mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-20 04:48:10 +00:00
Code Issues Wiki Activity
nixpkgs/pkgs/applications/networking/browsers/chromium/common.nix

306 lines
12 KiB
Nix
Raw Normal View History

chromium: replace ninja workaround with upstream patch https://github.com/NixOS/nixpkgs/issues/35296 This reverts workaround commit e3cb6e77720109b217b9a9d2154901d4b0167af2.
2018-02-26 23:04:33 +00:00
{ stdenv, ninja, which, nodejs, fetchurl, fetchpatch, gnutar
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
# default dependencies
Chromium: Update and build fixes. Changes included: - Update versions. - Use gyp package not gyp_svn1977. - Remove icu from buildInputs, since this causes a build error due to inferference with use_system_icu=false. - Remove the hack that inserts the absolute path into gyp files, and pass `--depth .` to gyp. This resolves the `third_party/angle` gyp error. - Do a normal copy of the source code not a symlink copy. This resolves some link error where the symlinks interfere with relative paths (seems like because gyp resolves symlinks first). Note, this used to be worked around with the absolute path insertion hack. - Change the bucketURL in update.nix to https (for more secure updates).
2015-06-11 17:23:58 +01:00
, bzip2, flac, speex, libopus
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
, libevent, expat, libjpeg, snappy
chromium: 58.0.3029.110 -> 59.0.3071.86
2017-06-11 09:10:56 +01:00
, libpng, libcap
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
, xdg_utils, yasm, minizip, libwebp
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
, libusb1, pciutils, nss, re2, zlib, libvpx
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
chromium: use python2
2016-11-19 09:29:45 +00:00
, python2Packages, perl, pkgconfig
systemd: Separate lib output This moves libsystemd.so and libudev.so into systemd.lib, and gets rid of libudev (which just contained a copy of libudev.so and the udev headers). It thus reduces the closure size of all packages that (indirectly) depend on libsystemd, of which there are quite a few (for instance, PulseAudio and dbus). For example, it reduces the closure of Blender from 430.8 to 400.8 MiB.
2016-09-05 17:59:00 +01:00
, nspr, systemd, kerberos
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
, utillinux, alsaLib
chromium: Clean up/remove old/unused stuff. We no longer need to supply compiler and binutils to the build process, se we can safely remove them. In addition, we're now passing the new options linux_use_gold_binary and linux_use_bundled_gold to gyp, for details, see: https://codereview.chromium.org/239163003 Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-13 03:53:31 +01:00
, bison, gperf
tree-wide: autorename gnome packages to use dashes
2018-02-25 02:23:58 +00:00
, glib, gtk2, gtk3, dbus-glib
chromium: 64.0.3282.186 -> 65.0.3325.146 see https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html cc @aszlig @YorikSar CVE-2017-11215 CVE-2017-11225 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6057 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6068 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073 CVE-2018-6074 CVE-2018-6075 CVE-2018-6076 CVE-2018-6077 CVE-2018-6078 CVE-2018-6079 CVE-2018-6080 CVE-2018-6081 CVE-2018-6082 CVE-2018-6083
2018-03-09 01:53:18 +00:00
, libXScrnSaver, libXcursor, libXtst, libGLU_combined
chromium: enable cups by default
2014-12-07 13:52:36 +00:00
, protobuf, speechd, libXdamage, cups
chromium: 59.0.3071.109 -> 59.0.3071.115 use several system libraries instead of bundled see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
2017-07-06 23:54:10 +01:00
, ffmpeg, harfbuzz, harfbuzz-icu, libxslt, libxml2
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
# optional dependencies
, libgcrypt ? null # gnomeSupport || cupsSupport
chromium: Update all channels to latest versions Overview of the updated versions: stable: 49.0.2623.87 -> 49.0.2623.110 beta: 50.0.2661.26 -> 50.0.2661.49 dev: 50.0.2661.18 -> 51.0.2693.2 Most notably, this includes a series of urgent security fixes: * CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu from Tencent KeenLab. * CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous. * CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous. * CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt working with HP's Zero Day Initiative / Pwn2Own. * CVE-2016-1650: Denial of service in PageCaptureSaveAsMHTMLFunction The official release announcement with details about these fixes can be found here: http://googlechromereleases.blogspot.de/2016/03/stable-channel-update_24.html Beta and stable could be also affected, although I didn't do a detailed check whether that's the case. As this introduces Chromium 51 as the dev version, I had to make the following changes to make it build: * libexif got removed, so let's do that on our end as well. See https://codereview.chromium.org/1803883002 for details. * Chromium doesn't seem to compile with our version of libpng, so let's resort to the bundled libpng for now. * site_engagement_ui.cc uses isnan outside of std namespace, so we're fixing that in postPatch using sed. I have successfully built all versions on i686-linux and x86_64-linux and tested it using the VM tests. Test reports can be found at the following evaluation of my Hydra: https://headcounter.org/hydra/eval/314584 Thanks to @grahamc for reporting this. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Reported-by: Graham Christensen <graham@grahamc.com> Fixes: #14299
2016-03-30 00:05:07 +01:00
, libexif ? null # only needed for Chromium before version 51
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
# package customization
, enableNaCl ? false
chromium: Disable "hotwording" by default. There has been some recent news about that component extension on hacker news: https://news.ycombinator.com/item?id=9724409 Even though on our side it won't work, because we don't have NaCl enabled by default or even working (I honestly haven't tested if it even builds if enabled), we might get to the point where we can build with NaCl enabled. But until and even after that day, we want to have explicit control on whether this extension is enabled. Please also have a look at these two issues explaining the details (about component extensions and the hotwording extension in particular): https://crbug.com/491435 https://crbug.com/500922 Fixes issue #8358. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-06-19 03:15:49 +01:00
, enableHotwording ? false
chromium: Fix building with WineVine components Before version 54, the WideVine CDM plugin was built unconditionally and it seems since version 54 this now is dependent upon a GYP/GN flag on whether to include the CDM shared library or not. Also, we now use a patch from Gentoo which should hopefully get the CDM plugin to work properly, at least according to their bugtracker: https://bugs.gentoo.org/show_bug.cgi?id=547630 Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-08 19:18:15 +00:00
, enableWideVine ? false
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
, gnomeSupport ? false, gnome ? null
tree-wide: autorename gnome packages to use dashes
2018-02-25 02:23:58 +00:00
, gnomeKeyringSupport ? false, libgnome-keyring3 ? null
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
, proprietaryCodecs ? true
chromium: enable cups by default
2014-12-07 13:52:36 +00:00
, cupsSupport ? true
Use libpulseaudio instead of pulseaudio
2015-05-27 20:42:15 +01:00
, pulseSupport ? false, libpulseaudio ? null
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
chromium: Move source/default.nix into common.nix This addresses #12794 so that we now have only a single tarball where we base our build on instead of splitting the source into different outputs first and then reference the outputs. The reason I did this in the first place is that we previously built the sandbox as a different derivation and unpacking the whole source tree just for building the sandbox was a bit too much. As we now have namespaces sandbox built in by default we no longer have that derivation anymore. It still might come up however if we want to build NaCl as a separate derivation (see #8560), but splitting the source code into things only NaCl might require is already too much work and doesn't weight out the benefits. Another issue with the source splitup is that Hydra now has an output limit for non-fixed-output derivations which we're already hitting. Tested the build against the stable channel and it went well, but I haven't tested running the browser. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-20 16:50:17 +00:00
, upstream-info
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
}:
buildFun:
with stdenv.lib;
chromium: 59.0.3071.109 -> 59.0.3071.115 use several system libraries instead of bundled see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
