diff --git a/patches/add-license-info.patch b/patches/add-license-info.patch index 80d8ad18..b80e792d 100644 --- a/patches/add-license-info.patch +++ b/patches/add-license-info.patch @@ -14,7 +14,7 @@ diff --git a/chrome/browser/resources/settings/about_page/about_page.html b/chro index 6864d76343794..678a7c240d91e 100644 --- a/chrome/browser/resources/settings/about_page/about_page.html +++ b/chrome/browser/resources/settings/about_page/about_page.html -@@ -148,7 +148,68 @@ +@@ -148,7 +148,103 @@
@@ -80,6 +80,41 @@ index 6864d76343794..678a7c240d91e 100644 +
+
+
++
This project contains code from ungoogled-chromium.
++
Copyright (c) 2015-2025, The ungoogled-chromium Authors
++
BSD-3-clause license: ++ 
++All rights reserved.
++
++Redistribution and use in source and binary forms, with or without
++modification, are permitted provided that the following conditions are met:
++
++1. Redistributions of source code must retain the above copyright notice, this
++   list of conditions and the following disclaimer.
++
++2. Redistributions in binary form must reproduce the above copyright notice,
++   this list of conditions and the following disclaimer in the documentation
++   and/or other materials provided with the distribution.
++
++3. Neither the name of the copyright holder nor the names of its
++   contributors may be used to endorse or promote products derived from
++   this software without specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
++AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
++FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
++CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
++OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++
++
++
++
+
This project is based on the Chromium open source project.
$i18n{aboutProductCopyright}
diff --git a/patches/expose-flags.patch b/patches/expose-flags.patch index b4dc87e4..5b14b7ac 100644 --- a/patches/expose-flags.patch +++ b/patches/expose-flags.patch @@ -78,7 +78,7 @@ index 7613006656aaa..ee707f847ccba 100644 + "is disabled, the 'JavaScript optimization & security' permission " + "will disable WebAssembly when disallowed. When enabled, WebAssembly " + "in the same configuration will be available. Disabled by default " -+ "until it becomes more stable. This feature is provided by Trivalent." ++ "until it becomes more stable. This feature is provided by Trivalent.", + kOsAll, FEATURE_VALUE_TYPE(features::kEnableDrumbrake)}, +#endif {variations::switches::kEnableBenchmarking, diff --git a/patches/trivalent-faq-page.patch b/patches/trivalent-faq-page.patch new file mode 100644 index 00000000..be346b85 --- /dev/null +++ b/patches/trivalent-faq-page.patch @@ -0,0 +1,296 @@ +Copyright (c) 2015-2025, The ungoogled-chromium Authors +Copyright (c) 2026, The Trivalent Authors +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--- +diff --git a/chrome/browser/chrome_browser_main.cc b/chrome/browser/chrome_browser_main.cc +index d347c428ac..29faea895d 100644 +--- a/chrome/browser/chrome_browser_main.cc ++++ b/chrome/browser/chrome_browser_main.cc +@@ -1214,6 +1214,7 @@ int ChromeBrowserMainParts::PreCreateThreadsImpl() { + if (first_run::IsChromeFirstRun()) { + if (!base::CommandLine::ForCurrentProcess()->HasSwitch(switches::kApp) && + !base::CommandLine::ForCurrentProcess()->HasSwitch(switches::kAppId)) { ++ browser_creator_->AddFirstRunTabs({GURL("chrome://trivalent-faq")}); + browser_creator_->AddFirstRunTabs(master_prefs_->new_tabs); + } + } +diff --git a/chrome/browser/ui/webui/chrome_web_ui_configs.cc b/chrome/browser/ui/webui/chrome_web_ui_configs.cc +index d185bfdfbb..7e66f32eb3 100644 +--- a/chrome/browser/ui/webui/chrome_web_ui_configs.cc ++++ b/chrome/browser/ui/webui/chrome_web_ui_configs.cc +@@ -48,6 +48,7 @@ + #include "chrome/browser/ui/webui/signin_internals_ui.h" + #include "chrome/browser/ui/webui/sync_internals/sync_internals_ui.h" + #include "chrome/browser/ui/webui/translate_internals/translate_internals_ui.h" ++#include "chrome/browser/ui/webui/trivalent_faq.h" + #include "chrome/browser/ui/webui/usb_internals/usb_internals_ui.h" + #include "chrome/browser/ui/webui/user_actions/user_actions_ui.h" + #include "chrome/browser/ui/webui/version/version_ui.h" +@@ -274,6 +275,7 @@ void RegisterChromeWebUIConfigs() { + map.AddWebUIConfig(std::make_unique()); + map.AddWebUIConfig(std::make_unique()); + map.AddWebUIConfig(std::make_unique()); ++ map.AddWebUIConfig(std::make_unique()); + map.AddWebUIConfig(std::make_unique()); + map.AddWebUIConfig(std::make_unique()); + map.AddWebUIConfig(std::make_unique()); +diff --git a/chrome/common/webui_url_constants.cc b/chrome/common/webui_url_constants.cc +index f96fccfbc2..a058283fb5 100644 +--- a/chrome/common/webui_url_constants.cc ++++ b/chrome/common/webui_url_constants.cc +@@ -74,6 +74,7 @@ bool IsSystemWebUIHost(std::string_view host) { + // These hosts will also be suggested by BuiltinProvider. + base::span ChromeURLHosts() { + static constexpr auto kChromeURLHosts = std::to_array({ ++ "trivalent-faq", + kChromeUIAboutHost, + kChromeUIAccessibilityHost, + kChromeUIActorInternalsHost, +diff --git a/chrome/browser/ui/webui/trivalent_faq.h b/chrome/browser/ui/webui/trivalent_faq.h +new file mode 100644 +--- /dev/null ++++ b/chrome/browser/ui/webui/trivalent_faq.h +@@ -0,0 +1,218 @@ ++#ifndef CHROME_BROWSER_UI_WEBUI_TRIVALENT_FAQ_H_ ++#define CHROME_BROWSER_UI_WEBUI_TRIVALENT_FAQ_H_ ++ ++#include "base/memory/ref_counted_memory.h" ++#include "chrome/browser/profiles/profile.h" ++#include "content/public/browser/url_data_source.h" ++#include "content/public/browser/web_ui.h" ++#include "content/public/browser/web_ui_controller.h" ++#include "content/public/browser/webui_config.h" ++#include "services/network/public/mojom/content_security_policy.mojom.h" ++ ++class TFDataSource : public content::URLDataSource { ++ public: ++ TFDataSource() {} ++ TFDataSource(const TFDataSource&) = delete; ++ TFDataSource& operator=(const TFDataSource&) = delete; ++ std::string GetSource() { return "trivalent-faq"; } ++ std::string GetMimeType(const GURL& url) { return "text/html"; } ++ bool IsWebUIEnabled(content::BrowserContext* browser_context) { ++ return !Profile::FromBrowserContext(browser_context)->IsOffTheRecord(); ++ } ++ std::string GetContentSecurityPolicy(network::mojom::CSPDirectiveName directive) { ++ if (directive == network::mojom::CSPDirectiveName::DefaultSrc) ++ return "default-src 'none';"; ++ else if (directive == network::mojom::CSPDirectiveName::StyleSrc) ++ return "style-src-elem chrome: 'unsafe-inline';"; ++ else if (directive == network::mojom::CSPDirectiveName::FontSrc) ++ return "font-src chrome:;"; ++ else if (directive == network::mojom::CSPDirectiveName::FormAction) ++ return "form-action 'none';"; ++ else if (directive == network::mojom::CSPDirectiveName::FrameAncestors) ++ return "frame-ancestors 'none';"; ++ else if (directive == network::mojom::CSPDirectiveName::BaseURI) ++ return "base-uri 'none';"; ++ else if (directive == network::mojom::CSPDirectiveName::Sandbox) ++ return "sandbox;"; ++ else if (directive == network::mojom::CSPDirectiveName::UpgradeInsecureRequests) ++ return "upgrade-insecure-requests;"; ++ return std::string(); ++ } ++ void StartDataRequest(const GURL& url, ++ const content::WebContents::Getter& wc_getter, ++ GotDataCallback callback) { ++ std::string source = R"( ++Trivalent FAQ ++ ++ ++ ++
++

