AUR (en) - librewolf-bin

Search Criteria

Enter search criteria

Search by

Keywords

Out of Date

Sort by

Sort order

Per page

Package Details: librewolf-bin 125.0.2-1

Package Actions

Git Clone URL:	https://aur.archlinux.org/librewolf-bin.git (read-only, click to copy)
Package Base:	librewolf-bin
Description:	Community-maintained fork of Firefox, focused on privacy, security and freedom.
Upstream URL:	https://librewolf-community.gitlab.io/
Keywords:	browser web
Licenses:	GPL, MPL, LGPL
Conflicts:	librewolf
Provides:	librewolf
Submitter:	lsf
Maintainer:	lsf
Last Packager:	lsf
Votes:	345
Popularity:	14.02
First Submitted:	2019-06-16 13:12 (UTC)
Last Updated:	2024-04-24 16:49 (UTC)

Dependencies (16)

dbus (dbus-git^AUR, dbus-x11-git^AUR, dbus-selinux^AUR)
ffmpeg (ffmpeg-intel-full-git^AUR, ffmpeg-nvcodec-11-1-git^AUR, ffmpeg-git^AUR, ffmpeg-cuda^AUR, ffmpeg-decklink^AUR, ffmpeg-amd-full^AUR, ffmpeg-full-git^AUR, ffmpeg-nocuda^AUR, ffmpeg-ffplayout^AUR, ffmpeg-obs^AUR, ffmpeg-amd-full-git^AUR, ffmpeg-full^AUR, ffmpeg-headless^AUR, ffmpeg-libfdk_aac^AUR)
gtk3 (gtk3-ubuntu^AUR, gtk3-no_deadkeys_underline^AUR, gtk3-patched-filechooser-icon-view^AUR, gtk3-classic-xfce^AUR, gtk3-classic^AUR)
libpulse (pulseaudio-dummy^AUR, libpulse-git^AUR)
libxt
mime-types (mailcap)
nss (nss-hg^AUR)
startup-notification
ttf-font (neuropol-ttf^AUR, ttf-win7-fonts^AUR, ttf-ms-win8^AUR, ttf-ms-win8-arabic^AUR, ttf-ms-win8-hebrew^AUR, ttf-ms-win8-sea^AUR, ttf-ms-win8-indic^AUR, ttf-ms-win8-japanese^AUR, ttf-ms-win8-korean^AUR, ttf-ms-win8-zh_cn^AUR, ttf-ms-win8-zh_tw^AUR, ttf-ms-win8-thai^AUR, ttf-ms-win8-other^AUR, ttf-noto-fonts-simple^AUR, ttf-kids^AUR, ttf-liberation-sans-narrow^AUR, ttf-cavafy-script^AUR, ttf-ms-fonts^AUR, ttf-dejavu-ib^AUR, ttf-zelda^AUR, ttf-oxygen^AUR, ttf-oxygen-gf^AUR, ttf-share-gf^AUR, ttf-gost^AUR, otf-inconsolata-dz^AUR, ttf-d2coding^AUR, ttf-ibm-plex-mono-git^AUR, ttf-agave^AUR, ttf-caracteres^AUR, ttf-cuprum^AUR, ttf-autour-one^AUR, ttf-impallari-milonga^AUR, ttf-impallari-miltonian^AUR, ttf-clarity-city^AUR, ttf-karla^AUR, ttf-ms-win10^AUR, ttf-ms-win10-japanese^AUR, ttf-ms-win10-korean^AUR, ttf-ms-win10-sea^AUR, ttf-ms-win10-thai^AUR, ttf-ms-win10-zh_cn^AUR, ttf-ms-win10-zh_tw^AUR, ttf-ms-win10-other^AUR, ttf-win10^AUR, ttf-ms-win10-auto^AUR, ttf-ms-win10-cdn^AUR, noto-fonts-variable-lite^AUR, ttf-bmono^AUR, ttf-pt-astra-fact^AUR, ttf-weblysleekui^AUR, ttf-pt-astra-sans^AUR, ttf-pt-astra-serif^AUR, ttf-pt-sans^AUR, ttf-pt-serif^AUR, ttf-pt-mono^AUR, ttf-pt-root_ui^AUR, ttf-plemoljp^AUR, ttf-juisee^AUR, ttf-xo-fonts^AUR, noto-fonts-lite^AUR, ttf-paratype^AUR, ttf-ms-win11-auto^AUR, ttf-ms-win11^AUR, ttf-ms-win11-japanese^AUR, ttf-ms-win11-korean^AUR, ttf-ms-win11-sea^AUR, ttf-ms-win11-thai^AUR, ttf-ms-win11-zh_cn^AUR, ttf-ms-win11-zh_tw^AUR, ttf-ms-win11-other^AUR, ttf-plemoljp-bin^AUR, apple-fonts^AUR, ttf-noto-sans-vf^AUR, ttf-noto-serif-vf^AUR, ttf-noto-sans-mono-vf^AUR, ttf-dejavu-emojiless^AUR, gnu-free-fonts, noto-fonts, ttf-bitstream-vera, ttf-croscore, ttf-dejavu, ttf-droid, ttf-ibm-plex, ttf-input, ttf-liberation, ttf-mona-sans)
git (git-git^AUR) (make)
hunspell-en_US (hunspell-en_us) (optional) – Spell checking, American English
libnotify (libnotify-git^AUR) (optional) – Notification integration
networkmanager (networkmanager-git^AUR, networkmanager-iwd^AUR) (optional) – Location detection via available WiFi networks
pulseaudio (pulseaudio-dummy^AUR, pulseaudio-git^AUR, pipewire-common-pulse-git^AUR, pipewire-full-pulse-git^AUR, pipewire-pulse-git^AUR, pipewire-pulse) (optional) – Audio support
speech-dispatcher (speech-dispatcher-git^AUR) (optional) – Text-to-Speech
xdg-desktop-portal (xdg-desktop-portal-git^AUR) (optional) – Screensharing with Wayland

