mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-24 22:50:49 +00:00
Code Issues Wiki Activity

Merge pull request #127067 from taku0/firefox-89.0.1

Browse source 
firefox, firefox-bin: 89.0 -> 89.0.1  [Moderate security fix]
This commit is contained in:
Bernardo Meurer 2021-06-18 10:35:57 -07:00 committed by GitHub
parent 4d84708a4d eaef28d6c4
commit ec97be764a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 407 additions and 394 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
pkgs/applications/networking/browsers/firefox-bin/mozilla.asc
View file

Binary file not shown.

778
pkgs/applications/networking/browsers/firefox-bin/release_sources.nix
View file

File diff suppressed because it is too large Load diff

2
pkgs/applications/networking/browsers/firefox-bin/update.nix
View file

@ -26,7 +26,7 @@ in writeScript "update-${name}" ''
HOME=`mktemp -d`
export GNUPGHOME=`mktemp -d`
gpg --import ${./mozilla.asc}
gpg --receive-keys 14F26682D0916CDD81E37B6D61B7B526D98F0353
tmpfile=`mktemp`
url=${baseUrl}

5
pkgs/applications/networking/browsers/firefox/packages.nix
View file

@ -7,10 +7,10 @@ in
rec {
firefox = common rec {
pname = "firefox";
ffversion = "89.0";
ffversion = "89.0.1";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${ffversion}/source/firefox-${ffversion}.source.tar.xz";
sha512 = "5089720feda15d054d0aa4c3bdeb84760314dadd6381d7360e688d8e396154868220c6315add650d8d2a42652cb8a9bfeb833885812ef0bd70a74ee58ad18aa3";
sha512 = "67da387b3b6c5a110c83208f9a15d6064adf423bbebfb0fcad2d85f6c4b615b27da0cbd5486b817f0d5e040bc3e70d74d9af72599b24384397fef1dd153bd3f3";
};
meta = {
@ -51,6 +51,7 @@ rec {
tests = [ nixosTests.firefox-esr ];
updateScript = callPackage ./update.nix {
attrPath = "firefox-esr-78-unwrapped";
versionSuffix = "esr";
versionKey = "ffversion";
};
};

16
pkgs/applications/networking/browsers/firefox/update.nix
View file

@ -6,6 +6,7 @@
, gnused
, gnugrep
, curl
, gnupg
, attrPath
, runtimeShell
, baseUrl ? "http://archive.mozilla.org/pub/firefox/releases/"
@ -15,7 +16,12 @@
writeScript "update-${attrPath}" ''
#!${runtimeShell}
PATH=${lib.makeBinPath [ common-updater-scripts coreutils curl gnugrep gnused xidel ]}
PATH=${lib.makeBinPath [ common-updater-scripts coreutils curl gnugrep gnupg gnused xidel ]}
set -eux
HOME=`mktemp -d`
export GNUPGHOME=`mktemp -d`
gpg --receive-keys 14F26682D0916CDD81E37B6D61B7B526D98F0353
url=${baseUrl}
@ -31,5 +37,11 @@ writeScript "update-${attrPath}" ''
sort --version-sort | \
tail -n 1`
update-source-version ${attrPath} "$version" "" "" --version-key=${versionKey}
curl --silent --show-error -o "$HOME"/shasums "$url$version/SHA512SUMS"
curl --silent --show-error -o "$HOME"/shasums.asc "$url$version/SHA512SUMS.asc"
gpgv --keyring="$GNUPGHOME"/pubring.kbx "$HOME"/shasums.asc "$HOME"/shasums
hash=$(grep '\.source\.tar\.xz$' "$HOME"/shasums | grep '^[^ ]*' -o)
update-source-version ${attrPath} "$version" "$hash" "" --version-key=${versionKey}
''