2017-07-06 23:54:10 +01:00
# see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
let
# The additional attributes for creating derivations based on the chromium
# source tree.
extraAttrs = buildFun base;
chromium: replace ninja workaround with upstream patch https://github.com/NixOS/nixpkgs/issues/35296 This reverts workaround commit e3cb6e77720109b217b9a9d2154901d4b0167af2.
2018-02-26 23:04:33 +00:00
gentooPatch = name: sha256: fetchpatch {
chromium: update 63.0.3239.108 -> 63.0.3239.132 this introduces a standard approach to playing with patches from the gentoo repository. the patches for 64 are a first guess during a build in progress cc @YorikSar @aszlig
2018-01-09 01:11:02 +00:00
url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/chromium/files/${name}";
inherit sha256;
};
chromium: replace ninja workaround with upstream patch https://github.com/NixOS/nixpkgs/issues/35296 This reverts workaround commit e3cb6e77720109b217b9a9d2154901d4b0167af2.
2018-02-26 23:04:33 +00:00
githubPatch = commit: sha256: fetchpatch {
url = "https://github.com/chromium/chromium/commit/${commit}.patch";
inherit sha256;
};
chromium: update 63.0.3239.108 -> 63.0.3239.132 this introduces a standard approach to playing with patches from the gentoo repository. the patches for 64 are a first guess during a build in progress cc @YorikSar @aszlig
2018-01-09 01:11:02 +00:00
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
mkGnFlags =
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
let
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
# Serialize Nix types into GN types according to this document:
# https://chromium.googlesource.com/chromium/src/+/master/tools/gn/docs/language.md
mkGnString = value: "\"${escape ["\"" "$" "\\"] value}\"";
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
sanitize = value:
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
if value == true then "true"
else if value == false then "false"
else if isList value then "[${concatMapStringsSep ", " sanitize value}]"
else if isInt value then toString value
else if isString value then mkGnString value
else throw "Unsupported type for GN value `${value}'.";
toFlag = key: value: "${key}=${sanitize value}";
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
in attrs: concatStringsSep " " (attrValues (mapAttrs toFlag attrs));
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
gnSystemLibraries = [
chromium: 62.0.3202.62 -> 62.0.3202.75 also fix beta/dev build - use harfbuzz from sources Unfortunatelly after [0] chromium doesn't support using harfbuzz provided by system while using vendored version of freetype. Disabling usage of separate harfbuzz for now. [0] https://chromium-review.googlesource.com/c/chromium/src/+/696241
2017-10-22 20:36:30 +01:00
"flac" "libwebp" "libxslt" "yasm" "opus" "snappy" "libpng" "zlib"
chromium: add build flags and system libs This is lifted from the Arch build recipe: https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/chromium using system libjpeg still doesn't work for some reason, otherwise the build runs fine
2017-07-31 09:01:15 +01:00
# "libjpeg" # fails with multiple undefined references to chromium_jpeg_*
# "re2" # fails with linker errors
# "ffmpeg" # https://crbug.com/731766
chromium: 62.0.3202.94 -> 63.0.3239.84 New stable release with bunch of security fixes and other changes [0] Also: * remove patch for dev already landed upstream * remove patches specific to version 62 * dev is broken again, need to investigate failures [0] https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
2017-12-08 03:44:06 +00:00
# "harfbuzz-ng" # in versions over 63 harfbuzz and freetype are being built together
# so we can't build with one from system and other from source
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
];
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
opusWithCustomModes = libopus.override {
chromium: Update all channels to latest versions. With this commit, the following new upstream versions are introduced: stable: 35.0.1916.153 -> 36.0.1985.125 beta: 36.0.1985.84 -> 37.0.2062.44 dev: 37.0.2054.3 -> 38.0.2101.0 All builds were successfully tested on my machine, however in order to update the beta and dev channels, a few additional modifications were necessary: * Don't update address_input_strings.grdp anymore because this has been done/fixed upstream and was relevant in version 37.0.2054.3 _only_. * No need to fix references to /usr/bin/gcc in version 38 anymore. * Constrain patch for Angle (introduced in 4cbedd7) to version 37 only, because it already has been applied upstream in version 38. * Drop user namespaces patch for version 31 up until version 35, because version 36 is already in stable. * Don't try to build bundled Clang and/or even build using Clang. * Remove obsolete patchPhase commands that are specific to version 35 and older. While testing the dev version 38 I came accross a font rendering issue which needs to be addressed ASAP (perhaps related to #3187), however the browser works otherwise. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-07-28 04:05:01 +01:00
withCustomModes = true;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
};
defaultDependencies = [
Chromium: Update and build fixes. Changes included: - Update versions. - Use gyp package not gyp_svn1977. - Remove icu from buildInputs, since this causes a build error due to inferference with use_system_icu=false. - Remove the hack that inserts the absolute path into gyp files, and pass `--depth .` to gyp. This resolves the `third_party/angle` gyp error. - Do a normal copy of the source code not a symlink copy. This resolves some link error where the symlinks interfere with relative paths (seems like because gyp resolves symlinks first). Note, this used to be worked around with the absolute path insertion hack. - Change the bucketURL in update.nix to https (for more secure updates).
