Package: guix-patches;
Reported by: Ian Eure <ian <at> retrospec.tv>
Date: Tue, 28 Nov 2023 20:12:01 UTC
Severity: normal
Tags: patch
Done: Andrew Tropin <andrew <at> trop.in>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 67512 in the body.
You can then email your comments to 67512 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 28 Nov 2023 20:12:01 GMT) Full text and rfc822 format available.Ian Eure <ian <at> retrospec.tv>:guix-patches <at> gnu.org.
(Tue, 28 Nov 2023 20:12:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: guix-patches <at> gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH 0/5] Add LibreWolf Date: Tue, 28 Nov 2023 12:09:56 -0800
I mentioned in #guix that I was working on a package for LibreWolf, and it was requested that I send in patches, so I am. These changes are based on the firefox-esr package in nonguix; I've retained the copyright / authorship notices from there. LibreWolf (https://librewolf.net/) is a fork of Firefox which removes the telemetry and advertising, and bundles uBlock Origin. It doesn't have the redistribution issues that Firefox does, its name/logo are under MPL 2.0 and aren't trademarked. I'm new to Guix, and not remotely a browser development expert, so I don't expect these are ready to be accepted yet, but I believe they're in good enough shape to have a discussion about. They're working acceptably well for me, though I'm not currently daily driving Guix, so there may be issues I haven't encountered yet. Guide to changes in this patchset ================================= icu4c has been updated to 73.1, and the previous version kept as icu4c-71. I encountered consistent failures of the node <at> 10.24.1 test suite with icu4c 73.1, so I kept that on 71.1. icu4c is needed by many packages, so this change is the highest-impact in the patchset. The (gnu packages wasm) module is unchanged from nonguix, except for the file header and module declaration. The (gnu packages librewolf) module is a simplified/adapted version of (nongnu packages firefox). The Firefox Nightly packages have been removed, as there's no LibreWolf equivalent. I also didn't bring over the wayland variant, but I could, if that's desired. I'm not sure why there are specific x11/wayland variants, as the packages for other distros don't seem to need this split. The librewolf package has some functions duplicated from (gnu packages gnuzilla), which probably ought to get factored out and put somewhere, but I'm not sure if they should be in (gnu packages mozilla) or a different module. Guidance would be appreciated here. Ian Eure (5): gnu: icu4c: Update to 73.1. gnu: Add icu4c-71. gnu: node: Switch to icu4c-71. gnu: Add wasm packages. gnu: Add librewolf. gnu/packages/icu4c.scm | 21 +- gnu/packages/librewolf.scm | 560 +++++++++++++++++++++++++++++++++++++ gnu/packages/node.scm | 4 +- gnu/packages/wasm.scm | 273 ++++++++++++++++++ 4 files changed, 854 insertions(+), 4 deletions(-) create mode 100644 gnu/packages/librewolf.scm create mode 100644 gnu/packages/wasm.scm base-commit: 2410a30f6c06d56b5589e0ad685bcdf09bb144bf -- 2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 28 Nov 2023 20:14:01 GMT) Full text and rfc822 format available.guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 28 Nov 2023 20:14:02 GMT) Full text and rfc822 format available.Message #11 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH 1/5] gnu: icu4c: Update to 73.1. Date: Tue, 28 Nov 2023 12:13:05 -0800
* gnu/packages/icu4c.scm (icu4c): Update to 73.1.
Change-Id: I77b8186898494e5b677c2e0c4fb0a234747dbd29
---
gnu/packages/icu4c.scm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 5aaf3a8361..64ae109952 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -45,7 +45,7 @@ (define-module (gnu packages icu4c)
(define-public icu4c
(package
(name "icu4c")
- (version "71.1")
+ (version "73.1")
(source (origin
(method url-fetch)
(uri (string-append
@@ -55,7 +55,8 @@ (define-public icu4c
(string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
"-src.tgz"))
(sha256
- (base32 "1gqywaqj9jmdwrng9lm6inyqmi5j2cz36db9dcqg3yk13zjyd9v7"))))
+ (base32
+ "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))))
(build-system gnu-build-system)
(native-inputs
(append (list python-minimal)
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 28 Nov 2023 20:14:03 GMT) Full text and rfc822 format available.Message #14 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH 2/5] gnu: Add icu4c-71. Date: Tue, 28 Nov 2023 12:13:06 -0800
* gnu/packages/icu4c.scm (icu4c-71): New variable.
Change-Id: Iaff0df4d6aaa968cdc43f847bd2ced08d0f3a12e
---
gnu/packages/icu4c.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 64ae109952..376cbac5c6 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -110,6 +110,22 @@ (define-public icu4c
(license x11)
(home-page "http://site.icu-project.org/")))
+(define-public icu4c-71
+ (package
+ (inherit icu4c)
+ (name "icu4c")
+ (version "71.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/unicode-org/icu/releases/download/release-"
+ (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (sha256
+ (base32 "1gqywaqj9jmdwrng9lm6inyqmi5j2cz36db9dcqg3yk13zjyd9v7"))))))
+
(define-public icu4c-70
(package
(inherit icu4c)
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 28 Nov 2023 20:14:03 GMT) Full text and rfc822 format available.Message #17 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH 3/5] gnu: node: Switch to icu4c-71. Date: Tue, 28 Nov 2023 12:13:07 -0800
* gnu/packages/node.scm (node): Switch to icu4c-71.
I encountered consistent test failures with icu4c 73.1.
Change-Id: Iaad9a4f274f9e3b8736486b58f262a82304b0b5d
---
gnu/packages/node.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index 6e30ad486a..668847405d 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -290,7 +290,7 @@ (define-public node
;; Runtime dependencies for binaries used as a bootstrap.
(list c-ares
http-parser
- icu4c
+ icu4c-71
libuv-for-node
`(,nghttp2-for-node "lib")
openssl-1.1
@@ -310,7 +310,7 @@ (define-public node
coreutils
c-ares
http-parser
- icu4c
+ icu4c-71
libuv-for-node
`(,nghttp2-for-node "lib")
openssl
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 28 Nov 2023 20:15:02 GMT) Full text and rfc822 format available.Message #20 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH 5/5] gnu: Add librewolf. Date: Tue, 28 Nov 2023 12:13:09 -0800
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: Iea4dcf45bfaff118d1d9d6e871c4a4ff3e68a3b3
---
gnu/packages/librewolf.scm | 560 +++++++++++++++++++++++++++++++++++++
1 file changed, 560 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..b1e890e518
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,560 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015 Andreas Enge <andreas <at> enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw <at> netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong <at> gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim <at> flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a <at> ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita <at> n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann <at> infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov <at> gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust <at> gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda <at> monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last <at> 163.com>
+;;; Copyright © 2021 pineapples <guixuser6392 <at> protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice <at> waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias <at> protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf <at> wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian <at> retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages wasm)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build firefox, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every firefox update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20231120132923")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "120.0-2")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append
+ "https://gitlab.com/api/v4/projects/32320088/packages/generic/librewolf-source/"
+ version "/librewolf-" version ".source.tar.gz"))
+ (sha256
+ (base32 "17yiw4pql9pf2qgk5a6xjqjjbgplla7fflrw1ldgd07rzsjlvj4n"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang"))
+ (wasi-sysroot #$(this-package-native-input
+ "wasm32-wasi-clang-toolchain")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ ;; "--with-system-png" ;require libpng-apng >= 1.6.35
+ "--with-system-icu"
+ "--enable-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ ;; "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+ ,(string-append "--with-wasi-sysroot="
+ wasi-sysroot "/wasm32-wasi")
+
+ ;; Distribution
+ "--with-distribution-id=org.nonguix"
+ "--disable-official-branding"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow Firefox sandbox to read the store directory,
+ ;; because Firefox sandbox have access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file
+ "dom/media/webspeech/synth/speechd/SpeechDispatcherService.cpp")
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute file
+ `((,(format #f "~s" lib) unquote
+ (λ (line _)
+ (string-replace-substring line lib
+ (string-append #$speech-dispatcher
+ "/lib/"
+ lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Firefox will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does firefox build on
+ ;; non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "WASM_CC"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang"))
+ (setenv "WASM_CXX"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang++"))
+
+ (setenv "MOZ_NOSPAM" "1")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting user's data, including saved passwords and
+ ;; web form data, without users consent. Mozilla was also found shipping updates
+ ;; to systems without the user's knowledge or permission.
+ ;; As a result of this, use the following command to permanently disable
+ ;; telemetry reporting in Firefox.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers & other build tools in
+ ;; about:buildconfig, reducing Firefox's closure by 1 GiB on x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" in all the Name fields
+ (("^(Name.*)(Firefox)(.*)$" prefix _ suffix)
+ (string-append prefix "LibreWolf" suffix))
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\]")
+ "")
+ ;; Replace "Firefox" in the keywords
+ (("^(Keywords.*)(Firefox)(.*)$" prefix _ suffix)
+ (string-append prefix "LibreWolf" suffix))
+ (("Icon=.*")
+ "Icon=librewolf\n")
+ (("NewWindow")
+ "new-window")
+ (("NewPrivateWindow")
+ "new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ ;; libpng-apng
+ libva
+ libvpx
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr-4.32
+ ;; nss
+ pango
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ wasm32-wasi-clang-toolchain
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://mozilla.org/firefox/")
+ (synopsis "Trademarkless version of Firefox")
+ (description
+ "Full-featured browser client built from Firefox source tree, without
+the official icon and the name \"firefox\". This is the Extended Support
+Release (ESR) version.")
+ (license license:mpl2.0)))
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 28 Nov 2023 20:15:03 GMT) Full text and rfc822 format available.Message #23 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH 4/5] gnu: Add wasm packages. Date: Tue, 28 Nov 2023 12:13:08 -0800
* gnu/packages/wasm.scm (wasi-libc): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
Change-Id: I546cb6b7450b760379fb8c3043e48ffc5e714c68
---
gnu/packages/wasm.scm | 273 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 273 insertions(+)
create mode 100644 gnu/packages/wasm.scm
diff --git a/gnu/packages/wasm.scm b/gnu/packages/wasm.scm
new file mode 100644
index 0000000000..05d247f333
--- /dev/null
+++ b/gnu/packages/wasm.scm
@@ -0,0 +1,273 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022-2023 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages wasm)
+ #:use-module (guix base32)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix utils)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages python))
+
+(define-public wasi-libc
+ (package
+ (name "wasi-libc")
+ (version "sdk-19")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/WebAssembly/wasi-libc")
+ (commit (string-append "wasi-" version))
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0bnpz8wk9wiic938296gxp4vz820bvpi1w41jksjzz5552hql169"))))
+ (build-system gnu-build-system)
+ (native-inputs (list clang-15))
+ (arguments
+ (list
+ #:tests? #f ;No test suite
+ ;; Firefox uses wasm2c to compile WebAssembly to C code, and it
+ ;; does not support the memory.copy opcode.
+ ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1773200#c4
+ #:make-flags ''("BULK_MEMORY_SOURCES=")
+ #:phases #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-before 'build 'set-sysroot-include
+ (lambda _
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getcwd) "/sysroot/include"))))
+ (add-before 'install 'set-install-dir
+ (lambda _
+ (setenv "INSTALL_DIR"
+ (string-append #$output "/wasm32-wasi")))))))
+ (home-page "https://wasi.dev")
+ (synopsis "WASI libc implementation for WebAssembly")
+ (description
+ "WASI Libc is a libc for WebAssembly programs built on top of WASI
+system calls. It provides a wide array of POSIX-compatible C APIs, including
+support for standard I/O, file I/O, filesystem manipulation, memory
+management, time, string, environment variables, program startup, and many
+other APIs.")
+ (license (list
+ ;; For wasi-libc, with LLVM exceptions
+ license:asl2.0
+ ;; For malloc.c.
+ license:cc0
+ ;; For cloudlibc.
+ license:bsd-2
+ ;; For wasi-libc and musl-libc.
+ license:expat))))
+
+(define-public wasm32-wasi-clang-runtime
+ (package (inherit clang-runtime-15)
+ (native-inputs
+ (list clang-15
+ wasi-libc))
+ (inputs (list llvm-15))
+ (arguments
+ (list
+ #:build-type "Release"
+ #:tests? #f
+ ;; Stripping binaries breaks wasm linking, resulting in the following
+ ;; error: "archive has no index; run ranlib to add one".
+ #:strip-binaries? #f
+ #:configure-flags
+ #~(list "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ (string-append
+ "-DCMAKE_SYSROOT=" #$wasi-libc "/wasm32-wasi")
+ (string-append
+ "-DCMAKE_C_FLAGS=-I " #$wasi-libc "/wasm32-wasi/include")
+
+ "-DCOMPILER_RT_OS_DIR=wasi"
+
+ "-DCOMPILER_RT_BAREMETAL_BUILD=On"
+ "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=On"
+
+ ;; WASM only needs libclang_rt.builtins-wasm32.a from
+ ;; compiler-rt.
+ "../source/compiler-rt/lib/builtins")))))
+
+;; FIXME: Ideally we wouldn't need to build a separate compiler because clang
+;; can support multiple targets at runtime. However Guix patches the default
+;; clang with a specific clang-runtime package. It would be good to improve
+;; upstream Guix's support for cross-compiling with clang.
+
+(define clang-from-llvm (@@ (gnu packages llvm) clang-from-llvm))
+(define llvm-monorepo (@@ (gnu packages llvm) llvm-monorepo))
+
+(define-public wasm32-wasi-clang
+ (let ((base (clang-from-llvm llvm-15 wasm32-wasi-clang-runtime)))
+ (package
+ (inherit base)
+ (name "wasm32-wasi-clang")
+ (inputs (modify-inputs (package-inputs base)
+ (prepend wasi-libc)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:configure-flags flags)
+ #~(list "-DCLANG_INCLUDE_TESTS=True"
+ ;; Use a sane default include directory.
+ (string-append "-DC_INCLUDE_DIRS="
+ #$wasi-libc "/wasm32-wasi/include")))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (delete 'symlink-cfi_ignorelist))))))))
+
+(define-public wasm32-wasi-libcxx
+ (package
+ (name "wasm32-wasi-libcxx")
+ (version (package-version llvm-15))
+ (source
+ (llvm-monorepo version))
+ (build-system cmake-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(list (string-append "-S ../source/runtimes")
+
+ "-DLLVM_ENABLE_RUNTIMES=libcxx;libcxxabi"
+
+ (string-append "-DCMAKE_SYSROOT="
+ #$wasi-libc "/wasm32-wasi")
+
+ (string-append "-DCMAKE_INCLUDE_PATH="
+ #$wasi-libc
+ "/wasm32-wasi/include")
+
+ (string-append "-DCMAKE_STAGING_PREFIX="
+ #$output "/wasm32-wasi")
+
+ "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_WORKS=ON"
+ "-DCMAKE_CXX_COMPILER=clang++"
+ "-DCMAKE_CXX_COMPILER_WORKS=ON"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ "-DCMAKE_CXX_COMPILER_TARGET=wasm32-wasi"
+
+ "-DLIBCXX_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXX_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXX_ENABLE_SHARED=OFF"
+ "-DLIBCXX_ENABLE_THREADS=OFF"
+ "-DLIBCXX_ENABLE_FILESYSTEM=OFF"
+
+ "-DLIBCXXABI_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXXABI_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXXABI_ENABLE_SHARED=OFF"
+ "-DLIBCXXABI_ENABLE_THREADS=OFF"
+ "-DLIBCXXABI_ENABLE_FILESYSTEM=OFF")
+ #:tests? #f
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'set-paths 'adjust-CPLUS_INCLUDE_PATH
+ (lambda _
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append #$wasi-libc
+ "/wasm32-wasi/include:"
+ (getenv "CPLUS_INCLUDE_PATH"))))))))
+ (native-inputs (list lld python wasm32-wasi-clang))
+ (inputs (list wasi-libc))
+ (home-page "https://libcxx.llvm.org")
+ (synopsis "C++ standard library for WebAssembly")
+ (description
+ "This package provides an implementation of the C++ standard library for
+use with Clang, targeting C++11, C++14 and above. This package targets
+WebAssembly with WASI.")
+ (license license:expat)))
+
+(define-public wasm32-wasi-clang-toolchain
+ (package
+ (name "wasm32-wasi-clang-toolchain")
+ (version (package-version wasm32-wasi-clang))
+ (source
+ #f)
+ (build-system trivial-build-system)
+ (arguments
+ (list
+ #:builder (with-imported-modules '((guix build union)
+ (guix build utils))
+ #~(begin
+ (use-modules (guix build union)
+ (guix build utils))
+ (union-build #$output
+ (list #$wasm32-wasi-clang-runtime
+ #$wasi-libc
+ #$wasm32-wasi-libcxx))
+ (mkdir-p (string-append #$output
+ "/bin"))
+
+ ;; We provide clang and clang++ via a wrapped program that sets
+ ;; include paths correctly so that it does not include paths from
+ ;; the host.
+
+ ;; FIXME: Review how we can provide better support for
+ ;; cross-compiling with clang in Guix, maybe adding support for
+ ;; the CROSS_C_INCLUDE_PATH and CROSS_CPLUS_INCLUDE_PATH
+ ;; environment variables like GCC.
+
+ (for-each (lambda (bin)
+ (symlink (string-append #$wasm32-wasi-clang
+ bin)
+ (string-append #$output
+ bin))
+ (wrap-program (string-append #$output
+ bin)
+ #:sh (string-append #$bash-minimal
+ "/bin/bash")
+ `("C_INCLUDE_PATH"
+ ":" =
+ (,(string-append #$output
+ "/wasm32-wasi/include")))
+ `("CPLUS_INCLUDE_PATH"
+ ":" =
+ ;; Make sure inclure/c++/v1 comes first for #include_next
+ ;; to work.
+ (,(string-append #$output
+ "/wasm32-wasi/include/c++/v1") ,
+ (string-append #$output
+ "/wasm32-wasi/include")))))
+ '("/bin/clang"
+ "/bin/clang++"))
+
+ (symlink (string-append #$lld
+ "/bin/wasm-ld")
+ (string-append #$output
+ "/bin/wasm-ld"))))))
+ (inputs (list bash-minimal
+ lld
+ wasi-libc
+ wasm32-wasi-clang
+ wasm32-wasi-clang-runtime
+ wasm32-wasi-libcxx))
+ (license (cons (package-license wasm32-wasi-clang)
+ (package-license wasi-libc)))
+ (home-page "https://clang.llvm.org")
+ (synopsis
+ "Complete Clang toolchain for C/C++ development, for WebAssembly.")
+ (description
+ "This package provides a complete Clang toolchain for C/C++
+development targeting WebAssembly with WASI. This includes Clang, as well as
+libc, libc++ and wasm-ld.")))
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 10 Dec 2023 21:58:02 GMT) Full text and rfc822 format available.Message #26 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH 0/5] Add LibreWolf Date: Sun, 10 Dec 2023 22:57:26 +0100
Hi! Ian Eure <ian <at> retrospec.tv> skribis: > I mentioned in #guix that I was working on a package for LibreWolf, and it was requested that I send in patches, so I am. These changes are based on the firefox-esr package in nonguix; I've retained the copyright / authorship notices from there. > > LibreWolf (https://librewolf.net/) is a fork of Firefox which removes the telemetry and advertising, and bundles uBlock Origin. It doesn't have the redistribution issues that Firefox does, its name/logo are under MPL 2.0 and aren't trademarked. > > I'm new to Guix, and not remotely a browser development expert, so I don't expect these are ready to be accepted yet, but I believe they're in good enough shape to have a discussion about. They're working acceptably well for me, though I'm not currently daily driving Guix, so there may be issues I haven't encountered yet. This is much appreciated! People often complain that IceCat is based on too old a version of Firefox, so if we can have LibreWolf (or even Firefox without its problematic bits), that’s great. > The librewolf package has some functions duplicated from (gnu packages gnuzilla), which probably ought to get factored out and put somewhere, but I'm not sure if they should be in (gnu packages mozilla) or a different module. Guidance would be appreciated here. To me that’s the main issue here: these packages are complex, and I wouldn’t want us to end up with two (or more!) copies of these beasts. As the person who made the changes, it would be great if you could pinpoint things that had to be changed compared to ‘icecat’. What phases or flags differ? What phases can be factorized? Thanks for your hard work! Ludo’.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 10 Dec 2023 22:43:02 GMT) Full text and rfc822 format available.Message #29 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Ludovic Courtès <ludo <at> gnu.org> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH 0/5] Add LibreWolf Date: Sun, 10 Dec 2023 14:28:35 -0800
Hi, thank you very much for your comments. Ludovic Courtès <ludo <at> gnu.org> writes: > Hi! > > Ian Eure <ian <at> retrospec.tv> skribis: > >> I mentioned in #guix that I was working on a package for >> LibreWolf, >> and it was requested that I send in patches, so I am. These >> changes >> are based on the firefox-esr package in nonguix; I've retained >> the >> copyright / authorship notices from there. >> >> LibreWolf (https://librewolf.net/) is a fork of Firefox which >> removes the telemetry and advertising, and bundles uBlock >> Origin. >> It doesn't have the redistribution issues that Firefox does, >> its >> name/logo are under MPL 2.0 and aren't trademarked. >> >> I'm new to Guix, and not remotely a browser development expert, >> so I >> don't expect these are ready to be accepted yet, but I believe >> they're in good enough shape to have a discussion about. >> They're >> working acceptably well for me, though I'm not currently daily >> driving Guix, so there may be issues I haven't encountered yet. > > This is much appreciated! People often complain that IceCat is > based on > too old a version of Firefox, so if we can have LibreWolf (or > even > Firefox without its problematic bits), that’s great. > IMO, LibreWolf pretty much is Firefox without the problematic bits. It’s been my default browser for several years, and I’m very satisfied with it. >> The librewolf package has some functions duplicated from (gnu >> packages gnuzilla), which probably ought to get factored out >> and put >> somewhere, but I'm not sure if they should be in (gnu packages >> mozilla) or a different module. Guidance would be appreciated >> here. > > To me that’s the main issue here: these packages are complex, > and I > wouldn’t want us to end up with two (or more!) copies of these > beasts. > > As the person who made the changes, it would be great if you > could > pinpoint things that had to be changed compared to ‘icecat’. > What > phases or flags differ? What phases can be factorized? > This work isn’t based on the icecat package, but on the firefox-esr package from nonguix. The duplication I refer to is two small helper functions, `runpath-of' and `runpaths-of-input', totaling nine lines of code; they’re flagged with a comment in the patch. As mentioned in the cover letter, I’m happy to extract these, I just don’t know where they ought to be placed. They’re defined inside a lambda in a gexp, which sounds like it may be challenging to put somewhere accessible to both packages. Skimming the icecat package, not many of the build steps are shared with librewolf, and factoring the commonalities out would IMO result in overly complex, brittle, hard to maintain code that’s worse than the slight duplication between the two packages. If there’s a strong feeling that they must be accounted for, I’ll give it a try, but I don’t believe that it’s the best option. Thanks, — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Thu, 14 Dec 2023 18:40:01 GMT) Full text and rfc822 format available.Message #32 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH 0/5] Add LibreWolf Date: Thu, 14 Dec 2023 19:39:40 +0100
Hi Ian, Ian Eure <ian <at> retrospec.tv> skribis: > Ludovic Courtès <ludo <at> gnu.org> writes: [...] >> This is much appreciated! People often complain that IceCat is >> based on >> too old a version of Firefox, so if we can have LibreWolf (or even >> Firefox without its problematic bits), that’s great. >> > > IMO, LibreWolf pretty much is Firefox without the problematic bits. > It’s been my default browser for several years, and I’m very satisfied > with it. Perfect, then. >> As the person who made the changes, it would be great if you could >> pinpoint things that had to be changed compared to ‘icecat’. What >> phases or flags differ? What phases can be factorized? >> > This work isn’t based on the icecat package, but on the firefox-esr > package from nonguix. The duplication I refer to is two small helper > functions, `runpath-of' and `runpaths-of-input', totaling nine lines > of code; they’re flagged with a comment in the patch. As mentioned in > the cover letter, I’m happy to extract these, I just don’t know where > they ought to be placed. They’re defined inside a lambda in a gexp, > which sounds like it may be challenging to put somewhere accessible to > both packages. > > Skimming the icecat package, not many of the build steps are shared > with librewolf, and factoring the commonalities out would IMO result > in overly complex, brittle, hard to maintain code that’s worse than > the slight duplication between the two packages. If there’s a strong > feeling that they must be accounted for, I’ll give it a try, but I > don’t believe that it’s the best option. Yeah, you’re right that factorizing can be a bad idea when misplaced, so let’s keep it that way. I’ll take a closer look at the patches if nobody beats me at it! Thanks, Ludo’.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 13 Jan 2024 17:54:02 GMT) Full text and rfc822 format available.Message #35 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Herman Rimm <herman <at> rimm.ee> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org Subject: [bug#67512] [PATCH 5/5] gnu: Add librewolf. Date: Sat, 13 Jan 2024 18:53:43 +0100
Hi Ian,
You can enable --with-system-png flag since libpng-apng >= 1.6.35. These
two icecat flags may be required for addons from gnuzilla.gnu.org:
;; Do not require addons in the global app or system directories to
;; be signed by Mozilla.