Required by (22)

edge-frfox (requires librewolf) (optional)
ff2mpv-go-git (requires librewolf) (optional)
ff2mpv-rust (requires librewolf) (optional)
firefox-gnome-theme (requires librewolf) (optional)
librewolf-comment-out-cfg-hook (requires librewolf)
librewolf-extension-bitwarden-bin (requires librewolf)
librewolf-extension-bitwarden-git (requires librewolf)
librewolf-extension-darkreader (requires librewolf)
librewolf-extension-darkreader-bin (requires librewolf)
librewolf-extension-gnome-shell-integration (requires librewolf)
librewolf-extension-istilldontcareaboutcookies-bin (requires librewolf)
librewolf-extension-kagisearch-bin (requires librewolf)
librewolf-extension-localcdn-bin (requires librewolf)
librewolf-extension-return-youtube-dislike-bin (requires librewolf)
librewolf-extension-uget-integration-bin (requires librewolf)
librewolf-extension-vimiumc-bin (requires librewolf)
librewolf-extension-xdman8-browser-monitor-bin (requires librewolf)
librewolf-firefox-shim (requires librewolf)
librewolf-gnome-search-provider (requires librewolf)
profile-sync-daemon-librewolf (requires librewolf) (optional)
Show 2 more...

Sources (7)

Pinned Comments

lsf commented on 2021-11-10 12:14 (UTC) (edited on 2023-04-17 07:18 (UTC) by lsf)

https://wiki.archlinux.org/title/Arch_User_Repository#Acquire_a_PGP_public_key_if_needed

gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801

/edit: starting with 112.0-1, the binaries are signed with the maintainers shared key, so gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 662E3CDD6FE329002D0CA5BB40339DD82B12EF16 should do the trick instead. I've also signed the key with the previously used key, so you have at least some guarantee that it's not a malicious attack :)

Latest Comments

1 2 3 4 5 6 .. 17 Next › Last »

Dawa commented on 2024-04-26 19:26 (UTC)

I'm on evil, evil, evil Manjaro (my apologies, I blame society) and yes the update is broken. Not eager to just skip hash checks in the wake of the whole xz thing. Not interested in switching to another update method. Looking forward to some kind of update here. Thanks lsf for maintaining this package.

spsf64 commented on 2024-04-26 17:08 (UTC)

Everyone using manjaro could stop complaining and just try to use the appimage which should work fine for you... Link:

https://librewolf.net/installation/linux/

ron2138 commented on 2024-04-26 16:47 (UTC) (edited on 2024-04-26 16:47 (UTC) by ron2138)

Manjaro site shows

pacman April 26, 2024: stable has 6.0.2-18, testing has 6.1.0-7, unstable has 6.1.0-7
pacman-contrib April 26, 2024: stable has 1.10.4-1, testing has 1.10.5-1, unstable has 1.10.5-1

As stated earlier I, ron2138, use pacman 6.0.2-9 and pacman-contrib 1.10.4-3. Current versions in arch stable are 6.1.0-3, and 1.10.5-1, respectively. For arch stable, pacman 6.1.0-3 is 6.0.2-9 successor. While pacman-contrib had 1.10.4-4 in between 1.10.4-3 and 1.10.5-1.

muvvenby commented on 2024-04-26 08:36 (UTC)

FWIW I have this issue with the failing validity check on Manjaro stable install with pamac and yay. I could check later with my EndeavourOS install.

ron2138 commented on 2024-04-26 00:53 (UTC) (edited on 2024-04-26 16:33 (UTC) by ron2138)

With the suggested SKIP checksum, I get:

$ makepkg --verifysource --force
==> Making package: librewolf-bin 125.0.2-1 (Fri 26 Apr 2024 12:23:23 AM UTC)
==> Retrieving sources...
  -> Updating source git repo...
  -> Found default192x192.png
  -> Found librewolf.desktop
  -> Found librewolf-125.0.2-1-linux-x86_64-package.tar.bz2
  -> Found librewolf-125.0.2-1-linux-x86_64-package.tar.bz2.sig
==> Validating source files with sha256sums...
    source ... Skipped
    default192x192.png ... Passed
    librewolf.desktop ... Passed
==> Validating source_x86_64 files with sha256sums...
    librewolf-125.0.2-1-linux-x86_64-package.tar.bz2 ... Passed
    librewolf-125.0.2-1-linux-x86_64-package.tar.bz2.sig ... Skipped
==> Verifying source file signatures with gpg...
    librewolf-125.0.2-1-linux-x86_64-package.tar.bz2 ... Passed

(The reason for --force is because I already built the package. makepkg is not willing to run without it.)

