2022-12-19 17:17:39 +01:00
|
|
|
;;; SPDX-License-Identifier: GPL-3.0-or-later
|
2020-07-20 09:04:53 +02:00
|
|
|
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
|
|
|
|
;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
|
2022-11-06 18:49:51 +01:00
|
|
|
;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver <mhw@netris.org>
|
2020-07-20 09:04:53 +02:00
|
|
|
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
|
|
|
|
;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
|
|
|
|
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
|
|
|
|
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
|
|
|
;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
|
2021-12-14 16:40:30 +01:00
|
|
|
;;; Copyright © 2017, 2018 ng0 <gillmann@infotropique.org>
|
2020-07-20 09:04:53 +02:00
|
|
|
;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
|
2022-02-13 18:04:22 +01:00
|
|
|
;;; Copyright © 2018, 2020, 2022 Ricardo Wurmus <rekado@elephly.net>
|
2020-07-20 09:04:53 +02:00
|
|
|
;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
|
|
|
|
;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
|
|
|
|
;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
|
|
|
|
;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
|
2023-02-26 11:51:28 +01:00
|
|
|
;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
2020-07-20 09:04:53 +02:00
|
|
|
;;; Copyright © 2020 Zhu Zihao <all_but_last@163.com>
|
2021-04-29 15:55:31 +02:00
|
|
|
;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
|
2021-06-12 22:01:29 +02:00
|
|
|
;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
|
2023-01-18 05:15:50 +01:00
|
|
|
;;; Copyright © 2021, 2022, 2023 John Kehayias <john.kehayias@protonmail.com>
|
2022-01-17 19:54:50 +01:00
|
|
|
;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
|
2023-10-07 21:05:59 +02:00
|
|
|
;;; Copyright © 2023 Tomas Volf <wolf@wolfsden.cz>
|
2020-07-20 09:04:53 +02:00
|
|
|
|
|
|
|
(define-module (nongnu packages mozilla)
|
|
|
|
#:use-module (guix build-system gnu)
|
|
|
|
#:use-module (guix build-system cargo)
|
2021-04-29 15:55:31 +02:00
|
|
|
#:use-module (guix build-system trivial)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (guix download)
|
|
|
|
#:use-module ((guix licenses) #:prefix license:)
|
2022-02-13 18:04:22 +01:00
|
|
|
#:use-module (guix gexp)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (guix packages)
|
2020-09-13 12:43:52 +02:00
|
|
|
#:use-module (guix utils)
|
2022-08-13 19:44:40 +02:00
|
|
|
#:use-module ((guix build utils) #:select (alist-replace))
|
2020-07-20 09:04:53 +02:00
|
|
|
|
|
|
|
#:use-module (gnu packages)
|
|
|
|
#:use-module (gnu packages assembly)
|
|
|
|
#:use-module (gnu packages autotools)
|
|
|
|
#:use-module (gnu packages base)
|
2021-04-29 15:55:31 +02:00
|
|
|
#:use-module (gnu packages bash)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (gnu packages compression)
|
2020-09-13 12:39:15 +02:00
|
|
|
#:use-module (gnu packages crates-io)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (gnu packages cups)
|
|
|
|
#:use-module (gnu packages fontutils)
|
|
|
|
#:use-module (gnu packages gl)
|
|
|
|
#:use-module (gnu packages glib)
|
|
|
|
#:use-module (gnu packages gnome)
|
|
|
|
#:use-module (gnu packages gtk)
|
2023-01-04 17:03:23 +01:00
|
|
|
#:use-module (gnu packages hunspell)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (gnu packages icu4c)
|
|
|
|
#:use-module (gnu packages image)
|
|
|
|
#:use-module (gnu packages jemalloc)
|
|
|
|
#:use-module (gnu packages kerberos)
|
|
|
|
#:use-module (gnu packages libcanberra)
|
|
|
|
#:use-module (gnu packages libevent)
|
|
|
|
#:use-module (gnu packages libffi)
|
2021-06-12 22:01:29 +02:00
|
|
|
#:use-module (gnu packages linux)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (gnu packages llvm)
|
2020-10-21 12:39:10 +02:00
|
|
|
#:use-module (gnu packages m4)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (gnu packages node)
|
|
|
|
#:use-module (gnu packages nss)
|
|
|
|
#:use-module (gnu packages perl)
|
|
|
|
#:use-module (gnu packages pkg-config)
|
|
|
|
#:use-module (gnu packages pulseaudio)
|
|
|
|
#:use-module (gnu packages python)
|
|
|
|
#:use-module (gnu packages rust)
|
|
|
|
#:use-module (gnu packages rust-apps)
|
2023-10-07 21:05:59 +02:00
|
|
|
#:use-module (gnu packages speech)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (gnu packages sqlite)
|
|
|
|
#:use-module (gnu packages video)
|
2022-01-17 19:54:50 +01:00
|
|
|
#:use-module (nongnu packages wasm)
|
2020-07-20 09:04:53 +02:00
|
|
|
#:use-module (gnu packages xdisorg)
|
|
|
|
#:use-module (gnu packages xorg))
|
|
|
|
|
2022-09-22 22:50:11 +02:00
|
|
|
;; Define the versions of rust needed to build firefox, trying to match
|
|
|
|
;; upstream. See the file taskcluster/ci/toolchain/rust.yml at
|
|
|
|
;; https://searchfox.org under the particular firefox release, like
|
|
|
|
;; mozilla-esr102.
