* [bug#67512] [PATCH 0/5] Add LibreWolf
@ 2023-11-28 20:09 Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 1/5] gnu: icu4c: Update to 73.1 Ian Eure
` (22 more replies)
0 siblings, 23 replies; 75+ messages in thread
From: Ian Eure @ 2023-11-28 20:09 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
I mentioned in #guix that I was working on a package for LibreWolf, and it was requested that I send in patches, so I am. These changes are based on the firefox-esr package in nonguix; I've retained the copyright / authorship notices from there.
LibreWolf (https://librewolf.net/) is a fork of Firefox which removes the telemetry and advertising, and bundles uBlock Origin. It doesn't have the redistribution issues that Firefox does, its name/logo are under MPL 2.0 and aren't trademarked.
I'm new to Guix, and not remotely a browser development expert, so I don't expect these are ready to be accepted yet, but I believe they're in good enough shape to have a discussion about. They're working acceptably well for me, though I'm not currently daily driving Guix, so there may be issues I haven't encountered yet.
Guide to changes in this patchset
=================================
icu4c has been updated to 73.1, and the previous version kept as icu4c-71. I encountered consistent failures of the node@10.24.1 test suite with icu4c 73.1, so I kept that on 71.1. icu4c is needed by many packages, so this change is the highest-impact in the patchset.
The (gnu packages wasm) module is unchanged from nonguix, except for the file header and module declaration.
The (gnu packages librewolf) module is a simplified/adapted version of (nongnu packages firefox). The Firefox Nightly packages have been removed, as there's no LibreWolf equivalent. I also didn't bring over the wayland variant, but I could, if that's desired. I'm not sure why there are specific x11/wayland variants, as the packages for other distros don't seem to need this split.
The librewolf package has some functions duplicated from (gnu packages gnuzilla), which probably ought to get factored out and put somewhere, but I'm not sure if they should be in (gnu packages mozilla) or a different module. Guidance would be appreciated here.
Ian Eure (5):
gnu: icu4c: Update to 73.1.
gnu: Add icu4c-71.
gnu: node: Switch to icu4c-71.
gnu: Add wasm packages.
gnu: Add librewolf.
gnu/packages/icu4c.scm | 21 +-
gnu/packages/librewolf.scm | 560 +++++++++++++++++++++++++++++++++++++
gnu/packages/node.scm | 4 +-
gnu/packages/wasm.scm | 273 ++++++++++++++++++
4 files changed, 854 insertions(+), 4 deletions(-)
create mode 100644 gnu/packages/librewolf.scm
create mode 100644 gnu/packages/wasm.scm
base-commit: 2410a30f6c06d56b5589e0ad685bcdf09bb144bf
--
2.41.0
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 1/5] gnu: icu4c: Update to 73.1.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
@ 2023-11-28 20:13 ` Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 2/5] gnu: Add icu4c-71 Ian Eure
` (21 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2023-11-28 20:13 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/icu4c.scm (icu4c): Update to 73.1.
Change-Id: I77b8186898494e5b677c2e0c4fb0a234747dbd29
---
gnu/packages/icu4c.scm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 5aaf3a8361..64ae109952 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -45,7 +45,7 @@ (define-module (gnu packages icu4c)
(define-public icu4c
(package
(name "icu4c")
- (version "71.1")
+ (version "73.1")
(source (origin
(method url-fetch)
(uri (string-append
@@ -55,7 +55,8 @@ (define-public icu4c
(string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
"-src.tgz"))
(sha256
- (base32 "1gqywaqj9jmdwrng9lm6inyqmi5j2cz36db9dcqg3yk13zjyd9v7"))))
+ (base32
+ "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))))
(build-system gnu-build-system)
(native-inputs
(append (list python-minimal)
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 2/5] gnu: Add icu4c-71.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 1/5] gnu: icu4c: Update to 73.1 Ian Eure
@ 2023-11-28 20:13 ` Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 3/5] gnu: node: Switch to icu4c-71 Ian Eure
` (20 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2023-11-28 20:13 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/icu4c.scm (icu4c-71): New variable.
Change-Id: Iaff0df4d6aaa968cdc43f847bd2ced08d0f3a12e
---
gnu/packages/icu4c.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 64ae109952..376cbac5c6 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -110,6 +110,22 @@ (define-public icu4c
(license x11)
(home-page "http://site.icu-project.org/")))
+(define-public icu4c-71
+ (package
+ (inherit icu4c)
+ (name "icu4c")
+ (version "71.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/unicode-org/icu/releases/download/release-"
+ (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (sha256
+ (base32 "1gqywaqj9jmdwrng9lm6inyqmi5j2cz36db9dcqg3yk13zjyd9v7"))))))
+
(define-public icu4c-70
(package
(inherit icu4c)
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 3/5] gnu: node: Switch to icu4c-71.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 1/5] gnu: icu4c: Update to 73.1 Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 2/5] gnu: Add icu4c-71 Ian Eure
@ 2023-11-28 20:13 ` Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 4/5] gnu: Add wasm packages Ian Eure
` (19 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2023-11-28 20:13 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/node.scm (node): Switch to icu4c-71.
I encountered consistent test failures with icu4c 73.1.
Change-Id: Iaad9a4f274f9e3b8736486b58f262a82304b0b5d
---
gnu/packages/node.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index 6e30ad486a..668847405d 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -290,7 +290,7 @@ (define-public node
;; Runtime dependencies for binaries used as a bootstrap.
(list c-ares
http-parser
- icu4c
+ icu4c-71
libuv-for-node
`(,nghttp2-for-node "lib")
openssl-1.1
@@ -310,7 +310,7 @@ (define-public node
coreutils
c-ares
http-parser
- icu4c
+ icu4c-71
libuv-for-node
`(,nghttp2-for-node "lib")
openssl
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 4/5] gnu: Add wasm packages.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (2 preceding siblings ...)
2023-11-28 20:13 ` [bug#67512] [PATCH 3/5] gnu: node: Switch to icu4c-71 Ian Eure
@ 2023-11-28 20:13 ` Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 5/5] gnu: Add librewolf Ian Eure
` (18 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2023-11-28 20:13 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/wasm.scm (wasi-libc): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
Change-Id: I546cb6b7450b760379fb8c3043e48ffc5e714c68
---
gnu/packages/wasm.scm | 273 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 273 insertions(+)
create mode 100644 gnu/packages/wasm.scm
diff --git a/gnu/packages/wasm.scm b/gnu/packages/wasm.scm
new file mode 100644
index 0000000000..05d247f333
--- /dev/null
+++ b/gnu/packages/wasm.scm
@@ -0,0 +1,273 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022-2023 Pierre Langlois <pierre.langlois@gmx.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages wasm)
+ #:use-module (guix base32)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix utils)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages python))
+
+(define-public wasi-libc
+ (package
+ (name "wasi-libc")
+ (version "sdk-19")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/WebAssembly/wasi-libc")
+ (commit (string-append "wasi-" version))
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0bnpz8wk9wiic938296gxp4vz820bvpi1w41jksjzz5552hql169"))))
+ (build-system gnu-build-system)
+ (native-inputs (list clang-15))
+ (arguments
+ (list
+ #:tests? #f ;No test suite
+ ;; Firefox uses wasm2c to compile WebAssembly to C code, and it
+ ;; does not support the memory.copy opcode.
+ ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1773200#c4
+ #:make-flags ''("BULK_MEMORY_SOURCES=")
+ #:phases #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-before 'build 'set-sysroot-include
+ (lambda _
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getcwd) "/sysroot/include"))))
+ (add-before 'install 'set-install-dir
+ (lambda _
+ (setenv "INSTALL_DIR"
+ (string-append #$output "/wasm32-wasi")))))))
+ (home-page "https://wasi.dev")
+ (synopsis "WASI libc implementation for WebAssembly")
+ (description
+ "WASI Libc is a libc for WebAssembly programs built on top of WASI
+system calls. It provides a wide array of POSIX-compatible C APIs, including
+support for standard I/O, file I/O, filesystem manipulation, memory
+management, time, string, environment variables, program startup, and many
+other APIs.")
+ (license (list
+ ;; For wasi-libc, with LLVM exceptions
+ license:asl2.0
+ ;; For malloc.c.
+ license:cc0
+ ;; For cloudlibc.
+ license:bsd-2
+ ;; For wasi-libc and musl-libc.
+ license:expat))))
+
+(define-public wasm32-wasi-clang-runtime
+ (package (inherit clang-runtime-15)
+ (native-inputs
+ (list clang-15
+ wasi-libc))
+ (inputs (list llvm-15))
+ (arguments
+ (list
+ #:build-type "Release"
+ #:tests? #f
+ ;; Stripping binaries breaks wasm linking, resulting in the following
+ ;; error: "archive has no index; run ranlib to add one".
+ #:strip-binaries? #f
+ #:configure-flags
+ #~(list "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ (string-append
+ "-DCMAKE_SYSROOT=" #$wasi-libc "/wasm32-wasi")
+ (string-append
+ "-DCMAKE_C_FLAGS=-I " #$wasi-libc "/wasm32-wasi/include")
+
+ "-DCOMPILER_RT_OS_DIR=wasi"
+
+ "-DCOMPILER_RT_BAREMETAL_BUILD=On"
+ "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=On"
+
+ ;; WASM only needs libclang_rt.builtins-wasm32.a from
+ ;; compiler-rt.
+ "../source/compiler-rt/lib/builtins")))))
+
+;; FIXME: Ideally we wouldn't need to build a separate compiler because clang
+;; can support multiple targets at runtime. However Guix patches the default
+;; clang with a specific clang-runtime package. It would be good to improve
+;; upstream Guix's support for cross-compiling with clang.
+
+(define clang-from-llvm (@@ (gnu packages llvm) clang-from-llvm))
+(define llvm-monorepo (@@ (gnu packages llvm) llvm-monorepo))
+
+(define-public wasm32-wasi-clang
+ (let ((base (clang-from-llvm llvm-15 wasm32-wasi-clang-runtime)))
+ (package
+ (inherit base)
+ (name "wasm32-wasi-clang")
+ (inputs (modify-inputs (package-inputs base)
+ (prepend wasi-libc)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:configure-flags flags)
+ #~(list "-DCLANG_INCLUDE_TESTS=True"
+ ;; Use a sane default include directory.
+ (string-append "-DC_INCLUDE_DIRS="
+ #$wasi-libc "/wasm32-wasi/include")))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (delete 'symlink-cfi_ignorelist))))))))
+
+(define-public wasm32-wasi-libcxx
+ (package
+ (name "wasm32-wasi-libcxx")
+ (version (package-version llvm-15))
+ (source
+ (llvm-monorepo version))
+ (build-system cmake-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(list (string-append "-S ../source/runtimes")
+
+ "-DLLVM_ENABLE_RUNTIMES=libcxx;libcxxabi"
+
+ (string-append "-DCMAKE_SYSROOT="
+ #$wasi-libc "/wasm32-wasi")
+
+ (string-append "-DCMAKE_INCLUDE_PATH="
+ #$wasi-libc
+ "/wasm32-wasi/include")
+
+ (string-append "-DCMAKE_STAGING_PREFIX="
+ #$output "/wasm32-wasi")
+
+ "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_WORKS=ON"
+ "-DCMAKE_CXX_COMPILER=clang++"
+ "-DCMAKE_CXX_COMPILER_WORKS=ON"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ "-DCMAKE_CXX_COMPILER_TARGET=wasm32-wasi"
+
+ "-DLIBCXX_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXX_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXX_ENABLE_SHARED=OFF"
+ "-DLIBCXX_ENABLE_THREADS=OFF"
+ "-DLIBCXX_ENABLE_FILESYSTEM=OFF"
+
+ "-DLIBCXXABI_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXXABI_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXXABI_ENABLE_SHARED=OFF"
+ "-DLIBCXXABI_ENABLE_THREADS=OFF"
+ "-DLIBCXXABI_ENABLE_FILESYSTEM=OFF")
+ #:tests? #f
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'set-paths 'adjust-CPLUS_INCLUDE_PATH
+ (lambda _
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append #$wasi-libc
+ "/wasm32-wasi/include:"
+ (getenv "CPLUS_INCLUDE_PATH"))))))))
+ (native-inputs (list lld python wasm32-wasi-clang))
+ (inputs (list wasi-libc))
+ (home-page "https://libcxx.llvm.org")
+ (synopsis "C++ standard library for WebAssembly")
+ (description
+ "This package provides an implementation of the C++ standard library for
+use with Clang, targeting C++11, C++14 and above. This package targets
+WebAssembly with WASI.")
+ (license license:expat)))
+
+(define-public wasm32-wasi-clang-toolchain
+ (package
+ (name "wasm32-wasi-clang-toolchain")
+ (version (package-version wasm32-wasi-clang))
+ (source
+ #f)
+ (build-system trivial-build-system)
+ (arguments
+ (list
+ #:builder (with-imported-modules '((guix build union)
+ (guix build utils))
+ #~(begin
+ (use-modules (guix build union)
+ (guix build utils))
+ (union-build #$output
+ (list #$wasm32-wasi-clang-runtime
+ #$wasi-libc
+ #$wasm32-wasi-libcxx))
+ (mkdir-p (string-append #$output
+ "/bin"))
+
+ ;; We provide clang and clang++ via a wrapped program that sets
+ ;; include paths correctly so that it does not include paths from
+ ;; the host.
+
+ ;; FIXME: Review how we can provide better support for
+ ;; cross-compiling with clang in Guix, maybe adding support for
+ ;; the CROSS_C_INCLUDE_PATH and CROSS_CPLUS_INCLUDE_PATH
+ ;; environment variables like GCC.
+
+ (for-each (lambda (bin)
+ (symlink (string-append #$wasm32-wasi-clang
+ bin)
+ (string-append #$output
+ bin))
+ (wrap-program (string-append #$output
+ bin)
+ #:sh (string-append #$bash-minimal
+ "/bin/bash")
+ `("C_INCLUDE_PATH"
+ ":" =
+ (,(string-append #$output
+ "/wasm32-wasi/include")))
+ `("CPLUS_INCLUDE_PATH"
+ ":" =
+ ;; Make sure inclure/c++/v1 comes first for #include_next
+ ;; to work.
+ (,(string-append #$output
+ "/wasm32-wasi/include/c++/v1") ,
+ (string-append #$output
+ "/wasm32-wasi/include")))))
+ '("/bin/clang"
+ "/bin/clang++"))
+
+ (symlink (string-append #$lld
+ "/bin/wasm-ld")
+ (string-append #$output
+ "/bin/wasm-ld"))))))
+ (inputs (list bash-minimal
+ lld
+ wasi-libc
+ wasm32-wasi-clang
+ wasm32-wasi-clang-runtime
+ wasm32-wasi-libcxx))
+ (license (cons (package-license wasm32-wasi-clang)
+ (package-license wasi-libc)))
+ (home-page "https://clang.llvm.org")
+ (synopsis
+ "Complete Clang toolchain for C/C++ development, for WebAssembly.")
+ (description
+ "This package provides a complete Clang toolchain for C/C++
+development targeting WebAssembly with WASI. This includes Clang, as well as
+libc, libc++ and wasm-ld.")))
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 5/5] gnu: Add librewolf.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (3 preceding siblings ...)
2023-11-28 20:13 ` [bug#67512] [PATCH 4/5] gnu: Add wasm packages Ian Eure
@ 2023-11-28 20:13 ` Ian Eure
2023-12-10 21:57 ` [bug#67512] [PATCH 0/5] Add LibreWolf Ludovic Courtès
` (17 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2023-11-28 20:13 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: Iea4dcf45bfaff118d1d9d6e871c4a4ff3e68a3b3
---
gnu/packages/librewolf.scm | 560 +++++++++++++++++++++++++++++++++++++
1 file changed, 560 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..b1e890e518
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,560 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann@infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last@163.com>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias@protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf@wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian@retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages wasm)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build firefox, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every firefox update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20231120132923")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "120.0-2")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append
+ "https://gitlab.com/api/v4/projects/32320088/packages/generic/librewolf-source/"
+ version "/librewolf-" version ".source.tar.gz"))
+ (sha256
+ (base32 "17yiw4pql9pf2qgk5a6xjqjjbgplla7fflrw1ldgd07rzsjlvj4n"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang"))
+ (wasi-sysroot #$(this-package-native-input
+ "wasm32-wasi-clang-toolchain")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ ;; "--with-system-png" ;require libpng-apng >= 1.6.35
+ "--with-system-icu"
+ "--enable-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ ;; "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+ ,(string-append "--with-wasi-sysroot="
+ wasi-sysroot "/wasm32-wasi")
+
+ ;; Distribution
+ "--with-distribution-id=org.nonguix"
+ "--disable-official-branding"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow Firefox sandbox to read the store directory,
+ ;; because Firefox sandbox have access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file
+ "dom/media/webspeech/synth/speechd/SpeechDispatcherService.cpp")
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute file
+ `((,(format #f "~s" lib) unquote
+ (λ (line _)
+ (string-replace-substring line lib
+ (string-append #$speech-dispatcher
+ "/lib/"
+ lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Firefox will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does firefox build on
+ ;; non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "WASM_CC"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang"))
+ (setenv "WASM_CXX"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang++"))
+
+ (setenv "MOZ_NOSPAM" "1")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting user's data, including saved passwords and
+ ;; web form data, without users consent. Mozilla was also found shipping updates
+ ;; to systems without the user's knowledge or permission.
+ ;; As a result of this, use the following command to permanently disable
+ ;; telemetry reporting in Firefox.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers & other build tools in
+ ;; about:buildconfig, reducing Firefox's closure by 1 GiB on x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" in all the Name fields
+ (("^(Name.*)(Firefox)(.*)$" prefix _ suffix)
+ (string-append prefix "LibreWolf" suffix))
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\]")
+ "")
+ ;; Replace "Firefox" in the keywords
+ (("^(Keywords.*)(Firefox)(.*)$" prefix _ suffix)
+ (string-append prefix "LibreWolf" suffix))
+ (("Icon=.*")
+ "Icon=librewolf\n")
+ (("NewWindow")
+ "new-window")
+ (("NewPrivateWindow")
+ "new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ ;; libpng-apng
+ libva
+ libvpx
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr-4.32
+ ;; nss
+ pango
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ wasm32-wasi-clang-toolchain
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://mozilla.org/firefox/")
+ (synopsis "Trademarkless version of Firefox")
+ (description
+ "Full-featured browser client built from Firefox source tree, without
+the official icon and the name \"firefox\". This is the Extended Support
+Release (ESR) version.")
+ (license license:mpl2.0)))
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 0/5] Add LibreWolf
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (4 preceding siblings ...)
2023-11-28 20:13 ` [bug#67512] [PATCH 5/5] gnu: Add librewolf Ian Eure
@ 2023-12-10 21:57 ` Ludovic Courtès
2023-12-10 22:28 ` Ian Eure
2024-01-13 17:53 ` [bug#67512] [PATCH 5/5] gnu: Add librewolf Herman Rimm via Guix-patches via
` (16 subsequent siblings)
22 siblings, 1 reply; 75+ messages in thread
From: Ludovic Courtès @ 2023-12-10 21:57 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512
Hi!
Ian Eure <ian@retrospec.tv> skribis:
> I mentioned in #guix that I was working on a package for LibreWolf, and it was requested that I send in patches, so I am. These changes are based on the firefox-esr package in nonguix; I've retained the copyright / authorship notices from there.
>
> LibreWolf (https://librewolf.net/) is a fork of Firefox which removes the telemetry and advertising, and bundles uBlock Origin. It doesn't have the redistribution issues that Firefox does, its name/logo are under MPL 2.0 and aren't trademarked.
>
> I'm new to Guix, and not remotely a browser development expert, so I don't expect these are ready to be accepted yet, but I believe they're in good enough shape to have a discussion about. They're working acceptably well for me, though I'm not currently daily driving Guix, so there may be issues I haven't encountered yet.
This is much appreciated! People often complain that IceCat is based on
too old a version of Firefox, so if we can have LibreWolf (or even
Firefox without its problematic bits), that’s great.
> The librewolf package has some functions duplicated from (gnu packages gnuzilla), which probably ought to get factored out and put somewhere, but I'm not sure if they should be in (gnu packages mozilla) or a different module. Guidance would be appreciated here.
To me that’s the main issue here: these packages are complex, and I
wouldn’t want us to end up with two (or more!) copies of these beasts.
As the person who made the changes, it would be great if you could
pinpoint things that had to be changed compared to ‘icecat’. What
phases or flags differ? What phases can be factorized?
Thanks for your hard work!
Ludo’.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 0/5] Add LibreWolf
2023-12-10 21:57 ` [bug#67512] [PATCH 0/5] Add LibreWolf Ludovic Courtès
@ 2023-12-10 22:28 ` Ian Eure
2023-12-14 18:39 ` Ludovic Courtès
0 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2023-12-10 22:28 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: 67512
Hi, thank you very much for your comments.
Ludovic Courtès <ludo@gnu.org> writes:
> Hi!
>
> Ian Eure <ian@retrospec.tv> skribis:
>
>> I mentioned in #guix that I was working on a package for
>> LibreWolf,
>> and it was requested that I send in patches, so I am. These
>> changes
>> are based on the firefox-esr package in nonguix; I've retained
>> the
>> copyright / authorship notices from there.
>>
>> LibreWolf (https://librewolf.net/) is a fork of Firefox which
>> removes the telemetry and advertising, and bundles uBlock
>> Origin.
>> It doesn't have the redistribution issues that Firefox does,
>> its
>> name/logo are under MPL 2.0 and aren't trademarked.
>>
>> I'm new to Guix, and not remotely a browser development expert,
>> so I
>> don't expect these are ready to be accepted yet, but I believe
>> they're in good enough shape to have a discussion about.
>> They're
>> working acceptably well for me, though I'm not currently daily
>> driving Guix, so there may be issues I haven't encountered yet.
>
> This is much appreciated! People often complain that IceCat is
> based on
> too old a version of Firefox, so if we can have LibreWolf (or
> even
> Firefox without its problematic bits), that’s great.
>
IMO, LibreWolf pretty much is Firefox without the problematic
bits.
It’s been my default browser for several years, and I’m very
satisfied
with it.
>> The librewolf package has some functions duplicated from (gnu
>> packages gnuzilla), which probably ought to get factored out
>> and put
>> somewhere, but I'm not sure if they should be in (gnu packages
>> mozilla) or a different module. Guidance would be appreciated
>> here.
>
> To me that’s the main issue here: these packages are complex,
> and I
> wouldn’t want us to end up with two (or more!) copies of these
> beasts.
>
> As the person who made the changes, it would be great if you
> could
> pinpoint things that had to be changed compared to ‘icecat’.
> What
> phases or flags differ? What phases can be factorized?
>
This work isn’t based on the icecat package, but on the
firefox-esr
package from nonguix. The duplication I refer to is two small
helper
functions, `runpath-of' and `runpaths-of-input', totaling nine
lines
of code; they’re flagged with a comment in the patch. As
mentioned in
the cover letter, I’m happy to extract these, I just don’t know
where
they ought to be placed. They’re defined inside a lambda in a
gexp,
which sounds like it may be challenging to put somewhere
accessible to
both packages.
Skimming the icecat package, not many of the build steps are
shared
with librewolf, and factoring the commonalities out would IMO
result
in overly complex, brittle, hard to maintain code that’s worse
than
the slight duplication between the two packages. If there’s a
strong
feeling that they must be accounted for, I’ll give it a try, but I
don’t believe that it’s the best option.
Thanks,
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 0/5] Add LibreWolf
2023-12-10 22:28 ` Ian Eure
@ 2023-12-14 18:39 ` Ludovic Courtès
0 siblings, 0 replies; 75+ messages in thread
From: Ludovic Courtès @ 2023-12-14 18:39 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512
Hi Ian,
Ian Eure <ian@retrospec.tv> skribis:
> Ludovic Courtès <ludo@gnu.org> writes:
[...]
>> This is much appreciated! People often complain that IceCat is
>> based on
>> too old a version of Firefox, so if we can have LibreWolf (or even
>> Firefox without its problematic bits), that’s great.
>>
>
> IMO, LibreWolf pretty much is Firefox without the problematic bits.
> It’s been my default browser for several years, and I’m very satisfied
> with it.
Perfect, then.
>> As the person who made the changes, it would be great if you could
>> pinpoint things that had to be changed compared to ‘icecat’. What
>> phases or flags differ? What phases can be factorized?
>>
> This work isn’t based on the icecat package, but on the firefox-esr
> package from nonguix. The duplication I refer to is two small helper
> functions, `runpath-of' and `runpaths-of-input', totaling nine lines
> of code; they’re flagged with a comment in the patch. As mentioned in
> the cover letter, I’m happy to extract these, I just don’t know where
> they ought to be placed. They’re defined inside a lambda in a gexp,
> which sounds like it may be challenging to put somewhere accessible to
> both packages.
>
> Skimming the icecat package, not many of the build steps are shared
> with librewolf, and factoring the commonalities out would IMO result
> in overly complex, brittle, hard to maintain code that’s worse than
> the slight duplication between the two packages. If there’s a strong
> feeling that they must be accounted for, I’ll give it a try, but I
> don’t believe that it’s the best option.
Yeah, you’re right that factorizing can be a bad idea when misplaced, so
let’s keep it that way.
I’ll take a closer look at the patches if nobody beats me at it!
Thanks,
Ludo’.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 5/5] gnu: Add librewolf.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (5 preceding siblings ...)
2023-12-10 21:57 ` [bug#67512] [PATCH 0/5] Add LibreWolf Ludovic Courtès
@ 2024-01-13 17:53 ` Herman Rimm via Guix-patches via
2024-01-28 21:23 ` Ian Eure
2024-01-17 15:43 ` [bug#67512] [PATCH 0/5] Add LibreWolf Clément Lassieur
` (15 subsequent siblings)
22 siblings, 1 reply; 75+ messages in thread
From: Herman Rimm via Guix-patches via @ 2024-01-13 17:53 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512
Hi Ian,
You can enable --with-system-png flag since libpng-apng >= 1.6.35. These
two icecat flags may be required for addons from gnuzilla.gnu.org:
;; Do not require addons in the global app or system directories to
;; be signed by Mozilla.
"--with-unsigned-addon-scopes=app,system"
"--allow-addon-sideload"
This icecat-minimal flag disables DRM:
;; The --disable-eme option is not available on aarch64.
#$(if (target-aarch64?) "" "--disable-eme")
Librewolf should not link to addons.mozilla.org, using this build phase
from torbrowser:
(add-before 'build 'fix-addons-placeholder
(lambda _
(substitute*
"toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
(("addons.mozilla.org") "gnuzilla.gnu.org"))))
Cheers,
Herman
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 0/5] Add LibreWolf
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (6 preceding siblings ...)
2024-01-13 17:53 ` [bug#67512] [PATCH 5/5] gnu: Add librewolf Herman Rimm via Guix-patches via
@ 2024-01-17 15:43 ` Clément Lassieur
2024-02-17 16:06 ` Ian Eure
2024-02-11 19:20 ` [bug#67512] [PATCH v2 0/4] Add Librewolf Ian Eure
` (14 subsequent siblings)
22 siblings, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-01-17 15:43 UTC (permalink / raw)
To: Ian Eure, Pierre Langlois; +Cc: 67512
Hi Ian and Pierre,
Thank you for this! I hope to do a review soon. Meanwhile I have one
question for Pierre: is there any reason why your Wasm work was
contributed to Nonguix instead of Guix? It looks like it could be used
by Icecat. Would you say it is ready to be added to the Guix repo?
Thank you,
Clément
On Tue, Nov 28 2023, Ian Eure wrote:
> I mentioned in #guix that I was working on a package for LibreWolf, and it was requested that I send in patches, so I am. These changes are based on the firefox-esr package in nonguix; I've retained the copyright / authorship notices from there.
>
> LibreWolf (https://librewolf.net/) is a fork of Firefox which removes the telemetry and advertising, and bundles uBlock Origin. It doesn't have the redistribution issues that Firefox does, its name/logo are under MPL 2.0 and aren't trademarked.
>
> I'm new to Guix, and not remotely a browser development expert, so I don't expect these are ready to be accepted yet, but I believe they're in good enough shape to have a discussion about. They're working acceptably well for me, though I'm not currently daily driving Guix, so there may be issues I haven't encountered yet.
>
> Guide to changes in this patchset
> =================================
>
> icu4c has been updated to 73.1, and the previous version kept as icu4c-71. I encountered consistent failures of the node@10.24.1 test suite with icu4c 73.1, so I kept that on 71.1. icu4c is needed by many packages, so this change is the highest-impact in the patchset.
>
> The (gnu packages wasm) module is unchanged from nonguix, except for the file header and module declaration.
>
> The (gnu packages librewolf) module is a simplified/adapted version of (nongnu packages firefox). The Firefox Nightly packages have been removed, as there's no LibreWolf equivalent. I also didn't bring over the wayland variant, but I could, if that's desired. I'm not sure why there are specific x11/wayland variants, as the packages for other distros don't seem to need this split.
>
> The librewolf package has some functions duplicated from (gnu packages gnuzilla), which probably ought to get factored out and put somewhere, but I'm not sure if they should be in (gnu packages mozilla) or a different module. Guidance would be appreciated here.
>
> Ian Eure (5):
> gnu: icu4c: Update to 73.1.
> gnu: Add icu4c-71.
> gnu: node: Switch to icu4c-71.
> gnu: Add wasm packages.
> gnu: Add librewolf.
>
> gnu/packages/icu4c.scm | 21 +-
> gnu/packages/librewolf.scm | 560 +++++++++++++++++++++++++++++++++++++
> gnu/packages/node.scm | 4 +-
> gnu/packages/wasm.scm | 273 ++++++++++++++++++
> 4 files changed, 854 insertions(+), 4 deletions(-)
> create mode 100644 gnu/packages/librewolf.scm
> create mode 100644 gnu/packages/wasm.scm
>
>
> base-commit: 2410a30f6c06d56b5589e0ad685bcdf09bb144bf
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 5/5] gnu: Add librewolf.
2024-01-13 17:53 ` [bug#67512] [PATCH 5/5] gnu: Add librewolf Herman Rimm via Guix-patches via
@ 2024-01-28 21:23 ` Ian Eure
2024-01-28 22:51 ` Ian Eure
2024-02-02 18:44 ` Herman Rimm via Guix-patches via
0 siblings, 2 replies; 75+ messages in thread
From: Ian Eure @ 2024-01-28 21:23 UTC (permalink / raw)
To: Herman Rimm; +Cc: 67512
Herman Rimm <herman@rimm.ee> writes:
> Hi Ian,
>
> You can enable --with-system-png flag since libpng-apng >=
> 1.6.35. These
> two icecat flags may be required for addons from
> gnuzilla.gnu.org:
>
Thanks, I’ve made this change, along with a few other fixes I
found over the last couple weeks. I’ll send an updated patch
series, but would like to resolve the issues you raise first, to
avoid repeatedly sending the patch series.
> This icecat-minimal flag disables DRM:
>
> ;; The --disable-eme option is not available on aarch64.
> #$(if (target-aarch64?) "" "--disable-eme")
>
LibreWolf disables DRM by default[1], so I don’t believe this flag
is necessary. I can confirm that it’s disabled in the browser
built from the package definition without this flag.
> Librewolf should not link to addons.mozilla.org, using this
> build phase
> from torbrowser:
>
What’s the rationale for not using addons.mozilla.org?
gnuzilla.gnu.org appears to be broken, it’s serving an Apache
default page, as if the vhost isn’t configured. Does the browser
request some path within that domain, which does work? I’m not
familiar with the mechanism used for this.
— Ian
[1]: https://librewolf.net/docs/faq/#how-do-i-enable-drm
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 5/5] gnu: Add librewolf.
2024-01-28 21:23 ` Ian Eure
@ 2024-01-28 22:51 ` Ian Eure
2024-02-02 18:44 ` Herman Rimm via Guix-patches via
1 sibling, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-01-28 22:51 UTC (permalink / raw)
To: Herman Rimm; +Cc: 67512
Ian Eure <ian@retrospec.tv> writes:
>> This icecat-minimal flag disables DRM:
>>
>> ;; The --disable-eme option is not available on aarch64.
>> #$(if (target-aarch64?) "" "--disable-eme")
>>
>
> LibreWolf disables DRM by default[1], so I don’t believe this
> flag is
> necessary. I can confirm that it’s disabled in the browser
> built from
> the package definition without this flag.
>
I looked a bit deeper into this. There are actually no
EME-related configuration options in Librewolf at all, either to
enable or disable it. It’s always disabled.
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 5/5] gnu: Add librewolf.
2024-01-28 21:23 ` Ian Eure
2024-01-28 22:51 ` Ian Eure
@ 2024-02-02 18:44 ` Herman Rimm via Guix-patches via
2024-02-06 23:29 ` Ian Eure
1 sibling, 1 reply; 75+ messages in thread
From: Herman Rimm via Guix-patches via @ 2024-02-02 18:44 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512
On Sun, Jan 28, 2024 at 01:23:40PM -0800, Ian Eure wrote:
>
> Herman Rimm <herman@rimm.ee> writes:
>
> > Librewolf should not link to addons.mozilla.org, using this build phase
> > from torbrowser:
> >
>
> What’s the rationale for not using addons.mozilla.org?
>
> gnuzilla.gnu.org appears to be broken, it’s serving an Apache default page,
> as if the vhost isn’t configured. Does the browser request some path within
> that domain, which does work? I’m not familiar with the mechanism used for
> this.
Apologies, the URL is: https://gnuzilla.gnu.org/mozzarella/. It is used
because addons.mozilla.org contains nonfree extensions, from [1]:
A free system distribution must not steer users towards obtaining any
nonfree information for practical use, or encourage them to do so. The
system should have no repositories for nonfree software and no
specific recipes for installation of particular nonfree programs. Nor
should the distribution refer to third-party repositories that are not
committed to only including free software; even if they only have free
software today, that may not be true tomorrow. Programs in the system
should not suggest installing nonfree plugins, documentation, and so
on.
For instance, a free system distribution must not contain browsers
that implement EME, the browser functionality designed to load DRM
modules.
>> LibreWolf disables DRM by default[1], so I don’t believe this flag is
>> necessary. I can confirm that it’s disabled in the browser built from
>> the package definition without this flag.
>>
>
>I looked a bit deeper into this. There are actually no EME-related
>configuration options in Librewolf at all, either to enable or disable it.
>It’s always disabled.
Interesting, I applied the patch series onto 551d013, built librewolf,
removed ~/.librewolf and ~/.mozilla, started librewolf and went to
about:config, where 'browser.eme.ui.enabled' has the default value
'true', so I can see and toggle the checkbox for 'play DRM-controlled
content' in about:preferences. I don't know why 'browser.eme.ui.enabled'
is 'true' by default for me, but I think adding --disable-eme will set
the default to 'false', like it is in the icecat-minimal about:config.
Looking at the firefox source [2], 'browser.eme.ui.enabled' is set to
true if MOZ_WIDEVINE_EME is defined, false otherwise. MOZ_WIDEVINE_EME
gets defined by being in MOZ_EME_MODULES, which is set to eme_modules in
toolkit/moz.configure where a comment reads:
# Widevine is enabled by default in desktop browser builds.
When running grep in a Librewolf repo [3] for the aformentioned terms,
only the --disable-jxl configure flag is modified in toolkit/
moz.configure, so I don't think the Librewolf developers disable EME. I
am not sure though, I don't want to rebuild librewolf with the
--disable-eme flag to look for the difference.
Cheers,
Herman
[1]: https://www.gnu.org/distros/free-system-distribution-guidelines.en.html
[2]: https://archive.mozilla.org/pub/firefox/releases/123.0b5/source/firefox-123.0b5.source.tar.xz
[3]: https://codeberg.org/librewolf/source.git
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 5/5] gnu: Add librewolf.
2024-02-02 18:44 ` Herman Rimm via Guix-patches via
@ 2024-02-06 23:29 ` Ian Eure
2024-02-07 10:06 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-06 23:29 UTC (permalink / raw)
To: 67512
Herman Rimm <herman@rimm.ee> writes:
> On Sun, Jan 28, 2024 at 01:23:40PM -0800, Ian Eure wrote:
>>
>> Herman Rimm <herman@rimm.ee> writes:
>>
>> > Librewolf should not link to addons.mozilla.org, using this
>> > build phase
>> > from torbrowser:
>> >
>>
>> What’s the rationale for not using addons.mozilla.org?
>>
>> gnuzilla.gnu.org appears to be broken, it’s serving an Apache
>> default page,
>> as if the vhost isn’t configured. Does the browser request
>> some path within
>> that domain, which does work? I’m not familiar with the
>> mechanism used for
>> this.
>
> Apologies, the URL is: https://gnuzilla.gnu.org/mozzarella/. It
> is used
> because addons.mozilla.org contains nonfree extensions, from
> [1]:
>
I’ll look into this and see what it takes to adjust.
>>> LibreWolf disables DRM by default[1], so I don’t believe this
>>> flag is
>>> necessary. I can confirm that it’s disabled in the browser
>>> built from
>>> the package definition without this flag.
>>>
>>
>>I looked a bit deeper into this. There are actually no
>>EME-related
>>configuration options in Librewolf at all, either to enable or
>>disable it.
>>It’s always disabled.
>
> Interesting, I applied the patch series onto 551d013, built
> librewolf,
> removed ~/.librewolf and ~/.mozilla, started librewolf and went
> to
> about:config, where 'browser.eme.ui.enabled' has the default
> value
> 'true', so I can see and toggle the checkbox for 'play
> DRM-controlled
> content' in about:preferences. I don't know why
> 'browser.eme.ui.enabled'
> is 'true' by default for me, but I think adding --disable-eme
> will set
> the default to 'false', like it is in the icecat-minimal
> about:config.
>
I completely misunderstood the various settings and systems at
play here, which I believe led us to talk past each other. The
summary of the situation, best as I can tell, is this:
- EME support: a build setting controlling whether the browser
supports *any kind* of encrypted media playback.
- Widevine support: one kind of DRM, implemented as an EME plugin.
- `browser.eme.ui.enabled' browser preference: controls whether
the UI for DRM is visible. Controls visibility *only*. A
browser build without EME will still show this if
`browser.eme.ui.enabled' is `true' (but the control does
nothing). A browser build *with* EME (and one or more DRM
plugins) can have this set to `false' and still play DRM’d
content.
- The checkbox within the EME UI: On browsers built with EME and
DRM plugin(s), controls whether that is allowed to be used. On
browsers without EME+Widevine, does nothing.
The default configuration of a clean install of a stock LibreWolf
build is:
- The browser is built with EME and Widevine support
- The UI to enable DRM is visible.
- Within that UI, the checkbox is unchecked (meaning DRM is not
enabled).
I have rebuilt with --disable-eme and confirmed that even with
browser.eme.ui.enabled=true and the "Play DRM-controlled content"
box checked, the resulting build cannot play DRM’d streams. This
was actually somewhat difficult, since I don’t use or have access
to any commercial streaming service, but I found a website which
lets you test DRM playback, and used that to compare behavior of a
LibreWolf binary obtained from the project with my build. Should
anyone else want to verify, or need to do this kind of testing,
the site is: https://www.nuevodevel.com/nuevo/showcase/drm
> When running grep in a Librewolf repo [3] for the aformentioned
> terms,
> only the --disable-jxl configure flag is modified in toolkit/
> moz.configure, so I don't think the Librewolf developers disable
> EME.I
> am not sure though, I don't want to rebuild librewolf with the
> --disable-eme flag to look for the difference.
>
The "source" repo contains patches and orchestration to produce
the LibreWolf source tarball. The setting which disables DRM by
default is in their settings repo[1], which is a submodule. The
likely scenario is that you cloned the repo with the eminently
reasonable assumption that this would produce a full copy of its
contents, and grepped them. Unfortunately, Git submodules are
deeply unreasonable, and do not work this way -- you must perform
manual actions to populate or update them, which is very easy to
forget, especially if one doesn’t work with them regularly.
LibreWolf’s specific wording is "We disable DRM by default," which
I believe is accurate, but fails to capture the fullness of the
situation, i.e. that DRM support is included, but dormant. So
you’re also correct that they don’t disable EME -- the disabling
happens above that layer. This was not clear to me in the earlier
discussions.
I’ve removed EME from the build, and will work on replacing
Mozilla’s addons with Mozarella, then send an updated patch
series. Separately, I’ve also managed to unbundle libpng,
libwebp, and nss; fixed the glxinfo utility program; and
eliminated a redundant copy of the main binary.
Thanks,
— Ian
[1]:
https://gitlab.com/librewolf-community/settings/-/blob/ba238a9ca6bfd509f31e6eb4a45c14c11b7ef7fe/librewolf.cfg#L258-263
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 5/5] gnu: Add librewolf.
2024-02-06 23:29 ` Ian Eure
@ 2024-02-07 10:06 ` Clément Lassieur
0 siblings, 0 replies; 75+ messages in thread
From: Clément Lassieur @ 2024-02-07 10:06 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512
On Tue, Feb 06 2024, Ian Eure wrote:
> I’ve removed EME from the build, and will work on replacing Mozilla’s addons
> with Mozarella, then send an updated patch series.
For this you can just copy what's done in the Tor Browser package, which
is a copy of what's done in upstream Icecat.
Cheers
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 0/4] Add Librewolf
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (7 preceding siblings ...)
