mirror of
https://github.com/zen-browser/desktop.git
synced 2025-07-07 21:49:58 +02:00
feat: security: Enable google safebrowsing and populate the API keys, b=no-bug, c=workflows, common, configs
This commit is contained in:
parent
35245078c9
commit
d786c6927f
4 changed files with 33 additions and 3 deletions
9
.github/workflows/linux-release-build.yml
vendored
9
.github/workflows/linux-release-build.yml
vendored
|
@ -121,6 +121,11 @@ jobs:
|
||||||
./mach --no-interactive bootstrap --application-choice browser
|
./mach --no-interactive bootstrap --application-choice browser
|
||||||
cd ..
|
cd ..
|
||||||
|
|
||||||
|
- name: Insert API Keys
|
||||||
|
run: |
|
||||||
|
mkdir -p ~/.zen-keys
|
||||||
|
echo "${{ secrets.ZEN_SAFEBROWSING_API_KEY }}" > ~/.zen-keys/safebrowsing.dat
|
||||||
|
|
||||||
- name: Build
|
- name: Build
|
||||||
env:
|
env:
|
||||||
SURFER_COMPAT: ${{ matrix.arch }}
|
SURFER_COMPAT: ${{ matrix.arch }}
|
||||||
|
@ -141,6 +146,10 @@ jobs:
|
||||||
export SURFER_PLATFORM="linux"
|
export SURFER_PLATFORM="linux"
|
||||||
export ZEN_RELEASE=1
|
export ZEN_RELEASE=1
|
||||||
npm run package
|
npm run package
|
||||||
|
|
||||||
|
- name: Remove API Keys
|
||||||
|
run: |
|
||||||
|
rm -rf ~/.zen-keys
|
||||||
|
|
||||||
- name: Rename artifacts
|
- name: Rename artifacts
|
||||||
run: |
|
run: |
|
||||||
|
|
9
.github/workflows/macos-release-build.yml
vendored
9
.github/workflows/macos-release-build.yml
vendored
|
@ -132,6 +132,11 @@ jobs:
|
||||||
- name: Build language packs
|
- name: Build language packs
|
||||||
run: sh scripts/download-language-packs.sh
|
run: sh scripts/download-language-packs.sh
|
||||||
|
|
||||||
|
- name: Insert API Keys
|
||||||
|
run: |
|
||||||
|
mkdir -p ~/.zen-keys
|
||||||
|
echo "${{ secrets.ZEN_SAFEBROWSING_API_KEY }}" > ~/.zen-keys/safebrowsing.dat
|
||||||
|
|
||||||
- name: Build Zen
|
- name: Build Zen
|
||||||
env:
|
env:
|
||||||
SURFER_COMPAT: ${{ matrix.arch }}
|
SURFER_COMPAT: ${{ matrix.arch }}
|
||||||
|
@ -152,6 +157,10 @@ jobs:
|
||||||
export ZEN_RELEASE=1
|
export ZEN_RELEASE=1
|
||||||
npm run package
|
npm run package
|
||||||
|
|
||||||
|
- name: Remove API Keys
|
||||||
|
run: |
|
||||||
|
rm -rf ~/.zen-keys
|
||||||
|
|
||||||
- name: Rename artifacts
|
- name: Rename artifacts
|
||||||
run: |
|
run: |
|
||||||
echo "Tarballing DMG"
|
echo "Tarballing DMG"
|
||||||
|
|
10
.github/workflows/windows-release-build.yml
vendored
10
.github/workflows/windows-release-build.yml
vendored
|
@ -226,6 +226,11 @@ jobs:
|
||||||
chmod +x ~/artifact/en-US.log
|
chmod +x ~/artifact/en-US.log
|
||||||
chmod +x ~/artifact/merged.profdata
|
chmod +x ~/artifact/merged.profdata
|
||||||
|
|
||||||
|
- name: Insert API Keys
|
||||||
|
run: |
|
||||||
|
mkdir -p ~/.zen-keys
|
||||||
|
echo "${{ secrets.ZEN_SAFEBROWSING_API_KEY }}" > ~/.zen-keys/safebrowsing.dat
|
||||||
|
|
||||||
- name: Build
|
- name: Build
|
||||||
if: ${{ !(inputs.generate-gpo && matrix.arch == 'aarch64') }}
|
if: ${{ !(inputs.generate-gpo && matrix.arch == 'aarch64') }}
|
||||||
env:
|
env:
|
||||||
|
@ -259,6 +264,11 @@ jobs:
|
||||||
ls ./dist
|
ls ./dist
|
||||||
ls .
|
ls .
|
||||||
|
|
||||||
|
|
||||||
|
- name: Remove API Keys
|
||||||
|
run: |
|
||||||
|
rm -rf ~/.zen-keys
|
||||||
|
|
||||||
- name: Move package for PGO upload
|
- name: Move package for PGO upload
|
||||||
if: ${{ inputs.generate-gpo && matrix.arch == 'x86_64' }}
|
if: ${{ inputs.generate-gpo && matrix.arch == 'x86_64' }}
|
||||||
run: |
|
run: |
|
||||||
|
|
|
@ -32,6 +32,11 @@ if ! test "$SCCACHE_GHA_ENABLED" = "false"; then
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# add safe browsing key if it exists on a file
|
||||||
|
if test -f "$HOME/.zen-keys/safebrowsing.dat"; then
|
||||||
|
ac_add_options --with-google-safebrowsing-api-keyfile="$HOME/.zen-keys/safebrowsing.dat"
|
||||||
|
fi
|
||||||
|
|
||||||
if test "$ZEN_RELEASE"; then
|
if test "$ZEN_RELEASE"; then
|
||||||
|
|
||||||
# TODO: Make this successful in builds
|
# TODO: Make this successful in builds
|
||||||
|
@ -96,10 +101,7 @@ fi
|
||||||
|
|
||||||
ac_add_options --enable-unverified-updates
|
ac_add_options --enable-unverified-updates
|
||||||
|
|
||||||
ac_add_options --enable-raw
|
|
||||||
ac_add_options --enable-webrtc
|
|
||||||
ac_add_options --enable-jxl
|
ac_add_options --enable-jxl
|
||||||
ac_add_options --enable-av1
|
|
||||||
|
|
||||||
ac_add_options --with-unsigned-addon-scopes=app,system
|
ac_add_options --with-unsigned-addon-scopes=app,system
|
||||||
|
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue