Void-packages: Package request: Brave

Created on 5 Dec 2018  路  31Comments  路  Source: void-linux/void-packages

Most helpful comment

Brave is quite unique in its user-controlled ads system, ability to directly support content creators, cryptocurrency and built-in Tor mode, something that cannot be summoned by setting flags or installing extensions on Chromium alone.

All 31 comments

Is this open source?

Yes opensource, once based on electron, now a chormium fork, both ways have a very high maintenance burden for void.

https://github.com/brave/brave-browser
https://github.com/brave/brave-core

I was about to raise a package request for this but then I found this. Has anyone started on this? I'd do it myself because I have spare time but I don't really know how to do it. Does my comment "bump" this thread or should I make a new one?

There seems to be a release each and every single day.

Build instructions:
https://github.com/brave/brave-browser/wiki/Linux-Development-Environment

I am trying to build a proper brave-browser package using xbps-src for at least past month. So far I got stuck with 5+GB binary (due to not stripped dependencies). I'd be more than happy if somebody wanted to help me with it. I tried to get some more info on their official subreddit already.

@Anachron, I believe it'd be best to only put Release versions into repository, these do not come daily :)

Any updates on this?

There's really a moratorium on any more forks of the big two browsers right now. The effort and upkeep to package, cross compile, and then debug the resulting binaries is a significant maintenance burden for all involved, all for behavior that can usually be obtained by starting up a more standard browser with some flags set (note this point is not specific to this request).

While its not impossible for yet another chromium fork to be accepted, it is very very unlikely. Please keep this in mind when considering attempting to become a maintainer of a browser fork.

@the-maldridge Thoughts on applying some of those privacy or security flags OOTB?

Void's policy has long been understood to not patch or alter the upstream provided configuration of software. We distribute as close to what upstream provides as possible.

Brave is quite unique in its user-controlled ads system, ability to directly support content creators, cryptocurrency and built-in Tor mode, something that cannot be summoned by setting flags or installing extensions on Chromium alone.

I want to try brave as well on my void system. However, I think the concerns by the core team are valid. May I suggest that we create a seperate git repository with a brave template for xbps-src that people can build themselves?

You may suggest it, but it won't happen. Void has a single repo, which is the one that xbps-src reads from. This is a fundamental difference in goals between Void and other projects such as Arch with its AUR.

For software outside of the repos I would suggest using technologies like AppImage or keeping the software in /usr/local, which xbps won't interfere with.

@the-maldridge I was just suggesting for someone to install Brave they would have to do the following:

  1. clone void-linux / void-packages
  2. cd into srcpkgs and clone someoneElse / Brave

The someoneElse / Brave repository would have a folder with a template for xbps-src to build brave.

Editted to clarify

I think the problem you'd run into with that is that Brave is a firefox sized package. Its not just a single file you can copy around, its a file and a stack of associated patches, and potentially even patched libraries. You're welcome to try if it interests you, but its a huge undertaking to package an entire browser, and even more so to package something that's been forked and patched already.

@the-maldridge @Duncaen
Why not replace Opera with Brave?

  1. better license:

    • Opera has license="custom:Proprietary"

    • Brave has license="MPL-2.0"

  2. better privacy and security for end user

    • Opera is closed source

    • Brave is open source

For better comparison take a look at this video:
https://www.youtube.com/watch?v=PedU3mNm-3Y

There is no point in replacing, this is not about size of the resulting package.

The objections are more about brave being another chromium fork, meaning it requires heavy patching, maintenance and hours of compile time.

There is no point in replacing, this is not about size of the resulting package.

The objections are more about brave being another chromium fork, meaning it requires heavy patching, maintenance and hours of compile time.

Can you explain to the technically illiterate in this matter why being a chromium fork which one would presume is still released by the relevant developers in a form where all the necessary components are present requires more maintenance than non-forks-of-chromium?

