Commit graph

1437 commits

Author SHA1 Message Date
=
82f835d2ee
enchive: init at 3.3 2017-08-29 21:40:55 +02:00
rushmorem
f86cac2dfc vault: 0.7.3 -> 0.8.1 2017-08-29 18:46:59 +02:00
Franz Pletz
fa7d449faa
bruteforce-luks: 1.2.1 -> 1.3.1 2017-08-28 00:54:41 +02:00
Jörg Thalheim
18232bca7e clamav: fix build 2017-08-26 10:22:42 +01:00
makefu
6a51bc8bd3
metasploit: 4.14.25 -> 4.16.1 2017-08-24 13:00:56 +02:00
Matthew Justin Bauer
2eacddf0dc treewide: homepage URL fixes (#28475)
* pgadmin: use https homepage

* msn-pecan: move homepage to github

google code is now unavailable

* pidgin-latex: use https for homepage

* pidgin-opensteamworks: use github for homepage

google code is unavailable

* putty: use https for homepage

* ponylang: use https for homepage

* picolisp: use https for homepage

* phonon: use https for homepage

* pugixml: use https for homepage

* pioneer: use https for homepage

* packer: use https for homepage

* pokerth: usee https for homepage

* procps-ng: use https for homepage

* pycaml: use https for homepage

* proot: move homepage to .github.io

* pius: use https for homepage

* pdfread: use https for homepage

* postgresql: use https for homepage

* ponysay: move homepage to new site

* prometheus: use https for homepage

* powerdns: use https for homepage

* pm-utils: use https for homepage

* patchelf: move homepage to https

* tesseract: move homepage to github

* quodlibet: move homepage from google code

* jbrout: move homepage from google code

* eiskaltdcpp: move homepage to github

* nodejs: use https to homepage

* nix: use https for homepage

* pdf2djvu: move homepage from google code

* game-music-emu: move homepage from google code

* vacuum: move homepae from google code
2017-08-22 20:50:04 +02:00
Simon Lackerbauer
7354913c2d sha1collisiondetection: 1.0.1 -> 1.0.3 2017-08-22 02:02:57 +02:00
Herwig Hochleitner
4e026c7b94 pinentry: fix keyboard/pointer grabbing bugs
use debian patches to get the gtk2 version to work with various tiling
window managers

Related reports:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850708
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851707
https://github.com/ch11ng/exwm/issues/263
https://github.com/ch11ng/exwm/issues/279
2017-08-22 00:26:27 +02:00
Joachim F
b51451b86c Merge pull request #28412 from rvolosatovs/update/keybase
keybase: 1.0.27 -> 1.0.28
2017-08-20 20:09:17 +00:00
Roman Volosatovs
5791a2574e
keybase: 1.0.27 -> 1.0.28 2017-08-19 21:38:57 +02:00
Roman Volosatovs
83370e5b4c
browserpass: 1.0.5 -> 1.0.6 2017-08-19 21:37:16 +02:00
Matthew Bauer
5cfe844bd6 passwordstore: use https for homepage 2017-08-17 14:55:43 -07:00
edef
2fca91cbb2 keybase: 1.0.22 -> 1.0.27 2017-08-15 14:56:22 +02:00
Frederik Rietdijk
13bbaee21d Merge pull request #27881 from mimadrid/fix/http-https
Update homepage attributes: http -> https
2017-08-13 21:53:20 +02:00
Peter Hoeg
b9b00495d5 tboot: 1.8.2 -> 1.9.6 2017-08-13 19:31:33 +08:00
Franz Pletz
94cadf33ba
nmap: 7.50 -> 7.60 2017-08-12 11:05:22 +02:00
Lancelot SIX
e34ce9d1c5 gnupg: 2.1.22 -> 2.1.23
This release in a RC for gnupg-2.2. The main difference as far as
nixpkgs is concerned is that the binary `gpg2` is now called `gpg` and
`gpgv2` is called `gpgv`.

This update fixed all explicit use of `gpg2` and `gpgv2` across nixpkgs,
but there might be some packaged software that internally use `gpg2`
not handeled by this commit.

