From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51090) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e76UZ-0005Lp-1K for guix-patches@gnu.org; Tue, 24 Oct 2017 17:12:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e76UU-0006dT-Ll for guix-patches@gnu.org; Tue, 24 Oct 2017 17:12:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:51623) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1e76UU-0006dA-8u for guix-patches@gnu.org; Tue, 24 Oct 2017 17:12:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1e76UT-0003rP-Vd for guix-patches@gnu.org; Tue, 24 Oct 2017 17:12:02 -0400 Subject: [bug#28004] Chromium Resent-Message-ID: From: Marius Bakke In-Reply-To: <87o9p45bb6.fsf@fastmail.com> References: <87y3qvb15k.fsf@fastmail.com> <20171010131949.y43plpzxbppvrigr@abyayala> <87lgkha2cx.fsf@gnu.org> <20171012195628.GA31843@jasmine.lan> <87shensfq6.fsf@gnu.org> <87o9p45bb6.fsf@fastmail.com> Date: Tue, 24 Oct 2017 23:11:10 +0200 Message-ID: <87efpsz1xt.fsf@fastmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Leo Famulari Cc: 28004@debbugs.gnu.org --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain Marius Bakke writes: > Anyway I'm attaching the current iteration of this patch. Chromium 62 > is out today, I'll try to update this weekend and will push it after > that in lieu of other feedback. Here is the interdiff for the 62 upgrade. I mixed in some unrelated changes after reading through Debians 61 refresh[0] and Archs 62 update[1], but overall it was straightforward (apart from the slow hack-test-fix cycle). --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=chromium-62.diff Content-Transfer-Encoding: quoted-printable diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm index 5693b70ff..f5ee95c2f 100644 =2D-- a/gnu/packages/chromium.scm +++ b/gnu/packages/chromium.scm @@ -32,6 +32,7 @@ #:use-module (gnu packages curl) #:use-module (gnu packages databases) #:use-module (gnu packages fontutils) + #:use-module (gnu packages ghostscript) #:use-module (gnu packages gl) #:use-module (gnu packages glib) #:use-module (gnu packages gnome) @@ -84,7 +85,7 @@ HTTP(S) URI that returns a file with the given HASH." ,@(package-arguments opus))))) =20 ;; Chromium since 58 depends on an unreleased libvpx. So, we =2D;; package the latest master branch as of 2017-10-12. +;; package the latest master branch as of 2017-10-22. (define libvpx+experimental (package (inherit libvpx) @@ -92,11 +93,11 @@ HTTP(S) URI that returns a file with the given HASH." (method git-fetch) (uri (git-reference (url "https://chromium.googlesource.com/webm/libvpx") =2D (commit "175b36cb6d2811c721d63277ba953ea817f32361"))) + (commit "b58259ab55674cb028898a0ac9e8fdd3cf1d4b39"))) (file-name "libvpx-for-chromium-checkout") (sha256 (base32 =2D "1j8ni29mcj74lfsc0hsha22zzp24ig53iki0id5bdfhzl8q1rpyk"))= )) + "0grx2p7add0qyycqvqiv3djk0i37xrg75phszg5mwnwd3ijv3qzj")))) ;; TODO: Make libvpx configure flags overrideable. (arguments `(#:phases @@ -122,27 +123,15 @@ HTTP(S) URI that returns a file with the given HASH." (define %chromium-gn-bootstrap.patch (remote-patch "chromium-gn-bootstrap.patch" "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-clien= t/\ =2Dchromium/files/chromium-gn-bootstrap-r14.patch?id=3D\ =2D900e6203d4015711887137bcd03c913361dbf41f" =2D "1050abvq24s1a5vd97d5ljb8bmv0wcdgkj3vk0scygkr1954qy4q")) =2D =2D(define %chromium-gcc-compat.patch =2D (remote-patch "chromium-gcc-compat.patch" =2D "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-cli= ent/\ =2Dchromium/files/chromium-gcc-r1.patch?id=3D506399c6ac2ace6501429925a608db= 9d7e502bde" =2D "0n5bc1ckq83vlfzh5k3frh7cp7hyhxii89iq2v4jg46lblqgxkqi")) +chromium/files/chromium-gn-bootstrap-r17.patch?id=3D\ +5c9cf110bd61fa287a5c536760b5d8ed13f65d52" + "12wsq3bs46mvr7cinxvqjmbzymigm8yzf478r08y9l6sd3qij4yq")) =20 (define %chromium-gcc-5-compat.patch (remote-patch "chromium-gcc-5-compat.patch" "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-clien= t/\ =2Dchromium/files/chromium-gcc5-r1.patch?id=3D506399c6ac2ace6501429925a608d= b9d7e502bde" =2D "0jz9sg24yzimcass3c3myynp3sf2c1rasrcwh7jn1gbbj4yp7j8v")) =2D =2D(define %chromium-atk-compat.patch =2D (remote-patch "chromium-atk-compat.patch" =2D "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-cli= ent/\ =2Dchromium/files/chromium-atk-r1.patch?id=3D506399c6ac2ace6501429925a608db= 9d7e502bde" =2D "13g9g1k9f3fqpgjhnlqvf5np6m58czr57zq1fqdf5y5nfyxrl3pw")) +chromium/files/chromium-gcc5-r3.patch?id=3D5c9cf110bd61fa287a5c536760b5d8e= d13f65d52" + "0qwl396w2bnc4ww71q3621chh9rfnw1m3w6nbd55sbhq8yz6jnx0")) =20 (define %chromium-system-nspr.patch (remote-patch "chromium-system-nspr.patch" @@ -159,7 +148,7 @@ plain/debian/patches/system/event.patch?id=3D64458c4216= edd82503dc9366e2f4d80ae7c76 (define-public chromium (package (name "chromium") =2D (version "61.0.3163.100") + (version "62.0.3202.62") (synopsis "Graphical web browser") (source (origin (method url-fetch) @@ -168,13 +157,12 @@ plain/debian/patches/system/event.patch?id=3D64458c42= 16edd82503dc9366e2f4d80ae7c76 version ".tar.xz")) (sha256 (base32 =2D "06r89jim9cq87668ya8wwk69hh17rl04cj94nb9c28v6mj69cda1")) + "0qn3pjq5n3ri3qh25wg5gd2as5a8wlkncqvi975xsab771833pz8")) (patches (append (list %chromium-gn-bootstrap.patch =2D %chromium-atk-compat.patch =2D %chromium-gcc-compat.patch %chromium-gcc-5-compat.patch %chromium-system-nspr.patch =2D %chromium-system-libevent.patch) + %chromium-system-libevent.patch + ) (search-patches "chromium-system-icu.patch" "chromium-disable-api-keys-warning.patch" @@ -271,6 +259,7 @@ plain/debian/patches/system/event.patch?id=3D64458c4216= edd82503dc9366e2f4d80ae7c76 "third_party/catapult/tracing/third_party/oboe" "third_party/ced" "third_party/cld_3" + "third_party/crc32c" "third_party/cros_system_api" "third_party/dom_distiller_js" "third_party/fips181" @@ -307,7 +296,7 @@ plain/debian/patches/system/event.patch?id=3D64458c4216= edd82503dc9366e2f4d80ae7c76 "third_party/modp_b64" "third_party/mt19937ar" "third_party/node" =2D "third_party/node/node_modules/vulcanize/third_part= y/UglifyJS2" + "third_party/node/node_modules/polymer-bundler/lib/th= ird_party/UglifyJS2" "third_party/openmax_dl" "third_party/ots" "third_party/pdfium" ;TODO: can be built standalone. @@ -320,6 +309,7 @@ plain/debian/patches/system/event.patch?id=3D64458c4216= edd82503dc9366e2f4d80ae7c76 "third_party/sfntly" "third_party/skia" "third_party/skia/third_party/vulkan" + "third_party/skia/third_party/gif" "third_party/smhasher" ;; XXX the sources that include this are generated. "third_party/speech-dispatcher" @@ -419,9 +409,14 @@ plain/debian/patches/system/event.patch?id=3D64458c421= 6edd82503dc9366e2f4d80ae7c76 "linux_use_bundled_binutils=3Dfalse" "use_custom_libcxx=3Dfalse" "use_sysroot=3Dfalse" + "goma_dir=3D\"\"" + "use_jumbo_build=3Dtrue" ;speeds up compilation + "enable_precompiled_headers=3Dfalse" "remove_webcore_debug_symbols=3Dtrue" "enable_iterator_debugging=3Dfalse" + "exclude_unwind_tables=3Dtrue" "override_build_date=3D\"01 01 2000 05:00:00\"" + "use_unofficial_version_number=3Dfalse" ;; Don't fail when using deprecated ffmpeg features. "treat_warnings_as_errors=3Dfalse" "enable_nacl=3Dfalse" @@ -433,8 +428,14 @@ plain/debian/patches/system/event.patch?id=3D64458c421= 6edd82503dc9366e2f4d80ae7c76 "use_official_google_api_keys=3Dfalse" ;; Disable "field trials". "fieldtrial_testing_like_official_build=3Dtrue" + "enable_reading_list=3Dfalse" + ;;"enable_reporting=3Dfalse" ;XXX breaks the build =20 + "use_openh264=3Dtrue" + "use_system_freetype=3Dtrue" "use_system_libjpeg=3Dtrue" + "use_system_lcms2=3Dtrue" + "use_system_zlib=3Dtrue" ;; This is currently not supported on Linux: ;; https://bugs.chromium.org/p/chromium/issues/detail= ?id=3D22208 ;; "use_system_sqlite=3Dtrue" @@ -443,7 +444,6 @@ plain/debian/patches/system/event.patch?id=3D64458c4216= edd82503dc9366e2f4d80ae7c76 "use_gnome_keyring=3Dfalse" ; deprecated by libsecret "use_xkbcommon=3Dtrue" "link_pulseaudio=3Dtrue" =2D "use_openh264=3Dtrue" =20 ;; Don't arbitrarily restrict formats supported by sy= stem ffmpeg. "proprietary_codecs=3Dtrue" @@ -454,7 +454,6 @@ plain/debian/patches/system/event.patch?id=3D64458c4216= edd82503dc9366e2f4d80ae7c76 ;; Don't use bundled sources. "rtc_build_json=3Dfalse" "rtc_build_libevent=3Dfalse" =2D "rtc_build_libjpeg=3Dfalse" "rtc_build_libvpx=3Dfalse" "rtc_build_opus=3Dfalse" "rtc_build_ssl=3Dfalse" @@ -595,8 +594,9 @@ plain/debian/patches/system/event.patch?id=3D64458c4216= edd82503dc9366e2f4d80ae7c76 ("gtk+-2" ,gtk+-2) ("gtk+" ,gtk+) ("harfbuzz" ,harfbuzz) =2D ("icu4c" ,icu4c) + ("icu4c" ,icu4c-59.1) ("jsoncpp" ,jsoncpp) + ("lcms" ,lcms) ("libevent" ,libevent) ("libffi" ,libffi) ("libjpeg-turbo" ,libjpeg-turbo) diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm index 55bc9f203..b12de6ff0 100644 =2D-- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@ -80,6 +81,23 @@ C/C++ part.") (origin-patches (package-source icu4c)) (search-patches "icu4c-CVE-2017-14952.patch")))))= )) =20 +(define-public icu4c-59.1 + (package + (inherit icu4c) + (version "59.1") + (source (origin + (method url-fetch) + (uri (string-append + "http://download.icu-project.org/files/icu4c/" + version + "/icu4c-" + (string-map (lambda (x) (if (char=3D? x #\.) #\_ x)) v= ersion) + "-src.tgz")) + (patches (search-patches "icu4c-CVE-2017-14952.patch")) + (sha256 + (base32 + "1zkmbg2932ggvpgjp8pys0cj6z8bw087y8858009shkrjfpzscki"))))= )) + (define-public