From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:42890) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e4x2M-0004LJ-RA for guix-patches@gnu.org; Wed, 18 Oct 2017 18:42:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e4x2I-0001s1-Pj for guix-patches@gnu.org; Wed, 18 Oct 2017 18:42:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:40140) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1e4x2I-0001rg-Iu for guix-patches@gnu.org; Wed, 18 Oct 2017 18:42:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1e4x2I-0006Wv-Bw for guix-patches@gnu.org; Wed, 18 Oct 2017 18:42:02 -0400 Subject: [bug#28004] Chromium Resent-Message-ID: From: Marius Bakke In-Reply-To: <87shensfq6.fsf@gnu.org> References: <87y3qvb15k.fsf@fastmail.com> <20171010131949.y43plpzxbppvrigr@abyayala> <87lgkha2cx.fsf@gnu.org> <20171012195628.GA31843@jasmine.lan> <87shensfq6.fsf@gnu.org> Date: Thu, 19 Oct 2017 00:41:01 +0200 Message-ID: <87o9p45bb6.fsf@fastmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= , Leo Famulari Cc: 28004@debbugs.gnu.org --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Ludovic Court=C3=A8s writes: > I think we should make sure that our package does not call home in any > way. That=E2=80=99s what I expect from a security- and privacy-conscious > distro. Currently, it calls home at first launch, prompting for a login. But I've verified that it does not send any unsolicited requests for subsequent startups, as long as the user does not change the command-line flags. Anyway I'm attaching the current iteration of this patch. Chromium 62 is out today, I'll try to update this weekend and will push it after that in lieu of other feedback. I would be very happy if someone managed to complete the 62 upgrade before me, however! ;-) --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: attachment; filename=0001-gnu-Add-chromium.patch Content-Transfer-Encoding: quoted-printable From=20d6e3ef7f28a9bc4ace0c52e09b1e4bdde84e01e0 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Wed, 12 Oct 2016 17:25:05 +0100 Subject: [PATCH] gnu: Add chromium. * gnu/packages/chromium.scm: New file. * gnu/packages/patches/chromium-disable-api-keys-warning.patch, gnu/packages/patches/chromium-disable-third-party-cookies.patch, gnu/packages/patches/chromium-system-icu.patch: New files. * gnu/local.mk: Record it. =2D-- gnu/local.mk | 4 + gnu/packages/chromium.scm | 650 +++++++++++++++++= ++++ .../chromium-disable-api-keys-warning.patch | 17 + .../chromium-disable-third-party-cookies.patch | 13 + gnu/packages/patches/chromium-system-icu.patch | 15 + 5 files changed, 699 insertions(+) create mode 100644 gnu/packages/chromium.scm create mode 100644 gnu/packages/patches/chromium-disable-api-keys-warning.= patch create mode 100644 gnu/packages/patches/chromium-disable-third-party-cooki= es.patch create mode 100644 gnu/packages/patches/chromium-system-icu.patch diff --git a/gnu/local.mk b/gnu/local.mk index bb4724426..80be45d45 100644 =2D-- a/gnu/local.mk +++ b/gnu/local.mk @@ -86,6 +86,7 @@ GNU_SYSTEM_MODULES =3D \ %D%/packages/certs.scm \ %D%/packages/check.scm \ %D%/packages/chez.scm \ + %D%/packages/chromium.scm \ %D%/packages/ci.scm \ %D%/packages/cmake.scm \ %D%/packages/cobol.scm \ @@ -557,6 +558,9 @@ dist_patch_DATA =3D \ %D%/packages/patches/chicken-CVE-2017-6949.patch \ %D%/packages/patches/chicken-CVE-2017-11343.patch \ %D%/packages/patches/chmlib-inttypes.patch \ + %D%/packages/patches/chromium-disable-api-keys-warning.patch \ + %D%/packages/patches/chromium-disable-third-party-cookies.patch \ + %D%/packages/patches/chromium-system-icu.patch \ %D%/packages/patches/clang-libc-search-path.patch \ %D%/packages/patches/clang-3.8-libc-search-path.patch \ %D%/packages/patches/clisp-remove-failing-test.patch \ diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm new file mode 100644 index 000000000..5693b70ff =2D-- /dev/null +++ b/gnu/packages/chromium.scm @@ -0,0 +1,650 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright =C2=A9 2016, 2017 Marius Bakke +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages chromium) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix git-download) + #:use-module (guix utils) + #:use-module (guix build-system gnu) + #:use-module (gnu packages) + #:use-module (gnu packages assembly) + #:use-module (gnu packages base) + #:use-module (gnu packages bison) + #:use-module (gnu packages compression) + #:use-module (gnu packages cups) + #:use-module (gnu packages curl) + #:use-module (gnu packages databases) + #:use-module (gnu packages fontutils) + #:use-module (gnu packages gl) + #:use-module (gnu packages glib) + #:use-module (gnu packages gnome) + #:use-module (gnu packages gnuzilla) + #:use-module (gnu packages gperf) + #:use-module (gnu packages gtk) + #:use-module (gnu packages icu4c) + #:use-module (gnu packages image) + #:use-module (gnu packages libevent) + #:use-module (gnu packages libffi) + #:use-module (gnu packages libusb) + #:use-module (gnu packages linux) + #:use-module (gnu packages kerberos) + #:use-module (gnu packages ninja) + #:use-module (gnu packages node) + #:use-module (gnu packages pciutils) + #:use-module (gnu packages photo) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages protobuf) + #:use-module (gnu packages pulseaudio) + #:use-module (gnu packages python) + #:use-module (gnu packages regex) + #:use-module (gnu packages serialization) + #:use-module (gnu packages speech) + #:use-module (gnu packages tls) + #:use-module (gnu packages valgrind) + #:use-module (gnu packages version-control) + #:use-module (gnu packages video) + #:use-module (gnu packages xiph) + #:use-module (gnu packages xml) + #:use-module (gnu packages xdisorg) + #:use-module (gnu packages xorg)) + +(define (remote-patch file-name uri hash) + "Return an object with the given FILE-NAME. URI must be a FTP = or +HTTP(S) URI that returns a file with the given HASH." + (origin + (method url-fetch) + (uri uri) + (sha256 (base32 hash)) + (file-name file-name))) + +(define opus+custom + (package (inherit opus) + (arguments + `(;; Opus Custom is an optional extension of the Opus + ;; specification that allows for unsupported frame + ;; sizes. Chromium requires that this is enabled. + #:configure-flags '("--enable-custom-modes") + ,@(package-arguments opus))))) + +;; Chromium since 58 depends on an unreleased libvpx. So, we +;; package the latest master branch as of 2017-10-12. +(define libvpx+experimental + (package + (inherit libvpx) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://chromium.googlesource.com/webm/libvpx") + (commit "175b36cb6d2811c721d63277ba953ea817f32361"))) + (file-name "libvpx-for-chromium-checkout") + (sha256 + (base32 + "1j8ni29mcj74lfsc0hsha22zzp24ig53iki0id5bdfhzl8q1rpyk")))) + ;; TODO: Make libvpx configure flags overrideable. + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + (setenv "CONFIG_SHELL" (which "bash")) + (let ((out (assoc-ref outputs "out"))) + (setenv "LDFLAGS" + (string-append "-Wl,-rpath=3D" out "/lib")) + (zero? (system* "./configure" + "--enable-shared" + "--as=3Dyasm" + ;; Limit size to avoid CVE-2015-1258 + "--size-limit=3D16384x16384" + ;; Spatial SVC is an experimental VP9 encod= er + ;; used by some packages (i.e. Chromium). + "--enable-experimental" + "--enable-spatial-svc" + (string-append "--prefix=3D" out))))))) + #:tests? #f)))) ; No tests. + +(define %chromium-gn-bootstrap.patch + (remote-patch "chromium-gn-bootstrap.patch" + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-clien= t/\ +chromium/files/chromium-gn-bootstrap-r14.patch?id=3D\ +900e6203d4015711887137bcd03c913361dbf41f" + "1050abvq24s1a5vd97d5ljb8bmv0wcdgkj3vk0scygkr1954qy4q")) + +(define %chromium-gcc-compat.patch + (remote-patch "chromium-gcc-compat.patch" + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-clien= t/\ +chromium/files/chromium-gcc-r1.patch?id=3D506399c6ac2ace6501429925a608db9d= 7e502bde" + "0n5bc1ckq83vlfzh5k3frh7cp7hyhxii89iq2v4jg46lblqgxkqi")) + +(define %chromium-gcc-5-compat.patch + (remote-patch "chromium-gcc-5-compat.patch" + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-clien= t/\ +chromium/files/chromium-gcc5-r1.patch?id=3D506399c6ac2ace6501429925a608db9= d7e502bde" + "0jz9sg24yzimcass3c3myynp3sf2c1rasrcwh7jn1gbbj4yp7j8v")) + +(define %chromium-atk-compat.patch + (remote-patch "chromium-atk-compat.patch" + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-clien= t/\ +chromium/files/chromium-atk-r1.patch?id=3D506399c6ac2ace6501429925a608db9d= 7e502bde" + "13g9g1k9f3fqpgjhnlqvf5np6m58czr57zq1fqdf5y5nfyxrl3pw")) + +(define %chromium-system-nspr.patch + (remote-patch "chromium-system-nspr.patch" + "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium= .git/\ +plain/debian/patches/system/nspr.patch?id=3D64458c4216edd82503dc9366e2f4d8= 0ae7c763b0" + "0l69sq3w9n5zygykf1gfzp1zfb7gkjk62nnvbrmkn00gzq6cc643")) + +(define %chromium-system-libevent.patch + (remote-patch "chromium-system-libevent.patch" + "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium= .git/\ +plain/debian/patches/system/event.patch?id=3D64458c4216edd82503dc9366e2f4d= 80ae7c763b0" + "0vibc92kwycm8jlyfa49135nq0flm6gkrf8ic76m5rkraclijvn9")) + +(define-public chromium + (package + (name "chromium") + (version "61.0.3163.100") + (synopsis "Graphical web browser") + (source (origin + (method url-fetch) + (uri (string-append "https://commondatastorage.googleapis.co= m/" + "chromium-browser-official/chromium-" + version ".tar.xz")) + (sha256 + (base32 + "06r89jim9cq87668ya8wwk69hh17rl04cj94nb9c28v6mj69cda1")) + (patches (append (list %chromium-gn-bootstrap.patch + %chromium-atk-compat.patch + %chromium-gcc-compat.patch + %chromium-gcc-5-compat.patch + %chromium-system-nspr.patch + %chromium-system-libevent.patch) + (search-patches + "chromium-system-icu.patch" + "chromium-disable-api-keys-warning.patch" + "chromium-disable-third-party-cookies.patc= h"))) + (modules '((srfi srfi-1) + (guix build utils))) + (snippet + '(begin + ;; Replace GN files from third_party with shims for buil= ding + ;; against system libraries. Keep this list in sync with + ;; "build/linux/unbundle/replace_gn_files.py". + (for-each (lambda (pair) + (let ((source (string-append + "build/linux/unbundle/" (car = pair))) + (dest (cdr pair))) + (copy-file source dest))) + (list + '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn") + '("flac.gn" . "third_party/flac/BUILD.gn") + '("freetype.gn" . "third_party/freetype/BUILD= .gn") + '("harfbuzz-ng.gn" . "third_party/harfbuzz-ng= /BUILD.gn") + '("icu.gn" . "third_party/icu/BUILD.gn") + '("libdrm.gn" . "third_party/libdrm/BUILD.gn") + '("libevent.gn" . "base/third_party/libevent/= BUILD.gn") + '("libjpeg.gn" . + "build/secondary/third_party/libjpeg_turbo/= BUILD.gn") + '("libpng.gn" . "third_party/libpng/BUILD.gn") + '("libvpx.gn" . "third_party/libvpx/BUILD.gn") + '("libwebp.gn" . "third_party/libwebp/BUILD.g= n") + ;;'("libxml.gn" . "third_party/libxml/BUILD.g= n") ;TODO + '("libxslt.gn" . "third_party/libxslt/BUILD.g= n") + '("openh264.gn" . "third_party/openh264/BUILD= .gn") + '("opus.gn" . "third_party/opus/BUILD.gn") + '("re2.gn" . "third_party/re2/BUILD.gn") + '("snappy.gn" . "third_party/snappy/BUILD.gn") + '("yasm.gn" . "third_party/yasm/yasm_assemble= .gni") + '("zlib.gn" . "third_party/zlib/BUILD.gn"))) + #t)))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; TODO: Maybe run --headless or something. + ;; FIXME: There is a "gn" option specifically for setting -rpath, b= ut + ;; it's not recognized when passed. + #:validate-runpath? #f + #:modules ((srfi srfi-26) + (ice-9 ftw) + (ice-9 regex) + (guix build gnu-build-system) + (guix build utils)) + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'remove-bundled-software + (lambda _ + (let ((keep-libs + (list + ;; Third party folders that cannot be deleted yet. + "base/third_party/dmg_fp" + "base/third_party/dynamic_annotations" + "base/third_party/icu" + "base/third_party/libevent" + "base/third_party/nspr" + "base/third_party/superfasthash" + "base/third_party/symbolize" ; glog + "base/third_party/xdg_mime" + "base/third_party/xdg_user_dirs" + "buildtools/third_party/libc++" + "chrome/third_party/mozilla_security_manager" + "courgette/third_party" + "net/third_party/mozilla_security_manager" + "net/third_party/nss" + "third_party/adobe/flash/flapper_version.h" + ;; FIXME: This is used in: + ;; * ui/webui/resources/js/analytics.js + ;; * ui/file_manager/ + "third_party/analytics" + "third_party/angle" + "third_party/angle/src/common/third_party/base" + "third_party/angle/src/common/third_party/murmurhash" + "third_party/angle/src/third_party/compiler" + "third_party/angle/src/third_party/libXNVCtrl" + "third_party/angle/src/third_party/trace_event" + "third_party/boringssl" + "third_party/brotli" + "third_party/cacheinvalidation" + "third_party/catapult" + "third_party/catapult/third_party/polymer" + "third_party/catapult/third_party/py_vulcanize" + "third_party/catapult/third_party/py_vulcanize/third_= party/rcssmin" + "third_party/catapult/third_party/py_vulcanize/third_= party/rjsmin" + "third_party/catapult/tracing/third_party/d3" + "third_party/catapult/tracing/third_party/gl-matrix" + "third_party/catapult/tracing/third_party/jszip" + "third_party/catapult/tracing/third_party/mannwhitney= u" + "third_party/catapult/tracing/third_party/oboe" + "third_party/ced" + "third_party/cld_3" + "third_party/cros_system_api" + "third_party/dom_distiller_js" + "third_party/fips181" + "third_party/flatbuffers" + ;; XXX Needed by pdfium since 59. + "third_party/freetype" + "third_party/glslang-angle" + "third_party/google_input_tools" + "third_party/google_input_tools/third_party/closure_l= ibrary" + (string-append "third_party/google_input_tools/third_= party" + "/closure_library/third_party/closure") + "third_party/googletest" + "third_party/hunspell" + "third_party/iccjpeg" + "third_party/inspector_protocol" + "third_party/jinja2" + "third_party/jstemplate" + "third_party/khronos" + "third_party/leveldatabase" + "third_party/libXNVCtrl" + "third_party/libaddressinput" + "third_party/libjingle_xmpp" + "third_party/libphonenumber" + "third_party/libsecret" ;FIXME: needs pkg-config supp= ort. + "third_party/libsrtp" ;TODO: Requires libsrtp@2. + "third_party/libudev" + "third_party/libwebm" + "third_party/libxml" ;FIXME: Unbundle (again). + "third_party/libyuv" + "third_party/lss" + "third_party/lzma_sdk" + "third_party/markupsafe" + "third_party/mesa" + "third_party/modp_b64" + "third_party/mt19937ar" + "third_party/node" + "third_party/node/node_modules/vulcanize/third_party/= UglifyJS2" + "third_party/openmax_dl" + "third_party/ots" + "third_party/pdfium" ;TODO: can be built standalone. + "third_party/pdfium/third_party" + "third_party/ply" + "third_party/polymer" + "third_party/protobuf" + "third_party/protobuf/third_party/six" + "third_party/qcms" + "third_party/sfntly" + "third_party/skia" + "third_party/skia/third_party/vulkan" + "third_party/smhasher" + ;; XXX the sources that include this are generated. + "third_party/speech-dispatcher" + "third_party/spirv-headers" + "third_party/spirv-tools-angle" + "third_party/sqlite" + "third_party/swiftshader" + "third_party/swiftshader/third_party" + "third_party/usb_ids" + "third_party/usrsctp" + "third_party/vulkan" + "third_party/vulkan-validation-layers" + "third_party/WebKit" + "third_party/web-animations-js" + "third_party/webrtc" + "third_party/widevine/cdm/widevine_cdm_version.h" + "third_party/widevine/cdm/widevine_cdm_common.h" + "third_party/woff2" + "third_party/xdg-utils" + "third_party/yasm/run_yasm.py" + "third_party/zlib/google" + "url/third_party/mozilla" + "v8/src/third_party/valgrind" + "v8/third_party/inspector_protocol"))) + ;; FIXME: implement as source snippet. This traverses + ;; any "third_party" directory and deletes files that are: + ;; * not ending with ".gn" or ".gni"; or + ;; * not explicitly named as argument (folder or file). + (zero? (apply system* "python" + "build/linux/unbundle/remove_bundled_librarie= s.py" + "--do-remove" keep-libs))))) + (add-after 'remove-bundled-software 'patch-stuff + (lambda* (#:key inputs #:allow-other-keys) + (substitute* "printing/cups_config_helper.py" + (("cups_config =3D.*") + (string-append "cups_config =3D '" (assoc-ref inputs "cups= ") + "/bin/cups-config'\n"))) + + (substitute* + '("base/process/launch_posix.cc" + "base/tracked_objects.cc" + "base/third_party/dynamic_annotations/dynamic_annotatio= ns.c" + "sandbox/linux/seccomp-bpf/sandbox_bpf.cc" + "sandbox/linux/services/credentials.cc" + "sandbox/linux/services/namespace_utils.cc" + "sandbox/linux/services/syscall_wrappers.cc" + "sandbox/linux/syscall_broker/broker_host.cc") + (("include \"base/third_party/valgrind/") "include \"valgri= nd/")) + + (for-each (lambda (file) + (substitute* file + ;; Fix opus include path. + ;; Do not substitute opus_private.h. + (("#include \"opus\\.h\"") + "#include \"opus/opus.h\"") + (("#include \"opus_custom\\.h\"") + "#include \"opus/opus_custom.h\"") + (("#include \"opus_defines\\.h\"") + "#include \"opus/opus_defines.h\"") + (("#include \"opus_multistream\\.h\"") + "#include \"opus/opus_multistream.h\"") + (("#include \"opus_types\\.h\"") + "#include \"opus/opus_types.h\""))) + (append (find-files "third_party/opus/src/celt") + (find-files "third_party/opus/src/src") + (find-files (string-append "third_party/web= rtc/modules" + "/audio_coding/c= odecs/opus")))) + + (substitute* "chrome/common/chrome_paths.cc" + (("/usr/share/chromium/extensions") + ;; TODO: Add ~/.guix-profile. + "/run/current-system/profile/share/chromium/extensions")) + + (substitute* "breakpad/src/common/linux/libcurl_wrapper.h" + (("include \"third_party/curl") "include \"curl")) + (substitute* "media/base/decode_capabilities.cc" + (("third_party/libvpx/source/libvpx/") "")) + + ;; We don't cross compile most packages, so get rid of the + ;; unnecessary ARCH-linux-gnu* prefix. + (substitute* "build/toolchain/linux/BUILD.gn" + (("aarch64-linux-gnu-") "") + (("arm-linux-gnueabihf-") "")) + #t)) + (replace 'configure + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((gn-flags + (list + ;; See tools/gn/docs/cookbook.md and + ;; https://www.chromium.org/developers/gn-build-confi= guration + ;; for usage. Run "./gn args . --list" in the Release + ;; directory for an exhaustive list of supported flag= s. + "is_debug=3Dfalse" + "is_official_build=3Dfalse" + "is_clang=3Dfalse" + "use_gold=3Dfalse" + "linux_use_bundled_binutils=3Dfalse" + "use_custom_libcxx=3Dfalse" + "use_sysroot=3Dfalse" + "remove_webcore_debug_symbols=3Dtrue" + "enable_iterator_debugging=3Dfalse" + "override_build_date=3D\"01 01 2000 05:00:00\"" + ;; Don't fail when using deprecated ffmpeg features. + "treat_warnings_as_errors=3Dfalse" + "enable_nacl=3Dfalse" + "enable_nacl_nonsfi=3Dfalse" + "use_allocator=3D\"none\"" ; Don't use tcmalloc. + ;; Don't add any API keys. End users can set them in = the + ;; environment if necessary. + ;; https://www.chromium.org/developers/how-tos/api-ke= ys + "use_official_google_api_keys=3Dfalse" + ;; Disable "field trials". + "fieldtrial_testing_like_official_build=3Dtrue" + + "use_system_libjpeg=3Dtrue" + ;; This is currently not supported on Linux: + ;; https://bugs.chromium.org/p/chromium/issues/detail= ?id=3D22208 + ;; "use_system_sqlite=3Dtrue" + "use_gtk3=3Dtrue" + "use_gconf=3Dfalse" ; deprecated by gsettings + "use_gnome_keyring=3Dfalse" ; deprecated by libsecret + "use_xkbcommon=3Dtrue" + "link_pulseaudio=3Dtrue" + "use_openh264=3Dtrue" + + ;; Don't arbitrarily restrict formats supported by sy= stem ffmpeg. + "proprietary_codecs=3Dtrue" + "ffmpeg_branding=3D\"Chrome\"" + + ;; WebRTC stuff. + "rtc_use_h264=3Dtrue" + ;; Don't use bundled sources. + "rtc_build_json=3Dfalse" + "rtc_build_libevent=3Dfalse" + "rtc_build_libjpeg=3Dfalse" + "rtc_build_libvpx=3Dfalse" + "rtc_build_opus=3Dfalse" + "rtc_build_ssl=3Dfalse" + ;; TODO: Package these. + "rtc_build_libsrtp=3Dtrue" ; 2.0 + "rtc_build_libyuv=3Dtrue" + "rtc_build_openmax_dl=3Dtrue" + "rtc_build_usrsctp=3Dtrue" + (string-append "rtc_jsoncpp_root=3D\"" + (assoc-ref inputs "jsoncpp") + "/include/jsoncpp/json\"") + (string-append "rtc_ssl_root=3D\"" + (assoc-ref inputs "openssl") + "/include/openssl\"")))) + + ;; XXX: How portable is this. + (mkdir-p "third_party/node/linux/node-linux-x64") + (symlink (string-append (assoc-ref inputs "node") "/bin") + "third_party/node/linux/node-linux-x64/bin") + + (setenv "CC" "gcc") + (setenv "CXX" "g++") + ;; TODO: pre-compile instead. Avoids a race condition. + (setenv "PYTHONDONTWRITEBYTECODE" "1") + (and + ;; Build the "gn" tool. + (zero? (system* "python" + "tools/gn/bootstrap/bootstrap.py" "-s" "-v= ")) + ;; Generate ninja build files. + (zero? (system* "./out/Release/gn" "gen" "out/Release" + (string-append "--args=3D" + (string-join gn-flags " "))= )))))) + (replace 'build + (lambda* (#:key outputs #:allow-other-keys) + (zero? (system* "ninja" "-C" "out/Release" + "-j" (number->string (parallel-job-count)) + "chrome")))) + (replace 'install + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin")) + (exe (string-append bin "/chromium")) + (lib (string-append out "/lib")) + (man (string-append out "/share/man/man1")) + (applications (string-append out "/share/application= s")) + (install-regexp (make-regexp "\\.