blob: bcf2e0b8b2d905ccdf23a3f7c2b2036d052e37d5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
|
# Maintainer:
## links
# https://astian.org/midori-browser/download/
# https://github.com/goastian/midori-desktop
>&2 echo 'Warning: Consider switching to a different browser.'
>&2 echo
>&2 echo 'Midori has not been updated for CVE-2024-9680. There have been'
>&2 echo '"reports of this vulnerability being exploited in the wild."'
>&2 echo
>&2 echo 'For more information, visit:'
>&2 echo ' https://www.mozilla.org/en-US/security/advisories/mfsa2024-51'
>&2 echo
## options
: ${_build_pgo:=true}
: ${_build_pgo_reuse:=try}
: ${_build_pgo_xvfb:=false}
: ${_ver_clang=}
: ${RUSTUP_TOOLCHAIN:=stable}
: ${_commit=1ff9155f6d640616e4af89a29e351718f73d7af8} # 11.4
## basic info
_pkgname="midori"
pkgname="$_pkgname"
pkgver=11.4
pkgrel=2
pkgdesc="Web browser based on Floorp"
url="https://github.com/goastian/midori-desktop"
arch=('x86_64')
license=('MPL-2.0')
depends=(
dbus
ffmpeg
gtk3
libevent
libjpeg
libpulse
libvpx.so
libwebp.so
libxss
libxt
mime-types
nspr
nss
pipewire
ttf-font
zlib
)
makedepends=(
#"${RUSTUP_TOOLCHAIN:+rustup}"
"clang${_ver_clang:-}"
"lld${_ver_clang:-}"
"llvm${_ver_clang:-}"
"wasi-compiler-rt${_ver_clang:-}"
cargo
cbindgen
diffutils
dump_syms
git
imake
inetutils
jack
mercurial
mesa
nasm
nodejs
python
python-setuptools
unzip
wasi-libc
wasi-libc++
wasi-libc++abi
yasm
zip
)
optdepends=(
'hunspell-dictionary: Spell checking'
'libnotify: Notification integration'
'networkmanager: Location detection via available WiFi networks'
'speech-dispatcher: Text-to-Speech'
'xdg-desktop-portal: Screensharing with Wayland'
)
if [[ "${_build_pgo::1}" == "t" ]]; then
if [[ "${_build_pgo_xvfb::1}" == "t" ]]; then
makedepends+=(
xorg-server-xvfb
)
else
makedepends+=(
weston
xorg-xwayland
wlheadless-run # aur/xwayland-run-git
)
fi
fi
options=(
!debug
!emptydirs
!lto
!makeflags
!strip
)
install="$_pkgname.install"
_source_main() {
: ${_lssver:=v2022.10.12}
noextract=("lss-${_lssver}.tar.gz")
_pkgsrc="midori-tensei"
source=(
"$_pkgsrc"::"git+https://github.com/goastian/midori-desktop.git#commit=${_commit:?}"
"lss-${_lssver}.tar.gz"::"https://chromium.googlesource.com/linux-syscall-support/+archive/refs/tags/${_lssver}.tar.gz"
"$_pkgname.desktop"
)
sha256sums=(
'SKIP'
'SKIP'
'7ef0f85f2b111caa08a3e855cb4b6595b6d0f62b3de13ce59eea94a580eec470'
)
}
_source_midori_tensei() {
source+=(
'goastian.l10n-central'::'git+https://github.com/goastian/l10n-central.git'
)
sha256sums+=(
'SKIP'
)
}
_prepare_midori_tensei() (
cd "$srcdir/$_pkgsrc"
local _submodules=(
'goastian.l10n-central'::'floorp/browser/locales/l10n-central'
)
_submodule_update
)
_source_main
_source_midori_tensei
prepare() {
_submodule_update() {
local _module
for _module in "${_submodules[@]}"; do
git submodule init "${_module##*::}"
git submodule set-url "${_module##*::}" "$srcdir/${_module%::*}"
git -c protocol.file.allow=always submodule update "${_module##*::}"
done
}
mkdir -p mozbuild
cd "$_pkgsrc"
# l10n
local _l10n_path="floorp/browser/locales/l10n-central"
