From 4481a0150b7ba3e0e6c907a730f16f9a96c138fe Mon Sep 17 00:00:00 2001
From: Ivan Kozik <ivan@ludios.org>
Date: Wed, 5 Jun 2019 09:27:21 +0000
Subject: [PATCH 1/2] chromium: use LLVM 8.0.0 to more closely match upstream

---
 pkgs/applications/networking/browsers/chromium/default.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/applications/networking/browsers/chromium/default.nix b/pkgs/applications/networking/browsers/chromium/default.nix
index cfc2da2bdd23..60ff4b278800 100644
--- a/pkgs/applications/networking/browsers/chromium/default.nix
+++ b/pkgs/applications/networking/browsers/chromium/default.nix
@@ -1,4 +1,4 @@
-{ newScope, config, stdenv, llvmPackages, gcc8Stdenv, llvmPackages_7
+{ newScope, config, stdenv, llvmPackages, gcc8Stdenv, llvmPackages_8
 , makeWrapper, makeDesktopItem, ed
 , glib, gtk3, gnome3, gsettings-desktop-schemas
 , libva ? null
@@ -18,8 +18,8 @@
 }:
 
 let
-  stdenv_ = if stdenv.isAarch64 then gcc8Stdenv else llvmPackages_7.stdenv;
-  llvmPackages_ = if stdenv.isAarch64 then llvmPackages else llvmPackages_7;
+  stdenv_ = if stdenv.isAarch64 then gcc8Stdenv else llvmPackages_8.stdenv;
+  llvmPackages_ = if stdenv.isAarch64 then llvmPackages else llvmPackages_8;
 in let
   stdenv = stdenv_;
   llvmPackages = llvmPackages_;

From 8c78ae27f6e22fed147c683fbfc65835b3243986 Mon Sep 17 00:00:00 2001
From: Ivan Kozik <ivan@ludios.org>
Date: Wed, 5 Jun 2019 09:06:03 +0000
Subject: [PATCH 2/2] chromium: 74.0.3729.157 -> 75.0.3770.80

CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831
CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835
CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839
CVE-2019-5840

Update a patch for Python 3, fixes #62347.

Update a GN arg to fix this warning:

warning: The GN arg 'remove_webcore_debug_symbols' is deprecated and
warning: will be removed April 15, 2019. Please change your args.gn
warning: to use 'blink_symbol_level = 0'. https://crbug.com/943869
---
 .../networking/browsers/chromium/common.nix    |  2 +-
 .../chromium/patches/no-build-timestamps.patch |  2 +-
 .../browsers/chromium/upstream-info.nix        | 18 +++++++++---------
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix
index 49426a8af3b2..75b1c8b09bd9 100644
--- a/pkgs/applications/networking/browsers/chromium/common.nix
+++ b/pkgs/applications/networking/browsers/chromium/common.nix
@@ -250,7 +250,7 @@ let
       treat_warnings_as_errors = false;
       is_clang = stdenv.cc.isClang;
       clang_use_chrome_plugins = false;
-      remove_webcore_debug_symbols = true;
+      blink_symbol_level = 0;
       enable_swiftshader = false;
       fieldtrial_testing_like_official_build = true;
 
diff --git a/pkgs/applications/networking/browsers/chromium/patches/no-build-timestamps.patch b/pkgs/applications/networking/browsers/chromium/patches/no-build-timestamps.patch
index e06d848095c8..6b788f43d29c 100644
--- a/pkgs/applications/networking/browsers/chromium/patches/no-build-timestamps.patch
+++ b/pkgs/applications/networking/browsers/chromium/patches/no-build-timestamps.patch
@@ -7,7 +7,7 @@
 +  # I don't trust LASTCHANGE magic, and I definelly want something deterministic here
 +  SOURCE_DATE_EPOCH = os.getenv("SOURCE_DATE_EPOCH", None)
 +  if SOURCE_DATE_EPOCH is not None:
-+    print SOURCE_DATE_EPOCH
++    print(SOURCE_DATE_EPOCH)
 +    return 0
 +  else:
 +    raise RuntimeError("SOURCE_DATE_EPOCH not set")
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix
index 0de95c7d6a94..436c6d7e7682 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix
@@ -1,18 +1,18 @@
 # This file is autogenerated from update.sh in the same directory.
 {
   beta = {
-    sha256 = "01sw6ql4fr1zwbw4l4c3xgmd3jqil9lgmpmlhfyj9ga4kp2qlnim";
-    sha256bin64 = "0xwxb54l1ylrckxd36pkzcla34d5hbnhxz3gkrv4id530l6ms6jh";
-    version = "75.0.3770.27";
+    sha256 = "1mk6gb3iif8i6zq41wjn3lhqqlqp1syzpav1nj0170l7v348p0ns";
+    sha256bin64 = "02zq7gy51nclfh8806yqv4713cpb4yamy0h7x1zgcd2rxvqm4v53";
+    version = "75.0.3770.80";
   };
   dev = {
-    sha256 = "0fq8sjyscz998ha4wnn4npr3bb4jslcjc1i7xgwz6bh4yhi1az4f";
-    sha256bin64 = "1yb6ff6bg662klki7dcrdaysmsnqrnlp8syxcvwl2rysswll3wyl";
-    version = "76.0.3788.1";
+    sha256 = "0h0dbmk8l45c61g8iiylfnw45rqyqwc40brphwksi6gsvwn2yw8h";
+    sha256bin64 = "0vrwsllnrcgdvsflncqhwyfbjiqcj0n3mxyyyalr8arvkpz5r5ai";
+    version = "76.0.3806.1";
   };
   stable = {
-    sha256 = "01ifjsss3nqr15xx2iqsiqgjq1xc07j7ljnapsb484m7dcfk3gnw";
-    sha256bin64 = "0zkv4x4vbra476c6wy4igp6k80r9ssb9632wsyrzjni9w3zk9qvy";
-    version = "74.0.3729.157";
+    sha256 = "1mk6gb3iif8i6zq41wjn3lhqqlqp1syzpav1nj0170l7v348p0ns";
+    sha256bin64 = "03agz2bl22cmwgdcni8lbzjrwpikg5caimh8ynmhnpy7q9r3zy2w";
+    version = "75.0.3770.80";
   };
 }