[bug#28004] gnu: Add ungoogled-chromium.

Thanks to Marks beautiful "computed-origin-method", Ungoogled-Chromium
is finally ready for inclusion in Guix.

Features:
* Chromium 72.
* No unsolicited network traffic.
* Free software only.
* No DRM.
* Not an April Fools joke.

It's currently using my trivial "fork" of Ungoogled-Chromium[0], which
will be upstreamed once the upstream reorganization[1] is done.

Comments appreciated!

[0]: https://github.com/mbakke/ungoogled-chromium/commit/f9b9074c322a67b04baf0982797cd7b7e09614b5
[1]: https://github.com/Eloston/ungoogled-chromium/issues/651

* gnu/packages/aux-files/chromium/master-preferences.json,
gnu/packages/chromium.scm: New files.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
---
 gnu/local.mk                                  |   1 +
 .../chromium/master-preferences.json          |  26 +
 gnu/packages/chromium.scm                     | 741 ++++++++++++++++++
 3 files changed, 768 insertions(+)
 create mode 100644 gnu/packages/aux-files/chromium/master-preferences.json
 create mode 100644 gnu/packages/chromium.scm

Hello Marius,

Thanks for your work patching and packaging ungoogled-chromium!

I haven’t had a chance to have a closer look at your patch, but would
you mind elaborating on the “* Free software only.” part of your stated
feature-set and if/how it addresses licensing concerns raised previously
e.g. by bill-auger here[1] with respect to the FSDG status of Chromium,
as well as maintaining solidarity with other FSDG-complying distros?

[1]: https://lists.gnu.org/r/guix-devel/2018-09/msg00264.html

Best,
amin

re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html

i would like to remind readers of the guix-devel list that it was
discussed some months ago, why no FSDG distros currently distribute
chromium[1] - it appeared at that time, that most people in that
discussion were in agreement that chromium should not be included in
guix; and marius was instead hosting it in a private repo, as not to
taint the main guix repos with dubious software - has there been a
notable break-through since then?

what is the evidence for this claim that this guix package is "free
software only"? - what does "Marks beautiful computed-origin-method" do
toward that end? - if a procedure for liberating any chromium-derived
software has been discovered, this would be a marvelous accomplishment
and very good news indeed, of which people outside of the guix dev team
would also be interested to learn

if the guix team has discovered some new information or has concocted a
viable liberation recipe for chromium or any of it's offspring, then i
hope that, for the benefit of all fellow Fosstopians, someone would
present that information to the FSDG mailing list for review and
discussion - it would be extra neighborly if that happened *before*
offering this program to guix users, while fully knowing that the other
FSDG distros are still intentionally suppressing it in solidarity

again, i am totally indifferent as to whether anyone uses chromium or
not - my only interest in this is that i would like to strengthen the
FSDG by convincing FSDG distros to communicate and collaborate with each
other, and to achieve consensus about common issues such as this, that
clearly affect all distros equally; so that no one is compelled to ask
"why does guixsd endorse that popular program if other FSDG distros
reject it on principal?" - it is difficult enough to explain to users
why these programs are rejected in the first place; but at least the
way things are now, we can say that all FSDG distros are in agreement to
err on the conservative side until a satisfactory liberation procedure
is found and documented - currently, the documented liberation
procedure is: "Remove program/package. Use GNU IceCat, or
equivalent"[2] - if there is a better candidate procedure now, let us
get it onto the table for discussion

i would like to consider all FSDG distros as being part of a larger
federation, sharing the same primary goals; but we cant all be reading
all of the dev lists - let us communicate whenever applicable, in the
common venue that exists for that purpose[3] - i tried enticing the
folks on the guix team to do that previously - if there is indeed
something new to announce regarding chromium's dubious FSDG status,
please elect someone from guix to do so now - this would be very
interesting news to the readers of that list, and your effort and/or
accomplishment would be sincerely applauded - other FSDG distros would
be happy (and some quite eager) to re-instate any of these
chromium-derived packages if a consensus could be reached that any of
them could be distributed 100% freely; but if all distros are to decide
for themselves what is freely distributable and what is not, without
evidence and without discussing it with the other FSDG distros nor the
FSF, then the FSDG loses its teeth, and we all look wishy-washy and
flakey on that, the main, central FSDG concern: which programs are
freely distributable and which are not


[1]: https://lists.gnu.org/archive/html/guix-devel/2018-09/msg00264.html
[2]:
https://libreplanet.org/wiki/List_of_software_that_does_not_respect_the_Free_System_Distribution_Guidelines#chromium-browser
[3]: https://lists.nongnu.org/mailman/listinfo/gnu-linux-libre

As always, I second Bill here. There is a lot of history behind the 
Chromium project that I think many of us are aware of. There, to my 
knowledge, remains to be a complete audit of the Chromium source. Such 
an audit is crucial for us to even know what is problematic and what is 
not when it comes to FSDG compliance. So, unless the ungoogled chromium 
project has done this audit successfully I remain a kind skeptic.

On 04.02.2019 05:52, bill-auger wrote:
> re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html
> 
> i would like to remind readers of the guix-devel list that it was
> discussed some months ago, why no FSDG distros currently distribute
> chromium[1] - it appeared at that time, that most people in that
> discussion were in agreement that chromium should not be included in
> guix; and marius was instead hosting it in a private repo, as not to
> taint the main guix repos with dubious software - has there been a
> notable break-through since then?
> 
> what is the evidence for this claim that this guix package is "free
> software only"? - what does "Marks beautiful computed-origin-method" do
> toward that end? - if a procedure for liberating any chromium-derived
> software has been discovered, this would be a marvelous accomplishment
> and very good news indeed, of which people outside of the guix dev team
> would also be interested to learn
> 
> if the guix team has discovered some new information or has concocted a
> viable liberation recipe for chromium or any of it's offspring, then i
> hope that, for the benefit of all fellow Fosstopians, someone would
> present that information to the FSDG mailing list for review and
> discussion - it would be extra neighborly if that happened *before*
> offering this program to guix users, while fully knowing that the other
> FSDG distros are still intentionally suppressing it in solidarity
> 
> again, i am totally indifferent as to whether anyone uses chromium or
> not - my only interest in this is that i would like to strengthen the
> FSDG by convincing FSDG distros to communicate and collaborate with 
> each
> other, and to achieve consensus about common issues such as this, that
> clearly affect all distros equally; so that no one is compelled to ask
> "why does guixsd endorse that popular program if other FSDG distros
> reject it on principal?" - it is difficult enough to explain to users
> why these programs are rejected in the first place; but at least the
> way things are now, we can say that all FSDG distros are in agreement 
> to
> err on the conservative side until a satisfactory liberation procedure
> is found and documented - currently, the documented liberation
> procedure is: "Remove program/package. Use GNU IceCat, or
> equivalent"[2] - if there is a better candidate procedure now, let us
> get it onto the table for discussion
> 
> i would like to consider all FSDG distros as being part of a larger
> federation, sharing the same primary goals; but we cant all be reading
> all of the dev lists - let us communicate whenever applicable, in the
> common venue that exists for that purpose[3] - i tried enticing the
> folks on the guix team to do that previously - if there is indeed
> something new to announce regarding chromium's dubious FSDG status,
> please elect someone from guix to do so now - this would be very
> interesting news to the readers of that list, and your effort and/or
> accomplishment would be sincerely applauded - other FSDG distros would
> be happy (and some quite eager) to re-instate any of these
> chromium-derived packages if a consensus could be reached that any of
> them could be distributed 100% freely; but if all distros are to decide
> for themselves what is freely distributable and what is not, without
> evidence and without discussing it with the other FSDG distros nor the
> FSF, then the FSDG loses its teeth, and we all look wishy-washy and
> flakey on that, the main, central FSDG concern: which programs are
> freely distributable and which are not
> 
> 
> [1]: 
> https://lists.gnu.org/archive/html/guix-devel/2018-09/msg00264.html
> [2]:
> https://libreplanet.org/wiki/List_of_software_that_does_not_respect_the_Free_System_Distribution_Guidelines#chromium-browser
> [3]: https://lists.nongnu.org/mailman/listinfo/gnu-linux-libre

On Sun, Feb 03, 2019 at 11:52:04PM -0500, bill-auger wrote:
> FSF, then the FSDG loses its teeth, and we all look wishy-washy and
> flakey on that, the main, central FSDG concern: which programs are
> freely distributable and which are not

I don't think the main FSDG concern is which programs are freely
distributable, and even which programs are free; IMHO it is,
"a free system distribution must not steer users towards obtaining
any nonfree information for practical use."

