- use context in prefix/suffix substitution
specifically, if we have keywords, explicitly allow for them in prefix
Allow for substitution "anywhere" in actions
And allow for manpage extension for suffixes
- never propose a substitution for TRUEPREFIX, it shouldn't even be there
(still need PREFIX vs LOCALBASE desambiguation)
- create the sorted variables list in finalize, so we can add more meat
- allow for MACHINE_ARCH-openbsd (perl)
- be more specific for new substs, we allow substs if the value just appeared
- do not count variables we don't backsubst as duplicate value, this should
solve DISTNAME vs FULLPKGNAME
- always display the full plist filename, as it is more useful for scripts
who do not need to known the cwd
- do backsubst inside LIBxxx_VERSION variable names
- pass context to backsubst
See https://www.mozilla.org/en-US/firefox/60.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
- Add initial/wip pledge() support, with distinct subsets for main &
content processes. The promises are runtime-configurable for now via
about:config knobs to ease debugging/testing. They're printed on stderr
when applied by the sandboxing codepaths (cf
patch-toolkit_xre_nsAppRunner_cpp and patch-dom_ipc_ContentChild_cpp).
- Add a bunch of patches (patch-widget_nsShmImage_cpp,
patch-xpcom_base_nsDebugImpl_cpp, patch-mozglue_misc_TimeStamp_posix_cpp and
patch-xpcom_base_nsMemoryReporterManager_cpp) to neuter non-critical
codepaths that calls pledge-forbidden syscalls.
- All this pledge() stuff being currently discussed upstream in
https://bugzilla.mozilla.org/show_bug.cgi?id=1457092 and done at p2k18.
Been running with it since then, and i'm fairly confident the pledge
subsets i come up with are now enough for most usages.
If you encounter crashes due to pledge, look into your kernel log, and
try to figure out what missing pledge is needed or what firefox codepath
hits it.
So far i know 'getpw' might be needed when uploading files but i havent
hit it, and 'proc' might be needed by the content process when there's
no dbus daemon running, but they're not needed in the 'common case', and
too broad.
- While here, tweak defaults to disable the pocket extension, and try to
disable the activity-stream/sponsored content that is being shown by
default on the new tab page in new profiles. Stop the madness, plz.
game engine.
ok sthen@
julius is an open source re-implementation of the Caesar III game
engine.
In Caesar III, players take on the role of a Roman governor, tasked with
building up a grand Roman city, in which they must ensure their citizens
have their needs met, that their city is safe and profitable, while
meeting various goals set for them and dealing with various disasters,
angry gods and hostile enemies.
While this package and the game engine are open source, one still needs
to provide the original game assets from Caesar III, which is not open
source. You will need to purchase the original game to use this package.
