Commit Graph

197 Commits

Author SHA1 Message Date
Martin Weinelt
21879444fa webkitgtk: 2.36.2 -> 2.36.3
https://webkitgtk.org/2022/05/28/webkitgtk2.36.3-released.html
https://webkitgtk.org/security/WSA-2022-0005.html

Fixes: CVE-2022-26700, CVE-2022-26709, CVE-2022-26717, CVE-2022-26716,
       CVE-2022-26719, CVE-2022-30293, CVE-2022-30294
2022-06-01 18:47:28 +02:00
Jan Tojnar
158386e5a3 webkitgtk: re-enable WPE_RENDERER
Build with WPE renderer is no longer tested upstream
https://bugs.webkit.org/show_bug.cgi?id=238513#c10
and that configuration is extremely buggy since 2.36.0:
https://github.com/NixOS/nixpkgs/issues/169201

Previously it was disabled in c0d053ea0e.
2022-05-19 07:19:13 +02:00
Jan Tojnar
aefa8f6546 webkitgtk: 2.36.1 → 2.36.2
https://webkitgtk.org/2022/05/18/webkitgtk2.36.2-released.html
2022-05-19 07:19:13 +02:00
Jan Tojnar
7487afc36f webkitgtk: 2.36.0 → 2.36.1
https://webkitgtk.org/2022/04/21/webkitgtk2.36.1-released.html
2022-04-29 14:36:31 +02:00
Jan Tojnar
75eb096778 webkitgtk: 2.34.6 → 2.36.0
https://webkitgtk.org/2022/03/21/webkitgtk2.36.0-released.html
2022-04-08 22:27:32 +02:00
Adam Joseph
43f8a58df8 webkitgtk: honor systemdSupport
This commit exposes support for compilation without systemd,
controlled by the global systemdSupport argument.  This argument is
understood by many other nixpkgs expressions and can be set globally
in ~/.config/nixpkgs/config.nix.
2022-02-26 15:48:02 -08:00
zseri
bed1ee0548 webkitgtk: make it easier to disable avahi globally by fixing enableGeoLocation option
The problem with enableGeoLocation was that it didn't compose well with
.overrideAttrs and setting geoclue2=null at the overlay level
because of the assert statement.

Thus, when combined with disabling libsecret, the resulting override code was:
  avahi = null;
  geoclue2 = { outPath = throw "geoclue is disabled"; };
  webkitgtk = prev.lib.pipe prev.webkitgtk [
    (x: x.override { enableGeoLocation = false; geoclue2 = prev.geoclue2; })
    (x: x.overrideAttrs (old: { cmakeFlags = old.cmakeFlags ++ [ "-DUSE_LIBSECRET=OFF" ]; }))
    (x: x.override { enableGeoLocation = false; geoclue2 = null; libsecret = null; })
  ];

It works, but is unnecessarily complex.

: detailed motviation
libsecret and geoclue2 are actually completely independent,
the real conflict is between assert and override/overrideAttrs which
don't work as expected; e.g. you can pass an updated parameter, but the
original parameter at callPackage "calltime" after recusion through overlays
gets used, so when globally setting "geoclue2=null;" in an overlay,
the assert is always hit without any way to work around that
2022-02-23 23:38:05 +01:00
Martin Weinelt
cf6944227c
webkitgtk: 2.34.5 -> 2.34.6
https://webkitgtk.org/security/WSA-2022-0003.html

Fixes: CVE-2022-22620
2022-02-18 01:16:31 +01:00
R. Ryantm
641899248d webkitgtk: 2.34.4 -> 2.34.5
https://webkitgtk.org/2022/02/09/webkitgtk2.34.5-released.html
https://webkitgtk.org/security/WSA-2022-0002.html

Fixes: CVE-2022-22589, CVE-2022-22590, CVE-2022-22592
2022-02-09 15:11:44 +01:00
Martin Weinelt
a574ff9929
webkitgtk: 2.34.3 -> 2.34.4
https://webkitgtk.org/security/WSA-2022-0001.html
2022-01-22 00:16:04 +01:00
Philipp
f6cd576e45 webkitgtk: 2.34.2 -> 2.34.3 2021-12-22 02:22:03 +01:00
R. Ryantm
e3ebd4e356 webkitgtk: 2.34.1 -> 2.34.2 2021-12-22 02:21:21 +01:00
Kerstin Humm
bb799694db
epoxy: rename to libepoxy
https://github.com/NixOS/nixpkgs/issues/145040
2021-11-11 05:55:32 +01:00
Dmitry Kalinkin
c983d3e37e
webkitgtk: mark as broken on darwin 2021-11-08 16:17:56 -05:00
Jan Tojnar
17547192a4 webkitgtk: 2.34.0 → 2.34.1
https://webkitgtk.org/2021/10/21/webkitgtk2.34.1-released.html
2021-10-24 16:24:29 +02:00
Jan Tojnar
21b1744593 webkitgtk: 2.32.3 → 2.34.0
Changes:
- https://webkitgtk.org/2021/05/14/webkitgtk2.33.1-released.html
- https://webkitgtk.org/2021/06/08/webkitgtk2.33.2-released.html
- https://webkitgtk.org/2021/08/16/webkitgtk2.33.3-released.html
- https://webkitgtk.org/2021/09/02/webkitgtk2.33.90-released.html
- https://webkitgtk.org/2021/09/17/webkitgtk2.33.91-released.html
- https://webkitgtk.org/2021/09/22/webkitgtk2.34.0-released.html