"--with-unsigned-addon-scopes=app,system"
"--allow-addon-sideload"
This icecat-minimal flag disables DRM:
;; The --disable-eme option is not available on aarch64.
#$(if (target-aarch64?) "" "--disable-eme")
Librewolf should not link to addons.mozilla.org, using this build phase
from torbrowser:
(add-before 'build 'fix-addons-placeholder
(lambda _
(substitute*
"toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
(("addons.mozilla.org") "gnuzilla.gnu.org"))))
Cheers,
Herman
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 17 Jan 2024 15:44:01 GMT) Full text and rfc822 format available.Message #38 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv>, Pierre Langlois <pierre.langlois <at> gmx.com> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH 0/5] Add LibreWolf Date: Wed, 17 Jan 2024 16:43:31 +0100
Hi Ian and Pierre, Thank you for this! I hope to do a review soon. Meanwhile I have one question for Pierre: is there any reason why your Wasm work was contributed to Nonguix instead of Guix? It looks like it could be used by Icecat. Would you say it is ready to be added to the Guix repo? Thank you, Clément On Tue, Nov 28 2023, Ian Eure wrote: > I mentioned in #guix that I was working on a package for LibreWolf, and it was requested that I send in patches, so I am. These changes are based on the firefox-esr package in nonguix; I've retained the copyright / authorship notices from there. > > LibreWolf (https://librewolf.net/) is a fork of Firefox which removes the telemetry and advertising, and bundles uBlock Origin. It doesn't have the redistribution issues that Firefox does, its name/logo are under MPL 2.0 and aren't trademarked. > > I'm new to Guix, and not remotely a browser development expert, so I don't expect these are ready to be accepted yet, but I believe they're in good enough shape to have a discussion about. They're working acceptably well for me, though I'm not currently daily driving Guix, so there may be issues I haven't encountered yet. > > Guide to changes in this patchset > ================================= > > icu4c has been updated to 73.1, and the previous version kept as icu4c-71. I encountered consistent failures of the node <at> 10.24.1 test suite with icu4c 73.1, so I kept that on 71.1. icu4c is needed by many packages, so this change is the highest-impact in the patchset. > > The (gnu packages wasm) module is unchanged from nonguix, except for the file header and module declaration. > > The (gnu packages librewolf) module is a simplified/adapted version of (nongnu packages firefox). The Firefox Nightly packages have been removed, as there's no LibreWolf equivalent. I also didn't bring over the wayland variant, but I could, if that's desired. I'm not sure why there are specific x11/wayland variants, as the packages for other distros don't seem to need this split. > > The librewolf package has some functions duplicated from (gnu packages gnuzilla), which probably ought to get factored out and put somewhere, but I'm not sure if they should be in (gnu packages mozilla) or a different module. Guidance would be appreciated here. > > Ian Eure (5): > gnu: icu4c: Update to 73.1. > gnu: Add icu4c-71. > gnu: node: Switch to icu4c-71. > gnu: Add wasm packages. > gnu: Add librewolf. > > gnu/packages/icu4c.scm | 21 +- > gnu/packages/librewolf.scm | 560 +++++++++++++++++++++++++++++++++++++ > gnu/packages/node.scm | 4 +- > gnu/packages/wasm.scm | 273 ++++++++++++++++++ > 4 files changed, 854 insertions(+), 4 deletions(-) > create mode 100644 gnu/packages/librewolf.scm > create mode 100644 gnu/packages/wasm.scm > > > base-commit: 2410a30f6c06d56b5589e0ad685bcdf09bb144bf
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 28 Jan 2024 21:55:02 GMT) Full text and rfc822 format available.Message #41 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Herman Rimm <herman <at> rimm.ee> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH 5/5] gnu: Add librewolf. Date: Sun, 28 Jan 2024 13:23:40 -0800
Herman Rimm <herman <at> rimm.ee> writes: > Hi Ian, > > You can enable --with-system-png flag since libpng-apng >= > 1.6.35. These > two icecat flags may be required for addons from > gnuzilla.gnu.org: > Thanks, I’ve made this change, along with a few other fixes I found over the last couple weeks. I’ll send an updated patch series, but would like to resolve the issues you raise first, to avoid repeatedly sending the patch series. > This icecat-minimal flag disables DRM: > > ;; The --disable-eme option is not available on aarch64. > #$(if (target-aarch64?) "" "--disable-eme") > LibreWolf disables DRM by default[1], so I don’t believe this flag is necessary. I can confirm that it’s disabled in the browser built from the package definition without this flag. > Librewolf should not link to addons.mozilla.org, using this > build phase > from torbrowser: > What’s the rationale for not using addons.mozilla.org? gnuzilla.gnu.org appears to be broken, it’s serving an Apache default page, as if the vhost isn’t configured. Does the browser request some path within that domain, which does work? I’m not familiar with the mechanism used for this. — Ian [1]: https://librewolf.net/docs/faq/#how-do-i-enable-drm
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 28 Jan 2024 22:55:01 GMT) Full text and rfc822 format available.Message #44 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Herman Rimm <herman <at> rimm.ee> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH 5/5] gnu: Add librewolf. Date: Sun, 28 Jan 2024 14:51:18 -0800
Ian Eure <ian <at> retrospec.tv> writes: >> This icecat-minimal flag disables DRM: >> >> ;; The --disable-eme option is not available on aarch64. >> #$(if (target-aarch64?) "" "--disable-eme") >> > > LibreWolf disables DRM by default[1], so I don’t believe this > flag is > necessary. I can confirm that it’s disabled in the browser > built from > the package definition without this flag. > I looked a bit deeper into this. There are actually no EME-related configuration options in Librewolf at all, either to enable or disable it. It’s always disabled. — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 02 Feb 2024 18:46:01 GMT) Full text and rfc822 format available.Message #47 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Herman Rimm <herman <at> rimm.ee> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org Subject: [bug#67512] [PATCH 5/5] gnu: Add librewolf. Date: Fri, 2 Feb 2024 19:44:49 +0100
On Sun, Jan 28, 2024 at 01:23:40PM -0800, Ian Eure wrote: > > Herman Rimm <herman <at> rimm.ee> writes: > > > Librewolf should not link to addons.mozilla.org, using this build phase > > from torbrowser: > > > > What’s the rationale for not using addons.mozilla.org? > > gnuzilla.gnu.org appears to be broken, it’s serving an Apache default page, > as if the vhost isn’t configured. Does the browser request some path within > that domain, which does work? I’m not familiar with the mechanism used for > this. Apologies, the URL is: https://gnuzilla.gnu.org/mozzarella/. It is used because addons.mozilla.org contains nonfree extensions, from [1]: A free system distribution must not steer users towards obtaining any nonfree information for practical use, or encourage them to do so. The system should have no repositories for nonfree software and no specific recipes for installation of particular nonfree programs. Nor should the distribution refer to third-party repositories that are not committed to only including free software; even if they only have free software today, that may not be true tomorrow. Programs in the system should not suggest installing nonfree plugins, documentation, and so on. For instance, a free system distribution must not contain browsers that implement EME, the browser functionality designed to load DRM modules. >> LibreWolf disables DRM by default[1], so I don’t believe this flag is >> necessary. I can confirm that it’s disabled in the browser built from >> the package definition without this flag. >> > >I looked a bit deeper into this. There are actually no EME-related >configuration options in Librewolf at all, either to enable or disable it. >It’s always disabled. Interesting, I applied the patch series onto 551d013, built librewolf, removed ~/.librewolf and ~/.mozilla, started librewolf and went to about:config, where 'browser.eme.ui.enabled' has the default value 'true', so I can see and toggle the checkbox for 'play DRM-controlled content' in about:preferences. I don't know why 'browser.eme.ui.enabled' is 'true' by default for me, but I think adding --disable-eme will set the default to 'false', like it is in the icecat-minimal about:config. Looking at the firefox source [2], 'browser.eme.ui.enabled' is set to true if MOZ_WIDEVINE_EME is defined, false otherwise. MOZ_WIDEVINE_EME gets defined by being in MOZ_EME_MODULES, which is set to eme_modules in toolkit/moz.configure where a comment reads: # Widevine is enabled by default in desktop browser builds. When running grep in a Librewolf repo [3] for the aformentioned terms, only the --disable-jxl configure flag is modified in toolkit/ moz.configure, so I don't think the Librewolf developers disable EME. I am not sure though, I don't want to rebuild librewolf with the --disable-eme flag to look for the difference. Cheers, Herman [1]: https://www.gnu.org/distros/free-system-distribution-guidelines.en.html [2]: https://archive.mozilla.org/pub/firefox/releases/123.0b5/source/firefox-123.0b5.source.tar.xz [3]: https://codeberg.org/librewolf/source.git
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 07 Feb 2024 04:01:01 GMT) Full text and rfc822 format available.Message #50 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH 5/5] gnu: Add librewolf. Date: Tue, 06 Feb 2024 15:29:22 -0800
Herman Rimm <herman <at> rimm.ee> writes: > On Sun, Jan 28, 2024 at 01:23:40PM -0800, Ian Eure wrote: >> >> Herman Rimm <herman <at> rimm.ee> writes: >> >> > Librewolf should not link to addons.mozilla.org, using this >> > build phase >> > from torbrowser: >> > >> >> What’s the rationale for not using addons.mozilla.org? >> >> gnuzilla.gnu.org appears to be broken, it’s serving an Apache >> default page, >> as if the vhost isn’t configured. Does the browser request >> some path within >> that domain, which does work? I’m not familiar with the >> mechanism used for >> this. > > Apologies, the URL is: https://gnuzilla.gnu.org/mozzarella/. It > is used > because addons.mozilla.org contains nonfree extensions, from > [1]: > I’ll look into this and see what it takes to adjust. >>> LibreWolf disables DRM by default[1], so I don’t believe this >>> flag is >>> necessary. I can confirm that it’s disabled in the browser >>> built from >>> the package definition without this flag. >>> >> >>I looked a bit deeper into this. There are actually no >>EME-related >>configuration options in Librewolf at all, either to enable or >>disable it. >>It’s always disabled. > > Interesting, I applied the patch series onto 551d013, built > librewolf, > removed ~/.librewolf and ~/.mozilla, started librewolf and went > to > about:config, where 'browser.eme.ui.enabled' has the default > value > 'true', so I can see and toggle the checkbox for 'play > DRM-controlled > content' in about:preferences. I don't know why > 'browser.eme.ui.enabled' > is 'true' by default for me, but I think adding --disable-eme > will set > the default to 'false', like it is in the icecat-minimal > about:config. > I completely misunderstood the various settings and systems at play here, which I believe led us to talk past each other. The summary of the situation, best as I can tell, is this: - EME support: a build setting controlling whether the browser supports *any kind* of encrypted media playback. - Widevine support: one kind of DRM, implemented as an EME plugin. - `browser.eme.ui.enabled' browser preference: controls whether the UI for DRM is visible. Controls visibility *only*. A browser build without EME will still show this if `browser.eme.ui.enabled' is `true' (but the control does nothing). A browser build *with* EME (and one or more DRM plugins) can have this set to `false' and still play DRM’d content. - The checkbox within the EME UI: On browsers built with EME and DRM plugin(s), controls whether that is allowed to be used. On browsers without EME+Widevine, does nothing. The default configuration of a clean install of a stock LibreWolf build is: - The browser is built with EME and Widevine support - The UI to enable DRM is visible. - Within that UI, the checkbox is unchecked (meaning DRM is not enabled). I have rebuilt with --disable-eme and confirmed that even with browser.eme.ui.enabled=true and the "Play DRM-controlled content" box checked, the resulting build cannot play DRM’d streams. This was actually somewhat difficult, since I don’t use or have access to any commercial streaming service, but I found a website which lets you test DRM playback, and used that to compare behavior of a LibreWolf binary obtained from the project with my build. Should anyone else want to verify, or need to do this kind of testing, the site is: https://www.nuevodevel.com/nuevo/showcase/drm > When running grep in a Librewolf repo [3] for the aformentioned > terms, > only the --disable-jxl configure flag is modified in toolkit/ > moz.configure, so I don't think the Librewolf developers disable > EME.I > am not sure though, I don't want to rebuild librewolf with the > --disable-eme flag to look for the difference. > The "source" repo contains patches and orchestration to produce the LibreWolf source tarball. The setting which disables DRM by default is in their settings repo[1], which is a submodule. The likely scenario is that you cloned the repo with the eminently reasonable assumption that this would produce a full copy of its contents, and grepped them. Unfortunately, Git submodules are deeply unreasonable, and do not work this way -- you must perform manual actions to populate or update them, which is very easy to forget, especially if one doesn’t work with them regularly. LibreWolf’s specific wording is "We disable DRM by default," which I believe is accurate, but fails to capture the fullness of the situation, i.e. that DRM support is included, but dormant. So you’re also correct that they don’t disable EME -- the disabling happens above that layer. This was not clear to me in the earlier discussions. I’ve removed EME from the build, and will work on replacing Mozilla’s addons with Mozarella, then send an updated patch series. Separately, I’ve also managed to unbundle libpng, libwebp, and nss; fixed the glxinfo utility program; and eliminated a redundant copy of the main binary. Thanks, — Ian [1]: https://gitlab.com/librewolf-community/settings/-/blob/ba238a9ca6bfd509f31e6eb4a45c14c11b7ef7fe/librewolf.cfg#L258-263
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 07 Feb 2024 10:08:02 GMT) Full text and rfc822 format available.Message #53 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH 5/5] gnu: Add librewolf. Date: Wed, 07 Feb 2024 11:06:38 +0100
On Tue, Feb 06 2024, Ian Eure wrote: > I’ve removed EME from the build, and will work on replacing Mozilla’s addons > with Mozarella, then send an updated patch series. For this you can just copy what's done in the Tor Browser package, which is a copy of what's done in upstream Icecat. Cheers
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 19:22:01 GMT) Full text and rfc822 format available.Message #56 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v2 4/4] gnu: Add librewolf. Date: Sun, 11 Feb 2024 11:20:27 -0800
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 653 +++++++++++++++++++++++++++++++++++++
1 file changed, 653 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..32d51eabaf
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,653 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas <at> enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw <at> netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong <at> gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim <at> flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a <at> ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita <at> n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann <at> infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov <at> gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust <at> gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda <at> monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last <at> 163.com>
+;;; Copyright © 2021 pineapples <guixuser6392 <at> protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice <at> waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias <at> protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf <at> wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian <at> retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages wasm)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build firefox, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every firefox update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20240130195200")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "122.0-2")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "0ggysgbazx5dl0l9dyvrpjgzbvivgddm9qyiyvjjfk9im9sljkxh"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang"))
+ (wasi-sysroot #$(this-package-native-input
+ "wasm32-wasi-clang-toolchain")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+ ,(string-append "--with-wasi-sysroot="
+ wasi-sysroot "/wasm32-wasi")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow Firefox sandbox to read the store directory,
+ ;; because Firefox sandbox have access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute file
+ `((,(format #f "~s" lib) unquote
+ (λ (line _)
+ (string-replace-substring line lib
+ (string-append #$speech-dispatcher
+ "/lib/"
+ lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Firefox will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does firefox build on
+ ;; non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "WASM_CC"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang"))
+ (setenv "WASM_CXX"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang++"))
+
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting in Firefox.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build '1fix-addons-placeholder
+ (lambda _
+ (substitute*
+ "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org") "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing Firefox's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (pciutils-lib (string-append (assoc-ref inputs
+ "pciutils") "/lib")))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,pciutils-lib))))))
+ (add-after 'install 'autoconfig
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+ (with-output-to-file (in-vicinity
+ lib "defaults/pref/autoconfig.js")
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ (format #t "pref(~s, ~s);~%"
+ "general.config.filename" config-file)
+ (format #t "pref(~s, ~a);~%"
+ "general.config.obscure_value" "0")))
+ (with-output-to-file (in-vicinity lib config-file)
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (format #t "pref(~s, ~a);~%"
+ "extensions.enabledScopes" "13")
+ ;; (format #t "pref(~s, ~s);~%"
+ ;; "security.sandbox.content.read_path_whitelist"
+ ;; (call-with-input-file "whitelist.txt"
+ ;; get-string-all))
+ ;; Add-ons pannel (see settings.js in Icecat source).
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.search.browseURL"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.get.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.link.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.discovery.api_url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.langpacks.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "lightweightThemes.getMoreURL"
+ "https://gnuzilla.gnu.org/mozzarella"))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (apng-lib (string-append (assoc-ref inputs
+ "libpng-apng") "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,apng-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ wasm32-wasi-clang-toolchain
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://mozilla.org/firefox/")
+ (synopsis "Trademarkless version of Firefox")
+ (description
+ "Full-featured browser client built from Firefox source tree, without
+the official icon and the name \"firefox\". This is the Extended Support
+Release (ESR) version.")
+ (license license:mpl2.0)))
--
2.39.2
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 19:27:01 GMT) Full text and rfc822 format available.Message #59 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v2 0/4] Add Librewolf Date: Sun, 11 Feb 2024 11:20:23 -0800
Updated patch series. * Updates LibreWolf to 122.0-2. * Moved the icu4c-73-future package definition in (gnu packages gnuzilla) to (gnu packages icu4c). * Updating icu4c to 73.1 would cause a world rebuild, so this is added as `icu4c-73' to avoid that. * Disabled EME. * Uses GNU Mozzarella instead of Firefox for addons. * Updates NSS package. * Unbundles libpng-apng, libwebp, nss, libevent, and libvpx. I believe this addresses all the items I received feedback on. Ian Eure (4): gnu: Move icu4c-73 from gnuzilla to icu4c. gnu: nss: Update to 3.97. gnu: Add wasm packages. gnu: Add librewolf. gnu/packages/certs.scm | 4 +- gnu/packages/gnuzilla.scm | 27 +- gnu/packages/icu4c.scm | 22 ++ gnu/packages/librewolf.scm | 653 +++++++++++++++++++++++++++++++++++++ gnu/packages/nss.scm | 6 +- gnu/packages/wasm.scm | 273 ++++++++++++++++ 6 files changed, 954 insertions(+), 31 deletions(-) create mode 100644 gnu/packages/librewolf.scm create mode 100644 gnu/packages/wasm.scm -- 2.39.2
clement <at> lassieur.org, jonathan.brielmaier <at> web.de, mhw <at> netris.org, guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 19:27:02 GMT) Full text and rfc822 format available.Message #62 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Sun, 11 Feb 2024 11:20:24 -0800
* gnu/packages/icu4c.scm (icu4c-73): New variable.
* gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
---
gnu/packages/gnuzilla.scm | 27 +--------------------------
gnu/packages/icu4c.scm | 22 ++++++++++++++++++++++
2 files changed, 23 insertions(+), 26 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 5f77512427..094ff348e9 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -375,31 +375,6 @@ (define-public mozjs-78
(list icu4c-69 readline zlib))))
-;;
-;; Needed for IceCat 115.
-;;
-(define icu4c-73-promise
- (delay
- (package
- (inherit icu4c)
- (version "73.1")
- (source (origin
- (method url-fetch)
- (uri (string-append
- "https://github.com/unicode-org/icu/releases/download/release-"
- (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
- "/icu4c-"
- (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
- "-src.tgz"))
- (sha256
- (base32
- "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
- (patches
- (cons
- (search-patch
- "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
- (origin-patches (package-source icu4c)))))))))
-
;;;
;;; Localization helper procedures.
