aboutsummaryrefslogtreecommitdiffstats
path: root/community/firefox-esr/APKBUILD
blob: 209ed8f8314519b1836aecd20c4aeba8274ceaf8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=firefox-esr
pkgver=68.1.0
pkgrel=0
pkgdesc="Firefox web browser - Extended Support Release"
url="https://www.mozilla.org/en-US/firefox/organizations/"
# limited by rust and cargo
arch="x86_64"
license="GPL LGPL MPL"
makedepends="
	alsa-lib-dev
	autoconf2.13
	automake
	bsd-compat-headers
	bzip2-dev
	cargo
	cbindgen
	clang-dev
	dbus-glib-dev
	ffmpeg-dev
	gtk+2.0-dev
	gtk+3.0-dev
	hunspell-dev
	icu-dev>=64.2
	libevent-dev
	libidl-dev
	libjpeg-turbo-dev
	libnotify-dev
	libogg-dev
	libtheora-dev
	libtool
	libvorbis-dev
	libxt-dev
	libxcomposite-dev
	llvm8-dev
	mesa-dev
	nasm
	nodejs
	nspr-dev
	nss-dev>=3.45
	nss-static
	python3-dev
	sqlite-dev
	sed
	startup-notification-dev
	wireless-tools-dev
	yasm
	zip
	"

source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox-"$pkgver"esr.source.tar.xz
	stab.h

	fix-fortify-system-wrappers.patch
	fix-seccomp-bpf.patch
	fix-toolkit.patch
	fix-tools.patch
	mallinfo.patch

	disable-moz-stackwalk.patch
	fix-musl.patch
	fix-rust-target.patch
	fix-webrtc-glibcisms.patch
	fix-sandbox-membarrier.patch

	firefox.desktop
	firefox-safe.desktop"

builddir="${srcdir}/firefox-$pkgver"
_mozappdir=/usr/lib/firefox

# help our shared-object scanner to find the libs
ldpath="$_mozappdir"

# secfixes:
#   68.1.0-r0:
#     - CVE-2019-9812
#     - CVE-2019-11740
#     - CVE-2019-11742
#     - CVE-2019-11743
#     - CVE-2019-11744
#     - CVE-2019-11746
#     - CVE-2019-11752
#   68.0.2-r0:
#     - CVE-2019-11733
#   68.0-r0:
#     - CVE-2019-11709
#     - CVE-2019-11711
#     - CVE-2019-11712
#     - CVE-2019-11713
#     - CVE-2019-11715
#     - CVE-2019-11717
#     - CVE-2019-11719
#     - CVE-2019-11729
#     - CVE-2019-11730
#     - CVE-2019-9811
#   60.7.2-r0:
#     - CVE-2019-11708
#   60.7.1-r0:
#     - CVE-2019-11707
#   60.7.0-r0:
#     - CVE-2019-9815
#     - CVE-2019-9816
#     - CVE-2019-9817
#     - CVE-2019-9818
#     - CVE-2019-9819
#     - CVE-2019-9820
#     - CVE-2019-11691
#     - CVE-2019-11692
#     - CVE-2019-11693
#     - CVE-2019-7317
#     - CVE-2019-9797
#     - CVE-2018-18511
#     - CVE-2019-11694
#     - CVE-2019-11698
#     - CVE-2019-5798
#     - CVE-2019-9800
#   60.6.1-r0:
#     - CVE-2019-9810
#     - CVE-2019-9813
#     - CVE-2019-9790
#     - CVE-2019-9791
#     - CVE-2019-9792
#     - CVE-2019-9793
#     - CVE-2019-9794
#     - CVE-2019-9795
#     - CVE-2019-9796
#     - CVE-2019-9801
#     - CVE-2018-18506
#     - CVE-2019-9788
#   60.5.2-r0:
#     - CVE-2019-5785
#     - CVE-2018-18335
#     - CVE-2018-18356
#   60.5.0-r0:
#     - CVE-2018-18500
#     - CVE-2018-18505
#     - CVE-2018-18501
#   52.6.0-r0:
#     - CVE-2018-5089
#     - CVE-2018-5091
#     - CVE-2018-5095
#     - CVE-2018-5096
#     - CVE-2018-5097
#     - CVE-2018-5098
#     - CVE-2018-5099
#     - CVE-2018-5102
#     - CVE-2018-5103
#     - CVE-2018-5104
#     - CVE-2018-5117
#   52.5.2-r0:
#     - CVE-2017-7843
#     - CVE-2017-7843

prepare() {
	default_prepare
	cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/
}

build() {
	mkdir -p "$builddir"/objdir
	cd "$builddir"/objdir

	export SHELL=/bin/sh
	export BUILD_OFFICIAL=1
	export MOZILLA_OFFICIAL=1
	export USE_SHORT_LIBNAME=1
	# gcc 6
	export CXXFLAGS="-fno-delete-null-pointer-checks -fno-schedule-insns2"

