From debbugs-submit-bounces@debbugs.gnu.org Fri Oct 30 14:29:34 2020
Received: (at submit) by debbugs.gnu.org; 30 Oct 2020 18:29:34 +0000
Received: from localhost ([127.0.0.1]:59690 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kYZ9Z-0003jM-UY
	for submit@debbugs.gnu.org; Fri, 30 Oct 2020 14:29:34 -0400
Received: from lists.gnu.org ([209.51.188.17]:34172)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kYZ9W-0003jD-7C
 for submit@debbugs.gnu.org; Fri, 30 Oct 2020 14:29:32 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:49396)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <marius@gnu.org>) id 1kYZ9W-0004Ef-0l
 for guix-patches@gnu.org; Fri, 30 Oct 2020 14:29:30 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:49975)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>) id 1kYZ9V-0007mG-OB
 for guix-patches@gnu.org; Fri, 30 Oct 2020 14:29:29 -0400
Received: from ti0006q161-1594.bb.online.no ([46.9.75.77]:33656 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>) id 1kYZ9U-0005BG-Li
 for guix-patches@gnu.org; Fri, 30 Oct 2020 14:29:29 -0400
From: Marius Bakke <marius@gnu.org>
To: guix-patches@gnu.org
Subject: [PATCH 0/2] Install Chromium extensions with Guix!
Date: Fri, 30 Oct 2020 19:29:25 +0100
Message-Id: <20201030182925.5151-1-marius@gnu.org>
X-Mailer: git-send-email 2.28.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Greetings Guix,

These patches lay the groundwork for packaging Chromium extensions with
Guix.  Currently only uBlock Origin has been packaged, but adding others
should be technically straight forward.  Practically it turns out
somewhat difficult because many extensions rely on the node.js ecosystem.

Patch 1/2 adds a search path mechanism to ungoogled-chromium such that
it looks for local extensions in $CHROMIUM_EXTENSION_DIRECTORY instead
of the default "/usr/share/chromium/extensions".

Patch 2/2 adds a generic MAKE-CHROMIUM-EXTENSION procedure that turns
a <package> object containing an uncompressed extension directory into
a signed .crx file visible to Chromium through a crafted JSON file.

There is one problem with the proposed patches: extensions are not
automatically updated.  That is, updating the "ublock-origin-chromium"
package will not update the browser profile even after a browser
restart.  Worse, uninstalling the extension through Chromium will leave
you no way to install it again even after it has been updated.

Not sure if that should be a blocking issue.

I'm also not sure whether (gnu packages browser-extensions) is a good
home for the helper procedures that create signing key, etc.  Thoughts?

To aid testing I have started a build of the patched ungoogled-chromium
on ci.guix.gnu.org[*].  It should be finished by tomorrow(!).

(testers can use "chromium --user-data-dir=/tmp/foo" to avoid messing
with their regular profile)

I'm currently relocating to a new city and won't be able to follow up
on this until next week.  In the meantime, feedback very welcome!

[*] on commit eee35fe3b7cb21792b90ecbf5a834b5a3fdb6f04.

Marius Bakke (2):
  gnu: ungoogled-chromium: Add search path for installed extensions.
  gnu: Add ublock-origin-chromium.

 gnu/local.mk                                  |   2 +
 gnu/packages/browser-extensions.scm           | 274 ++++++++++++++++++
 gnu/packages/chromium.scm                     |  18 +-
 .../ungoogled-chromium-search-path.patch      |  28 ++
 4 files changed, 314 insertions(+), 8 deletions(-)
 create mode 100644 gnu/packages/browser-extensions.scm
 create mode 100644 gnu/packages/patches/ungoogled-chromium-search-path.patch

-- 
2.28.0





From debbugs-submit-bounces@debbugs.gnu.org Fri Oct 30 14:32:56 2020
Received: (at 44335) by debbugs.gnu.org; 30 Oct 2020 18:32:57 +0000
Received: from localhost ([127.0.0.1]:59706 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kYZCq-0003qV-IL
	for submit@debbugs.gnu.org; Fri, 30 Oct 2020 14:32:56 -0400
Received: from eggs.gnu.org ([209.51.188.92]:50046)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kYZCm-0003qE-QS
 for 44335@debbugs.gnu.org; Fri, 30 Oct 2020 14:32:55 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:50038)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>) id 1kYZCf-0008EH-P9
 for 44335@debbugs.gnu.org; Fri, 30 Oct 2020 14:32:45 -0400
Received: from ti0006q161-1594.bb.online.no ([46.9.75.77]:33698 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>) id 1kYZCa-0002Pz-5F
 for 44335@debbugs.gnu.org; Fri, 30 Oct 2020 14:32:43 -0400
From: Marius Bakke <marius@gnu.org>
To: 44335@debbugs.gnu.org
Subject: [PATCH 1/2] gnu: ungoogled-chromium: Add search path for installed
 extensions.
Date: Fri, 30 Oct 2020 19:32:31 +0100
Message-Id: <20201030183232.5497-1-marius@gnu.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20201030182925.5151-1-marius@gnu.org>
References: <20201030182925.5151-1-marius@gnu.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 44335
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

* gnu/packages/patches/ungoogled-chromium-search-path.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/chromium.scm (%guix-patches): New variable.
(ungoogled-chromium-snippet): Apply %GUIX-PATCHES.
(ungoogled-chromium)[arguments]: Don't hard-code extensions directory.
[native-search-paths]: New field.
---
 gnu/local.mk                                  |  1 +
 gnu/packages/chromium.scm                     | 18 ++++++------
 .../ungoogled-chromium-search-path.patch      | 28 +++++++++++++++++++
 3 files changed, 39 insertions(+), 8 deletions(-)
 create mode 100644 gnu/packages/patches/ungoogled-chromium-search-path.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 3332f10df8..4643d05049 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1641,6 +1641,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/u-boot-riscv64-fix-extlinux.patch	\
   %D%/packages/patches/ucx-tcp-iface-ioctl.patch		\
   %D%/packages/patches/udiskie-no-appindicator.patch		\
+  %D%/packages/patches/ungoogled-chromium-search-path.patch	\
   %D%/packages/patches/ungoogled-chromium-system-nspr.patch	\
   %D%/packages/patches/unison-fix-ocaml-4.08.patch		\
   %D%/packages/patches/unknown-horizons-python-3.8-distro.patch	\
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
index f32a779805..06c57acd28 100644
--- a/gnu/packages/chromium.scm
+++ b/gnu/packages/chromium.scm
@@ -334,6 +334,10 @@
      (base32
       "18p9a7qffmy8m03nqva7maalgil13lj2mn0s56v3crbs4wk4lalj"))))
 
+(define %guix-patches
+  (list (local-file (search-patch "ungoogled-chromium-system-nspr.patch"))
+        (local-file (search-patch "ungoogled-chromium-search-path.patch"))))
+
 ;; This is a source 'snippet' that does the following:
 ;; *) Applies various patches for unbundling purposes and libstdc++ compatibility.
 ;; *) Runs the ungoogled patch-, domain substitution-, and scrubbing scripts.
@@ -356,9 +360,7 @@
                       (invoke "patch" "-p1" "--force" "--input"
                               patch "--no-backup-if-mismatch"))
                     (append '#+%debian-patches '#+%arch-patches
-                            '#+(list (local-file
-                                      (search-patch
-                                       "ungoogled-chromium-system-nspr.patch")))))
+                            '#+%guix-patches))
 
           (with-directory-excursion #+%ungoogled-origin
             (format #t "Ungooglifying...~%")
@@ -571,11 +573,6 @@
                        (find-files (string-append "third_party/webrtc/modules"
                                                   "/audio_coding/codecs/opus")))
 
-             (substitute* "chrome/common/chrome_paths.cc"
-               (("/usr/share/chromium/extensions")
-                ;; TODO: Add ~/.guix-profile.
-                "/run/current-system/profile/share/chromium/extensions"))
-
              ;; Many files try to include ICU headers from "third_party/icu/...".
              ;; Remove the "third_party/" prefix to use system headers instead.
              (substitute* (find-files "chrome" "\\.cc$")
@@ -840,6 +837,11 @@
        ("udev" ,eudev)
        ("valgrind" ,valgrind)
        ("vulkan-headers" ,vulkan-headers)))
+    (native-search-paths
+     (list (search-path-specification
+            (variable "CHROMIUM_EXTENSION_DIRECTORY")
+            (separator #f)              ;single entry
+            (files '("share/chromium/extensions")))))
 
