www-client/chromium: security cleanup
authorStephan Hartmann <stha09@googlemail.com>
Thu, 2 Apr 2020 17:01:20 +0000 (19:01 +0200)
committerMike Gilbert <floppym@gentoo.org>
Thu, 2 Apr 2020 17:52:04 +0000 (13:52 -0400)
Bug: https://bugs.gentoo.org/715720
Package-Manager: Portage-2.3.89, Repoman-2.3.20
Signed-off-by: Stephan Hartmann <stha09@googlemail.com>
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
www-client/chromium/Manifest
www-client/chromium/chromium-80.0.3987.149.ebuild [deleted file]

index eaa2158e23be4629bf1ba306fe9190dcb64e5e2c..07522a1b0fed9e7df040cc7a9c5daad02b03b25d 100644 (file)
@@ -1,4 +1,3 @@
-DIST chromium-80.0.3987.149.tar.xz 797049332 BLAKE2B 679efd45a48fb064e2fda9b751b112ef26f9c3419ab46d28e1490729a80b18908078bd260060656199700c391f0664e7a4d1e919ee8eb71d9c8c12b6535269f2 SHA512 5abbf8ff754937a3af566474457b5cd9bbcac0e8b1a52fd95180fcf69b12515278423887668512b3136de72ebe15048c4bd79572511f68189d1e86ace4ca30cb
 DIST chromium-80.0.3987.162.tar.xz 796961972 BLAKE2B 77357adb39f5e49a6c71ba695c9947fb6aad811fc58c5ac21355a30be8beecaa842d2de59028dec58b1805d314e13282c0f386d61ee2014c87ad50ea0dc61121 SHA512 95a6bbe291faccd1a085daec89a3cf27eb00bc62f0b3956c2668568c7cabd67ac4dc02a2aaa093bb2844d4972cd8a7978c4249b2f0ebead038a215f574f68180
 DIST chromium-81.0.4044.83.tar.xz 785906212 BLAKE2B b17bb2dabd52dc8ae5a9c99b6320ea48f278273e790c2869e2d93382bae3a8101d1bcad917b0997631831b95ce33398e0501de046edd23110107d010db70f140 SHA512 aeb8a4aeb2371a9ae2fbd0be1553569338c8e699abb3bb7d614c33254a7c6adfecb7b1becfa3f3595a2f4e04eed3c429137ad7a3816ccabf7b23388f206d1ccb
 DIST chromium-83.0.4093.3.tar.xz 793608324 BLAKE2B 014eff6deacfb308eecc76a2d9a13ddf13b2eefffe044df25e2c20c3695f2c908604751ed7e794e053280fc32449381e8dfd73300201e67a9d84854f9fd851e5 SHA512 d37ae4912d3a39e4b06c91601d941ffb8a77a4b7380a603455c2839f6b8940acb8803aa32e8ae14c5033c141681ee41716a54ac2f8632240e54367a3819e091a
diff --git a/www-client/chromium/chromium-80.0.3987.149.ebuild b/www-client/chromium/chromium-80.0.3987.149.ebuild
deleted file mode 100644 (file)
index ac938c4..0000000
+++ /dev/null
@@ -1,739 +0,0 @@
-# Copyright 2009-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-PYTHON_COMPAT=( python2_7 )
-
-CHROMIUM_LANGS="am ar bg bn ca cs da de el en-GB es es-419 et fa fi fil fr gu he
-       hi hr hu id it ja kn ko lt lv ml mr ms nb nl pl pt-BR pt-PT ro ru sk sl sr
-       sv sw ta te th tr uk vi zh-CN zh-TW"
-
-inherit check-reqs chromium-2 desktop flag-o-matic multilib ninja-utils pax-utils portability python-any-r1 readme.gentoo-r1 toolchain-funcs xdg-utils
-
-DESCRIPTION="Open-source version of Google Chrome web browser"
-HOMEPAGE="https://chromium.org/"
-SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P}.tar.xz"
-
-LICENSE="BSD"
-SLOT="0"
-KEYWORDS="amd64 ~arm64 ~x86"
-IUSE="+closure-compile component-build cups cpu_flags_arm_neon +hangouts kerberos pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine"
-RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )"
-REQUIRED_USE="component-build? ( !suid )"
-
-COMMON_DEPEND="
-       >=app-accessibility/at-spi2-atk-2.26:2
-       app-arch/bzip2:=
-       cups? ( >=net-print/cups-1.3.11:= )
-       >=dev-libs/atk-2.26
-       dev-libs/expat:=
-       dev-libs/glib:2
-       system-icu? ( >=dev-libs/icu-65:= )
-       >=dev-libs/libxml2-2.9.4-r3:=[icu]
-       dev-libs/libxslt:=
-       dev-libs/nspr:=
-       >=dev-libs/nss-3.26:=
-       >=dev-libs/re2-0.2019.08.01:=
-       >=media-libs/alsa-lib-1.0.19:=
-       media-libs/fontconfig:=
-       media-libs/freetype:=
-       >=media-libs/harfbuzz-2.4.0:0=[icu(-)]
-       media-libs/libjpeg-turbo:=
-       media-libs/libpng:=
-       system-libvpx? ( media-libs/libvpx:=[postproc,svc] )
-       >=media-libs/openh264-1.6.0:=
-       pulseaudio? ( media-sound/pulseaudio:= )
-       system-ffmpeg? (
-               >=media-video/ffmpeg-4:=
-               || (
-                       media-video/ffmpeg[-samba]
-                       >=net-fs/samba-4.5.10-r1[-debug(-)]
-               )
-               >=media-libs/opus-1.3.1:=
-       )
-       sys-apps/dbus:=
-       sys-apps/pciutils:=
-       virtual/udev
-       x11-libs/cairo:=
-       x11-libs/gdk-pixbuf:2
-       x11-libs/gtk+:3[X]
-       x11-libs/libX11:=
-       x11-libs/libXcomposite:=
-       x11-libs/libXcursor:=
-       x11-libs/libXdamage:=
-       x11-libs/libXext:=
-       x11-libs/libXfixes:=
-       >=x11-libs/libXi-1.6.0:=
-       x11-libs/libXrandr:=
-       x11-libs/libXrender:=
-       x11-libs/libXScrnSaver:=
-       x11-libs/libXtst:=
-       x11-libs/pango:=
-       app-arch/snappy:=
-       media-libs/flac:=
-       >=media-libs/libwebp-0.4.0:=
-       sys-libs/zlib:=[minizip]
-       kerberos? ( virtual/krb5 )
-"
-# For nvidia-drivers blocker, see bug #413637 .
-RDEPEND="${COMMON_DEPEND}
-       x11-misc/xdg-utils
-       virtual/opengl
-       virtual/ttf-fonts
-       selinux? ( sec-policy/selinux-chromium )
-       tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 )
-"
-DEPEND="${COMMON_DEPEND}
-"
-# dev-vcs/git - https://bugs.gentoo.org/593476
-BDEPEND="
-       ${PYTHON_DEPS}
-       >=app-arch/gzip-1.7
-       !arm? (
-               dev-lang/yasm
-       )
-       dev-lang/perl
-       dev-util/gn
-       dev-vcs/git
-       >=dev-util/gperf-3.0.3
-       >=dev-util/ninja-1.7.2
-       >=net-libs/nodejs-7.6.0[inspector]
-       sys-apps/hwids[usb(+)]
-       >=sys-devel/bison-2.4.3
-       sys-devel/flex
-       closure-compile? ( virtual/jre )
-       virtual/pkgconfig
-"
-
-: ${CHROMIUM_FORCE_CLANG=no}
-
-if [[ ${CHROMIUM_FORCE_CLANG} == yes ]]; then
-       BDEPEND+=" >=sys-devel/clang-7"
-fi
-
-if ! has chromium_pkg_die ${EBUILD_DEATH_HOOKS}; then
-       EBUILD_DEATH_HOOKS+=" chromium_pkg_die";
-fi
-
-DISABLE_AUTOFORMATTING="yes"
-DOC_CONTENTS="
-Some web pages may require additional fonts to display properly.
