| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html
This update includes 6 security fixes.
CVEs:
CVE-2024-6100 CVE-2024-6101 CVE-2024-6102 CVE-2024-6103
|
|
|
|
https://www.mozilla.org/en-US/firefox/127.0.1/releasenotes/
|
|
https://www.mozilla.org/en-US/firefox/127.0.1/releasenotes/
|
|
Co-authored-by: Matteo Pacini <matteo@codecraft.it>
|
|
https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_13.html
|
|
microsoft-edge: 125.0.2535.85 -> 125.0.2535.92
|
|
floorp: 11.3.3 -> 11.14.1
|
|
Floorp hardcodes /usr/bin/floorp as binary path when generating .desktop
files for PWAs. That obviously not work for Nix-installed version, so
patch it to just refer to "floorp", relying on $PATH.
See also #314115.
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
|
Release notes: https://blog.ablaze.one/4375/2024-06-00/
Git changelog: https://github.com/Floorp-Projects/Floorp/compare/v11.13.3...v11.14.1
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
|
https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_13.html
|
|
|
|
{tor,mullvad}-browser: 13.0.15 -> 13.0.16
|
|
https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html
This update includes 21 security fixes.
CVEs:
CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834
CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839
CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844
CVE-2024-5845 CVE-2024-5846 CVE-2024-5847
|
|
|
|
|
|
|
|
|
|
|
|
The minimum versions for both chromium and electron-source are higher
than the version bounds of those conditionals.
As such, they can be safely removed.
This is a no-op.
|
|
common-updater-scripts/u-s-v: support --ignore-same-version
|
|
chromedriver,chromium: 125.0.6422.141 -> 126.0.6478.55, rebase patches, extend tarball exclude
|
|
Solves the following build error:
~~~
FAILED: obj/chrome/browser/devtools/devtools/devtools_window.o
In file included from ../../chrome/browser/devtools/devtools_window.cc:32:
../../chrome/browser/file_select_helper.h:16:10: fatal error: 'components/enterprise/buildflags/buildflags.h' file not found
16 | #include "components/enterprise/buildflags/buildflags.h"
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
Can be removed once chromium and ungoogled-chromium are both on M126,
since the patch is from M126.
https://issues.chromium.org/issues/336911498
https://chromium-review.googlesource.com/c/chromium/src/+/5487538
|
|
https://github.com/mullvad/mullvad-browser/releases/tag/13.0.16
|
|
https://blog.torproject.org/new-release-tor-browser-13016/
|
|
It's included in there already, but we can't drop the patch yet,
as e.g. thunderbird still needs it, as of 115.11.1.
|
|
https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html
This update includes 21 security fixes.
CVEs:
CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834
CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839
CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844
CVE-2024-5845 CVE-2024-5846 CVE-2024-5847
|
|
Note that we can't just update previous patches in place, as that would
prevent electron-source and ungoogled-chrome (< M126) from building.
|
|
Starting with M126, the upstream release tarball includes two full
Debian sysroots to compile chromium with:
~~~shell
$ du -sh build/linux/debian_bullseye_*
835M build/linux/debian_bullseye_amd64-sysroot
739M build/linux/debian_bullseye_i386-sysroot
~~~
But they are huge and we don't need them.
In order to stay below the current 3 GB tarball size limit that is
dictated by hydra.nixos.org's max-output-limit, we add them to our
exclude patterns.
This is a no-op for < M126.
|
|
|
|
|
|
vivaldi: 6.7.3329.35 -> 6.7.3329.41
|
|
microsoft-edge: 125.0.2535.67 -> 125.0.2535.85
|
|
|
|
...into staging-next
|
|
|
|
|
|
https://www.mozilla.org/en-US/firefox/115.12.0/releasenotes/
|
|
https://www.mozilla.org/en-US/firefox/127.0/releasenotes/
|
|
https://www.mozilla.org/en-US/firefox/127.0/releasenotes/
|
|
|
|
librewolf-unwrapped: 126.0-1 -> 126.0.1-1
|
|
Just like with Firefox, we need to make sure there's only a single
version of LLVM involved in building Chromium, or we get errors like
this:
ld.lld: error: Invalid record (Producer: 'LLVM18.1.7' Reader: 'LLVM 17.0.6')
Fixes: 23d4f834536b ("cargo,clippy,rustc,rustfmt: 1.77.2 -> 1.78.0")
|
|
I'm pretty sure this was a mistake — in Nixpkgs the target platform is
the platform that the program being built should output executables
for — i.e., it's only relevant for a compiler, which Chromium is not.
Tested that cross-compilation of Electron still works.
|
|
opera: 110.0.5130.23 -> 110.0.5130.49
|
|
Conflicts:
pkgs/applications/blockchains/polkadot/default.nix
|
|
nix run nixpkgs#silver-searcher -- -G '\.nix$' -0l 'description.*"([Tt]he)? ' pkgs \
| xargs -0 nix run nixpkgs#gnused -- -i '' -Ee 's/(description.*")[Tt]he (.)/\1\U\2/'
|
|
nix run nixpkgs#silver-searcher -- -G '\.nix$' -0l 'description.*"[Aa]n?' pkgs \
| xargs -0 nix run nixpkgs#gnused -- -i '' -Ee 's/(description.*")[Aa]n? (.)/\1\U\2/'
|
|
- `--ignore-same-version` allows us to not call it twice.
- with that, we can also omit version, to allow us updating e.g. `cargoDeps` hash
|
|
|