|
2022-10-16 00:56:41 +02:00
|
|
|
(define-public rust-firefox-esr rust) ; 1.60 is the default in Guix
|
nongnu: firefox: Update to 113.0 [security fixes].
Fixes CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208,
CVE-2023-32209, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212,
CVE-2023-32213, CVE-2023-32214, CVE-2023-32215, CVE-2023-32216 and
MFSA-TMP-2023-0002.
* nongnu/packages/mozilla.scm (firefox): Update to 113.0.
(rust-firefox): Set to `rust` as this is now `rust-1.67`.
2023-05-12 12:38:21 +02:00
|
|
|
(define-public rust-firefox rust) ; 1.65 is the minimum
|
2022-08-13 19:44:40 +02:00
|
|
|
|
nongnu: firefox: Update to 115.0 [security fixes].
Fixes CVE-2023-3482, CVE-2023-37201, CVE-2023-37202, CVE-2023-37203,
CVE-2023-37204, CVE-2023-37205, CVE-2023-37206, CVE-2023-37207,
CVE-2023-37208, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211 and
CVE-2023-37212.
* nongnu/packages/mozilla.scm (icu4c-73): New variable.
(firefox): Update to 115.0.
[inputs]: Use `icu4c-73`.
2023-07-05 21:15:02 +02:00
|
|
|
(define icu4c-73
|
|
|
|
(package
|
|
|
|
(inherit icu4c)
|
|
|
|
(version "73.1")
|
|
|
|
(source (origin
|
|
|
|
(method url-fetch)
|
|
|
|
(uri (string-append
|
|
|
|
"https://github.com/unicode-org/icu/releases/download/release-"
|
|
|
|
(string-map (lambda (x) (if (char=? x #\.) #\- x)) version)
|
|
|
|
"/icu4c-"
|
|
|
|
(string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
|
|
|
|
"-src.tgz"))
|
|
|
|
(sha256
|
|
|
|
(base32
|
|
|
|
"0iccpdvc0kvpww5a31k9gjkqigyz016i7v80r9zamd34w4fl6mx4"))))))
|
|
|
|
|
2023-08-31 15:58:55 +02:00
|
|
|
;; Update this id with every firefox update to its release date.
|
|
|
|
;; It's used for cache validation and therefore can lead to strange bugs.
|
2024-03-22 16:54:27 +01:00
|
|
|
(define %firefox-esr-build-id "20240322120907")
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-08-10 06:06:22 +02:00
|
|
|
(define-public firefox-esr
|
2020-07-20 09:04:53 +02:00
|
|
|
(package
|
2022-08-10 06:06:22 +02:00
|
|
|
(name "firefox-esr")
|
2024-03-22 16:54:27 +01:00
|
|
|
(version "115.9.1esr")
|
2020-07-20 09:04:53 +02:00
|
|
|
(source
|
|
|
|
(origin
|
|
|
|
(method url-fetch)
|
|
|
|
(uri (string-append "https://archive.mozilla.org/pub/firefox/releases/"
|
|
|
|
version "/source/firefox-" version ".source.tar.xz"))
|
|
|
|
(sha256
|
2024-03-22 16:54:27 +01:00
|
|
|
(base32 "0agr8s42lpbq5gixsgj5kpcvimbnyx6msr4il4rvmf7gpw47hr93"))))
|
2020-07-20 09:04:53 +02:00
|
|
|
(build-system gnu-build-system)
|
|
|
|
(arguments
|
2022-02-13 18:04:22 +01:00
|
|
|
(list
|
|
|
|
#:configure-flags
|
|
|
|
#~(let ((clang #$(this-package-native-input "clang"))
|
|
|
|
(wasi-sysroot #$(this-package-native-input "wasm32-wasi-clang-toolchain")))
|
|
|
|
`("--enable-application=browser"
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; Configuration
|
|
|
|
"--with-system-jpeg"
|
|
|
|
"--with-system-zlib"
|
|
|
|
;; "--with-system-png" ;require libpng-apng >= 1.6.35
|
|
|
|
"--with-system-icu"
|
|
|
|
"--enable-system-ffi"
|
|
|
|
"--enable-system-pixman"
|
|
|
|
"--enable-jemalloc"
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; see https://bugs.gnu.org/32833
|
2022-07-03 01:33:05 +02:00
|
|
|
"--with-system-nspr"
|
2022-02-13 18:04:22 +01:00
|
|
|
;; "--with-system-nss"
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
,(string-append "--with-clang-path="
|
|
|
|
clang "/bin/clang")
|
|
|
|
,(string-append "--with-libclang-path="
|
|
|
|
clang "/lib")
|
|
|
|
,(string-append "--with-wasi-sysroot=" wasi-sysroot "/wasm32-wasi")