On 02/03/2019 11:52 PM, bill-auger wrote:
> re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html
> 
> i would like to remind readers of the guix-devel list that it was
> discussed some months ago, why no FSDG distros currently distribute
> chromium[1] - it appeared at that time, that most people in that
> discussion were in agreement that chromium should not be included in
> guix; and marius was instead hosting it in a private repo, as not to
> taint the main guix repos with dubious software - has there been a
> notable break-through since then?
> 
> what is the evidence for this claim that this guix package is "free
> software only"? - what does "Marks beautiful computed-origin-method" do
> toward that end? - if a procedure for liberating any chromium-derived
> software has been discovered, this would be a marvelous accomplishment
> and very good news indeed, of which people outside of the guix dev team
> would also be interested to learn
> 
> if the guix team has discovered some new information or has concocted a
> viable liberation recipe for chromium or any of it's offspring, then i
> hope that, for the benefit of all fellow Fosstopians, someone would
> present that information to the FSDG mailing list for review and
> discussion - it would be extra neighborly if that happened *before*
> offering this program to guix users, while fully knowing that the other
> FSDG distros are still intentionally suppressing it in solidarity
> 
> again, i am totally indifferent as to whether anyone uses chromium or
> not - my only interest in this is that i would like to strengthen the
> FSDG by convincing FSDG distros to communicate and collaborate with each
> other, and to achieve consensus about common issues such as this, that
> clearly affect all distros equally; so that no one is compelled to ask
> "why does guixsd endorse that popular program if other FSDG distros
> reject it on principal?" - it is difficult enough to explain to users
> why these programs are rejected in the first place; but at least the
> way things are now, we can say that all FSDG distros are in agreement to
> err on the conservative side until a satisfactory liberation procedure
> is found and documented - currently, the documented liberation
> procedure is: "Remove program/package. Use GNU IceCat, or
> equivalent"[2] - if there is a better candidate procedure now, let us
> get it onto the table for discussion
> 
> i would like to consider all FSDG distros as being part of a larger
> federation, sharing the same primary goals; but we cant all be reading
> all of the dev lists - let us communicate whenever applicable, in the
> common venue that exists for that purpose[3] - i tried enticing the
> folks on the guix team to do that previously - if there is indeed
> something new to announce regarding chromium's dubious FSDG status,
> please elect someone from guix to do so now - this would be very
> interesting news to the readers of that list, and your effort and/or
> accomplishment would be sincerely applauded - other FSDG distros would
> be happy (and some quite eager) to re-instate any of these
> chromium-derived packages if a consensus could be reached that any of
> them could be distributed 100% freely; but if all distros are to decide
> for themselves what is freely distributable and what is not, without
> evidence and without discussing it with the other FSDG distros nor the
> FSF, then the FSDG loses its teeth, and we all look wishy-washy and
> flakey on that, the main, central FSDG concern: which programs are
> freely distributable and which are not
> 
> 
> [1]: https://lists.gnu.org/archive/html/guix-devel/2018-09/msg00264.html
> [2]:
> https://libreplanet.org/wiki/List_of_software_that_does_not_respect_the_Free_System_Distribution_Guidelines#chromium-browser
> [3]: https://lists.nongnu.org/mailman/listinfo/gnu-linux-libre

Sorry, I didn't notice that this thread was on multiple lists, so when I
hit "Reply List" it only went to the GNU-linux-libre list. Sending a
copy to the other lists; sorry for the messiness.

I'm not sure if I've mentioned it on the GNU-linux-libre list before,
but I have never seen any actual evidence of the current version of
Chromium containing proprietary components.

It's an unreasonable standard to demand proof that programs are libre.
That's an impossible thing to prove. If someone points out, as I have
many times, "I have looked through Chromium's code and not found a
single proprietary program," someone can simply say that they didn't
look hard enough.

That LibrePlanet page, by the way, is not evidence of Chromium
containing proprietary components. It claims such, but the only evidence
provided is a copyright file that clearly indicates a libre license, and
a bug report about not passing a license checking script, which I might
add is also not proof of any program being proprietary. Not to mention,
this is from over eight years ago. Should distro maintainers also take
the outdated recommendation to remove Project: Starfighter from that
page at face value, despite the fact that I released a completely libre
version almost four years ago? The point is, that's a wiki page
sporadically maintained by volunteers. It's a possible starting point
(though to be honest I'm not so sure it's even useful for that), but not
an indication of the GNU FSDG gold standard, so to speak.

On Sun, Feb 03, 2019 at 11:52:04PM -0500, bill-auger wrote:
> what is the evidence for this claim that this guix package is "free
> software only"? - what does "Marks beautiful computed-origin-method" do
> toward that end? - if a procedure for liberating any chromium-derived
> software has been discovered, this would be a marvelous accomplishment
> and very good news indeed, of which people outside of the guix dev team
> would also be interested to learn

If you have a concrete example of a Chromium component that is not free
software please list it in a reply-all this email.

In general, if upstream developers say their software is released under
a free software license by putting the license header in the repo or in
the files, then we take them at their word.

On Mon, 4 Feb 2019 14:46:38 +0100 Leo wrote:
> If you have a concrete example of a Chromium component that is not
> free software please list it in a reply-all this email.

this is not a discussion list i will apologize in advance for this
length reply - i did not CC this list

if you demand evidence you need look no further than the upstream
itself - the upstream developers can not verify for themselves that
their program is freely licensed; as evidenced by the 10 year old bug
report on this issue that is still open

https://bugs.chromium.org/p/chromium/issues/detail?id=28291

the default copy permissions for every copyrighted work is "none" - in
order for that work be be set free, the author must very explicitly
label it as such, and try their very best to ensure that their formal
statement of permission follows along with any copies of it - because if
that permission is missing, or difficult to locate or to comprehend,
there is no reason to assume the work is freely distributable

i would hope that i would not need to explain that to a member of
GNU

the burden of proof is not upon the one who claims that the default
case applies, it is upon the one who claims that some special case
applies

and anyway - let me please repeat this one more time - i have no desire
to defend nor condemn this particular program - this has been
discussed ad nauseam for many years - all that i intend today is to
entice the guix developers to communicate with the other FSDG distros
and the FSF to reach a uniform consensus on the matter - rather than to
see guix choose to distribute it, while all other FSDG distros are in
agreement not to distribute it

Hi bill-auger,

bill-auger <bill-auger@peers.community> skribis:

> re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html
>
> i would like to remind readers of the guix-devel list that it was
> discussed some months ago, why no FSDG distros currently distribute
> chromium[1] - it appeared at that time, that most people in that
> discussion were in agreement that chromium should not be included in
> guix; and marius was instead hosting it in a private repo, as not to
> taint the main guix repos with dubious software - has there been a
> notable break-through since then?

It’s not entirely clear to me what the problems are, to be honest.
Marius listed specific issues that were addressed by the patches; others
then pointed out at additional issues that ungoogled-chromium fixes,
which Marius took into account; what’s left now?

I understand you’re skeptical about Chromium, but we cannot base
decisions based on vague skepticism.  If you know of issues that are
still unaddressed, please do list them.

I’d also like to stress that, if Chromium is eventually included in
Guix, we are committed to fixing it or removing it should someone later
discover that it does not comply with the FSDG (that’s the “Commitment
to Correct Mistakes” section of FSDG.)

> i would like to consider all FSDG distros as being part of a larger
> federation, sharing the same primary goals;

As you know, several of us have occasionally asked for advice on the
gnu-linux-libre list regarding concrete issues that we encountered (a
recent example was Inferno, which we ended up not adding to the distro
due to unresolved issues.)

I believe Marius and others here made a real effort in understanding and
addressing the ways in which Chromium would not comply with the FSDG.
If you’re aware of issues that are unaddressed, please share!

Thank you,
Ludo’.

