diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index d5b09027026c..8851889ef566 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -8974,12 +8974,6 @@
githubId = 8641;
name = "Pierre Carrier";
};
- pengmeiyu = {
- email = "pengmyu@gmail.com";
- github = "pmeiyu";
- githubId = 8529551;
- name = "Peng Mei Yu";
- };
penguwin = {
email = "penguwin@penguwin.eu";
github = "penguwin";
@@ -9255,6 +9249,12 @@
githubId = 178496;
name = "Philipp Middendorf";
};
+ pmy = {
+ email = "pmy@xqzp.net";
+ github = "pmeiyu";
+ githubId = 8529551;
+ name = "Peng Mei Yu";
+ };
pmyjavec = {
email = "pauly@myjavec.com";
github = "pmyjavec";
diff --git a/nixos/lib/qemu-common.nix b/nixos/lib/qemu-common.nix
index 1a1f7531feb0..f3af85040bd6 100644
--- a/nixos/lib/qemu-common.nix
+++ b/nixos/lib/qemu-common.nix
@@ -22,7 +22,7 @@ rec {
else throw "Unknown QEMU serial device for system '${pkgs.stdenv.hostPlatform.system}'";
qemuBinary = qemuPkg: {
- x86_64-linux = "${qemuPkg}/bin/qemu-kvm -cpu max";
+ x86_64-linux = "${qemuPkg}/bin/qemu-kvm -cpu qemu64";
armv7l-linux = "${qemuPkg}/bin/qemu-system-arm -enable-kvm -machine virt -cpu host";
aarch64-linux = "${qemuPkg}/bin/qemu-system-aarch64 -enable-kvm -machine virt,gic-version=host -cpu host";
powerpc64le-linux = "${qemuPkg}/bin/qemu-system-ppc64 -machine powernv";
diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix
index 5b379505608a..ff4225dc29ad 100644
--- a/nixos/modules/hardware/video/nvidia.nix
+++ b/nixos/modules/hardware/video/nvidia.nix
@@ -179,7 +179,7 @@ in
in mkIf enabled {
assertions = [
{
- assertion = with config.services.xserver.displayManager; gdm.nvidiaWayland -> cfg.modesetting.enable;
+ assertion = with config.services.xserver.displayManager; (gdm.enable && gdm.nvidiaWayland) -> cfg.modesetting.enable;
message = "You cannot use wayland with GDM without modesetting enabled for NVIDIA drivers, set `hardware.nvidia.modesetting.enable = true`";
}
diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index f392ca52566f..273ed95e1bce 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -351,6 +351,7 @@ in
hqplayer = 319;
moonraker = 320;
distcc = 321;
+ webdav = 322;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@@ -656,6 +657,7 @@ in
hqplayer = 319;
moonraker = 320;
distcc = 321;
+ webdav = 322;
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal
diff --git a/nixos/modules/misc/locate.nix b/nixos/modules/misc/locate.nix
index 3638bebed931..461a2aa5a946 100644
--- a/nixos/modules/misc/locate.nix
+++ b/nixos/modules/misc/locate.nix
@@ -84,12 +84,15 @@ in {
"bdev"
"binfmt"
"binfmt_misc"
+ "ceph"
"cgroup"
+ "cgroup2"
"cifs"
"coda"
"configfs"
"cramfs"
"cpuset"
+ "curlftpfs"
"debugfs"
"devfs"
"devpts"
@@ -101,6 +104,13 @@ in {
"ftpfs"
"fuse"
"fusectl"
+ "fusesmb"
+ "fuse.ceph"
+ "fuse.glusterfs"
+ "fuse.gvfsd-fuse"
+ "fuse.mfs"
+ "fuse.rclone"
+ "fuse.rozofs"
"fuse.sshfs"
"gfs"
"gfs2"
@@ -110,9 +120,15 @@ in {
"iso9660"
"jffs2"
"lustre"
+ "lustre_lite"
"misc"
+ "mfs"
"mqueue"
"ncpfs"
+ "nfs"
+ "NFS"
+ "nfs4"
+ "nfsd"
"nnpfs"
"ocfs"
"ocfs2"
@@ -127,16 +143,14 @@ in {
"smbfs"
"sockfs"
"spufs"
- "nfs"
- "NFS"
- "nfs4"
- "nfsd"
"sshfs"
"subfs"
"supermount"
"sysfs"
"tmpfs"
+ "tracefs"
"ubifs"
+ "udev"
"udf"
"usbfs"
"vboxsf"
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 9eca0b8d65f2..1d51fca02fbf 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -685,6 +685,7 @@
./services/network-filesystems/diod.nix
./services/network-filesystems/u9fs.nix
./services/network-filesystems/webdav.nix
+ ./services/network-filesystems/webdav-server-rs.nix
./services/network-filesystems/yandex-disk.nix
./services/network-filesystems/xtreemfs.nix
./services/network-filesystems/ceph.nix
diff --git a/nixos/modules/security/acme.xml b/nixos/modules/security/acme.xml
index 8249da948c6d..bf93800a0af4 100644
--- a/nixos/modules/security/acme.xml
+++ b/nixos/modules/security/acme.xml
@@ -253,7 +253,7 @@ chmod 400 /var/lib/secrets/certs.secret
- Now you're all set to generate certs! You should monitor the first invokation
+ Now you're all set to generate certs! You should monitor the first invocation
by running systemctl start acme-example.com.service &
journalctl -fu acme-example.com.service and watching its log output.
diff --git a/nixos/modules/services/network-filesystems/webdav-server-rs.nix b/nixos/modules/services/network-filesystems/webdav-server-rs.nix
new file mode 100644
index 000000000000..1c5c299cb673
--- /dev/null
+++ b/nixos/modules/services/network-filesystems/webdav-server-rs.nix
@@ -0,0 +1,144 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let
+ cfg = config.services.webdav-server-rs;
+ format = pkgs.formats.toml { };
+ settings = recursiveUpdate
+ {
+ server.uid = config.users.users."${cfg.user}".uid;
+ server.gid = config.users.groups."${cfg.group}".gid;
+ }
+ cfg.settings;
+in
+{
+ options = {
+ services.webdav-server-rs = {
+ enable = mkEnableOption "WebDAV server";
+
+ user = mkOption {
+ type = types.str;
+ default = "webdav";
+ description = "User to run under when setuid is not enabled.";
+ };
+
+ group = mkOption {
+ type = types.str;
+ default = "webdav";
+ description = "Group to run under when setuid is not enabled.";
+ };
+
+ settings = mkOption {
+ type = format.type;
+ default = { };
+ description = ''
+ Attrset that is converted and passed as config file. Available
+ options can be found at
+ here.