	# set rpath so linker finds the libs
	export LDFLAGS="$LDFLAGS -Wl,-rpath,${_mozappdir}"

	../configure \
		--prefix=/usr \
		\
		--disable-crashreporter \
		--disable-elf-hack \
		--disable-gold \
		--disable-install-strip \
		--disable-jemalloc \
		--disable-profiling \
		--disable-pulseaudio \
		--disable-strip \
		--disable-tests \
		--disable-updater \
		\
		--enable-alsa \
		--enable-default-toolkit=cairo-gtk3 \
		--enable-official-branding \
		--enable-optimize="$CFLAGS -O2" \
		--enable-startup-notification \
		--enable-system-ffi \
		--enable-system-sqlite \
		--enable-ffmpeg \
		--enable-hardening \
		--enable-rust-simd \
		\
		--with-system-bz2 \
		--with-system-icu \
		--with-system-libevent \
		--with-system-nspr \
		--with-system-nss \
		--with-system-pixman \
		--with-system-png \
		--with-system-zlib \
		--with-clang-path=/usr/bin/clang \
		--with-libclang-path=/usr/lib
		# FIXME: fix build with --with-system-libvpx and libvpx 1.8.0
		# https://bugzilla.mozilla.org/show_bug.cgi?id=1525393
	make
}

package() {
	cd "$builddir"/objdir

	make install \
		DESTDIR="$pkgdir" \
		MOZ_MAKE_FLAGS="$MAKEOPTS"

	install -m755 -d ${pkgdir}/usr/share/applications
	install -m755 -d ${pkgdir}/usr/share/pixmaps

	local png
	for png in ../browser/branding/official/default*.png; do
		local i=${_png%.png}
		i=${i##*/default}
		install -D -m644 "$png" "$pkgdir"/usr/share/icons/hicolor/${i}x${i}/apps/firefox.png
	done

	install -m644 "$builddir"/browser/branding/official/default48.png \
		${pkgdir}/usr/share/pixmaps/firefox.png
	install -m644 ${srcdir}/firefox.desktop ${pkgdir}/usr/share/applications/firefox.desktop
	install -m644 ${srcdir}/firefox-safe.desktop ${pkgdir}/usr/share/applications/firefox-safe.desktop

	# launcher as symlink is broken from firefox-7.0
	rm "$pkgdir"/usr/bin/firefox
	libgl=$(scanelf -qF '#F%S' /usr/lib/libGL.so)
	cat > "$pkgdir"/usr/bin/firefox << __EOF__
#!/bin/sh

exec $_mozappdir/firefox "\$@"
__EOF__
	chmod 755 "$pkgdir"/usr/bin/firefox

	# install our vendor prefs
	install -d "$pkgdir"/$_mozappdir/browser/defaults/preferences

	cat >> "$pkgdir"/$_mozappdir/browser/defaults/preferences/firefox-branding.js <<- EOF
	// Use LANG environment variable to choose locale
	pref("intl.locale.requested", "");

	// Disable default browser checking.
	pref("browser.shell.checkDefaultBrowser", false);

	// Don't disable our bundled extensions in the application directory
	pref("extensions.autoDisableScopes", 11);
	pref("extensions.shownSelectionUI", true);
	EOF

	# remove copied, huge, libraries
	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozjs.so
	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozalloc.so
	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libxul.so
}

sha512sums="a53b04b6a4fc98065596117b6bc0aee40c36f74bca02dc7486fda7e9556ad6f221f5ead94db1dc5db572f277556a21b22a0395dae107b67336ca91e33df9882c  firefox-68.1.0esr.source.tar.xz
0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127  stab.h
2f4f15974d52de4bb273b62a332d13620945d284bbc6fe6bd0a1f58ff7388443bc1d3bf9c82cc31a8527aad92b0cd3a1bc41d0af5e1800e0dcbd7033e58ffd71  fix-fortify-system-wrappers.patch
84b84d2d7dbc16002510bf856796ad345ac38ef6d3254670230189bba7c2d4781714d231236d5a3d70129a4597b430c3171644b01ad0f5a5bb13b55d407337a4  fix-seccomp-bpf.patch
2c65ea7280e6e89826ebad563ee25203a99ff0b4ba8fc60ec261ada6c69874d649c6ac92fcecc6307a6e5a00de27d7956acf944d556ddfadec0411be16f4e0b8  fix-toolkit.patch
4d55f41d15be7457ad630f8f07e4fc0314c2f75720010b4bbe6a2a7f3228210a1e069949e11795efbe2e784b0762e79fdfe5b8ec38e8a64cb8d9cf3b57dd5af1  fix-tools.patch
a4a3e062661bda64d502d426c480ac9645345860118de9df9ffe6e0597738c70c11e5cdef2d4fd12c5e2ee30a09310159230524655a419a4f7e4eeeb0f3c06b0  mallinfo.patch
454ea3263cabce099accbdc47aaf83be26a19f8b5a4568c01a7ef0384601cf8315efd86cd917f9c8bf419c2c845db89a905f3ff9a8eb0c8e41042e93aa96a85c  disable-moz-stackwalk.patch
e0df4fc649012f023443ce9165da29d36459dbca5df64a31008b28d96264fba909858de36d0cf1b1cb1aab898342413f0cd77c90ebe21d1f9a0504631d6d1d0e  fix-musl.patch
676c47e3dc25b059a2efcc7bbb0e7748be7f8a908d1ed6c4d81a0930a35ed28566bdc738b84e13fd11c0e7f07ab1a1969caa06b3acf9b95002eb6b3beb30b82c  fix-rust-target.patch
d35cacb9ede80e6bfbef0709823e536dddfb1c02d776275b0b7adb5969e9927d8c6117df96873569c3f3db0a18ee5db24f8086a9311a05077892be43a3dd8d79  fix-webrtc-glibcisms.patch
f85f2c19c3dafab915bcb40e580fc442fd9eab5916696849edf0b105c758dd807dfe23a6479935613c81496711eb377c73227c03eb8582204c3442a4d0e397a2  fix-sandbox-membarrier.patch
f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454  firefox.desktop
5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed  firefox-safe.desktop"