Firefox

Profiles

Firefox has a nasty habit of requiring a new profile every few releases. I say this is nasty because logins, current tabs, plugins (even if still supported) and perhaps bookmarks can be lost. In addition, it tends to name the profiles default, then default.default when it creates another. This can also apply when downgrading the version (e.g. going from 69.0 to 68.2.0esr). 73.0 required a new profile, that profile continues to work in 78.0

If you wish to use multiple profiles (or to be able to rename or delete old profiles), open firefox with 'firefox -P'.

You can also tell firefox to use a profile which it warns is old, either by invoking it from a term in xorg using 'MOZ_ALLOW_DOWNGRADE=1 firefox' or by invoking it as 'firefox --allow-downgrade'. The latter invocation has been troublesome in the past but appears to work since 68.2.0 and can be used from a desktop 'launcher'.

For 91.0esr, firefox seems to want to create a new profile when coming from 78esr, but using 'firefox -P' allows it to use the existing profile. If you have created redundant profiles, or wish to rename profiles, 'about:profiles' will open the profile manager to permit this.

Which version should I use ?

In general, BLFS tries to always use latest releases. For firefox up to and including 69.0 the latest version was normally used. But in late 2019 mozilla decided to move to a more-frequent release schedule (eventually 4 weeks instead of 6 or 7 weeks).

Newer versions tended to need newer versions of rust, but this can cause problems with other packages which use rust. In particular, thunderbird releases are based on the firefox esr (extended support releases) code and tended to have code which did not build with the latest version of rust. Nowadays, seamonkey is also in that situation.

There are only a few packages in BLFS which use rust and the editors aim to ensure that all the versions in the book can be built with the same version of rust.

As a result, after firefox-69 the book moved to the esr versions of firefox which for 68esr was technically a downgrade (see details about profiles above), but contained all the relevant security fixes.

You should always use the latest release, either the latest esr or the latest mainline version (or the latest beta for bleeding edge). And you should remember to update your ca-certificates when building a new version of firefox.

Problems with 91.0 failing to build

On a couple of systems (one fairly recent, one BLFS-10. with necessary updates) 91.0 failed to build - a python test on libgkrust.a reported

TEST-UNEXPECTED-FAIL | check_networking | libgkrust.a |
Identified 1 networking function(s) being imported in the rust static library (getsockname)

This happened with both clang and gcc.

There is now a patch in BLFS which fixes that problem.

Dependencies for 91.0esr series

cbindgen needs to be >= 0.19.0

icu needs to be >= 69.1

The node.js version now tests for v10.23.1, but node v10 is no longer maintained. Tested with the latest version of node.js in the book.

nspr needs to be >= 4.32.0

nss needs to be >= 3.68

rustc needs to be >= 1.47 but you should use at least 1.52.0 to fix possible vulnerabilities. If using openssl-3, use 1.56.1 with the sedto pick up newer 'cargo' and 'cargo-sys' crates.

Dependencies for the latest release

This is an attempt to help people who want to keep using the latest upstream release, and will be updated from time to time. It is also a store for any changes which will need to be addressed when the book moves to the next ESR version.

Dependencies for 101.0 series (latest upstream stable)

New Themes (Tools -> Add-Ons and Themes) can make it easier to see which tab is active.

The environment variable MACH_USE_SYSTEM_PYTHON has been deprecated since firefox-100.0, replace it by MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system.

cbindgen needs to be >= 0.23.0

icu should now be >= 71.1

The shipped libpng is now apparently automatically updated (reviewing changes would mean using mercurial). But upstream libpng has not been updated for some time. Similar automatic updates are now in place for libwebp, which presumably means the version should be 1.2.2. However, looking at the python configury files, it is possible that much earlier versions of these might work. For consistency, best to keep up to date.

The shipped libvpx has been updated to v1.11.0, updating the system version to that is recommended.

nss shipped version is 3.78.1 which is a security update. The same fixes are in nss-3.79.

rustc now needs to be >= 1.59.0, tested with 1.60.0.

other minimum versions unchanged

Sandboxing

From firefox-95 on, the build system wants to use "wasi-sysroot" to sandbox some of the shipped libraries (by converting to wasm and then back to sandboxed C). That will require, amongst other things, llvm built for WebAssembly (that is default, but BLFS does not enable it), wasi-libc ​https://github.com/WebAssembly/wasi-libc, some other supporting packages, and using clang instead of gcc. If you want to do that, look at what Arch is doing.

For the moment, g++ can be used if you pass --without-wasm-sandboxed-libraries.

Dependencies for 102.0beta

As of beta 1, the only obvious change is that nss-3.79 is required. Now that that version of nss has been released, it seems to build ok.

In fact, that was not true - although the documented nspr version in security/nss/automation/release/nspr-version.txt is still shown as 4.32, in 102.0b1 nspr-4.33 was used and by 102.0b8 nspr-4.34 is being used.

The early betas for 92.0 and 93.0 needed static libstdc++.a to link logalloc-replay (that specifies -static-libstdc++). In later betas that was not compiled. While using a static system lib (outside of rust) is annoying, the expected lifetime of a firefox beta is short and this requirement can be remembered if a vulnerability in libstdc++ is ever disclosed. I assume this requirement will continue for early betas.

Up
Top