Merge master into staging-next

This commit is contained in:
github-actions[bot] 2022-03-04 18:01:19 +00:00 committed by GitHub
commit 437813752b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
51 changed files with 465 additions and 3171 deletions

View file

@ -6350,6 +6350,12 @@
githubId = 37185887;
name = "Calvin Kim";
};
keldu = {
email = "mail@keldu.de";
github = "keldu";
githubId = 15373888;
name = "Claudius Holeksa";
};
kennyballou = {
email = "kb@devnulllabs.io";
github = "kennyballou";
@ -10982,6 +10988,12 @@
githubId = 19472270;
name = "Sebastian";
};
sebastianblunt = {
name = "Sebastian Blunt";
email = "nix@sebastianblunt.com";
github = "sebastianblunt";
githubId = 47431204;
};
sebbadk = {
email = "sebastian@sebba.dk";
github = "SEbbaDK";

View file

@ -120,6 +120,13 @@
<link xlink:href="options.html#opt-services.heisenbridge.enable">services.heisenbridge</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://snowflake.torproject.org/">snowflake-proxy</link>,
a system to defeat internet censorship. Available as
<link xlink:href="options.html#opt-services.snowflake-proxy.enable">services.snowflake-proxy</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://ergo.chat">ergochat</link>, a modern

View file

@ -37,6 +37,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- [heisenbridge](https://github.com/hifi/heisenbridge), a bouncer-style Matrix IRC bridge. Available as [services.heisenbridge](options.html#opt-services.heisenbridge.enable).
- [snowflake-proxy](https://snowflake.torproject.org/), a system to defeat internet censorship. Available as [services.snowflake-proxy](options.html#opt-services.snowflake-proxy.enable).
- [ergochat](https://ergo.chat), a modern IRC with IRCv3 features. Available as [services.ergochat](options.html#opt-services.ergochat.enable).
- [PowerDNS-Admin](https://github.com/ngoduykhanh/PowerDNS-Admin), a web interface for the PowerDNS server. Available at [services.powerdns-admin](options.html#opt-services.powerdns-admin.enable).

View file

@ -877,6 +877,7 @@
./services/networking/shorewall6.nix
./services/networking/shout.nix
./services/networking/sniproxy.nix
./services/networking/snowflake-proxy.nix
./services/networking/smartdns.nix
./services/networking/smokeping.nix
./services/networking/softether.nix

View file

@ -518,7 +518,7 @@ let
auth optional ${pkgs.pam_gnupg}/lib/security/pam_gnupg.so ${optionalString cfg.gnupg.storeOnly " store-only"}
'' +
optionalString cfg.googleAuthenticator.enable ''
auth required ${pkgs.googleAuthenticator}/lib/security/pam_google_authenticator.so no_increment_hotp
auth required ${pkgs.google-authenticator}/lib/security/pam_google_authenticator.so no_increment_hotp
'' +
optionalString cfg.duoSecurity.enable ''
auth required ${pkgs.duo-unix}/lib/security/pam_duo.so

View file

@ -0,0 +1,81 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.snowflake-proxy;
in
{
options = {
services.snowflake-proxy = {
enable = mkEnableOption "System to defeat internet censorship";
broker = mkOption {
description = "Broker URL (default \"https://snowflake-broker.torproject.net/\")";
type = with types; nullOr str;
default = null;
};
capacity = mkOption {
description = "Limits the amount of maximum concurrent clients allowed.";
type = with types; nullOr int;
default = null;
};
relay = mkOption {
description = "websocket relay URL (default \"wss://snowflake.bamsoftware.com/\")";
type = with types; nullOr str;
default = null;
};
stun = mkOption {
description = "STUN broker URL (default \"stun:stun.stunprotocol.org:3478\")";
type = with types; nullOr str;
default = null;
};
};
};
config = mkIf cfg.enable {
systemd.services.snowflake-proxy = {
wantedBy = [ "network-online.target" ];
serviceConfig = {
ExecStart =
"${pkgs.snowflake}/bin/proxy " + concatStringsSep " " (
optional (cfg.broker != null) "-broker ${cfg.broker}"
++ optional (cfg.capacity != null) "-capacity ${builtins.toString cfg.capacity}"
++ optional (cfg.relay != null) "-relay ${cfg.relay}"
++ optional (cfg.stun != null) "-stun ${cfg.stun}"
);
# Security Hardening
# Refer to systemd.exec(5) for option descriptions.
CapabilityBoundingSet = "";
# implies RemoveIPC=, PrivateTmp=, NoNewPrivileges=, RestrictSUIDSGID=,
# ProtectSystem=strict, ProtectHome=read-only
DynamicUser = true;
LockPersonality = true;
PrivateDevices = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectProc = "invisible";
ProtectKernelModules = true;
ProtectKernelTunables = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
RestrictNamespaces = true;
RestrictRealtime = true;
SystemCallArchitectures = "native";
SystemCallFilter = "~@clock @cpu-emulation @debug @mount @obsolete @reboot @swap @privileged @resources";
UMask = "0077";
};
};
};
meta.maintainers = with maintainers; [ yayayayaka ];
}

