Commit graph

255 commits

Author SHA1 Message Date
Ben Siraphob
badf51221d treewide: stdenv.lib -> lib 2021-01-16 17:58:11 +07:00
Michael Weiss
86ff1e45ce
ungoogled-chromium: Support enableWideVine=true
Building with Google's proprietary Widevine DRM technology requires
fetching the Google Chrome sources.
2020-12-22 13:35:40 +01:00
Michael Weiss
be94a4cf23
ungoogled-chromium: Try to fix an evaluation error on Hydra
This should fix a regression from #106475 (hopefully this is the only
issue, my current implementation with channel+ungoogled isn't ideal):
https://github.com/NixOS/nixpkgs/pull/106475#issuecomment-748131224
2020-12-18 16:21:37 +01:00
Michael Weiss
240a8f746e
ungoogled-chromium: Move ungoogled-src.nix into upstream-info.json
This also adds a dedicated channel for ungoogled-chromium that enables
us to update ungoogled-chromium independently of chromium.
TODO: Automate ungoogled-chromium updates via update.py (currently it
needs to be updated manually).

Note: Unfortunately this changes the ungoogled-chromium derivation
because common.nix passes the channel as an argument to
stdenv.mkDerivation (this makes it more difficult to verify this commit
but the result should remain the same).
2020-12-10 17:41:22 +01:00
Michael Weiss
2b6b434477
ungoogled-chromium: Merge back into chromium
I used nix-instantiate to verify that the derivations for chromium and
ungoogled-chromium remain unchanged (only the meta attributes change
slightly as I added myself as ungoogled-chromium to receive
notifications for PRs/issues).
2020-12-10 17:41:11 +01:00
Michael Weiss
063b369908
chromium: Cleanup useOzone and useVaapi
But since Ozone is still experimental I'll keep useOzone in common.nix
for some time.
2020-11-27 23:03:48 +01:00
Michael Weiss
54673b1f3b
chromium: 86.0.4240.198 -> 87.0.4280.66
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html

This update includes 33 security fixes.

CVEs:
CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021
CVE-2020-16022 CVE-2020-16015 CVE-2020-16014 CVE-2020-16023
CVE-2020-16024 CVE-2020-16025 CVE-2020-16026 CVE-2020-16027
CVE-2020-16028 CVE-2020-16029 CVE-2020-16030 CVE-2019-8075
CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034
CVE-2020-16035 CVE-2020-16012 CVE-2020-16036

Note: We'll finally build with use_ozone=true on Hydra now :) \o/
2020-11-17 22:53:12 +01:00
Michael Weiss
d7f5386474
chromium: Extend update.py to automatically update gn
The gn version depends on the channel and new gn versions aren't always
backward compatible. Therefore we should also include it in
upstream-info.json (I've scoped it under "deps" as we'll likely have to
add more like this in the future).
2020-11-03 20:00:25 +01:00
Michael Weiss
7c700c9ff6
chromium: Drop useVaapi (was deprecated) 2020-10-29 13:48:38 +01:00
Michael Weiss
50a2f50acb
chromiumDev: 88.0.4292.2 -> 88.0.4298.4
This should also fix VA-API for chromiumBeta (though that part needs
some cleanup). However, chromiumDev likely still fails due to the
absence of dirmd (not included in the tarball so far, we might have to
package and add it as a dependency).
2020-10-23 17:49:46 +02:00
Michael Weiss
73b67da169
chromium: Disable VA-API by default
This is done to avoid driver specific issues and restores the previous
behaviour. Like before video acceleration can be enabled without having
to rebuild Chromium.
2020-10-09 21:59:48 +02:00
Michael Weiss
f79703e50c
chromium: 85.0.4183.121 -> 86.0.4240.75
https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html

This update includes 35 security fixes.

CVEs:
CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970
CVE-2020-15971 CVE-2020-15972 CVE-2020-15990 CVE-2020-15991
CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976
CVE-2020-6557 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979
CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983
CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987
CVE-2020-15992 CVE-2020-15988 CVE-2020-15989
2020-10-07 20:37:35 +02:00
Michael Weiss
e249baca22
chromiumDev: M86 -> M87 2020-09-10 12:31:00 +02:00
Michael Weiss
1fa610bdf0
chromium: Prefix $PATH with xdg_utils (#96922)
This is required for certain URIs that require launching external
programs (e.g. mailto:, magnet:, or irc:) or setting the default browser
via xdg-settings.
Fix #96897 and fix #92751.
2020-09-06 23:20:30 +02:00
Tethys Svensson
2927a19be3 chromium: Unblock nixos-unstable by using the correct argument to fetchurl 2020-09-06 14:54:42 +02:00
Alyssa Ross
de69b705d2 chromium: replace update.nix with Python impl
update.nix was a huuuuge hack, abusing checksum collisions, etc., and
was extremely difficult to read and maintain, especially because
values from update.nix were also used in the derivations themselves!

