# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Rasmus Thomsen <oss@cogitri.dev>
pkgname=firefox
pkgver=73.0.1
pkgrel=1
pkgdesc="Firefox web browser"
url="https://www.firefox.com/"
arch="all !s390x !armhf" # limited by rust and cargo, build failure on armhf due to wasm
license="GPL-3.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND MPL-2.0"
makedepends="
	alsa-lib-dev
	autoconf2.13
	automake
	bsd-compat-headers
	bzip2-dev
	cargo
	cbindgen
	clang-dev
	dbus-glib-dev
	ffmpeg-dev
	gtk+2.0-dev
	gtk+3.0-dev
	hunspell-dev
	icu-dev>=64.2
	libevent-dev
	libidl-dev
	libjpeg-turbo-dev
	libnotify-dev
	libogg-dev
	libtheora-dev
	libtool
	libvorbis-dev
	libxt-dev
	libxcomposite-dev
	llvm-dev
	mesa-dev
	nasm
	nodejs
	nspr-dev
	nss-dev>=3.44.1
	nss-static
	python2
	sqlite-dev
	sed
	startup-notification-dev
	wireless-tools-dev
	yasm
	zip
	"

source="https://ftp.mozilla.org/pub/firefox/releases/$pkgver/source/firefox-$pkgver.source.tar.xz
	stab.h

	fix-fortify-system-wrappers.patch
	fix-seccomp-bpf.patch
	fix-toolkit.patch
	fix-tools.patch
	mallinfo.patch

	disable-moz-stackwalk.patch
	fix-rust-target.patch
	fix-webrtc-glibcisms.patch
	rust_audio-thread-priority.patch
	fd6847c9416f9eebde636e21d794d25d1be8791d.patch
	allow-custom-rust-vendor.patch
	b3d8b08265b800165d684281d19ac845a8ff9a66.patch

	x86_64-alpine-linux-musl.json
	firefox.desktop
	firefox-safe.desktop"

_mozappdir=/usr/lib/firefox

# help our shared-object scanner to find the libs
ldpath="$_mozappdir"

# secfixes:
#   71.0.1-r0:
#     - CVE-2019-17016
#     - CVE-2019-17017
#     - CVE-2019-17020
#     - CVE-2019-17022
#     - CVE-2019-17023
#     - CVE-2019-17024
#     - CVE-2019-17025
#     - CVE-2019-17026
#   70.0-r0:
#     - CVE-2018-6156
#     - CVE-2019-15903
#     - CVE-2019-11757
#     - CVE-2019-11759
#     - CVE-2019-11760
#     - CVE-2019-11761
#     - CVE-2019-11762
#     - CVE-2019-11763
#     - CVE-2019-11764
#     - CVE-2019-11765
#     - CVE-2019-17000
#     - CVE-2019-17001
#     - CVE-2019-17002
#   68.0.2-r0:
#     - CVE-2019-11733

# we need this because cargo verifies checksums of all files in vendor
# crates when it builds and gives us no way to override or update the
# file sanely... so just clear out the file list
_clear_vendor_checksums() {
	sed -i 's/\("files":{\)[^}]*/\1/' third_party/rust/$1/.cargo-checksum.json
}

prepare() {
	default_prepare
	cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/

	# Firefox needs to know how our custom triplet on x86_64 behaves.
	mkdir rust_targets
	cp "$srcdir"/x86_64-alpine-linux-musl.json rust_targets/.

	_clear_vendor_checksums audio_thread_priority
	_clear_vendor_checksums target-lexicon
}

build() {
	mkdir -p "$builddir"/objdir
	cd "$builddir"/objdir

	export SHELL=/bin/sh
	export BUILD_OFFICIAL=1
	export MOZILLA_OFFICIAL=1
	export USE_SHORT_LIBNAME=1
	# gcc 6
	export CXXFLAGS="-fno-delete-null-pointer-checks -fno-schedule-insns2"
	# Find our triplet JSON
	export RUST_TARGET_PATH="$builddir/rust_targets"

