From 2be5772ed871d21ae8e42261f93598f47ac418468535273b42a99279827d648a Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Tue, 2 Jul 2019 20:43:20 +0000 Subject: [PATCH 1/8] Accepting request 713071 from home:marxin:branches:mozilla:Factory - Enable PGO for x86_64. OBS-URL: https://build.opensuse.org/request/show/713071 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=746 --- MozillaFirefox.changes | 5 +++ MozillaFirefox.spec | 7 +++- ...kde.js-in-order-to-survive-PGO-build.patch | 34 +++++++++++++++++++ 3 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 firefox-add-kde.js-in-order-to-survive-PGO-build.patch diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index f9fe898..563541f 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -280,6 +280,11 @@ Fri Feb 15 13:45:57 UTC 2019 - Guillaume GARDET - Update _constraints to avoid 'no space left' error seen on aarch64 +------------------------------------------------------------------- +Thu Feb 14 08:19:19 UTC 2019 - Martin Liška + +- Enable PGO for x86_64. + ------------------------------------------------------------------- Wed Feb 13 07:17:28 UTC 2019 - Wolfgang Rosenauer diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index 4dcee0e..41fd975 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -62,6 +62,7 @@ BuildRequires: Mesa-devel BuildRequires: alsa-devel BuildRequires: autoconf213 BuildRequires: dbus-1-glib-devel +BuildRequires: dejavu-fonts BuildRequires: fdupes BuildRequires: memory-constraints %if 0%{?suse_version} <= 1320 @@ -90,6 +91,7 @@ BuildRequires: startup-notification-devel BuildRequires: unzip BuildRequires: update-desktop-files BuildRequires: xorg-x11-libXt-devel +BuildRequires: xvfb-run BuildRequires: yasm BuildRequires: zip %if 0%{?suse_version} < 1550 @@ -168,6 +170,7 @@ Patch12: mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch +Patch103: firefox-add-kde.js-in-order-to-survive-PGO-build.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires(post): coreutils shared-mime-info desktop-file-utils Requires(postun): shared-mime-info desktop-file-utils @@ -276,6 +279,7 @@ cd $RPM_BUILD_DIR/%{source_prefix} # Firefox %patch101 -p1 %patch102 -p1 +%patch103 -p1 %build # no need to add build time to binaries @@ -388,10 +392,11 @@ ac_add_options --disable-webrtc # LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506) %if 0%{?suse_version} > 1500 ac_add_options --enable-lto +ac_add_options MOZ_PGO=1 %endif %endif EOF -./mach build +xvfb-run --server-args="-screen 0 1920x1080x24" ./mach build %install cd $RPM_BUILD_DIR/obj diff --git a/firefox-add-kde.js-in-order-to-survive-PGO-build.patch b/firefox-add-kde.js-in-order-to-survive-PGO-build.patch new file mode 100644 index 0000000..7e66b01 --- /dev/null +++ b/firefox-add-kde.js-in-order-to-survive-PGO-build.patch @@ -0,0 +1,34 @@ +From 89767f5dd97e69d7e9189e5603647645818d27d6 Mon Sep 17 00:00:00 2001 +From: marxin +Date: Thu, 29 Nov 2018 10:07:29 +0100 +Subject: [PATCH 2/3] Add kde.js in order to survive PGO build. + +--- + browser/app/Makefile.in | 1 + + kde.js | 2 ++ + 2 files changed, 3 insertions(+) + create mode 100644 kde.js + +diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in +index 4129aa43fb91..c9950895d520 100644 +--- a/browser/app/Makefile.in ++++ b/browser/app/Makefile.in +@@ -57,6 +57,7 @@ endif + libs:: $(srcdir)/profile/channel-prefs.js + $(NSINSTALL) -D $(DIST)/bin/defaults/pref + $(call py_action,preprocessor,-Fsubstitution $(PREF_PPFLAGS) $(ACDEFINES) $^ -o $(DIST)/bin/defaults/pref/channel-prefs.js) ++ cp $(topsrcdir)/kde.js $(DIST)/bin/defaults/pref/kde.js + + ifeq (cocoa,$(MOZ_WIDGET_TOOLKIT)) + +diff --git a/kde.js b/kde.js +new file mode 100644 +index 000000000000..b0d3e5d20437 +--- /dev/null ++++ b/kde.js +@@ -0,0 +1,2 @@ ++pref("browser.preferences.instantApply", false); ++pref("browser.backspace_action", 0); +-- +2.19.1 + From 0ecf616f238171af0ed1a4a52981885c5b8212a29adc58a9ffa2ea81435d3fc1 