* [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser.
@ 2024-01-18 23:14 Clément Lassieur
2024-01-18 23:19 ` [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance Clément Lassieur
` (5 more replies)
0 siblings, 6 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-18 23:14 UTC (permalink / raw)
To: 68577
Cc: Clément Lassieur, Mark H Weaver, André Batista,
Jonathan Brielmaier, Ian Eure
Hi, this adds Mullvad Browser, which is a privacy-focused web browser based on
Firefox and done in collaboration with the Tor Browser folk.
There is a commit to improve inheritance, so that the other one, the real one,
is short.
Clément Lassieur (2):
gnu: icecat: Improve inheritance.
gnu: Add mullvad-browser.
gnu/packages/gnuzilla.scm | 66 +++++----
gnu/packages/tor.scm | 302 ++++++++++++++++++++++++++------------
2 files changed, 247 insertions(+), 121 deletions(-)
base-commit: 551d013a56bf7d22bac80e0fd21d971973c3cf6f
prerequisite-patch-id: 228872879442058215f5282bf3ff749af09d9923
prerequisite-patch-id: 8f111ffb19ff559001251fb9e21aa8dc889d4767
--
2.41.0
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance.
2024-01-18 23:14 [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Clément Lassieur
@ 2024-01-18 23:19 ` Clément Lassieur
2024-01-22 6:09 ` Mark H Weaver
2024-01-18 23:19 ` [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser Clément Lassieur
` (4 subsequent siblings)
5 siblings, 1 reply; 29+ messages in thread
From: Clément Lassieur @ 2024-01-18 23:19 UTC (permalink / raw)
To: 68577
Cc: Clément Lassieur, Mark H Weaver, André Batista,
Jonathan Brielmaier, Ian Eure
* gnu/packages/gnuzilla.scm (make-icecat-minimal): New procedure, export it.
[arguments]: Split the ‘configure’ phase into several phases: ‘setenv’,
‘mozconfig’ and ‘configure’. In the ‘wrap-program’ and ‘install-icons’
phases, replace "icecat", "browser/branding/official" with ‘#$moz-app-name’
and ‘#$branding-directory’. Clean the ‘install-icons’ phase to help
inheritance.
(icecat-minimal): Call the ‘make-icecat-minimal’ procedure.
* gnu/packages/tor.scm (make-torbrowser): New procedure.
[base]: New variable corresponding to an ‘icecat-minimal’ with correct
inheritance values.
[arguments]: Replace ‘icecat-minimal’ with ‘base’. Change "torbrowser", "Tor
Browser", "tb-release", ‘#$version’, ‘#$torbrowser-assets’,
‘#$%torbrowser-locales’ with ‘#$moz-app-name’, ‘#$moz-app-remotingname’,
‘#$branding-directory’, ‘#$base-browser-version’, ‘#$assets’ and ‘#$locales’.
Adapt phases with regard to the ‘icecat-minimal’ changes. Split the
‘deploy-assets’ and the ‘autoconfig’ phases so to make inheritance easier.
[inputs]: Inherit ‘base’ inputs instead of ‘icecat-minimal’.
(torbrowser): Call the ‘make-torbrowser’ procedure.
Change-Id: I5fcf73e53fe4481a18e13cdeb3515c3dc4430090
---
gnu/packages/gnuzilla.scm | 66 ++++++++-------
gnu/packages/tor.scm | 171 ++++++++++++++++++--------------------
2 files changed, 116 insertions(+), 121 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index e3bc625bc0f5..71bf9ca99bbd 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -99,7 +99,8 @@ (define-module (gnu packages gnuzilla)
#:use-module (gnu packages readline)
#:use-module (gnu packages sqlite)
#:autoload (json parser) (json->scm)
- #:export (all-mozilla-locales))
+ #:export (all-mozilla-locales
+ make-icecat-minimal))
(define-public mozjs
(package
@@ -720,7 +721,9 @@ (define icecat-source
"--sort=name"
icecat-dir)))))))))
-(define-public icecat-minimal
+(define* (make-icecat-minimal #:key
+ moz-app-name
+ branding-directory)
(package
(name "icecat-minimal")
(version %icecat-version)
@@ -1013,16 +1016,11 @@ (define-public icecat-minimal
(substitute* "build/RunCbindgen.py"
(("\"--frozen\",") ""))))
(delete 'bootstrap)
- (replace 'configure
+ (add-before 'configure 'setenv
;; configure does not work followed by both "SHELL=..." and
;; "CONFIG_SHELL=..."; set environment variables instead
- (lambda* (#:key outputs configure-flags #:allow-other-keys)
- (let* ((bash (which "bash"))
- (abs-srcdir (getcwd))
- (flags `(,(string-append "--prefix=" #$output)
- ,(string-append "--with-l10n-base="
- abs-srcdir "/l10n")
- ,@configure-flags)))
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((bash (which "bash")))
(setenv "SHELL" bash)
(setenv "CONFIG_SHELL" bash)
@@ -1048,16 +1046,23 @@ (define-public icecat-minimal
(setenv "MOZBUILD_STATE_PATH"
(string-append (getcwd) "/.mozbuild"))
- (format #t "build directory: ~s~%" (getcwd))
+ (format #t "build directory: ~s~%" (getcwd)))))
+ (add-before 'configure 'mozconfig
+ (lambda* (#:key configure-flags #:allow-other-keys)
+ (let ((flags `(,(string-append "--prefix=" #$output)
+ ,(string-append "--with-l10n-base="
+ (getcwd) "/l10n")
+ ,@configure-flags)))
(format #t "configure flags: ~s~%" flags)
(call-with-output-file "mozconfig"
(lambda (port)
(for-each (lambda (flag)
(format port "ac_add_options ~a\n" flag))
- flags)))
-
- (invoke "./mach" "configure"))))
+ flags))))))
+ (replace 'configure
+ (lambda _
+ (invoke "./mach" "configure")))
(replace 'build
(lambda* (#:key (make-flags '()) (parallel-build? #t)
#:allow-other-keys)
@@ -1093,8 +1098,7 @@ (define-public icecat-minimal
(string-append #$output "/bin"))))
(add-after 'install 'wrap-program
(lambda* (#:key inputs #:allow-other-keys)
- (let* ((lib (string-append #$output "/lib"))
- (gtk #$(this-package-input "gtk+"))
+ (let* ((gtk #$(this-package-input "gtk+"))
(gtk-share (string-append gtk "/share"))
(ld-libs '#$(cons
(file-append
@@ -1112,7 +1116,8 @@ (define-public icecat-minimal
;; For the integration of native notifications
;; (same reason as icedove)
"libnotify")))))
- (wrap-program (car (find-files lib "^icecat$"))
+ (wrap-program (format #f "~a/lib/~a/~a"
+ #$output #$moz-app-name #$moz-app-name)
`("XDG_DATA_DIRS" prefix (,gtk-share))
;; The following line is commented out because the icecat
;; package on guix has been observed to be unstable when
@@ -1134,18 +1139,17 @@ (define-public icecat-minimal
"StartupNotify=true\nStartupWMClass=Icecat"))
(install-file desktop-file applications))))
(add-after 'install-desktop-entry 'install-icons
- (lambda _
- (with-directory-excursion "browser/branding/official"
- (for-each
- (lambda (file)
- (let* ((size (string-filter char-numeric? file))
- (icons (string-append #$output "/share/icons/hicolor/"
- size "x" size "/apps")))
- (mkdir-p icons)
- (copy-file file (string-append icons "/icecat.png"))))
- '("default16.png" "default22.png" "default24.png"
- "default32.png" "default48.png" "content/icon64.png"
- "mozicon128.png" "default256.png"))))))))
+ (lambda* (#:key inputs #:allow-other-keys)
+ (for-each
+ (lambda (size)
+ (let ((oldpath (string-append
+ #$branding-directory "/default" size ".png"))
+ (newpath (string-append
+ #$output "/share/icons/hicolor/" size "x"
+ size "/apps/" #$moz-app-name ".png")))
+ (mkdir-p (dirname newpath))
+ (copy-file oldpath newpath)))
+ '("16" "22" "24" "32" "48" "64" "128" "256")))))))
(native-search-paths
(list (search-path-specification
(variable "ICECAT_SYSTEM_DIR")
@@ -1169,6 +1173,10 @@ (define-public icecat-minimal
(cpe-name . "firefox_esr")
(cpe-version . ,(first (string-split version #\-)))))))
+(define-public icecat-minimal
+ (make-icecat-minimal #:moz-app-name "icecat"
+ #:branding-directory "browser/branding/official"))
+
(define %icecat-locales
'("ach" "af" "an" "ar" "ast" "az" "be" "bg" "bn" "br" "bs" "ca" "cak"
"ca-valencia" "cs" "cy" "da" "de" "dsb" "el" "en-CA" "en-GB" "eo" "es-AR"
diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
index 604be621157c..6eb0c7609f0b 100644
--- a/gnu/packages/tor.scm
+++ b/gnu/packages/tor.scm
@@ -562,9 +562,18 @@ (define torbrowser-assets
Browser.")
(license license:silofl1.1)))
-(define-public torbrowser
+(define* (make-torbrowser #:key
+ moz-app-name
+ moz-app-remotingname
+ branding-directory
+ assets
+ locales
+ base-browser-version)
+ (define base (make-icecat-minimal
+ #:moz-app-name moz-app-name
+ #:branding-directory branding-directory))
(package
- (inherit icecat-minimal)
+ (inherit base)
(name "torbrowser")
(version %torbrowser-version)
(source
@@ -580,42 +589,45 @@ (define-public torbrowser
"1c0p8aya7sh7nmawngkyzx2r02mvl9nd53hx2bl0jwvsj1vxxhca"))))
(build-system mozilla-build-system)
(arguments
- (substitute-keyword-arguments (package-arguments icecat-minimal)
+ (substitute-keyword-arguments (package-arguments base)
((#:configure-flags flags '())
#~(cons*
"--without-relative-data-dir" ;store is read-only
"--disable-base-browser-update"
;; Default is "default", which is the same as "nightly".
"--enable-update-channel=release"
- "--with-user-appdir=.torbrowser"
- "--with-branding=browser/branding/tb-release"
+ ;; This is useless right now but it might be used in the future.
+ ;; (See nsAppFileLocationProvider.cpp.)
+ (string-append "--with-user-appdir=." #$moz-app-name)
+ (string-append "--with-branding=" #$branding-directory)
(string-append "--prefix=" #$output)
- (string-append "--with-base-browser-version=" #$version)
+ (string-append "--with-base-browser-version="
+ #$base-browser-version)
#$flags))
((#:phases phases)
#~(modify-phases #$phases
- (add-before 'configure 'setenv
+ (replace 'setenv
(lambda _
(setenv "CONFIG_SHELL" (which "bash"))
;; Install location is prefix/lib/$MOZ_APP_NAME. Also
;; $MOZ_APP_NAME is the executable name. Default is
;; "firefox".
- (setenv "MOZ_APP_NAME" "torbrowser")
+ (setenv "MOZ_APP_NAME" #$moz-app-name)
;; Profile location (relative to "~/."). Default is
;; lower($MOZ_APP_VENDOR/$MOZ_APP_BASENAME), which is:
;; ~/.tor project/firefox.
- (setenv "MOZ_APP_PROFILE" "torbrowser/browser")
+ (setenv "MOZ_APP_PROFILE" #$(in-vicinity
+ moz-app-name "browser"))
;; WM_CLASS (default is "$MOZ_APP_NAME-$MOZ_UPDATE_CHANNEL").
- (setenv "MOZ_APP_REMOTINGNAME" "Tor Browser")
+ (setenv "MOZ_APP_REMOTINGNAME" #$moz-app-remotingname)
;; Persistent state directory for the build system (default is
;; $HOME/.mozbuild).
(setenv "MOZBUILD_STATE_PATH"
(in-vicinity (getcwd) ".mozbuild"))
- (setenv "MOZ_CHROME_MULTILOCALE"
- (string-join '#$%torbrowser-locales))
+ (setenv "MOZ_CHROME_MULTILOCALE" (string-join '#$locales))
;; Make build reproducible.
(setenv "MOZ_BUILD_DATE" #$%moz-build-date)))
- (add-before 'configure 'mozconfig
+ (replace 'mozconfig
(lambda* (#:key configure-flags #:allow-other-keys)
(with-output-to-file "mozconfig"
(lambda ()
@@ -623,9 +635,6 @@ (define-public torbrowser
(for-each (lambda (flag)
(format #t "ac_add_options ~a~%" flag))
configure-flags)))))
- (replace 'configure
- (lambda _
- (invoke "./mach" "configure")))
;; See tor-browser-build/projects/firefox/build.
(add-before 'configure 'copy-firefox-locales
(lambda _
@@ -637,7 +646,7 @@ (define-public torbrowser
(string-suffix? lang path))
'#$all-mozilla-locales)
(in-vicinity l10ncentral lang)))
- '#$%torbrowser-locales))))
+ '#$locales))))
(add-after 'copy-firefox-locales 'copy-basebrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -661,7 +670,7 @@ (define-public torbrowser
"translation-base-browser/~a/*"
"~a/~a/browser/chrome/browser/"))
lang l10ncentral lang)))
- '#$%torbrowser-locales))))
+ '#$locales))))
(add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -698,7 +707,7 @@ (define-public torbrowser
(format port " locale/~a/ (chrome/locale/~a/*)~%"
lang lang)
(close port)))
- '#$%torbrowser-locales))))
+ '#$locales))))
(add-before 'build 'fix-addons-placeholder
(lambda _
(substitute*
@@ -717,13 +726,24 @@ (define-public torbrowser
(lambda _
(system (string-join '("./mach package-multi-locale --locales"
"en-US $MOZ_CHROME_MULTILOCALE")))))
- (add-after 'install 'deploy-assets
+ (add-after 'install 'deploy-fonts
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/" #$moz-app-name)))
+ ;; Fonts
+ (copy-recursively (in-vicinity #$assets "fontconfig")
+ (in-vicinity lib "fontconfig"))
+ (substitute* (in-vicinity lib "fontconfig/fonts.conf")
+ (("<dir>fonts</dir>")
+ (format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
+ (delete-file-recursively (in-vicinity lib "fonts"))
+ (copy-recursively (in-vicinity #$assets "fonts")
+ (in-vicinity lib "fonts")))))
+ (add-after 'deploy-fonts 'deploy-tor-assets
(lambda* (#:key inputs #:allow-other-keys)
(let ((lib (in-vicinity #$output "lib/torbrowser"))
(tor #$(this-package-input "tor-client")))
;; TorBrowser/Data/Tor/torrc-defaults
- (copy-recursively (in-vicinity
- #$torbrowser-assets "TorBrowser")
+ (copy-recursively (in-vicinity #$assets "TorBrowser")
(in-vicinity lib "TorBrowser"))
(substitute*
(in-vicinity lib "TorBrowser/Data/Tor/torrc-defaults")
@@ -733,20 +753,10 @@ (define-public torbrowser
;; The geoip and geoip6 files are in the same directory as
;; torrc-defaults. (See TorProcess.sys.mjs.)
(mkdir-p (in-vicinity lib "TorBrowser/Data/Tor"))
- (copy-file (in-vicinity tor "share/tor/geoip")
- (in-vicinity lib "TorBrowser/Data/Tor/geoip"))
(copy-file (in-vicinity tor "share/tor/geoip6")
(in-vicinity lib "TorBrowser/Data/Tor/geoip6"))
- ;; Fonts
- (copy-recursively (in-vicinity
- #$torbrowser-assets "fontconfig")
- (in-vicinity lib "fontconfig"))
- (substitute* (in-vicinity lib "fontconfig/fonts.conf")
- (("<dir>fonts</dir>")
- (format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
- (delete-file-recursively (in-vicinity lib "fonts"))
- (copy-recursively (in-vicinity #$torbrowser-assets "fonts")
- (in-vicinity lib "fonts")))))
+ (copy-file (in-vicinity tor "share/tor/geoip")
+ (in-vicinity lib "TorBrowser/Data/Tor/geoip")))))
(replace 'build-sandbox-whitelist
(lambda* (#:key inputs #:allow-other-keys)
(define (runpath-of lib)
@@ -773,8 +783,8 @@ (define-public torbrowser
(display whitelist-string))))))
(add-after 'install 'autoconfig
(lambda* (#:key inputs #:allow-other-keys)
- (let ((lib (in-vicinity #$output "lib/torbrowser"))
- (config-file "tor-browser.cfg"))
+ (let ((lib (string-append #$output "/lib/" #$moz-app-name))
+ (config-file (string-append #$moz-app-name ".cfg")))
(with-output-to-file (in-vicinity
lib "defaults/pref/autoconfig.js")
(lambda ()
@@ -786,13 +796,6 @@ (define-public torbrowser
(with-output-to-file (in-vicinity lib config-file)
(lambda ()
(format #t "// first line must be a comment~%")
- (format #t "pref(~s, ~s);~%"
- "extensions.torlauncher.torrc-defaults_path"
- (in-vicinity
- lib "TorBrowser/Data/Tor/torrc-defaults"))
- (format #t "pref(~s, ~s);~%"
- "extensions.torlauncher.tor_path"
- (search-input-file inputs "bin/tor"))
;; Required for Guix packaged extensions
;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
;; Default is 5.
@@ -821,64 +824,40 @@ (define-public torbrowser
(format #t "pref(~s, ~s);~%"
"lightweightThemes.getMoreURL"
"https://gnuzilla.gnu.org/mozzarella"))))))
- (replace 'wrap-program
+ (add-after 'autoconfig 'autoconfig-tor
(lambda* (#:key inputs #:allow-other-keys)
- (let* ((gtk #$(this-package-input "gtk+"))
- (gtk-share (string-append gtk "/share"))
- (fonts.conf (in-vicinity
- #$output
- "lib/torbrowser/fontconfig/fonts.conf"))
- (ld-libs '#$(cons
- (file-append
- (this-package-input "libcanberra")
- "/lib/gtk-3.0/modules")
- (map
- (lambda (label)
- (file-append
- (this-package-input label) "/lib"))
- '("libpng-apng"
- "libxscrnsaver"
- "mesa"
- "pciutils"
- "mit-krb5"
- "eudev"
- "pulseaudio"
- "libnotify")))))
- (wrap-program
- (in-vicinity #$output "lib/torbrowser/torbrowser")
- `("XDG_DATA_DIRS" prefix (,gtk-share))
- `("LD_LIBRARY_PATH" prefix ,ld-libs)
+ (let ((lib (in-vicinity #$output "lib/torbrowser"))
+ (config-file (string-append #$moz-app-name ".cfg")))
+ (let ((port (open-file (in-vicinity lib config-file) "a")))
+ (format port "pref(~s, ~s);~%"
+ "extensions.torlauncher.torrc-defaults_path"
+ (in-vicinity
+ lib "TorBrowser/Data/Tor/torrc-defaults"))
+ (format port "pref(~s, ~s);~%"
+ "extensions.torlauncher.tor_path"
+ (search-input-file inputs "bin/tor"))
+ (close port)))))
+ (add-after 'wrap-program 'wrap-fonts
+ (lambda _
+ (let ((fonts.conf (format #f "~a/lib/~a/fontconfig/fonts.conf"
+ #$output #$moz-app-name)))
+ (wrap-program (format #f "~a/lib/~a/~a"
+ #$output
+ #$moz-app-name #$moz-app-name)
`("FONTCONFIG_FILE" prefix (,fonts.conf))))))
(replace 'install-desktop-entry
(lambda _
(let ((apps (in-vicinity #$output "share/applications")))
(mkdir-p apps)
(make-desktop-entry-file
- (in-vicinity apps "torbrowser.desktop")
- #:name "Tor Browser"
- #:exec
- (format #f "~a %u" (in-vicinity #$output "bin/torbrowser"))
- #:comment
- "Tor Browser is +1 for privacy and -1 for mass surveillance"
+ (string-append apps #$moz-app-name ".desktop")
+ #:name #$moz-app-remotingname
+ #:exec (format #f "~a/bin/~a %u" #$output #$moz-app-name)
#:categories '("Network" "WebBrowser" "Security")
- #:startup-w-m-class "Tor Browser"
- #:icon "tor-browser"))))
- (replace 'install-icons
- (lambda* (#:key inputs #:allow-other-keys)
- (for-each
- (lambda (size)
- (let ((oldpath (string-append
- "browser/branding/tb-release/default"
- size ".png"))
- (newpath (string-append #$output
- "/share/icons/hicolor/"
- size "x" size "/apps")))
- (mkdir-p newpath)
- (copy-file oldpath
- (in-vicinity newpath "tor-browser.png"))))
- '("16" "22" "24" "32" "48" "64" "128" "256"))))))))
+ #:startup-w-m-class #$moz-app-remotingname
+ #:icon #$moz-app-name))))))))
(inputs
- (modify-inputs (package-inputs icecat-minimal)
+ (modify-inputs (package-inputs base)
(append go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
tor-client)))
(propagated-inputs
@@ -892,3 +871,11 @@ (define-public torbrowser
attacks on the privacy of Tor users.")
(license license:mpl2.0))) ;And others, see
;toolkit/content/license.html
+
+(define-public torbrowser
+ (make-torbrowser #:moz-app-name "torbrowser"
+ #:moz-app-remotingname "Tor Browser"
+ #:branding-directory "browser/branding/tb-release"
+ #:assets torbrowser-assets
+ #:locales %torbrowser-locales
+ #:base-browser-version %torbrowser-version))
--
2.41.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser.
2024-01-18 23:14 [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Clément Lassieur
2024-01-18 23:19 ` [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance Clément Lassieur
@ 2024-01-18 23:19 ` Clément Lassieur
2024-01-22 5:57 ` Mark H Weaver
2024-01-19 5:49 ` [bug#68577] [PATCH v2 0/2] gnu: Add Mullvad Browser Clément Lassieur
` (3 subsequent siblings)
5 siblings, 1 reply; 29+ messages in thread
From: Clément Lassieur @ 2024-01-18 23:19 UTC (permalink / raw)
To: 68577
Cc: Clément Lassieur, Mark H Weaver, André Batista,
Jonathan Brielmaier, Ian Eure
* gnu/packages/tor.scm (%mullvadbrowser-version,
%mullvadbrowser-firefox-version, %mullvadbrowser-locales,
translation-mullvad-browser, mullvadbrowser-assets, mullvadbrowser-base,
mullvadbrowser): New variables.
Change-Id: Ie6d48823b3794710f60f0ae201a0297925221f66
---
gnu/packages/tor.scm | 131 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 131 insertions(+)
diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
index 6eb0c7609f0b..357b561874c7 100644
--- a/gnu/packages/tor.scm
+++ b/gnu/packages/tor.scm
@@ -879,3 +879,134 @@ (define-public torbrowser
#:assets torbrowser-assets
#:locales %torbrowser-locales
#:base-browser-version %torbrowser-version))
+
+;; To find the last version, look at
+;; https://mullvad.net/en/download/browser/linux.
+(define %mullvadbrowser-version "13.0.7")
+
+;; To find the last Firefox version, browse
+;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version>
+;; There should be only one archive that starts with
+;; "src-firefox-mullvad-browser-".
+(define %mullvadbrowser-firefox-version "115.6.0esr-13.0-1-build1")
+
+;; Use the list in tor-browser-build/rbm.conf.
+(define %mullvadbrowser-locales
+ '("ar" "da" "de" "es-ES" "fa" "fi" "fr" "it" "ja" "ko" "my" "nb-NO" "nl"
+ "pl" "pt-BR" "ru" "sv-SE" "th" "tr" "zh-CN" "zh-TW"))
+
+;; See tor-browser-build/projects/translation/config.
