From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id CMOyNpRZ1WVBbAAAqHPOHw:P1 (envelope-from ) for ; Wed, 21 Feb 2024 03:01:57 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id CMOyNpRZ1WVBbAAAqHPOHw (envelope-from ) for ; Wed, 21 Feb 2024 03:01:56 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lassieur.org header.s=fm3 header.b=MgIMA3kE; dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm1 header.b="g 8nPzgp"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1708480916; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=ux6ej/EVByYkjoPWxmU+utCurugFr11QziuRHNodomY=; b=S8Qp77n6ElAwuKd56KNTJiWq7pOsM+maq4UFWF4bTGynbP61Aqv05Buv8swmv3cgP6pfrw bt/wjCM8v1+ZmE7Qwrtco9y0J/wkY07vC1fZkWWF+I0RuIxGg1BxIMWxfB/Ouf97A9db6I PBQmiiFHC/+iJjuoaFKHjJYU38u0yYY88cfrsfDBHNtEyxuPy4Jho0Sh8YlL+hC8uO4iV8 yIJtqSORBS6yqrMXRAiTaz6FDnuNyjDVximysr+6Th4i5EE0NA/81sKkuX8v7mJJmLHq20 /bfZTwwx9mBkY1cCRPZ8XErgPt0TXntYiloRjUCKOepjohRqTmmzUbTk0/CijA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lassieur.org header.s=fm3 header.b=MgIMA3kE; dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm1 header.b="g 8nPzgp"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1708480916; a=rsa-sha256; cv=none; b=MFOZ+4mIMEnWGOchCU6Fh/nIy3gwfPA9LMCLMIsp96sliEjxjOafS637jcQCotPHfu6P86 Dkp3nhz89ff0tUFu2gcEHAa6f4IsDd6+PnLVifNAQOIrY3037y3IHYyQdkKr9+WF3bUlUw GcgaQvgrbGF5f8CyY9NBEai74bymtbe2oWYgoZA+qUJloZ76frVRXq27AjcaQGpnfdE2mw 3bYi4x9SiplV/JwHYr40LkLnRE3/wLadxe+aZFFDV+WNSEYctN9AVcQ/eVUktfBFQOzM/a xOhd2/muqqO1PDBxGyQx+vCyNmNrES8RZk5hAP2k7/yf9Ya/KKx7hAWUHssIlg== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 0244B43705 for ; Wed, 21 Feb 2024 03:01:56 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcbvZ-00053K-Vd; Tue, 20 Feb 2024 21:01:42 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcbvY-000534-4C for guix-patches@gnu.org; Tue, 20 Feb 2024 21:01:40 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rcbvX-000665-SD for guix-patches@gnu.org; Tue, 20 Feb 2024 21:01:39 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1rcbvt-0004Ex-Rb for guix-patches@gnu.org; Tue, 20 Feb 2024 21:02:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Resent-From: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 21 Feb 2024 02:02:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 67512 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Ian Eure Cc: 67512@debbugs.gnu.org, Mark H Weaver , Liliana Marie Prikler Received: via spool by 67512-submit@debbugs.gnu.org id=B67512.170848087916248 (code B ref 67512); Wed, 21 Feb 2024 02:02:01 +0000 Received: (at 67512) by debbugs.gnu.org; 21 Feb 2024 02:01:19 +0000 Received: from localhost ([127.0.0.1]:47454 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rcbvD-0004Dz-AL for submit@debbugs.gnu.org; Tue, 20 Feb 2024 21:01:19 -0500 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:36881) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rcbvA-0004Dl-Nb for 67512@debbugs.gnu.org; Tue, 20 Feb 2024 21:01:17 -0500 Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailout.nyi.internal (Postfix) with ESMTP id 48B745C0093; Tue, 20 Feb 2024 21:00:49 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Tue, 20 Feb 2024 21:00:49 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lassieur.org; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1708480849; x=1708567249; bh=ux6ej/EVByYkjoPWxmU+utCurugFr11QziuRHNodomY=; b= MgIMA3kEzeBib9beFB54lSOR25DGKnJp9w/Jt/15OWQrYlWVkeFcJ3GTWduxj5GZ xSkBNMhdrbmviBlJMpGQKP9vMaohIqG9PNWlC8XR2gzMGkH7ZSfmgvdlnqDB1Ezj CUJMhGOvq5guazT2iKphqzY270HLBNwybwR9MGaxZmQRt+PYb05W2oAMq4xkp2PH 07N4usR0lPkWNOOoNNB9o8Z+DaLwyY49NbrR3KG1AHpBDdszBjPoxWJGmvIlXF7g /lTZWVIUReY8FpHUsC/9Na1NYCwliVp7ijZMuD322boD02Hc8YkWo+Hm/PjbKv+A dzJUs67iroclttroCdm4Xg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1708480849; x= 1708567249; bh=ux6ej/EVByYkjoPWxmU+utCurugFr11QziuRHNodomY=; b=g 