Includes fixes for CVE-2022-31736, CVE-2022-31737, CVE-2022-31738,
CVE-2022-31739, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, and
CVE-2022-31747.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Includes fixes for CVE-2022-1529 and CVE-2022-1802.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Includes fixes for CVE-2022-29909, CVE-2022-29911, CVE-2022-29912,
CVE-2022-29914, CVE-2022-29916, and CVE-2022-29917.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Includes fixes for CVE-2022-1097, CVE-2022-1196, CVE-2022-24713,
CVE-2022-28281, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, and
CVE-2022-28289.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Includes fixes for CVE-2022-26381, CVE-2022-26383, CVE-2022-26384,
CVE-2022-26386, and CVE-2022-26387.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Includes fixes for CVE-2022-26485 and CVE-2022-26486.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Includes fixes for CVE-2022-22754, CVE-2022-22756, CVE-2022-22759,
CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, and CVE-2022-22764.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
With "conflicts" resolved in (mostly in favor of master/staging):
gnu/packages/admin.scm
gnu/packages/gnuzilla.scm
gnu/packages/gtk.scm
gnu/packages/kerberos.scm
gnu/packages/linux.scm
guix/lint.scm
This improves the performance quite a bit.
* gnu/packages/gnuzilla.scm (icedove)[arguments]: setenv's for LLVM and clang.
[native-inputs]: Switch to version 11 of `clang` and `llvm` like Icecat
does.
* gnu/packages/gnuzilla.scm (icecat-source): Set XZ_DEFAULTS to
%xz-parallel-args to enable parallel compression and hasten the build. Remove
trailing #t.
Includes fixes for CVE-2021-43536, CVE-2021-43537, CVE-2021-43538,
CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543,
CVE-2021-43545, CVE-2021-43546, and MOZ-2021-0009.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Remove icecat-CVE-2021-43527.patch, which is now included
in upstream icecat. Update the gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-CVE-2021-43527.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/icecat-CVE-2021-43527.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat-source): Apply it.
No longer required as icedove is now based on the 91 branch.
* gnu/packages/gnuzilla.scm (mozilla-78-compare-locales): Remove.
(all-mozilla-78-locales): Remove.
(%icecat-78-version): Remove.
(icecat-78-source): Remove.
The profile folder moved from `~/.icedove` to `~/.thunderbird`. You may
need to migrate (copy) your profile over.
* gnu/packages/gnuzilla.scm (icedove): Update to 91.3.2.
[source]: Switch back to icecat-source.
[arguments]: `obj-x86_64-pc-linux-gnu` folder is now generated during
build, so it can't deleted in front. Remove surounding `'` from
MOZ_DEDICATED_PROFILES to follow source code. MOZ_APP_BASENAME and
MOZ_APP_DISPLAYNAME are no longer set in `comm/mail/confvars.sh`. Update
path of `customizeToolbar.js`.
Delete `'bootstrap` phase and no longer set AUTOCONF variable as the
autoconf build part was removed. Set MACH_USE_SYSTEM_PYTHON and
MOZ_APP_NAME, the latter is the binary name.
`--enable-calendar` flag got removed. Use bundled NSS until
core-updates merge.
[inputs]: Update to `icu4c-69` and `nspr-4.32`. Use bundled NSS for now.
[native-inputs]: Switch to comm-esr91 branch. Remove autoconf, add m4.
Update rust and cargo to 1.51. Use `rust-cbindgen-0.19`.
* gnu/packages/gnuzilla.scm (icecat)[configure-flags]: Add the
--enable-geckodriver flag.
[phases]{install}: Also install the 'geckodriver' command.
[description]: Mention the existence of 'geckodriver'.
The older Rusts are made private variables; they shouldn't be used by users as
they are not tested and are only built at stage 1, which makes them unsuitable
to compile Rust applications.
* gnu/packages/crates-io.scm (rust-cargo-0.53)[arguments]: Remove #:rust
argument.
(rust-cxx-1, rust-cxx-build-1, rust-cxx-gen-0.7): Likewise.