View file

@ -39,20 +39,12 @@ in
'';
};
useKernelOOMKiller= mkOption {
type = types.bool;
default = false;
description = ''
Use kernel OOM killer instead of own user-space implementation.
'';
};
# TODO: remove or warn after 1.7 (https://github.com/rfjakob/earlyoom/commit/7ebc4554)
ignoreOOMScoreAdjust = mkOption {
type = types.bool;
default = false;
description = ''
Ignore oom_score_adjust values of processes.
User-space implementation only.
'';
};
@ -87,16 +79,21 @@ in
};
};
imports = [
(mkRemovedOptionModule [ "services" "earlyoom" "useKernelOOMKiller" ] ''
This option is deprecated and ignored by earlyoom since 1.2.
'')
];
config = mkIf ecfg.enable {
assertions = [
{ assertion = ecfg.freeMemThreshold > 0 && ecfg.freeMemThreshold <= 100;
message = "Needs to be a positive percentage"; }
{ assertion = ecfg.freeSwapThreshold > 0 && ecfg.freeSwapThreshold <= 100;
message = "Needs to be a positive percentage"; }
{ assertion = !ecfg.useKernelOOMKiller || !ecfg.ignoreOOMScoreAdjust;
message = "Both options in conjunction do not make sense"; }
];
# TODO: reimplement this option as -N after 1.7 (https://github.com/rfjakob/earlyoom/commit/afe03606)
warnings = optional (ecfg.notificationsCommand != null)
"`services.earlyoom.notificationsCommand` is deprecated and ignored by earlyoom since 1.6.";
@ -107,15 +104,13 @@ in
serviceConfig = {
StandardOutput = "null";
StandardError = "journal";
ExecStart = ''
${pkgs.earlyoom}/bin/earlyoom \
-m ${toString ecfg.freeMemThreshold} \
-s ${toString ecfg.freeSwapThreshold} \
${optionalString ecfg.useKernelOOMKiller "-k"} \
${optionalString ecfg.ignoreOOMScoreAdjust "-i"} \
${optionalString ecfg.enableDebugInfo "-d"} \
${optionalString ecfg.enableNotifications "-n"}
'';
ExecStart = concatStringsSep " " ([
"${pkgs.earlyoom}/bin/earlyoom"
"-m ${toString ecfg.freeMemThreshold}"
"-s ${toString ecfg.freeSwapThreshold}"
] ++ optional ecfg.ignoreOOMScoreAdjust "-i"
++ optional ecfg.enableDebugInfo "-d"
++ optional ecfg.enableNotifications "-n");
};
};

View file

@ -14,17 +14,17 @@ let
archive_fmt = if stdenv.isDarwin then "zip" else "tar.gz";
sha256 = {
x86_64-linux = "0gv71l9cidkbbv7b1dsfyn7lnlwcmjds9qx6nrh7alymdm1xa2xr";
x86_64-darwin = "1is795040xb3l23crblwf056wsvsi4dip3lkwhlblhkpsl0048f1";
aarch64-linux = "186dy6h3krc6fqvmh1nay1dk5109kl9p25kx37jkbzf2qhnpibm8";
aarch64-darwin = "04xc5fy4wcplfrigbm624dpzxd2m4rkq979xr1i57p3d20i96s6g";
armv7l-linux = "1k7bfmrfw16zpn33p7ycxpp6g9xh8aypmf61nrkx2jn99nxy5d3s";
x86_64-linux = "04lyih67vcf2hficvlv1r25k8k48n9x15sbqrfp1syzhy5i4zch3";
x86_64-darwin = "0460mh1ah9hswn8ihais5hzvz453r36ay2bb3hy3z1grfs3s5blk";
aarch64-linux = "1db2r4ja0srya2lw900l4mk24xva00kf7vxajcb7q0rab4cpfr3n";
aarch64-darwin = "04c43ibbarsqdm1wcsmsi9rnfsl3lyq638d3j0dj94xifk0v61j9";
armv7l-linux = "1qzi2biy5mjbxdgcakzmid68ykq6vrgj4lqmz0jk3g46r4kpnrgd";
}.${system};
in
callPackage ./generic.nix rec {
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
version = "1.64.2";
version = "1.65.0";
pname = "vscode";
executableName = "code" + lib.optionalString isInsiders "-insiders";

View file

@ -13,10 +13,10 @@ let
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
sha256 = {
x86_64-linux = "0ldfp4r7nb9npvjadgj63sd369nqmbgf5y4kpp93slsy1lbs0bk8";
x86_64-darwin = "05z0jx2cc1askzzdxa8vxj8gp0v9rm1jw6005bpmijvyb8s2d30w";
aarch64-linux = "1a5fyxzz51rb0af0wv3xh2h87yq00y5k501p7idqhj0zvd5mpqh6";
armv7l-linux = "05byi0aba516whzry5qkxfkm82sy2dgv1m0hyycmnkb2dwmb552m";
x86_64-linux = "0a38bjkksna7q2lhcm1hgfn189jw3k8svw0jf591bpq7jvknim1v";
x86_64-darwin = "173rhavczm0k9qgrlz68rdvwsmy3ynq2g14shx9gipchr1i0rih5";
aarch64-linux = "00xkhwvxmyiyy9k1vh23sqyib584qafzs1m57xraqq3n8098jrng";
armv7l-linux = "0lqq54hnv4b1m47cya7196cn00jwslcsh5ykicgq0dxljrcawi0y";
}.${system};
sourceRoot = {
@ -31,7 +31,7 @@ in
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
version = "1.64.2";
version = "1.65.0";
pname = "vscodium";
executableName = "codium";

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "limesctl";
version = "2.0.1";
version = "3.0.0";
src = fetchFromGitHub {
owner = "sapcc";
repo = pname;
rev = "v${version}";
sha256 = "sha256-E6LwNiCykBqjkifUSi6oBWqCEhkRO+03HSKn4p45kh0=";
sha256 = "sha256-52Tq6gKozM/IFUyAy8N+YDqlbcFNQw6b2tc268Zco6g=";
};
vendorSha256 = "sha256-SzgiWqPuDZuSH8I9im8r+06E085PWyHwLjwxcaoJgQo=";
vendorSha256 = "sha256-7QEb5J5IaxisKjbulyHq5PGVeKAX022Pz+5OV5qD7Uo=";
subPackages = [ "." ];

View file

@ -19,13 +19,13 @@
stdenv.mkDerivation rec {
pname = "lagrange";
version = "1.10.6";
version = "1.11.1";
src = fetchFromGitHub {
owner = "skyjake";
repo = "lagrange";
rev = "v${version}";
sha256 = "sha256-N4NB4lfWIN+jreAuaaGKRdpgwHy2CKrPrGxu1iSCZyU=";
sha256 = "sha256-RrdD+G8DKOBm0TpmRQg1uMGNFAlAADFeK3h6oyo5RZ4=";
fetchSubmodules = true;
};