;;;
@@ -757,7 +732,7 @@ (define-public icecat-minimal
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force icu4c-73-promise)
+ icu4c-73
pixman
pulseaudio
mesa
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 5aaf3a8361..0dfe63b20a 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -109,6 +109,28 @@ (define-public icu4c
(license x11)
(home-page "http://site.icu-project.org/")))
+(define-public icu4c-73
+ (package
+ (inherit icu4c)
+ (name "icu4c")
+ (version "73.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/unicode-org/icu/releases/download/release-"
+ (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (sha256
+ (base32
+ "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
+ (patches
+ (cons
+ (search-patch
+ "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
+ (origin-patches (package-source icu4c))))))))
+
(define-public icu4c-70
(package
(inherit icu4c)
--
2.39.2
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 19:27:02 GMT) Full text and rfc822 format available.Message #65 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v2 3/4] gnu: Add wasm packages. Date: Sun, 11 Feb 2024 11:20:26 -0800
* gnu/packages/wasm.scm (wasi-libc): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
---
gnu/packages/wasm.scm | 273 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 273 insertions(+)
create mode 100644 gnu/packages/wasm.scm
diff --git a/gnu/packages/wasm.scm b/gnu/packages/wasm.scm
new file mode 100644
index 0000000000..05d247f333
--- /dev/null
+++ b/gnu/packages/wasm.scm
@@ -0,0 +1,273 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022-2023 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages wasm)
+ #:use-module (guix base32)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix utils)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages python))
+
+(define-public wasi-libc
+ (package
+ (name "wasi-libc")
+ (version "sdk-19")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/WebAssembly/wasi-libc")
+ (commit (string-append "wasi-" version))
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0bnpz8wk9wiic938296gxp4vz820bvpi1w41jksjzz5552hql169"))))
+ (build-system gnu-build-system)
+ (native-inputs (list clang-15))
+ (arguments
+ (list
+ #:tests? #f ;No test suite
+ ;; Firefox uses wasm2c to compile WebAssembly to C code, and it
+ ;; does not support the memory.copy opcode.
+ ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1773200#c4
+ #:make-flags ''("BULK_MEMORY_SOURCES=")
+ #:phases #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-before 'build 'set-sysroot-include
+ (lambda _
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getcwd) "/sysroot/include"))))
+ (add-before 'install 'set-install-dir
+ (lambda _
+ (setenv "INSTALL_DIR"
+ (string-append #$output "/wasm32-wasi")))))))
+ (home-page "https://wasi.dev")
+ (synopsis "WASI libc implementation for WebAssembly")
+ (description
+ "WASI Libc is a libc for WebAssembly programs built on top of WASI
+system calls. It provides a wide array of POSIX-compatible C APIs, including
+support for standard I/O, file I/O, filesystem manipulation, memory
+management, time, string, environment variables, program startup, and many
+other APIs.")
+ (license (list
+ ;; For wasi-libc, with LLVM exceptions
+ license:asl2.0
+ ;; For malloc.c.
+ license:cc0
+ ;; For cloudlibc.
+ license:bsd-2
+ ;; For wasi-libc and musl-libc.
+ license:expat))))
+
+(define-public wasm32-wasi-clang-runtime
+ (package (inherit clang-runtime-15)
+ (native-inputs
+ (list clang-15
+ wasi-libc))
+ (inputs (list llvm-15))
+ (arguments
+ (list
+ #:build-type "Release"
+ #:tests? #f
+ ;; Stripping binaries breaks wasm linking, resulting in the following
+ ;; error: "archive has no index; run ranlib to add one".
+ #:strip-binaries? #f
+ #:configure-flags
+ #~(list "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ (string-append
+ "-DCMAKE_SYSROOT=" #$wasi-libc "/wasm32-wasi")
+ (string-append
+ "-DCMAKE_C_FLAGS=-I " #$wasi-libc "/wasm32-wasi/include")
+
+ "-DCOMPILER_RT_OS_DIR=wasi"
+
+ "-DCOMPILER_RT_BAREMETAL_BUILD=On"
+ "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=On"
+
+ ;; WASM only needs libclang_rt.builtins-wasm32.a from
+ ;; compiler-rt.
+ "../source/compiler-rt/lib/builtins")))))
+
+;; FIXME: Ideally we wouldn't need to build a separate compiler because clang
+;; can support multiple targets at runtime. However Guix patches the default
+;; clang with a specific clang-runtime package. It would be good to improve
+;; upstream Guix's support for cross-compiling with clang.
+
+(define clang-from-llvm (@@ (gnu packages llvm) clang-from-llvm))
+(define llvm-monorepo (@@ (gnu packages llvm) llvm-monorepo))
+
+(define-public wasm32-wasi-clang
+ (let ((base (clang-from-llvm llvm-15 wasm32-wasi-clang-runtime)))
+ (package
+ (inherit base)
+ (name "wasm32-wasi-clang")
+ (inputs (modify-inputs (package-inputs base)
+ (prepend wasi-libc)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:configure-flags flags)
+ #~(list "-DCLANG_INCLUDE_TESTS=True"
+ ;; Use a sane default include directory.
+ (string-append "-DC_INCLUDE_DIRS="
+ #$wasi-libc "/wasm32-wasi/include")))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (delete 'symlink-cfi_ignorelist))))))))
+
+(define-public wasm32-wasi-libcxx
+ (package
+ (name "wasm32-wasi-libcxx")
+ (version (package-version llvm-15))
+ (source
+ (llvm-monorepo version))
+ (build-system cmake-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(list (string-append "-S ../source/runtimes")
+
+ "-DLLVM_ENABLE_RUNTIMES=libcxx;libcxxabi"
+
+ (string-append "-DCMAKE_SYSROOT="
+ #$wasi-libc "/wasm32-wasi")
+
+ (string-append "-DCMAKE_INCLUDE_PATH="
+ #$wasi-libc
+ "/wasm32-wasi/include")
+
+ (string-append "-DCMAKE_STAGING_PREFIX="
+ #$output "/wasm32-wasi")
+
+ "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_WORKS=ON"
+ "-DCMAKE_CXX_COMPILER=clang++"
+ "-DCMAKE_CXX_COMPILER_WORKS=ON"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ "-DCMAKE_CXX_COMPILER_TARGET=wasm32-wasi"
+
+ "-DLIBCXX_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXX_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXX_ENABLE_SHARED=OFF"
+ "-DLIBCXX_ENABLE_THREADS=OFF"
+ "-DLIBCXX_ENABLE_FILESYSTEM=OFF"
+
+ "-DLIBCXXABI_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXXABI_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXXABI_ENABLE_SHARED=OFF"
+ "-DLIBCXXABI_ENABLE_THREADS=OFF"
+ "-DLIBCXXABI_ENABLE_FILESYSTEM=OFF")
+ #:tests? #f
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'set-paths 'adjust-CPLUS_INCLUDE_PATH
+ (lambda _
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append #$wasi-libc
+ "/wasm32-wasi/include:"
+ (getenv "CPLUS_INCLUDE_PATH"))))))))
+ (native-inputs (list lld python wasm32-wasi-clang))
+ (inputs (list wasi-libc))
+ (home-page "https://libcxx.llvm.org")
+ (synopsis "C++ standard library for WebAssembly")
+ (description
+ "This package provides an implementation of the C++ standard library for
+use with Clang, targeting C++11, C++14 and above. This package targets
+WebAssembly with WASI.")
+ (license license:expat)))
+
+(define-public wasm32-wasi-clang-toolchain
+ (package
+ (name "wasm32-wasi-clang-toolchain")
+ (version (package-version wasm32-wasi-clang))
+ (source
+ #f)
+ (build-system trivial-build-system)
+ (arguments
+ (list
+ #:builder (with-imported-modules '((guix build union)
+ (guix build utils))
+ #~(begin
+ (use-modules (guix build union)
+ (guix build utils))
+ (union-build #$output
+ (list #$wasm32-wasi-clang-runtime
+ #$wasi-libc
+ #$wasm32-wasi-libcxx))
+ (mkdir-p (string-append #$output
+ "/bin"))
+
+ ;; We provide clang and clang++ via a wrapped program that sets
+ ;; include paths correctly so that it does not include paths from
+ ;; the host.
+
+ ;; FIXME: Review how we can provide better support for
+ ;; cross-compiling with clang in Guix, maybe adding support for
+ ;; the CROSS_C_INCLUDE_PATH and CROSS_CPLUS_INCLUDE_PATH
+ ;; environment variables like GCC.
+
+ (for-each (lambda (bin)
+ (symlink (string-append #$wasm32-wasi-clang
+ bin)
+ (string-append #$output
+ bin))
+ (wrap-program (string-append #$output
+ bin)
+ #:sh (string-append #$bash-minimal
+ "/bin/bash")
+ `("C_INCLUDE_PATH"
+ ":" =
+ (,(string-append #$output
+ "/wasm32-wasi/include")))
+ `("CPLUS_INCLUDE_PATH"
+ ":" =
+ ;; Make sure inclure/c++/v1 comes first for #include_next
+ ;; to work.
+ (,(string-append #$output
+ "/wasm32-wasi/include/c++/v1") ,
+ (string-append #$output
+ "/wasm32-wasi/include")))))
+ '("/bin/clang"
+ "/bin/clang++"))
+
+ (symlink (string-append #$lld
+ "/bin/wasm-ld")
+ (string-append #$output
+ "/bin/wasm-ld"))))))
+ (inputs (list bash-minimal
+ lld
+ wasi-libc
+ wasm32-wasi-clang
+ wasm32-wasi-clang-runtime
+ wasm32-wasi-libcxx))
+ (license (cons (package-license wasm32-wasi-clang)
+ (package-license wasi-libc)))
+ (home-page "https://clang.llvm.org")
+ (synopsis
+ "Complete Clang toolchain for C/C++ development, for WebAssembly.")
+ (description
+ "This package provides a complete Clang toolchain for C/C++
+development targeting WebAssembly with WASI. This includes Clang, as well as
+libc, libc++ and wasm-ld.")))
--
2.39.2
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 19:37:02 GMT) Full text and rfc822 format available.Message #68 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v2 2/4] gnu: nss: Update to 3.97. Date: Sun, 11 Feb 2024 11:20:25 -0800
* gnu/packages/nss.scm (nss): Update to 3.97.
* gnu/packages/certs.scm (nss-certs): Update to 3.97.
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..2a6106df78 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..268ddaa24f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.39.2
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 20:24:02 GMT) Full text and rfc822 format available.Message #71 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH v2 0/4] Add Librewolf Date: Sun, 11 Feb 2024 21:22:37 +0100
On Sun, Feb 11 2024, Ian Eure wrote: > Updated patch series. > > * Updates LibreWolf to 122.0-2. > * Moved the icu4c-73-future package definition in (gnu packages gnuzilla) to (gnu packages icu4c). > * Updating icu4c to 73.1 would cause a world rebuild, so this is added as `icu4c-73' to avoid that. > * Disabled EME. > * Uses GNU Mozzarella instead of Firefox for addons. > * Updates NSS package. > * Unbundles libpng-apng, libwebp, nss, libevent, and libvpx. Well we still have no news from the Wasm person?
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 22:00:02 GMT) Full text and rfc822 format available.Message #74 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Mark H Weaver <mhw <at> netris.org> To: Ian Eure <ian <at> retrospec.tv>, 67512 <at> debbugs.gnu.org Cc: Jonathan Brielmaier <jonathan.brielmaier <at> web.de>, Clément Lassieur <clement <at> lassieur.org> Subject: Re: [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Sun, 11 Feb 2024 16:40:39 -0500
Ian Eure <ian <at> retrospec.tv> writes:
> * gnu/packages/icu4c.scm (icu4c-73): New variable.
> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
Looks good to me.
Thanks,
Mark
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 22:15:02 GMT) Full text and rfc822 format available.Message #77 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Jonathan Brielmaier <jonathan.brielmaier <at> web.de> Subject: Re: [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Sun, 11 Feb 2024 23:14:01 +0100
On Sun, Feb 11 2024, Ian Eure wrote: > * gnu/packages/icu4c.scm (icu4c-73): New variable. > * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable. > > Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab I'm sorry, but with this patch neither mullvadbrowser or torbrowser builds. I get: --8<---------------cut here---------------start------------->8--- error: icu4c-73-promise: unbound variable --8<---------------cut here---------------end--------------->8--- Clément
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 23:24:02 GMT) Full text and rfc822 format available.Message #80 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH v2 0/4] Add Librewolf Date: Sun, 11 Feb 2024 15:23:04 -0800
Clément Lassieur <clement <at> lassieur.org> writes: > On Sun, Feb 11 2024, Ian Eure wrote: > >> Updated patch series. >> >> * Updates LibreWolf to 122.0-2. >> * Moved the icu4c-73-future package definition in (gnu packages >> gnuzilla) to (gnu packages icu4c). >> * Updating icu4c to 73.1 would cause a world rebuild, so this >> is added as `icu4c-73' to avoid that. >> * Disabled EME. >> * Uses GNU Mozzarella instead of Firefox for addons. >> * Updates NSS package. >> * Unbundles libpng-apng, libwebp, nss, libevent, and libvpx. > > Well we still have no news from the Wasm person? > Seems like no.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 23:31:02 GMT) Full text and rfc822 format available.Message #83 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Sun, 11 Feb 2024 15:23:39 -0800
Clément Lassieur <clement <at> lassieur.org> writes: > On Sun, Feb 11 2024, Ian Eure wrote: > >> * gnu/packages/icu4c.scm (icu4c-73): New variable. >> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete >> variable. >> >> Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab > > I'm sorry, but with this patch neither mullvadbrowser or > torbrowser > builds. > > I get: > > error: icu4c-73-promise: unbound variable > It’s a oneliner fix, I’ll have an updated patch momentarily. The root of the issue is that `make-torbrowser' is very naughty and uses the unexported icu4c-73-promise symbol from (gnu packages gnuzilla), so it broke when I moved it to the proper (gnu packages icu4c) module. — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 23:33:02 GMT) Full text and rfc822 format available.Message #86 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH v2 0/4] Add Librewolf Date: Mon, 12 Feb 2024 00:32:07 +0100
On Sun, Feb 11 2024, Ian Eure wrote: > Clément Lassieur <clement <at> lassieur.org> writes: > >> On Sun, Feb 11 2024, Ian Eure wrote: >> >>> Updated patch series. >>> >>> * Updates LibreWolf to 122.0-2. >>> * Moved the icu4c-73-future package definition in (gnu packages gnuzilla) >>> to (gnu packages icu4c). >>> * Updating icu4c to 73.1 would cause a world rebuild, so this is added as >>> `icu4c-73' to avoid that. >>> * Disabled EME. >>> * Uses GNU Mozzarella instead of Firefox for addons. >>> * Updates NSS package. >>> * Unbundles libpng-apng, libwebp, nss, libevent, and libvpx. >> >> Well we still have no news from the Wasm person? >> > > Seems like no. Unrelated, but please do "reply to all", it helps.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 23:35:02 GMT) Full text and rfc822 format available.Message #89 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [bug#67512] [PATCH v2 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Mon, 12 Feb 2024 00:34:23 +0100
On Sun, Feb 11 2024, Ian Eure wrote: > Clément Lassieur <clement <at> lassieur.org> writes: > >> On Sun, Feb 11 2024, Ian Eure wrote: >> >>> * gnu/packages/icu4c.scm (icu4c-73): New variable. >>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable. >>> >>> Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab >> >> I'm sorry, but with this patch neither mullvadbrowser or torbrowser >> builds. >> >> I get: >> >> error: icu4c-73-promise: unbound variable >> > > It’s a oneliner fix, I’ll have an updated patch momentarily. > > The root of the issue is that `make-torbrowser' is very naughty and uses the > unexported icu4c-73-promise symbol from (gnu packages gnuzilla), so it broke > when I moved it to the proper (gnu packages icu4c) module. Well thanks for making it less naughty then ;)
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 23:51:02 GMT) Full text and rfc822 format available.Message #92 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v3 2/4] gnu: nss: Update to 3.97. Date: Sun, 11 Feb 2024 15:49:42 -0800
* gnu/packages/nss.scm (nss): Update to 3.97.
* gnu/packages/certs.scm (nss-certs): Update to 3.97.
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..2a6106df78 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..268ddaa24f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.39.2
clement <at> lassieur.org, jonathan.brielmaier <at> web.de, mhw <at> netris.org, guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 23:51:02 GMT) Full text and rfc822 format available.Message #95 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v3 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Sun, 11 Feb 2024 15:49:41 -0800
* gnu/packages/icu4c.scm (icu4c-73): New variable.
* gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
---
gnu/packages/gnuzilla.scm | 27 +--------------------------
gnu/packages/icu4c.scm | 22 ++++++++++++++++++++++
gnu/packages/tor-browsers.scm | 3 ++-
3 files changed, 25 insertions(+), 27 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 5f77512427..094ff348e9 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -375,31 +375,6 @@ (define-public mozjs-78
(list icu4c-69 readline zlib))))
-;;
-;; Needed for IceCat 115.
-;;
-(define icu4c-73-promise
- (delay
- (package
- (inherit icu4c)
- (version "73.1")
- (source (origin
- (method url-fetch)
- (uri (string-append
- "https://github.com/unicode-org/icu/releases/download/release-"
- (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
- "/icu4c-"
- (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
- "-src.tgz"))
- (sha256
- (base32
- "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
- (patches
- (cons
- (search-patch
- "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
- (origin-patches (package-source icu4c)))))))))
-
;;;
;;; Localization helper procedures.
;;;
@@ -757,7 +732,7 @@ (define-public icecat-minimal
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force icu4c-73-promise)
+ icu4c-73
pixman
pulseaudio
mesa
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 5aaf3a8361..0dfe63b20a 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -109,6 +109,28 @@ (define-public icu4c
(license x11)
(home-page "http://site.icu-project.org/")))
+(define-public icu4c-73
+ (package
+ (inherit icu4c)
+ (name "icu4c")
+ (version "73.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/unicode-org/icu/releases/download/release-"
+ (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (sha256
+ (base32
+ "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
+ (patches
+ (cons
+ (search-patch
+ "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
+ (origin-patches (package-source icu4c))))))))
+
(define-public icu4c-70
(package
(inherit icu4c)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index c4ce997b99..ee5e072102 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -52,6 +52,7 @@ (define-module (gnu packages tor-browsers)
#:use-module (gnu packages golang)
#:use-module (gnu packages gtk)
#:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
#:use-module (gnu packages image)
#:use-module (gnu packages kerberos)
#:use-module (gnu packages libcanberra)
@@ -270,7 +271,7 @@ (define* (make-torbrowser #:key
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force (@@ (gnu packages gnuzilla) icu4c-73-promise))
+ icu4c-73
pixman
pulseaudio
mesa
--
2.39.2
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 23:51:03 GMT) Full text and rfc822 format available.Message #98 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v3 4/4] gnu: Add librewolf. Date: Sun, 11 Feb 2024 15:49:44 -0800
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 653 +++++++++++++++++++++++++++++++++++++
1 file changed, 653 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..32d51eabaf
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,653 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas <at> enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw <at> netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong <at> gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim <at> flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a <at> ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita <at> n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann <at> infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov <at> gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust <at> gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda <at> monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last <at> 163.com>
+;;; Copyright © 2021 pineapples <guixuser6392 <at> protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice <at> waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias <at> protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf <at> wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian <at> retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages wasm)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build firefox, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every firefox update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20240130195200")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "122.0-2")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "0ggysgbazx5dl0l9dyvrpjgzbvivgddm9qyiyvjjfk9im9sljkxh"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang"))
+ (wasi-sysroot #$(this-package-native-input
+ "wasm32-wasi-clang-toolchain")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+ ,(string-append "--with-wasi-sysroot="
+ wasi-sysroot "/wasm32-wasi")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow Firefox sandbox to read the store directory,
+ ;; because Firefox sandbox have access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute file
+ `((,(format #f "~s" lib) unquote
+ (λ (line _)
+ (string-replace-substring line lib
+ (string-append #$speech-dispatcher
+ "/lib/"
+ lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Firefox will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does firefox build on
+ ;; non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "WASM_CC"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang"))
+ (setenv "WASM_CXX"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang++"))
+
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting in Firefox.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build '1fix-addons-placeholder
+ (lambda _
+ (substitute*
+ "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org") "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing Firefox's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (pciutils-lib (string-append (assoc-ref inputs
+ "pciutils") "/lib")))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,pciutils-lib))))))
+ (add-after 'install 'autoconfig
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+ (with-output-to-file (in-vicinity
+ lib "defaults/pref/autoconfig.js")
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ (format #t "pref(~s, ~s);~%"
+ "general.config.filename" config-file)
+ (format #t "pref(~s, ~a);~%"
+ "general.config.obscure_value" "0")))
+ (with-output-to-file (in-vicinity lib config-file)
+ (lambda ()
+ (format #t "// first line must be a comment~%")
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (format #t "pref(~s, ~a);~%"
+ "extensions.enabledScopes" "13")
+ ;; (format #t "pref(~s, ~s);~%"
+ ;; "security.sandbox.content.read_path_whitelist"
+ ;; (call-with-input-file "whitelist.txt"
+ ;; get-string-all))
+ ;; Add-ons pannel (see settings.js in Icecat source).
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.search.browseURL"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.get.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.link.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.discovery.api_url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "extensions.getAddons.langpacks.url"
+ "https://gnuzilla.gnu.org/mozzarella")
+ (format #t "pref(~s, ~s);~%"
+ "lightweightThemes.getMoreURL"
+ "https://gnuzilla.gnu.org/mozzarella"))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (apng-lib (string-append (assoc-ref inputs
+ "libpng-apng") "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,apng-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ wasm32-wasi-clang-toolchain
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://mozilla.org/firefox/")
+ (synopsis "Trademarkless version of Firefox")
+ (description
+ "Full-featured browser client built from Firefox source tree, without
+the official icon and the name \"firefox\". This is the Extended Support
+Release (ESR) version.")