	# set rpath so linker finds the libs
	export LDFLAGS="$LDFLAGS -Wl,-rpath,$_mozappdir"

	case "$CARCH" in
		x86)
			# disable-elf-hack: exists only on arm, x86, x86_64
			_arch_config="--disable-elf-hack"
			export RUST_TARGET="i686-unknown-linux-musl"
			;;
		x86_64)
			# disable-elf-hack: exists only on arm, x86, x86_64
			_arch_config="--disable-elf-hack"
			export RUST_TARGET="$CTARGET"
			;;
		aarch64)
			export RUST_TARGET="aarch64-unknown-linux-musl"
			;;
		armv7)
			# disable-elf-hack: exists only on arm, x86, x86_64
			_arch_config="--disable-elf-hack"
			export RUST_TARGET="armv7-unknown-linux-musleabihf"
			;;
		armhf)
			# disable-elf-hack: exists only on arm, x86, x86_64
			_arch_config="--disable-elf-hack"
			export RUST_TARGET="arm-unknown-linux-musleabihf"
			;;
		ppc64le)
			export RUST_TARGET="powerpc64le-unknown-linux-musl"
			;;
	esac

	# FF doesn't have SIMD available on these arches.
	case "$CARCH" in
		armhf|armv7)
			_rust_simd="--disable-rust-simd"
			_low_mem_flags="--disable-debug-symbols --disable-debug"
			export RUSTFLAGS="$RUSTFLAGS -C debuginfo=0"
		;;
		x86)
			_low_mem_flags="--disable-debug-symbols --disable-debug"
			export RUSTFLAGS="$RUSTFLAGS -C debuginfo=0"
		;;
		*) _rust_simd="--enable-rust-simd" ;;
	esac

	../configure \
		--prefix=/usr \
		$_arch_config \
		--disable-crashreporter \
		--disable-gold \
		--disable-install-strip \
		--disable-jemalloc \
		--disable-profiling \
		--disable-pulseaudio \
		--disable-strip \
		--disable-tests \
		--disable-updater \
		--enable-alsa \
		--enable-default-toolkit=cairo-gtk3-wayland \
		--enable-official-branding \
		--enable-optimize="$CFLAGS -O2" \
		--enable-startup-notification \
		--enable-system-ffi \
		--enable-system-sqlite \
		--enable-ffmpeg \
		$_rust_simd \
		$_low_mem_flags \
		--enable-hardening \
		--with-system-bz2 \
		--with-system-icu \
		--with-system-libevent \
		--with-system-nspr \
		--with-system-nss \
		--with-system-pixman \
		--with-system-png \
		--with-system-zlib \
		--with-clang-path=/usr/bin/clang \
		--with-libclang-path=/usr/lib
		# FIXME: fix build with --with-system-libvpx and libvpx 1.8.0
		# https://bugzilla.mozilla.org/show_bug.cgi?id=1525393
	make
}

package() {
	cd "$builddir"/objdir

	make install \
		DESTDIR="$pkgdir" \
		MOZ_MAKE_FLAGS="$MAKEOPTS"

	install -m755 -d "$pkgdir"/usr/share/applications
	install -m755 -d "$pkgdir"/usr/share/pixmaps

	local _png
	for _png in ../browser/branding/official/default*.png; do
		local i=${_png%.png}
		i=${i##*/default}
		install -D -m644 "$_png" "$pkgdir"/usr/share/icons/hicolor/"$i"x"$i"/apps/firefox.png
	done

	install -m644 "$builddir"/browser/branding/official/default48.png \
		"$pkgdir"/usr/share/pixmaps/firefox.png
	install -m644 "$srcdir"/firefox.desktop "$pkgdir"/usr/share/applications/firefox.desktop
	install -m644 "$srcdir"/firefox-safe.desktop "$pkgdir"/usr/share/applications/firefox-safe.desktop

	# install our vendor prefs
	install -d "$pkgdir"/$_mozappdir/browser/defaults/preferences

	cat >> "$pkgdir"/$_mozappdir/browser/defaults/preferences/firefox-branding.js <<- EOF
	// Use LANG environment variable to choose locale
	pref("intl.locale.requested", "");

