1 |
commit: 24be9040864532714aeeb3b5b35d73e7aa03db33 |
2 |
Author: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Dec 29 12:24:02 2019 +0000 |
4 |
Commit: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Dec 29 14:34:44 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=24be9040 |
7 |
|
8 |
net-libs/webkit-gtk: security bump to 2.26.2 |
9 |
|
10 |
* Add unconditional sandboxing support, if available for the arch. |
11 |
* Switch IUSE=gles2 to IUSE=gles2-only, as it is an alternative to |
12 |
USE=opengl, not a co-existing one. |
13 |
* USE=wayland now requires wpebackend-fdo and co for |
14 |
accelerated compositing under wayland, if opengl is enabled. |
15 |
* Re-enable IUSE=+jumbo-build for unified source builds - it was |
16 |
unconditionally enabled before, but with 2.26 disabling it |
17 |
finally seems to work. Disabling it seems to result in a 2MB |
18 |
larger library and over twice the compile time, but it may be |
19 |
crucial to low RAM systems to be able to even build webkit-gtk |
20 |
at all. |
21 |
* gtk2 plugin process is now dropped upstream - no more |
22 |
adobe-flash support. |
23 |
* geoclue is a runtime-only depend now (dbus interface). |
24 |
* GCC/clang checks updated to the best of my understanding. |
25 |
* Added ruby:2.7 support for the build-time depend on it. |
26 |
|
27 |
Bug: https://bugs.gentoo.org/699156 |
28 |
Package-Manager: Portage-2.3.79, Repoman-2.3.12 |
29 |
Signed-off-by: Mart Raudsepp <leio <AT> gentoo.org> |
30 |
|
31 |
net-libs/webkit-gtk/Manifest | 1 + |
32 |
net-libs/webkit-gtk/metadata.xml | 2 + |
33 |
net-libs/webkit-gtk/webkit-gtk-2.26.2.ebuild | 301 +++++++++++++++++++++++++++ |
34 |
profiles/base/package.use.force | 1 + |
35 |
4 files changed, 305 insertions(+) |
36 |
|
37 |
diff --git a/net-libs/webkit-gtk/Manifest b/net-libs/webkit-gtk/Manifest |
38 |
index 99e63863298..db8394225ff 100644 |
39 |
--- a/net-libs/webkit-gtk/Manifest |
40 |
+++ b/net-libs/webkit-gtk/Manifest |
41 |
@@ -1 +1,2 @@ |
42 |
DIST webkitgtk-2.24.4.tar.xz 17575784 BLAKE2B c30683ea365a50d7def572305b49278343d67739f9bd3cfd78cb08b5cc87b5453504df9b09752f8d6483b18b9b812f3d3cddc084762cfa8990fcc651660b89c2 SHA512 1d713955a735ae2e2229beea7bda7f518a6247c6aa7f5753aeb5b5c6395339d451d0d146f7188e7ba65cb82ea5a74a5e73e956fe59d5f5f97659a44af33df112 |
43 |
+DIST webkitgtk-2.26.2.tar.xz 19330000 BLAKE2B c0142aa19572c96e3dff11251316a4527be0357cf101177e056dd40aa9b5346216a4dcc14071d9c1240c101bd03f2179559d0d2bd81308967aba8530208186e0 SHA512 98d47282fd8f766dbe4a74c1a3f618aaeeeed69bd0666ed4e8674ae562b634681b3bd18b0d428df6bfefbaa3e18eb4cfb2fb077f5be4fed34cbc81c8293ec33e |
44 |
|
45 |