(so|bin|pak)$")) + (locales (string-append lib "/locales")) + (resources (string-append lib "/resources")) + (gtk+ (assoc-ref inputs "gtk+")) + (mesa (assoc-ref inputs "mesa")) + (nss (assoc-ref inputs "nss")) + (udev (assoc-ref inputs "udev")) + (sh (which "sh"))) + + (mkdir-p applications) + (call-with-output-file (string-append applications + "/chromium.desktop") + (lambda (port) + (format port + "[Desktop Entry]~@ + Name=3DChromium~@ + Comment=3D~a~@ + Exec=3D~a~@ + Icon=3Dchromium.png~@ + Type=3DApplication~%" ,synopsis exe))) + + (with-directory-excursion "out/Release" + (for-each (lambda (file) + (install-file file lib)) + (scandir "." (cut regexp-exec install-regexp <>= ))) + (copy-file "chrome" (string-append lib "/chromium")) + + ;; TODO: Install icons from "../../chrome/app/themes" into + ;; "out/share/icons/hicolor/$size". + (install-file + "product_logo_48.png" + (string-append out "/share/icons/48x48/chromium.png")) + + (copy-recursively "locales" locales) + (copy-recursively "resources" resources) + + (mkdir-p man) + (copy-file "chrome.1" (string-append man "/chromium.1")) + + (mkdir-p bin) + ;; Add a thin wrapper to prevent the user from inadverten= tly + ;; installing non-free software through the Web Store. + ;; TODO: Discover extensions from the profile and pass + ;; something like "--disable-extensions-except=3D...". + (call-with-output-file exe + (lambda (port) + (format port + "#!~a~@ + CHROMIUM_FLAGS=3D\"--disable-background-netwo= rking\"~@ + if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@ + then~@ + CHROMIUM_FLAGS=3D\"$CHROMIUM_FLAGS --disa= ble-extensions\"~@ + fi~@ + exec ~a $CHROMIUM_FLAGS \"$@\"~%" + sh (string-append lib "/chromium")))) + (chmod exe #o755) + + (wrap-program exe + ;; TODO: Get these in RUNPATH. + `("LD_LIBRARY_PATH" ":" prefix + (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:" + mesa "/lib:" udev "/lib"))) + ;; Avoid file manager crash. See . + `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/sh= are")))) + #t))))))) + (native-inputs + `(("bison" ,bison) + ("git" ,git) ;last_commit_position.py + ("gperf" ,gperf) + ("ninja" ,ninja) + ("node" ,node) + ("pkg-config" ,pkg-config) + ("which" ,which) + ("yasm" ,yasm) + + ("python-beautifulsoup4" ,python2-beautifulsoup4) + ("python-html5lib" ,python2-html5lib) + ("python" ,python-2))) + (inputs + `(("alsa-lib" ,alsa-lib) + ("atk" ,atk) + ("cups" ,cups) + ("curl" ,curl) + ("dbus" ,dbus) + ("dbus-glib" ,dbus-glib) + ("expat" ,expat) + ("flac" ,flac) + ("ffmpeg" ,ffmpeg) + ("fontconfig" ,fontconfig) + ("freetype" ,freetype) + ("gdk-pixbuf" ,gdk-pixbuf) + ("glib" ,glib) + ("gtk+-2" ,gtk+-2) + ("gtk+" ,gtk+) + ("harfbuzz" ,harfbuzz) + ("icu4c" ,icu4c) + ("jsoncpp" ,jsoncpp) + ("libevent" ,libevent) + ("libffi" ,libffi) + ("libjpeg-turbo" ,libjpeg-turbo) + ("libpng" ,libpng) + ("libusb" ,libusb) + ("libvpx" ,libvpx+experimental) + ("libwebp" ,libwebp) + ("libx11" ,libx11) + ("libxcb" ,libxcb) + ("libxcomposite" ,libxcomposite) + ("libxcursor" ,libxcursor) + ("libxdamage" ,libxdamage) + ("libxext" ,libxext) + ("libxfixes" ,libxfixes) + ("libxi" ,libxi) + ("libxkbcommon" ,libxkbcommon) + ("libxml2" ,libxml2) + ("libxrandr" ,libxrandr) + ("libxrender" ,libxrender) + ("libxscrnsaver" ,libxscrnsaver) + ("libxslt" ,libxslt) + ("libxtst" ,libxtst) + ("mesa" ,mesa) + ("minizip" ,minizip) + ("mit-krb5" ,mit-krb5) + ("nss" ,nss) + ("openh264" ,openh264) + ("openssl" ,openssl) + ("opus" ,opus+custom) + ("pango" ,pango) + ("pciutils" ,pciutils) + ("protobuf" ,protobuf) + ("pulseaudio" ,pulseaudio) + ("re2" ,re2) + ("snappy" ,snappy) + ("speech-dispatcher" ,speech-dispatcher) + ("sqlite" ,sqlite) + ("udev" ,eudev) + ("valgrind" ,valgrind))) + (home-page "https://www.chromium.org/") + (description + "Chromium is a web browser using the @code{Blink} rendering engine.") + ;; Chromium is developed as BSD-3, but bundles a large number of third= -party + ;; software with other licenses. For full information, see chrome://cr= edits. + (license (list license:bsd-3 + license:bsd-2 + license:expat + license:asl2.0 + license:mpl2.0 + license:public-domain + license:lgpl2.1+)))) diff --git a/gnu/packages/patches/chromium-disable-api-keys-warning.patch b= /gnu/packages/patches/chromium-disable-api-keys-warning.patch new file mode 100644 index 000000000..c7e219f40 =2D-- /dev/null +++ b/gnu/packages/patches/chromium-disable-api-keys-warning.patch @@ -0,0 +1,17 @@ +Disable warning about missing API keys. + +Copied from: + +https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/= patches/disable/google-api-warning.patch + +--- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc ++++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc +@@ -816,8 +816,6 @@ void StartupBrowserCreatorImpl::AddInfoB + !command_line_.HasSwitch(switches::kTestType) && + !command_line_.HasSwitch(switches::kEnableAutomation)) { + chrome::ShowBadFlagsPrompt(browser); +- GoogleApiKeysInfoBarDelegate::Create(InfoBarService::FromWebContents( +- browser->tab_strip_model()->GetActiveWebContents())); + ObsoleteSystemInfoBarDelegate::Create(InfoBarService::FromWebContents( + browser->tab_strip_model()->GetActiveWebContents())); +=20 diff --git a/gnu/packages/patches/chromium-disable-third-party-cookies.patc= h b/gnu/packages/patches/chromium-disable-third-party-cookies.patch new file mode 100644 index 000000000..0694c35f3 =2D-- /dev/null +++ b/gnu/packages/patches/chromium-disable-third-party-cookies.patch @@ -0,0 +1,13 @@ +Disable third party cookies by default. + +--- a/components/content_settings/core/browser/cookie_settings.cc ++++ b/components/content_settings/core/browser/cookie_settings.cc +@@ -101,7 +101,7 @@ void CookieSettings::GetCookieSettings( + void CookieSettings::RegisterProfilePrefs( + user_prefs::PrefRegistrySyncable* registry) { + registry->RegisterBooleanPref( +- prefs::kBlockThirdPartyCookies, false, ++ prefs::kBlockThirdPartyCookies, true, + user_prefs::PrefRegistrySyncable::SYNCABLE_PREF); + } +=20 diff --git a/gnu/packages/patches/chromium-system-icu.patch b/gnu/packages/= patches/chromium-system-icu.patch new file mode 100644 index 000000000..c35c1b75c =2D-- /dev/null +++ b/gnu/packages/patches/chromium-system-icu.patch @@ -0,0 +1,15 @@ +description: maintain compatibility with system icu library +author: Michael Gilbert + +--- a/BUILD.gn ++++ b/BUILD.gn +@@ -657,8 +657,7 @@ group("gn_all") { + } + } +=20 +- if ((is_linux && !is_chromeos && !is_chromecast) || (is_win && use_drfu= zz) || +- (use_libfuzzer && is_mac)) { ++ if (false) { + deps +=3D [ + "//testing/libfuzzer/fuzzers", + "//testing/libfuzzer/tests:libfuzzer_tests", =2D-=20 2.14.2 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlnn2H0ACgkQoqBt8qM6 VPpwOwf/UD+ihwoQbrbiP0UE8gzYMbFb35Xnsc5klnFLYaqBsZiz1fCLYq6KGYhQ T7GLDQjdb88Hftlw/byGgbLUAsAC62StpwxZtLjYf2RffF88YYZCe6PP/RBy+1LK r56iTWGF/+wEJ5WkkWabRkc+msvQAfO71qYDXNoTcHZ+fpzG0Z2iPvbGOAByRcyM NyR3oaEX4y6LT0SpbmMBZm25VBwtko9rjZDx7PllJRYPuYwJV3ErYJ9LFfwuGZW/ lR+qOSFQYjgpvTfYio5ujFwFLaNRQ8esXmkR34uQC3tsdYpO7Lb/9wIcmsS/7q5j nRdSYO9O1fA+Rq6muVY4qvFBzch+4g== =KE1Q -----END PGP SIGNATURE----- --==-=-=--