From: Marius Bakke <mbakke@fastmail.com>
To: ng0 <ng0@n0.is>
Cc: 28004@debbugs.gnu.org
Subject: [bug#28004] Chromium
Date: Mon, 08 Jan 2018 22:56:26 +0100 [thread overview]
Message-ID: <87wp0s2ewl.fsf@fastmail.com> (raw)
In-Reply-To: <20180104191648.custe7w3l57fvbac@abyayala>
[-- Attachment #1.1: Type: text/plain, Size: 2960 bytes --]
ng0 <ng0@n0.is> writes:
>> + (substitute* "chrome/common/chrome_paths.cc"
>> + (("/usr/share/chromium/extensions")
>> + ;; TODO: Add ~/.guix-profile.
>> + "/run/current-system/profile/share/chromium/extensions"))
>
> What's the idea behind this? Did you test it? Do you have any guix build-system
> using Chromium extensions as an example? So far this completely disables the
> installation of any plugins and addons.
The idea is to eventually be able to distribute extensions with Guix. I
added this path mostly to document it, but don't see how keeping the
default makes a difference. If you can place an extension in
/usr/share, you can also copy it to the system profile through your
config.scm, or symlink this location on a foreign distribution.
>> + (mkdir-p bin)
>> + ;; Add a thin wrapper to prevent the user from inadvertently
>> + ;; installing non-free software through the Web Store.
>> + ;; TODO: Discover extensions from the profile and pass
>> + ;; something like "--disable-extensions-except=...".
>
> Same question here.
The Web Store has serious freedom issues, thus we can not enable it by
default. Enabling it *must* be a conscious choice by the end user.
The TODO here is inspired by Debians wrapper script, which enumerates
the location where apt places extensions, and gives that list to
"--disable-extensions-except".
> If you need help, there's at least 3 users of Chromium now. I'd like to read
> your ideas on how to solve the TODOs, aswell as: Do you have any unpushed
> progress? Maybe we can team collaborate on this huge browser.
I do maintain this patch, but unfortunately not in a public repository.
I've attached the latest iteration here (sorry for squashed).
New since the last time are some fixes from the "Inox patchset" that
resolves most of the privacy issues. Namely removing the "login
wizard", changing to sensible defaults, and forcing the "classic" New
Tab Page that does not load a search engine.
Also, all patches have been moved to remote origins.
Testing and feedback welcome!
Currently there are two "important" (blocking?) TODOs left:
* Move the 'delete-bundled-software' phase to a source snippet.
Repacking the ~500MiB compressed tarball is *really* expensive. It
should also aid the licensing situation.
* Delete the two default entries from the "most used" list on the New
Tab page. The first run will download thumbnails for these sites,
leaking data. One of them also leads to the disabled-by-default
store, promoting non-free software.
I'm optimistic that fixing the second item will make the browser not
leak *any* data at launch with the default configuration. Which leads
to a third item: writing a system test that verifies that launching
Chromium does indeed not initiate any network traffic.
Anyway, here is the latest patch:
[-- Attachment #1.2: 0001-gnu-Add-chromium.patch --]
[-- Type: text/x-patch, Size: 36825 bytes --]
From f813b2d7ec0728a906720fa74bf9f442af6ab10d Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 12 Oct 2016 17:25:05 +0100
Subject: [PATCH] gnu: Add chromium.
* gnu/packages/chromium.scm: New file.
* gnu/local.mk: Record it.
---
gnu/local.mk | 1 +
gnu/packages/chromium.scm | 733 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 734 insertions(+)
create mode 100644 gnu/packages/chromium.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index d4e841921..529fdd2be 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -89,6 +89,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/check.scm \
%D%/packages/chemistry.scm \
%D%/packages/chez.scm \
+ %D%/packages/chromium.scm \
%D%/packages/ci.scm \
%D%/packages/cinnamon.scm \
%D%/packages/cmake.scm \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
new file mode 100644
index 000000000..78cfb3097
--- /dev/null
+++ b/gnu/packages/chromium.scm
@@ -0,0 +1,733 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages chromium)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix utils)
+ #:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bison)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages databases)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages ghostscript)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gnuzilla)
+ #:use-module (gnu packages gperf)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages libusb)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages ninja)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages photo)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages regex)
+ #:use-module (gnu packages serialization)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xiph)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+(define (strip-directory-prefix pathspec)
+ "Return everything after the last '/' in PATHSPEC."
+ (let ((index (string-rindex pathspec #\/)))
+ (if index (string-drop pathspec (+ 1 index))
+ pathspec)))
+
+(define (chromium-patch-file-name pathspec)
+ (let ((patch-name (strip-directory-prefix pathspec)))
+ (if (string-prefix? "chromium-" patch-name)
+ patch-name
+ (string-append "chromium-" patch-name))))
+
+;; https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches
+(define (debian-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git"
+ "/plain/debian/patches/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files
+(define (gentoo-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client"
+ "/chromium/files/" pathspec "?id=" revision))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+;; https://github.com/gcarq/inox-patchset
+(define (inox-patch pathspec revision hash)
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://raw.githubusercontent.com/gcarq/inox-patchset/"
+ revision "/" pathspec))
+ (sha256 (base32 hash))
+ (file-name (chromium-patch-file-name pathspec))))
+
+(define opus+custom
+ (package (inherit opus)
+ (arguments
+ `(;; Opus Custom is an optional extension of the Opus
+ ;; specification that allows for unsupported frame
+ ;; sizes. Chromium requires that this is enabled.