+ (license license:mpl2.0)))
--
2.39.2
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 11 Feb 2024 23:51:03 GMT) Full text and rfc822 format available.Message #101 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v3 3/4] gnu: Add wasm packages. Date: Sun, 11 Feb 2024 15:49:43 -0800
* gnu/packages/wasm.scm (wasi-libc): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
---
gnu/packages/wasm.scm | 273 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 273 insertions(+)
create mode 100644 gnu/packages/wasm.scm
diff --git a/gnu/packages/wasm.scm b/gnu/packages/wasm.scm
new file mode 100644
index 0000000000..05d247f333
--- /dev/null
+++ b/gnu/packages/wasm.scm
@@ -0,0 +1,273 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022-2023 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages wasm)
+ #:use-module (guix base32)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix utils)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages python))
+
+(define-public wasi-libc
+ (package
+ (name "wasi-libc")
+ (version "sdk-19")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/WebAssembly/wasi-libc")
+ (commit (string-append "wasi-" version))
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0bnpz8wk9wiic938296gxp4vz820bvpi1w41jksjzz5552hql169"))))
+ (build-system gnu-build-system)
+ (native-inputs (list clang-15))
+ (arguments
+ (list
+ #:tests? #f ;No test suite
+ ;; Firefox uses wasm2c to compile WebAssembly to C code, and it
+ ;; does not support the memory.copy opcode.
+ ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1773200#c4
+ #:make-flags ''("BULK_MEMORY_SOURCES=")
+ #:phases #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-before 'build 'set-sysroot-include
+ (lambda _
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getcwd) "/sysroot/include"))))
+ (add-before 'install 'set-install-dir
+ (lambda _
+ (setenv "INSTALL_DIR"
+ (string-append #$output "/wasm32-wasi")))))))
+ (home-page "https://wasi.dev")
+ (synopsis "WASI libc implementation for WebAssembly")
+ (description
+ "WASI Libc is a libc for WebAssembly programs built on top of WASI
+system calls. It provides a wide array of POSIX-compatible C APIs, including
+support for standard I/O, file I/O, filesystem manipulation, memory
+management, time, string, environment variables, program startup, and many
+other APIs.")
+ (license (list
+ ;; For wasi-libc, with LLVM exceptions
+ license:asl2.0
+ ;; For malloc.c.
+ license:cc0
+ ;; For cloudlibc.
+ license:bsd-2
+ ;; For wasi-libc and musl-libc.
+ license:expat))))
+
+(define-public wasm32-wasi-clang-runtime
+ (package (inherit clang-runtime-15)
+ (native-inputs
+ (list clang-15
+ wasi-libc))
+ (inputs (list llvm-15))
+ (arguments
+ (list
+ #:build-type "Release"
+ #:tests? #f
+ ;; Stripping binaries breaks wasm linking, resulting in the following
+ ;; error: "archive has no index; run ranlib to add one".
+ #:strip-binaries? #f
+ #:configure-flags
+ #~(list "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ (string-append
+ "-DCMAKE_SYSROOT=" #$wasi-libc "/wasm32-wasi")
+ (string-append
+ "-DCMAKE_C_FLAGS=-I " #$wasi-libc "/wasm32-wasi/include")
+
+ "-DCOMPILER_RT_OS_DIR=wasi"
+
+ "-DCOMPILER_RT_BAREMETAL_BUILD=On"
+ "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=On"
+
+ ;; WASM only needs libclang_rt.builtins-wasm32.a from
+ ;; compiler-rt.
+ "../source/compiler-rt/lib/builtins")))))
+
+;; FIXME: Ideally we wouldn't need to build a separate compiler because clang
+;; can support multiple targets at runtime. However Guix patches the default
+;; clang with a specific clang-runtime package. It would be good to improve
+;; upstream Guix's support for cross-compiling with clang.
+
+(define clang-from-llvm (@@ (gnu packages llvm) clang-from-llvm))
+(define llvm-monorepo (@@ (gnu packages llvm) llvm-monorepo))
+
+(define-public wasm32-wasi-clang
+ (let ((base (clang-from-llvm llvm-15 wasm32-wasi-clang-runtime)))
+ (package
+ (inherit base)
+ (name "wasm32-wasi-clang")
+ (inputs (modify-inputs (package-inputs base)
+ (prepend wasi-libc)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:configure-flags flags)
+ #~(list "-DCLANG_INCLUDE_TESTS=True"
+ ;; Use a sane default include directory.
+ (string-append "-DC_INCLUDE_DIRS="
+ #$wasi-libc "/wasm32-wasi/include")))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (delete 'symlink-cfi_ignorelist))))))))
+
+(define-public wasm32-wasi-libcxx
+ (package
+ (name "wasm32-wasi-libcxx")
+ (version (package-version llvm-15))
+ (source
+ (llvm-monorepo version))
+ (build-system cmake-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(list (string-append "-S ../source/runtimes")
+
+ "-DLLVM_ENABLE_RUNTIMES=libcxx;libcxxabi"
+
+ (string-append "-DCMAKE_SYSROOT="
+ #$wasi-libc "/wasm32-wasi")
+
+ (string-append "-DCMAKE_INCLUDE_PATH="
+ #$wasi-libc
+ "/wasm32-wasi/include")
+
+ (string-append "-DCMAKE_STAGING_PREFIX="
+ #$output "/wasm32-wasi")
+
+ "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_WORKS=ON"
+ "-DCMAKE_CXX_COMPILER=clang++"
+ "-DCMAKE_CXX_COMPILER_WORKS=ON"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ "-DCMAKE_CXX_COMPILER_TARGET=wasm32-wasi"
+
+ "-DLIBCXX_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXX_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXX_ENABLE_SHARED=OFF"
+ "-DLIBCXX_ENABLE_THREADS=OFF"
+ "-DLIBCXX_ENABLE_FILESYSTEM=OFF"
+
+ "-DLIBCXXABI_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXXABI_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXXABI_ENABLE_SHARED=OFF"
+ "-DLIBCXXABI_ENABLE_THREADS=OFF"
+ "-DLIBCXXABI_ENABLE_FILESYSTEM=OFF")
+ #:tests? #f
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'set-paths 'adjust-CPLUS_INCLUDE_PATH
+ (lambda _
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append #$wasi-libc
+ "/wasm32-wasi/include:"
+ (getenv "CPLUS_INCLUDE_PATH"))))))))
+ (native-inputs (list lld python wasm32-wasi-clang))
+ (inputs (list wasi-libc))
+ (home-page "https://libcxx.llvm.org")
+ (synopsis "C++ standard library for WebAssembly")
+ (description
+ "This package provides an implementation of the C++ standard library for
+use with Clang, targeting C++11, C++14 and above. This package targets
+WebAssembly with WASI.")
+ (license license:expat)))
+
+(define-public wasm32-wasi-clang-toolchain
+ (package
+ (name "wasm32-wasi-clang-toolchain")
+ (version (package-version wasm32-wasi-clang))
+ (source
+ #f)
+ (build-system trivial-build-system)
+ (arguments
+ (list
+ #:builder (with-imported-modules '((guix build union)
+ (guix build utils))
+ #~(begin
+ (use-modules (guix build union)
+ (guix build utils))
+ (union-build #$output
+ (list #$wasm32-wasi-clang-runtime
+ #$wasi-libc
+ #$wasm32-wasi-libcxx))
+ (mkdir-p (string-append #$output
+ "/bin"))
+
+ ;; We provide clang and clang++ via a wrapped program that sets
+ ;; include paths correctly so that it does not include paths from
+ ;; the host.
+
+ ;; FIXME: Review how we can provide better support for
+ ;; cross-compiling with clang in Guix, maybe adding support for
+ ;; the CROSS_C_INCLUDE_PATH and CROSS_CPLUS_INCLUDE_PATH
+ ;; environment variables like GCC.
+
+ (for-each (lambda (bin)
+ (symlink (string-append #$wasm32-wasi-clang
+ bin)
+ (string-append #$output
+ bin))
+ (wrap-program (string-append #$output
+ bin)
+ #:sh (string-append #$bash-minimal
+ "/bin/bash")
+ `("C_INCLUDE_PATH"
+ ":" =
+ (,(string-append #$output
+ "/wasm32-wasi/include")))
+ `("CPLUS_INCLUDE_PATH"
+ ":" =
+ ;; Make sure inclure/c++/v1 comes first for #include_next
+ ;; to work.
+ (,(string-append #$output
+ "/wasm32-wasi/include/c++/v1") ,
+ (string-append #$output
+ "/wasm32-wasi/include")))))
+ '("/bin/clang"
+ "/bin/clang++"))
+
+ (symlink (string-append #$lld
+ "/bin/wasm-ld")
+ (string-append #$output
+ "/bin/wasm-ld"))))))
+ (inputs (list bash-minimal
+ lld
+ wasi-libc
+ wasm32-wasi-clang
+ wasm32-wasi-clang-runtime
+ wasm32-wasi-libcxx))
+ (license (cons (package-license wasm32-wasi-clang)
+ (package-license wasi-libc)))
+ (home-page "https://clang.llvm.org")
+ (synopsis
+ "Complete Clang toolchain for C/C++ development, for WebAssembly.")
+ (description
+ "This package provides a complete Clang toolchain for C/C++
+development targeting WebAssembly with WASI. This includes Clang, as well as
+libc, libc++ and wasm-ld.")))
--
2.39.2
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 13 Feb 2024 20:35:01 GMT) Full text and rfc822 format available.Message #104 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v4 0/4] Add LibreWolf Date: Tue, 13 Feb 2024 12:34:02 -0800
During testing, I found some problems with v3 of the patch. * The vendor-provided browser config was getting clobbered during 'autoconfig. Reworked this to append to librewolf.cfg instead of obliterating it or using autoconfig.js. * Extension search from about:addons was broken, because extensions.getAddons.search.browseURL was missing the %TERMS% placeholder. Added. * extensions.getAddons settings were defined with pref() instead of defaultPref(). pref() is for user settings, and causes them to show up as modified in about:config, with a revert button to restore the value from defaultPref (which is Mozilla's addons repo). Switched to defaultPref(). Both the extension search and pref/defaultPref issues are present in torbrowser and mullvad, and *if* those upstreams ship autoconfig.js files, their contents won't make it into the Guix packages. Someone might want to look into those issues. Ian Eure (4): gnu: Move icu4c-73 from gnuzilla to icu4c. gnu: nss: Update to 3.97. gnu: Add wasm packages. gnu: Add librewolf. gnu/packages/certs.scm | 4 +- gnu/packages/gnuzilla.scm | 27 +- gnu/packages/icu4c.scm | 22 ++ gnu/packages/librewolf.scm | 642 ++++++++++++++++++++++++++++++++++ gnu/packages/nss.scm | 6 +- gnu/packages/tor-browsers.scm | 3 +- gnu/packages/wasm.scm | 273 +++++++++++++++ 7 files changed, 945 insertions(+), 32 deletions(-) create mode 100644 gnu/packages/librewolf.scm create mode 100644 gnu/packages/wasm.scm base-commit: b6439fc5f800b5d22d48192bc347be794f050329 -- 2.41.0
clement <at> lassieur.org, jonathan.brielmaier <at> web.de, mhw <at> netris.org, guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 13 Feb 2024 20:35:02 GMT) Full text and rfc822 format available.Message #107 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Tue, 13 Feb 2024 12:34:03 -0800
* gnu/packages/icu4c.scm (icu4c-73): New variable.
* gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
Change-Id: I017e1416b70ecb94313aeb71aa4a0cafdfe0e9ab
---
gnu/packages/gnuzilla.scm | 27 +--------------------------
gnu/packages/icu4c.scm | 22 ++++++++++++++++++++++
gnu/packages/tor-browsers.scm | 3 ++-
3 files changed, 25 insertions(+), 27 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 5f77512427..094ff348e9 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -375,31 +375,6 @@ (define-public mozjs-78
(list icu4c-69 readline zlib))))
-;;
-;; Needed for IceCat 115.
-;;
-(define icu4c-73-promise
- (delay
- (package
- (inherit icu4c)
- (version "73.1")
- (source (origin
- (method url-fetch)
- (uri (string-append
- "https://github.com/unicode-org/icu/releases/download/release-"
- (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
- "/icu4c-"
- (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
- "-src.tgz"))
- (sha256
- (base32
- "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
- (patches
- (cons
- (search-patch
- "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
- (origin-patches (package-source icu4c)))))))))
-
;;;
;;; Localization helper procedures.
;;;
@@ -757,7 +732,7 @@ (define-public icecat-minimal
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force icu4c-73-promise)
+ icu4c-73
pixman
pulseaudio
mesa
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 5aaf3a8361..0dfe63b20a 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -109,6 +109,28 @@ (define-public icu4c
(license x11)
(home-page "http://site.icu-project.org/")))
+(define-public icu4c-73
+ (package
+ (inherit icu4c)
+ (name "icu4c")
+ (version "73.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/unicode-org/icu/releases/download/release-"
+ (string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
+ "/icu4c-"
+ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
+ "-src.tgz"))
+ (sha256
+ (base32
+ "0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))
+ (patches
+ (cons
+ (search-patch
+ "icu4c-fix-TestHebrewCalendarInTemporalLeapYear.patch")
+ (origin-patches (package-source icu4c))))))))
+
(define-public icu4c-70
(package
(inherit icu4c)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index c4ce997b99..ee5e072102 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -52,6 +52,7 @@ (define-module (gnu packages tor-browsers)
#:use-module (gnu packages golang)
#:use-module (gnu packages gtk)
#:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
#:use-module (gnu packages image)
#:use-module (gnu packages kerberos)
#:use-module (gnu packages libcanberra)
@@ -270,7 +271,7 @@ (define* (make-torbrowser #:key
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
ffmpeg-5
libvpx
- (force (@@ (gnu packages gnuzilla) icu4c-73-promise))
+ icu4c-73
pixman
pulseaudio
mesa
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 13 Feb 2024 20:35:02 GMT) Full text and rfc822 format available.Message #110 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v4 2/4] gnu: nss: Update to 3.97. Date: Tue, 13 Feb 2024 12:34:04 -0800
* gnu/packages/nss.scm (nss): Update to 3.97.
* gnu/packages/certs.scm (nss-certs): Update to 3.97.
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..2a6106df78 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..268ddaa24f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 13 Feb 2024 20:35:03 GMT) Full text and rfc822 format available.Message #113 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v4 3/4] gnu: Add wasm packages. Date: Tue, 13 Feb 2024 12:34:05 -0800
* gnu/packages/wasm.scm (wasi-libc): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable.
* gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable.
---
gnu/packages/wasm.scm | 273 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 273 insertions(+)
create mode 100644 gnu/packages/wasm.scm
diff --git a/gnu/packages/wasm.scm b/gnu/packages/wasm.scm
new file mode 100644
index 0000000000..05d247f333
--- /dev/null
+++ b/gnu/packages/wasm.scm
@@ -0,0 +1,273 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022-2023 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages wasm)
+ #:use-module (guix base32)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix utils)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages python))
+
+(define-public wasi-libc
+ (package
+ (name "wasi-libc")
+ (version "sdk-19")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/WebAssembly/wasi-libc")
+ (commit (string-append "wasi-" version))
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0bnpz8wk9wiic938296gxp4vz820bvpi1w41jksjzz5552hql169"))))
+ (build-system gnu-build-system)
+ (native-inputs (list clang-15))
+ (arguments
+ (list
+ #:tests? #f ;No test suite
+ ;; Firefox uses wasm2c to compile WebAssembly to C code, and it
+ ;; does not support the memory.copy opcode.
+ ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1773200#c4
+ #:make-flags ''("BULK_MEMORY_SOURCES=")
+ #:phases #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-before 'build 'set-sysroot-include
+ (lambda _
+ (setenv "C_INCLUDE_PATH"
+ (string-append (getcwd) "/sysroot/include"))))
+ (add-before 'install 'set-install-dir
+ (lambda _
+ (setenv "INSTALL_DIR"
+ (string-append #$output "/wasm32-wasi")))))))
+ (home-page "https://wasi.dev")
+ (synopsis "WASI libc implementation for WebAssembly")
+ (description
+ "WASI Libc is a libc for WebAssembly programs built on top of WASI
+system calls. It provides a wide array of POSIX-compatible C APIs, including
+support for standard I/O, file I/O, filesystem manipulation, memory
+management, time, string, environment variables, program startup, and many
+other APIs.")
+ (license (list
+ ;; For wasi-libc, with LLVM exceptions
+ license:asl2.0
+ ;; For malloc.c.
+ license:cc0
+ ;; For cloudlibc.
+ license:bsd-2
+ ;; For wasi-libc and musl-libc.
+ license:expat))))
+
+(define-public wasm32-wasi-clang-runtime
+ (package (inherit clang-runtime-15)
+ (native-inputs
+ (list clang-15
+ wasi-libc))
+ (inputs (list llvm-15))
+ (arguments
+ (list
+ #:build-type "Release"
+ #:tests? #f
+ ;; Stripping binaries breaks wasm linking, resulting in the following
+ ;; error: "archive has no index; run ranlib to add one".
+ #:strip-binaries? #f
+ #:configure-flags
+ #~(list "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ (string-append
+ "-DCMAKE_SYSROOT=" #$wasi-libc "/wasm32-wasi")
+ (string-append
+ "-DCMAKE_C_FLAGS=-I " #$wasi-libc "/wasm32-wasi/include")
+
+ "-DCOMPILER_RT_OS_DIR=wasi"
+
+ "-DCOMPILER_RT_BAREMETAL_BUILD=On"
+ "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=On"
+
+ ;; WASM only needs libclang_rt.builtins-wasm32.a from
+ ;; compiler-rt.
+ "../source/compiler-rt/lib/builtins")))))
+
+;; FIXME: Ideally we wouldn't need to build a separate compiler because clang
+;; can support multiple targets at runtime. However Guix patches the default
+;; clang with a specific clang-runtime package. It would be good to improve
+;; upstream Guix's support for cross-compiling with clang.
+
+(define clang-from-llvm (@@ (gnu packages llvm) clang-from-llvm))
+(define llvm-monorepo (@@ (gnu packages llvm) llvm-monorepo))
+
+(define-public wasm32-wasi-clang
+ (let ((base (clang-from-llvm llvm-15 wasm32-wasi-clang-runtime)))
+ (package
+ (inherit base)
+ (name "wasm32-wasi-clang")
+ (inputs (modify-inputs (package-inputs base)
+ (prepend wasi-libc)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:configure-flags flags)
+ #~(list "-DCLANG_INCLUDE_TESTS=True"
+ ;; Use a sane default include directory.
+ (string-append "-DC_INCLUDE_DIRS="
+ #$wasi-libc "/wasm32-wasi/include")))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (delete 'symlink-cfi_ignorelist))))))))
+
+(define-public wasm32-wasi-libcxx
+ (package
+ (name "wasm32-wasi-libcxx")
+ (version (package-version llvm-15))
+ (source
+ (llvm-monorepo version))
+ (build-system cmake-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(list (string-append "-S ../source/runtimes")
+
+ "-DLLVM_ENABLE_RUNTIMES=libcxx;libcxxabi"
+
+ (string-append "-DCMAKE_SYSROOT="
+ #$wasi-libc "/wasm32-wasi")
+
+ (string-append "-DCMAKE_INCLUDE_PATH="
+ #$wasi-libc
+ "/wasm32-wasi/include")
+
+ (string-append "-DCMAKE_STAGING_PREFIX="
+ #$output "/wasm32-wasi")
+
+ "-DCMAKE_C_COMPILER=clang"
+ "-DCMAKE_C_COMPILER_WORKS=ON"
+ "-DCMAKE_CXX_COMPILER=clang++"
+ "-DCMAKE_CXX_COMPILER_WORKS=ON"
+ "-DCMAKE_C_COMPILER_TARGET=wasm32-wasi"
+ "-DCMAKE_CXX_COMPILER_TARGET=wasm32-wasi"
+
+ "-DLIBCXX_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXX_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXX_ENABLE_SHARED=OFF"
+ "-DLIBCXX_ENABLE_THREADS=OFF"
+ "-DLIBCXX_ENABLE_FILESYSTEM=OFF"
+
+ "-DLIBCXXABI_LIBDIR_SUFFIX=/wasm32-wasi"
+
+ "-DLIBCXXABI_ENABLE_EXCEPTIONS=OFF"
+ "-DLIBCXXABI_ENABLE_SHARED=OFF"
+ "-DLIBCXXABI_ENABLE_THREADS=OFF"
+ "-DLIBCXXABI_ENABLE_FILESYSTEM=OFF")
+ #:tests? #f
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'set-paths 'adjust-CPLUS_INCLUDE_PATH
+ (lambda _
+ (setenv "CPLUS_INCLUDE_PATH"
+ (string-append #$wasi-libc
+ "/wasm32-wasi/include:"
+ (getenv "CPLUS_INCLUDE_PATH"))))))))
+ (native-inputs (list lld python wasm32-wasi-clang))
+ (inputs (list wasi-libc))
+ (home-page "https://libcxx.llvm.org")
+ (synopsis "C++ standard library for WebAssembly")
+ (description
+ "This package provides an implementation of the C++ standard library for
+use with Clang, targeting C++11, C++14 and above. This package targets
+WebAssembly with WASI.")
+ (license license:expat)))
+
+(define-public wasm32-wasi-clang-toolchain
+ (package
+ (name "wasm32-wasi-clang-toolchain")
+ (version (package-version wasm32-wasi-clang))
+ (source
+ #f)
+ (build-system trivial-build-system)
+ (arguments
+ (list
+ #:builder (with-imported-modules '((guix build union)
+ (guix build utils))
+ #~(begin
+ (use-modules (guix build union)
+ (guix build utils))
+ (union-build #$output
+ (list #$wasm32-wasi-clang-runtime
+ #$wasi-libc
+ #$wasm32-wasi-libcxx))
+ (mkdir-p (string-append #$output
+ "/bin"))
+
+ ;; We provide clang and clang++ via a wrapped program that sets
+ ;; include paths correctly so that it does not include paths from
+ ;; the host.
