From 54a0a400f2d1ab30764cf752dd107a86fef11ffa Mon Sep 17 00:00:00 2001 From: squalus Date: Fri, 18 Sep 2020 18:37:22 +0000 Subject: [PATCH] ungoogled-chromium: 84.0.4147.89-1 -> 85.0.4183.102-1 based on chromium master@05f5001c --- .../browsers/ungoogled-chromium/common.nix | 36 ++- .../browsers/ungoogled-chromium/default.nix | 72 +++-- .../ungoogled-chromium/ungoogled-src.nix | 6 +- .../browsers/ungoogled-chromium/update.nix | 271 ------------------ .../browsers/ungoogled-chromium/update.py | 77 +++++ .../browsers/ungoogled-chromium/update.sh | 4 - .../ungoogled-chromium/upstream-info.json | 17 ++ .../ungoogled-chromium/upstream-info.nix | 18 -- 8 files changed, 171 insertions(+), 330 deletions(-) delete mode 100644 pkgs/applications/networking/browsers/ungoogled-chromium/update.nix create mode 100755 pkgs/applications/networking/browsers/ungoogled-chromium/update.py delete mode 100755 pkgs/applications/networking/browsers/ungoogled-chromium/update.sh create mode 100644 pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.json delete mode 100644 pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.nix diff --git a/pkgs/applications/networking/browsers/ungoogled-chromium/common.nix b/pkgs/applications/networking/browsers/ungoogled-chromium/common.nix index f9a2693f2430..4d537f8dd4c8 100644 --- a/pkgs/applications/networking/browsers/ungoogled-chromium/common.nix +++ b/pkgs/applications/networking/browsers/ungoogled-chromium/common.nix @@ -1,7 +1,7 @@ -{ stdenv, lib, llvmPackages, gnChromium, ninja, which, nodejs, fetchpatch, gnutar +{ stdenv, lib, llvmPackages, gnChromium, ninja, which, nodejs, fetchpatch, fetchurl # default dependencies -, bzip2, flac, speex, libopus +, gnutar, bzip2, flac, speex, libopus , libevent, expat, libjpeg, snappy , libpng, libcap , xdg_utils, yasm, nasm, minizip, libwebp @@ -41,6 +41,7 @@ , ungoogled-chromium , ungoogled ? false +, channel , upstream-info }: @@ -110,7 +111,7 @@ let versionRange = min-version: upto-version: let inherit (upstream-info) version; result = versionAtLeast version min-version && versionOlder version upto-version; - stable-version = (import ./upstream-info.nix).stable.version; + stable-version = (importJSON ./upstream-info.json).stable.version; in if versionAtLeast stable-version upto-version then warn "chromium: stable version ${stable-version} is newer than a patchset bounded at ${upto-version}. You can safely delete it." result @@ -123,10 +124,13 @@ let }; base = rec { name = "${packageName}-unwrapped-${version}"; - inherit (upstream-info) channel version; - inherit packageName buildType buildPath; + inherit (upstream-info) version; + inherit channel packageName buildType buildPath; - src = upstream-info.main; + src = fetchurl { + url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz"; + inherit (upstream-info) sha256; + }; nativeBuildInputs = [ ninja which python2Packages.python perl pkgconfig @@ -151,8 +155,9 @@ let ++ optional pulseSupport libpulseaudio ++ optionals useOzone [ libdrm wayland mesa_drivers libxkbcommon ]; - patches = [ + patches = optionals (versionRange "68" "86") [ ./patches/nix_plugin_paths_68.patch + ] ++ [ ./patches/remove-webp-include-69.patch ./patches/no-build-timestamps.patch ./patches/widevine-79.patch @@ -166,12 +171,18 @@ let # # ++ optionals (channel == "dev") [ ( githubPatch "" "0000000000000000000000000000000000000000000000000000000000000000" ) ] # ++ optional (versionRange "68" "72") ( githubPatch "" "0000000000000000000000000000000000000000000000000000000000000000" ) - ] ++ optionals (useVaapi) [ # Improvements for the VA-API build: + ] ++ optionals (useVaapi && versionRange "68" "86") [ # Improvements for the VA-API build: ./patches/enable-vdpau-support-for-nvidia.patch # https://aur.archlinux.org/cgit/aur.git/tree/vdpau-support.patch?h=chromium-vaapi ./patches/enable-video-acceleration-on-linux.patch # Can be controlled at runtime (i.e. without rebuilding Chromium) ]; - postPatch = '' + postPatch = optionalString (!versionRange "0" "86") '' + # Required for patchShebangs (unsupported interpreter directive, basename: invalid option -- '*', etc.): + substituteInPlace native_client/SConstruct \ + --replace "#! -*- python -*-" "" + substituteInPlace third_party/harfbuzz-ng/src/src/update-unicode-tables.make \ + --replace "/usr/bin/env -S make -f" "/usr/bin/make -f" + '' + '' # We want to be able to specify where the sandbox is via CHROME_DEVEL_SANDBOX substituteInPlace sandbox/linux/suid/client/setuid_sandbox_host.cc \ --replace \ @@ -300,8 +311,8 @@ let use_system_libdrm = true; system_wayland_scanner_path = "${wayland}/bin/wayland-scanner"; } // optionalAttrs ungoogled { - closure_compile = false; enable_hangout_services_extension = false; + enable_js_type_check = false; enable_mdns = false; enable_nacl_nonsfi = false; enable_one_click_signin = false; @@ -313,7 +324,6 @@ let google_api_key = ""; google_default_client_id = ""; google_default_client_secret = ""; - optimize_webui = false; safe_browsing_mode = 0; use_official_google_api_keys = false; use_unofficial_version_number = false; @@ -366,9 +376,11 @@ let origRpath="$(patchelf --print-rpath "$chromiumBinary")" patchelf --set-rpath "${libGL}/lib:$origRpath" "$chromiumBinary" ''; + + passthru.updateScript = ./update.py; }; # Remove some extraAttrs we supplied to the base attributes already. in stdenv.mkDerivation (base // removeAttrs extraAttrs [ "name" "gnFlags" "buildTargets" -]) +] // { passthru = base.passthru // (extraAttrs.passthru or {}); }) diff --git a/pkgs/applications/networking/browsers/ungoogled-chromium/default.nix b/pkgs/applications/networking/browsers/ungoogled-chromium/default.nix index 9051fc55feb4..7c581ee633f6 100644 --- a/pkgs/applications/networking/browsers/ungoogled-chromium/default.nix +++ b/pkgs/applications/networking/browsers/ungoogled-chromium/default.nix @@ -1,5 +1,5 @@ -{ newScope, config, stdenv, llvmPackages_9, llvmPackages_10 -, makeWrapper, ed, gnugrep +{ newScope, config, stdenv, fetchurl, makeWrapper +, llvmPackages_10, llvmPackages_11, ed, gnugrep, coreutils, xdg_utils , glib, gtk3, gnome3, gsettings-desktop-schemas, gn, fetchgit , libva ? null , pipewire_0_2 @@ -29,24 +29,16 @@ let callPackage = newScope chromium; - chromium = { + chromium = rec { inherit stdenv llvmPackages; - upstream-info = (callPackage ./update.nix {}).getChannel channel; + upstream-info = (lib.importJSON ./upstream-info.json).