From 7286181cbff5c4b98ed9246366a85ae1fbc8f54d Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Tue, 17 Jun 2025 12:23:06 -0400
Subject: Update to 128.12.0-1.

* data/patches/CVE-2024-11692.patch,
data/patches/CVE-2024-11693.patch,
data/patches/CVE-2024-11697.patch: Remove vestigial patches.
* data/patches/hide-firefox-view-button.patch: New file.
* data/patches/about-addons.patch,
data/patches/hide-protections-dashboard.patch,
data/patches/hide-submit-feedback-menu-item.patch,
data/patches/icecat-about-dialog.patch,
data/patches/icecat-preferences.patch,
data/patches/moz-configure-changes.patch: Adapt to version 128.
* data/settings.js: Add more IceCat-specific customizations.
* tools/process-json-files.py: Process more JSON files for search
engine configuration v2 and overrides, as needed for version 128.
* makeicecat: Update FFMAJOR, FFMINOR, SOURCEBALL_CHECKSUM, L10N_URL,
L10_CMP_URL, and L10N_CMP_REV.  Add L10N_REV.
(sort_inner_list): Ignore case when sorting inner lists.
(validate_env): Add check for Git.  Remove check for Mercurial.
(fetch_l10n): Update to reflect upstream changes.  Use Git instead of
Mercurial.  Fetch all locales in a single clone operation.
(configure, apply_batch_branding): Adapt to version 128.
---
 data/patches/CVE-2024-11692.patch                 | 61 --------------
 data/patches/CVE-2024-11693.patch                 | 98 -----------------------
 data/patches/CVE-2024-11697.patch                 | 40 ---------
 data/patches/about-addons.patch                   |  4 +-
 data/patches/hide-firefox-view-button.patch       | 10 +++
 data/patches/hide-protections-dashboard.patch     |  2 +-
 data/patches/hide-submit-feedback-menu-item.patch | 10 +--
 data/patches/icecat-about-dialog.patch            |  8 +-
 data/patches/icecat-preferences.patch             | 39 +++++----
 data/patches/moz-configure-changes.patch          |  6 +-
 data/settings.js                                  |  6 ++
 11 files changed, 49 insertions(+), 235 deletions(-)
 delete mode 100644 data/patches/CVE-2024-11692.patch
 delete mode 100644 data/patches/CVE-2024-11693.patch
 delete mode 100644 data/patches/CVE-2024-11697.patch
 create mode 100644 data/patches/hide-firefox-view-button.patch

(limited to 'data')