if [ ! -e "$_l10n_path" ]; then
ln -sf "$srcdir/goastian.l10n-central" "$_l10n_path"
else
_prepare_midori_tensei
fi
# prepare google breakpad
local _lss_path="toolkit/crashreporter/google-breakpad/src/third_party/lss"
mkdir -p "$_lss_path"
bsdtar -xf "$srcdir/lss-${_lssver}.tar.gz" -C "$_lss_path"
# clear forced startup pages
sed -E 's&^\s*pref\("startup\.homepage.*$&&' -i "browser/branding/official/pref/firefox-branding.js"
# prepare api keys
cp "floorp/apis"/api-*-key ./
# configure
cat > ../mozconfig << END
ac_add_options --enable-application=browser
ac_add_options --disable-artifact-builds
mk_add_options MOZ_OBJDIR=${PWD@Q}/obj
ac_add_options --prefix=/usr
ac_add_options --enable-release
ac_add_options --enable-hardening
ac_add_options --enable-rust-simd
ac_add_options --enable-wasm-simd
ac_add_options --enable-linker=lld
ac_add_options --disable-elf-hack
ac_add_options --disable-bootstrap
ac_add_options --with-wasi-sysroot=/usr/share/wasi-sysroot
# Branding
ac_add_options --with-app-basename=$_pkgname
ac_add_options --with-app-name=$_pkgname
ac_add_options --with-branding=browser/branding/official
ac_add_options --enable-update-channel=nightly
ac_add_options --with-distribution-id=org.archlinux
ac_add_options --with-unsigned-addon-scopes=app,system
ac_add_options --allow-addon-sideload
export MOZILLA_OFFICIAL=1
export MOZ_APP_REMOTINGNAME=$_pkgname
# Floorp Upstream
ac_add_options --enable-proxy-bypass-protection
ac_add_options --enable-unverified-updates
ac_add_options --with-l10n-base=${PWD@Q}/floorp/browser/locales/l10n-central
MOZ_REQUIRE_SIGNING=
# Keys
ac_add_options --with-mozilla-api-keyfile=${PWD@Q}/api-mozilla-key
ac_add_options --with-google-location-service-api-keyfile=${PWD@Q}/api-google-location-service-key
ac_add_options --with-google-safebrowsing-api-keyfile=${PWD@Q}/api-google-safe-browsing-key
# System Libraries
ac_add_options --with-system-jpeg
ac_add_options --with-system-libevent
ac_add_options --with-system-libvpx
ac_add_options --with-system-nspr
ac_add_options --with-system-nss
ac_add_options --with-system-webp
ac_add_options --with-system-zlib
# Features
ac_add_options --enable-alsa
ac_add_options --enable-av1
ac_add_options --enable-eme=widevine
ac_add_options --enable-jack
ac_add_options --enable-jxl
ac_add_options --enable-pulseaudio
ac_add_options --enable-raw
ac_add_options --enable-sandbox
ac_add_options --enable-webrtc
ac_add_options --disable-crashreporter
ac_add_options --disable-default-browser-agent
ac_add_options --disable-parental-controls
ac_add_options --disable-tests
ac_add_options --disable-updater
# Disables Telemetry by Default
mk_add_options MOZ_DATA_REPORTING=0
mk_add_options MOZ_SERVICES_HEALTHREPORT=0
mk_add_options MOZ_TELEMETRY_REPORTING=0
# Debugging
ac_add_options --disable-debug
ac_add_options --disable-debug-symbols
ac_add_options --disable-debug-js-modules
ac_add_options --enable-strip
ac_add_options --enable-install-strip
export STRIP_FLAGS="--strip-debug --strip-unneeded"
# Optimization
ac_add_options --enable-optimize=-O3