+
+ ;; FIXME: Review how we can provide better support for
+ ;; cross-compiling with clang in Guix, maybe adding support for
+ ;; the CROSS_C_INCLUDE_PATH and CROSS_CPLUS_INCLUDE_PATH
+ ;; environment variables like GCC.
+
+ (for-each (lambda (bin)
+ (symlink (string-append #$wasm32-wasi-clang
+ bin)
+ (string-append #$output
+ bin))
+ (wrap-program (string-append #$output
+ bin)
+ #:sh (string-append #$bash-minimal
+ "/bin/bash")
+ `("C_INCLUDE_PATH"
+ ":" =
+ (,(string-append #$output
+ "/wasm32-wasi/include")))
+ `("CPLUS_INCLUDE_PATH"
+ ":" =
+ ;; Make sure inclure/c++/v1 comes first for #include_next
+ ;; to work.
+ (,(string-append #$output
+ "/wasm32-wasi/include/c++/v1") ,
+ (string-append #$output
+ "/wasm32-wasi/include")))))
+ '("/bin/clang"
+ "/bin/clang++"))
+
+ (symlink (string-append #$lld
+ "/bin/wasm-ld")
+ (string-append #$output
+ "/bin/wasm-ld"))))))
+ (inputs (list bash-minimal
+ lld
+ wasi-libc
+ wasm32-wasi-clang
+ wasm32-wasi-clang-runtime
+ wasm32-wasi-libcxx))
+ (license (cons (package-license wasm32-wasi-clang)
+ (package-license wasi-libc)))
+ (home-page "https://clang.llvm.org")
+ (synopsis
+ "Complete Clang toolchain for C/C++ development, for WebAssembly.")
+ (description
+ "This package provides a complete Clang toolchain for C/C++
+development targeting WebAssembly with WASI. This includes Clang, as well as
+libc, libc++ and wasm-ld.")))
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 13 Feb 2024 20:35:03 GMT) Full text and rfc822 format available.Message #116 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v4 4/4] gnu: Add librewolf. Date: Tue, 13 Feb 2024 12:34:06 -0800
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 642 +++++++++++++++++++++++++++++++++++++
1 file changed, 642 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..6aa84ee372
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,642 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas <at> enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw <at> netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong <at> gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim <at> flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a <at> ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita <at> n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann <at> infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov <at> gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust <at> gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda <at> monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last <at> 163.com>
+;;; Copyright © 2021 pineapples <guixuser6392 <at> protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice <at> waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias <at> protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf <at> wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian <at> retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages wasm)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build firefox, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every firefox update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20240130195200")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "122.0-2")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "0ggysgbazx5dl0l9dyvrpjgzbvivgddm9qyiyvjjfk9im9sljkxh"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang"))
+ (wasi-sysroot #$(this-package-native-input
+ "wasm32-wasi-clang-toolchain")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+ ,(string-append "--with-wasi-sysroot="
+ wasi-sysroot "/wasm32-wasi")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow Firefox sandbox to read the store directory,
+ ;; because Firefox sandbox have access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute file
+ `((,(format #f "~s" lib) unquote
+ (λ (line _)
+ (string-replace-substring line lib
+ (string-append #$speech-dispatcher
+ "/lib/"
+ lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Firefox will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does firefox build on
+ ;; non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "WASM_CC"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang"))
+ (setenv "WASM_CXX"
+ (string-append (assoc-ref inputs
+ "wasm32-wasi-clang-toolchain")
+ "/bin/clang++"))
+
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting in Firefox.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build '1fix-addons-placeholder
+ (lambda _
+ (substitute*
+ "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org") "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing Firefox's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (pciutils-lib (string-append (assoc-ref inputs
+ "pciutils") "/lib")))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,pciutils-lib))))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file (in-vicinity lib config-file) "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port "defaultPref(~s, ~s);~%"
+ (car pref) (cdr pref)))
+ '(("extensions.getAddons.search.browseURL" .
+ "https://gnuzilla.gnu.org/mozzarella/search.php?q=%TERMS%")
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (apng-lib (string-append (assoc-ref inputs
+ "libpng-apng") "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,apng-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ wasm32-wasi-clang-toolchain
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://mozilla.org/firefox/")
+ (synopsis "Trademarkless version of Firefox")
+ (description
+ "Full-featured browser client built from Firefox source tree, without
+the official icon and the name \"firefox\". This is the Extended Support
+Release (ESR) version.")
+ (license license:mpl2.0)))
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 13 Feb 2024 22:43:03 GMT) Full text and rfc822 format available.Message #119 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Liliana Marie Prikler <liliana.prikler <at> gmail.com> To: Ian Eure <ian <at> retrospec.tv>, 67512 <at> debbugs.gnu.org Subject: Re: [PATCH v4 3/4] gnu: Add wasm packages. Date: Tue, 13 Feb 2024 23:41:16 +0100
Am Dienstag, dem 13.02.2024 um 12:34 -0800 schrieb Ian Eure: > * gnu/packages/wasm.scm (wasi-libc): New variable. > * gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New variable. > * gnu/packages/wasm.scm (wasm32-wasi-clang): New variable. > * gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable. > * gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New variable. > --- Not sure what the result from v1-v3 is, but generally we do one package per patch. Also, if there is a reason to create a new file, what do we do with the already packaged webassembly stuff in web.scm? Cheers
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Tue, 13 Feb 2024 23:48:02 GMT) Full text and rfc822 format available.Message #122 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Liliana Marie Prikler <liliana.prikler <at> gmail.com> Cc: 67512 <at> debbugs.gnu.org Subject: Re: [PATCH v4 3/4] gnu: Add wasm packages. Date: Tue, 13 Feb 2024 15:22:06 -0800
Liliana Marie Prikler <liliana.prikler <at> gmail.com> writes: > Am Dienstag, dem 13.02.2024 um 12:34 -0800 schrieb Ian Eure: >> * gnu/packages/wasm.scm (wasi-libc): New variable. >> * gnu/packages/wasm.scm (wasm32-wasi-clang-runtime): New >> variable. >> * gnu/packages/wasm.scm (wasm32-wasi-clang): New variable. >> * gnu/packages/wasm.scm (wasm32-wasi-libcxx): New variable. >> * gnu/packages/wasm.scm (wasm32-wasi-clang-toolchain): New >> variable. >> --- > Not sure what the result from v1-v3 is, but generally we do one > package > per patch. > I have no problem splitting it up. > Also, if there is a reason to create a new file what do we do > with the already packaged webassembly stuff in web.scm? > It was like that in nonguix, where I got it from. It’s not a *good* reason, but that’s the reason. I have absolutely zero preference, so please let me know where things should go and I’ll do it. If it helps to have some options, I think these are reasonable ones, ordered by my-hot-take-descending: A. Move the two wasm packages from (gnu packages web) to (gnu packages wasm). Will require updates to anything which uses wabt, wasm3, or wasm-micro-runtime as inputs. B. Leave as-is. C. Fold the new (gnu packages wasm) into (gnu packages web). I’m not certain this is a sensible place. This has things more traditionally webby, like HTTP servers Perl cooke modules, HTML formatters, etc. The wasm packages I’m bringing over are a wasm complier and libc usable by the wasm code built with that compiler. D. Fold the new (gnu packages wasm) into (gnu packages librewolf). This is the only place they’re used, but it sounds like there’s desire to port some of the other firefoxen to this stuff, so probably not a good long-term option. In the interest of avoiding more back-and-forth, are there other structural things I should be addressing at the same time as these? This patch series has been open for three months and I’d like to get things wrapped up. — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 14 Feb 2024 18:07:01 GMT) Full text and rfc822 format available.Message #125 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Mark H Weaver <mhw <at> netris.org> To: Ian Eure <ian <at> retrospec.tv>, 67512 <at> debbugs.gnu.org Cc: Jonathan Brielmaier <jonathan.brielmaier <at> web.de>, Clément Lassieur <clement <at> lassieur.org> Subject: Re: [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Wed, 14 Feb 2024 13:05:34 -0500
Ian Eure <ian <at> retrospec.tv> writes:
> * gnu/packages/icu4c.scm (icu4c-73): New variable.
> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable.
The commit log should mention the changes to 'icecat-minimal' and
'make-torbrowser'. Otherwise, looks good to me.
Thanks,
Mark
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 16 Feb 2024 14:03:02 GMT) Full text and rfc822 format available.Message #128 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Mark H Weaver <mhw <at> netris.org> Cc: 67512 <at> debbugs.gnu.org, Jonathan Brielmaier <jonathan.brielmaier <at> web.de>, Ian Eure <ian <at> retrospec.tv> Subject: Re: [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Fri, 16 Feb 2024 15:02:01 +0100
On Wed, Feb 14 2024, Mark H Weaver wrote: > Ian Eure <ian <at> retrospec.tv> writes: >> * gnu/packages/icu4c.scm (icu4c-73): New variable. >> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable. > > The commit log should mention the changes to 'icecat-minimal' and > 'make-torbrowser'. Otherwise, looks good to me. I pushed this one (with small commit message updates), so we can have a feeling that things are advancing :) Thanks Clément
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 16 Feb 2024 14:30:02 GMT) Full text and rfc822 format available.Message #131 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Liliana Marie Prikler <liliana.prikler <at> gmail.com> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Fri, 16 Feb 2024 15:29:29 +0100
On Tue, Feb 13 2024, Ian Eure wrote: > D. Fold the new (gnu packages wasm) into (gnu packages librewolf). This is the > only place they’re used, but it sounds like there’s desire to port some of the > other firefoxen to this stuff, so probably not a good long-term option. Does Librewolf depend on the Wasm packages more than the other Firefox based browsers? My point is that if your Librewolf package is independent from the Wasm packages, they can be split and reviewed independently. That would make the Librewolf review shorter and easier, and the Wasm review more consistent and easy to test. Also, adding Wasm to our Firefox based browsers would be a one-shot. (Of course it doesn't have to be included in Icecat, but I think it would be great to have it in ‘make-torbrowser’.) It makes even more sense when considering that the author of the Wasm patches is not you (and doesn't reply). > In the interest of avoiding more back-and-forth, are there other structural > things I should be addressing at the same time as these? This patch series > has been open for three months and I’d like to get things wrapped up. Sorry, reviewing is hard. I've pushed the icu4c-73 one, and I wish to get the Wasm patch independent so that we can focus on reviewing Librewolf.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 16 Feb 2024 21:50:02 GMT) Full text and rfc822 format available.Message #134 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Mark H Weaver <mhw <at> netris.org> To: Clément Lassieur <clement <at> lassieur.org>, Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Liliana Marie Prikler <liliana.prikler <at> gmail.com> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Fri, 16 Feb 2024 16:48:55 -0500
Clément Lassieur <clement <at> lassieur.org> writes:
> On Tue, Feb 13 2024, Ian Eure wrote:
>
>> D. Fold the new (gnu packages wasm) into (gnu packages librewolf). This is the
>> only place they’re used, but it sounds like there’s desire to port some of the
>> other firefoxen to this stuff, so probably not a good long-term option.
>
> Does Librewolf depend on the Wasm packages more than the other Firefox
> based browsers? My point is that if your Librewolf package is
> independent from the Wasm packages, they can be split and reviewed
> independently.
>
> That would make the Librewolf review shorter and easier, and the Wasm
> review more consistent and easy to test. Also, adding Wasm to our
> Firefox based browsers would be a one-shot. (Of course it doesn't have
> to be included in Icecat, but I think it would be great to have it in
> ‘make-torbrowser’.)
I'd like to have support for Wasm sandboxed libraries in IceCat as well.
Thanks,
Mark
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 17 Feb 2024 16:09:02 GMT) Full text and rfc822 format available.Message #137 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, Pierre Langlois <pierre.langlois <at> gmx.com> Subject: Re: [bug#67512] [PATCH 0/5] Add LibreWolf Date: Sat, 17 Feb 2024 08:06:56 -0800
Hi Pierre, Pinging on this to see if you saw it / have an answer. Thanks, — Ian Clément Lassieur <clement <at> lassieur.org> writes: > Hi Ian and Pierre, > > Thank you for this! I hope to do a review soon. Meanwhile I > have one > question for Pierre: is there any reason why your Wasm work was > contributed to Nonguix instead of Guix? It looks like it could > be used > by Icecat. Would you say it is ready to be added to the Guix > repo? > > Thank you, > Clément > > On Tue, Nov 28 2023, Ian Eure wrote: > >> I mentioned in #guix that I was working on a package for >> LibreWolf, and it was requested that I send in patches, so I >> am. These changes are based on the firefox-esr package in >> nonguix; I've retained the copyright / authorship notices from >> there. >> >> LibreWolf (https://librewolf.net/) is a fork of Firefox which >> removes the telemetry and advertising, and bundles uBlock >> Origin. It doesn't have the redistribution issues that Firefox >> does, its name/logo are under MPL 2.0 and aren't trademarked. >> >> I'm new to Guix, and not remotely a browser development expert, >> so I don't expect these are ready to be accepted yet, but I >> believe they're in good enough shape to have a discussion >> about. They're working acceptably well for me, though I'm not >> currently daily driving Guix, so there may be issues I haven't >> encountered yet. >> >> Guide to changes in this patchset >> ================================= >> >> icu4c has been updated to 73.1, and the previous version kept >> as icu4c-71. I encountered consistent failures of the >> node <at> 10.24.1 test suite with icu4c 73.1, so I kept that on >> 71.1. icu4c is needed by many packages, so this change is the >> highest-impact in the patchset. >> >> The (gnu packages wasm) module is unchanged from nonguix, >> except for the file header and module declaration. >> >> The (gnu packages librewolf) module is a simplified/adapted >> version of (nongnu packages firefox). The Firefox Nightly >> packages have been removed, as there's no LibreWolf equivalent. >> I also didn't bring over the wayland variant, but I could, if >> that's desired. I'm not sure why there are specific >> x11/wayland variants, as the packages for other distros don't >> seem to need this split. >> >> The librewolf package has some functions duplicated from (gnu >> packages gnuzilla), which probably ought to get factored out >> and put somewhere, but I'm not sure if they should be in (gnu >> packages mozilla) or a different module. Guidance would be >> appreciated here. >> >> Ian Eure (5): >> gnu: icu4c: Update to 73.1. >> gnu: Add icu4c-71. >> gnu: node: Switch to icu4c-71. >> gnu: Add wasm packages. >> gnu: Add librewolf. >> >> gnu/packages/icu4c.scm | 21 +- >> gnu/packages/librewolf.scm | 560 >> +++++++++++++++++++++++++++++++++++++ >> gnu/packages/node.scm | 4 +- >> gnu/packages/wasm.scm | 273 ++++++++++++++++++ >> 4 files changed, 854 insertions(+), 4 deletions(-) >> create mode 100644 gnu/packages/librewolf.scm >> create mode 100644 gnu/packages/wasm.scm >> >> >> base-commit: 2410a30f6c06d56b5589e0ad685bcdf09bb144bf >
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 17 Feb 2024 16:10:01 GMT) Full text and rfc822 format available.Message #140 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Jonathan Brielmaier <jonathan.brielmaier <at> web.de> Subject: Re: [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Sat, 17 Feb 2024 08:07:52 -0800
Clément Lassieur <clement <at> lassieur.org> writes: > On Wed, Feb 14 2024, Mark H Weaver wrote: > >> Ian Eure <ian <at> retrospec.tv> writes: >>> * gnu/packages/icu4c.scm (icu4c-73): New variable. >>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete >>> variable. >> >> The commit log should mention the changes to 'icecat-minimal' >> and >> 'make-torbrowser'. Otherwise, looks good to me. > > I pushed this one (with small commit message updates), so we can > have a > feeling that things are advancing :) > Thank you. Do you think the nss patch is also mergeable? Thanks, — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 17 Feb 2024 16:26:02 GMT) Full text and rfc822 format available.Message #143 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Liliana Marie Prikler <liliana.prikler <at> gmail.com> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Sat, 17 Feb 2024 08:09:22 -0800
Clément Lassieur <clement <at> lassieur.org> writes: > On Tue, Feb 13 2024, Ian Eure wrote: > >> D. Fold the new (gnu packages wasm) into (gnu packages >> librewolf). This is the >> only place they’re used, but it sounds like there’s desire to >> port some of the >> other firefoxen to this stuff, so probably not a good long-term >> option. > > Does Librewolf depend on the Wasm packages more than the other > Firefox > based browsers? Upstream Librewolf doesn’t depend on the WASM packages more than any other Firefoxen. I believe that WASM sandboxing is an optional feature for recent Firefox and FF-derived browsers. In case anyone reading this isn’t familiar: Firefox has taken some libraries that handle untrusted data (which are implemented in C/C++) and complied those WASM, which it runs in isolated sandboxes. The idea being that if there’s a vulnerability in one of those libraries, the impact will be diminished becasue the exploit runs in an environment with very limited privileges[1]. > My point is that if your Librewolf package is independent from > the Wasm packages, they can be split and reviewed independently. The Librewolf package I’m submitting depends on these WASM packages; other Firefox-derived browsers currently in Guix don’t (because they can’t, because the toolchain isn’t in Guix). > That would make the Librewolf review shorter and easier, and the > Wasm > review more consistent and easy to test. Also, adding Wasm to > our > Firefox based browsers would be a one-shot. (Of course it > doesn't have > to be included in Icecat, but I think it would be great to have > it in > ‘make-torbrowser’.) > I’m not sure what you mean by "adding Wasm to our Firefox based browsers would be a one-shot." Are you saying you want a process like: 1a. Get wasm toolchain stuff merged. 1b. Get Librewolf merged without WASM sandboxing. 2. Update icecat, torbrowser, mullvad, and librewolf to use WASM sandboxing. Thanks, — Ian [1]: See https://hacks.mozilla.org/2020/02/securing-firefox-with-webassembly/ and https://blog.mozilla.org/attack-and-defense/2021/12/06/webassembly-and-back-again-fine-grained-sandboxing-in-firefox-95/ for more on this.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 21 Feb 2024 02:02:01 GMT) Full text and rfc822 format available.Message #146 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Liliana Marie Prikler <liliana.prikler <at> gmail.com> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Wed, 21 Feb 2024 03:00:43 +0100
On Sat, Feb 17 2024, Ian Eure wrote: > Clément Lassieur <clement <at> lassieur.org> writes: > >> On Tue, Feb 13 2024, Ian Eure wrote: >> >>> D. Fold the new (gnu packages wasm) into (gnu packages librewolf). This is >>> the >>> only place they’re used, but it sounds like there’s desire to port some of >>> the >>> other firefoxen to this stuff, so probably not a good long-term option. >> >> Does Librewolf depend on the Wasm packages more than the other Firefox >> based browsers? > > Upstream Librewolf doesn’t depend on the WASM packages more than any other > Firefoxen. I believe that WASM sandboxing is an optional feature for recent > Firefox and FF-derived browsers. > > > In case anyone reading this isn’t familiar: Firefox has taken some libraries > that handle untrusted data (which are implemented in C/C++) and complied those > WASM, which it runs in isolated sandboxes. The idea being that if there’s a > vulnerability in one of those libraries, the impact will be diminished becasue > the exploit runs in an environment with very limited privileges[1]. > > >> My point is that if your Librewolf package is independent from the Wasm >> packages, they can be split and reviewed independently. > > The Librewolf package I’m submitting depends on these WASM packages; other > Firefox-derived browsers currently in Guix don’t (because they can’t, because > the toolchain isn’t in Guix). > > >> That would make the Librewolf review shorter and easier, and the Wasm >> review more consistent and easy to test. Also, adding Wasm to our >> Firefox based browsers would be a one-shot. (Of course it doesn't have >> to be included in Icecat, but I think it would be great to have it in >> ‘make-torbrowser’.) >> > > I’m not sure what you mean by "adding Wasm to our Firefox based browsers would > be a one-shot." Are you saying you want a process like: > > 1a. Get wasm toolchain stuff merged. > 1b. Get Librewolf merged without WASM sandboxing. > 2. Update icecat, torbrowser, mullvad, and librewolf to use WASM sandboxing. Excatly. 1b can be done after 1a, or before 1a. And if you can explain why is Mullvad Browser not "great for daily use" that would be great. https://logs.guix.gnu.org/guix/2024-02-20.log Clément
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 21 Feb 2024 02:40:02 GMT) Full text and rfc822 format available.Message #149 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Liliana Marie Prikler <liliana.prikler <at> gmail.com> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Tue, 20 Feb 2024 18:18:03 -0800
Clément Lassieur <clement <at> lassieur.org> writes: >> Are you saying you want a process like: >> >> 1a. Get wasm toolchain stuff merged. >> 1b. Get Librewolf merged without WASM sandboxing. >> 2. Update icecat, torbrowser, mullvad, and librewolf to use >> WASM sandboxing. > > Excatly. 1b can be done after 1a, or before 1a. > Is there a technical reason why landing WASM sandboxing support for all browsers in the same patch is desirable? I can intuit none, and as I’m disinclined to either roll back portions of my existing patchset, or work on other browsers, the proposal is disagreeable. I’m fine with splitting off the WASM toolchain stuff into a separate patch, and then merging LibreWolf afterwards. If others would like to add WASM sandboxing to their Firefox-derived browsers afterwards, they are, of course, welcome to. Is there further guidance on where the WASM toolchain packages should be placed? It seemed there was objection to having them in (gnu packages wasm), but nobody has proposed an alternate location or engaged with the options I presented. Thanks, — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 21 Feb 2024 05:22:02 GMT) Full text and rfc822 format available.Message #152 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Liliana Marie Prikler <liliana.prikler <at> gmail.com> To: Ian Eure <ian <at> retrospec.tv>, Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Wed, 21 Feb 2024 06:20:17 +0100
Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure: > Clément Lassieur <clement <at> lassieur.org> writes: > > > > Are you saying you want a process like: > > > > > > 1a. Get wasm toolchain stuff merged. > > > 1b. Get Librewolf merged without WASM sandboxing. > > > 2. Update icecat, torbrowser, mullvad, and librewolf to use > > > WASM sandboxing. > > > > Excatly. 1b can be done after 1a, or before 1a. > > > > Is there a technical reason why landing WASM sandboxing support > for all browsers in the same patch is desirable? I can intuit > none, and as I’m disinclined to either roll back portions of my > existing patchset, or work on other browsers, the proposal is > disagreeable. I think this ordering is w.r.t. *patch sets*, not patches. I wouldn't suggest dropping four packages into one patch. > I’m fine with splitting off the WASM toolchain stuff into a > separate patch, and then merging LibreWolf afterwards. If others > would like to add WASM sandboxing to their Firefox-derived > browsers afterwards, they are, of course, welcome to. > > Is there further guidance on where the WASM toolchain packages > should be placed? It seemed there was objection to having them in > (gnu packages wasm), but nobody has proposed an alternate location > or engaged with the options I presented. Unless there's a strong reason not to, I'd place them among the existing ones in (gnu packages web). WDYT?