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; Distribution
|
|
|
|
"--with-distribution-id=org.nonguix"
|
|
|
|
"--disable-official-branding"
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; Features
|
|
|
|
"--disable-tests"
|
|
|
|
"--disable-updater"
|
|
|
|
"--enable-pulseaudio"
|
|
|
|
"--disable-crashreporter"
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; Build details
|
|
|
|
"--disable-debug"
|
|
|
|
"--enable-rust-simd"
|
|
|
|
"--enable-release"
|
|
|
|
"--enable-optimize"
|
|
|
|
"--enable-strip"
|
|
|
|
"--disable-elf-hack"))
|
|
|
|
#:imported-modules %cargo-utils-modules
|
|
|
|
#:modules `((ice-9 regex)
|
2023-10-07 21:05:59 +02:00
|
|
|
(ice-9 string-fun)
|
2020-07-20 09:04:53 +02:00
|
|
|
(ice-9 ftw)
|
2022-11-06 18:49:51 +01:00
|
|
|
(srfi srfi-1)
|
2020-07-20 09:04:53 +02:00
|
|
|
(srfi srfi-26)
|
2022-11-06 18:49:51 +01:00
|
|
|
(rnrs bytevectors)
|
|
|
|
(rnrs io ports)
|
|
|
|
(guix elf)
|
|
|
|
(guix build gremlin)
|
2020-07-20 09:04:53 +02:00
|
|
|
,@%gnu-build-system-modules)
|
2022-02-13 18:04:22 +01:00
|
|
|
#:phases
|
|
|
|
#~(modify-phases %standard-phases
|
|
|
|
(add-after 'unpack 'fix-preferences
|
|
|
|
(lambda* (#:key inputs #:allow-other-keys)
|
|
|
|
(let ((port (open-file "browser/app/profile/firefox.js" "a")))
|
|
|
|
(define (write-setting key value)
|
|
|
|
(format port "~%pref(\"~a\", ~a);~%"
|
|
|
|
key value)
|
|
|
|
(format #t "fix-preferences: setting value of ~a to ~a~%"
|
|
|
|
key value))
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; We should allow Firefox sandbox to read the store directory,
|
|
|
|
;; because Firefox sandbox have access to /usr on FHS distros.
|
|
|
|
(write-setting "security.sandbox.content.read_path_whitelist"
|
|
|
|
(string-append "\"" (%store-directory) "/\""))
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; XDG settings should be managed by Guix.
|
|
|
|
(write-setting "browser.shell.checkDefaultBrowser" "false")
|
|
|
|
(close-port port))))
|
|
|
|
(add-after 'fix-preferences 'fix-ffmpeg-runtime-linker
|
|
|
|
(lambda* (#:key inputs #:allow-other-keys)
|
|
|
|
(let* ((ffmpeg (assoc-ref inputs "ffmpeg"))
|
|
|
|
(libavcodec (string-append ffmpeg "/lib/libavcodec.so")))
|
|
|
|
;; Arrange to load libavcodec.so by its absolute file name.
|
|
|
|
(substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
|
|
|
|
(("libavcodec\\.so")
|
|
|
|
libavcodec)))))
|
|
|
|
(add-after 'patch-source-shebangs 'patch-cargo-checksums
|
|
|
|
(lambda _
|
|
|
|
(use-modules (guix build cargo-utils))
|
|
|
|
(let ((null-hash
|
|
|
|
;; This is the SHA256 output of an empty string.
|
|
|
|
"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"))
|
|
|
|
(for-each
|
|
|
|
(lambda (file)
|
|
|
|
(format #t "patch-cargo-checksums: patching checksums in ~a~%"
|
|
|
|
file)
|
|
|
|
(substitute* file
|
|
|
|
(("(checksum = )\".*\"" all name)
|
|
|
|
(string-append name "\"" null-hash "\""))))
|
|
|
|
(find-files "." "Cargo\\.lock$"))
|
|
|
|
(for-each generate-all-checksums
|
|
|
|
'("build"
|
|
|
|
"dom/media"
|
|
|
|
"dom/webauthn"
|
|
|
|
"gfx"
|
|
|
|
"intl"
|
|
|
|
"js"
|
|
|
|
"media"
|
|
|
|
"modules"
|
|
|
|
"mozglue/static/rust"
|
|
|
|
"netwerk"
|
|
|
|
"remote"
|
|
|
|
"security/manager/ssl"
|
|
|
|
"servo"
|
|
|
|
"storage"
|
|
|
|
"third_party/rust"
|
|
|
|
"toolkit"
|
|
|
|
"xpcom/rust"
|
|
|
|
"services")))))
|
|
|
|
(add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
|
|
|
|
(lambda _
|
|
|
|
;; Remove --frozen flag from cargo invokation, otherwise it'll
|
|
|
|
;; complain that it's not able to change Cargo.lock.
