Commit graph

1729 commits

Author SHA1 Message Date
Franz Pletz
baee91ec60 cc-wrapper: Check if ld supports -z, fixes darwin 2016-03-07 21:40:20 +01:00
Franz Pletz
b2b499e6c4 cc-wrapper: Increase number of functions for stackprotector 2016-03-07 01:30:40 +01:00
Franz Pletz
ab1092875a cc-wrapper: Disable pie for linking static libs 2016-03-07 01:30:39 +01:00
Franz Pletz
63f60b6a13 cc-wrapper: Disable pie when linking shared libraries 2016-03-07 01:30:39 +01:00
Franz Pletz
05a02c53a0 cc-wrapper: -pie is a ldflag 2016-03-06 00:14:55 +01:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Profpatsch
82fa1a796b lib/copyPathToStore: annotate docstring 2016-03-01 15:26:35 +01:00
zimbatm
0d2e437fc9 Merge pull request #13584 from zimbatm/nix-prefetch-git-json
nix-prefetch-git: change the default output to JSON
2016-03-01 10:07:00 +00:00
Lluís Batlle i Rossell
202ebf794c vm/rpm/rpm-closure.pl: make it deterministic
Some recent perl version introduced "keys" to return the keys
in random order. As some of the packages are solved by "provides" and
based on the order, this randomness affects what packages get into the
closure.

