summaryrefslogtreecommitdiff
path: root/community/librewolf/APKBUILD
blob: 17dea8a6155f866f2cedac614d63c6e0b705da44 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Contributor: Rasmus Thomsen <oss@cogitri.dev>
# Contributor: Patrycja Rosa <alpine@ptrcnull.me>
# Contributor: Sertonix <sertonix@posteo.net>
# Maintainer: Sertonix <sertonix@posteo.net>
pkgname=librewolf
pkgver=128.0.3_p2
pkgrel=0
pkgdesc="Community-maintained fork of Firefox, focused on privacy, security and freedom."
url="https://librewolf.net/"
# s390x blocked by lld
# armhf: https://bugzilla.mozilla.org/show_bug.cgi?id=1680495
# riscv64: vpx symbol is missing #15412
arch="x86_64 armv7 aarch64 x86 ppc64le"
license="GPL-3.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND MPL-2.0"
# ffmpeg 6 -> 112
depends="
	ffmpeg-libavcodec
	mesa-egl
	mesa-gl
	pciutils-libs
	"
_llvmver=18
makedepends="
	alsa-lib-dev
	automake
	bsd-compat-headers
	cargo
	cbindgen
	clang$_llvmver
	clang$_llvmver-libclang
	compiler-rt
	dbus
	dbus-dev
	gettext
	gtk+3.0-dev
	hunspell-dev
	icu-dev
	libevent-dev
	libffi-dev
	libjpeg-turbo-dev
	libnotify-dev
	libogg-dev
	libtheora-dev
	libtool
	libvorbis-dev
	libvpx-dev
	libwebp-dev
	libxcomposite-dev
	libxt-dev
	lld
	llvm$_llvmver-dev
	m4
	mesa-dev
	mesa-dri-gallium
	nasm
	nodejs
	nspr-dev
	nss-dev
	patchelf
	pciutils
	pipewire-dev
	pulseaudio-dev
	py3-zstandard
	python3
	scudo-malloc
	sed
	wasi-sdk
	wireless-tools-dev
	xvfb-run
	zip
	"
subpackages="$pkgname-intl"
case "$CARCH" in
riscv64) ;;
*) subpackages="$subpackages $pkgname-dbg" ;;
esac

source="$pkgname-$pkgver.tar.gz::https://gitlab.com/api/v4/projects/32320088/packages/generic/librewolf-source/${pkgver/_p/-}/librewolf-${pkgver/_p/-}.source.tar.gz
	fix-fortify-system-wrappers.patch
	fix-rust-target.patch
	fix-webrtc-glibcisms.patch
	force-can-use-pack-relative-relocs.patch
	icu74.patch
	lfs64.patch
	nrappkit-qsort.patch
	no-ccache-stats.patch
	ppc-musttail.patch
	python-deps.patch
	rust-lto-thin.patch
	riscv64-no-lto.patch
	sandbox-fork.patch
	sandbox-sched_setscheduler.patch
	sqlite-ppc.patch

	librewolf.desktop
	distribution.ini
	vendor-prefs.js
	"
# tests are hard to run
options="!check"