|
|
|
|
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
|
|
|
|
(substitute* "build/RunCbindgen.py"
|
|
|
|
(("\"--frozen\",") ""))))
|
|
|
|
(delete 'bootstrap)
|
2023-10-07 21:05:59 +02:00
|
|
|
(add-before 'configure 'patch-SpeechDispatcherService.cpp
|
|
|
|
(lambda _
|
|
|
|
(let* ((lib "libspeechd.so.2")
|
|
|
|
(file "dom/media/webspeech/synth/speechd/SpeechDispatcherService.cpp")
|
|
|
|
(old-content (call-with-input-file file get-string-all)))
|
|
|
|
(substitute
|
|
|
|
file
|
|
|
|
`((,(format #f "~s" lib)
|
2024-01-18 15:05:07 +01:00
|
|
|
. ,(lambda (line _)
|
2023-10-07 21:05:59 +02:00
|
|
|
(string-replace-substring
|
|
|
|
line
|
|
|
|
lib
|
|
|
|
(string-append #$speech-dispatcher "/lib/" lib))))))
|
|
|
|
(if (string=? old-content
|
|
|
|
(call-with-input-file file get-string-all))
|
|
|
|
(error "substitute did nothing, phase requires an update")))))
|
2022-08-10 06:06:22 +02:00
|
|
|
(add-before 'configure 'set-build-id
|
|
|
|
;; Firefox will write the timestamp to output, which is harmful
|
|
|
|
;; for reproducibility, so change it to a fixed date. Use a
|
|
|
|
;; separate phase for easier modification with inherit.
|
|
|
|
(lambda _
|
|
|
|
(setenv "MOZ_BUILD_DATE" #$%firefox-esr-build-id)))
|
2022-02-13 18:04:22 +01:00
|
|
|
(replace 'configure
|
|
|
|
(lambda* (#:key inputs outputs configure-flags #:allow-other-keys)
|
|
|
|
(setenv "AUTOCONF" (string-append (assoc-ref inputs "autoconf")
|
|
|
|
"/bin/autoconf"))
|
|
|
|
(setenv "SHELL" (which "bash"))
|
|
|
|
(setenv "CONFIG_SHELL" (which "bash"))
|
2022-08-10 06:06:22 +02:00
|
|
|
(setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE" "system")
|
|
|
|
;; This should use the host info probably (does firefox build on
|
|
|
|
;; non-x86_64 though?)
|
|
|
|
(setenv "GUIX_PYTHONPATH"
|
|
|
|
(string-append (getcwd)
|
|
|
|
"/obj-x86_64-pc-linux-gnu/_virtualenvs/build"))
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; Use Clang, Clang is 2x faster than GCC
|
|
|
|
(setenv "AR" "llvm-ar")
|
|
|
|
(setenv "NM" "llvm-nm")
|
|
|
|
(setenv "CC" "clang")
|
|
|
|
(setenv "CXX" "clang++")
|
|
|
|
(setenv "WASM_CC"
|
|
|
|
(string-append
|
|
|
|
(assoc-ref inputs "wasm32-wasi-clang-toolchain")
|
|
|
|
"/bin/clang"))
|
|
|
|
(setenv "WASM_CXX"
|
|
|
|
(string-append
|
|
|
|
(assoc-ref inputs "wasm32-wasi-clang-toolchain")
|
|
|
|
"/bin/clang++"))
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
(setenv "MOZ_NOSPAM" "1")
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
(setenv "MOZBUILD_STATE_PATH" (getcwd))
|
2021-10-18 20:45:20 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
(let* ((mozconfig (string-append (getcwd) "/mozconfig"))
|
|
|
|
(out (assoc-ref outputs "out"))
|
|
|
|
(flags (cons (string-append "--prefix=" out)
|
|
|
|
configure-flags)))
|
|
|
|
(format #t "build directory: ~s~%" (getcwd))
|
|
|
|
(format #t "configure flags: ~s~%" flags)
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
(define write-flags
|
|
|
|
(lambda flags
|
|
|
|
(display (string-join
|
|
|
|
(map (cut string-append "ac_add_options " <>)
|
|
|
|
flags)
|
|
|
|
"\n"))
|
|
|
|
(display "\n")))
|
|
|
|
(with-output-to-file mozconfig
|
|
|
|
(lambda ()
|
|
|
|
(apply write-flags flags)
|
|
|
|
;; The following option unsets Telemetry Reporting. With the Addons Fiasco,
|
|
|
|
;; Mozilla was found to be collecting user's data, including saved passwords and
|
|
|
|
;; web form data, without users consent. Mozilla was also found shipping updates
|
|
|
|
;; to systems without the user's knowledge or permission.
|
|
|
|
;; As a result of this, use the following command to permanently disable
|
|
|
|
;; telemetry reporting in Firefox.
|
|
|
|
(display "unset MOZ_TELEMETRY_REPORTING\n")))
|
|
|
|
(setenv "MOZCONFIG" mozconfig))
|
|
|
|
(invoke "./mach" "configure")))
|
|
|
|
(replace 'build
|
|
|
|
(lambda* (#:key (make-flags '()) (parallel-build? #t)
|
|
|
|
#:allow-other-keys)
|
|
|
|
(apply invoke "./mach" "build"
|
|
|
|
;; mach will use parallel build if possible by default
|
|
|
|
`(,@(if parallel-build?
|
|
|
|
'()
|
|
|
|
'("-j1"))
|
|
|
|
,@make-flags))))
|
|
|
|
(add-after 'build 'neutralise-store-references
|
|
|
|
(lambda _
|
|
|
|
;; Mangle the store references to compilers & other build tools in
|
|
|
|
;; about:buildconfig, reducing Firefox's closure by 1 GiB on x86-64.
|
|
|
|
(let* ((build-dir (car (scandir "." (cut string-prefix? "obj-" <>))))
|
|
|
|
(file (string-append build-dir "/dist/bin/chrome/toolkit/content/global/buildconfig.html")))
|
|
|
|
(substitute* file
|
|
|
|
(((format #f "(~a/)([0-9a-df-np-sv-z]{32})"
|
|
|
|
(regexp-quote (%store-directory)))
|
|
|
|
_ store hash)
|
|
|
|
(string-append store
|
|
|
|
(string-take hash 8)
|
|
|
|
"<!-- Guix: not a runtime dependency -->"
|
|
|
|
(string-drop hash 8)))))))
|
|
|
|
(replace 'install
|
|
|
|
(lambda _ (invoke "./mach" "install")))
|
|
|
|
(add-after 'install 'wrap-program
|
|
|
|
(lambda* (#:key inputs outputs #:allow-other-keys)
|
2022-11-06 18:49:51 +01:00
|
|
|
;; The following two functions are from Guix's icecat package in
|
|
|
|
;; (gnu packages gnuzilla). See commit
|
|
|
|
;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b.
|
|
|
|
(define (runpath-of lib)
|
|
|
|
(call-with-input-file lib
|
|
|
|
(compose elf-dynamic-info-runpath
|
|
|
|
elf-dynamic-info
|
|
|
|
parse-elf
|
|
|
|
get-bytevector-all)))
|
|
|
|
(define (runpaths-of-input label)
|
|
|
|
(let* ((dir (string-append (assoc-ref inputs label) "/lib"))
|
|
|
|
(libs (find-files dir "\\.so$")))
|
|
|
|
(append-map runpath-of libs)))
|
2022-02-13 18:04:22 +01:00
|
|
|
(let* ((out (assoc-ref outputs "out"))
|
|
|
|
(lib (string-append out "/lib"))
|
2022-02-26 22:48:38 +01:00
|
|
|
;; TODO: make me a loop again
|
|
|
|
(mesa-lib (string-append (assoc-ref inputs "mesa") "/lib"))
|
|
|
|
;; For the integration of native notifications
|
|
|
|
(libnotify-lib (string-append (assoc-ref inputs "libnotify")
|
|
|
|
"/lib"))
|
|
|
|
;; For hardware video acceleration via VA-API
|
|
|
|
(libva-lib (string-append (assoc-ref inputs "libva")
|
|
|
|
"/lib"))
|
2022-11-06 18:49:51 +01:00
|
|
|
;; VA-API is run in the RDD (Remote Data Decoder) sandbox
|
|
|
|
;; and must be explicitly given access to files it needs.
|
|
|
|
;; Rather than adding the whole store (as Nix had
|
|
|
|
;; upstream do, see
|
|
|
|
;; <https://github.com/NixOS/nixpkgs/pull/165964> and
|
|
|
|
;; linked upstream patches), we can just follow the
|
|
|
|
;; runpaths of the needed libraries to add everything to
|
|
|
|
;; LD_LIBRARY_PATH. These will then be accessible in the
|
|
|
|
;; RDD sandbox.
