diff options
Diffstat (limited to 'community/firefox-esr/APKBUILD')
| -rw-r--r-- | community/firefox-esr/APKBUILD | 828 |
1 files changed, 670 insertions, 158 deletions
diff --git a/community/firefox-esr/APKBUILD b/community/firefox-esr/APKBUILD index 6b891c2db95..5c3b8cd541f 100644 --- a/community/firefox-esr/APKBUILD +++ b/community/firefox-esr/APKBUILD @@ -1,80 +1,500 @@ +# Contributor: Natanael Copa <ncopa@alpinelinux.org> # Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net> -# Maintainer: Natanael Copa <ncopa@alpinelinux.org> +# Maintainer: Patrycja Rosa <alpine@ptrcnull.me> pkgname=firefox-esr -pkgver=68.5.0 +pkgver=115.10.0 +# Date of release, YY-MM-DD for metainfo file (see package()) +# https://www.mozilla.org/firefox/organizations/notes/ +_releasedate=2024-03-22 pkgrel=0 pkgdesc="Firefox web browser - Extended Support Release" url="https://www.mozilla.org/en-US/firefox/organizations/" -arch="all !s390x !armhf" # limited by rust and cargo on s390x, fails to build on armhf +# s390x and riscv64: blocked by rust and cargo +# armhf: build failure on armhf due to wasm +arch="x86_64 armv7 aarch64 x86 ppc64le" license="GPL-3.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND MPL-2.0" +install="$pkgname.post-upgrade" +depends=" + ffmpeg-libavcodec + " makedepends=" alsa-lib-dev - autoconf2.13 automake bsd-compat-headers - bzip2-dev cargo cbindgen - clang-dev + clang + clang-libclang dbus-glib-dev - ffmpeg-dev - gtk+2.0-dev + gettext gtk+3.0-dev hunspell-dev - icu-dev>=64.2 + icu-dev>=69.1 libevent-dev - libidl-dev + libffi-dev libjpeg-turbo-dev libnotify-dev libogg-dev libtheora-dev libtool libvorbis-dev - libxt-dev + libvpx-dev + libwebp-dev libxcomposite-dev - llvm9-dev + libxt-dev + lld + llvm-dev + m4 mesa-dev nasm nodejs nspr-dev - nss-dev>=3.45 - nss-static - python3-dev - sqlite-dev + nss-dev + pipewire-dev + pulseaudio-dev + py3-psutil + py3-zstandard + python3 sed - startup-notification-dev + wasi-sdk wireless-tools-dev - yasm zip - python2 " - +subpackages="$pkgname-intl" source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox-${pkgver}esr.source.tar.xz - stab.h - - fix-fortify-system-wrappers.patch - fix-seccomp-bpf.patch - fix-toolkit.patch - fix-tools.patch - mallinfo.patch - + audio-lfs64.patch disable-moz-stackwalk.patch - fix-musl.patch + esr-metainfo.patch + fix-fortify-system-wrappers.patch fix-rust-target.patch fix-webrtc-glibcisms.patch - fix-sandbox-membarrier.patch - fd6847c9416f9eebde636e21d794d25d1be8791d.patch + icu74.patch + lfs64.patch + no-ccache-stats.patch + ppc-musttail.patch + ppc-webrtc.patch + python-deps.patch + rust-lto-thin.patch + sandbox-fork.patch + sandbox-largefile.patch + sandbox-sched_setscheduler.patch + + stab.h firefox.desktop - firefox-safe.desktop" + mozilla-location.keys + vendor-prefs.js + " builddir="$srcdir/firefox-$pkgver" -_mozappdir=/usr/lib/firefox +_mozappdir=/usr/lib/firefox-esr # help our shared-object scanner to find the libs ldpath="$_mozappdir" # secfixes: +# 115.6.0-r0: +# - CVE-2023-6856 +# - CVE-2023-6865 +# - CVE-2023-6857 +# - CVE-2023-6858 +# - CVE-2023-6859 +# - CVE-2023-6860 +# - CVE-2023-6867 +# - CVE-2023-6861 +# - CVE-2023-6862 +# - CVE-2023-6863 +# - CVE-2023-6864 +# 115.5.0-r0: +# - CVE-2023-6204 +# - CVE-2023-6205 +# - CVE-2023-6206 +# - CVE-2023-6207 +# - CVE-2023-6208 +# - CVE-2023-6209 +# - CVE-2023-6212 +# 115.4.0-r0: +# - CVE-2023-5721 +# - CVE-2023-5732 +# - CVE-2023-5724 +# - CVE-2023-5725 +# - CVE-2023-5726 +# - CVE-2023-5727 +# - CVE-2023-5728 +# - CVE-2023-5730 +# 115.3.1-r0: +# - CVE-2023-5217 +# 115.3.0-r0: +# - CVE-2023-5168 +# - CVE-2023-5169 +# - CVE-2023-5171 +# - CVE-2023-5174 +# - CVE-2023-5176 +# 115.2.1-r0: +# - CVE-2023-4863 +# 115.2.0-r0: +# - CVE-2023-4573 +# - CVE-2023-4574 +# - CVE-2023-4575 +# - CVE-2023-4576 +# - CVE-2023-4577 +# - CVE-2023-4051 +# - CVE-2023-4578 +# - CVE-2023-4053 +# - CVE-2023-4580 +# - CVE-2023-4581 +# - CVE-2023-4582 +# - CVE-2023-4583 +# - CVE-2023-4584 +# - CVE-2023-4585 +# 115.1.0-r0: +# - CVE-2023-4045 +# - CVE-2023-4046 +# - CVE-2023-4047 +# - CVE-2023-4048 +# - CVE-2023-4049 +# - CVE-2023-4050 +# - CVE-2023-4052 +# - CVE-2023-4054 +# - CVE-2023-4055 +# - CVE-2023-4056 +# - CVE-2023-4057 +# 115.0.2-r0: +# - CVE-2023-3600 +# 115.0-r0: +# - CVE-2023-3482 +# - CVE-2023-37201 +# - CVE-2023-37202 +# - CVE-2023-37203 +# - CVE-2023-37204 +# - CVE-2023-37205 +# - CVE-2023-37206 +# - CVE-2023-37207 +# - CVE-2023-37208 +# - CVE-2023-37209 +# - CVE-2023-37210 +# - CVE-2023-37211 +# - CVE-2023-37212 +# 102.12.0-r0: +# - CVE-2023-34414 +# - CVE-2023-34416 +# 102.11.0-r0: +# - CVE-2023-32205 +# - CVE-2023-32206 +# - CVE-2023-32207 +# - CVE-2023-32211 +# - CVE-2023-32212 +# - CVE-2023-32213 +# - CVE-2023-32214 +# - CVE-2023-32215 +# 102.10.0-r0: +# - CVE-2023-29531 +# - CVE-2023-29532 +# - CVE-2023-29533 +# - CVE-2023-1999 +# - CVE-2023-29535 +# - CVE-2023-29536 +# - CVE-2023-29539 +# - CVE-2023-29541 +# - CVE-2023-29542 +# - CVE-2023-29545 +# - CVE-2023-1945 +# - CVE-2023-29548 +# - CVE-2023-29550 +# 102.9.0-r0: +# - CVE-2023-25751 +# - CVE-2023-28164 +# - CVE-2023-28162 +# - CVE-2023-25752 +# - CVE-2023-28163 +# - CVE-2023-28176 +# 102.8.0-r0: +# - CVE-2023-25728 +# - CVE-2023-25730 +# - CVE-2023-0767 +# - CVE-2023-25735 +# - CVE-2023-25737 +# - CVE-2023-25738 +# - CVE-2023-25739 +# - CVE-2023-25729 +# - CVE-2023-25732 +# - CVE-2023-25734 +# - CVE-2023-25742 +# - CVE-2023-25744 +# - CVE-2023-25746 +# 102.7.0-r0: +# - CVE-2022-46871 +# - CVE-2023-23598 +# - CVE-2023-23599 +# - CVE-2023-23601 +# - CVE-2023-23602 +# - CVE-2022-46877 +# - CVE-2023-23603 +# - CVE-2023-23605 +# 102.6.0-r0: +# - CVE-2022-46880 +# - CVE-2022-46872 +# - CVE-2022-46881 +# - CVE-2022-46874 +# - CVE-2022-46875 +# - CVE-2022-46882 +# - CVE-2022-46878 +# 102.5.0-r0: +# - CVE-2022-45403 +# - CVE-2022-45404 +# - CVE-2022-45405 +# - CVE-2022-45406 +# - CVE-2022-45408 +# - CVE-2022-45409 +# - CVE-2022-45410 +# - CVE-2022-45411 +# - CVE-2022-45412 +# - CVE-2022-45416 +# - CVE-2022-45418 +# - CVE-2022-45420 +# - CVE-2022-45421 +# 102.4.0-r0: +# - CVE-2022-42927 +# - CVE-2022-42928 +# - CVE-2022-42929 +# - CVE-2022-42932 +# 102.3.0-r0: +# - CVE-2022-3266 +# - CVE-2022-40959 +# - CVE-2022-40960 +# - CVE-2022-40958 +# - CVE-2022-40956 +# - CVE-2022-40957 +# - CVE-2022-40962 +# 102.2.0-r0: +# - CVE-2022-38472 +# - CVE-2022-38473 +# - CVE-2022-38476 +# - CVE-2022-38477 +# - CVE-2022-38478 +# 102.1.0-r0: +# - CVE-2022-2505 +# - CVE-2022-36314 +# - CVE-2022-36318 +# - CVE-2022-36319 +# 91.11.0-r0: +# - CVE-2022-2200 +# - CVE-2022-31744 +# - CVE-2022-34468 +# - CVE-2022-34470 +# - CVE-2022-34472 +# - CVE-2022-34478 +# - CVE-2022-34479 +# - CVE-2022-34481 +# - CVE-2022-34484 +# 91.10.0-r0: +# - CVE-2022-31736 +# - CVE-2022-31737 +# - CVE-2022-31738 +# - CVE-2022-31739 +# - CVE-2022-31740 +# - CVE-2022-31741 +# - CVE-2022-31742 +# - CVE-2022-31747 +# 91.9.1-r0: +# - CVE-2022-1529 +# - CVE-2022-1802 +# 91.9.0-r0: +# - CVE-2022-29909 +# - CVE-2022-29911 +# - CVE-2022-29912 +# - CVE-2022-29914 +# - CVE-2022-29916 +# - CVE-2022-29917 +# 91.8.0-r0: +# - CVE-2022-1097 +# - CVE-2022-1196 +# - CVE-2022-24713 +# - CVE-2022-28281 +# - CVE-2022-28282 +# - CVE-2022-28285 +# - CVE-2022-28286 +# - CVE-2022-28289 +# 91.7.0-r0: +# - CVE-2022-26381 +# - CVE-2022-26383 +# - CVE-2022-26384 +# - CVE-2022-26386 +# - CVE-2022-26387 +# 91.6.1-r0: +# - CVE-2022-26485 +# - CVE-2022-26486 +# 91.6.0-r0: +# - CVE-2022-22754 +# - CVE-2022-22756 +# - CVE-2022-22759 +# - CVE-2022-22760 +# - CVE-2022-22761 +# - CVE-2022-22763 +# - CVE-2022-22764 +# 91.5.0-r0: +# - CVE-2021-4140 +# - CVE-2022-22737 +# - CVE-2022-22738 +# - CVE-2022-22739 +# - CVE-2022-22740 +# - CVE-2022-22741 +# - CVE-2022-22742 +# - CVE-2022-22743 +# - CVE-2022-22744 +# - CVE-2022-22745 +# - CVE-2022-22746 +# - CVE-2022-22747 +# - CVE-2022-22748 +# - CVE-2022-22751 +# 91.4.0-r0: +# - CVE-2021-43536 +# - CVE-2021-43537 +# - CVE-2021-43538 +# - CVE-2021-43539 +# - CVE-2021-43541 +# - CVE-2021-43542 +# - CVE-2021-43543 +# - CVE-2021-43545 +# - CVE-2021-43546 +# 91.3.0-r0: +# - CVE-2021-38503 +# - CVE-2021-38504 +# - CVE-2021-38505 +# - CVE-2021-38506 +# - CVE-2021-38507 +# - CVE-2021-38508 +# - CVE-2021-38509 +# - CVE-2021-38510 +# 91.2.0-r0: +# - CVE-2021-32810 +# - CVE-2021-38492 +# - CVE-2021-38493 +# - CVE-2021-38495 +# - CVE-2021-38496 +# - CVE-2021-38497 +# - CVE-2021-38498 +# - CVE-2021-38500 +# - CVE-2021-38501 +# 78.13.0-r0: +# - CVE-2021-29980 +# - CVE-2021-29984 +# - CVE-2021-29985 +# - CVE-2021-29986 +# - CVE-2021-29988 +# - CVE-2021-29989 +# 78.12.0-r0: +# - CVE-2021-29970 +# - CVE-2021-29976 +# - CVE-2021-30547 +# 78.11.0-r0: +# - CVE-2021-29967 +# 78.10.0-r0: +# - CVE-2021-23961 +# - CVE-2021-23994 +# - CVE-2021-23995 +# - CVE-2021-23998 +# - CVE-2021-23999 +# - CVE-2021-24002 +# - CVE-2021-29945 +# - CVE-2021-29946 +# 78.9.0-r0: +# - CVE-2021-23981 +# - CVE-2021-23982 +# - CVE-2021-23984 +# - CVE-2021-23987 +# 78.8.0-r0: +# - CVE-2021-23968 +# - CVE-2021-23969 +# - CVE-2021-23973 +# - CVE-2021-23978 +# 78.7.0-r0: +# - CVE-2020-26976 +# - CVE-2021-23953 +# - CVE-2021-23954 +# - CVE-2021-23960 +# - CVE-2021-23964 +# 78.6.1-r0: +# - CVE-2020-16044 +# 78.6.0-r0: +# - CVE-2020-16042 +# - CVE-2020-26971 +# - CVE-2020-26973 +# - CVE-2020-26974 +# - CVE-2020-26978 +# - CVE-2020-35111 +# - CVE-2020-35112 +# - CVE-2020-35113 +# 78.5.0-r0: +# - CVE-2020-15683 +# - CVE-2020-15969 +# - CVE-2020-15999 +# - CVE-2020-16012 +# - CVE-2020-26950 +# - CVE-2020-26951 +# - CVE-2020-26953 +# - CVE-2020-26956 +# - CVE-2020-26958 +# - CVE-2020-26959 +# - CVE-2020-26960 +# - CVE-2020-26961 +# - CVE-2020-26965 +# - CVE-2020-26966 +# - CVE-2020-26968 +# 78.3.0-r0: +# - CVE-2020-15673 +# - CVE-2020-15676 +# - CVE-2020-15677 +# - CVE-2020-15678 +# 78.2.0-r0: +# - CVE-2020-15663 +# - CVE-2020-15664 +# - CVE-2020-15670 +# 78.1.0-r0: +# - CVE-2020-15652 +# - CVE-2020-15653 +# - CVE-2020-15654 +# - CVE-2020-15655 +# - CVE-2020-15656 +# - CVE-2020-15657 +# - CVE-2020-15658 +# - CVE-2020-15659 +# - CVE-2020-6463 +# - CVE-2020-6514 +# 68.10.0-r0: +# - CVE-2020-12417 +# - CVE-2020-12418 +# - CVE-2020-12419 +# - CVE-2020-12420 +# - CVE-2020-12421 +# 68.9.0-r0: +# - CVE-2020-12399 +# - CVE-2020-12405 +# - CVE-2020-12406 +# - CVE-2020-12410 +# 68.8.0-r0: +# - CVE-2020-12387 +# - CVE-2020-12388 +# - CVE-2020-12389 +# - CVE-2020-12392 +# - CVE-2020-12393 +# - CVE-2020-12395 +# - CVE-2020-6831 +# 68.7.0-r0: +# - CVE-2020-6821 +# - CVE-2020-6822 +# - CVE-2020-6825 +# 68.6.1-r0: +# - CVE-2020-6819 +# - CVE-2020-6820 +# 68.6.0-r0: +# - CVE-2019-20503 +# - CVE-2020-6805 +# - CVE-2020-6806 +# - CVE-2020-6807 +# - CVE-2020-6811 +# - CVE-2020-6812 +# - CVE-2020-6814 # 68.5.0-r0: # - CVE-2020-6796 # - CVE-2020-6797 @@ -180,161 +600,253 @@ ldpath="$_mozappdir" # - CVE-2018-5117 # 52.5.2-r0: # - CVE-2017-7843 -# - CVE-2017-7843 + +# we need this because cargo verifies checksums of all files in vendor +# crates when it builds and gives us no way to override or update the +# file sanely... so just clear out the file list +_clear_vendor_checksums() { + sed -i 's/\("files":{\)[^}]*/\1/' third_party/rust/$1/.cargo-checksum.json +} + +export SHELL=/bin/sh +export BUILD_OFFICIAL=1 +export MOZILLA_OFFICIAL=1 +export USE_SHORT_LIBNAME=1 +export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system +export MOZ_APP_PROFILE="mozilla/firefox" +export MOZ_APP_REMOTINGNAME=firefox-esr +export MOZBUILD_STATE_PATH="$srcdir"/mozbuild +# disable desktop notifications +export MOZ_NOSPAM=1 +# Find our triplet JSON +export RUST_TARGET="$CTARGET" + +# Build with Clang, takes less RAM +export CC="clang" +export CXX="clang++" + +# set rpath so linker finds the libs +export LDFLAGS="$LDFLAGS -Wl,-rpath,$_mozappdir" + +# let firefox do this itself. +unset CARGO_PROFILE_RELEASE_OPT_LEVEL +unset CARGO_PROFILE_RELEASE_LTO + +export CFLAGS="${CFLAGS/-fstack-clash-protection/} -g0 -O2" +export CXXFLAGS="${CXXFLAGS/-fstack-clash-protection/} -g0 -O2 -Wno-deprecated-builtins -Wno-deprecated-declarations" prepare() { default_prepare cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/ + + _clear_vendor_checksums audio_thread_priority + + base64 -d "$srcdir"/mozilla-location.keys > "$builddir"/mozilla-api-key + + # webrtc does not build on these + case "$CARCH" in + ppc64le) + local webrtc_config="ac_add_options --disable-webrtc" + ;; + esac + case "$CARCH" in + armv7) + # broken here + local rust_simd="ac_add_options --disable-rust-simd" + ;; + *) + local rust_simd="ac_add_options --enable-rust-simd" + ;; + esac + + case "$CARCH" in + aarch64|arm*|x86*) + # disable-elf-hack: exists only on aarch64, arm*, x86, x86_64 + local arch_config="ac_add_options --disable-elf-hack" + ;; + esac + + # sandbox only supported here + case "$CARCH" in + x86*|armv7|aarch64) + local sandbox="ac_add_options --enable-sandbox" + ;; + *) + local sandbox="ac_add_options --disable-sandbox" + ;; + esac + + cat > base-mozconfig <<-EOF + # disable unwanted things + ac_add_options --disable-bootstrap + ac_add_options --disable-cargo-incremental + ac_add_options --disable-crashreporter + ac_add_options --disable-debug + ac_add_options --disable-debug-symbols + ac_add_options --disable-install-strip + ac_add_options --disable-jemalloc + ac_add_options --disable-strip + ac_add_options --disable-tests + ac_add_options --disable-updater + + # features + ac_add_options --enable-alsa + ac_add_options --enable-dbus + ac_add_options --enable-default-toolkit=cairo-gtk3-wayland + ac_add_options --enable-ffmpeg + ac_add_options --enable-hardening + ac_add_options --enable-linker=lld + ac_add_options --enable-necko-wifi + ac_add_options --enable-official-branding + ac_add_options --enable-optimize="$CFLAGS" + ac_add_options --enable-pulseaudio + ac_add_options --enable-release + ac_add_options --enable-update-channel=release + + # system libs + ac_add_options --enable-system-pixman + ac_add_options --with-system-ffi + ac_add_options --with-system-icu + ac_add_options --with-system-jpeg + ac_add_options --with-system-libevent + ac_add_options --with-system-libvpx + ac_add_options --with-system-nspr + ac_add_options --with-system-nss + ac_add_options --with-system-png + ac_add_options --with-system-webp + ac_add_options --with-system-zlib + + # misc + ac_add_options --allow-addon-sideload + ac_add_options --prefix=/usr + ac_add_options --with-app-name=firefox-esr + ac_add_options --with-distribution-id=org.alpinelinux + ac_add_options --with-libclang-path=/usr/lib + ac_add_options --with-unsigned-addon-scopes=app,system + ac_add_options --with-wasi-sysroot=/usr/share/wasi-sysroot + ac_add_options --host=$CHOST + ac_add_options --target=$CTARGET + + # objdir + mk_add_options MOZ_OBJDIR="$builddir/obj" + + mk_add_options RUSTFLAGS="$RUSTFLAGS" + + # keys + # these are for alpine linux use only + ac_add_options --with-mozilla-api-keyfile="$builddir/mozilla-api-key" + + $arch_config + $rust_simd + $sandbox + $webrtc_config + EOF } build() { - mkdir -p "$builddir"/objdir - cd "$builddir"/objdir + cat > .mozconfig base-mozconfig - export SHELL=/bin/sh - export BUILD_OFFICIAL=1 - export MOZILLA_OFFICIAL=1 - export USE_SHORT_LIBNAME=1 - # gcc 6 - export CXXFLAGS="-fno-delete-null-pointer-checks -fno-schedule-insns2" + export MOZ_BUILD_DATE=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y%m%d%H%M%S") - # set rpath so linker finds the libs - export LDFLAGS="$LDFLAGS -Wl,-rpath,$_mozappdir" + # for lto + ulimit -n 4096 + + # can't be set here and fail + unset RUSTFLAGS + + local thinlto_jobs=${JOBS:-1} case "$CARCH" in - x86) - # disable-elf-hack: exists only on arm, x86, x86_64 - _arch_config="--disable-elf-hack" - export RUST_TARGET="i686-unknown-linux-musl" - ;; - x86_64) - # disable-elf-hack: exists only on arm, x86, x86_64 - _arch_config="--disable-elf-hack" - export RUST_TARGET="$CTARGET" - ;; - aarch64) - export RUST_TARGET="aarch64-unknown-linux-musl" - ;; - armv7) - # disable-elf-hack: exists only on arm, x86, x86_64 - _arch_config="--disable-elf-hack" - export RUST_TARGET="armv7-unknown-linux-musleabihf" - ;; - armhf) - # disable-elf-hack: exists only on arm, x86, x86_64 - _arch_config="--disable-elf-hack" - export RUST_TARGET="arm-unknown-linux-musleabihf" - ;; - ppc64le) - export