2024-01-17 15:43 ` [bug#67512] [PATCH 0/5] Add LibreWolf Clément Lassieur
@ 2024-02-11 19:20 ` Ian Eure
2024-02-11 20:22 ` Clément Lassieur
2024-02-11 19:20 ` [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
` (13 subsequent siblings)
22 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-11 19:20 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
Updated patch series.
* Updates LibreWolf to 122.0-2.
* Moved the icu4c-73-future package definition in (gnu packages gnuzilla) to (gnu packages icu4c).
* Updating icu4c to 73.1 would cause a world rebuild, so this is added as `icu4c-73' to avoid that.
* Disabled EME.
* Uses GNU Mozzarella instead of Firefox for addons.
* Updates NSS package.
* Unbundles libpng-apng, libwebp, nss, libevent, and libvpx.
I believe this addresses all the items I received feedback on.
Ian Eure (4):
gnu: Move icu4c-73 from gnuzilla to icu4c.
gnu: nss: Update to 3.97.
gnu: Add wasm packages.
gnu: Add librewolf.
gnu/packages/certs.scm | 4 +-
gnu/packages/gnuzilla.scm | 27 +-
gnu/packages/icu4c.scm | 22 ++
gnu/packages/librewolf.scm | 653 +++++++++++++++++++++++++++++++++++++
gnu/packages/nss.scm | 6 +-
gnu/packages/wasm.scm | 273 ++++++++++++++++
6 files changed, 954 insertions(+), 31 deletions(-)
create mode 100644 gnu/packages/librewolf.scm
create mode 100644 gnu/packages/wasm.scm
--
2.39.2
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (8 preceding siblings ...)
2024-02-11 19:20 ` [bug#67512] [PATCH v2 0/4] Add Librewolf Ian Eure
@ 2024-02-11 19:20 ` Ian Eure
2024-02-11 21:40 ` Mark H Weaver
2024-02-11 22:14 ` Clément Lassieur
2024-02-11 19:20 ` [bug#67512] [PATCH v2 2/4] gnu: nss: Update to 3.97 Ian Eure
` (12 subsequent siblings)
22 siblings, 2 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-11 19:20 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure, Clément Lassieur, Jonathan Brielmaier,
Mark H Weaver
* gnu/packages/icu4c.scm (icu4c-73): New variable.
* gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
---
gnu/packages/gnuzilla.scm | 27 +--------------------------
gnu/packages/icu4c.scm | 22 ++++++++++++++++++++++
2 files changed, 23 insertions(+), 26 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 5f77512427..094ff348e9 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -375,31 +375,6 @@ (define-public mozjs-78
(list icu4c-69 readline zlib))))
\f
-;;
-;; Needed for IceCat 115.
-;;
-(define icu4c-73-promise
- (delay
- (package
- (inherit icu4c)
- (version "73.1")
- (source (origin
- (method url-fetch)
- (uri (string-append
- "https://github.com/unicode-org/icu/releases/download/release-"
- (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
- "/icu4c-"
- (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
- "-src.tgz"))
- (sha256
- (base32
- "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
- (patches
- (cons
- (search-patch
- "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
- (origin-patches (package-source icu4c)))))))))
-
;;;
;;; Localization helper procedures.
;;;
@@ -757,7 +732,7 @@ (define-public icecat-minimal
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force icu4c-73-promise)
+ icu4c-73
pixman
pulseaudio
mesa
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 5aaf3a8361..0dfe63b20a 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -109,6 +109,28 @@ (define-public icu4c
(license x11)
(home-page "http://site.icu-project.org/")))
+(define-public icu4c-73
+ (package
+ (inherit icu4c)
+ (name "icu4c")
+ (version "73.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/unicode-org/icu/releases/download/release-"
+ (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (sha256
+ (base32
+ "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
+ (patches
+ (cons
+ (search-patch
+ "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
+ (origin-patches (package-source icu4c))))))))
+
(define-public icu4c-70
(package
(inherit icu4c)
--
2.39.2
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 2/4] gnu: nss: Update to 3.97.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (9 preceding siblings ...)
2024-02-11 19:20 ` [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
@ 2024-02-11 19:20 ` Ian Eure
2024-02-11 19:20 ` [bug#67512] [PATCH v2 3/4] gnu: Add wasm packages Ian Eure
` (11 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-11 19:20 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/nss.scm (nss): Update to 3.97.
* gnu/packages/certs.scm (nss-certs): Update to 3.97.
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..2a6106df78 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..268ddaa24f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.39.2
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 3/4] gnu: Add wasm packages.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (10 preceding siblings ...)
2024-02-11 19:20 ` [bug#67512] [PATCH v2 2/4] gnu: nss: Update to 3.97 Ian Eure
@ 2024-02-11 19:20 ` Ian Eure
2024-02-11 19:20 ` [bug#67512] [PATCH v2 4/4] gnu: Add librewolf Ian Eure
` (10 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-11 19:20 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/wasm.scm (wasi-libc): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
---
gnu/packages/wasm.scm | 273 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 273 insertions(+)
create mode 100644 gnu/packages/wasm.scm
diff --git a/gnu/packages/wasm.scm b/gnu/packages/wasm.scm
new file mode 100644
index 0000000000..05d247f333
--- /dev/null
+++ b/gnu/packages/wasm.scm
@@ -0,0 +1,273 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022-2023 Pierre Langlois <pierre.langlois@gmx.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages wasm)
+ #:use-module (guix base32)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix utils)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages python))
+
+(define-public wasi-libc
+ (package
+ (name "wasi-libc")
+ (version "sdk-19")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/WebAssembly/wasi-libc")
+ (commit (string-append "wasi-" version))
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0bnpz8wk9wiic938296gxp4vz820bvpi1w41jksjzz5552hql169"))))
+ (build-system gnu-build-system)
+ (native-inputs (list clang-15))
+ (arguments
+ (list
+ #:tests? #f ;No test suite
+ ;; Firefox uses wasm2c to compile WebAssembly to C code, and it
+ ;; does not support the memory.copy opcode.
+ ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1773200#c4
+ #:make-flags ''("BULK_MEMORY_SOURCES=")
+ #:phases #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-before 'build 'set-sysroot-include
+ (lambda _
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getcwd) "/sysroot/include"))))
+ (add-before 'install 'set-install-dir
+ (lambda _
+ (setenv "INSTALL_DIR"
+ (string-append #$output "/wasm32-wasi")))))))
+ (home-page "https://wasi.dev")
+ (synopsis "WASI libc implementation for WebAssembly")
+ (description
+ "WASI Libc is a libc for WebAssembly programs built on top of WASI
+system calls. It provides a wide array of POSIX-compatible C APIs, including
+support for standard I/O, file I/O, filesystem manipulation, memory
+management, time, string, environment variables, program startup, and many
+other APIs.")
+ (license (list
+ ;; For wasi-libc, with LLVM exceptions
+ license:asl2.0
+ ;; For malloc.c.
+ license:cc0
+ ;; For cloudlibc.
+ license:bsd-2
+ ;; For wasi-libc and musl-libc.
+ license:expat))))
+
+(define-public wasm32-wasi-clang-runtime
+ (package (inherit clang-runtime-15)
+ (native-inputs
+ (list clang-15
+ wasi-libc))
+ (inputs (list llvm-15))
+ (arguments
+ (list
+ #:build-type "Release"
+ #:tests? #f
+ ;; Stripping binaries breaks wasm linking, resulting in the following
+ ;; error: "archive has no index; run ranlib to add one".
+ #:strip-binaries? #f
+ #:configure-flags
+ #~(list "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ (string-append
+ "-DCMAKE_SYSROOT=" #$wasi-libc "/wasm32-wasi")
+ (string-append
+ "-DCMAKE_C_FLAGS=-I " #$wasi-libc "/wasm32-wasi/include")
+
+ "-DCOMPILER_RT_OS_DIR=wasi"
+
+ "-DCOMPILER_RT_BAREMETAL_BUILD=On"
+ "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=On"
+
+ ;; WASM only needs libclang_rt.builtins-wasm32.a from
+ ;; compiler-rt.
+ "../source/compiler-rt/lib/builtins")))))
+
+;; FIXME: Ideally we wouldn't need to build a separate compiler because clang
+;; can support multiple targets at runtime. However Guix patches the default
+;; clang with a specific clang-runtime package. It would be good to improve
+;; upstream Guix's support for cross-compiling with clang.
+
+(define clang-from-llvm (@@ (gnu packages llvm) clang-from-llvm))
+(define llvm-monorepo (@@ (gnu packages llvm) llvm-monorepo))
+
+(define-public wasm32-wasi-clang
+ (let ((base (clang-from-llvm llvm-15 wasm32-wasi-clang-runtime)))
+ (package
+ (inherit base)
+ (name "wasm32-wasi-clang")
+ (inputs (modify-inputs (package-inputs base)
+ (prepend wasi-libc)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:configure-flags flags)
+ #~(list "-DCLANG_INCLUDE_TESTS=True"
+ ;; Use a sane default include directory.
+ (string-append "-DC_INCLUDE_DIRS="
+ #$wasi-libc "/wasm32-wasi/include")))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (delete 'symlink-cfi_ignorelist))))))))
+
+(define-public wasm32-wasi-libcxx
+ (package
+ (name "wasm32-wasi-libcxx")
+ (version (package-version llvm-15))
+ (source
+ (llvm-monorepo version))
+ (build-system cmake-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(list (string-append "-S ../source/runtimes")
+
+ "-DLLVM_ENABLE_RUNTIMES=libcxx;libcxxabi"
+
+ (string-append "-DCMAKE_SYSROOT="
+ #$wasi-libc "/wasm32-wasi")
+
+ (string-append "-DCMAKE_INCLUDE_PATH="
+ #$wasi-libc
+ "/wasm32-wasi/include")
+
+ (string-append "-DCMAKE_STAGING_PREFIX="
+ #$output "/wasm32-wasi")
+
+ "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_WORKS=ON"
+ "-DCMAKE_CXX_COMPILER=clang++"
+ "-DCMAKE_CXX_COMPILER_WORKS=ON"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ "-DCMAKE_CXX_COMPILER_TARGET=wasm32-wasi"
+
+ "-DLIBCXX_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXX_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXX_ENABLE_SHARED=OFF"
+ "-DLIBCXX_ENABLE_THREADS=OFF"
+ "-DLIBCXX_ENABLE_FILESYSTEM=OFF"
+
+ "-DLIBCXXABI_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXXABI_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXXABI_ENABLE_SHARED=OFF"
+ "-DLIBCXXABI_ENABLE_THREADS=OFF"
+ "-DLIBCXXABI_ENABLE_FILESYSTEM=OFF")
+ #:tests? #f
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'set-paths 'adjust-CPLUS_INCLUDE_PATH
+ (lambda _
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append #$wasi-libc
+ "/wasm32-wasi/include:"
+ (getenv "CPLUS_INCLUDE_PATH"))))))))
+ (native-inputs (list lld python wasm32-wasi-clang))
+ (inputs (list wasi-libc))
+ (home-page "https://libcxx.llvm.org")
+ (synopsis "C++ standard library for WebAssembly")
+ (description
+ "This package provides an implementation of the C++ standard library for
+use with Clang, targeting C++11, C++14 and above. This package targets
+WebAssembly with WASI.")
+ (license license:expat)))
+
+(define-public wasm32-wasi-clang-toolchain
+ (package
+ (name "wasm32-wasi-clang-toolchain")
+ (version (package-version wasm32-wasi-clang))
+ (source
+ #f)
+ (build-system trivial-build-system)
+ (arguments
+ (list
+ #:builder (with-imported-modules '((guix build union)
+ (guix build utils))
+ #~(begin
+ (use-modules (guix build union)
+ (guix build utils))
+ (union-build #$output
+ (list #$wasm32-wasi-clang-runtime
+ #$wasi-libc
+ #$wasm32-wasi-libcxx))
+ (mkdir-p (string-append #$output
+ "/bin"))
+
+ ;; We provide clang and clang++ via a wrapped program that sets
+ ;; include paths correctly so that it does not include paths from
+ ;; the host.
+
+ ;; FIXME: Review how we can provide better support for
+ ;; cross-compiling with clang in Guix, maybe adding support for
+ ;; the CROSS_C_INCLUDE_PATH and CROSS_CPLUS_INCLUDE_PATH
+ ;; environment variables like GCC.
+
+ (for-each (lambda (bin)
+ (symlink (string-append #$wasm32-wasi-clang
+ bin)
+ (string-append #$output
+ bin))
+ (wrap-program (string-append #$output
+ bin)
+ #:sh (string-append #$bash-minimal
+ "/bin/bash")
+ `("C_INCLUDE_PATH"
+ ":" =
+ (,(string-append #$output
+ "/wasm32-wasi/include")))
+ `("CPLUS_INCLUDE_PATH"
+ ":" =
+ ;; Make sure inclure/c++/v1 comes first for #include_next
+ ;; to work.
+ (,(string-append #$output
+ "/wasm32-wasi/include/c++/v1") ,
+ (string-append #$output
+ "/wasm32-wasi/include")))))
+ '("/bin/clang"
+ "/bin/clang++"))
+
+ (symlink (string-append #$lld
+ "/bin/wasm-ld")
+ (string-append #$output
+ "/bin/wasm-ld"))))))
+ (inputs (list bash-minimal
+ lld
+ wasi-libc
+ wasm32-wasi-clang
+ wasm32-wasi-clang-runtime
+ wasm32-wasi-libcxx))
+ (license (cons (package-license wasm32-wasi-clang)
+ (package-license wasi-libc)))
+ (home-page "https://clang.llvm.org")
+ (synopsis
+ "Complete Clang toolchain for C/C++ development, for WebAssembly.")
+ (description
+ "This package provides a complete Clang toolchain for C/C++
+development targeting WebAssembly with WASI. This includes Clang, as well as
+libc, libc++ and wasm-ld.")))
--
2.39.2
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 4/4] gnu: Add librewolf.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (11 preceding siblings ...)
2024-02-11 19:20 ` [bug#67512] [PATCH v2 3/4] gnu: Add wasm packages Ian Eure
@ 2024-02-11 19:20 ` Ian Eure
2024-02-11 23:49 ` [bug#67512] [PATCH v3 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
` (9 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-11 19:20 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 653 +++++++++++++++++++++++++++++++++++++
1 file changed, 653 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..32d51eabaf
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,653 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann@infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last@163.com>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias@protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf@wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian@retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages wasm)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build firefox, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every firefox update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20240130195200")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "122.0-2")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "0ggysgbazx5dl0l9dyvrpjgzbvivgddm9qyiyvjjfk9im9sljkxh"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang"))
+ (wasi-sysroot #$(this-package-native-input
+ "wasm32-wasi-clang-toolchain")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+ ,(string-append "--with-wasi-sysroot="
+ wasi-sysroot "/wasm32-wasi")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow Firefox sandbox to read the store directory,
+ ;; because Firefox sandbox have access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute file
+ `((,(format #f "~s" lib) unquote
+ (λ (line _)
+ (string-replace-substring line lib
+ (string-append #$speech-dispatcher
+ "/lib/"
+ lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Firefox will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does firefox build on
+ ;; non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "WASM_CC"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang"))
+ (setenv "WASM_CXX"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang++"))
+
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting in Firefox.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build '1fix-addons-placeholder
+ (lambda _
+ (substitute*
+ "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org") "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing Firefox's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (pciutils-lib (string-append (assoc-ref inputs
+ "pciutils") "/lib")))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,pciutils-lib))))))
+ (add-after 'install 'autoconfig
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+ (with-output-to-file (in-vicinity
+ lib "defaults/pref/autoconfig.js")
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ (format #t "pref(~s, ~s);~%"
+ "general.config.filename" config-file)
+ (format #t "pref(~s, ~a);~%"
+ "general.config.obscure_value" "0")))
+ (with-output-to-file (in-vicinity lib config-file)
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (format #t "pref(~s, ~a);~%"
+ "extensions.enabledScopes" "13")
+ ;; (format #t "pref(~s, ~s);~%"
+ ;; "security.sandbox.content.read_path_whitelist"
+ ;; (call-with-input-file "whitelist.txt"
+ ;; get-string-all))
+ ;; Add-ons pannel (see settings.js in Icecat source).
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.search.browseURL"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.get.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.link.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.discovery.api_url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.langpacks.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "lightweightThemes.getMoreURL"
+ "https://gnuzilla.gnu.org/mozzarella"))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (apng-lib (string-append (assoc-ref inputs
+ "libpng-apng") "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,apng-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ wasm32-wasi-clang-toolchain
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://mozilla.org/firefox/")
+ (synopsis "Trademarkless version of Firefox")
+ (description
+ "Full-featured browser client built from Firefox source tree, without
+the official icon and the name \"firefox\". This is the Extended Support
+Release (ESR) version.")
+ (license license:mpl2.0)))
--
2.39.2
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 0/4] Add Librewolf
2024-02-11 19:20 ` [bug#67512] [PATCH v2 0/4] Add Librewolf Ian Eure
@ 2024-02-11 20:22 ` Clément Lassieur
2024-02-11 23:23 ` Ian Eure
0 siblings, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-02-11 20:22 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512
On Sun, Feb 11 2024, Ian Eure wrote:
> Updated patch series.
>
> * Updates LibreWolf to 122.0-2.
> * Moved the icu4c-73-future package definition in (gnu packages gnuzilla) to (gnu packages icu4c).
> * Updating icu4c to 73.1 would cause a world rebuild, so this is added as `icu4c-73' to avoid that.
> * Disabled EME.
> * Uses GNU Mozzarella instead of Firefox for addons.
> * Updates NSS package.
> * Unbundles libpng-apng, libwebp, nss, libevent, and libvpx.
Well we still have no news from the Wasm person?
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-11 19:20 ` [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
@ 2024-02-11 21:40 ` Mark H Weaver
2024-02-11 22:14 ` Clément Lassieur
1 sibling, 0 replies; 75+ messages in thread
From: Mark H Weaver @ 2024-02-11 21:40 UTC (permalink / raw)
To: Ian Eure, 67512; +Cc: Jonathan Brielmaier, Clément Lassieur
Ian Eure <ian@retrospec.tv> writes:
> * gnu/packages/icu4c.scm (icu4c-73): New variable.
> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
Looks good to me.
Thanks,
Mark
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-11 19:20 ` [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
2024-02-11 21:40 ` Mark H Weaver
@ 2024-02-11 22:14 ` Clément Lassieur
2024-02-11 23:23 ` Ian Eure
1 sibling, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-02-11 22:14 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, Mark H Weaver, Jonathan Brielmaier
On Sun, Feb 11 2024, Ian Eure wrote:
> * gnu/packages/icu4c.scm (icu4c-73): New variable.
> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
>
> Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
I'm sorry, but with this patch neither mullvadbrowser or torbrowser
builds.
I get:
--8<---------------cut here---------------start------------->8---
error: icu4c-73-promise: unbound variable
--8<---------------cut here---------------end--------------->8---
Clément
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 0/4] Add Librewolf
2024-02-11 20:22 ` Clément Lassieur
@ 2024-02-11 23:23 ` Ian Eure
2024-02-11 23:32 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-11 23:23 UTC (permalink / raw)
To: 67512
Clément Lassieur <clement@lassieur.org> writes:
> On Sun, Feb 11 2024, Ian Eure wrote:
>
>> Updated patch series.
>>
>> * Updates LibreWolf to 122.0-2.
>> * Moved the icu4c-73-future package definition in (gnu packages
>> gnuzilla) to (gnu packages icu4c).
>> * Updating icu4c to 73.1 would cause a world rebuild, so this
>> is added as `icu4c-73' to avoid that.
>> * Disabled EME.
>> * Uses GNU Mozzarella instead of Firefox for addons.
>> * Updates NSS package.
>> * Unbundles libpng-apng, libwebp, nss, libevent, and libvpx.
>
> Well we still have no news from the Wasm person?
>
Seems like no.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-11 22:14 ` Clément Lassieur
@ 2024-02-11 23:23 ` Ian Eure
2024-02-11 23:34 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-11 23:23 UTC (permalink / raw)
To: 67512
Clément Lassieur <clement@lassieur.org> writes:
> On Sun, Feb 11 2024, Ian Eure wrote:
>
>> * gnu/packages/icu4c.scm (icu4c-73): New variable.
>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete
>> variable.
>>
>> Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
>
> I'm sorry, but with this patch neither mullvadbrowser or
> torbrowser
> builds.
>
> I get:
>
> error: icu4c-73-promise: unbound variable
>
It’s a oneliner fix, I’ll have an updated patch momentarily.
The root of the issue is that `make-torbrowser' is very naughty
and uses the unexported icu4c-73-promise symbol from (gnu packages
gnuzilla), so it broke when I moved it to the proper (gnu packages
icu4c) module.