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 21 Feb 2024 11:47:02 GMT) Full text and rfc822 format available.Message #155 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Liliana Marie Prikler <liliana.prikler <at> gmail.com> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Ian Eure <ian <at> retrospec.tv> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Wed, 21 Feb 2024 12:45:24 +0100
On Wed, Feb 21 2024, Liliana Marie Prikler wrote: > Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure: >> Clément Lassieur <clement <at> lassieur.org> writes: >> >> > > Are you saying you want a process like: >> > > >> > > 1a. Get wasm toolchain stuff merged. >> > > 1b. Get Librewolf merged without WASM sandboxing. >> > > 2. Update icecat, torbrowser, mullvad, and librewolf to use >> > > WASM sandboxing. >> > >> > Excatly. 1b can be done after 1a, or before 1a. >> > >> >> Is there a technical reason why landing WASM sandboxing support >> for all browsers in the same patch is desirable? I can intuit >> none, and as I’m disinclined to either roll back portions of my >> existing patchset, or work on other browsers, the proposal is >> disagreeable. > I think this ordering is w.r.t. *patch sets*, not patches. I wouldn't > suggest dropping four packages into one patch. Indeed I've never said it should be done in one patch. I said one-shot as in ‘symmetrical’: the work required to add Wasm to our browsers should be more or less the same for all browsers, and code duplication should be avoided. >> I’m fine with splitting off the WASM toolchain stuff into a >> separate patch, and then merging LibreWolf afterwards. If others >> would like to add WASM sandboxing to their Firefox-derived >> browsers afterwards, they are, of course, welcome to. My point is that we need to understand the diff between a browser without wasm, and a browser with wasm. If you add librewolf with wasm already included, we don't have that diff info. And it's harder for us reviewers to understand what in your patch is wasm specific. And it's harder for us to include wasm to our firefox based browsers. I acknowledge it's more work for you, but it's a work that would have to be done otherwise by the reviewer, at least to test the wasm stuff. >> Is there further guidance on where the WASM toolchain packages >> should be placed? It seemed there was objection to having them in >> (gnu packages wasm), but nobody has proposed an alternate location >> or engaged with the options I presented. > Unless there's a strong reason not to, I'd place them among the > existing ones in (gnu packages web). > > WDYT? Agreed.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 21 Feb 2024 11:51:02 GMT) Full text and rfc822 format available.Message #158 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Jonathan Brielmaier <jonathan.brielmaier <at> web.de> Subject: Re: [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Wed, 21 Feb 2024 12:49:31 +0100
On Sat, Feb 17 2024, Ian Eure wrote: > Clément Lassieur <clement <at> lassieur.org> writes: > >> On Wed, Feb 14 2024, Mark H Weaver wrote: >> >>> Ian Eure <ian <at> retrospec.tv> writes: >>>> * gnu/packages/icu4c.scm (icu4c-73): New variable. >>>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable. >>> >>> The commit log should mention the changes to 'icecat-minimal' and >>> 'make-torbrowser'. Otherwise, looks good to me. >> >> I pushed this one (with small commit message updates), so we can have a >> feeling that things are advancing :) >> > > Thank you. Do you think the nss patch is also mergeable? Do we know why this patch is necessary for librewolf and not for other ESR based browsers?
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 21 Feb 2024 14:34:01 GMT) Full text and rfc822 format available.Message #161 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Mark H Weaver <mhw <at> netris.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Liliana Marie Prikler <liliana.prikler <at> gmail.com>, Clément Lassieur <clement <at> lassieur.org> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Wed, 21 Feb 2024 09:32:37 -0500
Hi Ian,
Clément Lassieur <clement <at> lassieur.org> asked Ian Eure:
> And if you can explain why is Mullvad Browser not "great for daily use"
> that would be great. https://logs.guix.gnu.org/guix/2024-02-20.log
I see that you also wrote about GNU IceCat in the cited IRC log:
ieure (apparently Ian Eure) wrote on the #guix IRC channel:
> [...] IceCat, which is weirdware Firefox that won't run non-GPL'd
> JavaScript out of the box [...]
For the record, this statement is incorrect. IceCat _will_ run
"non-GPL'd JavaScript" out of the box. IceCat will, by default, run
trivial JavaScript regardless of license, and it will also run
nontrivial JavaScript that's marked as having a known free software
license. There is no requirement that the JavaScript be covered by the
GNU GPL. It's also easy to add sites to the whitelist, or to disable
LibreJS entirely.
I have no idea what you meant by "weirdware". Can you please explain
what you meant by that?
Thanks,
Mark
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Thu, 22 Feb 2024 01:15:02 GMT) Full text and rfc822 format available.Message #164 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Jonathan Brielmaier <jonathan.brielmaier <at> web.de> Subject: Re: [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Wed, 21 Feb 2024 17:07:59 -0800
Clément Lassieur <clement <at> lassieur.org> writes: > On Sat, Feb 17 2024, Ian Eure wrote: > >> Clément Lassieur <clement <at> lassieur.org> writes: >> >>> On Wed, Feb 14 2024, Mark H Weaver wrote: >>> >>>> Ian Eure <ian <at> retrospec.tv> writes: >>>>> * gnu/packages/icu4c.scm (icu4c-73): New variable. >>>>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete >>>>> variable. >>>> >>>> The commit log should mention the changes to 'icecat-minimal' >>>> and >>>> 'make-torbrowser'. Otherwise, looks good to me. >>> >>> I pushed this one (with small commit message updates), so we >>> can have a >>> feeling that things are advancing :) >>> >> >> Thank you. Do you think the nss patch is also mergeable? > > Do we know why this patch is necessary for librewolf and not for > other > ESR based browsers? > LibreWolf is based on standard Firefox releases, not ESR; that may account for it, but I don’t know for sure. Thanks, — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Thu, 22 Feb 2024 01:28:02 GMT) Full text and rfc822 format available.Message #167 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Liliana Marie Prikler <liliana.prikler <at> gmail.com> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Wed, 21 Feb 2024 16:07:30 -0800
Clément Lassieur <clement <at> lassieur.org> writes: > On Wed, Feb 21 2024, Liliana Marie Prikler wrote: >> Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure: >>> Clément Lassieur <clement <at> lassieur.org> writes: >>> >>> > > Are you saying you want a process like: >>> > > >>> > > 1a. Get wasm toolchain stuff merged. >>> > > 1b. Get Librewolf merged without WASM sandboxing. >>> > > 2. Update icecat, torbrowser, mullvad, and librewolf to >>> > > use >>> > > WASM sandboxing. >>> > >>> > Excatly. 1b can be done after 1a, or before 1a. >>> > >>> >>> Is there a technical reason why landing WASM sandboxing >>> support >>> for all browsers in the same patch is desirable? I can intuit >>> none, and as I’m disinclined to either roll back portions of >>> my >>> existing patchset, or work on other browsers, the proposal is >>> disagreeable. >> I think this ordering is w.r.t. *patch sets*, not patches. I >> wouldn't >> suggest dropping four packages into one patch. > > Indeed I've never said it should be done in one patch. I said > one-shot > as in ‘symmetrical’: the work required to add Wasm to our > browsers > should be more or less the same for all browsers, and code > duplication > should be avoided. > Forgive me for my imprecision, and thank you for the explanation. Unfortunately, the distinction makes little difference to me, as it still would require me to do work I’m unwilling to do. My unwillingness has less to do with the amount of work than its scope: My goal is to get LibreWolf into Guix, and I simply have no desire or motivation to work on other browsers. I think the best course of action is to reduce scope by removing the WASM component of this patch series entirely. I’d send a new patch series without the WASM toolchain packages, and with WASM sandboxing disabled in the LibreWolf package. The official LibreWolf binaries don’t appear to have this enabled, so no hardening would be sacrified vs. LibreWolf installed any other way. And since I’m not the original author of the WASM packages, and not well-positioned to address problems with them, omitting them seems likely to circumvent difficulties in the review process and support of those. What do you think? Thanks, — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Thu, 22 Feb 2024 10:23:01 GMT) Full text and rfc822 format available.Message #170 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Jonathan Brielmaier <jonathan.brielmaier <at> web.de> Subject: Re: [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Thu, 22 Feb 2024 11:21:47 +0100
On Wed, Feb 21 2024, Ian Eure wrote: > Clément Lassieur <clement <at> lassieur.org> writes: > >> On Sat, Feb 17 2024, Ian Eure wrote: >> >>> Clément Lassieur <clement <at> lassieur.org> writes: >>> >>>> On Wed, Feb 14 2024, Mark H Weaver wrote: >>>> >>>>> Ian Eure <ian <at> retrospec.tv> writes: >>>>>> * gnu/packages/icu4c.scm (icu4c-73): New variable. >>>>>> * gnu/packages/gnuzilla.scm (icu4c-73-promise): Delete variable. >>>>> >>>>> The commit log should mention the changes to 'icecat-minimal' and >>>>> 'make-torbrowser'. Otherwise, looks good to me. >>>> >>>> I pushed this one (with small commit message updates), so we can have a >>>> feeling that things are advancing :) >>>> >>> >>> Thank you. Do you think the nss patch is also mergeable? >> >> Do we know why this patch is necessary for librewolf and not for other >> ESR based browsers? >> > > LibreWolf is based on standard Firefox releases, not ESR; that may account for > it, but I don’t know for sure. I'm just confused by the description: > + (description > + "Full-featured browser client built from Firefox source tree, without > +the official icon and the name \"firefox\". This is the Extended Support > +Release (ESR) version.") Clément
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Thu, 22 Feb 2024 10:41:02 GMT) Full text and rfc822 format available.Message #173 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Liliana Marie Prikler <liliana.prikler <at> gmail.com> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Thu, 22 Feb 2024 11:19:03 +0100
On Wed, Feb 21 2024, Ian Eure wrote: > Clément Lassieur <clement <at> lassieur.org> writes: > >> On Wed, Feb 21 2024, Liliana Marie Prikler wrote: >>> Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure: >>>> Clément Lassieur <clement <at> lassieur.org> writes: >>>> > > Are you saying you want a process like: >>>> > > > > 1a. Get wasm toolchain stuff merged. >>>> > > 1b. Get Librewolf merged without WASM sandboxing. >>>> > > 2. Update icecat, torbrowser, mullvad, and librewolf to > > use > > >>>> WASM sandboxing. >>>> > > Excatly. 1b can be done after 1a, or before 1a. >>>> > Is there a technical reason why landing WASM sandboxing support for all >>>> browsers in the same patch is desirable? I can intuit none, and as I’m >>>> disinclined to either roll back portions of my existing patchset, or work >>>> on other browsers, the proposal is disagreeable. >>> I think this ordering is w.r.t. *patch sets*, not patches. I wouldn't >>> suggest dropping four packages into one patch. >> >> Indeed I've never said it should be done in one patch. I said one-shot >> as in ‘symmetrical’: the work required to add Wasm to our browsers >> should be more or less the same for all browsers, and code duplication >> should be avoided. >> > > Forgive me for my imprecision, and thank you for the > explanation. Unfortunately, the distinction makes little difference to me, as > it still would require me to do work I’m unwilling to do. My unwillingness > has less to do with the amount of work than its scope: My goal is to get > LibreWolf into Guix, and I simply have no desire or motivation to work on > other browsers. Firefox based browsers are closely related. Sounds impossible to me to really do good work on one of them without touching the other ones. > I think the best course of action is to reduce scope by removing the WASM > component of this patch series entirely. I’d send a new patch series without > the WASM toolchain packages, and with WASM sandboxing disabled in the > LibreWolf package. The official LibreWolf binaries don’t appear to have this > enabled, so no hardening would be sacrified vs. LibreWolf installed any other > way. And since I’m not the original author of the WASM packages, and not > well-positioned to address problems with them, omitting them seems likely to > circumvent difficulties in the review process and support of those. > > What do you think? Sounds good. And we can add WASM later.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Thu, 22 Feb 2024 14:36:03 GMT) Full text and rfc822 format available.Message #176 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Mark H Weaver <mhw <at> netris.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, Jonathan Brielmaier <jonathan.brielmaier <at> web.de>, Clément Lassieur <clement <at> lassieur.org> Subject: Re: [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Thu, 22 Feb 2024 09:34:27 -0500
Hi Ian,
Clément Lassieur <clement <at> lassieur.org> writes:
> I'm just confused by the description:
>
>> + (description
>> + "Full-featured browser client built from Firefox source tree, without
>> +the official icon and the name \"firefox\". This is the Extended Support
>> +Release (ESR) version.")
The description above, apparently written by you, states that this
browser is "Full-featured", and the only differences mentioned between
Firefox and Librewolf are that it lacks the "official icon and the name
'firefox'".
Note that Firefox does not comply with the GNU FSDG. For example,
Firefox supports EME, and that it also steers users towards nonfree
software, notably nonfree addons. Therefore Firefox is not included in
Guix.
Can you tell me more about the differences between Firefox and
Librewolf?
Thanks,
Mark
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 23 Feb 2024 01:26:01 GMT) Full text and rfc822 format available.Message #179 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Mark H Weaver <mhw <at> netris.org> Cc: 67512 <at> debbugs.gnu.org, Jonathan Brielmaier <jonathan.brielmaier <at> web.de>, Clément Lassieur <clement <at> lassieur.org> Subject: Re: [bug#67512] [PATCH v4 1/4] gnu: Move icu4c-73 from gnuzilla to icu4c. Date: Thu, 22 Feb 2024 16:56:57 -0800
Hi Mark, Mark H Weaver <mhw <at> netris.org> writes: > Hi Ian, > > Clément Lassieur <clement <at> lassieur.org> writes: > >> I'm just confused by the description: >> >>> + (description >>> + "Full-featured browser client built from Firefox source >>> tree, without >>> +the official icon and the name \"firefox\". This is the >>> Extended Support >>> +Release (ESR) version.") > > The description above, apparently written by you, states that > this > browser is "Full-featured", and the only differences mentioned > between > Firefox and Librewolf are that it lacks the "official icon and > the name > 'firefox'". > Thank you for bringing this to my attention. This is an artifact of the Firefox package definition I based this on, and isn’t an accurate description of LibreWolf. I’ll correct this in the next version. > Note that Firefox does not comply with the GNU FSDG. For > example, > Firefox supports EME, and that it also steers users towards > nonfree > software, notably nonfree addons. Therefore Firefox is not > included in > Guix. > > Can you tell me more about the differences between Firefox and > Librewolf? > I can’t enumerate every difference; if you have a question about specific feature(s), I’d be happy to answer that. In general: - LibreWolf permits use of their name and logo. - Telemetry is disabled. - User-hostile things like ads for Mozilla VPN are removed. - DRM is disabled by default (but can be enabled by the user). - Default settings have been adjusted for more security and/or privacy. This feature list covers most of the changes: https://librewolf.net/docs/features/ Additionally, the patch I submitted builds LibreWolf without EME support (which is what the other Firefox forks in Guix do); and uses GNU Mozzarella for extensions. Thanks, — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 25 Feb 2024 00:55:01 GMT) Full text and rfc822 format available.Message #182 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v5 0/2] Add LibreWolf. Date: Sat, 24 Feb 2024 16:53:34 -0800
Vs. the previous patch series, this: - Corrects package home-page, synopsis, and description. - Removes "firefox" language in comments. - Updates to LibreWolf 123.0-1 and update %librewolf-build-id. - Removes WASM sandboxing, wasi-libc, etc. - Corrects most linter issues. I don't know how to correct the remaining items, or how big a deal they are. Guidance would be appreciated here. Ian Eure (2): gnu: nss: Update to 3.97. gnu: Add librewolf. gnu/packages/certs.scm | 4 +- gnu/packages/librewolf.scm | 638 +++++++++++++++++++++++++++++++++++++ gnu/packages/nss.scm | 6 +- 3 files changed, 643 insertions(+), 5 deletions(-) create mode 100644 gnu/packages/librewolf.scm base-commit: 05bbe9993f687da1fd684a31474c621f2a1c37b2 -- 2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 25 Feb 2024 00:55:02 GMT) Full text and rfc822 format available.Message #185 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v5 2/2] gnu: Add librewolf. Date: Sat, 24 Feb 2024 16:53:36 -0800
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 638 +++++++++++++++++++++++++++++++++++++
1 file changed, 638 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..a1f0e984d6
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,638 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas <at> enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw <at> netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong <at> gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim <at> flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a <at> ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita <at> n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann <at> infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov <at> gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust <at> gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda <at> monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last <at> 163.com>
+;;; Copyright © 2021 pineapples <guixuser6392 <at> protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice <at> waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias <at> protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf <at> wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian <at> retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+(define %librewolf-build-id "20240224100924")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "123.0-1")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "050kg717jy70fvjfh91aydmq25mqaz6cbf9cqsdsgh6hvpxrw873"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("\"--frozen\",")
+ ""))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build '1fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (pciutils-lib (string-append (assoc-ref inputs
+ "pciutils") "/lib")))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,pciutils-lib))))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ '(("extensions.getAddons.search.browseURL"
+ string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%")
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ ;; TODO: make me a loop again
+ (mesa-lib (string-append (assoc-ref inputs
+ "mesa")
+ "/lib"))
+ (apng-lib (string-append (assoc-ref inputs
+ "libpng-apng") "/lib"))
+ ;; For the integration of native notifications
+ (libnotify-lib (string-append (assoc-ref inputs
+ "libnotify")
+ "/lib"))
+ ;; For hardware video acceleration via VA-API
+ (libva-lib (string-append (assoc-ref inputs
+ "libva")
+ "/lib"))
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (pulseaudio-lib (string-append (assoc-ref inputs
+ "pulseaudio")
+ "/lib"))
+ ;; For U2F and WebAuthn
+ (eudev-lib (string-append (assoc-ref inputs
+ "eudev")
+ "/lib"))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,mesa-lib ,libnotify-lib
+ ,libva-lib
+ ,pulseaudio-lib
+ ,eudev-lib
+ ,apng-lib
+ ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
+fingerprinting techniques, while also including a few security improvements.
+This is achieved through our privacy and security oriented settings and
+patches. LibreWolf also aims to remove all the telemetry, data collection and
+annoyances, as well as disabling anti-freedom features like DRM.")
+ (license license:mpl2.0)))
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 25 Feb 2024 01:02:01 GMT) Full text and rfc822 format available.Message #188 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v5 1/2] gnu: nss: Update to 3.97. Date: Sat, 24 Feb 2024 16:53:35 -0800
* gnu/packages/nss.scm (nss): Update to 3.97.
* gnu/packages/certs.scm (nss-certs): Update to 3.97.
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..2a6106df78 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..268ddaa24f 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.97")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "02pscmkp7flawmgwqzr807nsn6kzzw7r7xjbzfql0bpkjf1zp3h7"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 09 Mar 2024 21:24:01 GMT) Full text and rfc822 format available.Message #191 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, Mark H Weaver <mhw <at> netris.org>, Liliana Marie Prikler <liliana.prikler <at> gmail.com> Subject: Re: [bug#67512] [PATCH v4 3/4] gnu: Add wasm packages. Date: Sat, 09 Mar 2024 13:20:41 -0800
Hello, Just pinging on this. v5 of the patch reduces scope, as we discussed; it’s now just a nss update + addition of LibreWolf. Thanks, — Ian Clément Lassieur <clement <at> lassieur.org> writes: > On Wed, Feb 21 2024, Ian Eure wrote: > >> Clément Lassieur <clement <at> lassieur.org> writes: >> >>> On Wed, Feb 21 2024, Liliana Marie Prikler wrote: >>>> Am Dienstag, dem 20.02.2024 um 18:18 -0800 schrieb Ian Eure: >>>>> Clément Lassieur <clement <at> lassieur.org> writes: >>>>> > > Are you saying you want a process like: >>>>> > > > > 1a. Get wasm toolchain stuff merged. >>>>> > > 1b. Get Librewolf merged without WASM sandboxing. >>>>> > > 2. Update icecat, torbrowser, mullvad, and librewolf to >>>>> > > > > use > > >>>>> WASM sandboxing. >>>>> > > Excatly. 1b can be done after 1a, or before 1a. >>>>> > Is there a technical reason why landing WASM sandboxing >>>>> > support for all >>>>> browsers in the same patch is desirable? I can intuit none, >>>>> and as I’m >>>>> disinclined to either roll back portions of my existing >>>>> patchset, or work >>>>> on other browsers, the proposal is disagreeable. >>>> I think this ordering is w.r.t. *patch sets*, not patches. I >>>> wouldn't >>>> suggest dropping four packages into one patch. >>> >>> Indeed I've never said it should be done in one patch. I said >>> one-shot >>> as in ‘symmetrical’: the work required to add Wasm to our >>> browsers >>> should be more or less the same for all browsers, and code >>> duplication >>> should be avoided. >>> >> >> Forgive me for my imprecision, and thank you for the >> explanation. Unfortunately, the distinction makes little >> difference to me, as >> it still would require me to do work I’m unwilling to do. My >> unwillingness >> has less to do with the amount of work than its scope: My goal >> is to get >> LibreWolf into Guix, and I simply have no desire or motivation >> to work on >> other browsers. > > Firefox based browsers are closely related. Sounds impossible > to me to > really do good work on one of them without touching the other > ones. > >> I think the best course of action is to reduce scope by >> removing the WASM >> component of this patch series entirely. I’d send a new patch >> series without >> the WASM toolchain packages, and with WASM sandboxing disabled >> in the >> LibreWolf package. The official LibreWolf binaries don’t >> appear to have this >> enabled, so no hardening would be sacrified vs. LibreWolf >> installed any other >> way. And since I’m not the original author of the WASM >> packages, and not >> well-positioned to address problems with them, omitting them >> seems likely to >> circumvent difficulties in the review process and support of >> those. >> >> What do you think? > > Sounds good. And we can add WASM later.
