This was required to solve the XPCOMGlueLoad error when building with
LTO. However, it turns out libxul.so is supposed to have some libraries
that are reported as not found by ldd. Setting the RPATH worked around
the error as it forced dependency resolution but failed to fix the real
issue of broken generation of dependentlibs.list.
The libraries that are reported as not found by ldd are supposed to be
dlopened through the logic found in nsXPCOMGlue.cpp. However since the
generation of dependentlibs.list is broken under LTO this did not
happen. Instead of pulling libwayland-client.so from the GTK libraries
it found the stub library first (libmozwayland.so). The stub library
causes (as it should) wl_display_connect to always return NULL which is
the cause of the segmentation fault and LTO breaking wayland support.
Remove the hardcoded path used for the XPCOMGlueLoad error workaround
in NIX_LDFLAGS. libunwind is still unfortunately needed. Once the issue
of the generation of dependentlibs.list being borked is fixed it should
remedy the wayland crash issue on LTO.
Firefox has a number of optional dependencies that get dlopened.
Instead of using patchelf to set the RPATH use LD_LIBRARY_PATH.
The motivation for this is we already set LD_LIBRARY_PATH in the
wrapper on Linux.
It only affected FF80 so place an upper bound restriction. See
bmo#1661096 for details.
This fixes substituteStream() warnings about missing patterns which
appeared in the logs.
It was added for nspr and nss back in the 55.0.3 to 56.0 upgrade. It
also served as a workaround for an undeclared gio-unix-2.0 dependency.
Sometime afterwards nspr was removed, leaving just the two. Since then,
upstream has added a declaration for gio-unix-2.0 (in FF62). As for the
nss include it seemingly has no purpose since current firefox builds
with it removed.
This check helps with making sure that we provide all the required
shared libraries to brave. If something is missing, the command will get
ENOENT, otherwise it should terminate normally.
The Brave package often seems to get very outdated. This is bad for a
browser, where vulnerabilities are high impact.
This change adds an update script, so that r-ryantm will suggest
updates. We find the latest version using their Debian package
database (since we are using the Debian package anyway).
After the fedora patches for screen sharing using pipewire got updated
for Firefox 83 (pipewire was inlined there), the nixpkgs buildInput
pipewire got stripped from the resulting firefox binary and so firefox
was unable to actually get the shared stream from the running pipewire
service.
Adding pipewire to the firefox binary with `patchelf --add-needed`
makes it atually get the stream from the service.
Fixes: #106812