Trivalent

++ Trivalent is a security-focused, Chromium-based browser for desktop Linux inspired by ++ Vanadium. ++

++ This page can always be accessed from chrome://trivalent-faq ++

++
++

Additional Preferences

++ Some of the features Trivalent provides can be controlled via preferences. ++ These preferences can be accessed in the security settings ++ in the section titled Hardening at the bottom. ++ Some additional preferences are also added for convenience, such as a website dark mode toggle in ++ appearance settings. ++

++
++

FAQ

++
Which filters are included in Trivalent adblocking? How do I add a new filter?
++ Trivalent comes preloaded with EasyList, EasyPrivacy, Fanboy Annoyance, and a wide set of ++ regional filter lists covering Europe, Asia, the Middle East, and more. It also includes ++ Anti-Adblock Filters to bypass detection. You can see the full list here: ++ Trivalent filter sources. ++ Since these filters are precompiled at build time, if you want to add a new filter, please open an issue or submit a pull ++ request in the same repository. ++
++
Why aren't YouTube ads blocked, and how can I watch YouTube without ads?
++ Trivalent's subresource filter cannot perform script injection or observe and alter what happens ++ inside YouTube's video player, so it can't reliably intercept the scripts and dynamic behavior ++ YouTube uses to serve ads. To avoid ads, you need a tool capable of doing that. Common options ++ are FreeTube Electron Flatpak, ++ Pipeline Piped proxy Flatpak, ++ and the YouTube PWA (progressive web-app) paired with uBlock Origin Lite. Consider creating a ++ separate profile for the Youtube PWA, so you can continue browsing extensionless for your ++ usual profile.
++ To install a PWA, click the Install button in the address bar, or at the top right, ++ click the three dots, then Save and Share -> Install page as app. ++
++
Why does Trivalent log me out of all sites by default?
++ It shouldn't, but this is a bug related to Chromium's Network Service Sandbox where cookies are ++ either cleared or become inaccessible when the browser is closed. If you experience this, ++ navigate to security settings, at the bottom you will ++ see a Hardening section and within it a toggle Network Service Sandbox, ++ flip this to off and restarting your browser. ++

++ Please note that the Network Service Sandbox is no longer enabled by default. Users ++ should keep in mind that enabling this setting may result in issues with cookie persistence. ++ Also note that this is a global toggle, which means that all of your browser profiles will be ++ affected if the setting is toggled. ++
++
Why don't extensions work in Trivalent?
++ Extensions in Trivalent are disabled by default, for security reasons, it is not advised to ++ use them. If you want content/ad blocking, that is already built into Trivalent and enabled by ++ default. If you require extensions, you can re-enable them by disabling the ++ Disable Extensions toggle under ++ chrome://settings/security, then restarting your browser ++ (this toggle is per-profile). ++

++ If the extension you installed doesn't work, it may be because it requires JavaScript ++ Just-In-Time Compilation (JIT), which is disabled by default in Trivalent. To re-enable JavaScript JIT ++ for an extension, visit chrome://extensions, under the extension with the issues, go ++ Details -> Site Settings, then scroll to ++ JavaScript Optimization & Security and flip to allow. ++ If the extension continues to not work, try reinstalling the extension. ++
++
Why don't some websites that require JIT/WebAssembly work in Trivalent even with the JavaScript Optimizations toggle enabled?
++ This is an upstream bug that prevents JavaScript Optimization settings from being applied to ++ iframes embedded within a parent website. As a result, WebAssembly may not function on services ++ that use a separate URL for their content delivery network or other included domains, such as ++ VSCode Web (https://github.dev). To make VSCode Web work properly, you need to ++ manually allow JavaScript optimizations for the CDN by adding ++ https://[*.]vscode-cdn.net to your list of trusted websites. ++

++ There is also currently a bug where the Optimizations permission doesn't apply to a tab even ++ after reloading, only after closing and re-opening the tab does the optimizations toggle ++ properly apply. ++
++
Why doesn't DRM content (Spotify, Netflix etc.) work in Trivalent by default?
++ DRM-protected content is available in Trivalent, however it is disabled by default. Visit ++ chrome://settings/content/protectedContent ++ and select Sites can play protected content. ++
++
++
++

Additional Feature Toggles

++ Trivalent introduces some extra flags and features that can be viewed at ++ chrome://flags. The default state of each flag/feature ++ is explained in it's respective description. Some are features already present in chromium, ++ just exposed, and some are Trivalent-provided features. Both of these are labeled as such. ++

++
++

Additional Links

++ Read the secureblue FAQ. ++

++ Consider contributing to Trivalent and secureblue. ++

++)"; ++ std::move(callback).Run(base::MakeRefCounted(std::move(source))); ++ } ++}; ++ ++class TrivalentFAQ; ++class TrivalentFAQUIConfig : public content::DefaultWebUIConfig { ++ public: ++ TrivalentFAQUIConfig() : DefaultWebUIConfig("chrome", "trivalent-faq") {} ++}; ++ ++class TrivalentFAQ : public content::WebUIController { ++ public: ++ TrivalentFAQ(content::WebUI* web_ui) : content::WebUIController(web_ui) { ++ content::URLDataSource::Add(Profile::FromWebUI(web_ui), std::make_unique()); ++ } ++ TrivalentFAQ(const TrivalentFAQ&) = delete; ++ TrivalentFAQ& operator=(const TrivalentFAQ&) = delete; ++}; ++ ++#endif // CHROME_BROWSER_UI_WEBUI_TRIVALENT_FAQ_H_