Martin Weinelt
7d09d7f571
nixos/home-assistant: harden systemd service
...
This is what is still exposed, and it should still allow things to work
as usual.
✗ PrivateNetwork= Service has access to the host's … 0.5
✗ RestrictAddressFamilies=~AF_(INET… Service may allocate Internet soc… 0.3
✗ DeviceAllow= Service has a device ACL with som… 0.1
✗ IPAddressDeny= Service does not define an IP add… 0.2
✗ PrivateDevices= Service potentially has access to… 0.2
✗ PrivateUsers= Service has access to other users 0.2
✗ SystemCallFilter=~@resources System call allow list defined fo… 0.2
✗ RootDirectory=/RootImage= Service runs within the host's ro… 0.1
✗ SupplementaryGroups= Service runs with supplementary g… 0.1
✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1
→ Overall exposure level for home-assistant.service: 1.6 OK :-)
This can grow to as much as ~1.9 if you use one of the bluetooth or nmap
trackers or the emulated_hue component, all of which required elevated
permisssions.
2021-05-03 00:21:24 +02:00
Luke Granger-Brown
4518794ee5
Merge pull request #121534 from lukegb/bogus-mk2
...
tela-icon-theme: more changes to change the hash
2021-05-02 21:25:34 +01:00
Martin Weinelt
6c022654f6
python3Packages.csvw: 1.10.1 -> 1.10.2
2021-05-02 13:24:22 -07:00
Luke Granger-Brown
134c68a411
tela-icon-theme: use stdenvNoCC
...
This doesn't use any of the compilers tools, so it may as well use the
compilerless version of the stdenv.
2021-05-02 20:18:48 +00:00
Luke Granger-Brown
a494e0ce56
tela-icon-theme: switch to gpl3Only
...
Since the license isn't documented anywhere other than COPYING, it must
be assumed that the intent was to license only under the included
license, without any extra clauses such as the "(at your option) any
later version" clause.
2021-05-02 20:18:01 +00:00
Luke Granger-Brown
6f55db13eb
tela-icon-theme: skip patchelf and symlink rewrite steps
...
* We don't have any ELFs to patch.
* Scanning all the symlinks is slow, and jdupes already makes them
relative anyway.
2021-05-02 20:17:16 +00:00
Andreas Rammhold
e3ad419b87
Merge pull request #121461 from marsam/update-gopass
...
gopass: 1.12.5 -> 1.12.6
2021-05-02 20:11:54 +02:00
Anderson Torres
4e78613c05
Merge pull request #121424 from dotlambda/ophis-fix
...
ophis: fix build
2021-05-02 14:58:43 -03:00
Anderson Torres
bebfaab5ba
Merge pull request #121405 from branwright1/revert-121357-new-river
...
Revert "river: refactor"
2021-05-02 14:57:41 -03:00
Mario Rodas
fb5a9e4095
Merge pull request #121466 from marsam/update-lxc
...
lxc: 4.0.7 -> 4.0.8
2021-05-02 12:55:16 -05:00
Luke Granger-Brown
9775b39fd4
Merge pull request #121519 from NixOS/lukegb-tela-icon-theme
...
tela-icon-theme: format slightly differently
2021-05-02 17:34:25 +01:00
Bjørn Forsman
13cadfac15
zoom-us: fix overriding source
...
Without this using .overrideAttrs to change the source still uses the
old source.
2021-05-02 17:38:55 +02:00
Luke Granger-Brown
8142fd653f
tela-icon-theme: format slightly differently
...
This change is intended to cause the package hash to change, to work around a bug in Hydra that's causing the nixos-unstable channel advancement to fail (due to an invalid .ls file).
2021-05-02 15:49:37 +01:00
Atemu
1b10b0d579
kernel: clarify license
2021-05-02 14:44:54 +00:00
Ethan Edwards
e3763e4799
piston-cli: 1.2.2 -> 1.3.0 ( #121448 )
2021-05-02 16:33:41 +02:00
Martin Weinelt
2c21dba881
Merge pull request #121392 from daneads/mopidy-podcast
...
mopidy-podcast: init at 3.0.0
2021-05-02 15:52:24 +02:00
Sandro
a0842dff29
Merge pull request #121360 from r-ryantm/auto-update/krankerl
...
krankerl: 0.13.0 -> 0.13.1
2021-05-02 15:50:23 +02:00
Sandro
ed845591ad
Merge pull request #121291 from r-ryantm/auto-update/krapslog
...
krapslog: 0.1.2 -> 0.1.3
2021-05-02 15:49:58 +02:00
Sandro
b71e70b45a
Merge pull request #121271 from samuelgrf/libfaketime-add-meta.mainProgram
...
libfaketime: add meta.mainProgram
2021-05-02 15:48:53 +02:00
Sandro
333ed43c4b
Merge pull request #121273 from ktor/timeular-3.9.1
...
timeular: 3.4.1 -> 3.9.1
2021-05-02 15:48:30 +02:00
031d7e3e-4476-4fef-a076-26150f8ecc2f
75468c3907
mopidy-podcast: init at 3.0.0
...
Mopidy extension for browsing and playing podcasts
Update maintainer + add py3 tests
2021-05-02 09:38:06 -04:00
Martin Weinelt
4642f4809f
Merge pull request #121503 from daneads/patch-1
...
Add daneads to maintainers
2021-05-02 15:30:10 +02:00
Jan Tojnar
86ec321e63
link-grammar: 5.8.1 -> 5.9.1
...
https://github.com/opencog/link-grammar/blob/link-grammar-5.9.1/ChangeLog
Remove libz dependency since that has only been used by minisat.
Also clean up the expression.
2021-05-02 15:17:26 +02:00
239
9e94b036a1
pcloud: fix runtime dependencies ( #121495 )
2021-05-02 15:16:04 +02:00
Dan Eads
33682a80a1
maintainers: add daneads
2021-05-02 09:15:45 -04:00
Sandro
df3c94e6c8
Merge pull request #110562 from r-k-b/cypress/updateScript
...
cypress: add updateScript
2021-05-02 15:15:17 +02:00
Sandro
c6d2f34e88
Merge pull request #121353 from otavio/topic-add-cargo-rr
...
cargo-rr: init at 0.1.3
2021-05-02 15:13:46 +02:00
Martin Weinelt
e26c6b55ae
Merge pull request #121506 from fabaff/bump-pywizlight
...
python3Packages.pywizlight: 0.4.6 -> 0.4.7
2021-05-02 15:07:23 +02:00
Michael Raskin
3a07a89802
Merge pull request #119383 from jtojnar/geoclue-custom-key
...
geoclue2: Use our own mozilla API key
2021-05-02 13:05:38 +00:00
Fabian Affolter
12714a4726
python3Packages.pywizlight: 0.4.6 -> 0.4.7
2021-05-02 14:54:09 +02:00
José Romildo Malaquias
bc33b23cd0
ppx_deriving_cmdliner: init at 0.6.0
2021-05-02 14:52:52 +02:00
sternenseemann
d196216e11
man-pages-posix: use version format as repology
...
repology considers 2017a, not 2017-a as current since all other
distributions seem to use that versioning scheme.
2021-05-02 12:50:12 +00:00
Luke Granger-Brown
92eee1a1cd
Merge pull request #121502 from bennofs/update-librespot
...
librespot: 0.1.3 -> 0.1.6
2021-05-02 13:49:53 +01:00
alvar
aacbc7385c
pythonPackages.pynmea2: 1.17.0 -> 1.18.0 ( #121484 )
2021-05-02 14:39:16 +02:00
Luke Granger-Brown
7d0e9bb1a0
Merge pull request #109863 from r-ryantm/auto-update/hyperscan
...
hyperscan: 5.3.0 -> 5.4.0
2021-05-02 13:28:25 +01:00
Luke Granger-Brown
0ae084feb2
Merge pull request #110426 from r-ryantm/auto-update/thonny
...
thonny: 3.3.2 -> 3.3.6
2021-05-02 13:27:40 +01:00
Benno Fünfstück
8b882a5842
librespot: 0.1.3 -> 0.1.6
2021-05-02 14:26:40 +02:00
Luke Granger-Brown
8c04500313
thonny: 3.3.3 -> 3.3.6
2021-05-02 12:26:15 +00:00
Luke Granger-Brown
f587042bb9
Merge pull request #121463 from lukegb/pr103254
...
libsForQt5.quazip: 0.9.1 -> 1.1
2021-05-02 13:15:39 +01:00
Vojtěch Káně
9a943b4b42
maintainers: add vojta001
2021-05-02 08:01:44 -04:00
Michael Raskin
171f5fcd13
Merge pull request #121487 from Mazurel/master
...
ogre: Added SDL2 as a dependency
2021-05-02 11:59:26 +00:00
Luke Granger-Brown
8a92cdd9f5
teamspeak_client: fix for quazip 1.x
2021-05-02 11:55:06 +00:00
Michele Guerini Rocco
d5fe3a1270
Merge pull request #121488 from rnhmjoj/monero
...
quirc: 2016-08-16 -> 2020-04-06; monero: 0.17.1.9 -> 0.17.2.0; monero-gui: 0.17.1.9 -> 0.17.2.1
2021-05-02 13:53:40 +02:00
Luke Granger-Brown
d50819f1a1
Merge pull request #103381 from r-ryantm/auto-update/dcm2niix
...
dcm2niix: 1.0.20200331 -> 1.0.20210317
2021-05-02 12:48:46 +01:00
Arijit Basu
637c7391ad
xplr: 0.5.10 -> 0.5.12 ( #121473 )
2021-05-02 13:40:58 +02:00
Mario Rodas
4da5de00a5
flexget: 3.1.110 -> 3.1.116 ( #121464 )
2021-05-02 13:39:39 +02:00
Mario Rodas
cf39deb8a3
python38Packages.flask-restx: 0.2.0 -> 0.3.0 ( #121465 )
...
https://github.com/python-restx/flask-restx/releases/tag/0.3.0
2021-05-02 13:37:21 +02:00
Luke Granger-Brown
884cf29501
dcm2niix: 1.0.20201102 -> 1.0.20210317
2021-05-02 11:10:40 +00:00
Daniël de Kok
219cbedb69
Merge pull request #121476 from siraben/knightos-updates
...
knightos-mkrom : 1.0.3 -> 1.0.4, knightos-scas: 0.5.3 -> 0.5.5
2021-05-02 12:43:37 +02:00
Mazurel
8309374a78
ogre: Added SDL2 as dependency
2021-05-02 11:53:36 +02:00