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Mon, 8 Jul 2019 08:37:13 +0000 Subject: [PATCH 2/8] - Enable PGO for x86_64. OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=747 --- MozillaFirefox.changes | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index 563541f..2f96635 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Jul 2 14:15:17 UTC 2019 - Martin Liška + +- Enable PGO for x86_64. + ------------------------------------------------------------------- Thu Jun 20 06:20:59 UTC 2019 - Wolfgang Rosenauer @@ -280,11 +285,6 @@ Fri Feb 15 13:45:57 UTC 2019 - Guillaume GARDET - Update _constraints to avoid 'no space left' error seen on aarch64 -------------------------------------------------------------------- -Thu Feb 14 08:19:19 UTC 2019 - Martin Liška - -- Enable PGO for x86_64. - ------------------------------------------------------------------- Wed Feb 13 07:17:28 UTC 2019 - Wolfgang Rosenauer From c4b62217a3e2d8b6ec4dd3b6f4c9fafea2eff84de14a00e3253ff46b1ac885b7 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Tue, 9 Jul 2019 21:21:11 +0000 Subject: [PATCH 3/8] - Mozilla Firefox 68.0 * Dark mode in reader view * Improved extension security and discovery * Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences * Camera and microphone access now require an HTTPS connection MFSA 2019-21 (bsc#1140868) * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) Sandbox escape via installation of malicious languagepack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11714 (bmo#1542593) NeckoChild can trigger crash when accessed off of main thread * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11716 (bmo#1552632) globalThis not enumerable until accessed * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11718 (bmo#1408349) Activity Stream writes unsanitized content to innerHTML * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748 --- MozillaFirefox.changes | 75 ++++++ MozillaFirefox.spec | 64 +++-- compare-locales.tar.xz | 4 +- create-tar.sh | 268 ++++++++++++++++---- firefox-67.0.4.source.tar.xz | 3 - firefox-67.0.4.source.tar.xz.asc | 17 -- firefox-68.0.source.tar.xz | 3 + firefox-68.0.source.tar.xz.asc | 16 ++ firefox-kde.patch | 290 ++++++++-------------- l10n-67.0.4.tar.xz | 3 - l10n-68.0.tar.xz | 3 + mozilla-aarch64-startup-crash.patch | 30 +-- mozilla-bmo1005535.patch | 20 ++ mozilla-gcc-internal-compiler-error.patch | 29 +++ mozilla-kde.patch | 147 ++++++----- mozilla-nongnome-proxies.patch | 40 ++- mozilla-ppc-altivec_static_inline.patch | 20 ++ mozilla-reduce-rust-debuginfo.patch | 34 +++ mozilla-s390-bigendian.patch | 20 ++ mozilla-s390-context.patch | 36 +++ source-stamp.txt | 2 +- tar_stamps | 10 + 22 files changed, 750 insertions(+), 384 deletions(-) delete mode 100644 firefox-67.0.4.source.tar.xz delete mode 100644 firefox-67.0.4.source.tar.xz.asc create mode 100644 firefox-68.0.source.tar.xz create mode 100644 firefox-68.0.source.tar.xz.asc delete mode 100644 l10n-67.0.4.tar.xz create mode 100644 l10n-68.0.tar.xz create mode 100644 mozilla-bmo1005535.patch create mode 100644 mozilla-gcc-internal-compiler-error.patch create mode 100644 mozilla-ppc-altivec_static_inline.patch create mode 100644 mozilla-reduce-rust-debuginfo.patch create mode 100644 mozilla-s390-bigendian.patch create mode 100644 mozilla-s390-context.patch create mode 100644 tar_stamps diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index 2f96635..2b8bfe0 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,78 @@ +------------------------------------------------------------------- +Mon Jul 8 13:30:35 UTC 2019 - Wolfgang Rosenauer + +- Mozilla Firefox 68.0 + * Dark mode in reader view + * Improved extension security and discovery + * Cryptomining and fingerprinting protections are added to strict + content blocking settings in Privacy & Security preferences + * Camera and microphone