diff --git a/nongnu/packages/electron.scm b/nongnu/packages/electron.scm index 71ad3821..9f16259e 100644 --- a/nongnu/packages/electron.scm +++ b/nongnu/packages/electron.scm @@ -5,16 +5,19 @@ ;;; Copyright © 2024 Jonathan Brielmaier ;;; Copyright © 2025 Ricardo Wurmus ;;; Copyright © 2025 Simen Endsjø +;;; Copyright © 2025 Nicolas Graves (define-module (nongnu packages electron) #:use-module (nonguix build-system chromium-binary) #:use-module ((nonguix licenses) :prefix license:) #:use-module (guix download) + #:use-module (guix gexp) #:use-module (guix packages) #:use-module (guix utils) #:use-module (ice-9 match) #:use-module (gnu packages compression) #:use-module (gnu packages gtk) + #:use-module (gnu packages nss) #:use-module (gnu packages video)) (define (electron-source version hash) @@ -42,47 +45,39 @@ "0qs5n6m0gj0rknjq5aqrbbpqwh2829a1cl51l6xj79p7aiggb9p3")) (build-system chromium-binary-build-system) (arguments - `(#:wrapper-plan - `("electron" - "libffmpeg.so" - "libGLESv2.so" - "libEGL.so") - #:install-plan - `(("." "share/electron/" #:include - ("electron" - "chrome-sandbox" - "chrome_100_percent.pak" - "chrome_200_percent.pak" - "chrome_crashpad_handler" - "icudtl.dat" - "resources.pak" - "v8_context_snapshot.bin" - "version" - "libffmpeg.so" - ;; electron seems to force-load these from its directory. - "libEGL.so" - "libGLESv2.so")) - ("resources" "share/electron/") - ("locales" "share/electron/")) - #:phases - (modify-phases %standard-phases - (add-before 'install-wrapper 'wrap-where-patchelf-does-not-work - (lambda* (#:key inputs outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (bin (string-append out "/share/electron/electron")) - (wrapper (string-append out "/bin/electron"))) - (mkdir-p (dirname wrapper)) - (make-wrapper wrapper bin - `("LD_LIBRARY_PATH" ":" - prefix - (,(string-join - (list - (string-append out "/share/electron")) - ":"))))) - #t))))) - (native-inputs `(("unzip" ,unzip))) - (inputs `(("gdk-pixbuf" ,gdk-pixbuf) - ("ffmpeg" ,ffmpeg))) + (list + #:wrapper-plan + #~'(("electron" (("out" "/share/electron") + ("nss" "/lib/nss"))) + "chrome-sandbox" + "chrome_crashpad_handler") + #:install-plan + #~'(("." "share/electron/" #:include + ("electron" + "chrome-sandbox" + "chrome_100_percent.pak" + "chrome_200_percent.pak" + "chrome_crashpad_handler" + "icudtl.dat" + "resources.pak" + "v8_context_snapshot.bin" + "version" + "libffmpeg.so" + ;; electron seems to force-load these from its directory. + "libEGL.so" + "libGLESv2.so")) + ("resources" "share/electron/") + ("locales" "share/electron/")) + #:phases + #~(modify-phases %standard-phases + (add-after 'install 'symlink-binary-file + (lambda _ + (let ((bin (string-append #$output "/bin"))) + (mkdir-p bin) + (symlink (string-append #$output "/share/electron/electron") + (string-append bin "/electron")))))))) + (native-inputs (list unzip)) + (inputs (list ffmpeg gdk-pixbuf nss)) (home-page "https://www.electronjs.org/") (synopsis "Cross platform desktop application shell") (description "The Electron framework lets you write cross-platform desktop diff --git a/nongnu/packages/game-client.scm b/nongnu/packages/game-client.scm index d9adc3cb..9547f6c8 100644 --- a/nongnu/packages/game-client.scm +++ b/nongnu/packages/game-client.scm @@ -108,7 +108,7 @@ implementation with gogdl and Amazon Games using Nile.") (define steam-client (package (name "steam-client") - (version "1.0.0.82") + (version "1.0.0.83") (source (origin (method url-fetch) @@ -116,7 +116,7 @@ implementation with gogdl and Amazon Games using Nile.") version ".tar.gz")) (sha256 (base32 - "0xzwwvvh046mrcqil92lwda3dz8anhx8y2x3bdj2pzbicbfz38mg")) + "10lgmjsada0n2a4h1vgrnwcjcka7vp4igy82f1n99zbyrjq845kr")) (file-name (string-append name "-" version ".tar.gz")))) (build-system gnu-build-system) (arguments