Being a chromium fork means it inherits all the problems that chromium had and brings its own with it. Hours of compile time, needing to be patched regularly with custom code, and significant maintenance overhead are all issues that exist within Chromium itself. Brave iirc also brings a surprisingly hostile developer team which we have no intentions of engaging.

chromium is millions of lines of code, requires multiple patches and some extra patches for musl support.
chromium alone takes 9+ hours to compile on our build server. Debugging and getting builds to work requires a lot of time of the maintainer to test and debug things, purely because of the unfathomable size of the chromium codebase.

Again, there is no reason to compare or opera to chromium or brave. Because opera is closed source we can only distribute available binaries, this has absolutely no maintenance coast except maybe updating the version number in the template.

There can be 100 requests for brave, the problem is you have to find someone who actually wants to maintain the package and then you can start trying to convince us if its worth to be included in the repositories or not.

There is no point in arguing about brave anymore until someone actually manages to get a working build from source.

Thank you both for the thorough explanations, I understand the issues now. Although not directly on topic and just out of curiosity, is Firefox easier to maintain than chromium?

They are both not easy to maintain, IMHO firefox is a little bit easier because it builds faster, but the increasing usage of rust makes it harder from release to release because now you also need fix issues in random cargo crates and each new crate slows down the build times again.

As this will not be accepted, I'm going to close this ticket and other tickets can be deduped against it.

And why doesn't you maintain it from binary release??

@unihernandez22 because it requires us to ship the bundled library versions which may break other packages that are already packaged.

@unihernandez22 because it requires us to ship the bundled library versions which may break other packages that are already packaged.

What? I'm using a binary package and it works fine for me

we don't package prebuilt binaries of open source software

we don't package prebuilt binaries of open source software

Why? It allows to avoid the burden of rebuilding everything over and over from scratch.
Personally, I don't understand why every Linux distro rebuild software from source. Arch, Fedora, Debian, etc - all build the same software multiple times. I see it as unneeded waste of human and computing resources. I understand that rebuilding is unavoidable for musl targets though.
We can mark such packages as x86_64-only. I see no problem here.

P. S. Maybe I don't get something, critique is welcomed.

binary packages block our repository if we can't rebuild them if a dependency breaks abi.

And now, take a look at braves binary, imho its pretty likely that its going to break at some point:

tmp$ ldd ./brave
        linux-vdso.so.1 (0x00007fff79762000)
        libdl.so.2 => /usr/lib/libdl.so.2 (0x00007f198ad25000)
        libpthread.so.0 => /usr/lib/libpthread.so.0 (0x00007f198ad04000)
        librt.so.1 => /usr/lib/librt.so.1 (0x00007f198acf9000)
        libgobject-2.0.so.0 => /usr/lib/libgobject-2.0.so.0 (0x00007f198ac9a000)
        libglib-2.0.so.0 => /usr/lib/libglib-2.0.so.0 (0x00007f198ab6e000)
        libnss3.so => /usr/lib/libnss3.so (0x00007f198aa39000)
        libnssutil3.so => /usr/lib/libnssutil3.so (0x00007f198aa04000)
        libsmime3.so => /usr/lib/libsmime3.so (0x00007f198a9da000)
        libnspr4.so => /usr/lib/libnspr4.so (0x00007f198a990000)
        libatk-1.0.so.0 => /usr/lib/libatk-1.0.so.0 (0x00007f198a968000)
        libatk-bridge-2.0.so.0 => /usr/lib/libatk-bridge-2.0.so.0 (0x00007f198a932000)
        libX11.so.6 => /usr/lib/libX11.so.6 (0x00007f198a7f0000)
        libX11-xcb.so.1 => /usr/lib/libX11-xcb.so.1 (0x00007f198a7e9000)
        libxcb.so.1 => /usr/lib/libxcb.so.1 (0x00007f198a7be000)
        libcups.so.2 => /usr/lib/libcups.so.2 (0x00007f198a721000)
        libdbus-1.so.3 => /usr/lib/libdbus-1.so.3 (0x00007f198a6ce000)
        libexpat.so.1 => /usr/lib/libexpat.so.1 (0x00007f198a6a1000)
        libdrm.so.2 => /usr/lib/libdrm.so.2 (0x00007f198a68d000)
        libgio-2.0.so.0 => /usr/lib/libgio-2.0.so.0 (0x00007f198a4ca000)
        libxkbcommon.so.0 => /usr/lib/libxkbcommon.so.0 (0x00007f198a488000)
        libm.so.6 => /usr/lib/libm.so.6 (0x00007f198a343000)
        libXcomposite.so.1 => /usr/lib/libXcomposite.so.1 (0x00007f198a33e000)
        libXdamage.so.1 => /usr/lib/libXdamage.so.1 (0x00007f198a339000)
        libXext.so.6 => /usr/lib/libXext.so.6 (0x00007f198a324000)
        libXfixes.so.3 => /usr/lib/libXfixes.so.3 (0x00007f198a11c000)
        libXrandr.so.2 => /usr/lib/libXrandr.so.2 (0x00007f198a10f000)
        libgtk-3.so.0 => /usr/lib/libgtk-3.so.0 (0x00007f1989975000)
        libgdk-3.so.0 => /usr/lib/libgdk-3.so.0 (0x00007f1989875000)
        libpangocairo-1.0.so.0 => /usr/lib/libpangocairo-1.0.so.0 (0x00007f1989864000)
        libpango-1.0.so.0 => /usr/lib/libpango-1.0.so.0 (0x00007f1989814000)
        libcairo.so.2 => /usr/lib/libcairo.so.2 (0x00007f19896db000)
        libgdk_pixbuf-2.0.so.0 => /usr/lib/libgdk_pixbuf-2.0.so.0 (0x00007f19896b4000)
        libgbm.so.1 => /usr/lib/libgbm.so.1 (0x00007f19896a2000)
        libasound.so.2 => /usr/lib/libasound.so.2 (0x00007f19895a4000)
        libatspi.so.0 => /usr/lib/libatspi.so.0 (0x00007f198956d000)
        libgcc_s.so.1 => /usr/lib/libgcc_s.so.1 (0x00007f1989553000)
        libc.so.6 => /usr/lib/libc.so.6 (0x00007f198938e000)
        /lib64/ld-linux-x86-64.so.2 => /lib/ld-linux-x86-64.so.2 (0x00007f1995f0c000)
        libffi.so.7 => /usr/lib/libffi.so.7 (0x00007f1989382000)
        libpcre.so.1 => /usr/lib/libpcre.so.1 (0x00007f198930c000)
        libplc4.so => /usr/lib/libplc4.so (0x00007f1989305000)
        libplds4.so => /usr/lib/libplds4.so (0x00007f1989300000)
        libXau.so.6 => /usr/lib/libXau.so.6 (0x00007f19892f9000)
        libXdmcp.so.6 => /usr/lib/libXdmcp.so.6 (0x00007f19892f1000)
        libavahi-common.so.3 => /usr/lib/libavahi-common.so.3 (0x00007f19892e3000)
        libavahi-client.so.3 => /usr/lib/libavahi-client.so.3 (0x00007f19892cf000)
        libgnutls.so.30 => /usr/lib/libgnutls.so.30 (0x00007f1989103000)
        libz.so.1 => /usr/lib/libz.so.1 (0x00007f1988eec000)
        libcrypt.so.1 => /usr/lib/libcrypt.so.1 (0x00007f1988eb0000)
