Skip to content

Comments

palemoon: 29.4.4 -> 30.0.0#164868

Merged
AndersonTorres merged 1 commit intoNixOS:masterfrom
OPNA2608:update/palemoon
Mar 20, 2022
Merged

palemoon: 29.4.4 -> 30.0.0#164868
AndersonTorres merged 1 commit intoNixOS:masterfrom
OPNA2608:update/palemoon

Conversation

@OPNA2608
Copy link
Contributor

@OPNA2608 OPNA2608 commented Mar 19, 2022
edited
Loading

Description of changes

https://www.palemoon.org/releasenotes.shtml

Updated various in-tree libraries: cubeb, sqlite, cairo, ...
Fixed an issue with the Linux desktop shortcut file to solve potential DE integration problems on common distributions.
Fixed an issue with page and iframe content margins not being applied properly when passed as attributes instead of CSS.
Ensured JavaScript and JSON files are always recognized as known MIME types so they can be opened appropriately from local sources.
Fixed an issue with rapid loading and unloading of js modules causing browser crashes.
Fixed an issue with tooltips being cut off at the end if containing exceedingly long unwrappable series of characters.
Fixed several application crash scenarios. DiD
Fixed a large number of thread locking/mutex issues. DiD
Fixed a leak of content types due to inconsistent error reporting. (CVE-2022-22760)
Fixed an issue with iframe sandboxing not being properly applied. (CVE-2022-22759)
Fixed a potential leak of bookmarks from the exported bookmarks file if it included a malicious bookmarklet.
Fixed an issue with drag-and-drop. (CVE-2022-22756)
Fixed a potential crash due to truncated WAV files.
Fixed a memory safety issue with XSLT. (CVE-2022-26485)

WIP. mach build & mach install complete but the rest of installPhase needs to be updated.

 1:59.39(B '/nix/store/by69zqgj36k242p9xkwr4l6pwfx6hlsf-palemoon-30.0.0/bin/palemoon' -> '/nix/store/by69zqgj36k242p9xkwr4l6pwfx6hlsf-palemoon-30.0.0/lib/palemoon-30.0.0/palemoon'
 1:59.39(B To run the installed application, execute: .//nix/store/by69zqgj36k242p9xkwr4l6pwfx6hlsf-palemoon-30.0.0/bin/palemoon .
 1:59.39(B make[1]: Leaving directory '/build/source/obj-x86_64-pc-linux-gnu/browser/installer'
 1:59.39(B make: Leaving directory '/build/source/obj-x86_64-pc-linux-gnu'
substitute(): ERROR: file './palemoon/branding/official/palemoon.desktop' does not exist
builder for '/nix/store/d36gz3wkl6lygkqlzdr588w7ggfid6fl-palemoon-30.0.0.drv' failed with exit code 1
error: build of '/nix/store/d36gz3wkl6lygkqlzdr588w7ggfid6fl-palemoon-30.0.0.drv' failed
Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 22.05 Release Notes (or backporting 21.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
    • (Release notes changes) Ran nixos/doc/manual/md-to-db.sh to update generated release notes
  • Fits CONTRIBUTING.md.

@OPNA2608 OPNA2608 added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-21.11 labels Mar 19, 2022
@ofborg ofborg bot requested a review from AndersonTorres March 19, 2022 15:51
@ofborg ofborg bot added 11.by: package-maintainer This PR was created by a maintainer of all the package it changes. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. labels Mar 19, 2022
@OPNA2608
Copy link
Contributor Author

OPNA2608 commented Mar 19, 2022
edited
Loading

After figuring out where the branding was moved to & what workarounds upstream deprecated, it seems to work.

Bildschirmfoto von 2022-03-19 19-01-50

Their infra currently seems to have some problems, keeping it a draft until it's available again.

@OPNA2608 OPNA2608 changed the title WIP palemoon: 29.4.4 -> 30.0.0 palemoon: 29.4.4 -> 30.0.0 Mar 19, 2022
@OPNA2608
Copy link
Contributor Author

OPNA2608 commented Mar 20, 2022

@ofborg eval

@OPNA2608 OPNA2608 marked this pull request as ready for review March 20, 2022 09:41
AndersonTorres
AndersonTorres reviewed Mar 20, 2022
View reviewed changes
pkgs/applications/networking/browsers/palemoon/default.nix
n=''${iconname//[^0-9]/}
size=$n"x"$n
install -Dm644 ./palemoon/branding/official/$iconname.png $out/share/icons/hicolor/$size/apps/palemoon.png
install -Dm644 ./other-licenses/branding/palemoon/official/$iconname.png $out/share/icons/hicolor/$size/apps/palemoon.png
Copy link
Member

@AndersonTorres AndersonTorres Mar 20, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does other-licenses mean here?
Yes, it is just a directory name, but is there something we should pay attention here?

Copy link
Contributor Author

@OPNA2608 OPNA2608 Mar 20, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All branding ("official", "beta", "unstable" etc) except the MPL2.0-licensed "unofficial" one (which is included for building convenience and intended to be replaced for distribution) has been moved to other-licenses/branding/palemoon in this major release.

The licensing situation itself is unchanged: The branding is (and always have been) under a non-MPL2.0 license that gives Moonchild Productions exclusive ownership of the branding & "Pale Moon" name. This post outlines when the official branding may be used for distributed source builds.

tl;dr just the same as always w/r/t permitted compilers, mozconfig settings, use of in-tree libraries, no modifications to defaults etc.

Copy link
Member

@AndersonTorres AndersonTorres Mar 20, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK then!

@AndersonTorres AndersonTorres merged commit bef8290 into NixOS:master Mar 20, 2022
@github-actions github-actions bot mentioned this pull request Mar 20, 2022
Closed
1 task
@github-actions
Copy link
Contributor

github-actions bot commented Mar 20, 2022

Successfully created backport PR #165016 for release-21.11.

@OPNA2608
Copy link
Contributor Author

OPNA2608 commented Mar 22, 2022
edited
Loading

After the infra outage, the v30 milestone was recalled: https://forum.palemoon.org/viewtopic.php?f=1&t=28044.

Bildschirmfoto von 2022-03-22 07-57-52

I think we should revert this bump until further news from upstream: https://forum.palemoon.org/viewtopic.php?f=5&t=28047#p225457

While 30.0.1 is safe to use, I do recommend people who need/want more than the base browser to go back to 29.4.4
I'm working on a security update 29.4.5 to then give me breathing room to make 30.1 happen, which will be offered as a normal update when it is done.

@OPNA2608 OPNA2608 mentioned this pull request Mar 22, 2022
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@AndersonTorres AndersonTorres AndersonTorres left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. 11.by: package-maintainer This PR was created by a maintainer of all the package it changes.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@OPNA2608 @AndersonTorres