2015-06-11 17:23:58 +01:00
bzip2 flac speex opusWithCustomModes
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
libevent expat libjpeg snappy
chromium: 58.0.3029.110 -> 59.0.3071.86
2017-06-11 09:10:56 +01:00
libpng libcap
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
xdg_utils yasm minizip libwebp
chromium: Remove some libs from system depenencies Seems that these libraries aren't the ones Chromium is expecting to be, so let's switch to use the bundled version of these libraries instead. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 13:28:06 +01:00
libusb1 re2 zlib
chromium: 62.0.3202.62 -> 62.0.3202.75 also fix beta/dev build - use harfbuzz from sources Unfortunatelly after [0] chromium doesn't support using harfbuzz provided by system while using vendored version of freetype. Disabling usage of separate harfbuzz for now. [0] https://chromium-review.googlesource.com/c/chromium/src/+/696241
2017-10-22 20:36:30 +01:00
ffmpeg libxslt libxml2
chromium: 62.0.3202.94 -> 63.0.3239.84 New stable release with bunch of security fixes and other changes [0] Also: * remove patch for dev already landed upstream * remove patches specific to version 62 * dev is broken again, need to investigate failures [0] https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
2017-12-08 03:44:06 +00:00
# harfbuzz-icu # in versions over 63 harfbuzz and freetype are being built together
# so we can't build with one from system and other from source
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
];
# build paths and release info
chromium: Fix package name for browser derivation. The packageName attribute defines the output path and binary name of the product that's going to be created, so we really want to have "chromium" instead of "chromium-browser" here, especially for the resulting binary. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-20 07:39:40 +01:00
packageName = extraAttrs.packageName or extraAttrs.name;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
buildType = "Release";
buildPath = "out/${buildType}";
libExecPath = "$out/libexec/${packageName}";
chromium: 59.0.3071.109 -> 59.0.3071.115 use several system libraries instead of bundled see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
2017-07-06 23:54:10 +01:00
freetype_source = fetchurl {
url = http://anduin.linuxfromscratch.org/BLFS/other/chromium-freetype.tar.xz;
sha256 = "1vhslc4xg0d6wzlsi99zpah2xzjziglccrxn55k7qna634wyxg77";
};
chromium: separate patches for beta and dev builds fixes beta and dev builds
2017-09-21 01:32:40 +01:00
versionRange = min-version: upto-version:
let inherit (upstream-info) version;
result = versionAtLeast version min-version && versionOlder version upto-version;
stable-version = (import ./upstream-info.nix).stable.version;
in if versionAtLeast stable-version upto-version
then warn "chromium: stable version ${stable-version} is newer than a patchset bounded at ${upto-version}. You can safely delete it."
result
else result;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
base = rec {
name = "${packageName}-${version}";
chromium: Move source/default.nix into common.nix This addresses #12794 so that we now have only a single tarball where we base our build on instead of splitting the source into different outputs first and then reference the outputs. The reason I did this in the first place is that we previously built the sandbox as a different derivation and unpacking the whole source tree just for building the sandbox was a bit too much. As we now have namespaces sandbox built in by default we no longer have that derivation anymore. It still might come up however if we want to build NaCl as a separate derivation (see #8560), but splitting the source code into things only NaCl might require is already too much work and doesn't weight out the benefits. Another issue with the source splitup is that Hydra now has an output limit for non-fixed-output derivations which we're already hitting. Tested the build against the stable channel and it went well, but I haven't tested running the browser. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-20 16:50:17 +00:00
inherit (upstream-info) version;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
inherit packageName buildType buildPath;
chromium: Move source/default.nix into common.nix This addresses #12794 so that we now have only a single tarball where we base our build on instead of splitting the source into different outputs first and then reference the outputs. The reason I did this in the first place is that we previously built the sandbox as a different derivation and unpacking the whole source tree just for building the sandbox was a bit too much. As we now have namespaces sandbox built in by default we no longer have that derivation anymore. It still might come up however if we want to build NaCl as a separate derivation (see #8560), but splitting the source code into things only NaCl might require is already too much work and doesn't weight out the benefits. Another issue with the source splitup is that Hydra now has an output limit for non-fixed-output derivations which we're already hitting. Tested the build against the stable channel and it went well, but I haven't tested running the browser. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-20 16:50:17 +00:00
src = upstream-info.main;
chromium.mkDerivation: use ninja from nativeBuildInputs Also move Python packages there.
2017-02-08 19:47:07 +00:00
nativeBuildInputs = [
gn: remove Chromium depends on bundled versioon of gn. It's also chromium-specific build tool, so it's not feasible to package.
2017-02-08 19:40:39 +00:00
ninja which python2Packages.python perl pkgconfig
chromium: softlink system nodejs into third_party somehow, the build seems to have changed with chromium 58, to not auto download the node binary. It is needed to generate webui files and we can substitute our own.
2017-05-14 14:03:21 +01:00
python2Packages.ply python2Packages.jinja2 nodejs
chromium: 59.0.3071.109 -> 59.0.3071.115 use several system libraries instead of bundled see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
2017-07-06 23:54:10 +01:00
gnutar
chromium.mkDerivation: use ninja from nativeBuildInputs Also move Python packages there.
2017-02-08 19:47:07 +00:00
];
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
buildInputs = defaultDependencies ++ [
systemd: Separate lib output This moves libsystemd.so and libudev.so into systemd.lib, and gets rid of libudev (which just contained a copy of libudev.so and the udev headers). It thus reduces the closure size of all packages that (indirectly) depend on libsystemd, of which there are quite a few (for instance, PulseAudio and dbus). For example, it reduces the closure of Blender from 430.8 to 400.8 MiB.