+ #:configure-flags '("--enable-custom-modes")
+ ,@(package-arguments opus)))))
+
+;; Chromium since 58 depends on an unreleased libvpx. So, we
+;; package the latest master branch as of 2018-01-07.
+(define libvpx+experimental
+ (package
+ (inherit libvpx)
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libvpx")
+ (commit "bed28a55f593efd3a71a3a9d05cf8bb25d15fa44")))
+ (file-name "libvpx-for-chromium-checkout")
+ (sha256
+ (base32
+ "0h01vmb8awzrb2xwqaz215v73yjdjf67hzdm2yfcz4h4qrvwf817"))))
+ ;; TODO: Make libvpx configure flags overrideable.
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (setenv "CONFIG_SHELL" (which "bash"))
+ (let ((out (assoc-ref outputs "out")))
+ (setenv "LDFLAGS"
+ (string-append "-Wl,-rpath=" out "/lib"))
+ (zero? (system* "./configure"
+ "--enable-shared"
+ "--as=yasm"
+ ;; Limit size to avoid CVE-2015-1258
+ "--size-limit=16384x16384"
+ ;; Spatial SVC is an experimental VP9 encoder
+ ;; used by some packages (i.e. Chromium).
+ "--enable-experimental"
+ "--enable-spatial-svc"
+ (string-append "--prefix=" out)))))))
+ #:tests? #f)))) ; No tests.
+
+(define %chromium-gn-bootstrap.patch
+ (gentoo-patch "chromium-gn-bootstrap-r17.patch"
+ "5c9cf110bd61fa287a5c536760b5d8ed13f65d52"
+ "12wsq3bs46mvr7cinxvqjmbzymigm8yzf478r08y9l6sd3qij4yq"))
+
+(define %chromium-gcc-compat.patch
+ (gentoo-patch "chromium-gcc5-r4.patch"
+ "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
+ "18s152pkqzzw6grxj1m6mp3pc2x3ha2gyayw5hf2nhranak5wlkg"))
+
+(define %chromium-webkit-gcc-compat.patch
+ (gentoo-patch "chromium-gcc5-r5.patch"
+ "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
+ "0z7rggizzg85wfr8zhw0yfwd3q69lsh3yp297s939jgzp66cwwkw"))
+
+(define %chromium-webrtc-gcc-compat.patch
+ (gentoo-patch "chromium-webrtc-r0.patch"
+ "1c5423aab094796b3da7a2905f02cbdcdd6a7742"
+ "0qj5b4w9kav51ylpdf38vm5w7p2gx4qp8p45vrfggp7miicg9cmw"))
+
+(define %chromium-system-nspr.patch
+ (debian-patch "system/nspr.patch"
+ "debian/63.0.3239.40-1"
+ "07a0q3khz77gk0rxzp965pjzhly5r08k019pinss18xc1caj971s"))
+
+(define %chromium-system-libevent.patch
+ (debian-patch "system/event.patch"
+ "debian/63.0.3239.40-1"
+ "0604ia06w40zn66d85in03xg3hd6144y8b222kzyc9nzhq3xm2pc"))
+
+(define %chromium-system-icu.patch
+ (debian-patch "system/icu.patch"
+ "debian/63.0.3239.40-1"
+ "0kf77d8lyma3w0xpgfv2k0c741zp6ii08gzllfja6d5s59c15ylv"))
+
+(define %chromium-disable-api-keys-warning.patch
+ (debian-patch "disable/google-api-warning.patch"
+ "36794e57f1f97068640c6845dbeb9291155893c0"
+ "11llghxm0a75kb8fnpy6ky8ix4f1kk7n0c0zfcpwxsx05pask11m"))
+
+(define %chromium-external-components.patch
+ (debian-patch "disable/external-components.patch"
+ "debian/63.0.3239.40-1"
+ "1i3b801hjafxv7djk7cl7nj2skxid0vysf12yjr364db949f164l"))
+
+(define %chromium-duckduckgo.patch
+ (inox-patch "0011-add-duckduckgo-search-engine.patch"
+ "5af0e6187c22471b8cb803f6dda6738f23a530e7"
+ "0p8x98g71ngkd3wbl5q36wrl18ff185sfrr5fcwjbgrv3v7r6ra7"))
+
+;; Don't start a "Login Wizard" at first launch.
+(define %chromium-first-run.patch
+ (inox-patch "0018-disable-first-run-behaviour.patch"
+ "3336bb286ea054271ac2199cf374e96c64ed53cf"
+ "1y4zsqqf2125jkb1phwy9g5hcbd9xhyv5lr4xcaly66rpdzx2ayb"))
+
+;; Use privacy-preserving defaults.
+(define %chromium-default-preferences.patch
+ (inox-patch "0006-modify-default-prefs.patch"
+ "3336bb286ea054271ac2199cf374e96c64ed53cf"
+ "1h8ycmn00yvciq3r5jcdqmsl4grqv8izgwi6a20kijz2baxxr888"))
+
+;; Recent versions of Chromium may load a remote search engine on the
+;; New Tab Page, causing unnecessary and involuntary network traffic.
+(define %chromium-restore-classic-ntp.patch
+ (inox-patch "0008-restore-classic-ntp.patch"
+ "2f60b788bff89bde11ac802d4c19093661cd23f7"
+ "00icvb0r1p3s7i2xy8kv1lpam96cxgn6c3s9bc6wv3dpi3d722p2"))
+
+(define-public chromium
+ (package
+ (name "chromium")
+ (version "63.0.3239.132")
+ (synopsis "Graphical web browser")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official/chromium-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "139x3cbc5pa14x69493ic8i2ank12c9fwiq6pqm11aps88n6ri44"))
+ (patches (list ;%chromium-gn-bootstrap.patch
+ %chromium-gcc-compat.patch
+ %chromium-webkit-gcc-compat.patch
+ %chromium-webrtc-gcc-compat.patch
+ %chromium-duckduckgo.patch
+ %chromium-default-preferences.patch
+ %chromium-first-run.patch
+ %chromium-restore-classic-ntp.patch
+ %chromium-system-icu.patch
+ %chromium-system-nspr.patch
+ %chromium-system-libevent.patch
+ %chromium-disable-api-keys-warning.patch))
+ (modules '((srfi srfi-1)
+ (guix build utils)))
+ (snippet
+ '(begin
+ ;; Replace GN files from third_party with shims for building
+ ;; against system libraries. Keep this list in sync with
+ ;; "build/linux/unbundle/replace_gn_files.py".
+ (for-each (lambda (pair)
+ (let ((source (string-append
+ "build/linux/unbundle/" (car pair)))
+ (dest (cdr pair)))
+ (copy-file source dest)))
+ (list
+ '("ffmpeg.gn" . "third_party/ffmpeg/BUILD.gn")
+ '("flac.gn" . "third_party/flac/BUILD.gn")
+ '("freetype.gn" . "third_party/freetype/BUILD.gn")
+ ;; XXX: This broke in 63.
+ ;;'("harfbuzz-ng.gn" . "third_party/harfbuzz-ng/BUILD.gn")
+ '("icu.gn" . "third_party/icu/BUILD.gn")
+ '("libdrm.gn" . "third_party/libdrm/BUILD.gn")
+ '("libevent.gn" . "base/third_party/libevent/BUILD.gn")
+ '("libjpeg.gn" .
+ "build/secondary/third_party/libjpeg_turbo/BUILD.gn")
+ '("libpng.gn" . "third_party/libpng/BUILD.gn")
+ '("libvpx.gn" . "third_party/libvpx/BUILD.gn")
+ '("libwebp.gn" . "third_party/libwebp/BUILD.gn")
+ ;;'("libxml.gn" . "third_party/libxml/BUILD.gn") ;TODO
+ '("libxslt.gn" . "third_party/libxslt/BUILD.gn")
+ '("openh264.gn" . "third_party/openh264/BUILD.gn")
+ '("opus.gn" . "third_party/opus/BUILD.gn")
+ '("re2.gn" . "third_party/re2/BUILD.gn")
+ '("snappy.gn" . "third_party/snappy/BUILD.gn")
+ '("yasm.gn" . "third_party/yasm/yasm_assemble.gni")
+ '("zlib.gn" . "third_party/zlib/BUILD.gn")))
+ #t))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f
+ ;; FIXME: There is a "gn" option specifically for setting -rpath, but
+ ;; it's not recognized when passed.
+ #:validate-runpath? #f
+ #:modules ((srfi srfi-26)
+ (ice-9 ftw)
+ (ice-9 regex)
+ (guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'remove-bundled-software
+ (lambda _
+ (let ((keep-libs
+ (list
+ ;; Third party folders that cannot be deleted yet.
+ "base/third_party/dmg_fp"
+ "base/third_party/dynamic_annotations"
+ "base/third_party/icu"
+ "base/third_party/libevent"
+ "base/third_party/nspr"
+ "base/third_party/superfasthash"
+ "base/third_party/symbolize" ; glog
+ "base/third_party/xdg_mime"
+ "base/third_party/xdg_user_dirs"
+ "buildtools/third_party/libc++"
+ "chrome/third_party/mozilla_security_manager"
+ "courgette/third_party"
+ "net/third_party/mozilla_security_manager"
+ "net/third_party/nss"
+ "third_party/adobe/flash/flapper_version.h"
+ ;; FIXME: This is used in:
+ ;; * ui/webui/resources/js/analytics.js
+ ;; * ui/file_manager/
+ "third_party/analytics"
+ "third_party/angle"
+ "third_party/angle/src/common/third_party/base"
+ "third_party/angle/src/common/third_party/smhasher"
+ "third_party/angle/src/third_party/compiler"
+ "third_party/angle/src/third_party/libXNVCtrl"
+ "third_party/angle/src/third_party/trace_event"
+ "third_party/blink"
+ "third_party/boringssl"
+ "third_party/breakpad"
+ "third_party/brotli"
+ "third_party/cacheinvalidation"
+ "third_party/catapult"
+ "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
+ "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
+ "third_party/catapult/third_party/polymer"
+ "third_party/catapult/tracing/third_party/d3"
+ "third_party/catapult/tracing/third_party/gl-matrix"
+ "third_party/catapult/tracing/third_party/jszip"
+ "third_party/catapult/tracing/third_party/mannwhitneyu"
+ "third_party/catapult/tracing/third_party/oboe"
+ "third_party/catapult/tracing/third_party/pako"
+ "third_party/ced"
+ "third_party/cld_3"
+ "third_party/crc32c"
+ "third_party/cros_system_api"
+ "third_party/dom_distiller_js"
+ "third_party/fips181"
+ "third_party/flatbuffers"
+ ;; XXX Needed by pdfium since 59.
