Merge #42729: firefox-61 and related updates (security)
(cherry picked from commit 8ad921dc94
)
Fast-forwarded to get to master sooner.
This commit is contained in:
parent
f8b0f68fd5
commit
2f4001f41a
File diff suppressed because it is too large
Load Diff
@ -1,13 +1,14 @@
|
||||
{ pname, version, updateScript ? null
|
||||
, src, patches ? [], extraConfigureFlags ? [], extraMakeFlags ? [], overrides ? {}, meta
|
||||
, src, patches ? [], extraConfigureFlags ? [], extraMakeFlags ? []
|
||||
, overrides ? {}, extraNativeBuildInputs ? [], meta
|
||||
, isTorBrowserLike ? false }:
|
||||
|
||||
{ lib, stdenv, pkgconfig, pango, perl, python, zip, libIDL
|
||||
{ lib, stdenv, pkgconfig, pango, perl, python2, zip, libIDL
|
||||
, libjpeg, zlib, dbus, dbus-glib, bzip2, xorg
|
||||
, freetype, fontconfig, file, nspr, nss, libnotify
|
||||
, yasm, libGLU_combined, sqlite, unzip, makeWrapper
|
||||
, hunspell, libevent, libstartup_notification, libvpx
|
||||
, cairo, icu, libpng, jemalloc
|
||||
, cairo, icu, libpng, jemalloc, glib
|
||||
, autoconf213, which, gnused, cargo, rustc, llvmPackages
|
||||
, debugBuild ? false
|
||||
|
||||
@ -80,22 +81,22 @@ stdenv.mkDerivation (rec {
|
||||
nspr libnotify xorg.pixman yasm libGLU_combined
|
||||
xorg.libXScrnSaver xorg.scrnsaverproto
|
||||
xorg.libXext xorg.xextproto sqlite unzip makeWrapper
|
||||
hunspell libevent libstartup_notification libvpx /* cairo */
|
||||
icu libpng jemalloc
|
||||
libevent libstartup_notification libvpx /* cairo */
|
||||
icu libpng jemalloc glib
|
||||
]
|
||||
++ lib.optionals (!isTorBrowserLike) [ nss ]
|
||||
|
||||
++ lib.optional (lib.versionOlder version "61") hunspell
|
||||
++ lib.optional alsaSupport alsaLib
|
||||
++ lib.optional pulseaudioSupport libpulseaudio # only headers are needed
|
||||
++ lib.optionals ffmpegSupport [ gstreamer gst-plugins-base ]
|
||||
++ lib.optional gtk3Support gtk3
|
||||
++ lib.optional gssSupport kerberos;
|
||||
|
||||
NIX_CFLAGS_COMPILE = "-I${nspr.dev}/include/nspr -I${nss.dev}/include/nss";
|
||||
NIX_CFLAGS_COMPILE = "-I${nspr.dev}/include/nspr -I${nss.dev}/include/nss -I${glib.dev}/include/gio-unix-2.0";
|
||||
|
||||
nativeBuildInputs =
|
||||
[ autoconf213 which gnused pkgconfig perl python cargo rustc ]
|
||||
++ lib.optional gtk3Support wrapGAppsHook;
|
||||
[ autoconf213 which gnused pkgconfig perl python2 cargo rustc ]
|
||||
++ lib.optional gtk3Support wrapGAppsHook ++ extraNativeBuildInputs;
|
||||
|
||||
preConfigure = ''
|
||||
# remove distributed configuration files
|
||||
@ -113,7 +114,7 @@ stdenv.mkDerivation (rec {
|
||||
cxxLib=$( echo -n ${gcc}/include/c++/* )
|
||||
archLib=$cxxLib/$( ${gcc}/bin/gcc -dumpmachine )
|
||||
|
||||
test -f layout/style/ServoBindings.toml && sed -i -e '/"-DMOZ_STYLO"/ a , "-cxx-isystem", "'$cxxLib'", "-isystem", "'$archLib'"' layout/style/ServoBindings.toml
|
||||
test -f layout/style/ServoBindings.toml && sed -i -e '/"-DRUST_BINDGEN"/ a , "-cxx-isystem", "'$cxxLib'", "-isystem", "'$archLib'"' layout/style/ServoBindings.toml
|
||||
'' + lib.optionalString googleAPISupport ''
