// We believe in user choice - disable DNS-over-HTTPS by default
defaultPref("network.trr.mode", 5);
+
+// Normandy web service allows upstream to push changes
+// like changed default preferences or even add-ons to users
+// without the need to re-release a new version. Because this
+// happens without any user prompt we believe this should be
+// disabled by default.
+defaultPref("app.normandy.enabled", false);
MOZ_HTTP_URI="https://archive.mozilla.org/pub/mozilla.org/${MOZ_PN}/releases/"
-inherit mozlinguas-v2 nsplugins pax-utils xdg-utils
+inherit mozlinguas-v2 nsplugins pax-utils xdg-utils eapi7-ver
DESCRIPTION="Firefox Web Browser"
SRC_URI="${SRC_URI}
}
pkg_postinst() {
+ # Update mimedb for the new .desktop file
+ xdg_desktop_database_update
+ xdg_icon_cache_update
+
if ! has_version 'gnome-base/gconf' || ! has_version 'gnome-base/orbit' \
|| ! has_version 'net-misc/curl'; then
einfo
ewarn "USE=-pulseaudio & USE=-alsa : For audio please either set USE=pulseaudio or USE=alsa!"
fi
- # Update mimedb for the new .desktop file
- xdg_desktop_database_update
- xdg_icon_cache_update
+ local show_normandy_information
+
+ if [[ -z "${REPLACING_VERSIONS}" ]] ; then
+ # New install
+ show_normandy_information=yes
+ else
+ local replacing_version
+ for replacing_version in ${REPLACING_VERSIONS} ; do
+ if ver_test "${replacing_version}" -lt 68.6.0-r1 ; then
+ # Tell user only once about our Normandy default
+ show_normandy_information=yes
+ break
+ fi
+ done
+ fi
+
+ # bug 713782
+ if [[ -n "${show_normandy_information}" ]] ; then
+ elog
+ elog "Upstream operates a service named Normandy which allows Mozilla to"
+ elog "push changes for default settings or even install new add-ons remotely."
+ elog "While this can be useful to address problems like 'Armagadd-on 2.0' or"
+ elog "revert previous decisions to disable TLS 1.0/1.1, privacy and security"
+ elog "concerns prevail, which is why we have switched off the use of this"
+ elog "service by default."
+ elog
+ elog "To re-enable this service set"
+ elog
+ elog " app.normandy.enabled=true"
+ elog
+ elog "in about:config."
+ fi
}
pkg_postrm() {
ewarn "USE=-pulseaudio & USE=-alsa : For audio please either set USE=pulseaudio or USE=alsa!"
fi
- local show_doh_information
+ local show_doh_information show_normandy_information
if [[ -z "${REPLACING_VERSIONS}" ]] ; then
# New install; Tell user that DoH is disabled by default
show_doh_information=yes
+ show_normandy_information=yes
else
local replacing_version
for replacing_version in ${REPLACING_VERSIONS} ; do
if ver_test "${replacing_version}" -lt 70 ; then
# Tell user only once about our DoH default
show_doh_information=yes
- break
+ fi
+
+ if ver_test "${replacing_version}" -lt 74.0-r1 ; then
+ # Tell user only once about our Normandy default
+ show_normandy_information=yes
fi
done
fi
elog "(\"Off by choice\") by default."
elog "You can enable DNS-over-HTTPS in ${PN^}'s preferences."
fi
+
+ # bug 713782
+ if [[ -n "${show_normandy_information}" ]] ; then
+ elog
+ elog "Upstream operates a service named Normandy which allows Mozilla to"
+ elog "push changes for default settings or even install new add-ons remotely."
+ elog "While this can be useful to address problems like 'Armagadd-on 2.0' or"
+ elog "revert previous decisions to disable TLS 1.0/1.1, privacy and security"
+ elog "concerns prevail, which is why we have switched off the use of this"
+ elog "service by default."
+ elog
+ elog "To re-enable this service set"
+ elog
+ elog " app.normandy.enabled=true"
+ elog
+ elog "in about:config."
+ fi
}
pkg_postrm() {
projects / gentoo.git / commitdiff