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 0/4] Add Librewolf
2024-02-11 23:23 ` Ian Eure
@ 2024-02-11 23:32 ` Clément Lassieur
0 siblings, 0 replies; 75+ messages in thread
From: Clément Lassieur @ 2024-02-11 23:32 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512
On Sun, Feb 11 2024, Ian Eure wrote:
> Clément Lassieur <clement@lassieur.org> writes:
>
>> On Sun, Feb 11 2024, Ian Eure wrote:
>>
>>> Updated patch series.
>>>
>>> * Updates LibreWolf to 122.0-2.
>>> * Moved the icu4c-73-future package definition in (gnu packages gnuzilla)
>>> to (gnu packages icu4c).
>>> * Updating icu4c to 73.1 would cause a world rebuild, so this is added as
>>> `icu4c-73' to avoid that.
>>> * Disabled EME.
>>> * Uses GNU Mozzarella instead of Firefox for addons.
>>> * Updates NSS package.
>>> * Unbundles libpng-apng, libwebp, nss, libevent, and libvpx.
>>
>> Well we still have no news from the Wasm person?
>>
>
> Seems like no.
Unrelated, but please do "reply to all", it helps.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-11 23:23 ` Ian Eure
@ 2024-02-11 23:34 ` Clément Lassieur
0 siblings, 0 replies; 75+ messages in thread
From: Clément Lassieur @ 2024-02-11 23:34 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512
On Sun, Feb 11 2024, Ian Eure wrote:
> Clément Lassieur <clement@lassieur.org> writes:
>
>> On Sun, Feb 11 2024, Ian Eure wrote:
>>
>>> * gnu/packages/icu4c.scm (icu4c-73): New variable.
>>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
>>>
>>> Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
>>
>> I'm sorry, but with this patch neither mullvadbrowser or torbrowser
>> builds.
>>
>> I get:
>>
>> error: icu4c-73-promise: unbound variable
>>
>
> It’s a oneliner fix, I’ll have an updated patch momentarily.
>
> The root of the issue is that `make-torbrowser' is very naughty and uses the
> unexported icu4c-73-promise symbol from (gnu packages gnuzilla), so it broke
> when I moved it to the proper (gnu packages icu4c) module.
Well thanks for making it less naughty then ;)
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v3 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (12 preceding siblings ...)
2024-02-11 19:20 ` [bug#67512] [PATCH v2 4/4] gnu: Add librewolf Ian Eure
@ 2024-02-11 23:49 ` Ian Eure
2024-02-11 23:49 ` [bug#67512] [PATCH v3 2/4] gnu: nss: Update to 3.97 Ian Eure
` (8 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-11 23:49 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure, Clément Lassieur, Jonathan Brielmaier,
Mark H Weaver
* gnu/packages/icu4c.scm (icu4c-73): New variable.
* gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
---
gnu/packages/gnuzilla.scm | 27 +--------------------------
gnu/packages/icu4c.scm | 22 ++++++++++++++++++++++
gnu/packages/tor-browsers.scm | 3 ++-
3 files changed, 25 insertions(+), 27 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 5f77512427..094ff348e9 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -375,31 +375,6 @@ (define-public mozjs-78
(list icu4c-69 readline zlib))))
\f
-;;
-;; Needed for IceCat 115.
-;;
-(define icu4c-73-promise
- (delay
- (package
- (inherit icu4c)
- (version "73.1")
- (source (origin
- (method url-fetch)
- (uri (string-append
- "https://github.com/unicode-org/icu/releases/download/release-"
- (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
- "/icu4c-"
- (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
- "-src.tgz"))
- (sha256
- (base32
- "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
- (patches
- (cons
- (search-patch
- "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
- (origin-patches (package-source icu4c)))))))))
-
;;;
;;; Localization helper procedures.
;;;
@@ -757,7 +732,7 @@ (define-public icecat-minimal
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force icu4c-73-promise)
+ icu4c-73
pixman
pulseaudio
mesa
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 5aaf3a8361..0dfe63b20a 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -109,6 +109,28 @@ (define-public icu4c
(license x11)
(home-page "http://site.icu-project.org/")))
+(define-public icu4c-73
+ (package
+ (inherit icu4c)
+ (name "icu4c")
+ (version "73.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/unicode-org/icu/releases/download/release-"
+ (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (sha256
+ (base32
+ "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
+ (patches
+ (cons
+ (search-patch
+ "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
+ (origin-patches (package-source icu4c))))))))
+
(define-public icu4c-70
(package
(inherit icu4c)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index c4ce997b99..ee5e072102 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -52,6 +52,7 @@ (define-module (gnu packages tor-browsers)
#:use-module (gnu packages golang)
#:use-module (gnu packages gtk)
#:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
#:use-module (gnu packages image)
#:use-module (gnu packages kerberos)
#:use-module (gnu packages libcanberra)
@@ -270,7 +271,7 @@ (define* (make-torbrowser #:key
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force (@@ (gnu packages gnuzilla) icu4c-73-promise))
+ icu4c-73
pixman
pulseaudio
mesa
--
2.39.2
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v3 2/4] gnu: nss: Update to 3.97.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (13 preceding siblings ...)
2024-02-11 23:49 ` [bug#67512] [PATCH v3 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
@ 2024-02-11 23:49 ` Ian Eure
2024-02-11 23:49 ` [bug#67512] [PATCH v3 3/4] gnu: Add wasm packages Ian Eure
` (7 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-11 23:49 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/nss.scm (nss): Update to 3.97.
* gnu/packages/certs.scm (nss-certs): Update to 3.97.
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..2a6106df78 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..268ddaa24f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.39.2
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v3 3/4] gnu: Add wasm packages.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (14 preceding siblings ...)
2024-02-11 23:49 ` [bug#67512] [PATCH v3 2/4] gnu: nss: Update to 3.97 Ian Eure
@ 2024-02-11 23:49 ` Ian Eure
2024-02-11 23:49 ` [bug#67512] [PATCH v3 4/4] gnu: Add librewolf Ian Eure
` (6 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-11 23:49 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/wasm.scm (wasi-libc): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
---
gnu/packages/wasm.scm | 273 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 273 insertions(+)
create mode 100644 gnu/packages/wasm.scm
diff --git a/gnu/packages/wasm.scm b/gnu/packages/wasm.scm
new file mode 100644
index 0000000000..05d247f333
--- /dev/null
+++ b/gnu/packages/wasm.scm
@@ -0,0 +1,273 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022-2023 Pierre Langlois <pierre.langlois@gmx.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages wasm)
+ #:use-module (guix base32)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix utils)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages python))
+
+(define-public wasi-libc
+ (package
+ (name "wasi-libc")
+ (version "sdk-19")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/WebAssembly/wasi-libc")
+ (commit (string-append "wasi-" version))
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0bnpz8wk9wiic938296gxp4vz820bvpi1w41jksjzz5552hql169"))))
+ (build-system gnu-build-system)
+ (native-inputs (list clang-15))
+ (arguments
+ (list
+ #:tests? #f ;No test suite
+ ;; Firefox uses wasm2c to compile WebAssembly to C code, and it
+ ;; does not support the memory.copy opcode.
+ ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1773200#c4
+ #:make-flags ''("BULK_MEMORY_SOURCES=")
+ #:phases #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-before 'build 'set-sysroot-include
+ (lambda _
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getcwd) "/sysroot/include"))))
+ (add-before 'install 'set-install-dir
+ (lambda _
+ (setenv "INSTALL_DIR"
+ (string-append #$output "/wasm32-wasi")))))))
+ (home-page "https://wasi.dev")
+ (synopsis "WASI libc implementation for WebAssembly")
+ (description
+ "WASI Libc is a libc for WebAssembly programs built on top of WASI
+system calls. It provides a wide array of POSIX-compatible C APIs, including
+support for standard I/O, file I/O, filesystem manipulation, memory
+management, time, string, environment variables, program startup, and many
+other APIs.")
+ (license (list
+ ;; For wasi-libc, with LLVM exceptions
+ license:asl2.0
+ ;; For malloc.c.
+ license:cc0
+ ;; For cloudlibc.
+ license:bsd-2
+ ;; For wasi-libc and musl-libc.
+ license:expat))))
+
+(define-public wasm32-wasi-clang-runtime
+ (package (inherit clang-runtime-15)
+ (native-inputs
+ (list clang-15
+ wasi-libc))
+ (inputs (list llvm-15))
+ (arguments
+ (list
+ #:build-type "Release"
+ #:tests? #f
+ ;; Stripping binaries breaks wasm linking, resulting in the following
+ ;; error: "archive has no index; run ranlib to add one".
+ #:strip-binaries? #f
+ #:configure-flags
+ #~(list "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ (string-append
+ "-DCMAKE_SYSROOT=" #$wasi-libc "/wasm32-wasi")
+ (string-append
+ "-DCMAKE_C_FLAGS=-I " #$wasi-libc "/wasm32-wasi/include")
+
+ "-DCOMPILER_RT_OS_DIR=wasi"
+
+ "-DCOMPILER_RT_BAREMETAL_BUILD=On"
+ "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=On"
+
+ ;; WASM only needs libclang_rt.builtins-wasm32.a from
+ ;; compiler-rt.
+ "../source/compiler-rt/lib/builtins")))))
+
+;; FIXME: Ideally we wouldn't need to build a separate compiler because clang
+;; can support multiple targets at runtime. However Guix patches the default
+;; clang with a specific clang-runtime package. It would be good to improve
+;; upstream Guix's support for cross-compiling with clang.
+
+(define clang-from-llvm (@@ (gnu packages llvm) clang-from-llvm))
+(define llvm-monorepo (@@ (gnu packages llvm) llvm-monorepo))
+
+(define-public wasm32-wasi-clang
+ (let ((base (clang-from-llvm llvm-15 wasm32-wasi-clang-runtime)))
+ (package
+ (inherit base)
+ (name "wasm32-wasi-clang")
+ (inputs (modify-inputs (package-inputs base)
+ (prepend wasi-libc)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:configure-flags flags)
+ #~(list "-DCLANG_INCLUDE_TESTS=True"
+ ;; Use a sane default include directory.
+ (string-append "-DC_INCLUDE_DIRS="
+ #$wasi-libc "/wasm32-wasi/include")))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (delete 'symlink-cfi_ignorelist))))))))
+
+(define-public wasm32-wasi-libcxx
+ (package
+ (name "wasm32-wasi-libcxx")
+ (version (package-version llvm-15))
+ (source
+ (llvm-monorepo version))
+ (build-system cmake-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(list (string-append "-S ../source/runtimes")
+
+ "-DLLVM_ENABLE_RUNTIMES=libcxx;libcxxabi"
+
+ (string-append "-DCMAKE_SYSROOT="
+ #$wasi-libc "/wasm32-wasi")
+
+ (string-append "-DCMAKE_INCLUDE_PATH="
+ #$wasi-libc
+ "/wasm32-wasi/include")
+
+ (string-append "-DCMAKE_STAGING_PREFIX="
+ #$output "/wasm32-wasi")
+
+ "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_WORKS=ON"
+ "-DCMAKE_CXX_COMPILER=clang++"
+ "-DCMAKE_CXX_COMPILER_WORKS=ON"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ "-DCMAKE_CXX_COMPILER_TARGET=wasm32-wasi"
+
+ "-DLIBCXX_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXX_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXX_ENABLE_SHARED=OFF"
+ "-DLIBCXX_ENABLE_THREADS=OFF"
+ "-DLIBCXX_ENABLE_FILESYSTEM=OFF"
+
+ "-DLIBCXXABI_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXXABI_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXXABI_ENABLE_SHARED=OFF"
+ "-DLIBCXXABI_ENABLE_THREADS=OFF"
+ "-DLIBCXXABI_ENABLE_FILESYSTEM=OFF")
+ #:tests? #f
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'set-paths 'adjust-CPLUS_INCLUDE_PATH
+ (lambda _
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append #$wasi-libc
+ "/wasm32-wasi/include:"
+ (getenv "CPLUS_INCLUDE_PATH"))))))))
+ (native-inputs (list lld python wasm32-wasi-clang))
+ (inputs (list wasi-libc))
+ (home-page "https://libcxx.llvm.org")
+ (synopsis "C++ standard library for WebAssembly")
+ (description
+ "This package provides an implementation of the C++ standard library for
+use with Clang, targeting C++11, C++14 and above. This package targets
+WebAssembly with WASI.")
+ (license license:expat)))
+
+(define-public wasm32-wasi-clang-toolchain
+ (package
+ (name "wasm32-wasi-clang-toolchain")
+ (version (package-version wasm32-wasi-clang))
+ (source
+ #f)
+ (build-system trivial-build-system)
+ (arguments
+ (list
+ #:builder (with-imported-modules '((guix build union)
+ (guix build utils))
+ #~(begin
+ (use-modules (guix build union)
+ (guix build utils))
+ (union-build #$output
+ (list #$wasm32-wasi-clang-runtime
+ #$wasi-libc
+ #$wasm32-wasi-libcxx))
+ (mkdir-p (string-append #$output
+ "/bin"))
+
+ ;; We provide clang and clang++ via a wrapped program that sets
+ ;; include paths correctly so that it does not include paths from
+ ;; the host.
+
+ ;; FIXME: Review how we can provide better support for
+ ;; cross-compiling with clang in Guix, maybe adding support for
+ ;; the CROSS_C_INCLUDE_PATH and CROSS_CPLUS_INCLUDE_PATH
+ ;; environment variables like GCC.
+
+ (for-each (lambda (bin)
+ (symlink (string-append #$wasm32-wasi-clang
+ bin)
+ (string-append #$output
+ bin))
+ (wrap-program (string-append #$output
+ bin)
+ #:sh (string-append #$bash-minimal
+ "/bin/bash")
+ `("C_INCLUDE_PATH"
+ ":" =
+ (,(string-append #$output
+ "/wasm32-wasi/include")))
+ `("CPLUS_INCLUDE_PATH"
+ ":" =
+ ;; Make sure inclure/c++/v1 comes first for #include_next
+ ;; to work.
+ (,(string-append #$output
+ "/wasm32-wasi/include/c++/v1") ,
+ (string-append #$output
+ "/wasm32-wasi/include")))))
+ '("/bin/clang"
+ "/bin/clang++"))
+
+ (symlink (string-append #$lld
+ "/bin/wasm-ld")
+ (string-append #$output
+ "/bin/wasm-ld"))))))
+ (inputs (list bash-minimal
+ lld
+ wasi-libc
+ wasm32-wasi-clang
+ wasm32-wasi-clang-runtime
+ wasm32-wasi-libcxx))
+ (license (cons (package-license wasm32-wasi-clang)
+ (package-license wasi-libc)))
+ (home-page "https://clang.llvm.org")
+ (synopsis
+ "Complete Clang toolchain for C/C++ development, for WebAssembly.")
+ (description
+ "This package provides a complete Clang toolchain for C/C++
+development targeting WebAssembly with WASI. This includes Clang, as well as
+libc, libc++ and wasm-ld.")))
--
2.39.2
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v3 4/4] gnu: Add librewolf.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (15 preceding siblings ...)
2024-02-11 23:49 ` [bug#67512] [PATCH v3 3/4] gnu: Add wasm packages Ian Eure
@ 2024-02-11 23:49 ` Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 0/4] Add LibreWolf Ian Eure
` (5 subsequent siblings)
22 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-11 23:49 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 653 +++++++++++++++++++++++++++++++++++++
1 file changed, 653 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..32d51eabaf
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,653 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann@infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last@163.com>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias@protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf@wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian@retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages wasm)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build firefox, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every firefox update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20240130195200")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "122.0-2")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "0ggysgbazx5dl0l9dyvrpjgzbvivgddm9qyiyvjjfk9im9sljkxh"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang"))
+ (wasi-sysroot #$(this-package-native-input
+ "wasm32-wasi-clang-toolchain")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+ ,(string-append "--with-wasi-sysroot="
+ wasi-sysroot "/wasm32-wasi")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow Firefox sandbox to read the store directory,
+ ;; because Firefox sandbox have access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute file
+ `((,(format #f "~s" lib) unquote
+ (λ (line _)
+ (string-replace-substring line lib
+ (string-append #$speech-dispatcher
+ "/lib/"
+ lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Firefox will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does firefox build on
+ ;; non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "WASM_CC"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang"))
+ (setenv "WASM_CXX"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang++"))
+
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting in Firefox.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build '1fix-addons-placeholder
+ (lambda _
+ (substitute*
+ "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org") "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing Firefox's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (pciutils-lib (string-append (assoc-ref inputs
+ "pciutils") "/lib")))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,pciutils-lib))))))
+ (add-after 'install 'autoconfig
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+ (with-output-to-file (in-vicinity
+ lib "defaults/pref/autoconfig.js")
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ (format #t "pref(~s, ~s);~%"
+ "general.config.filename" config-file)
+ (format #t "pref(~s, ~a);~%"
+ "general.config.obscure_value" "0")))
+ (with-output-to-file (in-vicinity lib config-file)
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (format #t "pref(~s, ~a);~%"
+ "extensions.enabledScopes" "13")
+ ;; (format #t "pref(~s, ~s);~%"
+ ;; "security.sandbox.content.read_path_whitelist"
+ ;; (call-with-input-file "whitelist.txt"
+ ;; get-string-all))
+ ;; Add-ons pannel (see settings.js in Icecat source).
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.search.browseURL"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.get.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.link.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.discovery.api_url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.langpacks.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "lightweightThemes.getMoreURL"
+ "https://gnuzilla.gnu.org/mozzarella"))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (apng-lib (string-append (assoc-ref inputs
+ "libpng-apng") "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,apng-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ wasm32-wasi-clang-toolchain
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://mozilla.org/firefox/")
+ (synopsis "Trademarkless version of Firefox")
+ (description
+ "Full-featured browser client built from Firefox source tree, without
+the official icon and the name \"firefox\". This is the Extended Support
+Release (ESR) version.")
+ (license license:mpl2.0)))
--
2.39.2
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 0/4] Add LibreWolf
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (16 preceding siblings ...)
2024-02-11 23:49 ` [bug#67512] [PATCH v3 4/4] gnu: Add librewolf Ian Eure
@ 2024-02-13 20:34 ` Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
` (3 more replies)
2024-02-25 0:53 ` [bug#67512] [PATCH v5 0/2] Add LibreWolf Ian Eure
` (4 subsequent siblings)
22 siblings, 4 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-13 20:34 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
During testing, I found some problems with v3 of the patch.
* The vendor-provided browser config was getting clobbered during 'autoconfig. Reworked this to append to librewolf.cfg instead of obliterating it or using autoconfig.js.
* Extension search from about:addons was broken, because extensions.getAddons.search.browseURL was missing the %TERMS% placeholder. Added.
* extensions.getAddons settings were defined with pref() instead of defaultPref(). pref() is for user settings, and causes them to show up as modified in about:config, with a revert button to restore the value from defaultPref (which is Mozilla's addons repo). Switched to defaultPref().
Both the extension search and pref/defaultPref issues are present in torbrowser and mullvad, and *if* those upstreams ship autoconfig.js files, their contents won't make it into the Guix packages. Someone might want to look into those issues.
Ian Eure (4):
gnu: Move icu4c-73 from gnuzilla to icu4c.
gnu: nss: Update to 3.97.
gnu: Add wasm packages.
gnu: Add librewolf.
gnu/packages/certs.scm | 4 +-
gnu/packages/gnuzilla.scm | 27 +-
gnu/packages/icu4c.scm | 22 ++
gnu/packages/librewolf.scm | 642 ++++++++++++++++++++++++++++++++++
gnu/packages/nss.scm | 6 +-
gnu/packages/tor-browsers.scm | 3 +-
gnu/packages/wasm.scm | 273 +++++++++++++++
7 files changed, 945 insertions(+), 32 deletions(-)
create mode 100644 gnu/packages/librewolf.scm
create mode 100644 gnu/packages/wasm.scm
base-commit: b6439fc5f800b5d22d48192bc347be794f050329
--
2.41.0
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-13 20:34 ` [bug#67512] [PATCH v4 0/4] Add LibreWolf Ian Eure
@ 2024-02-13 20:34 ` Ian Eure
2024-02-14 18:05 ` Mark H Weaver
2024-02-13 20:34 ` [bug#67512] [PATCH v4 2/4] gnu: nss: Update to 3.97 Ian Eure
` (2 subsequent siblings)
3 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-13 20:34 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure, Clément Lassieur, Jonathan Brielmaier,
Mark H Weaver
* gnu/packages/icu4c.scm (icu4c-73): New variable.
* gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
---
gnu/packages/gnuzilla.scm | 27 +--------------------------
gnu/packages/icu4c.scm | 22 ++++++++++++++++++++++
gnu/packages/tor-browsers.scm | 3 ++-
3 files changed, 25 insertions(+), 27 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 5f77512427..094ff348e9 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -375,31 +375,6 @@ (define-public mozjs-78
(list icu4c-69 readline zlib))))
\f
-;;
-;; Needed for IceCat 115.