See http://lists.gnu.org/archive/html/info-gnu/2017-08/msg00001.html
for full release information
2017-08-11 19:24:06 +02:00
Robin Gloster
28cc2642f0
treewide: use less phases if not necessary
This removes some skipping of e.g. fixupPhase and cleans up occurences
where this led to duplicating code
2017-08-11 11:40:36 +02:00
Willi Butz
2e29774f4c volatility: 2.4 -> 2.6, refactor, update outdated homepage 2017-08-09 21:50:21 +02:00
adisbladis
9cd05278a6 vulnix: use zodb from pythonPackages 2017-08-09 14:51:01 +02:00
Michael Weiss
4b0afc169d zpl*: Fix the attribute name of the license
This was simply a typo since the license was added in 2013.
2017-08-06 13:49:18 +02:00
mimadrid
09e0cc7cc7
Update homepage attributes: http -> https
Homepage link "http://.../" is a permanent redirect to "https://.../" and should be updated
https://repology.org/repository/nix_stable/problems
2017-08-03 11:56:15 +02:00
Joachim Fasting
4751fca48c
tor: 0.3.0.9 -> 0.3.0.10
Fixes TPROXY on linux, fixes potential DOS on openbsd.
Otherwise mostly minor bugfixes.
2017-08-02 20:05:05 +02:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Franz Pletz
fd647dc0cf
hashcat3: 3.10 -> 3.6.0
Upstream switched versioning scheme.
2017-08-01 08:36:39 +02:00
Franz Pletz
523f343084
pcsclite: 1.8.21 -> 1.8.22 2017-08-01 08:36:29 +02:00
Franz Pletz
d40f993073
fail2ban: 0.9.6 -> 0.9.7 2017-08-01 06:16:03 +02:00
Martin Wohlert
c40ac69ec3 gnupg: 2.1.21 -> 2.1.22
https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000411.html
2017-07-31 11:44:18 +02:00
adisbladis
fcb6e72ddf vulnix: use zc_lockfile, zodbpickle and persistent from pythonPackages 2017-07-28 16:13:28 +02:00
David Asabina
97cc4fdd9e qesteidutil: 3.12.2.1206 -> 3.12.5.1233 2017-07-24 01:13:35 +02:00
Frederik Rietdijk
ebc712f2b1 Merge pull request #27352 from adisbladis/vulnix-py36
vulnix: use zope.interface from pythonPackages
2017-07-19 11:46:19 +02:00
Peter Hoeg
e760337a22 Merge pull request #26393 from peterhoeg/f/pass
pass: add plugins to support importing and updating
2017-07-19 09:18:06 +08:00
Tuomas Tynkkynen
3c9897431b afl: 2.44b -> 2.48b 2017-07-18 22:15:22 +03:00
Nicolas Pouillard
f74a1e6bcb
Keybase updates
keybase: 1.0.20 -> 1.0.22
keybase-gui: 1.0.23-20170519175207.d6c5e9e -> 1.0.25-20170714172717.73f9070
kbfs: 20170209.d1db463 -> 20170429.44efa06
2017-07-17 00:10:23 +02:00
adisbladis
4f174769f2
vulnix: use zope.interface from pythonPackages 2017-07-13 17:03:44 +08:00
Dmitry Kalinkin
fc2819d998
munge: 0.5.11 -> 0.5.12, fix for Linux 2017-07-12 22:11:09 -04:00
Jörg Thalheim
8f5f986453 opendht: move to pkgs/development/libraries
location is more appropriate
2017-07-12 11:04:09 +01:00
Charles Strahan
c79e0b2ba0 Merge pull request #26907 from volth/vault
vault: 0.6.5 -> 0.7.3 with service
2017-07-11 15:02:29 -04:00
Taeer Bar-Yam
0f9b6b97ef opendht: init at 1.3.4 2017-07-11 13:00:07 -04:00
Franz Pletz
c3b566bb87
pinentry: 0.9.7 -> 1.0.0 2017-07-10 09:36:04 +02:00
Aristid Breitkreuz
01557ee8b9 sshuttle: clean up expression a little bit 2017-07-09 12:17:14 +02:00
Aristid Breitkreuz
19dfb63036 sshuttle: 0.78.0 -> 0.78.3, use py3 for tests to succeed 2017-07-09 09:59:20 +02:00
Rob Vermaas
730a394e75
Fix hologram server with go versions > 1.4, no fix yet upstream.
(cherry picked from commit cbfb35a145287f9c18c801ffaf4f36967f1bd563)
2017-07-05 10:22:10 +00:00
Vladimír Čunát
5328aac7be
Merge branch 'staging'
Comparison looks OK; I'll try some fixes on master directly.
http://hydra.nixos.org/eval/1372577?compare=1372497
