diff options
| author | aszlig <aszlig@redmoonstudios.org> | 2016-11-09 09:55:31 +0100 |
|---|---|---|
| committer | aszlig <aszlig@redmoonstudios.org> | 2016-11-09 09:55:31 +0100 |
| commit | c67a7ee73156796187894c63386b1a78e5902ea5 (patch) | |
| tree | f5154cf24dd9c41e3d2ea722a5040cabd63f30fc /pkgs | |
| parent | cef68b475e8176a4871de5b7ad4d214ebe5c4ba2 (diff) | |
| parent | 4e7eb75a79a48b0d7068f1949f8c7c42553181d7 (diff) | |
| download | nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.gz nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.bz2 nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.lz nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.xz nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.zst nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.zip | |
Merge branch 'chromium-update-with-gn'
This brings in the new stable version 54 which also introduces a lot of security fixes: CVE-2016-5198: Out of bounds memory access in V8 CVE-2016-5181: Universal XSS in Blink CVE-2016-5182: Heap overflow in Blink CVE-2016-5183: Use after free in PDFium CVE-2016-5184: Use after free in PDFium CVE-2016-5185: Use after free in Blink CVE-2016-5187: URL spoofing CVE-2016-5188: UI spoofing CVE-2016-5192: Cross-origin bypass in Blink CVE-2016-5189: URL spoofing CVE-2016-5186: Out of bounds read in DevTools CVE-2016-5191: Universal XSS in Bookmarks CVE-2016-5190: Use after free in Internals CVE-2016-5193: Scheme bypass Detailed announcements about these changes can be found here (latest to oldest): https://googlechromereleases.blogspot.de/2016/11/stable-channel-update-for-desktop.html https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop_20.html https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop.html The update process of Chromium has been a bit bumpy on our side, because version 54 also did the switch from GYP to GN so it wasn't just a matter of updating the upstream-info file. I've tested the Flash plugin (which runs fine) and WideVine manually, although I couldn't get WideVine to work (I was running this within a VM though). So if people want to use WideVine they need to use Chrome instead until we got this sorted out. VM test results along with builds for all platforms can be found here: https://headcounter.org/hydra/eval/339328 I'm going to backport these changes to stable as soon as the tests/builds succeed there as well. Closes: #19565 Closes: #20120
Diffstat (limited to 'pkgs')
9 files changed, 212 insertions, 211 deletions
diff --git a/pkgs/applications/networking/browsers/chromium/browser.nix b/pkgs/applications/networking/browsers/chromium/browser.nix index 9eb25c316f95..58e5ab98c168 100644 --- a/pkgs/applications/networking/browsers/chromium/browser.nix +++ b/pkgs/applications/networking/browsers/chromium/browser.nix @@ -18,6 +18,11 @@ mkChromiumDerivation (base: rec { cp -vLR "$buildPath/locales" "$buildPath/resources" "$libExecPath/" cp -v "$buildPath/chrome" "$libExecPath/$packageName" + if [ -e "$buildPath/libwidevinecdmadapter.so" ]; then + cp -v "$buildPath/libwidevinecdmadapter.so" \ + "$libExecPath/libwidevinecdmadapter.so" + fi + mkdir -p "$sandbox/bin" cp -v "$buildPath/chrome_sandbox" "$sandbox/bin/${sandboxExecutableName}" diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix index 8a561e75f790..07ad1bef25f0 100644 --- a/pkgs/applications/networking/browsers/chromium/common.nix +++ b/pkgs/applications/networking/browsers/chromium/common.nix @@ -1,17 +1,17 @@ -{ stdenv, ninja, which +{ stdenv, gn, ninja, which # default dependencies , bzip2, flac, speex, libopus , libevent, expat, libjpeg, snappy , libpng, libxml2, libxslt, libcap , xdg_utils, yasm, minizip, libwebp -, libusb1, pciutils, nss +, libusb1, pciutils, nss, re2, zlib, libvpx -, python2Packages, perl, pkgconfig +, python, pythonPackages, perl, pkgconfig , nspr, systemd, kerberos , utillinux, alsaLib , bison, gperf -, glib, gtk2, dbus_glib +, glib, gtk2, gtk3, dbus_glib , libXScrnSaver, libXcursor, libXtst, mesa , protobuf, speechd, libXdamage, cups @@ -23,12 +23,12 @@ , enableSELinux ? false, libselinux ? null , enableNaCl ? false , enableHotwording ? false +, enableWideVine ? false , gnomeSupport ? false, gnome ? null , gnomeKeyringSupport ? false, libgnome_keyring3 ? null , proprietaryCodecs ? true , cupsSupport ? true , pulseSupport ? false, libpulseaudio ? null -, hiDPISupport ? false , upstream-info }: @@ -38,47 +38,28 @@ buildFun: with stdenv.lib; let - inherit (python2Packages) python gyp ply jinja2; - # The additional attributes for creating derivations based on the chromium # source tree. extraAttrs = buildFun base; - mkGypFlags = + mkGnFlags = let + # Serialize Nix types into GN types according to this document: + # https://chromium.googlesource.com/chromium/src/+/master/tools/gn/docs/language.md + mkGnString = value: "\"${escape ["\"" "$" "\\"] value}\""; sanitize = value: - if value == true then "1" - else if value == false then "0" - else "${value}"; - toFlag = key: value: "-D${key}=${sanitize value}"; + if value == true then "true" + else if value == false then "false" + else if isList value then "[${concatMapStringsSep ", " sanitize value}]" + else if isInt value then toString value + else if isString value then mkGnString value + else throw "Unsupported type for GN value `${value}'."; + toFlag = key: value: "${key}=${sanitize value}"; in attrs: concatStringsSep " " (attrValues (mapAttrs toFlag attrs)); - gypFlagsUseSystemLibs = { - use_system_bzip2 = true; - use_system_flac = true; - use_system_libevent = true; - use_system_libexpat = true; - # XXX: System libjpeg fails to link for version 52.0.2743.10 - use_system_libjpeg = versionOlder upstream-info.version "52.0.2743.10"; - use_system_libpng = false; - use_system_libwebp = true; - use_system_libxml = true; - use_system_opus = true; - use_system_snappy = true; - use_system_speex = true; - use_system_stlport = true; - use_system_xdg_utils = true; - use_system_yasm = true; - use_system_zlib = false; - use_system_protobuf = false; # needs newer protobuf - - use_system_harfbuzz = false; - use_system_icu = false; # Doesn't support ICU 52 yet. - use_system_libusb = false; # http://crbug.com/266149 - use_system_skia = false; - use_system_sqlite = false; # http://crbug.com/22208 - use_system_v8 = false; - }; + gnSystemLibraries = [ + "flac" "libwebp" "libxml" "libxslt" "snappy" "yasm" + ]; opusWithCustomModes = libopus.override { withCustomModes = true; @@ -89,7 +70,7 @@ let libevent expat libjpeg snappy libpng libxml2 libxslt libcap xdg_utils yasm minizip libwebp - libusb1 + libusb1 re2 zlib ]; # build paths and release info @@ -105,36 +86,27 @@ let src = upstream-info.main; - unpackCmd = '' - tar xf "$src" \ - --anchored \ - --no-wildcards-match-slash \ - --exclude='*/tools/gyp' - ''; + nativeBuildInputs = [ gn which python perl pkgconfig ]; buildInputs = defaultDependencies ++ [ - which - python perl pkgconfig nspr nss systemd utillinux alsaLib bison gperf kerberos glib gtk2 dbus_glib libXScrnSaver libXcursor libXtst mesa pciutils protobuf speechd libXdamage - gyp ply jinja2 + pythonPackages.ply pythonPackages.jinja2 ] ++ optional gnomeKeyringSupport libgnome_keyring3 ++ optionals gnomeSupport [ gnome.GConf libgcrypt ] ++ optional enableSELinux libselinux ++ optionals cupsSupport [ libgcrypt cups ] - ++ optional pulseSupport libpulseaudio; + ++ optional pulseSupport libpulseaudio + ++ optional (versionAtLeast version "56.0.0.0") gtk3; patches = [ - ./patches/widevine.patch ./patches/glibc-2.24.patch - (if versionOlder version "52.0.0.0" - then ./patches/nix_plugin_paths_50.patch - else ./patches/nix_plugin_paths_52.patch) - ]; + ./patches/nix_plugin_paths_52.patch + ] ++ optional enableWideVine ./patches/widevine.patch; postPatch = '' # We want to be able to specify where the sandbox is via CHROME_DEVEL_SANDBOX @@ -143,12 +115,6 @@ let 'return sandbox_binary;' \ 'return base::FilePath(GetDevelSandboxPath());' - sed -i -r \ - -e 's/-f(stack-protector)(-all)?/-fno-\1/' \ - -e 's|/bin/echo|echo|' \ - -e "/python_arch/s/: *'[^']*'/: '""'/" \ - build/common.gypi chrome/chrome_tests.gypi - sed -i -e '/lib_loader.*Load/s!"\(libudev\.so\)!"${systemd.lib}/lib/\1!' \ device/udev_linux/udev?_loader.cc @@ -157,31 +123,37 @@ let sed -i -re 's/([^:])\<(isnan *\()/\1std::\2/g' \ chrome/browser/ui/webui/engagement/site_engagement_ui.cc + + sed -i -e '/#include/ { + i #include <algorithm> + :l; n; bl + }' gpu/config/gpu_control_list.cc + + patchShebangs . '' + optionalString (versionAtLeast version "52.0.0.0") '' sed -i -re 's/([^:])\<(isnan *\()/\1std::\2/g' \ third_party/pdfium/xfa/fxbarcode/utils.h ''; - gypFlags = mkGypFlags (gypFlagsUseSystemLibs // { + gnFlags = mkGnFlags ({ linux_use_bundled_binutils = false; linux_use_bundled_gold = false; linux_use_gold_flags = true; + is_debug = false; proprietary_codecs = false; use_sysroot = false; use_gnome_keyring = gnomeKeyringSupport; use_gconf = gnomeSupport; use_gio = gnomeSupport; - use_pulseaudio = pulseSupport; - linux_link_pulseaudio = pulseSupport; - disable_nacl = !enableNaCl; + enable_nacl = enableNaCl; enable_hotwording = enableHotwording; + enable_widevine = enableWideVine; selinux = enableSELinux; use_cups = cupsSupport; } // { - werror = ""; - clang = false; - enable_hidpi = hiDPISupport; + treat_warnings_as_errors = false; + is_clang = false; # Google API keys, see: # http://www.chromium.org/developers/how-tos/api-keys @@ -195,22 +167,17 @@ let proprietary_codecs = true; enable_hangout_services_extension = true; ffmpeg_branding = "Chrome"; - } // optionalAttrs (stdenv.system == "x86_64-linux") { - target_arch = "x64"; - python_arch = "x86-64"; - } // optionalAttrs (stdenv.system == "i686-linux") { - target_arch = "ia32"; - python_arch = "ia32"; - } // (extraAttrs.gypFlags or {})); + } // optionalAttrs pulseSupport { + use_pulseaudio = true; + link_pulseaudio = true; + } // (extraAttrs.gnFlags or {})); configurePhase = '' - echo "Precompiling .py files to prevent race conditions..." >&2 - python -m compileall -q -f . > /dev/null 2>&1 || : # ignore errors - # This is to ensure expansion of $out. libExecPath="${libExecPath}" - python build/linux/unbundle/replace_gyp_files.py ${gypFlags} - python build/gyp_chromium -f ninja --depth . ${gypFlags} + python build/linux/unbundle/replace_gn_files.py \ + --system-libraries ${toString gnSystemLibraries} + gn gen --args=${escapeShellArg gnFlags} out/Release ''; buildPhase = let @@ -228,5 +195,5 @@ let # Remove some extraAttrs we supplied to the base attributes already. in stdenv.mkDerivation (base // removeAttrs extraAttrs [ - "name" "gypFlags" "buildTargets" + "name" "gnFlags" "buildTargets" ]) diff --git a/pkgs/applications/networking/browsers/chromium/default.nix b/pkgs/applications/networking/browsers/chromium/default.nix index 7402a8bae29b..1556603db2cf 100644 --- a/pkgs/applications/networking/browsers/chromium/default.nix +++ b/pkgs/applications/networking/browsers/chromium/default.nix @@ -12,7 +12,6 @@ , enableWideVine ? false , cupsSupport ? true , pulseSupport ? false -, hiDPISupport ? false }: let @@ -24,7 +23,7 @@ let mkChromiumDerivation = callPackage ./common.nix { inherit enableSELinux enableNaCl enableHotwording gnomeSupport gnome gnomeKeyringSupport proprietaryCodecs cupsSupport pulseSupport - hiDPISupport; + enableWideVine; }; browser = callPackage ./browser.nix { inherit channel; }; diff --git a/pkgs/applications/networking/browsers/chromium/patches/nix_plugin_paths_50.patch b/pkgs/applications/networking/browsers/chromium/patches/nix_plugin_paths_50.patch deleted file mode 100644 index 062098a85225..000000000000 --- a/pkgs/applications/networking/browsers/chromium/patches/nix_plugin_paths_50.patch +++ /dev/null @@ -1,75 +0,0 @@ -diff --git a/chrome/common/chrome_paths.cc b/chrome/common/chrome_paths.cc -index 74bf041..5f34198 100644 ---- a/chrome/common/chrome_paths.cc -+++ b/chrome/common/chrome_paths.cc -@@ -66,21 +66,14 @@ static base::LazyInstance<base::FilePath> - g_invalid_specified_user_data_dir = LAZY_INSTANCE_INITIALIZER; - - // Gets the path for internal plugins. --bool GetInternalPluginsDirectory(base::FilePath* result) { --#if defined(OS_MACOSX) -- // If called from Chrome, get internal plugins from a subdirectory of the -- // framework. -- if (base::mac::AmIBundled()) { -- *result = chrome::GetFrameworkBundlePath(); -- DCHECK(!result->empty()); -- *result = result->Append("Internet Plug-Ins"); -- return true; -- } -- // In tests, just look in the module directory (below). --#endif -- -- // The rest of the