${channel}; mkChromiumDerivation = callPackage ./common.nix ({ - inherit gnome gnomeSupport gnomeKeyringSupport proprietaryCodecs cupsSupport pulseSupport useOzone; + inherit channel gnome gnomeSupport gnomeKeyringSupport proprietaryCodecs + cupsSupport pulseSupport useOzone; inherit ungoogled; # TODO: Remove after we can update gn for the stable channel (backward incompatible changes): - gnChromium = gn.overrideAttrs (oldAttrs: { - version = "2020-03-23"; - src = fetchgit { - url = "https://gn.googlesource.com/gn"; - rev = "5ed3c9cc67b090d5e311e4bd2aba072173e82db9"; - sha256 = "00y2d35wvqmx9glaqhfb62wdgbfpwr77v0934nnvh9ks71vnsjqy"; - }; - }); - } // lib.optionalAttrs (channel == "dev") { gnChromium = gn.overrideAttrs (oldAttrs: { version = "2020-05-19"; src = fetchgit { @@ -55,6 +47,27 @@ let sha256 = "0197msabskgfbxvhzq73gc3wlr3n9cr4bzrhy5z5irbvy05lxk17"; }; }); + } // lib.optionalAttrs (lib.versionAtLeast upstream-info.version "86") { + llvmPackages = llvmPackages_11; + gnChromium = gn.overrideAttrs (oldAttrs: { + version = "2020-07-20"; + src = fetchgit { + url = "https://gn.googlesource.com/gn"; + rev = "3028c6a426a4aaf6da91c4ebafe716ae370225fe"; + sha256 = "0h3wf4152zdvrbb0jbj49q6814lfl3rcy5mj8b2pl9s0ahvkbc6q"; + }; + }); + } // lib.optionalAttrs (lib.versionAtLeast upstream-info.version "87") { + llvmPackages = llvmPackages_11; + useOzone = true; # YAY: https://chromium-review.googlesource.com/c/chromium/src/+/2382834 \o/ + gnChromium = gn.overrideAttrs (oldAttrs: { + version = "2020-08-17"; + src = fetchgit { + url = "https://gn.googlesource.com/gn"; + rev = "6f13aaac55a977e1948910942675c69f2b4f7a94"; + sha256 = "01hpma1sllpdx09mvr4d6073sg6zmk6iv44kd3r28khymcj4s251"; + }; + }); }); browser = callPackage ./browser.nix { inherit channel enableWideVine; }; @@ -66,22 +79,33 @@ let ungoogled-chromium = callPackage ./ungoogled.nix {}; }; + pkgSuffix = if channel == "dev" then "unstable" else channel; + pkgName = "google-chrome-${pkgSuffix}"; + chromeSrc = fetchurl { + urls = map (repo: "${repo}/${pkgName}/${pkgName}_${version}-1_amd64.deb") [ + "https://dl.google.com/linux/chrome/deb/pool/main/g" + "http://95.31.35.30/chrome/pool/main/g" + "http://mirror.pcbeta.com/google/chrome/deb/pool/main/g" + "http://repo.fdzh.org/chrome/deb/pool/main/g" + ]; + sha256 = chromium.upstream-info.sha256bin64; + }; + mkrpath = p: "${lib.makeSearchPathOutput "lib" "lib64" p}:${lib.makeLibraryPath p}"; - widevineCdm = let upstream-info = chromium.upstream-info; in stdenv.mkDerivation { + widevineCdm = stdenv.mkDerivation { name = "chrome-widevine-cdm"; - # The .deb file for Google Chrome - src = upstream-info.binary; + src = chromeSrc; phases = [ "unpackPhase" "patchPhase" "installPhase" "checkPhase" ]; unpackCmd = let widevineCdmPath = - if upstream-info.channel == "stable" then + if channel == "stable" then "./opt/google/chrome/WidevineCdm" - else if upstream-info.channel == "beta" then + else if channel == "beta" then "./opt/google/chrome-beta/WidevineCdm" - else if upstream-info.channel == "dev" then + else if channel == "dev" then "./opt/google/chrome-unstable/WidevineCdm" else throw "Unknown chromium channel."; @@ -191,10 +215,13 @@ in stdenv.mkDerivation { '' + '' # libredirect causes chromium to deadlock on startup - export LD_PRELOAD="\$(echo -n "\$LD_PRELOAD" | tr ':' '\n' | ${gnugrep}/bin/grep -v /lib/libredirect\\\\.so$ | tr '\n' ':')" + export LD_PRELOAD="\$(echo -n "\$LD_PRELOAD" | ${coreutils}/bin/tr ':' '\n' | ${gnugrep}/bin/grep -v /lib/libredirect\\\\.so$ | ${coreutils}/bin/tr '\n' ':')" export XDG_DATA_DIRS=$XDG_ICON_DIRS:$GSETTINGS_SCHEMAS_PATH\''${XDG_DATA_DIRS:+:}\$XDG_DATA_DIRS + # Mainly for xdg-open but also other xdg-* tools: + export PATH="${xdg_utils}/bin\''${PATH:+:}\$PATH" + . w EOF @@ -214,6 +241,7 @@ in stdenv.mkDerivation { passthru = { inherit (chromium) upstream-info browser; mkDerivation = chromium.mkChromiumDerivation; - inherit sandboxExecutableName; + inherit chromeSrc sandboxExecutableName; + updateScript = ./update.py; }; } diff --git a/pkgs/applications/networking/browsers/ungoogled-chromium/ungoogled-src.nix b/pkgs/applications/networking/browsers/ungoogled-chromium/ungoogled-src.nix index 109e410d5eef..73f4e4c9e83d 100644 --- a/pkgs/applications/networking/browsers/ungoogled-chromium/ungoogled-src.nix +++ b/pkgs/applications/networking/browsers/ungoogled-chromium/ungoogled-src.nix @@ -1,6 +1,6 @@ { - "84.0.4147.89" = { - rev = "84.0.4147.89-1"; - sha256 = "1bqvcq3dj6615198j7cz3ylyyic5zpis06capvl6ybl1na3ainb0"; + "85.0.4183.102" = { + rev = "85.0.4183.102-1"; + sha256 = "1mdx4a5zcs3an9yx1jxx4amq8p9rcj0hv76r8y7nz6cpsfgd9n3y"; }; } diff --git a/pkgs/applications/networking/browsers/ungoogled-chromium/update.nix b/pkgs/applications/networking/browsers/ungoogled-chromium/update.nix deleted file mode 100644 index 6dff17c69ddb..000000000000 --- a/pkgs/applications/networking/browsers/ungoogled-chromium/update.nix +++ /dev/null @@ -1,271 +0,0 @@ -let maybePkgs = import ../../../../../. {}; in - -{ stdenv ? maybePkgs.stdenv -, runCommand ? maybePkgs.runCommand -, fetchurl ? maybePkgs.fetchurl -, writeText ? maybePkgs.writeText -, curl ? maybePkgs.curl -, cacert ? maybePkgs.cacert -, nix ? maybePkgs.nix -}: - -let - inherit (stdenv) lib; - - sources = if builtins.pathExists ./upstream-info.nix - then import ./upstream-info.nix - else {}; - - bucketURL = "https://commondatastorage.googleapis.com/" - + "chromium-browser-official"; - - mkVerURL = version: "${bucketURL}/chromium-${version}.tar.xz"; - - debURL = "https://dl.google.com/linux/chrome/deb/pool/main/g"; - - getDebURL = channelName: version: arch: mirror: let - packageSuffix = if channelName == "dev" then "unstable" else channelName; - packageName = "google-chrome-${packageSuffix}"; - in "${mirror}/${packageName}/${packageName}_${version}-1_${arch}.deb"; - - # Untrusted mirrors, don't try to update from them! - debMirrors = [ - "http://95.31.35.30/chrome/pool/main/g" - "http://mirror.pcbeta.com/google/chrome/deb/pool/main/g" - "http://repo.fdzh.org/chrome/deb/pool/main/g" - ]; - -in { - getChannel = channel: let - chanAttrs = builtins.getAttr channel sources; - in { - inherit channel; - inherit (chanAttrs) version; - - main = fetchurl { - url = mkVerURL chanAttrs.version; - inherit (chanAttrs) sha256; - }; - - binary = fetchurl (let - mkUrls = arch: let - mkURLForMirror = getDebURL channel chanAttrs.version arch; - in map mkURLForMirror ([ debURL ] ++ debMirrors); - in if stdenv.is64bit && chanAttrs ? sha256bin64 then { - urls = mkUrls "amd64"; - sha256 = chanAttrs.sha256bin64; - } else if !stdenv.is64bit && chanAttrs ? sha256bin32 then { - urls = mkUrls "i386"; - sha256 = chanAttrs.sha256bin32; - } else throw "No Chrome plugins are available for your architecture."); - }; - - update = let - csv2nix = name: src: import (runCommand "${name}.nix" { - src = builtins.fetchurl src; - } '' - esc() { echo "\"$(echo "$1" | sed -e 's/"\\$/\\&/')\""; } # ohai emacs " - IFS=, read -r -a headings <<< "$(head -n1 "$src")" - echo "[" > "$out" - tail -n +2 "$src" | while IFS=, read -r -a line; do - echo " {" - for idx in "''${!headings[@]}"; do - echo " $(esc "''${headings[idx]}") = $(esc ''${line[$idx]});" - done - echo " }" - done >> "$out" - echo "]" >> "$out" - ''); - - channels = lib.fold lib.recursiveUpdate {} (map (attrs: { - ${attrs.os}.${attrs.channel} = attrs // { - history = let - drvName = "omahaproxy-${attrs.os}.${attrs.channel}-info"; - history = csv2nix drvName "http://omahaproxy.appspot.com/history"; - cond = h: attrs.os == h.os && attrs.channel == h.channel - && lib.versionOlder h.version attrs.current_version; - # Note that this is a *reverse* sort! - sorter = a: b: lib.versionOlder b.version a.version; - sorted = builtins.sort sorter (lib.filter cond history); - in map (lib.flip removeAttrs ["os" "channel"]) sorted; - version = attrs.current_version; - }; - }) (csv2nix "omahaproxy-info" "http://omahaproxy.appspot.com/all?csv=1")); - - /* - XXX: This is essentially the same as: - - builtins.tryEval (builtins.fetchurl url) - - ... except that tryEval on fetchurl isn't working and doesn't catch - errors for fetchurl, so we go for a different approach. - - We only have fixed-output derivations that can have networking access, so - we abuse SHA1 and its weaknesses to forge a fixed-output derivation which - is not so fixed, because it emits different contents that have the same - SHA1 hash. - - Using this method, we can distinguish whether the URL is available or - whether it's not based on the actual content. - - So let's use tryEval as soon as it's working with fetchurl in Nix. - */ - tryFetch = url: let - # SHA1 hash collisions from https://shattered.io/static/shattered.pdf: - collisions = runCommand "sha1-collisions" { - outputs = [ "out" "good" "bad" ]; - base64 = '' - QlpoOTFBWSZTWbL5V5MABl///////9Pv///v////+/////HDdK739/677r+W3/75rUNr4 - Aa/AAAAAAACgEVTRtQDQAaA0AAyGmjTQGmgAAANGgAaMIAYgGgAABo0AAAAAADQAIAGQ0 - MgDIGmjQA0DRk0AaMQ0DQAGIANGgAAGRoNGQMRpo0GIGgBoGQAAIAGQ0MgDIGmjQA0DRk - 0AaMQ0DQAGIANGgAAGRoNGQMRpo0GIGgBoGQAAIAGQ0MgDIGmjQA0DRk0AaMQ0DQAGIAN - GgAAGRoNGQMRpo0GIGgBoGQAAIAGQ0MgDIGmjQA0DRk0AaMQ0DQAGIANGgAAGRoNGQMRp - o0GIGgBoGQAABVTUExEZATTICnkxNR+p6E09JppoyamjGhkm0ammIyaekbUejU9JiGnqZ - qaaDxJ6m0JkZMQ2oaYmJ6gxqMyE2TUzJqfItligtJQJfYbl9Zy9QjQuB5mHQRdSSXCCTH - MgmSDYmdOoOmLTBJWiCpOhMQYpQlOYpJjn+wQUJSTCEpOMekaFaaNB6glCC0hKEJdHr6B - mUIHeph7YxS8WJYyGwgWnMTFJBDFSxSCCYljiEk7HZgJzJVDHJxMgY6tCEIIWgsKSlSZ0 - S8GckoIIF+551Ro4RCw260VCEpWJSlpWx/PMrLyVoyhWMAneDilBcUIeZ1j6NCkus0qUC - Wnahhk5KT4GpWMh3vm2nJWjTL9Qg+84iExBJhNKpbV9tvEN265t3fu/TKkt4rXFTsV+Nc - upJXhOhOhJMQQktrqt4K8mSh9M2DAO2X7uXGVL9YQxUtzQmS7uBndL7M6R7vX869VxqPu - renSuHYNq1yTXOfNWLwgvKlRlFYqLCs6OChDp0HuTzCWscmGudLyqUuwVGG75nmyZhKpJ - yOE/pOZyHyrZxGM51DYIN+Jc8yVJgAykxKCEtW55MlfudLg3KG6TtozalunXrroSxUpVL - StWrWLFihMnVpkyZOrQnUrE6xq1CGtJlbAb5ShMbV1CZgqlKC0wCFCpMmUKSEkvFLaZC8 - wHOCVAlvzaJQ/T+XLb5Dh5TNM67p6KZ4e4ZSGyVENx2O27LzrTIteAreTkMZpW95GS0CE - JYhMc4nToTJ0wQhKEyddaLb/rTqmgJSlkpnALxMhlNmuKEpkEkqhKUoEq3SoKUpIQcDgW - lC0rYahMmLuPQ0fHqZaF4v2W8IoJ2EhMhYmSw7qql27WJS+G4rUplToFi2rSv0NSrVvDU - pltQ8Lv6F8pXyxmFBSxiLSxglNC4uvXVKmAtusXy4YXGX1ixedEvXF1aX6t8adYnYCpC6 - rW1ZzdZYlCCxKEv8vpbqdSsXl8v1jCQv0KEPxPTa/5rtWSF1dSgg4z4KjfIMNtgwWoWLE - sRhKxsSA9ji7V5LRPwtumeQ8V57UtFSPIUmtQdOQfseI2Ly1DMtk4Jl8n927w34zrWG6P - i4jzC82js/46Rt2IZoadWxOtMInS2xYmcu8mOw9PLYxQ4bdfFw3ZPf/g2pzSwZDhGrZAl - 9lqky0W+yeanadC037xk496t0Dq3ctfmqmjgie8ln9k6Q0K1krb3dK9el4Xsu44LpGcen - r2eQZ1s1IhOhnE56WnXf0BLWn9Xz15fMkzi4kpVxiTKGEpffErEEMvEeMZhUl6yD1SdeJ - YbxzGNM3ak2TAaglLZlDCVnoM6wV5DRrycwF8Zh/fRsdmhkMfAO1duwknrsFwrzePWeMw - l107DWzymxdQwiSXx/lncnn75jL9mUzw2bUDqj20LTgtawxK2SlQg1CCZDQMgSpEqLjRM - sykM9zbSIUqil0zNk7Nu+b5J0DKZlhl9CtpGKgX5uyp0idoJ3we9bSrY7PupnUL5eWiDp - V5mmnNUhOnYi8xyClkLbNmAXyoWk7GaVrM2umkbpqHDzDymiKjetgzTocWNsJ2E0zPcfh - t46J4ipaXGCfF7fuO0a70c82bvqo3HceIcRlshgu73seO8BqlLIap2z5jTOY+T2ucCnBt - Atva3aHdchJg9AJ5YdKHz7LoA3VKmeqxAlFyEnQLBxB2PAhAZ8KvmuR6ELXws1Qr13Nd1 - i4nsp189jqvaNzt+0nEnIaniuP1+/UOZdyfoZh57ku8sYHKdvfW/jYSUks+0rK+qtte+p - y8jWL9cOJ0fV8rrH/t+85/p1z2N67p/ZsZ3JmdyliL7lrNxZUlx0MVIl6PxXOUuGOeArW - 3vuEvJ2beoh7SGyZKHKbR2bBWO1d49JDIcVM6lQtu9UO8ec8pOnXmkcponBPLNM2CwZ9k - NC/4ct6rQkPkQHMcV/8XckU4UJCy+VeTA== - ''; - } '' - echo "$base64" | base64 -d | tar xj - mv good.pdf "$good" - mv bad.pdf "$bad" - touch "$out" - ''; - - cacheVal = let - urlHash = builtins.hashString "sha256" url; - timeSlice = builtins.currentTime / 600; - in "${urlHash}-${toString timeSlice}"; - - in { - success = import (runCommand "check-success" { - result = stdenv.mkDerivation { - name = "tryfetch-${cacheVal}"; - inherit url; - - outputHash = "d00bbe65d80f6d53d5c15da7c6b4f0a655c5a86a"; - outputHashMode = "flat"; - outputHashAlgo = "sha1"; - - nativeBuildInputs = [ curl ]; - preferLocalBuild = true; - - inherit (collisions) good bad; - - buildCommand = '' - if SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt" \ - curl -s -L -f -I "$url" > /dev/null; then - cp "$good" "$out" - else - cp "$bad" "$out" - fi - ''; - - impureEnvVars = lib.fetchers.proxyImpureEnvVars; - }; - inherit (collisions) good; - } '' - if cmp -s "$result" "$good"; then - echo true > "$out" - else - echo false > "$out" - fi - ''); - value = builtins.fetchurl url; - }; - - fetchLatest = channel: let - result = tryFetch (mkVerURL channel.version); - in if result.success then result.value else fetchLatest (channel // { - version = if channel.history != [] - then (lib.head channel.history).version - else throw "Unfortunately there's no older version than " + - "${channel.version} available for channel " + - "${channel.channel} on ${channel.os}."; - history = lib.tail channel.history; - }); - - getHash = path: import (runCommand "gethash.nix" { - inherit path; - nativeBuildInputs = [ nix ]; - } '' - sha256="$(nix-hash --flat --base32 --type sha256 "$path")" - echo "\"$sha256\"" > "$out" - ''); - - isLatest = channel: version: let - ourVersion = sources.${channel}.version or null; - in if ourVersion == null then false - else lib.versionOlder version sources.${channel}.version - || version == sources.${channel}.version; - - # We only support GNU/Linux right now. - linuxChannels = let - genLatest = channelName: channel: let - newUpstream = { - inherit (channel) version; - sha256 = getHash (fetchLatest channel); - }; - keepOld = let - oldChannel = sources.