BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge master into haskell-updates

Browse source
This commit is contained in:
github-actions[bot] 2022-06-28 00:15:17 +00:00 committed by GitHub
commit d7d10bad16
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
197 changed files with 3134 additions and 2226 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
doc/stdenv/cross-compilation.chapter.md
View file

@ -153,6 +153,24 @@ Add the following to your `mkDerivation` invocation.
doCheck = stdenv.hostPlatform == stdenv.buildPlatform;
```
#### Package using Meson needs to run binaries for the host platform during build. {#cross-meson-runs-host-code}
Add `mesonEmulatorHook` cross conditionally to `nativeBuildInputs`.
e.g.
```
nativeBuildInputs = [
meson
] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [
mesonEmulatorHook
];
```
Example of an error which this fixes.
`[Errno 8] Exec format error: './gdk3-scan'`
## Cross-building packages {#sec-cross-usage}
Nixpkgs can be instantiated with `localSystem` alone, in which case there is no cross-compiling and everything is built by and for that system, or also with `crossSystem`, in which case packages run on the latter, but all building happens on the former. Both parameters take the same schema as the 3 (build, host, and target) platforms defined in the previous section. As mentioned above, `lib.systems.examples` has some platforms which are used as arguments for these parameters in practice. You can use them programmatically, or on the command line:

2
lib/options.nix
View file

@ -242,6 +242,8 @@ rec {
in if ss != {} then optionAttrSetToDocList' opt.loc ss else [];
subOptionsVisible = docOption.visible && opt.visible or null != "shallow";
in
# To find infinite recursion in NixOS option docs:
# builtins.trace opt.loc
[ docOption ] ++ optionals subOptionsVisible subOptions) (collect isOption options);

18
maintainers/maintainer-list.nix
View file

@ -6003,6 +6003,12 @@
githubId = 2502736;
name = "James Hillyerd";
};
jiegec = {
name = "Jiajie Chen";
email = "c@jia.je";
github = "jiegec";
githubId = 6127678;
};
jiehong = {
email = "nixos@majiehong.com";
github = "Jiehong";
@ -10671,6 +10677,12 @@
githubId = 1142322;
name = "Martin Lavoie";
};
regadas = {
email = "oss@regadas.email";
name = "Filipe Regadas";
github = "regadas";
githubId = 163899;
};
regnat = {
email = "regnat@regnat.ovh";
github = "regnat";
@ -12085,6 +12097,12 @@
githubId = 7512804;
name = "Martin Langlotz";
};
stargate01 = {
email = "christoph.honal@web.de";
github = "StarGate01";
githubId = 6362238;
name = "Christoph Honal";
};
steamwalker = {
email = "steamwalker@xs4all.nl";
github = "steamwalker";

6
nixos/doc/manual/default.nix
View file

@ -133,12 +133,12 @@ let
# ^ redirect assumes xmllint doesnt print to stdout
}
lintrng manual-combined.xml
lintrng man-pages-combined.xml
mkdir $out
cp manual-combined.xml $out/
cp man-pages-combined.xml $out/
lintrng $out/manual-combined.xml
lintrng $out/man-pages-combined.xml
'';
olinkDB = runCommand "manual-olinkdb"

6
nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
View file

@ -2784,6 +2784,12 @@ sudo cp /var/lib/redis/dump.rdb /var/lib/redis-peertube/dump.rdb
runs a PostgreSQL server for the duration of package checks.
</para>
</listitem>
<listitem>
<para>
<literal>zfs</literal> was updated from 2.1.4 to 2.1.5,
enabling it to be used with Linux kernel 5.18.
</para>
</listitem>
<listitem>
<para>
<literal>stdenv.mkDerivation</literal> now supports a

6
nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
View file

@ -296,12 +296,6 @@
and require manual remediation.
</para>
</listitem>
<listitem>
<para>
<literal>zfs</literal> was updated from 2.1.4 to 2.1.5,
enabling it to be used with Linux kernel 5.18.
</para>
</listitem>
<listitem>
<para>
memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2.

4
nixos/doc/manual/release-notes/rl-2205.section.md
View file

@ -973,7 +973,9 @@ In addition to numerous new and upgraded packages, this release has the followin
was changed.
- The new [`postgresqlTestHook`](https://nixos.org/manual/nixpkgs/stable/#sec-postgresqlTestHook) runs a PostgreSQL server for the duration of package checks.
- `zfs` was updated from 2.1.4 to 2.1.5, enabling it to be used with Linux kernel 5.18.
- `stdenv.mkDerivation` now supports a self-referencing `finalAttrs:` parameter
containing the final `mkDerivation` arguments including overrides.
`drv.overrideAttrs` now supports two parameters `finalAttrs: previousAttrs:`.

2
nixos/doc/manual/release-notes/rl-2211.section.md
View file

@ -112,8 +112,6 @@ Use `configure.packages` instead.
- Matrix Synapse now requires entries in the `state_group_edges` table to be unique, in order to prevent accidentally introducing duplicate information (for example, because a database backup was restored multiple times). If your Synapse database already has duplicate rows in this table, this could fail with an error and require manual remediation.
- `zfs` was updated from 2.1.4 to 2.1.5, enabling it to be used with Linux kernel 5.18.
- memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2. It is now the upstream version from https://www.memtest.org/, as coreboot's fork is no longer available.
- There is a new module for the `thunar` program (the Xfce file manager), which depends on the `xfconf` dbus service, and also has a dbus service and a systemd unit. The option `services.xserver.desktopManager.xfce.thunarPlugins` has been renamed to `programs.thunar.plugins`, and in a future release it may be removed.

5
nixos/lib/make-options-doc/default.nix
View file

@ -22,6 +22,10 @@
, transformOptions ? lib.id # function for additional tranformations of the options
, documentType ? "appendix" # TODO deprecate "appendix" in favor of "none"
# and/or rename function to moduleOptionDoc for clean slate
# If you include more than one option list into a document, you need to
# provide different ids.
, variablelistId ? "configuration-variable-list"
, revision ? "" # Specify revision for the options
# a set of options the docs we are generating will be merged into, as if by recursiveUpdate.
# used to split the options doc build into a static part (nixos/modules) and a dynamic part
@ -177,6 +181,7 @@ in rec {
${pkgs.libxslt.bin}/bin/xsltproc \
--stringparam documentType '${documentType}' \
--stringparam revision '${revision}' \
--stringparam variablelistId '${variablelistId}' \
-o intermediate.xml ${./options-to-docbook.xsl} sorted.xml
${pkgs.libxslt.bin}/bin/xsltproc \
-o "$out" ${./postprocess-option-descriptions.xsl} intermediate.xml

14
nixos/lib/make-options-doc/mergeJSON.py
View file

@ -57,19 +57,21 @@ def convertMD(options: Dict[str, Any]) -> str:
try:
return super(Renderer, self)._get_method(name)
except AttributeError:
def not_supported(children, **kwargs):
raise NotImplementedError("md node not supported yet", name, children, **kwargs)
def not_supported(*args, **kwargs):
raise NotImplementedError("md node not supported yet", name, args, **kwargs)
return not_supported
def text(self, text):
return escape(text)
def paragraph(self, text):
return text + "\n\n"
def newline(self):
return "<literallayout>\n</literallayout>"
def codespan(self, text):
return f"<literal>{text}</literal>"
return f"<literal>{escape(text)}</literal>"
def block_code(self, text, info=None):
info = f" language={quoteattr(info)}" if info is not None else ""
return f"<programlisting{info}>\n{text}</programlisting>"
return f"<programlisting{info}>\n{escape(text)}</programlisting>"
def link(self, link, text=None, title=None):
if link[0:1] == '#':
attr = "linkend"
@ -102,6 +104,8 @@ def convertMD(options: Dict[str, Any]) -> str:
# a single paragraph and the original docbook string is no longer
# available to restore the trailer.
return f"<{tag}><para>{text.rstrip()}</para></{tag}>"
def block_quote(self, text):
return f"<blockquote><para>{text}</para></blockquote>"
def command(self, text):
return f"<command>{escape(text)}</command>"
def option(self, text):
@ -194,7 +198,7 @@ overrides = pivot(json.load(open(sys.argv[2 + optOffset], 'r')))
for (k, v) in options.items():
# The _module options are not declared in nixos/modules
if v.value['loc'][0] != "_module":
v.value['declarations'] = list(map(lambda s: f'nixos/modules/{s}', v.value['declarations']))
v.value['declarations'] = list(map(lambda s: f'nixos/modules/{s}' if isinstance(s, str) else s, v.value['declarations']))
# merge both descriptions
for (k, v) in overrides.items():

4
nixos/lib/make-options-doc/options-to-docbook.xsl
View file

@ -14,6 +14,7 @@
<xsl:param name="revision" />
<xsl:param name="documentType" />
<xsl:param name="program" />
<xsl:param name="variablelistId" />
<xsl:template match="/expr/list">
@ -31,7 +32,8 @@
</xsl:template>
<xsl:template name="variable-list">
<variablelist xml:id="configuration-variable-list">
<variablelist>
<xsl:attribute name="id" namespace="http://www.w3.org/XML/1998/namespace"><xsl:value-of select="$variablelistId"/></xsl:attribute>
<xsl:for-each select="attrs">
<xsl:variable name="id" select="
concat('opt-',

7
nixos/modules/installer/tools/get-version-suffix
View file

@ -1,14 +1,15 @@
getVersion() {
local dir="$1"
rev=
if [ -e "$dir/.git" ]; then
gitDir="$dir/.git"
if [ -e "$gitDir" ]; then
if [ -z "$(type -P git)" ]; then
echo "warning: Git not found; cannot figure out revision of $dir" >&2
return
fi
cd "$dir"
rev=$(git rev-parse --short HEAD)
if git describe --always --dirty | grep -q dirty; then
rev=$(git --git-dir="$gitDir" rev-parse --short HEAD)
if git --git-dir="$gitDir" describe --always --dirty | grep -q dirty; then
rev+=M
fi
fi

53
nixos/modules/services/misc/geoipupdate.nix
View file

@ -2,6 +2,7 @@
let
cfg = config.services.geoipupdate;
inherit (builtins) isAttrs isString isInt isList typeOf hashString;
in
{
imports = [
@ -27,11 +28,30 @@ in
};
settings = lib.mkOption {
example = lib.literalExpression ''
{
AccountID = 200001;
DatabaseDirectory = "/var/lib/GeoIP";
LicenseKey = { _secret = "/run/keys/maxmind_license_key"; };
Proxy = "10.0.0.10:8888";
ProxyUserPassword = { _secret = "/run/keys/proxy_pass"; };
}
'';
description = ''
<productname>geoipupdate</productname> configuration
options. See
<link xlink:href="https://github.com/maxmind/geoipupdate/blob/main/doc/GeoIP.conf.md" />
for a full list of available options.
Settings containing secret data should be set to an
attribute set containing the attribute
<literal>_secret</literal> - a string pointing to a file
containing the value the option should be set to. See the
example to get a better picture of this: in the resulting
<filename>GeoIP.conf</filename> file, the
<literal>ProxyUserPassword</literal> key will be set to the
contents of the
<filename>/run/keys/proxy_pass</filename> file.
'';
type = lib.types.submodule {
freeformType =
@ -65,11 +85,18 @@ in
};
LicenseKey = lib.mkOption {
type = lib.types.path;
type = with lib.types; either path (attrsOf path);
description = ''
A file containing the <productname>MaxMind</productname>
license key.
A file containing the
<productname>MaxMind</productname> license key.
Always handled as a secret whether the value is
wrapped in a <literal>{ _secret = ...; }</literal>
attrset or not (refer to <xref
linkend="opt-services.geoipupdate.settings" /> for
details).
'';
apply = x: if isAttrs x then x else { _secret = x; };
};
DatabaseDirectory = lib.mkOption {
@ -102,6 +129,9 @@ in
systemd.services.geoipupdate-create-db-dir = {
serviceConfig.Type = "oneshot";
script = ''
set -o errexit -o pipefail -o nounset -o errtrace
shopt -s inherit_errexit
mkdir -p ${cfg.settings.DatabaseDirectory}
chmod 0755 ${cfg.settings.DatabaseDirectory}
'';
@ -115,32 +145,41 @@ in
"network-online.target"
"nss-lookup.target"
];
path = [ pkgs.replace-secret ];
wants = [ "network-online.target" ];
startAt = cfg.interval;
serviceConfig = {
ExecStartPre =
let
isSecret = v: isAttrs v && v ? _secret && isString v._secret;
geoipupdateKeyValue = lib.generators.toKeyValue {
mkKeyValue = lib.flip lib.generators.mkKeyValueDefault " " rec {
mkValueString = v: with builtins;
mkValueString = v:
if isInt v then toString v
else if isString v then v
else if true == v then "1"
else if false == v then "0"
else if isList v then lib.concatMapStringsSep " " mkValueString v
else if isSecret v then hashString "sha256" v._secret
else throw "unsupported type ${typeOf v}: ${(lib.generators.toPretty {}) v}";
};
};
secretPaths = lib.catAttrs "_secret" (lib.collect isSecret cfg.settings);
mkSecretReplacement = file: ''
replace-secret ${lib.escapeShellArgs [ (hashString "sha256" file) file "/run/geoipupdate/GeoIP.conf" ]}
'';
secretReplacements = lib.concatMapStrings mkSecretReplacement secretPaths;
geoipupdateConf = pkgs.writeText "geoipupdate.conf" (geoipupdateKeyValue cfg.settings);
script = ''
set -o errexit -o pipefail -o nounset -o errtrace
shopt -s inherit_errexit
chown geoip "${cfg.settings.DatabaseDirectory}"
cp ${geoipupdateConf} /run/geoipupdate/GeoIP.conf
${pkgs.replace-secret}/bin/replace-secret '${cfg.settings.LicenseKey}' \
'${cfg.settings.LicenseKey}' \
/run/geoipupdate/GeoIP.conf
${secretReplacements}
'';
in
"+${pkgs.writeShellScript "start-pre-full-privileges" script}";

163
nixos/modules/services/monitoring/parsedmarc.nix
View file

@ -3,7 +3,19 @@
let
cfg = config.services.parsedmarc;
opt = options.services.parsedmarc;
ini = pkgs.formats.ini {};
isSecret = v: isAttrs v && v ? _secret && isString v._secret;
ini = pkgs.formats.ini {
mkKeyValue = lib.flip lib.generators.mkKeyValueDefault "=" rec {
mkValueString = v:
if isInt v then toString v
else if isString v then v
else if true == v then "True"
else if false == v then "False"
else if isSecret v then hashString "sha256" v._secret
else throw "unsupported type ${typeOf v}: ${(lib.generators.toPretty {}) v}";
};
};
inherit (builtins) elem isAttrs isString isInt isList typeOf hashString;
in
{
options.services.parsedmarc = {
@ -107,11 +119,35 @@ in
};
settings = lib.mkOption {
example = lib.literalExpression ''
{
imap = {
host = "imap.example.com";
user = "alice@example.com";
password = { _secret = "/run/keys/imap_password" };
watch = true;
};
splunk_hec = {
url = "https://splunkhec.example.com";
token = { _secret = "/run/keys/splunk_token" };
index = "email";
};
}
'';
description = ''
Configuration parameters to set in
<filename>parsedmarc.ini</filename>. For a full list of
available parameters, see
<link xlink:href="https://domainaware.github.io/parsedmarc/#configuration-file" />.
Settings containing secret data should be set to an attribute
set containing the attribute <literal>_secret</literal> - a
string pointing to a file containing the value the option
should be set to. See the example to get a better picture of
this: in the resulting <filename>parsedmarc.ini</filename>
file, the <literal>splunk_hec.token</literal> key will be set
to the contents of the
<filename>/run/keys/splunk_token</filename> file.
'';
type = lib.types.submodule {
@ -170,11 +206,18 @@ in
};
password = lib.mkOption {
type = with lib.types; nullOr path;
type = with lib.types; nullOr (either path (attrsOf path));
default = null;
description = ''
The path to a file containing the IMAP server password.
The IMAP server password.
Always handled as a secret whether the value is
wrapped in a <literal>{ _secret = ...; }</literal>
attrset or not (refer to <xref
linkend="opt-services.parsedmarc.settings" /> for
details).
'';
apply = x: if isAttrs x || x == null then x else { _secret = x; };
};
watch = lib.mkOption {
@ -228,11 +271,18 @@ in
};
password = lib.mkOption {
type = with lib.types; nullOr path;
type = with lib.types; nullOr (either path (attrsOf path));
default = null;
description = ''
The path to a file containing the SMTP server password.
The SMTP server password.
Always handled as a secret whether the value is
wrapped in a <literal>{ _secret = ...; }</literal>
attrset or not (refer to <xref
linkend="opt-services.parsedmarc.settings" /> for
details).
'';
apply = x: if isAttrs x || x == null then x else { _secret = x; };
};
from = lib.mkOption {
@ -274,12 +324,19 @@ in
};
password = lib.mkOption {
type = with lib.types; nullOr path;
type = with lib.types; nullOr (either path (attrsOf path));
default = null;
description = ''
The path to a file containing the password to use when
connecting to Elasticsearch, if required.
The password to use when connecting to Elasticsearch,
if required.
Always handled as a secret whether the value is
wrapped in a <literal>{ _secret = ...; }</literal>
attrset or not (refer to <xref
linkend="opt-services.parsedmarc.settings" /> for
details).
'';
apply = x: if isAttrs x || x == null then x else { _secret = x; };
};
ssl = lib.mkOption {
@ -299,63 +356,6 @@ in
'';
};
};
kafka = {
hosts = lib.mkOption {
default = [];
type = with lib.types; listOf str;
apply = x: if x == [] then null else lib.concatStringsSep "," x;
description = ''
A list of Apache Kafka hosts to publish parsed reports
to.
'';
};
user = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
description = ''
Username to use when connecting to Kafka, if
required.
'';
};
password = lib.mkOption {
type = with lib.types; nullOr path;
default = null;
description = ''
The path to a file containing the password to use when
connecting to Kafka, if required.