ac_add_options --enable-lto=cross,full
ac_add_options OPT_LEVEL="3"
ac_add_options RUSTC_OPT_LEVEL="3"
# Other
export AR=llvm-ar${_ver_clang:+-$_ver_clang}
export CC=clang${_ver_clang:+-$_ver_clang}
export CXX=clang++${_ver_clang:+-$_ver_clang}
export NM=llvm-nm${_ver_clang:+-$_ver_clang}
export RANLIB=llvm-ranlib${_ver_clang:+-$_ver_clang}
END
local src
for src in "${source[@]}"; do
src="${src%%::*}"
src="${src##*/}"
src="${src%.zst}"
if [[ $src == *.patch ]]; then
printf '\nApplying patch: %s\n' "$src"
patch -Np1 -F100 -i "${srcdir:?}/$src"
fi
done
}
build() {
cd "$_pkgsrc"
export PATH="/usr/lib/llvm${_ver_clang:-}/bin:$PATH"
export LD_LIBRARY_PATH=/usr/lib/llvm${_ver_clang:-}/lib
export RUSTUP_TOOLCHAIN=${RUSTUP_TOOLCHAIN:?}
export XDG_RUNTIME_DIR="${XDG_RUNTIME_DIR:-$srcdir/xdg-runtime}"
[ ! -d "$XDG_RUNTIME_DIR" ] && install -dm700 "${XDG_RUNTIME_DIR:?}"
export LIBGL_ALWAYS_SOFTWARE=true
export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=pip
export MOZBUILD_STATE_PATH="$srcdir/mozbuild"
export MOZ_BUILD_DATE="$(date -u${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH} +%Y%m%d%H%M%S)"
export MOZ_NOSPAM=1
# malloc_usable_size is used in various parts of the codebase
CFLAGS="${CFLAGS/_FORTIFY_SOURCE=3/_FORTIFY_SOURCE=2}"
CXXFLAGS="${CXXFLAGS/_FORTIFY_SOURCE=3/_FORTIFY_SOURCE=2}"
# error: "STL code can only be used with -fno-exceptions"
CFLAGS="${CFLAGS/-fexceptions/-fno-exceptions}"
CXXFLAGS="${CXXFLAGS/-fexceptions/-fno-exceptions}"
# LTO/PGO needs more open files
ulimit -n 4096
# Do 3-tier PGO
if [[ "${_build_pgo::1}" == "t" ]]; then
# find previous profile file...
local _old_profdata _old_jarlog _pkgver_old tmp_old tmp_new
_pkgver_prof=$(
cd "${SRCDEST:-$startdir}"
for i in *.profdata; do [ -f "$i" ] && echo "$i"; done \
| sort -rV | head -1 | sed -E 's&^[^0-9]+-([0-9\.]+)-merged.profdata&\1&'
)
# new profile for new major version
if [ "${_pkgver_prof%%.*}" != "${pkgver%%.*}" ]; then
_build_pgo_reuse=false
_pkgver_prof="$pkgver"
fi
# new profile for new minor version
_tmp_old=$(echo "${_pkgver_prof}" | cut -d'-' -f2 | cut -d'.' -f2)
_tmp_new=$(echo "${pkgver}" | cut -d'-' -f2 | cut -d'.' -f2)
if [ "${_tmp_new:-0}" -gt "${_tmp_old:-0}" ]; then
_build_pgo_reuse=false
_pkgver_prof="$pkgver"
fi
local _old_profdata="${SRCDEST:-$startdir}/$_pkgname-$_pkgver_prof-merged.profdata"
local _old_jarlog="${SRCDEST:-$startdir}/$_pkgname-$_pkgver_prof-jarlog"
# Restore old profile
if [[ "${_build_pgo_reuse::1}" == "t" ]]; then
if [[ -s "$_old_profdata" ]]; then
echo "Restoring old profile data."
cp --reflink=auto -f "$_old_profdata" merged.profdata
fi
if [[ -s "$_old_jarlog" ]]; then
echo "Restoring old jar log."
cp --reflink=auto -f "$_old_jarlog" jarlog
fi
fi
# Make new profile
if [[ "${_build_pgo_reuse::1}" != "t" ]] || [[ ! -s merged.profdata ]]; then
echo "Building instrumented browser..."
cat > .mozconfig ../mozconfig - << END
ac_add_options --enable-profile-generate=cross
export MOZ_ENABLE_FULL_SYMBOLS=1
END
./mach build
echo "Profiling instrumented browser..."
