1 |
commit: e66f923a9e2f5bc4ac35e24502c159cbfe759f6b |
2 |
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jul 6 09:18:25 2022 +0000 |
4 |
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jul 6 10:27:27 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e66f923a |
7 |
|
8 |
dev-qt/qtwebengine: Cleanup vulnerable 5.15.4_p20220526 |
9 |
|
10 |
Bug: https://bugs.gentoo.org/853229 |
11 |
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> |
12 |
|
13 |
dev-qt/qtwebengine/Manifest | 1 - |
14 |
.../qtwebengine-5.15.4_p20220526.ebuild | 280 --------------------- |
15 |
2 files changed, 281 deletions(-) |
16 |
|
17 |
diff --git a/dev-qt/qtwebengine/Manifest b/dev-qt/qtwebengine/Manifest |
18 |
index 812fa7b3fb44..282326e1c880 100644 |
19 |
--- a/dev-qt/qtwebengine/Manifest |
20 |
+++ b/dev-qt/qtwebengine/Manifest |
21 |
@@ -1,5 +1,4 @@ |
22 |
DIST qtwebengine-5.15.2-r1-chromium87-ppc64le.tar.xz 28784 BLAKE2B aa101d14446f3282fda8932cc75a249d88b79319f0886d95777292776d94ac5f4fc114c3893b2801fbba6abb14f381172bb14b15b5ffef12413db3a16e4d1ca6 SHA512 3324e0076eb18e2ae2248428d2730cfb3413761514b2bb57e25b8db79248aaaa8098d9f7cebfa08f1a3b39b1d0a382aafed75c5ae8273918909335957921305e |
23 |
DIST qtwebengine-5.15.2_p20211019-jumbo-build.patch.bz2 2930 BLAKE2B fca1d1406874d04eafb64bb4d8730512a6307ba44fb99d76f428ca1bd4a303758e0c3bd8f92a59f7bcf62e5b767c5a8ed239028bdb74ad7a8b62abf88d38c101 SHA512 61cbfbe4ff340b75ea8d356e031e932ac03fe65dd009999ff897ca4b0185d1d989490daf75ffeaaabb3e92c870c11c7ff8ad2cd6372f5363b3d774b8ecca6d89 |
24 |
DIST qtwebengine-5.15.3_p20220406-patchset.tar.xz 35480 BLAKE2B ce6aeebbb3255196611130d04ee7a3907ba45d6d2a283f2433e2176cf67e473e74137b180de0a9998762cc54439bb06825815e81e9f95f9413ce2956ac9308b7 SHA512 47e29a1429dce2db324929af91c8ef8421c75ae48f5a491db71b434f8017a5b1e7475e9938989e331e8e012220852848565242e09747892e1a8a8d3ab7386840 |
25 |
-DIST qtwebengine-5.15.4_p20220526.tar.xz 318787804 BLAKE2B 946331d1460f2db43730c7a1f506690eb1f6f25438e52ff627fff0776cbca439cde2d2654679a238ce0384b0a92bf8eb84db97d1093b2a733dd97fa08bf4c864 SHA512 a27d31ef46b5841fec91c10b91c3c1735ace77fde17fa09018836f8d11d85b34b08318b150b791a68efde59c1317109633e938dfbb5542c22033e8ba0ce46cad |
26 |
DIST qtwebengine-5.15.5_p20220618.tar.xz 320131236 BLAKE2B 842322c94737cdf647277ccf226c0d015ac0b362af54c4298cbad6b4494aa4ef0e73830577fb391be31c91b4331b85f407ec58641897a7cc7237e7623043577d SHA512 b1bab7aa5edc7f7b9d4f8338a05dbbd55ae6e0312e1a7e6061895bd7a98c67780127c20db1dbbc81664bf483a5b8f7ed887cedd1baaa1a0259e28fd4b13d6944 |
27 |
|
28 |
diff --git a/dev-qt/qtwebengine/qtwebengine-5.15.4_p20220526.ebuild b/dev-qt/qtwebengine/qtwebengine-5.15.4_p20220526.ebuild |
29 |
deleted file mode 100644 |
30 |
index 9ba4c484f9b3..000000000000 |
31 |
--- a/dev-qt/qtwebengine/qtwebengine-5.15.4_p20220526.ebuild |
32 |
+++ /dev/null |
33 |
@@ -1,280 +0,0 @@ |
34 |
-# Copyright 1999-2022 Gentoo Authors |