     ;; Building Chromium takes ... a very long time.  On a single core, a busy
     ;; mid-end x86 system may need more than 24 hours to complete the build.
diff --git a/gnu/packages/patches/ungoogled-chromium-search-path.patch b/gnu/packages/patches/ungoogled-chromium-search-path.patch
new file mode 100644
index 0000000000..5ef9c56b52
--- /dev/null
+++ b/gnu/packages/patches/ungoogled-chromium-search-path.patch
@@ -0,0 +1,28 @@
+Look for system-installed extensions in CHROMIUM_EXTENSION_DIRECTORY instead
+of the hard-coded /usr/share/chromium/extensions.
+
+--- a/chrome/common/chrome_paths.cc
++++ b/chrome/common/chrome_paths.cc
+@@ -4,6 +4,7 @@
+ 
+ #include "chrome/common/chrome_paths.h"
+ 
++#include "base/environment.h"
+ #include "base/files/file_util.h"
+ #include "base/logging.h"
+ #include "base/native_library.h"
+@@ -511,7 +512,13 @@
+ #endif
+ #if defined(OS_LINUX) || defined(OS_CHROMEOS)
+     case chrome::DIR_STANDALONE_EXTERNAL_EXTENSIONS: {
+-      cur = base::FilePath(kFilepathSinglePrefExtensions);
++      std::unique_ptr<base::Environment> environment(base::Environment::Create());
++      std::string extension_dir;
++      if (environment->GetVar("CHROMIUM_EXTENSION_DIRECTORY", &extension_dir)) {
++        cur = base::FilePath(extension_dir);
++      } else {
++        cur = base::FilePath(kFilepathSinglePrefExtensions);
++      }
+       break;
+     }
+ #endif
-- 
2.28.0





From debbugs-submit-bounces@debbugs.gnu.org Fri Oct 30 14:33:01 2020
Received: (at 44335) by debbugs.gnu.org; 30 Oct 2020 18:33:01 +0000
Received: from localhost ([127.0.0.1]:59708 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kYZCu-0003ql-UT
	for submit@debbugs.gnu.org; Fri, 30 Oct 2020 14:33:01 -0400
Received: from eggs.gnu.org ([209.51.188.92]:50048)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kYZCp-0003qJ-5k
 for 44335@debbugs.gnu.org; Fri, 30 Oct 2020 14:32:57 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:50040)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>) id 1kYZCj-0008EP-Us
 for 44335@debbugs.gnu.org; Fri, 30 Oct 2020 14:32:49 -0400
Received: from ti0006q161-1594.bb.online.no ([46.9.75.77]:33700 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>) id 1kYZCh-0003J3-Io
 for 44335@debbugs.gnu.org; Fri, 30 Oct 2020 14:32:49 -0400
From: Marius Bakke <marius@gnu.org>
To: 44335@debbugs.gnu.org
Subject: [PATCH 2/2] gnu: Add ublock-origin-chromium.
Date: Fri, 30 Oct 2020 19:32:32 +0100
Message-Id: <20201030183232.5497-2-marius@gnu.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20201030183232.5497-1-marius@gnu.org>
References: <20201030182925.5151-1-marius@gnu.org>
 <20201030183232.5497-1-marius@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 44335
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

* gnu/packages/browser-extensions.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
---
 gnu/local.mk                        |   1 +
 gnu/packages/browser-extensions.scm | 278 ++++++++++++++++++++++++++++
 2 files changed, 279 insertions(+)
 create mode 100644 gnu/packages/browser-extensions.scm

diff --git a/gnu/local.mk b/gnu/local.mk
index 4643d05049..f97a0cda78 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -111,6 +111,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/packages/boost.scm			\
   %D%/packages/bootloaders.scm			\
   %D%/packages/bootstrap.scm			\
+  %D%/packages/browser-extensions.scm		\
   %D%/packages/build-tools.scm			\
   %D%/packages/busybox.scm			\
   %D%/packages/c.scm				\
diff --git a/gnu/packages/browser-extensions.scm b/gnu/packages/browser-extensions.scm
new file mode 100644
index 0000000000..b6d160bee7
--- /dev/null
+++ b/gnu/packages/browser-extensions.scm
@@ -0,0 +1,278 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2020 Marius Bakke <marius@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages browser-extensions)
+  #:use-module (gcrypt base16)
+  #:use-module ((gcrypt hash) #:prefix hash:)
+  #:use-module (ice-9 iconv)
+  #:use-module (guix gexp)
+  #:use-module (guix packages)
+  #:use-module (gnu packages base)
+  #:use-module (gnu packages check)
+  #:use-module (gnu packages chromium)
+  #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages tls)
+  #:use-module (gnu packages xorg)
+  #:use-module (guix build-system trivial)
+
+  ;; Imports for extension packages.
+  #:use-module (guix git-download)
+  #:use-module (guix build-system gnu)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (gnu packages compression)
+  #:use-module (gnu packages python)
+
+  #:export (make-chromium-extension))
+
+;; Chromium requires that each package is signed with a unique key, from which
+;; the "extension ID" derives.  Currently the package name is used as seed.
+(define (make-signing-key seed)
+  "Return a derivation for a deterministic PKCS #8 private key using SEED."
+
+  (define sha256sum
+    (bytevector->base16-string (hash:sha256 (string->bytevector seed "UTF-8"))))
+
+  ;; certtool.c wants a 56 byte seed for a 2048 bit key.
+  (define size 2048)
+  (define normalized-seed (string-take sha256sum 56))
+
+  (computed-file (string-append seed "-signing-key.pem")
+                 #~(system* #$(file-append gnutls "/bin/certtool")
+                            "--generate-privkey"
+                            "--key-type=rsa"
+                            "--pkcs8"
+                            ;; Use the provable FIPS-PUB186-4 algorithm for
+                            ;; deterministic results.
+                            "--provable"
+                            "--password="
+                            "--no-text"
+                            (string-append "--bits=" #$(number->string size))
+                            (string-append "--seed=" #$normalized-seed)
+                            "--outfile" #$output)))
+
+(define* (make-crx package #:optional (chromium-output "out"))
+  ;; XXX: This is terrible.  We pull Xorg and Chromium just to pack and
+  ;; sign an extension.  This should be implemented with something lighter
+  ;; using the protobuf-based protocol (TODO: where is it documented..?).
+  (define name (package-name package))
+  (define version (package-version package))
+  (define signing-key (make-signing-key name))
+
+  (with-imported-modules '((guix build utils))
+    (computed-file
+     (string-append name "-" version ".crx")
+     #~(begin
+         (use-modules (guix build utils)
+                      (ice-9 ftw)
+                      (srfi srfi-26))
+         (let ((chromium #$(file-append ungoogled-chromium "/bin/chromium"))
+               (xvfb #$(file-append xorg-server "/bin/Xvfb"))
+               (packdir (string-append "/tmp/extension/" #$name)))
+           (mkdir-p (dirname packdir))
+           (copy-recursively (ungexp package chromium-output) packdir)
+           (system (string-append xvfb " :1 &"))
+           (setenv "DISPLAY" ":1")
+           (sleep 2)  ;give Xorg some time to initialize...
+           ;; Chromium stores the current time in the .crx Zip archive.
+           ;; Sidestep that by using "faketime" for determinism.
+           ;; FIXME (core-updates): faketime is missing an absolute reference
+           ;; to 'date', hence the need to set PATH.
+           (setenv "PATH" #$(file-append coreutils "/bin"))
+           (invoke #$(file-append libfaketime "/bin/faketime")
+                   "2000-01-01 00:00:00"
+                   chromium
+                   "--user-data-dir=/tmp/signing-profile"
+                   (string-append "--pack-extension=" packdir)
+                   (string-append "--pack-extension-key=" #$signing-key))
+           (copy-file (string-append packdir ".crx") #$output))))))
+
+(define* (package->chromium-json package #:optional (chromium-output "out"))
+  "Return a derivation that creates a JSON file for PACKAGE, meant to be
+consumed by Chromium to make the installed extension visible."
+
+  (define name (package-name package))
+  (define version (package-version package))
+  (define crx (make-crx package chromium-output))
+
+  (computed-file (string-append name "-" version ".json")
+                 #~(call-with-output-file #$output
+                     (lambda (port)
+                       ;; Documentation for the JSON format can be found in
+                       ;; extensions/common/extension.h and
+                       ;; chrome/browser/extensions/external_provider_impl.cc.
+                       (format port "
+{
+  \"external_crx\": \"~a\",
+  \"external_version\": \"~a\"
+}
+"
+                               #$crx #$version)))))
+
+
+(define (key->der key)
+  "Return a derivation for a file representation of KEY in DER format."
+  (computed-file "der"
+                 #~(system* #$(file-append gnutls "/bin/certtool")
+                            "--load-privkey" #$key
+                            "--pubkey-info"
+                            "--outfile" #$output
+                            "--outder")))
+
+(define (gexp-sha256sum file)
+  "Return a derivation for a base16 representation of the SHA256 checksum
+of FILE."
+  (with-extensions (list guile-gcrypt)
+    #~(begin
+        (use-modules (gcrypt base16) (gcrypt hash))
+        (format #f (bytevector->base16-string (file-sha256 #$file))))))
+
+(define (chromium-json->profile-object json signing-key)
+  "Return a derivation that installs JSON to the destination searched by
+Chromium, using a file name (aka extension ID) derived from SIGNING-KEY."
+  (define der (key->der signing-key))
+  (define checksum (gexp-sha256sum der))
+
+  (with-imported-modules '((guix build utils))
+    (computed-file
+     "chromium-extension"
+     #~(begin
+         (use-modules (guix build utils))
+         (define (base16-string->chromium-base16 str)
+           ;; Translate STR, a hexadecimal string, to a Chromium-style
+           ;; representation using the letters a-p (where a=0, p=15).
+           (define s1 "0123456789abcdef")
+           (define s2 "abcdefghijklmnop")
+           (let loop ((chars (string->list str))
+                      (converted '()))
+             (if (null? chars)
+                 (list->string (reverse converted))
+                 (loop (cdr chars) (cons (string-ref
+                                          s2 (string-index s1 (car chars)))
+                                         converted)))))
+
+         (let ((file-name (base16-string->chromium-base16
+                           (string-take #$checksum 32)))
+               (extension-directory (string-append #$output
+                                                   "/share/chromium/extensions")))
+           (mkdir-p extension-directory)
+           (symlink #$json (string-append extension-directory "/"
+                                          file-name ".json")))))))
+
+(define* (make-chromium-extension p #:optional (output "out"))
+  "Create a signed \".crx\" file from package P, an unpacked Chromium
+extension, and return a derivation for a package that makes the packed
+extension visible to Chromium when installed to a Guix profile.
+
+OUTPUT can be used to specify which output of P contains the Chromium
+extension directory."
+  (package
+    (inherit p)
+    (name (string-append (package-name p) "-chromium"))
+    (build-system trivial-build-system)
+    (native-inputs '())
+    (inputs
+     `(("extension" ,(chromium-json->profile-object
+                      (package->chromium-json p output)
+                      (make-signing-key (package-name p))))))
+    (propagated-inputs '())
+    (outputs '("out"))
+    (arguments
+     '(#:modules ((guix build utils))
+       #:builder
+       (begin
+         (use-modules (guix build utils))
+         (copy-recursively (assoc-ref %build-inputs "extension")
+                           (assoc-ref %outputs "out")))))))
+
+
+
+(define uassets
+  (let ((commit "95d609786680bf4cf267b1dff3f429af88040da1"))
+    (origin
+      (method git-fetch)
+      (uri (git-reference
+            (url "https://github.com/uBlockOrigin/uAssets.git")
+            (commit commit)))
+      (file-name (git-file-name "uAssets" (string-take commit 9)))
+      (sha256
+       (base32
+        "070v2g0hyxvqv77b6z404hdlggl0sq2bfhsfl4a84k93p9pwwlrq")))))
+
+(define ublock-origin
+  (package
+    (name "ublock-origin")
+    (version "1.30.8")
+    (home-page "https://github.com/gorhill/uBlock")
+    (source (origin
+              (method git-fetch)
+              (uri (git-reference (url home-page) (commit version)))
+              (file-name (git-file-name name version))
+              (sha256
+               (base32
+                "1y4dq4p4j4qrw6gfdcbpyigqjinqq3jm8r5x9h5ariiv9s8856w7"))))
+    (build-system gnu-build-system)
+    ;; XXX: The xpi and firefox outputs are currently unused, but included
+    ;; for easy testing.
+    (outputs '("xpi" "firefox" "chromium"))
+    (arguments
+     '(#:tests? #f                      ;no tests
+       #:allowed-references ()
+       #:phases
+       (modify-phases (map (lambda (phase)
+                             (assq phase %standard-phases))
+                           '(set-paths unpack patch-source-shebangs))
+         (add-after 'unpack 'link-uassets
+           (lambda* (#:key native-inputs inputs #:allow-other-keys)
+             (symlink (string-append (assoc-ref (or native-inputs inputs)
+                                                "uassets"))
+                      "../uAssets")
+             #t))
+         (add-after 'unpack 'make-files-writable
+           (lambda _
+             ;; The build system copies some files and later tries
+             ;; modifying them.
+             (for-each make-file-writable (find-files "."))
+             #true))
+         (add-after 'patch-source-shebangs 'build-xpi
+           (lambda _
+             (invoke "./tools/make-firefox.sh" "all")))
+         (add-after 'build-xpi 'build-chromium
+           (lambda _
+             (invoke "./tools/make-chromium.sh")))
+         (add-after 'build-chromium 'install
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((firefox (assoc-ref outputs "firefox"))
+                   (xpi (assoc-ref outputs "xpi"))
+                   (chromium (assoc-ref outputs "chromium")))
+               (install-file "dist/build/uBlock0.firefox.xpi"
+                             (string-append xpi "/lib/mozilla/extensions"))
+               (copy-recursively "dist/build/uBlock0.firefox" firefox)
+               (copy-recursively "dist/build/uBlock0.chromium" chromium)
+               #true))))))
+    (native-inputs
+     `(("python" ,python-wrapper)
+       ("uassets" ,uassets)
+       ("zip" ,zip)))
+    (synopsis "Block unwanted content from web sites")
+    (description
+     "uBlock Origin is a @dfn{wide spectrum blocker} for IceCat and
+ungoogled-chromium.")
+    (license license:gpl3+)))
+
+(define-public ublock-origin/chromium
+  (make-chromium-extension ublock-origin "chromium"))
-- 
2.28.0





