The xdg-open utility is only ever a runtime dependency and its
dependents only expect that it accept a URI as a command line
argument and do something with it that the user would expect.
For such as a trivial relationship it should be possible for
users to override xdg-open with something else in their PATH.
Before the change separate-debug-info.sh did the stripping itself.
This scheme has a few problems:
1. Stripping happens only on ELF files. *.a and *.o files are skipped.
Derivations have to do it manually. Usually incorrectly
as they don't run $RANLIB (true for `glibc` and `musl`).
2. Stripping happens on all paths. Ideally only `stripDebugList` paths
should be considered.
3. Host strip is called on Target files.
This change offloads stripping logic to strip hook. This strips more
files for `glibc` and `musl`. Now we can remove most $STRIP calls
from individual derivations.
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Firefox 61 started to enforce signatures for add-ons and since
commit d031843a1e, we get an evaluation
error that recommends the user to switch to Firefox ESR.
This isn't an option for everyone and as I also pointed out in the pull
request[1] introducing the above commit, I've been building Firefox like
this:
let
firefoxNoSigning = firefox-unwrapped.overrideAttrs (lib.const {
MOZ_REQUIRE_SIGNING = false;
});
in wrapFirefox firefoxNoSigning {
nixExtensions = ...;
}
However, this only works after manually modifying nixpkgs (or copy &
paste wrapper.nix elsewhere) every time I want to have a new Firefox
version. Of course, this gets annoying and tedious after a while, so
this motivated me to properly fix this to not only check for an ESR
version but also check the value of MOZ_REQUIRE_SIGNING.
Note that I'm using toString here to check for the value because there
are several ways (false, null, "", ...) to set the environment variable
to an empty string and toString makes sure that it really is the desired
behaviour. I specifically checked the Firefox source and also tested
this with multiple values and only building with MOZ_REQUIRE_SIGNING
set to an empty string seems to work (no "0", "false" or other
variants).
Additionally, there is another method to allow unsigned add-ons, which
is by using the --with-unsigned-addon-scopes configure option[2].
Unfortunately, this does not work with nixExtensions because we don't
have (or want) a central directory where those add-ons reside.
Given that nixExtensions disallows manually installing add-ons, setting
MOZ_REQUIRE_SIGNING to false should be safe in this case.
[1]: https://github.com/NixOS/nixpkgs/pull/133504
[2]: https://bugs.archlinux.org/task/63075
Signed-off-by: aszlig <aszlig@nix.build>
Fixes a regression caused by an update to rust-cbindgen 0.24.x, where
the definition for ROOT_CLIP_CHAIN is now autogenerated and causes the
build to abort with a redefinition error.
https://bugzilla.mozilla.org/show_bug.cgi?id=1773259
Patch by Ollivier Tilloy from Canonical
5622734942
Without the change firefox build on i686 fails at configure time:
$ NIXPKGS_ALLOW_BROKEN=1 nix build -f. --argstr system "i686-linux" firefox
...
mozbuild.configure.options.InvalidOptionError:
'--enable-release' implied by 'MOZILLA_OFFICIAL' conflicts with '--disable-release' from the command-line
The change uses the same 32-bit guard for both. It still does not allow
i686 build to succeed for other toolchain misconfiguration, but it's a
step forward.
`onepin-opensc-pkcs11.so` only enables PIN1, but PIN2 is also required.
`opensc-pkcs11.so` enables all slots.
I can successfully use PIN1 and PIN2 in Smart-ID cards with this.
Use Mozilla Location Service as geolocation provider for new profiles,
since our Google API key does not seem to work for geolocation at this
time.
Related: https://github.com/NixOS/nixpkgs/issues/173758
We have received our very own API key for Mozilla Location Services and
have been recognized as a Public Interest Project, implying a rate limit
of 100k daily requests¹, which should be sufficient for our population.
N.B: This key belongs to the NixOS project, please don't use ours, but
instead request your own.
[1] https://location.services.mozilla.com/terms
Adds a distribution id useful for aggregation of crash statistics.
Also creates a NixOS flavor, visible through the About window, that is
also exposed through telemetry data, if enabled.