access now require an HTTPS connection + MFSA 2019-21 (bsc#1140868) + * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) + Sandbox escape via installation of malicious languagepack + * CVE-2019-11711 (bmo#1552541) + Script injection within domain through inner window reuse + * CVE-2019-11712 (bmo#1543804) + Cross-origin POST requests can be made with NPAPI plugins by + following 308 redirects + * CVE-2019-11713 (bmo#1528481) + Use-after-free with HTTP/2 cached stream + * CVE-2019-11714 (bmo#1542593) + NeckoChild can trigger crash when accessed off of main thread + * CVE-2019-11729 (bmo#1515342) + Empty or malformed p256-ECDH public keys may trigger a segmentation fault + * CVE-2019-11715 (bmo#1555523) + HTML parsing error can contribute to content XSS + * CVE-2019-11716 (bmo#1552632) + globalThis not enumerable until accessed + * CVE-2019-11717 (bmo#1548306) + Caret character improperly escaped in origins + * CVE-2019-11718 (bmo#1408349) + Activity Stream writes unsanitized content to innerHTML + * CVE-2019-11719 (bmo#1540541) + Out-of-bounds read when importing curve25519 private key + * CVE-2019-11720 (bmo#1556230) + Character encoding XSS vulnerability + * CVE-2019-11721 (bmo#1256009) + Domain spoofing through unicode latin 'kra' character + * CVE-2019-11730 (bmo#1558299) + Same-origin policy treats all files in a directory as having the + same-origin + * CVE-2019-11723 (bmo#1528335) + Cookie leakage during add-on fetching across private browsing boundaries + * CVE-2019-11724 (bmo#1512511) + Retired site input.mozilla.org has remote troubleshooting permissions + * CVE-2019-11725 (bmo#1483510) + Websocket resources bypass safebrowsing protections + * CVE-2019-11727 (bmo#1552208) + PKCS#1 v1.5 signatures can be used for TLS 1.3 + * CVE-2019-11728 (bmo#1552993) + Port scanning through Alt-Svc header + * CVE-2019-11710 (bmo#1549768, bmo#1548611, bmo#1533842, bmo#1537692, + bmo#1540590, bmo#1551907, bmo#1510345, bmo#1535482, bmo#1535848, + bmo#1547472, bmo#1547760, bmo#1507696, bmo#1544180) + Memory safety bugs fixed in Firefox 68 + * CVE-2019-11709 (bmo#1547266, bmo#1540759, bmo#1548822, bmo#1550498 + bmo#1515052, bmo#1539219, bmo#1547757, bmo#1550498, bmo#1533522) + Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 +- requires + * NSS 3.44.1 + * rust/cargo 1.34 + * rust-cbindgen 0.8.7 +- rebased patches + * mozilla-aarch64-startup-crash.patch + * mozilla-kde.patch + * mozilla-nongnome-proxies.patch + * firefox-kde.patch +- use new create-tar.sh and add tar_stamps for package definitions +- added patches imported from SLE flavour + * mozilla-gcc-internal-compiler-error.patch + * mozilla-bmo1005535.patch + * mozilla-ppc-altivec_static_inline.patch + * mozilla-reduce-rust-debuginfo.patch + * mozilla-s390-bigendian.patch + * mozilla-s390-context.patch + ------------------------------------------------------------------- Mon Jul 2 14:15:17 UTC 2019 - Martin Liška diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index 41fd975..a2af197 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -2,7 +2,7 @@ # spec file for package MozillaFirefox # # Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. -# 2006-2019 Wolfgang Rosenauer +# 2006-2019 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,13 +18,13 @@ # changed with every update -%define major 67 -%define mainver %major.0.4 -%define orig_version 67.0.4 +%define major 68 +%define mainver %major.0 +%define orig_version 68.