From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 01 19:22:47 2020
Received: (at 44335) by debbugs.gnu.org; 2 Nov 2020 00:22:47 +0000
Received: from localhost ([127.0.0.1]:39028 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kZNcQ-0004lX-5F
	for submit@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:46 -0500
Received: from eggs.gnu.org ([209.51.188.92]:36022)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kZNcK-0004l9-5m
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:40 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:35372)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>) id 1kZNcE-0002y2-US
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:30 -0500
Received: from host-37-191-236-253.lynet.no ([37.191.236.253]:46724
 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>) id 1kZNcE-00076g-Ez
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:30 -0500
From: Marius Bakke <marius@gnu.org>
To: 44335@debbugs.gnu.org
Subject: [PATCH v2 0/3] Install Chromium extensions with Guix!
Date: Mon,  2 Nov 2020 01:22:25 +0100
Message-Id: <20201102002228.5971-1-marius@gnu.org>
X-Mailer: git-send-email 2.28.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 44335
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hello,

Here is an updated patch series that introduces a new module to deal
with the Chromium extension machinery.

The procedures have also been tweaked a little to reduce duplication.

I still don't know why extensions installed with Guix are not updated.
It could be that the update functionality has been patched out by
ungoogled-chromium.  More testing pending.

Marius Bakke (3):
  gnu: ungoogled-chromium: Add search path for installed extensions.
  Add (gnu build chromium-extension).
  gnu: Add ublock-origin-chromium.

 gnu/build/chromium-extension.scm              | 192 ++++++++++++++++++
 gnu/local.mk                                  |   3 +
 gnu/packages/browser-extensions.scm           | 100 +++++++++
 gnu/packages/chromium.scm                     |  18 +-
 .../ungoogled-chromium-search-path.patch      |  28 +++
 5 files changed, 333 insertions(+), 8 deletions(-)
 create mode 100644 gnu/build/chromium-extension.scm
 create mode 100644 gnu/packages/browser-extensions.scm
 create mode 100644 gnu/packages/patches/ungoogled-chromium-search-path.patch

-- 
2.28.0





From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 01 19:22:51 2020
Received: (at 44335) by debbugs.gnu.org; 2 Nov 2020 00:22:51 +0000
Received: from localhost ([127.0.0.1]:39031 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kZNcU-0004lt-Vt
	for submit@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:51 -0500
Received: from eggs.gnu.org ([209.51.188.92]:36024)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kZNcM-0004lD-56
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:42 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:35373)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>) id 1kZNcG-0002y8-Uh
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:32 -0500
Received: from host-37-191-236-253.lynet.no ([37.191.236.253]:46726
 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>) id 1kZNcG-00076k-Ct
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:32 -0500
From: Marius Bakke <marius@gnu.org>
To: 44335@debbugs.gnu.org
Subject: [PATCH v2 1/3] gnu: ungoogled-chromium: Add search path for installed
 extensions.
Date: Mon,  2 Nov 2020 01:22:26 +0100
Message-Id: <20201102002228.5971-2-marius@gnu.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20201102002228.5971-1-marius@gnu.org>
References: <20201102002228.5971-1-marius@gnu.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 44335
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