2016-09-05 17:59:00 +01:00
nspr nss systemd
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
utillinux alsaLib
kerberos: Use default kerberos instead of krb5
2014-12-30 08:05:12 +00:00
bison gperf kerberos
tree-wide: autorename gnome packages to use dashes
2018-02-25 02:23:58 +00:00
glib gtk2 gtk3 dbus-glib
treewide: transition mesa to libGLU_combined
2018-02-24 13:12:44 +00:00
libXScrnSaver libXcursor libXtst libGLU_combined
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
pciutils protobuf speechd libXdamage
tree-wide: autorename gnome packages to use dashes
2018-02-25 02:23:58 +00:00
] ++ optional gnomeKeyringSupport libgnome-keyring3
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
chromium: enable cups by default
2014-12-07 13:52:36 +00:00
++ optionals cupsSupport [ libgcrypt cups ]
chromium: 59.0.3071.115 -> 60.0.3112.78 get rid of outdated version branches and patches take a patch from gentoo, to fix gn bootstrapping
2017-07-31 08:52:45 +01:00
++ optional pulseSupport libpulseaudio;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
chromium: Move source/default.nix into common.nix This addresses #12794 so that we now have only a single tarball where we base our build on instead of splitting the source into different outputs first and then reference the outputs. The reason I did this in the first place is that we previously built the sandbox as a different derivation and unpacking the whole source tree just for building the sandbox was a bit too much. As we now have namespaces sandbox built in by default we no longer have that derivation anymore. It still might come up however if we want to build NaCl as a separate derivation (see #8560), but splitting the source code into things only NaCl might require is already too much work and doesn't weight out the benefits. Another issue with the source splitup is that Hydra now has an output limit for non-fixed-output derivations which we're already hitting. Tested the build against the stable channel and it went well, but I haven't tested running the browser. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-20 16:50:17 +00:00
patches = [
chromium: 63.0.3239.132 -> 64.0.3282.119 CVE-2018-6031 CVE-2018-6032 CVE-2018-6033 CVE-2018-6034 CVE-2018-6035 CVE-2018-6036 CVE-2018-6037 CVE-2018-6038 CVE-2018-6039 CVE-2018-6040 CVE-2018-6041 CVE-2018-6042 CVE-2018-6043 CVE-2018-6045 CVE-2018-6046 CVE-2018-6047 CVE-2018-6048 CVE-2017-15420 CVE-2018-6049 CVE-2018-6050 CVE-2018-6051 CVE-2018-6052 CVE-2018-6053 CVE-2018-6054
2018-01-18 18:19:32 +00:00
# As major versions are added, you can trawl the gentoo and arch repos at
chromium: separate patches for beta and dev builds fixes beta and dev builds
2017-09-21 01:32:40 +01:00
# https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/chromium/
# https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/chromium
# for updated patches and hints about build flags
chromium: 63.0.3239.132 -> 64.0.3282.119 CVE-2018-6031 CVE-2018-6032 CVE-2018-6033 CVE-2018-6034 CVE-2018-6035 CVE-2018-6036 CVE-2018-6037 CVE-2018-6038 CVE-2018-6039 CVE-2018-6040 CVE-2018-6041 CVE-2018-6042 CVE-2018-6043 CVE-2018-6045 CVE-2018-6046 CVE-2018-6047 CVE-2018-6048 CVE-2017-15420 CVE-2018-6049 CVE-2018-6050 CVE-2018-6051 CVE-2018-6052 CVE-2018-6053 CVE-2018-6054
2018-01-18 18:19:32 +00:00
# (gentooPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000")
chromium: fix nix_plugin_paths for 68+
2018-05-12 01:19:56 +01:00
] ++ optionals (versionRange "66" "68") [
./patches/nix_plugin_paths_52.patch
chromium: 65.0.3325.181 -> 66.0.3359.117 Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28 Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30 High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20 High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15 High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04 High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12 High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05 High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08 Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01 Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01 Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11 Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19 Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26 Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03 Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03 Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11 Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19 Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20 Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24 Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08 Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18 Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25 Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02 Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27 Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10 Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24 Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02 Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29 Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25 Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13 Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07 Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15 Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15 Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15
2018-04-21 12:10:41 +01:00
] ++ optionals (versionRange "66" "67") [
chromium: 64.0.3282.186 -> 65.0.3325.146 see https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html cc @aszlig @YorikSar CVE-2017-11215 CVE-2017-11225 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6057 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6068 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073 CVE-2018-6074 CVE-2018-6075 CVE-2018-6076 CVE-2018-6077 CVE-2018-6078 CVE-2018-6079 CVE-2018-6080 CVE-2018-6081 CVE-2018-6082 CVE-2018-6083
2018-03-09 01:53:18 +00:00
(gentooPatch "chromium-webrtc-r0.patch" "0wp4zivbv2wpgiwmiznbq1aw4w98mvwjvdy36cpfmnvr8yw430pd")
(gentooPatch "chromium-ffmpeg-r1.patch" "1k8agaqsvg0w0s6s5wh346ih02cc86vr0vwyshw2q9vafa0jvmq4")
chromium: fix GCC 7 related build issues Also clean up unused patches.