-;;
-(define icu4c-73-promise
- (delay
- (package
- (inherit icu4c)
- (version "73.1")
- (source (origin
- (method url-fetch)
- (uri (string-append
- "https://github.com/unicode-org/icu/releases/download/release-"
- (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
- "/icu4c-"
- (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
- "-src.tgz"))
- (sha256
- (base32
- "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
- (patches
- (cons
- (search-patch
- "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
- (origin-patches (package-source icu4c)))))))))
-
;;;
;;; Localization helper procedures.
;;;
@@ -757,7 +732,7 @@ (define-public icecat-minimal
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force icu4c-73-promise)
+ icu4c-73
pixman
pulseaudio
mesa
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 5aaf3a8361..0dfe63b20a 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -109,6 +109,28 @@ (define-public icu4c
(license x11)
(home-page "http://site.icu-project.org/")))
+(define-public icu4c-73
+ (package
+ (inherit icu4c)
+ (name "icu4c")
+ (version "73.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/unicode-org/icu/releases/download/release-"
+ (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (sha256
+ (base32
+ "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
+ (patches
+ (cons
+ (search-patch
+ "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
+ (origin-patches (package-source icu4c))))))))
+
(define-public icu4c-70
(package
(inherit icu4c)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index c4ce997b99..ee5e072102 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -52,6 +52,7 @@ (define-module (gnu packages tor-browsers)
#:use-module (gnu packages golang)
#:use-module (gnu packages gtk)
#:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
#:use-module (gnu packages image)
#:use-module (gnu packages kerberos)
#:use-module (gnu packages libcanberra)
@@ -270,7 +271,7 @@ (define* (make-torbrowser #:key
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force (@@ (gnu packages gnuzilla) icu4c-73-promise))
+ icu4c-73
pixman
pulseaudio
mesa
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 2/4] gnu: nss: Update to 3.97.
2024-02-13 20:34 ` [bug#67512] [PATCH v4 0/4] Add LibreWolf Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
@ 2024-02-13 20:34 ` Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 4/4] gnu: Add librewolf Ian Eure
3 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-13 20:34 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/nss.scm (nss): Update to 3.97.
* gnu/packages/certs.scm (nss-certs): Update to 3.97.
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..2a6106df78 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..268ddaa24f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-13 20:34 ` [bug#67512] [PATCH v4 0/4] Add LibreWolf Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 2/4] gnu: nss: Update to 3.97 Ian Eure
@ 2024-02-13 20:34 ` Ian Eure
2024-02-13 22:41 ` Liliana Marie Prikler
2024-02-13 20:34 ` [bug#67512] [PATCH v4 4/4] gnu: Add librewolf Ian Eure
3 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-13 20:34 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/wasm.scm (wasi-libc): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
---
gnu/packages/wasm.scm | 273 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 273 insertions(+)
create mode 100644 gnu/packages/wasm.scm
diff --git a/gnu/packages/wasm.scm b/gnu/packages/wasm.scm
new file mode 100644
index 0000000000..05d247f333
--- /dev/null
+++ b/gnu/packages/wasm.scm
@@ -0,0 +1,273 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022-2023 Pierre Langlois <pierre.langlois@gmx.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages wasm)
+ #:use-module (guix base32)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix utils)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages python))
+
+(define-public wasi-libc
+ (package
+ (name "wasi-libc")
+ (version "sdk-19")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/WebAssembly/wasi-libc")
+ (commit (string-append "wasi-" version))
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0bnpz8wk9wiic938296gxp4vz820bvpi1w41jksjzz5552hql169"))))
+ (build-system gnu-build-system)
+ (native-inputs (list clang-15))
+ (arguments
+ (list
+ #:tests? #f ;No test suite
+ ;; Firefox uses wasm2c to compile WebAssembly to C code, and it
+ ;; does not support the memory.copy opcode.
+ ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1773200#c4
+ #:make-flags ''("BULK_MEMORY_SOURCES=")
+ #:phases #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-before 'build 'set-sysroot-include
+ (lambda _
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getcwd) "/sysroot/include"))))
+ (add-before 'install 'set-install-dir
+ (lambda _
+ (setenv "INSTALL_DIR"
+ (string-append #$output "/wasm32-wasi")))))))
+ (home-page "https://wasi.dev")
+ (synopsis "WASI libc implementation for WebAssembly")
+ (description
+ "WASI Libc is a libc for WebAssembly programs built on top of WASI
+system calls. It provides a wide array of POSIX-compatible C APIs, including
+support for standard I/O, file I/O, filesystem manipulation, memory
+management, time, string, environment variables, program startup, and many
+other APIs.")
+ (license (list
+ ;; For wasi-libc, with LLVM exceptions
+ license:asl2.0
+ ;; For malloc.c.
+ license:cc0
+ ;; For cloudlibc.
+ license:bsd-2
+ ;; For wasi-libc and musl-libc.
+ license:expat))))
+
+(define-public wasm32-wasi-clang-runtime
+ (package (inherit clang-runtime-15)
+ (native-inputs
+ (list clang-15
+ wasi-libc))
+ (inputs (list llvm-15))
+ (arguments
+ (list
+ #:build-type "Release"
+ #:tests? #f
+ ;; Stripping binaries breaks wasm linking, resulting in the following
+ ;; error: "archive has no index; run ranlib to add one".
+ #:strip-binaries? #f
+ #:configure-flags
+ #~(list "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ (string-append
+ "-DCMAKE_SYSROOT=" #$wasi-libc "/wasm32-wasi")
+ (string-append
+ "-DCMAKE_C_FLAGS=-I " #$wasi-libc "/wasm32-wasi/include")
+
+ "-DCOMPILER_RT_OS_DIR=wasi"
+
+ "-DCOMPILER_RT_BAREMETAL_BUILD=On"
+ "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=On"
+
+ ;; WASM only needs libclang_rt.builtins-wasm32.a from
+ ;; compiler-rt.
+ "../source/compiler-rt/lib/builtins")))))
+
+;; FIXME: Ideally we wouldn't need to build a separate compiler because clang
+;; can support multiple targets at runtime. However Guix patches the default
+;; clang with a specific clang-runtime package. It would be good to improve
+;; upstream Guix's support for cross-compiling with clang.
+
+(define clang-from-llvm (@@ (gnu packages llvm) clang-from-llvm))
+(define llvm-monorepo (@@ (gnu packages llvm) llvm-monorepo))
+
+(define-public wasm32-wasi-clang
+ (let ((base (clang-from-llvm llvm-15 wasm32-wasi-clang-runtime)))
+ (package
+ (inherit base)
+ (name "wasm32-wasi-clang")
+ (inputs (modify-inputs (package-inputs base)
+ (prepend wasi-libc)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:configure-flags flags)
+ #~(list "-DCLANG_INCLUDE_TESTS=True"
+ ;; Use a sane default include directory.
+ (string-append "-DC_INCLUDE_DIRS="
+ #$wasi-libc "/wasm32-wasi/include")))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (delete 'symlink-cfi_ignorelist))))))))
+
+(define-public wasm32-wasi-libcxx
+ (package
+ (name "wasm32-wasi-libcxx")
+ (version (package-version llvm-15))
+ (source
+ (llvm-monorepo version))
+ (build-system cmake-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(list (string-append "-S ../source/runtimes")
+
+ "-DLLVM_ENABLE_RUNTIMES=libcxx;libcxxabi"
+
+ (string-append "-DCMAKE_SYSROOT="
+ #$wasi-libc "/wasm32-wasi")
+
+ (string-append "-DCMAKE_INCLUDE_PATH="
+ #$wasi-libc
+ "/wasm32-wasi/include")
+
+ (string-append "-DCMAKE_STAGING_PREFIX="
+ #$output "/wasm32-wasi")
+
+ "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_WORKS=ON"
+ "-DCMAKE_CXX_COMPILER=clang++"
+ "-DCMAKE_CXX_COMPILER_WORKS=ON"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ "-DCMAKE_CXX_COMPILER_TARGET=wasm32-wasi"
+
+ "-DLIBCXX_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXX_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXX_ENABLE_SHARED=OFF"
+ "-DLIBCXX_ENABLE_THREADS=OFF"
+ "-DLIBCXX_ENABLE_FILESYSTEM=OFF"
+
+ "-DLIBCXXABI_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXXABI_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXXABI_ENABLE_SHARED=OFF"
+ "-DLIBCXXABI_ENABLE_THREADS=OFF"
+ "-DLIBCXXABI_ENABLE_FILESYSTEM=OFF")
+ #:tests? #f
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'set-paths 'adjust-CPLUS_INCLUDE_PATH
+ (lambda _
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append #$wasi-libc
+ "/wasm32-wasi/include:"
+ (getenv "CPLUS_INCLUDE_PATH"))))))))
+ (native-inputs (list lld python wasm32-wasi-clang))
+ (inputs (list wasi-libc))
+ (home-page "https://libcxx.llvm.org")
+ (synopsis "C++ standard library for WebAssembly")
+ (description
+ "This package provides an implementation of the C++ standard library for
+use with Clang, targeting C++11, C++14 and above. This package targets
+WebAssembly with WASI.")
+ (license license:expat)))
+
+(define-public wasm32-wasi-clang-toolchain
+ (package
+ (name "wasm32-wasi-clang-toolchain")
+ (version (package-version wasm32-wasi-clang))
+ (source
+ #f)
+ (build-system trivial-build-system)
+ (arguments
+ (list
+ #:builder (with-imported-modules '((guix build union)
+ (guix build utils))
+ #~(begin
+ (use-modules (guix build union)
+ (guix build utils))
+ (union-build #$output
+ (list #$wasm32-wasi-clang-runtime
+ #$wasi-libc
+ #$wasm32-wasi-libcxx))
+ (mkdir-p (string-append #$output
+ "/bin"))
+
+ ;; We provide clang and clang++ via a wrapped program that sets
+ ;; include paths correctly so that it does not include paths from
+ ;; the host.
+
+ ;; FIXME: Review how we can provide better support for
+ ;; cross-compiling with clang in Guix, maybe adding support for
+ ;; the CROSS_C_INCLUDE_PATH and CROSS_CPLUS_INCLUDE_PATH
+ ;; environment variables like GCC.
+
+ (for-each (lambda (bin)
+ (symlink (string-append #$wasm32-wasi-clang
+ bin)
+ (string-append #$output
+ bin))
+ (wrap-program (string-append #$output
+ bin)
+ #:sh (string-append #$bash-minimal
+ "/bin/bash")
+ `("C_INCLUDE_PATH"
+ ":" =
+ (,(string-append #$output
+ "/wasm32-wasi/include")))
+ `("CPLUS_INCLUDE_PATH"
+ ":" =
+ ;; Make sure inclure/c++/v1 comes first for #include_next
+ ;; to work.
+ (,(string-append #$output
+ "/wasm32-wasi/include/c++/v1") ,
+ (string-append #$output
+ "/wasm32-wasi/include")))))
+ '("/bin/clang"
+ "/bin/clang++"))
+
+ (symlink (string-append #$lld
+ "/bin/wasm-ld")
+ (string-append #$output
+ "/bin/wasm-ld"))))))
+ (inputs (list bash-minimal
+ lld
+ wasi-libc
+ wasm32-wasi-clang
+ wasm32-wasi-clang-runtime
+ wasm32-wasi-libcxx))
+ (license (cons (package-license wasm32-wasi-clang)
+ (package-license wasi-libc)))
+ (home-page "https://clang.llvm.org")
+ (synopsis
+ "Complete Clang toolchain for C/C++ development, for WebAssembly.")
+ (description
+ "This package provides a complete Clang toolchain for C/C++
+development targeting WebAssembly with WASI. This includes Clang, as well as
+libc, libc++ and wasm-ld.")))
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 4/4] gnu: Add librewolf.
2024-02-13 20:34 ` [bug#67512] [PATCH v4 0/4] Add LibreWolf Ian Eure
` (2 preceding siblings ...)
2024-02-13 20:34 ` [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages Ian Eure
@ 2024-02-13 20:34 ` Ian Eure
3 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-13 20:34 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 642 +++++++++++++++++++++++++++++++++++++
1 file changed, 642 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..6aa84ee372
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,642 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann@infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last@163.com>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias@protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf@wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian@retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages wasm)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build firefox, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every firefox update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20240130195200")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "122.0-2")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "0ggysgbazx5dl0l9dyvrpjgzbvivgddm9qyiyvjjfk9im9sljkxh"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang"))
+ (wasi-sysroot #$(this-package-native-input
+ "wasm32-wasi-clang-toolchain")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+ ,(string-append "--with-wasi-sysroot="
+ wasi-sysroot "/wasm32-wasi")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow Firefox sandbox to read the store directory,
+ ;; because Firefox sandbox have access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute file
+ `((,(format #f "~s" lib) unquote
+ (λ (line _)
+ (string-replace-substring line lib
+ (string-append #$speech-dispatcher
+ "/lib/"
+ lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Firefox will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does firefox build on
+ ;; non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "WASM_CC"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang"))
+ (setenv "WASM_CXX"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang++"))
+
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting in Firefox.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build '1fix-addons-placeholder
+ (lambda _
+ (substitute*
+ "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org") "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing Firefox's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (pciutils-lib (string-append (assoc-ref inputs
+ "pciutils") "/lib")))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,pciutils-lib))))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file (in-vicinity lib config-file) "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port "defaultPref(~s, ~s);~%"
+ (car pref) (cdr pref)))
+ '(("extensions.getAddons.search.browseURL" .
+ "https://gnuzilla.gnu.org/mozzarella/search.php?q=%TERMS%")
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (apng-lib (string-append (assoc-ref inputs
+ "libpng-apng") "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,apng-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ wasm32-wasi-clang-toolchain
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://mozilla.org/firefox/")
+ (synopsis "Trademarkless version of Firefox")
+ (description
+ "Full-featured browser client built from Firefox source tree, without
+the official icon and the name \"firefox\". This is the Extended Support
+Release (ESR) version.")
+ (license license:mpl2.0)))
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-13 20:34 ` [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages Ian Eure
@ 2024-02-13 22:41 ` Liliana Marie Prikler
2024-02-13 23:22 ` Ian Eure
0 siblings, 1 reply; 75+ messages in thread
From: Liliana Marie Prikler @ 2024-02-13 22:41 UTC (permalink / raw)
To: Ian Eure, 67512
Am Dienstag, dem 13.02.2024 um 12:34 -0800 schrieb Ian Eure:
> * gnu/packages/wasm.scm (wasi-libc): New variable.
> * gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
> * gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
> * gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
> * gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
> ---
Not sure what the result from v1-v3 is, but generally we do one package
per patch. Also, if there is a reason to create a new file, what do we
do with the already packaged webassembly stuff in web.scm?
Cheers
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-13 22:41 ` Liliana Marie Prikler
@ 2024-02-13 23:22 ` Ian Eure
2024-02-16 14:29 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-13 23:22 UTC (permalink / raw)
To: Liliana Marie Prikler; +Cc: 67512
Liliana Marie Prikler <liliana.prikler@gmail.com> writes:
> Am Dienstag, dem 13.02.2024 um 12:34 -0800 schrieb Ian Eure:
>> * gnu/packages/wasm.scm (wasi-libc): New variable.
>> * gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New
>> variable.
>> * gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
>> * gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
>> * gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New
>> variable.
>> ---
> Not sure what the result from v1-v3 is, but generally we do one
> package
> per patch.
>
I have no problem splitting it up.
> Also, if there is a reason to create a new file what do we do
> with the already packaged webassembly stuff in web.scm?
>
It was like that in nonguix, where I got it from. It’s not a
*good* reason, but that’s the reason.
I have absolutely zero preference, so please let me know where
things should go and I’ll do it. If it helps to have some
options, I think these are reasonable ones, ordered by
my-hot-take-descending:
A. Move the two wasm packages from (gnu packages web) to (gnu
packages wasm). Will require updates to anything which uses wabt,
wasm3, or wasm-micro-runtime as inputs.
B. Leave as-is.
C. Fold the new (gnu packages wasm) into (gnu packages web). I’m
not certain this is a sensible place. This has things more
traditionally webby, like HTTP servers Perl cooke modules, HTML
formatters, etc. The wasm packages I’m bringing over are a wasm
complier and libc usable by the wasm code built with that
compiler.
D. Fold the new (gnu packages wasm) into (gnu packages librewolf).
This is the only place they’re used, but it sounds like there’s
desire to port some of the other firefoxen to this stuff, so
probably not a good long-term option.
In the interest of avoiding more back-and-forth, are there other
structural things I should be addressing at the same time as
these? This patch series has been open for three months and I’d
like to get things wrapped up.
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-13 20:34 ` [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
@ 2024-02-14 18:05 ` Mark H Weaver
2024-02-16 14:02 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Mark H Weaver @ 2024-02-14 18:05 UTC (permalink / raw)
To: Ian Eure, 67512; +Cc: Jonathan Brielmaier, Clément Lassieur
Ian Eure <ian@retrospec.tv> writes:
> * gnu/packages/icu4c.scm (icu4c-73): New variable.
> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
The commit log should mention the changes to 'icecat-minimal' and
'make-torbrowser'. Otherwise, looks good to me.
Thanks,
Mark
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-14 18:05 ` Mark H Weaver
@ 2024-02-16 14:02 ` Clément Lassieur
2024-02-17 16:07 ` Ian Eure
0 siblings, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-02-16 14:02 UTC (permalink / raw)
To: Mark H Weaver; +Cc: 67512, Jonathan Brielmaier, Ian Eure
On Wed, Feb 14 2024, Mark H Weaver wrote:
> Ian Eure <ian@retrospec.tv> writes:
>> * gnu/packages/icu4c.scm (icu4c-73): New variable.
>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
>
> The commit log should mention the changes to 'icecat-minimal' and
> 'make-torbrowser'. Otherwise, looks good to me.
I pushed this one (with small commit message updates), so we can have a
feeling that things are advancing :)
Thanks
Clément
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-13 23:22 ` Ian Eure
@ 2024-02-16 14:29 ` Clément Lassieur
2024-02-16 21:48 ` Mark H Weaver
2024-02-17 16:09 ` Ian Eure
0 siblings, 2 replies; 75+ messages in thread
From: Clément Lassieur @ 2024-02-16 14:29 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, Mark H Weaver, Liliana Marie Prikler
On Tue, Feb 13 2024, Ian Eure wrote:
> D. Fold the new (gnu packages wasm) into (gnu packages librewolf). This is the
> only place they’re used, but it sounds like there’s desire to port some of the
> other firefoxen to this stuff, so probably not a good long-term option.
Does Librewolf depend on the Wasm packages more than the other Firefox
based browsers? My point is that if your Librewolf package is
independent from the Wasm packages, they can be split and reviewed
independently.
That would make the Librewolf review shorter and easier, and the Wasm
review more consistent and easy to test. Also, adding Wasm to our
Firefox based browsers would be a one-shot. (Of course it doesn't have
to be included in Icecat, but I think it would be great to have it in
‘make-torbrowser’.)
It makes even more sense when considering that the author of the Wasm
patches is not you (and doesn't reply).
> In the interest of avoiding more back-and-forth, are there other structural
> things I should be addressing at the same time as these? This patch series
> has been open for three months and I’d like to get things wrapped up.
Sorry, reviewing is hard. I've pushed the icu4c-73 one, and I wish to
get the Wasm patch independent so that we can focus on reviewing
Librewolf.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-16 14:29 ` Clément Lassieur
@ 2024-02-16 21:48 ` Mark H Weaver
2024-02-17 16:09 ` Ian Eure
1 sibling, 0 replies; 75+ messages in thread
From: Mark H Weaver @ 2024-02-16 21:48 UTC (permalink / raw)
To: Clément Lassieur, Ian Eure; +Cc: 67512, Liliana Marie Prikler
Clément Lassieur <clement@lassieur.org> writes:
> On Tue, Feb 13 2024, Ian Eure wrote:
>
>> D. Fold the new (gnu packages wasm) into (gnu packages librewolf). This is the
>> only place they’re used, but it sounds like there’s desire to port some of the
>> other firefoxen to this stuff, so probably not a good long-term option.
>
> Does Librewolf depend on the Wasm packages more than the other Firefox
> based browsers? My point is that if your Librewolf package is
> independent from the Wasm packages, they can be split and reviewed
> independently.
>
> That would make the Librewolf review shorter and easier, and the Wasm
> review more consistent and easy to test. Also, adding Wasm to our
> Firefox based browsers would be a one-shot. (Of course it doesn't have
> to be included in Icecat, but I think it would be great to have it in
> ‘make-torbrowser’.)
I'd like to have support for Wasm sandboxed libraries in IceCat as well.
Thanks,
Mark
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 0/5] Add LibreWolf
2024-01-17 15:43 ` [bug#67512] [PATCH 0/5] Add LibreWolf Clément Lassieur
@ 2024-02-17 16:06 ` Ian Eure
0 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-17 16:06 UTC (permalink / raw)
To: Clément Lassieur; +Cc: 67512, Pierre Langlois
Hi Pierre,
Pinging on this to see if you saw it / have an answer.
