From c95a170ac282da27c1b215996051d353de90cf90 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 23 Feb 2022 00:42:13 +0000 Subject: [PATCH 01/36] air: 1.27.10 -> 1.28.0 --- pkgs/development/tools/air/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/air/default.nix b/pkgs/development/tools/air/default.nix index fcc3671ded5c..c57307391bd5 100644 --- a/pkgs/development/tools/air/default.nix +++ b/pkgs/development/tools/air/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "air"; - version = "1.27.10"; + version = "1.28.0"; src = fetchFromGitHub { owner = "cosmtrek"; repo = "air"; rev = "v${version}"; - sha256 = "sha256-mgFLelf0TPjJK/keQz+s52fKlruSn6+KTPj+waJuQdU="; + sha256 = "sha256-JbFSEfm8SVyJBgZju3kfIv5WK/kFYTqkU0EH5HXl9cc="; }; vendorSha256 = "sha256-MEIPkron42OJioV7PPhnLWVevjKDs5Bw3jDmvZbac9s="; From 54c98ebd268cd28370499269dd3eb15b94a8a585 Mon Sep 17 00:00:00 2001 From: Felix Tenley Date: Sun, 6 Mar 2022 18:05:21 +0100 Subject: [PATCH 02/36] filebot: 4.9.5 -> 4.9.6 --- pkgs/applications/video/filebot/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/video/filebot/default.nix b/pkgs/applications/video/filebot/default.nix index d80384f7b26a..df435d03d09d 100644 --- a/pkgs/applications/video/filebot/default.nix +++ b/pkgs/applications/video/filebot/default.nix @@ -10,11 +10,11 @@ in stdenv.mkDerivation rec { pname = "filebot"; - version = "4.9.5"; + version = "4.9.6"; src = fetchurl { - url = "https://web.archive.org/web/20220226124706/https://get.filebot.net/filebot/FileBot_${version}/FileBot_${version}-portable.tar.xz"; - sha256 = "sha256-LNvfAueDMd2TedK6bqnNG+J/4YhhbmUca9iyUkoUNkE="; + url = "https://web.archive.org/web/20220305095926/https://get.filebot.net/filebot/FileBot_${version}/FileBot_${version}-portable.tar.xz"; + sha256 = "sha256-3j0WmmamE9KUNwjOVZvrdFH5dS/9FHSdbLfcAsOzQOo="; }; unpackPhase = "tar xvf $src"; From 9c8eda7f38c071c725c86627d1dce78ea5334c7a Mon Sep 17 00:00:00 2001 From: InternetUnexplorer Date: Fri, 11 Mar 2022 11:33:56 -0800 Subject: [PATCH 03/36] llvmPackages_rocm.llvm: don't build shared libs This seems to fix the notorious "CommandLine Error: Option 'xxxxx' registered more than once!" error in applications that use both Mesa and ROCm. Since Mesa is built with llvmPackages_latest and ROCm stuff is built with llvmPackages_rocm, applications that use both (such as Blender) end up with two different `libLLVM*.so`s loaded, which breaks things. This seems like a straightforward way to fix the problem, and since the ROCm stack seems to be the only thing in Nixpkgs that uses llvmPackages_rocm this hopefully shouldn't break anything. While there might be another way to fix this problem that doesn't require disabling the shared libraries, I haven't been able to find it yet, and since this issue seems to affect a lot of people I think it might make sense to merge this fix for now and revisit it later if a better solution is found. This also removes a small patch to rocm-comgr since there are no longer LLVM shared libraries for it to link against. --- pkgs/development/compilers/llvm/rocm/llvm/default.nix | 4 ++-- pkgs/development/libraries/rocm-comgr/default.nix | 9 --------- 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/pkgs/development/compilers/llvm/rocm/llvm/default.nix b/pkgs/development/compilers/llvm/rocm/llvm/default.nix index 724fd6b63f76..003fb4998c36 100644 --- a/pkgs/development/compilers/llvm/rocm/llvm/default.nix +++ b/pkgs/development/compilers/llvm/rocm/llvm/default.nix @@ -12,7 +12,7 @@ , zlib , debugVersion ? false , enableManpages ? false -, enableSharedLibraries ? !stdenv.hostPlatform.isStatic +, enableSharedLibraries ? false , version , src @@ -59,7 +59,7 @@ in stdenv.mkDerivation rec { "-DSPHINX_WARNINGS_AS_ERRORS=OFF" ]; - postPatch = '' + postPatch = lib.optional enableSharedLibraries '' substitute '${./outputs.patch}' ./outputs.patch --subst-var lib patch -p1 < ./outputs.patch ''; diff --git a/pkgs/development/libraries/rocm-comgr/default.nix b/pkgs/development/libraries/rocm-comgr/default.nix index 3ae872f23158..73075c9669a5 100644 --- a/pkgs/development/libraries/rocm-comgr/default.nix +++ b/pkgs/development/libraries/rocm-comgr/default.nix @@ -27,15 +27,6 @@ stdenv.mkDerivation rec { "-DLLVM_TARGETS_TO_BUILD=\"AMDGPU;X86\"" ]; - # The comgr build tends to link against the static LLVM libraries - # *and* the dynamic library. Linking against both causes errors - # about command line options being registered twice. This patch - # removes the static library linking. - patchPhase = '' - sed -e '/^llvm_map_components_to_libnames/,/[[:space:]]*Symbolize)/d' \ - -i CMakeLists.txt - ''; - passthru.updateScript = writeScript "update.sh" '' #!/usr/bin/env nix-shell #!nix-shell -i bash -p curl jq common-updater-scripts From 58e32427d813439a08fef4008151bfba1e244ba1 Mon Sep 17 00:00:00 2001 From: larsr Date: Tue, 15 Mar 2022 11:06:08 +0100 Subject: [PATCH 04/36] libnatpmp: fix dyld path on darwin This solves #164240 --- pkgs/development/libraries/libnatpmp/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/libnatpmp/default.nix b/pkgs/development/libraries/libnatpmp/default.nix index 9672d1cceca7..54177ad559d6 100644 --- a/pkgs/development/libraries/libnatpmp/default.nix +++ b/pkgs/development/libraries/libnatpmp/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl }: +{ lib, stdenv, fetchurl, fixDarwinDylibNames }: stdenv.mkDerivation rec { pname = "libnatpmp"; @@ -15,6 +15,8 @@ stdenv.mkDerivation rec { "CC:=$(CC)" ]; + nativeBuildInputs = lib.optional stdenv.isDarwin fixDarwinDylibNames; + postFixup = '' chmod +x $out/lib/* ''; From 5e801d82ddbd2c39dcd8d5bf96d1f897a3b1c3c6 Mon Sep 17 00:00:00 2001 From: Paul Walker Date: Fri, 18 Mar 2022 15:58:31 -0400 Subject: [PATCH 05/36] lunar-client: 2.9.3 -> 2.10.0 --- pkgs/games/lunar-client/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/games/lunar-client/default.nix b/pkgs/games/lunar-client/default.nix index fbebe85cf007..17df2565b866 100644 --- a/pkgs/games/lunar-client/default.nix +++ b/pkgs/games/lunar-client/default.nix @@ -2,13 +2,13 @@ let name = "lunar-client"; - version = "2.9.3"; + version = "2.10.0"; desktopItem = makeDesktopItem { name = "lunar-client"; exec = "lunar-client"; icon = "lunarclient"; - comment = "Minecraft 1.7, 1.8, 1.12, 1.15, and 1.16 Client"; + comment = "Minecraft 1.7, 1.8, 1.12, 1.15, 1.16, 1.17, and 1.18 Client"; desktopName = "Lunar Client"; genericName = "Minecraft Client"; categories = [ "Game" ]; @@ -21,7 +21,7 @@ let src = fetchurl { url = "https://launcherupdates.lunarclientcdn.com/Lunar%20Client-${version}.AppImage"; name = "lunar-client.AppImage"; - sha256 = "sha256-2wlC+OAG2lvUB3yPxppNhhvNDZv4gxrNKpww9vAfStI="; + sha256 = "1kfi3rgy401ll3gn9k30j0a1zds1ghl5g2ibfwlsnr826nckfmzw"; }; in appimageTools.wrapType1 rec { @@ -36,7 +36,7 @@ appimageTools.wrapType1 rec { extraPkgs = pkgs: [ pkgs.libpulseaudio ]; meta = with lib; { - description = "Minecraft 1.7, 1.8, 1.12, 1.15, and 1.16 Client"; + description = "Minecraft 1.7, 1.8, 1.12, 1.15, 1.16, 1.17, and 1.18 Client"; homepage = "https://www.lunarclient.com/"; license = with licenses; [ unfree ]; maintainers = with maintainers; [ zyansheep Technical27 ]; From fa9ee43d7f17a3087f10065a9a07269313239231 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Fri, 18 Mar 2022 14:50:59 -0700 Subject: [PATCH 06/36] python3Packages.dunamai: init at 1.10.0 --- .../python-modules/dunamai/default.nix | 52 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 + 2 files changed, 54 insertions(+) create mode 100644 pkgs/development/python-modules/dunamai/default.nix diff --git a/pkgs/development/python-modules/dunamai/default.nix b/pkgs/development/python-modules/dunamai/default.nix new file mode 100644 index 000000000000..f4a24a7a7f8a --- /dev/null +++ b/pkgs/development/python-modules/dunamai/default.nix @@ -0,0 +1,52 @@ +{ lib +, poetry-core +, buildPythonPackage +, fetchFromGitHub +, pythonOlder +, importlib-metadata +, packaging +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "dunamai"; + version = "1.10.0"; + format = "pyproject"; + + disabled = pythonOlder "3.7"; + + src = fetchFromGitHub { + owner = "mtkennerly"; + repo = "dunamai"; + rev = "v${version}"; + sha256 = "sha256-Sp0yfNkFwNc2qR9aSPteBqZcqRokM9whOVmduXVK3CI="; + }; + + nativeBuildInputs = [ + poetry-core + ]; + + propagatedBuildInputs = [ + packaging + ] ++ lib.optionals (pythonOlder "3.8") [ + importlib-metadata + ]; + + # needs to be able to run dunami from PATH + preCheck = '' + export PATH=$PATH:$out/bin + ''; + + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ "dunamai" ]; + + meta = with lib; { + description = "Dynamic version generation"; + homepage = "https://github.com/mtkennerly/dunamai"; + license = licenses.mit; + maintainers = with maintainers; [ jmgilman ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 92da9eec9a6e..06c46f66ae74 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -2502,6 +2502,8 @@ in { dulwich = callPackage ../development/python-modules/dulwich { }; + dunamai = callPackage ../development/python-modules/dunamai { }; + dungeon-eos = callPackage ../development/python-modules/dungeon-eos { }; dwdwfsapi = callPackage ../development/python-modules/dwdwfsapi { }; From 9bffd90af89201264cf02a6e2bf03692750725c3 Mon Sep 17 00:00:00 2001 From: Nicolas Benes Date: Sun, 20 Mar 2022 12:04:39 +0100 Subject: [PATCH 07/36] tor-browser-bundle-bin: 11.0.7 -> 11.0.9 --- .../networking/browsers/tor-browser-bundle-bin/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix b/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix index ce1d41834c3b..28e11814029c 100644 --- a/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix +++ b/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix @@ -87,7 +87,7 @@ let fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ]; # Upstream source - version = "11.0.7"; + version = "11.0.9"; lang = "en-US"; @@ -98,7 +98,7 @@ let "https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz" "https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz" ]; - sha256 = "197yf0abcb98kqds0xvki0b52rlhzyzdc98zmhrn7y8gmahc84cz"; + sha256 = "0cl01bx64d6bmajknj7085nzc6841adkp65fz531r3y6nnpwr9ds"; }; i686-linux = fetchurl { @@ -107,7 +107,7 @@ let "https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz" "https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz" ]; - sha256 = "0yylfsgmnfn6zww0r6kp1d1wmmb0lfa4lqwkgr7d8rzi6q9spmqk"; + sha256 = "0j6alhm1pqp7fb6nk55vzvr1qjz6gyd3vn6v2dkkvj9mgm57x1j5"; }; }; in From b97947bb898577cc6e04139e1b0f319d641b5d52 Mon Sep 17 00:00:00 2001 From: Alex Martens Date: Sun, 20 Mar 2022 13:13:23 -0700 Subject: [PATCH 08/36] python3Packages.flake8-bugbear: 22.1.11 -> 22.3.20 --- pkgs/development/python-modules/flake8-bugbear/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/flake8-bugbear/default.nix b/pkgs/development/python-modules/flake8-bugbear/default.nix index 083abcaf6b8c..20e8f5888262 100644 --- a/pkgs/development/python-modules/flake8-bugbear/default.nix +++ b/pkgs/development/python-modules/flake8-bugbear/default.nix @@ -10,13 +10,13 @@ buildPythonPackage rec { pname = "flake8-bugbear"; - version = "22.1.11"; + version = "22.3.20"; src = fetchFromGitHub { owner = "PyCQA"; repo = pname; rev = version; - sha256 = "sha256-sTg69Hgvi77wtLWEH4JtcIAMFk7exr5CBXmyS0nE5Vc="; + sha256 = "sha256-tq008SNytZCttnVY1NLf9/2aeqP+iPLUNsRLZu0k3Uk="; }; propagatedBuildInputs = [ From d5bf6bac5c0e51624eb26d38621718759df32eac Mon Sep 17 00:00:00 2001 From: David McFarland Date: Wed, 16 Mar 2022 09:47:27 -0300 Subject: [PATCH 09/36] buildFHSUserEnv{Chroot,Bubblewrap}: fix handling of glib schema An error would occur if share/glib-2.0/schema was a symlink. --- .../build-fhs-userenv-bubblewrap/env.nix | 19 +++++++++++-------- pkgs/build-support/build-fhs-userenv/env.nix | 19 +++++++++++-------- 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/pkgs/build-support/build-fhs-userenv-bubblewrap/env.nix b/pkgs/build-support/build-fhs-userenv-bubblewrap/env.nix index d0f88df44537..93292122b739 100644 --- a/pkgs/build-support/build-fhs-userenv-bubblewrap/env.nix +++ b/pkgs/build-support/build-fhs-userenv-bubblewrap/env.nix @@ -97,18 +97,21 @@ let if [[ -d $out/share/gsettings-schemas/ ]]; then # Recreate the standard schemas directory if its a symlink to make it writable if [[ -L $out/share/glib-2.0 ]]; then - ln -s $(readlink $out/share/glib-2.0) $out/share/glib-2.0.old - rm -rf $out/share/glib-2.0 + target=$(readlink $out/share/glib-2.0) + rm $out/share/glib-2.0 + mkdir $out/share/glib-2.0 + ln -fs $target/* $out/share/glib-2.0 + fi + + if [[ -L $out/share/glib-2.0/schemas ]]; then + target=$(readlink $out/share/glib-2.0/schemas) + rm $out/share/glib-2.0/schemas + mkdir $out/share/glib-2.0/schemas + ln -fs $target/* $out/share/glib-2.0/schemas fi mkdir -p $out/share/glib-2.0/schemas - # symlink any schema files or overrides to the standard schema directory - if [[ -e $out/share/glib-2.0.old/schemas ]]; then - ln -fs $out/share/glib-2.0.old/schemas/*.xml $out/share/glib-2.0/schemas - ln -fs $out/share/glib-2.0.old/schemas/*.gsettings-schemas.override $out/share/glib-2.0/schemas - fi - for d in $out/share/gsettings-schemas/*; do # Force symlink, in case there are duplicates ln -fs $d/glib-2.0/schemas/*.xml $out/share/glib-2.0/schemas diff --git a/pkgs/build-support/build-fhs-userenv/env.nix b/pkgs/build-support/build-fhs-userenv/env.nix index 7251500f76c5..cdc3096fcbfd 100644 --- a/pkgs/build-support/build-fhs-userenv/env.nix +++ b/pkgs/build-support/build-fhs-userenv/env.nix @@ -138,18 +138,21 @@ let if [[ -d $out/share/gsettings-schemas/ ]]; then # Recreate the standard schemas directory if its a symlink to make it writable if [[ -L $out/share/glib-2.0 ]]; then - ln -s $(readlink $out/share/glib-2.0) $out/share/glib-2.0.old - rm -rf $out/share/glib-2.0 + target=$(readlink $out/share/glib-2.0) + rm $out/share/glib-2.0 + mkdir $out/share/glib-2.0 + ln -fs $target/* $out/share/glib-2.0 + fi + + if [[ -L $out/share/glib-2.0/schemas ]]; then + target=$(readlink $out/share/glib-2.0/schemas) + rm $out/share/glib-2.0/schemas + mkdir $out/share/glib-2.0/schemas + ln -fs $target/* $out/share/glib-2.0/schemas fi mkdir -p $out/share/glib-2.0/schemas - # symlink any schema files or overrides to the standard schema directory - if [[ -e $out/share/glib-2.0.old/schemas ]]; then - ln -fs $out/share/glib-2.0.old/schemas/*.xml $out/share/glib-2.0/schemas - ln -fs $out/share/glib-2.0.old/schemas/*.gsettings-schemas.override $out/share/glib-2.0/schemas - fi - for d in $out/share/gsettings-schemas/*; do # Force symlink, in case there are duplicates ln -fs $d/glib-2.0/schemas/*.xml $out/share/glib-2.0/schemas From 3518ed19a50a12472dd9077d226eef221bd6abeb Mon Sep 17 00:00:00 2001 From: nixpkgs-upkeep-bot Date: Mon, 21 Mar 2022 00:11:09 +0000 Subject: [PATCH 10/36] plexamp: 4.0.3 -> 4.1.0 --- pkgs/applications/audio/plexamp/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/audio/plexamp/default.nix b/pkgs/applications/audio/plexamp/default.nix index 4f0ca02b628c..d86223dcdcb1 100644 --- a/pkgs/applications/audio/plexamp/default.nix +++ b/pkgs/applications/audio/plexamp/default.nix @@ -2,12 +2,12 @@ let pname = "plexamp"; - version = "4.0.3"; + version = "4.1.0"; src = fetchurl { url = "https://plexamp.plex.tv/plexamp.plex.tv/desktop/Plexamp-${version}.AppImage"; name="${pname}-${version}.AppImage"; - sha512 = "Nh0+/ibZnjcGXgQUe+QvukWpaX6/0nNPR4NIK0i2Bn6kBkihv9bkfF9xGpgqeE6H3CK+4e6ywg8y9RR+pJBBSA=="; + sha512 = "N+WkH6n7MWfRd2rsk/2b/rABL6pcjpKa1iBZSHslIOEc5fYWjGAxjwwTU0RgSaqptS1DyPeCUeWuphWPZJsQgw=="; }; appimageContents = appimageTools.extractType2 { @@ -33,7 +33,7 @@ in appimageTools.wrapType2 { meta = with lib; { description = "A beautiful Plex music player for audiophiles, curators, and hipsters"; homepage = "https://plexamp.com/"; - changelog = "https://forums.plex.tv/t/plexamp-release-notes/221280/41"; + changelog = "https://forums.plex.tv/t/plexamp-release-notes/221280/42"; license = licenses.unfree; maintainers = with maintainers; [ killercup synthetica ]; platforms = [ "x86_64-linux" ]; From 131ecf27a6d8d9e836d295b3544f1249f8ad295a Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Fri, 18 Mar 2022 15:46:40 -0700 Subject: [PATCH 11/36] maintainers: add @jmgilman --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 3acbd8d23438..8e92057d7fd3 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -5869,6 +5869,12 @@ githubId = 587870; name = "Jonathan Mettes"; }; + jmgilman = { + email = "joshuagilman@gmail.com"; + github = "jmgilman"; + githubId = 2308444; + name = "Joshua Gilman"; + }; jo1gi = { email = "joakimholm@protonmail.com"; github = "jo1gi"; From 181d2fafb54f2ea1be91ace8706bfb6e7c1d4b51 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 21 Mar 2022 21:45:12 +0000 Subject: [PATCH 12/36] matrix-synapse-plugins.matrix-synapse-mjolnir-antispam: 1.3.2 -> 1.4.1 --- pkgs/servers/matrix-synapse/plugins/mjolnir-antispam.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/matrix-synapse/plugins/mjolnir-antispam.nix b/pkgs/servers/matrix-synapse/plugins/mjolnir-antispam.nix index 014460ab2301..505e9e4ebae9 100644 --- a/pkgs/servers/matrix-synapse/plugins/mjolnir-antispam.nix +++ b/pkgs/servers/matrix-synapse/plugins/mjolnir-antispam.nix @@ -2,13 +2,13 @@ buildPythonPackage rec { pname = "matrix-synapse-mjolnir-antispam"; - version = "1.3.2"; + version = "1.4.1"; src = fetchFromGitHub { owner = "matrix-org"; repo = "mjolnir"; rev = "v${version}"; - sha256 = "HDfLndiFm9ayCmixuv4MYBbQ76mzCtTS+4UuBRdpP0E="; + sha256 = "sha256-zVb0lD5tYhX2a2MzNVQ8u7rMuQ8yGC/JlodbY4nsqNU="; }; sourceRoot = "./source/synapse_antispam"; From 1ed1d764f6c6fbf353fb6a4cd1257230df860ec4 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 22 Mar 2022 03:15:38 +0000 Subject: [PATCH 13/36] python310Packages.manimpango: 0.4.0.post2 -> 0.4.1 --- pkgs/development/python-modules/manimpango/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/manimpango/default.nix b/pkgs/development/python-modules/manimpango/default.nix index b717b4491173..f0f8bff52467 100644 --- a/pkgs/development/python-modules/manimpango/default.nix +++ b/pkgs/development/python-modules/manimpango/default.nix @@ -2,13 +2,13 @@ buildPythonPackage rec { pname = "manimpango"; - version = "0.4.0.post2"; + version = "0.4.1"; src = fetchFromGitHub { owner = "ManimCommunity"; repo = pname; rev = "v${version}"; - sha256 = "sha256-BMRlEdvJJOUbsvKEoZx2qJqHSbL475dhBthUpnsXkn4="; + sha256 = "sha256-ourSUYBAFONdupdsjo/PtwRQpXS7HqLxrHj0Ejr/Wdw="; }; postPatch = '' From 308a442f17dd179e352b99db2e9f96e9d3dbcf02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 22 Mar 2022 01:06:21 -0600 Subject: [PATCH 14/36] =?UTF-8?q?keybase-gui:=205.9.0=20=E2=86=92=205.9.3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pkgs/tools/security/keybase/gui.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/keybase/gui.nix b/pkgs/tools/security/keybase/gui.nix index d5f04099f756..f5147e17ac5e 100644 --- a/pkgs/tools/security/keybase/gui.nix +++ b/pkgs/tools/security/keybase/gui.nix @@ -4,16 +4,16 @@ , runtimeShell, gsettings-desktop-schemas }: let - versionSuffix = "20220120174718.95a3939b3a"; + versionSuffix = "20220216215910.c82d65a685"; in stdenv.mkDerivation rec { pname = "keybase-gui"; - version = "5.9.0"; # Find latest version from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages + version = "5.9.3"; # Find latest version from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages src = fetchurl { url = "https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${version + "-" + versionSuffix}_amd64.deb"; - sha256 = "sha256-Wdl5pZFIz+mDkkE0EDpLGH/eGWYoBbLV05LYJgkwpI4="; + hash = "sha256-JY2DaqApv6K02y3B+JIXpV4SvvMQpBhw9eqr/5Sn0cg="; }; nativeBuildInputs = [ From 283acd12292c8905de453cd4971a340a76e9690f Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Tue, 22 Mar 2022 08:55:52 +0100 Subject: [PATCH 15/36] python3Packages.manimpango: disable on older Python releases --- .../python-modules/manimpango/default.nix | 50 +++++++++++++++---- 1 file changed, 39 insertions(+), 11 deletions(-) diff --git a/pkgs/development/python-modules/manimpango/default.nix b/pkgs/development/python-modules/manimpango/default.nix index f0f8bff52467..f77aa81bbb60 100644 --- a/pkgs/development/python-modules/manimpango/default.nix +++ b/pkgs/development/python-modules/manimpango/default.nix @@ -1,37 +1,65 @@ -{ stdenv, lib, buildPythonPackage, fetchFromGitHub, python, pkg-config, pango, cython, AppKit, pytestCheckHook }: +{ lib +, stdenv +, buildPythonPackage +, fetchFromGitHub +, python +, pkg-config +, pango +, cython +, AppKit +, pytestCheckHook +, pythonOlder +}: buildPythonPackage rec { pname = "manimpango"; version = "0.4.1"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "ManimCommunity"; repo = pname; rev = "v${version}"; - sha256 = "sha256-ourSUYBAFONdupdsjo/PtwRQpXS7HqLxrHj0Ejr/Wdw="; + hash = "sha256-ourSUYBAFONdupdsjo/PtwRQpXS7HqLxrHj0Ejr/Wdw="; }; - postPatch = '' - substituteInPlace setup.cfg --replace "--cov --no-cov-on-fail" "" - ''; + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + pango + ] ++ lib.optionals stdenv.isDarwin [ + AppKit + ]; - nativeBuildInputs = [ pkg-config ]; - buildInputs = [ pango ] ++ lib.optionals stdenv.isDarwin [ AppKit ]; propagatedBuildInputs = [ cython ]; + checkInputs = [ + pytestCheckHook + ]; + + postPatch = '' + substituteInPlace setup.cfg \ + --replace "--cov --no-cov-on-fail" "" + ''; + preBuild = '' ${python.interpreter} setup.py build_ext --inplace ''; - checkInputs = [ pytestCheckHook ]; - pythonImportsCheck = [ "manimpango" ]; + pythonImportsCheck = [ + "manimpango" + ]; meta = with lib; { + description = "Binding for Pango"; homepage = "https://github.com/ManimCommunity/ManimPango"; license = licenses.mit; - description = "Binding for Pango"; - maintainers = [ maintainers.emilytrau ]; + maintainers = with maintainers; [ emilytrau ]; }; } From f487601491e7ca58870fa0494bb06e701c2a5803 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Tue, 22 Mar 2022 09:14:02 +0100 Subject: [PATCH 16/36] python3Packages.pysigma: 0.4.1 -> 0.4.2 --- pkgs/development/python-modules/pysigma/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pysigma/default.nix b/pkgs/development/python-modules/pysigma/default.nix index 89bea0d0dc9a..be35230dbd6b 100644 --- a/pkgs/development/python-modules/pysigma/default.nix +++ b/pkgs/development/python-modules/pysigma/default.nix @@ -11,7 +11,7 @@ buildPythonPackage rec { pname = "pysigma"; - version = "0.4.1"; + version = "0.4.2"; format = "pyproject"; disabled = pythonOlder "3.8"; @@ -20,7 +20,7 @@ buildPythonPackage rec { owner = "SigmaHQ"; repo = "pySigma"; rev = "v${version}"; - hash = "sha256-egyzeniid2PZZQ6hsd44W+YURI8uGaXvDMuhNIXUqO0="; + hash = "sha256-0k6m86RQoP4QTuxmCWBpxiGqaJt3alOLS5BAuOFwdb4="; }; nativeBuildInputs = [ From 8757379f78c40e119119a815269a8c8fea7c25c3 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Tue, 22 Mar 2022 09:17:48 +0100 Subject: [PATCH 17/36] python3Packages.pysigma-backend-splunk: 0.1.2 -> 0.2.0 --- .../python-modules/pysigma-backend-splunk/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pysigma-backend-splunk/default.nix b/pkgs/development/python-modules/pysigma-backend-splunk/default.nix index 97d5bd84f668..ab757085d1ca 100644 --- a/pkgs/development/python-modules/pysigma-backend-splunk/default.nix +++ b/pkgs/development/python-modules/pysigma-backend-splunk/default.nix @@ -3,13 +3,14 @@ , fetchFromGitHub , poetry-core , pysigma +, pysigma-pipeline-sysmon , pytestCheckHook , pythonOlder }: buildPythonPackage rec { pname = "pysigma-backend-splunk"; - version = "0.1.2"; + version = "0.2.0"; format = "pyproject"; disabled = pythonOlder "3.8"; @@ -18,7 +19,7 @@ buildPythonPackage rec { owner = "SigmaHQ"; repo = "pySigma-backend-splunk"; rev = "v${version}"; - hash = "sha256-jKvGBUO55DtF6bpgEL82XB5Ba+kmqJsCqUdzftcpSJ0="; + hash = "sha256-EP0gcK05hZ5TCOgTePezfEGbW45dGrnnksWyI9Jo9MQ="; }; nativeBuildInputs = [ @@ -30,6 +31,7 @@ buildPythonPackage rec { ]; checkInputs = [ + pysigma-pipeline-sysmon pytestCheckHook ]; From 41d45d674a3460b4984c6e3917f7cf231d0ec386 Mon Sep 17 00:00:00 2001 From: Luflosi Date: Thu, 17 Mar 2022 16:40:54 +0100 Subject: [PATCH 18/36] nixos/ipfs: add systemd hardening Use the hardened systemd unit from upstream. --- .../services/network-filesystems/ipfs.nix | 7 +++++- nixos/tests/ipfs.nix | 5 ++++ pkgs/applications/networking/ipfs/default.nix | 24 ++++++++++++------- 3 files changed, 27 insertions(+), 9 deletions(-) diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix index 17da020bf3e2..655785b99d87 100644 --- a/nixos/modules/services/network-filesystems/ipfs.nix +++ b/nixos/modules/services/network-filesystems/ipfs.nix @@ -239,7 +239,10 @@ in "d '${cfg.ipnsMountDir}' - ${cfg.user} ${cfg.group} - -" ]; - systemd.packages = [ cfg.package ]; + # The hardened systemd unit breaks the fuse-mount function according to documentation in the unit file itself + systemd.packages = if cfg.autoMount + then [ cfg.package.systemd_unit ] + else [ cfg.package.systemd_unit_hardened ]; systemd.services.ipfs = { path = [ "/run/wrappers" cfg.package ]; @@ -275,6 +278,8 @@ in ExecStart = [ "" "${cfg.package}/bin/ipfs daemon ${ipfsFlags}" ]; User = cfg.user; Group = cfg.group; + StateDirectory = ""; + ReadWritePaths = [ "" cfg.dataDir ]; } // optionalAttrs (cfg.serviceFdlimit != null) { LimitNOFILE = cfg.serviceFdlimit; }; } // optionalAttrs (!cfg.startWhenNeeded) { wantedBy = [ "default.target" ]; diff --git a/nixos/tests/ipfs.nix b/nixos/tests/ipfs.nix index f8683b0a8580..5e7c967028e4 100644 --- a/nixos/tests/ipfs.nix +++ b/nixos/tests/ipfs.nix @@ -10,6 +10,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { # Also will add a unix domain socket socket API address, see module. startWhenNeeded = true; apiAddress = "/ip4/127.0.0.1/tcp/2324"; + dataDir = "/mnt/ipfs"; }; }; @@ -35,5 +36,9 @@ import ./make-test-python.nix ({ pkgs, ...