Marius Bakke <mbakke@fastmail.com> skrev: (2 februari 2019 20:20:23 CET)
>Thanks to Marks beautiful "computed-origin-method", Ungoogled-Chromium
>is finally ready for inclusion in Guix.
>
>Features:
>* Chromium 72.
>* No unsolicited network traffic.
>* Free software only.
>* No DRM.
>* Not an April Fools joke.
>
>It's currently using my trivial "fork" of Ungoogled-Chromium[0], which
>will be upstreamed once the upstream reorganization[1] is done.
>
>Comments appreciated!
>
>[0]:
>https://github.com/mbakke/ungoogled-chromium/commit/f9b9074c322a67b04baf0982797cd7b7e09614b5
>[1]: https://github.com/Eloston/ungoogled-chromium/issues/651
>
>* gnu/packages/aux-files/chromium/master-preferences.json,
>gnu/packages/chromium.scm: New files.
>* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
>---
> gnu/local.mk                                  |   1 +
> .../chromium/master-preferences.json          |  26 +
> gnu/packages/chromium.scm                     | 741 ++++++++++++++++++
> 3 files changed, 768 insertions(+)
>create mode 100644
>gnu/packages/aux-files/chromium/master-preferences.json
> create mode 100644 gnu/packages/chromium.scm
>
>diff --git a/gnu/local.mk b/gnu/local.mk
>index 82db1488d6..b5e937cdd7 100644
>--- a/gnu/local.mk
>+++ b/gnu/local.mk
>@@ -100,6 +100,7 @@ GNU_SYSTEM_MODULES =				\
>   %D%/packages/check.scm			\
>   %D%/packages/chemistry.scm			\
>   %D%/packages/chez.scm				\
>+  %D%/packages/chromium.scm			\
>   %D%/packages/ci.scm				\
>   %D%/packages/cinnamon.scm			\
>   %D%/packages/clojure.scm			\
>diff --git a/gnu/packages/aux-files/chromium/master-preferences.json
>b/gnu/packages/aux-files/chromium/master-preferences.json
>new file mode 100644
>index 0000000000..0caa7cc4cd
>--- /dev/null
>+++ b/gnu/packages/aux-files/chromium/master-preferences.json
>@@ -0,0 +1,26 @@
>+{
>+  "distribution": {
>+     "import_bookmarks": false,
>+     "make_chrome_default": false,
>+     "make_chrome_default_for_user": false,
>+     "verbose_logging": true,
>+     "skip_first_run_ui": true,
>+     "suppress_first_run_default_browser_prompt": true
>+  },
>+  "browser": {
>+     "has_seen_welcome_page" : true,
>+     "check_default_browser" : false
>+  },
>+  "dns_prefetching": {
>+    "enabled": false
>+  },
>+  "alternate_error_pages": {
>+    "enabled": false
>+  },
>+  "hardware": {
>+    "audio_capture_enabled": false
>+  },
>+  "default_apps": "noinstall",
>+  "hide_web_store_icon": true,
>+  "homepage": "https://www.gnu.org/software/guix"
>+}
>diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
>new file mode 100644
>index 0000000000..eb404246d3
>--- /dev/null
>+++ b/gnu/packages/chromium.scm
>@@ -0,0 +1,741 @@
>+;;; GNU Guix --- Functional package management for GNU
>+;;; Copyright © 2019 Marius Bakke <mbakke@fastmail.com>
>+;;;
>+;;; GNU Guix is free software; you can redistribute it and/or modify
>it
>+;;; under the terms of the GNU General Public License as published by
>+;;; the Free Software Foundation; either version 3 of the License, or
>(at
>+;;; your option) any later version.
>+;;;
>+;;; GNU Guix is distributed in the hope that it will be useful, but
>+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
>+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
>+;;; GNU General Public License for more details.
>+;;;
>+;;; You should have received a copy of the GNU General Public License
>+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
>+
>+(define-module (gnu packages chromium)
>+  #:use-module ((guix licenses) #:prefix license:)
>+  #:use-module (guix packages)
>+  #:use-module (guix gexp)
>+  #:use-module (guix store)
>+  #:use-module (guix monads)
>+  #:use-module (guix download)
>+  #:use-module (guix git-download)
>+  #:use-module (guix utils)
>+  #:use-module (guix build-system gnu)
>+  #:use-module (gnu packages)
>+  #:use-module (gnu packages assembly)
>+  #:use-module (gnu packages base)
>+  #:use-module (gnu packages bison)
>+  #:use-module (gnu packages build-tools)
>+  #:use-module (gnu packages compression)
>+  #:use-module (gnu packages cups)
>+  #:use-module (gnu packages curl)
>+  #:use-module (gnu packages fontutils)
>+  #:use-module (gnu packages gcc)
>+  #:use-module (gnu packages ghostscript)
>+  #:use-module (gnu packages gl)
>+  #:use-module (gnu packages glib)
>+  #:use-module (gnu packages gnome)
>+  #:use-module (gnu packages gnuzilla)
>+  #:use-module (gnu packages gperf)
>+  #:use-module (gnu packages gtk)
>+  #:use-module (gnu packages icu4c)
>+  #:use-module (gnu packages image)
>+  #:use-module (gnu packages libevent)
>+  #:use-module (gnu packages libffi)
>+  #:use-module (gnu packages linux)
>+  #:use-module (gnu packages kerberos)
>+  #:use-module (gnu packages ninja)
>+  #:use-module (gnu packages node)
>+  #:use-module (gnu packages pciutils)
>+  #:use-module (gnu packages pkg-config)
>+  #:use-module (gnu packages pulseaudio)
>+  #:use-module (gnu packages python)
>+  #:use-module (gnu packages python-web)
>+  #:use-module (gnu packages python-xyz)
>+  #:use-module (gnu packages regex)
>+  #:use-module (gnu packages serialization)
>+  #:use-module (gnu packages speech)
>+  #:use-module (gnu packages tls)
>+  #:use-module (gnu packages valgrind)
>+  #:use-module (gnu packages vulkan)
>+  #:use-module (gnu packages video)
>+  #:use-module (gnu packages xiph)
>+  #:use-module (gnu packages xml)
>+  #:use-module (gnu packages xdisorg)
>+  #:use-module (gnu packages xorg))
>+
>+(define %preserved-third-party-files
>+  '("base/third_party/dmg_fp" ;X11-style
>+    "base/third_party/dynamic_annotations" ;BSD-2
>+    "base/third_party/icu" ;Unicode, X11-style
>+    "base/third_party/superfasthash" ;BSD-3
>+    "base/third_party/symbolize" ;BSD-3
>+    "base/third_party/xdg_mime" ;LGPL2.1+ or Academic 2.0
>+    "base/third_party/xdg_user_dirs" ;Expat
>+    "chrome/third_party/mozilla_security_manager"
>;MPL-1.1/GPL2+/LGPL2.1+
>+    "courgette/third_party/bsdiff" ;BSD-2, BSD protection license
>+    "courgette/third_party/divsufsort" ;Expat
>+    "net/third_party/http2" ;BSD-3
>+    "net/third_party/mozilla_security_manager" ;MPL-1.1/GPL2+/LGPL2.1+
>+    "net/third_party/nss" ;MPL-2.0
>+    "net/third_party/quic" ;BSD-3
>+    "net/third_party/spdy" ;BSD-3
>+    "net/third_party/uri_template" ;ASL2.0
>+    "third_party/abseil-cpp" ;ASL2.0
>+    "third_party/adobe/flash/flapper_version.h" ;no license, trivial
>+    "third_party/angle" ;BSD-3
>+    "third_party/angle/src/common/third_party/base" ;BSD-3
>+    "third_party/angle/src/common/third_party/smhasher" ;Public domain
>+    "third_party/angle/src/common/third_party/xxhash" ;BSD-2
>+    "third_party/angle/src/third_party/compiler" ;BSD-2
>+    "third_party/angle/src/third_party/libXNVCtrl" ;Expat
>+    "third_party/angle/src/third_party/trace_event" ;BSD-3
>+    "third_party/angle/third_party/glslang" ;BSD-3
>+    "third_party/angle/third_party/spirv-headers" ;Expat
>+    "third_party/angle/third_party/spirv-tools" ;Expat
>+    "third_party/angle/third_party/vulkan-headers" ;ASL2.0
>+    "third_party/angle/third_party/vulkan-loader" ;ASL2.0
>+    "third_party/angle/third_party/vulkan-tools" ;ASL2.0
>+    "third_party/angle/third_party/vulkan-validation-layers" ;ASL2.0
>+    "third_party/apple_apsl" ;APSL2.0
>+    "third_party/blink" ;BSD-3
>+    "third_party/boringssl" ;OpenSSL/ISC (Google additions are ISC)
>+    "third_party/boringssl/src/third_party/fiat" ;Expat
>+    "third_party/breakpad" ;BSD-3
>+    "third_party/brotli" ;Expat
>+    "third_party/cacheinvalidation" ;ASL2.0
>+    "third_party/catapult" ;BSD-3
>+    "third_party/catapult/common/py_vulcanize/third_party/rcssmin"
>;ASL2.0
>+    "third_party/catapult/common/py_vulcanize/third_party/rjsmin"
>;ASL2.0
>+    "third_party/catapult/third_party/polymer" ;BSD-3
>+    "third_party/catapult/tracing/third_party/d3" ;BSD-3
>+    "third_party/catapult/tracing/third_party/gl-matrix" ;Expat
>+    "third_party/catapult/tracing/third_party/jszip" ;Expat or GPL3
>+    "third_party/catapult/tracing/third_party/mannwhitneyu" ;Expat
>+    "third_party/catapult/tracing/third_party/oboe" ;BSD-2
>+    "third_party/catapult/tracing/third_party/pako" ;Expat
>+    "third_party/ced" ;BSD-3
>+    "third_party/cld_3" ;ASL2.0
>+    "third_party/closure_compiler" ;ASL2.0
>+    "third_party/crashpad" ;ASL2.0
>+    "third_party/crashpad/crashpad/third_party/zlib/zlib_crashpad.h"
>;Zlib
>+    "third_party/crc32c" ;BSD-3
>+    "third_party/cros_system_api" ;BSD-3
>+    "third_party/dom_distiller_js" ;BSD-3
>+    "third_party/fips181" ;BSD-3
>+    "third_party/flatbuffers" ;ASL2.0
>+    "third_party/google_input_tools" ;ASL2.0
>+    "third_party/google_input_tools/third_party/closure_library"
>;ASL2.0
>+   
>"third_party/google_input_tools/third_party/closure_library/third_party/closure"
>;Expat
>+    "third_party/googletest" ;BSD-3
>+    "third_party/hunspell" ;MPL1.1/GPL2+/LGPL2.1+
>+    "third_party/iccjpeg" ;IJG
>+    "third_party/inspector_protocol" ;BSD-3
>+    "third_party/jinja2" ;BSD-3
>+    "third_party/jstemplate" ;ASL2.0
