1 files changed, 186 insertions, 47 deletions
diff --git a/community/webkit2gtk/APKBUILD b/community/webkit2gtk/APKBUILD
index 9718d04a667..8248eb70e05 100644
--- a/community/webkit2gtk/APKBUILD
+++ b/community/webkit2gtk/APKBUILD
@@ -1,20 +1,22 @@
 # Contributor: Rasmus Thomsen <oss@cogitri.dev>
 # Contributor: Sergei Lukin <sergej.lukin@gmail.com>
 # Contributor: Jiri Horner <laeqten@gmail.com>
-# Maintainer: Rasmus Thomsen <oss@cogitri.dev>
+# Maintainer: Patrycja Rosa <alpine@ptrcnull.me>
 pkgname=webkit2gtk
-pkgver=2.32.0
-pkgrel=1
+pkgver=2.44.1
+pkgrel=0
 pkgdesc="Portable web rendering engine WebKit for GTK+"
 url="https://webkitgtk.org/"
-arch="all !mips !mips64"
+arch="all"
 license="LGPL-2.0-or-later AND BSD-2-Clause"
 depends="bubblewrap xdg-dbus-proxy dbus:org.freedesktop.Secrets"
 makedepends="
 	bison
+	clang
 	cmake
 	enchant2-dev
 	flex
+	flite-dev
 	geoclue-dev
 	gnutls-dev
 	gobject-introspection-dev
@@ -23,49 +25,118 @@ makedepends="
 	gst-plugins-base-dev
 	gstreamer-dev
 	gtk+3.0-dev
-	gtk-doc
 	hyphen-dev
 	icu-dev
+	lcms2-dev
+	libavif-dev
 	libgcrypt-dev
 	libjpeg-turbo-dev
 	libmanette-dev
-	libnotify-dev
 	libpng-dev
 	libseccomp-dev
 	libsecret-dev
 	libsoup-dev
 	libwebp-dev
+	libwpe-dev
+	libwpebackend-fdo-dev
 	libxml2-dev
 	libxslt-dev
 	libxt-dev
+	llvm
 	mesa-dev
 	openjpeg-dev
-	openjpeg-tools
 	pango-dev
 	python3
 	ruby
 	samurai
 	sqlite-dev
+	unifdef
 	woff2-dev
-	ruby-json
-	libwpe-dev
-	libwpebackend-fdo-dev
 	"
 replaces="webkit"
 options="!check" # upstream doesn't package them in release tarballs: Tools/Scripts/run-gtk-tests: Command not found
 subpackages="$pkgname-dev $pkgname-lang $pkgname-dbg"
 source="https://webkitgtk.org/releases/webkitgtk-$pkgver.tar.xz
-	musl-fixes.patch
-	musl-stack-fix.patch
-	musl-wordsize.patch
+	armv6kz.patch
+	armv6-musttail.patch
+	cloopfix.patch
+	riscv64-no-wasm.patch
 	"
 builddir="$srcdir/webkitgtk-$pkgver"
 
 # secfixes:
+#   2.36.5-r0:
+#     - CVE-2022-2294
+#     - CVE-2022-32792
+#     - CVE-2022-32816
+#   2.36.4-r0:
+#     - CVE-2022-22677
+#     - CVE-2022-22710
+#   2.36.1-r0:
+#     - CVE-2022-30293
+#     - CVE-2022-30294
+#   2.36.0-r0:
+#     - CVE-2022-22624
+#     - CVE-2022-22628
+#     - CVE-2022-22629
+#   2.34.6-r0:
+#     - CVE-2022-22589
+#     - CVE-2022-22590
+#     - CVE-2022-22592
+#     - CVE-2022-22620
+#   2.34.4-r0:
+#     - CVE-2021-30934
+#     - CVE-2021-30936
+#     - CVE-2021-30951
+#     - CVE-2021-30952
+#     - CVE-2021-30953
+#     - CVE-2021-30954
+#     - CVE-2021-30984
+#     - CVE-2022-22637
+#     - CVE-2022-22594
+#   2.34.3-r0:
+#     - CVE-2021-30887
+#     - CVE-2021-30890
+#   2.34.1-r0:
+#     - CVE-2021-42762
+#   2.34.0-r0:
+#     - CVE-2021-30818
+#     - CVE-2021-30823
+#     - CVE-2021-30846
+#     - CVE-2021-30851
+#     - CVE-2021-30884
+#     - CVE-2021-30888
+#     - CVE-2021-30889
+#     - CVE-2021-30897
+#     - CVE-2021-45481
+#     - CVE-2021-45483
+#   2.32.4-r0:
+#     - CVE-2021-30809
+#     - CVE-2021-30836
+#     - CVE-2021-30848
+#     - CVE-2021-30849
+#     - CVE-2021-30858
+#     - CVE-2021-45482
+#   2.32.3-r0:
+#     - CVE-2021-21775
+#     - CVE-2021-21779
+#     - CVE-2021-30663
+#     - CVE-2021-30665
+#     - CVE-2021-30689
+#     - CVE-2021-30720
+#     - CVE-2021-30734
+#     - CVE-2021-30744
+#     - CVE-2021-30749
+#     - CVE-2021-30795
+#     - CVE-2021-30797
+#     - CVE-2021-30799
+#   2.32.2-r0:
+#     - CVE-2021-30758
 #   2.32.0-r0:
 #     - CVE-2021-1788
 #     - CVE-2021-1844
 #     - CVE-2021-1871
+#     - CVE-2021-30682
 #   2.30.6-r0:
 #     - CVE-2020-27918
 #     - CVE-2020-29623
@@ -74,16 +145,22 @@ builddir="$srcdir/webkitgtk-$pkgver"
 #     - CVE-2021-1799
 #     - CVE-2021-1801
 #     - CVE-2021-1870
+#     - CVE-2021-21806
 #   2.30.5-r0:
-#     - CVE-2020-13558
 #     - CVE-2020-9947
+#     - CVE-2020-13558
 #   2.30.3-r0:
+#     - CVE-2020-9983
 #     - CVE-2020-13543
 #     - CVE-2020-13584
-#     - CVE-2020-9983
 #   2.30.0-r0:
 #     - CVE-2020-9948
 #     - CVE-2020-9951
+#     - CVE-2021-1817
+#     - CVE-2021-1820
+#     - CVE-2021-1825
+#     - CVE-2021-1826
+#     - CVE-2021-30661
 #   2.28.4-r0:
 #     - CVE-2020-9862
 #     - CVE-2020-9893
@@ -105,6 +182,7 @@ builddir="$srcdir/webkitgtk-$pkgver"
 #     - CVE-2020-11793
 #   2.28.0-r0:
 #     - CVE-2020-10018
+#     - CVE-2021-30762
 #   2.26.3-r0:
 #     - CVE-2019-8835
 #     - CVE-2019-8844
@@ -131,6 +209,8 @@ builddir="$srcdir/webkitgtk-$pkgver"
 #     - CVE-2019-8771
 #     - CVE-2019-8782
 #     - CVE-2019-8815
+#     - CVE-2021-30666
+#     - CVE-2021-30761
 #   2.24.4-r0:
 #     - CVE-2019-8674
 #     - CVE-2019-8707
@@ -208,53 +288,112 @@ builddir="$srcdir/webkitgtk-$pkgver"
 #     - CVE-2017-2371
 #     - CVE-2017-2373
 
+case "$CARCH" in
+s390x) ;;
+*)
+	makedepends="$makedepends lld libjxl-dev"
+	;;
+esac
+
 build() {
-	local _archopt=
 	case "$CARCH" in
-		# disable _FORTIFY_SOURCE to work around:
-		# cc1plus: out of memory allocating 65536 bytes after a total of 3131101184 bytes
-		x86) CXXFLAGS="$CXXFLAGS -U_FORTIFY_SOURCE";;
-		armhf|ppc64le|s390x) _archopt="-DENABLE_JIT=OFF";;
+	s390x|armhf|armv7|x86|ppc64le)
+		# llint/LowLevelInterpreter.cpp fails to build with fortify source here
+		export CXXFLAGS="$CXXFLAGS -U_FORTIFY_SOURCE"
+		;;
+	esac
+
+	case "$CARCH" in
+	armv7)
+		# clang fails to build armv7 due to some NEON related thing.
+		# https://github.com/WebKit/WebKit/pull/1233 should fix it
+		;;
+	s390x|riscv64)
+		# no lld on s390x, broken on riscv64
+		export CC=clang
+		export CXX=clang++
+		;;
+	*)
+		# the debug symbols become 1/2 the size, and actual webkit becomes
+		# smaller too.
+		export CC=clang
+		export CXX=clang++
+		export LDFLAGS="$LDFLAGS -fuse-ld=lld"
+		;;
 	esac
 
-	# reduce memory usage on 32 bit
-	# https://bugs.webkit.org/show_bug.cgi?id=199272
+	case "$CARCH" in
+	arm*|aarch64|s390x|riscv64)
+		# arm: seemingly broken?
+		# s390x/riscv64: no lld
+		;;
+	*)
+		local lto="-DLTO_MODE=thin"
+		;;
+	esac
+
+	case "$CARCH" in
+	s390x)
+		# no libjxl
+		local jxl="-DUSE_JPEGXL=OFF"
+		;;
+	*) ;;
+	esac
+
+	case "$CARCH" in
+	riscv64)
+		# not supported
+		local jit="
+			-DENABLE_JIT=OFF
+			-DENABLE_C_LOOP=ON
+			-DENABLE_WEBASSEMBLY=OFF
+		"
+		;;
+	*) ;;
+	esac
+
+	export AR=llvm-ar
+	export NM=llvm-nm
+	export RANLIB=llvm-ranlib
+
+	# significantly reduce debug symbol size
+	export CFLAGS="$CFLAGS -g1"
 	export CXXFLAGS="$CXXFLAGS -g1"
 
-	mkdir build
-	cd build
-	# disable gold usage since it can't find pthreads with it enabled
-	cmake -GNinja \
+	# sampling profiler is broken on musl
+	cmake -B build -G Ninja \
 		-DPORT=GTK \
-		-DCMAKE_BUILD_TYPE=MinSizeRel \
+		-DCMAKE_BUILD_TYPE=Release \
 		-DCMAKE_SKIP_RPATH=ON \
 		-DCMAKE_INSTALL_PREFIX=/usr \
-		-DLIB_INSTALL_DIR=/usr/lib \
-		-DENABLE_GTKDOC=OFF \
-		-DENABLE_GEOLOCATION=ON \
-		-DENABLE_SAMPLING_PROFILER=OFF \
+		-DCMAKE_INSTALL_LIBDIR=lib \
+		-DENABLE_DOCUMENTATION=OFF \
+		-DENABLE_JOURNALD_LOG=OFF \
 		-DENABLE_MINIBROWSER=ON \
-		-DUSE_WPE_RENDERER=ON \
-		-DUSE_WOFF2=ON \
-		-DCMAKE_CXX_FLAGS="$CXXFLAGS" \
-		-DUSE_LD_GOLD=OFF \
-		-DUSE_SYSTEMD=OFF \
-		$_archopt \
-		..
-	# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923476
-	ninja JavaScriptCore-4-gir
-	ninja
+		-DENABLE_SAMPLING_PROFILER=OFF \
+		-DENABLE_SPELLCHECK=ON \
+		-DENABLE_SPEECH_SYNTHESIS=ON \
+		-DUSE_SOUP2=ON \
+		-DUSE_GTK4=OFF \
+		-DUSE_LIBBACKTRACE=OFF \
+		$lto \
+		$jxl \
+		$jit
+	cmake --build build
 }
 
 check() {
-	ninja -C "$builddir"/build check
+	ninja -C build check
 }
 
 package() {
-	DESTDIR="$pkgdir" ninja -C "$builddir"/build install
+	DESTDIR="$pkgdir" cmake --install build
 }
 
-sha512sums="4832a4614be24481028ca8a6480a8e6cfacd8e22f5ba9f936703c09944550056f06f75ccf8fffa7dee3f5a1d11ab1870841407745be2e61ebad6557a0934db15  webkitgtk-2.32.0.tar.xz
-49512e1b7cdd101971795437d04448e59a0c532955c271694675d53bc80a32a8f4166e46942ed148185ac0ac6be07acae8083605f8fed7b1bb4b224afb089b5d  musl-fixes.patch
-b80bcf92618992350e225cd635b503f963a299c2a1f80f17c3b6dd232ac300c8e2dd96aecfdf0a4d7f3e1bd7ed38247460a3b6f9e5871add119301cbca65d596  musl-stack-fix.patch
-787ec4a7f8f005808e8fb8dc65cfcf676a5afbc8b9fbc40e203a155ed8da9b7d5cf7d559637e1d2738d5ff3af6764e8cd1af186f8bd946444f344a8be5ab5ad0  musl-wordsize.patch"
+sha512sums="
+b1752303f9ee38ef98c1e5c0cad001d389eaedbbf07d13fed8699104e6e311cb47a9bed7089868cb92c53d2777aaff441147353da13123d5c8eee4adf8709169  webkitgtk-2.44.1.tar.xz
+8c89d4ac737a2bd6d970fec3ecb9d0b72d61ffb9a37d4b0b56bc0106914398a65319e940c593c0305fc40d6900aac2a8b4fc3bafc9a96062063d15abd1f5039d  armv6kz.patch
+d3e3a20cf6f1447e15eec8636301fb5c4c12560e4a5d47707708425b0da8ab84e3b1a10f98c9ba4ed2e1a32a9c131055da14f8f74e8bde20d4269bf8313dc04d  armv6-musttail.patch
+49acf07095abb3c6114790b676f1fe4c1f6c4c4d66d2aed525e61291bd9857386749cc31a521e3f739758ed6d6b0e176a45543e7c58ca16c9c1b266222d362ed  cloopfix.patch
+61461d19f80108357d0469a855212308a49fb43f5a629d119f95492c3897444664cbe12beddc53d801878124a67e38b4a404d37d1ac9c0e5ce65d7586328b1d9  riscv64-no-wasm.patch
+"