* gnu/packages/patches/ungoogled-chromium-search-path.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/chromium.scm (%guix-patches): New variable.
(ungoogled-chromium-snippet): Apply %GUIX-PATCHES.
(ungoogled-chromium)[arguments]: Don't hard-code extensions directory.
[native-search-paths]: New field.
---
 gnu/local.mk                                  |  1 +
 gnu/packages/chromium.scm                     | 18 ++++++------
 .../ungoogled-chromium-search-path.patch      | 28 +++++++++++++++++++
 3 files changed, 39 insertions(+), 8 deletions(-)
 create mode 100644 gnu/packages/patches/ungoogled-chromium-search-path.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index d4d04c01b8..51550e80cb 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1642,6 +1642,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/u-boot-riscv64-fix-extlinux.patch	\
   %D%/packages/patches/ucx-tcp-iface-ioctl.patch		\
   %D%/packages/patches/udiskie-no-appindicator.patch		\
+  %D%/packages/patches/ungoogled-chromium-search-path.patch	\
   %D%/packages/patches/ungoogled-chromium-system-nspr.patch	\
   %D%/packages/patches/unison-fix-ocaml-4.08.patch		\
   %D%/packages/patches/unknown-horizons-python-3.8-distro.patch	\
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
index f32a779805..06c57acd28 100644
--- a/gnu/packages/chromium.scm
+++ b/gnu/packages/chromium.scm
@@ -334,6 +334,10 @@
      (base32
       "18p9a7qffmy8m03nqva7maalgil13lj2mn0s56v3crbs4wk4lalj"))))
 
+(define %guix-patches
+  (list (local-file (search-patch "ungoogled-chromium-system-nspr.patch"))
+        (local-file (search-patch "ungoogled-chromium-search-path.patch"))))
+
 ;; This is a source 'snippet' that does the following:
 ;; *) Applies various patches for unbundling purposes and libstdc++ compatibility.
 ;; *) Runs the ungoogled patch-, domain substitution-, and scrubbing scripts.
@@ -356,9 +360,7 @@
                       (invoke "patch" "-p1" "--force" "--input"
                               patch "--no-backup-if-mismatch"))
                     (append '#+%debian-patches '#+%arch-patches
-                            '#+(list (local-file
-                                      (search-patch
-                                       "ungoogled-chromium-system-nspr.patch")))))
+                            '#+%guix-patches))
 
           (with-directory-excursion #+%ungoogled-origin
             (format #t "Ungooglifying...~%")
@@ -571,11 +573,6 @@
                        (find-files (string-append "third_party/webrtc/modules"
                                                   "/audio_coding/codecs/opus")))
 
-             (substitute* "chrome/common/chrome_paths.cc"
-               (("/usr/share/chromium/extensions")
-                ;; TODO: Add ~/.guix-profile.
-                "/run/current-system/profile/share/chromium/extensions"))
-
              ;; Many files try to include ICU headers from "third_party/icu/...".
              ;; Remove the "third_party/" prefix to use system headers instead.
              (substitute* (find-files "chrome" "\\.cc$")
@@ -840,6 +837,11 @@
        ("udev" ,eudev)
        ("valgrind" ,valgrind)
        ("vulkan-headers" ,vulkan-headers)))
+    (native-search-paths
+     (list (search-path-specification
+            (variable "CHROMIUM_EXTENSION_DIRECTORY")
+            (separator #f)              ;single entry
+            (files '("share/chromium/extensions")))))
 
     ;; Building Chromium takes ... a very long time.  On a single core, a busy
     ;; mid-end x86 system may need more than 24 hours to complete the build.
diff --git a/gnu/packages/patches/ungoogled-chromium-search-path.patch b/gnu/packages/patches/ungoogled-chromium-search-path.patch
new file mode 100644
index 0000000000..5ef9c56b52
--- /dev/null
+++ b/gnu/packages/patches/ungoogled-chromium-search-path.patch
@@ -0,0 +1,28 @@
+Look for system-installed extensions in CHROMIUM_EXTENSION_DIRECTORY instead
+of the hard-coded /usr/share/chromium/extensions.
+
+--- a/chrome/common/chrome_paths.cc
++++ b/chrome/common/chrome_paths.cc
+@@ -4,6 +4,7 @@
+ 
+ #include "chrome/common/chrome_paths.h"
+ 
++#include "base/environment.h"
+ #include "base/files/file_util.h"
+ #include "base/logging.h"
+ #include "base/native_library.h"
+@@ -511,7 +512,13 @@
+ #endif
+ #if defined(OS_LINUX) || defined(OS_CHROMEOS)
+     case chrome::DIR_STANDALONE_EXTERNAL_EXTENSIONS: {
+-      cur = base::FilePath(kFilepathSinglePrefExtensions);
++      std::unique_ptr<base::Environment> environment(base::Environment::Create());
++      std::string extension_dir;
++      if (environment->GetVar("CHROMIUM_EXTENSION_DIRECTORY", &extension_dir)) {
++        cur = base::FilePath(extension_dir);
++      } else {
++        cur = base::FilePath(kFilepathSinglePrefExtensions);
++      }
+       break;
+     }
+ #endif
-- 
2.28.0





From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 01 19:22:53 2020
Received: (at 44335) by debbugs.gnu.org; 2 Nov 2020 00:22:53 +0000
Received: from localhost ([127.0.0.1]:39035 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kZNcZ-0004m9-GL
	for submit@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:53 -0500
Received: from eggs.gnu.org ([209.51.188.92]:36034)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kZNcO-0004lG-61
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:45 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:35374)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>) id 1kZNcI-0002yE-Vt
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:34 -0500
Received: from host-37-191-236-253.lynet.no ([37.191.236.253]:46728
 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>) id 1kZNcI-00077X-E5
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:34 -0500
From: Marius Bakke <marius@gnu.org>
To: 44335@debbugs.gnu.org
Subject: [PATCH v2 2/3] Add (gnu build chromium-extension).
Date: Mon,  2 Nov 2020 01:22:27 +0100
Message-Id: <20201102002228.5971-3-marius@gnu.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20201102002228.5971-1-marius@gnu.org>
References: <20201102002228.5971-1-marius@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 44335
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

* gnu/build/chromium-extension.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
---
 gnu/build/chromium-extension.scm | 192 +++++++++++++++++++++++++++++++
 gnu/local.mk                     |   1 +
 2 files changed, 193 insertions(+)
 create mode 100644 gnu/build/chromium-extension.scm