diff --git a/data/patches/CVE-2024-11692.patch b/data/patches/CVE-2024-11692.patch
deleted file mode 100644
index 393fe5e..0000000
--- a/data/patches/CVE-2024-11692.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-Fixes CVE-2024-11692 (Select list elements could be shown over another site)
-Based on <https://hg.mozilla.org/releases/mozilla-esr128/rev/a6cf1a7cd289db4f46cb34f4dd16cce133b25e8d>
-Adapted to ESR 115 by Mark H Weaver <mhw@netris.org>
-
-# HG changeset patch
-# User Edgar Chen <echen@mozilla.com>
-# Date 1730556179 0
-# Node ID a6cf1a7cd289db4f46cb34f4dd16cce133b25e8d
-# Parent  e983e8a66e515a2e32497cec1b3ccf439396dadc
-Bug 1909535 - Don't show select dropdown in background tabs;  a=dmeehan
-
-Original Revision: https://phabricator.services.mozilla.com/D225706
-
-Differential Revision: https://phabricator.services.mozilla.com/D227607
-
-diff --git a/toolkit/actors/SelectParent.sys.mjs b/toolkit/actors/SelectParent.sys.mjs
---- a/toolkit/actors/SelectParent.sys.mjs
-+++ b/toolkit/actors/SelectParent.sys.mjs
-@@ -273,16 +273,41 @@ export var SelectParentHelper = {
-     }
- 
-     this._currentZoom = zoom;
-     this._currentMenulist = menulist;
-     this.populateChildren(menulist, items, uniqueItemStyles, selectedIndex);
-   },
- 
-   open(browser, menulist, rect, isOpenedViaTouch, selectParentActor) {
-+    const canOpen = (() => {
-+      if (!menulist.ownerDocument.hasFocus()) {
-+        // Don't open in inactive browser windows.
-+        return false;
-+      }
-+      if (browser) {
-+        if (!browser.browsingContext.isActive) {
-+          // Don't open in inactive tabs.
-+          return false;
-+        }
-+        let tabbrowser = browser.getTabBrowser();
-+        if (tabbrowser && tabbrowser.selectedBrowser != browser) {
-+          // AsyncTabSwitcher might delay activating our browser, check
-+          // explicitly for tabbrowser.
-+          return false;
-+        }
-+      }
-+      return true;
-+    })();
-+
-+    if (!canOpen) {
-+      selectParentActor.sendAsyncMessage("Forms:DismissedDropDown", {});
-+      return;
-+    }
-+
-     this._actor = selectParentActor;
-     menulist.hidden = false;
-     this._currentBrowser = browser;
-     this._closedWithEnter = false;
-     this._selectRect = rect;
-     this._registerListeners(menulist.menupopup);
- 
-     // Set the maximum height to show exactly MAX_ROWS items.
-
diff --git a/data/patches/CVE-2024-11693.patch b/data/patches/CVE-2024-11693.patch
deleted file mode 100644
index 6bb997a..0000000
--- a/data/patches/CVE-2024-11693.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-Fixes CVE-2024-11693 (Download Protections were bypassed by .library-ms files on Windows)
-Copied from <https://hg.mozilla.org/releases/mozilla-esr128/rev/e983e8a66e515a2e32497cec1b3ccf439396dadc>
-
-# HG changeset patch
-# User Marco Bonardo <mbonardo@mozilla.com>
-# Date 1730555916 0
-# Node ID e983e8a66e515a2e32497cec1b3ccf439396dadc
-# Parent  893b0489efa4b18355ea91113c28bf7c731a2749
-Bug 1921458.  a=dmeehan
-
-Original Revision: https://phabricator.services.mozilla.com/D226775
-
-Differential Revision: https://phabricator.services.mozilla.com/D227221
-
-diff --git a/toolkit/components/reputationservice/ApplicationReputation.cpp b/toolkit/components/reputationservice/ApplicationReputation.cpp
---- a/toolkit/components/reputationservice/ApplicationReputation.cpp
-+++ b/toolkit/components/reputationservice/ApplicationReputation.cpp
-@@ -286,16 +286,17 @@ const char* const ApplicationReputationS
- #endif
-     //".job", // Windows
-     //".jpg",
-     //".jpeg",
-     //".js", exec  // JavaScript script
-     //".jse", exec // JScript
-     ".ksh",  // Linux shell
-     //".lha",
-+    //".library-ms", exec // Windows
-     //".lnk", exec // Windows
-     ".local",  // Windows
-     //".lpaq1",
-     //".lpaq5",
-     //".lpaq8",
-     //".lzh",
-     //".lzma",
-     //".mad", exec  // MS Access
-diff --git a/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp b/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
---- a/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
-+++ b/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
-@@ -116,16 +116,17 @@ static const char* const kTestFileExtens
-     ".isp",                // IIS config
-     ".jar",                // Java