diff --git a/net-libs/webkit-gtk/metadata.xml b/net-libs/webkit-gtk/metadata.xml |
46 |
index 0d69dc72c24..e88c10a5699 100644 |
47 |
--- a/net-libs/webkit-gtk/metadata.xml |
48 |
+++ b/net-libs/webkit-gtk/metadata.xml |
49 |
@@ -10,6 +10,8 @@ |
50 |
<flag name="egl">Enable EGL support</flag> |
51 |
<flag name="geolocation">Enable geolocation support through <pkg>app-misc/geoclue</pkg></flag> |
52 |
<flag name="gles2">Enable GLESv2 support</flag> |
53 |
+ <flag name="gles2-only">Use GLES 2.0 or later instead of full OpenGL</flag> |
54 |
+ <flag name="jumbo-build">Combine source files to speed up build process</flag> |
55 |
<flag name="nsplugin">Enable full nsplugin support (GTK2 plugins)</flag> |
56 |
<flag name="webgl">Build support for the WebGL HTML API using <pkg>virtual/opengl</pkg></flag> |
57 |
</use> |
58 |
|
59 |
diff --git a/net-libs/webkit-gtk/webkit-gtk-2.26.2.ebuild b/net-libs/webkit-gtk/webkit-gtk-2.26.2.ebuild |
60 |
new file mode 100644 |
61 |
index 00000000000..5c3c199bdba |
62 |
--- /dev/null |
63 |
+++ b/net-libs/webkit-gtk/webkit-gtk-2.26.2.ebuild |
64 |
@@ -0,0 +1,301 @@ |
65 |
+# Copyright 1999-2019 Gentoo Authors |
66 |
+# Distributed under the terms of the GNU General Public License v2 |
67 |
+ |
68 |
+EAPI=6 |
69 |
+CMAKE_MAKEFILE_GENERATOR="ninja" |
70 |
+PYTHON_COMPAT=( python{2_7,3_5,3_6,3_7} ) |
71 |
+USE_RUBY="ruby24 ruby25 ruby26 ruby27" |
72 |
+CMAKE_MIN_VERSION=3.10 |
73 |
+ |
74 |
+inherit check-reqs cmake-utils flag-o-matic gnome2 pax-utils python-any-r1 ruby-single toolchain-funcs virtualx |
75 |
+ |
76 |
+MY_P="webkitgtk-${PV}" |
77 |
+DESCRIPTION="Open source web browser engine" |
78 |
+HOMEPAGE="https://www.webkitgtk.org" |
79 |
+SRC_URI="https://www.webkitgtk.org/releases/${MY_P}.tar.xz" |
80 |
+ |
81 |
+LICENSE="LGPL-2+ BSD" |
82 |
+SLOT="4/37" # soname version of libwebkit2gtk-4.0 |
83 |
+KEYWORDS="~amd64" |
84 |
+ |
85 |
+IUSE="aqua coverage doc +egl +geolocation gles2-only gnome-keyring +gstreamer +introspection +jpeg2k +jumbo-build libnotify +opengl seccomp spell wayland +webgl +X" |
86 |
+ |
87 |
+# webgl needs gstreamer, bug #560612 |
88 |
+# gstreamer with opengl/gles2 needs egl |
89 |
+REQUIRED_USE=" |
90 |
+ gles2-only? ( egl !opengl ) |
91 |
+ gstreamer? ( opengl? ( egl ) ) |
92 |
+ webgl? ( gstreamer |
93 |
+ || ( gles2-only opengl ) ) |
94 |
+ wayland? ( egl ) |
95 |
+ || ( aqua wayland X ) |
96 |
+" |
97 |
+ |
98 |
+# Tests fail to link for inexplicable reasons |
99 |
+# https://bugs.webkit.org/show_bug.cgi?id=148210 |
100 |
+RESTRICT="test" |
101 |
+ |
102 |
+# Aqua support in gtk3 is untested |
103 |
+# Dependencies found at Source/cmake/OptionsGTK.cmake |
104 |
+# Various compile-time optionals for gtk+-3.22.0 - ensure it |
105 |
+# Missing OpenWebRTC checks and conditionals, but ENABLE_MEDIA_STREAM/ENABLE_WEB_RTC is experimental upstream (PRIVATE OFF) |
106 |
+# >=gst-plugins-opus-1.14.4-r1 for opusparse (required by MSE) |
107 |
+wpe_depend=" |
108 |
+ >=gui-libs/libwpe-1.3.0:1.0 |
109 |
+ >=gui-libs/wpebackend-fdo-1.3.1:1.0 |
110 |
+" |
111 |
+RDEPEND=" |
112 |
+ >=x11-libs/cairo-1.16.0:=[X?] |
113 |
+ >=media-libs/fontconfig-2.13.0:1.0 |
114 |
+ >=media-libs/freetype-2.9.0:2 |
115 |
+ >=dev-libs/libgcrypt-1.7.0:0= |
116 |
+ >=x11-libs/gtk+-3.22.0:3[aqua?,introspection?,wayland?,X?] |
117 |
+ >=media-libs/harfbuzz-1.4.2:=[icu(+)] |
118 |
+ >=dev-libs/icu-3.8.1-r1:= |
119 |
+ virtual/jpeg:0= |
120 |
+ >=net-libs/libsoup-2.54:2.4[introspection?] |
121 |
+ >=dev-libs/libxml2-2.8.0:2 |
122 |
+ >=media-libs/libpng-1.4:0= |
123 |
+ dev-db/sqlite:3= |
124 |
+ sys-libs/zlib:0 |
125 |
+ >=dev-libs/atk-2.16.0 |
126 |
+ media-libs/libwebp:= |
127 |
+ |
128 |
+ >=dev-libs/glib-2.44.0:2 |
129 |
+ >=dev-libs/libxslt-1.1.7 |
130 |
+ media-libs/woff2 |
131 |
+ gnome-keyring? ( app-crypt/libsecret ) |
132 |
+ introspection? ( >=dev-libs/gobject-introspection-1.32.0:= ) |
133 |
+ dev-libs/libtasn1:= |
134 |
+ spell? ( >=app-text/enchant-0.22:= ) |
135 |
+ gstreamer? ( |
136 |
+ >=media-libs/gstreamer-1.14:1.0 |
137 |
+ >=media-libs/gst-plugins-base-1.14:1.0[egl?,opengl?] |
138 |
+ gles2-only? ( media-libs/gst-plugins-base:1.0[gles2] ) |
139 |
+ >=media-plugins/gst-plugins-opus-1.14.4-r1:1.0 |
140 |
+ >=media-libs/gst-plugins-bad-1.14:1.0 ) |
141 |
+ |
142 |
+ X? ( |
143 |
+ x11-libs/libX11 |
144 |
+ x11-libs/libXcomposite |
145 |
+ x11-libs/libXdamage |
146 |
+ x11-libs/libXrender |
147 |
+ x11-libs/libXt ) |
148 |
+ |
149 |
+ libnotify? ( x11-libs/libnotify ) |
150 |
+ dev-libs/hyphen |
151 |
+ jpeg2k? ( >=media-libs/openjpeg-2.2.0:2= ) |
152 |
+ |
153 |
+ egl? ( media-libs/mesa[egl] ) |
154 |
+ gles2-only? ( media-libs/mesa[gles2] ) |
155 |
+ opengl? ( virtual/opengl ) |
156 |
+ wayland? ( |
157 |
+ opengl? ( ${wpe_depend} ) |
158 |
+ gles2-only? ( ${wpe_depend} ) |
159 |
+ ) |
160 |
+ webgl? ( |
161 |
+ x11-libs/libXcomposite |
162 |
+ x11-libs/libXdamage ) |
163 |
+ |
164 |
+ seccomp? ( |
165 |
+ >=sys-apps/bubblewrap-0.3.1 |
166 |
+ sys-libs/libseccomp |
167 |
+ sys-apps/xdg-dbus-proxy |
168 |
+ ) |
169 |
+" |
170 |
+unset wpe_depend |
171 |
+# paxctl needed for bug #407085 |
172 |
+# Need real bison, not yacc |
173 |
+DEPEND="${RDEPEND} |
174 |
+ ${PYTHON_DEPS} |
175 |
+ ${RUBY_DEPS} |
176 |
+ >=app-accessibility/at-spi2-core-2.5.3 |
177 |
+ dev-util/glib-utils |
178 |
+ >=dev-util/gtk-doc-am-1.10 |
179 |
+ >=dev-util/gperf-3.0.1 |
180 |
+ >=sys-devel/bison-2.4.3 |
181 |
+ || ( >=sys-devel/gcc-7.3 >=sys-devel/clang-3.3 ) |
182 |
+ sys-devel/gettext |
183 |
+ virtual/pkgconfig |
184 |
+ |
185 |
+ >=dev-lang/perl-5.10 |
186 |
+ virtual/perl-Data-Dumper |
187 |
+ virtual/perl-Carp |
188 |
+ virtual/perl-JSON-PP |
189 |
+ |
190 |
+ doc? ( >=dev-util/gtk-doc-1.10 ) |
191 |
+ geolocation? ( dev-util/gdbus-codegen ) |
192 |
+" |
193 |
+# test? ( |
194 |
+# dev-python/pygobject:3[python_targets_python2_7] |
195 |
+# x11-themes/hicolor-icon-theme |
196 |
+# jit? ( sys-apps/paxctl ) ) |
197 |
+RDEPEND="${RDEPEND} |
198 |
+ geolocation? ( >=app-misc/geoclue-2.1.5:2.0 ) |
199 |
+" |
200 |
+ |
201 |
+S="${WORKDIR}/${MY_P}" |
202 |
+ |
203 |
+CHECKREQS_DISK_BUILD="18G" # and even this might not be enough, bug #417307 |
204 |
+ |
205 |
+pkg_pretend() { |
206 |
+ if [[ ${MERGE_TYPE} != "binary" ]] ; then |
207 |
+ if is-flagq "-g*" && ! is-flagq "-g*0" ; then |
208 |
+ einfo "Checking for sufficient disk space to build ${PN} with debugging CFLAGS" |
209 |
+ check-reqs_pkg_pretend |
210 |
+ fi |
211 |
+ |
212 |
+ if ! test-flag-CXX -std=c++17 ; then |
213 |
+ die "You need at least GCC 7.3.x or Clang >= 5 for C++17-specific compiler flags" |
214 |
+ fi |
215 |
+ |
216 |
+ if tc-is-gcc && [[ $(gcc-version) < 7.3 ]] ; then |
217 |
+ die 'The active compiler needs to be gcc 7.3 (or newer)' |
218 |
+ fi |
219 |
+ fi |
220 |
+ |
221 |
+ if ! use opengl && ! use gles2-only; then |
222 |
+ ewarn |
223 |
+ ewarn "You are disabling OpenGL usage (USE=opengl or USE=gles-only) completely." |
224 |
+ ewarn "This is an unsupported configuration meant for very specific embedded" |
225 |
+ ewarn "use cases, where there truly is no GL possible (and even that use case" |
226 |
+ ewarn "is very unlikely to come by). If you have GL (even software-only), you" |
227 |
+ ewarn "really really should be enabling OpenGL!" |
228 |
+ ewarn |
229 |
+ fi |
230 |
+} |
231 |
+ |
232 |
+pkg_setup() { |
233 |
+ if [[ ${MERGE_TYPE} != "binary" ]] && is-flagq "-g*" && ! is-flagq "-g*0" ; then |
234 |
+ check-reqs_pkg_setup |
235 |
+ fi |
236 |
+ |
237 |
+ python-any-r1_pkg_setup |
238 |
+} |
239 |
+ |
240 |
+src_prepare() { |
241 |
+ eapply "${FILESDIR}/${PN}-2.24.4-icu-65.patch" # bug 698596 |
242 |
+ eapply "${FILESDIR}/${PN}-2.24.4-eglmesaext-include.patch" # bug 699054 # https://bugs.webkit.org/show_bug.cgi?id=204108 |
243 |
+ cmake-utils_src_prepare |
244 |
+ gnome2_src_prepare |
245 |
+} |
246 |
+ |
247 |
+src_configure() { |
248 |
+ # Respect CC, otherwise fails on prefix #395875 |
249 |
+ tc-export CC |
250 |
+ |
251 |
+ # It does not compile on alpha without this in LDFLAGS |
252 |
+ # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648761 |
253 |
+ use alpha && append-ldflags "-Wl,--no-relax" |
254 |
+ |
255 |
+ # ld segfaults on ia64 with LDFLAGS --as-needed, bug #555504 |
256 |
+ use ia64 && append-ldflags "-Wl,--no-as-needed" |
257 |
+ |
258 |
+ # Sigbuses on SPARC with mcpu and co., bug #??? |
259 |
+ use sparc && filter-flags "-mvis" |
260 |
+ |
261 |
+ # https://bugs.webkit.org/show_bug.cgi?id=42070 , #301634 |
262 |
+ use ppc64 && append-flags "-mminimal-toc" |
263 |
+ |
264 |
+ # Try to use less memory, bug #469942 (see Fedora .spec for reference) |
265 |
+ # --no-keep-memory doesn't work on ia64, bug #502492 |
266 |
+ if ! use ia64; then |
267 |
+ append-ldflags "-Wl,--no-keep-memory" |
268 |
+ fi |
269 |
+ |
270 |
+ # We try to use gold when possible for this package |
271 |
+# if ! tc-ld-is-gold ; then |
272 |
+# append-ldflags "-Wl,--reduce-memory-overheads" |
273 |
+# fi |
274 |
+ |
275 |
+ # Multiple rendering bugs on youtube, github, etc without this, bug #547224 |
276 |
+ append-flags $(test-flags -fno-strict-aliasing) |
277 |
+ |
278 |
+ # Ruby situation is a bit complicated. See bug 513888 |
279 |
+ local rubyimpl |
280 |
+ local ruby_interpreter="" |
281 |
+ for rubyimpl in ${USE_RUBY}; do |
282 |
+ if has_version "virtual/rubygems[ruby_targets_${rubyimpl}]"; then |
283 |
+ ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ${rubyimpl})" |
284 |
+ fi |
285 |
+ done |
286 |
+ # This will rarely occur. Only a couple of corner cases could lead us to |
287 |
+ # that failure. See bug 513888 |
288 |
+ [[ -z $ruby_interpreter ]] && die "No suitable ruby interpreter found" |
289 |
+ |
290 |
+ # TODO: Check Web Audio support |
291 |
+ # should somehow let user select between them? |
292 |
+ # |
293 |
+ # FTL_JIT requires llvm |
294 |
+ # |
295 |
+ # opengl needs to be explicetly handled, bug #576634 |
296 |
+ |
297 |
+ local use_wpe_renderer=OFF |
298 |
+ local opengl_enabled |
299 |
+ if use opengl || use gles2-only; then |
300 |
+ opengl_enabled=ON |
301 |
+ use wayland && use_wpe_renderer=ON |
302 |
+ else |
303 |
+ opengl_enabled=OFF |
304 |
+ fi |
305 |
+ |
306 |
+ local mycmakeargs=( |
307 |
+ -DENABLE_UNIFIED_BUILDS=$(usex jumbo-build) |
308 |
+ -DENABLE_QUARTZ_TARGET=$(usex aqua) |
309 |
+ -DENABLE_API_TESTS=$(usex test) |
310 |
+ -DENABLE_GTKDOC=$(usex doc) |
311 |
+ -DENABLE_GEOLOCATION=$(usex geolocation) # Runtime optional (talks over dbus service) |
312 |
+ $(cmake-utils_use_find_package gles2-only OpenGLES2) |
313 |
+ -DENABLE_GLES2=$(usex gles2-only) |
314 |
+ -DENABLE_VIDEO=$(usex gstreamer) |
315 |