        libgmodule-2.0.so.0 => /usr/lib/libgmodule-2.0.so.0 (0x00007f1988eaa000)
        libmount.so.1 => /usr/lib/libmount.so.1 (0x00007f1988e4b000)
        libresolv.so.2 => /usr/lib/libresolv.so.2 (0x00007f1988e33000)
        libXrender.so.1 => /usr/lib/libXrender.so.1 (0x00007f1988c29000)
        libXi.so.6 => /usr/lib/libXi.so.6 (0x00007f1988c15000)
        libcairo-gobject.so.2 => /usr/lib/libcairo-gobject.so.2 (0x00007f1988c09000)
        libepoxy.so.0 => /usr/lib/libepoxy.so.0 (0x00007f1988add000)
        libfribidi.so.0 => /usr/lib/libfribidi.so.0 (0x00007f1988abe000)
        libharfbuzz.so.0 => /usr/lib/libharfbuzz.so.0 (0x00007f19889ec000)
        libpangoft2-1.0.so.0 => /usr/lib/libpangoft2-1.0.so.0 (0x00007f19889d3000)
        libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x00007f198898b000)
        libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x00007f19888d9000)
        libXinerama.so.1 => /usr/lib/libXinerama.so.1 (0x00007f19886d6000)
        libXcursor.so.1 => /usr/lib/libXcursor.so.1 (0x00007f19886c9000)
        libwayland-cursor.so.0 => /usr/lib/libwayland-cursor.so.0 (0x00007f19886c0000)
        libwayland-egl.so.1 => /usr/lib/libwayland-egl.so.1 (0x00007f19886bb000)
        libwayland-client.so.0 => /usr/lib/libwayland-client.so.0 (0x00007f19886a9000)
        libthai.so.0 => /usr/lib/libthai.so.0 (0x00007f198849f000)
        libpixman-1.so.0 => /usr/lib/libpixman-1.so.0 (0x00007f19883f8000)
        libEGL.so.1 => /usr/lib/libEGL.so.1 (0x00007f19883e7000)
        libpng16.so.16 => /usr/lib/libpng16.so.16 (0x00007f19883b2000)
        libxcb-shm.so.0 => /usr/lib/libxcb-shm.so.0 (0x00007f19883ab000)
        libxcb-render.so.0 => /usr/lib/libxcb-render.so.0 (0x00007f198839c000)
        libGL.so.1 => /usr/lib/libGL.so.1 (0x00007f1988315000)
        libwayland-server.so.0 => /usr/lib/libwayland-server.so.0 (0x00007f1988300000)
        libp11-kit.so.0 => /usr/lib/libp11-kit.so.0 (0x00007f19881d0000)
        libidn2.so.0 => /usr/lib/libidn2.so.0 (0x00007f19881ad000)
        libunistring.so.2 => /usr/lib/libunistring.so.2 (0x00007f1987e2c000)
        libtasn1.so.6 => /usr/lib/libtasn1.so.6 (0x00007f1987e16000)
        libnettle.so.8 => /usr/lib/libnettle.so.8 (0x00007f1987dd7000)
        libhogweed.so.6 => /usr/lib/libhogweed.so.6 (0x00007f1987d8e000)
        libgmp.so.10 => /usr/lib/libgmp.so.10 (0x00007f1987d11000)
        libblkid.so.1 => /usr/lib/libblkid.so.1 (0x00007f1987cbd000)
        libgraphite2.so.3 => /usr/lib/libgraphite2.so.3 (0x00007f1987c93000)
        libuuid.so.1 => /usr/lib/libuuid.so.1 (0x00007f1987c8a000)
        libbz2.so.1 => /usr/lib/libbz2.so.1 (0x00007f1987c77000)
        libdatrie.so.1 => /usr/lib/libdatrie.so.1 (0x00007f1987a6f000)
        libGLdispatch.so.0 => /usr/lib/libGLdispatch.so.0 (0x00007f19879b6000)
        libGLX.so.0 => /usr/lib/libGLX.so.0 (0x00007f1987984000)

binary packages block our repository if we can't rebuild them if a dependency breaks abi.

So, if they block your repository, you shouldn't have any binary package. Not even privative software.

So, if they block your repository, you couldn't have any binary package. Not even privative software.

There are two things, first that most don't have even closely as many dependencies as brave and second, they are contained in a different repository, because of some limitations in the repository tooling, staging happens on a per repository basis.

And yes both are bad, proprietary software is going to break and binary packages are going to break.

Was this page helpful?
0 / 5 - 0 ratings