+(define translation-mullvad-browser
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://gitlab.torproject.org/tpo/translation.git")
+ (commit "57de1569da0e2c48fd999a13e555f6b522041993")))
+ (file-name "translation-mullvad-browser")
+ (sha256
+ (base32
+ "1q3979ac92c5mib573hx9w06x3hrfw7r52wzmj9r75sz2hhsmrq3"))))
+
+(define-public mullvadbrowser-assets
+ ;; This is a prebuilt Mullvad Browser from which we take the assets we need.
+ (package
+ (name "mullvadbrowser-assets")
+ (version %mullvadbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
+ version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1i7vf7cn6s5iajsp4999jpxxn8qblljrrmfs4nswmc2swdmi07gk"))))
+ (arguments
+ (list
+ #:install-plan
+ ''(("Browser" "." #:include-regexp
+ ("^\\./fonts/"
+ "^\\./fontconfig/fonts.conf"
+ ;; Mullvad Browser Extension
+ "^\\./distribution/extensions/\\{d19a89b9-76c1-4a61-bcd4-49e8de916403\\}.xpi"
+ )))))
+ (build-system copy-build-system)
+ (home-page "https://www.torproject.org")
+ (synopsis "Mullvad Browser assets")
+ (description "This package contains fonts and configuration files for
+Mullvad Browser.")
+ (license license:silofl1.1)))
+
+(define mullvadbrowser-base
+ (make-torbrowser #:moz-app-name "mullvadbrowser"
+ #:moz-app-remotingname "Mullvad Browser"
+ #:branding-directory "browser/branding/mb-release"
+ #:assets mullvadbrowser-assets
+ #:locales %mullvadbrowser-locales
+ #:base-browser-version %mullvadbrowser-version))
+
+(define-public mullvadbrowser
+ (package
+ (inherit mullvadbrowser-base)
+ (name "mullvadbrowser")
+ (version %mullvadbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
+ version "/src-firefox-mullvad-browser-"
+ %mullvadbrowser-firefox-version ".tar.xz"))
+ (sha256
+ (base32
+ "1hhmq0sh949vzs3mhh0pmpd2llgw149mv7kzzg2ylj8h2628y0px"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments mullvadbrowser-base)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (add-after 'unpack 'ublock-private-allowed
+ (lambda _
+ (substitute* "toolkit/components/extensions/Extension.sys.mjs"
+ ;; The code that gives the correct permission only applies to
+ ;; distribution add-ons (see installDistributionAddon() in
+ ;; XPIProvider.jsm).
+ (("this.isNoScript")
+ "this.isNoScript || this.id === \"uBlock0@raymondhill.net\""))))
+ ;; See tor-browser-build/projects/firefox/build.
+ (replace 'copy-torbrowser-locales
+ (lambda _
+ (for-each
+ (lambda (lang)
+ (system
+ (format #f "cp -Lr ~a/~a .mozbuild/l10n-central/"
+ #$translation-mullvad-browser lang)))
+ '#$%mullvadbrowser-locales)))
+ (add-before 'build 'fix-profiles
+ ;; Otherwise the profile would change every time the install
+ ;; location changes, that is: at every package update. These
+ ;; values are already the default values for Icecat and Tor
+ ;; Browser.
+ (lambda _
+ (substitute* "browser/moz.configure"
+ (("\"MOZ_DEDICATED_PROFILES\", True")
+ "\"MOZ_DEDICATED_PROFILES\", False")
+ (("\"MOZ_BLOCK_PROFILE_DOWNGRADE\", True")
+ "\"MOZ_BLOCK_PROFILE_DOWNGRADE\", False"))))
+ (add-after 'deploy-fonts 'deploy-extension
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (in-vicinity #$output "lib/mullvadbrowser")))
+ ;; Mullvad Browser Extension (FIXME: package it)
+ (copy-recursively
+ (in-vicinity #$mullvadbrowser-assets "distribution")
+ (in-vicinity lib "distribution")))))
+ (delete 'deploy-tor-assets)
+ (delete 'autoconfig-tor)))))
+ (inputs (package-inputs icecat-minimal))
+ (propagated-inputs
+ (list noscript/icecat
+ ublock-origin/icecat))
+ (synopsis "Privacy-focused browser")
+ (description "Mullvad Browser is a privacy-focused web browser designed to
+be used with a trustworthy VPN instead of the Tor Network.")))
--
2.41.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 1/2] gnu: icecat: Improve inheritance.
2024-01-19 5:49 ` [bug#68577] [PATCH v2 0/2] gnu: Add Mullvad Browser Clément Lassieur
@ 2024-01-19 5:11 ` Clément Lassieur
2024-01-19 5:12 ` [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser Clément Lassieur
1 sibling, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-19 5:11 UTC (permalink / raw)
To: 68577; +Cc: Clément Lassieur
* gnu/packages/gnuzilla.scm (make-icecat-minimal): New procedure, export it.
[arguments]: Split the ‘configure’ phase into several phases: ‘setenv’,
‘mozconfig’ and ‘configure’. In the ‘wrap-program’ and ‘install-icons’
phases, replace "icecat", "browser/branding/official" with ‘#$moz-app-name’
and ‘#$branding-directory’. Clean the ‘install-icons’ phase to help
inheritance.
(icecat-minimal): Call the ‘make-icecat-minimal’ procedure.
* gnu/packages/tor.scm (make-torbrowser): New procedure.
[base]: New variable corresponding to an ‘icecat-minimal’ with correct
inheritance values.
[arguments]: Replace ‘icecat-minimal’ with ‘base’. Change "torbrowser", "Tor
Browser", "tb-release", ‘#$version’, ‘#$torbrowser-assets’,
‘#$%torbrowser-locales’ with ‘#$moz-app-name’, ‘#$moz-app-remotingname’,
‘#$branding-directory’, ‘#$base-browser-version’, ‘#$assets’ and ‘#$locales’.
Adapt phases with regard to the ‘icecat-minimal’ changes. Split the
‘deploy-assets’ and the ‘autoconfig’ phases so to make inheritance easier.
[inputs]: Inherit ‘base’ inputs instead of ‘icecat-minimal’.
(torbrowser): Call the ‘make-torbrowser’ procedure.
Change-Id: I5fcf73e53fe4481a18e13cdeb3515c3dc4430090
---
gnu/packages/gnuzilla.scm | 66 ++++++++-------
gnu/packages/tor.scm | 171 ++++++++++++++++++--------------------
2 files changed, 116 insertions(+), 121 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index e3bc625bc0f5..71bf9ca99bbd 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -99,7 +99,8 @@ (define-module (gnu packages gnuzilla)
#:use-module (gnu packages readline)
#:use-module (gnu packages sqlite)
#:autoload (json parser) (json->scm)
- #:export (all-mozilla-locales))
+ #:export (all-mozilla-locales
+ make-icecat-minimal))
(define-public mozjs
(package
@@ -720,7 +721,9 @@ (define icecat-source
"--sort=name"
icecat-dir)))))))))
-(define-public icecat-minimal
+(define* (make-icecat-minimal #:key
+ moz-app-name
+ branding-directory)
(package
(name "icecat-minimal")
(version %icecat-version)
@@ -1013,16 +1016,11 @@ (define-public icecat-minimal
(substitute* "build/RunCbindgen.py"
(("\"--frozen\",") ""))))
(delete 'bootstrap)
- (replace 'configure
+ (add-before 'configure 'setenv
;; configure does not work followed by both "SHELL=..." and
;; "CONFIG_SHELL=..."; set environment variables instead
- (lambda* (#:key outputs configure-flags #:allow-other-keys)
- (let* ((bash (which "bash"))
- (abs-srcdir (getcwd))
- (flags `(,(string-append "--prefix=" #$output)
- ,(string-append "--with-l10n-base="
- abs-srcdir "/l10n")
- ,@configure-flags)))
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((bash (which "bash")))
(setenv "SHELL" bash)
(setenv "CONFIG_SHELL" bash)
@@ -1048,16 +1046,23 @@ (define-public icecat-minimal
(setenv "MOZBUILD_STATE_PATH"
(string-append (getcwd) "/.mozbuild"))
- (format #t "build directory: ~s~%" (getcwd))
+ (format #t "build directory: ~s~%" (getcwd)))))
+ (add-before 'configure 'mozconfig
+ (lambda* (#:key configure-flags #:allow-other-keys)
+ (let ((flags `(,(string-append "--prefix=" #$output)
+ ,(string-append "--with-l10n-base="
+ (getcwd) "/l10n")
+ ,@configure-flags)))
(format #t "configure flags: ~s~%" flags)
(call-with-output-file "mozconfig"
(lambda (port)
(for-each (lambda (flag)
(format port "ac_add_options ~a\n" flag))
- flags)))
-
- (invoke "./mach" "configure"))))
+ flags))))))
+ (replace 'configure
+ (lambda _
+ (invoke "./mach" "configure")))
(replace 'build
(lambda* (#:key (make-flags '()) (parallel-build? #t)
#:allow-other-keys)
@@ -1093,8 +1098,7 @@ (define-public icecat-minimal
(string-append #$output "/bin"))))
(add-after 'install 'wrap-program
(lambda* (#:key inputs #:allow-other-keys)
- (let* ((lib (string-append #$output "/lib"))
- (gtk #$(this-package-input "gtk+"))
+ (let* ((gtk #$(this-package-input "gtk+"))
(gtk-share (string-append gtk "/share"))
(ld-libs '#$(cons
(file-append
@@ -1112,7 +1116,8 @@ (define-public icecat-minimal
;; For the integration of native notifications
;; (same reason as icedove)
"libnotify")))))
- (wrap-program (car (find-files lib "^icecat$"))
+ (wrap-program (format #f "~a/lib/~a/~a"
+ #$output #$moz-app-name #$moz-app-name)
`("XDG_DATA_DIRS" prefix (,gtk-share))
;; The following line is commented out because the icecat
;; package on guix has been observed to be unstable when
@@ -1134,18 +1139,17 @@ (define-public icecat-minimal
"StartupNotify=true\nStartupWMClass=Icecat"))
(install-file desktop-file applications))))
(add-after 'install-desktop-entry 'install-icons
- (lambda _
- (with-directory-excursion "browser/branding/official"
- (for-each
- (lambda (file)
- (let* ((size (string-filter char-numeric? file))
- (icons (string-append #$output "/share/icons/hicolor/"
- size "x" size "/apps")))
- (mkdir-p icons)
- (copy-file file (string-append icons "/icecat.png"))))
- '("default16.png" "default22.png" "default24.png"
- "default32.png" "default48.png" "content/icon64.png"
- "mozicon128.png" "default256.png"))))))))
+ (lambda* (#:key inputs #:allow-other-keys)
+ (for-each
+ (lambda (size)
+ (let ((oldpath (string-append
+ #$branding-directory "/default" size ".png"))
+ (newpath (string-append
+ #$output "/share/icons/hicolor/" size "x"
+ size "/apps/" #$moz-app-name ".png")))
+ (mkdir-p (dirname newpath))
+ (copy-file oldpath newpath)))
+ '("16" "22" "24" "32" "48" "64" "128" "256")))))))
(native-search-paths
(list (search-path-specification
(variable "ICECAT_SYSTEM_DIR")
@@ -1169,6 +1173,10 @@ (define-public icecat-minimal
(cpe-name . "firefox_esr")
(cpe-version . ,(first (string-split version #\-)))))))
+(define-public icecat-minimal
+ (make-icecat-minimal #:moz-app-name "icecat"
+ #:branding-directory "browser/branding/official"))
+
(define %icecat-locales
'("ach" "af" "an" "ar" "ast" "az" "be" "bg" "bn" "br" "bs" "ca" "cak"
"ca-valencia" "cs" "cy" "da" "de" "dsb" "el" "en-CA" "en-GB" "eo" "es-AR"
diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
index 604be621157c..8cd806fce9d3 100644
--- a/gnu/packages/tor.scm
+++ b/gnu/packages/tor.scm
@@ -562,9 +562,18 @@ (define torbrowser-assets
Browser.")
(license license:silofl1.1)))
-(define-public torbrowser
+(define* (make-torbrowser #:key
+ moz-app-name
+ moz-app-remotingname
+ branding-directory
+ assets
+ locales
+ base-browser-version)
+ (define base (make-icecat-minimal
+ #:moz-app-name moz-app-name
+ #:branding-directory branding-directory))
(package
- (inherit icecat-minimal)
+ (inherit base)
(name "torbrowser")
(version %torbrowser-version)
(source
@@ -580,42 +589,45 @@ (define-public torbrowser
"1c0p8aya7sh7nmawngkyzx2r02mvl9nd53hx2bl0jwvsj1vxxhca"))))
(build-system mozilla-build-system)
(arguments
- (substitute-keyword-arguments (package-arguments icecat-minimal)
+ (substitute-keyword-arguments (package-arguments base)
((#:configure-flags flags '())
#~(cons*
"--without-relative-data-dir" ;store is read-only
"--disable-base-browser-update"
;; Default is "default", which is the same as "nightly".
"--enable-update-channel=release"
- "--with-user-appdir=.torbrowser"
- "--with-branding=browser/branding/tb-release"
+ ;; This is useless right now but it might be used in the future.
+ ;; (See nsAppFileLocationProvider.cpp.)
+ (string-append "--with-user-appdir=." #$moz-app-name)
+ (string-append "--with-branding=" #$branding-directory)
(string-append "--prefix=" #$output)
- (string-append "--with-base-browser-version=" #$version)
+ (string-append "--with-base-browser-version="
+ #$base-browser-version)
#$flags))
((#:phases phases)
#~(modify-phases #$phases
- (add-before 'configure 'setenv
+ (replace 'setenv
(lambda _
(setenv "CONFIG_SHELL" (which "bash"))
;; Install location is prefix/lib/$MOZ_APP_NAME. Also
;; $MOZ_APP_NAME is the executable name. Default is
;; "firefox".
- (setenv "MOZ_APP_NAME" "torbrowser")
+ (setenv "MOZ_APP_NAME" #$moz-app-name)
;; Profile location (relative to "~/."). Default is
;; lower($MOZ_APP_VENDOR/$MOZ_APP_BASENAME), which is:
;; ~/.tor project/firefox.
- (setenv "MOZ_APP_PROFILE" "torbrowser/browser")
+ (setenv "MOZ_APP_PROFILE" #$(in-vicinity
+ moz-app-name "browser"))
;; WM_CLASS (default is "$MOZ_APP_NAME-$MOZ_UPDATE_CHANNEL").
- (setenv "MOZ_APP_REMOTINGNAME" "Tor Browser")
+ (setenv "MOZ_APP_REMOTINGNAME" #$moz-app-remotingname)
;; Persistent state directory for the build system (default is
;; $HOME/.mozbuild).
(setenv "MOZBUILD_STATE_PATH"
(in-vicinity (getcwd) ".mozbuild"))
- (setenv "MOZ_CHROME_MULTILOCALE"
- (string-join '#$%torbrowser-locales))
+ (setenv "MOZ_CHROME_MULTILOCALE" (string-join '#$locales))
;; Make build reproducible.
(setenv "MOZ_BUILD_DATE" #$%moz-build-date)))
- (add-before 'configure 'mozconfig
+ (replace 'mozconfig
(lambda* (#:key configure-flags #:allow-other-keys)
(with-output-to-file "mozconfig"
(lambda ()
@@ -623,9 +635,6 @@ (define-public torbrowser
(for-each (lambda (flag)
(format #t "ac_add_options ~a~%" flag))
configure-flags)))))
- (replace 'configure
- (lambda _
- (invoke "./mach" "configure")))
;; See tor-browser-build/projects/firefox/build.
(add-before 'configure 'copy-firefox-locales
(lambda _
@@ -637,7 +646,7 @@ (define-public torbrowser
(string-suffix? lang path))
'#$all-mozilla-locales)
(in-vicinity l10ncentral lang)))
- '#$%torbrowser-locales))))
+ '#$locales))))
(add-after 'copy-firefox-locales 'copy-basebrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -661,7 +670,7 @@ (define-public torbrowser
"translation-base-browser/~a/*"
"~a/~a/browser/chrome/browser/"))
lang l10ncentral lang)))
- '#$%torbrowser-locales))))
+ '#$locales))))
(add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -698,7 +707,7 @@ (define-public torbrowser
(format port " locale/~a/ (chrome/locale/~a/*)~%"
lang lang)
(close port)))
- '#$%torbrowser-locales))))
+ '#$locales))))
(add-before 'build 'fix-addons-placeholder
(lambda _
(substitute*
@@ -717,13 +726,24 @@ (define-public torbrowser
(lambda _
(system (string-join '("./mach package-multi-locale --locales"
"en-US $MOZ_CHROME_MULTILOCALE")))))
- (add-after 'install 'deploy-assets
+ (add-after 'install 'deploy-fonts
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/" #$moz-app-name)))
+ ;; Fonts
+ (copy-recursively (in-vicinity #$assets "fontconfig")
+ (in-vicinity lib "fontconfig"))
+ (substitute* (in-vicinity lib "fontconfig/fonts.conf")
+ (("<dir>fonts</dir>")
+ (format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
+ (delete-file-recursively (in-vicinity lib "fonts"))
+ (copy-recursively (in-vicinity #$assets "fonts")
+ (in-vicinity lib "fonts")))))
+ (add-after 'deploy-fonts 'deploy-tor-assets
(lambda* (#:key inputs #:allow-other-keys)
(let ((lib (in-vicinity #$output "lib/torbrowser"))
(tor #$(this-package-input "tor-client")))
;; TorBrowser/Data/Tor/torrc-defaults
- (copy-recursively (in-vicinity
- #$torbrowser-assets "TorBrowser")
+ (copy-recursively (in-vicinity #$assets "TorBrowser")
(in-vicinity lib "TorBrowser"))
(substitute*
(in-vicinity lib "TorBrowser/Data/Tor/torrc-defaults")
@@ -733,20 +753,10 @@ (define-public torbrowser
;; The geoip and geoip6 files are in the same directory as
;; torrc-defaults. (See TorProcess.sys.mjs.)
(mkdir-p (in-vicinity lib "TorBrowser/Data/Tor"))
- (copy-file (in-vicinity tor "share/tor/geoip")
- (in-vicinity lib "TorBrowser/Data/Tor/geoip"))
(copy-file (in-vicinity tor "share/tor/geoip6")
(in-vicinity lib "TorBrowser/Data/Tor/geoip6"))
- ;; Fonts
- (copy-recursively (in-vicinity
- #$torbrowser-assets "fontconfig")
- (in-vicinity lib "fontconfig"))
- (substitute* (in-vicinity lib "fontconfig/fonts.conf")
- (("<dir>fonts</dir>")
- (format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
- (delete-file-recursively (in-vicinity lib "fonts"))
- (copy-recursively (in-vicinity #$torbrowser-assets "fonts")
- (in-vicinity lib "fonts")))))
+ (copy-file (in-vicinity tor "share/tor/geoip")
+ (in-vicinity lib "TorBrowser/Data/Tor/geoip")))))
(replace 'build-sandbox-whitelist
(lambda* (#:key inputs #:allow-other-keys)
(define (runpath-of lib)
@@ -773,8 +783,8 @@ (define-public torbrowser
(display whitelist-string))))))
(add-after 'install 'autoconfig
(lambda* (#:key inputs #:allow-other-keys)
- (let ((lib (in-vicinity #$output "lib/torbrowser"))
- (config-file "tor-browser.cfg"))
+ (let ((lib (string-append #$output "/lib/" #$moz-app-name))
+ (config-file (string-append #$moz-app-name ".cfg")))
(with-output-to-file (in-vicinity
lib "defaults/pref/autoconfig.js")
(lambda ()
@@ -786,13 +796,6 @@ (define-public torbrowser
(with-output-to-file (in-vicinity lib config-file)
(lambda ()
(format #t "// first line must be a comment~%")
- (format #t "pref(~s, ~s);~%"
- "extensions.torlauncher.torrc-defaults_path"
- (in-vicinity
- lib "TorBrowser/Data/Tor/torrc-defaults"))
- (format #t "pref(~s, ~s);~%"
- "extensions.torlauncher.tor_path"
- (search-input-file inputs "bin/tor"))
;; Required for Guix packaged extensions
;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
;; Default is 5.
@@ -821,64 +824,40 @@ (define-public torbrowser
(format #t "pref(~s, ~s);~%"
"lightweightThemes.getMoreURL"
"https://gnuzilla.gnu.org/mozzarella"))))))
- (replace 'wrap-program
+ (add-after 'autoconfig 'autoconfig-tor
(lambda* (#:key inputs #:allow-other-keys)
- (let* ((gtk #$(this-package-input "gtk+"))
- (gtk-share (string-append gtk "/share"))
- (fonts.conf (in-vicinity
- #$output
- "lib/torbrowser/fontconfig/fonts.conf"))
- (ld-libs '#$(cons
- (file-append
- (this-package-input "libcanberra")
- "/lib/gtk-3.0/modules")
- (map
- (lambda (label)
- (file-append
- (this-package-input label) "/lib"))
- '("libpng-apng"
- "libxscrnsaver"
- "mesa"
- "pciutils"
- "mit-krb5"
- "eudev"
- "pulseaudio"
- "libnotify")))))
- (wrap-program
- (in-vicinity #$output "lib/torbrowser/torbrowser")
- `("XDG_DATA_DIRS" prefix (,gtk-share))
- `("LD_LIBRARY_PATH" prefix ,ld-libs)
+ (let ((lib (in-vicinity #$output "lib/torbrowser"))
+ (config-file (string-append #$moz-app-name ".cfg")))
+ (let ((port (open-file (in-vicinity lib config-file) "a")))
+ (format port "pref(~s, ~s);~%"
+ "extensions.torlauncher.torrc-defaults_path"
+ (in-vicinity
+ lib "TorBrowser/Data/Tor/torrc-defaults"))
+ (format port "pref(~s, ~s);~%"
+ "extensions.torlauncher.tor_path"
+ (search-input-file inputs "bin/tor"))
+ (close port)))))
+ (add-after 'wrap-program 'wrap-fonts
+ (lambda _
+ (let ((fonts.conf (format #f "~a/lib/~a/fontconfig/fonts.conf"
+ #$output #$moz-app-name)))
+ (wrap-program (format #f "~a/lib/~a/~a"
+ #$output
+ #$moz-app-name #$moz-app-name)
`("FONTCONFIG_FILE" prefix (,fonts.conf))))))
(replace 'install-desktop-entry
(lambda _
(let ((apps (in-vicinity #$output "share/applications")))
(mkdir-p apps)
(make-desktop-entry-file
- (in-vicinity apps "torbrowser.desktop")
- #:name "Tor Browser"
- #:exec
- (format #f "~a %u" (in-vicinity #$output "bin/torbrowser"))
- #:comment
- "Tor Browser is +1 for privacy and -1 for mass surveillance"
+ (string-append apps "/" #$moz-app-name ".desktop")
+ #:name #$moz-app-remotingname
+ #:exec (format #f "~a/bin/~a %u" #$output #$moz-app-name)
#:categories '("Network" "WebBrowser" "Security")
- #:startup-w-m-class "Tor Browser"
- #:icon "tor-browser"))))
- (replace 'install-icons
- (lambda* (#:key inputs #:allow-other-keys)
- (for-each
- (lambda (size)
- (let ((oldpath (string-append
- "browser/branding/tb-release/default"
- size ".png"))
- (newpath (string-append #$output
- "/share/icons/hicolor/"
- size "x" size "/apps")))
- (mkdir-p newpath)
- (copy-file oldpath
- (in-vicinity newpath "tor-browser.png"))))
- '("16" "22" "24" "32" "48" "64" "128" "256"))))))))
+ #:startup-w-m-class #$moz-app-remotingname
+ #:icon #$moz-app-name))))))))
(inputs
- (modify-inputs (package-inputs icecat-minimal)
+ (modify-inputs (package-inputs base)
(append go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
tor-client)))
(propagated-inputs
@@ -892,3 +871,11 @@ (define-public torbrowser
attacks on the privacy of Tor users.")
