it does not send any unsolicited requests for
> subsequent startups, as long as the user does not change the
> command-line flags.
Could the first launch just be a matter of changing what gets
displayed at first launch? At least that's my current plan
for meissa (my fork of Pale Moon), where the default is to
visit a tracker including homepage.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://dist.ng0.infotropique.org/dist/keys/
https://www.infotropique.org https://ng0.infotropique.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-18 22:41 ` Marius Bakke
2017-10-19 5:48 ` ng0
@ 2017-10-24 21:11 ` Marius Bakke
2017-11-05 23:52 ` Marius Bakke
2018-01-04 19:16 ` ng0
3 siblings, 0 replies; 91+ messages in thread
From: Marius Bakke @ 2017-10-24 21:11 UTC (permalink / raw)
To: Leo Famulari; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 447 bytes --]
Marius Bakke <mbakke@fastmail.com> writes:
> Anyway I'm attaching the current iteration of this patch. Chromium 62
> is out today, I'll try to update this weekend and will push it after
> that in lieu of other feedback.
Here is the interdiff for the 62 upgrade. I mixed in some unrelated
changes after reading through Debians 61 refresh[0] and Archs 62
update[1], but overall it was straightforward (apart from the slow
hack-test-fix cycle).
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: chromium-62.diff --]
[-- Type: text/x-patch, Size: 10358 bytes --]
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
index 5693b70ff..f5ee95c2f 100644
--- a/gnu/packages/chromium.scm
+++ b/gnu/packages/chromium.scm
@@ -32,6 +32,7 @@
#:use-module (gnu packages curl)
#:use-module (gnu packages databases)
#:use-module (gnu packages fontutils)
+ #:use-module (gnu packages ghostscript)
#:use-module (gnu packages gl)
#:use-module (gnu packages glib)
#:use-module (gnu packages gnome)
@@ -84,7 +85,7 @@ HTTP(S) URI that returns a file with the given HASH."
,@(package-arguments opus)))))
;; Chromium since 58 depends on an unreleased libvpx. So, we
-;; package the latest master branch as of 2017-10-12.
+;; package the latest master branch as of 2017-10-22.
(define libvpx+experimental
(package
(inherit libvpx)
@@ -92,11 +93,11 @@ HTTP(S) URI that returns a file with the given HASH."
(method git-fetch)
(uri (git-reference
(url "https://chromium.googlesource.com/webm/libvpx")
- (commit "175b36cb6d2811c721d63277ba953ea817f32361")))
+ (commit "b58259ab55674cb028898a0ac9e8fdd3cf1d4b39")))
(file-name "libvpx-for-chromium-checkout")
(sha256
(base32
- "1j8ni29mcj74lfsc0hsha22zzp24ig53iki0id5bdfhzl8q1rpyk"))))
+ "0grx2p7add0qyycqvqiv3djk0i37xrg75phszg5mwnwd3ijv3qzj"))))
;; TODO: Make libvpx configure flags overrideable.
(arguments
`(#:phases
@@ -122,27 +123,15 @@ HTTP(S) URI that returns a file with the given HASH."
(define %chromium-gn-bootstrap.patch
(remote-patch "chromium-gn-bootstrap.patch"
"https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
-chromium/files/chromium-gn-bootstrap-r14.patch?id=\
-900e6203d4015711887137bcd03c913361dbf41f"
- "1050abvq24s1a5vd97d5ljb8bmv0wcdgkj3vk0scygkr1954qy4q"))
-
-(define %chromium-gcc-compat.patch
- (remote-patch "chromium-gcc-compat.patch"
- "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
-chromium/files/chromium-gcc-r1.patch?id=506399c6ac2ace6501429925a608db9d7e502bde"
- "0n5bc1ckq83vlfzh5k3frh7cp7hyhxii89iq2v4jg46lblqgxkqi"))
+chromium/files/chromium-gn-bootstrap-r17.patch?id=\
+5c9cf110bd61fa287a5c536760b5d8ed13f65d52"
+ "12wsq3bs46mvr7cinxvqjmbzymigm8yzf478r08y9l6sd3qij4yq"))
(define %chromium-gcc-5-compat.patch
(remote-patch "chromium-gcc-5-compat.patch"
"https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
-chromium/files/chromium-gcc5-r1.patch?id=506399c6ac2ace6501429925a608db9d7e502bde"
- "0jz9sg24yzimcass3c3myynp3sf2c1rasrcwh7jn1gbbj4yp7j8v"))
-
-(define %chromium-atk-compat.patch
- (remote-patch "chromium-atk-compat.patch"
- "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
-chromium/files/chromium-atk-r1.patch?id=506399c6ac2ace6501429925a608db9d7e502bde"
- "13g9g1k9f3fqpgjhnlqvf5np6m58czr57zq1fqdf5y5nfyxrl3pw"))
+chromium/files/chromium-gcc5-r3.patch?id=5c9cf110bd61fa287a5c536760b5d8ed13f65d52"
+ "0qwl396w2bnc4ww71q3621chh9rfnw1m3w6nbd55sbhq8yz6jnx0"))
(define %chromium-system-nspr.patch
(remote-patch "chromium-system-nspr.patch"
@@ -159,7 +148,7 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
(define-public chromium
(package
(name "chromium")
- (version "61.0.3163.100")
+ (version "62.0.3202.62")
(synopsis "Graphical web browser")
(source (origin
(method url-fetch)
@@ -168,13 +157,12 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
version ".tar.xz"))
(sha256
(base32
- "06r89jim9cq87668ya8wwk69hh17rl04cj94nb9c28v6mj69cda1"))
+ "0qn3pjq5n3ri3qh25wg5gd2as5a8wlkncqvi975xsab771833pz8"))
(patches (append (list %chromium-gn-bootstrap.patch
- %chromium-atk-compat.patch
- %chromium-gcc-compat.patch
%chromium-gcc-5-compat.patch
%chromium-system-nspr.patch
- %chromium-system-libevent.patch)
+ %chromium-system-libevent.patch
+ )
(search-patches
"chromium-system-icu.patch"
"chromium-disable-api-keys-warning.patch"
@@ -271,6 +259,7 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
"third_party/catapult/tracing/third_party/oboe"
"third_party/ced"
"third_party/cld_3"
+ "third_party/crc32c"
"third_party/cros_system_api"
"third_party/dom_distiller_js"
"third_party/fips181"
@@ -307,7 +296,7 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
"third_party/modp_b64"
"third_party/mt19937ar"
"third_party/node"
- "third_party/node/node_modules/vulcanize/third_party/UglifyJS2"
+ "third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2"
"third_party/openmax_dl"
"third_party/ots"
"third_party/pdfium" ;TODO: can be built standalone.
@@ -320,6 +309,7 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
"third_party/sfntly"
"third_party/skia"
"third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
"third_party/smhasher"
;; XXX the sources that include this are generated.
"third_party/speech-dispatcher"
@@ -419,9 +409,14 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
"linux_use_bundled_binutils=false"
"use_custom_libcxx=false"
"use_sysroot=false"
+ "goma_dir=\"\""
+ "use_jumbo_build=true" ;speeds up compilation
+ "enable_precompiled_headers=false"
"remove_webcore_debug_symbols=true"
"enable_iterator_debugging=false"
+ "exclude_unwind_tables=true"
"override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
;; Don't fail when using deprecated ffmpeg features.
"treat_warnings_as_errors=false"
"enable_nacl=false"
@@ -433,8 +428,14 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
"use_official_google_api_keys=false"
;; Disable "field trials".
"fieldtrial_testing_like_official_build=true"
+ "enable_reading_list=false"
+ ;;"enable_reporting=false" ;XXX breaks the build
+ "use_openh264=true"
+ "use_system_freetype=true"
"use_system_libjpeg=true"
+ "use_system_lcms2=true"
+ "use_system_zlib=true"
;; This is currently not supported on Linux:
;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
;; "use_system_sqlite=true"
@@ -443,7 +444,6 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
"use_gnome_keyring=false" ; deprecated by libsecret
"use_xkbcommon=true"
"link_pulseaudio=true"
- "use_openh264=true"
;; Don't arbitrarily restrict formats supported by system ffmpeg.
"proprietary_codecs=true"
@@ -454,7 +454,6 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
;; Don't use bundled sources.
"rtc_build_json=false"
"rtc_build_libevent=false"
- "rtc_build_libjpeg=false"
"rtc_build_libvpx=false"
"rtc_build_opus=false"
"rtc_build_ssl=false"
@@ -595,8 +594,9 @@ plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c76
("gtk+-2" ,gtk+-2)
("gtk+" ,gtk+)
("harfbuzz" ,harfbuzz)
- ("icu4c" ,icu4c)
+ ("icu4c" ,icu4c-59.1)
("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
("libevent" ,libevent)
("libffi" ,libffi)
("libjpeg-turbo" ,libjpeg-turbo)
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 55bc9f203..b12de6ff0 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -80,6 +81,23 @@ C/C++ part.")
(origin-patches (package-source icu4c))
(search-patches "icu4c-CVE-2017-14952.patch")))))))
+(define-public icu4c-59.1
+ (package
+ (inherit icu4c)
+ (version "59.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "http://download.icu-project.org/files/icu4c/"
+ version
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (patches (search-patches "icu4c-CVE-2017-14952.patch"))
+ (sha256
+ (base32
+ "1zkmbg2932ggvpgjp8pys0cj6z8bw087y8858009shkrjfpzscki"))))))
+
(define-public java-icu4j
(package
(name "java-icu4j")
[-- Attachment #1.3: Type: text/plain, Size: 801 bytes --]
Below is the full patch for convenience. I plan to commit it on Friday
or Saturday, after a cosmetic check. Especially the description could
use some work, and the grouping of "configure flags".
One final note for future contributors is that Gentoo[2] is kind-of
upstream for Chromium, as ChromiumOS is based on Portage and I've seen
several Gentoo developers on the Chromium bug tracker. They often have
early compatibility patches (e.g. when it invariably breaks with GCC).
[0] https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/commit/?id=794aa1820460727711e534ea1042db7eebc1601d
[1] https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/chromium&id=6ebdd8085de0b7c8bbc66e47b937271ab4a85fbd
[2] https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium
[-- Attachment #1.4: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 38665 bytes --]
From 021bccfd3fc3bf0e912d27cef9ca2de36346a379 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm: New file.
* gnu/packages/patches/chromium-disable-api-keys-warning.patch,
gnu/packages/patches/chromium-disable-third-party-cookies.patch,
gnu/packages/patches/chromium-system-icu.patch: New files.
* gnu/local.mk: Record it.
* gnu/packages/icu4c.scm (icu-59.1): New variable.
---
gnu/local.mk | 4 +
gnu/packages/chromium.scm | 650 +++++++++++++++++++++
gnu/packages/icu4c.scm | 18 +
.../chromium-disable-api-keys-warning.patch | 17 +
.../chromium-disable-third-party-cookies.patch | 13 +
gnu/packages/patches/chromium-system-icu.patch | 15 +
6 files changed, 717 insertions(+)
create mode 100644 gnu/packages/chromium.scm
create mode 100644 gnu/packages/patches/chromium-disable-api-keys-warning.patch
create mode 100644 gnu/packages/patches/chromium-disable-third-party-cookies.patch
create mode 100644 gnu/packages/patches/chromium-system-icu.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index f2044c985..274dcc87f 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -87,6 +87,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/certs.scm \
%D%/packages/check.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cinnamon.scm \
%D%/packages/cmake.scm \
@@ -560,6 +561,9 @@ dist_patch_DATA = \
%D%/packages/patches/chicken-CVE-2017-6949.patch \
%D%/packages/patches/chicken-CVE-2017-11343.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-disable-api-keys-warning.patch \
+ %D%/packages/patches/chromium-disable-third-party-cookies.patch \
+ %D%/packages/patches/chromium-system-icu.patch \
%D%/packages/patches/clang-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clisp-remove-failing-test.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..f5ee95c2f
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,650 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages ghostscript)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (remote-patch file-name uri hash)
+ "Return an <origin> object with the given FILE-NAME. URI must be a FTP or
+HTTP(S) URI that returns a file with the given HASH."
+ (origin
+ (method url-fetch)
+ (uri uri)
+ (sha256 (base32 hash))
+ (file-name file-name)))
+
+(define opus+custom
+ (package (inherit opus)
+ (arguments
+ `(;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ #:configure-flags '("--enable-custom-modes")
+ ,@(package-arguments opus)))))
+
+;; Chromium since 58 depends on an unreleased libvpx. So, we
+;; package the latest master branch as of 2017-10-22.
+(define libvpx+experimental
+ (package
+ (inherit libvpx)
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libvpx")
+ (commit "b58259ab55674cb028898a0ac9e8fdd3cf1d4b39")))
+ (file-name "libvpx-for-chromium-checkout")
+ (sha256
+ (base32
+ "0grx2p7add0qyycqvqiv3djk0i37xrg75phszg5mwnwd3ijv3qzj"))))
+ ;; TODO: Make libvpx configure flags overrideable.
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (setenv "CONFIG_SHELL" (which "bash"))
+ (let ((out (assoc-ref outputs "out")))
+ (setenv "LDFLAGS"
+ (string-append "-Wl,-rpath=" out "/lib"))
+ (zero? (system* "./configure"
+ "--enable-shared"
+ "--as=yasm"
+ ;; Limit size to avoid CVE-2015-1258
+ "--size-limit=16384x16384"
+ ;; Spatial SVC is an experimental VP9 encoder
+ ;; used by some packages (i.e. Chromium).
+ "--enable-experimental"
+ "--enable-spatial-svc"
+ (string-append "--prefix=" out)))))))
+ #:tests? #f)))) ; No tests.
+
+(define %chromium-gn-bootstrap.patch
+ (remote-patch "chromium-gn-bootstrap.patch"
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
+chromium/files/chromium-gn-bootstrap-r17.patch?id=\
+5c9cf110bd61fa287a5c536760b5d8ed13f65d52"
+ "12wsq3bs46mvr7cinxvqjmbzymigm8yzf478r08y9l6sd3qij4yq"))
+
+(define %chromium-gcc-5-compat.patch
+ (remote-patch "chromium-gcc-5-compat.patch"
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/\
+chromium/files/chromium-gcc5-r3.patch?id=5c9cf110bd61fa287a5c536760b5d8ed13f65d52"
+ "0qwl396w2bnc4ww71q3621chh9rfnw1m3w6nbd55sbhq8yz6jnx0"))
+
+(define %chromium-system-nspr.patch
+ (remote-patch "chromium-system-nspr.patch"
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/\
+plain/debian/patches/system/nspr.patch?id=64458c4216edd82503dc9366e2f4d80ae7c763b0"
+ "0l69sq3w9n5zygykf1gfzp1zfb7gkjk62nnvbrmkn00gzq6cc643"))
+
+(define %chromium-system-libevent.patch
+ (remote-patch "chromium-system-libevent.patch"
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/\
+plain/debian/patches/system/event.patch?id=64458c4216edd82503dc9366e2f4d80ae7c763b0"
+ "0vibc92kwycm8jlyfa49135nq0flm6gkrf8ic76m5rkraclijvn9"))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "62.0.3202.62")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "0qn3pjq5n3ri3qh25wg5gd2as5a8wlkncqvi975xsab771833pz8"))
+ (patches (append (list %chromium-gn-bootstrap.patch
+ %chromium-gcc-5-compat.patch
+ %chromium-system-nspr.patch
+ %chromium-system-libevent.patch
+ )
+ (search-patches
+ "chromium-system-icu.patch"
+ "chromium-disable-api-keys-warning.patch"
+ "chromium-disable-third-party-cookies.patch")))
+ (modules '((srfi srfi-1)
+ (guix build utils)))
+ (snippet
+ '(begin
+ ;; Replace GN files from third_party with shims for building
+ ;; against system libraries. Keep this list in sync with
+ ;; "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("freetype.gn" . "third_party/freetype/BUILD.gn")
+ '("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ ;;'("libxml.gn" . "third_party/libxml/BUILD.gn") ;TODO
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f ; TODO: Maybe run --headless or something.
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it's not recognized when passed.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'remove-bundled-software
+ (lambda _
+ (let ((keep-libs
+ (list
+ ;; Third party folders that cannot be deleted yet.
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/libevent"
+ "base/third_party/nspr"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ; glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "buildtools/third_party/libc++"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/murmurhash"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/boringssl"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/third_party/py_vulcanize"
+ "third_party/catapult/third_party/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/third_party/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/crc32c"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ ;; XXX Needed by pdfium since 59.
+ "third_party/freetype"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml" ;FIXME: Unbundle (again).
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/modp_b64"
+ "third_party/mt19937ar"
+ "third_party/node"
+ "third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2"
+ "third_party/openmax_dl"
+ "third_party/ots"
+ "third_party/pdfium" ;TODO: can be built standalone.
+ "third_party/pdfium/third_party"
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
+ "third_party/smhasher"
+ ;; XXX the sources that include this are generated.
+ "third_party/speech-dispatcher"
+ "third_party/spirv-headers"
+ "third_party/spirv-tools-angle"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/vulkan"
+ "third_party/vulkan-validation-layers"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol")))
+ ;; FIXME: implement as source snippet. This traverses
+ ;; any "third_party" directory and deletes files that are:
+ ;; * not ending with ".gn" or ".gni"; or
+ ;; * not explicitly named as argument (folder or file).
+ (zero? (apply system* "python"
+ "build/linux/unbundle/remove_bundled_libraries.py"
+ "--do-remove" keep-libs)))))
+ (add-after 'remove-bundled-software 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/tracked_objects.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (append (find-files "third_party/opus/src/celt")
+ (find-files "third_party/opus/src/src")
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus"))))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute* "breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "is_official_build=false"
+ "is_clang=false"
+ "use_gold=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "goma_dir=\"\""
+ "use_jumbo_build=true" ;speeds up compilation
+ "enable_precompiled_headers=false"
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ "exclude_unwind_tables=true"
+ "override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
+ ;; Don't fail when using deprecated ffmpeg features.
+ "treat_warnings_as_errors=false"
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ; Don't use tcmalloc.
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if necessary.
+ ;; https://www.chromium.org/developers/how-tos/api-keys
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+ "enable_reading_list=false"
+ ;;"enable_reporting=false" ;XXX breaks the build
+
+ "use_openh264=true"
+ "use_system_freetype=true"
+ "use_system_libjpeg=true"
+ "use_system_lcms2=true"
+ "use_system_zlib=true"
+ ;; This is currently not supported on Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;; "use_system_sqlite=true"
+ "use_gtk3=true"
+ "use_gconf=false" ; deprecated by gsettings
+ "use_gnome_keyring=false" ; deprecated by libsecret
+ "use_xkbcommon=true"
+ "link_pulseaudio=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ; 2.0
+ "rtc_build_libyuv=true"
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "gcc")
+ (setenv "CXX" "g++")
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (zero? (system* "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v"))
+ ;; Generate ninja build files.
+ (zero? (system* "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " "))))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (zero? (system* "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome"))))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(so|bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (mkdir-p applications)
+ (call-with-output-file (string-append applications
+ "/chromium.desktop")
+ (lambda (port)
+ (format port
+ "[Desktop Entry]~@
+ Name=Chromium~@
+ Comment=~a~@
+ Exec=~a~@
+ Icon=chromium.png~@
+ Type=Application~%" ,synopsis exe)))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p man)
+ (copy-file "chrome.1" (string-append man "/chromium.1"))
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ CHROMIUM_FLAGS=\"--disable-background-networking\"~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\"$CHROMIUM_FLAGS --disable-extensions\"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("git" ,git) ;last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c-59.1)
+ ("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser using the @code{Blink} rendering engine.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; software with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 55bc9f203..b12de6ff0 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -80,6 +81,23 @@ C/C++ part.")
(origin-patches (package-source icu4c))
(search-patches "icu4c-CVE-2017-14952.patch")))))))
+(define-public icu4c-59.1
+ (package
+ (inherit icu4c)
+ (version "59.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "http://download.icu-project.org/files/icu4c/"
+ version
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (patches (search-patches "icu4c-CVE-2017-14952.patch"))
+ (sha256
+ (base32
+ "1zkmbg2932ggvpgjp8pys0cj6z8bw087y8858009shkrjfpzscki"))))))
+
(define-public java-icu4j
(package
(name "java-icu4j")
diff --git a/gnu/packages/patches/chromium-disable-api-keys-warning.patch b/gnu/packages/patches/chromium-disable-api-keys-warning.patch
new file mode 100644
index 000000000..c7e219f40
--- /dev/null
+++ b/gnu/packages/patches/chromium-disable-api-keys-warning.patch
@@ -0,0 +1,17 @@
+Disable warning about missing API keys.
+
+Copied from:
+
+https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/google-api-warning.patch
+
+--- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc
++++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc
+@@ -816,8 +816,6 @@ void StartupBrowserCreatorImpl::AddInfoB
+ !command_line_.HasSwitch(switches::kTestType) &&
+ !command_line_.HasSwitch(switches::kEnableAutomation)) {
+ chrome::ShowBadFlagsPrompt(browser);
+- GoogleApiKeysInfoBarDelegate::Create(InfoBarService::FromWebContents(
+- browser->tab_strip_model()->GetActiveWebContents()));
+ ObsoleteSystemInfoBarDelegate::Create(InfoBarService::FromWebContents(
+ browser->tab_strip_model()->GetActiveWebContents()));
+
diff --git a/gnu/packages/patches/chromium-disable-third-party-cookies.patch b/gnu/packages/patches/chromium-disable-third-party-cookies.patch
new file mode 100644
index 000000000..0694c35f3
--- /dev/null
+++ b/gnu/packages/patches/chromium-disable-third-party-cookies.patch
@@ -0,0 +1,13 @@
+Disable third party cookies by default.
+
+--- a/components/content_settings/core/browser/cookie_settings.cc
++++ b/components/content_settings/core/browser/cookie_settings.cc
+@@ -101,7 +101,7 @@ void CookieSettings::GetCookieSettings(
+ void CookieSettings::RegisterProfilePrefs(
+ user_prefs::PrefRegistrySyncable* registry) {
+ registry->RegisterBooleanPref(
+- prefs::kBlockThirdPartyCookies, false,
++ prefs::kBlockThirdPartyCookies, true,
+ user_prefs::PrefRegistrySyncable::SYNCABLE_PREF);
+ }
+
diff --git a/gnu/packages/patches/chromium-system-icu.patch b/gnu/packages/patches/chromium-system-icu.patch
new file mode 100644
index 000000000..c35c1b75c
--- /dev/null
+++ b/gnu/packages/patches/chromium-system-icu.patch
@@ -0,0 +1,15 @@
+description: maintain compatibility with system icu library
+author: Michael Gilbert <mgilbert@debian.org>
+
+--- a/BUILD.gn
++++ b/BUILD.gn
+@@ -657,8 +657,7 @@ group("gn_all") {
+ }
+ }
+
+- if ((is_linux && !is_chromeos && !is_chromecast) || (is_win && use_drfuzz) ||
+- (use_libfuzzer && is_mac)) {
++ if (false) {
+ deps += [
+ "//testing/libfuzzer/fuzzers",
+ "//testing/libfuzzer/tests:libfuzzer_tests",
--
2.14.3
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-18 22:41 ` Marius Bakke
2017-10-19 5:48 ` ng0
2017-10-24 21:11 ` Marius Bakke
@ 2017-11-05 23:52 ` Marius Bakke
2017-11-10 11:33 ` Adonay Felipe Nogueira
2018-01-04 19:16 ` ng0
3 siblings, 1 reply; 91+ messages in thread
From: Marius Bakke @ 2017-11-05 23:52 UTC (permalink / raw)
To: Ludovic Courtès, Leo Famulari; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2173 bytes --]
Marius Bakke <mbakke@fastmail.com> writes:
> Ludovic Courtès <ludo@gnu.org> writes:
>
>> I think we should make sure that our package does not call home in any
>> way. That’s what I expect from a security- and privacy-conscious
>> distro.
>
> Currently, it calls home at first launch, prompting for a login. But
> I've verified that it does not send any unsolicited requests for
> subsequent startups, as long as the user does not change the
> command-line flags.
I tried picking two other Debian patches[0][1] to see if it helped with
the annoying splash screen and decided to verify whether the browser
still "calls home" from a clean profile. The last time I checked was
many versions ago.
After dismissing the sign-in dialog, the "New Tab Page" loads a regular
Google search bar, and "pre-fills" two of the "most commonly used" slots
with Chrome URLs, (still) downloading a bunch of data in the process.
Not great, but maybe we could live with that if it was just for the
first run (it wasn't; had to change search engine to prevent the New Tab
Page from calling the mothership).
To my great surprise, while watching tcpdump from a different window, it
also called home *when I switched windows*. Every time the Chromium
window was activated, some data was sent to Google servers.
Going into settings and toggling the "Use a prediction service to help
complete searches and URLs typed in the address bar" option (to off)
disabled that behaviour.
Not very confidence-instilling.
I'm going to try to incorporate the "Inox Patchset"[2], which is a set
of patches that attempts to remove all such misfeatures from Chromium.
They seem to have managed to stay on top of recent Chromium development,
unlike two other prominent privacy-focused "forks", so I'm optimistic.
But it might take some weeks before the next update. Stay tuned..
[0] <https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/promo.patch>
[1] <https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/external-components.patch>
[2] <https://github.com/gcarq/inox-patchset>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-11-05 23:52 ` Marius Bakke
@ 2017-11-10 11:33 ` Adonay Felipe Nogueira
0 siblings, 0 replies; 91+ messages in thread
From: Adonay Felipe Nogueira @ 2017-11-10 11:33 UTC (permalink / raw)
To: 28004
As a continuation, directory-discuss started to discuss the Chromium
issue once again ([1]).
[1] <https://lists.gnu.org/archive/cgi-bin/namazu.cgi?query=%2Bsubject%3A%7BFSF+opinion+on+chromium%2C+QtWebEngine%2C+electron%7D&submit=Search%21&idxname=directory-discuss&max=20&result=normal&sort=date%3Alate>.
Marius Bakke <mbakke@fastmail.com> writes:
> I tried picking two other Debian patches[0][1] to see if it helped with
> the annoying splash screen and decided to verify whether the browser
> still "calls home" from a clean profile. The last time I checked was
> many versions ago.
>
> After dismissing the sign-in dialog, the "New Tab Page" loads a regular
> Google search bar, and "pre-fills" two of the "most commonly used" slots
> with Chrome URLs, (still) downloading a bunch of data in the process.
>
> Not great, but maybe we could live with that if it was just for the
> first run (it wasn't; had to change search engine to prevent the New Tab
> Page from calling the mothership).
>
> To my great surprise, while watching tcpdump from a different window, it
> also called home *when I switched windows*. Every time the Chromium
> window was activated, some data was sent to Google servers.
>
> Going into settings and toggling the "Use a prediction service to help
> complete searches and URLs typed in the address bar" option (to off)
> disabled that behaviour.
>
> Not very confidence-instilling.
>
> I'm going to try to incorporate the "Inox Patchset"[2], which is a set
> of patches that attempts to remove all such misfeatures from Chromium.
> They seem to have managed to stay on top of recent Chromium development,
> unlike two other prominent privacy-focused "forks", so I'm optimistic.
>
> But it might take some weeks before the next update. Stay tuned..
>
> [0]
> <https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/promo.patch>
> [1]
> <https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/external-components.patch>
> [2] <https://github.com/gcarq/inox-patchset>
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2017-10-18 22:41 ` Marius Bakke
` (2 preceding siblings ...)
2017-11-05 23:52 ` Marius Bakke
@ 2018-01-04 19:16 ` ng0
2018-01-08 21:56 ` Marius Bakke
3 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2018-01-04 19:16 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 11353 bytes --]
Marius Bakke transcribed 37K bytes:
> Ludovic Courtès <ludo@gnu.org> writes:
>
> > I think we should make sure that our package does not call home in any
> > way. That’s what I expect from a security- and privacy-conscious
> > distro.
>
> Currently, it calls home at first launch, prompting for a login. But
> I've verified that it does not send any unsolicited requests for
> subsequent startups, as long as the user does not change the
> command-line flags.
>
> Anyway I'm attaching the current iteration of this patch. Chromium 62
> is out today, I'll try to update this weekend and will push it after
> that in lieu of other feedback.
>
> I would be very happy if someone managed to complete the 62 upgrade
> before me, however! ;-)
>
> From d6e3ef7f28a9bc4ace0c52e09b1e4bdde84e01e0 Mon Sep 17 00:00:00 2001
> From: Marius Bakke <mbakke@fastmail.com>
> Date: Wed, 12 Oct 2016 17:25:05 +0100
> Subject: [PATCH] gnu: Add chromium.
...
> +(define-public chromium
> + (package
> + (name "chromium")
...
> + (substitute* "chrome/common/chrome_paths.cc"
> + (("/usr/share/chromium/extensions")
> + ;; TODO: Add ~/.guix-profile.
> + "/run/current-system/profile/share/chromium/extensions"))
What's the idea behind this? Did you test it? Do you have any guix build-system
using Chromium extensions as an example? So far this completely disables the
installation of any plugins and addons.
> +
> + (substitute* "breakpad/src/common/linux/libcurl_wrapper.h"
> + (("include \"third_party/curl") "include \"curl"))
> + (substitute* "media/base/decode_capabilities.cc"
> + (("third_party/libvpx/source/libvpx/") ""))
> +
> + ;; We don't cross compile most packages, so get rid of the
> + ;; unnecessary ARCH-linux-gnu* prefix.
> + (substitute* "build/toolchain/linux/BUILD.gn"
> + (("aarch64-linux-gnu-") "")
> + (("arm-linux-gnueabihf-") ""))
> + #t))
> + (replace 'configure
> + (lambda* (#:key inputs outputs #:allow-other-keys)
> + (let ((gn-flags
> + (list
> + ;; See tools/gn/docs/cookbook.md and
> + ;; https://www.chromium.org/developers/gn-build-configuration
> + ;; for usage. Run "./gn args . --list" in the Release
> + ;; directory for an exhaustive list of supported flags.
> + "is_debug=false"
> + "is_official_build=false"
> + "is_clang=false"
> + "use_gold=false"
> + "linux_use_bundled_binutils=false"
> + "use_custom_libcxx=false"
> + "use_sysroot=false"
> + "remove_webcore_debug_symbols=true"
> + "enable_iterator_debugging=false"
> + "override_build_date=\"01 01 2000 05:00:00\""
> + ;; Don't fail when using deprecated ffmpeg features.
> + "treat_warnings_as_errors=false"
> + "enable_nacl=false"
> + "enable_nacl_nonsfi=false"
> + "use_allocator=\"none\"" ; Don't use tcmalloc.
> + ;; Don't add any API keys. End users can set them in the
> + ;; environment if necessary.
> + ;; https://www.chromium.org/developers/how-tos/api-keys
> + "use_official_google_api_keys=false"
> + ;; Disable "field trials".
> + "fieldtrial_testing_like_official_build=true"
> +
> + "use_system_libjpeg=true"
> + ;; This is currently not supported on Linux:
> + ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
> + ;; "use_system_sqlite=true"
> + "use_gtk3=true"
> + "use_gconf=false" ; deprecated by gsettings
> + "use_gnome_keyring=false" ; deprecated by libsecret
> + "use_xkbcommon=true"
> + "link_pulseaudio=true"
> + "use_openh264=true"
> +
> + ;; Don't arbitrarily restrict formats supported by system ffmpeg.
> + "proprietary_codecs=true"
> + "ffmpeg_branding=\"Chrome\""
> +
> + ;; WebRTC stuff.
> + "rtc_use_h264=true"
> + ;; Don't use bundled sources.
> + "rtc_build_json=false"
> + "rtc_build_libevent=false"
> + "rtc_build_libjpeg=false"
> + "rtc_build_libvpx=false"
> + "rtc_build_opus=false"
> + "rtc_build_ssl=false"
> + ;; TODO: Package these.
> + "rtc_build_libsrtp=true" ; 2.0
> + "rtc_build_libyuv=true"
> + "rtc_build_openmax_dl=true"
> + "rtc_build_usrsctp=true"
> + (string-append "rtc_jsoncpp_root=\""
> + (assoc-ref inputs "jsoncpp")
> + "/include/jsoncpp/json\"")
> + (string-append "rtc_ssl_root=\""
> + (assoc-ref inputs "openssl")
> + "/include/openssl\""))))
> +
> + ;; XXX: How portable is this.
> + (mkdir-p "third_party/node/linux/node-linux-x64")
> + (symlink (string-append (assoc-ref inputs "node") "/bin")
> + "third_party/node/linux/node-linux-x64/bin")
> +
> + (setenv "CC" "gcc")
> + (setenv "CXX" "g++")
> + ;; TODO: pre-compile instead. Avoids a race condition.
> + (setenv "PYTHONDONTWRITEBYTECODE" "1")
> + (and
> + ;; Build the "gn" tool.
> + (zero? (system* "python"
> + "tools/gn/bootstrap/bootstrap.py" "-s" "-v"))
> + ;; Generate ninja build files.
> + (zero? (system* "./out/Release/gn" "gen" "out/Release"
> + (string-append "--args="
> + (string-join gn-flags " "))))))))
> + (replace 'build
> + (lambda* (#:key outputs #:allow-other-keys)
> + (zero? (system* "ninja" "-C" "out/Release"
> + "-j" (number->string (parallel-job-count))
> + "chrome"))))
> + (replace 'install
> + (lambda* (#:key inputs outputs #:allow-other-keys)
> + (let* ((out (assoc-ref outputs "out"))
> + (bin (string-append out "/bin"))
> + (exe (string-append bin "/chromium"))
> + (lib (string-append out "/lib"))
> + (man (string-append out "/share/man/man1"))
> + (applications (string-append out "/share/applications"))
> + (install-regexp (make-regexp "\\.(so|bin|pak)$"))
> + (locales (string-append lib "/locales"))
> + (resources (string-append lib "/resources"))
> + (gtk+ (assoc-ref inputs "gtk+"))
> + (mesa (assoc-ref inputs "mesa"))
> + (nss (assoc-ref inputs "nss"))
> + (udev (assoc-ref inputs "udev"))
> + (sh (which "sh")))
> +
> + (mkdir-p applications)
> + (call-with-output-file (string-append applications
> + "/chromium.desktop")
> + (lambda (port)
> + (format port
> + "[Desktop Entry]~@
> + Name=Chromium~@
> + Comment=~a~@
> + Exec=~a~@
> + Icon=chromium.png~@
> + Type=Application~%" ,synopsis exe)))
> +
> + (with-directory-excursion "out/Release"
> + (for-each (lambda (file)
> + (install-file file lib))
> + (scandir "." (cut regexp-exec install-regexp <>)))
> + (copy-file "chrome" (string-append lib "/chromium"))
> +
> + ;; TODO: Install icons from "../../chrome/app/themes" into
> + ;; "out/share/icons/hicolor/$size".
> + (install-file
> + "product_logo_48.png"
> + (string-append out "/share/icons/48x48/chromium.png"))
> +
> + (copy-recursively "locales" locales)
> + (copy-recursively "resources" resources)
> +
> + (mkdir-p man)
> + (copy-file "chrome.1" (string-append man "/chromium.1"))
> +
> + (mkdir-p bin)
> + ;; Add a thin wrapper to prevent the user from inadvertently
> + ;; installing non-free software through the Web Store.
> + ;; TODO: Discover extensions from the profile and pass
> + ;; something like "--disable-extensions-except=...".
Same question here.
If you need help, there's at least 3 users of Chromium now. I'd like to read
your ideas on how to solve the TODOs, aswell as: Do you have any unpushed
progress? Maybe we can team collaborate on this huge browser.
> + (call-with-output-file exe
> + (lambda (port)
> + (format port
> + "#!~a~@
> + CHROMIUM_FLAGS=\"--disable-background-networking\"~@
> + if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
> + then~@
> + CHROMIUM_FLAGS=\"$CHROMIUM_FLAGS --disable-extensions\"~@
> + fi~@
> + exec ~a $CHROMIUM_FLAGS \"$@\"~%"
> + sh (string-append lib "/chromium"))))
> + (chmod exe #o755)
> +
> + (wrap-program exe
> + ;; TODO: Get these in RUNPATH.
> + `("LD_LIBRARY_PATH" ":" prefix
> + (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
> + mesa "/lib:" udev "/lib")))
> + ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
> + `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
> + #t)))))))
--
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://c.n0.is/ng0_pubkeys/tree/keys
WWW: https://n0.is/a/ :: https://ea.n0.is
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-04 19:16 ` ng0
@ 2018-01-08 21:56 ` Marius Bakke
2018-01-08 23:20 ` ng0
2018-01-09 6:58 ` ng0
0 siblings, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2018-01-08 21:56 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 2960 bytes --]
ng0 <ng0@n0.is> writes:
>> + (substitute* "chrome/common/chrome_paths.cc"
>> + (("/usr/share/chromium/extensions")
>> + ;; TODO: Add ~/.guix-profile.
>> + "/run/current-system/profile/share/chromium/extensions"))
>
> What's the idea behind this? Did you test it? Do you have any guix build-system
> using Chromium extensions as an example? So far this completely disables the
> installation of any plugins and addons.
The idea is to eventually be able to distribute extensions with Guix. I
added this path mostly to document it, but don't see how keeping the
default makes a difference. If you can place an extension in
/usr/share, you can also copy it to the system profile through your
config.scm, or symlink this location on a foreign distribution.
>> + (mkdir-p bin)
>> + ;; Add a thin wrapper to prevent the user from inadvertently
>> + ;; installing non-free software through the Web Store.
>> + ;; TODO: Discover extensions from the profile and pass
>> + ;; something like "--disable-extensions-except=...".
>
> Same question here.
The Web Store has serious freedom issues, thus we can not enable it by
default. Enabling it *must* be a conscious choice by the end user.
The TODO here is inspired by Debians wrapper script, which enumerates
the location where apt places extensions, and gives that list to
"--disable-extensions-except".
> If you need help, there's at least 3 users of Chromium now. I'd like to read
> your ideas on how to solve the TODOs, aswell as: Do you have any unpushed
> progress? Maybe we can team collaborate on this huge browser.
I do maintain this patch, but unfortunately not in a public repository.
I've attached the latest iteration here (sorry for squashed).
New since the last time are some fixes from the "Inox patchset" that
resolves most of the privacy issues. Namely removing the "login
wizard", changing to sensible defaults, and forcing the "classic" New
Tab Page that does not load a search engine.
Also, all patches have been moved to remote origins.
Testing and feedback welcome!
Currently there are two "important" (blocking?) TODOs left:
* Move the 'delete-bundled-software' phase to a source snippet.
Repacking the ~500MiB compressed tarball is *really* expensive. It
should also aid the licensing situation.
* Delete the two default entries from the "most used" list on the New
Tab page. The first run will download thumbnails for these sites,
leaking data. One of them also leads to the disabled-by-default
store, promoting non-free software.
I'm optimistic that fixing the second item will make the browser not
leak *any* data at launch with the default configuration. Which leads
to a third item: writing a system test that verifies that launching
Chromium does indeed not initiate any network traffic.
Anyway, here is the latest patch:
[-- Attachment #1.2: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 36825 bytes --]
From f813b2d7ec0728a906720fa74bf9f442af6ab10d Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm: New file.
* gnu/local.mk: Record it.
---
gnu/local.mk | 1 +
gnu/packages/chromium.scm | 733 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 734 insertions(+)
create mode 100644 gnu/packages/chromium.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index d4e841921..529fdd2be 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -89,6 +89,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/check.scm \
%D%/packages/chemistry.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cinnamon.scm \
%D%/packages/cmake.scm \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..78cfb3097
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,733 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages ghostscript)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (strip-directory-prefix pathspec)
+ "Return everything after the last '/' in PATHSPEC."
+ (let ((index (string-rindex pathspec #\/)))
+ (if index (string-drop pathspec (+ 1 index))
+ pathspec)))
+
+(define (chromium-patch-file-name pathspec)
+ (let ((patch-name (strip-directory-prefix pathspec)))
+ (if (string-prefix? "chromium-" patch-name)
+ patch-name
+ (string-append "chromium-" patch-name))))
+
+;; https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches
+(define (debian-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git"
+ "/plain/debian/patches/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
+(define (gentoo-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
+ "/chromium/files/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/gcarq/inox-patchset
+(define (inox-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
+ revision "/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+(define opus+custom
+ (package (inherit opus)
+ (arguments
+ `(;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ #:configure-flags '("--enable-custom-modes")
+ ,@(package-arguments opus)))))
+
+;; Chromium since 58 depends on an unreleased libvpx. So, we
+;; package the latest master branch as of 2018-01-07.
+(define libvpx+experimental
+ (package
+ (inherit libvpx)
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libvpx")
+ (commit "bed28a55f593efd3a71a3a9d05cf8bb25d15fa44")))
+ (file-name "libvpx-for-chromium-checkout")
+ (sha256
+ (base32
+ "0h01vmb8awzrb2xwqaz215v73yjdjf67hzdm2yfcz4h4qrvwf817"))))
+ ;; TODO: Make libvpx configure flags overrideable.
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (setenv "CONFIG_SHELL" (which "bash"))
+ (let ((out (assoc-ref outputs "out")))
+ (setenv "LDFLAGS"
+ (string-append "-Wl,-rpath=" out "/lib"))
+ (zero? (system* "./configure"
+ "--enable-shared"
+ "--as=yasm"
+ ;; Limit size to avoid CVE-2015-1258
+ "--size-limit=16384x16384"
+ ;; Spatial SVC is an experimental VP9 encoder
+ ;; used by some packages (i.e. Chromium).
+ "--enable-experimental"
+ "--enable-spatial-svc"
+ (string-append "--prefix=" out)))))))
+ #:tests? #f)))) ; No tests.
+
+(define %chromium-gn-bootstrap.patch
+ (gentoo-patch "chromium-gn-bootstrap-r17.patch"
+ "5c9cf110bd61fa287a5c536760b5d8ed13f65d52"
+ "12wsq3bs46mvr7cinxvqjmbzymigm8yzf478r08y9l6sd3qij4yq"))
+
+(define %chromium-gcc-compat.patch
+ (gentoo-patch "chromium-gcc5-r4.patch"
+ "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
+ "18s152pkqzzw6grxj1m6mp3pc2x3ha2gyayw5hf2nhranak5wlkg"))
+
+(define %chromium-webkit-gcc-compat.patch
+ (gentoo-patch "chromium-gcc5-r5.patch"
+ "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
+ "0z7rggizzg85wfr8zhw0yfwd3q69lsh3yp297s939jgzp66cwwkw"))
+
+(define %chromium-webrtc-gcc-compat.patch
+ (gentoo-patch "chromium-webrtc-r0.patch"
+ "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
+ "0qj5b4w9kav51ylpdf38vm5w7p2gx4qp8p45vrfggp7miicg9cmw"))
+
+(define %chromium-system-nspr.patch
+ (debian-patch "system/nspr.patch"
+ "debian/63.0.3239.40-1"
+ "07a0q3khz77gk0rxzp965pjzhly5r08k019pinss18xc1caj971s"))
+
+(define %chromium-system-libevent.patch
+ (debian-patch "system/event.patch"
+ "debian/63.0.3239.40-1"
+ "0604ia06w40zn66d85in03xg3hd6144y8b222kzyc9nzhq3xm2pc"))
+
+(define %chromium-system-icu.patch
+ (debian-patch "system/icu.patch"
+ "debian/63.0.3239.40-1"
+ "0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv"))
+
+(define %chromium-disable-api-keys-warning.patch
+ (debian-patch "disable/google-api-warning.patch"
+ "36794e57f1f97068640c6845dbeb9291155893c0"
+ "11llghxm0a75kb8fnpy6ky8ix4f1kk7n0c0zfcpwxsx05pask11m"))
+
+(define %chromium-external-components.patch
+ (debian-patch "disable/external-components.patch"
+ "debian/63.0.3239.40-1"
+ "1i3b801hjafxv7djk7cl7nj2skxid0vysf12yjr364db949f164l"))
+
+(define %chromium-duckduckgo.patch
+ (inox-patch "0011-add-duckduckgo-search-engine.patch"
+ "5af0e6187c22471b8cb803f6dda6738f23a530e7"
+ "0p8x98g71ngkd3wbl5q36wrl18ff185sfrr5fcwjbgrv3v7r6ra7"))
+
+;; Don't start a "Login Wizard" at first launch.
+(define %chromium-first-run.patch
+ (inox-patch "0018-disable-first-run-behaviour.patch"
+ "3336bb286ea054271ac2199cf374e96c64ed53cf"
+ "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
+
+;; Use privacy-preserving defaults.
+(define %chromium-default-preferences.patch
+ (inox-patch "0006-modify-default-prefs.patch"
+ "3336bb286ea054271ac2199cf374e96c64ed53cf"
+ "1h8ycmn00yvciq3r5jcdqmsl4grqv8izgwi6a20kijz2baxxr888"))
+
+;; Recent versions of Chromium may load a remote search engine on the
+;; New Tab Page, causing unnecessary and involuntary network traffic.
+(define %chromium-restore-classic-ntp.patch
+ (inox-patch "0008-restore-classic-ntp.patch"
+ "2f60b788bff89bde11ac802d4c19093661cd23f7"
+ "00icvb0r1p3s7i2xy8kv1lpam96cxgn6c3s9bc6wv3dpi3d722p2"))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "63.0.3239.132")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "139x3cbc5pa14x69493ic8i2ank12c9fwiq6pqm11aps88n6ri44"))
+ (patches (list ;%chromium-gn-bootstrap.patch
+ %chromium-gcc-compat.patch
+ %chromium-webkit-gcc-compat.patch
+ %chromium-webrtc-gcc-compat.patch
+ %chromium-duckduckgo.patch
+ %chromium-default-preferences.patch
+ %chromium-first-run.patch
+ %chromium-restore-classic-ntp.patch
+ %chromium-system-icu.patch
+ %chromium-system-nspr.patch
+ %chromium-system-libevent.patch
+ %chromium-disable-api-keys-warning.patch))
+ (modules '((srfi srfi-1)
+ (guix build utils)))
+ (snippet
+ '(begin
+ ;; Replace GN files from third_party with shims for building
+ ;; against system libraries. Keep this list in sync with
+ ;; "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("freetype.gn" . "third_party/freetype/BUILD.gn")
+ ;; XXX: This broke in 63.
+ ;;'("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ ;;'("libxml.gn" . "third_party/libxml/BUILD.gn") ;TODO
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it's not recognized when passed.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'remove-bundled-software
+ (lambda _
+ (let ((keep-libs
+ (list
+ ;; Third party folders that cannot be deleted yet.
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/libevent"
+ "base/third_party/nspr"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ; glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "buildtools/third_party/libc++"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/smhasher"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/blink"
+ "third_party/boringssl"
+ "third_party/breakpad"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/catapult/tracing/third_party/pako"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/crc32c"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ ;; XXX Needed by pdfium since 59.
+ "third_party/freetype"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/harfbuzz-ng" ;XXX why is this required in 63+
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml" ;FIXME: Unbundle (again).
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/modp_b64"
+ "third_party/mt19937ar"
+ "third_party/node"
+ "third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2"
+ "third_party/openmax_dl"
+ "third_party/ots"
+ "third_party/pdfium"
+ "third_party/pdfium/third_party"
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
+ "third_party/smhasher"
+ "third_party/speech-dispatcher"
+ "third_party/spirv-headers"
+ "third_party/spirv-tools-angle"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/vulkan"
+ "third_party/vulkan-validation-layers"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol")))
+ ;; FIXME: implement as source snippet. This traverses
+ ;; any "third_party" directory and deletes files that are:
+ ;; * not ending with ".gn" or ".gni"; or
+ ;; * not explicitly named as argument (folder or file).
+ (zero? (apply system* "python"
+ "build/linux/unbundle/remove_bundled_libraries.py"
+ "--do-remove" keep-libs)))))
+ (add-after 'remove-bundled-software 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (append (find-files "third_party/opus/src/celt")
+ (find-files "third_party/opus/src/src")
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus"))))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute*
+ "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "is_official_build=false"
+ "is_clang=false"
+ "use_gold=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "goma_dir=\"\""
+ "enable_precompiled_headers=false"
+ "use_jumbo_build=true" ;speeds up build
+ ;; Use a deterministic version identifier.
+ "override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
+ ;; Disable debugging features to save space.
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ ;; Don't fail when using deprecated ffmpeg features.
+ "treat_warnings_as_errors=false"
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ;don't use tcmalloc
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if necessary.
+ ;; https://www.chromium.org/developers/how-tos/api-keys
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+
+ "use_system_freetype=true"
+ ;; FIXME: Try enabling this for 63+.
+ ;;"use_system_harfbuzz=true"
+ "use_system_libjpeg=true"
+ "use_system_lcms2=true"
+ "use_system_zlib=true"
+ ;; This is currently not supported on Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;; "use_system_sqlite=true"
+ "use_gconf=false" ; deprecated by gsettings
+ "use_gnome_keyring=false" ; deprecated by libsecret
+ "use_gtk3=true"
+ "use_openh264=true"
+ "use_xkbcommon=true"
+ "link_pulseaudio=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ; 2.0
+ "rtc_build_libyuv=true"
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "gcc")
+ (setenv "CXX" "g++")
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (zero? (system* "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v"))
+ ;; Generate ninja build files.
+ (zero? (system* "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " "))))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (zero? (system* "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome"))))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (substitute* '("chrome/app/resources/manpage.1.in"
+ "chrome/installer/linux/common/desktop.template")
+ (("@@MENUNAME@@") "Chromium")
+ (("@@PACKAGE@@") "chromium")
+ (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
+ (mkdir-p man)
+ (copy-file "chrome/app/resources/manpage.1.in"
+ (string-append man "/chromium.1"))
+ (mkdir-p applications)
+ (copy-file "chrome/installer/linux/common/desktop.template"
+ (string-append applications "/chromium.desktop"))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\" \\~@
+ --disable-background-networking \\~@
+ --disable-extensions \\~@
+ \"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("git" ,git) ;last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c-59.1)
+ ("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser using the @code{Blink} rendering engine.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; software with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
--
2.15.1
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-08 21:56 ` Marius Bakke
@ 2018-01-08 23:20 ` ng0
2018-01-08 23:40 ` Marius Bakke
2018-01-12 0:09 ` Marius Bakke
2018-01-09 6:58 ` ng0
1 sibling, 2 replies; 91+ messages in thread
From: ng0 @ 2018-01-08 23:20 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 42558 bytes --]
Marius Bakke transcribed 39K bytes:
> ng0 <ng0@n0.is> writes:
>
> >> + (substitute* "chrome/common/chrome_paths.cc"
> >> + (("/usr/share/chromium/extensions")
> >> + ;; TODO: Add ~/.guix-profile.
> >> + "/run/current-system/profile/share/chromium/extensions"))
> >
> > What's the idea behind this? Did you test it? Do you have any guix build-system
> > using Chromium extensions as an example? So far this completely disables the
> > installation of any plugins and addons.
>
> The idea is to eventually be able to distribute extensions with Guix. I
> added this path mostly to document it, but don't see how keeping the
> default makes a difference. If you can place an extension in
> /usr/share, you can also copy it to the system profile through your
> config.scm, or symlink this location on a foreign distribution.
>
> >> + (mkdir-p bin)
> >> + ;; Add a thin wrapper to prevent the user from inadvertently
> >> + ;; installing non-free software through the Web Store.
> >> + ;; TODO: Discover extensions from the profile and pass
> >> + ;; something like "--disable-extensions-except=...".
> >
> > Same question here.
>
> The Web Store has serious freedom issues, thus we can not enable it by
> default. Enabling it *must* be a conscious choice by the end user.
>
> The TODO here is inspired by Debians wrapper script, which enumerates
> the location where apt places extensions, and gives that list to
> "--disable-extensions-except".
>
> > If you need help, there's at least 3 users of Chromium now. I'd like to read
Actually more than 3: I have to make chromium accessible for work we agreed
on in GNU Taler (where the "How should we package extensions in a way that
works" comes in important, not just as a PoC/TODO).
> > your ideas on how to solve the TODOs, aswell as: Do you have any unpushed
> > progress? Maybe we can team collaborate on this huge browser.
>
> I do maintain this patch, but unfortunately not in a public repository.
Ah, ok.
> I've attached the latest iteration here (sorry for squashed).
Thanks
> New since the last time are some fixes from the "Inox patchset" that
> resolves most of the privacy issues. Namely removing the "login
> wizard", changing to sensible defaults, and forcing the "classic" New
> Tab Page that does not load a search engine.
Cool!
> Also, all patches have been moved to remote origins.
>
> Testing and feedback welcome!
I'll build it tomorrow or tonight (whenever my build of linux-mainline to
search for fixes for the i915 issue finishes) and report back.
So far I'um using your version 58and it works for me :)
> Currently there are two "important" (blocking?) TODOs left:
>
> * Move the 'delete-bundled-software' phase to a source snippet.
> Repacking the ~500MiB compressed tarball is *really* expensive. It
Yep. It takes a verrry long time, I've noticed this when I started
working on Chromium.
> should also aid the licensing situation.
> * Delete the two default entries from the "most used" list on the New
> Tab page. The first run will download thumbnails for these sites,
> leaking data. One of them also leads to the disabled-by-default
> store, promoting non-free software.
>
> I'm optimistic that fixing the second item will make the browser not
> leak *any* data at launch with the default configuration. Which leads
> to a third item: writing a system test that verifies that launching
> Chromium does indeed not initiate any network traffic.
>
> Anyway, here is the latest patch:
>
> From f813b2d7ec0728a906720fa74bf9f442af6ab10d Mon Sep 17 00:00:00 2001
> From: Marius Bakke <mbakke@fastmail.com>
> Date: Wed, 12 Oct 2016 17:25:05 +0100
> Subject: [PATCH] gnu: Add chromium.
>
> * gnu/packages/chromium.scm: New file.
> * gnu/local.mk: Record it.
> ---
> gnu/local.mk | 1 +
> gnu/packages/chromium.scm | 733 ++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 734 insertions(+)
> create mode 100644 gnu/packages/chromium.scm
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index d4e841921..529fdd2be 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -89,6 +89,7 @@ GNU_SYSTEM_MODULES = \
> %D%/packages/check.scm \
> %D%/packages/chemistry.scm \
> %D%/packages/chez.scm \
> + %D%/packages/chromium.scm \
> %D%/packages/ci.scm \
> %D%/packages/cinnamon.scm \
> %D%/packages/cmake.scm \
> diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
> new file mode 100644
> index 000000000..78cfb3097
> --- /dev/null
> +++ b/gnu/packages/chromium.scm
> @@ -0,0 +1,733 @@
> +;;; GNU Guix --- Functional package management for GNU
> +;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
> +;;;
> +;;; This file is part of GNU Guix.
> +;;;
> +;;; GNU Guix is free software; you can redistribute it and/or modify it
> +;;; under the terms of the GNU General Public License as published by
> +;;; the Free Software Foundation; either version 3 of the License, or (at
> +;;; your option) any later version.
> +;;;
> +;;; GNU Guix is distributed in the hope that it will be useful, but
> +;;; WITHOUT ANY WARRANTY; without even the implied warranty of
> +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +;;; GNU General Public License for more details.
> +;;;
> +;;; You should have received a copy of the GNU General Public License
> +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
> +
> +(define-module (gnu packages chromium)
> + #:use-module ((guix licenses) #:prefix license:)
> + #:use-module (guix packages)
> + #:use-module (guix download)
> + #:use-module (guix git-download)
> + #:use-module (guix utils)
> + #:use-module (guix build-system gnu)
> + #:use-module (gnu packages)
> + #:use-module (gnu packages assembly)
> + #:use-module (gnu packages base)
> + #:use-module (gnu packages bison)
> + #:use-module (gnu packages compression)
> + #:use-module (gnu packages cups)
> + #:use-module (gnu packages curl)
> + #:use-module (gnu packages databases)
> + #:use-module (gnu packages fontutils)
> + #:use-module (gnu packages ghostscript)
> + #:use-module (gnu packages gl)
> + #:use-module (gnu packages glib)
> + #:use-module (gnu packages gnome)
> + #:use-module (gnu packages gnuzilla)
> + #:use-module (gnu packages gperf)
> + #:use-module (gnu packages gtk)
> + #:use-module (gnu packages icu4c)
> + #:use-module (gnu packages image)
> + #:use-module (gnu packages libevent)
> + #:use-module (gnu packages libffi)
> + #:use-module (gnu packages libusb)
> + #:use-module (gnu packages linux)
> + #:use-module (gnu packages kerberos)
> + #:use-module (gnu packages ninja)
> + #:use-module (gnu packages node)
> + #:use-module (gnu packages pciutils)
> + #:use-module (gnu packages photo)
> + #:use-module (gnu packages pkg-config)
> + #:use-module (gnu packages protobuf)
> + #:use-module (gnu packages pulseaudio)
> + #:use-module (gnu packages python)
> + #:use-module (gnu packages python-web)
> + #:use-module (gnu packages regex)
> + #:use-module (gnu packages serialization)
> + #:use-module (gnu packages speech)
> + #:use-module (gnu packages tls)
> + #:use-module (gnu packages valgrind)
> + #:use-module (gnu packages version-control)
> + #:use-module (gnu packages video)
> + #:use-module (gnu packages xiph)
> + #:use-module (gnu packages xml)
> + #:use-module (gnu packages xdisorg)
> + #:use-module (gnu packages xorg))
> +
> +(define (strip-directory-prefix pathspec)
> + "Return everything after the last '/' in PATHSPEC."
> + (let ((index (string-rindex pathspec #\/)))
> + (if index (string-drop pathspec (+ 1 index))
> + pathspec)))
> +
> +(define (chromium-patch-file-name pathspec)
> + (let ((patch-name (strip-directory-prefix pathspec)))
> + (if (string-prefix? "chromium-" patch-name)
> + patch-name
> + (string-append "chromium-" patch-name))))
> +
> +;; https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches
> +(define (debian-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append
> + "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git"
> + "/plain/debian/patches/" pathspec "?id=" revision))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
> +(define (gentoo-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append
> + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
> + "/chromium/files/" pathspec "?id=" revision))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; https://github.com/gcarq/inox-patchset
> +(define (inox-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
> + revision "/" pathspec))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +(define opus+custom
> + (package (inherit opus)
> + (arguments
> + `(;; Opus Custom is an optional extension of the Opus
> + ;; specification that allows for unsupported frame
> + ;; sizes. Chromium requires that this is enabled.
> + #:configure-flags '("--enable-custom-modes")
> + ,@(package-arguments opus)))))
> +
> +;; Chromium since 58 depends on an unreleased libvpx. So, we
> +;; package the latest master branch as of 2018-01-07.
> +(define libvpx+experimental
> + (package
> + (inherit libvpx)
> + (source (origin
> + (method git-fetch)
> + (uri (git-reference
> + (url "https://chromium.googlesource.com/webm/libvpx")
> + (commit "bed28a55f593efd3a71a3a9d05cf8bb25d15fa44")))
> + (file-name "libvpx-for-chromium-checkout")
> + (sha256
> + (base32
> + "0h01vmb8awzrb2xwqaz215v73yjdjf67hzdm2yfcz4h4qrvwf817"))))
> + ;; TODO: Make libvpx configure flags overrideable.
> + (arguments
> + `(#:phases
> + (modify-phases %standard-phases
> + (replace 'configure
> + (lambda* (#:key outputs #:allow-other-keys)
> + (setenv "CONFIG_SHELL" (which "bash"))
> + (let ((out (assoc-ref outputs "out")))
> + (setenv "LDFLAGS"
> + (string-append "-Wl,-rpath=" out "/lib"))
> + (zero? (system* "./configure"
> + "--enable-shared"
> + "--as=yasm"
> + ;; Limit size to avoid CVE-2015-1258
> + "--size-limit=16384x16384"
> + ;; Spatial SVC is an experimental VP9 encoder
> + ;; used by some packages (i.e. Chromium).
> + "--enable-experimental"
> + "--enable-spatial-svc"
> + (string-append "--prefix=" out)))))))
> + #:tests? #f)))) ; No tests.
> +
> +(define %chromium-gn-bootstrap.patch
> + (gentoo-patch "chromium-gn-bootstrap-r17.patch"
> + "5c9cf110bd61fa287a5c536760b5d8ed13f65d52"
> + "12wsq3bs46mvr7cinxvqjmbzymigm8yzf478r08y9l6sd3qij4yq"))
> +
> +(define %chromium-gcc-compat.patch
> + (gentoo-patch "chromium-gcc5-r4.patch"
> + "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
> + "18s152pkqzzw6grxj1m6mp3pc2x3ha2gyayw5hf2nhranak5wlkg"))
> +
> +(define %chromium-webkit-gcc-compat.patch
> + (gentoo-patch "chromium-gcc5-r5.patch"
> + "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
> + "0z7rggizzg85wfr8zhw0yfwd3q69lsh3yp297s939jgzp66cwwkw"))
> +
> +(define %chromium-webrtc-gcc-compat.patch
> + (gentoo-patch "chromium-webrtc-r0.patch"
> + "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
> + "0qj5b4w9kav51ylpdf38vm5w7p2gx4qp8p45vrfggp7miicg9cmw"))
> +
> +(define %chromium-system-nspr.patch
> + (debian-patch "system/nspr.patch"
> + "debian/63.0.3239.40-1"
> + "07a0q3khz77gk0rxzp965pjzhly5r08k019pinss18xc1caj971s"))
> +
> +(define %chromium-system-libevent.patch
> + (debian-patch "system/event.patch"
> + "debian/63.0.3239.40-1"
> + "0604ia06w40zn66d85in03xg3hd6144y8b222kzyc9nzhq3xm2pc"))
> +
> +(define %chromium-system-icu.patch
> + (debian-patch "system/icu.patch"
> + "debian/63.0.3239.40-1"
> + "0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv"))
> +
> +(define %chromium-disable-api-keys-warning.patch
> + (debian-patch "disable/google-api-warning.patch"
> + "36794e57f1f97068640c6845dbeb9291155893c0"
> + "11llghxm0a75kb8fnpy6ky8ix4f1kk7n0c0zfcpwxsx05pask11m"))
> +
> +(define %chromium-external-components.patch
> + (debian-patch "disable/external-components.patch"
> + "debian/63.0.3239.40-1"
> + "1i3b801hjafxv7djk7cl7nj2skxid0vysf12yjr364db949f164l"))
> +
> +(define %chromium-duckduckgo.patch
> + (inox-patch "0011-add-duckduckgo-search-engine.patch"
> + "5af0e6187c22471b8cb803f6dda6738f23a530e7"
> + "0p8x98g71ngkd3wbl5q36wrl18ff185sfrr5fcwjbgrv3v7r6ra7"))
> +
> +;; Don't start a "Login Wizard" at first launch.
> +(define %chromium-first-run.patch
> + (inox-patch "0018-disable-first-run-behaviour.patch"
> + "3336bb286ea054271ac2199cf374e96c64ed53cf"
> + "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
> +
> +;; Use privacy-preserving defaults.
> +(define %chromium-default-preferences.patch
> + (inox-patch "0006-modify-default-prefs.patch"
> + "3336bb286ea054271ac2199cf374e96c64ed53cf"
> + "1h8ycmn00yvciq3r5jcdqmsl4grqv8izgwi6a20kijz2baxxr888"))
> +
> +;; Recent versions of Chromium may load a remote search engine on the
> +;; New Tab Page, causing unnecessary and involuntary network traffic.
> +(define %chromium-restore-classic-ntp.patch
> + (inox-patch "0008-restore-classic-ntp.patch"
> + "2f60b788bff89bde11ac802d4c19093661cd23f7"
> + "00icvb0r1p3s7i2xy8kv1lpam96cxgn6c3s9bc6wv3dpi3d722p2"))
> +
> +(define-public chromium
> + (package
> + (name "chromium")
> + (version "63.0.3239.132")
> + (synopsis "Graphical web browser")
> + (source (origin
> + (method url-fetch)
> + (uri (string-append "https://commondatastorage.googleapis.com/"
> + "chromium-browser-official/chromium-"
> + version ".tar.xz"))
> + (sha256
> + (base32
> + "139x3cbc5pa14x69493ic8i2ank12c9fwiq6pqm11aps88n6ri44"))
> + (patches (list ;%chromium-gn-bootstrap.patch
> + %chromium-gcc-compat.patch
> + %chromium-webkit-gcc-compat.patch
> + %chromium-webrtc-gcc-compat.patch
> + %chromium-duckduckgo.patch
> + %chromium-default-preferences.patch
> + %chromium-first-run.patch
> + %chromium-restore-classic-ntp.patch
> + %chromium-system-icu.patch
> + %chromium-system-nspr.patch
> + %chromium-system-libevent.patch
> + %chromium-disable-api-keys-warning.patch))
> + (modules '((srfi srfi-1)
> + (guix build utils)))
> + (snippet
> + '(begin
> + ;; Replace GN files from third_party with shims for building
> + ;; against system libraries. Keep this list in sync with
> + ;; "build/linux/unbundle/replace_gn_files.py".
> + (for-each (lambda (pair)
> + (let ((source (string-append
> + "build/linux/unbundle/" (car pair)))
> + (dest (cdr pair)))
> + (copy-file source dest)))
> + (list
> + '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
> + '("flac.gn" . "third_party/flac/BUILD.gn")
> + '("freetype.gn" . "third_party/freetype/BUILD.gn")
> + ;; XXX: This broke in 63.
> + ;;'("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
> + '("icu.gn" . "third_party/icu/BUILD.gn")
> + '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
> + '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
> + '("libjpeg.gn" .
> + "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
> + '("libpng.gn" . "third_party/libpng/BUILD.gn")
> + '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
> + '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
> + ;;'("libxml.gn" . "third_party/libxml/BUILD.gn") ;TODO
> + '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
> + '("openh264.gn" . "third_party/openh264/BUILD.gn")
> + '("opus.gn" . "third_party/opus/BUILD.gn")
> + '("re2.gn" . "third_party/re2/BUILD.gn")
> + '("snappy.gn" . "third_party/snappy/BUILD.gn")
> + '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
> + '("zlib.gn" . "third_party/zlib/BUILD.gn")))
> + #t))))
> + (build-system gnu-build-system)
> + (arguments
> + `(#:tests? #f
> + ;; FIXME: There is a "gn" option specifically for setting -rpath, but
> + ;; it's not recognized when passed.
> + #:validate-runpath? #f
> + #:modules ((srfi srfi-26)
> + (ice-9 ftw)
> + (ice-9 regex)
> + (guix build gnu-build-system)
> + (guix build utils))
> + #:phases
> + (modify-phases %standard-phases
> + (add-after 'unpack 'remove-bundled-software
> + (lambda _
> + (let ((keep-libs
> + (list
> + ;; Third party folders that cannot be deleted yet.
> + "base/third_party/dmg_fp"
> + "base/third_party/dynamic_annotations"
> + "base/third_party/icu"
> + "base/third_party/libevent"
> + "base/third_party/nspr"
> + "base/third_party/superfasthash"
> + "base/third_party/symbolize" ; glog
> + "base/third_party/xdg_mime"
> + "base/third_party/xdg_user_dirs"
> + "buildtools/third_party/libc++"
> + "chrome/third_party/mozilla_security_manager"
> + "courgette/third_party"
> + "net/third_party/mozilla_security_manager"
> + "net/third_party/nss"
> + "third_party/adobe/flash/flapper_version.h"
> + ;; FIXME: This is used in:
> + ;; * ui/webui/resources/js/analytics.js
> + ;; * ui/file_manager/
> + "third_party/analytics"
> + "third_party/angle"
> + "third_party/angle/src/common/third_party/base"
> + "third_party/angle/src/common/third_party/smhasher"
> + "third_party/angle/src/third_party/compiler"
> + "third_party/angle/src/third_party/libXNVCtrl"
> + "third_party/angle/src/third_party/trace_event"
> + "third_party/blink"
> + "third_party/boringssl"
> + "third_party/breakpad"
> + "third_party/brotli"
> + "third_party/cacheinvalidation"
> + "third_party/catapult"
> + "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
> + "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
> + "third_party/catapult/third_party/polymer"
> + "third_party/catapult/tracing/third_party/d3"
> + "third_party/catapult/tracing/third_party/gl-matrix"
> + "third_party/catapult/tracing/third_party/jszip"
> + "third_party/catapult/tracing/third_party/mannwhitneyu"
> + "third_party/catapult/tracing/third_party/oboe"
> + "third_party/catapult/tracing/third_party/pako"
> + "third_party/ced"
> + "third_party/cld_3"
> + "third_party/crc32c"
> + "third_party/cros_system_api"
> + "third_party/dom_distiller_js"
> + "third_party/fips181"
> + "third_party/flatbuffers"
> + ;; XXX Needed by pdfium since 59.
> + "third_party/freetype"
> + "third_party/glslang-angle"
> + "third_party/google_input_tools"
> + "third_party/google_input_tools/third_party/closure_library"
> + (string-append "third_party/google_input_tools/third_party"
> + "/closure_library/third_party/closure")
> + "third_party/googletest"
> + "third_party/harfbuzz-ng" ;XXX why is this required in 63+
> + "third_party/hunspell"
> + "third_party/iccjpeg"
> + "third_party/inspector_protocol"
> + "third_party/jinja2"
> + "third_party/jstemplate"
> + "third_party/khronos"
> + "third_party/leveldatabase"
> + "third_party/libXNVCtrl"
> + "third_party/libaddressinput"
> + "third_party/libjingle_xmpp"
> + "third_party/libphonenumber"
> + "third_party/libsecret" ;FIXME: needs pkg-config support.
> + "third_party/libsrtp" ;TODO: Requires libsrtp@2.
> + "third_party/libudev"
> + "third_party/libwebm"
> + "third_party/libxml" ;FIXME: Unbundle (again).
> + "third_party/libyuv"
> + "third_party/lss"
> + "third_party/lzma_sdk"
> + "third_party/markupsafe"
> + "third_party/mesa"
> + "third_party/modp_b64"
> + "third_party/mt19937ar"
> + "third_party/node"
> + "third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2"
> + "third_party/openmax_dl"
> + "third_party/ots"
> + "third_party/pdfium"
> + "third_party/pdfium/third_party"
> + "third_party/ply"
> + "third_party/polymer"
> + "third_party/protobuf"
> + "third_party/protobuf/third_party/six"
> + "third_party/qcms"
> + "third_party/sfntly"
> + "third_party/skia"
> + "third_party/skia/third_party/vulkan"
> + "third_party/skia/third_party/gif"
> + "third_party/smhasher"
> + "third_party/speech-dispatcher"
> + "third_party/spirv-headers"
> + "third_party/spirv-tools-angle"
> + "third_party/sqlite"
> + "third_party/swiftshader"
> + "third_party/swiftshader/third_party"
> + "third_party/usb_ids"
> + "third_party/usrsctp"
> + "third_party/vulkan"
> + "third_party/vulkan-validation-layers"
> + "third_party/WebKit"
> + "third_party/web-animations-js"
> + "third_party/webrtc"
> + "third_party/widevine/cdm/widevine_cdm_version.h"
> + "third_party/widevine/cdm/widevine_cdm_common.h"
> + "third_party/woff2"
> + "third_party/xdg-utils"
> + "third_party/yasm/run_yasm.py"
> + "third_party/zlib/google"
> + "url/third_party/mozilla"
> + "v8/src/third_party/valgrind"
> + "v8/third_party/inspector_protocol")))
> + ;; FIXME: implement as source snippet. This traverses
> + ;; any "third_party" directory and deletes files that are:
> + ;; * not ending with ".gn" or ".gni"; or
> + ;; * not explicitly named as argument (folder or file).
> + (zero? (apply system* "python"
> + "build/linux/unbundle/remove_bundled_libraries.py"
> + "--do-remove" keep-libs)))))
> + (add-after 'remove-bundled-software 'patch-stuff
> + (lambda* (#:key inputs #:allow-other-keys)
> + (substitute* "printing/cups_config_helper.py"
> + (("cups_config =.*")
> + (string-append "cups_config = '" (assoc-ref inputs "cups")
> + "/bin/cups-config'\n")))
> +
> + (substitute*
> + '("base/process/launch_posix.cc"
> + "base/third_party/dynamic_annotations/dynamic_annotations.c"
> + "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
> + "sandbox/linux/services/credentials.cc"
> + "sandbox/linux/services/namespace_utils.cc"
> + "sandbox/linux/services/syscall_wrappers.cc"
> + "sandbox/linux/syscall_broker/broker_host.cc")
> + (("include \"base/third_party/valgrind/") "include \"valgrind/"))
> +
> + (for-each (lambda (file)
> + (substitute* file
> + ;; Fix opus include path.
> + ;; Do not substitute opus_private.h.
> + (("#include \"opus\\.h\"")
> + "#include \"opus/opus.h\"")
> + (("#include \"opus_custom\\.h\"")
> + "#include \"opus/opus_custom.h\"")
> + (("#include \"opus_defines\\.h\"")
> + "#include \"opus/opus_defines.h\"")
> + (("#include \"opus_multistream\\.h\"")
> + "#include \"opus/opus_multistream.h\"")
> + (("#include \"opus_types\\.h\"")
> + "#include \"opus/opus_types.h\"")))
> + (append (find-files "third_party/opus/src/celt")
> + (find-files "third_party/opus/src/src")
> + (find-files (string-append "third_party/webrtc/modules"
> + "/audio_coding/codecs/opus"))))
> +
> + (substitute* "chrome/common/chrome_paths.cc"
> + (("/usr/share/chromium/extensions")
> + ;; TODO: Add ~/.guix-profile.
> + "/run/current-system/profile/share/chromium/extensions"))
> +
> + (substitute*
> + "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
> + (("include \"third_party/curl") "include \"curl"))
> + (substitute* "media/base/decode_capabilities.cc"
> + (("third_party/libvpx/source/libvpx/") ""))
> +
> + ;; We don't cross compile most packages, so get rid of the
> + ;; unnecessary ARCH-linux-gnu* prefix.
> + (substitute* "build/toolchain/linux/BUILD.gn"
> + (("aarch64-linux-gnu-") "")
> + (("arm-linux-gnueabihf-") ""))
> + #t))
> + (replace 'configure
> + (lambda* (#:key inputs outputs #:allow-other-keys)
> + (let ((gn-flags
> + (list
> + ;; See tools/gn/docs/cookbook.md and
> + ;; https://www.chromium.org/developers/gn-build-configuration
> + ;; for usage. Run "./gn args . --list" in the Release
> + ;; directory for an exhaustive list of supported flags.
> + "is_debug=false"
> + "is_official_build=false"
> + "is_clang=false"
> + "use_gold=false"
> + "linux_use_bundled_binutils=false"
> + "use_custom_libcxx=false"
> + "use_sysroot=false"
> + "goma_dir=\"\""
> + "enable_precompiled_headers=false"
> + "use_jumbo_build=true" ;speeds up build
> + ;; Use a deterministic version identifier.
> + "override_build_date=\"01 01 2000 05:00:00\""
> + "use_unofficial_version_number=false"
> + ;; Disable debugging features to save space.
> + "remove_webcore_debug_symbols=true"
> + "enable_iterator_debugging=false"
> + ;; Don't fail when using deprecated ffmpeg features.
> + "treat_warnings_as_errors=false"
> + "enable_nacl=false"
> + "enable_nacl_nonsfi=false"
> + "use_allocator=\"none\"" ;don't use tcmalloc
> + ;; Don't add any API keys. End users can set them in the
> + ;; environment if necessary.
> + ;; https://www.chromium.org/developers/how-tos/api-keys
> + "use_official_google_api_keys=false"
> + ;; Disable "field trials".
> + "fieldtrial_testing_like_official_build=true"
> +
> + "use_system_freetype=true"
> + ;; FIXME: Try enabling this for 63+.
> + ;;"use_system_harfbuzz=true"
> + "use_system_libjpeg=true"
> + "use_system_lcms2=true"
> + "use_system_zlib=true"
> + ;; This is currently not supported on Linux:
> + ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
> + ;; "use_system_sqlite=true"
> + "use_gconf=false" ; deprecated by gsettings
> + "use_gnome_keyring=false" ; deprecated by libsecret
> + "use_gtk3=true"
> + "use_openh264=true"
> + "use_xkbcommon=true"
> + "link_pulseaudio=true"
> +
> + ;; Don't arbitrarily restrict formats supported by system ffmpeg.
> + "proprietary_codecs=true"
> + "ffmpeg_branding=\"Chrome\""
> +
> + ;; WebRTC stuff.
> + "rtc_use_h264=true"
> + ;; Don't use bundled sources.
> + "rtc_build_json=false"
> + "rtc_build_libevent=false"
> + "rtc_build_libvpx=false"
> + "rtc_build_opus=false"
> + "rtc_build_ssl=false"
> + ;; TODO: Package these.
> + "rtc_build_libsrtp=true" ; 2.0
> + "rtc_build_libyuv=true"
> + "rtc_build_openmax_dl=true"
> + "rtc_build_usrsctp=true"
> + (string-append "rtc_jsoncpp_root=\""
> + (assoc-ref inputs "jsoncpp")
> + "/include/jsoncpp/json\"")
> + (string-append "rtc_ssl_root=\""
> + (assoc-ref inputs "openssl")
> + "/include/openssl\""))))
> +
> + ;; XXX: How portable is this.
> + (mkdir-p "third_party/node/linux/node-linux-x64")
> + (symlink (string-append (assoc-ref inputs "node") "/bin")
> + "third_party/node/linux/node-linux-x64/bin")
> +
> + (setenv "CC" "gcc")
> + (setenv "CXX" "g++")
> + ;; TODO: pre-compile instead. Avoids a race condition.
> + (setenv "PYTHONDONTWRITEBYTECODE" "1")
> + (and
> + ;; Build the "gn" tool.
> + (zero? (system* "python"
> + "tools/gn/bootstrap/bootstrap.py" "-s" "-v"))
> + ;; Generate ninja build files.
> + (zero? (system* "./out/Release/gn" "gen" "out/Release"
> + (string-append "--args="
> + (string-join gn-flags " "))))))))
> + (replace 'build
> + (lambda* (#:key outputs #:allow-other-keys)
> + (zero? (system* "ninja" "-C" "out/Release"
> + "-j" (number->string (parallel-job-count))
> + "chrome"))))
> + (replace 'install
> + (lambda* (#:key inputs outputs #:allow-other-keys)
> + (let* ((out (assoc-ref outputs "out"))
> + (bin (string-append out "/bin"))
> + (exe (string-append bin "/chromium"))
> + (lib (string-append out "/lib"))
> + (man (string-append out "/share/man/man1"))
> + (applications (string-append out "/share/applications"))
> + (install-regexp (make-regexp "\\.(bin|pak)$"))
> + (locales (string-append lib "/locales"))
> + (resources (string-append lib "/resources"))
> + (gtk+ (assoc-ref inputs "gtk+"))
> + (mesa (assoc-ref inputs "mesa"))
> + (nss (assoc-ref inputs "nss"))
> + (udev (assoc-ref inputs "udev"))
> + (sh (which "sh")))
> +
> + (substitute* '("chrome/app/resources/manpage.1.in"
> + "chrome/installer/linux/common/desktop.template")
> + (("@@MENUNAME@@") "Chromium")
> + (("@@PACKAGE@@") "chromium")
> + (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
> + (mkdir-p man)
> + (copy-file "chrome/app/resources/manpage.1.in"
> + (string-append man "/chromium.1"))
> + (mkdir-p applications)
> + (copy-file "chrome/installer/linux/common/desktop.template"
> + (string-append applications "/chromium.desktop"))
> +
> + (with-directory-excursion "out/Release"
> + (for-each (lambda (file)
> + (install-file file lib))
> + (scandir "." (cut regexp-exec install-regexp <>)))
> + (copy-file "chrome" (string-append lib "/chromium"))
> +
> + ;; TODO: Install icons from "../../chrome/app/themes" into
> + ;; "out/share/icons/hicolor/$size".
> + (install-file
> + "product_logo_48.png"
> + (string-append out "/share/icons/48x48/chromium.png"))
> +
> + (copy-recursively "locales" locales)
> + (copy-recursively "resources" resources)
> +
> + (mkdir-p bin)
> + ;; Add a thin wrapper to prevent the user from inadvertently
> + ;; installing non-free software through the Web Store.
> + ;; TODO: Discover extensions from the profile and pass
> + ;; something like "--disable-extensions-except=...".
> + (call-with-output-file exe
> + (lambda (port)
> + (format port
> + "#!~a~@
> + if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
> + then~@
> + CHROMIUM_FLAGS=\" \\~@
> + --disable-background-networking \\~@
> + --disable-extensions \\~@
> + \"~@
> + fi~@
> + exec ~a $CHROMIUM_FLAGS \"$@\"~%"
> + sh (string-append lib "/chromium"))))
> + (chmod exe #o755)
> +
> + (wrap-program exe
> + ;; TODO: Get these in RUNPATH.
> + `("LD_LIBRARY_PATH" ":" prefix
> + (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
> + mesa "/lib:" udev "/lib")))
> + ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
> + `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
> + #t)))))))
> + (native-inputs
> + `(("bison" ,bison)
> + ("git" ,git) ;last_commit_position.py
> + ("gperf" ,gperf)
> + ("ninja" ,ninja)
> + ("node" ,node)
> + ("pkg-config" ,pkg-config)
> + ("which" ,which)
> + ("yasm" ,yasm)
> +
> + ("python-beautifulsoup4" ,python2-beautifulsoup4)
> + ("python-html5lib" ,python2-html5lib)
> + ("python" ,python-2)))
> + (inputs
> + `(("alsa-lib" ,alsa-lib)
> + ("atk" ,atk)
> + ("cups" ,cups)
> + ("curl" ,curl)
> + ("dbus" ,dbus)
> + ("dbus-glib" ,dbus-glib)
> + ("expat" ,expat)
> + ("flac" ,flac)
> + ("ffmpeg" ,ffmpeg)
> + ("fontconfig" ,fontconfig)
> + ("freetype" ,freetype)
> + ("gdk-pixbuf" ,gdk-pixbuf)
> + ("glib" ,glib)
> + ("gtk+-2" ,gtk+-2)
> + ("gtk+" ,gtk+)
> + ("harfbuzz" ,harfbuzz)
> + ("icu4c" ,icu4c-59.1)
> + ("jsoncpp" ,jsoncpp)
> + ("lcms" ,lcms)
> + ("libevent" ,libevent)
> + ("libffi" ,libffi)
> + ("libjpeg-turbo" ,libjpeg-turbo)
> + ("libpng" ,libpng)
> + ("libusb" ,libusb)
> + ("libvpx" ,libvpx+experimental)
> + ("libwebp" ,libwebp)
> + ("libx11" ,libx11)
> + ("libxcb" ,libxcb)
> + ("libxcomposite" ,libxcomposite)
> + ("libxcursor" ,libxcursor)
> + ("libxdamage" ,libxdamage)
> + ("libxext" ,libxext)
> + ("libxfixes" ,libxfixes)
> + ("libxi" ,libxi)
> + ("libxkbcommon" ,libxkbcommon)
> + ("libxml2" ,libxml2)
> + ("libxrandr" ,libxrandr)
> + ("libxrender" ,libxrender)
> + ("libxscrnsaver" ,libxscrnsaver)
> + ("libxslt" ,libxslt)
> + ("libxtst" ,libxtst)
> + ("mesa" ,mesa)
> + ("minizip" ,minizip)
> + ("mit-krb5" ,mit-krb5)
> + ("nss" ,nss)
> + ("openh264" ,openh264)
> + ("openssl" ,openssl)
> + ("opus" ,opus+custom)
> + ("pango" ,pango)
> + ("pciutils" ,pciutils)
> + ("protobuf" ,protobuf)
> + ("pulseaudio" ,pulseaudio)
> + ("re2" ,re2)
> + ("snappy" ,snappy)
> + ("speech-dispatcher" ,speech-dispatcher)
> + ("sqlite" ,sqlite)
> + ("udev" ,eudev)
> + ("valgrind" ,valgrind)))
> + (home-page "https://www.chromium.org/")
> + (description
> + "Chromium is a web browser using the @code{Blink} rendering engine.")
> + ;; Chromium is developed as BSD-3, but bundles a large number of third-party
> + ;; software with other licenses. For full information, see chrome://credits.
> + (license (list license:bsd-3
> + license:bsd-2
> + license:expat
> + license:asl2.0
> + license:mpl2.0
> + license:public-domain
> + license:lgpl2.1+))))
> --
> 2.15.1
>
Many thanks for your ongoing work with this (and the patience :))
As this is 63, you you are keeping track of Debian, right? I tried
to package 64 a couple of days ago because I wanted the workaround
for some of the recent security clusterfucks, but Debian is still
on 63 :/
I hope they'll update their patchset soon.
--
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://c.n0.is/ng0_pubkeys/tree/keys
WWW: https://n0.is/a/ :: https://ea.n0.is
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-08 23:20 ` ng0
@ 2018-01-08 23:40 ` Marius Bakke
2018-01-12 0:09 ` Marius Bakke
1 sibling, 0 replies; 91+ messages in thread
From: Marius Bakke @ 2018-01-08 23:40 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 528 bytes --]
ng0 <ng0@n0.is> writes:
> Many thanks for your ongoing work with this (and the patience :))
> As this is 63, you you are keeping track of Debian, right? I tried
> to package 64 a couple of days ago because I wanted the workaround
> for some of the recent security clusterfucks, but Debian is still
> on 63 :/
> I hope they'll update their patchset soon.
I track the upstream stable branch, which is currently 63.
https://www.chromestatus.com/features/schedule
(see also <https://chromereleases.googleblog.com/> for updates)
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-08 21:56 ` Marius Bakke
2018-01-08 23:20 ` ng0
@ 2018-01-09 6:58 ` ng0
2018-01-12 0:03 ` Marius Bakke
1 sibling, 1 reply; 91+ messages in thread
From: ng0 @ 2018-01-09 6:58 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1436 bytes --]
Marius Bakke transcribed 39K bytes:
> Testing and feedback welcome!
>
> Currently there are two "important" (blocking?) TODOs left:
>
> * Move the 'delete-bundled-software' phase to a source snippet.
> Repacking the ~500MiB compressed tarball is *really* expensive. It
> should also aid the licensing situation.
> * Delete the two default entries from the "most used" list on the New
> Tab page. The first run will download thumbnails for these sites,
> leaking data. One of them also leads to the disabled-by-default
> store, promoting non-free software.
>
> I'm optimistic that fixing the second item will make the browser not
> leak *any* data at launch with the default configuration. Which leads
> to a third item: writing a system test that verifies that launching
> Chromium does indeed not initiate any network traffic.
>
> Anyway, here is the latest patch:
>
> From f813b2d7ec0728a906720fa74bf9f442af6ab10d Mon Sep 17 00:00:00 2001
> From: Marius Bakke <mbakke@fastmail.com>
> Date: Wed, 12 Oct 2016 17:25:05 +0100
> Subject: [PATCH] gnu: Add chromium.
>
> * gnu/packages/chromium.scm: New file.
> * gnu/local.mk: Record it.
I think you forgot a package:
gnu/packages/chromium.scm:664:5: icu4c-59.1: unbound variable
--
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://c.n0.is/ng0_pubkeys/tree/keys
WWW: https://n0.is/a/ :: https://ea.n0.is
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-09 6:58 ` ng0
@ 2018-01-12 0:03 ` Marius Bakke
2018-01-12 9:38 ` ng0
0 siblings, 1 reply; 91+ messages in thread
From: Marius Bakke @ 2018-01-12 0:03 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1774 bytes --]
ng0 <ng0@n0.is> writes:
> Marius Bakke transcribed 39K bytes:
>
>> Testing and feedback welcome!
>>
>> Currently there are two "important" (blocking?) TODOs left:
>>
>> * Move the 'delete-bundled-software' phase to a source snippet.
>> Repacking the ~500MiB compressed tarball is *really* expensive. It
>> should also aid the licensing situation.
>> * Delete the two default entries from the "most used" list on the New
>> Tab page. The first run will download thumbnails for these sites,
>> leaking data. One of them also leads to the disabled-by-default
>> store, promoting non-free software.
>>
>> I'm optimistic that fixing the second item will make the browser not
>> leak *any* data at launch with the default configuration. Which leads
>> to a third item: writing a system test that verifies that launching
>> Chromium does indeed not initiate any network traffic.
>>
>> Anyway, here is the latest patch:
>>
>
>> From f813b2d7ec0728a906720fa74bf9f442af6ab10d Mon Sep 17 00:00:00 2001
>> From: Marius Bakke <mbakke@fastmail.com>
>> Date: Wed, 12 Oct 2016 17:25:05 +0100
>> Subject: [PATCH] gnu: Add chromium.
>>
>> * gnu/packages/chromium.scm: New file.
>> * gnu/local.mk: Record it.
>
> I think you forgot a package:
>
> gnu/packages/chromium.scm:664:5: icu4c-59.1: unbound variable
Indeed. This can now be changed to use the regular "icu4c" package.
Tangentially, these kinds of problems are typical with new Chromium
releases. In 63 or later, system harfbuzz had to be disabled. If we
are going to carry this package, changes like these *will* be normal.
Upstream only tests their releases with Clang, and with the bundled
versions of packages, regardless of the unbundling script. Not great.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-08 23:20 ` ng0
2018-01-08 23:40 ` Marius Bakke
@ 2018-01-12 0:09 ` Marius Bakke
2018-01-13 19:02 ` ng0
2018-01-16 14:18 ` Ludovic Courtès
1 sibling, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2018-01-12 0:09 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 801 bytes --]
ng0 <ng0@n0.is> writes:
> Many thanks for your ongoing work with this (and the patience :))
> As this is 63, you you are keeping track of Debian, right? I tried
> to package 64 a couple of days ago because I wanted the workaround
> for some of the recent security clusterfucks, but Debian is still
> on 63 :/
> I hope they'll update their patchset soon.
Indeed Google did not add the Spectre mitigation to Chromium 63, even
though the latest version was released after the fact.
https://xlab.tencent.com/special/spectre/spectre_check.html
For reasons that beat me, they only added it to the proprietary Chrome
browser, which follows the same version number as Chromium.
The attached patch adds Spectre mitigation to the current Chromium
release. The patch was pulled from the Chrome 64 branch:
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: 0001-gnu-chromium-Add-spectre-mitigation.patch --]
[-- Type: text/x-patch, Size: 2990 bytes --]
From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Thu, 11 Jan 2018 14:36:47 +0100
Subject: [PATCH] gnu: chromium: Add spectre mitigation.
* gnu/packages/patches/chromium-spectre-mitigation.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/chromium.scm (chromium)[source]: Use it.
---
gnu/local.mk | 1 +
gnu/packages/chromium.scm | 3 ++-
gnu/packages/patches/chromium-spectre-mitigation.patch | 13 +++++++++++++
3 files changed, 16 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/chromium-spectre-mitigation.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 513f64043..89dab227c 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -575,6 +575,7 @@ dist_patch_DATA = \
%D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
%D%/packages/patches/ceph-skip-unittest_blockdev.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-spectre-mitigation.patch \
%D%/packages/patches/clang-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clementine-use-openssl.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
index dd040527b..1e9dba42e 100644
--- a/gnu/packages/chromium.scm
+++ b/gnu/packages/chromium.scm
@@ -240,7 +240,8 @@
%chromium-system-icu.patch
%chromium-system-nspr.patch
%chromium-system-libevent.patch
- %chromium-disable-api-keys-warning.patch))
+ %chromium-disable-api-keys-warning.patch
+ (search-patch "chromium-spectre-mitigation.patch")))
(modules '((srfi srfi-1)
(guix build utils)))
(snippet
diff --git a/gnu/packages/patches/chromium-spectre-mitigation.patch b/gnu/packages/patches/chromium-spectre-mitigation.patch
new file mode 100644
index 000000000..a44a3bce4
--- /dev/null
+++ b/gnu/packages/patches/chromium-spectre-mitigation.patch
@@ -0,0 +1,13 @@
+diff --git a/content/public/common/content_features.cc b/content/public/common/content_features.cc
+index 43feb76..33a49b8 100644
+--- a/content/public/common/content_features.cc
++++ b/content/public/common/content_features.cc
+@@ -308,7 +308,7 @@
+
+ // http://tc39.github.io/ecmascript_sharedmem/shmem.html
+ const base::Feature kSharedArrayBuffer{"SharedArrayBuffer",
+- base::FEATURE_ENABLED_BY_DEFAULT};
++ base::FEATURE_DISABLED_BY_DEFAULT};
+
+ // An experiment to require process isolation for the sign-in origin,
+ // https://accounts.google.com. Launch bug: https://crbug.com/739418.
--
2.15.1
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-12 0:03 ` Marius Bakke
@ 2018-01-12 9:38 ` ng0
0 siblings, 0 replies; 91+ messages in thread
From: ng0 @ 2018-01-12 9:38 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2238 bytes --]
Marius Bakke transcribed 2.3K bytes:
> ng0 <ng0@n0.is> writes:
>
> > Marius Bakke transcribed 39K bytes:
> >
> >> Testing and feedback welcome!
> >>
> >> Currently there are two "important" (blocking?) TODOs left:
> >>
> >> * Move the 'delete-bundled-software' phase to a source snippet.
> >> Repacking the ~500MiB compressed tarball is *really* expensive. It
> >> should also aid the licensing situation.
> >> * Delete the two default entries from the "most used" list on the New
> >> Tab page. The first run will download thumbnails for these sites,
> >> leaking data. One of them also leads to the disabled-by-default
> >> store, promoting non-free software.
> >>
> >> I'm optimistic that fixing the second item will make the browser not
> >> leak *any* data at launch with the default configuration. Which leads
> >> to a third item: writing a system test that verifies that launching
> >> Chromium does indeed not initiate any network traffic.
> >>
> >> Anyway, here is the latest patch:
> >>
> >
> >> From f813b2d7ec0728a906720fa74bf9f442af6ab10d Mon Sep 17 00:00:00 2001
> >> From: Marius Bakke <mbakke@fastmail.com>
> >> Date: Wed, 12 Oct 2016 17:25:05 +0100
> >> Subject: [PATCH] gnu: Add chromium.
> >>
> >> * gnu/packages/chromium.scm: New file.
> >> * gnu/local.mk: Record it.
> >
> > I think you forgot a package:
> >
> > gnu/packages/chromium.scm:664:5: icu4c-59.1: unbound variable
>
> Indeed. This can now be changed to use the regular "icu4c" package.
Okay, will change. Thanks!
> Tangentially, these kinds of problems are typical with new Chromium
> releases. In 63 or later, system harfbuzz had to be disabled. If we
> are going to carry this package, changes like these *will* be normal.
>
> Upstream only tests their releases with Clang, and with the bundled
> versions of packages, regardless of the unbundling script. Not great.
Yeah. I've been there, and read the frustration of other packagers
when I worked on getting a basic skeleton of chromium + dependencies
ready one(?) year ago.
--
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://c.n0.is/ng0_pubkeys/tree/keys
WWW: https://n0.is/a/ :: https://ea.n0.is
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-12 0:09 ` Marius Bakke
@ 2018-01-13 19:02 ` ng0
2018-01-13 19:13 ` ng0
2018-01-16 14:18 ` Ludovic Courtès
1 sibling, 1 reply; 91+ messages in thread
From: ng0 @ 2018-01-13 19:02 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 4713 bytes --]
I just got a bug report for the build via:
guix pull --url="https://c.n0.is/git/ng0/guix/guix.git" --branch="pretest/chromium"
guix package --install chromium
Failing with the attached build log excerpt. We are not FreeBSD, but I found
this in the first 5 minutes: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=160935
Maybe it helps to debug this, or maybe you've encountered this before.
I myself have been able to build this without issues on two systems.
All mentioned systems are GuixSD.
This should be a blocker, but maybe a head-up in potential build issues.
Marius Bakke transcribed 4.5K bytes:
> ng0 <ng0@n0.is> writes:
>
> > Many thanks for your ongoing work with this (and the patience :))
> > As this is 63, you you are keeping track of Debian, right? I tried
> > to package 64 a couple of days ago because I wanted the workaround
> > for some of the recent security clusterfucks, but Debian is still
> > on 63 :/
> > I hope they'll update their patchset soon.
>
> Indeed Google did not add the Spectre mitigation to Chromium 63, even
> though the latest version was released after the fact.
>
> https://xlab.tencent.com/special/spectre/spectre_check.html
>
> For reasons that beat me, they only added it to the proprietary Chrome
> browser, which follows the same version number as Chromium.
>
> The attached patch adds Spectre mitigation to the current Chromium
> release. The patch was pulled from the Chrome 64 branch:
>
> From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001
> From: Marius Bakke <mbakke@fastmail.com>
> Date: Thu, 11 Jan 2018 14:36:47 +0100
> Subject: [PATCH] gnu: chromium: Add spectre mitigation.
>
> * gnu/packages/patches/chromium-spectre-mitigation.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Register it.
> * gnu/packages/chromium.scm (chromium)[source]: Use it.
> ---
> gnu/local.mk | 1 +
> gnu/packages/chromium.scm | 3 ++-
> gnu/packages/patches/chromium-spectre-mitigation.patch | 13 +++++++++++++
> 3 files changed, 16 insertions(+), 1 deletion(-)
> create mode 100644 gnu/packages/patches/chromium-spectre-mitigation.patch
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index 513f64043..89dab227c 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -575,6 +575,7 @@ dist_patch_DATA = \
> %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
> %D%/packages/patches/ceph-skip-unittest_blockdev.patch \
> %D%/packages/patches/chmlib-inttypes.patch \
> + %D%/packages/patches/chromium-spectre-mitigation.patch \
> %D%/packages/patches/clang-libc-search-path.patch \
> %D%/packages/patches/clang-3.8-libc-search-path.patch \
> %D%/packages/patches/clementine-use-openssl.patch \
> diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
> index dd040527b..1e9dba42e 100644
> --- a/gnu/packages/chromium.scm
> +++ b/gnu/packages/chromium.scm
> @@ -240,7 +240,8 @@
> %chromium-system-icu.patch
> %chromium-system-nspr.patch
> %chromium-system-libevent.patch
> - %chromium-disable-api-keys-warning.patch))
> + %chromium-disable-api-keys-warning.patch
> + (search-patch "chromium-spectre-mitigation.patch")))
> (modules '((srfi srfi-1)
> (guix build utils)))
> (snippet
> diff --git a/gnu/packages/patches/chromium-spectre-mitigation.patch b/gnu/packages/patches/chromium-spectre-mitigation.patch
> new file mode 100644
> index 000000000..a44a3bce4
> --- /dev/null
> +++ b/gnu/packages/patches/chromium-spectre-mitigation.patch
> @@ -0,0 +1,13 @@
> +diff --git a/content/public/common/content_features.cc b/content/public/common/content_features.cc
> +index 43feb76..33a49b8 100644
> +--- a/content/public/common/content_features.cc
> ++++ b/content/public/common/content_features.cc
> +@@ -308,7 +308,7 @@
> +
> + // http://tc39.github.io/ecmascript_sharedmem/shmem.html
> + const base::Feature kSharedArrayBuffer{"SharedArrayBuffer",
> +- base::FEATURE_ENABLED_BY_DEFAULT};
> ++ base::FEATURE_DISABLED_BY_DEFAULT};
> +
> + // An experiment to require process isolation for the sign-in origin,
> + // https://accounts.google.com. Launch bug: https://crbug.com/739418.
> --
> 2.15.1
>
--
ng0 :: https://ea.n0.is
A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-13 19:02 ` ng0
@ 2018-01-13 19:13 ` ng0
2018-01-14 12:10 ` ng0
0 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2018-01-13 19:13 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 5091 bytes --]
ng0 transcribed 5.6K bytes:
> I just got a bug report for the build via:
>
> guix pull --url="https://c.n0.is/git/ng0/guix/guix.git" --branch="pretest/chromium"
> guix package --install chromium
>
> Failing with the attached build log excerpt. We are not FreeBSD, but I found
> this in the first 5 minutes: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=160935
> Maybe it helps to debug this, or maybe you've encountered this before.
>
> I myself have been able to build this without issues on two systems.
>
> All mentioned systems are GuixSD.
>
this time with attached file.
> This should be a blocker, but maybe a head-up in potential build issues.
> Marius Bakke transcribed 4.5K bytes:
> > ng0 <ng0@n0.is> writes:
> >
> > > Many thanks for your ongoing work with this (and the patience :))
> > > As this is 63, you you are keeping track of Debian, right? I tried
> > > to package 64 a couple of days ago because I wanted the workaround
> > > for some of the recent security clusterfucks, but Debian is still
> > > on 63 :/
> > > I hope they'll update their patchset soon.
> >
> > Indeed Google did not add the Spectre mitigation to Chromium 63, even
> > though the latest version was released after the fact.
> >
> > https://xlab.tencent.com/special/spectre/spectre_check.html
> >
> > For reasons that beat me, they only added it to the proprietary Chrome
> > browser, which follows the same version number as Chromium.
> >
> > The attached patch adds Spectre mitigation to the current Chromium
> > release. The patch was pulled from the Chrome 64 branch:
> >
>
> > From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001
> > From: Marius Bakke <mbakke@fastmail.com>
> > Date: Thu, 11 Jan 2018 14:36:47 +0100
> > Subject: [PATCH] gnu: chromium: Add spectre mitigation.
> >
> > * gnu/packages/patches/chromium-spectre-mitigation.patch: New file.
> > * gnu/local.mk (dist_patch_DATA): Register it.
> > * gnu/packages/chromium.scm (chromium)[source]: Use it.
> > ---
> > gnu/local.mk | 1 +
> > gnu/packages/chromium.scm | 3 ++-
> > gnu/packages/patches/chromium-spectre-mitigation.patch | 13 +++++++++++++
> > 3 files changed, 16 insertions(+), 1 deletion(-)
> > create mode 100644 gnu/packages/patches/chromium-spectre-mitigation.patch
> >
> > diff --git a/gnu/local.mk b/gnu/local.mk
> > index 513f64043..89dab227c 100644
> > --- a/gnu/local.mk
> > +++ b/gnu/local.mk
> > @@ -575,6 +575,7 @@ dist_patch_DATA = \
> > %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
> > %D%/packages/patches/ceph-skip-unittest_blockdev.patch \
> > %D%/packages/patches/chmlib-inttypes.patch \
> > + %D%/packages/patches/chromium-spectre-mitigation.patch \
> > %D%/packages/patches/clang-libc-search-path.patch \
> > %D%/packages/patches/clang-3.8-libc-search-path.patch \
> > %D%/packages/patches/clementine-use-openssl.patch \
> > diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
> > index dd040527b..1e9dba42e 100644
> > --- a/gnu/packages/chromium.scm
> > +++ b/gnu/packages/chromium.scm
> > @@ -240,7 +240,8 @@
> > %chromium-system-icu.patch
> > %chromium-system-nspr.patch
> > %chromium-system-libevent.patch
> > - %chromium-disable-api-keys-warning.patch))
> > + %chromium-disable-api-keys-warning.patch
> > + (search-patch "chromium-spectre-mitigation.patch")))
> > (modules '((srfi srfi-1)
> > (guix build utils)))
> > (snippet
> > diff --git a/gnu/packages/patches/chromium-spectre-mitigation.patch b/gnu/packages/patches/chromium-spectre-mitigation.patch
> > new file mode 100644
> > index 000000000..a44a3bce4
> > --- /dev/null
> > +++ b/gnu/packages/patches/chromium-spectre-mitigation.patch
> > @@ -0,0 +1,13 @@
> > +diff --git a/content/public/common/content_features.cc b/content/public/common/content_features.cc
> > +index 43feb76..33a49b8 100644
> > +--- a/content/public/common/content_features.cc
> > ++++ b/content/public/common/content_features.cc
> > +@@ -308,7 +308,7 @@
> > +
> > + // http://tc39.github.io/ecmascript_sharedmem/shmem.html
> > + const base::Feature kSharedArrayBuffer{"SharedArrayBuffer",
> > +- base::FEATURE_ENABLED_BY_DEFAULT};
> > ++ base::FEATURE_DISABLED_BY_DEFAULT};
> > +
> > + // An experiment to require process isolation for the sign-in origin,
> > + // https://accounts.google.com. Launch bug: https://crbug.com/739418.
> > --
> > 2.15.1
> >
>
>
>
>
> --
> ng0 :: https://ea.n0.is
> A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/
--
ng0 :: https://ea.n0.is
A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/
[-- Attachment #1.2: chromium.fail --]
[-- Type: text/plain, Size: 7784 bytes --]
[19248/23429] CXX obj/content/browser/browser/web_bluetooth_service_impl.o
FAILED: obj/content/browser/browser/web_bluetooth_service_impl.o
g++ -MMD -MF obj/content/browser/browser/web_bluetooth_service_impl.o.d -DENABLE_SCREEN_CAPTURE=1 -DV8_DEPRECATION_WARNINGS
-DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DNO_TCMALLOC -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD
-DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
-D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=2 -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0
-DCONTENT_IMPLEMENTATION -DV8_USE_EXTERNAL_STARTUP_DATA
-DATK_LIB_DIR=\"/gnu/store/nniszqyslmgllha2cyi9g3pfsmm6sg16-atk-2.24.0/lib\" -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32
-DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DGL_GLEXT_PROTOTYPES -DUSE_GLX -DUSE_EGL -DGOOGLE_PROTOBUF_NO_RTTI
-DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DUSING_SYSTEM_ICU=1 -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_STATIC
-DUCHAR_TYPE=uint16_t -DSK_IGNORE_LINEONLY_AA_CONVEX_PATH_OPTS -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_HAS_JPEG_LIBRARY
-DSK_SUPPORT_GPU=1 -DLEVELDB_PLATFORM_CHROMIUM=1 -DWEBRTC_NON_STATIC_TRACE_EVENT_HANDLERS=0 -DFEATURE_ENABLE_VOICEMAIL
-DGTEST_RELATIVE_PATH -DWEBRTC_CHROMIUM_BUILD -DWEBRTC_POSIX -DWEBRTC_LINUX -DWTF_USE_WEBAUDIO_FFMPEG=1
-DWTF_USE_DEFAULT_RENDER_THEME=1 -DUSE_SYSTEM_ZLIB=1 -DNO_MAIN_THREAD_WRAPPING -I../.. -Igen
-I/gnu/store/nniszqyslmgllha2cyi9g3pfsmm6sg16-atk-2.24.0/include/atk-1.0
-I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0
-I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/include
-I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0
-I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/include
-I/gnu/store/b9ww6qv1ii9v6n45kin7543vkf6jfnd3-libpng-1.6.29/include/libpng16
-I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0
-I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/include
-I/gnu/store/3k1y78v6nxjvmivnri5j46wai6ppvyz0-harfbuzz-1.5.1/include/harfbuzz
-I/gnu/store/b9ww6qv1ii9v6n45kin7543vkf6jfnd3-libpng-1.6.29/include/libpng16
-I/gnu/store/4b9y9f5fvghk2vmwpbgzncal7z3r4n5y-pango-1.40.12/include/pango-1.0
-I/gnu/store/c4vl4hw5jccg0b23sfvs0kdnfdbxdlgm-cairo-1.14.10/include/cairo
-I/gnu/store/w8kii3hjvmh50yxs52gkdywkq9jc7s19-pixman-0.34.0/include/pixman-1 -Igen/shim_headers/libevent_shim
-Igen/shim_headers/icui18n_shim -Igen/shim_headers/icuuc_shim -Igen/shim_headers/re2_shim -Igen/shim_headers/libpng_shim
-Igen/shim_headers/zlib_shim -Igen/shim_headers/libdrm_shim -I../../third_party/khronos -I../../gpu
-Igen/shim_headers/ffmpeg_shim -Igen/shim_headers/libvpx_shim -Igen/shim_headers/opus_shim -Igen/shim_headers/snappy_shim
-Igen/shim_headers/openh264_shim -Igen/shim_headers/minizip_shim -Igen/shim_headers/flac_shim -I../../third_party/protobuf/src
-I../../third_party/ced/src -I../../skia/config -I../../skia/ext -I../../third_party/skia/include/c
-I../../third_party/skia/include/config -I../../third_party/skia/include/core -I../../third_party/skia/include/effects
-I../../third_party/skia/include/encode -I../../third_party/skia/include/gpu -I../../third_party/skia/include/images
-I../../third_party/skia/include/lazy -I../../third_party/skia/include/pathops -I../../third_party/skia/include/pdf
-I../../third_party/skia/include/pipe -I../../third_party/skia/include/ports -I../../third_party/skia/include/utils
-I../../third_party/skia/third_party/vulkan -I../../third_party/skia/src/gpu -I../../third_party/skia/src/sksl
-I../../third_party/leveldatabase -I../../third_party/leveldatabase/src -I../../third_party/leveldatabase/src/include
-I../../third_party/webrtc_overrides -I../../testing/gtest/include -I../../third_party/webrtc
-I../../third_party/webrtc_overrides -I../../third_party/webrtc -I../../third_party/protobuf/src -Igen/protoc_out
-Igen/components/metrics/proto -I../../third_party/boringssl/src/include
-I/gnu/store/yk0bk0y3dvz2pa3f56knjhdby16fb62s-nss-3.34/include/nss
-I/gnu/store/544jcd4141xgg72dk5xxbs4zjzvxvvxi-nspr-4.17/include/nspr -I../../third_party/libwebm/source -Igen
-I../../third_party/WebKit -Igen/third_party/WebKit -I../../v8/include -Igen/v8/include -I../../third_party/mesa/src/include
-I../../third_party/WebKit/Source -I../../third_party/WebKit -Igen/blink -Igen/third_party/WebKit
-I../../third_party/angle/src/common/third_party/base -Igen/angle -I../../third_party/brotli/include
-I../../third_party/libyuv/include -I/gnu/store/xr0zjan791j0pgvcs770m59za9bsjsr6-dbus-1.10.22/include/dbus-1.0
-I/gnu/store/xr0zjan791j0pgvcs770m59za9bsjsr6-dbus-1.10.22/lib/dbus-1.0/include -fno-strict-aliasing --param=ssp-buffer-size=4
-fstack-protector -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -funwind-tables -fPIC -pipe -pthread
-m64 -march=x86-64 -Wall -Wno-unused-local-typedefs -Wno-maybe-uninitialized -Wno-missing-field-initializers
-Wno-unused-parameter -O2 -fno-ident -fdata-sections -ffunction-sections -fomit-frame-pointer -g0 -fvisibility=hidden
-Wno-unused-local-typedef -Wno-unused-function -std=gnu++14 -Wno-narrowing -fno-rtti -fno-exceptions -fvisibility-inlines-hidden
-c ../../content/browser/bluetooth/web_bluetooth_service_impl.cc -o obj/content/browser/browser/web_bluetooth_service_impl.o
g++: internal compiler error: Killed (program cc1plus)
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.
[19249/23429] CXX obj/content/browser/browser/render_frame_host_factory.o
In file included from ../../content/browser/frame_host/frame_tree_node.h:18:0,
from ../../content/browser/frame_host/render_frame_host_factory.cc:9:
../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning: multi-line comment [-Wcomment]
// / | \
^
../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning: multi-line comment [-Wcomment]
// / / \ \
^
cc1plus: warning: unrecognized command line option ‘-Wno-unused-local-typedef’
[19250/23429] CXX obj/content/browser/browser/render_frame_host_manager.o
In file included from ../../content/browser/frame_host/render_frame_host_manager.h:19:0,
from ../../content/browser/frame_host/render_frame_host_manager.cc:5:
../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning: multi-line comment [-Wcomment]
// / | \
^
../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning: multi-line comment [-Wcomment]
// / / \ \
^
cc1plus: warning: unrecognized command line option ‘-Wno-unused-local-typedef’
[19251/23429] CXX obj/content/browser/browser/render_frame_host_impl.o
In file included from ../../content/browser/frame_host/render_frame_host_impl.cc:5:0:
../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning: multi-line comment [-Wcomment]
// / | \
^
../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning: multi-line comment [-Wcomment]
// / / \ \
^
cc1plus: warning: unrecognized command line option ‘-Wno-unused-local-typedef’
ninja: build stopped: subcommand failed.
phase `build' failed after 16570.6 seconds
builder for `/gnu/store/9ws2gavs5bjlrfimhdi10pssvy7hwnwl-chromium-63.0.3239.132.drv' failed with exit code 1
guix package: error: build failed: build of `/gnu/store/9ws2gavs5bjlrfimhdi10pssvy7hwnwl-chromium-63.0.3239.132.drv' failed
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-13 19:13 ` ng0
@ 2018-01-14 12:10 ` ng0
0 siblings, 0 replies; 91+ messages in thread
From: ng0 @ 2018-01-14 12:10 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 13535 bytes --]
ng0 transcribed 14K bytes:
> ng0 transcribed 5.6K bytes:
> > I just got a bug report for the build via:
> >
> > guix pull --url="https://c.n0.is/git/ng0/guix/guix.git" --branch="pretest/chromium"
> > guix package --install chromium
> >
> > Failing with the attached build log excerpt. We are not FreeBSD, but I found
> > this in the first 5 minutes: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=160935
> > Maybe it helps to debug this, or maybe you've encountered this before.
> >
> > I myself have been able to build this without issues on two systems.
> >
> > All mentioned systems are GuixSD.
> >
>
> this time with attached file.
My guess was "low on RAM or swap", as it turns out this was right. With more
RAM and/or swap space it builds.
> > This should be a blocker, but maybe a head-up in potential build issues.
> > Marius Bakke transcribed 4.5K bytes:
> > > ng0 <ng0@n0.is> writes:
> > >
> > > > Many thanks for your ongoing work with this (and the patience :))
> > > > As this is 63, you you are keeping track of Debian, right? I tried
> > > > to package 64 a couple of days ago because I wanted the workaround
> > > > for some of the recent security clusterfucks, but Debian is still
> > > > on 63 :/
> > > > I hope they'll update their patchset soon.
> > >
> > > Indeed Google did not add the Spectre mitigation to Chromium 63, even
> > > though the latest version was released after the fact.
> > >
> > > https://xlab.tencent.com/special/spectre/spectre_check.html
> > >
> > > For reasons that beat me, they only added it to the proprietary Chrome
> > > browser, which follows the same version number as Chromium.
> > >
> > > The attached patch adds Spectre mitigation to the current Chromium
> > > release. The patch was pulled from the Chrome 64 branch:
> > >
> >
> > > From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001
> > > From: Marius Bakke <mbakke@fastmail.com>
> > > Date: Thu, 11 Jan 2018 14:36:47 +0100
> > > Subject: [PATCH] gnu: chromium: Add spectre mitigation.
> > >
> > > * gnu/packages/patches/chromium-spectre-mitigation.patch: New file.
> > > * gnu/local.mk (dist_patch_DATA): Register it.
> > > * gnu/packages/chromium.scm (chromium)[source]: Use it.
> > > ---
> > > gnu/local.mk | 1 +
> > > gnu/packages/chromium.scm | 3 ++-
> > > gnu/packages/patches/chromium-spectre-mitigation.patch | 13 +++++++++++++
> > > 3 files changed, 16 insertions(+), 1 deletion(-)
> > > create mode 100644 gnu/packages/patches/chromium-spectre-mitigation.patch
> > >
> > > diff --git a/gnu/local.mk b/gnu/local.mk
> > > index 513f64043..89dab227c 100644
> > > --- a/gnu/local.mk
> > > +++ b/gnu/local.mk
> > > @@ -575,6 +575,7 @@ dist_patch_DATA = \
> > > %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
> > > %D%/packages/patches/ceph-skip-unittest_blockdev.patch \
> > > %D%/packages/patches/chmlib-inttypes.patch \
> > > + %D%/packages/patches/chromium-spectre-mitigation.patch \
> > > %D%/packages/patches/clang-libc-search-path.patch \
> > > %D%/packages/patches/clang-3.8-libc-search-path.patch \
> > > %D%/packages/patches/clementine-use-openssl.patch \
> > > diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
> > > index dd040527b..1e9dba42e 100644
> > > --- a/gnu/packages/chromium.scm
> > > +++ b/gnu/packages/chromium.scm
> > > @@ -240,7 +240,8 @@
> > > %chromium-system-icu.patch
> > > %chromium-system-nspr.patch
> > > %chromium-system-libevent.patch
> > > - %chromium-disable-api-keys-warning.patch))
> > > + %chromium-disable-api-keys-warning.patch
> > > + (search-patch "chromium-spectre-mitigation.patch")))
> > > (modules '((srfi srfi-1)
> > > (guix build utils)))
> > > (snippet
> > > diff --git a/gnu/packages/patches/chromium-spectre-mitigation.patch b/gnu/packages/patches/chromium-spectre-mitigation.patch
> > > new file mode 100644
> > > index 000000000..a44a3bce4
> > > --- /dev/null
> > > +++ b/gnu/packages/patches/chromium-spectre-mitigation.patch
> > > @@ -0,0 +1,13 @@
> > > +diff --git a/content/public/common/content_features.cc b/content/public/common/content_features.cc
> > > +index 43feb76..33a49b8 100644
> > > +--- a/content/public/common/content_features.cc
> > > ++++ b/content/public/common/content_features.cc
> > > +@@ -308,7 +308,7 @@
> > > +
> > > + // http://tc39.github.io/ecmascript_sharedmem/shmem.html
> > > + const base::Feature kSharedArrayBuffer{"SharedArrayBuffer",
> > > +- base::FEATURE_ENABLED_BY_DEFAULT};
> > > ++ base::FEATURE_DISABLED_BY_DEFAULT};
> > > +
> > > + // An experiment to require process isolation for the sign-in origin,
> > > + // https://accounts.google.com. Launch bug: https://crbug.com/739418.
> > > --
> > > 2.15.1
> > >
> >
> >
> >
> >
> > --
> > ng0 :: https://ea.n0.is
> > A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/
>
>
>
> --
> ng0 :: https://ea.n0.is
> A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/
> [19248/23429] CXX obj/content/browser/browser/web_bluetooth_service_impl.o
> FAILED: obj/content/browser/browser/web_bluetooth_service_impl.o
> g++ -MMD -MF obj/content/browser/browser/web_bluetooth_service_impl.o.d -DENABLE_SCREEN_CAPTURE=1 -DV8_DEPRECATION_WARNINGS
> -DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DNO_TCMALLOC -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD
> -DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
> -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=2 -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0
> -DCONTENT_IMPLEMENTATION -DV8_USE_EXTERNAL_STARTUP_DATA
> -DATK_LIB_DIR=\"/gnu/store/nniszqyslmgllha2cyi9g3pfsmm6sg16-atk-2.24.0/lib\" -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32
> -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DGL_GLEXT_PROTOTYPES -DUSE_GLX -DUSE_EGL -DGOOGLE_PROTOBUF_NO_RTTI
> -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DUSING_SYSTEM_ICU=1 -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_STATIC
> -DUCHAR_TYPE=uint16_t -DSK_IGNORE_LINEONLY_AA_CONVEX_PATH_OPTS -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_HAS_JPEG_LIBRARY
> -DSK_SUPPORT_GPU=1 -DLEVELDB_PLATFORM_CHROMIUM=1 -DWEBRTC_NON_STATIC_TRACE_EVENT_HANDLERS=0 -DFEATURE_ENABLE_VOICEMAIL
> -DGTEST_RELATIVE_PATH -DWEBRTC_CHROMIUM_BUILD -DWEBRTC_POSIX -DWEBRTC_LINUX -DWTF_USE_WEBAUDIO_FFMPEG=1
> -DWTF_USE_DEFAULT_RENDER_THEME=1 -DUSE_SYSTEM_ZLIB=1 -DNO_MAIN_THREAD_WRAPPING -I../.. -Igen
> -I/gnu/store/nniszqyslmgllha2cyi9g3pfsmm6sg16-atk-2.24.0/include/atk-1.0
> -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0
> -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/include
> -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0
> -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/include
> -I/gnu/store/b9ww6qv1ii9v6n45kin7543vkf6jfnd3-libpng-1.6.29/include/libpng16
> -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0
> -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/include
> -I/gnu/store/3k1y78v6nxjvmivnri5j46wai6ppvyz0-harfbuzz-1.5.1/include/harfbuzz
> -I/gnu/store/b9ww6qv1ii9v6n45kin7543vkf6jfnd3-libpng-1.6.29/include/libpng16
> -I/gnu/store/4b9y9f5fvghk2vmwpbgzncal7z3r4n5y-pango-1.40.12/include/pango-1.0
> -I/gnu/store/c4vl4hw5jccg0b23sfvs0kdnfdbxdlgm-cairo-1.14.10/include/cairo
> -I/gnu/store/w8kii3hjvmh50yxs52gkdywkq9jc7s19-pixman-0.34.0/include/pixman-1 -Igen/shim_headers/libevent_shim
> -Igen/shim_headers/icui18n_shim -Igen/shim_headers/icuuc_shim -Igen/shim_headers/re2_shim -Igen/shim_headers/libpng_shim
> -Igen/shim_headers/zlib_shim -Igen/shim_headers/libdrm_shim -I../../third_party/khronos -I../../gpu
> -Igen/shim_headers/ffmpeg_shim -Igen/shim_headers/libvpx_shim -Igen/shim_headers/opus_shim -Igen/shim_headers/snappy_shim
> -Igen/shim_headers/openh264_shim -Igen/shim_headers/minizip_shim -Igen/shim_headers/flac_shim -I../../third_party/protobuf/src
> -I../../third_party/ced/src -I../../skia/config -I../../skia/ext -I../../third_party/skia/include/c
> -I../../third_party/skia/include/config -I../../third_party/skia/include/core -I../../third_party/skia/include/effects
> -I../../third_party/skia/include/encode -I../../third_party/skia/include/gpu -I../../third_party/skia/include/images
> -I../../third_party/skia/include/lazy -I../../third_party/skia/include/pathops -I../../third_party/skia/include/pdf
> -I../../third_party/skia/include/pipe -I../../third_party/skia/include/ports -I../../third_party/skia/include/utils
> -I../../third_party/skia/third_party/vulkan -I../../third_party/skia/src/gpu -I../../third_party/skia/src/sksl
> -I../../third_party/leveldatabase -I../../third_party/leveldatabase/src -I../../third_party/leveldatabase/src/include
> -I../../third_party/webrtc_overrides -I../../testing/gtest/include -I../../third_party/webrtc
> -I../../third_party/webrtc_overrides -I../../third_party/webrtc -I../../third_party/protobuf/src -Igen/protoc_out
> -Igen/components/metrics/proto -I../../third_party/boringssl/src/include
> -I/gnu/store/yk0bk0y3dvz2pa3f56knjhdby16fb62s-nss-3.34/include/nss
> -I/gnu/store/544jcd4141xgg72dk5xxbs4zjzvxvvxi-nspr-4.17/include/nspr -I../../third_party/libwebm/source -Igen
> -I../../third_party/WebKit -Igen/third_party/WebKit -I../../v8/include -Igen/v8/include -I../../third_party/mesa/src/include
> -I../../third_party/WebKit/Source -I../../third_party/WebKit -Igen/blink -Igen/third_party/WebKit
> -I../../third_party/angle/src/common/third_party/base -Igen/angle -I../../third_party/brotli/include
> -I../../third_party/libyuv/include -I/gnu/store/xr0zjan791j0pgvcs770m59za9bsjsr6-dbus-1.10.22/include/dbus-1.0
> -I/gnu/store/xr0zjan791j0pgvcs770m59za9bsjsr6-dbus-1.10.22/lib/dbus-1.0/include -fno-strict-aliasing --param=ssp-buffer-size=4
> -fstack-protector -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -funwind-tables -fPIC -pipe -pthread
> -m64 -march=x86-64 -Wall -Wno-unused-local-typedefs -Wno-maybe-uninitialized -Wno-missing-field-initializers
> -Wno-unused-parameter -O2 -fno-ident -fdata-sections -ffunction-sections -fomit-frame-pointer -g0 -fvisibility=hidden
> -Wno-unused-local-typedef -Wno-unused-function -std=gnu++14 -Wno-narrowing -fno-rtti -fno-exceptions -fvisibility-inlines-hidden
> -c ../../content/browser/bluetooth/web_bluetooth_service_impl.cc -o obj/content/browser/browser/web_bluetooth_service_impl.o
> g++: internal compiler error: Killed (program cc1plus)
> Please submit a full bug report,
> with preprocessed source if appropriate.
