mirrors/desktop
1
0
Fork 0
mirror of https://github.com/zen-browser/desktop.git synced 2026-02-14 15:53:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into macos-security-key-fix

Browse Source
This commit is contained in:
mr. m
2025-03-15 14:15:19 +01:00
committed by GitHub
parent 320fd57d8a ee275bf950
commit f40f9c4803
638 changed files with 11040 additions and 9056 deletions
Download Patch File Download Diff File Expand all files Collapse all files

114
.github/workflows/build.yml vendored
View File

@@ -384,6 +384,8 @@ jobs:
- name: Execute AppImage build
run: |
set -eux
export ARCH=${{ matrix.arch }}
UPINFO="gh-releases-zsync|$GITHUB_REPOSITORY_OWNER|desktop|latest|zen-$ARCH.AppImage.zsync"
rm AppDir/.DirIcon || true
cp configs/branding/${{ inputs.update_branch }}/logo128.png AppDir/usr/share/icons/hicolor/128x128/apps/zen.png
cp configs/branding/${{ inputs.update_branch }}/logo128.png AppDir/zen.png && ln -s zen.png AppDir/.DirIcon
@@ -396,18 +398,23 @@ jobs:
APPDIR=AppDir
tar -xvf *.tar.* && rm -rf *.tar.*
mv zen/* $APPDIR/
wget https://github.com/AppImage/appimagetool/releases/download/continuous/appimagetool-x86_64.AppImage
wget "https://github.com/AppImage/appimagetool/releases/download/continuous/appimagetool-x86_64.AppImage"
wget "https://github.com/VHSgunzo/uruntime/releases/latest/download/uruntime-appimage-squashfs-lite-$ARCH"
chmod +x *.AppImage
chmod +x ./uruntime-appimage-squashfs-lite-"$ARCH"
chmod +x ./AppDir/AppRun
# keep the uruntime mountpoint (massively speeds up launch time)
sed -i 's|URUNTIME_MOUNT=[0-9]|URUNTIME_MOUNT=0|' ./uruntime-appimage-squashfs-lite-"$ARCH"
echo "AppDir: $APPDIR"
ls -al
find .
ls -al "$APPDIR"
ARCH=${{ matrix.arch }} ./appimagetool-x86_64.AppImage --comp zstd --mksquashfs-opt -Xcompression-level --mksquashfs-opt 10 \
-u "gh-releases-zsync|$GITHUB_REPOSITORY_OWNER|desktop|latest|zen-${{ matrix.arch }}.AppImage.zsync" \
"$APPDIR" zen-${{ matrix.arch }}.AppImage
./appimagetool-x86_64.AppImage -u "$UPINFO" "$APPDIR" zen-"$ARCH".AppImage --runtime-file ./uruntime-appimage-squashfs-lite-"$ARCH"
mkdir dist
mv zen*AppImage* dist/.
unset ARCH
- name: Upload artifact
uses: actions/upload-artifact@v4
@@ -464,10 +471,6 @@ jobs:
submodules: recursive
token: ${{ secrets.DEPLOY_KEY }}
- name: Git pull
run: |
git pull
- name: Download artifact
uses: actions/download-artifact@v4
@@ -482,6 +485,7 @@ jobs:
token: ${{ secrets.DEPLOY_KEY }}
- name: Download object files
if: ${{ inputs.update_branch == 'release' }}
run: |
git clone https://github.com/zen-browser/windows-binaries.git .github/workflows/object
@@ -512,63 +516,72 @@ jobs:
commit_user_email: zen-browser-auto@users.noreply.github.com
repository: ./updates-server
- name: Generate Release Notes
run: bash .github/workflows/src/generate_release_notes.sh
# If we are on Twilight, we want to just update the Twilight tag's release
- name: Update Twilight tag
if: ${{ inputs.update_branch == 'twilight' }}
uses: marvinpinto/action-automatic-releases@master
uses: softprops/action-gh-release@v2
with:
body_path: release_notes.md
files: |
zen.source.tar.zst
zen.linux-x86_64.tar.xz
zen.linux-aarch64.tar.xz
zen-x86_64.AppImage
zen-x86_64.AppImage.zsync
zen-aarch64.AppImage
zen-aarch64.AppImage.zsync
zen.win-x86_64.zip
zen.win-arm64.zip
linux.mar
linux-aarch64.mar
windows.mar
windows-arm64.mar
macos.mar
zen.installer.exe
zen.installer-arm64.exe
zen.macos-universal.dmg
automatic_release_tag: 'twilight'
title: 'Twilight build - ${{ needs.build-data.outputs.version }} (${{ needs.build-data.outputs.build_date }} at ${{ needs.build-data.outputs.build_time }})'
./zen.source.tar.zst/*
./zen.linux-x86_64.tar.xz/*
./zen.linux-aarch64.tar.xz/*
./zen-x86_64.AppImage/*
./zen-x86_64.AppImage.zsync/*
./zen-aarch64.AppImage/*
./zen-aarch64.AppImage.zsync/*
./zen.win-x86_64.zip/*
./zen.win-arm64.zip/*
./linux.mar/*
./linux-aarch64.mar/*
./windows.mar/*
./windows-arm64.mar/*
./macos.mar/*
./zen.installer.exe/*
./zen.installer-arm64.exe/*
./zen.macos-universal.dmg/*
tag_name: 'twilight'
name: 'Twilight build - ${{ needs.build-data.outputs.version }} (${{ needs.build-data.outputs.build_date }} at ${{ needs.build-data.outputs.build_time }})'
draft: false
generate_release_notes: false
prerelease: true
repo_token: ${{ secrets.DEPLOY_KEY }}
token: ${{ secrets.DEPLOY_KEY }}
fail_on_unmatched_files: false
env:
GITHUB_REPOSITORY: ${{ github.repository }}
- name: Release
uses: marvinpinto/action-automatic-releases@master
uses: softprops/action-gh-release@v2
if: ${{ inputs.update_branch == 'release' }}
with:
repo_token: '${{ secrets.DEPLOY_KEY }}'
automatic_release_tag: ${{ needs.build-data.outputs.version }}
token: ${{ secrets.DEPLOY_KEY }}
tag_name: ${{ needs.build-data.outputs.version }}
prerelease: false
title: 'Release build - ${{ needs.build-data.outputs.version }} (${{ needs.build-data.outputs.build_date }})'
fail_on_unmatched_files: false
generate_release_notes: false
name: 'Release build - ${{ needs.build-data.outputs.version }} (${{ needs.build-data.outputs.build_date }})'
body_path: release_notes.md
files: |
zen.source.tar.zst
zen.linux-x86_64.tar.xz
zen.linux-aarch64.tar.xz
zen-x86_64.AppImage
zen-x86_64.AppImage.zsync
zen-aarch64.AppImage
zen-aarch64.AppImage.zsync
.github/workflows/object/windows-x64-signed-x86_64/zen.win-x86_64.zip
.github/workflows/object/windows-x64-signed-arm64/zen.win-arm64.zip
linux.mar
linux-aarch64.mar
.github/workflows/object/windows-x64-signed-x86_64/windows.mar
.github/workflows/object/windows-x64-signed-arm64/windows-arm64.mar
macos.mar
.github/workflows/object/windows-x64-signed-x86_64/zen.installer.exe
.github/workflows/object/windows-x64-signed-arm64/zen.installer-arm64.exe
zen.macos-universal.dmg
./zen.source.tar.zst/*
./zen.linux-x86_64.tar.xz/*
./zen.linux-aarch64.tar.xz/*
./zen-x86_64.AppImage/*
./zen-x86_64.AppImage.zsync/*
./zen-aarch64.AppImage/*
./zen-aarch64.AppImage.zsync/*
./.github/workflows/object/windows-x64-signed-x86_64/zen.win-x86_64.zip
./.github/workflows/object/windows-x64-signed-arm64/zen.win-arm64.zip
./linux.mar/*
./linux-aarch64.mar/*
./.github/workflows/object/windows-x64-signed-x86_64/windows.mar
./.github/workflows/object/windows-x64-signed-arm64/windows-arm64.mar
./macos.mar/*
./.github/workflows/object/windows-x64-signed-x86_64/zen.installer.exe
./.github/workflows/object/windows-x64-signed-arm64/zen.installer-arm64.exe
./zen.macos-universal.dmg/*
prepare-flatpak:
if: ${{ inputs.create_release && inputs.update_branch == 'release' }}
@@ -688,6 +701,7 @@ jobs:
rm -rf zen-browser
rm -rf archive.tar
rm -rf zen.linux-x86_64.tar.xz
rm -rf zen.linux-aarch64.tar.xz
- name: Upload Flatpak manifest
uses: actions/upload-artifact@v4

45
.github/workflows/linux-release-build.yml vendored
View File

@@ -26,6 +26,11 @@ jobs:
fail-fast: false
matrix:
arch: [x86_64, aarch64]
env:
SCCACHE_GHA_ENABLED: 'true'
CARGO_TERM_COLOR: always
RUSTC_WRAPPER: 'sccache'
CARGO_INCREMENTAL: 0
name: Build Linux - ${{ matrix.arch }}
steps:
@@ -34,6 +39,10 @@ jobs:
with:
tool-cache: false
# Bug: https://github.com/actions/checkout/issues/1153
- name: Remove zombie lock file
run: rm -f /home/ubuntu/actions-runner/_work/desktop/desktop/.git/modules/l10n/index.lock
- name: Checkout repository
uses: actions/checkout@v4
with:
@@ -45,6 +54,18 @@ jobs:
with:
node-version-file: '.nvmrc'
- name: Run sccache-cache
uses: mozilla-actions/sccache-action@main
with:
disable_annotations: true
- name: Expose actions cache variables
uses: actions/github-script@v6
with:
script: |
core.exportVariable('ACTIONS_CACHE_URL', process.env['ACTIONS_CACHE_URL'])
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN'])
- name: Setup Git
run: |
git config --global user.email "mauro-balades@users.noreply.github.com"
@@ -57,30 +78,6 @@ jobs:
sudo apt-get update
sudo apt-get install -y python3 python3-pip dos2unix yasm nasm build-essential libgtk2.0-dev libpython3-dev m4 uuid libasound2-dev libcurl4-openssl-dev libdbus-1-dev libdrm-dev libdbus-glib-1-dev libgtk-3-dev libpulse-dev libx11-xcb-dev libxt-dev xvfb lld llvm
- name: Configure sccache
uses: actions/github-script@v7
with:
script: |
core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || '');
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');
- name: Setup sccache
env:
LINK: https://github.com/mozilla/sccache/releases/download
SCCACHE_VERSION: 0.2.13
run: |
SCCACHE_FILE=sccache-$SCCACHE_VERSION-x86_64-unknown-linux-musl
mkdir -p $HOME/.local/bin
curl -L "$LINK/$SCCACHE_VERSION/$SCCACHE_FILE.tar.gz" | tar xz
mv -f $SCCACHE_FILE/sccache $HOME/.local/bin/sccache
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Save sccache
uses: actions/cache@v4
with:
path: /home/runner/.cache/sccache
key: ${{ runner.os }}-sccache
- name: Install dependencies
run: |
npm install

20
.github/workflows/macos-release-build.yml vendored
View File

@@ -25,7 +25,11 @@ jobs:
fail-fast: false
matrix:
arch: [x86_64, aarch64]
env:
SCCACHE_GHA_ENABLED: 'true'
CARGO_TERM_COLOR: always
RUSTC_WRAPPER: 'sccache'
CARGO_INCREMENTAL: 0
steps:
- name: Checkout repository
uses: actions/checkout@v4
@@ -38,6 +42,18 @@ jobs:
with:
node-version-file: '.nvmrc'
- name: Run sccache-cache
uses: mozilla-actions/sccache-action@main
with:
disable_annotations: true
- name: Expose actions cache variables
uses: actions/github-script@v6
with:
script: |
core.exportVariable('ACTIONS_CACHE_URL', process.env['ACTIONS_CACHE_URL'])
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN'])
- name: Setup Python
uses: actions/setup-python@v5
# note: This will use the version defined in '.python-version' by default
@@ -50,7 +66,7 @@ jobs:
- name: Install system dependencies
run: |
brew update
brew install cairo sccache gnu-tar mercurial
brew install cairo gnu-tar mercurial
sudo pip install setuptools
brew uninstall --ignore-dependencies python3.12 -f

4
.github/workflows/macos-universal-release-build.yml vendored
View File

@@ -44,7 +44,7 @@ jobs:
- name: Install system dependencies
run: |
brew update
brew install cairo sccache gnu-tar mercurial
brew install cairo gnu-tar mercurial
sudo pip install setuptools
brew uninstall --ignore-dependencies python3.12 -f
@@ -132,7 +132,7 @@ jobs:
- name: Find first .app folder name
run: |
cd engine/obj-x86_64-apple-darwin/dist
export APP_NAME=$(basename "$(find . -maxdepth 1 -name "Zen *.app" -type d | head -n 1)" .app)
export APP_NAME=${{ inputs.release-branch == 'twilight' && 'Twilight' || 'Zen' }}
echo "APP_NAME=$APP_NAME" >> $GITHUB_ENV
echo "APP_NAME=$APP_NAME"

113
.github/workflows/src/generate_release_notes.sh vendored Normal file
View File

@@ -0,0 +1,113 @@
#!/usr/bin/env bash
RELEASE_NOTES_URL="https://raw.githubusercontent.com/zen-browser/www/refs/heads/main/src/release-notes/stable.json"
if [ "$RELEASE_BRANCH" = "release" ]; then
RELEASE_TYPE="Stable"
echo "Fetching release notes from GitHub..."
RELEASE_NOTES_JSON=$(curl -s "$RELEASE_NOTES_URL")
if [ -z "$RELEASE_NOTES_JSON" ]; then
echo "Error: Failed to fetch release notes from GitHub"
exit 1
fi
LATEST_RELEASE=$(echo "$RELEASE_NOTES_JSON" | jq -r 'last')
EXTRA_NOTES=$(echo "$LATEST_RELEASE" | jq -r '.extra // ""')
else
RELEASE_TYPE="Twilight"
fi
cat << EOF > "release_notes.md"
# Zen ${RELEASE_TYPE} Release
EOF
if [ "$RELEASE_BRANCH" = "release" ]; then
echo "${EXTRA_NOTES}" >> "release_notes.md"
if echo "$LATEST_RELEASE" | jq -e 'has("features")' > /dev/null; then
cat << EOF >> "release_notes.md"
## New Features
$(echo "$LATEST_RELEASE" | jq -r '.features[] | "- " + .')
EOF
fi
if echo "$LATEST_RELEASE" | jq -e 'has("fixes")' > /dev/null; then
cat << EOF >> "release_notes.md"
## Fixes
EOF
echo "$LATEST_RELEASE" | jq -r '.fixes[] | if type=="object" then "- " + .description + " ([#" + (.issue|tostring) + "](" + "https://github.com/zen-browser/desktop/issues/" + (.issue|tostring) + "))" else "- " + . end' >> "release_notes.md"
fi
if echo "$LATEST_RELEASE" | jq -e 'has("breakingChanges")' > /dev/null; then
cat << EOF >> "release_notes.md"
## Breaking Changes
EOF
echo "$LATEST_RELEASE" | jq -r '.breakingChanges[] | if type=="string" then "- " + . else "- " + .description + " [Learn more](" + .link + ")" end' >> "release_notes.md"
fi
if echo "$LATEST_RELEASE" | jq -e 'has("themeChanges")' > /dev/null; then
cat << EOF >> "release_notes.md"
## Theme Changes
$(echo "$LATEST_RELEASE" | jq -r '.themeChanges[] | "- " + .')
EOF
fi
fi
cat << EOF >> "release_notes.md"
<details>
<summary>File Checksums (SHA-256)</summary>
\`\`\`
EOF
generate_checksum() {
local pattern=$1
echo "Generating checksum for $pattern"
sha256sum $pattern 2> /dev/null | awk '{sub(".*/", "", $2); print $1 " " $2}' >> "release_notes.md"
if [ ${PIPESTATUS[0]} -ne 0 ]; then
echo "Warning: No files found matching $pattern, skipping checksum."
fi
}
files=(
"./zen.source.tar.zst/*"
"./zen.linux-x86_64.tar.xz/*"
"./zen.linux-aarch64.tar.xz/*"
"./zen-x86_64.AppImage/*"
"./zen-x86_64.AppImage.zsync/*"
"./zen-aarch64.AppImage/*"
"./zen-aarch64.AppImage.zsync/*"
"./.github/workflows/object/windows-x64-signed-x86_64/zen.win-x86_64.zip"
"./zen.win-x86_64.zip/*"
"./.github/workflows/object/windows-x64-signed-arm64/zen.win-arm64.zip"
"./zen.win-arm64.zip/*"
"./linux.mar/*"
"./linux-aarch64.mar/*"
"./.github/workflows/object/windows-x64-signed-x86_64/windows.mar"
"./windows.mar/*"
"./.github/workflows/object/windows-x64-signed-arm64/windows-arm64.mar"
"./windows-arm64.mar/*"
"./macos.mar/*"
"./.github/workflows/object/windows-x64-signed-x86_64/zen.installer.exe"
"./zen.installer.exe/*"
"./.github/workflows/object/windows-x64-signed-arm64/zen.installer-arm64.exe"
"./zen.installer-arm64.exe/*"
"./zen.macos-universal.dmg/*"
)
for file in "${files[@]}"; do
generate_checksum "$file"
done
cat << EOF >> "release_notes.md"
\`\`\`
</details>
EOF
echo "Release notes generated: release_notes.md"