java-icu4j (package (name "java-icu4j") --=-=-= Content-Type: text/plain Below is the full patch for convenience. I plan to commit it on Friday or Saturday, after a cosmetic check. Especially the description could use some work, and the grouping of "configure flags". One final note for future contributors is that Gentoo[2] is kind-of upstream for Chromium, as ChromiumOS is based on Portage and I've seen several Gentoo developers on the Chromium bug tracker. They often have early compatibility patches (e.g. when it invariably breaks with GCC). [0] https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/commit/?id=794aa1820460727711e534ea1042db7eebc1601d [1] https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/chromium&id=6ebdd8085de0b7c8bbc66e47b937271ab4a85fbd [2] https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: attachment; filename=0001-gnu-Add-chromium.patch Content-Transfer-Encoding: quoted-printable From=20021bccfd3fc3bf0e912d27cef9ca2de36346a379 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Wed, 12 Oct 2016 17:25:05 +0100 Subject: [PATCH] gnu: Add chromium. * gnu/packages/chromium.scm: New file. * gnu/packages/patches/chromium-disable-api-keys-warning.patch, gnu/packages/patches/chromium-disable-third-party-cookies.patch, gnu/packages/patches/chromium-system-icu.patch: New files. * gnu/local.mk: Record it. * gnu/packages/icu4c.scm (icu-59.1): New variable. =2D-- gnu/local.mk | 4 + gnu/packages/chromium.scm | 650 +++++++++++++++++= ++++ gnu/packages/icu4c.scm | 18 + .../chromium-disable-api-keys-warning.patch | 17 + .../chromium-disable-third-party-cookies.patch | 13 + gnu/packages/patches/chromium-system-icu.patch | 15 + 6 files changed, 717 insertions(+) create mode 100644 gnu/packages/chromium.scm create mode 100644 gnu/packages/patches/chromium-disable-api-keys-warning.= patch create mode 100644 gnu/packages/patches/chromium-disable-third-party-cooki= es.patch create mode 100644 gnu/packages/patches/chromium-system-icu.patch diff --git a/gnu/local.mk b/gnu/local.mk index f2044c985..274dcc87f 100644 =2D-- a/gnu/local.mk +++ b/gnu/local.mk @@ -87,6 +87,7 @@ GNU_SYSTEM_MODULES =3D \ %D%/packages/certs.scm \ %D%/packages/check.scm \ %D%/packages/chez.scm \ + %D%/packages/chromium.scm \ %D%/packages/ci.scm \ %D%/packages/cinnamon.scm \ %D%/packages/cmake.scm \ @@ -560,6 +561,9 @@ dist_patch_DATA =3D \ %D%/packages/patches/chicken-CVE-2017-6949.patch \ %D%/packages/patches/chicken-CVE-2017-11343.patch \ %D%/packages/patches/chmlib-inttypes.patch \ + %D%/packages/patches/chromium-disable-api-keys-warning.patch \ + %D%/packages/patches/chromium-disable-third-party-cookies.patch \ + %D%/packages/patches/chromium-system-icu.patch \ %D%/packages/patches/clang-libc-search-path.patch \ %D%/packages/patches/clang-3.8-libc-search-path.patch \ %D%/packages/patches/clisp-remove-failing-test.patch \ diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm new file mode 100644 index 000000000..f5ee95c2f =2D-- /dev/null +++ b/gnu/packages/chromium.scm @@ -0,0 +1,650 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright =C2=A9 2016, 2017 Marius Bakke +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages chromium) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix git-download) + #:use-module (guix utils) + #:use-module (guix build-system gnu) + #:use-module (gnu packages) + #:use-module (gnu packages assembly) + #:use-module (gnu packages base) + #:use-module (gnu packages bison) + #:use-module (gnu packages compression) + #:use-module (gnu packages cups) + #:use-module (gnu packages curl) + #:use-module (gnu packages databases) + #:use-module (gnu packages fontutils) + #:use-module (gnu packages ghostscript) + #:use-module (gnu packages gl) + #:use-module (gnu packages glib) + #:use-module (gnu packages gnome) + #:use-module (gnu packages gnuzilla) + #:use-module (gnu packages gperf) + #:use-module (gnu packages gtk) + #:use-module (gnu packages icu4c) + #:use-module (gnu packages image) + #:use-module (gnu packages libevent) + #:use-module (gnu packages libffi) + #:use-module (gnu packages libusb) + #:use-module (gnu packages linux) + #:use-module (gnu packages kerberos) + #:use-module (gnu packages ninja) + #:use-module (gnu packages node) + #:use-module (gnu packages pciutils) + #:use-module (gnu packages photo) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages protobuf) + #:use-module (gnu packages pulseaudio) + #:use-module (gnu packages python) + #:use-module (gnu packages regex) + #:use-module (gnu packages serialization) + #:use-module (gnu packages speech) + #:use-module (gnu packages tls) + #:use-module (gnu packages valgrind) + #:use-module (gnu packages version-control) + #:use-module (gnu packages video) + #:use-module (gnu packages xiph) + #:use-module (gnu packages xml) + #:use-module (gnu packages xdisorg) + #:use-module (gnu packages xorg)) + +(define (remote-patch file-name uri hash) + "Return an object with the given FILE-NAME. URI must be a FTP = or +HTTP(S) URI that returns a file with the given HASH." + (origin + (method url-fetch) + (uri uri) + (sha256 (base32 hash)) + (file-name file-name))) + +(define opus+custom + (package (inherit opus) + (arguments + `(;; Opus Custom is an optional extension of the Opus + ;; specification that allows for unsupported frame + ;; sizes. Chromium requires that this is enabled. + #:configure-flags '("--enable-custom-modes") + ,@(package-arguments opus))))) + +;; Chromium since 58 depends on an unreleased libvpx. So, we +;; package the latest master branch as of 2017-10-22. +(define libvpx+experimental + (package + (inherit libvpx) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://chromium.googlesource.com/webm/libvpx") + (commit "b58259ab55674cb028898a0ac9e8fdd3cf1d4b39"))) + (file-name "libvpx-for-chromium-checkout") + (sha256 + (base32 + "0grx2p7add0qyycqvqiv3djk0i37xrg75phszg5mwnwd3ijv3qzj")))) + ;; TODO: Make libvpx configure flags overrideable. + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + (setenv "CONFIG_SHELL" (which "bash")) + (let ((out (assoc-ref outputs "out"))) + (setenv "LDFLAGS" + (string-append "-Wl,-rpath=3D" out "/lib")) + (zero? (system* "./configure" + "--enable-shared" + "--as=3Dyasm" + ;; Limit size to avoid CVE-2015-1258 + "--size-limit=3D16384x16384" + ;; Spatial SVC is an experimental VP9 encod= er + ;; used by some packages (i.e. Chromium). + "--enable-experimental" + "--enable-spatial-svc" + (string-append "--prefix=3D" out))))))) + #:tests? #f)))) ; No tests. + +(define %chromium-gn-bootstrap.patch + (remote-patch "chromium-gn-bootstrap.patch" + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-clien= t/\ +chromium/files/chromium-gn-bootstrap-r17.patch?id=3D\ +5c9cf110bd61fa287a5c536760b5d8ed13f65d52" + "12wsq3bs46mvr7cinxvqjmbzymigm8yzf478r08y9l6sd3qij4yq")) + +(define %chromium-gcc-5-compat.patch + (remote-patch "chromium-gcc-5-compat.patch" + "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-clien= t/\ +chromium/files/chromium-gcc5-r3.patch?id=3D5c9cf110bd61fa287a5c536760b5d8e= d13f65d52" + "0qwl396w2bnc4ww71q3621chh9rfnw1m3w6nbd55sbhq8yz6jnx0")) + +(define %chromium-system-nspr.patch + (remote-patch "chromium-system-nspr.patch" + "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium= .git/\ +plain/debian/patches/system/nspr.patch?id=3D64458c4216edd82503dc9366e2f4d8= 0ae7c763b0" + "0l69sq3w9n5zygykf1gfzp1zfb7gkjk62nnvbrmkn00gzq6cc643")) + +(define %chromium-system-libevent.patch + (remote-patch "chromium-system-libevent.patch" + "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium= .git/\ +plain/debian/patches/system/event.patch?id=3D64458c4216edd82503dc9366e2f4d= 80ae7c763b0" + "0vibc92kwycm8jlyfa49135nq0flm6gkrf8ic76m5rkraclijvn9")) + +(define-public chromium + (package + (name "chromium") + (version "62.0.3202.62") + (synopsis "Graphical web browser") + (source (origin + (method url-fetch) + (uri (string-append "https://commondatastorage.googleapis.co= m/" + "chromium-browser-official/chromium-" + version ".tar.xz")) + (sha256 + (base32 + "0qn3pjq5n3ri3qh25wg5gd2as5a8wlkncqvi975xsab771833pz8")) + (patches (append (list %chromium-gn-bootstrap.patch + %chromium-gcc-5-compat.patch + %chromium-system-nspr.patch + %chromium-system-libevent.patch + ) + (search-patches + "chromium-system-icu.patch" + "chromium-disable-api-keys-warning.patch" + "chromium-disable-third-party-cookies.patc= h"))) + (modules '((srfi srfi-1) + (guix build utils))) + (snippet + '(begin + ;; Replace GN files from third_party with shims for buil= ding + ;; against system libraries. Keep this list in sync with + ;; "build/linux/unbundle/replace_gn_files.py". + (for-each (lambda (pair) + (let ((source (string-append + "build/linux/unbundle/" (car = pair))) + (dest (cdr pair))) + (copy-file source dest))) + (list + '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn") + '("flac.gn" . "third_party/flac/BUILD.gn") + '("freetype.gn" . "third_party/freetype/BUILD= .gn") + '("harfbuzz-ng.gn" . "third_party/harfbuzz-ng= /BUILD.gn") + '("icu.gn" . "third_party/icu/BUILD.gn") + '("libdrm.gn" . "third_party/libdrm/BUILD.gn") + '("libevent.gn" . "base/third_party/libevent/= BUILD.gn") + '("libjpeg.gn" . + "build/secondary/third_party/libjpeg_turbo/= BUILD.gn") + '("libpng.gn" . "third_party/libpng/BUILD.gn") + '("libvpx.gn" . "third_party/libvpx/BUILD.gn") + '("libwebp.gn" . "third_party/libwebp/BUILD.g= n") + ;;'("libxml.gn" . "third_party/libxml/BUILD.g= n") ;TODO + '("libxslt.gn" . "third_party/libxslt/BUILD.g= n") + '("openh264.gn" . "third_party/openh264/BUILD= .gn") + '("opus.gn" . "third_party/opus/BUILD.gn") + '("re2.gn" . "third_party/re2/BUILD.gn") + '("snappy.gn" . "third_party/snappy/BUILD.gn") + '("yasm.gn" . "third_party/yasm/yasm_assemble= .gni") + '("zlib.gn" . "third_party/zlib/BUILD.gn"))) + #t)))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; TODO: Maybe run --headless or something. + ;; FIXME: There is a "gn" option specifically for setting -rpath, b= ut + ;; it's not recognized when passed. + #:validate-runpath? #f + #:modules ((srfi srfi-26) + (ice-9 ftw) + (ice-9 regex) + (guix build gnu-build-system) + (guix build utils)) + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'remove-bundled-software + (lambda _ + (let ((keep-libs + (list + ;; Third party folders that cannot be deleted yet. + "base/third_party/dmg_fp" + "base/third_party/dynamic_annotations" + "base/third_party/icu" + "base/third_party/libevent" + "base/third_party/nspr" + "base/third_party/superfasthash" + "base/third_party/symbolize" ; glog + "base/third_party/xdg_mime" + "base/third_party/xdg_user_dirs" + "buildtools/third_party/libc++" + "chrome/third_party/mozilla_security_manager" + "courgette/third_party" + "net/third_party/mozilla_security_manager" + "net/third_party/nss" + "third_party/adobe/flash/flapper_version.h" + ;; FIXME: This is used in: + ;; * ui/webui/resources/js/analytics.js + ;; * ui/file_manager/ + "third_party/analytics" + "third_party/angle" + "third_party/angle/src/common/third_party/base" + "third_party/angle/src/common/third_party/murmurhash" + "third_party/angle/src/third_party/compiler" + "third_party/angle/src/third_party/libXNVCtrl" + "third_party/angle/src/third_party/trace_event" + "third_party/boringssl" + "third_party/brotli" + "third_party/cacheinvalidation" + "third_party/catapult" + "third_party/catapult/third_party/polymer" + "third_party/catapult/third_party/py_vulcanize" + "third_party/catapult/third_party/py_vulcanize/third_= party/rcssmin" + "third_party/catapult/third_party/py_vulcanize/third_= party/rjsmin" + "third_party/catapult/tracing/third_party/d3" + "third_party/catapult/tracing/third_party/gl-matrix" + "third_party/catapult/tracing/third_party/jszip" + "third_party/catapult/tracing/third_party/mannwhitney= u" + "third_party/catapult/tracing/third_party/oboe" + "third_party/ced" + "third_party/cld_3" + "third_party/crc32c" + "third_party/cros_system_api" + "third_party/dom_distiller_js" + "third_party/fips181" + "third_party/flatbuffers" + ;; XXX Needed by pdfium since 59. + "third_party/freetype" + "third_party/glslang-angle" + "third_party/google_input_tools" + "third_party/google_input_tools/third_party/closure_l= ibrary" + (string-append "third_party/google_input_tools/third_= party" + "/closure_library/third_party/closure") + "third_party/googletest" + "third_party/hunspell" + "third_party/iccjpeg" + "third_party/inspector_protocol" + "third_party/jinja2" + "third_party/jstemplate" + "third_party/khronos" + "third_party/leveldatabase" + "third_party/libXNVCtrl" + "third_party/libaddressinput" + "third_party/libjingle_xmpp" + "third_party/libphonenumber" + "third_party/libsecret" ;FIXME: needs pkg-config supp= ort. + "third_party/libsrtp" ;TODO: Requires libsrtp@2. + "third_party/libudev" + "third_party/libwebm" + "third_party/libxml" ;FIXME: Unbundle (again). + "third_party/libyuv" + "third_party/lss" + "third_party/lzma_sdk" + "third_party/markupsafe" + "third_party/mesa" + "third_party/modp_b64" + "third_party/mt19937ar" + "third_party/node" + "third_party/node/node_modules/polymer-bundler/lib/th= ird_party/UglifyJS2" + "third_party/openmax_dl" + "third_party/ots" + "third_party/pdfium" ;TODO: can be built standalone. + "third_party/pdfium/third_party" + "third_party/ply" + "third_party/polymer" + "third_party/protobuf" + "third_party/protobuf/third_party/six" + "third_party/qcms" + "third_party/sfntly" + "third_party/skia" + "third_party/skia/third_party/vulkan" + "third_party/skia/third_party/gif" + "third_party/smhasher" + ;; XXX the sources that include this are generated. + "third_party/speech-dispatcher" + "third_party/spirv-headers" + "third_party/spirv-tools-angle" + "third_party/sqlite" + "third_party/swiftshader" + "third_party/swiftshader/third_party" + "third_party/usb_ids" + "third_party/usrsctp" + "third_party/vulkan" + "third_party/vulkan-validation-layers" + "third_party/WebKit" + "third_party/web-animations-js" + "third_party/webrtc" + "third_party/widevine/cdm/widevine_cdm_version.h" + "third_party/widevine/cdm/widevine_cdm_common.h" + "third_party/woff2" + "third_party/xdg-utils" + "third_party/yasm/run_yasm.py" + "third_party/zlib/google" + "url/third_party/mozilla" + "v8/src/third_party/valgrind" + "v8/third_party/inspector_protocol"))) + ;; FIXME: implement as source snippet. This traverses + ;; any "third_party" directory and deletes files that are: + ;; * not ending with ".gn" or ".gni"; or + ;; * not explicitly named as argument (folder or file). + (zero? (apply system* "python" + "build/linux/unbundle/remove_bundled_librarie= s.py" + "--do-remove" keep-libs))))) + (add-after 'remove-bundled-software 'patch-stuff + (lambda* (#:key inputs #:allow-other-keys) + (substitute* "printing/cups_config_helper.py" + (("cups_config =3D.