> See <http://gcc.gnu.org/bugs.html> for instructions.
> [19249/23429] CXX obj/content/browser/browser/render_frame_host_factory.o
> In file included from ../../content/browser/frame_host/frame_tree_node.h:18:0,
> from ../../content/browser/frame_host/render_frame_host_factory.cc:9:
> ../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning: multi-line comment [-Wcomment]
> // / | \
> ^
> ../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning: multi-line comment [-Wcomment]
> // / / \ \
> ^
> cc1plus: warning: unrecognized command line option ‘-Wno-unused-local-typedef’
> [19250/23429] CXX obj/content/browser/browser/render_frame_host_manager.o
> In file included from ../../content/browser/frame_host/render_frame_host_manager.h:19:0,
> from ../../content/browser/frame_host/render_frame_host_manager.cc:5:
> ../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning: multi-line comment [-Wcomment]
> // / | \
> ^
> ../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning: multi-line comment [-Wcomment]
> // / / \ \
> ^
> cc1plus: warning: unrecognized command line option ‘-Wno-unused-local-typedef’
> [19251/23429] CXX obj/content/browser/browser/render_frame_host_impl.o
> In file included from ../../content/browser/frame_host/render_frame_host_impl.cc:5:0:
> ../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning: multi-line comment [-Wcomment]
> // / | \
> ^
> ../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning: multi-line comment [-Wcomment]
> // / / \ \
> ^
> cc1plus: warning: unrecognized command line option ‘-Wno-unused-local-typedef’
> ninja: build stopped: subcommand failed.
> phase `build' failed after 16570.6 seconds
> builder for `/gnu/store/9ws2gavs5bjlrfimhdi10pssvy7hwnwl-chromium-63.0.3239.132.drv' failed with exit code 1
> guix package: error: build failed: build of `/gnu/store/9ws2gavs5bjlrfimhdi10pssvy7hwnwl-chromium-63.0.3239.132.drv' failed
--
ng0 :: https://ea.n0.is
A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-12 0:09 ` Marius Bakke
2018-01-13 19:02 ` ng0
@ 2018-01-16 14:18 ` Ludovic Courtès
2018-01-16 19:01 ` Marius Bakke
2018-01-16 20:04 ` ng0
1 sibling, 2 replies; 91+ messages in thread
From: Ludovic Courtès @ 2018-01-16 14:18 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Hi Marius,
Marius Bakke <mbakke@fastmail.com> skribis:
> The attached patch adds Spectre mitigation to the current Chromium
> release. The patch was pulled from the Chrome 64 branch:
>
> From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001
> From: Marius Bakke <mbakke@fastmail.com>
> Date: Thu, 11 Jan 2018 14:36:47 +0100
> Subject: [PATCH] gnu: chromium: Add spectre mitigation.
>
> * gnu/packages/patches/chromium-spectre-mitigation.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Register it.
> * gnu/packages/chromium.scm (chromium)[source]: Use it.
I didn’t really follow the whole discussion :-), but if what you have is
now OK from the freedom and security viewpoints (including bundling),
perhaps you can go ahead?
Ludo’.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-16 14:18 ` Ludovic Courtès
@ 2018-01-16 19:01 ` Marius Bakke
2018-01-16 19:09 ` Tobias Geerinckx-Rice
` (2 more replies)
2018-01-16 20:04 ` ng0
1 sibling, 3 replies; 91+ messages in thread
From: Marius Bakke @ 2018-01-16 19:01 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1199 bytes --]
Ludovic Courtès <ludo@gnu.org> writes:
> Hi Marius,
>
> Marius Bakke <mbakke@fastmail.com> skribis:
>
>> The attached patch adds Spectre mitigation to the current Chromium
>> release. The patch was pulled from the Chrome 64 branch:
>>
>> From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001
>> From: Marius Bakke <mbakke@fastmail.com>
>> Date: Thu, 11 Jan 2018 14:36:47 +0100
>> Subject: [PATCH] gnu: chromium: Add spectre mitigation.
>>
>> * gnu/packages/patches/chromium-spectre-mitigation.patch: New file.
>> * gnu/local.mk (dist_patch_DATA): Register it.
>> * gnu/packages/chromium.scm (chromium)[source]: Use it.
>
> I didn’t really follow the whole discussion :-), but if what you have is
> now OK from the freedom and security viewpoints (including bundling),
> perhaps you can go ahead?
I believe this is pretty much ready. However Chromium 64 is due in one
week, so I'll wait for that. Meanwhile I'll try to get rid of the
default "most used" sites which links to the nonfree Web Store.
Not sure what to put in the description. Can I hire Tobias for this? :P
If there are no objections, expect to see this in 'master' in 1-2 weeks.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-16 19:01 ` Marius Bakke
@ 2018-01-16 19:09 ` Tobias Geerinckx-Rice
2018-01-16 19:22 ` Marius Bakke
2018-01-17 8:53 ` Ludovic Courtès
2018-01-17 14:55 ` Mike Gerwitz
2 siblings, 1 reply; 91+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-01-16 19:09 UTC (permalink / raw)
To: mbakke, ludo; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 221 bytes --]
Marius!
Marius Bakke wrote on 16/01/18 at 20:01:
> Not sure what to put in the description. Can I hire Tobias for this? :P
You probably don't want me writing what I think of Chromium.
Kind regards,
T G-R
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 248 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-16 19:09 ` Tobias Geerinckx-Rice
@ 2018-01-16 19:22 ` Marius Bakke
2018-01-16 20:41 ` Leo Famulari
0 siblings, 1 reply; 91+ messages in thread
From: Marius Bakke @ 2018-01-16 19:22 UTC (permalink / raw)
To: Tobias Geerinckx-Rice, ludo; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 677 bytes --]
Tobias Geerinckx-Rice <me@tobias.gr> writes:
> Marius!
>
> Marius Bakke wrote on 16/01/18 at 20:01:
>> Not sure what to put in the description. Can I hire Tobias for this? :P
>
> You probably don't want me writing what I think of Chromium.
LOL, fair enough.
I tend to assume zero-knowledge when writing descriptions and have been
playing on spins of "Chromium is a browser designed to spy on the user",
but carrying software with that description does not reflect very well
on us...besides, I've gone great lengths to remove those antifeatures.
I'd like to make it very clear that users concerned about privacy should
prefer GNU IceCat though... Suggestions welcome. :-)
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-16 14:18 ` Ludovic Courtès
2018-01-16 19:01 ` Marius Bakke
@ 2018-01-16 20:04 ` ng0
1 sibling, 0 replies; 91+ messages in thread
From: ng0 @ 2018-01-16 20:04 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1414 bytes --]
Ludovic Courtès transcribed 0.8K bytes:
> Hi Marius,
>
> Marius Bakke <mbakke@fastmail.com> skribis:
>
> > The attached patch adds Spectre mitigation to the current Chromium
> > release. The patch was pulled from the Chrome 64 branch:
> >
> > From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001
> > From: Marius Bakke <mbakke@fastmail.com>
> > Date: Thu, 11 Jan 2018 14:36:47 +0100
> > Subject: [PATCH] gnu: chromium: Add spectre mitigation.
> >
> > * gnu/packages/patches/chromium-spectre-mitigation.patch: New file.
> > * gnu/local.mk (dist_patch_DATA): Register it.
> > * gnu/packages/chromium.scm (chromium)[source]: Use it.
>
> I didn’t really follow the whole discussion :-), but if what you have is
> now OK from the freedom and security viewpoints (including bundling),
> perhaps you can go ahead?
>
> Ludo’.
>
From a usability point of view it's definitely okay, I've been using this
for a while now, no crashes so far.
Coming up with a way to define extensions is just a matter of placing the
Lego blocks in the right position. Gentoo and other systems (maybe Nix) offer
insights.
I'd say to get to a PoC package for an easy extension, under the assumption
that the general integration works, it could be done in a couple of working
weekends.
--
ng0 :: https://ea.n0.is
A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-16 19:22 ` Marius Bakke
@ 2018-01-16 20:41 ` Leo Famulari
0 siblings, 0 replies; 91+ messages in thread
From: Leo Famulari @ 2018-01-16 20:41 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1223 bytes --]
On Tue, Jan 16, 2018 at 08:22:32PM +0100, Marius Bakke wrote:
> Tobias Geerinckx-Rice <me@tobias.gr> writes:
> > Marius Bakke wrote on 16/01/18 at 20:01:
> >> Not sure what to put in the description. Can I hire Tobias for this? :P
> >
> > You probably don't want me writing what I think of Chromium.
>
> LOL, fair enough.
>
> I tend to assume zero-knowledge when writing descriptions and have been
> playing on spins of "Chromium is a browser designed to spy on the user",
> but carrying software with that description does not reflect very well
> on us...besides, I've gone great lengths to remove those antifeatures.
>
> I'd like to make it very clear that users concerned about privacy should
> prefer GNU IceCat though... Suggestions welcome. :-)
The Synopses and Descriptions section of the manual says "Please avoid
marketing phrases" and "try to be factual, mentioning use cases and
features". I think we should also avoid "anti-marketing" language.
Why not keep it simple and say something like this:
"Chromium is a graphical web browser. This package omits the FOO, BAR,
and BAZ features in order to help protect the user's privacy."
The IceCat description is similarly terse.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-16 19:01 ` Marius Bakke
2018-01-16 19:09 ` Tobias Geerinckx-Rice
@ 2018-01-17 8:53 ` Ludovic Courtès
2018-01-17 14:55 ` Mike Gerwitz
2 siblings, 0 replies; 91+ messages in thread
From: Ludovic Courtès @ 2018-01-17 8:53 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Hello,
Marius Bakke <mbakke@fastmail.com> skribis:
> I believe this is pretty much ready. However Chromium 64 is due in one
> week, so I'll wait for that. Meanwhile I'll try to get rid of the
> default "most used" sites which links to the nonfree Web Store.
Oh yes, we should definitely do that.
> Not sure what to put in the description. Can I hire Tobias for this? :P
>
> If there are no objections, expect to see this in 'master' in 1-2 weeks.
Sounds good. Quite an achievement!
Thanks,
Ludo’.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-16 19:01 ` Marius Bakke
2018-01-16 19:09 ` Tobias Geerinckx-Rice
2018-01-17 8:53 ` Ludovic Courtès
@ 2018-01-17 14:55 ` Mike Gerwitz
2018-02-26 18:18 ` Marius Bakke
2 siblings, 1 reply; 91+ messages in thread
From: Mike Gerwitz @ 2018-01-17 14:55 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 562 bytes --]
On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
> If there are no objections, expect to see this in 'master' in 1-2 weeks.
I want to express gratitude for your hard work on this---given that
IceCat does not contain many of the FF devtool updates, Chromium is very
desirable for web development. It's also needed for certain Node.js
tools, like node-inspector.
So, thank you!
--
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05
https://mikegerwitz.com
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 818 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-01-17 14:55 ` Mike Gerwitz
@ 2018-02-26 18:18 ` Marius Bakke
2018-02-26 20:01 ` ng0
2018-02-27 2:00 ` Mike Gerwitz
0 siblings, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2018-02-26 18:18 UTC (permalink / raw)
To: Mike Gerwitz; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1549 bytes --]
Mike Gerwitz <mtg@gnu.org> writes:
> On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
>> If there are no objections, expect to see this in 'master' in 1-2 weeks.
>
> I want to express gratitude for your hard work on this---given that
> IceCat does not contain many of the FF devtool updates, Chromium is very
> desirable for web development. It's also needed for certain Node.js
> tools, like node-inspector.
>
> So, thank you!
Thank *you* for the kind words! :-)
Here is the latest iteration of this patch. New in this version:
* Chromium 64 (duh).
* The 'delete-bundled-software' phase has been moved to a snippet,
shaving ~100MiB (~22%) off the compressed tarball size (and
drastically reduces (de)compression time).
* The New Tab page does not show any thumbnails for new profiles.
I've also added more comments about the patches and other flags.
Now, when launching the browser for the first time, it *still* connects
to Google services. After a while it also does a lookup for AdWords...
However subsequent launches are "silent" as long as the Web Store is
disabled and "--disable-background-networking" is passed, like the
wrapper script does.
Incidentally, now that IceCat supports WebRTC (and somehow plugged the
IP address leak[0]!), I no longer *need* this package. However, having
multiple high quality browsers at hand is a huge advantage IMO, so I'd
still like to have it in Guix.
What do y'all think? Feedback on the snippet and description very
welcome.
[0] https://en.wikipedia.org/wiki/WebRTC#Concerns
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] [PATCH] gnu: Add chromium.
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
` (2 preceding siblings ...)
2017-10-10 13:19 ` ng0
@ 2018-02-26 18:19 ` Marius Bakke
2018-04-13 19:10 ` [bug#28004] Chromium 65 Marius Bakke
` (3 subsequent siblings)
7 siblings, 0 replies; 91+ messages in thread
From: Marius Bakke @ 2018-02-26 18:19 UTC (permalink / raw)
To: 28004
* gnu/packages/chromium.scm: New file.
* gnu/packages/patches/chromium-gcc.patch,
gnu/packages/patches/chromium-remove-default-history.patch: New files.
* gnu/local.mk: Record it.
---
gnu/local.mk | 3 +
gnu/packages/chromium.scm | 756 +++++++++++++++++++++
gnu/packages/patches/chromium-gcc5.patch | 39 ++
.../patches/chromium-remove-default-history.patch | 13 +
4 files changed, 811 insertions(+)
create mode 100644 gnu/packages/chromium.scm
create mode 100644 gnu/packages/patches/chromium-gcc5.patch
create mode 100644 gnu/packages/patches/chromium-remove-default-history.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index fa98810d6..fb1320f7b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -92,6 +92,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/check.scm \
%D%/packages/chemistry.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cinnamon.scm \
%D%/packages/cmake.scm \
@@ -581,6 +582,8 @@ dist_patch_DATA = \
%D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
%D%/packages/patches/ceph-skip-unittest_blockdev.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-gcc5.patch \
+ %D%/packages/patches/chromium-remove-default-history.patch \
%D%/packages/patches/clang-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clang-runtime-asan-build-fixes.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..1dd77b089
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,756 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages ghostscript)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (strip-directory-prefix pathspec)
+ "Return everything after the last '/' in PATHSPEC."
+ (let ((index (string-rindex pathspec #\/)))
+ (if index
+ (string-drop pathspec (+ 1 index))
+ pathspec)))
+
+(define (chromium-patch-file-name pathspec)
+ (let ((patch-name (strip-directory-prefix pathspec)))
+ (if (string-prefix? "chromium-" patch-name)
+ patch-name
+ (string-append "chromium-" patch-name))))
+
+;; https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches
+(define (debian-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git"
+ "/plain/debian/patches/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
+(define (gentoo-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
+ "/chromium/files/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/gcarq/inox-patchset
+(define (inox-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
+ revision "/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/NixOS/nixpkgs/tree/master/pkgs/applications/networking/browsers/chromium
+(define (nixos-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/NixOS/nixpkgs/"
+ revision "/pkgs/applications/networking/browsers"
+ "/chromium/patches/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; Fix build for older versions of GCC.
+(define %chromium-angle-gcc-compat.patch
+ (gentoo-patch "chromium-angle-r0.patch"
+ "08971011b4d6fa37aa906920fba7564e48b9e60b"
+ "0izdrqwsyr48117dhvwdsk8c6dkrnq2njida1q4mb1lagvwbz7gc"))
+
+;; https://webrtc-review.googlesource.com/9384
+(define %chromium-webrtc-gcc-compat.patch
+ (gentoo-patch "chromium-webrtc-r0.patch"
+ "08971011b4d6fa37aa906920fba7564e48b9e60b"
+ "0qj5b4w9kav51ylpdf38vm5w7p2gx4qp8p45vrfggp7miicg9cmw"))
+
+;; https://chromium-review.googlesource.com/813737
+(define %chromium-memcpy.patch
+ (gentoo-patch "chromium-memcpy-r0.patch"
+ "08971011b4d6fa37aa906920fba7564e48b9e60b"
+ "1d3vra59wjg2lva7ddv55ff6l57mk9k50llsplr0b7vxk0lh0ps5"))
+
+(define %chromium-system-nspr.patch
+ (debian-patch "system/nspr.patch"
+ "debian/64.0.3282.119-2"
+ "0pcwk3jsx8hjzd4s1v7p11jd8vpdqfnq82di31222cjx0bl6275r"))
+
+(define %chromium-system-libevent.patch
+ (debian-patch "system/event.patch"
+ "debian/64.0.3282.119-2"
+ "1dxzn1yf05mzf21c25sczj4zhkknf03x9bc3xzznqpvnsf3cjpr0"))
+
+(define %chromium-system-icu.patch
+ (debian-patch "system/icu.patch"
+ "debian/64.0.3282.119-2"
+ "0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv"))
+
+;; Don't show a warning about missing API keys.
+(define %chromium-disable-api-keys-warning.patch
+ (debian-patch "disable/google-api-warning.patch"
+ "debian/64.0.3282.119-2"
+ "1932xkrskm4nnglzj6xfjpycx4chsycj9ay3ipkq5f6xk21a1xm0"))
+
+;; Add DuckDuckGo and set it as the default search engine.
+(define %chromium-duckduckgo.patch
+ (inox-patch "0011-add-duckduckgo-search-engine.patch"
+ "d655594419af6b82a2a070e4d3eedd926a04fa79"
+ "0p8x98g71ngkd3wbl5q36wrl18ff185sfrr5fcwjbgrv3v7r6ra7"))
+
+;; Don't start a "Login Wizard" at first launch.
+(define %chromium-first-run.patch
+ (inox-patch "0018-disable-first-run-behaviour.patch"
+ "d655594419af6b82a2a070e4d3eedd926a04fa79"
+ "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
+
+;; Use privacy-preserving defaults.
+(define %chromium-default-preferences.patch
+ (inox-patch "0006-modify-default-prefs.patch"
+ "d655594419af6b82a2a070e4d3eedd926a04fa79"
+ "0qpd5l3wiw7325cicjzvdql0gay7jl4afml4nrbmy3w40i1ai2rf"))
+
+;; Recent versions of Chromium may load a remote search engine on the
+;; New Tab Page, causing unnecessary and involuntary network traffic.
+(define %chromium-restore-classic-ntp.patch
+ (inox-patch "0008-restore-classic-ntp.patch"
+ "d655594419af6b82a2a070e4d3eedd926a04fa79"
+ "0lj018q6vd6m43cj8rnraqgi4lp2iq76i1i0078dav4cxnzdryfs"))
+
+(define opus+custom
+ (package (inherit opus)
+ (name "opus+custom")
+ (arguments
+ `(;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ #:configure-flags '("--enable-custom-modes")
+ ,@(package-arguments opus)))))
+
+(define libvpx+experimental
+ (package
+ (inherit libvpx)
+ (name "libvpx+experimental")
+ (arguments
+ `(,@(substitute-keyword-arguments (package-arguments libvpx)
+ ((#:configure-flags flags ''())
+ ;; Spatial SVC is an experimental VP9 encoder required by Chromium.
+ `(cons* "--enable-experimental" "--enable-spatial-svc"
+ ,flags)))))))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "64.0.3282.186")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "0q0q1whspmzyln04gxhgl3jd2vrgb4imh8r9qw6c06i3b63j3l2z"))
+ (patches (list %chromium-duckduckgo.patch
+ %chromium-default-preferences.patch
+ %chromium-first-run.patch
+ %chromium-restore-classic-ntp.patch
+ %chromium-angle-gcc-compat.patch
+ %chromium-webrtc-gcc-compat.patch
+ %chromium-memcpy.patch
+ %chromium-system-icu.patch
+ %chromium-system-nspr.patch
+ %chromium-system-libevent.patch
+ %chromium-disable-api-keys-warning.patch
+ (search-patch "chromium-gcc5.patch")
+ (search-patch "chromium-remove-default-history.patch")))
+ (modules '((srfi srfi-1)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build utils)))
+ (snippet
+ '(begin
+ (let ((preserved-files
+ (map
+ (lambda (path) (string-append "./" path))
+ (list
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/libevent"
+ "base/third_party/nspr"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ;glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "buildtools/third_party/libc++"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/smhasher"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/blink"
+ "third_party/boringssl"
+ "third_party/boringssl/src/third_party/fiat"
+ "third_party/breakpad"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/catapult/tracing/third_party/pako"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/crc32c"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ ;; PDFium requires a private freetype API.
+ ;; <https://bugs.chromium.org/p/pdfium/issues/detail?id=733>
+ "third_party/freetype/src/src/psnames/pstables.h"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/harfbuzz-ng"
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml"
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/metrics_proto"
+ "third_party/modp_b64"
+ "third_party/mt19937ar"
+ "third_party/node"
+ (string-append "third_party/node/node_modules/"
+ "polymer-bundler/lib/third_party/UglifyJS2")
+ "third_party/openmax_dl"
+ "third_party/ots"
+ "third_party/pdfium"
+ "third_party/pdfium/third_party"
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
+ "third_party/smhasher"
+ "third_party/speech-dispatcher"
+ "third_party/spirv-headers"
+ "third_party/spirv-tools-angle"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/vulkan"
+ "third_party/vulkan-validation-layers"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/webrtc_overrides"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol"))))
+
+ ;; This is an implementation of
+ ;; "build/linux/unbundle/remove_bundled_libraries.py".
+ ;; It traverses any "third_party" directory and deletes
+ ;; files that are:
+ ;; * not ending with ".gn" or ".gni"; or
+ ;; * not explicitly named as argument (folder or file).
+ ;; TODO: Remove empty directories.
+ (define (delete-files-except exceptions dir)
+
+ (define (enter? name stat result)
+ (not (member name exceptions)))
+
+ (define (leaf name stat result)
+ (let ((protected-files (make-regexp "\\.(gn|gyp)i?$"
+ regexp/icase)))
+ (unless (or (member name exceptions)
+ (regexp-exec protected-files name))
+ (delete-file name))))
+
+ (file-system-fold enter?
+ leaf
+ (lambda (dir stat result) result) ;down
+ (lambda (dir stat result) result) ;up
+ (lambda (dir stat result) result) ;skip
+ (lambda (dir stat result) result) ;error
+ #t
+ dir))
+
+ (for-each (lambda (third-party)
+ (delete-files-except preserved-files
+ third-party))
+ (find-files "." "^third_party$" #:directories? #t))
+
+ ;; Replace GN files from third_party with shims for building
+ ;; against system libraries. Keep this list in sync with
+ ;; "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("freetype.gn" . "third_party/freetype/BUILD.gn")
+ ;; FIXME: This is no longer supported since 63.
+ ;;'("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ '("libxml.gn" . "third_party/libxml/BUILD.gn") ;TODO
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t)))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it's not recognized when passed.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (append (find-files "third_party/opus/src/celt")
+ (find-files "third_party/opus/src/src")
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus"))))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute*
+ "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "is_official_build=false"
+ "is_clang=false"
+ "use_gold=false"
+ "use_lld=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "goma_dir=\"\""
+ "enable_precompiled_headers=false"
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ;don't use tcmalloc
+ "override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
+ ;; Optimize for building everything at once, as opposed
+ ;; to incrementally for development. See "docs/jumbo.md".
+ ;; XXX: On some systems this may trigger a compiler error.
+ ;;"use_jumbo_build=true"
+ ;; Disable debugging features to save space.
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ ;; Some of the unbundled libraries throws deprecation
+ ;; warnings, etc. Ignore it.
+ "treat_warnings_as_errors=false"
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if desired. See
+ ;; <https://www.chromium.org/developers/how-tos/api-keys>.
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+
+ "use_system_freetype=true"
+ "use_system_harfbuzz=true"
+ "use_system_libjpeg=true"
+ "use_system_lcms2=true"
+ "use_system_zlib=true"
+ ;; This is currently not supported on Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;;"use_system_sqlite=true"
+
+ "use_gconf=false" ;deprecated by gsettings
+ "use_gnome_keyring=false" ;deprecated by libsecret
+ "use_gtk3=true"
+ "use_openh264=true"
+ "use_xkbcommon=true"
+ "link_pulseaudio=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ;2.0
+ "rtc_build_libyuv=true"
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "gcc")
+ (setenv "CXX" "g++")
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (invoke "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v")
+ ;; Generate ninja build files.
+ (invoke "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " ")))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (invoke "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome")))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (substitute* '("chrome/app/resources/manpage.1.in"
+ "chrome/installer/linux/common/desktop.template")
+ (("@@MENUNAME@@") "Chromium")
+ (("@@PACKAGE@@") "chromium")
+ (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
+ (mkdir-p man)
+ (copy-file "chrome/app/resources/manpage.1.in"
+ (string-append man "/chromium.1"))
+ (mkdir-p applications)
+ (copy-file "chrome/installer/linux/common/desktop.template"
+ (string-append applications "/chromium.desktop"))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\" \\~@
+ --disable-background-networking \\~@
+ --disable-extensions \\~@
+ \"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("git" ,git) ;last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c)
+ ("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser designed for speed and security. This
+version incorporates patches from
+@url{https://github.com/gcarq/inox-patchset,Inox} and
+@url{https://www.debian.org/,Debian} in order to protect the users privacy.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; components with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
diff --git a/gnu/packages/patches/chromium-gcc5.patch b/gnu/packages/patches/chromium-gcc5.patch
new file mode 100644
index 000000000..56b2cd6ef
--- /dev/null
+++ b/gnu/packages/patches/chromium-gcc5.patch
@@ -0,0 +1,39 @@
+Work around a GCC5 bug where it fails to choose the correct base::span
+constructor.
+
+Adapted from this commit:
+https://gitweb.gentoo.org/repo/gentoo.git/commit/www-client/chromium?id=7843d29ab07411a9c70962fb90b4cd1546910242
+
+--- a/gpu/ipc/common/mailbox_struct_traits.h
++++ b/gpu/ipc/common/mailbox_struct_traits.h
+@@ -15,7 +15,7 @@ namespace mojo {
+ template <>
+ struct StructTraits<gpu::mojom::MailboxDataView, gpu::Mailbox> {
+ static base::span<const int8_t> name(const gpu::Mailbox& mailbox) {
+- return mailbox.name;
++ return base::make_span(mailbox.name);
+ }
+ static bool Read(gpu::mojom::MailboxDataView data, gpu::Mailbox* out);
+ };
+--- a/services/viz/public/cpp/compositing/filter_operation_struct_traits.h
++++ b/services/viz/public/cpp/compositing/filter_operation_struct_traits.h
+@@ -134,7 +134,7 @@ struct StructTraits<viz::mojom::FilterOperationDataView, cc::FilterOperation> {
+ static base::span<const float> matrix(const cc::FilterOperation& operation) {
+ if (operation.type() != cc::FilterOperation::COLOR_MATRIX)
+ return base::span<const float>();
+- return operation.matrix();
++ return base::make_span(operation.matrix());
+ }
+
+ static base::span<const gfx::Rect> shape(
+--- a/services/viz/public/cpp/compositing/quads_struct_traits.h
++++ b/services/viz/public/cpp/compositing/quads_struct_traits.h
+@@ -308,7 +308,7 @@
+ static base::span<const float> vertex_opacity(const viz::DrawQuad& input) {
+ const viz::TextureDrawQuad* quad =
+ viz::TextureDrawQuad::MaterialCast(&input);
+- return quad->vertex_opacity;
++ return base::make_span(quad->vertex_opacity);
+ }
+
+ static bool y_flipped(const viz::DrawQuad& input) {
diff --git a/gnu/packages/patches/chromium-remove-default-history.patch b/gnu/packages/patches/chromium-remove-default-history.patch
new file mode 100644
index 000000000..38be10820
--- /dev/null
+++ b/gnu/packages/patches/chromium-remove-default-history.patch
@@ -0,0 +1,13 @@
+Don't pre-populate the New Tab Page for new profiles.
+
+--- a/chrome/browser/history/top_sites_factory.cc
++++ b/chrome/browser/history/top_sites_factory.cc
+@@ -74,7 +74,7 @@
+
+ void InitializePrepopulatedPageList(
+ history::PrepopulatedPageList* prepopulated_pages) {
+-#if !defined(OS_ANDROID)
++#if false
+ DCHECK(prepopulated_pages);
+ prepopulated_pages->reserve(arraysize(kRawPrepopulatedPages));
+ for (size_t i = 0; i < arraysize(kRawPrepopulatedPages); ++i) {
--
2.16.2
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-26 18:18 ` Marius Bakke
@ 2018-02-26 20:01 ` ng0
2018-02-26 20:06 ` Marius Bakke
2018-02-27 2:00 ` Mike Gerwitz
1 sibling, 1 reply; 91+ messages in thread
From: ng0 @ 2018-02-26 20:01 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2056 bytes --]
Marius Bakke transcribed 2.1K bytes:
> Mike Gerwitz <mtg@gnu.org> writes:
>
> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
> >> If there are no objections, expect to see this in 'master' in 1-2 weeks.
> >
> > I want to express gratitude for your hard work on this---given that
> > IceCat does not contain many of the FF devtool updates, Chromium is very
> > desirable for web development. It's also needed for certain Node.js
> > tools, like node-inspector.
> >
> > So, thank you!
>
> Thank *you* for the kind words! :-)
>
> Here is the latest iteration of this patch. New in this version:
>
> * Chromium 64 (duh).
> * The 'delete-bundled-software' phase has been moved to a snippet,
> shaving ~100MiB (~22%) off the compressed tarball size (and
> drastically reduces (de)compression time).
> * The New Tab page does not show any thumbnails for new profiles.
I think you forgot to attach the patches :)
> I've also added more comments about the patches and other flags.
>
> Now, when launching the browser for the first time, it *still* connects
> to Google services. After a while it also does a lookup for AdWords...
> However subsequent launches are "silent" as long as the Web Store is
> disabled and "--disable-background-networking" is passed, like the
> wrapper script does.
>
> Incidentally, now that IceCat supports WebRTC (and somehow plugged the
> IP address leak[0]!), I no longer *need* this package. However, having
> multiple high quality browsers at hand is a huge advantage IMO, so I'd
> still like to have it in Guix.
>
> What do y'all think? Feedback on the snippet and description very
> welcome.
I still would like to have Chromium in Guix too. Icecat doesn't work
for everyone's needs and requirements. I'd help volunteering time to
building and updating, when it's possible for me.
> [0] https://en.wikipedia.org/wiki/WebRTC#Concerns
--
ng0
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
http://krosos.org | https://n0.is/~ng0/ | https://crash.cx
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-26 20:01 ` ng0
@ 2018-02-26 20:06 ` Marius Bakke
2018-02-26 20:34 ` ng0
` (2 more replies)
0 siblings, 3 replies; 91+ messages in thread
From: Marius Bakke @ 2018-02-26 20:06 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 1257 bytes --]
ng0 <ng0@n0.is> writes:
> Marius Bakke transcribed 2.1K bytes:
>> Mike Gerwitz <mtg@gnu.org> writes:
>>
>> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
>> >> If there are no objections, expect to see this in 'master' in 1-2 weeks.
>> >
>> > I want to express gratitude for your hard work on this---given that
>> > IceCat does not contain many of the FF devtool updates, Chromium is very
>> > desirable for web development. It's also needed for certain Node.js
>> > tools, like node-inspector.
>> >
>> > So, thank you!
>>
>> Thank *you* for the kind words! :-)
>>
>> Here is the latest iteration of this patch. New in this version:
>>
>> * Chromium 64 (duh).
>> * The 'delete-bundled-software' phase has been moved to a snippet,
>> shaving ~100MiB (~22%) off the compressed tarball size (and
>> drastically reduces (de)compression time).
>> * The New Tab page does not show any thumbnails for new profiles.
>
> I think you forgot to attach the patches :)
Derp. I realized that and just used `git send-email`[0], but have
attached it here for convenience since the debbugs web UI doesn't allow
easy download of a raw message.
[0] https://debbugs.gnu.org/cgi/bugreport.cgi?msg=131;bug=28004#131
[-- Attachment #1.2: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 42462 bytes --]
From f00529f4cd9e2e5efef146915d217cbb413d1f1a Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm: New file.
* gnu/packages/patches/chromium-gcc.patch,
gnu/packages/patches/chromium-remove-default-history.patch: New files.
* gnu/local.mk: Record it.
---
gnu/local.mk | 3 +
gnu/packages/chromium.scm | 756 +++++++++++++++++++++
gnu/packages/patches/chromium-gcc5.patch | 39 ++
.../patches/chromium-remove-default-history.patch | 13 +
4 files changed, 811 insertions(+)
create mode 100644 gnu/packages/chromium.scm
create mode 100644 gnu/packages/patches/chromium-gcc5.patch
create mode 100644 gnu/packages/patches/chromium-remove-default-history.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index fa98810d6..fb1320f7b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -92,6 +92,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/check.scm \
%D%/packages/chemistry.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cinnamon.scm \
%D%/packages/cmake.scm \
@@ -581,6 +582,8 @@ dist_patch_DATA = \
%D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
%D%/packages/patches/ceph-skip-unittest_blockdev.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-gcc5.patch \
+ %D%/packages/patches/chromium-remove-default-history.patch \
%D%/packages/patches/clang-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clang-runtime-asan-build-fixes.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..1dd77b089
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,756 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages ghostscript)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (strip-directory-prefix pathspec)
+ "Return everything after the last '/' in PATHSPEC."
+ (let ((index (string-rindex pathspec #\/)))
+ (if index
+ (string-drop pathspec (+ 1 index))
+ pathspec)))
+
+(define (chromium-patch-file-name pathspec)
+ (let ((patch-name (strip-directory-prefix pathspec)))
+ (if (string-prefix? "chromium-" patch-name)
+ patch-name
+ (string-append "chromium-" patch-name))))
+
+;; https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches
+(define (debian-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git"
+ "/plain/debian/patches/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
+(define (gentoo-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
+ "/chromium/files/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/gcarq/inox-patchset
+(define (inox-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
+ revision "/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/NixOS/nixpkgs/tree/master/pkgs/applications/networking/browsers/chromium
+(define (nixos-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/NixOS/nixpkgs/"
+ revision "/pkgs/applications/networking/browsers"
+ "/chromium/patches/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; Fix build for older versions of GCC.
+(define %chromium-angle-gcc-compat.patch
+ (gentoo-patch "chromium-angle-r0.patch"
+ "08971011b4d6fa37aa906920fba7564e48b9e60b"
+ "0izdrqwsyr48117dhvwdsk8c6dkrnq2njida1q4mb1lagvwbz7gc"))
+
+;; https://webrtc-review.googlesource.com/9384
+(define %chromium-webrtc-gcc-compat.patch
+ (gentoo-patch "chromium-webrtc-r0.patch"
+ "08971011b4d6fa37aa906920fba7564e48b9e60b"
+ "0qj5b4w9kav51ylpdf38vm5w7p2gx4qp8p45vrfggp7miicg9cmw"))
+
+;; https://chromium-review.googlesource.com/813737
+(define %chromium-memcpy.patch
+ (gentoo-patch "chromium-memcpy-r0.patch"
+ "08971011b4d6fa37aa906920fba7564e48b9e60b"
+ "1d3vra59wjg2lva7ddv55ff6l57mk9k50llsplr0b7vxk0lh0ps5"))
+
+(define %chromium-system-nspr.patch
+ (debian-patch "system/nspr.patch"
+ "debian/64.0.3282.119-2"
+ "0pcwk3jsx8hjzd4s1v7p11jd8vpdqfnq82di31222cjx0bl6275r"))
+
+(define %chromium-system-libevent.patch
+ (debian-patch "system/event.patch"
+ "debian/64.0.3282.119-2"
+ "1dxzn1yf05mzf21c25sczj4zhkknf03x9bc3xzznqpvnsf3cjpr0"))
+
+(define %chromium-system-icu.patch
+ (debian-patch "system/icu.patch"
+ "debian/64.0.3282.119-2"
+ "0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv"))
+
+;; Don't show a warning about missing API keys.
+(define %chromium-disable-api-keys-warning.patch
+ (debian-patch "disable/google-api-warning.patch"
+ "debian/64.0.3282.119-2"
+ "1932xkrskm4nnglzj6xfjpycx4chsycj9ay3ipkq5f6xk21a1xm0"))
+
+;; Add DuckDuckGo and set it as the default search engine.
+(define %chromium-duckduckgo.patch
+ (inox-patch "0011-add-duckduckgo-search-engine.patch"
+ "d655594419af6b82a2a070e4d3eedd926a04fa79"
+ "0p8x98g71ngkd3wbl5q36wrl18ff185sfrr5fcwjbgrv3v7r6ra7"))
+
+;; Don't start a "Login Wizard" at first launch.
+(define %chromium-first-run.patch
+ (inox-patch "0018-disable-first-run-behaviour.patch"
+ "d655594419af6b82a2a070e4d3eedd926a04fa79"
+ "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
+
+;; Use privacy-preserving defaults.
+(define %chromium-default-preferences.patch
+ (inox-patch "0006-modify-default-prefs.patch"
+ "d655594419af6b82a2a070e4d3eedd926a04fa79"
+ "0qpd5l3wiw7325cicjzvdql0gay7jl4afml4nrbmy3w40i1ai2rf"))
+
+;; Recent versions of Chromium may load a remote search engine on the
+;; New Tab Page, causing unnecessary and involuntary network traffic.
+(define %chromium-restore-classic-ntp.patch
+ (inox-patch "0008-restore-classic-ntp.patch"
+ "d655594419af6b82a2a070e4d3eedd926a04fa79"
+ "0lj018q6vd6m43cj8rnraqgi4lp2iq76i1i0078dav4cxnzdryfs"))
+
+(define opus+custom
+ (package (inherit opus)
+ (name "opus+custom")
+ (arguments
+ `(;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ #:configure-flags '("--enable-custom-modes")
+ ,@(package-arguments opus)))))
+
+(define libvpx+experimental
+ (package
+ (inherit libvpx)
+ (name "libvpx+experimental")
+ (arguments
+ `(,@(substitute-keyword-arguments (package-arguments libvpx)
+ ((#:configure-flags flags ''())
+ ;; Spatial SVC is an experimental VP9 encoder required by Chromium.
+ `(cons* "--enable-experimental" "--enable-spatial-svc"
+ ,flags)))))))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "64.0.3282.186")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "0q0q1whspmzyln04gxhgl3jd2vrgb4imh8r9qw6c06i3b63j3l2z"))
+ (patches (list %chromium-duckduckgo.patch
+ %chromium-default-preferences.patch
+ %chromium-first-run.patch
+ %chromium-restore-classic-ntp.patch
+ %chromium-angle-gcc-compat.patch
+ %chromium-webrtc-gcc-compat.patch
+ %chromium-memcpy.patch
+ %chromium-system-icu.patch
+ %chromium-system-nspr.patch
+ %chromium-system-libevent.patch
+ %chromium-disable-api-keys-warning.patch
+ (search-patch "chromium-gcc5.patch")
+ (search-patch "chromium-remove-default-history.patch")))
+ (modules '((srfi srfi-1)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build utils)))
+ (snippet
+ '(begin
+ (let ((preserved-files
+ (map
+ (lambda (path) (string-append "./" path))
+ (list
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/libevent"
+ "base/third_party/nspr"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ;glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "buildtools/third_party/libc++"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/smhasher"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/blink"
+ "third_party/boringssl"
+ "third_party/boringssl/src/third_party/fiat"
+ "third_party/breakpad"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/catapult/tracing/third_party/pako"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/crc32c"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ ;; PDFium requires a private freetype API.
+ ;; <https://bugs.chromium.org/p/pdfium/issues/detail?id=733>
+ "third_party/freetype/src/src/psnames/pstables.h"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/harfbuzz-ng"
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml"
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/metrics_proto"
+ "third_party/modp_b64"
+ "third_party/mt19937ar"
+ "third_party/node"
+ (string-append "third_party/node/node_modules/"
+ "polymer-bundler/lib/third_party/UglifyJS2")
+ "third_party/openmax_dl"
+ "third_party/ots"
+ "third_party/pdfium"
+ "third_party/pdfium/third_party"
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
+ "third_party/smhasher"
+ "third_party/speech-dispatcher"
+ "third_party/spirv-headers"
+ "third_party/spirv-tools-angle"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/vulkan"
+ "third_party/vulkan-validation-layers"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/webrtc_overrides"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol"))))
+
+ ;; This is an implementation of
+ ;; "build/linux/unbundle/remove_bundled_libraries.py".
+ ;; It traverses any "third_party" directory and deletes
+ ;; files that are:
+ ;; * not ending with ".gn" or ".gni"; or
+ ;; * not explicitly named as argument (folder or file).
+ ;; TODO: Remove empty directories.
+ (define (delete-files-except exceptions dir)
+
+ (define (enter? name stat result)
+ (not (member name exceptions)))
+
+ (define (leaf name stat result)
+ (let ((protected-files (make-regexp "\\.(gn|gyp)i?$"
+ regexp/icase)))
+ (unless (or (member name exceptions)
+ (regexp-exec protected-files name))
+ (delete-file name))))
+
+ (file-system-fold enter?
+ leaf
+ (lambda (dir stat result) result) ;down
+ (lambda (dir stat result) result) ;up
+ (lambda (dir stat result) result) ;skip
+ (lambda (dir stat result) result) ;error
+ #t
+ dir))
+
+ (for-each (lambda (third-party)
+ (delete-files-except preserved-files
+ third-party))
+ (find-files "." "^third_party$" #:directories? #t))
+
+ ;; Replace GN files from third_party with shims for building
+ ;; against system libraries. Keep this list in sync with
+ ;; "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("freetype.gn" . "third_party/freetype/BUILD.gn")
+ ;; FIXME: This is no longer supported since 63.
+ ;;'("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ '("libxml.gn" . "third_party/libxml/BUILD.gn") ;TODO
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t)))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it's not recognized when passed.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (append (find-files "third_party/opus/src/celt")
+ (find-files "third_party/opus/src/src")
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus"))))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute*
+ "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "is_official_build=false"
+ "is_clang=false"
+ "use_gold=false"
+ "use_lld=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "goma_dir=\"\""
+ "enable_precompiled_headers=false"
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ;don't use tcmalloc
+ "override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
+ ;; Optimize for building everything at once, as opposed
+ ;; to incrementally for development. See "docs/jumbo.md".
+ ;; XXX: On some systems this may trigger a compiler error.
+ ;;"use_jumbo_build=true"
+ ;; Disable debugging features to save space.
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ ;; Some of the unbundled libraries throws deprecation
+ ;; warnings, etc. Ignore it.
+ "treat_warnings_as_errors=false"
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if desired. See
+ ;; <https://www.chromium.org/developers/how-tos/api-keys>.
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+
+ "use_system_freetype=true"
+ "use_system_harfbuzz=true"
+ "use_system_libjpeg=true"
+ "use_system_lcms2=true"
+ "use_system_zlib=true"
+ ;; This is currently not supported on Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;;"use_system_sqlite=true"
+
+ "use_gconf=false" ;deprecated by gsettings
+ "use_gnome_keyring=false" ;deprecated by libsecret
+ "use_gtk3=true"
+ "use_openh264=true"
+ "use_xkbcommon=true"
+ "link_pulseaudio=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ;2.0
+ "rtc_build_libyuv=true"
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "gcc")
+ (setenv "CXX" "g++")
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (invoke "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v")
+ ;; Generate ninja build files.
+ (invoke "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " ")))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (invoke "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome")))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (substitute* '("chrome/app/resources/manpage.1.in"
+ "chrome/installer/linux/common/desktop.template")
+ (("@@MENUNAME@@") "Chromium")
+ (("@@PACKAGE@@") "chromium")
+ (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
+ (mkdir-p man)
+ (copy-file "chrome/app/resources/manpage.1.in"
+ (string-append man "/chromium.1"))
+ (mkdir-p applications)
+ (copy-file "chrome/installer/linux/common/desktop.template"
+ (string-append applications "/chromium.desktop"))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\" \\~@
+ --disable-background-networking \\~@
+ --disable-extensions \\~@
+ \"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("git" ,git) ;last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c)
+ ("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser designed for speed and security. This
+version incorporates patches from
+@url{https://github.com/gcarq/inox-patchset,Inox} and
+@url{https://www.debian.org/,Debian} in order to protect the users privacy.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; components with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
diff --git a/gnu/packages/patches/chromium-gcc5.patch b/gnu/packages/patches/chromium-gcc5.patch
new file mode 100644
index 000000000..56b2cd6ef
--- /dev/null
+++ b/gnu/packages/patches/chromium-gcc5.patch
@@ -0,0 +1,39 @@
+Work around a GCC5 bug where it fails to choose the correct base::span
+constructor.
+
+Adapted from this commit:
+https://gitweb.gentoo.org/repo/gentoo.git/commit/www-client/chromium?id=7843d29ab07411a9c70962fb90b4cd1546910242
+
+--- a/gpu/ipc/common/mailbox_struct_traits.h
++++ b/gpu/ipc/common/mailbox_struct_traits.h
+@@ -15,7 +15,7 @@ namespace mojo {
+ template <>
+ struct StructTraits<gpu::mojom::MailboxDataView, gpu::Mailbox> {
+ static base::span<const int8_t> name(const gpu::Mailbox& mailbox) {
+- return mailbox.name;
++ return base::make_span(mailbox.name);
+ }
+ static bool Read(gpu::mojom::MailboxDataView data, gpu::Mailbox* out);
+ };
+--- a/services/viz/public/cpp/compositing/filter_operation_struct_traits.h
++++ b/services/viz/public/cpp/compositing/filter_operation_struct_traits.h
+@@ -134,7 +134,7 @@ struct StructTraits<viz::mojom::FilterOperationDataView, cc::FilterOperation> {
+ static base::span<const float> matrix(const cc::FilterOperation& operation) {
+ if (operation.type() != cc::FilterOperation::COLOR_MATRIX)
+ return base::span<const float>();
+- return operation.matrix();
++ return base::make_span(operation.matrix());
+ }
+
+ static base::span<const gfx::Rect> shape(
+--- a/services/viz/public/cpp/compositing/quads_struct_traits.h
++++ b/services/viz/public/cpp/compositing/quads_struct_traits.h
+@@ -308,7 +308,7 @@
+ static base::span<const float> vertex_opacity(const viz::DrawQuad& input) {
+ const viz::TextureDrawQuad* quad =
+ viz::TextureDrawQuad::MaterialCast(&input);
+- return quad->vertex_opacity;
++ return base::make_span(quad->vertex_opacity);
+ }
+
+ static bool y_flipped(const viz::DrawQuad& input) {
diff --git a/gnu/packages/patches/chromium-remove-default-history.patch b/gnu/packages/patches/chromium-remove-default-history.patch
new file mode 100644
index 000000000..38be10820
--- /dev/null
+++ b/gnu/packages/patches/chromium-remove-default-history.patch
@@ -0,0 +1,13 @@
+Don't pre-populate the New Tab Page for new profiles.
+
+--- a/chrome/browser/history/top_sites_factory.cc
++++ b/chrome/browser/history/top_sites_factory.cc
+@@ -74,7 +74,7 @@
+
+ void InitializePrepopulatedPageList(
+ history::PrepopulatedPageList* prepopulated_pages) {
+-#if !defined(OS_ANDROID)
++#if false
+ DCHECK(prepopulated_pages);
+ prepopulated_pages->reserve(arraysize(kRawPrepopulatedPages));
+ for (size_t i = 0; i < arraysize(kRawPrepopulatedPages); ++i) {
--
2.16.2
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-26 20:06 ` Marius Bakke
@ 2018-02-26 20:34 ` ng0
2018-02-26 22:41 ` Björn Höfling
2018-02-27 22:17 ` ng0
2 siblings, 0 replies; 91+ messages in thread
From: ng0 @ 2018-02-26 20:34 UTC (permalink / raw)
To: Marius Bakke; +Cc: ng0, 28004
[-- Attachment #1: Type: text/plain, Size: 1826 bytes --]
Marius Bakke transcribed 43K bytes:
> ng0 <ng0@n0.is> writes:
>
> > Marius Bakke transcribed 2.1K bytes:
> >> Mike Gerwitz <mtg@gnu.org> writes:
> >>
> >> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
> >> >> If there are no objections, expect to see this in 'master' in 1-2 weeks.
> >> >
> >> > I want to express gratitude for your hard work on this---given that
> >> > IceCat does not contain many of the FF devtool updates, Chromium is very
> >> > desirable for web development. It's also needed for certain Node.js
> >> > tools, like node-inspector.
> >> >
> >> > So, thank you!
> >>
> >> Thank *you* for the kind words! :-)
> >>
> >> Here is the latest iteration of this patch. New in this version:
> >>
> >> * Chromium 64 (duh).
> >> * The 'delete-bundled-software' phase has been moved to a snippet,
> >> shaving ~100MiB (~22%) off the compressed tarball size (and
> >> drastically reduces (de)compression time).
> >> * The New Tab page does not show any thumbnails for new profiles.
> >
> > I think you forgot to attach the patches :)
>
> Derp. I realized that and just used `git send-email`[0], but have
> attached it here for convenience since the debbugs web UI doesn't allow
> easy download of a raw message.
>
> [0] https://debbugs.gnu.org/cgi/bugreport.cgi?msg=131;bug=28004#131
>
Great, thanks! I'll comment after building (so the usual 3 - 16 hours ;D).
Something I noticed in the past: A succesful build for Chromium depends on
the system libraries we use. The last version broke a while back when icu4c
got updated I think.
So changes need to be adjusted. We can not know when this happens, but we
can act when it happens.
--
ng0
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
http://krosos.org | https://n0.is/~ng0/ | https://crash.cx
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-26 20:06 ` Marius Bakke
2018-02-26 20:34 ` ng0
@ 2018-02-26 22:41 ` Björn Höfling
2018-02-27 21:57 ` ng0
2018-02-28 17:38 ` Marius Bakke
2018-02-27 22:17 ` ng0
2 siblings, 2 replies; 91+ messages in thread
From: Björn Höfling @ 2018-02-26 22:41 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 3613 bytes --]
Hi Marius,
On Mon, 26 Feb 2018 21:06:57 +0100
Marius Bakke <mbakke@fastmail.com> wrote:
> ng0 <ng0@n0.is> writes:
>
> > Marius Bakke transcribed 2.1K bytes:
> >> Mike Gerwitz <mtg@gnu.org> writes:
> >>
> >> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
> >> >> If there are no objections, expect to see this in 'master' in
> >> >> 1-2 weeks.
> >> >
> >> > I want to express gratitude for your hard work on this---given
> >> > that IceCat does not contain many of the FF devtool updates,
> >> > Chromium is very desirable for web development. It's also
> >> > needed for certain Node.js tools, like node-inspector.
> >> >
> >> > So, thank you!
> >>
> >> Thank *you* for the kind words! :-)
> >>
> >> Here is the latest iteration of this patch. New in this version:
> >>
> >> * Chromium 64 (duh).
> >> * The 'delete-bundled-software' phase has been moved to a snippet,
> >> shaving ~100MiB (~22%) off the compressed tarball size (and
> >> drastically reduces (de)compression time).
> >> * The New Tab page does not show any thumbnails for new profiles.
> >
> > I think you forgot to attach the patches :)
>
> Derp. I realized that and just used `git send-email`[0], but have
> attached it here for convenience since the debbugs web UI doesn't
> allow easy download of a raw message.
>
> [0] https://debbugs.gnu.org/cgi/bugreport.cgi?msg=131;bug=28004#131
>
This looks like a lot of work. Thank you!
I quickly tried to apply and build the patch and have two first remarks:
The file says:
;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
I haven't followed history, have you worked on this since 2016?
One patch has a hash-mismatch:
Starting download of /gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch
From https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/plain/debian/patches/system/icu.patch?id=debian/64.0.3282.119-2...
icu.patch 2KiB 1.8MiB/s 00:00 [####################] 100.0%
output path `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch' should have sha256 hash `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59'
@ build-failed /gnu/store/cqdllqn8ig5wnjn0yqvnh4vlzsvnpzv6-chromium-icu.patch.drv - 1 output path `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch' should have sha256 hash `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59'
cannot build derivation `/gnu/store/vacxbwsprcp52vp6q975450zi091dak2-chromium-64.0.3282.186.tar.xz.drv': 1 dependencies couldn't be built
@ build-started /gnu/store/7q53inn1v32b5fain0h0wcrliclf0ff1-libvpx+experimental-1.7.0.drv - x86_64-linux /var/log/guix/drvs/7q//53inn1v32b5fain0h0wcrliclf0ff1-libvpx+experimental-1.7.0.drv.bz2
cannot build derivation `/gnu/store/5qv7anaaqk4576pma9mhcsz1nhrx1n01-chromium-64.0.3282.186.drv': 1 dependencies couldn't be built
guix build: error: build failed: build of `/gnu/store/5qv7anaaqk4576pma9mhcsz1nhrx1n01-chromium-64.0.3282.186.drv' failed
I looked into the file and it looks reasonable, like a patch-file. It has no download errors.
It starts like this:
description: backwards compatibility for older versions of icu
author: Michael Gilbert <mgilbert@debian.org>
--- a/v8/src/runtime/runtime-intl.cc
+++ b/v8/src/runtime/runtime-intl.cc
@@ -627,7 +627,11 @@ RUNTIME_FUNCTION(Runtime_PluralRulesSele
...
Can you check this file again?
Björn
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-26 18:18 ` Marius Bakke
2018-02-26 20:01 ` ng0
@ 2018-02-27 2:00 ` Mike Gerwitz
2018-02-28 8:17 ` ng0
2018-02-28 17:28 ` Marius Bakke
1 sibling, 2 replies; 91+ messages in thread
From: Mike Gerwitz @ 2018-02-27 2:00 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 675 bytes --]
On Mon, Feb 26, 2018 at 19:18:39 +0100, Marius Bakke wrote:
> Now, when launching the browser for the first time, it *still* connects
> to Google services. After a while it also does a lookup for AdWords...
Do you know what code initiates this? Would it be easy to remove, and
would that harm other functionality?
Saying that it only runs the first time implies to me that there's a
flag, and that perhaps the flag can either be permanently set or the
conditional triggering this behavior removed.
--
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05
https://mikegerwitz.com
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 818 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-26 22:41 ` Björn Höfling
@ 2018-02-27 21:57 ` ng0
2018-02-28 17:38 ` Marius Bakke
1 sibling, 0 replies; 91+ messages in thread
From: ng0 @ 2018-02-27 21:57 UTC (permalink / raw)
To: Björn Höfling; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 4148 bytes --]
Björn Höfling transcribed 4.0K bytes:
> Hi Marius,
>
> On Mon, 26 Feb 2018 21:06:57 +0100
> Marius Bakke <mbakke@fastmail.com> wrote:
>
> > ng0 <ng0@n0.is> writes:
> >
> > > Marius Bakke transcribed 2.1K bytes:
> > >> Mike Gerwitz <mtg@gnu.org> writes:
> > >>
> > >> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
> > >> >> If there are no objections, expect to see this in 'master' in
> > >> >> 1-2 weeks.
> > >> >
> > >> > I want to express gratitude for your hard work on this---given
> > >> > that IceCat does not contain many of the FF devtool updates,
> > >> > Chromium is very desirable for web development. It's also
> > >> > needed for certain Node.js tools, like node-inspector.
> > >> >
> > >> > So, thank you!
> > >>
> > >> Thank *you* for the kind words! :-)
> > >>
> > >> Here is the latest iteration of this patch. New in this version:
> > >>
> > >> * Chromium 64 (duh).
> > >> * The 'delete-bundled-software' phase has been moved to a snippet,
> > >> shaving ~100MiB (~22%) off the compressed tarball size (and
> > >> drastically reduces (de)compression time).
> > >> * The New Tab page does not show any thumbnails for new profiles.
> > >
> > > I think you forgot to attach the patches :)
> >
> > Derp. I realized that and just used `git send-email`[0], but have
> > attached it here for convenience since the debbugs web UI doesn't
> > allow easy download of a raw message.
> >
> > [0] https://debbugs.gnu.org/cgi/bugreport.cgi?msg=131;bug=28004#131
> >
>
>
> This looks like a lot of work. Thank you!
>
> I quickly tried to apply and build the patch and have two first remarks:
>
> The file says:
>
> ;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
>
> I haven't followed history, have you worked on this since 2016?
Marius, myself (and others?) have been working on this at least since October 2017.
I did a search, and indeed: Date: Tue, 27 Sep 2016 07:39:10 +0000 ... this is when I
first send the original Inox WIP. Wow.
> One patch has a hash-mismatch:
>
> Starting download of /gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch
> From https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/plain/debian/patches/system/icu.patch?id=debian/64.0.3282.119-2...
> icu.patch 2KiB 1.8MiB/s 00:00 [####################] 100.0%
> output path `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch' should have sha256 hash `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59'
> @ build-failed /gnu/store/cqdllqn8ig5wnjn0yqvnh4vlzsvnpzv6-chromium-icu.patch.drv - 1 output path `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch' should have sha256 hash `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59'
> cannot build derivation `/gnu/store/vacxbwsprcp52vp6q975450zi091dak2-chromium-64.0.3282.186.tar.xz.drv': 1 dependencies couldn't be built
> @ build-started /gnu/store/7q53inn1v32b5fain0h0wcrliclf0ff1-libvpx+experimental-1.7.0.drv - x86_64-linux /var/log/guix/drvs/7q//53inn1v32b5fain0h0wcrliclf0ff1-libvpx+experimental-1.7.0.drv.bz2
> cannot build derivation `/gnu/store/5qv7anaaqk4576pma9mhcsz1nhrx1n01-chromium-64.0.3282.186.drv': 1 dependencies couldn't be built
> guix build: error: build failed: build of `/gnu/store/5qv7anaaqk4576pma9mhcsz1nhrx1n01-chromium-64.0.3282.186.drv' failed
>
> I looked into the file and it looks reasonable, like a patch-file. It has no download errors.
>
> It starts like this:
>
> description: backwards compatibility for older versions of icu
> author: Michael Gilbert <mgilbert@debian.org>
>
> --- a/v8/src/runtime/runtime-intl.cc
> +++ b/v8/src/runtime/runtime-intl.cc
> @@ -627,7 +627,11 @@ RUNTIME_FUNCTION(Runtime_PluralRulesSele
>
> ...
>
> Can you check this file again?
With the patch Marius send yesterday it works for me.
> Björn
>
>
--
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://n0.is
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-26 20:06 ` Marius Bakke
2018-02-26 20:34 ` ng0
2018-02-26 22:41 ` Björn Höfling
@ 2018-02-27 22:17 ` ng0
2018-02-28 17:14 ` Marius Bakke
2 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2018-02-27 22:17 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004, ng0
[-- Attachment #1: Type: text/plain, Size: 46478 bytes --]
Marius Bakke transcribed 43K bytes:
> ng0 <ng0@n0.is> writes:
>
> > Marius Bakke transcribed 2.1K bytes:
> >> Mike Gerwitz <mtg@gnu.org> writes:
> >>
> >> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
> >> >> If there are no objections, expect to see this in 'master' in 1-2 weeks.
> >> >
> >> > I want to express gratitude for your hard work on this---given that
> >> > IceCat does not contain many of the FF devtool updates, Chromium is very
> >> > desirable for web development. It's also needed for certain Node.js
> >> > tools, like node-inspector.
> >> >
> >> > So, thank you!
> >>
> >> Thank *you* for the kind words! :-)
> >>
> >> Here is the latest iteration of this patch. New in this version:
> >>
> >> * Chromium 64 (duh).
> >> * The 'delete-bundled-software' phase has been moved to a snippet,
> >> shaving ~100MiB (~22%) off the compressed tarball size (and
> >> drastically reduces (de)compression time).
> >> * The New Tab page does not show any thumbnails for new profiles.
> >
> > I think you forgot to attach the patches :)
>
> Derp. I realized that and just used `git send-email`[0], but have
> attached it here for convenience since the debbugs web UI doesn't allow
> easy download of a raw message.
>
> [0] https://debbugs.gnu.org/cgi/bugreport.cgi?msg=131;bug=28004#131
>
Comments inlined, some words ahead.
I think it's good that we will be able to handle extensions via Guix.
But: We should point it out that you won't be able to install extensions
manually, via the store or as a file. People who betatested this got
confused.
Once we have extensions as packages, we can describe how to get extensions.
Gentoo (and Nix?) have done some work on handling the extensions via system
tools.
> From f00529f4cd9e2e5efef146915d217cbb413d1f1a Mon Sep 17 00:00:00 2001
> From: Marius Bakke <mbakke@fastmail.com>
> Date: Wed, 12 Oct 2016 17:25:05 +0100
> Subject: [PATCH] gnu: Add chromium.
>
> * gnu/packages/chromium.scm: New file.