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 -%define releasedate 20190619235627 +%define releasedate 20190705220548 %define source_prefix firefox-%{orig_version} # always build with GCC as SUSE Security Team requires that @@ -70,7 +70,7 @@ BuildRequires: gcc7-c++ %else BuildRequires: gcc-c++ %endif -BuildRequires: cargo >= 1.32 +BuildRequires: cargo >= 1.34 BuildRequires: libXcomposite-devel BuildRequires: libcurl-devel BuildRequires: libidl-devel @@ -79,14 +79,14 @@ BuildRequires: libnotify-devel BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.21 -BuildRequires: mozilla-nss-devel >= 3.43 +BuildRequires: mozilla-nss-devel >= 3.44.1 BuildRequires: nasm >= 2.13 BuildRequires: nodejs >= 8.11 BuildRequires: python-devel BuildRequires: python2-xml BuildRequires: python3 >= 3.5 -BuildRequires: rust >= 1.32 -BuildRequires: rust-cbindgen >= 0.8.2 +BuildRequires: rust >= 1.34 +BuildRequires: rust-cbindgen >= 0.8.7 BuildRequires: startup-notification-devel BuildRequires: unzip BuildRequires: update-desktop-files @@ -95,7 +95,7 @@ BuildRequires: xvfb-run BuildRequires: yasm BuildRequires: zip %if 0%{?suse_version} < 1550 -BuildRequires: pkgconfig(gconf-2.0) +BuildRequires: pkgconfig(gconf-2.0) >= 1.2.1 %endif BuildRequires: pkgconfig(gdk-x11-2.0) BuildRequires: pkgconfig(glib-2.0) >= 2.22 @@ -138,6 +138,7 @@ Source: http://ftp.mozilla.org/pub/firefox/releases/%{version}/source/fi Source1: MozillaFirefox.desktop Source2: MozillaFirefox-rpmlintrc Source3: mozilla.sh.in +Source4: tar_stamps Source5: source-stamp.txt Source6: kde.js Source7: l10n-%{orig_version}%{orig_suffix}.tar.xz @@ -147,7 +148,7 @@ Source10: compare-locales.tar.xz Source11: firefox.1 Source12: mozilla-get-app-id Source13: spellcheck.js -Source14: create-tar.sh +Source14: https://github.com/openSUSE/firefox-scripts/raw/master/create-tar.sh Source15: firefox-appdata.xml Source16: MozillaFirefox.changes # Set up API keys, see http://www.chromium.org/developers/how-tos/api-keys @@ -155,18 +156,24 @@ Source16: MozillaFirefox.changes # please get your own set of keys. Source18: mozilla-api-key Source19: google-api-key -Source20: http://ftp.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{orig_version}%{orig_suffix}.source.tar.xz.asc +Source20: https://ftp.mozilla.org/pub/%{progname}/releases/%{version}/source/%{progname}-%{orig_version}%{orig_suffix}.source.tar.xz.asc Source21: mozilla.keyring # Gecko/Toolkit Patch1: mozilla-nongnome-proxies.patch Patch2: mozilla-kde.patch Patch3: mozilla-ntlm-full-path.patch Patch4: mozilla-openaes-decl.patch -Patch7: mozilla-aarch64-startup-crash.patch -Patch9: mozilla-bmo1463035.patch -Patch10: mozilla-cubeb-noreturn.patch -Patch11: mozilla-fix-aarch64-libopus.patch -Patch12: mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch +Patch5: mozilla-aarch64-startup-crash.patch +Patch6: mozilla-bmo1463035.patch +Patch7: mozilla-cubeb-noreturn.patch +Patch8: mozilla-fix-aarch64-libopus.patch +Patch9: mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch +Patch10: mozilla-gcc-internal-compiler-error.patch +Patch11: mozilla-s390-context.patch +Patch12: mozilla-s390-bigendian.patch +Patch13: mozilla-reduce-rust-debuginfo.patch +Patch14: mozilla-ppc-altivec_static_inline.patch +Patch15: mozilla-bmo1005535.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch @@ -209,7 +216,7 @@ Development files for %{appname} to make packaging of addons easier. %package translations-common Summary: Common translations for %{appname} Group: System/Localization -Provides: locale(%{name}:ar;ca;cs;da;de;en_GB;el;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW) +Provides: locale(%{name}:ar;ca;cs;da;de;el;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW) Requires: %{name} = %{version} Obsoletes: %{name}-translations < %{version}-%{release} @@ -262,6 +269,15 @@ symbols meant for upload to Mozilla's crash collector database. %prep %if %localize + +# If generated incorrectly, the tarball will be ~270B in +# size, so 1MB seems like good enough limit to check. +MINSIZE=1048576 +if (( $(stat -c%s "%{SOURCE7}") < MINSIZE)); then + echo "Translations tarball %{SOURCE7} not generated properly." + exit 1 +fi + %setup -q -n %{source_prefix} -b 7 -b 10 %else %setup -q -n %{source_prefix} @@ -271,11 +287,19 @@ cd $RPM_BUILD_DIR/%{source_prefix} %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 +%patch6 -p1 %patch7 -p1 +%patch8 -p1 %patch9 -p1 %patch10 -p1 %patch11 -p1 +%ifarch s390x %patch12 -p1 +%endif +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 # Firefox %patch101 -p1 %patch102 -p1 @@ -283,7 +307,7 @@ cd $RPM_BUILD_DIR/%{source_prefix} %build # no need to add build time to binaries -modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/MozillaFirefox.changes")" +modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")" DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\"" TIME="\"$(date -d "${modified}" "+%%R")\"" find . -regex ".*\.c\|.*\.cpp\|.*\.h" -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} + @@ -441,7 +465,7 @@ sed -r '/^(ja-JP-mac|en-US|)$/d;s/ .*$//' $RPM_BUILD_DIR/%{source_prefix}/browse rm -rf %{buildroot}%{progdir}/browser/extensions/langpack-$locale@firefox.mozilla.org/hyphenation # check against the fixed common list and sort into the right filelist _matched=0 - for _match in ar ca cs da de en-GB el es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do + for _match in ar ca cs da de el en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do [ "$_match" = "$locale" ] && _matched=1 done [ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other diff --git a/compare-locales.tar.xz b/compare-locales.tar.xz index abddcf3..f0cf3b6 100644 --- a/compare-locales.tar.xz +++ b/compare-locales.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:c2d3ff21d8f2f8aa24da600f402d848e377e20c4f409092f9bf15fa41b69c0fc -size 28400 +oid sha256:b0c9df05c85ba1e6089280153c4e929063e6ec30db07929de68ddb06d5f8031a +size 28392 diff --git a/create-tar.sh b/create-tar.sh index e053e67..a3618f6 100644 --- a/create-tar.sh +++ b/create-tar.sh @@ -1,20 +1,124 @@ #!/bin/bash -# TODO -# http://ftp.mozilla.org/pub/firefox/candidates/48.0-candidates/build2/linux-x86_64/en-US/firefox-48.0.json -# "moz_source_stamp": "c1de04f39fa956cfce83f6065b0e709369215ed5" -# http://ftp.mozilla.org/pub/firefox/candidates/48.0-candidates/build2/l10n_changesets.txt +function print_usage_and_exit() { + echo "Usage: create-tar.sh tar_stamp" + echo "" + echo "Where tar_stamp should look like this:" + echo "" + cat << EOF +# Node ID: 64ee63facd4ff96b3e8590cff559d7e97ac6b061 +PRODUCT="firefox" # "firefox" or "thunderbird" +CHANNEL="esr60" +VERSION="60.7.0" +VERSION_SUFFIX="esr" +FF_RELEASE_TAG="" # Needs only to be set if no tar-ball can be downloaded +TB_RELEASE_TAG="" # Only relevant for Thunderbird +PREV_VERSION="60.6.3" # Prev. version only needed for locales (leave empty to force l10n-generation) +PREV_VERSION_SUFFIX="esr" +#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation +EOF -CHANNEL="release" +exit 1 +} + +if [ $# -ne 1 ]; then + print_usage_and_exit +fi + +# Sourcing the given tar_stamp-file to have the variables available +source "$1" || print_usage_and_exit + +# Internal variables BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="ea5154beddff08b919697e3bed6f38cfe3a3d82f" -VERSION="67.0.4" -VERSION_SUFFIX="" -LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json" +if [ "$PRODUCT" = "firefox" ]; then + LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json" +else + LOCALE_FILE="thunderbird-$VERSION/comm/mail/locales/l10n-changesets.json" +fi + +SOURCE_TARBALL="$PRODUCT-$VERSION$VERSION_SUFFIX.source.tar.xz" +FTP_URL="https://ftp.mozilla.org/pub/$PRODUCT/releases/$VERSION$VERSION_SUFFIX/source" +# Make first letter of PRODCUT upper case +PRODUCT_CAP="${PRODUCT^}" +LOCALES_URL="https://product-details.mozilla.org/1.0/l10n/$PRODUCT_CAP" +# Exit script on CTRL+C +trap "exit" INT + +function check_tarball_source () { + TARBALL=$1 + # Print out what is going to be done: + if [ -e $TARBALL ]; then + echo "Reuse existing file" + elif wget --spider $FTP_URL/$TARBALL 2> /dev/null; then + echo "Download file" + else + echo "Mercurial checkout" + fi +} + +function ask_cont_abort_question() { + while true; do + read -p "$1 [(c)ontinue/(a)bort] " ca + case $ca in + [Cc]* ) return 0 ;; + [Aa]* ) return 1 ;; + * ) echo "Please answer c or a.";; + esac + done +} + +function check_for_binary() { + if ! test -x $1; then + echo "$1 is missing: execute zypper in $2" + exit 5 + fi +} + +function locales_get() { + TMP_VERSION="$1" + URL_TO_CHECK="${LOCALES_URL}-${TMP_VERSION}" + + LAST_FOUND="" + # Unfortunately, locales-files are not associated to releases, but to builds. + # And since we don't know which build was the final build, we go from 1 to + # the last we find and try to find the latest one that exists. + # Error only if not even the first one exists + for BUILD_ID in $(seq 1 9); do + FINAL_URL="${URL_TO_CHECK}-build${BUILD_ID}.json" + if wget --quiet --spider "$FINAL_URL"; then + LAST_FOUND="$FINAL_URL" + elif [ $BUILD_ID -gt 1 ]; then + echo "$LAST_FOUND" + return 0 + else + echo "Error: Could not find locales-file (json) for Firefox $TMP_VERSION !" 1>&2 + return 1 + fi + done +} + +function locales_parse() { + URL="$1" + curl -s "$URL" | python -c "import json; import sys; \ + print('\n'.join(['{} {}'.format(key, value['changeset']) \ + for key, value in sorted(json.load(sys.stdin)['locales'].items())]));" +} + +function locales_unchanged() { + # If no json-file for one of the versions can be found, we say "they changed" + prev_url=$(locales_get "$PREV_VERSION$PREV_VERSION_SUFFIX") || return 1 + curr_url=$(locales_get "$VERSION$VERSION_SUFFIX") || return 1 + + prev_content=$(locales_parse "$prev_url") || exit 1 + curr_content=$(locales_parse "$curr_url") || exit 1 + + diff -y --suppress-common-lines -d <(echo "$prev_content") <(echo "$curr_content") +} # check required tools -test -x /usr/bin/hg || ( echo "hg missing: execute zypper in mercurial"; exit 5 ) -test -x /usr/bin/jq || ( echo "jq missing: execute zypper in jq"; exit 5 ) +check_for_binary /usr/bin/hg "mercurial" +check_for_binary /usr/bin/jq "jq" +which python > /dev/null || exit 1 # use parallel compression, if available compression='-J' @@ -23,69 +127,139 @@ if (($? != 127)); then compression='-Ipixz' fi +if [ -z ${SKIP_LOCALES+x} ]; then + # TODO: Thunderbird has usually "default" as locale entry. + # There we probably need to double-check Firefox-locals + # For now, just download every time for Thunderbird + if [ "$PRODUCT" = "firefox" ] && [ "$PREV_VERSION" != "" ] && locales_unchanged; then + printf "%-40s: Did not change. Skipping.\n" "locales" + LOCALES_CHANGED=0 + else + printf "%-40s: Need to download.\n" "locales" + LOCALES_CHANGED=1 + fi +else + printf "%-40s: User forced skip (SKIP_LOCALES set)\n" "locales" +fi + +# Check what is going to be done and ask for consent +for ff in $SOURCE_TARBALL $SOURCE_TARBALL.asc; do + printf "%-40s: %s\n" $ff "$(check_tarball_source $ff)" +done + +$(ask_cont_abort_question "Is this ok?") || exit 0 + +# Try to download tar-ball from officiall mozilla-mirror +if [ ! -e $SOURCE_TARBALL ]; then + wget https://ftp.mozilla.org/pub/$PRODUCT/releases/$VERSION$VERSION_SUFFIX/source/$SOURCE_TARBALL +fi +# including signature +if [ ! -e $SOURCE_TARBALL.asc ]; then + wget https://ftp.mozilla.org/pub/$PRODUCT/releases/$VERSION$VERSION_SUFFIX/source/$SOURCE_TARBALL.asc +fi + # we might have an upstream archive already and can skip the checkout -if [ -e firefox-$VERSION$VERSION_SUFFIX.source.tar.xz ]; then - echo "skip firefox checkout and use available archive" - # still need to extract the locale information from the archive - echo "extract locale changesets" - tar -xf firefox-$VERSION$VERSION_SUFFIX.source.tar.xz $LOCALE_FILE +if [ -e $SOURCE_TARBALL ]; then + if [ -z ${SKIP_LOCALES+x} ]; then + # still need to extract the locale information from the archive + echo "extract locale changesets" + tar -xf $SOURCE_TARBALL $LOCALE_FILE + fi else + # We are working on a version that is not yet published on the mozilla mirror + # so we have to actually check