build from source: Yarn 4 Berry + Rust napi + Electron Forge offline …#99
Draft
the-narwhal wants to merge 7 commits intoflathub:masterfrom
Draft
build from source: Yarn 4 Berry + Rust napi + Electron Forge offline …#99the-narwhal wants to merge 7 commits intoflathub:masterfrom
the-narwhal wants to merge 7 commits intoflathub:masterfrom
Conversation
…build Replaces the binary .deb wrapper with a complete from-source build. - generated-sources.json: 4277 pre-fetched JS/Node/Electron packages (flatpak-node-generator) - cargo-sources.json: 527 pre-fetched Rust crates (flatpak-cargo-generator) - remove-private-registries.patch: strips unreachable Proton internal npm scopes from .yarnrc.yml - fix-native-build.patch: removes rustup target add, restricts to native arch glibc target - fix-forge-electron-cache.patch: adds electronZipDir to forge.config.ts to bypass @electron/get - me.proton.Pass.desktop: new desktop entry (pending upstream PR to ProtonMail/WebClients) - filter-yarn-lock.py: helper script for re-generating sources on version bumps - flathub.json: drops x86_64-only restriction (both arches now supported) - metainfo: updated disclaimer to canonical form, added release notes for recent versions"
Contributor
|
🚧 Test build enqueued. |
Contributor
|
🚧 Started test build. |
Contributor
|
🚧 Test build enqueued. |
Contributor
|
❌ Test build was cancelled. Help
|
Contributor
|
🚧 Started test build. |
Contributor
|
🚧 Test build enqueued. |
Contributor
|
❌ Test build was cancelled. Help
|
Contributor
|
🚧 Started test build. |
Contributor
|
✅ Test build succeeded. To test this build, install it from the testing repository: Built for aarch64 and x86_64 architectures. |
Collaborator
|
Thanks! Does it work already? |
Author
|
Yes ish. I had to pause progress before I got it fully completed. There's also some monorepo challenges that still need sorted out. I'd call it a work in progress for now. And I'll come back to it in early May when time is more available. |
|
Hi, I just saw your PR in Proton monorepo, thanks for this!
|
Author
|
Appreciated! The work you're doing upstream and the feedback here are very helpful! Ultimate goal is to get Authenticator approved on flathub and building in both x86 and arm64 (selfishly I need arm64 for my x1e machine). Then ideally go proton app by proton app on flathub and uplift them to build from source in both too. |
applications/docs-editor/package.json references seven @rowsncolumns/* packages via workspace:^ — but those are private/external packages not present in the monorepo. Yarn Berry raises: Workspace not found (@rowsncolumns/charts@workspace:^) even when docs-editor is already excluded from the active workspace list by the preceding filter step, because it still scans the lockfile entries. Remove all @rowsncolumns/* entries from docs-editor's dependencies as a defensive measure. Approach suggested by D-Bao (Proton) in flathub#99. Also add test-repo/ to .gitignore.
Contributor
|
🚧 Test build enqueued. |
Contributor
|
🚧 Started test build. |
generated-sources.json: - Strip 10 Playwright browser binary entries (5 cdn.playwright.dev archives + 5 companion inline symlink scripts). These test-only downloads are never used during the Flatpak build and waste several hundred MB of bandwidth. The @playwright/test npm tarballs are kept since Yarn needs them in the offline cache for lockfile resolution. fix-native-build.patch: - Replace the arm64-or-x86_64 ternary with an archMap lookup that correctly handles arm (armv7-unknown-linux-gnueabihf) in addition to aarch64 and x86_64. flathub.json: - Restrict to only-arches: [x86_64, aarch64]. arm32 is untested for an app this size; this prevents a potential Flathub CI failure on armv7l builders. me.proton.Pass.yml: - Rename PREREQUISITES block to MAINTENANCE and remove stale "empty stubs" language; files are committed and populated. Add the Playwright-strip one-liner to the regeneration instructions. - Clarify yarn install comment: explain --mode=skip-build and the omission of --immutable separately, since they are independent flags. - Correct the comment for fix-forge-electron-cache.patch: the patch adds packagerConfig.electronZipDir / FLATPAK_ELECTRON_ZIP_DIR, not download.cacheRoot / FLATPAK_ELECTRON_CACHE.