|
||||
# Google API key used by Chromium and Firefox.
|
||||
# Note: These are for NixOS/nixpkgs use ONLY. For your own distribution,
|
||||
@ -134,7 +135,6 @@ stdenv.mkDerivation (rec {
|
||||
"--with-system-png" # needs APNG support
|
||||
"--with-system-icu"
|
||||
"--enable-system-ffi"
|
||||
"--enable-system-hunspell"
|
||||
"--enable-system-pixman"
|
||||
"--enable-system-sqlite"
|
||||
#"--enable-system-cairo"
|
||||
@ -148,6 +148,7 @@ stdenv.mkDerivation (rec {
|
||||
"--disable-gconf"
|
||||
"--enable-default-toolkit=cairo-gtk${if gtk3Support then "3" else "2"}"
|
||||
]
|
||||
++ lib.optional (lib.versionOlder version "61") "--enable-system-hunspell"
|
||||
++ lib.optionals (lib.versionAtLeast version "56" && !stdenv.hostPlatform.isi686) [
|
||||
# on i686-linux: --with-libclang-path is not available in this configuration
|
||||
"--with-libclang-path=${llvmPackages.libclang}/lib"
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ lib, callPackage, stdenv, overrideCC, gcc5, fetchurl, fetchFromGitHub, fetchpatch }:
|
||||
{ lib, callPackage, stdenv, overrideCC, gcc5, fetchurl, fetchFromGitHub, fetchpatch, python3 }:
|
||||
|
||||
let
|
||||
|
||||
@ -6,10 +6,6 @@ let
|
||||
|
||||
nixpkgsPatches = [
|
||||
./env_var_for_system_dir.patch
|
||||
|
||||
# this one is actually an omnipresent bug
|
||||
# https://bugzilla.mozilla.org/show_bug.cgi?id=1444519
|
||||
./fix-pa-context-connect-retval.patch
|
||||
];
|
||||
|
||||
firefox60_aarch64_skia_patch = fetchpatch {
|
||||
@ -24,15 +20,17 @@ rec {
|
||||
|
||||
firefox = common rec {
|
||||
pname = "firefox";
|
||||
version = "60.0.2";
|
||||
version = "61.0";
|
||||
src = fetchurl {
|
||||
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
|
||||
sha512 = "2my4v8al3swwbiqcp3a5y89imly6apc2p9q0cbkhbiz0sqylc0l02jh0qp95migmik56m4prwqdi81kgqs7cw5r2np3mm6sc1b45mkg";
|
||||
sha512 = "0ww2j5gxr7h142lfi0xvckvd7vmnha72j8c0wyyqmmp1rr341f10vfd0hvawiagik4ih6dz8h5pmkl67zdnwqc3z75vwnci20ajlg2s";
|
||||
};
|
||||
|
||||
patches = nixpkgsPatches ++ [
|
||||
./no-buildconfig.patch
|
||||
] ++ lib.optional stdenv.isAarch64 firefox60_aarch64_skia_patch;
|
||||
];
|
||||
|
||||
extraNativeBuildInputs = [ python3 ];
|
||||
|
||||
meta = {
|
||||
description = "A web browser built from Firefox source tree";
|
||||
@ -47,13 +45,17 @@ rec {
|
||||
|
||||
firefox-esr-52 = common rec {
|
||||
pname = "firefox-esr";
|
||||
version = "52.8.1esr";
|
||||
version = "52.9.0esr";
|
||||
src = fetchurl {
|
||||
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
|
||||
sha512 = "a4883550fdf62e66b10f1de7416d3614a2cb0ce3a004d9a79ecc37a726794d7bbdb0a6767faab4ea97278d2192462597551fc13b7e9a9c38d043c2879d51095a";
|
||||
sha512 = "bfca42668ca78a12a9fb56368f4aae5334b1f7a71966fbba4c32b9c5e6597aac79a6e340ac3966779d2d5563eb47c054ab33cc40bfb7306172138ccbd3adb2b9";
|
||||
};
|
||||
|
||||
patches = nixpkgsPatches;
|
||||
patches = nixpkgsPatches ++ [
|
||||
# this one is actually an omnipresent bug
|
||||
# https://bugzilla.mozilla.org/show_bug.cgi?id=1444519
|
||||
./fix-pa-context-connect-retval.patch
|
||||
];
|
||||
|
||||
meta = firefox.meta // {
|
||||
description = "A web browser built from Firefox Extended Support Release source tree";
|
||||
@ -66,14 +68,18 @@ rec {
|
||||
|
||||
firefox-esr-60 = common rec {
|
||||
pname = "firefox-esr";
|
||||
version = "60.0.2esr";
|
||||
version = "60.1.0esr";
|
||||
src = fetchurl {
|
||||
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
|
||||
sha512 = "0vbilh4iwqfzkj598zbgkmwbkxh4bia8gn7p9x6xd7yvhb6708p4dfkkbg61hdh3bddyaxx1zd0wi8qxfxbrx19mc6k9dpc6xz52iy1";
|
||||
sha512 = "2bg7zvkpy1x2ryiazvk4nn5m94v0addbhrcrlcf9djnqjf14rp5q50lbiymhxxz0988vgpicsvizifb8gb3hi7b8g17rdw6438ddhh6";
|
||||
};
|
||||
|
||||
patches = nixpkgsPatches ++ [
|
||||
./no-buildconfig.patch
|
||||
|
||||
# this one is actually an omnipresent bug
|
||||
# https://bugzilla.mozilla.org/show_bug.cgi?id=1444519
|
||||
./fix-pa-context-connect-retval.patch
|
||||
] ++ lib.optional stdenv.isAarch64 firefox60_aarch64_skia_patch;
|
||||
|
||||
meta = firefox.meta // {
|
||||
|
@ -8,11 +8,11 @@ let
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
name = "nss-${version}";
|
||||
version = "3.36.4";
|
||||
version = "3.38";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://mozilla/security/nss/releases/NSS_3_36_4_RTM/src/${name}.tar.gz";
|
||||
sha256 = "0si4g5bnhzkxy2f7rnaw86jfdzni5gvc7svxcf7ms8n97nrrdpik";
|
||||
url = "mirror://mozilla/security/nss/releases/NSS_3_38_RTM/src/${name}.tar.gz";
|
||||
sha256 = "0qigcy3d169cf67jzv3rbai0m6dn34vp8h2z696mz4yn10y3sr1c";
|
||||
};
|
||||
|
||||
buildInputs = [ perl zlib sqlite ]
|
||||
|
Loading…
Reference in New Issue
Block a user