RUST_TARGET="powerpc64le-unknown-linux-musl" - ;; + # on this platforms, lld seems to not utilise >1 threads for thinlto for some reason. + # at the same time, having more than 8 also crashes lld for firefox buildsystems (why?). + aarch64) + if [ $thinlto_jobs -gt 8 ]; then + thinlto_jobs=8 + fi + ;; esac - # FF doesn't have SIMD available on these arches. + export LDFLAGS="$LDFLAGS -Wl,--thinlto-jobs=$thinlto_jobs" + case "$CARCH" in - armhf|armv7) - _rust_simd="--disable-rust-simd" - _low_mem_flags="--disable-debug-symbols --disable-debug" - export RUSTFLAGS="$RUSTFLAGS -C debuginfo=0" - ;; - x86) - _low_mem_flags="--disable-debug-symbols --disable-debug" - export RUSTFLAGS="$RUSTFLAGS -C debuginfo=0" - ;; - *) _rust_simd="--enable-rust-simd" ;; + # lto for 64-bit systems only + aarch64|x86_64|ppc64le) + cat > .mozconfig base-mozconfig <<-EOF + ac_add_options --enable-lto=cross + EOF esac - ../configure \ - --prefix=/usr \ - $_arch_config \ - \ - --disable-crashreporter \ - --disable-gold \ - --disable-install-strip \ - --disable-jemalloc \ - --disable-profiling \ - --disable-pulseaudio \ - --disable-strip \ - --disable-tests \ - --disable-updater \ - \ - --enable-alsa \ - --enable-default-toolkit=cairo-gtk3 \ - --enable-official-branding \ - --enable-optimize="$CFLAGS -O2" \ - --enable-startup-notification \ - --enable-system-ffi \ - --enable-system-sqlite \ - --enable-ffmpeg \ - $_rust_simd \ - $_low_mem_flags \ - --enable-hardening \ - \ - --with-system-bz2 \ - --with-system-icu \ - --with-system-libevent \ - --with-system-nspr \ - --with-system-nss \ - --with-system-pixman \ - --with-system-png \ - --with-system-zlib \ - --with-clang-path=/usr/bin/clang \ - --with-libclang-path=/usr/lib - # FIXME: fix build with --with-system-libvpx and libvpx 1.8.0 - # https://bugzilla.mozilla.org/show_bug.cgi?id=1525393 - make + ./mach build } package() { - cd "$builddir"/objdir - - make install \ - DESTDIR="$pkgdir" \ - MOZ_MAKE_FLAGS="$MAKEOPTS" - - install -m755 -d "$pkgdir"/usr/share/applications - install -m755 -d "$pkgdir"/usr/share/pixmaps + DESTDIR="$pkgdir" ./mach install local _png - for _png in ../browser/branding/official/default*.png; do + for _png in ./browser/branding/official/default*.png; do local i=${_png%.png} i=${i##*/default} - install -D -m644 "$_png" "$pkgdir"/usr/share/icons/hicolor/"$i"x"$i"/apps/firefox.png + install -Dm644 "$_png" \ + "$pkgdir"/usr/share/icons/hicolor/"$i"x"$i"/apps/firefox-esr.png done - install -m644 "$builddir"/browser/branding/official/default48.png \ - "$pkgdir"/usr/share/pixmaps/firefox.png - install -m644 "$srcdir"/firefox.desktop "$pkgdir"/usr/share/applications/firefox.desktop - install -m644 "$srcdir"/firefox-safe.desktop "$pkgdir"/usr/share/applications/firefox-safe.desktop + install -Dm644 browser/branding/official/content/about-logo.png \ + "$pkgdir"/usr/share/icons/hicolor/192x192/apps/firefox-esr.png + install -Dm644 browser/branding/official/content/about-logo@2x.png \ + "$pkgdir"/usr/share/icons/hicolor/384x384/apps/firefox-esr.png + install -Dm644 browser/branding/official/content/about-logo.svg \ + "$pkgdir"/usr/share/icons/hicolor/scalable/apps/firefox-esr.svg - # install our vendor prefs - install -d "$pkgdir"/$_mozappdir/browser/defaults/preferences + install -Dm644 "$srcdir"/firefox.desktop \ + "$pkgdir"/usr/share/applications/firefox-esr.desktop - cat >> "$pkgdir"/$_mozappdir/browser/defaults/preferences/firefox-branding.js <<- EOF - // Use LANG environment variable to choose locale - pref("intl.locale.requested", ""); + # install our vendor prefs + install -Dm644 "$srcdir"/vendor-prefs.js \ + "$pkgdir"/$_mozappdir/browser/defaults/preferences/vendor.js - // Disable default browser checking. - pref("browser.shell.checkDefaultBrowser", false); + # Generate appdata file + mkdir -p "$pkgdir"/usr/share/metainfo/ + export VERSION="$pkgver" + export DATE="$_releasedate" + envsubst < "$builddir"/taskcluster/docker/firefox-flatpak/org.mozilla.firefox.appdata.xml.in > "$pkgdir"/usr/share/metainfo/org.mozilla.firefox-esr.appdata.xml - // Don't disable our bundled extensions in the application directory - pref("extensions.autoDisableScopes", 11); - pref("extensions.shownSelectionUI", true); + # Replace duplicate binary with wrapper + # https://bugzilla.mozilla.org/show_bug.cgi?id=658850 + install -Dm755 /dev/stdin "$pkgdir"/usr/bin/firefox-esr <<- EOF + #!/bin/sh + exec $_mozappdir/firefox-esr "\$@" EOF + rm "$pkgdir"/$_mozappdir/firefox-esr-bin + ln -sfv /usr/bin/firefox-esr "$pkgdir"/$_mozappdir/firefox-esr-bin } -sha512sums="0acf4ecd47bccf062ab330231e36355f5d84e66ab411f653ae3160583613840925bb473c0f7dfa4b15311a543940293c4633516851c9466c4b0133c9271710d3 firefox-68.5.0esr.source.tar.xz -0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127 stab.h -2f4f15974d52de4bb273b62a332d13620945d284bbc6fe6bd0a1f58ff7388443bc1d3bf9c82cc31a8527aad92b0cd3a1bc41d0af5e1800e0dcbd7033e58ffd71 fix-fortify-system-wrappers.patch -84b84d2d7dbc16002510bf856796ad345ac38ef6d3254670230189bba7c2d4781714d231236d5a3d70129a4597b430c3171644b01ad0f5a5bb13b55d407337a4 fix-seccomp-bpf.patch -2c65ea7280e6e89826ebad563ee25203a99ff0b4ba8fc60ec261ada6c69874d649c6ac92fcecc6307a6e5a00de27d7956acf944d556ddfadec0411be16f4e0b8 fix-toolkit.patch -4d55f41d15be7457ad630f8f07e4fc0314c2f75720010b4bbe6a2a7f3228210a1e069949e11795efbe2e784b0762e79fdfe5b8ec38e8a64cb8d9cf3b57dd5af1 fix-tools.patch -a4a3e062661bda64d502d426c480ac9645345860118de9df9ffe6e0597738c70c11e5cdef2d4fd12c5e2ee30a09310159230524655a419a4f7e4eeeb0f3c06b0 mallinfo.patch +intl() { + pkgdesc="$pkgname - International ICU data" + depends="icu-data-full" + install_if="$pkgname=$pkgver-r$pkgrel icu" + mkdir -p "$subpkgdir" +} + +sha512sums=" +0626e2c68ce43f24dfc2b9216e2565537ad8781daf4195d53420e1b78d57d0f6360fbe56b0ddbedae3818546c72472c85c1ff2b208c123d32a0543e666f42b65 firefox-115.10.0esr.source.tar.xz +3e0501ae7a650346c667dfdc0ae0ca286084f22e89ab2ac671cc0d7315673dc5b6dcb9f9882f6f39d26e9a31e57f7a0fd53d6b805e520224e22b8976850e2eb8 audio-lfs64.patch 454ea3263cabce099accbdc47aaf83be26a19f8b5a4568c01a7ef0384601cf8315efd86cd917f9c8bf419c2c845db89a905f3ff9a8eb0c8e41042e93aa96a85c disable-moz-stackwalk.patch -e0df4fc649012f023443ce9165da29d36459dbca5df64a31008b28d96264fba909858de36d0cf1b1cb1aab898342413f0cd77c90ebe21d1f9a0504631d6d1d0e fix-musl.patch -1bf1f579ced0ca47d156eb45962114f9867cf224c2ba34dfc106227648322ecf729243d2a6e84b72cb011abadc36ed84990960bded764fd4243fc9cb22084ce5 fix-rust-target.patch -d35cacb9ede80e6bfbef0709823e536dddfb1c02d776275b0b7adb5969e9927d8c6117df96873569c3f3db0a18ee5db24f8086a9311a05077892be43a3dd8d79 fix-webrtc-glibcisms.patch -f85f2c19c3dafab915bcb40e580fc442fd9eab5916696849edf0b105c758dd807dfe23a6479935613c81496711eb377c73227c03eb8582204c3442a4d0e397a2 fix-sandbox-membarrier.patch -60845dcb034b2c4459c30f7d5f25c8176cf42df794e2cc0e86c3e2abb6541c24b962f3a16ca70a288d4d6f377b68d00b2904b22463108559612053d835d9bff1 fd6847c9416f9eebde636e21d794d25d1be8791d.patch -f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454 firefox.desktop -5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed firefox-safe.desktop" +f7b3b45ba04d05d17439d009bf0c9f27881e126f424e2257552338a0c1e3771ee1289c044babcb0920f62af62873a268c0cf524e1d35711e6dc8b808ca5e9f26 esr-metainfo.patch +2f4f15974d52de4bb273b62a332d13620945d284bbc6fe6bd0a1f58ff7388443bc1d3bf9c82cc31a8527aad92b0cd3a1bc41d0af5e1800e0dcbd7033e58ffd71 fix-fortify-system-wrappers.patch +cd68b89e29e5f6379fbd5679db27b9a5ef70ea65e51c0d0a8137e1f1fd210e35a8cfb047798e9549bc7275606d7ec5c8d8af1335d29da4699db7acd8bc7ff556 fix-rust-target.patch +305c874fdea3096e9c4c6aa6520ac64bb1c347c4b59db8360096646593fe684c3b5377874d91cecd33d56d1410b4714fbdea2b514923723ecbeff79d51265d9b fix-webrtc-glibcisms.patch +afabea91b328c5a68eaa20f9099ac7b2d0e7f2423e816b05ed168bdd326a5684fa02de08bf05c6033e9b888f02775d1b0443a00329b7a632ee399122a391c13a icu74.patch +5fa9382c692e4bd6a2634308f24a6526fd12a60a2563d2090056d43a60505df3ec9881bbf54562e69394467529b3b0dc45955afca46ed329af03cea074fff070 lfs64.patch +c0437a6753f3f350968fa12d250efdfe1bea77baf0e4c06b072b5cc9e78c774dbf4506bc536337030d349fb3ba4460097b75b0c7c5b8fb2d39d8b0a392948936 no-ccache-stats.patch +2d8dff86212d6d2a904cbb5a5a1d6c17b89adc929fc6a3f4c6cb669f5e83ecddff5a799225319ba445a187b04d111251af75dd3ce8a039164bc14d2a432a2a04 ppc-musttail.patch +6f60e83599041db1b707c21784197ea9816b2c936b89a274bfc24554a600981e6f28448fe41fab0942bd31acd49b1c00beb2eb0961149f2ffa6a4154be123ea7 ppc-webrtc.patch +4e40b34c5f77a1a21fe971a6fcd8a21b1a63423a3a7932a5a6e1c7a2779f9f06a561c806614a01931679a4b1c6afdfd8ae1f3cc6b673f259ccd368e8e54f6e90 python-deps.patch +1c6918dd6655d3a1251bfd4af2e1c561cbb00d540a883b4c1ebf7f5de530d754d9ac07b4b5f56cdab6c511d25c8910ec94043f5733e97501a67abffe1bafaeb1 rust-lto-thin.patch +2518f2fc75b5db30058e0735f47d60fdf1e7adfaeee4b33fb2afb1bd9a616ce943fd88f4404d0802d4083703f4acf1d5ad42377218d025bc768807fbaf7e1609 sandbox-fork.patch +b7d0a6126bdf6c0569f80aabf5b37ed2c7a35712eb8a0404a2d85381552f5555d4f97d213ea26cec6a45dc2785f22439376ed5f8e78b4fd664ef0223307b333e sandbox-largefile.patch +f8c3555ef6207933cbffbf4fc101a9b4c0d2990c0063162f0f0bde70ef0b46f86bfac42e7110695183424a87948de593f3927b2d8509ede3e4fc7bd8a1fad1ce sandbox-sched_setscheduler.patch +0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127 stab.h +d354f48a29bfc16719f3b230b1395063239d4420f9e47522de4662392d9697b15f931ca3bf6055d100fa33d61a9a1a13477687d5eac99e50ae7dbef9882a5808 firefox.desktop +382510375b1a2fa79be0ab79e3391a021ae2c022429ffbaa7e7a69166f99bb56d01e59a1b10688592a29238f21c9d6977672bd77f9fae439b66bdfe0c55ddb15 mozilla-location.keys +fc45bc3ffb9404e5338ea26a9f04807b40f6f516324972cddd48bedb91b8bd7c6b8d4e03a0209020f5e67b703bc4ff89389985791b9bd544a0fc3951e2dc338e vendor-prefs.js +" |