>+    "third_party/khronos" ;Expat, SGI
>+    "third_party/leveldatabase" ;BSD-3
>+    "third_party/libXNVCtrl" ;Expat
>+    "third_party/libaddressinput" ;ASL2.0
>+    "third_party/libaom" ;BSD-2 or "Alliance for Open Media Patent
>License 1.0"
>+    "third_party/libaom/source/libaom/third_party/vector" ;Expat
>+    "third_party/libaom/source/libaom/third_party/x86inc" ;ISC
>+    "third_party/libjingle_xmpp" ;BSD-3
>+    "third_party/libphonenumber" ;ASL2.0
>+    "third_party/libsecret" ;LGPL2.1+
>+    "third_party/libsrtp" ;BSD-3
>+    "third_party/libsync" ;ASL2.0
>+    "third_party/libudev" ;LGPL2.1+
>+    "third_party/libwebm" ;BSD-3
>+    "third_party/libxml/chromium" ;BSD-3
>+    "third_party/libyuv" ;BSD-3
>+    "third_party/lss" ;BSD-3
>+    "third_party/markupsafe" ;BSD-3
>+    "third_party/mesa_headers" ;Expat, SGI
>+    "third_party/metrics_proto" ;BSD-3
>+    "third_party/modp_b64" ;BSD-3
>+    "third_party/nasm" ;BSD-2
>+    "third_party/node" ;Expat
>+   
>"third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2"
>;BSD-2
>+    "third_party/ots" ;BSD-3
>+    "third_party/pdfium" ;BSD-3
>+    "third_party/pdfium/third_party/agg23" ;Expat
>+    "third_party/pdfium/third_party/base" ;BSD-3
>+    "third_party/pdfium/third_party/bigint" ;Public domain, BSD-3
>+    "third_party/pdfium/third_party/skia_shared" ;BSD-3
>+    "third_party/pdfium/third_party/freetype/include/pstables.h"
>;FreeType
>+    "third_party/ply" ;BSD-3
>+    "third_party/polymer" ;BSD-3
>+    "third_party/protobuf" ;BSD-3
>+    "third_party/protobuf/third_party/six" ;Expat
>+    "third_party/pyjson5" ;ASL2.0
>+    "third_party/qcms" ;Expat
>+    "third_party/rnnoise" ;BSD-3
>+    "third_party/s2cellid" ;ASL2.0
>+    "third_party/sfntly" ;ASL2.0
>+    "third_party/skia" ;BSD-3
>+    "third_party/skia/third_party/gif" ;MPL1.1/GPL2+/LGPL2.1+
>+    "third_party/skia/third_party/skcms" ;BSD-3
>+    "third_party/skia/third_party/vulkan" ;BSD-3
>+    "third_party/smhasher" ;Expat, public domain
>+    "third_party/speech-dispatcher" ;GPL2+
>+    "third_party/spirv-headers" ;ASL2.0
>+    "third_party/SPIRV-Tools" ;ASL2.0
>+    "third_party/sqlite" ;Public domain
>+    "third_party/ungoogled" ;BSD-3
>+    "third_party/usb_ids" ;BSD-3
>+    "third_party/usrsctp" ;BSD-2
>+    "third_party/web-animations-js" ;ASL2.0
>+    "third_party/webdriver" ;ASL2.0
>+    "third_party/webrtc" ;BSD-3
>+    "third_party/webrtc/common_audio/third_party/fft4g" ;Non-copyleft
>+    "third_party/webrtc/common_audio/third_party/spl_sqrt_floor"
>;Public domain
>+    "third_party/webrtc/modules/third_party/fft" ;Non-copyleft
>+    "third_party/webrtc/modules/third_party/g711" ;Public domain
>+    "third_party/webrtc/modules/third_party/g722" ;Public domain
>+    "third_party/webrtc/rtc_base/third_party/base64" ;Non-copyleft
>+    "third_party/webrtc/rtc_base/third_party/sigslot" ;Public domain
>+    "third_party/widevine/cdm/widevine_cdm_version.h" ;BSD-3
>+    "third_party/widevine/cdm/widevine_cdm_common.h" ;BSD-3
>+    "third_party/woff2" ;ASL2.0
>+    "third_party/xdg-utils" ;Expat
>+    "third_party/yasm/run_yasm.py" ;BSD-2 or BSD-3
>+    "third_party/zlib/google" ;BSD-3
>+    "url/third_party/mozilla" ;BSD-3, MPL1.1/GPL2+/LGPL2.1+
>+    "v8/src/third_party/utf8-decoder" ;Expat
>+    "v8/src/third_party/valgrind" ;BSD-4
>+    "v8/third_party/inspector_protocol" ;BSD-3
>+    "v8/third_party/v8/builtins")) ;PSFL
>+
>+(define* (computed-origin-method gexp-promise hash-algo hash
>+                                 #:optional (name "source")
>+                                 #:key (system (%current-system))
>+                                 (guile (default-guile)))
>+  "Return a derivation that executes the G-expression that results
>+from forcing GEXP-PROMISE."
>+  (mlet %store-monad ((guile (package->derivation guile system)))
>+    (gexp->derivation (or name "computed-origin")
>+                      (force gexp-promise)
>+                      #:system system
>+                      #:guile-for-build guile)))
>+
>+(define %chromium-version "72.0.3626.81")
>+(define %ungoogled-revision
>"f9b9074c322a67b04baf0982797cd7b7e09614b5")
>+
>+;; This is a computed origin that does the following:
>+;; 1) Runs the Ungoogled scripts on a pristine Chromium tarball.
>+;; 2) Prunes all third_party folders that are not explicitly
>preserved.
>+;; 3) Adjusts "GN" build files such that system libraries are
>preferred.
>+(define ungoogled-chromium-source
>+  (let* ((chromium-source
>+          (origin
>+            (method url-fetch)
>+            (uri (string-append
>"https://commondatastorage.googleapis.com"
>+                                "/chromium-browser-official/chromium-"
>+                                %chromium-version ".tar.xz"))
>+            (sha256
>+             (base32
>+             
>"01l0vlvcckpag376mjld7qprv63l0z8li689k0h6v3h0i7irzs6z"))))
>+         (ungoogled-source
>+          (origin
>+            (method git-fetch)
>+            (uri (git-reference (url
>"https://github.com/mbakke/ungoogled-chromium")
>+                                (commit %ungoogled-revision)))
>+            (file-name (git-file-name "ungoogled-chromium"
>+                                      (string-take %ungoogled-revision
>7)))
>+            (sha256
>+             (base32
>+             
>"0gmk1n3i7lbm7rw8zl4df171yhvrlimj8ksj096bf2dlfhbd44rb")))))
>+
>+    (origin
>+      (method computed-origin-method)
>+      (file-name (string-append "ungoogled-chromium-"
>%chromium-version ".tar.xz"))
>+      (sha256 #f)
>+      (uri
>+       (delay
>+         (with-imported-modules '((guix build utils))
>+           #~(begin
>+               (use-modules (guix build utils))
>+               (let ((chromium-dir    (string-append "chromium-"
>#$%chromium-version))
>+                     (preserved-files (list
>#$@%preserved-third-party-files)))
>+
>+                 (mkdir "/tmp/bin")
>+                 (set-path-environment-variable
>+                  "PATH" '("bin")
>+                  (list "/tmp"
>+                        #+(canonical-package patch)
>+                        #+(canonical-package xz)
>+                        #+(canonical-package tar)
>+                        #+python-2
>+                        #+python))
>+
>+                 (copy-recursively #+ungoogled-source
>"/tmp/ungoogled")
>+
>+                 (with-directory-excursion "/tmp/ungoogled"
>+
>+                   (format #t "Unpacking chromium tarball...~%")
>+                   (force-output)
>+                   (invoke "tar" "xf" #+chromium-source)
>+
>+                   (format #t "Ungooglifying...~%")
>+                   (force-output)
>+                   (invoke "python3" "run_buildkit_cli.py" "prune"
>+                           "-b" "config_bundles/guix" chromium-dir)
>+                   (invoke "python3" "run_buildkit_cli.py" "patches"
>"apply"
>+                           "-b" "config_bundles/guix" chromium-dir)
>+                   (invoke "python3" "run_buildkit_cli.py" "domains"
>"apply"
>+                           "-b" "config_bundles/linux_rooted"
>+                           "-c" "/tmp/domainscache.tar.gz"
>chromium-dir)
>+
>+                   (with-directory-excursion chromium-dir
>+                     (format #t "Pruning third party files...~%")
>+                     (force-output)
>+                     (apply invoke "python"
>+                            
>"build/linux/unbundle/remove_bundled_libraries.py"
>+                             "--do-remove" preserved-files)
>+
>+                     (format #t "Replacing GN files...~%")
>+                     (force-output)
>+                     (invoke "python3"
>"build/linux/unbundle/replace_gn_files.py"
>+                             "--system-libraries" "ffmpeg" "flac"
>"fontconfig"
>+                             "freetype" "harfbuzz-ng" "icu" "libdrm"
>"libevent"
>+                             "libjpeg" "libpng" "libvpx" "libwebp"
>"libxml"
>+                             "libxslt" "openh264" "opus" "re2"
>"snappy" "yasm"
>+                             "zlib"))
>+
>+                   (format #t (string-append "Packing new Ungoogled
>tarball ...~%"))
>+                   (force-output)
>+                   (invoke "tar" "cvfa" #$output
>+                           ;; Avoid non-determinism in the archive.
>+                           "--mtime=@0"
>+                           "--owner=root:0"
>+                           "--group=root:0"
>+                           "--sort=name"
>+                           chromium-dir)
>+
>+                   #t)))))))))
>+
>+(define opus+custom
>+  (package/inherit opus
>+    (name "opus+custom")
>+    (arguments
>+     (substitute-keyword-arguments (package-arguments opus)
>+       ((#:configure-flags flags ''())
>+        ;; Opus Custom is an optional extension of the Opus
>+        ;; specification that allows for unsupported frame
>+        ;; sizes.  Chromium requires that this is enabled.
>+        `(cons "--enable-custom-modes"
>+               ,flags))))))
>+