Thanks,
— Ian
Clément Lassieur <clement@lassieur.org> writes:
> Hi Ian and Pierre,
>
> Thank you for this! I hope to do a review soon. Meanwhile I
> have one
> question for Pierre: is there any reason why your Wasm work was
> contributed to Nonguix instead of Guix? It looks like it could
> be used
> by Icecat. Would you say it is ready to be added to the Guix
> repo?
>
> Thank you,
> Clément
>
> On Tue, Nov 28 2023, Ian Eure wrote:
>
>> I mentioned in #guix that I was working on a package for
>> LibreWolf, and it was requested that I send in patches, so I
>> am. These changes are based on the firefox-esr package in
>> nonguix; I've retained the copyright / authorship notices from
>> there.
>>
>> LibreWolf (https://librewolf.net/) is a fork of Firefox which
>> removes the telemetry and advertising, and bundles uBlock
>> Origin. It doesn't have the redistribution issues that Firefox
>> does, its name/logo are under MPL 2.0 and aren't trademarked.
>>
>> I'm new to Guix, and not remotely a browser development expert,
>> so I don't expect these are ready to be accepted yet, but I
>> believe they're in good enough shape to have a discussion
>> about. They're working acceptably well for me, though I'm not
>> currently daily driving Guix, so there may be issues I haven't
>> encountered yet.
>>
>> Guide to changes in this patchset
>> =================================
>>
>> icu4c has been updated to 73.1, and the previous version kept
>> as icu4c-71. I encountered consistent failures of the
>> node@10.24.1 test suite with icu4c 73.1, so I kept that on
>> 71.1. icu4c is needed by many packages, so this change is the
>> highest-impact in the patchset.
>>
>> The (gnu packages wasm) module is unchanged from nonguix,
>> except for the file header and module declaration.
>>
>> The (gnu packages librewolf) module is a simplified/adapted
>> version of (nongnu packages firefox). The Firefox Nightly
>> packages have been removed, as there's no LibreWolf equivalent.
>> I also didn't bring over the wayland variant, but I could, if
>> that's desired. I'm not sure why there are specific
>> x11/wayland variants, as the packages for other distros don't
>> seem to need this split.
>>
>> The librewolf package has some functions duplicated from (gnu
>> packages gnuzilla), which probably ought to get factored out
>> and put somewhere, but I'm not sure if they should be in (gnu
>> packages mozilla) or a different module. Guidance would be
>> appreciated here.
>>
>> Ian Eure (5):
>> gnu: icu4c: Update to 73.1.
>> gnu: Add icu4c-71.
>> gnu: node: Switch to icu4c-71.
>> gnu: Add wasm packages.
>> gnu: Add librewolf.
>>
>> gnu/packages/icu4c.scm | 21 +-
>> gnu/packages/librewolf.scm | 560
>> +++++++++++++++++++++++++++++++++++++
>> gnu/packages/node.scm | 4 +-
>> gnu/packages/wasm.scm | 273 ++++++++++++++++++
>> 4 files changed, 854 insertions(+), 4 deletions(-)
>> create mode 100644 gnu/packages/librewolf.scm
>> create mode 100644 gnu/packages/wasm.scm
>>
>>
>> base-commit: 2410a30f6c06d56b5589e0ad685bcdf09bb144bf
>
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-16 14:02 ` Clément Lassieur
@ 2024-02-17 16:07 ` Ian Eure
2024-02-21 11:49 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-17 16:07 UTC (permalink / raw)
To: Clément Lassieur; +Cc: 67512, Mark H Weaver, Jonathan Brielmaier
Clément Lassieur <clement@lassieur.org> writes:
> On Wed, Feb 14 2024, Mark H Weaver wrote:
>
>> Ian Eure <ian@retrospec.tv> writes:
>>> * gnu/packages/icu4c.scm (icu4c-73): New variable.
>>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete
>>> variable.
>>
>> The commit log should mention the changes to 'icecat-minimal'
>> and
>> 'make-torbrowser'. Otherwise, looks good to me.
>
> I pushed this one (with small commit message updates), so we can
> have a
> feeling that things are advancing :)
>
Thank you. Do you think the nss patch is also mergeable?
Thanks,
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-16 14:29 ` Clément Lassieur
2024-02-16 21:48 ` Mark H Weaver
@ 2024-02-17 16:09 ` Ian Eure
2024-02-21 2:00 ` Clément Lassieur
1 sibling, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-17 16:09 UTC (permalink / raw)
To: Clément Lassieur; +Cc: 67512, Mark H Weaver, Liliana Marie Prikler
Clément Lassieur <clement@lassieur.org> writes:
> On Tue, Feb 13 2024, Ian Eure wrote:
>
>> D. Fold the new (gnu packages wasm) into (gnu packages
>> librewolf). This is the
>> only place they’re used, but it sounds like there’s desire to
>> port some of the
>> other firefoxen to this stuff, so probably not a good long-term
>> option.
>
> Does Librewolf depend on the Wasm packages more than the other
> Firefox
> based browsers?
Upstream Librewolf doesn’t depend on the WASM packages more than
any other Firefoxen. I believe that WASM sandboxing is an
optional feature for recent Firefox and FF-derived browsers.
In case anyone reading this isn’t familiar: Firefox has taken some
libraries that handle untrusted data (which are implemented in
C/C++) and complied those WASM, which it runs in isolated
sandboxes. The idea being that if there’s a vulnerability in one
of those libraries, the impact will be diminished becasue the
exploit runs in an environment with very limited privileges[1].
> My point is that if your Librewolf package is independent from
> the Wasm packages, they can be split and reviewed independently.
The Librewolf package I’m submitting depends on these WASM
packages; other Firefox-derived browsers currently in Guix don’t
(because they can’t, because the toolchain isn’t in Guix).
> That would make the Librewolf review shorter and easier, and the
> Wasm
> review more consistent and easy to test. Also, adding Wasm to
> our
> Firefox based browsers would be a one-shot. (Of course it
> doesn't have
> to be included in Icecat, but I think it would be great to have
> it in
> ‘make-torbrowser’.)
>
I’m not sure what you mean by "adding Wasm to our Firefox based
browsers would be a one-shot." Are you saying you want a process
like:
1a. Get wasm toolchain stuff merged.
1b. Get Librewolf merged without WASM sandboxing.
2. Update icecat, torbrowser, mullvad, and librewolf to use WASM
sandboxing.
Thanks,
— Ian
[1]: See
https://hacks.mozilla.org/2020/02/securing-firefox-with-webassembly/
and
https://blog.mozilla.org/attack-and-defense/2021/12/06/webassembly-and-back-again-fine-grained-sandboxing-in-firefox-95/
for more on this.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-17 16:09 ` Ian Eure
@ 2024-02-21 2:00 ` Clément Lassieur
2024-02-21 2:18 ` Ian Eure
2024-02-21 14:32 ` Mark H Weaver
0 siblings, 2 replies; 75+ messages in thread
From: Clément Lassieur @ 2024-02-21 2:00 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, Mark H Weaver, Liliana Marie Prikler
On Sat, Feb 17 2024, Ian Eure wrote:
> Clément Lassieur <clement@lassieur.org> writes:
>
>> On Tue, Feb 13 2024, Ian Eure wrote:
>>
>>> D. Fold the new (gnu packages wasm) into (gnu packages librewolf). This is
>>> the
>>> only place they’re used, but it sounds like there’s desire to port some of
>>> the
>>> other firefoxen to this stuff, so probably not a good long-term option.
>>
>> Does Librewolf depend on the Wasm packages more than the other Firefox
>> based browsers?
>
> Upstream Librewolf doesn’t depend on the WASM packages more than any other
> Firefoxen. I believe that WASM sandboxing is an optional feature for recent
> Firefox and FF-derived browsers.
>
>
> In case anyone reading this isn’t familiar: Firefox has taken some libraries
> that handle untrusted data (which are implemented in C/C++) and complied those
> WASM, which it runs in isolated sandboxes. The idea being that if there’s a
> vulnerability in one of those libraries, the impact will be diminished becasue
> the exploit runs in an environment with very limited privileges[1].
>
>
>> My point is that if your Librewolf package is independent from the Wasm
>> packages, they can be split and reviewed independently.
>
> The Librewolf package I’m submitting depends on these WASM packages; other
> Firefox-derived browsers currently in Guix don’t (because they can’t, because
> the toolchain isn’t in Guix).
>
>
>> That would make the Librewolf review shorter and easier, and the Wasm
>> review more consistent and easy to test. Also, adding Wasm to our
>> Firefox based browsers would be a one-shot. (Of course it doesn't have
>> to be included in Icecat, but I think it would be great to have it in
>> ‘make-torbrowser’.)
>>
>
> I’m not sure what you mean by "adding Wasm to our Firefox based browsers would
> be a one-shot." Are you saying you want a process like:
>
> 1a. Get wasm toolchain stuff merged.
> 1b. Get Librewolf merged without WASM sandboxing.
> 2. Update icecat, torbrowser, mullvad, and librewolf to use WASM sandboxing.
Excatly. 1b can be done after 1a, or before 1a.
And if you can explain why is Mullvad Browser not "great for daily use"
that would be great. https://logs.guix.gnu.org/guix/2024-02-20.log
Clément
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-21 2:00 ` Clément Lassieur
@ 2024-02-21 2:18 ` Ian Eure
2024-02-21 5:20 ` Liliana Marie Prikler
2024-02-21 14:32 ` Mark H Weaver
1 sibling, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-21 2:18 UTC (permalink / raw)
To: Clément Lassieur; +Cc: 67512, Mark H Weaver, Liliana Marie Prikler
Clément Lassieur <clement@lassieur.org> writes:
>> Are you saying you want a process like:
>>
>> 1a. Get wasm toolchain stuff merged.
>> 1b. Get Librewolf merged without WASM sandboxing.
>> 2. Update icecat, torbrowser, mullvad, and librewolf to use
>> WASM sandboxing.
>
> Excatly. 1b can be done after 1a, or before 1a.
>
Is there a technical reason why landing WASM sandboxing support
for all browsers in the same patch is desirable? I can intuit
none, and as I’m disinclined to either roll back portions of my
existing patchset, or work on other browsers, the proposal is
disagreeable.
I’m fine with splitting off the WASM toolchain stuff into a
separate patch, and then merging LibreWolf afterwards. If others
would like to add WASM sandboxing to their Firefox-derived
browsers afterwards, they are, of course, welcome to.
Is there further guidance on where the WASM toolchain packages
should be placed? It seemed there was objection to having them in
(gnu packages wasm), but nobody has proposed an alternate location
or engaged with the options I presented.
Thanks,
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-21 2:18 ` Ian Eure
@ 2024-02-21 5:20 ` Liliana Marie Prikler
2024-02-21 11:45 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Liliana Marie Prikler @ 2024-02-21 5:20 UTC (permalink / raw)
To: Ian Eure, Clément Lassieur; +Cc: 67512, Mark H Weaver
Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure:
> Clément Lassieur <clement@lassieur.org> writes:
>
> > > Are you saying you want a process like:
> > >
> > > 1a. Get wasm toolchain stuff merged.
> > > 1b. Get Librewolf merged without WASM sandboxing.
> > > 2. Update icecat, torbrowser, mullvad, and librewolf to use
> > > WASM sandboxing.
> >
> > Excatly. 1b can be done after 1a, or before 1a.
> >
>
> Is there a technical reason why landing WASM sandboxing support
> for all browsers in the same patch is desirable? I can intuit
> none, and as I’m disinclined to either roll back portions of my
> existing patchset, or work on other browsers, the proposal is
> disagreeable.
I think this ordering is w.r.t. *patch sets*, not patches. I wouldn't
suggest dropping four packages into one patch.
> I’m fine with splitting off the WASM toolchain stuff into a
> separate patch, and then merging LibreWolf afterwards. If others
> would like to add WASM sandboxing to their Firefox-derived
> browsers afterwards, they are, of course, welcome to.
>
> Is there further guidance on where the WASM toolchain packages
> should be placed? It seemed there was objection to having them in
> (gnu packages wasm), but nobody has proposed an alternate location
> or engaged with the options I presented.
Unless there's a strong reason not to, I'd place them among the
existing ones in (gnu packages web).
WDYT?
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-21 5:20 ` Liliana Marie Prikler
@ 2024-02-21 11:45 ` Clément Lassieur
2024-02-22 0:07 ` Ian Eure
0 siblings, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-02-21 11:45 UTC (permalink / raw)
To: Liliana Marie Prikler; +Cc: 67512, Mark H Weaver, Ian Eure
On Wed, Feb 21 2024, Liliana Marie Prikler wrote:
> Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure:
>> Clément Lassieur <clement@lassieur.org> writes:
>>
>> > > Are you saying you want a process like:
>> > >
>> > > 1a. Get wasm toolchain stuff merged.
>> > > 1b. Get Librewolf merged without WASM sandboxing.
>> > > 2. Update icecat, torbrowser, mullvad, and librewolf to use
>> > > WASM sandboxing.
>> >
>> > Excatly. 1b can be done after 1a, or before 1a.
>> >
>>
>> Is there a technical reason why landing WASM sandboxing support
>> for all browsers in the same patch is desirable? I can intuit
>> none, and as I’m disinclined to either roll back portions of my
>> existing patchset, or work on other browsers, the proposal is
>> disagreeable.
> I think this ordering is w.r.t. *patch sets*, not patches. I wouldn't
> suggest dropping four packages into one patch.
Indeed I've never said it should be done in one patch. I said one-shot
as in ‘symmetrical’: the work required to add Wasm to our browsers
should be more or less the same for all browsers, and code duplication
should be avoided.
>> I’m fine with splitting off the WASM toolchain stuff into a
>> separate patch, and then merging LibreWolf afterwards. If others
>> would like to add WASM sandboxing to their Firefox-derived
>> browsers afterwards, they are, of course, welcome to.
My point is that we need to understand the diff between a browser
without wasm, and a browser with wasm.
If you add librewolf with wasm already included, we don't have that diff
info. And it's harder for us reviewers to understand what in your patch
is wasm specific. And it's harder for us to include wasm to our firefox
based browsers.
I acknowledge it's more work for you, but it's a work that would have to
be done otherwise by the reviewer, at least to test the wasm stuff.
>> Is there further guidance on where the WASM toolchain packages
>> should be placed? It seemed there was objection to having them in
>> (gnu packages wasm), but nobody has proposed an alternate location
>> or engaged with the options I presented.
> Unless there's a strong reason not to, I'd place them among the
> existing ones in (gnu packages web).
>
> WDYT?
Agreed.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-17 16:07 ` Ian Eure
@ 2024-02-21 11:49 ` Clément Lassieur
2024-02-22 1:07 ` Ian Eure
0 siblings, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-02-21 11:49 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, Mark H Weaver, Jonathan Brielmaier
On Sat, Feb 17 2024, Ian Eure wrote:
> Clément Lassieur <clement@lassieur.org> writes:
>
>> On Wed, Feb 14 2024, Mark H Weaver wrote:
>>
>>> Ian Eure <ian@retrospec.tv> writes:
>>>> * gnu/packages/icu4c.scm (icu4c-73): New variable.
>>>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
>>>
>>> The commit log should mention the changes to 'icecat-minimal' and
>>> 'make-torbrowser'. Otherwise, looks good to me.
>>
>> I pushed this one (with small commit message updates), so we can have a
>> feeling that things are advancing :)
>>
>
> Thank you. Do you think the nss patch is also mergeable?
Do we know why this patch is necessary for librewolf and not for other
ESR based browsers?
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-21 2:00 ` Clément Lassieur
2024-02-21 2:18 ` Ian Eure
@ 2024-02-21 14:32 ` Mark H Weaver
1 sibling, 0 replies; 75+ messages in thread
From: Mark H Weaver @ 2024-02-21 14:32 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, Liliana Marie Prikler, Clément Lassieur
Hi Ian,
Clément Lassieur <clement@lassieur.org> asked Ian Eure:
> And if you can explain why is Mullvad Browser not "great for daily use"
> that would be great. https://logs.guix.gnu.org/guix/2024-02-20.log
I see that you also wrote about GNU IceCat in the cited IRC log:
ieure (apparently Ian Eure) wrote on the #guix IRC channel:
> [...] IceCat, which is weirdware Firefox that won't run non-GPL'd
> JavaScript out of the box [...]
For the record, this statement is incorrect. IceCat _will_ run
"non-GPL'd JavaScript" out of the box. IceCat will, by default, run
trivial JavaScript regardless of license, and it will also run
nontrivial JavaScript that's marked as having a known free software
license. There is no requirement that the JavaScript be covered by the
GNU GPL. It's also easy to add sites to the whitelist, or to disable
LibreJS entirely.
I have no idea what you meant by "weirdware". Can you please explain
what you meant by that?
Thanks,
Mark
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-21 11:45 ` Clément Lassieur
@ 2024-02-22 0:07 ` Ian Eure
2024-02-22 10:19 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-22 0:07 UTC (permalink / raw)
To: Clément Lassieur; +Cc: 67512, Mark H Weaver, Liliana Marie Prikler
Clément Lassieur <clement@lassieur.org> writes:
> On Wed, Feb 21 2024, Liliana Marie Prikler wrote:
>> Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure:
>>> Clément Lassieur <clement@lassieur.org> writes:
>>>
>>> > > Are you saying you want a process like:
>>> > >
>>> > > 1a. Get wasm toolchain stuff merged.
>>> > > 1b. Get Librewolf merged without WASM sandboxing.
>>> > > 2. Update icecat, torbrowser, mullvad, and librewolf to
>>> > > use
>>> > > WASM sandboxing.
>>> >
>>> > Excatly. 1b can be done after 1a, or before 1a.
>>> >
>>>
>>> Is there a technical reason why landing WASM sandboxing
>>> support
>>> for all browsers in the same patch is desirable? I can intuit
>>> none, and as I’m disinclined to either roll back portions of
>>> my
>>> existing patchset, or work on other browsers, the proposal is
>>> disagreeable.
>> I think this ordering is w.r.t. *patch sets*, not patches. I
>> wouldn't
>> suggest dropping four packages into one patch.
>
> Indeed I've never said it should be done in one patch. I said
> one-shot
> as in ‘symmetrical’: the work required to add Wasm to our
> browsers
> should be more or less the same for all browsers, and code
> duplication
> should be avoided.
>
Forgive me for my imprecision, and thank you for the explanation.
Unfortunately, the distinction makes little difference to me, as
it still would require me to do work I’m unwilling to do. My
unwillingness has less to do with the amount of work than its
scope: My goal is to get LibreWolf into Guix, and I simply have no
desire or motivation to work on other browsers.
I think the best course of action is to reduce scope by removing
the WASM component of this patch series entirely. I’d send a new
patch series without the WASM toolchain packages, and with WASM
sandboxing disabled in the LibreWolf package. The official
LibreWolf binaries don’t appear to have this enabled, so no
hardening would be sacrified vs. LibreWolf installed any other
way. And since I’m not the original author of the WASM packages,
and not well-positioned to address problems with them, omitting
them seems likely to circumvent difficulties in the review process
and support of those.
What do you think?
Thanks,
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-21 11:49 ` Clément Lassieur
@ 2024-02-22 1:07 ` Ian Eure
2024-02-22 10:21 ` Clément Lassieur
0 siblings, 1 reply; 75+ messages in thread
From: Ian Eure @ 2024-02-22 1:07 UTC (permalink / raw)
To: Clément Lassieur; +Cc: 67512, Mark H Weaver, Jonathan Brielmaier
Clément Lassieur <clement@lassieur.org> writes:
> On Sat, Feb 17 2024, Ian Eure wrote:
>
>> Clément Lassieur <clement@lassieur.org> writes:
>>
>>> On Wed, Feb 14 2024, Mark H Weaver wrote:
>>>
>>>> Ian Eure <ian@retrospec.tv> writes:
>>>>> * gnu/packages/icu4c.scm (icu4c-73): New variable.
>>>>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete
>>>>> variable.
>>>>
>>>> The commit log should mention the changes to 'icecat-minimal'
>>>> and
>>>> 'make-torbrowser'. Otherwise, looks good to me.
>>>
>>> I pushed this one (with small commit message updates), so we
>>> can have a
>>> feeling that things are advancing :)
>>>
>>
>> Thank you. Do you think the nss patch is also mergeable?
>
> Do we know why this patch is necessary for librewolf and not for
> other
> ESR based browsers?
>
LibreWolf is based on standard Firefox releases, not ESR; that may
account for it, but I don’t know for sure.