35 |
-# Distributed under the terms of the GNU General Public License v2 |
36 |
- |
37 |
-EAPI=8 |
38 |
- |
39 |
-PYTHON_COMPAT=( python3_{9,10} ) |
40 |
-PYTHON_REQ_USE="xml(+)" |
41 |
-inherit check-reqs estack flag-o-matic multiprocessing python-any-r1 qt5-build toolchain-funcs |
42 |
- |
43 |
-DESCRIPTION="Library for rendering dynamic web content in Qt5 C++ and QML applications" |
44 |
-HOMEPAGE="https://www.qt.io/" |
45 |
- |
46 |
-if [[ ${QT5_BUILD_TYPE} == release ]]; then |
47 |
- KEYWORDS="amd64 ~arm arm64 ~ppc64 x86" |
48 |
- if [[ ${PV} == ${QT5_PV}_p* ]]; then |
49 |
- SRC_URI="https://dev.gentoo.org/~asturm/distfiles/${P}.tar.xz" |
50 |
- S="${WORKDIR}/${P}" |
51 |
- QT5_BUILD_DIR="${S}_build" |
52 |
- fi |
53 |
-else |
54 |
- EGIT_BRANCH="5.15" |
55 |
- EGIT_REPO_URI=( |
56 |
- "https://code.qt.io/qt/${QT5_MODULE}.git" |
57 |
- "https://github.com/qt/${QT5_MODULE}.git" |
58 |
- ) |
59 |
- inherit git-r3 |
60 |
-fi |
61 |
- |
62 |
-# ppc64 patchset based on https://github.com/chromium-ppc64le releases |
63 |
-SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${PN}-5.15.2_p20211019-jumbo-build.patch.bz2 |
64 |
- https://dev.gentoo.org/~asturm/distfiles/${PN}-5.15.3_p20220406-patchset.tar.xz |
65 |
- ppc64? ( https://dev.gentoo.org/~gyakovlev/distfiles/${PN}-5.15.2-r1-chromium87-ppc64le.tar.xz )" |
66 |
- |
67 |
-IUSE="alsa bindist designer geolocation +jumbo-build kerberos pulseaudio screencast +system-ffmpeg +system-icu widgets" |
68 |
-REQUIRED_USE="designer? ( widgets )" |
69 |
- |
70 |
-RDEPEND=" |
71 |
- app-arch/snappy:= |
72 |
- dev-libs/glib:2 |
73 |
- dev-libs/nspr |
74 |
- dev-libs/nss |
75 |
- dev-libs/expat |
76 |
- dev-libs/libevent:= |
77 |
- dev-libs/libxml2[icu] |
78 |
- dev-libs/libxslt |
79 |
- dev-libs/re2:= |
80 |
- =dev-qt/qtcore-${QT5_PV}* |
81 |
- =dev-qt/qtdeclarative-${QT5_PV}* |
82 |
- =dev-qt/qtgui-${QT5_PV}* |
83 |
- =dev-qt/qtnetwork-${QT5_PV}* |
84 |
- =dev-qt/qtprintsupport-${QT5_PV}* |
85 |
- =dev-qt/qtwebchannel-${QT5_PV}*[qml] |
86 |
- media-libs/fontconfig |
87 |
- media-libs/freetype |
88 |
- media-libs/harfbuzz:= |
89 |
- media-libs/lcms:2 |
90 |
- media-libs/libjpeg-turbo:= |
91 |
- media-libs/libpng:0= |
92 |
- >=media-libs/libvpx-1.5:=[svc(+)] |
93 |
- media-libs/libwebp:= |
94 |
- media-libs/opus |
95 |
- sys-apps/dbus |
96 |
- sys-apps/pciutils |
97 |
- sys-libs/zlib[minizip] |
98 |
- virtual/libudev |
99 |
- x11-libs/libdrm |
100 |
- x11-libs/libX11 |
101 |
- x11-libs/libXcomposite |
102 |
- x11-libs/libXcursor |
103 |
- x11-libs/libXdamage |
104 |
- x11-libs/libXext |
105 |
- x11-libs/libXfixes |
106 |
- x11-libs/libXi |
107 |
- x11-libs/libxkbfile |
108 |
- x11-libs/libXrandr |
109 |
- x11-libs/libXrender |
110 |
- x11-libs/libXScrnSaver |
111 |
- x11-libs/libXtst |
112 |
- alsa? ( media-libs/alsa-lib ) |
113 |
- designer? ( =dev-qt/designer-${QT5_PV}* ) |
114 |
- geolocation? ( =dev-qt/qtpositioning-${QT5_PV}* ) |
115 |
- kerberos? ( virtual/krb5 ) |
116 |
- pulseaudio? ( media-sound/pulseaudio:= ) |
117 |
- screencast? ( media-video/pipewire:= ) |
118 |
- system-ffmpeg? ( media-video/ffmpeg:0= ) |
119 |
- system-icu? ( >=dev-libs/icu-69.1:= ) |
120 |
- widgets? ( |
121 |
- =dev-qt/qtdeclarative-${QT5_PV}*[widgets] |
122 |
- =dev-qt/qtwidgets-${QT5_PV}* |
123 |
- ) |
124 |
-" |
125 |
-DEPEND="${RDEPEND} |
126 |
- media-libs/libglvnd |
127 |
-" |
128 |
-BDEPEND="${PYTHON_DEPS} |
129 |
- dev-util/gperf |
130 |
- dev-util/ninja |
131 |
- dev-util/re2c |
132 |
- net-libs/nodejs[ssl] |
133 |
- sys-devel/bison |
134 |
- sys-devel/flex |
135 |
- ppc64? ( >=dev-util/gn-0.1807 ) |
136 |
-" |
137 |
- |
138 |
-PATCHES=( |
139 |
- "${FILESDIR}/${PN}-5.15.2-disable-fatal-warnings.patch" # downstream, bug 695446 |
140 |
- "${FILESDIR}/${PN}-5.15.3_p20220505-extra-gn.patch" # downstream, bug 774186 |
141 |
- "${FILESDIR}/${PN}-5.15.2_p20210224-chromium-87-v8-icu68.patch" # downstream, bug 757606 |
142 |
- "${FILESDIR}/${PN}-5.15.2_p20210224-disable-git.patch" # downstream snapshot fix |
143 |
- "${FILESDIR}/${PN}-5.15.2_p20211015-pdfium-system-lcms2.patch" # by Debian, QTBUG-61746 |
144 |
- "${FILESDIR}/${PN}-5.15.3_p20220329-clang14.patch" # by FreeBSD, bug 836604 |
145 |
- "${FILESDIR}/${PN}-5.15.3_p20220406-gcc12-includes.patch" # by openSUSE, bug 840326 |
146 |
- "${WORKDIR}/${PN}-5.15.2_p20211019-jumbo-build.patch" # bug 813957 |
147 |
- "${WORKDIR}/${PN}-5.15.3_p20220406-patchset" # bug 698988 (py2--), pipewire-3 |
148 |
-) |
149 |
- |
150 |
-qtwebengine_check-reqs() { |
151 |
- # bug #307861 |
152 |
- eshopts_push -s extglob |
153 |
- if is-flagq '-g?(gdb)?([1-9])'; then |
154 |
- ewarn "You have enabled debug info (probably have -g or -ggdb in your CFLAGS/CXXFLAGS)." |
155 |
- ewarn "You may experience really long compilation times and/or increased memory usage." |
156 |
- ewarn "If compilation fails, please try removing -g/-ggdb before reporting a bug." |
157 |
- fi |
158 |
- eshopts_pop |
159 |
- |
160 |
- [[ ${MERGE_TYPE} == binary ]] && return |
161 |
- |
162 |
- # (check-reqs added for bug #570534) |
163 |
- # |
164 |
- # Estimate the amount of RAM required |
165 |
- # Multiplier is *10 because Bash doesn't do floating point maths. |
166 |
- # Let's crudely assume ~2GB per compiler job for GCC. |
167 |
- local multiplier=20 |
168 |
- |
169 |
- # And call it ~1.5GB for Clang. |
170 |
- if tc-is-clang ; then |
171 |
- multiplier=15 |
172 |
- fi |
173 |
- |
174 |
- local CHECKREQS_DISK_BUILD="7G" |
175 |
- local CHECKREQS_DISK_USR="150M" |
176 |
- if ! has "distcc" ${FEATURES} ; then |
177 |
- # bug #830661 |
178 |
- # Not super realistic to come up with good estimates for distcc right now |
179 |
- local CHECKREQS_MEMORY=$(($(makeopts_jobs)*multiplier/10))G |
180 |
- fi |
181 |
- |
182 |