> * gnu/packages/patches/chromium-gcc.patch,
> gnu/packages/patches/chromium-remove-default-history.patch: New files.
> * gnu/local.mk: Record it.
> ---
> gnu/local.mk | 3 +
> gnu/packages/chromium.scm | 756 +++++++++++++++++++++
> gnu/packages/patches/chromium-gcc5.patch | 39 ++
> .../patches/chromium-remove-default-history.patch | 13 +
> 4 files changed, 811 insertions(+)
> create mode 100644 gnu/packages/chromium.scm
> create mode 100644 gnu/packages/patches/chromium-gcc5.patch
> create mode 100644 gnu/packages/patches/chromium-remove-default-history.patch
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index fa98810d6..fb1320f7b 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -92,6 +92,7 @@ GNU_SYSTEM_MODULES = \
> %D%/packages/check.scm \
> %D%/packages/chemistry.scm \
> %D%/packages/chez.scm \
> + %D%/packages/chromium.scm \
> %D%/packages/ci.scm \
> %D%/packages/cinnamon.scm \
> %D%/packages/cmake.scm \
> @@ -581,6 +582,8 @@ dist_patch_DATA = \
> %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
> %D%/packages/patches/ceph-skip-unittest_blockdev.patch \
> %D%/packages/patches/chmlib-inttypes.patch \
> + %D%/packages/patches/chromium-gcc5.patch \
> + %D%/packages/patches/chromium-remove-default-history.patch \
> %D%/packages/patches/clang-libc-search-path.patch \
> %D%/packages/patches/clang-3.8-libc-search-path.patch \
> %D%/packages/patches/clang-runtime-asan-build-fixes.patch \
> diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
> new file mode 100644
> index 000000000..1dd77b089
> --- /dev/null
> +++ b/gnu/packages/chromium.scm
> @@ -0,0 +1,756 @@
> +;;; GNU Guix --- Functional package management for GNU
> +;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
> +;;;
> +;;; This file is part of GNU Guix.
> +;;;
> +;;; GNU Guix is free software; you can redistribute it and/or modify it
> +;;; under the terms of the GNU General Public License as published by
> +;;; the Free Software Foundation; either version 3 of the License, or (at
> +;;; your option) any later version.
> +;;;
> +;;; GNU Guix is distributed in the hope that it will be useful, but
> +;;; WITHOUT ANY WARRANTY; without even the implied warranty of
> +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +;;; GNU General Public License for more details.
> +;;;
> +;;; You should have received a copy of the GNU General Public License
> +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
> +
> +(define-module (gnu packages chromium)
> + #:use-module ((guix licenses) #:prefix license:)
> + #:use-module (guix packages)
> + #:use-module (guix download)
> + #:use-module (guix git-download)
> + #:use-module (guix utils)
> + #:use-module (guix build-system gnu)
> + #:use-module (gnu packages)
> + #:use-module (gnu packages assembly)
> + #:use-module (gnu packages base)
> + #:use-module (gnu packages bison)
> + #:use-module (gnu packages compression)
> + #:use-module (gnu packages cups)
> + #:use-module (gnu packages curl)
> + #:use-module (gnu packages databases)
> + #:use-module (gnu packages fontutils)
> + #:use-module (gnu packages ghostscript)
> + #:use-module (gnu packages gl)
> + #:use-module (gnu packages glib)
> + #:use-module (gnu packages gnome)
> + #:use-module (gnu packages gnuzilla)
> + #:use-module (gnu packages gperf)
> + #:use-module (gnu packages gtk)
> + #:use-module (gnu packages icu4c)
> + #:use-module (gnu packages image)
> + #:use-module (gnu packages libevent)
> + #:use-module (gnu packages libffi)
> + #:use-module (gnu packages libusb)
> + #:use-module (gnu packages linux)
> + #:use-module (gnu packages kerberos)
> + #:use-module (gnu packages ninja)
> + #:use-module (gnu packages node)
> + #:use-module (gnu packages pciutils)
> + #:use-module (gnu packages photo)
> + #:use-module (gnu packages pkg-config)
> + #:use-module (gnu packages protobuf)
> + #:use-module (gnu packages pulseaudio)
> + #:use-module (gnu packages python)
> + #:use-module (gnu packages python-web)
> + #:use-module (gnu packages regex)
> + #:use-module (gnu packages serialization)
> + #:use-module (gnu packages speech)
> + #:use-module (gnu packages tls)
> + #:use-module (gnu packages valgrind)
> + #:use-module (gnu packages version-control)
> + #:use-module (gnu packages video)
> + #:use-module (gnu packages xiph)
> + #:use-module (gnu packages xml)
> + #:use-module (gnu packages xdisorg)
> + #:use-module (gnu packages xorg))
> +
> +(define (strip-directory-prefix pathspec)
> + "Return everything after the last '/' in PATHSPEC."
> + (let ((index (string-rindex pathspec #\/)))
> + (if index
> + (string-drop pathspec (+ 1 index))
> + pathspec)))
> +
> +(define (chromium-patch-file-name pathspec)
> + (let ((patch-name (strip-directory-prefix pathspec)))
> + (if (string-prefix? "chromium-" patch-name)
> + patch-name
> + (string-append "chromium-" patch-name))))
> +
> +;; https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches
> +(define (debian-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append
> + "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git"
> + "/plain/debian/patches/" pathspec "?id=" revision))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
> +(define (gentoo-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append
> + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
> + "/chromium/files/" pathspec "?id=" revision))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; https://github.com/gcarq/inox-patchset
> +(define (inox-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
> + revision "/" pathspec))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; https://github.com/NixOS/nixpkgs/tree/master/pkgs/applications/networking/browsers/chromium
> +(define (nixos-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append "https://raw.githubusercontent.com/NixOS/nixpkgs/"
> + revision "/pkgs/applications/networking/browsers"
> + "/chromium/patches/" pathspec))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; Fix build for older versions of GCC.
> +(define %chromium-angle-gcc-compat.patch
> + (gentoo-patch "chromium-angle-r0.patch"
> + "08971011b4d6fa37aa906920fba7564e48b9e60b"
> + "0izdrqwsyr48117dhvwdsk8c6dkrnq2njida1q4mb1lagvwbz7gc"))
> +
> +;; https://webrtc-review.googlesource.com/9384
> +(define %chromium-webrtc-gcc-compat.patch
> + (gentoo-patch "chromium-webrtc-r0.patch"
> + "08971011b4d6fa37aa906920fba7564e48b9e60b"
> + "0qj5b4w9kav51ylpdf38vm5w7p2gx4qp8p45vrfggp7miicg9cmw"))
> +
> +;; https://chromium-review.googlesource.com/813737
> +(define %chromium-memcpy.patch
> + (gentoo-patch "chromium-memcpy-r0.patch"
> + "08971011b4d6fa37aa906920fba7564e48b9e60b"
> + "1d3vra59wjg2lva7ddv55ff6l57mk9k50llsplr0b7vxk0lh0ps5"))
> +
> +(define %chromium-system-nspr.patch
> + (debian-patch "system/nspr.patch"
> + "debian/64.0.3282.119-2"
> + "0pcwk3jsx8hjzd4s1v7p11jd8vpdqfnq82di31222cjx0bl6275r"))
> +
> +(define %chromium-system-libevent.patch
> + (debian-patch "system/event.patch"
> + "debian/64.0.3282.119-2"
> + "1dxzn1yf05mzf21c25sczj4zhkknf03x9bc3xzznqpvnsf3cjpr0"))
> +
> +(define %chromium-system-icu.patch
> + (debian-patch "system/icu.patch"
> + "debian/64.0.3282.119-2"
> + "0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv"))
> +
> +;; Don't show a warning about missing API keys.
> +(define %chromium-disable-api-keys-warning.patch
> + (debian-patch "disable/google-api-warning.patch"
> + "debian/64.0.3282.119-2"
> + "1932xkrskm4nnglzj6xfjpycx4chsycj9ay3ipkq5f6xk21a1xm0"))
> +
> +;; Add DuckDuckGo and set it as the default search engine.
> +(define %chromium-duckduckgo.patch
> + (inox-patch "0011-add-duckduckgo-search-engine.patch"
> + "d655594419af6b82a2a070e4d3eedd926a04fa79"
> + "0p8x98g71ngkd3wbl5q36wrl18ff185sfrr5fcwjbgrv3v7r6ra7"))
> +
> +;; Don't start a "Login Wizard" at first launch.
> +(define %chromium-first-run.patch
> + (inox-patch "0018-disable-first-run-behaviour.patch"
> + "d655594419af6b82a2a070e4d3eedd926a04fa79"
> + "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
> +
> +;; Use privacy-preserving defaults.
> +(define %chromium-default-preferences.patch
> + (inox-patch "0006-modify-default-prefs.patch"
> + "d655594419af6b82a2a070e4d3eedd926a04fa79"
> + "0qpd5l3wiw7325cicjzvdql0gay7jl4afml4nrbmy3w40i1ai2rf"))
> +
> +;; Recent versions of Chromium may load a remote search engine on the
> +;; New Tab Page, causing unnecessary and involuntary network traffic.
> +(define %chromium-restore-classic-ntp.patch
> + (inox-patch "0008-restore-classic-ntp.patch"
> + "d655594419af6b82a2a070e4d3eedd926a04fa79"
> + "0lj018q6vd6m43cj8rnraqgi4lp2iq76i1i0078dav4cxnzdryfs"))
> +
> +(define opus+custom
> + (package (inherit opus)
> + (name "opus+custom")
> + (arguments
> + `(;; Opus Custom is an optional extension of the Opus
> + ;; specification that allows for unsupported frame
> + ;; sizes. Chromium requires that this is enabled.
> + #:configure-flags '("--enable-custom-modes")
> + ,@(package-arguments opus)))))
> +
> +(define libvpx+experimental
> + (package
> + (inherit libvpx)
> + (name "libvpx+experimental")
> + (arguments
> + `(,@(substitute-keyword-arguments (package-arguments libvpx)
> + ((#:configure-flags flags ''())
> + ;; Spatial SVC is an experimental VP9 encoder required by Chromium.
> + `(cons* "--enable-experimental" "--enable-spatial-svc"
> + ,flags)))))))
> +
> +(define-public chromium
> + (package
> + (name "chromium")
> + (version "64.0.3282.186")
> + (synopsis "Graphical web browser")
> + (source (origin
> + (method url-fetch)
> + (uri (string-append "https://commondatastorage.googleapis.com/"
> + "chromium-browser-official/chromium-"
> + version ".tar.xz"))
> + (sha256
> + (base32
> + "0q0q1whspmzyln04gxhgl3jd2vrgb4imh8r9qw6c06i3b63j3l2z"))
> + (patches (list %chromium-duckduckgo.patch
> + %chromium-default-preferences.patch
> + %chromium-first-run.patch
> + %chromium-restore-classic-ntp.patch
> + %chromium-angle-gcc-compat.patch
> + %chromium-webrtc-gcc-compat.patch
> + %chromium-memcpy.patch
> + %chromium-system-icu.patch
> + %chromium-system-nspr.patch
> + %chromium-system-libevent.patch
> + %chromium-disable-api-keys-warning.patch
> + (search-patch "chromium-gcc5.patch")
> + (search-patch "chromium-remove-default-history.patch")))
> + (modules '((srfi srfi-1)
> + (ice-9 ftw)
> + (ice-9 regex)
> + (guix build utils)))
> + (snippet
> + '(begin
> + (let ((preserved-files
> + (map
> + (lambda (path) (string-append "./" path))
> + (list
> + "base/third_party/dmg_fp"
> + "base/third_party/dynamic_annotations"
> + "base/third_party/icu"
> + "base/third_party/libevent"
> + "base/third_party/nspr"
> + "base/third_party/superfasthash"
> + "base/third_party/symbolize" ;glog
> + "base/third_party/xdg_mime"
> + "base/third_party/xdg_user_dirs"
> + "buildtools/third_party/libc++"
> + "chrome/third_party/mozilla_security_manager"
> + "courgette/third_party"
> + "net/third_party/mozilla_security_manager"
> + "net/third_party/nss"
> + "third_party/adobe/flash/flapper_version.h"
> + ;; FIXME: This is used in:
> + ;; * ui/webui/resources/js/analytics.js
> + ;; * ui/file_manager/
> + "third_party/analytics"
> + "third_party/angle"
> + "third_party/angle/src/common/third_party/base"
> + "third_party/angle/src/common/third_party/smhasher"
> + "third_party/angle/src/third_party/compiler"
> + "third_party/angle/src/third_party/libXNVCtrl"
> + "third_party/angle/src/third_party/trace_event"
> + "third_party/blink"
> + "third_party/boringssl"
> + "third_party/boringssl/src/third_party/fiat"
> + "third_party/breakpad"
> + "third_party/brotli"
> + "third_party/cacheinvalidation"
> + "third_party/catapult"
> + "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
> + "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
> + "third_party/catapult/third_party/polymer"
> + "third_party/catapult/tracing/third_party/d3"
> + "third_party/catapult/tracing/third_party/gl-matrix"
> + "third_party/catapult/tracing/third_party/jszip"
> + "third_party/catapult/tracing/third_party/mannwhitneyu"
> + "third_party/catapult/tracing/third_party/oboe"
> + "third_party/catapult/tracing/third_party/pako"
> + "third_party/ced"
> + "third_party/cld_3"
> + "third_party/crc32c"
> + "third_party/cros_system_api"
> + "third_party/dom_distiller_js"
> + "third_party/fips181"
> + "third_party/flatbuffers"
> + ;; PDFium requires a private freetype API.
> + ;; <https://bugs.chromium.org/p/pdfium/issues/detail?id=733>
> + "third_party/freetype/src/src/psnames/pstables.h"
> + "third_party/glslang-angle"
> + "third_party/google_input_tools"
> + "third_party/google_input_tools/third_party/closure_library"
> + (string-append "third_party/google_input_tools/third_party"
> + "/closure_library/third_party/closure")
> + "third_party/googletest"
> + "third_party/harfbuzz-ng"
> + "third_party/hunspell"
> + "third_party/iccjpeg"
> + "third_party/inspector_protocol"
> + "third_party/jinja2"
> + "third_party/jstemplate"
> + "third_party/khronos"
> + "third_party/leveldatabase"
> + "third_party/libXNVCtrl"
> + "third_party/libaddressinput"
> + "third_party/libjingle_xmpp"
> + "third_party/libphonenumber"
> + "third_party/libsecret" ;FIXME: needs pkg-config support.
> + "third_party/libsrtp" ;TODO: Requires libsrtp@2.
> + "third_party/libudev"
> + "third_party/libwebm"
> + "third_party/libxml"
> + "third_party/libyuv"
> + "third_party/lss"
> + "third_party/lzma_sdk"
> + "third_party/markupsafe"
> + "third_party/mesa"
> + "third_party/metrics_proto"
> + "third_party/modp_b64"
> + "third_party/mt19937ar"
> + "third_party/node"
> + (string-append "third_party/node/node_modules/"
> + "polymer-bundler/lib/third_party/UglifyJS2")
> + "third_party/openmax_dl"
> + "third_party/ots"
> + "third_party/pdfium"
> + "third_party/pdfium/third_party"
> + "third_party/ply"
> + "third_party/polymer"
> + "third_party/protobuf"
> + "third_party/protobuf/third_party/six"
> + "third_party/qcms"
> + "third_party/sfntly"
> + "third_party/skia"
> + "third_party/skia/third_party/vulkan"
> + "third_party/skia/third_party/gif"
> + "third_party/smhasher"
> + "third_party/speech-dispatcher"
> + "third_party/spirv-headers"
> + "third_party/spirv-tools-angle"
> + "third_party/sqlite"
> + "third_party/swiftshader"
> + "third_party/swiftshader/third_party"
> + "third_party/usb_ids"
> + "third_party/usrsctp"
> + "third_party/vulkan"
> + "third_party/vulkan-validation-layers"
> + "third_party/WebKit"
> + "third_party/web-animations-js"
> + "third_party/webrtc"
> + "third_party/webrtc_overrides"
> + "third_party/widevine/cdm/widevine_cdm_version.h"
> + "third_party/widevine/cdm/widevine_cdm_common.h"
> + "third_party/woff2"
> + "third_party/xdg-utils"
> + "third_party/yasm/run_yasm.py"
> + "third_party/zlib/google"
> + "url/third_party/mozilla"
> + "v8/src/third_party/valgrind"
> + "v8/third_party/inspector_protocol"))))
> +
> + ;; This is an implementation of
> + ;; "build/linux/unbundle/remove_bundled_libraries.py".
> + ;; It traverses any "third_party" directory and deletes
> + ;; files that are:
> + ;; * not ending with ".gn" or ".gni"; or
> + ;; * not explicitly named as argument (folder or file).
> + ;; TODO: Remove empty directories.
> + (define (delete-files-except exceptions dir)
> +
> + (define (enter? name stat result)
> + (not (member name exceptions)))
> +
> + (define (leaf name stat result)
> + (let ((protected-files (make-regexp "\\.(gn|gyp)i?$"
> + regexp/icase)))
> + (unless (or (member name exceptions)
> + (regexp-exec protected-files name))
> + (delete-file name))))
> +
> + (file-system-fold enter?
> + leaf
> + (lambda (dir stat result) result) ;down
> + (lambda (dir stat result) result) ;up
> + (lambda (dir stat result) result) ;skip
> + (lambda (dir stat result) result) ;error
> + #t
> + dir))
> +
> + (for-each (lambda (third-party)
> + (delete-files-except preserved-files
> + third-party))
> + (find-files "." "^third_party$" #:directories? #t))
> +
> + ;; Replace GN files from third_party with shims for building
> + ;; against system libraries. Keep this list in sync with
> + ;; "build/linux/unbundle/replace_gn_files.py".
> + (for-each (lambda (pair)
> + (let ((source (string-append
> + "build/linux/unbundle/" (car pair)))
> + (dest (cdr pair)))
> + (copy-file source dest)))
> + (list
> + '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
> + '("flac.gn" . "third_party/flac/BUILD.gn")
> + '("freetype.gn" . "third_party/freetype/BUILD.gn")
> + ;; FIXME: This is no longer supported since 63.
> + ;;'("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
> + '("icu.gn" . "third_party/icu/BUILD.gn")
> + '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
> + '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
> + '("libjpeg.gn" .
> + "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
> + '("libpng.gn" . "third_party/libpng/BUILD.gn")
> + '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
> + '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
> + '("libxml.gn" . "third_party/libxml/BUILD.gn") ;TODO
> + '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
> + '("openh264.gn" . "third_party/openh264/BUILD.gn")
> + '("opus.gn" . "third_party/opus/BUILD.gn")
> + '("re2.gn" . "third_party/re2/BUILD.gn")
> + '("snappy.gn" . "third_party/snappy/BUILD.gn")
> + '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
> + '("zlib.gn" . "third_party/zlib/BUILD.gn")))
> + #t)))))
> + (build-system gnu-build-system)
> + (arguments
> + `(#:tests? #f
> + ;; FIXME: There is a "gn" option specifically for setting -rpath, but
> + ;; it's not recognized when passed.
> + #:validate-runpath? #f
> + #:modules ((srfi srfi-26)
> + (ice-9 ftw)
> + (ice-9 regex)
> + (guix build gnu-build-system)
> + (guix build utils))
> + #:phases
> + (modify-phases %standard-phases
> + (add-after 'unpack 'patch-stuff
> + (lambda* (#:key inputs #:allow-other-keys)
> + (substitute* "printing/cups_config_helper.py"
> + (("cups_config =.*")
> + (string-append "cups_config = '" (assoc-ref inputs "cups")
> + "/bin/cups-config'\n")))
> +
> + (substitute*
> + '("base/process/launch_posix.cc"
> + "base/third_party/dynamic_annotations/dynamic_annotations.c"
> + "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
> + "sandbox/linux/services/credentials.cc"
> + "sandbox/linux/services/namespace_utils.cc"
> + "sandbox/linux/services/syscall_wrappers.cc"
> + "sandbox/linux/syscall_broker/broker_host.cc")
> + (("include \"base/third_party/valgrind/") "include \"valgrind/"))
> +
> + (for-each (lambda (file)
> + (substitute* file
> + ;; Fix opus include path.
> + ;; Do not substitute opus_private.h.
> + (("#include \"opus\\.h\"")
> + "#include \"opus/opus.h\"")
> + (("#include \"opus_custom\\.h\"")
> + "#include \"opus/opus_custom.h\"")
> + (("#include \"opus_defines\\.h\"")
> + "#include \"opus/opus_defines.h\"")
> + (("#include \"opus_multistream\\.h\"")
> + "#include \"opus/opus_multistream.h\"")
> + (("#include \"opus_types\\.h\"")
> + "#include \"opus/opus_types.h\"")))
> + (append (find-files "third_party/opus/src/celt")
> + (find-files "third_party/opus/src/src")
> + (find-files (string-append "third_party/webrtc/modules"
> + "/audio_coding/codecs/opus"))))
> +
> + (substitute* "chrome/common/chrome_paths.cc"
> + (("/usr/share/chromium/extensions")
> + ;; TODO: Add ~/.guix-profile.
> + "/run/current-system/profile/share/chromium/extensions"))
I don't know if I asked you about this in the past, but can you explain why you
picked the run dir? I have to re-read the Gentoo eclass and Nix integration for this.
> +
> + (substitute*
> + "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
> + (("include \"third_party/curl") "include \"curl"))
> + (substitute* "media/base/decode_capabilities.cc"
> + (("third_party/libvpx/source/libvpx/") ""))
> +
> + ;; We don't cross compile most packages, so get rid of the
> + ;; unnecessary ARCH-linux-gnu* prefix.
> + (substitute* "build/toolchain/linux/BUILD.gn"
> + (("aarch64-linux-gnu-") "")
> + (("arm-linux-gnueabihf-") ""))
> + #t))
> + (replace 'configure
> + (lambda* (#:key inputs outputs #:allow-other-keys)
> + (let ((gn-flags
> + (list
> + ;; See tools/gn/docs/cookbook.md and
> + ;; https://www.chromium.org/developers/gn-build-configuration
> + ;; for usage. Run "./gn args . --list" in the Release
> + ;; directory for an exhaustive list of supported flags.
> + "is_debug=false"
> + "is_official_build=false"
> + "is_clang=false"
> + "use_gold=false"
> + "use_lld=false"
> + "linux_use_bundled_binutils=false"
> + "use_custom_libcxx=false"
> + "use_sysroot=false"
> + "goma_dir=\"\""
> + "enable_precompiled_headers=false"
> + "enable_nacl=false"
> + "enable_nacl_nonsfi=false"
> + "use_allocator=\"none\"" ;don't use tcmalloc
> + "override_build_date=\"01 01 2000 05:00:00\""
> + "use_unofficial_version_number=false"
> + ;; Optimize for building everything at once, as opposed
> + ;; to incrementally for development. See "docs/jumbo.md".
> + ;; XXX: On some systems this may trigger a compiler error.
> + ;;"use_jumbo_build=true"
> + ;; Disable debugging features to save space.
> + "remove_webcore_debug_symbols=true"
> + "enable_iterator_debugging=false"
> + ;; Some of the unbundled libraries throws deprecation
> + ;; warnings, etc. Ignore it.
> + "treat_warnings_as_errors=false"
> + ;; Don't add any API keys. End users can set them in the
> + ;; environment if desired. See
> + ;; <https://www.chromium.org/developers/how-tos/api-keys>.
> + "use_official_google_api_keys=false"
> + ;; Disable "field trials".
> + "fieldtrial_testing_like_official_build=true"
> +
> + "use_system_freetype=true"
> + "use_system_harfbuzz=true"
> + "use_system_libjpeg=true"
> + "use_system_lcms2=true"
> + "use_system_zlib=true"
> + ;; This is currently not supported on Linux:
> + ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
> + ;;"use_system_sqlite=true"
> +
> + "use_gconf=false" ;deprecated by gsettings
> + "use_gnome_keyring=false" ;deprecated by libsecret
> + "use_gtk3=true"
> + "use_openh264=true"
> + "use_xkbcommon=true"
> + "link_pulseaudio=true"
> +
> + ;; Don't arbitrarily restrict formats supported by system ffmpeg.
> + "proprietary_codecs=true"
> + "ffmpeg_branding=\"Chrome\""
> +
> + ;; WebRTC stuff.
> + "rtc_use_h264=true"
> + ;; Don't use bundled sources.
> + "rtc_build_json=false"
> + "rtc_build_libevent=false"
> + "rtc_build_libvpx=false"
> + "rtc_build_opus=false"
> + "rtc_build_ssl=false"
> + ;; TODO: Package these.
> + "rtc_build_libsrtp=true" ;2.0
> + "rtc_build_libyuv=true"
> + "rtc_build_openmax_dl=true"
> + "rtc_build_usrsctp=true"
> + (string-append "rtc_jsoncpp_root=\""
> + (assoc-ref inputs "jsoncpp")
> + "/include/jsoncpp/json\"")
> + (string-append "rtc_ssl_root=\""
> + (assoc-ref inputs "openssl")
> + "/include/openssl\""))))
> +
> + ;; XXX: How portable is this.
Can you extend this comment?
> + (mkdir-p "third_party/node/linux/node-linux-x64")
> + (symlink (string-append (assoc-ref inputs "node") "/bin")
> + "third_party/node/linux/node-linux-x64/bin")
> +
> + (setenv "CC" "gcc")
> + (setenv "CXX" "g++")
> + ;; TODO: pre-compile instead. Avoids a race condition.
> + (setenv "PYTHONDONTWRITEBYTECODE" "1")
> + (and
> + ;; Build the "gn" tool.
> + (invoke "python"
> + "tools/gn/bootstrap/bootstrap.py" "-s" "-v")
> + ;; Generate ninja build files.
> + (invoke "./out/Release/gn" "gen" "out/Release"
> + (string-append "--args="
> + (string-join gn-flags " ")))))))
> + (replace 'build
> + (lambda* (#:key outputs #:allow-other-keys)
> + (invoke "ninja" "-C" "out/Release"
> + "-j" (number->string (parallel-job-count))
> + "chrome")))
> + (replace 'install
> + (lambda* (#:key inputs outputs #:allow-other-keys)
> + (let* ((out (assoc-ref outputs "out"))
> + (bin (string-append out "/bin"))
> + (exe (string-append bin "/chromium"))
> + (lib (string-append out "/lib"))
> + (man (string-append out "/share/man/man1"))
> + (applications (string-append out "/share/applications"))
> + (install-regexp (make-regexp "\\.(bin|pak)$"))
> + (locales (string-append lib "/locales"))
> + (resources (string-append lib "/resources"))
> + (gtk+ (assoc-ref inputs "gtk+"))
> + (mesa (assoc-ref inputs "mesa"))
> + (nss (assoc-ref inputs "nss"))
> + (udev (assoc-ref inputs "udev"))
> + (sh (which "sh")))
> +
> + (substitute* '("chrome/app/resources/manpage.1.in"
> + "chrome/installer/linux/common/desktop.template")
> + (("@@MENUNAME@@") "Chromium")
> + (("@@PACKAGE@@") "chromium")
> + (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
> + (mkdir-p man)
> + (copy-file "chrome/app/resources/manpage.1.in"
> + (string-append man "/chromium.1"))
> + (mkdir-p applications)
> + (copy-file "chrome/installer/linux/common/desktop.template"
> + (string-append applications "/chromium.desktop"))
> +
> + (with-directory-excursion "out/Release"
> + (for-each (lambda (file)
> + (install-file file lib))
> + (scandir "." (cut regexp-exec install-regexp <>)))
> + (copy-file "chrome" (string-append lib "/chromium"))
> +
> + ;; TODO: Install icons from "../../chrome/app/themes" into
> + ;; "out/share/icons/hicolor/$size".
> + (install-file
> + "product_logo_48.png"
> + (string-append out "/share/icons/48x48/chromium.png"))
> +
> + (copy-recursively "locales" locales)
> + (copy-recursively "resources" resources)
> +
> + (mkdir-p bin)
> + ;; Add a thin wrapper to prevent the user from inadvertently
> + ;; installing non-free software through the Web Store.
> + ;; TODO: Discover extensions from the profile and pass
> + ;; something like "--disable-extensions-except=...".
To be able to work on this, can you (at least in this bug ticket,
explain the TODO part a bit more?
> + (call-with-output-file exe
> + (lambda (port)
> + (format port
> + "#!~a~@
> + if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
> + then~@
> + CHROMIUM_FLAGS=\" \\~@
> + --disable-background-networking \\~@
> + --disable-extensions \\~@
> + \"~@
> + fi~@
> + exec ~a $CHROMIUM_FLAGS \"$@\"~%"
> + sh (string-append lib "/chromium"))))
> + (chmod exe #o755)
> +
> + (wrap-program exe
> + ;; TODO: Get these in RUNPATH.
> + `("LD_LIBRARY_PATH" ":" prefix
> + (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
> + mesa "/lib:" udev "/lib")))
> + ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
> + `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
> + #t)))))))
> + (native-inputs
> + `(("bison" ,bison)
> + ("git" ,git) ;last_commit_position.py
> + ("gperf" ,gperf)
> + ("ninja" ,ninja)
> + ("node" ,node)
> + ("pkg-config" ,pkg-config)
> + ("which" ,which)
> + ("yasm" ,yasm)
> +
> + ("python-beautifulsoup4" ,python2-beautifulsoup4)
> + ("python-html5lib" ,python2-html5lib)
> + ("python" ,python-2)))
> + (inputs
> + `(("alsa-lib" ,alsa-lib)
> + ("atk" ,atk)
> + ("cups" ,cups)
> + ("curl" ,curl)
> + ("dbus" ,dbus)
> + ("dbus-glib" ,dbus-glib)
> + ("expat" ,expat)
> + ("flac" ,flac)
> + ("ffmpeg" ,ffmpeg)
> + ("fontconfig" ,fontconfig)
> + ("freetype" ,freetype)
> + ("gdk-pixbuf" ,gdk-pixbuf)
> + ("glib" ,glib)
> + ("gtk+-2" ,gtk+-2)
> + ("gtk+" ,gtk+)
> + ("harfbuzz" ,harfbuzz)
> + ("icu4c" ,icu4c)
> + ("jsoncpp" ,jsoncpp)
> + ("lcms" ,lcms)
> + ("libevent" ,libevent)
> + ("libffi" ,libffi)
> + ("libjpeg-turbo" ,libjpeg-turbo)
> + ("libpng" ,libpng)
> + ("libusb" ,libusb)
> + ("libvpx" ,libvpx+experimental)
> + ("libwebp" ,libwebp)
> + ("libx11" ,libx11)
> + ("libxcb" ,libxcb)
> + ("libxcomposite" ,libxcomposite)
> + ("libxcursor" ,libxcursor)
> + ("libxdamage" ,libxdamage)
> + ("libxext" ,libxext)
> + ("libxfixes" ,libxfixes)
> + ("libxi" ,libxi)
> + ("libxkbcommon" ,libxkbcommon)
> + ("libxml2" ,libxml2)
> + ("libxrandr" ,libxrandr)
> + ("libxrender" ,libxrender)
> + ("libxscrnsaver" ,libxscrnsaver)
> + ("libxslt" ,libxslt)
> + ("libxtst" ,libxtst)
> + ("mesa" ,mesa)
> + ("minizip" ,minizip)
> + ("mit-krb5" ,mit-krb5)
> + ("nss" ,nss)
> + ("openh264" ,openh264)
> + ("openssl" ,openssl)
> + ("opus" ,opus+custom)
> + ("pango" ,pango)
> + ("pciutils" ,pciutils)
> + ("protobuf" ,protobuf)
> + ("pulseaudio" ,pulseaudio)
> + ("re2" ,re2)
> + ("snappy" ,snappy)
> + ("speech-dispatcher" ,speech-dispatcher)
> + ("sqlite" ,sqlite)
> + ("udev" ,eudev)
> + ("valgrind" ,valgrind)))
> + (home-page "https://www.chromium.org/")
> + (description
> + "Chromium is a web browser designed for speed and security. This
> +version incorporates patches from
> +@url{https://github.com/gcarq/inox-patchset,Inox} and
> +@url{https://www.debian.org/,Debian} in order to protect the users privacy.")
> + ;; Chromium is developed as BSD-3, but bundles a large number of third-party
> + ;; components with other licenses. For full information, see chrome://credits.
> + (license (list license:bsd-3
> + license:bsd-2
> + license:expat
> + license:asl2.0
> + license:mpl2.0
> + license:public-domain
> + license:lgpl2.1+))))
> diff --git a/gnu/packages/patches/chromium-gcc5.patch b/gnu/packages/patches/chromium-gcc5.patch
> new file mode 100644
> index 000000000..56b2cd6ef
> --- /dev/null
> +++ b/gnu/packages/patches/chromium-gcc5.patch
> @@ -0,0 +1,39 @@
> +Work around a GCC5 bug where it fails to choose the correct base::span
> +constructor.
> +
> +Adapted from this commit:
> +https://gitweb.gentoo.org/repo/gentoo.git/commit/www-client/chromium?id=7843d29ab07411a9c70962fb90b4cd1546910242
> +
> +--- a/gpu/ipc/common/mailbox_struct_traits.h
> ++++ b/gpu/ipc/common/mailbox_struct_traits.h
> +@@ -15,7 +15,7 @@ namespace mojo {
> + template <>
> + struct StructTraits<gpu::mojom::MailboxDataView, gpu::Mailbox> {
> + static base::span<const int8_t> name(const gpu::Mailbox& mailbox) {
> +- return mailbox.name;
> ++ return base::make_span(mailbox.name);
> + }
> + static bool Read(gpu::mojom::MailboxDataView data, gpu::Mailbox* out);
> + };
> +--- a/services/viz/public/cpp/compositing/filter_operation_struct_traits.h
> ++++ b/services/viz/public/cpp/compositing/filter_operation_struct_traits.h
> +@@ -134,7 +134,7 @@ struct StructTraits<viz::mojom::FilterOperationDataView, cc::FilterOperation> {
> + static base::span<const float> matrix(const cc::FilterOperation& operation) {
> + if (operation.type() != cc::FilterOperation::COLOR_MATRIX)
> + return base::span<const float>();
> +- return operation.matrix();
> ++ return base::make_span(operation.matrix());
> + }
> +
> + static base::span<const gfx::Rect> shape(
> +--- a/services/viz/public/cpp/compositing/quads_struct_traits.h
> ++++ b/services/viz/public/cpp/compositing/quads_struct_traits.h
> +@@ -308,7 +308,7 @@
> + static base::span<const float> vertex_opacity(const viz::DrawQuad& input) {
> + const viz::TextureDrawQuad* quad =
> + viz::TextureDrawQuad::MaterialCast(&input);
> +- return quad->vertex_opacity;
> ++ return base::make_span(quad->vertex_opacity);
> + }
> +
> + static bool y_flipped(const viz::DrawQuad& input) {
> diff --git a/gnu/packages/patches/chromium-remove-default-history.patch b/gnu/packages/patches/chromium-remove-default-history.patch
> new file mode 100644
> index 000000000..38be10820
> --- /dev/null
> +++ b/gnu/packages/patches/chromium-remove-default-history.patch
> @@ -0,0 +1,13 @@
> +Don't pre-populate the New Tab Page for new profiles.
> +
> +--- a/chrome/browser/history/top_sites_factory.cc
> ++++ b/chrome/browser/history/top_sites_factory.cc
> +@@ -74,7 +74,7 @@
> +
> + void InitializePrepopulatedPageList(
> + history::PrepopulatedPageList* prepopulated_pages) {
> +-#if !defined(OS_ANDROID)
> ++#if false
> + DCHECK(prepopulated_pages);
> + prepopulated_pages->reserve(arraysize(kRawPrepopulatedPages));
> + for (size_t i = 0; i < arraysize(kRawPrepopulatedPages); ++i) {
> --
> 2.16.2
>
Otherwise, LGTM.
--
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://n0.is
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-27 2:00 ` Mike Gerwitz
@ 2018-02-28 8:17 ` ng0
2018-02-28 17:28 ` Marius Bakke
1 sibling, 0 replies; 91+ messages in thread
From: ng0 @ 2018-02-28 8:17 UTC (permalink / raw)
To: Mike Gerwitz; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2509 bytes --]
Mike Gerwitz transcribed 1.6K bytes:
> On Mon, Feb 26, 2018 at 19:18:39 +0100, Marius Bakke wrote:
> > Now, when launching the browser for the first time, it *still* connects
> > to Google services. After a while it also does a lookup for AdWords...
>
> Do you know what code initiates this? Would it be easy to remove, and
> would that harm other functionality?
>
> Saying that it only runs the first time implies to me that there's a
> flag, and that perhaps the flag can either be permanently set or the
> conditional triggering this behavior removed.
>
> --
> Mike Gerwitz
> Free Software Hacker+Activist | GNU Maintainer & Volunteer
> GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05
> https://mikegerwitz.com
Could this be a connectivity check?
switch "--connectivity-check-url" exists:
https://peter.sh/experiments/chromium-command-line-switches/
and there might be a flag here: chrome://flags/
We can also creatre our own settings file as suggested in
this thread:
https://www.jamf.com/jamf-nation/discussions/10331/chrome-master-preferences-file-and-suppressing-first-run-browser
Someone else suggested this file:
http://www.google.com/codesearch/p?hl=ru#HLxzG3ShG8A/trunk/win/lib/lib_values.cc&q=/tools/pso&sa=N&cd=1&ct=rc
404 now.
Adwords query might really be rlz, but I'm just guessing for now. Post from 2010:
https://blog.chromium.org/2010/06/in-open-for-rlz.html
> When we released a new stable version of Google Chrome last March, we tried to improve the transparency and privacy options of Google Chrome. One area where ve seen a lot of interest and questions is the RLZ library that is built into Google Chrome. RLZ gives us the ability to accurately measure the success of marketing promotions and distribution partnerships in order to meet our contractual and financial obligations. It assigns non-unique, non-personally identifiable promotion tracking labels to client products; these labels sometimes appear in Google search queries in Google Chrome.we
This is the source code view:
https://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/rlz/rlz.cc?view=markup
https://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/rlz/rlz.h?view=markup
Different topic. This will help us to integrate packaged extensions once we get there:
https://data.gpo.zugaina.org/gentoo/www-client/chromium/files/chromium-launcher-r3.sh
and probably some more files.
--
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://n0.is
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-27 22:17 ` ng0
@ 2018-02-28 17:14 ` Marius Bakke
0 siblings, 0 replies; 91+ messages in thread
From: Marius Bakke @ 2018-02-28 17:14 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 3435 bytes --]
ng0 <ng0@n0.is> writes:
> Marius Bakke transcribed 43K bytes:
>> ng0 <ng0@n0.is> writes:
>>
>> > Marius Bakke transcribed 2.1K bytes:
>> >> Mike Gerwitz <mtg@gnu.org> writes:
>> >>
>> >> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
>> >> >> If there are no objections, expect to see this in 'master' in 1-2 weeks.
>> >> >
>> >> > I want to express gratitude for your hard work on this---given that
>> >> > IceCat does not contain many of the FF devtool updates, Chromium is very
>> >> > desirable for web development. It's also needed for certain Node.js
>> >> > tools, like node-inspector.
>> >> >
>> >> > So, thank you!
>> >>
>> >> Thank *you* for the kind words! :-)
>> >>
>> >> Here is the latest iteration of this patch. New in this version:
>> >>
>> >> * Chromium 64 (duh).
>> >> * The 'delete-bundled-software' phase has been moved to a snippet,
>> >> shaving ~100MiB (~22%) off the compressed tarball size (and
>> >> drastically reduces (de)compression time).
>> >> * The New Tab page does not show any thumbnails for new profiles.
>> >
>> > I think you forgot to attach the patches :)
>>
>> Derp. I realized that and just used `git send-email`[0], but have
>> attached it here for convenience since the debbugs web UI doesn't allow
>> easy download of a raw message.
>>
>> [0] https://debbugs.gnu.org/cgi/bugreport.cgi?msg=131;bug=28004#131
>>
>
> Comments inlined, some words ahead.
>
> I think it's good that we will be able to handle extensions via Guix.
> But: We should point it out that you won't be able to install extensions
> manually, via the store or as a file. People who betatested this got
> confused.
I haven't tested installing from a file. Which error are you getting?
You can use extensions from the store by setting the variable
"CHROMIUM_ENABLE_WEB_STORE", as in Debian. But I don't see a need to
document it since it's unsupported territory from a Guix viewpoint.
>> + (substitute* "chrome/common/chrome_paths.cc"
>> + (("/usr/share/chromium/extensions")
>> + ;; TODO: Add ~/.guix-profile.
>> + "/run/current-system/profile/share/chromium/extensions"))
>
> I don't know if I asked you about this in the past, but can you explain why you
> picked the run dir? I have to re-read the Gentoo eclass and Nix integration for this.
The plan is to package extensions with Guix and place them in
"out/share/chromium/extensions". Then you would be able to install
extensions through the system profile, until a better solution is in
place (like a search path).
>> + (mkdir-p bin)
>> + ;; Add a thin wrapper to prevent the user from inadvertently
>> + ;; installing non-free software through the Web Store.
>> + ;; TODO: Discover extensions from the profile and pass
>> + ;; something like "--disable-extensions-except=...".
>
> To be able to work on this, can you (at least in this bug ticket,
> explain the TODO part a bit more?
This was inspired by Debians wrapper script, which discovers extensions
installed by Apt and composes this command line. It allows disabling
the web store while still using extensions. I'll see if I can improve
the comment.
Thanks for the feedback!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-27 2:00 ` Mike Gerwitz
2018-02-28 8:17 ` ng0
@ 2018-02-28 17:28 ` Marius Bakke
1 sibling, 0 replies; 91+ messages in thread
From: Marius Bakke @ 2018-02-28 17:28 UTC (permalink / raw)
To: Mike Gerwitz; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1445 bytes --]
Mike Gerwitz <mtg@gnu.org> writes:
> On Mon, Feb 26, 2018 at 19:18:39 +0100, Marius Bakke wrote:
>> Now, when launching the browser for the first time, it *still* connects
>> to Google services. After a while it also does a lookup for AdWords...
>
> Do you know what code initiates this? Would it be easy to remove, and
> would that harm other functionality?
Unfortunately, I don't know what triggers it. Feel free to try picking
some of the other Inox patches and see if it makes a difference:
https://github.com/gcarq/inox-patchset
Inox goes great lengths to "ungooglify" the browser. I've decided
against picking *all* their patches, for two reasons:
1) I'd like users to be able to use Chromium with their Google account
if they wish to (although I haven't actually tested this), and more
importantly:
2) More patches means more porting work every new release. Usually
major versions bumps come with a plethora of security fixes, so I wish
to minimize maintenance overhead. Just figuring out the changed
dependencies, build flags, and GCC bugs with every release is a lot of
work already.
> Saying that it only runs the first time implies to me that there's a
> flag, and that perhaps the flag can either be permanently set or the
> conditional triggering this behavior removed.
Indeed. Any help figuring out the offender is very welcome! No external
connectivity in the default configuration is a goal we should strive for.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-26 22:41 ` Björn Höfling
2018-02-27 21:57 ` ng0
@ 2018-02-28 17:38 ` Marius Bakke
2018-02-28 18:09 ` Björn Höfling
2018-03-16 17:30 ` ng0
1 sibling, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2018-02-28 17:38 UTC (permalink / raw)
To: Björn Höfling; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 4291 bytes --]
Björn Höfling <bjoern.hoefling@bjoernhoefling.de> writes:
> Hi Marius,
>
> On Mon, 26 Feb 2018 21:06:57 +0100
> Marius Bakke <mbakke@fastmail.com> wrote:
>
>> ng0 <ng0@n0.is> writes:
>>
>> > Marius Bakke transcribed 2.1K bytes:
>> >> Mike Gerwitz <mtg@gnu.org> writes:
>> >>
>> >> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
>> >> >> If there are no objections, expect to see this in 'master' in
>> >> >> 1-2 weeks.
>> >> >
>> >> > I want to express gratitude for your hard work on this---given
>> >> > that IceCat does not contain many of the FF devtool updates,
>> >> > Chromium is very desirable for web development. It's also
>> >> > needed for certain Node.js tools, like node-inspector.
>> >> >
>> >> > So, thank you!
>> >>
>> >> Thank *you* for the kind words! :-)
>> >>
>> >> Here is the latest iteration of this patch. New in this version:
>> >>
>> >> * Chromium 64 (duh).
>> >> * The 'delete-bundled-software' phase has been moved to a snippet,
>> >> shaving ~100MiB (~22%) off the compressed tarball size (and
>> >> drastically reduces (de)compression time).
>> >> * The New Tab page does not show any thumbnails for new profiles.
>> >
>> > I think you forgot to attach the patches :)
>>
>> Derp. I realized that and just used `git send-email`[0], but have
>> attached it here for convenience since the debbugs web UI doesn't
>> allow easy download of a raw message.
>>
>> [0] https://debbugs.gnu.org/cgi/bugreport.cgi?msg=131;bug=28004#131
>>
>
>
> This looks like a lot of work. Thank you!
>
> I quickly tried to apply and build the patch and have two first remarks:
>
> The file says:
>
> ;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
>
> I haven't followed history, have you worked on this since 2016?
Yeah, I started this shortly after going full-GuixSD in October 2016.
But I didn't submit it until now because I didn't think it met Guix's
standards (and still think it's questionable due to privacy concerns).
> One patch has a hash-mismatch:
>
> Starting download of /gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch
> From https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/plain/debian/patches/system/icu.patch?id=debian/64.0.3282.119-2...
> icu.patch 2KiB 1.8MiB/s 00:00 [####################] 100.0%
> output path `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch' should have sha256 hash `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59'
> @ build-failed /gnu/store/cqdllqn8ig5wnjn0yqvnh4vlzsvnpzv6-chromium-icu.patch.drv - 1 output path `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch' should have sha256 hash `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59'
> cannot build derivation `/gnu/store/vacxbwsprcp52vp6q975450zi091dak2-chromium-64.0.3282.186.tar.xz.drv': 1 dependencies couldn't be built
> @ build-started /gnu/store/7q53inn1v32b5fain0h0wcrliclf0ff1-libvpx+experimental-1.7.0.drv - x86_64-linux /var/log/guix/drvs/7q//53inn1v32b5fain0h0wcrliclf0ff1-libvpx+experimental-1.7.0.drv.bz2
> cannot build derivation `/gnu/store/5qv7anaaqk4576pma9mhcsz1nhrx1n01-chromium-64.0.3282.186.drv': 1 dependencies couldn't be built
> guix build: error: build failed: build of `/gnu/store/5qv7anaaqk4576pma9mhcsz1nhrx1n01-chromium-64.0.3282.186.drv' failed
>
> I looked into the file and it looks reasonable, like a patch-file. It has no download errors.
>
> It starts like this:
>
> description: backwards compatibility for older versions of icu
> author: Michael Gilbert <mgilbert@debian.org>
>
> --- a/v8/src/runtime/runtime-intl.cc
> +++ b/v8/src/runtime/runtime-intl.cc
> @@ -627,7 +627,11 @@ RUNTIME_FUNCTION(Runtime_PluralRulesSele
>
> ...
>
> Can you check this file again?
Whoops, indeed. I had an older patch in my store and apparently forgot
to update the hash.
The correct hash for %chromium-system-icu.patch is:
19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59
Thanks for letting me know! I'll send an updated patch later, with some
other minor improvements.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-28 17:38 ` Marius Bakke
@ 2018-02-28 18:09 ` Björn Höfling
2018-03-16 17:30 ` ng0
1 sibling, 0 replies; 91+ messages in thread
From: Björn Höfling @ 2018-02-28 18:09 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1186 bytes --]
On Wed, 28 Feb 2018 18:38:56 +0100
Marius Bakke <mbakke@fastmail.com> wrote:
> Björn Höfling <bjoern.hoefling@bjoernhoefling.de> writes:
> > One patch has a hash-mismatch:
> >
> > Starting download
> > of /gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch
> > From
> > https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/plain/debian/patches/system/icu.patch?id=debian/64.0.3282.119-2...
> > icu.patch 2KiB 1.8MiB/s 00:00
> > [####################] 100.0% output path
> > `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch'
> > should have sha256 hash
> > `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has
> > `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59' @
[..]
>
> Whoops, indeed. I had an older patch in my store and apparently
> forgot to update the hash.
>
> The correct hash for %chromium-system-icu.patch is:
>
> 19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59
>
> Thanks for letting me know! I'll send an updated patch later, with
> some other minor improvements.
With that confirmation, I could build the source derivation.
Thanks.
Björn
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-02-28 17:38 ` Marius Bakke
2018-02-28 18:09 ` Björn Höfling
@ 2018-03-16 17:30 ` ng0
2018-03-16 17:45 ` Marius Bakke
1 sibling, 1 reply; 91+ messages in thread
From: ng0 @ 2018-03-16 17:30 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Marius Bakke transcribed 4.8K bytes:
> Björn Höfling <bjoern.hoefling@bjoernhoefling.de> writes:
>
> > Hi Marius,
> >
> > On Mon, 26 Feb 2018 21:06:57 +0100
> > Marius Bakke <mbakke@fastmail.com> wrote:
> >
> >> ng0 <ng0@n0.is> writes:
> >>
> >> > Marius Bakke transcribed 2.1K bytes:
> >> >> Mike Gerwitz <mtg@gnu.org> writes:
> >> >>
> >> >> > On Tue, Jan 16, 2018 at 20:01:34 +0100, Marius Bakke wrote:
> >> >> >> If there are no objections, expect to see this in 'master' in
> >> >> >> 1-2 weeks.
> >> >> >
> >> >> > I want to express gratitude for your hard work on this---given
> >> >> > that IceCat does not contain many of the FF devtool updates,
> >> >> > Chromium is very desirable for web development. It's also
> >> >> > needed for certain Node.js tools, like node-inspector.
> >> >> >
> >> >> > So, thank you!
> >> >>
> >> >> Thank *you* for the kind words! :-)
> >> >>
> >> >> Here is the latest iteration of this patch. New in this version:
> >> >>
> >> >> * Chromium 64 (duh).
> >> >> * The 'delete-bundled-software' phase has been moved to a snippet,
> >> >> shaving ~100MiB (~22%) off the compressed tarball size (and
> >> >> drastically reduces (de)compression time).
> >> >> * The New Tab page does not show any thumbnails for new profiles.
> >> >
> >> > I think you forgot to attach the patches :)
> >>
> >> Derp. I realized that and just used `git send-email`[0], but have
> >> attached it here for convenience since the debbugs web UI doesn't
> >> allow easy download of a raw message.
> >>
> >> [0] https://debbugs.gnu.org/cgi/bugreport.cgi?msg=131;bug=28004#131
> >>
> >
> >
> > This looks like a lot of work. Thank you!
> >
> > I quickly tried to apply and build the patch and have two first remarks:
> >
> > The file says:
> >
> > ;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
> >
> > I haven't followed history, have you worked on this since 2016?
>
> Yeah, I started this shortly after going full-GuixSD in October 2016.
> But I didn't submit it until now because I didn't think it met Guix's
> standards (and still think it's questionable due to privacy concerns).
>
> > One patch has a hash-mismatch:
> >
> > Starting download of /gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch
> > From https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/plain/debian/patches/system/icu.patch?id=debian/64.0.3282.119-2...
> > icu.patch 2KiB 1.8MiB/s 00:00 [####################] 100.0%
> > output path `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch' should have sha256 hash `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59'
> > @ build-failed /gnu/store/cqdllqn8ig5wnjn0yqvnh4vlzsvnpzv6-chromium-icu.patch.drv - 1 output path `/gnu/store/q8hlws48cjfcmz6i40jrnxn3kp750gy4-chromium-icu.patch' should have sha256 hash `0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv', instead has `19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59'
> > cannot build derivation `/gnu/store/vacxbwsprcp52vp6q975450zi091dak2-chromium-64.0.3282.186.tar.xz.drv': 1 dependencies couldn't be built
> > @ build-started /gnu/store/7q53inn1v32b5fain0h0wcrliclf0ff1-libvpx+experimental-1.7.0.drv - x86_64-linux /var/log/guix/drvs/7q//53inn1v32b5fain0h0wcrliclf0ff1-libvpx+experimental-1.7.0.drv.bz2
> > cannot build derivation `/gnu/store/5qv7anaaqk4576pma9mhcsz1nhrx1n01-chromium-64.0.3282.186.drv': 1 dependencies couldn't be built
> > guix build: error: build failed: build of `/gnu/store/5qv7anaaqk4576pma9mhcsz1nhrx1n01-chromium-64.0.3282.186.drv' failed
> >
> > I looked into the file and it looks reasonable, like a patch-file. It has no download errors.
> >
> > It starts like this:
> >
> > description: backwards compatibility for older versions of icu
> > author: Michael Gilbert <mgilbert@debian.org>
> >
> > --- a/v8/src/runtime/runtime-intl.cc
> > +++ b/v8/src/runtime/runtime-intl.cc
> > @@ -627,7 +627,11 @@ RUNTIME_FUNCTION(Runtime_PluralRulesSele
> >
> > ...
> >
> > Can you check this file again?
>
> Whoops, indeed. I had an older patch in my store and apparently forgot
> to update the hash.
>
> The correct hash for %chromium-system-icu.patch is:
>
> 19r0bpv2hapzq5m0m7rlz1dwn3h2ijgkilb2hmhw56qvwpbw0b59
>
> Thanks for letting me know! I'll send an updated patch later, with some
> other minor improvements.
I think we found it to be good enough to be included in master, or did I miss anything?
Would be nice if I could drop my local patch (and building). The team around Taler seems
to be interested in it as well as far as I can remember our chats in Leipzig.
--
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://n0.is
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-03-16 17:30 ` ng0
@ 2018-03-16 17:45 ` Marius Bakke
2018-03-16 17:52 ` ng0
2018-03-16 19:01 ` Adonay Felipe Nogueira
0 siblings, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2018-03-16 17:45 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 804 bytes --]
ng0 <ng0@n0.is> writes:
> I think we found it to be good enough to be included in master, or did I miss anything?
>
> Would be nice if I could drop my local patch (and building). The team around Taler seems
> to be interested in it as well as far as I can remember our chats in Leipzig.
Reading up on GNU Taler, Chromium seems like a poor choice for an
anonymous payment system. Why not GNU IceCat? I don't see Chromium
becoming stable enough for guaranteed privacy any time soon. And a full
fork would require a large maintenance team.
Unfortunately I got busy after the latest update, and haven't had time
to work on 65 yet. I will send an update once I get around to it, and
also try some other Inox patches and see if they help with the "first
launch" issue -- hopefully within a week or two.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-03-16 17:45 ` Marius Bakke
@ 2018-03-16 17:52 ` ng0
2018-07-25 8:08 ` ng0
2018-03-16 19:01 ` Adonay Felipe Nogueira
1 sibling, 1 reply; 91+ messages in thread
From: ng0 @ 2018-03-16 17:52 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004, ng0
[-- Attachment #1: Type: text/plain, Size: 1211 bytes --]
Marius Bakke transcribed 1.4K bytes:
> ng0 <ng0@n0.is> writes:
>
> > I think we found it to be good enough to be included in master, or did I miss anything?
> >
> > Would be nice if I could drop my local patch (and building). The team around Taler seems
> > to be interested in it as well as far as I can remember our chats in Leipzig.
>
> Reading up on GNU Taler, Chromium seems like a poor choice for an
> anonymous payment system. Why not GNU IceCat? I don't see Chromium
> becoming stable enough for guaranteed privacy any time soon. And a full
> fork would require a large maintenance team.
Why: Ask Taler directly, I'm not involved with them.
And on for what: It is just for the Browser extension. No one is forking
Chromium again.
> Unfortunately I got busy after the latest update, and haven't had time
> to work on 65 yet. I will send an update once I get around to it, and
> also try some other Inox patches and see if they help with the "first
> launch" issue -- hopefully within a week or two.
Cool, thanks! And thanks for your continued work on this. I'll definitely
try to help out once it is in master.
--
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://n0.is
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-03-16 17:45 ` Marius Bakke
2018-03-16 17:52 ` ng0
@ 2018-03-16 19:01 ` Adonay Felipe Nogueira
2018-03-16 19:34 ` ng0
1 sibling, 1 reply; 91+ messages in thread
From: Adonay Felipe Nogueira @ 2018-03-16 19:01 UTC (permalink / raw)
To: 28004
> Reading up on GNU Taler, Chromium seems like a poor choice for an
> anonymous payment system. Why not GNU IceCat? I don't see Chromium
> becoming stable enough for guaranteed privacy any time soon. And a full
> fork would require a large maintenance team.
+1 (I agree with you).
--
- https://libreplanet.org/wiki/User:Adfeno
- Palestrante e consultor sobre /software/ livre (não confundir com
gratis).
- "WhatsApp"? Ele não é livre. Por favor, veja formas de se comunicar
instantaneamente comigo no endereço abaixo.
- Contato: https://libreplanet.org/wiki/User:Adfeno#vCard
- Arquivos comuns aceitos (apenas sem DRM): Corel Draw, Microsoft
Office, MP3, MP4, WMA, WMV.
- Arquivos comuns aceitos e enviados: CSV, GNU Dia, GNU Emacs Org, GNU
GIMP, Inkscape SVG, JPG, LibreOffice (padrão ODF), OGG, OPUS, PDF
(apenas sem DRM), PNG, TXT, WEBM.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-03-16 19:01 ` Adonay Felipe Nogueira
@ 2018-03-16 19:34 ` ng0
2018-03-16 21:20 ` Adonay Felipe Nogueira
0 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2018-03-16 19:34 UTC (permalink / raw)
To: Adonay Felipe Nogueira; +Cc: 28004
Adonay Felipe Nogueira transcribed 890 bytes:
> > Reading up on GNU Taler, Chromium seems like a poor choice for an
> > anonymous payment system. Why not GNU IceCat? I don't see Chromium
> > becoming stable enough for guaranteed privacy any time soon. And a full
> > fork would require a large maintenance team.
>
> +1 (I agree with you).
Read the follow-up emails I've sent.
Also, 1 line emails which basically say "+1" are not really good,
even more so when it goes offtopic (this is about getting Chrmium into
Guix!). As we are already offtopic: Want Cross-Browser support
so that the Browser *extension* (Taler is not *a* Browser) runs
in legacy old cruft Icecat base and newer Firefox (which shares
extension format with Chrome?
Good, there's something to work on in Taler if you want it.
Again, I am not a Taler developer, reach out to them.
--
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://n0.is
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-03-16 19:34 ` ng0
@ 2018-03-16 21:20 ` Adonay Felipe Nogueira
0 siblings, 0 replies; 91+ messages in thread
From: Adonay Felipe Nogueira @ 2018-03-16 21:20 UTC (permalink / raw)
To: 28004
> Guix!). As we are already offtopic: Want Cross-Browser support
> so that the Browser *extension* (Taler is not *a* Browser) runs
> in legacy old cruft Icecat base and newer Firefox (which shares
> extension format with Chrome?
> Good, there's something to work on in Taler if you want it.
>
> Again, I am not a Taler developer, reach out to them.
Indeed, sorry for the bother, I tought I was replying to Taler. I guess
I'm somewhat asleep today.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 65
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
` (3 preceding siblings ...)
2018-02-26 18:19 ` [bug#28004] [PATCH] gnu: Add chromium Marius Bakke
@ 2018-04-13 19:10 ` Marius Bakke
2018-04-17 19:10 ` Oleg Pykhalov
2018-04-24 17:05 ` Christopher Lemmer Webber
2018-08-29 23:31 ` [bug#28004] (no subject) Amirouche Boubekki
` (2 subsequent siblings)
7 siblings, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2018-04-13 19:10 UTC (permalink / raw)
To: 28004
[-- Attachment #1.1: Type: text/plain, Size: 1282 bytes --]
Hello!
Attached is a patch for Chromium 65.
New in this version:
* Deleting third party files is now done with a single traversal of the
file system, instead of the "shotgun" approach used previously. I
also added a second pass to scrub bundled JARs and tarballs, that will
be incorporated in the "nftw" snippet eventually.
* It's using Clang instead of GCC since the latter is no longer
supported upstream (as in part of their continuous integration). GCC5
in particular is completely broken with this release. Debian and
NixOS are apparently able to build it with GCC 6 and 7 respectively,
but Arch and Gentoo changed to Clang with 65. Unfortunately GCC6 and
later has other problems in Guix: <https://bugs.gnu.org/30756>.
* Various tweaks to build options after reading the "GN" flags more
closely. In particular, more debugging symbols have been removed.
I haven't done anything on the privacy side since this update was
difficult enough as-is. You'll notice a few hacks around Clang and
libstdc++, and also that currently only x86_64 is supported due to
unconditionally adding the x86_64 triplet to CPLUS_INCLUDE_PATH.
Hopefully future updates will be easier. Any feedback on the
Clang/libstdc++ issues mentioned in the patch are very welcome.
[-- Attachment #1.2: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 48410 bytes --]
From 759253a8966e2e6afbeaeb67255e4e067ce33b76 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm: New file.
* gnu/packages/patches/chromium-glibc-compat.patch,
gnu/packages/patches/chromium-remove-default-history.patch: New files.
* gnu/local.mk: Record it.
---
gnu/local.mk | 3 +
gnu/packages/chromium.scm | 894 ++++++++++++++++++
.../patches/chromium-glibc-compat.patch | 38 +
.../chromium-remove-default-history.patch | 13 +
4 files changed, 948 insertions(+)
create mode 100644 gnu/packages/chromium.scm
create mode 100644 gnu/packages/patches/chromium-glibc-compat.patch
create mode 100644 gnu/packages/patches/chromium-remove-default-history.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 3d4b05c77..03f972130 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -94,6 +94,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/check.scm \
%D%/packages/chemistry.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cinnamon.scm \
%D%/packages/cmake.scm \
@@ -591,6 +592,8 @@ dist_patch_DATA = \
%D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
%D%/packages/patches/ceph-skip-unittest_blockdev.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-glibc-compat.patch \
+ %D%/packages/patches/chromium-remove-default-history.patch \
%D%/packages/patches/clang-3.5-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clang-6.0-libc-search-path.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..cecbab7a1
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,894 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gcc)
+ #:use-module (gnu packages ghostscript)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (strip-directory-prefix pathspec)
+ "Return everything after the last '/' in PATHSPEC."
+ (let ((index (string-rindex pathspec #\/)))
+ (if index
+ (string-drop pathspec (+ 1 index))
+ pathspec)))
+
+(define (chromium-patch-file-name pathspec)
+ (let ((patch-name (strip-directory-prefix pathspec)))
+ (if (string-prefix? "chromium-" patch-name)
+ patch-name
+ (string-append "chromium-" patch-name))))
+
+;; https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches
+(define (debian-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git"
+ "/plain/debian/patches/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
+(define (gentoo-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
+ "/chromium/files/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/gcarq/inox-patchset
+(define (inox-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
+ revision "/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/NixOS/nixpkgs/tree/master/pkgs/applications/networking/browsers/chromium
+(define (nixos-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/NixOS/nixpkgs/"
+ revision "/pkgs/applications/networking/browsers"
+ "/chromium/patches/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; Fix an assignment bug when using Clang and libstdc++.
+(define %chromium-clang-assignment.patch
+ (gentoo-patch "chromium-clang-r3.patch"
+ "804a0d7244a06736d01c353b45c20daf324f0722"
+ "1d10il3mjzyzwgqi8iifw3aw9jnbqfrzz8v1x7cmvqpwjkykwk2a"))
+
+;; Add missing stdint include.
+(define %chromium-add-missing-stdint.patch
+ (gentoo-patch "chromium-stdint.patch"
+ "804a0d7244a06736d01c353b45c20daf324f0722"
+ "03r16zqi0hm3i00b9bwq2bdn2sp731rllizcxfl3i2q7y432a3f0"))
+
+(define %chromium-system-nspr.patch
+ (debian-patch "system/nspr.patch"
+ "debian/65.0.3325.146-4"
+ "1ggdrlz94d75ni21rx6ivvajjwhx7zwnl3s5aapysqn9kls4qsr2"))
+
+(define %chromium-system-libevent.patch
+ (debian-patch "system/event.patch"
+ "debian/65.0.3325.146-4"
+ "1k3zc59vpwc8rzbknxryjzzy99jk666whdablzcvxnyzaqk38kfx"))
+
+(define %chromium-system-icu.patch
+ (debian-patch "system/icu.patch"
+ "debian/65.0.3325.146-4"
+ "19wclidx1kyjbi3b3hnmkjs0h34d67p4dp6a48vbjbx9rxmfdk3b"))
+
+;; Don't show a warning about missing API keys.
+(define %chromium-disable-api-keys-warning.patch
+ (debian-patch "disable/google-api-warning.patch"
+ "debian/65.0.3325.146-4"
+ "1g5yk51bl7svrqx8wjxsgpz545mnymnpi3bsa62kwdm4qd8bx10x"))
+
+;; Add DuckDuckGo and set it as the default search engine.
+(define %chromium-duckduckgo.patch
+ (inox-patch "0011-add-duckduckgo-search-engine.patch"
+ "0c55cc9a81634244ad13fbbd6b5c5098b9132162"
+ "0mvw1ax0gw3d252c9b1pwbk0j7ny8z9nsfywcmhj56wm6yksgpkg"))
+
+;; Don't start a "Login Wizard" at first launch.
+(define %chromium-first-run.patch
+ (inox-patch "0018-disable-first-run-behaviour.patch"
+ "0c55cc9a81634244ad13fbbd6b5c5098b9132162"
+ "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
+
+;; Use privacy-preserving defaults.
+(define %chromium-default-preferences.patch
+ (inox-patch "0006-modify-default-prefs.patch"
+ "0c55cc9a81634244ad13fbbd6b5c5098b9132162"
+ "0zyshpl1hjssqrfhdfbgxdib4smdszjgf0ac98l978hrn9gwwk03"))
+
+;; Recent versions of Chromium may load a remote search engine on the
+;; New Tab Page, causing unnecessary and involuntary network traffic.
+(define %chromium-restore-classic-ntp.patch
+ (inox-patch "0008-restore-classic-ntp.patch"
+ "0c55cc9a81634244ad13fbbd6b5c5098b9132162"
+ "1h698cbp97g8lgmndfy6kswgwfvss7c3k609xgvyxbfldkzy7pd5"))
+
+(define opus+custom
+ (package (inherit opus)
+ (name "opus+custom")
+ (arguments
+ (substitute-keyword-arguments (package-arguments opus)
+ ((#:configure-flags flags ''())
+ ;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ `(cons "--enable-custom-modes"
+ ,flags))))))
+
+(define libvpx+experimental
+ (package (inherit libvpx)
+ (name "libvpx+experimental")
+ (arguments
+ (substitute-keyword-arguments (package-arguments libvpx)
+ ((#:configure-flags flags)
+ ;; Spatial SVC is an experimental VP9 encoder required
+ ;; by Chromium.
+ `(cons* "--enable-experimental" "--enable-spatial-svc"
+ ,flags))))))
+
+;; XXX: This ugly libstdc++ variant stems from the fact that building
+;; libstdc++ standalone is not officially supported by GCC upstream, and
+;; the "make-libstdc++" procedure consequently builds a library without
+;; threading support, since the configure script fails to detect gthreads.
+;;
+;; Fixing it properly would require building libgcc (which creates
+;; gthr-default.h) before building libstdc++. This authors attempts
+;; at doing so were unsuccessful, hence this hack.
+;;
+;; This behaviour changed upstream in this commit:
+;; https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=630d52ca0a88d173f89634a5d7dd8aee07d04d80
+;; ...or around GCC 4.6. The libstdc++ docs are very explicit about it
+;; not being designed to used standalone (even though it worked just fine
+;; before 4.6, according to multiple mailing list threads around that time),
+;; so upstream is not interested in improving the situation.
+;;
+;; In fact, there used to be an "INSTALL" document with libstdc++, which
+;; is conspicuously missing in later releases.
+;;
+;; An alternative would be to change the GCC package to install C++ headers
+;; in "include" rather than "include/c++". I tried that too; but it caused
+;; a bootstrapping failure. The situation is further complicated by the
+;; fact that GCC installs C++ headers in the default output, but libstdc++.so
+;; ends up in "lib".
+;;
+;; To be continued...
+
+(define (libstdc++-from-gcc gcc)
+ "Return a libstdc++ library extracted from gcc. The primary use case
+is when using compilers other than GCC."
+ (package
+ (inherit gcc)
+ (source #f)
+ (name "libstdc++")
+ (build-system trivial-build-system)
+ (arguments
+ `(#:modules ((guix build utils))
+ #:builder (begin
+ (use-modules (guix build utils))
+ (let* ((out (assoc-ref %outputs "out"))
+ (lib (string-append out "/lib"))
+ (include (string-append out "/include"))
+ (gcc (assoc-ref %build-inputs "gcc"))
+ (gcc-lib (assoc-ref %build-inputs "gcc:lib")))
+ (mkdir-p out)
+ (copy-recursively (string-append gcc "/include/c++")
+ include)
+ (for-each (lambda (file)
+ (install-file file lib))
+ (find-files (string-append gcc-lib "/lib")
+ "^libstdc\\+\\+\\.so.*"))
+ #t))))
+ (outputs '("out"))
+ (inputs `(("gcc" ,gcc)
+ ("gcc:lib" ,gcc "lib")))
+ (native-inputs '())
+ (propagated-inputs '())
+ (synopsis "GNU C++ standard library")))
+
+(define (make-clang-toolchain clang libcxx)
+ "Return a complete toolchain for Clang."
+ (package
+ (name "clang-toolchain")
+ (version (package-version clang))
+ (source #f)
+ (build-system trivial-build-system)
+ (arguments
+ '(#:modules ((guix build union))
+ #:builder (begin
+ (use-modules (ice-9 match)
+ (srfi srfi-26)
+ (guix build union))
+
+ (let ((out (assoc-ref %outputs "out")))
+
+ (match %build-inputs
+ (((names . directories) ...)
+ (union-build out directories)))
+ #t))))
+ (native-search-paths (package-native-search-paths clang))
+ (search-paths (package-search-paths clang))
+ (license (package-license clang))
+ (synopsis "Complete Clang tool chain for C/C++ development")
+ (description
+ "This package provides a complete Clang tool chain for C/C++. This
+includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
+ (home-page "https://clang.llvm.org")
+ (outputs '("out"))
+ (inputs `(("clang" ,clang)
+ ("libcxx" ,libcxx)
+ ("ld-wrapper" ,(car (assoc-ref (%final-inputs) "ld-wrapper")))
+ ("binutils" ,binutils)
+ ("libc" ,glibc)))))
+
+;; When using Clang, Chromium expects to find "ar" and friends next
+;; to the clang executable. For simplicity just create this union.
+(define chromium-clang-toolchain
+ (make-clang-toolchain clang (libstdc++-from-gcc gcc-6)))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "65.0.3325.181")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "11w6wg862ixbgm7dpqag2lmbjknv83zlr9imd8zchvmrqr468rlk"))
+ (patches (list %chromium-duckduckgo.patch
+ %chromium-default-preferences.patch
+ %chromium-first-run.patch
+ %chromium-restore-classic-ntp.patch
+
+ %chromium-clang-assignment.patch
+ %chromium-add-missing-stdint.patch
+ %chromium-system-icu.patch
+ %chromium-system-nspr.patch
+ %chromium-system-libevent.patch
+ %chromium-disable-api-keys-warning.patch
+ (search-patch "chromium-glibc-compat.patch")
+ (search-patch "chromium-remove-default-history.patch")))
+ (modules '((srfi srfi-1)
+ (srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 match)
+ (ice-9 regex)
+ (guix build utils)))
+ (snippet
+ '(begin
+ (let ((preserved-club
+ (map
+ (lambda (path)
+ ;; Prepend paths with "./" for comparison with ftw.
+ (string-append "./" path))
+ (list
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/libevent"
+ "base/third_party/nspr"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ;glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "buildtools/third_party/libc++"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/smhasher"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/blink"
+ "third_party/boringssl"
+ "third_party/boringssl/src/third_party/fiat"
+ "third_party/breakpad"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/catapult/tracing/third_party/pako"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/crc32c"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/harfbuzz-ng"
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml"
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/metrics_proto"
+ "third_party/modp_b64"
+ "third_party/mt19937ar"
+ "third_party/node"
+ (string-append "third_party/node/node_modules/"
+ "polymer-bundler/lib/third_party/UglifyJS2")
+ "third_party/openmax_dl"
+ "third_party/ots"
+ ;; TODO: Build as extension.
+ "third_party/pdfium"
+ "third_party/pdfium/third_party"
+ (string-append "third_party/pdfium/third_party/freetype"
+ "/include/psnames/pstables.h")
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
+ "third_party/smhasher"
+ "third_party/speech-dispatcher"
+ "third_party/spirv-headers"
+ "third_party/spirv-tools-angle"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/s2cellid"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/vulkan"
+ "third_party/vulkan-validation-layers"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/webrtc_overrides"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/utf8-decoder"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol"))))
+
+ (define (empty? dir)
+ (equal? (scandir dir) '("." "..")))
+
+ (define (third_party? file)
+ (if (string-contains file "third_party/")
+ #t
+ #f))
+
+ (define (parents child)
+ "Return a list of paths up to and including the closest third_party"
+ (let ((lst (reverse (string-split child #\/))))
+ (let loop ((hierarchy lst)
+ (result '()))
+ (if (or (null? hierarchy)
+ (and (not (null? result))
+ (string-suffix? "third_party" (car result))))
+ result
+ (loop (cdr hierarchy)
+ (cons (string-join (reverse hierarchy) "/")
+ result))))))
+
+ (define (delete-unwanted child stat flag base level)
+ (let ((protected (make-regexp "\\.(gn|gyp)i?$")))
+ (match flag
+ ((or 'regular 'symlink 'stale-symlink)
+ (when (third_party? child)
+ (unless (or (member child preserved-club)
+ (any (cute member <> preserved-club)
+ (parents child))
+ (regexp-exec protected child))
+ (delete-file child)))
+ #t)
+ ('directory-processed
+ (when (empty? child)
+ (rmdir child))
+ #t)
+ (_ #t))))
+
+ (nftw "." delete-unwanted 'depth 'physical)
+
+ ;; Do a second pass to get rid of various binary archives.
+ (for-each delete-file
+ (find-files "." "\\.(zip|jar|tar.gz|exe)$"))
+
+ ;; Replace "GN" files from third_party with shims for
+ ;; building against system libraries. Keep this list in
+ ;; sync with "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("fontconfig.gn" . "third_party/fontconfig/BUILD.gn")
+ '("freetype.gn" . "build/config/freetype/freetype.gni")
+ '("harfbuzz-ng.gn" .
+ "third_party/harfbuzz-ng/harfbuzz.gni")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ '("libxml.gn" . "third_party/libxml/BUILD.gn")
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t)))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it overrides the RUNPATH set by the linker.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus")))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute*
+ "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (clang-toolchain (assoc-ref inputs "clang-toolchain"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "use_gold=false"
+ "use_lld=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "enable_precompiled_headers=false"
+ "goma_dir=\"\""
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ;don't use tcmalloc
+ "override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
+
+ ;; GCC is poorly supported, so we use Clang for now.
+ (string-append "clang_base_path=\"" clang-toolchain "\"")
+ "clang_use_chrome_plugins=false"
+
+ ;; Optimize for building everything at once, as opposed
+ ;; to incrementally for development. See "docs/jumbo.md".
+ "use_jumbo_build=true"
+ ;; Disable debugging features to save space.
+ "symbol_level=1"
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ ;; Some of the unbundled libraries throws deprecation
+ ;; warnings, etc. Ignore it.
+ "treat_warnings_as_errors=false"
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if desired. See
+ ;; <https://www.chromium.org/developers/how-tos/api-keys>.
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+ ;; Disable Chrome Remote Desktop (aka Chromoting).
+ "enable_remoting=false"
+
+ "use_system_freetype=true"
+ "use_system_lcms2=true"
+ "use_system_libjpeg=true"
+ "use_system_libpng=true"
+ "use_system_zlib=true"
+ ;; This is currently not supported on GNU/Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;;"use_system_sqlite=true"
+
+ "use_gnome_keyring=false" ;deprecated by libsecret
+ "use_gtk3=true"
+ "use_openh264=true"
+ "use_xkbcommon=true"
+ "use_pulseaudio=true"
+ "link_pulseaudio=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ;2.0
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+
+ ;; FIXME: This nasty hack works around a problem where
+ ;; Clang does not add the arch triplet to the libtsdc++
+ ;; search path. Fixing it seems tricky, since it only
+ ;; searches "include/<triplet>" when it detects libstdc++
+ ;; in GCC which is not the case in Guix; the only reason
+ ;; libstdc++ works here is because it's already on the
+ ;; include path...
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append (getenv "CPLUS_INCLUDE_PATH")
+ ":" clang-toolchain
+ "/include/x86_64-unknown-linux-gnu"))
+
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (invoke "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v")
+ ;; Generate ninja build files.
+ (invoke "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " ")))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (invoke "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome")))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (substitute* '("chrome/app/resources/manpage.1.in"
+ "chrome/installer/linux/common/desktop.template")
+ (("@@MENUNAME@@") "Chromium")
+ (("@@PACKAGE@@") "chromium")
+ (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
+ (mkdir-p man)
+ (copy-file "chrome/app/resources/manpage.1.in"
+ (string-append man "/chromium.1"))
+ (mkdir-p applications)
+ (copy-file "chrome/installer/linux/common/desktop.template"
+ (string-append applications "/chromium.desktop"))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\" \\~@
+ --disable-background-networking \\~@
+ --disable-extensions \\~@
+ \"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("clang-toolchain" ,chromium-clang-toolchain)
+ ("git" ,git) ;last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c)
+ ("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser designed for speed and security. This
+version incorporates patches from
+@url{https://github.com/gcarq/inox-patchset,Inox} and
+@url{https://www.debian.org/,Debian} in order to protect the users privacy.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; components with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
diff --git a/gnu/packages/patches/chromium-glibc-compat.patch b/gnu/packages/patches/chromium-glibc-compat.patch
new file mode 100644
index 000000000..720adbeef
--- /dev/null
+++ b/gnu/packages/patches/chromium-glibc-compat.patch
@@ -0,0 +1,38 @@
+Upstream-Status: Backport
+
+Signed-off-by: Raphael Kubo da Costa <raphael.kubo.da.costa@intel.com>
+---
+From 9f63f94a11abc34d40ede8b8712fa15b5844a8c0 Mon Sep 17 00:00:00 2001
+From: Tom Anderson <thomasanderson@chromium.org>
+Date: Sat, 27 Jan 2018 20:03:37 +0000
+Subject: [PATCH] Fix build with glibc 2.27
+
+BUG=806340
+TBR=hamelphi@chromium.org
+
+Change-Id: Ib4e5091212d874d9ad88f3e9a1fdfee3ed7e0d5e
+Reviewed-on: https://chromium-review.googlesource.com/890059
+Reviewed-by: Thomas Anderson <thomasanderson@chromium.org>
+Reviewed-by: Philippe Hamel <hamelphi@chromium.org>
+Commit-Queue: Thomas Anderson <thomasanderson@chromium.org>
+Cr-Commit-Position: refs/heads/master@{#532249}
+---
+ components/assist_ranker/ranker_example_util.cc | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/components/assist_ranker/ranker_example_util.cc b/components/assist_ranker/ranker_example_util.cc
+index 54d4dbd58f7d..ceedd8f9b18d 100644
+--- a/components/assist_ranker/ranker_example_util.cc
++++ b/components/assist_ranker/ranker_example_util.cc
+@@ -2,6 +2,8 @@
+ // Use of this source code is governed by a BSD-style license that can be
+ // found in the LICENSE file.
+
++#include <math.h>
++
+ #include "components/assist_ranker/ranker_example_util.h"
+ #include "base/bit_cast.h"
+ #include "base/format_macros.h"
+--
+2.14.3
+
diff --git a/gnu/packages/patches/chromium-remove-default-history.patch b/gnu/packages/patches/chromium-remove-default-history.patch
new file mode 100644
index 000000000..38be10820
--- /dev/null
+++ b/gnu/packages/patches/chromium-remove-default-history.patch
@@ -0,0 +1,13 @@
+Don't pre-populate the New Tab Page for new profiles.
+
+--- a/chrome/browser/history/top_sites_factory.cc
++++ b/chrome/browser/history/top_sites_factory.cc
+@@ -74,7 +74,7 @@
+
+ void InitializePrepopulatedPageList(
+ history::PrepopulatedPageList* prepopulated_pages) {
+-#if !defined(OS_ANDROID)
++#if false
+ DCHECK(prepopulated_pages);
+ prepopulated_pages->reserve(arraysize(kRawPrepopulatedPages));
+ for (size_t i = 0; i < arraysize(kRawPrepopulatedPages); ++i) {
--
2.17.0
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 65
2018-04-13 19:10 ` [bug#28004] Chromium 65 Marius Bakke
@ 2018-04-17 19:10 ` Oleg Pykhalov
2018-04-24 17:05 ` Christopher Lemmer Webber
1 sibling, 0 replies; 91+ messages in thread
From: Oleg Pykhalov @ 2018-04-17 19:10 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 587 bytes --]
Hello Marius,
First of all, thank you for working on this!
Marius Bakke <mbakke@fastmail.com> writes:
> Attached is a patch for Chromium 65.
I've built it successfully. Thank you for such a hard work!
I build ‘chromium’ from my first day of using GuixSD (about one year).
Because of I cannot build it constantly, I always use out of date
‘chromium’ closure. It's more worse for privacy and security than
unchecked new ‘chromium’ version in my case (I guess).
Could we have it pushed to ‘origin/master’ for people like me? :-)
Thanks,
Oleg.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 65
2018-04-13 19:10 ` [bug#28004] Chromium 65 Marius Bakke
2018-04-17 19:10 ` Oleg Pykhalov
@ 2018-04-24 17:05 ` Christopher Lemmer Webber
2018-04-24 18:08 ` [bug#28004] Chromium 66 + status update Marius Bakke
1 sibling, 1 reply; 91+ messages in thread
From: Christopher Lemmer Webber @ 2018-04-24 17:05 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Hello! I'd like to speak up in favor of getting Chromium merged into
Guix master. As a web developer, sometimes I have to test things
against multiple browsers. Having Chromium in GuixSD would help me out
a lot.
It looks like a mountain of hard work has been put into this. Could we
get it merged rather than have that work languish?
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-04-24 17:05 ` Christopher Lemmer Webber
@ 2018-04-24 18:08 ` Marius Bakke
2018-04-24 18:45 ` Christopher Lemmer Webber
` (2 more replies)
0 siblings, 3 replies; 91+ messages in thread
From: Marius Bakke @ 2018-04-24 18:08 UTC (permalink / raw)
To: Christopher Lemmer Webber; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 1951 bytes --]
Christopher Lemmer Webber <cwebber@dustycloud.org> writes:
> Hello! I'd like to speak up in favor of getting Chromium merged into
> Guix master. As a web developer, sometimes I have to test things
> against multiple browsers. Having Chromium in GuixSD would help me out
> a lot.
>
> It looks like a mountain of hard work has been put into this. Could we
> get it merged rather than have that work languish?
Hello!
I use this browser a lot, so it's hardly languishing.
There was a recent discussion[0] about the Pale Moon browser, where it
was pointed out that the FSDG[1] requires that any third-party
repositories must be committed to only free software.
[0] https://lists.gnu.org/archive/html/guix-devel/2018-03/msg00319.html
[1] https://www.gnu.org/distros/free-system-distribution-guidelines.html#license-rules
Unfortunately there are UI links to the Chrome "Web Store" still. It's
not possible to install from it without setting the
CHROMIUM_ENABLE_WEB_STORE variable, but I'm not sure if that is
sufficient. It's unfortunate if an unsuspecting user stumbles into the
Web Store and tries to install something (free or not) and only then
finds out that it does not work.
The other remaining issue is that some data is sent to Google whenever
you start the browser for the first time. I don't think that's a
blocker, but it's certainly something we should aim to fix.
Attached are updates for 66. The first is an interdiff from the
previous 65 patch; the other is the full "squashed" patch for
convenience.
New in this version:
* The snippet will now error if a preserved directory is not present.
* Chromium again requires a git revision of libvpx.
* The "safe browsing" feature requires the nonfree "unrar" program(!!),
as such it has been compiled out. Luckily "Inox" already had a patch
to make the thing actually build with that flag disabled.
* Cosmetic rearrangement of patches to follow Debian and Inox patch order.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: 0001-Chromium-66-update.patch --]
[-- Type: text/x-patch, Size: 19463 bytes --]
From a6ce5ebc121f129c3097f1f105b6a4de925b43e9 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Tue, 17 Apr 2018 03:54:56 +0200
Subject: [PATCH] Chromium 66 update.
---
gnu/local.mk | 1 -
gnu/packages/chromium.scm | 173 ++++++++++++------
.../patches/chromium-glibc-compat.patch | 38 ----
3 files changed, 115 insertions(+), 97 deletions(-)
delete mode 100644 gnu/packages/patches/chromium-glibc-compat.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index fdb15a074..0bc3220f8 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -592,7 +592,6 @@ dist_patch_DATA = \
%D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
%D%/packages/patches/ceph-skip-unittest_blockdev.patch \
%D%/packages/patches/chmlib-inttypes.patch \
- %D%/packages/patches/chromium-glibc-compat.patch \
%D%/packages/patches/chromium-remove-default-history.patch \
%D%/packages/patches/clang-3.5-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
index cecbab7a1..a6f9fec0f 100644
--- a/gnu/packages/chromium.scm
+++ b/gnu/packages/chromium.scm
@@ -122,63 +122,89 @@
(sha256 (base32 hash))
(file-name (chromium-patch-file-name pathspec))))
-;; Fix an assignment bug when using Clang and libstdc++.
-(define %chromium-clang-assignment.patch
- (gentoo-patch "chromium-clang-r3.patch"
- "804a0d7244a06736d01c353b45c20daf324f0722"
- "1d10il3mjzyzwgqi8iifw3aw9jnbqfrzz8v1x7cmvqpwjkykwk2a"))
-
-;; Add missing stdint include.
-(define %chromium-add-missing-stdint.patch
- (gentoo-patch "chromium-stdint.patch"
- "804a0d7244a06736d01c353b45c20daf324f0722"
- "03r16zqi0hm3i00b9bwq2bdn2sp731rllizcxfl3i2q7y432a3f0"))
+(define %debian-revision "debian/66.0.3359.26-1")
+(define %gentoo-revision "599be358f257098e7ba29196f6fce498b0a8d208")
+(define %inox-revision "365a106e298e04b4a7063559b7a0ee16888b928f")
+;; Use system NSPR.
(define %chromium-system-nspr.patch
(debian-patch "system/nspr.patch"
- "debian/65.0.3325.146-4"
- "1ggdrlz94d75ni21rx6ivvajjwhx7zwnl3s5aapysqn9kls4qsr2"))
+ %debian-revision
+ "0x54c8zhwjldlnx4754aaq0xyb24spqia3fgn94kcf686wp61srz"))
+;; And system libevent.
(define %chromium-system-libevent.patch
(debian-patch "system/event.patch"
- "debian/65.0.3325.146-4"
- "1k3zc59vpwc8rzbknxryjzzy99jk666whdablzcvxnyzaqk38kfx"))
+ %debian-revision
+ "18ka0zmfd6g5yxhknh6x94bfm643v1kgczzag5sfndizsaaxrlpc"))
-(define %chromium-system-icu.patch
- (debian-patch "system/icu.patch"
- "debian/65.0.3325.146-4"
- "19wclidx1kyjbi3b3hnmkjs0h34d67p4dp6a48vbjbx9rxmfdk3b"))
+;; Avoid dependency on Chromiums embedded libc++ library for GN.
+(define %chromium-gn-libcxx.patch
+ (debian-patch "gn/libcxx.patch"
+ %debian-revision
+ "14rx16abxv0pz4qyp194cy999z3390hxi80rdbjs3v2lwscx36cl"))
;; Don't show a warning about missing API keys.
(define %chromium-disable-api-keys-warning.patch
(debian-patch "disable/google-api-warning.patch"
- "debian/65.0.3325.146-4"
- "1g5yk51bl7svrqx8wjxsgpz545mnymnpi3bsa62kwdm4qd8bx10x"))
+ %debian-revision
+ "1qf2y7jmaya43k9rbsxjjpkp5manzmbkhjj5hvfyqcdylhy30swj"))
-;; Add DuckDuckGo and set it as the default search engine.
-(define %chromium-duckduckgo.patch
- (inox-patch "0011-add-duckduckgo-search-engine.patch"
- "0c55cc9a81634244ad13fbbd6b5c5098b9132162"
- "0mvw1ax0gw3d252c9b1pwbk0j7ny8z9nsfywcmhj56wm6yksgpkg"))
+;; Some files were missing in the Chromium 66 release tarball.
+;; See <https://crbug.com/832283>.
+(define %chromium-add-blink-tools.patch
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://bazaar.launchpad.net/~chromium-team"
+ "/chromium-browser/bionic-stable/download/head:"
+ "/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1"
+ "/add-missing-blink-tools.patch"))
+ (sha256
+ (base32
+ "1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s"))))
-;; Don't start a "Login Wizard" at first launch.
-(define %chromium-first-run.patch
- (inox-patch "0018-disable-first-run-behaviour.patch"
- "0c55cc9a81634244ad13fbbd6b5c5098b9132162"
- "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
+;; Fix an assignment bug when using Clang and libstdc++.
+(define %chromium-clang-assignment.patch
+ (gentoo-patch "chromium-clang-r4.patch"
+ %gentoo-revision
+ "0ip3pzk9is6n7icpml33ryysiq4cfrx8jlr0jkjgdg6mvl8pli3i"))
+
+;; Fix error detecting system ffmpeg.
+(define %chromium-ffmpeg.patch
+ (gentoo-patch "chromium-ffmpeg-r1.patch"
+ %gentoo-revision
+ "1pivcdmana4qx8sngcdpr858l0qh6bygv7azj66vg021phq5725a"))
+
+;; Fix build failure when built with "safe_browsing_mode=0".
+(define %chromium-build-without-safebrowsing.patch
+ (inox-patch "0001-fix-building-without-safebrowsing.patch"
+ %inox-revision
+ "0r1as6vmc6bbc7i54cxbmbm6rrwj33a12hfz6rzj0yxyqnnps00f"))
;; Use privacy-preserving defaults.
(define %chromium-default-preferences.patch
(inox-patch "0006-modify-default-prefs.patch"
- "0c55cc9a81634244ad13fbbd6b5c5098b9132162"
- "0zyshpl1hjssqrfhdfbgxdib4smdszjgf0ac98l978hrn9gwwk03"))
+ %inox-revision
+ "1ncjij9sib7fliafpv37j1zf8zz5hvyxqad669vvadg7vvwr9rza"))
;; Recent versions of Chromium may load a remote search engine on the
;; New Tab Page, causing unnecessary and involuntary network traffic.
(define %chromium-restore-classic-ntp.patch
(inox-patch "0008-restore-classic-ntp.patch"
- "0c55cc9a81634244ad13fbbd6b5c5098b9132162"
- "1h698cbp97g8lgmndfy6kswgwfvss7c3k609xgvyxbfldkzy7pd5"))
+ %inox-revision
+ "1jl978qas2ry9lnq6x42xl4qa6arxxj9a37k9j2wclz2pin8cmzn"))
+
+;; Add DuckDuckGo and set it as the default search engine.
+(define %chromium-duckduckgo.patch
+ (inox-patch "0011-add-duckduckgo-search-engine.patch"
+ %inox-revision
+ "0mvw1ax0gw3d252c9b1pwbk0j7ny8z9nsfywcmhj56wm6yksgpkg"))
+
+;; Don't start a "Login Wizard" at first launch.
+(define %chromium-first-run.patch
+ (inox-patch "0018-disable-first-run-behaviour.patch"
+ %inox-revision
+ "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
(define opus+custom
(package (inherit opus)
@@ -194,6 +220,17 @@
(define libvpx+experimental
(package (inherit libvpx)
+ ;; XXX: Chromium 66 relies on unreleased libvpx features.
+ ;; The commit below is the tip of the "m66-3359" branch
+ ;; as of 2018-04-19.
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libvpx")
+ (commit "e9fff8a9dbcd03fbf3e5b7caaa9dc2631a79882a")))
+ (sha256
+ (base32
+ "1b1d89dlbr8ydakvp82cg6xnlnkz5hj7679f4pgxwlgd6x46f4g2"))))
(name "libvpx+experimental")
(arguments
(substitute-keyword-arguments (package-arguments libvpx)
@@ -305,7 +342,7 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
(define-public chromium
(package
(name "chromium")
- (version "65.0.3325.181")
+ (version "66.0.3359.117")
(synopsis "Graphical web browser")
(source (origin
(method url-fetch)
@@ -314,19 +351,22 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
version ".tar.xz"))
(sha256
(base32
- "11w6wg862ixbgm7dpqag2lmbjknv83zlr9imd8zchvmrqr468rlk"))
- (patches (list %chromium-duckduckgo.patch
- %chromium-default-preferences.patch
- %chromium-first-run.patch
- %chromium-restore-classic-ntp.patch
-
- %chromium-clang-assignment.patch
- %chromium-add-missing-stdint.patch
- %chromium-system-icu.patch
+ "1mlfavs0m0lf60s42krqxqiyx73hdfd4r1mkjwv31p2gchsa7ibp"))
+ (patches (list %chromium-gn-libcxx.patch
+ %chromium-disable-api-keys-warning.patch
%chromium-system-nspr.patch
%chromium-system-libevent.patch
- %chromium-disable-api-keys-warning.patch
- (search-patch "chromium-glibc-compat.patch")
+
+ %chromium-add-blink-tools.patch
+
+ %chromium-clang-assignment.patch
+ %chromium-ffmpeg.patch
+
+ %chromium-build-without-safebrowsing.patch
+ %chromium-default-preferences.patch
+ %chromium-restore-classic-ntp.patch
+ %chromium-duckduckgo.patch
+ %chromium-first-run.patch
(search-patch "chromium-remove-default-history.patch")))
(modules '((srfi srfi-1)
(srfi srfi-26)
@@ -351,7 +391,6 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"base/third_party/symbolize" ;glog
"base/third_party/xdg_mime"
"base/third_party/xdg_user_dirs"
- "buildtools/third_party/libc++"
"chrome/third_party/mozilla_security_manager"
"courgette/third_party"
"net/third_party/mozilla_security_manager"
@@ -367,6 +406,10 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"third_party/angle/src/third_party/compiler"
"third_party/angle/src/third_party/libXNVCtrl"
"third_party/angle/src/third_party/trace_event"
+ "third_party/angle/third_party/glslang"
+ "third_party/angle/third_party/spirv-headers"
+ "third_party/angle/third_party/spirv-tools"
+ "third_party/angle/third_party/vulkan-validation-layers"
"third_party/blink"
"third_party/boringssl"
"third_party/boringssl/src/third_party/fiat"
@@ -406,6 +449,8 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"third_party/leveldatabase"
"third_party/libXNVCtrl"
"third_party/libaddressinput"
+ "third_party/libaom"
+ "third_party/libaom/source/libaom/third_party/x86inc/x86inc.asm"
"third_party/libjingle_xmpp"
"third_party/libphonenumber"
"third_party/libsecret" ;FIXME: needs pkg-config support.
@@ -420,7 +465,6 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"third_party/mesa"
"third_party/metrics_proto"
"third_party/modp_b64"
- "third_party/mt19937ar"
"third_party/node"
(string-append "third_party/node/node_modules/"
"polymer-bundler/lib/third_party/UglifyJS2")
@@ -430,7 +474,7 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"third_party/pdfium"
"third_party/pdfium/third_party"
(string-append "third_party/pdfium/third_party/freetype"
- "/include/psnames/pstables.h")
+ "/include/pstables.h")
"third_party/ply"
"third_party/polymer"
"third_party/protobuf"
@@ -442,16 +486,12 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"third_party/skia/third_party/gif"
"third_party/smhasher"
"third_party/speech-dispatcher"
- "third_party/spirv-headers"
- "third_party/spirv-tools-angle"
"third_party/sqlite"
"third_party/swiftshader"
"third_party/swiftshader/third_party"
"third_party/s2cellid"
"third_party/usb_ids"
"third_party/usrsctp"
- "third_party/vulkan"
- "third_party/vulkan-validation-layers"
"third_party/WebKit"
"third_party/web-animations-js"
"third_party/webrtc"
@@ -475,6 +515,10 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
#t
#f))
+ (define (useless? file)
+ (any (cute string-suffix? <> file)
+ '(".tar.gz" ".zip" ".exe" ".jar")))
+
(define (parents child)
"Return a list of paths up to and including the closest third_party"
(let ((lst (reverse (string-split child #\/))))
@@ -492,11 +536,12 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
(let ((protected (make-regexp "\\.(gn|gyp)i?$")))
(match flag
((or 'regular 'symlink 'stale-symlink)
- (when (third_party? child)
+ (when (or (third_party? child) (useless? child))
(unless (or (member child preserved-club)
(any (cute member <> preserved-club)
(parents child))
(regexp-exec protected child))
+ (format (current-error-port) "deleting ~s~%" child)
(delete-file child)))
#t)
('directory-processed
@@ -507,9 +552,11 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
(nftw "." delete-unwanted 'depth 'physical)
- ;; Do a second pass to get rid of various binary archives.
- (for-each delete-file
- (find-files "." "\\.(zip|jar|tar.gz|exe)$"))
+ ;; Assert that each listed item is present to catch removals.
+ (for-each (lambda (third-party)
+ (unless (file-exists? third-party)
+ (error (format #f "~s does not exist!" third-party))))
+ preserved-club)
;; Replace "GN" files from third_party with shims for
;; building against system libraries. Keep this list in
@@ -635,7 +682,12 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"override_build_date=\"01 01 2000 05:00:00\""
"use_unofficial_version_number=false"
+ ;; Disable "safe browsing", which pulls in a dependency
+ ;; on the nonfree "unrar" program.
+ "safe_browsing_mode=0"
+
;; GCC is poorly supported, so we use Clang for now.
+ ;;"is_clang=false"
(string-append "clang_base_path=\"" clang-toolchain "\"")
"clang_use_chrome_plugins=false"
@@ -716,6 +768,11 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
(string-append (getenv "CPLUS_INCLUDE_PATH")
":" clang-toolchain
"/include/x86_64-unknown-linux-gnu"))
+ ;; XXX: For some reason this is needed also for C code (libaom).
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getenv "C_INCLUDE_PATH")
+ ":" clang-toolchain
+ "/include/x86_64-unknown-linux-gnu"))
;; TODO: pre-compile instead. Avoids a race condition.
(setenv "PYTHONDONTWRITEBYTECODE" "1")
diff --git a/gnu/packages/patches/chromium-glibc-compat.patch b/gnu/packages/patches/chromium-glibc-compat.patch
deleted file mode 100644
index 720adbeef..000000000
--- a/gnu/packages/patches/chromium-glibc-compat.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-Upstream-Status: Backport
-
-Signed-off-by: Raphael Kubo da Costa <raphael.kubo.da.costa@intel.com>
----
-From 9f63f94a11abc34d40ede8b8712fa15b5844a8c0 Mon Sep 17 00:00:00 2001
-From: Tom Anderson <thomasanderson@chromium.org>
-Date: Sat, 27 Jan 2018 20:03:37 +0000
-Subject: [PATCH] Fix build with glibc 2.27
-
-BUG=806340
-TBR=hamelphi@chromium.org
-
-Change-Id: Ib4e5091212d874d9ad88f3e9a1fdfee3ed7e0d5e
-Reviewed-on: https://chromium-review.googlesource.com/890059
-Reviewed-by: Thomas Anderson <thomasanderson@chromium.org>
-Reviewed-by: Philippe Hamel <hamelphi@chromium.org>
-Commit-Queue: Thomas Anderson <thomasanderson@chromium.org>
-Cr-Commit-Position: refs/heads/master@{#532249}
----
- components/assist_ranker/ranker_example_util.cc | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/components/assist_ranker/ranker_example_util.cc b/components/assist_ranker/ranker_example_util.cc
-index 54d4dbd58f7d..ceedd8f9b18d 100644
---- a/components/assist_ranker/ranker_example_util.cc
-+++ b/components/assist_ranker/ranker_example_util.cc
-@@ -2,6 +2,8 @@
- // Use of this source code is governed by a BSD-style license that can be
- // found in the LICENSE file.
-
-+#include <math.h>
-+
- #include "components/assist_ranker/ranker_example_util.h"
- #include "base/bit_cast.h"
- #include "base/format_macros.h"
---
-2.14.3
-
--
2.17.0
[-- Attachment #1.3: Type: text/plain, Size: 25 bytes --]
...and the full thing:
[-- Attachment #1.4: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 49290 bytes --]
From 0b08dd695ee9f3d8e64173dea5f9d0470ed92718 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm: New file.
* gnu/packages/patches/chromium-glibc-compat.patch,
gnu/packages/patches/chromium-remove-default-history.patch: New files.
* gnu/local.mk: Record it.
---
gnu/local.mk | 2 +
gnu/packages/chromium.scm | 951 ++++++++++++++++++
.../chromium-remove-default-history.patch | 13 +
3 files changed, 966 insertions(+)
create mode 100644 gnu/packages/chromium.scm
create mode 100644 gnu/packages/patches/chromium-remove-default-history.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 056a46cb7..0bc3220f8 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -94,6 +94,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/check.scm \
%D%/packages/chemistry.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cinnamon.scm \
%D%/packages/cmake.scm \
@@ -591,6 +592,7 @@ dist_patch_DATA = \
%D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
%D%/packages/patches/ceph-skip-unittest_blockdev.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-remove-default-history.patch \
%D%/packages/patches/clang-3.5-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clang-6.0-libc-search-path.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..a6f9fec0f
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,951 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gcc)
+ #:use-module (gnu packages ghostscript)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (strip-directory-prefix pathspec)
+ "Return everything after the last '/' in PATHSPEC."
+ (let ((index (string-rindex pathspec #\/)))
+ (if index
+ (string-drop pathspec (+ 1 index))
+ pathspec)))
+
+(define (chromium-patch-file-name pathspec)
+ (let ((patch-name (strip-directory-prefix pathspec)))
+ (if (string-prefix? "chromium-" patch-name)
+ patch-name
+ (string-append "chromium-" patch-name))))
+
+;; https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches
+(define (debian-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git"
+ "/plain/debian/patches/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
+(define (gentoo-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
+ "/chromium/files/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/gcarq/inox-patchset
+(define (inox-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
+ revision "/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/NixOS/nixpkgs/tree/master/pkgs/applications/networking/browsers/chromium
+(define (nixos-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/NixOS/nixpkgs/"
+ revision "/pkgs/applications/networking/browsers"
+ "/chromium/patches/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+(define %debian-revision "debian/66.0.3359.26-1")
+(define %gentoo-revision "599be358f257098e7ba29196f6fce498b0a8d208")
+(define %inox-revision "365a106e298e04b4a7063559b7a0ee16888b928f")
+
+;; Use system NSPR.
+(define %chromium-system-nspr.patch
+ (debian-patch "system/nspr.patch"
+ %debian-revision
+ "0x54c8zhwjldlnx4754aaq0xyb24spqia3fgn94kcf686wp61srz"))
+
+;; And system libevent.
+(define %chromium-system-libevent.patch
+ (debian-patch "system/event.patch"
+ %debian-revision
+ "18ka0zmfd6g5yxhknh6x94bfm643v1kgczzag5sfndizsaaxrlpc"))
+
+;; Avoid dependency on Chromiums embedded libc++ library for GN.
+(define %chromium-gn-libcxx.patch
+ (debian-patch "gn/libcxx.patch"
+ %debian-revision
+ "14rx16abxv0pz4qyp194cy999z3390hxi80rdbjs3v2lwscx36cl"))
+
+;; Don't show a warning about missing API keys.
+(define %chromium-disable-api-keys-warning.patch
+ (debian-patch "disable/google-api-warning.patch"
+ %debian-revision
+ "1qf2y7jmaya43k9rbsxjjpkp5manzmbkhjj5hvfyqcdylhy30swj"))
+
+;; Some files were missing in the Chromium 66 release tarball.
+;; See <https://crbug.com/832283>.
+(define %chromium-add-blink-tools.patch
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://bazaar.launchpad.net/~chromium-team"
+ "/chromium-browser/bionic-stable/download/head:"
+ "/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1"
+ "/add-missing-blink-tools.patch"))
+ (sha256
+ (base32
+ "1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s"))))
+
+;; Fix an assignment bug when using Clang and libstdc++.
+(define %chromium-clang-assignment.patch
+ (gentoo-patch "chromium-clang-r4.patch"
+ %gentoo-revision
+ "0ip3pzk9is6n7icpml33ryysiq4cfrx8jlr0jkjgdg6mvl8pli3i"))
+
+;; Fix error detecting system ffmpeg.
+(define %chromium-ffmpeg.patch
+ (gentoo-patch "chromium-ffmpeg-r1.patch"
+ %gentoo-revision
+ "1pivcdmana4qx8sngcdpr858l0qh6bygv7azj66vg021phq5725a"))
+
+;; Fix build failure when built with "safe_browsing_mode=0".
+(define %chromium-build-without-safebrowsing.patch
+ (inox-patch "0001-fix-building-without-safebrowsing.patch"
+ %inox-revision
+ "0r1as6vmc6bbc7i54cxbmbm6rrwj33a12hfz6rzj0yxyqnnps00f"))
+
+;; Use privacy-preserving defaults.
+(define %chromium-default-preferences.patch
+ (inox-patch "0006-modify-default-prefs.patch"
+ %inox-revision
+ "1ncjij9sib7fliafpv37j1zf8zz5hvyxqad669vvadg7vvwr9rza"))
+
+;; Recent versions of Chromium may load a remote search engine on the
+;; New Tab Page, causing unnecessary and involuntary network traffic.
+(define %chromium-restore-classic-ntp.patch
+ (inox-patch "0008-restore-classic-ntp.patch"
+ %inox-revision
+ "1jl978qas2ry9lnq6x42xl4qa6arxxj9a37k9j2wclz2pin8cmzn"))
+
+;; Add DuckDuckGo and set it as the default search engine.
+(define %chromium-duckduckgo.patch
+ (inox-patch "0011-add-duckduckgo-search-engine.patch"
+ %inox-revision
+ "0mvw1ax0gw3d252c9b1pwbk0j7ny8z9nsfywcmhj56wm6yksgpkg"))
+
+;; Don't start a "Login Wizard" at first launch.
+(define %chromium-first-run.patch
+ (inox-patch "0018-disable-first-run-behaviour.patch"
+ %inox-revision
+ "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
+
+(define opus+custom
+ (package (inherit opus)
+ (name "opus+custom")
+ (arguments
+ (substitute-keyword-arguments (package-arguments opus)
+ ((#:configure-flags flags ''())
+ ;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ `(cons "--enable-custom-modes"
+ ,flags))))))
+
+(define libvpx+experimental
+ (package (inherit libvpx)
+ ;; XXX: Chromium 66 relies on unreleased libvpx features.
+ ;; The commit below is the tip of the "m66-3359" branch
+ ;; as of 2018-04-19.
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libvpx")
+ (commit "e9fff8a9dbcd03fbf3e5b7caaa9dc2631a79882a")))
+ (sha256
+ (base32
+ "1b1d89dlbr8ydakvp82cg6xnlnkz5hj7679f4pgxwlgd6x46f4g2"))))
+ (name "libvpx+experimental")
+ (arguments
+ (substitute-keyword-arguments (package-arguments libvpx)
+ ((#:configure-flags flags)
+ ;; Spatial SVC is an experimental VP9 encoder required
+ ;; by Chromium.
+ `(cons* "--enable-experimental" "--enable-spatial-svc"
+ ,flags))))))
+
+;; XXX: This ugly libstdc++ variant stems from the fact that building
+;; libstdc++ standalone is not officially supported by GCC upstream, and
+;; the "make-libstdc++" procedure consequently builds a library without
+;; threading support, since the configure script fails to detect gthreads.
+;;
+;; Fixing it properly would require building libgcc (which creates
+;; gthr-default.h) before building libstdc++. This authors attempts
+;; at doing so were unsuccessful, hence this hack.
+;;
+;; This behaviour changed upstream in this commit:
+;; https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=630d52ca0a88d173f89634a5d7dd8aee07d04d80
+;; ...or around GCC 4.6. The libstdc++ docs are very explicit about it
+;; not being designed to used standalone (even though it worked just fine
+;; before 4.6, according to multiple mailing list threads around that time),
+;; so upstream is not interested in improving the situation.
+;;
+;; In fact, there used to be an "INSTALL" document with libstdc++, which
+;; is conspicuously missing in later releases.
+;;
+;; An alternative would be to change the GCC package to install C++ headers
+;; in "include" rather than "include/c++". I tried that too; but it caused
+;; a bootstrapping failure. The situation is further complicated by the
+;; fact that GCC installs C++ headers in the default output, but libstdc++.so
+;; ends up in "lib".
+;;
+;; To be continued...
+
+(define (libstdc++-from-gcc gcc)
+ "Return a libstdc++ library extracted from gcc. The primary use case
+is when using compilers other than GCC."
+ (package
+ (inherit gcc)
+ (source #f)
+ (name "libstdc++")
+ (build-system trivial-build-system)
+ (arguments
+ `(#:modules ((guix build utils))
+ #:builder (begin
+ (use-modules (guix build utils))
+ (let* ((out (assoc-ref %outputs "out"))
+ (lib (string-append out "/lib"))
+ (include (string-append out "/include"))
+ (gcc (assoc-ref %build-inputs "gcc"))
+ (gcc-lib (assoc-ref %build-inputs "gcc:lib")))
+ (mkdir-p out)
+ (copy-recursively (string-append gcc "/include/c++")
+ include)
+ (for-each (lambda (file)
+ (install-file file lib))
+ (find-files (string-append gcc-lib "/lib")
+ "^libstdc\\+\\+\\.so.*"))
+ #t))))
+ (outputs '("out"))
+ (inputs `(("gcc" ,gcc)
+ ("gcc:lib" ,gcc "lib")))
+ (native-inputs '())
+ (propagated-inputs '())
+ (synopsis "GNU C++ standard library")))
+
+(define (make-clang-toolchain clang libcxx)
+ "Return a complete toolchain for Clang."
+ (package
+ (name "clang-toolchain")
+ (version (package-version clang))
+ (source #f)
+ (build-system trivial-build-system)
+ (arguments
+ '(#:modules ((guix build union))
+ #:builder (begin
+ (use-modules (ice-9 match)
+ (srfi srfi-26)
+ (guix build union))
+
+ (let ((out (assoc-ref %outputs "out")))
+
+ (match %build-inputs
+ (((names . directories) ...)
+ (union-build out directories)))
+ #t))))
+ (native-search-paths (package-native-search-paths clang))
+ (search-paths (package-search-paths clang))
+ (license (package-license clang))
+ (synopsis "Complete Clang tool chain for C/C++ development")
+ (description
+ "This package provides a complete Clang tool chain for C/C++. This
+includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
+ (home-page "https://clang.llvm.org")
+ (outputs '("out"))
+ (inputs `(("clang" ,clang)
+ ("libcxx" ,libcxx)
+ ("ld-wrapper" ,(car (assoc-ref (%final-inputs) "ld-wrapper")))
+ ("binutils" ,binutils)
+ ("libc" ,glibc)))))
+
+;; When using Clang, Chromium expects to find "ar" and friends next
+;; to the clang executable. For simplicity just create this union.
+(define chromium-clang-toolchain
+ (make-clang-toolchain clang (libstdc++-from-gcc gcc-6)))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "66.0.3359.117")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "1mlfavs0m0lf60s42krqxqiyx73hdfd4r1mkjwv31p2gchsa7ibp"))
+ (patches (list %chromium-gn-libcxx.patch
+ %chromium-disable-api-keys-warning.patch
+ %chromium-system-nspr.patch
+ %chromium-system-libevent.patch
+
+ %chromium-add-blink-tools.patch
+
+ %chromium-clang-assignment.patch
+ %chromium-ffmpeg.patch
+
+ %chromium-build-without-safebrowsing.patch
+ %chromium-default-preferences.patch
+ %chromium-restore-classic-ntp.patch
+ %chromium-duckduckgo.patch
+ %chromium-first-run.patch
+ (search-patch "chromium-remove-default-history.patch")))
+ (modules '((srfi srfi-1)
+ (srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 match)
+ (ice-9 regex)
+ (guix build utils)))
+ (snippet
+ '(begin
+ (let ((preserved-club
+ (map
+ (lambda (path)
+ ;; Prepend paths with "./" for comparison with ftw.
+ (string-append "./" path))
+ (list
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/libevent"
+ "base/third_party/nspr"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ;glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/smhasher"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/angle/third_party/glslang"
+ "third_party/angle/third_party/spirv-headers"
+ "third_party/angle/third_party/spirv-tools"
+ "third_party/angle/third_party/vulkan-validation-layers"
+ "third_party/blink"
+ "third_party/boringssl"
+ "third_party/boringssl/src/third_party/fiat"
+ "third_party/breakpad"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/catapult/tracing/third_party/pako"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/crc32c"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/harfbuzz-ng"
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libaom"
+ "third_party/libaom/source/libaom/third_party/x86inc/x86inc.asm"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml"
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/metrics_proto"
+ "third_party/modp_b64"
+ "third_party/node"
+ (string-append "third_party/node/node_modules/"
+ "polymer-bundler/lib/third_party/UglifyJS2")
+ "third_party/openmax_dl"
+ "third_party/ots"
+ ;; TODO: Build as extension.
+ "third_party/pdfium"
+ "third_party/pdfium/third_party"
+ (string-append "third_party/pdfium/third_party/freetype"
+ "/include/pstables.h")
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
+ "third_party/smhasher"
+ "third_party/speech-dispatcher"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/s2cellid"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/webrtc_overrides"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/utf8-decoder"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol"))))
+
+ (define (empty? dir)
+ (equal? (scandir dir) '("." "..")))
+
+ (define (third_party? file)
+ (if (string-contains file "third_party/")
+ #t
+ #f))
+
+ (define (useless? file)
+ (any (cute string-suffix? <> file)
+ '(".tar.gz" ".zip" ".exe" ".jar")))
+
+ (define (parents child)
+ "Return a list of paths up to and including the closest third_party"
+ (let ((lst (reverse (string-split child #\/))))
+ (let loop ((hierarchy lst)
+ (result '()))
+ (if (or (null? hierarchy)
+ (and (not (null? result))
+ (string-suffix? "third_party" (car result))))
+ result
+ (loop (cdr hierarchy)
+ (cons (string-join (reverse hierarchy) "/")
+ result))))))
+
+ (define (delete-unwanted child stat flag base level)
+ (let ((protected (make-regexp "\\.(gn|gyp)i?$")))
+ (match flag
+ ((or 'regular 'symlink 'stale-symlink)
+ (when (or (third_party? child) (useless? child))
+ (unless (or (member child preserved-club)
+ (any (cute member <> preserved-club)
+ (parents child))
+ (regexp-exec protected child))
+ (format (current-error-port) "deleting ~s~%" child)
+ (delete-file child)))
+ #t)
+ ('directory-processed
+ (when (empty? child)
+ (rmdir child))
+ #t)
+ (_ #t))))
+
+ (nftw "." delete-unwanted 'depth 'physical)
+
+ ;; Assert that each listed item is present to catch removals.
+ (for-each (lambda (third-party)
+ (unless (file-exists? third-party)
+ (error (format #f "~s does not exist!" third-party))))
+ preserved-club)
+
+ ;; Replace "GN" files from third_party with shims for
+ ;; building against system libraries. Keep this list in
+ ;; sync with "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("fontconfig.gn" . "third_party/fontconfig/BUILD.gn")
+ '("freetype.gn" . "build/config/freetype/freetype.gni")
+ '("harfbuzz-ng.gn" .
+ "third_party/harfbuzz-ng/harfbuzz.gni")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ '("libxml.gn" . "third_party/libxml/BUILD.gn")
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t)))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it overrides the RUNPATH set by the linker.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus")))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute*
+ "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (clang-toolchain (assoc-ref inputs "clang-toolchain"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "use_gold=false"
+ "use_lld=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "enable_precompiled_headers=false"
+ "goma_dir=\"\""
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ;don't use tcmalloc
+ "override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
+
+ ;; Disable "safe browsing", which pulls in a dependency
+ ;; on the nonfree "unrar" program.
+ "safe_browsing_mode=0"
+
+ ;; GCC is poorly supported, so we use Clang for now.
+ ;;"is_clang=false"
+ (string-append "clang_base_path=\"" clang-toolchain "\"")
+ "clang_use_chrome_plugins=false"
+
+ ;; Optimize for building everything at once, as opposed
+ ;; to incrementally for development. See "docs/jumbo.md".
+ "use_jumbo_build=true"
+ ;; Disable debugging features to save space.
+ "symbol_level=1"
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ ;; Some of the unbundled libraries throws deprecation
+ ;; warnings, etc. Ignore it.
+ "treat_warnings_as_errors=false"
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if desired. See
+ ;; <https://www.chromium.org/developers/how-tos/api-keys>.
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+ ;; Disable Chrome Remote Desktop (aka Chromoting).
+ "enable_remoting=false"
+
+ "use_system_freetype=true"
+ "use_system_lcms2=true"
+ "use_system_libjpeg=true"
+ "use_system_libpng=true"
+ "use_system_zlib=true"
+ ;; This is currently not supported on GNU/Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;;"use_system_sqlite=true"
+
+ "use_gnome_keyring=false" ;deprecated by libsecret
+ "use_gtk3=true"
+ "use_openh264=true"
+ "use_xkbcommon=true"
+ "use_pulseaudio=true"
+ "link_pulseaudio=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ;2.0
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+
+ ;; FIXME: This nasty hack works around a problem where
+ ;; Clang does not add the arch triplet to the libtsdc++
+ ;; search path. Fixing it seems tricky, since it only
+ ;; searches "include/<triplet>" when it detects libstdc++
+ ;; in GCC which is not the case in Guix; the only reason
+ ;; libstdc++ works here is because it's already on the
+ ;; include path...
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append (getenv "CPLUS_INCLUDE_PATH")
+ ":" clang-toolchain
+ "/include/x86_64-unknown-linux-gnu"))
+ ;; XXX: For some reason this is needed also for C code (libaom).
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getenv "C_INCLUDE_PATH")
+ ":" clang-toolchain
+ "/include/x86_64-unknown-linux-gnu"))
+
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (invoke "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v")
+ ;; Generate ninja build files.
+ (invoke "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " ")))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (invoke "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome")))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (substitute* '("chrome/app/resources/manpage.1.in"
+ "chrome/installer/linux/common/desktop.template")
+ (("@@MENUNAME@@") "Chromium")
+ (("@@PACKAGE@@") "chromium")
+ (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
+ (mkdir-p man)
+ (copy-file "chrome/app/resources/manpage.1.in"
+ (string-append man "/chromium.1"))
+ (mkdir-p applications)
+ (copy-file "chrome/installer/linux/common/desktop.template"
+ (string-append applications "/chromium.desktop"))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\" \\~@
+ --disable-background-networking \\~@
+ --disable-extensions \\~@
+ \"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("clang-toolchain" ,chromium-clang-toolchain)
+ ("git" ,git) ;last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c)
+ ("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser designed for speed and security. This
+version incorporates patches from
+@url{https://github.com/gcarq/inox-patchset,Inox} and
+@url{https://www.debian.org/,Debian} in order to protect the users privacy.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; components with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
diff --git a/gnu/packages/patches/chromium-remove-default-history.patch b/gnu/packages/patches/chromium-remove-default-history.patch
new file mode 100644
index 000000000..38be10820
--- /dev/null
+++ b/gnu/packages/patches/chromium-remove-default-history.patch
@@ -0,0 +1,13 @@
+Don't pre-populate the New Tab Page for new profiles.
+
+--- a/chrome/browser/history/top_sites_factory.cc
++++ b/chrome/browser/history/top_sites_factory.cc
+@@ -74,7 +74,7 @@
+
+ void InitializePrepopulatedPageList(
+ history::PrepopulatedPageList* prepopulated_pages) {
+-#if !defined(OS_ANDROID)
++#if false
+ DCHECK(prepopulated_pages);
+ prepopulated_pages->reserve(arraysize(kRawPrepopulatedPages));
+ for (size_t i = 0; i < arraysize(kRawPrepopulatedPages); ++i) {
--
2.17.0
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-04-24 18:08 ` [bug#28004] Chromium 66 + status update Marius Bakke
@ 2018-04-24 18:45 ` Christopher Lemmer Webber
2018-04-24 18:48 ` Tobias Geerinckx-Rice
2018-04-24 18:46 ` Tobias Geerinckx-Rice
2018-05-03 17:49 ` Nils Gillmann
2 siblings, 1 reply; 91+ messages in thread
From: Christopher Lemmer Webber @ 2018-04-24 18:45 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Marius!
On 2018-04-24 20:08, Marius Bakke wrote:
> The other remaining issue is that some data is sent to Google whenever
> you start the browser for the first time.
Sounds great! What data, exactly?
> I don't think that's a blocker
I hope it is.
Kind regards,
T G-R
Sent from a Web browser. Excuse or enjoy my brevity.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-04-24 18:08 ` [bug#28004] Chromium 66 + status update Marius Bakke
2018-04-24 18:45 ` Christopher Lemmer Webber
@ 2018-04-24 18:46 ` Tobias Geerinckx-Rice
2018-04-24 19:30 ` Marius Bakke
2018-05-03 17:49 ` Nils Gillmann
2 siblings, 1 reply; 91+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-04-24 18:46 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Marius!
On 2018-04-24 20:08, Marius Bakke wrote:
> The other remaining issue is that some data is sent to Google whenever
> you start the browser for the first time.
Sounds great! What data, exactly?
> I don't think that's a blocker
I hope it is.
Kind regards,
T G-R
Sent from a Web browser. Excuse or enjoy my brevity.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-04-24 18:45 ` Christopher Lemmer Webber
@ 2018-04-24 18:48 ` Tobias Geerinckx-Rice
0 siblings, 0 replies; 91+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-04-24 18:48 UTC (permalink / raw)
To: Christopher Lemmer Webber; +Cc: 28004
Erm
On 2018-04-24 20:45, Christopher Lemmer Webber wrote:
> some nonsense
My apologies: of course Chris did no such thing.
I really need to get rid of Roundcube, that's what.
Kind regards,
T G-R
Sent from a Web browser. Excuse or enjoy my brevity.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-04-24 18:46 ` Tobias Geerinckx-Rice
@ 2018-04-24 19:30 ` Marius Bakke
2018-04-25 17:00 ` Leo Famulari
2018-04-25 17:02 ` Leo Famulari
0 siblings, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2018-04-24 19:30 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 971 bytes --]
Tobias Geerinckx-Rice <me@tobias.gr> writes:
> Marius!
>
> On 2018-04-24 20:08, Marius Bakke wrote:
>> The other remaining issue is that some data is sent to Google whenever
>> you start the browser for the first time.
>
> Sounds great! What data, exactly?
I haven't MITM'd it to check, unfortunately. Help wanted!
The reason I don't think it's a blocking issue, is because Chromium is
a massive project and I cannot guarantee that it will never "call
home". So while I am intent on fixing the issue, especially since it's
easy to test (chromium --user-data-dir=/tmp/foo), it's just one of many
"call home" scenarios/antifeatures. And if you enable extensions or log
in all bets are off. Even Inox, which goes great lengths to de-google
it, admits that they can't guarantee privacy.
Other scenarios include checking for IPv6 availability, testing for
captive portal, etc. And I think it even falls back to Google DNS if
the system resolver is unresponsive. :-(
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-04-24 19:30 ` Marius Bakke
@ 2018-04-25 17:00 ` Leo Famulari
2018-04-25 17:02 ` Leo Famulari
1 sibling, 0 replies; 91+ messages in thread
From: Leo Famulari @ 2018-04-25 17:00 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 1250 bytes --]
On Tue, Apr 24, 2018 at 09:30:23PM +0200, Marius Bakke wrote:
> The reason I don't think it's a blocking issue, is because Chromium is
> a massive project and I cannot guarantee that it will never "call
> home". So while I am intent on fixing the issue, especially since it's
> easy to test (chromium --user-data-dir=/tmp/foo), it's just one of many
> "call home" scenarios/antifeatures. And if you enable extensions or log
> in all bets are off. Even Inox, which goes great lengths to de-google
> it, admits that they can't guarantee privacy.
I agree with Marius here.
> Other scenarios include checking for IPv6 availability, testing for
> captive portal, etc. And I think it even falls back to Google DNS if
> the system resolver is unresponsive. :-(
I think that handling captive portals and falling back to Google DNS (or
any fallback DNS) are *great* features that address common problems that
most internet users can not work around on their own.
I don't believe these features are forbidden by the FSDG:
https://www.gnu.org/distros/free-system-distribution-guidelines.en.html
Finally, there are several packages that automatically send data out,
even in Guix. This is not a reason to exclude the software from Guix, in
my opinion.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-04-24 19:30 ` Marius Bakke
2018-04-25 17:00 ` Leo Famulari
@ 2018-04-25 17:02 ` Leo Famulari
1 sibling, 0 replies; 91+ messages in thread
From: Leo Famulari @ 2018-04-25 17:02 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 827 bytes --]
On Tue, Apr 24, 2018 at 09:30:23PM +0200, Marius Bakke wrote:
> The reason I don't think it's a blocking issue, is because Chromium is
> a massive project and I cannot guarantee that it will never "call
> home". So while I am intent on fixing the issue, especially since it's
> easy to test (chromium --user-data-dir=/tmp/foo), it's just one of many
> "call home" scenarios/antifeatures. And if you enable extensions or log
> in all bets are off. Even Inox, which goes great lengths to de-google
> it, admits that they can't guarantee privacy.
I'd also like to point out that we cannot and should not try to
guarantee privacy.
Privacy from whom? For whom?
Of course we want to offer a system that is reasonably private, but if
we use words like "guarantee", we are setting an impossible and
undefined goal for ourselves.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-04-24 18:08 ` [bug#28004] Chromium 66 + status update Marius Bakke
2018-04-24 18:45 ` Christopher Lemmer Webber
2018-04-24 18:46 ` Tobias Geerinckx-Rice
@ 2018-05-03 17:49 ` Nils Gillmann
2018-05-03 17:58 ` Nils Gillmann
2018-05-04 12:10 ` Marius Bakke
2 siblings, 2 replies; 91+ messages in thread
From: Nils Gillmann @ 2018-05-03 17:49 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Marius Bakke transcribed 69K bytes:
> Christopher Lemmer Webber <cwebber@dustycloud.org> writes:
>
> > Hello! I'd like to speak up in favor of getting Chromium merged into
> > Guix master. As a web developer, sometimes I have to test things
> > against multiple browsers. Having Chromium in GuixSD would help me out
> > a lot.
> >
> > It looks like a mountain of hard work has been put into this. Could we
> > get it merged rather than have that work languish?
>
> Hello!
>
> I use this browser a lot, so it's hardly languishing.
>
> There was a recent discussion[0] about the Pale Moon browser, where it
> was pointed out that the FSDG[1] requires that any third-party
> repositories must be committed to only free software.
>
> [0] https://lists.gnu.org/archive/html/guix-devel/2018-03/msg00319.html
> [1] https://www.gnu.org/distros/free-system-distribution-guidelines.html#license-rules
>
> Unfortunately there are UI links to the Chrome "Web Store" still. It's
> not possible to install from it without setting the
> CHROMIUM_ENABLE_WEB_STORE variable, but I'm not sure if that is
> sufficient. It's unfortunate if an unsuspecting user stumbles into the
> Web Store and tries to install something (free or not) and only then
> finds out that it does not work.
>
> The other remaining issue is that some data is sent to Google whenever
> you start the browser for the first time. I don't think that's a
> blocker, but it's certainly something we should aim to fix.
>
> Attached are updates for 66. The first is an interdiff from the
> previous 65 patch; the other is the full "squashed" patch for
> convenience.
>
> New in this version:
>
> * The snippet will now error if a preserved directory is not present.
> * Chromium again requires a git revision of libvpx.
> * The "safe browsing" feature requires the nonfree "unrar" program(!!),
> as such it has been compiled out. Luckily "Inox" already had a patch
> to make the thing actually build with that flag disabled.
> * Cosmetic rearrangement of patches to follow Debian and Inox patch order.
>
> From a6ce5ebc121f129c3097f1f105b6a4de925b43e9 Mon Sep 17 00:00:00 2001
> From: Marius Bakke <mbakke@fastmail.com>
> Date: Tue, 17 Apr 2018 03:54:56 +0200
> Subject: [PATCH] Chromium 66 update.
>
Good progress :)
However, I'm a friend of bundling patches. Patches you have in a known location
don't run away, like "addmissingblinktools":
Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
From https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch...
download failed "https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch" 404 "Not Found"
Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
From http://mirror.hydra.gnu.org/file/add-missing-blink-tools.patch/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s...
download failed "http://mirror.hydra.gnu.org/file/add-missing-blink-tools.patch/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s" 404 "Not Found"
Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
From http://tarballs.nixos.org/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s...
download failed "http://tarballs.nixos.org/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s" 404 "Not Found"
failed to download "/gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch" from "https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch"
builder for `/gnu/store/5hbv5vgnla974qiw6kakc28a4k35h96n-add-missing-blink-tools.patch.drv' failed to produce output path `/gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch'
cannot build derivation `/gnu/store/2z8i7b4l4l0p5b3pj4swdl2pvbdj5q24-chromium-66.0.3359.117.tar.xz.drv': 1 dependencies couldn't be built
cannot build derivation `/gnu/store/4fxkp0aa1vr2b9fbl9kw8l8ijw0zrd25-chromium-66.0.3359.117.drv': 1 dependencies couldn't be built
guix package: error: build failed: build of `/gnu/store/4fxkp0aa1vr2b9fbl9kw8l8ijw0zrd25-chromium-66.0.3359.117.drv' failed
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-05-03 17:49 ` Nils Gillmann
@ 2018-05-03 17:58 ` Nils Gillmann
2018-05-04 12:10 ` Marius Bakke
1 sibling, 0 replies; 91+ messages in thread
From: Nils Gillmann @ 2018-05-03 17:58 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Nils Gillmann transcribed 4.4K bytes:
> Marius Bakke transcribed 69K bytes:
> > Christopher Lemmer Webber <cwebber@dustycloud.org> writes:
> >
> > > Hello! I'd like to speak up in favor of getting Chromium merged into
> > > Guix master. As a web developer, sometimes I have to test things
> > > against multiple browsers. Having Chromium in GuixSD would help me out
> > > a lot.
> > >
> > > It looks like a mountain of hard work has been put into this. Could we
> > > get it merged rather than have that work languish?
> >
> > Hello!
> >
> > I use this browser a lot, so it's hardly languishing.
> >
> > There was a recent discussion[0] about the Pale Moon browser, where it
> > was pointed out that the FSDG[1] requires that any third-party
> > repositories must be committed to only free software.
> >
> > [0] https://lists.gnu.org/archive/html/guix-devel/2018-03/msg00319.html
> > [1] https://www.gnu.org/distros/free-system-distribution-guidelines.html#license-rules
> >
> > Unfortunately there are UI links to the Chrome "Web Store" still. It's
> > not possible to install from it without setting the
> > CHROMIUM_ENABLE_WEB_STORE variable, but I'm not sure if that is
> > sufficient. It's unfortunate if an unsuspecting user stumbles into the
> > Web Store and tries to install something (free or not) and only then
> > finds out that it does not work.
> >
> > The other remaining issue is that some data is sent to Google whenever
> > you start the browser for the first time. I don't think that's a
> > blocker, but it's certainly something we should aim to fix.
> >
> > Attached are updates for 66. The first is an interdiff from the
> > previous 65 patch; the other is the full "squashed" patch for
> > convenience.
> >
> > New in this version:
> >
> > * The snippet will now error if a preserved directory is not present.
> > * Chromium again requires a git revision of libvpx.
> > * The "safe browsing" feature requires the nonfree "unrar" program(!!),
> > as such it has been compiled out. Luckily "Inox" already had a patch
> > to make the thing actually build with that flag disabled.
> > * Cosmetic rearrangement of patches to follow Debian and Inox patch order.
> >
>
> > From a6ce5ebc121f129c3097f1f105b6a4de925b43e9 Mon Sep 17 00:00:00 2001
> > From: Marius Bakke <mbakke@fastmail.com>
> > Date: Tue, 17 Apr 2018 03:54:56 +0200
> > Subject: [PATCH] Chromium 66 update.
> >
>
> Good progress :)
>
> However, I'm a friend of bundling patches. Patches you have in a known location
> don't run away, like "addmissingblinktools":
>
> Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> From https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch...
> download failed "https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch" 404 "Not Found"
>
> Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> From http://mirror.hydra.gnu.org/file/add-missing-blink-tools.patch/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s...
> download failed "http://mirror.hydra.gnu.org/file/add-missing-blink-tools.patch/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s" 404 "Not Found"
>
> Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> From http://tarballs.nixos.org/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s...
> download failed "http://tarballs.nixos.org/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s" 404 "Not Found"
> failed to download "/gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch" from "https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch"
> builder for `/gnu/store/5hbv5vgnla974qiw6kakc28a4k35h96n-add-missing-blink-tools.patch.drv' failed to produce output path `/gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch'
> cannot build derivation `/gnu/store/2z8i7b4l4l0p5b3pj4swdl2pvbdj5q24-chromium-66.0.3359.117.tar.xz.drv': 1 dependencies couldn't be built
> cannot build derivation `/gnu/store/4fxkp0aa1vr2b9fbl9kw8l8ijw0zrd25-chromium-66.0.3359.117.drv': 1 dependencies couldn't be built
> guix package: error: build failed: build of `/gnu/store/4fxkp0aa1vr2b9fbl9kw8l8ijw0zrd25-chromium-66.0.3359.117.drv' failed
>
>
>
Is this the patch you included?
https://bazaar.launchpad.net/~chromium-team/chromium-browser/artful-beta/view/head:/debian/patches/add-missing-blink-tools.patch
guix hash is 1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s and matches the one the package definition expected.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-05-03 17:49 ` Nils Gillmann
2018-05-03 17:58 ` Nils Gillmann
@ 2018-05-04 12:10 ` Marius Bakke
2018-05-04 13:02 ` Nils Gillmann
1 sibling, 1 reply; 91+ messages in thread
From: Marius Bakke @ 2018-05-04 12:10 UTC (permalink / raw)
To: Nils Gillmann; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 4943 bytes --]
Nils Gillmann <ng0@n0.is> writes:
> Marius Bakke transcribed 69K bytes:
>> Christopher Lemmer Webber <cwebber@dustycloud.org> writes:
>>
>> > Hello! I'd like to speak up in favor of getting Chromium merged into
>> > Guix master. As a web developer, sometimes I have to test things
>> > against multiple browsers. Having Chromium in GuixSD would help me out
>> > a lot.
>> >
>> > It looks like a mountain of hard work has been put into this. Could we
>> > get it merged rather than have that work languish?
>>
>> Hello!
>>
>> I use this browser a lot, so it's hardly languishing.
>>
>> There was a recent discussion[0] about the Pale Moon browser, where it
>> was pointed out that the FSDG[1] requires that any third-party
>> repositories must be committed to only free software.
>>
>> [0] https://lists.gnu.org/archive/html/guix-devel/2018-03/msg00319.html
>> [1] https://www.gnu.org/distros/free-system-distribution-guidelines.html#license-rules
>>
>> Unfortunately there are UI links to the Chrome "Web Store" still. It's
>> not possible to install from it without setting the
>> CHROMIUM_ENABLE_WEB_STORE variable, but I'm not sure if that is
>> sufficient. It's unfortunate if an unsuspecting user stumbles into the
>> Web Store and tries to install something (free or not) and only then
>> finds out that it does not work.
>>
>> The other remaining issue is that some data is sent to Google whenever
>> you start the browser for the first time. I don't think that's a
>> blocker, but it's certainly something we should aim to fix.
>>
>> Attached are updates for 66. The first is an interdiff from the
>> previous 65 patch; the other is the full "squashed" patch for
>> convenience.
>>
>> New in this version:
>>
>> * The snippet will now error if a preserved directory is not present.
>> * Chromium again requires a git revision of libvpx.
>> * The "safe browsing" feature requires the nonfree "unrar" program(!!),
>> as such it has been compiled out. Luckily "Inox" already had a patch
>> to make the thing actually build with that flag disabled.
>> * Cosmetic rearrangement of patches to follow Debian and Inox patch order.
>>
>
>> From a6ce5ebc121f129c3097f1f105b6a4de925b43e9 Mon Sep 17 00:00:00 2001
>> From: Marius Bakke <mbakke@fastmail.com>
>> Date: Tue, 17 Apr 2018 03:54:56 +0200
>> Subject: [PATCH] Chromium 66 update.
> >
>
> Good progress :)
>
> However, I'm a friend of bundling patches. Patches you have in a known location
> don't run away, like "addmissingblinktools":
>
> Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> From https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch...
> download failed "https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch" 404 "Not Found"
>
> Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> From http://mirror.hydra.gnu.org/file/add-missing-blink-tools.patch/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s...
> download failed "http://mirror.hydra.gnu.org/file/add-missing-blink-tools.patch/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s" 404 "Not Found"
>
> Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> From http://tarballs.nixos.org/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s...
> download failed "http://tarballs.nixos.org/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s" 404 "Not Found"
> failed to download "/gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch" from "https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch"
> builder for `/gnu/store/5hbv5vgnla974qiw6kakc28a4k35h96n-add-missing-blink-tools.patch.drv' failed to produce output path `/gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch'
> cannot build derivation `/gnu/store/2z8i7b4l4l0p5b3pj4swdl2pvbdj5q24-chromium-66.0.3359.117.tar.xz.drv': 1 dependencies couldn't be built
> cannot build derivation `/gnu/store/4fxkp0aa1vr2b9fbl9kw8l8ijw0zrd25-chromium-66.0.3359.117.drv': 1 dependencies couldn't be built
> guix package: error: build failed: build of `/gnu/store/4fxkp0aa1vr2b9fbl9kw8l8ijw0zrd25-chromium-66.0.3359.117.drv' failed
Whoops. I'm not used to constructing stable Bazaar URLs.
However this patch is not needed for the latest tarball.
Here's a diff to the 66 patch updating to the latest Chromium. I also
removed some inputs and third party directories that were not needed.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: chromium.diff --]
[-- Type: text/x-patch, Size: 7542 bytes --]
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
index a6f9fec0f..59c90f869 100644
--- a/gnu/packages/chromium.scm
+++ b/gnu/packages/chromium.scm
@@ -31,7 +31,6 @@
#:use-module (gnu packages compression)
#:use-module (gnu packages cups)
#:use-module (gnu packages curl)
- #:use-module (gnu packages databases)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages gcc)
#:use-module (gnu packages ghostscript)
@@ -52,7 +51,6 @@
#:use-module (gnu packages ninja)
#:use-module (gnu packages node)
#:use-module (gnu packages pciutils)
- #:use-module (gnu packages photo)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages pulseaudio)
@@ -63,7 +61,6 @@
#:use-module (gnu packages speech)
#:use-module (gnu packages tls)
#:use-module (gnu packages valgrind)
- #:use-module (gnu packages version-control)
#:use-module (gnu packages video)
#:use-module (gnu packages xiph)
#:use-module (gnu packages xml)
@@ -150,19 +147,6 @@
%debian-revision
"1qf2y7jmaya43k9rbsxjjpkp5manzmbkhjj5hvfyqcdylhy30swj"))
-;; Some files were missing in the Chromium 66 release tarball.
-;; See <https://crbug.com/832283>.
-(define %chromium-add-blink-tools.patch
- (origin
- (method url-fetch)
- (uri (string-append "https://bazaar.launchpad.net/~chromium-team"
- "/chromium-browser/bionic-stable/download/head:"
- "/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1"
- "/add-missing-blink-tools.patch"))
- (sha256
- (base32
- "1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s"))))
-
;; Fix an assignment bug when using Clang and libstdc++.
(define %chromium-clang-assignment.patch
(gentoo-patch "chromium-clang-r4.patch"
@@ -342,7 +326,7 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
(define-public chromium
(package
(name "chromium")
- (version "66.0.3359.117")
+ (version "66.0.3359.139")
(synopsis "Graphical web browser")
(source (origin
(method url-fetch)
@@ -351,14 +335,12 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
version ".tar.xz"))
(sha256
(base32
- "1mlfavs0m0lf60s42krqxqiyx73hdfd4r1mkjwv31p2gchsa7ibp"))
+ "1ck4wbi28702p1lfs4sz894ysbgm7fj79wrqj8srsy65z2ssaxdy"))
(patches (list %chromium-gn-libcxx.patch
%chromium-disable-api-keys-warning.patch
%chromium-system-nspr.patch
%chromium-system-libevent.patch
- %chromium-add-blink-tools.patch
-
%chromium-clang-assignment.patch
%chromium-ffmpeg.patch
@@ -385,14 +367,13 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"base/third_party/dmg_fp"
"base/third_party/dynamic_annotations"
"base/third_party/icu"
- "base/third_party/libevent"
- "base/third_party/nspr"
"base/third_party/superfasthash"
- "base/third_party/symbolize" ;glog
+ "base/third_party/symbolize"
"base/third_party/xdg_mime"
"base/third_party/xdg_user_dirs"
"chrome/third_party/mozilla_security_manager"
- "courgette/third_party"
+ "courgette/third_party/bsdiff"
+ "courgette/third_party/divsufsort"
"net/third_party/mozilla_security_manager"
"net/third_party/nss"
"third_party/adobe/flash/flapper_version.h"
@@ -439,7 +420,6 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
(string-append "third_party/google_input_tools/third_party"
"/closure_library/third_party/closure")
"third_party/googletest"
- "third_party/harfbuzz-ng"
"third_party/hunspell"
"third_party/iccjpeg"
"third_party/inspector_protocol"
@@ -472,7 +452,11 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"third_party/ots"
;; TODO: Build as extension.
"third_party/pdfium"
- "third_party/pdfium/third_party"
+ "third_party/pdfium/third_party/agg23"
+ "third_party/pdfium/third_party/base"
+ "third_party/pdfium/third_party/bigint"
+ "third_party/pdfium/third_party/libopenjpeg20"
+ "third_party/pdfium/third_party/skia_shared"
(string-append "third_party/pdfium/third_party/freetype"
"/include/pstables.h")
"third_party/ply"
@@ -488,7 +472,8 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
"third_party/speech-dispatcher"
"third_party/sqlite"
"third_party/swiftshader"
- "third_party/swiftshader/third_party"
+ "third_party/swiftshader/third_party/llvm-subzero"
+ "third_party/swiftshader/third_party/subzero"
"third_party/s2cellid"
"third_party/usb_ids"
"third_party/usrsctp"
@@ -864,7 +849,6 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
(native-inputs
`(("bison" ,bison)
("clang-toolchain" ,chromium-clang-toolchain)
- ("git" ,git) ;last_commit_position.py
("gperf" ,gperf)
("ninja" ,ninja)
("node" ,node)
@@ -889,7 +873,6 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
("freetype" ,freetype)
("gdk-pixbuf" ,gdk-pixbuf)
("glib" ,glib)
- ("gtk+-2" ,gtk+-2)
("gtk+" ,gtk+)
("harfbuzz" ,harfbuzz)
("icu4c" ,icu4c)
@@ -899,6 +882,7 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
("libffi" ,libffi)
("libjpeg-turbo" ,libjpeg-turbo)
("libpng" ,libpng)
+ ;;("libsecret" ,libsecret)
("libusb" ,libusb)
("libvpx" ,libvpx+experimental)
("libwebp" ,libwebp)
@@ -931,7 +915,7 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
("re2" ,re2)
("snappy" ,snappy)
("speech-dispatcher" ,speech-dispatcher)
- ("sqlite" ,sqlite)
+ ;;("sqlite" ,sqlite)
("udev" ,eudev)
("valgrind" ,valgrind)))
(home-page "https://www.chromium.org/")
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium 66 + status update
2018-05-04 12:10 ` Marius Bakke
@ 2018-05-04 13:02 ` Nils Gillmann
0 siblings, 0 replies; 91+ messages in thread
From: Nils Gillmann @ 2018-05-04 13:02 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004, Nils Gillmann
[-- Attachment #1: Type: text/plain, Size: 13023 bytes --]
Marius Bakke transcribed 13K bytes:
> Nils Gillmann <ng0@n0.is> writes:
>
> > Marius Bakke transcribed 69K bytes:
> >> Christopher Lemmer Webber <cwebber@dustycloud.org> writes:
> >>
> >> > Hello! I'd like to speak up in favor of getting Chromium merged into
> >> > Guix master. As a web developer, sometimes I have to test things
> >> > against multiple browsers. Having Chromium in GuixSD would help me out
> >> > a lot.
> >> >
> >> > It looks like a mountain of hard work has been put into this. Could we
> >> > get it merged rather than have that work languish?
> >>
> >> Hello!
> >>
> >> I use this browser a lot, so it's hardly languishing.
> >>
> >> There was a recent discussion[0] about the Pale Moon browser, where it
> >> was pointed out that the FSDG[1] requires that any third-party
> >> repositories must be committed to only free software.
> >>
> >> [0] https://lists.gnu.org/archive/html/guix-devel/2018-03/msg00319.html
> >> [1] https://www.gnu.org/distros/free-system-distribution-guidelines.html#license-rules
> >>
> >> Unfortunately there are UI links to the Chrome "Web Store" still. It's
> >> not possible to install from it without setting the
> >> CHROMIUM_ENABLE_WEB_STORE variable, but I'm not sure if that is
> >> sufficient. It's unfortunate if an unsuspecting user stumbles into the
> >> Web Store and tries to install something (free or not) and only then
> >> finds out that it does not work.
> >>
> >> The other remaining issue is that some data is sent to Google whenever
> >> you start the browser for the first time. I don't think that's a
> >> blocker, but it's certainly something we should aim to fix.
> >>
> >> Attached are updates for 66. The first is an interdiff from the
> >> previous 65 patch; the other is the full "squashed" patch for
> >> convenience.
> >>
> >> New in this version:
> >>
> >> * The snippet will now error if a preserved directory is not present.
> >> * Chromium again requires a git revision of libvpx.
> >> * The "safe browsing" feature requires the nonfree "unrar" program(!!),
> >> as such it has been compiled out. Luckily "Inox" already had a patch
> >> to make the thing actually build with that flag disabled.
> >> * Cosmetic rearrangement of patches to follow Debian and Inox patch order.
> >>
> >
> >> From a6ce5ebc121f129c3097f1f105b6a4de925b43e9 Mon Sep 17 00:00:00 2001
> >> From: Marius Bakke <mbakke@fastmail.com>
> >> Date: Tue, 17 Apr 2018 03:54:56 +0200
> >> Subject: [PATCH] Chromium 66 update.
> > >
> >
> > Good progress :)
> >
> > However, I'm a friend of bundling patches. Patches you have in a known location
> > don't run away, like "addmissingblinktools":
> >
> > Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> > From https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch...
> > download failed "https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch" 404 "Not Found"
> >
> > Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> > From http://mirror.hydra.gnu.org/file/add-missing-blink-tools.patch/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s...
> > download failed "http://mirror.hydra.gnu.org/file/add-missing-blink-tools.patch/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s" 404 "Not Found"
> >
> > Starting download of /gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch
> > From http://tarballs.nixos.org/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s...
> > download failed "http://tarballs.nixos.org/sha256/1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s" 404 "Not Found"
> > failed to download "/gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch" from "https://bazaar.launchpad.net/~chromium-team/chromium-browser/bionic-stable/download/head:/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1/add-missing-blink-tools.patch"
> > builder for `/gnu/store/5hbv5vgnla974qiw6kakc28a4k35h96n-add-missing-blink-tools.patch.drv' failed to produce output path `/gnu/store/1djisy58jqjajbfcrd32vf7hrg9qvzwa-add-missing-blink-tools.patch'
> > cannot build derivation `/gnu/store/2z8i7b4l4l0p5b3pj4swdl2pvbdj5q24-chromium-66.0.3359.117.tar.xz.drv': 1 dependencies couldn't be built
> > cannot build derivation `/gnu/store/4fxkp0aa1vr2b9fbl9kw8l8ijw0zrd25-chromium-66.0.3359.117.drv': 1 dependencies couldn't be built
> > guix package: error: build failed: build of `/gnu/store/4fxkp0aa1vr2b9fbl9kw8l8ijw0zrd25-chromium-66.0.3359.117.drv' failed
>
> Whoops. I'm not used to constructing stable Bazaar URLs.
>
> However this patch is not needed for the latest tarball.
>
> Here's a diff to the 66 patch updating to the latest Chromium. I also
> removed some inputs and third party directories that were not needed.
Nice, thanks.
> diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
> index a6f9fec0f..59c90f869 100644
> --- a/gnu/packages/chromium.scm
> +++ b/gnu/packages/chromium.scm
> @@ -31,7 +31,6 @@
> #:use-module (gnu packages compression)
> #:use-module (gnu packages cups)
> #:use-module (gnu packages curl)
> - #:use-module (gnu packages databases)
> #:use-module (gnu packages fontutils)
> #:use-module (gnu packages gcc)
> #:use-module (gnu packages ghostscript)
> @@ -52,7 +51,6 @@
> #:use-module (gnu packages ninja)
> #:use-module (gnu packages node)
> #:use-module (gnu packages pciutils)
> - #:use-module (gnu packages photo)
> #:use-module (gnu packages pkg-config)
> #:use-module (gnu packages protobuf)
> #:use-module (gnu packages pulseaudio)
> @@ -63,7 +61,6 @@
> #:use-module (gnu packages speech)
> #:use-module (gnu packages tls)
> #:use-module (gnu packages valgrind)
> - #:use-module (gnu packages version-control)
> #:use-module (gnu packages video)
> #:use-module (gnu packages xiph)
> #:use-module (gnu packages xml)
> @@ -150,19 +147,6 @@
> %debian-revision
> "1qf2y7jmaya43k9rbsxjjpkp5manzmbkhjj5hvfyqcdylhy30swj"))
>
> -;; Some files were missing in the Chromium 66 release tarball.
> -;; See <https://crbug.com/832283>.
> -(define %chromium-add-blink-tools.patch
> - (origin
> - (method url-fetch)
> - (uri (string-append "https://bazaar.launchpad.net/~chromium-team"
> - "/chromium-browser/bionic-stable/download/head:"
> - "/addmissingblinktools-20180416203514-02f50sz15c2mn6ei-1"
> - "/add-missing-blink-tools.patch"))
> - (sha256
> - (base32
> - "1im2l1g6g9mangpfphbkg6zxyglbfwbkm5jxv122yxqgm6vxzz6s"))))
> -
> ;; Fix an assignment bug when using Clang and libstdc++.
> (define %chromium-clang-assignment.patch
> (gentoo-patch "chromium-clang-r4.patch"
> @@ -342,7 +326,7 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> (define-public chromium
> (package
> (name "chromium")
> - (version "66.0.3359.117")
> + (version "66.0.3359.139")
> (synopsis "Graphical web browser")
> (source (origin
> (method url-fetch)
> @@ -351,14 +335,12 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> version ".tar.xz"))
> (sha256
> (base32
> - "1mlfavs0m0lf60s42krqxqiyx73hdfd4r1mkjwv31p2gchsa7ibp"))
> + "1ck4wbi28702p1lfs4sz894ysbgm7fj79wrqj8srsy65z2ssaxdy"))
> (patches (list %chromium-gn-libcxx.patch
> %chromium-disable-api-keys-warning.patch
> %chromium-system-nspr.patch
> %chromium-system-libevent.patch
>
> - %chromium-add-blink-tools.patch
> -
> %chromium-clang-assignment.patch
> %chromium-ffmpeg.patch
>
> @@ -385,14 +367,13 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> "base/third_party/dmg_fp"
> "base/third_party/dynamic_annotations"
> "base/third_party/icu"
> - "base/third_party/libevent"
> - "base/third_party/nspr"
> "base/third_party/superfasthash"
> - "base/third_party/symbolize" ;glog
> + "base/third_party/symbolize"
> "base/third_party/xdg_mime"
> "base/third_party/xdg_user_dirs"
> "chrome/third_party/mozilla_security_manager"
> - "courgette/third_party"
> + "courgette/third_party/bsdiff"
> + "courgette/third_party/divsufsort"
> "net/third_party/mozilla_security_manager"
> "net/third_party/nss"
> "third_party/adobe/flash/flapper_version.h"
> @@ -439,7 +420,6 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> (string-append "third_party/google_input_tools/third_party"
> "/closure_library/third_party/closure")
> "third_party/googletest"
> - "third_party/harfbuzz-ng"
> "third_party/hunspell"
> "third_party/iccjpeg"
> "third_party/inspector_protocol"
> @@ -472,7 +452,11 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> "third_party/ots"
> ;; TODO: Build as extension.
> "third_party/pdfium"
> - "third_party/pdfium/third_party"
> + "third_party/pdfium/third_party/agg23"
> + "third_party/pdfium/third_party/base"
> + "third_party/pdfium/third_party/bigint"
> + "third_party/pdfium/third_party/libopenjpeg20"
> + "third_party/pdfium/third_party/skia_shared"
> (string-append "third_party/pdfium/third_party/freetype"
> "/include/pstables.h")
> "third_party/ply"
> @@ -488,7 +472,8 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> "third_party/speech-dispatcher"
> "third_party/sqlite"
> "third_party/swiftshader"
> - "third_party/swiftshader/third_party"
> + "third_party/swiftshader/third_party/llvm-subzero"
> + "third_party/swiftshader/third_party/subzero"
> "third_party/s2cellid"
> "third_party/usb_ids"
> "third_party/usrsctp"
> @@ -864,7 +849,6 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> (native-inputs
> `(("bison" ,bison)
> ("clang-toolchain" ,chromium-clang-toolchain)
> - ("git" ,git) ;last_commit_position.py
> ("gperf" ,gperf)
> ("ninja" ,ninja)
> ("node" ,node)
> @@ -889,7 +873,6 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> ("freetype" ,freetype)
> ("gdk-pixbuf" ,gdk-pixbuf)
> ("glib" ,glib)
> - ("gtk+-2" ,gtk+-2)
> ("gtk+" ,gtk+)
> ("harfbuzz" ,harfbuzz)
> ("icu4c" ,icu4c)
> @@ -899,6 +882,7 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> ("libffi" ,libffi)
> ("libjpeg-turbo" ,libjpeg-turbo)
> ("libpng" ,libpng)
> + ;;("libsecret" ,libsecret)
> ("libusb" ,libusb)
> ("libvpx" ,libvpx+experimental)
> ("libwebp" ,libwebp)
> @@ -931,7 +915,7 @@ includes Clang, the Guix ld wrapper, glibc, a C++ library, and Binutils.")
> ("re2" ,re2)
> ("snappy" ,snappy)
> ("speech-dispatcher" ,speech-dispatcher)
> - ("sqlite" ,sqlite)
> + ;;("sqlite" ,sqlite)
> ("udev" ,eudev)
> ("valgrind" ,valgrind)))
> (home-page "https://www.chromium.org/")
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-03-16 17:52 ` ng0
@ 2018-07-25 8:08 ` ng0
2018-08-05 13:04 ` Marius Bakke
0 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2018-07-25 8:08 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004, ng0
Hi Marius,
any chance you had the time to update to a more recent version release
of Chromium?
--ng0
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-07-25 8:08 ` ng0
@ 2018-08-05 13:04 ` Marius Bakke
2018-08-05 16:18 ` ng0
2018-08-06 8:22 ` Oleg Pykhalov
0 siblings, 2 replies; 91+ messages in thread
From: Marius Bakke @ 2018-08-05 13:04 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1.1: Type: text/plain, Size: 1747 bytes --]
ng0 <ng0@n0.is> writes:
> Hi Marius,
>
> any chance you had the time to update to a more recent version release
> of Chromium?
Good news! Please find Chromium 68 attached.
There are *a lot* of changes in this version. Some highlights:
* It's using GCC 8 instead of Clang.
* A bug in the source scrubber has been fixed, so .zip and .jar files
are now purged even if the parent directory is preserved. Currently
we're reducing the uncompressed size from 4.3 GiB to 2.1 GiB.
* External patches are now in an easier to manage format.
* Upstream have discontinued the libvpx "experiment"; but still
require an unreleased version.
* We're installing a "master_preferences" file, which allows us to
easily add defaults for new profiles.
* All the various knobs for the build system have been moved to
#:configure-flags. This should make it easier to create custom
Chromium variants based on this package (qtwebkit?).
* The 'configure' phase will now print *all* supported flags for
convenience (I usually did this manually every now and then).
* I've started cherry-picking patches from Ungoogled-Chromium in the
quest to reduce data transmission to Google.
TODO:
* There is still some data transmitted when starting the browser for the
first time. It seems related to the "domain_reliability" component.
* Remove remaining "Web Store" links. Currently I've only found it in
settings, under "accessibility" and "fonts".
* Opening settings transmits a bunch of data, the next version will
include the 'disable-translation-lang-fetch' patch from Inox.
* PDFium is built, but does not seem to work (the 'install' phase
probably needs tweaking). Might just disable it instead.
As always, feedback very welcome. Enjoy!
[-- Attachment #1.2: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 46374 bytes --]
From a4e343c57d70344dd4cef51ccd37c2650c746b46 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm, gnu/packages/chromium-master-preferences.json,
gnu/packages/patches/chromium-gcc-unique-ptr.patch,
gnu/packages/patches/chromium-remove-default-history.patch: New files.
* gnu/local.mk: Record it.
---
gnu/local.mk | 3 +
gnu/packages/chromium-master-preferences.json | 26 +
gnu/packages/chromium.scm | 829 ++++++++++++++++++
.../patches/chromium-gcc-unique-ptr.patch | 33 +
.../chromium-remove-default-history.patch | 13 +
5 files changed, 904 insertions(+)
create mode 100644 gnu/packages/chromium-master-preferences.json
create mode 100644 gnu/packages/chromium.scm
create mode 100644 gnu/packages/patches/chromium-gcc-unique-ptr.patch
create mode 100644 gnu/packages/patches/chromium-remove-default-history.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 4ed341df8..320f27c44 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -95,6 +95,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/check.scm \
%D%/packages/chemistry.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cinnamon.scm \
%D%/packages/cluster.scm \
@@ -603,6 +604,8 @@ dist_patch_DATA = \
%D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
%D%/packages/patches/ceph-skip-unittest_blockdev.patch \
%D%/packages/patches/chmlib-inttypes.patch \
+ %D%/packages/patches/chromium-gcc-unique-ptr.patch \
+ %D%/packages/patches/chromium-remove-default-history.patch \
%D%/packages/patches/clang-3.5-libc-search-path.patch \
%D%/packages/patches/clang-3.8-libc-search-path.patch \
%D%/packages/patches/clang-6.0-libc-search-path.patch \
diff --git a/gnu/packages/chromium-master-preferences.json b/gnu/packages/chromium-master-preferences.json
new file mode 100644
index 000000000..0caa7cc4c
--- /dev/null
+++ b/gnu/packages/chromium-master-preferences.json
@@ -0,0 +1,26 @@
+{
+ "distribution": {
+ "import_bookmarks": false,
+ "make_chrome_default": false,
+ "make_chrome_default_for_user": false,
+ "verbose_logging": true,
+ "skip_first_run_ui": true,
+ "suppress_first_run_default_browser_prompt": true
+ },
+ "browser": {
+ "has_seen_welcome_page" : true,
+ "check_default_browser" : false
+ },
+ "dns_prefetching": {
+ "enabled": false
+ },
+ "alternate_error_pages": {
+ "enabled": false
+ },
+ "hardware": {
+ "audio_capture_enabled": false
+ },
+ "default_apps": "noinstall",
+ "hide_web_store_icon": true,
+ "homepage": "https://www.gnu.org/software/guix"
+}
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..2fc40a0d2
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,829 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix gexp)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gcc)
+ #:use-module (gnu packages ghostscript)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (chromium-patch-file-name pathspec)
+ (let ((patch-name (basename pathspec)))
+ (if (string-prefix? "chromium-" patch-name)
+ patch-name
+ (string-append "chromium-" patch-name))))
+
+;; https://salsa.debian.org/chromium-team/chromium/tree/master/debian/patches
+(define (debian-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://salsa.debian.org/chromium-team/chromium/raw/"
+ revision "/debian/patches/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
+(define (gentoo-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
+ "/chromium/files/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/gcarq/inox-patchset
+(define (inox-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
+ revision "/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/Eloston/ungoogled-chromium
+(define (ungoogled-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/Eloston"
+ "/ungoogled-chromium/" revision "/resources"
+ "/patches/ungoogled-chromium/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; XXX: It would be great to have (upstream-patch ...), but the API
+;; at <https://chromium.googlesource.com/chromium/> can only return
+;; base64-encoded patches.
+
+(define %debian-revision "debian/68.0.3440.75-2")
+(define %gentoo-revision "a79be956bb7bbeaca245564ecb4a350b1203ca98")
+(define %inox-revision "8afa26a5ffb2e8ff52ac5b7bbdccc9f09290120e")
+(define %ungoogled-revision "55d1a2442dcd9efc574f6c4fa99804d5b8658e4e")
+
+(define %debian-patches
+ (list
+ ;; Bootstrap "GN" using system NSPR.
+ (debian-patch "system/nspr.patch" %debian-revision
+ "0xywgsq14xdpfdf0wb5plv5jy2738zbwj7caj2i5g9s5zpdclhsv")
+ ;; Ditto for system libevent.
+ (debian-patch "system/event.patch" %debian-revision
+ "0cq5kz5yi737vb3k8v67hrr38czqm3mj6g3swh765pmfzvx5inj6")
+ ;; Make PDFium use system OpenJPEG.
+ (debian-patch "system/openjpeg.patch" %debian-revision
+ "0fxvbfvmimg0ykzhsk3l0kyvhz1fgbys51ldh950106yj6dszsmx")
+ ;; Make "Courgette" use system zlib instead of the bundled lzma.
+ (debian-patch "system/zlib.patch" %debian-revision
+ "1fmkiw7xrhwadvjxkzpv8j5iih2ws59l3llsdrpapw1vybfyq9nr")
+ ;; Avoid dependency on Chromiums embedded libc++ when bootstrapping.
+ (debian-patch "gn/libcxx.patch" %debian-revision
+ "02w94h9jd29jyvq09yxl9g31hk8j07qzr7rg23rhibhkn1rvg38x")
+ ;; Avoid dependency on Android tools.
+ (debian-patch "disable/android.patch" %debian-revision
+ "06kxx1fx9yi52h2fka71i9qqp6jh4r3w890k77nihv8arnabc0nq")
+ ;; Do not show a warning about missing API keys.
+ (debian-patch "disable/google-api-warning.patch" %debian-revision
+ "0vqi3n8i1vkp2cxmza7c60fl6d03195sax0ahrk1ksa04xjbkkqv")
+ ;; Don't override the home page set in master_preferences.
+ (debian-patch "disable/welcome-page.patch" %debian-revision
+ "15c6a296mkqnjdqqq90kmapn56rykb7saz4bs16han6by8q07lbx")))
+
+(define %gentoo-patches
+ (list
+ ;; Fix error detecting system ffmpeg.
+ (gentoo-patch "chromium-ffmpeg-r1.patch" %gentoo-revision
+ "1pivcdmana4qx8sngcdpr858l0qh6bygv7azj66vg021phq5725a")
+ ;; Add missing <string> #include.
+ (gentoo-patch "chromium-cors-string-r0.patch" %gentoo-revision
+ "075lgl6g8rih21adsr3hf2mm0qm16s4w2h4h1qjh652sl941w57l")))
+
+(define %inox-patches
+ (list
+ ;; Fix build without the "safe browsing" feature.
+ (inox-patch "0001-fix-building-without-safebrowsing.patch" %inox-revision
+ "0qchqc3i772drx0c8n44yhkx45fgdvd0h325w0qvaqrakzixbmr4")
+ ;; Use sane defaults. In particular, don't depend on any Google services.
+ (inox-patch "0006-modify-default-prefs.patch" %inox-revision
+ "0sbvs6l80h8ar8na6065ihqnmcsr1b4zc21jcs2wzkrjlxsgspw6")
+ ;; Recent versions of Chromium may load a remote search engine on the "New
+ ;; Tab Page", which causes unnecessary and involuntary network traffic.
+ (inox-patch "0008-restore-classic-ntp.patch" %inox-revision
+ "16z5accrri90s922n1r6nj8rqss3g7f579dwwzkk2hdxbkc9wzyr")
+ ;; Add DuckDuckGo and use it as the default search engine.
+ (inox-patch "0011-add-duckduckgo-search-engine.patch" %inox-revision
+ "0mvw1ax0gw3d252c9b1pwbk0j7ny8z9nsfywcmhj56wm6yksgpkg")
+ ;; Don't start a "Login Wizard" at first launch.
+ (inox-patch "0018-disable-first-run-behaviour.patch" %inox-revision
+ "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb")))
+
+(define %ungoogled-patches
+ (list
+ ;; Disable browser sign-in to prevent leaking data at launch.
+ (ungoogled-patch "disable-signin.patch" %ungoogled-revision
+ "0a6akb10bzk6z6nhqa211y8rbj0ibdhhg5n92482q9sikavd8hz0")))
+
+(define opus+custom
+ (package (inherit opus)
+ (name "opus+custom")
+ (arguments
+ (substitute-keyword-arguments (package-arguments opus)
+ ((#:configure-flags flags ''())
+ ;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ `(cons "--enable-custom-modes"
+ ,flags))))))
+
+(define libvpx/chromium
+ ;; Chromium 66 and later requires an unreleased libvpx, so we take the
+ ;; commit from "third_party/libvpx/README.chromium" in the tarball.
+ ;; XXX: Might as well reuse Chromium source.
+ (let ((version (package-version libvpx))
+ (commit "e27a331778c4c99ec37262ea786a3b4cc2a491ac")
+ (revision "0"))
+ (package
+ (inherit libvpx)
+ (name "libvpx-chromium")
+ (version (git-version version revision commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libvpx")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "03a0443dnfn6l2v19qpw7p7k29v98c5b5hl4br93czgq0wi29m1g")))))))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "68.0.3440.84")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com"
+ "/chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "1nf9xha7ncnh8g1g4c8hzk03f8ya7nd0xzwij9zs7n0qmrkx2c8h"))
+ (patches (append %debian-patches
+ %gentoo-patches
+ %inox-patches
+ %ungoogled-patches
+ (search-patches "chromium-gcc-unique-ptr.patch"
+ "chromium-remove-default-history.patch")))
+ (modules '((srfi srfi-1)
+ (srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 match)
+ (ice-9 regex)
+ (guix build utils)))
+ (snippet
+ '(begin
+ (let ((preserved-club
+ (map
+ (lambda (path)
+ ;; Prepend paths with "./" for comparison with ftw.
+ (string-append "./" path))
+ (list
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize"
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party/bsdiff"
+ "courgette/third_party/divsufsort"
+ "net/third_party/http2"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "net/third_party/spdy"
+ "net/third_party/quic"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/smhasher"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/angle/third_party/glslang"
+ "third_party/angle/third_party/spirv-headers"
+ "third_party/angle/third_party/spirv-tools"
+ "third_party/angle/third_party/vulkan-validation-layers"
+ "third_party/apple_apsl" ;XXX add APSL2.0 license
+ "third_party/blink"
+ "third_party/boringssl"
+ "third_party/boringssl/src/third_party/fiat"
+ "third_party/breakpad"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/catapult/tracing/third_party/pako"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/crashpad"
+ (string-append "third_party/crashpad/crashpad/"
+ "third_party/zlib/zlib_crashpad.h")
+ "third_party/crc32c"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libaom"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp"
+ "third_party/libsync" ;TODO: package
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml"
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/metrics_proto"
+ "third_party/modp_b64"
+ "third_party/node"
+ (string-append "third_party/node/node_modules/"
+ "polymer-bundler/lib/third_party/UglifyJS2")
+ "third_party/ots"
+ ;; TODO: Build as extension.
+ "third_party/pdfium"
+ "third_party/pdfium/third_party/agg23"
+ "third_party/pdfium/third_party/base"
+ "third_party/pdfium/third_party/bigint"
+ "third_party/pdfium/third_party/skia_shared"
+ (string-append "third_party/pdfium/third_party/freetype"
+ "/include/pstables.h")
+ "third_party/perfetto"
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/pyjson5"
+ "third_party/qcms"
+ "third_party/rnnoise"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/skcms"
+ "third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
+ "third_party/smhasher"
+ "third_party/speech-dispatcher"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party/llvm-subzero"
+ "third_party/swiftshader/third_party/subzero"
+ "third_party/s2cellid"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/webrtc_overrides"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/utf8-decoder"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/antlr4"
+ "v8/third_party/inspector_protocol"))))
+
+ (define (empty? dir)
+ (equal? (scandir dir) '("." "..")))
+
+ (define (third_party? file)
+ (if (string-contains file "third_party/")
+ #t
+ #f))
+
+ (define (useless? file)
+ (any (cute string-suffix? <> file)
+ '(".tar.gz" ".zip" ".exe" ".jar")))
+
+ (define (parents child)
+ (let ((lst (reverse (string-split child #\/))))
+ (let loop ((hierarchy lst)
+ (result '()))
+ (if (or (null? hierarchy)
+ (and (not (null? result))
+ (string-suffix? "third_party" (car result))))
+ result
+ (loop (cdr hierarchy)
+ (cons (string-join (reverse hierarchy) "/")
+ result))))))
+
+ (define (delete-unwanted-files child stat flag base level)
+ (let ((protected (make-regexp "\\.(gn|gyp)i?$")))
+ (match flag
+ ((or 'regular 'symlink 'stale-symlink)
+ (when (third_party? child)
+ (unless (or (member child preserved-club)
+ (any (cute member <> preserved-club)
+ (parents child))
+ (regexp-exec protected child))
+ (format (current-error-port) "deleting ~s~%" child)
+ (delete-file child)))
+ (when (and (useless? child) (file-exists? child))
+ (delete-file child))
+ #t)
+ ('directory-processed
+ (when (empty? child)
+ (rmdir child))
+ #t)
+ (_ #t))))
+
+ (nftw "." delete-unwanted-files 'depth 'physical)
+
+ ;; Assert that each listed item is present to catch removals.
+ (for-each (lambda (third-party)
+ (unless (file-exists? third-party)
+ (error (format #f "~s does not exist!" third-party))))
+ preserved-club)
+
+ ;; Replace "GN" files from third_party with shims for
+ ;; building against system libraries. Keep this list in
+ ;; sync with "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("fontconfig.gn" . "third_party/fontconfig/BUILD.gn")
+ '("freetype.gn" . "build/config/freetype/freetype.gni")
+ '("harfbuzz-ng.gn" .
+ "third_party/harfbuzz-ng/harfbuzz.gni")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" . "third_party/libjpeg.gni")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ '("libxml.gn" . "third_party/libxml/BUILD.gn")
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t)))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it overrides the RUNPATH set by the linker.
+ #:validate-runpath? #f
+ #:modules ((guix build gnu-build-system)
+ (guix build utils)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (srfi srfi-26))
+ #:configure-flags
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ ;; (Note: The 'configure' phase will do that for you.)
+ (list "is_debug=false"
+ "use_gold=false"
+ "use_lld=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "enable_precompiled_headers=false"
+ "goma_dir=\"\""
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ;don't use tcmalloc
+ "override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
+
+ ;; Disable "safe browsing", which pulls in a dependency on
+ ;; the nonfree "unrar" program (as of m66).
+ "safe_browsing_mode=0"
+
+ ;; Define a custom toolchain that simply looks up CC, AR and
+ ;; friends from the environment.
+ "custom_toolchain=\"//build/toolchain/linux/unbundle:default\""
+ "host_toolchain=\"//build/toolchain/linux/unbundle:default\""
+
+ ;; Don't assume it's clang.
+ "is_clang=false"
+
+ ;; Optimize for building everything at once, as opposed to
+ ;; incrementally for development. See "docs/jumbo.md".
+ "use_jumbo_build=true"
+
+ ;; Disable debugging features to save space.
+ "symbol_level=0"
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+
+ ;; Some of the unbundled libraries throws deprecation
+ ;; warnings, etc. Ignore it.
+ "treat_warnings_as_errors=false"
+
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if desired. See
+ ;; <https://www.chromium.org/developers/how-tos/api-keys>.
+ "use_official_google_api_keys=false"
+
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+
+ ;; Disable Chrome Remote Desktop (aka Chromoting).
+ "enable_remoting=false"
+
+ ;; Use system libraries where possible.
+ "use_system_freetype=true"
+ "use_system_harfbuzz=true"
+ "use_system_lcms2=true"
+ "use_system_libjpeg=true"
+ "use_system_libpng=true"
+ "use_system_zlib=true"
+
+ "use_gnome_keyring=false" ;deprecated by libsecret
+ "use_gtk3=true"
+ "use_openh264=true"
+ "use_xkbcommon=true"
+ "use_pulseaudio=true"
+ "link_pulseaudio=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+
+ "rtc_build_libsrtp=true" ;FIXME: fails to find headers
+ "rtc_build_usrsctp=true" ;TODO: package this
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref %build-inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref %build-inputs "openssl")
+ "/include/openssl\""))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus")))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute*
+ ;; XXX: Probably not needed for M69.
+ "third_party/blink/renderer/platform/image-encoders/image_encoder.h"
+ (("#include \"third_party/libjpeg/") "#include \"")
+ (("#include \"third_party/libwebp/src/") "#include \""))
+
+ (substitute*
+ "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ #t))
+ (add-before 'configure 'prepare-build-environment
+ (lambda* (#:key inputs #:allow-other-keys)
+
+ ;; Make sure the right build tools are used.
+ (setenv "AR" "ar") (setenv "NM" "nm")
+ (setenv "CC" "gcc") (setenv "CXX" "g++")
+
+ ;; Work around <https://bugs.gnu.org/30756>.
+ (unsetenv "C_INCLUDE_PATH")
+ (unsetenv "CPLUS_INCLUDE_PATH")
+
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ #t))
+ (add-after 'prepare-build-environment 'bootstrap-gn
+ (lambda _
+ (invoke "python" "tools/gn/bootstrap/bootstrap.py" "-s" "-v")))
+ (replace 'configure
+ (lambda* (#:key configure-flags #:allow-other-keys)
+ (let ((args (string-join configure-flags " ")))
+ (with-directory-excursion "out/Release"
+ ;; Generate ninja build files.
+ (invoke "./gn" "gen" "."
+ (string-append "--args=" args))
+
+ ;; Print the full list of supported arguments as well as
+ ;; their current status for convenience.
+ (format #t "Dumping configure flags...\n")
+ (invoke "./gn" "args" "." "--list")))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (invoke "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome")))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (preferences (assoc-ref inputs "master-preferences"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (substitute* '("chrome/app/resources/manpage.1.in"
+ "chrome/installer/linux/common/desktop.template")
+ (("@@MENUNAME@@") "Chromium")
+ (("@@PACKAGE@@") "chromium")
+ (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
+
+ (mkdir-p man)
+ (copy-file "chrome/app/resources/manpage.1.in"
+ (string-append man "/chromium.1"))
+
+ (mkdir-p applications)
+ (copy-file "chrome/installer/linux/common/desktop.template"
+ (string-append applications "/chromium.desktop"))
+
+ (mkdir-p lib)
+ (copy-file preferences (string-append lib "/master_preferences"))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\" \\~@
+ --disable-background-networking \\~@
+ --disable-extensions \\~@
+ \"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("gcc" ,gcc-8) ;a recent compiler is required
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("master-preferences" ,(local-file "chromium-master-preferences.json"))
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c)
+ ("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ;;("libsrtp" ,libsrtp)
+ ("libvpx" ,libvpx/chromium)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openjpeg" ,openjpeg) ;PDFium only
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser designed for speed and security. This
+version incorporates features from
+@url{https://github.com/gcarq/inox-patchset,the Inox patchset} and
+@url{https://github.com/Eloston/ungoogled-chromium,ungoogled-chromium} in
+order to protect the users privacy.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; components with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
diff --git a/gnu/packages/patches/chromium-gcc-unique-ptr.patch b/gnu/packages/patches/chromium-gcc-unique-ptr.patch
new file mode 100644
index 000000000..9c9a9fc09
--- /dev/null
+++ b/gnu/packages/patches/chromium-gcc-unique-ptr.patch
@@ -0,0 +1,33 @@
+Help GCC resolve <UrlIndex>.
+
+Taken from upstream:
+https://chromium.googlesource.com/chromium/src/+/56cb5f7da1025f6db869e840ed34d3b98b9ab899
+
+diff --git a/components/bookmarks/browser/bookmark_storage.cc b/components/bookmarks/browser/bookmark_storage.cc
+index 1633ba1..3ae0c62 100644
+--- a/components/bookmarks/browser/bookmark_storage.cc
++++ b/components/bookmarks/browser/bookmark_storage.cc
+@@ -158,6 +158,10 @@
+ url_index_ = std::make_unique<UrlIndex>(std::move(root_node_));
+ }
+
++std::unique_ptr<UrlIndex> BookmarkLoadDetails::owned_url_index() {
++ return std::move(url_index_);
++}
++
+ BookmarkPermanentNode* BookmarkLoadDetails::CreatePermanentNode(
+ BookmarkClient* client,
+ BookmarkNode::Type type) {
+diff --git a/components/bookmarks/browser/bookmark_storage.h b/components/bookmarks/browser/bookmark_storage.h
+index 08df5bb..0a1b1a1 100644
+--- a/components/bookmarks/browser/bookmark_storage.h
++++ b/components/bookmarks/browser/bookmark_storage.h
+@@ -104,7 +104,7 @@
+ bool ids_reassigned() const { return ids_reassigned_; }
+
+ void CreateUrlIndex();
+- std::unique_ptr<UrlIndex> owned_url_index() { return std::move(url_index_); }
++ std::unique_ptr<UrlIndex> owned_url_index();
+
+ private:
+ // Creates one of the possible permanent nodes (bookmark bar node, other node
diff --git a/gnu/packages/patches/chromium-remove-default-history.patch b/gnu/packages/patches/chromium-remove-default-history.patch
new file mode 100644
index 000000000..42363805b
--- /dev/null
+++ b/gnu/packages/patches/chromium-remove-default-history.patch
@@ -0,0 +1,13 @@
+Don't pre-populate the New Tab Page for new profiles.
+
+--- a/chrome/browser/history/top_sites_factory.cc
++++ b/chrome/browser/history/top_sites_factory.cc
+@@ -74,7 +74,7 @@
+
+ void InitializePrepopulatedPageList(
+ history::PrepopulatedPageList* prepopulated_pages) {
+-#if !defined(OS_ANDROID)
++#if 0
+ DCHECK(prepopulated_pages);
+ prepopulated_pages->reserve(arraysize(kRawPrepopulatedPages));
+ for (size_t i = 0; i < arraysize(kRawPrepopulatedPages); ++i) {
--
2.18.0
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-08-05 13:04 ` Marius Bakke
@ 2018-08-05 16:18 ` ng0
2018-08-05 18:25 ` Marius Bakke
2018-08-06 8:22 ` Oleg Pykhalov
1 sibling, 1 reply; 91+ messages in thread
From: ng0 @ 2018-08-05 16:18 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004, ng0
[-- Attachment #1: Type: text/plain, Size: 52202 bytes --]
Marius Bakke transcribed 47K bytes:
> ng0 <ng0@n0.is> writes:
>
> > Hi Marius,
> >
> > any chance you had the time to update to a more recent version release
> > of Chromium?
>
> Good news! Please find Chromium 68 attached.
Cool :) I was halfway through updating chromium myself before
you've sent this.
> There are *a lot* of changes in this version. Some highlights:
>
> * It's using GCC 8 instead of Clang.
> * A bug in the source scrubber has been fixed, so .zip and .jar files
> are now purged even if the parent directory is preserved. Currently
> we're reducing the uncompressed size from 4.3 GiB to 2.1 GiB.
> * External patches are now in an easier to manage format.
> * Upstream have discontinued the libvpx "experiment"; but still
> require an unreleased version.
> * We're installing a "master_preferences" file, which allows us to
> easily add defaults for new profiles.
> * All the various knobs for the build system have been moved to
> #:configure-flags. This should make it easier to create custom
> Chromium variants based on this package (qtwebkit?).
> * The 'configure' phase will now print *all* supported flags for
> convenience (I usually did this manually every now and then).
> * I've started cherry-picking patches from Ungoogled-Chromium in the
> quest to reduce data transmission to Google.
>
> TODO:
>
> * There is still some data transmitted when starting the browser for the
> first time. It seems related to the "domain_reliability" component.
> * Remove remaining "Web Store" links. Currently I've only found it in
> settings, under "accessibility" and "fonts".
> * Opening settings transmits a bunch of data, the next version will
> include the 'disable-translation-lang-fetch' patch from Inox.
> * PDFium is built, but does not seem to work (the 'install' phase
> probably needs tweaking). Might just disable it instead.
NixOS' nixpkgs has a patch for making their chromium build to take
packaged extensions and addons. This is not everything which is
required to make it work, but given enough time to think it through it
should be doable.
> As always, feedback very welcome. Enjoy!
>
> From a4e343c57d70344dd4cef51ccd37c2650c746b46 Mon Sep 17 00:00:00 2001
> From: Marius Bakke <mbakke@fastmail.com>
> Date: Wed, 12 Oct 2016 17:25:05 +0100
> Subject: [PATCH] gnu: Add chromium.
>
> * gnu/packages/chromium.scm, gnu/packages/chromium-master-preferences.json,
> gnu/packages/patches/chromium-gcc-unique-ptr.patch,
> gnu/packages/patches/chromium-remove-default-history.patch: New files.
> * gnu/local.mk: Record it.
> ---
> gnu/local.mk | 3 +
> gnu/packages/chromium-master-preferences.json | 26 +
> gnu/packages/chromium.scm | 829 ++++++++++++++++++
> .../patches/chromium-gcc-unique-ptr.patch | 33 +
> .../chromium-remove-default-history.patch | 13 +
> 5 files changed, 904 insertions(+)
> create mode 100644 gnu/packages/chromium-master-preferences.json
> create mode 100644 gnu/packages/chromium.scm
> create mode 100644 gnu/packages/patches/chromium-gcc-unique-ptr.patch
> create mode 100644 gnu/packages/patches/chromium-remove-default-history.patch
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index 4ed341df8..320f27c44 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -95,6 +95,7 @@ GNU_SYSTEM_MODULES = \
> %D%/packages/check.scm \
> %D%/packages/chemistry.scm \
> %D%/packages/chez.scm \
> + %D%/packages/chromium.scm \
> %D%/packages/ci.scm \
> %D%/packages/cinnamon.scm \
> %D%/packages/cluster.scm \
> @@ -603,6 +604,8 @@ dist_patch_DATA = \
> %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \
> %D%/packages/patches/ceph-skip-unittest_blockdev.patch \
> %D%/packages/patches/chmlib-inttypes.patch \
> + %D%/packages/patches/chromium-gcc-unique-ptr.patch \
> + %D%/packages/patches/chromium-remove-default-history.patch \
> %D%/packages/patches/clang-3.5-libc-search-path.patch \
> %D%/packages/patches/clang-3.8-libc-search-path.patch \
> %D%/packages/patches/clang-6.0-libc-search-path.patch \
> diff --git a/gnu/packages/chromium-master-preferences.json b/gnu/packages/chromium-master-preferences.json
> new file mode 100644
> index 000000000..0caa7cc4c
> --- /dev/null
> +++ b/gnu/packages/chromium-master-preferences.json
> @@ -0,0 +1,26 @@
> +{
> + "distribution": {
> + "import_bookmarks": false,
> + "make_chrome_default": false,
> + "make_chrome_default_for_user": false,
> + "verbose_logging": true,
> + "skip_first_run_ui": true,
> + "suppress_first_run_default_browser_prompt": true
> + },
> + "browser": {
> + "has_seen_welcome_page" : true,
> + "check_default_browser" : false
> + },
> + "dns_prefetching": {
> + "enabled": false
> + },
> + "alternate_error_pages": {
> + "enabled": false
> + },
> + "hardware": {
> + "audio_capture_enabled": false
> + },
> + "default_apps": "noinstall",
> + "hide_web_store_icon": true,
> + "homepage": "https://www.gnu.org/software/guix"
> +}
> diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
> new file mode 100644
> index 000000000..2fc40a0d2
> --- /dev/null
> +++ b/gnu/packages/chromium.scm
> @@ -0,0 +1,829 @@
> +;;; GNU Guix --- Functional package management for GNU
> +;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
> +;;;
> +;;; This file is part of GNU Guix.
> +;;;
> +;;; GNU Guix is free software; you can redistribute it and/or modify it
> +;;; under the terms of the GNU General Public License as published by
> +;;; the Free Software Foundation; either version 3 of the License, or (at
> +;;; your option) any later version.
> +;;;
> +;;; GNU Guix is distributed in the hope that it will be useful, but
> +;;; WITHOUT ANY WARRANTY; without even the implied warranty of
> +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +;;; GNU General Public License for more details.
> +;;;
> +;;; You should have received a copy of the GNU General Public License
> +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
> +
> +(define-module (gnu packages chromium)
> + #:use-module ((guix licenses) #:prefix license:)
> + #:use-module (guix packages)
> + #:use-module (guix gexp)
> + #:use-module (guix download)
> + #:use-module (guix git-download)
> + #:use-module (guix utils)
> + #:use-module (guix build-system gnu)
> + #:use-module (gnu packages)
> + #:use-module (gnu packages assembly)
> + #:use-module (gnu packages base)
> + #:use-module (gnu packages bison)
> + #:use-module (gnu packages compression)
> + #:use-module (gnu packages cups)
> + #:use-module (gnu packages curl)
> + #:use-module (gnu packages fontutils)
> + #:use-module (gnu packages gcc)
> + #:use-module (gnu packages ghostscript)
> + #:use-module (gnu packages gl)
> + #:use-module (gnu packages glib)
> + #:use-module (gnu packages gnome)
> + #:use-module (gnu packages gnuzilla)
> + #:use-module (gnu packages gperf)
> + #:use-module (gnu packages gtk)
> + #:use-module (gnu packages icu4c)
> + #:use-module (gnu packages image)
> + #:use-module (gnu packages libevent)
> + #:use-module (gnu packages libffi)
> + #:use-module (gnu packages linux)
> + #:use-module (gnu packages kerberos)
> + #:use-module (gnu packages ninja)
> + #:use-module (gnu packages node)
> + #:use-module (gnu packages pciutils)
> + #:use-module (gnu packages pkg-config)
> + #:use-module (gnu packages pulseaudio)
> + #:use-module (gnu packages python)
> + #:use-module (gnu packages python-web)
> + #:use-module (gnu packages regex)
> + #:use-module (gnu packages serialization)
> + #:use-module (gnu packages speech)
> + #:use-module (gnu packages tls)
> + #:use-module (gnu packages valgrind)
> + #:use-module (gnu packages video)
> + #:use-module (gnu packages xiph)
> + #:use-module (gnu packages xml)
> + #:use-module (gnu packages xdisorg)
> + #:use-module (gnu packages xorg))
> +
> +(define (chromium-patch-file-name pathspec)
> + (let ((patch-name (basename pathspec)))
> + (if (string-prefix? "chromium-" patch-name)
> + patch-name
> + (string-append "chromium-" patch-name))))
> +
> +;; https://salsa.debian.org/chromium-team/chromium/tree/master/debian/patches
> +(define (debian-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append
> + "https://salsa.debian.org/chromium-team/chromium/raw/"
> + revision "/debian/patches/" pathspec))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
> +(define (gentoo-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append
> + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
> + "/chromium/files/" pathspec "?id=" revision))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; https://github.com/gcarq/inox-patchset
> +(define (inox-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
> + revision "/" pathspec))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; https://github.com/Eloston/ungoogled-chromium
> +(define (ungoogled-patch pathspec revision hash)
> + (origin
> + (method url-fetch)
> + (uri (string-append "https://raw.githubusercontent.com/Eloston"
> + "/ungoogled-chromium/" revision "/resources"
> + "/patches/ungoogled-chromium/" pathspec))
> + (sha256 (base32 hash))
> + (file-name (chromium-patch-file-name pathspec))))
> +
> +;; XXX: It would be great to have (upstream-patch ...), but the API
> +;; at <https://chromium.googlesource.com/chromium/> can only return
> +;; base64-encoded patches.
> +
> +(define %debian-revision "debian/68.0.3440.75-2")
> +(define %gentoo-revision "a79be956bb7bbeaca245564ecb4a350b1203ca98")
> +(define %inox-revision "8afa26a5ffb2e8ff52ac5b7bbdccc9f09290120e")
> +(define %ungoogled-revision "55d1a2442dcd9efc574f6c4fa99804d5b8658e4e")
> +
> +(define %debian-patches
> + (list
> + ;; Bootstrap "GN" using system NSPR.
> + (debian-patch "system/nspr.patch" %debian-revision
> + "0xywgsq14xdpfdf0wb5plv5jy2738zbwj7caj2i5g9s5zpdclhsv")
> + ;; Ditto for system libevent.
> + (debian-patch "system/event.patch" %debian-revision
> + "0cq5kz5yi737vb3k8v67hrr38czqm3mj6g3swh765pmfzvx5inj6")
> + ;; Make PDFium use system OpenJPEG.
> + (debian-patch "system/openjpeg.patch" %debian-revision
> + "0fxvbfvmimg0ykzhsk3l0kyvhz1fgbys51ldh950106yj6dszsmx")
> + ;; Make "Courgette" use system zlib instead of the bundled lzma.
> + (debian-patch "system/zlib.patch" %debian-revision
> + "1fmkiw7xrhwadvjxkzpv8j5iih2ws59l3llsdrpapw1vybfyq9nr")
> + ;; Avoid dependency on Chromiums embedded libc++ when bootstrapping.
> + (debian-patch "gn/libcxx.patch" %debian-revision
> + "02w94h9jd29jyvq09yxl9g31hk8j07qzr7rg23rhibhkn1rvg38x")
> + ;; Avoid dependency on Android tools.
> + (debian-patch "disable/android.patch" %debian-revision
> + "06kxx1fx9yi52h2fka71i9qqp6jh4r3w890k77nihv8arnabc0nq")
> + ;; Do not show a warning about missing API keys.
> + (debian-patch "disable/google-api-warning.patch" %debian-revision
> + "0vqi3n8i1vkp2cxmza7c60fl6d03195sax0ahrk1ksa04xjbkkqv")
> + ;; Don't override the home page set in master_preferences.
> + (debian-patch "disable/welcome-page.patch" %debian-revision
> + "15c6a296mkqnjdqqq90kmapn56rykb7saz4bs16han6by8q07lbx")))
> +
> +(define %gentoo-patches
> + (list
> + ;; Fix error detecting system ffmpeg.
> + (gentoo-patch "chromium-ffmpeg-r1.patch" %gentoo-revision
> + "1pivcdmana4qx8sngcdpr858l0qh6bygv7azj66vg021phq5725a")
> + ;; Add missing <string> #include.
> + (gentoo-patch "chromium-cors-string-r0.patch" %gentoo-revision
> + "075lgl6g8rih21adsr3hf2mm0qm16s4w2h4h1qjh652sl941w57l")))
> +
> +(define %inox-patches
> + (list
> + ;; Fix build without the "safe browsing" feature.
> + (inox-patch "0001-fix-building-without-safebrowsing.patch" %inox-revision
> + "0qchqc3i772drx0c8n44yhkx45fgdvd0h325w0qvaqrakzixbmr4")
> + ;; Use sane defaults. In particular, don't depend on any Google services.
> + (inox-patch "0006-modify-default-prefs.patch" %inox-revision
> + "0sbvs6l80h8ar8na6065ihqnmcsr1b4zc21jcs2wzkrjlxsgspw6")
> + ;; Recent versions of Chromium may load a remote search engine on the "New
> + ;; Tab Page", which causes unnecessary and involuntary network traffic.
> + (inox-patch "0008-restore-classic-ntp.patch" %inox-revision
> + "16z5accrri90s922n1r6nj8rqss3g7f579dwwzkk2hdxbkc9wzyr")
> + ;; Add DuckDuckGo and use it as the default search engine.
> + (inox-patch "0011-add-duckduckgo-search-engine.patch" %inox-revision
> + "0mvw1ax0gw3d252c9b1pwbk0j7ny8z9nsfywcmhj56wm6yksgpkg")
> + ;; Don't start a "Login Wizard" at first launch.
> + (inox-patch "0018-disable-first-run-behaviour.patch" %inox-revision
> + "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb")))
> +
> +(define %ungoogled-patches
> + (list
> + ;; Disable browser sign-in to prevent leaking data at launch.
> + (ungoogled-patch "disable-signin.patch" %ungoogled-revision
> + "0a6akb10bzk6z6nhqa211y8rbj0ibdhhg5n92482q9sikavd8hz0")))
> +
> +(define opus+custom
> + (package (inherit opus)
> + (name "opus+custom")
> + (arguments
> + (substitute-keyword-arguments (package-arguments opus)
> + ((#:configure-flags flags ''())
> + ;; Opus Custom is an optional extension of the Opus
> + ;; specification that allows for unsupported frame
> + ;; sizes. Chromium requires that this is enabled.
> + `(cons "--enable-custom-modes"
> + ,flags))))))
> +
> +(define libvpx/chromium
> + ;; Chromium 66 and later requires an unreleased libvpx, so we take the
> + ;; commit from "third_party/libvpx/README.chromium" in the tarball.
> + ;; XXX: Might as well reuse Chromium source.
> + (let ((version (package-version libvpx))
> + (commit "e27a331778c4c99ec37262ea786a3b4cc2a491ac")
> + (revision "0"))
> + (package
> + (inherit libvpx)
> + (name "libvpx-chromium")
> + (version (git-version version revision commit))
> + (source (origin
> + (method git-fetch)
> + (uri (git-reference
> + (url "https://chromium.googlesource.com/webm/libvpx")
> + (commit commit)))
> + (file-name (git-file-name name version))
> + (sha256
> + (base32
> + "03a0443dnfn6l2v19qpw7p7k29v98c5b5hl4br93czgq0wi29m1g")))))))
> +
> +(define-public chromium
> + (package
> + (name "chromium")
> + (version "68.0.3440.84")
> + (synopsis "Graphical web browser")
> + (source (origin
> + (method url-fetch)
> + (uri (string-append "https://commondatastorage.googleapis.com"
> + "/chromium-browser-official/chromium-"
> + version ".tar.xz"))
> + (sha256
> + (base32
> + "1nf9xha7ncnh8g1g4c8hzk03f8ya7nd0xzwij9zs7n0qmrkx2c8h"))
> + (patches (append %debian-patches
> + %gentoo-patches
> + %inox-patches
> + %ungoogled-patches
> + (search-patches "chromium-gcc-unique-ptr.patch"
> + "chromium-remove-default-history.patch")))
> + (modules '((srfi srfi-1)
> + (srfi srfi-26)
> + (ice-9 ftw)
> + (ice-9 match)
> + (ice-9 regex)
> + (guix build utils)))
> + (snippet
> + '(begin
> + (let ((preserved-club
Once we merge this into master, can we document the update procedure?
Or even better, write an update script if possible? For me it was 40%
hit everything which doesn't move and take what's left over and 60%
reading. I understand the code, but some people might want an
explanation for how it's decided which folder gets to stay.
> + (map
> + (lambda (path)
> + ;; Prepend paths with "./" for comparison with ftw.
> + (string-append "./" path))
> + (list
> + "base/third_party/dmg_fp"
> + "base/third_party/dynamic_annotations"
> + "base/third_party/icu"
> + "base/third_party/superfasthash"
> + "base/third_party/symbolize"
> + "base/third_party/xdg_mime"
> + "base/third_party/xdg_user_dirs"
> + "chrome/third_party/mozilla_security_manager"
> + "courgette/third_party/bsdiff"
> + "courgette/third_party/divsufsort"
> + "net/third_party/http2"
> + "net/third_party/mozilla_security_manager"
> + "net/third_party/nss"
> + "net/third_party/spdy"
> + "net/third_party/quic"
> + "third_party/adobe/flash/flapper_version.h"
> + ;; FIXME: This is used in:
> + ;; * ui/webui/resources/js/analytics.js
> + ;; * ui/file_manager/
> + "third_party/analytics"
> + "third_party/angle"
> + "third_party/angle/src/common/third_party/base"
> + "third_party/angle/src/common/third_party/smhasher"
> + "third_party/angle/src/third_party/compiler"
> + "third_party/angle/src/third_party/libXNVCtrl"
> + "third_party/angle/src/third_party/trace_event"
> + "third_party/angle/third_party/glslang"
> + "third_party/angle/third_party/spirv-headers"
> + "third_party/angle/third_party/spirv-tools"
> + "third_party/angle/third_party/vulkan-validation-layers"
> + "third_party/apple_apsl" ;XXX add APSL2.0 license
> + "third_party/blink"
> + "third_party/boringssl"
> + "third_party/boringssl/src/third_party/fiat"
> + "third_party/breakpad"
> + "third_party/brotli"
> + "third_party/cacheinvalidation"
> + "third_party/catapult"
> + "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
> + "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
> + "third_party/catapult/third_party/polymer"
> + "third_party/catapult/tracing/third_party/d3"
> + "third_party/catapult/tracing/third_party/gl-matrix"
> + "third_party/catapult/tracing/third_party/jszip"
> + "third_party/catapult/tracing/third_party/mannwhitneyu"
> + "third_party/catapult/tracing/third_party/oboe"
> + "third_party/catapult/tracing/third_party/pako"
> + "third_party/ced"
> + "third_party/cld_3"
> + "third_party/crashpad"
> + (string-append "third_party/crashpad/crashpad/"
> + "third_party/zlib/zlib_crashpad.h")
> + "third_party/crc32c"
> + "third_party/cros_system_api"
> + "third_party/dom_distiller_js"
> + "third_party/fips181"
> + "third_party/flatbuffers"
> + "third_party/glslang-angle"
> + "third_party/google_input_tools"
> + "third_party/google_input_tools/third_party/closure_library"
> + (string-append "third_party/google_input_tools/third_party"
> + "/closure_library/third_party/closure")
> + "third_party/googletest"
> + "third_party/hunspell"
> + "third_party/iccjpeg"
> + "third_party/inspector_protocol"
> + "third_party/jinja2"
> + "third_party/jstemplate"
> + "third_party/khronos"
> + "third_party/leveldatabase"
> + "third_party/libXNVCtrl"
> + "third_party/libaddressinput"
> + "third_party/libaom"
> + "third_party/libjingle_xmpp"
> + "third_party/libphonenumber"
> + "third_party/libsecret" ;FIXME: needs pkg-config support.
> + "third_party/libsrtp"
> + "third_party/libsync" ;TODO: package
> + "third_party/libudev"
> + "third_party/libwebm"
> + "third_party/libxml"
> + "third_party/libyuv"
> + "third_party/lss"
> + "third_party/markupsafe"
> + "third_party/mesa"
> + "third_party/metrics_proto"
> + "third_party/modp_b64"
> + "third_party/node"
> + (string-append "third_party/node/node_modules/"
> + "polymer-bundler/lib/third_party/UglifyJS2")
> + "third_party/ots"
> + ;; TODO: Build as extension.
> + "third_party/pdfium"
> + "third_party/pdfium/third_party/agg23"
> + "third_party/pdfium/third_party/base"
> + "third_party/pdfium/third_party/bigint"
> + "third_party/pdfium/third_party/skia_shared"
> + (string-append "third_party/pdfium/third_party/freetype"
> + "/include/pstables.h")
> + "third_party/perfetto"
> + "third_party/ply"
> + "third_party/polymer"
> + "third_party/protobuf"
> + "third_party/protobuf/third_party/six"
> + "third_party/pyjson5"
> + "third_party/qcms"
> + "third_party/rnnoise"
> + "third_party/sfntly"
> + "third_party/skia"
> + "third_party/skia/third_party/skcms"
> + "third_party/skia/third_party/vulkan"
> + "third_party/skia/third_party/gif"
> + "third_party/smhasher"
> + "third_party/speech-dispatcher"
> + "third_party/sqlite"
> + "third_party/swiftshader"
> + "third_party/swiftshader/third_party/llvm-subzero"
> + "third_party/swiftshader/third_party/subzero"
> + "third_party/s2cellid"
> + "third_party/usb_ids"
> + "third_party/usrsctp"
> + "third_party/WebKit"
> + "third_party/web-animations-js"
> + "third_party/webrtc"
> + "third_party/webrtc_overrides"
> + "third_party/widevine/cdm/widevine_cdm_version.h"
> + "third_party/widevine/cdm/widevine_cdm_common.h"
> + "third_party/woff2"
> + "third_party/xdg-utils"
> + "third_party/yasm/run_yasm.py"
> + "third_party/zlib/google"
> + "url/third_party/mozilla"
> + "v8/src/third_party/utf8-decoder"
> + "v8/src/third_party/valgrind"
> + "v8/third_party/antlr4"
> + "v8/third_party/inspector_protocol"))))
> +
> + (define (empty? dir)
> + (equal? (scandir dir) '("." "..")))
> +
> + (define (third_party? file)
> + (if (string-contains file "third_party/")
> + #t
> + #f))
> +
> + (define (useless? file)
> + (any (cute string-suffix? <> file)
> + '(".tar.gz" ".zip" ".exe" ".jar")))
> +
> + (define (parents child)
> + (let ((lst (reverse (string-split child #\/))))
> + (let loop ((hierarchy lst)
> + (result '()))
> + (if (or (null? hierarchy)
> + (and (not (null? result))
> + (string-suffix? "third_party" (car result))))
> + result
> + (loop (cdr hierarchy)
> + (cons (string-join (reverse hierarchy) "/")
> + result))))))
> +
> + (define (delete-unwanted-files child stat flag base level)
> + (let ((protected (make-regexp "\\.(gn|gyp)i?$")))
> + (match flag
> + ((or 'regular 'symlink 'stale-symlink)
> + (when (third_party? child)
> + (unless (or (member child preserved-club)
> + (any (cute member <> preserved-club)
> + (parents child))
> + (regexp-exec protected child))
> + (format (current-error-port) "deleting ~s~%" child)
> + (delete-file child)))
> + (when (and (useless? child) (file-exists? child))
> + (delete-file child))
> + #t)
> + ('directory-processed
> + (when (empty? child)
> + (rmdir child))
> + #t)
> + (_ #t))))
> +
> + (nftw "." delete-unwanted-files 'depth 'physical)
> +
> + ;; Assert that each listed item is present to catch removals.
> + (for-each (lambda (third-party)
> + (unless (file-exists? third-party)
> + (error (format #f "~s does not exist!" third-party))))
> + preserved-club)
> +
> + ;; Replace "GN" files from third_party with shims for
> + ;; building against system libraries. Keep this list in
> + ;; sync with "build/linux/unbundle/replace_gn_files.py".
> + (for-each (lambda (pair)
> + (let ((source (string-append
> + "build/linux/unbundle/" (car pair)))
> + (dest (cdr pair)))
> + (copy-file source dest)))
> + (list
> + '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
> + '("flac.gn" . "third_party/flac/BUILD.gn")
> + '("fontconfig.gn" . "third_party/fontconfig/BUILD.gn")
> + '("freetype.gn" . "build/config/freetype/freetype.gni")
> + '("harfbuzz-ng.gn" .
> + "third_party/harfbuzz-ng/harfbuzz.gni")
> + '("icu.gn" . "third_party/icu/BUILD.gn")
> + '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
> + '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
> + '("libjpeg.gn" . "third_party/libjpeg.gni")
> + '("libpng.gn" . "third_party/libpng/BUILD.gn")
> + '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
> + '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
> + '("libxml.gn" . "third_party/libxml/BUILD.gn")
> + '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
> + '("openh264.gn" . "third_party/openh264/BUILD.gn")
> + '("opus.gn" . "third_party/opus/BUILD.gn")
> + '("re2.gn" . "third_party/re2/BUILD.gn")
> + '("snappy.gn" . "third_party/snappy/BUILD.gn")
> + '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
> + '("zlib.gn" . "third_party/zlib/BUILD.gn")))
> + #t)))))
> + (build-system gnu-build-system)
> + (arguments
> + `(#:tests? #f
> + ;; FIXME: There is a "gn" option specifically for setting -rpath, but
> + ;; it overrides the RUNPATH set by the linker.
> + #:validate-runpath? #f
> + #:modules ((guix build gnu-build-system)
> + (guix build utils)
> + (ice-9 ftw)
> + (ice-9 regex)
> + (srfi srfi-26))
> + #:configure-flags
> + ;; See tools/gn/docs/cookbook.md and
> + ;; https://www.chromium.org/developers/gn-build-configuration
> + ;; for usage. Run "./gn args . --list" in the Release
> + ;; directory for an exhaustive list of supported flags.
> + ;; (Note: The 'configure' phase will do that for you.)
> + (list "is_debug=false"
> + "use_gold=false"
> + "use_lld=false"
> + "linux_use_bundled_binutils=false"
> + "use_custom_libcxx=false"
> + "use_sysroot=false"
> + "enable_precompiled_headers=false"
> + "goma_dir=\"\""
> + "enable_nacl=false"
> + "enable_nacl_nonsfi=false"
> + "use_allocator=\"none\"" ;don't use tcmalloc
> + "override_build_date=\"01 01 2000 05:00:00\""
> + "use_unofficial_version_number=false"
> +
> + ;; Disable "safe browsing", which pulls in a dependency on
> + ;; the nonfree "unrar" program (as of m66).
> + "safe_browsing_mode=0"
> +
> + ;; Define a custom toolchain that simply looks up CC, AR and
> + ;; friends from the environment.
> + "custom_toolchain=\"//build/toolchain/linux/unbundle:default\""
> + "host_toolchain=\"//build/toolchain/linux/unbundle:default\""
> +
> + ;; Don't assume it's clang.
> + "is_clang=false"
> +
> + ;; Optimize for building everything at once, as opposed to
> + ;; incrementally for development. See "docs/jumbo.md".
> + "use_jumbo_build=true"
> +
> + ;; Disable debugging features to save space.
> + "symbol_level=0"
> + "remove_webcore_debug_symbols=true"
> + "enable_iterator_debugging=false"
> +
> + ;; Some of the unbundled libraries throws deprecation
> + ;; warnings, etc. Ignore it.
> + "treat_warnings_as_errors=false"
> +
> + ;; Don't add any API keys. End users can set them in the
> + ;; environment if desired. See
> + ;; <https://www.chromium.org/developers/how-tos/api-keys>.
> + "use_official_google_api_keys=false"
> +
> + ;; Disable "field trials".
> + "fieldtrial_testing_like_official_build=true"
> +
> + ;; Disable Chrome Remote Desktop (aka Chromoting).
> + "enable_remoting=false"
> +
> + ;; Use system libraries where possible.
> + "use_system_freetype=true"
> + "use_system_harfbuzz=true"
> + "use_system_lcms2=true"
> + "use_system_libjpeg=true"
> + "use_system_libpng=true"
> + "use_system_zlib=true"
> +
> + "use_gnome_keyring=false" ;deprecated by libsecret
> + "use_gtk3=true"
> + "use_openh264=true"
> + "use_xkbcommon=true"
> + "use_pulseaudio=true"
> + "link_pulseaudio=true"
> +
> + ;; Don't arbitrarily restrict formats supported by system ffmpeg.
> + "proprietary_codecs=true"
> + "ffmpeg_branding=\"Chrome\""
> +
> + ;; WebRTC stuff.
> + "rtc_use_h264=true"
> + ;; Don't use bundled sources.
> + "rtc_build_json=false"
> + "rtc_build_libevent=false"
> + "rtc_build_libvpx=false"
> + "rtc_build_opus=false"
> + "rtc_build_ssl=false"
> +
> + "rtc_build_libsrtp=true" ;FIXME: fails to find headers
> + "rtc_build_usrsctp=true" ;TODO: package this
> + (string-append "rtc_jsoncpp_root=\""
> + (assoc-ref %build-inputs "jsoncpp")
> + "/include/jsoncpp/json\"")
> + (string-append "rtc_ssl_root=\""
> + (assoc-ref %build-inputs "openssl")
> + "/include/openssl\""))
> + #:phases
> + (modify-phases %standard-phases
> + (add-after 'unpack 'patch-stuff
> + (lambda* (#:key inputs #:allow-other-keys)
> + (substitute* "printing/cups_config_helper.py"
> + (("cups_config =.*")
> + (string-append "cups_config = '" (assoc-ref inputs "cups")
> + "/bin/cups-config'\n")))
> +
> + (substitute*
> + '("base/process/launch_posix.cc"
> + "base/third_party/dynamic_annotations/dynamic_annotations.c"
> + "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
> + "sandbox/linux/services/credentials.cc"
> + "sandbox/linux/services/namespace_utils.cc"
> + "sandbox/linux/services/syscall_wrappers.cc"
> + "sandbox/linux/syscall_broker/broker_host.cc")
Not related to this section, but: NixOS has a "sandbox" output for Chromium
which "contains the sandboxed wrapper" of Chromium. Maybe it requires something
Nix/NixOS specific, maybe we can add that.
> + (("include \"base/third_party/valgrind/") "include \"valgrind/"))
> +
> + (for-each (lambda (file)
> + (substitute* file
> + ;; Fix opus include path.
> + ;; Do not substitute opus_private.h.
> + (("#include \"opus\\.h\"")
> + "#include \"opus/opus.h\"")
> + (("#include \"opus_custom\\.h\"")
> + "#include \"opus/opus_custom.h\"")
> + (("#include \"opus_defines\\.h\"")
> + "#include \"opus/opus_defines.h\"")
> + (("#include \"opus_multistream\\.h\"")
> + "#include \"opus/opus_multistream.h\"")
> + (("#include \"opus_types\\.h\"")
> + "#include \"opus/opus_types.h\"")))
> + (find-files (string-append "third_party/webrtc/modules"
> + "/audio_coding/codecs/opus")))
> +
> + (substitute* "chrome/common/chrome_paths.cc"
> + (("/usr/share/chromium/extensions")
> + ;; TODO: Add ~/.guix-profile.
> + "/run/current-system/profile/share/chromium/extensions"))
> +
> + (substitute*
> + ;; XXX: Probably not needed for M69.
> + "third_party/blink/renderer/platform/image-encoders/image_encoder.h"
> + (("#include \"third_party/libjpeg/") "#include \"")
> + (("#include \"third_party/libwebp/src/") "#include \""))
> +
> + (substitute*
> + "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
> + (("include \"third_party/curl") "include \"curl"))
> + (substitute* "media/base/decode_capabilities.cc"
> + (("third_party/libvpx/source/libvpx/") ""))
> +
> + #t))
> + (add-before 'configure 'prepare-build-environment
> + (lambda* (#:key inputs #:allow-other-keys)
> +
> + ;; Make sure the right build tools are used.
> + (setenv "AR" "ar") (setenv "NM" "nm")
> + (setenv "CC" "gcc") (setenv "CXX" "g++")
> +
> + ;; Work around <https://bugs.gnu.org/30756>.
> + (unsetenv "C_INCLUDE_PATH")
> + (unsetenv "CPLUS_INCLUDE_PATH")
> +
> + ;; TODO: pre-compile instead. Avoids a race condition.
> + (setenv "PYTHONDONTWRITEBYTECODE" "1")
> +
> + ;; XXX: How portable is this.
> + (mkdir-p "third_party/node/linux/node-linux-x64")
> + (symlink (string-append (assoc-ref inputs "node") "/bin")
> + "third_party/node/linux/node-linux-x64/bin")
> +
> + #t))
> + (add-after 'prepare-build-environment 'bootstrap-gn
> + (lambda _
> + (invoke "python" "tools/gn/bootstrap/bootstrap.py" "-s" "-v")))
> + (replace 'configure
> + (lambda* (#:key configure-flags #:allow-other-keys)
> + (let ((args (string-join configure-flags " ")))
> + (with-directory-excursion "out/Release"
> + ;; Generate ninja build files.
> + (invoke "./gn" "gen" "."
> + (string-append "--args=" args))
> +
> + ;; Print the full list of supported arguments as well as
> + ;; their current status for convenience.
> + (format #t "Dumping configure flags...\n")
> + (invoke "./gn" "args" "." "--list")))))
> + (replace 'build
> + (lambda* (#:key outputs #:allow-other-keys)
> + (invoke "ninja" "-C" "out/Release"
> + "-j" (number->string (parallel-job-count))
> + "chrome")))
> + (replace 'install
> + (lambda* (#:key inputs outputs #:allow-other-keys)
> + (let* ((out (assoc-ref outputs "out"))
> + (bin (string-append out "/bin"))
> + (exe (string-append bin "/chromium"))
> + (lib (string-append out "/lib"))
> + (man (string-append out "/share/man/man1"))
> + (applications (string-append out "/share/applications"))
> + (install-regexp (make-regexp "\\.(bin|pak)$"))
> + (locales (string-append lib "/locales"))
> + (resources (string-append lib "/resources"))
> + (preferences (assoc-ref inputs "master-preferences"))
> + (gtk+ (assoc-ref inputs "gtk+"))
> + (mesa (assoc-ref inputs "mesa"))
> + (nss (assoc-ref inputs "nss"))
> + (udev (assoc-ref inputs "udev"))
> + (sh (which "sh")))
> +
> + (substitute* '("chrome/app/resources/manpage.1.in"
> + "chrome/installer/linux/common/desktop.template")
> + (("@@MENUNAME@@") "Chromium")
> + (("@@PACKAGE@@") "chromium")
> + (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
> +
> + (mkdir-p man)
> + (copy-file "chrome/app/resources/manpage.1.in"
> + (string-append man "/chromium.1"))
> +
> + (mkdir-p applications)
> + (copy-file "chrome/installer/linux/common/desktop.template"
> + (string-append applications "/chromium.desktop"))
> +
> + (mkdir-p lib)
> + (copy-file preferences (string-append lib "/master_preferences"))
> +
> + (with-directory-excursion "out/Release"
> + (for-each (lambda (file)
> + (install-file file lib))
> + (scandir "." (cut regexp-exec install-regexp <>)))
> + (copy-file "chrome" (string-append lib "/chromium"))
> +
> + ;; TODO: Install icons from "../../chrome/app/themes" into
> + ;; "out/share/icons/hicolor/$size".
I have more icons here in my definition, the whole section looked like...
> + (install-file
> + "product_logo_48.png"
> + (string-append out "/share/icons/48x48/chromium.png"))
this:
+ ;; XXX: What about ../../chrome/app/theme/chromium/linux/?
+ (for-each
+ (lambda (file)
+ (let* ((size (string-filter char-numeric? file))
+ (icons (string-append out "/share/icons/hicolor/"
+ size "x" size "/apps")))
+ (mkdir-p icons)
+ (copy-file file (string-append icons "/chromium.png"))))
+ '("../../chrome/app/theme/chromium/product_logo_128.png"
+ "../../chrome/app/theme/chromium/product_logo_22.png"
+ "../../chrome/app/theme/chromium/product_logo_22_mono.png"
+ "../../chrome/app/theme/chromium/product_logo_24.png"
+ "../../chrome/app/theme/chromium/product_logo_256.png"
+ "../../chrome/app/theme/chromium/product_logo_48.png"
+ "../../chrome/app/theme/chromium/product_logo_64.png"))
> +
> + (copy-recursively "locales" locales)
> + (copy-recursively "resources" resources)
> +
> + (mkdir-p bin)
> + ;; Add a thin wrapper to prevent the user from inadvertently
> + ;; installing non-free software through the Web Store.
> + ;; TODO: Discover extensions from the profile and pass
> + ;; something like "--disable-extensions-except=...".
> + (call-with-output-file exe
> + (lambda (port)
> + (format port
> + "#!~a~@
> + if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
> + then~@
> + CHROMIUM_FLAGS=\" \\~@
> + --disable-background-networking \\~@
> + --disable-extensions \\~@
> + \"~@
> + fi~@
> + exec ~a $CHROMIUM_FLAGS \"$@\"~%"
> + sh (string-append lib "/chromium"))))
> + (chmod exe #o755)
> +
> + (wrap-program exe
> + ;; TODO: Get these in RUNPATH.
> + `("LD_LIBRARY_PATH" ":" prefix
> + (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
> + mesa "/lib:" udev "/lib")))
> + ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
> + `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
> + #t)))))))
> + (native-inputs
> + `(("bison" ,bison)
> + ("gcc" ,gcc-8) ;a recent compiler is required
> + ("gperf" ,gperf)
> + ("ninja" ,ninja)
> + ("node" ,node)
> + ("pkg-config" ,pkg-config)
> + ("master-preferences" ,(local-file "chromium-master-preferences.json"))
> + ("which" ,which)
> + ("yasm" ,yasm)
> +
> + ("python-beautifulsoup4" ,python2-beautifulsoup4)
> + ("python-html5lib" ,python2-html5lib)
> + ("python" ,python-2)))
> + (inputs
> + `(("alsa-lib" ,alsa-lib)
> + ("atk" ,atk)
> + ("cups" ,cups)
> + ("curl" ,curl)
> + ("dbus" ,dbus)
> + ("dbus-glib" ,dbus-glib)
> + ("expat" ,expat)
> + ("flac" ,flac)
> + ("ffmpeg" ,ffmpeg)
> + ("fontconfig" ,fontconfig)
> + ("freetype" ,freetype)
> + ("gdk-pixbuf" ,gdk-pixbuf)
> + ("glib" ,glib)
> + ("gtk+" ,gtk+)
> + ("harfbuzz" ,harfbuzz)
> + ("icu4c" ,icu4c)
> + ("jsoncpp" ,jsoncpp)
> + ("lcms" ,lcms)
> + ("libevent" ,libevent)
> + ("libffi" ,libffi)
> + ("libjpeg-turbo" ,libjpeg-turbo)
> + ("libpng" ,libpng)
> + ;;("libsrtp" ,libsrtp)
> + ("libvpx" ,libvpx/chromium)
> + ("libwebp" ,libwebp)
> + ("libx11" ,libx11)
> + ("libxcb" ,libxcb)
> + ("libxcomposite" ,libxcomposite)
> + ("libxcursor" ,libxcursor)
> + ("libxdamage" ,libxdamage)
> + ("libxext" ,libxext)
> + ("libxfixes" ,libxfixes)
> + ("libxi" ,libxi)
> + ("libxkbcommon" ,libxkbcommon)
> + ("libxml2" ,libxml2)
> + ("libxrandr" ,libxrandr)
> + ("libxrender" ,libxrender)
> + ("libxscrnsaver" ,libxscrnsaver)
> + ("libxslt" ,libxslt)
> + ("libxtst" ,libxtst)
> + ("mesa" ,mesa)
> + ("minizip" ,minizip)
> + ("mit-krb5" ,mit-krb5)
> + ("nss" ,nss)
> + ("openh264" ,openh264)
> + ("openjpeg" ,openjpeg) ;PDFium only
> + ("openssl" ,openssl)
> + ("opus" ,opus+custom)
> + ("pango" ,pango)
> + ("pciutils" ,pciutils)
> + ("pulseaudio" ,pulseaudio)
> + ("re2" ,re2)
> + ("snappy" ,snappy)
> + ("speech-dispatcher" ,speech-dispatcher)
> + ("udev" ,eudev)
> + ("valgrind" ,valgrind)))
> + (home-page "https://www.chromium.org/")
> + (description
> + "Chromium is a web browser designed for speed and security. This
> +version incorporates features from
> +@url{https://github.com/gcarq/inox-patchset,the Inox patchset} and
> +@url{https://github.com/Eloston/ungoogled-chromium,ungoogled-chromium} in
> +order to protect the users privacy.")
> + ;; Chromium is developed as BSD-3, but bundles a large number of third-party
> + ;; components with other licenses. For full information, see chrome://credits.
> + (license (list license:bsd-3
> + license:bsd-2
> + license:expat
> + license:asl2.0
> + license:mpl2.0
> + license:public-domain
> + license:lgpl2.1+))))
> diff --git a/gnu/packages/patches/chromium-gcc-unique-ptr.patch b/gnu/packages/patches/chromium-gcc-unique-ptr.patch
> new file mode 100644
> index 000000000..9c9a9fc09
> --- /dev/null
> +++ b/gnu/packages/patches/chromium-gcc-unique-ptr.patch
> @@ -0,0 +1,33 @@
> +Help GCC resolve <UrlIndex>.
> +
> +Taken from upstream:
> +https://chromium.googlesource.com/chromium/src/+/56cb5f7da1025f6db869e840ed34d3b98b9ab899
> +
> +diff --git a/components/bookmarks/browser/bookmark_storage.cc b/components/bookmarks/browser/bookmark_storage.cc
> +index 1633ba1..3ae0c62 100644
> +--- a/components/bookmarks/browser/bookmark_storage.cc
> ++++ b/components/bookmarks/browser/bookmark_storage.cc
> +@@ -158,6 +158,10 @@
> + url_index_ = std::make_unique<UrlIndex>(std::move(root_node_));
> + }
> +
> ++std::unique_ptr<UrlIndex> BookmarkLoadDetails::owned_url_index() {
> ++ return std::move(url_index_);
> ++}
> ++
> + BookmarkPermanentNode* BookmarkLoadDetails::CreatePermanentNode(
> + BookmarkClient* client,
> + BookmarkNode::Type type) {
> +diff --git a/components/bookmarks/browser/bookmark_storage.h b/components/bookmarks/browser/bookmark_storage.h
> +index 08df5bb..0a1b1a1 100644
> +--- a/components/bookmarks/browser/bookmark_storage.h
> ++++ b/components/bookmarks/browser/bookmark_storage.h
> +@@ -104,7 +104,7 @@
> + bool ids_reassigned() const { return ids_reassigned_; }
> +
> + void CreateUrlIndex();
> +- std::unique_ptr<UrlIndex> owned_url_index() { return std::move(url_index_); }
> ++ std::unique_ptr<UrlIndex> owned_url_index();
> +
> + private:
> + // Creates one of the possible permanent nodes (bookmark bar node, other node
> diff --git a/gnu/packages/patches/chromium-remove-default-history.patch b/gnu/packages/patches/chromium-remove-default-history.patch
> new file mode 100644
> index 000000000..42363805b
> --- /dev/null
> +++ b/gnu/packages/patches/chromium-remove-default-history.patch
> @@ -0,0 +1,13 @@
> +Don't pre-populate the New Tab Page for new profiles.
> +
> +--- a/chrome/browser/history/top_sites_factory.cc
> ++++ b/chrome/browser/history/top_sites_factory.cc
> +@@ -74,7 +74,7 @@
> +
> + void InitializePrepopulatedPageList(
> + history::PrepopulatedPageList* prepopulated_pages) {
> +-#if !defined(OS_ANDROID)
> ++#if 0
> + DCHECK(prepopulated_pages);
> + prepopulated_pages->reserve(arraysize(kRawPrepopulatedPages));
> + for (size_t i = 0; i < arraysize(kRawPrepopulatedPages); ++i) {
> --
> 2.18.0
>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-08-05 16:18 ` ng0
@ 2018-08-05 18:25 ` Marius Bakke
2018-08-05 20:32 ` ng0
0 siblings, 1 reply; 91+ messages in thread
From: Marius Bakke @ 2018-08-05 18:25 UTC (permalink / raw)
To: ng0; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 2659 bytes --]
ng0 <ng0@n0.is> writes:
> Once we merge this into master, can we document the update procedure?
> Or even better, write an update script if possible? For me it was 40%
> hit everything which doesn't move and take what's left over and 60%
> reading. I understand the code, but some people might want an
> explanation for how it's decided which folder gets to stay.
The "preserved-club" are simply third_party directories that are
necessary for the build. Removing any single one will cause the build
to fail (in theory, there might be outdated entries..).
It's difficult to automate because you don't know what's needed until
the build process starts and fails because of some missing dependency.
> Not related to this section, but: NixOS has a "sandbox" output for Chromium
> which "contains the sandboxed wrapper" of Chromium. Maybe it requires something
> Nix/NixOS specific, maybe we can add that.
I guess that's for the SUID sandbox binary. I haven't had a reason to
build that because the user namespace sandbox works just fine. Perhaps
it's useful for distributions that don't have user namespaces enabled?
>> + ;; TODO: Install icons from "../../chrome/app/themes" into
>> + ;; "out/share/icons/hicolor/$size".
>
> I have more icons here in my definition, the whole section looked like...
>
>> + (install-file
>> + "product_logo_48.png"
>> + (string-append out "/share/icons/48x48/chromium.png"))
>
> this:
>
> + ;; XXX: What about ../../chrome/app/theme/chromium/linux/?
> + (for-each
> + (lambda (file)
> + (let* ((size (string-filter char-numeric? file))
> + (icons (string-append out "/share/icons/hicolor/"
> + size "x" size "/apps")))
> + (mkdir-p icons)
> + (copy-file file (string-append icons "/chromium.png"))))
> + '("../../chrome/app/theme/chromium/product_logo_128.png"
> + "../../chrome/app/theme/chromium/product_logo_22.png"
> + "../../chrome/app/theme/chromium/product_logo_22_mono.png"
> + "../../chrome/app/theme/chromium/product_logo_24.png"
> + "../../chrome/app/theme/chromium/product_logo_256.png"
> + "../../chrome/app/theme/chromium/product_logo_48.png"
> + "../../chrome/app/theme/chromium/product_logo_64.png"))
Nice. Now the next step is to generate the latter list, maybe with
find-files?
Thanks for the feedback!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-08-05 18:25 ` Marius Bakke
@ 2018-08-05 20:32 ` ng0
2018-08-05 23:58 ` ng0
0 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2018-08-05 20:32 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004, ng0
[-- Attachment #1: Type: text/plain, Size: 3129 bytes --]
Marius Bakke transcribed 3.2K bytes:
> ng0 <ng0@n0.is> writes:
>
> > Once we merge this into master, can we document the update procedure?
> > Or even better, write an update script if possible? For me it was 40%
> > hit everything which doesn't move and take what's left over and 60%
> > reading. I understand the code, but some people might want an
> > explanation for how it's decided which folder gets to stay.
>
> The "preserved-club" are simply third_party directories that are
> necessary for the build. Removing any single one will cause the build
> to fail (in theory, there might be outdated entries..).
>
> It's difficult to automate because you don't know what's needed until
> the build process starts and fails because of some missing dependency.
Hm okay.
Yes, I noticed. But they usually fail very early, so it's just 4 - 20
minutes waiting depending on your harddrive and network speed.
> > Not related to this section, but: NixOS has a "sandbox" output for Chromium
> > which "contains the sandboxed wrapper" of Chromium. Maybe it requires something
> > Nix/NixOS specific, maybe we can add that.
>
> I guess that's for the SUID sandbox binary. I haven't had a reason to
> build that because the user namespace sandbox works just fine. Perhaps
> it's useful for distributions that don't have user namespaces enabled?
Maybe, it's worth investigating. I haven't looked at it very much.
>
> >> + ;; TODO: Install icons from "../../chrome/app/themes" into
> >> + ;; "out/share/icons/hicolor/$size".
> >
> > I have more icons here in my definition, the whole section looked like...
> >
> >> + (install-file
> >> + "product_logo_48.png"
> >> + (string-append out "/share/icons/48x48/chromium.png"))
> >
> > this:
> >
> > + ;; XXX: What about ../../chrome/app/theme/chromium/linux/?
> > + (for-each
> > + (lambda (file)
> > + (let* ((size (string-filter char-numeric? file))
> > + (icons (string-append out "/share/icons/hicolor/"
> > + size "x" size "/apps")))
> > + (mkdir-p icons)
> > + (copy-file file (string-append icons "/chromium.png"))))
> > + '("../../chrome/app/theme/chromium/product_logo_128.png"
> > + "../../chrome/app/theme/chromium/product_logo_22.png"
> > + "../../chrome/app/theme/chromium/product_logo_22_mono.png"
> > + "../../chrome/app/theme/chromium/product_logo_24.png"
> > + "../../chrome/app/theme/chromium/product_logo_256.png"
> > + "../../chrome/app/theme/chromium/product_logo_48.png"
> > + "../../chrome/app/theme/chromium/product_logo_64.png"))
>
> Nice. Now the next step is to generate the latter list, maybe with
> find-files?
>
> Thanks for the feedback!
Thanks for your continued work on this monster ;)
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-08-05 20:32 ` ng0
@ 2018-08-05 23:58 ` ng0
2018-08-30 13:25 ` ng0
0 siblings, 1 reply; 91+ messages in thread
From: ng0 @ 2018-08-05 23:58 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004, ng0
[-- Attachment #1.1: Type: text/plain, Size: 195 bytes --]
It took a while because of the heat, but here's a fail log appended. I'm going to bed,
and I don't know when I have time to look into it. Maybe you get to work on it
earlier than myself.
Thanks
[-- Attachment #1.2: chromium68.txt --]
[-- Type: text/plain, Size: 32267 bytes --]
[13587/19325] CXX obj/chrome/browser/browser/browser_jumbo_2.o
FAILED: obj/chrome/browser/browser/browser_jumbo_2.o
g++ -MMD -MF obj/chrome/browser/browser/browser_jumbo_2.o.d -DUSE_LIBSECRET -DV8_DEPRECATION_WARNINGS -DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DNO_TCMALLOC -DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=64
-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=2 -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DUSE_CUPS -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32
-DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DGL_GLEXT_PROTOTYPES -DUSE_GLX -DUSE_EGL -DTOOLKIT_VIEWS=1 -DEXPAT_RELATIVE_PATH -DUSING_SYSTEM_ICU=1 -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_STATIC -DUCHAR_TYPE=uint16_t
-DU_IMPORT=U_EXPORT -DGOOGLE_PROTOBUF_NO_RTTI -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DV8_USE_EXTERNAL_STARTUP_DATA -DSK_IGNORE_LINEONLY_AA_CONVEX_PATH_OPTS -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY
-DSK_HAS_JPEG_LIBRARY -DSK_SUPPORT_GPU=1 -DSK_GPU_WORKAROUNDS_HEADER=\"gpu/config/gpu_driver_bug_workaround_autogen.h\" -DLEVELDB_PLATFORM_CHROMIUM=1 -DWEBRTC_NON_STATIC_TRACE_EVENT_HANDLERS=0 -DGTEST_RELATIVE_PATH
-DWEBRTC_CHROMIUM_BUILD -DWEBRTC_POSIX -DWEBRTC_LINUX -DNO_MAIN_THREAD_WRAPPING -DI18N_ADDRESS_VALIDATION_DATA_URL=\"https://chromium-i18n.appspot.com/ssl-aggregate-address/\" -DUSE_SYSTEM_ZLIB=1 -DHUNSPELL_STATIC
-DHUNSPELL_CHROME_CLIENT -DUSE_HUNSPELL -I. -I../.. -Igen -Igen/shim_headers/libevent_shim -Igen/shim_headers/icui18n_shim -Igen/shim_headers/icuuc_shim -Igen/shim_headers/zlib_shim -Igen/shim_headers/libpng_shim
-Igen/shim_headers/re2_shim -Igen/shim_headers/snappy_shim -Igen/shim_headers/libdrm_shim -I../../third_party/khronos -I../../gpu -I../../third_party/libyuv/include -Igen/shim_headers/ffmpeg_shim -Igen/shim_headers/libvpx_shim
-Igen/shim_headers/opus_shim -Igen/shim_headers/openh264_shim -Igen/shim_headers/minizip_shim -Igen/shim_headers/flac_shim -I../../third_party/webrtc_overrides -I../../testing/gtest/include -I../../third_party/libyuv/include
-I../../third_party/usrsctp/usrsctplib -I../../third_party/webrtc -I../../third_party/ced/src -I../../third_party/protobuf/src -I../../third_party/protobuf/src -Igen/protoc_out -I../../third_party/boringssl/src/include
-I../../skia/config -I../../skia/ext -I../../third_party/skia/include/c -I../../third_party/skia/include/config -I../../third_party/skia/include/core -I../../third_party/skia/include/effects -I../../third_party/skia/include/encode
-I../../third_party/skia/include/gpu -I../../third_party/skia/include/images -I../../third_party/skia/include/lazy -I../../third_party/skia/include/pathops -I../../third_party/skia/include/pdf -I../../third_party/skia/include/pipe
-I../../third_party/skia/include/ports -I../../third_party/skia/include/utils -I../../third_party/skia/src/gpu -I../../third_party/skia/src/sksl -I../../third_party/leveldatabase -I../../third_party/leveldatabase/src
-I../../third_party/leveldatabase/src/include -I../../third_party/libwebm/source -I../../v8/include -Igen/v8/include -I../../third_party/webrtc_overrides -I../../third_party/webrtc -Igen/third_party/metrics_proto
-I../../third_party/mesa/src/include -Igen -Igen -I../../third_party/libaddressinput/src/cpp/include -I../../third_party/perfetto/include -Igen/third_party/perfetto/protos -I../../third_party/cacheinvalidation/overrides
-I../../third_party/cacheinvalidation/src -I../../third_party/flatbuffers/src/include -I../../third_party/webrtc_overrides -I../../testing/gtest/include -I../../third_party/webrtc -I../../third_party/libsecret
-I../../third_party/breakpad/breakpad/src -Igen -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -funwind-tables -fPIC -pipe -pthread -m64
-march=x86-64 -Wall -Wno-unused-local-typedefs -Wno-maybe-uninitialized -Wno-deprecated-declarations -fno-delete-null-pointer-checks -Wno-comments -Wno-missing-field-initializers -Wno-unused-parameter -O2 -fno-ident -fdata-sections
-ffunction-sections -fno-omit-frame-pointer -g0 -fvisibility=hidden -isystem../../../../../gnu/store/x9lfcagl47zbb6krfpmwm31m70s9pk00-glib-2.56.0/include/glib-2.0
-isystem../../../../../gnu/store/x9lfcagl47zbb6krfpmwm31m70s9pk00-glib-2.56.0/lib/glib-2.0/include -isystem../../../../../gnu/store/9xx9gzlgp20bzb9r9ksajwzdcpm0qs5z-nss-3.38/include/nss
-isystem../../../../../gnu/store/714dy9b910rdvsy8i8bx6ln3ap032z2z-nspr-4.19/include/nspr -isystem../../../../../gnu/store/kl4fr813f98mh1zjs6bwkardgnrzxi8c-libxml2-2.9.8/include/libxml2
-isystem../../../../../gnu/store/84dgv1gy1cyms37zlmykpsafbpwbm7xr-dbus-1.12.6/include/dbus-1.0 -isystem../../../../../gnu/store/84dgv1gy1cyms37zlmykpsafbpwbm7xr-dbus-1.12.6/lib/dbus-1.0/include -std=gnu++14 -Wno-narrowing
-fno-exceptions -fno-rtti -fvisibility-inlines-hidden -c gen/chrome/browser/browser_jumbo_2.cc -o obj/chrome/browser/browser/browser_jumbo_2.o
In file included from gen/mojo/public/mojom/base/string16.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/device.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/chooser_service.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/chooser_service.mojom-shared.h:24,
from gen/device/usb/public/mojom/chooser_service.mojom.h:28,
from ../../content/public/browser/content_browser_client.h:30,
from ../../chrome/browser/profiles/profile.h:18,
from ./../../chrome/browser/browsing_data/browsing_data_quota_helper_impl.cc:15,
from gen/chrome/browser/browser_jumbo_2.cc:6:
gen/mojo/public/mojom/base/big_buffer.mojom-shared-internal.h:30:48: warning: alignment 1 of ?mojo_base::mojom::internal::BigBuffer_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJO_BASE_MOJOM_SHARED) BigBuffer_Data {
^~~~~~~~~~~~~~
In file included from gen/services/network/public/mojom/network_context.mojom-shared-internal.h:14,
from gen/services/network/public/mojom/network_service.mojom-shared-internal.h:13,
from gen/services/network/public/mojom/network_service.mojom-shared.h:24,
from gen/services/network/public/mojom/network_service.mojom.h:28,
from ../../content/public/browser/content_browser_client.h:36,
from ../../chrome/browser/profiles/profile.h:18,
from ./../../chrome/browser/browsing_data/browsing_data_quota_helper_impl.cc:15,
from gen/chrome/browser/browser_jumbo_2.cc:6:
gen/mojo/public/mojom/base/values.mojom-shared-internal.h:31:48: warning: alignment 1 of ?mojo_base::mojom::internal::Value_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJO_BASE_MOJOM_SHARED) Value_Data {
^~~~~~~~~~
In file included from gen/media/mojo/interfaces/video_decode_perf_history.mojom-shared-internal.h:12,
from gen/media/mojo/interfaces/video_decode_perf_history.mojom-shared.h:24,
from gen/media/mojo/interfaces/video_decode_perf_history.mojom.h:28,
from ../../media/mojo/services/video_decode_perf_history.h:18,
from ./../../chrome/browser/browsing_data/chrome_browsing_data_remover_delegate.cc:93,
from gen/chrome/browser/browser_jumbo_2.cc:10:
gen/media/mojo/interfaces/media_types.mojom-shared-internal.h:89:8: warning: alignment 1 of ?media::mojom::internal::VideoFrameData_Data? is less than 8 [-Wpacked-not-aligned]
class VideoFrameData_Data {
^~~~~~~~~~~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom.h:28,
from ../../content/public/browser/render_process_host.h:25,
from ./../../chrome/browser/budget_service/budget_service_impl.cc:13,
from gen/chrome/browser/browser_jumbo_2.cc:27:
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:92:53: warning: alignment 1 of ?blink::mojom::internal::OpenResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) OpenResult_Data {
^~~~~~~~~~~~~~~
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:171:53: warning: alignment 1 of ?blink::mojom::internal::MatchResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) MatchResult_Data {
^~~~~~~~~~~~~~~~
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:250:53: warning: alignment 1 of ?blink::mojom::internal::MatchAllResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) MatchAllResult_Data {
^~~~~~~~~~~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom.h:28,
from ../../content/public/browser/render_process_host.h:25,
from ./../../chrome/browser/budget_service/budget_service_impl.cc:13,
from gen/chrome/browser/browser_jumbo_2.cc:27:
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:329:53: warning: alignment 1 of ?blink::mojom::internal::CacheKeysResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) CacheKeysResult_Data {
^~~~~~~~~~~~~~~~~~~~
In file included from gen/services/resource_coordinator/public/mojom/memory_instrumentation/memory_instrumentation.mojom-shared.h:24,
from gen/services/resource_coordinator/public/mojom/memory_instrumentation/memory_instrumentation.mojom.h:28,
from ../../services/resource_coordinator/public/cpp/memory_instrumentation/coordinator.h:8,
from ../../services/resource_coordinator/public/cpp/memory_instrumentation/memory_instrumentation.h:12,
from ../../chrome/browser/resource_coordinator/render_process_probe.h:17,
from ./../../chrome/browser/chrome_browser_main.cc:97,
from gen/chrome/browser/browser_jumbo_2.cc:31:
gen/services/resource_coordinator/public/mojom/memory_instrumentation/memory_instrumentation.mojom-shared-internal.h:174:66: warning: alignment 1 of ?memory_instrumentation::mojom::internal::RawAllocatorDumpEntryValue_Data? is less
than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(RESOURCE_COORDINATOR_PUBLIC_MOJOM_SHARED) RawAllocatorDumpEntryValue_Data {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/presentation/presentation.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/presentation/presentation.mojom.h:28,
from ../../content/public/browser/presentation_service_delegate.h:17,
from ../../chrome/browser/media/router/media_router.h:26,
from ../../chrome/browser/media/router/presentation/presentation_service_delegate_impl.h:20,
from ./../../chrome/browser/chrome_content_browser_client.cc:54,
from gen/chrome/browser/browser_jumbo_2.cc:34:
gen/third_party/blink/public/platform/modules/presentation/presentation.mojom-shared-internal.h:137:53: warning: alignment 1 of ?blink::mojom::internal::PresentationConnectionMessage_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) PresentationConnectionMessage_Data {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from gen/services/preferences/public/mojom/preferences.mojom-shared.h:24,
from gen/services/preferences/public/mojom/preferences.mojom.h:28,
from ./../../chrome/browser/chrome_content_browser_client.cc:255,
from gen/chrome/browser/browser_jumbo_2.cc:34:
gen/services/preferences/public/mojom/preferences.mojom-shared-internal.h:174:8: warning: alignment 1 of ?prefs::mojom::internal::PrefUpdateValue_Data? is less than 8 [-Wpacked-not-aligned]
class PrefUpdateValue_Data {
^~~~~~~~~~~~~~~~~~~~
g++: fatal error: Killed signal terminated program cc1plus
compilation terminated.