>+(define libvpx/chromium
>+  ;; Chromium 66 and later requires an unreleased libvpx, so we take
>the
>+  ;; commit from "third_party/libvpx/README.chromium" in the tarball.
>+  (let ((version (package-version libvpx))
>+        (commit "e188b5435de71bcd602c378f1ac0441111f0f915")
>+        (revision "0"))
>+    (package/inherit libvpx
>+      (name "libvpx-chromium")
>+      (version (git-version version revision commit))
>+      (source (origin
>+                (method git-fetch)
>+                (uri (git-reference
>+                      (url
>"https://chromium.googlesource.com/webm/libvpx")
>+                      (commit commit)))
>+                (file-name (git-file-name name version))
>+                (sha256
>+                 (base32
>+                 
>"0v7lzvgy45zh7zwzmmzkvbcqmhs4xa97z0h97hd3j6myrxcfz1n9")))))))
>+
>+;; Transitional package until HarfBuzz 2.2 is available in Guix master
>branch.
>+(define harfbuzz/chromium
>+  (package/inherit harfbuzz
>+    (version "2.2.0")
>+    (source (origin
>+              (inherit (package-source harfbuzz))
>+              (uri (string-append
>"https://www.freedesktop.org/software/harfbuzz"
>+                                  "/release/harfbuzz-" version
>".tar.bz2"))
>+              (sha256
>+               (base32
>+               
>"047q63jr513azf3g1y7f5xn60b4jdjs9zsmrx04sfw5rasyzrk5p"))))))
>+
>+(define-public ungoogled-chromium
>+  (package
>+    (name "ungoogled-chromium")
>+    (version %chromium-version)
>+    (synopsis "Graphical web browser")
>+    (source ungoogled-chromium-source)
>+    (build-system gnu-build-system)
>+    (arguments
>+     `(#:tests? #f
>+       ;; FIXME: There is a "gn" option specifically for setting
>-rpath, but
>+       ;; it overrides the RUNPATH set by the linker.
>+       #:validate-runpath? #f
>+       #:modules ((guix build gnu-build-system)
>+                  (guix build utils)
>+                  (ice-9 ftw)
>+                  (ice-9 regex)
>+                  (srfi srfi-26))
>+       #:configure-flags
>+       ;; See tools/gn/docs/cookbook.md and
>+       ;; https://www.chromium.org/developers/gn-build-configuration
>+       ;; for usage.  Run "./gn args . --list" in the Release
>+       ;; directory for an exhaustive list of supported flags.
>+       ;; (Note: The 'configure' phase will do that for you.)
>+       (list "is_debug=false"
>+             "use_gold=false"
>+             "use_lld=false"
>+             "linux_use_bundled_binutils=false"
>+             "use_custom_libcxx=false"
>+             "use_sysroot=false"
>+             "enable_precompiled_headers=false"
>+             "goma_dir=\"\""
>+             "enable_nacl=false"
>+             "enable_nacl_nonsfi=false"
>+             "use_allocator=\"none\""   ;don't use tcmalloc
>+             "use_unofficial_version_number=false"
>+
>+             ;; Define a custom toolchain that simply looks up CC, AR
>and
>+             ;; friends from the environment.
>+            
>"custom_toolchain=\"//build/toolchain/linux/unbundle:default\""
>+            
>"host_toolchain=\"//build/toolchain/linux/unbundle:default\""
>+
>+             ;; Don't assume it's clang.
>+             "is_clang=false"
>+
>+             ;; Optimize for building everything at once, as opposed
>to
>+             ;; incrementally for development.  See "docs/jumbo.md".
>+             "use_jumbo_build=true"
>+
>+             ;; Disable type-checking for the Web UI to avoid a Java
>dependency.
>+             "closure_compile=false"
>+
>+             ;; Disable debugging features to save space.
>+             "blink_symbol_level=0"
>+             "enable_iterator_debugging=false"
>+
>+             ;; Some of the unbundled libraries throws deprecation
>+             ;; warnings, etc.  Ignore it.
>+             "treat_warnings_as_errors=false"
>+
>+             ;; Don't add any API keys.  End users can set them in the
>+             ;; environment if desired.  See
>+             ;;
><https://www.chromium.org/developers/how-tos/api-keys>.
>+             "use_official_google_api_keys=false"
>+
>+             ;; Disable "safe browsing", which pulls in a dependency
>on
>+             ;; the nonfree "unrar" program (as of m66).
>+             "safe_browsing_mode=0"
>+
>+             ;; Disable "field trials".
>+             "fieldtrial_testing_like_official_build=true"
>+
>+             ;; Ungoogled components.
>+             "enable_mdns=false"
>+             "enable_one_click_signin=false"
>+             "enable_reading_list=false"
>+             "enable_remoting=false"
>+             "enable_reporting=false"
>+             "enable_service_discovery=false"
>+             "enable_swiftshader=false"
>+             "use_vaapi=true"
>+
>+             ;; Use system libraries where possible.
>+             "use_system_freetype=true"
>+             "use_system_harfbuzz=true"
>+             "use_system_lcms2=true"
>+             "use_system_libdrm=true"
>+             "use_system_libjpeg=true"
>+             "use_system_libpng=true"
>+             ;;"use_system_libsync=true"
>+             "use_system_zlib=true"
>+
>+             "use_gnome_keyring=false"  ;deprecated by libsecret
>+             "use_openh264=true"
>+             "use_pulseaudio=true"
>+             "link_pulseaudio=true"
>+
>+             ;; Don't arbitrarily restrict formats supported by system
>ffmpeg.
>+             "proprietary_codecs=true"
>+             "ffmpeg_branding=\"Chrome\""
>+
>+             ;; WebRTC stuff.
>+             "rtc_use_h264=true"
>+             ;; Don't use bundled sources.
>+             "rtc_build_json=false"
>+             "rtc_build_libevent=false"
>+             "rtc_build_libvpx=false"
>+             "rtc_build_opus=false"
>+             "rtc_build_ssl=false"
>+
>+             "rtc_build_libsrtp=true"   ;FIXME: fails to find headers
>+             "rtc_build_usrsctp=true"   ;TODO: package this
>+             (string-append "rtc_jsoncpp_root=\""
>+                            (assoc-ref %build-inputs "jsoncpp")
>+                            "/include/jsoncpp/json\"")
>+             (string-append "rtc_ssl_root=\""
>+                            (assoc-ref %build-inputs "openssl")
>+                            "/include/openssl\""))
>+       #:phases
>+       (modify-phases %standard-phases
>+         (add-after 'unpack 'patch-stuff
>+           (lambda* (#:key inputs #:allow-other-keys)
>+             (substitute* "printing/cups_config_helper.py"
>+               (("cups_config =.*")
>+                (string-append "cups_config = '" (assoc-ref inputs
>"cups")
>+                               "/bin/cups-config'\n")))
>+
>+             (substitute*
>+                 '("base/process/launch_posix.cc"
>+                  
>"base/third_party/dynamic_annotations/dynamic_annotations.c"
>+                   "sandbox/linux/seccomp-bpf/sandbox_bpf.cc"
>+                   "sandbox/linux/services/credentials.cc"
>+                   "sandbox/linux/services/namespace_utils.cc"
>+                   "sandbox/linux/services/syscall_wrappers.cc"
>+                   "sandbox/linux/syscall_broker/broker_host.cc")
>+               (("include \"base/third_party/valgrind/") "include
>\"valgrind/"))
>+
>+             (for-each (lambda (file)
>+                         (substitute* file
>+                           ;; Fix opus include path.
>+                           ;; Do not substitute opus_private.h.
>+                           (("#include \"opus\\.h\"")
>+                            "#include \"opus/opus.h\"")
>+                           (("#include \"opus_custom\\.h\"")
>+                            "#include \"opus/opus_custom.h\"")
>+                           (("#include \"opus_defines\\.h\"")
>+                            "#include \"opus/opus_defines.h\"")
>+                           (("#include \"opus_multistream\\.h\"")
>+                            "#include \"opus/opus_multistream.h\"")
>+                           (("#include \"opus_types\\.h\"")
>+                            "#include \"opus/opus_types.h\"")))
>+                       (find-files (string-append
>"third_party/webrtc/modules"
>+                                                 
>"/audio_coding/codecs/opus")))
>+
>+             (substitute* "chrome/common/chrome_paths.cc"
>+               (("/usr/share/chromium/extensions")
>+                ;; TODO: Add ~/.guix-profile.
>+               
>"/run/current-system/profile/share/chromium/extensions"))
>+
>+             ;; XXX: Should be unnecessary when use_system_lcms2=true.
>+             (substitute*
>"third_party/pdfium/core/fxcodec/codec/ccodec_iccmodule.h"
>+               (("include \"third_party/lcms/include/lcms2\\.h\"")
>+                "include \"lcms2.h\""))
>+
>+             (substitute*
>+                
>"third_party/breakpad/breakpad/src/common/linux/libcurl_wrapper.h"
>+               (("include \"third_party/curl") "include \"curl"))
>+
>+             (substitute* "third_party/webrtc/rtc_base/strings/json.h"
>+               (("#include \"third_party/jsoncpp/") "#include