+ "third_party/freetype"
+ "third_party/glslang-angle"
+ "third_party/google_input_tools"
+ "third_party/google_input_tools/third_party/closure_library"
+ (string-append "third_party/google_input_tools/third_party"
+ "/closure_library/third_party/closure")
+ "third_party/googletest"
+ "third_party/harfbuzz-ng" ;XXX why is this required in 63+
+ "third_party/hunspell"
+ "third_party/iccjpeg"
+ "third_party/inspector_protocol"
+ "third_party/jinja2"
+ "third_party/jstemplate"
+ "third_party/khronos"
+ "third_party/leveldatabase"
+ "third_party/libXNVCtrl"
+ "third_party/libaddressinput"
+ "third_party/libjingle_xmpp"
+ "third_party/libphonenumber"
+ "third_party/libsecret" ;FIXME: needs pkg-config support.
+ "third_party/libsrtp" ;TODO: Requires libsrtp@2.
+ "third_party/libudev"
+ "third_party/libwebm"
+ "third_party/libxml" ;FIXME: Unbundle (again).
+ "third_party/libyuv"
+ "third_party/lss"
+ "third_party/lzma_sdk"
+ "third_party/markupsafe"
+ "third_party/mesa"
+ "third_party/modp_b64"
+ "third_party/mt19937ar"
+ "third_party/node"
+ "third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2"
+ "third_party/openmax_dl"
+ "third_party/ots"
+ "third_party/pdfium"
+ "third_party/pdfium/third_party"
+ "third_party/ply"
+ "third_party/polymer"
+ "third_party/protobuf"
+ "third_party/protobuf/third_party/six"
+ "third_party/qcms"
+ "third_party/sfntly"
+ "third_party/skia"
+ "third_party/skia/third_party/vulkan"
+ "third_party/skia/third_party/gif"
+ "third_party/smhasher"
+ "third_party/speech-dispatcher"
+ "third_party/spirv-headers"
+ "third_party/spirv-tools-angle"
+ "third_party/sqlite"
+ "third_party/swiftshader"
+ "third_party/swiftshader/third_party"
+ "third_party/usb_ids"
+ "third_party/usrsctp"
+ "third_party/vulkan"
+ "third_party/vulkan-validation-layers"
+ "third_party/WebKit"
+ "third_party/web-animations-js"
+ "third_party/webrtc"
+ "third_party/widevine/cdm/widevine_cdm_version.h"
+ "third_party/widevine/cdm/widevine_cdm_common.h"
+ "third_party/woff2"
+ "third_party/xdg-utils"
+ "third_party/yasm/run_yasm.py"
+ "third_party/zlib/google"
+ "url/third_party/mozilla"
+ "v8/src/third_party/valgrind"
+ "v8/third_party/inspector_protocol")))
+ ;; FIXME: implement as source snippet. This traverses
+ ;; any "third_party" directory and deletes files that are:
+ ;; * not ending with ".gn" or ".gni"; or
+ ;; * not explicitly named as argument (folder or file).
+ (zero? (apply system* "python"
+ "build/linux/unbundle/remove_bundled_libraries.py"
+ "--do-remove" keep-libs)))))
+ (add-after 'remove-bundled-software 'patch-stuff
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "printing/cups_config_helper.py"
+ (("cups_config =.*")
+ (string-append "cups_config = '" (assoc-ref inputs "cups")
+ "/bin/cups-config'\n")))
+
+ (substitute*
+ '("base/process/launch_posix.cc"
+ "base/third_party/dynamic_annotations/dynamic_annotations.c"
+ "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
+ "sandbox/linux/services/credentials.cc"
+ "sandbox/linux/services/namespace_utils.cc"
+ "sandbox/linux/services/syscall_wrappers.cc"
+ "sandbox/linux/syscall_broker/broker_host.cc")
+ (("include \"base/third_party/valgrind/") "include \"valgrind/"))
+
+ (for-each (lambda (file)
+ (substitute* file
+ ;; Fix opus include path.
+ ;; Do not substitute opus_private.h.
+ (("#include \"opus\\.h\"")
+ "#include \"opus/opus.h\"")
+ (("#include \"opus_custom\\.h\"")
+ "#include \"opus/opus_custom.h\"")
+ (("#include \"opus_defines\\.h\"")
+ "#include \"opus/opus_defines.h\"")
+ (("#include \"opus_multistream\\.h\"")
+ "#include \"opus/opus_multistream.h\"")
+ (("#include \"opus_types\\.h\"")
+ "#include \"opus/opus_types.h\"")))
+ (append (find-files "third_party/opus/src/celt")
+ (find-files "third_party/opus/src/src")
+ (find-files (string-append "third_party/webrtc/modules"
+ "/audio_coding/codecs/opus"))))
+
+ (substitute* "chrome/common/chrome_paths.cc"
+ (("/usr/share/chromium/extensions")
+ ;; TODO: Add ~/.guix-profile.
