Changes between Version 127 and Version 128 of firefox
- Timestamp:
- 06/28/2022 03:31:33 PM (22 months ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
firefox
v127 v128 9 9 You can also tell firefox to use a profile which it warns is old, either by invoking it from a term in xorg using 'MOZ_ALLOW_DOWNGRADE=1 firefox' or by invoking it as 'firefox --allow-downgrade'. The latter invocation has been troublesome in the past but appears to work since 68.2.0 and can be used from a desktop 'launcher'. 10 10 11 For 91.0esr, firefox seems to want to create a new profile when coming from 78esr, but using 'firefox -P' allows it to use the existing profile. If you have created redundant profiles, or wish to rename profiles, 'about:profiles' will open the profile manager to permit this. 11 For 91.0esr, firefox seems to want to create a new profile when coming from 78esr, but using 'firefox -P' allows it to use the existing profile. If you have created redundant profiles, or wish to rename profiles, 'about:profiles' will open the profile manager to permit this. 12 13 When upgrading from firefox-91esr to 102esr the profile is automatically upgraded. However, if you have multiple systems on the same machine which share /home (in my case, development and released systems), invoking firefox on another system after one system has been updated, even just starting the profile selector or running firefox --version, is enough to get the profile marked as trashed. Backups of ~/.mozilla are good :-) 12 14 13 15 == Which version should I use ? == … … 23 25 '''You should always use the latest release, either the latest esr or the latest mainline version (or the latest beta for bleeding edge)'''. And you should remember to update your ca-certificates when building a new version of firefox. 24 26 25 == Problems with 91.0 failing to build == 26 27 On a couple of systems (one fairly recent, one BLFS-10. with necessary updates) 91.0 failed to build - a python test on libgkrust.a reported 28 {{{ 29 TEST-UNEXPECTED-FAIL | check_networking | libgkrust.a | 30 Identified 1 networking function(s) being imported in the rust static library (getsockname) 31 }}} 32 33 This happened with both clang and gcc. 34 35 There is now a patch in BLFS which fixes that problem. 36 37 38 == Dependencies for 91.0esr series == 27 == Dependencies for 91esr series == 39 28 40 29 cbindgen needs to be >= 0.19.0 … … 48 37 nss needs to be >= 3.68 49 38 50 rustc needs to be >= 1.47 but you should use at least 1.52.0 to fix possible vulnerabilities. If using openssl-3, use 1.56.1 with the sedto pick up newer 'cargo' and 'cargo-sys' crates. 39 rustc needs to be >= 1.47 but you should use at least 1.58.1. 40 41 42 == Dependencies for 102esr series == 43 44 cbindgen needs to be >= 0.23 45 46 icu needs to be >= 71.1 47 48 Firefox continues to test for node.js >= v10.23.1 which has not been maintained for a long time. If you have updated node.js to fix each reported vulnerability you should be (I think v16.14.2 was the last vulnerability fix). If not, update to the current version. 49 50 libvpx should be v1.11.0. 51 52 nspr needs to be >= 4.34 53 54 nss needs to be >= 3.79 55 56 rustc needs to be >= 1.59.0, tested with 1.60.0. 57 58 The environment variable MACH_USE_SYSTEM_PYTHON has been deprecated since firefox-100.0, replace it by MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system. 59 60 See below re 'sandboxing' for how to disable wasi-sysroot, or where to look if you wish to use it. 61 62 New Themes (Tools -> Add-Ons and Themes) can make it easier to see which tab is active. 51 63 52 64 … … 55 67 This is an attempt to help people who want to keep using the latest upstream release, and will be updated from time to time. It is also a store for any changes which will need to be addressed when the book moves to the next ESR version. 56 68 57 == Dependencies for 101.0 series (latest upstream stable) == 69 Note that point releases of the current stable versions are not specifically monitored, if you use the current stable version you should check for updates and their release note and any security fixes. 58 70 59 New Themes (Tools -> Add-Ons and Themes) can make it easier to see which tab is active. 71 == Dependencies for 102.0 series (latest upstream stable) == 60 72 61 The environment variable MACH_USE_SYSTEM_PYTHON has been deprecated since firefox-100.0, replace it by MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system.73 Same as for 102esr. 62 74 63 cbindgen needs to be >= 0.23.064 65 icu should now be >= 71.166 67 The shipped libpng is now apparently automatically updated (reviewing68 changes would mean using mercurial). But upstream libpng has not been updated for some time. Similar automatic updates are now in place for libwebp, which presumably means the version should be 1.2.2. However, looking at the python configury files, it is possible that much earlier versions of these might work. For consistency, best to keep up to date.69 70 The shipped libvpx has been updated to v1.11.0, updating the system version to that is recommended.71 72 nss shipped version is 3.78.1 which is a security update. The same fixes are in nss-3.79.73 74 rustc now needs to be >= 1.59.0, tested with 1.60.0.75 76 other minimum versions unchanged77 75 78 76 == Sandboxing == … … 82 80 For the moment, g++ can be used if you pass --without-wasm-sandboxed-libraries. 83 81 84 == Dependencies for 10 2.0beta ==82 == Dependencies for 103.0beta == 85 83 86 As of beta 1, the only obvious change is that nss-3.79 is required. Now that that version of nss has been released, it seems to build ok. 84 Not yet tested, but as of build 1 candidate for beta1: 87 85 88 In fact, that was not true - although the documented nspr version in security/nss/automation/release/nspr-version.txt is still shown as 4.32, in 102.0b1 nspr-4.33 was used and by 102.0b8 nspr-4.34 is being used. 86 cbindgen >= 0.24.3 89 87 90 The early betas for 92.0 and 93.0 needed static libstdc++.a to link logalloc-replay (that specifies -static-libstdc++). In later betas that was not compiled. While using a static system lib (outside of rust) is annoying, the expected lifetime of a firefox beta is short and this requirement can be remembered if a vulnerability in libstdc++ is ever disclosed. I assume this requirement will continue for early betas. 88 nss >= 3.80.0 89 90 The early betas for 92.0 and 93.0 needed static libstdc++.a to link logalloc-replay (that specifies -static-libstdc++). In later betas that was not compiled. While using a static system lib (outside of rust) is annoying, the expected lifetime of a firefox beta is short and this requirement can be remembered if a vulnerability in libstdc++ is ever disclosed. I assume this requirement will continue for early betas (those where EARLY_BETA_OR_EARLIER is defined in build/defines.sh). 91 91 92 92 [wiki:GraphicalWebBrowsers Up][[br]]