- #ifndef MOZ_ESR
-     ".jnlp",               // Java
- #endif
-     ".js",                 // JavaScript script
-     ".jse",                // JScript
-     ".ksh",                // Linux shell
-+    ".library-ms",         // Windows Library Files
-     ".lnk",                // Windows
-     ".local",              // Windows
-     ".mad",                // MS Access
-     ".maf",                // MS Access
-     ".mag",                // MS Access
-     ".mam",                // MS Access
-     ".manifest",           // Windows
-     ".maq",                // MS Access
-diff --git a/xpcom/io/nsLocalFileCommon.cpp b/xpcom/io/nsLocalFileCommon.cpp
---- a/xpcom/io/nsLocalFileCommon.cpp
-+++ b/xpcom/io/nsLocalFileCommon.cpp
-@@ -67,16 +67,17 @@ const char* const sExecutableExts[] = {
-   ".ins",
-   ".isp",
-   ".jar",         // java application bundle
- #ifndef MOZ_ESR
-   ".jnlp",
- #endif
-   ".js",
-   ".jse",
-+  ".library-ms",  // Windows Library Files
-   ".lnk",
-   ".mad",         // Access Module Shortcut
-   ".maf",         // Access
-   ".mag",         // Access Diagram Shortcut
-   ".mam",         // Access Macro Shortcut
-   ".maq",         // Access Query Shortcut
-   ".mar",         // Access Report Shortcut
-   ".mas",         // Access Stored Procedure
-diff --git a/xpcom/io/nsLocalFileCommon.h b/xpcom/io/nsLocalFileCommon.h
---- a/xpcom/io/nsLocalFileCommon.h
-+++ b/xpcom/io/nsLocalFileCommon.h
-@@ -3,14 +3,14 @@
- /* This Source Code Form is subject to the terms of the Mozilla Public
-  * License, v. 2.0. If a copy of the MPL was not distributed with this
-  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
- 
- #ifndef _NS_LOCAL_FILE_COMMON_H_
- #define _NS_LOCAL_FILE_COMMON_H_
- 
- #ifdef MOZ_ESR
--extern const char* const sExecutableExts[108];
-+extern const char* const sExecutableExts[109];
- #else
--extern const char* const sExecutableExts[109];
-+extern const char* const sExecutableExts[110];
- #endif
- 
- #endif
-
diff --git a/data/patches/CVE-2024-11697.patch b/data/patches/CVE-2024-11697.patch
deleted file mode 100644
index a22dd3e..0000000
--- a/data/patches/CVE-2024-11697.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-Fixes CVE-2024-11697 (Improper Keypress Handling in Executable File Confirmation Dialog)
-Copied from <https://hg.mozilla.org/releases/mozilla-esr128/rev/936e95e3b008cb9bcccd1512332b45757a4bb7f6>
-
-# HG changeset patch
-# User Gijs Kruitbosch <gijskruitbosch@gmail.com>
-# Date 1731505009 0
-# Node ID 936e95e3b008cb9bcccd1512332b45757a4bb7f6
-# Parent  fbed98e3e9cdc2f99af7a2a14f7184f51fe07d8e
-Bug 1842187  a=dmeehan
-
-Original Revision: https://phabricator.services.mozilla.com/D223948
-
-Differential Revision: https://phabricator.services.mozilla.com/D228631
-
-diff --git a/toolkit/components/downloads/DownloadUIHelper.sys.mjs b/toolkit/components/downloads/DownloadUIHelper.sys.mjs
---- a/toolkit/components/downloads/DownloadUIHelper.sys.mjs
-+++ b/toolkit/components/downloads/DownloadUIHelper.sys.mjs
-@@ -166,17 +166,20 @@ DownloadPrompter.prototype = {
- 
-     const title = lazy.l10n.formatValueSync(
-       "download-ui-file-executable-security-warning-title"
-     );
-     const message = lazy.l10n.formatValueSync(
-       "download-ui-file-executable-security-warning",
-       { executable: PathUtils.filename(path) }
-     );
--    return this._prompter.confirm(title, message);
-+    let flags =
-+      Ci.nsIPrompt.BUTTON_DELAY_ENABLE | Ci.nsIPrompt.STD_OK_CANCEL_BUTTONS;
-+    let nulls = Array(4).fill(null);
-+    return 0 == this._prompter.confirmEx(title, message, flags, ...nulls, {});
-   },
- 
-   /**
-    * Displays a warning message box that informs that there are active
-    * downloads, and asks whether the user wants to cancel them or not.
-    *
-    * @param aDownloadsCount
-    *        The current downloads count.
-
diff --git a/data/patches/about-addons.patch b/data/patches/about-addons.patch
index 4427c46..179e336 100644
--- a/data/patches/about-addons.patch
+++ b/data/patches/about-addons.patch
@@ -1,6 +1,6 @@
 --- a/toolkit/mozapps/extensions/content/aboutaddons.html
 +++ b/toolkit/mozapps/extensions/content/aboutaddons.html
-@@ -174,12 +174,12 @@
+@@ -171,12 +171,12 @@
      <template name="addon-page-header">
        <div class="sticky-container">