2017-07-05 08:55:26 +02:00
Will Dietz
ad29479457 jd-gui: Fix interpreter, add many missing deps, un-upx. 2017-07-04 13:13:50 -05:00
Tuomas Tynkkynen
d453e8baad afl: 2.43b -> 2.44b 2017-07-04 17:30:02 +03:00
Vladimír Čunát
d1a89ae9d7
Merge branch 'master' into staging 2017-07-03 09:48:58 +02:00
Volth
c3996de4fd vault: remove-references-to go compiler 2017-07-02 00:39:55 +00:00
Frederik Rietdijk
a20dbcb88b Merge pull request #27002 from makefu/pkgs/gen-oath-safe/init
gen-oath-safe: init at 2017-01-23
2017-07-01 18:54:04 +02:00
makefu
f075c0c9fa
gen-oath-safe: init at 2017-01-23 2017-07-01 18:05:31 +02:00
Joachim Fasting
d7ce6a83b1
tor: 0.3.0.8 -> 0.3.0.9
See https://blog.torproject.org/blog/tor-0309-released-security-update-clients
2017-07-01 13:37:37 +02:00
Vladimír Čunát
ddf864f8aa
Merge branch 'master' into staging
Mass rebuilds from master (>7k on x86_64-linux).
2017-06-30 18:16:58 +02:00
Robin Stumm
4540eaf578 browserpass: 2017-04-11 -> 1.0.5 2017-06-30 13:32:45 +02:00
Volth
ca16df17bd vault: build as Makefile project, not as Go package 2017-06-29 02:23:52 +00:00
Volth
8797e3edd2 certstrap: init at 1.0.1 2017-06-28 21:16:38 +00:00
Volth
519f17035f vault: add unitConfig.RequiresMountsFor to systemd config 2017-06-28 21:16:04 +00:00
Volth
4c428b4a6f vault: run as an unpivileged user 2017-06-27 19:34:12 +00:00
Katyucha
442f76d72a Vault: 0.6.5 -> 0.7.2 with services 2017-06-27 19:34:12 +00:00
Franz Pletz
6338c50a84
Merge branch 'master' into staging 2017-06-22 00:41:25 +02:00
Domen Kožar
53c5b9163e
vulnix: fix eval 2017-06-20 14:12:56 +02:00
Franz Pletz
47f7aa96b0
sudo: 1.8.20p1 -> 1.8.20p2 2017-06-20 04:57:40 +02:00
Franz Pletz
83a4180947
thc-hydra: 8.2 -> 8.5 2017-06-20 03:56:40 +02:00
Tuomas Tynkkynen
ffa0489310 afl: 2.42b -> 2.43b 2017-06-19 17:46:52 +03:00
Thomas Tuegel
be7b7d908f
Remove kdeWrapper 2017-06-18 08:43:39 -05:00
Jörg Thalheim
8581998d7f
vulnix: use zope-testrunner from pythonPackages 2017-06-18 13:14:26 +01:00
Jörg Thalheim
91e08fe55b
vulnix: fix deps 2017-06-18 12:16:54 +01:00
Jörg Thalheim
cca6eb62c0 super: add remark to patch 2017-06-17 10:43:50 +01:00
Jörg Thalheim
9e2f08cdc2 sudo: add remark to patch 2017-06-17 10:42:55 +01:00
Will Dietz
5ff8387f64 sudo: fix attempt to set special perms 2017-06-16 16:20:06 -05:00
Will Dietz
8098e4048b super: Don't set special perms, don't chown to root 2017-06-16 07:13:54 -05:00
Will Dietz
4d57153659 logkeys: Don't chmod u+s 2017-06-16 06:57:05 -05:00
Franz Pletz
7272f8096e
nmap: 7.40 -> 7.50 2017-06-16 06:17:36 +02:00
Rok Garbas
cc0ce6b7a6
rofi-pass: 1.4.3 -> 1.5.0 2017-06-14 08:32:42 +02:00
Daiderd Jordan
30412f9930
rhash: fix darwin build
Fixes cmake update to 3.8.2, d74d871f52
2017-06-13 22:09:12 +02:00
Vladimír Čunát
90cf4cfabe
rhash: extend meta.platforms
Now cmake evaluates on Darwin again.  Let's be optimistic about building.
Discussion: https://github.com/NixOS/nixpkgs/commit/d74d871f52
2017-06-13 17:17:03 +02:00
Jörg Thalheim
a54eea6827 Merge pull request #26495 from makefu/pkgs/metasploit/update
metasploit: 4.14.17 -> 4.14.25
2017-06-09 22:39:07 +01:00
Jörg Thalheim
0cab4cac12
metasploit: add missing update deps to shell.nix 2017-06-09 22:20:28 +01:00
makefu
c1135333d1
metasploit: 4.14.17 -> 4.14.25 2017-06-09 23:09:22 +02:00
Jörg Thalheim
c0e14c084d
metasploit: add missing update deps to shell.nix 2017-06-09 21:45:24 +01:00
Joachim Fasting
8e706b051e
tor: 0.3.0.7 -> 0.3.0.8
Of particular note are fixes for hidden service crashing bugs
(TROVE-2017-004 and TROVE-2017-005).