(license license:mpl2.0))) ;And others, see
;toolkit/content/license.html
+
+(define-public torbrowser
+ (make-torbrowser #:moz-app-name "torbrowser"
+ #:moz-app-remotingname "Tor Browser"
+ #:branding-directory "browser/branding/tb-release"
+ #:assets torbrowser-assets
+ #:locales %torbrowser-locales
+ #:base-browser-version %torbrowser-version))
--
2.41.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser.
2024-01-19 5:49 ` [bug#68577] [PATCH v2 0/2] gnu: Add Mullvad Browser Clément Lassieur
2024-01-19 5:11 ` [bug#68577] [PATCH v2 1/2] gnu: icecat: Improve inheritance Clément Lassieur
@ 2024-01-19 5:12 ` Clément Lassieur
1 sibling, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-19 5:12 UTC (permalink / raw)
To: 68577; +Cc: Clément Lassieur
* gnu/packages/tor.scm (%mullvadbrowser-version,
%mullvadbrowser-firefox-version, %mullvadbrowser-locales,
translation-mullvad-browser, mullvadbrowser-assets, mullvadbrowser-base,
mullvadbrowser): New variables.
Change-Id: Ie6d48823b3794710f60f0ae201a0297925221f66
---
gnu/packages/tor.scm | 132 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 132 insertions(+)
diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
index 8cd806fce9d3..96c4970dc843 100644
--- a/gnu/packages/tor.scm
+++ b/gnu/packages/tor.scm
@@ -879,3 +879,135 @@ (define-public torbrowser
#:assets torbrowser-assets
#:locales %torbrowser-locales
#:base-browser-version %torbrowser-version))
+
+;; To find the last version, look at
+;; https://mullvad.net/en/download/browser/linux.
+(define %mullvadbrowser-version "13.0.7")
+
+;; To find the last Firefox version, browse
+;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version>
+;; There should be only one archive that starts with
+;; "src-firefox-mullvad-browser-".
+(define %mullvadbrowser-firefox-version "115.6.0esr-13.0-1-build1")
+
+;; Use the list in tor-browser-build/rbm.conf.
+(define %mullvadbrowser-locales
+ '("ar" "da" "de" "es-ES" "fa" "fi" "fr" "it" "ja" "ko" "my" "nb-NO" "nl"
+ "pl" "pt-BR" "ru" "sv-SE" "th" "tr" "zh-CN" "zh-TW"))
+
+;; See tor-browser-build/projects/translation/config.
+(define translation-mullvad-browser
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://gitlab.torproject.org/tpo/translation.git")
+ (commit "57de1569da0e2c48fd999a13e555f6b522041993")))
+ (file-name "translation-mullvad-browser")
+ (sha256
+ (base32
+ "1q3979ac92c5mib573hx9w06x3hrfw7r52wzmj9r75sz2hhsmrq3"))))
+
+(define mullvadbrowser-assets
+ ;; This is a prebuilt Mullvad Browser from which we take the assets we need.
+ (package
+ (name "mullvadbrowser-assets")
+ (version %mullvadbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
+ version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1i7vf7cn6s5iajsp4999jpxxn8qblljrrmfs4nswmc2swdmi07gk"))))
+ (arguments
+ (list
+ #:install-plan
+ ''(("Browser" "." #:include-regexp
+ ("^\\./fonts/"
+ "^\\./fontconfig/fonts.conf"
+ ;; Mullvad Browser Extension
+ "^\\./distribution/extensions/\\{d19a89b9-76c1-4a61-bcd4-49e8de916403\\}.xpi"
+ )))))
+ (build-system copy-build-system)
+ (home-page "https://www.torproject.org")
+ (synopsis "Mullvad Browser assets")
+ (description "This package contains fonts and configuration files for
+Mullvad Browser.")
+ (license license:silofl1.1)))
+
+(define mullvadbrowser-base
+ (make-torbrowser #:moz-app-name "mullvadbrowser"
+ #:moz-app-remotingname "Mullvad Browser"
+ #:branding-directory "browser/branding/mb-release"
+ #:assets mullvadbrowser-assets
+ #:locales %mullvadbrowser-locales
+ #:base-browser-version %mullvadbrowser-version))
+
+(define-public mullvadbrowser
+ (package
+ (inherit mullvadbrowser-base)
+ (name "mullvadbrowser")
+ (version %mullvadbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
+ version "/src-firefox-mullvad-browser-"
+ %mullvadbrowser-firefox-version ".tar.xz"))
+ (sha256
+ (base32
+ "1hhmq0sh949vzs3mhh0pmpd2llgw149mv7kzzg2ylj8h2628y0px"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments mullvadbrowser-base)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (add-after 'unpack 'ublock-private-allowed
+ (lambda _
+ (substitute* "toolkit/components/extensions/Extension.sys.mjs"
+ ;; The code that gives the correct permission only applies to
+ ;; distribution add-ons (see installDistributionAddon() in
+ ;; XPIProvider.jsm).
+ (("this.isNoScript")
+ "this.isNoScript || this.id === \"uBlock0@raymondhill.net\""))))
+ ;; See tor-browser-build/projects/firefox/build.
+ (replace 'copy-torbrowser-locales
+ (lambda _
+ (for-each
+ (lambda (lang)
+ (system
+ (format #f "cp -Lr ~a/~a .mozbuild/l10n-central/"
+ #$translation-mullvad-browser lang)))
+ '#$%mullvadbrowser-locales)))
+ (add-before 'build 'fix-profiles
+ ;; Otherwise the profile would change every time the install
+ ;; location changes, that is: at every package update. These
+ ;; values are already the default values for Icecat and Tor
+ ;; Browser.
+ (lambda _
+ (substitute* "browser/moz.configure"
+ (("\"MOZ_DEDICATED_PROFILES\", True")
+ "\"MOZ_DEDICATED_PROFILES\", False")
+ (("\"MOZ_BLOCK_PROFILE_DOWNGRADE\", True")
+ "\"MOZ_BLOCK_PROFILE_DOWNGRADE\", False"))))
+ (add-after 'deploy-fonts 'deploy-extension
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (in-vicinity #$output "lib/mullvadbrowser")))
+ ;; Mullvad Browser Extension (FIXME: package it)
+ (copy-recursively
+ (in-vicinity #$mullvadbrowser-assets "distribution")
+ (in-vicinity lib "distribution")))))
+ (delete 'deploy-tor-assets)
+ (delete 'autoconfig-tor)))))
+ (inputs (package-inputs icecat-minimal))
+ (propagated-inputs
+ (list noscript/icecat
+ ublock-origin/icecat))
+ (home-page "https://mullvad.net/en/browser")
+ (synopsis "Privacy-focused browser")
+ (description "Mullvad Browser is a privacy-focused web browser designed to
+be used with a trustworthy VPN instead of the Tor Network.")))
--
2.41.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 0/2] gnu: Add Mullvad Browser.
2024-01-18 23:14 [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Clément Lassieur
2024-01-18 23:19 ` [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance Clément Lassieur
2024-01-18 23:19 ` [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser Clément Lassieur
@ 2024-01-19 5:49 ` Clément Lassieur
2024-01-19 5:11 ` [bug#68577] [PATCH v2 1/2] gnu: icecat: Improve inheritance Clément Lassieur
2024-01-19 5:12 ` [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser Clément Lassieur
2024-01-22 5:29 ` [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Mark H Weaver
` (2 subsequent siblings)
5 siblings, 2 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-19 5:49 UTC (permalink / raw)
To: 68577; +Cc: Clément Lassieur
Clément Lassieur (2):
gnu: icecat: Improve inheritance.
gnu: Add mullvadbrowser.
gnu/packages/gnuzilla.scm | 66 +++++----
gnu/packages/tor.scm | 303 ++++++++++++++++++++++++++------------
2 files changed, 248 insertions(+), 121 deletions(-)
base-commit: f3fdb4e041cb5740ba0b38b9ad017571f8414d33
prerequisite-patch-id: 2f48ca3016a92bf7652e05c733e346b51cee9c27
--
2.41.0
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser.
2024-01-18 23:14 [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Clément Lassieur
` (2 preceding siblings ...)
2024-01-19 5:49 ` [bug#68577] [PATCH v2 0/2] gnu: Add Mullvad Browser Clément Lassieur
@ 2024-01-22 5:29 ` Mark H Weaver
2024-01-22 10:23 ` Clément Lassieur
2024-01-22 12:10 ` Clément Lassieur
2024-01-25 22:41 ` [bug#68577] [PATCH v2 0/2] Stop inheriting Icecat and add " Clément Lassieur
5 siblings, 1 reply; 29+ messages in thread
From: Mark H Weaver @ 2024-01-22 5:29 UTC (permalink / raw)
To: Clément Lassieur, 68577
Cc: André Batista, Jonathan Brielmaier, Ian Eure
Hi Clément,
Clément Lassieur <clement@lassieur.org> writes:
> Hi, this adds Mullvad Browser, which is a privacy-focused web browser based on
> Firefox and done in collaboration with the Tor Browser folk.
>
> There is a commit to improve inheritance, so that the other one, the real one,
> is short.
I'd prefer for Mullvad to have its own package definition that does not
inherit from IceCat. The issue from my perspective is that I don't want
to be compelled to coordinate with you every time I make a nontrivial
update to IceCat.
Thanks,
Mark
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser.
2024-01-18 23:19 ` [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser Clément Lassieur
@ 2024-01-22 5:57 ` Mark H Weaver
2024-01-22 6:15 ` Mark H Weaver
2024-01-22 10:33 ` Clément Lassieur
0 siblings, 2 replies; 29+ messages in thread
From: Mark H Weaver @ 2024-01-22 5:57 UTC (permalink / raw)
To: Clément Lassieur, 68577
Cc: André Batista, Jonathan Brielmaier, Ian Eure
Hi Clément,
Clément Lassieur <clement@lassieur.org> writes:
> +(define-public mullvadbrowser-assets
> + ;; This is a prebuilt Mullvad Browser from which we take the assets we need.
> + (package
> + (name "mullvadbrowser-assets")
> + (version %mullvadbrowser-version)
> + (source
> + (origin
> + (method url-fetch)
> + (uri
> + (string-append
> + "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
> + version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
> + (sha256
> + (base32
> + "1i7vf7cn6s5iajsp4999jpxxn8qblljrrmfs4nswmc2swdmi07gk"))))
> + (arguments
> + (list
> + #:install-plan
> + ''(("Browser" "." #:include-regexp
> + ("^\\./fonts/"
> + "^\\./fontconfig/fonts.conf"
> + ;; Mullvad Browser Extension
> + "^\\./distribution/extensions/\\{d19a89b9-76c1-4a61-bcd4-49e8de916403\\}.xpi"
> + )))))
> + (build-system copy-build-system)
> + (home-page "https://www.torproject.org")
> + (synopsis "Mullvad Browser assets")
> + (description "This package contains fonts and configuration files for
> +Mullvad Browser.")
> + (license license:silofl1.1)))
Guix packages should, wherever feasible, avoid using components from
pre-built binary distributions. Each required font family should be
added as a separate Guix package following our conventions for font
packages. As for the configuration files: how about distributing them
separately, or as part of the Mullvad source distribution?
Thanks,
Mark
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance.
2024-01-18 23:19 ` [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance Clément Lassieur
@ 2024-01-22 6:09 ` Mark H Weaver
2024-01-22 11:25 ` Clément Lassieur
2024-01-22 18:42 ` André Batista
0 siblings, 2 replies; 29+ messages in thread
From: Mark H Weaver @ 2024-01-22 6:09 UTC (permalink / raw)
To: Clément Lassieur, 68577
Cc: André Batista, Jonathan Brielmaier, Ian Eure
Hi Clément,
I see now that in November, you added 'torbrowser', which inherits from
'icecat-minimal'.
> commit 756ba0429e84ee0f8ce30484439b78c00c61d286
> Author: Clément Lassieur <clement@lassieur.org>
> Date: Sun Nov 12 02:23:27 2023 +0100
>
> gnu: Add torbrowser.
>
> * gnu/packages/tor.scm (torbrowser): New variable.
> (torbrowser-assets): New variable.
> * gnu/packages/browser-extensions.scm (noscript): New variable.
> (noscript/icecat): New variable.
>
> Co-authored-by: André Batista <nandre@riseup.net>
> Change-Id: I73dc53905e4a028108bb34aae07e44256cf16c85
Did you consult me on this change? I don't remember seeing anything
about this in my mailbox.
This change concerns me, because it compels me to coordinate with you
when making nontrivial IceCat updates. As things stand now, it seems
that the 'icecat' and 'torbrowser' packages must be updated together,
in lock step.
Also, do 'torbrowser' and 'mullvad' both comply with the requirements of
the GNU FSDG? For example, do they support EME? Do they steer the user
to nonfree software, e.g. nonfree addons.
Thanks,
Mark
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser.
2024-01-22 5:57 ` Mark H Weaver
@ 2024-01-22 6:15 ` Mark H Weaver
2024-01-22 11:41 ` Clément Lassieur
2024-01-22 10:33 ` Clément Lassieur
1 sibling, 1 reply; 29+ messages in thread
From: Mark H Weaver @ 2024-01-22 6:15 UTC (permalink / raw)
To: Clément Lassieur, 68577
Cc: André Batista, Jonathan Brielmaier, Ian Eure
Earlier, I wrote:
> Guix packages should, wherever feasible, avoid using components from
> pre-built binary distributions. Each required font family should be
> added as a separate Guix package following our conventions for font
> packages. As for the configuration files: how about distributing them
> separately, or as part of the Mullvad source distribution?
These comments apply to 'torbrowser-assets' as well, which I only just
found out about.
Mark
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser.
2024-01-22 5:29 ` [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Mark H Weaver
@ 2024-01-22 10:23 ` Clément Lassieur
0 siblings, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-22 10:23 UTC (permalink / raw)
To: Mark H Weaver; +Cc: André Batista, 68577, Jonathan Brielmaier, Ian Eure
On Mon, Jan 22 2024, Mark H Weaver wrote:
> Hi Clément,
>
> Clément Lassieur <clement@lassieur.org> writes:
>
>> Hi, this adds Mullvad Browser, which is a privacy-focused web browser based on
>> Firefox and done in collaboration with the Tor Browser folk.
>>
>> There is a commit to improve inheritance, so that the other one, the real one,
>> is short.
>
> I'd prefer for Mullvad to have its own package definition that does not
> inherit from IceCat. The issue from my perspective is that I don't want
> to be compelled to coordinate with you every time I make a nontrivial
> update to IceCat.
Sure, no problem. That will make things easier.
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser.
2024-01-22 5:57 ` Mark H Weaver
2024-01-22 6:15 ` Mark H Weaver
@ 2024-01-22 10:33 ` Clément Lassieur
1 sibling, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-22 10:33 UTC (permalink / raw)
To: Mark H Weaver; +Cc: André Batista, 68577, Jonathan Brielmaier, Ian Eure
On Mon, Jan 22 2024, Mark H Weaver wrote:
> Hi Clément,
>
> Clément Lassieur <clement@lassieur.org> writes:
>
>> +(define-public mullvadbrowser-assets
>> + ;; This is a prebuilt Mullvad Browser from which we take the assets we need.
>> + (package
>> + (name "mullvadbrowser-assets")
>> + (version %mullvadbrowser-version)
>> + (source
>> + (origin
>> + (method url-fetch)
>> + (uri
>> + (string-append
>> + "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
>> + version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
>> + (sha256
>> + (base32
>> + "1i7vf7cn6s5iajsp4999jpxxn8qblljrrmfs4nswmc2swdmi07gk"))))
>> + (arguments
>> + (list
>> + #:install-plan
>> + ''(("Browser" "." #:include-regexp
>> + ("^\\./fonts/"
>> + "^\\./fontconfig/fonts.conf"
>> + ;; Mullvad Browser Extension
>> + "^\\./distribution/extensions/\\{d19a89b9-76c1-4a61-bcd4-49e8de916403\\}.xpi"
>> + )))))
>> + (build-system copy-build-system)
>> + (home-page "https://www.torproject.org")
>> + (synopsis "Mullvad Browser assets")
>> + (description "This package contains fonts and configuration files for
>> +Mullvad Browser.")
>> + (license license:silofl1.1)))
>
> Guix packages should, wherever feasible, avoid using components from
> pre-built binary distributions. Each required font family should be
> added as a separate Guix package following our conventions for font
> packages.
Not feasible in this case, because fonts are used for fingerprinting.
We need to make sure they are identical to upstream fonts.
We should do the same to Icecat by the way.
> As for the configuration files: how about distributing them
> separately, or as part of the Mullvad source distribution?
What's the issue?
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance.
2024-01-22 6:09 ` Mark H Weaver
@ 2024-01-22 11:25 ` Clément Lassieur
2024-01-22 18:42 ` André Batista
1 sibling, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-22 11:25 UTC (permalink / raw)
To: Mark H Weaver; +Cc: André Batista, 68577, Jonathan Brielmaier, Ian Eure
On Mon, Jan 22 2024, Mark H Weaver wrote:
> Hi Clément,
>
> I see now that in November, you added 'torbrowser', which inherits from
> 'icecat-minimal'.
>
>> commit 756ba0429e84ee0f8ce30484439b78c00c61d286
>> Author: Clément Lassieur <clement@lassieur.org>
>> Date: Sun Nov 12 02:23:27 2023 +0100
>>
>> gnu: Add torbrowser.
>>
>> * gnu/packages/tor.scm (torbrowser): New variable.
>> (torbrowser-assets): New variable.
>> * gnu/packages/browser-extensions.scm (noscript): New variable.
>> (noscript/icecat): New variable.
>>
>> Co-authored-by: André Batista <nandre@riseup.net>
>> Change-Id: I73dc53905e4a028108bb34aae07e44256cf16c85
>
> Did you consult me on this change? I don't remember seeing anything
> about this in my mailbox.
Well
- You didn't reply to
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=66408, which was an
Icecat substantial change, sent on October 8.
- It took you 50 days to reply to
https://lists.gnu.org/archive/html/gnuzilla-dev/2023-11/index.html
(And it's not like this mailing list was full of messages.)
- My Tor Browser work was started and pushed before I got your first
reply.
- The Tor Browser thread is from 2020, so you had plenty of time to look
at it.
- You are not on the Mozilla Team:
https://git.savannah.gnu.org/cgit/guix.git/tree/etc/teams.scm.
So I believe it's perfectly understandable that at that time (Novembre -
December 2023) I didn't think it was worth CCing you.
Please note: now that you have replied to me at least once, I'm CCing
you again for the Mullvad work.
> This change concerns me, because it compels me to coordinate with you
> when making nontrivial IceCat updates. As things stand now, it seems
> that the 'icecat' and 'torbrowser' packages must be updated together,
> in lock step.
In common, we have:
- the translation packages
- a few phases
And we are both ESR based. I don't worry too much about it and worst
case scenario is I'll use our own translation SHA.
That being said, I'm convinced that it's better (at least for Tor
Browser and Mullvad Browser) to not inherit the Icecat package.
> Also, do 'torbrowser' and 'mullvad' both comply with the requirements of
> the GNU FSDG?
I think so, if you think there is something else to do to comply, please
inform us.
> For example, do they support EME?
Of course not.
> Do they steer the user to nonfree software, e.g. nonfree addons.
No.
Well I should probably get rid of Mozzarella because there is a non-free
software there and it looks unmaintained.
https://lists.gnu.org/archive/html/bug-gnuzilla/2024-01/msg00000.html
https://gitlab.trisquel.org/joeall/mozzarella
>
> Thanks,
> Mark
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser.
2024-01-22 6:15 ` Mark H Weaver
@ 2024-01-22 11:41 ` Clément Lassieur
0 siblings, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-22 11:41 UTC (permalink / raw)
To: Mark H Weaver; +Cc: André Batista, 68577, Jonathan Brielmaier, Ian Eure
On Mon, Jan 22 2024, Mark H Weaver wrote:
> Earlier, I wrote:
>> Guix packages should, wherever feasible, avoid using components from
>> pre-built binary distributions. Each required font family should be
>> added as a separate Guix package following our conventions for font
>> packages. As for the configuration files: how about distributing them
>> separately, or as part of the Mullvad source distribution?
>
> These comments apply to 'torbrowser-assets' as well, which I only just
> found out about.
As said in the other email, the way Icecat is handling fonts is very bad
for fingerprinting, and I believe we should either do it the Tor Browser
way or remove the part about Fingerprinting countermeasures there:
https://www.gnu.org/software/gnuzilla/.
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser.
2024-01-18 23:14 [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Clément Lassieur
` (3 preceding siblings ...)
2024-01-22 5:29 ` [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Mark H Weaver
@ 2024-01-22 12:10 ` Clément Lassieur
2024-01-25 22:41 ` [bug#68577] [PATCH v2 0/2] Stop inheriting Icecat and add " Clément Lassieur
5 siblings, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-22 12:10 UTC (permalink / raw)
To: 68577; +Cc: André Batista, Mark H Weaver, Jonathan Brielmaier, Ian Eure
On Fri, Jan 19 2024, Clément Lassieur wrote:
> Hi, this adds Mullvad Browser, which is a privacy-focused web browser based on
> Firefox and done in collaboration with the Tor Browser folk.
>
> There is a commit to improve inheritance, so that the other one, the real one,
> is short.
>
> Clément Lassieur (2):
> gnu: icecat: Improve inheritance.
So I'll change this patch into a patch that doesn't inherit Icecat
anymore. I'll use this opportunity to get closer to the Tor build
process. This will take some time.
> gnu: Add mullvad-browser.
This patch shouldn't change, but depends on the first one.
> gnu/packages/gnuzilla.scm | 66 +++++----
> gnu/packages/tor.scm | 302 ++++++++++++++++++++++++++------------
> 2 files changed, 247 insertions(+), 121 deletions(-)
>
>
> base-commit: 551d013a56bf7d22bac80e0fd21d971973c3cf6f
> prerequisite-patch-id: 228872879442058215f5282bf3ff749af09d9923
> prerequisite-patch-id: 8f111ffb19ff559001251fb9e21aa8dc889d4767
Thanks,
Clément
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance.
2024-01-22 6:09 ` Mark H Weaver
2024-01-22 11:25 ` Clément Lassieur
@ 2024-01-22 18:42 ` André Batista
2024-02-03 19:28 ` Mark H Weaver
1 sibling, 1 reply; 29+ messages in thread
From: André Batista @ 2024-01-22 18:42 UTC (permalink / raw)
To: Mark H Weaver; +Cc: 68577, Jonathan Brielmaier, Clément Lassieur, Ian Eure
Hi Mark,
seg 22 jan 2024 às 01:09:21 (1705896561), mhw@netris.org enviou:
> Hi Clément,
>
> I see now that in November, you added 'torbrowser', which inherits from
> 'icecat-minimal'.
