b044585b88
Via `sed` instead of a patch, in the hope that it might be less of a maintenance burden compared to patch witch changes in the file to patch with subsequent upstream releases. Should only be merged once it's ensured there are no unforseen side effects when built with the Plugin Certificates removed.
293 lines
8.8 KiB
Bash
293 lines
8.8 KiB
Bash
# Maintainer: ohfp
|
|
# Contributor: Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
|
|
# Contributor: Ionut Biru <ibiru@archlinux.org>
|
|
# Contributor: Jakub Schmidtke <sjakub@gmail.com>
|
|
|
|
pkgname=librewolf
|
|
_pkgname=LibreWolf
|
|
# how to get ci vars instead?
|
|
pkgver=75.0
|
|
pkgrel=2
|
|
pkgdesc="Community-maintained fork of Firefox, focused on privacy, security and freedom."
|
|
arch=(x86_64 aarch64)
|
|
license=(MPL GPL LGPL)
|
|
url="https://librewolf-community.gitlab.io/"
|
|
depends=(gtk3 libxt startup-notification mime-types dbus-glib ffmpeg nss
|
|
ttf-font libpulse)
|
|
makedepends=(unzip zip diffutils python2-setuptools yasm mesa imake inetutils
|
|
xorg-server-xvfb autoconf2.13 rust clang llvm jack gtk2
|
|
python nodejs python2-psutil cbindgen nasm git binutils)
|
|
optdepends=('networkmanager: Location detection via available WiFi networks'
|
|
'libnotify: Notification integration'
|
|
'pulseaudio: Audio support'
|
|
'speech-dispatcher: Text-to-Speech'
|
|
'hunspell-en_US: Spell checking, American English')
|
|
options=(!emptydirs !makeflags !strip)
|
|
source=(https://archive.mozilla.org/pub/firefox/releases/$pkgver/source/firefox-$pkgver.source.tar.xz
|
|
$pkgname.desktop
|
|
"git+https://gitlab.com/${pkgname}-community/browser/common.git"
|
|
"git+https://gitlab.com/${pkgname}-community/settings.git"
|
|
"remove_addons.patch")
|
|
sha256sums=('bbb1054d8f2717c634480556d3753a8483986af7360e023bb6232df80b746b0f'
|
|
'0471d32366c6f415f7608b438ddeb10e2f998498c389217cdd6cc52e8249996b'
|
|
'SKIP'
|
|
'SKIP'
|
|
'24b75ba55cb4a2c9a088a22279a1f07fd3b8f3ef4f47774c0c12b79f4bfad124')
|
|
|
|
if [[ $CARCH == 'aarch64' ]]; then
|
|
source+=(arm.patch
|
|
https://raw.githubusercontent.com/archlinuxarm/PKGBUILDs/master/extra/firefox/build-arm-libopus.patch)
|
|
sha256sums+=('6ca87d2ac7dc48e6f595ca49ac8151936afced30d268a831c6a064b52037f6b7'
|
|
'2d4d91f7e35d0860225084e37ec320ca6cae669f6c9c8fe7735cdbd542e3a7c9')
|
|
fi
|
|
|
|
prepare() {
|
|
mkdir mozbuild
|
|
cd firefox-$pkgver
|
|
|
|
cat >../mozconfig <<END
|
|
ac_add_options --enable-application=browser
|
|
|
|
# This supposedly speeds up compilation (We test through dogfooding anyway)
|
|
ac_add_options --disable-tests
|
|
ac_add_options --disable-debug
|
|
|
|
ac_add_options --prefix=/usr
|
|
ac_add_options --enable-release
|
|
ac_add_options --enable-hardening
|
|
ac_add_options --enable-rust-simd
|
|
export CC='clang'
|
|
export CXX='clang++'
|
|
export AR=llvm-ar
|
|
export NM=llvm-nm
|
|
export RANLIB=llvm-ranlib
|
|
|
|
# Branding
|
|
ac_add_options --enable-update-channel=release
|
|
ac_add_options --with-app-name=${pkgname}
|
|
ac_add_options --with-app-basename=${_pkgname}
|
|
ac_add_options --with-branding=browser/branding/${pkgname}
|
|
ac_add_options --with-distribution-id=io.gitlab.${pkgname}
|
|
ac_add_options --with-unsigned-addon-scopes=app,system
|
|
ac_add_options --allow-addon-sideload
|
|
export MOZ_REQUIRE_SIGNING=0
|
|
|
|
# System libraries
|