          <div class="main-search">
@@ -15,7 +15,7 @@
          </div>
          <div class="main-heading">
            <button
-@@ -660,6 +660,7 @@
+@@ -693,6 +693,7 @@
        </div>
        <div class="view-footer-item">
          <a
diff --git a/data/patches/hide-firefox-view-button.patch b/data/patches/hide-firefox-view-button.patch
new file mode 100644
index 0000000..ef24a34
--- /dev/null
+++ b/data/patches/hide-firefox-view-button.patch
@@ -0,0 +1,10 @@
+--- a/browser/base/content/navigator-toolbox.inc.xhtml
++++ b/browser/base/content/navigator-toolbox.inc.xhtml
+@@ -43,6 +43,7 @@
+                          oncommand="FirefoxViewHandler.openTab();"
+                          onmousedown="FirefoxViewHandler.openToolbarMouseEvent(event);"
+                          cui-areatype="toolbar"
++                         hidden="true"
+                          removable="true"/>
+ 
+           <tabs id="tabbrowser-tabs"
diff --git a/data/patches/hide-protections-dashboard.patch b/data/patches/hide-protections-dashboard.patch
index 9effa08..f6da18a 100644
--- a/data/patches/hide-protections-dashboard.patch
+++ b/data/patches/hide-protections-dashboard.patch
@@ -1,6 +1,6 @@
 --- a/browser/base/content/browser-siteProtections.js
 +++ b/browser/base/content/browser-siteProtections.js
-@@ -1553,7 +1553,7 @@
+@@ -1816,7 +1816,7 @@
        this._trackingProtectionIconContainer.hidden = true;
        return;
      }
diff --git a/data/patches/hide-submit-feedback-menu-item.patch b/data/patches/hide-submit-feedback-menu-item.patch
index 87924c7..402ba31 100644
--- a/data/patches/hide-submit-feedback-menu-item.patch
+++ b/data/patches/hide-submit-feedback-menu-item.patch
@@ -1,10 +1,10 @@
 --- a/browser/base/content/browser-menubar.inc
 +++ b/browser/base/content/browser-menubar.inc
-@@ -475,6 +475,7 @@
-                           oncommand="openTroubleshootingPage()"
-                           onclick="checkForMiddleClick(this, event);" data-l10n-id="menu-help-troubleshooting-info"/>
+@@ -465,6 +465,7 @@
+                           hidden="true"
+                           appmenu-data-l10n-id="menu-report-broken-site"/>
                  <menuitem id="feedbackPage"
 +                          hidden="true"
                            oncommand="openFeedbackPage()"
-                           onclick="checkForMiddleClick(this, event);" data-l10n-id="menu-help-feedback-page"/>
-                 <menuitem id="helpSafeMode"
+                           data-l10n-id="menu-help-share-ideas"
+                           appmenu-data-l10n-id="appmenu-help-share-ideas"/>
diff --git a/data/patches/icecat-about-dialog.patch b/data/patches/icecat-about-dialog.patch
index 0551cf7..c7e77b0 100644
--- a/data/patches/icecat-about-dialog.patch
+++ b/data/patches/icecat-about-dialog.patch
@@ -1,6 +1,6 @@
---- a/browser/base/content/aboutDialog.xhtml.orig	2021-08-17 16:59:51.674898001 -0400
-+++ b/browser/base/content/aboutDialog.xhtml	2021-08-17 17:00:18.346884904 -0400
-@@ -161,7 +161,6 @@
+--- a/browser/base/content/aboutDialog.xhtml
++++ b/browser/base/content/aboutDialog.xhtml
+@@ -148,7 +148,6 @@
        <hbox pack="center">
          <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:license" data-l10n-id="bottomLinks-license"/>
          <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:rights" data-l10n-id="bottomLinks-rights"/>
@@ -10,7 +10,7 @@
      </vbox>
 --- a/browser/base/content/aboutDialog.css
 +++ b/browser/base/content/aboutDialog.css
-@@ -14,10 +14,9 @@
+@@ -38,10 +38,9 @@
  #rightBox {
    background-image: url("chrome://branding/content/about-wordmark.svg");
    background-repeat: no-repeat;
diff --git a/data/patches/icecat-preferences.patch b/data/patches/icecat-preferences.patch
index 1d5f655..f8f00cd 100644
--- a/data/patches/icecat-preferences.patch
+++ b/data/patches/icecat-preferences.patch
@@ -1,7 +1,7 @@
---- a/browser/components/preferences/privacy.inc.xhtml.orig	2021-08-17 15:38:19.838881866 -0400
-+++ b/browser/components/preferences/privacy.inc.xhtml	2021-08-17 15:39:01.382760058 -0400
-@@ -632,6 +632,83 @@
-          data-l10n-id="addressbar-suggestions-settings"/>
+--- a/browser/components/preferences/privacy.inc.xhtml
++++ b/browser/components/preferences/privacy.inc.xhtml
+@@ -705,6 +705,83 @@
+   </hbox>
  </groupbox>
  