>
> > commit 756ba0429e84ee0f8ce30484439b78c00c61d286
> > Author: Clément Lassieur <clement@lassieur.org>
> > Date: Sun Nov 12 02:23:27 2023 +0100
> >
> > gnu: Add torbrowser.
> >
> > * gnu/packages/tor.scm (torbrowser): New variable.
> > (torbrowser-assets): New variable.
> > * gnu/packages/browser-extensions.scm (noscript): New variable.
> > (noscript/icecat): New variable.
> >
> > Co-authored-by: André Batista <nandre@riseup.net>
> > Change-Id: I73dc53905e4a028108bb34aae07e44256cf16c85
>
> Did you consult me on this change? I don't remember seeing anything
> about this in my mailbox.
>
> This change concerns me, because it compels me to coordinate with you
> when making nontrivial IceCat updates. As things stand now, it seems
> that the 'icecat' and 'torbrowser' packages must be updated together,
> in lock step.
>
> Also, do 'torbrowser' and 'mullvad' both comply with the requirements of
> the GNU FSDG? For example, do they support EME? Do they steer the user
> to nonfree software, e.g. nonfree addons.
Considering I was cc'ed and part of the thread that led to that patch,
I'll consider myself invited to give a piece of my mind on your
comments.
First things first: when I sent the very first version of this patch, I
didn't use inheritance anywhere and it was actually suggested to me as
an improvement over what I had done[1]. I agreed to it and changed my
patch to inherit from Icecat. Way later, Clément followed on the same
reasoning and previous discussions on the thread. No one opposed it.
Looking back, it is true I should have probably known better and have you
cc'ed right from the start. My code was heavily based on / similar to
Icecat's package definition and so it made sense to avoid duplication.
I didn't know and did not care to look who were the contributors to
Icecat's definition. I see now that I was careless and that my behaviour
could be seen as disrespectful. No disrespect was intended, but I
certainly could have done better and I do apologize for my shortcomings.
Clément's rescue of that thread was a lesson to me in that they made an
effort to put forward all previous work and give clear attribution to
others[2]. I was certainly glad they cc'ed me and gave me attribution
even though I think it would have been legitimate if they had done
otherwise since their code was sufficiently distinct from mine.
Now, do you believe me when I say that there was no ill will towards you
or others?
I ask this because your last comments strike me on the opposite sense.
Risking to add insult to injury, but in the hopes of gaining your help,
I'd say that your comments appear to be assuming ill intention on our
part towards you and somewhat belittle you at the same time.
Why do you assume to be compelled to do anything if you were not even
cc'ed? As things stand, my assumption here is that the burden would be
on us to either ask you directly or to keep a close eye on any changes
done to Icecat. IMO, you certainly wouldn't be to blame if you changed
something on Icecat and torbrowser/mullvad/librewolf had some issue. We
would.
You have put a very good point in saying that it could be better for us
to disentangle those packages to avoid future surprises and lessen
maintainance burden, but the way you wrote it seemed to imply that we
were trying to forcefully push work upon you, with little evidence of
that being the case.
On the other hand, would it really be that much of added work if we were
to ask you to copy us when proposing some changes to Icecat? Would it be
presumptuous or forceful to ask that? In my view it wouldn't as it also
wouldn't be any obligation of yours to comply with it. If you said: "I'll
try to remeber, but cannot guarantee it, so do your part and keep an eye
on Icecat", that would've been fine to me at least.
More than that, it suprises me that after discovering these threads and
having a good amount of knowledge on building Icecat you've decided to
just lash out on us, instead of trying to be of help, reviewing the
proposed patches or letting we learn from our short-sightedness the hard
way.
Maybe you have too much on your plate already, maybe you thought we were
neglectful, irresponsible. Maybe past experiences made you say what you
said. Whatever it is, I feel your approach to it was a bit antagonistic
towards us for the reasons I've put above. You are not compelled to
answer me nor to give any thought to my feelings. You owe me nothing.
However, I know your help would be more valuable to guixen than mine,
were you willing and in a situation to do so. So please, if possible,
help us out. If not, please take care not to put others down or against
you. Even the ablest of programmers can benefit from the good will of
those of lesser abilities. At least that's what I believe and what I
wanted to communicate to you here in the hopes to have a net gain for us
all.
Kind regards,
1. https://lists.gnu.org/archive/html/guix-patches/2020-09/msg00261.html
2. https://lists.gnu.org/archive/html/guix-patches/2023-12/msg00669.html
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 0/2] Stop inheriting Icecat and add Mullvad Browser.
2024-01-18 23:14 [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Clément Lassieur
` (4 preceding siblings ...)
2024-01-22 12:10 ` Clément Lassieur
@ 2024-01-25 22:41 ` Clément Lassieur
2024-01-25 22:54 ` [bug#68577] [PATCH v2 1/2] gnu: torbrowser: Stop inheriting Icecat Clément Lassieur
` (2 more replies)
5 siblings, 3 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-25 22:41 UTC (permalink / raw)
To: 68577, Clément Lassieur, Mark H Weaver, André Batista,
Jonathan Brielmaier, Ian Eure
I put the whole work into tor-browsers.scm. The idea is that all browsers
there should reproduce as much as possible Tor's way of building browsers.
This is the first step: a mere copy from the Icecat package.
The second step will be a cleanup to mimic as much as possible Tor's build.
Clément Lassieur (2):
gnu: torbrowser: Stop inheriting Icecat.
gnu: Add mullvadbrowser.
gnu/local.mk | 3 +-
gnu/packages/gnupg.scm | 3 +-
gnu/packages/tor-browsers.scm | 1001 +++++++++++++++++++++++++++++++++
gnu/packages/tor.scm | 463 ---------------
4 files changed, 1005 insertions(+), 465 deletions(-)
create mode 100644 gnu/packages/tor-browsers.scm
base-commit: 2d83a25450d4b820c13d52152e5e9f1bbfb5d985
prerequisite-patch-id: 7b470e111865c59d82b8a91440f4863df64ba481
--
2.41.0
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 1/2] gnu: torbrowser: Stop inheriting Icecat.
2024-01-25 22:41 ` [bug#68577] [PATCH v2 0/2] Stop inheriting Icecat and add " Clément Lassieur
@ 2024-01-25 22:54 ` Clément Lassieur
2024-02-01 23:46 ` André Batista
2024-01-25 22:55 ` [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser Clément Lassieur
2024-02-04 1:48 ` [bug#68577] [PATCH v3] " Clément Lassieur
2 siblings, 1 reply; 29+ messages in thread
From: Clément Lassieur @ 2024-01-25 22:54 UTC (permalink / raw)
To: 68577, Clément Lassieur, Mark H Weaver, André Batista,
Jonathan Brielmaier, Ian Eure
* gnu/local.mk (GNU_SYSTEM_MODULES): Add packages/tor-browsers.scm.
* gnu/packages/gnupg.scm: Remove fix for dependency loop (fixed because we use
a new file).
* gnu/packages/tor-browsers.scm (mozilla-locale, mozilla-locales,
%torbrowser-locales, %moz-build-date, %torbrowser-version,
%torbrowser-firefox-version, translation-base-browser,
translation-tor-browser, torbrowser-assets, torbrowser): New variables.
(make-torbrowser): New procedure, which is a merge of ‘make-torbrowser’ (from
tor.scm) with ‘icecat-minimal’ (from gnuzilla.scm).
* gnu/packages/tor.scm (%moz-build-date, %torbrowser-version,
%torbrowser-firefox-version, %torbrowser-locales, translation-base-browser,
translation-tor-browser, torbrowser-assets, torbrowser): Remove variables.
Change-Id: I5fcf73e53fe4481a18e13cdeb3515c3dc4430090
---
gnu/local.mk | 3 +-
gnu/packages/gnupg.scm | 3 +-
gnu/packages/tor-browsers.scm | 839 ++++++++++++++++++++++++++++++++++
gnu/packages/tor.scm | 463 -------------------
4 files changed, 843 insertions(+), 465 deletions(-)
create mode 100644 gnu/packages/tor-browsers.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index 3d1afd4555a6..ca559ff7bb49 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -13,7 +13,7 @@
# Copyright © 2016-2023 Efraim Flashner <efraim@flashner.co.il>
# Copyright © 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
# Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
-# Copyright © 2017, 2018, 2023 Clément Lassieur <clement@lassieur.org>
+# Copyright © 2017, 2018, 2023, 2024 Clément Lassieur <clement@lassieur.org>
# Copyright © 2017, 2020 Mathieu Othacehe <m.othacehe@gmail.com>
# Copyright © 2017, 2018, 2019 Gábor Boskovits <boskovits@gmail.com>
# Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net>
@@ -629,6 +629,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/tls.scm \
%D%/packages/tmux.scm \
%D%/packages/toolkits.scm \
+ %D%/packages/tor-browsers.scm \
%D%/packages/tor.scm \
%D%/packages/tree-sitter.scm \
%D%/packages/tv.scm \
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index a6ba57d7f302..171eea6600dd 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -71,6 +71,7 @@ (define-module (gnu packages gnupg)
#:use-module (gnu packages swig)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages tls)
+ #:use-module (gnu packages tor)
#:use-module (gnu packages web)
#:use-module (gnu packages xorg)
#:use-module (gnu packages xdisorg)
@@ -1129,7 +1130,7 @@ (define-public parcimonie
perl-try-tiny
perl-type-tiny
perl-types-path-tiny
- (@ (gnu packages tor) torsocks))) ;avoid dependency loop
+ torsocks))
(native-inputs
(list perl-file-which
perl-gnupg-interface
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
new file mode 100644
index 000000000000..0355409a631a
--- /dev/null
+++ b/gnu/packages/tor-browsers.scm
@@ -0,0 +1,839 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013-2022 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019, 2021 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
+;;; Copyright © 2017, 2023, 2024 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018, 2020 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020, 2022 Marius Bakke <marius@gnu.org>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
+;;; Copyright © 2021, 2022, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021 Baptiste Strazzul <bstrazzull@hotmail.fr>
+;;; Copyright © 2022 SeerLite <seerlite@disroot.org>
+;;; Copyright © 2024 Aleksandr Vityazev <avityazew@gmail.com>
+;;; Copyright © 2020, 2021 André Batista <nandre@riseup.net>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages tor-browsers)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages browser-extensions)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages golang)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages tor)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg)
+ #:use-module (gnu packages)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system copy)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system mozilla)
+ #:use-module (guix download)
+ #:use-module (guix gexp)
+ #:use-module (guix git-download)
+ #:use-module (guix hg-download)
+ #:use-module (guix packages)
+ #:use-module (ice-9 regex)
+ #:use-module (guix utils))
+
+(define (mozilla-locale locale changeset hash-string)
+ (origin
+ (method hg-fetch)
+ (uri (hg-reference
+ (url (string-append "https://hg.mozilla.org/l10n-central/"
+ locale))
+ (changeset changeset)))
+ (file-name (string-append "mozilla-locale-" locale))
+ (sha256 (base32 hash-string))))
+
+(define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
+ #~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
+ ...))
+
+;; See tor-browser-build/rbm.conf for the list.
+;; See browser/locales/l10n-changesets.json for the changeset.
+;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
+(define %torbrowser-locales
+ (mozilla-locales
+ ;; sha256 changeset locale
+ ;;---------------------------------------------------------------------------
+ ("14wnjv13alaj04pd8i8ysillbr3ic2jqa867rbj5ncz8h4hxxfxc" "4c7e24ef78bd" "ar")
+ ("0mcc15n3p7yk4zdbr3na2fm7wq2184mbcrkk3cvppkl6p4k8654d" "24d50653ab5c" "ca")
+ ("0ray22hdb3nrv2yi5z98cvbmpk9kpsv96a8wzad5dr4sxy44ii0d" "0d96b6b04bfb" "cs")
+ ("0is7qbykv2pj0z9ll9r35vwjp0x29vmfr10yjl3s0amfaqzjqpqc" "0a0b774407cc" "da")
+ ("0yq7m4v7d7ayg90m66j73mflrnp709qw9n7skhpsl9h1wbhrd7q7" "633986260777" "de")
+ ("19g2ha32syq6rjcyl4ypmy7sc9w7xkvrpkic5lfc2yja6ll9116p" "e2f2d1541e38" "el")
+ ("018qi9zn24kzfcidsj9lbqfg5n97r295yr8fs953nyfdbim9jsfv" "accf5e4506c0" "es-ES")
+ ("11prhmh2cp95dpv6z0k479mb11zbfm541bvigs3gnkh3nazjvc8q" "37aa71d77cb6" "fa")
+ ("1lv9l98q88ixb0ph970yzphahgzbl97x0w069bkxa54kblkv1ch1" "dc40a4fd5d0e" "fi")
+ ("0wx4k7mwhvpv5w0wa4y5pca2q3jac62jv804nxqnfwh1bvi90wv0" "415c1f0e84bd" "fr")
+ ("17j68a6rbaphfcq38mgz6s1076fyy92fk0ldw8igql6gd85qjlaa" "d271f275cf48" "ga-IE")
+ ("0b7qdayljb4ryyqgalvi626lzg238gyn03m3a2f7afs9zi6px526" "46f8d7c031a6" "he")
+ ("14xbrzvc09fcp7qzllb65nis27hkg9pg5615y29xzwiz4g090my1" "086ac0260d6b" "hu")
+ ("0q5s4iz02xgmbw6nnpg6xg4pwz7n55nvxb9mj8vqdakq3faybbd5" "f03a6b3069a5" "id")
+ ("1lwklx3nkm56420xc3kbg892jm2b6202sjw33nvv766sm9hbvcap" "5c4b61165e1d" "is")
+ ("1n7l5idw9399n8ih1r1d6m8vzpzhwmnxmr9i7jvygkdc8d6adp1k" "07d5e1ff5f9b" "it")
+ ("1w6nw9cd92p1ndy82wwlq9xizyq3i8rq0nj7118gbxbx368mk2kj" "e6f9db9ce3e6" "ja")
+ ("1js99gbyc1dj33xc425wb08s1aw3bfznaacrqhw3l42yw1g1ghy4" "a15eb9feea2c" "ka")
+ ("116a8s0k2yvijy7qf0xpqm5w66gdzs32jhc06364sdar5v34lyhh" "805b85981696" "ko")
+ ("1yrjrhmmd0b810kxryja1j1md3rr2zpn1j9cbg05dgp5s8i89psk" "943a26276832" "lt")
+ ("08zccz7gflzpr20y0hvhmdsiz6ncags39kh83cay5ivchyib5qbi" "fbef80de5499" "mk")
+ ("100k4ibpwys9i4ghi5xvmgwr9api67ngav2hvb613rj6hdfd57f7" "20ec0915ec35" "ms")
+ ("0kk3cjlpghbi7j3ndb2s0c7g838fzd2mpzg01bp0cra8lzd0n2ac" "4ab6f0d05aa6" "my")
+ ("1i3r2ici95mazw07m2mrf192fc6bfa3x6j3c2pcc1zg7z9srihgh" "561b0cd86ec1" "nb-NO")
+ ("1c0m8jhn52h1dif5bswrdwrlzppgga01y61wlii4aaaw15imd6yd" "2a55df0cc389" "nl")
+ ("1gssvg306b80drp7kvc35kvcxwldb5sga0bapaxhv362irq1nya8" "a64a7dab01c4" "pl")
+ ("1dzh13x85a7src8szbrq5pjmrbak4isln9xdwjk7a1yq4g9h7jgs" "33bf2a9f4c49" "pt-BR")
+ ("0jx9y7fv44wxqapmcgr924wgb1l5cm95bgpmnhnjchp1zpmyfdl5" "a367feeadd33" "ro")
+ ("09x2jirf04kgc118a70z0xrb3msbm7vr4f41ig4xrwf2s5b816r3" "528b76d6aaca" "ru")
+ ("02y898f0ncjwka474r9lw361b0kywx1w56hj09i7im4j5jrsjnh1" "fa28d9d79cd3" "sq")
+ ("1cyimbd42aaq2amyhdbbx26jwsns77lsfl8g9a70bsjlpwzwzryg" "cc8e8962e59c" "sv-SE")
+ ("03mqrvcal7i172gf9239q9fnynfp5kg9b3r1w8gr9iz7rkr22gw5" "d361502c559e" "th")
+ ("12srgqkqwaidcwbz0y7zr59165f7aq5k5s3b81ql7ixdbwia91pm" "f6173aca4762" "tr")
+ ("1d91gfx5p6wyb455syw0b57wxl1sd4b4kcdvfk92pb050rqaqfgv" "c5ad4d4f70eb" "uk")
+ ("1dj8q2jw60a184f018jyldl51rfmvz1cndz3kbw0cc5l5sli7hwr" "0e75c226763d" "vi")
+ ("1dl2dpif4wwrlpx7zkz5qf8kk4vhxyf63016xcfpbhxizqqwc1ki" "df2d025ed631" "zh-CN")
+ ("1c63ngff9lsc1x3pi6lnkyxw19gdc65yc67p7alzvrka3cv292ia" "11f8d68148a4" "zh-TW")))
+
+;; Must be of the form YYYYMMDDhhmmss as in `date +%Y%m%d%H%M%S`.
+(define %moz-build-date "20240123154553")
+
+;; To find the last version, look at https://www.torproject.org/download/.
+(define %torbrowser-version "13.0.9")
+
+;; To find the last Firefox version, browse
+;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
+;; There should be only one archive that starts with
+;; "src-firefox-tor-browser-".
+(define %torbrowser-firefox-version "115.7.0esr-13.0-1-build1")
+
+;; See tor-browser-build/projects/translation/config.
+(define translation-base-browser
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://gitlab.torproject.org/tpo/translation.git")
+ (commit "cbd9b6c415ec2edb99237ef67ccd4f033a7b9c2a")))
+ (file-name "translation-base-browser")
+ (sha256
+ (base32
+ "103dj1zzc68gxzjxwcpc4sbc6qca4zg8kkhdivzpq37ma07sp9sf"))))
+
+;; See tor-browser-build/projects/translation/config.
+(define translation-tor-browser
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://gitlab.torproject.org/tpo/translation.git")
+ (commit "767ab5111f065b82151275775af5ecf7a529ef48")))
+ (file-name "translation-tor-browser")
+ (sha256
+ (base32
+ "034s0ivbama497xq0904q8p6d7n2f2aa2vn2jcs9g4bvmhgwicw4"))))
+
+(define torbrowser-assets
+ ;; This is a prebuilt Torbrowser from which we take the assets we need.
+ (package
+ (name "torbrowser-assets")
+ (version %torbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/torbrowser/"
+ version "/tor-browser-linux-x86_64-" version ".tar.xz"))
+ (sha256
+ (base32
+ "0j143r24xzmq38nd5z1xqsa9zp35lws9rvlj6hb9xn3dnl67gh59"))))
+ (arguments
+ (list
+ #:install-plan
+ ''(("Browser" "." #:include-regexp
+ ("^\\./TorBrowser/Data/Tor/torrc-defaults"
+ "^\\./fonts/"
+ "^\\./fontconfig/fonts.conf")))))
+ (build-system copy-build-system)
+ (home-page "https://www.torproject.org")
+ (synopsis "Tor Browser assets")
+ (description "This package contains fonts and configuration files for Tor
+Browser.")
+ (license license:silofl1.1)))
+
+(define* (make-torbrowser #:key
+ moz-app-name
+ moz-app-remotingname
+ branding-directory
+ assets
+ locales
+ base-browser-version)
+ (package
+ (name "torbrowser")
+ (version %torbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/torbrowser/"
+ version "/src-firefox-tor-browser-" %torbrowser-firefox-version
+ ".tar.xz"))
+ (sha256
+ (base32
+ "0h05js9j1drzw5q98nlphsmvlp1k2a71z5jd06xk6pz29w6322pw"))))
+ (build-system mozilla-build-system)
+ (inputs
+ (list go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
+ tor-client
+ alsa-lib
+ bzip2
+ cups
+ dbus-glib
+ gdk-pixbuf
+ glib
+ gtk+
+ ;; UNBUNDLE-ME! graphite2
+ cairo
+ pango
+ freetype
+ ;; UNBUNDLE-ME! harfbuzz
+ libcanberra
+ libgnome
+ libjpeg-turbo
+ libpng-apng
+ ;; UNBUNDLE-ME! libogg
+ ;; UNBUNDLE-ME! libtheora ; wants theora-1.2, not yet released
+ ;; UNBUNDLE-ME! libvorbis
+ libxft
+ libevent
+ libxinerama
+ libxscrnsaver
+ libxcomposite
+ libxt
+ libffi
+ ;; Support for FFmpeg 6 was only added in version 112 (see:
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
+ ffmpeg-5
+ libvpx
+ (force (@@ (gnu packages gnuzilla) icu4c-73-promise))
+ pixman
+ pulseaudio
+ mesa
+ pciutils
+ mit-krb5
+ hunspell
+ libnotify
+ nspr
+ ;; UNBUNDLE-ME! nss (pending upgrade of 'nss' to 3.90 or later)
+ shared-mime-info
+ sqlite
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs
+ (list
+ rust
+ `(,rust "cargo")
+ rust-cbindgen-0.24
+ llvm-15
+ clang-15
+ perl
+ node-lts
+ python-wrapper
+ yasm
+ nasm ; XXX FIXME: only needed on x86_64 and i686
+ pkg-config
+ m4
+ which))
+ (arguments
+ (list
+ #:tests? #f ;not worth the cost
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f
+
+ #:configure-flags
+ #~(list
+ "--without-relative-data-dir" ;store is read-only
+ "--disable-base-browser-update"
+ ;; Default is "default", which is the same as "nightly".
+ "--enable-update-channel=release"
+ ;; This is useless right now but it might be used in the future.
+ ;; (See nsAppFileLocationProvider.cpp.)
+ (string-append "--with-user-appdir=." #$moz-app-name)
+ (string-append "--with-branding=" #$branding-directory)
+ (string-append "--prefix=" #$output)
+ (string-append "--with-base-browser-version="
+ #$base-browser-version)
+
+ "--enable-application=browser"
+ "--with-distribution-id=org.gnu"
+ "--enable-geckodriver"
+ ;; Do not require addons in the global app or system directories to
+ ;; be signed by Mozilla.
+ "--with-unsigned-addon-scopes=app,system"
+ "--allow-addon-sideload"
+
+ "--enable-pulseaudio"
+
+ "--disable-tests"
+ "--disable-updater"
+ "--disable-crashreporter"
+ ;; The --disable-eme option is not available on aarch64.
+ #$(if (target-aarch64?) "" "--disable-eme")
+
+ ;; Building with debugging symbols takes ~5GiB, so disable it.
+ "--disable-debug"
+ "--disable-debug-symbols"
+
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--disable-elf-hack"
+
+ ;; Clang is needed to build Stylo, Mozilla's new CSS engine. We must
+ ;; specify the clang paths manually, because otherwise the Mozilla
+ ;; build system looks in the directories returned by llvm-config
+ ;; --bindir and llvm-config --libdir, which return paths in the llvm
+ ;; package where clang is not found.
+ (string-append "--with-clang-path="
+ (search-input-file %build-inputs "bin/clang"))
+ (string-append "--with-libclang-path="
+ (dirname (search-input-file %build-inputs
+ "lib/libclang.so")))
+
+ ;; Hack to work around missing "unofficial" branding in icecat.
+ "--enable-official-branding"
+
+ ;; TODO: Add support for wasm sandboxed libraries.
+ "--without-wasm-sandboxed-libraries"
+
+ ;; Avoid bundled libraries.
+ "--with-system-jpeg" ;must be libjpeg-turbo
+ "--with-system-png" ;must be libpng-apng
+ "--with-system-zlib"
+ ;; UNBUNDLE-ME! "--with-system-bz2"
+ ;; UNBUNDLE-ME! "--with-system-libevent"
+ ;; UNBUNDLE-ME! "--with-system-ogg"
+ ;; UNBUNDLE-ME! "--with-system-vorbis"
+ ;; UNBUNDLE-ME! "--with-system-theora" ; wants theora-1.2, not yet released
+ ;; UNBUNDLE-ME! "--with-system-libvpx"
+ "--with-system-icu"
+ "--with-system-nspr"
+ ;; UNBUNDLE-ME! "--with-system-nss" ; pending upgrade of 'nss' to 3.90
+
+ ;; UNBUNDLE-ME! "--with-system-harfbuzz"
+ ;; UNBUNDLE-ME! "--with-system-graphite2"
+ "--enable-system-pixman"
+ "--enable-system-ffi"
+ ;; UNBUNDLE-ME! "--enable-system-sqlite"
+ )
+
+ #:imported-modules %cargo-utils-modules ;for `generate-all-checksums'
+
+ #:modules `((ice-9 ftw)
+ (ice-9 match)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'apply-guix-specific-patches
+ (lambda _
+ (for-each
+ (lambda (file) (invoke "patch" "--force" "-p1" "-i" file))
+ '(#$(local-file
+ (search-patch "icecat-compare-paths.patch"))
+ #$(local-file
+ (search-patch "icecat-use-system-wide-dir.patch"))))))
+ (add-after 'apply-guix-specific-patches 'remove-bundled-libraries
+ (lambda _
+ ;; Remove bundled libraries that we don't use, since they may
+ ;; contain unpatched security flaws, they waste disk space and
+ ;; memory, and may cause confusion.
+ (for-each (lambda (file)
+ (format #t "deleting '~a'...~%" file)
+ (delete-file-recursively file))
+ '( ;; FIXME: Removing the bundled icu breaks configure.
+ ;; * The bundled icu headers are used in some places.
+ ;; * The version number is taken from the bundled copy.
+ ;;"intl/icu"
+ ;;
+ ;; FIXME: A script from the bundled nspr is used.
+ ;;"nsprpub"
+ ;;
+ ;; FIXME: Some of the bundled NSS sources are used
+ ;; to build third_party/prio.
+ ;;"security/nss"
+ ;;
+ ;; TODO: Use more system media libraries. See:
+ ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=517422>
+ ;; * libtheora: esr60 wants v1.2, not yet released.
+ ;; * soundtouch: avoiding the bundled library would
+ ;; result in some loss of functionality. There's
+ ;; also an issue with exception handling
+ ;; configuration. It seems that this is needed in
+ ;; some moz.build:
+ ;; DEFINES['ST_NO_EXCEPTION_HANDLING'] = 1
+ ;; * libopus
+ ;; * speex
+ ;;
+ "modules/freetype2"
+ ;; "media/libjpeg" ; needed for now, because media/libjpeg/moz.build is referenced from config/external/moz.build
+ ;; UNBUNDLE-ME! "modules/zlib"
+ ;; UNBUNDLE-ME! "ipc/chromium/src/third_party/libevent"
+ ;; UNBUNDLE-ME! "media/libvpx"
+ ;; UNBUNDLE-ME! "media/libogg"
+ ;; UNBUNDLE-ME! "media/libvorbis"
+ ;; UNBUNDLE-ME! "media/libtheora" ; wants theora-1.2, not yet released
+ ;; UNBUNDLE-ME! "media/libtremor"
+ ;; UNBUNDLE-ME! "gfx/harfbuzz"
+ ;; UNBUNDLE-ME! "gfx/graphite2"
+ "js/src/ctypes/libffi"
+ ;; UNBUNDLE-ME! "db/sqlite3"
+ ))))
+ (add-after 'remove-bundled-libraries 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ (search-input-file inputs "lib/libavcodec.so")))))
+ (add-after 'fix-ffmpeg-runtime-linker 'build-sandbox-whitelist
+ (lambda* (#:key inputs #:allow-other-keys)
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath
+ elf-dynamic-info
+ parse-elf
+ get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label) "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ ;; Populate the sandbox read-path whitelist as needed by ffmpeg.
+ (let* ((whitelist
+ (map (cut string-append <> "/")
+ (delete-duplicates
+ `(,(string-append (assoc-ref inputs "shared-mime-info")
+ "/share/mime")
+ ,@(append-map runpaths-of-input
+ '("mesa" "ffmpeg"))))))
+ (whitelist-string (string-join whitelist ",")))
+ (with-output-to-file "whitelist.txt"
+ (lambda ()
+ (display whitelist-string))))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"))
+ (for-each (lambda (file)
+ (format #t "patching checksums in ~a~%" file)
+ (substitute* file
+ (("^checksum = \".*\"")
+ (string-append "checksum = \"" null-hash "\""))))
+ (find-files "." "Cargo.lock$"))
+ (for-each generate-all-checksums
+ '("services"
+ "js"
+ "third_party/rust"
+ "dom/media"
+ "dom/webauthn"
+ "toolkit"
+ "gfx"
+ "storage"
+ "modules"
+ "xpcom/rust"
+ "media"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "intl"
+ "servo"
+ "security/manager/ssl"
+ "build")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",") ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'setenv
+ (lambda _
+ (setenv "CONFIG_SHELL" (which "bash"))
+ ;; Install location is prefix/lib/$MOZ_APP_NAME. Also
+ ;; $MOZ_APP_NAME is the executable name. Default is
+ ;; "firefox".
+ (setenv "MOZ_APP_NAME" #$moz-app-name)
+ ;; Profile location (relative to "~/."). Default is
+ ;; lower($MOZ_APP_VENDOR/$MOZ_APP_BASENAME), which is:
+ ;; ~/.tor project/firefox.
+ (setenv "MOZ_APP_PROFILE" #$(in-vicinity
+ moz-app-name "browser"))
+ ;; WM_CLASS (default is "$MOZ_APP_NAME-$MOZ_UPDATE_CHANNEL").
+ (setenv "MOZ_APP_REMOTINGNAME" #$moz-app-remotingname)
+ ;; Persistent state directory for the build system (default is
+ ;; $HOME/.mozbuild).
+ (setenv "MOZBUILD_STATE_PATH"
+ (in-vicinity (getcwd) ".mozbuild"))
+ (setenv "MOZ_CHROME_MULTILOCALE"
+ (string-join (map car #$locales)))
+ ;; Make build reproducible.
+ (setenv "MOZ_BUILD_DATE" #$%moz-build-date)))
+ (add-before 'configure 'mozconfig
+ (lambda* (#:key configure-flags #:allow-other-keys)
+ (with-output-to-file "mozconfig"
+ (lambda ()
+ (format #t ". $topsrcdir/mozconfig-linux-x86_64~%")
+ (for-each (lambda (flag)
+ (format #t "ac_add_options ~a~%" flag))
+ configure-flags)))))
+ ;; See tor-browser-build/projects/firefox/build.
+ (add-before 'configure 'copy-firefox-locales
+ (lambda _
+ (let ((l10ncentral ".mozbuild/l10n-central"))
+ (mkdir-p l10ncentral)
+ (for-each
+ (lambda (lang)
+ (copy-recursively (cdr lang)
+ (in-vicinity l10ncentral
+ (car lang))))
+ #$locales))))
+ (add-after 'copy-firefox-locales 'copy-basebrowser-locales
+ (lambda _
+ (let ((l10ncentral ".mozbuild/l10n-central"))
+ ;; Temporary copy so that we can use ‘mv’ to mimic
+ ;; tor-browser-build/projects/firefox/build.
+ (copy-recursively #$translation-base-browser
+ "translation-base-browser")
+ (for-each
+ (lambda (lang)
+ (system
+ (format
+ #f (string-join
+ '("mv"
+ "translation-base-browser/~a/base-browser.ftl"
+ "~a/~a/browser/browser/"))
+ lang l10ncentral lang))
+ (system
+ (format
+ #f (string-join
+ '("mv"
+ "translation-base-browser/~a/*"
+ "~a/~a/browser/chrome/browser/"))
+ lang l10ncentral lang)))
+ (map car #$locales)))))
+ (add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
+ (lambda _
+ (let ((l10ncentral ".mozbuild/l10n-central"))
+ ;; Temporary copy so that we can use ‘mv’ to mimic
+ ;; tor-browser-build/projects/firefox/build.
+ (copy-recursively #$translation-tor-browser
+ "translation-tor-browser")
+ (for-each
+ (lambda (lang)
+ (system
+ (format
+ #f (string-join
+ '("mv"
+ "translation-tor-browser/~a/tor-browser.ftl"
+ "~a/~a/browser/browser/"))
+ lang l10ncentral lang))
+ (system
+ (format
+ #f (string-join
+ '("mv"
+ "translation-tor-browser/~a/cryptoSafetyPrompt.properties"
+ "~a/~a/browser/chrome/browser/"))
+ lang l10ncentral lang))
+ (system
+ (format
+ #f (string-join
+ '("mv"
+ "translation-tor-browser/~a"
+ "toolkit/torbutton/chrome/locale/"))
+ lang))
+ (let ((port (open-file "toolkit/torbutton/jar.mn" "a")))
+ (format port "% locale torbutton ~a %locale/~a/~%"
+ lang lang)
+ (format port " locale/~a/ (chrome/locale/~a/*)~%"
+ lang lang)
+ (close port)))
+ (map car #$locales)))))
+ (replace 'configure
+ (lambda _
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute*
+ "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org") "gnuzilla.gnu.org"))))
+ (add-before 'build 'add-bridges ;see deploy.sh
+ (lambda _
+ (let ((port (open-file
+ "browser/app/profile/000-tor-browser.js" "a")))
+ (display
+ "#include ../../../tools/torbrowser/bridges.js" port)
+ (newline port)
+ (close port))))
+ (replace 'build
+ (lambda* (#:key (make-flags '()) (parallel-build? #t)
+ #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use a wide parallel build if possible by
+ ;; default, so reign it in if requested.
+ `(,(string-append
+ "-j" (number->string (if parallel-build?
+ (parallel-job-count)
+ 1)))
+ ,@make-flags))))
+ ;; See tor-browser-build/projects/firefox/build.
+ (add-after 'build 'build-locales
+ (lambda _
+ (system (string-join '("./mach package-multi-locale --locales"
+ "en-US $MOZ_CHROME_MULTILOCALE")))))
+ (add-after 'build-locales 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers & other build tools in
+ ;; about:buildconfig, reducing IceCat's closure by 1 GiB on x86-64.
+ (let* ((obj-dir (match (scandir "." (cut string-prefix? "obj-" <>))
+ ((dir) dir)))
+ (file (string-append
+ obj-dir
+ "/dist/bin/chrome/toolkit/content/global/buildconfig.html")))
+ (substitute* file
+ (("[0-9a-df-np-sv-z]{32}" hash)
+ (string-append (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (invoke "./mach" "install")
+ ;; The geckodriver binary is not installed by the above, for some
+ ;; reason. Use 'find-files' to avoid having to deal with the
+ ;; system/architecture-specific file name.
+ (install-file (first (find-files "." "geckodriver"))
+ (string-append #$output "/bin"))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((gtk #$(this-package-input "gtk+"))
+ (gtk-share (string-append gtk "/share"))
+ (fonts.conf (format #f "~a/lib/~a/fontconfig/fonts.conf"
+ #$output #$moz-app-name))
+ (ld-libs '#$(cons
+ (file-append
+ (this-package-input "libcanberra")
+ "/lib/gtk-3.0/modules")
+ (map (lambda (label)
+ (file-append (this-package-input label) "/lib"))
+ '("libpng-apng"
+ "libxscrnsaver"
+ "mesa"
+ "pciutils"
+ "mit-krb5"
+ "eudev"
+ "pulseaudio"
+ ;; For the integration of native notifications
+ ;; (same reason as icedove)
+ "libnotify")))))
+ (wrap-program (format #f "~a/lib/~a/~a"
+ #$output #$moz-app-name #$moz-app-name)
+ `("XDG_DATA_DIRS" prefix (,gtk-share))
+ ;; The following line is commented out because the icecat
+ ;; package on guix has been observed to be unstable when
+ ;; using wayland, and the bundled extensions stop working.
+ ;; `("MOZ_ENABLE_WAYLAND" = ("1"))
+ `("LD_LIBRARY_PATH" prefix ,ld-libs)
+ `("FONTCONFIG_FILE" prefix (,fonts.conf))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda _
+ (let ((apps (in-vicinity #$output "share/applications")))
+ (mkdir-p apps)
+ (make-desktop-entry-file
+ (string-append apps "/" #$moz-app-name ".desktop")
+ #:name #$moz-app-remotingname
+ #:exec (format #f "~a/bin/~a %u" #$output #$moz-app-name)
+ #:categories '("Network" "WebBrowser" "Security")
+ #:startup-w-m-class #$moz-app-remotingname
+ #:icon #$moz-app-name))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key inputs #:allow-other-keys)
+ (for-each
+ (lambda (size)
+ (let ((oldpath (string-append
+ #$branding-directory "/default" size ".png"))
+ (newpath (string-append
+ #$output "/share/icons/hicolor/" size "x"
+ size "/apps/" #$moz-app-name ".png")))
+ (mkdir-p (dirname newpath))
+ (copy-file oldpath newpath)))
+ '("16" "22" "24" "32" "48" "64" "128" "256"))))
+ (add-after 'install 'deploy-fonts
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/" #$moz-app-name)))
+ ;; Fonts
+ (copy-recursively (in-vicinity #$assets "fontconfig")
+ (in-vicinity lib "fontconfig"))
+ (substitute* (in-vicinity lib "fontconfig/fonts.conf")
+ (("<dir>fonts</dir>")
+ (format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
+ (delete-file-recursively (in-vicinity lib "fonts"))
+ (copy-recursively (in-vicinity #$assets "fonts")
+ (in-vicinity lib "fonts")))))
+ (add-after 'deploy-fonts 'deploy-tor-assets
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (in-vicinity #$output "lib/torbrowser"))
+ (tor #$(this-package-input "tor-client")))
+ ;; TorBrowser/Data/Tor/torrc-defaults
+ (copy-recursively (in-vicinity #$assets "TorBrowser")
+ (in-vicinity lib "TorBrowser"))
+ (substitute*
+ (in-vicinity lib "TorBrowser/Data/Tor/torrc-defaults")
+ (("exec ./TorBrowser/Tor/PluggableTransports/lyrebird")
+ (string-append
+ "exec " (search-input-file inputs "bin/lyrebird"))))
+ ;; The geoip and geoip6 files are in the same directory as
+ ;; torrc-defaults. (See TorProcess.sys.mjs.)
+ (mkdir-p (in-vicinity lib "TorBrowser/Data/Tor"))
+ (copy-file (in-vicinity tor "share/tor/geoip6")
+ (in-vicinity lib "TorBrowser/Data/Tor/geoip6"))
+ (copy-file (in-vicinity tor "share/tor/geoip")
+ (in-vicinity lib "TorBrowser/Data/Tor/geoip")))))
+ (add-after 'install 'autoconfig
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/" #$moz-app-name))
+ (config-file (string-append #$moz-app-name ".cfg")))
+ (with-output-to-file (in-vicinity
+ lib "defaults/pref/autoconfig.js")
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ (format #t "pref(~s, ~s);~%"
+ "general.config.filename" config-file)
+ (format #t "pref(~s, ~a);~%"
+ "general.config.obscure_value" "0")))
+ (with-output-to-file (in-vicinity lib config-file)
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (format #t "pref(~s, ~a);~%"
+ "extensions.enabledScopes" "13")
+ (format #t "pref(~s, ~s);~%"
+ "security.sandbox.content.read_path_whitelist"
+ (call-with-input-file "whitelist.txt"
+ get-string-all))
+ ;; Add-ons pannel (see settings.js in Icecat source).
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.search.browseURL"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.get.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.link.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.discovery.api_url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.langpacks.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "lightweightThemes.getMoreURL"
+ "https://gnuzilla.gnu.org/mozzarella"))))))
+ (add-after 'autoconfig 'autoconfig-tor
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (in-vicinity #$output "lib/torbrowser"))
+ (config-file (string-append #$moz-app-name ".cfg")))
+ (let ((port (open-file (in-vicinity lib config-file) "a")))
+ (format port "pref(~s, ~s);~%"
+ "extensions.torlauncher.torrc-defaults_path"
+ (in-vicinity
+ lib "TorBrowser/Data/Tor/torrc-defaults"))
+ (format port "pref(~s, ~s);~%"
+ "extensions.torlauncher.tor_path"
+ (search-input-file inputs "bin/tor"))
+ (close port))))))))
+ (propagated-inputs
+ (list noscript/icecat))
+ (native-search-paths
+ (list (search-path-specification
+ (variable "ICECAT_SYSTEM_DIR")
+ (separator #f) ;single entry
+ (files '("lib/icecat")))))
+ (home-page "https://www.torproject.org")
+ (synopsis "Anonymous browser derived from Mozilla Firefox")
+ (description
+ "Tor Browser is the Tor Project version of Firefox browser. It is the
+only recommended way to anonymously browse the web that is supported by the
+project. It modifies Firefox in order to avoid many know application level
+attacks on the privacy of Tor users.")
+ (license license:mpl2.0))) ;And others, see
+ ;toolkit/content/license.html
+
+(define-public torbrowser
+ (make-torbrowser #:moz-app-name "torbrowser"
+ #:moz-app-remotingname "Tor Browser"
+ #:branding-directory "browser/branding/tb-release"
+ #:assets torbrowser-assets
+ #:locales %torbrowser-locales
+ #:base-browser-version %torbrowser-version))
diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
index 6ded83b83fee..2e2a19ae3e41 100644
--- a/gnu/packages/tor.scm
+++ b/gnu/packages/tor.scm
@@ -13,7 +13,6 @@
;;; Copyright © 2021-2023 Danial Behzadi <dani.behzi@ubuntu.com>
;;; Copyright © 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;; Copyright © 2022 Jim Newsome <jnewsome@torproject.org>
-;;; Copyright © 2023, 2024 Clément Lassieur <clement@lassieur.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -37,16 +36,10 @@ (define-module (gnu packages tor)
#:use-module (guix utils)
#:use-module (guix download)
#:use-module (guix git-download)
- #:use-module (guix hg-download)
- #:use-module (guix build-system copy)
#:use-module (guix build-system gnu)
- #:use-module (guix build-system mozilla)
#:use-module (guix build-system python)
#:use-module (guix build-system pyproject)
#:use-module (gnu packages)
- #:use-module (gnu packages base)
- #:use-module (gnu packages bash)
- #:use-module (gnu packages browser-extensions)
#:use-module (gnu packages libevent)
#:use-module (gnu packages linux)
#:use-module (gnu packages check)
@@ -54,11 +47,8 @@ (define-module (gnu packages tor)
#:use-module (gnu packages pcre)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages glib)
- #:use-module (gnu packages golang)
- #:use-module (gnu packages gnuzilla)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
- #:use-module (gnu packages python-check)
#:use-module (gnu packages python-crypto)
#:use-module (gnu packages python-web)
#:use-module (gnu packages python-xyz)
@@ -491,456 +481,3 @@ (define-public tractor
the onion proxy and sets up proxy in user session, so you don't have to mess
up with TOR on your system anymore.")
(license license:gpl3+)))
-
-(define (mozilla-locale locale changeset hash-string)
- (origin
- (method hg-fetch)
- (uri (hg-reference
- (url (string-append "https://hg.mozilla.org/l10n-central/"
- locale))
- (changeset changeset)))
- (file-name (string-append "mozilla-locale-" locale))
- (sha256 (base32 hash-string))))
-
-(define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
- #~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
- ...))
-
-;; See tor-browser-build/rbm.conf for the list.
-;; See browser/locales/l10n-changesets.json for the changeset.
-;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
-(define %torbrowser-locales
- (mozilla-locales
- ;; sha256 changeset locale
- ;;---------------------------------------------------------------------------
- ("14wnjv13alaj04pd8i8ysillbr3ic2jqa867rbj5ncz8h4hxxfxc" "4c7e24ef78bd" "ar")
- ("0mcc15n3p7yk4zdbr3na2fm7wq2184mbcrkk3cvppkl6p4k8654d" "24d50653ab5c" "ca")
- ("0ray22hdb3nrv2yi5z98cvbmpk9kpsv96a8wzad5dr4sxy44ii0d" "0d96b6b04bfb" "cs")
- ("0is7qbykv2pj0z9ll9r35vwjp0x29vmfr10yjl3s0amfaqzjqpqc" "0a0b774407cc" "da")
- ("0yq7m4v7d7ayg90m66j73mflrnp709qw9n7skhpsl9h1wbhrd7q7" "633986260777" "de")
- ("19g2ha32syq6rjcyl4ypmy7sc9w7xkvrpkic5lfc2yja6ll9116p" "e2f2d1541e38" "el")
- ("018qi9zn24kzfcidsj9lbqfg5n97r295yr8fs953nyfdbim9jsfv" "accf5e4506c0" "es-ES")
- ("11prhmh2cp95dpv6z0k479mb11zbfm541bvigs3gnkh3nazjvc8q" "37aa71d77cb6" "fa")
- ("1lv9l98q88ixb0ph970yzphahgzbl97x0w069bkxa54kblkv1ch1" "dc40a4fd5d0e" "fi")
- ("0wx4k7mwhvpv5w0wa4y5pca2q3jac62jv804nxqnfwh1bvi90wv0" "415c1f0e84bd" "fr")
- ("17j68a6rbaphfcq38mgz6s1076fyy92fk0ldw8igql6gd85qjlaa" "d271f275cf48" "ga-IE")
- ("0b7qdayljb4ryyqgalvi626lzg238gyn03m3a2f7afs9zi6px526" "46f8d7c031a6" "he")
- ("14xbrzvc09fcp7qzllb65nis27hkg9pg5615y29xzwiz4g090my1" "086ac0260d6b" "hu")
- ("0q5s4iz02xgmbw6nnpg6xg4pwz7n55nvxb9mj8vqdakq3faybbd5" "f03a6b3069a5" "id")
- ("1lwklx3nkm56420xc3kbg892jm2b6202sjw33nvv766sm9hbvcap" "5c4b61165e1d" "is")
- ("1n7l5idw9399n8ih1r1d6m8vzpzhwmnxmr9i7jvygkdc8d6adp1k" "07d5e1ff5f9b" "it")
- ("1w6nw9cd92p1ndy82wwlq9xizyq3i8rq0nj7118gbxbx368mk2kj" "e6f9db9ce3e6" "ja")
- ("1js99gbyc1dj33xc425wb08s1aw3bfznaacrqhw3l42yw1g1ghy4" "a15eb9feea2c" "ka")
- ("116a8s0k2yvijy7qf0xpqm5w66gdzs32jhc06364sdar5v34lyhh" "805b85981696" "ko")
- ("1yrjrhmmd0b810kxryja1j1md3rr2zpn1j9cbg05dgp5s8i89psk" "943a26276832" "lt")
- ("08zccz7gflzpr20y0hvhmdsiz6ncags39kh83cay5ivchyib5qbi" "fbef80de5499" "mk")
- ("100k4ibpwys9i4ghi5xvmgwr9api67ngav2hvb613rj6hdfd57f7" "20ec0915ec35" "ms")
- ("0kk3cjlpghbi7j3ndb2s0c7g838fzd2mpzg01bp0cra8lzd0n2ac" "4ab6f0d05aa6" "my")
- ("1i3r2ici95mazw07m2mrf192fc6bfa3x6j3c2pcc1zg7z9srihgh" "561b0cd86ec1" "nb-NO")
- ("1c0m8jhn52h1dif5bswrdwrlzppgga01y61wlii4aaaw15imd6yd" "2a55df0cc389" "nl")
- ("1gssvg306b80drp7kvc35kvcxwldb5sga0bapaxhv362irq1nya8" "a64a7dab01c4" "pl")
- ("1dzh13x85a7src8szbrq5pjmrbak4isln9xdwjk7a1yq4g9h7jgs" "33bf2a9f4c49" "pt-BR")
- ("0jx9y7fv44wxqapmcgr924wgb1l5cm95bgpmnhnjchp1zpmyfdl5" "a367feeadd33" "ro")
- ("09x2jirf04kgc118a70z0xrb3msbm7vr4f41ig4xrwf2s5b816r3" "528b76d6aaca" "ru")
- ("02y898f0ncjwka474r9lw361b0kywx1w56hj09i7im4j5jrsjnh1" "fa28d9d79cd3" "sq")
- ("1cyimbd42aaq2amyhdbbx26jwsns77lsfl8g9a70bsjlpwzwzryg" "cc8e8962e59c" "sv-SE")
- ("03mqrvcal7i172gf9239q9fnynfp5kg9b3r1w8gr9iz7rkr22gw5" "d361502c559e" "th")
- ("12srgqkqwaidcwbz0y7zr59165f7aq5k5s3b81ql7ixdbwia91pm" "f6173aca4762" "tr")
- ("1d91gfx5p6wyb455syw0b57wxl1sd4b4kcdvfk92pb050rqaqfgv" "c5ad4d4f70eb" "uk")
- ("1dj8q2jw60a184f018jyldl51rfmvz1cndz3kbw0cc5l5sli7hwr" "0e75c226763d" "vi")
- ("1dl2dpif4wwrlpx7zkz5qf8kk4vhxyf63016xcfpbhxizqqwc1ki" "df2d025ed631" "zh-CN")
- ("1c63ngff9lsc1x3pi6lnkyxw19gdc65yc67p7alzvrka3cv292ia" "11f8d68148a4" "zh-TW")))
-
-;; Must be of the form YYYYMMDDhhmmss as in `date +%Y%m%d%H%M%S`.