See https://blog.torproject.org/blog/tor-0308-released-fix-hidden-services-also-are-02429-02514-02612-0278-02814-and-02911
2017-06-09 00:40:25 +02:00
Tuomas Tynkkynen
399afc13e4 afl: 2.41b -> 2.42b 2017-06-08 23:13:06 +03:00
Kier Davis
b81124b4fb
Fix hooks not being called when overriding phases in various packages
It's necessary to do this in order to fix ckb's compilation, now that
fixupPhase rejects derivation results containing references to the temporary
build directory. It seems like good practice so I've added it to the
other packages that I maintain.
2017-06-05 19:13:19 +01:00
Peter Hoeg
fd5e201bf2 pass: add plugins to support importing and updating 2017-06-05 18:22:19 +08:00
Peter Hoeg
5b747cc7c4 paperkey: 1.3 -> 1.4 2017-06-05 15:42:16 +08:00
Pascal Wittmann
f39a047dac
yara: 3.5.0 > 3.6.0, fixes CVE-2017-5924 2017-06-04 17:48:25 +02:00
Peter Hoeg
ef77b61f75 kwalletcli: init at 3.00 2017-06-01 19:11:30 +08:00
Michael Weiss
047a5a18df pgpdump: 0.31 -> 0.32 2017-05-31 16:42:51 +02:00
Daiderd Jordan
3c0114d472
sudo: 1.8.20 -> 1.8.20p1, fixes CVE-2017-1000367 2017-05-30 23:33:04 +02:00
Marius Bergmann
6ecb92a3c3 cfssl: init at 20170527 2017-05-28 18:43:04 +02:00
Franz Pletz
8ab0501865 Merge pull request #25565 from KaiHa/nitrokey-app-1.0
nitrokey-app: 0.6.3 -> 1.1
2017-05-27 02:43:22 +02:00
Vladimír Čunát
00672dec8a
Merge older staging
This still causes some uncached rebuilds, but master(!) and staging
move too fast forward rebuild-wise, so Hydra might never catch up.
(There are also other occasional problems.)
Therefore I merge at this point where the rebuild isn't that bad.
2017-05-26 15:45:43 +02:00
Franz Pletz
5e4a797888
nitrokey-udev-rules: init 2017-05-26 00:47:46 +02:00
Franz Pletz
932091f333
nitrokey-app: 1.0 -> 1.1 2017-05-26 00:47:46 +02:00
Kai Harries
ba002a4215
nitrokey-app: 0.6.3 -> 1.0
The nitrokey-app is now fetched from git because a submodule is needed
for compilation.
2017-05-26 00:42:38 +02:00
Franz Pletz
a74c43aa8d
pcsclite: 1.8.20 -> 1.8.21 2017-05-24 23:53:49 +02:00
Franz Pletz
bfa438eded
ccid: 1.4.26 -> 1.4.27 2017-05-24 23:53:46 +02:00
Vladimír Čunát
8004e79415
Merge branch 'master' into staging 2017-05-24 03:24:06 +02:00
Robin Gloster
b0e2c66345
sslscan: 1.11.8 -> 1.11.10 2017-05-23 13:48:01 +02:00
Robin Gloster
1027d34aaa
aide: 0.16.a2 -> 0.16 2017-05-23 02:57:32 +02:00
Frederik Rietdijk
99cfab07b9 Merge remote-tracking branch 'upstream/master' into HEAD 2017-05-22 09:21:40 +02:00
Joachim F
1bfafdfe65 Merge pull request #25872 from mimadrid/update/sudo-1.8.20
sudo: 1.8.19p2 -> 1.8.20
2017-05-21 22:45:35 +01:00
Jörg Thalheim
de9f19f178 Merge pull request #25927 from gentoofreak/master
gnupg: 2.1.20 -> 2.1.21
2017-05-21 09:11:05 +01:00
Robin Gloster
8952d75b0c
duo-unix: 1.9.19 -> 1.9.20
fixes build with openssl 1.1
2017-05-20 13:22:46 +02:00
Peter Hoeg
28e05a0dfd keybase-gui: 1.0.18 -> 1.0.23 2017-05-20 12:14:04 +08:00
Martin Wohlert
b15baed9e7 gnupg: 2.1.20 -> 2.1.21 2017-05-19 19:38:33 +02:00
mimadrid
8b569420b4
sudo: 1.8.19p2 -> 1.8.20 2017-05-18 00:50:53 +02:00
Vladimír Čunát
515414ed32
Merge branch 'master' into staging 2017-05-16 18:32:43 +02:00
Vladimír Čunát
65ede052fa
treewide: fixup packages with RPATH problems 2017-05-16 18:30:58 +02:00
Joachim Fasting
3cd189c3bc
tor: 0.3.0.6 -> 0.3.0.7
Contains a fix for TROVE-2017-002, a remotely triggered crashing bug
affecting tor relays (clients & releases pre 0.3.0 unaffected).
2017-05-16 11:14:14 +02:00
Jörg Thalheim
cf726bc31a
metasploit: 3.3.1 -> 4.14.17
use bundler env now