>\"json/"))
>+
>+             (substitute* "media/base/decode_capabilities.cc"
>+               (("third_party/libvpx/source/libvpx/") ""))
>+
>+             (substitute* "ui/gfx/skia_util.h"
>+               (("third_party/vulkan/include/") ""))
>+
>+             ;; Building chromedriver embeds some files using the ZIP
>+             ;; format which doesn't support timestamps before
>+             ;; 1980. Therefore, advance the timestamps of the files
>+             ;; which are included so that building chromedriver
>+             ;; works.
>+             (let ((circa-1980 (* 10 366 24 60 60)))
>+               (for-each (lambda (file)
>+                           (utime file circa-1980 circa-1980))
>+                        
>'("chrome/test/chromedriver/extension/background.js"
>+                          
>"chrome/test/chromedriver/extension/manifest.json")))
>+
>+             #t))
>+         (add-before 'configure 'prepare-build-environment
>+           (lambda* (#:key inputs #:allow-other-keys)
>+
>+             ;; Make sure the right build tools are used.
>+             (setenv "AR" "ar") (setenv "NM" "nm")
>+             (setenv "CC" "gcc") (setenv "CXX" "g++")
>+
>+             ;; Work around <https://bugs.gnu.org/30756>.
>+             (unsetenv "C_INCLUDE_PATH")
>+             (unsetenv "CPLUS_INCLUDE_PATH")
>+
>+             ;; TODO: pre-compile instead. Avoids a race condition.
>+             (setenv "PYTHONDONTWRITEBYTECODE" "1")
>+
>+             ;; XXX: How portable is this.
>+             (mkdir-p "third_party/node/linux/node-linux-x64")
>+             (symlink (string-append (assoc-ref inputs "node") "/bin")
>+                      "third_party/node/linux/node-linux-x64/bin")
>+
>+             #t))
>+         (replace 'configure
>+           (lambda* (#:key configure-flags #:allow-other-keys)
>+             (let ((args (string-join configure-flags " ")))
>+               ;; Generate ninja build files.
>+               (invoke "gn" "gen" "out/Release"
>+                       (string-append "--args=" args))
>+
>+               ;; Print the full list of supported arguments as well
>as
>+               ;; their current status for convenience.
>+               (format #t "Dumping configure flags...\n")
>+               (invoke "gn" "args" "out/Release" "--list"))))
>+         (replace 'build
>+           (lambda* (#:key outputs #:allow-other-keys)
>+             (invoke "ninja" "-C" "out/Release"
>+                     "-j" (number->string (parallel-job-count))
>+                     "chrome"
>+                     "chromedriver")))
>+         (replace 'install
>+           (lambda* (#:key inputs outputs #:allow-other-keys)
>+             (let* ((out            (assoc-ref outputs "out"))
>+                    (bin            (string-append out "/bin"))
>+                    (exe            (string-append bin "/chromium"))
>+                    (lib            (string-append out "/lib"))
>+                    (man            (string-append out
>"/share/man/man1"))
>+                    (applications   (string-append out
>"/share/applications"))
>+                    (install-regexp (make-regexp "\\.(bin|pak)$"))
>+                    (locales        (string-append lib "/locales"))
>+                    (resources      (string-append lib "/resources"))
>+                    (preferences    (assoc-ref inputs
>"master-preferences"))
>+                    (gtk+           (assoc-ref inputs "gtk+"))
>+                    (mesa           (assoc-ref inputs "mesa"))
>+                    (nss            (assoc-ref inputs "nss"))
>+                    (udev           (assoc-ref inputs "udev"))
>+                    (sh             (which "sh")))
>+
>+               (substitute* '("chrome/app/resources/manpage.1.in"
>+                             
>"chrome/installer/linux/common/desktop.template")
>+                 (("@@MENUNAME@@") "Chromium")
>+                 (("@@PACKAGE@@") "chromium")
>+                 (("/usr/bin/@@USR_BIN_SYMLINK_NAME@@") exe))
>+
>+               (mkdir-p man)
>+               (copy-file "chrome/app/resources/manpage.1.in"
>+                          (string-append man "/chromium.1"))
>+
>+               (mkdir-p applications)
>+               (copy-file
>"chrome/installer/linux/common/desktop.template"
>+                          (string-append applications
>"/chromium.desktop"))
>+
>+               (mkdir-p lib)
>+               (copy-file preferences (string-append lib
>"/master_preferences"))
>+
>+               (with-directory-excursion "out/Release"
>+                 (for-each (lambda (file)
>+                             (install-file file lib))
>+                           (scandir "." (cut regexp-exec
>install-regexp <>)))
>+                 (copy-file "chrome" (string-append lib "/chromium"))
>+
>+                 ;; TODO: Install icons from "../../chrome/app/themes"
>into
>+                 ;; "out/share/icons/hicolor/$size".
>+                 (install-file
>+                  "product_logo_48.png"
>+                  (string-append out
>"/share/icons/48x48/chromium.png"))
>+
>+                 (copy-recursively "locales" locales)
>+                 (copy-recursively "resources" resources)
>+
>+                 (mkdir-p bin)
>+                 (symlink "../lib/chromium" exe)
>+                 (install-file "chromedriver" bin)
>+
>+                 (wrap-program exe
>+                   ;; TODO: Get these in RUNPATH.
>+                   `("LD_LIBRARY_PATH" ":" prefix
>+                     (,(string-append lib ":" nss "/lib/nss:" gtk+
>"/lib:"
>+                                      mesa "/lib:" udev "/lib")))
>+                   ;; Avoid file manager crash.  See
><https://bugs.gnu.org/26593>.
>+                   `("XDG_DATA_DIRS" ":" prefix (,(string-append gtk+
>"/share"))))
>+                 #t)))))))
>+    (native-inputs
>+     `(("bison" ,bison)
>+       ("gcc" ,gcc-8)
>+       ("gn" ,gn)
>+       ("gperf" ,gperf)
>+       ("ninja" ,ninja)
>+       ("node" ,node)
>+       ("pkg-config" ,pkg-config)
>+       ("which" ,which)
>+       ("yasm" ,yasm)
>+
>+       ;; This file contains defaults for new user profiles.
>+       ("master-preferences" ,(local-file
>"aux-files/chromium/master-preferences.json"))
>+
>+       ("python-beautifulsoup4" ,python2-beautifulsoup4)
>+       ("python-html5lib" ,python2-html5lib)
>+       ("python" ,python-2)))
>+    (inputs
>+     `(("alsa-lib" ,alsa-lib)
>+       ("atk" ,atk)
>+       ("cups" ,cups)
>+       ("curl" ,curl)
>+       ("dbus" ,dbus)
>+       ("dbus-glib" ,dbus-glib)
>+       ("expat" ,expat)
>+       ("flac" ,flac)
>+       ("ffmpeg" ,ffmpeg)
>+       ("fontconfig" ,fontconfig)
>+       ("freetype" ,freetype)
>+       ("gdk-pixbuf" ,gdk-pixbuf)
>+       ("glib" ,glib)
>+       ("gtk+" ,gtk+)
>+       ("harfbuzz" ,harfbuzz/chromium)
>+       ("icu4c" ,icu4c)
>+       ("jsoncpp" ,jsoncpp)
>+       ("lcms" ,lcms)
>+       ("libevent" ,libevent)
>+       ("libffi" ,libffi)
>+       ("libjpeg-turbo" ,libjpeg-turbo)
>+       ("libpng" ,libpng)
>+       ("libva" ,libva)
>+       ("libvpx" ,libvpx/chromium)
>+       ("libwebp" ,libwebp)
>+       ("libx11" ,libx11)
>+       ("libxcb" ,libxcb)
>+       ("libxcomposite" ,libxcomposite)
>+       ("libxcursor" ,libxcursor)
>+       ("libxdamage" ,libxdamage)
>+       ("libxext" ,libxext)
>+       ("libxfixes" ,libxfixes)
>+       ("libxi" ,libxi)
>+       ("libxml2" ,libxml2)
>+       ("libxrandr" ,libxrandr)
>+       ("libxrender" ,libxrender)
>+       ("libxscrnsaver" ,libxscrnsaver)
>+       ("libxslt" ,libxslt)
>+       ("libxtst" ,libxtst)
>+       ("mesa" ,mesa)
>+       ("minizip" ,minizip)
>+       ("mit-krb5" ,mit-krb5)
>+       ("nss" ,nss)
>+       ("openh264" ,openh264)
>+       ("openjpeg" ,openjpeg)                          ;PDFium only
>+       ("openssl" ,openssl)
>+       ("opus" ,opus+custom)
>+       ("pango" ,pango)
>+       ("pciutils" ,pciutils)
>+       ("pulseaudio" ,pulseaudio)
>+       ("re2" ,re2)
>+       ("snappy" ,snappy)
>+       ("speech-dispatcher" ,speech-dispatcher)
>+       ("udev" ,eudev)
>+       ("valgrind" ,valgrind)
>+       ("vulkan-headers" ,vulkan-headers)))
>+    (home-page "https://www.chromium.org/")
>+    (description
>+     "Ungoogled-Chromium is the Chromium web browser, sans integration
>with
>+Google web services.")
>+    ;; Chromium is developed as BSD-3, but bundles a large number of
>third-party
>+    ;; components with other licenses.  For full information, see
>chrome://credits.
>+    (license (list license:bsd-3
>+                   license:bsd-2
>+                   license:expat
>+                   license:asl2.0
>+                   license:mpl1.1
>+                   license:mpl2.0
>+                   license:public-domain
>+                   license:isc
>+                   (license:non-copyleft "chrome://credits"
>+                                         "See chrome://credits for
>more information.")
>+                   license:lgpl2.1+))))
>-- 
>2.20.1