world expects plugins in the module directory. -- return PathService::Get(base::DIR_MODULE, result); -+bool GetInternalPluginsDirectory(base::FilePath* result, -+ const std::string& ident) { -+ std::string full_env = std::string("NIX_CHROMIUM_PLUGIN_PATH_") + ident; -+ const char* value = getenv(full_env.c_str()); -+ if (value == NULL) -+ return PathService::Get(base::DIR_MODULE, result); -+ else -+ *result = base::FilePath(value); - } - - #if defined(OS_WIN) -@@ -253,11 +246,11 @@ bool PathProvider(int key, base::FilePath* result) { - create_dir = true; - break; - case chrome::DIR_INTERNAL_PLUGINS: -- if (!GetInternalPluginsDirectory(&cur)) -+ if (!GetInternalPluginsDirectory(&cur, "ALL")) - return false; - break; - case chrome::DIR_PEPPER_FLASH_PLUGIN: -- if (!GetInternalPluginsDirectory(&cur)) -+ if (!GetInternalPluginsDirectory(&cur, "PEPPERFLASH")) - return false; - cur = cur.Append(kPepperFlashBaseDirectory); - break; -@@ -314,7 +307,7 @@ bool PathProvider(int key, base::FilePath* result) { - // We currently need a path here to look up whether the plugin is disabled - // and what its permissions are. - case chrome::FILE_NACL_PLUGIN: -- if (!GetInternalPluginsDirectory(&cur)) -+ if (!GetInternalPluginsDirectory(&cur, "NACL")) - return false; - cur = cur.Append(kInternalNaClPluginFileName); - break; -@@ -349,7 +342,7 @@ bool PathProvider(int key, base::FilePath* result) { - cur = cur.DirName(); - } - #else -- if (!GetInternalPluginsDirectory(&cur)) -+ if (!GetInternalPluginsDirectory(&cur, "PNACL")) - return false; - #endif - cur = cur.Append(FILE_PATH_LITERAL("pnacl")); -@@ -366,7 +359,7 @@ bool PathProvider(int key, base::FilePath* result) { - // In the component case, this is the source adapter. Otherwise, it is the - // actual Pepper module that gets loaded. - case chrome::FILE_WIDEVINE_CDM_ADAPTER: -- if (!GetInternalPluginsDirectory(&cur)) -+ if (!GetInternalPluginsDirectory(&cur, "WIDEVINE")) - return false; - cur = cur.AppendASCII(kWidevineCdmAdapterFileName); - break; diff --git a/pkgs/applications/networking/browsers/chromium/patches/widevine.patch b/pkgs/applications/networking/browsers/chromium/patches/widevine.patch index 45048cada875..90a13928e3bd 100644 --- a/pkgs/applications/networking/browsers/chromium/patches/widevine.patch +++ b/pkgs/applications/networking/browsers/chromium/patches/widevine.patch @@ -1,12 +1,16 @@ -diff -upr chromium-42.0.2311.90.orig/third_party/widevine/cdm/widevine_cdm_version.h chromium-42.0.2311.90/third_party/widevine/cdm/widevine_cdm_version.h ---- chromium-42.0.2311.90.orig/third_party/widevine/cdm/widevine_cdm_version.h 2015-04-15 01:18:59.000000000 +0300 -+++ chromium-42.0.2311.90/third_party/widevine/cdm/widevine_cdm_version.h 2015-04-15 09:09:49.157260050 +0300 -@@ -14,4 +14,8 @@ - // - WIDEVINE_CDM_VERSION_STRING (with the version of the CDM that's available - // as a string, e.g., "1.0.123.456"). +Minimal WideVine patch from Gentoo: + +https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium/files/chromium-widevine-r1.patch + +BTS: https://bugs.gentoo.org/show_bug.cgi?id=547630 + +--- a/third_party/widevine/cdm/stub/widevine_cdm_version.h ++++ b/third_party/widevine/cdm/stub/widevine_cdm_version.h +@@ -10,6 +10,7 @@ + + #include "third_party/widevine/cdm/widevine_cdm_common.h" + ++#define WIDEVINE_CDM_VERSION_STRING "unknown" + #define WIDEVINE_CDM_AVAILABLE -+#include "third_party/widevine/cdm/widevine_cdm_common.h" -+#define WIDEVINE_CDM_AVAILABLE -+#define WIDEVINE_CDM_VERSION_STRING "@WIDEVINE_VERSION@" -+ #endif // WIDEVINE_CDM_VERSION_H_ diff --git a/pkgs/applications/networking/browsers/chromium/plugins.nix b/pkgs/applications/networking/browsers/chromium/plugins.nix index ac7f8111212e..9b779ab98928 100644 --- a/pkgs/applications/networking/browsers/chromium/plugins.nix +++ b/pkgs/applications/networking/browsers/chromium/plugins.nix @@ -1,5 +1,6 @@ { stdenv , jshon +, fetchzip , enablePepperFlash ? false , enableWideVine ? false @@ -9,6 +10,8 @@ with stdenv.lib; let + mkrpath = p: "${makeSearchPathOutput "lib" "lib64" p}:${makeLibraryPath p}"; + # Generate a shell fragment that emits flags appended to the # final makeWrapper call for wrapping the browser's main binary. # @@ -37,14 +40,12 @@ let echo ${toString quoted} > "''$${output}/nix-support/wrapper-flags" ''; - plugins = stdenv.mkDerivation { - name = "chromium-binary-plugins"; + widevine = stdenv.mkDerivation { + name = "chromium-binary-plugin-widevine"; src = upstream-info.binary; phases = [ "unpackPhase" "patchPhase" "installPhase" "checkPhase" ]; - outputs = [ "flash" "widevine" ]; - out = "flash"; # outputs TODO: is this a hack? unpackCmd = let chan = if upstream-info.channel == "dev" then "chrome-unstable" @@ -53,7 +54,6 @@ let in '' mkdir -p plugins ar p "$src" data.tar.xz | tar xJ -C plugins --strip-components=4 \ - ./opt/google/${chan}/PepperFlash \ ./opt/google/${chan}/libwidevinecdm.so \ ./opt/google/${chan}/libwidevinecdmadapter.so ''; @@ -63,17 +63,13 @@ let ! find -iname '*.so' -exec ldd {} + | grep 'not found' ''; - patchPhase = let - rpaths = [ stdenv.cc.cc ]; - mkrpath = p: "${makeSearchPathOutput "lib" "lib64" p}:${makeLibraryPath p}"; - in '' - for sofile in PepperFlash/libpepflashplayer.so \ - libwidevinecdm.so libwidevinecdmadapter.so; do + patchPhase = '' + for sofile in libwidevinecdm.so libwidevinecdmadapter.so; do chmod +x "$sofile" - patchelf --set-rpath "${mkrpath rpaths}" "$sofile" + patchelf --set-rpath "${mkrpath [ stdenv.cc.cc ]}" "$sofile" done - patchelf --set-rpath "$widevine/lib:${mkrpath rpaths}" \ + patchelf --set-rpath "$out/lib:${mkrpath [ stdenv.cc.cc ]}" \ libwidevinecdmadapter.so ''; @@ -81,38 +77,62 @@ let wvName = "Widevine Content Decryption Module"; wvDescription = "Playback of encrypted HTML audio/video content"; wvMimeTypes = "application/x-ppapi-widevine-cdm"; - wvModule = "@widevine@/lib/libwidevinecdmadapter.so"; + wvModule = "@out@/lib/libwidevinecdmadapter.so"; wvInfo = "#${wvName}#${wvDescription};${wvMimeTypes}"; in '' + install -vD libwidevinecdm.so \ + "$out/lib/libwidevinecdm.so" + install -vD libwidevinecdmadapter.so \ + "$out/lib/libwidevinecdmadapter.so" + + ${mkPluginInfo { + flags = [ "--register-pepper-plugins=${wvModule}${wvInfo}" ]; + envVars.NIX_CHROMIUM_PLUGIN_PATH_WIDEVINE = "@out@/lib"; + }} + ''; + }; + + flash = stdenv.mkDerivation rec { + name = "flashplayer-ppapi-${version}"; + version = "23.0.0.205"; + + src = fetchzip { + url = "https://fpdownload.adobe.com/pub/flashplayer/pdc/" + + "${version}/flash_player_ppapi_linux.x86_64.tar.gz"; + sha256 = "0gj5d8475qcplm3iqs3hkq0i6qkmbhci1zp3ljnhafc6xz0avyhj"; + stripRoot = false; + }; + + patchPhase = '' + chmod +x libpepflashplayer.so + patchelf --set-rpath "${mkrpath [ stdenv.cc.cc ]}" libpepflashplayer.so + ''; + + doCheck = true; + checkPhase = '' + ! find -iname '*.so' -exec ldd {} + | grep 'not found' + ''; + + installPhase = '' flashVersion="$( - "${jshon}/bin/jshon" -F PepperFlash/manifest.json -e version -u + "${jshon}/bin/jshon" -F manifest.json -e version -u )" - install -vD PepperFlash/libpepflashplayer.so \ - "$flash/lib/libpepflashplayer.so" + install -vD libpepflashplayer.so "$out/lib/libpepflashplayer.so" ${mkPluginInfo { - output = "flash"; - allowedVars = [ "flash" "flashVersion" ]; + allowedVars = [ "out" "flashVersion" ]; flags = [ - "--ppapi-flash-path=@flash@/lib/libpepflashplayer.so" + "--ppapi-flash-path=@out@/lib/libpepflashplayer.so" "--ppapi-flash-version=@flashVersion@" ]; }} - - install -vD libwidevinecdm.so \ - "$widevine/lib/libwidevinecdm.so" - install -vD libwidevinecdmadapter.so \ - "$widevine/lib/libwidevinecdmadapter.so" - - ${mkPluginInfo { - output = "widevine"; - flags = [ "--register-pepper-plugins=${wvModule}${wvInfo}" ]; - envVars.NIX_CHROMIUM_PLUGIN_PATH_WIDEVINE = "@widevine@/lib"; - }} ''; - passthru.enabled = optional enablePepperFlash plugins.flash - ++ optional enableWideVine plugins.widevine; + dontStrip = true; }; -in plugins + +in { + enabled = optional enableWideVine widevine + ++ optional enablePepperFlash flash; +} diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index dfac55a18b6f..5fa9bb86c51d 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -1,18 +1,18 @@ # This file is autogenerated from update.sh in the same directory. { beta = { - sha256 = "0f6cqvhlg06lrf4bzaiwzm9yi3fi1dk5jrzvjcg7alw3mzrmh2wv"; - sha256bin64 = "02cv9vc1l2nlwa4a0lc7cj9c9czrwp1jd8d024bq16a5fvmhl01l"; - version = "54.0.2840.50"; + sha256 = "11a98nknz7lh5jmjslznccg11nr0wla4c9l40fvxqxjm2gs6qags"; + sha256bin64 = "0qdydj0i9ll72f5m9r48gc3dyc22q6qas5nq8h0mbnrxrwd9dnyj"; + version = "55.0.2883.35"; }; dev = { - sha256 = "06kcymwi0wfir7w10g8viayk2h0b5a66dav76mlia4lm30p502kz"; - sha256bin64 = "0mgamiffnnkaw8c68b5kyna84x7hlhrzmqfc36kzf434fmm8v5d6"; - version = "55.0.2873.0"; + sha256 = "1pfgb5dnygyxiwfq6ini5s159c178zz7235npaag7k8gcc10ybnz"; + sha256bin64 = "14s185361inkqh8ykl94xhgv01z68gxqh7j6gyb4jbr0rhcsd9pl"; + version = "56.0.2906.0"; }; stable = { - sha256 = "1hyw0z7dsfaxyy8b4mvnfjy5yj0160hzz9m0wj3vn9zvkfvmhan5"; - sha256bin64 = "0n0px7yi94gdxq7p6pjqfdz04bnh3mcvbaccjaglj6h5p0jc8abq"; - version = "53.0.2785.143"; + sha256 = "01h1qkdw5dpwz61dybpf4bhag198j082lzwpkdx2nj55k2j3lawl"; + sha256bin64 = "18mxgzi79qhi07wgyyx6bb0lqm9pzkw85ypg6vmqv8gh0abn7dn1"; + version = "54.0.2840.90"; }; } diff --git a/pkgs/development/tools/build-managers/gn/default.nix