I think it does validate the source after the SKIP at sha256sums is evaluated.

==> Validating source_x86_64 files with sha256sums...
    librewolf-125.0.2-1-linux-x86_64-package.tar.bz2 ... Passed
    librewolf-125.0.2-1-linux-x86_64-package.tar.bz2.sig ... Skipped

I haven't looked what was in the PKGBUILD in previous versions. The current problem could be related to the source, source_aarch64, source_x86_64, sha256sums, sha256sums_x86_64, and sha256sums_aarch64 arrays. And the way makepkg verifies the sums. I agree this is what is being called hands waiving rather then a concise explanation. But, since there is a source_x86_64 verification, I have not tried harder.

I have this issue, and I am not on Manjaro. As lsf suggested at 2024-04-25 19:51 (UTC), I deliberately keep pacman/pacman-contrib versions behind. I have other issues with the up to date versions, which is why I have downgraded. Waiting to see if those issues get resolved in their next versions. On the other hand, even though I am hardly building AUR packages, this is the 1st time I run into such an issue. Could it be the very few other AUR packages I built lately have issues I am not aware of?

lsf commented on 2024-04-25 19:51 (UTC) (edited on 2024-04-25 19:58 (UTC) by lsf)

*she.

more to the point though: while it still builds/verifies cleanly for me, it doesn't make sense to have a checksum on a folder / git checkout. I didn't manually add it, I usually just trust updpkgsums to do its job. For some reason though, it insists on adding a checksum… for the git checkout's folder this time.

So skipping the verification for that checkout would be a reasonable approach for now. I'll still try to find out why it's in there this time around at all, and then see about updating the PKGBUILD ^^

(sorry for the trouble this seems to have caused!)

/edit: just in case: are those folks who have that issue on manjaro? maybe it's just part of the newer(ish) pacman/pacman-contrib versions, seems like manjaro is a bit behind there still?

Rollingthunder commented on 2024-04-25 19:33 (UTC)

I get the same error ron2138 so guess it's the same for all of us but (If I understand it correctly) skipping the verification is not a fix, it's a bypass at most and not a particularly convincing one, cause why would I wanna have potential errors or even malicious code in a browser source? Especially since he seems to have removed the SKIP command from a previous version, thus probably wanting to improve it. It seems to me the sha256 used in the pkgbuild is just wrong as the one I get from the source.tar.gz.sha256sum on Codeberg¹ is not found in it, but ² instead.

¹ aafe820d94a535728bc4d247a120f3ceed2d6df49b044c60b231009ab06a1f27

² 84513d4d5387f09231bb2f426596f24897babfc77c8e502001650531e375f9f9

Now is that an argument against unsigned sha256sums or just a human error?

ron2138 commented on 2024-04-25 15:49 (UTC) (edited on 2024-04-25 19:08 (UTC) by ron2138)

I get the following after previously downloading librewolf-125.0.2-1-linux-x86_64-package.tar.bz2*. Could be the same issue as Exod1us reported at 2024-04-24 18:22 (UTC).

$ ls --size librewolf-125*
94648 librewolf-125.0.2-1-linux-x86_64-package.tar.bz2
    4 librewolf-125.0.2-1-linux-x86_64-package.tar.bz2.sig

$ makepkg --verifysource
==> Making package: librewolf-bin 125.0.2-1 (Thu 25 Apr 2024 03:28:11 PM UTC)
==> Retrieving sources...
  -> Updating source git repo...
  -> Found default192x192.png
  -> Found librewolf.desktop
  -> Found librewolf-125.0.2-1-linux-x86_64-package.tar.bz2
  -> Found librewolf-125.0.2-1-linux-x86_64-package.tar.bz2.sig
==> Validating source files with sha256sums...
    source ... NOT FOUND
    default192x192.png ... Passed
    librewolf.desktop ... Passed
==> ERROR: One or more files did not pass the validity check!

That particular ERROR solved by issuing

$ sed -i "/sha256sums=(/s:'.*:'SKIP':" PKGBUILD

before makepkg --verifysource. I hope it will also solves Exod1us issue reported at 2024-04-24 18:22 (UTC), if he will issue that sed command right after he obtained the PKGBUILD file. But have not verified this last statement.

Exod1us commented on 2024-04-24 18:22 (UTC)

Whith the last update he can't get the source. Error when update

Derson5 commented on 2024-04-22 13:15 (UTC)

There was new release https://codeberg.org/librewolf/source/releases/tag/125.0.1-1