diff --git a/gnu/build/chromium-extension.scm b/gnu/build/chromium-extension.scm
new file mode 100644
index 0000000000..35f49d788c
--- /dev/null
+++ b/gnu/build/chromium-extension.scm
@@ -0,0 +1,192 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2020 Marius Bakke <marius@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu build chromium-extension)
+  #:use-module (gcrypt base16)
+  #:use-module ((gcrypt hash) #:prefix hash:)
+  #:use-module (ice-9 iconv)
+  #:use-module (guix gexp)
+  #:use-module (guix packages)
+  #:use-module (gnu packages base)
+  #:use-module (gnu packages check)
+  #:use-module (gnu packages chromium)
+  #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages tls)
+  #:use-module (gnu packages xorg)
+  #:use-module (guix build-system trivial)
+  #:export (make-chromium-extension))
+
+;;; Commentary:
+;;;
+;;; Tools to deal with Chromium extensions.
+;;;
+;;; Code:
+
+(define (make-signing-key seed)
+  "Return a derivation for a deterministic PKCS #8 private key using SEED."
+
+  (define sha256sum
+    (bytevector->base16-string (hash:sha256 (string->bytevector seed "UTF-8"))))
+
+  ;; certtool.c wants a 56 byte seed for a 2048 bit key.
+  (define size 2048)
+  (define normalized-seed (string-take sha256sum 56))
+
+  (computed-file (string-append seed "-signing-key.pem")
+                 #~(system* #$(file-append gnutls "/bin/certtool")
+                            "--generate-privkey"
+                            "--key-type=rsa"
+                            "--pkcs8"
+                            ;; Use the provable FIPS-PUB186-4 algorithm for
+                            ;; deterministic results.
+                            "--provable"
+                            "--password="
+                            "--no-text"
+                            (string-append "--bits=" #$(number->string size))
+                            (string-append "--seed=" #$normalized-seed)
+                            "--outfile" #$output)
+                 #:local-build? #t))
+
+(define* (make-crx package+output signing-key)
+  "Create a signed \".crx\" file from the unpacked Chromium extension residing
+in PACKAGE+OUTPUT, a (list package output) pair.  The extension will be signed
+with SIGNING-KEY."
+  (with-imported-modules '((guix build utils))
+    (computed-file
+     "chromium-extension.crx"
+     #~(begin
+         ;; This is not great.  We pull Xorg and Chromium just to Zip and
+         ;; sign an extension.  This should be implemented with something
+         ;; lighter.  (TODO: where is the documentation..?)
+         (use-modules (guix build utils))
+         (let ((chromium #$(file-append ungoogled-chromium "/bin/chromium"))
+               (xvfb #$(file-append xorg-server "/bin/Xvfb"))
+               (packdir "/tmp/extension"))
+           (mkdir-p (dirname packdir))
+           (copy-recursively (ungexp (car package+output) (cadr package+output))
+                             packdir)
+           (system (string-append xvfb " :1 &"))
+           (setenv "DISPLAY" ":1")
+           (sleep 2)                    ;give Xorg some time to initialize...
+           ;; Chromium stores the current time in the .crx Zip archive.
+           ;; Sidestep that by using "faketime" for determinism.
+           ;; FIXME (core-updates): faketime is missing an absolute reference
+           ;; to 'date', hence the need to set PATH.
+           (setenv "PATH" #$(file-append coreutils "/bin"))
+           (invoke #$(file-append libfaketime "/bin/faketime")
+                   "2000-01-01 00:00:00"
+                   chromium
+                   "--user-data-dir=/tmp/signing-profile"
+                   (string-append "--pack-extension=" packdir)
+                   (string-append "--pack-extension-key=" #$signing-key))
+           (copy-file (string-append packdir ".crx") #$output)))
+     #:local-build? #t)))
+
+(define* (crx->chromium-json crx version)
+  "Return a derivation that creates a Chromium JSON settings file for the
+unpacked extension residing in output PACKAGE-OUTPUT of PACKAGE."
+  (computed-file "extension.json"
+                 #~(call-with-output-file #$output
+                     (lambda (port)
+                       ;; Documentation for the JSON format can be found in
+                       ;; extensions/common/extension.h and
+                       ;; chrome/browser/extensions/external_provider_impl.cc.
+                       (format port "
+{
+  \"external_crx\": \"~a\",
+  \"external_version\": \"~a\"
+}
+"
+                               #$crx #$version)))
+                 #:local-build? #t))
+
+
+(define (signing-key->public-der key)
+  "Return a derivation for a file containing the public key of KEY in DER
+format."
+  (computed-file "der"
+                 #~(system* #$(file-append gnutls "/bin/certtool")
+                            "--load-privkey" #$key
+                            "--pubkey-info"
+                            "--outfile" #$output
+                            "--outder")
+                 #:local-build? #t))
+
+(define (chromium-json->profile-object json signing-key)
+  "Return a derivation that installs JSON to the directory searched by
+Chromium, using a file name (aka extension ID) derived from SIGNING-KEY."
+  (define der (signing-key->public-der signing-key))
+
+  (with-extensions (list guile-gcrypt)
+    (with-imported-modules '((guix build utils))
+      (computed-file
+       "chromium-extension.json"
+       #~(begin
+           (use-modules (guix build utils)
+                        (gcrypt base16)
+                        (gcrypt hash))
+           (define (base16-string->chromium-base16 str)
+             ;; Translate STR, a hexadecimal string, to a Chromium-style
+             ;; representation using the letters a-p (where a=0, p=15).
+             (define s1 "0123456789abcdef")
+             (define s2 "abcdefghijklmnop")
+             (let loop ((chars (string->list str))
+                        (converted '()))
+               (if (null? chars)
+                   (list->string (reverse converted))
+                   (loop (cdr chars) (cons (string-ref
+                                            s2 (string-index s1 (car chars)))
+                                           converted)))))
+
+           (let* ((checksum (bytevector->base16-string (file-sha256 #$der)))
+                  (file-name (base16-string->chromium-base16
+                              (string-take checksum 32)))
+                  (extension-directory (string-append #$output
+                                                      "/share/chromium/extensions")))
+             (mkdir-p extension-directory)
+             (symlink #$json (string-append extension-directory "/"
+                                            file-name ".json"))))
+       #:local-build? #t))))
+
+(define* (make-chromium-extension p #:optional (output "out"))
+  "Create a Chromium extension from package P and return a package that,
+when installed, will make the extension contained in P available as a
+Chromium browser extension.  OUTPUT specifies which output of P to use."
+  (let* ((pname (package-name p))
+         (version (package-version p))
+         (signing-key (make-signing-key pname)))
+    (package
+      (inherit p)
+      (name (string-append pname "-chromium"))
+      (build-system trivial-build-system)
+      (native-inputs '())
+      (inputs
+       `(("extension" ,(chromium-json->profile-object
+                        (crx->chromium-json (make-crx (list p output)
+                                                      signing-key)
+                                            version)
+                        signing-key))))
+      (propagated-inputs '())
+      (outputs '("out"))
+      (arguments
+       '(#:modules ((guix build utils))
+         #:builder
+         (begin
+           (use-modules (guix build utils))
+           (copy-recursively (assoc-ref %build-inputs "extension")
+                             (assoc-ref %outputs "out"))))))))
diff --git a/gnu/local.mk b/gnu/local.mk
index 51550e80cb..e847f8c16a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -657,6 +657,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/build/accounts.scm			\
   %D%/build/activation.scm			\
   %D%/build/bootloader.scm			\
+  %D%/build/chromium-extension.scm		\
   %D%/build/cross-toolchain.scm			\
   %D%/build/image.scm				\
   %D%/build/file-systems.scm			\
-- 
2.28.0





From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 01 19:22:53 2020
Received: (at 44335) by debbugs.gnu.org; 2 Nov 2020 00:22:53 +0000
Received: from localhost ([127.0.0.1]:39037 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kZNcb-0004mI-8D
	for submit@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:53 -0500
Received: from eggs.gnu.org ([209.51.188.92]:36036)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kZNcQ-0004lJ-9m
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:46 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:35375)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>) id 1kZNcL-0002yI-2i
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:37 -0500
Received: from host-37-191-236-253.lynet.no ([37.191.236.253]:46730
 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>) id 1kZNcK-00078N-Eo
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:22:36 -0500
From: Marius Bakke <marius@gnu.org>
To: 44335@debbugs.gnu.org
Subject: [PATCH v2 3/3] gnu: Add ublock-origin-chromium.
Date: Mon,  2 Nov 2020 01:22:28 +0100
Message-Id: <20201102002228.5971-4-marius@gnu.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20201102002228.5971-1-marius@gnu.org>
References: <20201102002228.5971-1-marius@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 44335
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

* gnu/packages/browser-extensions.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
---
 gnu/local.mk                        |   1 +
 gnu/packages/browser-extensions.scm | 100 ++++++++++++++++++++++++++++
 2 files changed, 101 insertions(+)
 create mode 100644 gnu/packages/browser-extensions.scm

diff --git a/gnu/local.mk b/gnu/local.mk
index e847f8c16a..c14612cdef 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -111,6 +111,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/packages/boost.scm			\
   %D%/packages/bootloaders.scm			\
   %D%/packages/bootstrap.scm			\
+  %D%/packages/browser-extensions.scm		\
   %D%/packages/build-tools.scm			\
   %D%/packages/busybox.scm			\
   %D%/packages/c.scm				\
diff --git a/gnu/packages/browser-extensions.scm b/gnu/packages/browser-extensions.scm
new file mode 100644
index 0000000000..064a916e73
--- /dev/null
+++ b/gnu/packages/browser-extensions.scm
@@ -0,0 +1,100 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2020 Marius Bakke <marius@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages browser-extensions)
+  #:use-module (guix packages)
+  #:use-module (guix git-download)
+  #:use-module (guix build-system gnu)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (gnu build chromium-extension)
+  #:use-module (gnu packages compression)
+  #:use-module (gnu packages python))
+
+(define uassets
+  (let ((commit "95d609786680bf4cf267b1dff3f429af88040da1"))
+    (origin
+      (method git-fetch)
+      (uri (git-reference
+            (url "https://github.com/uBlockOrigin/uAssets.git")
+            (commit commit)))
+      (file-name (git-file-name "uAssets" (string-take commit 9)))
+      (sha256
+       (base32
+        "070v2g0hyxvqv77b6z404hdlggl0sq2bfhsfl4a84k93p9pwwlrq")))))
+
+(define ublock-origin
+  (package
+    (name "ublock-origin")
+    (version "1.30.8")
+    (home-page "https://github.com/gorhill/uBlock")
+    (source (origin
+              (method git-fetch)
+              (uri (git-reference (url home-page) (commit version)))
+              (file-name (git-file-name name version))
+              (sha256
+               (base32
+                "1y4dq4p4j4qrw6gfdcbpyigqjinqq3jm8r5x9h5ariiv9s8856w7"))))
+    (build-system gnu-build-system)
+    (outputs '("xpi" "firefox" "chromium"))
+    (arguments
+     '(#:tests? #f                      ;no tests
+       #:allowed-references ()
+       #:phases
+       (modify-phases (map (lambda (phase)
+                             (assq phase %standard-phases))
+                           '(set-paths unpack patch-source-shebangs))
+         (add-after 'unpack 'link-uassets
+           (lambda* (#:key native-inputs inputs #:allow-other-keys)
+             (symlink (string-append (assoc-ref (or native-inputs inputs)
+                                                "uassets"))
+                      "../uAssets")
+             #t))
+         (add-after 'unpack 'make-files-writable
+           (lambda _
+             ;; The build system copies some files and later tries
+             ;; modifying them.
+             (for-each make-file-writable (find-files "."))
+             #true))
+         (add-after 'patch-source-shebangs 'build-xpi
+           (lambda _
+             (invoke "./tools/make-firefox.sh" "all")))
+         (add-after 'build-xpi 'build-chromium
+           (lambda _
+             (invoke "./tools/make-chromium.sh")))
+         (add-after 'build-chromium 'install
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((firefox (assoc-ref outputs "firefox"))
+                   (xpi (assoc-ref outputs "xpi"))
+                   (chromium (assoc-ref outputs "chromium")))
+               (install-file "dist/build/uBlock0.firefox.xpi"
+                             (string-append xpi "/lib/mozilla/extensions"))
+               (copy-recursively "dist/build/uBlock0.firefox" firefox)
+               (copy-recursively "dist/build/uBlock0.chromium" chromium)
+               #true))))))
+    (native-inputs
+     `(("python" ,python-wrapper)
+       ("uassets" ,uassets)
+       ("zip" ,zip)))
+    (synopsis "Block unwanted content from web sites")
+    (description
+     "uBlock Origin is a @dfn{wide spectrum blocker} for IceCat and
+ungoogled-chromium.")
+    (license license:gpl3+)))
+
+(define-public ublock-origin/chromium
+  (make-chromium-extension ublock-origin "chromium"))
-- 
2.28.0





