about summary refs log tree commit diff
path: root/pkgs
diff options
context:
space:
mode:
authorInfinidoge <infinidoge@inx.moe>2023-07-20 19:13:51 -0400
committerInfinidoge <infinidoge@inx.moe>2023-11-14 09:46:13 -0500
commitc4c81ac8a219e8725dae514f49c7c1b960632e67 (patch)
treea1cf89b14d86d5e17913d8be533bcb0e1f1ea5e1 /pkgs
parent377f9c29b39d3e5e3588baa2d3fbd800071f55a9 (diff)
downloadnixlib-c4c81ac8a219e8725dae514f49c7c1b960632e67.tar
nixlib-c4c81ac8a219e8725dae514f49c7c1b960632e67.tar.gz
nixlib-c4c81ac8a219e8725dae514f49c7c1b960632e67.tar.bz2
nixlib-c4c81ac8a219e8725dae514f49c7c1b960632e67.tar.lz
nixlib-c4c81ac8a219e8725dae514f49c7c1b960632e67.tar.xz
nixlib-c4c81ac8a219e8725dae514f49c7c1b960632e67.tar.zst
nixlib-c4c81ac8a219e8725dae514f49c7c1b960632e67.zip
buildMozillaMach: support disabling extension signing enforcement
Previously, derivations specified the environment variable themselves,
which did not actually disable signing enforcement.
Diffstat (limited to 'pkgs')
-rw-r--r--pkgs/applications/networking/browsers/firefox/common.nix3
-rw-r--r--pkgs/applications/networking/browsers/firefox/packages.nix7
-rw-r--r--pkgs/applications/networking/browsers/firefox/wrapper.nix7
-rw-r--r--pkgs/applications/networking/browsers/librewolf/default.nix7
4 files changed, 11 insertions, 13 deletions
diff --git a/pkgs/applications/networking/browsers/firefox/common.nix b/pkgs/applications/networking/browsers/firefox/common.nix
index 348c93d0c383..26145c69fd83 100644
--- a/pkgs/applications/networking/browsers/firefox/common.nix
+++ b/pkgs/applications/networking/browsers/firefox/common.nix
@@ -6,6 +6,7 @@
 , application ? "browser"
 , applicationName ? "Mozilla Firefox"
 , branding ? null
+, requireSigning ? true
 , src
 , unpackPhase ? null
 , extraPatches ? []
@@ -367,6 +368,8 @@ buildStdenv.mkDerivation {
     configureFlagsArray+=("--with-mozilla-api-keyfile=$TMPDIR/mls-api-key")
   '' + lib.optionalString (enableOfficialBranding && !stdenv.is32bit) ''
     export MOZILLA_OFFICIAL=1
+  '' + lib.optionalString (!requireSigning) ''
+    export MOZ_REQUIRE_SIGNING=
   '' + lib.optionalString stdenv.hostPlatform.isMusl ''
     # linking firefox hits the vm.max_map_count kernel limit with the default musl allocator
     # TODO: Default vm.max_map_count has been increased, retest without this
diff --git a/pkgs/applications/networking/browsers/firefox/packages.nix b/pkgs/applications/networking/browsers/firefox/packages.nix
index 27f3ec022ce3..bd9794b0cde9 100644
--- a/pkgs/applications/networking/browsers/firefox/packages.nix
+++ b/pkgs/applications/networking/browsers/firefox/packages.nix
@@ -54,10 +54,11 @@
     };
   };
 
-  firefox-devedition = (buildMozillaMach rec {
+  firefox-devedition = buildMozillaMach rec {
     pname = "firefox-devedition";
     version = "116.0b3";
     applicationName = "Mozilla Firefox Developer Edition";
+    requireSigning = false;
     branding = "browser/branding/aurora";
     src = fetchurl {
       url = "mirror://mozilla/devedition/releases/${version}/source/firefox-${version}.source.tar.xz";
@@ -81,9 +82,7 @@
       versionSuffix = "b[0-9]*";
       baseUrl = "https://archive.mozilla.org/pub/devedition/releases/";
     };
-  }).overrideAttrs (prev: {
-    env.MOZ_REQUIRE_SIGNING = "";
-  });
+  };
 
   firefox-esr-102 = buildMozillaMach rec {
     pname = "firefox-esr-102";
diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix
index 6b08a891ec69..7ff74a971ca6 100644
--- a/pkgs/applications/networking/browsers/firefox/wrapper.nix
+++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix
@@ -102,15 +102,12 @@ let
 
       nameArray = builtins.map(a: a.name) (lib.optionals usesNixExtensions nixExtensions);
 
-      requiresSigning = browser ? MOZ_REQUIRE_SIGNING
-                     -> toString browser.MOZ_REQUIRE_SIGNING != "";
-
       # Check that every extension has a unqiue .name attribute
       # and an extid attribute
       extensions = if nameArray != (lib.unique nameArray) then
         throw "Firefox addon name needs to be unique"
-      else if requiresSigning && !lib.hasSuffix "esr" browser.name then
-        throw "Nix addons are only supported without signature enforcement (eg. Firefox ESR)"
+      else if browser.requireSigning then
+        throw "Nix addons are only supported with signature enforcement disabled"
       else builtins.map (a:
         if ! (builtins.hasAttr "extid" a) then
         throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"
diff --git a/pkgs/applications/networking/browsers/librewolf/default.nix b/pkgs/applications/networking/browsers/librewolf/default.nix
index 4dde2d57d7e0..49f48db6858f 100644
--- a/pkgs/applications/networking/browsers/librewolf/default.nix
+++ b/pkgs/applications/networking/browsers/librewolf/default.nix
@@ -3,12 +3,13 @@
 let
   librewolf-src = callPackage ./librewolf.nix { };
 in
-((buildMozillaMach rec {
+(buildMozillaMach rec {
   pname = "librewolf";
   applicationName = "LibreWolf";
   binaryName = "librewolf";
   version = librewolf-src.packageVersion;
   src = librewolf-src.firefox;
+  requireSigning = false;
   inherit (librewolf-src) extraConfigureFlags extraPatches extraPostPatch extraPassthru;
 
   meta = {
@@ -29,6 +30,4 @@ in
 }).override {
   crashreporterSupport = false;
   enableOfficialBranding = false;
-}).overrideAttrs (prev: {
-  MOZ_REQUIRE_SIGNING = "";
-})
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-15 05:34:09 +0000