+ "/run/current-system/profile/share/chromium/extensions"))
+
+ (substitute*
+ "third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
+ (("include \"third_party/curl") "include \"curl"))
+ (substitute* "media/base/decode_capabilities.cc"
+ (("third_party/libvpx/source/libvpx/") ""))
+
+ ;; We don't cross compile most packages, so get rid of the
+ ;; unnecessary ARCH-linux-gnu* prefix.
+ (substitute* "build/toolchain/linux/BUILD.gn"
+ (("aarch64-linux-gnu-") "")
+ (("arm-linux-gnueabihf-") ""))
+ #t))
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((gn-flags
+ (list
+ ;; See tools/gn/docs/cookbook.md and
+ ;; https://www.chromium.org/developers/gn-build-configuration
+ ;; for usage. Run "./gn args . --list" in the Release
+ ;; directory for an exhaustive list of supported flags.
+ "is_debug=false"
+ "is_official_build=false"
+ "is_clang=false"
+ "use_gold=false"
+ "linux_use_bundled_binutils=false"
+ "use_custom_libcxx=false"
+ "use_sysroot=false"
+ "goma_dir=\"\""
+ "enable_precompiled_headers=false"
+ "use_jumbo_build=true" ;speeds up build
+ ;; Use a deterministic version identifier.
+ "override_build_date=\"01 01 2000 05:00:00\""
+ "use_unofficial_version_number=false"
+ ;; Disable debugging features to save space.
+ "remove_webcore_debug_symbols=true"
+ "enable_iterator_debugging=false"
+ ;; Don't fail when using deprecated ffmpeg features.
+ "treat_warnings_as_errors=false"
+ "enable_nacl=false"
+ "enable_nacl_nonsfi=false"
+ "use_allocator=\"none\"" ;don't use tcmalloc
+ ;; Don't add any API keys. End users can set them in the
+ ;; environment if necessary.
+ ;; https://www.chromium.org/developers/how-tos/api-keys
+ "use_official_google_api_keys=false"
+ ;; Disable "field trials".
+ "fieldtrial_testing_like_official_build=true"
+
+ "use_system_freetype=true"
+ ;; FIXME: Try enabling this for 63+.
+ ;;"use_system_harfbuzz=true"
+ "use_system_libjpeg=true"
+ "use_system_lcms2=true"
+ "use_system_zlib=true"
+ ;; This is currently not supported on Linux:
+ ;; https://bugs.chromium.org/p/chromium/issues/detail?id=22208
+ ;; "use_system_sqlite=true"
+ "use_gconf=false" ; deprecated by gsettings
+ "use_gnome_keyring=false" ; deprecated by libsecret
+ "use_gtk3=true"
+ "use_openh264=true"
+ "use_xkbcommon=true"
+ "link_pulseaudio=true"
+
+ ;; Don't arbitrarily restrict formats supported by system ffmpeg.
+ "proprietary_codecs=true"
+ "ffmpeg_branding=\"Chrome\""
+
+ ;; WebRTC stuff.
+ "rtc_use_h264=true"
+ ;; Don't use bundled sources.
+ "rtc_build_json=false"
+ "rtc_build_libevent=false"
+ "rtc_build_libvpx=false"
+ "rtc_build_opus=false"
+ "rtc_build_ssl=false"
+ ;; TODO: Package these.
+ "rtc_build_libsrtp=true" ; 2.0
+ "rtc_build_libyuv=true"
+ "rtc_build_openmax_dl=true"
+ "rtc_build_usrsctp=true"
+ (string-append "rtc_jsoncpp_root=\""
+ (assoc-ref inputs "jsoncpp")
+ "/include/jsoncpp/json\"")
+ (string-append "rtc_ssl_root=\""
+ (assoc-ref inputs "openssl")
+ "/include/openssl\""))))
+
+ ;; XXX: How portable is this.
+ (mkdir-p "third_party/node/linux/node-linux-x64")
+ (symlink (string-append (assoc-ref inputs "node") "/bin")
+ "third_party/node/linux/node-linux-x64/bin")
+
+ (setenv "CC" "gcc")
+ (setenv "CXX" "g++")
+ ;; TODO: pre-compile instead. Avoids a race condition.
+ (setenv "PYTHONDONTWRITEBYTECODE" "1")
+ (and
+ ;; Build the "gn" tool.
+ (zero? (system* "python"
+ "tools/gn/bootstrap/bootstrap.py" "-s" "-v"))
+ ;; Generate ninja build files.
+ (zero? (system* "./out/Release/gn" "gen" "out/Release"
+ (string-append "--args="
+ (string-join gn-flags " "))))))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (zero? (system* "ninja" "-C" "out/Release"
+ "-j" (number->string (parallel-job-count))
+ "chrome"))))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (exe (string-append bin "/chromium"))
+ (lib (string-append out "/lib"))
+ (man (string-append out "/share/man/man1"))
+ (applications (string-append out "/share/applications"))
+ (install-regexp (make-regexp "\\.(bin|pak)$"))
+ (locales (string-append lib "/locales"))
+ (resources (string-append lib "/resources"))
+ (gtk+ (assoc-ref inputs "gtk+"))
+ (mesa (assoc-ref inputs "mesa"))
+ (nss (assoc-ref inputs "nss"))
+ (udev (assoc-ref inputs "udev"))
+ (sh (which "sh")))
+
+ (substitute* '("chrome/app/resources/manpage.1.in"
+ "chrome/installer/linux/common/desktop.template")
+ (("@@MENUNAME@@") "Chromium")
+ (("@@PACKAGE@@") "chromium")
+ (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
+ (mkdir-p man)
+ (copy-file "chrome/app/resources/manpage.1.in"
+ (string-append man "/chromium.1"))
+ (mkdir-p applications)
+ (copy-file "chrome/installer/linux/common/desktop.template"
+ (string-append applications "/chromium.desktop"))
+
+ (with-directory-excursion "out/Release"
+ (for-each (lambda (file)
+ (install-file file lib))
+ (scandir "." (cut regexp-exec install-regexp <>)))
+ (copy-file "chrome" (string-append lib "/chromium"))
+
+ ;; TODO: Install icons from "../../chrome/app/themes" into
+ ;; "out/share/icons/hicolor/$size".
+ (install-file
+ "product_logo_48.png"
+ (string-append out "/share/icons/48x48/chromium.png"))
+
+ (copy-recursively "locales" locales)
+ (copy-recursively "resources" resources)
+
+ (mkdir-p bin)
+ ;; Add a thin wrapper to prevent the user from inadvertently
+ ;; installing non-free software through the Web Store.
+ ;; TODO: Discover extensions from the profile and pass
+ ;; something like "--disable-extensions-except=...".
+ (call-with-output-file exe
+ (lambda (port)
+ (format port
+ "#!~a~@
+ if [ -z \"$CHROMIUM_ENABLE_WEB_STORE\" ]~@
+ then~@
+ CHROMIUM_FLAGS=\" \\~@
+ --disable-background-networking \\~@
+ --disable-extensions \\~@
+ \"~@
+ fi~@
+ exec ~a $CHROMIUM_FLAGS \"$@\"~%"
+ sh (string-append lib "/chromium"))))
+ (chmod exe #o755)
+
+ (wrap-program exe
+ ;; TODO: Get these in RUNPATH.
+ `("LD_LIBRARY_PATH" ":" prefix
+ (,(string-append lib ":" nss "/lib/nss:" gtk+ "/lib:"
+ mesa "/lib:" udev "/lib")))
+ ;; Avoid file manager crash. See <https://bugs.gnu.org/26593>.
+ `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+ "/share"))))
+ #t)))))))
+ (native-inputs
+ `(("bison" ,bison)
+ ("git" ,git) ;last_commit_position.py
+ ("gperf" ,gperf)
+ ("ninja" ,ninja)
+ ("node" ,node)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("yasm" ,yasm)
+
+ ("python-beautifulsoup4" ,python2-beautifulsoup4)
+ ("python-html5lib" ,python2-html5lib)
+ ("python" ,python-2)))
+ (inputs
+ `(("alsa-lib" ,alsa-lib)
+ ("atk" ,atk)
+ ("cups" ,cups)
+ ("curl" ,curl)
+ ("dbus" ,dbus)
+ ("dbus-glib" ,dbus-glib)
+ ("expat" ,expat)
+ ("flac" ,flac)
+ ("ffmpeg" ,ffmpeg)
+ ("fontconfig" ,fontconfig)
+ ("freetype" ,freetype)
+ ("gdk-pixbuf" ,gdk-pixbuf)
+ ("glib" ,glib)
+ ("gtk+-2" ,gtk+-2)
+ ("gtk+" ,gtk+)
+ ("harfbuzz" ,harfbuzz)
+ ("icu4c" ,icu4c-59.1)
+ ("jsoncpp" ,jsoncpp)
+ ("lcms" ,lcms)
+ ("libevent" ,libevent)
+ ("libffi" ,libffi)
+ ("libjpeg-turbo" ,libjpeg-turbo)
+ ("libpng" ,libpng)
+ ("libusb" ,libusb)
+ ("libvpx" ,libvpx+experimental)
+ ("libwebp" ,libwebp)
+ ("libx11" ,libx11)
+ ("libxcb" ,libxcb)
+ ("libxcomposite" ,libxcomposite)
+ ("libxcursor" ,libxcursor)
+ ("libxdamage" ,libxdamage)
+ ("libxext" ,libxext)
+ ("libxfixes" ,libxfixes)
+ ("libxi" ,libxi)
+ ("libxkbcommon" ,libxkbcommon)
+ ("libxml2" ,libxml2)
+ ("libxrandr" ,libxrandr)
+ ("libxrender" ,libxrender)
+ ("libxscrnsaver" ,libxscrnsaver)
+ ("libxslt" ,libxslt)
+ ("libxtst" ,libxtst)
+ ("mesa" ,mesa)
+ ("minizip" ,minizip)
+ ("mit-krb5" ,mit-krb5)
+ ("nss" ,nss)
+ ("openh264" ,openh264)
+ ("openssl" ,openssl)
+ ("opus" ,opus+custom)
+ ("pango" ,pango)
+ ("pciutils" ,pciutils)
+ ("protobuf" ,protobuf)
+ ("pulseaudio" ,pulseaudio)
+ ("re2" ,re2)
+ ("snappy" ,snappy)
+ ("speech-dispatcher" ,speech-dispatcher)
+ ("sqlite" ,sqlite)
+ ("udev" ,eudev)
+ ("valgrind" ,valgrind)))
+ (home-page "https://www.chromium.org/")
+ (description
+ "Chromium is a web browser using the @code{Blink} rendering engine.")