out the repo + # mozilla - if [ -d firefox-$VERSION ]; then - pushd firefox-$VERSION + if [ -d $PRODUCT-$VERSION ]; then + pushd $PRODUCT-$VERSION || exit 1 _repourl=$(hg paths) case "$_repourl" in *$BRANCH*) echo "updating previous tree" hg pull - popd + popd || exit 1 ;; * ) echo "removing obsolete tree" - popd - rm -rf firefox-$VERSION + popd || exit 1 + rm -rf $PRODUCT-$VERSION ;; esac fi - if [ ! -d firefox-$VERSION ]; then + if [ ! -d $PRODUCT-$VERSION ]; then echo "cloning new $BRANCH..." - hg clone http://hg.mozilla.org/$BRANCH firefox-$VERSION + hg clone http://hg.mozilla.org/$BRANCH $PRODUCT-$VERSION + if [ "$PRODUCT" = "thunderbird" ]; then + hg clone http://hg.mozilla.org/releases/comm-$CHANNEL thunderbird-$VERSION/comm + fi fi - pushd firefox-$VERSION - hg update --check - [ "$RELEASE_TAG" == "default" ] || hg update -r $RELEASE_TAG + pushd $PRODUCT-$VERSION || exit 1 + hg update --check $FF_RELEASE_TAG + [ "$FF_RELEASE_TAG" == "default" ] || hg update -r $FF_RELEASE_TAG # get repo and source stamp echo -n "REV=" > ../source-stamp.txt hg -R . parent --template="{node|short}\n" >> ../source-stamp.txt echo -n "REPO=" >> ../source-stamp.txt hg showconfig paths.default 2>/dev/null | head -n1 | sed -e "s/^ssh:/http:/" >> ../source-stamp.txt - popd + + if [ "$PRODUCT" = "thunderbird" ]; then + pushd comm || exit 1 + hg update --check $TB_RELEASE_TAG + popd || exit 1 + rm -rf thunderbird-${VERSION}/{,comm/}other-licenses/7zstub + fi + popd || exit 1 echo "creating archive..." - tar $compression -cf firefox-$VERSION$VERSION_SUFFIX.source.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg --exclude=CVS firefox-$VERSION + tar $compression -cf $PRODUCT-$VERSION$VERSION_SUFFIX.source.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg --exclude=CVS $PRODUCT-$VERSION fi -# l10n -echo "fetching locales..." -test ! -d l10n && mkdir l10n -jq -r 'to_entries[]| "\(.key) \(.value|.revision)"' $LOCALE_FILE | \ - while read locale changeset ; do - case $locale in - ja-JP-mac|en-US) - ;; - *) - echo "reading changeset information for $locale" - echo "fetching $locale changeset $changeset ..." - hg clone http://hg.mozilla.org/l10n-central/$locale l10n/$locale - [ "$RELEASE_TAG" == "default" ] || hg -R l10n/$locale up -C -r $changeset - ;; - esac - done -echo "creating l10n archive..." -tar $compression -cf l10n-$VERSION$VERSION_SUFFIX.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg l10n +if [ ! -z ${SKIP_LOCALES+x} ]; then + echo "Skipping locales-creation." + exit 0 +fi + +if [ $LOCALES_CHANGED -ne 0 ]; then + # l10n + echo "fetching locales..." + test ! -d l10n && mkdir l10n + jq -r 'to_entries[]| "\(.key) \(.value|.revision)"' $LOCALE_FILE | \ + while read locale changeset ; do + case $locale in + ja-JP-mac|en-US) + ;; + *) + echo "reading changeset information for $locale" + echo "fetching $locale changeset $changeset ..." + if [ -d "l10n/$locale/.hg" ]; then + pushd "l10n/$locale" || exit 1 + hg pull + popd || exit 1 + else + hg clone "http://hg.mozilla.org/l10n-central/$locale" "l10n/$locale" + fi + [ "$FF_RELEASE_TAG" == "default" ] || hg -R "l10n/$locale" up -C -r "$changeset" + ;; + esac + done + echo "creating l10n archive..." +if [ "$PRODUCT" = "thunderbird" ]; then + TB_TAR_FLAGS="--exclude=browser --exclude=suite" +fi + tar $compression -cf l10n-$VERSION$VERSION_SUFFIX.tar.xz \ + --exclude=.hgtags --exclude=.hgignore --exclude=.hg \ + $TB_TAR_FLAGS \ + l10n +fi # compare-locales echo "creating compare-locales" -hg clone http://hg.mozilla.org/build/compare-locales +if [ -d compare-locales/.hg ]; then + pushd compare-locales || exit 1 + hg pull + popd || exit 1 +else + hg clone http://hg.mozilla.org/build/compare-locales +fi tar $compression -cf compare-locales.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg compare-locales diff --git a/firefox-67.0.4.source.tar.xz b/firefox-67.0.4.source.tar.xz deleted file mode 100644 index 1c4f325..0000000 --- a/firefox-67.0.4.source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b2fb2d3e64a6947ef4f8212b72649acf2aa2cd4c8f70548abb636dd581fd6dc5 -size 286036836 diff --git a/firefox-67.0.4.source.tar.xz.asc b/firefox-67.0.4.source.tar.xz.asc deleted file mode 100644 index 8ade5e7..0000000 --- a/firefox-67.0.4.source.tar.xz.asc +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.14 (GNU/Linux) - -iQIcBAABCAAGBQJdCt3FAAoJEPGmZo+7fVcuIJAP/32pus3uvJ5CJXAZOZI18sqk -hAVRv4QM8p5Z0CaK1Le/I7V2vD2y0JXHvsHKBYehFyl301QodTT0S/7j78eFz4Sd -0GcxUDLQFW8TOplEl1kcKchd95s2FaIHjnqk6Q+cJ046SN78LUojrdwSohC6v4O3 -Mn6lGCDYPcSlAOEAyisvaQM2hc894zvsVBw3yla8RhKxSuPTzLuDkQFKYN2rjhhh -FbB/8N7enNchlltcYdrr/ssHtNZLCdgNtGW1b62eWR3JZ9KJp8pLpkbZvFNnLENk -ZpHhu5GPy3m5ZVCUFSBuFaBmffCwsiJjVbAfTqnR4DMuFCbFwIUPDnjD/S/W1cS0 -Y2Sc89ts4lJAS1aACK6Ms5peEt9GWV0QUlEx6k+NVf8AybWqufFiyPQqLOQfbKQh -Y3OP8/DzHNLZQTUDXCP3rwT3fZKOLMIok7+wL2yha6Vs/bv+p7NEME/YJNPUX1v3 -i/PeEO/XKSkrP2alfmVMbwXf8k87Zqv3A+fI7IdHvRauehyfXdyCDQNvjh+v7im4 -iuozg5++frG6sxq5l8oOSUx6ANGWJ7krUG0AdW8rNTPhqnOTCVEd7UkI51Q2FTwg -mlfR0fde7kEBhsuqqaVEHBR+fqYRSutPFkMFsFHkQKvoPWnruFa7LbSPyhFdPhMC -mgCcUAqOk9vexxDjpra7 -=WJRz ------END PGP SIGNATURE----- diff --git a/firefox-68.0.source.tar.xz b/firefox-68.0.source.tar.xz new file mode 100644 index 0000000..d34da9d --- /dev/null +++ b/firefox-68.0.source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f7d61a08820088f1280d27f0808e355152c1dd0c94625fd077ced7319e522565 +size 315855672 diff --git a/firefox-68.0.source.tar.xz.asc b/firefox-68.0.source.tar.xz.asc new file mode 100644 index 0000000..fbc7cb2 --- /dev/null +++ b/firefox-68.0.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl0f/2YACgkQ8aZmj7t9 +Vy4Q9Q/7BUeGl3mPqCC+RMSQyp2r1hPouNj1aIzWgjmUCNk+2soKgYXFameB7/UT +nWejptelT261tAUdRUYfttXk+KBsT4wOMEf0UrlC7GTGllfwjoxc/JWUUmXpJTa6 +M9xAUIa6NJbXIGCfaRk/PRdz+TAjsLWLQsdavw5zcyMoNiYyTARO0ap1luUo/FAg +9aZ7MtBQ1z4C9B3vYuTH6qgGIA1wazstrNg4C4rgkHAXAzvYW9NMNAO53d0F9w1q +UVDw0VY7G27gOnrysTJH12Lb18AXFWPXWbF5gmxKbkpdjeGlC1q7GvLV+TAI3m7H +UL1fV3c8Y8+9TEJ0c95FvZwTcUmuNDJagt7bu/MNu7i9gyWBqucNnF3NgkmTR+EE +BG21l7lSGBh8s4vl4upoCUoQ/bpriMBw767++TA5uzvj7NZXsOwU4sY97gpiJJIa +0VwVjdHKjQTUITrHuH2hrqD0dNBL8FgFATXxVVEwDGxhiR5ZP9tduL+a/Sn2pcQd +D9v5tJ/3GSlfYJqIAiNMaq139BZBYStcibk99pct5WU5jH6conzx4QEAHM2eaFBX +f87G7PKEfvHiVhuUJF8sblbO1DSj0Qk08/bwcVjW8vTAEKcz7AIQw18FoNxlgcg+ +kIW6xfR/P/sLMnwgc9ZEvVd25AYBJ1qwyBDwwAlcEbEmYoftVJo= +=9AVI +-----END PGP SIGNATURE----- diff --git a/firefox-kde.patch b/firefox-kde.patch index 687fb2e..1746371 100644 --- a/firefox-kde.patch +++ b/firefox-kde.patch @@ -1,11 +1,20 @@ # HG changeset patch -# Parent 18632e53d0b0c4c03f254ca2dbbeac8f48ec6f5c +# User msirringhaus@suse.de +# Date 1559300151 -7200 +# Fri May 31 12:55:51 2019 +0200 +# Node ID 54d41b0033b8d649d842a1f862c6fed8b9874dec +# Parent 428161c3b9599083e1b8710eda1760f1f707ab11 +How to apply this patch: +1. Import and apply it +2. cp browser/base/content/browser.xul browser/base/content/browser-kde.xul +3. Find editBookmarkPanelDoneButton +4. Replace #ifndef with #ifdef in the line above (this hanges the button order from Gnome-style to KDE-style) +5. hg qrefresh -diff --git a/browser/base/content/browser-kde.xul b/browser/base/content/browser-kde.xul -new file mode 100644 ---- /dev/null -+++ b/browser/base/content/browser-kde.xul -@@ -0,0 +1,1404 @@ +diff -r 428161c3b959 -r 54d41b0033b8 browser/base/content/browser-kde.xul +--- /dev/null Thu Jan 01 00:00:00 1970 +0000 ++++ b/browser/base/content/browser-kde.xul Fri May 31 12:55:51 2019 +0200 +@@ -0,0 +1,1375 @@ +#filter substitution + +# -*- Mode: HTML -*- @@ -37,7 +46,6 @@ new file mode 100644 + + + -+ + +# All DTD information is stored in a separate file so that it can be shared by +# hiddenWindow.xul. @@ -89,10 +97,9 @@ new file mode 100644 +# that they can be shared with macWindow.inc.xul. +#include global-scripts.inc + -+