Wow. 
Nice work! 😃

Ludovic Courtès <ludo@gnu.org> writes:

> Hi bill-auger,
>
> bill-auger <bill-auger@peers.community> skribis:
>
>> re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html
>>
>> i would like to remind readers of the guix-devel list that it was
>> discussed some months ago, why no FSDG distros currently distribute
>> chromium[1] - it appeared at that time, that most people in that
>> discussion were in agreement that chromium should not be included in
>> guix; and marius was instead hosting it in a private repo, as not to
>> taint the main guix repos with dubious software - has there been a
>> notable break-through since then?
>
> It’s not entirely clear to me what the problems are, to be honest.
> Marius listed specific issues that were addressed by the patches; others
> then pointed out at additional issues that ungoogled-chromium fixes,
> which Marius took into account; what’s left now?

Indeed, the only real breakthrough is that we now have a script to
create an Ungooglified source tarball with all unnecessary third_party
components removed.  The compressed tarball is smaller than that of
IceCat and takes up around 2.1 GiB uncompressed, roughly 1GiB of which
is third_party stuff.

That leaves "just" over 1GiB of source code to audit (assuming my
third_party audit is correct).  I haven't been able to find any
proprietary parts in first party code, and am convinced that the
remaining third_party components are free, hence this patch.

I am of course happy to help other FSDG distributions liberate their
Chromium too.

Ludovic Courtès writes:

> Hi bill-auger,
>
> bill-auger <bill-auger@peers.community> skribis:
>
>> re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html
>>
>> i would like to remind readers of the guix-devel list that it was
>> discussed some months ago, why no FSDG distros currently distribute
>> chromium[1] - it appeared at that time, that most people in that
>> discussion were in agreement that chromium should not be included in
>> guix; and marius was instead hosting it in a private repo, as not to
>> taint the main guix repos with dubious software - has there been a
>> notable break-through since then?
>
> It’s not entirely clear to me what the problems are, to be honest.
> Marius listed specific issues that were addressed by the patches; others
> then pointed out at additional issues that ungoogled-chromium fixes,
> which Marius took into account; what’s left now?
>
> I understand you’re skeptical about Chromium, but we cannot base
> decisions based on vague skepticism.  If you know of issues that are
> still unaddressed, please do list them.
>
> I’d also like to stress that, if Chromium is eventually included in
> Guix, we are committed to fixing it or removing it should someone later
> discover that it does not comply with the FSDG (that’s the “Commitment
> to Correct Mistakes” section of FSDG.)

+1 ... If concrete problems are found, by all means those should be
raised and addressed.  Otherwise I really think we ought to merge this
work.

On 02/07/2019 06:52 PM, Christopher Lemmer Webber wrote:
> Ludovic Courtès writes:
> 
>> Hi bill-auger,
>>
>> bill-auger <bill-auger@peers.community> skribis:
>>
>>> re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html
>>>
>>> i would like to remind readers of the guix-devel list that it was
>>> discussed some months ago, why no FSDG distros currently distribute
>>> chromium[1] - it appeared at that time, that most people in that
>>> discussion were in agreement that chromium should not be included in
>>> guix; and marius was instead hosting it in a private repo, as not to
>>> taint the main guix repos with dubious software - has there been a
>>> notable break-through since then?
>>
>> It’s not entirely clear to me what the problems are, to be honest.
>> Marius listed specific issues that were addressed by the patches; others
>> then pointed out at additional issues that ungoogled-chromium fixes,
>> which Marius took into account; what’s left now?
>>
>> I understand you’re skeptical about Chromium, but we cannot base
>> decisions based on vague skepticism.  If you know of issues that are
>> still unaddressed, please do list them.
>>
>> I’d also like to stress that, if Chromium is eventually included in
>> Guix, we are committed to fixing it or removing it should someone later
>> discover that it does not comply with the FSDG (that’s the “Commitment
>> to Correct Mistakes” section of FSDG.)
> 
> +1 ... If concrete problems are found, by all means those should be
> raised and addressed.  Otherwise I really think we ought to merge this
> work.

Yes, exactly.

Em 04/02/2019 02:52, bill-auger escreveu:
> re: https://lists.gnu.org/archive/html/guix-devel/2019-02/msg00009.html
> 
> i would like to remind readers of the guix-devel list that it was
> discussed some months ago, why no FSDG distros currently distribute
> chromium[1] - it appeared at that time, that most people in that
> discussion were in agreement that chromium should not be included in
> guix; and marius was instead hosting it in a private repo, as not to
> taint the main guix repos with dubious software - has there been a
> notable break-through since then?
> 
> what is the evidence for this claim that this guix package is "free
> software only"? - what does "Marks beautiful computed-origin-method" do
> toward that end? - if a procedure for liberating any chromium-derived
> software has been discovered, this would be a marvelous accomplishment
> and very good news indeed, of which people outside of the guix dev team
> would also be interested to learn

On this matter, I think this discussion and also the review should be
tracked either in a bug report or in the Free Software Directory wiki
talk page about Chromium package/entry[1], this one also has a partial
review still to be finished. Besides, the last time I read the FSD's
entry inclusion requirements (about June, 2018) I was informed also in
IRC that they have plans to make the FSD mimic the requirements of the
GNU FSDG so that free/libre system distributions would have an easier
time getting a list of reviewed packages for inclusion. That means that
the FSD would also have the requirements from the GNU FSDG regarding not
including malware and not steering towards non-free functional data.
There are optional things to consider, for which the Antifeature Project
Team is working on drafting[2], although these are not requirements for
inclusion in the FSD.

