From d6df32e1c847ec034883e109aa3cd56eac4585bb Mon Sep 17 00:00:00 2001
From: Antoine Martin <dev@ayakael.net>
Date: Wed, 26 Feb 2025 20:07:41 -0500
Subject: [PATCH] backports/element-desktop: upgrade to 1.11.93

---
 backports/element-desktop/APKBUILD            | 13 +--
 .../element-desktop/tasje-no-fuses.patch      | 81 +++++++++----------
 2 files changed, 44 insertions(+), 50 deletions(-)

diff --git a/backports/element-desktop/APKBUILD b/backports/element-desktop/APKBUILD
index 3254990..841fa3e 100644
--- a/backports/element-desktop/APKBUILD
+++ b/backports/element-desktop/APKBUILD
@@ -1,14 +1,15 @@
 # Contributor: lauren n. liberda <lauren@selfisekai.rocks>
 maintainer="lauren n. liberda <lauren@selfisekai.rocks>"
 pkgname=element-desktop
-pkgver=1.11.89
+pkgver=1.11.93
 pkgrel=0
 pkgdesc="Secure and independent communication, connected via Matrix"
 url="https://element.io/"
 arch="aarch64 x86_64" # same as electron
 license="GPL-3.0-only"
+_electronver=33
 depends="
-	electron
+	electron~$_electronver
 	font-inconsolata
 	font-inter
 	font-nunito
@@ -17,7 +18,7 @@ depends="
 	"
 makedepends="
 	cargo
-	electron-dev
+	electron-dev~$_electronver
 	electron-tasje
 	jq
 	libsecret-dev
@@ -154,12 +155,12 @@ package() {
 }
 
 sha512sums="
-3b382492694a036ab8e05e904f23e49d7126bf5842ab4b86183bb71e3ca3503bbe997a4e26c5ee2298740f0894e5f26d6dc31deb5f18caf9d4f78d30e1a591c8  element-desktop-1.11.89.tar.gz
-55e4abf74bd19a06071d16a1e5d1130fc06c8937626e880bf54263598b7ad06311b164e3aa21dc2494b932e9e299f261030226744d746927b44b93b7831fd08b  element-web-1.11.89.tar.gz
+cf9c32bce22ecde504beed6532a59faa6133a362c8379fd615ecb1e3b6ad7fdf51b6a77e8a044a2a9b9f25946ec70245006137b2954c2a941ea172832637f337  element-desktop-1.11.93.tar.gz
+1b058ee70d7a7858d40b0b24311e90fb0f51d4ff82f6efb2566ba57c33864c852898ace2223ccaf6eb60de12c469fe5facfe0588617134f430b9361e815689ef  element-web-1.11.93.tar.gz
 4747893ed3e43d3074e9afe1cdd668a6be0de073d439205fe8c38c5e0f4091cc76e3cd15d98818bea5139add29501d8d07e83c58e9da230a4ce5bb538d388f80  add-alpine-targets.patch
 755b17f7b828eb6920c06a6950ad4e14c32c99d22e9c05fcef7a081b5d2034adb03db3958aa5209c99fb7201f4d888c2383fc9864c5e743dd33f8b5c4925acd7  use-system-headers.patch
 92e69817fdc71f60c5c7dcbd3c7b13428cc18141cf5f27720326390f6817bec85fb1c60f8016b3a8fa275f601b16f646cda12b5e379a349368eef2f801b4de7a  tasje-one-hak.patch
-876d40639305d5258089069a01e218a2f14c32efccc3130f06398e8b4cd63bc740909162954a58ee11b909dc5b3e87c3383d73727aa13aa2d7093c9c63f04057  tasje-no-fuses.patch
+a1399662bdbe5e7256d31f7bdc05070e7009d70113699856b025a1d5ab1d9b8bf1020072a08255d4eddab0874044131dec296f98a91ba5c12ca61948b1d18dbe  tasje-no-fuses.patch
 ec635fde026f7fce8e8cc57960b5b9dcec4418416d4867ed47711422d48f068bb58a3c9ceb7715efc9c177beca3788da6b0babc9b689ea8c0724a0395f2b85f8  no-source-maps.patch.web
 aaf46476bac403aa5204aa265fcf0654fad4c149fd74d0ec4273c051a5549943384cae3cdd62c5b78fdedfed55c11ecceb898b886e44165cbe7e30953a095cf9  use-system-fonts.patch.web
 afc588311dc3b566a754e3e7fe6b37b99a06d47b8bbce0ed9acca8ef308fdab0bd1d41b406199e5cbdd86bdce695ff847cd8668857a235cbdc292ad8b899c063  element-desktop
diff --git a/backports/element-desktop/tasje-no-fuses.patch b/backports/element-desktop/tasje-no-fuses.patch
index efbfc52..72c515f 100644
--- a/backports/element-desktop/tasje-no-fuses.patch
+++ b/backports/element-desktop/tasje-no-fuses.patch
@@ -3,57 +3,50 @@ and we can't import them here, since they are in devDependencies, which are unin
 