builddir="$srcdir"/$pkgname-${pkgver/_p/-}
_mozappdir=/usr/lib/$pkgname

# help our shared-object scanner to find the libs
ldpath="$_mozappdir"
sonameprefix="$pkgname:"

# secfixes:
#   103.0-r0:
#     - CVE-2022-2505
#     - CVE-2022-36314
#     - CVE-2022-36315
#     - CVE-2022-36316
#     - CVE-2022-36317
#     - CVE-2022-36318
#     - CVE-2022-36319
#     - CVE-2022-36320
#   102.0-r0:
#     - CVE-2022-2200
#     - CVE-2022-34468
#     - CVE-2022-34469
#     - CVE-2022-34470
#     - CVE-2022-34471
#     - CVE-2022-34472
#     - CVE-2022-34473
#     - CVE-2022-34474
#     - CVE-2022-34475
#     - CVE-2022-34476
#     - CVE-2022-34477
#     - CVE-2022-34478
#     - CVE-2022-34479
#     - CVE-2022-34480
#     - CVE-2022-34481
#     - CVE-2022-34482
#     - CVE-2022-34483
#     - CVE-2022-34484
#     - CVE-2022-34485
#   101.0-r0:
#     - CVE-2022-1919
#     - CVE-2022-31736
#     - CVE-2022-31737
#     - CVE-2022-31738
#     - CVE-2022-31739
#     - CVE-2022-31740
#     - CVE-2022-31741
#     - CVE-2022-31742
#     - CVE-2022-31743
#     - CVE-2022-31744
#     - CVE-2022-31745
#     - CVE-2022-31747
#     - CVE-2022-31748
#   100.0.2-r0:
#     - CVE-2022-1529
#     - CVE-2022-1802
#   100.0-r0:
#     - CVE-2022-29909
#     - CVE-2022-29910
#     - CVE-2022-29911
#     - CVE-2022-29912
#     - CVE-2022-29914
#     - CVE-2022-29915
#     - CVE-2022-29916
#     - CVE-2022-29917
#     - CVE-2022-29918
#   99.0-r0:
#     - CVE-2022-1097
#     - CVE-2022-24713
#     - CVE-2022-28281
#     - CVE-2022-28282
#     - CVE-2022-28283
#     - CVE-2022-28284
#     - CVE-2022-28285
#     - CVE-2022-28286
#     - CVE-2022-28287
#     - CVE-2022-28288
#     - CVE-2022-28289
#   98.0-r0:
#     - CVE-2022-0843
#     - CVE-2022-26381
#     - CVE-2022-26382
#     - CVE-2022-26383
#     - CVE-2022-26384
#     - CVE-2022-26385
#     - CVE-2022-26387
#   97.0.2-r0:
#     - CVE-2022-26485
#     - CVE-2022-26486
#   97.0-r0:
#     - CVE-2021-4140
#     - CVE-2022-0511
#     - CVE-2022-22736
#     - CVE-2022-22737
#     - CVE-2022-22738
#     - CVE-2022-22739
#     - CVE-2022-22740
#     - CVE-2022-22741
#     - CVE-2022-22742
#     - CVE-2022-22743
#     - CVE-2022-22744
#     - CVE-2022-22745
#     - CVE-2022-22746
#     - CVE-2022-22747
#     - CVE-2022-22748
#     - CVE-2022-22749
#     - CVE-2022-22750
#     - CVE-2022-22751
#     - CVE-2022-22752
#     - CVE-2022-22753
#     - CVE-2022-22754
#     - CVE-2022-22755
#     - CVE-2022-22756
#     - CVE-2022-22757
#     - CVE-2022-22758
#     - CVE-2022-22759
#     - CVE-2022-22760
#     - CVE-2022-22761
#     - CVE-2022-22762
#     - CVE-2022-22764
#   95.0-r0:
#     - CVE-2021-43536
#     - CVE-2021-43537
#     - CVE-2021-43538
#     - CVE-2021-43539
#     - CVE-2021-43540
#     - CVE-2021-43541
#     - CVE-2021-43542
#     - CVE-2021-43543
#     - CVE-2021-43544
#     - CVE-2021-43545
#     - CVE-2021-43546
#   94.0-r0:
#     - CVE-2021-38503
#     - CVE-2021-38504
#     - CVE-2021-38505
#     - CVE-2021-38506
#     - CVE-2021-38507
#     - CVE-2021-38508
#     - CVE-2021-38509
#     - CVE-2021-38510
#   93.0-r0:
#     - CVE-2021-32810
#     - CVE-2021-38496
#     - CVE-2021-38497
#     - CVE-2021-38498
#     - CVE-2021-38499
#     - CVE-2021-38500
#     - CVE-2021-38501
#   92.0.1-r0:
#     - CVE-2021-29980
#     - CVE-2021-29981
#     - CVE-2021-29982
#     - CVE-2021-29983
#     - CVE-2021-29984
#     - CVE-2021-29985
#     - CVE-2021-29986
#     - CVE-2021-29987
#     - CVE-2021-29988
#     - CVE-2021-29989
#     - CVE-2021-29990
#     - CVE-2021-29991
#     - CVE-2021-29993
#     - CVE-2021-38491
#     - CVE-2021-38492
#     - CVE-2021-38493
#     - CVE-2021-38494
#   90.0-r0:
#     - CVE-2021-29970
#     - CVE-2021-29972
#     - CVE-2021-29974
#     - CVE-2021-29975
#     - CVE-2021-29976
#     - CVE-2021-29977
#     - CVE-2021-30547
#   89.0-r0:
#     - CVE-2021-29959
#     - CVE-2021-29960
#     - CVE-2021-29961
#     - CVE-2021-29962
#     - CVE-2021-29963
#     - CVE-2021-29965
#     - CVE-2021-29966
#     - CVE-2021-29967
#   88.0.1-r0:
#     - CVE-2021-29952
#   88.0-r0:
#     - CVE-2021-23994
#     - CVE-2021-23995
#     - CVE-2021-23996
#     - CVE-2021-23997
#     - CVE-2021-23998
#     - CVE-2021-23999
#     - CVE-2021-24000
#     - CVE-2021-24001
#     - CVE-2021-24002
#     - CVE-2021-29944
#     - CVE-2021-29945
#     - CVE-2021-29946
#     - CVE-2021-29947
#   87.0-r0:
#     - CVE-2021-23968
#     - CVE-2021-23969
#     - CVE-2021-23970
#     - CVE-2021-23971
#     - CVE-2021-23972
#     - CVE-2021-23973
#     - CVE-2021-23974
#     - CVE-2021-23975
#     - CVE-2021-23976
#     - CVE-2021-23977
#     - CVE-2021-23978
#     - CVE-2021-23979
#     - CVE-2021-23981
#     - CVE-2021-23982
#     - CVE-2021-23983
#     - CVE-2021-23984
#     - CVE-2021-23985
#     - CVE-2021-23986
#     - CVE-2021-23987
#     - CVE-2021-23988
#   85.0-r0:
#     - CVE-2021-23954
#     - CVE-2021-23955
#     - CVE-2021-23956
#     - CVE-2021-23957
#     - CVE-2021-23958
#     - CVE-2021-23959
#     - CVE-2021-23960
#     - CVE-2021-23961
#     - CVE-2021-23962
#     - CVE-2021-23963
#     - CVE-2021-23964
#     - CVE-2021-23965
#   84.0.2-r0:
#     - CVE-2020-16044
#   84.0.1-r0:
#     - CVE-2020-16042
#     - CVE-2020-26971
#     - CVE-2020-26972
#     - CVE-2020-26973
#     - CVE-2020-26974
#     - CVE-2020-26975
#     - CVE-2020-26976
#     - CVE-2020-26977
#     - CVE-2020-26978
#     - CVE-2020-26979
#     - CVE-2020-35111
#     - CVE-2020-35112
#     - CVE-2020-35113
#     - CVE-2020-35114
#   83.0-r0:
#     - CVE-2020-15999
#     - CVE-2020-16012
#     - CVE-2020-26952
#     - CVE-2020-26953
#     - CVE-2020-26954
#     - CVE-2020-26955
#     - CVE-2020-26956
#     - CVE-2020-26957
#     - CVE-2020-26958
#     - CVE-2020-26959
#     - CVE-2020-26960
#     - CVE-2020-26961
#     - CVE-2020-26962
#     - CVE-2020-26963
#     - CVE-2020-26964
#     - CVE-2020-26965
#     - CVE-2020-26966
#     - CVE-2020-26967
#     - CVE-2020-26968
#     - CVE-2020-26969
#   82.0.3-r0:
#     - CVE-2020-26950
#   82.0-r0:
#     - CVE-2020-15254
#     - CVE-2020-15680
#     - CVE-2020-15681
#     - CVE-2020-15682
#     - CVE-2020-15683
#     - CVE-2020-15684
#     - CVE-2020-15969
#   81.0-r0:
#     - CVE-2020-15673
#     - CVE-2020-15674
#     - CVE-2020-15675
#     - CVE-2020-15676
#     - CVE-2020-15677
#     - CVE-2020-15678
#   80.0-r0:
#     - CVE-2020-6829
#     - CVE-2020-12400
#     - CVE-2020-12401
#     - CVE-2020-15663
#     - CVE-2020-15664
#     - CVE-2020-15665
#     - CVE-2020-15666
#     - CVE-2020-15667
#     - CVE-2020-15668
#     - CVE-2020-15670
#   79.0-r0:
#     - CVE-2020-6463
#     - CVE-2020-6514
#     - CVE-2020-15652
#     - CVE-2020-15653
#     - CVE-2020-15654
#     - CVE-2020-15655
#     - CVE-2020-15656
#     - CVE-2020-15657
#     - CVE-2020-15658
#     - CVE-2020-15659
#   78.0-r0:
#     - CVE-2020-12415
#     - CVE-2020-12416
#     - CVE-2020-12417
#     - CVE-2020-12418
#     - CVE-2020-12419
#     - CVE-2020-12420
#     - CVE-2020-12402
#     - CVE-2020-12421
#     - CVE-2020-12422
#     - CVE-2020-12423
#     - CVE-2020-12424
#     - CVE-2020-12425
#     - CVE-2020-12426
#   77.0-r0:
#     - CVE-2020-12399
#     - CVE-2020-12405
#     - CVE-2020-12406
#     - CVE-2020-12407
#     - CVE-2020-12408
#     - CVE-2020-12409
#     - CVE-2020-12411
#   76.0-r0:
#     - CVE-2020-6831
#     - CVE-2020-12387
#     - CVE-2020-12388
#     - CVE-2020-12389
#     - CVE-2020-12390
#     - CVE-2020-12391
#     - CVE-2020-12392
#     - CVE-2020-12393
#     - CVE-2020-12394
#     - CVE-2020-12395
#     - CVE-2020-12396
#   75.0-r0:
#     - CVE-2020-6821
#     - CVE-2020-6822
#     - CVE-2020-6823
#     - CVE-2020-6824
#     - CVE-2020-6825
#     - CVE-2020-6826
#   74.0.1-r0:
#     - CVE-2020-6819
#     - CVE-2020-6820
#   74.0-r0:
#     - CVE-2020-6805
#     - CVE-2020-6806
#     - CVE-2020-6807
#     - CVE-2020-6808
#     - CVE-2020-6809
#     - CVE-2020-6810
#     - CVE-2020-6811
#     - CVE-2019-20503
#     - CVE-2020-6812
#     - CVE-2020-6813
#     - CVE-2020-6814
#     - CVE-2020-6815
#   71.0.1-r0:
#     - CVE-2019-17016
#     - CVE-2019-17017
#     - CVE-2019-17020
#     - CVE-2019-17022
#     - CVE-2019-17023
#     - CVE-2019-17024
#     - CVE-2019-17025
#     - CVE-2019-17026
#   70.0-r0:
#     - CVE-2018-6156
#     - CVE-2019-15903
#     - CVE-2019-11757
#     - CVE-2019-11759
#     - CVE-2019-11760
#     - CVE-2019-11761
#     - CVE-2019-11762
#     - CVE-2019-11763
#     - CVE-2019-11764
#     - CVE-2019-11765
#     - CVE-2019-17000
#     - CVE-2019-17001
#     - CVE-2019-17002
#   68.0.2-r0:
#     - CVE-2019-11733

# we need this because cargo verifies checksums of all files in vendor
# crates when it builds and gives us no way to override or update the
# file sanely... so just clear out the file list
_clear_vendor_checksums() {
	sed -i 's/\("files":{\)[^}]*/\1/' third_party/rust/$1/.cargo-checksum.json
}

prepare() {
	default_prepare

	export CFLAGS="${CFLAGS/-fstack-clash-protection/} -g0 -O2"
	export CXXFLAGS="${CXXFLAGS/-fstack-clash-protection/} -g0 -O2 -Wno-deprecated-builtins -Wno-deprecated-declarations"

	_clear_vendor_checksums audio_thread_priority

	cat > base-mozconfig <<-EOF
	ac_add_options --with-app-name=$pkgname
	export MOZ_APP_REMOTINGNAME=$pkgname
	ac_add_options --with-branding=browser/branding/librewolf

	# disable unwanted things
	ac_add_options --disable-bootstrap
	ac_add_options --disable-cargo-incremental
	ac_add_options --disable-crashreporter
	ac_add_options --disable-debug
	ac_add_options --disable-debug-symbols
	ac_add_options --disable-install-strip
	ac_add_options --disable-jemalloc
	ac_add_options --disable-strip
	ac_add_options --disable-tests
	ac_add_options --disable-updater
	mk_add_options MOZ_CRASHREPORTER=0
	mk_add_options MOZ_DATA_REPORTING=0
	mk_add_options MOZ_SERVICES_HEALTHREPORT=0
	mk_add_options MOZ_TELEMETRY_REPORTING=0

	# features
	ac_add_options --enable-alsa
	ac_add_options --enable-dbus
	ac_add_options --enable-default-toolkit=cairo-gtk3-wayland
	ac_add_options --enable-ffmpeg
	ac_add_options --enable-hardening
	ac_add_options --enable-linker=lld
	ac_add_options --enable-necko-wifi
	ac_add_options --enable-optimize="$CFLAGS"
	ac_add_options --enable-pulseaudio
	ac_add_options --enable-release
	ac_add_options --enable-update-channel=release

	# system libs
	ac_add_options --enable-system-pixman
	ac_add_options --with-system-ffi
	ac_add_options --with-system-icu
	ac_add_options --with-system-jpeg
	ac_add_options --with-system-libevent
	ac_add_options --with-system-libvpx
	ac_add_options --with-system-nspr
	ac_add_options --with-system-nss
	ac_add_options --with-system-png
	ac_add_options --with-system-webp
	ac_add_options --with-system-zlib

	# misc
	ac_add_options --allow-addon-sideload
	ac_add_options --prefix=/usr
	ac_add_options --with-distribution-id=org.alpinelinux
	ac_add_options --with-libclang-path=/usr/lib
	ac_add_options --with-unsigned-addon-scopes=app,system
	ac_add_options --with-wasi-sysroot=/usr/share/wasi-sysroot
	ac_add_options --host=$CHOST
	ac_add_options --target=$CTARGET

	# objdir
	mk_add_options MOZ_OBJDIR="$builddir/obj"

	mk_add_options RUSTFLAGS="$RUSTFLAGS"
	EOF
}

build() {
	export MOZ_BUILD_DATE="$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y%m%d%H%M%S")"

	# for lto
	ulimit -n 4096

	# can't be set here and fail
	unset RUSTFLAGS

	local thinlto_jobs=${JOBS:-1}
	local link_threads=${JOBS:-1}

	case "$CARCH" in
	# on this platform, lld seems to not utilise >1 threads for thinlto for some reason.
	# at the same time, having more than 8 also crashes lld for librewolf buildsystems (why?).
	aarch64)
		if [ $thinlto_jobs -gt 8 ]; then
			thinlto_jobs=8
		fi
		;;
	esac

	case "$CARCH" in
	arm*|x86)
		link_threads=1
		;;
	esac

	export LDFLAGS="$LDFLAGS -Wl,--thinlto-jobs=$thinlto_jobs -Wl,--threads=$link_threads"

	export SHELL=/bin/sh
	export USE_SHORT_LIBNAME=1
	export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system
	export MOZBUILD_STATE_PATH="$srcdir"/mozbuild
	# disable desktop notifications
	export MOZ_NOSPAM=1
	# Find our triplet JSON
	export RUST_TARGET="$CTARGET"

	# has to be same version or older than lld
	export CC="clang-$_llvmver"
	export CXX="clang++-$_llvmver"

	# set rpath so linker finds the libs
	export LDFLAGS="$LDFLAGS -Wl,-rpath,$_mozappdir"

	# let librewolf do this itself.
	unset CARGO_PROFILE_RELEASE_OPT_LEVEL
	unset CARGO_PROFILE_RELEASE_LTO

	case "$CARCH" in
	aarch64|x86_64|ppc64le)
		msg "building instrumented $pkgname"
		cat > mozconfig base-mozconfig - <<-EOF
		ac_add_options --enable-profile-generate=cross
		EOF
		./mach build
		./mach package

		msg "profiling $pkgname"

		LLVM_PROFDATA=llvm-profdata \
		JARLOG_FILE="$PWD"/jarlog \
		GDK_BACKEND=x11 \
		LD_LIBRARY_PATH="$PWD"/obj/dist/$pkgname \
		XDG_RUNTIME_DIR="$(mktemp -d "$builddir/pgo-runtime-XXXXXX")" \
		MOZ_ENABLE_WAYLAND=0 \
		xvfb-run -a -s "-screen 0 1920x1080x24 -nolisten local" \
		dbus-run-session -- \
		./mach python build/pgo/profileserver.py

		test -s merged.profdata
		test -s jarlog

		./mach clobber

		msg "building optimised $pkgname"
		cat > mozconfig base-mozconfig - <<-EOF
		ac_add_options --enable-lto=cross
		ac_add_options --enable-profile-use=cross
		ac_add_options --with-pgo-profile-path="$PWD"/merged.profdata
		ac_add_options --with-pgo-jarlog="$PWD"/jarlog
		EOF
		./mach build
		;;
	armv7|x86|riscv64)
		# no pgo here as it uses too much memory/broken on riscv
		msg "building regular $pkgname"
		cat > mozconfig base-mozconfig - <<-EOF
		ac_add_options --disable-profiling
		EOF
		./mach build
		;;
	*)
		msg "implement build for $CARCH"
		exit 1
	esac
}

package() {
	DESTDIR="$pkgdir" ./mach install

	local _png
	for _png in ./browser/branding/librewolf/default*.png; do
		local i=${_png%.png}
		i=${i##*/default}
		install -d "$pkgdir"/usr/share/icons/hicolor/"$i"x"$i"/apps/
		ln -s "$_mozappdir"/browser/chrome/icons/default/default"$i".png \
			"$pkgdir"/usr/share/icons/hicolor/"$i"x"$i"/apps/$pkgname.png
	done

	case "$CARCH" in
	x86|arm*) ;;
	*) patchelf --add-needed libscudo.so "$pkgdir"/usr/lib/$pkgname/$pkgname ;;
	esac

	install -Dm644 browser/branding/librewolf/content/about-logo.png \
		"$pkgdir"/usr/share/icons/hicolor/192x192/apps/$pkgname.png
	install -Dm644 browser/branding/librewolf/content/about-logo@2x.png \
		"$pkgdir"/usr/share/icons/hicolor/384x384/apps/$pkgname.png
	install -Dm644 browser/branding/librewolf/content/about-logo.svg \
		"$pkgdir"/usr/share/icons/hicolor/scalable/apps/$pkgname.svg

	install -Dm644 "$srcdir"/librewolf.desktop \
		"$pkgdir"/usr/share/applications/$pkgname.desktop

	install -Dm644 "$srcdir"/distribution.ini \
		"$pkgdir"/$_mozappdir/distribution/distribution.ini

	# install our vendor prefs
	install -Dm644 "$srcdir"/vendor-prefs.js \
		"$pkgdir"/$_mozappdir/browser/defaults/preferences/vendor.js

	# Replace duplicate binary with wrapper
	# https://bugzilla.mozilla.org/show_bug.cgi?id=658850
	install -Dm755 /dev/stdin "$pkgdir"/usr/bin/$pkgname <<- EOF
	#!/bin/sh
	exec $_mozappdir/$pkgname "\$@"
	EOF
	rm "$pkgdir"/$_mozappdir/$pkgname-bin
	ln -sfv /usr/bin/$pkgname "$pkgdir"/$_mozappdir/$pkgname-bin
}

intl() {
	pkgdesc="$pkgname - International ICU data"
	depends="icu-data-full"
	install_if="$pkgname=$pkgver-r$pkgrel icu"
	mkdir -p "$subpkgdir"
}

sha512sums="
0f1454db9518c70f69d67790600d30138a1666b16a3ae61f1aa47094568d430d3b62e5452aaeff3aa9897b818eecf4266f387be04083c487c355f4d502573460  librewolf-128.0.3_p2.tar.gz
19eea840aa9c1c21e7bd1f832ec078989fe6f08fca40baa271be7e74f1cffeb5ab8d3218a93e664b8d90a41506dede524e2a5174cd47580866109bc6711ea969  fix-fortify-system-wrappers.patch
cd68b89e29e5f6379fbd5679db27b9a5ef70ea65e51c0d0a8137e1f1fd210e35a8cfb047798e9549bc7275606d7ec5c8d8af1335d29da4699db7acd8bc7ff556  fix-rust-target.patch
305c874fdea3096e9c4c6aa6520ac64bb1c347c4b59db8360096646593fe684c3b5377874d91cecd33d56d1410b4714fbdea2b514923723ecbeff79d51265d9b  fix-webrtc-glibcisms.patch
b7a2beef126569d71242198f2503bb6a32acd1ea89080ef7bed6ba0f0d10819282c2c346c6f729d81cd90e328e607b88acaac8785ed057cc8cb562e315890334  force-can-use-pack-relative-relocs.patch
0f6c1f4b32b2f501c03db14b67a94419acf1ac58a5ea9efeacd47dc85d73194e479efcf056949c74a0ef9deebc2ba178564bec45dba871fabfc5c909123e003d  icu74.patch
e75daab5573ec6e28d3940a9bb98304d572dfb26ce7c1709e99fdd75dfa58abce170c96de683f8dc2224ea2e118aa7d78affbd54f99c4e328a4641685d64bd7d  lfs64.patch
be6647a7e86363df7f57dff74acb0b6364a6d6927c99a88f3e35c6dedf82f1fe1511d362d0995868de5b842eb1f391bb8d17a89ae6f568a86a4dfd5b20499174  nrappkit-qsort.patch
c0437a6753f3f350968fa12d250efdfe1bea77baf0e4c06b072b5cc9e78c774dbf4506bc536337030d349fb3ba4460097b75b0c7c5b8fb2d39d8b0a392948936  no-ccache-stats.patch
ea9ca4bae9c56497ec6de6ba8599e8428c6ba623c71ea9e40655970102c70b9407dc4e8403d068781174b15e03ab484a89463c9e8623cfac32d82fbbe43cb65e  ppc-musttail.patch
4de65266f5fc1c5bf1d7cd00a0e4728a1ec96b7680b5ea72d6e9ed463b7a0bba11792b3411d25ef1e26f62408eb7f8b06dc62209dbb0454c779d8858d8d59725  python-deps.patch
1c6918dd6655d3a1251bfd4af2e1c561cbb00d540a883b4c1ebf7f5de530d754d9ac07b4b5f56cdab6c511d25c8910ec94043f5733e97501a67abffe1bafaeb1  rust-lto-thin.patch
b12dbff6513ac8c231d91c257a9accecc034d9ea9c31d99ca0454334ccf80fe7b50d6a356182dc46a9f25064366ea9a177f463cb2544b1cf5368ee6bd71bc095  riscv64-no-lto.patch
2518f2fc75b5db30058e0735f47d60fdf1e7adfaeee4b33fb2afb1bd9a616ce943fd88f4404d0802d4083703f4acf1d5ad42377218d025bc768807fbaf7e1609  sandbox-fork.patch
f8c3555ef6207933cbffbf4fc101a9b4c0d2990c0063162f0f0bde70ef0b46f86bfac42e7110695183424a87948de593f3927b2d8509ede3e4fc7bd8a1fad1ce  sandbox-sched_setscheduler.patch
67bc0be3da973e6859256bf9be4df7100837430e6076fc0bd623f504c35e02e6c191e9c5a3a1d202e5ad4d89f874f254a09e164e39c7bfd97bbc8d4c8d0632a5  sqlite-ppc.patch
73e9c51977d1a675c38fafeaa7478499d002d0dbfc8741ed7d9810ac39fb190870bd3295b86f7c9f7e8191f0fda7b7d6454d0a4cc1d7c61f3810a4d3a165180f  librewolf.desktop
b6ceaf541ecb16a91398e1f629c7479e37c42c467e78980895ade8fe16feeb307ead50c839bac72f18bf74b7be46382c431a1361b3194cf3dffc6d58d67f82e5  distribution.ini
c0e59dd38cb30a3adfa904dd8a7dbcaa7336ccd30b82eb84985777da3ee94832922f806a128490ae0976c9d15126d756d488389fcbb1f08e5ff394f405ec1a13  vendor-prefs.js
"