Regarding the review results in the page referenced by [1], please keep
in mind that the torrents have no trackers, so please share/seed with
DHT and PEX enabled so others can discover the shares too.

Another alternative is of course to ditch Chromium and
Ungoogled-Chromium and focus on Iridium Browser[3].

Anyways, if you do want to see progress in the Chromium review, please
contribute by downloading, seeding and also actually reviewing parts of
the reports generated. The last stop is marked with "Continue.". I did
start the review, but I'm not the most experienced person in regards to
all of legal, security and privacy matters. Just remember to remake a
torrent with the modified report and change the old hash in the page to
the new one you're seeding if you do make changes to the report, and
mark/save the change as major so that other people get notified.

Lastly, bill-auger's question of which should be the "assumed value" for
the GNU FSDG compliance status of a unreviewed package, based on various
proofs related to the dangers of non-free software (well, gnu.org has a
page with these reports/news[4]) and also on the reasoning given by
Richard Stallman in his talks[5], the unreviewed entries should be
considered non-free.

[1] https://directory.fsf.org/wiki/Talk:Chromium
[2] https://directory.fsf.org/wiki/Free_Software_Directory:Antifeatures
[3] https://directory.fsf.org/wiki/Iridium_Browser
[4] https://www.gnu.org/proprietary/proprietary.html
[5]
http://audio-video.gnu.org/video/2015-10-24--rms--free-software-and-your-freedom--seagl--speech.ogv

Hi guix-devel!

this is my humble contribution to this discussion...
(I'm not a Guix maintainer)

first and foremost, IMHO guix-devel is not the place to discuss GNU FSDG
criteria; I'm going to subscribe gnu-linux-libre@nongnu.org to send
my comments - and I _have_ some - on the FSDG compliance process

if you are interested please follow this thread:
http://lists.nongnu.org/archive/html/gnu-linux-libre/2019-02/threads.html#00020
:-D

bill-auger <bill-auger@peers.community> writes:

[...]

> about a year ago, the FSDG review process and criteria for endorsement
> of new distros was updated the new FSDG criteria checklist for
> community review that was adopted includes the following essential
> criteria:
>
>   "Programs commonly known to have freedom issues are liberated or
>   excluded"
>
> that criteria is a link to the "software that does not respect the
> FSDG" wiki page,

for reference, this page:
https://libreplanet.org/wiki/Template:FSDG_Checklist

> which includes an entry for 'chromium-browser' (the
> debian package name) with the liberation procedure being specified as:
>
>   "Remove program/package Use GNU IceCat, or equivalent"

[...]

> it was also agreed upon at that time, that the FSDG criteria should be
> applicable to all currently endorsed distros in perpetuity, so ...

thank you for the clarification, Bill: you explained us the entire
FSDG_Checklist is *mandatory* for a distro to be GNU FSDG compliant; so
there's **no discussion** here

if Guix System Distribution wants to remain GNU FSDG compliant - as most
if not all Guix contributors would like, I suppose - ungoogled-chromium
should still not be included in Guix System Distribution

so, regarding this bug #28004 the natural resolution should be to
*postpone* the inclusion of this package with a statement like this one:

  "ungoogled-chromium cannot be included in Guix System Distribution since
  it is listed - as 'chromium-browser' - on the page
  <List_of_software_that_does_not_respect_the_Free_System_Distribution_Guidelines#chromium-browser>
  that is an integral part of the GNU FSDG Guidelines as extended by the
  FSDG_Checklist via https://libreplanet.org/wiki/Incoming_distros#Endorsement_Process"

Happy hacking! :-)
Giovanni



[1] https://www.gnu.org/distros/free-system-distribution-guidelines.en.html

Em 16/02/2019 12:18, Julie Marchant escreveu:
> libre? The only argument I've seen on the matter is the way copyright
> works, but Chromium is under the Modified BSD License according to
> documentation I was able to find. If some files are not actually covered

For what is worth, what I learned with projects that don't follow the
Open Source Definition (I know that I shouldn't support this term here,
but I had to mention it) is that they mask their non-compliance behind a
license. Of course we don't intend to foster open source here, as this
project, having the goal to provide a package manager that is under the
GNU project, also aims to create a system distribution that follows the
GNU FSDG and uses such package manager

If the norm would be to only check the licenses, then we would have for
example, taken ages to figure out that the kernel source files from
upstream of GNU Linux-libre was/is non-free.

Having a requirement for a package to be first throughly reviewed
eliminates some of the possibility of having non-free functional data or
non-distributable non-functional data. It's not a perfect protection
(since the package in review might have implemented things from other
works that one of the reviewers might not be aware of).

As I said in a message to these mailing lists, I already started
reviewing Chromium, although this project is big and I might not have
the time nor all the skills to do it alone. Since today, I moved the
review, which was available at [1], to the appropriate Review namespace
at [2].


[1] https://directory.fsf.org/wiki/Talk:Chromium
[2] https://directory.fsf.org/wiki/Review:Chromium-REV-ID-1

Adonay Felipe Nogueira writes:

> Em 16/02/2019 12:18, Julie Marchant escreveu:
>> libre? The only argument I've seen on the matter is the way copyright
>> works, but Chromium is under the Modified BSD License according to
>> documentation I was able to find. If some files are not actually covered
>
> For what is worth, what I learned with projects that don't follow the
> Open Source Definition (I know that I shouldn't support this term here,
> but I had to mention it) is that they mask their non-compliance behind a
> license. Of course we don't intend to foster open source here, as this
> project, having the goal to provide a package manager that is under the
> GNU project, also aims to create a system distribution that follows the
> GNU FSDG and uses such package manager
>
> If the norm would be to only check the licenses, then we would have for
> example, taken ages to figure out that the kernel source files from
> upstream of GNU Linux-libre was/is non-free.
>
> Having a requirement for a package to be first throughly reviewed
> eliminates some of the possibility of having non-free functional data or
> non-distributable non-functional data. It's not a perfect protection
> (since the package in review might have implemented things from other
> works that one of the reviewers might not be aware of).
>
> As I said in a message to these mailing lists, I already started
> reviewing Chromium, although this project is big and I might not have
> the time nor all the skills to do it alone. Since today, I moved the
> review, which was available at [1], to the appropriate Review namespace
> at [2].
>
>
> [1] https://directory.fsf.org/wiki/Talk:Chromium
> [2] https://directory.fsf.org/wiki/Review:Chromium-REV-ID-1

Adonay, thank you for taking the initiative here! I think this is a
needed step forward.

Brett Gilio

Brett Gilio writes:

> Adonay Felipe Nogueira writes:
>
>> Em 16/02/2019 12:18, Julie Marchant escreveu:
>>> libre? The only argument I've seen on the matter is the way copyright
>>> works, but Chromium is under the Modified BSD License according to
>>> documentation I was able to find. If some files are not actually covered
>>
>> For what is worth, what I learned with projects that don't follow the
>> Open Source Definition (I know that I shouldn't support this term here,
>> but I had to mention it) is that they mask their non-compliance behind a
>> license. Of course we don't intend to foster open source here, as this
>> project, having the goal to provide a package manager that is under the
>> GNU project, also aims to create a system distribution that follows the
>> GNU FSDG and uses such package manager
>>
>> If the norm would be to only check the licenses, then we would have for
>> example, taken ages to figure out that the kernel source files from
>> upstream of GNU Linux-libre was/is non-free.
>>
>> Having a requirement for a package to be first throughly reviewed
>> eliminates some of the possibility of having non-free functional data or
>> non-distributable non-functional data. It's not a perfect protection
>> (since the package in review might have implemented things from other
>> works that one of the reviewers might not be aware of).
>>
>> As I said in a message to these mailing lists, I already started
>> reviewing Chromium, although this project is big and I might not have
>> the time nor all the skills to do it alone. Since today, I moved the
>> review, which was available at [1], to the appropriate Review namespace
>> at [2].
>>
>>
>> [1] https://directory.fsf.org/wiki/Talk:Chromium
>> [2] https://directory.fsf.org/wiki/Review:Chromium-REV-ID-1
>
> Adonay, thank you for taking the initiative here! I think this is a
> needed step forward.
>
> Brett Gilio

Also, maybe it would be of some help to involve somebody from the FSF to
be a neutral mediator on this process until we come to some reasonable
conclusion?

Marius,

I think you can probably go ahead and push that patch, knowing full well
that Bill warned a bug report will be filed against the Guix source tree
until such time that an audit concludes or Adonay's suggestion is
followed through with.

Bill,

What do you think here?

Brett Gilio