View file

@ -4,7 +4,7 @@
, libXext, libXfixes, libXrender, libXtst, libXScrnSaver, nss, nspr, alsa-lib
, cups, expat, libuuid, at-spi2-core, libappindicator-gtk3, mesa
# Runtime dependencies:
, systemd, libnotify, libdbusmenu, libpulseaudio
, systemd, libnotify, libdbusmenu, libpulseaudio, xdg-utils
# Unfortunately this also overwrites the UI language (not just the spell
# checking language!):
, hunspellDicts, spellcheckerLanguage ? null # E.g. "de_DE"
@ -84,6 +84,7 @@ in stdenv.mkDerivation rec {
(lib.getLib systemd)
libnotify
libdbusmenu
xdg-utils
];
unpackPhase = "dpkg-deb -x $src .";
@ -123,6 +124,7 @@ in stdenv.mkDerivation rec {
--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ stdenv.cc.cc ] }"
${customLanguageWrapperArgs}
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--enable-features=UseOzonePlatform --ozone-platform=wayland}}"
--suffix PATH : ${lib.makeBinPath [ xdg-utils ]}
)
# Fix the desktop link

View file

@ -4,20 +4,20 @@
let
pname = "vk-messenger";
version = "5.2.3";
version = "5.3.2";
src = {
i686-linux = fetchurl {
url = "https://desktop.userapi.com/rpm/master/vk-${version}.i686.rpm";
sha256 = "09zi2rzsank6lhw1z9yar1rp634y6qskvr2i0rvqg2fij7cy6w19";
sha256 = "L0nE0zW4LP8udcE8uPy+cH9lLuQsUSq7cF13Gv7w2rI=";
};
x86_64-linux = fetchurl {
url = "https://desktop.userapi.com/rpm/master/vk-${version}.x86_64.rpm";
sha256 = "1m6saanpv1k5wc5s58jpf0wsgjsj7haabx8nycm1fjyhky1chirb";
sha256 = "spDw9cfDSlIuCwOqREsqXC19tx62TiAz9fjIS9lYjSQ=";
};
x86_64-darwin = fetchurl {
url = "https://web.archive.org/web/20210310071550/https://desktop.userapi.com/mac/master/vk.dmg";
sha256 = "0j5qsr0fyl55d0x46xm4h2ykwr4y9z1dsllhqx5lnc15nc051s9b";
url = "https://web.archive.org/web/20220302083827/https://desktop.userapi.com/mac/master/vk.dmg";
sha256 = "hxK8I9sF6njfCxSs1KBCHfnG81JGKUgHKAeFLtuCNe0=";
};
}.${stdenv.system} or (throw "Unsupported system: ${stdenv.system}");

View file

@ -0,0 +1,25 @@
{ lib, stdenv, fetchFromGitHub, htslib, zlib, bzip2, xz, curl, openssl }:
stdenv.mkDerivation rec {
pname = "angsd";
version = "0.937";
src = fetchFromGitHub {
owner = "ANGSD";
repo = "angsd";
sha256 = "1020gh066dprqhfi90ywqzqqnq7awn49wrkkjnizmmab52v00kxs";
rev = "${version}";
};
buildInputs = [ htslib zlib bzip2 xz curl openssl ];
makeFlags = [ "HTSSRC=systemwide" "prefix=$(out)" ];
meta = with lib; {
description = "Program for analysing NGS data";
homepage = "http://www.popgen.dk/angsd";
maintainers = [ maintainers.bzizou ];
license = licenses.gpl2;
};
}

View file

@ -220,6 +220,7 @@ stdenv.mkDerivation rec {
# Add a qemu-kvm wrapper for compatibility/convenience.
postInstall = ''
ln -s $out/libexec/virtiofsd $out/bin
ln -s $out/bin/qemu-system-${stdenv.hostPlatform.qemuArch} $out/bin/qemu-kvm
'';
@ -240,5 +241,6 @@ stdenv.mkDerivation rec {
mainProgram = "qemu-kvm";
maintainers = with maintainers; [ eelco qyliss ];
platforms = platforms.unix;
priority = 10; # Prefer virtiofsd from the virtiofsd package.
};
}

View file

@ -0,0 +1,43 @@
{ lib, stdenv, fetchFromGitLab, python3 }:
let
pythonEnv = python3.withPackages (p: with p; [ dbus-python pygobject3 ]);
in
stdenv.mkDerivation rec {
pname = "krunner-ssh";
version = "1.0";
src = fetchFromGitLab {
owner = "Programie";
repo = "krunner-ssh";
rev = version;
sha256 = "sha256-rFTTvmetDeN6t0axVc+8t1TRiuyPBpwqhvsq2IFxa/A=";
};
postPatch = ''
sed -e "s|Exec=.*|Exec=$out/libexec/runner.py|" -i ssh-runner.service
'';
nativeBuildInputs = [
pythonEnv
];
installPhase = ''
runHook preInstall
patchShebangs runner.py
install -m 0755 -D runner.py $out/libexec/runner.py
install -m 0755 -D ssh-runner.desktop $out/share/kservices5/ssh-runner.desktop
install -m 0755 -D ssh-runner.service $out/share/dbus-1/services/com.selfcoders.ssh-runner.service
runHook postInstall
'';
meta = with lib; {
description = "A simple backend for KRunner providing SSH hosts from your .ssh/known_hosts file as search results";
homepage = "https://selfcoders.com/projects/krunner-ssh";
license = licenses.mit;
maintainers = with maintainers; [ aanderse ];
platforms = platforms.linux;
};
}

View file

@ -161,6 +161,7 @@ let
kwin-dynamic-workspaces = callPackage ./3rdparty/kwin/scripts/dynamic-workspaces.nix { };
kwin-tiling = callPackage ./3rdparty/kwin/scripts/tiling.nix { };
krohnkite = callPackage ./3rdparty/kwin/scripts/krohnkite.nix { };
krunner-ssh = callPackage ./3rdparty/addons/krunner-ssh.nix { };
krunner-symbols = callPackage ./3rdparty/addons/krunner-symbols.nix { };
lightly = callPackage ./3rdparty/lightly { };
parachute = callPackage ./3rdparty/kwin/scripts/parachute.nix { };

View file

@ -3,7 +3,7 @@
let
ocamlDependencies = version:
if lib.versionAtLeast version "4.2"
then with ocaml-ng.ocamlPackages; [
then with ocaml-ng.ocamlPackages_4_12; [
ocaml
findlib
sedlex_2

View file

@ -2,6 +2,9 @@
, fix, menhir, menhirLib, menhirSdk, merlin-extend, ppxlib, utop, cppo, ppx_derivers
}:
lib.throwIfNot (lib.versionOlder ocaml.version "4.13")
"reason is not available for OCaml ${ocaml.version}"
stdenv.mkDerivation rec {
pname = "ocaml${ocaml.version}-reason";
version = "3.7.0";

View file

@ -19,7 +19,6 @@
, grpc
, gtest
, jemalloc
, libnsl
, lz4
, minio
, ninja
@ -39,7 +38,7 @@
, zlib
, zstd
, enableShared ? !stdenv.hostPlatform.isStatic
, enableFlight ? !stdenv.isDarwin # libnsl is not supported on darwin
, enableFlight ? true
, enableJemalloc ? !(stdenv.isAarch64 && stdenv.isDarwin)
# boost/process is broken in 1.69 on darwin, but fixed in 1.70 and
# non-existent in older versions
@ -129,7 +128,6 @@ stdenv.mkDerivation rec {
python3.pkgs.numpy
] ++ lib.optionals enableFlight [
grpc
libnsl
openssl
protobuf
] ++ lib.optionals enableS3 [ aws-sdk-cpp openssl ]

View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "pythia";
version = "8.306";
version = "8.307";
src = fetchurl {
url = "https://pythia.org/download/pythia83/pythia${builtins.replaceStrings ["."] [""] version}.tgz";
sha256 = "sha256-c0gDtyKxwbU8jPLw08MHR8gPwt3l4LoUG8k5fa03qPY=";
sha256 = "sha256-5bFNRKpZQzMuMt1d2poY/dGgCFxxmOKNhA4EFn+mAT0=";
};
nativeBuildInputs = [ rsync ];

View file

@ -124,6 +124,8 @@ stdenv.mkDerivation rec {
mesonFlags = [
"-Dusb-acl-helper-dir=${placeholder "out"}/bin"
"-Dusb-ids-path=${hwdata}/share/hwdata/usb.ids"
] ++ lib.optionals (!withPolkit) [
"-Dpolkit=disabled"
];
meta = with lib; {

View file

@ -19,13 +19,13 @@
stdenv.mkDerivation rec {
pname = "umockdev";
version = "0.17.6";
version = "0.17.7";
outputs = [ "bin" "out" "dev" "devdoc" ];
src = fetchurl {
url = "https://github.com/martinpitt/umockdev/releases/download/${version}/${pname}-${version}.tar.xz";
sha256 = "sha256-X60zN3orHU8lOfRVCfbHTdrleKxB7ILCIGvXSZLdoSk=";
sha256 = "sha256-BdZCoW3QHM4Oue4bpuSFsuwIU1vsZ5pjqVv9TfGNC7U=";
};
nativeBuildInputs = [

View file

@ -666,6 +666,7 @@ with self;
pname = "pythonlib";
hash = "0qr0mh9jiv1ham5zlz9i4im23a1vh6x1yp6dp2db2s4icmfph639";
meta.description = "A library to help writing wrappers around ocaml code for python";
meta.broken = lib.versionAtLeast ocaml.version "4.13";
propagatedBuildInputs = [ ppx_expect ppx_let ppx_python stdio typerep ];
};

View file

@ -1,5 +1,9 @@
{ lib, fetchFromGitHub, buildDunePackage, ocaml, result, ppx_derivers }:
if lib.versionOlder "4.13" ocaml.version
then throw "ocaml-migrate-parsetree-1.8 is not available for OCaml ${ocaml.version}"
else
buildDunePackage rec {
pname = "ocaml-migrate-parsetree";
version = "1.8.0";

View file

@ -5,6 +5,7 @@
, ppxlib
, ppx_derivers
, result
, ounit
, ounit2
, ocaml-migrate-parsetree
, ocaml-migrate-parsetree-2
@ -51,7 +52,9 @@ buildDunePackage rec {
];
doCheck = true;
checkInputs = [ ounit2 ];
checkInputs = [
(if lib.versionAtLeast version "5.2" then ounit2 else ounit)
];
meta = with lib; {
description = "deriving is a library simplifying type-driven code generation on OCaml >=4.02.";

View file

@ -1,6 +1,7 @@
{ stdenv, lib, fetchFromGitHub, ocaml, findlib, ocamlbuild }:
if !lib.versionAtLeast ocaml.version "4.02"
|| lib.versionOlder "4.13" ocaml.version
then throw "wasm is not available for OCaml ${ocaml.version}"
else

View file

@ -1,14 +1,14 @@
{ mkDerivation, fetchurl, makeWrapper, lib, php }:
let
pname = "phpstan";
version = "1.4.6";
version = "1.4.7";
in
mkDerivation {
inherit pname version;
src = fetchurl {
url = "https://github.com/phpstan/phpstan/releases/download/${version}/phpstan.phar";
sha256 = "sha256-h19rFEs7VrdlxGS1qeYJnO5aQaKzpFZTdsN2h3Hmm0w=";
sha256 = "sha256-bsSdFfUVQnbDFH8hO1Z9sHA2w7pMHlLEx1hsgDdCUmE=";
};
dontUnpack = true;

View file

@ -18,7 +18,7 @@
buildPythonPackage rec {
pname = "apscheduler";
version = "3.9.0.post1";
version = "3.9.1";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -26,7 +26,7 @@ buildPythonPackage rec {
src = fetchPypi {
pname = "APScheduler";
inherit version;
hash = "sha256-I22/ckQgD/x5xsC5/30u0Q5+mF839I1KI/QUL0ln3LU=";
hash = "sha256-ZeZXS2OVSY03HQRfKop+T31Qxq0h73MT0VscfPIN8eM=";
};
buildInputs = [

View file

@ -11,11 +11,11 @@
buildPythonPackage rec {
pname = "awkward";
version = "1.7.0";
version = "1.8.0";
src = fetchPypi {
inherit pname version;
sha256 = "e4e642dfe496d2acb245c90e37dc18028e25d5e936421e7371ea6ba0fde6435a";
sha256 = "sha256-ZlX6ItGx0dy5zO4NUCNQq5DFNGehC1QLdiRCK1lNLnI=";
};
nativeBuildInputs = [ cmake ];

View file

@ -10,12 +10,12 @@
buildPythonPackage rec {
pname = "djangorestframework-simplejwt";
version = "5.0.0";
version = "5.1.0";
src = fetchPypi {
pname = "djangorestframework_simplejwt";
inherit version;
sha256 = "30b10e7732395c44d21980f773214d2b9bdeadf2a6c6809cd1a7c9abe272873c";
sha256 = "sha256-dTI1KKe5EIQ7h5GUdG8OvDSBxK2fNU3i3RYhYGYvuVo=";
};
nativeBuildInputs = [

View file

@ -8,7 +8,7 @@
buildPythonPackage rec {
pname = "furo";
version = "2022.2.23";
version = "2022.3.4";
format = "wheel";
disable = pythonOlder "3.6";
@ -16,7 +16,7 @@ buildPythonPackage rec {
inherit pname version format;
dist = "py3";
python = "py3";
sha256 = "sha256-v+1OagURq3uvIRsxlbhRkUvxGnLlkH4HOx3pKW3jkfY=";
sha256 = "sha256-bHGCk+v4d1XwufFIseaXyeOqvXr5VWRNS8ruXOddt4E=";
};
propagatedBuildInputs = [

View file

@ -12,11 +12,11 @@
buildPythonPackage rec {
pname = "google-resumable-media";
version = "2.3.0";
version = "2.3.1";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-Gn3OV5CwRRjtwCws4zllVWZg1klXEG1mqUUIbitkJXI=";
sha256 = "sha256-H02LFRlnZv34qGD9LPqmGEE4cH7F+SHNGDQGel39Lbc=";
};
propagatedBuildInputs = [ google-auth google-crc32c requests ];

View file

@ -8,14 +8,14 @@
buildPythonPackage rec {
pname = "pg8000";
version = "1.24.0";
version = "1.24.1";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-BsawsGjQfONm97ztrfdqC12mph+GMCyMr/aQt/xd/ts=";
sha256 = "sha256-KRIixd39ZqP8DTIXAM9ZHIsPkw0vyEh3fWz8/1VEPOY=";
};
propagatedBuildInputs = [

View file

@ -1,6 +1,7 @@
{ lib, stdenv, fetchFromGitHub, ocaml, perl }:
if lib.versionOlder ocaml.version "4.02"
|| lib.versionOlder "4.13" ocaml.version
then throw "camlp5 is not available for OCaml ${ocaml.version}"
else

View file

@ -28,8 +28,10 @@ let src =
}."${version}";
};
ocamlPackages =
if lib.versionAtLeast version "0.17.0"
if lib.versionAtLeast version "0.19.0"
then ocaml-ng.ocamlPackages
else if lib.versionAtLeast version "0.17.0"
then ocaml-ng.ocamlPackages_4_12
else if lib.versionAtLeast version "0.14.3"
then ocaml-ng.ocamlPackages_4_10
else ocaml-ng.ocamlPackages_4_07

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "rtl88x2bu";
version = "${kernel.version}-unstable-2021-11-04";
version = "${kernel.version}-unstable-2022-02-22";
src = fetchFromGitHub {
owner = "morrownr";
repo = "88x2bu";
rev = "745d134080b74b92389ffe59c03dcfd6658f8655";
sha256 = "0f1hsfdw3ar78kqzr4hi04kpp5wnx0hd29f9rm698k0drxaw1g44";
repo = "88x2bu-20210702";
rev = "6a5b7f005c071ffa179b6183ee034c98ed30db80";
sha256 = "sha256-BqTyJpICW3D4EfHHoN5svasteJnunu2Uz449u/CmNE0=";
};
hardeningDisable = [ "pic" ];
@ -32,7 +32,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "Realtek rtl88x2bu driver";
homepage = "https://github.com/morrownr/88x2bu";
homepage = "https://github.com/morrownr/88x2bu-20210702";
license = licenses.gpl2Only;
platforms = platforms.linux;
maintainers = [ maintainers.ralith ];

View file

@ -1,91 +0,0 @@
From 8b531c41f956b27e4be32b430db2e7a44e0cdd3e Mon Sep 17 00:00:00 2001
From: Luke Granger-Brown <git@lukegb.com>
Date: Thu, 7 Jan 2021 11:09:18 +0000
Subject: [PATCH] Add upb patch to make it compile under GCC10
---
bazel/repositories.bzl | 5 +++-
bazel/upb2.patch | 55 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 59 insertions(+), 1 deletion(-)
create mode 100644 bazel/upb2.patch
diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl
index 64d61ea49..c6cadc9df 100644
--- a/bazel/repositories.bzl
+++ b/bazel/repositories.bzl
@@ -811,7 +811,10 @@ def _com_github_grpc_grpc():
def _upb():
_repository_impl(
name = "upb",
- patches = ["@envoy//bazel:upb.patch"],
+ patches = [
+ "@envoy//bazel:upb.patch",
+ "@envoy//bazel:upb2.patch",
+ ],
patch_args = ["-p1"],
)
diff --git a/bazel/upb2.patch b/bazel/upb2.patch
new file mode 100644
index 000000000..6e436c61b
--- /dev/null
+++ b/bazel/upb2.patch
@@ -0,0 +1,55 @@
+From 9bd23dab4240b015321a53c45b3c9e4847fbf020 Mon Sep 17 00:00:00 2001
+From: Joshua Haberman <jhaberman@gmail.com>
+Date: Tue, 7 Apr 2020 15:22:11 -0700
+Subject: [PATCH] Changed upb status to suit GCC10's warning about strncpy().
+ (#268)
+
+Added tests for all cases. Also removed ellipses from truncated
+messages, they were more trouble than they are worth.
+---
+ tests/test_generated_code.c | 33 +++++++++++++++++++++++++++++++++
+ upb/upb.c | 17 +++--------------
+ 2 files changed, 36 insertions(+), 14 deletions(-)
+
+diff --git a/upb/upb.c b/upb/upb.c
+index cb2cdfd9d..258192d79 100644
+--- a/upb/upb.c
++++ b/upb/upb.c
+@@ -11,17 +11,6 @@
+
+ #include "upb/port_def.inc"
+
+-/* Guarantee null-termination and provide ellipsis truncation.
+- * It may be tempting to "optimize" this by initializing these final
+- * four bytes up-front and then being careful never to overwrite them,
+- * this is safer and simpler. */
+-static void nullz(upb_status *status) {
+- const char *ellipsis = "...";
+- size_t len = strlen(ellipsis);
+- UPB_ASSERT(sizeof(status->msg) > len);
+- memcpy(status->msg + sizeof(status->msg) - len, ellipsis, len);
+-}
+-
+ /* upb_status *****************************************************************/
+
+ void upb_status_clear(upb_status *status) {
+@@ -37,8 +26,8 @@ const char *upb_status_errmsg(const upb_status *status) { return status->msg; }
+ void upb_status_seterrmsg(upb_status *status, const char *msg) {
+ if (!status) return;
+ status->ok = false;
+- strncpy(status->msg, msg, sizeof(status->msg));
+- nullz(status);
++ strncpy(status->msg, msg, UPB_STATUS_MAX_MESSAGE - 1);
++ status->msg[UPB_STATUS_MAX_MESSAGE - 1] = '\0';
+ }
+
+ void upb_status_seterrf(upb_status *status, const char *fmt, ...) {
+@@ -52,7 +41,7 @@ void upb_status_vseterrf(upb_status *status, const char *fmt, va_list args) {
+ if (!status) return;
+ status->ok = false;
+ _upb_vsnprintf(status->msg, sizeof(status->msg), fmt, args);
+- nullz(status);
++ status->msg[UPB_STATUS_MAX_MESSAGE - 1] = '\0';
+ }
+
+ /* upb_alloc ******************************************************************/
--
2.29.2

View file

@ -1,6 +1,8 @@
{ lib
, bazel_4
, buildBazelPackage
, fetchFromGitHub
, fetchpatch
, stdenv
, cmake
, gn
@ -8,6 +10,7 @@
, jdk
, ninja
, python3
, linuxHeaders
, nixosTests
}:
@ -17,23 +20,24 @@ let
# However, the version string is more useful for end-users.
# These are contained in a attrset of their own to make it obvious that
# people should update both.
version = "1.19.1";
commit = "a2a1e3eed4214a38608ec223859fcfa8fb679b14";
version = "1.21.1";
rev = "af50070ee60866874b0a9383daf9364e884ded22";
};
in
buildBazelPackage rec {
pname = "envoy";
version = srcVer.version;
inherit (srcVer) version;
bazel = bazel_4;
src = fetchFromGitHub {
owner = "envoyproxy";
repo = "envoy";
rev = srcVer.commit;
hash = "sha256:1v1hv4blrppnhllsxd9d3k2wl6nhd59r4ydljy389na3bb41jwf9";
inherit (srcVer) rev ;
hash = "sha256:11mm72zmb479ss585jzqzhklyyqmdadnvr91ghzvjxc0j2a1hrr4";
extraPostFetch = ''
chmod -R +w $out
rm $out/.bazelversion
echo ${srcVer.commit} > $out/SOURCE_VERSION
echo ${srcVer.rev} > $out/SOURCE_VERSION
sed -i 's/GO_VERSION = ".*"/GO_VERSION = "host"/g' $out/bazel/dependency_imports.bzl
'';
};
@ -48,6 +52,14 @@ buildBazelPackage rec {
--replace '"''$$WEE8_BUILD_ARGS"' '"''$$WEE8_BUILD_ARGS use_gold=false"'
'';
patches = [
# make linux/tcp.h relative. drop when upgrading to >1.21
(fetchpatch {
url = "https://github.com/envoyproxy/envoy/commit/68448aae7a78a3123097b6ea96016b270457e7b8.patch";
sha256 = "123kv3x37p8fgfp29jhw5xg5js5q5ipibs8hsm7gzfd5bcllnpfh";
})
];
nativeBuildInputs = [
cmake
python3
@ -57,8 +69,12 @@ buildBazelPackage rec {
ninja
];
buildInputs = [
linuxHeaders
];
fetchAttrs = {
sha256 = "sha256:0vnl0gq6nhvyzz39jg1bvvna0xyhxalg71bp1jbxib7ql026004r";
sha256 = "0f7mls2zrpjjvbz6pgkzrvr55bv05xn2l76j9i1r0cf367qqfkz8";
dontUseCmakeConfigure = true;
dontUseGnConfigure = true;
preInstall = ''
@ -84,7 +100,7 @@ buildBazelPackage rec {
dontUseGnConfigure = true;
dontUseNinjaInstall = true;
preConfigure = ''
sed -i 's,#!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/tools/build_defs/framework.bzl
sed -i 's,#!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/foreign_cc/private/framework/toolchains/linux_commands.bzl
# Add paths to Nix store back.
sed -i \

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "prometheus_varnish_exporter";
version = "1.6";
version = "1.6.1";
src = fetchFromGitHub {
owner = "jonnenauha";
repo = "prometheus_varnish_exporter";
rev = version;
sha256 = "1cp7c1w237r271m8b1y8pj5jy7j2iadp4vbislxfyp4kga9i4dcc";
sha256 = "15w2ijz621caink2imlp1666j0ih5pmlj62cbzggyb34ncl37ifn";
};
vendorSha256 = "1cslg29l9mmyhpdz14ca9m18iaz4hhznplz8fmi3wa3l8r7ih751";
vendorSha256 = "00i9znb1pk5jpmyhxfg9zbw935fk3c1r0qrgf868xlcf9p8x2rrz";
nativeBuildInputs = [ makeWrapper ];

View file

@ -0,0 +1,57 @@
{ lib
, stdenv
, fetchurl
, zlib
, fetchFromGitHub
, gnumake
, gcc
, pkg-config
, lua5_4
, openssl
, jack1
, python3
, alsa-lib
, ncurses
, libevdev
}:
stdenv.mkDerivation rec {
pname = "midimonster";
version = "0.6.0";
buildInputs = [pkg-config gnumake gcc lua5_4 openssl jack1 python3 alsa-lib ncurses libevdev];
src = fetchFromGitHub {
repo = "midimonster";
owner = "cbdevnet";
rev = "f16f7db86662fcdbf45b6373257c90c824b0b4b0";
sha256 = "131zs4j9asq9xl72cbyi463xpkj064ca1s7i77q5jrwqysgy52sp";
};
doCheck = true;
enableParallelBuilding = true;
outputs = ["out" "man"];
buildPhase = ''
PLUGINS=$out/lib/midimonster make all
'';
installPhase = ''
PREFIX=$out make install
mkdir -p "$man/share/man/man1"
cp assets/midimonster.1 "$man/share/man/man1"
mkdir -p "$out/share/icons/hicolor/scalable/apps"
cp assets/MIDIMonster.svg "$out/share/icons/hicolor/scalable/apps/"
'';
meta = with lib; {
homepage = "https://midimonster.net";
description = "Multi-protocol translation tool";
license = licenses.bsd2;
platforms = platforms.unix;
maintainers = with maintainers; [keldu];
};
}

View file

@ -0,0 +1,34 @@
{ lib, stdenv, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "shellspec";
version = "0.28.1";
src = fetchFromGitHub {
owner = "shellspec";
repo = pname;
rev = version;
sha256 = "1ib5qp29f2fmivwnv6hq35qhvdxz42xgjlkvy0i3qn758riyqf46";
};
makeFlags = [ "PREFIX=${placeholder "out"}" ];
checkPhase = ''
./shellspec --no-banner --task fixture:stat:prepare
./shellspec --no-banner spec --jobs "$(nproc)"
'';
# "Building" the script happens in Docker
dontBuild = true;
meta = with lib; {
description =
"A full-featured BDD unit testing framework for bash, ksh, zsh, dash and all POSIX shells";
homepage = "https://shellspec.info/";
changelog =
"https://github.com/shellspec/shellspec/releases/tag/${version}";
license = licenses.mit;
maintainers = with maintainers; [ j0hax ];
platforms = platforms.unix;
};
}

View file

@ -0,0 +1,24 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "smug";
version = "0.2.7";
subPackages = [ "." ];
src = fetchFromGitHub {
owner = "ivaaaan";
repo = "smug";
rev = "3399f02a6e01324f5bb881f6b049c9e8d94733ee";
sha256 = "178125835dhnaq9k42yv4pfxpyhgb5179wrxkimb59fy0nk8jzx8";
};
vendorSha256 = "1rba5rpvlr8dyhj145b5i57pm4skfpj3vm7vydkn79k6ak6x985x";
meta = with lib; {
homepage = "https://github.com/ivaaaan/smug";
description = "Smug - tmux session manager";
license = licenses.mit;
maintainers = with maintainers; [ juboba ];
};
}

View file

@ -0,0 +1,25 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "rdap";
version = "2019-10-17";
vendorSha256 = "sha256-j7sE62NqbN8UrU1mM9WYGYu/tkqw56sNKQ125QQXAmo=";
src = fetchFromGitHub {
owner = "openrdap";
repo = "rdap";
rev = "af93e7ef17b78dee3e346814731377d5ef7b89f3";
sha256 = "sha256-7MR4izJommdvxDZSRxguwqJWu6KXw/X73RJxSmUD7oQ=";
};
doCheck = false;
ldflags = [ "-s" "-w" "-X \"github.com/openrdap/rdap.version=OpenRDAP ${version}\"" ];
meta = with lib; {
homepage = "https://www.openrdap.org/";
description = "Command line client for the Registration Data Access Protocol (RDAP)";
license = licenses.mit;
maintainers = with maintainers; [ sebastianblunt ];
};
}

View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "tboot";
version = "1.10.3";
version = "1.10.4";
src = fetchurl {
url = "mirror://sourceforge/tboot/${pname}-${version}.tar.gz";
sha256 = "sha256-ixFs9Bd6VNT1n5RU6n38hFR+m4+SBNzwrCNXRmCHgOQ=";
sha256 = "sha256-iEn6mZ0tuDBA1a2POpJEBaIM0TMVDohbVvp/6OO4nAY=";
};
buildInputs = [ openssl trousers zlib ];

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "consul-template";
version = "0.27.2";
version = "0.28.0";
src = fetchFromGitHub {
owner = "hashicorp";
repo = "consul-template";
rev = "v${version}";
sha256 = "sha256-Uqb0HXaYHGcW7lkUNLa2oXM0gu+SWwpv+NdPnOO87cs=";
sha256 = "sha256-9NsudhalFm0km7BmK+2QzK9LxirrVtIFzNrugpw4f8g=";
};
vendorSha256 = "sha256-my4ECzmvrPhbKlcEptQ0xi4lYxHm42IrEsOvcetuMeQ=";
vendorSha256 = "sha256-SUbQPzFZUBgFZvaLc8730hZhJvt3/ni306Vt3EZMOmU=";
# consul-template tests depend on vault and consul services running to
# execute tests so we skip them here

View file

@ -2,24 +2,27 @@
stdenv.mkDerivation rec {
pname = "recode";
version = "3.7.9";
version = "3.7.12";
# Use official tarball, avoid need to bootstrap/generate build system
src = fetchurl {
url = "https://github.com/rrthomas/${pname}/releases/download/v${version}/${pname}-${version}.tar.gz";
sha256 = "sha256-5DIKaw9c2DfNtFT7WFQBjd+pcJEWCOHwHMLGX2M2csQ=";
hash = "sha256-TbHJB28E26oVlyb1AAhH5eWoOuyOXGT4ygQ4P2zaEtU=";
};
nativeBuildInputs = [ python3 python3.pkgs.cython perl intltool flex texinfo libiconv ];
buildInputs = [ libintl ];
enableParallelBuilding = true;
doCheck = true;
meta = {
homepage = "https://github.com/rrthomas/recode";
description = "Converts files between various character sets and usages";
changelog = "https://github.com/rrthomas/recode/raw/v${version}/NEWS";
platforms = lib.platforms.unix;
license = lib.licenses.gpl2Plus;
license = with lib.licenses; [ lgpl3Plus gpl3Plus ];
maintainers = with lib.maintainers; [ jcumming ];
};
}

View file

@ -1441,6 +1441,7 @@ mapAliases ({
inherit (plasma5Packages.thirdParty)
krohnkite
krunner-ssh
krunner-symbols
kwin-dynamic-workspaces
kwin-tiling

View file

@ -1082,6 +1082,8 @@ with pkgs;
metapixel = callPackage ../tools/graphics/metapixel { };
midimonster = callPackage ../tools/audio/midimonster { };
pferd = callPackage ../tools/misc/pferd {};
qFlipper = libsForQt515.callPackage ../tools/misc/qflipper { };
@ -7467,7 +7469,7 @@ with pkgs;
leatherman = callPackage ../development/libraries/leatherman { };
ledit = callPackage ../tools/misc/ledit {
inherit (ocamlPackages) camlp5;
inherit (ocaml-ng.ocamlPackages_4_12) ocaml camlp5;
};
ledmon = callPackage ../tools/system/ledmon { };
@ -9320,6 +9322,8 @@ with pkgs;
rcon = callPackage ../tools/networking/rcon { };
rdap = callPackage ../tools/networking/rdap { };
rdbtools = callPackage ../development/tools/rdbtools { python = python3; };
rdma-core = callPackage ../os-specific/linux/rdma-core { };
@ -9750,6 +9754,8 @@ with pkgs;
shelldap = callPackage ../tools/misc/shelldap { };
shellspec = callPackage ../tools/misc/shellspec { };
schema2ldif = callPackage ../tools/text/schema2ldif { };
sharedown = callPackage ../tools/misc/sharedown { };
@ -9833,7 +9839,9 @@ with pkgs;
skippy-xd = callPackage ../tools/X11/skippy-xd {};
sks = callPackage ../servers/sks { };
sks = callPackage ../servers/sks {
ocamlPackages = ocaml-ng.ocamlPackages_4_12;
};
skydns = callPackage ../servers/skydns { };
@ -9881,6 +9889,8 @@ with pkgs;
smu = callPackage ../tools/text/smu { };
smug = callPackage ../tools/misc/smug { };
smpq = callPackage ../applications/misc/smpq { };
sn0int = callPackage ../tools/security/sn0int { };
@ -14047,7 +14057,7 @@ with pkgs;
regina = callPackage ../development/interpreters/regina { };
inherit (ocamlPackages) reason;
inherit (ocaml-ng.ocamlPackages_4_12) reason;
pixie = callPackage ../development/interpreters/pixie { };
dust = callPackage ../development/interpreters/pixie/dust.nix { };
@ -14953,6 +14963,7 @@ with pkgs;
flow = callPackage ../development/tools/analysis/flow {
inherit (darwin.apple_sdk.frameworks) CoreServices;
ocamlPackages = ocaml-ng.ocamlPackages_4_12;
};
fly = callPackage ../development/tools/continuous-integration/fly { };
@ -28079,7 +28090,9 @@ with pkgs;
opusTools = callPackage ../applications/audio/opus-tools { };
orpie = callPackage ../applications/misc/orpie { };
orpie = callPackage ../applications/misc/orpie {
ocamlPackages = ocaml-ng.ocamlPackages_4_12;
};
osmo = callPackage ../applications/office/osmo { };
@ -29004,7 +29017,7 @@ with pkgs;
stalonetray = callPackage ../applications/window-managers/stalonetray {};
inherit (ocamlPackages) stog;
inherit (ocaml-ng.ocamlPackages_4_12) stog;
stp = callPackage ../applications/science/logic/stp { };
@ -31893,6 +31906,8 @@ with pkgs;
alliance = callPackage ../applications/science/electronics/alliance { };
angsd = callPackage ../applications/science/biology/angsd { };
ants = callPackage ../applications/science/biology/ants {
inherit (darwin.apple_sdk.frameworks) Cocoa;
};
@ -32365,7 +32380,9 @@ with pkgs;
abc-verifier = callPackage ../applications/science/logic/abc {};
abella = callPackage ../applications/science/logic/abella { };
abella = callPackage ../applications/science/logic/abella {
ocamlPackages = ocaml-ng.ocamlPackages_4_12;
};
acgtk = callPackage ../applications/science/logic/acgtk {};
@ -32444,7 +32461,7 @@ with pkgs;
hol = callPackage ../applications/science/logic/hol { };
inherit (ocamlPackages) hol_light;
inherit (ocaml-ng.ocamlPackages_4_12) hol_light;
hologram = callPackage ../tools/security/hologram { };
@ -32508,7 +32525,9 @@ with pkgs;
libpoly = callPackage ../applications/science/logic/poly {};
prooftree = callPackage ../applications/science/logic/prooftree {};
prooftree = callPackage ../applications/science/logic/prooftree {
ocamlPackages = ocaml-ng.ocamlPackages_4_12;
};
prover9 = callPackage ../applications/science/logic/prover9 { };

View file

@ -1539,5 +1539,5 @@ in let inherit (pkgs) callPackage; in rec
ocamlPackages_latest = ocamlPackages_4_13;
ocamlPackages = ocamlPackages_4_12;
ocamlPackages = ocamlPackages_4_13;
}