+ ;; Chromium is developed as BSD-3, but bundles a large number of third-party
+ ;; software with other licenses. For full information, see chrome://credits.
+ (license (list license:bsd-3
+ license:bsd-2
+ license:expat
+ license:asl2.0
+ license:mpl2.0
+ license:public-domain
+ license:lgpl2.1+))))
--
2.15.1
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
next prev parent reply other threads:[~2018-01-08 21:57 UTC|newest]
Thread overview: 151+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-07 19:58 [bug#28004] Chromium Marius Bakke
2017-08-07 20:23 ` ng0
2017-08-07 21:16 ` Marius Bakke
2017-08-08 5:53 ` ng0
2017-08-08 13:18 ` ng0
2017-08-08 14:22 ` ng0
2017-08-08 15:44 ` ng0
2017-08-08 18:59 ` ng0
2017-08-08 19:51 ` Leo Famulari
2017-08-08 20:46 ` ng0
2017-08-10 5:31 ` Efraim Flashner
2017-08-31 7:36 ` ng0
2017-10-10 13:19 ` ng0
2017-10-11 19:52 ` Ludovic Courtès
2017-10-12 19:56 ` Leo Famulari
2017-10-12 20:28 ` ng0
2017-10-13 6:51 ` Ludovic Courtès
2017-10-18 22:41 ` Marius Bakke
2017-10-19 5:48 ` ng0
2017-10-24 21:11 ` Marius Bakke
2017-11-05 23:52 ` Marius Bakke
2017-11-10 11:33 ` Adonay Felipe Nogueira
2018-01-04 19:16 ` ng0
2018-01-08 21:56 ` Marius Bakke [this message]
2018-01-08 23:20 ` ng0
2018-01-08 23:40 ` Marius Bakke
2018-01-12 0:09 ` Marius Bakke
2018-01-13 19:02 ` ng0
2018-01-13 19:13 ` ng0
2018-01-14 12:10 ` ng0
2018-01-16 14:18 ` Ludovic Courtès
2018-01-16 19:01 ` Marius Bakke
2018-01-16 19:09 ` Tobias Geerinckx-Rice
2018-01-16 19:22 ` Marius Bakke
2018-01-16 20:41 ` Leo Famulari
2018-01-17 8:53 ` Ludovic Courtès
2018-01-17 14:55 ` Mike Gerwitz
2018-02-26 18:18 ` Marius Bakke
2018-02-26 20:01 ` ng0
2018-02-26 20:06 ` Marius Bakke
2018-02-26 20:34 ` ng0
2018-02-26 22:41 ` Björn Höfling
2018-02-27 21:57 ` ng0
2018-02-28 17:38 ` Marius Bakke
2018-02-28 18:09 ` Björn Höfling
2018-03-16 17:30 ` ng0
2018-03-16 17:45 ` Marius Bakke
2018-03-16 17:52 ` ng0
2018-07-25 8:08 ` ng0
2018-08-05 13:04 ` Marius Bakke
2018-08-05 16:18 ` ng0
2018-08-05 18:25 ` Marius Bakke
2018-08-05 20:32 ` ng0
2018-08-05 23:58 ` ng0
2018-08-30 13:25 ` ng0
2018-08-06 8:22 ` Oleg Pykhalov
2018-08-30 6:04 ` Amirouche Boubekki
2018-03-16 19:01 ` Adonay Felipe Nogueira
2018-03-16 19:34 ` ng0
2018-03-16 21:20 ` Adonay Felipe Nogueira
2018-02-27 22:17 ` ng0
2018-02-28 17:14 ` Marius Bakke
2018-02-27 2:00 ` Mike Gerwitz
2018-02-28 8:17 ` ng0
2018-02-28 17:28 ` Marius Bakke
2018-01-16 20:04 ` ng0
2018-01-09 6:58 ` ng0
2018-01-12 0:03 ` Marius Bakke
2018-01-12 9:38 ` ng0
2018-02-26 18:19 ` [bug#28004] [PATCH] gnu: Add chromium Marius Bakke
2018-04-13 19:10 ` [bug#28004] Chromium 65 Marius Bakke
2018-04-17 19:10 ` Oleg Pykhalov
2018-04-24 17:05 ` Christopher Lemmer Webber
2018-04-24 18:08 ` [bug#28004] Chromium 66 + status update Marius Bakke
2018-04-24 18:45 ` Christopher Lemmer Webber
2018-04-24 18:48 ` Tobias Geerinckx-Rice
2018-04-24 18:46 ` Tobias Geerinckx-Rice
2018-04-24 19:30 ` Marius Bakke
2018-04-25 17:00 ` Leo Famulari
2018-04-25 17:02 ` Leo Famulari
2018-05-03 17:49 ` Nils Gillmann
2018-05-03 17:58 ` Nils Gillmann
2018-05-04 12:10 ` Marius Bakke
2018-05-04 13:02 ` Nils Gillmann