 +<!-- IceCat-specific privacy group -->
@@ -84,18 +84,17 @@
  <hbox id="permissionsCategory"
        class="subcategory"
        hidden="true"
---- a/browser/components/preferences/privacy.js.orig	2021-08-17 15:39:19.662709308 -0400
-+++ b/browser/components/preferences/privacy.js	2021-08-17 16:10:17.129079115 -0400
-@@ -138,6 +138,17 @@
-   { id: "browser.urlbar.suggest.topsites", type: "bool" },
-   { id: "browser.urlbar.suggest.engines", type: "bool" },
+--- a/browser/components/preferences/privacy.js
++++ b/browser/components/preferences/privacy.js
+@@ -155,6 +155,16 @@
+   { id: PREF_URLBAR_QUICKSUGGEST_BLOCKLIST, type: "string" },
+   { id: PREF_URLBAR_WEATHER_USER_ENABLED, type: "bool" },
  
 +  // IceCat-specific
 +  { id: "javascript.enabled", type: "bool" },
 +  { id: "browser.display.use_document_fonts", type: "int" },
 +  { id: "extensions.update.enabled", type: "bool" },
 +  { id: "network.http.referer.spoofSource", type: "bool" },
-+  { id: "privacy.resistFingerprinting", type: "bool" },
 +  { id: "webgl.disabled", type: "bool" },
 +  { id: "network.captive-portal-service.enabled", type: "bool" },
 +  { id: "network.connectivity-service.enabled", type: "bool" },
@@ -104,7 +103,7 @@
    // History
    { id: "places.history.enabled", type: "bool" },
    { id: "browser.formfill.enable", type: "bool" },
-@@ -706,6 +716,24 @@
+@@ -1177,6 +1187,24 @@
      setSyncFromPrefListener("enableOCSP", () => this.readEnableOCSP());
      setSyncToPrefListener("enableOCSP", () => this.writeEnableOCSP());
  