-Try installing some of the following packages if some characters
-are not displayed properly:
-- media-fonts/arphicfonts
-- media-fonts/droid
-- media-fonts/ipamonafont
-- media-fonts/noto
-- media-fonts/ja-ipafonts
-- media-fonts/takao-fonts
-- media-fonts/wqy-microhei
-- media-fonts/wqy-zenhei
-
-To fix broken icons on the Downloads page, you should install an icon
-theme that covers the appropriate MIME types, and configure this as your
-GTK+ icon theme.
-
-For native file dialogs in KDE, install kde-apps/kdialog.
-"
-
-PATCHES=(
-       "${FILESDIR}/chromium-compiler-r10.patch"
-       "${FILESDIR}/chromium-fix-char_traits.patch"
-       "${FILESDIR}/chromium-unbundle-zlib-r1.patch"
-       "${FILESDIR}/chromium-77-system-icu.patch"
-       "${FILESDIR}/chromium-78-protobuf-export.patch"
-       "${FILESDIR}/chromium-79-gcc-alignas.patch"
-       "${FILESDIR}/chromium-80-unbundle-libxml.patch"
-       "${FILESDIR}/chromium-80-include.patch"
-       "${FILESDIR}/chromium-80-gcc-quiche.patch"
-       "${FILESDIR}/chromium-80-gcc-permissive.patch"
-       "${FILESDIR}/chromium-80-gcc-blink.patch"
-       "${FILESDIR}/chromium-80-gcc-abstract.patch"
-       "${FILESDIR}/chromium-80-gcc-incomplete-type.patch"
-)
-
-pre_build_checks() {
-       if [[ ${MERGE_TYPE} != binary ]]; then
-               local -x CPP="$(tc-getCXX) -E"
-               if tc-is-gcc && ! ver_test "$(gcc-version)" -ge 8.0; then
-                       die "At least gcc 8.0 is required"
-               fi
-               # component build hangs with tcmalloc enabled due to sandbox issue, bug #695976.
-               if has usersandbox ${FEATURES} && use tcmalloc && use component-build; then
-                       die "Component build with tcmalloc requires FEATURES=-usersandbox."
-               fi
-               if [[ ${CHROMIUM_FORCE_CLANG} == yes ]] || tc-is-clang; then
-                       if use component-build; then
-                               die "Component build with clang requires fuzzer headers."
-                       fi
-               fi
-       fi
-
-       # Check build requirements, bug #541816 and bug #471810 .
-       CHECKREQS_MEMORY="3G"
-       CHECKREQS_DISK_BUILD="7G"
-       if ( shopt -s extglob; is-flagq '-g?(gdb)?([1-9])' ); then
-               CHECKREQS_DISK_BUILD="25G"
-               if ! use component-build; then
-                       CHECKREQS_MEMORY="16G"
-               fi
-       fi
-       check-reqs_pkg_setup
-}
-
-pkg_pretend() {
-       pre_build_checks
-}
-
-pkg_setup() {
-       pre_build_checks
-
-       chromium_suid_sandbox_check_kernel_config
-}
-
-src_prepare() {
-       # Calling this here supports resumption via FEATURES=keepwork
-       python_setup
-
-       default
-
-       mkdir -p third_party/node/linux/node-linux-x64/bin || die
-       ln -s "${EPREFIX}"/usr/bin/node third_party/node/linux/node-linux-x64/bin/node || die
-
-       local keeplibs=(
-               base/third_party/cityhash
-               base/third_party/double_conversion
-               base/third_party/dynamic_annotations
-               base/third_party/icu
-               base/third_party/nspr
-               base/third_party/superfasthash
-               base/third_party/symbolize
-               base/third_party/valgrind
-               base/third_party/xdg_mime
-               base/third_party/xdg_user_dirs
-               buildtools/third_party/libc++
-               buildtools/third_party/libc++abi
-               chrome/third_party/mozilla_security_manager
-               courgette/third_party
-               net/third_party/mozilla_security_manager
-               net/third_party/nss
-               net/third_party/quic
-               net/third_party/uri_template
-               third_party/abseil-cpp
-               third_party/angle
-               third_party/angle/src/common/third_party/base
-               third_party/angle/src/common/third_party/smhasher
-               third_party/angle/src/common/third_party/xxhash
-               third_party/angle/src/third_party/compiler
-               third_party/angle/src/third_party/libXNVCtrl
-               third_party/angle/src/third_party/trace_event
-               third_party/angle/third_party/glslang
-               third_party/angle/third_party/spirv-headers
-               third_party/angle/third_party/spirv-tools
-               third_party/angle/third_party/vulkan-headers
-               third_party/angle/third_party/vulkan-loader
-               third_party/angle/third_party/vulkan-tools
-               third_party/angle/third_party/vulkan-validation-layers
-               third_party/apple_apsl
-               third_party/axe-core
-               third_party/blink
-               third_party/boringssl
-               third_party/boringssl/src/third_party/fiat
-               third_party/breakpad
-               third_party/breakpad/breakpad/src/third_party/curl
-               third_party/brotli
-               third_party/cacheinvalidation
-               third_party/catapult
-               third_party/catapult/common/py_vulcanize/third_party/rcssmin
-               third_party/catapult/common/py_vulcanize/third_party/rjsmin
-               third_party/catapult/third_party/beautifulsoup4
-               third_party/catapult/third_party/html5lib-python
-               third_party/catapult/third_party/polymer
-               third_party/catapult/third_party/six
-               third_party/catapult/tracing/third_party/d3
-               third_party/catapult/tracing/third_party/gl-matrix
-               third_party/catapult/tracing/third_party/jpeg-js
-               third_party/catapult/tracing/third_party/jszip
-               third_party/catapult/tracing/third_party/mannwhitneyu
-               third_party/catapult/tracing/third_party/oboe
-               third_party/catapult/tracing/third_party/pako
-               third_party/ced
-               third_party/cld_3
-               third_party/closure_compiler
-               third_party/crashpad
-               third_party/crashpad/crashpad/third_party/lss
-               third_party/crashpad/crashpad/third_party/zlib
-               third_party/crc32c
-               third_party/cros_system_api
-               third_party/dav1d
-               third_party/dawn
-               third_party/depot_tools
-               third_party/devscripts
-               third_party/devtools-frontend
-               third_party/devtools-frontend/src/third_party
-               third_party/dom_distiller_js
-               third_party/emoji-segmenter
-               third_party/flatbuffers
-               third_party/freetype
-               third_party/libgifcodec
-               third_party/glslang
-               third_party/google_input_tools
-               third_party/google_input_tools/third_party/closure_library
-               third_party/google_input_tools/third_party/closure_library/third_party/closure
-               third_party/googletest
-               third_party/hunspell
-               third_party/iccjpeg
-               third_party/inspector_protocol
-               third_party/jinja2
-               third_party/jsoncpp
-               third_party/jstemplate
-               third_party/khronos
-               third_party/leveldatabase
-               third_party/libXNVCtrl
-               third_party/libaddressinput
-               third_party/libaom
-               third_party/libaom/source/libaom/third_party/vector
-               third_party/libaom/source/libaom/third_party/x86inc
-               third_party/libjingle
-               third_party/libphonenumber
-               third_party/libsecret
-               third_party/libsrtp
-               third_party/libsync
-               third_party/libudev
-               third_party/libwebm
-               third_party/libxml/chromium
-               third_party/libyuv
-               third_party/llvm
-               third_party/lss
-               third_party/lzma_sdk
-               third_party/markupsafe
-               third_party/mesa
-               third_party/metrics_proto
-               third_party/modp_b64
-               third_party/nasm
-               third_party/node
-               third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2
-               third_party/one_euro_filter
-               third_party/openscreen
-               third_party/openscreen/src/third_party/tinycbor/src/src
-               third_party/ots
-               third_party/pdfium
-               third_party/pdfium/third_party/agg23
-               third_party/pdfium/third_party/base
-               third_party/pdfium/third_party/bigint
-               third_party/pdfium/third_party/freetype
-               third_party/pdfium/third_party/lcms
-               third_party/pdfium/third_party/libopenjpeg20
-               third_party/pdfium/third_party/libpng16
-               third_party/pdfium/third_party/libtiff
-               third_party/pdfium/third_party/skia_shared
-               third_party/perfetto
-               third_party/pffft
-               third_party/ply
-               third_party/polymer
-               third_party/private-join-and-compute
-               third_party/protobuf
-               third_party/protobuf/third_party/six
-               third_party/pyjson5
-               third_party/qcms
-               third_party/rnnoise
-               third_party/s2cellid
-               third_party/sfntly
-               third_party/simplejson
-               third_party/skia
-               third_party/skia/include/third_party/skcms
-               third_party/skia/include/third_party/vulkan
-               third_party/skia/third_party/skcms
-               third_party/skia/third_party/vulkan
-               third_party/smhasher
-               third_party/spirv-headers
-               third_party/SPIRV-Tools
-               third_party/sqlite
-               third_party/swiftshader
-               third_party/swiftshader/third_party/llvm-7.0
-               third_party/swiftshader/third_party/llvm-subzero
-               third_party/swiftshader/third_party/marl
-               third_party/swiftshader/third_party/subzero
-               third_party/swiftshader/third_party/SPIRV-Headers/include/spirv/unified1
-               third_party/unrar
-               third_party/usrsctp
-               third_party/vulkan
-               third_party/web-animations-js
-               third_party/webdriver
-               third_party/webrtc
-               third_party/webrtc/common_audio/third_party/fft4g
-               third_party/webrtc/common_audio/third_party/spl_sqrt_floor
-               third_party/webrtc/modules/third_party/fft
-               third_party/webrtc/modules/third_party/g711
-               third_party/webrtc/modules/third_party/g722
-               third_party/webrtc/rtc_base/third_party/base64
-               third_party/webrtc/rtc_base/third_party/sigslot
-               third_party/widevine
-               third_party/woff2
-               third_party/wuffs
-               third_party/zlib/google
-               tools/grit/third_party/six
-               url/third_party/mozilla
-               v8/src/third_party/siphash
-               v8/src/third_party/valgrind
-               v8/src/third_party/utf8-decoder
-               v8/third_party/inspector_protocol
-               v8/third_party/v8
-
-               # gyp -> gn leftovers
-               base/third_party/libevent
-               third_party/adobe
-               third_party/speech-dispatcher
-               third_party/usb_ids
-               third_party/xdg-utils
-               third_party/yasm/run_yasm.py
-       )
-       if ! use system-ffmpeg; then
-               keeplibs+=( third_party/ffmpeg third_party/opus )
-       fi
-       if ! use system-icu; then
-               keeplibs+=( third_party/icu )
-       fi
-       if ! use system-libvpx; then
-               keeplibs+=( third_party/libvpx )
-               keeplibs+=( third_party/libvpx/source/libvpx/third_party/x86inc )
-       fi
-       if use tcmalloc; then
-               keeplibs+=( third_party/tcmalloc )
-       fi
-
-       # Remove most bundled libraries. Some are still needed.
-       build/linux/unbundle/remove_bundled_libraries.py "${keeplibs[@]}" --do-remove || die
-}
-
-src_configure() {
-       # Calling this here supports resumption via FEATURES=keepwork
-       python_setup
-
-       local myconf_gn=""
-
-       # Make sure the build system will use the right tools, bug #340795.
-       tc-export AR CC CXX NM
-
-       if [[ ${CHROMIUM_FORCE_CLANG} == yes ]] && ! tc-is-clang; then
-               # Force clang since gcc is pretty broken at the moment.
-               CC=${CHOST}-clang
-               CXX=${CHOST}-clang++
-               strip-unsupported-flags
-       fi
-
-       if tc-is-clang; then
-               myconf_gn+=" is_clang=true clang_use_chrome_plugins=false"
-       else
-               myconf_gn+=" is_clang=false"
-       fi
-
-       # Define a custom toolchain for GN
-       myconf_gn+=" custom_toolchain=\"//build/toolchain/linux/unbundle:default\""
-
-       if tc-is-cross-compiler; then
-               tc-export BUILD_{AR,CC,CXX,NM}
-               myconf_gn+=" host_toolchain=\"//build/toolchain/linux/unbundle:host\""
-               myconf_gn+=" v8_snapshot_toolchain=\"//build/toolchain/linux/unbundle:host\""
-       else
-               myconf_gn+=" host_toolchain=\"//build/toolchain/linux/unbundle:default\""
-       fi
-
-       # GN needs explicit config for Debug/Release as opposed to inferring it from build directory.
-       myconf_gn+=" is_debug=false"
-
-       # Component build isn't generally intended for use by end users. It's mostly useful
-       # for development and debugging.
-       myconf_gn+=" is_component_build=$(usex component-build true false)"
-
-       myconf_gn+=" use_allocator=$(usex tcmalloc \"tcmalloc\" \"none\")"
-
-       # Disable nacl, we can't build without pnacl (http://crbug.com/269560).
-       myconf_gn+=" enable_nacl=false"
-
-       # Use system-provided libraries.
-       # TODO: freetype -- remove sources (https://bugs.chromium.org/p/pdfium/issues/detail?id=733).
-       # TODO: use_system_hunspell (upstream changes needed).
-       # TODO: use_system_libsrtp (bug #459932).
-       # TODO: use_system_protobuf (bug #525560).
-       # TODO: use_system_ssl (http://crbug.com/58087).
-       # TODO: use_system_sqlite (http://crbug.com/22208).
-
-       # libevent: https://bugs.gentoo.org/593458
-       local gn_system_libraries=(
-               flac
-               fontconfig
-               freetype
-               # Need harfbuzz_from_pkgconfig target
-               #harfbuzz-ng
-               libdrm
-               libjpeg
-               libpng
-               libwebp
-               libxml
-               libxslt
-               openh264
-               re2
-               snappy
-               yasm
-               zlib
-       )
-       if use system-ffmpeg; then
-               gn_system_libraries+=( ffmpeg opus )
-       fi
-       if use system-icu; then
-               gn_system_libraries+=( icu )
-       fi
-       if use system-libvpx; then
-               gn_system_libraries+=( libvpx )
-       fi
-       build/linux/unbundle/replace_gn_files.py --system-libraries "${gn_system_libraries[@]}" || die
-
-       # See dependency logic in third_party/BUILD.gn
-       myconf_gn+=" use_system_harfbuzz=true"
-
-       # Disable deprecated libgnome-keyring dependency, bug #713012
-       myconf_gn+=" use_gnome_keyring=false"
-
-       # Optional dependencies.
-       myconf_gn+=" closure_compile=$(usex closure-compile true false)"
-       myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)"
-       myconf_gn+=" enable_widevine=$(usex widevine true false)"
-       myconf_gn+=" use_cups=$(usex cups true false)"
-       myconf_gn+=" use_kerberos=$(usex kerberos true false)"
-       myconf_gn+=" use_pulseaudio=$(usex pulseaudio true false)"
-
-       # TODO: link_pulseaudio=true for GN.
-
-       myconf_gn+=" fieldtrial_testing_like_official_build=true"
-
-       # Never use bundled gold binary. Disable gold linker flags for now.
-       # Do not use bundled clang.
-       # Trying to use gold results in linker crash.
-       myconf_gn+=" use_gold=false use_sysroot=false linux_use_bundled_binutils=false use_custom_libcxx=false"
-
-       # Disable forced lld, bug 641556
-       myconf_gn+=" use_lld=false"
-
-       ffmpeg_branding="$(usex proprietary-codecs Chrome Chromium)"
-       myconf_gn+=" proprietary_codecs=$(usex proprietary-codecs true false)"
-       myconf_gn+=" ffmpeg_branding=\"${ffmpeg_branding}\""
-
-       # Set up Google API keys, see http://www.chromium.org/developers/how-tos/api-keys .
-       # Note: these are for Gentoo use ONLY. For your own distribution,
-       # please get your own set of keys. Feel free to contact chromium@gentoo.org
-       # for more info.
-       local google_api_key="AIzaSyDEAOvatFo0eTgsV_ZlEzx0ObmepsMzfAc"
-       local google_default_client_id="329227923882.apps.googleusercontent.com"
-       local google_default_client_secret="vgKG0NNv7GoDpbtoFNLxCUXu"
-       myconf_gn+=" google_api_key=\"${google_api_key}\""
-       myconf_gn+=" google_default_client_id=\"${google_default_client_id}\""
-       myconf_gn+=" google_default_client_secret=\"${google_default_client_secret}\""
-       local myarch="$(tc-arch)"
-
-       # Avoid CFLAGS problems, bug #352457, bug #390147.
-       if ! use custom-cflags; then
-               replace-flags "-Os" "-O2"
-               strip-flags
-
-               # Prevent linker from running out of address space, bug #471810 .
-               if use x86; then
-                       filter-flags "-g*"
-               fi
-
-               # Prevent libvpx build failures. Bug 530248, 544702, 546984.
-               if [[ ${myarch} == amd64 || ${myarch} == x86 ]]; then
-                       filter-flags -mno-mmx -mno-sse2 -mno-ssse3 -mno-sse4.1 -mno-avx -mno-avx2
-               fi
-       fi
-
-       if [[ $myarch = amd64 ]] ; then
-               myconf_gn+=" target_cpu=\"x64\""
-               ffmpeg_target_arch=x64
-       elif [[ $myarch = x86 ]] ; then
-               myconf_gn+=" target_cpu=\"x86\""
-               ffmpeg_target_arch=ia32
-
-               # This is normally defined by compiler_cpu_abi in
-               # build/config/compiler/BUILD.gn, but we patch that part out.
-               append-flags -msse2 -mfpmath=sse -mmmx
-       elif [[ $myarch = arm64 ]] ; then
-               myconf_gn+=" target_cpu=\"arm64\""
-               ffmpeg_target_arch=arm64
-       elif [[ $myarch = arm ]] ; then
-               myconf_gn+=" target_cpu=\"arm\""
-               ffmpeg_target_arch=$(usex cpu_flags_arm_neon arm-neon arm)
-       else
-               die "Failed to determine target arch, got '$myarch'."
-       fi
-
-       # Make sure that -Werror doesn't get added to CFLAGS by the build system.
-       # Depending on GCC version the warnings are different and we don't want
-       # the build to fail because of that.
-       myconf_gn+=" treat_warnings_as_errors=false"
-
-       # Disable fatal linker warnings, bug 506268.
-       myconf_gn+=" fatal_linker_warnings=false"
-
-       # Bug 491582.
-       export TMPDIR="${WORKDIR}/temp"
-       mkdir -p -m 755 "${TMPDIR}" || die
-
-       # https://bugs.gentoo.org/654216
-       addpredict /dev/dri/ #nowarn
-
-       #if ! use system-ffmpeg; then
-       if false; then
-               local build_ffmpeg_args=""
-               if use pic && [[ "${ffmpeg_target_arch}" == "ia32" ]]; then
-                       build_ffmpeg_args+=" --disable-asm"
-               fi
-
-               # Re-configure bundled ffmpeg. See bug #491378 for example reasons.
-               einfo "Configuring bundled ffmpeg..."
-               pushd third_party/ffmpeg > /dev/null || die
-               chromium/scripts/build_ffmpeg.py linux ${ffmpeg_target_arch} \
-                       --branding ${ffmpeg_branding} -- ${build_ffmpeg_args} || die
-               chromium/scripts/copy_config.sh || die
-               chromium/scripts/generate_gn.py || die
-               popd > /dev/null || die
-       fi
-
-       # Explicitly disable ICU data file support for system-icu builds.
-       if use system-icu; then
-               myconf_gn+=" icu_use_data_file=false"
-       fi
-
-       einfo "Configuring Chromium..."
-       set -- gn gen --args="${myconf_gn} ${EXTRA_GN}" out/Release
-       echo "$@"
-       "$@" || die
-}
-
-src_compile() {
-       # Final link uses lots of file descriptors.
-       ulimit -n 2048
-
-       # Calling this here supports resumption via FEATURES=keepwork
-       python_setup
-
-       #"${EPYTHON}" tools/clang/scripts/update.py --force-local-build --gcc-toolchain /usr --skip-checkout --use-system-cmake --without-android || die
-
-       # Build mksnapshot and pax-mark it.
-       local x
-       for x in mksnapshot v8_context_snapshot_generator; do
-               if tc-is-cross-compiler; then
-                       eninja -C out/Release "host/${x}"
-                       pax-mark m "out/Release/host/${x}"
-               else
-                       eninja -C out/Release "${x}"
-                       pax-mark m "out/Release/${x}"
-               fi
-       done
-
-       # Even though ninja autodetects number of CPUs, we respect
-       # user's options, for debugging with -j 1 or any other reason.
-       eninja -C out/Release chrome chromedriver
-       use suid && eninja -C out/Release chrome_sandbox
-
-       pax-mark m out/Release/chrome
-
-       # Build manpage; bug #684550
-       sed -e 's|@@PACKAGE@@|chromium-browser|g;
-               s|@@MENUNAME@@|Chromium|g;' \
-               chrome/app/resources/manpage.1.in > \
-               out/Release/chromium-browser.1 || die
-
-       # Build desktop file; bug #706786
-       sed -e 's|@@MENUNAME@@|Chromium|g;
-               s|@@USR_BIN_SYMLINK_NAME@@|chromium-browser|g;
-               s|@@PACKAGE@@|chromium-browser|g;
-               s|\(^Exec=\)/usr/bin/|\1|g;' \
-               chrome/installer/linux/common/desktop.template > \
-               out/Release/chromium-browser-chromium.desktop || die
-}
-
-src_install() {
-       local CHROMIUM_HOME="/usr/$(get_libdir)/chromium-browser"
-       exeinto "${CHROMIUM_HOME}"
-       doexe out/Release/chrome
-
-       if use suid; then
-               newexe out/Release/chrome_sandbox chrome-sandbox
-               fperms 4755 "${CHROMIUM_HOME}/chrome-sandbox"
-       fi
-
-       doexe out/Release/chromedriver
-
-       local sedargs=( -e "s:/usr/lib/:/usr/$(get_libdir)/:g" )
-       sed "${sedargs[@]}" "${FILESDIR}/chromium-launcher-r3.sh" > chromium-launcher.sh || die
-       doexe chromium-launcher.sh
-
-       # It is important that we name the target "chromium-browser",
-       # xdg-utils expect it; bug #355517.
-       dosym "${CHROMIUM_HOME}/chromium-launcher.sh" /usr/bin/chromium-browser
-       # keep the old symlink around for consistency
-       dosym "${CHROMIUM_HOME}/chromium-launcher.sh" /usr/bin/chromium
-
-       dosym "${CHROMIUM_HOME}/chromedriver" /usr/bin/chromedriver
-
-       # Allow users to override command-line options, bug #357629.
-       insinto /etc/chromium
-       newins "${FILESDIR}/chromium.default" "default"
-
-       pushd out/Release/locales > /dev/null || die
-       chromium_remove_language_paks
-       popd
-
-       insinto "${CHROMIUM_HOME}"
-       doins out/Release/*.bin
-       doins out/Release/*.pak
-       doins out/Release/*.so
-
-       if ! use system-icu; then
-               doins out/Release/icudtl.dat
-       fi
-
-       doins -r out/Release/locales
-       doins -r out/Release/resources
-
-       if [[ -d out/Release/swiftshader ]]; then
-               insinto "${CHROMIUM_HOME}/swiftshader"
-               doins out/Release/swiftshader/*.so
-       fi
-
-       # Install icons
-       local branding size
-       for size in 16 24 32 48 64 128 256 ; do
-               case ${size} in
-                       16|32) branding="chrome/app/theme/default_100_percent/chromium" ;;
-                               *) branding="chrome/app/theme/chromium" ;;
-               esac
-               newicon -s ${size} "${branding}/product_logo_${size}.png" \
-                       chromium-browser.png
-       done
-
-       # Install desktop entry
-       domenu out/Release/chromium-browser-chromium.desktop
-
-       # Install GNOME default application entry (bug #303100).
-       insinto /usr/share/gnome-control-center/default-apps
-       newins "${FILESDIR}"/chromium-browser.xml chromium-browser.xml
-
-       # Install manpage; bug #684550
-       doman out/Release/chromium-browser.1
-       dosym chromium-browser.1 /usr/share/man/man1/chromium.1
-
-       readme.gentoo_create_doc
-}
-
-pkg_postrm() {
-       xdg_icon_cache_update
-       xdg_desktop_database_update
-}
-
-pkg_postinst() {
-       xdg_icon_cache_update
-       xdg_desktop_database_update
-       readme.gentoo_print_elog
-}