Notably, libsoup3 is used by default. We revert that to reduce breakage
so programs using libsoup 3.x will need to override the argument.
2021-10-09 21:35:52 +02:00
ajs124
7e7a4021e8 webkitgtk: 2.32.3 -> 2.32.4
https://webkitgtk.org/security/WSA-2021-0005.html
2021-09-21 00:28:12 +02:00
Robert Hensing
fbafeb7ad5 treewide: runCommandNoCC -> runCommand
This has been synonymous for ~5y.
2021-08-15 17:36:41 +02:00
Angus Trau
44b130d392 webkitgtk: remove reference to private Apple SDK 2021-08-10 14:59:05 +09:00
sternenseemann
9f9a4c2aed webkitgtk: removed now merged patch on darwin 2021-08-07 12:39:50 +02:00
Philipp Bartsch
3bb38198e9 webkitgtk: 2.32.1 -> 2.32.3
Relevant security advisory:
https://webkitgtk.org/security/WSA-2021-0004.html

CVEs:
CVE-2021-1817,  CVE-2021-1820,  CVE-2021-1825,  CVE-2021-1826,
CVE-2021-21775, CVE-2021-21779, CVE-2021-21806, CVE-2021-30661,
CVE-2021-30663, CVE-2021-30665, CVE-2021-30666, CVE-2021-30682,
CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744,
CVE-2021-30749, CVE-2021-30758, CVE-2021-30761, CVE-2021-30762,
CVE-2021-30795, CVE-2021-30797, CVE-2021-30799
2021-07-23 20:57:02 +02:00
Dmitry Kalinkin
61e49ba58b
webkitgtk: fix on darwin 2021-05-23 01:26:33 -04:00
Vladimír Čunát
8a0c5da648
Merge #122333: webkitgtk: Fix bubblewrap opengl-driver path 2021-05-12 12:53:16 +02:00
Vladimír Čunát
a7833724fd
webkitgtk: 2.32.0 -> 2.32.1
https://webkitgtk.org/2021/05/10/webkitgtk2.32.1-released.html
In particular, we now needed to fix the build with icu-69.
2021-05-11 22:13:36 +02:00
talyz
5926b95fbe
webkitgtk: Fix bubblewrap opengl-driver path
If `/run/opengl-driver/lib` is in `LD_LIBRARY_PATH`, bwrap will try to
mount it into the already bind mounted `/run/opengl-driver`. To
prevent this, we instead specify the subpaths of `/run/opengl-driver`
we're interested in.

Also, use the correct path for i686 builds.
2021-05-10 13:05:48 +02:00
Jan Tojnar
702d3e2794
webkitgtk: Try to fix build on Darwin
- Libmanette and systemd features need to be disabled since they depend on systemd.
- FastMalloc for some reason does not include <malloc/malloc.h> so we added that.
- <CommonCrypto/CommonRandom.h> depends on a type from <CommonCrypto/CommonCryptor.h> but does not include it for some reason, resulting in the following error:

	In file included from ../Source/WTF/wtf/RandomDevice.cpp:44:
	/nix/store/wd30p2pq4lci8fk9fqldkgk1hgmwpapj-Libsystem-1238.60.2/include/CommonCrypto/CommonRandom.h:35:9: error: unknown type name 'CCCryptorStatus'
	typedef CCCryptorStatus CCRNGStatus;

- The GL-related flags were renamed and removed (in previous releases as well) so we switched to the new ones so that GL is still disabled.
- Unrelatedly, `with` statement at the top of the expression is abomination so we narrowed its scope to just meta.
2021-05-05 22:43:07 +02:00
Vladimír Čunát
b0dae10ba7
qt5.qtwebengine, webkitgtk: try harder to avoid timeouts
I hope this will improve the situation on aarch64-linux.
I don't think it could make anything worse.
Recent staging-next timeouts:
https://hydra.nixos.org/build/141551270
https://hydra.nixos.org/build/141547098