-(define %moz-build-date "20240123154553")
-
-;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.0.9")
-
-;; To find the last Firefox version, browse
-;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
-;; There should be only one archive that starts with
-;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.7.0esr-13.0-1-build1")
-
-;; See tor-browser-build/projects/translation/config.
-(define translation-base-browser
- (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "cbd9b6c415ec2edb99237ef67ccd4f033a7b9c2a")))
- (file-name "translation-base-browser")
- (sha256
- (base32
- "103dj1zzc68gxzjxwcpc4sbc6qca4zg8kkhdivzpq37ma07sp9sf"))))
-
-;; See tor-browser-build/projects/translation/config.
-(define translation-tor-browser
- (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "767ab5111f065b82151275775af5ecf7a529ef48")))
- (file-name "translation-tor-browser")
- (sha256
- (base32
- "034s0ivbama497xq0904q8p6d7n2f2aa2vn2jcs9g4bvmhgwicw4"))))
-
-(define torbrowser-assets
- ;; This is a prebuilt Torbrowser from which we take the assets we need.
- (package
- (name "torbrowser-assets")
- (version %torbrowser-version)
- (source
- (origin
- (method url-fetch)
- (uri
- (string-append
- "https://archive.torproject.org/tor-package-archive/torbrowser/"
- version "/tor-browser-linux-x86_64-" version ".tar.xz"))
- (sha256
- (base32
- "0j143r24xzmq38nd5z1xqsa9zp35lws9rvlj6hb9xn3dnl67gh59"))))
- (arguments
- (list
- #:install-plan
- ''(("Browser" "." #:include-regexp
- ("^\\./TorBrowser/Data/Tor/torrc-defaults"
- "^\\./fonts/"
- "^\\./fontconfig/fonts.conf")))))
- (build-system copy-build-system)
- (home-page "https://www.torproject.org")
- (synopsis "Tor Browser assets")
- (description "This package contains fonts and configuration files for Tor
-Browser.")
- (license license:silofl1.1)))
-
-(define-public torbrowser
- (package
- (inherit icecat-minimal)
- (name "torbrowser")
- (version %torbrowser-version)
- (source
- (origin
- (method url-fetch)
- (uri
- (string-append
- "https://archive.torproject.org/tor-package-archive/torbrowser/"
- version "/src-firefox-tor-browser-" %torbrowser-firefox-version
- ".tar.xz"))
- (sha256
- (base32
- "0h05js9j1drzw5q98nlphsmvlp1k2a71z5jd06xk6pz29w6322pw"))))
- (build-system mozilla-build-system)
- (arguments
- (substitute-keyword-arguments (package-arguments icecat-minimal)
- ((#:configure-flags flags '())
- #~(cons*
- "--without-relative-data-dir" ;store is read-only
- "--disable-base-browser-update"
- ;; Default is "default", which is the same as "nightly".
- "--enable-update-channel=release"
- "--with-user-appdir=.torbrowser"
- "--with-branding=browser/branding/tb-release"
- (string-append "--prefix=" #$output)
- (string-append "--with-base-browser-version=" #$version)
- #$flags))
- ((#:phases phases)
- #~(modify-phases #$phases
- (add-before 'configure 'setenv
- (lambda _
- (setenv "CONFIG_SHELL" (which "bash"))
- ;; Install location is prefix/lib/$MOZ_APP_NAME. Also
- ;; $MOZ_APP_NAME is the executable name. Default is
- ;; "firefox".
- (setenv "MOZ_APP_NAME" "torbrowser")
- ;; Profile location (relative to "~/."). Default is
- ;; lower($MOZ_APP_VENDOR/$MOZ_APP_BASENAME), which is:
- ;; ~/.tor project/firefox.
- (setenv "MOZ_APP_PROFILE" "torbrowser/browser")
- ;; WM_CLASS (default is "$MOZ_APP_NAME-$MOZ_UPDATE_CHANNEL").
- (setenv "MOZ_APP_REMOTINGNAME" "Tor Browser")
- ;; Persistent state directory for the build system (default is
- ;; $HOME/.mozbuild).
- (setenv "MOZBUILD_STATE_PATH"
- (in-vicinity (getcwd) ".mozbuild"))
- (setenv "MOZ_CHROME_MULTILOCALE"
- (string-join (map car #$%torbrowser-locales)))
- ;; Make build reproducible.
- (setenv "MOZ_BUILD_DATE" #$%moz-build-date)))
- (add-before 'configure 'mozconfig
- (lambda* (#:key configure-flags #:allow-other-keys)
- (with-output-to-file "mozconfig"
- (lambda ()
- (format #t ". $topsrcdir/mozconfig-linux-x86_64~%")
- (for-each (lambda (flag)
- (format #t "ac_add_options ~a~%" flag))
- configure-flags)))))
- (replace 'configure
- (lambda _
- (invoke "./mach" "configure")))
- ;; See tor-browser-build/projects/firefox/build.
- (add-before 'configure 'copy-firefox-locales
- (lambda _
- (let ((l10ncentral ".mozbuild/l10n-central"))
- (mkdir-p l10ncentral)
- (for-each
- (lambda (lang)
- (copy-recursively (cdr lang)
- (in-vicinity l10ncentral (car lang))))
- #$%torbrowser-locales))))
- (add-after 'copy-firefox-locales 'copy-basebrowser-locales
- (lambda _
- (let ((l10ncentral ".mozbuild/l10n-central"))
- ;; Temporary copy so that we can use ‘mv’ to mimic
- ;; tor-browser-build/projects/firefox/build.
- (copy-recursively #$translation-base-browser
- "translation-base-browser")
- (for-each
- (lambda (lang)
- (system
- (format
- #f (string-join
- '("mv"
- "translation-base-browser/~a/base-browser.ftl"
- "~a/~a/browser/browser/"))
- lang l10ncentral lang))
- (system
- (format
- #f (string-join
- '("mv"
- "translation-base-browser/~a/*"
- "~a/~a/browser/chrome/browser/"))
- lang l10ncentral lang)))
- (map car #$%torbrowser-locales)))))
- (add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
- (lambda _
- (let ((l10ncentral ".mozbuild/l10n-central"))
- ;; Temporary copy so that we can use ‘mv’ to mimic
- ;; tor-browser-build/projects/firefox/build.
- (copy-recursively #$translation-tor-browser
- "translation-tor-browser")
- (for-each
- (lambda (lang)
- (system
- (format
- #f (string-join
- '("mv"
- "translation-tor-browser/~a/tor-browser.ftl"
- "~a/~a/browser/browser/"))
- lang l10ncentral lang))
- (system
- (format
- #f (string-join
- '("mv"
- "translation-tor-browser/~a/cryptoSafetyPrompt.properties"
- "~a/~a/browser/chrome/browser/"))
- lang l10ncentral lang))
- (system
- (format
- #f (string-join
- '("mv"
- "translation-tor-browser/~a"
- "toolkit/torbutton/chrome/locale/"))
- lang))
- (let ((port (open-file "toolkit/torbutton/jar.mn" "a")))
- (format port "% locale torbutton ~a %locale/~a/~%"
- lang lang)
- (format port " locale/~a/ (chrome/locale/~a/*)~%"
- lang lang)
- (close port)))
- (map car #$%torbrowser-locales)))))
- (add-before 'build 'fix-addons-placeholder
- (lambda _
- (substitute*
- "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
- (("addons.mozilla.org") "gnuzilla.gnu.org"))))
- (add-before 'build 'add-bridges ;see deploy.sh
- (lambda _
- (let ((port (open-file
- "browser/app/profile/000-tor-browser.js" "a")))
- (display
- "#include ../../../tools/torbrowser/bridges.js" port)
- (newline port)
- (close port))))
- ;; See tor-browser-build/projects/firefox/build.
- (add-after 'build 'build-locales
- (lambda _
- (system (string-join '("./mach package-multi-locale --locales"
- "en-US $MOZ_CHROME_MULTILOCALE")))))
- (add-after 'install 'deploy-assets
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((lib (in-vicinity #$output "lib/torbrowser"))
- (tor #$(this-package-input "tor-client")))
- ;; TorBrowser/Data/Tor/torrc-defaults
- (copy-recursively (in-vicinity
- #$torbrowser-assets "TorBrowser")
- (in-vicinity lib "TorBrowser"))
- (substitute*
- (in-vicinity lib "TorBrowser/Data/Tor/torrc-defaults")
- (("exec ./TorBrowser/Tor/PluggableTransports/lyrebird")
- (string-append
- "exec " (search-input-file inputs "bin/lyrebird"))))
- ;; The geoip and geoip6 files are in the same directory as
- ;; torrc-defaults. (See TorProcess.sys.mjs.)
- (mkdir-p (in-vicinity lib "TorBrowser/Data/Tor"))
- (copy-file (in-vicinity tor "share/tor/geoip")
- (in-vicinity lib "TorBrowser/Data/Tor/geoip"))
- (copy-file (in-vicinity tor "share/tor/geoip6")
- (in-vicinity lib "TorBrowser/Data/Tor/geoip6"))
- ;; Fonts
- (copy-recursively (in-vicinity
- #$torbrowser-assets "fontconfig")
- (in-vicinity lib "fontconfig"))
- (substitute* (in-vicinity lib "fontconfig/fonts.conf")
- (("<dir>fonts</dir>")
- (format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
- (delete-file-recursively (in-vicinity lib "fonts"))
- (copy-recursively (in-vicinity #$torbrowser-assets "fonts")
- (in-vicinity lib "fonts")))))
- (replace 'build-sandbox-whitelist
- (lambda* (#:key inputs #:allow-other-keys)
- (define (runpath-of lib)
- (call-with-input-file lib
- (compose elf-dynamic-info-runpath
- elf-dynamic-info
- parse-elf
- get-bytevector-all)))
- (define (runpaths-of-input label)
- (let* ((dir (string-append (assoc-ref inputs label) "/lib"))
- (libs (find-files dir "\\.so$")))
- (append-map runpath-of libs)))
- ;; Populate the sandbox read-path whitelist as needed by ffmpeg.
- (let* ((whitelist
- (map (cut string-append <> "/")
- (delete-duplicates
- `(,(string-append (assoc-ref inputs "shared-mime-info")
- "/share/mime")
- ,@(append-map runpaths-of-input
- '("mesa" "ffmpeg"))))))
- (whitelist-string (string-join whitelist ",")))
- (with-output-to-file "whitelist.txt"
- (lambda ()
- (display whitelist-string))))))
- (add-after 'install 'autoconfig
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((lib (in-vicinity #$output "lib/torbrowser"))
- (config-file "tor-browser.cfg"))
- (with-output-to-file (in-vicinity
- lib "defaults/pref/autoconfig.js")
- (lambda ()
- (format #t "// first line must be a comment~%")
- (format #t "pref(~s, ~s);~%"
- "general.config.filename" config-file)
- (format #t "pref(~s, ~a);~%"
- "general.config.obscure_value" "0")))
- (with-output-to-file (in-vicinity lib config-file)
- (lambda ()
- (format #t "// first line must be a comment~%")
- (format #t "pref(~s, ~s);~%"
- "extensions.torlauncher.torrc-defaults_path"
- (in-vicinity
- lib "TorBrowser/Data/Tor/torrc-defaults"))
- (format #t "pref(~s, ~s);~%"
- "extensions.torlauncher.tor_path"
- (search-input-file inputs "bin/tor"))
- ;; Required for Guix packaged extensions
- ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
- ;; Default is 5.
- (format #t "pref(~s, ~a);~%"
- "extensions.enabledScopes" "13")
- (format #t "pref(~s, ~s);~%"
- "security.sandbox.content.read_path_whitelist"
- (call-with-input-file "whitelist.txt"
- get-string-all))
- ;; Add-ons pannel (see settings.js in Icecat source).
- (format #t "pref(~s, ~s);~%"
- "extensions.getAddons.search.browseURL"
- "https://gnuzilla.gnu.org/mozzarella")
- (format #t "pref(~s, ~s);~%"
- "extensions.getAddons.get.url"
- "https://gnuzilla.gnu.org/mozzarella")
- (format #t "pref(~s, ~s);~%"
- "extensions.getAddons.link.url"
- "https://gnuzilla.gnu.org/mozzarella")
- (format #t "pref(~s, ~s);~%"
- "extensions.getAddons.discovery.api_url"
- "https://gnuzilla.gnu.org/mozzarella")
- (format #t "pref(~s, ~s);~%"
- "extensions.getAddons.langpacks.url"
- "https://gnuzilla.gnu.org/mozzarella")
- (format #t "pref(~s, ~s);~%"
- "lightweightThemes.getMoreURL"
- "https://gnuzilla.gnu.org/mozzarella"))))))
- (replace 'wrap-program
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((gtk #$(this-package-input "gtk+"))
- (gtk-share (string-append gtk "/share"))
- (fonts.conf (in-vicinity
- #$output
- "lib/torbrowser/fontconfig/fonts.conf"))
- (ld-libs '#$(cons
- (file-append
- (this-package-input "libcanberra")
- "/lib/gtk-3.0/modules")
- (map
- (lambda (label)
- (file-append
- (this-package-input label) "/lib"))
- '("libpng-apng"
- "libxscrnsaver"
- "mesa"
- "pciutils"
- "mit-krb5"
- "eudev"
- "pulseaudio"
- "libnotify")))))
- (wrap-program
- (in-vicinity #$output "lib/torbrowser/torbrowser")
- `("XDG_DATA_DIRS" prefix (,gtk-share))
- `("LD_LIBRARY_PATH" prefix ,ld-libs)
- `("FONTCONFIG_FILE" prefix (,fonts.conf))))))
- (replace 'install-desktop-entry
- (lambda _
- (let ((apps (in-vicinity #$output "share/applications")))
- (mkdir-p apps)
- (make-desktop-entry-file
- (in-vicinity apps "torbrowser.desktop")
- #:name "Tor Browser"
- #:exec
- (format #f "~a %u" (in-vicinity #$output "bin/torbrowser"))
- #:comment
- "Tor Browser is +1 for privacy and -1 for mass surveillance"
- #:categories '("Network" "WebBrowser" "Security")
- #:startup-w-m-class "Tor Browser"
- #:icon "tor-browser"))))
- (replace 'install-icons
- (lambda* (#:key inputs #:allow-other-keys)
- (for-each
- (lambda (size)
- (let ((oldpath (string-append
- "browser/branding/tb-release/default"
- size ".png"))
- (newpath (string-append #$output
- "/share/icons/hicolor/"
- size "x" size "/apps")))
- (mkdir-p newpath)
- (copy-file oldpath
- (in-vicinity newpath "tor-browser.png"))))
- '("16" "22" "24" "32" "48" "64" "128" "256"))))))))
- (inputs
- (modify-inputs (package-inputs icecat-minimal)
- (append go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
- tor-client)))
- (propagated-inputs
- (list noscript/icecat))
- (home-page "https://www.torproject.org")
- (synopsis "Anonymous browser derived from Mozilla Firefox")
- (description
- "Tor Browser is the Tor Project version of Firefox browser. It is the
-only recommended way to anonymously browse the web that is supported by the
-project. It modifies Firefox in order to avoid many know application level
-attacks on the privacy of Tor users.")
- (license license:mpl2.0))) ;And others, see
- ;toolkit/content/license.html
--
2.41.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser.
2024-01-25 22:41 ` [bug#68577] [PATCH v2 0/2] Stop inheriting Icecat and add " Clément Lassieur
2024-01-25 22:54 ` [bug#68577] [PATCH v2 1/2] gnu: torbrowser: Stop inheriting Icecat Clément Lassieur
@ 2024-01-25 22:55 ` Clément Lassieur
2024-01-31 16:20 ` Clément Lassieur
2024-02-04 1:48 ` [bug#68577] [PATCH v3] " Clément Lassieur
2 siblings, 1 reply; 29+ messages in thread
From: Clément Lassieur @ 2024-01-25 22:55 UTC (permalink / raw)
To: 68577, Clément Lassieur, Mark H Weaver, André Batista,
Jonathan Brielmaier, Ian Eure
* gnu/packages/tor-browsers.scm (%mullvadbrowser-version,
%mullvadbrowser-firefox-version, %mullvadbrowser-locales,
translation-mullvad-browser, mullvadbrowser-assets, mullvadbrowser-base,
mullvadbrowser): New variables.
Change-Id: Ie6d48823b3794710f60f0ae201a0297925221f66
---
gnu/packages/tor-browsers.scm | 162 ++++++++++++++++++++++++++++++++++
1 file changed, 162 insertions(+)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index 0355409a631a..ef6305bfb8c4 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -159,6 +159,8 @@ (define %torbrowser-version "13.0.9")
(define %torbrowser-firefox-version "115.7.0esr-13.0-1-build1")
;; See tor-browser-build/projects/translation/config.
+;; If Tor Browser and Mullvad Browser updates are not synchronized, maybe this
+;; will have to be duplicated.
(define translation-base-browser
(origin
(method git-fetch)
@@ -837,3 +839,163 @@ (define-public torbrowser
#:assets torbrowser-assets
#:locales %torbrowser-locales
#:base-browser-version %torbrowser-version))
+
+\f
+;; See tor-browser-build/rbm.conf for the list.
+;; See browser/locales/l10n-changesets.json for the changeset.
+;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
+(define %mullvadbrowser-locales
+ (mozilla-locales
+ ;; sha256 changeset locale
+ ;;---------------------------------------------------------------------------
+ ("14wnjv13alaj04pd8i8ysillbr3ic2jqa867rbj5ncz8h4hxxfxc" "4c7e24ef78bd" "ar")
+ ("0is7qbykv2pj0z9ll9r35vwjp0x29vmfr10yjl3s0amfaqzjqpqc" "0a0b774407cc" "da")
+ ("0yq7m4v7d7ayg90m66j73mflrnp709qw9n7skhpsl9h1wbhrd7q7" "633986260777" "de")
+ ("018qi9zn24kzfcidsj9lbqfg5n97r295yr8fs953nyfdbim9jsfv" "accf5e4506c0" "es-ES")
+ ("11prhmh2cp95dpv6z0k479mb11zbfm541bvigs3gnkh3nazjvc8q" "37aa71d77cb6" "fa")
+ ("1lv9l98q88ixb0ph970yzphahgzbl97x0w069bkxa54kblkv1ch1" "dc40a4fd5d0e" "fi")
+ ("0wx4k7mwhvpv5w0wa4y5pca2q3jac62jv804nxqnfwh1bvi90wv0" "415c1f0e84bd" "fr")
+ ("1n7l5idw9399n8ih1r1d6m8vzpzhwmnxmr9i7jvygkdc8d6adp1k" "07d5e1ff5f9b" "it")
+ ("1w6nw9cd92p1ndy82wwlq9xizyq3i8rq0nj7118gbxbx368mk2kj" "e6f9db9ce3e6" "ja")
+ ("116a8s0k2yvijy7qf0xpqm5w66gdzs32jhc06364sdar5v34lyhh" "805b85981696" "ko")
+ ("0kk3cjlpghbi7j3ndb2s0c7g838fzd2mpzg01bp0cra8lzd0n2ac" "4ab6f0d05aa6" "my")
+ ("1i3r2ici95mazw07m2mrf192fc6bfa3x6j3c2pcc1zg7z9srihgh" "561b0cd86ec1" "nb-NO")
+ ("1c0m8jhn52h1dif5bswrdwrlzppgga01y61wlii4aaaw15imd6yd" "2a55df0cc389" "nl")
+ ("1gssvg306b80drp7kvc35kvcxwldb5sga0bapaxhv362irq1nya8" "a64a7dab01c4" "pl")
+ ("1dzh13x85a7src8szbrq5pjmrbak4isln9xdwjk7a1yq4g9h7jgs" "33bf2a9f4c49" "pt-BR")
+ ("09x2jirf04kgc118a70z0xrb3msbm7vr4f41ig4xrwf2s5b816r3" "528b76d6aaca" "ru")
+ ("1cyimbd42aaq2amyhdbbx26jwsns77lsfl8g9a70bsjlpwzwzryg" "cc8e8962e59c" "sv-SE")
+ ("03mqrvcal7i172gf9239q9fnynfp5kg9b3r1w8gr9iz7rkr22gw5" "d361502c559e" "th")
+ ("12srgqkqwaidcwbz0y7zr59165f7aq5k5s3b81ql7ixdbwia91pm" "f6173aca4762" "tr")
+ ("1dl2dpif4wwrlpx7zkz5qf8kk4vhxyf63016xcfpbhxizqqwc1ki" "df2d025ed631" "zh-CN")
+ ("1c63ngff9lsc1x3pi6lnkyxw19gdc65yc67p7alzvrka3cv292ia" "11f8d68148a4" "zh-TW")))
+
+;; To find the last version, look at
+;; https://mullvad.net/en/download/browser/linux.
+(define %mullvadbrowser-version "13.0.9")
+
+;; To find the last Firefox version, browse
+;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version>
+;; There should be only one archive that starts with
+;; "src-firefox-mullvad-browser-".
+(define %mullvadbrowser-firefox-version "115.7.0esr-13.0-1-build1")
+
+;; See tor-browser-build/projects/translation/config.