} : { machine.succeed( f"ipfs --api /unix/run/ipfs.sock cat /ipfs/{ipfs_hash.strip()} | grep fnord2" ) + + # Test if setting dataDir works properly with the hardened systemd unit + machine.succeed("test -e /mnt/ipfs/config") + machine.succeed("test ! -e /var/lib/ipfs/") ''; }) diff --git a/pkgs/applications/networking/ipfs/default.nix b/pkgs/applications/networking/ipfs/default.nix index 2cceddf0bd7c..f6285ae59beb 100644 --- a/pkgs/applications/networking/ipfs/default.nix +++ b/pkgs/applications/networking/ipfs/default.nix @@ -29,15 +29,23 @@ buildGoModule rec { vendorSha256 = null; + outputs = [ "out" "systemd_unit" "systemd_unit_hardened" ]; + + postPatch = '' + substituteInPlace 'misc/systemd/ipfs.service' \ + --replace '/usr/bin/ipfs' "$out/bin/ipfs" + substituteInPlace 'misc/systemd/ipfs-hardened.service' \ + --replace '/usr/bin/ipfs' "$out/bin/ipfs" + ''; + postInstall = '' - install --mode=444 -D misc/systemd/ipfs.service $out/etc/systemd/system/ipfs.service - install --mode=444 -D misc/systemd/ipfs-hardened.service $out/etc/systemd/system/ipfs-hardened.service - install --mode=444 -D misc/systemd/ipfs-api.socket $out/etc/systemd/system/ipfs-api.socket - install --mode=444 -D misc/systemd/ipfs-gateway.socket $out/etc/systemd/system/ipfs-gateway.socket - substituteInPlace $out/etc/systemd/system/ipfs.service \ - --replace /usr/bin/ipfs $out/bin/ipfs - substituteInPlace $out/etc/systemd/system/ipfs-hardened.service \ - --replace /usr/bin/ipfs $out/bin/ipfs + install --mode=444 -D 'misc/systemd/ipfs-api.socket' "$systemd_unit/etc/systemd/system/ipfs-api.socket" + install --mode=444 -D 'misc/systemd/ipfs-gateway.socket' "$systemd_unit/etc/systemd/system/ipfs-gateway.socket" + install --mode=444 -D 'misc/systemd/ipfs.service' "$systemd_unit/etc/systemd/system/ipfs.service" + + install --mode=444 -D 'misc/systemd/ipfs-api.socket' "$systemd_unit_hardened/etc/systemd/system/ipfs-api.socket" + install --mode=444 -D 'misc/systemd/ipfs-gateway.socket' "$systemd_unit_hardened/etc/systemd/system/ipfs-gateway.socket" + install --mode=444 -D 'misc/systemd/ipfs-hardened.service' "$systemd_unit_hardened/etc/systemd/system/ipfs.service" ''; meta = with lib; { From 934dd07de9d14c44fb9fa040e231b6b5ce28865e Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Tue, 22 Mar 2022 11:15:31 +0100 Subject: [PATCH 19/36] sigma-cli: 0.3.2 -> 0.3.3 --- pkgs/tools/security/sigma-cli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/sigma-cli/default.nix b/pkgs/tools/security/sigma-cli/default.nix index 5a6a3ab9ef54..3d83653cb00f 100644 --- a/pkgs/tools/security/sigma-cli/default.nix +++ b/pkgs/tools/security/sigma-cli/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "sigma-cli"; - version = "0.3.2"; + version = "0.3.3"; format = "pyproject"; src = fetchFromGitHub { owner = "SigmaHQ"; repo = pname; rev = "v${version}"; - hash = "sha256-We6vJXLIxGe//78pgJFrihFJHl0gRd02I53hoYWcao0="; + hash = "sha256-AUAOZrwLNu+Llg8RX4RKm4vAETgpPLKK1mcpl8jxGYE="; }; nativeBuildInputs = with python3.pkgs; [ From b2a46c270544fc6a2987264fbd92fe724b3b1f2e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 22 Mar 2022 11:08:19 +0000 Subject: [PATCH 20/36] python310Packages.catalogue: 2.0.6 -> 2.0.7 --- pkgs/development/python-modules/catalogue/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/catalogue/default.nix b/pkgs/development/python-modules/catalogue/default.nix index 7105e360561e..e47e77b9eb49 100644 --- a/pkgs/development/python-modules/catalogue/default.nix +++ b/pkgs/development/python-modules/catalogue/default.nix @@ -10,14 +10,14 @@ buildPythonPackage rec { pname = "catalogue"; - version = "2.0.6"; + version = "2.0.7"; format = "setuptools"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - sha256 = "0idjhx2s8cy6ppd18k1zy246d97gdd6i217m5q26fwa47xh3asik"; + sha256 = "sha256-U10zrnnr0hyimFUdhdoYaui44d82sPsCRtp3QWPsLWs="; }; propagatedBuildInputs = lib.optionals (pythonOlder "3.8") [ From 3031d3308d0a249ed99ed31a9973447a1feab26a Mon Sep 17 00:00:00 2001 From: Joel Date: Tue, 22 Mar 2022 21:33:45 +1000 Subject: [PATCH 21/36] python3Packages.dataclasses-json: 0.5.6 -> 0.5.7 https://github.com/lidatong/dataclasses-json/releases/tag/v0.5.7 --- .../python-modules/dataclasses-json/default.nix | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/pkgs/development/python-modules/dataclasses-json/default.nix b/pkgs/development/python-modules/dataclasses-json/default.nix index 196d3b913776..2a4fd2cef42b 100644 --- a/pkgs/development/python-modules/dataclasses-json/default.nix +++ b/pkgs/development/python-modules/dataclasses-json/default.nix @@ -10,13 +10,13 @@ buildPythonPackage rec { pname = "dataclasses-json"; - version = "0.5.6"; + version = "0.5.7"; src = fetchFromGitHub { owner = "lidatong"; repo = pname; rev = "v${version}"; - sha256 = "09253p0zjqfaqap7jgfgjl1jswwnz7mb6x7dqix09id92mnb89mf"; + sha256 = "1xv9br6mm5pcwfy10ykbc1c0n83fqyj1pa81z272kqww7wpkkp6j"; }; propagatedBuildInputs = [ @@ -30,11 +30,6 @@ buildPythonPackage rec { pytestCheckHook ]; - disabledTests = [ - # AssertionError: Type annotations check failed - "test_type_hints" - ]; - pythonImportsCheck = [ "dataclasses_json" ]; meta = with lib; { From 6d766ae8b7961fb0ca64639d5318dd29cccc3748 Mon Sep 17 00:00:00 2001 From: Viktor Kleen Date: Tue, 22 Mar 2022 00:16:07 +0000 Subject: [PATCH 22/36] nixos/test-driver: deduplicate VLANs Naively deduplicate VLANs in the python driver for NixOS tests. The current implementation accidentally works, since the VLan class mutates the environment. On construction it sets QEMU_VDE_SOCKET_${id} and this environment variable gets overwritten once a second VLAN with the same id is constructed. Because the NIC flags passed to qemu just use the