I've replaced this with an implementation in Python, which I chose for
readability.  Rather than generating Nix, I chose to
generate JSON, since Python can do that in the standard library and
Nix can read it.

I also set update.py as an updateScript, so Chromium can now
automatically be updated!

Fixes: https://github.com/NixOS/nixpkgs/issues/89635
2020-09-05 11:20:13 +02:00
Michael Weiss
9a96d71f71
chromiumDev: Unbreak the build by using LLVM 11 2020-08-26 22:29:07 +02:00
Michael Weiss
25aed428aa
chromium: Make the gnChromium overrides depend on the version
This is more robust than depending on the channel, though the version
should only matter if the configuration phase fails.
This also switches to the intended version for `chromium` which should
be higher since M85 is in the stable channel.

Thanks `@volth` for pointing this out.
2020-08-25 23:22:41 +02:00
f4814n
6e4d33a001
chromium: Add missing dependency on coreutils (#94578)
The script that runs chromium calls tr from coreutils - however
it just assumed that coreutils are in PATH.

With missing coreutils chromium did still launch (at least with
d433839007 applied) but emitted
`line 15: tr: command not found` error messages.
2020-08-03 17:58:41 +02:00
Michael Weiss
11fbe97810
chromium{Beta,Dev}: M84 -> M85 -> M86 (broken)
Mark chromiumDev as broken since the build requires LLVM 11 which is not
yet in Nixpkgs (due to the lack of an RC, see #93324). Build error:
clang (LLVM option parsing): Unknown command line argument '-basic-aa-recphi=0'.  Try: 'clang (LLVM option parsing) --help'
clang (LLVM option parsing): Did you mean '--basicaa-recphi=0'?
ninja: build stopped: subcommand failed.
2020-07-24 13:40:24 +02:00
Griffin Smith
d433839007 chromium: Add missing dependency on gnugrep
The bin script that runs chromium calls out to gnugrep - but gnugrep is
missing as a runtime dependency of the chromium package. I found this
out when I was trying to put it in a docker image.
2020-07-17 18:33:43 +02:00
Domen Kožar
347ab190c7
remove usage of patchelfUnstable now that it's released 2020-07-08 21:55:09 +02:00
Florian Klink
495cf5fd17
Merge pull request #89565 from jsravn/enable-chromium-rtc-use-pipewire
chromium: add rtc_use_pipewire
2020-06-07 21:13:28 +02:00
Michael Weiss
029a5de083
chromiumDev: Fix the configuration phase
Relevant changes in M85:
- Upstream switched from YASM to NASM [0].
- third_party/binutils was removed [1].

Note: The gn and dev channel updates are optional.
cc #89615.

[0]: https://bugs.chromium.org/p/chromium/issues/detail?id=766721
[1]: 9869e86fd9
2020-06-06 19:38:53 +02:00
James Ravn
1535270d91
Add pipewire to runtime path 2020-06-06 17:08:39 +01:00
Michael Weiss
cdd95a9625
chromium: 81.0.4044.138 -> 83.0.4103.61
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html

This update includes 38 security fixes.

CVEs:
CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469
CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474
CVE-2020-6475 CVE-2020-6476 CVE-2020-6477 CVE-2020-6478 CVE-2020-6479
CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484
CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489
CVE-2020-6490 CVE-2020-6491
2020-05-19 23:55:32 +02:00
Michael Weiss
267eefcdb7
chromium: Build with VA-API but disable it by default
This makes it possible to enable VA-API without having to rebuild
Chromium: `chromium.override { enableVaapi = true; }`
2020-04-18 13:46:22 +02:00
Michael Weiss
cb5c0a4bbc
chromium{Beta,Dev}: M81 -> M83 -> M84 2020-04-17 13:44:45 +02:00
Michael Weiss
ad3220f9ff
chromiumDev: Override gn to fix the configuration phase
The configuration phase was failing due to:
```
configuring
ERROR at //BUILD.gn:1376:5: Unknown function.
    filter_exclude([ "$root_build_dir/foo" ],
    ^-------------
```
2020-04-06 12:52:52 +02:00
Artemis Tosini
b3e1a1bbbb
chromium: Add option to enable ozone (for Wayland) 2020-03-27 21:16:38 +00:00
Michael Weiss
1d961a4c6d
chromiumDev: Fix the build
Building Chromium 82 requires LLVM 10 for the new argument
"-fintegrated-cc1". LLVM 9 fails with:
clang++: error: unknown argument: '-fintegrated-cc1'
2020-02-26 19:21:59 +01:00
Ivan Kozik
af006f9ff3 chromium: fix enableWideVine for v79 which needs the manifest.json in WidevineCdm/ 2019-12-15 04:56:01 +00:00
Ivan Kozik
950230bc84 chromium: remove enableNaCl option
This hasn't worked since 2016 (https://github.com/NixOS/nixpkgs/issues/13983)
and is being removed very soon, per "Q4 2019" in
https://developer.chrome.com/native-client/migration

