Changeset e51466a for xsoft/graphweb/firefox.xml

Timestamp:

06/28/2022 04:01:41 PM (22 months ago)

Author:

Ken Moffat <ken@…>

Branches:

11.2, 11.3, 12.0, 12.1, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, xry111/llvm18, xry111/soup3, xry111/xf86-video-removal

Children:

b0540bce

Parents:

e603046

Message:

Update for firefox-102.0esr (security fix).

File:

• xsoft/graphweb/firefox.xml (modified) (13 diffs)

xsoft/graphweb/firefox.xml

@@ -7 +7 @@
   <!ENTITY firefox-download-http "&mozilla-http;/firefox/releases/&firefox-version;esr/source/firefox-&firefox-version;esr.source.tar.xz">
   <!ENTITY firefox-download-ftp  " ">
-  <!ENTITY firefox-md5sum        "c22765dc34c94035ebd83b998c90de33">
-  <!ENTITY firefox-size          "363 MB">
+  <!ENTITY firefox-md5sum        "72d8bf3644c4db2cced72fa3f712a4a1">
+  <!ENTITY firefox-size          "464 MB">
   <!-- NB with stylo, much of the build uses rust, and therefore cargo files.
     But the extra cached cargo files, if any, seem to be minimal -->
-  <!ENTITY firefox-buildsize     "6.6 GB (193 MB installed) without tests">
+  <!ENTITY firefox-buildsize     "7.1 GB (199 MB installed) without tests">
   <!-- editors: with ff63 and rust-1.29, ./mach build -j4 is probably the
    most practical way to get a timing on a machine with more cores, if taking
    cores offline is not practical. If in doubt, round up -->
-  <!ENTITY firefox-time          "25 SBU (on a typical 4-core machine) without tests">
+  <!ENTITY firefox-time          "24 SBU (on a typical 4-core machine) without tests">
 ]>
 
@@ -75 +75 @@
     </itemizedlist>
 
-    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+<!--<bridgehead renderas="sect3">Additional Downloads</bridgehead>
     <itemizedlist spacing="compact">
       <listitem>
@@ -89 +89 @@
         </para>
       </listitem>
-    </itemizedlist>
+    </itemizedlist>-->
 
     <note>
@@ -292 +292 @@
 ac_add_options --with-system-zlib
 
+# Using sandboxed wasm libraries has been moved to all builds instead
+# of only mozilla automation builds. It requires extra llvm packages
+# and was reported to seriously slow the build. Disable it.
+ac_add_options --without-wasm-sandboxed-libraries
+
 # The following option unsets Telemetry Reporting. With the Addons Fiasco,
 # Mozilla was found to be collecting user's data, including saved passwords and
@@ -308 +313 @@
     </para>
 
-    <para>
+<!--<para>
       First apply a patch which works around unexplained failures on some machines
       (a message that a python check on libgkrust.a identified 1 networking
@@ -320 +325 @@
     </para>
 
-<screen><userinput>patch -Np1 -i ../firefox-&firefox-version;esr-gcc12_fix-1.patch</userinput></screen>
+<screen><userinput>patch -Np1 -i ../firefox-&firefox-version;esr-gcc12_fix-1.patch</userinput></screen>-->
 
     <para>
@@ -330 +335 @@
 <screen><userinput>sed -i '/ROOT_CLIP_CHAIN/d' gfx/webrender_bindings/webrender_ffi.h</userinput></screen>
 
-<!-- applying this for 11.1: upstream haven't make their mind yet
-     https://bugzilla.mozilla.org/show_bug.cgi?id=1729459 -->
+<!-- applying this for 11.1: upstream haven't made their mind yet
+     https://bugzilla.mozilla.org/show_bug.cgi?id=1729459
+     Still applies in 102.0, 32-bit build NOT tested for that. -->
+
     <para>
       If building on a 32 bit machine, the following sed works around
@@ -395 +402 @@
     </para>
 
-<screen><userinput>export CC=gcc CXX=g++ &amp;&amp;
-export MACH_USE_SYSTEM_PYTHON=1            &amp;&amp;
-export MOZBUILD_STATE_PATH=${PWD}/mozbuild &amp;&amp;
-./mach configure                           &amp;&amp;
+<screen><userinput>export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system &amp;&amp;
+export MOZBUILD_STATE_PATH=${PWD}/mozbuild            &amp;&amp;
+./mach configure                                      &amp;&amp;
 ./mach build</userinput></screen>
 
@@ -416 +422 @@
     </para>
 
-<screen role="root"><userinput>MACH_USE_SYSTEM_PYTHON=1 ./mach install</userinput></screen>
+<screen role="root"><userinput>MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system ./mach install</userinput></screen>
 
     <para>
@@ -422 +428 @@
     </para>
 
-<screen><userinput>unset CC CXX MACH_USE_SYSTEM_PYTHON MOZBUILD_STATE_PATH</userinput></screen>
+<screen><userinput>unset MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE MOZBUILD_STATE_PATH</userinput></screen>
 
   </sect2>
@@ -431 +437 @@
 <!--<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
       href="../../xincludes/SIOCGSTAMP.xml"/>-->
-
-    <para>
-      <command>export CC=gcc CXX=g++ ...</command>: Upstream now prefer
-      <application>clang</application> so that they can use one compiler
-      everywhere. On the X86 architectures <application>clang</application>
-      now appears to support most of the same security-hardening options as
-      <application>GCC</application>.
-      <!-- supported in llvm-11
-      but the newer
-      <literal>-fstack-clash-protection</literal> is still not supported.-->
-      With the current versions and the default flags,
-      <application>GCC</application> creates a marginally bigger build but
-      takes typically 2 SBU less time on a 4-core machine using the mozconfig
-      above.
-    </para>
 
     <para>
@@ -465 +456 @@
 
     <para>
-      <command>MACH_USE_SYSTEM_PYTHON=1</command>: Use the system python
-      to create a virtual environment for <command>mach</command> without
-      downloading any python wheels.
+      <command>MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system</command>: Use the
+      system python to create a virtual environment for <command>mach</command>
+      without downloading any python wheels.
     </para>
 
@@ -488 +479 @@
     </para>
 
-<!--
-    <para>
-      <command>mkdir -pv /usr/lib/mozilla/plugins</command>: This ensures
-      that <filename class="directory">/usr/lib/mozilla/plugins/</filename>
-      exists.
-    </para>
-
-    <para>
-      <command>ln -sv ... /usr/lib/firefox/browser</command>:
-      This command creates a symbolic link to <filename
-      class="directory">/usr/lib/mozilla/plugins</filename>. It's not really
-      needed, as <application>Firefox</application> checks <filename
-      class="directory">/usr/lib/mozilla/plugins</filename> by default, but the
-      symbolic link is made to keep all the plugins installed in one folder.
-    </para>
--->
+    <para>
+      <parameter><envar>CC=gcc CXX=g++</envar></parameter>: BLFS used to
+      prefer to use gcc and g++ instead of upstream's defaults of the
+      <application>clang</application> programs. With the release of
+      gcc-12 the build takes longer with gcc and g++, primarily because
+      of extra warnings, and is bigger. Set these environment variables
+      <emphasis>before you run the configure script</emphasis>
+      if you wish to continue to use gcc, g++.
+    </para>
 
   </sect2>