* gnu/packages/crates-io.scm
(rust-cxx-gen-0.7, rust-cxxbridge-macro-1, rust-postgres-0.19): Likewise.
(rust-rust-decimal-1, rust-sized-chunks-0.6, rust-socket2-0.4): Likewise.
(rust-tokio-postgres-0.7, rust-im-rc-15): Likewise.
* gnu/packages/gnome.scm (librsvg): Likewise.
* gnu/packages/gnuzilla.scm (mozjs-78): Likewise.
* gnu/packages/rust-apps.scm
(hyperfine, tectonic rust-analyzer, rust-cargo-c): Likewise.
* gnu/packages/shells.scm (nushell): Likewise.
* gnu/packages/syndication.scm (newsboat): Likewise.
* gnu/packages/rust.scm: (rust-1.39, rust-1.40, rust-1.41, rust-1.42)
(rust-1.43, rust-1.44, rust-1.45, rust-1.46, rust-1.47, rust-1.48, rust-1.49)
(rust-1.50, rust-1.51, rust-1.52, rust-1.53, rust-1.54): Make variables private.
Includes fixes for CVE-2021-38503, CVE-2021-38504, CVE-2021-38506,
CVE-2021-38507, CVE-2021-38508, CVE-2021-38509, MOZ-2021-0007, and
MOZ-2021-0008.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Mitigates <https://bugs.gnu.org/51478#29>.
* gnu/packages/gnuzilla.scm (icecat)[arguments]: In the
'build-sandbox-whitelist' phase, add
"/run/current-system/profile/share/fonts/" to the whitelist.
* gnu/packages/gnuzilla.scm (mozilla-compare-locales)
(all-mozilla-locales, %icecat-version, %icecat-build-id): Update.
(icecat-source): Update upstream source hash. Update to latest gnuzilla
commit. Remove the hack that provided 'rename' as 'prename'; set RENAME_CMD
environment variable instead. Add python to PATH. Set PYTHONPATH
appropriately. Adapt substitutions for the reorganized 'makeicecat' script.
Run 'makeicecat' outside of the IceCat source directory.
(icecat)[inputs]: Add cairo, font-dejavu, libpng-apng, libvpx, pciutils,
hunspell, libnotify, sqlite, and zlib. Update icu4c to version 69.
[native-inputs]: Update rust and cargo to 1.51. Update rust-cbindgen to 0.19.
Update llvm and clang to 11. Add m4. Remove autoconf.
[description]: Update embedded version number to 91.
[arguments]: Remove "#:out-of-source? #t". Add "#:validate-runpath? #f". In
configure-flags, add "--enable-application=browser", "--enable-rust-simd",
"--enable-release", "--enable-optimize", "--enable-strip",
"--disable-elf-hack", "--with-system-png", and "--with-system-zlib". Adjust
the set of modules. Remove the 'link-libxul-with-libraries' and 'bootstrap'
phases. Remove the sandbox whitelist population code from the
'fix-ffmpeg-runtime-linker' phase. Add a new 'build-sandbox-whitelist' phase.
The new whitelist code now adds <font-dejavu>/share/fonts to the whitelist,
and also the runpaths of all libraries in the 'mesa' package. Update the
'configure' phase to use clang-11 and llvm-11 for compilation (previously we
used gcc), to create a 'mozconfig' file and run './mach configure' (previously
we passed flags to './configure'). Update the 'build' and 'install' phases to
use './mach'. Update and simplify the 'neutralise-store-references' phase.
Move the 'install-desktop-entry' phase to happen after 'wrap-program', whereas
previously it was run after 'configure'. In the 'wrap-program' phase, add
libpng-apng and libnotify to LD_LIBRARY_PATH.
(mozilla-78-compare-locales, all-mozilla-78-locales, %icecat-78-version)
(icecat-78-source): New variables, containing the previous values of
mozilla-compare-locales, all-mozilla-locales, %icecat-version, and
icecat-source, respectively.
(icedove)[source]: Use 'icecat-78-source'.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to the reorganized
'makeicecat' script.
* gnu/packages/patches/icecat-78-makeicecat.patch: New file,
containing previous contents of icecat-makeicecat.patch.
* gnu/local.mk: Add icecat-78-makeicecat.patch.
This doesn't actually have any effect because the 'configure'
phase is replaced.
* gnu/packages/gnuzilla.scm (icecat)[build-system]: Use mozilla-build-system.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
Due to the use of 'inherit', all versions of mozjs are adjusted.
* gnu/packages/gnuzilla.scm
(mozjs)[build-system]: Adjust it.
(mozjs)[arguments]<#:configure-flags>: Remove now superfluous --target and
--host.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
The 'computed-origin-method' had been introduced to work around
limitations of the 'snippet' mechanism. The procedure was duplicated,
which made it hard to automatically detect packages using it.
* guix/packages.scm (computed-origin-method): Move procedure from...
* gnu/packages/gnuzilla.scm: ...here and...
* gnu/packages/gnuzilla.scm: ...there.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Presumably the other versions of mozjs need some changes
as well, but for now only fix mozjs@60, which is a dependency
of polkit.
* gnu/packages/gnuzilla.scm
(mozjs-60)[arguments]<#:configure-flags>: Set --with-nspr-prefix
and set --host and --target inappropriately when cross-compiling.
(mozjs-60)[arguments]<#:phases>{set-PKG_CONFIG}: New phase
when cross-compiling.
* gnu/packages/gnuzilla.scm (icedove)[inputs]: Add eudev.
[phases]: Add eudev to the wrapper.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Note: this merge actually changes the 'curl' and 'python-attrs' derivations,
as part of solving caf4a7a277 and
12964df69a respectively.
4604d43c0e (gnu: gnutls@3.6.16: Fix cross-compilation.) was ignored because it
cannot currently be tested.
Conflicts:
gnu/local.mk
gnu/packages/aidc.scm
gnu/packages/boost.scm
gnu/packages/curl.scm
gnu/packages/nettle.scm
gnu/packages/networking.scm
gnu/packages/python-xyz.scm
gnu/packages/tls.scm
This saves us a full build of icedove-wayland analogue to
chromium-wayland.
* gnu/packages/gnuzilla.scm (icedove-wayland)[inputs]: Add bash and
icedove.
[arguments]: Copy the binary over and wrap it for Wayland. As well as
the desktop-file and the license file.
Includes fixes for CVE-2021-23953, CVE-2021-23954, CVE-2020-26976,
CVE-2021-23960, and CVE-2021-23964.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Includes fixes for CVE-2020-16042, CVE-2020-26971, CVE-2020-26973,
CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35112, and
CVE-2020-35113.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
This follows up on 3eb34c66b4 which left an
unbound "nghttp2-1.41" variable.
* gnu/packages/node.scm (node): Update to 10.22.1.
(node-10.22): Remove variable.
* gnu/packages/gnuzilla.scm (icecat)[native-inputs]: Change from NODE-10.22 to
NODE.
(icedove)[native-inputs]: Likewise.
Includes fixes for CVE-2020-15999, CVE-2020-16012, CVE-2020-26951,
CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959,
CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26966, and
CVE-2020-26968.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Includes fixes for CVE-2020-15683 and CVE-2020-15969.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
nss@3.57 includes a critical fix for building on aarch64.
* gnu/packages/nss.scm (nss-3.56): Update to 3.57 and rename to
* nss-3.57.
* gnu/packages/gnuzilla.scm (icedove)[inputs]: Update nss variable name.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/gnuzilla.scm (icecat)[arguments]<phases>: In the
patch-cargo-checksums phase, replace the inner "find-files" call
with the already found file name.
Signed-off-by: Mark H Weaver <mhw@netris.org>
It was necessary for icedove@68 which is now based on icecat@78.
* gnu/packages/gnuzilla.scm (mozilla-68-compare-locales): Remove.
(all-mozilla-68-locales): Remove.
(%icecat-68-version): Remove.
