commit 30ec3d0f686217a773733e36feddaba703e35753 · pyrox.dev/nixpkgs

+29 -25

pkgs/applications/networking/browsers/chromium/common.nix

···

       148
       148
        
             else throw "no chromium Rosetta Stone entry for os: ${platform.config}";

     

       149
       149
        
         };

     

       150
       150
        
       

     

       151
       151
       +
         recompressTarball = { version, sha256 ? "" }: fetchzip {

     

       152
       152
       +
           name = "chromium-${version}.tar.zstd";

     

       153
       153
       +
           url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz";

     

       154
       154
       +
           inherit sha256;

     

       155
       155
       +
       

     

       156
       156
       +
           nativeBuildInputs = [ zstd ];

     

       157
       157
       +
       

     

       158
       158
       +
           postFetch = ''

     

       159
       159
       +
             echo removing unused code from tarball to stay under hydra limit

     

       160
       160
       +
             rm -r $out/third_party/{rust-src,llvm}

     

       161
       161
       +
       

     

       162
       162
       +
             echo moving remains out of \$out

     

       163
       163
       +
             mv $out source

     

       164
       164
       +
       

     

       165
       165
       +
             echo recompressing final contents into new tarball

     

       166
       166
       +
             # try to make a deterministic tarball

     

       167
       167
       +
             tar \

     

       168
       168
       +
               --use-compress-program "zstd -T$NIX_BUILD_CORES" \

     

       169
       169
       +
               --sort name \

     

       170
       170
       +
               --mtime 1970-01-01 \

     

       171
       171
       +
               --owner=root --group=root \

     

       172
       172
       +
               --numeric-owner --mode=go=rX,u+rw,a-s \

     

       173
       173
       +
               -cf $out source

     

       174
       174
       +
           '';

     

       175
       175
       +
         };

     

       176
       176
       +
       

     

       177
       177
       +
       

     

       151
       178
        
         base = rec {

     

       152
       179
        
           pname = "${packageName}-unwrapped";

     

       153
       180
        
           inherit (upstream-info) version;

     

       154
       181
        
           inherit packageName buildType buildPath;

     

       155
       182
        
       

     

       156
       156
       -
           src = fetchzip {

     

       157
       157
       -
             name = "chromium-${version}.tar.zstd";

     

       158
       158
       -
             url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz";

     

       159
       159
       -
             inherit (upstream-info) sha256;

     

       160
       160
       -
       

     

       161
       161
       -
             nativeBuildInputs = [ zstd ];

     

       162
       162
       -
       

     

       163
       163
       -
             postFetch = ''

     

       164
       164
       -
               echo removing unused code from tarball to stay under hydra limit

     

       165
       165
       -
               rm -r $out/third_party/{rust-src,llvm}

     

       166
       166
       -
       

     

       167
       167
       -
               echo moving remains out of \$out

     

       168
       168
       -
               mv $out source

     

       169
       169
       -
       

     

       170
       170
       -
               echo recompressing final contents into new tarball

     

       171
       171
       -
               # try to make a deterministic tarball

     

       172
       172
       -
               tar \

     

       173
       173
       -
                 --use-compress-program "zstd -T$NIX_BUILD_CORES" \

     

       174
       174
       -
                 --sort name \

     

       175
       175
       -
                 --mtime 1970-01-01 \

     

       176
       176
       -
                 --owner=root --group=root \

     

       177
       177
       -
                 --numeric-owner --mode=go=rX,u+rw,a-s \

     

       178
       178
       -
                 -cf $out source

     

       179
       179
       -
             '';

     

       180
       180
       -
           };

     

       183
       183
       +
           src = recompressTarball { inherit version; inherit (upstream-info) sha256; };

     

       181
       184
        
       

     

       182
       185
        
           nativeBuildInputs = [

     

       183
       186
        
             ninja pkg-config

     
···

       486
       489
        
             chromiumDeps = {

     

       487
       490
        
               gn = gnChromium;

     

       488
       491
        
             };

     

       492
       492
       +
             inherit recompressTarball;

     

       489
       493
        
           };

     

       490
       494
        
         }

     

       491
       495
        
         # overwrite `version` with the exact same `version` from the same source,

+22 -3

pkgs/applications/networking/browsers/chromium/update.py

···

       21
       21
        
       

     

       22
       22
        
       RELEASES_URL = 'https://versionhistory.googleapis.com/v1/chrome/platforms/linux/channels/all/versions/all/releases'

     

       23
       23
        
       DEB_URL = 'https://dl.google.com/linux/chrome/deb/pool/main/g'

     

       24
       24
       -
       BUCKET_URL = 'https://commondatastorage.googleapis.com/chromium-browser-official'

     

       25
       24
        
       

     

       26
       25
        
       PIN_PATH = dirname(abspath(__file__)) + '/upstream-info.nix'

     

       27
       26
        
       UNGOOGLED_FLAGS_PATH = dirname(abspath(__file__)) + '/ungoogled-flags.toml'

     

       28
       27
        
       COMMIT_MESSAGE_SCRIPT = dirname(abspath(__file__)) + '/get-commit-message.py'

     

       29
       29
       -
       

     

       28
       28
       +
       NIXPKGS_PATH = subprocess.check_output(["git", "rev-parse", "--show-toplevel"], cwd=dirname(PIN_PATH)).strip()

     

       30
       29
        
       

     

       31
       30
        
       def load_as_json(path):

     

       32
       31
        
           """Loads the given nix file as JSON."""

     
···

       40
       39
        
           formatted = subprocess.check_output(['nixfmt'], input=nix)

     

       41
       40
        
           with open(path, 'w') as out:

     

       42
       41
        
               out.write(formatted.decode())

     

       42
       42
       +
       

     

       43
       43
       +
       def prefetch_src_sri_hash(attr_path, version):

     

       44
       44
       +
           """Prefetches the fixed-output-derivation source tarball and returns its SRI-Hash."""

     

       45
       45
       +
           print(f'nix-build (FOD prefetch) {attr_path} {version}')

     

       46
       46
       +
           out = subprocess.run(

     

       47
       47
       +
               ["nix-build", "--expr", f'(import ./. {{}}).{attr_path}.browser.passthru.recompressTarball {{ version = "{version}"; }}'],

     

       48
       48
       +
               cwd=NIXPKGS_PATH,

     

       49
       49
       +
               stderr=subprocess.PIPE

     

       50
       50
       +
           ).stderr.decode()

     

       51
       51
       +
       

     

       52
       52
       +
           for line in iter(out.split("\n")):

     

       53
       53
       +
               match = re.match(r"\s+got:\s+(.+)$", line)

     

       54
       54
       +
               if match:

     

       55
       55
       +
                   print(f'Hash: {match.group(1)}')

     

       56
       56
       +
                   return match.group(1)

     

       57
       57
       +
           print(f'{out}\n\nError: Expected hash in nix-build stderr output.', file=sys.stderr)

     

       58
       58
       +
           sys.exit(1)

     

       43
       59
        
       

     

       44
       60
        
       def nix_prefetch_url(url, algo='sha256'):

     

       45
       61
        
           """Prefetches the content of the given URL."""

     
···

       206
       222
        
                   google_chrome_suffix = channel_name

     

       207
       223
        
       

     

       208
       224
        
               try:

     

       209
       209
       -
                   channel['sha256'] = nix_prefetch_url(f'{BUCKET_URL}/chromium-{release["version"]}.tar.xz')

     

       225
       225
       +
                   channel['sha256'] = prefetch_src_sri_hash(

     

       226
       226
       +
                       channel_name_to_attr_name(channel_name),

     

       227
       227
       +
                       release["version"]

     

       228
       228
       +
                   )

     

       210
       229
        
                   channel['sha256bin64'] = nix_prefetch_url(

     

       211
       230
        
                       f'{DEB_URL}/google-chrome-{google_chrome_suffix}/' +

     

       212
       231
        
                       f'google-chrome-{google_chrome_suffix}_{release["version"]}-1_amd64.deb')

+8 -8

pkgs/applications/networking/browsers/chromium/upstream-info.nix

···

       41
       41
        
               version = "2023-08-10";

     

       42
       42
        
             };

     

       43
       43
        
           };

     

       44
       44
       -
           sha256 = "1g8rllmnmhmmpjzrmi3cww0nszxicq0kim2wd0l0ip2mzk2p8qlp";

     

       45
       45
       -
           sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484";

     

       46
       46
       -
           version = "118.0.5993.70";

     

       44
       44
       +
           sha256 = "sha256-CTkw92TiRD2tkYu5a5dy8fjpR2MMOMCvcbxXhJ36Bp8=";

     

       45
       45
       +
           sha256bin64 = "06rbsjh4khhl408181ns5nsdwasklb277fdjfajdv5h1j9a190k3";

     

       46
       46
       +
           version = "118.0.5993.88";

     

       47
       47
        
         };

     

       48
       48
        
         ungoogled-chromium = {

     

       49
       49
        
           deps = {

     
···

       54
       54
        
               version = "2023-08-10";

     

       55
       55
        
             };

     

       56
       56
        
             ungoogled-patches = {

     

       57
       57
       -
               rev = "118.0.5993.70-1";

     

       58
       58
       -
               sha256 = "0k6684cy1ks6yba2bdz17g244f05qy9769cvis4h2jzhgbf5rysh";

     

       57
       57
       +
               rev = "118.0.5993.88-1";

     

       58
       58
       +
               sha256 = "17j47d64l97ascp85h8cnfnr5wr4va3bdk95wmagqss7ym5c7zsf";

     

       59
       59
        
             };

     

       60
       60
        
           };

     

       61
       61
       -
           sha256 = "1g8rllmnmhmmpjzrmi3cww0nszxicq0kim2wd0l0ip2mzk2p8qlp";

     

       62
       62
       -
           sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484";

     

       63
       63
       -
           version = "118.0.5993.70";

     

       61
       61
       +
           sha256 = "sha256-CTkw92TiRD2tkYu5a5dy8fjpR2MMOMCvcbxXhJ36Bp8=";

     

       62
       62
       +
           sha256bin64 = "06rbsjh4khhl408181ns5nsdwasklb277fdjfajdv5h1j9a190k3";

     

       63
       63
       +
           version = "118.0.5993.88";

     

       64
       64
        
         };

     

       65
       65
        
       }