Contributor
|
✅ Test build succeeded. To test this build, install it from the testing repository: Built for aarch64 and x86_64 architectures. |
Adds .github/workflows/regenerate-sources.yml, a manually-triggered
(workflow_dispatch) GitHub Actions workflow for use when the Flathub
external-data-checker opens a version-bump PR.
The workflow accepts a branch name as input, then:
- reads the new upstream tag written by the checker into the manifest
- sparse-checks out only yarn.lock and Cargo.lock from WebClients,
avoiding a full clone of the multi-GB monorepo
- regenerates generated-sources.json via flatpak-node-generator and
strips Playwright browser binaries (not needed at build time)
- regenerates cargo-sources.json via flatpak-cargo-generator
- detects any Electron version change in the fresh sources and patches
all four hardcoded occurrences in the manifest: EHASH, both EZIP
lines, SHASUMS256.txt suffix, and the explanatory comment
- commits the results back to the PR branch
Includes guards for empty NEW_VER and a failed tag-pattern match.
me.proton.Pass.yml:
- install WebClients LICENSE to share/licenses/me.proton.Pass/LICENSE;
flatpak-builder cannot auto-install it for simple-buildsystem modules
- document --device=all as required for FIDO2/U2F hardware security
key support (/dev/hidraw*); no portal exists for this yet
me.proton.Pass.metainfo.xml:
- correct project_license from GPL-3.0 to GPL-3.0-only; confirmed
against upstream WebClients/LICENSE (GPL v3 only, not "or later");
bare GPL-3.0 is deprecated in SPDX 3.x
- remove xml:lang="en" from <screenshot> element; AppStream does not
permit it there — it belongs on <image> and <caption> children
- add <url type="bugtracker"> pointing to the WebClients issue tracker
me.proton.Pass.desktop:
- add Security; to Categories (matches KeePassXC, Bitwarden, et al.)
- add Keywords for discoverability in software centres
Contributor
|
🚧 Test build enqueued. |
Contributor
|
🚧 Started test build. |
Contributor
|
✅ Test build succeeded. To test this build, install it from the testing repository: Built for aarch64 and x86_64 architectures. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Build from source
Replaces the binary
.debwrapper with a complete offline build from theupstream ProtonMail/WebClients
monorepo at tag
proton-pass@1.36.0.Build stack
node-moduleslinker)@electron-forge/plugin-webpackapplications/pass-desktop/native/compiled with
@napi-rs/cli(NAPI addon) andcargo(native messaging host)org.freedesktop.Sdk.Extension.node22,org.freedesktop.Sdk.Extension.rust-stablePatches (3 files)
remove-private-registries.patch@tpe,@proton-meet,@proton/…@npm:) from.yarnrc.yml— all@proton/*packages are workspace-local; these entries are stale and unreachable from the sandboxfix-native-build.patchrustup target addcalls (requires network + writableRUSTUP_HOME) and restricts Linux targets to the native arch with glibc; musl is not needed in a Flatpak runtimefix-forge-electron-cache.patchelectronZipDirtopackagerConfiginforge.config.tsso@electron/packageruses the pre-fetched Electron zip directly instead of calling@electron/get; env var only set in the Flatpak sandbox, normal builds unaffectedGenerated source files
generated-sources.json— produced byflatpak-node-generator yarn WebClients/yarn.lockcargo-sources.json— produced byflatpak-cargo-generator.py …/native/Cargo.lockDesktop/metainfo
me.proton.Pass.desktopand the updatedme.proton.Pass.metainfo.xmlarecarried in this repo for now. A separate PR to ProtonMail/WebClients is
being opened to upstream them into
applications/pass-desktop/assets/.Tested on