diff --git a/nongnu/packages/linux.scm b/nongnu/packages/linux.scm index 7b7585d4..dad8918e 100644 --- a/nongnu/packages/linux.scm +++ b/nongnu/packages/linux.scm @@ -352,14 +352,14 @@ stable, responsive and smooth desktop experience."))) (define-public linux-firmware (package (name "linux-firmware") - (version "20250509") + (version "20250613") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/linux/kernel/firmware/" "linux-firmware-" version ".tar.xz")) (sha256 (base32 - "0gkhpl60iw83pa8pq4hf8rrrc8nk8kjychsnrcq838i6y9k0vipj")))) + "1pkz38wi9gljipzs9d2wri97p866vqqan872hwjrvgx8ghrl61yl")))) (build-system gnu-build-system) (arguments (list #:tests? #f diff --git a/nongnu/packages/mozilla.scm b/nongnu/packages/mozilla.scm index c15d4ddd..d8deb825 100644 --- a/nongnu/packages/mozilla.scm +++ b/nongnu/packages/mozilla.scm @@ -17,7 +17,7 @@ ;;; Copyright © 2020-2025 Jonathan Brielmaier ;;; Copyright © 2020 Zhu Zihao ;;; Copyright © 2021 pineapples -;;; Copyright © 2021, 2024 Brice Waegeneire +;;; Copyright © 2021, 2024, 2025 Brice Waegeneire ;;; Copyright © 2021, 2022, 2023 John Kehayias ;;; Copyright © 2022 Pierre Langlois ;;; Copyright © 2023-2025 Tomas Volf @@ -63,6 +63,7 @@ #:use-module (gnu packages node) #:use-module (gnu packages nss) #:use-module (gnu packages perl) + #:use-module (gnu packages pciutils) #:use-module (gnu packages pkg-config) #:use-module (gnu packages pulseaudio) #:use-module (gnu packages python) @@ -86,19 +87,19 @@ ;; Update this id with every firefox update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. -(define %firefox-esr-build-id "20250526081800") +(define %firefox-esr-build-id "20250623124138") (define-public firefox-esr (package (name "firefox-esr") - (version "128.11.0esr") + (version "128.12.0esr") (source (origin (method url-fetch) (uri (string-append "https://archive.mozilla.org/pub/firefox/releases/" version "/source/firefox-" version ".source.tar.xz")) (sha256 - (base32 "1v7zl6krm2vk3j30fd8zbnazvbqiwg93dgymrznfa3v798vr1vgj")) + (base32 "0gwpkpl053jv8j7bl8cjdqngxfj5wbj2mm48rqzws5nbqs3fpv9b")) (patches (map (lambda (patch) (search-path @@ -106,7 +107,8 @@ %load-path) patch)) '("firefox-esr-compare-paths.patch" - "firefox-esr-use-system-wide-dir.patch"))) + "firefox-esr-use-system-wide-dir.patch" + "firefox-esr-add-store-to-rdd-allowlist.patch"))) ;; XXX: 75 Mo (800+ Mo uncompressed) of unused tests. ;; Removing it makes it possible to compile on some systems. (modules '((guix build utils))) @@ -351,6 +353,20 @@ (string-drop hash 8))))))) (replace 'install (lambda _ (invoke "./mach" "install"))) + (add-after 'install 'wrap-glxtest + ;; glxtest uses dlopen() to load mesa and pci + ;; libs, wrap it to set LD_LIBRARY_PATH. + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (libs (map + (lambda (lib-name) + (string-append (assoc-ref inputs + lib-name) + "/lib")) + '("mesa" "pciutils")))) + (wrap-program (car (find-files lib "^glxtest$")) + `("LD_LIBRARY_PATH" prefix ,libs))))) (add-after 'install 'wrap-program (lambda* (#:key inputs outputs #:allow-other-keys) ;; The following two functions are from Guix's icecat package in @@ -380,28 +396,11 @@ ;; and libva depend on). (pciaccess-lib (string-append (assoc-ref inputs "libpciaccess") "/lib")) - ;; VA-API is run in the RDD (Remote Data Decoder) sandbox - ;; and must be explicitly given access to files it needs. - ;; Rather than adding the whole store (as Nix had - ;; upstream do, see - ;; and - ;; linked upstream patches), we can just follow the - ;; runpaths of the needed libraries to add everything to - ;; LD_LIBRARY_PATH. These will then be accessible in the - ;; RDD sandbox. - ;; TODO: Properly handle the runpath of libraries needed - ;; (for RDD) recursively, so the explicit libpciaccess - ;; can be removed. - (rdd-whitelist - (map (cut string-append <> "/") - (delete-duplicates - (append-map runpaths-of-input - '("mesa" "ffmpeg"))))) (pulseaudio-lib (string-append (assoc-ref inputs "pulseaudio") "/lib")) ;; For sharing on Wayland (pipewire-lib (string-append (assoc-ref inputs "pipewire") - "/lib")) + "/lib")) ;; For U2F and WebAuthn (eudev-lib (string-append (assoc-ref inputs "eudev") "/lib")) (gtk-share (string-append (assoc-ref inputs "gtk+") @@ -409,7 +408,7 @@ (wrap-program (car (find-files lib "^firefox$")) `("LD_LIBRARY_PATH" prefix (,mesa-lib ,libnotify-lib ,libva-lib ,pciaccess-lib ,pulseaudio-lib ,eudev-lib - ,@rdd-whitelist ,pipewire-lib)) + ,pipewire-lib)) `("XDG_DATA_DIRS" prefix (,gtk-share)) `("MOZ_LEGACY_PROFILES" = ("1")) `("MOZ_ALLOW_DOWNGRADE" = ("1")))))) @@ -485,6 +484,7 @@ nspr-4.32 ;; nss pango + pciutils pipewire pixman pulseaudio @@ -528,20 +528,20 @@ Release (ESR) version.") ;; Update this id with every firefox update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. -(define %firefox-build-id "20250609195321") +(define %firefox-build-id "20250623125307") (define-public firefox (package (inherit firefox-esr) (name "firefox") - (version "139.0.4") + (version "140.0") (source (origin (method url-fetch) (uri (string-append "https://archive.mozilla.org/pub/firefox/releases/" version "/source/firefox-" version ".source.tar.xz")) (sha256 - (base32 "1xc7481g9adrn98ivqgigvdjcpkyk6sa183qvpbwcjgrqczhapjk")) + (base32 "07zxz49qj5d8h8s4w6nw9j8x7wfrw45zc3a9bny1l911kfs564pf")) (patches (map (lambda (patch) (search-path @@ -550,7 +550,8 @@ Release (ESR) version.") patch)) '("firefox-restore-desktop-files.patch" "firefox-ge-138-compare-paths.patch" - "firefox-use-system-wide-dir.patch"))) + "firefox-use-system-wide-dir.patch" + "firefox-add-store-to-rdd-allowlist.patch"))) ;; XXX: 75 Mo (800+ Mo uncompressed) of unused tests. ;; Removing it makes it possible to compile on some systems. (modules '((guix build utils))) diff --git a/nongnu/packages/patches/firefox-add-store-to-rdd-allowlist.patch b/nongnu/packages/patches/firefox-add-store-to-rdd-allowlist.patch new file mode 100644 index 00000000..4bdaa7dd --- /dev/null +++ b/nongnu/packages/patches/firefox-add-store-to-rdd-allowlist.patch @@ -0,0 +1,36 @@ +diff --git a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp +index 4eff5e6..42171eb 100644 +--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp ++++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp +@@ -476,6 +476,7 @@ void SandboxBrokerPolicyFactory::InitContentPolicy() { + // Various places where fonts reside + policy->AddTree(rdonly, "/usr/X11R6/lib/X11/fonts"); + policy->AddTree(rdonly, "/nix/store"); ++ policy->AddTree(rdonly, "/gnu/store"); + // https://gitlab.com/freedesktop-sdk/freedesktop-sdk/-/blob/e434e680d22260f277f4a30ec4660ed32b591d16/files/fontconfig-flatpak.conf + policy->AddTree(rdonly, "/run/host/fonts"); + policy->AddTree(rdonly, "/run/host/user-fonts"); +@@ -485,6 +486,7 @@ void SandboxBrokerPolicyFactory::InitContentPolicy() { + // Bug 1848615 + policy->AddPath(rdonly, "/usr"); + policy->AddPath(rdonly, "/nix"); ++ policy->AddPath(rdonly, "/gnu"); + + AddLdconfigPaths(policy); + AddLdLibraryEnvPaths(policy); +@@ -934,6 +936,7 @@ SandboxBrokerPolicyFactory::GetRDDPolicy(int aPid) { + policy->AddTree(rdonly, "/usr/lib64"); + policy->AddTree(rdonly, "/run/opengl-driver/lib"); + policy->AddTree(rdonly, "/nix/store"); ++ policy->AddTree(rdonly, "/gnu/store"); + + // Bug 1647957: memory reporting. + AddMemoryReporting(policy.get(), aPid); +@@ -1079,6 +1082,7 @@ SandboxBrokerPolicyFactory::GetUtilityProcessPolicy(int aPid) { + // Required to make sure ffmpeg loads properly, this is already existing on + // Content and RDD + policy->AddTree(rdonly, "/nix/store"); ++ policy->AddTree(rdonly, "/gnu/store"); + + // glibc