diff options
Diffstat (limited to 'libre/iceweasel/9002-FSDG-preference-defaults.patch')
| -rw-r--r-- | libre/iceweasel/9002-FSDG-preference-defaults.patch | 374 |
1 files changed, 374 insertions, 0 deletions
diff --git a/libre/iceweasel/9002-FSDG-preference-defaults.patch b/libre/iceweasel/9002-FSDG-preference-defaults.patch new file mode 100644 index 000000000..667c55e99 --- /dev/null +++ b/libre/iceweasel/9002-FSDG-preference-defaults.patch @@ -0,0 +1,374 @@ +From 2fec68a4597270e7fce1c0a4e3a328be4766a2d3 Mon Sep 17 00:00:00 2001 +From: grizzlyuser <grizzlyuser@protonmail.com> +Date: Sun, 4 Apr 2021 13:09:05 +0300 +Subject: [PATCH 1/5] geolocation: Disable API and remove Google API URLs + +The idea for Iceweasel is to reference only services which can be +self-hosted using 100% free software stack. + +At the moment, upstream uses Google Geolocation API by default for +release builds. There's also a special configuration for Nightly and +early Beta builds to use Mozilla Location Services. Since I couldn't find +the source code of Google Geolocation API, let's assume it's nonfree. +So removed the URLs. + +Mozilla Location Services need further evaluation. But as we don't ship +Nightly or Beta builds and strive to stick as close to upstream as +possible while keeping the SW stack 100% free, release builds don't have +any valid geolocation provider, so let's disable geolocation API by +default for now. +--- + modules/libpref/init/all.js | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml +index 5632486c69..b977858e04 100644 +--- a/modules/libpref/init/StaticPrefList.yaml ++++ b/modules/libpref/init/StaticPrefList.yaml +@@ -5616,7 +5616,7 @@ + # Is support for Navigator.geolocation enabled? + - name: geo.enabled + type: bool +- value: true ++ value: false + mirror: always + + # Time, in milliseconds, to wait for the location provider to spin up. +diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js +index af04cba691..514f750a23 100644 +--- a/modules/libpref/init/all.js ++++ b/modules/libpref/init/all.js +@@ -3094,7 +3094,7 @@ pref("network.psl.onUpdate_notify", false); + + // All the Geolocation preferences are here. + // +-pref("geo.provider.network.url", "https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%"); ++pref("geo.provider.network.url", ""); + + // Timeout to wait before sending the location request. + pref("geo.provider.network.timeToWaitBeforeSending", 5000); +-- +2.41.0 + + +From 413f141022f562beb53ed87370146a123872f35b Mon Sep 17 00:00:00 2001 +From: grizzlyuser <grizzlyuser@protonmail.com> +Date: Sun, 4 Apr 2021 13:49:05 +0300 +Subject: [PATCH 2/5] Disable banners and remove URLs for mobile apps on + about:protections page + +--- + browser/app/profile/firefox.js | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js +index a7d255df89..801816dc41 100644 +--- a/browser/app/profile/firefox.js ++++ b/browser/app/profile/firefox.js +@@ -1955,7 +1955,7 @@ pref("browser.contentblocking.report.monitor.enabled", false); + pref("browser.contentblocking.report.proxy.enabled", false); + + // Disable the mobile promotion by default. +-pref("browser.contentblocking.report.show_mobile_app", true); ++pref("browser.contentblocking.report.show_mobile_app", false); + + // Locales in which Send to Device emails are supported + // The most recent list of supported locales can be found at https://github.com/mozilla/bedrock/blob/6a08c876f65924651554decc57b849c00874b4e7/bedrock/settings/base.py#L963 +@@ -1989,7 +1989,7 @@ pref("browser.promo.cookiebanners.enabled", false); + // Set to true for Fx113 (see bug 1808611) + pref("browser.promo.cookiebanners.enabled", false); + +-pref("browser.contentblocking.report.hide_vpn_banner", false); ++pref("browser.contentblocking.report.hide_vpn_banner", true); + pref("browser.contentblocking.report.vpn_sub_id", "sub_HrfCZF7VPHzZkA"); + + pref("browser.contentblocking.report.monitor.url", "https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections"); +@@ -2000,12 +2000,12 @@ pref("browser.contentblocking.report.monitor.home_page_url", "https://monitor.fi + pref("browser.contentblocking.report.manage_devices.url", "https://accounts.firefox.com/settings/clients"); + pref("browser.contentblocking.report.endpoint_url", "https://monitor.firefox.com/user/breach-stats?includeResolved=true"); + pref("browser.contentblocking.report.proxy_extension.url", "https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-protections&utm_content=about-protections"); +-pref("browser.contentblocking.report.mobile-ios.url", "https://apps.apple.com/app/firefox-private-safe-browser/id989804926"); +-pref("browser.contentblocking.report.mobile-android.url", "https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_report%26utm_content%3Dmobile_promotion"); +-pref("browser.contentblocking.report.vpn.url", "https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-protections-card"); +-pref("browser.contentblocking.report.vpn-promo.url", "https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-protections-top-promo"); +-pref("browser.contentblocking.report.vpn-android.url", "https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-browser%26utm_medium%3Dfirefox-browser%26utm_campaign%3Dabout-protections-mobile-vpn%26anid%3D--"); +-pref("browser.contentblocking.report.vpn-ios.url", "https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738"); ++pref("browser.contentblocking.report.mobile-ios.url", ""); ++pref("browser.contentblocking.report.mobile-android.url", ""); ++pref("browser.contentblocking.report.vpn.url", ""); ++pref("browser.contentblocking.report.vpn-promo.url", ""); ++pref("browser.contentblocking.report.vpn-android.url", ""); ++pref("browser.contentblocking.report.vpn-ios.url", ""); + + // Protection Report's SUMO urls + pref("browser.contentblocking.report.lockwise.how_it_works.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report"); +-- +2.41.0 + + +From 275785d94093d5c2dd46739484a2744642df357f Mon Sep 17 00:00:00 2001 +From: grizzlyuser <grizzlyuser@protonmail.com> +Date: Tue, 17 Jan 2023 21:59:51 +0100 +Subject: [PATCH 3/5] FSDG: Remove some references to AMO + +* addons.mozilla.org (AMO) is a third-party repository, not compatible + with the FSDG, because it is not committed to only including free + software, see [1]. The work to remove the references to it from + Iceweasel right now is far from being complete. +* Remove URLs to services.addons.mozilla.org as one of these URLs is + used to fetch recommendations from AMO after the click on Extensions + button from the toolbar. +* Disable abuse reporting functionality as it uses the API on the same + hostname. Sanity check during build preparation should verify this + hostname is not available in the sources, and make it clear the patch + needs reworking when that check fails. +* Remove AMO URL to fetch langpacks. These are for Firefox, and Parabola + has Iceweasel langpacks anyway. +* Remove some AMO URLs from mobile.js. There's no Android version of + Iceweasel AFAIK, but these are some steps towards total removal of + references to AMO. +* Remove some AMO related preferences from vendor.js.in and patch them + directly in the sources, to avoid the rotting and to get notified + quickly when Mozilla introduces any changes to them in the future. + +[1] https://labs.parabola.nu/issues/2409#note-4 +--- + browser/app/profile/firefox.js | 12 ++++++------ + mobile/android/app/geckoview-prefs.js | 8 ++++---- + modules/libpref/init/all.js | 8 ++++---- + 3 files changed, 14 insertions(+), 14 deletions(-) + +diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js +index 801816dc41..9c2562ff23 100644 +--- a/browser/app/profile/firefox.js ++++ b/browser/app/profile/firefox.js +@@ -33,12 +33,12 @@ pref("extensions.postDownloadThirdPartyPrompt", true); + + // Preferences