'';
};
ssl = lib.mkOption {
type = with lib.types; nullOr bool;
default = null;
description = ''
Whether to use an encrypted SSL/TLS connection.
'';
};
aggregate_topic = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
example = "aggregate";
description = ''
The Kafka topic to publish aggregate reports on.
'';
};
forensic_topic = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
example = "forensic";
description = ''
The Kafka topic to publish forensic reports on.
'';
};
};
};
};
@ -404,21 +404,14 @@ in
enable = cfg.provision.grafana.datasource || cfg.provision.grafana.dashboard;
datasources =
let
pkgVer = lib.getVersion config.services.elasticsearch.package;
esVersion =
if lib.versionOlder pkgVer "7" then
"60"
else if lib.versionOlder pkgVer "8" then
"70"
else
throw "When provisioning parsedmarc grafana datasources: unknown Elasticsearch version.";
esVersion = lib.getVersion config.services.elasticsearch.package;
in
lib.mkIf cfg.provision.grafana.datasource [
{
name = "dmarc-ag";
type = "elasticsearch";
access = "proxy";
url = "localhost:9200";
url = "http://localhost:9200";
jsonData = {
timeField = "date_range";
inherit esVersion;
@ -428,7 +421,7 @@ in
name = "dmarc-fo";
type = "elasticsearch";
access = "proxy";
url = "localhost:9200";
url = "http://localhost:9200";
jsonData = {
timeField = "date_range";
inherit esVersion;
@ -467,12 +460,17 @@ in
# lists, empty attrsets and null. This makes it possible to
# list interesting options in `settings` without them always
# ending up in the resulting config.
filteredConfig = lib.converge (lib.filterAttrsRecursive (_: v: ! builtins.elem v [ null [] {} ])) cfg.settings;
filteredConfig = lib.converge (lib.filterAttrsRecursive (_: v: ! elem v [ null [] {} ])) cfg.settings;
# Extract secrets (attributes set to an attrset with a
# "_secret" key) from the settings and generate the commands
# to run to perform the secret replacements.
secretPaths = lib.catAttrs "_secret" (lib.collect isSecret filteredConfig);
parsedmarcConfig = ini.generate "parsedmarc.ini" filteredConfig;
mkSecretReplacement = file:
lib.optionalString (file != null) ''
replace-secret '${file}' '${file}' /run/parsedmarc/parsedmarc.ini
'';
mkSecretReplacement = file: ''
replace-secret ${lib.escapeShellArgs [ (hashString "sha256" file) file "/run/parsedmarc/parsedmarc.ini" ]}
'';
secretReplacements = lib.concatMapStrings mkSecretReplacement secretPaths;
in
{
wantedBy = [ "multi-user.target" ];
@ -487,10 +485,7 @@ in
umask u=rwx,g=,o=
cp ${parsedmarcConfig} /run/parsedmarc/parsedmarc.ini
chown parsedmarc:parsedmarc /run/parsedmarc/parsedmarc.ini
${mkSecretReplacement cfg.settings.smtp.password}
${mkSecretReplacement cfg.settings.imap.password}
${mkSecretReplacement cfg.settings.elasticsearch.password}
${mkSecretReplacement cfg.settings.kafka.password}
${secretReplacements}
'' + lib.optionalString cfg.provision.localMail.enable ''
openssl rand -hex 64 >/run/parsedmarc/dmarc_user_passwd
replace-secret '@imap-password@' '/run/parsedmarc/dmarc_user_passwd' /run/parsedmarc/parsedmarc.ini

4
nixos/modules/services/networking/syncthing.nix
View file

@ -179,8 +179,8 @@ in {
description = mdDoc ''
Folders which should be shared by Syncthing.
Note that you can still add devices manually, but those changes
will be reverted on restart if [overrideDevices](#opt-services.syncthing.overrideDevices)
Note that you can still add folders manually, but those changes
will be reverted on restart if [overrideFolders](#opt-services.syncthing.overrideFolders)
is enabled.
'';
example = literalExpression ''

9
nixos/modules/services/web-apps/nextcloud.nix
View file

@ -89,7 +89,8 @@ in {
};
datadir = mkOption {
type = types.str;
defaultText = "config.services.nextcloud.home";
default = config.services.nextcloud.home;
defaultText = literalExpression "config.services.nextcloud.home";
description = ''
Data storage path of nextcloud. Will be <xref linkend="opt-services.nextcloud.home" /> by default.
This folder will be populated with a config.php and data folder which contains the state of the instance (excl the database).";
@ -629,8 +630,6 @@ in {
else nextcloud24
);
services.nextcloud.datadir = mkOptionDefault config.services.nextcloud.home;
services.nextcloud.phpPackage =
if versionOlder cfg.package.version "24" then pkgs.php80
# FIXME: Use PHP 8.1 with Nextcloud 24 and higher, once issues like this one are fixed:
@ -650,6 +649,7 @@ in {
{ systemd.timers.nextcloud-cron = {
wantedBy = [ "timers.target" ];
after = [ "nextcloud-setup.service" ];
timerConfig.OnBootSec = "5m";
timerConfig.OnUnitActiveSec = "5m";
timerConfig.Unit = "nextcloud-cron.service";
@ -840,12 +840,14 @@ in {
serviceConfig.User = "nextcloud";
};
nextcloud-cron = {
after = [ "nextcloud-setup.service" ];
environment.NEXTCLOUD_CONFIG_DIR = "${datadir}/config";
serviceConfig.Type = "oneshot";
serviceConfig.User = "nextcloud";
serviceConfig.ExecStart = "${phpPackage}/bin/php -f ${cfg.package}/cron.php";
};
nextcloud-update-plugins = mkIf cfg.autoUpdateApps.enable {
after = [ "nextcloud-setup.service" ];
serviceConfig.Type = "oneshot";
serviceConfig.ExecStart = "${occ}/bin/nextcloud-occ app:update --all";
serviceConfig.User = "nextcloud";
@ -914,7 +916,6 @@ in {
priority = 100;
extraConfig = ''
allow all;
log_not_found off;
access_log off;
'';
};

2
nixos/tests/all-tests.nix
View file

@ -159,6 +159,7 @@ in {
firefox = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox; };
firefox-esr = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox-esr; }; # used in `tested` job
firefox-esr-91 = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox-esr-91; };
firefox-esr-102 = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox-esr-102; };
firejail = handleTest ./firejail.nix {};
firewall = handleTest ./firewall.nix {};
fish = handleTest ./fish.nix {};
@ -458,6 +459,7 @@ in {
proxy = handleTest ./proxy.nix {};
prowlarr = handleTest ./prowlarr.nix {};
pt2-clone = handleTest ./pt2-clone.nix {};
pykms = handleTest ./pykms.nix {};
public-inbox = handleTest ./public-inbox.nix {};
pulseaudio = discoverTests (import ./pulseaudio.nix);
qboot = handleTestOn ["x86_64-linux" "i686-linux"] ./qboot.nix {};

14
nixos/tests/pykms.nix Normal file
View file

@ -0,0 +1,14 @@
import ./make-test-python.nix ({ pkgs, ... }:
{
name = "pykms-test";
meta.maintainers = with pkgs.lib.maintainers; [ zopieux ];
nodes.machine = { config, lib, pkgs, ... }: {
services.pykms.enable = true;
};
testScript = ''
machine.wait_for_unit("pykms.service")
machine.succeed("${pkgs.pykms}/bin/client")
'';
})

29
nixos/tests/virtualbox.nix
View file

@ -3,18 +3,9 @@
pkgs ? import ../.. { inherit system config; },
debug ? false,
enableUnfree ? false,
# Nested KVM virtualization (https://www.linux-kvm.org/page/Nested_Guests)
# requires a modprobe flag on the build machine: (kvm-amd for AMD CPUs)
# boot.extraModprobeConfig = "options kvm-intel nested=Y";
# Without this VirtualBox will use SW virtualization and will only be able
# to run 32-bit guests.
useKvmNestedVirt ? false,
# Whether to run 64-bit guests instead of 32-bit. Requires nested KVM.
use64bitGuest ? false
use64bitGuest ? true
}:
assert use64bitGuest -> useKvmNestedVirt;
with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib;
@ -26,7 +17,8 @@ let
#!${pkgs.runtimeShell} -xe
export PATH="${lib.makeBinPath [ pkgs.coreutils pkgs.util-linux ]}"
mkdir -p /run/dbus
mkdir -p /run/dbus /var
ln -s /run /var
cat > /etc/passwd <<EOF
root:x:0:0::/root:/bin/false
messagebus:x:1:1::/run/dbus:/bin/false
@ -200,6 +192,7 @@ let
systemd.services."vboxtestlog-${name}@" = {
description = "VirtualBox Test Machine Log For ${name}";
serviceConfig.StandardInput = "socket";
serviceConfig.StandardOutput = "journal";
serviceConfig.SyslogIdentifier = "GUEST-${name}";
serviceConfig.ExecStart = "${pkgs.coreutils}/bin/cat";
};
@ -226,6 +219,7 @@ let
def create_vm_${name}():
cleanup_${name}()
vbm("createvm --name ${name} ${createFlags}")
vbm("modifyvm ${name} ${vmFlags}")
vbm("setextradata ${name} VBoxInternal/PDM/HaltOnReset 1")
@ -233,7 +227,6 @@ let
vbm("storageattach ${name} ${diskFlags}")
vbm("sharedfolder add ${name} ${sharedFlags}")
vbm("sharedfolder add ${name} ${nixstoreFlags}")
cleanup_${name}()
${mkLog "$HOME/VirtualBox VMs/${name}/Logs/VBox.log" "HOST-${name}"}
@ -317,10 +310,7 @@ let
];
dhcpScript = pkgs: ''
${pkgs.dhcp}/bin/dhclient \
-lf /run/dhcp.leases \
-pf /run/dhclient.pid \
-v eth0 eth1
${pkgs.dhcpcd}/bin/dhcpcd eth0 eth1
otherIP="$(${pkgs.netcat}/bin/nc -l 1234 || :)"
${pkgs.iputils}/bin/ping -I eth1 -c1 "$otherIP"
@ -359,8 +349,7 @@ let
vmConfigs = mapAttrsToList mkVMConf vms;
in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs;
virtualisation.memorySize = 2048;
virtualisation.qemu.options =
if useKvmNestedVirt then ["-cpu" "kvm64,vmx=on"] else [];
virtualisation.qemu.options = ["-cpu" "kvm64,svm=on,vmx=on"];
virtualisation.virtualbox.host.enable = true;
test-support.displayManager.auto.user = "alice";
users.users.alice.extraGroups = let
@ -468,7 +457,7 @@ in mapAttrs (mkVBoxTest false vboxVMs) {
headless = ''
create_vm_headless()
machine.succeed(ru("VBoxHeadless --startvm headless & disown %1"))
machine.succeed(ru("VBoxHeadless --startvm headless >&2 & disown %1"))
wait_for_startup_headless()
wait_for_vm_boot_headless()
shutdown_vm_headless()
@ -476,6 +465,8 @@ in mapAttrs (mkVBoxTest false vboxVMs) {
'';
host-usb-permissions = ''
import sys
user_usb = remove_uuids(vbm("list usbhost"))
print(user_usb, file=sys.stderr)
root_usb = remove_uuids(machine.succeed("VBoxManage list usbhost"))

2
pkgs/applications/audio/noisetorch/default.nix
View file

@ -16,7 +16,7 @@ buildGoModule rec {
doCheck = false;
ldflags = [ "-X main.version=${version}" "-X main.distribution=nix" ];
ldflags = [ "-s" "-w" "-X main.version=${version}" "-X main.distribution=nix" ];
subPackages = [ "." ];

6
pkgs/applications/audio/reaper/default.nix
View file

@ -17,13 +17,13 @@
stdenv.mkDerivation rec {
pname = "reaper";
version = "6.47";
version = "6.61";
src = fetchurl {
url = "https://www.reaper.fm/files/${lib.versions.major version}.x/reaper${builtins.replaceStrings ["."] [""] version}_linux_${stdenv.hostPlatform.qemuArch}.tar.xz";
hash = {
x86_64-linux = "sha256-31HmIx/ohbrzu5uj8KOOZiHNCmXwng9h+fIGaJfYyqA=";
aarch64-linux = "sha256-CMmcBpaZ6BEZJ1144aQhOJ/o2NrGD7/8aq+ObLVMXYE=";
x86_64-linux = "sha256-Lp2EVky1+ruc86LdMmvhZIisoYl0OxdkVnN3h/u09IQ=";
aarch64-linux = "sha256-sPLCMA//xAdWXjY7++R6eLWS56Zi0u+9ju7JlICGvVc=";
}.${stdenv.hostPlatform.system};
};

12
pkgs/applications/backup/pika-backup/default.nix
View file

@ -1,7 +1,6 @@
{ lib
, stdenv
, fetchFromGitLab
, fetchpatch
, rustPlatform
, substituteAll
, desktop-file-utils
@ -19,20 +18,20 @@
stdenv.mkDerivation rec {
pname = "pika-backup";
version = "0.4.0";
version = "0.4.1";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "World";
repo = "pika-backup";
rev = "v${version}";
hash = "sha256-vQ0hlwsrY0WOUc/ppleE+kKRGHPt/ScEChXrkukln3U=";
hash = "sha256-D5QkNgscvNaPEykbcR451Wx8Mvn7HTuQE/22lp95Kbo=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
name = "${pname}-${version}";
hash = "sha256-IKUh5gkXTpmMToDaec+CpCIQqJjwJM2ZrmGQhZeTDsg=";
hash = "sha256-c4nYlPyc7D1AMOfHjhoDJox+i83+H1YKfWzR3i6bmng=";
};
patches = [
@ -40,11 +39,6 @@ stdenv.mkDerivation rec {
src = ./borg-path.patch;
borg = "${borgbackup}/bin/borg";
})
(fetchpatch {
name = "use-gtk4-update-icon-cache.patch";
url = "https://gitlab.gnome.org/World/pika-backup/-/merge_requests/64.patch";
hash = "sha256-AttGQGWealvTIvPwBl5M6FiC4Al/UD4/XckUAxM38SE=";
})
];
postPatch = ''

4
pkgs/applications/blockchains/clightning/default.nix
View file

@ -21,11 +21,11 @@ let
in
stdenv.mkDerivation rec {
pname = "clightning";
version = "0.11.1";
version = "0.11.2";
src = fetchurl {
url = "https://github.com/ElementsProject/lightning/releases/download/v${version}/clightning-v${version}.zip";
sha256 = "0vsh6gpv3458pfc5cggay9pw7bxjzyxpcniks9b2s3y1rxwk15xi";
sha256 = "09qqfnj809dpwar9ijm3ic5cv4019hsnvh2h6sfpdqp1smf9igxs";
};
# when building on darwin we need dawin.cctools to provide the correct libtool

6
pkgs/applications/blockchains/lnd/default.nix
View file

@ -6,16 +6,16 @@
buildGoModule rec {
pname = "lnd";
version = "0.14.3-beta";
version = "0.15.0-beta";
src = fetchFromGitHub {
owner = "lightningnetwork";
repo = "lnd";
rev = "v${version}";
sha256 = "sha256-ZTvGFmjhQBIWqMGatMAlX59uVyl1oUKo7L5jiz571Gc";
sha256 = "sha256-v8nLsnd6dus+og75U9VIO1K5IuyNh+VYdQfbfbYeox0=";
};
vendorSha256 = "sha256-shDmJcEyobY7Ih1MHMEY2GQnzAffsH/y4J1bme/bT7I=";
vendorSha256 = "sha256-fx3WsyLyES+ezJGDe3SjFTeGlPMmqKEtWlYGkWpxODc=";
subPackages = [ "cmd/lncli" "cmd/lnd" ];

2
pkgs/applications/blockchains/lndconnect/default.nix
View file

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub, testVersion, lndconnect }:
{ lib, buildGoModule, fetchFromGitHub, lndconnect }:
buildGoModule rec {
pname = "lndconnect";
version = "0.2.1";

12
