blob: 54fc7d0ce26d0866e47e1c91fe6c74f4a4b2f73d (
plain) (
tree)
|
|
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=firefox-esr
pkgver=78.1.0
# Date of release, YY-MM-DD for metainfo file (see package())
_releasedate=2020-07-08
pkgrel=1
pkgdesc="Firefox web browser - Extended Support Release"
url="https://www.mozilla.org/en-US/firefox/organizations/"
# Limited on:
# s390x, mips, mips64: limited by rust and cargo
# armhf: build failure on armhf due to wasm
# ppc64le: Rust SIGSEGVs when compiling gkrust
arch="all !s390x !armhf !mips !mips64 !ppc64le"
license="GPL-3.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND MPL-2.0"
makedepends="
alsa-lib-dev
autoconf2.13
automake
bsd-compat-headers
cargo
cbindgen>=0.14.1
clang-dev
dbus-glib-dev
ffmpeg-dev
gtk+2.0-dev
gtk+3.0-dev
hunspell-dev
icu-dev>=64.2
libevent-dev
libidl-dev
libjpeg-turbo-dev
libnotify-dev
libogg-dev
libtheora-dev
libtool
libvorbis-dev
libvpx-dev
libxt-dev
libxcomposite-dev
llvm-dev
mesa-dev
nasm
nodejs
nspr-dev
nss-dev>=3.54
nss-static
python3
sed
wireless-tools-dev
yasm
zip
pulseaudio-dev
libffi-dev
libwebp-dev
pipewire-dev
gettext
"
source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox-${pkgver}esr.source.tar.xz
stab.h
fix-fortify-system-wrappers.patch
fix-tools.patch
mallinfo.patch
disable-moz-stackwalk.patch
fix-rust-target.patch
fix-webrtc-glibcisms.patch
fd6847c9416f9eebde636e21d794d25d1be8791d.patch
allow-custom-rust-vendor.patch
firefox.desktop
firefox-safe.desktop
remove-faulty-libvpx-check.patch
disable-neon-in-aom.patch
sandbox-fork.patch
sandbox-sched_setscheduler.patch
firefox-pipewire-0-3.patch
fix-rustc-1.45-build.patch
"
subpackages="$pkgname-npapi"
builddir="$srcdir/firefox-$pkgver"
_mozappdir=/usr/lib/firefox
# help our shared-object scanner to find the libs
ldpath="$_mozappdir"
# secfixes:
# 78.1.0-r0:
# - CVE-2020-15652
# - CVE-2020-15653
# - CVE-2020-15654
# - CVE-2020-15655
# - CVE-2020-15656
# - CVE-2020-15657
# - CVE-2020-15658
# - CVE-2020-15659
# - CVE-2020-6463
# - CVE-2020-6514
# 68.10.0-r0:
# - CVE-2020-12417
# - CVE-2020-12418
# - CVE-2020-12419
# - CVE-2020-12420
# - CVE-2020-12421
# 68.9.0-r0:
# - CVE-2020-12399
# - CVE-2020-12405
# - CVE-2020-12406
# - CVE-2020-12410
# 68.8.0-r0:
# - CVE-2020-12387
# - CVE-2020-12388
# - CVE-2020-12389
# - CVE-2020-12392
# - CVE-2020-12393
# - CVE-2020-12395
# - CVE-2020-6831
# 68.7.0-r0:
# - CVE-2020-6821
# - CVE-2020-6822
# - CVE-2020-6825
# 68.6.1-r0:
# - CVE-2020-6819
# - CVE-2020-6820
# 68.6.0-r0:
# - CVE-2019-20503
# - CVE-2020-6805
# - CVE-2020-6806
# - CVE-2020-6807
# - CVE-2020-6811
# - CVE-2020-6812
# - CVE-2020-6814
# 68.5.0-r0:
# - CVE-2020-6796
# - CVE-2020-6797
# - CVE-2020-6798