8nPzgpSszkFzLynIAiWbQZUQ3MOsHh1MhfqSu9exgN5lu1BFXcdEAMFTeuNiEWf9 0wrgaMxdKEvRCn0r8rUcag3heOgqAkyNGq6zPTd15PlC8stgNZRuuuZAEu26yvtK 3mLa+xw5AO7z01KdBCRpMgIPdwZO84jyJ5G4DvQx90+v0Ha93vjPDp6iZEPZoBdH 0KDFWjwVcqA+f65gb98uEBKm6jtuekB1BYXsXfqiiyEiqRhMpP0/u6wQiUeKM25V du1HfHP6gmCxyM3sqPmdQjZqN0LIugacVaDgX5outDTrp6uwgt+E/xjhmzjyEHsF fcFNm1MDoq7JlscIK7Zvw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrfedugdegvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefhvfevufgjfhffkfgfgggtgfesthhqredttderjeenucfhrhhomhepvehlrohm vghnthcunfgrshhsihgvuhhruceotghlvghmvghntheslhgrshhsihgvuhhrrdhorhhgqe enucggtffrrghtthgvrhhnpeeiudeuheeviedtleelheeivedutdejgfevhfdvtedvudel hfdthedvvddtieehkeenucffohhmrghinhepghhnuhdrohhrghenucevlhhushhtvghruf hiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegtlhgvmhgvnhhtsehlrghsshhi vghurhdrohhrgh X-ME-Proxy: Feedback-ID: i4c21472a:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 20 Feb 2024 21:00:47 -0500 (EST) From: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur In-Reply-To: <871q9bdpn3.fsf@retrospec.tv> (Ian Eure's message of "Sat, 17 Feb 2024 08:09:22 -0800") References: <39662eaab8ebb73981be67f42a0277c2013be76b.1707855137.git.ian@retrospec.tv> <1808da259ee4755731fade4507812fb3f9ba619e.camel@gmail.com> <87eddgx6y7.fsf@retrospec.tv> <877cj4fpo6.fsf@lassieur.org> <871q9bdpn3.fsf@retrospec.tv> Date: Wed, 21 Feb 2024 03:00:43 +0100 Message-ID: <87ttm2wp84.fsf@lassieur.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: 0.42 X-Spam-Score: 0.42 X-Migadu-Queue-Id: 0244B43705 X-Migadu-Scanner: mx13.migadu.com X-TUID: FNjgD80OtbeE On Sat, Feb 17 2024, Ian Eure wrote: > Cl=C3=A9ment Lassieur writes: > >> On Tue, Feb 13 2024, Ian Eure wrote: >> >>> D. Fold the new (gnu packages wasm) into (gnu packages librewolf). This= is >>> the >>> only place they=E2=80=99re used, but it sounds like there=E2=80=99s des= ire to port some of >>> the >>> other firefoxen to this stuff, so probably not a good long-term option. >> >> Does Librewolf depend on the Wasm packages more than the other Firefox >> based browsers? > > Upstream Librewolf doesn=E2=80=99t depend on the WASM packages more than = any other > Firefoxen. I believe that WASM sandboxing is an optional feature for rec= ent > Firefox and FF-derived browsers. > > > In case anyone reading this isn=E2=80=99t familiar: Firefox has taken som= e libraries > that handle untrusted data (which are implemented in C/C++) and complied = those > WASM, which it runs in isolated sandboxes. The idea being that if there= =E2=80=99s a > vulnerability in one of those libraries, the impact will be diminished be= casue > the exploit runs in an environment with very limited privileges[1]. > > >> My point is that if your Librewolf package is independent from the Wasm >> packages, they can be split and reviewed independently. > > The Librewolf package I=E2=80=99m submitting depends on these WASM packag= es; other > Firefox-derived browsers currently in Guix don=E2=80=99t (because they ca= n=E2=80=99t, because > the toolchain isn=E2=80=99t in Guix). > > >> That would make the Librewolf review shorter and easier, and the Wasm >> review more consistent and easy to test. Also, adding Wasm to our >> Firefox based browsers would be a one-shot. (Of course it doesn't have >> to be included in Icecat, but I think it would be great to have it in >> =E2=80=98make-torbrowser=E2=80=99.) >> > > I=E2=80=99m not sure what you mean by "adding Wasm to our Firefox based b= rowsers would > be a one-shot." Are you saying you want a process like: > > 1a. Get wasm toolchain stuff merged. > 1b. Get Librewolf merged without WASM sandboxing. > 2. Update icecat, torbrowser, mullvad, and librewolf to use WASM sandboxi= ng. Excatly. 1b can be done after 1a, or before 1a. And if you can explain why is Mullvad Browser not "great for daily use" that would be great. https://logs.guix.gnu.org/guix/2024-02-20.log Cl=C3=A9ment