 --- ./electron-builder.ts.orig
 +++ ./electron-builder.ts
-@@ -1,8 +1,7 @@
- import * as os from "os";
- import * as fs from "fs";
- import * as path from "path";
--import { Arch, Configuration as BaseConfiguration, AfterPackContext } from "electron-builder";
--import { flipFuses, FuseVersion, FuseV1Options } from "@electron/fuses";
+@@ -2,8 +2,7 @@
+ import * as fs from "node:fs";
+ import * as path from "node:path";
+ import * as plist from "plist";
+-import { AfterPackContext, Arch, Configuration as BaseConfiguration, Platform } from "electron-builder";
+-import { computeData } from "app-builder-lib/out/asar/integrity";
 +import { Configuration as BaseConfiguration } from "electron-builder";
+ import { readFile, writeFile } from "node:fs/promises";
  
  /**
-  * This script has different outputs depending on your os platform.
-@@ -54,43 +53,6 @@
- const config: Writable<Configuration> = {
-     appId: "im.riot.app",
-     asarUnpack: "**/*.node",
--    afterPack: async (context: AfterPackContext) => {
--        if (context.electronPlatformName !== "darwin" || context.arch === Arch.universal) {
--            // Burn in electron fuses for proactive security hardening.
--            // On macOS, we only do this for the universal package, as the constituent arm64 and amd64 packages are embedded within.
--            const ext = (<Record<string, string>>{
--                darwin: ".app",
--                win32: ".exe",
--                linux: "",
--            })[context.electronPlatformName];
+@@ -46,26 +45,6 @@
+     } & BaseConfiguration["deb"];
+ }
+ 
+-async function injectAsarIntegrity(context: AfterPackContext) {
+-    const packager = context.packager;
 -
--            let executableName = context.packager.appInfo.productFilename;
--            if (context.electronPlatformName === "linux") {
--                // Linux uses the package name as the executable name
--                executableName = context.packager.appInfo.name;
--            }
+-    // We only need to re-generate asar on universal Mac builds, due to https://github.com/electron/universal/issues/116
+-    if (packager.platform !== Platform.MAC || context.arch !== Arch.universal) return;
 -
--            const electronBinaryPath = path.join(context.appOutDir, `${executableName}${ext}`);
--            console.log(`Flipping fuses for: ${electronBinaryPath}`);
+-    const resourcesPath = packager.getResourcesDir(context.appOutDir);
+-    const asarIntegrity = await computeData({
+-        resourcesPath,
+-        resourcesRelativePath: "Resources",
+-        resourcesDestinationPath: resourcesPath,
+-        extraResourceMatchers: [],
+-    });
 -
--            await flipFuses(electronBinaryPath, {
--                version: FuseVersion.V1,
--                resetAdHocDarwinSignature: context.electronPlatformName === "darwin" && context.arch === Arch.universal,
+-    const plistPath = path.join(resourcesPath, "..", "Info.plist");
+-    const data = plist.parse(await readFile(plistPath, "utf8")) as unknown as Writable<plist.PlistObject>;
+-    data["ElectronAsarIntegrity"] = asarIntegrity as unknown as Writable<plist.PlistValue>;
+-    await writeFile(plistPath, plist.build(data));
+-}
 -
--                [FuseV1Options.EnableCookieEncryption]: true,
--                [FuseV1Options.OnlyLoadAppFromAsar]: true,
--
--                [FuseV1Options.RunAsNode]: false,
--                [FuseV1Options.EnableNodeOptionsEnvironmentVariable]: false,
--                [FuseV1Options.EnableNodeCliInspectArguments]: false,
--
--                // Mac app crashes on arm for us when `LoadBrowserProcessSpecificV8Snapshot` is enabled
--                [FuseV1Options.LoadBrowserProcessSpecificV8Snapshot]: false,
--                // https://github.com/electron/fuses/issues/7
--                [FuseV1Options.EnableEmbeddedAsarIntegrityValidation]: false,
--            });
--        }
+ /**
+  * @type {import('electron-builder').Configuration}
+  * @see https://www.electron.build/configuration/configuration
+@@ -89,9 +68,6 @@
+ 
+         loadBrowserProcessSpecificV8Snapshot: false,
+         enableEmbeddedAsarIntegrityValidation: true,
 -    },
+-    afterPack: async (context: AfterPackContext) => {
+-        await injectAsarIntegrity(context);
+     },
      files: [
          "package.json",
-         "lib/**",
-- 
2.49.1