|
ac_add_options --with-system-nspr
|
|
ac_add_options --with-system-nss
|
|
|
|
# Features
|
|
ac_add_options --enable-alsa
|
|
ac_add_options --enable-jack
|
|
ac_add_options --enable-startup-notification
|
|
ac_add_options --disable-crashreporter
|
|
ac_add_options --disable-gconf
|
|
ac_add_options --disable-updater
|
|
ac_add_options --disable-tests
|
|
|
|
# Disables crash reporting, telemetry and other data gathering tools
|
|
mk_add_options MOZ_CRASHREPORTER=0
|
|
mk_add_options MOZ_DATA_REPORTING=0
|
|
mk_add_options MOZ_SERVICES_HEALTHREPORT=0
|
|
mk_add_options MOZ_TELEMETRY_REPORTING=0
|
|
|
|
# options for ci / weaker build systems
|
|
# mk_add_options MOZ_MAKE_FLAGS="-j4"
|
|
# ac_add_options --enable-linker=gold
|
|
END
|
|
|
|
if [[ $CARCH == 'aarch64' ]]; then
|
|
cat >>../mozconfig <<END
|
|
# taken from manjaro build:
|
|
ac_add_options --enable-optimize="-g0 -O2"
|
|
# from ALARM
|
|
# ac_add_options --disable-webrtc
|
|
|
|
END
|
|
|
|
export MOZ_DEBUG_FLAGS=" "
|
|
export CFLAGS+=" -g0"
|
|
export CXXFLAGS+=" -g0"
|
|
export RUSTFLAGS="-Cdebuginfo=0"
|
|
|
|
export LDFLAGS+=" -Wl,--no-keep-memory -Wl,--reduce-memory-overheads"
|
|
patch -p1 -i ../arm.patch
|
|
patch -p1 -i ../build-arm-libopus.patch
|
|
# do we need those for aarch64 as well?
|
|
# well, let's try it without them ^^
|
|
# patch -p1 -i ../fix-armhf-webrtc-build.patch
|
|
# patch -p1 -i ../webrtc-fix-compiler-flags-for-armhf.patch
|
|
|
|
else
|
|
|
|
cat >>../mozconfig <<END
|
|
# probably not needed, enabled by default?
|
|
ac_add_options --enable-optimize
|
|
END
|
|
fi
|
|
|
|
# Remove some pre-installed addons that might be questionable
|
|
patch -p1 -i ../remove_addons.patch
|
|
|
|
# Disabling Pocket
|
|
sed -i "s/'pocket'/#'pocket'/g" browser/components/moz.build
|
|
# this one only to remove an annoying error message:
|
|
sed -i 's#SaveToPocket.init();#// SaveToPocket.init();#g' browser/components/BrowserGlue.jsm
|
|
|
|
# Remove Internal Plugin Certificates
|
|
_cert_sed='s#if (aCert.organizationalUnit == "Mozilla [[:alpha:]]\+") {\n'
|
|
_cert_sed+='[[:blank:]]\+return AddonManager\.SIGNEDSTATE_[[:upper:]]\+;\n'
|
|
_cert_sed+='[[:blank:]]\+}#'
|
|
_cert_sed+='// NOTE: removed#g'
|
|
sed -z "$_cert_sed" -i toolkit/mozapps/extensions/internal/XPIInstall.jsm
|
|
|
|
# allow SearchEngines option in non-ESR builds
|
|
sed -i 's#"enterprise_only": true,#"enterprise_only": false,#g' browser/components/enterprisepolicies/schemas/policies-schema.json
|
|
|
|
rm -f ${srcdir}/common/source_files/mozconfig
|
|
cp -r ${srcdir}/common/source_files/* ./
|
|
}
|
|
|
|
|
|
build() {
|
|
cd firefox-$pkgver
|
|
|
|
export MOZ_NOSPAM=1
|
|
export MOZBUILD_STATE_PATH="$srcdir/mozbuild"
|
|
|
|
# LTO needs more open files
|
|
ulimit -n 4096
|
|
|
|
# -fno-plt with cross-LTO causes obscure LLVM errors
|
|
# LLVM ERROR: Function Import: link error
|
|
CFLAGS="${CFLAGS/-fno-plt/}"
|
|
CXXFLAGS="${CXXFLAGS/-fno-plt/}"
|
|
|
|
# Do 3-tier PGO
|
|
echo "Building instrumented browser..."
|
|
|
|
if [[ $CARCH == 'aarch64' ]]; then
|
|
|
|
cat >.mozconfig ../mozconfig - <<END
|
|
ac_add_options --enable-profile-generate
|
|
END
|
|
|
|
else
|
|
|
|
cat >.mozconfig ../mozconfig - <<END
|
|
ac_add_options --enable-profile-generate=cross
|
|
END
|
|
|
|
fi
|
|
|
|
./mach build
|
|
|
|
echo "Profiling instrumented browser..."