(icecat-68-source): Remove.
* gnu/packages/patches/icecat-68-makeicecat.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
Modified-By: Mark H Weaver <mhw@netris.org>
Signed-off-by: Mark H Weaver <mhw@netris.org>
* gnu/packages/gnuzilla.scm (icedove): Update to 78.3.0.
[source]: Use source from Icecat 78.
[arguments]: Use more flexible approach for generating cargo checksums
from icecat. Update files in 'rename-to-icedove phase. Remove gone
configure flags and rename `--disable-ion` to `--disable-jit`.
[inputs]: Update icu4c to version 67 and nss to 3.56.
[native-inputs]: Use ESR 78 mercurial repo for thunderbird soruces.
Update rust and cargo to 1.41, rust-cbindgen to 0.14 and
node to 10.22.
Tested-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Signed-off-by: Mark H Weaver <mhw@netris.org>
Includes fixes for CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, and
CVE-2020-15678.
* gnu/packages/gnuzilla.scm (mozilla-compare-locales): Update to
RELEASE_8_0_0.
(all-mozilla-locales): Update to newer versions.
(mozilla-patch): Remove vestigial procedure.
(%icecat-version, %icecat-build-id): Update to 78.3.0-guix0-preview1.
(icecat-source): Update 'upstream-icecat-base-version', 'gnuzilla-commit', and
hashes. Reverse order of makeicecat-patch and gnuzilla-fixes-patch.
(icecat)[inputs]: Remove libogg, libvorbis, libvpx, icu4c, sqlite,
startup-notification, and zlib. Add several "UNBUNDLE-ME!" comments.
[native-inputs]: Update 'rust' and 'cargo' dependencies to version 1.41.
Update 'rust-cbindgen' dependency to version 0.14. Update 'node' dependency
to 10.22.
[arguments]<configure-flags>: Change --enable-default-toolkit value to
"cairo-gtk3-wayland". Change --with-unsigned-addon-scopes value to
"app,system". Add "--allow-addon-sideload". Remove
"--enable-startup-notification" and "--disable-gconf". Comment out
"--with-system-zlib", "--with-system-bz2", and "--with-system-icu".
<phases>: In the 'remove-bundled-libaries' phase, remove "modules/zlib" from
the list of directories to delete. Update the 'patch-cargo-checksums' phase
to update more modules.
(mozilla-68-compare-locales, all-mozilla-68-locales, %icecat-68-version)
(icecat-68-source): New variables preserving the previous icecat 68 source.
(icedove)[source]: Use 'icecat-68-source'.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to IceCat 78.
* gnu/packages/patches/icecat-68-makeicecat.patch: New file containing
the previous 'icecat-makeicecat.patch'.
* gnu/local.mk: Add 'icecat-68-makeicecat.patch'.
Includes fixes for CVE-2020-15663, CVE-2020-15664, and CVE-2020-15669.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Includes fixes for CVE-2020-6463, CVE-2020-6514, CVE-2020-15652, and
CVE-2020-15659.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
IceCat loads libXss.so at runtime to inhibit screen locking if other interfaces are unavailable.
* gnu/packages/gnuzilla.scm (icecat)[arguments]: Add libxscrnsaver to
wrap-program arguments.
Signed-off-by: Jakub Kądziołka <kuba@kadziolka.net>
Includes fixes for CVE-2020-12417, CVE-2020-12418, CVE-2020-12419,
CVE-2020-12420, and CVE-2020-12421.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes. Remove
code that deleted the Onion Browser Button extension, which is no longer
bundled upstream.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Fixes <https://bugs.gnu.org/35728>.
The Onion Browser Button (tortm-browser-button@jeremybenthum) version 0.1.8,
available from addons.mozilla.org and bundled with IceCat, malfunctions with
both IceCat 68.9 and Firefox ESR 68.9. It tells the user that it's connected
to Tor, but fails to route traffic through it. The same happens on Debian 9
with its "firefox-esr" package.
Remove this extension from IceCat, pending further investigation.
