X-Git-Url: https://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/341a36b32cf3525061ee6f96f8cbbcbe7a64848a..b07384b5647057a67cd46109bd0272a195165855:/gnu/packages/gnuzilla.scm diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index cca0edbbf3..62b4390eab 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -1,13 +1,15 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2015 Andreas Enge -;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès -;;; Copyright © 2014, 2015, 2016, 2017, 2018 Mark H Weaver +;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Mark H Weaver ;;; Copyright © 2015 Sou Bunnbu -;;; Copyright © 2016, 2017 Efraim Flashner +;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner ;;; Copyright © 2016 Alex Griffin ;;; Copyright © 2017 Clément Lassieur -;;; Copyright © 2017 Nils Gillmann +;;; Copyright © 2017 ng0 ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice +;;; Copyright © 2018 Ricardo Wurmus +;;; Copyright © 2019 Ivan Petkov ;;; ;;; This file is part of GNU Guix. ;;; @@ -31,10 +33,19 @@ #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix download) + #:use-module (guix git-download) + #:use-module (guix hg-download) + #:use-module (guix gexp) + #:use-module (guix store) + #:use-module (guix monads) #:use-module (guix utils) #:use-module (guix build-system gnu) + #:use-module (guix build-system cargo) + #:use-module (gnu packages admin) + #:use-module (gnu packages audio) #:use-module (gnu packages autotools) #:use-module (gnu packages base) + #:use-module (gnu packages bash) #:use-module (gnu packages databases) #:use-module (gnu packages glib) #:use-module (gnu packages gtk) @@ -53,13 +64,21 @@ #:use-module (gnu packages libffi) #:use-module (gnu packages pulseaudio) #:use-module (gnu packages python) + #:use-module (gnu packages python-xyz) + #:use-module (gnu packages node) #:use-module (gnu packages xorg) #:use-module (gnu packages gl) #:use-module (gnu packages assembly) + #:use-module (gnu packages rust) + #:use-module (gnu packages rust-apps) + #:use-module (gnu packages llvm) + #:use-module (gnu packages nss) #:use-module (gnu packages icu4c) #:use-module (gnu packages video) + #:use-module (gnu packages xiph) #:use-module (gnu packages xdisorg) - #:use-module (gnu packages readline)) + #:use-module (gnu packages readline) + #:use-module (gnu packages sqlite)) (define-public mozjs (package @@ -174,7 +193,7 @@ in C/C++.") (source (origin (method url-fetch) (uri (string-append - "https://people.mozilla.org/~sstangl/" + "https://anduin.linuxfromscratch.org/BLFS/mozjs/" name "-" version ".tar.bz2")) (sha256 (base32 @@ -252,294 +271,457 @@ in C/C++.") ("icu4c" ,icu4c) ("zlib" ,zlib))))) -(define-public nspr - (package - (name "nspr") - (version "4.19") - (source (origin - (method url-fetch) - (uri (string-append - "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v" - version "/src/nspr-" version ".tar.gz")) - (sha256 - (base32 - "0agpv3f17h8kmzi0ifibaaxc1k3xc0q61wqw3l6r2xr2z8bmkn9f")))) - (build-system gnu-build-system) - (native-inputs - `(("perl" ,perl))) - (arguments - `(#:tests? #f ; no check target - #:configure-flags (list "--enable-64bit" - (string-append "LDFLAGS=-Wl,-rpath=" - (assoc-ref %outputs "out") - "/lib")) - ;; Use fixed timestamps for reproducibility. - #:make-flags '("SH_DATE='1970-01-01 00:00:01'" - ;; This is epoch 1 in microseconds. - "SH_NOW=100000") - #:phases (modify-phases %standard-phases - (add-before 'configure 'chdir - (lambda _ (chdir "nspr") #t))))) - (home-page - "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR") - (synopsis "Netscape API for system level and libc-like functions") - (description "Netscape Portable Runtime (@dfn{NSPR}) provides a -platform-neutral API for system level and libc-like functions. It is used -in the Mozilla clients.") - (license license:mpl2.0))) - -(define-public nss +(define-public mozjs-52 + ;; No releases yet at . + ;; While we could take a snapshot of the complete mozilla-esr52 repository at + ;; , + ;; we take the Debian version instead, because it is easier to work with. + (let ((commit "6507e63cc416fd7a3269e390efe712f8b56f374a") + (revision "1")) + (package (inherit mozjs-38) + (version (git-version "52.0" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://salsa.debian.org/gnome-team/mozjs52.git") + (commit commit))) + (file-name (git-file-name "mozjs" version)) + (sha256 + (base32 + "1ny0s53r8wn4byys87h784xrq1xg767akmfm6gqrbvrz57mlm3q2")))) + (arguments + `(#:tests? #f ; depends on repository metadata + #:configure-flags + '("--enable-ctypes" + "--enable-optimize" + "--enable-pie" + "--enable-readline" + "--enable-shared-js" + "--enable-system-ffi" + "--with-system-icu" + "--with-system-nspr" + "--with-system-zlib" + + ;; Intl API requires bundled ICU. + "--without-intl-api" + + ;; Without this gnome-shell will crash at runtime. + "--disable-jemalloc") + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'patch-and-chdir + (lambda* (#:key inputs #:allow-other-keys) + ;; This patch prevents a segfault when executing JS_Init(). + ;; The build does not fail without this patch, but the + ;; configure phase of the gjs package would fail. + ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1176787 + (make-file-writable "js/src/old-configure.in") + (make-file-writable "js/src/old-configure") + (make-file-writable "mozglue/build/moz.build") + (invoke "patch" "-p1" "--force" + "--input" "debian/patches/disable-mozglue.patch") + (invoke "touch" "js/src/configure") + (chdir "js/src") + #t)) + (replace 'configure + (lambda* (#:key inputs outputs configure-flags #:allow-other-keys) + ;; The configure script does not accept environment variables + ;; as arguments. + (let ((out (assoc-ref outputs "out"))) + (setenv "SHELL" (which "sh")) + (setenv "CONFIG_SHELL" (which "sh")) + (setenv "AUTOCONF" (string-append (assoc-ref inputs "autoconf") + "/bin/autoconf")) + (apply invoke "./configure" + (cons (string-append "--prefix=" out) + configure-flags)))))))) + (native-inputs + `(("autoconf" ,autoconf-2.13) + ("automake" ,automake) + ,@(package-native-inputs mozjs-38)))))) + +(define-public mozjs-60 + ;; No releases yet at . + ;; While we could take a snapshot of the complete mozilla-esr60 repository at + ;; , + ;; we take the Debian version instead, because it is easier to work with. (package - (name "nss") - (version "3.36.1") + (inherit mozjs-38) + (version "60.2.3-2") (source (origin - (method url-fetch) - (uri (let ((version-with-underscores - (string-join (string-split version #\.) "_"))) - (string-append - "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" - "releases/NSS_" version-with-underscores "_RTM/src/" - "nss-" version ".tar.gz"))) + (method git-fetch) + (uri (git-reference + (url "https://salsa.debian.org/gnome-team/mozjs60.git") + (commit (string-append "debian/" version)))) + (file-name (git-file-name "mozjs" version)) (sha256 (base32 - "1zrb49mp7cy3snnday1zv8d76h1mgppbcwxnlkqsgxlga8fl89b0")) - ;; Create nss.pc and nss-config. - (patches (search-patches "nss-pkgconfig.patch" - "nss-increase-test-timeout.patch")))) - (build-system gnu-build-system) - (outputs '("out" "bin")) + "091w050rwzrdcbgyi934k2viyccmlqxrp13sm2mql71mabb5dai6")))) (arguments - `(#:parallel-build? #f ; not supported - #:make-flags - (let* ((out (assoc-ref %outputs "out")) - (nspr (string-append (assoc-ref %build-inputs "nspr"))) - (rpath (string-append "-Wl,-rpath=" out "/lib/nss"))) - (list "-C" "nss" (string-append "PREFIX=" out) - "NSDISTMODE=copy" - "NSS_USE_SYSTEM_SQLITE=1" - (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr") - ;; Add $out/lib/nss to RPATH. - (string-append "RPATH=" rpath) - (string-append "LDFLAGS=" rpath))) - #:modules ((guix build gnu-build-system) - (guix build utils) - (ice-9 ftw) - (ice-9 match) - (srfi srfi-26)) + `(#:tests? #f ; FIXME: all tests pass, but then the check phase fails anyway. + #:test-target "check-jstests" + #:configure-flags + '("--enable-ctypes" + "--enable-optimize" + "--enable-pie" + "--enable-readline" + "--enable-shared-js" + "--enable-system-ffi" + "--with-system-nspr" + "--with-system-zlib" + "--with-system-icu" + "--with-intl-api" + ;; This is important because without it gjs will segfault during the + ;; configure phase. With jemalloc only the standalone mozjs console + ;; will work. + "--disable-jemalloc") #:phases (modify-phases %standard-phases (replace 'configure + (lambda* (#:key inputs outputs configure-flags #:allow-other-keys) + ;; The configure script does not accept environment variables as + ;; arguments. It also must be run from a different directory, + ;; but not the root directory either. + (let ((out (assoc-ref outputs "out"))) + (mkdir "run-configure-from-here") + (chdir "run-configure-from-here") + (setenv "SHELL" (which "sh")) + (setenv "CONFIG_SHELL" (which "sh")) + (setenv "AUTOCONF" (string-append (assoc-ref inputs "autoconf") + "/bin/autoconf")) + (apply invoke "../js/src/configure" + (cons (string-append "--prefix=" out) + configure-flags)) + #t))) + (add-after 'unpack 'disable-broken-tests (lambda _ - (setenv "CC" "gcc") - ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system. - ,@(match (%current-system) - ((or "x86_64-linux" "aarch64-linux") - `((setenv "USE_64" "1"))) - (_ - '())) - #t)) - (replace 'check - (lambda _ - ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. - ;; The later requires a working DNS or /etc/hosts. - (setenv "DOMSUF" "(none)") - (setenv "USE_IP" "TRUE") - (setenv "IP_ADDRESS" "127.0.0.1") - (invoke "./nss/tests/all.sh"))) - (replace 'install - (lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (bin (string-append (assoc-ref outputs "bin") "/bin")) - (inc (string-append out "/include/nss")) - (lib (string-append out "/lib/nss")) - (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>)) - ((obj) (string-append "dist/" obj))))) - ;; Install nss-config to $out/bin. - (install-file (string-append obj "/bin/nss-config") - (string-append out "/bin")) - (delete-file (string-append obj "/bin/nss-config")) - ;; Install nss.pc to $out/lib/pkgconfig. - (install-file (string-append obj "/lib/pkgconfig/nss.pc") - (string-append out "/lib/pkgconfig")) - (delete-file (string-append obj "/lib/pkgconfig/nss.pc")) - (rmdir (string-append obj "/lib/pkgconfig")) - ;; Install other files. - (copy-recursively "dist/public/nss" inc) - (copy-recursively (string-append obj "/bin") bin) - (copy-recursively (string-append obj "/lib") lib) - - ;; FIXME: libgtest1.so is installed in the above step, and it's - ;; (unnecessarily) linked with several NSS libraries, but - ;; without the needed rpaths, causing the 'validate-runpath' - ;; phase to fail. Here we simply delete libgtest1.so, since it - ;; seems to be used only during the tests. - (delete-file (string-append lib "/libgtest1.so")) - (delete-file (string-append lib "/libgtestutil.so")) - - #t)))))) - (inputs - `(("sqlite" ,sqlite) - ("zlib" ,zlib))) - (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc. - (native-inputs `(("perl" ,perl))) + ;; This test assumes that /bin exists and contains certain + ;; executables. + (delete-file "js/src/tests/shell/os.js") + #t))))) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("which" ,which) + ("perl" ,perl) + ("pkg-config" ,pkg-config) + ("python" ,python-2))))) - ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when - ;; another build is happening concurrently on the same machine. - (properties '((timeout . 216000))) ; 60 hours +(define mozilla-compare-locales + (origin + (method hg-fetch) + (uri (hg-reference + (url "https://hg.mozilla.org/l10n/compare-locales/") + (changeset "RELEASE_3_3_0"))) + (file-name "mozilla-compare-locales") + (sha256 (base32 "0biazbq7vbi99b99rfn4szwyx032dkpi09c9z4zs6f1br0f86iy1")))) - (home-page - "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS") - (synopsis "Network Security Services") - (description - "Network Security Services (@dfn{NSS}) is a set of libraries designed to -support cross-platform development of security-enabled client and server -applications. Applications built with NSS can support SSL v2 and v3, TLS, -PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other -security standards.") - (license license:mpl2.0))) +(define (mozilla-locale locale changeset hash-string) + (origin + (method hg-fetch) + (uri (hg-reference + (url (string-append "https://hg.mozilla.org/l10n-central/" + locale)) + (changeset changeset))) + (file-name (string-append "mozilla-locale-" locale)) + (sha256 (base32 hash-string)))) + +(define-syntax-rule (mozilla-locales (hash-string changeset locale) ...) + (list (mozilla-locale locale changeset hash-string) + ...)) + +(define all-mozilla-locales + (mozilla-locales + ;; sha256 changeset locale + ;;--------------------------------------------------------------------------- + ("0pybx6j2ycbrr1xmv0spv19sd8a1dyzcs8kf6pzn71w8y6kiagcf" "35959cf2343c" "ach") + ("0dixmkha738w7fkx20nx95xkfyrqb9vczpy6m03qnqfvb76xaxj5" "e8dc1010f909" "af") + ("124j09va25gwfxdzyfixrli0skxv53c7niagjyp7g3a3kcv2lbhc" "4c67f6b96a7b" "an") + ("0flgqll3xx0ym0zj0w9j2jw3fmhs6h9m4l5da6m0bpnk5ff80r06" "34cbea5f44a5" "ar") + ("0kdb1yqfbfz508f4p77z3p1v6fwy190vs5ipj58hgdixjgbxkqay" "b4790b27633c" "ast") + ("1vm5xw6wg12pygswd3p0qpkaxyryah6nif5n15chb4sb42c1gqcm" "96d341bf49d4" "az") + ("1j2qrrws51qij6haz5b77n5vzqhsxgs1ppqqw4mdrkacwvz4ciwh" "4adaede00646" "be") + ("0ydr8f9lbd51prgcbjb5yacb461j8va0s5bqfs0rnglkvhmk6ard" "d1140972aefe" "bg") + ("0wyw90zjp8kpd1gljng00in9wr2cf59ww6z002lgx5k4gibnqcfd" "2b3ce92c2310" "bn") + ("0kkq621h1qdmimyrmms9g5p70m54z2ddw4cd962nqbkrnmabq9vn" "426896350893" "br") + ("0vibhnb3cbpbgf10db04g6vm372kb9i27p0jkwif019f7qprswd8" "7463f339ce07" "bs") + ("1l8cn2fqfvx7bswzfy9vavv8cd32ha9ygdxxdbxi64wcgw0f80bf" "dab3f05125e4" "ca") + ("0fik17y8zyg9w82lq501ic73a53c0q9r8v4zgn9bnzgsygig8qpq" "ebb9d989275a" "cak") + ("0sj29v6144h39wzb4rvxph3cwgvs4gzkgpr0463d3fcs6jdi0kjs" "522352780348" "cs") + ("1nz8jlx62l69jcdi59hlk8jysm15sh3d1cxqginjmx7w351wsidm" "0791b954c333" "cy") + ("1vc01q1vlq26xm1vm1x0119jawxxp975p9k8ashmiwncl1bvqb48" "121f5f876f4c" "da") + ("1iqny61rg57banfbbskc2y3pr6d35fabnxmynv7vxm9jd86pndz3" "95fb3e99a2bc" "de") + ("06v9j8acx5h8za7m65v6qm0wjbkx6vm46m8sigcp69phyg3fjc96" "90e681b74587" "dsb") + ("0lbk90x2dxdbh63fycqxspx6jqq2zlzys6grg45balw8yyvzqrkz" "58ba4c13fd42" "el") + ("0c2ypvy0z8g78s5158v6h9khckq1xps34r5wbiiciix289m43dgl" "8953d8c98a30" "en-CA") + ("0z3riz3w2z6p710p90ridmwwam4snnz5mn90gd4jc1h2n7vc9mr0" "5a2b9bca3f52" "en-GB") + ("102gn3h4ap8c3x1p7vfc88vapkfiz6264y6byhxy1axxjk3x3a77" "e87cb1c61d6e" "eo") + ("148wj6wsx0aq7cpaxk8njj7cb1wfjr2m96dgxq6b3qcv781ldvjn" "5db15fdf95d5" "es-AR") + ("0r11d8vzvbyz17n371byvkrnszcv1zhr7rg64i58xra3y6d7is7n" "ce2ee0e51a92" "es-CL") + ("1xmqa8p7lpqvkgg879hfnmf6kxcpawjk8z31cdzfp1hrdlmxg8n7" "7346617620f3" "es-ES") + ("0jxv3jh2018lnybr9mzqrffvwmr87yab9bh8lxqjj294fxw1hrxm" "687f05eb0c58" "es-MX") + ("1rpgv7pajv4xldsn1xxsia5j72vn3x8zl5wmbzkyw56lvn9fckvf" "839a5029c496" "et") + ("0hxp4fr3y05rkpamdb1hlmybn6d3bv3rcawjm3axbpqxbyfdpfzc" "54e8d87230c9" "eu") + ("1y50knymnmcihw8bhvahicc386mjm6dx4hx0j6fv8sl23wzx2h9m" "c5ffca960f9c" "fa") + ("0pj9zgi0c3yl3myhvb5afiijayp2lqzhlk630ahxn5hgjgkz0lx7" "75c000a8538d" "ff") + ("199jg0zv7wp1cq0ik2hf84j99jx5vq2jwac0gaayvjzkh2z83jqr" "f11b2e689e7b" "fi") + ("1vxkiwwni7470ywy99arxxa56ljkhjrhxslsp1l1l61g6gdbbspr" "49ec4f791806" "fr") + ("0d8gwdcj0jpjv03nhjds8jrg86pg371xpylaibwri76wlyl7m54i" "faa761a5cfdc" "fy-NL") + ("0nipbxx11a2sjadzhbi88vgknw5hzr4nqy2722q3kc1212jbi754" "5bd9466f9f9d" "ga-IE") + ("0bay8mrm65cvmnvqpwqgzr0h3cb18ifzg5kbsbxcvdfm9xv0zi9g" "a4f6a47e82dd" "gd") + ("00kn5w3nnpw1pxg6hhrn9asf9hgpjd6ia4038iwzcqs68w887qcy" "6c2aa01ada4e" "gl") + ("0jj13i0ach85c975vaz2rr83mibs29ipssa7qsjkb0y2ch6xya1k" "c2d607e36cb5" "gn") + ("1nhqbgzilcb0pr7941dxkhg079bf8v7ldikp1s5xli34wf9sabm2" "f34465d6ac1c" "gu-IN") + ("11bh0541d996cfin1zy72l66753q94i4idgv2waf0h40h9g3z1bm" "c2ecb2762274" "he") + ("1lslji7hh5lx5ig1xgfjh4cdindsgh3n2a7qlvzwz96gda43lvv4" "94d2bb10ee03" "hi-IN") + ("1nx5yw00l25i3m3grdm29mi9mi7h0cy5qx02pypir754pk3hiwcc" "08df0d94edd5" "hr") + ("19yc9dk2pwqycynmx58d1ik6x4mnyfxscgr6sg676dpl613xd7nq" "21b614e77025" "hsb") + ("0l3z64jlx6b6ivk1b5hwqyx9hm1m5721ywnb2m4zmg3g9fw4vn7f" "f82cad7170af" "hu") + ("1sn0dxbbf2zwcpybwcw77qb4p0hf6fxapnsnn4avaab5g55dlgz4" "d94c30920396" "hy-AM") + ("0c92cqxrhv4317kirmhpjk7mrq44yn6fp3v6syxnhz7xwxnhshjm" "6a5f176b0626" "ia") + ("03gyg9gqsd6pwb9nydglhm46fi2wk2p2qygmhmrf8hnav3ba7n0r" "94e4302e0f85" "id") + ("0ky8aaps92mn56rvkwn0i13wg8av8hzi1fvr0ahqhjcpj5sfgdwq" "eca348a59888" "is") + ("01py0sfg7nljcsgpivryrvai4p4wzbcvhgc2ymr19r579nv1vw7g" "d541a6197359" "it") + ("0iv7vmj43njmi7g1gjzsv68ax4j502d2wnkvbfz1rx11lrqs7yw1" "a5ab3a1d95b7" "ja") + ("1sr9ccshcw6agbj4hbnpblxixb1jz0m36glas6f9ahxmi7m605si" "63763ffa5a94" "ja-JP-mac") + ("1as33pzcsdkynrj16dv7w642vl6plbhk650am4l5djwm64f2rgms" "aa83e8555ddc" "ka") + ("1jwaqb5qps3i5y9iw8l2hrwa0n8lfnx1k9x0p54y3jkh6p3q3fzc" "0e0e25c26247" "kab") + ("0cjfiwv0q5i8d7fpwb4m2w5ahq687dqjlwlicgpa443yi2zsxr4s" "33117723ceb1" "kk") + ("0k5b56cv39aaxf9r0p9c27f3fp6yq2ffd4w6qmd0ibpl69sm629d" "aff7b2a7825e" "km") + ("1a0zg96jgq4zn9cz0h2qwc0vv1fbkfzs5qrgabg62wqgz286jvvv" "ea91638cb1dd" "kn") + ("0jhmv2n3yx55r6fg3myg7j1c1nhsv25g016m6lh2j023xbr723gp" "88821009b5b3" "ko") + ("06bybgv4m4i7r9p0qld65j31vbrnljhsdj649dl93msv2r69ilif" "88685d5f07b3" "lij") + ("1bzjf8smw6ngi88j5g3fawrg54m8fifbhshwjbgkpj7rnrpjgh4w" "e046c7ffa7d0" "lt") + ("18dmzmpavijb7fwzffas0j5nb6byqp8h6ki7hhf6qb35diqgfq6n" "c520ef4f576c" "lv") + ("055zf7xj5h1h8mzxj1cjzhngpcvg2p5vs2dmffsa5zfprj02d0dm" "9e43723f18ad" "mk") + ("1496fbyyzcl075gzcd3xy50h9jyhnzgb544k1scji56yhyfajacb" "ce615fef92c1" "mr") + ("1wc1q8ksry181pvnysqsq4dhhsg5adw5vgqafmmq5sf6i2bwn2z0" "4fefe88cfaee" "ms") + ("0awf6mrdwdhy2yvxynssvp1zg1nc2fqbmg2d2bhjcib69zx944xw" "3987a06866fd" "my") + ("1hycvz7i4jd40hfs5abx6sgfdkafg0jhdgqih9b7lb08aqcl35pj" "2b3b8997d9a1" "nb-NO") + ("048z1ib46izwryyy8l1x71kq4775n7l2ilbskhsyrbxqryma13k8" "f25324281615" "ne-NP") + ("1qkxqpyr4la9bn1bqsgc2h9869arglh9n2kwpkq6722jzdbynkz2" "04c7d32c57f6" "nl") + ("08gnmdll55dbqj7qs63gq1kljbvg24nzns6q4m0av3sszsic0jv5" "5587520e5019" "nn-NO") + ("1yh2p4ipj5p2b7gh0xxj0n7ndvwn5bw2773ibrh7vz932mkzhhjn" "499386b02695" "oc") + ("0kjbnixjzv9hvyba4ll20gs76vx84pviy134fvpjp9lfjpnpib55" "31c01c325675" "pa-IN") + ("0g61imvr4639bbydyi0kwc1il7l1gzlfij4ywx7hdcmq2x6vgb9v" "fb5f3b8dea09" "pl") + ("13n68d7z94d7943m6fwl4kizbqm3wp82xz69vng4w9vyqlvv7d41" "9a541cbdc748" "pt-BR") + ("1j8afvrl1afmj2zixrp91rrhag5w4xw90raca1ic6mxyih9kvdi4" "edc959a685c2" "pt-PT") + ("0wf4a6q9nvcmam2g8ksbymjdnrz59pdr5nirfpjprfhifjmxx4nn" "d2699db715cd" "rm") + ("1k9qalir5pbh490w1mxyq31yhy9hbxsyrrk11hwlwlgn6syp9nvp" "b5460a9017bc" "ro") + ("1avy6wyfa5lbvy36wai6mwhhh6x1y8a0jyjk8hvjn52yfxj1gypk" "59ffa8ad047a" "ru") + ("1cakhm4jxcw1ij0l1vhxw74hsp5wg68i3319dkdncyyc5a2s1qv9" "8b3c8a7ebdfa" "si") + ("0s534r09bqdfvw3q17y9b1035kzzlafjv656v73mqhyz3fkffsx5" "cb39dc77980e" "sk") + ("1s58vgmnb9aiaiaqwwcivq3iyzpzj527w2aqh2nrh6xmaw7f43sr" "17d7969b1d9a" "sl") + ("147qm7x5z8rkf24jpqvkdlqg0fjz1l3zwnaxvkh9y2jpzv7m0x7z" "c55b0e9ff99d" "son") + ("0nn4r1rxi8cy7x9nmn5ljd8gcsn2rjl2ma2j7waxkafkm4rs6n20" "2bb3808072da" "sq") + ("0jsb01b94z7qbm59yaj56nb7yx7a6hpgw8v6nzwhbvmnmcsird4p" "c323c0d02d61" "sr") + ("1n7vv9y4sk3gig56rgfd2jk8jr2160grxk31bd1wkm7fvbndd259" "4220ce487cbc" "sv-SE") + ("06270mq7gajxfrsb8gqd25v2dac68ask5vvlh6kkkp3hrgy02vid" "6a1dbc2fe1d3" "ta") + ("10az7pd3npa7n8wq0qywvsj2qrx9592i2wffs3rnc1fviv1i1q0y" "028505b5ecd1" "te") + ("0yj0c3iyibb3jyypvyiyhbr9asxa48v0nq21kcf9gphi8fnyp5if" "e44d38b6a67b" "th") + ("1qc4nvhw834lx7p304fxma0fjdr4xfj4lf69dhh6biqz795lx45p" "1e0771d95708" "tr") + ("1g4y2yq5xp61ncy7c08j7fqqr1jc0m1hjxmbg5659wzif3b3dkg4" "e3c96943e98f" "uk") + ("1zbi28z1c3p5il7ndixyjsv4nrimzq36zjvlmq10am38ycqr9df8" "f35da1b02691" "ur") + ("1jrxjjj8k771y0wljqbadxdj4pasg0771jmg4l3hvpgs929i3j9g" "6fd2084b3efe" "uz") + ("1f8sqgxzgqmw6vzjv3f49lg43q09i3j62f471864vr71815agl8n" "33b5dfd0cd63" "vi") + ("0ssnsbxw3q5k88fa081gkn1mbqn4j7bm6vb7yvz6h44j214xkz9x" "2d87c0740715" "xh") + ("0kd3mrvvgczhsmw4rvpxxxc71bb469ayr8r4azf7gc0y5nmlm950" "a2b6625688d3" "zh-CN") + ("0qy1asyfplkyc89z3g3gfm7b32aka92350b3ayv9d9dcgwxmfdwz" "4d6e959a13d1" "zh-TW"))) (define (mozilla-patch file-name changeset hash) - "Return an origin for CHANGESET from the mozilla-esr52 repository." + "Return an origin for CHANGESET from the mozilla-esr60 repository." (origin (method url-fetch) - (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr52/raw-rev/" + (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr60/raw-rev/" changeset)) (sha256 (base32 hash)) (file-name file-name))) +(define* (computed-origin-method gexp-promise hash-algo hash + #:optional (name "source") + #:key (system (%current-system)) + (guile (default-guile))) + "Return a derivation that executes the G-expression that results +from forcing GEXP-PROMISE." + (mlet %store-monad ((guile (package->derivation guile system))) + (gexp->derivation (or name "computed-origin") + (force gexp-promise) + #:graft? #f ;nothing to graft + #:system system + #:guile-for-build guile))) + +(define %icecat-version "68.4.1-guix0-preview1") +(define %icecat-build-id "20200108000000") ;must be of the form YYYYMMDDhhmmss + +;; 'icecat-source' is a "computed" origin that generates an IceCat tarball +;; from the corresponding upstream Firefox ESR tarball, using the 'makeicecat' +;; script from the upstream IceCat project. +(define icecat-source + (let* ((base-version (first (string-split %icecat-version #\-))) + + (major-version (first (string-split base-version #\.))) + (minor-version (second (string-split base-version #\.))) + (sub-version (third (string-split base-version #\.))) + + (upstream-firefox-version (string-append base-version "esr")) + (upstream-firefox-source + (origin + (method url-fetch) + (uri (string-append + "https://ftp.mozilla.org/pub/firefox/releases/" + upstream-firefox-version "/source/" + "firefox-" upstream-firefox-version ".source.tar.xz")) + (sha256 + (base32 + "0q7kv70w1d33m12hkzyay6nkgvz9qczrl6hqx0n1c6grs097f2m0")))) + + (upstream-icecat-base-version "68.4.1") ; maybe older than base-version + ;;(gnuzilla-commit (string-append "v" upstream-icecat-base-version)) + (gnuzilla-commit "2d1b1bc45fdae5a99c4e8ea25593ebb9c8d7bfdf") + (gnuzilla-source + (origin + (method git-fetch) + (uri (git-reference + (url "git://git.savannah.gnu.org/gnuzilla.git") + (commit gnuzilla-commit))) + (file-name (git-file-name "gnuzilla" + ;;upstream-icecat-base-version + (string-take gnuzilla-commit 8))) + (sha256 + (base32 + "0hc9sx3yb71xvr9s1p0z5fx8jfqpssb8wz0h2nzhy2nyp9bb2jzl")))) + + (makeicecat-patch + (local-file (search-patch "icecat-makeicecat.patch")))) + + (origin + (method computed-origin-method) + (file-name (string-append "icecat-" %icecat-version ".tar.xz")) + (sha256 #f) + (uri + (delay + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (let ((firefox-dir + (string-append "firefox-" #$base-version)) + (icecat-dir + (string-append "icecat-" #$%icecat-version))) + + (mkdir "/tmp/bin") + (set-path-environment-variable + "PATH" '("bin") + (list "/tmp" + #+(canonical-package bash) + #+(canonical-package coreutils) + #+(canonical-package findutils) + #+(canonical-package patch) + #+(canonical-package xz) + #+(canonical-package sed) + #+(canonical-package grep) + #+(canonical-package bzip2) + #+(canonical-package gzip) + #+(canonical-package tar) + #+rename)) + + (symlink #+(file-append rename "/bin/rename") + "/tmp/bin/prename") + + ;; We copy the gnuzilla source directory because it is + ;; read-only in 'gnuzilla-source', and the makeicecat script + ;; uses "cp -a" to copy parts of it and assumes that the + ;; copies will be writable. + (copy-recursively #+gnuzilla-source "/tmp/gnuzilla" + #:log (%make-void-port "w")) + + (with-directory-excursion "/tmp/gnuzilla" + (make-file-writable "makeicecat") + (invoke "patch" "--force" "--no-backup-if-mismatch" + "-p1" "--input" #+makeicecat-patch) + (patch-shebang "makeicecat") + (substitute* "makeicecat" + (("^FFMAJOR=(.*)" all ffmajor) + (unless (string=? #$major-version + (string-trim-both ffmajor)) + ;; The makeicecat script cannot be expected to work + ;; properly on a different version of Firefox, even if + ;; no errors occur during execution. + (error "makeicecat major version mismatch")) + (string-append "FFMAJOR=" #$major-version "\n")) + (("^FFMINOR=.*") + (string-append "FFMINOR=" #$minor-version "\n")) + (("^FFSUB=.*") + (string-append "FFSUB=" #$sub-version "\n")) + (("^DATA=.*") + "DATA=/tmp/gnuzilla/data\n") + (("/bin/sed") + #+(file-append (canonical-package sed) "/bin/sed")))) + + (format #t "Unpacking upstream firefox tarball...~%") + (force-output) + (invoke "tar" "xf" #+upstream-firefox-source) + (rename-file firefox-dir icecat-dir) + + (with-directory-excursion icecat-dir + (format #t "Populating l10n directory...~%") + (force-output) + (mkdir "l10n") + (with-directory-excursion "l10n" + (for-each + (lambda (locale-dir) + (let ((locale + (string-drop (basename locale-dir) + (+ 32 ; length of hash + (string-length "-mozilla-locale-"))))) + (format #t " ~a~%" locale) + (force-output) + (copy-recursively locale-dir locale + #:log (%make-void-port "w")) + (for-each make-file-writable (find-files locale)) + (with-directory-excursion locale + (when (file-exists? ".hgtags") + (delete-file ".hgtags")) + (mkdir-p "browser/chrome/browser/preferences") + (call-with-output-file + "browser/chrome/browser/preferences/advanced-scripts.dtd" + (lambda (port) #f))))) + '#+all-mozilla-locales) + (copy-recursively #+mozilla-compare-locales + "compare-locales" + #:log (%make-void-port "w")) + (delete-file "compare-locales/.gitignore") + (delete-file "compare-locales/.hgignore") + (delete-file "compare-locales/.hgtags")) + + (format #t "Running makeicecat script...~%") + (force-output) + (invoke "bash" "/tmp/gnuzilla/makeicecat")) + + (format #t "Packing IceCat source tarball...~%") + (force-output) + (invoke "tar" "cfa" #$output + ;; Avoid non-determinism in the archive. We set the + ;; mtime of files in the archive to early 1980 because + ;; the build process fails if the mtime of source + ;; files is pre-1980, due to the creation of zip + ;; archives. + "--mtime=@315619200" ; 1980-01-02 UTC + "--owner=root:0" + "--group=root:0" + "--sort=name" + icecat-dir) + + #t)))))))) + (define-public icecat (package (name "icecat") - (version "52.6.0-gnu1") - (source - (origin - (method url-fetch) - (uri (string-append "mirror://gnu/gnuzilla/" - (first (string-split version #\-)) - "/" name "-" version ".tar.bz2")) - (sha256 - (base32 - "09fn54glqg1aa93hnz5zdcy07cps09dbni2b4200azh6nang630a")) - (patches - (list - (search-patch "icecat-avoid-bundled-libraries.patch") - (search-patch "icecat-use-system-harfbuzz.patch") - (search-patch "icecat-use-system-graphite2.patch") - (mozilla-patch "icecat-bug-546387.patch" "d13e3fefb76e" "1b760r0bg2ydbl585wlmajljh1nlisrwxvjws5b28a3sgjy01i6k") - (mozilla-patch "icecat-bug-1350152.patch" "f822bda79c28" "1wf56169ca874shr6r7qx40s17h2gwj7ngmpyylrpmd1c6hipvsj") - (mozilla-patch "icecat-bug-1411708.patch" "34c968767eb7" "0l2jy201ikj3m3h66mvlsj4y0ki7cpm7x7nnfygbwnfxg42s1sip") - (mozilla-patch "icecat-bug-1375217.patch" "00fc630c9a46" "17pcprp452nslk6sac6sili0p74zh8w3g0v1wsdn0ikm9xmnphhv") - (mozilla-patch "icecat-CVE-2018-5145.patch" "f0ec180993d2" "0jiazxcwki83wr00fyh2g518ynsd33p7nk65zk4d1682gn22lc8v") - (mozilla-patch "icecat-CVE-2018-5130.patch" "a6a9e26688c1" "0cvizvilb4k422j2gzqcbakznvsffmk6n6xn1ayj5rgxfaizkkqk") - (mozilla-patch "icecat-CVE-2018-5125-pt1.patch" "198ad052621e" "1721zx8hifdlflrhvw6hmkdgjbvsmxl9n84iji5qywhlp2krdk9r") - (mozilla-patch "icecat-bug-1426087.patch" "391ea77ebfdb" "1fhkvd0z6mvdkj7m0d3jlj42rsdw5r4x122c1wb1i428228ifw6n") - (mozilla-patch "icecat-bug-1416307.patch" "54f2f7f93b30" "1ncjir16mqya37wgf6fy2rqki3vl433c4grjr3fypmlig6xfgg1l") - (mozilla-patch "icecat-CVE-2018-5127.patch" "2c4d7a59041b" "178c6gid89cvw52yqs43i6x6s5w0hslj0rfa2r8b4762ij3civ92") - (mozilla-patch "icecat-CVE-2018-5125-pt2.patch" "f87ef3774d5e" "0payf3az2w93nzl5qknqx290jbxk8v39rwhdgq7wyd5f245dywxk") - (mozilla-patch "icecat-CVE-2018-5125-pt3.patch" "ac743923f81d" "0msyr45xr1j5q4x6ah4r907pwjngyi0k6pp9y8ixk21cnwbzrdwx") - (mozilla-patch "icecat-CVE-2018-5129.patch" "456913d7e8b5" "0fx0s06kxxj7g4hllinaskgh41z3k48zml6yqqzxx485qk3hdh9x") - (mozilla-patch "icecat-bug-1334465-pt1.patch" "f95c5b881442" "0iaddhf65jd9cycj4bw0b207n2jiqkr4q84jifzyqn4ygs75wdqd") - (mozilla-patch "icecat-bug-1334465-pt2.patch" "8a4265c8fb41" "1d9zfdbrlw9wzr84b7pj7lxgy487lsx0kfd89287hjk0al8m6vrw") - (mozilla-patch "icecat-bug-1398021.patch" "28855df568d8" "1kmq836gniplxpjnvq8lhbcc1aqi56al628r1mzdy94b5yb0lis3") - (mozilla-patch "icecat-bug-1388020.patch" "e8ab2736499b" "0n28vcd65rxsyq3z22rfcfksryfndhm1i3g6ah3akg11jnagqf5v") - (mozilla-patch "icecat-CVE-2018-5125-pt4.patch" "014877bf17ea" "0hk90pnf7h7kvidji6ydvva1zpyraipn03pjhvprdqr7k2fqzmsz") - (mozilla-patch "icecat-CVE-2018-5125-pt5.patch" "5b3a5de48912" "1ifya05rcd34ryp9zawdacihhkkf2m0xn2q8m8c6v78bvxj0mgig") - (mozilla-patch "icecat-CVE-2018-5144.patch" "1df9b4404acd" "1sd59vsarfsbh3vlrzrqv6n1ni7vxdzm83j6s6g0fygl1h8kwijg") - (mozilla-patch "icecat-bug-1430173-pt1.patch" "9124c3972e2b" "13ns5yy39yzfx7lrkv4rgwdz6s6q0z4i09wkbxdvnkfsz17cd17i") - (mozilla-patch "icecat-bug-1430173-pt2.patch" "9f6dc031be51" "0bv2p98z5ahp3x9wxnhwxn87g21djvzzp7jy55ik90hqixsbhwdl") - (mozilla-patch "icecat-CVE-2018-5131.patch" "3102fbb97b32" "0kg0183v92gxjb9255xjwhxyd6gl77l9c0civx3040k975fybwlp") - (mozilla-patch "icecat-CVE-2018-5125-pt6.patch" "4904c0f4a645" "0lsq62ynksy1fbw0m87f1d741fyvrrp1vrznx5hx0l2p4g4frhv3") - (mozilla-patch "icecat-CVE-2018-5125-pt7.patch" "16b8073d5c30" "1dv94qqah1wjd3bxjvrkmjbb2f95d3d11zpm8mggdk52il575bwl") - (mozilla-patch "icecat-bug-1442127-pt1.patch" "f931f85b09da" "02s380w8a73g4w2wm810lbigh4z4rrlfy10ywwhv4lpkbk8xg7pr") - (mozilla-patch "icecat-bug-1442127-pt2.patch" "da5792b70f30" "116k9qja5ir9b3laazasp43f5jx59qq72nknmq5bn5v1ixya9r4l") - (mozilla-patch "icecat-CVE-2018-5125-pt8.patch" "62b831df8269" "109pn0hqn7s27580glv4z7qv1pmjzii9szvf3wkn97k5wybrzgkx") - (mozilla-patch "icecat-bug-1442504.patch" "8954ce68a364" "0bl65zw82bwqg0mmcri94pxqq6ibff7y5rclkzapb081p6yvf73q") - (mozilla-patch "icecat-CVE-2018-5125-pt9.patch" "8a16f439117c" "108iarql6z7h1r4rlzac6n6lrzs78x7kcdbfa0b5dbr5xc66jmgb") - (mozilla-patch "icecat-bug-1426603.patch" "ca0b92ecedee" "0dc3mdl4a3hrq4j384zjavf3splj6blv4masign710hk7svlgbhq") - (mozilla-patch "icecat-CVE-2018-5146.patch" "494e5d5278ba" "1yb4lxjw499ppwhk31vz0vzl0cfqvj9d4jwqag7ayj53ybwsqgjr") - (mozilla-patch "icecat-CVE-2018-5147.patch" "5cd5586a2f48" "10s774pwvj6xfk3kk6ivnhp2acc8x9sqq6na8z47nkhgwl2712i5") - (mozilla-patch "icecat-CVE-2018-5148.patch" "c3e447e07077" "0gmwy631f8ip4gr1mpbjk8bx1n1748wdls5zq4y8hpmpnq5g1wyx") - (mozilla-patch "icecat-CVE-2018-5178.patch" "17201199b18d" "1d0hcim1fwh0bklwpmnal1mv9d9kmyif1m15aj1nqkf1n3x4xc37") - (mozilla-patch "icecat-bug-1361699.patch" "a07d6c3ff262" "1z8mjg2487r8pxi0x951v6fwwr696q84f6hlzimc3r7bn5ds9r83") - (mozilla-patch "icecat-CVE-2018-5150-pt01.patch" "7127ccf8f88c" "0m4my7aflpp0wlqilr2m4axd7k2fyrs7jqdcz2rrz5pwivz1anvd") - (mozilla-patch "icecat-bug-1444231.patch" "57bd35fa8618" "0pl6x5amc5x6nhwl7qnmnff3jjjxmbs8r365bfzj58g7q5ihqwvf") - (mozilla-patch "icecat-CVE-2018-5150-pt02.patch" "2f3e1ccf1661" "0azl8g81kpc0w2xpjpgm1154ll12g0a8n6i7bl3s9nnrk2i26n74") - (mozilla-patch "icecat-CVE-2018-5159.patch" "8ff2c4d68e36" "0kz1rqhnz8ca4z20hnpcafidhsrwhnm0h2gmlgchni33h8pisr1f") - (mozilla-patch "icecat-CVE-2018-5154.patch" "b8c430253efd" "1arjcaps9axhxh5ff84n9bydhhzrihn7hbq7v69nvqwqrjp3lgg9") - (mozilla-patch "icecat-CVE-2018-5155.patch" "05cadfa3ac39" "0q0vh7vy7x0l8jp6376fn10qljfp4mnp4m9zfn90j4m19pfl86a0") - (mozilla-patch "icecat-CVE-2018-5168.patch" "48a678d7cb81" "1yfh7kxxxvqck2hpn98pwag4splyc6c9brc5haq28fp8x9r9qvlk") - (mozilla-patch "icecat-CVE-2018-5150-pt03.patch" "112032576872" "1x1hxyggbxlnlj0n9cbp03hjnfvm6cq8nqj0jizrd8cfyd5aig8p") - (mozilla-patch "icecat-CVE-2018-5150-pt04.patch" "ad9a885b0df4" "1hrk1q9mk59jww55g4lqmaflznk87x3vvjn2mxfgfbbjs8l1cyz4") - (mozilla-patch "icecat-bug-1452416.patch" "f89ab96a2532" "1dqchxdyznhgyxhfq0hm0vg1p597hjqflfzigc7j3s5vxf9rg2nv") - (mozilla-patch "icecat-CVE-2018-5150-pt05.patch" "af885a1bd293" "1wfpqhm2dp4fsx6zbrncngsqz7g2x09b625zcighixrbpvybyww3") - (mozilla-patch "icecat-CVE-2018-5150-pt06.patch" "666fc84ec72d" "0lml2wqd4yqidhi364x8r90f78397k2y0kq5z5bv8l8j4bhcnb9v") - (search-patch "icecat-CVE-2018-5157-and-CVE-2018-5158.patch") - (mozilla-patch "icecat-CVE-2018-5150-pt07.patch" "1ab40761a856" "1kgwypy7k5b33jwkni4025za4kcnv5m6klsx4wsswlixmljmkbc7") - (mozilla-patch "icecat-bug-1453339.patch" "0edb8dca7087" "0b30pipqryh311sc97rcmwnx9n8qdlbbz90b2hkybjnprmbhfxrm") - (mozilla-patch "icecat-CVE-2018-5150-pt08.patch" "134c728799c1" "16hbwx6fx1hrddsyjjbd3z954ql3pg348xs13h9riyblq8crzmam") - (mozilla-patch "icecat-CVE-2018-5150-pt09.patch" "14eab155eaa8" "0wr4xgblxzk4c2gvlnpl7ic1196mrhry1hgwdl1jivq0ji5cbvbd") - (mozilla-patch "icecat-bug-1452619.patch" "2b75d55ccf0e" "1g87aybw6ggv6hyk385bplv0lx63n020gwyq0d6d4pqld48hsm1i") - (mozilla-patch "icecat-bug-1453127.patch" "89857f35df29" "0gzi47svrw5ajdlm3i12193psm702zx70x5h1rwp4gb7gxh4m4d9") - (mozilla-patch "icecat-CVE-2018-5150-pt10.patch" "3f2ec03c0405" "0w02952dlxd2gmwghck2nm4rjjmc5ylg62bw6m1rvi35kcr134lr") - (mozilla-patch "icecat-CVE-2018-5183.patch" "f729bf78fb3a" "0xkj6jwxwdqkvb5c7wi16b8cm8qrnlrd3s9jnd46jg03iykrx56f") - (mozilla-patch "icecat-bug-1437842.patch" "eb896089db47" "10lppk4x2d3pim71a36ky1dmg08rs5ckfiljwvfnr1cw6934qxl4") - (mozilla-patch "icecat-bug-1458270.patch" "2374dca97bde" "0y1g55wvj44nzb1qfkl271jcf8s1ik8lcl1785z0zim4qzn7qkpa") - (mozilla-patch "icecat-bug-1452576.patch" "70b6298e0c9e" "0n5jfy6c421dkybk8m18vd61y95zz0r64g1p1zlya3fps5knfaqi") - (mozilla-patch "icecat-bug-1459206-pt1.patch" "4ef79fe9b3b7" "1c32z1ki1i6xj1nbb0xlxwqnmz48ikmy8dmp37rkjz8ssn04wgfg") - (mozilla-patch "icecat-bug-1459206-pt2.patch" "9ad16112044a" "0ayya67sx7avcb8bplfdxb92l9g4mjrb1s3hby283llhqv0ikg9b") - (mozilla-patch "icecat-bug-1459162.patch" "11d8a87fb6d6" "1rkmdk18llw0x1jakix75hlhy0hpsmlminnflagbzrzjli81gwm1") - (mozilla-patch "icecat-bug-1451297.patch" "407b10ad1273" "16qzsfirw045xag96f1qvpdlibm8lwdj9l1mlli4n1vz0db91v9q") - (mozilla-patch "icecat-bug-1462682.patch" "e76e2e481b17" "0hnx13msjy28n3bpa2c24kpzalam4bdk5gnp0f9k671l48rs9yb3"))) - (modules '((guix build utils))) - (snippet - '(begin - (use-modules (ice-9 ftw)) - ;; Remove bundled libraries that we don't use, since they may - ;; contain unpatched security flaws, they waste disk space and - ;; network bandwidth, and may cause confusion. - (for-each delete-file-recursively - '(;; FIXME: Removing the bundled icu breaks configure. - ;; * The bundled icu headers are used in some places. - ;; * The version number is taken from the bundled copy. - ;;"intl/icu" - ;; - ;; FIXME: A script from the bundled nspr is used. - ;;"nsprpub" - ;; - ;; TODO: Use system media libraries. Waiting for: - ;; - ;; * libogg - ;; * libtheora - ;; * libvorbis - ;; * libtremor (not yet in guix) - ;; * libopus - ;; * speex - ;; * soundtouch (not yet in guix) - ;; - "modules/freetype2" - "modules/zlib" - "modules/libbz2" - "ipc/chromium/src/third_party/libevent" - "media/libjpeg" - "media/libvpx" - "security/nss" - "gfx/cairo" - "gfx/harfbuzz" - "gfx/graphite2" - "js/src/ctypes/libffi" - "db/sqlite3")) - ;; Delete .pyc files, typically present in icecat source tarballs - (for-each delete-file (find-files "." "\\.pyc$")) - ;; Delete obj-* directories, sometimes present in icecat tarballs - (for-each delete-file-recursively - (scandir "." (lambda (name) - (string-prefix? "obj-" name)))) - #t)))) + (version %icecat-version) + (source icecat-source) (build-system gnu-build-system) (inputs `(("alsa-lib" ,alsa-lib) ("bzip2" ,bzip2) - ("cairo" ,cairo) ("cups" ,cups) ("dbus-glib" ,dbus-glib) ("gdk-pixbuf" ,gdk-pixbuf) @@ -550,36 +732,62 @@ security standards.") ("pango" ,pango) ("freetype" ,freetype) ("harfbuzz" ,harfbuzz) - ("hunspell" ,hunspell) ("libcanberra" ,libcanberra) ("libgnome" ,libgnome) ("libjpeg-turbo" ,libjpeg-turbo) + ("libogg" ,libogg) + ;; ("libtheora" ,libtheora) ; wants theora-1.2, not yet released + ("libvorbis" ,libvorbis) ("libxft" ,libxft) - ("libevent" ,libevent-2.0) + ("libevent" ,libevent) ("libxinerama" ,libxinerama) ("libxscrnsaver" ,libxscrnsaver) ("libxcomposite" ,libxcomposite) ("libxt" ,libxt) ("libffi" ,libffi) - ("ffmpeg" ,ffmpeg-3.4) - ("libvpx" ,libvpx) + ("ffmpeg" ,ffmpeg) + ("libvpx" ,libvpx-1.7) ("icu4c" ,icu4c) ("pixman" ,pixman) ("pulseaudio" ,pulseaudio) ("mesa" ,mesa) ("mit-krb5" ,mit-krb5) - ("nspr" ,nspr) - ("nss" ,nss) + ;; See + ;; and related comments in the 'remove-bundled-libraries' phase. + ;; UNBUNDLE-ME! ("nspr" ,nspr) + ;; UNBUNDLE-ME! ("nss" ,nss) ("sqlite" ,sqlite) ("startup-notification" ,startup-notification) ("unzip" ,unzip) ("zip" ,zip) ("zlib" ,zlib))) (native-inputs - `(("perl" ,perl) - ("python" ,python-2) ; Python 3 not supported + ;; The following patches are specific to the Guix packaging of IceCat, + ;; and therefore we prefer to leave them out of 'source', which should be + ;; a tarball suitable for compilation on any system that IceCat supports. + ;; (Bug fixes and security fixes, however, should go in 'source'). + `(;; XXX TODO: Adapt these patches to IceCat 68. + ;; ("icecat-avoid-bundled-libraries.patch" + ;; ,(search-patch "icecat-avoid-bundled-libraries.patch")) + ;; ("icecat-use-system-graphite2+harfbuzz.patch" + ;; ,(search-patch "icecat-use-system-graphite2+harfbuzz.patch")) + ;; ("icecat-use-system-media-libs.patch" + ;; ,(search-patch "icecat-use-system-media-libs.patch")) + + ("patch" ,(canonical-package patch)) + + ("rust" ,rust) + ("cargo" ,rust "cargo") + ("rust-cbindgen" ,rust-cbindgen) + ("llvm" ,llvm) + ("clang" ,clang) + ("perl" ,perl) + ("node" ,node) + ("python" ,python) + ("python-2" ,python-2) ("python2-pysqlite" ,python2-pysqlite) ("yasm" ,yasm) + ("nasm" ,nasm) ; XXX FIXME: only needed on x86_64 and i686 ("pkg-config" ,pkg-config) ("autoconf" ,autoconf-2.13) ("which" ,which))) @@ -593,27 +801,42 @@ security standards.") ;; practice somehow. See . #:validate-runpath? #f - #:configure-flags '("--enable-default-toolkit=cairo-gtk3" + #:configure-flags `("--enable-default-toolkit=cairo-gtk3" "--with-distribution-id=org.gnu" - "--enable-gio" + ;; Do not require addons in the global app + ;; directory to be signed by Mozilla. + "--with-unsigned-addon-scopes=app" + "--enable-startup-notification" "--enable-pulseaudio" "--disable-tests" "--disable-updater" "--disable-crashreporter" - "--disable-maintenance-service" "--disable-eme" "--disable-gconf" - "--disable-gnomeui" ;; Building with debugging symbols takes ~5GiB, so ;; disable it. "--disable-debug" "--disable-debug-symbols" + ;; Clang is needed to build Stylo, Mozilla's new + ;; CSS engine. We must specify the clang paths + ;; manually, because otherwise the Mozilla build + ;; system looks in the directories returned by + ;; llvm-config --bindir and llvm-config --libdir, + ;; which return paths in the llvm package where + ;; clang is not found. + ,(string-append "--with-clang-path=" + (assoc-ref %build-inputs "clang") + "/bin/clang") + ,(string-append "--with-libclang-path=" + (assoc-ref %build-inputs "clang") + "/lib") + ;; Hack to work around missing ;; "unofficial" branding in icecat. "--enable-official-branding" @@ -622,18 +845,24 @@ security standards.") "--with-system-zlib" "--with-system-bz2" "--with-system-jpeg" ; must be libjpeg-turbo - "--with-system-libevent" - "--with-system-libvpx" + ;; UNBUNDLE-ME! "--with-system-libevent" + ;; UNBUNDLE-ME! "--with-system-ogg" + ;; UNBUNDLE-ME! "--with-system-vorbis" + ;; UNBUNDLE-ME! "--with-system-theora" ; wants theora-1.2, not yet released + ;; UNBUNDLE-ME! "--with-system-libvpx" "--with-system-icu" - "--with-system-nspr" - "--with-system-nss" - "--with-system-harfbuzz" - "--with-system-graphite2" + + ;; See + ;; and related comments in the + ;; 'remove-bundled-libraries' phase below. + ;; UNBUNDLE-ME! "--with-system-nspr" + ;; UNBUNDLE-ME! "--with-system-nss" + + ;; UNBUNDLE-ME! "--with-system-harfbuzz" + ;; UNBUNDLE-ME! "--with-system-graphite2" "--enable-system-pixman" - "--enable-system-cairo" "--enable-system-ffi" - "--enable-system-hunspell" - "--enable-system-sqlite" + ;; UNBUNDLE-ME! "--enable-system-sqlite" ;; Fails with "--with-system-png won't work because ;; the system's libpng doesn't have APNG support". @@ -646,103 +875,184 @@ security standards.") ;; "--with-system-png" ) + #:imported-modules ,%cargo-utils-modules ;for `generate-all-checksums' + #:modules ((ice-9 ftw) (ice-9 rdelim) (ice-9 match) + (srfi srfi-34) + (srfi srfi-35) ,@%gnu-build-system-modules) #:phases (modify-phases %standard-phases - (add-after - 'unpack 'ensure-no-mtimes-pre-1980 - (lambda _ - ;; Without this, the 'source/test/addons/packed.xpi' and - ;; 'source/test/addons/simple-prefs.xpi' targets fail while trying - ;; to create zip archives. - (let ((early-1980 315619200)) ; 1980-01-02 UTC - (ftw "." (lambda (file stat flag) - (unless (<= early-1980 (stat:mtime stat)) - (utime file early-1980 early-1980)) - #t)) - #t))) - (add-after - 'unpack 'link-libxul-with-libraries - (lambda _ - ;; libxul.so dynamically opens libraries, so here we explicitly - ;; link them into libxul.so instead. - ;; - ;; TODO: It might be preferable to patch in absolute file names in - ;; calls to dlopen or PR_LoadLibrary, but that didn't seem to - ;; work. More investigation is needed. - (substitute* "toolkit/library/moz.build" - (("^# This library needs to be last" all) - (string-append "OS_LIBS += [ + (add-after 'unpack 'apply-guix-specific-patches + (lambda* (#:key inputs native-inputs #:allow-other-keys) + (let ((patch (string-append (assoc-ref (or native-inputs inputs) + "patch") + "/bin/patch"))) + (for-each (match-lambda + ((label . file) + (when (and (string-prefix? "icecat-" label) + (string-suffix? ".patch" label)) + (format #t "applying '~a'...~%" file) + (invoke patch "--force" "--no-backup-if-mismatch" + "-p1" "--input" file)))) + (or native-inputs inputs))) + #t)) + (add-after 'apply-guix-specific-patches 'remove-bundled-libraries + (lambda _ + ;; Remove bundled libraries that we don't use, since they may + ;; contain unpatched security flaws, they waste disk space and + ;; memory, and may cause confusion. + (for-each (lambda (file) + (format #t "deleting '~a'...~%" file) + (delete-file-recursively file)) + '(;; FIXME: Removing the bundled icu breaks configure. + ;; * The bundled icu headers are used in some places. + ;; * The version number is taken from the bundled copy. + ;;"intl/icu" + ;; + ;; FIXME: A script from the bundled nspr is used. + ;;"nsprpub" + ;; + ;; FIXME: With the update to IceCat 60, using system NSS + ;; broke certificate validation. See + ;; . For now, we use + ;; the bundled NSPR and NSS. TODO: Investigate, + ;; and try to unbundle these libraries again. + ;; UNBUNDLE-ME! "security/nss" + ;; + ;; TODO: Use more system media libraries. See: + ;; + ;; * libtheora: esr60 wants v1.2, not yet released. + ;; * soundtouch: avoiding the bundled library would + ;; result in some loss of functionality. There's + ;; also an issue with exception handling + ;; configuration. It seems that this is needed in + ;; some moz.build: + ;; DEFINES['ST_NO_EXCEPTION_HANDLING'] = 1 + ;; * libopus + ;; * speex + ;; + "modules/freetype2" + "modules/zlib" + ;; "media/libjpeg" ; needed for now, because media/libjpeg/moz.build is referenced from config/external/moz.build + ;; UNBUNDLE-ME! "ipc/chromium/src/third_party/libevent" + ;; UNBUNDLE-ME! "media/libvpx" + ;; UNBUNDLE-ME! "media/libogg" + ;; UNBUNDLE-ME! "media/libvorbis" + ;; UNBUNDLE-ME! "media/libtheora" ; wants theora-1.2, not yet released + ;; UNBUNDLE-ME! "media/libtremor" + ;; UNBUNDLE-ME! "gfx/harfbuzz" + ;; UNBUNDLE-ME! "gfx/graphite2" + "js/src/ctypes/libffi" + ;; UNBUNDLE-ME! "db/sqlite3" + )) + #t)) + (add-after 'remove-bundled-libraries 'link-libxul-with-libraries + (lambda _ + ;; libxul.so dynamically opens libraries, so here we explicitly + ;; link them into libxul.so instead. + ;; + ;; TODO: It might be preferable to patch in absolute file names in + ;; calls to dlopen or PR_LoadLibrary, but that didn't seem to + ;; work. More investigation is needed. + (substitute* "toolkit/library/moz.build" + (("^# This library needs to be last" all) + (string-append "OS_LIBS += [ 'GL', 'gnome-2', 'canberra', 'Xss', 'cups', 'gssapi_krb5', 'avcodec', 'avutil', 'pulse' ]\n\n" - all))) - #t)) - (replace - 'configure - ;; configure does not work followed by both "SHELL=..." and - ;; "CONFIG_SHELL=..."; set environment variables instead - (lambda* (#:key outputs configure-flags #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (bash (which "bash")) - (abs-srcdir (getcwd)) - (srcdir (string-append "../" (basename abs-srcdir))) - (flags `(,(string-append "--prefix=" out) - ,(string-append "--with-l10n-base=" - abs-srcdir "/l10n") - ,@configure-flags))) - (setenv "SHELL" bash) - (setenv "CONFIG_SHELL" bash) - (setenv "AUTOCONF" (which "autoconf")) ; must be autoconf-2.13 - (mkdir "../build") - (chdir "../build") - (format #t "build directory: ~s~%" (getcwd)) - (format #t "configure flags: ~s~%" flags) - (apply invoke bash - (string-append srcdir "/configure") - flags)))) + all))) + #t)) + (add-after 'link-libxul-with-libraries 'fix-ffmpeg-runtime-linker + (lambda* (#:key inputs #:allow-other-keys) + ;; Arrange to load libavcodec.so by its absolute file name. + (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp" + (("libavcodec\\.so") + (string-append (assoc-ref inputs "ffmpeg") "/lib/libavcodec.so"))) + #t)) + (replace 'bootstrap + (lambda _ + (invoke "sh" "-c" "autoconf old-configure.in > old-configure") + ;; 'configure' must be newer than 'old-configure.in', or else the + ;; build system will raise an alarm and abort. + (invoke "touch" "configure"))) + (add-after 'patch-source-shebangs 'patch-cargo-checksums + (lambda _ + (use-modules (guix build cargo-utils)) + (let ((null-hash "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")) + (substitute* '("Cargo.lock" "gfx/wr/Cargo.lock") + (("(\"checksum .* = )\".*\"" all name) + (string-append name "\"" null-hash "\""))) + (generate-all-checksums "third_party/rust")) + #t)) + (add-before 'configure 'augment-CPLUS_INCLUDE_PATH + (lambda* (#:key build inputs #:allow-other-keys) + ;; Here, we add additional entries to CPLUS_INCLUDE_PATH, to work + ;; around a problem that otherwise occurs when attempting to + ;; build Stylo, which requires Rust and Clang. Without these + ;; additional entries, errors occur during the build indicating + ;; that the and "c++config.h" headers cannot be found. + ;; Note that the 'build' keyword argument contains the GNU + ;; triplet, e.g. "x86_64-unknown-linux-gnu". + (let ((gcc (assoc-ref inputs "gcc"))) + (setenv "CPLUS_INCLUDE_PATH" + (string-append gcc "/include/c++" ":" + gcc "/include/c++/" build))) + #t)) + (replace 'configure + ;; configure does not work followed by both "SHELL=..." and + ;; "CONFIG_SHELL=..."; set environment variables instead + (lambda* (#:key outputs configure-flags #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bash (which "bash")) + (abs-srcdir (getcwd)) + (srcdir (string-append "../" (basename abs-srcdir))) + (flags `(,(string-append "--prefix=" out) + ,(string-append "--with-l10n-base=" + abs-srcdir "/l10n") + ,@configure-flags))) + (setenv "SHELL" bash) + (setenv "CONFIG_SHELL" bash) + (setenv "AUTOCONF" (which "autoconf")) ; must be autoconf-2.13 + (setenv "CC" "gcc") ; apparently needed when Stylo is enabled + (setenv "MOZ_BUILD_DATE" ,%icecat-build-id) ; avoid timestamp + (mkdir "../build") + (chdir "../build") + (format #t "build directory: ~s~%" (getcwd)) + (format #t "configure flags: ~s~%" flags) + (apply invoke bash + (string-append srcdir "/configure") + flags)))) + (replace 'build + ;; The build system often spuriously fails. See + ;; . To + ;; work around this, we try the standard 'build' phase up + ;; to 5 times. + (lambda args + (let ((build (assoc-ref %standard-phases 'build))) + (let retry ((remaining-attempts 5)) + (if (= remaining-attempts 1) + (apply build args) + (guard (c ((invoke-error? c) + (format #t "~%Retrying build! (~a attempts remaining)~%~%" + (- remaining-attempts 1)) + (force-output) + (retry (- remaining-attempts 1)))) + (apply build args))))))) (add-before 'configure 'install-desktop-entry (lambda* (#:key outputs #:allow-other-keys) ;; Install the '.desktop' file. - (define (swallow-%%-directives input output) - ;; Interpret '%%ifdef' directives found in the '.desktop' file. - (let loop ((state 'top)) - (match (read-line input 'concat) - ((? eof-object?) - #t) - ((? string? line) - (cond ((string-prefix? "%%ifdef" line) - (loop 'ifdef)) - ((string-prefix? "%%else" line) - (loop 'else)) - ((string-prefix? "%%endif" line) - (loop 'top)) - (else - (case state - ((top else) - (display line output) - (loop state)) - (else - (loop state))))))))) - - (let* ((out (assoc-ref outputs "out")) + (let* ((desktop-file "taskcluster/docker/icecat-snap/icecat.desktop") + (out (assoc-ref outputs "out")) (applications (string-append out "/share/applications"))) - (call-with-input-file "debian/icecat.desktop.in" - (lambda (input) - (call-with-output-file "debian/icecat.desktop" - (lambda (output) - (swallow-%%-directives input output))))) - - (substitute* "debian/icecat.desktop" - (("@MOZ_DISPLAY_NAME@") - "GNU IceCat") - (("^Exec=@MOZ_APP_NAME@") - (string-append "Exec=" out "/bin/icecat")) - (("@MOZ_APP_NAME@") - "icecat")) - (install-file "debian/icecat.desktop" applications) + (substitute* desktop-file + (("^Exec=icecat") (string-append "Exec=" out "/bin/icecat")) + (("IceCat") "GNU IceCat") + (("Icon=.*") "Icon=icecat\n") + (("NewWindow") "new-window") + (("NewPrivateWindow") "new-private-window")) + (install-file desktop-file applications) #t))) (add-after 'install-desktop-entry 'install-icons (lambda* (#:key outputs #:allow-other-keys) @@ -765,18 +1075,30 @@ security standards.") (let* ((out (assoc-ref outputs "out")) (lib (string-append out "/lib")) (gtk (assoc-ref inputs "gtk+")) - (gtk-share (string-append gtk "/share"))) + (gtk-share (string-append gtk "/share")) + (pulseaudio (assoc-ref inputs "pulseaudio")) + (pulseaudio-lib (string-append pulseaudio "/lib"))) (wrap-program (car (find-files lib "^icecat$")) - `("XDG_DATA_DIRS" ":" prefix (,gtk-share))) + `("XDG_DATA_DIRS" prefix (,gtk-share)) + `("LD_LIBRARY_PATH" prefix (,pulseaudio-lib))) #t)))))) (home-page "https://www.gnu.org/software/gnuzilla/") (synopsis "Entirely free browser derived from Mozilla Firefox") (description "IceCat is the GNU version of the Firefox browser. It is entirely free software, which does not recommend non-free plugins and addons. It also -features built-in privacy-protecting features.") +features built-in privacy-protecting features. + +WARNING: IceCat 68 has not yet been released by the upstream IceCat project. +This is a preview release, and does not currently meet the privacy-respecting +standards of the IceCat project.") (license license:mpl2.0) ;and others, see toolkit/content/license.html (properties `((ftp-directory . "/gnu/gnuzilla") (cpe-name . "firefox_esr") (cpe-version . ,(first (string-split version #\-))))))) + +(define-public conkeror + ;; The Conkeror web browser relied on XULRunner, which IceCat > 50 no longer + ;; provides. See for the original web page. + (deprecated-package "conkeror" icecat))