Commit | Line | Data |
---|---|---|
be0f6112 | 1 | ;;; GNU Guix --- Functional package management for GNU |
5deea4fc | 2 | ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr> |
89e34644 | 3 | ;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> |
98986200 | 4 | ;;; Copyright © 2014, 2015, 2016, 2017 Mark H Weaver <mhw@netris.org> |
1aaaff1a | 5 | ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com> |
58e87f66 | 6 | ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> |
88a8ce87 | 7 | ;;; Copyright © 2016 Alex Griffin <a@ajgrf.com> |
be0f6112 AE |
8 | ;;; |
9 | ;;; This file is part of GNU Guix. | |
10 | ;;; | |
11 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
12 | ;;; under the terms of the GNU General Public License as published by | |
13 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
14 | ;;; your option) any later version. | |
15 | ;;; | |
16 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
17 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
18 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
19 | ;;; GNU General Public License for more details. | |
20 | ;;; | |
21 | ;;; You should have received a copy of the GNU General Public License | |
22 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
23 | ||
24 | (define-module (gnu packages gnuzilla) | |
07d4d9b7 | 25 | #:use-module ((srfi srfi-1) #:hide (zip)) |
be0f6112 | 26 | #:use-module (gnu packages) |
b5b73a82 | 27 | #:use-module ((guix licenses) #:prefix license:) |
be0f6112 AE |
28 | #:use-module (guix packages) |
29 | #:use-module (guix download) | |
30 | #:use-module (guix build-system gnu) | |
bfb48f4f | 31 | #:use-module (gnu packages base) |
1aaaff1a | 32 | #:use-module (gnu packages databases) |
be0f6112 AE |
33 | #:use-module (gnu packages glib) |
34 | #:use-module (gnu packages gstreamer) | |
35 | #:use-module (gnu packages gtk) | |
90e1cdae MW |
36 | #:use-module (gnu packages gnome) |
37 | #:use-module (gnu packages libcanberra) | |
38 | #:use-module (gnu packages cups) | |
89e34644 | 39 | #:use-module (gnu packages kerberos) |
be0f6112 AE |
40 | #:use-module (gnu packages linux) |
41 | #:use-module (gnu packages perl) | |
42 | #:use-module (gnu packages pkg-config) | |
1ae6df81 | 43 | #:use-module (gnu packages compression) |
74c7af9f | 44 | #:use-module (gnu packages fontutils) |
1ae6df81 | 45 | #:use-module (gnu packages libevent) |
90e1cdae | 46 | #:use-module (gnu packages libreoffice) ;for hunspell |
e55354b8 | 47 | #:use-module (gnu packages image) |
1ae6df81 | 48 | #:use-module (gnu packages libffi) |
74c7af9f | 49 | #:use-module (gnu packages pulseaudio) |
be0f6112 AE |
50 | #:use-module (gnu packages python) |
51 | #:use-module (gnu packages xorg) | |
200726ed | 52 | #:use-module (gnu packages gl) |
01497dfe | 53 | #:use-module (gnu packages assembly) |
13b284d9 MW |
54 | #:use-module (gnu packages icu4c) |
55 | #:use-module (gnu packages video) | |
56 | #:use-module (gnu packages xdisorg) | |
be0f6112 AE |
57 | #:use-module (gnu packages zip)) |
58 | ||
4923e06f SB |
59 | (define-public mozjs |
60 | (package | |
61 | (name "mozjs") | |
62 | (version "17.0.0") | |
63 | (source (origin | |
64 | (method url-fetch) | |
65 | (uri (string-append | |
66 | "https://ftp.mozilla.org/pub/mozilla.org/js/" | |
67 | name version ".tar.gz")) | |
68 | (sha256 | |
69 | (base32 | |
68716289 SB |
70 | "1fig2wf4f10v43mqx67y68z6h77sy900d1w0pz9qarrqx57rc7ij")) |
71 | (modules '((guix build utils))) | |
72 | (snippet | |
73 | ;; Fix incompatibility with Perl 5.22+. | |
74 | '(substitute* '("js/src/config/milestone.pl") | |
75 | (("defined\\(@TEMPLATE_FILE)") "@TEMPLATE_FILE"))))) | |
4923e06f SB |
76 | (build-system gnu-build-system) |
77 | (native-inputs | |
b3546174 | 78 | `(("perl" ,perl) |
4923e06f SB |
79 | ("python" ,python-2))) |
80 | (arguments | |
d778fa5f LF |
81 | `(;; XXX: parallel build fails, lacking: |
82 | ;; mkdir -p "system_wrapper_js/" | |
83 | #:parallel-build? #f | |
84 | #:phases | |
4923e06f SB |
85 | (alist-cons-before |
86 | 'configure 'chdir | |
87 | (lambda _ | |
88 | (chdir "js/src")) | |
89 | (alist-replace | |
90 | 'configure | |
91 | ;; configure fails if it is followed by SHELL and CONFIG_SHELL | |
92 | (lambda* (#:key outputs #:allow-other-keys) | |
93 | (let ((out (assoc-ref outputs "out"))) | |
94 | (setenv "SHELL" (which "sh")) | |
95 | (setenv "CONFIG_SHELL" (which "sh")) | |
96 | (zero? (system* | |
97 | "./configure" (string-append "--prefix=" out))))) | |
98 | %standard-phases)))) | |
99 | (home-page | |
100 | "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey") | |
101 | (synopsis "Mozilla javascript engine") | |
102 | (description "SpiderMonkey is Mozilla's JavaScript engine written | |
103 | in C/C++.") | |
87158e85 | 104 | (license license:mpl2.0))) ; and others for some files |
4923e06f | 105 | |
cefdcb38 SB |
106 | (define-public mozjs-24 |
107 | (package (inherit mozjs) | |
108 | (name "mozjs") | |
109 | (version "24.2.0") | |
110 | (source (origin | |
111 | (method url-fetch) | |
112 | (uri (string-append | |
113 | "https://ftp.mozilla.org/pub/mozilla.org/js/" | |
114 | name "-" version ".tar.bz2")) | |
115 | (sha256 | |
116 | (base32 | |
68716289 SB |
117 | "1n1phk8r3l8icqrrap4czplnylawa0ddc2cc4cgdz46x3lrkybz6")) |
118 | (modules '((guix build utils))) | |
119 | (snippet | |
120 | ;; Fix incompatibility with Perl 5.22+. | |
121 | '(substitute* '("js/src/config/milestone.pl") | |
122 | (("defined\\(@TEMPLATE_FILE)") "@TEMPLATE_FILE"))))) | |
cefdcb38 | 123 | (arguments |
2d02a778 SB |
124 | '(;; XXX: parallel build fails, lacking: |
125 | ;; mkdir -p "system_wrapper_js/" | |
126 | #:parallel-build? #f | |
127 | #:phases | |
cefdcb38 SB |
128 | (modify-phases %standard-phases |
129 | (replace | |
130 | 'configure | |
131 | (lambda* (#:key outputs #:allow-other-keys) | |
132 | (let ((out (assoc-ref outputs "out"))) | |
133 | (chdir "js/src") | |
134 | ;; configure fails if it is follwed by SHELL and CONFIG_SHELL | |
135 | (setenv "SHELL" (which "sh")) | |
136 | (setenv "CONFIG_SHELL" (which "sh")) | |
137 | (zero? (system* "./configure" | |
138 | (string-append "--prefix=" out) | |
139 | "--with-system-nspr" | |
140 | "--enable-system-ffi" | |
141 | "--enable-threadsafe")))))))) | |
142 | (native-inputs | |
143 | `(("perl" ,perl) | |
144 | ("pkg-config" ,pkg-config) | |
145 | ("python" ,python-2))) | |
146 | (propagated-inputs | |
147 | `(("nspr" ,nspr))) ; in the Requires.private field of mozjs-24.pc | |
148 | (inputs | |
149 | `(("libffi" ,libffi) | |
150 | ("zlib" ,zlib))))) | |
151 | ||
4923e06f SB |
152 | (define-public nspr |
153 | (package | |
154 | (name "nspr") | |
728f3620 | 155 | (version "4.13.1") |
4923e06f SB |
156 | (source (origin |
157 | (method url-fetch) | |
158 | (uri (string-append | |
159 | "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v" | |
160 | version "/src/nspr-" version ".tar.gz")) | |
161 | (sha256 | |
162 | (base32 | |
728f3620 | 163 | "1arkg08l6zlp8v44shqbk2c8qzwd913lgh60fb3yfxls6d8ifk2y")))) |
4923e06f SB |
164 | (build-system gnu-build-system) |
165 | (native-inputs | |
b3546174 | 166 | `(("perl" ,perl))) |
4923e06f | 167 | (arguments |
8550894b LC |
168 | `(#:tests? #f ; no check target |
169 | #:configure-flags (list "--enable-64bit" | |
170 | (string-append "LDFLAGS=-Wl,-rpath=" | |
171 | (assoc-ref %outputs "out") | |
172 | "/lib")) | |
173 | #:phases (alist-cons-before | |
174 | 'configure 'chdir | |
175 | (lambda _ | |
176 | (chdir "nspr")) | |
177 | %standard-phases))) | |
4923e06f SB |
178 | (home-page |
179 | "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR") | |
180 | (synopsis "Netscape API for system level and libc-like functions") | |
181 | (description "Netscape Portable Runtime (NSPR) provides a | |
182 | platform-neutral API for system level and libc-like functions. It is used | |
183 | in the Mozilla clients.") | |
184 | (license license:mpl2.0))) | |
185 | ||
1aaaff1a SB |
186 | (define-public nss |
187 | (package | |
188 | (name "nss") | |
3b175eab | 189 | (version "3.29.2") |
1aaaff1a SB |
190 | (source (origin |
191 | (method url-fetch) | |
2bb9b5de MW |
192 | (uri (let ((version-with-underscores |
193 | (string-join (string-split version #\.) "_"))) | |
194 | (string-append | |
fe88f636 | 195 | "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" |
2bb9b5de MW |
196 | "releases/NSS_" version-with-underscores "_RTM/src/" |
197 | "nss-" version ".tar.gz"))) | |
1aaaff1a SB |
198 | (sha256 |
199 | (base32 | |
3b175eab | 200 | "149807rmzb76hnh48rw4m9jw83iw0168njzchz0hmbsgc8mk0i5w")) |
1aaaff1a | 201 | ;; Create nss.pc and nss-config. |
fc1adab1 | 202 | (patches (search-patches "nss-pkgconfig.patch")))) |
1aaaff1a SB |
203 | (build-system gnu-build-system) |
204 | (outputs '("out" "bin")) | |
205 | (arguments | |
206 | '(#:parallel-build? #f ; failed | |
207 | #:make-flags | |
208 | (let* ((out (assoc-ref %outputs "out")) | |
209 | (nspr (string-append (assoc-ref %build-inputs "nspr"))) | |
210 | (rpath (string-append "-Wl,-rpath=" out "/lib/nss"))) | |
211 | (list "-C" "nss" (string-append "PREFIX=" out) | |
212 | "NSDISTMODE=copy" | |
213 | "NSS_USE_SYSTEM_SQLITE=1" | |
214 | (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr") | |
215 | ;; Add $out/lib/nss to RPATH. | |
216 | (string-append "RPATH=" rpath) | |
217 | (string-append "LDFLAGS=" rpath))) | |
218 | #:modules ((guix build gnu-build-system) | |
219 | (guix build utils) | |
220 | (ice-9 ftw) | |
221 | (ice-9 match) | |
222 | (srfi srfi-26)) | |
1aaaff1a SB |
223 | #:phases |
224 | (alist-replace | |
225 | 'configure | |
226 | (lambda* (#:key system inputs #:allow-other-keys) | |
bea25ae8 | 227 | (setenv "CC" "gcc") |
1aaaff1a SB |
228 | ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system. |
229 | (when (string-prefix? "x86_64" system) | |
230 | (setenv "USE_64" "1")) | |
231 | #t) | |
232 | (alist-replace | |
233 | 'check | |
234 | (lambda _ | |
235 | ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. | |
236 | ;; The later requires a working DNS or /etc/hosts. | |
237 | (setenv "DOMSUF" "(none)") | |
238 | (setenv "USE_IP" "TRUE") | |
239 | (setenv "IP_ADDRESS" "127.0.0.1") | |
240 | (zero? (system* "./nss/tests/all.sh"))) | |
241 | (alist-replace | |
242 | 'install | |
243 | (lambda* (#:key outputs #:allow-other-keys) | |
244 | (let* ((out (assoc-ref outputs "out")) | |
245 | (bin (string-append (assoc-ref outputs "bin") "/bin")) | |
246 | (inc (string-append out "/include/nss")) | |
247 | (lib (string-append out "/lib/nss")) | |
248 | (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>)) | |
249 | ((obj) (string-append "dist/" obj))))) | |
250 | ;; Install nss-config to $out/bin. | |
96c46210 LC |
251 | (install-file (string-append obj "/bin/nss-config") |
252 | (string-append out "/bin")) | |
1aaaff1a SB |
253 | (delete-file (string-append obj "/bin/nss-config")) |
254 | ;; Install nss.pc to $out/lib/pkgconfig. | |
96c46210 LC |
255 | (install-file (string-append obj "/lib/pkgconfig/nss.pc") |
256 | (string-append out "/lib/pkgconfig")) | |
1aaaff1a SB |
257 | (delete-file (string-append obj "/lib/pkgconfig/nss.pc")) |
258 | (rmdir (string-append obj "/lib/pkgconfig")) | |
259 | ;; Install other files. | |
260 | (copy-recursively "dist/public/nss" inc) | |
261 | (copy-recursively (string-append obj "/bin") bin) | |
3161f6a4 MW |
262 | (copy-recursively (string-append obj "/lib") lib) |
263 | ||
264 | ;; FIXME: libgtest1.so is installed in the above step, and it's | |
265 | ;; (unnecessarily) linked with several NSS libraries, but | |
266 | ;; without the needed rpaths, causing the 'validate-runpath' | |
267 | ;; phase to fail. Here we simply delete libgtest1.so, since it | |
268 | ;; seems to be used only during the tests. | |
269 | (delete-file (string-append lib "/libgtest1.so")) | |
270 | ||
271 | #t)) | |
1aaaff1a SB |
272 | %standard-phases))))) |
273 | (inputs | |
274 | `(("sqlite" ,sqlite) | |
275 | ("zlib" ,zlib))) | |
276 | (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc. | |
277 | (native-inputs `(("perl" ,perl))) | |
86e3e370 | 278 | |
e9b718a0 MW |
279 | ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when |
280 | ;; another build is happening concurrently on the same machine. | |
281 | (properties '((timeout . 216000))) ; 60 hours | |
86e3e370 | 282 | |
1aaaff1a SB |
283 | (home-page |
284 | "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS") | |
285 | (synopsis "Network Security Services") | |
286 | (description | |
287 | "Network Security Services (NSS) is a set of libraries designed to support | |
288 | cross-platform development of security-enabled client and server applications. | |
289 | Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, | |
290 | PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security | |
291 | standards.") | |
292 | (license license:mpl2.0))) | |
293 | ||
bfb48f4f MW |
294 | (define (mozilla-patch file-name changeset hash) |
295 | "Return an origin for CHANGESET from the mozilla-esr45 repository." | |
296 | (origin | |
297 | (method url-fetch) | |
298 | (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr45/raw-rev/" | |
299 | changeset)) | |
300 | (sha256 (base32 hash)) | |
301 | (file-name file-name))) | |
302 | ||
be0f6112 AE |
303 | (define-public icecat |
304 | (package | |
305 | (name "icecat") | |
5bdec7d6 | 306 | (version "45.5.1-gnu1") |
be0f6112 AE |
307 | (source |
308 | (origin | |
309 | (method url-fetch) | |
5bdec7d6 MW |
310 | (uri (string-append "mirror://gnu/gnuzilla/" |
311 | (first (string-split version #\-)) | |
312 | "/" name "-" version ".tar.bz2")) | |
be0f6112 AE |
313 | (sha256 |
314 | (base32 | |
5bdec7d6 | 315 | "1sbfgsibmb8wfmb2g40gmqwq3nikmrgzksf51ydrz7gnafyfaqw1")) |
bfb48f4f | 316 | (patches |
5bdec7d6 MW |
317 | (list |
318 | (search-patch "icecat-avoid-bundled-libraries.patch") | |
319 | (search-patch "icecat-binutils.patch") | |
98986200 MW |
320 | (mozilla-patch "icecat-CVE-2016-9897.patch" "2e5438a92617" "0pyjbzyy04759ldpcar8q8cccv67j1jkxsg46rkq7a3rbhmwmw4p") |
321 | (mozilla-patch "icecat-CVE-2016-9899.patch" "7391f60fb790" "1hydggpmmm2cs9lb15micnkxn4wl4cda9g74hkn3zmks805vjz3h") | |
322 | (mozilla-patch "icecat-CVE-2016-9893-pt1.patch" "744e01001e6e" "0z2fq765kap3ll9as5rvjpnbj3pw26074alw7df0zi215qz47nxr") | |
323 | (mozilla-patch "icecat-CVE-2016-9904-pt1.patch" "8ae673f34a5b" "1rlbihckl9afa0y91lqs7gpnv6a7zxzrmxjv95y3yrl03kibqp76") | |
324 | (mozilla-patch "icecat-CVE-2016-9904-pt2.patch" "409c23c144fe" "05kgs16y8s5pxmg2dxp93247zagnj6zgj3209qpm5hz3an7gr13h") | |
325 | (mozilla-patch "icecat-CVE-2016-9900.patch" "994d9bd0e28d" "007wifyx3b2ln4fwv1i8n24yz5ngjf4mkzd7sqr5bpd3q88ff293") | |
326 | (mozilla-patch "icecat-CVE-2016-9893-pt2.patch" "0fc43af8982e" "0pc8q9knzq2knj723mwkay1lnzbzysb07ygxnc16mcb6f7vl2mw8") | |
327 | (mozilla-patch "icecat-CVE-2016-9893-pt3.patch" "19f9a4643d77" "0w5yxj1l0hvs66q9agjp4m5sfby7fj05lx33gaqf899bw4hn4vcf") | |
328 | (mozilla-patch "icecat-CVE-2016-9893-pt4.patch" "c58442c414f5" "1z1w1v8xagkhrwgp51ij1k2gx0ripslia09vm78812n7gcwddaas") | |
329 | (mozilla-patch "icecat-CVE-2016-9898.patch" "5054047b7328" "0xlw8irymfp3bcaa5jpf7clf7bq6qxp3i8zapp8jya8lzr1nf868") | |
330 | (mozilla-patch "icecat-bug-881832-pt1.patch" "1123263318a3" "1qkxwva3zrcs1zhga8ncmndq03988dx75i896g53gbvpskj06915") | |
331 | (mozilla-patch "icecat-bug-881832-pt2.patch" "dc87c0a39adf" "01rapf14f3r2wk0cjd16dn1rll4ipgs33cnjmjck48nvk67ikz6h") | |
332 | (mozilla-patch "icecat-bug-881832-pt3.patch" "f20e5f488368" "15ql9ywifb3gm2g1057k63f821dbs3wqsh3zhndprzf3dn6aha4i") | |
333 | (mozilla-patch "icecat-bug-881832-pt4.patch" "7950c4d5bd7c" "0jhkg5hq5yfy7rh21k1mpbsbr81ql85aazym30zy3n2cf28xxhd7") | |
334 | (mozilla-patch "icecat-bug-881832-pt5.patch" "972734ec21b6" "073i4v1f1ydy49i57pvzscz95sjr5bbk9s5sajxvmmcsmwhpjdfy") | |
335 | (mozilla-patch "icecat-CVE-2016-9905-pt1.patch" "aebd3687e05e" "1qz6hdgflcrqyg7fv66cbg23v4b7q5bc2yxzrgjxs4j1d7jy1s0s") | |
336 | (mozilla-patch "icecat-CVE-2016-9905-pt2.patch" "63d8e5cd27cb" "11fsgyngy7v59ma30xdbmycwf4izwikzvaljngm3ks4534inpl4a") | |
337 | (mozilla-patch "icecat-bug-1279202.patch" "e560997291af" "1hn35slasfcj3ryka4fsarx4l9r99z0iwj67fmbv6zxz4z133kks") | |
338 | (mozilla-patch "icecat-CVE-2016-9902.patch" "21c615b65048" "0ibgsxa36x9ajn2jqbhxxvrfvj6x6iyspsmzzn4brdz11n93skhr") | |
339 | (mozilla-patch "icecat-CVE-2016-9901.patch" "c15e5afc0430" "17gj32agqs94548z8lvz0l6zz3kbwajn8as0y4iw5nb6jsll4c66") | |
340 | (mozilla-patch "icecat-CVE-2016-9893-pt5.patch" "46163fb1cb34" "1yikayczfgfla3aka0159apq3149d52sgvlca0sivx4myd0lvjm7") | |
341 | (mozilla-patch "icecat-CVE-2016-9893-pt6.patch" "cde2a37100f5" "100abggnhwyw84almxrkxqfpyfkd4pqkcrh5y9g4d3jd2h16asvl") | |
342 | (mozilla-patch "icecat-CVE-2016-9893-pt7.patch" "9b78ab1e6d07" "19ib6bp96xk000ll40b8qxvizkncyzclz2rsb9w5fa42qs9978ff") | |
343 | (mozilla-patch "icecat-CVE-2016-9893-pt8.patch" "78ebf9c9dfb0" "1shgr4rk6r2zxr1qqk1j3qnnqzqxnbi093qhlrfh8q5q1ivqf6k1") | |
344 | (mozilla-patch "icecat-CVE-2016-9893-pt9.patch" "a46a9f16823c" "0dwkyz3kcqnfcbhbfh2lss7s0yh87rgzb871qxx3x4ynyqph9mnz") | |
ad914542 | 345 | (mozilla-patch "icecat-CVE-2017-5376.patch" "6bc7cc7a33a6" "1wggcqv84n8mp7xps7hy4rwy61fkh45imfqzc0b46s3w5hyhypn2") |
98986200 MW |
346 | (mozilla-patch "icecat-CVE-2016-9893-pt10.patch" "778f65148b40" "0j2a153sk0654vv2lnxjib4lwml3mlqn6vs46c2pp82iba8nyfrm") |
347 | (mozilla-patch "icecat-CVE-2016-9895.patch" "94bd2b43c766" "10h0qpr6m9cqyqxxnkbb6mzb3cagavzlynkxgd7a4izyq1bv28rk") | |
86c41ec3 | 348 | (mozilla-patch "icecat-CVE-2016-9893-pt11.patch" "893de7431d51" "11gyik8mwipl6ipypkvdq519pw7ccbg0g0bnvxb7271n44cqqcq5") |
ad914542 | 349 | (mozilla-patch "icecat-CVE-2017-5383-pt1.patch" "b21dee058b2c" "005khpimffqzas7slajid4dd2c15nyk7rjk6fsps87bgnx0gx0s4") |
86c41ec3 MW |
350 | (mozilla-patch "icecat-bug-1258410-pt1.patch" "cd23c5d74be8" "1myzkpzg6pmjacjz8az06m9kz84in1mwsiaw5sgx47pm02598wm5") |
351 | (mozilla-patch "icecat-bug-1258410-pt2.patch" "b83594617d15" "171cqflc9jh47az96im1whwhyq4ayicspqsczsmn2x5ll9lqw5fq") | |
ad914542 MW |
352 | (mozilla-patch "icecat-CVE-2017-5380.patch" "d6c6f5e4e641" "10x9f46ylm2q3i669hj1csd6agdm8w7xa0iln691z8ayg2hcrxdz") |
353 | (mozilla-patch "icecat-CVE-2017-5373-pt1.patch" "122f5fbfc563" "05pp2f4pg4j8a8pdgjhfrc8g2chhkhsarn9n8sbyag0fy3ig1cvd") | |
354 | (mozilla-patch "icecat-CVE-2017-5390.patch" "297c675ddadc" "1jc1b5i69vq1fvz3qfnnv52c9cj17bjbmfyzmqlw5ywna0wfvabz") | |
355 | (mozilla-patch "icecat-CVE-2017-5373-pt2.patch" "3cff736e3bb6" "1nxqwnl9zksvkfkmis7zica4xrhwfndjyy2sxc1dvrh9rshk1swq") | |
356 | (mozilla-patch "icecat-CVE-2017-5373-pt3.patch" "2732280adabc" "0zrpq3aybaw2yy38vs6883a4nw01x4kxn3lfqn9yhcgjvngmmyia") | |
357 | (mozilla-patch "icecat-CVE-2017-5373-pt4.patch" "81c9fdbd96e8" "0scv1zyi4vbsjdsyj4w70n5jd50baq0dzw3qpxqf1n69nfb9k214") | |
358 | (mozilla-patch "icecat-CVE-2017-5373-pt5.patch" "a386ca6a3013" "1m1scz2pxzmg9wya8is5dcr3mgvkx3g1xlykgigmw2mqs5zcdg9s") | |
359 | (mozilla-patch "icecat-CVE-2017-5373-pt6.patch" "0521b0e4707c" "1mv057p4hcvapibpbd9apryag19aiqdzafc6df2angl97m4mcbjx") | |
75776803 MW |
360 | (mozilla-patch "icecat-bug-1290037.patch" "bf0dd9ae6807" "02iw5ngsvvij95arnn69a744d6si27g1x41ixg16l51dbn900b3r") |
361 | (mozilla-patch "icecat-bug-1322666.patch" "576f03e362c5" "0m88xs0jwhzx2lg12cvimxjknp7rpsvvhxxblhiqqjwnqip0pyc0") | |
362 | (mozilla-patch "icecat-bug-1304266.patch" "4d82e7314a72" "1rrrw4rw0xv7c2myiypcqh1fk47rk3fvic79zh6m04bl3knclr1r") | |
ad914542 MW |
363 | (mozilla-patch "icecat-CVE-2017-5373-pt7.patch" "0617dd4b444d" "1ipags2cl2p521pm0qx110h5di2mgif6h1r3g8l9b0rc5m9b1y2j") |
364 | (mozilla-patch "icecat-CVE-2017-5375.patch" "ead08c2a6c57" "1nnnwdr7411xpz6n9j869g6sz447cq6xsmds9cw6d24iprcinp5m") | |
365 | (mozilla-patch "icecat-CVE-2017-5378-pt1.patch" "c5e67d41bdd0" "05kwn5zv381lsiw9vbzm8fh6s1lddx47l8f4pwg487h9dj7vbdfq") | |
366 | (mozilla-patch "icecat-CVE-2017-5373-pt8.patch" "2ce94f2ea797" "1yrnjqpafjns68z99s1m6jins3agid7c1z3v9qgk5xzfcddl31pn") | |
367 | (mozilla-patch "icecat-CVE-2017-5373-pt9.patch" "e4ac8a66d3db" "1ggbh6nk005plm7kvp7qznbnlpidqkipxc5hlaqbjc3m0z9mypzl") | |
368 | (mozilla-patch "icecat-CVE-2017-5386.patch" "8c171b75a0c6" "1cplkgwkhqvb62q7s8cya2drjdswnlicv5d9a60fxvnp6m7a3z02") | |
369 | (mozilla-patch "icecat-CVE-2017-5383-pt2.patch" "79a31d8153bf" "0dzwk2hc741c0jr8xya4y8q59lk8mcgnvfdrdk0vzq1gby16b9zi") | |
370 | (mozilla-patch "icecat-CVE-2017-5378-pt2.patch" "747085a1cd93" "0rpc8hl0jka4akdjnlwya4x9v4pqa1r5vc4pkmxsgvqpp2vkq4m2") | |
371 | (mozilla-patch "icecat-bug-1331606.patch" "f0329536734b" "1br5shyfwp009y623wgjq60vhcp5k5zpzkgy4r3s5yrm5xyfcprf") | |
372 | (mozilla-patch "icecat-bug-1328642.patch" "237c1ca6e035" "0808g5j17var6wv6ivj08i43fwkga9abmmgmz5w3hb8mhajkjw58") | |
373 | (mozilla-patch "icecat-CVE-2017-5396.patch" "910ad552cbf5" "1qss3gc6n4myzwvwanc09xvyiq3hwhixn2xvpbk9xkfz2apdlfa6") | |
374 | (mozilla-patch "icecat-bug-1312827.patch" "5c894801eb1e" "03xyjwx9rfx5w7q6wq9if83fcfgrlvvbyxpsawzxxgybnizyy7g8") | |
375 | (mozilla-patch "icecat-bug-1191841.patch" "83ee87b301bd" "1kd9z4py372a2f1jg7jwvwri43vipf0k7lcvsg7b0cqr5p70zwcg") | |
376 | (mozilla-patch "icecat-bug-1234317.patch" "eb6f18dbfe8d" "1dh3263fvg3dxav09g6fn41ax4q1jmwp5fk6pl6shn16mrfha1qq"))) | |
90e1cdae MW |
377 | (modules '((guix build utils))) |
378 | (snippet | |
379 | '(begin | |
bfb48f4f | 380 | (use-modules (ice-9 ftw)) |
90e1cdae MW |
381 | ;; Remove bundled libraries that we don't use, since they may |
382 | ;; contain unpatched security flaws, they waste disk space and | |
383 | ;; network bandwidth, and may cause confusion. | |
384 | (for-each delete-file-recursively | |
385 | '(;; FIXME: Removing the bundled icu breaks configure. | |
386 | ;; * The bundled icu headers are used in some places. | |
387 | ;; * The version number is taken from the bundled copy. | |
388 | ;;"intl/icu" | |
389 | ;; | |
390 | ;; FIXME: A script from the bundled nspr is used. | |
391 | ;;"nsprpub" | |
392 | ;; | |
393 | ;; TODO: Use system media libraries. Waiting for: | |
394 | ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=517422> | |
395 | ;; * libogg | |
396 | ;; * libtheora | |
397 | ;; * libvorbis | |
398 | ;; * libtremor (not yet in guix) | |
399 | ;; * libopus | |
400 | ;; * speex | |
401 | ;; * soundtouch (not yet in guix) | |
402 | ;; | |
403 | ;; TODO: Use system harfbuzz. Waiting for: | |
404 | ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=847568> | |
405 | ;; | |
59d4cf1c MW |
406 | ;; TODO: Use system graphite2. |
407 | ;; | |
90e1cdae MW |
408 | "modules/freetype2" |
409 | "modules/zlib" | |
410 | "modules/libbz2" | |
411 | "ipc/chromium/src/third_party/libevent" | |
7cba7647 | 412 | "media/libjpeg" |
90e1cdae MW |
413 | "media/libvpx" |
414 | "security/nss" | |
415 | "gfx/cairo" | |
416 | "js/src/ctypes/libffi" | |
417 | "db/sqlite3")) | |
bfb48f4f MW |
418 | ;; Delete .pyc files, typically present in icecat source tarballs |
419 | (for-each delete-file (find-files "." "\\.pyc$")) | |
5bdec7d6 | 420 | ;; Delete obj-* directories, sometimes present in icecat tarballs |
bfb48f4f MW |
421 | (for-each delete-file-recursively |
422 | (scandir "." (lambda (name) | |
423 | (string-prefix? "obj-" name)))) | |
a5e55dfb | 424 | #t)))) |
be0f6112 AE |
425 | (build-system gnu-build-system) |
426 | (inputs | |
427 | `(("alsa-lib" ,alsa-lib) | |
1ae6df81 | 428 | ("bzip2" ,bzip2) |
5b17fabc | 429 | ("cairo" ,cairo) |
90e1cdae | 430 | ("cups" ,cups) |
be0f6112 | 431 | ("dbus-glib" ,dbus-glib) |
90e1cdae MW |
432 | ("gdk-pixbuf" ,gdk-pixbuf) |
433 | ("glib" ,glib) | |
43cc5c5e MW |
434 | ("gstreamer" ,gstreamer) |
435 | ("gst-plugins-base" ,gst-plugins-base) | |
2f63e087 | 436 | ("gtk+" ,gtk+-2) |
74c7af9f MW |
437 | ("pango" ,pango) |
438 | ("freetype" ,freetype) | |
90e1cdae MW |
439 | ("hunspell" ,hunspell) |
440 | ("libcanberra" ,libcanberra) | |
441 | ("libgnome" ,libgnome) | |
7cba7647 | 442 | ("libjpeg-turbo" ,libjpeg-turbo) |
74c7af9f | 443 | ("libxft" ,libxft) |
e8fc1a0d | 444 | ("libevent" ,libevent-2.0) |
90e1cdae MW |
445 | ("libxinerama" ,libxinerama) |
446 | ("libxscrnsaver" ,libxscrnsaver) | |
9f7ae77f | 447 | ("libxcomposite" ,libxcomposite) |
be0f6112 | 448 | ("libxt" ,libxt) |
1ae6df81 | 449 | ("libffi" ,libffi) |
13b284d9 MW |
450 | ("libvpx" ,libvpx) |
451 | ("icu4c" ,icu4c) | |
452 | ("pixman" ,pixman) | |
74c7af9f | 453 | ("pulseaudio" ,pulseaudio) |
be0f6112 | 454 | ("mesa" ,mesa) |
90e1cdae | 455 | ("mit-krb5" ,mit-krb5) |
5b17fabc MW |
456 | ("nspr" ,nspr) |
457 | ("nss" ,nss) | |
9bc79c11 | 458 | ("sqlite" ,sqlite) |
90e1cdae | 459 | ("startup-notification" ,startup-notification) |
be0f6112 AE |
460 | ("unzip" ,unzip) |
461 | ("yasm" ,yasm) | |
1ae6df81 LC |
462 | ("zip" ,zip) |
463 | ("zlib" ,zlib))) | |
c4c4cc05 JD |
464 | (native-inputs |
465 | `(("perl" ,perl) | |
466 | ("python" ,python-2) ; Python 3 not supported | |
467 | ("python2-pysqlite" ,python2-pysqlite) | |
bfb48f4f MW |
468 | ("pkg-config" ,pkg-config) |
469 | ("which" ,which))) | |
be0f6112 | 470 | (arguments |
74c7af9f MW |
471 | `(#:tests? #f ; no check target |
472 | #:out-of-source? #t ; must be built outside of the source directory | |
a308c233 | 473 | #:parallel-build? #f |
73b1b4eb LC |
474 | |
475 | ;; XXX: There are RUNPATH issues such as | |
476 | ;; $prefix/lib/icecat-31.6.0/plugin-container NEEDing libmozalloc.so, | |
477 | ;; which is not in its RUNPATH, but they appear to be harmless in | |
478 | ;; practice somehow. See <http://hydra.gnu.org/build/378133>. | |
479 | #:validate-runpath? #f | |
480 | ||
2f63e087 | 481 | #:configure-flags '("--enable-default-toolkit=cairo-gtk2" |
90e1cdae MW |
482 | "--enable-pango" |
483 | "--enable-gio" | |
484 | "--enable-svg" | |
485 | "--enable-canvas" | |
486 | "--enable-mathml" | |
487 | "--enable-startup-notification" | |
488 | "--enable-pulseaudio" | |
489 | "--enable-gstreamer=1.0" | |
490 | ||
491 | "--disable-gnomevfs" | |
492 | "--disable-gconf" | |
493 | "--disable-gnomeui" | |
494 | ||
495 | ;; Building with debugging symbols takes ~5GiB, so | |
1ae6df81 LC |
496 | ;; disable it. |
497 | "--disable-debug" | |
498 | "--disable-debug-symbols" | |
499 | ||
5bdec7d6 MW |
500 | ;; Hack to work around missing |
501 | ;; "unofficial" branding in icecat. | |
bfb48f4f MW |
502 | "--enable-official-branding" |
503 | ||
90e1cdae | 504 | ;; Avoid bundled libraries. |
1ae6df81 | 505 | "--with-system-zlib" |
90e1cdae | 506 | "--with-system-bz2" |
7cba7647 | 507 | "--with-system-jpeg" ; must be libjpeg-turbo |
1ae6df81 | 508 | "--with-system-libevent" |
13b284d9 MW |
509 | "--with-system-libvpx" |
510 | "--with-system-icu" | |
5b17fabc MW |
511 | "--with-system-nspr" |
512 | "--with-system-nss" | |
13b284d9 | 513 | "--enable-system-pixman" |
5b17fabc MW |
514 | "--enable-system-cairo" |
515 | "--enable-system-ffi" | |
90e1cdae | 516 | "--enable-system-hunspell" |
9128e323 | 517 | "--enable-system-sqlite" |
1ae6df81 | 518 | |
98a046cd AE |
519 | ;; Fails with "--with-system-png won't work because |
520 | ;; the system's libpng doesn't have APNG support". | |
521 | ;; According to | |
522 | ;; http://sourceforge.net/projects/libpng-apng/ , | |
523 | ;; "the Animated Portable Network Graphics (APNG) | |
524 | ;; is an unofficial extension of the Portable | |
525 | ;; Network Graphics (PNG) format"; | |
526 | ;; we probably do not wish to support it. | |
1ae6df81 | 527 | ;; "--with-system-png" |
5b17fabc | 528 | ) |
1ae6df81 | 529 | |
9f7ae77f | 530 | #:modules ((ice-9 ftw) |
6cde5c34 LC |
531 | (ice-9 rdelim) |
532 | (ice-9 match) | |
9f7ae77f | 533 | ,@%gnu-build-system-modules) |
be0f6112 | 534 | #:phases |
90e1cdae | 535 | (modify-phases %standard-phases |
9f7ae77f MW |
536 | (add-after |
537 | 'unpack 'ensure-no-mtimes-pre-1980 | |
538 | (lambda _ | |
539 | ;; Without this, the 'source/test/addons/packed.xpi' and | |
540 | ;; 'source/test/addons/simple-prefs.xpi' targets fail while trying | |
541 | ;; to create zip archives. | |
542 | (let ((early-1980 315619200)) ; 1980-01-02 UTC | |
543 | (ftw "." (lambda (file stat flag) | |
544 | (unless (<= early-1980 (stat:mtime stat)) | |
545 | (utime file early-1980 early-1980)) | |
546 | #t)) | |
547 | #t))) | |
90e1cdae MW |
548 | (add-after |
549 | 'unpack 'remove-h264parse-from-blacklist | |
550 | (lambda _ | |
551 | ;; Remove h264parse from gstreamer format helper blacklist. It | |
552 | ;; was put there to work around a bug in a pre-1.0 version of | |
553 | ;; gstreamer. See: | |
554 | ;; https://www.mozilla.org/en-US/security/advisories/mfsa2015-47/ | |
9f7ae77f | 555 | (substitute* "dom/media/gstreamer/GStreamerFormatHelper.cpp" |
90e1cdae MW |
556 | (("^ \"h264parse\",\n") "")) |
557 | #t)) | |
558 | (add-after | |
559 | 'unpack 'arrange-to-link-libxul-with-libraries-it-might-dlopen | |
560 | (lambda _ | |
561 | ;; libxul.so dynamically opens libraries, so here we explicitly | |
562 | ;; link them into libxul.so instead. | |
563 | ;; | |
564 | ;; TODO: It might be preferable to patch in absolute file names in | |
565 | ;; calls to dlopen or PR_LoadLibrary, but that didn't seem to | |
566 | ;; work. More investigation is needed. | |
9f7ae77f MW |
567 | (substitute* "toolkit/library/moz.build" |
568 | (("^# This needs to be last") | |
569 | "OS_LIBS += [ | |
570 | 'GL', 'gnome-2', 'canberra', 'Xss', 'cups', 'gssapi_krb5', | |
571 | 'gstreamer-1.0', 'gstapp-1.0', 'gstvideo-1.0' ]\n\n")) | |
572 | #t)) | |
90e1cdae MW |
573 | (replace |
574 | 'configure | |
575 | ;; configure does not work followed by both "SHELL=..." and | |
576 | ;; "CONFIG_SHELL=..."; set environment variables instead | |
577 | (lambda* (#:key outputs configure-flags #:allow-other-keys) | |
578 | (let* ((out (assoc-ref outputs "out")) | |
579 | (bash (which "bash")) | |
580 | (abs-srcdir (getcwd)) | |
581 | (srcdir (string-append "../" (basename abs-srcdir))) | |
582 | (flags `(,(string-append "--prefix=" out) | |
583 | ,(string-append "--with-l10n-base=" | |
584 | abs-srcdir "/l10n") | |
585 | ,@configure-flags))) | |
586 | (setenv "SHELL" bash) | |
587 | (setenv "CONFIG_SHELL" bash) | |
588 | (mkdir "../build") | |
589 | (chdir "../build") | |
590 | (format #t "build directory: ~s~%" (getcwd)) | |
591 | (format #t "configure flags: ~s~%" flags) | |
592 | (zero? (apply system* bash | |
593 | (string-append srcdir "/configure") | |
6cde5c34 LC |
594 | flags))))) |
595 | (add-before 'configure 'install-desktop-entry | |
596 | (lambda* (#:key outputs #:allow-other-keys) | |
597 | ;; Install the '.desktop' file. | |
598 | (define (swallow-%%-directives input output) | |
599 | ;; Interpret '%%ifdef' directives found in the '.desktop' file. | |
600 | (let loop ((state 'top)) | |
601 | (match (read-line input 'concat) | |
602 | ((? eof-object?) | |
603 | #t) | |
604 | ((? string? line) | |
605 | (cond ((string-prefix? "%%ifdef" line) | |
606 | (loop 'ifdef)) | |
607 | ((string-prefix? "%%else" line) | |
608 | (loop 'else)) | |
609 | ((string-prefix? "%%endif" line) | |
610 | (loop 'top)) | |
611 | (else | |
612 | (case state | |
613 | ((top else) | |
614 | (display line output) | |
615 | (loop state)) | |
616 | (else | |
617 | (loop state))))))))) | |
618 | ||
619 | (let* ((out (assoc-ref outputs "out")) | |
620 | (applications (string-append out "/share/applications"))) | |
621 | (call-with-input-file "debian/icecat.desktop.in" | |
622 | (lambda (input) | |
623 | (call-with-output-file "debian/icecat.desktop" | |
624 | (lambda (output) | |
625 | (swallow-%%-directives input output))))) | |
626 | ||
627 | (substitute* "debian/icecat.desktop" | |
628 | (("@MOZ_DISPLAY_NAME@") | |
629 | "GNU IceCat") | |
630 | (("^Exec=@MOZ_APP_NAME@") | |
631 | (string-append "Exec=" out "/bin/icecat")) | |
632 | (("@MOZ_APP_NAME@") | |
633 | "icecat")) | |
634 | (install-file "debian/icecat.desktop" applications) | |
88a8ce87 AG |
635 | #t))) |
636 | (add-after 'install-desktop-entry 'install-icons | |
637 | (lambda* (#:key outputs #:allow-other-keys) | |
638 | (let ((out (assoc-ref outputs "out"))) | |
639 | (with-directory-excursion "browser/branding/official" | |
640 | (for-each | |
641 | (lambda (file) | |
642 | (let* ((size (string-filter char-numeric? file)) | |
643 | (icons (string-append out "/share/icons/hicolor/" | |
644 | size "x" size "/apps"))) | |
645 | (mkdir-p icons) | |
646 | (copy-file file (string-append icons "/icecat.png")))) | |
647 | '("default16.png" "default22.png" "default24.png" | |
648 | "default32.png" "default48.png" "content/icon64.png" | |
649 | "mozicon128.png" "default256.png"))))))))) | |
be0f6112 AE |
650 | (home-page "http://www.gnu.org/software/gnuzilla/") |
651 | (synopsis "Entirely free browser derived from Mozilla Firefox") | |
652 | (description | |
653 | "IceCat is the GNU version of the Firefox browser. It is entirely free | |
c5779c93 | 654 | software, which does not recommend non-free plugins and addons. It also |
79c311b8 | 655 | features built-in privacy-protecting features.") |
63e8bb12 | 656 | (license license:mpl2.0) ;and others, see toolkit/content/license.html |
99effc8f LC |
657 | (properties |
658 | `((ftp-directory . "/gnu/gnuzilla") | |
659 | (cpe-name . "firefox_esr") | |
bfb48f4f | 660 | (cpe-version . ,(first (string-split version #\-))))))) |