#!/usr/bin/make -f # enable verbose build messages export DH_VERBOSE=1 # enable all build hardening flags export DEB_BUILD_MAINT_OPTIONS=hardening=+all # disable lto flags, as they are for gcc, not clang export DEB_BUILD_MAINT_OPTIONS+=optimize=-lto # indicate that binary targets do not require root export DEB_RULES_REQUIRES_ROOT=no # compile with clang (gcc is currently not supported) export AR=ar export NM=nm export CC=clang-16 export CXX=clang++-16 # initial flags from dpkg-buildflags export DEB_CXXFLAGS_MAINT_STRIP=-g export CXXFLAGS=$(shell dpkg-buildflags --get CXXFLAGS) export LDFLAGS=$(shell dpkg-buildflags --get LDFLAGS) # more verbose linker output export LDFLAGS+=-Wl,--stats # extra flags to reduce warnings that aren't very useful export CXXFLAGS+=-Wno-conversion \ -Wno-unused-function \ -Wno-unused-variable \ -Wno-unused-private-field \ -Wno-deprecated-declarations \ -Wno-unknown-pragmas \ # do not optimize away null pointer safety checks export CXXFLAGS+=-fno-delete-null-pointer-checks # disable clang plugins defines=clang_use_chrome_plugins=false # use system rust export RUSTC_BOOTSTRAP=1 export CLANG_MVERS="$(shell $(CC) --version| sed -n 's/Debian clang version //p' | cut -d. -f1)" defines+=rust_sysroot_absolute=\"/usr\" defines+=rustc_version=\"$(shell rustc --version)\" defines+=enable_rust=false defines+=clang_base_path=\"/usr/lib/llvm-$(CLANG_MVERS)\" defines+=clang_version=\"$(CLANG_MVERS)\" # build using system toolchain defines+=host_toolchain=\"//build/toolchain/linux/unbundle:default\" defines+=custom_toolchain=\"//build/toolchain/linux/unbundle:default\" # set the appropriate cpu architecture DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) ifeq (i386,$(DEB_HOST_ARCH)) defines+=host_cpu=\"x86\" use_vaapi=true # temporarily disabled due to FTBFS with v112 defines+=use_v8_context_snapshot=false endif ifeq (amd64,$(DEB_HOST_ARCH)) defines+=host_cpu=\"x64\" use_vaapi=true endif ifeq (arm64,$(DEB_HOST_ARCH)) defines+=host_cpu=\"arm64\" use_vaapi=true endif ifeq (armhf,$(DEB_HOST_ARCH)) defines+=host_cpu=\"arm\" use_vaapi=false arm_use_neon=true endif # disabled features defines+=is_debug=false \ use_goma=false \ use_sysroot=false \ use_libjpeg_turbo=true \ use_custom_libcxx=false \ use_unofficial_version_number=false \ enable_vr=false \ enable_nacl=false \ simple_template_names=false \ enable_swiftshader=false \ dawn_use_swiftshader=false \ build_dawn_tests=false \ enable_nocompile_tests=false \ enable_nocompile_tests_new=false \ enable_reading_list=false \ enable_iterator_debugging=false \ enable_hangout_services_extension=false \ angle_has_histograms=false \ build_angle_perftests=false \ treat_warnings_as_errors=false \ use_qt=false \ is_cfi=false \ use_thin_lto=false \ chrome_pgo_phase=0 \ # enabled features defines+=use_gio=true \ is_official_build=true \ symbol_level=0 \ use_pulseaudio=true \ link_pulseaudio=true \ rtc_use_pipewire=true \ icu_use_data_file=true \ enable_widevine=true \ v8_enable_backtrace=true \ use_system_zlib=true \ use_system_lcms2=true \ use_system_libjpeg=true \ use_system_libpng=true \ use_system_freetype=true \ use_system_libopenjpeg2=true \ concurrent_links=1 \ proprietary_codecs=true \ ffmpeg_branding=\"Chrome\" \ disable_fieldtrial_testing_config=true \ # handle parallel build options njobs=1 ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) njobs=$(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) endif DIST := $(shell dpkg-parsechangelog -l debian/changelog | sed -n 's/^Distribution: //p') %: dh $@ # don't build armhf on build systems that lack NEON test_armhf_neon: uname -m if [ `uname -m` = "armv7l" ]; then \ grep -q 'neon\|asimd' /proc/cpuinfo || { \ echo "No NEON extension detected on armhf, refusing to build" 1>&2; \ false; \ }; \ fi override_dh_auto_configure: test_armhf_neon # verify that we're not accidentally uploading to stable-security without CVEs @echo "$(DIST)" | grep -q -- '-security' && { \ dpkg-parsechangelog -l debian/changelog | grep -q 'CVE-' || { \ echo "ERROR: security upload with no CVEs listed. You should fix that."; \ exit 1; \ } \ } || true # use system node w/out patching source; upstream hardcodes x64 in path mkdir -p third_party/node/linux/node-linux-x64/bin cp /usr/bin/node third_party/node/linux/node-linux-x64/bin # use system rollup cp -ra /usr/share/nodejs/rollup third_party/node/node_modules/ if [ ! -d third_party/node/node_modules/typescript-bak ]; then mv third_party/node/node_modules/typescript third_party/node/node_modules/typescript-bak; cp -ra third_party/devtools-frontend/src/node_modules/typescript third_party/node/node_modules/; fi # bullseye workarounds; delete this post-bullseye cp -ra /usr/share/nodejs/acorn third_party/node/node_modules/ cp -ra /usr/share/nodejs/acorn-class-fields third_party/node/node_modules/ cp -ra /usr/share/nodejs/acorn-walk third_party/node/node_modules/walk sed -i -e "s#'acorn-walk'#'walk'#" third_party/node/node_modules/rollup/dist/es/shared/rollup.js sed -i -e "s#'acorn-walk'#'walk'#" third_party/node/node_modules/rollup/dist/shared/rollup.js # output compiler information $(CXX) --version # prefer unbundled (system) libraries ./debian/scripts/unbundle override_dh_auto_build-arch: gn gen out/Release --args="$(defines)" ninja -j$(njobs) -C out/Release chrome chrome_sandbox content_shell chromedriver cp out/Release/chrome out/Release/chromium cp out/Release/content_shell out/Release/chromium-shell cp out/Release/chrome_sandbox out/Release/chrome-sandbox cp out/Release/locales/en-US.pak out/Release/resources chmod 4755 out/Release/chrome-sandbox # suid sandbox sed -e s/@@PACKAGE@@/chromium/g -e s/@@MENUNAME@@/chromium/g \ < chrome/app/resources/manpage.1.in > out/Release/chromium.1 override_dh_auto_build-indep: gn gen out/Release --args="$(defines)" ninja -j$(njobs) -C out/Release packed_resources rm -f out/Release/locales/en-US.pak override_dh_auto_install-arch: dh_auto_install # update launcher script with build information sed 's|@BUILD_DIST@|$(shell cat /etc/debian_version)|' \ < debian/scripts/chromium > debian/chromium/usr/bin/chromium # move icons into /usr/share ./debian/scripts/icons override_dh_fixperms: dh_fixperms --exclude chrome-sandbox override_dh_auto_clean: rm -rf third_party/node/linux/node-linux-x64 rm -rf out rm -rf third_party/node/node_modules/rollup # bullseye workarounds; delete this post-bullseye if [ -d third_party/node/node_modules/typescript-bak ]; then rm -rf third_party/node/node_modules/typescript; mv third_party/node/node_modules/typescript-bak third_party/node/node_modules/typescript; fi rm -rf third_party/node/node_modules/acorn rm -rf third_party/node/node_modules/acorn-class-fields rm -rf third_party/node/node_modules/walk find . -name \*.pyc -execdir rm -f {} \; dh_auto_clean ###################### upstream source downloading ############################ url=https://gsdview.appspot.com/chromium-browser-official version=$(shell dpkg-parsechangelog -S Version | sed s/-.*//) extract=chromium-$(version) tarfile=$(extract).tar tarball=$(tarfile).xz debvers=../chromium_$(version) seconds=$(debvers).seconds origtxz=$(debvers).orig.tar.xz removed=$(debvers).files-removed options=--sort=name --owner=0 --group=0 --numeric-owner --mtime="@$$(stat --format "%Y" ../$(tarball))" --clamp-mtime get-orig-source: wget -nv --show-progress -c $(url)/$(tarball) -O ../$(tarball) cp /usr/share/perl5/Devscripts/MkOrigtargz.pm debian/scripts/mk-origtargz patch -p1 < debian/scripts/mk-origtargz.patch @date +%s > $(seconds) perl debian/scripts/mk-origtargz ../$(tarball) > $(removed) @echo $$(($$(date +%s) - $$(cat $(seconds)))) seconds @echo test ! -e $(extract) || rm -rf $(extract) tar xf ../$(tarball) @echo $$(($$(date +%s) - $$(cat $(seconds)))) seconds @echo while read line; do rm -rf $$line; done < $(removed) cd $(extract) && ../debian/scripts/check-upstream @echo $$(($$(date +%s) - $$(cat $(seconds)))) seconds @echo test ! -e $(origtxz) || rm -f $(origtxz) tar $(options) -cf - $(extract) | xz -6 -T0 - > $(origtxz) @echo $$(($$(date +%s) - $$(cat $(seconds)))) seconds @echo rm -rf $(extract) @echo $$(($$(date +%s) - $$(cat $(seconds)))) seconds | tee seconds @mv -f seconds $(seconds)