about summary refs log tree commit diff
path: root/pkgs/applications/networking/browsers/firefox
diff options
context:
space:
mode:
authorMartin Weinelt <mweinelt@users.noreply.github.com>2023-11-19 21:13:16 +0100
committerGitHub <noreply@github.com>2023-11-19 21:13:16 +0100
commitc423e3dda75c4256081ffa04ab293f32ce2a7df9 (patch)
tree64113939426535ae2f4d283cb93429fe8c58399f /pkgs/applications/networking/browsers/firefox
parentc3d775de19d1f76849da54551529e479cc29cbfc (diff)
parentdb262d35698b91db20582d92cd8cac8995978df9 (diff)
downloadnixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar
nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.gz
nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.bz2
nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.lz
nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.xz
nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.zst
nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.zip
Merge pull request #244591 from Infinidoge/fix/firefox-signing
buildMozillaMach: add options to disable signing requirement and to enable addon sideloading
Diffstat (limited to 'pkgs/applications/networking/browsers/firefox')
-rw-r--r--pkgs/applications/networking/browsers/firefox/common.nix5
-rw-r--r--pkgs/applications/networking/browsers/firefox/packages.nix7
-rw-r--r--pkgs/applications/networking/browsers/firefox/wrapper.nix9
3 files changed, 11 insertions, 10 deletions
diff --git a/pkgs/applications/networking/browsers/firefox/common.nix b/pkgs/applications/networking/browsers/firefox/common.nix
index c77411b6c264..5542ca62b93a 100644
--- a/pkgs/applications/networking/browsers/firefox/common.nix
+++ b/pkgs/applications/networking/browsers/firefox/common.nix
@@ -7,6 +7,8 @@
 , application ? "browser"
 , applicationName ? "Mozilla Firefox"
 , branding ? null
+, requireSigning ? true
+, allowAddonSideload ? false
 , src
 , unpackPhase ? null
 , extraPatches ? []
@@ -367,6 +369,8 @@ buildStdenv.mkDerivation {
     configureFlagsArray+=("--with-mozilla-api-keyfile=$TMPDIR/mls-api-key")
   '' + lib.optionalString (enableOfficialBranding && !stdenv.is32bit) ''
     export MOZILLA_OFFICIAL=1
+  '' + lib.optionalString (!requireSigning) ''
+    export MOZ_REQUIRE_SIGNING=
   '' + lib.optionalString stdenv.hostPlatform.isMusl ''
     # linking firefox hits the vm.max_map_count kernel limit with the default musl allocator
     # TODO: Default vm.max_map_count has been increased, retest without this
@@ -408,6 +412,7 @@ buildStdenv.mkDerivation {
   # https://bugzilla.mozilla.org/show_bug.cgi?id=1482204
   ++ lib.optional (ltoSupport && (buildStdenv.isAarch32 || buildStdenv.isi686 || buildStdenv.isx86_64)) "--disable-elf-hack"
   ++ lib.optional (!drmSupport) "--disable-eme"
+  ++ lib.optional (allowAddonSideload) "--allow-addon-sideload"
   ++ [
     (enableFeature alsaSupport "alsa")
     (enableFeature crashreporterSupport "crashreporter")
diff --git a/pkgs/applications/networking/browsers/firefox/packages.nix b/pkgs/applications/networking/browsers/firefox/packages.nix
index c4d59bc2c149..37777f92005d 100644
--- a/pkgs/applications/networking/browsers/firefox/packages.nix
+++ b/pkgs/applications/networking/browsers/firefox/packages.nix
@@ -56,10 +56,11 @@
     };
   };
 
-  firefox-devedition = (buildMozillaMach rec {
+  firefox-devedition = buildMozillaMach rec {
     pname = "firefox-devedition";
     version = "120.0b9";
     applicationName = "Mozilla Firefox Developer Edition";
+    requireSigning = false;
     branding = "browser/branding/aurora";
     src = fetchurl {
       url = "mirror://mozilla/devedition/releases/${version}/source/firefox-${version}.source.tar.xz";
@@ -84,9 +85,7 @@
       versionSuffix = "b[0-9]*";
       baseUrl = "https://archive.mozilla.org/pub/devedition/releases/";
     };
-  }).overrideAttrs (prev: {
-    env.MOZ_REQUIRE_SIGNING = "";
-  });
+  };
 
   firefox-esr-115 = buildMozillaMach rec {
     pname = "firefox-esr-115";
diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix
index 68f547d1f95a..25c7ac5bb659 100644
--- a/pkgs/applications/networking/browsers/firefox/wrapper.nix
+++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix
@@ -115,18 +115,15 @@ let
 
       nameArray = builtins.map(a: a.name) (lib.optionals usesNixExtensions nixExtensions);
 
-      requiresSigning = browser ? MOZ_REQUIRE_SIGNING
-                     -> toString browser.MOZ_REQUIRE_SIGNING != "";
-
       # Check that every extension has a unqiue .name attribute
       # and an extid attribute
       extensions = if nameArray != (lib.unique nameArray) then
         throw "Firefox addon name needs to be unique"
-      else if requiresSigning && !lib.hasSuffix "esr" browser.name then
-        throw "Nix addons are only supported without signature enforcement (eg. Firefox ESR)"
+      else if browser.requireSigning || !browser.allowAddonSideload then
+        throw "Nix addons are only supported with signature enforcement disabled and addon sideloading enabled (eg. LibreWolf)"
       else builtins.map (a:
         if ! (builtins.hasAttr "extid" a) then
-        throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"
+        throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchFirefoxAddon"
         else
         a
       ) (lib.optionals usesNixExtensions nixExtensions);
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-07 16:36:11 +0000