From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 01 19:28:47 2020
Received: (at 44335) by debbugs.gnu.org; 2 Nov 2020 00:28:48 +0000
Received: from localhost ([127.0.0.1]:39052 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kZNiH-0004w3-Q5
	for submit@debbugs.gnu.org; Sun, 01 Nov 2020 19:28:47 -0500
Received: from eggs.gnu.org ([209.51.188.92]:36656)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kZNiD-0004vo-58
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:28:44 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:35460)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>) id 1kZNi7-0003VN-Th
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:28:35 -0500
Received: from host-37-191-236-253.lynet.no ([37.191.236.253]:46768
 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>) id 1kZNi6-0002Zf-Ro
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:28:35 -0500
From: Marius Bakke <marius@gnu.org>
To: 44335@debbugs.gnu.org
Subject: Re: [bug#44335] [PATCH v2 2/3] Add (gnu build chromium-extension).
In-Reply-To: <20201102002228.5971-3-marius@gnu.org>
References: <20201102002228.5971-1-marius@gnu.org>
 <20201102002228.5971-3-marius@gnu.org>
Date: Mon, 02 Nov 2020 01:28:32 +0100
Message-ID: <87blggioun.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 44335
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

--==-=-=
Content-Type: multipart/mixed; boundary="=-=-="

--=-=-=
Content-Type: text/plain

Marius Bakke <marius@gnu.org> writes:

> * gnu/build/chromium-extension.scm: New file.
> * gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.

Errh, I accidentally sent an outdated patch.  Here is the new one:


--=-=-=
Content-Type: text/x-patch; charset=utf-8
Content-Disposition: inline;
 filename=0001-Add-gnu-build-chromium-extension.patch
Content-Transfer-Encoding: quoted-printable

From=207ad719df6860c2cebdcaf73be33d1c4764c4576c Mon Sep 17 00:00:00 2001
From: Marius Bakke <marius@gnu.org>
Date: Sat, 31 Oct 2020 17:25:58 +0100
Subject: [PATCH] Add (gnu build chromium-extension).

* gnu/build/chromium-extension.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
=2D--
 gnu/build/chromium-extension.scm | 191 +++++++++++++++++++++++++++++++
 gnu/local.mk                     |   1 +
 2 files changed, 192 insertions(+)
 create mode 100644 gnu/build/chromium-extension.scm

diff --git a/gnu/build/chromium-extension.scm b/gnu/build/chromium-extensio=
n.scm
new file mode 100644
index 0000000000..665a94830c
=2D-- /dev/null
+++ b/gnu/build/chromium-extension.scm
@@ -0,0 +1,191 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright =C2=A9 2020 Marius Bakke <marius@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu build chromium-extension)
+  #:use-module (gcrypt base16)
+  #:use-module ((gcrypt hash) #:prefix hash:)
+  #:use-module (ice-9 iconv)
+  #:use-module (guix gexp)
+  #:use-module (guix packages)
+  #:use-module (gnu packages base)
+  #:use-module (gnu packages check)
+  #:use-module (gnu packages chromium)
+  #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages tls)
+  #:use-module (gnu packages xorg)
+  #:use-module (guix build-system trivial)
+  #:export (make-chromium-extension))
+
+;;; Commentary:
+;;;
+;;; Tools to deal with Chromium extensions.
+;;;
+;;; Code:
+
+(define (make-signing-key seed)
+  "Return a derivation for a deterministic PKCS #8 private key using SEED."
+
+  (define sha256sum
+    (bytevector->base16-string (hash:sha256 (string->bytevector seed "UTF-=
8"))))
+
+  ;; certtool.c wants a 56 byte seed for a 2048 bit key.
+  (define size 2048)
+  (define normalized-seed (string-take sha256sum 56))
+
+  (computed-file (string-append seed "-signing-key.pem")
+                 #~(system* #$(file-append gnutls "/bin/certtool")
+                            "--generate-privkey"
+                            "--key-type=3Drsa"
+                            "--pkcs8"
+                            ;; Use the provable FIPS-PUB186-4 algorithm for
+                            ;; deterministic results.
+                            "--provable"
+                            "--password=3D"
+                            "--no-text"
+                            (string-append "--bits=3D" #$(number->string s=
ize))
+                            (string-append "--seed=3D" #$normalized-seed)
+                            "--outfile" #$output)
+                 #:local-build? #t))
+
+(define* (make-crx signing-key package #:optional (package-output "out"))
+  "Create a signed \".crx\" file from the unpacked Chromium extension resi=
ding
+in PACKAGE-OUTPUT of PACKAGE.  The extension will be signed with SIGNING-K=
EY."
+  (define name (package-name package))
+  (define version (package-version package))
+
+  (with-imported-modules '((guix build utils))
+    (computed-file
+     (string-append name "-" version ".crx")
+     #~(begin
+         ;; This is not great.  We pull Xorg and Chromium just to Zip and
+         ;; sign an extension.  This should be implemented with something
+         ;; lighter.  (TODO: where is the CRXv3 documentation..?)
+         (use-modules (guix build utils))
+         (let ((chromium #$(file-append ungoogled-chromium "/bin/chromium"=
))
+               (xvfb #$(file-append xorg-server "/bin/Xvfb"))
+               (packdir "/tmp/extension"))
+           (mkdir-p (dirname packdir))
+           (copy-recursively (ungexp package package-output) packdir)
+           (system (string-append xvfb " :1 &"))
+           (setenv "DISPLAY" ":1")
+           (sleep 2)                    ;give Xorg some time to initialize=
...
+           ;; Chromium stores the current time in the .crx Zip archive.
+           ;; Use a fixed timestamp for deterministic behavior.
+           ;; FIXME (core-updates): faketime is missing an absolute refere=
nce
+           ;; to 'date', hence the need to set PATH.
+           (setenv "PATH" #$(file-append coreutils "/bin"))
+           (invoke #$(file-append libfaketime "/bin/faketime")
+                   "2000-01-01 00:00:00"
+                   chromium
+                   "--user-data-dir=3D/tmp/signing-profile"
+                   (string-append "--pack-extension=3D" packdir)
+                   (string-append "--pack-extension-key=3D" #$signing-key))
+           (copy-file (string-append packdir ".crx") #$output)))
+     #:local-build? #t)))
+
+(define* (crx->chromium-json crx version)
+  "Return a derivation that creates a Chromium JSON settings file for the
+extension given as CRX.  VERSION is used to signify the CRX version, and
+must match the version listed in the extension manifest.json."
+  ;; See chrome/browser/extensions/external_provider_impl.cc and
+  ;; extensions/common/extension.h for documentation on the JSON format.
+  (computed-file "extension.json"
+                 #~(call-with-output-file #$output
+                     (lambda (port)
+                       (format port "{
+  \"external_crx\": \"~a\",
+  \"external_version\": \"~a\"
+}
+"
+                               #$crx #$version)))
+                 #:local-build? #t))
+
+
+(define (signing-key->public-der key)
+  "Return a derivation for a file containing the public key of KEY in DER
+format."
+  (computed-file "der"
+                 #~(system* #$(file-append gnutls "/bin/certtool")
+                            "--load-privkey" #$key
+                            "--pubkey-info"
+                            "--outfile" #$output
+                            "--outder")
+                 #:local-build? #t))
+
+(define (chromium-json->profile-object json signing-key)
+  "Return a derivation that installs JSON to the directory searched by
+Chromium, using a file name (aka extension ID) derived from SIGNING-KEY."
+  (define der (signing-key->public-der signing-key))
+
+  (with-extensions (list guile-gcrypt)
+    (with-imported-modules '((guix build utils))
+      (computed-file
+       "chromium-extension"
+       #~(begin
+           (use-modules (guix build utils)
+                        (gcrypt base16)
+                        (gcrypt hash))
+           (define (base16-string->chromium-base16 str)
+             ;; Translate STR, a hexadecimal string, to a Chromium-style
+             ;; representation using the letters a-p (where a=3D0, p=3D15).
+             (define s1 "0123456789abcdef")
+             (define s2 "abcdefghijklmnop")
+             (let loop ((chars (string->list str))
+                        (converted '()))
+               (if (null? chars)
+                   (list->string (reverse converted))
+                   (loop (cdr chars) (cons (string-ref
+                                            s2 (string-index s1 (car chars=
)))
+                                           converted)))))
+
+           (let* ((checksum (bytevector->base16-string (file-sha256 #$der)=
))
+                  (file-name (base16-string->chromium-base16
+                              (string-take checksum 32)))
+                  (extension-directory (string-append #$output
+                                                      "/share/chromium/ext=
ensions")))
+             (mkdir-p extension-directory)
+             (symlink #$json (string-append extension-directory "/"
+                                            file-name ".json"))))
+       #:local-build? #t))))
+
+(define* (make-chromium-extension p #:optional (output "out"))
+  "Create a Chromium extension from package P and return a package that,
+when installed, will make the extension contained in P available as a
+Chromium browser extension.  OUTPUT specifies which output of P to use."
+  (let* ((pname (package-name p))
+         (version (package-version p))
+         (signing-key (make-signing-key pname)))
+    (package
+      (inherit p)
+      (name (string-append pname "-chromium"))
+      (build-system trivial-build-system)
+      (native-inputs '())
+      (inputs
+       `(("extension" ,(chromium-json->profile-object
+                        (crx->chromium-json (make-crx signing-key p output)
+                                            version)
+                        signing-key))))
+      (propagated-inputs '())
+      (outputs '("out"))
+      (arguments
+       '(#:modules ((guix build utils))
+         #:builder
+         (begin
+           (use-modules (guix build utils))
+           (copy-recursively (assoc-ref %build-inputs "extension")
+                             (assoc-ref %outputs "out"))))))))
diff --git a/gnu/local.mk b/gnu/local.mk
index 51550e80cb..e847f8c16a 100644
=2D-- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -657,6 +657,7 @@ GNU_SYSTEM_MODULES =3D				\
   %D%/build/accounts.scm			\
   %D%/build/activation.scm			\
   %D%/build/bootloader.scm			\
+  %D%/build/chromium-extension.scm		\
   %D%/build/cross-toolchain.scm			\
   %D%/build/image.scm				\
   %D%/build/file-systems.scm			\
=2D-=20
2.28.0