${channelName}; - in { - inherit (oldChannel) version sha256; - } // lib.optionalAttrs (oldChannel ? sha256bin32) { - inherit (oldChannel) sha256bin32; - } // lib.optionalAttrs (oldChannel ? sha256bin64) { - inherit (oldChannel) sha256bin64; - }; - in if isLatest channelName channel.version then keepOld else newUpstream; - in lib.mapAttrs genLatest channels.linux; - - getLinuxFlash = channelName: channel: let - inherit (channel) version; - fetchArch = arch: tryFetch (getDebURL channelName version arch debURL); - packages = lib.genAttrs ["i386" "amd64"] fetchArch; - isNew = arch: attr: !(builtins.hasAttr attr channel) - && packages.${arch}.success; - in channel // lib.optionalAttrs (isNew "i386" "sha256bin32") { - sha256bin32 = getHash (packages.i386.value); - } // lib.optionalAttrs (isNew "amd64" "sha256bin64") { - sha256bin64 = getHash (packages.amd64.value); - }; - - newChannels = lib.mapAttrs getLinuxFlash linuxChannels; - - dumpAttrs = indent: attrs: let - mkVal = val: if lib.isAttrs val then dumpAttrs (indent + 1) val - else "\"${lib.escape ["$" "\\" "\""] (toString val)}\""; - mkIndent = level: lib.concatStrings (builtins.genList (_: " ") level); - mkAttr = key: val: "${mkIndent (indent + 1)}${key} = ${mkVal val};\n"; - attrLines = lib.mapAttrsToList mkAttr attrs; - in "{\n" + (lib.concatStrings attrLines) + (mkIndent indent) + "}"; - in writeText "chromium-new-upstream-info.nix" '' - # This file is autogenerated from update.sh in the same directory. - ${dumpAttrs 0 newChannels} - ''; -} diff --git a/pkgs/applications/networking/browsers/ungoogled-chromium/update.py b/pkgs/applications/networking/browsers/ungoogled-chromium/update.py new file mode 100755 index 000000000000..bfc7f0d2478c --- /dev/null +++ b/pkgs/applications/networking/browsers/ungoogled-chromium/update.py @@ -0,0 +1,77 @@ +#! /usr/bin/env nix-shell +#! nix-shell -i python -p python3 nix + +import csv +import json +import subprocess +import sys + +from codecs import iterdecode +from collections import OrderedDict +from os.path import abspath, dirname +from urllib.request import urlopen + +HISTORY_URL = 'https://omahaproxy.appspot.com/history?os=linux' +DEB_URL = 'https://dl.google.com/linux/chrome/deb/pool/main/g' +BUCKET_URL = 'https://commondatastorage.googleapis.com/chromium-browser-official' + +JSON_PATH = dirname(abspath(__file__)) + '/upstream-info.json' + +def load_json(path): + with open(path, 'r') as f: + return json.load(f) + +def nix_prefetch_url(url, algo='sha256'): + print(f'nix-prefetch-url {url}') + out = subprocess.check_output(['nix-prefetch-url', '--type', algo, url]) + return out.decode('utf-8').rstrip() + +channels = {} +last_channels = load_json(JSON_PATH) + +print(f'GET {HISTORY_URL}', file=sys.stderr) +with urlopen(HISTORY_URL) as resp: + builds = csv.DictReader(iterdecode(resp, 'utf-8')) + for build in builds: + channel_name = build['channel'] + + # If we've already found a newer build for this channel, we're + # no longer interested in it. + if channel_name in channels: + continue + + # If we're back at the last build we used, we don't need to + # keep going -- there's no new version available, and we can + # just reuse the info from last time. + if