Package Details: helium-browser-bin 0.13.2.1-1

Git Clone URL: https://aur.archlinux.org/helium-browser-bin.git (read-only, click to copy)
Package Base: helium-browser-bin
Description: Private, fast, and honest web browser based on Chromium (Latest/Stable)
Upstream URL: https://github.com/imputnet/helium-linux
Licenses: GPL-3.0-only AND BSD-3-Clause
Conflicts: helium-browser-beta-bin
Provides: helium-browser-beta-bin
Submitter: playleft
Maintainer: playleft
Last Packager: playleft
Votes: 81
Popularity: 15.01
First Submitted: 2025-09-14 12:03 (UTC)
Last Updated: 2026-06-10 10:04 (UTC)

Dependencies (18)

Required by (0)

Sources (7)

Pinned Comments

playleft commented on 2026-02-20 12:04 (UTC) (edited on 2026-02-20 12:05 (UTC) by playleft)

Hello all,

Kindly note: this packaging tracks the stable branch of helium-linux. Before marking this package out of date, please check the latest version here: https://github.com/imputnet/helium-linux/releases/latest. There can be anywhere from 10 minutes, up to a week (happened once) before upstream marks a release as "Latest."

If you wish to track the beta/pre-releases branch, you can use the helium-browser-beta-bin package.

Cheers,

Sam

playleft commented on 2026-01-03 00:42 (UTC) (edited on 2026-01-03 00:48 (UTC) by playleft)

Installing Helium's PGP key
==> Verifying source file signatures with gpg...
    helium-0.7.7.2-x86_64_linux.tar.xz ... FAILED (unknown public key 351601AD01D6378E)
==> ERROR: One or more PGP signatures could not be verified!

Since Helium 0.7.7.2 you will need Helium's PGP signature to verify the tarballs on install. This is a once off/once per system process.

  • tl;dr: jump to step 3. Steps one and two exist simply to prove the key added to the PKGBUILD is legitimate (i.e., Helium's/Imputnet's), and how to manually import their key without a keyserver.
1. Get the key and signature. (Optional)

Obtain Helium's signing key from https://github.com/imputnet/helium-linux#signature and save the key to a file.

2. Verify the signature (Optional)

Run gpg --show-key /PATH/TO/helium_pub.asc. What returns should match the first comment of Helium's PGP key block, and the validpgpkeys entry in the PKGBUILD.

> gpg --show-key helium_pub.asc 
pub   ed25519 2025-10-11 [SC] [expires: 2028-10-10]
      BE677C1989D35EAB2C5F26C9351601AD01D6378E
uid                      Helium signing key (https://helium.computer/) <helium@imput.net>
sub   cv25519 2025-10-11 [E] [expires: 2028-10-10]
3. Install the key
  • Option 1: source the key from upstream per step 1 and 2, and run:

gpg --import /path/to/helium_pub.asc

  • Option 2: install from a public server:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys BE677C1989D35EAB2C5F26C9351601AD01D6378E

4. Verify the key install
> gpg --fingerprint BE677C1989D35EAB2C5F26C9351601AD01D6378E
pub   ed25519 2025-10-11 [SC] [expires: 2028-10-10]
      BE67 7C19 89D3 5EAB 2C5F  26C9 3516 01AD 01D6 378E
uid           [ unknown] Helium signing key (https://helium.computer/) <helium@imput.net>
sub   cv25519 2025-10-11 [E] [expires: 2028-10-10]
5. Install helium as normal

Latest Comments

1 2 3 4 5 6 7 Next › Last »

playleft commented on 2026-05-29 05:26 (UTC)

Spixmaster,

I've now updated the checksums for patch 0002 in v0.12.5.1-2. Many thanks for pointing this out, and my apologies to all for the oversight.

FYI, this change to 0002-align-desktop-entry.patch simply includes the SPDX identifier header that I forgot to include in v0.12.4.1. This is to ensure reuse licensing compliance.

Let me know if there's any other issues.

Cheers,

Sam

Spixmaster commented on 2026-05-29 01:02 (UTC)

The hash was not updated.

==> Validating source files with sha256sums...
    0001-update-wrapper-arch.patch ... Passed
    0002-align-desktop-entry.patch ... FAILED
    LICENSE.ungoogled_chromium ... Passed
==> ERROR: One or more files did not pass the validity check!
error: failed to download sources for 'helium-browser-bin-0.12.5.1-1':
error: packages failed to build: helium-browser-bin-0.12.5.1-1

playleft commented on 2026-05-20 22:36 (UTC)

Hello everyone,

v0.12.4.1 includes an amendment to align patch 0002 with upstream changes to the .desktop file, which no longer includes the StartupWMClass value.

Ref: https://github.com/imputnet/helium-linux/pull/296

Cheers,

Sam

playleft commented on 2026-04-28 11:41 (UTC)

Knotrocket,

Do you know which version is used by Helium when set to "Use QT" and why there are two .so libraries?

I can confirm that Helium only requires qt5-base after reviewing strace outputs. Testing with 'Use QT' enabled and disabled, version six is not called even when installed on my system. I believe the namcap results flagging version six was due to my system having the package installed. Also checking upstream, builds only include the qt5base-dev package (on Debian) 1.

So I think it's safe to say that we don't need version six, but version five should be included as an optional dependency for these and previously mentioned reasons. I will bump packaging to version two with this amendment shortly.

This issue and strace outputs has been documented here: https://github.com/s6muel/helium-browser-bin/issues/47

Please accept apologies for any inconvenience caused, and for the delay in responding.

Cheers,

Sam

mefistofeles commented on 2026-04-28 01:23 (UTC)

Hey, I noticed that the url variable isn't really used in the source reference in the PKGBUILD, I think using the variable there is probably convenient, that way you only define it once and use it in the other places. Thanks!

Knotrocket commented on 2026-04-27 17:10 (UTC) (edited on 2026-04-27 17:10 (UTC) by Knotrocket)

Before making changes, might I propose that we move the qt{5,6}-base to optdepends, while inviting any suggestions and discussion.

Sounds good to me! I commented here because in my case qt5-base was not already installed when updating helium.

Do you know which version is used by Helium when set to "Use QT" and why there are two .so libraries?

playleft commented on 2026-04-27 05:04 (UTC)

Knotrocket,

After review, I think adding qt{5,6}-base was an unnecessary addition on my part in strictly adhering to namcap results. As you pointed out, this seems like a dependency for those that are using themes and at minimum should move to optdepends, but there's justification for their removal all together. Removal would align packaging with google-chrome which we might consider as the baseline standard for Chromium packaging. A namcap audit of the latest google-chrome packaging yields similar results to Helium.

However, my interpretation of the PKGBUILD guidelines [1] would suggest that we keep these as optional dependencies, since they 'provide additional features.' Additionally, namcap identifies these packages as optional dependencies and running find-deps against the latest Helium packaging would suggest the same.

Before making changes, might I propose that we move the qt{5,6}-base to optdepends, while inviting any suggestions and discussion.

Thanks for bringing this up!

Cheers,

Sam

[1] https://wiki.archlinux.org/title/PKGBUILD#optdepends

Knotrocket commented on 2026-04-27 00:54 (UTC)

add qt5-base, qt6-base

Is this necessary for those who stick with the default appearance settings or only change the colours?

playleft commented on 2026-04-25 04:24 (UTC) (edited on 2026-04-26 09:26 (UTC) by playleft)

arc-d3v,

Yes absolutely. I will update the dependencies in 0.11.4.1 per an audit with namcap. In short, this will involve the following changes to depends and optdepends:

  • replace systemd with udev
  • add qt5-base, qt6-base
  • remove desktop-file-utils, libffi, libgcrypt, pciutils, gtk4

The namcap audits along with a diff and further details can be found here: https://github.com/s6muel/helium-browser-bin/issues/46

Local testing found no issues; if anyone would like to test and provide feedback please feel free.

Cheers,

Sam

EDIT: These changes have been included in 0.11.5.1, if there are any issues please let me know.

1 2 3 4 5 6 7 Next › Last »