--=-=-=--

--==-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCgAtFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAl+fUrEPHG1hcml1c0Bn
bnUub3JnAAoJEKKgbfKjOlT6jmsH/iqhAVpCud9R9tl3u877Igd8AEydrD0JaWev
jACxP3ycfliWLTU4WHV3lpS29KMctMYKbCwOk1PbOZQtsCj4XI0SBzCK0/VazwOE
cHhNZjTOJsYFFoH2ScmA0RXspqmJglgK965jcf8HlQBLSMAM6dfsODT5cF2NBr45
E+x37zM/AVV+C78C46zLPiyb6w9xDAcvGqylbsweG+TO4p164gLmRP4SkWDEl5Z6
LYhFUUfXL6+bEGmZpKa2J96oD2RGLR498awRJs4C1SNYN1P2xW+JN5OW44LmG83e
o8xpR+E3yCwbnkk7cJSMj6qlA89bpKYoqSyHILloQN9AuXEQIKw=
=uFks
-----END PGP SIGNATURE-----
--==-=-=--




From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 01 19:56:01 2020
Received: (at 44335) by debbugs.gnu.org; 2 Nov 2020 00:56:01 +0000
Received: from localhost ([127.0.0.1]:39066 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kZO8f-0005dC-7j
	for submit@debbugs.gnu.org; Sun, 01 Nov 2020 19:56:01 -0500
Received: from wout3-smtp.messagingengine.com ([64.147.123.19]:38559)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1kZO8e-0005cx-0d
 for 44335@debbugs.gnu.org; Sun, 01 Nov 2020 19:56:00 -0500
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.west.internal (Postfix) with ESMTP id 3CBC3D92;
 Sun,  1 Nov 2020 19:55:54 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute3.internal (MEProxy); Sun, 01 Nov 2020 19:55:54 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=mesmtp; bh=d+q57eK4wJb2jF9c2yuhWxRB
 XwAYPP0UN88vDpQA9SE=; b=vh838o8KQDq+28D8/dlJxiNSXZBKy2GkENrC2zHn
 Z+Au/w4KVx3Sd2CAEip5w11w38N3qrg3YvyCSIPdU8AehuIw+N7ZrHISbw610RF2
 IBzOdguqCD3/nZFZlW8o/kyH5unI0tBPqkr71qWpHwhduEkUXrB/tA6YQr3X69Z1
 EXo=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=d+q57e
 K4wJb2jF9c2yuhWxRBXwAYPP0UN88vDpQA9SE=; b=E+XN/3mZ7c3wENJsgUqT3I
 UMvN0yEe6DLGEHbnLs5RKHNWcuzrPub9OvWScgtGMYM5yYIeEPoa/7SYHIOJR93Z
 8+dVf2ipWXaOky5IVyk66dae00mbM8xhM7ytKSwxs/PULfTIappMwswcxsJvAMSx
 Ek1c3MEVlvVW2qgq+MeXOR9ok7W+0sAHFLIgYHMgJL7CdSwZcbIskAnq9JWbrj3I
 k2K59xud4iHz4ytD7g5OJJnRkMyGATSMtcEasujR6ol42lcbDGEphh6qj4YN7JBi
 GbY2xKuImJml/KPSVLrW9JtmQLM3FvWsXNxdn2wlJC5zfihbToadcMSBb61B1MeA
 ==
X-ME-Sender: <xms:GVmfX081hxtjDu_NvdOgrC44tLHjMmCt19LvgXApJbJ2gKYt7y458A>
 <xme:GVmfX8vIQCEwwLSXezAmU-aqQiPaepmAKMbJWZJiStBkgszcppOhdPXdz-p9YTA95
 ZH4lLyt8hzjV7WffA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedruddttddgvdeiucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhepfffhvffukfhfgggtuggjsehttdertddttddvnecuhfhrohhmpefnvghoucfh
 rghmuhhlrghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqeenucggtffrrghtth
 gvrhhnpeeukeektdffvddtudegjeegtdevhfeufeeivdejiedtieegtdevjedvjeehffev
 gfenucfkphepjeefrddugedurdduvdejrddugeeinecuvehluhhsthgvrhfuihiivgeptd
 enucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg
X-ME-Proxy: <xmx:GVmfX6A4gHl8UMbOeY1BJRmcj-hixu2lBECrv3TNsUeSZZBYcupLig>
 <xmx:GVmfX0dI2yYXzVl-ee2EyY7DYC74qSyxh1926WP3vHSdNwl1CPnPHQ>
 <xmx:GVmfX5NUBf5Z7BbsXOMwdbmT_i-8f78Sh-_T-hxOqN3xoIULIUbkDQ>
 <xmx:GVmfXwYqKxDDsmOlQBjMvzdGM5qub1MNKZ3lzmc9xdBGDazM_a_n7A>
Received: from localhost (c-73-141-127-146.hsd1.pa.comcast.net
 [73.141.127.146])
 by mail.messagingengine.com (Postfix) with ESMTPA id 4566B3280063;
 Sun,  1 Nov 2020 19:55:53 -0500 (EST)
Date: Sun, 1 Nov 2020 19:55:51 -0500
From: Leo Famulari <leo@famulari.name>
To: Marius Bakke <marius@gnu.org>
Subject: Re: [bug#44335] [PATCH v2 0/3] Install Chromium extensions with Guix!
Message-ID: <20201102005551.GA9959@jasmine.lan>
References: <20201030182925.5151-1-marius@gnu.org>
 <20201102002228.5971-1-marius@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20201102002228.5971-1-marius@gnu.org>
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 44335
Cc: 44335@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

On Mon, Nov 02, 2020 at 01:22:25AM +0100, Marius Bakke wrote:
> Hello,
> 
> Here is an updated patch series that introduces a new module to deal
> with the Chromium extension machinery.
> 
> The procedures have also been tweaked a little to reduce duplication.
> 
> I still don't know why extensions installed with Guix are not updated.
> It could be that the update functionality has been patched out by
> ungoogled-chromium.  More testing pending.