	// Disable default browser checking.
	pref("browser.shell.checkDefaultBrowser", false);

	// Don't disable our bundled extensions in the application directory
	pref("extensions.autoDisableScopes", 11);
	pref("extensions.shownSelectionUI", true);
	EOF
}

sha512sums="89fac2c50e092f2805f48399f68cdf0793324e1dce89266f62b76e9b335dfc553ae54a36738992630b6035a52cd65b9aa774e7e54cea2e3ec7d609d9219cdf76  firefox-73.0.1.source.tar.xz
0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127  stab.h
2f4f15974d52de4bb273b62a332d13620945d284bbc6fe6bd0a1f58ff7388443bc1d3bf9c82cc31a8527aad92b0cd3a1bc41d0af5e1800e0dcbd7033e58ffd71  fix-fortify-system-wrappers.patch
84b84d2d7dbc16002510bf856796ad345ac38ef6d3254670230189bba7c2d4781714d231236d5a3d70129a4597b430c3171644b01ad0f5a5bb13b55d407337a4  fix-seccomp-bpf.patch
2c65ea7280e6e89826ebad563ee25203a99ff0b4ba8fc60ec261ada6c69874d649c6ac92fcecc6307a6e5a00de27d7956acf944d556ddfadec0411be16f4e0b8  fix-toolkit.patch
4d55f41d15be7457ad630f8f07e4fc0314c2f75720010b4bbe6a2a7f3228210a1e069949e11795efbe2e784b0762e79fdfe5b8ec38e8a64cb8d9cf3b57dd5af1  fix-tools.patch
a4a3e062661bda64d502d426c480ac9645345860118de9df9ffe6e0597738c70c11e5cdef2d4fd12c5e2ee30a09310159230524655a419a4f7e4eeeb0f3c06b0  mallinfo.patch
454ea3263cabce099accbdc47aaf83be26a19f8b5a4568c01a7ef0384601cf8315efd86cd917f9c8bf419c2c845db89a905f3ff9a8eb0c8e41042e93aa96a85c  disable-moz-stackwalk.patch
089c97e6011e86a9b9d9e7b0c8ba3af0519d1ce4e2b1e9ab7719762d6968388bfa47dad3bf23a6d41c3d66fdcc6c15e2c926e3ff9500bfd4fbf1b53e6d19dc57  fix-rust-target.patch
d35cacb9ede80e6bfbef0709823e536dddfb1c02d776275b0b7adb5969e9927d8c6117df96873569c3f3db0a18ee5db24f8086a9311a05077892be43a3dd8d79  fix-webrtc-glibcisms.patch
18098bae18ce9ead6bca0d93d28e634495fa08a4c0707057f72a9e34205a64a0ce5ab98a4cfc2d492412725b14447eb9553b2976d9620c3d71eba2135c6ba211  rust_audio-thread-priority.patch
60845dcb034b2c4459c30f7d5f25c8176cf42df794e2cc0e86c3e2abb6541c24b962f3a16ca70a288d4d6f377b68d00b2904b22463108559612053d835d9bff1  fd6847c9416f9eebde636e21d794d25d1be8791d.patch
8487a7f1936d493f0429ebbf579469471542fccce3a842803ade3fa76200b0e831a176aff9c8072da17932d01923cfc050611041e3e9e429b25995b9a07bd3cf  allow-custom-rust-vendor.patch
81647de16c8d2959068c36d08244a7a067bedf04e18d04da9201aae884ea15948cae1760b6985b4bd9c13e90b03b2ccc89bb10105712382bc728f070e4f780bb  b3d8b08265b800165d684281d19ac845a8ff9a66.patch
0dfa633abf3f411c90a030c46ee7f8fdde6fdd9f3a0c493599a58633e09b183d6c04590fc1984256e514c1da4f72f43dde3f5dbceef888b08262952b4f894919  x86_64-alpine-linux-musl.json
f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454  firefox.desktop
5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed  firefox-safe.desktop"