for AMO integration + pref("extensions.getAddons.cache.enabled", true); +-pref("extensions.getAddons.get.url", "https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%"); +-pref("extensions.getAddons.search.browseURL", "https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%"); +-pref("extensions.getAddons.link.url", "https://addons.mozilla.org/%LOCALE%/firefox/"); +-pref("extensions.getAddons.langpacks.url", "https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%"); +-pref("extensions.getAddons.discovery.api_url", "https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%"); +-pref("extensions.getAddons.browserMappings.url", "https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%"); ++pref("extensions.getAddons.get.url", ""); ++pref("extensions.getAddons.search.browseURL", "https://gnuzilla.gnu.org/mozzarella/search.php?q=%TERMS%"); ++pref("extensions.getAddons.link.url", "https://gnuzilla.gnu.org/mozzarella/"); ++pref("extensions.getAddons.langpacks.url", ""); ++pref("extensions.getAddons.discovery.api_url", ""); ++pref("extensions.getAddons.browserMappings.url", ""); + + // The URL for the privacy policy related to recommended extensions. + pref("extensions.recommendations.privacyPolicyUrl", "https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=privacy-policy-link#addons"); +diff --git a/mobile/android/app/geckoview-prefs.js b/mobile/android/app/geckoview-prefs.js +index c1983abc2b..35c24e5d43 100644 +--- a/mobile/android/app/geckoview-prefs.js ++++ b/mobile/android/app/geckoview-prefs.js +@@ -228,11 +228,11 @@ pref("extensions.experiments.enabled", false); + // Support credit cards in GV autocomplete API (bug 1691819) + pref("extensions.formautofill.addresses.capture.enabled", true); + +-pref("extensions.getAddons.browseAddons", "https://addons.mozilla.org/%LOCALE%/android/collections/4757633/mob/?page=1&collection_sort=-popularity"); ++pref("extensions.getAddons.browseAddons", ""); + pref("extensions.getAddons.cache.enabled", true); +-pref("extensions.getAddons.get.url", "https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%"); +-pref("extensions.getAddons.langpacks.url", "https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=android&type=language&appversion=%VERSION%"); +-pref("extensions.getAddons.search.browseURL", "https://addons.mozilla.org/%LOCALE%/android/search?q=%TERMS%&platform=%OS%&appver=%VERSION%"); ++pref("extensions.getAddons.get.url", ""); ++pref("extensions.getAddons.langpacks.url", ""); ++pref("extensions.getAddons.search.browseURL", ""); + + // Don't let XPIProvider install distribution add-ons; we do our own thing on mobile + pref("extensions.installDistroAddons", false); +diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js +index 514f750a23..abbf229223 100644 +--- a/modules/libpref/init/all.js ++++ b/modules/libpref/init/all.js +@@ -1851,11 +1851,11 @@ pref("services.common.uptake.sampleRate", 1); // 1% + pref("extensions.abuseReport.enabled", false); + // Whether abuse report originated from AMO should use the Firefox integrated dialog. + pref("extensions.abuseReport.amWebAPI.enabled", false); +-pref("extensions.abuseReport.url", "https://services.addons.mozilla.org/api/v4/abuse/report/addon/"); +-pref("extensions.abuseReport.amoDetailsURL", "https://services.addons.mozilla.org/api/v4/addons/addon/"); ++pref("extensions.abuseReport.url", ""); ++pref("extensions.abuseReport.amoDetailsURL", ""); + // Whether Firefox integrated abuse reporting feature should be opening the new abuse report form hosted on AMO. + pref("extensions.abuseReport.amoFormEnabled", false); +-pref("extensions.abuseReport.amoFormURL", "https://addons.mozilla.org/%LOCALE%/%APP%/feedback/addon/%addonID%/"); ++pref("extensions.abuseReport.amoFormURL", ""); + + // Blocklist preferences + pref("extensions.blocklist.enabled", true); +@@ -3158,7 +3158,7 @@ pref("extensions.webextensions.ExtensionStorageIDB.enabled", true); + // Whether to allow the inline options browser in HTML about:addons page. + pref("extensions.htmlaboutaddons.inline-options.enabled", true); + // Show recommendations on the extension and theme list views. +-pref("extensions.htmlaboutaddons.recommendations.enabled", true); ++pref("extensions.htmlaboutaddons.recommendations.enabled", false); + + // The URL for the privacy policy related to recommended add-ons. + pref("extensions.recommendations.privacyPolicyUrl", ""); +diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js +index 1f1b1cbd3e..7ea9d82cdf 100644 +--- a/browser/app/profile/firefox.js ++++ b/browser/app/profile/firefox.js +@@ -22,9 +22,9 @@ + pref("browser.hiddenWindowChromeURL", "chrome://browser/content/hiddenWindowMac.xhtml"); + + // Set add-ons abuse report related prefs specific to Firefox Desktop. +-pref("extensions.abuseReport.enabled", true); +-pref("extensions.abuseReport.amWebAPI.enabled", true); +-pref("extensions.abuseReport.amoFormEnabled", true); ++pref("extensions.abuseReport.enabled", false); ++pref("extensions.abuseReport.amWebAPI.enabled", false); ++pref("extensions.abuseReport.amoFormEnabled", false); + + // Enables some extra Extension System Logging (can reduce performance) + pref("extensions.logging.enabled", false); +-- +2.41.0 + + +From 7c742c2c0e0bd817fd646d0b83a0265c67d6c5fb Mon Sep 17 00:00:00 2001 +From: grizzlyuser <grizzlyuser@protonmail.com> +Date: Sun, 4 Jun 2023 13:16:40 +0200 +Subject: [PATCH 4/5] FSDG: Disable Contile and autoupdate of system addons + +1. Contile (see change context lines) is used to fetch sponsored top + sites, which are not controlled by Parabola and are likely to not +be committed to include only free software. +2. While system addons shipped in the source code seem to be free + software, I'm not sure if the update endpoint also returns only free +software, given that Mozilla is not committed to include only free +software in their repositories. + +As these URLs can be considered as repositories not committed to include +only free software, remove them from the source code. +--- + browser/app/profile/firefox.js | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js +index 9c2562ff23..7577fbe008 100644 +--- a/browser/app/profile/firefox.js ++++ b/browser/app/profile/firefox.js +@@ -48,8 +48,8 @@ pref("extensions.recommendations.themeRecommendationUrl", "https://color.firefox + pref("extensions.update.autoUpdateDefault", true); + + // Check AUS for system add-on updates. +-pref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); +-pref("extensions.systemAddon.update.enabled", true); ++pref("extensions.systemAddon.update.url", ""); ++pref("extensions.systemAddon.update.enabled", false); + + // Disable add-ons that are not installed by the user in all scopes by default. + // See the SCOPE constants in AddonManager.jsm for values to use here. +@@ -1603,8 +1603,8 @@ pref("prompts.defaultModalType", 3); + + pref("browser.topsites.useRemoteSetting", true); + // Fetch sponsored Top Sites from Mozilla Tiles Service (Contile) +-pref("browser.topsites.contile.enabled", true); +-pref("browser.topsites.contile.endpoint", "https://contile.services.mozilla.com/v1/tiles"); ++pref("browser.topsites.contile.enabled", false); ++pref("browser.topsites.contile.endpoint", ""); + + // Whether to enable the Share-of-Voice feature for Sponsored Topsites via Contile. + pref("browser.topsites.contile.sov.enabled", true); +-- +2.41.0 + + +From 40f5b56ba68e3f256fa3672a77efd0c1951d7e00 Mon Sep 17 00:00:00 2001 +From: grizzlyuser <grizzlyuser@protonmail.com> +Date: Tue, 26 Sep 2023 21:27:34 +0200 +Subject: [PATCH 5/5] FSDG: Disable Firefox Translations for now + +Although fully local translation is a great achievement, I'd hesitate to keep it +enabled for now, because of the following concerns: + +1. According to the FSDG [1]: + + > All information for practical use in a free distribution must be available in +source form. + + Translation models are downloaded as Remote Settings attachments, see their +paths on the attachment server, for example in [2] in the source tree. The +hostname of that server is returned by Remote Settings server, access to which +is disabled by 9001-FSDG-sync-remote-settings-with-local-dump.patch and +PKGBUILD. So in my understanding, to comply with the FSDG, the distro has to +make sources of those models available. It looks like those can be found using +info from [4], but even then... + +2. According to FSDG [3]: + + > a free system distribution cannot include free software that can only be +built by using nonfree software. + + It depends on whether those models can be considered software (or "information +for practical use" in case the FSDG is not totally precise when talking only +about software here). While the models are freely licensed [4], their README +mentions the first training pipeline [5] that lists CUDA and CUDNN in the +requirements. Both are nonfree and blocklisted in Parabola. Further research is +needed on possibility to make the models with 100% free software stack. + +3. Because calls to Remote Settings server are disabled, as mentioned above, the +models won't be downloaded anyway, and Firefox Translations feature will be +broken, so keeping it enabled would lead to poor user experience. An alternative +would be to use something like [6], but that requires additional research and +probably has the same issues with the toolchain for the models. + +[1] https://www.gnu.org/distros/free-system-distribution-guidelines.html#license-rules +[2] services/settings/dumps/main/translations-models.json +[3] https://www.gnu.org/distros/free-system-distribution-guidelines.html#complete-distros +[4] WARNING! GitHub webpage is likely to run nonfree software in user's web browser, so at least disable JavaScript when opening: https://github.com/mozilla/firefox-translations-models +[5] WARNING! GitHub webpage is likely to run nonfree software in user's web browser, so at least disable JavaScript when opening: https://github.com/mozilla/firefox-translations-training +[6] https://addons.mozilla.org/en-US/firefox/addon/translatelocally-for-firefox/ + +--- + browser/app/profile/firefox.js | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js +index f58075204d..a2ffbec390 100644 +--- a/browser/app/profile/firefox.js ++++ b/browser/app/profile/firefox.js +@@ -1882,7 +1882,7 @@ pref("browser.translation.neverForLanguages", ""); + + // Enable Firefox translations powered by the Bergamot translations + // engine https://browser.mt/. +-pref("browser.translations.enable", true); ++pref("browser.translations.enable", false); + + // Enable the new Firefox Translations Settings UI Design + pref("browser.translations.newSettingsUI.enable", false); +-- +2.42.0 + + +From e0f27816208ff4371f9de3e2a9190f1a26a4a2f8 Mon Sep 17 00:00:00 2001 +From: grizzlyuser <grizzlyuser@protonmail.com> +Date: Fri, 17 Nov 2023 20:52:18 +0100 +Subject: [PATCH] FSDG: Put a fuse, to blow up when upstream switches to + search-config-v2 + +process-json-files.py will probably need rework. +--- + modules/libpref/init/all.js | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js +index 86bfe71247..af91481d2d 100644 +--- a/modules/libpref/init/all.js ++++ b/modules/libpref/init/all.js +@@ -3462,6 +3462,8 @@ pref("browser.search.removeEngineInfobar.enabled", true); + // Enables a new search configuration style with no functional changes for the + // user. This is solely intended as a rollout button - it will go away once the + // new configuration has been rolled out. ++// ++// Extra comment, so the patch fails to apply as soon as the line below is changed upstream. + pref("browser.search.newSearchConfig.enabled", false); + + // GMPInstallManager prefs +-- +2.42.1 |