Thanks,
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-22 0:07 ` Ian Eure
@ 2024-02-22 10:19 ` Clément Lassieur
2024-03-09 21:20 ` Ian Eure
0 siblings, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-02-22 10:19 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, Mark H Weaver, Liliana Marie Prikler
On Wed, Feb 21 2024, Ian Eure wrote:
> Clément Lassieur <clement@lassieur.org> writes:
>
>> On Wed, Feb 21 2024, Liliana Marie Prikler wrote:
>>> Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure:
>>>> Clément Lassieur <clement@lassieur.org> writes:
>>>> > > Are you saying you want a process like:
>>>> > > > > 1a. Get wasm toolchain stuff merged.
>>>> > > 1b. Get Librewolf merged without WASM sandboxing.
>>>> > > 2. Update icecat, torbrowser, mullvad, and librewolf to > > use > >
>>>> WASM sandboxing.
>>>> > > Excatly. 1b can be done after 1a, or before 1a.
>>>> > Is there a technical reason why landing WASM sandboxing support for all
>>>> browsers in the same patch is desirable? I can intuit none, and as I’m
>>>> disinclined to either roll back portions of my existing patchset, or work
>>>> on other browsers, the proposal is disagreeable.
>>> I think this ordering is w.r.t. *patch sets*, not patches. I wouldn't
>>> suggest dropping four packages into one patch.
>>
>> Indeed I've never said it should be done in one patch. I said one-shot
>> as in ‘symmetrical’: the work required to add Wasm to our browsers
>> should be more or less the same for all browsers, and code duplication
>> should be avoided.
>>
>
> Forgive me for my imprecision, and thank you for the
> explanation. Unfortunately, the distinction makes little difference to me, as
> it still would require me to do work I’m unwilling to do. My unwillingness
> has less to do with the amount of work than its scope: My goal is to get
> LibreWolf into Guix, and I simply have no desire or motivation to work on
> other browsers.
Firefox based browsers are closely related. Sounds impossible to me to
really do good work on one of them without touching the other ones.
> I think the best course of action is to reduce scope by removing the WASM
> component of this patch series entirely. I’d send a new patch series without
> the WASM toolchain packages, and with WASM sandboxing disabled in the
> LibreWolf package. The official LibreWolf binaries don’t appear to have this
> enabled, so no hardening would be sacrified vs. LibreWolf installed any other
> way. And since I’m not the original author of the WASM packages, and not
> well-positioned to address problems with them, omitting them seems likely to
> circumvent difficulties in the review process and support of those.
>
> What do you think?
Sounds good. And we can add WASM later.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-22 1:07 ` Ian Eure
@ 2024-02-22 10:21 ` Clément Lassieur
2024-02-22 14:34 ` Mark H Weaver
0 siblings, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-02-22 10:21 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, Mark H Weaver, Jonathan Brielmaier
On Wed, Feb 21 2024, Ian Eure wrote:
> Clément Lassieur <clement@lassieur.org> writes:
>
>> On Sat, Feb 17 2024, Ian Eure wrote:
>>
>>> Clément Lassieur <clement@lassieur.org> writes:
>>>
>>>> On Wed, Feb 14 2024, Mark H Weaver wrote:
>>>>
>>>>> Ian Eure <ian@retrospec.tv> writes:
>>>>>> * gnu/packages/icu4c.scm (icu4c-73): New variable.
>>>>>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
>>>>>
>>>>> The commit log should mention the changes to 'icecat-minimal' and
>>>>> 'make-torbrowser'. Otherwise, looks good to me.
>>>>
>>>> I pushed this one (with small commit message updates), so we can have a
>>>> feeling that things are advancing :)
>>>>
>>>
>>> Thank you. Do you think the nss patch is also mergeable?
>>
>> Do we know why this patch is necessary for librewolf and not for other
>> ESR based browsers?
>>
>
> LibreWolf is based on standard Firefox releases, not ESR; that may account for
> it, but I don’t know for sure.
I'm just confused by the description:
> + (description
> + "Full-featured browser client built from Firefox source tree, without
> +the official icon and the name \"firefox\". This is the Extended Support
> +Release (ESR) version.")
Clément
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-22 10:21 ` Clément Lassieur
@ 2024-02-22 14:34 ` Mark H Weaver
2024-02-23 0:56 ` Ian Eure
0 siblings, 1 reply; 75+ messages in thread
From: Mark H Weaver @ 2024-02-22 14:34 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, Jonathan Brielmaier, Clément Lassieur
Hi Ian,
Clément Lassieur <clement@lassieur.org> writes:
> I'm just confused by the description:
>
>> + (description
>> + "Full-featured browser client built from Firefox source tree, without
>> +the official icon and the name \"firefox\". This is the Extended Support
>> +Release (ESR) version.")
The description above, apparently written by you, states that this
browser is "Full-featured", and the only differences mentioned between
Firefox and Librewolf are that it lacks the "official icon and the name
'firefox'".
Note that Firefox does not comply with the GNU FSDG. For example,
Firefox supports EME, and that it also steers users towards nonfree
software, notably nonfree addons. Therefore Firefox is not included in
Guix.
Can you tell me more about the differences between Firefox and
Librewolf?
Thanks,
Mark
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c.
2024-02-22 14:34 ` Mark H Weaver
@ 2024-02-23 0:56 ` Ian Eure
0 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-23 0:56 UTC (permalink / raw)
To: Mark H Weaver; +Cc: 67512, Jonathan Brielmaier, Clément Lassieur
Hi Mark,
Mark H Weaver <mhw@netris.org> writes:
> Hi Ian,
>
> Clément Lassieur <clement@lassieur.org> writes:
>
>> I'm just confused by the description:
>>
>>> + (description
>>> + "Full-featured browser client built from Firefox source
>>> tree, without
>>> +the official icon and the name \"firefox\". This is the
>>> Extended Support
>>> +Release (ESR) version.")
>
> The description above, apparently written by you, states that
> this
> browser is "Full-featured", and the only differences mentioned
> between
> Firefox and Librewolf are that it lacks the "official icon and
> the name
> 'firefox'".
>
Thank you for bringing this to my attention. This is an artifact
of the Firefox package definition I based this on, and isn’t an
accurate description of LibreWolf. I’ll correct this in the next
version.
> Note that Firefox does not comply with the GNU FSDG. For
> example,
> Firefox supports EME, and that it also steers users towards
> nonfree
> software, notably nonfree addons. Therefore Firefox is not
> included in
> Guix.
>
> Can you tell me more about the differences between Firefox and
> Librewolf?
>
I can’t enumerate every difference; if you have a question about
specific feature(s), I’d be happy to answer that. In general:
- LibreWolf permits use of their name and logo.
- Telemetry is disabled.
- User-hostile things like ads for Mozilla VPN are removed.
- DRM is disabled by default (but can be enabled by the user).
- Default settings have been adjusted for more security and/or
privacy.
This feature list covers most of the changes:
https://librewolf.net/docs/features/
Additionally, the patch I submitted builds LibreWolf without EME
support (which is what the other Firefox forks in Guix do); and
uses GNU Mozzarella for extensions.
Thanks,
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v5 0/2] Add LibreWolf.
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (17 preceding siblings ...)
2024-02-13 20:34 ` [bug#67512] [PATCH v4 0/4] Add LibreWolf Ian Eure
@ 2024-02-25 0:53 ` Ian Eure
2024-02-25 0:53 ` [bug#67512] [PATCH v5 1/2] gnu: nss: Update to 3.97 Ian Eure
2024-02-25 0:53 ` [bug#67512] [PATCH v5 2/2] gnu: Add librewolf Ian Eure
2024-03-13 9:07 ` [bug#67512] Feedback for Librewolf package Romain Garbage
` (3 subsequent siblings)
22 siblings, 2 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-25 0:53 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
Vs. the previous patch series, this:
- Corrects package home-page, synopsis, and description.
- Removes "firefox" language in comments.
- Updates to LibreWolf 123.0-1 and update %librewolf-build-id.
- Removes WASM sandboxing, wasi-libc, etc.
- Corrects most linter issues. I don't know how to correct the remaining items, or how big a deal they are. Guidance would be appreciated here.
Ian Eure (2):
gnu: nss: Update to 3.97.
gnu: Add librewolf.
gnu/packages/certs.scm | 4 +-
gnu/packages/librewolf.scm | 638 +++++++++++++++++++++++++++++++++++++
gnu/packages/nss.scm | 6 +-
3 files changed, 643 insertions(+), 5 deletions(-)
create mode 100644 gnu/packages/librewolf.scm
base-commit: 05bbe9993f687da1fd684a31474c621f2a1c37b2
--
2.41.0
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v5 1/2] gnu: nss: Update to 3.97.
2024-02-25 0:53 ` [bug#67512] [PATCH v5 0/2] Add LibreWolf Ian Eure
@ 2024-02-25 0:53 ` Ian Eure
2024-02-25 0:53 ` [bug#67512] [PATCH v5 2/2] gnu: Add librewolf Ian Eure
1 sibling, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-25 0:53 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/nss.scm (nss): Update to 3.97.
* gnu/packages/certs.scm (nss-certs): Update to 3.97.
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..2a6106df78 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..268ddaa24f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v5 2/2] gnu: Add librewolf.
2024-02-25 0:53 ` [bug#67512] [PATCH v5 0/2] Add LibreWolf Ian Eure
2024-02-25 0:53 ` [bug#67512] [PATCH v5 1/2] gnu: nss: Update to 3.97 Ian Eure
@ 2024-02-25 0:53 ` Ian Eure
1 sibling, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-02-25 0:53 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 638 +++++++++++++++++++++++++++++++++++++
1 file changed, 638 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..a1f0e984d6
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,638 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann@infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last@163.com>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias@protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf@wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian@retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20240224100924")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "123.0-1")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "050kg717jy70fvjfh91aydmq25mqaz6cbf9cqsdsgh6hvpxrw873"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build '1fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (pciutils-lib (string-append (assoc-ref inputs
+ "pciutils") "/lib")))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,pciutils-lib))))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ '(("extensions.getAddons.search.browseURL"
+ string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%")
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (apng-lib (string-append (assoc-ref inputs
+ "libpng-apng") "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,apng-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
+fingerprinting techniques, while also including a few security improvements.
+This is achieved through our privacy and security oriented settings and
+patches. LibreWolf also aims to remove all the telemetry, data collection and
+annoyances, as well as disabling anti-freedom features like DRM.")
+ (license license:mpl2.0)))
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages.
2024-02-22 10:19 ` Clément Lassieur
@ 2024-03-09 21:20 ` Ian Eure
0 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-03-09 21:20 UTC (permalink / raw)
To: Clément Lassieur; +Cc: 67512, Mark H Weaver, Liliana Marie Prikler
Hello,
Just pinging on this. v5 of the patch reduces scope, as we
discussed; it’s now just a nss update + addition of LibreWolf.
Thanks,
— Ian
Clément Lassieur <clement@lassieur.org> writes:
> On Wed, Feb 21 2024, Ian Eure wrote:
>
>> Clément Lassieur <clement@lassieur.org> writes:
>>
>>> On Wed, Feb 21 2024, Liliana Marie Prikler wrote:
>>>> Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure:
>>>>> Clément Lassieur <clement@lassieur.org> writes:
>>>>> > > Are you saying you want a process like:
>>>>> > > > > 1a. Get wasm toolchain stuff merged.
>>>>> > > 1b. Get Librewolf merged without WASM sandboxing.
>>>>> > > 2. Update icecat, torbrowser, mullvad, and librewolf to
>>>>> > > > > use > >
>>>>> WASM sandboxing.
>>>>> > > Excatly. 1b can be done after 1a, or before 1a.
>>>>> > Is there a technical reason why landing WASM sandboxing
>>>>> > support for all
>>>>> browsers in the same patch is desirable? I can intuit none,
>>>>> and as I’m
>>>>> disinclined to either roll back portions of my existing
>>>>> patchset, or work
>>>>> on other browsers, the proposal is disagreeable.
>>>> I think this ordering is w.r.t. *patch sets*, not patches. I
>>>> wouldn't
>>>> suggest dropping four packages into one patch.
>>>
>>> Indeed I've never said it should be done in one patch. I said
>>> one-shot
>>> as in ‘symmetrical’: the work required to add Wasm to our
>>> browsers
>>> should be more or less the same for all browsers, and code
>>> duplication
>>> should be avoided.
>>>
>>
>> Forgive me for my imprecision, and thank you for the
>> explanation. Unfortunately, the distinction makes little
>> difference to me, as
>> it still would require me to do work I’m unwilling to do. My
>> unwillingness
>> has less to do with the amount of work than its scope: My goal
>> is to get
>> LibreWolf into Guix, and I simply have no desire or motivation
>> to work on
>> other browsers.
>
> Firefox based browsers are closely related. Sounds impossible
> to me to
> really do good work on one of them without touching the other
> ones.
>
>> I think the best course of action is to reduce scope by
>> removing the WASM
>> component of this patch series entirely. I’d send a new patch
>> series without
>> the WASM toolchain packages, and with WASM sandboxing disabled
>> in the
>> LibreWolf package. The official LibreWolf binaries don’t
>> appear to have this
>> enabled, so no hardening would be sacrified vs. LibreWolf
>> installed any other
>> way. And since I’m not the original author of the WASM
>> packages, and not
>> well-positioned to address problems with them, omitting them
>> seems likely to
>> circumvent difficulties in the review process and support of
>> those.
>>
>> What do you think?
>
> Sounds good. And we can add WASM later.
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] Feedback for Librewolf package
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (18 preceding siblings ...)
2024-02-25 0:53 ` [bug#67512] [PATCH v5 0/2] Add LibreWolf Ian Eure
@ 2024-03-13 9:07 ` Romain Garbage
2024-03-15 14:05 ` Ian Eure
2024-03-29 22:34 ` [bug#67512] [PATCH v6 0/2] Add LibreWolf Ian Eure
` (2 subsequent siblings)
22 siblings, 1 reply; 75+ messages in thread
From: Romain Garbage @ 2024-03-13 9:07 UTC (permalink / raw)
To: 67512; +Cc: ian
Hello,
I tested the v5 of the patch series, applied on guix master 0547fe862c.
Both patches apply and compile cleanly.
I then launched Librewolf through `./pre-inst-env guix shell librewolf -- librewolf`.
I got an error window with the following error message: "Configuration Error: Failed to read the configuration file. Please contact your system administrator."
and the following error messages in console:
```
JavaScript error: librewolf.cfg, line 545: SyntaxError: missing ) in parenthetical
JavaScript warning: resource://services-settings/Utils.sys.mjs, line 57: unreachable code after return statement
console.error: "formatURLPref: Couldn't get pref: " "startup.homepage_welcome_url.additional"
console.error: "Ignoring protocol handler for mailto without a uriTemplate!"
console.error: ({})
JavaScript error: resource://activity-stream/lib/TelemetryFeed.jsm, line 1066: Error: Failed to load chrome://pocket/content/pktApi.sys.mjs
JavaScript error: resource://gre/modules/PromiseWorker.sys.mjs, line 96: Error: Could not get children of file(/home/romain/.librewolf/rhx67hr4.default/thumbnails) because it does not exist
console.error: "about:home startup cache construction failed:" (new TypeError("sectionOrder is undefined", "resource://activity-stream/data/content/activity-stream.bundle.js", 7802))
console.error: "update.locale" " file doesn't exist in either the application or GRE directories"
console.error: services.settings:
main/search-config Signature failed InvalidSignatureError: Invalid content signature (main/search-config) using 'remote-settings.content-signature.mozilla.org-2024-04-09-14-36-39.chain'
console.error: services.settings:
main/search-config local data was corrupted
console.warn: services.settings: main/search-config Signature verified failed. Retry from scratch
```
After closing the error window, the browser launched properly and could be used to browse the web.
I closed it and launched it again and got the same error window, then the browser started again (same behaviour).
I tried to install an add-on from `about:addons`, I got redirected to https://addons.mozilla.org eventhough gnuzilla.gnu.org is mentioned in the search bar.
The Firefox addons website doesn't recognise Librewolf as a Firefox compatible browser and suggests to install Firefox instead of the addon installation.
I don't know if these issues are related to the guix package, although I have been using Librewolf in NixOS during one year as a daily driver and never ran into these issues.
If you need more testing or details, feel free to ask :)
Have a nice day,
Romain
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] Feedback for Librewolf package
2024-03-13 9:07 ` [bug#67512] Feedback for Librewolf package Romain Garbage
@ 2024-03-15 14:05 ` Ian Eure
0 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-03-15 14:05 UTC (permalink / raw)
To: Romain Garbage; +Cc: 67512
Hi Romain,
This is indeed a bug, I was missing parens around a string-append
call, which broke the preferences file. I saw the error you
mention, but thought my user preferences were broken in some way
by the many short-lived local builds I’ve run.
I’ll have a fixed patch soon. Thank you very much for taking the
time to try things out and letting me know about this problem.
— Ian
Romain Garbage <romain.garbage@inria.fr> writes:
> Hello,
>
> I tested the v5 of the patch series, applied on guix master
> 0547fe862c.
>
> Both patches apply and compile cleanly.
>
> I then launched Librewolf through `./pre-inst-env guix shell
> librewolf -- librewolf`.
>
> I got an error window with the following error message:
> "Configuration
> Error: Failed to read the configuration file. Please contact
> your
> system administrator."
>
> and the following error messages in console:
>
> ```
> JavaScript error: librewolf.cfg, line 545: SyntaxError: missing
> ) in parenthetical
> JavaScript warning: resource://services-settings/Utils.sys.mjs,
> line 57: unreachable code after return statement
> console.error: "formatURLPref: Couldn't get pref: "
> "startup.homepage_welcome_url.additional"
> console.error: "Ignoring protocol handler for mailto without a
> uriTemplate!"
> console.error: ({})
> JavaScript error:
> resource://activity-stream/lib/TelemetryFeed.jsm, line 1066:
> Error: Failed to load chrome://pocket/content/pktApi.sys.mjs
> JavaScript error: resource://gre/modules/PromiseWorker.sys.mjs,
> line
> 96: Error: Could not get children of
> file(/home/romain/.librewolf/rhx67hr4.default/thumbnails)
> because it
> does not exist
> console.error: "about:home startup cache construction failed:"
> (new
> TypeError("sectionOrder is undefined",
> "resource://activity-stream/data/content/activity-stream.bundle.js",
> 7802))
> console.error: "update.locale" " file doesn't exist in either
> the application or GRE directories"
> console.error: services.settings:
> main/search-config Signature failed InvalidSignatureError:
> Invalid
> content signature (main/search-config) using
> 'remote-settings.content-signature.mozilla.org-2024-04-09-14-36-39.chain'
> console.error: services.settings:
> main/search-config local data was corrupted
> console.warn: services.settings: main/search-config Signature
> verified failed. Retry from scratch
> ```
>
> After closing the error window, the browser launched properly
> and could be used to browse the web.
>
> I closed it and launched it again and got the same error window,
> then the browser started again (same behaviour).
>
> I tried to install an add-on from `about:addons`, I got
> redirected to
> https://addons.mozilla.org eventhough gnuzilla.gnu.org is
> mentioned in
> the search bar.
> The Firefox addons website doesn't recognise Librewolf as a
> Firefox
> compatible browser and suggests to install Firefox instead of
> the
> addon installation.
>
> I don't know if these issues are related to the guix package,
> although
> I have been using Librewolf in NixOS during one year as a daily
> driver
> and never ran into these issues.
>
> If you need more testing or details, feel free to ask :)
>
> Have a nice day,
> Romain
>
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v6 0/2] Add LibreWolf
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (19 preceding siblings ...)
2024-03-13 9:07 ` [bug#67512] Feedback for Librewolf package Romain Garbage
@ 2024-03-29 22:34 ` Ian Eure
2024-03-29 22:34 ` [bug#67512] [PATCH v6 1/2] gnu: nss: Update to 3.98 Ian Eure
2024-03-29 22:34 ` [bug#67512] [PATCH v6 2/2] gnu: Add librewolf Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Ian Eure
2024-04-12 11:32 ` [bug#67512] [PATCH 0/5] " Sharlatan Hellseher
22 siblings, 2 replies; 75+ messages in thread
From: Ian Eure @ 2024-03-29 22:34 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
- Updates LibreWolf to 124.0.1-1, which fixes numerous important security issues from upstream Firefox 123.x and 124.0.
- Updates nss to 3.98, required by LW 124.0.1-1.
- Corrects wrong string-append which broke the preferences file.
- Correct typo’d phase name '1fix-addons-placeholder to 'fix-addons-placeholder.
- Turn code flagged with "TODO turn me back into a loop" back into a loop.
Ian Eure (2):
gnu: nss: Update to 3.98.
gnu: Add librewolf.
gnu/packages/certs.scm | 4 +-
gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
gnu/packages/nss.scm | 6 +-
3 files changed, 626 insertions(+), 5 deletions(-)
create mode 100644 gnu/packages/librewolf.scm
base-commit: 423ca234cbd7b4902fd2a3fbc089a6fd57ed5583
--
2.41.0
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v6 1/2] gnu: nss: Update to 3.98.