*") + (string-append "cups_config =3D '" (assoc-ref inputs "cups= ") + "/bin/cups-config'\n"))) + + (substitute* + '("base/process/launch_posix.cc" + "base/tracked_objects.cc" + "base/third_party/dynamic_annotations/dynamic_annotatio= ns.c" + "sandbox/linux/seccomp-bpf/sandbox_bpf.cc" + "sandbox/linux/services/credentials.cc" + "sandbox/linux/services/namespace_utils.cc" + "sandbox/linux/services/syscall_wrappers.cc" + "sandbox/linux/syscall_broker/broker_host.cc") + (("include \"base/third_party/valgrind/") "include \"valgri= nd/")) + + (for-each (lambda (file) + (substitute* file + ;; Fix opus include path. + ;; Do not substitute opus_private.h. + (("#include \"opus\\.h\"") + "#include \"opus/opus.h\"") + (("#include \"opus_custom\\.h\"") + "#include \"opus/opus_custom.h\"") + (("#include \"opus_defines\\.h\"") + "#include \"opus/opus_defines.h\"") + (("#include \"opus_multistream\\.h\"") + "#include \"opus/opus_multistream.h\"") + (("#include \"opus_types\\.h\"") + "#include \"opus/opus_types.h\""))) + (append (find-files "third_party/opus/src/celt") + (find-files "third_party/opus/src/src") + (find-files (string-append "third_party/web= rtc/modules" + "/audio_coding/c= odecs/opus")))) + + (substitute* "chrome/common/chrome_paths.cc" + (("/usr/share/chromium/extensions") + ;; TODO: Add ~/.guix-profile. + "/run/current-system/profile/share/chromium/extensions")) + + (substitute* "breakpad/src/common/linux/libcurl_wrapper.h" + (("include \"third_party/curl") "include \"curl")) + (substitute* "media/base/decode_capabilities.cc" + (("third_party/libvpx/source/libvpx/") "")) + + ;; We don't cross compile most packages, so get rid of the + ;; unnecessary ARCH-linux-gnu* prefix. + (substitute* "build/toolchain/linux/BUILD.gn" + (("aarch64-linux-gnu-") "") + (("arm-linux-gnueabihf-") "")) + #t)) + (replace 'configure + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((gn-flags + (list + ;; See tools/gn/docs/cookbook.md and + ;; https://www.chromium.org/developers/gn-build-confi= guration + ;; for usage. Run "./gn args . --list" in the Release + ;; directory for an exhaustive list of supported flag= s. + "is_debug=3Dfalse" + "is_official_build=3Dfalse" + "is_clang=3Dfalse" + "use_gold=3Dfalse" + "linux_use_bundled_binutils=3Dfalse" + "use_custom_libcxx=3Dfalse" + "use_sysroot=3Dfalse" + "goma_dir=3D\"\"" + "use_jumbo_build=3Dtrue" ;speeds up compilation + "enable_precompiled_headers=3Dfalse" + "remove_webcore_debug_symbols=3Dtrue" + "enable_iterator_debugging=3Dfalse" + "exclude_unwind_tables=3Dtrue" + "override_build_date=3D\"01 01 2000 05:00:00\"" + "use_unofficial_version_number=3Dfalse" + ;; Don't fail when using deprecated ffmpeg features. + "treat_warnings_as_errors=3Dfalse" + "enable_nacl=3Dfalse" + "enable_nacl_nonsfi=3Dfalse" + "use_allocator=3D\"none\"" ; Don't use tcmalloc. + ;; Don't add any API keys. End users can set them in = the + ;; environment if necessary. + ;; https://www.chromium.org/developers/how-tos/api-ke= ys + "use_official_google_api_keys=3Dfalse" + ;; Disable "field trials". + "fieldtrial_testing_like_official_build=3Dtrue" + "enable_reading_list=3Dfalse" + ;;"enable_reporting=3Dfalse" ;XXX breaks the build + + "use_openh264=3Dtrue" + "use_system_freetype=3Dtrue" + "use_system_libjpeg=3Dtrue" + "use_system_lcms2=3Dtrue" + "use_system_zlib=3Dtrue" + ;; This is currently not supported on Linux: + ;; https://bugs.chromium.org/p/chromium/issues/detail= ?id=3D22208 + ;; "use_system_sqlite=3Dtrue" + "use_gtk3=3Dtrue" + "use_gconf=3Dfalse" ; deprecated by gsettings + "use_gnome_keyring=3Dfalse" ; deprecated by libsecret + "use_xkbcommon=3Dtrue" + "link_pulseaudio=3Dtrue" + + ;; Don't arbitrarily restrict formats supported by sy= stem ffmpeg. + "proprietary_codecs=3Dtrue" + "ffmpeg_branding=3D\"Chrome\"" + + ;; WebRTC stuff. + "rtc_use_h264=3Dtrue" + ;; Don't use bundled sources. + "rtc_build_json=3Dfalse" + "rtc_build_libevent=3Dfalse" + "rtc_build_libvpx=3Dfalse" + "rtc_build_opus=3Dfalse" + "rtc_build_ssl=3Dfalse" + ;; TODO: Package these. + "rtc_build_libsrtp=3Dtrue" ; 2.0 + "rtc_build_libyuv=3Dtrue" + "rtc_build_openmax_dl=3Dtrue" + "rtc_build_usrsctp=3Dtrue" + (string-append "rtc_jsoncpp_root=3D\"" + (assoc-ref inputs "jsoncpp") + "/include/jsoncpp/json\"") + (string-append "rtc_ssl_root=3D\"" + (assoc-ref inputs "openssl") + "/include/openssl\"")))) + + ;; XXX: How portable is this. + (mkdir-p "third_party/node/linux/node-linux-x64") + (symlink (string-append (assoc-ref inputs "node") "/bin") + "third_party/node/linux/node-linux-x64/bin") + + (setenv "CC" "gcc") + (setenv "CXX" "g++") + ;; TODO: pre-compile instead. Avoids a race condition. + (setenv "PYTHONDONTWRITEBYTECODE" "1") + (and + ;; Build the "gn" tool. + (zero? (system* "python" + "tools/gn/bootstrap/bootstrap.py" "-s" "-v= ")) + ;; Generate ninja build files. + (zero? (system* "./out/Release/gn" "gen" "out/Release" + (string-append "--args=3D" + (string-join gn-flags " "))= )))))) + (replace 'build + (lambda* (#:key outputs #:allow-other-keys) + (zero? (system* "ninja" "-C" "out/Release" + "-j" (number->string (parallel-job-count)) + "chrome")))) + (replace 'install + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin")) + (exe (string-append bin "/chromium")) + (lib (string-append out "/lib")) + (man (string-append out "/share/man/man1")) + (applications (string-append out "/share/application= s")) + (install-regexp (make-regexp "\\.(so|bin|pak)$")) + (locales (string-append lib "/locales")) + (resources (string-append lib "/resources")) + (gtk+ (assoc-ref inputs "gtk+")) + (mesa (assoc-ref inputs "mesa")) + (nss (assoc-ref inputs "nss")) + (udev (assoc-ref inputs "udev")) + (sh (which "sh"))) + + (mkdir-p applications) + (call-with-output-file (string-append applications + "/chromium.desktop") + (lambda (port) + (format port + "[Desktop Entry]~@ + Name=3DChromium~@ + Comment=3D~a~@ + Exec=3D~a~@ + Icon=3Dchromium.png~@ + Type=3DApplication~%" ,synopsis exe))) + + (with-directory-excursion "out/Release" + (for-each (lambda (file) + (install-file file lib)) + (scandir "." (cut regexp-exec install-regexp <>= ))) + (copy-file "chrome" (string-append lib "/chromium")) + + ;; TODO: Install icons from "../../chrome/app/themes" into + ;; "out/share/icons/hicolor/$size". + (install-file + "product_logo_48.png" + (string-append out "/share/icons/48x48/chromium.png")) + + (copy-recursively "locales" locales) + (copy-recursively "resources" resources) + + (mkdir-p man) + (copy-file "chrome.1" (string-append man "/chromium.1")) + + (mkdir-p bin) + ;; Add a thin wrapper to prevent the user from inadverten= tly + ;; installing non-free software through the Web Store. + ;; TODO: Discover extensions from the profile and pass + ;; something like "--disable-extensions-except=3D...". + (call-with-output-file exe + (lambda (port) + (format port + "#!~a~@ + CHROMIUM_FLAGS=3D\"--disable-background-netwo= rking\"~@ + if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@ + then~@ + CHROMIUM_FLAGS=3D\"$CHROMIUM_FLAGS --disa= ble-extensions\"~@ + fi~@ + exec ~a $CHROMIUM_FLAGS \"$@\"~%" + sh (string-append lib "/chromium")))) + (chmod exe #o755) + + (wrap-program exe + ;; TODO: Get these in RUNPATH. + `("LD_LIBRARY_PATH" ":" prefix + (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:" + mesa "/lib:" udev "/lib"))) + ;; Avoid file manager crash. See . + `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/sh= are")))) + #t))))))) + (native-inputs + `(("bison" ,bison) + ("git" ,git) ;last_commit_position.py + ("gperf" ,gperf) + ("ninja" ,ninja) + ("node" ,node) + ("pkg-config" ,pkg-config) + ("which" ,which) + ("yasm" ,yasm) + + ("python-beautifulsoup4" ,python2-beautifulsoup4) + ("python-html5lib" ,python2-html5lib) + ("python" ,python-2))) + (inputs + `(("alsa-lib" ,alsa-lib) + ("atk" ,atk) + ("cups" ,cups) + ("curl" ,curl) + ("dbus" ,dbus) + ("dbus-glib" ,dbus-glib) + ("expat" ,expat) + ("flac" ,flac) + ("ffmpeg" ,ffmpeg) + ("fontconfig" ,fontconfig) + ("freetype" ,freetype) + ("gdk-pixbuf" ,gdk-pixbuf) + ("glib" ,glib) + ("gtk+-2" ,gtk+-2) + ("gtk+" ,gtk+) + ("harfbuzz" ,harfbuzz) + ("icu4c" ,icu4c-59.1) + ("jsoncpp" ,jsoncpp) + ("lcms" ,lcms) + ("libevent" ,libevent) + ("libffi" ,libffi) + ("libjpeg-turbo" ,libjpeg-turbo) + ("libpng" ,libpng) + ("libusb" ,libusb) + ("libvpx" ,libvpx+experimental) + ("libwebp" ,libwebp) + ("libx11" ,libx11) + ("libxcb" ,libxcb) + ("libxcomposite" ,libxcomposite) + ("libxcursor" ,libxcursor) + ("libxdamage" ,libxdamage) + ("libxext" ,libxext) + ("libxfixes" ,libxfixes) + ("libxi" ,libxi) + ("libxkbcommon" ,libxkbcommon) + ("libxml2" ,libxml2) + ("libxrandr" ,libxrandr) + ("libxrender" ,libxrender) + ("libxscrnsaver" ,libxscrnsaver) + ("libxslt" ,libxslt) + ("libxtst" ,libxtst) + ("mesa" ,mesa) + ("minizip" ,minizip) + ("mit-krb5" ,mit-krb5) + ("nss" ,nss) + ("openh264" ,openh264) + ("openssl" ,openssl) + ("opus" ,opus+custom) + ("pango" ,pango) + ("pciutils" ,pciutils) + ("protobuf" ,protobuf) + ("pulseaudio" ,pulseaudio) + ("re2" ,re2) + ("snappy" ,snappy) + ("speech-dispatcher" ,speech-dispatcher) + ("sqlite" ,sqlite) + ("udev" ,eudev) + ("valgrind" ,valgrind))) + (home-page "https://www.chromium.org/") + (description + "Chromium is a web browser using the @code{Blink} rendering engine.") + ;; Chromium is developed as BSD-3, but bundles a large number of third= -party + ;; software with other licenses. For full information, see chrome://cr= edits. + (license (list license:bsd-3 + license:bsd-2 + license:expat + license:asl2.0 + license:mpl2.0 + license:public-domain + license:lgpl2.1+)))) diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm index 55bc9f203..b12de6ff0 100644 =2D-- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@ -4,6 +4,7 @@ ;;; Copyright =C2=A9 2016 Efraim Flashner ;;; Copyright =C2=A9 2017 Cl=C3=A9ment Lassieur ;;; Copyright =C2=A9 2017 Ricardo Wurmus +;;; Copyright =C2=A9 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -80,6 +81,23 @@ C/C++ part.") (origin-patches (package-source icu4c)) (search-patches "icu4c-CVE-2017-14952.patch")))))= )) =20 +(define-public icu4c-59.1 + (package + (inherit icu4c) + (version "59.1") + (source (origin + (method url-fetch) + (uri (string-append + "http://download.icu-project.org/files/icu4c/" + version + "/icu4c-" + (string-map (lambda (x) (if (char=3D? x #\.) #\_ x)) v= ersion) + "-src.tgz")) + (patches (search-patches "icu4c-CVE-2017-14952.patch")) + (sha256 + (base32 + "1zkmbg2932ggvpgjp8pys0cj6z8bw087y8858009shkrjfpzscki"))))= )) + (define-public java-icu4j (package (name "java-icu4j") diff --git a/gnu/packages/patches/chromium-disable-api-keys-warning.patch b= /gnu/packages/patches/chromium-disable-api-keys-warning.patch new file mode 100644 index 000000000..c7e219f40 =2D-- /dev/null +++ b/gnu/packages/patches/chromium-disable-api-keys-warning.patch @@ -0,0 +1,17 @@ +Disable warning about missing API keys. + +Copied from: + +https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/= patches/disable/google-api-warning.patch + +--- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc ++++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc +@@ -816,8 +816,6 @@ void StartupBrowserCreatorImpl::AddInfoB + !command_line_.HasSwitch(switches::kTestType) && + !command_line_.HasSwitch(switches::kEnableAutomation)) { + chrome::ShowBadFlagsPrompt(browser); +- GoogleApiKeysInfoBarDelegate::Create(InfoBarService::FromWebContents( +- browser->tab_strip_model()->GetActiveWebContents())); + ObsoleteSystemInfoBarDelegate::Create(InfoBarService::FromWebContents( + browser->tab_strip_model()->GetActiveWebContents())); +=20 diff --git a/gnu/packages/patches/chromium-disable-third-party-cookies.patc= h b/gnu/packages/patches/chromium-disable-third-party-cookies.patch new file mode 100644 index 000000000..0694c35f3 =2D-- /dev/null +++ b/gnu/packages/patches/chromium-disable-third-party-cookies.patch @@ -0,0 +1,13 @@ +Disable third party cookies by default. + +--- a/components/content_settings/core/browser/cookie_settings.cc ++++ b/components/content_settings/core/browser/cookie_settings.cc +@@ -101,7 +101,7 @@ void CookieSettings::GetCookieSettings( + void CookieSettings::RegisterProfilePrefs( + user_prefs::PrefRegistrySyncable* registry) { + registry->RegisterBooleanPref( +- prefs::kBlockThirdPartyCookies, false, ++ prefs::kBlockThirdPartyCookies, true, + user_prefs::PrefRegistrySyncable::SYNCABLE_PREF); + } +=20 diff --git a/gnu/packages/patches/chromium-system-icu.patch b/gnu/packages/= patches/chromium-system-icu.patch new file mode 100644 index 000000000..c35c1b75c =2D-- /dev/null +++ b/gnu/packages/patches/chromium-system-icu.patch @@ -0,0 +1,15 @@ +description: maintain compatibility with system icu library +author: Michael Gilbert + +--- a/BUILD.gn ++++ b/BUILD.gn +@@ -657,8 +657,7 @@ group("gn_all") { + } + } +=20 +- if ((is_linux && !is_chromeos && !is_chromecast) || (is_win && use_drfu= zz) || +- (use_libfuzzer && is_mac)) { ++ if (false) { + deps +=3D [ + "//testing/libfuzzer/fuzzers", + "//testing/libfuzzer/tests:libfuzzer_tests", =2D-=20 2.14.3 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlnvrG4ACgkQoqBt8qM6 VPoBVAf/UbHKaag7cX0rOfVE+gMfe7MhXHLHsOI8gDTx5UXKqvta+hg5iWiEX2Of AE0prNmx/u7DQc0MXVi3USpC1fmC8W6W/wI4L0rrgYDQzAyGqayNjVqiTIDB0CH/ iFaFSAMLoyy+oB5+IAAp7P0pLeCufIPxUcorMlzJ+snC7HEKtEItGLDFFkx6jWr4 MEaLLGVnd7RfgZmbO5bGei4sd8uLLwQ3xyPP4hBwLKBhgmcNsw8Ep6bHS0eMLzrn bugXnAzrqzNcobUnFPvYDBXUe7RhfVJlY+2U378Kw/jpPq95qx+tyDBffWXY+U1x fiFTjxeGlE/ezAdBOwxs2QWltSPb0w== =IUER -----END PGP SIGNATURE----- --==-=-=--