|
|
./mach package
|
|
LLVM_PROFDATA=llvm-profdata \
|
|
JARLOG_FILE="$PWD/jarlog" \
|
|
xvfb-run -s "-screen 0 1920x1080x24 -nolisten local" \
|
|
./mach python build/pgo/profileserver.py
|
|
|
|
if [[ ! -s merged.profdata ]]; then
|
|
echo "No profile data produced."
|
|
return 1
|
|
fi
|
|
|
|
if [[ ! -s jarlog ]]; then
|
|
echo "No jar log produced."
|
|
return 1
|
|
fi
|
|
|
|
echo "Removing instrumented browser..."
|
|
./mach clobber
|
|
|
|
echo "Building optimized browser..."
|
|
|
|
if [[ $CARCH == 'aarch64' ]]; then
|
|
|
|
cat >.mozconfig ../mozconfig - <<END
|
|
ac_add_options --enable-lto
|
|
ac_add_options --enable-profile-use
|
|
ac_add_options --with-pgo-profile-path=${PWD@Q}/merged.profdata
|
|
ac_add_options --with-pgo-jarlog=${PWD@Q}/jarlog
|
|
END
|
|
|
|
else
|
|
|
|
cat >.mozconfig ../mozconfig - <<END
|
|
ac_add_options --enable-lto=cross
|
|
ac_add_options --enable-profile-use=cross
|
|
ac_add_options --with-pgo-profile-path=${PWD@Q}/merged.profdata
|
|
ac_add_options --with-pgo-jarlog=${PWD@Q}/jarlog
|
|
ac_add_options --enable-linker=gold
|
|
END
|
|
|
|
fi
|
|
|
|
./mach build
|
|
|
|
echo "Building symbol archive..."
|
|
./mach buildsymbols
|
|
}
|
|
|
|
package() {
|
|
cd firefox-$pkgver
|
|
DESTDIR="$pkgdir" ./mach install
|
|
|
|
local vendorjs="$pkgdir/usr/lib/$pkgname/browser/defaults/preferences/vendor.js"
|
|
|
|
install -Dvm644 /dev/stdin "$vendorjs" <<END
|
|
// Use system-provided dictionaries
|
|
pref("spellchecker.dictionary_path", "/usr/share/hunspell");
|
|
|
|
// Don't disable extensions in the application directory
|
|
// done in librewolf.cf
|
|
// pref("extensions.autoDisableScopes", 11);
|
|
END
|
|
|
|
cp -r ${srcdir}/settings/* ${pkgdir}/usr/lib/${pkgname}/
|
|
|
|
local distini="$pkgdir/usr/lib/$pkgname/distribution/distribution.ini"
|
|
install -Dvm644 /dev/stdin "$distini" <<END
|
|
[Global]
|
|
id=io.gitlab.${_pkgname}
|
|
version=1.0
|
|
about=LibreWolf
|
|
|
|
[Preferences]
|
|
app.distributor="LibreWolf Community"
|
|
app.distributor.channel=$pkgname
|
|
app.partner.librewolf=$pkgname
|
|
END
|
|
|
|
for i in 16 32 48 64 128; do
|
|
install -Dvm644 browser/branding/${pkgname}/default$i.png \
|
|
"$pkgdir/usr/share/icons/hicolor/${i}x${i}/apps/$pkgname.png"
|
|
done
|
|
install -Dvm644 browser/branding/librewolf/content/about-logo.png \
|
|
"$pkgdir/usr/share/icons/hicolor/192x192/apps/$pkgname.png"
|
|
|
|
# arch upstream provides a separate svg for this. we don't have that, so let's re-use 16.png
|
|
install -Dvm644 browser/branding/${pkgname}/default16.png \
|
|
"$pkgdir/usr/share/icons/hicolor/symbolic/apps/$pkgname-symbolic.png"
|
|
|
|
install -Dvm644 ../$pkgname.desktop \
|
|
"$pkgdir/usr/share/applications/$pkgname.desktop"
|
|
|
|
# Install a wrapper to avoid confusion about binary path
|
|
install -Dvm755 /dev/stdin "$pkgdir/usr/bin/$pkgname" <<END
|
|
#!/bin/sh
|
|
exec /usr/lib/$pkgname/librewolf "\$@"
|
|
END
|
|
|
|
# Replace duplicate binary with wrapper
|
|
# https://bugzilla.mozilla.org/show_bug.cgi?id=658850
|
|
ln -srfv "$pkgdir/usr/bin/$pkgname" "$pkgdir/usr/lib/$pkgname/librewolf-bin"
|
|
# Use system certificates
|
|
local nssckbi="$pkgdir/usr/lib/$pkgname/libnssckbi.so"
|
|
if [[ -e $nssckbi ]]; then
|
|
ln -srfv "$pkgdir/usr/lib/libnssckbi.so" "$nssckbi"
|
|
fi
|
|
}
|