+(define translation-mullvad-browser
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://gitlab.torproject.org/tpo/translation.git")
+ (commit "57de1569da0e2c48fd999a13e555f6b522041993")))
+ (file-name "translation-mullvad-browser")
+ (sha256
+ (base32
+ "1q3979ac92c5mib573hx9w06x3hrfw7r52wzmj9r75sz2hhsmrq3"))))
+
+(define mullvadbrowser-assets
+ ;; This is a prebuilt Mullvad Browser from which we take the assets we need.
+ (package
+ (name "mullvadbrowser-assets")
+ (version %mullvadbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
+ version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1f930j3c1xq88cqlqmnj0m00k0hd63cmgnxd788sp9hz56al22sc"))))
+ (arguments
+ (list
+ #:install-plan
+ ''(("Browser" "." #:include-regexp
+ ("^\\./fonts/"
+ "^\\./fontconfig/fonts.conf"
+ ;; Mullvad Browser Extension
+ "^\\./distribution/extensions/\\{d19a89b9-76c1-4a61-bcd4-49e8de916403\\}.xpi"
+ )))))
+ (build-system copy-build-system)
+ (home-page "https://www.torproject.org")
+ (synopsis "Mullvad Browser assets")
+ (description "This package contains fonts and configuration files for
+Mullvad Browser.")
+ (license license:silofl1.1)))
+
+(define mullvadbrowser-base
+ (make-torbrowser #:moz-app-name "mullvadbrowser"
+ #:moz-app-remotingname "Mullvad Browser"
+ #:branding-directory "browser/branding/mb-release"
+ #:assets mullvadbrowser-assets
+ #:locales %mullvadbrowser-locales
+ #:base-browser-version %mullvadbrowser-version))
+
+(define-public mullvadbrowser
+ (package
+ (inherit mullvadbrowser-base)
+ (name "mullvadbrowser")
+ (version %mullvadbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
+ version "/src-firefox-mullvad-browser-"
+ %mullvadbrowser-firefox-version ".tar.xz"))
+ (sha256
+ (base32
+ "16chkc07pqr4ypmmgy4z2grvlpvbyr161gpzy72w35dgzzff46f9"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments mullvadbrowser-base)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (add-after 'unpack 'ublock-private-allowed
+ (lambda _
+ (substitute* "toolkit/components/extensions/Extension.sys.mjs"
+ ;; The code that gives the correct permission only applies to
+ ;; distribution add-ons (see installDistributionAddon() in
+ ;; XPIProvider.jsm).
+ (("this.isNoScript")
+ "this.isNoScript || this.id === \"uBlock0@raymondhill.net\""))))
+ ;; See tor-browser-build/projects/firefox/build.
+ (replace 'copy-torbrowser-locales
+ (lambda _
+ (for-each
+ (lambda (lang)
+ (system
+ (format #f "cp -Lr ~a/~a .mozbuild/l10n-central/"
+ #$translation-mullvad-browser lang)))
+ (map car #$%mullvadbrowser-locales))))
+ (add-before 'build 'fix-profiles
+ ;; Otherwise the profile would change every time the install
+ ;; location changes, that is: at every package update. These
+ ;; values are already the default values for Icecat and Tor
+ ;; Browser.
+ (lambda _
+ (substitute* "browser/moz.configure"
+ (("\"MOZ_DEDICATED_PROFILES\", True")
+ "\"MOZ_DEDICATED_PROFILES\", False")
+ (("\"MOZ_BLOCK_PROFILE_DOWNGRADE\", True")
+ "\"MOZ_BLOCK_PROFILE_DOWNGRADE\", False"))))
+ (add-after 'deploy-fonts 'deploy-extension
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (in-vicinity #$output "lib/mullvadbrowser")))
+ ;; Mullvad Browser Extension (FIXME: package it)
+ (copy-recursively
+ (in-vicinity #$mullvadbrowser-assets "distribution")
+ (in-vicinity lib "distribution")))))
+ (delete 'deploy-tor-assets)
+ (delete 'autoconfig-tor)))))
+ (inputs
+ (modify-inputs (package-inputs torbrowser)
+ (delete go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird)))
+ (propagated-inputs
+ (modify-inputs (package-propagated-inputs torbrowser)
+ (append ublock-origin/icecat)))
+ (home-page "https://mullvad.net/en/browser")
+ (synopsis "Privacy-focused web browser")
+ (description "Mullvad Browser is a privacy-focused web browser developed
+in collaboration between Mullvad VPN and the Tor Project. It’s produced to
+minimize tracking and fingerprinting.")))
--
2.41.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser.
2024-01-25 22:55 ` [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser Clément Lassieur
@ 2024-01-31 16:20 ` Clément Lassieur
2024-02-02 1:52 ` André Batista
2024-02-04 1:53 ` Clément Lassieur
0 siblings, 2 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-01-31 16:20 UTC (permalink / raw)
To: 68577; +Cc: André Batista, Mark H Weaver, Jonathan Brielmaier, Ian Eure
I'll send an update for this patch : the build id is not the same as Tor
Browser's build id[0].
The Mullvad Browser one is 20240115174108. I found it by going to
about:support, but if anyone knows a way to find it on the web, it'd
help me automate things a bit.
Another thing is about the way I package Mullvad Browser. I wish to
inherit Tor Browser as much as I can, but the fact that they don't share
the build id, plus the fact that webRTC is supported by Mullvad and not
(yet) by Tor Browser means Mullvad users and Tor Browser users are not
in the same “bucket”[1].
To make things clear : our goal is for our Tor Browser users to be in
the same bucket as upstream Tor Browser users, and for our Mullvad
Browser users to be in the same bucket as Mullvad Browser upstream
users.
Thanks
Clément
[0]: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=68676#19
[1]: https://forum.torproject.org/t/changing-operating-system-changes-browser-fingerprints/6345/3
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 1/2] gnu: torbrowser: Stop inheriting Icecat.
2024-01-25 22:54 ` [bug#68577] [PATCH v2 1/2] gnu: torbrowser: Stop inheriting Icecat Clément Lassieur
@ 2024-02-01 23:46 ` André Batista
2024-02-02 11:04 ` Clément Lassieur
0 siblings, 1 reply; 29+ messages in thread
From: André Batista @ 2024-02-01 23:46 UTC (permalink / raw)
To: Clément Lassieur; +Cc: Mark H Weaver, 68577, Jonathan Brielmaier, Ian Eure
Hi Clément,
I did not yet review the mullvad patch which follows this one, but
regarding this, I have only a few comments to make:
qui 25 jan 2024 às 23:54:36 (1706237676), clement@lassieur.org enviou:
> +
> +;; Must be of the form YYYYMMDDhhmmss as in `date +%Y%m%d%H%M%S`.
> +(define %moz-build-date "20240123154553")
First just a heads up so that you do not forget to update the build-date.
And also on tor.scm:
> diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
> index 6ded83b83fee..2e2a19ae3e41 100644
> --- a/gnu/packages/tor.scm
> +++ b/gnu/packages/tor.scm
> ...
>
> @@ -37,16 +36,10 @@ (define-module (gnu packages tor)
> #:use-module (guix utils)
> #:use-module (guix download)
> #:use-module (guix git-download)
> - #:use-module (guix hg-download)
> - #:use-module (guix build-system copy)
> #:use-module (guix build-system gnu)
> - #:use-module (guix build-system mozilla)
> #:use-module (guix build-system python)
> #:use-module (guix build-system pyproject)
> #:use-module (gnu packages)
> - #:use-module (gnu packages base)
I think you've mistankenly removed base and also
> - #:use-module (gnu packages bash)
> - #:use-module (gnu packages browser-extensions)
> #:use-module (gnu packages libevent)
> #:use-module (gnu packages linux)
> #:use-module (gnu packages check)
> @@ -54,11 +47,8 @@ (define-module (gnu packages tor)
> #:use-module (gnu packages pcre)
> #:use-module (gnu packages freedesktop)
> #:use-module (gnu packages glib)
> - #:use-module (gnu packages golang)
> - #:use-module (gnu packages gnuzilla)
> #:use-module (gnu packages pkg-config)
> #:use-module (gnu packages python)
> - #:use-module (gnu packages python-check)
python-check here.
They were there before the commit which has added torbrowser.
On git logs, it seems 'base' is needed for the 'which' input to torsocks,
as per f3cf25c3c2aef91a47b790fe69b5008cdb6a6316.
'python-check' OTOH is needed for the 'python-colorama' input to
onionshare, as per 55db762b31531609f43b32680298762487702280.
I have not yet tried to rebuild them without those inputs to see if they
are actually still needed though. In case they are not, for clarity, I
think it would be better to remove them on a separate patch anyway.
Finally, I've noticed that we are still using 'ffmpeg-5' as an input to
both icecat and torbrowser. However, as we are now based on firefox
version 115, ffmpeg is compatible. I've built it to check and it appears
to be working fine (though I've only watched one single video to test
it and only on torbrowser). IMO, this should be also a separate patch.
Other than that, all looks good to me, even if it gives me a headache. :D
Cheers,
André
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser.
2024-01-31 16:20 ` Clément Lassieur
@ 2024-02-02 1:52 ` André Batista
2024-02-02 12:03 ` Clément Lassieur
2024-02-04 1:53 ` Clément Lassieur
1 sibling, 1 reply; 29+ messages in thread
From: André Batista @ 2024-02-02 1:52 UTC (permalink / raw)
To: Clément Lassieur; +Cc: Mark H Weaver, 68577, Jonathan Brielmaier, Ian Eure
Hi guix,
qua 31 jan 2024 às 17:20:14 (1706732414), clement@lassieur.org enviou:
>
> (...)
>
> To make things clear : our goal is for our Tor Browser users to be in
> the same bucket as upstream Tor Browser users, and for our Mullvad
> Browser users to be in the same bucket as Mullvad Browser upstream
> users.
I think we should aim for that and be as close as possible but no closer.
What I mean is that we should not strive for bug for bug compatibility.
Suppose there's a new torbrowser release and then, one week later, a
new noscript release. Should we then freeze noscript and wait for a new
torbrowser? Should we create a new noscript/torbrowser package? What
about other inputs? The build system?
I don't know if it's at all possible to guarantee that guix users will be
on the same bucket as other GNU/Linux users of the upstream binaries, but
I guess it will be way too much work to even try it. That's what I meant
way back when I suggested the 'torbrowser-unbundle' name and said that
if one wants the strongest possible guarantee of anonymity, one should
then use the upstream binaries (they are sure the largest anonymity
bucket).
In that sense, having torbrowser on guix is a sure improvement over using
tor+icecat. All guix users in this scenario are on a bucket that is easy
to tell apart (not even the user-agent string is the same). So we've made
the work needed to tell apart guix users from other GNU/Linux users way
harder.
From now on, what I suggest is that we think on the economics of getting
each step closer to be indistinguishable from upstream. Are the proposed
changes easily maintainable? Do they substantially increase the burden on
guix build servers? Is the change making the work of those trying to
deanonymize surely more expensive?
If the burden is heavy on us but the proposed changes do not make the
work of those intent on deanonymizing way harder/more expensive, it's
unreasonable to apply them.
Thoughts?
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 1/2] gnu: torbrowser: Stop inheriting Icecat.
2024-02-01 23:46 ` André Batista
@ 2024-02-02 11:04 ` Clément Lassieur
0 siblings, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-02-02 11:04 UTC (permalink / raw)
To: André Batista; +Cc: Mark H Weaver, 68577, Jonathan Brielmaier, Ian Eure
Hi André,
On Thu, Feb 01 2024, André Batista wrote:
> qui 25 jan 2024 às 23:54:36 (1706237676), clement@lassieur.org enviou:
>> +
>> +;; Must be of the form YYYYMMDDhhmmss as in `date +%Y%m%d%H%M%S`.
>> +(define %moz-build-date "20240123154553")
>
> First just a heads up so that you do not forget to update the build-date.
Yes, I did rebase locally. Thanks for the reminder!
> And also on tor.scm:
>
>> diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
>> index 6ded83b83fee..2e2a19ae3e41 100644
>> --- a/gnu/packages/tor.scm
>> +++ b/gnu/packages/tor.scm
>> ...
>>
>> @@ -37,16 +36,10 @@ (define-module (gnu packages tor)
>> #:use-module (guix utils)
>> #:use-module (guix download)
>> #:use-module (guix git-download)
>> - #:use-module (guix hg-download)
>> - #:use-module (guix build-system copy)
>> #:use-module (guix build-system gnu)
>> - #:use-module (guix build-system mozilla)
>> #:use-module (guix build-system python)
>> #:use-module (guix build-system pyproject)
>> #:use-module (gnu packages)
>> - #:use-module (gnu packages base)
>
> I think you've mistankenly removed base and also
>
>> - #:use-module (gnu packages bash)
>> - #:use-module (gnu packages browser-extensions)
>> #:use-module (gnu packages libevent)
>> #:use-module (gnu packages linux)
>> #:use-module (gnu packages check)
>> @@ -54,11 +47,8 @@ (define-module (gnu packages tor)
>> #:use-module (gnu packages pcre)
>> #:use-module (gnu packages freedesktop)
>> #:use-module (gnu packages glib)
>> - #:use-module (gnu packages golang)
>> - #:use-module (gnu packages gnuzilla)
>> #:use-module (gnu packages pkg-config)
>> #:use-module (gnu packages python)
>> - #:use-module (gnu packages python-check)
>
> python-check here.
>
> They were there before the commit which has added torbrowser.
>
> On git logs, it seems 'base' is needed for the 'which' input to torsocks,
> as per f3cf25c3c2aef91a47b790fe69b5008cdb6a6316.
>
> 'python-check' OTOH is needed for the 'python-colorama' input to
> onionshare, as per 55db762b31531609f43b32680298762487702280.
‘make’ was happy but maybe it's not enough? I'll add them back.
> I have not yet tried to rebuild them without those inputs to see if they
> are actually still needed though. In case they are not, for clarity, I
> think it would be better to remove them on a separate patch anyway.
Yes!
> Finally, I've noticed that we are still using 'ffmpeg-5' as an input to
> both icecat and torbrowser. However, as we are now based on firefox
> version 115, ffmpeg is compatible. I've built it to check and it appears
> to be working fine (though I've only watched one single video to test
> it and only on torbrowser). IMO, this should be also a separate patch.
I agree, for a separate patch!
> Other than that, all looks good to me, even if it gives me a headache. :D
Gives me headaches too :) Thanks, pushed.
Clément
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser.
2024-02-02 1:52 ` André Batista
@ 2024-02-02 12:03 ` Clément Lassieur
0 siblings, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-02-02 12:03 UTC (permalink / raw)
To: André Batista; +Cc: Mark H Weaver, 68577, Jonathan Brielmaier, Ian Eure
On Thu, Feb 01 2024, André Batista wrote:
> Hi guix,
>
> qua 31 jan 2024 às 17:20:14 (1706732414), clement@lassieur.org enviou:
>>
>> (...)
>>
>> To make things clear : our goal is for our Tor Browser users to be in
>> the same bucket as upstream Tor Browser users, and for our Mullvad
>> Browser users to be in the same bucket as Mullvad Browser upstream
>> users.
>
> I think we should aim for that and be as close as possible but no closer.
>
> What I mean is that we should not strive for bug for bug compatibility.
> Suppose there's a new torbrowser release and then, one week later, a
> new noscript release. Should we then freeze noscript and wait for a new
> torbrowser? Should we create a new noscript/torbrowser package? What
> about other inputs? The build system?
>
> I don't know if it's at all possible to guarantee that guix users will be
> on the same bucket as other GNU/Linux users of the upstream binaries, but
> I guess it will be way too much work to even try it. That's what I meant
> way back when I suggested the 'torbrowser-unbundle' name and said that
> if one wants the strongest possible guarantee of anonymity, one should
> then use the upstream binaries (they are sure the largest anonymity
> bucket).
>
> In that sense, having torbrowser on guix is a sure improvement over using
> tor+icecat. All guix users in this scenario are on a bucket that is easy
> to tell apart (not even the user-agent string is the same). So we've made
> the work needed to tell apart guix users from other GNU/Linux users way
> harder.
>
> From now on, what I suggest is that we think on the economics of getting
> each step closer to be indistinguishable from upstream. Are the proposed
> changes easily maintainable? Do they substantially increase the burden on
> guix build servers? Is the change making the work of those trying to
> deanonymize surely more expensive?
>
> If the burden is heavy on us but the proposed changes do not make the
> work of those intent on deanonymizing way harder/more expensive, it's
> unreasonable to apply them.
>
> Thoughts?
Yes I agree. Perfect is the enemy of good. I was thinking about
changes that don't make it more difficult to maintain, e.g. using the
same build-options as upstream (when it makes sense). I don't think
being late on a noscript update will change our bucket anyways, and I
know we can't know for sure.
(For the strongest possible anonymity, people should use Tails...)
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance.
2024-01-22 18:42 ` André Batista
@ 2024-02-03 19:28 ` Mark H Weaver
2024-02-07 15:52 ` Clément Lassieur
0 siblings, 1 reply; 29+ messages in thread
From: Mark H Weaver @ 2024-02-03 19:28 UTC (permalink / raw)
To: André Batista
Cc: 68577, Jonathan Brielmaier, Clément Lassieur, Ian Eure
Hi André,
First, let me say that I appreciate you and your contributions to Guix.
I'm sorry that my message made you feel badly. That's not an apology,
but rather a sincere feeling of sadness that your feelings were hurt.
André Batista <nandre@riseup.net> writes:
> seg 22 jan 2024 às 01:09:21 (1705896561), mhw@netris.org enviou:
>> Hi Clément,
>>
>> I see now that in November, you added 'torbrowser', which inherits from
>> 'icecat-minimal'.
>>
>> > commit 756ba0429e84ee0f8ce30484439b78c00c61d286
>> > Author: Clément Lassieur <clement@lassieur.org>
>> > Date: Sun Nov 12 02:23:27 2023 +0100
>> >
>> > gnu: Add torbrowser.
>> >
>> > * gnu/packages/tor.scm (torbrowser): New variable.
>> > (torbrowser-assets): New variable.
>> > * gnu/packages/browser-extensions.scm (noscript): New variable.
>> > (noscript/icecat): New variable.
>> >
>> > Co-authored-by: André Batista <nandre@riseup.net>
>> > Change-Id: I73dc53905e4a028108bb34aae07e44256cf16c85
>>
>> Did you consult me on this change? I don't remember seeing anything
>> about this in my mailbox.
Please note that this was simply a question, and not a rhetorical one.
I asked the question because I do not want to assume that my failure to
see an email implies that it was not sent to me. Any email can be lost
due to spam filters, a man-in-the-middle who wishes to prevent delivery,
or because the recipient overlooks it among the torrent of (mostly junk)
mail that many of us receive.
>> This change concerns me, because it compels me to coordinate with you
>> when making nontrivial IceCat updates. As things stand now, it seems
>> that the 'icecat' and 'torbrowser' packages must be updated together,
>> in lock step.
>>
>> Also, do 'torbrowser' and 'mullvad' both comply with the requirements of
>> the GNU FSDG? For example, do they support EME? Do they steer the user
>> to nonfree software, e.g. nonfree addons.
>
> Considering I was cc'ed and part of the thread that led to that patch,
> I'll consider myself invited to give a piece of my mind on your
> comments.
I'm glad that you did. It is far better than letting unspoken feelings
fester indefinitely. I'm sorry that I was too overloaded to respond
sooner.
> First things first: when I sent the very first version of this patch, I
> didn't use inheritance anywhere and it was actually suggested to me as
> an improvement over what I had done[1].
[...]
> 1. https://lists.gnu.org/archive/html/guix-patches/2020-09/msg00261.html
I looked at the messages in that thread from people other than you, but
I was unable to find any suggestion to use inheritance. Can you point
to the specific message where inheritance was suggested?
What I do see is a suggestion by Ludovic to "think of ways to factorize
code with IceCat". I agree with that suggestion, but not with the use
of inheritance. Instead, I suggest creating a new (guix build icecat)
module, and moving some of the code from the build phases of IceCat into
Scheme procedures placed within that module. Of course, please CC me on
any proposals along those lines.
> Looking back, it is true I should have probably known better and have you
> cc'ed right from the start. My code was heavily based on / similar to
> Icecat's package definition and so it made sense to avoid duplication.
> I didn't know and did not care to look who were the contributors to
> Icecat's definition. I see now that I was careless and that my behaviour
> could be seen as disrespectful. No disrespect was intended, but I
> certainly could have done better and I do apologize for my shortcomings.
For what it's worth, I don't believe that you were "careless" or
"disrespectful", nor do I think that an apology is warranted here.
As Clément correctly pointed out, I was not listed as a member of the
mozilla team, and that reason alone makes it understandable that I would
be overlooked.
FYI, I've just recently added myself to the 'mozilla' team.
> Now, do you believe me when I say that there was no ill will towards you
> or others?
Yes, and I never believed otherwise. I have neither perceived ill will
from, nor felt ill will towards, you or Clément.
> I ask this because your last comments strike me on the opposite sense.
> Risking to add insult to injury, but in the hopes of gaining your help,
> I'd say that your comments appear to be assuming ill intention on our
> part towards you and somewhat belittle you at the same time.
I made no such assumption.
> Why do you assume to be compelled to do anything if you were not even
> cc'ed? As things stand, my assumption here is that the burden would be
> on us to either ask you directly or to keep a close eye on any changes
> done to Icecat. IMO, you certainly wouldn't be to blame if you changed
> something on Icecat and torbrowser/mullvad/librewolf had some issue. We
> would.
I would not feel compelled *by you*, but rather as an unintended
consequence of your actions, due to my own desire to not break other
packages while updating IceCat.
> On the other hand, would it really be that much of added work if we were
> to ask you to copy us when proposing some changes to Icecat? Would it be
> presumptuous or forceful to ask that?
The problem is partly due to my own (admittedly suboptimal) tendency to
procastinate performing major IceCat updates until shortly before the
previous ESR branch reaches end-of-life. These major updates, which
occur approximately once per year, usually require substantial changes
to the IceCat package definition. These changes are likely to break any
other packages that inherit from the IceCat package, unless all of the
inheriting packages are updated in lock-step within a single batch of
commits.
Theoretically, there is a window of 2-3 months when these major IceCat
updates could be done, and therefore it would theoretically be possible
to coordinate a lock-step update of IceCat, TorBrowser, and Mullvad at
the same time. However, this would be an added burden on me, and I'm
unwilling to commit to doing this.
> More than that, it suprises me that after discovering these threads and
> having a good amount of knowledge on building Icecat you've decided to
> just lash out on us, instead of trying to be of help, reviewing the
> proposed patches or letting we learn from our short-sightedness the hard
> way.
This idea that I "lashed out" at you is unsupported by my actual words.
I think that you have made many assumptions about what I felt about you,
when in fact I merely asked a question, and then proceeded to explain
why the changes created a problem for me.
I do not deny that I was *mildly* displeased at not being informed in
advance about the changes you made. Of course, I expect to be CC'd on
future updates that relate to the IceCat package, including any changes
that could add more burdens on me when modifying the IceCat package,
given that I feel a responsibility to try my best to avoid breaking
other packages. However, I do not fault you in any way.
Anyway: thanks again, André and Clément, for your contributions to Guix.
I think well of you both, and I hope that this message will help to
clear up any misunderstandings between us.
Sincerely,
Mark
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v3] gnu: Add mullvadbrowser.
