Package Details: palemoon 1:33.0.1-1

Git Clone URL: https://aur.archlinux.org/palemoon.git (read-only, click to copy)
Package Base: palemoon
Description: Open source web browser based on Firefox focusing on efficiency.
Upstream URL: https://www.palemoon.org/
Keywords: browser goanna web
Licenses: GPL, MPL, LGPL
Submitter: artiom
Maintainer: WorMzy
Last Packager: WorMzy
Votes: 141
Popularity: 0.055334
First Submitted: 2014-06-05 10:54 (UTC)
Last Updated: 2024-02-27 22:07 (UTC)

Pinned Comments

WorMzy commented on 2021-03-02 16:19 (UTC) (edited on 2022-08-03 21:12 (UTC) by WorMzy)

The following key is used to sign release commits:

40481E7B8FCF9CEC

Import it into your keyring however you want.

https://wiki.archlinux.org/index.php/GnuPG#Import_a_public_key

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 .. 36 Next › Last »

jouven commented on 2022-09-28 16:03 (UTC)

@WorMzy with that python2 package version palemoon compiled, thanks.

WorMzy commented on 2022-09-28 15:48 (UTC)

I've only tested with the python2 AUR package, and it builds fine in a clean chroot with that. If you can't get that to build, then try with the last packaged Arch version: # pacman -U https://archive.archlinux.org/packages/p/python2/python2-2.7.18-5-x86_64.pkg.tar.zst

jouven commented on 2022-09-28 15:28 (UTC) (edited on 2022-09-28 15:29 (UTC) by jouven)

I'm having issues building the last version:

If python2 isn't installed, it builds python2 but the python2 tests fail and it stops there.

If I install python2-bin from the aur, palemoon compilation stops early on, complaining:

File "/home/myuser/.cache/yay/palemoon/src/Pale-Moon/platform/build/mach_bootstrap.py", line 8, in <module>
    import json
ImportError: No module named json
==> ERROR: A failure occurred in build().
    Aborting...
 -> error making: palemoon

WorMzy commented on 2022-08-03 21:22 (UTC)

Please note that glibc 2.36 has added arc4random{,_buf}, which is re-declared by the version of libevent bundled with palemoon. This has not yet been resolved upstream, but the issue has been raised by micwoj92 here, and a potential fix has been identified by a dev here. This fix has been included in this package as glibc2.36-fix.patch and builds fine, but minimal testing has been performed that the browser still works as expected. If you run into issues with this build, please contribute to the linked discussion.

Bitals commented on 2022-05-03 14:42 (UTC)

Right, I was looking at the palemoon-dev repo, sorry.

WorMzy commented on 2022-05-03 14:37 (UTC)

@Bitals: Are you checking the right repository? Upstream switched to palemoon-dev for a while following the fallout of the v30 release, but they've since switched back to the Pale-Moon repo: https://repo.palemoon.org/MoonchildProductions/Pale-Moon/releases

The commit used for the 29.4.6 release is https://repo.palemoon.org/MoonchildProductions/Pale-Moon/commit/f694a76857ea2bcc13de94987ae925445d5d587d signed by Moonchild with the aforementioned key.

Bitals commented on 2022-05-03 14:22 (UTC)

@WorMzy That unknown 26B40624BDBFD9F3 key may have something to do with version 29.4.6 not being listed at the Releases page in the repo? The last one I see at upstream right now is

 1 month ago
29.4.5.1_Release
44d7f4b8c3 

WorMzy commented on 2022-04-10 18:51 (UTC)

The key used to sign commit 44d7f4b8c3 was 40481E7B8FCF9CEC: https://repo.palemoon.org/MoonchildProductions/palemoon-dev/commit/44d7f4b8c34dc50c1f54995a6ec0535e2f0549d1

$ git -C src/palemoon-dev verify-commit 44d7f4b8c3
gpg: enabled debug flags: memstat
gpg: Signature made Mon 28 Mar 2022 14:59:31 BST
gpg:                using RSA key 3DAD8CD107197488D2A2A0BD40481E7B8FCF9CEC
gpg: Good signature from "Moonchild (RSA signing key) <moonchild@palemoon.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3DAD 8CD1 0719 7488 D2A2  A0BD 4048 1E7B 8FCF 9CEC
gpg: keydb: handles=3 locks=0 parse=0 get=3
gpg:        build=0 update=0 insert=0 delete=0
gpg:        reset=0 found=3 not=0 cache=0 not=0
gpg: kid_not_found_cache: count=0 peak=0 flushes=0
gpg: sig_cache: total=6 cached=6 good=6 bad=0
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: rndjent stat: collector=0x0000000000000000 calls=0 bytes=0
gpg: secmem usage: 0/32768 bytes in 0 blocks

I don't think 26B40624BDBFD9F3 is used to sign release commits, but if it ever is, I'll add it to the validpgpkeys array.

saburouta commented on 2022-04-10 16:06 (UTC)

Should this public key be trusted? "3059E09144F56804F0FBF4E126B40624BDBFD9F3" I tried to follow related comments in the thread, but it looks like this shouldn't be the key for 29.4.5.1.

WorMzy commented on 2022-03-21 17:00 (UTC) (edited on 2022-03-25 16:27 (UTC) by WorMzy)

Please note that the 30.0.x release has been pulled while upstream deal with the fallout of the actions a disgruntled contributor. While there is nothing suggesting the 30.0.x releases are compromised in any way, the lead dev is understandably too busy performing damage control to support the 30.0.x release and is recommending people stick to 29.4.x for the time being.

More details at https://forum.palemoon.org/viewtopic.php?f=1&t=28044