[13588/19325] CXX obj/chrome/browser/browser/browser_jumbo_23.o
In file included from gen/mojo/public/mojom/base/string16.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/device.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/chooser_service.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/chooser_service.mojom-shared.h:24,
from gen/device/usb/public/mojom/chooser_service.mojom.h:28,
from ../../content/public/browser/content_browser_client.h:30,
from ../../chrome/browser/browser_process_platform_part_base.h:11,
from ../../chrome/browser/browser_process_platform_part.h:20,
from ../../chrome/browser/browser_process.h:21,
from ./../../chrome/browser/printing/cloud_print/privet_url_fetcher.cc:22,
from gen/chrome/browser/browser_jumbo_23.cc:5:
gen/mojo/public/mojom/base/big_buffer.mojom-shared-internal.h:30:48: warning: alignment 1 of ?mojo_base::mojom::internal::BigBuffer_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJO_BASE_MOJOM_SHARED) BigBuffer_Data {
^~~~~~~~~~~~~~
In file included from gen/services/network/public/mojom/network_context.mojom-shared-internal.h:14,
from gen/services/network/public/mojom/network_service.mojom-shared-internal.h:13,
from gen/services/network/public/mojom/network_service.mojom-shared.h:24,
from gen/services/network/public/mojom/network_service.mojom.h:28,
from ../../content/public/browser/content_browser_client.h:36,
from ../../chrome/browser/browser_process_platform_part_base.h:11,
from ../../chrome/browser/browser_process_platform_part.h:20,
from ../../chrome/browser/browser_process.h:21,
from ./../../chrome/browser/printing/cloud_print/privet_url_fetcher.cc:22,
from gen/chrome/browser/browser_jumbo_23.cc:5:
gen/mojo/public/mojom/base/values.mojom-shared-internal.h:31:48: warning: alignment 1 of ?mojo_base::mojom::internal::Value_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJO_BASE_MOJOM_SHARED) Value_Data {
^~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom.h:28,
from ../../content/public/browser/render_process_host.h:25,
from ./../../chrome/browser/sessions/session_restore.cc:58,
from gen/chrome/browser/browser_jumbo_23.cc:6:
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:92:53: warning: alignment 1 of ?blink::mojom::internal::OpenResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) OpenResult_Data {
^~~~~~~~~~~~~~~
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:171:53: warning: alignment 1 of ?blink::mojom::internal::MatchResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) MatchResult_Data {
^~~~~~~~~~~~~~~~
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:250:53: warning: alignment 1 of ?blink::mojom::internal::MatchAllResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) MatchAllResult_Data {
^~~~~~~~~~~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom.h:28,
from ../../content/public/browser/render_process_host.h:25,
from ./../../chrome/browser/sessions/session_restore.cc:58,
from gen/chrome/browser/browser_jumbo_23.cc:6:
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:329:53: warning: alignment 1 of ?blink::mojom::internal::CacheKeysResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) CacheKeysResult_Data {
^~~~~~~~~~~~~~~~~~~~
In file included from gen/chrome/browser/browser_jumbo_23.cc:42:
./../../chrome/browser/supervised_user/supervised_user_url_filter.cc:76:33: warning: ?SupervisedUserURLFilter::Contents? has a field ?SupervisedUserURLFilter::Contents::hostname_hashes? whose type uses the anonymous namespace
[-Wsubobject-linkage]
struct SupervisedUserURLFilter::Contents {
^~~~~~~~
In file included from gen/chrome/browser/browser_jumbo_23.cc:53:
./../../chrome/browser/net/trial_comparison_cert_verifier.cc: In function ?void {anonymous}::SendTrialVerificationReport(void*, const net::CertVerifier::RequestParams&, const net::CertVerifyResult&, const net::CertVerifyResult&)?:
./../../chrome/browser/net/trial_comparison_cert_verifier.cc:85:12: warning: unused variable ?profile? [-Wunused-variable]
Profile* profile = reinterpret_cast<Profile*>(profile_id);
^~~~~~~
[13589/19325] CXX obj/chrome/browser/browser/browser_jumbo_8.o
In file included from gen/mojo/public/mojom/base/string16.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/device.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/chooser_service.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/chooser_service.mojom-shared.h:24,
from gen/device/usb/public/mojom/chooser_service.mojom.h:28,
from ../../content/public/browser/content_browser_client.h:30,
from ../../chrome/browser/browser_process_platform_part_base.h:11,
from ../../chrome/browser/browser_process_platform_part.h:20,
from ../../chrome/browser/browser_process.h:21,
from ./../../chrome/browser/page_load_metrics/observers/core_page_load_metrics_observer.cc:13,
from gen/chrome/browser/browser_jumbo_8.cc:8:
gen/mojo/public/mojom/base/big_buffer.mojom-shared-internal.h:30:48: warning: alignment 1 of ?mojo_base::mojom::internal::BigBuffer_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJO_BASE_MOJOM_SHARED) BigBuffer_Data {
^~~~~~~~~~~~~~
In file included from gen/services/network/public/mojom/network_context.mojom-shared-internal.h:14,
from gen/services/network/public/mojom/network_service.mojom-shared-internal.h:13,
from gen/services/network/public/mojom/network_service.mojom-shared.h:24,
from gen/services/network/public/mojom/network_service.mojom.h:28,
from ../../content/public/browser/content_browser_client.h:36,
from ../../chrome/browser/browser_process_platform_part_base.h:11,
from ../../chrome/browser/browser_process_platform_part.h:20,
from ../../chrome/browser/browser_process.h:21,
from ./../../chrome/browser/page_load_metrics/observers/core_page_load_metrics_observer.cc:13,
from gen/chrome/browser/browser_jumbo_8.cc:8:
gen/mojo/public/mojom/base/values.mojom-shared-internal.h:31:48: warning: alignment 1 of ?mojo_base::mojom::internal::Value_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJO_BASE_MOJOM_SHARED) Value_Data {
^~~~~~~~~~
In file included from gen/services/resource_coordinator/public/mojom/memory_instrumentation/memory_instrumentation.mojom-shared.h:24,
from gen/services/resource_coordinator/public/mojom/memory_instrumentation/memory_instrumentation.mojom.h:28,
from ../../services/resource_coordinator/public/cpp/memory_instrumentation/coordinator.h:8,
from ../../services/resource_coordinator/public/cpp/memory_instrumentation/memory_instrumentation.h:12,
from ../../chrome/browser/page_load_metrics/observers/data_reduction_proxy_metrics_observer.h:18,
from ./../../chrome/browser/page_load_metrics/observers/data_reduction_proxy_metrics_observer.cc:5,
from gen/chrome/browser/browser_jumbo_8.cc:10:
gen/services/resource_coordinator/public/mojom/memory_instrumentation/memory_instrumentation.mojom-shared-internal.h:174:66: warning: alignment 1 of ?memory_instrumentation::mojom::internal::RawAllocatorDumpEntryValue_Data? is less
than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(RESOURCE_COORDINATOR_PUBLIC_MOJOM_SHARED) RawAllocatorDumpEntryValue_Data {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom.h:28,
from ../../content/public/browser/render_process_host.h:25,
from ./../../chrome/browser/page_load_metrics/observers/data_reduction_proxy_metrics_observer.cc:30,
from gen/chrome/browser/browser_jumbo_8.cc:10:
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:92:53: warning: alignment 1 of ?blink::mojom::internal::OpenResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) OpenResult_Data {
^~~~~~~~~~~~~~~
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:171:53: warning: alignment 1 of ?blink::mojom::internal::MatchResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) MatchResult_Data {
^~~~~~~~~~~~~~~~
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:250:53: warning: alignment 1 of ?blink::mojom::internal::MatchAllResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) MatchAllResult_Data {
^~~~~~~~~~~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom.h:28,
from ../../content/public/browser/render_process_host.h:25,
from ./../../chrome/browser/page_load_metrics/observers/data_reduction_proxy_metrics_observer.cc:30,
from gen/chrome/browser/browser_jumbo_8.cc:10:
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:329:53: warning: alignment 1 of ?blink::mojom::internal::CacheKeysResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) CacheKeysResult_Data {
^~~~~~~~~~~~~~~~~~~~
[13590/19325] CXX obj/chrome/browser/browser/browser_jumbo_5.o
In file included from gen/mojo/public/mojom/base/string16.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/device.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/chooser_service.mojom-shared-internal.h:12,
from gen/device/usb/public/mojom/chooser_service.mojom-shared.h:24,
from gen/device/usb/public/mojom/chooser_service.mojom.h:28,
from ../../content/public/browser/content_browser_client.h:30,
from ../../chrome/browser/profiles/profile.h:18,
from ../../chrome/browser/google/google_search_domain_mixing_metrics_emitter_factory.h:11,
from ./../../chrome/browser/google/google_search_domain_mixing_metrics_emitter_factory.cc:5,
from gen/chrome/browser/browser_jumbo_5.cc:5:
gen/mojo/public/mojom/base/big_buffer.mojom-shared-internal.h:30:48: warning: alignment 1 of ?mojo_base::mojom::internal::BigBuffer_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJO_BASE_MOJOM_SHARED) BigBuffer_Data {
^~~~~~~~~~~~~~
In file included from gen/services/network/public/mojom/network_context.mojom-shared-internal.h:14,
from gen/services/network/public/mojom/network_service.mojom-shared-internal.h:13,
from gen/services/network/public/mojom/network_service.mojom-shared.h:24,
from gen/services/network/public/mojom/network_service.mojom.h:28,
from ../../content/public/browser/content_browser_client.h:36,
from ../../chrome/browser/profiles/profile.h:18,
from ../../chrome/browser/google/google_search_domain_mixing_metrics_emitter_factory.h:11,
from ./../../chrome/browser/google/google_search_domain_mixing_metrics_emitter_factory.cc:5,
from gen/chrome/browser/browser_jumbo_5.cc:5:
gen/mojo/public/mojom/base/values.mojom-shared-internal.h:31:48: warning: alignment 1 of ?mojo_base::mojom::internal::Value_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJO_BASE_MOJOM_SHARED) Value_Data {
^~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom.h:28,
from ../../content/public/browser/render_process_host.h:25,
from ../../content/public/browser/network_quality_observer_factory.h:14,
from ./../../chrome/browser/io_thread.cc:60,
from gen/chrome/browser/browser_jumbo_5.cc:31:
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:92:53: warning: alignment 1 of ?blink::mojom::internal::OpenResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) OpenResult_Data {
^~~~~~~~~~~~~~~
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:171:53: warning: alignment 1 of ?blink::mojom::internal::MatchResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) MatchResult_Data {
^~~~~~~~~~~~~~~~
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:250:53: warning: alignment 1 of ?blink::mojom::internal::MatchAllResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) MatchAllResult_Data {
^~~~~~~~~~~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom.h:28,
from ../../content/public/browser/render_process_host.h:25,
from ../../content/public/browser/network_quality_observer_factory.h:14,
from ./../../chrome/browser/io_thread.cc:60,
from gen/chrome/browser/browser_jumbo_5.cc:31:
gen/third_party/blink/public/platform/modules/cache_storage/cache_storage.mojom-shared-internal.h:329:53: warning: alignment 1 of ?blink::mojom::internal::CacheKeysResult_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) CacheKeysResult_Data {
^~~~~~~~~~~~~~~~~~~~
In file included from gen/third_party/blink/public/platform/modules/presentation/presentation.mojom-shared.h:24,
from gen/third_party/blink/public/platform/modules/presentation/presentation.mojom.h:28,
from ../../content/public/browser/presentation_service_delegate.h:17,
from ../../chrome/browser/media/router/media_router.h:26,
from ./../../chrome/browser/media/cast_remoting_connector.cc:16,
from gen/chrome/browser/browser_jumbo_5.cc:39:
gen/third_party/blink/public/platform/modules/presentation/presentation.mojom-shared-internal.h:137:53: warning: alignment 1 of ?blink::mojom::internal::PresentationConnectionMessage_Data? is less than 8 [-Wpacked-not-aligned]
class COMPONENT_EXPORT(MOJOM_SHARED_CONTENT_EXPORT) PresentationConnectionMessage_Data {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ninja: build stopped: subcommand failed.
Backtrace:
4 (primitive-load "/gnu/store/zic2hlrw2j88fsw8b731kmrk1d5?")
In ice-9/eval.scm:
191:35 3 (_ _)
In srfi/srfi-1.scm:
640:9 2 (for-each #<procedure b98ee0 at /gnu/store/f95ghy8mx00?> ?)
In /gnu/store/f95ghy8mx00fc22nrvswvnpqlfdkf2nk-module-import/guix/build/gnu-build-system.scm:
799:31 1 (_ _)
In /gnu/store/f95ghy8mx00fc22nrvswvnpqlfdkf2nk-module-import/guix/build/utils.scm:
616:6 0 (invoke _ . _)
/gnu/store/f95ghy8mx00fc22nrvswvnpqlfdkf2nk-module-import/guix/build/utils.scm:616:6: In procedure invoke:
Throw to key `srfi-34' with args `(#<condition &invoke-error [program: "ninja" arguments: ("-C" "out/Release" "-j" "4" "chrome") exit-status: 1 term-signal: #f stop-signal: #f] d24d80>)'.
builder for `/gnu/store/nlxwmgqigbysmjq3j9vx1rk7kdqc74zp-chromium-68.0.3440.84.drv' failed with exit code 1
@ build-failed /gnu/store/nlxwmgqigbysmjq3j9vx1rk7kdqc74zp-chromium-68.0.3440.84.drv - 1 builder for `/gnu/store/nlxwmgqigbysmjq3j9vx1rk7kdqc74zp-chromium-68.0.3440.84.drv' failed with exit code 1
derivation '/gnu/store/nlxwmgqigbysmjq3j9vx1rk7kdqc74zp-chromium-68.0.3440.84.drv' offloaded to '192.168.1.198' failed: build of `/gnu/store/nlxwmgqigbysmjq3j9vx1rk7kdqc74zp-chromium-68.0.3440.84.drv' failed
@ build-failed /gnu/store/nlxwmgqigbysmjq3j9vx1rk7kdqc74zp-chromium-68.0.3440.84.drv - 1 builder for `/gnu/store/nlxwmgqigbysmjq3j9vx1rk7kdqc74zp-chromium-68.0.3440.84.drv' failed with exit code 100
guix build: error: build failed: build of `/gnu/store/nlxwmgqigbysmjq3j9vx1rk7kdqc74zp-chromium-68.0.3440.84.drv' failed
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-08-05 13:04 ` Marius Bakke
2018-08-05 16:18 ` ng0
@ 2018-08-06 8:22 ` Oleg Pykhalov
2018-08-30 6:04 ` Amirouche Boubekki
1 sibling, 1 reply; 91+ messages in thread
From: Oleg Pykhalov @ 2018-08-06 8:22 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 89 bytes --]
Hello,
compiled successfully on 340ee00bbf91a8e0ea567d00d7ff54dd025abc05
Thanks,
Oleg.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] (no subject)
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
` (4 preceding siblings ...)
2018-04-13 19:10 ` [bug#28004] Chromium 65 Marius Bakke
@ 2018-08-29 23:31 ` Amirouche Boubekki
2018-09-02 4:37 ` [bug#28004] Chromium FSDG requirements Mark H Weaver
[not found] ` <20190202192023.22087-1-mbakke@fastmail.com>
7 siblings, 0 replies; 91+ messages in thread
From: Amirouche Boubekki @ 2018-08-29 23:31 UTC (permalink / raw)
To: 28004
I would like to work on the TODO items.
* There is still some data transmitted when starting the browser for the
first time. It seems related to the "domain_reliability" component.
* Remove remaining "Web Store" links. Currently I've only found it in
settings, under "accessibility" and "fonts".
Is is taken by anybody?
The build is in progress, I will report later.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-08-06 8:22 ` Oleg Pykhalov
@ 2018-08-30 6:04 ` Amirouche Boubekki
0 siblings, 0 replies; 91+ messages in thread
From: Amirouche Boubekki @ 2018-08-30 6:04 UTC (permalink / raw)
To: Oleg Pykhalov; +Cc: 28004, Guix-patches
compiled successfully on 256d5c6e339d59287284bb83f35c594f13bd08f9
I have the following messages appear:
Gtk-Message: 07:58:25.671: Failed to load module "canberra-gtk-module"
[3434:3434:0830/075901.665931:ERROR:sandbox_linux.cc(378)]
InitializeSandbox() called with multiple threads in process gpu-process.
libpng warning: iCCP: known incorrect sRGB profile
(pkix_CacheCert_Add: PKIX_PL_HashTable_Add for Certs skipped: entry
existed
I tested http://hyperdev.fr/ and https://zty.pe/
If nobody is working on the remaining TODO items, I will work my way
through it. LMK.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium
2018-08-05 23:58 ` ng0
@ 2018-08-30 13:25 ` ng0
0 siblings, 0 replies; 91+ messages in thread
From: ng0 @ 2018-08-30 13:25 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Build sucessfully on f9e140a243b6d6b5d28bd0813b69604562a39653.
Previously the lack of a swapfile was to blame - when you don't run
headless this really requires a swapfile when you have 8 GB RAM.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium FSDG requirements
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
` (5 preceding siblings ...)
2018-08-29 23:31 ` [bug#28004] (no subject) Amirouche Boubekki
@ 2018-09-02 4:37 ` Mark H Weaver
2018-09-02 13:16 ` Marius Bakke
[not found] ` <20190202192023.22087-1-mbakke@fastmail.com>
7 siblings, 1 reply; 91+ messages in thread
From: Mark H Weaver @ 2018-09-02 4:37 UTC (permalink / raw)
To: Marius Bakke; +Cc: 28004
Hi Marius,
Does the modified version of Chromium in your draft package support
Encrypted Media Extensions (EME)?
https://en.wikipedia.org/wiki/Encrypted_Media_Extensions
Does it refer to third-party repositories of software that are not
committed to only including free software?
Does it contain spyware?
Thanks,
Mark
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] Chromium FSDG requirements
2018-09-02 4:37 ` [bug#28004] Chromium FSDG requirements Mark H Weaver
@ 2018-09-02 13:16 ` Marius Bakke
0 siblings, 0 replies; 91+ messages in thread
From: Marius Bakke @ 2018-09-02 13:16 UTC (permalink / raw)
To: Mark H Weaver; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 607 bytes --]
Mark H Weaver <mhw@netris.org> writes:
> Hi Marius,
>
> Does the modified version of Chromium in your draft package support
> Encrypted Media Extensions (EME)?
>
> https://en.wikipedia.org/wiki/Encrypted_Media_Extensions
No. EME is called "Widevine" in Chromium lingo and I believe all
components are purged from the source.
> Does it refer to third-party repositories of software that are not
> committed to only including free software?
Yes. It includes support for the Chromium "Web Store", although it's
not usable in the default configuration.
> Does it contain spyware?
Not to my knowledge.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] [PATCH] gnu: Add ungoogled-chromium.
[not found] ` <20190203235204.63970587@parabola>
@ 2019-02-04 13:46 ` Leo Famulari
2019-02-04 14:47 ` bill-auger
2019-02-04 22:34 ` Ludovic Courtès
1 sibling, 1 reply; 91+ messages in thread
From: Leo Famulari @ 2019-02-04 13:46 UTC (permalink / raw)
To: bill-auger; +Cc: 28004
[-- Attachment #1: Type: text/plain, Size: 772 bytes --]
On Sun, Feb 03, 2019 at 11:52:04PM -0500, bill-auger wrote:
> what is the evidence for this claim that this guix package is "free
> software only"? - what does "Marks beautiful computed-origin-method" do
> toward that end? - if a procedure for liberating any chromium-derived
> software has been discovered, this would be a marvelous accomplishment
> and very good news indeed, of which people outside of the guix dev team
> would also be interested to learn
If you have a concrete example of a Chromium component that is not free
software please list it in a reply-all this email.
In general, if upstream developers say their software is released under
a free software license by putting the license header in the repo or in
the files, then we take them at their word.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] [PATCH] gnu: Add ungoogled-chromium.
2019-02-04 13:46 ` [bug#28004] [PATCH] gnu: Add ungoogled-chromium Leo Famulari
@ 2019-02-04 14:47 ` bill-auger
0 siblings, 0 replies; 91+ messages in thread
From: bill-auger @ 2019-02-04 14:47 UTC (permalink / raw)
To: 28004
On Mon, 4 Feb 2019 14:46:38 +0100 Leo wrote:
> If you have a concrete example of a Chromium component that is not
> free software please list it in a reply-all this email.
this is not a discussion list i will apologize in advance for this
length reply - i did not CC this list
if you demand evidence you need look no further than the upstream
itself - the upstream developers can not verify for themselves that
their program is freely licensed; as evidenced by the 10 year old bug
report on this issue that is still open
https://bugs.chromium.org/p/chromium/issues/detail?id=28291
the default copy permissions for every copyrighted work is "none" - in
order for that work be be set free, the author must very explicitly
label it as such, and try their very best to ensure that their formal
statement of permission follows along with any copies of it - because if
that permission is missing, or difficult to locate or to comprehend,
there is no reason to assume the work is freely distributable
i would hope that i would not need to explain that to a member of
GNU
the burden of proof is not upon the one who claims that the default
case applies, it is upon the one who claims that some special case
applies
and anyway - let me please repeat this one more time - i have no desire
to defend nor condemn this particular program - this has been
discussed ad nauseam for many years - all that i intend today is to
entice the guix developers to communicate with the other FSDG distros
and the FSF to reach a uniform consensus on the matter - rather than to
see guix choose to distribute it, while all other FSDG distros are in
agreement not to distribute it
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] [PATCH] gnu: Add ungoogled-chromium.
[not found] ` <20190203235204.63970587@parabola>
2019-02-04 13:46 ` [bug#28004] [PATCH] gnu: Add ungoogled-chromium Leo Famulari
@ 2019-02-04 22:34 ` Ludovic Courtès
1 sibling, 0 replies; 91+ messages in thread
From: Ludovic Courtès @ 2019-02-04 22:34 UTC (permalink / raw)
To: bill-auger; +Cc: guix-devel, 28004, gnu-linux-libre
Hi bill-auger,
bill-auger <bill-auger@peers.community> skribis:
> re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html
>
> i would like to remind readers of the guix-devel list that it was
> discussed some months ago, why no FSDG distros currently distribute
> chromium[1] - it appeared at that time, that most people in that
> discussion were in agreement that chromium should not be included in
> guix; and marius was instead hosting it in a private repo, as not to
> taint the main guix repos with dubious software - has there been a
> notable break-through since then?
It’s not entirely clear to me what the problems are, to be honest.
Marius listed specific issues that were addressed by the patches; others
then pointed out at additional issues that ungoogled-chromium fixes,
which Marius took into account; what’s left now?
I understand you’re skeptical about Chromium, but we cannot base
decisions based on vague skepticism. If you know of issues that are
still unaddressed, please do list them.
I’d also like to stress that, if Chromium is eventually included in
Guix, we are committed to fixing it or removing it should someone later
discover that it does not comply with the FSDG (that’s the “Commitment
to Correct Mistakes” section of FSDG.)
> i would like to consider all FSDG distros as being part of a larger
> federation, sharing the same primary goals;
As you know, several of us have occasionally asked for advice on the
gnu-linux-libre list regarding concrete issues that we encountered (a
recent example was Inferno, which we ended up not adding to the distro
due to unresolved issues.)
I believe Marius and others here made a real effort in understanding and
addressing the ways in which Chromium would not comply with the FSDG.
If you’re aware of issues that are unaddressed, please share!
Thank you,
Ludo’.
^ permalink raw reply [flat|nested] 91+ messages in thread
* [bug#28004] [PATCH] gnu: Add ungoogled-chromium.
[not found] ` <20190202192023.22087-1-mbakke@fastmail.com>
[not found] ` <87k1igpwk8.fsf@dismail.de>
@ 2019-02-05 5:22 ` swedebugia
1 sibling, 0 replies; 91+ messages in thread
From: swedebugia @ 2019-02-05 5:22 UTC (permalink / raw)
To: 28004, mbakke, guix-devel
[-- Attachment #1: Type: text/plain, Size: 37242 bytes --]
Marius Bakke <mbakke@fastmail.com> skrev: (2 februari 2019 20:20:23 CET)
>Thanks to Marks beautiful "computed-origin-method", Ungoogled-Chromium
>is finally ready for inclusion in Guix.
>
>Features:
>* Chromium 72.
>* No unsolicited network traffic.
>* Free software only.
>* No DRM.
>* Not an April Fools joke.
>
>It's currently using my trivial "fork" of Ungoogled-Chromium[0], which
>will be upstreamed once the upstream reorganization[1] is done.
>
>Comments appreciated!
>
>[0]:
>https://github.com/mbakke/ungoogled-chromium/commit/f9b9074c322a67b04baf0982797cd7b7e09614b5
>[1]: https://github.com/Eloston/ungoogled-chromium/issues/651
>
>* gnu/packages/aux-files/chromium/master-preferences.json,
>gnu/packages/chromium.scm: New files.
>* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
>---
> gnu/local.mk | 1 +
> .../chromium/master-preferences.json | 26 +
> gnu/packages/chromium.scm | 741 ++++++++++++++++++
> 3 files changed, 768 insertions(+)
>create mode 100644
>gnu/packages/aux-files/chromium/master-preferences.json
> create mode 100644 gnu/packages/chromium.scm
>
>diff --git a/gnu/local.mk b/gnu/local.mk
>index 82db1488d6..b5e937cdd7 100644
>--- a/gnu/local.mk
>+++ b/gnu/local.mk
>@@ -100,6 +100,7 @@ GNU_SYSTEM_MODULES = \
> %D%/packages/check.scm \
> %D%/packages/chemistry.scm \
> %D%/packages/chez.scm \
>+ %D%/packages/chromium.scm \
> %D%/packages/ci.scm \
> %D%/packages/cinnamon.scm \
> %D%/packages/clojure.scm \
>diff --git a/gnu/packages/aux-files/chromium/master-preferences.json
>b/gnu/packages/aux-files/chromium/master-preferences.json
>new file mode 100644
>index 0000000000..0caa7cc4cd
>--- /dev/null
>+++ b/gnu/packages/aux-files/chromium/master-preferences.json
>@@ -0,0 +1,26 @@
>+{
>+ "distribution": {
>+ "import_bookmarks": false,
>+ "make_chrome_default": false,
>+ "make_chrome_default_for_user": false,
>+ "verbose_logging": true,
>+ "skip_first_run_ui": true,
>+ "suppress_first_run_default_browser_prompt": true
>+ },
>+ "browser": {
>+ "has_seen_welcome_page" : true,
>+ "check_default_browser" : false
>+ },
>+ "dns_prefetching": {
>+ "enabled": false
>+ },
>+ "alternate_error_pages": {
>+ "enabled": false
>+ },
>+ "hardware": {
>+ "audio_capture_enabled": false
>+ },
>+ "default_apps": "noinstall",
>+ "hide_web_store_icon": true,
>+ "homepage": "https://www.gnu.org/software/guix"
>+}
>diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
>new file mode 100644
>index 0000000000..eb404246d3
>--- /dev/null
>+++ b/gnu/packages/chromium.scm
>@@ -0,0 +1,741 @@
>+;;; GNU Guix --- Functional package management for GNU
>+;;; Copyright © 2019 Marius Bakke <mbakke@fastmail.com>
>+;;;
>+;;; GNU Guix is free software; you can redistribute it and/or modify
>it
>+;;; under the terms of the GNU General Public License as published by
>+;;; the Free Software Foundation; either version 3 of the License, or
>(at
>+;;; your option) any later version.
>+;;;
>+;;; GNU Guix is distributed in the hope that it will be useful, but
>+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
>+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>+;;; GNU General Public License for more details.
>+;;;
>+;;; You should have received a copy of the GNU General Public License
>+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
>+
>+(define-module (gnu packages chromium)
>+ #:use-module ((guix licenses) #:prefix license:)
>+ #:use-module (guix packages)
>+ #:use-module (guix gexp)
>+ #:use-module (guix store)
>+ #:use-module (guix monads)
>+ #:use-module (guix download)
>+ #:use-module (guix git-download)
>+ #:use-module (guix utils)
>+ #:use-module (guix build-system gnu)
>+ #:use-module (gnu packages)
>+ #:use-module (gnu packages assembly)
>+ #:use-module (gnu packages base)
>+ #:use-module (gnu packages bison)
>+ #:use-module (gnu packages build-tools)
>+ #:use-module (gnu packages compression)
>+ #:use-module (gnu packages cups)
>+ #:use-module (gnu packages curl)
>+ #:use-module (gnu packages fontutils)
>+ #:use-module (gnu packages gcc)
>+ #:use-module (gnu packages ghostscript)
>+ #:use-module (gnu packages gl)
>+ #:use-module (gnu packages glib)
>+ #:use-module (gnu packages gnome)
>+ #:use-module (gnu packages gnuzilla)
>+ #:use-module (gnu packages gperf)
>+ #:use-module (gnu packages gtk)
>+ #:use-module (gnu packages icu4c)
>+ #:use-module (gnu packages image)
>+ #:use-module (gnu packages libevent)
>+ #:use-module (gnu packages libffi)
>+ #:use-module (gnu packages linux)
>+ #:use-module (gnu packages kerberos)
>+ #:use-module (gnu packages ninja)
>+ #:use-module (gnu packages node)
>+ #:use-module (gnu packages pciutils)
>+ #:use-module (gnu packages pkg-config)
>+ #:use-module (gnu packages pulseaudio)
>+ #:use-module (gnu packages python)
>+ #:use-module (gnu packages python-web)
>+ #:use-module (gnu packages python-xyz)
>+ #:use-module (gnu packages regex)
>+ #:use-module (gnu packages serialization)
>+ #:use-module (gnu packages speech)
>+ #:use-module (gnu packages tls)
>+ #:use-module (gnu packages valgrind)
>+ #:use-module (gnu packages vulkan)
>+ #:use-module (gnu packages video)
>+ #:use-module (gnu packages xiph)
>+ #:use-module (gnu packages xml)
>+ #:use-module (gnu packages xdisorg)
>+ #:use-module (gnu packages xorg))
>+
>+(define %preserved-third-party-files
>+ '("base/third_party/dmg_fp" ;X11-style
>+ "base/third_party/dynamic_annotations" ;BSD-2
>+ "base/third_party/icu" ;Unicode, X11-style
>+ "base/third_party/superfasthash" ;BSD-3
>+ "base/third_party/symbolize" ;BSD-3
>+ "base/third_party/xdg_mime" ;LGPL2.1+ or Academic 2.0
>+ "base/third_party/xdg_user_dirs" ;Expat
>+ "chrome/third_party/mozilla_security_manager"
>;MPL-1.1/GPL2+/LGPL2.1+
>+ "courgette/third_party/bsdiff" ;BSD-2, BSD protection license
>+ "courgette/third_party/divsufsort" ;Expat
>+ "net/third_party/http2" ;BSD-3
>+ "net/third_party/mozilla_security_manager" ;MPL-1.1/GPL2+/LGPL2.1+
>+ "net/third_party/nss" ;MPL-2.0
>+ "net/third_party/quic" ;BSD-3
>+ "net/third_party/spdy" ;BSD-3
>+ "net/third_party/uri_template" ;ASL2.0
>+ "third_party/abseil-cpp" ;ASL2.0
>+ "third_party/adobe/flash/flapper_version.h" ;no license, trivial
>+ "third_party/angle" ;BSD-3
>+ "third_party/angle/src/common/third_party/base" ;BSD-3
>+ "third_party/angle/src/common/third_party/smhasher" ;Public domain
>+ "third_party/angle/src/common/third_party/xxhash" ;BSD-2
>+ "third_party/angle/src/third_party/compiler" ;BSD-2
>+ "third_party/angle/src/third_party/libXNVCtrl" ;Expat
>+ "third_party/angle/src/third_party/trace_event" ;BSD-3
>+ "third_party/angle/third_party/glslang" ;BSD-3
>+ "third_party/angle/third_party/spirv-headers" ;Expat
>+ "third_party/angle/third_party/spirv-tools" ;Expat
>+ "third_party/angle/third_party/vulkan-headers" ;ASL2.0
>+ "third_party/angle/third_party/vulkan-loader" ;ASL2.0
>+ "third_party/angle/third_party/vulkan-tools" ;ASL2.0
>+ "third_party/angle/third_party/vulkan-validation-layers" ;ASL2.0
>+ "third_party/apple_apsl" ;APSL2.0
>+ "third_party/blink" ;BSD-3
>+ "third_party/boringssl" ;OpenSSL/ISC (Google additions are ISC)
>+ "third_party/boringssl/src/third_party/fiat" ;Expat
>+ "third_party/breakpad" ;BSD-3
>+ "third_party/brotli" ;Expat
>+ "third_party/cacheinvalidation" ;ASL2.0
>+ "third_party/catapult" ;BSD-3
>+ "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
>;ASL2.0
>+ "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
>;ASL2.0
>+ "third_party/catapult/third_party/polymer" ;BSD-3
>+ "third_party/catapult/tracing/third_party/d3" ;BSD-3
>+ "third_party/catapult/tracing/third_party/gl-matrix" ;Expat
>+ "third_party/catapult/tracing/third_party/jszip" ;Expat or GPL3
>+ "third_party/catapult/tracing/third_party/mannwhitneyu" ;Expat
>+ "third_party/catapult/tracing/third_party/oboe" ;BSD-2
>+ "third_party/catapult/tracing/third_party/pako" ;Expat
>+ "third_party/ced" ;BSD-3
>+ "third_party/cld_3" ;ASL2.0
>+ "third_party/closure_compiler" ;ASL2.0
>+ "third_party/crashpad" ;ASL2.0
>+ "third_party/crashpad/crashpad/third_party/zlib/zlib_crashpad.h"
>;Zlib
>+ "third_party/crc32c" ;BSD-3
>+ "third_party/cros_system_api" ;BSD-3
>+ "third_party/dom_distiller_js" ;BSD-3
>+ "third_party/fips181" ;BSD-3
>+ "third_party/flatbuffers" ;ASL2.0
>+ "third_party/google_input_tools" ;ASL2.0
>+ "third_party/google_input_tools/third_party/closure_library"
>;ASL2.0
>+
>"third_party/google_input_tools/third_party/closure_library/third_party/closure"
>;Expat
>+ "third_party/googletest" ;BSD-3
>+ "third_party/hunspell" ;MPL1.1/GPL2+/LGPL2.1+
>+ "third_party/iccjpeg" ;IJG
>+ "third_party/inspector_protocol" ;BSD-3
>+ "third_party/jinja2" ;BSD-3
>+ "third_party/jstemplate" ;ASL2.0
>+ "third_party/khronos" ;Expat, SGI
>+ "third_party/leveldatabase" ;BSD-3
>+ "third_party/libXNVCtrl" ;Expat
>+ "third_party/libaddressinput" ;ASL2.0
>+ "third_party/libaom" ;BSD-2 or "Alliance for Open Media Patent
>License 1.0"
>+ "third_party/libaom/source/libaom/third_party/vector" ;Expat
>+ "third_party/libaom/source/libaom/third_party/x86inc" ;ISC
>+ "third_party/libjingle_xmpp" ;BSD-3
>+ "third_party/libphonenumber" ;ASL2.0
>+ "third_party/libsecret" ;LGPL2.1+
>+ "third_party/libsrtp" ;BSD-3
>+ "third_party/libsync" ;ASL2.0
>+ "third_party/libudev" ;LGPL2.1+
>+ "third_party/libwebm" ;BSD-3
>+ "third_party/libxml/chromium" ;BSD-3
>+ "third_party/libyuv" ;BSD-3
>+ "third_party/lss" ;BSD-3
>+ "third_party/markupsafe" ;BSD-3
>+ "third_party/mesa_headers" ;Expat, SGI
>+ "third_party/metrics_proto" ;BSD-3
>+ "third_party/modp_b64" ;BSD-3
>+ "third_party/nasm" ;BSD-2
>+ "third_party/node" ;Expat
>+
>"third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2"
>;BSD-2
>+ "third_party/ots" ;BSD-3
>+ "third_party/pdfium" ;BSD-3
>+ "third_party/pdfium/third_party/agg23" ;Expat
>+ "third_party/pdfium/third_party/base" ;BSD-3
>+ "third_party/pdfium/third_party/bigint" ;Public domain, BSD-3
>+ "third_party/pdfium/third_party/skia_shared" ;BSD-3
>+ "third_party/pdfium/third_party/freetype/include/pstables.h"
>;FreeType
>+ "third_party/ply" ;BSD-3
>+ "third_party/polymer" ;BSD-3
>+ "third_party/protobuf" ;BSD-3
>+ "third_party/protobuf/third_party/six" ;Expat
>+ "third_party/pyjson5" ;ASL2.0
>+ "third_party/qcms" ;Expat
>+ "third_party/rnnoise" ;BSD-3
>+ "third_party/s2cellid" ;ASL2.0
>+ "third_party/sfntly" ;ASL2.0
>+ "third_party/skia" ;BSD-3
>+ "third_party/skia/third_party/gif" ;MPL1.1/GPL2+/LGPL2.1+
>+ "third_party/skia/third_party/skcms" ;BSD-3
>+ "third_party/skia/third_party/vulkan" ;BSD-3
>+ "third_party/smhasher" ;Expat, public domain
>+ "third_party/speech-dispatcher" ;GPL2+
>+ "third_party/spirv-headers" ;ASL2.0
>+ "third_party/SPIRV-Tools" ;ASL2.0
>+ "third_party/sqlite" ;Public domain
>+ "third_party/ungoogled" ;BSD-3
>+ "third_party/usb_ids" ;BSD-3
>+ "third_party/usrsctp" ;BSD-2
>+ "third_party/web-animations-js" ;ASL2.0
>+ "third_party/webdriver" ;ASL2.0
>+ "third_party/webrtc" ;BSD-3
>+ "third_party/webrtc/common_audio/third_party/fft4g" ;Non-copyleft
>+ "third_party/webrtc/common_audio/third_party/spl_sqrt_floor"
>;Public domain
>+ "third_party/webrtc/modules/third_party/fft" ;Non-copyleft
>+ "third_party/webrtc/modules/third_party/g711" ;Public domain
>+ "third_party/webrtc/modules/third_party/g722" ;Public domain
>+ "third_party/webrtc/rtc_base/third_party/base64" ;Non-copyleft
>+ "third_party/webrtc/rtc_base/third_party/sigslot" ;Public domain
>+ "third_party/widevine/cdm/widevine_cdm_version.h" ;BSD-3
>+ "third_party/widevine/cdm/widevine_cdm_common.h" ;BSD-3
>+ "third_party/woff2" ;ASL2.0
>+ "third_party/xdg-utils" ;Expat
>+ "third_party/yasm/run_yasm.py" ;BSD-2 or BSD-3
>+ "third_party/zlib/google" ;BSD-3
>+ "url/third_party/mozilla" ;BSD-3, MPL1.1/GPL2+/LGPL2.1+
>+ "v8/src/third_party/utf8-decoder" ;Expat
>+ "v8/src/third_party/valgrind" ;BSD-4
>+ "v8/third_party/inspector_protocol" ;BSD-3
>+ "v8/third_party/v8/builtins")) ;PSFL
>+
>+(define* (computed-origin-method gexp-promise hash-algo hash
>+ #:optional (name "source")
>+ #:key (system (%current-system))
>+ (guile (default-guile)))
>+ "Return a derivation that executes the G-expression that results
>+from forcing GEXP-PROMISE."
>+ (mlet %store-monad ((guile (package->derivation guile system)))
>+ (gexp->derivation (or name "computed-origin")
>+ (force gexp-promise)
>+ #:system system
>+ #:guile-for-build guile)))
>+
>+(define %chromium-version "72.0.3626.81")
>+(define %ungoogled-revision
>"f9b9074c322a67b04baf0982797cd7b7e09614b5")
>+
>+;; This is a computed origin that does the following:
>+;; 1) Runs the Ungoogled scripts on a pristine Chromium tarball.
>+;; 2) Prunes all third_party folders that are not explicitly
>preserved.
>+;; 3) Adjusts "GN" build files such that system libraries are
>preferred.
>+(define ungoogled-chromium-source
>+ (let* ((chromium-source
>+ (origin
>+ (method url-fetch)
>+ (uri (string-append
>"https://commondatastorage.googleapis.com"
>+ "/chromium-browser-official/chromium-"
>+ %chromium-version ".tar.xz"))
>+ (sha256
>+ (base32
>+
>"01l0vlvcckpag376mjld7qprv63l0z8li689k0h6v3h0i7irzs6z"))))
>+ (ungoogled-source
>+ (origin
>+ (method git-fetch)
>+ (uri (git-reference (url
>"https://github.com/mbakke/ungoogled-chromium")
>+ (commit %ungoogled-revision)))
>+ (file-name (git-file-name "ungoogled-chromium"
>+ (string-take %ungoogled-revision
>7)))
>+ (sha256
>+ (base32
>+
>"0gmk1n3i7lbm7rw8zl4df171yhvrlimj8ksj096bf2dlfhbd44rb")))))
>+
>+ (origin
>+ (method computed-origin-method)
>+ (file-name (string-append "ungoogled-chromium-"
>%chromium-version ".tar.xz"))
>+ (sha256 #f)
>+ (uri
>+ (delay
>+ (with-imported-modules '((guix build utils))
>+ #~(begin
>+ (use-modules (guix build utils))
>+ (let ((chromium-dir (string-append "chromium-"
>#$%chromium-version))
>+ (preserved-files (list
>#$@%preserved-third-party-files)))
>+
>+ (mkdir "/tmp/bin")
>+ (set-path-environment-variable
>+ "PATH" '("bin")
>+ (list "/tmp"
>+ #+(canonical-package patch)
>+ #+(canonical-package xz)
>+ #+(canonical-package tar)
>+ #+python-2
>+ #+python))
>+
>+ (copy-recursively #+ungoogled-source
>"/tmp/ungoogled")
>+
>+ (with-directory-excursion "/tmp/ungoogled"
>+
>+ (format #t "Unpacking chromium tarball...~%")
>+ (force-output)
>+ (invoke "tar" "xf" #+chromium-source)
>+
>+ (format #t "Ungooglifying...~%")
>+ (force-output)
>+ (invoke "python3" "run_buildkit_cli.py" "prune"
>+ "-b" "config_bundles/guix" chromium-dir)
>+ (invoke "python3" "run_buildkit_cli.py" "patches"
>"apply"
>+ "-b" "config_bundles/guix" chromium-dir)
>+ (invoke "python3" "run_buildkit_cli.py" "domains"
>"apply"
>+ "-b" "config_bundles/linux_rooted"
>+ "-c" "/tmp/domainscache.tar.gz"
>chromium-dir)
>+
>+ (with-directory-excursion chromium-dir
>+ (format #t "Pruning third party files...~%")
>+ (force-output)
>+ (apply invoke "python"
>+
>"build/linux/unbundle/remove_bundled_libraries.py"
>+ "--do-remove" preserved-files)
>+
>+ (format #t "Replacing GN files...~%")
>+ (force-output)
>+ (invoke "python3"
>"build/linux/unbundle/replace_gn_files.py"
>+ "--system-libraries" "ffmpeg" "flac"
>"fontconfig"
>+ "freetype" "harfbuzz-ng" "icu" "libdrm"
>"libevent"
>+ "libjpeg" "libpng" "libvpx" "libwebp"
>"libxml"
>+ "libxslt" "openh264" "opus" "re2"
>"snappy" "yasm"
>+ "zlib"))
>+
>+ (format #t (string-append "Packing new Ungoogled
>tarball ...~%"))
>+ (force-output)
>+ (invoke "tar" "cvfa" #$output
>+ ;; Avoid non-determinism in the archive.
>+ "--mtime=@0"
>+ "--owner=root:0"
>+ "--group=root:0"
>+ "--sort=name"
>+ chromium-dir)
>+
>+ #t)))))))))
>+
>+(define opus+custom
>+ (package/inherit opus
>+ (name "opus+custom")
>+ (arguments
>+ (substitute-keyword-arguments (package-arguments opus)
>+ ((#:configure-flags flags ''())
>+ ;; Opus Custom is an optional extension of the Opus
>+ ;; specification that allows for unsupported frame
>+ ;; sizes. Chromium requires that this is enabled.
>+ `(cons "--enable-custom-modes"
>+ ,flags))))))
>+
>+(define libvpx/chromium
>+ ;; Chromium 66 and later requires an unreleased libvpx, so we take
>the
>+ ;; commit from "third_party/libvpx/README.chromium" in the tarball.
>+ (let ((version (package-version libvpx))
>+ (commit "e188b5435de71bcd602c378f1ac0441111f0f915")
>+ (revision "0"))
>+ (package/inherit libvpx
>+ (name "libvpx-chromium")
>+ (version (git-version version revision commit))
>+ (source (origin
>+ (method git-fetch)
>+ (uri (git-reference
>+ (url
>"https://chromium.googlesource.com/webm/libvpx")
>+ (commit commit)))
>+ (file-name (git-file-name name version))
>+ (sha256
>+ (base32
>+
>"0v7lzvgy45zh7zwzmmzkvbcqmhs4xa97z0h97hd3j6myrxcfz1n9")))))))
>+
>+;; Transitional package until HarfBuzz 2.2 is available in Guix master
>branch.
>+(define harfbuzz/chromium
>+ (package/inherit harfbuzz
>+ (version "2.2.0")
>+ (source (origin
>+ (inherit (package-source harfbuzz))
>+ (uri (string-append
>"https://www.freedesktop.org/software/harfbuzz"
>+ "/release/harfbuzz-" version
>".tar.bz2"))
>+ (sha256
>+ (base32
>+
>"047q63jr513azf3g1y7f5xn60b4jdjs9zsmrx04sfw5rasyzrk5p"))))))
>+
>+(define-public ungoogled-chromium
>+ (package
>+ (name "ungoogled-chromium")
>+ (version %chromium-version)
>+ (synopsis "Graphical web browser")
>+ (source ungoogled-chromium-source)
>+ (build-system gnu-build-system)
>+ (arguments
>+ `(#:tests? #f
>+ ;; FIXME: There is a "gn" option specifically for setting
>-rpath, but
>+ ;; it overrides the RUNPATH set by the linker.
>+ #:validate-runpath? #f
>+ #:modules ((guix build gnu-build-system)
>+ (guix build utils)
>+ (ice-9 ftw)
>+ (ice-9 regex)
>+ (srfi srfi-26))
>+ #:configure-flags
>+ ;; See tools/gn/docs/cookbook.md and
>+ ;; https://www.chromium.org/developers/gn-build-configuration
>+ ;; for usage. Run "./gn args . --list" in the Release
>+ ;; directory for an exhaustive list of supported flags.
>+ ;; (Note: The 'configure' phase will do that for you.)
>+ (list "is_debug=false"
>+ "use_gold=false"
>+ "use_lld=false"
>+ "linux_use_bundled_binutils=false"
>+ "use_custom_libcxx=false"
>+ "use_sysroot=false"
>+ "enable_precompiled_headers=false"
>+ "goma_dir=\"\""
>+ "enable_nacl=false"
>+ "enable_nacl_nonsfi=false"
>+ "use_allocator=\"none\"" ;don't use tcmalloc
>+ "use_unofficial_version_number=false"
>+
>+ ;; Define a custom toolchain that simply looks up CC, AR
>and
>+ ;; friends from the environment.
>+
>"custom_toolchain=\"//build/toolchain/linux/unbundle:default\""
>+
>"host_toolchain=\"//build/toolchain/linux/unbundle:default\""
>+
>+ ;; Don't assume it's clang.
>+ "is_clang=false"
>+
>+ ;; Optimize for building everything at once, as opposed
>to
>+ ;; incrementally for development. See "docs/jumbo.md".
>+ "use_jumbo_build=true"
>+
>+ ;; Disable type-checking for the Web UI to avoid a Java
>dependency.
>+ "closure_compile=false"
>+
>+ ;; Disable debugging features to save space.
>+ "blink_symbol_level=0"
>+ "enable_iterator_debugging=false"
>+
>+ ;; Some of the unbundled libraries throws deprecation
>+ ;; warnings, etc. Ignore it.
>+ "treat_warnings_as_errors=false"
>+
>+ ;; Don't add any API keys. End users can set them in the
>+ ;; environment if desired. See
>+ ;;
><https://www.chromium.org/developers/how-tos/api-keys>.
>+ "use_official_google_api_keys=false"
>+
>+ ;; Disable "safe browsing", which pulls in a dependency
>on
>+ ;; the nonfree "unrar" program (as of m66).
>+ "safe_browsing_mode=0"
>+
>+ ;; Disable "field trials".
>+ "fieldtrial_testing_like_official_build=true"
>+
>+ ;; Ungoogled components.
>+ "enable_mdns=false"
>+ "enable_one_click_signin=false"
>+ "enable_reading_list=false"
>+ "enable_remoting=false"
>+ "enable_reporting=false"
>+ "enable_service_discovery=false"
>+ "enable_swiftshader=false"
>+ "use_vaapi=true"
>+
>+ ;; Use system libraries where possible.
>+ "use_system_freetype=true"
>+ "use_system_harfbuzz=true"
>+ "use_system_lcms2=true"
>+ "use_system_libdrm=true"
>+ "use_system_libjpeg=true"
>+ "use_system_libpng=true"
>+ ;;"use_system_libsync=true"
>+ "use_system_zlib=true"
>+
>+ "use_gnome_keyring=false" ;deprecated by libsecret
>+ "use_openh264=true"
>+ "use_pulseaudio=true"
>+ "link_pulseaudio=true"
>+
>+ ;; Don't arbitrarily restrict formats supported by system
>ffmpeg.
>+ "proprietary_codecs=true"
>+ "ffmpeg_branding=\"Chrome\""
>+
>+ ;; WebRTC stuff.
>+ "rtc_use_h264=true"
>+ ;; Don't use bundled sources.
>+ "rtc_build_json=false"
>+ "rtc_build_libevent=false"
>+ "rtc_build_libvpx=false"
>+ "rtc_build_opus=false"
>+ "rtc_build_ssl=false"
>+
>+ "rtc_build_libsrtp=true" ;FIXME: fails to find headers
>+ "rtc_build_usrsctp=true" ;TODO: package this
>+ (string-append "rtc_jsoncpp_root=\""
>+ (assoc-ref %build-inputs "jsoncpp")
>+ "/include/jsoncpp/json\"")
>+ (string-append "rtc_ssl_root=\""
>+ (assoc-ref %build-inputs "openssl")
>+ "/include/openssl\""))
>+ #:phases
>+ (modify-phases %standard-phases
>+ (add-after 'unpack 'patch-stuff
>+ (lambda* (#:key inputs #:allow-other-keys)
>+ (substitute* "printing/cups_config_helper.py"
>+ (("cups_config =.*")
>+ (string-append "cups_config = '" (assoc-ref inputs
>"cups")
>+ "/bin/cups-config'\n")))
>+
>+ (substitute*
>+ '("base/process/launch_posix.cc"
>+
>"base/third_party/dynamic_annotations/dynamic_annotations.c"
>+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
>+ "sandbox/linux/services/credentials.cc"
>+ "sandbox/linux/services/namespace_utils.cc"
>+ "sandbox/linux/services/syscall_wrappers.cc"
>+ "sandbox/linux/syscall_broker/broker_host.cc")
>+ (("include \"base/third_party/valgrind/") "include
>\"valgrind/"))
>+
>+ (for-each (lambda (file)
>+ (substitute* file
>+ ;; Fix opus include path.
>+ ;; Do not substitute opus_private.h.
>+ (("#include \"opus\\.h\"")
>+ "#include \"opus/opus.h\"")
>+ (("#include \"opus_custom\\.h\"")
>+ "#include \"opus/opus_custom.h\"")
>+ (("#include \"opus_defines\\.h\"")
>+ "#include \"opus/opus_defines.h\"")
>+ (("#include \"opus_multistream\\.h\"")
>+ "#include \"opus/opus_multistream.h\"")
>+ (("#include \"opus_types\\.h\"")
>+ "#include \"opus/opus_types.h\"")))
>+ (find-files (string-append
>"third_party/webrtc/modules"
>+
>"/audio_coding/codecs/opus")))
>+
>+ (substitute* "chrome/common/chrome_paths.cc"
>+ (("/usr/share/chromium/extensions")
>+ ;; TODO: Add ~/.guix-profile.
>+
>"/run/current-system/profile/share/chromium/extensions"))
>+
>+ ;; XXX: Should be unnecessary when use_system_lcms2=true.
>+ (substitute*
>"third_party/pdfium/core/fxcodec/codec/ccodec_iccmodule.h"
>+ (("include \"third_party/lcms/include/lcms2\\.h\"")
>+ "include \"lcms2.h\""))
>+
>+ (substitute*
>+
>"third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
>+ (("include \"third_party/curl") "include \"curl"))
>+
>+ (substitute* "third_party/webrtc/rtc_base/strings/json.h"
>+ (("#include \"third_party/jsoncpp/") "#include
>\"json/"))
>+
>+ (substitute* "media/base/decode_capabilities.cc"
>+ (("third_party/libvpx/source/libvpx/") ""))
>+
>+ (substitute* "ui/gfx/skia_util.h"
>+ (("third_party/vulkan/include/") ""))
>+
>+ ;; Building chromedriver embeds some files using the ZIP
>+ ;; format which doesn't support timestamps before
>+ ;; 1980. Therefore, advance the timestamps of the files
>+ ;; which are included so that building chromedriver
>+ ;; works.
>+ (let ((circa-1980 (* 10 366 24 60 60)))
>+ (for-each (lambda (file)
>+ (utime file circa-1980 circa-1980))
>+
>'("chrome/test/chromedriver/extension/background.js"
>+
>"chrome/test/chromedriver/extension/manifest.json")))
>+
>+ #t))
>+ (add-before 'configure 'prepare-build-environment
>+ (lambda* (#:key inputs #:allow-other-keys)
>+
>+ ;; Make sure the right build tools are used.
>+ (setenv "AR" "ar") (setenv "NM" "nm")
>+ (setenv "CC" "gcc") (setenv "CXX" "g++")
>+
>+ ;; Work around <https://bugs.gnu.org/30756>.
>+ (unsetenv "C_INCLUDE_PATH")
>+ (unsetenv "CPLUS_INCLUDE_PATH")
>+
>+ ;; TODO: pre-compile instead. Avoids a race condition.
>+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
>+
>+ ;; XXX: How portable is this.
>+ (mkdir-p "third_party/node/linux/node-linux-x64")
>+ (symlink (string-append (assoc-ref inputs "node") "/bin")
>+ "third_party/node/linux/node-linux-x64/bin")
>+
>+ #t))
>+ (replace 'configure
>+ (lambda* (#:key configure-flags #:allow-other-keys)
>+ (let ((args (string-join configure-flags " ")))
>+ ;; Generate ninja build files.
>+ (invoke "gn" "gen" "out/Release"
>+ (string-append "--args=" args))
>+
>+ ;; Print the full list of supported arguments as well
>as
>+ ;; their current status for convenience.
>+ (format #t "Dumping configure flags...\n")
>+ (invoke "gn" "args" "out/Release" "--list"))))
>+ (replace 'build
>+ (lambda* (#:key outputs #:allow-other-keys)
>+ (invoke "ninja" "-C" "out/Release"
>+ "-j" (number->string (parallel-job-count))
>+ "chrome"
>+ "chromedriver")))
>+ (replace 'install
>+ (lambda* (#:key inputs outputs #:allow-other-keys)
>+ (let* ((out (assoc-ref outputs "out"))
>+ (bin (string-append out "/bin"))
>+ (exe (string-append bin "/chromium"))
>+ (lib (string-append out "/lib"))
>+ (man (string-append out
>"/share/man/man1"))
>+ (applications (string-append out
>"/share/applications"))
>+ (install-regexp (make-regexp "\\.(bin|pak)$"))
>+ (locales (string-append lib "/locales"))
>+ (resources (string-append lib "/resources"))
>+ (preferences (assoc-ref inputs
>"master-preferences"))
>+ (gtk+ (assoc-ref inputs "gtk+"))
>+ (mesa (assoc-ref inputs "mesa"))
>+ (nss (assoc-ref inputs "nss"))
>+ (udev (assoc-ref inputs "udev"))
>+ (sh (which "sh")))
>+
>+ (substitute* '("chrome/app/resources/manpage.1.in"
>+
>"chrome/installer/linux/common/desktop.template")
>+ (("@@MENUNAME@@") "Chromium")
>+ (("@@PACKAGE@@") "chromium")
>+ (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
>+
>+ (mkdir-p man)
>+ (copy-file "chrome/app/resources/manpage.1.in"
>+ (string-append man "/chromium.1"))
>+
>+ (mkdir-p applications)
>+ (copy-file
>"chrome/installer/linux/common/desktop.template"
>+ (string-append applications
>"/chromium.desktop"))
>+
>+ (mkdir-p lib)
>+ (copy-file preferences (string-append lib
>"/master_preferences"))
>+
>+ (with-directory-excursion "out/Release"
>+ (for-each (lambda (file)
>+ (install-file file lib))
>+ (scandir "." (cut regexp-exec
>install-regexp <>)))
>+ (copy-file "chrome" (string-append lib "/chromium"))
>+
>+ ;; TODO: Install icons from "../../chrome/app/themes"
>into
>+ ;; "out/share/icons/hicolor/$size".
>+ (install-file
>+ "product_logo_48.png"
>+ (string-append out
>"/share/icons/48x48/chromium.png"))
>+
>+ (copy-recursively "locales" locales)
>+ (copy-recursively "resources" resources)
>+
>+ (mkdir-p bin)
>+ (symlink "../lib/chromium" exe)
>+ (install-file "chromedriver" bin)
>+
>+ (wrap-program exe
>+ ;; TODO: Get these in RUNPATH.
>+ `("LD_LIBRARY_PATH" ":" prefix
>+ (,(string-append lib ":" nss "/lib/nss:" gtk+
>"/lib:"
>+ mesa "/lib:" udev "/lib")))
>+ ;; Avoid file manager crash. See
><https://bugs.gnu.org/26593>.
>+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+
>"/share"))))
>+ #t)))))))
>+ (native-inputs
>+ `(("bison" ,bison)
>+ ("gcc" ,gcc-8)
>+ ("gn" ,gn)
>+ ("gperf" ,gperf)
>+ ("ninja" ,ninja)
>+ ("node" ,node)
>+ ("pkg-config" ,pkg-config)
>+ ("which" ,which)
>+ ("yasm" ,yasm)
>+
>+ ;; This file contains defaults for new user profiles.
>+ ("master-preferences" ,(local-file
>"aux-files/chromium/master-preferences.json"))
>+
>+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
>+ ("python-html5lib" ,python2-html5lib)
>+ ("python" ,python-2)))
>+ (inputs
>+ `(("alsa-lib" ,alsa-lib)
>+ ("atk" ,atk)
>+ ("cups" ,cups)
>+ ("curl" ,curl)
>+ ("dbus" ,dbus)
>+ ("dbus-glib" ,dbus-glib)
>+ ("expat" ,expat)
>+ ("flac" ,flac)
>+ ("ffmpeg" ,ffmpeg)
>+ ("fontconfig" ,fontconfig)
>+ ("freetype" ,freetype)
>+ ("gdk-pixbuf" ,gdk-pixbuf)
>+ ("glib" ,glib)
>+ ("gtk+" ,gtk+)
>+ ("harfbuzz" ,harfbuzz/chromium)
>+ ("icu4c" ,icu4c)
>+ ("jsoncpp" ,jsoncpp)
>+ ("lcms" ,lcms)
>+ ("libevent" ,libevent)
>+ ("libffi" ,libffi)
>+ ("libjpeg-turbo" ,libjpeg-turbo)
>+ ("libpng" ,libpng)
>+ ("libva" ,libva)
>+ ("libvpx" ,libvpx/chromium)
>+ ("libwebp" ,libwebp)
>+ ("libx11" ,libx11)
>+ ("libxcb" ,libxcb)
>+ ("libxcomposite" ,libxcomposite)
>+ ("libxcursor" ,libxcursor)
>+ ("libxdamage" ,libxdamage)
>+ ("libxext" ,libxext)
>+ ("libxfixes" ,libxfixes)
>+ ("libxi" ,libxi)
>+ ("libxml2" ,libxml2)
>+ ("libxrandr" ,libxrandr)
>+ ("libxrender" ,libxrender)
>+ ("libxscrnsaver" ,libxscrnsaver)
>+ ("libxslt" ,libxslt)
>+ ("libxtst" ,libxtst)
>+ ("mesa" ,mesa)
>+ ("minizip" ,minizip)
>+ ("mit-krb5" ,mit-krb5)
>+ ("nss" ,nss)
>+ ("openh264" ,openh264)
>+ ("openjpeg" ,openjpeg) ;PDFium only
>+ ("openssl" ,openssl)
>+ ("opus" ,opus+custom)
>+ ("pango" ,pango)
>+ ("pciutils" ,pciutils)
>+ ("pulseaudio" ,pulseaudio)
>+ ("re2" ,re2)
>+ ("snappy" ,snappy)
>+ ("speech-dispatcher" ,speech-dispatcher)
>+ ("udev" ,eudev)
>+ ("valgrind" ,valgrind)
>+ ("vulkan-headers" ,vulkan-headers)))
>+ (home-page "https://www.chromium.org/")
>+ (description
>+ "Ungoogled-Chromium is the Chromium web browser, sans integration
>with
>+Google web services.")
>+ ;; Chromium is developed as BSD-3, but bundles a large number of
>third-party
>+ ;; components with other licenses. For full information, see
>chrome://credits.
>+ (license (list license:bsd-3
>+ license:bsd-2
>+ license:expat
>+ license:asl2.0
>+ license:mpl1.1
>+ license:mpl2.0
>+ license:public-domain
>+ license:isc
>+ (license:non-copyleft "chrome://credits"
>+ "See chrome://credits for
>more information.")
>+ license:lgpl2.1+))))
>--
>2.20.1
Wow.
Nice work! 😃
--
Sent from my k-9 mail for Android.
[-- Attachment #2: Type: text/html, Size: 38621 bytes --]
^ permalink raw reply [flat|nested] 91+ messages in thread
end of thread, other threads:[~2019-02-05 5:34 UTC | newest]
Thread overview: 91+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
2017-08-07 20:23 ` ng0
2017-08-07 21:16 ` Marius Bakke
2017-08-08 5:53 ` ng0
2017-08-08 13:18 ` ng0
2017-08-08 14:22 ` ng0
2017-08-08 15:44 ` ng0
2017-08-08 18:59 ` ng0
2017-08-08 19:51 ` Leo Famulari
2017-08-08 20:46 ` ng0
2017-08-10 5:31 ` Efraim Flashner
2017-08-31 7:36 ` ng0
2017-10-10 13:19 ` ng0
2017-10-11 19:52 ` Ludovic Courtès
2017-10-12 19:56 ` Leo Famulari
2017-10-12 20:28 ` ng0
2017-10-13 6:51 ` Ludovic Courtès
2017-10-18 22:41 ` Marius Bakke
2017-10-19 5:48 ` ng0
2017-10-24 21:11 ` Marius Bakke
2017-11-05 23:52 ` Marius Bakke
2017-11-10 11:33 ` Adonay Felipe Nogueira
2018-01-04 19:16 ` ng0
2018-01-08 21:56 ` Marius Bakke
2018-01-08 23:20 ` ng0
2018-01-08 23:40 ` Marius Bakke
2018-01-12 0:09 ` Marius Bakke
2018-01-13 19:02 ` ng0
2018-01-13 19:13 ` ng0
2018-01-14 12:10 ` ng0
2018-01-16 14:18 ` Ludovic Courtès
2018-01-16 19:01 ` Marius Bakke
2018-01-16 19:09 ` Tobias Geerinckx-Rice
2018-01-16 19:22 ` Marius Bakke
2018-01-16 20:41 ` Leo Famulari
2018-01-17 8:53 ` Ludovic Courtès
2018-01-17 14:55 ` Mike Gerwitz
2018-02-26 18:18 ` Marius Bakke
2018-02-26 20:01 ` ng0
2018-02-26 20:06 ` Marius Bakke
2018-02-26 20:34 ` ng0
2018-02-26 22:41 ` Björn Höfling
2018-02-27 21:57 ` ng0
2018-02-28 17:38 ` Marius Bakke
2018-02-28 18:09 ` Björn Höfling
2018-03-16 17:30 ` ng0
2018-03-16 17:45 ` Marius Bakke
2018-03-16 17:52 ` ng0
2018-07-25 8:08 ` ng0
2018-08-05 13:04 ` Marius Bakke
2018-08-05 16:18 ` ng0
2018-08-05 18:25 ` Marius Bakke
2018-08-05 20:32 ` ng0
2018-08-05 23:58 ` ng0
2018-08-30 13:25 ` ng0
2018-08-06 8:22 ` Oleg Pykhalov
2018-08-30 6:04 ` Amirouche Boubekki
2018-03-16 19:01 ` Adonay Felipe Nogueira
2018-03-16 19:34 ` ng0
2018-03-16 21:20 ` Adonay Felipe Nogueira
2018-02-27 22:17 ` ng0
2018-02-28 17:14 ` Marius Bakke
2018-02-27 2:00 ` Mike Gerwitz
2018-02-28 8:17 ` ng0
2018-02-28 17:28 ` Marius Bakke
2018-01-16 20:04 ` ng0
2018-01-09 6:58 ` ng0
2018-01-12 0:03 ` Marius Bakke
2018-01-12 9:38 ` ng0
2018-02-26 18:19 ` [bug#28004] [PATCH] gnu: Add chromium Marius Bakke
2018-04-13 19:10 ` [bug#28004] Chromium 65 Marius Bakke
2018-04-17 19:10 ` Oleg Pykhalov
2018-04-24 17:05 ` Christopher Lemmer Webber
2018-04-24 18:08 ` [bug#28004] Chromium 66 + status update Marius Bakke
2018-04-24 18:45 ` Christopher Lemmer Webber
2018-04-24 18:48 ` Tobias Geerinckx-Rice
2018-04-24 18:46 ` Tobias Geerinckx-Rice
2018-04-24 19:30 ` Marius Bakke
2018-04-25 17:00 ` Leo Famulari
2018-04-25 17:02 ` Leo Famulari
2018-05-03 17:49 ` Nils Gillmann
2018-05-03 17:58 ` Nils Gillmann
2018-05-04 12:10 ` Marius Bakke
2018-05-04 13:02 ` Nils Gillmann
2018-08-29 23:31 ` [bug#28004] (no subject) Amirouche Boubekki
2018-09-02 4:37 ` [bug#28004] Chromium FSDG requirements Mark H Weaver
2018-09-02 13:16 ` Marius Bakke
[not found] ` <20190202192023.22087-1-mbakke@fastmail.com>
[not found] ` <87k1igpwk8.fsf@dismail.de>
[not found] ` <20190203235204.63970587@parabola>
2019-02-04 13:46 ` [bug#28004] [PATCH] gnu: Add ungoogled-chromium Leo Famulari
2019-02-04 14:47 ` bill-auger
2019-02-04 22:34 ` Ludovic Courtès
2019-02-05 5:22 ` swedebugia
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).