./mach package
if [[ "${_build_pgo_xvfb::1}" == "t" ]]; then
local _headless_run=(
xvfb-run
-s "-screen 0 1920x1080x24 -nolisten local"
)
else
local _headless_run=(
wlheadless-run
-c weston --width=1920 --height=1080
)
fi
LLVM_PROFDATA=llvm-profdata JARLOG_FILE=${PWD@Q}/jarlog \
"${_headless_run[@]}" -- ./mach python build/pgo/profileserver.py
echo "Removing instrumented browser..."
./mach clobber
fi
echo "Building optimized browser..."
cat > .mozconfig ../mozconfig
if [[ -s merged.profdata ]]; then
stat -c "Profile data found (%s bytes)" merged.profdata
cat >> .mozconfig - << END
ac_add_options --enable-profile-use=cross
ac_add_options --with-pgo-profile-path=${PWD@Q}/merged.profdata
END
# save profdata for reuse
cp --reflink=auto -f merged.profdata "$_old_profdata"
else
echo "Profile data not found."
fi
if [[ -s jarlog ]]; then
stat -c "Jar log found (%s bytes)" jarlog
cat >> .mozconfig - << END
ac_add_options --with-pgo-jarlog=${PWD@Q}/jarlog
END
# save jarlog for reuse
cp --reflink=auto -f jarlog "$_old_jarlog"
else
echo "Jar log not found."
fi
./mach build
else
echo "Building browser..."
cat > .mozconfig ../mozconfig
./mach build
fi
}
package() {
cd "$_pkgsrc"
DESTDIR="$pkgdir" ./mach install
local vendorjs="$pkgdir/usr/lib/$_pkgname/browser/defaults/preferences/vendor.js"
install -Dvm644 /dev/stdin "$vendorjs" << END
// Use LANG environment variable to choose locale
pref("intl.locale.requested", "");
// Use system-provided dictionaries
pref("spellchecker.dictionary_path", "/usr/share/hunspell");
// Disable default browser checking.
pref("browser.shell.checkDefaultBrowser", false);
// Don't disable extensions in the application directory
pref("extensions.autoDisableScopes", 11);
// Enable GNOME Shell search provider
pref("browser.gnome-search-provider.enabled", true);
// Enable JPEG XL images
pref("image.jxl.enabled", true);
// Prevent about:config warning
pref("browser.aboutConfig.showWarning", false);
// Prevent telemetry notification
pref("services.settings.main.search-telemetry-v2.last_check", $(date +%s));
END
local distini="$pkgdir/usr/lib/$_pkgname/distribution/distribution.ini"
install -Dvm644 /dev/stdin "$distini" << END
[Global]
id=archlinux
version=${pkgver}
about=Midori for Arch Linux
[Preferences]
app.distributor=archlinux
app.distributor.channel=$_pkgname
app.partner.archlinux=archlinux
END
# search provider
local sprovider="$pkgdir/usr/share/gnome-shell/search-providers/$_pkgname.search-provider.ini"
install -Dvm644 /dev/stdin "$sprovider" << END
[Shell Search Provider]
DesktopId=$_pkgname.desktop
BusName=org.mozilla.${_pkgname//-/}.SearchProvider
ObjectPath=/org/mozilla/${_pkgname//-/}/SearchProvider
Version=2
END
# Replace duplicate binary
ln -sf "/usr/bin/$_pkgname" "$pkgdir/usr/lib/$_pkgname/$_pkgname-bin"
# Use system certificates
local nssckbi="$pkgdir/usr/lib/$_pkgname/libnssckbi.so"
if [[ -e "$nssckbi" ]]; then
ln -sf "/usr/lib/libnssckbi.so" "$nssckbi"
fi
# desktop file
install -Dvm644 ../$_pkgname.desktop \
"$pkgdir/usr/share/applications/$_pkgname.desktop"
# icons
local i theme=official
for i in 16 22 24 32 48 64 128 256; do
install -Dvm644 browser/branding/$theme/default$i.png \
"$pkgdir/usr/share/icons/hicolor/${i}x${i}/apps/$_pkgname.png"
done
}
|