# - CVE-2020-6799
# - CVE-2020-6800
# 68.4.1-r0:
# - CVE-2019-17016
# - CVE-2019-17022
# - CVE-2019-17024
# - CVE-2019-17026
# 68.3.0-r0:
# - CVE-2019-17005
# - CVE-2019-17008
# - CVE-2019-17009
# - CVE-2019-17010
# - CVE-2019-17011
# - CVE-2019-17012
# 68.2.0-r0:
# - CVE-2019-11757
# - CVE-2019-11758
# - CVE-2019-11759
# - CVE-2019-11760
# - CVE-2019-11761
# - CVE-2019-11762
# - CVE-2019-11763
# - CVE-2019-11764
# - CVE-2019-15903
# 68.1.0-r0:
# - CVE-2019-9812
# - CVE-2019-11740
# - CVE-2019-11742
# - CVE-2019-11743
# - CVE-2019-11744
# - CVE-2019-11746
# - CVE-2019-11752
# 68.0.2-r0:
# - CVE-2019-11733
# 68.0-r0:
# - CVE-2019-11709
# - CVE-2019-11711
# - CVE-2019-11712
# - CVE-2019-11713
# - CVE-2019-11715
# - CVE-2019-11717
# - CVE-2019-11719
# - CVE-2019-11729
# - CVE-2019-11730
# - CVE-2019-9811
# 60.7.2-r0:
# - CVE-2019-11708
# 60.7.1-r0:
# - CVE-2019-11707
# 60.7.0-r0:
# - CVE-2019-9815
# - CVE-2019-9816
# - CVE-2019-9817
# - CVE-2019-9818
# - CVE-2019-9819
# - CVE-2019-9820
# - CVE-2019-11691
# - CVE-2019-11692
# - CVE-2019-11693
# - CVE-2019-7317
# - CVE-2019-9797
# - CVE-2018-18511
# - CVE-2019-11694
# - CVE-2019-11698
# - CVE-2019-5798
# - CVE-2019-9800
# 60.6.1-r0:
# - CVE-2019-9810
# - CVE-2019-9813
# - CVE-2019-9790
# - CVE-2019-9791
# - CVE-2019-9792
# - CVE-2019-9793
# - CVE-2019-9794
# - CVE-2019-9795
# - CVE-2019-9796
# - CVE-2019-9801
# - CVE-2018-18506
# - CVE-2019-9788
# 60.5.2-r0:
# - CVE-2019-5785
# - CVE-2018-18335
# - CVE-2018-18356
# 60.5.0-r0:
# - CVE-2018-18500
# - CVE-2018-18505
# - CVE-2018-18501
# 52.6.0-r0:
# - CVE-2018-5089
# - CVE-2018-5091
# - CVE-2018-5095
# - CVE-2018-5096
# - CVE-2018-5097
# - CVE-2018-5098
# - CVE-2018-5099
# - CVE-2018-5102
# - CVE-2018-5103
# - CVE-2018-5104
# - CVE-2018-5117
# 52.5.2-r0:
# - CVE-2017-7843
# - CVE-2017-7843
# we need this because cargo verifies checksums of all files in vendor
# crates when it builds and gives us no way to override or update the
# file sanely... so just clear out the file list
_clear_vendor_checksums() {
sed -i 's/\("files":{\)[^}]*/\1/' third_party/rust/$1/.cargo-checksum.json
}
prepare() {
default_prepare
cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/
_clear_vendor_checksums audio_thread_priority
_clear_vendor_checksums target-lexicon-0.9.0
}
build() {
mkdir -p "$builddir"/objdir
cd "$builddir"/objdir
export SHELL=/bin/sh
export BUILD_OFFICIAL=1
export MOZILLA_OFFICIAL=1
export USE_SHORT_LIBNAME=1
# Find our triplet JSON
export RUST_TARGET="$CTARGET"
# set rpath so linker finds the libs
export LDFLAGS="$LDFLAGS -Wl,-rpath,$_mozappdir"
case "$CARCH" in
arm*|x86*)
# disable-elf-hack: exists only on arm, x86, x86_64
_arch_config="--disable-elf-hack"
;;
