New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
firefox: add firefox-policies w/ patch #94898
Conversation
490e877
to
3a8f97b
Compare
Sorry for the late response. Just catching up with all the reviews that are awaiting. Gonna have a look at this finally. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks actually fine. I wonder if we should probably have this in the default firefox package. I also noted some other nits.
The commit that introduces this should also carry the information that is given in the PR description so it becomes obvious from git blame
why this change was done.
@@ -61,4 +61,37 @@ rec { | |||
versionKey = "ffversion"; | |||
}; | |||
}; | |||
|
|||
firefox-esr-68 = (common rec { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are we reintroducing firefox 68? Was this a side-effect of rebasing?
|
||
# apply enterprise-policies.patch so that we can have enterprise policies | ||
# on a pr. profile basis, instead of pr. user or global for the installation. | ||
firefox-policies = firefox.overrideAttrs(old: { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there any downside from having this in our default Firefox build? From the patch above I can see that we can select the mode during runtime anyway.
@@ -0,0 +1,29 @@ | |||
diff --git a/toolkit/components/enterprisepolicies/EnterprisePolicies.js b/toolkit/components/enterprisepolicies/EnterprisePolicies.js |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd love to see a bit more description as a comment before the actual diff. In a year from now it should still be crystal clear what this does. Reading in the diff is possible but probably harder than it should be.
Adding this, from a discussion on IRC about this PR - https://logs.nix.samueldr.com/nixos-dev/2020-10-25#1603623426-1603626184; |
3a8f97b
to
5579706
Compare
Closing this in favor of #91724 for now.
|
Motivation for this change
Allows for enterprise policies
policies.json
to be specified on a pr.profile basis, instead of pr. user/global. This could pose a security
rist IF NOT because it is already possible to do as it can be placed in
/run/user/:uid
.This is heavily for use in home-manager, where configuring on a pr.
profile basis is nice/needed. This is placed in nixpkgs, as we would
like to cache the
firefox-policies
, as it is quite heavy to compileyourself each time.
There has been some questions regarding if this is a sane commit, regards to branding which was described here - #31843 (comment)
I have asked Sylvestre in chat.mozilla.org and has said it is a
portability modification
.Besides this, the legal department has said OK for it, if Sylvestre said OK.
The patch is fairly trivial in general, but I am unsure if it should be placed elsewhere?
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)