* gnu/packages/gnuzilla.scm (icecat-source): Remove the "data/extensions/
tortm-browser-button@jeremybenthum" directory before running makeicecat.
Includes fixes for CVE-2020-12399 and CVE-2020-12405.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Includes fixes for CVE-2020-6831, CVE-2020-12387, CVE-2020-12388,
CVE-2020-12389, CVE-2020-12392, CVE-2020-12393, and CVE-2020-12395.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Apply icecat-use-older-reveal-hidden-html.patch.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
* gnu/packages/patches/icecat-use-older-reveal-hidden-html.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Includes fixes for CVE-2020-6821, CVE-2020-6822, CVE-2020-6825,
CVE-2020-6827, and CVE-2020-6828.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Includes fixes for CVE-2020-6819 and CVE-2020-6820.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Includes fixes for CVE-2019-20503, CVE-2020-6805, CVE-2020-6806,
CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, and CVE-2020-6814.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Fixes <https://bugs.gnu.org/38045>. Thanks to Jakub Kądziołka
<kuba@kadziolka.net> and Amin Bandali <bandali@gnu.org> for their
helpful observations and suggestions.
This is a followup to commit 8e5567195f.
* gnu/packages/gnuzilla.scm (icecat)[inputs]: Add shared-mime-info.
[arguments]: Add elf and binary I/O modules to #:modules. Add code to
the 'fix-ffmpeg-runtime-linker' phase that sets the sandbox read-path
whitelist to include libavcodec's RUNPATH, as well as shared-mime-info.
Includes fixes for CVE-2019-17015, CVE-2019-17016, CVE-2019-17017,
CVE-2019-17021, CVE-2019-17022, and CVE-2019-17024.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update hash of upstream firefox source tarball,
'upstream-icecat-base-version', and commit and hash of gnuzilla checkout.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to upstream changes.
Includes fixes for CVE-2019-11745, CVE-2019-17005, CVE-2019-17008,
CVE-2019-17009, CVE-2019-17010, CVE-2019-17011, and CVE-2019-17012.
* gnu/packages/patches/icecat-gnuzilla-fixes.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update hash for the firefox source tarball. Update to the
latest from gnuzilla.git. Don't apply icecat-gnuzilla-fixes.patch. Remove
determinism fix in makeicecat that is now upstream. Tweak a status message.
(icecat)[arguments]: Add "--with-unsigned-addon-scopes=app" configure flag.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update to the latest upstream commit on '68' branch.
* gnu/packages/patches/icecat-gnuzilla-fixes.patch: Remove changes
that have been incorporated upstream, and add new pending changes,
notably the addition of several IceCat-specific preferences.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to changes in
icecat-gnuzilla-fixes.patch.
* gnu/packages/gnuzilla.scm (%icecat-version): Update.
(%icecat-build-id): New variable.
(icecat-source): Update gnuzilla repo commit and hash.
(icecat)[arguments]: In the custom 'configure' phase, set the MOZ_BUILD_DATE
environment variable to the value of %icecat-build-id.
* gnu/packages/patches/icecat-gnuzilla-fixes.patch: Remove changes that
are now in the upstream repository. Add more pending changes, including
disabling the MOZ_SERVICES_HEALTHREPORT and MOZ_BLOCK_PROFILE_DOWNGRADE
build flags, fixing a problem that prevented MOZ_DATA_REPORTING
from being disabled, and fixes to the branding.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to upstream changes,
and changes in icecat-gnuzilla-fixes.patch. Remove a hunk that disabled
rewrites to aboutRights.dtd in the l10n directory.
This commit moves some important fixes into a patch applied to the upstream
gnuzilla git repository, whereas previously they were applied in such a way
that only benefitted Guix users.
* gnu/packages/patches/icecat-default-search-ddg.patch,
gnu/packages/patches/icecat-disable-sync.patch: Delete files.
* gnu/packages/patches/icecat-gnuzilla-fixes.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adapt accordingly.
* gnu/packages/gnuzilla.scm (icecat-source): Apply the new patch to the
gnuzilla checkout.