fixes #8870
2017-05-15 21:44:00 +01:00
Tuomas Tynkkynen
e1805301af afl: 2.35b -> 2.41b 2017-05-14 04:15:24 +03:00
Ronny Pfannschmidt
9587d3591e remove myself from maintainers/enpass (#25625)
as i am no longer using nixos
2017-05-08 22:03:23 +01:00
Frederik Rietdijk
ef4442e827 Python: replace requests2 with requests tree-wide
See f63eb58573

The `requests2` attribute now throws an error informing that `requests`
should be used instead.
2017-05-07 12:56:09 +02:00
Victor Calvert
9bc0b12c68 pass: 1.7 -> 1.7.1 2017-05-05 16:09:03 -04:00
Aneesh Agrawal
ded7953478 treewide: meta.platform -> meta.platforms 2017-05-02 19:32:02 -04:00
Michael Raskin
4d2f7b63e0 Merge pull request #24803 from pajowu/master
browserpass: init at 1.0.2
2017-05-01 11:27:17 +02:00
Michael Raskin
1a380c094f Remove empty longDescription 2017-05-01 11:27:03 +02:00
Michael Raskin
d5ec7bc748 Merge pull request #23697 from sargon/master
sshguard + service: init at 2.0.0
2017-04-30 21:43:12 +02:00
Michael Raskin
b3d1050cf2 Merge pull request #22438 from rnhmjoj/masscan
masscan: init at 2016-11-03
2017-04-30 18:40:58 +02:00
Joachim Fasting
7301bf8581
tor: 0.2.9.10 -> 0.3.0.6
First stable release in the 0.3 series.