build['version'] == last_channels[channel_name]['version']: + channels[channel_name] = last_channels[channel_name] + continue + + channel = {'version': build['version']} + suffix = 'unstable' if channel_name == 'dev' else channel_name + + try: + channel['sha256'] = nix_prefetch_url(f'{BUCKET_URL}/chromium-{build["version"]}.tar.xz') + channel['sha256bin64'] = nix_prefetch_url(f'{DEB_URL}/google-chrome-{suffix}/google-chrome-{suffix}_{build["version"]}-1_amd64.deb') + except subprocess.CalledProcessError: + # This build isn't actually available yet. Continue to + # the next one. + continue + + channels[channel_name] = channel + +with open(JSON_PATH, 'w') as out: + def get_channel_key(item): + channel_name = item[0] + if channel_name == 'stable': + return 0 + elif channel_name == 'beta': + return 1 + elif channel_name == 'dev': + return 2 + else: + print(f'Error: Unexpected channel: {channel_name}', file=sys.stderr) + sys.exit(1) + sorted_channels = OrderedDict(sorted(channels.items(), key=get_channel_key)) + json.dump(sorted_channels, out, indent=2) + out.write('\n') diff --git a/pkgs/applications/networking/browsers/ungoogled-chromium/update.sh b/pkgs/applications/networking/browsers/ungoogled-chromium/update.sh deleted file mode 100755 index ea67a62c107a..000000000000 --- a/pkgs/applications/networking/browsers/ungoogled-chromium/update.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -e -cd "$(dirname "$0")" -sp="$(nix-build --builders "" -Q --no-out-link update.nix -A update)" -cat "$sp" > upstream-info.nix diff --git a/pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.json b/pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.json new file mode 100644 index 000000000000..dae7f741b357 --- /dev/null +++ b/pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.json @@ -0,0 +1,17 @@ +{ + "stable": { + "version": "85.0.4183.102", + "sha256": "032yh1mfwins7a62zw8kwwq8xw1n52a0a93lqz7qlyjaf9sd8s4a", + "sha256bin64": "1i8xaxxnmg80vsia8hxnq58qi9k5nnbrl80d6d23g9lb7dbc9cpm" + }, + "beta": { + "version": "86.0.4240.30", + "sha256": "1isj0zngb72k1hhn3h0s8mccg1cdmppz1mjmg19f2h306farzmzl", + "sha256bin64": "10d8im2adqqnkd6265gngv6xlm5qsz6r13z6cbbchsss0ssr8fxa" + }, + "dev": { + "version": "87.0.4252.0", + "sha256": "1lxlsdni63zh79hxvpwgmnfn67kgfzhz3yg9bkxghqchqykkz92y", + "sha256bin64": "130hf7b35wcxpw05ddbqq89x10c0kays1vb9qg6xhq3zx2mk6ijw" + } +} diff --git a/pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.nix b/pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.nix deleted file mode 100644 index 874e45307ebf..000000000000 --- a/pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.nix +++ /dev/null @@ -1,18 +0,0 @@ -# This file is autogenerated from update.sh in the same directory. -{ - beta = { - sha256 = "0yf6j0459qzr677zsa2apmfz0x0ndlscvwj1a5v40nqjijchv5qp"; - sha256bin64 = "017ix9a74f2gzlg6in0x6fqgiw8bpk0rypr6wsqqkslywprypjd0"; - version = "84.0.4147.89"; - }; - dev = { - sha256 = "1dbbr7s8vbhxd0sk4k2yqp630zp1r4gzkkd2a86pzlzq2mjhsk8a"; - sha256bin64 = "0bphfwi6nkj9nzrjjaffiv27xfblgdikyifsbjl6vv2pawkh335q"; - version = "85.0.4183.15"; - }; - stable = { - sha256 = "0yf6j0459qzr677zsa2apmfz0x0ndlscvwj1a5v40nqjijchv5qp"; - sha256bin64 = "1hzhgvs2ykqsncpnbnhzh09sw1vlsdfjhs06z5gc80l47brdi3wz"; - version = "84.0.4147.89"; - }; -}