+ '';
+ example = literalExpression ''
+ {
+ server.listen = [ "0.0.0.0:4918" "[::]:4918" ];
+ accounts = {
+ auth-type = "htpasswd.default";
+ acct-type = "unix";
+ };
+ htpasswd.default = {
+ htpasswd = "/etc/htpasswd";
+ };
+ location = [
+ {
+ route = [ "/public/*path" ];
+ directory = "/srv/public";
+ handler = "filesystem";
+ methods = [ "webdav-ro" ];
+ autoindex = true;
+ auth = "false";
+ }
+ {
+ route = [ "/user/:user/*path" ];
+ directory = "~";
+ handler = "filesystem";
+ methods = [ "webdav-rw" ];
+ autoindex = true;
+ auth = "true";
+ setuid = true;
+ }
+ ];
+ }
+ '';
+ };
+
+ configFile = mkOption {
+ type = types.path;
+ default = format.generate "webdav-server.toml" settings;
+ defaultText = "Config file generated from services.webdav-server-rs.settings";
+ description = ''
+ Path to config file. If this option is set, it will override any
+ configuration done in services.webdav-server-rs.settings.
+ '';
+ example = "/etc/webdav-server.toml";
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ assertions = [
+ {
+ assertion = hasAttr cfg.user config.users.users && config.users.users."${cfg.user}".uid != null;
+ message = "users.users.${cfg.user} and users.users.${cfg.user}.uid must be defined.";
+ }
+ {
+ assertion = hasAttr cfg.group config.users.groups && config.users.groups."${cfg.group}".gid != null;
+ message = "users.groups.${cfg.group} and users.groups.${cfg.group}.gid must be defined.";
+ }
+ ];
+
+ users.users = optionalAttrs (cfg.user == "webdav") {
+ webdav = {
+ description = "WebDAV user";
+ group = cfg.group;
+ uid = config.ids.uids.webdav;
+ };
+ };
+
+ users.groups = optionalAttrs (cfg.group == "webdav") {
+ webdav.gid = config.ids.gids.webdav;
+ };
+
+ systemd.services.webdav-server-rs = {
+ description = "WebDAV server";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ ExecStart = "${pkgs.webdav-server-rs}/bin/webdav-server -c ${cfg.configFile}";
+
+ CapabilityBoundingSet = [
+ "CAP_SETUID"
+ "CAP_SETGID"
+ ];
+
+ NoExecPaths = [ "/" ];
+ ExecPaths = [ "/nix/store" ];
+
+ # This program actively detects if it is running in root user account
+ # when it starts and uses root privilege to switch process uid to
+ # respective unix user when a user logs in. Maybe we can enable
+ # DynamicUser in the future when it's able to detect CAP_SETUID and
+ # CAP_SETGID capabilities.
+
+ NoNewPrivileges = true;
+ PrivateDevices = true;
+ PrivateTmp = true;
+ ProtectClock = true;
+ ProtectControlGroups = true;
+ ProtectKernelLogs = true;
+ ProtectKernelModules = true;
+ ProtectKernelTunables = true;
+ ProtectSystem = true;
+ };
+ };
+ };
+
+ meta.maintainers = with maintainers; [ pmy ];
+}
diff --git a/nixos/modules/services/network-filesystems/webdav.nix b/nixos/modules/services/network-filesystems/webdav.nix
index 4086a0f5d562..a810af40fd47 100644
--- a/nixos/modules/services/network-filesystems/webdav.nix
+++ b/nixos/modules/services/network-filesystems/webdav.nix
@@ -80,13 +80,13 @@ in
users.users = mkIf (cfg.user == "webdav") {
webdav = {
description = "WebDAV daemon user";
- isSystemUser = true;
group = cfg.group;
+ uid = config.ids.uids.webdav;
};
};
users.groups = mkIf (cfg.group == "webdav") {
- webdav = { };
+ webdav.gid = config.ids.gids.webdav;
};
systemd.services.webdav = {
@@ -103,5 +103,5 @@ in
};
};
- meta.maintainers = with maintainers; [ pengmeiyu ];
+ meta.maintainers = with maintainers; [ pmy ];
}
diff --git a/pkgs/applications/audio/gmu/default.nix b/pkgs/applications/audio/gmu/default.nix
index b2b9f5e34750..cc2b46cd6ace 100644
--- a/pkgs/applications/audio/gmu/default.nix
+++ b/pkgs/applications/audio/gmu/default.nix
@@ -1,4 +1,4 @@
-{lib, stdenv, fetchurl, SDL, SDL_gfx, SDL_image, tremor, flac, mpg123, libmikmod
+{lib, stdenv, fetchurl, fetchpatch, SDL, SDL_gfx, SDL_image, tremor, flac, mpg123, libmikmod
, speex, ncurses
, keymap ? "default"
, conf ? "unknown"
@@ -13,6 +13,24 @@ stdenv.mkDerivation rec {
sha256 = "03x0mc0xw2if0bpf0a15yprcyx1xccki039zvl2099dagwk6xskv";
};
+ patches = [
+ # pull pending upstream inclusion fix for ncurses-6.3:
+ # https://github.com/jhe2/gmu/pull/7
+ (fetchpatch {
+ name = "ncurses-6.3.patch";
+ url = "https://github.com/jhe2/gmu/commit/c8b3a10afee136feb333754ef6ec26383b11072f.patch";
+ sha256 = "0xp2j3jp8pkmv6yvnzi378m2dylbfsaqrsrkw7hbxw6kglzj399r";
+ })
+
+ # pull upstream fix for -fno-common toolchains like
+ # upstream gcc-10 of clang-13.
+ (fetchpatch {
+ name = "fno-common.patch";
+ url = "https://github.com/jhe2/gmu/commit/b705209f08ddfda141ad358ccd0c3d2d099be5e6.patch";
+ sha256 = "1ci2b8kz3r58rzmivlfhqjmcgqwlkwlzzhnyxlk36vmk240a3gqq";
+ })
+ ];
+
buildInputs = [ SDL SDL_gfx SDL_image tremor flac mpg123 libmikmod speex ncurses ];
makeFlags = [ "PREFIX=$(out)" ];
diff --git a/pkgs/applications/blockchains/ledger-live-desktop/default.nix b/pkgs/applications/blockchains/ledger-live-desktop/default.nix
index eb44dc219b66..55d928e6072f 100644
--- a/pkgs/applications/blockchains/ledger-live-desktop/default.nix
+++ b/pkgs/applications/blockchains/ledger-live-desktop/default.nix
@@ -2,12 +2,12 @@
let
pname = "ledger-live-desktop";
- version = "2.35.1";
+ version = "2.35.2";
name = "${pname}-${version}";
src = fetchurl {
url = "https://github.com/LedgerHQ/${pname}/releases/download/v${version}/${pname}-${version}-linux-x86_64.AppImage";
- hash = "sha256:0z60c4sjq63r5rs95rbv7afliia05l1p9bgfd5zv7i51qxgzfs4a";
+ hash = "sha256-VJr1H6YcPtCzm6FeFA+rNANvYUQ3wZQalI9RdSv68cI=";
};
appimageContents = appimageTools.extractType2 {
diff --git a/pkgs/applications/editors/lifeograph/default.nix b/pkgs/applications/editors/lifeograph/default.nix
new file mode 100644
index 000000000000..b998b02f50da
--- /dev/null
+++ b/pkgs/applications/editors/lifeograph/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, lib, fetchgit, pkg-config, meson, ninja
+, enchant, gtkmm3, libchamplain, libgcrypt }:
+
+stdenv.mkDerivation rec {
+ pname = "lifeograph";
+ version = "2.0.2";
+
+ src = fetchgit {
+ url = "https://git.launchpad.net/lifeograph";
+ # Specific commit hash related to version
+ rev = "d635bbb30011c0d33c33643e6fa5c006f98ed7d6";
+ sha256 = "0j9wn5bj7cbfnmyyx7ikx961sksv50agnb53prymldbsq43rfgnq";
+ };
+
+ nativeBuildInputs = [
+ meson
+ ninja
+ pkg-config
+ ];
+
+ buildInputs = [
+ libgcrypt
+ enchant
+ gtkmm3
+ libchamplain
+ ];
+
+ postInstall = ''
+ substituteInPlace $out/share/applications/net.sourceforge.Lifeograph.desktop \
+ --replace "Exec=" "Exec=$out/bin/"
+ '';
+
+ meta = with lib; {
+ homepage = "http://lifeograph.sourceforge.net/wiki/Main_Page";
+ description = "Lifeograph is an off-line and private journal and note taking application";
+ license = licenses.gpl3Only;
+ maintainers = with maintainers; [ wolfangaukang ];
+ platforms = platforms.linux;
+ };
+}
diff --git a/pkgs/applications/graphics/gscan2pdf/default.nix b/pkgs/applications/graphics/gscan2pdf/default.nix
index 4f76af0afb4f..e9c624d3c965 100644
--- a/pkgs/applications/graphics/gscan2pdf/default.nix
+++ b/pkgs/applications/graphics/gscan2pdf/default.nix
@@ -10,11 +10,11 @@ with lib;
perlPackages.buildPerlPackage rec {
pname = "gscan2pdf";
- version = "2.12.3";
+ version = "2.12.4";
src = fetchurl {
url = "mirror://sourceforge/gscan2pdf/${version}/${pname}-${version}.tar.xz";
- sha256 = "tdXTcoI7DnrBsXtXR0r07hz0lDcAjZJad+o4wwxHcOk=";
+ sha256 = "sha256-UrBt0QkSk7IP4mZYFoxFNJQ1Qmcb53CemvlYfsxjZ/s=";
};
nativeBuildInputs = [ wrapGAppsHook ];
diff --git a/pkgs/applications/misc/noice/default.nix b/pkgs/applications/misc/noice/default.nix
index 73648d896d08..e67346c51715 100644
--- a/pkgs/applications/misc/noice/default.nix
+++ b/pkgs/applications/misc/noice/default.nix
@@ -12,6 +12,12 @@ stdenv.mkDerivation rec {
sha256 = "0975j4m93s9a21pazwdzn4gqhkngwq7q6ghp0q8a75r6c4fb7aar";
};
+ postPatch = ''
+ # Add support for ncurses-6.3. Can be dropped with 0.9 release.
+ # Fixed upstream at: https://git.2f30.org/noice/commit/53c35e6b340b7c135038e00057a198f03cb7d7cf.html
+ substituteInPlace noice.c --replace 'printw(str);' 'printw("%s", str);'
+ '';
+
configFile = optionalString (conf!=null) (builtins.toFile "config.def.h" conf);
preBuild = optionalString (conf!=null) "cp ${configFile} config.def.h";
diff --git a/pkgs/applications/misc/solaar/default.nix b/pkgs/applications/misc/solaar/default.nix
index 75d617bceeb5..e4e149df0ec8 100644
--- a/pkgs/applications/misc/solaar/default.nix
+++ b/pkgs/applications/misc/solaar/default.nix
@@ -13,13 +13,13 @@
# logitech-udev-rules instead of adding this to services.udev.packages on NixOS
python3Packages.buildPythonApplication rec {
pname = "solaar";
- version = "1.0.7";
+ version = "1.1.0";
src = fetchFromGitHub {
owner = "pwr-Solaar";
repo = "Solaar";
rev = version;
- sha256 = "sha256-RQ7iSiw/0xbPOYhuHg4cQpuJyRcaigWKVw4Jt12T9Uw=";
+ sha256 = "sha256-rNz296pKw2/WaryxHekWHSAS1jdTviZxXDgO/L/PJCU=";
};
nativeBuildInputs = [ wrapGAppsHook gdk-pixbuf ];
diff --git a/pkgs/applications/misc/viking/default.nix b/pkgs/applications/misc/viking/default.nix
index 72c0fefd4e6c..cca8032e1834 100644
--- a/pkgs/applications/misc/viking/default.nix
+++ b/pkgs/applications/misc/viking/default.nix
@@ -14,11 +14,11 @@
stdenv.mkDerivation rec {
pname = "viking";
- version = "1.9";
+ version = "1.10";
src = fetchurl {
url = "mirror://sourceforge/viking/viking-${version}.tar.bz2";
- sha256 = "0fybpy6k0vmjp231h5ckysl3c0rcnh2afznijwq6y78j4hywyjpy";
+ sha256 = "sha256-lFXIlfmLwT3iS9ayNM0PHV7NwbBotMvG62ZE9hJuRaw=";
};
nativeBuildInputs = [ docbook_xml_dtd_45 docbook_xsl intltool itstool libxslt pkg-config wrapGAppsHook yelp-tools ];
diff --git a/pkgs/applications/networking/instant-messengers/alfaview/default.nix b/pkgs/applications/networking/instant-messengers/alfaview/default.nix
new file mode 100644
index 000000000000..52754e3ad529
--- /dev/null
+++ b/pkgs/applications/networking/instant-messengers/alfaview/default.nix
@@ -0,0 +1,78 @@
+{ stdenv, lib, fetchurl, dpkg, autoPatchelfHook, makeWrapper
+, alsa-lib, dbus, fontconfig, freetype, glib, gst_all_1, libGL
+, libinput, libpulseaudio, libsecret, libtiff, libxkbcommon
+, mesa, openssl, systemd, xorg }:
+
+stdenv.mkDerivation rec {
+ pname = "alfaview";
+ version = "8.32.0";
+
+ src = fetchurl {
+ url = "https://production-alfaview-assets.alfaview.com/stable/linux/${pname}_${version}.deb";
+ sha256 = "sha256-cBf/9MdNXhFRYPAOhQQ8j3rpY4JYh/+NyA7Eji9/E9Q=";
+ };
+
+ nativeBuildInputs = [
+ dpkg
+ makeWrapper
+ autoPatchelfHook
+ ];
+
+ buildInputs = [
+ alsa-lib
+ dbus
+ fontconfig
+ freetype
+ glib
+ gst_all_1.gst-plugins-bad
+ gst_all_1.gst-plugins-base
+ libGL
+ libinput
+ libpulseaudio
+ libsecret
+ libtiff
+ libxkbcommon
+ mesa
+ openssl
+ stdenv.cc.cc
+ systemd
+ xorg.libX11
+ xorg.xcbutilwm
+ xorg.xcbutilimage
+ xorg.xcbutilkeysyms
+ xorg.xcbutilrenderutil
+ ];
+
+ libPath = lib.makeLibraryPath buildInputs;
+
+ dontBuild = true;
+ dontConfigure = true;
+
+ unpackPhase = ''
+ dpkg-deb -x ${src} ./
+ '';
+
+ installPhase = ''
+ runHook preInstall
+
+ mv usr $out
+ mv opt $out
+
+ substituteInPlace $out/share/applications/alfaview.desktop \
+ --replace "/opt/alfaview" "$out/bin" \
+ --replace "/usr/share/pixmaps/alfaview_production.png" alfaview_production
+
+ makeWrapper $out/opt/alfaview/alfaview $out/bin/alfaview \
+ --prefix LD_LIBRARY_PATH : ${libPath}
+
+ runHook postInstall
+ '';
+
+ meta = with lib; {
+ description = "Video-conferencing application, specialized in virtual online meetings, seminars, training sessions and conferences";
+ homepage = "https://alfaview.com";
+ license = licenses.unfree;
+ maintainers = with maintainers; [ wolfangaukang ];
+ platforms = [ "x86_64-linux" ];
+ };
+}
diff --git a/pkgs/applications/science/robotics/betaflight-configurator/default.nix b/pkgs/applications/science/robotics/betaflight-configurator/default.nix
index 2fafa2ebf875..3331877e1f2c 100644
--- a/pkgs/applications/science/robotics/betaflight-configurator/default.nix
+++ b/pkgs/applications/science/robotics/betaflight-configurator/default.nix
@@ -13,10 +13,10 @@ let
in
stdenv.mkDerivation rec {
inherit pname;
- version = "10.7.0";
+ version = "10.7.1";
src = fetchurl {
url = "https://github.com/betaflight/${pname}/releases/download/${version}/${pname}_${version}_linux64.zip";
- sha256 = "07r60n9422g5sm7x5b62p044cp961l51vx0s8ig2hy24s74hkam1";
+ sha256 = "sha256-mMjy7Ve7wEmPxkAmux0WahUgJ86ylnWZP4smDZeBs8Q=";
};
nativeBuildInputs = [ wrapGAppsHook unzip ];
diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix
index e229825718cd..875318e762ea 100644
--- a/pkgs/applications/virtualization/qemu/default.nix
+++ b/pkgs/applications/virtualization/qemu/default.nix
@@ -1,7 +1,7 @@
{ lib, stdenv, fetchurl, fetchpatch, python, zlib, pkg-config, glib
, perl, pixman, vde2, alsa-lib, texinfo, flex
, bison, lzo, snappy, libaio, libtasn1, gnutls, nettle, curl, ninja, meson, sigtool
-, makeWrapper
+, makeWrapper, runtimeShell
, attr, libcap, libcap_ng
, CoreServices, Cocoa, Hypervisor, rez, setfile
, numaSupport ? stdenv.isLinux && !stdenv.isAarch32, numactl
@@ -229,10 +229,13 @@ stdenv.mkDerivation rec {
# Add a ‘qemu-kvm’ wrapper for compatibility/convenience.
postInstall = ''
+ cp -- $emitKvmWarningsPath $out/libexec/emit-kvm-warnings
+ chmod a+x -- $out/libexec/emit-kvm-warnings
if [ -x $out/bin/qemu-system-${stdenv.hostPlatform.qemuArch} ]; then
makeWrapper $out/bin/qemu-system-${stdenv.hostPlatform.qemuArch} \
$out/bin/qemu-kvm \
- --add-flags "\$([ -e /dev/kvm ] && echo -enable-kvm)"
+ --run $out/libexec/emit-kvm-warnings \
+ --add-flags "\$([ -r /dev/kvm -a -w /dev/kvm ] && echo -enable-kvm)"
fi
'';
@@ -243,6 +246,26 @@ stdenv.mkDerivation rec {
# Builds in ~3h with 2 cores, and ~20m with a big-parallel builder.
requiredSystemFeatures = [ "big-parallel" ];
+ emitKvmWarnings = ''
+ #!${runtimeShell}
+ WARNCOL='\033[1;35m'
+ NEUTRALCOL='\033[0m'
+ WARNING="''${WARNCOL}warning:''${NEUTRALCOL}"
+ if [ ! -e /dev/kvm ]; then
+ echo -e "''${WARNING} KVM is not available - execution will be slow" >&2
+ echo "Consider installing KVM for hardware-accelerated execution." >&2
+ echo "If KVM is already installed make sure the kernel module is loaded." >&2
+ elif [ ! -r /dev/kvm -o ! -w /dev/kvm ]; then
+ echo -e "''${WARNING} /dev/kvm is not read-/writable - execution will be slow" >&2
+ echo "/dev/kvm needs to be read-/writable by the user executing QEMU." >&2
+ echo "" >&2
+ echo "For hardware-acceleration inside the nix build sandbox /dev/kvm" >&2
+ echo "must be world-read-/writable (rw-rw-rw-)." >&2
+ fi
+ '';
+
+ passAsFile = [ "emitKvmWarnings" ];
+
meta = with lib; {
homepage = "http://www.qemu.org/";
description = "A generic and open source machine emulator and virtualizer";
diff --git a/pkgs/data/misc/rime-data/default.nix b/pkgs/data/misc/rime-data/default.nix
index 371a07d3ec1a..fbf65bc12a9f 100644
--- a/pkgs/data/misc/rime-data/default.nix
+++ b/pkgs/data/misc/rime-data/default.nix
@@ -61,6 +61,6 @@ stdenv.mkDerivation {
# rime-cantonese
cc-by-40
];
- maintainers = [ maintainers.pengmeiyu ];
+ maintainers = with maintainers; [ pmy ];
};
}
diff --git a/pkgs/development/interpreters/clojure/babashka.nix b/pkgs/development/interpreters/clojure/babashka.nix
index 5e7731b69039..3b7f611f2c9b 100644
--- a/pkgs/development/interpreters/clojure/babashka.nix
+++ b/pkgs/development/interpreters/clojure/babashka.nix
@@ -2,11 +2,11 @@
buildGraalvmNativeImage rec {
pname = "babashka";
- version = "0.6.5";
+ version = "0.6.7";
src = fetchurl {
url = "https://github.com/babashka/${pname}/releases/download/v${version}/${pname}-${version}-standalone.jar";
- sha256 = "sha256-72D/HzDIxkGD4zTPE9gHf/uFtboLbNnT7CTslSlAqjc=";
+ sha256 = "sha256-e5Mq2fPYqsPEENVGO+gBz9K79KcKOykdDtItjcXU/DI=";
};
executable = "bb";
diff --git a/pkgs/development/libraries/arrow-cpp/default.nix b/pkgs/development/libraries/arrow-cpp/default.nix
index 574ba3b12501..55efb99b8bd0 100644
--- a/pkgs/development/libraries/arrow-cpp/default.nix
+++ b/pkgs/development/libraries/arrow-cpp/default.nix
@@ -238,4 +238,7 @@ stdenv.mkDerivation rec {
platforms = platforms.unix;
maintainers = with maintainers; [ tobim veprbl cpcloud ];
};
+ passthru = {
+ inherit enableFlight enableJemalloc enableS3 enableGcs;
+ };
}
diff --git a/pkgs/development/libraries/gstreamer/bad/default.nix b/pkgs/development/libraries/gstreamer/bad/default.nix
index de6ccd153780..8c6a8b056781 100644
--- a/pkgs/development/libraries/gstreamer/bad/default.nix
+++ b/pkgs/development/libraries/gstreamer/bad/default.nix
@@ -105,7 +105,6 @@ stdenv.mkDerivation rec {
patches = [
# Use pkgconfig to inject the includedirs
./fix_pkgconfig_includedir.patch
- ] ++ lib.optionals stdenv.isDarwin [
# Fix “error: cannot initialize a parameter of type 'unsigned long *' with an rvalue of type 'typename std::remove_reference::type *' (aka 'volatile unsigned long *')” on Darwin.
(fetchpatch {
url = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/commit/640a65bf966df065d41a511e2d76d1f26a2e770c.patch";
diff --git a/pkgs/development/libraries/opencl-clhpp/default.nix b/pkgs/development/libraries/opencl-clhpp/default.nix
index b6aa71491680..8410aa4aa063 100644
--- a/pkgs/development/libraries/opencl-clhpp/default.nix
+++ b/pkgs/development/libraries/opencl-clhpp/default.nix
@@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "opencl-clhpp";
- version = "2.0.12";
+ version = "2.0.15";
src = fetchFromGitHub {
owner = "KhronosGroup";
repo = "OpenCL-CLHPP";
rev = "v${version}";
- sha256 = "04g3mg2cpbi048fxxkghra81bpxzqr4r3gspx5mvqipx1lzypsci";
+ sha256 = "sha256-A12GdevbMaO2QkGAk3VsXzwcDkF+6dEapse2xfdqzPM=";
};
nativeBuildInputs = [ cmake python3 ];
diff --git a/pkgs/development/libraries/science/astronomy/indilib/default.nix b/pkgs/development/libraries/science/astronomy/indilib/default.nix
index 0ab4c8cd6ca6..2ac1ba9536f6 100644
--- a/pkgs/development/libraries/science/astronomy/indilib/default.nix
+++ b/pkgs/development/libraries/science/astronomy/indilib/default.nix
@@ -15,13 +15,13 @@
stdenv.mkDerivation rec {
pname = "indilib";
- version = "1.9.2";
+ version = "1.9.3";
src = fetchFromGitHub {
owner = "indilib";
repo = "indi";
rev = "v${version}";
- sha256 = "sha256-5MaN1aNyHpZzKwQPUpp9NYRh7i+lx1N70+J1gczdtAE=";
+ sha256 = "sha256-Ik62kbOetA2vSMpnwrSiNRNJqOgmqlCB2+KNhpBo9TA=";
};
nativeBuildInputs = [
diff --git a/pkgs/development/libraries/science/astronomy/indilib/indi-full.nix b/pkgs/development/libraries/science/astronomy/indilib/indi-full.nix
index 5cdd4c4b2b26..a20c92dfaeba 100644
--- a/pkgs/development/libraries/science/astronomy/indilib/indi-full.nix
+++ b/pkgs/development/libraries/science/astronomy/indilib/indi-full.nix
@@ -1,12 +1,12 @@
{ stdenv, lib, callPackage, fetchFromGitHub, indilib }:
let
- indi-version = "1.9.2";
+ indi-version = "1.9.3";
indi-3rdparty-src = fetchFromGitHub {
owner = "indilib";
repo = "indi-3rdparty";
rev = "v${indi-version}";
- sha256 = "sha256-dpuJ/J5gc+kAklbvMjsWic9jusXWB4gUcT8E/1eSLXQ=";
+ sha256 = "sha256-TBccdheBEO48uIXd6tya6dytkzxaHg2+YancBkcL3bw=";
};
indi-firmware = callPackage ./indi-firmware.nix {
version = indi-version;
diff --git a/pkgs/development/libraries/science/chemistry/cppe/default.nix b/pkgs/development/libraries/science/chemistry/cppe/default.nix
index 51083e5a2ae9..9781ce780660 100644
--- a/pkgs/development/libraries/science/chemistry/cppe/default.nix
+++ b/pkgs/development/libraries/science/chemistry/cppe/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchFromGitHub, cmake }:
+{ stdenv, lib, fetchFromGitHub, cmake, llvmPackages }:
stdenv.mkDerivation rec {
pname = "cppe";
@@ -11,7 +11,8 @@ stdenv.mkDerivation rec {
sha256 = "sha256-guM7+ZWDJLcAUJtPkKLvC4LYSA2eBvER7cgwPZ7FxHw=";
};
- nativeBuildInputs = [ cmake ];
+ nativeBuildInputs = [ cmake ]
+ ++ lib.optionals stdenv.cc.isClang [ llvmPackages.openmp ];
cmakeFlags = [ "-DCMAKE_INSTALL_LIBDIR=lib" ];
diff --git a/pkgs/development/python-modules/cppe/default.nix b/pkgs/development/python-modules/cppe/default.nix
index df00bd8dd120..52031bab74f7 100644
--- a/pkgs/development/python-modules/cppe/default.nix
+++ b/pkgs/development/python-modules/cppe/default.nix
@@ -1,5 +1,6 @@
{ buildPythonPackage
, lib
+, stdenv
, cmake
, cppe
, eigen
@@ -12,6 +13,7 @@
, pandas
, polarizationsolver
, pytest
+, llvmPackages
}:
buildPythonPackage rec {
@@ -31,7 +33,12 @@ buildPythonPackage rec {
dontUseCmakeConfigure = true;
- buildInputs = [ pybind11 ];
+ buildInputs = [ pybind11 ]
+ ++ lib.optional stdenv.cc.isClang llvmPackages.openmp;
+
+ NIX_CFLAGS_LINK = lib.optional stdenv.cc.isClang "-lomp";
+
+ hardeningDisable = lib.optional stdenv.cc.isClang "strictoverflow";
checkInputs = [
pytest
diff --git a/pkgs/development/python-modules/ipympl/default.nix b/pkgs/development/python-modules/ipympl/default.nix
index 4075ae5d1909..ff4880e49f9e 100644
--- a/pkgs/development/python-modules/ipympl/default.nix
+++ b/pkgs/development/python-modules/ipympl/default.nix
@@ -1,21 +1,22 @@
{ lib
, buildPythonPackage
, fetchPypi
+, ipykernel
, ipywidgets
-, matplotlib
-, jupyter-packaging
}:
buildPythonPackage rec {
pname = "ipympl";
- version = "0.8.0";
+ version = "0.8.2";
+ format = "wheel";
src = fetchPypi {
- inherit pname version;
- sha256 = "ef5d21820ed88a8bd6efddb884c333d0eaea7f2f7d4b3054e6d386b07a36dd9d";
+ inherit pname version format;
+ sha256 = "0509gzm5557lyxx8k3qqgp14ifnmfx796cfc8f592mv97pxkyibl";
};
- propagatedBuildInputs = [ ipywidgets matplotlib jupyter-packaging ];
+
+ propagatedBuildInputs = [ ipykernel ipywidgets ];
# There are no unit tests in repository
doCheck = false;
@@ -24,7 +25,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Matplotlib Jupyter Extension";
homepage = "https://github.com/matplotlib/jupyter-matplotlib";
- maintainers = with maintainers; [ jluttine ];
+ maintainers = with maintainers; [ jluttine fabiangd ];
license = licenses.bsd3;
};
}
diff --git a/pkgs/development/python-modules/pyarrow/default.nix b/pkgs/development/python-modules/pyarrow/default.nix
index 7360cab01f37..9c74f0a5ea6a 100644
--- a/pkgs/development/python-modules/pyarrow/default.nix
+++ b/pkgs/development/python-modules/pyarrow/default.nix
@@ -17,7 +17,11 @@ buildPythonPackage rec {
checkInputs = [ hypothesis pandas pytestCheckHook pytest-lazy-fixture ];
PYARROW_BUILD_TYPE = "release";
+
+ PYARROW_WITH_DATASET = true;
+ PYARROW_WITH_FLIGHT = _arrow-cpp.enableFlight;
PYARROW_WITH_PARQUET = true;
+
PYARROW_CMAKE_OPTIONS = [
"-DCMAKE_INSTALL_RPATH=${ARROW_HOME}/lib"
@@ -25,9 +29,13 @@ buildPythonPackage rec {
# ourselves
"-DCMAKE_POLICY_DEFAULT_CMP0025=NEW"
];
+
ARROW_HOME = _arrow-cpp;
PARQUET_HOME = _arrow-cpp;
+ ARROW_TEST_DATA = lib.optionalString doCheck _arrow-cpp.ARROW_TEST_DATA;
+
+ doCheck = true;
dontUseCmakeConfigure = true;
preBuild = ''
@@ -62,6 +70,6 @@ buildPythonPackage rec {
homepage = "https://arrow.apache.org/";
license = licenses.asl20;
platforms = platforms.unix;
- maintainers = with maintainers; [ veprbl ];
+ maintainers = with maintainers; [ veprbl cpcloud ];
};
}
diff --git a/pkgs/development/python-modules/requests-toolbelt/default.nix b/pkgs/development/python-modules/requests-toolbelt/default.nix
index 5a87d0a0e05b..3ad219025a92 100644
--- a/pkgs/development/python-modules/requests-toolbelt/default.nix
+++ b/pkgs/development/python-modules/requests-toolbelt/default.nix
@@ -24,7 +24,9 @@ buildPythonPackage rec {
# disabled tests access the network
py.test tests -k "not test_no_content_length_header \
and not test_read_file \
- and not test_reads_file_from_url_wrapper"
+ and not test_reads_file_from_url_wrapper \
+ and not test_x509_der \
+ and not test_x509_pem"
'';
meta = {
diff --git a/pkgs/development/tools/protoc-gen-twirp/default.nix b/pkgs/development/tools/protoc-gen-twirp/default.nix
index 363dfcaed612..663fa37b62c9 100644
--- a/pkgs/development/tools/protoc-gen-twirp/default.nix
+++ b/pkgs/development/tools/protoc-gen-twirp/default.nix
@@ -2,13 +2,13 @@
buildGoPackage rec {
pname = "protoc-gen-twirp";
- version = "8.1.0";
+ version = "8.1.1";
src = fetchFromGitHub {
owner = "twitchtv";
repo = "twirp";
rev = "v${version}";
- sha256 = "sha256-ezSNrDfOE1nj4FlX7E7Z7/eGfQw1B7NP34aj8ml5pDk=";
+ sha256 = "sha256-PnL7jgxAx/Xk/wajtQ+Q1G9KLes2NVANF2YmBcGFqe0=";
};
goPackagePath = "github.com/twitchtv/twirp";
diff --git a/pkgs/games/keen4/builder.sh b/pkgs/games/keen4/builder.sh
deleted file mode 100644
index f39edc789995..000000000000
--- a/pkgs/games/keen4/builder.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/usr/bin/env bash
-
-set -o nounset
-
-# shellcheck source=/dev/null
-source "${stdenv}/setup"
-
-mkdir -p "${out}/share/keen4"
-unzip -j "$dist" -d "${out}/share/keen4"
-
-mkdir -p "${out}/bin"
-cat > "${out}/bin/keen4" < $out/bin/keen4 <
+Date: Mon, 1 Nov 2021 07:51:10 +0000
+Subject: [PATCH:gptfdisk] gptcurses.cc: always use "%s"-style format for printf()-style
+ functions
+
+`ncuses-6.3` added printf-style function attributes and now makes
+it easier to catch cases when user input is used in palce of format
+string when built with CFLAGS=-Werror=format-security:
+
+ gptcurses.cc:274:10: error:
+ format not a string literal and no format arguments [-Werror=format-security]
+ 274 | printw(theLine.c_str());
+ | ~~~~~~^~~~~~~~~~~~~~~~~
+
+Let's wrap all the missing places with "%s" format.
+---
+ gptcurses.cc | 24 ++++++++++++------------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+--- a/gptcurses.cc
++++ b/gptcurses.cc
+@@ -239,22 +239,22 @@ Space* GPTDataCurses::ShowSpace(int spaceNum, int lineNum) {
+ ClearLine(lineNum);
+ if (space->partNum == -1) { // space is empty
+ move(lineNum, 12);
+- printw(BytesToIeee((space->lastLBA - space->firstLBA + 1), blockSize).c_str());
++ printw("%s", BytesToIeee((space->lastLBA - space->firstLBA + 1), blockSize).c_str());
+ move(lineNum, 24);
+ printw("free space");
+ } else { // space holds a partition
+ move(lineNum, 3);
+ printw("%d", space->partNum + 1);
+ move(lineNum, 12);
+- printw(BytesToIeee((space->lastLBA - space->firstLBA + 1), blockSize).c_str());
++ printw("%s", BytesToIeee((space->lastLBA - space->firstLBA + 1), blockSize).c_str());
+ move(lineNum, 24);
+- printw(space->origPart->GetTypeName().c_str());
++ printw("%s", space->origPart->GetTypeName().c_str());
+ move(lineNum, 50);
+ #ifdef USE_UTF16
+ space->origPart->GetDescription().extract(0, 39, temp, 39);
+- printw(temp);
++ printw("%s", temp);
+ #else
+- printw(space->origPart->GetDescription().c_str());
++ printw("%s", space->origPart->GetDescription().c_str());
+ #endif
+ } // if/else
+ } // if
+@@ -271,10 +271,10 @@ int GPTDataCurses::DisplayParts(int selected) {
+
+ move(lineNum++, 0);
+ theLine = "Part. # Size Partition Type Partition Name";
+- printw(theLine.c_str());
++ printw("%s", theLine.c_str());
+ move(lineNum++, 0);
+ theLine = "----------------------------------------------------------------";
+- printw(theLine.c_str());
++ printw("%s", theLine.c_str());
+ numToShow = LINES - RESERVED_TOP - RESERVED_BOTTOM;
+ pageNum = selected / numToShow;
+ for (i = pageNum * numToShow; i <= (pageNum + 1) * numToShow - 1; i++) {
+@@ -636,7 +636,7 @@ void GPTDataCurses::DisplayOptions(char selectedKey) {
+ } // if/else
+ } // for
+ move(LINES - 1, (COLS - optionDesc.length()) / 2);
+- printw(optionDesc.c_str());
++ printw("%s", optionDesc.c_str());
+ currentKey = selectedKey;
+ } // if
+ } // GPTDataCurses::DisplayOptions()
+@@ -748,11 +748,11 @@ void GPTDataCurses::DrawMenu(void) {
+
+ clear();
+ move(0, (COLS - title.length()) / 2);
+- printw(title.c_str());
++ printw("%s", title.c_str());
+ move(2, (COLS - drive.length()) / 2);
+- printw(drive.c_str());
++ printw("%s", drive.c_str());
+ move(3, (COLS - size.str().length()) / 2);
+- printw(size.str().c_str());
++ printw("%s", size.str().c_str());
+ DisplayParts(currentSpaceNum);
+ } // DrawMenu
+
+@@ -802,7 +802,7 @@ void PromptToContinue(void) {
+ void Report(string theText) {
+ clear();
+ move(0, 0);
+- printw(theText.c_str());
++ printw("%s", theText.c_str());
+ move(LINES - 2, (COLS - 29) / 2);
+ printw("Press any key to continue....");
+ cbreak();
diff --git a/pkgs/tools/virtualization/linode-cli/default.nix b/pkgs/tools/virtualization/linode-cli/default.nix
index 3faddb498ba9..e47898276d67 100644
--- a/pkgs/tools/virtualization/linode-cli/default.nix
+++ b/pkgs/tools/virtualization/linode-cli/default.nix
@@ -11,10 +11,10 @@
}:
let
- sha256 = "1hhbwyhw6nmzb2a88papfca5rjavav6srcnvmbni5l6ln79pgqj7";
+ sha256 = "1kvlf9qcl0i7g24s9f2pj25msmlj0cjicjwrnnc65q8qkmk2br9q";
# specVersion taken from: https://www.linode.com/docs/api/openapi.yaml at `info.version`.
- specVersion = "4.107.0";
- specSha256 = "1z260w0517k3sgd2ygzwzkhq5w9rbkls69mnl84501fpd2nx7qvi";
+ specVersion = "4.108.0";
+ specSha256 = "17n9wjd0hpkzc2bvsawdvl8hc5285r0n19xq59h4amqb2fhp676w";
spec = fetchurl {
url = "https://raw.githubusercontent.com/linode/linode-api-docs/v${specVersion}/openapi.yaml";
sha256 = specSha256;
@@ -24,7 +24,7 @@ in
buildPythonApplication rec {
pname = "linode-cli";
- version = "5.11.1";
+ version = "5.12.0";
src = fetchFromGitHub {
owner = "linode";
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 08fc6d18d0b4..bcc4e11a20c7 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -3242,6 +3242,8 @@ with pkgs;
libxnd = callPackage ../development/libraries/libxnd { };
+ lifeograph = callPackage ../applications/editors/lifeograph { };
+
link-grammar = callPackage ../tools/text/link-grammar { };
linuxptp = callPackage ../os-specific/linux/linuxptp { };
@@ -21710,6 +21712,8 @@ with pkgs;
webdav = callPackage ../servers/webdav { };
+ webdav-server-rs = callPackage ../servers/webdav-server-rs { };
+
webmetro = callPackage ../servers/webmetro { };
wsdd = callPackage ../servers/wsdd { };
@@ -23996,6 +24000,8 @@ with pkgs;
alembic = callPackage ../development/libraries/alembic {};
+ alfaview = callPackage ../applications/networking/instant-messengers/alfaview { };
+
alchemy = callPackage ../applications/graphics/alchemy { };
alock = callPackage ../misc/screensavers/alock { };
diff --git a/pkgs/top-level/nixpkgs-basic-release-checks.nix b/pkgs/top-level/nixpkgs-basic-release-checks.nix
index 350dd273fe2e..758c8bf06c36 100644
--- a/pkgs/top-level/nixpkgs-basic-release-checks.nix
+++ b/pkgs/top-level/nixpkgs-basic-release-checks.nix
@@ -36,6 +36,7 @@ pkgs.runCommand "nixpkgs-release-checks" { src = nixpkgs; buildInputs = [nix]; }
nix-env -f $src \
--show-trace --argstr system "$platform" \
--arg config '{ allowAliases = false; }' \
+ --option experimental-features 'no-url-literals' \
-qa --drv-path --system-filter \* --system \
"''${opts[@]}" 2>&1 >/dev/null | tee eval-warnings.log
@@ -48,6 +49,7 @@ pkgs.runCommand "nixpkgs-release-checks" { src = nixpkgs; buildInputs = [nix]; }
nix-env -f $src \
--show-trace --argstr system "$platform" \
--arg config '{ allowAliases = false; }' \
+ --option experimental-features 'no-url-literals' \
-qa --drv-path --system-filter \* --system --meta --xml \
"''${opts[@]}" > /dev/null
done