https://blog.torproject.org/blog/tor-0306-released-new-series-stable
2017-04-27 19:26:59 +02:00
pajowu
b4caf7a11e browserpass: add support for firefox 2017-04-22 15:13:02 +02:00
obadz
c4fecfb1ec ecryptfs-helper: fix makeWrapper use after 7ff6eec5 2017-04-21 21:25:30 +01:00
Kai
91d2dc00bb nitrokey-app: 0.5.1 -> 0.6.3 (#24219)
* nitrokey-app: 0.5.1 -> 0.6.3

* Fix (native)buildInputs and refactor
2017-04-14 15:34:36 -05:00
Daiderd Jordan
4a913ecfd3 Merge pull request #24797 from nixy/pass/coreutils-sb-patch
pass: fix clipboard functionality for darwin
2017-04-13 19:26:50 +02:00
Daniel Peebles
f21a6940da Merge pull request #24838 from matthewbauer/ibtool
pinentry_mac: use xcbuild
2017-04-12 22:20:57 -04:00
Matthew Bauer
4672fe6998
pinentry_mac: use precompiled .nib's
sadly, xib2nib hasn't been working like i though. I've just
precompiled into our modified pinentry_mac. Eventually we can get this
fixed but it's not as easy as first thought.
2017-04-12 20:03:29 -05:00
Matthew Bauer
457570f61a
pinentry_mac: switch to pure version
Fixes #24734
2017-04-12 02:59:54 -05:00
pajowu
11913f2ce1 browserpass: change naming scheme 2017-04-11 17:32:33 +02:00
pajowu
b70077f551 browserpass: switch build source to git HEAD
Precompiled version only supports linux64, git version should also support darwin
2017-04-10 23:45:41 +02:00
pajowu
857a3b872c browserpass: init at 1.0.2 2017-04-10 20:06:53 +02:00
Andrew R. M
785f6ce5d6 pass: Fix clipboard functionality
Add the patch that was removed that allows pass's clip() function to
work with single binary coreutils. This version of the patch is also
applied to darwin.sh, so this should fix the clipboard functionality in
darwin as well.
2017-04-10 10:31:00 -04:00
Matthew Bauer
38fa991064
pinentry_mac: use xcbuild 2017-04-09 04:24:16 -05:00
Lancelot SIX
637770f699 gnupg21: 2.1.19 -> 2.1.20
See http://lists.gnu.org/archive/html/info-gnu/2017-04/msg00002.html
for release information
2017-04-05 15:24:05 +02:00
Eelco Dolstra
e410c78cd5
gnupg: Give the 1compat package a higher priority
This resolves collision warnings with the regular gnupg packages.
2017-04-04 16:40:06 +02:00
rnhmjoj
2e1ccaa319
masscan: init at 2017-02-04 2017-04-01 19:05:10 +02:00
Michael Weiss
c9ecc70880 gnupg*: Improve the meta set
And use version from gnupg21 for gnupg1compat.
2017-03-28 22:19:12 +02:00
Michael Weiss
02e469fa04 signing-party: Add 4 missing man pages + dep fix
The manual pages for the following 4 tools where still missing:
- gpgsigs
- keyanalyze
- pgpring
- process_keys

The gpgdir script needs the gpg binary.

The 19 tools are licensed under various licenses.
2017-03-28 22:09:55 +02:00
Vladimír Čunát
96d41e393d
treewide: purge maintainers.urkud
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
2017-03-27 19:52:29 +02:00
Michael Weiss
ef8c0d1388 signing-party: Fix deps and include all tools
Additional tools:
- gpg-key2latex
- gpgdir
- gpgwrap

This module is really hacky and the dependencies are very messy... :o

However I tried my best at testing all 19 individual tools and they
should (hopefully) all work now (apart from sendmail which can be
provided by multiple packages) :)

The code is very redundant (sorry) but imho it's easier to read and
maintain it that way.