|
|
|
|
(rdd-whitelist
|
|
|
|
(map (cut string-append <> "/")
|
|
|
|
(delete-duplicates
|
|
|
|
(append-map runpaths-of-input
|
|
|
|
'("mesa" "ffmpeg")))))
|
2022-02-26 22:48:38 +01:00
|
|
|
(pulseaudio-lib (string-append (assoc-ref inputs "pulseaudio")
|
|
|
|
"/lib"))
|
|
|
|
;; For U2F and WebAuthn
|
|
|
|
(eudev-lib (string-append (assoc-ref inputs "eudev") "/lib"))
|
2022-02-13 18:04:22 +01:00
|
|
|
(gtk-share (string-append (assoc-ref inputs "gtk+")
|
|
|
|
"/share")))
|
|
|
|
(wrap-program (car (find-files lib "^firefox$"))
|
2022-02-26 22:48:38 +01:00
|
|
|
`("LD_LIBRARY_PATH" prefix (,mesa-lib ,libnotify-lib ,libva-lib
|
2022-11-06 18:49:51 +01:00
|
|
|
,pulseaudio-lib ,eudev-lib ,@rdd-whitelist))
|
2022-02-13 18:04:22 +01:00
|
|
|
`("XDG_DATA_DIRS" prefix (,gtk-share))
|
|
|
|
`("MOZ_LEGACY_PROFILES" = ("1"))
|
|
|
|
`("MOZ_ALLOW_DOWNGRADE" = ("1"))))))
|
|
|
|
(add-after 'wrap-program 'install-desktop-entry
|
|
|
|
(lambda* (#:key outputs #:allow-other-keys)
|
|
|
|
(let* ((desktop-file "taskcluster/docker/firefox-snap/firefox.desktop")
|
|
|
|
(applications (string-append #$output "/share/applications")))
|
|
|
|
(substitute* desktop-file
|
|
|
|
(("^Exec=firefox") (string-append "Exec=" #$output "/bin/firefox"))
|
|
|
|
(("Icon=.*") "Icon=firefox\n")
|
|
|
|
(("NewWindow") "new-window")
|
|
|
|
(("NewPrivateWindow") "new-private-window")
|
|
|
|
(("StartupNotify=true")
|
|
|
|
"StartupNotify=true\nStartupWMClass=Navigator"))
|
|
|
|
(install-file desktop-file applications))))
|
|
|
|
(add-after 'install-desktop-entry 'install-icons
|
|
|
|
(lambda* (#:key outputs #:allow-other-keys)
|
|
|
|
(let ((icon-source-dir
|
2020-07-20 09:04:53 +02:00
|
|
|
(string-append
|
2022-02-13 18:04:22 +01:00
|
|
|
#$output "/lib/firefox/browser/chrome/icons/default")))
|
|
|
|
(for-each
|
|
|
|
(lambda (size)
|
|
|
|
(let ((dest (string-append #$output "/share/icons/hicolor/"
|
|
|
|
size "x" size "/apps")))
|
|
|
|
(mkdir-p dest)
|
|
|
|
(symlink (string-append icon-source-dir
|
|
|
|
"/default" size ".png")
|
|
|
|
(string-append dest "/firefox.png"))))
|
|
|
|
'("16" "32" "48" "64" "128"))))))
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; Test will significantly increase build time but with little rewards.
|
|
|
|
#:tests? #f
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; WARNING: Parallel build will consume lots of memory!
|
|
|
|
;; If you have encountered OOM issue in build phase, try disable it.
|
|
|
|
;; #:parallel-build? #f
|
2020-07-20 09:04:53 +02:00
|
|
|
|
2022-02-13 18:04:22 +01:00
|
|
|
;; Some dynamic lib was determined at runtime, so rpath check may fail.
|
|
|
|
#:validate-runpath? #f))
|
2020-07-20 09:04:53 +02:00
|
|
|
(inputs
|
2022-02-26 22:48:38 +01:00
|
|
|
(list
|
|
|
|
bzip2
|
|
|
|
cairo
|
|
|
|
cups
|
|
|
|
dbus-glib
|
|
|
|
freetype
|
|
|
|
ffmpeg
|
|
|
|
gdk-pixbuf
|
|
|
|
glib
|
|
|
|
gtk+
|
|
|
|
gtk+-2
|
|
|
|
hunspell
|
2023-08-16 21:34:59 +02:00
|
|
|
icu4c-73
|
2022-02-26 22:48:38 +01:00
|
|
|
jemalloc
|
|
|
|
libcanberra
|
|
|
|
libevent
|
|
|
|
libffi
|
|
|
|
libgnome
|
|
|
|
libjpeg-turbo
|
|
|
|
libnotify
|
|
|
|
;; libpng-apng
|
|
|
|
libva
|
|
|
|
libvpx
|
|
|
|
libxcomposite
|
|
|
|
libxft
|
|
|
|
libxinerama
|
|
|
|
libxscrnsaver
|
|
|
|
libxt