+ -DENABLE_WEB_AUDIO=$(usex gstreamer) |
316 |
+ -DENABLE_INTROSPECTION=$(usex introspection) |
317 |
+ -DUSE_LIBNOTIFY=$(usex libnotify) |
318 |
+ -DUSE_LIBSECRET=$(usex gnome-keyring) |
319 |
+ -DUSE_OPENJPEG=$(usex jpeg2k) |
320 |
+ -DUSE_WOFF2=ON |
321 |
+ -DENABLE_SPELLCHECK=$(usex spell) |
322 |
+ -DENABLE_WAYLAND_TARGET=$(usex wayland) |
323 |
+ -DUSE_WPE_RENDERER=${use_wpe_renderer} # WPE renderer is used to implement accelerated compositing under wayland |
324 |
+ -DENABLE_WEBGL=$(usex webgl) |
325 |
+ $(cmake-utils_use_find_package egl EGL) |
326 |
+ $(cmake-utils_use_find_package opengl OpenGL) |
327 |
+ -DENABLE_X11_TARGET=$(usex X) |
328 |
+ -DENABLE_OPENGL=${opengl_enabled} |
329 |
+ -DENABLE_BUBBLEWRAP_SANDBOX=$(usex seccomp) |
330 |
+ -DBWRAP_EXECUTABLE="${EPREFIX}"/usr/bin/bwrap # If bubblewrap[suid] then portage makes it go-r and cmake find_program fails with that |
331 |
+ -DCMAKE_BUILD_TYPE=Release |
332 |
+ -DPORT=GTK |
333 |
+ ${ruby_interpreter} |
334 |
+ ) |
335 |
+ |
336 |
+ # Allow it to use GOLD when possible as it has all the magic to |
337 |
+ # detect when to use it and using gold for this concrete package has |
338 |
+ # multiple advantages and is also the upstream default, bug #585788 |
339 |
+# if tc-ld-is-gold ; then |
340 |
+# mycmakeargs+=( -DUSE_LD_GOLD=ON ) |
341 |
+# else |
342 |
+# mycmakeargs+=( -DUSE_LD_GOLD=OFF ) |
343 |
+# fi |
344 |
+ |
345 |
+ cmake-utils_src_configure |
346 |
+} |
347 |
+ |
348 |
+src_compile() { |
349 |
+ cmake-utils_src_compile |
350 |
+} |
351 |
+ |
352 |
+src_test() { |
353 |
+ # Prevents test failures on PaX systems |
354 |
+ pax-mark m $(list-paxables Programs/*[Tt]ests/*) # Programs/unittests/.libs/test* |
355 |
+ |
356 |
+ cmake-utils_src_test |
357 |
+} |
358 |
+ |
359 |
+src_install() { |
360 |
+ cmake-utils_src_install |
361 |
+ |
362 |
+ # Prevents crashes on PaX systems, bug #522808 |
363 |
+ pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/jsc" "${ED}usr/libexec/webkit2gtk-4.0/WebKitWebProcess" |
364 |
+ pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess" |
365 |
+} |
366 |
|
367 |
diff --git a/profiles/base/package.use.force b/profiles/base/package.use.force |
368 |
index f6299e8d00b..bd35fdae724 100644 |
369 |
--- a/profiles/base/package.use.force |
370 |
+++ b/profiles/base/package.use.force |
371 |
@@ -50,6 +50,7 @@ sys-libs/ncurses-compat tinfo |
372 |
gnome-base/gnome-desktop seccomp |
373 |
app-misc/tracker-miners seccomp |
374 |
>gnome-base/nautilus-3.29 seccomp |
375 |
+net-libs/webkit-gtk seccomp |
376 |
|
377 |
# Andreas K. Hüttel <dilfridge@g.o> (2018-09-11) |
378 |
# All glibc versions that include RPC code are masked now. |