For now let's not touch meta.timeout, as there's less consensus and the
setting seems less reliable in practice, too.
2021-04-19 13:21:48 +02:00
Gabriel Ebner
dfefa8e328 webkitgtk: add mesa dependency 2021-04-09 18:12:15 +02:00
Martin Weinelt
9086bb9b78
webkitgtk: 2.30.6 -> 2.32.0
https://webkitgtk.org/security/WSA-2021-0003.html

https://webkitgtk.org/2021/03/26/webkitgtk2.32.0-released.html

Fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871
2021-03-30 01:01:32 +02:00
Martin Weinelt
75f531b3fc
webkitgtk: 2.30.5 -> 2.30.6
https://webkitgtk.org/security/WSA-2021-0002.html
2021-03-27 14:22:41 +01:00
ajs124
e498908604 Revert "webkitgtk: remedy the build's confusion about the meaning of "truth""
This reverts commit d2aeeb0d20.
2021-03-02 20:49:54 +01:00
ajs124
4fce15ab02 webkitgtk: 2.30.3 -> 2.30.5 2021-03-02 20:32:04 +01:00
Peter Simons
d2aeeb0d20 webkitgtk: remedy the build's confusion about the meaning of "truth"
The package could not compile because it did not know the meaning of
TRUE and FALSE [1]. So we have to make sure our build environment
provides reasonable, sensible definitions to make the build succeed.

[1] https://hydra.nixos.org/build/137292531
2021-02-26 21:35:56 +01:00
Matthew Bauer
c0d053ea0e Revert "webkitgtk: enable WPE_RENDERER"
This reverts commit 132f7e6cfe.
2021-01-24 22:21:40 -06:00
Ben Siraphob
66e44425c6 pkgs/development/libraries: stdenv.lib -> lib 2021-01-21 19:11:02 -08:00
Matthew Bauer
77403c1c19
Merge pull request #96140 from matthewbauer/add-cog
Init cog at 0.6.0
2021-01-20 17:42:54 -06:00
Matthew Bauer
132f7e6cfe webkitgtk: enable WPE_RENDERER 2021-01-20 16:54:48 -06:00
Jonathan Ringer
9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
talyz
4c68c3837a
webkitgtk: Add /run/opengl-driver to bubblewrap bind mounts
Without access to the `/run/opengl-driver` directory, webkit fails to
create an EGL context, since it can't identify a suitable EGL
vendor. This results in a blank window and the following error output:

Cannot get default EGL display: EGL_BAD_PARAMETER
Cannot create EGL context: invalid display (last error: EGL_SUCCESS)
2020-12-23 18:51:50 +01:00
Monson Shao
c377ced8de
webkitgtk: drop wayland dependency on Darwin 2020-12-07 12:50:54 +08:00
Martin Weinelt
48ba279287
webkitgtk: 2.30.2 -> 2.30.3
Fixes processing of malicousliy crafted web content which could lead to
- CVE-2020-13584: arbitrary code execution due to a use after free issue
- CVE-2020-9983: code execution due to an out-of-bounds write issue

Advisory at https://webkitgtk.org/security/WSA-2020-0008.html

Fixes: CVE-2090-13584, CVE-2020-9983
2020-11-23 18:59:03 +01:00
Jan Tojnar
f70fe4af35
webkitgtk: 2.30.1 → 2.30.2
https://webkitgtk.org/2020/10/23/webkitgtk2.30.2-released.html
2020-11-13 13:26:52 +01:00
Jan Tojnar
8ccd765d37
webkitgtk: clean up
Remove gtk2 flag, which is no longer supported.
2020-10-24 01:42:16 +02:00
Jan Tojnar
297bac601a
webkitgtk: 2.30.0 → 2.30.1 2020-10-24 01:18:42 +02:00
WORLDofPEACE
af2465acb9
webkitgtk: add separateDebugInfo, add platforms.darwin
Very strange that stdenv.isDarwin is in this expression but without
platforms including darwin.
2020-10-24 01:17:03 +02:00
Piotr Bogdan
c1307a041a
webkitgtk: 2.29.91 -> 2.30.0
https://webkitgtk.org/2020/08/14/webkitgtk2.29.90-released.html
https://webkitgtk.org/2020/08/14/webkitgtk2.29.91-released.html
https://webkitgtk.org/2020/07/29/webkitgtk2.29.4-released.html
https://webkitgtk.org/2020/09/11/webkitgtk2.30.0-released.html
2020-10-24 01:15:02 +02:00
Jonathan Ringer
b9592aa9ae webkitgtk: add enableGLES switch 2020-08-21 18:56:16 -07:00
Daniel Șerbănescu
838955243d webkitgtk: 2.28.3 -> 2.28.4 2020-08-14 17:11:44 +02:00
Daniel Șerbănescu
9d6f01aeef webkitgtk: 2.28.2 -> 2.28.3 2020-07-10 00:40:29 +02:00
Daiderd Jordan
7b3a2963d1
treewide: replace base64 encoded hashes 2020-06-03 18:35:19 +02:00