esac
# FF doesn't have SIMD available on these arches.
case "$CARCH" in
armhf|armv7)
_rust_simd="--disable-rust-simd"
_low_mem_flags="--disable-debug-symbols --disable-debug"
export RUSTFLAGS="$RUSTFLAGS -C debuginfo=0"
;;
x86)
_low_mem_flags="--disable-debug-symbols --disable-debug"
export RUSTFLAGS="$RUSTFLAGS -C debuginfo=0"
;;
*) _rust_simd="--enable-rust-simd" ;;
esac
../configure \
--prefix=/usr \
$_arch_config \
--disable-crashreporter \
--disable-gold \
--disable-install-strip \
--disable-jemalloc \
--disable-profiling \
--enable-pulseaudio \
--disable-strip \
--disable-tests \
--disable-updater \
--enable-alsa \
--enable-default-toolkit=cairo-gtk3-wayland \
--enable-official-branding \
--enable-optimize="$CFLAGS -O2" \
--enable-system-ffi \
--enable-ffmpeg \
--enable-smoosh \
$_rust_simd \
$_low_mem_flags \
--enable-hardening \
--enable-system-pixman \
--with-system-ffi \
--with-system-icu \
--with-system-libevent \
--with-system-nspr \
--with-system-nss \
--with-system-pixman \
--with-system-png \
--with-system-zlib \
--with-system-libvpx \
--with-system-webp \
--with-system-jpeg \
--with-clang-path=/usr/bin/clang \
--with-libclang-path=/usr/lib \
--enable-cdp
make
}
package() {
cd "$builddir"/objdir
make install \
DESTDIR="$pkgdir" \
MOZ_MAKE_FLAGS="$MAKEOPTS"
install -m755 -d "$pkgdir"/usr/share/applications
install -m755 -d "$pkgdir"/usr/share/pixmaps
local _png
for _png in ../browser/branding/official/default*.png; do
local i=${_png%.png}
i=${i##*/default}
install -D -m644 "$_png" "$pkgdir"/usr/share/icons/hicolor/"$i"x"$i"/apps/firefox.png
done
install -m644 "$builddir"/browser/branding/official/default48.png \
"$pkgdir"/usr/share/pixmaps/firefox.png
install -m644 "$srcdir"/firefox.desktop "$pkgdir"/usr/share/applications/org.mozilla.firefox.desktop
install -m644 "$srcdir"/firefox-safe.desktop "$pkgdir"/usr/share/applications/org.mozilla.firefox-safe.desktop
# Add StartupWMClass=firefox on the .desktop files so Desktop Environments
# correctly associate the window with their icon, the correct fix is to have
# firefox sets its own AppID but this will work for the meantime
# See: https://bugzilla.mozilla.org/show_bug.cgi?id=1607399
echo "StartupWMClass=firefox" >> "$pkgdir"/usr/share/applications/org.mozilla.firefox.desktop
echo "StartupWMClass=firefox" >> "$pkgdir"/usr/share/applications/org.mozilla.firefox-safe.desktop
# install our vendor prefs
install -d "$pkgdir"/$_mozappdir/browser/defaults/preferences
cat >> "$pkgdir"/$_mozappdir/browser/defaults/preferences/firefox-branding.js <<- EOF
// Use LANG environment variable to choose locale
pref("intl.locale.requested", "");
// Disable default browser checking.