will try to stat64("/") while populating nsswitch database + // https://sourceware.org/git/?p=glibc.git;a=blob;f=nss/nss_database.c;h=cf0306adc47f12d9bc761ab1b013629f4482b7e6;hb=9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3#l396 diff --git a/nongnu/packages/patches/firefox-esr-add-store-to-rdd-allowlist.patch b/nongnu/packages/patches/firefox-esr-add-store-to-rdd-allowlist.patch new file mode 100644 index 00000000..6ae18c37 --- /dev/null +++ b/nongnu/packages/patches/firefox-esr-add-store-to-rdd-allowlist.patch @@ -0,0 +1,36 @@ +diff --git a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp +index 0e5358e68e..efbde9616e 100644 +--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp ++++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp +@@ -452,6 +452,7 @@ void SandboxBrokerPolicyFactory::InitContentPolicy() { + // Various places where fonts reside + policy->AddDir(rdonly, "/usr/X11R6/lib/X11/fonts"); + policy->AddDir(rdonly, "/nix/store"); ++ policy->AddDir(rdonly, "/gnu/store"); + // https://gitlab.com/freedesktop-sdk/freedesktop-sdk/-/blob/e434e680d22260f277f4a30ec4660ed32b591d16/files/fontconfig-flatpak.conf + policy->AddDir(rdonly, "/run/host/fonts"); + policy->AddDir(rdonly, "/run/host/user-fonts"); +@@ -461,6 +462,7 @@ void SandboxBrokerPolicyFactory::InitContentPolicy() { + // Bug 1848615 + policy->AddPath(rdonly, "/usr"); + policy->AddPath(rdonly, "/nix"); ++ policy->AddPath(rdonly, "/gnu"); + + AddLdconfigPaths(policy); + AddLdLibraryEnvPaths(policy); +@@ -920,6 +922,7 @@ SandboxBrokerPolicyFactory::GetRDDPolicy(int aPid) { + policy->AddDir(rdonly, "/usr/lib64"); + policy->AddDir(rdonly, "/run/opengl-driver/lib"); + policy->AddDir(rdonly, "/nix/store"); ++ policy->AddDir(rdonly, "/gnu/store"); + + // Bug 1647957: memory reporting. + AddMemoryReporting(policy.get(), aPid); +@@ -1043,6 +1046,7 @@ SandboxBrokerPolicyFactory::GetUtilityProcessPolicy(int aPid) { + // Required to make sure ffmpeg loads properly, this is already existing on + // Content and RDD + policy->AddDir(rdonly, "/nix/store"); ++ policy->AddDir(rdonly, "/gnu/store"); + + // glibc will try to stat64("/") while populating nsswitch database + // https://sourceware.org/git/?p=glibc.git;a=blob;f=nss/nss_database.c;h=cf0306adc47f12d9bc761ab1b013629f4482b7e6;hb=9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3#l396 diff --git a/nongnu/packages/productivity.scm b/nongnu/packages/productivity.scm index 22c6d889..696ac637 100644 --- a/nongnu/packages/productivity.scm +++ b/nongnu/packages/productivity.scm @@ -32,7 +32,7 @@ (define-public anytype (package (name "anytype") - (version "0.46.8") + (version "0.47.3") (source (origin (method url-fetch) @@ -42,7 +42,7 @@ (file-name (string-append "anytype-" version ".deb")) (sha256 (base32 - "1mdjjda1n62i39ggivkm9vzxskrk71l9c181pjz0qgrc12817qli")))) + "1f95mchvjlxqam4qn6ip377hdccny6xa526d7c64micgkfbx6ai3")))) (build-system chromium-binary-build-system) (arguments (list diff --git a/nongnu/packages/video.scm b/nongnu/packages/video.scm index 182253a4..ce50d103 100644 --- a/nongnu/packages/video.scm +++ b/nongnu/packages/video.scm @@ -5,11 +5,16 @@ (define-module (nongnu packages video) #:use-module (gnu packages gl) + #:use-module (gnu packages gnome) + #:use-module (gnu packages node) #:use-module (gnu packages pkg-config) + #:use-module (gnu packages qt) + #:use-module (gnu packages tls) #:use-module (gnu packages video) #:use-module (guix build-system cmake) #:use-module (guix build-system gnu) #:use-module (guix build-system meson) + #:use-module (guix build-system qt) #:use-module (guix gexp) #:use-module (guix download) #:use-module (guix git-download) @@ -134,6 +139,17 @@ graphics hardware.") " This build of intel-media-driver includes nonfree blobs to fully enable the video decode capabilities of supported Intel GPUs.")))) +(define-public mpv-nvidia + (package + (inherit mpv) + (name "mpv-nvidia") + (inputs + (modify-inputs (package-inputs mpv) + (prepend nv-codec-headers))) + (synopsis + "Audio and video player (with hardware acceleration for NVIDIA graphics \ +cards)"))) + (define-public nv-codec-headers (package (name "nv-codec-headers") @@ -268,3 +284,114 @@ content.") (package-description obs) " This build of OBS includes embeded Chromium-based browser to enable Browser source.")))) + +(define-public stremio + (define server-js + (let ((version "4.20.8")) + (origin + (method url-fetch) + (uri (string-append "https://dl.strem.io/server/v" version + "/desktop/server.js")) + (file-name (string-append "stremio-server-" version ".js")) + (sha256 (base32 "0xmlbx6aib5h78ya369pnpxyn05b12l05i8v2kymijbmaw7j04vi"))))) + (package + (name "stremio") + (version "4.4.168") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/Stremio/stremio-shell") + (commit (string-append "v" version)) + ;; NOTE: submodules are embedded libraries so there is no reason + ;; to unbundle them. + (recursive? #t))) + (file-name (git-file-name name version)) + (sha256 + (base32 "14x9i8qvm19sijh7hqppbk8s14dvv7dqlck7x3s8n9i4xn4ncgd7")))) + (build-system qt-build-system) + (arguments + (list + #:tests? #f + #:phases + #~(modify-phases %standard-phases + (add-after 'unpack 'setup-server + (lambda _ + (copy-file #$server-js "server.js"))) + (add-after 'unpack 'fix-paths + (lambda* (#:key inputs #:allow-other-keys) + (substitute* "CMakeLists.txt" + (("opt/stremio") + "bin")) + (substitute* "release.makefile" + (("/opt/stremio") + "/bin")) + (substitute* "main.qml" + (("var node_executable =.*$") + (string-append "var node_executable =\"" + (search-input-file inputs "bin/node") "\"\n")) + (("applicationDirPath \\+\"/server\\.js\"") + (string-append "\"" + #$server-js "\""))) + (substitute* "smartcode-stremio.desktop" + (("Exec=stremio") + (string-append "Exec=" + #$output "/bin/stremio"))))) + (replace 'configure + (lambda _ + (invoke "qmake"))) + (replace 'build + (lambda _ + (invoke "make" "-f" "release.makefile" + (string-append "PREFIX=" + #$output)))) + (replace 'install + (lambda _ + (invoke "make" "-f" "release.makefile" "install" + (string-append "PREFIX=" + #$output)) + (with-directory-excursion #$output + ;; Setup desktop file. + (let ((dir "share/applications") + (desktop "smartcode-stremio.desktop")) + (mkdir-p "share/applications") + (copy-file (string-append "bin/" desktop) + (string-append dir "/" desktop)) + (delete-file (string-append "bin/" desktop))) + ;; Setup icon dir. + (for-each (lambda (size) + (let ((dir (string-append "share/icons/hicolor/" + size "x" size "/apps"))) + (mkdir-p dir) + (copy-file (string-append + "bin/icons/smartcode-stremio_" size + ".png") + (string-append dir + "/smartcode-stremio.png")) + (copy-file (string-append + "bin/icons/smartcode-stremio-tray_" + size ".png") + (string-append dir + "/smartcode-stremio-tray.png")))) + '("16" "22" "24" "32" "64" "128")) + ;; Remove unnecessary opt dir. + (delete-file-recursively "bin/icons"))))))) + (inputs (list librsvg + mpv + node + openssl + qtdeclarative-5 + qtquickcontrols-5 + qtwebchannel-5 + qtwebengine-5 + qtbase-5)) + (home-page "https://www.stremio.com") + (synopsis "Modern media center that gives you the freedom to watch +everything you want") + (description + "Stremio offers a secure, modern and seamless entertainment experience. +With its easy-to-use interface and diverse content library, including 4K HDR +support, users can enjoy their favorite movies and TV shows across all their +devices. And with its commitment to security, Stremio is the ultimate choice +for a worry-free, high-quality streaming experience.") + (license license:gpl3)))