|
|
|
|
mesa
|
|
|
|
mit-krb5
|
2022-07-03 01:33:05 +02:00
|
|
|
nspr-4.32
|
2022-02-26 22:48:38 +01:00
|
|
|
;; nss
|
|
|
|
pango
|
2022-08-13 16:58:34 +02:00
|
|
|
pipewire
|
2022-02-26 22:48:38 +01:00
|
|
|
pixman
|
|
|
|
pulseaudio
|
2023-10-07 21:05:59 +02:00
|
|
|
speech-dispatcher
|
2022-02-26 22:48:38 +01:00
|
|
|
sqlite
|
2023-10-07 21:05:59 +02:00
|
|
|
startup-notification
|
2022-02-26 22:48:38 +01:00
|
|
|
eudev
|
|
|
|
unzip
|
|
|
|
zip
|
|
|
|
zlib))
|
2020-07-20 09:04:53 +02:00
|
|
|
(native-inputs
|
2022-02-26 22:48:38 +01:00
|
|
|
(list
|
|
|
|
alsa-lib
|
|
|
|
autoconf-2.13
|
2022-09-22 22:50:11 +02:00
|
|
|
`(,rust-firefox-esr "cargo")
|
2022-10-21 17:07:00 +02:00
|
|
|
clang
|
|
|
|
llvm
|
2022-02-26 22:48:38 +01:00
|
|
|
wasm32-wasi-clang-toolchain
|
|
|
|
m4
|
|
|
|
nasm
|
2023-08-16 21:34:59 +02:00
|
|
|
node-lts
|
2022-02-26 22:48:38 +01:00
|
|
|
perl
|
|
|
|
pkg-config
|
|
|
|
python
|
2022-09-22 22:50:11 +02:00
|
|
|
rust-firefox-esr
|
2023-08-16 21:34:59 +02:00
|
|
|
rust-cbindgen-0.24
|
2022-02-26 22:48:38 +01:00
|
|
|
which
|
|
|
|
yasm))
|
2020-07-20 09:04:53 +02:00
|
|
|
(home-page "https://mozilla.org/firefox/")
|
|
|
|
(synopsis "Trademarkless version of Firefox")
|
|
|
|
(description
|
|
|
|
"Full-featured browser client built from Firefox source tree, without
|
2022-08-10 06:06:22 +02:00
|
|
|
the official icon and the name \"firefox\". This is the Extended Support
|
|
|
|
Release (ESR) version.")
|
2020-07-20 09:04:53 +02:00
|
|
|
(license license:mpl2.0)))
|
2020-11-01 19:21:00 +01:00
|
|
|
|
2022-08-10 06:06:22 +02:00
|
|
|
(define-public firefox-esr/wayland
|
|
|
|
(package
|
|
|
|
(inherit firefox-esr)
|
|
|
|
(name "firefox-esr-wayland")
|
|
|
|
(native-inputs '())
|
|
|
|
(inputs
|
|
|
|
`(("bash" ,bash-minimal)
|
|
|
|
("firefox-esr" ,firefox-esr)))
|
|
|
|
(build-system trivial-build-system)
|
|
|
|
(arguments
|
|
|
|
'(#:modules ((guix build utils))
|
|
|
|
#:builder
|
|
|
|
(begin
|
|
|
|
(use-modules (guix build utils))
|
|
|
|
(let* ((bash (assoc-ref %build-inputs "bash"))
|
|
|
|
(firefox (assoc-ref %build-inputs "firefox-esr"))
|
|
|
|
(out (assoc-ref %outputs "out"))
|
|
|
|
(exe (string-append out "/bin/firefox")))
|
|
|
|
(mkdir-p (dirname exe))
|
|
|
|
|
|
|
|
(call-with-output-file exe
|
|
|
|
(lambda (port)
|
|
|
|
(format port "#!~a
|
|
|
|
MOZ_ENABLE_WAYLAND=1 exec ~a $@\n"
|
|
|
|
(string-append bash "/bin/bash")
|
|
|
|
(string-append firefox "/bin/firefox"))))
|
|
|
|
(chmod exe #o555)
|
|
|
|
|
|
|
|
;; Provide the manual and .desktop file.
|
|
|
|
(copy-recursively (string-append firefox "/share")
|
|
|
|
(string-append out "/share"))
|
|
|
|
(substitute* (string-append
|
|
|
|
out "/share/applications/firefox.desktop")
|
|
|
|
((firefox) out))
|
|
|
|
#t))))))
|
|
|
|
|
2023-08-31 15:58:55 +02:00
|
|
|
;; Update this id with every firefox update to its release date.
|
|
|
|
;; It's used for cache validation and therefore can lead to strange bugs.
|
nongnu: firefox: Update to 124.0 [security fixes].
Fixes CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611,
CVE-2024-2612, CVE-2024-2613, CVE-2024-2614, CVE-2024-2615.
* nongnu/packages/mozilla.scm (firefox): Update to 124.0.
[arguments]<#:phases>{'remove-cargo-frozen-flag}: New phase.
(firefox-wayland): Wrap comment.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
2024-03-19 15:49:03 +01:00
|
|
|
(define %firefox-build-id "20240318140215")
|
2022-08-10 06:06:22 +02:00
|
|
|
|
|
|
|
(define-public firefox
|
|
|
|
(package
|
|
|
|
(inherit firefox-esr)
|
|
|
|
(name "firefox")
|
nongnu: firefox: Update to 124.0 [security fixes].
Fixes CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611,
CVE-2024-2612, CVE-2024-2613, CVE-2024-2614, CVE-2024-2615.
* nongnu/packages/mozilla.scm (firefox): Update to 124.0.
[arguments]<#:phases>{'remove-cargo-frozen-flag}: New phase.
(firefox-wayland): Wrap comment.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
2024-03-19 15:49:03 +01:00
|
|
|
(version "124.0")
|
2022-08-10 06:06:22 +02:00
|
|
|
(source
|
|
|
|
(origin
|
|
|
|
(method url-fetch)
|
|
|
|
(uri (string-append "https://archive.mozilla.org/pub/firefox/releases/"
|
|
|
|
version "/source/firefox-" version ".source.tar.xz"))
|
|
|
|
(sha256
|
nongnu: firefox: Update to 124.0 [security fixes].
Fixes CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611,
CVE-2024-2612, CVE-2024-2613, CVE-2024-2614, CVE-2024-2615.
* nongnu/packages/mozilla.scm (firefox): Update to 124.0.
[arguments]<#:phases>{'remove-cargo-frozen-flag}: New phase.
(firefox-wayland): Wrap comment.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
2024-03-19 15:49:03 +01:00
|
|
|
(base32 "1n692gfy61j4f3y81lyk16nm5gs8x84szadlrp70in1s28si4nil"))))
|
2022-08-10 06:06:22 +02:00
|
|
|
(arguments
|
|
|
|
(substitute-keyword-arguments (package-arguments firefox-esr)
|
|
|
|
((#:phases phases)
|
|
|
|
#~(modify-phases #$phases
|
|
|
|
(replace 'set-build-id
|
|
|
|
(lambda _
|
nongnu: firefox: Update to 124.0 [security fixes].
Fixes CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611,
CVE-2024-2612, CVE-2024-2613, CVE-2024-2614, CVE-2024-2615.
* nongnu/packages/mozilla.scm (firefox): Update to 124.0.
[arguments]<#:phases>{'remove-cargo-frozen-flag}: New phase.
(firefox-wayland): Wrap comment.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
2024-03-19 15:49:03 +01:00
|
|
|
(setenv "MOZ_BUILD_DATE" #$%firefox-build-id)))
|
|
|
|
(replace 'remove-cargo-frozen-flag
|
|
|
|
(lambda _
|
|
|
|
;; Remove --frozen flag from cargo invokation, otherwise it'll
|
|
|
|
;; complain that it's not able to change Cargo.lock.
|
|
|
|
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
|
|
|
|
(substitute* "build/RunCbindgen.py"
|
|
|
|
(("args.append\\(\"--frozen\"\\)") "pass"))))))))
|
2022-08-10 06:06:22 +02:00
|
|
|
(native-inputs
|
|
|
|
(modify-inputs (package-native-inputs firefox-esr)
|
2022-09-22 22:52:58 +02:00
|
|
|
(replace "rust" rust-firefox)
|
nongnu: firefox: Update to 119.0 [security fixes].
Fixes CVE-2023-5721, CVE-2023-5722, CVE-2023-5723, CVE-2023-5724,
CVE-2023-5725, CVE-2023-5726, CVE-2023-5727, CVE-2023-5728,
CVE-2023-5729, CVE-2023-5730, CVE-2023-5731.
* nongnu/packages/mozilla.scm (firefox): Update to 119.0.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
2023-10-26 19:02:02 +02:00
|
|
|
(replace "rust:cargo" `(,rust-firefox "cargo"))
|
|
|
|
(replace "rust-cbindgen" rust-cbindgen-0.26)))
|
2022-08-10 06:06:22 +02:00
|
|
|
(description
|
|
|
|
"Full-featured browser client built from Firefox source tree, without
|
|
|
|
the official icon and the name \"firefox\".")))
|
|
|
|
|
nongnu: firefox: Update to 124.0 [security fixes].
Fixes CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611,
CVE-2024-2612, CVE-2024-2613, CVE-2024-2614, CVE-2024-2615.
* nongnu/packages/mozilla.scm (firefox): Update to 124.0.
[arguments]<#:phases>{'remove-cargo-frozen-flag}: New phase.
(firefox-wayland): Wrap comment.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
2024-03-19 15:49:03 +01:00
|
|
|
;; As of Firefox 121.0, Firefox uses Wayland by default. This means we no
|
|
|
|
;; longer need a seperate package for Firefox on Wayland.
|
2023-12-21 15:01:35 +01:00
|
|
|
(define-public firefox-wayland
|
|
|
|
(deprecated-package "firefox-wayland" firefox))
|