2024-01-25 22:41 ` [bug#68577] [PATCH v2 0/2] Stop inheriting Icecat and add " Clément Lassieur
2024-01-25 22:54 ` [bug#68577] [PATCH v2 1/2] gnu: torbrowser: Stop inheriting Icecat Clément Lassieur
2024-01-25 22:55 ` [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser Clément Lassieur
@ 2024-02-04 1:48 ` Clément Lassieur
2024-02-05 14:10 ` bug#68577: " Clément Lassieur
2 siblings, 1 reply; 29+ messages in thread
From: Clément Lassieur @ 2024-02-04 1:48 UTC (permalink / raw)
To: 68577, Clément Lassieur, Mark H Weaver, André Batista,
Jonathan Brielmaier, Ian Eure
Cc: André Batista, Jonathan Brielmaier, Mark H Weaver
* gnu/packages/tor-browsers.scm (%moz-build-date): Rename to
%torbrowser-build-date.
(make-torbrowser, torbrowser): Add a ‘build-date’ parameter and use it.
(%mullvadbrowser-locales, %mullvadbrowser-build-date, %mullvadbrowser-version,
%mullvadbrowser-firefox-version, translation-mullvad-browser,
mullvadbrowser-assets, mullvadbrowser-base, mullvadbrowser): New variables.
Change-Id: Ie6d48823b3794710f60f0ae201a0297925221f66
---
gnu/packages/tor-browsers.scm | 173 +++++++++++++++++++++++++++++++++-
1 file changed, 171 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index fbae54922459..ec91bba3e4c1 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -148,7 +148,7 @@ (define %torbrowser-locales
;; We copy the official build id, which can be found there:
;; https://aus1.torproject.org/torbrowser/update_3/release/.
-(define %moz-build-date "20240115174022")
+(define %torbrowser-build-date "20240115174022")
;; To find the last version, look at https://www.torproject.org/download/.
(define %torbrowser-version "13.0.9")
@@ -160,6 +160,8 @@ (define %torbrowser-version "13.0.9")
(define %torbrowser-firefox-version "115.7.0esr-13.0-1-build1")
;; See tor-browser-build/projects/translation/config.
+;; If Tor Browser and Mullvad Browser updates are not synchronized, maybe this
+;; will have to be duplicated.
(define translation-base-browser
(origin
(method git-fetch)
@@ -218,6 +220,7 @@ (define* (make-torbrowser #:key
branding-directory
assets
locales
+ build-date
base-browser-version)
(package
(name "torbrowser")
@@ -538,7 +541,7 @@ (define* (make-torbrowser #:key
(setenv "MOZ_CHROME_MULTILOCALE"
(string-join (map car #$locales)))
;; Make build reproducible.
- (setenv "MOZ_BUILD_DATE" #$%moz-build-date)))
+ (setenv "MOZ_BUILD_DATE" #$build-date)))
(add-before 'configure 'mozconfig
(lambda* (#:key configure-flags #:allow-other-keys)
(with-output-to-file "mozconfig"
@@ -837,4 +840,170 @@ (define-public torbrowser
#:branding-directory "browser/branding/tb-release"
#:assets torbrowser-assets
#:locales %torbrowser-locales
+ #:build-date %torbrowser-build-date
#:base-browser-version %torbrowser-version))
+
+\f
+;; See tor-browser-build/rbm.conf for the list.
+;; See browser/locales/l10n-changesets.json for the changeset.
+;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
+(define %mullvadbrowser-locales
+ (mozilla-locales
+ ;; sha256 changeset locale
+ ;;---------------------------------------------------------------------------
+ ("14wnjv13alaj04pd8i8ysillbr3ic2jqa867rbj5ncz8h4hxxfxc" "4c7e24ef78bd" "ar")
+ ("0is7qbykv2pj0z9ll9r35vwjp0x29vmfr10yjl3s0amfaqzjqpqc" "0a0b774407cc" "da")
+ ("0yq7m4v7d7ayg90m66j73mflrnp709qw9n7skhpsl9h1wbhrd7q7" "633986260777" "de")
+ ("018qi9zn24kzfcidsj9lbqfg5n97r295yr8fs953nyfdbim9jsfv" "accf5e4506c0" "es-ES")
+ ("11prhmh2cp95dpv6z0k479mb11zbfm541bvigs3gnkh3nazjvc8q" "37aa71d77cb6" "fa")
+ ("1lv9l98q88ixb0ph970yzphahgzbl97x0w069bkxa54kblkv1ch1" "dc40a4fd5d0e" "fi")
+ ("0wx4k7mwhvpv5w0wa4y5pca2q3jac62jv804nxqnfwh1bvi90wv0" "415c1f0e84bd" "fr")
+ ("1n7l5idw9399n8ih1r1d6m8vzpzhwmnxmr9i7jvygkdc8d6adp1k" "07d5e1ff5f9b" "it")
+ ("1w6nw9cd92p1ndy82wwlq9xizyq3i8rq0nj7118gbxbx368mk2kj" "e6f9db9ce3e6" "ja")
+ ("116a8s0k2yvijy7qf0xpqm5w66gdzs32jhc06364sdar5v34lyhh" "805b85981696" "ko")
+ ("0kk3cjlpghbi7j3ndb2s0c7g838fzd2mpzg01bp0cra8lzd0n2ac" "4ab6f0d05aa6" "my")
+ ("1i3r2ici95mazw07m2mrf192fc6bfa3x6j3c2pcc1zg7z9srihgh" "561b0cd86ec1" "nb-NO")
+ ("1c0m8jhn52h1dif5bswrdwrlzppgga01y61wlii4aaaw15imd6yd" "2a55df0cc389" "nl")
+ ("1gssvg306b80drp7kvc35kvcxwldb5sga0bapaxhv362irq1nya8" "a64a7dab01c4" "pl")
+ ("1dzh13x85a7src8szbrq5pjmrbak4isln9xdwjk7a1yq4g9h7jgs" "33bf2a9f4c49" "pt-BR")
+ ("09x2jirf04kgc118a70z0xrb3msbm7vr4f41ig4xrwf2s5b816r3" "528b76d6aaca" "ru")
+ ("1cyimbd42aaq2amyhdbbx26jwsns77lsfl8g9a70bsjlpwzwzryg" "cc8e8962e59c" "sv-SE")
+ ("03mqrvcal7i172gf9239q9fnynfp5kg9b3r1w8gr9iz7rkr22gw5" "d361502c559e" "th")
+ ("12srgqkqwaidcwbz0y7zr59165f7aq5k5s3b81ql7ixdbwia91pm" "f6173aca4762" "tr")
+ ("1dl2dpif4wwrlpx7zkz5qf8kk4vhxyf63016xcfpbhxizqqwc1ki" "df2d025ed631" "zh-CN")
+ ("1c63ngff9lsc1x3pi6lnkyxw19gdc65yc67p7alzvrka3cv292ia" "11f8d68148a4" "zh-TW")))
+
+;; We copy the official build id, which can be found there:
+;; https://cdn.mullvad.net/browser/update_responses/update_1/release.
+(define %mullvadbrowser-build-date "20240115174108")
+
+;; To find the last version, look at
+;; https://mullvad.net/en/download/browser/linux.
+(define %mullvadbrowser-version "13.0.9")
+
+;; To find the last Firefox version, browse
+;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version>
+;; There should be only one archive that starts with
+;; "src-firefox-mullvad-browser-".
+(define %mullvadbrowser-firefox-version "115.7.0esr-13.0-1-build1")
+
+;; See tor-browser-build/projects/translation/config.
+(define translation-mullvad-browser
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://gitlab.torproject.org/tpo/translation.git")
+ (commit "57de1569da0e2c48fd999a13e555f6b522041993")))
+ (file-name "translation-mullvad-browser")
+ (sha256
+ (base32
+ "1q3979ac92c5mib573hx9w06x3hrfw7r52wzmj9r75sz2hhsmrq3"))))
+
+(define mullvadbrowser-assets
+ ;; This is a prebuilt Mullvad Browser from which we take the assets we need.
+ (package
+ (name "mullvadbrowser-assets")
+ (version %mullvadbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
+ version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1f930j3c1xq88cqlqmnj0m00k0hd63cmgnxd788sp9hz56al22sc"))))
+ (arguments
+ (list
+ #:install-plan
+ ''(("Browser" "." #:include-regexp
+ ("^\\./fonts/"
+ "^\\./fontconfig/fonts.conf"
+ ;; Mullvad Browser Extension
+ "^\\./distribution/extensions/\\{d19a89b9-76c1-4a61-bcd4-49e8de916403\\}.xpi"
+ )))))
+ (build-system copy-build-system)
+ (home-page "https://www.torproject.org")
+ (synopsis "Mullvad Browser assets")
+ (description "This package contains fonts and configuration files for
+Mullvad Browser.")
+ (license license:silofl1.1)))
+
+(define mullvadbrowser-base
+ (make-torbrowser #:moz-app-name "mullvadbrowser"
+ #:moz-app-remotingname "Mullvad Browser"
+ #:branding-directory "browser/branding/mb-release"
+ #:assets mullvadbrowser-assets
+ #:locales %mullvadbrowser-locales
+ #:build-date %mullvadbrowser-build-date
+ #:base-browser-version %mullvadbrowser-version))
+
+(define-public mullvadbrowser
+ (package
+ (inherit mullvadbrowser-base)
+ (name "mullvadbrowser")
+ (version %mullvadbrowser-version)
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append
+ "https://archive.torproject.org/tor-package-archive/mullvadbrowser/"
+ version "/src-firefox-mullvad-browser-"
+ %mullvadbrowser-firefox-version ".tar.xz"))
+ (sha256
+ (base32
+ "16chkc07pqr4ypmmgy4z2grvlpvbyr161gpzy72w35dgzzff46f9"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments mullvadbrowser-base)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (add-after 'unpack 'ublock-private-allowed
+ (lambda _
+ (substitute* "toolkit/components/extensions/Extension.sys.mjs"
+ ;; The code that gives the correct permission only applies to
+ ;; distribution add-ons (see installDistributionAddon() in
+ ;; XPIProvider.jsm).
+ (("this.isNoScript")
+ "this.isNoScript || this.id === \"uBlock0@raymondhill.net\""))))
+ ;; See tor-browser-build/projects/firefox/build.
+ (replace 'copy-torbrowser-locales
+ (lambda _
+ (for-each
+ (lambda (lang)
+ (system
+ (format #f "cp -Lr ~a/~a .mozbuild/l10n-central/"
+ #$translation-mullvad-browser lang)))
+ (map car #$%mullvadbrowser-locales))))
+ (add-before 'build 'fix-profiles
+ ;; Otherwise the profile would change every time the install
+ ;; location changes, that is: at every package update. These
+ ;; values are already the default values for Icecat and Tor
+ ;; Browser.
+ (lambda _
+ (substitute* "browser/moz.configure"
+ (("\"MOZ_DEDICATED_PROFILES\", True")
+ "\"MOZ_DEDICATED_PROFILES\", False")
+ (("\"MOZ_BLOCK_PROFILE_DOWNGRADE\", True")
+ "\"MOZ_BLOCK_PROFILE_DOWNGRADE\", False"))))
+ (add-after 'deploy-fonts 'deploy-extension
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (in-vicinity #$output "lib/mullvadbrowser")))
+ ;; Mullvad Browser Extension (FIXME: package it)
+ (copy-recursively
+ (in-vicinity #$mullvadbrowser-assets "distribution")
+ (in-vicinity lib "distribution")))))
+ (delete 'deploy-tor-assets)
+ (delete 'autoconfig-tor)))))
+ (inputs
+ (modify-inputs (package-inputs torbrowser)
+ (delete go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird)))
+ (propagated-inputs
+ (modify-inputs (package-propagated-inputs torbrowser)
+ (append ublock-origin/icecat)))
+ (home-page "https://mullvad.net/en/browser")
+ (synopsis "Privacy-focused web browser")
+ (description "Mullvad Browser is a privacy-focused web browser developed
+in collaboration between Mullvad VPN and the Tor Project. It’s produced to
+minimize tracking and fingerprinting.")))
base-commit: abeffc82379c4f9bd2e6226ea27453b22cb4e0c8
--
2.41.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser.
2024-01-31 16:20 ` Clément Lassieur
2024-02-02 1:52 ` André Batista
@ 2024-02-04 1:53 ` Clément Lassieur
1 sibling, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-02-04 1:53 UTC (permalink / raw)
To: 68577; +Cc: André Batista, Mark H Weaver, Jonathan Brielmaier, Ian Eure
On Wed, Jan 31 2024, Clément Lassieur wrote:
> I'll send an update for this patch : the build id is not the same as Tor
> Browser's build id[0].
>
> The Mullvad Browser one is 20240115174108. I found it by going to
> about:support, but if anyone knows a way to find it on the web, it'd
> help me automate things a bit.
I found a way to find the build id, added a comment, sent the update.
^ permalink raw reply [flat|nested] 29+ messages in thread
* bug#68577: [PATCH v3] gnu: Add mullvadbrowser.
2024-02-04 1:48 ` [bug#68577] [PATCH v3] " Clément Lassieur
@ 2024-02-05 14:10 ` Clément Lassieur
0 siblings, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-02-05 14:10 UTC (permalink / raw)
To: 68577-done
Cc: André Batista, Mark H Weaver, Jonathan Brielmaier, Ian Eure
On Sun, Feb 04 2024, Clément Lassieur wrote:
> * gnu/packages/tor-browsers.scm (%moz-build-date): Rename to
> %torbrowser-build-date.
> (make-torbrowser, torbrowser): Add a ‘build-date’ parameter and use it.
> (%mullvadbrowser-locales, %mullvadbrowser-build-date, %mullvadbrowser-version,
> %mullvadbrowser-firefox-version, translation-mullvad-browser,
> mullvadbrowser-assets, mullvadbrowser-base, mullvadbrowser): New variables.
>
> Change-Id: Ie6d48823b3794710f60f0ae201a0297925221f66
> ---
> gnu/packages/tor-browsers.scm | 173 +++++++++++++++++++++++++++++++++-
> 1 file changed, 171 insertions(+), 2 deletions(-)
Pushed.
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance.
2024-02-03 19:28 ` Mark H Weaver
@ 2024-02-07 15:52 ` Clément Lassieur
0 siblings, 0 replies; 29+ messages in thread
From: Clément Lassieur @ 2024-02-07 15:52 UTC (permalink / raw)
To: Mark H Weaver; +Cc: André Batista, 68577, Jonathan Brielmaier, Ian Eure
On Sat, Feb 03 2024, Mark H Weaver wrote:
> Hi André,
>
> First, let me say that I appreciate you and your contributions to Guix.
> I'm sorry that my message made you feel badly. That's not an apology,
> but rather a sincere feeling of sadness that your feelings were hurt.
>
> André Batista <nandre@riseup.net> writes:
>
>> seg 22 jan 2024 às 01:09:21 (1705896561), mhw@netris.org enviou:
>>> Hi Clément,
>>>
>>> I see now that in November, you added 'torbrowser', which inherits from
>>> 'icecat-minimal'.
>>>
>>> > commit 756ba0429e84ee0f8ce30484439b78c00c61d286
>>> > Author: Clément Lassieur <clement@lassieur.org>
>>> > Date: Sun Nov 12 02:23:27 2023 +0100
>>> >
>>> > gnu: Add torbrowser.
>>> >
>>> > * gnu/packages/tor.scm (torbrowser): New variable.
>>> > (torbrowser-assets): New variable.
>>> > * gnu/packages/browser-extensions.scm (noscript): New variable.
>>> > (noscript/icecat): New variable.
>>> >
>>> > Co-authored-by: André Batista <nandre@riseup.net>
>>> > Change-Id: I73dc53905e4a028108bb34aae07e44256cf16c85
>>>
>>> Did you consult me on this change? I don't remember seeing anything
>>> about this in my mailbox.
>
> Please note that this was simply a question, and not a rhetorical one.
> I asked the question because I do not want to assume that my failure to
> see an email implies that it was not sent to me. Any email can be lost
> due to spam filters, a man-in-the-middle who wishes to prevent delivery,
> or because the recipient overlooks it among the torrent of (mostly junk)
> mail that many of us receive.
>
>>> This change concerns me, because it compels me to coordinate with you
>>> when making nontrivial IceCat updates. As things stand now, it seems
>>> that the 'icecat' and 'torbrowser' packages must be updated together,
>>> in lock step.
>>>
>>> Also, do 'torbrowser' and 'mullvad' both comply with the requirements of
>>> the GNU FSDG? For example, do they support EME? Do they steer the user
>>> to nonfree software, e.g. nonfree addons.
>>
>> Considering I was cc'ed and part of the thread that led to that patch,
>> I'll consider myself invited to give a piece of my mind on your
>> comments.
>
> I'm glad that you did. It is far better than letting unspoken feelings
> fester indefinitely. I'm sorry that I was too overloaded to respond
> sooner.
>
>> First things first: when I sent the very first version of this patch, I
>> didn't use inheritance anywhere and it was actually suggested to me as
>> an improvement over what I had done[1].
> [...]
>> 1. https://lists.gnu.org/archive/html/guix-patches/2020-09/msg00261.html
>
> I looked at the messages in that thread from people other than you, but
> I was unable to find any suggestion to use inheritance. Can you point
> to the specific message where inheritance was suggested?
>
> What I do see is a suggestion by Ludovic to "think of ways to factorize
> code with IceCat". I agree with that suggestion, but not with the use
> of inheritance. Instead, I suggest creating a new (guix build icecat)
> module, and moving some of the code from the build phases of IceCat into
> Scheme procedures placed within that module. Of course, please CC me on
> any proposals along those lines.
>
>> Looking back, it is true I should have probably known better and have you
>> cc'ed right from the start. My code was heavily based on / similar to
>> Icecat's package definition and so it made sense to avoid duplication.
>> I didn't know and did not care to look who were the contributors to
>> Icecat's definition. I see now that I was careless and that my behaviour
>> could be seen as disrespectful. No disrespect was intended, but I
>> certainly could have done better and I do apologize for my shortcomings.
>
> For what it's worth, I don't believe that you were "careless" or
> "disrespectful", nor do I think that an apology is warranted here.
> As Clément correctly pointed out, I was not listed as a member of the
> mozilla team, and that reason alone makes it understandable that I would
> be overlooked.
>
> FYI, I've just recently added myself to the 'mozilla' team.
>
>> Now, do you believe me when I say that there was no ill will towards you
>> or others?
>
> Yes, and I never believed otherwise. I have neither perceived ill will
> from, nor felt ill will towards, you or Clément.
>
>> I ask this because your last comments strike me on the opposite sense.
>> Risking to add insult to injury, but in the hopes of gaining your help,
>> I'd say that your comments appear to be assuming ill intention on our
>> part towards you and somewhat belittle you at the same time.
>
> I made no such assumption.
>
>> Why do you assume to be compelled to do anything if you were not even
>> cc'ed? As things stand, my assumption here is that the burden would be
>> on us to either ask you directly or to keep a close eye on any changes
>> done to Icecat. IMO, you certainly wouldn't be to blame if you changed
>> something on Icecat and torbrowser/mullvad/librewolf had some issue. We
>> would.
>
> I would not feel compelled *by you*, but rather as an unintended
> consequence of your actions, due to my own desire to not break other
> packages while updating IceCat.
>
>> On the other hand, would it really be that much of added work if we were
>> to ask you to copy us when proposing some changes to Icecat? Would it be
>> presumptuous or forceful to ask that?
>
> The problem is partly due to my own (admittedly suboptimal) tendency to
> procastinate performing major IceCat updates until shortly before the
> previous ESR branch reaches end-of-life. These major updates, which
> occur approximately once per year, usually require substantial changes
> to the IceCat package definition. These changes are likely to break any
> other packages that inherit from the IceCat package, unless all of the
> inheriting packages are updated in lock-step within a single batch of
> commits.
>
> Theoretically, there is a window of 2-3 months when these major IceCat
> updates could be done, and therefore it would theoretically be possible
> to coordinate a lock-step update of IceCat, TorBrowser, and Mullvad at
> the same time. However, this would be an added burden on me, and I'm
> unwilling to commit to doing this.
>
>> More than that, it suprises me that after discovering these threads and
>> having a good amount of knowledge on building Icecat you've decided to
>> just lash out on us, instead of trying to be of help, reviewing the
>> proposed patches or letting we learn from our short-sightedness the hard
>> way.
>
> This idea that I "lashed out" at you is unsupported by my actual words.
> I think that you have made many assumptions about what I felt about you,
> when in fact I merely asked a question, and then proceeded to explain
> why the changes created a problem for me.
>
> I do not deny that I was *mildly* displeased at not being informed in
> advance about the changes you made. Of course, I expect to be CC'd on
> future updates that relate to the IceCat package, including any changes
> that could add more burdens on me when modifying the IceCat package,
> given that I feel a responsibility to try my best to avoid breaking
> other packages. However, I do not fault you in any way.
>
> Anyway: thanks again, André and Clément, for your contributions to Guix.
> I think well of you both, and I hope that this message will help to
> clear up any misunderstandings between us.
Thank you Mark for this message. I was a bit rude in the one I sent you
just before (I indeed thought your question was rhetorical); for this I
apologize. I hope we can work together to continue giving Guix high
quality web browsers, striving for privacy and freedom.
Kind regards,
Clément
^ permalink raw reply [flat|nested] 29+ messages in thread
end of thread, other threads:[~2024-02-07 15:53 UTC | newest]
Thread overview: 29+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-01-18 23:14 [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Clément Lassieur
2024-01-18 23:19 ` [bug#68577] [PATCH 1/2] gnu: icecat: Improve inheritance Clément Lassieur
2024-01-22 6:09 ` Mark H Weaver
2024-01-22 11:25 ` Clément Lassieur
2024-01-22 18:42 ` André Batista
2024-02-03 19:28 ` Mark H Weaver
2024-02-07 15:52 ` Clément Lassieur
2024-01-18 23:19 ` [bug#68577] [PATCH 2/2] gnu: Add mullvad-browser Clément Lassieur
2024-01-22 5:57 ` Mark H Weaver
2024-01-22 6:15 ` Mark H Weaver
2024-01-22 11:41 ` Clément Lassieur
2024-01-22 10:33 ` Clément Lassieur
2024-01-19 5:49 ` [bug#68577] [PATCH v2 0/2] gnu: Add Mullvad Browser Clément Lassieur
2024-01-19 5:11 ` [bug#68577] [PATCH v2 1/2] gnu: icecat: Improve inheritance Clément Lassieur
2024-01-19 5:12 ` [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser Clément Lassieur
2024-01-22 5:29 ` [bug#68577] [PATCH 0/2] gnu: Add Mullvad Browser Mark H Weaver
2024-01-22 10:23 ` Clément Lassieur
2024-01-22 12:10 ` Clément Lassieur
2024-01-25 22:41 ` [bug#68577] [PATCH v2 0/2] Stop inheriting Icecat and add " Clément Lassieur
2024-01-25 22:54 ` [bug#68577] [PATCH v2 1/2] gnu: torbrowser: Stop inheriting Icecat Clément Lassieur
2024-02-01 23:46 ` André Batista
2024-02-02 11:04 ` Clément Lassieur
2024-01-25 22:55 ` [bug#68577] [PATCH v2 2/2] gnu: Add mullvadbrowser Clément Lassieur
2024-01-31 16:20 ` Clément Lassieur
2024-02-02 1:52 ` André Batista
2024-02-02 12:03 ` Clément Lassieur
2024-02-04 1:53 ` Clément Lassieur
2024-02-04 1:48 ` [bug#68577] [PATCH v3] " Clément Lassieur
2024-02-05 14:10 ` bug#68577: " Clément Lassieur
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).