From f3bf9e7e4bf104f05ca181533b92bcc130336690 Mon Sep 17 00:00:00 2001 From: bill-auger Date: Sun, 21 Jul 2019 19:10:45 -0400 Subject: [qutebrowser]: upgrade to v1.6.3 --- libre/qutebrowser/PKGBUILD | 15 ++++-- libre/qutebrowser/webkit-warning.patch | 88 ++++++++++++++++++++++++++++++++++ 2 files changed, 99 insertions(+), 4 deletions(-) create mode 100644 libre/qutebrowser/webkit-warning.patch diff --git a/libre/qutebrowser/PKGBUILD b/libre/qutebrowser/PKGBUILD index 3301e56f3..7e695be71 100644 --- a/libre/qutebrowser/PKGBUILD +++ b/libre/qutebrowser/PKGBUILD @@ -9,7 +9,7 @@ # - set webkit backend as default pkgname=qutebrowser -pkgver=1.6.2 +pkgver=1.6.3 pkgrel=1 pkgrel+=.par1 pkgdesc="A keyboard-driven, vim-like browser based on PyQt5 and QtWebKit" @@ -28,10 +28,17 @@ optdepends=("gst-libav: media playback" "pdfjs: displaying PDF in-browser") options=(!emptydirs) source=("https://github.com/qutebrowser/qutebrowser/releases/download/v$pkgver/qutebrowser-$pkgver.tar.gz" - "https://github.com/qutebrowser/qutebrowser/releases/download/v$pkgver/qutebrowser-$pkgver.tar.gz.asc") + "https://github.com/qutebrowser/qutebrowser/releases/download/v$pkgver/qutebrowser-$pkgver.tar.gz.asc" + "webkit-warning.patch") validpgpkeys=("E04E560002401B8EF0E76F0A916EB0C8FD55A072") -sha256sums=('e1f135f1ae2029557e8dab135a06e2cfae36ce624fae7b9af097c277f1cdfcfb' - 'SKIP') +sha256sums=('1ed27f8bc7ce3e0d3d1d8687de5280d0be62c899154c773a22196cba49b02a7d' + 'SKIP' + '9e65fa1a9726818de71c8aeb8c4bcbf08d4a317a8b36a1084277d49430cc1c6b') + +prepare() { + cd "$pkgname-$pkgver" + patch -Np1 < $srcdir/webkit-warning.patch +} build() { cd "$pkgname-$pkgver" diff --git a/libre/qutebrowser/webkit-warning.patch b/libre/qutebrowser/webkit-warning.patch new file mode 100644 index 000000000..3adf13cb3 --- /dev/null +++ b/libre/qutebrowser/webkit-warning.patch @@ -0,0 +1,88 @@ +diff --git a/qutebrowser/html/warning-webkit.html b/qutebrowser/html/warning-webkit.html +index 2797ea2..022a458 100644 +--- a/qutebrowser/html/warning-webkit.html ++++ b/qutebrowser/html/warning-webkit.html +@@ -2,81 +2,12 @@ + + {% block content %} +

{{ title }}

+-Note this warning will only appear once. Use :open +-qute://warning/webkit to show it again at a later time. + +

You're using qutebrowser with the QtWebKit backend.

+ +-

Unfortunately, QtWebKit hasn't seen a release (including security updates) +-since June 2017, and it also lacks various security features (process +-isolation/sandboxing) present in QtWebEngine.

++

QtWebKit lacks various security features (process isolation/sandboxing).

+ +

Because of those security issues and the maintaince burden coming with + supporting QtWebKit, support for it will be dropped in a future qutebrowser +-release. It's recommended that you use QtWebEngine instead.

+- +-

(Outdated) reasons to use QtWebKit

+-

Most reasons why people preferred the QtWebKit backend aren't relevant anymore:

+- +-

PDF.js support: This qutebrowser release comes with PDF.js support +-for QtWebEngine.

+- +-

Missing control over Referer header: This qutebrowser release +-supports content.headers.referer for QtWebEngine.

+- +-

Missing control over cookies: With Qt 5.11 or newer, the content.cookies.accept setting works on QtWebEngine.

+- +-

Graphical glitches: The new values for the qt.force_software_rendering setting added in v1.4.0 should +-hopefully help.

+- +-

Missing support for notifications: Those aren't supported yet in +-Qt, but support is planned to be added in Qt 5.13, released around May 2019.

+- +-

Resource usage: This release adds the qt.process_model and qt.low_end_device_mode settings which can be used to +-decrease the resource usage of QtWebEngine (but come with other drawbacks).

+- +-

Not trusting Google: Various people have checked the connections made +-by QtWebEngine/qutebrowser, and it doesn't make any connections to Google (or +-any other unsolicited connections at all). Arguably, having to trust Google +-also is a smaller issue than having to trust every website you visit because of +-heaps of security issues...

+- +-

Nouveau graphic driver: You can use QtWebEngine with software +-rendering. With Qt 5.13 (~May 2019) it might be possible to run with Nouveau +-without software rendering.

+- +-

Wayland: It's possible to use QtWebEngine with XWayland. Some users +-also seem to be able to run it natively with Qt 5.11, but currently, QUTE_SKIP_WAYLAND_CHECK=1 needs to be set in the +-environment to do so.

+- +-

Instability on FreeBSD: Those seem to be FreeBSD-specific crashes, +-and unfortunately nobody has looked into them yet so far...

+- +-

QtWebEngine being unavailable in ArchlinuxARM's PyQt package: +-QtWebEngine itself is available on the armv7h/aarch64 architectures, but their +-PyQt package is broken and doesn't come with QtWebEngine support. This +-has +-been reported in their forums, but without any change so far. It should +-however be possible to rebuild the PyQt package from source with QtWebEngine +-installed.

+- +-

QtWebEngine being unavailable on Parabola: Claims of Parabola +-developers about QtWebEngine being "non-free" have repeatedly been disputed, +-and so far nobody came up with solid evidence about that being the case. Also, +-note that their qutebrowser package is orphaned and was often outdated in the +-past (even qutebrowser security fixes took months to arrive there). You +-might be better off chosing an alternative install +-method.

+- +-

White flashing between loads with a custom stylesheet: This doesn't +-seem to happen with qt.process_model = single-process +-set. However, note that that setting comes with decreased security and +-stability, but QtWebKit doesn't have any process isolation at all.

++release.

+ {% endblock %} -- cgit v1.2.3