2024-03-29 22:34 ` [bug#67512] [PATCH v6 0/2] Add LibreWolf Ian Eure
@ 2024-03-29 22:34 ` Ian Eure
2024-03-29 22:34 ` [bug#67512] [PATCH v6 2/2] gnu: Add librewolf Ian Eure
1 sibling, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-03-29 22:34 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/nss.scm (nss): Update to 3.98.
* gnu/packages/certs.scm (nss-certs): Update to 3.98.
Change-Id: I443ffb49cffa0985d9c3aa3e9990575ba11edf8a
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..b8d849f49d 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.98")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "1kh98amfklrq6915n4mlbrcqghc3srm7rkzs9dkh21jwscrwqjgm"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..fafc377b0b 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.98")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "1kh98amfklrq6915n4mlbrcqghc3srm7rkzs9dkh21jwscrwqjgm"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v6 2/2] gnu: Add librewolf.
2024-03-29 22:34 ` [bug#67512] [PATCH v6 0/2] Add LibreWolf Ian Eure
2024-03-29 22:34 ` [bug#67512] [PATCH v6 1/2] gnu: nss: Update to 3.98 Ian Eure
@ 2024-03-29 22:34 ` Ian Eure
1 sibling, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-03-29 22:34 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
1 file changed, 621 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..2b20b90655
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,621 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann@infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last@163.com>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias@protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf@wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian@retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+;; ex: date '+%Y%m%d%H%M%S'
+(define %librewolf-build-id "20240326080003")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "124.0.1-1")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "1sks49nywzhvq5mik4ipm3vyyxv49s9hq6bfyk5d9r6f0nlydllf"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("args.append\\(\"--frozen\"\\)") "pass"))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa and pci
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "pciutils"))))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix ,libs)))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ `(("extensions.getAddons.search.browseURL"
+ ,(string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%"))
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "libpng-apng" "libnotify" "libva"
+ "pulseaudio" "gtk+"
+ ;; For U2F and WebAuthn
+ "eudev")))
+
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,@libs ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
+fingerprinting techniques, while also including a few security improvements.
+This is achieved through our privacy and security oriented settings and
+patches. LibreWolf also aims to remove all the telemetry, data collection and
+annoyances, as well as disabling anti-freedom features like DRM.")
+ (license license:mpl2.0)))
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v7 0/3] Add LibreWolf
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (20 preceding siblings ...)
2024-03-29 22:34 ` [bug#67512] [PATCH v6 0/2] Add LibreWolf Ian Eure
@ 2024-04-06 15:04 ` Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 1/3] gnu: Add nss-3.98 Ian Eure
` (3 more replies)
2024-04-12 11:32 ` [bug#67512] [PATCH 0/5] " Sharlatan Hellseher
22 siblings, 4 replies; 75+ messages in thread
From: Ian Eure @ 2024-04-06 15:04 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
Moves nss update to nss-3.98 / nss-certs-3.98 to avoid rebuilding thousands of packages.
Rebases.
Ian Eure (3):
gnu: Add nss-3.98.
gnu: Add nss-certs-3.98.
gnu: Add librewolf.
gnu/packages/certs.scm | 16 +
gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
gnu/packages/nss.scm | 45 +++
3 files changed, 682 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e
--
2.41.0
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v7 1/3] gnu: Add nss-3.98.
2024-04-06 15:04 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Ian Eure
@ 2024-04-06 15:04 ` Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 2/3] gnu: Add nss-certs-3.98 Ian Eure
` (2 subsequent siblings)
3 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-04-06 15:04 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/nss.scm (nss-3.98): New variable.
Change-Id: If54ba20d296da2f4edd444c7cfa223a2d5a9ecb8
---
gnu/packages/nss.scm | 45 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 45 insertions(+)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..14612d7ce9 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -241,3 +241,48 @@ (define-public nss
security standards.")
(license license:mpl2.0)))
+(define-public nss-3.98
+ (package
+ (inherit nss)
+ (version "3.98")
+ (source (origin
+ (method url-fetch)
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1kh98amfklrq6915n4mlbrcqghc3srm7rkzs9dkh21jwscrwqjgm"))
+ ;; Create nss.pc and nss-config.
+ (patches (search-patches "nss-3.56-pkgconfig.patch"
+ "nss-getcwd-nonnull.patch"
+ "nss-increase-test-timeout.patch"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete the bundled copy of these libraries.
+ (delete-file-recursively "nss/lib/zlib")
+ (delete-file-recursively "nss/lib/sqlite")))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nss)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (if tests?
+ (begin
+ ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for
+ ;; testing. The latter requires a working DNS or /etc/hosts.
+ (setenv "DOMSUF" "localdomain")
+ (setenv "USE_IP" "TRUE")
+ (setenv "IP_ADDRESS" "127.0.0.1")
+
+ ;; The "PayPalEE.cert" certificate expires every six months,
+ ;; leading to test failures:
+ ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
+ ;; work around that, set the time to roughly the release date.
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
+ (format #t "test suite not run~%"))))))))))
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v7 2/3] gnu: Add nss-certs-3.98.
2024-04-06 15:04 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 1/3] gnu: Add nss-3.98 Ian Eure
@ 2024-04-06 15:04 ` Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 3/3] gnu: Add librewolf Ian Eure
2024-04-12 13:11 ` bug#67512: [PATCH v7 0/3] Add LibreWolf Andrew Tropin via Guix-patches via
3 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-04-06 15:04 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/certs.scm (nss-certs-3.98): New variable.
Change-Id: I95b54781c7b85f1d6b54158c6b906116791e009c
---
gnu/packages/certs.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..7078c7c8d1 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -188,6 +188,22 @@ (define-public nss-certs
(home-page "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS")
(license license:mpl2.0)))
+(define-public nss-certs-3.98
+ (package
+ (inherit nss-certs)
+ (version "3.98")
+ (source (origin
+ (method url-fetch)
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1kh98amfklrq6915n4mlbrcqghc3srm7rkzs9dkh21jwscrwqjgm"))))))
+
(define-public le-certs
(package
(name "le-certs")
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v7 3/3] gnu: Add librewolf.
2024-04-06 15:04 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 1/3] gnu: Add nss-3.98 Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 2/3] gnu: Add nss-certs-3.98 Ian Eure
@ 2024-04-06 15:04 ` Ian Eure
2024-04-12 13:11 ` bug#67512: [PATCH v7 0/3] Add LibreWolf Andrew Tropin via Guix-patches via
3 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-04-06 15:04 UTC (permalink / raw)
To: 67512; +Cc: Ian Eure
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
1 file changed, 621 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..4804a872ce
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,621 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann@infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last@163.com>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias@protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf@wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian@retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+;; ex: date '+%Y%m%d%H%M%S'
+(define %librewolf-build-id "20240326080003")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "124.0.1-1")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "1sks49nywzhvq5mik4ipm3vyyxv49s9hq6bfyk5d9r6f0nlydllf"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("args.append\\(\"--frozen\"\\)") "pass"))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa and pci
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "pciutils"))))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix ,libs)))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ `(("extensions.getAddons.search.browseURL"
+ ,(string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%"))
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "libpng-apng" "libnotify" "libva"
+ "pulseaudio" "gtk+"
+ ;; For U2F and WebAuthn
+ "eudev")))
+
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,@libs ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss-3.98
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
+fingerprinting techniques, while also including a few security improvements.
+This is achieved through our privacy and security oriented settings and
+patches. LibreWolf also aims to remove all the telemetry, data collection and
+annoyances, as well as disabling anti-freedom features like DRM.")
+ (license license:mpl2.0)))
--
2.41.0
^ permalink raw reply related [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH 0/5] Add LibreWolf
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
` (21 preceding siblings ...)
2024-04-06 15:04 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Ian Eure
@ 2024-04-12 11:32 ` Sharlatan Hellseher
22 siblings, 0 replies; 75+ messages in thread
From: Sharlatan Hellseher @ 2024-04-12 11:32 UTC (permalink / raw)
To: 67512
[-- Attachment #1: Type: text/plain, Size: 574 bytes --]
Hi Guix team!
It would be great to have one more modern and libre web browser in the
Guix's belt!
I've managed to build and run it successfully by applying patch directly
from QA, thanks Andrew Tropin <andrew@trop.in> for the snippet.
--8<---------------cut here---------------start------------->8---
guix time-machine \
--url='https://git.guix-patches.cbaines.net/git/guix-patches' \
--branch=issue-67512 \
--disable-authentication -- shell librewolf -- librewolf
--8<---------------cut here---------------end--------------->8---
--
Oleg
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply [flat|nested] 75+ messages in thread
* bug#67512: [PATCH v7 0/3] Add LibreWolf
2024-04-06 15:04 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Ian Eure
` (2 preceding siblings ...)
2024-04-06 15:04 ` [bug#67512] [PATCH v7 3/3] gnu: Add librewolf Ian Eure
@ 2024-04-12 13:11 ` Andrew Tropin via Guix-patches via
2024-04-27 10:46 ` [bug#67512] " Clément Lassieur
3 siblings, 1 reply; 75+ messages in thread
From: Andrew Tropin via Guix-patches via @ 2024-04-12 13:11 UTC (permalink / raw)
To: Ian Eure, 67512-done; +Cc: Sharlatan Hellseher, Ian Eure
[-- Attachment #1: Type: text/plain, Size: 891 bytes --]
On 2024-04-06 08:04, Ian Eure wrote:
> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid rebuilding thousands of packages.
>
> Rebases.
>
> Ian Eure (3):
> gnu: Add nss-3.98.
> gnu: Add nss-certs-3.98.
> gnu: Add librewolf.
>
> gnu/packages/certs.scm | 16 +
> gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
> gnu/packages/nss.scm | 45 +++
> 3 files changed, 682 insertions(+)
> create mode 100644 gnu/packages/librewolf.scm
>
>
> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e
Hi Ian,
tested those patches, didn't notice any issues.
Added pipewire to LD_LIBRARY_PATH to make screensharing on wayland to
work.
Added librewolf.scm to gnu/local.mk.
Pushed as
https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae
Thank you very much for you work!
--
Best regards,
Andrew Tropin
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v7 0/3] Add LibreWolf
2024-04-12 13:11 ` bug#67512: [PATCH v7 0/3] Add LibreWolf Andrew Tropin via Guix-patches via
@ 2024-04-27 10:46 ` Clément Lassieur
[not found] ` <87r0eqww7t.fsf@meson>
0 siblings, 1 reply; 75+ messages in thread
From: Clément Lassieur @ 2024-04-27 10:46 UTC (permalink / raw)
To: 67512; +Cc: guix-devel, Mark H Weaver, ian, guix-security, andrew
On Fri, Apr 12 2024, Andrew Tropin via Guix-patches via wrote:
> On 2024-04-06 08:04, Ian Eure wrote:
>
>> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid rebuilding thousands of packages.
>>
>> Rebases.
>>
>> Ian Eure (3):
>> gnu: Add nss-3.98.
>> gnu: Add nss-certs-3.98.
>> gnu: Add librewolf.
>>
>> gnu/packages/certs.scm | 16 +
>> gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
>> gnu/packages/nss.scm | 45 +++
>> 3 files changed, 682 insertions(+)
>> create mode 100644 gnu/packages/librewolf.scm
>>
>>
>> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e
>
> Hi Ian,
>
> tested those patches, didn't notice any issues.
>
> Added pipewire to LD_LIBRARY_PATH to make screensharing on wayland to
> work.
>
> Added librewolf.scm to gnu/local.mk.
>
> Pushed as
> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae
>
> Thank you very much for you work!
Thank you Andrew for reviewing.
Now that this is pushed, is there anyone maintaining this "librewolf"
package? This is serious work, with security updates quite often.
Right now the package is subject to
CVE-2024-3852 (high)
CVE-2024-3853 (high)
CVE-2024-3854 (high)
CVE-2024-3855 (high)
CVE-2024-3856 (high)
CVE-2024-3857 (high)
CVE-2024-3858 (high)
CVE-2024-3859 (moderate)
CVE-2024-3860 (moderate)
CVE-2024-3861 (moderate)
CVE-2024-3862 (moderate)
CVE-2024-3302 (low)
CVE-2024-3864 (high)
CVE-2024-3865 (high)
Thanks,
Clément
^ permalink raw reply [flat|nested] 75+ messages in thread
* [bug#67512] [PATCH v7 0/3] Add LibreWolf
[not found] ` <87r0eqww7t.fsf@meson>
@ 2024-04-27 18:21 ` Ian Eure
0 siblings, 0 replies; 75+ messages in thread
From: Ian Eure @ 2024-04-27 18:21 UTC (permalink / raw)
To: Clément Lassieur
Cc: 67512, guix-devel, guix-security, Mark H Weaver, andrew
Ian Eure <ian@retrospec.tv> writes:
> Clément Lassieur <clement@lassieur.org> writes:
>
>> On Fri, Apr 12 2024, Andrew Tropin via Guix-patches via wrote:
>>
>>> On 2024-04-06 08:04, Ian Eure wrote:
>>>
>>>> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid
>>>> rebuilding
>>>> thousands of packages.
>>>>
>>>> Rebases.
>>>>
>>>> Ian Eure (3):
>>>> gnu: Add nss-3.98.
>>>> gnu: Add nss-certs-3.98.
>>>> gnu: Add librewolf.
>>>>
>>>> gnu/packages/certs.scm | 16 +
>>>> gnu/packages/librewolf.scm | 621
>>>> +++++++++++++++++++++++++++++++++++++
>>>> gnu/packages/nss.scm | 45 +++
>>>> 3 files changed, 682 insertions(+)
>>>> create mode 100644 gnu/packages/librewolf.scm
>>>>
>>>>
>>>> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e
>>>
>>> Hi Ian,
>>>
>>> tested those patches, didn't notice any issues.
>>>
>>> Added pipewire to LD_LIBRARY_PATH to make screensharing on
>>> wayland
>>> to
>>> work.
>>>
>>> Added librewolf.scm to gnu/local.mk.
>>>
>>> Pushed as
>>> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae
>>>
>>> Thank you very much for you work!
>>
>> Thank you Andrew for reviewing.
>>
>> Now that this is pushed, is there anyone maintaining this
>> "librewolf"
>> package? This is serious work, with security updates quite
>> often.
>>
>
> Hi Clement,
>
> I’m planning to continue sending patches for updates and the
> like. Getting a working updater is close to the top of my list.
>
>
>> Right now the package is subject to
>>
>> CVE-2024-3852 (high)
>> CVE-2024-3853 (high)
>> CVE-2024-3854 (high)
>> CVE-2024-3855 (high)
>> CVE-2024-3856 (high)
>> CVE-2024-3857 (high)
>> CVE-2024-3858 (high)
>> CVE-2024-3859 (moderate)
>> CVE-2024-3860 (moderate)
>> CVE-2024-3861 (moderate)
>> CVE-2024-3862 (moderate)
>> CVE-2024-3302 (low)
>> CVE-2024-3864 (high)
>> CVE-2024-3865 (high)
>>
>
> The version in Guix is the latest available. I’ll send in a
> patch
> when the next release happens; I’m waiting on upstream for that.
>
Okay, I see that I’m incorrect about this -- LibreWolf is moving
onto Codeberg, but I was looking at their GitLab project, which
doesn’t have the recent releases. I’ll get this updated.
Thanks,
— Ian
^ permalink raw reply [flat|nested] 75+ messages in thread
end of thread, other threads:[~2024-04-27 18:21 UTC | newest]
Thread overview: 75+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-28 20:09 [bug#67512] [PATCH 0/5] Add LibreWolf Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 1/5] gnu: icu4c: Update to 73.1 Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 2/5] gnu: Add icu4c-71 Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 3/5] gnu: node: Switch to icu4c-71 Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 4/5] gnu: Add wasm packages Ian Eure
2023-11-28 20:13 ` [bug#67512] [PATCH 5/5] gnu: Add librewolf Ian Eure
2023-12-10 21:57 ` [bug#67512] [PATCH 0/5] Add LibreWolf Ludovic Courtès
2023-12-10 22:28 ` Ian Eure
2023-12-14 18:39 ` Ludovic Courtès
2024-01-13 17:53 ` [bug#67512] [PATCH 5/5] gnu: Add librewolf Herman Rimm via Guix-patches via
2024-01-28 21:23 ` Ian Eure
2024-01-28 22:51 ` Ian Eure
2024-02-02 18:44 ` Herman Rimm via Guix-patches via
2024-02-06 23:29 ` Ian Eure
2024-02-07 10:06 ` Clément Lassieur
2024-01-17 15:43 ` [bug#67512] [PATCH 0/5] Add LibreWolf Clément Lassieur
2024-02-17 16:06 ` Ian Eure
2024-02-11 19:20 ` [bug#67512] [PATCH v2 0/4] Add Librewolf Ian Eure
2024-02-11 20:22 ` Clément Lassieur
2024-02-11 23:23 ` Ian Eure
2024-02-11 23:32 ` Clément Lassieur
2024-02-11 19:20 ` [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
2024-02-11 21:40 ` Mark H Weaver
2024-02-11 22:14 ` Clément Lassieur
2024-02-11 23:23 ` Ian Eure
2024-02-11 23:34 ` Clément Lassieur
2024-02-11 19:20 ` [bug#67512] [PATCH v2 2/4] gnu: nss: Update to 3.97 Ian Eure
2024-02-11 19:20 ` [bug#67512] [PATCH v2 3/4] gnu: Add wasm packages Ian Eure
2024-02-11 19:20 ` [bug#67512] [PATCH v2 4/4] gnu: Add librewolf Ian Eure
2024-02-11 23:49 ` [bug#67512] [PATCH v3 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
2024-02-11 23:49 ` [bug#67512] [PATCH v3 2/4] gnu: nss: Update to 3.97 Ian Eure
2024-02-11 23:49 ` [bug#67512] [PATCH v3 3/4] gnu: Add wasm packages Ian Eure
2024-02-11 23:49 ` [bug#67512] [PATCH v3 4/4] gnu: Add librewolf Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 0/4] Add LibreWolf Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c Ian Eure
2024-02-14 18:05 ` Mark H Weaver
2024-02-16 14:02 ` Clément Lassieur
2024-02-17 16:07 ` Ian Eure
2024-02-21 11:49 ` Clément Lassieur
2024-02-22 1:07 ` Ian Eure
2024-02-22 10:21 ` Clément Lassieur
2024-02-22 14:34 ` Mark H Weaver
2024-02-23 0:56 ` Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 2/4] gnu: nss: Update to 3.97 Ian Eure
2024-02-13 20:34 ` [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages Ian Eure
2024-02-13 22:41 ` Liliana Marie Prikler
2024-02-13 23:22 ` Ian Eure
2024-02-16 14:29 ` Clément Lassieur
2024-02-16 21:48 ` Mark H Weaver
2024-02-17 16:09 ` Ian Eure
2024-02-21 2:00 ` Clément Lassieur
2024-02-21 2:18 ` Ian Eure
2024-02-21 5:20 ` Liliana Marie Prikler
2024-02-21 11:45 ` Clément Lassieur
2024-02-22 0:07 ` Ian Eure
2024-02-22 10:19 ` Clément Lassieur
2024-03-09 21:20 ` Ian Eure
2024-02-21 14:32 ` Mark H Weaver
2024-02-13 20:34 ` [bug#67512] [PATCH v4 4/4] gnu: Add librewolf Ian Eure
2024-02-25 0:53 ` [bug#67512] [PATCH v5 0/2] Add LibreWolf Ian Eure
2024-02-25 0:53 ` [bug#67512] [PATCH v5 1/2] gnu: nss: Update to 3.97 Ian Eure
2024-02-25 0:53 ` [bug#67512] [PATCH v5 2/2] gnu: Add librewolf Ian Eure
2024-03-13 9:07 ` [bug#67512] Feedback for Librewolf package Romain Garbage
2024-03-15 14:05 ` Ian Eure
2024-03-29 22:34 ` [bug#67512] [PATCH v6 0/2] Add LibreWolf Ian Eure
2024-03-29 22:34 ` [bug#67512] [PATCH v6 1/2] gnu: nss: Update to 3.98 Ian Eure
2024-03-29 22:34 ` [bug#67512] [PATCH v6 2/2] gnu: Add librewolf Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 1/3] gnu: Add nss-3.98 Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 2/3] gnu: Add nss-certs-3.98 Ian Eure
2024-04-06 15:04 ` [bug#67512] [PATCH v7 3/3] gnu: Add librewolf Ian Eure
2024-04-12 13:11 ` bug#67512: [PATCH v7 0/3] Add LibreWolf Andrew Tropin via Guix-patches via
2024-04-27 10:46 ` [bug#67512] " Clément Lassieur
[not found] ` <87r0eqww7t.fsf@meson>
2024-04-27 18:21 ` Ian Eure
2024-04-12 11:32 ` [bug#67512] [PATCH 0/5] " Sharlatan Hellseher
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).