public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

qt5.qtwebengine: 5.15.2 -> 5.15.3-a059e740

Browse Source 
This updates the base chromium branch from 83 to 87, which fixes
approximately a few hundreds CVEs.
This commit is contained in:
rnhmjoj 2021-03-18 08:25:29 +01:00 committed by Milan
parent 0f24db0be9
commit 3aba63ab29
3 changed files with 54 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
pkgs/development/libraries/qt-5/5.15/default.nix
View File

@ -16,7 +16,7 @@ top-level attribute to `top-level/all-packages.nix`.
{ {
newScope, newScope,
lib, stdenv, fetchurl, fetchpatch, fetchFromGitHub, makeSetupHook, makeWrapper, lib, stdenv, fetchurl, fetchpatch, fetchgit, fetchFromGitHub, makeSetupHook, makeWrapper,
bison, cups ? null, harfbuzz, libGL, perl, bison, cups ? null, harfbuzz, libGL, perl,
gstreamer, gst-plugins-base, gtk3, dconf, gstreamer, gst-plugins-base, gtk3, dconf,
llvmPackages_5, llvmPackages_5,
@ -48,6 +48,27 @@ let
}; };
version = "5.212.0-alpha4"; version = "5.212.0-alpha4";
}; };
# Even if developed in the public, QtWebEngine does not have official
# releases or new tags since the Qt company made 5.15.3 proprietary.
# Apparently they care more about licensing than the security of their users.
# See https://lists.qt-project.org/pipermail/interest/2021-March/036387.html
qtwebengine =
let
branchName = "5.15.3";
rev = "a059e7404a6db799f4da0ad696e65ae9c854b4b0";
in
{
version = "${branchName}-${lib.substring 0 8 rev}";
src = fetchgit {
url = "https://github.com/qt/qtwebengine.git";
sha256 = "19l1i4sk3pvnwbvz5s97jchqawfz8k1xmjza29bgvkp1zz96r0jx";
inherit rev branchName;
fetchSubmodules = true;
leaveDotGit = true;
};
};
}; };
patches = { patches = {
@ -83,8 +104,13 @@ let
qtdeclarative = [ ./qtdeclarative.patch ]; qtdeclarative = [ ./qtdeclarative.patch ];
qtscript = [ ./qtscript.patch ]; qtscript = [ ./qtscript.patch ];
qtserialport = [ ./qtserialport.patch ]; qtserialport = [ ./qtserialport.patch ];
qtwebengine = [ ] qtwebengine = [
++ optionals stdenv.isDarwin [ # Fix crashes with non en_US.UTF-8 locales
(fetchpatch {
url = "https://github.com/qt/qtwebengine/commit/199ea00a9eea13315a652c62778738629185b059.patch";
sha256 = "1b5k2g1v8913cvsgvp6ja4mcprjlk5vcwqzi0p1qq7b1wyi4f0g2";
})
] ++ optionals stdenv.isDarwin [
./qtwebengine-darwin-no-platform-check.patch ./qtwebengine-darwin-no-platform-check.patch
./qtwebengine-mac-dont-set-dsymutil-path.patch ./qtwebengine-mac-dont-set-dsymutil-path.patch
]; ];

23
pkgs/development/libraries/qt-5/modules/qtwebengine.nix
View File

@ -2,6 +2,7 @@
, qtdeclarative, qtquickcontrols, qtlocation, qtwebchannel , qtdeclarative, qtquickcontrols, qtlocation, qtwebchannel
, bison, coreutils, flex, git, gperf, ninja, pkg-config, python2, which , bison, coreutils, flex, git, gperf, ninja, pkg-config, python2, which
, nodejs, qtbase, perl
, xorg, libXcursor, libXScrnSaver, libXrandr, libXtst , xorg, libXcursor, libXScrnSaver, libXrandr, libXtst
, fontconfig, freetype, harfbuzz, icu, dbus, libdrm , fontconfig, freetype, harfbuzz, icu, dbus, libdrm
@ -25,7 +26,15 @@ qtModule {
name = "qtwebengine"; name = "qtwebengine";
qtInputs = [ qtdeclarative qtquickcontrols qtlocation qtwebchannel ]; qtInputs = [ qtdeclarative qtquickcontrols qtlocation qtwebchannel ];
nativeBuildInputs = [ nativeBuildInputs = [
bison coreutils flex git gperf ninja pkg-config python2 which gn bison coreutils flex git gperf ninja pkg-config python2 which gn nodejs
# qmake looks for syncqt instead of syncqt.pl and fails with a cryptic
# error if it can't find it. syncqt.pl also has a /usr/bin/env shebang, so
# it can't be directly used in a sandboxed build environment.
(writeScriptBin "syncqt" ''
#!${stdenv.shell}
exec ${perl}/bin/perl ${qtbase.dev}/bin/syncqt.pl "$@"
'')
] ++ optional stdenv.isDarwin xcbuild; ] ++ optional stdenv.isDarwin xcbuild;
doCheck = true; doCheck = true;
outputs = [ "bin" "dev" "out" ]; outputs = [ "bin" "dev" "out" ];
@ -40,9 +49,17 @@ qtModule {
hardeningDisable = [ "format" ]; hardeningDisable = [ "format" ];
postPatch = postPatch =
# Patch Chromium build tools
'' ''
( cd src/3rdparty/chromium; patchShebangs . ) # Patch Chromium build tools
(
cd src/3rdparty/chromium;
# Manually fix unsupported shebangs
substituteInPlace third_party/harfbuzz-ng/src/src/update-unicode-tables.make \
--replace "/usr/bin/env -S make -f" "/usr/bin/make -f" || true
patchShebangs .
)
'' ''
# Prevent Chromium build script from making the path to `clang` relative to # Prevent Chromium build script from making the path to `clang` relative to
# the build directory. `clang_base_path` is the value of `QMAKE_CLANG_DIR` # the build directory. `clang_base_path` is the value of `QMAKE_CLANG_DIR`

2
pkgs/top-level/all-packages.nix
View File

@ -16805,7 +16805,7 @@ in
qt515 = recurseIntoAttrs (makeOverridable qt515 = recurseIntoAttrs (makeOverridable
(import ../development/libraries/qt-5/5.15) { (import ../development/libraries/qt-5/5.15) {
inherit newScope; inherit newScope;
inherit lib stdenv fetchurl fetchpatch fetchFromGitHub makeSetupHook makeWrapper; inherit lib stdenv fetchurl fetchpatch fetchgit fetchFromGitHub makeSetupHook makeWrapper;
inherit bison; inherit bison;
inherit cups; inherit cups;
inherit dconf; inherit dconf;