@@ -129,7 +128,7 @@
      if (AlertsServiceDND) {
        let notificationsDoNotDisturbBox = document.getElementById(
          "notificationsDoNotDisturbBox"
-@@ -825,6 +850,62 @@
+@@ -1290,6 +1318,62 @@
      SiteDataManager.updateSites();
    },
  
@@ -192,13 +191,12 @@
    // CONTENT BLOCKING
  
    /**
-diff -ru icecat-91.13.0/browser/base/content/appmenu-viewcache.inc.xhtml icecat-91.13.0.orig/browser/base/content/appmenu-viewcache.inc.xhtml
---- icecat-91.13.0/browser/base/content/appmenu-viewcache.inc.xhtml	2022-08-30 20:57:37.511721105 -0400
-+++ icecat-91.13.0.orig/browser/base/content/appmenu-viewcache.inc.xhtml	2022-08-30 20:52:39.076545425 -0400
-@@ -336,6 +336,10 @@
+--- a/browser/base/content/appmenu-viewcache.inc.xhtml
++++ b/browser/base/content/appmenu-viewcache.inc.xhtml
+@@ -126,6 +126,10 @@
                       key="key_preferencesCmdMac"
  #endif
-                      oncommand="openPreferences()"/>
+                      />
 +      <toolbarbutton id="appMenu-icecatsettings-button"
 +                     class="subviewbutton"
 +                     data-l10n-id="appmenuitem-icecat-settings"
@@ -206,10 +204,9 @@ diff -ru icecat-91.13.0/browser/base/content/appmenu-viewcache.inc.xhtml icecat-
        <toolbarbutton id="appMenu-more-button2"
                       class="subviewbutton subviewbutton-nav"
                       data-l10n-id="appmenuitem-more-tools"
-diff -ru icecat-91.13.0.orig/browser/base/content/browser-menubar.inc icecat-91.13.0/browser/base/content/browser-menubar.inc
---- icecat-91.13.0.orig/browser/base/content/browser-menubar.inc	2022-08-30 21:06:25.143226477 -0400
-+++ icecat-91.13.0/browser/base/content/browser-menubar.inc	2022-08-30 21:06:10.103469430 -0400
-@@ -139,6 +139,9 @@
+--- a/browser/base/content/browser-menubar.inc
++++ b/browser/base/content/browser-menubar.inc
+@@ -127,6 +127,9 @@
                            />
  #endif
  #endif
diff --git a/data/patches/moz-configure-changes.patch b/data/patches/moz-configure-changes.patch
index 85d5657..6f0525e 100644
--- a/data/patches/moz-configure-changes.patch
+++ b/data/patches/moz-configure-changes.patch
@@ -1,5 +1,5 @@
---- a/browser/moz.configure.orig	2021-08-17 17:06:02.522757210 -0400
-+++ b/browser/moz.configure	2021-08-17 17:06:48.846744492 -0400
+--- a/browser/moz.configure
++++ b/browser/moz.configure
 @@ -5,11 +5,11 @@
  # file, You can obtain one at http://mozilla.org/MPL/2.0/.
  
@@ -14,5 +14,5 @@
 +imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", False)
 +imply_option("MOZ_NORMANDY", False)
  
- with only_when(target_is_linux & compile_environment):
+ with only_when(target_has_linux_kernel & compile_environment):
      option(env="MOZ_NO_PIE_COMPAT", help="Enable non-PIE wrapper")
diff --git a/data/settings.js b/data/settings.js
index 88f6d58..ced4e94 100644
--- a/data/settings.js
+++ b/data/settings.js
@@ -179,6 +179,8 @@ pref("browser.search.geoip.url", "");
 pref("browser.search.geoSpecificDefaults", false);
 pref("browser.search.geoSpecificDefaults.url", "");
 pref("browser.search.modernConfig", false);
+// Disable network connectivity service
+pref("network.connectivity-service.enabled", false);
 // Disable captive portal detection
 pref("captivedetect.canonicalURL", "");
 pref("network.captive-portal-service.enabled", false);
@@ -258,9 +260,13 @@ pref ("extensions.getAddons.search.browseURL", "https://gnuzilla.gnu.org/mozzare
 pref ("extensions.getAddons.get.url", "https://gnuzilla.gnu.org/mozzarella");
 pref ("extensions.getAddons.link.url", "https://gnuzilla.gnu.org/mozzarella");
 pref ("extensions.getAddons.discovery.api_url", "https://gnuzilla.gnu.org/mozzarella");
+pref ("extensions.getAddons.browserMappings.url", "https://gnuzilla.gnu.org/mozzarella");
+pref ("extensions.recommendations.privacyPolicyUrl", "https://gnuzilla.gnu.org/mozzarella");
+pref ("extensions.recommendations.themeRecommendationUrl", "https://gnuzilla.gnu.org/mozzarella");
 
 pref ("extensions.systemAddon.update.url", "");
 pref ("extensions.systemAddon.update.enabled", false);
+pref ("extensions.getAddons.cache.enabled", false);
 
 // FIXME: find better URLs for these:
 pref ("extensions.getAddons.langpacks.url", "https://gnuzilla.gnu.org/mozzarella");
-- 
cgit v1.2.3