2018-03-09 11:27:20 +00:00
# GCC 7 fixes
(githubPatch "f64fadcd79aebe5ed893ecbf258d1123609d28f8" "1h255w1v327r08cnifs19s4bwmkinqjmdmbwihddc5dyl43sjnvv")
(githubPatch "ede5178322ccd297b0ad82ae4c59119ceaab9ea5" "0rsal0dy0yhgs4lhn8h1vy1s77xcssy4f5wals7hvrz5m08jqizj")
(githubPatch "7d721f438acb38db556ae9a9e6e8b718bd503216" "13lzvxm63zq3rd8p387ylq4bm9wr4r09vk2w4p81f838pf0v1kbj")
(githubPatch "ba4141e451f4e0b1b19410b1b503bd32e150df06" "1cjxw1f9fin6z12b0mcxnxf2mdjb0n3chwz7mgvmp9yij8qhqnxj")
(githubPatch "b34ed1e6524479d61ee944ebf6ca7389ea47e563" "1s13zw93nsyr259dzck6gbhg4x46qg5sg14djf4bvrrc6hlkiczw")
(githubPatch "4f2b52281ce1649ea8347489443965ad33262ecc" "1g59izkicn9cpcphamdgrijs306h5b9i7i4pmy134asn1ifiax5z")
chromium: fix nix_plugin_paths for 68+
2018-05-12 01:19:56 +01:00
] ++ optionals (versionAtLeast version "68") [
./patches/nix_plugin_paths_68.patch
Chromium: fix skia build on aarch64 Patch imported from Arch Linux ARM
2018-03-15 15:51:20 +00:00
] ++ optional enableWideVine ./patches/widevine.patch
chromium: skia patch appears to be still needed with 66 on aarch64 Cc @chaoflow @bendlas Replaces #39628
2018-04-28 00:40:57 +01:00
++ optionals (stdenv.isAarch64 && versionRange "65" "67") [
Chromium: fix skia build on aarch64 Patch imported from Arch Linux ARM
2018-03-15 15:51:20 +00:00
./patches/skia_buildfix.patch
chromium: fix build on aarch64 chromium build on aarch64 failed with: ``` FAILED: obj/skia/skia/convolver_neon.o g++ -MMD -MF obj/skia/skia/convolver_neon.o.d -DV8_DEPRECATION_WARNINGS -DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DNO_TCMALLOC -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD -DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS -D_LIBCXXABI_DISABLE_VISIBILITY_ANNOTATIONS -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DSK_IGNORE_LINEONLY_AA_CONVEX_PATH_OPTS -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_HAS_JPEG_LIBRARY -DSK_SUPPORT_GPU=1 -DSK_FREETYPE_MINIMUM_RUNTIME_VERSION=\(\(\(FREETYPE_MAJOR\)\ \*\ 0x01000000\)\ \|\ \(\(FREETYPE_MINOR\)\ \*\ 0x00010000\)\ \|\ \(\(FREETYPE_PATCH\)\ \*\ 0x00000100\)\) -DSK_GAMMA_EXPONENT=1.2 -DSK_GAMMA_CONTRAST=0.2 -DSK_DEFAULT_FONT_CACHE_LIMIT=20971520 -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32 -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DFT_CONFIG_CONFIG_H=\"freetype-custom-config/ftconfig.h\" -DFT_CONFIG_MODULES_H=\"freetype-custom-config/ftmodule.h\" -DFT_CONFIG_OPTIONS_H=\"freetype-custom-config/ftoption.h\" -DPDFIUM_REQUIRED_MODULES -DCHROMIUM_RESTRICT_VISIBILITY -DUSE_LIBJPEG_TURBO=1 -DU_USING_ICU_NAMESPACE=0 -DU_ENABLE_DYLOAD=0 -DU_STATIC_IMPLEMENTATION -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_FILE -DUCHAR_TYPE=uint16_t -DUSE_SYSTEM_ZLIB=1 -I../.. -Igen -I../../skia/config -I../../skia/ext -I../../third_party/skia/include/c -I../../third_party/skia/include/config -I../../third_party/skia/include/core -I../../third_party/skia/include/effects -I../../third_party/skia/include/encode -I../../third_party/skia/include/gpu -I../../third_party/skia/include/images -I../../third_party/skia/include/lazy -I../../third_party/skia/include/pathops -I../../third_party/skia/include/pdf -I../../third_party/skia/include/pipe -I../../third_party/skia/include/ports -I../../third_party/skia/include/utils -I../../third_party/skia/src/gpu -I../../third_party/skia/src/sksl -I../../third_party/skia/include/codec -I../../third_party/skia/include/private -I../../third_party/skia/include/client/android -I../../third_party/skia/src/codec -I../../third_party/skia/src/core -I../../third_party/skia/src/image -I../../third_party/skia/src/images -I../../third_party/skia/src/opts -I../../third_party/skia/src/pdf -I../../third_party/skia/src/ports -I../../third_party/skia/src/shaders -I../../third_party/skia/src/shaders/gradients -I../../third_party/skia/src/sfnt -I../../third_party/skia/src/utils -I../../third_party/skia/src/lazy -I../../third_party/skia/third_party/gif -I../../third_party/skia/src/effects/gradients -Igen/shim_headers/libpng_shim -Igen/shim_headers/zlib_shim -I../../third_party/freetype/include -I../../third_party/freetype/src/include -I../../third_party/harfbuzz-ng/src -I../../third_party/libjpeg_turbo -I../../third_party/fontconfig/src -I../../third_party/icu/source/common -I../../third_party/icu/source/i18n -I../../third_party/sfntly/src/cpp/src -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -funwind-tables -fPIC -pipe -pthread -fno-omit-frame-pointer -g0 -fno-builtin-abs -fvisibility=hidden -Wno-unused-local-typedefs -Wno-maybe-uninitialized -Wno-deprecated-declarations -fno-delete-null-pointer-checks -Wno-missing-field-initializers -Wno-unused-parameter -O2 -fno-ident -fdata-sections -ffunction-sections -isystem/nix/store/smmxgfkqaqqh43d5gmv5p3abcq19hkzy-glib-2.56.0-dev/include/glib-2.0 -isystem/nix/store/yn3bbw1sxg19h07wzn16k0ja58wr9yiz-glib-2.56.0/lib/glib-2.0/include -isystem/nix/store/f82jgynysk9mvhyfavfzims41zkskb3c-libpng-apng-1.6.34-dev/include/libpng16 -isystem/nix/store/56i89kfi2nmjrv8hifsz6zikr6pq1avw-zlib-1.2.11-dev/include -std=gnu++14 -fno-exceptions -fno-rtti -nostdinc++ -isystem../../buildtools/third_party/libc++/trunk/include -isystem../../buildtools/third_party/libc++abi/trunk/include -fvisibility-inlines-hidden -Wno-narrowing -c ../../skia/ext/convolver_neon.cc -o obj/skia/skia/convolver_neon.o ../../skia/ext/convolver_neon.cc: In function 'int32x4_t skia::AccumRemainder(const unsigned char*, const Fixed*, int)': ../../skia/ext/convolver_neon.cc:26:65: error: cannot convert '<brace-enclosed initializer list>' to 'int32x4_t {aka __vector(4) int}' in return return {remainder[0], remainder[1], remainder[2], remainder[3]}; ^ ``` The following patch appears to fix this build issue. Source: https://chromium.googlesource.com/chromium/src.git/+/b84682f31dc99b9c90f5a04947075815697c68d9%5E%21/#F0 Suggested-by: @dezgeg
2018-04-28 23:13:03 +01:00
./patches/neon_buildfix.patch
Chromium: fix skia build on aarch64 Patch imported from Arch Linux ARM
2018-03-15 15:51:20 +00:00
];
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
chromium: Drop references to version 42 and below. Since 7d217e3 the lowest version number is 43, so all those conditionals are no longer needed. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-06-19 18:35:30 +01:00
postPatch = ''
chromium: add ability to control which sandbox is used First step towards addressing #17460 In order to be able to run the SUID sandbox, which is good for security and required to run Chromium with any kind of reasonable sandboxing when using grsecurity kernels, we want to be able to control where the sandbox comes from in the Chromium wrapper. This commit patches the appropriate bit of source and adds the same old sandbox to the wrapper (so it should be a no-op)
2016-08-04 20:26:05 +01:00
# We want to be able to specify where the sandbox is via CHROME_DEVEL_SANDBOX
substituteInPlace sandbox/linux/suid/client/setuid_sandbox_host.cc \
--replace \
chromium: fixup commit 33557ac Helps with #17460 @cleverca22 saw calls to SetuidSandboxHost::GetSandboxBinaryPath so we patch this function instead. cc @joachifm
2016-08-05 10:55:48 +01:00
'return sandbox_binary;' \
'return base::FilePath(GetDevelSandboxPath());'
chromium: add ability to control which sandbox is used First step towards addressing #17460 In order to be able to run the SUID sandbox, which is good for security and required to run Chromium with any kind of reasonable sandboxing when using grsecurity kernels, we want to be able to control where the sandbox comes from in the Chromium wrapper. This commit patches the appropriate bit of source and adds the same old sandbox to the wrapper (so it should be a no-op)
2016-08-04 20:26:05 +01:00
chromium: hardcode xdg_utils path in system calls ref #23518
2017-03-07 10:10:58 +00:00
sed -i -e 's@"\(#!\)\?.*xdg-@"\1${xdg_utils}/bin/xdg-@' \
chrome/browser/shell_integration_linux.cc
systemd: Separate lib output This moves libsystemd.so and libudev.so into systemd.lib, and gets rid of libudev (which just contained a copy of libudev.so and the udev headers). It thus reduces the closure size of all packages that (indirectly) depend on libsystemd, of which there are quite a few (for instance, PulseAudio and dbus). For example, it reduces the closure of Blender from 430.8 to 400.8 MiB.