pref("browser.shell.checkDefaultBrowser", false);
// Don't disable our bundled extensions in the application directory
pref("extensions.autoDisableScopes", 11);
pref("extensions.shownSelectionUI", true);
EOF
# Generate appdata file
mkdir "$pkgdir"/usr/share/metainfo/
export VERSION="$pkgver"
export DATE="$_releasedate"
cat "$builddir"/taskcluster/docker/firefox-flatpak/org.mozilla.firefox.appdata.xml.in | envsubst > "$pkgdir"/usr/share/metainfo/org.mozilla.firefox.appdata.xml
}
npapi() {
pkgdesc="$pkgdesc: GTK+ 2 support for NPAPI plugins"
install_if="adobe-flashplayer"
amove usr/lib/firefox/gtk2
}
sha512sums="4ab1b0d6ce41e51f5430c4ec1f5ddc5db41e4d3fe66a50132d77208ce48d1981f0748299900ec1a1b900aa62b42ad041e0d20b232608e17ee8b7b5dc269d3d84 firefox-78.1.0esr.source.tar.xz
0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127 stab.h
2f4f15974d52de4bb273b62a332d13620945d284bbc6fe6bd0a1f58ff7388443bc1d3bf9c82cc31a8527aad92b0cd3a1bc41d0af5e1800e0dcbd7033e58ffd71 fix-fortify-system-wrappers.patch
4510fb92653d0fdcfbc6d30e18087c0d22d4acd5eb53be7d0a333abe087a9e0bf9e58e56bafe96e1e1b28ebd1fd33b8926dbb70c221007e335b33d1468755c66 fix-tools.patch
a4a3e062661bda64d502d426c480ac9645345860118de9df9ffe6e0597738c70c11e5cdef2d4fd12c5e2ee30a09310159230524655a419a4f7e4eeeb0f3c06b0 mallinfo.patch
454ea3263cabce099accbdc47aaf83be26a19f8b5a4568c01a7ef0384601cf8315efd86cd917f9c8bf419c2c845db89a905f3ff9a8eb0c8e41042e93aa96a85c disable-moz-stackwalk.patch
089c97e6011e86a9b9d9e7b0c8ba3af0519d1ce4e2b1e9ab7719762d6968388bfa47dad3bf23a6d41c3d66fdcc6c15e2c926e3ff9500bfd4fbf1b53e6d19dc57 fix-rust-target.patch
d35cacb9ede80e6bfbef0709823e536dddfb1c02d776275b0b7adb5969e9927d8c6117df96873569c3f3db0a18ee5db24f8086a9311a05077892be43a3dd8d79 fix-webrtc-glibcisms.patch
60845dcb034b2c4459c30f7d5f25c8176cf42df794e2cc0e86c3e2abb6541c24b962f3a16ca70a288d4d6f377b68d00b2904b22463108559612053d835d9bff1 fd6847c9416f9eebde636e21d794d25d1be8791d.patch
4e584621145cf8add069c6dac18e805b3274a1ee402d84e924df2341f7d3c5be261a93ef51283bacbd606f47fbdc628c4323ecc31efc5b403b8d224b18dc278f allow-custom-rust-vendor.patch
f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454 firefox.desktop
5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed firefox-safe.desktop
bb75b2abda86e455d81571052a2cfec5a9d858ffa91c50a7217b4b6c02cbfc0400e9114a27bd54ce78d7d3a44e9b03927cf0317654d98c0f39d26c63c9670117 remove-faulty-libvpx-check.patch
f963fcdba7307a0b1712dfb95ceba4ab49f449f60e550bb69d15d50272e6df9add90862251ee561e4ea5fd171a2703552ffa7aade92996f5f0b3e577f1544a6d disable-neon-in-aom.patch
4911ddb41bef8d9f6d6200159cde465627e940fe1c09099be55769d21a5a52a3f737e1bf803daa96126c035b091aea880fbc5d2e6cf5da96ddd17322461a72d6 sandbox-fork.patch
db26757b2ebf9f567962e32294b4ae48b3a5d0378a7589dfe650fe3a179ff58befbab5082981c68e1c25fb9e56b2db1e4e510d4bca17c3e3aedbf9a2f21806eb sandbox-sched_setscheduler.patch
5927f4f6fa9e6a208bed1f37e2c2f2e9633d280a7cb2baa0c74567107ba30524b7ccbbea5961a34eb7a3c39ec07c5a11ef5e2bb5dd5ca884441f9e868c056503 firefox-pipewire-0-3.patch
b8437c0d8c48b99f5a528d782340c6bb61509c444da8b3414acc3cb3359e547bf20f1cc3086881fb03c9db5bb3fb604bb900b3f9938bbc9bc3ddde9a679eaae2 fix-rustc-1.45-build.patch"
|