(It's staying around for "Chrome Apps", but those only run on ChromeOS now.)

earth.google.com users can use https://earth.google.com/web/?beta=1 to get
the wasm version instead of the PNaCl version.
2019-12-15 04:55:30 +00:00
Ivan Kozik
ec75ea3329 chromium: use llvmPackages_9 to more closely match upstream 2019-12-15 04:35:36 +00:00
Andrew Childs
6ec5e745dc chromium: fix aarch64 build
The skia patch no longer applies, and is no longer necessary.

The current version of chromium doesn't build with gcc. This has been
fixed upstream[1] and could be backported, but switching aarch64 to
clang/llvm and making the build the same on all platforms is simpler.

[1] 9662ec8440
2019-11-26 01:25:39 +01:00
Ivan Kozik
b4f5dc2fb8 chromium: do not load .so files from current working directory
Fixes #67234.
2019-10-31 01:34:19 +00:00
Ivan Kozik
908b24ea04 chromium: 77.0.3865.120 -> 78.0.3904.70
CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702
CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706
CVE-2019-13707 CVE-2019-13708 CVE-2019-13709 CVE-2019-13710
CVE-2019-13711 CVE-2019-15903 CVE-2019-13713 CVE-2019-13714
CVE-2019-13715 CVE-2019-13716 CVE-2019-13717 CVE-2019-13718
CVE-2019-13719

https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html
2019-10-23 03:54:39 +00:00
Ivan Kozik
f45798e544 chromium: 77.0.3865.90 -> 77.0.3865.120
CVE-2019-13693 CVE-2019-13694 CVE-2019-13695 CVE-2019-13696
CVE-2019-13697

Disable jumbo mode because upstream dropped support for it.
(See chromium-dev "We're removing support for the jumbo build")

This makes builds take about 3x as long, but we have no alternative.
2019-10-11 22:32:18 +02:00
Ivan Kozik
5456def6b3 chromiumDev: fix widevine support
Upstream moved libwidevinecdm.so from
./opt/google/chrome-unstable/libwidevinecdm.so
to
./opt/google/chrome-unstable/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so
2019-09-19 00:05:30 +00:00
Julien Langlois
7d9578819b
Comment about handling widevine in default.nix. 2019-09-06 15:19:49 -04:00
Julien Langlois
ea7c012e4b
Explicitly check for channels in widevine plugin unpack command. 2019-09-05 17:43:58 -04:00
Julien Langlois
c28eb26100
Set package to unfree when widevine is enabled. 2019-09-05 17:27:04 -04:00
Julien Langlois
aeeb67bfcb
Rework to avoid a full rebuild for widevine. 2019-09-05 17:20:09 -04:00
Julien Langlois
545d58a1ef
chromium: fix widevine
This change allows widevine to work in chromium (it was previously
broken due to a segfault). Newer versions of chromium do not use the
libwidevinecdmadapter.so. Instead, libwidevinecdm.so should be installed
in the chromium libExec directory.
2019-09-05 17:20:06 -04:00
volth
f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Ivan Kozik
4481a0150b chromium: use LLVM 8.0.0 to more closely match upstream 2019-06-05 09:27:52 +00:00
Silvan Mosberger
99b68ffbb0
chromium: Fix build
Since https://github.com/NixOS/nixpkgs/pull/60499, the unwrapped
chromium already contains the applications directory.
2019-05-28 02:33:00 +02:00
Daniel Schaefer
0f537a49e1 chromium: Use upstream desktop entry
Upstream provides a much more featureful desktop entry file. If we use
that we take advantage of all of those features and don't have to maintain it
ourselves.
2019-05-25 22:39:47 +02:00
Herwig Hochleitner
233e551674 chromium: disable vaapi support
this fixes playback on radeon

see https://github.com/NixOS/nixpkgs/pull/57837#issuecomment-477906724
2019-03-31 01:04:49 +01:00
Cole Mickens
60e2d2ce2b chromium: enable mojo + vaapi + allow hw accel
fixes https://github.com/NixOS/nixpkgs/pull/57837
closes https://github.com/NixOS/nixpkgs/pull/56973
2019-03-25 02:02:05 +01:00