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Wed, 13 Mar 2024 09:09:02 GMT) Full text and rfc822 format available.Message #194 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Romain Garbage <romain.garbage <at> inria.fr> To: 67512 <at> debbugs.gnu.org Cc: ian <at> retrospec.tv Subject: Feedback for Librewolf package Date: Wed, 13 Mar 2024 10:07:29 +0100 (CET)
Hello,
I tested the v5 of the patch series, applied on guix master 0547fe862c.
Both patches apply and compile cleanly.
I then launched Librewolf through `./pre-inst-env guix shell librewolf -- librewolf`.
I got an error window with the following error message: "Configuration Error: Failed to read the configuration file. Please contact your system administrator."
and the following error messages in console:
```
JavaScript error: librewolf.cfg, line 545: SyntaxError: missing ) in parenthetical
JavaScript warning: resource://services-settings/Utils.sys.mjs, line 57: unreachable code after return statement
console.error: "formatURLPref: Couldn't get pref: " "startup.homepage_welcome_url.additional"
console.error: "Ignoring protocol handler for mailto without a uriTemplate!"
console.error: ({})
JavaScript error: resource://activity-stream/lib/TelemetryFeed.jsm, line 1066: Error: Failed to load chrome://pocket/content/pktApi.sys.mjs
JavaScript error: resource://gre/modules/PromiseWorker.sys.mjs, line 96: Error: Could not get children of file(/home/romain/.librewolf/rhx67hr4.default/thumbnails) because it does not exist
console.error: "about:home startup cache construction failed:" (new TypeError("sectionOrder is undefined", "resource://activity-stream/data/content/activity-stream.bundle.js", 7802))
console.error: "update.locale" " file doesn't exist in either the application or GRE directories"
console.error: services.settings:
main/search-config Signature failed InvalidSignatureError: Invalid content signature (main/search-config) using 'remote-settings.content-signature.mozilla.org-2024-04-09-14-36-39.chain'
console.error: services.settings:
main/search-config local data was corrupted
console.warn: services.settings: main/search-config Signature verified failed. Retry from scratch
```
After closing the error window, the browser launched properly and could be used to browse the web.
I closed it and launched it again and got the same error window, then the browser started again (same behaviour).
I tried to install an add-on from `about:addons`, I got redirected to https://addons.mozilla.org eventhough gnuzilla.gnu.org is mentioned in the search bar.
The Firefox addons website doesn't recognise Librewolf as a Firefox compatible browser and suggests to install Firefox instead of the addon installation.
I don't know if these issues are related to the guix package, although I have been using Librewolf in NixOS during one year as a daily driver and never ran into these issues.
If you need more testing or details, feel free to ask :)
Have a nice day,
Romain
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 15 Mar 2024 14:12:02 GMT) Full text and rfc822 format available.Message #197 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Romain Garbage <romain.garbage <at> inria.fr> Cc: 67512 <at> debbugs.gnu.org Subject: Re: Feedback for Librewolf package Date: Fri, 15 Mar 2024 07:05:18 -0700
Hi Romain,
This is indeed a bug, I was missing parens around a string-append
call, which broke the preferences file. I saw the error you
mention, but thought my user preferences were broken in some way
by the many short-lived local builds I’ve run.
I’ll have a fixed patch soon. Thank you very much for taking the
time to try things out and letting me know about this problem.
— Ian
Romain Garbage <romain.garbage <at> inria.fr> writes:
> Hello,
>
> I tested the v5 of the patch series, applied on guix master
> 0547fe862c.
>
> Both patches apply and compile cleanly.
>
> I then launched Librewolf through `./pre-inst-env guix shell
> librewolf -- librewolf`.
>
> I got an error window with the following error message:
> "Configuration
> Error: Failed to read the configuration file. Please contact
> your
> system administrator."
>
> and the following error messages in console:
>
> ```
> JavaScript error: librewolf.cfg, line 545: SyntaxError: missing
> ) in parenthetical
> JavaScript warning: resource://services-settings/Utils.sys.mjs,
> line 57: unreachable code after return statement
> console.error: "formatURLPref: Couldn't get pref: "
> "startup.homepage_welcome_url.additional"
> console.error: "Ignoring protocol handler for mailto without a
> uriTemplate!"
> console.error: ({})
> JavaScript error:
> resource://activity-stream/lib/TelemetryFeed.jsm, line 1066:
> Error: Failed to load chrome://pocket/content/pktApi.sys.mjs
> JavaScript error: resource://gre/modules/PromiseWorker.sys.mjs,
> line
> 96: Error: Could not get children of
> file(/home/romain/.librewolf/rhx67hr4.default/thumbnails)
> because it
> does not exist
> console.error: "about:home startup cache construction failed:"
> (new
> TypeError("sectionOrder is undefined",
> "resource://activity-stream/data/content/activity-stream.bundle.js",
> 7802))
> console.error: "update.locale" " file doesn't exist in either
> the application or GRE directories"
> console.error: services.settings:
> main/search-config Signature failed InvalidSignatureError:
> Invalid
> content signature (main/search-config) using
> 'remote-settings.content-signature.mozilla.org-2024-04-09-14-36-39.chain'
> console.error: services.settings:
> main/search-config local data was corrupted
> console.warn: services.settings: main/search-config Signature
> verified failed. Retry from scratch
> ```
>
> After closing the error window, the browser launched properly
> and could be used to browse the web.
>
> I closed it and launched it again and got the same error window,
> then the browser started again (same behaviour).
>
> I tried to install an add-on from `about:addons`, I got
> redirected to
> https://addons.mozilla.org eventhough gnuzilla.gnu.org is
> mentioned in
> the search bar.
> The Firefox addons website doesn't recognise Librewolf as a
> Firefox
> compatible browser and suggests to install Firefox instead of
> the
> addon installation.
>
> I don't know if these issues are related to the guix package,
> although
> I have been using Librewolf in NixOS during one year as a daily
> driver
> and never ran into these issues.
>
> If you need more testing or details, feel free to ask :)
>
> Have a nice day,
> Romain
>
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 29 Mar 2024 22:36:02 GMT) Full text and rfc822 format available.Message #200 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v6 0/2] Add LibreWolf Date: Fri, 29 Mar 2024 15:34:41 -0700
- Updates LibreWolf to 124.0.1-1, which fixes numerous important security issues from upstream Firefox 123.x and 124.0. - Updates nss to 3.98, required by LW 124.0.1-1. - Corrects wrong string-append which broke the preferences file. - Correct typo’d phase name '1fix-addons-placeholder to 'fix-addons-placeholder. - Turn code flagged with "TODO turn me back into a loop" back into a loop. Ian Eure (2): gnu: nss: Update to 3.98. gnu: Add librewolf. gnu/packages/certs.scm | 4 +- gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++ gnu/packages/nss.scm | 6 +- 3 files changed, 626 insertions(+), 5 deletions(-) create mode 100644 gnu/packages/librewolf.scm base-commit: 423ca234cbd7b4902fd2a3fbc089a6fd57ed5583 -- 2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 29 Mar 2024 22:36:02 GMT) Full text and rfc822 format available.Message #203 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v6 1/2] gnu: nss: Update to 3.98. Date: Fri, 29 Mar 2024 15:34:42 -0700
* gnu/packages/nss.scm (nss): Update to 3.98.
* gnu/packages/certs.scm (nss-certs): Update to 3.98.
Change-Id: I443ffb49cffa0985d9c3aa3e9990575ba11edf8a
---
gnu/packages/certs.scm | 4 ++--
gnu/packages/nss.scm | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..b8d849f49d 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -131,7 +131,7 @@ (define-public nss-certs
;; XXX We used to refer to the nss package here, but that eventually caused
;; module cycles. The below is a quick copy-paste job that must be kept in
;; sync manually. Surely there's a better way…?
- (version "3.88.1")
+ (version "3.98")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -142,7 +142,7 @@ (define-public nss-certs
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "1kh98amfklrq6915n4mlbrcqghc3srm7rkzs9dkh21jwscrwqjgm"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..fafc377b0b 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -106,7 +106,7 @@ (define-public nss
;; IMPORTANT: Also update and test the nss-certs package, which duplicates
;; version and source to avoid a top-level variable reference & module
;; cycle.
- (version "3.88.1")
+ (version "3.98")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -117,7 +117,7 @@ (define-public nss
"nss-" version ".tar.gz")))
(sha256
(base32
- "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))
+ "1kh98amfklrq6915n4mlbrcqghc3srm7rkzs9dkh21jwscrwqjgm"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-3.56-pkgconfig.patch"
"nss-getcwd-nonnull.patch"
@@ -200,7 +200,7 @@ (define-public nss
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2022-11-01" "./nss/tests/all.sh"))
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
(format #t "test suite not run~%"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 29 Mar 2024 22:36:03 GMT) Full text and rfc822 format available.Message #206 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v6 2/2] gnu: Add librewolf. Date: Fri, 29 Mar 2024 15:34:43 -0700
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
1 file changed, 621 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..2b20b90655
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,621 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas <at> enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw <at> netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong <at> gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim <at> flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a <at> ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita <at> n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann <at> infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov <at> gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust <at> gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda <at> monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last <at> 163.com>
+;;; Copyright © 2021 pineapples <guixuser6392 <at> protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice <at> waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias <at> protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf <at> wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian <at> retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+;; ex: date '+%Y%m%d%H%M%S'
+(define %librewolf-build-id "20240326080003")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "124.0.1-1")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "1sks49nywzhvq5mik4ipm3vyyxv49s9hq6bfyk5d9r6f0nlydllf"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("args.append\\(\"--frozen\"\\)") "pass"))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa and pci
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "pciutils"))))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix ,libs)))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ `(("extensions.getAddons.search.browseURL"
+ ,(string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%"))
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "libpng-apng" "libnotify" "libva"
+ "pulseaudio" "gtk+"
+ ;; For U2F and WebAuthn
+ "eudev")))
+
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,@libs ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
+fingerprinting techniques, while also including a few security improvements.
+This is achieved through our privacy and security oriented settings and
+patches. LibreWolf also aims to remove all the telemetry, data collection and
+annoyances, as well as disabling anti-freedom features like DRM.")
+ (license license:mpl2.0)))
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 06 Apr 2024 15:05:02 GMT) Full text and rfc822 format available.Message #209 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v7 0/3] Add LibreWolf Date: Sat, 6 Apr 2024 08:04:15 -0700
Moves nss update to nss-3.98 / nss-certs-3.98 to avoid rebuilding thousands of packages. Rebases. Ian Eure (3): gnu: Add nss-3.98. gnu: Add nss-certs-3.98. gnu: Add librewolf. gnu/packages/certs.scm | 16 + gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++ gnu/packages/nss.scm | 45 +++ 3 files changed, 682 insertions(+) create mode 100644 gnu/packages/librewolf.scm base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e -- 2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 06 Apr 2024 15:05:02 GMT) Full text and rfc822 format available.Message #212 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v7 2/3] gnu: Add nss-certs-3.98. Date: Sat, 6 Apr 2024 08:04:17 -0700
* gnu/packages/certs.scm (nss-certs-3.98): New variable.
Change-Id: I95b54781c7b85f1d6b54158c6b906116791e009c
---
gnu/packages/certs.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 58b4d50ec8..7078c7c8d1 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -188,6 +188,22 @@ (define-public nss-certs
(home-page "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS")
(license license:mpl2.0)))
+(define-public nss-certs-3.98
+ (package
+ (inherit nss-certs)
+ (version "3.98")
+ (source (origin
+ (method url-fetch)
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1kh98amfklrq6915n4mlbrcqghc3srm7rkzs9dkh21jwscrwqjgm"))))))
+
(define-public le-certs
(package
(name "le-certs")
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 06 Apr 2024 15:05:03 GMT) Full text and rfc822 format available.Message #215 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v7 1/3] gnu: Add nss-3.98. Date: Sat, 6 Apr 2024 08:04:16 -0700
* gnu/packages/nss.scm (nss-3.98): New variable.
Change-Id: If54ba20d296da2f4edd444c7cfa223a2d5a9ecb8
---
gnu/packages/nss.scm | 45 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 45 insertions(+)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 54b9e5041a..14612d7ce9 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -241,3 +241,48 @@ (define-public nss
security standards.")
(license license:mpl2.0)))
+(define-public nss-3.98
+ (package
+ (inherit nss)
+ (version "3.98")
+ (source (origin
+ (method url-fetch)
+ (uri (let ((version-with-underscores
+ (string-join (string-split version #\.) "_")))
+ (string-append
+ "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+ "releases/NSS_" version-with-underscores "_RTM/src/"
+ "nss-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1kh98amfklrq6915n4mlbrcqghc3srm7rkzs9dkh21jwscrwqjgm"))
+ ;; Create nss.pc and nss-config.
+ (patches (search-patches "nss-3.56-pkgconfig.patch"
+ "nss-getcwd-nonnull.patch"
+ "nss-increase-test-timeout.patch"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete the bundled copy of these libraries.
+ (delete-file-recursively "nss/lib/zlib")
+ (delete-file-recursively "nss/lib/sqlite")))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nss)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (if tests?
+ (begin
+ ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for
+ ;; testing. The latter requires a working DNS or /etc/hosts.
+ (setenv "DOMSUF" "localdomain")
+ (setenv "USE_IP" "TRUE")
+ (setenv "IP_ADDRESS" "127.0.0.1")
+
+ ;; The "PayPalEE.cert" certificate expires every six months,
+ ;; leading to test failures:
+ ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
+ ;; work around that, set the time to roughly the release date.
+ (invoke "faketime" "2024-01-23" "./nss/tests/all.sh"))
+ (format #t "test suite not run~%"))))))))))
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 06 Apr 2024 15:05:04 GMT) Full text and rfc822 format available.Message #218 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: 67512 <at> debbugs.gnu.org Cc: Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v7 3/3] gnu: Add librewolf. Date: Sat, 6 Apr 2024 08:04:18 -0700
* gnu/packages/librewolf.scm (librewolf): New variable.
Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6
---
gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
1 file changed, 621 insertions(+)
create mode 100644 gnu/packages/librewolf.scm
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
new file mode 100644
index 0000000000..4804a872ce
--- /dev/null
+++ b/gnu/packages/librewolf.scm
@@ -0,0 +1,621 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2015, 2024 Andreas Enge <andreas <at> enge.fr>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw <at> netris.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong <at> gmail.com>
+;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim <at> flashner.co.il>
+;;; Copyright © 2016 Alex Griffin <a <at> ajgrf.com>
+;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
+;;; Copyright © 2017, 2018 Nikita <nikita <at> n0.is>
+;;; Copyright © 2017, 2018 ng0 <gillmann <at> infotropique.org>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2019 Ivan Petkov <ivanppetkov <at> gmail.com>
+;;; Copyright © 2020 Oleg Pykhalov <go.wigust <at> gmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
+;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda <at> monarch-pass.net>
+;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
+;;; Copyright © 2020 Zhu Zihao <all_but_last <at> 163.com>
+;;; Copyright © 2021 pineapples <guixuser6392 <at> protonmail.com>
+;;; Copyright © 2021 Brice Waegeneire <brice <at> waegenei.re>
+;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias <at> protonmail.com>
+;;; Copyright © 2022 Pierre Langlois <pierre.langlois <at> gmx.com>
+;;; Copyright © 2023 Tomas Volf <wolf <at> wolfsden.cz>
+;;; Copyright © 2023 Ian Eure <ian <at> retrospec.tv>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu packages librewolf)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cargo)
+ #:use-module (guix build-system trivial)
+ #:use-module (guix download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:use-module ((guix build utils) #:select (alist-replace))
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
+ #:use-module (gnu packages cups)
+ #:use-module (gnu packages fontutils)
+ #:use-module (gnu packages gl)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages hunspell)
+ #:use-module (gnu packages icu4c)
+ #:use-module (gnu packages image)
+ #:use-module (gnu packages jemalloc)
+ #:use-module (gnu packages kerberos)
+ #:use-module (gnu packages libcanberra)
+ #:use-module (gnu packages libevent)
+ #:use-module (gnu packages libffi)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages node)
+ #:use-module (gnu packages nss)
+ #:use-module (gnu packages pciutils)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages pulseaudio)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages rust)
+ #:use-module (gnu packages rust-apps)
+ #:use-module (gnu packages speech)
+ #:use-module (gnu packages sqlite)
+ #:use-module (gnu packages video)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg))
+
+;; Define the versions of rust needed to build librewolf, trying to match
+;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
+;; https://searchfox.org under the particular firefox release, like
+;; mozilla-esr102.
+(define rust-librewolf rust) ; 1.60 is the default in Guix, 1.65 is the minimum.
+
+;; Update this id with every update to its release date.
+;; It's used for cache validation and therefore can lead to strange bugs.
+;; ex: date '+%Y%m%d%H%M%S'
+(define %librewolf-build-id "20240326080003")
+
+(define-public librewolf
+ (package
+ (name "librewolf")
+ (version "124.0.1-1")
+ (source
+ (origin
+ (method url-fetch)
+
+ (uri (string-append "https://gitlab.com/api/v4/projects/32320088/"
+ "packages/generic/librewolf-source/"
+ version
+ "/librewolf-"
+ version
+ ".source.tar.gz"))
+ (sha256
+ (base32 "1sks49nywzhvq5mik4ipm3vyyxv49s9hq6bfyk5d9r6f0nlydllf"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list
+ #:configure-flags #~(let ((clang #$(this-package-native-input "clang")))
+ `("--enable-application=browser"
+
+ ;; Configuration
+ "--without-wasm-sandboxed-libraries"
+ "--with-system-jpeg"
+ "--with-system-zlib"
+ "--with-system-png"
+ "--with-system-webp"
+ "--with-system-icu"
+ "--with-system-libvpx"
+ "--with-system-libevent"
+ "--with-system-ffi"
+ "--enable-system-pixman"
+ "--enable-jemalloc"
+
+ ;; see https://bugs.gnu.org/32833
+ "--with-system-nspr"
+ "--with-system-nss"
+
+ ,(string-append "--with-clang-path=" clang
+ "/bin/clang")
+ ,(string-append "--with-libclang-path=" clang
+ "/lib")
+
+ ;; Distribution
+ "--with-distribution-id=org.guix"
+ "--with-app-name=librewolf"
+ "--with-app-basename=LibreWolf"
+ "--with-branding=browser/branding/librewolf"
+
+ ;; Features
+ "--disable-tests"
+ "--disable-updater"
+ "--enable-pulseaudio"
+ "--disable-crashreporter"
+ "--allow-addon-sideload"
+ "--with-unsigned-addon-scopes=app,system"
+ "--disable-eme"
+
+ ;; Build details
+ "--disable-debug"
+ "--enable-rust-simd"
+ "--enable-release"
+ "--enable-optimize"
+ "--enable-strip"
+ "--enable-hardening"
+ "--disable-elf-hack"))
+ #:imported-modules %cargo-utils-modules
+ #:modules `((ice-9 regex)
+ (ice-9 string-fun)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26)
+ (rnrs bytevectors)
+ (rnrs io ports)
+ (guix elf)
+ (guix build gremlin)
+ ,@%gnu-build-system-modules)
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'fix-preferences
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((port (open-file "browser/app/profile/firefox.js"
+ "a")))
+ (define (write-setting key value)
+ (format port "~%pref(\"~a\", ~a);~%" key value)
+ (format #t
+ "fix-preferences: setting value of ~a to ~a~%" key
+ value))
+
+ ;; We should allow the sandbox to read the store directory,
+ ;; because the sandbox has access to /usr on FHS distros.
+ (write-setting
+ "security.sandbox.content.read_path_whitelist"
+ (string-append "\""
+ (%store-directory) "/\""))
+
+ ;; XDG settings should be managed by Guix.
+ (write-setting "browser.shell.checkDefaultBrowser"
+ "false")
+ (close-port port))))
+ (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
+ (libavcodec (string-append ffmpeg
+ "/lib/libavcodec.so")))
+ ;; Arrange to load libavcodec.so by its absolute file name.
+ (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
+ (("libavcodec\\.so")
+ libavcodec)))))
+ (add-after 'patch-source-shebangs 'patch-cargo-checksums
+ (lambda _
+ (use-modules (guix build cargo-utils))
+ (let ((null-hash
+ ;; This is the SHA256 output of an empty string.
+ (string-append
+ "e3b0c44298fc1c149afbf4c8996fb924"
+ "27ae41e4649b934ca495991b7852b855")))
+ (for-each (lambda (file)
+ (format #t
+ "patch-cargo-checksums: patching checksums in ~a~%"
+ file)
+ (substitute* file
+ (("(checksum = )\".*\"" all name)
+ (string-append name "\"" null-hash
+ "\""))))
+ (find-files "." "Cargo\\.lock$"))
+ (for-each generate-all-checksums
+ '("build" "dom/media"
+ "dom/webauthn"
+ "gfx"
+ "intl"
+ "js"
+ "media"
+ "modules"
+ "mozglue/static/rust"
+ "netwerk"
+ "remote"
+ "security/manager/ssl"
+ "servo"
+ "storage"
+ "third_party/rust"
+ "toolkit"
+ "xpcom/rust"
+ "services")))))
+ (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
+ (lambda _
+ ;; Remove --frozen flag from cargo invokation, otherwise it'll
+ ;; complain that it's not able to change Cargo.lock.
+ ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
+ (substitute* "build/RunCbindgen.py"
+ (("args.append\\(\"--frozen\"\\)") "pass"))))
+ (delete 'bootstrap)
+ (add-before 'configure 'patch-SpeechDispatcherService.cpp
+ (lambda _
+ (let* ((lib "libspeechd.so.2")
+ (file (string-append
+ "dom/media/webspeech/synth/"
+ "speechd/SpeechDispatcherService.cpp"))
+ (old-content (call-with-input-file file
+ get-string-all)))
+ (substitute
+ file
+ `((,(format #f "~s" lib) unquote
+ (lambda (line _)
+ (string-replace-substring
+ line lib
+ (string-append #$speech-dispatcher
+ "/lib/" lib))))))
+ (if (string=? old-content
+ (call-with-input-file file
+ get-string-all))
+ (error
+ "substitute did nothing, phase requires an update")))))
+ (add-before 'configure 'set-build-id
+ ;; Build will write the timestamp to output, which is harmful
+ ;; for reproducibility, so change it to a fixed date. Use a
+ ;; separate phase for easier modification with inherit.
