chromium: Add some brief documentation
Wanted to do this for a long time to collect important knowledge and make it easier to pass maintainership. Only time will tell if this'll be useful or become outdated instead.
This commit is contained in:
parent
4b8f3aee6f
commit
b36db49ae7
3 changed files with 60 additions and 20 deletions
56
pkgs/applications/networking/browsers/chromium/README.md
Normal file
56
pkgs/applications/networking/browsers/chromium/README.md
Normal file
|
@ -0,0 +1,56 @@
|
|||
# Maintainers
|
||||
|
||||
- TODO: We need more maintainers:
|
||||
- https://github.com/NixOS/nixpkgs/issues/78450
|
||||
- If you just want to help out without becoming a maintainer:
|
||||
- Look for open Nixpkgs issues or PRs related to Chromium
|
||||
- Make your own PRs (but please try to make reviews as easy as possible)
|
||||
- Primary maintainer (responsible for updating Chromium): @primeos
|
||||
- Testers (test all stable channel updates)
|
||||
- `nixos-unstable`:
|
||||
- `x86_64`: @danielfullmer
|
||||
- `aarch64`: @thefloweringash
|
||||
- Stable channel:
|
||||
- `x86_64`: @Frostman
|
||||
- Other relevant packages:
|
||||
- `chromiumBeta` and `chromiumDev`: For testing purposes (not build on Hydra)
|
||||
- `google-chrome`, `google-chrome-beta`, `google-chrome-dev`: Updated via
|
||||
Chromium's `upstream-info.json`
|
||||
- `ungoogled-chromium`: Based on `chromium` (the expressions are regularly
|
||||
copied over and patched accordingly)
|
||||
|
||||
# Updating Chromium
|
||||
|
||||
Simply run `./pkgs/applications/networking/browsers/chromium/update.py` to
|
||||
update `upstream-info.json`. After updates it is important to test at least
|
||||
`nixosTests.chromium` (or basic manual testing) and `google-chrome` (which
|
||||
reuses `upstream-info.json`).
|
||||
|
||||
## Backports
|
||||
|
||||
All updates are considered security critical and should be ported to the stable
|
||||
channel ASAP. When there is a new stable release the old one should receive
|
||||
security updates for roughly one month. After that it is important to mark
|
||||
Chromium as insecure (see 69e4ae56c4b for an example; it is important that the
|
||||
tested job still succeeds and that all browsers that use `upstream-info.json`
|
||||
are marked as insecure).
|
||||
|
||||
## Major version updates
|
||||
|
||||
Unfortunately, Chromium regularly breaks on major updates and might need
|
||||
various patches. Either due to issues with the Nix build sandbox (e.g. we cannot
|
||||
fetch dependencies via the network and do not use standard FHS paths) or due to
|
||||
missing upstream fixes that need to be backported.
|
||||
|
||||
Good sources for such patches and other hints:
|
||||
- https://github.com/archlinux/svntogit-packages/tree/packages/chromium/trunk
|
||||
- https://gitweb.gentoo.org/repo/gentoo.git/tree/www-client/chromium
|
||||
- https://src.fedoraproject.org/rpms/chromium/tree/master
|
||||
|
||||
If the build fails immediately due to unknown compiler flags this usually means
|
||||
that a new major release of LLVM is required.
|
||||
|
||||
## Beta and Dev channels
|
||||
|
||||
Those channels are only used to test and fix builds in advance. They may be
|
||||
broken at times and must not delay stable channel updates.
|
|
@ -77,18 +77,10 @@ mkChromiumDerivation (base: rec {
|
|||
of source code for Google Chrome (which has some additional features).
|
||||
'';
|
||||
homepage = "https://www.chromium.org/";
|
||||
maintainers = with maintainers; [ bendlas thefloweringash primeos ];
|
||||
# Overview of the maintainer roles:
|
||||
# nixos-unstable:
|
||||
# - TODO: Need a new maintainer for x86_64 [0]
|
||||
# - @thefloweringash: aarch64
|
||||
# - @primeos: Provisional maintainer (x86_64)
|
||||
# Stable channel:
|
||||
# - TODO (need someone to test backports [0])
|
||||
# [0]: https://github.com/NixOS/nixpkgs/issues/78450
|
||||
maintainers = with maintainers; [ primeos thefloweringash bendlas ]; # See README.md
|
||||
license = if enableWideVine then licenses.unfree else licenses.bsd3;
|
||||
platforms = platforms.linux;
|
||||
hydraPlatforms = if channel == "stable" then ["aarch64-linux" "x86_64-linux"] else [];
|
||||
timeout = 172800; # 48 hours
|
||||
timeout = 172800; # 48 hours (increased from the Hydra default of 10h)
|
||||
};
|
||||
})
|
||||
|
|
|
@ -154,16 +154,8 @@ let
|
|||
++ optionals useOzone [ libdrm wayland mesa_drivers libxkbcommon ];
|
||||
|
||||
patches = [
|
||||
./patches/no-build-timestamps.patch
|
||||
./patches/widevine-79.patch
|
||||
# Unfortunately, chromium regularly breaks on major updates and
|
||||
# then needs various patches backported in order to be compiled with GCC.
|
||||
# Good sources for such patches and other hints:
|
||||
# - https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/chromium/
|
||||
# - https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/chromium
|
||||
# - https://github.com/chromium/chromium/search?q=GCC&s=committer-date&type=Commits
|
||||
#
|
||||
# ++ optionals (channel == "dev") [ ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" ) ]
|
||||
./patches/no-build-timestamps.patch # Optional patch to use SOURCE_DATE_EPOCH in compute_build_timestamp.py (should be upstreamed)
|
||||
./patches/widevine-79.patch # For bundling Widevine (DRM), might be replaceable via bundle_widevine_cdm=true in gnFlags
|
||||
# ++ optional (versionRange "68" "72") ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" )
|
||||
] ++ optionals (useVaapi) [
|
||||
# Check for enable-accelerated-video-decode on Linux:
|
||||
|
|
Loading…
Reference in a new issue