(icecat)[native-inputs]: Remove deleted patches.
[arguments]: In the 'wrap-program' phase, remove MOZ_LEGACY_PROFILES=1
from the wrapper.
Fixes CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761,
CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, and CVE-2019-15903.
Note: IceCat 68 has not yet been released by the IceCat project. This is a
work-in-progress, and does not currently meet the privacy-respecting
standards of the IceCat project.
* gnu/packages/patches/icecat-default-search-ddg.patch,
gnu/packages/patches/icecat-disable-sync.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (%icecat-version): Update.
(mozilla-compare-locales, all-mozilla-locales): New variables.
(mozilla-locale): New procedure.
(mozilla-locales): New macro.
(icecat-source): Add code to populate the l10n directory. Remove the code
that copied the l10n directory from an older IceCat source tarball.
(icecat)[inputs]: Remove hunspell.
[native-inputs]: Comment out previous Guix-specific patches for now. Use the
newest rust, cargo, llvm, and clang. Add rust-cbindgen, node, nasm, python 3,
icecat-default-search-ddg.patch and icecat-disable-sync.patch.
[arguments]: In configure flags: remove "--disable-maintenance-service" and
"--enable-system-hunspell", and comment out flags to use system libraries
instead of bundled libraries for libevent, libogg, libvorbis, libvpx,
harfbuzz, graphite2, and sqlite. Add srfi-34 and srfi-35 to modules. Delete
fewer bundled libraries. Adapt the 'patch-source-shebangs' phase. Add a
custom 'build' phase that tries the standard 'build' phase up to 5 times.
In the 'wrap-program' phase, set MOZ_LEGACY_PROFILES=1 in the environment,
and add 'pulseaudio' to the front of LD_LIBRARY_PATH.
[description]: Add a warning that this is only a preview release.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt.
* gnu/packages/gnuzilla.scm (icecat)[arguments]: During custom
'patch-cargo-checksums phase, replace call to 'generate-checksums' with
call to 'generate-all-checksums'.
Includes fixes for CVE-2019-9811, CVE-2019-11709, CVE-2019-11711,
CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717,
CVE-2019-11719, CVE-2019-11729, and CVE-2019-11730.
* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.8.0-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
(icecat): Refresh some stale comments.
Includes fixes for CVE-2019-11707 and CVE-2019-11708.
* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.7.2-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
This includes updates to bundled extensions from the upstream
GNU IceCat 60.7.0-gnu1 release.
* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.7.0-guix2.
(icecat-source)[upstream-icecat-base-version]: Update to 60.7.0.
[upstream-icecat-source, gnuzilla-source]: Update hashes.
[origin]: Remove the substitutions that dealt with debian-specific package
code in the makeicecat script, since that code has been removed upstream.
(icecat)[arguments]: Adapt the 'install-desktop-entry' phase to avoid using
the Debian desktop file, which is no longer included in the IceCat sources.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to upstream changes.
This commit changes the 'source' field of the 'icecat' package to
simply be 'icecat-source', which aims to be suitable for use on any
system that IceCat supports.
* gnu/packages/gnuzilla.scm (icecat)[source]: Change to simply
be 'icecat-source'.
[native-inputs]: Add 'patch', along with the Guix-specific patches
that were previously applied within 'source'.
[arguments]: Remove the 'ensure-no-mtimes-pre-1980' phase.
Add 'apply-guix-specific-patches' and 'remove-bundled-libraries'
phases. Touch 'configure' in the bootstrap phase. Return #t from
the 'augment-CPLUS_INCLUDE_PATH' phase. Reindent.
* gnu/packages/gnuzilla.scm (icecat-source): Check to make sure the
value of FFMAJOR in the 'makeicecat' script matches the major version
of IceCat being generated.
Includes fixes for CVE-2019-9810 and CVE-2019-9813.
* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.6.1-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
* gnu/packages/gnuzilla.scm (icecat-source): When packing the new IceCat
tarball, set the mtime of archived files to early 1980. Remove useless
'string-append' applied to one argument.