This problem may be in other nix perl scripts.
2016-03-01 11:02:42 +01:00
zimbatm
90de261f33 nix-prefetch-git: change the default output to JSON
As discussed on the mailing list. The nix output was short-lived so it's
probably okay to change it.
2016-02-29 22:47:16 +00:00
Luca Bruno
5f8311775c chromium: add StartupWMClass to desktop file. Fixes #12433 2016-02-29 20:42:58 +01:00
zimbatm
6d9cc54089 build-maven: use lib.importJSON 2016-02-29 13:49:29 +00:00
zimbatm
de124cfa79 Merge pull request #11671 from timbertson/fetchgit
fetchgit: output improvements
2016-02-27 22:45:07 +00:00
Eelco Dolstra
e6f61b4cf3 fetchurlBoot: Use Nix's builtin fetchurl function
This removes the need for curl in bootstrapTools, and enables https
for bootstrap tarballs.
2016-02-27 20:27:24 +01:00
Tim Cuthbertson
21547a61ba nix-prefetch-git: print out valid nix expression; make --quiet very quiet 2016-02-27 21:26:35 +11:00
Tim Cuthbertson
456cbb29d9 nix-prefetch-git: add --quiet flag and minor cleanup 2016-02-27 16:56:38 +11:00
zimbatm
35ab3d301f Merge remote-tracking branch 'upstream/staging' 2016-02-26 22:37:04 +00:00
Tony White
4806cddda3 fetchurl: use kernel.org cdn by default
- use http://cdn.kernel.org/pub/ as the default mirror
for kernel source requests.
Discovered by browsing :
 https://www.kernel.org/introducing-fastly-cdn.html
2016-02-26 21:32:00 +00:00
zimbatm
d2f3e250cf Merge pull request #8576 from obadz/nix-prefetch-zip
Add --ext option to nix-prefetch-zip
2016-02-26 00:57:30 +00:00
Nikolay Amiantov
4f74a4aacb fetch-cargo-deps: factor into fetchCargoDeps function 2016-02-25 14:05:44 +03:00
Nikolay Amiantov
34023d867d fetchcargo: set CA bundle path 2016-02-25 13:51:12 +03:00
Vladimír Čunát
93f6af1071 Merge branch 'master' into staging 2016-02-25 09:01:48 +01:00
Vladimír Čunát
30b7bd8d01 Merge branch 'glibc-2.22' into staging
I'm running whole my working notebook on 2.22 without any problems.
I don't expect any significant issues.
2016-02-25 08:42:59 +01:00
Jude Taylor
a2b19cdb04 revert fetch-cargo-deps change 2016-02-23 18:31:45 -08:00
Jude Taylor
7336191574 fix fetch-cargo SSL error 2016-02-23 16:42:51 -08:00
zimbatm
cfa99e5a99 Merge pull request #13114 from colemickens/azure
azure: package qemu 2.2.0 to fix VHD creation
2016-02-23 22:47:44 +00:00
zimbatm
69059602ff Merge pull request #13111 from tsion/simplify-assert
Simplify fetchurl assertion logic.
2016-02-23 22:42:27 +00:00
zimbatm
c3e9630dfa Merge pull request #13369 from grahamc/nix-prefetch-git-output-base32
nix-prefetch-git: output base32 hash so output matches nix-build errors
2016-02-22 18:21:11 +00:00
Graham Christensen
60f354dfb8 nix-prefetch-git: output base32 hash so output matches nix-build errors
It turns out hashFormat has never been set.
2016-02-22 10:50:27 -06:00
Ricardo M. Correia
fd3e02add8 Merge pull request #13027 from puffnfresh/package/pijul
pijul: 0.1 -> 0.2-6ab9ba
2016-02-20 15:43:53 +01:00
Vladimír Čunát
4b581903b3 requireFile: preferLocalBuild = true
There's no point trying to "distribute" showing the error message.
2016-02-19 13:47:50 +01:00
Nikolay Amiantov
9525abdeec steamPackages.runtime: use mirrors, add my mirror 2016-02-19 14:10:09 +03:00
Scott Olson
43a523526d Require at least one of url or urls in fetchurl. 2016-02-19 03:18:21 -06:00
Cole Mickens
718848d5aa azure: package qemu @ 2.2.0
This commit packages qemu-220. This package is qemu-2.2.0
and is only used with Azure.
2016-02-18 21:08:28 -08:00
Scott Olson
9cf93ba135 Simplify fetchurl assertion logic.
The two lines I removed technically assert the exact same thing, since `!a -> b`
is equivalent to `a || b`. So, I replaced the two lines with the more symmetric
form to make it clearer.
2016-02-18 22:39:43 -06:00
Eelco Dolstra
d71a4851e8 Don't try to apply patchelf to non-ELF binaries 2016-02-18 22:54:11 +01:00
Eelco Dolstra
bf63de1613 separateDebugInfo: Handle weird filenames properly 2016-02-18 22:54:11 +01:00
Eelco Dolstra
076de98c94 separateDebugInfo: Restore ELF check 2016-02-18 21:37:26 +01:00
Luca Bruno
b7c57c831f Merge pull request #13099 from datakurre/datakurre-dockertools
dockerTools: Fix issue where image name with repository prefix was no…
2016-02-18 17:30:54 +01:00
Asko Soukka
584427c694 dockerTools: Fix issue where image name with repository prefix was not supported 2016-02-18 18:16:58 +02:00
Vladimír Čunát
e9520e81b3 Merge branch 'master' into staging 2016-02-17 10:06:31 +01:00
Benjamin Staffin
fc85f1beed nix-prefetch-hg: Various bash style improvements, fixes #9511 2016-02-17 00:35:30 +01:00
Brian McKenna
8b644c5826 rust: fix prePatch phase fail when sourceRoot set
We want to go up more than a single directory if we're in a nested one.
2016-02-17 07:28:26 +11:00
zimbatm
02f5a01c19 nix-prefetch-git: use fetchgit's naming heuristic
This commit fixes #6651.

Before this change the `nix-prefetch-git` script would use a different store
name than nix's `fetchgit` function. Because of that it was not possible to
use `nix-prefetch-git` as a way to pre-populate the store (for example when
the user it using private git dependencies that needs access to the ssh agent)
2016-02-13 14:39:44 +00:00
Vladimír Čunát
a115bff08c Merge branch 'master' into staging 2016-02-07 13:52:42 +01:00
Vladimír Čunát
96cbdc70f2 cc-wrapper: fix #10574: old gcc -> cc fallout
The part with gcc-wrapper-old changes is rather unimportant,
as it's almost unused but I still tested that the sole user `gnat` builds.
2016-02-05 14:05:14 +01:00
Guillaume Maudoux
9f358f809d Configure a default trust store for openssl 2016-02-03 12:42:01 +01:00
Eric Seidel
f62b04954f fetchgitlocal: be less chatty 2016-02-01 10:57:01 -08:00
Eelco Dolstra
030838ba25 makeModulesClosure: Small cleanup 2016-02-01 18:19:23 +01:00
Thomas Tuegel
1e5cad9c8c Merge pull request #12738 from ttuegel/emacsWithPackages
Reduce load time of emacsWithPackages
2016-01-31 17:28:20 -06:00