2016-09-05 17:59:00 +01:00
sed -i -e '/lib_loader.*Load/s!"\(libudev\.so\)!"${systemd.lib}/lib/\1!' \
chromium: Update all channels to latest versions. This brings a new stable version 40.0.2214.91 along with a beta update to version 41.0.2272.16, the dev channel is still stuck at version 41.0.2272.12 and within the next days will jump to version 42. For this reason, I've done some cheating here and brought the beta channel in par with the dev channel, because dev is older than beta on OmahaProxy. Here's an overview of the channel upgrades: stable: 39.0.2171.65 -> 40.0.2214.91 [1] beta: 40.0.2214.10 -> 41.0.2272.16 [1] [2] [3] dev: 41.0.2224.3 -> 41.0.2272.16 [1] [2] [3] [1]: We needed to patch in locations of lib{pci,udev}.so, because Chromium tries to load them at runtime. For version 41 startup will fail if it is unable to load libudev, but it also has the advantage that this fixes GPU detection using libpci in the stable version, which in turn could fix a few bugs on NixOS. [2]: The upstream Debian package for the binary plugins now uses XZ compression for the enclosed data tarball. [3]: Chromium 41 needs {shapshot,natives}_blob.bin in order to start up, so let's cp it among with the .pak files to avoid adding a conditional for version 40. The release annoucement of the stable channel update can be found here: http://googlechromereleases.blogspot.de/2015/01/stable-update.html Note that this release contains 62 security fixes(!) and I'm hereby apologizing for the delay of this update. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-01-23 00:48:56 +00:00
device/udev_linux/udev?_loader.cc
sed -i -e '/libpci_loader.*Load/s!"\(libpci\.so\)!"${pciutils}/lib/\1!' \
gpu/config/gpu_info_collector_linux.cc
chromium: Remove stuff for versions <= v51 We're already on version 52, so there really is no need to keep all those conditionals and old patches anymore. Tested dropping the unconditional build_fixes_46.patch via the Chromium VM tests. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 18:04:22 +01:00
chromium: Update all channels to latest versions Overview of the updated versions: stable: 49.0.2623.87 -> 49.0.2623.110 beta: 50.0.2661.26 -> 50.0.2661.49 dev: 50.0.2661.18 -> 51.0.2693.2 Most notably, this includes a series of urgent security fixes: * CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu from Tencent KeenLab. * CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous. * CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous. * CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt working with HP's Zero Day Initiative / Pwn2Own. * CVE-2016-1650: Denial of service in PageCaptureSaveAsMHTMLFunction The official release announcement with details about these fixes can be found here: http://googlechromereleases.blogspot.de/2016/03/stable-channel-update_24.html Beta and stable could be also affected, although I didn't do a detailed check whether that's the case. As this introduces Chromium 51 as the dev version, I had to make the following changes to make it build: * libexif got removed, so let's do that on our end as well. See https://codereview.chromium.org/1803883002 for details. * Chromium doesn't seem to compile with our version of libpng, so let's resort to the bundled libpng for now. * site_engagement_ui.cc uses isnan outside of std namespace, so we're fixing that in postPatch using sed. I have successfully built all versions on i686-linux and x86_64-linux and tested it using the VM tests. Test reports can be found at the following evaluation of my Hydra: https://headcounter.org/hydra/eval/314584 Thanks to @grahamc for reporting this. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Reported-by: Graham Christensen <graham@grahamc.com> Fixes: #14299
2016-03-30 00:05:07 +01:00
sed -i -re 's/([^:])\<(isnan *\()/\1std::\2/g' \
chrome/browser/ui/webui/engagement/site_engagement_ui.cc
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
sed -i -e '/#include/ {
i #include <algorithm>
:l; n; bl
}' gpu/config/gpu_control_list.cc
chromium: Allow to put extensions in system path This should allow us to easily add system-wide Chromium extensions via a NixOS configuration similar to this: { pkgs, ... }: { environment.pathsToLink = [ "/share/chromium/extensions" ]; environment.systemPackages = [ pkgs.my-shiny-extension ]; } For more details about what Chromium expects within that directory, see: https://developer.chrome.com/extensions/external_extensions I've introduced this because of a personal desire to gain more control about which extensions are installed and what they are able to do. All of the extensions I use are free software, but despite that it's useful to either easily patch them and also prevent unwanted automatic updates. Tested this using the NixOS "chromium.stable" test on x86_64-linux. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Cc: @offlinehacker because of #21050
2017-06-18 03:29:22 +01:00
# Allow to put extensions into the system-path.
sed -i -e 's,/usr,/run/current-system/sw,' chrome/common/chrome_paths.cc
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
patchShebangs .
chromium: softlink system nodejs into third_party somehow, the build seems to have changed with chromium 58, to not auto download the node binary. It is needed to generate webui files and we can substitute our own.