QEMU_VDE_SOCKET_${id} environment variable, this implicitly chooses a single vde_switch process for each VLAN. However, this leads to unusable vde_switch processes being spawned in each test run and as a side effect makes it impossible to access the correct VLan objects in the interactive test driver. It also makes it remarkably hard to understand why the current implementation ever worked. --- nixos/lib/test-driver/test_driver/driver.py | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/lib/test-driver/test_driver/driver.py b/nixos/lib/test-driver/test_driver/driver.py index 880b1c5fdec0..0e5f013193fe 100644 --- a/nixos/lib/test-driver/test_driver/driver.py +++ b/nixos/lib/test-driver/test_driver/driver.py @@ -55,6 +55,7 @@ class Driver: tmp_dir = get_tmp_dir() with rootlog.nested("start all VLans"): + vlans = list(set(vlans)) self.vlans = [VLan(nr, tmp_dir) for nr in vlans] def cmd(scripts: List[str]) -> Iterator[NixStartScript]: From 55381a3ce18de3bc60f38990b5f3c7ddef5e6075 Mon Sep 17 00:00:00 2001 From: maxice8 Date: Mon, 7 Mar 2022 23:53:33 -0300 Subject: [PATCH 23/36] abuild: 3.7.0 -> 3.9.0 --- pkgs/development/tools/abuild/default.nix | 40 +++++++++++++++++++++-- 1 file changed, 37 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/abuild/default.nix b/pkgs/development/tools/abuild/default.nix index 144ec8be9d4e..a597213b866c 100644 --- a/pkgs/development/tools/abuild/default.nix +++ b/pkgs/development/tools/abuild/default.nix @@ -1,32 +1,48 @@ { lib , stdenv , fetchFromGitLab +, makeWrapper , pkg-config +, file +, scdoc , openssl , zlib , busybox +, apk-tools +, perl }: stdenv.mkDerivation rec { pname = "abuild"; - version = "3.7.0"; + version = "3.9.0"; src = fetchFromGitLab { domain = "gitlab.alpinelinux.org"; owner = "alpine"; repo = pname; - rev = "v${version}"; - sha256 = "1xsik9hyzzq861bi922sb5r8c6r4wpnpxz5kd30i9f20vvfpp5jx"; + rev = version; + sha256 = "1zs8slaqiv8q8bim8mwfy08ymar78rqpkgqksw8y1lsjrj49fqy4"; }; buildInputs = [ openssl zlib busybox + # for $out/bin/apkbuild-cpan and $out/bin/apkbuild-pypi + (perl.withPackages (ps: with ps; [ + LWP + JSON + ModuleBuildTiny + LWPProtocolHttps + IPCSystemSimple + ])) ]; nativeBuildInputs = [ pkg-config + scdoc + makeWrapper + file ]; patchPhase = '' @@ -43,6 +59,24 @@ stdenv.mkDerivation rec { "sysconfdir=${placeholder "out"}/etc" ]; + postInstall = '' + # this script requires unpackaged 'augeas' rubygem, no reason + # to ship it if we can't provide the dependencies for it + rm -f ${placeholder "out"}/bin/apkbuild-gem-resolver + + # Find all executables that are not compiled binaries and wrap + # them, make `apk-tools` available in their PATH and also the + # $out directory since many of the binaries provided call into + # other binaries + for prog in \ + $(find ${placeholder "out"}/bin -type f -exec ${file}/bin/file -i '{}' + \ + | grep -v x-executable | cut -d : -f1); do + wrapProgram $prog \ + --prefix PATH : "${lib.makeBinPath [ apk-tools ]}" \ + --prefix PATH : "${placeholder "out"}/bin" + done + ''; + meta = with lib; { description = "Alpine Linux build tools"; homepage = "https://gitlab.alpinelinux.org/alpine/abuild"; From 8ae47900166db91ce816bfa769ce930910bb2b5e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 22 Mar 2022 13:23:49 +0000 Subject: [PATCH 24/36] nuclei: 2.6.3 -> 2.6.5 --- pkgs/tools/security/nuclei/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/nuclei/default.nix b/pkgs/tools/security/nuclei/default.nix index 0b3e21b73d19..14539bf21574 100644 --- a/pkgs/tools/security/nuclei/default.nix +++ b/pkgs/tools/security/nuclei/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "nuclei"; - version = "2.6.3"; + version = "2.6.5"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = pname; rev = "v${version}"; - sha256 = "sha256-4jByNyO0EvJ2ppdg21+7YfeB9arjBZALrOm5MJlkZsg="; + sha256 = "sha256-g78sZDhV2+MgoFkJIrE2RbVLa/aPjbKFFRyKj594Hb0="; }; - vendorSha256 = "sha256-717+jJiyqmctR9Yb/XnnKd1N+31K2+xO1XClGMKlL+k="; + vendorSha256 = "sha256-/umoSOQ0ehQplxU8OTGJVmTgO+8xPZxVwRBfM67zMh8="; modRoot = "./v2"; subPackages = [ From 216b4f181379ad704b6102eef4ad36b4a18b2d30 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 18 Mar 2022 16:19:56 +0000 Subject: [PATCH 25/36] ocenaudio: 3.11.5 -> 3.11.7 --- pkgs/applications/audio/ocenaudio/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/audio/ocenaudio/default.nix b/pkgs/applications/audio/ocenaudio/default.nix index 8a25955e2498..50697c6c81a9 100644 --- a/pkgs/applications/audio/ocenaudio/default.nix +++ b/pkgs/applications/audio/ocenaudio/default.nix @@ -11,11 +11,11 @@ stdenv.mkDerivation rec { pname = "ocenaudio"; - version = "3.11.5"; + version = "3.11.7"; src = fetchurl { url = "https://www.ocenaudio.com/downloads/index.php/ocenaudio_debian9_64.deb?version=${version}"; - sha256 = "sha256-YkSsvhBbju/NEkT7RspZQYnLkcx/5POA8VtxCAL3Wcc="; + sha256 = "sha256-fTeDRo7gCM1jXTQGm9MsmKu4KvTGDUogF3VSZWk91RM="; }; nativeBuildInputs = [ @@ -41,7 +41,7 @@ stdenv.mkDerivation rec { rm -rf $out/opt # Create symlink bzip2 library - ln -s ${bzip2.out}/lib/libbz2.so.1 $out/libbz2.so.1.0 + ln -s ${bzip2.out}/lib/libbz2.so.1 $out/lib/libbz2.so.1.0 ''; meta = with lib; { From b4c2ffaffa600ffce2121e21f65641ec92955781 Mon Sep 17 00:00:00 2001 From: Sivizius Date: Tue, 22 Mar 2022 14:25:57 +0100 Subject: [PATCH 26/36] nixos/wg-quick: add autostart option to interfaces (#162219) This adds the option `networking.wg-quick.interfaces..autostart`, which defaults to `true`, which is the previous behavior. With this option set to `false`, the systemd-unit will no longer be set to `wantedBy = [ "multi-user.target" ]` and therefore the tunnel has to be enabled/disabled via `systemctl start/stop wg-quick-`. Co-authored-by: pennae <82953136+pennae@users.noreply.github.com> --- nixos/modules/services/networking/wg-quick.