[24.05] Various Electron backports

[emilazy]

Description of changes

Manual backport of #319252, #319415, #336036, and #335850.

Pending on:

• [Backport release-24.05] Heroic Games Launcher: 2.14.1 -> 2.15.1 #337312
• [24.05] morgen: electron_29 -> electron_30 #337320
• [24.05] antares: 0.7.24 -> 0.7.28 #337777
• [Backport release-24.05] blockbench: remove electron version pin #337787
• [Backport release-24.05] lx-music-desktop: 2.7.0 -> 2.8.0 #337801 and then [Backport release-24.05] lx-music-desktop: 2.8.0 -> 2.9.0 #337947
• [Backport release-24.05] ride: add patch to support later electron versions #337788
• [Backport release-24.05] feishin: 0.7.1 -> 0.7.3 #337789 and then [24.05] feishin: backports #337949
• [24.05] obsidian: backports #337794
• [24.05] webtorrent_desktop: update and use latest electron #337797
• teams-for-linux: 1.4.27 -> 1.9.5 #338089

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[emilazy]

This actually also marks 27 and 28 as EOL, which are used by the following packages that don’t use them on masters:

• blockbench
• lx-music-desktop
• ride
• feishin
• obsidian
• webtorrent_desktop

So there’s some more backporting work to do here. I’ll go PR‐hunting in a bit, but I’d appreciate some help.

[emilazy]

(Also I do need to actually either backport the removals or mark the source packages as vulnerable too, of course… Drafting this for now.)

[emilazy]

Okay, I think I have all the relevant Electron commits in this now, but it could definitely use double‐checking…

I’ll work on getting the PRs for the software this would break backported.

[emilazy]

Final diff of the Electron directory compared to master now looks benign:

diff --git a/pkgs/development/tools/electron/binary/default.nix b/pkgs/development/tools/electron/binary/default.nix
index 07637d13e9..b884428cf8 100644
--- a/pkgs/development/tools/electron/binary/default.nix
+++ b/pkgs/development/tools/electron/binary/default.nix
@@ -1,11 +1,8 @@
-let
-  infoJson = builtins.fromJSON (builtins.readFile ./info.json);
-in
-
 { lib, callPackage }:
 
 let
   mkElectron = callPackage ./generic.nix { };
+  infoJson = builtins.fromJSON (builtins.readFile ./info.json);
 in
 lib.mapAttrs' (majorVersion: info:
   lib.nameValuePair
diff --git a/pkgs/development/tools/electron/common.nix b/pkgs/development/tools/electron/common.nix
index 1e86382771..311757ae1b 100644
--- a/pkgs/development/tools/electron/common.nix
+++ b/pkgs/development/tools/electron/common.nix
@@ -16,7 +16,7 @@
 , pipewire
 , libsecret
 , libpulseaudio
-, speechd-minimal
+, speechd
 , info
 }:
 
@@ -49,7 +49,7 @@
 
   src = null;
 
-  patches = base.patches ++ lib.optional (lib.versionOlder info.version "30")
+  patches = base.patches ++ lib.optional (lib.versionAtLeast info.version "29" && lib.versionOlder info.version "30")
     (substituteAll {
       # disable a component that requires CIPD blobs
       name = "disable-screen-ai.patch";
@@ -171,8 +171,10 @@
     use_qt = false;
     v8_builtins_profiling_log_file = "";
     enable_dangling_raw_ptr_checks = false;
+  } // lib.optionalAttrs (lib.versionAtLeast info.version "28") {
     dawn_use_built_dxc = false;
     v8_enable_private_mapping_fork_optimization = true;
+  } // lib.optionalAttrs (lib.versionAtLeast info.version "29") {
     v8_expose_public_symbols = true;
   } // lib.optionalAttrs (lib.versionOlder info.version "31") {
     use_perfetto_client_library = false;
@@ -204,7 +206,7 @@
         stdenv.cc.cc.lib
         libsecret
         libpulseaudio
-        speechd-minimal
+        speechd
       ];
     in
   base.postFixup + ''

[emilazy]

Okay, I think I tracked down all the relevant PRs to backport. Still some manual ones to tackle and they all need review.

[emilazy]

Final diff of the Electron directory compared to master now looks benign:

Or not! Guess I have to backport that change too. I’ll do it tomorrow.

[emilazy]

This should actually work now. Apologies for my sloppiness; this is my first time working with the Electron packages.

[emilazy]

This should be ready now.

[teutat3s]

I'll build this branch on my tower and report back with test results.

[teutat3s]

Result of nixpkgs-review pr 337776 run on x86_64-linux 1

10 packages marked as broken and skipped:

• electron_27
• electron_28
• electron_29
• electron_29-bin
• kuro
• logseq
• micropad
• passky-desktop
• pocket-casts
• whalebird

12 packages built:

• antares
• deltachat-desktop
• electron-chromedriver_29
• electron-chromedriver_30
• electron_30
• electron_30-bin
• feishin
• lx-music-desktop
• morgen
• teams-for-linux
• webcord
• webcord-vencord

[emilazy]

Thanks for checking!

is it expected that electron-chromedriver_29 isn’t marked as vulnerable? Not really relevant to this PR, though, since it shouldn’t be any different on master.