2017-05-14 14:03:21 +01:00
# use our own nodejs
mkdir -p third_party/node/linux/node-linux-x64/bin
ln -s $(which node) third_party/node/linux/node-linux-x64/bin/node
chromium: 59.0.3071.109 -> 59.0.3071.115 use several system libraries instead of bundled see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
2017-07-06 23:54:10 +01:00
# use patched freetype
# FIXME https://bugs.chromium.org/p/pdfium/issues/detail?id=733
# FIXME http://savannah.nongnu.org/bugs/?51156
tar -xJf ${freetype_source}
# remove unused third-party
chromium: fix crashpad build
2018-05-12 01:19:44 +01:00
# in third_party/crashpad third_party/zlib contains just a header-adapter
chromium: 59.0.3071.109 -> 59.0.3071.115 use several system libraries instead of bundled see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
2017-07-06 23:54:10 +01:00
for lib in ${toString gnSystemLibraries}; do
find -type f -path "*third_party/$lib/*" \
chromium: fix crashpad build
2018-05-12 01:19:44 +01:00
\! -path "*third_party/crashpad/crashpad/third_party/zlib/*" \
chromium: 59.0.3071.109 -> 59.0.3071.115 use several system libraries instead of bundled see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
2017-07-06 23:54:10 +01:00
\! -path "*third_party/$lib/chromium/*" \
\! -path "*third_party/$lib/google/*" \
\! -path "*base/third_party/icu/*" \
\! -path "*base/third_party/libevent/*" \
\! -regex '.*\.\(gn\|gni\|isolate\|py\)' \
-delete
done
chromium: Configure aarch64 toolchain
2018-01-21 13:31:54 +00:00
'' + optionalString stdenv.isAarch64 ''
substituteInPlace build/toolchain/linux/BUILD.gn \
--replace 'toolprefix = "aarch64-linux-gnu-"' 'toolprefix = ""'
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
'';
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
gnFlags = mkGnFlags ({
chromium: Clean up/remove old/unused stuff. We no longer need to supply compiler and binutils to the build process, se we can safely remove them. In addition, we're now passing the new options linux_use_gold_binary and linux_use_bundled_gold to gyp, for details, see: https://codereview.chromium.org/239163003 Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-13 03:53:31 +01:00
linux_use_bundled_binutils = false;
chromium.mkDerivation: update flags * Remove libselinux flag: it's no longer supported; * Use new gold flags.
2017-02-08 19:42:06 +00:00
use_gold = true;
gold_path = "${stdenv.cc}/bin";
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
is_debug = false;
chromium: Link using gold linker flags I originally wanted to do this a long time (a31301d) but IIRC back then it didn't compile. Nowadays with the splitup of the gold linking flags and the binutils integration, it's merely just a switch to flip, so let's do that. Only tested it by building against the current Chromium stable version on 64bit, because right now builds on Hydra seem to time out (because of this?) anyway so we have nothing to lose here. The linking time was hereby reduced from >30 minutes (I didn't measure it exactly but looked half an hour later to the build progress and it was *still* linking) to about a few seconds, which I guess is even though the measurement is quite bogus a tremendous improvement nonetheless. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-28 10:31:21 +01:00
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
proprietary_codecs = false;
Chromium updates
2015-12-29 18:32:30 +00:00
use_sysroot = false;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
use_gnome_keyring = gnomeKeyringSupport;
chromium: 63.0.3239.132 -> 64.0.3282.119 CVE-2018-6031 CVE-2018-6032 CVE-2018-6033 CVE-2018-6034 CVE-2018-6035 CVE-2018-6036 CVE-2018-6037 CVE-2018-6038 CVE-2018-6039 CVE-2018-6040 CVE-2018-6041 CVE-2018-6042 CVE-2018-6043 CVE-2018-6045 CVE-2018-6046 CVE-2018-6047 CVE-2018-6048 CVE-2017-15420 CVE-2018-6049 CVE-2018-6050 CVE-2018-6051 CVE-2018-6052 CVE-2018-6053 CVE-2018-6054
2018-01-18 18:19:32 +00:00
## FIXME remove use_gconf after chromium 65 has become stable
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
use_gconf = gnomeSupport;
use_gio = gnomeSupport;
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
enable_nacl = enableNaCl;
chromium: Disable "hotwording" by default. There has been some recent news about that component extension on hacker news: https://news.ycombinator.com/item?id=9724409 Even though on our side it won't work, because we don't have NaCl enabled by default or even working (I honestly haven't tested if it even builds if enabled), we might get to the point where we can build with NaCl enabled. But until and even after that day, we want to have explicit control on whether this extension is enabled. Please also have a look at these two issues explaining the details (about component extensions and the hotwording extension in particular): https://crbug.com/491435 https://crbug.com/500922 Fixes issue #8358. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-06-19 03:15:49 +01:00
enable_hotwording = enableHotwording;
chromium: Fix building with WineVine components Before version 54, the WideVine CDM plugin was built unconditionally and it seems since version 54 this now is dependent upon a GYP/GN flag on whether to include the CDM shared library or not. Also, we now use a patch from Gentoo which should hopefully get the CDM plugin to work properly, at least according to their bugtracker: https://bugs.gentoo.org/show_bug.cgi?id=547630 Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-08 19:18:15 +00:00
enable_widevine = enableWideVine;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
use_cups = cupsSupport;
chromium: add build flags and system libs This is lifted from the Arch build recipe: https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/chromium using system libjpeg still doesn't work for some reason, otherwise the build runs fine
2017-07-31 09:01:15 +01:00
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
treat_warnings_as_errors = false;
is_clang = false;
chromium: add build flags and system libs This is lifted from the Arch build recipe: https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/chromium using system libjpeg still doesn't work for some reason, otherwise the build runs fine
2017-07-31 09:01:15 +01:00
clang_use_chrome_plugins = false;
remove_webcore_debug_symbols = true;
use_gtk3 = true;
enable_swiftshader = false;
fieldtrial_testing_like_official_build = true;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
chromium/common: Wrap lines to 80 characters. Yes, it's just a comment and yes, it's so insignificant that everyone would make a "O_o" face. But I'm getting annoyed by things like this. Obviously that means no feature changes :-) Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-19 14:25:21 +01:00
# Google API keys, see:
# http://www.chromium.org/developers/how-tos/api-keys
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
# Note: These are for NixOS/nixpkgs use ONLY. For your own distribution,
# please get your own set of keys.
google_api_key = "AIzaSyDGi15Zwl11UNe6Y-5XW_upsfyw31qwZPI";
google_default_client_id = "404761575300.apps.googleusercontent.com";
google_default_client_secret = "9rIFQjfnkykEmqb6FfjJQD1D";
} // optionalAttrs proprietaryCodecs {
# enable support for the H.264 codec
proprietary_codecs = true;
chromium: add enable_hangout_services_extension=true to fix screensharing bug as suggested in: https://code.google.com/p/chromium/issues/detail?id=416856#c53
2015-10-07 17:42:24 +01:00
enable_hangout_services_extension = true;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
ffmpeg_branding = "Chrome";
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
} // optionalAttrs pulseSupport {
use_pulseaudio = true;
link_pulseaudio = true;
} // (extraAttrs.gnFlags or {}));
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
configurePhase = ''
chromium.mkDerivation: run {pre,post}Configure This allows us to add custom steps.
2017-02-08 19:48:05 +00:00
runHook preConfigure
gn: remove Chromium depends on bundled versioon of gn. It's also chromium-specific build tool, so it's not feasible to package.
2017-02-08 19:40:39 +00:00
# Build gn
python tools/gn/bootstrap/bootstrap.py -v -s --no-clean
PATH="$PWD/out/Release:$PATH"
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
# This is to ensure expansion of $out.
libExecPath="${libExecPath}"
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
python build/linux/unbundle/replace_gn_files.py \
--system-libraries ${toString gnSystemLibraries}
gn gen --args=${escapeShellArg gnFlags} out/Release
chromium.mkDerivation: run {pre,post}Configure This allows us to add custom steps.
2017-02-08 19:48:05 +00:00
runHook postConfigure
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
'';
buildPhase = let
chromium: try to hack around Hydra problems Discussion: https://github.com/NixOS/nixpkgs/commit/e8f1ddcbd1d
2017-09-01 11:24:47 +01:00
# Build paralelism: on Hydra the build was frequently running into memory
# exhaustion, and even other users might be running into similar issues.
# -j is halved to avoid memory problems, and -l is slightly increased
# so that the build gets slight preference before others
# (it will often be on "critical path" and at risk of timing out)
chromium: Update all channels to latest versions. With this commit, the following new upstream versions are introduced: stable: 36.0.1985.125 -> 37.0.2062.94 beta: 37.0.2062.58 -> 37.0.2062.94 dev: 38.0.2107.3 -> 38.0.2125.8 All channels built fine on my machine and were tested against a few sites. Stable and beta channel now contain the same release, because version 37 hit the stable channel. For release notes, please have a look at the announcement: http://googlechromereleases.blogspot.de/2014/08/stable-channel-update_26.html Of course we're also dropping all version 36 specific crap, such as the architecture-specific target suffix for builds, which now is no longer needed. The gyp flag use_mojo=0 is no longer needed, as it was a workaround concerning version 37.0.2054.3 only. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-13 03:49:53 +01:00
buildCommand = target: ''
chromium.mkDerivation: use ninja from nativeBuildInputs Also move Python packages there.
2017-02-08 19:47:07 +00:00
ninja -C "${buildPath}" \
chromium: try to hack around Hydra problems Discussion: https://github.com/NixOS/nixpkgs/commit/e8f1ddcbd1d
2017-09-01 11:24:47 +01:00
-j$(( ($NIX_BUILD_CORES+1) / 2 )) -l$(( $NIX_BUILD_CORES+1 )) \
chromium: Update all channels to latest versions. With this commit, the following new upstream versions are introduced: stable: 36.0.1985.125 -> 37.0.2062.94 beta: 37.0.2062.58 -> 37.0.2062.94 dev: 38.0.2107.3 -> 38.0.2125.8 All channels built fine on my machine and were tested against a few sites. Stable and beta channel now contain the same release, because version 37 hit the stable channel. For release notes, please have a look at the announcement: http://googlechromereleases.blogspot.de/2014/08/stable-channel-update_26.html Of course we're also dropping all version 36 specific crap, such as the architecture-specific target suffix for builds, which now is no longer needed. The gyp flag use_mojo=0 is no longer needed, as it was a workaround concerning version 37.0.2054.3 only. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-13 03:49:53 +01:00
"${target}"
chromium: 62.0.3202.75 -> 62.0.3202.89 Includes security fixes for CVE-2017-15398 and CVE-2017-15399. Also fixes builds for beta and dev branches: - backport https://webrtc-review.googlesource.com/9384 to fix build for new webrtc revision - for dev branch fix gn bootstrap, see https://chromium-review.googlesource.com/758584 - for 63+ manpage now is not generated during ninja build, it is processed with sed using packagers tools included in sources
2017-11-08 22:44:20 +00:00
(
source chrome/installer/linux/common/installer.include
PACKAGE=$packageName
MENUNAME="Chromium"
process_template chrome/app/resources/manpage.1.in "${buildPath}/chrome.1"
)
chromium: 62.0.3202.94 -> 63.0.3239.84 New stable release with bunch of security fixes and other changes [0] Also: * remove patch for dev already landed upstream * remove patches specific to version 62 * dev is broken again, need to investigate failures [0] https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
2017-12-08 03:44:06 +00:00
'' + optionalString (target == "mksnapshot" || target == "chrome") ''
paxmark m "${buildPath}/${target}"
chromium: Add support for grsecurity
2014-04-25 02:58:33 +01:00
'';
targets = extraAttrs.buildTargets or [];
commands = map buildCommand targets;
in concatStringsSep "\n" commands;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
};
# Remove some extraAttrs we supplied to the base attributes already.
in stdenv.mkDerivation (base // removeAttrs extraAttrs [
chromium: Build with GN unconditionally Previously I've added the extra file common-gn.nix in addition to common.nix, so we can possibly have a smooth transition from current stable to the new version 54. Unfortunately, version 53 is already EOL and we have to move to version 54 as soon as possible so we can only use GN and thus it doesn't make sense to provide expressions for GYP anymore. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-29 03:05:53 +01:00
"name" "gnFlags" "buildTargets"
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 06:36:26 +01:00
])
Copy permalink