b/pkgs/development/tools/build-managers/gn/default.nix new file mode 100644 index 000000000000..a579b45cf626 --- /dev/null +++ b/pkgs/development/tools/build-managers/gn/default.nix @@ -0,0 +1,80 @@ +{ stdenv, fetchgit, fetchurl, python, ninja, libevent, xdg-user-dirs }: + +let + date = "20161008"; + + sourceTree = { + "src/base" = { + rev = "e71a514e60b085cc92bf6ef951ec329f52c79f9f"; + sha256 = "0zycbssmd2za0zij8czcs1fr66fi12f1g5ysc8fzkf8khbs5h6a9"; + }; + "src/build" = { + rev = "17093d45bf738e9ae4b6294492860ee65218a657"; + sha256 = "0i9py78c3f46sc789qvdhmgjgyrghysbqjgr67iypwphw52jv2dz"; + }; + "src/tools/gn" = { + rev = "9ff32cf3f1f4ad0212ac674b6303e7aa68f44f3f"; + sha256 = "14jr45k5fgcqk9d18fd77sijlqavvnv0knndh74zyb0b60464hz1"; + }; + "testing/gtest" = { + rev = "585ec31ea716f08233a815e680fc0d4699843938"; + sha256 = "0csn1cza66851nmxxiw42smsm3422mx67vcyykwn0a71lcjng6rc"; + }; + }; + + mkDepend = path: attrs: fetchgit { + url = "https://chromium.googlesource.com/chromium/${path}"; + inherit (attrs) rev sha256; + }; + +in stdenv.mkDerivation rec { + name = "gn-${version}"; + version = "0.0.0.${date}"; + + unpackPhase = '' + ${with stdenv.lib; concatStrings (mapAttrsToList (path: sha256: '' + dest=source/${escapeShellArg (removePrefix "src/" path)} + mkdir -p "$(dirname "$dest")" + cp --no-preserve=all -rT ${escapeShellArg (mkDepend path sha256)} "$dest" + '') sourceTree)} + ( mkdir -p source/third_party + cd source/third_party + unpackFile ${xdg-user-dirs.src} + mv * xdg_user + ) + ''; + + sourceRoot = "source"; + + postPatch = '' + # GN's bootstrap script relies on shebangs (which are relying on FHS paths), + # except when on Windows. So instead of patchShebang-ing it, let's just + # force the same behaviour as on Windows. + sed -i -e '/^def *check_call/,/^[^ ]/ { + s/is_win/True/ + }' tools/gn/bootstrap/bootstrap.py + + # Patch out Chromium-bundled libevent and xdg_user_dirs + sed -i -e '/static_libraries.*libevent/,/^ *\]\?[})]$/d' \ + tools/gn/bootstrap/bootstrap.py + ''; + + NIX_LDFLAGS = "-levent"; + + nativeBuildInputs = [ python ninja ]; + buildInputs = [ libevent ]; + + buildPhase = '' + python tools/gn/bootstrap/bootstrap.py -v -s --no-clean + ''; + + installPhase = '' + install -vD out_bootstrap/gn "$out/bin/gn" + ''; + + meta = { + description = "A meta-build system that generates NinjaBuild files"; + homepage = "https://chromium.googlesource.com/chromium/src/tools/gn/"; + license = stdenv.lib.licenses.bsd3; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b89d1f3a582a..764c4822cb42 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6079,6 +6079,8 @@ in global = callPackage ../development/tools/misc/global { }; + gn = callPackage ../development/tools/build-managers/gn { }; + gnome_doc_utils = callPackage ../development/tools/documentation/gnome-doc-utils {}; gnum4 = callPackage ../development/tools/misc/gnum4 { }; @@ -12275,7 +12277,6 @@ in pulseSupport = config.pulseaudio or true; enablePepperFlash = config.chromium.enablePepperFlash or false; enableWideVine = config.chromium.enableWideVine or false; - hiDPISupport = config.chromium.hiDPISupport or false; gnome = gnome2; }; |