+ (lambda _
+ (setenv "MOZ_BUILD_DATE"
+ #$%librewolf-build-id)))
+ (replace 'configure
+ (lambda* (#:key inputs outputs configure-flags
+ #:allow-other-keys)
+ (setenv "AUTOCONF"
+ (string-append (assoc-ref inputs "autoconf")
+ "/bin/autoconf"))
+ (setenv "SHELL"
+ (which "bash"))
+ (setenv "CONFIG_SHELL"
+ (which "bash"))
+ (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE"
+ "system")
+ ;; This should use the host info probably (does it
+ ;; build on non-x86_64 though?)
+ (setenv "GUIX_PYTHONPATH"
+ (string-append (getcwd)
+ "/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
+
+ ;; Use Clang, Clang is 2x faster than GCC
+ (setenv "AR" "llvm-ar")
+ (setenv "NM" "llvm-nm")
+ (setenv "CC" "clang")
+ (setenv "CXX" "clang++")
+ (setenv "MOZ_NOSPAM" "1")
+ (setenv "MOZ_APP_NAME" "librewolf")
+
+ (setenv "MOZBUILD_STATE_PATH"
+ (getcwd))
+
+ (let* ((mozconfig (string-append (getcwd) "/mozconfig"))
+ (out (assoc-ref outputs "out"))
+ (flags (cons (string-append "--prefix=" out)
+ configure-flags)))
+ (format #t "build directory: ~s~%"
+ (getcwd))
+ (format #t "configure flags: ~s~%" flags)
+
+ (define write-flags
+ (lambda flags
+ (display (string-join (map (cut string-append
+ "ac_add_options " <>)
+ flags) "\n"))
+ (display "\n")))
+ (with-output-to-file mozconfig
+ (lambda ()
+ (apply write-flags flags)
+ ;; The following option unsets Telemetry
+ ;; Reporting. With the Addons Fiasco,
+ ;; Mozilla was found to be collecting
+ ;; user's data, including saved passwords
+ ;; and web form data, without users
+ ;; consent. Mozilla was also found
+ ;; shipping updates to systems without
+ ;; the user's knowledge or permission.
+ ;; As a result of this, use the following
+ ;; command to permanently disable
+ ;; telemetry reporting.
+ (display "unset MOZ_TELEMETRY_REPORTING\n")
+ (display "mk_add_options MOZ_CRASHREPORTER=0\n")
+ (display "mk_add_options MOZ_DATA_REPORTING=0\n")
+ (display
+ "mk_add_options MOZ_SERVICES_HEALTHREPORT=0")
+ (display
+ "mk_add_options MOZ_TELEMETRY_REPORTING=0")))
+ (setenv "MOZCONFIG" mozconfig))
+ (invoke "./mach" "configure")))
+ (add-before 'build 'fix-addons-placeholder
+ (lambda _
+ (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
+ (("addons.mozilla.org")
+ "gnuzilla.gnu.org"))))
+ (replace 'build
+ (lambda* (#:key (make-flags '())
+ (parallel-build? #t) #:allow-other-keys)
+ (apply invoke "./mach" "build"
+ ;; mach will use parallel build if possible by default
+ `(,@(if parallel-build?
+ '()
+ '("-j1")) ,@make-flags))))
+ (add-after 'build 'neutralise-store-references
+ (lambda _
+ ;; Mangle the store references to compilers &
+ ;; other build tools in about:buildconfig,
+ ;; reducing the package's closure by 1 GiB on
+ ;; x86-64.
+ (let* ((build-dir (car (scandir "."
+ (cut string-prefix?
+ "obj-" <>))))
+ (file (string-append build-dir
+ "/dist/bin/chrome/toolkit/"
+ "content/global/buildconfig.html")))
+ (substitute* file
+ (((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
+ (regexp-quote (%store-directory)))
+ _ store hash)
+ (string-append store
+ (string-take hash 8)
+ "<!-- Guix: not a runtime dependency -->"
+ (string-drop hash 8)))))))
+ (replace 'install
+ (lambda _
+ (invoke "./mach" "install")))
+ (add-after 'install 'remove-duplicate-bin
+ (lambda* (#:key outputs #:allow-other-keys)
+ (delete-file (string-append #$output
+ "/lib/librewolf/librewolf-bin"))))
+ (add-after 'install 'wrap-glxtest
+ ;; glxtest uses dlopen() to load mesa and pci
+ ;; libs, wrap it to set LD_LIBRARY_PATH.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "pciutils"))))
+ (wrap-program (car (find-files lib "^glxtest$"))
+ `("LD_LIBRARY_PATH" prefix ,libs)))))
+ (add-after 'install 'patch-config
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((lib (string-append #$output "/lib/librewolf"))
+ (config-file "librewolf.cfg"))
+
+ ;; Required for Guix packaged extensions
+ ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
+ ;; Default is 5.
+ (substitute* (in-vicinity lib config-file)
+ (("defaultPref\\(\"extensions.enabledScopes\", 5\\)")
+ "defaultPref(\"extensions.enabledScopes\", 13)"))
+ ;; Use Mozzarella addons repo.
+ (call-with-port
+ (open-file
+ (in-vicinity lib config-file)
+ "a")
+ (lambda (port)
+ ;; Add-ons panel (see settings.js in Icecat source).
+ (for-each
+ (lambda (pref)
+ (format port
+ "defaultPref(~s, ~s);~%"
+ (car pref)
+ (cdr pref)))
+ `(("extensions.getAddons.search.browseURL"
+ ,(string-append
+ "https://gnuzilla.gnu.org/mozzarella/"
+ "search.php?q=%TERMS%"))
+ ("extensions.getAddons.get.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.link.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.discovery.api_url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("extensions.getAddons.langpacks.url" .
+ "https://gnuzilla.gnu.org/mozzarella")
+ ("lightweightThemes.getMoreURL" .
+ "https://gnuzilla.gnu.org/mozzarella"))))))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; The following two functions are from Guix's icecat package in
+ ;; (gnu packages gnuzilla). See commit
+ ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
+ (define (runpath-of lib)
+ (call-with-input-file lib
+ (compose elf-dynamic-info-runpath elf-dynamic-info
+ parse-elf get-bytevector-all)))
+ (define (runpaths-of-input label)
+ (let* ((dir (string-append (assoc-ref inputs label)
+ "/lib"))
+ (libs (find-files dir "\\.so$")))
+ (append-map runpath-of libs)))
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (libs (map
+ (lambda (lib-name)
+ (string-append (assoc-ref inputs
+ lib-name)
+ "/lib"))
+ '("mesa" "libpng-apng" "libnotify" "libva"
+ "pulseaudio" "gtk+"
+ ;; For U2F and WebAuthn
+ "eudev")))
+
+ ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+ ;; and must be explicitly given access to files it needs.
+ ;; Rather than adding the whole store (as Nix had
+ ;; upstream do, see
+ ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+ ;; linked upstream patches), we can just follow the
+ ;; runpaths of the needed libraries to add everything to
+ ;; LD_LIBRARY_PATH. These will then be accessible in the
+ ;; RDD sandbox.
+ (rdd-whitelist (map (cut string-append <> "/")
+ (delete-duplicates (append-map
+ runpaths-of-input
+ '("mesa"
+ "ffmpeg")))))
+ (gtk-share (string-append (assoc-ref inputs
+ "gtk+")
+ "/share")))
+ (wrap-program (car (find-files lib "^librewolf$"))
+ `("LD_LIBRARY_PATH" prefix
+ (,@libs ,@rdd-whitelist))
+ `("XDG_DATA_DIRS" prefix
+ (,gtk-share))
+ `("MOZ_LEGACY_PROFILES" =
+ ("1"))
+ `("MOZ_ALLOW_DOWNGRADE" =
+ ("1"))))))
+ (add-after 'wrap-program 'install-desktop-entry
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((desktop-file
+ "taskcluster/docker/firefox-snap/firefox.desktop")
+ (applications (string-append #$output
+ "/share/applications")))
+ (substitute* desktop-file
+ (("^Exec=firefox")
+ (string-append "Exec="
+ #$output "/bin/librewolf"))
+ ;; "Firefox" -> "LibreWolf" everywhere
+ (("Firefox")
+ "LibreWolf")
+ ;; Remove non-Latin translations.
+ (("^Name\\[(ar|bn)\\].*$")
+ "")
+ (("^Icon=.*")
+ (string-append "Icon="
+ #$output
+ "/share/icons/hicolor/128x128/apps/librewolf.png
+"))
+ ;; These commands were changed.
+ (("-NewWindow")
+ "-new-window")
+ (("-NewPrivateWindow")
+ "-new-private-window")
+ (("StartupNotify=true")
+ "StartupNotify=true
+StartupWMClass=Navigator"))
+ (copy-file desktop-file "librewolf.desktop")
+ (install-file "librewolf.desktop" applications))))
+ (add-after 'install-desktop-entry 'install-icons
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((icon-source-dir (string-append #$output
+ "/lib/librewolf/browser/"
+ "chrome/icons/default")))
+ (for-each (lambda (size)
+ (let ((dest (string-append #$output
+ "/share/icons/hicolor/"
+ size
+ "x"
+ size
+ "/apps")))
+ (mkdir-p dest)
+ (symlink (string-append icon-source-dir
+ "/default" size ".png")
+ (string-append dest
+ "/librewolf.png"))))
+ '("16" "32" "48" "64" "128"))))))
+
+ ;; Test will significantly increase build time but with little rewards.
+ #:tests? #f
+
+ ;; WARNING: Parallel build will consume lots of memory!
+ ;; If you have encountered OOM issue in build phase, try disable it.
+ #:parallel-build? #t
+
+ ;; Some dynamic lib was determined at runtime, so rpath check may fail.
+ #:validate-runpath? #f))
+ (inputs (list bash-minimal
+ bzip2
+ cairo
+ cups
+ dbus-glib
+ freetype
+ ffmpeg
+ gdk-pixbuf
+ glib
+ gtk+
+ gtk+-2
+ hunspell
+ icu4c-73
+ jemalloc
+ libcanberra
+ libevent
+ libffi
+ libgnome
+ libjpeg-turbo
+ libnotify
+ libpng-apng
+ libva
+ libvpx
+ libwebp
+ libxcomposite
+ libxft
+ libxinerama
+ libxscrnsaver
+ libxt
+ mesa
+ mit-krb5
+ nspr
+ nss-3.98
+ pango
+ pciutils
+ pipewire
+ pixman
+ pulseaudio
+ speech-dispatcher
+ sqlite
+ startup-notification
+ eudev
+ unzip
+ zip
+ zlib))
+ (native-inputs (list alsa-lib
+ autoconf-2.13
+ `(,rust-librewolf "cargo")
+ clang
+ llvm
+ m4
+ nasm
+ node-lts
+ perl
+ pkg-config
+ python
+ rust-librewolf
+ rust-cbindgen-0.26
+ which
+ yasm))
+ (home-page "https://librewolf.net/")
+ (synopsis
+ "Custom version of Firefox, focused on privacy, security and freedom")
+ (description
+ "LibreWolf is designed to increase protection against tracking and
+fingerprinting techniques, while also including a few security improvements.
+This is achieved through our privacy and security oriented settings and
+patches. LibreWolf also aims to remove all the telemetry, data collection and
+annoyances, as well as disabling anti-freedom features like DRM.")
+ (license license:mpl2.0)))
--
2.41.0
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Fri, 12 Apr 2024 11:34:02 GMT) Full text and rfc822 format available.Message #221 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Sharlatan Hellseher <sharlatanus <at> gmail.com> To: 67512 <at> debbugs.gnu.org Subject: [PATCH 0/5] Add LibreWolf Date: Fri, 12 Apr 2024 12:32:53 +0100
[Message part 1 (text/plain, inline)]
Hi Guix team!
It would be great to have one more modern and libre web browser in the
Guix's belt!
I've managed to build and run it successfully by applying patch directly
from QA, thanks Andrew Tropin <andrew <at> trop.in> for the snippet.
--8<---------------cut here---------------start------------->8---
guix time-machine \
--url='https://git.guix-patches.cbaines.net/git/guix-patches' \
--branch=issue-67512 \
--disable-authentication -- shell librewolf -- librewolf
--8<---------------cut here---------------end--------------->8---
--
Oleg
[signature.asc (application/pgp-signature, inline)]
Andrew Tropin <andrew <at> trop.in>:Ian Eure <ian <at> retrospec.tv>:Message #226 received at 67512-done <at> debbugs.gnu.org (full text, mbox):
From: Andrew Tropin <andrew <at> trop.in> To: Ian Eure <ian <at> retrospec.tv>, 67512-done <at> debbugs.gnu.org Cc: Sharlatan Hellseher <sharlatanus <at> gmail.com>, Ian Eure <ian <at> retrospec.tv> Subject: Re: [bug#67512] [PATCH v7 0/3] Add LibreWolf Date: Fri, 12 Apr 2024 16:11:05 +0300
[Message part 1 (text/plain, inline)]
On 2024-04-06 08:04, Ian Eure wrote: > Moves nss update to nss-3.98 / nss-certs-3.98 to avoid rebuilding thousands of packages. > > Rebases. > > Ian Eure (3): > gnu: Add nss-3.98. > gnu: Add nss-certs-3.98. > gnu: Add librewolf. > > gnu/packages/certs.scm | 16 + > gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++ > gnu/packages/nss.scm | 45 +++ > 3 files changed, 682 insertions(+) > create mode 100644 gnu/packages/librewolf.scm > > > base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e Hi Ian, tested those patches, didn't notice any issues. Added pipewire to LD_LIBRARY_PATH to make screensharing on wayland to work. Added librewolf.scm to gnu/local.mk. Pushed as https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae Thank you very much for you work! -- Best regards, Andrew Tropin
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 27 Apr 2024 10:47:07 GMT) Full text and rfc822 format available.Message #229 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: 67512 <at> debbugs.gnu.org Cc: guix-devel <at> gnu.org, Mark H Weaver <mhw <at> netris.org>, ian <at> retrospec.tv, guix-security <at> gnu.org, andrew <at> trop.in Subject: Re: bug#67512: [PATCH v7 0/3] Add LibreWolf Date: Sat, 27 Apr 2024 12:46:11 +0200
On Fri, Apr 12 2024, Andrew Tropin via Guix-patches via wrote: > On 2024-04-06 08:04, Ian Eure wrote: > >> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid rebuilding thousands of packages. >> >> Rebases. >> >> Ian Eure (3): >> gnu: Add nss-3.98. >> gnu: Add nss-certs-3.98. >> gnu: Add librewolf. >> >> gnu/packages/certs.scm | 16 + >> gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++ >> gnu/packages/nss.scm | 45 +++ >> 3 files changed, 682 insertions(+) >> create mode 100644 gnu/packages/librewolf.scm >> >> >> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e > > Hi Ian, > > tested those patches, didn't notice any issues. > > Added pipewire to LD_LIBRARY_PATH to make screensharing on wayland to > work. > > Added librewolf.scm to gnu/local.mk. > > Pushed as > https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae > > Thank you very much for you work! Thank you Andrew for reviewing. Now that this is pushed, is there anyone maintaining this "librewolf" package? This is serious work, with security updates quite often. Right now the package is subject to CVE-2024-3852 (high) CVE-2024-3853 (high) CVE-2024-3854 (high) CVE-2024-3855 (high) CVE-2024-3856 (high) CVE-2024-3857 (high) CVE-2024-3858 (high) CVE-2024-3859 (moderate) CVE-2024-3860 (moderate) CVE-2024-3861 (moderate) CVE-2024-3862 (moderate) CVE-2024-3302 (low) CVE-2024-3864 (high) CVE-2024-3865 (high) Thanks, Clément
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 27 Apr 2024 17:30:02 GMT) Full text and rfc822 format available.Message #232 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, guix-devel <at> gnu.org, guix-security <at> gnu.org, Mark H Weaver <mhw <at> netris.org>, andrew <at> trop.in Subject: Re: bug#67512: [PATCH v7 0/3] Add LibreWolf Date: Sat, 27 Apr 2024 10:19:46 -0700
Clément Lassieur <clement <at> lassieur.org> writes: > On Fri, Apr 12 2024, Andrew Tropin via Guix-patches via wrote: > >> On 2024-04-06 08:04, Ian Eure wrote: >> >>> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid >>> rebuilding thousands of packages. >>> >>> Rebases. >>> >>> Ian Eure (3): >>> gnu: Add nss-3.98. >>> gnu: Add nss-certs-3.98. >>> gnu: Add librewolf. >>> >>> gnu/packages/certs.scm | 16 + >>> gnu/packages/librewolf.scm | 621 >>> +++++++++++++++++++++++++++++++++++++ >>> gnu/packages/nss.scm | 45 +++ >>> 3 files changed, 682 insertions(+) >>> create mode 100644 gnu/packages/librewolf.scm >>> >>> >>> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e >> >> Hi Ian, >> >> tested those patches, didn't notice any issues. >> >> Added pipewire to LD_LIBRARY_PATH to make screensharing on >> wayland to >> work. >> >> Added librewolf.scm to gnu/local.mk. >> >> Pushed as >> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae >> >> Thank you very much for you work! > > Thank you Andrew for reviewing. > > Now that this is pushed, is there anyone maintaining this > "librewolf" > package? This is serious work, with security updates quite > often. > Hi Clement, I’m planning to continue sending patches for updates and the like. Getting a working updater is close to the top of my list. > Right now the package is subject to > > CVE-2024-3852 (high) > CVE-2024-3853 (high) > CVE-2024-3854 (high) > CVE-2024-3855 (high) > CVE-2024-3856 (high) > CVE-2024-3857 (high) > CVE-2024-3858 (high) > CVE-2024-3859 (moderate) > CVE-2024-3860 (moderate) > CVE-2024-3861 (moderate) > CVE-2024-3862 (moderate) > CVE-2024-3302 (low) > CVE-2024-3864 (high) > CVE-2024-3865 (high) > The version in Guix is the latest available. I’ll send in a patch when the next release happens; I’m waiting on upstream for that. Thanks, — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sat, 27 Apr 2024 18:22:01 GMT) Full text and rfc822 format available.Message #235 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: Clément Lassieur <clement <at> lassieur.org> Cc: 67512 <at> debbugs.gnu.org, guix-devel <at> gnu.org, guix-security <at> gnu.org, Mark H Weaver <mhw <at> netris.org>, andrew <at> trop.in Subject: Re: bug#67512: [PATCH v7 0/3] Add LibreWolf Date: Sat, 27 Apr 2024 11:21:16 -0700
Ian Eure <ian <at> retrospec.tv> writes: > Clément Lassieur <clement <at> lassieur.org> writes: > >> On Fri, Apr 12 2024, Andrew Tropin via Guix-patches via wrote: >> >>> On 2024-04-06 08:04, Ian Eure wrote: >>> >>>> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid >>>> rebuilding >>>> thousands of packages. >>>> >>>> Rebases. >>>> >>>> Ian Eure (3): >>>> gnu: Add nss-3.98. >>>> gnu: Add nss-certs-3.98. >>>> gnu: Add librewolf. >>>> >>>> gnu/packages/certs.scm | 16 + >>>> gnu/packages/librewolf.scm | 621 >>>> +++++++++++++++++++++++++++++++++++++ >>>> gnu/packages/nss.scm | 45 +++ >>>> 3 files changed, 682 insertions(+) >>>> create mode 100644 gnu/packages/librewolf.scm >>>> >>>> >>>> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e >>> >>> Hi Ian, >>> >>> tested those patches, didn't notice any issues. >>> >>> Added pipewire to LD_LIBRARY_PATH to make screensharing on >>> wayland >>> to >>> work. >>> >>> Added librewolf.scm to gnu/local.mk. >>> >>> Pushed as >>> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae >>> >>> Thank you very much for you work! >> >> Thank you Andrew for reviewing. >> >> Now that this is pushed, is there anyone maintaining this >> "librewolf" >> package? This is serious work, with security updates quite >> often. >> > > Hi Clement, > > I’m planning to continue sending patches for updates and the > like. Getting a working updater is close to the top of my list. > > >> Right now the package is subject to >> >> CVE-2024-3852 (high) >> CVE-2024-3853 (high) >> CVE-2024-3854 (high) >> CVE-2024-3855 (high) >> CVE-2024-3856 (high) >> CVE-2024-3857 (high) >> CVE-2024-3858 (high) >> CVE-2024-3859 (moderate) >> CVE-2024-3860 (moderate) >> CVE-2024-3861 (moderate) >> CVE-2024-3862 (moderate) >> CVE-2024-3302 (low) >> CVE-2024-3864 (high) >> CVE-2024-3865 (high) >> > > The version in Guix is the latest available. I’ll send in a > patch > when the next release happens; I’m waiting on upstream for that. > Okay, I see that I’m incorrect about this -- LibreWolf is moving onto Codeberg, but I was looking at their GitLab project, which doesn’t have the recent releases. I’ll get this updated. Thanks, — Ian
guix-patches <at> gnu.org:bug#67512; Package guix-patches.
(Sun, 28 Apr 2024 09:01:02 GMT) Full text and rfc822 format available.Message #238 received at 67512 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: Ian Eure <ian <at> retrospec.tv> Cc: 67512 <at> debbugs.gnu.org, guix-devel <at> gnu.org, andrew <at> trop.in, Mark H Weaver <mhw <at> netris.org>, guix-security <at> gnu.org Subject: Re: [bug#67512] [PATCH v7 0/3] Add LibreWolf Date: Sun, 28 Apr 2024 10:59:53 +0200
On Sat, Apr 27 2024, Ian Eure wrote: >> The version in Guix is the latest available. I’ll send in a patch >> when the next release happens; I’m waiting on upstream for that. >> > > Okay, I see that I’m incorrect about this -- LibreWolf is moving onto > Codeberg, but I was looking at their GitLab project, which doesn’t have the > recent releases. I’ll get this updated. Great, thank you Ian!
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Sun, 26 May 2024 11:24:04 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.