pkgs/applications/editors/vim/plugins/generated.nix
View file

@ -6516,6 +6516,18 @@ final: prev:
meta.homepage = "https://github.com/vmware-archive/salt-vim/";
};
satellite-nvim = buildVimPluginFrom2Nix {
pname = "satellite.nvim";
version = "2022-06-26";
src = fetchFromGitHub {
owner = "lewis6991";
repo = "satellite.nvim";
rev = "320e3c54b507486e3ed0c9dacc656fdf54b40057";
sha256 = "1qkx0mcrmqgvpx9gmncblkm7km4ap3hvkcp65dqc9nn2h4w63hvy";
};
meta.homepage = "https://github.com/lewis6991/satellite.nvim/";
};
scrollbar-nvim = buildVimPluginFrom2Nix {
pname = "scrollbar.nvim";
version = "2022-06-16";

1
pkgs/applications/editors/vim/plugins/vim-plugin-names
View file

@ -547,6 +547,7 @@ https://github.com/simrat39/rust-tools.nvim/,,
https://github.com/rust-lang/rust.vim/,,
https://github.com/hauleth/sad.vim/,,
https://github.com/vmware-archive/salt-vim/,,
https://github.com/lewis6991/satellite.nvim/,HEAD,
https://github.com/Xuyuanp/scrollbar.nvim/,,
https://github.com/cakebaker/scss-syntax.vim/,,
https://github.com/RobertAudi/securemodelines/,,

32
pkgs/applications/editors/vscode/extensions/default.nix
View file

@ -30,6 +30,18 @@ let
#
baseExtensions = self: lib.mapAttrs (_n: lib.recurseIntoAttrs)
{
_1Password.op-vscode = buildVscodeMarketplaceExtension {
mktplcRef = {
publisher = "1Password";
name = "op-vscode";
version = "1.0.0";
sha256 = "sha256-ZeKTP3WKjyuR/ryBdJRHXJT+l2gbY4QnWNTsN9+4nOA=";
};
meta = {
license = lib.licenses.mit;
};
};
_4ops.terraform = buildVscodeMarketplaceExtension {
mktplcRef = {
publisher = "4ops";
@ -269,8 +281,8 @@ let
mktplcRef = {
name = "vscode-neovim";
publisher = "asvetliakov";
version = "0.0.83";
sha256 = "1giybf12p0h0fm950w9bwvzdk77771zfkylrqs9h0lhbdzr92qbl";
version = "0.0.86";
sha256 = "sha256-XZd2xTcTqT6LytVwN+CybaFT71nwdobgZQQddMFdjU4=";
};
meta = {
license = lib.licenses.mit;
@ -443,6 +455,18 @@ let
};
};
bierner.markdown-mermaid = buildVscodeMarketplaceExtension {
mktplcRef = {
name = "markdown-mermaid";
publisher = "bierner";
version = "1.14.2";
sha256 = "RZyAY2d3imnLhm1mLur+wTx/quxrNWYR9PCjC+co1FE=";
};
meta = with lib; {
license = licenses.mit;
};
};
bradlc.vscode-tailwindcss = buildVscodeMarketplaceExtension {
mktplcRef = {
name = "vscode-tailwindcss";
@ -739,8 +763,8 @@ let
mktplcRef = {
name = "theme-dracula";
publisher = "dracula-theme";
version = "2.22.3";
sha256 = "0wni9sriin54ci8rly2s68lkfx8rj1cys6mgcizvps9sam6377w6";
version = "2.24.2";
sha256 = "sha256-YNqWEIvlEI29mfPxOQVdd4db9G2qNodhz8B0MCAAWK8=";
};
meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/dracula-theme.theme-dracula/changelog";

4
pkgs/applications/graphics/mcomix/default.nix
View file

@ -5,7 +5,7 @@
, gtk3
, mcomix
, python3
, testVersion
, testers
, wrapGAppsHook
# Recommended Dependencies:
@ -46,7 +46,7 @@ python3.pkgs.buildPythonApplication rec {
)
'';
passthru.tests.version = testVersion {
passthru.tests.version = testers.testVersion {
package = mcomix;
};

2
pkgs/applications/graphics/sane/backends/default.nix
View file

@ -83,7 +83,7 @@ stdenv.mkDerivation {
in ''
mkdir -p $out/etc/udev/rules.d/
./tools/sane-desc -m udev > $out/etc/udev/rules.d/49-libsane.rules || \
./tools/sane-desc -m udev+hwdb -s doc/descriptions:doc/descriptions-external > $out/etc/udev/rules.d/49-libsane.rules || \
cp tools/udev/libsane.rules $out/etc/udev/rules.d/49-libsane.rules
# the created 49-libsane references /bin/sh
substituteInPlace $out/etc/udev/rules.d/49-libsane.rules \

6
pkgs/applications/misc/dbeaver/default.nix
View file

@ -23,16 +23,16 @@
inherit maven; # use overridden maven version (see dbeaver's entry in all-packages.nix)
}) rec {
pname = "dbeaver";
version = "22.1.0"; # When updating also update mvnSha256
version = "22.1.1"; # When updating also update mvnSha256
src = fetchFromGitHub {
owner = "dbeaver";
repo = "dbeaver";
rev = version;
sha256 = "sha256-gMs9q0+Yy/2l8TEG9vIuzv0qOh7QwawwlXKr3/Mz8wk=";
sha256 = "sha256-+MFULieuwfvuAP0HjJ+C0hb/uqhHtnP/nOoIfWwjtoI=";
};
mvnSha256 = "veclFlzLhTU+nT360qxRNut+yEi2dfTBxdQASyRMqhI=";
mvnSha256 = "pSZL+GDSXSm+sLymlSlq2ZIRdYJY1B3PCmCpjtosdGY=";
mvnParameters = "-P desktop,all-platforms";
nativeBuildInputs = [

4
pkgs/applications/networking/appgate-sdp/default.nix
View file

@ -87,11 +87,11 @@ let
in
stdenv.mkDerivation rec {
pname = "appgate-sdp";
version = "5.5.4";
version = "5.5.5";
src = fetchurl {
url = "https://bin.appgate-sdp.com/${versions.majorMinor version}/client/appgate-sdp_${version}_amd64.deb";
sha256 = "sha256-7qfgUYD7uPb+ZEierREVfnHoGz0/b/J+hcsX/duDFWU=";
sha256 = "sha256-eXcGHd3TGNFqjFQ+wSg4+1hF/6DJTPOs0ldjegFktGo=";
};
# just patch interpreter

18
pkgs/applications/networking/browsers/chromium/upstream-info.json
View file

@ -19,22 +19,22 @@
}
},
"beta": {
"version": "103.0.5060.53",
"sha256": "00di0nw6h3kb0qp2wp3ny3zsar1ayn1lyx5zr28dl1h5cwaaxjqf",
"sha256bin64": "01vzhhnngr6a7mm1y25ax8vhph6dl948fvkyhdhb9m4j5l4lcqj4",
"version": "104.0.5112.20",
"sha256": "0adzdk3m2l4pjlk82sqavwgxf6a5darbiwchmlrsxc58p9xxag4s",
"sha256bin64": "1cm5k4gpxc0dn0vdqf3qwwf36pc77va9pnci84zcpaxx0jih7l9b",
"deps": {
"gn": {
"version": "2022-05-11",
"version": "2022-06-08",
"url": "https://gn.googlesource.com/gn",
"rev": "578a7fe4c3c6b0bc2ae1fd2e37f14857d09895bf",
"sha256": "03dqfrdpf5xxl64dby3qmbwpzdq2gsa8g7xl438py3a629rgxg63"
"rev": "2ecd43a10266bd091c98e6dcde507c64f6a0dad3",
"sha256": "1q06vsz9b4bb764wy1wy8n177z2pgpm97kq3rl1hmq185mz5fhra"
}
}
},
"dev": {
"version": "104.0.5112.12",
"sha256": "040xi7cwgxi1hahv8is088gma2cyz8xhsb62jfq5ahzjx2d93qp9",
"sha256bin64": "1av8wn3x7m9gixh8s0mv8w0hxlk80dh7y7x3fska5fjplf4x94ij",
"version": "104.0.5112.20",
"sha256": "0adzdk3m2l4pjlk82sqavwgxf6a5darbiwchmlrsxc58p9xxag4s",
"sha256bin64": "13p2w4wwd8ji5ydgz4x7w2q4rmn74w3z2fl999q7zaq1cra21pzd",
"deps": {
"gn": {
"version": "2022-06-08",

786
pkgs/applications/networking/browsers/firefox-bin/beta_sources.nix
View file

File diff suppressed because it is too large Load diff

786
pkgs/applications/networking/browsers/firefox-bin/devedition_sources.nix
View file

File diff suppressed because it is too large Load diff

786
pkgs/applications/networking/browsers/firefox-bin/release_sources.nix
View file

File diff suppressed because it is too large Load diff

36
pkgs/applications/networking/browsers/firefox/packages.nix
View file

@ -3,10 +3,10 @@
rec {
firefox = buildMozillaMach rec {
pname = "firefox";
version = "101.0.1";
version = "102.0";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
sha512 = "435a7f6013582933e75c41e554a45beda30b5affd7d3ed7d2876026609ba7f17b2c20b507d9d0c9ce2379e335ec09b021257ba30ac55fabf02dca54b03ea70b4";
sha512 = "c7dd6d8d74c46573b16d097a5e5d230669e5778cd680b3b6f30510e989d21543138ced3bb013998b76614aa380b28efd8542450c591d8b724e03bd163d012057";
};
meta = {
@ -26,13 +26,39 @@ rec {
};
};
firefox-esr-91 = buildMozillaMach rec {
firefox-esr-102 = buildMozillaMach rec {
pname = "firefox-esr";
version = "91.10.0esr";
version = "102.0esr";
applicationName = "Mozilla Firefox ESR";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
sha512 = "8344b829d7bd86250afdd4cb582e27ed5705b3ef48aec50b9a39abc17deba86c9fd721f4667f5c2155e3d7cd1d6e1f82ff8e218ced3a16a4e06bb414ee0690f8";
sha512 = "76494363ffdbd33b61912ac72b5cc15450e4b2936898c84fcf3980ccfa6d7ecc05524a63a60827d6caba999ada5cfd6f121e893ba0587778ce11654d0daf21d7";
};
meta = {
description = "A web browser built from Firefox Extended Support Release source tree";
homepage = "http://www.mozilla.com/en-US/firefox/";
maintainers = with lib.maintainers; [ hexa ];
platforms = lib.platforms.unix;
badPlatforms = lib.platforms.darwin;
broken = stdenv.buildPlatform.is32bit; # since Firefox 60, build on 32-bit platforms fails with "out of memory".
# not in `badPlatforms` because cross-compilation on 64-bit machine might work.
license = lib.licenses.mpl20;
};
tests = [ nixosTests.firefox-esr-102 ];
updateScript = callPackage ./update.nix {
attrPath = "firefox-esr-102-unwrapped";
versionSuffix = "esr";
};
};
firefox-esr-91 = buildMozillaMach rec {
pname = "firefox-esr";
version = "91.11.0esr";
applicationName = "Mozilla Firefox ESR";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
sha512 = "bff3a399c03bd1cdaaec0b6963b1558aa35b6338b6c02042ffd65fec0aedd344d01718692e881332f5f352c32da15ba09a20a09ee072200b47ae840bc0585a96";
};
meta = {

11
pkgs/applications/networking/cluster/cilium/default.nix
View file

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub }:
{ lib, buildGoModule, fetchFromGitHub, installShellFiles }:
buildGoModule rec {
pname = "cilium-cli";
@ -20,7 +20,6 @@ buildGoModule rec {
"-X github.com/cilium/cilium-cli/internal/cli/cmd.Version=${version}"
];
# Required to workaround install check error:
# 2022/06/25 10:36:22 Unable to start gops: mkdir /homeless-shelter: permission denied
HOME = "$TMPDIR";
@ -30,6 +29,14 @@ buildGoModule rec {
$out/bin/cilium version | grep ${version} > /dev/null
'';
nativeBuildInputs = [ installShellFiles ];
postInstall = ''
installShellCompletion --cmd cilium \
--bash <($out/bin/cilium completion bash) \
--fish <($out/bin/cilium completion fish) \
--zsh <($out/bin/cilium completion zsh)
'';
meta = with lib; {
description = "CLI to install, manage & troubleshoot Kubernetes clusters running Cilium";
license = licenses.asl20;

31
pkgs/applications/networking/cluster/hubble/default.nix
View file

@ -1,8 +1,8 @@
{ stdenv, lib, buildGoModule, fetchFromGitHub }:
{ stdenv, lib, buildGoModule, fetchFromGitHub, installShellFiles }:
buildGoModule rec {
pname = "hubble";
version = "0.9.0";
version = "0.10.0";
src = fetchFromGitHub {
owner = "cilium";
@ -13,11 +13,36 @@ buildGoModule rec {
vendorSha256 = null;
ldflags = [
"-s" "-w"
"-X github.com/cilium/hubble/pkg.GitBranch=none"
"-X github.com/cilium/hubble/pkg.GitHash=none"
"-X github.com/cilium/hubble/pkg.Version=${version}"
];
# Test fails at Test_getFlowsRequestWithInvalidRawFilters in github.com/cilium/hubble/cmd/observe
# https://github.com/NixOS/nixpkgs/issues/178976
# https://github.com/cilium/hubble/pull/656
# https://github.com/cilium/hubble/pull/655
doCheck = false;
doInstallCheck = true;
installCheckPhase = ''
$out/bin/hubble version | grep ${version} > /dev/null
'';
nativeBuildInputs = [ installShellFiles ];
postInstall = ''
installShellCompletion --cmd hubble \
--bash <($out/bin/hubble completion bash) \
--fish <($out/bin/hubble completion fish) \
--zsh <($out/bin/hubble completion zsh)
'';
meta = with lib; {
broken = (stdenv.isLinux && stdenv.isAarch64) || stdenv.isDarwin;
description = "Network, Service & Security Observability for Kubernetes using eBPF";
license = licenses.asl20;
homepage = "https://github.com/cilium/hubble/";
maintainers = with maintainers; [ humancalico ];
maintainers = with maintainers; [ humancalico bryanasdev000 ];
};
}

4
pkgs/applications/networking/cluster/roxctl/default.nix
View file

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub, installShellFiles, testVersion, roxctl }:
{ lib, buildGoModule, fetchFromGitHub, installShellFiles, testers, roxctl }:
buildGoModule rec {
pname = "roxctl";
@ -30,7 +30,7 @@ buildGoModule rec {
--zsh <($out/bin/roxctl completion zsh)
'';
passthru.tests.version = testVersion {
passthru.tests.version = testers.testVersion {
package = roxctl;
command = "roxctl version";
};

10
pkgs/applications/networking/cluster/terraform-providers/default.nix
View file

@ -1,4 +1,5 @@
{ lib
, stdenv
, buildGoModule
, buildGo118Module
, fetchFromGitHub
@ -59,6 +60,15 @@ let
special-providers =
{
brightbox = automated-providers.brightbox.override { mkProviderGoModule = buildGo118Module; };
# remove with >= 1.6.0
# https://github.com/equinix/terraform-provider-equinix/commit/5b4d6415d23dc2ee56988c4b1458fbb51c8cc750
equinix = automated-providers.equinix.overrideAttrs (a: {
src = a.src.overrideAttrs (a: {
postFetch = (a.postFetch or "") + lib.optionalString (!stdenv.isDarwin) ''
rm $out/cmd/migration-tool/README.md
'';
});
});
# mkisofs needed to create ISOs holding cloud-init data,
# and wrapped to terraform via deecb4c1aab780047d79978c636eeb879dd68630
libvirt = automated-providers.libvirt.overrideAttrs (_: { propagatedBuildInputs = [ cdrtools ]; });

191
pkgs/applications/networking/cluster/terraform-providers/providers.json
View file

@ -30,10 +30,10 @@
"owner": "aiven",
"provider-source-address": "registry.terraform.io/aiven/aiven",
"repo": "terraform-provider-aiven",
"rev": "v3.1.0",
"sha256": "sha256-or9zftygo0W0bcw2FZl9S8dp4K8enlC5MYrrqgB2IUs=",
"rev": "v3.2.0",
"sha256": "sha256-kKKln180j3b1AkuXdjSwboa3T5nLQeZtbOn6jB7i4nw=",
"vendorSha256": "sha256-k6pKet1YdQYCyFICw67nKI3RGNZ4b+zA+T9jpa2ZLFM=",
"version": "3.1.0"
"version": "3.2.0"
},
"akamai": {
"owner": "akamai",
@ -49,10 +49,10 @@
"owner": "aliyun",
"provider-source-address": "registry.terraform.io/aliyun/alicloud",
"repo": "terraform-provider-alicloud",
"rev": "v1.172.0",
"sha256": "sha256-EtZXUJe3tl4ySOMXWZQPvBF2UrhlK2+RqWFhlUHBl+E=",
"vendorSha256": "sha256-xu1m/wE67gXYKc3sIkDpQGovs/LKfUVI+vl6V0Uc4FE=",
"version": "1.172.0"
"rev": "v1.173.0",
"sha256": "sha256-jLjliUWCpxoawwCl61qHXNzareuF7qCkjSdeQgj6IsE=",
"vendorSha256": "sha256-6FiVXy/q3WImYDbwvj9e3ns9gilaL6GBW5qCpaUNCW0=",
"version": "1.173.0"
},
"ansible": {
"owner": "nbering",
@ -76,10 +76,10 @@
"owner": "auth0",
"provider-source-address": "registry.terraform.io/auth0/auth0",
"repo": "terraform-provider-auth0",
"rev": "v0.30.3",
"sha256": "sha256-mtf5gsY7ZVkok6zUTRFgdlRRUnTSeej36aAABfo7NyA=",
"vendorSha256": "sha256-ZN7P9PD8MqThtc6x/Lm4Yeb7ciPVWpFP4zDo0gQHYTo=",
"version": "0.30.3"
"rev": "v0.31.0",
"sha256": "sha256-Huv+eL/5RiI2A1X8RLU9LbIWMjb5yuuslV4CaP/kFiQ=",
"vendorSha256": "sha256-kTR8kSirqhY1GdKLzeFIPt6QNJ4wq2ESUT5ShQUhvRI=",
"version": "0.31.0"
},
"avi": {
"owner": "vmware",
@ -103,28 +103,28 @@
"owner": "hashicorp",
"provider-source-address": "registry.terraform.io/hashicorp/aws",
"repo": "terraform-provider-aws",
"rev": "v4.19.0",
"sha256": "sha256-0pgCGv6a+/cBBInISM8Lmfapz+FIPwxAaqd+Rd6jax0=",
"vendorSha256": "sha256-n3iXCX87bu5rETz18GgUdIcy1NH+OTuA4ff56yE7kNg=",
"version": "4.19.0"
"rev": "v4.20.1",
"sha256": "sha256-k6JcwtTUfmZrfiFfacEPTXdtCbnjBrivNQp1dDzXFfM=",
"vendorSha256": "sha256-pKCIL1GD+oA+DVx24Xr07dFnhUcxT/TdASx0sCPWWIQ=",
"version": "4.20.1"
},
"azuread": {
"owner": "hashicorp",
"provider-source-address": "registry.terraform.io/hashicorp/azuread",
"repo": "terraform-provider-azuread",
"rev": "v2.24.0",
"sha256": "sha256-obaS2MzLTeIKskGRz8CanRgWzSKTaiK09xxc0kdMDeQ=",
"rev": "v2.25.0",
"sha256": "sha256-+9h9rdbnqIul+V/fhrsNEq/cX24i05i2LBqIk6g9mRE=",
"vendorSha256": null,
"version": "2.24.0"
"version": "2.25.0"
},
"azurerm": {
"owner": "hashicorp",
"provider-source-address": "registry.terraform.io/hashicorp/azurerm",
"repo": "terraform-provider-azurerm",
"rev": "v3.10.0",
"sha256": "sha256-2xRSHKHC8ypleatXt6cYtZtDMxCSlcDh5lfNmyBb3/4=",
"rev": "v3.11.0",
"sha256": "sha256-81Z+z9h1X8OPkLSZlVwQqhy2gkdYc0DfXs5k8W7wO+k=",
"vendorSha256": null,
"version": "3.10.0"
"version": "3.11.0"
},
"azurestack": {
"owner": "hashicorp",
@ -185,20 +185,20 @@
"owner": "checkly",
"provider-source-address": "registry.terraform.io/checkly/checkly",
"repo": "terraform-provider-checkly",
"rev": "v1.4.3",
"sha256": "sha256-5VF1cAFgdm2TR4wvuNlycpgQuVdHesFYnTv34MeauxY=",
"vendorSha256": "sha256-7X2cS5Erf373zu8xqe2KBSz52ZmZOnAlNC8lq2/LXV4=",
"version": "1.4.3"
"rev": "v1.6.0",
"sha256": "sha256-zmA6fVpXW4HOJaZzmv5K6cbmO2vM3yGWsa9TSYY4obY=",
"vendorSha256": "sha256-VnYRDBneQ+bUzISJM9DJdBEBmjA1WOXPo+kaYBW4w4U=",
"version": "1.6.0"
},
"checkpoint": {
"deleteVendor": true,
"owner": "CheckPointSW",
"provider-source-address": "registry.terraform.io/CheckPointSW/checkpoint",
"repo": "terraform-provider-checkpoint",
"rev": "v1.9.1",
"sha256": "sha256-5fyOw4Pu5a+kju4/RXKYZY0TBJ+6PVDwi/VjBWYCPHs=",
"vendorSha256": "sha256-LCKISUjXguV+T/rxde+++JzJZnVQisgxoUMRkeAusyQ=",
"version": "1.9.1"
"rev": "v2.0.0",
"sha256": "sha256-z/mB20gQmglr0usVrzhqxR3v9vhoRHXNJ57j8fqNREM=",
"vendorSha256": "sha256-rb/X9C8eS9QH88FwuvfvDkGdrjZOTiI9nmcYqydOhdc=",
"version": "2.0.0"
},
"ciscoasa": {
"owner": "CiscoDevNet",
@ -340,19 +340,19 @@
"owner": "kreuzwerker",
"provider-source-address": "registry.terraform.io/kreuzwerker/docker",
"repo": "terraform-provider-docker",
"rev": "v2.16.0",
"sha256": "sha256-VXKIj7bvhnDMR+DE+5WmJ5SlMDiZIiB+++wbnag6Ai4=",
"vendorSha256": "sha256-9QKHd9rarChp3NN8dY37ldE95OO4pWh5F4Yx5/Ssbno=",
"version": "2.16.0"
"rev": "v2.17.0",
"sha256": "sha256-V+FuDhgih/hTpyuT13INY5vWIaNS/7Z8RlK15mR+CnE=",
"vendorSha256": "sha256-nTulwft8xfpE83ZLJvG7xllQJIqd2M0zzbqpfD3/Mno=",
"version": "2.17.0"
},
"dome9": {
"owner": "dome9",
"provider-source-address": "registry.terraform.io/dome9/dome9",
"repo": "terraform-provider-dome9",
"rev": "v1.26.0",
"sha256": "sha256-Edgtt+q1SPm/7wOIWUhe91lluXezNHfxUBu+h1NlEL4=",
"rev": "v1.27.1",
"sha256": "sha256-VmobLWMjHH+GzxUk0bnIr4dWkuH8D00U7VrN9eApF5c=",
"vendorSha256": null,
"version": "1.26.0"
"version": "1.27.1"
},
"elasticsearch": {
"owner": "phillbaker",
@ -363,14 +363,23 @@
"vendorSha256": "sha256-oVTanZpCWs05HwyIKW2ajiBPz1HXOFzBAt5Us+EtTRw=",
"version": "2.0.2"
},
"equinix": {
"owner": "equinix",
"provider-source-address": "registry.terraform.io/equinix/equinix",
"repo": "terraform-provider-equinix",
"rev": "v1.5.0",
"sha256": "sha256-+NrEP5x9/ymNb2qSdMyHNu7rjUtYxDT5Nv70vMxfTJw=",
"vendorSha256": "sha256-5MSZ4Mw6P5cI+COOq5SLTXqaVTr+zOix+w983rgcS+g=",
"version": "1.5.0"
},
"exoscale": {
"owner": "exoscale",
"provider-source-address": "registry.terraform.io/exoscale/exoscale",
"repo": "terraform-provider-exoscale",
"rev": "v0.37.1",
"sha256": "sha256-PNm/As+N6+kB79J0lEaQM9LyybCwaRipG/eZCjTPMFY=",
"rev": "v0.38.0",
"sha256": "sha256-TVJlfce5bF5Z64FOPKqb0ac+NtjzeHsid+Q7vWIINuk=",
"vendorSha256": null,
"version": "0.37.1"
"version": "0.38.0"
},
"external": {
"owner": "hashicorp",
@ -440,20 +449,20 @@
"provider-source-address": "registry.terraform.io/hashicorp/google",
"proxyVendor": true,
"repo": "terraform-provider-google",
"rev": "v4.25.0",
"sha256": "sha256-5tgQpiWjMC+Xh5SPGrTqZVW3GDrlRKTc7K5XMHT6uRA=",
"rev": "v4.26.0",
"sha256": "sha256-iCHhOuHEvynBUFKrKapzg7Jc673TiczG6zttgrABUEs=",
"vendorSha256": "sha256-uwyl79TGrnFOxJLBTJ5LaAZLZdb/VbS7IW4jQ2A5xQM=",
"version": "4.25.0"
"version": "4.26.0"
},
"google-beta": {
"owner": "hashicorp",
"provider-source-address": "registry.terraform.io/hashicorp/google-beta",
"proxyVendor": true,
"repo": "terraform-provider-google-beta",
"rev": "v4.25.0",
"sha256": "sha256-vIuZNjrgLGAF8szY0b9KeB1GoIDtlVLbnE5+IUXmccg=",
"rev": "v4.26.0",
"sha256": "sha256-udk+LtpMe4M4SoMpac06knOY6t5hFFa1yze9THTa5hQ=",
"vendorSha256": "sha256-uwyl79TGrnFOxJLBTJ5LaAZLZdb/VbS7IW4jQ2A5xQM=",
"version": "4.25.0"
"version": "4.26.0"
},
"googleworkspace": {
"owner": "hashicorp",
@ -504,10 +513,10 @@
"owner": "heroku",
"provider-source-address": "registry.terraform.io/heroku/heroku",
"repo": "terraform-provider-heroku",
"rev": "v5.0.2",
"sha256": "sha256-HzbqqIr2RjarjuIw+9p8JqGRDbPRDfq2OLLztJLCLoM=",
"vendorSha256": "sha256-HrsjhaMlzs+uel5tBlxJD69Kkjl+4qVisWWREANBx40=",
"version": "5.0.2"
"rev": "v5.1.0",
"sha256": "sha256-MMX8zaM3J2GxMXUX0YNX03V8uQzb67cIUF432tjm3Mw=",
"vendorSha256": null,
"version": "5.1.0"
},
"hetznerdns": {
"owner": "timohirt",
@ -612,10 +621,10 @@
"owner": "mrparkers",
"provider-source-address": "registry.terraform.io/mrparkers/keycloak",
"repo": "terraform-provider-keycloak",
"rev": "v3.8.1",
"sha256": "sha256-++yoMIn6K4VwAGyRVe/MUjMU46gBeHjIRF2nrXktC7E=",
"rev": "v3.9.0",
"sha256": "sha256-MdsOZptj46RuvLK6wZJL3va8kMSzqxaS4wGEUpgky7Q=",
"vendorSha256": "sha256-8x0MlwAzeA2O6wXXHSk++K0ePmzE9/2lfo2ID83LzRM=",
"version": "3.8.1"
"version": "3.9.0"
},
"ksyun": {
"owner": "kingsoftcloud",
@ -783,10 +792,10 @@
"owner": "newrelic",
"provider-source-address": "registry.terraform.io/newrelic/newrelic",
"repo": "terraform-provider-newrelic",
"rev": "v2.47.1",
"sha256": "sha256-iC4N8o+VJ5/TFGBO8O+SONMZVjHxZ+4+7ZuDDnAtZC4=",
"vendorSha256": "sha256-sMH/sdrMxIw/2jzUcYL9WwVNUsn12K+gPMR68zpXYIA=",
"version": "2.47.1"
"rev": "v2.48.0",
"sha256": "sha256-p1y09f/apsqCn9d5Hrh3L09zya8ebAsy+KCojfsW43w=",
"vendorSha256": "sha256-/BWmesMF5zzzMi+7IJviMbXOhAfpn9HDg9i+9tLs2ds=",
"version": "2.48.0"
},
"nomad": {
"owner": "hashicorp",
@ -810,10 +819,10 @@
"owner": "vmware",
"provider-source-address": "registry.terraform.io/vmware/nsxt",
"repo": "terraform-provider-nsxt",
"rev": "v3.2.7",
"sha256": "sha256-Og/U9bmaZIN7b/JcMnNkt6c3/H+toe4dFYNaQYfxLPM=",
"rev": "v3.2.8",
"sha256": "sha256-oXcT1VmwC9a+U0vM5O9y2As2PbzPr95LrUB6KlFKcMc=",
"vendorSha256": null,
"version": "3.2.7"
"version": "3.2.8"
},
"null": {
"owner": "hashicorp",
@ -838,10 +847,10 @@
"owner": "oracle",
"provider-source-address": "registry.terraform.io/oracle/oci",
"repo": "terraform-provider-oci",
"rev": "v4.80.1",
"sha256": "sha256-suvtUABb+bLPAyMfS3btwVA4HVZofqKV1Lr/5RczBbw=",
"rev": "v4.81.0",
"sha256": "sha256-KuEF4VAMKd1IbtUbyDSIzKhk0qTSp/pJiGE5lBI/TFE=",
"vendorSha256": null,
"version": "4.80.1"
"version": "4.81.0"
},
"okta": {
"owner": "okta",
@ -883,10 +892,10 @@
"owner": "opentelekomcloud",
"provider-source-address": "registry.terraform.io/opentelekomcloud/opentelekomcloud",
"repo": "terraform-provider-opentelekomcloud",
"rev": "v1.29.6",
"sha256": "sha256-zhYmwTJ80+w7H7DJxPjMMtLTsHCEhW9G9x5sMz5IRkM=",
"vendorSha256": "sha256-SE6ty/mLRo8nvxrPBW1cVhbxpiYDXr3cmjifF40RrmM=",
"version": "1.29.6"
"rev": "v1.29.7",
"sha256": "sha256-ZdxK143tjtE+pfuy0TxurdblZ2PO7jsYPyrQ1yJeClE=",
"vendorSha256": "sha256-1z5SaH6AoYkrMZVnNurZLmtvVRDNwTBwmQMX0KngKpA=",
"version": "1.29.7"
},
"opsgenie": {
"owner": "opsgenie",
@ -919,10 +928,10 @@
"owner": "PaloAltoNetworks",
"provider-source-address": "registry.terraform.io/PaloAltoNetworks/panos",
"repo": "terraform-provider-panos",
"rev": "v1.10.2",
"sha256": "sha256-da3ixmkg/xYr182cnAva6DqtCD5KTC3FkFHkvmMm9jA=",
"rev": "v1.10.3",
"sha256": "sha256-mscWNK113W7CVKI+qPGYX3irQI3YhkLdXox4pddOdF0=",
"vendorSha256": null,
"version": "1.10.2"
"version": "1.10.3"
},
"pass": {
"owner": "camptocamp",
@ -973,10 +982,10 @@
"owner": "hashicorp",
"provider-source-address": "registry.terraform.io/hashicorp/random",
"repo": "terraform-provider-random",
"rev": "v3.3.1",
"sha256": "sha256-hsNGJmhYrzQhQ0acidx3/dkNFRIabMfgvJsM2Uz+7cE=",
"vendorSha256": "sha256-73/tsfe5YoPTpEGUBvBV6jYGFjSNG9h3AY680tAzM7M=",
"version": "3.3.1"
"rev": "v3.3.2",
"sha256": "sha256-izTx/uxe/SAsWSlN5husEWK64c9ugdg8BS7lScnWSX4=",
"vendorSha256": "sha256-ofU1zZb/C2LFaRCt0NULi+9dQY02lKBlz3jV1/ZhfWU=",
"version": "3.3.2"
},
"remote": {
"owner": "tenstad",
@ -1000,10 +1009,10 @@
"owner": "scaleway",
"provider-source-address": "registry.terraform.io/scaleway/scaleway",
"repo": "terraform-provider-scaleway",
"rev": "v2.2.1",
"sha256": "sha256-a3tSxGTRYQeGfaJOR8z1Qd0SeuoiLwrEbdlw3B9gc2A=",
"vendorSha256": "sha256-D/pE1uEpkWIuICNJsuWVHfRNGPf73YliFxqODkl+4QY=",
"version": "2.2.1"
"rev": "v2.2.2",
"sha256": "sha256-uSJga2M+9unC8eJkUjhuCQbTTGXEYGky4MJyVL0ZfiQ=",
"vendorSha256": "sha256-DOL38q5463aOMijP6AbBuE7jI7hvLYLm8yCBxrr6DoA=",
"version": "2.2.2"
},
"secret": {
"owner": "numtide",
@ -1027,10 +1036,10 @@
"owner": "jianyuan",
"provider-source-address": "registry.terraform.io/jianyuan/sentry",
"repo": "terraform-provider-sentry",
"rev": "v0.8.0",
"sha256": "sha256-3PTM3GOImwO/yqzR6tOuwU0f+74DfK4RQSBY0vmH3qs=",
"vendorSha256": "sha256-naMuvrVIJp82NIFoR1oEEN6cZFqG4craDh8YU3+NSf0=",
"version": "0.8.0"
"rev": "v0.9.0",
"sha256": "sha256-n+ca1+YKObcdq5h4Sn9tBLg1vpBooBB/pGJxaW4l3k0=",
"vendorSha256": "sha256-hYoLGMI8NGpHW3tsNt6EO1nJrmfeFLuDQ79bkXf7DmQ=",
"version": "0.9.0"
},
"shell": {
"owner": "scottwinkler",
@ -1081,10 +1090,10 @@
"owner": "spotinst",
"provider-source-address": "registry.terraform.io/spotinst/spotinst",
"repo": "terraform-provider-spotinst",
"rev": "v1.76.0",
"sha256": "sha256-+/OZw/wpeRHoK5XuwiI2qfbZSheoGd4PRy4TkdtV7yY=",
"rev": "v1.77.0",
"sha256": "sha256-qP6Hjo4ekEk105nQVwGLHR3LiQzUtEd68y45hppdoyY=",
"vendorSha256": "sha256-JaWR7TiU5J7HGWExENqo5lHysCzg4Q6XvpCYfekuAg8=",
"version": "1.76.0"
"version": "1.77.0"
},
"stackpath": {
"owner": "stackpath",
@ -1117,19 +1126,19 @@
"owner": "tencentcloudstack",
"provider-source-address": "registry.terraform.io/tencentcloudstack/tencentcloud",
"repo": "terraform-provider-tencentcloud",
"rev": "v1.73.3",
"sha256": "sha256-wb1OCD0WupHUSgQJSX1don8GPmqgTqKKap/8DpDasNQ=",
"rev": "v1.74.3",
"sha256": "sha256-iZrM4TJYqJQddpOrqx836O9Y4yA+VsY4iAA7K29CNNU=",
"vendorSha256": null,
"version": "1.73.3"
"version": "1.74.3"
},
"tfe": {
"owner": "hashicorp",
"provider-source-address": "registry.terraform.io/hashicorp/tfe",
"repo": "terraform-provider-tfe",
"rev": "v0.31.0",
"sha256": "sha256-BvA+1oCh8xB0XcXMGOmAEdi/lEwGdRed5vDEDVBUMhE=",
"vendorSha256": "sha256-7TFfIk+aPbl3CLuNdeJg1O2n3WlCuG5tsayCtbo77I0=",
"version": "0.31.0"
"rev": "v0.32.1",
"sha256": "sha256-7a2uc0f7+OFrbCvHJkKyeX7hXR63PpzpfNhUCWHqOxU=",
"vendorSha256": "sha256-V1nXhDwDMWJsbhPu9otXrOmtzVv0rjvL7CH/13AR5iw=",
"version": "0.32.1"
},
"thunder": {
"owner": "a10networks",

58
pkgs/applications/networking/instant-messengers/briar-desktop/default.nix Normal file
View file

@ -0,0 +1,58 @@
{ lib
, stdenv
, fetchzip
, openjdk
, makeWrapper
, tor
, p7zip
, bash
, writeScript
}:
let
briar-tor = writeScript "briar-tor" ''
#! ${bash}/bin/bash
exec ${tor}/bin/tor "$@"
'';
in
stdenv.mkDerivation rec {
pname = "briar-desktop";
version = "0.2.1-beta";
src = fetchzip {
url = "https://code.briarproject.org/briar/briar-desktop/-/jobs/18424/artifacts/download?file_type=archive";
sha256 = "sha256-ivMbgo0+iZE4/Iffq9HUBErGIQMVLrRZUQ6R3V3X8II=";
extension = "zip";
};
nativeBuildInputs = [
makeWrapper
p7zip
];
installPhase = ''
mkdir -p $out/{bin,lib}
cp ${src}/briar-desktop.jar $out/lib/
makeWrapper ${openjdk}/bin/java $out/bin/briar-desktop \
--add-flags "-jar $out/lib/briar-desktop.jar"
'';
fixupPhase = ''
# Replace the embedded Tor binary (which is in a Tar archive)
# with one from Nixpkgs.
cp ${briar-tor} ./tor
for arch in {aarch64,armhf,x86_64}; do
7z a tor_linux-$arch.zip tor
7z a $out/lib/briar-desktop.jar tor_linux-$arch.zip
done
'';
meta = with lib; {
description = "Decentalized and secure messnger";
homepage = "https://code.briarproject.org/briar/briar-desktop";
license = licenses.gpl3;
maintainers = with maintainers; [ onny ];
platforms = [ "x86_64-linux" "aarch64-linux" "armv7l-linux" ];
};
}

4
pkgs/applications/networking/instant-messengers/chatty/default.nix
View file

@ -29,7 +29,7 @@
stdenv.mkDerivation rec {
pname = "chatty";
version = "0.6.6";
version = "0.6.7";
src = fetchFromGitLab {
domain = "source.puri.sm";
@ -37,7 +37,7 @@ stdenv.mkDerivation rec {
repo = "chatty";
rev = "v${version}";
fetchSubmodules = true;
hash = "sha256-vwgXfoyZOCSMnRAB6bFSrtYlSrpMa9OOcmxYTqhU+lA=";
hash = "sha256-W4w/00mRgjfyQmLQ81/EAN+80qk7kDkBmMPJnOU+AIc=";
};
postPatch = ''

2
pkgs/applications/networking/instant-messengers/element/element-web.nix
View file

@ -8,6 +8,7 @@
, yarn
, fixup_yarn_lock
, nodejs
, jitsi-meet
, conf ? { }
}:
@ -65,6 +66,7 @@ mkYarnPackage rec {
runHook preInstall
cp -R webapp $out
cp ${jitsi-meet}/libs/external_api.min.js $out/jitsi_external_api.min.js
echo "${version}" > "$out/version"
jq -s '.[0] * .[1]' "config.sample.json" "${configOverrides}" > "$out/config.json"

16
pkgs/applications/networking/instant-messengers/teams/default.nix
View file

@ -58,7 +58,12 @@ let
];
preFixup = ''
gappsWrapperArgs+=(--prefix PATH : "${coreutils}/bin:${gawk}/bin")
gappsWrapperArgs+=(
--prefix PATH : "${coreutils}/bin:${gawk}/bin"
# fix for https://docs.microsoft.com/en-us/answers/questions/298724/open-teams-meeting-link-on-linux-doens39t-work.html?childToView=309406#comment-309406
--append-flags '--disable-namespace-sandbox --disable-setuid-sandbox'
)
'';
@ -119,15 +124,6 @@ let
echo "Adding runtime dependencies to RPATH of Node module $mod"
patchelf --set-rpath "$runtime_rpath:$mod_rpath" "$mod"
done;
# fix for https://docs.microsoft.com/en-us/answers/questions/298724/open-teams-meeting-link-on-linux-doens39t-work.html?childToView=309406#comment-309406
wrapped=$out/bin/.teams-old
mv "$out/bin/teams" "$wrapped"
cat > "$out/bin/teams" << EOF
#! ${runtimeShell}
exec $wrapped "\$@" --disable-namespace-sandbox --disable-setuid-sandbox
EOF
chmod +x "$out/bin/teams"
'';
};

6
pkgs/applications/networking/irc/weechat/scripts/weechat-matrix/default.nix
View file

@ -2,6 +2,7 @@
, lib
, python
, fetchFromGitHub
, fetchpatch
, pyopenssl
, webcolors
, future
@ -33,6 +34,11 @@ in buildPythonPackage {
hash = "sha256-o4kgneszVLENG167nWnk2FxM+PsMzi+PSyMUMIktZcc=";
};
patches = fetchpatch {
url = "https://patch-diff.githubusercontent.com/raw/poljar/weechat-matrix/pull/309.patch";
sha256 = "sha256-Grdht+TOFvCYRpL7uhPivqL7YzLoNVF3iQNHgbv1Te0=";
};
propagatedBuildInputs = [
pyopenssl
webcolors

4
pkgs/applications/office/gnucash/default.nix
View file

@ -26,12 +26,12 @@
stdenv.mkDerivation rec {
pname = "gnucash";
version = "4.10";
version = "4.11";
# raw source code doesn't work out of box; fetchFromGitHub not usable
src = fetchurl {
url = "https://github.com/Gnucash/gnucash/releases/download/${version}/${pname}-${version}.tar.bz2";
hash = "sha256-f9S7kZ9uOTiKtHv6Ea9vo/Wem5vWlcfU6SCK+Fy5yTs=";
hash = "sha256-+BTt4w174N7Ar7KujQNii5rjTISLaDEuTFre2UwQKxk=";
};
nativeBuildInputs = [

18
pkgs/applications/science/logic/coq/default.nix
View file

@ -41,15 +41,15 @@ let
"8.12.0".sha256 = "18dc7k0piv6v064zgdadpw6mkkxk7j663hb3svgj5236fihjr0cz";
"8.12.1".sha256 = "1rkcyjjrzcqw9xk93hsq0vvji4f8r5iq0f739mghk60bghkpnb7q";
"8.12.2".sha256 = "18gscfm039pqhq4msq01nraig5dm9ab98bjca94zldf8jvdv0x2n";
"8.13.0".sha256 = "0sjbqmz6qcvnz0hv87xha80qbhvmmyd675wyc5z4rgr34j2l1ymd";
"8.13.1".sha256 = "0xx2ns84mlip9bg2mkahy3pmc5zfcgrjxsviq9yijbzy1r95wf0n";
"8.13.2".sha256 = "1884vbmwmqwn9ngibax6dhnqh4cc02l0s2ajc6jb1xgr0i60whjk";
"8.14.0".sha256 = "04y2z0qyvag66zanfyc3f9agvmzbn4lsr0p1l7ck6yjhqx7vbm17";
"8.14.1".sha256 = "0sx78pgx0qw8v7v2r32zzy3l161zipzq95iacda628girim7psnl";
"8.15.0".sha256 = "sha256:1ma76wfrpfsl72yh10w1ys2a0vi0mdc2jc79kdc8nrmxkhpw1nxx";
"8.15.1".sha256 = "sha256:1dsa04jzkx5pw69pmxn0l55q4w88lg6fvz7clbga0bazzsfnsgd6";
"8.15.2".sha256 = "sha256:0gn8dz69scxnxaq6ycb3x34bjfk9wlp1y2xn8w69kg9fm4b6gkc7";
"8.16+rc1".sha256 = "sha256-dU+E0Mz7MVntbQIeG9I59ANBaHaXXSrjCRdoqZ5TO60=";
"8.13.0".sha256 = "1l2c63vskp8kiyxiyi5rpgbmnv67ysn3y4lybd6nj0li5llibifi";
"8.13.1".sha256 = "15drjcqhsgwqnv02bbidyhk316ypyhz1pxfz2gwsalci9svhkz0v";
"8.13.2".sha256 = "14d4alp35hngvga9m7cfp5d1nl62xdj0nm4811f2jjblk86gxxk4";
"8.14.0".sha256 = "0yxjx9kq9bfpk31dc1c6a0pz0827fz7jmrcwwd4n7dc07yi0arq8";
"8.14.1".sha256 = "0xdqiabgm4lrm6d7lw544zd8xwb1cdcavsxvwwlqq6yid2rl2yli";
"8.15.0".sha256 = "sha256:0q7jl3bn0d1v9cwdkxykw4frccww6wbh1p8hdrfqw489mkxmh5jh";
"8.15.1".sha256 = "sha256:1janvmnk3czimp0j5qmnfwx6509vhpjc2q7lcza1bc6dm6kn8n42";
"8.15.2".sha256 = "sha256:0qibbvzrhsvs6w3zpkhyclndp29jnr6bs9i5skjlpp431jdjjfqd";
"8.16+rc1".sha256 = "sha256-hmZQ6rFIOZJwnAh23nKScJ3Nn+xqDRn5q2Tn82igpYE=";
};
releaseRev = v: "V${v}";
fetched = import ../../../../build-support/coq/meta-fetch/default.nix

4
pkgs/applications/version-management/git-and-tools/gfold/default.nix
View file

@ -7,7 +7,7 @@
, rustPlatform
, Security
, stdenv
, testVersion
, testers
}:
let
@ -28,7 +28,7 @@ rustPlatform.buildRustPackage {
buildInputs = lib.optionals stdenv.isDarwin [ libiconv Security ];
passthru.tests.version = testVersion {
passthru.tests.version = testers.testVersion {
package = gfold;
command = "gfold --version";
inherit version;

27
pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
View file

@ -45,26 +45,15 @@ in stdenv.mkDerivation rec {
patchFlags = [ "-p1" "-d" "src/vboxguest-${version}" ];
unpackPhase = ''
${if stdenv.hostPlatform.system == "i686-linux" || stdenv.hostPlatform.system == "x86_64-linux" then ''
isoinfo -J -i $src -x /VBoxLinuxAdditions.run > ./VBoxLinuxAdditions.run
chmod 755 ./VBoxLinuxAdditions.run
# An overflow leads the is-there-enough-space check to fail when there's too much space available, so fake how much space there is
sed -i 's/\$leftspace/16383/' VBoxLinuxAdditions.run
./VBoxLinuxAdditions.run --noexec --keep
''
else throw ("Architecture: "+stdenv.hostPlatform.system+" not supported for VirtualBox guest additions")
}
isoinfo -J -i $src -x /VBoxLinuxAdditions.run > ./VBoxLinuxAdditions.run
chmod 755 ./VBoxLinuxAdditions.run
# An overflow leads the is-there-enough-space check to fail when there's too much space available, so fake how much space there is
sed -i 's/\$leftspace/16383/' VBoxLinuxAdditions.run
./VBoxLinuxAdditions.run --noexec --keep
# Unpack files
cd install
${if stdenv.hostPlatform.system == "i686-linux" then ''
tar xfvj VBoxGuestAdditions-x86.tar.bz2
''
else if stdenv.hostPlatform.system == "x86_64-linux" then ''
tar xfvj VBoxGuestAdditions-amd64.tar.bz2
''
else throw ("Architecture: "+stdenv.hostPlatform.system+" not supported for VirtualBox guest additions")
}
tar xfvj VBoxGuestAdditions-${if stdenv.hostPlatform.is32bit then "x86" else "amd64"}.tar.bz2
'';
buildPhase = ''
@ -158,7 +147,7 @@ in stdenv.mkDerivation rec {
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
license = "GPL";
maintainers = [ lib.maintainers.sander ];
platforms = lib.platforms.linux;
broken = kernel.kernelAtLeast "5.17";
platforms = [ "i686-linux" "x86_64-linux" ];
broken = kernel.kernelAtLeast (if stdenv.hostPlatform.is32bit then "5.10" else "5.17");
};
}

11
pkgs/build-support/cc-wrapper/add-clang-cc-cflags-before.sh Normal file
View file

@ -0,0 +1,11 @@
needsTarget=true
for p in "${params[@]}"; do
case "$p" in
-target | --target=*) needsTarget=false ;;
esac
done
if $needsTarget; then
extraBefore+=(-target @defaultTarget@)
fi

87
pkgs/build-support/cc-wrapper/cc-wrapper.sh
View file

@ -38,36 +38,23 @@ nParams=${#params[@]}
while (( "$n" < "$nParams" )); do
p=${params[n]}
p2=${params[n+1]:-} # handle `p` being last one
if [ "$p" = -c ]; then
dontLink=1
elif [ "$p" = -S ]; then
dontLink=1
elif [ "$p" = -E ]; then
dontLink=1
elif [ "$p" = -E ]; then
dontLink=1
elif [ "$p" = -M ]; then
dontLink=1
elif [ "$p" = -MM ]; then
dontLink=1
elif [[ "$p" = -x && "$p2" = *-header ]]; then
dontLink=1
elif [[ "$p" = -x && "$p2" = c++* && "$isCxx" = 0 ]]; then
isCxx=1
elif [ "$p" = -nostdlib ]; then
cxxLibrary=0
elif [ "$p" = -nostdinc ]; then
cInclude=0
cxxInclude=0
elif [ "$p" = -nostdinc++ ]; then
cxxInclude=0
elif [[ "$p" != -?* ]]; then
# A dash alone signifies standard input; it is not a flag
nonFlagArgs=1
elif [ "$p" = -cc1 ]; then
cc1=1
fi
n+=1
case "$p" in
-[cSEM] | -MM) dontLink=1 ;;
-cc1) cc1=1 ;;
-nostdinc) cInclude=0 cxxInclude=0 ;;
-nostdinc++) cxxInclude=0 ;;
-nostdlib) cxxLibrary=0 ;;
-x)
case "$p2" in
*-header) dontLink=1 ;;
c++*) isCxx=1 ;;
esac
;;
-?*) ;;
*) nonFlagArgs=1 ;; # Includes a solitary dash (`-`) which signifies standard input; it is not a flag
esac
done
# If we pass a flag like -Wl, then gcc will call the linker unless it
@ -81,29 +68,31 @@ fi
# Optionally filter out paths not refering to the store.
if [[ "${NIX_ENFORCE_PURITY:-}" = 1 && -n "$NIX_STORE" ]]; then
rest=()
kept=()
nParams=${#params[@]}
declare -i n=0
while (( "$n" < "$nParams" )); do
p=${params[n]}
p2=${params[n+1]:-} # handle `p` being last one
if [ "${p:0:3}" = -L/ ] && badPath "${p:2}"; then
skip "${p:2}"
elif [ "$p" = -L ] && badPath "$p2"; then
n+=1; skip "$p2"
elif [ "${p:0:3}" = -I/ ] && badPath "${p:2}"; then
skip "${p:2}"
elif [ "$p" = -I ] && badPath "$p2"; then
n+=1; skip "$p2"
elif [ "$p" = -isystem ] && badPath "$p2"; then
n+=1; skip "$p2"
else
rest+=("$p")
fi
n+=1
skipNext=false
path=""
case "$p" in
-[IL]/*) path=${p:2} ;;
-[IL] | -isystem) path=$p2 skipNext=true ;;
esac
if [[ -n $path ]] && badPath "$path"; then
skip "$path"
$skipNext && n+=1
continue
fi
kept+=("$p")
done
# Old bash empty array hack
params=(${rest+"${rest[@]}"})
params=(${kept+"${kept[@]}"})
fi
# Flirting with a layer violation here.
@ -118,17 +107,17 @@ fi
# Clear march/mtune=native -- they bring impurity.
if [ "$NIX_ENFORCE_NO_NATIVE_@suffixSalt@" = 1 ]; then
rest=()
kept=()
# Old bash empty array hack
for p in ${params+"${params[@]}"}; do
if [[ "$p" = -m*=native ]]; then
skip "$p"
else
rest+=("$p")
kept+=("$p")
fi
done
# Old bash empty array hack
params=(${rest+"${rest[@]}"})
params=(${kept+"${kept[@]}"})
fi
if [[ "$isCxx" = 1 ]]; then
@ -170,6 +159,10 @@ if [ "$dontLink" != 1 ]; then
export NIX_LINK_TYPE_@suffixSalt@=$linkType
fi
if [[ -e @out@/nix-support/add-local-cc-cflags-before.sh ]]; then
source @out@/nix-support/add-local-cc-cflags-before.sh
fi
# As a very special hack, if the arguments are just `-v', then don't
# add anything. This is to prevent `gcc -v' (which normally prints
# out the version number and returns exit code 0) from printing out

17
pkgs/build-support/cc-wrapper/default.nix
View file

@ -297,14 +297,6 @@ stdenv.mkDerivation {
fi
''
##
## General Clang support
##
+ optionalString isClang ''
echo "-target ${targetPlatform.config}" >> $out/nix-support/cc-cflags
''
##
## GCC libs for non-GCC support
##
@ -524,6 +516,15 @@ stdenv.mkDerivation {
substituteAll ${../wrapper-common/utils.bash} $out/nix-support/utils.bash
''
##
## General Clang support
## Needs to go after ^ because the for loop eats \n and makes this file an invalid script
##
+ optionalString isClang ''
export defaultTarget=${targetPlatform.config}
substituteAll ${./add-clang-cc-cflags-before.sh} $out/nix-support/add-local-cc-cflags-before.sh
''
##
## Extra custom steps
##

7
pkgs/build-support/fetchzip/default.nix
View file

@ -5,7 +5,7 @@
# (e.g. due to minor changes in the compression algorithm, or changes
# in timestamps).
{ lib, fetchurl, unzip }:
{ lib, fetchurl, unzip, glibcLocalesUtf8 }:
{ # Optionally move the contents of the unpacked tree up one level.
stripRoot ? true
@ -35,7 +35,10 @@ in {
downloadToTemp = true;
nativeBuildInputs = [ unzip ] ++ nativeBuildInputs;
# Have to pull in glibcLocalesUtf8 for unzip in setup-hook.sh to handle
# UTF-8 aware locale:
# https://github.com/NixOS/nixpkgs/issues/176225#issuecomment-1146617263
nativeBuildInputs = [ unzip glibcLocalesUtf8 ] ++ nativeBuildInputs;
postFetch =
''

64
pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh
View file

@ -15,17 +15,19 @@ assertExecutable() {
# makeWrapper EXECUTABLE OUT_PATH ARGS
# ARGS:
# --argv0 NAME : set the name of the executed process to NAME
# (if unset or empty, defaults to EXECUTABLE)
# --inherit-argv0 : the executable inherits argv0 from the wrapper.
# (use instead of --argv0 '$0')
# --set VAR VAL : add VAR with value VAL to the executable's environment
# --set-default VAR VAL : like --set, but only adds VAR if not already set in
# the environment
# --unset VAR : remove VAR from the environment
# --chdir DIR : change working directory (use instead of --run "cd DIR")
# --add-flags FLAGS : add FLAGS to invocation of executable
# TODO(@ncfavier): --append-flags
# --argv0 NAME : set the name of the executed process to NAME
# (if unset or empty, defaults to EXECUTABLE)
# --inherit-argv0 : the executable inherits argv0 from the wrapper.
# (use instead of --argv0 '$0')
# --set VAR VAL : add VAR with value VAL to the executable's environment
# --set-default VAR VAL : like --set, but only adds VAR if not already set in
# the environment
# --unset VAR : remove VAR from the environment
# --chdir DIR : change working directory (use instead of --run "cd DIR")
# --add-flags ARGS : prepend ARGS to the invocation of the executable
# (that is, *before* any arguments passed on the command line)
# --append-flags ARGS : append ARGS to the invocation of the executable
# (that is, *after* any arguments passed on the command line)
# --prefix ENV SEP VAL : suffix/prefix ENV with VAL, separated by SEP
# --suffix
@ -83,7 +85,7 @@ makeDocumentedCWrapper() {
# makeCWrapper EXECUTABLE ARGS
# ARGS: same as makeWrapper
makeCWrapper() {
local argv0 inherit_argv0 n params cmd main flagsBefore flags executable length
local argv0 inherit_argv0 n params cmd main flagsBefore flagsAfter flags executable length
local uses_prefix uses_suffix uses_assert uses_assert_success uses_stdio uses_asprintf
executable=$(escapeStringLiteral "$1")
params=("$@")
@ -150,6 +152,13 @@ makeCWrapper() {
n=$((n + 1))
[ $n -ge "$length" ] && main="$main#error makeCWrapper: $p takes 1 argument"$'\n'
;;
--append-flags)
flags="${params[n + 1]}"
flagsAfter="$flagsAfter $flags"
uses_assert=1
n=$((n + 1))
[ $n -ge "$length" ] && main="$main#error makeCWrapper: $p takes 1 argument"$'\n'
;;
--argv0)
argv0=$(escapeStringLiteral "${params[n + 1]}")
inherit_argv0=
@ -165,8 +174,7 @@ makeCWrapper() {
;;
esac
done
# shellcheck disable=SC2086
[ -z "$flagsBefore" ] || main="$main"${main:+$'\n'}$(addFlags $flagsBefore)$'\n'$'\n'
[[ -z "$flagsBefore" && -z "$flagsAfter" ]] || main="$main"${main:+$'\n'}$(addFlags "$flagsBefore" "$flagsAfter")$'\n'$'\n'
[ -z "$inherit_argv0" ] && main="${main}argv[0] = \"${argv0:-${executable}}\";"$'\n'
main="${main}return execv(\"${executable}\", argv);"$'\n'
@ -184,21 +192,25 @@ makeCWrapper() {
}
addFlags() {
local result n flag flags var
local n flag before after var
# shellcheck disable=SC2086
before=($1) after=($2)
var="argv_tmp"
flags=("$@")
for ((n = 0; n < ${#flags[*]}; n += 1)); do
flag=$(escapeStringLiteral "${flags[$n]}")
result="$result${var}[$((n+1))] = \"$flag\";"$'\n'
done
printf '%s\n' "char **$var = calloc($((n+1)) + argc, sizeof(*$var));"
printf '%s\n' "char **$var = calloc(${#before[@]} + argc + ${#after[@]} + 1, sizeof(*$var));"
printf '%s\n' "assert($var != NULL);"
printf '%s\n' "${var}[0] = argv[0];"
printf '%s' "$result"
for ((n = 0; n < ${#before[@]}; n += 1)); do
flag=$(escapeStringLiteral "${before[n]}")
printf '%s\n' "${var}[$((n + 1))] = \"$flag\";"
done
printf '%s\n' "for (int i = 1; i < argc; ++i) {"
printf '%s\n' " ${var}[$n + i] = argv[i];"
printf '%s\n' " ${var}[${#before[@]} + i] = argv[i];"
printf '%s\n' "}"
printf '%s\n' "${var}[$n + argc] = NULL;"
for ((n = 0; n < ${#after[@]}; n += 1)); do
flag=$(escapeStringLiteral "${after[n]}")
printf '%s\n' "${var}[${#before[@]} + argc + $n] = \"$flag\";"
done
printf '%s\n' "${var}[${#before[@]} + argc + ${#after[@]}] = NULL;"
printf '%s\n' "argv = $var;"
}
@ -366,6 +378,10 @@ formatArgs() {
formatArgsLine 1 "$@"
shift 1
;;
--append-flags)
formatArgsLine 1 "$@"
shift 1
;;
--argv0)
formatArgsLine 1 "$@"
shift 1

34
pkgs/build-support/setup-hooks/make-wrapper.sh
View file

@ -11,18 +11,20 @@ assertExecutable() {
# makeWrapper EXECUTABLE OUT_PATH ARGS
# ARGS:
# --argv0 NAME : set the name of the executed process to NAME
# (if unset or empty, defaults to EXECUTABLE)
# --inherit-argv0 : the executable inherits argv0 from the wrapper.
# (use instead of --argv0 '$0')
# --set VAR VAL : add VAR with value VAL to the executable's environment
# --set-default VAR VAL : like --set, but only adds VAR if not already set in
# the environment
# --unset VAR : remove VAR from the environment
# --chdir DIR : change working directory (use instead of --run "cd DIR")
# --run COMMAND : run command before the executable
# --add-flags FLAGS : add FLAGS to invocation of executable
# TODO(@ncfavier): --append-flags
# --argv0 NAME : set the name of the executed process to NAME
# (if unset or empty, defaults to EXECUTABLE)
# --inherit-argv0 : the executable inherits argv0 from the wrapper.
# (use instead of --argv0 '$0')
# --set VAR VAL : add VAR with value VAL to the executable's environment
# --set-default VAR VAL : like --set, but only adds VAR if not already set in
# the environment
# --unset VAR : remove VAR from the environment
# --chdir DIR : change working directory (use instead of --run "cd DIR")
# --run COMMAND : run command before the executable
# --add-flags ARGS : prepend ARGS to the invocation of the executable
# (that is, *before* any arguments passed on the command line)
# --append-flags ARGS : append ARGS to the invocation of the executable
# (that is, *after* any arguments passed on the command line)
# --prefix ENV SEP VAL : suffix/prefix ENV with VAL, separated by SEP
# --suffix
@ -36,7 +38,7 @@ makeShellWrapper() {
local original="$1"
local wrapper="$2"
local params varName value command separator n fileNames
local argv0 flagsBefore flags
local argv0 flagsBefore flagsAfter flags
assertExecutable "$original"
@ -165,6 +167,10 @@ makeShellWrapper() {
flags="${params[$((n + 1))]}"
n=$((n + 1))
flagsBefore="$flagsBefore $flags"
elif [[ "$p" == "--append-flags" ]]; then
flags="${params[$((n + 1))]}"
n=$((n + 1))
flagsAfter="$flagsAfter $flags"
elif [[ "$p" == "--argv0" ]]; then
argv0="${params[$((n + 1))]}"
n=$((n + 1))
@ -177,7 +183,7 @@ makeShellWrapper() {
done
echo exec ${argv0:+-a \"$argv0\"} \""$original"\" \
"$flagsBefore" '"$@"' >> "$wrapper"
"$flagsBefore" '"$@"' "$flagsAfter" >> "$wrapper"
chmod +x "$wrapper"
}

8
pkgs/data/documentation/scheme-manpages/default.nix
View file

@ -1,14 +1,14 @@
{ lib, stdenv, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "scheme-manpages-unstable";
version = "2022-04-21";
pname = "scheme-manpages";
version = "unstable-2022-05-14";
src = fetchFromGitHub {
owner = "schemedoc";
repo = "manpages";
rev = "e3faaa1b80b3493ee644958a105f84f2995a0436";
sha256 = "sha256-28e6tFRTqX/PWMhdoUZ4nQU1e/JL2uR+NjVXGBwogMM=";
rev = "e4d8e389312a865e350ef88f3e9d69be290705c7";
sha256 = "sha256-bYg8XSycbQIaZDsE0G5Xy0bd2JNWHwYEnyL6ThN7XS4=";
};
dontBuild = true;

2
pkgs/data/fonts/eduli/default.nix
View file

@ -8,7 +8,7 @@ stdenvNoCC.mkDerivation rec {
name = "${pname}-${version}";
url =
"http://language.moe.gov.tw/001/Upload/Files/site_content/M0001/MoeLI-3.0.zip";
sha256 = "0vpmm2qb429npng0aqkafwgs7cjibq8a3f7bbn9hysbm2lndwxwd";
sha256 = "0b4kjdk0h0hx446swi0wzawia0mf16qh9b6v4h4nqg8qx0p2sd3c";
};
installPhase = ''

7
pkgs/development/compilers/vala/default.nix
View file

@ -1,5 +1,5 @@
{ stdenv, lib, fetchurl, fetchpatch, pkg-config, flex, bison, libxslt, autoconf, autoreconfHook
, gnome, graphviz, glib, libiconv, libintl, libtool, expat, substituteAll
, gnome, graphviz, glib, libiconv, libintl, libtool, expat, substituteAll, vala
}:
let
@ -49,7 +49,9 @@ let
# so that it can be used to regenerate documentation.
patches = lib.optionals disableGraphviz [ graphvizPatch ./gvc-compat.patch ];
configureFlags = lib.optional disableGraphviz "--disable-graphviz";
preBuild = lib.optionalString disableGraphviz "buildFlagsArray+=(\"VALAC=$(pwd)/compiler/valac\")";
# when cross-compiling ./compiler/valac is valac for host
# so add the build vala in nativeBuildInputs
preBuild = lib.optionalString (disableGraphviz && (stdenv.buildPlatform == stdenv.hostPlatform)) "buildFlagsArray+=(\"VALAC=$(pwd)/compiler/valac\")";
outputs = [ "out" "devdoc" ];
@ -57,6 +59,7 @@ let
pkg-config flex bison libxslt
] ++ lib.optional (stdenv.isDarwin && (lib.versionAtLeast version "0.38")) expat
++ lib.optional disableGraphviz autoreconfHook # if we changed our ./configure script, need to reconfigure
++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ vala ]
++ extraNativeBuildInputs;
buildInputs = [

3
pkgs/development/go-modules/generic/default.nix
View file

@ -39,6 +39,8 @@
# IE: programs coupled with the compiler
, allowGoReference ? false
, CGO_ENABLED ? go.CGO_ENABLED
, meta ? {}
# Not needed with buildGoModule
@ -141,6 +143,7 @@ let
GO111MODULE = "on";
GOFLAGS = lib.optionals (!proxyVendor) [ "-mod=vendor" ] ++ lib.optionals (!allowGoReference) [ "-trimpath" ];
inherit CGO_ENABLED;
configurePhase = args.configurePhase or ''
runHook preConfigure

65
pkgs/development/interpreters/erlang/R16B02-basho.nix
View file

@ -1,65 +0,0 @@
{ pkgs, mkDerivation }:
mkDerivation {
baseName = "erlang";
version = "16B02.basho10";
src = pkgs.fetchFromGitHub {
owner = "basho";
repo = "otp";
rev = "OTP_R16B02_basho10";
sha256 = "1s2c3ag9dnp6xmcr27kh95n1w50xly97n1mp8ivc2a3gpv4blqmj";
};
preConfigure = ''
export HOME=$PWD/../
export LANG=C
export ERL_TOP=$(pwd)
sed -e s@/bin/pwd@pwd@g -i otp_build
sed -e s@"/usr/bin/env escript"@$(pwd)/bootstrap/bin/escript@g -i lib/diameter/bin/diameterc
./otp_build autoconf
'';
enableHipe = false;
# Do not install docs, instead use prebuilt versions.
installTargets = "install";
postInstall = let
manpages = pkgs.fetchurl {
url = "https://www.erlang.org/download/otp_doc_man_R16B02.tar.gz";
sha256 = "12apxjmmd591y9g9bhr97z5jbd1jarqg7wj0y2sqhl21hc1yp75p";
};
in ''
sed -e s@$(pwd)/bootstrap/bin/escript@$out/bin/escript@g -i $out/lib/erlang/lib/diameter-1.4.3/bin/diameterc
tar xf "${manpages}" -C "$out/lib/erlang"
for i in "$out"/lib/erlang/man/man[0-9]/*.[0-9]; do
prefix="''${i%/*}"
mkdir -p "$out/share/man/''${prefix##*/}"
ln -s "$i" "$out/share/man/''${prefix##*/}/''${i##*/}erl"
done
'';
meta = {
homepage = "https://github.com/basho/otp/";
description = "Programming language used for massively scalable soft real-time systems, Basho fork";
longDescription = ''
Erlang is a programming language used to build massively scalable
soft real-time systems with requirements on high availability.
Some of its uses are in telecoms, banking, e-commerce, computer
telephony and instant messaging. Erlang's runtime system has
built-in support for concurrency, distribution and fault
tolerance.
This version of Erlang is Basho's version, forked from Ericsson's
repository.
'';
knownVulnerabilities = [ "CVE-2017-1000385" ];
platforms = ["x86_64-linux" "x86_64-darwin"];
license = pkgs.lib.licenses.asl20;
maintainers = with pkgs.lib.maintainers; [ mdaiter ];
};
}

4
pkgs/development/interpreters/python/default.nix
View file

@ -133,10 +133,10 @@ with pkgs;
sourceVersion = {
major = "3";
minor = "10";
patch = "4";
patch = "5";
suffix = "";
};
sha256 = "sha256-gL+SX1cdpDazUhCIbPefbrX6XWxXExa3NWg0NFH3ehk=";
sha256 = "sha256-hDfv1bEG7wp1qr+/I9iAYlEgpzqGoireTS4uaNe3RIY=";
};
};

27
pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh
View file

@ -59,23 +59,26 @@ _pythonRemoveDeps() {
pythonRelaxDepsHook() {
pushd dist
local -r package="$pname-$version"
# See https://peps.python.org/pep-0491/#escaping-and-unicode
local -r pkg_name="${pname//[^[:alnum:].]/_}-$version"
local -r unpack_dir="unpacked"
local -r metadata_file="$unpack_dir/$package/$package.dist-info/METADATA"
local -r wheel=$(echo "$package"*".whl")
local -r metadata_file="$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA"
@pythonInterpreter@ -m wheel unpack --dest "$unpack_dir" "$wheel"
rm -rf "$wheel"
# We generally shouldn't have multiple wheel files, but let's be safer here
for wheel in "$pkg_name"*".whl"; do
@pythonInterpreter@ -m wheel unpack --dest "$unpack_dir" "$wheel"
rm -rf "$wheel"
_pythonRelaxDeps "$metadata_file"
_pythonRemoveDeps "$metadata_file"
_pythonRelaxDeps "$metadata_file"
_pythonRemoveDeps "$metadata_file"
if (( "${NIX_DEBUG:-0}" >= 1 )); then
echo "pythonRelaxDepsHook: resulting METADATA:"
cat "$unpack_dir/$package/$package.dist-info/METADATA"
fi
if (( "${NIX_DEBUG:-0}" >= 1 )); then
echo "pythonRelaxDepsHook: resulting METADATA for '$wheel':"
cat "$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA"
fi
@pythonInterpreter@ -m wheel pack "$unpack_dir/$package"
@pythonInterpreter@ -m wheel pack "$unpack_dir/$pkg_name"
done
popd
}

7
pkgs/development/interpreters/python/mk-python-derivation.nix
View file

@ -148,7 +148,12 @@ let
buildInputs = buildInputs ++ pythonPath;
propagatedBuildInputs = propagatedBuildInputs ++ [ python ];
propagatedBuildInputs = propagatedBuildInputs ++ [
# we propagate python even for packages transformed with 'toPythonApplication'
# this pollutes the PATH but avoids rebuilds
# see https://github.com/NixOS/nixpkgs/issues/170887 for more context
python
];
inherit strictDeps;

4
pkgs/development/interpreters/ruby/default.nix
View file

@ -137,6 +137,10 @@ let
(lib.enableFeature docSupport "install-doc")
(lib.withFeature jemallocSupport "jemalloc")
(lib.withFeatureAs docSupport "ridir" "${placeholder "devdoc"}/share/ri")
# ruby enables -O3 for gcc, however our compiler hardening wrapper
# overrides that by enabling `-O2` which is the minimum optimization
# needed for `_FORTIFY_SOURCE`.
] ++ lib.optional stdenv.cc.isGNU "CFLAGS=-O3" ++ [
] ++ ops stdenv.isDarwin [
# on darwin, we have /usr/include/tk.h -- so the configure script detects
# that tk is installed

4
pkgs/development/interpreters/spidermonkey/91.nix
View file

@ -23,11 +23,11 @@
stdenv.mkDerivation rec {
pname = "spidermonkey";
version = "91.10.0";
version = "91.11.0";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}esr/source/firefox-${version}esr.source.tar.xz";
sha512 = "8344b829d7bd86250afdd4cb582e27ed5705b3ef48aec50b9a39abc17deba86c9fd721f4667f5c2155e3d7cd1d6e1f82ff8e218ced3a16a4e06bb414ee0690f8";
sha512 = "bff3a399c03bd1cdaaec0b6963b1558aa35b6338b6c02042ffd65fec0aedd344d01718692e881332f5f352c32da15ba09a20a09ee072200b47ae840bc0585a96";
};
outputs = [ "out" "dev" ];

4
pkgs/development/libraries/armadillo/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "armadillo";
version = "11.1.1";
version = "11.2.0";
src = fetchurl {
url = "mirror://sourceforge/arma/armadillo-${version}.tar.xz";
sha256 = "sha256-v6YVSl/v2DLSjVMKWCIf5KLP8qO729guEJveU/sp3Ns=";
sha256 = "sha256-31yiFZAcaMY0Z8C/7hTwjjTYdaR6sPCVCCqzLd/08kM=";
};
nativeBuildInputs = [ cmake ];

123
pkgs/development/libraries/avahi/default.nix
View file

@ -1,21 +1,25 @@
{ fetchurl, fetchpatch, lib, stdenv, pkg-config, libdaemon, dbus, perlPackages
, expat, gettext, intltool, glib, libiconv, writeShellScriptBin, libevent
{ fetchurl
, fetchpatch
, lib
, stdenv
, pkg-config
, libdaemon
, dbus
, perlPackages
, expat
, gettext
, glib
, libiconv
, libevent
, nixosTests
, gtk3Support ? false, gtk3 ? null
, qt4 ? null
, qt4Support ? false
, gtk3Support ? false
, gtk3 ? null
, qt5 ? null
, qt5Support ? false
, withLibdnssdCompat ? false
, python ? null
, withPython ? false }:
assert qt4Support -> qt4 != null;
let
# despite the configure script claiming it supports $PKG_CONFIG, it doesnt respect it
pkg-config-helper = writeShellScriptBin "pkg-config" ''exec $PKG_CONFIG "$@"'';
in
, withPython ? false
}:
stdenv.mkDerivation rec {
pname = "avahi${lib.optionalString withLibdnssdCompat "-compat"}";
@ -26,45 +30,72 @@ stdenv.mkDerivation rec {
sha256 = "1npdixwxxn3s9q1f365x9n9rc5xgfz39hxf23faqvlrklgbhj0q6";
};
prePatch = ''
substituteInPlace configure \
--replace pkg-config "$PKG_CONFIG"
'';
patches = [
./no-mkdir-localstatedir.patch
(fetchpatch {
url = "https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c.patch";
sha256 = "sha256-BXWmrLWUvDxKPoIPRFBpMS3T4gijRw0J+rndp6iDybU=";
})
];
buildInputs = [ libdaemon dbus glib expat libiconv libevent ]
++ (with perlPackages; [ perl XMLParser ])
++ (lib.optional gtk3Support gtk3)
++ (lib.optional qt4Support qt4)
++ (lib.optional qt5Support qt5);
depsBuildBuild = [
pkg-config
];
propagatedBuildInputs =
lib.optionals withPython (with python.pkgs; [ python pygobject3 dbus-python ]);
nativeBuildInputs = [
pkg-config
gettext
glib
];
nativeBuildInputs = [ pkg-config pkg-config-helper gettext intltool glib ];
buildInputs = [
libdaemon
dbus
glib
expat
libiconv
libevent
] ++ (with perlPackages; [
perl
XMLParser
]) ++ lib.optionals gtk3Support [
gtk3
] ++ lib.optionals qt5Support [
qt5
];
configureFlags =
[ "--disable-qt3" "--disable-gdbm" "--disable-mono"
"--disable-gtk" "--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d"
(lib.enableFeature gtk3Support "gtk3")
"--${if qt4Support then "enable" else "disable"}-qt4"
"--${if qt5Support then "enable" else "disable"}-qt5"
(lib.enableFeature withPython "python")
"--localstatedir=/var" "--with-distro=none"
# A systemd unit is provided by the avahi-daemon NixOS module
"--with-systemdsystemunitdir=no" ]
++ lib.optional withLibdnssdCompat "--enable-compat-libdns_sd"
propagatedBuildInputs = lib.optionals withPython (with python.pkgs; [
python
pygobject3
dbus-python
]);
configureFlags = [
"--disable-gdbm"
"--disable-mono"
# Use non-deprecated path https://github.com/lathiat/avahi/pull/376
"--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d"
(lib.enableFeature gtk3Support "gtk3")
(lib.enableFeature qt5Support "qt5")
(lib.enableFeature withPython "python")
"--localstatedir=/var"
"--runstatedir=/run"
"--sysconfdir=/etc"
"--with-distro=none"
# A systemd unit is provided by the avahi-daemon NixOS module
"--with-systemdsystemunitdir=no"
] ++ lib.optionals withLibdnssdCompat [
"--enable-compat-libdns_sd"
] ++ lib.optionals stdenv.isDarwin [
# autoipd won't build on darwin
++ lib.optional stdenv.isDarwin "--disable-autoipd";
"--disable-autoipd"
];
NIX_CFLAGS_COMPILE = "-DAVAHI_SERVICE_DIR=\"/etc/avahi/services\"";
installFlags = [
# Override directories to install into the package.
# Replace with runstatedir once is merged https://github.com/lathiat/avahi/pull/377
"avahi_runtime_dir=${placeholder "out"}/run"
"sysconfdir=${placeholder "out"}/etc"
];
preBuild = lib.optionalString stdenv.isDarwin ''
sed -i '20 i\
@ -73,14 +104,10 @@ stdenv.mkDerivation rec {
'';
postInstall =
# Maintain compat for mdnsresponder and howl
# Maintain compat for mdnsresponder
lib.optionalString withLibdnssdCompat ''
ln -s avahi-compat-libdns_sd/dns_sd.h "$out/include/dns_sd.h"
'';
/* # these don't exist (anymore?)
ln -s avahi-compat-howl $out/include/howl
ln -s avahi-compat-howl.pc $out/lib/pkgconfig/howl.pc
*/
passthru.tests = {
smoke-test = nixosTests.avahi;
@ -89,9 +116,9 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "mDNS/DNS-SD implementation";
homepage = "http://avahi.org";
license = licenses.lgpl2Plus;
platforms = platforms.unix;
homepage = "http://avahi.org";
license = licenses.lgpl2Plus;
platforms = platforms.unix;
maintainers = with maintainers; [ lovek323 globin ];
longDescription = ''

12
pkgs/development/libraries/avahi/no-mkdir-localstatedir.patch
View file

@ -1,12 +0,0 @@
Don't "mkdir $(localstatedir)" since we can't do it (/var).
--- a/avahi-daemon/Makefile.in
+++ b/avahi-daemon/Makefile.in
@@ -1625,7 +1625,6 @@ xmllint:
done
install-data-local:
- test -z "$(avahi_runtime_dir)" || $(MKDIR_P) "$(DESTDIR)$(avahi_runtime_dir)"
update-systemd:
curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c

4
pkgs/development/libraries/avro-c/default.nix
View file

@ -1,4 +1,4 @@
{ lib, stdenv, cmake, fetchurl, pkg-config, jansson, lzma, snappy, zlib }:
{ lib, stdenv, cmake, fetchurl, pkg-config, jansson, snappy, xz, zlib }:
stdenv.mkDerivation rec {
pname = "avro-c";
@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkg-config cmake ];
buildInputs = [ jansson lzma snappy zlib ];
buildInputs = [ jansson snappy xz zlib ];
meta = with lib; {
description = "A C library which implements parts of the Avro Specification";

21
pkgs/development/libraries/fontconfig/default.nix
View file

@ -1,6 +1,5 @@
{ lib, stdenv
, fetchpatch
, substituteAll
{ stdenv
, lib
, fetchurl
, pkg-config
, python3
@ -15,23 +14,15 @@
stdenv.mkDerivation rec {
pname = "fontconfig";
version = "2.13.94";
version = "2.14.0";
outputs = [ "bin" "dev" "lib" "out" ]; # $out contains all the config
src = fetchurl {
url = "https://www.freedesktop.org/software/fontconfig/release/${pname}-${version}.tar.xz";
sha256 = "0g004r0bkkqz00mpm3svnnxn7d83158q0yb9ggxryizxfg5m5w55";
sha256 = "3L64TJx0u/2xM9U1/hx77cnyIhqNrzkUuYTETFIOm6w=";
};
patches = [
# Fix font style detection
(fetchpatch {
url = "https://gitlab.freedesktop.org/fontconfig/fontconfig/-/commit/92fbf14b0d7c4737ffe1e8326b7ab8ffae5548c3.patch";
sha256 = "1wmyax2151hg3m11q61mv25k45zk2w3xapb4p1r6wzk91zjlsgyr";
})
];
outputs = [ "bin" "dev" "lib" "out" ]; # $out contains all the config
nativeBuildInputs = [
autoreconfHook
gperf

9
pkgs/development/libraries/freeimage/default.nix
View file

@ -15,8 +15,13 @@ stdenv.mkDerivation {
sourceRoot = "svn-r1900/FreeImage/trunk";
# Ensure that the bundled libraries are not used at all
prePatch = "rm -rf Source/Lib* Source/OpenEXR Source/ZLib";
patches = [ ./unbundle.diff ];
prePatch = ''
rm -rf Source/Lib* Source/OpenEXR Source/ZLib
'';
patches = [
./unbundle.diff
./libtiff-4.4.0.diff
];
postPatch = ''
# To support cross compilation, use the correct `pkg-config`.

15
pkgs/development/libraries/freeimage/libtiff-4.4.0.diff Normal file
View file

@ -0,0 +1,15 @@
Fix build with libtiff 4.4.0 by not using a private libtiff API.
Patch by Kurt Schwehr: https://sourceforge.net/p/freeimage/discussion/36109/thread/2018fdc6e7/
diff -ru a/Source/Metadata/XTIFF.cpp b/Source/Metadata/XTIFF.cpp
--- a/Source/Metadata/XTIFF.cpp
+++ b/Source/Metadata/XTIFF.cpp
@@ -749,7 +749,7 @@
continue;
}
// type of storage may differ (e.g. rationnal array vs float array type)
- if((unsigned)_TIFFDataSize(tif_tag_type) != FreeImage_TagDataWidth(tag_type)) {
+ if((unsigned)TIFFFieldSetGetSize(fld) != FreeImage_TagDataWidth(tag_type)) {
// skip tag or _TIFFmemcpy will fail
continue;
}

14
pkgs/development/libraries/gnutls/default.nix
View file

@ -5,7 +5,8 @@
, guileBindings ? config.gnutls.guile or false, guile
, tpmSupport ? false, trousers, which, nettools, libunistring
, withP11-kit ? !stdenv.hostPlatform.isStatic, p11-kit
, withSecurity ? false, Security # darwin Security.framework
, withSecurity ? true, Security # darwin Security.framework
# certificate compression - only zlib now, more possible: zstd, brotli
}:
assert guileBindings -> guile != null;
@ -21,11 +22,11 @@ in
stdenv.mkDerivation rec {
pname = "gnutls";
version = "3.7.3";
version = "3.7.6";
src = fetchurl {
url = "mirror://gnupg/gnutls/v${lib.versions.majorMinor version}/gnutls-${version}.tar.xz";
sha256 = "16n4yvw3792gcdxkikjmhddr6cbs4wlk027zfxlhmchsqcxw8ngw";
sha256 = "1zv2097v9f6f4c66q7yn3c6gggjk9jz38095ma7v3gs5lccmf1kp";
};
outputs = [ "bin" "dev" "out" "man" "devdoc" ];
@ -35,6 +36,8 @@ stdenv.mkDerivation rec {
patches = [ ./nix-ssl-cert-file.patch ]
# Disable native add_system_trust.
# FIXME: apparently it's not enough to drop the framework anymore; maybe related to
# https://gitlab.com/gnutls/gnutls/-/commit/c19cb93d492e45141bfef9b926dfeba36003261c
++ lib.optional (isDarwin && !withSecurity) ./no-security-framework.patch;
# Skip some tests:
@ -73,7 +76,6 @@ stdenv.mkDerivation rec {
buildInputs = [ lzo lzip libtasn1 libidn2 zlib gmp libunistring unbound gettext libiconv ]
++ lib.optional (withP11-kit) p11-kit
++ lib.optional (isDarwin && withSecurity) Security
++ lib.optional (tpmSupport && stdenv.isLinux) trousers
++ lib.optional guileBindings guile;
@ -81,7 +83,9 @@ stdenv.mkDerivation rec {
++ lib.optionals (isDarwin && !withSecurity) [ autoconf automake ]
++ lib.optionals doCheck [ which nettools util-linux ];
propagatedBuildInputs = [ nettle ];
propagatedBuildInputs = [ nettle ]
# Builds dynamically linking against gnutls seem to need the framework now.
++ lib.optional (isDarwin && withSecurity) Security;
inherit doCheck;
# stdenv's `NIX_SSL_CERT_FILE=/no-cert-file.crt` breaks tests.

16
pkgs/development/libraries/gobject-introspection/default.nix
View file

@ -17,6 +17,8 @@
, cairo
, gnome
, substituteAll
, buildPackages
, gobject-introspection-unwrapped
, nixStoreDir ? builtins.storeDir
, x11Support ? true
}:
@ -67,7 +69,7 @@ stdenv.mkDerivation rec {
docbook_xml_dtd_45
python3
setupHook # move .gir files
];
] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ gobject-introspection-unwrapped ];
buildInputs = [
python3
@ -86,7 +88,11 @@ stdenv.mkDerivation rec {
"--datadir=${placeholder "dev"}/share"
"-Ddoctool=disabled"
"-Dcairo=disabled"
"-Dgtk_doc=true"
"-Dgtk_doc=${lib.boolToString (stdenv.hostPlatform == stdenv.buildPlatform)}"
] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
"-Dgi_cross_ldd_wrapper=${buildPackages.prelink}/bin/prelink-rtld"
"-Dgi_cross_use_prebuilt_gi=true"
"-Dgi_cross_binary_wrapper=${stdenv.hostPlatform.emulator buildPackages}"
];
doCheck = !stdenv.isAarch64;
@ -97,6 +103,10 @@ stdenv.mkDerivation rec {
patchShebangs tools/*
'';
postInstall = lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) ''
cp -r ${buildPackages.gobject-introspection-unwrapped.devdoc} $devdoc
'';
preCheck = ''
# Our gobject-introspection patches make the shared library paths absolute
# in the GIR files. When running tests, the library is not yet installed,
@ -122,7 +132,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "A middleware layer between C libraries and language bindings";
homepage = "https://gi.readthedocs.io/";
maintainers = teams.gnome.members ++ (with maintainers; [ lovek323 ]);
maintainers = teams.gnome.members ++ (with maintainers; [ lovek323 artturin ]);
platforms = platforms.unix;
license = with licenses; [ gpl2 lgpl2 ];

29
pkgs/development/libraries/gobject-introspection/wrapper.nix Normal file
View file

@ -0,0 +1,29 @@
{ lib
, stdenv
, buildPackages
, gobject-introspection-unwrapped
, targetPackages
}:
# to build, run
# `nix build ".#pkgsCross.aarch64-multiplatform.buildPackages.gobject-introspection"`
gobject-introspection-unwrapped.overrideAttrs (_previousAttrs: {
pname = "gobject-introspection-wrapped";
postFixup = ''
mv $dev/bin/g-ir-compiler $dev/bin/.g-ir-compiler-wrapped
mv $dev/bin/g-ir-scanner $dev/bin/.g-ir-scanner-wrapped
(
export bash="${buildPackages.bash}/bin/bash"
export emulator=${lib.escapeShellArg (stdenv.targetPlatform.emulator buildPackages)}
export buildprelink="${buildPackages.prelink}/bin/prelink-rtld"
export targetgir="${lib.getDev targetPackages.gobject-introspection-unwrapped}"
substituteAll "${./wrappers/g-ir-compiler.sh}" "$dev/bin/g-ir-compiler"
substituteAll "${./wrappers/g-ir-scanner.sh}" "$dev/bin/g-ir-scanner"
chmod +x "$dev/bin/g-ir-compiler"
chmod +x "$dev/bin/g-ir-scanner"
)
'';
})

4
pkgs/development/libraries/gobject-introspection/wrappers/g-ir-compiler.sh Normal file
View file

@ -0,0 +1,4 @@
#! @bash@
# shellcheck shell=bash
exec @emulator@ @targetgir@/bin/g-ir-compiler "$@"

7
pkgs/development/libraries/gobject-introspection/wrappers/g-ir-scanner.sh Normal file
View file

@ -0,0 +1,7 @@
#! @bash@
# shellcheck shell=bash
exec @dev@/bin/.g-ir-scanner-wrapped \
--use-binary-wrapper=@emulator@ \
--use-ldd-wrapper=@buildprelink@ \
"$@"

4
pkgs/development/libraries/gumbo/default.nix
View file

@ -11,8 +11,8 @@ stdenv.mkDerivation rec {
sha256 = "0xslckwdh2i0g2qjsb6rnm8mjmbagvziz0hjlf7d1lbljfms1iw1";
};
nativeBuildInputs = [ autoconf automake ];
buildInputs = [ libtool ];
strictDeps = true;
nativeBuildInputs = [ autoconf automake libtool ];
preConfigure = "./autogen.sh";

8
pkgs/development/libraries/jansson/default.nix
View file

@ -13,9 +13,11 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ cmake ];
# networkmanager relies on libjansson.so:
# https://github.com/NixOS/nixpkgs/pull/176302#issuecomment-1150239453
cmakeFlags = [ "-DJANSSON_BUILD_SHARED_LIBS=ON" ];
cmakeFlags = [
# networkmanager relies on libjansson.so:
# https://github.com/NixOS/nixpkgs/pull/176302#issuecomment-1150239453
"-DJANSSON_BUILD_SHARED_LIBS=${if stdenv.hostPlatform.isStatic then "OFF" else "ON"}"
];
meta = with lib; {
homepage = "https://github.com/akheron/jansson";

14
pkgs/development/libraries/libaom/default.nix
View file

@ -1,4 +1,7 @@
{ lib, stdenv, fetchzip, yasm, perl, cmake, pkg-config, python3 }:
{ lib, stdenv, fetchzip, yasm, perl, cmake, pkg-config, python3
, enableButteraugli ? false, libjxl # Broken
, enableVmaf ? true, libvmaf
}:
stdenv.mkDerivation rec {
pname = "libaom";
@ -16,6 +19,9 @@ stdenv.mkDerivation rec {
yasm perl cmake pkg-config python3
];
propagatedBuildInputs = lib.optional enableButteraugli libjxl
++ lib.optional enableVmaf libvmaf;
preConfigure = ''
# build uses `git describe` to set the build version
cat > $NIX_BUILD_TOP/git << "EOF"
@ -32,6 +38,10 @@ stdenv.mkDerivation rec {
cmakeFlags = [
"-DBUILD_SHARED_LIBS=ON"
"-DENABLE_TESTS=OFF"
] ++ lib.optionals enableButteraugli [
"-DCONFIG_TUNE_BUTTERAUGLI=1"
] ++ lib.optionals enableVmaf [
"-DCONFIG_TUNE_VMAF=1"
] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [
# CPU detection isn't supported on Darwin and breaks the aarch64-darwin build:
"-DCONFIG_RUNTIME_CPU_DETECT=0"
@ -58,7 +68,7 @@ stdenv.mkDerivation rec {
'';
homepage = "https://aomedia.org/av1-features/get-started/";
changelog = "https://aomedia.googlesource.com/aom/+/refs/tags/v${version}/CHANGELOG";
maintainers = with maintainers; [ primeos kiloreux ];
maintainers = with maintainers; [ primeos kiloreux dandellion ];
platforms = platforms.all;
license = licenses.bsd2;
};

4
pkgs/development/libraries/libdrm/default.nix
View file

@ -5,11 +5,11 @@
stdenv.mkDerivation rec {
pname = "libdrm";
version = "2.4.110";
version = "2.4.111";
src = fetchurl {
url = "https://dri.freedesktop.org/${pname}/${pname}-${version}.tar.xz";
sha256 = "0dwpry9m5l27dlhq48j4bsiqwm0247cxdqwv3b7ddmkynk2f9kpf";
sha256 = "1adjg96mz0ghjzsgp9hrdr622shrvqmjcz5sxksfcka2fx7idmqs";
};
outputs = [ "out" "dev" "bin" ];

2
pkgs/development/libraries/libffi/default.nix
View file

@ -29,6 +29,8 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true;
configurePlatforms = [ "build" "host" ];
configureFlags = [
"--with-gcc-arch=generic" # no detection of -march= or -mtune=
"--enable-pax_emutramp"

1
pkgs/development/libraries/libidn2/default.nix
View file

@ -17,6 +17,7 @@ stdenv.mkDerivation rec {
};
strictDeps = true;
# Beware: non-bootstrap libidn2 is overridden by ./hack.nix
outputs = [ "bin" "dev" "out" "info" "devdoc" ];
patches = optional stdenv.isDarwin ./fix-error-darwin.patch;

30
pkgs/development/libraries/libidn2/no-bootstrap-reference.nix Normal file
View file

@ -0,0 +1,30 @@
{ stdenv, lib, libidn2, libunistring, runCommandLocal, patchelf }:
# Construct a copy of libidn2.* where all (transitive) libc references (in .bin)
# get replaced by a new one, so that there's no reference to bootstrap tools.
runCommandLocal
"${libidn2.pname}-${libidn2.version}"
{
outputs = [ "bin" "dev" "out" ];
passthru = {
inherit (libidn2) out info devdoc; # no need to touch these store paths
};
}
''
cp -r '${libidn2.bin}' "$bin"
chmod +w "$bin"/bin/*
patchelf \
--set-interpreter '${stdenv.cc.bintools.dynamicLinker}' \
--set-rpath '${lib.concatMapStringsSep ":" (p: lib.getLib p + "/lib")
[ stdenv.cc.libc libunistring libidn2 ]}' \
"$bin"/bin/*
cp -r '${libidn2.dev}' "$dev"
chmod +w "$dev"/nix-support/propagated-build-inputs
substituteInPlace "$dev"/nix-support/propagated-build-inputs \
--replace '${libidn2.bin}' "$bin"
substituteInPlace "$dev"/lib/pkgconfig/libidn2.pc \
--replace '${libidn2.dev}' "$dev"
ln -s '${libidn2.out}' "$out" # it's hard to be without any $out
''

4
pkgs/development/libraries/libinput/default.nix
View file

@ -45,7 +45,7 @@ in
stdenv.mkDerivation rec {
pname = "libinput";
version = "1.20.1";
version = "1.21.0";
outputs = [ "bin" "out" "dev" ];
@ -54,7 +54,7 @@ stdenv.mkDerivation rec {
owner = "libinput";
repo = "libinput";
rev = version;
sha256 = "eujnabUaeNEJC/tPPhwcNS9sqDIorF52RjfqKBotbmc=";
sha256 = "R94BdrjI4szNbVtQ+ydRNUg9clR8mkRL7+GE9b2FcDs=";
};
patches = [

4
pkgs/development/libraries/libipt/default.nix
View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "libipt";
version = "2.0.4";
version = "2.0.5";
src = fetchFromGitHub {
owner = "intel";
repo = "libipt";
rev = "v${version}";
sha256 = "sha256-KhRmRoIHvpx5rV7roCnUH+a7JtPb6UqD41Wi4wHSR1c=";
sha256 = "sha256-W7Hvc2zkmR6FdPGsymWXtm66BiHLcW9r7mywHjabeLc=";
};
nativeBuildInputs = [ cmake ];

25
pkgs/development/libraries/libjxl/default.nix
View file

@ -1,10 +1,7 @@
{ stdenv, lib, fetchFromGitHub
, fetchpatch
, asciidoc
, brotli
, cmake
, graphviz
, doxygen
, giflib
, gperftools
, gtest
@ -14,8 +11,12 @@
, libwebp
, openexr
, pkg-config
, python3
, zlib
, buildDocs ? true
, asciidoc
, graphviz
, doxygen
, python3
}:
stdenv.mkDerivation rec {
@ -50,13 +51,14 @@ stdenv.mkDerivation rec {
];
nativeBuildInputs = [
asciidoc # for docs
cmake
graphviz # for docs via doxygen component `dot`
doxygen # for docs
gtest
pkg-config
python3 # for docs
] ++ lib.optionals buildDocs [
asciidoc
graphviz
doxygen
python3
];
# Functionality not currently provided by this package
@ -76,10 +78,8 @@ stdenv.mkDerivation rec {
# conclusively in its README or otherwise; they can best be determined
# by checking the CMake output for "Could NOT find".
buildInputs = [
brotli
giflib
gperftools # provides `libtcmalloc`
libhwy
libjpeg
libpng
libwebp
@ -87,6 +87,11 @@ stdenv.mkDerivation rec {
zlib
];
propagatedBuildInputs = [
brotli
libhwy
];
cmakeFlags = [
# For C dependencies like brotli, which are dynamically linked,
# we want to use the system libraries, so that we don't have to care about

6
pkgs/development/libraries/libnetfilter_cthelper/default.nix
View file

@ -2,13 +2,15 @@
stdenv.mkDerivation rec {
pname = "libnetfilter_cthelper";
version = "1.0.0";
version = "1.0.1";
src = fetchurl {
url = "https://netfilter.org/projects/libnetfilter_cthelper/files/${pname}-${version}.tar.bz2";
sha256 = "07618e71c4d9a6b6b3dc1986540486ee310a9838ba754926c7d14a17d8fccf3d";
sha256 = "sha256-FAc9VIcjOJc1XT/wTdwcjQPMW6jSNWI2qogWGp8tyRI=";
};
outputs = [ "out" "dev" ];
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libmnl ];

6
pkgs/development/libraries/libnetfilter_cttimeout/default.nix
View file

@ -2,13 +2,15 @@
stdenv.mkDerivation rec {
pname = "libnetfilter_cttimeout";
version = "1.0.0";
version = "1.0.1";
src = fetchurl {
url = "https://netfilter.org/projects/libnetfilter_cttimeout/files/${pname}-${version}.tar.bz2";
sha256 = "aeab12754f557cba3ce2950a2029963d817490df7edb49880008b34d7ff8feba";
sha256 = "sha256-C1naLzIE4cgMuF0fbXIoX8B7AaL1Z4q/Xcz7vv1lAyU=";
};
outputs = [ "out" "dev" ];
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libmnl ];

4
pkgs/development/libraries/librsvg/default.nix
View file

@ -27,7 +27,7 @@
stdenv.mkDerivation rec {
pname = "librsvg";
version = "2.54.3";
version = "2.54.4";
outputs = [ "out" "dev" "installedTests" ] ++ lib.optionals withIntrospection [
"devdoc"
@ -35,7 +35,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "ZhWPLvRt3iYAJoRsTaEC5KndTlKTAQ8wlJxswm3W7+g=";
sha256 = "6hUqJD9qQ8DgNqKMcN4/y83qVmTGgRx4WSvCKezCSDM=";
};
cargoVendorDir = "vendor";

4
pkgs/development/libraries/libseccomp/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "libseccomp";
version = "2.5.3";
version = "2.5.4";
src = fetchurl {
url = "https://github.com/seccomp/libseccomp/releases/download/v${version}/libseccomp-${version}.tar.gz";
sha256 = "sha256-WQZchzM2RyXpchukjDqZu8Uq+SHa9I30seAS+8exCnY=";
sha256 = "sha256-2CkCQAQFzwBoV07z3B/l9ZJiB1Q7oa5vjnoVdjUdy9s=";
};
outputs = [ "out" "lib" "dev" "man" "pythonsrc" ];

59
pkgs/development/libraries/libtiff/default.nix
View file

@ -25,11 +25,11 @@
stdenv.mkDerivation rec {
pname = "libtiff";
version = "4.3.0";
version = "4.4.0";
src = fetchurl {
url = "https://download.osgeo.org/libtiff/tiff-${version}.tar.gz";
sha256 = "1j3snghqjbhwmnm5vz3dr1zm68dj15mgbx1wqld7vkl7n2nfaihf";
sha256 = "1vdbk3sc497c58kxmp02irl6nqkfm9rjs3br7g59m59qfnrj6wli";
};
patches = [
@ -38,61 +38,6 @@ stdenv.mkDerivation rec {
# libc++abi 11 has an `#include <version>`, this picks up files name
# `version` in the project's include paths
./rename-version.patch
(fetchpatch {
name = "CVE-2022-22844.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/03047a26952a82daaa0792957ce211e0aa51bc64.patch";
sha256 = "0cfih55f5qpc84mvlwsffik80bgz6drkflkhrdyqq8m84jw3mbwb";
})
(fetchpatch {
name = "CVE-2022-0561.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef.patch";
sha256 = "0m57fdxyvhhr9cc260lvkkn2g4zr4n4v9nricc6lf9h6diagd7mk";
})
(fetchpatch {
name = "CVE-2022-0562.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b.patch";
sha256 = "0ycirjjc1vigj03kwjb92n6jszsl9p17ccw5hry7lli9gxyyr0an";
})
(fetchpatch {
name = "CVE-2022-0891.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/46dc8fcd4d38c3b6f35ab28e532aee80e6f609d6.patch";
sha256 = "1zn2pgsmbrjx3g2bpdggvwwbp6i348mikwlx4ws482h2379vmyj1";
})
(fetchpatch {
name = "CVE-2022-0865.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/5e18004500cda10d9074bdb6166b054e95b659ed.patch";
sha256 = "131b9ial6avl2agwk31wp2jkrx59955f4r0dikx1jdaywqb7zhd1";
})
(fetchpatch {
name = "CVE-2022-0924.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/408976c44ef0aad975e0d1b6c6dc80d60f9dc665.patch";
sha256 = "1aqaynp74ijxr3rizvbyz23ncs71pbbcw5src1zv46473sy55s8p";
})
(fetchpatch {
name = "CVE-2022-0907.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/f2b656e2e64adde07a6cffd5c8e96bd81a850fea.patch";
sha256 = "0nsplq671qx0f35qww9mx27raqp3nvslz8iv7f3hxdgldylmh2vs";
})
(fetchpatch {
name = "CVE-2022-0909.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/f8d0f9aa1ba04c9ae3bfe869a18141a8b8117ad7.patch";
sha256 = "1plhk6ildl16bp0k3wvzfd4a97hqfqfbbn7vjinsaasf4v0x3q5j";
})
(fetchpatch {
name = "CVE-2022-0908.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85.patch";
sha256 = "0i61kkjaixdn2p933lpma9s6i0772vhxjxxcwyqagw96lmszrcm7";
})
(fetchpatch {
name = "CVE-2022-1354.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798.patch";
sha256 = "0171c662xiv3295x4wsq6qq0v90js51j54vsl7wm043kjkrp1fsb";
})
(fetchpatch {
name = "CVE-2022-1355.patch";
url = "https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2.patch";
sha256 = "1y75c72s41pl39d5zr5pmkiyfrancllv8fbl10zvc67pg3qjq4v8";
})
];
postPatch = ''

4
pkgs/development/libraries/libxkbcommon/default.nix
View file

@ -21,11 +21,11 @@
stdenv.mkDerivation rec {
pname = "libxkbcommon";
version = "1.4.0";
version = "1.4.1";
src = fetchurl {
url = "https://xkbcommon.org/download/${pname}-${version}.tar.xz";
sha256 = "0ca00awfzvxiznvd4mgwgxyqxiwvi07j5xxmg5z0l47rcd9fqv0h";
sha256 = "0fbb2dyjvf71p42y2jmwdcylsvj03w52f5rb23c2d00rwahhfg4l";
};
outputs = [ "out" "dev" "doc" ];

37
pkgs/development/libraries/nrf5-sdk/default.nix Normal file
View file

@ -0,0 +1,37 @@
{ lib
, stdenv
, fetchzip
}:
stdenv.mkDerivation rec {
pname = "nrf5-sdk";
version = "17.1.0";
urlHash = "ddde560";
src = fetchzip {
url = "https://nsscprodmedia.blob.core.windows.net/prod/software-and-other-downloads/sdks/nrf5/binaries/nrf5_sdk_${version}_${urlHash}.zip";
sha256 = "sha256-q4WQ7X7/z/42/qcii+mOLnobqcbUy0tInkOfRH/Gwus=";
};
dontConfigure = true;
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/share/nRF5_SDK
mv * $out/share/nRF5_SDK
rm $out/share/nRF5_SDK/*.msi
runHook postInstall
'';
meta = with lib; {
description = "Nordic Semiconductor nRF5 Software Development Kit";
homepage = "https://www.nordicsemi.com/Products/Development-software/nRF5-SDK";
license = licenses.unfree;
platforms = platforms.all;
maintainers = with maintainers; [ stargate01 ];
};
}

4
pkgs/development/libraries/nss/latest.nix
View file

@ -5,6 +5,6 @@
# Example: nix-shell ./maintainers/scripts/update.nix --argstr package cacert
import ./generic.nix {
version = "3.79";
hash = "sha256-698tapZhO2/nCtV56fmD4OlOARAXHPspmdtjPTOUpRQ=";
version = "3.80";
hash = "sha256-wL8f0sfimmsCswliK6r8RD7skMiTS7FV2ku5iYh4S2o=";
}

4
pkgs/development/libraries/oniguruma/default.nix
View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "onig";
version = "6.9.7.1";
version = "6.9.8";
src = fetchFromGitHub {
owner = "kkos";
repo = "oniguruma";
rev = "v${version}";
sha256 = "sha256-IBWxmzmVdKTkHbfy7V8ejpeIdfOU/adGwpUTCMdLU3w=";
sha256 = "sha256-8aFZdhh6ovLCR0A17rvWq/Oif66rSMnHcCYHjClNElw=";
};
nativeBuildInputs = [ autoreconfHook ];

34
pkgs/development/libraries/openssl/3.0/rsa-fix-bn_reduce_once_in_place-call-for-rsaz_mod_exp_avx512_x2.patch Normal file
View file

@ -0,0 +1,34 @@
From 4d8a88c134df634ba610ff8db1eb8478ac5fd345 Mon Sep 17 00:00:00 2001
From: Xi Ruoyao <xry111@xry111.site>
Date: Wed, 22 Jun 2022 18:07:05 +0800
Subject: [PATCH] rsa: fix bn_reduce_once_in_place call for
rsaz_mod_exp_avx512_x2
bn_reduce_once_in_place expects the number of BN_ULONG, but factor_size
is moduli bit size.
Fixes #18625.
Signed-off-by: Xi Ruoyao <xry111@xry111.site>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18626)
---
crypto/bn/rsaz_exp_x2.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/crypto/bn/rsaz_exp_x2.c b/crypto/bn/rsaz_exp_x2.c
index 6b04486e3f56..f979cebd6fb7 100644
--- a/crypto/bn/rsaz_exp_x2.c
+++ b/crypto/bn/rsaz_exp_x2.c
@@ -257,6 +257,9 @@ int ossl_rsaz_mod_exp_avx512_x2(BN_ULONG *res1,
from_words52(res1, factor_size, rr1_red);
from_words52(res2, factor_size, rr2_red);
+ /* bn_reduce_once_in_place expects number of BN_ULONG, not bit size */
+ factor_size /= sizeof(BN_ULONG) * 8;
+
bn_reduce_once_in_place(res1, /*carry=*/0, m1, storage, factor_size);
bn_reduce_once_in_place(res2, /*carry=*/0, m2, storage, factor_size);

14
pkgs/development/libraries/openssl/default.nix
View file

@ -186,8 +186,8 @@ in {
openssl_1_1 = common rec {
version = "1.1.1o";
sha256 = "sha256-k4SisFcN2ANYhBRkZ3EV33he25QccSEfdQdtcv5rQ48=";
version = "1.1.1p";
sha256 = "sha256-v2G2Kqpmx8djmUKpTeTJroKAwI8X1OrC5EZE2fyKzm8=";
patches = [
./1.1/nix-ssl-cert-file.patch
@ -200,9 +200,9 @@ in {
withDocs = true;
};
openssl_3_0 = common {
version = "3.0.3";
sha256 = "sha256-7gB4rc7x3l8APGLIDMllJ3IWCcbzu0K3eV3zH4tVjAs=";
openssl_3 = common {
version = "3.0.4";
sha256 = "sha256-KDGEPppmigq0eOcCCtY9LWXlH3KXdHLcc+/O+6/AwA8=";
patches = [
./3.0/nix-ssl-cert-file.patch
@ -210,6 +210,10 @@ in {
# This patch disables build-time detection.
./3.0/openssl-disable-kernel-detection.patch
# https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/
# https://github.com/openssl/openssl/commit/4d8a88c134df634ba610ff8db1eb8478ac5fd345.patch
3.0/rsa-fix-bn_reduce_once_in_place-call-for-rsaz_mod_exp_avx512_x2.patch
(if stdenv.hostPlatform.isDarwin
then ./use-etc-ssl-certs-darwin.patch
else ./use-etc-ssl-certs.patch)

Some files were not shown because too many files have changed in this diff Show more