diff options
Diffstat (limited to 'community/webkit2gtk/APKBUILD')
-rw-r--r-- | community/webkit2gtk/APKBUILD | 286 |
1 files changed, 237 insertions, 49 deletions
diff --git a/community/webkit2gtk/APKBUILD b/community/webkit2gtk/APKBUILD index a0010d62f15..8248eb70e05 100644 --- a/community/webkit2gtk/APKBUILD +++ b/community/webkit2gtk/APKBUILD @@ -1,64 +1,192 @@ # Contributor: Rasmus Thomsen <oss@cogitri.dev> # Contributor: Sergei Lukin <sergej.lukin@gmail.com> # Contributor: Jiri Horner <laeqten@gmail.com> -# Maintainer: Rasmus Thomsen <oss@cogitri.dev> +# Maintainer: Patrycja Rosa <alpine@ptrcnull.me> pkgname=webkit2gtk -pkgver=2.26.2 +pkgver=2.44.1 pkgrel=0 pkgdesc="Portable web rendering engine WebKit for GTK+" url="https://webkitgtk.org/" arch="all" license="LGPL-2.0-or-later AND BSD-2-Clause" -depends="bubblewrap xdg-dbus-proxy" +depends="bubblewrap xdg-dbus-proxy dbus:org.freedesktop.Secrets" makedepends=" bison + clang cmake - enchant-dev + enchant2-dev flex + flite-dev + geoclue-dev gnutls-dev gobject-introspection-dev gperf - gst-plugins-base-dev gst-plugins-bad-dev + gst-plugins-base-dev gstreamer-dev gtk+3.0-dev - gtk-doc hyphen-dev icu-dev + lcms2-dev + libavif-dev libgcrypt-dev libjpeg-turbo-dev - libnotify-dev + libmanette-dev libpng-dev libseccomp-dev libsecret-dev libsoup-dev libwebp-dev + libwpe-dev + libwpebackend-fdo-dev libxml2-dev libxslt-dev libxt-dev + llvm mesa-dev - ninja openjpeg-dev - openjpeg-tools pango-dev - paxmark - python2 + python3 ruby + samurai sqlite-dev + unifdef woff2-dev - geoclue-dev " replaces="webkit" options="!check" # upstream doesn't package them in release tarballs: Tools/Scripts/run-gtk-tests: Command not found -subpackages="$pkgname-dev $pkgname-lang" +subpackages="$pkgname-dev $pkgname-lang $pkgname-dbg" source="https://webkitgtk.org/releases/webkitgtk-$pkgver.tar.xz - fix-fast-memory-disabled.patch - musl-fixes.patch - fix-openjpeg.patch + armv6kz.patch + armv6-musttail.patch + cloopfix.patch + riscv64-no-wasm.patch " builddir="$srcdir/webkitgtk-$pkgver" # secfixes: +# 2.36.5-r0: +# - CVE-2022-2294 +# - CVE-2022-32792 +# - CVE-2022-32816 +# 2.36.4-r0: +# - CVE-2022-22677 +# - CVE-2022-22710 +# 2.36.1-r0: +# - CVE-2022-30293 +# - CVE-2022-30294 +# 2.36.0-r0: +# - CVE-2022-22624 +# - CVE-2022-22628 +# - CVE-2022-22629 +# 2.34.6-r0: +# - CVE-2022-22589 +# - CVE-2022-22590 +# - CVE-2022-22592 +# - CVE-2022-22620 +# 2.34.4-r0: +# - CVE-2021-30934 +# - CVE-2021-30936 +# - CVE-2021-30951 +# - CVE-2021-30952 +# - CVE-2021-30953 +# - CVE-2021-30954 +# - CVE-2021-30984 +# - CVE-2022-22637 +# - CVE-2022-22594 +# 2.34.3-r0: +# - CVE-2021-30887 +# - CVE-2021-30890 +# 2.34.1-r0: +# - CVE-2021-42762 +# 2.34.0-r0: +# - CVE-2021-30818 +# - CVE-2021-30823 +# - CVE-2021-30846 +# - CVE-2021-30851 +# - CVE-2021-30884 +# - CVE-2021-30888 +# - CVE-2021-30889 +# - CVE-2021-30897 +# - CVE-2021-45481 +# - CVE-2021-45483 +# 2.32.4-r0: +# - CVE-2021-30809 +# - CVE-2021-30836 +# - CVE-2021-30848 +# - CVE-2021-30849 +# - CVE-2021-30858 +# - CVE-2021-45482 +# 2.32.3-r0: +# - CVE-2021-21775 +# - CVE-2021-21779 +# - CVE-2021-30663 +# - CVE-2021-30665 +# - CVE-2021-30689 +# - CVE-2021-30720 +# - CVE-2021-30734 +# - CVE-2021-30744 +# - CVE-2021-30749 +# - CVE-2021-30795 +# - CVE-2021-30797 +# - CVE-2021-30799 +# 2.32.2-r0: +# - CVE-2021-30758 +# 2.32.0-r0: +# - CVE-2021-1788 +# - CVE-2021-1844 +# - CVE-2021-1871 +# - CVE-2021-30682 +# 2.30.6-r0: +# - CVE-2020-27918 +# - CVE-2020-29623 +# - CVE-2021-1765 +# - CVE-2021-1789 +# - CVE-2021-1799 +# - CVE-2021-1801 +# - CVE-2021-1870 +# - CVE-2021-21806 +# 2.30.5-r0: +# - CVE-2020-9947 +# - CVE-2020-13558 +# 2.30.3-r0: +# - CVE-2020-9983 +# - CVE-2020-13543 +# - CVE-2020-13584 +# 2.30.0-r0: +# - CVE-2020-9948 +# - CVE-2020-9951 +# - CVE-2021-1817 +# - CVE-2021-1820 +# - CVE-2021-1825 +# - CVE-2021-1826 +# - CVE-2021-30661 +# 2.28.4-r0: +# - CVE-2020-9862 +# - CVE-2020-9893 +# - CVE-2020-9894 +# - CVE-2020-9895 +# - CVE-2020-9915 +# - CVE-2020-9925 +# 2.28.3-r0: +# - CVE-2020-13753 +# - CVE-2020-9802 +# - CVE-2020-9803 +# - CVE-2020-9805 +# - CVE-2020-9806 +# - CVE-2020-9807 +# - CVE-2020-9843 +# - CVE-2020-9850 +# - CVE-2020-9952 +# 2.28.1-r0: +# - CVE-2020-11793 +# 2.28.0-r0: +# - CVE-2020-10018 +# - CVE-2021-30762 +# 2.26.3-r0: +# - CVE-2019-8835 +# - CVE-2019-8844 +# - CVE-2019-8846 # 2.26.2-r0: # - CVE-2019-8812 # - CVE-2019-8814 @@ -81,6 +209,8 @@ builddir="$srcdir/webkitgtk-$pkgver" # - CVE-2019-8771 # - CVE-2019-8782 # - CVE-2019-8815 +# - CVE-2021-30666 +# - CVE-2021-30761 # 2.24.4-r0: # - CVE-2019-8674 # - CVE-2019-8707 @@ -158,54 +288,112 @@ builddir="$srcdir/webkitgtk-$pkgver" # - CVE-2017-2371 # - CVE-2017-2373 +case "$CARCH" in +s390x) ;; +*) + makedepends="$makedepends lld libjxl-dev" + ;; +esac + build() { - local _archopt= case "$CARCH" in - # disable _FORTIFY_SOURCE to work around: - # cc1plus: out of memory allocating 65536 bytes after a total of 3131101184 bytes - x86) CXXFLAGS="$CXXFLAGS -U_FORTIFY_SOURCE";; - armhf|armv7|ppc64le|s390x) _archopt="-DENABLE_JIT=OFF";; + s390x|armhf|armv7|x86|ppc64le) + # llint/LowLevelInterpreter.cpp fails to build with fortify source here + export CXXFLAGS="$CXXFLAGS -U_FORTIFY_SOURCE" + ;; + esac + + case "$CARCH" in + armv7) + # clang fails to build armv7 due to some NEON related thing. + # https://github.com/WebKit/WebKit/pull/1233 should fix it + ;; + s390x|riscv64) + # no lld on s390x, broken on riscv64 + export CC=clang + export CXX=clang++ + ;; + *) + # the debug symbols become 1/2 the size, and actual webkit becomes + # smaller too. + export CC=clang + export CXX=clang++ + export LDFLAGS="$LDFLAGS -fuse-ld=lld" + ;; + esac + + case "$CARCH" in + arm*|aarch64|s390x|riscv64) + # arm: seemingly broken? + # s390x/riscv64: no lld + ;; + *) + local lto="-DLTO_MODE=thin" + ;; + esac + + case "$CARCH" in + s390x) + # no libjxl + local jxl="-DUSE_JPEGXL=OFF" + ;; + *) ;; + esac + + case "$CARCH" in + riscv64) + # not supported + local jit=" + -DENABLE_JIT=OFF + -DENABLE_C_LOOP=ON + -DENABLE_WEBASSEMBLY=OFF + " + ;; + *) ;; esac - # reduce memory usage on 32 bit - # https://bugs.webkit.org/show_bug.cgi?id=199272 + export AR=llvm-ar + export NM=llvm-nm + export RANLIB=llvm-ranlib + + # significantly reduce debug symbol size + export CFLAGS="$CFLAGS -g1" export CXXFLAGS="$CXXFLAGS -g1" - mkdir build - cd build - # disable gold usage since it can't find pthreads with it enabled - cmake -GNinja \ + # sampling profiler is broken on musl + cmake -B build -G Ninja \ -DPORT=GTK \ - -DCMAKE_BUILD_TYPE=MinSizeRel \ + -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_SKIP_RPATH=ON \ -DCMAKE_INSTALL_PREFIX=/usr \ - -DLIB_INSTALL_DIR=/usr/lib \ - -DENABLE_GTKDOC=OFF \ - -DENABLE_GEOLOCATION=ON \ - -DENABLE_SAMPLING_PROFILER=OFF \ + -DCMAKE_INSTALL_LIBDIR=lib \ + -DENABLE_DOCUMENTATION=OFF \ + -DENABLE_JOURNALD_LOG=OFF \ -DENABLE_MINIBROWSER=ON \ - -DUSE_WPE_RENDERER=OFF \ - -DUSE_WOFF2=ON \ - -DCMAKE_CXX_FLAGS="$CXXFLAGS" \ - -DUSE_LD_GOLD=OFF \ - $_archopt \ - .. - # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923476 - ninja JavaScriptCore-4-gir - ninja + -DENABLE_SAMPLING_PROFILER=OFF \ + -DENABLE_SPELLCHECK=ON \ + -DENABLE_SPEECH_SYNTHESIS=ON \ + -DUSE_SOUP2=ON \ + -DUSE_GTK4=OFF \ + -DUSE_LIBBACKTRACE=OFF \ + $lto \ + $jxl \ + $jit + cmake --build build } check() { - ninja -C "$builddir"/build check + ninja -C build check } package() { - DESTDIR="$pkgdir" ninja -C "$builddir"/build install - # needed for JIT - paxmark -m "$pkgdir"/usr/libexec/webkit2gtk-4.0/WebKitWebProcess + DESTDIR="$pkgdir" cmake --install build } -sha512sums="98d47282fd8f766dbe4a74c1a3f618aaeeeed69bd0666ed4e8674ae562b634681b3bd18b0d428df6bfefbaa3e18eb4cfb2fb077f5be4fed34cbc81c8293ec33e webkitgtk-2.26.2.tar.xz -e1537b9937af1cb936669d405993a52204cb9968b8b3161cb12a3f3f1343c260088c9490fcd7a7deeab6dbabdb5f7ce7e6cb2f857b9f0a4205aba6db2b11fb20 fix-fast-memory-disabled.patch -dfd5352272c02eeaae31af80eceb8158b84a92c15e4b3966912a2acdecf7e1aa1f6bf78992b88b344393b57724489e3452d57b7ab4ef7c9f2ef5acd10cb07b33 musl-fixes.patch -c517c012f5630ef6be5be7d9592c5e042a070f849a141859edefa7984acb98dbd0d718fe6613cd35ba3b7d8530beebcc7408fd077cd914ed335c5e524e9e746a fix-openjpeg.patch" +sha512sums=" +b1752303f9ee38ef98c1e5c0cad001d389eaedbbf07d13fed8699104e6e311cb47a9bed7089868cb92c53d2777aaff441147353da13123d5c8eee4adf8709169 webkitgtk-2.44.1.tar.xz +8c89d4ac737a2bd6d970fec3ecb9d0b72d61ffb9a37d4b0b56bc0106914398a65319e940c593c0305fc40d6900aac2a8b4fc3bafc9a96062063d15abd1f5039d armv6kz.patch +d3e3a20cf6f1447e15eec8636301fb5c4c12560e4a5d47707708425b0da8ab84e3b1a10f98c9ba4ed2e1a32a9c131055da14f8f74e8bde20d4269bf8313dc04d armv6-musttail.patch +49acf07095abb3c6114790b676f1fe4c1f6c4c4d66d2aed525e61291bd9857386749cc31a521e3f739758ed6d6b0e176a45543e7c58ca16c9c1b266222d362ed cloopfix.patch +61461d19f80108357d0469a855212308a49fb43f5a629d119f95492c3897444664cbe12beddc53d801878124a67e38b4a404d37d1ac9c0e5ce65d7586328b1d9 riscv64-no-wasm.patch +" |