Firefox has been crashy during the 106 cycle on my laptop, so I saw the
crashreporter more often than not. In the terminal spew I found
> Failed to open curl lib from binary, use libcurl.so instead
and the GUI told me submitting the report had failed. Not great if you
actually except to have your bugs fixed at some point.
https://discourse.gnome.org/t/split-and-rename-of-chrome-gnome-shell/11075815ec9e1af...v42.0
- Renamed and split into a separate repo from the extensions.
- CMake build replaced with Meson (jq also not needed)
- requests Python module not needed since updates are now solely handled by GNOME Shell itself
Also
- Corrected license
- Cleaned up the module
- Replaced PYTHONPATH in a wrapper by Python environment
Changelog-Reviewed-By: Jan Tojnar <jtojnar@gmail.com>
The xdg-open utility is only ever a runtime dependency and its
dependents only expect that it accept a URI as a command line
argument and do something with it that the user would expect.
For such as a trivial relationship it should be possible for
users to override xdg-open with something else in their PATH.
Before the change separate-debug-info.sh did the stripping itself.
This scheme has a few problems:
1. Stripping happens only on ELF files. *.a and *.o files are skipped.
Derivations have to do it manually. Usually incorrectly
as they don't run $RANLIB (true for `glibc` and `musl`).
2. Stripping happens on all paths. Ideally only `stripDebugList` paths
should be considered.
3. Host strip is called on Target files.
This change offloads stripping logic to strip hook. This strips more
files for `glibc` and `musl`. Now we can remove most $STRIP calls
from individual derivations.
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Firefox 61 started to enforce signatures for add-ons and since
commit d031843a1e, we get an evaluation
error that recommends the user to switch to Firefox ESR.
This isn't an option for everyone and as I also pointed out in the pull
request[1] introducing the above commit, I've been building Firefox like
this:
let
firefoxNoSigning = firefox-unwrapped.overrideAttrs (lib.const {
MOZ_REQUIRE_SIGNING = false;
});
in wrapFirefox firefoxNoSigning {
nixExtensions = ...;
}
However, this only works after manually modifying nixpkgs (or copy &
paste wrapper.nix elsewhere) every time I want to have a new Firefox
version. Of course, this gets annoying and tedious after a while, so
this motivated me to properly fix this to not only check for an ESR
version but also check the value of MOZ_REQUIRE_SIGNING.
Note that I'm using toString here to check for the value because there
are several ways (false, null, "", ...) to set the environment variable
to an empty string and toString makes sure that it really is the desired
behaviour. I specifically checked the Firefox source and also tested
this with multiple values and only building with MOZ_REQUIRE_SIGNING
set to an empty string seems to work (no "0", "false" or other
variants).
Additionally, there is another method to allow unsigned add-ons, which
is by using the --with-unsigned-addon-scopes configure option[2].
Unfortunately, this does not work with nixExtensions because we don't
have (or want) a central directory where those add-ons reside.
Given that nixExtensions disallows manually installing add-ons, setting
MOZ_REQUIRE_SIGNING to false should be safe in this case.
[1]: https://github.com/NixOS/nixpkgs/pull/133504
[2]: https://bugs.archlinux.org/task/63075
Signed-off-by: aszlig <aszlig@nix.build>
Fixes a regression caused by an update to rust-cbindgen 0.24.x, where
the definition for ROOT_CLIP_CHAIN is now autogenerated and causes the
build to abort with a redefinition error.
https://bugzilla.mozilla.org/show_bug.cgi?id=1773259
Patch by Ollivier Tilloy from Canonical
5622734942
Without the change firefox build on i686 fails at configure time:
$ NIXPKGS_ALLOW_BROKEN=1 nix build -f. --argstr system "i686-linux" firefox
...
mozbuild.configure.options.InvalidOptionError:
'--enable-release' implied by 'MOZILLA_OFFICIAL' conflicts with '--disable-release' from the command-line
The change uses the same 32-bit guard for both. It still does not allow
i686 build to succeed for other toolchain misconfiguration, but it's a
step forward.
`onepin-opensc-pkcs11.so` only enables PIN1, but PIN2 is also required.
`opensc-pkcs11.so` enables all slots.
I can successfully use PIN1 and PIN2 in Smart-ID cards with this.
Use Mozilla Location Service as geolocation provider for new profiles,
since our Google API key does not seem to work for geolocation at this
time.
Related: https://github.com/NixOS/nixpkgs/issues/173758
We have received our very own API key for Mozilla Location Services and
have been recognized as a Public Interest Project, implying a rate limit
of 100k daily requests¹, which should be sufficient for our population.
N.B: This key belongs to the NixOS project, please don't use ours, but
instead request your own.
[1] https://location.services.mozilla.com/terms
Adds a distribution id useful for aggregation of crash statistics.
Also creates a NixOS flavor, visible through the About window, that is
also exposed through telemetry data, if enabled.
With Firefox 100.0 the following deprecation warning comes up:
> The "MACH_USE_SYSTEM_PYTHON" environment variable is deprecated,
> please unset it or replace it with either
> "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system" or
> "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=none"
And since we want to continue using our own python we're going for the
system value when the version is at least 100.0.
Thie zip bundle in this output is used in the dumps sent by the
crashreporter. For this to happen we need to upload this zip file to
https://symbols.mozilla.org, which is a separate effort.
A small shell script that can be used to extract a binary wrapper's
makeCWrapper call from its embedded docstring, without depending on
makeBinaryWrapper.
Simplifies Firefox maintenance. See #160520
- make the firefox common.nix available from the top level as
buildMozillaMach
- use new buildMozillaMach function in librewolf expressions
- minor changes to update script
We can't just edit binary wrappers in place because of a length
mismatch, so we have to parse the generating makeCWrapper call out of
the binary, extract wrapper arguments from it and add them to the
Firefox wrapper.
All these contortions are needed because Firefox looks for its runtime
in argv0, so the proper argv0 needs to be set by wrappers to always
point to the "final" runtime. I think this could be avoided by wrapping
/lib/$libName/firefox instead of /bin/firefox, and I'd like to look into
that in the future, but for now I'm just fixing the immediate problem.
This makes it easier to report bugs upstream and ensures that NixOS user crashes are fixed.
Based on my testing these reports weren't automatically submitted anyways so the privacy concern is minimal. For my crashes it both asked my if a crash report should be produced after a crash, and required manual sending. Although possibly the report world eventually be sent automatically.
Fixes https://github.com/NixOS/nixpkgs/issues/107889
Firefox uses a sandboxing model that only allows access to paths that
were previously explicitly granted. We can only add granular permissions
to a specific sandbox by patching, because setting LD_LIBRARY_PATH would
affect all of them.
To use hardware decoding via VA-API with Firefox 98.0.2 one needs to
head to `about:config` and enable `media.ffmpeg.vaapi.enabled`.
Closes: #157061
Both LTO and PGO require the use of clang so I think its easier to just
stick with clang for all builds, so PGO and LTO could in theory be used
without each other.
Lo and behold, we're finally catching up with Mozillas very own firefox
build in terms of speed.
PGO is an optimization technique in which in a first step we create a
build that supports instrumentation, meaning we can use it to create a
profile of how the browser behaved during usage. Then in a second pass
we create the final build that uses the acquired profiling data to
optimize the browser for the workload it actually received during
profiling.
The downside is that with PGO we now need to build Firefox twice, which
increases the build time from around 20 minutes to roughly 50 minutes.
In the Speedometer 2.0 benchmark multiple tests could see a
responsiveness improvemeant around 20-25%, which makes the increased
build time well worth it.
Sadly this benefit seems limited to x86_64-linux, builds on
aarch64-linux get stuck during profiling and I haven't found out why.
Finally, after a long time, we can say:
Closes: #76484
Supersedes: #129503
In #109133 @alyssais discovered that the drmSupport flag stopped
working. This is because Mozilla decided around Firefox 51
(mozbz#1289634) to swap the default values and our flag was asking for
the wrong thing all along.
Since this flag has now been enabled for multiple years, disabling it
would mean a regression for our users. Leaving it enabled should be
unproblematic since it only controls whether Firefox shows the EME nagbar,
that allows to enable Widevine CDM, when a site requests it. The choice is
therefore completely up to the enduser.
Disabling this nagbar is still possible at runtime by setting
`browser.eme.ui.enabled` to `false`. If Widevine CDM was inadvertently
enabled it can be disabled at `media.gmp-widevinecdm.enabled`.
Supersedes: #109133
It is normal for such a large derivation to accumulate mixed codestyles
over all those years making it harder to maintain.
By splitting up dependencies to one per line I noticed two unused
dependencies (hunspell, sqlite) that were removed in this change.
Also most lists are now sorted alphabetically, so reasoning about them
has become much easier.
Lists now use the same style for indentation and concat, and environment
variables are all defined in preConfigure as opposed to bare in the
derivation.
The object dir, firefox build directory, is now in a predictable
directory at ${pwd}/mozobj as opposed to ${pwd}/obj-@CONFIG_GUESS@,
saving us one wildcard expansion. This is also a good prepration for the
PGO build where we need to reference bits inside this directory.
Added a few comments and clarified others from what I've learned how the
firefox build works.
Since Firefox 51 the --enable-system-ffi flag was renamed to
--with-systemd-ffi when it moved to the javascript toolkit parts. Rename
the flag accordingly and reintroduce the dependency.
mozbz#1294803
Darwin support was marked broken in 2019 with Firefox 69 and has missed
therefore missed out and not been tested on the following 29 major
releases since.
It cannot be supported again without a darwin user stepping up to take
care and work on and test every major release, which hasn't happened
since I took over maintainership.
The recommendation of the people that tend to the firefox source build
is for darwin users to use firefox-bin instead.
Firefox does not support passing pipewire as a system library and
instead relies on a vendored copy it ships. We keep the flag because it
is tied into the wrapper, because we still need to have access to its
libraries at runtime.
Tied to the geolocation support flag. On Linux this uses the DBus
interface of NetworkManager to query visible accesspoints and relay them
to Mozilla location service in return for position approximation.
This is for consistency with other extra arguments that can be handed to
firefox common.nix.
Also pull the patch phase of the derivation closer together and use the
same list concat style as elsewhere.
With Firefox 98.0 the remoting name now depends on the update channel
(mozbz#1752418), which resulted in a weird app_id/wmclass of
`firefox-default`, which broke window association in GNOME and likely
other desktops.
Fixes: #165107
Conflict in pkgs/development/libraries/libvirt/default.nix
required manual adjustments. The fetched patch is already in src.
I checked that libvirt builds.