TODO: There are some additional manual pages that could be included (I'm
too exhausted for that atm...). And there might be a lot of stuff that
could be improved in the future.
2017-03-26 21:12:45 +02:00
Daniel Ehlers
20a5b5bead sshguard: new package 2017-03-26 14:46:22 +02:00
Joachim Fasting
ecd0e1a2c7
torbrowser: reduce risk of stale Nix store references
This patch restructures the expression and wrapper to minimize Nix store
references captured by the user's state directory.

The previous version would write lots of references to the Nix store into
the user's state directory, resulting in synchronization issues between
the Store and the local state directory.  At best, this would cause TBB to
stop working when the version used to instantiate the local state was
garbage collected; at worst, a user would continue to use the old version
even after an upgrade.

To solve the issue, hard-code as much as possible at the Store side and
minimize the amount of stuff being copied into the local state dir.
Currently, only a few files generated at firefox startup and fontconfig
cache files end up capturing store paths; these files are simply removed
upon every startup.  Otherwise, no capture should occur and the user
should always be using the TBB associated with the tor-browser wrapper
script.

To check for stale Store paths, do
   `grep -Ero '/nix/store/[^/]+' ~/.local/share/tor-browser`
This command should *never* return any other store path than the one
associated with the current tor-browser wrapper script, even after an
update (assuming you've run tor-browser at least once after updating).
Deviations from this general rule are considered bugs from now on.

Note that no attempt has been made to support pluggable transports; they
are still broken with this patch (to be fixed in a follow-up patch).

User visible changes:
- Wrapper retains only environment variables required for TBB to work
- pulseaudioSupport can be toggled independently of mediaSupport (the
  latter weakly implies the former).
- Store local state under $TBB_HOME.  Defaults to $XDG_DATA_HOME/tor-browser
- Stop obnoxious first-run stuff (NoScript redirect, in particular)
- Set desktop item GenericName to Web Browser

Some minor enhancements:
- Disable Hydra builds
- Specify system -> source mapping to make it easier to
  extend supported platforms.
2017-03-25 15:59:18 +01:00
Frederik Rietdijk
f4a1eab239 Merge pull request #23863 from plumps/add-vulnix
vulnix: init at 1.2.2
2017-03-24 11:12:50 +01:00
Jörg Thalheim
70322d8b87 pythonPackages.BTrees: 4.1.4 -> 4.3.1 2017-03-24 10:44:34 +01:00
Michael Weiss
4e29638323 Revert "gpgme: Drop multiple outputs (dev and info)"
This reverts commit 872770286d.

This will fix fwknop as well (should have done it like this in the first
place, where was my mind...).

Conclusion: Did something stupid... :o - I am *so incredibly sorry*,
will be way more careful (was already careful, but apparently not
enought...) next time and use nox.

Sorry @everyone and thanks @calvertvl for noticing this.
2017-03-21 23:57:57 +01:00
Michael Weiss
b27652148a fwknop: init at 2.6.9
fwknop stands for the "FireWall KNock OPerator", and implements an
authorization scheme called Single Packet Authorization (SPA).
2017-03-21 22:43:00 +01:00
Michael Raskin
89f62be345 Merge pull request #23715 from risicle/moz-sops
Add Mozilla sops package
2017-03-18 19:18:06 +01:00
Vladimír Čunát
742b120ddc
Merge branch 'master' into staging
Nontrivial rebuilds from master, again :-/
2017-03-18 11:00:31 +01:00
Peter Hoeg
bf5dc90f30 keybase: 20170209 -> 1.0.20 2017-03-16 10:01:57 +08:00
Maksim Bronsky
97f26ee39a initial release: vulnix 2017-03-15 15:09:19 +01:00
Tuomas Tynkkynen
aba0b45b86 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
      pkgs/development/libraries/qt-5/5.7/qtbase/default.nix
2017-03-14 00:49:22 +02:00