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/networking/wg-quick.nix b/nixos/modules/services/networking/wg-quick.nix index 414775fc3577..61e9fe5096b1 100644 --- a/nixos/modules/services/networking/wg-quick.nix +++ b/nixos/modules/services/networking/wg-quick.nix @@ -17,6 +17,13 @@ let description = "The IP addresses of the interface."; }; + autostart = mkOption { + description = "Whether to bring up this interface automatically during boot."; + default = true; + example = false; + type = types.bool; + }; + dns = mkOption { example = [ "192.168.2.2" ]; default = []; @@ -247,7 +254,7 @@ let description = "wg-quick WireGuard Tunnel - ${name}"; requires = [ "network-online.target" ]; after = [ "network.target" "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; + wantedBy = optional values.autostart "multi-user.target"; environment.DEVICE = name; path = [ pkgs.kmod pkgs.wireguard-tools ]; From 168bdc3c7d124a0b638c4648df5fa252d384f44b Mon Sep 17 00:00:00 2001 From: sternenseemann Date: Tue, 22 Mar 2022 10:52:15 +0100 Subject: [PATCH 27/36] u9fs: fix man page location By convention man pages need to located at `share/man/man$section/$name.$section`. --- pkgs/servers/u9fs/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/u9fs/default.nix b/pkgs/servers/u9fs/default.nix index 60dde01e9c63..69e3c4d1fe4c 100644 --- a/pkgs/servers/u9fs/default.nix +++ b/pkgs/servers/u9fs/default.nix @@ -11,8 +11,8 @@ stdenv.mkDerivation { }; installPhase = '' - mkdir -p $out/bin $out/share/man4 - cp u9fs.man $out/share/man4 + mkdir -p $out/bin $out/share/man/man4 + cp u9fs.man $out/share/man/man4/u9fs.4 cp u9fs $out/bin ''; From fd02a092d28cfc9179dd43b5296d2a1e003def38 Mon Sep 17 00:00:00 2001 From: sternenseemann Date: Tue, 22 Mar 2022 10:55:06 +0100 Subject: [PATCH 28/36] u9fs: use install(1) for copying files --- pkgs/servers/u9fs/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/u9fs/default.nix b/pkgs/servers/u9fs/default.nix index 69e3c4d1fe4c..b99bf43b5822 100644 --- a/pkgs/servers/u9fs/default.nix +++ b/pkgs/servers/u9fs/default.nix @@ -11,9 +11,8 @@ stdenv.mkDerivation { }; installPhase = '' - mkdir -p $out/bin $out/share/man/man4 - cp u9fs.man $out/share/man/man4/u9fs.4 - cp u9fs $out/bin + install -Dm644 u9fs.man "$out/share/man/man4/u9fs.4" + install -Dm755 u9fs -t "$out/bin" ''; meta = with lib; { From 4ceb138f4b77e6ad5e15c372a895981d285bd5a8 Mon Sep 17 00:00:00 2001 From: Profpatsch Date: Tue, 22 Mar 2022 12:25:10 +0100 Subject: [PATCH 29/36] haskellPackages.HaskellNet-SSL: mark unbroken It builds! --- .../haskell-modules/configuration-hackage2nix/broken.yaml | 1 - pkgs/development/haskell-modules/hackage-packages.nix | 2 -- 2 files changed, 3 deletions(-) diff --git a/pkgs/development/haskell-modules/configuration-hackage2nix/broken.yaml b/pkgs/development/haskell-modules/configuration-hackage2nix/broken.yaml index 038060a21366..09ce57fe1d34 100644 --- a/pkgs/development/haskell-modules/configuration-hackage2nix/broken.yaml +++ b/pkgs/development/haskell-modules/configuration-hackage2nix/broken.yaml @@ -1986,7 +1986,6 @@ broken-packages: - haskell-mpi - haskell-names - haskell-neo4j-client - - HaskellNet-SSL - HaskellNN - Haskelloids - haskell-openflow diff --git a/pkgs/development/haskell-modules/hackage-packages.nix b/pkgs/development/haskell-modules/hackage-packages.nix index f0e6c84e6bce..a16396d316ef 100644 --- a/pkgs/development/haskell-modules/hackage-packages.nix +++ b/pkgs/development/haskell-modules/hackage-packages.nix @@ -10200,8 +10200,6 @@ self: { ]; description = "Helpers to connect to SSL/TLS mail servers with HaskellNet"; license = lib.licenses.bsd3; - hydraPlatforms = lib.platforms.none; - broken = true; }) {}; "HaskellTorrent" = callPackage From c60647f50bf00af087e411a2891ce132883d6b1c Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Tue, 22 Mar 2022 14:39:22 +0000 Subject: [PATCH 30/36] pr-tracker: 1.1.0 -> 1.2.0 --- pkgs/servers/pr-tracker/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/pr-tracker/default.nix b/pkgs/servers/pr-tracker/default.nix index d7bb27b4f29b..33ce80cdaaf5 100644 --- a/pkgs/servers/pr-tracker/default.nix +++ b/pkgs/servers/pr-tracker/default.nix @@ -8,14 +8,14 @@ rustPlatform.buildRustPackage rec { pname = "pr-tracker"; - version = "1.1.0"; + version = "1.2.0"; src = fetchurl { url = "https://git.qyliss.net/pr-tracker/snapshot/pr-tracker-${version}.tar.xz"; - sha256 = "0881ckb4y762isisf9d6xk6fh9207xi1i04kays298zx2dq6gh6h"; + sha256 = "sha256-Tru9DsitRQLiO4Ln70J9LvkEqcj2i4A+eArBvIhd/ls="; }; - cargoSha256 = "0r8pxg65s5jv95a0g8pzr693za7jfb4rv0wc739lkbpf0dssw8sr"; + cargoSha256 = "0q3ibxnzw8gngvrgfkv4m64dr411c511xkvb6j9k63vhy9vwarz7"; nativeBuildInputs = [ pkg-config ]; buildInputs = [ openssl systemd ]; From bb82344ca6925b1b4e4a7de9465016ba40904fc3 Mon Sep 17 00:00:00 2001 From: "florian on nixos (Florian Brandes)" Date: Tue, 22 Mar 2022 11:01:00 +0100 Subject: [PATCH 31/36] python3Packages.zipstream-ng: init at 1.3.4 needed for octoprint update Signed-off-by: florian on nixos (Florian Brandes) Co-authored-by: Fabian Affolter Signed-off-by: florian on nixos (Florian Brandes) --- .../python-modules/zipstream-ng/default.nix | 38 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 + 2 files changed, 40 insertions(+) create mode 100644 pkgs/development/python-modules/zipstream-ng/default.nix diff --git a/pkgs/development/python-modules/zipstream-ng/default.nix b/pkgs/development/python-modules/zipstream-ng/default.nix new file mode 100644 index 000000000000..b1f620557bfa --- /dev/null +++ b/pkgs/development/python-modules/zipstream-ng/default.nix @@ -0,0 +1,38 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, pytestCheckHook +, pythonOlder +}: + +buildPythonPackage rec { + pname = "zipstream-ng"; + version = "1.3.4"; + + disabled = pythonOlder "3.7"; + src = fetchFromGitHub { + owner = "pR0Ps"; + repo = "zipstream-ng"; + rev = "v${version}"; + sha256 = "NTsnGCddGDUxdHbEoM2ew756psboex3sb6MkYKtaSjQ="; + }; + + pythonImportsCheck = [ + "zipstream" + ]; + + checkInputs = [ + pytestCheckHook + ]; + + meta = with lib; { + description = "Library to generate streamable zip files"; + longDescription = '' + A modern and easy to use streamable zip file generator. It can package and stream many files + and folders on the fly without needing temporary files or excessive memory + ''; + homepage = "https://github.com/pR0Ps/zipstream-ng"; + license = licenses.lgpl3Only; + maintainers = with maintainers; [ gador ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 542b0961b017..cbc6b5dea957 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -10987,6 +10987,8 @@ in { zipstream-new = callPackage ../development/python-modules/zipstream-new { }; + zipstream-ng = callPackage ../development/python-modules/zipstream-ng { }; + zm-py = callPackage ../development/python-modules/zm-py { }; zodb = callPackage ../development/python-modules/zodb { }; From de4a69b2de1f157989fb1780d89d8db004169bd1 Mon Sep 17 00:00:00 2001 From: aszlig Date: Mon, 21 Mar 2022 19:18:18 +0100 Subject: [PATCH 32/36] nixos/tests/avahi: Fix running background command In https://github.com/NixOS/nixpkgs/pull/142747, the implementation behind Machine.execute() has been changed to pipe all the command's output into base64 on the guest machine. Unfortunately this means that base64 is blocking until stdout is closed, which in turn means that we now need to make sure that whenever we run a program in background via "&" we also need to make sure to close stdout, which we do by redirecting stdout to stderr. Signed-off-by: aszlig --- nixos/tests/avahi.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/tests/avahi.nix b/nixos/tests/avahi.nix index ebb46838325f..c53a95903291 100644 --- a/nixos/tests/avahi.nix +++ b/nixos/tests/avahi.nix @@ -59,7 +59,7 @@ import ./make-test-python.nix { two.succeed("test `wc -l < out` -gt 0") # More DNS-SD. - one.execute('avahi-publish -s "This is a test" _test._tcp 123 one=1 &') + one.execute('avahi-publish -s "This is a test" _test._tcp 123 one=1 >&2 &') one.sleep(5) two.succeed("avahi-browse -r -t _test._tcp | tee out >&2") two.succeed("test `wc -l < out` -gt 0") From 826febf74f022d51ec6c539b05259e9eb2611df9 Mon Sep 17 00:00:00 2001 From: Will Cohen Date: Tue, 22 Mar 2022 09:05:27 -0400 Subject: [PATCH 33/36] qgis-ltr: 3.22.4 -> 3.22.5 --- pkgs/applications/gis/qgis/unwrapped-ltr.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/gis/qgis/unwrapped-ltr.nix b/pkgs/applications/gis/qgis/unwrapped-ltr.nix index 41408bc33072..5a4f059e91ef 100644 --- a/pkgs/applications/gis/qgis/unwrapped-ltr.nix +++ b/pkgs/applications/gis/qgis/unwrapped-ltr.nix @@ -69,14 +69,14 @@ let six ]; in mkDerivation rec { - version = "3.22.4"; + version = "3.22.5"; pname = "qgis-ltr-unwrapped"; src = fetchFromGitHub { owner = "qgis"; repo = "QGIS"; rev = "final-${lib.replaceStrings [ "." ] [ "_" ] version}"; - sha256 = "sha256-z2dCdaIJUKpZgJHtn1/qA07uMJpAWKL0cDx6B/n1Oxg="; + sha256 = "sha256-G7ckAj0vb6030L2gL11+e5pp0OK1NxwECQ295B9sI4o="; }; passthru = { From fd620c8da1ac24f3dc4366a01d9570e87ffac16e Mon Sep 17 00:00:00 2001 From: Will Cohen Date: Tue, 22 Mar 2022 09:06:00 -0400 Subject: [PATCH 34/36] qgis: 3.24.0 -> 3.24.1 --- pkgs/applications/gis/qgis/unwrapped.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/gis/qgis/unwrapped.nix b/pkgs/applications/gis/qgis/unwrapped.nix index 9658cfe0608d..ca73dcdbfaaf 100644 --- a/pkgs/applications/gis/qgis/unwrapped.nix +++ b/pkgs/applications/gis/qgis/unwrapped.nix @@ -69,14 +69,14 @@ let six ]; in mkDerivation rec { - version = "3.24.0"; + version = "3.24.1"; pname = "qgis-unwrapped"; src = fetchFromGitHub { owner = "qgis"; repo = "QGIS"; rev = "final-${lib.replaceStrings [ "." ] [ "_" ] version}"; - sha256 = "sha256-EPF8sXAH7UAttLutxXGFovog3+XpXP0GXg2tu0mSU2s="; + sha256 = "sha256-3dAwFR7L6NNDkDqNg9MzOJOGh1CDEJfckwo72dQECDg="; }; passthru = { From 488869f602eea53e3fe08c89bdb655811877cde0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ma=C3=ABlys=20Bras=20de=20fer?= Date: Sun, 23 Jan 2022 14:59:30 +0100 Subject: [PATCH 35/36] nixos-rebuild: support --quiet, --print-build-logs --quiet decreases the logging verbosity level (inverse of -v) --print-build-logs prints build logs on stderr (same as -L) Also reordered and grouped some options for consistency --- pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index e7c6bd016048..2ec30c24f2d3 100755 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -65,14 +65,14 @@ while [ "$#" -gt 0 ]; do upgrade=1 upgrade_all=1 ;; - -s|--use-substitutes) + --use-substitutes|-s) copyClosureFlags+=("$i") ;; - --max-jobs|-j|--cores|-I|--builders) + -I|--max-jobs|-j|--cores|--builders) j="$1"; shift 1 extraBuildFlags+=("$i" "$j") ;; - --show-trace|--keep-failed|-K|--keep-going|-k|--fallback|--repair|--no-build-output|-Q|-j*|-L|--print-build-logs|--refresh|--no-net|--offline|--impure) + -j*|--quiet|--print-build-logs|-L|--no-build-output|-Q| --show-trace|--keep-going|-k|--keep-failed|-K|--fallback|--refresh|--repair|--impure|--offline|--no-net) extraBuildFlags+=("$i") ;; --verbose|-v|-vv|-vvv|-vvvv|-vvvvv) From 611e9302f9b33ca72cfce239445444aad3653b47 Mon Sep 17 00:00:00 2001 From: Michal Sojka Date: Fri, 4 Mar 2022 18:53:07 +0100 Subject: [PATCH 36/36] nixos-rebuild: add --no-flake switch When a NixOS system uses flakes, i.e., /etc/nixos/flake.nix exists, it is impossible to use nixos-rebuild to build a pre-flake configuration.nix. Of course, one can directly use nix command to build the configuration, but not everybody remembers the correct nix options to do that. With the new option, it is possible to build a pre-flake configuration with command like this: nixos-rebuild build-vm -I nixos-config=./vm.nix --no-flake The option might be useful for people following older pre-flake tutorials on a flake-based system. --- nixos/doc/manual/man-nixos-rebuild.xml | 18 ++++++++++++++++++ .../linux/nixos-rebuild/nixos-rebuild.sh | 6 +++++- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index ab2a5d83a089..b2ca9f457a2b 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -91,6 +91,10 @@ flake-uri + + + + input-name flake-uri @@ -594,6 +598,20 @@ + + + + + + + Do not imply if + /etc/nixos/flake.nix exists. With this + option, it is possible to build non-flake NixOS configurations + even if the current NixOS systems uses flakes. + + + + diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index 2ec30c24f2d3..0c3d64ace9c4 100755 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -32,6 +32,7 @@ buildHost=localhost targetHost= remoteSudo= verboseScript= +noFlake= # comma separated list of vars to preserve when using sudo preservedSudoVars=NIXOS_INSTALL_BOOTLOADER @@ -115,6 +116,9 @@ while [ "$#" -gt 0 ]; do flakeFlags=(--extra-experimental-features 'nix-command flakes') shift 1 ;; + --no-flake) + noFlake=1 + ;; --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) lockFlags+=("$i") ;; @@ -339,7 +343,7 @@ fi # Use /etc/nixos/flake.nix if it exists. It can be a symlink to the # actual flake. -if [[ -z $flake && -e /etc/nixos/flake.nix ]]; then +if [[ -z $flake && -e /etc/nixos/flake.nix && -z $noFlake ]]; then flake="$(dirname "$(readlink -f /etc/nixos/flake.nix)")" fi