- check-reqs_${EBUILD_PHASE_FUNC} |
183 |
-} |
184 |
- |
185 |
-pkg_pretend() { |
186 |
- qtwebengine_check-reqs |
187 |
-} |
188 |
- |
189 |
-pkg_setup() { |
190 |
- qtwebengine_check-reqs |
191 |
- python-any-r1_pkg_setup |
192 |
-} |
193 |
- |
194 |
-src_unpack() { |
195 |
- case ${QT5_BUILD_TYPE} in |
196 |
- live) git-r3_src_unpack ;& |
197 |
- release) default ;; |
198 |
- esac |
199 |
-} |
200 |
- |
201 |
-src_prepare() { |
202 |
- if [[ ${PV} == ${QT5_PV}_p* ]]; then |
203 |
- # This is made from git, and for some reason will fail w/o .git directories. |
204 |
- mkdir -p .git src/3rdparty/chromium/.git || die |
205 |
- fi |
206 |
- # We need to make sure this integrates well into Qt 5.15.3 installation. |
207 |
- # Otherwise revdeps fail w/o heavy changes. This is the simplest way to do it. |
208 |
- # See also: https://www.qt.io/blog/building-qt-webengine-against-other-qt-versions |
209 |
- sed -E "/^MODULE_VERSION/s/5\.15\.[0-9]+/${QT5_PV}/" -i .qmake.conf || die |
210 |
- |
211 |
- # QTBUG-88657 - jumbo-build could still make trouble |
212 |
- if ! use jumbo-build; then |
213 |
- sed -i -e 's|use_jumbo_build=true|use_jumbo_build=false|' \ |
214 |
- src/buildtools/config/common.pri || die |
215 |
- fi |
216 |
- |
217 |
- # bug 620444 - ensure local headers are used |
218 |
- find "${S}" -type f -name "*.pr[fio]" | \ |
219 |
- xargs sed -i -e 's|INCLUDEPATH += |&$${QTWEBENGINE_ROOT}_build/include $${QTWEBENGINE_ROOT}/include |' || die |
220 |
- |
221 |
- if use system-icu; then |
222 |
- # Sanity check to ensure that bundled copy of ICU is not used. |
223 |
- # Whole src/3rdparty/chromium/third_party/icu directory cannot be deleted because |
224 |
- # src/3rdparty/chromium/third_party/icu/BUILD.gn is used by build system. |
225 |
- # If usage of headers of bundled copy of ICU occurs, then lists of shim headers in |
226 |
- # shim_headers("icui18n_shim") and shim_headers("icuuc_shim") in |
227 |
- # src/3rdparty/chromium/third_party/icu/BUILD.gn should be updated. |
228 |
- local file |
229 |
- while read file; do |
230 |
- echo "#error This file should not be used!" > "${file}" || die |
231 |
- done < <(find src/3rdparty/chromium/third_party/icu -type f "(" -name "*.c" -o -name "*.cpp" -o -name "*.h" ")" 2>/dev/null) |
232 |
- fi |
233 |
- |
234 |
- # src/3rdparty/gn fails with libc++ due to passing of `-static-libstdc++` |
235 |
- if tc-is-clang && has_version 'sys-devel/clang[default-libcxx]'; then |
236 |
- eapply "${FILESDIR}/${PN}-5.15.2_p20210521-clang-libc++.patch" |
237 |
- fi |
238 |
- |
239 |
- if use system-ffmpeg && has_version '>=media-video/ffmpeg-5'; then |
240 |
- eapply "${FILESDIR}/${PN}-5.15.3_p20220406-ffmpeg5.patch" # by Archlinux, bug 831437 |
241 |
- fi |
242 |
- |
243 |
- qt_use_disable_config alsa webengine-alsa src/buildtools/config/linux.pri |
244 |
- qt_use_disable_config pulseaudio webengine-pulseaudio src/buildtools/config/linux.pri |
245 |
- |
246 |
- qt_use_disable_mod designer webenginewidgets src/plugins/plugins.pro |
247 |
- |
248 |
- qt_use_disable_mod widgets widgets src/src.pro |
249 |
- |
250 |
- qt5-build_src_prepare |
251 |
- |
252 |
- # we need to generate ppc64 stuff because upstream does not ship it yet |
253 |
- if use ppc64; then |
254 |
- einfo "Patching for ppc64le and generating build files" |
255 |
- eapply "${FILESDIR}/qtwebengine-5.15.2-enable-ppc64.patch" |
256 |
- pushd src/3rdparty/chromium > /dev/null || die |
257 |
- eapply -p0 "${WORKDIR}/${PN}-ppc64le" |
258 |
- popd > /dev/null || die |
259 |
- pushd src/3rdparty/chromium/third_party/libvpx > /dev/null || die |
260 |
- mkdir -vp source/config/linux/ppc64 || die |
261 |
- mkdir -p source/libvpx/test || die |
262 |
- touch source/libvpx/test/test.mk || die |
263 |
- # clang-format is used to re-format sources |
264 |
- # but we'd rather make it a no-op than introduce a clang dependency |
265 |
- # https://bugs.gentoo.org/849458 |
266 |
- clang-format() { : ; } |
267 |
- export -f clang-format || die |
268 |
- ./generate_gni.sh || die |
269 |
- popd >/dev/null || die |
270 |
- fi |
271 |
-} |
272 |
- |
273 |
-src_configure() { |
274 |
- export NINJA_PATH=/usr/bin/ninja |
275 |
- export NINJAFLAGS="${NINJAFLAGS:--j$(makeopts_jobs "${MAKEOPTS}" 999) -l$(makeopts_loadavg "${MAKEOPTS}" 0) -v}" |
276 |
- |
277 |
- local myqmakeargs=( |
278 |
- -- |
279 |
- -no-build-qtpdf |
280 |
- -printing-and-pdf |
281 |
- -system-opus |
282 |
- -system-webp |
283 |
- $(qt_use alsa) |
284 |
- $(qt_use !bindist proprietary-codecs) |
285 |
- $(qt_use geolocation webengine-geolocation) |
286 |
- $(qt_use kerberos webengine-kerberos) |
287 |
- $(qt_use pulseaudio) |
288 |
- $(usex screencast -webengine-webrtc-pipewire '') |
289 |
- $(usex system-ffmpeg -system-ffmpeg -qt-ffmpeg) |
290 |
- $(qt_use system-icu webengine-icu) |
291 |
- ) |
292 |
- qt5-build_src_configure |
293 |
-} |
294 |
- |
295 |
-src_install() { |
296 |
- qt5-build_src_install |
297 |
- |
298 |
- # bug 601472 |
299 |
- if [[ ! -f ${D}${QT5_LIBDIR}/libQt5WebEngine.so ]]; then |
300 |
- die "${CATEGORY}/${PF} failed to build anything. Please report to https://bugs.gentoo.org/" |
301 |
- fi |
302 |
-} |
303 |
- |
304 |
-pkg_preinst() { |
305 |
- elog "This version of Qt WebEngine is based on Chromium version 87.0.4280.144," |
306 |
- elog "with additional security fixes from newer versions. Extensive as it is, the" |
307 |
- elog "list of backports is impossible to evaluate, but always bound to be behind" |
308 |
- elog "Chromium's release schedule." |
309 |
- elog "In addition, various online services may deny service based on an outdated" |
310 |
- elog "user agent version (and/or other checks). Google is already known to do so." |
311 |
- elog |
312 |
- elog "tldr: Your web browsing experience will be compromised." |
313 |
-} |