2018-08-29 23:31 ` [bug#28004] (no subject) Amirouche Boubekki
2018-09-02 4:37 ` [bug#28004] Chromium FSDG requirements Mark H Weaver
2018-09-02 13:16 ` Marius Bakke
2019-02-02 19:20 ` [PATCH] gnu: Add ungoogled-chromium Marius Bakke
2019-02-03 18:16 ` Joshua Branson
2019-02-04 4:52 ` bill-auger
2019-02-04 5:52 ` brettg
2019-02-04 7:46 ` Ineiev
2019-02-04 10:56 ` bill-auger
2019-02-04 14:43 ` Jean Louis
2019-02-04 12:26 ` [GNU-linux-libre] " Julie Marchant
2019-02-04 15:03 ` bill-auger
2019-02-04 13:46 ` [bug#28004] " Leo Famulari
2019-02-04 14:47 ` bill-auger
2019-02-04 22:34 ` Ludovic Courtès
2019-02-04 22:34 ` [bug#28004] " Ludovic Courtès
2019-02-06 21:04 ` [GNU-linux-libre] " Marius Bakke
2019-02-07 23:52 ` Christopher Lemmer Webber
2019-02-07 23:59 ` Julie Marchant
2019-02-16 8:00 ` bill-auger
2019-02-16 10:25 ` Brett Gilio
2019-02-16 14:18 ` Julie Marchant
2019-02-16 15:37 ` [GNU-linux-libre] " Adam Van Ymeren
2019-02-16 19:47 ` Adonay Felipe Nogueira
2019-02-16 20:01 ` Brett Gilio
2019-02-16 20:06 ` Brett Gilio
2019-02-17 1:39 ` bill-auger
2019-02-17 22:33 ` [GNU-linux-libre] " Ricardo Wurmus
2019-02-18 12:05 ` bill-auger
2019-02-18 12:15 ` Hartmut Goebel
2019-02-18 13:44 ` Tobias Geerinckx-Rice
2019-02-18 19:22 ` Simon Nielsen
2019-02-19 20:45 ` [GNU-linux-libre] " bill-auger
[not found] ` <671b6c83-0ed0-84eb-4cc5-b6a8fd14cb90@fsf.org>
[not found] ` <20190220010728.3426713f@parabola>
[not found] ` <87r2c2ms4l.fsf@fastmail.com>
[not found] ` <20190220114742.0d2034fb@parabola>
[not found] ` <87ftsim7qc.fsf@fastmail.com>
[not found] ` <1740db7c-29c4-137e-85b7-33c9a6b71b16@hyperbola.info>
2019-02-21 8:02 ` bug#34605: ungoogled-chromium: proprietary codecs enabled? Giovanni Biscuolo
2019-02-21 15:50 ` Ricardo Wurmus
2021-11-14 1:29 ` Maxim Cournoyer
2019-02-16 20:07 ` [GNU-linux-libre] [PATCH] gnu: Add ungoogled-chromium Alex Griffin
2019-02-17 1:49 ` bill-auger
2019-02-17 1:37 ` bill-auger
2019-02-17 2:30 ` Julie Marchant
2019-02-17 2:42 ` bill-auger
2019-02-17 4:19 ` Julie Marchant
2019-02-17 7:43 ` bill-auger
2019-02-17 14:06 ` Julie Marchant
2019-02-18 7:43 ` bill-auger
2019-02-17 20:55 ` Christopher Lemmer Webber
2019-02-16 11:16 ` Gábor Boskovits
2019-02-16 12:55 ` ng0
2019-02-16 13:10 ` Gábor Boskovits
2019-02-18 13:47 ` Denis 'GNUtoo' Carikli
2019-02-16 15:10 ` znavko
2019-02-16 15:50 ` Marius Bakke
2019-02-16 16:20 ` [GNU-linux-libre] " Amin Bandali
2019-02-16 16:33 ` Marius Bakke
2019-02-16 19:27 ` Amin Bandali
2019-02-17 2:20 ` bill-auger
2019-02-16 16:34 ` Alexandre Oliva
2019-02-16 16:54 ` Marius Bakke
2019-02-17 3:38 ` bill-auger
2019-02-16 18:56 ` Giovanni Biscuolo
2019-02-19 16:28 ` Giovanni Biscuolo
2019-02-09 14:04 ` Adonay Felipe Nogueira
2019-02-03 20:21 ` Amin Bandali
2019-02-05 5:22 ` [bug#28004] " swedebugia
2019-02-05 5:22 ` swedebugia
2019-02-12 15:58 ` [PATCH v2] " Marius Bakke
2019-02-18 22:43 ` [bug#28004] " Marius Bakke
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wp0s2ewl.fsf@fastmail.com \
--to=mbakke@fastmail.com \
--cc=28004@debbugs.gnu.org \
--cc=ng0@n0.is \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.