31
.github/workflows/update-submodules.yml vendored
View File

@@ -1,31 +0,0 @@
name: Update Components Submodules
on:
push:
branches:
- dev
workflow_dispatch:
workflow_call:
jobs:
update-submodules:
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, '[skip ci]')"
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: recursive
token: ${{ secrets.DEPLOY_KEY }}
- name: Update submodules
run: |
git submodule update --remote --merge
- name: Commit
uses: stefanzweifel/git-auto-commit-action@v5
with:
commit_message: '[skip ci] 📦 Update submodules'
commit_user_name: Zen Browser Robot
commit_user_email: zen-browser-auto@users.noreply.github.com

33
.github/workflows/windows-release-build.yml vendored
View File

@@ -28,7 +28,11 @@ jobs:
name: Build Windows - ${{ matrix.arch }}
# aarch64 does not need full 16x, and we also dont use full LTO when generating GPO
runs-on: ${{ (inputs.release-branch == 'release' && !inputs.generate-gpo && matrix.arch == 'x86_64') && 'self-hosted' || 'ubuntu-latest' }}
env:
SCCACHE_GHA_ENABLED: 'true'
CARGO_TERM_COLOR: always
RUSTC_WRAPPER: 'sccache'
CARGO_INCREMENTAL: 0
strategy:
fail-fast: false
matrix:
@@ -41,6 +45,10 @@ jobs:
with:
tool-cache: false
# Bug: https://github.com/actions/checkout/issues/1153
- name: Remove zombie lock file
run: rm -f /home/ubuntu/actions-runner/_work/desktop/desktop/.git/modules/l10n/index.lock
- name: Checkout repository
uses: actions/checkout@v4
with:
@@ -52,6 +60,18 @@ jobs:
with:
node-version-file: '.nvmrc'
- name: Run sccache-cache
uses: mozilla-actions/sccache-action@main
with:
disable_annotations: true
- name: Expose actions cache variables
uses: actions/github-script@v6
with:
script: |
core.exportVariable('ACTIONS_CACHE_URL', process.env['ACTIONS_CACHE_URL'])
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN'])
- name: Setup Git
run: |
git config --global user.email "mauro-balades@users.noreply.github.com"
@@ -79,13 +99,6 @@ jobs:
path: ${HOME}/win-cross
key: win-cross
- name: Configure sccache
uses: actions/github-script@v7
with:
script: |
core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || '');
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');
- name: Setup for Windows
if: steps.cache-win-cross.outputs.cache-hit != 'true' && !(inputs.generate-gpo && matrix.arch == 'aarch64')
run: |
@@ -164,14 +177,14 @@ jobs:
if: ${{ !(inputs.generate-gpo && matrix.arch == 'aarch64') }}
run: |
cd engine/
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain 1.79
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain 1.81
source $HOME/.cargo/env
if test "${{ matrix.arch }}" = "aarch64"; then
rustup target add aarch64-pc-windows-msvc
else
rustup target add x86_64-pc-windows-msvc
fi
cargo install cargo-download
cargo install cargo-download --locked
cargo download -x windows=0.58.0
export CARGO_INCREMENTAL=0
echo "" >> ../configs/common/mozconfig