Really great work Marius! We trust your judgement on when the code is
"ready".




From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 08 12:38:31 2020
Received: (at 44335-done) by debbugs.gnu.org; 8 Nov 2020 17:38:31 +0000
Received: from localhost ([127.0.0.1]:32975 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kboe6-0002yV-W1
	for submit@debbugs.gnu.org; Sun, 08 Nov 2020 12:38:31 -0500
Received: from eggs.gnu.org ([209.51.188.92]:56446)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <marius@gnu.org>) id 1kboe5-0002yI-5V
 for 44335-done@debbugs.gnu.org; Sun, 08 Nov 2020 12:38:30 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:53949)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <marius@gnu.org>)
 id 1kbodz-0005MO-SF; Sun, 08 Nov 2020 12:38:23 -0500
Received: from host-37-191-236-253.lynet.no ([37.191.236.253]:42942
 helo=localhost)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <marius@gnu.org>)
 id 1kbodz-0002SE-Cs; Sun, 08 Nov 2020 12:38:23 -0500
From: Marius Bakke <marius@gnu.org>
To: Leo Famulari <leo@famulari.name>
Subject: Re: [bug#44335] [PATCH v2 0/3] Install Chromium extensions with Guix!
In-Reply-To: <20201102005551.GA9959@jasmine.lan>
References: <20201030182925.5151-1-marius@gnu.org>
 <20201102002228.5971-1-marius@gnu.org> <20201102005551.GA9959@jasmine.lan>
Date: Sun, 08 Nov 2020 18:38:21 +0100
Message-ID: <87r1p3g35e.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 44335-done
Cc: 44335-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Leo Famulari <leo@famulari.name> writes:

> On Mon, Nov 02, 2020 at 01:22:25AM +0100, Marius Bakke wrote:
>> Hello,
>>=20
>> Here is an updated patch series that introduces a new module to deal
>> with the Chromium extension machinery.
>>=20
>> The procedures have also been tweaked a little to reduce duplication.
>>=20
>> I still don't know why extensions installed with Guix are not updated.
>> It could be that the update functionality has been patched out by
>> ungoogled-chromium.  More testing pending.
>
> Really great work Marius! We trust your judgement on when the code is
> "ready".

Thanks, it's in 'master' now!  After further testing I found that
updating extensions does work, not sure what went wrong the first time
around.

Removing and reinstalling extensions is still "impossible" without
serious Chromium profile surgery.  But let's deal with that later.

I also committed a bonus extension that can send YouTube and other
streaming sites directly to the Kodi media center.

Feedback still welcome.  Enjoy the new add-on enchanced
ungoogled-chromium experience!  :-)

Now to figure out how to do the same for IceCat...

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCgAtFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAl+oLQ0PHG1hcml1c0Bn
bnUub3JnAAoJEKKgbfKjOlT6de8IAJyLptkoiekwZk6LPz27MiDHQ467+4q5cu1Y
VctNPG1QWntYKWKrTrDN5nQUgLqCi5HJd1hzImgEfSZevPpRNCiPV+CM5fUygu7z
eDYwD99/ILCHvjajwxHob8InzkM6dH32PUokTtWloYbjBRy8wl7GBb4DjvWFCeZm
rSAqxtIF9Dd1y3VY4bdPX8JSSvv+yW3xufFIvsoVv24nUrsgdjRdRE+P5sf3a5w8
1G4qjOofOUdjpV+GbVP8Gx7zwaiuytX9dADM9M5CqAJbcw7Wyge7GfGGhPMwz5VW
x+3JOWxqrTFGef7RiOwVL+DRBUxnQxdZr2BRxtPquDM4WEeHDDg=
=0QqR
-----END PGP SIGNATURE-----
--=-=-=--




From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 08 12:46:19 2020
Received: (at 44335-done) by debbugs.gnu.org; 8 Nov 2020 17:46:19 +0000
Received: from localhost ([127.0.0.1]:32995 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kbole-0003BW-P7
	for submit@debbugs.gnu.org; Sun, 08 Nov 2020 12:46:19 -0500
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:49415)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1kbola-0003Ar-Sn
 for 44335-done@debbugs.gnu.org; Sun, 08 Nov 2020 12:46:16 -0500
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id B30A15C00CA;
 Sun,  8 Nov 2020 12:46:09 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163])
 by compute3.internal (MEProxy); Sun, 08 Nov 2020 12:46:09 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=mesmtp; bh=eGnpDg/zKwdcogIxgk3XGkVA
 PNdqlAJeZtxaf1hGRv8=; b=EDH6cXKNvTmkHLeMMHYZnQLwSVu/bazj9BFf1gke
 Dk4FcQVoM1reubIBBqq1R2gb7LCYv2NChkWQNS5T36VXR2Nup7B63WeQyvQ5zabU
 XZW3yWnzH6OrLhraxhjsTAXSbr6ydViOq2yqdTUscPV6o5wNpUAMtE6bOG6VX1g5
 Lew=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=eGnpDg
 /zKwdcogIxgk3XGkVAPNdqlAJeZtxaf1hGRv8=; b=pULd06kWJsP+J4bF7y0eF4
 dLi6R7quGY4lTkW7qOvRADhLltaeo+Ezj+T17YtfHu/QF02VMLxpw5/iEWf9E9KH
 oZpDhMazQ5UXqnM1vU6I80ICIZDxhCx+vYuiEGrWa8YnoXF78RzT3eaAc/dxkve0
 GoVTFssm65GyzVZibAp+ol4b7c9/VZyMzwGwfLe46Wui8d0RnAwoVL0Cc+HhkBSp
 enOrVavIUw8oP4kWOcih3KFvadOaP15fNtnNsqUo2HsJdCRx/E9VHyn3UzGlA0mN
 /hLDp7w0a3wWkKIhSgYQrdM1gGOXzXL+HrKXZVKVjxXN8cdURlRFLNIphMedbS7w
 ==
X-ME-Sender: <xms:4S6oX2zkiEz19_cZInB0dulmx9AUh9-VtKfJXHO9reK82S54ivewow>
 <xme:4S6oXyRmCBdHbrA0hfhEw283Uj2UjyWxhaHzmrdkhfLwjFEQO7TR3kgQrHdccl4C-
 Hvrq6GNaFA2D1O6lg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedruddufedguddtiecutefuodetggdotefrod
 ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh
 necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
 enucfjughrpeffhffvuffkfhggtggujgesthdtredttddtvdenucfhrhhomhepnfgvohcu
 hfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhirdhnrghmvgeqnecuggftrfgrth
 htvghrnhepueekkedtffdvtddugeejgedtvefhueefiedvjeeitdeigedtveejvdejheff
 vefgnecukfhppeejfedrudeguddruddvjedrudegieenucevlhhushhtvghrufhiiigvpe
 dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv
X-ME-Proxy: <xmx:4S6oX4Ut6LILXs5VgKQSngXTLyVscphxufhjCezdKIW1dEuyKuY8MA>
 <xmx:4S6oX8hLQFdOx4eZHNrMzOn6cMrV7bcl6ydrwhKMwrxi-Iuh7F0wCA>
 <xmx:4S6oX4C4GXOJgxRPeRoW_wavl8ij3XzPZquMk3DhAOgYgHwMUcsDLQ>
 <xmx:4S6oX3-5fb5Zk8mxilOXCl4drVUGnkpsIuNurpLusDuEnkHMFi1N_A>
Received: from localhost (c-73-141-127-146.hsd1.pa.comcast.net
 [73.141.127.146])
 by mail.messagingengine.com (Postfix) with ESMTPA id 5934A306307F;
 Sun,  8 Nov 2020 12:46:09 -0500 (EST)
Date: Sun, 8 Nov 2020 12:46:07 -0500
From: Leo Famulari <leo@famulari.name>
To: Marius Bakke <marius@gnu.org>
Subject: Re: [bug#44335] [PATCH v2 0/3] Install Chromium extensions with Guix!
Message-ID: <20201108174607.GA20018@jasmine.lan>
References: <20201030182925.5151-1-marius@gnu.org>
 <20201102002228.5971-1-marius@gnu.org>
 <20201102005551.GA9959@jasmine.lan> <87r1p3g35e.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <87r1p3g35e.fsf@gnu.org>
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 44335-done
Cc: 44335-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

On Sun, Nov 08, 2020 at 06:38:21PM +0100, Marius Bakke wrote:
> Thanks, it's in 'master' now!  After further testing I found that
> updating extensions does work, not sure what went wrong the first time
> around.

Great!

> I also committed a bonus extension that can send YouTube and other
> streaming sites directly to the Kodi media center.

Ah, very nice :)




From unknown Sun Aug 17 04:18:02 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Mon, 07 Dec 2020 12:24:06 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator