From a709b1a373b4d6c183c72da1294f5cad53a4f80d Mon Sep 17 00:00:00 2001 From: Aneesh Agrawal Date: Sun, 3 Jun 2018 21:01:53 -0700 Subject: [PATCH 001/120] nixos/users: Allow mutable shells for declarative users I want to manage users centrally via declarativeUsers, but allow users to change their shell as they please, similar to how they can change passwords at will if none of the password-related NixOS settings are set for their user. --- nixos/modules/config/update-users-groups.pl | 9 +++++++++ nixos/modules/config/users-groups.nix | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/nixos/modules/config/update-users-groups.pl b/nixos/modules/config/update-users-groups.pl index ef5e6346f02e..57ed9b95be21 100644 --- a/nixos/modules/config/update-users-groups.pl +++ b/nixos/modules/config/update-users-groups.pl @@ -228,6 +228,15 @@ foreach my $u (@{$spec->{users}}) { $u->{hashedPassword} = hashPassword($u->{password}); } + if (!defined $u->{shell}) { + if (defined $existing) { + $u->{shell} = $existing->{shell}; + } else { + warn "warning: no declarative or previous shell for ‘$name’, setting shell to nologin\n"; + $u->{shell} = "/run/current-system/sw/bin/nologin"; + } + } + $u->{fakePassword} = $existing->{fakePassword} // "x"; $usersOut{$name} = $u; diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index c3f228c9bcc4..c50b9829d6da 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -119,7 +119,7 @@ let }; shell = mkOption { - type = types.either types.shellPackage types.path; + type = types.nullOr (types.either types.shellPackage types.path); default = pkgs.shadow; defaultText = "pkgs.shadow"; example = literalExample "pkgs.bashInteractive"; From 48810b2cfaf39f9278d759ac2a69a84981acb070 Mon Sep 17 00:00:00 2001 From: Chuck Date: Fri, 21 Feb 2020 17:49:56 -0800 Subject: [PATCH 002/120] nixos/nixos-enter: Create /tmp /tmp is normally created by the systemd-tmpfiles-setup systemd service at startup. Fixes #39140 --- nixos/modules/installer/tools/nixos-enter.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/modules/installer/tools/nixos-enter.sh b/nixos/modules/installer/tools/nixos-enter.sh index 1fdd4627a902..d3006e9fe17f 100644 --- a/nixos/modules/installer/tools/nixos-enter.sh +++ b/nixos/modules/installer/tools/nixos-enter.sh @@ -69,6 +69,9 @@ mount --rbind /sys "$mountPoint/sys" # Run the activation script. Set $LOCALE_ARCHIVE to supress some Perl locale warnings. LOCALE_ARCHIVE="$system/sw/lib/locale/locale-archive" chroot "$mountPoint" "$system/activate" 1>&2 || true + + # Create /tmp + chroot "$mountPoint" systemd-tmpfiles --create --remove --exclude-prefix=/dev 1>&2 || true ) exec chroot "$mountPoint" "${command[@]}" From 274efede850f373256d09423eec2a4ea7eb2153b Mon Sep 17 00:00:00 2001 From: Thomas Bereknyei Date: Tue, 14 Apr 2020 14:39:48 -0400 Subject: [PATCH 003/120] amazon-init: add xz to PATH --- nixos/modules/virtualisation/amazon-init.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/virtualisation/amazon-init.nix b/nixos/modules/virtualisation/amazon-init.nix index 8c12e0e49bf5..c5470b7af09b 100644 --- a/nixos/modules/virtualisation/amazon-init.nix +++ b/nixos/modules/virtualisation/amazon-init.nix @@ -7,7 +7,7 @@ let echo "attempting to fetch configuration from EC2 user data..." export HOME=/root - export PATH=${pkgs.lib.makeBinPath [ config.nix.package pkgs.systemd pkgs.gnugrep pkgs.git pkgs.gnutar pkgs.gzip pkgs.gnused config.system.build.nixos-rebuild]}:$PATH + export PATH=${pkgs.lib.makeBinPath [ config.nix.package pkgs.systemd pkgs.gnugrep pkgs.git pkgs.gnutar pkgs.gzip pkgs.gnused pkgs.xz config.system.build.nixos-rebuild]}:$PATH export NIX_PATH=nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels userData=/etc/ec2-metadata/user-data From 61b94d70722d3e6deb62bc0af8474d69d2070b89 Mon Sep 17 00:00:00 2001 From: MetaDark Date: Fri, 23 Aug 2019 08:12:52 -0400 Subject: [PATCH 004/120] clonehero: init at 0.23.2.2 --- pkgs/games/clonehero/default.nix | 73 ++++++++++++++++++++++++++++ pkgs/games/clonehero/fhs-wrapper.nix | 39 +++++++++++++++ pkgs/games/clonehero/xdg-wrapper.nix | 21 ++++++++ pkgs/top-level/all-packages.nix | 4 ++ 4 files changed, 137 insertions(+) create mode 100644 pkgs/games/clonehero/default.nix create mode 100644 pkgs/games/clonehero/fhs-wrapper.nix create mode 100644 pkgs/games/clonehero/xdg-wrapper.nix diff --git a/pkgs/games/clonehero/default.nix b/pkgs/games/clonehero/default.nix new file mode 100644 index 000000000000..504e4811432b --- /dev/null +++ b/pkgs/games/clonehero/default.nix @@ -0,0 +1,73 @@ +{ lib +, stdenv +, fetchurl +, autoPatchelfHook +, alsaLib +, gtk2 +, libXrandr +, libXScrnSaver +, udev +, zlib +}: + +let + name = "clonehero"; +in +stdenv.mkDerivation rec { + pname = "${name}-unwrapped"; + version = "0.23.2.2"; + + src = fetchurl { + url = "http://dl.clonehero.net/${name}-v${lib.removePrefix "0" version}/${name}-linux.tar.gz"; + sha256 = "0k9jcnd55yhr42gj8cmysd18yldp4k3cpk4z884p2ww03fyfq7mi"; + }; + + outputs = [ "out" "doc" ]; + + nativeBuildInputs = [ autoPatchelfHook ]; + + buildInputs = [ + # Load-time libraries (loaded from DT_NEEDED section in ELF binary) + gtk2 + stdenv.cc.cc.lib + zlib + + # Run-time libraries (loaded with dlopen) + alsaLib # ALSA sound + libXrandr # X11 resolution detection + libXScrnSaver # X11 screensaver prevention + udev # udev input drivers + ]; + + installPhase = '' + mkdir -p "$out/bin" "$out/share" + install -Dm755 ${name} "$out/bin" + cp -r clonehero_Data "$out/share" + + mkdir -p "$doc/share/${name}" + cp README.txt "$doc/share/${name}" + ''; + + # Patch required run-time libraries as load-time libraries + # + # Libraries found with: + # > strings clonehero | grep '\.so' + # and + # > strace clonehero 2>&1 | grep '\.so' + postFixup = '' + patchelf \ + --add-needed libasound.so.2 \ + --add-needed libudev.so.1 \ + --add-needed libXrandr.so.2 \ + --add-needed libXss.so.1 \ + "$out/bin/${name}" + ''; + + meta = with lib; { + description = "Clone of Guitar Hero and Rockband-style games"; + homepage = "https://clonehero.net"; + license = licenses.unfree; + maintainers = with maintainers; [ metadark ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/pkgs/games/clonehero/fhs-wrapper.nix b/pkgs/games/clonehero/fhs-wrapper.nix new file mode 100644 index 000000000000..97758b2c1fab --- /dev/null +++ b/pkgs/games/clonehero/fhs-wrapper.nix @@ -0,0 +1,39 @@ +{ clonehero-unwrapped +, makeDesktopItem +, buildFHSUserEnv +, liberation_ttf +, callPackage +}: + +let + name = "clonehero"; + desktopName = "Clone Hero"; + desktopItem = makeDesktopItem { + inherit name desktopName; + comment = clonehero-unwrapped.meta.description; + exec = name; + icon = name; + categories = "Game;"; + }; +in +buildFHSUserEnv { + inherit name; + inherit (clonehero-unwrapped) meta; + + # Clone Hero has /usr/share/fonts hard-coded in its binary for looking up fonts. + # This workaround is necessary for rendering text on the keybinding screen (and possibly elsewhere) + # If a better solution is found, the FHS environment can be removed. + extraBuildCommands = '' + chmod +w usr/share + mkdir -p usr/share/fonts/truetype + ln -s ${liberation_ttf}/share/fonts/truetype/* usr/share/fonts/truetype + ''; + + extraInstallCommands = '' + mkdir -p "$out/share/applications" "$out/share/pixmaps" + cp ${desktopItem}/share/applications/* "$out/share/applications" + ln -s ${clonehero-unwrapped}/share/clonehero_Data/Resources/UnityPlayer.png "$out/share/pixmaps/${name}.png" + ''; + + runScript = callPackage ./xdg-wrapper.nix { }; +} diff --git a/pkgs/games/clonehero/xdg-wrapper.nix b/pkgs/games/clonehero/xdg-wrapper.nix new file mode 100644 index 000000000000..2890e469db05 --- /dev/null +++ b/pkgs/games/clonehero/xdg-wrapper.nix @@ -0,0 +1,21 @@ +{ stdenv, clonehero-unwrapped, writeScript }: + +# Clone Hero doesn't have an installer, so it just stores configuration & data relative to the binary. +# This wrapper works around that limitation, storing game configuration & data in XDG_CONFIG_HOME. +let + name = "clonehero"; + desktopName = "Clone Hero"; +in +writeScript "${name}-xdg-wrapper-${clonehero-unwrapped.version}" '' + #!${stdenv.shell} -e + configDir="''${XDG_CONFIG_HOME:-$HOME/.config}/unity3d/srylain Inc_/${desktopName}" + mkdir -p "$configDir" + + # Force link shipped clonehero_Data, unless directory already exists (to allow modding) + if [ ! -d "$configDir/clonehero_Data" ] || [ -L "$configDir/clonehero_Data" ]; then + ln -snf ${clonehero-unwrapped}/share/clonehero_Data "$configDir" + fi + + # Fake argv[0] to emulate running in the config directory + exec -a "$configDir/${name}" ${clonehero-unwrapped}/bin/${name} "$@" +'' diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e8ab277f035f..4237ce7a9936 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -25245,6 +25245,10 @@ in chocolateDoom = callPackage ../games/chocolate-doom { }; + clonehero-unwrapped = pkgs.callPackage ../games/clonehero { }; + + clonehero = pkgs.callPackage ../games/clonehero/fhs-wrapper.nix { }; + crispyDoom = callPackage ../games/crispy-doom { }; cri-o = callPackage ../applications/virtualization/cri-o/wrapper.nix { }; From e5ae22ee8172f885db1c2e7a60a9d12673a968ef Mon Sep 17 00:00:00 2001 From: Arnout Engelen Date: Wed, 9 Dec 2020 11:22:16 +0100 Subject: [PATCH 005/120] inkcut: 2.1.2 -> 2.1.3 we had a patch to make using inkcut as an inkscape plugin more reliable. This has been accepted upstream so no longer needs to be in nixpkgs. --- ...e-clash-between-inkcut-and-extension.patch | 85 ------------------- pkgs/applications/misc/inkcut/default.nix | 10 +-- 2 files changed, 2 insertions(+), 93 deletions(-) delete mode 100644 pkgs/applications/misc/inkcut/avoid-name-clash-between-inkcut-and-extension.patch diff --git a/pkgs/applications/misc/inkcut/avoid-name-clash-between-inkcut-and-extension.patch b/pkgs/applications/misc/inkcut/avoid-name-clash-between-inkcut-and-extension.patch deleted file mode 100644 index 34e4e6f0e7fb..000000000000 --- a/pkgs/applications/misc/inkcut/avoid-name-clash-between-inkcut-and-extension.patch +++ /dev/null @@ -1,85 +0,0 @@ -From ddc1f9e63e7a769c71131b56f6a2a011c649635c Mon Sep 17 00:00:00 2001 -From: Arnout Engelen -Date: Tue, 24 Nov 2020 15:34:40 +0100 -Subject: [PATCH] Avoid name clash between inkscape plugin and inkcut itself - -Ohterwise, with an unfortunate PYTONPATH, inkcut would no longer -start since it'd try to invoke the inkcut.py from the extension -instead of the main application ---- - plugins/inkscape/{inkcut.py => inkcut4inkscape.py} | 2 +- - plugins/inkscape/inkcut_cut.inx | 2 +- - plugins/inkscape/inkcut_cut.py | 2 +- - plugins/inkscape/inkcut_open.inx | 2 +- - plugins/inkscape/inkcut_open.py | 2 +- - 5 files changed, 5 insertions(+), 5 deletions(-) - rename plugins/inkscape/{inkcut.py => inkcut4inkscape.py} (98%) - -diff --git a/plugins/inkscape/inkcut.py b/plugins/inkscape/inkcut4inkscape.py -similarity index 98% -rename from plugins/inkscape/inkcut.py -rename to plugins/inkscape/inkcut4inkscape.py -index 5b90475..7dc8d86 100644 ---- a/plugins/inkscape/inkcut.py -+++ b/plugins/inkscape/inkcut4inkscape.py -@@ -2,7 +2,7 @@ - # -*- coding: utf-8 -*- - """ - Inkcut, Plot HPGL directly from Inkscape. -- inkcut.py -+ inkcut4inkscape.py - - Copyright 2018 The Inkcut Team - -diff --git a/plugins/inkscape/inkcut_cut.inx b/plugins/inkscape/inkcut_cut.inx -index 4b44ae5..3db8721 100644 ---- a/plugins/inkscape/inkcut_cut.inx -+++ b/plugins/inkscape/inkcut_cut.inx -@@ -2,7 +2,7 @@ - <_name>Cut selection... - org.ekips.filter.inkcut.cut - inkcut_cut.py -- inkcut.py -+ inkcut4inkscape.py - inkex.py - - all -diff --git a/plugins/inkscape/inkcut_cut.py b/plugins/inkscape/inkcut_cut.py -index acaf812..777629a 100644 ---- a/plugins/inkscape/inkcut_cut.py -+++ b/plugins/inkscape/inkcut_cut.py -@@ -37,7 +37,7 @@ - else: - inkex.localize() - import subprocess --from inkcut import contains_text, convert_objects_to_paths -+from inkcut4inkscape import contains_text, convert_objects_to_paths - - - -diff --git a/plugins/inkscape/inkcut_open.inx b/plugins/inkscape/inkcut_open.inx -index 45ee585..2dcd38e 100644 ---- a/plugins/inkscape/inkcut_open.inx -+++ b/plugins/inkscape/inkcut_open.inx -@@ -2,7 +2,7 @@ - <_name>Open current document... - org.ekips.filter.inkcut.open - inkcut_open.py -- inkcut.py -+ inkcut4inkscape.py - inkex.py - - all -diff --git a/plugins/inkscape/inkcut_open.py b/plugins/inkscape/inkcut_open.py -index b4652eb..e4c2d62 100644 ---- a/plugins/inkscape/inkcut_open.py -+++ b/plugins/inkscape/inkcut_open.py -@@ -38,7 +38,7 @@ - inkex.localize() - import subprocess - --from inkcut import convert_objects_to_paths -+from inkcut4inkscape import convert_objects_to_paths - - DEBUG = False - try: diff --git a/pkgs/applications/misc/inkcut/default.nix b/pkgs/applications/misc/inkcut/default.nix index 481069feac07..4ca373ee2751 100644 --- a/pkgs/applications/misc/inkcut/default.nix +++ b/pkgs/applications/misc/inkcut/default.nix @@ -8,21 +8,15 @@ with python3Packages; buildPythonApplication rec { pname = "inkcut"; - version = "2.1.2"; + version = "2.1.3"; src = fetchFromGitHub { owner = pname; repo = pname; rev = "v${version}"; - sha256 = "1zn5i69f3kimcwdd2qkqd3hd1hq76a6i5wxxfb91ih2hj04vdbmx"; + sha256 = "0px0xdv6kyzkkpmvryrdfavv1qy2xrqdxkpmhvx1gj649xcabv32"; }; - patches = [ - # https://github.com/inkcut/inkcut/pull/292 but downloaded - # because of https://github.com/NixOS/nixpkgs/issues/32084 - ./avoid-name-clash-between-inkcut-and-extension.patch - ]; - nativeBuildInputs = [ wrapQtAppsHook ]; propagatedBuildInputs = [ From b996c8d3357a38618ed52454a522612383c09cf7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Llu=C3=ADs=20Batlle=20i=20Rossell?= Date: Sat, 12 Dec 2020 16:56:08 +0100 Subject: [PATCH 006/120] tinygo: 0.13.1 -> 0.16.0 And enable microcontroller targets. Works for me for microbit. --- pkgs/development/compilers/tinygo/default.nix | 21 +++++++++++++++---- pkgs/development/compilers/tinygo/go.mod | 11 +++++----- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/pkgs/development/compilers/tinygo/default.nix b/pkgs/development/compilers/tinygo/default.nix index 060b95cf8774..0aee1ca1f394 100644 --- a/pkgs/development/compilers/tinygo/default.nix +++ b/pkgs/development/compilers/tinygo/default.nix @@ -6,13 +6,14 @@ let main = ./main.go; in buildGoModule rec { pname = "tinygo"; - version = "0.13.1"; + version = "0.16.0"; src = fetchFromGitHub { owner = "tinygo-org"; repo = "tinygo"; rev = "v${version}"; - sha256 = "0das5z5y2x1970yi9c4yssxvwrrjhdmsj495q0r5mb02amvc954v"; + sha256 = "063aszbsnr0myq56kms1slmrfs7m4nmg0zgh2p66lxdsifrfly7j"; + fetchSubmodules = true; }; overrideModAttrs = (_: { @@ -21,15 +22,23 @@ buildGoModule rec { rm -rf * cp ${main} main.go cp ${gomod} go.mod + chmod +w go.mod ''; }); preBuild = "cp ${gomod} go.mod"; - vendorSha256 = "19194dlzpl6zzw2gqybma5pwip71rw8z937f104k6c158qzzgy62"; + postBuild = "make gen-device"; + + vendorSha256 = "12k2gin0v7aqz5543m12yhifc0xsz26qyqra5l4c68xizvzcvkxb"; doCheck = false; + prePatch = '' + sed -i s/', "-nostdlibinc"'// builder/builtins.go + sed -i s/'"-nostdlibinc", '// compileopts/config.go builder/picolibc.go + ''; + subPackages = [ "." ]; buildInputs = [ llvm clang-unwrapped makeWrapper ]; propagatedBuildInputs = [ lld avrgcc avrdude openocd gcc-arm-embedded ]; @@ -37,7 +46,11 @@ buildGoModule rec { postInstall = '' mkdir -p $out/share/tinygo cp -a lib src targets $out/share/tinygo - wrapProgram $out/bin/tinygo --prefix "TINYGOROOT" : "$out/share/tinygo" + wrapProgram $out/bin/tinygo --prefix "TINYGOROOT" : "$out/share/tinygo" \ + --prefix "PATH" : "$out/libexec/tinygo" + mkdir -p $out/libexec/tinygo + ln -s ${clang-unwrapped}/bin/clang $out/libexec/tinygo/clang-10 + ln -s ${lld}/bin/lld $out/libexec/tinygo/ld.lld-10 ln -sf $out/bin $out/share/tinygo ''; diff --git a/pkgs/development/compilers/tinygo/go.mod b/pkgs/development/compilers/tinygo/go.mod index f01b38d3e512..bab259ae48d2 100644 --- a/pkgs/development/compilers/tinygo/go.mod +++ b/pkgs/development/compilers/tinygo/go.mod @@ -1,13 +1,14 @@ module github.com/tinygo-org/tinygo -go 1.14 +go 1.11 require ( github.com/blakesmith/ar v0.0.0-20150311145944-8bd4349a67f2 + github.com/chromedp/cdproto v0.0.0-20200709115526-d1f6fc58448b + github.com/chromedp/chromedp v0.5.4-0.20200303084119-2bb39134ab9e github.com/google/shlex v0.0.0-20181106134648-c34317bd91bf - github.com/marcinbor85/gohex v0.0.0-20180128172054-7a43cd876e46 + github.com/marcinbor85/gohex v0.0.0-20200531091804-343a4b548892 go.bug.st/serial v1.0.0 - golang.org/x/tools v0.0.0-20200512001501-aaeff5de670a - google.golang.org/appengine v1.4.0 - tinygo.org/x/go-llvm v0.0.0-20200401165421-8d120882fc7a + golang.org/x/tools v0.0.0-20200216192241-b320d3a0f5a2 + tinygo.org/x/go-llvm v0.0.0-20201104183921-570e7a6841d9 ) From ec5f50df5f611ace8264c5a3f6c4674803c8878c Mon Sep 17 00:00:00 2001 From: sternenseemann <0rpkxez4ksa01gb3typccl0i@systemli.org> Date: Sun, 20 Dec 2020 16:28:44 +0100 Subject: [PATCH 007/120] foot: 1.5.1 -> 1.6.2 * fix build with clangStdenv * support foot's PGO build * enable by default * build should be deterministic with PGO as we use an input file which is generated with the same seed everytime. * apply nixpkgs-fmt --- .../terminal-emulators/foot/default.nix | 137 ++++++++++++++++-- 1 file changed, 122 insertions(+), 15 deletions(-) diff --git a/pkgs/applications/terminal-emulators/foot/default.nix b/pkgs/applications/terminal-emulators/foot/default.nix index 3d95f7c5772d..2b79c5362de1 100644 --- a/pkgs/applications/terminal-emulators/foot/default.nix +++ b/pkgs/applications/terminal-emulators/foot/default.nix @@ -1,35 +1,142 @@ -{ stdenv, fetchgit -, fcft, freetype, pixman, libxkbcommon, fontconfig, wayland -, meson, ninja, ncurses, scdoc, tllist, wayland-protocols, pkg-config +{ stdenv +, lib +, fetchzip +, fetchurl +, runCommandNoCC +, fcft +, freetype +, pixman +, libxkbcommon +, fontconfig +, wayland +, meson +, ninja +, ncurses +, scdoc +, tllist +, wayland-protocols +, pkg-config +, allowPgo ? true +, python3 # for PGO }: +let + version = "1.6.2"; + + # build stimuli file for PGO build and the script to generate it + # independently of the foot's build, so we can cache the result + # and avoid unnecessary rebuilds as it can take relatively long + # to generate + stimulusGenerator = stdenv.mkDerivation { + pname = "foot-generate-alt-random-writes"; + inherit version; + + src = fetchurl { + url = "https://codeberg.org/dnkl/foot/raw/tag/${version}/scripts/generate-alt-random-writes.py"; + sha256 = "0pnc5nvqrbgx5618ylrkrs9fyxjh4jcsbryfk6vlnk8x4wyyaibz"; + }; + + dontUnpack = true; + + buildInputs = [ python3 ]; + + installPhase = '' + install -Dm755 $src $out + ''; + }; + + stimuliFile = runCommandNoCC "pgo-stimulus-file" { } '' + ${stimulusGenerator} \ + --rows=67 --cols=135 \ + --scroll --scroll-region \ + --colors-regular --colors-bright --colors-256 --colors-rgb \ + --attr-bold --attr-italic --attr-underline \ + --sixel \ + --seed=2305843009213693951 \ + $out + ''; + + compilerName = + if stdenv.cc.isClang + then "clang" + else if stdenv.cc.isGNU + then "gcc" + else "unknown"; + + # https://codeberg.org/dnkl/foot/src/branch/master/INSTALL.md#performance-optimized-pgo + pgoCflags = { + "clang" = "-O3 -Wno-ignored-optimization-argument -Wno-profile-instr-out-of-date -Wno-profile-instr-unprofiled"; + "gcc" = "-O3 -Wno-missing-profile"; + }."${compilerName}"; + + # ar with lto support + ar = { + "clang" = "llvm-ar"; + "gcc" = "gcc-ar"; + "unknown" = "ar"; + }."${compilerName}"; + + # PGO only makes sense if we are not cross compiling and + # using a compiler which foot's PGO build supports (clang or gcc) + doPgo = allowPgo && (stdenv.hostPlatform == stdenv.buildPlatform) + && compilerName != "unknown"; +in stdenv.mkDerivation rec { pname = "foot"; - version = "1.5.1"; + inherit version; - src = fetchgit { - url = "https://codeberg.org/dnkl/foot.git"; - rev = version; - sha256 = "sha256-GAk2qkrgCNILJOeRcn1NT4t3w+R6WFTZ1goOhBEwKwc="; + src = fetchzip { + url = "https://codeberg.org/dnkl/${pname}/archive/${version}.tar.gz"; + sha256 = "08i3jmjky5s2nnc0c95c009cym91rs4sj4876sr4xnlkb7ab4812"; }; nativeBuildInputs = [ - meson ninja ncurses scdoc tllist wayland-protocols pkg-config - ]; + meson + ninja + ncurses + scdoc + tllist + wayland-protocols + pkg-config + ] ++ lib.optional stdenv.cc.isClang stdenv.cc.cc.llvm; + buildInputs = [ - fontconfig freetype pixman wayland libxkbcommon fcft + fontconfig + freetype + pixman + wayland + libxkbcommon + fcft ]; - # recommended build flags for foot as per INSTALL.md - # https://codeberg.org/dnkl/foot/src/branch/master/INSTALL.md#user-content-release-build + # recommended build flags for performance optimized foot builds + # https://codeberg.org/dnkl/foot/src/branch/master/INSTALL.md#release-build + CFLAGS = + if !doPgo + then "-O3 -fno-plt" + else pgoCflags; + + # ar with gcc plugins for lto objects preConfigure = '' - export CFLAGS+="-O3 -fno-plt" + export AR="${ar}" ''; mesonFlags = [ "--buildtype=release" "-Db_lto=true" ]; - meta = with stdenv.lib; { + # build and run binary generating PGO profiles, + # then reconfigure to build the normal foot binary utilizing PGO + preBuild = lib.optionalString doPgo '' + meson configure -Db_pgo=generate + ninja + ./pgo ${stimuliFile} ${stimuliFile} ${stimuliFile} + meson configure -Db_pgo=use + '' + lib.optionalString (doPgo && stdenv.cc.cc.pname == "clang") '' + llvm-profdata merge default_*profraw --output=default.profdata + ''; + + meta = with lib; { homepage = "https://codeberg.org/dnkl/foot/"; + changelog = "https://codeberg.org/dnkl/foot/releases/tag/${version}"; description = "A fast, lightweight and minimalistic Wayland terminal emulator"; license = licenses.mit; maintainers = [ maintainers.sternenseemann ]; From c3f3eaad4478d2f2e980ef8ed4d5b8f475a4afc8 Mon Sep 17 00:00:00 2001 From: Johannes Schleifenbaum Date: Mon, 21 Dec 2020 17:09:57 +0100 Subject: [PATCH 008/120] dbeaver: 7.3.0 -> 7.3.1 --- pkgs/applications/misc/dbeaver/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/dbeaver/default.nix b/pkgs/applications/misc/dbeaver/default.nix index 4e928ff34f06..a41ee209a0be 100644 --- a/pkgs/applications/misc/dbeaver/default.nix +++ b/pkgs/applications/misc/dbeaver/default.nix @@ -7,7 +7,7 @@ stdenv.mkDerivation rec { pname = "dbeaver-ce"; - version = "7.3.0"; + version = "7.3.1"; desktopItem = makeDesktopItem { name = "dbeaver"; @@ -30,10 +30,13 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://dbeaver.io/files/${version}/dbeaver-ce-${version}-linux.gtk.x86_64.tar.gz"; - sha256 = "sha256-JhEF2/97vo2FgzpCFkuc31aLl9qjKHV8RYXO5oBU1no="; + sha256 = "sha256-4UVC5lBoGsW99L6AgM+1Rs07LCrvp2qVevBrooTbee4="; }; installPhase = '' + # remove bundled jre + rm -rf jre + mkdir -p $out/ cp -r . $out/dbeaver From f25fcde18aa6ff3e5734159aa4e680d99b1ac2c7 Mon Sep 17 00:00:00 2001 From: Serhii Khoma Date: Tue, 22 Dec 2020 12:04:33 +0200 Subject: [PATCH 009/120] hubstaff: 1.5.2-bead991b -> 1.5.15-28673d1c --- pkgs/applications/misc/hubstaff/revision.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/misc/hubstaff/revision.json b/pkgs/applications/misc/hubstaff/revision.json index 2fd29444dade..9b0ffe67f0cd 100644 --- a/pkgs/applications/misc/hubstaff/revision.json +++ b/pkgs/applications/misc/hubstaff/revision.json @@ -1,5 +1,5 @@ { - "url": "https://hubstaff-production.s3.amazonaws.com/downloads/HubstaffClient/Builds/Release/1.5.2-bead991b/Hubstaff-1.5.2-bead991b.sh", - "version": "1.5.2-bead991b", - "sha256": "068b0q94ydldyjmzbka1j94vr1xdxvkxq79pp7ria81hvpp68yxf" + "url": "https://hubstaff-production.s3.amazonaws.com/downloads/HubstaffClient/Builds/Release/1.5.15-28673d1c/Hubstaff-1.5.15-28673d1c.sh", + "version": "1.5.15-28673d1c", + "sha256": "0ging41l3a3sdj6bggh913h71gqmb8l3rplp4civpgclnfzv7fg2" } From d342045066b982858536b7b168708c7bff06e657 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Wed, 23 Dec 2020 18:24:22 +0200 Subject: [PATCH 010/120] qt512: 5.12.7 -> 5.12.9 --- .../libraries/qt-5/5.12/default.nix | 13 - pkgs/development/libraries/qt-5/5.12/fetch.sh | 2 +- pkgs/development/libraries/qt-5/5.12/srcs.nix | 323 +++++++++--------- 3 files changed, 163 insertions(+), 175 deletions(-) diff --git a/pkgs/development/libraries/qt-5/5.12/default.nix b/pkgs/development/libraries/qt-5/5.12/default.nix index 04cb0ea9a119..bf5e1b2857c7 100644 --- a/pkgs/development/libraries/qt-5/5.12/default.nix +++ b/pkgs/development/libraries/qt-5/5.12/default.nix @@ -75,19 +75,6 @@ let # Ensure -I${includedir} is added to Cflags in pkg-config files. # See https://github.com/NixOS/nixpkgs/issues/52457 ./qtbase.patch.d/0014-qtbase-pkg-config.patch - - # https://bugreports.qt.io/browse/QTBUG-81715 - # remove after updating to qt > 5.12.7 - (fetchpatch { - name = "fix-qt5_make_output_file-cmake-macro.patch"; - url = "https://code.qt.io/cgit/qt/qtbase.git/patch/?id=8a3fde00bf53d99e9e4853e8ab97b0e1bcf74915"; - sha256 = "1gpcbdpyazdxnmldvhsf3pfwr2gjvi08x3j6rxf543rq01bp6cpx"; - }) - (fetchpatch { - name = "QTBUG-78937.patch"; - url = "https://code.qt.io/cgit/qt/qtbase.git/patch/?id=67a9c600ad14ee44501a6df3509daa8234b97606"; - sha256 = "1jiky1w9j8rka78r4q0yabb8w2l5j6csdjysynz7gs1ry4xjfdxd"; - }) ]; qtdeclarative = [ ./qtdeclarative.patch ]; qtscript = [ ./qtscript.patch ]; diff --git a/pkgs/development/libraries/qt-5/5.12/fetch.sh b/pkgs/development/libraries/qt-5/5.12/fetch.sh index 016b4985ed1e..9b024378b3b6 100644 --- a/pkgs/development/libraries/qt-5/5.12/fetch.sh +++ b/pkgs/development/libraries/qt-5/5.12/fetch.sh @@ -1 +1 @@ -WGET_ARGS=( http://download.qt.io/official_releases/qt/5.12/5.12.7/submodules/ ) +WGET_ARGS=( http://download.qt.io/official_releases/qt/5.12/5.12.9/submodules/ ) diff --git a/pkgs/development/libraries/qt-5/5.12/srcs.nix b/pkgs/development/libraries/qt-5/5.12/srcs.nix index 293d017c2dc7..8ff2db536dbc 100644 --- a/pkgs/development/libraries/qt-5/5.12/srcs.nix +++ b/pkgs/development/libraries/qt-5/5.12/srcs.nix @@ -1,325 +1,326 @@ -# DO NOT EDIT! This file is generated automatically by fetch-kde-qt.sh +# DO NOT EDIT! This file is generated automatically. +# Command: ./maintainers/scripts/fetch-kde-qt.sh pkgs/development/libraries/qt-5/5.12/fetch.sh { fetchurl, mirror }: { qt3d = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qt3d-everywhere-src-5.12.7.tar.xz"; - sha256 = "2030de3dc93fd4062f677f61938229af9cd7aa4c3d2932cdda2ccb663d681126"; - name = "qt3d-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qt3d-everywhere-src-5.12.9.tar.xz"; + sha256 = "6fcde8c99bc5d09a5d2de99cab10c6f662d7db48139e6d5a3904fa0c580070ad"; + name = "qt3d-everywhere-src-5.12.9.tar.xz"; }; }; qtactiveqt = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtactiveqt-everywhere-src-5.12.7.tar.xz"; - sha256 = "302ce1e74dae8ead602ac663e208e6c9b98bdf9a2b7795de4198a28eba2d895d"; - name = "qtactiveqt-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtactiveqt-everywhere-src-5.12.9.tar.xz"; + sha256 = "e9df2dacfa4f93b42753066d14d3c504a30b259c177b366e32e6119f714f6527"; + name = "qtactiveqt-everywhere-src-5.12.9.tar.xz"; }; }; qtandroidextras = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtandroidextras-everywhere-src-5.12.7.tar.xz"; - sha256 = "a5acc927bd46ed87627e2ae0f0bfc199189d383a3e17c2f34b8c34ea57b2aea1"; - name = "qtandroidextras-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtandroidextras-everywhere-src-5.12.9.tar.xz"; + sha256 = "d6ab58d382feb1d79b7f28033eaa15ecab0c1f97c760fad50f20608189ab1a95"; + name = "qtandroidextras-everywhere-src-5.12.9.tar.xz"; }; }; qtbase = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtbase-everywhere-src-5.12.7.tar.xz"; - sha256 = "b18939cb25d90aef8721fb12ec34c3632d3490ced958e41f6c7a52064643665d"; - name = "qtbase-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtbase-everywhere-src-5.12.9.tar.xz"; + sha256 = "331dafdd0f3e8623b51bd0da2266e7e7c53aa8e9dc28a8eb6f0b22609c5d337e"; + name = "qtbase-everywhere-src-5.12.9.tar.xz"; }; }; qtcanvas3d = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtcanvas3d-everywhere-src-5.12.7.tar.xz"; - sha256 = "b63a513a2ee11548b122e0fd640b1fa22d3eb83cdc51ddfdf3b97c2ecd0d0c50"; - name = "qtcanvas3d-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtcanvas3d-everywhere-src-5.12.9.tar.xz"; + sha256 = "351b105507b97e61eef17a5ce8a96fe090a523101e41c20ea373266203dd3ca0"; + name = "qtcanvas3d-everywhere-src-5.12.9.tar.xz"; }; }; qtcharts = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtcharts-everywhere-src-5.12.7.tar.xz"; - sha256 = "434065526d0b1d8921e96cc1827b1a3579e073b930fe536455c4c1da2f15cf5f"; - name = "qtcharts-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtcharts-everywhere-src-5.12.9.tar.xz"; + sha256 = "9fc2a64a96b73746389c257684af557e70c5360bead53d61d059f968efdc5b04"; + name = "qtcharts-everywhere-src-5.12.9.tar.xz"; }; }; qtconnectivity = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtconnectivity-everywhere-src-5.12.7.tar.xz"; - sha256 = "647148b9b1a0d3e54f788b66797b81bb87434faf6fb12ac481f9165eda0d071a"; - name = "qtconnectivity-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtconnectivity-everywhere-src-5.12.9.tar.xz"; + sha256 = "e5457ebc22059954bba6a08b03fd1e6f30e4c8f3146636065bf12c2e6044f41c"; + name = "qtconnectivity-everywhere-src-5.12.9.tar.xz"; }; }; qtdatavis3d = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtdatavis3d-everywhere-src-5.12.7.tar.xz"; - sha256 = "07ff5713cfcdf073681d905912e8d871e4451508494c789df805eb241ed98b27"; - name = "qtdatavis3d-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtdatavis3d-everywhere-src-5.12.9.tar.xz"; + sha256 = "0cd4f7535bf26e4e59f89fac991fc8a400bd6193680578f31693235f185f4562"; + name = "qtdatavis3d-everywhere-src-5.12.9.tar.xz"; }; }; qtdeclarative = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtdeclarative-everywhere-src-5.12.7.tar.xz"; - sha256 = "5cdc05a035f240ab73b6b37dd3831c1350cd80e5799da47929974085f6eae9bd"; - name = "qtdeclarative-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtdeclarative-everywhere-src-5.12.9.tar.xz"; + sha256 = "c11ae68aedcdea7e721ec22a95265ac91b5e128a5c12d3b61b5b732d3a02be80"; + name = "qtdeclarative-everywhere-src-5.12.9.tar.xz"; }; }; qtdoc = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtdoc-everywhere-src-5.12.7.tar.xz"; - sha256 = "6c07918cec8494ea05a42234d8f281a2958de7380458f3fb5a189949ce1233e9"; - name = "qtdoc-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtdoc-everywhere-src-5.12.9.tar.xz"; + sha256 = "a9d751af85a07bdfc2a30e8f1b08aa249547a8100801f286e77280a9c9ede624"; + name = "qtdoc-everywhere-src-5.12.9.tar.xz"; }; }; qtgamepad = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtgamepad-everywhere-src-5.12.7.tar.xz"; - sha256 = "07638c42be94be1e5e622b020c6192341b5bb87be34d7b38f2899672d83a1e94"; - name = "qtgamepad-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtgamepad-everywhere-src-5.12.9.tar.xz"; + sha256 = "da3333af6b9dccd7dd3a25b01de65e317fe4b70b9d39eeb84e01c232063211fe"; + name = "qtgamepad-everywhere-src-5.12.9.tar.xz"; }; }; qtgraphicaleffects = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtgraphicaleffects-everywhere-src-5.12.7.tar.xz"; - sha256 = "02f0328420c623da8f9ae949fec01e99ba84213dd2ad559cb00c204502bbcace"; - name = "qtgraphicaleffects-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtgraphicaleffects-everywhere-src-5.12.9.tar.xz"; + sha256 = "1eb4b913d5cb6d0b46a231288b9717f4785fbd212936e98a8b2a8c9024e3a8bf"; + name = "qtgraphicaleffects-everywhere-src-5.12.9.tar.xz"; }; }; qtimageformats = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtimageformats-everywhere-src-5.12.7.tar.xz"; - sha256 = "9bd19ee24fb85f249d01c78e637c95377dd738feb61da0deeee6b770fa62f70b"; - name = "qtimageformats-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtimageformats-everywhere-src-5.12.9.tar.xz"; + sha256 = "cd8193698f830cce30959564c191e7bb698877aca3a263c652b4a23907c72b6a"; + name = "qtimageformats-everywhere-src-5.12.9.tar.xz"; }; }; qtlocation = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtlocation-everywhere-src-5.12.7.tar.xz"; - sha256 = "d1e905b80befda3c9aaad92ea984e6dbf722568b5c91e8d15b027bc5bc22781f"; - name = "qtlocation-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtlocation-everywhere-src-5.12.9.tar.xz"; + sha256 = "be31870104af2910690850c4e28bab3ccb76f1aa8deef1e870bcbc6b276aa2c1"; + name = "qtlocation-everywhere-src-5.12.9.tar.xz"; }; }; qtmacextras = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtmacextras-everywhere-src-5.12.7.tar.xz"; - sha256 = "265b5607664927e1c92af3abc4b034244f37abd83db1f0a8f22f6952f7d6abb8"; - name = "qtmacextras-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtmacextras-everywhere-src-5.12.9.tar.xz"; + sha256 = "5458f3e13c37eb8bff8588b29703fb33b61d5ea19989c56c99d36f221e269f35"; + name = "qtmacextras-everywhere-src-5.12.9.tar.xz"; }; }; qtmultimedia = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtmultimedia-everywhere-src-5.12.7.tar.xz"; - sha256 = "28bdaa81371f922223775ae5171c4d589a2c07f255abbe5ccf130ecbbdb4db1d"; - name = "qtmultimedia-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtmultimedia-everywhere-src-5.12.9.tar.xz"; + sha256 = "59a2f2418cefe030094687dff0846fb8957abbc0e060501a4fee40cb4a52838c"; + name = "qtmultimedia-everywhere-src-5.12.9.tar.xz"; }; }; qtnetworkauth = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtnetworkauth-everywhere-src-5.12.7.tar.xz"; - sha256 = "cbfb7c71a25e74b92b927a5aeae2d099e4142968424a0fcebc1a52fa4fb4576b"; - name = "qtnetworkauth-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtnetworkauth-everywhere-src-5.12.9.tar.xz"; + sha256 = "a0979689eda667e299fd9cf5a8859bd9c37eabc0a6d9738103a1143035baf0e4"; + name = "qtnetworkauth-everywhere-src-5.12.9.tar.xz"; }; }; qtpurchasing = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtpurchasing-everywhere-src-5.12.7.tar.xz"; - sha256 = "6f7ecb1e6b6d290b268344ddb031bb7114cd36139c76323732d12661eeb15a76"; - name = "qtpurchasing-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtpurchasing-everywhere-src-5.12.9.tar.xz"; + sha256 = "565587811b3cfd201907d3fcbf7120783de32a4d1d3c59a9efff3720cf0af3e5"; + name = "qtpurchasing-everywhere-src-5.12.9.tar.xz"; }; }; qtquickcontrols = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtquickcontrols-everywhere-src-5.12.7.tar.xz"; - sha256 = "1038bbc76bba53f9634f40cd9c8ebf0ed8ae82e791f727b228bd81bdcf1859e5"; - name = "qtquickcontrols-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtquickcontrols-everywhere-src-5.12.9.tar.xz"; + sha256 = "d89084ebccf155f4c966d4a2a188e6e870c37535a7751740960f5c38088373f6"; + name = "qtquickcontrols-everywhere-src-5.12.9.tar.xz"; }; }; qtquickcontrols2 = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtquickcontrols2-everywhere-src-5.12.7.tar.xz"; - sha256 = "3a9526e5ad01edbfb796a6631983c391ea1b7e22ae6e07840048156a9e92a237"; - name = "qtquickcontrols2-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtquickcontrols2-everywhere-src-5.12.9.tar.xz"; + sha256 = "ea1c2864630c6ba2540228f81ec5b582619d5ce9e4cb98e91109b4181a65a31d"; + name = "qtquickcontrols2-everywhere-src-5.12.9.tar.xz"; }; }; qtremoteobjects = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtremoteobjects-everywhere-src-5.12.7.tar.xz"; - sha256 = "6d6aaec4e9c140c027b0badaabc6322ea3c16cf649495a27fec1f261e891120f"; - name = "qtremoteobjects-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtremoteobjects-everywhere-src-5.12.9.tar.xz"; + sha256 = "f87af7e9931280f2b44a529dc174cae14247e1b50f9dc9bde8966adb0406babd"; + name = "qtremoteobjects-everywhere-src-5.12.9.tar.xz"; }; }; qtscript = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtscript-everywhere-src-5.12.7.tar.xz"; - sha256 = "ca1dbc66d4125a678638dd0c9c030b72fdfc4ec2c229b9316a8bc80a86104019"; - name = "qtscript-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtscript-everywhere-src-5.12.9.tar.xz"; + sha256 = "8f2e12e37ff1e7629923cf3b9d446f85e005b2248386e33879ba3b790f1416df"; + name = "qtscript-everywhere-src-5.12.9.tar.xz"; }; }; qtscxml = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtscxml-everywhere-src-5.12.7.tar.xz"; - sha256 = "afa950bc95f881c90eea564511f3e9918d53fddf0823afb641d20dc6f794fbb6"; - name = "qtscxml-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtscxml-everywhere-src-5.12.9.tar.xz"; + sha256 = "d68d04d83366f11b10a101766baf5253e53ad76a683e0bc15e7dd403d475e61c"; + name = "qtscxml-everywhere-src-5.12.9.tar.xz"; }; }; qtsensors = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtsensors-everywhere-src-5.12.7.tar.xz"; - sha256 = "2b9aea9f4e2f681b4067f2b9d97c5073c135e41d26601c71f18f199bc980e740"; - name = "qtsensors-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtsensors-everywhere-src-5.12.9.tar.xz"; + sha256 = "77054e2449bcac786cc8f07c0d65c503a22bc629af4844259ff0def27b9889e9"; + name = "qtsensors-everywhere-src-5.12.9.tar.xz"; }; }; qtserialbus = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtserialbus-everywhere-src-5.12.7.tar.xz"; - sha256 = "82201edf971e957d849b041ab2914f7497226939c62884ec2906b37576987eae"; - name = "qtserialbus-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtserialbus-everywhere-src-5.12.9.tar.xz"; + sha256 = "08b16363a47f9b41f87e3b7cf63eaed2435bb6b7e27775c9717ff863e56141ed"; + name = "qtserialbus-everywhere-src-5.12.9.tar.xz"; }; }; qtserialport = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtserialport-everywhere-src-5.12.7.tar.xz"; - sha256 = "224c282ebed750f46b72dfe18260c3d26fbb74e928dec64bd8c51e7beed8721f"; - name = "qtserialport-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtserialport-everywhere-src-5.12.9.tar.xz"; + sha256 = "24a10b65b03fc598acd30f4a52b0b71218e9c03ec4bb31a4ca50aae1b52a986d"; + name = "qtserialport-everywhere-src-5.12.9.tar.xz"; }; }; qtspeech = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtspeech-everywhere-src-5.12.7.tar.xz"; - sha256 = "0cc4f14aa21172b84c8ebca442037cd94927dad4921f6f6bfb4d7f2468aa6060"; - name = "qtspeech-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtspeech-everywhere-src-5.12.9.tar.xz"; + sha256 = "2efdaf5f49d2fad4a6c4cde12dfee2ff2c66ab4298f22d6c203ecd6019186847"; + name = "qtspeech-everywhere-src-5.12.9.tar.xz"; }; }; qtsvg = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtsvg-everywhere-src-5.12.7.tar.xz"; - sha256 = "4bf60916d4e398d9609f1b3a17fc7345a0e13c7c1cc407298df20da4c7c67bb8"; - name = "qtsvg-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtsvg-everywhere-src-5.12.9.tar.xz"; + sha256 = "32ec251e411d31734b873dd82fd68b6a3142227fdf06fe6ad879f16997fb98d2"; + name = "qtsvg-everywhere-src-5.12.9.tar.xz"; }; }; qttools = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qttools-everywhere-src-5.12.7.tar.xz"; - sha256 = "860a97114d518f83c0a9ab3742071da16bb018e6eb387179d5764a8dcca03948"; - name = "qttools-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qttools-everywhere-src-5.12.9.tar.xz"; + sha256 = "002dc23410a9d1af6f1cfc696ee18fd3baeddbbfeb9758ddb04bbdb17b2fffdf"; + name = "qttools-everywhere-src-5.12.9.tar.xz"; }; }; qttranslations = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qttranslations-everywhere-src-5.12.7.tar.xz"; - sha256 = "2c8d1169f1f20ba32639181f1853b4159940cbaaac41adaa018b6f43ca31323f"; - name = "qttranslations-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qttranslations-everywhere-src-5.12.9.tar.xz"; + sha256 = "50bd3a329e86f14af05ef0dbef94c7a6cd6c1f89ca4d008088a44ba76e6ecf40"; + name = "qttranslations-everywhere-src-5.12.9.tar.xz"; }; }; qtvirtualkeyboard = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtvirtualkeyboard-everywhere-src-5.12.7.tar.xz"; - sha256 = "aaa52aaff923df22de8472d71843dadb80f3f6fe0312122e64ffe5436db40daa"; - name = "qtvirtualkeyboard-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtvirtualkeyboard-everywhere-src-5.12.9.tar.xz"; + sha256 = "7598ee3312a2f4e72edf363c16c506740a8b91c5c06544da068a3c0d73f7f807"; + name = "qtvirtualkeyboard-everywhere-src-5.12.9.tar.xz"; }; }; qtwayland = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtwayland-everywhere-src-5.12.7.tar.xz"; - sha256 = "fc1ab8e25461580e37090e4f82422411dee71a3de48a54be1f4b6569e00f66c5"; - name = "qtwayland-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtwayland-everywhere-src-5.12.9.tar.xz"; + sha256 = "6f416948a98586b9c13c46b36be5ac6bb96a1dde9f50123b5e6dcdd102e9d77e"; + name = "qtwayland-everywhere-src-5.12.9.tar.xz"; }; }; qtwebchannel = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtwebchannel-everywhere-src-5.12.7.tar.xz"; - sha256 = "b0ae72e5957aa4b281a37d2e169fcf91f92382bc36bd0cf09c80b2bb961bce75"; - name = "qtwebchannel-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtwebchannel-everywhere-src-5.12.9.tar.xz"; + sha256 = "d55a06a0929c86664496e1113e74425d56d175916acd8abbb95c371eb16b43eb"; + name = "qtwebchannel-everywhere-src-5.12.9.tar.xz"; }; }; qtwebengine = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtwebengine-everywhere-src-5.12.7.tar.xz"; - sha256 = "83b754dca3dafeb21be6c7cb5ea99f11f5dbe9055bc1680f5bd7159224bb46fa"; - name = "qtwebengine-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtwebengine-everywhere-src-5.12.9.tar.xz"; + sha256 = "27a9a19e4deb5e7a0fabc13e38fe5a8818730c92f6a343b9084aa17977468e25"; + name = "qtwebengine-everywhere-src-5.12.9.tar.xz"; }; }; qtwebglplugin = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtwebglplugin-everywhere-src-5.12.7.tar.xz"; - sha256 = "e049ed855bc772a56808844a803aac653d2d64f092a1fd1fe6a73ab460b55c3b"; - name = "qtwebglplugin-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtwebglplugin-everywhere-src-5.12.9.tar.xz"; + sha256 = "cb7ba4cb66900e5d4315809e2b5ad3e4e381d576a14f6224f8ea58373f997c42"; + name = "qtwebglplugin-everywhere-src-5.12.9.tar.xz"; }; }; qtwebsockets = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtwebsockets-everywhere-src-5.12.7.tar.xz"; - sha256 = "6fd13c2558f532a32f20d977b44c0146107a0e93861df84978e4fd72af283b17"; - name = "qtwebsockets-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtwebsockets-everywhere-src-5.12.9.tar.xz"; + sha256 = "08a92c36d52b4d93a539a950698bb2912ea36055015d421f874bf672637f21ef"; + name = "qtwebsockets-everywhere-src-5.12.9.tar.xz"; }; }; qtwebview = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtwebview-everywhere-src-5.12.7.tar.xz"; - sha256 = "d3f82d2ceab59dc4dee3b6f54f4b70869c199d63f4534b299d900cdacc9b7be7"; - name = "qtwebview-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtwebview-everywhere-src-5.12.9.tar.xz"; + sha256 = "3e0506411d101cc08232946bcacef2fb90884c27eb91eeb97a1a68ed3788a7b6"; + name = "qtwebview-everywhere-src-5.12.9.tar.xz"; }; }; qtwinextras = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtwinextras-everywhere-src-5.12.7.tar.xz"; - sha256 = "cfeec81ee1f75b9786ed28382deecc5e38fd142c0b48476beccadb587f93118c"; - name = "qtwinextras-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtwinextras-everywhere-src-5.12.9.tar.xz"; + sha256 = "7bab5053197148a5e1609cab12331e4a3f2e1a86bcbde137948330b288803754"; + name = "qtwinextras-everywhere-src-5.12.9.tar.xz"; }; }; qtx11extras = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtx11extras-everywhere-src-5.12.7.tar.xz"; - sha256 = "23895f4b1e84f3783526b9e17680df38c587601d4dfa6ff1b81ace432c480b96"; - name = "qtx11extras-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtx11extras-everywhere-src-5.12.9.tar.xz"; + sha256 = "09432392641b56205cbcda6be89d0835bfecad64ad61713a414b951b740c9cec"; + name = "qtx11extras-everywhere-src-5.12.9.tar.xz"; }; }; qtxmlpatterns = { - version = "5.12.7"; + version = "5.12.9"; src = fetchurl { - url = "${mirror}/official_releases/qt/5.12/5.12.7/submodules/qtxmlpatterns-everywhere-src-5.12.7.tar.xz"; - sha256 = "9002014129a1f2a44700df333a7776e23bdfd689e7a619c3540fd9f6819b417b"; - name = "qtxmlpatterns-everywhere-src-5.12.7.tar.xz"; + url = "${mirror}/official_releases/qt/5.12/5.12.9/submodules/qtxmlpatterns-everywhere-src-5.12.9.tar.xz"; + sha256 = "8d0e92fce6b4cbe7f1ecd1e90f6c7d71681b9b8870a577c0b18cadd93b8713b2"; + name = "qtxmlpatterns-everywhere-src-5.12.9.tar.xz"; }; }; } From c95a08d738560a08a561063043c6b11226d80a2f Mon Sep 17 00:00:00 2001 From: Otavio Salvador Date: Wed, 18 Nov 2020 20:34:58 -0300 Subject: [PATCH 011/120] maintainer-list: add otavio Signed-off-by: Otavio Salvador --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index cef2e8f4de4b..e88e6d4fabb3 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -6677,6 +6677,12 @@ githubId = 111265; name = "Ozan Sener"; }; + otavio = { + email = "otavio.salvador@ossystems.com.br"; + github = "otavio"; + githubId = 25278; + name = "Otavio Salvador"; + }; otwieracz = { email = "slawek@otwiera.cz"; github = "otwieracz"; From f5d54c88ed26b4f6bf1cbf690cd27e464a18c83e Mon Sep 17 00:00:00 2001 From: Otavio Salvador Date: Sat, 26 Dec 2020 00:06:27 -0300 Subject: [PATCH 012/120] shellhub-agent: initial expression at 0.4.2 ShellHub is a modern SSH server for remotely accessing Linux devices via command line (using any SSH client) or web-based user interface, designed as an alternative to _sshd_. Think ShellHub as centralized SSH for the the edge and cloud computing. More information about the project in: - https://shellhub.io - https://github.com/shellhub-io/shellhub Signed-off-by: Otavio Salvador --- .../networking/shellhub-agent/default.nix | 34 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 36 insertions(+) create mode 100644 pkgs/applications/networking/shellhub-agent/default.nix diff --git a/pkgs/applications/networking/shellhub-agent/default.nix b/pkgs/applications/networking/shellhub-agent/default.nix new file mode 100644 index 000000000000..b8ee60e57138 --- /dev/null +++ b/pkgs/applications/networking/shellhub-agent/default.nix @@ -0,0 +1,34 @@ +{ stdenv, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "shellhub-agent"; + version = "0.4.2"; + + src = fetchFromGitHub { + owner = "shellhub-io"; + repo = "shellhub"; + rev = "v${version}"; + sha256 = "0cd41ing1pcf1bdaaq00w5h7lih5j2kcaa0m41g3ikm3vd1w5qna"; + }; + + modRoot = "./agent"; + + vendorSha256 = "19gsfhh6idqysdxhpq45sq35gw19adz9lp83krjlhzj1vqm59qma"; + + buildFlagsArray = [ "-ldflags=-s -w -X main.AgentVersion=v${version}" ]; + + meta = with stdenv.lib; { + description = + "Enables easy access any Linux device behind firewall and NAT"; + longDescription = '' + ShellHub is a modern SSH server for remotely accessing Linux devices via + command line (using any SSH client) or web-based user interface, designed + as an alternative to _sshd_. Think ShellHub as centralized SSH for the the + edge and cloud computing. + ''; + homepage = "https://shellhub.io/"; + license = licenses.asl20; + maintainers = with maintainers; [ otavio ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 12ecc6e4e2c2..66bdcbeaca24 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2587,6 +2587,8 @@ in shell-hist = callPackage ../tools/misc/shell-hist { }; + shellhub-agent = callPackage ../applications/networking/shellhub-agent { }; + simdjson = callPackage ../development/libraries/simdjson { }; simg2img = callPackage ../tools/filesystems/simg2img { }; From 1c73baa8c8a2ef029918d2e5f8b11bf7311c596e Mon Sep 17 00:00:00 2001 From: Brian McKenna Date: Sat, 26 Dec 2020 16:06:30 +1100 Subject: [PATCH 013/120] oci-containers: fix containers attribute in docs --- nixos/modules/virtualisation/oci-containers.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/virtualisation/oci-containers.nix b/nixos/modules/virtualisation/oci-containers.nix index a46dd65eb491..ee9fe62187d3 100644 --- a/nixos/modules/virtualisation/oci-containers.nix +++ b/nixos/modules/virtualisation/oci-containers.nix @@ -176,10 +176,10 @@ let description = '' Define which other containers this one depends on. They will be added to both After and Requires for the unit. - Use the same name as the attribute under virtualisation.oci-containers. + Use the same name as the attribute under virtualisation.oci-containers.containers. ''; example = literalExample '' - virtualisation.oci-containers = { + virtualisation.oci-containers.containers = { node1 = {}; node2 = { dependsOn = [ "node1" ]; From 70f5558aeb9ec21fb6570a42de887bf8deada0bd Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sun, 27 Dec 2020 13:51:18 +0000 Subject: [PATCH 014/120] obsidian: 0.9.22 -> 0.10.1 --- pkgs/applications/misc/obsidian/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/obsidian/default.nix b/pkgs/applications/misc/obsidian/default.nix index b33c091a581a..3379e2e9b9d2 100644 --- a/pkgs/applications/misc/obsidian/default.nix +++ b/pkgs/applications/misc/obsidian/default.nix @@ -30,12 +30,12 @@ let in stdenv.mkDerivation rec { pname = "obsidian"; - version = "0.9.22"; + version = "0.10.1"; src = fetchurl { url = "https://github.com/obsidianmd/obsidian-releases/releases/download/v${version}/obsidian-${version}.asar.gz"; - sha256 = "kIqNptt5fl3YORQ7iDqQ5d6Exu+P/nAvVCVgXMRQvpQ="; + sha256 = "wnCgW4EAcg0Oc1fqOZBYKN2g8N27riL+yonoIy0AfxA="; }; nativeBuildInputs = [ makeWrapper graphicsmagick ]; From 6d13b4c5ec86d296a99d3712f4c7fff0b95677f2 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Wed, 23 Dec 2020 18:25:37 +0200 Subject: [PATCH 015/120] qt5: Update comment regarding updating srcs.nix --- pkgs/development/libraries/qt-5/5.12/default.nix | 2 +- pkgs/development/libraries/qt-5/5.12/srcs.nix | 2 +- pkgs/development/libraries/qt-5/5.14/default.nix | 2 +- pkgs/development/libraries/qt-5/5.15/default.nix | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/qt-5/5.12/default.nix b/pkgs/development/libraries/qt-5/5.12/default.nix index bf5e1b2857c7..124a0459f139 100644 --- a/pkgs/development/libraries/qt-5/5.12/default.nix +++ b/pkgs/development/libraries/qt-5/5.12/default.nix @@ -8,7 +8,7 @@ top-level attribute to `top-level/all-packages.nix`. 1. Update the URL in `pkgs/development/libraries/qt-5/$VERSION/fetch.sh`. 2. From the top of the Nixpkgs tree, run - `./maintainers/scripts/fetch-kde-qt.sh > pkgs/development/libraries/qt-5/$VERSION/srcs.nix`. + `./maintainers/scripts/fetch-kde-qt.sh pkgs/development/libraries/qt-5/$VERSION`. 3. Check that the new packages build correctly. 4. Commit the changes and open a pull request. diff --git a/pkgs/development/libraries/qt-5/5.12/srcs.nix b/pkgs/development/libraries/qt-5/5.12/srcs.nix index 8ff2db536dbc..f2ed6d13714f 100644 --- a/pkgs/development/libraries/qt-5/5.12/srcs.nix +++ b/pkgs/development/libraries/qt-5/5.12/srcs.nix @@ -1,5 +1,5 @@ # DO NOT EDIT! This file is generated automatically. -# Command: ./maintainers/scripts/fetch-kde-qt.sh pkgs/development/libraries/qt-5/5.12/fetch.sh +# Command: ./maintainers/scripts/fetch-kde-qt.sh pkgs/development/libraries/qt-5/5.12 { fetchurl, mirror }: { diff --git a/pkgs/development/libraries/qt-5/5.14/default.nix b/pkgs/development/libraries/qt-5/5.14/default.nix index b4486bf025d7..dff04b24f608 100644 --- a/pkgs/development/libraries/qt-5/5.14/default.nix +++ b/pkgs/development/libraries/qt-5/5.14/default.nix @@ -8,7 +8,7 @@ top-level attribute to `top-level/all-packages.nix`. 1. Update the URL in `pkgs/development/libraries/qt-5/$VERSION/fetch.sh`. 2. From the top of the Nixpkgs tree, run - `./maintainers/scripts/fetch-kde-qt.sh > pkgs/development/libraries/qt-5/$VERSION/srcs.nix`. + `./maintainers/scripts/fetch-kde-qt.sh pkgs/development/libraries/qt-5/$VERSION`. 3. Check that the new packages build correctly. 4. Commit the changes and open a pull request. diff --git a/pkgs/development/libraries/qt-5/5.15/default.nix b/pkgs/development/libraries/qt-5/5.15/default.nix index 2712b45bdd25..08fd3a9720cf 100644 --- a/pkgs/development/libraries/qt-5/5.15/default.nix +++ b/pkgs/development/libraries/qt-5/5.15/default.nix @@ -8,7 +8,7 @@ top-level attribute to `top-level/all-packages.nix`. 1. Update the URL in `pkgs/development/libraries/qt-5/$VERSION/fetch.sh`. 2. From the top of the Nixpkgs tree, run - `./maintainers/scripts/fetch-kde-qt.sh > pkgs/development/libraries/qt-5/$VERSION/srcs.nix`. + `./maintainers/scripts/fetch-kde-qt.sh pkgs/development/libraries/qt-5/$VERSION`. 3. Check that the new packages build correctly. 4. Commit the changes and open a pull request. From a06ee9759f3067048ce762cf379b9207100e1ddb Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Wed, 23 Dec 2020 18:38:35 +0200 Subject: [PATCH 016/120] sleepyhead: Mention why it won't use qt > 5.12 --- pkgs/top-level/all-packages.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index fa25f9bda81e..e919381a3ef1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7348,6 +7348,7 @@ in sleuthkit = callPackage ../tools/system/sleuthkit {}; + # Not updated upstream since 2018, doesn't support qt newer than 5.12 sleepyhead = libsForQt512.callPackage ../applications/misc/sleepyhead {}; slirp4netns = callPackage ../tools/networking/slirp4netns/default.nix { }; From 2c1015f80e5da947424917549b5ed52d0da0d8cf Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Wed, 23 Dec 2020 18:53:01 +0200 Subject: [PATCH 017/120] plex-media-player: explain a bit the qt5 situation --- pkgs/top-level/all-packages.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e919381a3ef1..74ea5200699c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23529,6 +23529,7 @@ in plexamp = callPackage ../applications/audio/plexamp { }; + # Upstream says it supports only qt5.9 which is not packaged, and building with qt newer than 5.12 fails plex-media-player = libsForQt512.callPackage ../applications/video/plex-media-player { }; plex-mpv-shim = python3Packages.callPackage ../applications/video/plex-mpv-shim { }; From 7ad98e2538e19261ddab3909f2db411bc36240c9 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Wed, 23 Dec 2020 18:53:29 +0200 Subject: [PATCH 018/120] boomerang: mention why it won't build with qt > 5.12 --- pkgs/top-level/all-packages.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 74ea5200699c..769c94c44b83 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1601,6 +1601,7 @@ in boringtun = callPackage ../tools/networking/boringtun { }; + # Upstream recommends qt5.12 and it doesn't build with qt5.15 boomerang = libsForQt512.callPackage ../development/tools/boomerang { }; boost-build = callPackage ../development/tools/boost-build { }; From 845a4608797976d17ba7a96eb53dddedf7860640 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Wed, 23 Dec 2020 18:58:04 +0200 Subject: [PATCH 019/120] sdrangel: 4.21.1 -> 6.4.0 --- pkgs/applications/radio/sdrangel/default.nix | 4 ++-- pkgs/top-level/all-packages.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/radio/sdrangel/default.nix b/pkgs/applications/radio/sdrangel/default.nix index 3197a7d0cc4a..96f6df2744be 100644 --- a/pkgs/applications/radio/sdrangel/default.nix +++ b/pkgs/applications/radio/sdrangel/default.nix @@ -32,13 +32,13 @@ uhd mkDerivation rec { pname = "sdrangel"; - version = "4.21.1"; + version = "6.4.0"; src = fetchFromGitHub { owner = "f4exb"; repo = "sdrangel"; rev = "v${version}"; - sha256 = "y6BVwnSJXiapgm9pAuby1DLLeU5MSyB4uqEa3oS35/U="; + sha256 = "4iJoKs0BHmBR6JRFuTIqs0GW3SjhPRMPRlqdyTI38T4="; fetchSubmodules = false; }; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 769c94c44b83..aa0dc604079e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -19156,7 +19156,7 @@ in sdparm = callPackage ../os-specific/linux/sdparm { }; - sdrangel = libsForQt512.callPackage ../applications/radio/sdrangel { }; + sdrangel = libsForQt5.callPackage ../applications/radio/sdrangel { }; sepolgen = callPackage ../os-specific/linux/sepolgen { }; From 29b54e72b86d0c169a89ab29764621a661f382dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6gler?= Date: Mon, 28 Dec 2020 22:45:00 +0100 Subject: [PATCH 020/120] vdr: 2.4.4 -> 2.4.6 --- pkgs/applications/video/vdr/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/video/vdr/default.nix b/pkgs/applications/video/vdr/default.nix index bc3d54f3b5b8..16aa2a3e6a5f 100644 --- a/pkgs/applications/video/vdr/default.nix +++ b/pkgs/applications/video/vdr/default.nix @@ -5,12 +5,12 @@ }: stdenv.mkDerivation rec { pname = "vdr"; - version = "2.4.4"; + version = "2.4.6"; src = fetchgit { url = "git://git.tvdr.de/vdr.git"; - rev = "V20404"; - sha256 = "1fzghnp5mpcwn3a3fyk3w8h15z4f2cnc75247kvxj1c9069mgnwa"; + rev = "V20406"; + sha256 = "sha256-te9lMmnWpesv+np2gJUDL17pI0WyVxhUnoBsFSRtOco="; }; enableParallelBuilding = true; From a0c2d672f78982ab92c95376f568b4bb1c8bddfd Mon Sep 17 00:00:00 2001 From: Mauricio Collares Date: Mon, 28 Dec 2020 18:13:29 -0300 Subject: [PATCH 021/120] emacs2nix: update to fix locale issues and a missing elpa package --- pkgs/applications/editors/emacs-modes/emacs2nix.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/editors/emacs-modes/emacs2nix.nix b/pkgs/applications/editors/emacs-modes/emacs2nix.nix index b4b9adfa619e..e29a19713bdd 100644 --- a/pkgs/applications/editors/emacs-modes/emacs2nix.nix +++ b/pkgs/applications/editors/emacs-modes/emacs2nix.nix @@ -4,8 +4,8 @@ let src = pkgs.fetchgit { url = "https://github.com/ttuegel/emacs2nix.git"; fetchSubmodules = true; - rev = "798542b34dc8d7f5c110119350bd9bafef9f8439"; - sha256 = "1lna9z90sxjnanggjh2si018cfzp60xsrissnv9bbkc8wish1537"; + rev = "b815a9323c1f58f6c163a1f968939c57a8b6cfa0"; + sha256 = "183xlmhjmj4z2zssc0pw990h7bf3bam8zqswnf1zcsyp8z7yrl5g"; }; in pkgs.mkShell { From 1c094a76c041a6dfb1890476ab9aa0ca6412d727 Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 15:45:59 -0500 Subject: [PATCH 022/120] python39Packages.billiard: unbreak --- .../python-modules/billiard/default.nix | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/pkgs/development/python-modules/billiard/default.nix b/pkgs/development/python-modules/billiard/default.nix index 5bccf7924525..ff87ba2e6691 100644 --- a/pkgs/development/python-modules/billiard/default.nix +++ b/pkgs/development/python-modules/billiard/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildPythonPackage, fetchPypi, isPyPy, pytest, case, psutil }: +{ stdenv, buildPythonPackage, fetchPypi, isPyPy, pytestCheckHook, case, psutil, fetchpatch }: buildPythonPackage rec { pname = "billiard"; @@ -9,11 +9,15 @@ buildPythonPackage rec { inherit pname version; sha256 = "0spssl3byzqsplra166d59jx8iqfxyzvcbx7vybkmwr5ck72a5yr"; }; + patches = [(fetchpatch { + # Add Python 3.9 support to spawnv_passfds() + # Should be included in next release after 3.6.3.0 + url = "https://github.com/celery/billiard/pull/310/commits/a508ebafadcfe2e25554b029593f3e66d01ede6c.patch"; + sha256 = "05zsr1bvjgi01qg7r274c0qvbn65iig3clyz14c08mpfyn38h84i"; + excludes = [ "tox.ini" ]; + })]; - checkInputs = [ pytest case psutil ]; - checkPhase = '' - pytest - ''; + checkInputs = [ pytestCheckHook case psutil ]; meta = with stdenv.lib; { homepage = "https://github.com/celery/billiard"; From 08bccaa1f768c57a3cf35fbd6c5660c4bf657954 Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 15:46:24 -0500 Subject: [PATCH 023/120] python3Packages.datasets: unbreak --- pkgs/development/python-modules/datasets/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/development/python-modules/datasets/default.nix b/pkgs/development/python-modules/datasets/default.nix index 4214304a9c93..fc349cdc277b 100644 --- a/pkgs/development/python-modules/datasets/default.nix +++ b/pkgs/development/python-modules/datasets/default.nix @@ -35,6 +35,10 @@ buildPythonPackage rec { xxhash ]; + postPatch = '' + substituteInPlace setup.py --replace '"tqdm>=4.27,<4.50.0"' '"tqdm>=4.27"' + ''; + # Tests require pervasive internet access. doCheck = false; From 7ae5cac752ee5ec685148fe27db4df305129408f Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 15:46:48 -0500 Subject: [PATCH 024/120] python3Packages.fastparquet: 0.4.1 -> 0.5 --- pkgs/development/python-modules/fastparquet/default.nix | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/pkgs/development/python-modules/fastparquet/default.nix b/pkgs/development/python-modules/fastparquet/default.nix index 47c7d5063090..07922ee19efa 100644 --- a/pkgs/development/python-modules/fastparquet/default.nix +++ b/pkgs/development/python-modules/fastparquet/default.nix @@ -3,22 +3,19 @@ thrift, pytest, python-snappy, lz4, zstd }: buildPythonPackage rec { pname = "fastparquet"; - version = "0.4.1"; + version = "0.5.0"; src = fetchFromGitHub { owner = "dask"; repo = pname; rev = version; - sha256 = "ViZRGEv227/RgCBYAQN8F3Z0m8WrNUT5KUdyFosjg9s="; + sha256 = "17i091kky34m2xivk29fqsyxxxa7v4352n79w01n7ni93za6wana"; }; postPatch = '' # FIXME: package zstandard # removing the test dependency for now substituteInPlace setup.py --replace "'zstandard'," "" - - # workaround for https://github.com/dask/fastparquet/issues/517 - rm fastparquet/test/test_partition_filters_specialstrings.py ''; nativeBuildInputs = [ pytestrunner ]; From d9dd5d7310daa6dde6317ecc56ae5755cc38b8d7 Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 15:47:20 -0500 Subject: [PATCH 025/120] python39Packages.fixtures: mark as broken --- pkgs/development/python-modules/fixtures/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/python-modules/fixtures/default.nix b/pkgs/development/python-modules/fixtures/default.nix index 3042acbbe848..9f1549e98f9f 100644 --- a/pkgs/development/python-modules/fixtures/default.nix +++ b/pkgs/development/python-modules/fixtures/default.nix @@ -5,6 +5,7 @@ , testtools , mock , python +, isPy39 }: buildPythonPackage rec { @@ -26,5 +27,6 @@ buildPythonPackage rec { description = "Reusable state for writing clean tests and more"; homepage = "https://pypi.python.org/pypi/fixtures"; license = lib.licenses.asl20; + broken = isPy39; # see https://github.com/testing-cabal/fixtures/issues/44 }; } From 55eaa559223da5b6cfd5bd6cd0e51b667d6865c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 20 May 2020 16:39:39 +0100 Subject: [PATCH 026/120] nixos/redis: set TimeoutStartSec/TimeoutStopSec --- nixos/modules/services/databases/redis.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 6b8853ae390b..aeb1a0c22a47 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -242,6 +242,8 @@ in ExecStart = "${cfg.package}/bin/redis-server /run/redis/redis.conf"; RuntimeDirectory = "redis"; StateDirectory = "redis"; + TimeoutStartSec = "infinity"; + TimeoutStopSec = "infinity"; Type = "notify"; User = "redis"; Group = "redis"; From 8a6c765832bfa23b42e3baa7b6a3802aa805cea3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 14 Dec 2019 08:01:00 +0000 Subject: [PATCH 027/120] command-not-found: rewrite in Rust - drops perl + libraries dependencies --- .../command-not-found/command-not-found.nix | 11 +- .../command-not-found/command-not-found.pl | 51 ------- .../programs/command-not-found/default.nix | 18 +++ .../command-not-found/rust/Cargo.lock | 131 ++++++++++++++++++ .../command-not-found/rust/Cargo.toml | 10 ++ .../command-not-found/rust/src/main.rs | 52 +++++++ 6 files changed, 212 insertions(+), 61 deletions(-) delete mode 100644 nixos/modules/programs/command-not-found/command-not-found.pl create mode 100644 nixos/modules/programs/command-not-found/default.nix create mode 100644 nixos/modules/programs/command-not-found/rust/Cargo.lock create mode 100644 nixos/modules/programs/command-not-found/rust/Cargo.toml create mode 100644 nixos/modules/programs/command-not-found/rust/src/main.rs diff --git a/nixos/modules/programs/command-not-found/command-not-found.nix b/nixos/modules/programs/command-not-found/command-not-found.nix index 656c255fcb18..da09488d82c7 100644 --- a/nixos/modules/programs/command-not-found/command-not-found.nix +++ b/nixos/modules/programs/command-not-found/command-not-found.nix @@ -9,17 +9,9 @@ with lib; let cfg = config.programs.command-not-found; - commandNotFound = pkgs.substituteAll { - name = "command-not-found"; - dir = "bin"; - src = ./command-not-found.pl; - isExecutable = true; - inherit (pkgs) perl; + commandNotFound = pkgs.callPackage ./. { inherit (cfg) dbPath; - perlFlags = concatStrings (map (path: "-I ${path}/${pkgs.perl.libPrefix} ") - [ pkgs.perlPackages.DBI pkgs.perlPackages.DBDSQLite pkgs.perlPackages.StringShellQuote ]); }; - in { @@ -91,5 +83,4 @@ in environment.systemPackages = [ commandNotFound ]; }; - } diff --git a/nixos/modules/programs/command-not-found/command-not-found.pl b/nixos/modules/programs/command-not-found/command-not-found.pl deleted file mode 100644 index ab7aa204653c..000000000000 --- a/nixos/modules/programs/command-not-found/command-not-found.pl +++ /dev/null @@ -1,51 +0,0 @@ -#! @perl@/bin/perl -w @perlFlags@ - -use strict; -use DBI; -use DBD::SQLite; -use String::ShellQuote; -use Config; - -my $program = $ARGV[0]; - -my $dbPath = "@dbPath@"; - -my $dbh = DBI->connect("dbi:SQLite:dbname=$dbPath", "", "") - or die "cannot open database `$dbPath'"; -$dbh->{RaiseError} = 0; -$dbh->{PrintError} = 0; - -my $system = $ENV{"NIX_SYSTEM"} // $Config{myarchname}; - -my $res = $dbh->selectall_arrayref( - "select package from Programs where system = ? and name = ?", - { Slice => {} }, $system, $program); - -if (!defined $res || scalar @$res == 0) { - print STDERR "$program: command not found\n"; -} elsif (scalar @$res == 1) { - my $package = @$res[0]->{package}; - if ($ENV{"NIX_AUTO_INSTALL"} // "") { - print STDERR <{package}\n" foreach @$res; -} - -exit 127; diff --git a/nixos/modules/programs/command-not-found/default.nix b/nixos/modules/programs/command-not-found/default.nix new file mode 100644 index 000000000000..bbe949fa86a3 --- /dev/null +++ b/nixos/modules/programs/command-not-found/default.nix @@ -0,0 +1,18 @@ +{ stdenv, rustPlatform, pkgconfig, sqlite +, dbPath ? "/nix/var/nix/profiles/per-user/root/channels/nixos/programs.sqlite" }: + +rustPlatform.buildRustPackage { + name = "command-not-found"; + src = ./rust; + + DB_PATH = dbPath; + NIX_SYSTEM = stdenv.system; + + postInstall = '' + strip $out/bin/command-not-found + ''; + + buildInputs = [ sqlite ]; + nativeBuildInputs = [ pkgconfig ]; + cargoSha256 = "13q61bb4b1q40g424pbssyp3ln79q1a33vmyz9s9wlqnac34cibd"; +} diff --git a/nixos/modules/programs/command-not-found/rust/Cargo.lock b/nixos/modules/programs/command-not-found/rust/Cargo.lock new file mode 100644 index 000000000000..ce3a9358c5c2 --- /dev/null +++ b/nixos/modules/programs/command-not-found/rust/Cargo.lock @@ -0,0 +1,131 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +[[package]] +name = "bitflags" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "command-not-found" +version = "0.1.0" +dependencies = [ + "rusqlite 0.23.1 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "fallible-iterator" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "fallible-streaming-iterator" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "libc" +version = "0.2.70" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "libsqlite3-sys" +version = "0.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)", + "vcpkg 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "linked-hash-map" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "lru-cache" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "linked-hash-map 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "memchr" +version = "2.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "pkg-config" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "rusqlite" +version = "0.23.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)", + "fallible-iterator 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "fallible-streaming-iterator 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)", + "libsqlite3-sys 0.18.0 (registry+https://github.com/rust-lang/crates.io-index)", + "lru-cache 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", + "memchr 2.3.3 (registry+https://github.com/rust-lang/crates.io-index)", + "smallvec 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", + "time 0.1.43 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "smallvec" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "time" +version = "0.1.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "libc 0.2.70 (registry+https://github.com/rust-lang/crates.io-index)", + "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "vcpkg" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "winapi" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", + "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[metadata] +"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" +"checksum fallible-iterator 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "4443176a9f2c162692bd3d352d745ef9413eec5782a80d8fd6f8a1ac692a07f7" +"checksum fallible-streaming-iterator 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)" = "7360491ce676a36bf9bb3c56c1aa791658183a54d2744120f27285738d90465a" +"checksum libc 0.2.70 (registry+https://github.com/rust-lang/crates.io-index)" = "3baa92041a6fec78c687fa0cc2b3fae8884f743d672cf551bed1d6dac6988d0f" +"checksum libsqlite3-sys 0.18.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1e704a02bcaecd4a08b93a23f6be59d0bd79cd161e0963e9499165a0a35df7bd" +"checksum linked-hash-map 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "8dd5a6d5999d9907cda8ed67bbd137d3af8085216c2ac62de5be860bd41f304a" +"checksum lru-cache 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "31e24f1ad8321ca0e8a1e0ac13f23cb668e6f5466c2c57319f6a5cf1cc8e3b1c" +"checksum memchr 2.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400" +"checksum pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)" = "05da548ad6865900e60eaba7f589cc0783590a92e940c26953ff81ddbab2d677" +"checksum rusqlite 0.23.1 (registry+https://github.com/rust-lang/crates.io-index)" = "45d0fd62e1df63d254714e6cb40d0a0e82e7a1623e7a27f679d851af092ae58b" +"checksum smallvec 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c7cb5678e1615754284ec264d9bb5b4c27d2018577fd90ac0ceb578591ed5ee4" +"checksum time 0.1.43 (registry+https://github.com/rust-lang/crates.io-index)" = "ca8a50ef2360fbd1eeb0ecd46795a87a19024eb4b53c5dc916ca1fd95fe62438" +"checksum vcpkg 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "3fc439f2794e98976c88a2a2dafce96b930fe8010b0a256b3c2199a773933168" +"checksum winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)" = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6" +"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" +"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" diff --git a/nixos/modules/programs/command-not-found/rust/Cargo.toml b/nixos/modules/programs/command-not-found/rust/Cargo.toml new file mode 100644 index 000000000000..f965c7df76a5 --- /dev/null +++ b/nixos/modules/programs/command-not-found/rust/Cargo.toml @@ -0,0 +1,10 @@ +[package] +name = "command-not-found" +version = "0.1.0" +edition = "2018" + +[dependencies] +rusqlite = "0.*.*" + +[profile.release] +lto = true diff --git a/nixos/modules/programs/command-not-found/rust/src/main.rs b/nixos/modules/programs/command-not-found/rust/src/main.rs new file mode 100644 index 000000000000..b0af2871cc29 --- /dev/null +++ b/nixos/modules/programs/command-not-found/rust/src/main.rs @@ -0,0 +1,52 @@ +use rusqlite::{params, Connection, Result}; +use std::env; +use std::process::exit; + +const NIX_SYSTEM: &str = env!("NIX_SYSTEM"); +const DB_PATH: &str = env!("DB_PATH"); + +fn query_packages(system: &str, program: &str) -> Result> { + Ok(Connection::open(DB_PATH)? + .prepare("select package from Programs where system = ? and name = ?;")? + .query_map(params![system, program], |row| row.get("package"))? + .collect::>>()?) +} + +fn run_app() -> i32 { + let args: Vec<_> = env::args().collect(); + if args.len() < 2 { + eprintln!("USAGE: {} PROGRAMNAME", args[0]); + return 1; + } + let program = &args[1]; + let system = env::var("NIX_SYSTEM").unwrap_or_else(|_| NIX_SYSTEM.to_string()); + let packages = match query_packages(&system, program) { + Ok(packages) => packages, + Err(err) => { + eprintln!("Failed to query package database: {}", err); + return 1; + } + }; + if packages.is_empty() { + eprintln!("{}: command not found", program); + } else { + let advice = if packages.len() > 1 { + "It is provided by several packages. You can install it by typing on of the of following commands:" + } else { + "You can install it by typing:" + }; + eprintln!( + "The program '{}' is currently not installed. {}", + program, advice + ); + for pkg in packages { + eprintln!(" nix-env -iA nixos.{}", pkg); + } + } + + 127 +} + +fn main() { + exit(run_app()); +} From 9c6f9c4068a883727aa3d52acd3745b724ec03f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 30 May 2020 10:32:17 +0100 Subject: [PATCH 028/120] redis: fix redis service --- nixos/modules/services/databases/redis.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index aeb1a0c22a47..9988f382a1b1 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -12,7 +12,7 @@ let ${condOption "bind" cfg.bind} ${condOption "unixsocket" cfg.unixSocket} daemonize no - supervised systemd + #supervised systemd loglevel ${cfg.logLevel} logfile ${cfg.logfile} syslog-enabled ${redisBool cfg.syslog} @@ -244,7 +244,7 @@ in StateDirectory = "redis"; TimeoutStartSec = "infinity"; TimeoutStopSec = "infinity"; - Type = "notify"; + Type = "simple"; User = "redis"; Group = "redis"; }; From 8420dc923e7076eb94fb4bf2c3e1eb9aa337af87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 29 May 2020 22:55:38 +0100 Subject: [PATCH 029/120] homeassistant: support for python_script automation --- .../modules/services/misc/home-assistant.nix | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/nixos/modules/services/misc/home-assistant.nix b/nixos/modules/services/misc/home-assistant.nix index 1f2e13f37325..16fff215e616 100644 --- a/nixos/modules/services/misc/home-assistant.nix +++ b/nixos/modules/services/misc/home-assistant.nix @@ -62,6 +62,17 @@ let lovelace.mode = "yaml"; }; + #pythonScripts = pkgs.runCommand "python_scripts" { + # nativeBuildInputs = [ pkgs.python3 ]; + # scripts = cfg.pythonScripts; + #} '' + # mkdir $out + # for s in $scripts; do + # echo "checking syntax of $s" + # python -m py_compile "$s" + # ln -s "$s" "$out/$(basename $s" + # done + #''; in { meta.maintainers = with maintainers; [ dotlambda ]; @@ -214,6 +225,17 @@ in { ''; }; + pythonScripts = mkOption { + #default = []; + #type = types.listOf types.path; + default = null; + type = types.nullOr types.path; + description = '' + List of python scripts to use in the python_scripts integration. + Also see in the Homeassistant documentation + ''; + }; + openFirewall = mkOption { default = false; type = types.bool; @@ -224,6 +246,12 @@ in { config = mkIf cfg.enable { networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ]; + systemd.tmpfiles.rules = mkIf (cfg.pythonScripts != null) [ + "L+ ${cfg.configDir}/python_scripts - - - - ${cfg.pythonScripts}" + ]; + + services.home-assistant.config.python_script = mkIf (cfg.pythonScripts != null) {}; + systemd.services.home-assistant = { description = "Home Assistant"; after = [ "network.target" ]; From ce025026ac145680ed06a77ef9b20fbfb60e4953 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 22 Jun 2020 11:51:00 +0100 Subject: [PATCH 030/120] homeassistant: add package substitute for feedparser --- pkgs/servers/home-assistant/component-packages.nix | 2 +- pkgs/servers/home-assistant/parse-requirements.py | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index 9135ea549f34..429f140f738f 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -243,7 +243,7 @@ "familyhub" = ps: with ps; [ ]; # missing inputs: python-family-hub-local "fan" = ps: with ps; [ ]; "fastdotcom" = ps: with ps; [ ]; # missing inputs: fastdotcom - "feedreader" = ps: with ps; [ ]; # missing inputs: feedparser-homeassistant + "feedreader" = ps: with ps; [ feedparser]; "ffmpeg" = ps: with ps; [ ha-ffmpeg ]; "ffmpeg_motion" = ps: with ps; [ ha-ffmpeg ]; "ffmpeg_noise" = ps: with ps; [ ha-ffmpeg ]; diff --git a/pkgs/servers/home-assistant/parse-requirements.py b/pkgs/servers/home-assistant/parse-requirements.py index 4fa4b8a48ee4..3d25dfeaf847 100755 --- a/pkgs/servers/home-assistant/parse-requirements.py +++ b/pkgs/servers/home-assistant/parse-requirements.py @@ -41,6 +41,10 @@ PKG_PREFERENCES = { "tensorflow-build_2": "tensorflow", } +# packages we have a different name for or we want to replace +PKG_SUBSTITUTES = { + "feedparser-homeassistant": "feedparser" +} def run_mypy() -> None: cmd = ["mypy", "--ignore-missing-imports", __file__] @@ -156,6 +160,8 @@ def main() -> None: # Therefore, if there's a "#" in the line, only take the part after it req = req[req.find("#") + 1 :] name = req.split("==")[0] + name = PKG_SUBSTITUTES.get(name, name) + attr_path = name_to_attr_path(name, packages) if attr_path is not None: # Add attribute path without "python3Packages." prefix From 2ed6fbfaf12454b596e8b0a8b3ede28e3a88a798 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 30 May 2020 03:32:55 +0100 Subject: [PATCH 031/120] iina: init at 1.1.2 --- pkgs/applications/video/iina/default.nix | 26 ++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 28 insertions(+) create mode 100644 pkgs/applications/video/iina/default.nix diff --git a/pkgs/applications/video/iina/default.nix b/pkgs/applications/video/iina/default.nix new file mode 100644 index 000000000000..f0abed2d93d6 --- /dev/null +++ b/pkgs/applications/video/iina/default.nix @@ -0,0 +1,26 @@ +{ stdenv, fetchurl, undmg }: + +stdenv.mkDerivation { + pname = "iina"; + version = "1.1.2"; + + src = fetchurl { + url = "https://github.com/iina/iina/releases/download/v1.0.7-beta2/IINA.v1.0.7-beta2.dmg"; + sha256 = "1w0l3b1kar9zglqkildcqhlwara6zy2p3x79kqa2d0b43nqka82n"; + }; + + buildInputs = [ undmg ]; + installPhase = '' + mkdir -p "$out/Applications/IINA.app" + cp -R . "$out/Applications/IINA.app" + chmod +x "$out/Applications/IINA.app/Contents/MacOS/IINA" + ''; + + meta = with stdenv.lib; { + description = "The modern video player for macOS."; + homepage = "http://https://iina.io/"; + license = licenses.gpl3; + platforms = platforms.darwin; + maintainers = with maintainers; [ mic92 ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 312b12922457..1a24d918e0a3 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -21236,6 +21236,8 @@ in icesl = callPackage ../applications/misc/icesl { }; + iina = callPackage ../applications/video/iina { }; + keepassx = callPackage ../applications/misc/keepassx { }; keepassx2 = callPackage ../applications/misc/keepassx/2.0.nix { }; keepassxc = libsForQt5.callPackage ../applications/misc/keepassx/community.nix { }; From e1e412215df70c45063f5c1bc6afcff7d3c1c0ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 12 Aug 2020 06:52:05 +0100 Subject: [PATCH 032/120] nixos-rebuild: document all nix flags --- nixos/doc/manual/man-nixos-rebuild.xml | 30 ++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index d0ff81c1dbb3..2ab5f006b06b 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -112,6 +112,15 @@ path + + + + + + + + + @@ -130,6 +139,18 @@ number + + + + + + + + + + + + @@ -567,9 +588,14 @@ In addition, nixos-rebuild accepts various Nix-related - flags, including / , + flags: , / , , , - , , and / + , , and / + , , + , , + / , + / , + / and / . See the Nix manual for details. From b8a19ca2bcff1de182bc7d161afe54de8985b31f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 12 Aug 2020 06:52:32 +0100 Subject: [PATCH 033/120] nixos-rebuild: add --impure flag There are two use case for this flag: 1. NixOS developer usually use a nixpkgs checkout for development. Copying nixpkgs everytime when rebuilding NixOS is way to slow, even with NVME disks. 2. Folks migrating from impure configuration in a sufficient complex infrastructure need this flag to gradually migrate to NixOS flakes. --- nixos/doc/manual/man-nixos-rebuild.xml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index 2ab5f006b06b..4510fdd44225 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -121,6 +121,9 @@ + + + @@ -597,6 +600,10 @@ / , / and / . See the Nix manual for details. + + The following Nix flags that are support by the upcoming nix 2.4 version: + , , , + , . See nix --help or nix build --help for details. From 19bf53f143040b87d39538e265ccc0933d7c1929 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 14 Aug 2020 07:25:07 +0100 Subject: [PATCH 034/120] nixos/filesystems: faster nonEmtpyStr check regexes should be faster than nix functions --- nixos/modules/tasks/filesystems.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/tasks/filesystems.nix b/nixos/modules/tasks/filesystems.nix index a055072f9c96..96f57fc80b0c 100644 --- a/nixos/modules/tasks/filesystems.nix +++ b/nixos/modules/tasks/filesystems.nix @@ -8,7 +8,7 @@ let addCheckDesc = desc: elemType: check: types.addCheck elemType check // { description = "${elemType.description} (with check: ${desc})"; }; nonEmptyStr = addCheckDesc "non-empty" types.str - (x: x != "" && ! (all (c: c == " " || c == "\t") (stringToCharacters x))); + (s: (builtins.match ".*[^ \t]+.*" s) != null); fileSystems' = toposort fsBefore (attrValues config.fileSystems); From f536901693ef6128cc61030ee74eb4433793b174 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 14 Aug 2020 07:25:50 +0100 Subject: [PATCH 035/120] nixos/filesystems: don't allow mountpoints with trailing slash They are semantically the same as the non-slash version and therefore are potential source of duplicates. Also fixes https://github.com/NixOS/nixpkgs/issues/78951 --- nixos/modules/tasks/filesystems.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/nixos/modules/tasks/filesystems.nix b/nixos/modules/tasks/filesystems.nix index 96f57fc80b0c..5388fc738e31 100644 --- a/nixos/modules/tasks/filesystems.nix +++ b/nixos/modules/tasks/filesystems.nix @@ -7,8 +7,9 @@ let addCheckDesc = desc: elemType: check: types.addCheck elemType check // { description = "${elemType.description} (with check: ${desc})"; }; - nonEmptyStr = addCheckDesc "non-empty" types.str - (s: (builtins.match ".*[^ \t]+.*" s) != null); + + isNonEmpty = s: (builtins.match ".*[^ \t]+.*" s) != null; + nonEmptyStr = addCheckDesc "non-empty" types.str isNonEmpty; fileSystems' = toposort fsBefore (attrValues config.fileSystems); @@ -28,10 +29,10 @@ let coreFileSystemOpts = { name, config, ... }: { options = { - mountPoint = mkOption { example = "/mnt/usb"; - type = nonEmptyStr; + type = addCheckDesc "non-empty without trailing slash" types.str + (s: isNonEmpty s && (builtins.match "(/|/.*[^/])" s) != null); description = "Location of the mounted the file system."; }; From a34aa811bdd00312409f875bd3483528dc7dbcc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 20 Sep 2020 22:00:49 +0200 Subject: [PATCH 036/120] sysdig: enable aarch64 --- pkgs/os-specific/linux/sysdig/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix index 0f8702eb6e01..5f4d638dfece 100644 --- a/pkgs/os-specific/linux/sysdig/default.nix +++ b/pkgs/os-specific/linux/sysdig/default.nix @@ -65,7 +65,7 @@ stdenv.mkDerivation rec { description = "A tracepoint-based system tracing tool for Linux (with clients for other OSes)"; license = with licenses; [ asl20 gpl2 mit ]; maintainers = [maintainers.raskin]; - platforms = ["x86_64-linux"] ++ platforms.darwin; + platforms = [ "x86_64-linux" "aarch64-linux" ] ++ platforms.darwin; broken = kernel != null && versionOlder kernel.version "4.14"; homepage = "https://sysdig.com/opensource/"; downloadPage = "https://github.com/draios/sysdig/releases"; From f84f71e1e0a51f3693be019f069149ef05b7b1ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 25 Oct 2020 07:21:00 +0100 Subject: [PATCH 037/120] nixos/nginx: add streamConfig option --- .../services/web-servers/nginx/default.nix | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 62671e9d7484..2bde2a68a6bc 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -179,6 +179,12 @@ let ${cfg.httpConfig} }''} + ${optionalString (cfg.streamConfig != "") '' + stream { + ${cfg.streamConfig} + } + ''} + ${cfg.appendConfig} ''; @@ -452,6 +458,21 @@ in "; }; + streamConfig = mkOption { + type = types.lines; + default = ""; + example = '' + server { + listen 127.0.0.1:53 udp reuseport; + proxy_timeout 20s; + proxy_pass 192.168.0.1:53535; + } + ''; + description = " + Configuration lines to be set inside the stream block. + "; + }; + eventsConfig = mkOption { type = types.lines; default = ""; From 003c48411a02cc3083e2073508189599952d17fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 12 Nov 2020 14:14:24 +0100 Subject: [PATCH 038/120] weechatScripts.wee-slack: switch to master --- .../0001-hardcode-json-file-path.patch | 35 +++++++++++++++++++ .../irc/weechat/scripts/wee-slack/default.nix | 8 ++--- .../wee-slack/hardcode-json-file-path.patch | 12 ------- 3 files changed, 39 insertions(+), 16 deletions(-) create mode 100644 pkgs/applications/networking/irc/weechat/scripts/wee-slack/0001-hardcode-json-file-path.patch delete mode 100644 pkgs/applications/networking/irc/weechat/scripts/wee-slack/hardcode-json-file-path.patch diff --git a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/0001-hardcode-json-file-path.patch b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/0001-hardcode-json-file-path.patch new file mode 100644 index 000000000000..45e620db258d --- /dev/null +++ b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/0001-hardcode-json-file-path.patch @@ -0,0 +1,35 @@ +From 5dd2593369645b11a9dc03e1930617d2f5dbd039 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= +Date: Wed, 11 Nov 2020 11:48:49 +0100 +Subject: [PATCH] hardcode json file path +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Jörg Thalheim +--- + wee_slack.py | 8 +------- + 1 file changed, 1 insertion(+), 7 deletions(-) + +diff --git a/wee_slack.py b/wee_slack.py +index a3d779c..5942289 100644 +--- a/wee_slack.py ++++ b/wee_slack.py +@@ -5136,13 +5136,7 @@ def create_slack_debug_buffer(): + + def load_emoji(): + try: +- weechat_dir = w.info_get('weechat_dir', '') +- weechat_sharedir = w.info_get('weechat_sharedir', '') +- local_weemoji, global_weemoji = ('{}/weemoji.json'.format(path) +- for path in (weechat_dir, weechat_sharedir)) +- path = (global_weemoji if os.path.exists(global_weemoji) and +- not os.path.exists(local_weemoji) else local_weemoji) +- with open(path, 'r') as ef: ++ with open('@out@/share/wee-slack/weemoji.json', 'r') as ef: + emojis = json.loads(ef.read()) + if 'emoji' in emojis: + print_error('The weemoji.json file is in an old format. Please update it.') +-- +2.29.0 + diff --git a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix index 9650f903ed6b..4be611eb71ff 100644 --- a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix +++ b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "wee-slack"; - version = "2.6.0"; + version = "8bd734c8e9a6b133a65548672f8a11ee3b3ce677"; src = fetchFromGitHub { repo = "wee-slack"; owner = "wee-slack"; - rev = "v${version}"; - sha256 = "0s4qd1z40c1bczkvc840jwjmzbv7nyj06xqs1si9v54qmkh4gaq4"; + rev = version; + sha256 = "0p48cpaqfqja9i68dqyladwif7x8c19ii8v27p9cxz5y9impc9qk"; }; patches = [ @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { paths = with python3Packages; [ websocket_client six ]; }}/${python3Packages.python.sitePackages}"; }) - ./hardcode-json-file-path.patch + ./0001-hardcode-json-file-path.patch ]; postPatch = '' diff --git a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/hardcode-json-file-path.patch b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/hardcode-json-file-path.patch deleted file mode 100644 index 7413a9229ce6..000000000000 --- a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/hardcode-json-file-path.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/wee_slack.py -+++ b/wee_slack.py -@@ -4560,8 +4560,7 @@ - - def load_emoji(): - try: -- DIR = w.info_get('weechat_dir', '') -- with open('{}/weemoji.json'.format(DIR), 'r') as ef: -+ with open('@out@/share/wee-slack/weemoji.json', 'r') as ef: - emojis = json.loads(ef.read()) - if 'emoji' in emojis: - print_error('The weemoji.json file is in an old format. Please update it.') From 2070c6a11b8799db25d105c4826ba6f1249faaf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 15 Nov 2020 03:06:46 +0100 Subject: [PATCH 039/120] openafs_1_8: add version constraints --- pkgs/servers/openafs/1.8/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/servers/openafs/1.8/default.nix b/pkgs/servers/openafs/1.8/default.nix index c26f8d3a23c5..1f475d7440fa 100644 --- a/pkgs/servers/openafs/1.8/default.nix +++ b/pkgs/servers/openafs/1.8/default.nix @@ -100,6 +100,7 @@ in stdenv.mkDerivation { homepage = "https://www.openafs.org"; license = licenses.ipl10; platforms = platforms.linux; + broken = with kernel; kernelOlder "3.18" || isHardened; maintainers = [ maintainers.maggesi maintainers.spacefrogg ]; }; } From 64a7e509d7569de376f5446991f543e3344f37b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 19 Nov 2020 11:47:29 +0100 Subject: [PATCH 040/120] nixos/nix-daemon: fix unknown sandbox warnings --- nixos/modules/services/misc/nix-daemon.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/misc/nix-daemon.nix b/nixos/modules/services/misc/nix-daemon.nix index 0eeff31d6c4d..b0763c8d0de4 100644 --- a/nixos/modules/services/misc/nix-daemon.nix +++ b/nixos/modules/services/misc/nix-daemon.nix @@ -11,6 +11,7 @@ let nixVersion = getVersion nix; isNix23 = versionAtLeast nixVersion "2.3pre"; + isNix24 = versionAtLeast nixVersion "2.4pre"; makeNixBuildUser = nr: { name = "nixbld${toString nr}"; @@ -40,7 +41,11 @@ let max-jobs = ${toString (cfg.maxJobs)} cores = ${toString (cfg.buildCores)} sandbox = ${if (builtins.isBool cfg.useSandbox) then boolToString cfg.useSandbox else cfg.useSandbox} - extra-sandbox-paths = ${toString cfg.sandboxPaths} + + ${optionalString (!isNix24) '' + extra-sandbox-paths = ${toString cfg.sandboxPaths} + ''} + substituters = ${toString cfg.binaryCaches} trusted-substituters = ${toString cfg.trustedBinaryCaches} trusted-public-keys = ${toString cfg.binaryCachePublicKeys} From f438013ac4d1c064d3a3c88bd6401c8dcff1c851 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 5 Dec 2020 10:28:11 +0100 Subject: [PATCH 041/120] python3.pkgs.pyworld: init at 0.2.12 --- .../python-modules/pyworld/default.nix | 31 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 2 files changed, 33 insertions(+) create mode 100644 pkgs/development/python-modules/pyworld/default.nix diff --git a/pkgs/development/python-modules/pyworld/default.nix b/pkgs/development/python-modules/pyworld/default.nix new file mode 100644 index 000000000000..92a91f766be7 --- /dev/null +++ b/pkgs/development/python-modules/pyworld/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildPythonPackage +, fetchPypi +, numpy +, cython +}: + +buildPythonPackage rec { + pname = "pyworld"; + version = "0.2.12"; + + src = fetchPypi { + inherit pname version; + sha256 = "896c910696975855578d855f490f94d7a57119e0a75f7f15e11fdf58ba891627"; + }; + + nativeBuildInputs = [ + cython + ]; + + propagatedBuildInputs = [ + numpy + ]; + + meta = with lib; { + description = "PyWorld is a Python wrapper for WORLD vocoder"; + homepage = https://github.com/JeremyCCHsu/Python-Wrapper-for-World-Vocoder; + license = licenses.mit; + maintainers = [ maintainers.mic92 ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 80f5f6cab1c3..46ebc85dd008 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -6208,6 +6208,8 @@ in { }); in if isPy3k then pyxattr' else pyxattr_2; + pyworld = callPackage ../development/python-modules/pyworld { }; + pyx = callPackage ../development/python-modules/pyx { }; pyxdg = callPackage ../development/python-modules/pyxdg { }; From f730926a6c23139c99f0614ba2b1e5b900bb07f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 5 Dec 2020 10:28:31 +0100 Subject: [PATCH 042/120] tts: better text expansion patches --- pkgs/tools/audio/tts/default.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pkgs/tools/audio/tts/default.nix b/pkgs/tools/audio/tts/default.nix index 770e898f2eec..338bbad19e42 100644 --- a/pkgs/tools/audio/tts/default.nix +++ b/pkgs/tools/audio/tts/default.nix @@ -61,6 +61,18 @@ python3Packages.buildPythonApplication rec { url = "https://github.com/mozilla/TTS/commit/36fee428b9f3f4ec1914b090a2ec9d785314d9aa.patch"; sha256 = "sha256-pP0NxiyrsvQ0A7GEleTdT87XO08o7WxPEpb6Bmj66dc="; }) + (fetchpatch { + url = "https://github.com/Mic92/TTS/commit/5bf62009e8c19e8c1627d1f7aa54e11bc5fa91d7.patch"; + sha256 = "sha256-ZxDytieD0zoP0/RXzG0bbVnl0oE+DF8iUVpHb8+2TqM="; + }) + (fetchpatch { + url = "https://github.com/mozilla/TTS/commit/3000647e542fce9773f4c5da082630befa5525f1.patch"; + sha256 = "sha256-dl8Zy0dEw9z4ZZFcuP1WHzCVh2+nn0jDKOncoCK+syM="; + }) + (fetchpatch { + url = "https://github.com/mozilla/TTS/commit/fe86a076bb1c7e18078718be0aa36da427f325bd.patch"; + sha256 = "sha256-cT5HYkLFzmSMwAHLOHgpG+v9HGKIbUxwS8Dt9SKHm+8="; + }) ]; preBuild = '' From 7a86a9505c06e7020f072463b343f0a83262f0eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 5 Dec 2020 10:28:54 +0100 Subject: [PATCH 043/120] tts: add pyworld dependency this will become a dependency in the next version --- pkgs/tools/audio/tts/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/tools/audio/tts/default.nix b/pkgs/tools/audio/tts/default.nix index 338bbad19e42..1634bfa5b307 100644 --- a/pkgs/tools/audio/tts/default.nix +++ b/pkgs/tools/audio/tts/default.nix @@ -107,6 +107,7 @@ python3Packages.buildPythonApplication rec { inflect gdown pysbd + pyworld ]; postInstall = '' From 4caaec36ddbc9f12a91c4b01c1f4924ede2e0c4f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 6 Dec 2020 06:04:58 +0100 Subject: [PATCH 044/120] amazon-ec2-utils: 0.5.1 -> 1.3 --- nixos/modules/virtualisation/amazon-image.nix | 2 +- .../amazon-ec2-utils/default.nix | 42 +++++++++++++++++ .../virtualization/ec2-utils/default.nix | 47 ------------------- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 2 +- 5 files changed, 45 insertions(+), 49 deletions(-) create mode 100644 pkgs/tools/virtualization/amazon-ec2-utils/default.nix delete mode 100644 pkgs/tools/virtualization/ec2-utils/default.nix diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix index 26297a7d0f1f..4f83d72901c2 100644 --- a/nixos/modules/virtualisation/amazon-image.nix +++ b/nixos/modules/virtualisation/amazon-image.nix @@ -137,7 +137,7 @@ in services.openssh.permitRootLogin = "prohibit-password"; # Creates symlinks for block device names. - services.udev.packages = [ pkgs.ec2-utils ]; + services.udev.packages = [ pkgs.amazon-ec2-utils ]; # Force getting the hostname from EC2. networking.hostName = mkDefault ""; diff --git a/pkgs/tools/virtualization/amazon-ec2-utils/default.nix b/pkgs/tools/virtualization/amazon-ec2-utils/default.nix new file mode 100644 index 000000000000..d7dd6ad0b1e3 --- /dev/null +++ b/pkgs/tools/virtualization/amazon-ec2-utils/default.nix @@ -0,0 +1,42 @@ +{ stdenv, lib, fetchFromGitHub, python3, installShellFiles }: + +stdenv.mkDerivation rec { + pname = "amazon-ec2-utils"; + version = "1.3"; + + src = fetchFromGitHub { + owner = "aws"; + repo = "amazon-ec2-utils"; + rev = version; + sha256 = "sha256-uxKnbdKGhS32kY3mA7YYtDRwKcEjNZPJUYQExZTqtxE="; + }; + + buildInputs = [ python3 ]; + # TODO next version will have manpages + #nativeBuildInputs = [ installShellFiles ]; + + installPhase = '' + # https://github.com/aws/amazon-ec2-utils/blob/8eb2effb1aea2280264d66ae58b3e156e6d429f9/amazon-ec2-utils.spec#L74 + install -D --target $out/etc/udev/rules.d *.rules + install -D --target $out/bin ec2-metadata ebsnvme-id ec2udev-vbd ec2udev-vcpu + install -D --target $out/lib/udev/ ec2nvme-nsid + # TODO next version will have manpages + #installManPage doc/* + ''; + + postFixup = '' + for i in $out/etc/udev/rules.d/*.rules; do + substituteInPlace "$i" \ + --replace '/sbin' "$out/bin" + done + substituteInPlace "$out/etc/udev/rules.d/70-ec2-nvme-devices.rules" \ + --replace 'ec2nvme-nsid' "$out/lib/udev/ec2nvme-nsid" + ''; + + meta = { + description = "A set of tools for running in EC2"; + homepage = "https://aws.amazon.com/amazon-linux-ami/"; + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ thefloweringash ]; + }; +} diff --git a/pkgs/tools/virtualization/ec2-utils/default.nix b/pkgs/tools/virtualization/ec2-utils/default.nix deleted file mode 100644 index 1605bcfa43b6..000000000000 --- a/pkgs/tools/virtualization/ec2-utils/default.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ stdenv, lib, rpmextract, fetchurl, python2, tree }: - -stdenv.mkDerivation { - name = "ec2-utils"; - version = "0.5.1"; - - # The url can be determined by booting an "Amazon Linux 2" and running: - # > yumdownloader --urls ec2-utils - src = fetchurl { - url = "http://amazonlinux.ap-northeast-1.amazonaws.com/blobstore/a3b4d2c35c2300518fe10381a05b3bd7936ff5cdd3d351143a11bf84073d9e00/ec2-utils-0.5-1.amzn2.0.1.noarch.rpm"; - sha256 = "004y7l3q9gqi78a53lykrpsnz4yp7dds1083w67m2013bk1x5d53"; - }; - - nativeBuildInputs = [ rpmextract ]; - - buildInputs = [ python2 ]; - - unpackPhase = '' - mkdir source - cd source - rpmextract "$src" - ''; - - installPhase = '' - mkdir $out - - mv --target-directory $out \ - etc sbin usr/bin usr/lib - ''; - - postFixup = '' - for i in $out/etc/udev/rules.d/*.rules; do - substituteInPlace "$i" \ - --replace '/sbin' "$out/bin" - done - - substituteInPlace "$out/etc/udev/rules.d/70-ec2-nvme-devices.rules" \ - --replace 'ec2nvme-nsid' "$out/lib/udev/ec2nvme-nsid" - ''; - - meta = { - description = "A set of tools for running in EC2"; - homepage = "https://aws.amazon.com/amazon-linux-ami/"; - license = lib.licenses.asl20; - maintainers = with lib.maintainers; [ thefloweringash ]; - }; -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 6e5da1bf34ec..793b58ac46da 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -138,6 +138,7 @@ mapAliases ({ draftsight = throw "draftsight has been removed, no longer available as freeware"; # added 2020-08-14 dvb_apps = throw "dvb_apps has been removed."; # added 2020-11-03 dwarf_fortress = dwarf-fortress; # added 2016-01-23 + ec2-utils = amazon-ec2-utils; # added 2020-12-06 emacsPackagesGen = emacsPackagesFor; # added 2018-08-18 emacsPackagesNgGen = emacsPackagesFor; # added 2018-08-18 emacsPackagesNgFor = emacsPackagesFor; # added 2019-08-07 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1a24d918e0a3..c77170369aa2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -997,7 +997,7 @@ in ec2_ami_tools = callPackage ../tools/virtualization/ec2-ami-tools { }; - ec2-utils = callPackage ../tools/virtualization/ec2-utils { }; + amazon-ec2-utils = callPackage ../tools/virtualization/amazon-ec2-utils { }; exoscale-cli = callPackage ../tools/admin/exoscale-cli { }; From d55bd2de7005b505debffe6f262e99869a0838b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 6 Dec 2020 12:19:36 +0100 Subject: [PATCH 045/120] rubyPackages: remove problematic packages Those packages block regenerating the lock file. Bundler loops forever --- pkgs/development/ruby-modules/with-packages/Gemfile | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/pkgs/development/ruby-modules/with-packages/Gemfile b/pkgs/development/ruby-modules/with-packages/Gemfile index 3454ce3df74b..dda0f69c35cc 100644 --- a/pkgs/development/ruby-modules/with-packages/Gemfile +++ b/pkgs/development/ruby-modules/with-packages/Gemfile @@ -14,13 +14,9 @@ source 'https://rubygems.org' do gem 'cocoapods' gem 'cocoapods-acknowledgements' gem 'cocoapods-art' - gem 'cocoapods-bin' gem 'cocoapods-browser' - gem 'cocoapods-bugsnag' - gem 'cocoapods-check' gem 'cocoapods-clean' gem 'cocoapods-clean_build_phases_scripts' - gem 'cocoapods-core' gem 'cocoapods-coverage' gem 'cocoapods-deintegrate' gem 'cocoapods-dependencies' @@ -31,18 +27,9 @@ source 'https://rubygems.org' do gem 'cocoapods-generate' gem 'cocoapods-git_url_rewriter' gem 'cocoapods-keys' - gem 'cocoapods-no-dev-schemes' gem 'cocoapods-open' - gem 'cocoapods-packager' - gem 'cocoapods-playgrounds' gem 'cocoapods-plugins' - gem 'cocoapods-prune-localizations' - gem 'cocoapods-rome' gem 'cocoapods-search' - gem 'cocoapods-sorted-search' - gem 'cocoapods-static-swift-framework' - gem 'cocoapods-stats' - gem 'cocoapods-tdfire-binary' gem 'cocoapods-testing' gem 'cocoapods-trunk' gem 'cocoapods-try' From 6722232b96cae9d56e90ecfdc02572ca460da67f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 6 Dec 2020 12:31:18 +0100 Subject: [PATCH 046/120] rubyPackages: update --- pkgs/top-level/ruby-packages.nix | 930 +++++++++++++++---------------- 1 file changed, 454 insertions(+), 476 deletions(-) diff --git a/pkgs/top-level/ruby-packages.nix b/pkgs/top-level/ruby-packages.nix index ef82be30b620..33a50e232d0e 100644 --- a/pkgs/top-level/ruby-packages.nix +++ b/pkgs/top-level/ruby-packages.nix @@ -1,14 +1,36 @@ { + actioncable = { + dependencies = ["actionpack" "nio4r" "websocket-driver"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0y3aa0965cdsqamxk8ac6brcvijl1zv4pvqils6xy3pbcrv0ljid"; + type = "gem"; + }; + version = "6.0.3.4"; + }; + actionmailbox = { + dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "10vb9s4frq22h5j6gyw2598k1jc29lg2czm95hf284l3mi4qly6a"; + type = "gem"; + }; + version = "6.0.3.4"; + }; actionmailer = { dependencies = ["actionpack" "actionview" "activejob" "mail" "rails-dom-testing"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18wwlj4f7jffv3vxm80d2z36nwza95l5xfcqc401hvvrls4xzhsy"; + sha256 = "1ykn5qkwdlcv5aa1gjhhmrxpjccwa7df6n4amvkmvxv5lggyma52"; type = "gem"; }; - version = "4.2.11.1"; + version = "6.0.3.4"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -16,21 +38,32 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rmldsk3a4lwxk0lrp6x1nz1v1r2xmbm3300l4ghgfygv3grdwjh"; + sha256 = "0fbjpnh5hrihc9l35q9why6ip0hcdj42axzbp6b4j1xcy1v1bicj"; type = "gem"; }; - version = "4.2.11.1"; + version = "6.0.3.4"; }; - actionview = { - dependencies = ["activesupport" "builder" "erubis" "rails-dom-testing" "rails-html-sanitizer"]; + actiontext = { + dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0x7vjn8q6blzyf7j3kwg0ciy7vnfh28bjdkd1mp9k4ghp9jn0g9p"; + sha256 = "0r0j0m76ynjspmvj5qbzl06kl9i920v269iz62y62009xydv6rqz"; type = "gem"; }; - version = "4.2.11.1"; + version = "6.0.3.4"; + }; + actionview = { + dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gdz31cq08nrqq6bxqim2qcbzv0fr34z6ycl73dmawpafj33wdkj"; + type = "gem"; + }; + version = "6.0.3.4"; }; activejob = { dependencies = ["activesupport" "globalid"]; @@ -38,43 +71,54 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jy1c1r6syjqpa0sh9f1p4iaxzvp6qg4n6zs774j9z27q7h407mj"; + sha256 = "0d0p8gjplrgym38dmchyzhv7lrrxngz0yrxl6xyvwxfxm1hgdk2k"; type = "gem"; }; - version = "4.2.11.1"; + version = "6.0.3.4"; }; activemodel = { - dependencies = ["activesupport" "builder"]; + dependencies = ["activesupport"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1c1x0rd6wnk1f0gsmxs6x3gx7yf6fs9qqkdv7r4hlbcdd849in33"; + sha256 = "00jj8namy5niq7grl5lrsr4y351rxpj1b69k1i9gvb1hnpghl099"; type = "gem"; }; - version = "4.2.11.1"; + version = "6.0.3.4"; }; activerecord = { - dependencies = ["activemodel" "activesupport" "arel"]; + dependencies = ["activemodel" "activesupport"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "07ixiwi0zzs9skqarvpfamsnay7npfswymrn28ngxaf8hi279q5p"; + sha256 = "06qvvp73z8kq9sd2mhw6p9124q5pfkswjga2fidz4c73zbr79r3g"; type = "gem"; }; - version = "4.2.11.1"; + version = "6.0.3.4"; + }; + activestorage = { + dependencies = ["actionpack" "activejob" "activerecord" "marcel"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0q734331wb7cfsh4jahj3lphpxvglzb17yvibwss1ml4g01xxm52"; + type = "gem"; + }; + version = "6.0.3.4"; }; activesupport = { - dependencies = ["i18n" "minitest" "thread_safe" "tzinfo"]; + dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vbq7a805bfvyik2q3kl9s3r418f5qzvysqbz2cwy4hr7m2q4ir6"; + sha256 = "1axidc4mikgi4yxs0ynw2c54jyrs5lxprxmzv6m3aayi9rg6rk5j"; type = "gem"; }; - version = "4.2.11.1"; + version = "6.0.3.4"; }; addressable = { dependencies = ["public_suffix"]; @@ -87,36 +131,15 @@ }; version = "2.7.0"; }; - algoliasearch = { - dependencies = ["httpclient" "json"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1ayg8j3819ay2d8618jv32ca16fh8qsgjsiq9j32yd016c170nkj"; - type = "gem"; - }; - version = "1.27.1"; - }; - arel = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0nfcrdiys6q6ylxiblky9jyssrw2xj96fmxmal7f4f0jj3417vj4"; - type = "gem"; - }; - version = "6.0.4"; - }; ast = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "184ssy3w93nkajlz2c70ifm79jp3j737294kbc5fjw69v1w0n9x7"; + sha256 = "1l3468czzjmxl93ap40hp7z94yxp4nbag0bxqs789bm30md90m2a"; type = "gem"; }; - version = "2.4.0"; + version = "2.4.1"; }; atk = { dependencies = ["glib2"]; @@ -124,10 +147,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0a8q9a1f6x4gy55p8cf52a22bnpjgn18ad9n959x0f4gybbhs948"; + sha256 = "05brc25pfvak610mdwgjsc64di29yff9i9g72m6hyc21pdjwfy3n"; type = "gem"; }; - version = "3.4.1"; + version = "3.4.3"; }; atomos = { groups = ["default"]; @@ -174,10 +197,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mmkls9n56l4gx2k0dnyianwz36z2zgpxli5bpsbr7jbw7hn2x6j"; + sha256 = "0nx3yjf4xzdgb8jkmk2344081gqr22pgjqnmjg2q64mj5d6r9194"; type = "gem"; }; - version = "11.0.1"; + version = "11.1.3"; }; cairo = { dependencies = ["native-package-installer" "pkg-config"]; @@ -185,10 +208,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0yvv2lcbsybzbw1nrmfivmln23da4rndrs3av6ymjh0x3ww5h7p8"; + sha256 = "00hiy6anibkjq9w77hg0lpgnkkbcxrfbz8wxv44jfzqbab8910wb"; type = "gem"; }; - version = "1.16.4"; + version = "1.16.6"; }; cairo-gobject = { dependencies = ["cairo" "glib2"]; @@ -196,10 +219,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gkxdfslcvrwrs48giilji3bgxd5bwijwq33p9h00r10jzfg2028"; + sha256 = "136aa800dgq6bmr0lb59mfj5q72r712wwp5wy5qxnp48adjw1k2h"; type = "gem"; }; - version = "3.4.1"; + version = "3.4.3"; }; camping = { dependencies = ["mab" "rack"]; @@ -217,10 +240,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1825ll26p28swjiw8n3x2pnh5ygsmg83spf82fnzcjn2p87vc5lf"; + sha256 = "0ia09r8bj3bjhcfiyr3vlk9zx7vahfypbs2lyrxix9x1jx3lfzq4"; type = "gem"; }; - version = "3.0.2"; + version = "3.0.3"; }; charlock_holmes = { groups = ["default"]; @@ -247,10 +270,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dka8f3hwzz7p558kiyyrdabljvwp71cbzk46akb3kvnvhcyjx89"; + sha256 = "08m0syh06bhx8dqn560ivjg96l5cs5s3l9jh2szsnlcdcyl9jsjg"; type = "gem"; }; - version = "1.3.1"; + version = "1.3.2"; }; cld3 = { dependencies = ["ffi"]; @@ -258,53 +281,42 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06p4jgrr0zixqnflmg5dcrbmhlnmll85j7vxkrjmnng293cwvzgw"; + sha256 = "04hwr44m7x7vv55lc4vk5zcd6zq98c2asvzl3dh2adg1fhpk29nr"; type = "gem"; }; - version = "3.2.4"; + version = "3.3.0"; }; cocoapods = { - dependencies = ["activesupport" "claide" "cocoapods-core" "cocoapods-deintegrate" "cocoapods-downloader" "cocoapods-plugins" "cocoapods-search" "cocoapods-stats" "cocoapods-trunk" "cocoapods-try" "colored2" "escape" "fourflusher" "gh_inspector" "molinillo" "nap" "ruby-macho" "xcodeproj"]; + dependencies = ["activesupport" "claide" "cocoapods-core" "cocoapods-deintegrate" "cocoapods-downloader" "cocoapods-plugins" "cocoapods-search" "cocoapods-stats" "cocoapods-trunk" "cocoapods-try" "colored" "escape" "fourflusher" "molinillo" "nap" "xcodeproj"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "007ssx75588ji2d8l8s6c95dng1c7b6yacng8nngpy7maijzjgzc"; + sha256 = "0rnxjwrfk3yz34xx11hh61j7p57l6vwh8b86jvjivzlgrj4a025r"; type = "gem"; }; - version = "1.8.4"; + version = "1.0.1"; }; cocoapods-acknowledgements = { - dependencies = ["activesupport" "redcarpet"]; + dependencies = ["cocoapods" "redcarpet" "xcodeproj"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "07n638ijlc4y5vfzs5ykzhmwwsng7njb2nnwn4ravydqqxqgv13m"; + sha256 = "04gaijs4djjkynan06wyaxxz48db0czzfrhh95jn3r201k2ypa7k"; type = "gem"; }; - version = "1.1.3"; + version = "1.3.0"; }; cocoapods-art = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vkcpwjp7hzby60hq0pxn9zdiz7snf7siq02bckkmd84n27hlz3w"; + sha256 = "0ljsx1inbbzj8njpk4sb40kdis6pjwpgcpy3677dm45bxw21dmkv"; type = "gem"; }; - version = "1.0.4"; - }; - cocoapods-bin = { - dependencies = ["cocoapods" "cocoapods-generate" "parallel"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0dzbv7bfyw8a0iyi4nqw8a74wrdhf3absnpdb3i46rpbkanxw7hy"; - type = "gem"; - }; - version = "0.1.24"; + version = "1.0.5"; }; cocoapods-browser = { dependencies = ["cocoapods"]; @@ -317,28 +329,6 @@ }; version = "0.1.5"; }; - cocoapods-bugsnag = { - dependencies = ["cocoapods"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1r34h66rqswsyhanx69qnhhr02xsqy2y1zp5265gl6m76nyqq5wa"; - type = "gem"; - }; - version = "2.0.1"; - }; - cocoapods-check = { - dependencies = ["cocoapods"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "17wb5xzhjvrqllsjqqbm00w8gnsrwcb6k7wsb36ykbcp0aiagvaf"; - type = "gem"; - }; - version = "1.1.0"; - }; cocoapods-clean = { groups = ["default"]; platforms = []; @@ -360,15 +350,15 @@ version = "0.0.2"; }; cocoapods-core = { - dependencies = ["activesupport" "algoliasearch" "concurrent-ruby" "fuzzy_match" "nap"]; + dependencies = ["activesupport" "fuzzy_match" "nap"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zcisqb404828n5d3lbk9y2yyx8v2yr6rk1l8y9a4i1hp743fiad"; + sha256 = "1bh69sbljlf3hvg98y2zssx0ch51lllz1k1lc8xysn43dm3ahaa5"; type = "gem"; }; - version = "1.8.4"; + version = "1.0.1"; }; cocoapods-coverage = { dependencies = ["cocoapods-testing" "slather"]; @@ -427,10 +417,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08vn0pgcyn6w6fq5xjd7szv2h9s5rzl17kyidnd7fl5qdmzc9c54"; + sha256 = "1j03hxvz3m82fwgx3jayw0y2iqm7zpacn88r6nfj2arkbjxmvjwz"; type = "gem"; }; - version = "1.3.0"; + version = "1.4.0"; }; cocoapods-expert-difficulty = { groups = ["default"]; @@ -458,10 +448,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17nqdhdjjg3919h3sz7jkqqhxsi6nyqgfyd7y4ci6fvb7pz79pdh"; + sha256 = "0324y1fm93ri54c5015rh81zqakjmzh15v969ipg0p0xinfpv7ki"; type = "gem"; }; - version = "1.6.0"; + version = "2.0.1"; }; cocoapods-git_url_rewriter = { groups = ["default"]; @@ -479,20 +469,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14jmfibzvhqxhvhphj3g83d70ya16p7s4i43wir48hnaxkaqrm85"; + sha256 = "153cxxsi77dygc4qrij6qs44dbvc7dw31jx06cmf0ajrhv9qjnxl"; type = "gem"; }; - version = "2.1.0"; - }; - cocoapods-no-dev-schemes = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "14w8yqs3r6pg06zpv58mc9vzfxhp3ka4mfhnc2p7vmyhy4nmcdza"; - type = "gem"; - }; - version = "1.0.1"; + version = "2.2.1"; }; cocoapods-open = { groups = ["default"]; @@ -504,39 +484,6 @@ }; version = "0.0.8"; }; - cocoapods-packager = { - dependencies = ["cocoapods"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1083zv9pyqyqal6dk3kvfxdmylbll6078z5zw03m4j5jcz3m8nbm"; - type = "gem"; - }; - version = "1.5.0"; - }; - cocoapods-packager-pro = { - dependencies = ["cocoapods"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1sjnlnqrc3fvc33c3lg3h6y8n969isjswxg2jdc1kfc3x0cakawl"; - type = "gem"; - }; - version = "1.5.4"; - }; - cocoapods-playgrounds = { - dependencies = ["cocoapods"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0jsc489j6dh3mczzs880vc6jvzd8yjqrszmbbnkz9azndak3mhln"; - type = "gem"; - }; - version = "1.2.2"; - }; cocoapods-plugins = { dependencies = ["nap"]; groups = ["default"]; @@ -548,27 +495,6 @@ }; version = "1.0.0"; }; - cocoapods-prune-localizations = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1hvpl56rnblmdbj40sysvk56j5hx5kdpqry00raw2p184sb5k4cf"; - type = "gem"; - }; - version = "0.3.1"; - }; - cocoapods-rome = { - dependencies = ["cocoapods" "fourflusher"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1z5z49m5aww7q301bn5dzb6fzq6lcj6fvqibpg5ys1r0c41lsj0l"; - type = "gem"; - }; - version = "1.0.1"; - }; cocoapods-search = { groups = ["default"]; platforms = []; @@ -579,28 +505,6 @@ }; version = "1.0.0"; }; - cocoapods-sorted-search = { - dependencies = ["cocoapods" "hashie" "osx_keychain" "ruby-progressbar" "typhoeus"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1da86mjq4spfsx6xjk7qylvj5423ai9y39g9xxfl9r6h8i54dmpp"; - type = "gem"; - }; - version = "0.2.4"; - }; - cocoapods-static-swift-framework = { - dependencies = ["cocoapods"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "12hhh25bj5dyz6rwc5jgarlld35vmgn43qk5lq9kfrpcli2ynhp2"; - type = "gem"; - }; - version = "0.5"; - }; cocoapods-stats = { groups = ["default"]; platforms = []; @@ -611,17 +515,6 @@ }; version = "1.1.0"; }; - cocoapods-tdfire-binary = { - dependencies = ["cocoapods" "cocoapods-bin" "cocoapods-packager-pro"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "10idp7yr2zni6zhpj1pqkj4wkk5g48f5iizjb20i8minj52l64m0"; - type = "gem"; - }; - version = "2.0.9"; - }; cocoapods-testing = { dependencies = ["xctasks"]; groups = ["default"]; @@ -639,20 +532,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vrwsgaq3nf7v3pwksgqy0mhswrp3ipczrc96vl3ii2pcc9ilwkw"; + sha256 = "12c6028bmdwrbqcb49mr5qj1p3vcijnjqbsbzywfx1isp44j9mv5"; type = "gem"; }; - version = "1.4.1"; + version = "1.5.0"; }; cocoapods-try = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gf2zjmcjhh9psq15yfy82wz5jnlihf5bcw79f8hlv4cnqyspncj"; + sha256 = "1znyp625rql37ivb5rk9fk9564cmax8icxfr041ysivpdrn98nql"; type = "gem"; }; - version = "1.1.0"; + version = "1.2.0"; }; cocoapods-try-release-fix = { groups = ["default"]; @@ -700,10 +593,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15vav4bhcc2x3jmi3izb11l4d9f3xv8hp2fszb7iqmpsccv1pz4y"; + sha256 = "0jvxqxzply1lwp7ysn94zjhh57vc14mcshw1ygw14ib8lhc00lyw"; type = "gem"; }; - version = "1.1.2"; + version = "1.1.3"; }; colorator = { groups = ["default"]; @@ -715,6 +608,16 @@ }; version = "1.1.0"; }; + colored = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0b0x5jmsyi0z69bm6sij1k89z7h0laag3cb4mdn7zkl9qmxb90lx"; + type = "gem"; + }; + version = "1.2"; + }; colored2 = { groups = ["default"]; platforms = []; @@ -730,30 +633,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1x07r23s7836cpp5z9yrlbpljcxpax14yw4fy4bnp6crhr6x24an"; + sha256 = "1vnxrbhi7cq3p4y2v9iwd10v1c7l15is4var14hwnb2jip4fyjzz"; type = "gem"; }; - version = "1.1.5"; + version = "1.1.7"; }; crass = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "030sc98kjrb36rh7g21qsbdfxrj6knsjkx0mn3b7gig8zknwhp2f"; + sha256 = "0pfl5c0pyqaparxaqxi6s4gfl21bdldwiawrc0aknyvflli60lfw"; type = "gem"; }; - version = "1.0.5"; + version = "1.0.6"; }; curb = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s27g4nkdf8wipzyxx87nnw43ps8xqg30sqz86ay7dvmmpkd786k"; + sha256 = "1q7kqswm780vx1fannnrprbfbsp166smgyszgip5q7b859mk89wp"; type = "gem"; }; - version = "0.9.10"; + version = "0.9.11"; }; curses = { groups = ["default"]; @@ -791,20 +694,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nff0nai8h8786xix92f3k5wjb51gqd9gkibmah2bvrcwyn9qiw5"; + sha256 = "09frwp3np5c64y8g5rnbl46n7riknmdjprhndsh6zzajkjr9m3xj"; type = "gem"; }; - version = "1.3.1"; + version = "1.3.5"; }; diff-lcs = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18w22bjz424gzafv6nzv98h0aqkwz3d9xhm7cbr1wfbyas8zayza"; + sha256 = "0m925b8xc6kbpnif9dldna24q1szg4mk0fvszrki837pfn46afmz"; type = "gem"; }; - version = "1.3"; + version = "1.4.4"; }; digest-sha3 = { groups = ["default"]; @@ -853,10 +756,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17hkd62ig9b0czv192kqdfq7gw0a8hgq07yclri6myc8y5lmfin5"; + sha256 = "0iym172c5337sm1x2ykc2i3f961vj3wdclbyg1x6sxs3irgfsl94"; type = "gem"; }; - version = "2.7.5"; + version = "2.7.6"; }; em-websocket = { dependencies = ["eventmachine" "http_parser.rb"]; @@ -864,20 +767,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1bsw8vjz0z267j40nhbmrvfz7dvacq4p0pagvyp17jif6mj6v7n3"; + sha256 = "1mg1mx735a0k1l8y14ps2mxdwhi5r01ikydf34b0sp60v66nvbkb"; type = "gem"; }; - version = "0.5.1"; + version = "0.5.2"; }; - erubis = { + erubi = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fj827xqjs91yqsydf0zmfyw9p4l2jz5yikg3mppz6d7fi8kyrb3"; + sha256 = "09l8lz3j00m898li0yfsnb6ihc63rdvhw3k5xczna5zrjk104f2l"; type = "gem"; }; - version = "2.7.0"; + version = "1.10.0"; }; escape = { groups = ["default"]; @@ -915,31 +818,31 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nn8wk7j22ly4lzdp5pnm7qsrjxbgspiyxkw70g1qf9bn6pslmxr"; + sha256 = "16ij8617v3js03yj1zd32mmrf7kpi9l96bid5mpqk30c4mzai55r"; type = "gem"; }; - version = "0.71.1"; + version = "0.78.1"; }; faraday = { - dependencies = ["multipart-post"]; + dependencies = ["multipart-post" "ruby2_keywords"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gggz3vvvkdrxil2fwpaaslv1z5bxzwra4wnybf20np58v1iv9w8"; + sha256 = "16dapwi5pivrl25r4lkr1mxjrzkznj4wlcb08fzkmxnj4g5c6y35"; type = "gem"; }; - version = "0.17.1"; + version = "1.1.0"; }; ffi = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0j8pzj8raxbir5w5k6s7a042sb5k02pg0f8s4na1r5lan901j00p"; + sha256 = "10ay35dm0lkcqprsiya6q2kwvyid884102ryipr4vrk790yfp8kd"; type = "gem"; }; - version = "1.10.0"; + version = "1.11.3"; }; ffi-compiler = { dependencies = ["ffi" "rake"]; @@ -969,10 +872,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1s1jxlrbq4jhwkiy5gq429v87m1l602b2gppw0ikbax7rnv30s9x"; + sha256 = "0bwqm9n69y5y0a5iickr358z7w4hml3flqwfz8b7cnj1ldabhnjn"; type = "gem"; }; - version = "2.2.0"; + version = "2.2.3"; }; fog-dnsimple = { dependencies = ["fog-core" "fog-json"]; @@ -1021,10 +924,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1afabh3g3gwj0ad53fs62waks815xcckf7pkci76l6vrghffcg8v"; + sha256 = "0yp0pxj6xsd84h2barwh3z5w289p1a6lqib309m7sbzh643qx3zz"; type = "gem"; }; - version = "2.3.1"; + version = "0.3.2"; }; fuzzy_match = { groups = ["default"]; @@ -1042,20 +945,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0194gzn0kialfh0j7crllvp808r64sg6dh297x69b0av21ar5pam"; + sha256 = "0hslcfns2ysvjyj21hjvp4hghrafw1sdl627fm0nj0wsncs94m67"; type = "gem"; }; - version = "3.4.1"; - }; - gh_inspector = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0f8r9byajj3bi2c7c5sqrc7m0zrv3nblfcd4782lw5l73cbsgk04"; - type = "gem"; - }; - version = "1.1.3"; + version = "3.4.3"; }; gio2 = { dependencies = ["gobject-introspection"]; @@ -1063,20 +956,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1l3jpgbdvb55xhcmpkcqgwx5068dfyi8kijfvzhbqh96ng0p1m7g"; + sha256 = "1l30xsr1dgnzqfmln17arnqi8iga97ldf6zgbqrfby6a94v3ammd"; type = "gem"; }; - version = "3.4.1"; + version = "3.4.3"; }; gitlab-markup = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rqf3jmyn78r3ysy3bjyx7s4yv3xipxlmqlmbyrbksna19rrx08d"; + sha256 = "0xnlra517pfj3hx07kasbqlcw51ix4xajr6bsd3mwg8bc92dlwy7"; type = "gem"; }; - version = "1.7.0"; + version = "1.7.1"; }; glib2 = { dependencies = ["native-package-installer" "pkg-config"]; @@ -1084,10 +977,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18clyn0fp0h5alnkf9i2bqd6wvl78h468pdbzs1csqnba8vw4q1c"; + sha256 = "0l46ymdf7azpd137xq4rarbaq54hxs9rgfry0r6b0ywj74rmw9ih"; type = "gem"; }; - version = "3.4.1"; + version = "3.4.3"; }; globalid = { dependencies = ["activesupport"]; @@ -1106,10 +999,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1a3x8qiisbax3x0izj8l5w66r53ba5ma53ax2jhdbhbvaxx3d02n"; + sha256 = "11gas9hzq36a2bwqi7h5c6p6jihanbhsarwhv5fw53dxap4iwj25"; type = "gem"; }; - version = "3.4.1"; + version = "3.4.3"; }; gpgme = { dependencies = ["mini_portile2"]; @@ -1117,10 +1010,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jbqajngi5ndqfarw9dxkhbphva0j71jav5wfym3fsiisvk5gg6p"; + sha256 = "0xbgh9d8nbvsvyzqnd0mzhz0nr9hx4qn025kmz6d837lry4lc6gw"; type = "gem"; }; - version = "2.0.19"; + version = "2.0.20"; }; gtk2 = { dependencies = ["atk" "gdk_pixbuf2" "pango"]; @@ -1128,20 +1021,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17az8g0n1yzz90kdbjg2hpabi04qccda7v6lin76bs637ivfg2md"; + sha256 = "0v1ag6irp52asm0yaxa7s533czy7yzhanhgn1v0cndqpzqk8icfz"; type = "gem"; }; - version = "3.4.1"; + version = "3.4.3"; }; hashie = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0drkv8a70akprcnbxvd08hzp2bgd5g4s5g752f8599ks1g6a7wj1"; + sha256 = "02bsx12ihl78x0vdm37byp78jjw2ff6035y7rrmbd90qxjwxr43q"; type = "gem"; }; - version = "4.0.0"; + version = "4.1.0"; }; highline = { groups = ["default"]; @@ -1230,10 +1123,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "038qvz7kd3cfxk8bvagqhakx68pfbnmghpdkx7573wbf0maqp9a3"; + sha256 = "153sx77p16vawrs4qpkv7qlzf9v5fks4g7xqcj1dwk40i6g7rfzk"; type = "gem"; }; - version = "0.9.5"; + version = "1.8.5"; }; iconv = { groups = ["default"]; @@ -1255,26 +1148,16 @@ }; version = "0.1.0"; }; - jaro_winkler = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1y8l6k34svmdyqxya3iahpwbpvmn3fswhwsvrz0nk1wyb8yfihsh"; - type = "gem"; - }; - version = "1.5.4"; - }; jbuilder = { dependencies = ["activesupport"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03adzsc2hfd0lvprm45s52bkxpnpnw8r9prcx8zx1aw2a8lzp9r7"; + sha256 = "02llgsg30jz9kpxs8jzv6rvzaylw7948xj2grp4vsfg54z20cwbm"; type = "gem"; }; - version = "2.9.1"; + version = "2.10.1"; }; jekyll = { dependencies = ["addressable" "colorator" "em-websocket" "i18n" "jekyll-sass-converter" "jekyll-watch" "kramdown" "kramdown-parser-gfm" "liquid" "mercenary" "pathutil" "rouge" "safe_yaml" "terminal-table"]; @@ -1282,10 +1165,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fpckw5nf4hfr5vhhdlmaxxp5lkdmc1vyqnmijwvy9fmjn4c87aa"; + sha256 = "192k1ggw99slpqpxb4xamcvcm2pdahgnmygl746hmkrar0i3xa5r"; type = "gem"; }; - version = "4.0.0"; + version = "4.1.1"; }; jekyll-sass-converter = { dependencies = ["sassc"]; @@ -1293,10 +1176,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xjzqpp35qr2vnf2zpak0srn773mp21glcq81a0iqpnrva7h80m3"; + sha256 = "04ncr44wrilz26ayqwlg7379yjnkb29mvx4j04i62b7czmdrc9dv"; type = "gem"; }; - version = "2.0.1"; + version = "2.1.0"; }; jekyll-watch = { dependencies = ["listen"]; @@ -1324,30 +1207,31 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nrmw2r4nfxlfgprfgki3hjifgrcrs3l5zvm3ca3gb4743yr25mn"; + sha256 = "158fawfwmv2sq4whqqaksfykkiad2xxrrj0nmpnc6vnlzi1bp7iz"; type = "gem"; }; - version = "2.3.0"; + version = "2.3.1"; }; jwt = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01zg1vp3lyl3flyjdkrcc93ghf833qgfgh2p1biqfhkzz11r129c"; + sha256 = "14ynyq1q483spj20ffl4xayfqx1a8qr761mqjfxczf8lwlap392n"; type = "gem"; }; - version = "2.2.1"; + version = "2.2.2"; }; kramdown = { + dependencies = ["rexml"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dl840bvx8d9nq6lg3mxqyvbiqnr6lk3jfsm6r8zhz7p5srmd688"; + sha256 = "1vmw752c26ny2jwl0npn0gbyqwgz4hdmlpxnsld9qi9xhk5b1qh7"; type = "gem"; }; - version = "2.1.0"; + version = "2.3.0"; }; kramdown-parser-gfm = { dependencies = ["kramdown"]; @@ -1365,20 +1249,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jivcckillfvd4n2jnsnnlf93z3gpvqbwsczs0fvv9hc90zpj7yh"; + sha256 = "0317sr3nrl51sp844bps71smkrwim3fjn47wdfpbycixnbxspivm"; type = "gem"; }; - version = "7.3.492.27.1"; + version = "8.4.255.0"; }; libxml-ruby = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1r7m7zipkpam8ns4ys4qyh7yj3is3dy7ky6qwnw557pvpgx0aqrd"; + sha256 = "0w2pw08b6pc9pm51ix7413jcllaisc06dvwzq0191ag1jsysv220"; type = "gem"; }; - version = "3.1.0"; + version = "3.2.1"; }; liquid = { groups = ["default"]; @@ -1396,10 +1280,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1w923wmdi3gyiky0asqdw5dnh3gcjs2xyn82ajvjfjwh6sn0clgi"; + sha256 = "1zpcgha7g33wvy2xbbc663cbjyvg9l1325lg3gzgcn3baydr9rha"; type = "gem"; }; - version = "3.2.1"; + version = "3.3.3"; }; loofah = { dependencies = ["crass" "nokogiri"]; @@ -1407,10 +1291,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1g7ps9m3s14cajhxrfgbzahv9i3gy47s4hqrv3mpybpj5cyr0srn"; + sha256 = "0ndimir6k3kfrh8qrb7ir1j836l4r3qlwyclwjh88b86clblhszh"; type = "gem"; }; - version = "2.4.0"; + version = "2.8.0"; }; mab = { groups = ["default"]; @@ -1444,6 +1328,17 @@ }; version = "2.7.1"; }; + marcel = { + dependencies = ["mimemagic"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1nxbjmcyg8vlw6zwagf17l9y2mwkagmmkg95xybpn4bmf3rfnksx"; + type = "gem"; + }; + version = "0.3.3"; + }; markaby = { dependencies = ["builder"]; groups = ["default"]; @@ -1460,20 +1355,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10la0xw82dh5mqab8bl0dk21zld63cqxb1g16fk8cb39ylc4n21a"; + sha256 = "0f2i827w4lmsizrxixsrv2ssa3gk1b7lmqh8brk8ijmdb551wnmj"; type = "gem"; }; - version = "0.3.6"; + version = "0.4.0"; }; method_source = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pviwzvdqd90gn6y7illcdd9adapw8fczml933p5vl739dkvl3lq"; + sha256 = "1pnyh44qycnf9mzi1j6fywd5fkskv3x7nmsqrrws0rjn5dd4ayfp"; type = "gem"; }; - version = "0.9.2"; + version = "1.0.0"; }; mime-types = { dependencies = ["mime-types-data"]; @@ -1491,20 +1386,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18x61fc36951vw7f74gq8cyybdpxvyg5d0azvqhrs82ddw3v16xh"; + sha256 = "0ipjyfwn9nlvpcl8knq3jk4g5f12cflwdbaiqxcq1s7vwfwfxcag"; type = "gem"; }; - version = "3.2019.1009"; + version = "3.2020.1104"; + }; + mimemagic = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1qfqb9w76kmpb48frbzbyvjc0dfxh5qiw1kxdbv2y2kp6fxpa1kf"; + type = "gem"; + }; + version = "0.3.5"; }; mini_magick = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0qy09qrd5bwh8mkbj514n5vcw9ni73218h9s3zmvbpmdwrnzi8j4"; + sha256 = "1aj604x11d9pksbljh0l38f70b558rhdgji1s9i763hiagvvx2hs"; type = "gem"; }; - version = "4.9.5"; + version = "4.11.0"; }; mini_mime = { groups = ["default"]; @@ -1531,40 +1436,40 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0w16p7cvslh3hxd3cia8jg4pd85z7rz7xqb16vh42gj4rijn8rmi"; + sha256 = "170y2cvx51gm3cm3nhdf7j36sxnkh6vv8ls36p90ric7w8w16h4v"; type = "gem"; }; - version = "5.13.0"; + version = "5.14.2"; }; molinillo = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hh40z1adl4lw16dj4hxgabx4rr28mgqycih1y1d91bwww0jjdg6"; + sha256 = "0msabpxiyhlbgayrvr01316alaxrxwh6h8yzqz6p36v1zhqgddw4"; type = "gem"; }; - version = "0.6.6"; + version = "0.4.5"; }; msgpack = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qr2mkm2i3m76zarvy7qgjl9596hmvjrg7x6w42vx8cfsbf5p0y1"; + sha256 = "1lva6bkvb4mfa0m3bqn4lm4s4gi81c40jvdcsrxr6vng49q9daih"; type = "gem"; }; - version = "1.3.1"; + version = "1.3.3"; }; multi_json = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xy54mjf7xg41l8qrg1bqri75agdqmxap9z466fjismc1rn2jwfr"; + sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z"; type = "gem"; }; - version = "1.14.1"; + version = "1.15.0"; }; multipart-post = { groups = ["default"]; @@ -1576,6 +1481,17 @@ }; version = "2.1.1"; }; + mustermann = { + dependencies = ["ruby2_keywords"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ccm54qgshr1lq3pr1dfh7gphkilc19dp63rw6fcx7460pjwy88a"; + type = "gem"; + }; + version = "1.1.1"; + }; mysql2 = { groups = ["default"]; platforms = []; @@ -1591,10 +1507,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ajfyaqjw3dzykk612yw8sm21savfqy292hgps8h8l4lvxww1lz6"; + sha256 = "0xi36h3f7nm8bc2k0b6svpda1lyank2gf872lxjbhw3h95hdrbma"; type = "gem"; }; - version = "0.2.6"; + version = "0.3.0"; }; nap = { groups = ["default"]; @@ -1632,20 +1548,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nkf3my587f0izqw0dl3zl24c3lnrw9y5xrq9vb0lhgymmgcav9g"; + sha256 = "0b4h3ip8d1gkrc0znnw54hbxillk73mdnaf5pz330lmrcl1wiilg"; type = "gem"; }; - version = "2.0.0"; + version = "3.0.0"; }; net-ssh = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "101wd2px9lady54aqmkibvy4j62zk32w0rjz4vnigyg974fsga40"; + sha256 = "0jp3jgcn8cij407xx9ldb5h9c6jv13jc4cf6kk2idclz43ww21c9"; type = "gem"; }; - version = "5.2.0"; + version = "6.1.0"; }; netrc = { groups = ["default"]; @@ -1662,10 +1578,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gnmvbryr521r135yz5bv8354m7xn6miiapfgpg1bnwsvxz8xj6c"; + sha256 = "1cbwp1kbv6b2qfxv8sarv0d0ilb257jihlvdqj8f5pdm0ksq1sgk"; type = "gem"; }; - version = "2.5.2"; + version = "2.5.4"; }; nokogiri = { dependencies = ["mini_portile2"]; @@ -1673,10 +1589,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0r0qpgf80h764k176yr63gqbs2z0xbsp8vlvs2a79d5r9vs83kln"; + sha256 = "0xmf60nj5kg9vaj5bysy308687sgmkasgx06vbbnf94p52ih7si2"; type = "gem"; }; - version = "1.10.7"; + version = "1.10.10"; }; opus-ruby = { dependencies = ["ffi"]; @@ -1706,10 +1622,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09lb0a9y4q7946jaf53li1v4cb6ksfb5bq5wb15yn8ja6wf9n427"; + sha256 = "1zlk3bksiwrdvb7j0r5av7w280kigl7947wa7w4kbwqz3snaxl3m"; type = "gem"; }; - version = "4.3.0"; + version = "4.4.0"; }; pango = { dependencies = ["cairo-gobject" "gobject-introspection"]; @@ -1717,20 +1633,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1d0cn50qgpifrcv8qx72wi6l9xalw3ryngbfmm9xpg9vx5rl1qbp"; + sha256 = "05smxn2jank7wqih59lhr30ab8f4qxdsdiiag5v7a0gjgzkmbi7f"; type = "gem"; }; - version = "3.4.1"; + version = "3.4.3"; }; parallel = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "12jijkap4akzdv11lm08dglsc8jmc87xcgq6947i1s3qb69f4zn2"; + sha256 = "0055br0mibnqz0j8wvy20zry548dhkakws681bhj3ycb972awkzd"; type = "gem"; }; - version = "1.19.1"; + version = "1.20.1"; }; parser = { dependencies = ["ast"]; @@ -1738,10 +1654,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10siyp14d88jwcfj45kkk3nwl4wyr2r5ajb7vy4iwh1gxmhvi727"; + sha256 = "1f7gmm60yla325wlnd3qkxs59qm2y0aan8ljpg6k18rwzrrfil6z"; type = "gem"; }; - version = "2.7.0.0"; + version = "2.7.2.0"; }; pathutil = { dependencies = ["forwardable-extended"]; @@ -1779,20 +1695,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15pa9qy7ngig21zgnvzwaxiy4rc7wbibna5050jjpgal9drgvpyy"; + sha256 = "13mfrysrdrh8cka1d96zm0lnfs59i5x2g6ps49r2kz5p3q81xrzj"; type = "gem"; }; - version = "1.2.0"; + version = "1.2.3"; }; pkg-config = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1cxdpr2wlz9b587avlq04a1da5fz1vdw8jvr6lx23mcq7mqh2xcx"; + sha256 = "068sf963n2zk47kqcckj624g5pxmk68mm76h02piphfyh9x4zmi3"; type = "gem"; }; - version = "1.4.0"; + version = "1.4.4"; }; polyglot = { groups = ["default"]; @@ -1810,10 +1726,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00rm71x0r1jdycwbs83lf9l6p494m99asakbvqxh8rz7zwnlzg69"; + sha256 = "0iyw4q4an2wmk8v5rn2ghfy2jaz9vmw2nk8415nnpx2s866934qk"; type = "gem"; }; - version = "0.12.2"; + version = "0.13.1"; }; pry-byebug = { dependencies = ["byebug" "pry"]; @@ -1821,10 +1737,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1aqz4gz8z44k6svpvcsfrqbigcpjd2kwvfm77yq3v8yzkhjrx0zi"; + sha256 = "096y5vmzpyy4x9h4ky4cs4y7d19vdq9vbwwrqafbh5gagzwhifiv"; type = "gem"; }; - version = "3.7.0"; + version = "3.9.0"; }; pry-doc = { dependencies = ["pry" "yard"]; @@ -1832,20 +1748,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14lwb5dxfibcqbjygzvnf8ry0mayx48fk20qhg06214sll0sp0kv"; + sha256 = "1xrf2whjycv4sd7qvf5m6zdpk0lhf1p63v66w9ha146fc7rcjkc1"; type = "gem"; }; - version = "1.0.0"; + version = "1.1.0"; }; public_suffix = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ww6577yhgszvc0p33qg9nb7n03fyadvl14v2kbpm4rpf0q4i6gz"; + sha256 = "1xqcgkl7bwws1qrlnmxgh8g4g9m10vg60bhlw40fplninb3ng6d9"; type = "gem"; }; - version = "4.0.2"; + version = "4.0.6"; }; puma = { dependencies = ["nio4r"]; @@ -1853,20 +1769,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0v6zai6sinw5r1lchm278mm3dr8x5vi8pwmybwv9lz1kz02fk2g3"; + sha256 = "1fl2bgw1lh1712qpzl5m5vi4cc1bcw336bh1dbp28fkmss9yysma"; type = "gem"; }; - version = "4.3.1"; + version = "5.1.0"; }; rack = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1riq0z408dwvqcqrpq05bp2w879l4sjxzb4cbrbx55kpi6h2g1cj"; + sha256 = "0i5vs0dph9i5jn8dfc6aqd6njcafmb20rwqngrf759c9cvmyff16"; type = "gem"; }; - version = "1.6.12"; + version = "2.2.3"; }; rack-protection = { dependencies = ["rack"]; @@ -1874,10 +1790,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0my0wlw4a5l3hs79jkx2xzv7djhajgf8d28k8ai1ddlnxxb0v7ss"; + sha256 = "159a4j4kragqh0z0z8vrpilpmaisnlz3n7kgiyf16bxkwlb3qlhz"; type = "gem"; }; - version = "1.5.5"; + version = "2.1.0"; }; rack-test = { dependencies = ["rack"]; @@ -1885,43 +1801,32 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0h6x5jq24makgv2fq5qqgjlrk74dxfy62jif9blk43llw8ib2q7z"; + sha256 = "0rh8h376mx71ci5yklnpqqn118z3bl67nnv5k801qaqn1zs62h8m"; type = "gem"; }; - version = "0.6.3"; + version = "1.1.0"; }; rails = { - dependencies = ["actionmailer" "actionpack" "actionview" "activejob" "activemodel" "activerecord" "activesupport" "railties" "sprockets-rails"]; + dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" "sprockets-rails"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ywvis59dd3v8qapi9ix6743zgk07l21x1cd6nb1ddpahxhm7dml"; + sha256 = "0vs4kfgp5pr5032nnhdapq60ga6karann06ilq1yjx8qck87cfxg"; type = "gem"; }; - version = "4.2.11.1"; - }; - rails-deprecated_sanitizer = { - dependencies = ["activesupport"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0qxymchzdxww8bjsxj05kbf86hsmrjx40r41ksj0xsixr2gmhbbj"; - type = "gem"; - }; - version = "1.0.3"; + version = "6.0.3.4"; }; rails-dom-testing = { - dependencies = ["activesupport" "nokogiri" "rails-deprecated_sanitizer"]; + dependencies = ["activesupport" "nokogiri"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wssfqpn00byhvp2372p99mphkcj8qx6pf6646avwr9ifvq0q1x6"; + sha256 = "1lfq2a7kp2x64dzzi5p4cjcbiv62vxh9lyqk2f0rqq3fkzrw8h5i"; type = "gem"; }; - version = "1.0.9"; + version = "2.0.3"; }; rails-html-sanitizer = { dependencies = ["loofah"]; @@ -1935,15 +1840,15 @@ version = "1.3.0"; }; railties = { - dependencies = ["actionpack" "activesupport" "rake" "thor"]; + dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1bjf21z9maiiazc1if56nnh9xmgbkcqlpznv34f40a1hsvgk1d1m"; + sha256 = "0x28620cvfja8r06lk6f90pw5lvijz9qi4bjsa4z1d1rkr3v4r3w"; type = "gem"; }; - version = "4.2.11.1"; + version = "6.0.3.4"; }; rainbow = { groups = ["default"]; @@ -1970,10 +1875,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lm1k7wpz69jx7jrc92w3ggczkjyjbfziq5mg62vjnxmzs383xx8"; + sha256 = "1k9bsj7ni0g2fd7scyyy1sk9dy2pg9akniahab0iznvjmhn54h87"; type = "gem"; }; - version = "0.10.3"; + version = "0.10.4"; }; rb-inotify = { dependencies = ["ffi"]; @@ -2002,20 +1907,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lvz1vk2l3chnz6zdp4xmh6w2z75rndhgbravbxgvw8ff4snsxa7"; + sha256 = "0y8yzianlkc9w6sbqy8iy8l0yym0y6x7p5rjflkfixq76fqmhvzk"; type = "gem"; }; - version = "7.1.0"; + version = "7.1.1"; }; re2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00wf9k1hkv3z3nfkrnfyyfq9ah0l7k14awqys3h2hqz4c21pqd2i"; + sha256 = "16q71cc9wx342c697q18pkz19ym4ncjd97hcw4v6f1mgflkdv400"; type = "gem"; }; - version = "1.1.1"; + version = "1.2.0"; }; redcarpet = { groups = ["default"]; @@ -2032,10 +1937,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08v2y91q1pmv12g9zsvwj66w3s8j9d82yrmxgyv4y4gz380j3wyh"; + sha256 = "15x2sr6h094rjbvg8pkq6m3lcd5abpyx93aifvfdz3wv6x55xa48"; type = "gem"; }; - version = "4.1.3"; + version = "4.2.5"; }; redis-rack = { dependencies = ["rack" "redis-store"]; @@ -2043,10 +1948,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pa19ydbk0l6wilwbxcjn6knfs4ffgj0rhaaldrlhf76pjgkaiqb"; + sha256 = "1nblbxg1f051dn83jp92lz3lc1wxm18nviglrabv2l0vz6rd0pkb"; type = "gem"; }; - version = "2.0.6"; + version = "2.1.3"; }; redis-store = { dependencies = ["redis"]; @@ -2054,10 +1959,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1isqzzds9kszc2nn8jiy8ikry01qspn7637ba9z2k6sk7vky46d9"; + sha256 = "0cpzbf2svnk4j5awb24ncl0mih45zkbdrd7q23jdg1r8k3q7mdg6"; type = "gem"; }; - version = "1.8.1"; + version = "1.9.0"; + }; + regexp_parser = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1racz3w9s4w0ls32bvjypfifk4a7qxngm2cv1rh16jyz0c1wjd70"; + type = "gem"; + }; + version = "2.0.0"; }; rest-client = { dependencies = ["http-accept" "http-cookie" "mime-types" "netrc"]; @@ -2070,25 +1985,35 @@ }; version = "2.1.0"; }; + rexml = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1mkvkcw9fhpaizrhca0pdgjcrbns48rlz4g6lavl5gjjq3rk2sq3"; + type = "gem"; + }; + version = "3.2.4"; + }; rmagick = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06ya2zpz2g3g4c90bmd1z11qkajls3srq5b7cswrjq8ima568ja0"; + sha256 = "0ajn6aisf9hh3x5zrs7n02pg5xy3m8x38gh9cn7b3klzgp3djla5"; type = "gem"; }; - version = "4.0.0"; + version = "4.1.2"; }; rouge = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0k5jrp0qc9p61mfcwyn1a7dajmkw04z6y76wa8a0axh1v2wrw8ld"; + sha256 = "0yvcv901lrh5rfnk1h4h56hf2m6n9pd6w8n96vag74aakgz3gaxn"; type = "gem"; }; - version = "3.14.0"; + version = "3.25.0"; }; rpam2 = { groups = ["default"]; @@ -2106,10 +2031,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hzsig4pi9ybr0xl5540m1swiyxa74c8h09225y5sdh2rjkkg84h"; + sha256 = "1dwai7jnwmdmd7ajbi2q0k0lx1dh88knv5wl7c34wjmf94yv8w5q"; type = "gem"; }; - version = "3.9.0"; + version = "3.10.0"; }; rspec-core = { dependencies = ["rspec-support"]; @@ -2117,10 +2042,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gppalb2ynj0xk7vp8kk5pwzihmiqc8l4prpy4n9spclq7iqkspq"; + sha256 = "0n2rdv8f26yw8c6asymc0mgddyr5d2b5n6mfvpd3n6lnpf1jdyv2"; type = "gem"; }; - version = "3.9.0"; + version = "3.10.0"; }; rspec-expectations = { dependencies = ["diff-lcs" "rspec-support"]; @@ -2128,10 +2053,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gjqfb39da6gywdcp4h77738r7khbrn2v4y45589z25bj4z9paf0"; + sha256 = "0j37dvnvfbjwj8dqx27yfvz0frl7f2jc1abqg99h0ppriz9za6dc"; type = "gem"; }; - version = "3.9.0"; + version = "3.10.0"; }; rspec-mocks = { dependencies = ["diff-lcs" "rspec-support"]; @@ -2139,52 +2064,64 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0q9f8nrxhs4k2vl3bnm3pi5s44v9pnvjwirjnwji3sxzf68c2xjf"; + sha256 = "1pz89y1522i6f8wzrg72ykmch3318ih87nlpl0y1ghsrs5hqymw3"; type = "gem"; }; - version = "3.9.0"; + version = "3.10.0"; }; rspec-support = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18080h06kqayyr6dpw4c62l0wav09ihkd6skinsln13kmq0cv0mx"; + sha256 = "0j0n28i6zci5j7gg370bdy87dy43hlwx6dw428d9kamf5a0i2klz"; type = "gem"; }; - version = "3.9.0"; + version = "3.10.0"; }; rubocop = { - dependencies = ["jaro_winkler" "parallel" "parser" "rainbow" "ruby-progressbar" "unicode-display_width"]; + dependencies = ["parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1p1bhsfscasp57l5di9hsx8jl325kfjswhd2mlzq74hj3gdws4x0"; - type = "gem"; - }; - version = "0.78.0"; - }; - rubocop-performance = { - dependencies = ["rubocop"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1fk9nd3b24avgsqp726hy2pl1iyfjrh6jni97wkky6kqy0lq6zq2"; + sha256 = "0k246mahr4737rlvazll5vfvq1307b0z9pmhlnp5ynknl31fclp5"; type = "gem"; }; version = "1.5.2"; }; - ruby-graphviz = { + rubocop-ast = { + dependencies = ["parser"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jzbs0jhaz77azsc30gsfg89fy44vsr565jcj4axhc65n1fmhs90"; + sha256 = "1z9253d7hwdlqr3g7rwx6x6n0qwv8niq6r2ppgry2lbfvb4czypm"; type = "gem"; }; - version = "1.2.4"; + version = "1.3.0"; + }; + rubocop-performance = { + dependencies = ["rubocop" "rubocop-ast"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0zfc0wvx4jw0apn86jbz5za8pjmb7k0j58ndap3kwarkznxk2ad1"; + type = "gem"; + }; + version = "1.9.1"; + }; + ruby-graphviz = { + dependencies = ["rexml"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "010m283gk4qgzxkgrldlnrglh8d5fn6zvrzm56wf5abd7x7b8aqw"; + type = "gem"; + }; + version = "1.2.5"; }; ruby-libvirt = { groups = ["default"]; @@ -2206,16 +2143,6 @@ }; version = "1.2.3"; }; - ruby-macho = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0lhdjn91jkifsy2hzq2hgcm0pp8pbik87m58zmw1ifh6hkp9adjb"; - type = "gem"; - }; - version = "1.4.0"; - }; ruby-progressbar = { groups = ["default"]; platforms = []; @@ -2242,10 +2169,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14hzfsbx7n0jsm6bxif99kbhlmxr4s7g6xvml6xbqphlqbmy5d43"; + sha256 = "0lk124dixshf8mmrjpsy9avnaygni3cwki25g8nm5py4d2f5fwwa"; type = "gem"; }; - version = "2.0.16"; + version = "2.0.17"; + }; + ruby2_keywords = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "17pcc0wgvh3ikrkr7bm3nx0qhyiqwidd13ij0fa50k7gsbnr2p0l"; + type = "gem"; + }; + version = "0.0.2"; }; RubyInline = { dependencies = ["ZenTest"]; @@ -2263,20 +2200,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gz0ri0pa2xr7b6bf66yjc2wfvk51f4gi6yk7bklwl1nr65zc4gz"; + sha256 = "0590m2pr9i209pp5z4mx0nb1961ishdiqb28995hw1nln1d1b5ji"; type = "gem"; }; - version = "2.0.0"; + version = "2.3.0"; }; rugged = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rdidxgpk1b6y1jq9v77lcx5khq0s9q0s253lr8x57d3hk43iskx"; + sha256 = "04aq913plcxjw71l5r62qgz3bx3466p0wvgyfqahg5n3nybmcwqy"; type = "gem"; }; - version = "0.28.4.1"; + version = "1.1.0"; }; safe_yaml = { groups = ["default"]; @@ -2294,10 +2231,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09bnid7r5z5hcin5hykvpvv8xig27wbbckxwis60z2aaxq4j9siz"; + sha256 = "0gpqv48xhl8mb8qqhcifcp0pixn206a7imc07g48armklfqa4q2c"; type = "gem"; }; - version = "2.2.1"; + version = "2.4.0"; }; scrypt = { dependencies = ["ffi-compiler"]; @@ -2315,20 +2252,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wxkmgjnb8nskvqqwxihhbc1x8dhbbrcq70zxwqbyy5hvf4dh88f"; + sha256 = "1yz6pqdr8p5dv5qkza5kqn6il6m4vcl5hvry6k108axc12zf6hrb"; type = "gem"; }; - version = "0.10.0"; + version = "0.10.6"; }; sequel = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vrbwwxvmdb7q1sdc0jnhlf826l74n9880xy5li1qabr0hyrmf1j"; + sha256 = "0k4ybmzrf79j9hgcl4m0hiaibf6m8apll99hml9rdjxvkprw51in"; type = "gem"; }; - version = "5.27.0"; + version = "5.39.0"; }; sequel_pg = { dependencies = ["pg" "sequel"]; @@ -2336,42 +2273,52 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1y010rfdgpkw1yspqchjqdp7n8yahscyw98g3l2pw56nzbqipjb8"; + sha256 = "0mkbnc96bfpl5wqacblzwiwqywbx4vqrvkz57fj1h2f0bn635nk6"; type = "gem"; }; - version = "1.12.2"; + version = "1.14.0"; }; simplecov = { - dependencies = ["docile" "json" "simplecov-html"]; + dependencies = ["docile" "simplecov-html" "simplecov_json_formatter"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1135k46nik05sdab30yxb8264lqiz01c8v000g16cl9pjc4mxrdw"; + sha256 = "1mm20dvd64w46l5k11il9z5sjgdpp0bknml76glcngvl2w03k3cb"; type = "gem"; }; - version = "0.17.1"; + version = "0.20.0"; }; simplecov-html = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lihraa4rgxk8wbfl77fy9sf0ypk31iivly8vl3w04srd7i0clzn"; + sha256 = "0yx01bxa8pbf9ip4hagqkp5m0mqfnwnw2xk8kjraiywz4lrss6jb"; type = "gem"; }; - version = "0.10.2"; + version = "0.12.3"; }; - sinatra = { - dependencies = ["rack" "rack-protection" "tilt"]; + simplecov_json_formatter = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0byxzl7rx3ki0xd7aiv1x8mbah7hzd8f81l65nq8857kmgzj1jqq"; + sha256 = "0cl3j7p3b5q7sxsx1va63c8imc5x6g99xablz08qrmqhpi0d6g6j"; type = "gem"; }; - version = "1.4.8"; + version = "0.1.2"; + }; + sinatra = { + dependencies = ["mustermann" "rack" "rack-protection" "tilt"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dd53rzpkxgs697pycbhhgc9vcnxra4ly4xar8ni6aiydx2f88zk"; + type = "gem"; + }; + version = "2.1.0"; }; slather = { dependencies = ["CFPropertyList" "activesupport" "clamp" "nokogiri" "xcodeproj"]; @@ -2379,30 +2326,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0v4wll10mwmynj2v2g71kgr1psck3qglhz2mnrw2n281v30jxyyn"; + sha256 = "0nqyam74izmbczwb406bsmgdzjz5r91d4lywlvdbxx5sl4g4256a"; type = "gem"; }; - version = "2.4.7"; + version = "2.6.0"; }; slop = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0hv64fpbdwyswqhnq8bia66vlsz72yjqm00lvlhh4dnjjivdjcy5"; + sha256 = "05d1xv8r9cmd0mmlqpa853yzd7xhcyha063w1g8dpf84scxbxmd3"; type = "gem"; }; - version = "4.7.0"; + version = "4.8.2"; }; snappy = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00zzs25sm78zs3rifc02z54cp3f03r9dq5ilzykyq1ykvbv65vw4"; + sha256 = "1x0r1dnavg3skyp7b1nkiwd5qrrkvp9zwgfls3i2rzybq8ahx4lb"; type = "gem"; }; - version = "0.0.17"; + version = "0.1.0"; }; sprockets = { dependencies = ["concurrent-ruby" "rack"]; @@ -2410,10 +2357,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jm37zpvvm1arxjwrd6am0wrdbfhrhc5y0l4p2i3p11z04bsvgap"; + sha256 = "0ikgwbl6jv3frfiy3xhg5yxw9d0064rgzghar1rg391xmrc4gm38"; type = "gem"; }; - version = "4.0.0"; + version = "4.0.2"; }; sprockets-rails = { dependencies = ["actionpack" "activesupport" "sprockets"]; @@ -2421,10 +2368,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ab42pm8p5zxpv3sfraq45b9lj39cz9mrpdirm30vywzrwwkm5p1"; + sha256 = "0mwmz36265646xqfyczgr1mhkm1hfxgxxvgdgr4xfcbf2g72p1k2"; type = "gem"; }; - version = "3.2.1"; + version = "3.2.2"; }; sqlite3 = { groups = ["default"]; @@ -2441,10 +2388,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0r8g7zdncc6243d000jn0grc1n70rn9mx16vggy3q7c4wgsa37xi"; + sha256 = "1g7398sn8syybz3nbf3dqwa8q8v3s3s444i24xl5q9pzx4g4nkf1"; type = "gem"; }; - version = "0.7.1"; + version = "1.0.1"; }; terminal-table = { dependencies = ["unicode-display_width"]; @@ -2482,10 +2429,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02p107kwx7jnkh6fpdgvaji0xdg6xkaarngkqjml6s4zny4m8slv"; + sha256 = "08076cmdx0g51yrkd7dlxlr45nflink3jhdiq7006ljc2pc3212q"; type = "gem"; }; - version = "0.11.0.0"; + version = "0.13.0"; }; tilt = { groups = ["default"]; @@ -2502,10 +2449,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0z2n1qwad86zkcmmq883bw8rgidjsqjphrbqf1mwyfi5y22jhxfp"; + sha256 = "0hy3kbcb6nwydy312rhjm4b30yavmayszzzyjpfdv6p0s8d9mfvb"; type = "gem"; }; - version = "2.1.2"; + version = "2.1.3"; }; treetop = { dependencies = ["polyglot"]; @@ -2513,10 +2460,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0g31pijhnv7z960sd09lckmw9h8rs3wmc8g4ihmppszxqm99zpv7"; + sha256 = "0697qz1akblf8r3wi0s2dsjh468hfsd57fb0mrp93z35y2ni6bhh"; type = "gem"; }; - version = "1.6.10"; + version = "1.6.11"; }; typhoeus = { dependencies = ["ethon"]; @@ -2524,10 +2471,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cni8b1idcp0dk8kybmxydadhfpaj3lbs99w5kjibv8bsmip2zi5"; + sha256 = "1m22yrkmbj81rzhlny81j427qdvz57yk5wbcf3km0nf3bl6qiygz"; type = "gem"; }; - version = "1.3.1"; + version = "1.4.0"; }; tzinfo = { dependencies = ["thread_safe"]; @@ -2535,10 +2482,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04f18jdv6z3zn3va50rqq35nj3izjpb72fnf21ixm7vanq6nc4fp"; + sha256 = "0skr6ih9cr3pwp8l84f0z7fy3q9kiq8hw0sg3zqw0hpbbyj05743"; type = "gem"; }; - version = "1.2.6"; + version = "1.2.8"; }; unf = { dependencies = ["unf_ext"]; @@ -2556,20 +2503,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ll6w64ibh81qwvjx19h8nj7mngxgffg7aigjx11klvf5k2g4nxf"; + sha256 = "0wc47r23h063l8ysws8sy24gzh74mks81cak3lkzlrw4qkqb3sg4"; type = "gem"; }; - version = "0.0.7.6"; + version = "0.0.7.7"; }; unicode-display_width = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08kfiniak1pvg3gn5k6snpigzvhvhyg7slmm0s2qx5zkj62c1z2w"; + sha256 = "06i3id27s60141x6fdnjn5rar1cywdwy64ilc59cz937303q3mna"; type = "gem"; }; - version = "1.6.0"; + version = "1.7.0"; }; uuid4r = { groups = ["default"]; @@ -2581,15 +2528,36 @@ }; version = "0.2.0"; }; + websocket-driver = { + dependencies = ["websocket-extensions"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1i3rs4kcj0jba8idxla3s6xd1xfln3k8b4cb1dik2lda3ifnp3dh"; + type = "gem"; + }; + version = "0.7.3"; + }; + websocket-extensions = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0hc2g9qps8lmhibl5baa91b4qx8wqw872rgwagml78ydj8qacsqw"; + type = "gem"; + }; + version = "0.1.5"; + }; whois = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "177qbah62yhy2q7znlrs49jwabw7vpd9frv6hw6mm0bxj5fn7prg"; + sha256 = "0ch19amq0spj5dc240mv6s8hh245w7nis2h070qr3jm15r4jb21m"; type = "gem"; }; - version = "5.0.0"; + version = "5.0.1"; }; xcodeproj = { dependencies = ["CFPropertyList" "atomos" "claide" "colored2" "nanaimo"]; @@ -2597,10 +2565,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1h9iba53mrb663qdqzpfbdwkwzqv7hndd0df71yr2kj2hzwjmkvb"; + sha256 = "1411j6sfnz0cx4fiw52f0yqx4bgcn8cmpgi3i5rwmmahayyjz2fn"; type = "gem"; }; - version = "1.14.0"; + version = "1.19.0"; }; xctasks = { dependencies = ["nokogiri" "rake"]; @@ -2618,10 +2586,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rxqwry3h2hjz069f0kfr140wgx1khgljnqf112dk5x9rm4l0xny"; + sha256 = "126m49mvh4lbvlvrprq7xj2vjixbq3xqr8dwr089vadvs0rkn4rd"; type = "gem"; }; - version = "0.9.20"; + version = "0.9.25"; + }; + zeitwerk = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1746czsjarixq0x05f7p3hpzi38ldg6wxnxxw74kbjzh1sdjgmpl"; + type = "gem"; + }; + version = "2.4.2"; }; ZenTest = { groups = ["default"]; From c56fbe4e095ee71e557b56993c591088bc3d2118 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 8 Dec 2020 12:10:47 +0100 Subject: [PATCH 047/120] buildFhsUserenv: don't downgrade root user --- .../build-fhs-userenv/chrootenv/chrootenv.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c b/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c index dcb2e97aa932..a438b80e1829 100644 --- a/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c +++ b/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c @@ -43,6 +43,7 @@ const gchar *create_tmpdir() { void pivot_host(const gchar *guest) { g_autofree gchar *point = g_build_filename(guest, "host", NULL); fail_if(g_mkdir(point, 0755)); + fail_if(mount(0, "/", 0, MS_PRIVATE | MS_REC, 0)); fail_if(pivot_root(guest, point)); } @@ -56,6 +57,7 @@ void bind_mount_item(const gchar *host, const gchar *guest, const gchar *name) { void bind(const gchar *host, const gchar *guest) { mount_tmpfs(guest); + pivot_host(guest); g_autofree gchar *host_dir = g_build_filename("/host", host, NULL); @@ -105,7 +107,11 @@ int main(gint argc, gchar **argv) { uid_t uid = getuid(); gid_t gid = getgid(); - if (unshare(CLONE_NEWNS | CLONE_NEWUSER) < 0) { + int namespaces = CLONE_NEWNS; + if (uid != 0) { + namespaces |= CLONE_NEWUSER; + } + if (unshare(namespaces) < 0) { int unshare_errno = errno; g_message("Requires Linux version >= 3.19 built with CONFIG_USER_NS"); @@ -116,9 +122,11 @@ int main(gint argc, gchar **argv) { fail("unshare", unshare_errno); } - spit("/proc/self/setgroups", "deny"); - spit("/proc/self/uid_map", "%d %d 1", uid, uid); - spit("/proc/self/gid_map", "%d %d 1", gid, gid); + if (uid != 0) { + spit("/proc/self/setgroups", "deny"); + spit("/proc/self/uid_map", "%d %d 1", uid, uid); + spit("/proc/self/gid_map", "%d %d 1", gid, gid); + } // If there is a /host directory, assume this is nested chrootenv and use it as host instead. gboolean nested_host = g_file_test("/host", G_FILE_TEST_EXISTS | G_FILE_TEST_IS_DIR); From 330218e69abaec3377cfe6537827542610a18069 Mon Sep 17 00:00:00 2001 From: h0m1 Date: Tue, 19 Nov 2019 20:41:56 +0100 Subject: [PATCH 048/120] stage-1: create temporary secrets directory in /tmp and not in cwd --- nixos/modules/system/boot/stage-1.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index 86bfde6349c3..e133a357bb76 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -366,7 +366,7 @@ let } trap cleanup EXIT - tmp=$(mktemp -d initrd-secrets.XXXXXXXXXX) + tmp=$(mktemp -d ''${TMPDIR:-/tmp}/initrd-secrets.XXXXXXXXXX) ${lib.concatStringsSep "\n" (mapAttrsToList (dest: source: let source' = if source == null then dest else toString source; in From 1024571d35ac1d3329e8475c7b5e78c345230dab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 7 Dec 2020 20:59:03 +0100 Subject: [PATCH 049/120] nixos/nscd: start in early boot Services that have dynamic users require nscd to resolve users via pam_systemd. Those services might not even create their own dynamic users itself i.e. iptables. To make sure nscd is always started when this is happening we move nscd to sysinit.target and make sure that it is always started before starting/reloading/restarting any other service. --- nixos/modules/services/system/nscd.nix | 41 +++++++++++-------- .../activation/switch-to-configuration.pl | 11 ++++- 2 files changed, 35 insertions(+), 17 deletions(-) diff --git a/nixos/modules/services/system/nscd.nix b/nixos/modules/services/system/nscd.nix index d720f254b813..43b05c5b14d1 100644 --- a/nixos/modules/services/system/nscd.nix +++ b/nixos/modules/services/system/nscd.nix @@ -50,10 +50,20 @@ in systemd.services.nscd = { description = "Name Service Cache Daemon"; - wantedBy = [ "nss-lookup.target" "nss-user-lookup.target" ]; - environment = { LD_LIBRARY_PATH = nssModulesPath; }; + # We need system users to be resolveable in late-boot. nscd is the proxy between + # nss-modules in NixOS and thus if you have nss-modules providing system users + # (e.g. when using DynamicUser) then nscd needs to be available before late-boot is ready + # We add a dependency of sysinit.target to nscd to ensure + # these units are started after nscd is fully started. + unitConfig.DefaultDependencies = false; + wantedBy = [ "sysinit.target" ]; + before = [ "sysinit.target" "shutdown.target" ]; + conflicts = [ "shutdown.target" ]; + wants = [ "local-fs.target" ]; + after = [ "local-fs.target" ]; + restartTriggers = [ config.environment.etc.hosts.source config.environment.etc."nsswitch.conf".source @@ -66,20 +76,19 @@ in # privileges after all the NSS modules have read their configuration # files. So prefix the ExecStart command with "!" to prevent systemd # from dropping privileges early. See ExecStart in systemd.service(5). - serviceConfig = - { ExecStart = "!@${nscd}/sbin/nscd nscd"; - Type = "forking"; - DynamicUser = true; - RuntimeDirectory = "nscd"; - PIDFile = "/run/nscd/nscd.pid"; - Restart = "always"; - ExecReload = - [ "${nscd}/sbin/nscd --invalidate passwd" - "${nscd}/sbin/nscd --invalidate group" - "${nscd}/sbin/nscd --invalidate hosts" - ]; - }; + serviceConfig = { + ExecStart = "!@${nscd}/sbin/nscd nscd"; + Type = "forking"; + DynamicUser = true; + RuntimeDirectory = "nscd"; + PIDFile = "/run/nscd/nscd.pid"; + Restart = "always"; + ExecReload = [ + "${nscd}/sbin/nscd --invalidate passwd" + "${nscd}/sbin/nscd --invalidate group" + "${nscd}/sbin/nscd --invalidate hosts" + ]; + }; }; - }; } diff --git a/nixos/modules/system/activation/switch-to-configuration.pl b/nixos/modules/system/activation/switch-to-configuration.pl index b82d69b3bb85..c774be2ec542 100644 --- a/nixos/modules/system/activation/switch-to-configuration.pl +++ b/nixos/modules/system/activation/switch-to-configuration.pl @@ -346,10 +346,11 @@ sub filterUnits { return @res; } +my $startNscd = delete $unitsToStart{"nscd.service"}; + my @unitsToStopFiltered = filterUnits(\%unitsToStop); my @unitsToStartFiltered = filterUnits(\%unitsToStart); - # Show dry-run actions. if ($action eq "dry-activate") { print STDERR "would stop the following units: ", join(", ", @unitsToStopFiltered), "\n" @@ -359,6 +360,7 @@ if ($action eq "dry-activate") { print STDERR "would restart systemd\n" if $restartSystemd; print STDERR "would restart the following units: ", join(", ", sort(keys %unitsToRestart)), "\n" if scalar(keys %unitsToRestart) > 0; + print STDERR "would start nscd\n" if $startNscd; print STDERR "would start the following units: ", join(", ", @unitsToStartFiltered), "\n" if scalar @unitsToStartFiltered; print STDERR "would reload the following units: ", join(", ", sort(keys %unitsToReload)), "\n" @@ -418,6 +420,13 @@ close $listActiveUsers; print STDERR "setting up tmpfiles\n"; system("@systemd@/bin/systemd-tmpfiles", "--create", "--remove", "--exclude-prefix=/dev") == 0 or $res = 3; +# We need to start nscd before any other service, since they might need +# to resolve users/groups only exposed by nss modules (i.e. DynamicUser via nss_systemd) +if ($startNscd) { + print STDERR "starting nscd\n"; + system("@systemd@/bin/systemctl", "start", "nscd.service") == 0 or $res = 4; +} + # Reload units that need it. This includes remounting changed mount # units. if (scalar(keys %unitsToReload) > 0) { From 54f104bf25cefd2bc3c132e36d8b536232526c7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 17 Dec 2020 16:57:52 +0100 Subject: [PATCH 050/120] python3.pkgs.keystone: init at 0.9.2 This is used in a couple of reverse engineering tools i.e. [gef](https://github.com/hugsy/gef). --- .../python-modules/keystone/default.nix | 16 ++++++++++++++++ pkgs/top-level/python-packages.nix | 4 ++++ 2 files changed, 20 insertions(+) create mode 100644 pkgs/development/python-modules/keystone/default.nix diff --git a/pkgs/development/python-modules/keystone/default.nix b/pkgs/development/python-modules/keystone/default.nix new file mode 100644 index 000000000000..c98af6ea4d7d --- /dev/null +++ b/pkgs/development/python-modules/keystone/default.nix @@ -0,0 +1,16 @@ +{ lib +, buildPythonPackage +, keystone +}: + +buildPythonPackage rec { + inherit (keystone) pname src version buildInputs nativeBuildInputs; + + dontUseCmakeConfigure = 1; + preBuild = "cd bindings/python"; + + meta = with lib; { + inherit (keystone.meta) description license homepage; + maintainers = [ maintainers.mic92 ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 46ebc85dd008..0e0e075171e0 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3308,6 +3308,10 @@ in { keyrings-alt = callPackage ../development/python-modules/keyrings-alt { }; + keystone = callPackage ../development/python-modules/keystone { + inherit (pkgs) keystone; + }; + keyutils = callPackage ../development/python-modules/keyutils { inherit (pkgs) keyutils; }; kicad = disabledIf isPy27 (toPythonModule (pkgs.kicad.override { python3 = python; }).src); From 35c4d1d0795ed02cec20849765a00db1475ff241 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 17 Dec 2020 21:51:10 +0100 Subject: [PATCH 051/120] texlive: use python3 by default There is one python helper script still written for: Utility for writing Bengali in Rapid Roman Format. But this one does not seem super relevant --- pkgs/tools/typesetting/tex/texlive/bin.nix | 6 +++--- pkgs/tools/typesetting/tex/texlive/combine.nix | 2 +- pkgs/tools/typesetting/tex/texlive/default.nix | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/pkgs/tools/typesetting/tex/texlive/bin.nix b/pkgs/tools/typesetting/tex/texlive/bin.nix index 030ac1b43aae..4df486a25117 100644 --- a/pkgs/tools/typesetting/tex/texlive/bin.nix +++ b/pkgs/tools/typesetting/tex/texlive/bin.nix @@ -2,7 +2,7 @@ , texlive , zlib, libiconv, libpng, libX11 , freetype, gd, libXaw, icu, ghostscript, libXpm, libXmu, libXext -, perl, perlPackages, python2Packages, pkgconfig +, perl, perlPackages, python3Packages, pkgconfig , poppler, libpaper, graphite2, zziplib, harfbuzz, potrace, gmp, mpfr , brotli, cairo, pixman, xorg, clisp, biber, woff2, xxHash , makeWrapper, shortenPerlShebang @@ -321,13 +321,13 @@ latexindent = perlPackages.buildPerlPackage rec { }; -pygmentex = python2Packages.buildPythonApplication rec { +pygmentex = python3Packages.buildPythonApplication rec { pname = "pygmentex"; inherit (src) version; src = stdenv.lib.head (builtins.filter (p: p.tlType == "run") texlive.pygmentex.pkgs); - propagatedBuildInputs = with python2Packages; [ pygments chardet ]; + propagatedBuildInputs = with python3Packages; [ pygments chardet ]; dontBuild = true; diff --git a/pkgs/tools/typesetting/tex/texlive/combine.nix b/pkgs/tools/typesetting/tex/texlive/combine.nix index 0625fe16090a..33633433575b 100644 --- a/pkgs/tools/typesetting/tex/texlive/combine.nix +++ b/pkgs/tools/typesetting/tex/texlive/combine.nix @@ -27,7 +27,7 @@ let [ "de-macro" "pythontex" "dviasm" "texliveonfly" ]; pkgNeedsRuby = pkg: pkg.tlType == "run" && pkg.pname == "match-parens"; extraInputs = - lib.optional (lib.any pkgNeedsPython splitBin.wrong) python + lib.optional (lib.any pkgNeedsPython splitBin.wrong) python3 ++ lib.optional (lib.any pkgNeedsRuby splitBin.wrong) ruby; }; diff --git a/pkgs/tools/typesetting/tex/texlive/default.nix b/pkgs/tools/typesetting/tex/texlive/default.nix index c2e6399ab864..0c7dadc150b0 100644 --- a/pkgs/tools/typesetting/tex/texlive/default.nix +++ b/pkgs/tools/typesetting/tex/texlive/default.nix @@ -4,7 +4,7 @@ */ { stdenv, lib, fetchurl, runCommand, writeText, buildEnv , callPackage, ghostscriptX, harfbuzz, poppler_min -, makeWrapper, python, ruby, perl +, makeWrapper, python3, ruby, perl , useFixedHashes ? true , recurseIntoAttrs }: @@ -25,7 +25,7 @@ let # function for creating a working environment from a set of TL packages combine = import ./combine.nix { inherit bin combinePkgs buildEnv lib makeWrapper writeText - stdenv python ruby perl; + stdenv python3 ruby perl; ghostscript = ghostscriptX; # could be without X, probably, but we use X above }; @@ -110,7 +110,7 @@ let #"ftp://tug.org/texlive/historic/2019/tlnet-final/archive" # Daily snapshots hosted by one of the texlive release managers - https://texlive.info/tlnet-archive/2020/10/09/tlnet/archive + "https://texlive.info/tlnet-archive/2020/10/09/tlnet/archive" ]; src = fetchurl { inherit urls sha512; }; From 88665763001b1e3b2a7bce8b4c89f2d94c5fead1 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 11 Sep 2020 07:46:59 +0200 Subject: [PATCH 052/120] nixos/tor: improve type-checking and hardening Fixes #77395. Fixes #82790. --- nixos/modules/services/networking/privoxy.nix | 7 +- nixos/modules/services/security/tor.nix | 1392 ++++++++++------- nixos/tests/tor.nix | 2 +- pkgs/tools/security/tor/default.nix | 16 + 4 files changed, 851 insertions(+), 566 deletions(-) diff --git a/nixos/modules/services/networking/privoxy.nix b/nixos/modules/services/networking/privoxy.nix index e3b34cb0c616..7caae3282032 100644 --- a/nixos/modules/services/networking/privoxy.nix +++ b/nixos/modules/services/networking/privoxy.nix @@ -16,7 +16,7 @@ let ${concatMapStrings (f: "actionsfile ${f}\n") cfg.actionsFiles} ${concatMapStrings (f: "filterfile ${f}\n") cfg.filterFiles} '' + optionalString cfg.enableTor '' - forward-socks4a / ${config.services.tor.client.socksListenAddressFaster} . + forward-socks5t / 127.0.0.1:9063 . toggle 1 enable-remote-toggle 0 enable-edit-actions 0 @@ -123,6 +123,11 @@ in serviceConfig.ProtectSystem = "full"; }; + services.tor.settings.SOCKSPort = mkIf cfg.enableTor [ + # Route HTTP traffic over a faster port (without IsolateDestAddr). + { addr = "127.0.0.1"; port = 9063; IsolateDestAddr = false; } + ]; + }; meta.maintainers = with lib.maintainers; [ rnhmjoj ]; diff --git a/nixos/modules/services/security/tor.nix b/nixos/modules/services/security/tor.nix index 1cceee065b1b..ececb633983c 100644 --- a/nixos/modules/services/security/tor.nix +++ b/nixos/modules/services/security/tor.nix @@ -1,297 +1,300 @@ { config, lib, pkgs, ... }: +with builtins; with lib; let cfg = config.services.tor; - torDirectory = "/var/lib/tor"; - torRunDirectory = "/run/tor"; - - opt = name: value: optionalString (value != null) "${name} ${value}"; - optint = name: value: optionalString (value != null && value != 0) "${name} ${toString value}"; - - isolationOptions = { - type = types.listOf (types.enum [ - "IsolateClientAddr" - "IsolateSOCKSAuth" - "IsolateClientProtocol" - "IsolateDestPort" - "IsolateDestAddr" + stateDir = "/var/lib/tor"; + runDir = "/run/tor"; + descriptionGeneric = option: '' + See torrc manual. + ''; + bindsPrivilegedPort = + any (p0: + let p1 = if p0 ? "port" then p0.port else p0; in + if p1 == "auto" then false + else let p2 = if isInt p1 then p1 else toInt p1; in + p1 != null && 0 < p2 && p2 < 1024) + (flatten [ + cfg.settings.ORPort + cfg.settings.DirPort + cfg.settings.DNSPort + cfg.settings.ExtORPort + cfg.settings.HTTPTunnelPort + cfg.settings.NATDPort + cfg.settings.SOCKSPort + cfg.settings.TransPort ]); + optionBool = optionName: mkOption { + type = with types; nullOr bool; + default = null; + description = descriptionGeneric optionName; + }; + optionInt = optionName: mkOption { + type = with types; nullOr int; + default = null; + description = descriptionGeneric optionName; + }; + optionString = optionName: mkOption { + type = with types; nullOr str; + default = null; + description = descriptionGeneric optionName; + }; + optionStrings = optionName: mkOption { + type = with types; listOf str; default = []; - example = [ - "IsolateClientAddr" - "IsolateSOCKSAuth" - "IsolateClientProtocol" - "IsolateDestPort" - "IsolateDestAddr" + description = descriptionGeneric optionName; + }; + optionAddress = mkOption { + type = with types; nullOr str; + default = null; + example = "0.0.0.0"; + description = '' + IPv4 or IPv6 (if between brackets) address. + ''; + }; + optionUnix = mkOption { + type = with types; nullOr path; + default = null; + description = '' + Unix domain socket path to use. + ''; + }; + optionPort = mkOption { + type = with types; nullOr (oneOf [port (enum ["auto"])]); + default = null; + }; + optionPorts = optionName: mkOption { + type = with types; listOf port; + default = []; + description = descriptionGeneric optionName; + }; + optionIsolablePort = with types; oneOf [ + port (enum ["auto"]) + (submodule ({config, ...}: { + options = { + addr = optionAddress; + port = optionPort; + flags = optionFlags; + SessionGroup = mkOption { type = nullOr int; default = null; }; + } // genAttrs isolateFlags (name: mkOption { type = types.bool; default = false; }); + config = { + flags = filter (name: config.${name} == true) isolateFlags ++ + optional (config.SessionGroup != null) "SessionGroup=${toString config.SessionGroup}"; + }; + })) + ]; + optionIsolablePorts = optionName: mkOption { + default = []; + type = with types; either optionIsolablePort (listOf optionIsolablePort); + description = descriptionGeneric optionName; + }; + isolateFlags = [ + "IsolateClientAddr" + "IsolateClientProtocol" + "IsolateDestAddr" + "IsolateDestPort" + "IsolateSOCKSAuth" + "KeepAliveIsolateSOCKSAuth" + ]; + optionSOCKSPort = doConfig: let + flags = [ + "CacheDNS" "CacheIPv4DNS" "CacheIPv6DNS" "GroupWritable" "IPv6Traffic" + "NoDNSRequest" "NoIPv4Traffic" "NoOnionTraffic" "OnionTrafficOnly" + "PreferIPv6" "PreferIPv6Automap" "PreferSOCKSNoAuth" "UseDNSCache" + "UseIPv4Cache" "UseIPv6Cache" "WorldWritable" + ] ++ isolateFlags; + in with types; oneOf [ + port (submodule ({config, ...}: { + options = { + unix = optionUnix; + addr = optionAddress; + port = optionPort; + flags = optionFlags; + SessionGroup = mkOption { type = nullOr int; default = null; }; + } // genAttrs flags (name: mkOption { type = types.bool; default = false; }); + config = mkIf doConfig { # Only add flags in SOCKSPort to avoid duplicates + flags = filter (name: config.${name} == true) flags ++ + optional (config.SessionGroup != null) "SessionGroup=${toString config.SessionGroup}"; + }; + })) ]; - description = "Tor isolation options"; + optionFlags = mkOption { + type = with types; listOf str; + default = []; + }; + optionORPort = optionName: mkOption { + default = []; + example = 443; + type = with types; oneOf [port (enum ["auto"]) (listOf (oneOf [ + port + (enum ["auto"]) + (submodule ({config, ...}: + let flags = [ "IPv4Only" "IPv6Only" "NoAdvertise" "NoListen" ]; + in { + options = { + addr = optionAddress; + port = optionPort; + flags = optionFlags; + } // genAttrs flags (name: mkOption { type = types.bool; default = false; }); + config = { + flags = filter (name: config.${name} == true) flags; + }; + })) + ]))]; + description = descriptionGeneric optionName; + }; + optionBandwith = optionName: mkOption { + type = with types; nullOr (either int str); + default = null; + description = descriptionGeneric optionName; + }; + optionPath = optionName: mkOption { + type = with types; nullOr path; + default = null; + description = descriptionGeneric optionName; }; - - torRc = '' - User tor - DataDirectory ${torDirectory} - ${optionalString cfg.enableGeoIP '' - GeoIPFile ${cfg.package.geoip}/share/tor/geoip - GeoIPv6File ${cfg.package.geoip}/share/tor/geoip6 - ''} - - ${optint "ControlPort" cfg.controlPort} - ${optionalString cfg.controlSocket.enable "ControlPort unix:${torRunDirectory}/control GroupWritable RelaxDirModeCheck"} - '' - # Client connection config - + optionalString cfg.client.enable '' - SOCKSPort ${cfg.client.socksListenAddress} ${toString cfg.client.socksIsolationOptions} - SOCKSPort ${cfg.client.socksListenAddressFaster} - ${opt "SocksPolicy" cfg.client.socksPolicy} - - ${optionalString cfg.client.transparentProxy.enable '' - TransPort ${cfg.client.transparentProxy.listenAddress} ${toString cfg.client.transparentProxy.isolationOptions} - ''} - - ${optionalString cfg.client.dns.enable '' - DNSPort ${cfg.client.dns.listenAddress} ${toString cfg.client.dns.isolationOptions} - AutomapHostsOnResolve 1 - AutomapHostsSuffixes ${concatStringsSep "," cfg.client.dns.automapHostsSuffixes} - ''} - '' - # Explicitly disable the SOCKS server if the client is disabled. In - # particular, this makes non-anonymous hidden services possible. - + optionalString (! cfg.client.enable) '' - SOCKSPort 0 - '' - # Relay config - + optionalString cfg.relay.enable '' - ORPort ${toString cfg.relay.port} - ${opt "Address" cfg.relay.address} - ${opt "Nickname" cfg.relay.nickname} - ${opt "ContactInfo" cfg.relay.contactInfo} - - ${optint "RelayBandwidthRate" cfg.relay.bandwidthRate} - ${optint "RelayBandwidthBurst" cfg.relay.bandwidthBurst} - ${opt "AccountingMax" cfg.relay.accountingMax} - ${opt "AccountingStart" cfg.relay.accountingStart} - - ${if (cfg.relay.role == "exit") then - opt "ExitPolicy" cfg.relay.exitPolicy - else - "ExitPolicy reject *:*"} - - ${optionalString (elem cfg.relay.role ["bridge" "private-bridge"]) '' - BridgeRelay 1 - ServerTransportPlugin ${concatStringsSep "," cfg.relay.bridgeTransports} exec ${pkgs.obfs4}/bin/obfs4proxy managed - ExtORPort auto - ${optionalString (cfg.relay.role == "private-bridge") '' - ExtraInfoStatistics 0 - PublishServerDescriptor 0 - ''} - ''} - '' - # Hidden services - + concatStrings (flip mapAttrsToList cfg.hiddenServices (n: v: '' - HiddenServiceDir ${torDirectory}/onion/${v.name} - ${optionalString (v.version != null) "HiddenServiceVersion ${toString v.version}"} - ${flip concatMapStrings v.map (p: '' - HiddenServicePort ${toString p.port} ${p.destination} - '')} - ${optionalString (v.authorizeClient != null) '' - HiddenServiceAuthorizeClient ${v.authorizeClient.authType} ${concatStringsSep "," v.authorizeClient.clientNames} - ''} - '')) - + cfg.extraConfig; - - torRcFile = pkgs.writeText "torrc" torRc; - + mkValueString = k: v: + if v == null then "" + else if isBool v then + (if v then "1" else "0") + else if v ? "unix" && v.unix != null then + "unix:"+v.unix + + optionalString (v ? "flags") (" " + concatStringsSep " " v.flags) + else if v ? "port" && v.port != null then + optionalString (v ? "addr" && v.addr != null) "${v.addr}:" + + toString v.port + + optionalString (v ? "flags") (" " + concatStringsSep " " v.flags) + else if k == "ServerTransportPlugin" then + optionalString (v.transports != []) "${concatStringsSep "," v.transports} exec ${v.exec}" + else if k == "HidServAuth" then + concatMapStringsSep "\n${k} " (settings: settings.onion + " " settings.auth) v + else generators.mkValueStringDefault {} v; + genTorrc = settings: + generators.toKeyValue { + listsAsDuplicateKeys = true; + mkKeyValue = k: generators.mkKeyValueDefault { mkValueString = mkValueString k; } " " k; + } + (lib.mapAttrs (k: v: + # Not necesssary, but prettier rendering + if elem k [ "AutomapHostsSuffixes" "DirPolicy" "ExitPolicy" "SocksPolicy" ] + && v != [] + then concatStringsSep "," v + else v) + (lib.filterAttrs (k: v: !(v == null || v == "")) + settings)); + torrc = pkgs.writeText "torrc" ( + genTorrc cfg.settings + + concatStrings (mapAttrsToList (name: onion: + "HiddenServiceDir ${onion.path}\n" + + genTorrc onion.settings) cfg.relay.onionServices) + ); in { imports = [ - (mkRemovedOptionModule [ "services" "tor" "client" "privoxy" "enable" ] '' - Use services.privoxy.enable and services.privoxy.enableTor instead. - '') - (mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "relay" "port" ]) + (mkRenamedOptionModule [ "services" "tor" "client" "dns" "automapHostsSuffixes" ] [ "services" "tor" "settings" "AutomapHostsSuffixes" ]) + (mkRemovedOptionModule [ "services" "tor" "client" "dns" "isolationOptions" ] "Use services.tor.settings.DNSPort instead.") + (mkRemovedOptionModule [ "services" "tor" "client" "dns" "listenAddress" ] "Use services.tor.settings.DNSPort instead.") + (mkRemovedOptionModule [ "services" "tor" "client" "privoxy" "enable" ] "Use services.privoxy.enable and services.privoxy.enableTor instead.") + (mkRemovedOptionModule [ "services" "tor" "client" "socksIsolationOptions" ] "Use services.tor.settings.SOCKSPort instead.") + (mkRemovedOptionModule [ "services" "tor" "client" "socksListenAddressFaster" ] "Use services.tor.settings.SOCKSPort instead.") + (mkRenamedOptionModule [ "services" "tor" "client" "socksPolicy" ] [ "services" "tor" "settings" "SocksPolicy" ]) + (mkRemovedOptionModule [ "services" "tor" "client" "transparentProxy" "isolationOptions" ] "Use services.tor.settings.TransPort instead.") + (mkRemovedOptionModule [ "services" "tor" "client" "transparentProxy" "listenAddress" ] "Use services.tor.settings.TransPort instead.") + (mkRenamedOptionModule [ "services" "tor" "controlPort" ] [ "services" "tor" "settings" "ControlPort" ]) + (mkRemovedOptionModule [ "services" "tor" "extraConfig" ] "Plese use services.tor.settings instead.") + (mkRenamedOptionModule [ "services" "tor" "hiddenServices" ] [ "services" "tor" "relay" "onionServices" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "accountingMax" ] [ "services" "tor" "settings" "AccountingMax" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "accountingStart" ] [ "services" "tor" "settings" "AccountingStart" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "address" ] [ "services" "tor" "settings" "Address" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "bandwidthBurst" ] [ "services" "tor" "settings" "BandwidthBurst" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "bandwidthRate" ] [ "services" "tor" "settings" "BandwidthRate" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "bridgeTransports" ] [ "services" "tor" "settings" "ServerTransportPlugin" "transports" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "contactInfo" ] [ "services" "tor" "settings" "ContactInfo" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "exitPolicy" ] [ "services" "tor" "settings" "ExitPolicy" ]) (mkRemovedOptionModule [ "services" "tor" "relay" "isBridge" ] "Use services.tor.relay.role instead.") (mkRemovedOptionModule [ "services" "tor" "relay" "isExit" ] "Use services.tor.relay.role instead.") + (mkRenamedOptionModule [ "services" "tor" "relay" "nickname" ] [ "services" "tor" "settings" "Nickname" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "port" ] [ "services" "tor" "settings" "ORPort" ]) + (mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "settings" "ORPort" ]) ]; options = { services.tor = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - Enable the Tor daemon. By default, the daemon is run without - relay, exit, bridge or client connectivity. - ''; - }; + enable = mkEnableOption ''Tor daemon. + By default, the daemon is run without + relay, exit, bridge or client connectivity''; + + openFirewall = mkEnableOption "opening of the relay port(s) in the firewall"; package = mkOption { type = types.package; default = pkgs.tor; defaultText = "pkgs.tor"; example = literalExample "pkgs.tor"; - description = '' - Tor package to use - ''; + description = "Tor package to use."; }; - enableGeoIP = mkOption { - type = types.bool; - default = true; - description = '' - Whenever to configure Tor daemon to use GeoIP databases. + enableGeoIP = mkEnableOption ''use of GeoIP databases. + Disabling this will disable by-country statistics for bridges and relays + and some client and third-party software functionality'' // { default = true; }; - Disabling this will disable by-country statistics for - bridges and relays and some client and third-party software - functionality. - ''; - }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - description = '' - Extra configuration. Contents will be added verbatim to the - configuration file at the end. - ''; - }; - - controlPort = mkOption { - type = types.nullOr (types.either types.int types.str); - default = null; - example = 9051; - description = '' - If set, Tor will accept connections on the specified port - and allow them to control the tor process. - ''; - }; - - controlSocket = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable Tor control socket. Control socket is created - in ${torRunDirectory}/control - ''; - }; - }; + controlSocket.enable = mkEnableOption ''control socket, + created in ${runDir}/control''; client = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable Tor daemon to route application - connections. You might want to disable this if you plan - running a dedicated Tor relay. - ''; - }; + enable = mkEnableOption ''the routing of application connections. + You might want to disable this if you plan running a dedicated Tor relay''; + + transparentProxy.enable = mkEnableOption "transparent proxy"; + dns.enable = mkEnableOption "DNS resolver"; socksListenAddress = mkOption { - type = types.str; - default = "127.0.0.1:9050"; - example = "192.168.0.1:9100"; + type = optionSOCKSPort false; + default = {addr = "127.0.0.1"; port = 9050; IsolateDestAddr = true;}; + example = {addr = "192.168.0.1"; port = 9090; IsolateDestAddr = true;}; description = '' Bind to this address to listen for connections from - Socks-speaking applications. Provides strong circuit - isolation, separate circuit per IP address. + Socks-speaking applications. ''; }; - socksListenAddressFaster = mkOption { - type = types.str; - default = "127.0.0.1:9063"; - example = "192.168.0.1:9101"; - description = '' - Bind to this address to listen for connections from - Socks-speaking applications. Same as - but uses weaker - circuit isolation to provide performance suitable for a - web browser. - ''; - }; - - socksPolicy = mkOption { - type = types.nullOr types.str; - default = null; - example = "accept 192.168.0.0/16, reject *"; - description = '' - Entry policies to allow/deny SOCKS requests based on IP - address. First entry that matches wins. If no SocksPolicy - is set, we accept all (and only) requests from - . - ''; - }; - - socksIsolationOptions = mkOption (isolationOptions // { - default = ["IsolateDestAddr"]; - }); - - transparentProxy = { - enable = mkOption { - type = types.bool; - default = false; - description = "Whether to enable tor transparent proxy"; - }; - - listenAddress = mkOption { - type = types.str; - default = "127.0.0.1:9040"; - example = "192.168.0.1:9040"; - description = '' - Bind transparent proxy to this address. - ''; - }; - - isolationOptions = mkOption isolationOptions; - }; - - dns = { - enable = mkOption { - type = types.bool; - default = false; - description = "Whether to enable tor dns resolver"; - }; - - listenAddress = mkOption { - type = types.str; - default = "127.0.0.1:9053"; - example = "192.168.0.1:9053"; - description = '' - Bind tor dns to this address. - ''; - }; - - isolationOptions = mkOption isolationOptions; - - automapHostsSuffixes = mkOption { - type = types.listOf types.str; - default = [".onion" ".exit"]; - example = [".onion"]; - description = "List of suffixes to use with automapHostsOnResolve"; + onionServices = mkOption { + description = descriptionGeneric "HiddenServiceDir"; + default = {}; + example = { + "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" = { + clientAuthorizations = ["/run/keys/tor/alice.prv.x25519"]; + }; }; + type = types.attrsOf (types.submodule ({name, config, ...}: { + options.clientAuthorizations = mkOption { + description = '' + Clients' authorizations for a v3 hidden service, + as a list of files containing each one private key, in the format: + descriptor:x25519:<base32-private-key> + '' + descriptionGeneric "_client_authorization"; + type = with types; listOf path; + default = []; + example = ["/run/keys/tor/alice.prv.x25519"]; + }; + })); }; }; relay = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable relaying TOR traffic for others. + enable = mkEnableOption ''relaying of Tor traffic for others. - See - for details. + See + for details. - Setting this to true requires setting - - and - - options. - ''; - }; + Setting this to true requires setting + + and + + options''; role = mkOption { type = types.enum [ "exit" "relay" "bridge" "private-bridge" ]; @@ -310,13 +313,13 @@ in Running an exit relay may expose you to abuse complaints. See - + for more info. You can specify which services Tor users may access via - your exit relay using option. + your exit relay using option. @@ -369,15 +372,14 @@ in WARNING: THE FOLLOWING PARAGRAPH IS NOT LEGAL ADVICE. - Consult with your lawer when in doubt. + Consult with your lawyer when in doubt. This role should be safe to use in most situations (unless the act of forwarding traffic for others is a punishable offence under your local laws, which - would be pretty insane as it would make ISP - illegal). + would be pretty insane as it would make ISP illegal). @@ -404,7 +406,7 @@ in Use this if you want to run a private bridge, for - example because you'll give out your bridge address + example because you'll give out your bridge addr manually to your friends. @@ -426,269 +428,393 @@ in ''; }; - bridgeTransports = mkOption { - type = types.listOf types.str; - default = ["obfs4"]; - example = ["obfs2" "obfs3" "obfs4" "scramblesuit"]; - description = "List of pluggable transports"; - }; - - nickname = mkOption { - type = types.str; - default = "anonymous"; - description = '' - A unique handle for your TOR relay. - ''; - }; - - contactInfo = mkOption { - type = types.nullOr types.str; - default = null; - example = "admin@relay.com"; - description = '' - Contact information for the relay owner (e.g. a mail - address and GPG key ID). - ''; - }; - - accountingMax = mkOption { - type = types.nullOr types.str; - default = null; - example = "450 GBytes"; - description = '' - Specify maximum bandwidth allowed during an accounting period. This - allows you to limit overall tor bandwidth over some time period. - See the AccountingMax option by looking at the - tor manual tor - 1 for more. - - Note this limit applies individually to upload and - download; if you specify "500 GBytes" - here, then you may transfer up to 1 TBytes of overall - bandwidth (500 GB upload, 500 GB download). - ''; - }; - - accountingStart = mkOption { - type = types.nullOr types.str; - default = null; - example = "month 1 1:00"; - description = '' - Specify length of an accounting period. This allows you to limit - overall tor bandwidth over some time period. See the - AccountingStart option by looking at the tor - manual tor - 1 for more. - ''; - }; - - bandwidthRate = mkOption { - type = types.nullOr types.int; - default = null; - example = 100; - description = '' - Specify this to limit the bandwidth usage of relayed (server) - traffic. Your own traffic is still unthrottled. Units: bytes/second. - ''; - }; - - bandwidthBurst = mkOption { - type = types.nullOr types.int; - default = cfg.relay.bandwidthRate; - example = 200; - description = '' - Specify this to allow bursts of the bandwidth usage of relayed (server) - traffic. The average usage will still be as specified in relayBandwidthRate. - Your own traffic is still unthrottled. Units: bytes/second. - ''; - }; - - address = mkOption { - type = types.nullOr types.str; - default = null; - example = "noname.example.com"; - description = '' - The IP address or full DNS name for advertised address of your relay. - Leave unset and Tor will guess. - ''; - }; - - port = mkOption { - type = types.either types.int types.str; - example = 143; - description = '' - What port to advertise for Tor connections. This corresponds to the - ORPort section in the Tor manual; see - tor - 1 for more details. - - At a minimum, you should just specify the port for the - relay to listen on; a common one like 143, 22, 80, or 443 - to help Tor users who may have very restrictive port-based - firewalls. - ''; - }; - - exitPolicy = mkOption { - type = types.nullOr types.str; - default = null; - example = "accept *:6660-6667,reject *:*"; - description = '' - A comma-separated list of exit policies. They're - considered first to last, and the first match wins. If you - want to _replace_ the default exit policy, end this with - either a reject *:* or an accept *:*. Otherwise, you're - _augmenting_ (prepending to) the default exit policy. - Leave commented to just use the default, which is - available in the man page or at - . - - Look at - - for issues you might encounter if you use the default - exit policy. - - If certain IPs and ports are blocked externally, e.g. by - your firewall, you should update your exit policy to - reflect this -- otherwise Tor users will be told that - those destinations are down. - ''; + onionServices = mkOption { + description = descriptionGeneric "HiddenServiceDir"; + default = {}; + example = { + "example.org/www" = { + map = [ 80 ]; + authorizedClients = [ + "descriptor:x25519:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" + ]; + }; + }; + type = types.attrsOf (types.submodule ({name, config, ...}: { + options.path = mkOption { + type = types.path; + description = '' + Path where to store the data files of the hidden service. + If the is null + this defaults to ${stateDir}/onion/$onion, + otherwise to ${runDir}/onion/$onion. + ''; + }; + options.secretKey = mkOption { + type = with types; nullOr path; + default = null; + example = "/run/keys/tor/onion/expyuzz4wqqyqhjn/hs_ed25519_secret_key"; + description = '' + Secret key of the onion service. + If null, Tor reuses any preexisting secret key (in ) + or generates a new one. + The associated public key and hostname are deterministically regenerated + from this file if they do not exist. + ''; + }; + options.authorizeClient = mkOption { + description = descriptionGeneric "HiddenServiceAuthorizeClient"; + default = null; + type = types.nullOr (types.submodule ({...}: { + options = { + authType = mkOption { + type = types.enum [ "basic" "stealth" ]; + description = '' + Either "basic" for a general-purpose authorization protocol + or "stealth" for a less scalable protocol + that also hides service activity from unauthorized clients. + ''; + }; + clientNames = mkOption { + type = with types; nonEmptyListOf (strMatching "[A-Za-z0-9+-_]+"); + description = '' + Only clients that are listed here are authorized to access the hidden service. + Generated authorization data can be found in ${stateDir}/onion/$name/hostname. + Clients need to put this authorization data in their configuration file using + . + ''; + }; + }; + })); + }; + options.authorizedClients = mkOption { + description = '' + Authorized clients for a v3 hidden service, + as a list of public key, in the format: + descriptor:x25519:<base32-public-key> + '' + descriptionGeneric "_client_authorization"; + type = with types; listOf str; + default = []; + example = ["descriptor:x25519:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"]; + }; + options.map = mkOption { + description = descriptionGeneric "HiddenServicePort"; + type = with types; listOf (oneOf [ + port (submodule ({...}: { + options = { + port = optionPort; + target = mkOption { + default = null; + type = nullOr (submodule ({...}: { + options = { + unix = optionUnix; + addr = optionAddress; + port = optionPort; + }; + })); + }; + }; + })) + ]); + apply = map (v: if isInt v then {port=v; target=null;} else v); + }; + options.version = mkOption { + description = descriptionGeneric "HiddenServiceVersion"; + type = with types; nullOr (enum [2 3]); + default = null; + }; + options.settings = mkOption { + description = '' + Settings of the onion service. + '' + descriptionGeneric "_hidden_service_options"; + default = {}; + type = types.submodule { + freeformType = with types; + (attrsOf (nullOr (oneOf [str int bool (listOf str)]))) // { + description = "settings option"; + }; + options.HiddenServiceAllowUnknownPorts = optionBool "HiddenServiceAllowUnknownPorts"; + options.HiddenServiceDirGroupReadable = optionBool "HiddenServiceDirGroupReadable"; + options.HiddenServiceExportCircuitID = mkOption { + description = descriptionGeneric "HiddenServiceExportCircuitID"; + type = with types; nullOr (enum ["haproxy"]); + default = null; + }; + options.HiddenServiceMaxStreams = mkOption { + description = descriptionGeneric "HiddenServiceMaxStreams"; + type = with types; nullOr (ints.between 0 65535); + default = null; + }; + options.HiddenServiceMaxStreamsCloseCircuit = optionBool "HiddenServiceMaxStreamsCloseCircuit"; + options.HiddenServiceNumIntroductionPoints = mkOption { + description = descriptionGeneric "HiddenServiceNumIntroductionPoints"; + type = with types; nullOr (ints.between 0 20); + default = null; + }; + options.HiddenServiceSingleHopMode = optionBool "HiddenServiceSingleHopMode"; + options.RendPostPeriod = optionString "RendPostPeriod"; + }; + }; + config = { + path = mkDefault ((if config.secretKey == null then stateDir else runDir) + "/onion/${name}"); + settings.HiddenServiceVersion = config.version; + settings.HiddenServiceAuthorizeClient = + if config.authorizeClient != null then + config.authorizeClient.authType + " " + + concatStringsSep "," config.authorizeClient.clientNames + else null; + settings.HiddenServicePort = map (p: mkValueString "" p.port + " " + mkValueString "" p.target) config.map; + }; + })); }; }; - hiddenServices = mkOption { + settings = mkOption { description = '' - A set of static hidden services that terminate their Tor - circuits at this node. - - Every element in this set declares a virtual onion host. - - You can specify your onion address by putting corresponding - private key to an appropriate place in ${torDirectory}. - - For services without private keys in ${torDirectory} Tor - daemon will generate random key pairs (which implies random - onion addresses) on restart. The latter could take a while, - please be patient. - - - Hidden services can be useful even if you don't intend to - actually hide them, since they can - also be seen as a kind of NAT traversal mechanism. - - E.g. the example will make your sshd, whatever runs on - "8080" and your mail server available from anywhere where - the Tor network is available (which, with the help from - bridges, is pretty much everywhere), even if both client - and server machines are behind NAT you have no control - over. - + See torrc manual + for documentation. ''; default = {}; - example = literalExample '' - { "my-hidden-service-example".map = [ - { port = 22; } # map ssh port to this machine's ssh - { port = 80; toPort = 8080; } # map http port to whatever runs on 8080 - { port = "sip"; toHost = "mail.example.com"; toPort = "imap"; } # because we can - ]; - } - ''; - type = types.attrsOf (types.submodule ({name, ...}: { - options = { - - name = mkOption { - type = types.str; - description = '' - Name of this tor hidden service. - - This is purely descriptive. - - After restarting Tor daemon you should be able to - find your .onion address in - ${torDirectory}/onion/$name/hostname. - ''; - }; - - map = mkOption { - default = []; - description = "Port mapping for this hidden service."; - type = types.listOf (types.submodule ({config, ...}: { - options = { - - port = mkOption { - type = types.either types.int types.str; - example = 80; - description = '' - Hidden service port to "bind to". - ''; - }; - - destination = mkOption { - internal = true; - type = types.str; - description = "Forward these connections where?"; - }; - - toHost = mkOption { - type = types.str; - default = "127.0.0.1"; - description = "Mapping destination host."; - }; - - toPort = mkOption { - type = types.either types.int types.str; - example = 8080; - description = "Mapping destination port."; - }; - - }; - - config = { - toPort = mkDefault config.port; - destination = mkDefault "${config.toHost}:${toString config.toPort}"; - }; - })); - }; - - authorizeClient = mkOption { - default = null; - description = "If configured, the hidden service is accessible for authorized clients only."; - type = types.nullOr (types.submodule ({...}: { - - options = { - - authType = mkOption { - type = types.enum [ "basic" "stealth" ]; - description = '' - Either "basic" for a general-purpose authorization protocol - or "stealth" for a less scalable protocol - that also hides service activity from unauthorized clients. - ''; - }; - - clientNames = mkOption { - type = types.nonEmptyListOf (types.strMatching "[A-Za-z0-9+-_]+"); - description = '' - Only clients that are listed here are authorized to access the hidden service. - Generated authorization data can be found in ${torDirectory}/onion/$name/hostname. - Clients need to put this authorization data in their configuration file using HidServAuth. - ''; - }; - }; - })); - }; - - version = mkOption { - default = null; - description = "Rendezvous service descriptor version to publish for the hidden service. Currently, versions 2 and 3 are supported. (Default: 2)"; - type = types.nullOr (types.enum [ 2 3 ]); - }; + type = types.submodule { + freeformType = with types; + (attrsOf (nullOr (oneOf [str int bool (listOf str)]))) // { + description = "settings option"; + }; + options.Address = optionString "Address"; + options.AssumeReachable = optionBool "AssumeReachable"; + options.AccountingMax = optionBandwith "AccountingMax"; + options.AccountingStart = optionString "AccountingStart"; + options.AuthDirHasIPv6Connectivity = optionBool "AuthDirHasIPv6Connectivity"; + options.AuthDirListBadExits = optionBool "AuthDirListBadExits"; + options.AuthDirPinKeys = optionBool "AuthDirPinKeys"; + options.AuthDirSharedRandomness = optionBool "AuthDirSharedRandomness"; + options.AuthDirTestEd25519LinkKeys = optionBool "AuthDirTestEd25519LinkKeys"; + options.AuthoritativeDirectory = optionBool "AuthoritativeDirectory"; + options.AutomapHostsOnResolve = optionBool "AutomapHostsOnResolve"; + options.AutomapHostsSuffixes = optionStrings "AutomapHostsSuffixes" // { + default = [".onion" ".exit"]; + example = [".onion"]; }; - - config = { - name = mkDefault name; + options.BandwidthBurst = optionBandwith "BandwidthBurst"; + options.BandwidthRate = optionBandwith "BandwidthRate"; + options.BridgeAuthoritativeDir = optionBool "BridgeAuthoritativeDir"; + options.BridgeRecordUsageByCountry = optionBool "BridgeRecordUsageByCountry"; + options.BridgeRelay = optionBool "BridgeRelay" // { default = false; }; + options.CacheDirectory = optionPath "CacheDirectory"; + options.CacheDirectoryGroupReadable = optionBool "CacheDirectoryGroupReadable"; # default is null and like "auto" + options.CellStatistics = optionBool "CellStatistics"; + options.ClientAutoIPv6ORPort = optionBool "ClientAutoIPv6ORPort"; + options.ClientDNSRejectInternalAddresses = optionBool "ClientDNSRejectInternalAddresses"; + options.ClientOnionAuthDir = mkOption { + description = descriptionGeneric "ClientOnionAuthDir"; + default = null; + type = with types; nullOr path; }; - })); + options.ClientPreferIPv6DirPort = optionBool "ClientPreferIPv6DirPort"; # default is null and like "auto" + options.ClientPreferIPv6ORPort = optionBool "ClientPreferIPv6ORPort"; # default is null and like "auto" + options.ClientRejectInternalAddresses = optionBool "ClientRejectInternalAddresses"; + options.ClientUseIPv4 = optionBool "ClientUseIPv4"; + options.ClientUseIPv6 = optionBool "ClientUseIPv6"; + options.ConnDirectionStatistics = optionBool "ConnDirectionStatistics"; + options.ConstrainedSockets = optionBool "ConstrainedSockets"; + options.ContactInfo = optionString "ContactInfo"; + options.ControlPort = mkOption rec { + description = descriptionGeneric "ControlPort"; + default = []; + example = [{port = 9051;}]; + type = with types; oneOf [port (enum ["auto"]) (listOf (oneOf [ + port (enum ["auto"]) (submodule ({config, ...}: let + flags = ["GroupWritable" "RelaxDirModeCheck" "WorldWritable"]; + in { + options = { + unix = optionUnix; + flags = optionFlags; + addr = optionAddress; + port = optionPort; + } // genAttrs flags (name: mkOption { type = types.bool; default = false; }); + config = { + flags = filter (name: config.${name} == true) flags; + }; + })) + ]))]; + }; + options.ControlPortFileGroupReadable= optionBool "ControlPortFileGroupReadable"; + options.ControlPortWriteToFile = optionPath "ControlPortWriteToFile"; + options.ControlSocket = optionPath "ControlSocket"; + options.ControlSocketsGroupWritable = optionBool "ControlSocketsGroupWritable"; + options.CookieAuthFile = optionPath "CookieAuthFile"; + options.CookieAuthFileGroupReadable = optionBool "CookieAuthFileGroupReadable"; + options.CookieAuthentication = optionBool "CookieAuthentication"; + options.DataDirectory = optionPath "DataDirectory" // { default = stateDir; }; + options.DataDirectoryGroupReadable = optionBool "DataDirectoryGroupReadable"; + options.DirPortFrontPage = optionPath "DirPortFrontPage"; + options.DirAllowPrivateAddresses = optionBool "DirAllowPrivateAddresses"; + options.DormantCanceledByStartup = optionBool "DormantCanceledByStartup"; + options.DormantOnFirstStartup = optionBool "DormantOnFirstStartup"; + options.DormantTimeoutDisabledByIdleStreams = optionBool "DormantTimeoutDisabledByIdleStreams"; + options.DirCache = optionBool "DirCache"; + options.DirPolicy = mkOption { + description = descriptionGeneric "DirPolicy"; + type = with types; listOf str; + default = []; + example = ["accept *:*"]; + }; + options.DirPort = optionORPort "DirPort"; + options.DirReqStatistics = optionBool "DirReqStatistics"; + options.DisableAllSwap = optionBool "DisableAllSwap"; + options.DisableDebuggerAttachment = optionBool "DisableDebuggerAttachment"; + options.DisableNetwork = optionBool "DisableNetwork"; + options.DisableOOSCheck = optionBool "DisableOOSCheck"; + options.DNSPort = optionIsolablePorts "DNSPort"; + options.DoSCircuitCreationEnabled = optionBool "DoSCircuitCreationEnabled"; + options.DoSConnectionEnabled = optionBool "DoSConnectionEnabled"; # default is null and like "auto" + options.DoSRefuseSingleHopClientRendezvous = optionBool "DoSRefuseSingleHopClientRendezvous"; + options.DownloadExtraInfo = optionBool "DownloadExtraInfo"; + options.EnforceDistinctSubnets = optionBool "EnforceDistinctSubnets"; + options.EntryStatistics = optionBool "EntryStatistics"; + options.ExitPolicy = optionStrings "ExitPolicy" // { + default = ["reject *:*"]; + example = ["accept *:*"]; + }; + options.ExitPolicyRejectLocalInterfaces = optionBool "ExitPolicyRejectLocalInterfaces"; + options.ExitPolicyRejectPrivate = optionBool "ExitPolicyRejectPrivate"; + options.ExitPortStatistics = optionBool "ExitPortStatistics"; + options.ExitRelay = optionBool "ExitRelay"; # default is null and like "auto" + options.ExtORPort = mkOption { + description = descriptionGeneric "ExtORPort"; + default = null; + type = with types; nullOr (oneOf [ + port (enum ["auto"]) (submodule ({...}: { + options = { + addr = optionAddress; + port = optionPort; + }; + })) + ]); + apply = p: if isInt p || isString p then { port = p; } else p; + }; + options.ExtORPortCookieAuthFile = optionPath "ExtORPortCookieAuthFile"; + options.ExtORPortCookieAuthFileGroupReadable = optionBool "ExtORPortCookieAuthFileGroupReadable"; + options.ExtendAllowPrivateAddresses = optionBool "ExtendAllowPrivateAddresses"; + options.ExtraInfoStatistics = optionBool "ExtraInfoStatistics"; + options.FascistFirewall = optionBool "FascistFirewall"; + options.FetchDirInfoEarly = optionBool "FetchDirInfoEarly"; + options.FetchDirInfoExtraEarly = optionBool "FetchDirInfoExtraEarly"; + options.FetchHidServDescriptors = optionBool "FetchHidServDescriptors"; + options.FetchServerDescriptors = optionBool "FetchServerDescriptors"; + options.FetchUselessDescriptors = optionBool "FetchUselessDescriptors"; + options.ReachableAddresses = optionStrings "ReachableAddresses"; + options.ReachableDirAddresses = optionStrings "ReachableDirAddresses"; + options.ReachableORAddresses = optionStrings "ReachableORAddresses"; + options.GeoIPFile = optionPath "GeoIPFile"; + options.GeoIPv6File = optionPath "GeoIPv6File"; + options.GuardfractionFile = optionPath "GuardfractionFile"; + options.HidServAuth = mkOption { + description = descriptionGeneric "HidServAuth"; + default = []; + type = with types; listOf (oneOf [ + (submodule { + options = { + onion = mkOption { + type = strMatching "[a-z2-7]{16}(\\.onion)?"; + description = "Onion address."; + example = "xxxxxxxxxxxxxxxx.onion"; + }; + auth = mkOption { + type = strMatching "[A-Za-z0-9+/]{22}"; + description = "Authentication cookie."; + }; + }; + }) + ]); + }; + options.HiddenServiceNonAnonymousMode = optionBool "HiddenServiceNonAnonymousMode"; + options.HiddenServiceStatistics = optionBool "HiddenServiceStatistics"; + options.HSLayer2Nodes = optionStrings "HSLayer2Nodes"; + options.HSLayer3Nodes = optionStrings "HSLayer3Nodes"; + options.HTTPTunnelPort = optionIsolablePorts "HTTPTunnelPort"; + options.IPv6Exit = optionBool "IPv6Exit"; + options.KeyDirectory = optionPath "KeyDirectory"; + options.KeyDirectoryGroupReadable = optionBool "KeyDirectoryGroupReadable"; + options.LogMessageDomains = optionBool "LogMessageDomains"; + options.LongLivedPorts = optionPorts "LongLivedPorts"; + options.MainloopStats = optionBool "MainloopStats"; + options.MaxAdvertisedBandwidth = optionBandwith "MaxAdvertisedBandwidth"; + options.MaxCircuitDirtiness = optionInt "MaxCircuitDirtiness"; + options.MaxClientCircuitsPending = optionInt "MaxClientCircuitsPending"; + options.NATDPort = optionIsolablePorts "NATDPort"; + options.NewCircuitPeriod = optionInt "NewCircuitPeriod"; + options.Nickname = optionString "Nickname"; + options.ORPort = optionORPort "ORPort"; + options.OfflineMasterKey = optionBool "OfflineMasterKey"; + options.OptimisticData = optionBool "OptimisticData"; # default is null and like "auto" + options.PaddingStatistics = optionBool "PaddingStatistics"; + options.PerConnBWBurst = optionBandwith "PerConnBWBurst"; + options.PerConnBWRate = optionBandwith "PerConnBWRate"; + options.PidFile = optionPath "PidFile"; + options.ProtocolWarnings = optionBool "ProtocolWarnings"; + options.PublishHidServDescriptors = optionBool "PublishHidServDescriptors"; + options.PublishServerDescriptor = mkOption { + description = descriptionGeneric "PublishServerDescriptor"; + type = with types; nullOr (enum [false true 0 1 "0" "1" "v3" "bridge"]); + default = null; + }; + options.ReducedExitPolicy = optionBool "ReducedExitPolicy"; + options.RefuseUnknownExits = optionBool "RefuseUnknownExits"; # default is null and like "auto" + options.RejectPlaintextPorts = optionPorts "RejectPlaintextPorts"; + options.RelayBandwidthBurst = optionBandwith "RelayBandwidthBurst"; + options.RelayBandwidthRate = optionBandwith "RelayBandwidthRate"; + #options.RunAsDaemon + options.Sandbox = optionBool "Sandbox"; + options.ServerDNSAllowBrokenConfig = optionBool "ServerDNSAllowBrokenConfig"; + options.ServerDNSAllowNonRFC953Hostnames = optionBool "ServerDNSAllowNonRFC953Hostnames"; + options.ServerDNSDetectHijacking = optionBool "ServerDNSDetectHijacking"; + options.ServerDNSRandomizeCase = optionBool "ServerDNSRandomizeCase"; + options.ServerDNSResolvConfFile = optionPath "ServerDNSResolvConfFile"; + options.ServerDNSSearchDomains = optionBool "ServerDNSSearchDomains"; + options.ServerTransportPlugin = mkOption { + description = descriptionGeneric "ServerTransportPlugin"; + default = null; + type = with types; nullOr (submodule ({...}: { + options = { + transports = mkOption { + description = "List of pluggable transports."; + type = listOf str; + example = ["obfs2" "obfs3" "obfs4" "scramblesuit"]; + }; + exec = mkOption { + type = types.str; + description = "Command of pluggable transport."; + }; + }; + })); + }; + options.SocksPolicy = optionStrings "SocksPolicy" // { + example = ["accept *:*"]; + }; + options.SOCKSPort = mkOption { + description = descriptionGeneric "SOCKSPort"; + default = if cfg.settings.HiddenServiceNonAnonymousMode == true then [{port = 0;}] else []; + example = [{port = 9090;}]; + type = types.listOf (optionSOCKSPort true); + }; + options.TestingTorNetwork = optionBool "TestingTorNetwork"; + options.TransPort = optionIsolablePorts "TransPort"; + options.TransProxyType = mkOption { + description = descriptionGeneric "TransProxyType"; + type = with types; nullOr (enum ["default" "TPROXY" "ipfw" "pf-divert"]); + default = null; + }; + #options.TruncateLogFile + options.UnixSocksGroupWritable = optionBool "UnixSocksGroupWritable"; + options.UseDefaultFallbackDirs = optionBool "UseDefaultFallbackDirs"; + options.UseMicrodescriptors = optionBool "UseMicrodescriptors"; + options.V3AuthUseLegacyKey = optionBool "V3AuthUseLegacyKey"; + options.V3AuthoritativeDirectory = optionBool "V3AuthoritativeDirectory"; + options.VersioningAuthoritativeDirectory = optionBool "VersioningAuthoritativeDirectory"; + options.VirtualAddrNetworkIPv4 = optionString "VirtualAddrNetworkIPv4"; + options.VirtualAddrNetworkIPv6 = optionString "VirtualAddrNetworkIPv6"; + options.WarnPlaintextPorts = optionPorts "WarnPlaintextPorts"; + }; }; }; }; @@ -696,79 +822,217 @@ in config = mkIf cfg.enable { # Not sure if `cfg.relay.role == "private-bridge"` helps as tor # sends a lot of stats - warnings = optional (cfg.relay.enable && cfg.hiddenServices != {}) + warnings = optional (cfg.settings.BridgeRelay && + flatten (mapAttrsToList (n: o: o.map) cfg.relay.onionServices) != []) '' Running Tor hidden services on a public relay makes the presence of hidden services visible through simple statistical analysis of publicly available data. + See https://trac.torproject.org/projects/tor/ticket/8742 You can safely ignore this warning if you don't intend to actually hide your hidden services. In either case, you can always create a container/VM with a separate Tor daemon instance. - ''; + '' ++ + flatten (mapAttrsToList (n: o: + optional (o.settings.HiddenServiceVersion == 2) [ + (optional (o.settings.HiddenServiceExportCircuitID != null) '' + HiddenServiceExportCircuitID is used in the HiddenService: ${n} + but this option is only for v3 hidden services. + '') + ] ++ + optional (o.settings.HiddenServiceVersion != 2) [ + (optional (o.settings.HiddenServiceAuthorizeClient != null) '' + HiddenServiceAuthorizeClient is used in the HiddenService: ${n} + but this option is only for v2 hidden services. + '') + (optional (o.settings.RendPostPeriod != null) '' + RendPostPeriod is used in the HiddenService: ${n} + but this option is only for v2 hidden services. + '') + ] + ) cfg.relay.onionServices); users.groups.tor.gid = config.ids.gids.tor; users.users.tor = { description = "Tor Daemon User"; createHome = true; - home = torDirectory; + home = stateDir; group = "tor"; uid = config.ids.uids.tor; }; - # We have to do this instead of using RuntimeDirectory option in - # the service below because systemd has no way to set owners of - # RuntimeDirectory and putting this into the service below - # requires that service to relax it's sandbox since this needs - # writable /run - systemd.services.tor-init = - { description = "Tor Daemon Init"; - wantedBy = [ "tor.service" ]; - script = '' - install -m 0700 -o tor -g tor -d ${torDirectory} ${torDirectory}/onion - install -m 0750 -o tor -g tor -d ${torRunDirectory} - ''; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - }; - - systemd.services.tor = - { description = "Tor Daemon"; - path = [ pkgs.tor ]; - - wantedBy = [ "multi-user.target" ]; - after = [ "tor-init.service" "network.target" ]; - restartTriggers = [ torRcFile ]; - - serviceConfig = - { Type = "simple"; - # Translated from the upstream contrib/dist/tor.service.in - ExecStartPre = "${cfg.package}/bin/tor -f ${torRcFile} --verify-config"; - ExecStart = "${cfg.package}/bin/tor -f ${torRcFile}"; - ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; - KillSignal = "SIGINT"; - TimeoutSec = 30; - Restart = "on-failure"; - LimitNOFILE = 32768; - - # Hardening - # this seems to unshare /run despite what systemd.exec(5) says - PrivateTmp = mkIf (!cfg.controlSocket.enable) "yes"; - PrivateDevices = "yes"; - ProtectHome = "yes"; - ProtectSystem = "strict"; - InaccessiblePaths = "/home"; - ReadOnlyPaths = "/"; - ReadWritePaths = [ torDirectory torRunDirectory ]; - NoNewPrivileges = "yes"; - - # tor.service.in has this in, but this line it fails to spawn a namespace when using hidden services - #CapabilityBoundingSet = "CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE"; - }; + services.tor.settings = mkMerge [ + (mkIf cfg.enableGeoIP { + GeoIPFile = "${cfg.package.geoip}/share/tor/geoip"; + GeoIPv6File = "${cfg.package.geoip}/share/tor/geoip6"; + }) + (mkIf cfg.controlSocket.enable { + ControlPort = [ { unix = runDir + "/control"; GroupWritable=true; RelaxDirModeCheck=true; } ]; + }) + (mkIf cfg.relay.enable ( + optionalAttrs (cfg.relay.role != "exit") { + ExitPolicy = mkForce ["reject *:*"]; + } // + optionalAttrs (elem cfg.relay.role ["bridge" "private-bridge"]) { + BridgeRelay = true; + ExtORPort.port = mkDefault "auto"; + ServerTransportPlugin.transports = mkDefault ["obfs4"]; + ServerTransportPlugin.exec = mkDefault "${pkgs.obfs4}/bin/obfs4proxy managed"; + } // optionalAttrs (cfg.relay.role == "private-bridge") { + ExtraInfoStatistics = false; + PublishServerDescriptor = false; + } + )) + (mkIf (!cfg.relay.enable) { + # Avoid surprises when leaving ORPort/DirPort configurations in cfg.settings, + # because it would still enable Tor as a relay, + # which can trigger all sort of problems when not carefully done, + # like the blocklisting of the machine's IP addresses + # by some hosting providers... + DirPort = mkForce []; + ORPort = mkForce []; + PublishServerDescriptor = mkForce false; + }) + (mkIf cfg.client.enable ( + { SOCKSPort = [ cfg.client.socksListenAddress ]; + } // optionalAttrs cfg.client.transparentProxy.enable { + TransPort = [{ addr = "127.0.0.1"; port = 9040; }]; + } // optionalAttrs cfg.client.dns.enable { + DNSPort = [{ addr = "127.0.0.1"; port = 9053; }]; + AutomapHostsOnResolve = true; + AutomapHostsSuffixes = cfg.client.dns.automapHostsSuffixes; + } // optionalAttrs (flatten (mapAttrsToList (n: o: o.clientAuthorizations) cfg.client.onionServices) != []) { + ClientOnionAuthDir = runDir + "/ClientOnionAuthDir"; + } + )) + ]; + + networking.firewall = mkIf cfg.openFirewall { + allowedTCPPorts = + concatMap (o: optional (isInt o && o > 0 || o ? "port" && isInt o.port && o.port > 0) o.port) + (flatten [ + cfg.settings.ORPort + cfg.settings.DirPort + ]); + }; + + systemd.services.tor = { + description = "Tor Daemon"; + path = [ pkgs.tor ]; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + restartTriggers = [ torrc ]; + + serviceConfig = { + Type = "simple"; + User = "tor"; + Group = "tor"; + ExecStartPre = [ + "${cfg.package}/bin/tor -f ${torrc} --verify-config" + # DOC: Appendix G of https://spec.torproject.org/rend-spec-v3 + ("+" + pkgs.writeShellScript "ExecStartPre" (concatStringsSep "\n" (flatten (["set -eu"] ++ + mapAttrsToList (name: onion: + optional (onion.authorizedClients != []) '' + rm -rf ${escapeShellArg onion.path}/authorized_clients + install -d -o tor -g tor -m 0700 ${escapeShellArg onion.path} ${escapeShellArg onion.path}/authorized_clients + '' ++ + imap0 (i: pubKey: '' + echo ${pubKey} | + install -o tor -g tor -m 0400 /dev/stdin ${escapeShellArg onion.path}/authorized_clients/${toString i}.auth + '') onion.authorizedClients ++ + optional (onion.secretKey != null) '' + install -d -o tor -g tor -m 0700 ${escapeShellArg onion.path} + key="$(cut -f1 -d: ${escapeShellArg onion.secretKey})" + case "$key" in + ("== ed25519v"*"-secret") + install -o tor -g tor -m 0400 ${escapeShellArg onion.secretKey} ${escapeShellArg onion.path}/hs_ed25519_secret_key;; + (*) echo >&2 "NixOS does not (yet) support secret key type for onion: ${name}"; exit 1;; + esac + '' + ) cfg.relay.onionServices ++ + mapAttrsToList (name: onion: imap0 (i: prvKeyPath: + let hostname = removeSuffix ".onion" name; in '' + printf "%s:" ${escapeShellArg hostname} | cat - ${escapeShellArg prvKeyPath} | + install -o tor -g tor -m 0700 /dev/stdin \ + ${runDir}/ClientOnionAuthDir/${escapeShellArg hostname}.${toString i}.auth_private + '') onion.clientAuthorizations) + cfg.client.onionServices + )))) + ]; + ExecStart = "${cfg.package}/bin/tor -f ${torrc}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + KillSignal = "SIGINT"; + TimeoutSec = 30; + Restart = "on-failure"; + LimitNOFILE = 32768; + RuntimeDirectory = [ + # g+x allows access to the control socket + "tor" + "tor/root" + # g+x can't be removed in ExecStart=, but will be removed by Tor + "tor/ClientOnionAuthDir" + ]; + RuntimeDirectoryMode = "0710"; + StateDirectoryMode = "0700"; + StateDirectory = [ + "tor" + "tor/onion" + ] ++ + flatten (mapAttrsToList (name: onion: + optional (onion.secretKey == null) "tor/onion/${name}" + ) cfg.relay.onionServices); + # The following options are only to optimize: + # systemd-analyze security tor + RootDirectory = runDir + "/root"; + RootDirectoryStartOnly = true; + #InaccessiblePaths = [ "-+${runDir}/root" ]; + UMask = "0066"; + BindPaths = [ stateDir ]; + BindReadOnlyPaths = [ storeDir "/etc" ]; + AmbientCapabilities = [""] ++ lib.optional bindsPrivilegedPort "CAP_NET_BIND_SERVICE"; + CapabilityBoundingSet = [""] ++ lib.optional bindsPrivilegedPort "CAP_NET_BIND_SERVICE"; + # ProtectClock= adds DeviceAllow=char-rtc r + DeviceAllow = ""; + LockPersonality = true; + MemoryDenyWriteExecute = true; + NoNewPrivileges = true; + PrivateDevices = true; + PrivateMounts = true; + PrivateNetwork = mkDefault false; + PrivateTmp = true; + # Tor cannot currently bind privileged port when PrivateUsers=true, + # see https://gitlab.torproject.org/legacy/trac/-/issues/20930 + PrivateUsers = !bindsPrivilegedPort; + ProtectClock = true; + ProtectControlGroups = true; + ProtectHome = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + ProtectSystem = "strict"; + RemoveIPC = true; + RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ]; + RestrictNamespaces = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + # See also the finer but experimental option settings.Sandbox + SystemCallFilter = [ + "@system-service" + # Groups in @system-service which do not contain a syscall listed by: + # perf stat -x, 2>perf.log -e 'syscalls:sys_enter_*' tor + # in tests, and seem likely not necessary for tor. + "~@aio" "~@chown" "~@keyring" "~@memlock" "~@resources" "~@setuid" "~@timer" + ]; + SystemCallArchitectures = "native"; + SystemCallErrorNumber = "EPERM"; }; + }; environment.systemPackages = [ cfg.package ]; }; + + meta.maintainers = with lib.maintainers; [ julm ]; } diff --git a/nixos/tests/tor.nix b/nixos/tests/tor.nix index ad07231557c3..c061f59226cf 100644 --- a/nixos/tests/tor.nix +++ b/nixos/tests/tor.nix @@ -17,7 +17,7 @@ rec { environment.systemPackages = with pkgs; [ netcat ]; services.tor.enable = true; services.tor.client.enable = true; - services.tor.controlPort = 9051; + services.tor.settings.ControlPort = 9051; }; testScript = '' diff --git a/pkgs/tools/security/tor/default.nix b/pkgs/tools/security/tor/default.nix index 04bf598d132a..e46fd4790a31 100644 --- a/pkgs/tools/security/tor/default.nix +++ b/pkgs/tools/security/tor/default.nix @@ -1,5 +1,6 @@ { stdenv, fetchurl, pkgconfig, libevent, openssl, zlib, torsocks , libseccomp, systemd, libcap, lzma, zstd, scrypt, nixosTests +, writeShellScript # for update.nix , writeScript @@ -12,7 +13,21 @@ , gnused , nix }: +let + tor-client-auth-gen = writeShellScript "tor-client-auth-gen" '' + PATH="${stdenv.lib.makeBinPath [coreutils gnugrep openssl]}" + pem="$(openssl genpkey -algorithm x25519)" + printf private_key=descriptor:x25519: + echo "$pem" | grep -v " PRIVATE KEY" | + base64 -d | tail --bytes=32 | base32 | tr -d = + + printf public_key=descriptor:x25519: + echo "$pem" | openssl pkey -in /dev/stdin -pubout | + grep -v " PUBLIC KEY" | + base64 -d | tail --bytes=32 | base32 | tr -d = + ''; +in stdenv.mkDerivation rec { pname = "tor"; version = "0.4.4.6"; @@ -52,6 +67,7 @@ stdenv.mkDerivation rec { mkdir -p $geoip/share/tor mv $out/share/tor/geoip{,6} $geoip/share/tor rm -rf $out/share/tor + ln -s ${tor-client-auth-gen} $out/bin/tor-client-auth-gen ''; passthru = { From 7a580a12196e63eb665de6eb4db8bb3b6da142f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 30 Dec 2020 06:58:57 +0100 Subject: [PATCH 053/120] cntr: 1.2.1 -> 1.4.1 --- pkgs/applications/virtualization/cntr/default.nix | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/virtualization/cntr/default.nix b/pkgs/applications/virtualization/cntr/default.nix index e3ab1c6c2f80..ab9b63eb79b2 100644 --- a/pkgs/applications/virtualization/cntr/default.nix +++ b/pkgs/applications/virtualization/cntr/default.nix @@ -2,23 +2,22 @@ rustPlatform.buildRustPackage rec { pname = "cntr"; - version = "1.2.1"; + version = "1.4.1"; src = fetchFromGitHub { owner = "Mic92"; repo = "cntr"; rev = version; - sha256 = "0dhfz7aj3cqi974ybf0axchih40rzrs9m8bxhwz1hgig57aisfc0"; + sha256 = "sha256-4ogyOKuz6702/sOQNvE+UP+cvQrPPU3VjL4b0FUfRNw="; }; - cargoSha256 = "088drkpkgq8psv5j6igxyhfvvbalzg6nd98r9z0nxkawck5i2clz"; + cargoSha256 = "sha256-lblvun2T1qpFiowld77Ti2MFPzhs5pOWWRbErORXYCM="; meta = with stdenv.lib; { description = "A container debugging tool based on FUSE"; homepage = "https://github.com/Mic92/cntr"; license = licenses.mit; - # aarch64 support will be fixed soon - platforms = [ "x86_64-linux" ]; + platforms = platforms.linux; maintainers = [ maintainers.mic92 ]; }; } From a2cf6f7c37c6ae203c775ace432f25b3f8b90a74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Xaver=20H=C3=B6rl?= Date: Wed, 30 Dec 2020 10:32:52 +0100 Subject: [PATCH 054/120] android-file-transfer: 4.1 -> 4.2 --- pkgs/tools/filesystems/android-file-transfer/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/filesystems/android-file-transfer/default.nix b/pkgs/tools/filesystems/android-file-transfer/default.nix index d9ae2cb74615..fc6bc43be025 100644 --- a/pkgs/tools/filesystems/android-file-transfer/default.nix +++ b/pkgs/tools/filesystems/android-file-transfer/default.nix @@ -2,13 +2,13 @@ mkDerivation rec { pname = "android-file-transfer"; - version = "4.1"; + version = "4.2"; src = fetchFromGitHub { owner = "whoozle"; repo = "android-file-transfer-linux"; rev = "v${version}"; - sha256 = "0xmnwxr649wdzsa1vf3spl387hxs4pq0rldyrsr9hz43da4v081k"; + sha256 = "125rq8ji83nw6chfw43i0h9c38hjqh1qjibb0gnf9wrigar9zc8b"; }; nativeBuildInputs = [ cmake readline pkgconfig ]; From abe806a180c422133cdfba3a409fccc657f0b4be Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 30 Dec 2020 09:39:45 +0000 Subject: [PATCH 055/120] python37Packages.pyclipper: 1.2.0 -> 1.2.1 --- pkgs/development/python-modules/pyclipper/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pyclipper/default.nix b/pkgs/development/python-modules/pyclipper/default.nix index bc910cea5808..6096f30181a1 100644 --- a/pkgs/development/python-modules/pyclipper/default.nix +++ b/pkgs/development/python-modules/pyclipper/default.nix @@ -7,12 +7,12 @@ buildPythonPackage rec { pname = "pyclipper"; - version = "1.2.0"; + version = "1.2.1"; src = fetchPypi { inherit pname version; extension = "zip"; - sha256 = "0irs5sn6ldpg70630nfndghjnpxv8jldk61zyczfzp1jcz53b43s"; + sha256 = "ca3751e93559f0438969c46f17459d07f983281dac170c3479de56492e152855"; }; nativeBuildInputs = [ From 456ab13f90c14abaea84b201e9fdbd1ef14dfc8f Mon Sep 17 00:00:00 2001 From: sternenseemann <0rpkxez4ksa01gb3typccl0i@systemli.org> Date: Wed, 30 Dec 2020 13:25:36 +0100 Subject: [PATCH 056/120] meteor: 1.10.2 -> 1.12 --- pkgs/servers/meteor/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/meteor/default.nix b/pkgs/servers/meteor/default.nix index ddf7a972c2eb..96363583b62e 100644 --- a/pkgs/servers/meteor/default.nix +++ b/pkgs/servers/meteor/default.nix @@ -1,7 +1,7 @@ { stdenv, lib, fetchurl, zlib, patchelf, runtimeShell }: let - version = "1.10.2"; + version = "1.12"; in stdenv.mkDerivation { @@ -9,7 +9,7 @@ stdenv.mkDerivation { pname = "meteor"; src = fetchurl { url = "https://static-meteor.netdna-ssl.com/packages-bootstrap/${version}/meteor-bootstrap-os.linux.x86_64.tar.gz"; - sha256 = "17s1n92nznasaaprvxg289a1fcizq2nj51xqw7akgw5f77q19vmw"; + sha256 = "0l3zc76djzypvc0dm5ikv5ybb6574qd6kdbbkarzc2dxx64wkyvb"; }; #dontStrip = true; From b3bb7e5bf0dd14629918f6c09d5434dc1ee0ee21 Mon Sep 17 00:00:00 2001 From: Mrinal Purohit Date: Wed, 30 Dec 2020 19:42:19 +0530 Subject: [PATCH 057/120] google-cloud-sdk: 319.0.0 -> 321.0.0 --- pkgs/tools/admin/google-cloud-sdk/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/admin/google-cloud-sdk/default.nix b/pkgs/tools/admin/google-cloud-sdk/default.nix index 29592451734f..45e1043926c5 100644 --- a/pkgs/tools/admin/google-cloud-sdk/default.nix +++ b/pkgs/tools/admin/google-cloud-sdk/default.nix @@ -21,18 +21,18 @@ let sources = name: system: { x86_64-darwin = { url = "${baseUrl}/${name}-darwin-x86_64.tar.gz"; - sha256 = "0kldvy63gba5k6ymybnggw3q3rlav1gcbpxiwnv6670lk5qzqdsw"; + sha256 = "1miqvh2b3mxrrr63q8f5i944mp3rz6685ckmnk5fml2wyc273jiv"; }; x86_64-linux = { url = "${baseUrl}/${name}-linux-x86_64.tar.gz"; - sha256 = "1ifl4skwqhkapfwhymyz7v4jpwpd01n4x3956w5ci8c3zvw8l118"; + sha256 = "15kfsxn6j37rsw97ixj7ixkzcby0pkgc5xj7cpqdq975ym58sgv7"; }; }.${system}; in stdenv.mkDerivation rec { pname = "google-cloud-sdk"; - version = "319.0.0"; + version = "321.0.0"; src = fetchurl (sources "${pname}-${version}" stdenv.hostPlatform.system); From 86a0c7c91afbbc9c25c65b3f5096acd9e3185194 Mon Sep 17 00:00:00 2001 From: Mrinal Purohit Date: Wed, 30 Dec 2020 19:53:26 +0530 Subject: [PATCH 058/120] google-cloud-sdk: add iammrinal0 as maintainer --- pkgs/tools/admin/google-cloud-sdk/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/admin/google-cloud-sdk/default.nix b/pkgs/tools/admin/google-cloud-sdk/default.nix index 45e1043926c5..b2148fafe282 100644 --- a/pkgs/tools/admin/google-cloud-sdk/default.nix +++ b/pkgs/tools/admin/google-cloud-sdk/default.nix @@ -99,7 +99,7 @@ in stdenv.mkDerivation rec { # This package contains vendored dependencies. All have free licenses. license = licenses.free; homepage = "https://cloud.google.com/sdk/"; - maintainers = with maintainers; [ pradyuman stephenmw zimbatm ]; + maintainers = with maintainers; [ iammrinal0 pradyuman stephenmw zimbatm ]; platforms = [ "x86_64-linux" "x86_64-darwin" ]; }; } From 35a7f79e27457ff2cc94f4e3f996715f49a782d9 Mon Sep 17 00:00:00 2001 From: Mrinal Purohit Date: Wed, 30 Dec 2020 19:59:07 +0530 Subject: [PATCH 059/120] maintainers: add iammrinal0 --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 4b2dc4914769..90c047d3fab7 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -3693,6 +3693,12 @@ githubId = 2789926; name = "Imran Hossain"; }; + iammrinal0 = { + email = "nixpkgs@mrinalpurohit.in"; + github = "iammrinal0"; + githubId = 890062; + name = "Mrinal"; + }; iand675 = { email = "ian@iankduncan.com"; github = "iand675"; From 34415ec25723733cc43d34949b0fac1e2945bd4b Mon Sep 17 00:00:00 2001 From: Edmund Miller Date: Tue, 22 Dec 2020 02:33:02 +0000 Subject: [PATCH 060/120] python3Packages.pytest-datafiles: Update homepage --- pkgs/development/python-modules/pytest-datafiles/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/pytest-datafiles/default.nix b/pkgs/development/python-modules/pytest-datafiles/default.nix index 7a6e3f7d9314..2fafdcd1aaa0 100644 --- a/pkgs/development/python-modules/pytest-datafiles/default.nix +++ b/pkgs/development/python-modules/pytest-datafiles/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { meta = with stdenv.lib; { license = licenses.mit; - homepage = "https://pypi.python.org/pypi/pytest-catchlog/"; + homepage = "https://github.com/omarkohl/pytest-datafiles"; description = "py.test plugin to create a 'tmpdir' containing predefined files/directories."; }; } From 5664693f8e4c33cec6aaa5e5c2aa68bd26447c71 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 30 Dec 2020 07:37:34 +0000 Subject: [PATCH 061/120] python37Packages.zstandard: 0.14.1 -> 0.15.0 --- pkgs/development/python-modules/zstandard/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/zstandard/default.nix b/pkgs/development/python-modules/zstandard/default.nix index 126fe1377f5f..39c7a42899a8 100755 --- a/pkgs/development/python-modules/zstandard/default.nix +++ b/pkgs/development/python-modules/zstandard/default.nix @@ -7,11 +7,11 @@ buildPythonPackage rec { pname = "zstandard"; - version = "0.14.1"; + version = "0.15.0"; src = fetchPypi { inherit pname version; - sha256 = "5dd700e52ec28c64d43f681ccde76b6436c8f89a332d6c9e22a6b629f28daeb5"; + sha256 = "22395e97bcfdb222246da4fdf8739ed762ffce1e5d0b526eb051c90da20268d7"; }; propagatedBuildInputs = [ cffi ]; From f399effc5828c0919f14e68decbebe5409624c75 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 30 Dec 2020 15:58:02 +0100 Subject: [PATCH 062/120] homeassistant: 2020.12.1 -> 2020.12.2 --- pkgs/servers/home-assistant/component-packages.nix | 2 +- pkgs/servers/home-assistant/default.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index 9135ea549f34..ad6a90b44f76 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -2,7 +2,7 @@ # Do not edit! { - version = "2020.12.1"; + version = "2020.12.2"; components = { "abode" = ps: with ps; [ abodepy ]; "accuweather" = ps: with ps; [ accuweather ]; diff --git a/pkgs/servers/home-assistant/default.nix b/pkgs/servers/home-assistant/default.nix index 12dc7b681618..68d11e85fd2a 100644 --- a/pkgs/servers/home-assistant/default.nix +++ b/pkgs/servers/home-assistant/default.nix @@ -62,7 +62,7 @@ let extraBuildInputs = extraPackages py.pkgs; # Don't forget to run parse-requirements.py after updating - hassVersion = "2020.12.1"; + hassVersion = "2020.12.2"; in with py.pkgs; buildPythonApplication rec { pname = "homeassistant"; From 77cbb1af0999696eb8e54252b035978a8ee43633 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 30 Dec 2020 16:13:05 +0100 Subject: [PATCH 063/120] python3Packages.HAP-python: 3.0.0 -> 3.1.0 Convert tests to pyTestCheckHook. --- .../python-modules/HAP-python/default.nix | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/pkgs/development/python-modules/HAP-python/default.nix b/pkgs/development/python-modules/HAP-python/default.nix index 267fcccd8d4b..3cd211db7559 100644 --- a/pkgs/development/python-modules/HAP-python/default.nix +++ b/pkgs/development/python-modules/HAP-python/default.nix @@ -1,16 +1,16 @@ { lib, buildPythonPackage, fetchFromGitHub, isPy3k, curve25519-donna, ed25519 -, cryptography, ecdsa, zeroconf, pytest }: +, cryptography, ecdsa, zeroconf, pytestCheckHook }: buildPythonPackage rec { pname = "HAP-python"; - version = "3.0.0"; + version = "3.1.0"; # pypi package does not include tests src = fetchFromGitHub { owner = "ikalchev"; repo = pname; rev = "v${version}"; - sha256 = "07s1kjm9cz4m4ksj506la1ks3dq2b5mk412rjj9rpj98b0mxrr84"; + sha256 = "1qg38lfjby2xfm09chzc40a7i3b84kgyfs7g4xq8f5m8s39hg6d7"; }; disabled = !isPy3k; @@ -23,20 +23,20 @@ buildPythonPackage rec { zeroconf ]; - checkInputs = [ pytest ]; + checkInputs = [ pytestCheckHook ]; - #disable tests needing network - checkPhase = '' - pytest -k 'not test_persist \ - and not test_setup_endpoints \ - and not test_auto_add_aid_mac \ - and not test_service_callbacks \ - and not test_send_events \ - and not test_not_standalone_aid \ - and not test_start_stop_async_acc \ - and not test_external_zeroconf \ - and not test_start_stop_sync_acc' - ''; + disabledTests = [ + #disable tests needing network + "test_persist" + "test_setup_endpoints" + "test_auto_add_aid_mac" + "test_service_callbacks" + "test_send_events" + "test_not_standalone_aid" + "test_start_stop_async_acc" + "test_external_zeroconf" + "test_start_stop_sync_acc" + ]; meta = with lib; { homepage = "https://github.com/ikalchev/HAP-python"; From 70e8dbcb1d3f5797963e2ab784267ba53ecb2364 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 30 Dec 2020 16:16:20 +0100 Subject: [PATCH 064/120] python3Packages.denonavr: 0.9.3 -> 0.9.9 Disable on Python 2.7, convert tests to pytestCheckHook. --- .../python-modules/denonavr/default.nix | 22 +++++++++++-------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/pkgs/development/python-modules/denonavr/default.nix b/pkgs/development/python-modules/denonavr/default.nix index 58099a98bdcb..3d047213f7f5 100644 --- a/pkgs/development/python-modules/denonavr/default.nix +++ b/pkgs/development/python-modules/denonavr/default.nix @@ -1,24 +1,28 @@ { lib, buildPythonPackage, fetchFromGitHub, isPy27, requests, netifaces -, pytest, testtools, requests-mock }: +, pytestCheckHook, testtools, requests-mock }: buildPythonPackage rec { pname = "denonavr"; - version = "0.9.3"; + version = "0.9.9"; + disabled = isPy27; src = fetchFromGitHub { owner = "scarface-4711"; repo = "denonavr"; rev = version; - sha256 = "0s8v918n6xn44r2mrq5hqbf0znpz64clq7a1jakkgz9py8bi6vnn"; + sha256 = "08zh8rdadmxcgr707if6g5k5j2xz21s6jrn4kxh1c7xqpgdfggd9"; }; - propagatedBuildInputs = [ requests netifaces ]; + propagatedBuildInputs = [ + requests + netifaces + ]; - doCheck = !isPy27; - checkInputs = [ pytest testtools requests-mock ]; - checkPhase = '' - pytest tests - ''; + checkInputs = [ + pytestCheckHook + testtools + requests-mock + ]; meta = with lib; { homepage = "https://github.com/scarface-4711/denonavr"; From 112dfd0e21d71a4665a5b492dfd291974f4c0c6b Mon Sep 17 00:00:00 2001 From: Jamie Magee Date: Wed, 30 Dec 2020 11:49:06 +0100 Subject: [PATCH 065/120] pythonPackages.python-tado: init at 0.9.0 --- .../python-modules/python-tado/default.nix | 26 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 2 files changed, 28 insertions(+) create mode 100644 pkgs/development/python-modules/python-tado/default.nix diff --git a/pkgs/development/python-modules/python-tado/default.nix b/pkgs/development/python-modules/python-tado/default.nix new file mode 100644 index 000000000000..98c03b893093 --- /dev/null +++ b/pkgs/development/python-modules/python-tado/default.nix @@ -0,0 +1,26 @@ +{ buildPythonPackage, fetchFromGitHub, lib, pytestCheckHook, pythonOlder, requests }: + +buildPythonPackage rec { + pname = "python-tado"; + version = "0.9.0"; + + disabled = pythonOlder "3.5"; + + src = fetchFromGitHub { + owner = "wmalgadey"; + repo = "PyTado"; + rev = version; + sha256 = "0cr5sxdvjgdrrlhl32rs8pwyay8liyi6prm37y66dn00b41cb5l3"; + }; + + propagatedBuildInputs = [ requests ]; + checkInputs = [ pytestCheckHook ]; + + meta = with lib; { + description = + "Python binding for Tado web API. Pythonize your central heating!"; + homepage = "https://github.com/wmalgadey/PyTado"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ jamiemagee ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 0ed56d685d5f..f39b5e445e19 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -4683,6 +4683,8 @@ in { python-openems = callPackage ../development/python-modules/python-openems { }; + python-tado = callPackage ../development/python-modules/python-tado { }; + pkutils = callPackage ../development/python-modules/pkutils { }; plac = callPackage ../development/python-modules/plac { }; From 7cce65f294d1a05264f2db1d991ad270534a8cf7 Mon Sep 17 00:00:00 2001 From: Jamie Magee Date: Wed, 30 Dec 2020 11:54:05 +0100 Subject: [PATCH 066/120] home-assistant: update component-packages --- pkgs/servers/home-assistant/component-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index 9135ea549f34..6d3b61510f30 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -811,7 +811,7 @@ "system_health" = ps: with ps; [ aiohttp-cors ]; "system_log" = ps: with ps; [ aiohttp-cors ]; "systemmonitor" = ps: with ps; [ psutil ]; - "tado" = ps: with ps; [ ]; # missing inputs: python-tado + "tado" = ps: with ps; [ python-tado ]; "tag" = ps: with ps; [ ]; "tahoma" = ps: with ps; [ ]; # missing inputs: tahoma-api "tank_utility" = ps: with ps; [ ]; # missing inputs: tank_utility From a705611b294607de137c0e141a6fdfafd0a33863 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 30 Dec 2020 20:35:32 +0100 Subject: [PATCH 067/120] python3Packages.paho-mqtt: 1.5.0 -> 1.5.1 --- pkgs/development/python-modules/paho-mqtt/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/paho-mqtt/default.nix b/pkgs/development/python-modules/paho-mqtt/default.nix index 977ba3cdeb8b..92f8f5d90f10 100644 --- a/pkgs/development/python-modules/paho-mqtt/default.nix +++ b/pkgs/development/python-modules/paho-mqtt/default.nix @@ -3,14 +3,14 @@ buildPythonPackage rec { pname = "paho-mqtt"; - version = "1.5.0"; + version = "1.5.1"; # No tests in PyPI tarball src = fetchFromGitHub { owner = "eclipse"; repo = "paho.mqtt.python"; rev = "v${version}"; - sha256 = "1fq5z53g2k18iiqnz5qq87vzjpppfza072nx0dwllmhimm2dskh5"; + sha256 = "1y537i6zxkjkmi80w5rvd18npz1jm5246i2x8p3q7ycx94i8ixs0"; }; postPatch = '' From 2d9c1ba1a412f3bc70852e3222b8a88b5c25d64a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Wed, 30 Dec 2020 21:36:40 +0100 Subject: [PATCH 068/120] netease-music-tui: Avoid string conversion --- pkgs/applications/audio/netease-music-tui/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/audio/netease-music-tui/default.nix b/pkgs/applications/audio/netease-music-tui/default.nix index 88e8ba6d0bc6..0322459685f2 100644 --- a/pkgs/applications/audio/netease-music-tui/default.nix +++ b/pkgs/applications/audio/netease-music-tui/default.nix @@ -7,7 +7,7 @@ rustPlatform.buildRustPackage rec { src = fetchFromGitHub { owner = "betta-cyber"; repo = "netease-music-tui"; - rev = "${version}"; + rev = version; sha256 = "0m5b3q493d32kxznm4apn56216l07b1c49km236i03mpfvdw7m1f"; }; From 226b3da90ef2ca03ee34c02d05dbbcced93e3857 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 30 Dec 2020 21:41:06 +0100 Subject: [PATCH 069/120] appdaemon: adjust requirements --- pkgs/servers/home-assistant/appdaemon.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/home-assistant/appdaemon.nix b/pkgs/servers/home-assistant/appdaemon.nix index ef92ff9550ff..4614e1d64cad 100644 --- a/pkgs/servers/home-assistant/appdaemon.nix +++ b/pkgs/servers/home-assistant/appdaemon.nix @@ -59,11 +59,15 @@ in python.pkgs.buildPythonApplication rec { --replace "deepdiff==4.3.1" "deepdiff" \ --replace "voluptuous==0.11.7" "voluptuous" \ --replace "astral==1.10.1" "astral" \ - --replace "python-socketio==4.4.0" "python-socketio" + --replace "python-socketio==4.4.0" "python-socketio" \ + --replace "feedparser==5.2.1" "feedparser>=5.2.1" \ + --replace "aiohttp_jinja2==1.2.0" "aiohttp_jinja2>=1.2.0" \ + --replace "pygments==2.6.1" "pygments>=2.6.1" \ + --replace "paho-mqtt==1.5.0" "paho-mqtt>=1.5.0" ''; meta = with lib; { - description = "Sandboxed python execution environment for writing automation apps for Home Assistant"; + description = "Sandboxed Python execution environment for writing automation apps for Home Assistant"; homepage = "https://github.com/home-assistant/appdaemon"; license = licenses.mit; maintainers = with maintainers; [ peterhoeg dotlambda ]; From 8791614955b405c80e9fe2030ec7f88540e2c44d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Xaver=20H=C3=B6rl?= Date: Wed, 30 Dec 2020 22:02:27 +0100 Subject: [PATCH 070/120] android-file-transfer: clarify that license is LGPL-2.1+ --- pkgs/tools/filesystems/android-file-transfer/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/filesystems/android-file-transfer/default.nix b/pkgs/tools/filesystems/android-file-transfer/default.nix index fc6bc43be025..b52099bdeab8 100644 --- a/pkgs/tools/filesystems/android-file-transfer/default.nix +++ b/pkgs/tools/filesystems/android-file-transfer/default.nix @@ -17,7 +17,7 @@ mkDerivation rec { meta = with stdenv.lib; { description = "Reliable MTP client with minimalistic UI"; homepage = "https://whoozle.github.io/android-file-transfer-linux/"; - license = licenses.lgpl21; + license = licenses.lgpl21Plus; maintainers = [ maintainers.xaverdh ]; platforms = platforms.linux; }; From 572a864d024b0c91ac39133f35364362b2376c07 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Wed, 30 Dec 2020 11:49:28 -0800 Subject: [PATCH 071/120] xfce.xfce4-namebar-plugin: fix build --- pkgs/desktops/xfce/panel-plugins/xfce4-namebar-plugin.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/xfce/panel-plugins/xfce4-namebar-plugin.nix b/pkgs/desktops/xfce/panel-plugins/xfce4-namebar-plugin.nix index fcd40462f6d6..5575bf585fce 100644 --- a/pkgs/desktops/xfce/panel-plugins/xfce4-namebar-plugin.nix +++ b/pkgs/desktops/xfce/panel-plugins/xfce4-namebar-plugin.nix @@ -1,4 +1,4 @@ -{ stdenv, pkgconfig, fetchFromGitHub, python2, vala_0_46 +{ stdenv, pkgconfig, fetchFromGitHub, python3, vala_0_46 , gtk3, libwnck3, libxfce4util, xfce4-panel, wafHook, xfce }: stdenv.mkDerivation rec { @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { sha256 = "0l70f6mzkscsj4wr43wp5c0l2qnf85vj24cv02bjrh3bzz6wkak8"; }; - nativeBuildInputs = [ pkgconfig vala_0_46 wafHook ]; + nativeBuildInputs = [ pkgconfig vala_0_46 wafHook python3 ]; buildInputs = [ gtk3 libwnck3 libxfce4util xfce4-panel ]; postPatch = '' From 06edbabe06c47e529bc105bd7fa48fa21bc31738 Mon Sep 17 00:00:00 2001 From: Otavio Salvador Date: Thu, 19 Nov 2020 21:41:26 -0300 Subject: [PATCH 072/120] nixos/shellhub-agent: initial service expression This provides the service to configure the ShellHub Agent. Signed-off-by: Otavio Salvador --- nixos/modules/module-list.nix | 1 + .../services/networking/shellhub-agent.nix | 91 +++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 nixos/modules/services/networking/shellhub-agent.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 3b67a8574938..c8909fdc0d4d 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -742,6 +742,7 @@ ./services/networking/skydns.nix ./services/networking/shadowsocks.nix ./services/networking/shairport-sync.nix + ./services/networking/shellhub-agent.nix ./services/networking/shorewall.nix ./services/networking/shorewall6.nix ./services/networking/shout.nix diff --git a/nixos/modules/services/networking/shellhub-agent.nix b/nixos/modules/services/networking/shellhub-agent.nix new file mode 100644 index 000000000000..4ce4b8250bc3 --- /dev/null +++ b/nixos/modules/services/networking/shellhub-agent.nix @@ -0,0 +1,91 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.services.shellhub-agent; +in { + + ###### interface + + options = { + + services.shellhub-agent = { + + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable the ShellHub Agent daemon, which allows + secure remote logins. + ''; + }; + + package = mkOption { + type = types.package; + default = pkgs.shellhub-agent; + defaultText = "pkgs.shellhub-agent"; + description = '' + Which ShellHub Agent package to use. + ''; + }; + + tenantId = mkOption { + type = types.str; + example = "ba0a880c-2ada-11eb-a35e-17266ef329d6"; + description = '' + The tenant ID to use when connecting to the ShellHub + Gateway. + ''; + }; + + server = mkOption { + type = types.str; + default = "https://cloud.shellhub.io"; + description = '' + Server address of ShellHub Gateway to connect. + ''; + }; + + privateKey = mkOption { + type = types.path; + default = "/var/lib/shellhub-agent/private.key"; + description = '' + Location where to store the ShellHub Agent private + key. + ''; + }; + }; + }; + + ###### implementation + + config = mkIf cfg.enable { + + systemd.services.shellhub-agent = { + description = "ShellHub Agent"; + + wantedBy = [ "multi-user.target" ]; + requires = [ "local-fs.target" ]; + wants = [ "network-online.target" ]; + after = [ + "local-fs.target" + "network.target" + "network-online.target" + "time-sync.target" + ]; + + environment.SERVER_ADDRESS = cfg.server; + environment.PRIVATE_KEY = cfg.privateKey; + environment.TENANT_ID = cfg.tenantId; + + serviceConfig = { + # The service starts sessions for different users. + User = "root"; + Restart = "on-failure"; + ExecStart = "${cfg.package}/bin/agent"; + }; + }; + + environment.systemPackages = [ cfg.package ]; + }; +} From eee6f0a3633f8c56ab58454cb374f468366863c9 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Thu, 31 Dec 2020 08:43:30 +1000 Subject: [PATCH 073/120] youtube-dl: 2020.12.29 -> 2020.12.31 https://github.com/ytdl-org/youtube-dl/releases/tag/2020.12.31 --- pkgs/tools/misc/youtube-dl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/youtube-dl/default.nix b/pkgs/tools/misc/youtube-dl/default.nix index abb17946fbbe..c407637599d2 100644 --- a/pkgs/tools/misc/youtube-dl/default.nix +++ b/pkgs/tools/misc/youtube-dl/default.nix @@ -18,11 +18,11 @@ buildPythonPackage rec { # The websites youtube-dl deals with are a very moving target. That means that # downloads break constantly. Because of that, updates should always be backported # to the latest stable release. - version = "2020.12.29"; + version = "2020.12.31"; src = fetchurl { url = "https://yt-dl.org/downloads/${version}/${pname}-${version}.tar.gz"; - sha256 = "1hcr3mf63csp6lfpqszl5ibb2jhyl180s6pvbb7771jg0kdvlbbb"; + sha256 = "0ncqkzzaasda2hd89psgc0j34r2jinn1dcsfcapzrsd902qghkh9"; }; nativeBuildInputs = [ installShellFiles makeWrapper ]; From 76a7064097dd9a3a339dcc1504d6d1f9fb37e8ad Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 15:47:53 -0500 Subject: [PATCH 074/120] python39Packages.imageio-ffmpeg: fix for python3.9 --- .../python-modules/imageio-ffmpeg/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/imageio-ffmpeg/default.nix b/pkgs/development/python-modules/imageio-ffmpeg/default.nix index d9991ee7845f..db59ba70bb26 100644 --- a/pkgs/development/python-modules/imageio-ffmpeg/default.nix +++ b/pkgs/development/python-modules/imageio-ffmpeg/default.nix @@ -1,6 +1,7 @@ { lib , buildPythonPackage , fetchPypi +, fetchpatch , isPy3k }: @@ -9,9 +10,15 @@ buildPythonPackage rec { version = "0.4.2"; src = fetchPypi { - sha256 = "13b05b17a941a9f4a90b16910b1ffac159448cff051a153da8ba4b4343ffa195"; inherit pname version; + sha256 = "13b05b17a941a9f4a90b16910b1ffac159448cff051a153da8ba4b4343ffa195"; }; + patches = [ (fetchpatch { + # Fixes compatibility with python3.9 + # Should be included in the next release after 0.4.2 + url = "https://github.com/imageio/imageio-ffmpeg/pull/43/commits/b90c39fe3d29418d67d953588ed9fdf4d848f811.patch"; + sha256 = "0d9kf4w6ldwag3s2dr9zjin6wrj66fnl4fn8379ci4q4qfsqgx3f"; + })]; disabled = !isPy3k; From 7b90b3737fab03bb7aef59a61739b064b407d070 Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 15:48:29 -0500 Subject: [PATCH 075/120] python3Packages.fiona: unbreak build --- pkgs/development/python-modules/fiona/default.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/fiona/default.nix b/pkgs/development/python-modules/fiona/default.nix index 0e90bb10f956..665bb0c8df0e 100644 --- a/pkgs/development/python-modules/fiona/default.nix +++ b/pkgs/development/python-modules/fiona/default.nix @@ -41,9 +41,7 @@ buildPythonPackage rec { checkPhase = '' rm -r fiona # prevent importing local fiona # Some tests access network, others test packaging - pytest -k "not test_*_http \ - and not test_*_https \ - and not test_*_wheel" + pytest -k "not (http or https or wheel)" ''; meta = with lib; { From 23e230b8ebb08e901b4a6fcaf02231aaddd2e8d0 Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 15:48:51 -0500 Subject: [PATCH 076/120] python3Packages.imbalanced-learn: unbreak build --- .../imbalanced-learn/default.nix | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/pkgs/development/python-modules/imbalanced-learn/default.nix b/pkgs/development/python-modules/imbalanced-learn/default.nix index 1cb3dc2a7b9e..21018518ca28 100644 --- a/pkgs/development/python-modules/imbalanced-learn/default.nix +++ b/pkgs/development/python-modules/imbalanced-learn/default.nix @@ -1,7 +1,6 @@ { stdenv, buildPythonPackage, fetchPypi, isPy27 -, nose , pandas -, pytest +, pytestCheckHook , scikitlearn , tensorflow }: @@ -17,16 +16,17 @@ buildPythonPackage rec { }; propagatedBuildInputs = [ scikitlearn ]; - checkInputs = [ nose pytest pandas ]; - checkPhase = '' + checkInputs = [ pytestCheckHook pandas ]; + preCheck = '' export HOME=$TMPDIR - # skip some tests that fail because of minimal rounding errors - # or very large dependencies (keras + tensorflow) - py.test imblearn -k 'not estimator \ - and not classification \ - and not _generator \ - and not show_versions' ''; + disabledTests = [ + "estimator" + "classification" + "_generator" + "show_versions" + "test_make_imbalanced_iris" + ]; meta = with stdenv.lib; { description = "Library offering a number of re-sampling techniques commonly used in datasets showing strong between-class imbalance"; From 9e5c99331b074ee8c376e142e02a2b7559deba3b Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 15:49:09 -0500 Subject: [PATCH 077/120] python39Packages.typing-inspect: mark as broken --- pkgs/development/python-modules/typing-inspect/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/python-modules/typing-inspect/default.nix b/pkgs/development/python-modules/typing-inspect/default.nix index 849b56d2d0c2..569096cb466c 100644 --- a/pkgs/development/python-modules/typing-inspect/default.nix +++ b/pkgs/development/python-modules/typing-inspect/default.nix @@ -3,6 +3,7 @@ , fetchPypi , typing-extensions , mypy-extensions +, isPy39 }: buildPythonPackage rec { @@ -25,5 +26,6 @@ buildPythonPackage rec { homepage = "https://github.com/ilevkivskyi/typing_inspect"; license = licenses.mit; maintainers = with maintainers; [ albakham ]; + broken = isPy39; # see https://github.com/ilevkivskyi/typing_inspect/issues/65 }; } From 1a75fd39405d42d1daccf51cf1d031f44ef1e06a Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Tue, 29 Dec 2020 21:15:19 -0500 Subject: [PATCH 078/120] python3Packages.clifford: unbreak with h5py>=3 --- pkgs/development/python-modules/clifford/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkgs/development/python-modules/clifford/default.nix b/pkgs/development/python-modules/clifford/default.nix index 9fe60ba55da8..68ac9e45bb4b 100644 --- a/pkgs/development/python-modules/clifford/default.nix +++ b/pkgs/development/python-modules/clifford/default.nix @@ -1,6 +1,7 @@ { lib , buildPythonPackage , fetchPypi +, fetchpatch , isPy27 , future , h5py @@ -21,6 +22,12 @@ buildPythonPackage rec { inherit pname version; sha256 = "ade11b20d0631dfc9c2f18ce0149f1e61e4baf114108b27cfd68e5c1619ecc0c"; }; + patches = [ (fetchpatch { + # Compatibility with h5py 3. + # Will be included in the next releasse after 1.3.1 + url = "https://github.com/pygae/clifford/pull/388/commits/955d141662c68d3d61aa50a162b39e656684c208.patch"; + sha256 = "00m8ias58xycn5n78sy9wywf4wck1v0gb8gzmg40inzdiha93jyz"; + }) ]; propagatedBuildInputs = [ future From 107c9a790901e38ce132df3e068b6d5889ca663f Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Wed, 30 Dec 2020 17:44:57 -0500 Subject: [PATCH 079/120] python3Packages.geopandas: fix build with fiona >= 1.8.16 --- .../python-modules/geopandas/default.nix | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/pkgs/development/python-modules/geopandas/default.nix b/pkgs/development/python-modules/geopandas/default.nix index 200dfffa562b..bd38d2663bc2 100644 --- a/pkgs/development/python-modules/geopandas/default.nix +++ b/pkgs/development/python-modules/geopandas/default.nix @@ -1,6 +1,6 @@ { stdenv, buildPythonPackage, fetchFromGitHub, isPy27 , pandas, shapely, fiona, descartes, pyproj -, pytest, Rtree, fetchpatch }: +, pytestCheckHook, Rtree, fetchpatch }: buildPythonPackage rec { pname = "geopandas"; @@ -20,13 +20,18 @@ buildPythonPackage rec { url = "https://github.com/geopandas/geopandas/pull/1544/commits/6ce868a33a2f483b071089d51e178030fa4414d0.patch"; sha256 = "1sjgxrqgbhz5krx51hrv230ywszcdl6z8q3bj6830kfad8n8b5dq"; }) + # Fix GeoJSON for Fiona>=1.8.16 (Sep. 7, 2020). + # https://github.com/geopandas/geopandas/issues/1606 + # Will be included in next upstream release after 0.8.1 + (fetchpatch { + url = "https://github.com/geopandas/geopandas/commit/72427d3d8c128039bfce1d54a76c0b652887b276.patch"; + sha256 = "1726mrpddgmba0ngff73a5bsb6ywpsg63a2pdd2grp9339bgvi4a"; + }) ]; - checkInputs = [ pytest Rtree ]; - - checkPhase = '' - py.test geopandas -m "not web" - ''; + checkInputs = [ pytestCheckHook Rtree ]; + disabledTests = [ "web" ]; + pytestFlagsArray = [ "geopandas" ]; propagatedBuildInputs = [ pandas From 5c90064e138f5ecbae2aa228a06749ab219cc815 Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Wed, 30 Dec 2020 18:04:08 -0500 Subject: [PATCH 080/120] python3Packages.datashader: unbreak build with pyct==0.48 --- pkgs/development/python-modules/datashader/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkgs/development/python-modules/datashader/default.nix b/pkgs/development/python-modules/datashader/default.nix index 233aac688abd..c49e2e30b809 100644 --- a/pkgs/development/python-modules/datashader/default.nix +++ b/pkgs/development/python-modules/datashader/default.nix @@ -1,6 +1,7 @@ { lib , buildPythonPackage , fetchPypi +, fetchpatch , dask , distributed , bokeh @@ -36,6 +37,12 @@ buildPythonPackage rec { inherit pname version; sha256 = "b1f80415f72f92ccb660aaea7b2881ddd35d07254f7c44101709d42e819d6be6"; }; + patches = [ (fetchpatch { + # Unpins pyct==0.46 (Sep. 11, 2020). + # Will be incorporated into the next datashader release after 0.11.1 + url = "https://github.com/holoviz/datashader/pull/960/commits/d7a462fa399106c34fd0d44505a8a73789dbf874.patch"; + sha256 = "1wqsk9dpxnkxr49fa7y5q6ahin80cvys05lnirs2w2p1dja35y4x"; + })]; propagatedBuildInputs = [ dask From 7f213306f938e8a9bddd925f166a1a0ba278efe7 Mon Sep 17 00:00:00 2001 From: "Robert T. McGibbon" Date: Wed, 30 Dec 2020 18:18:47 -0500 Subject: [PATCH 081/120] python3Packages.flower: mark as broken by celery 5.0 --- pkgs/development/python-modules/flower/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/python-modules/flower/default.nix b/pkgs/development/python-modules/flower/default.nix index b31cbc7424d9..605d08d1258e 100644 --- a/pkgs/development/python-modules/flower/default.nix +++ b/pkgs/development/python-modules/flower/default.nix @@ -22,6 +22,7 @@ buildPythonPackage rec { # rely on using example programs (flowers/examples/tasks.py) which # are not part of the distribution rm tests/load.py + substituteInPlace requirements/default.txt --replace "prometheus_client==0.8.0" "prometheus_client>=0.8.0" ''; propagatedBuildInputs = [ @@ -39,5 +40,6 @@ buildPythonPackage rec { homepage = "https://github.com/mher/flower"; license = licenses.bsdOriginal; maintainers = [ maintainers.arnoldfarkas ]; + broken = (celery.version == "5.0.2"); # currently broken with celery>=5.0 by https://github.com/mher/flower/pull/1021 }; } From cf81348264b3de6cc45cecac8455ca57e4365c26 Mon Sep 17 00:00:00 2001 From: Michael Del Casino <64436441+asm-volatile@users.noreply.github.com> Date: Wed, 30 Dec 2020 18:41:07 -0500 Subject: [PATCH 082/120] CUDA Toolkit 11.1.1 for 455.83 Driver in 20.0.9 NixOS 20.0.9's default NVIDIA video driver version is 455.38, which supports CUDA 11.1.1. **Things to note:** - [ ] Users with nvtop installed may need to upgrade their nvtop installation due to caching behavior --- pkgs/development/compilers/cudatoolkit/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkgs/development/compilers/cudatoolkit/default.nix b/pkgs/development/compilers/cudatoolkit/default.nix index cd4af47a21e3..b22d2b286713 100644 --- a/pkgs/development/compilers/cudatoolkit/default.nix +++ b/pkgs/development/compilers/cudatoolkit/default.nix @@ -145,6 +145,14 @@ in rec { gcc = gcc9; }; + + cudatoolkit_11_1 = common { + version = "11.1.1"; + url = "https://developer.download.nvidia.com/compute/cuda/11.1.1/local_installers/cuda_11.1.1_455.32.00_linux.run"; + sha256 = "13yxv2fgvdnqqbwh1zb80x4xhyfkbajfkwyfpdg9493010kngbiy"; + + gcc = gcc9; + }; - cudatoolkit_11 = cudatoolkit_11_0; + cudatoolkit_11 = cudatoolkit_11_1; } From 6a31b399699fad48b64e9798f67579825b333d95 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Thu, 31 Dec 2020 00:45:18 +0000 Subject: [PATCH 083/120] urh: 2.9.0 -> 2.9.1 --- pkgs/applications/radio/urh/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/radio/urh/default.nix b/pkgs/applications/radio/urh/default.nix index 5411571113d5..3a51f77d7bd6 100644 --- a/pkgs/applications/radio/urh/default.nix +++ b/pkgs/applications/radio/urh/default.nix @@ -5,13 +5,13 @@ python3Packages.buildPythonApplication rec { pname = "urh"; - version = "2.9.0"; + version = "2.9.1"; src = fetchFromGitHub { owner = "jopohl"; repo = pname; rev = "v${version}"; - sha256 = "1pcyj1vzv51j8rgi0hh9chw3vfkfi03bg1rg7gs4nk95ffmwx4pd"; + sha256 = "0s8zlq2bx6hp8c522rkxj9kbkf3a0qj6iyg7q9dcxmcl3q2sanq9"; }; nativeBuildInputs = [ qt5.wrapQtAppsHook ]; From 91d52e62d54cfe365e7b8f0df0e00a8446783f43 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lio=E6=9D=8E=E6=AD=90?= Date: Wed, 30 Dec 2020 17:13:12 -0800 Subject: [PATCH 084/120] netperf: fix Darwin build This fixes the following build error on Darwin: ``` In file included from ./src/libsmbios_c/common/libsmbios_c_source.h:37: ./src/libsmbios_c/common/select_platform_config.h:16:7: error: "Unknown platform - please report to libsmbios maintainer." # error "Unknown platform - please report to libsmbios maintainer." ^ 1 error generated. make[1]: *** [Makefile:1728: src/libsmbios_c/common/out_libsmbios_c_la-common.lo] Error 1 ``` Per the netperf doc, `libsmbios` is only used on Linux. --- pkgs/applications/networking/netperf/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/netperf/default.nix b/pkgs/applications/networking/netperf/default.nix index c2e51ee743b5..47693cc97f1c 100644 --- a/pkgs/applications/networking/netperf/default.nix +++ b/pkgs/applications/networking/netperf/default.nix @@ -11,7 +11,7 @@ stdenv.mkDerivation { sha256 = "1wbbgdvhadd3qs3afv6i777argdpcyxkwz4yv6aqp223n8ki6dm8"; }; - buildInputs = stdenv.lib.optional (stdenv.hostPlatform.isx86) libsmbios; + buildInputs = stdenv.lib.optional (with stdenv.hostPlatform; isx86 && isLinux) libsmbios; nativeBuildInputs = [ autoreconfHook ]; autoreconfPhase = '' autoreconf -i -I src/missing/m4 @@ -24,7 +24,7 @@ stdenv.mkDerivation { homepage = "http://www.netperf.org/netperf/"; license = "Hewlett-Packard BSD-like license"; - platforms = stdenv.lib.platforms.linux; + platforms = stdenv.lib.platforms.unix; maintainers = [ stdenv.lib.maintainers.mmlb ]; }; } From 119e770ca3a2f23c133099ed98ea768cd2091840 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Thu, 31 Dec 2020 10:48:27 +1000 Subject: [PATCH 085/120] gitAndTools.delta: 0.4.5 -> 0.5.0 https://github.com/dandavison/delta/releases/tag/0.5.0 --- .../version-management/git-and-tools/delta/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/version-management/git-and-tools/delta/default.nix b/pkgs/applications/version-management/git-and-tools/delta/default.nix index 0fa30651170a..f44987037aab 100644 --- a/pkgs/applications/version-management/git-and-tools/delta/default.nix +++ b/pkgs/applications/version-management/git-and-tools/delta/default.nix @@ -9,16 +9,16 @@ rustPlatform.buildRustPackage rec { pname = "delta"; - version = "0.4.5"; + version = "0.5.0"; src = fetchFromGitHub { owner = "dandavison"; repo = pname; rev = version; - sha256 = "0rh902h76pn7ja5zizlfklmwcyyki4b0v4irw1j40cjjnah75ljp"; + sha256 = "134dhkk6ckhk6pb2hmfy1q2hkb8d1fkhbshw9qzbnp0qwbv3wgqj"; }; - cargoSha256 = "1rniihx1rb18n2bp4b2yhn4ayih5cbcyqmiv6jckas7jwrgk6wra"; + cargoSha256 = "0633g8jyhmhs33cdspa46gvmnzl2jfwxylmjfhsvbxznzygb4dw3"; nativeBuildInputs = [ installShellFiles ]; From 3c4f8e89c1e2367906e41e4e2d6e0caf19c49e80 Mon Sep 17 00:00:00 2001 From: Vincent Haupert Date: Thu, 31 Dec 2020 03:00:02 +0100 Subject: [PATCH 086/120] any-nix-shell: 1.1.0 -> 1.2.0 --- pkgs/shells/any-nix-shell/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/shells/any-nix-shell/default.nix b/pkgs/shells/any-nix-shell/default.nix index bab39aef2441..cfd000d84c66 100644 --- a/pkgs/shells/any-nix-shell/default.nix +++ b/pkgs/shells/any-nix-shell/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "any-nix-shell"; - version = "1.1.0"; + version = "1.2.0"; src = fetchFromGitHub { owner = "haslersn"; repo = "any-nix-shell"; rev = "v${version}"; - sha256 = "02cv86csk1m8nlh2idvh7bjw43lpssmdawya2jhr4bam2606yzdv"; + sha256 = "05xixgsdfv0qk648r74nvazw16dpw49ryz8dax9kwmhqrgkjaqv6"; }; nativeBuildInputs = [ makeWrapper ]; From 6e21df7d507201daaff3e8e83a9759fa8e4954e3 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 20:13:15 -0500 Subject: [PATCH 087/120] python3Packages.botocore: 1.19.44 -> 1.19.46 --- pkgs/development/python-modules/botocore/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/botocore/default.nix b/pkgs/development/python-modules/botocore/default.nix index 69666938301b..23f3b701ca96 100644 --- a/pkgs/development/python-modules/botocore/default.nix +++ b/pkgs/development/python-modules/botocore/default.nix @@ -12,11 +12,11 @@ buildPythonPackage rec { pname = "botocore"; - version = "1.19.44"; # N.B: if you change this, change boto3 and awscli to a matching version + version = "1.19.46"; # N.B: if you change this, change boto3 and awscli to a matching version src = fetchPypi { inherit pname version; - sha256 = "sha256-dyXgjJWulsTb2VXLSuRKDAbT5B92p/6wqUHCekTGMRM="; + sha256 = "sha256-hcppFa1Ucef2zRsAYQt0YB0pcMv46bG/JVaXFUz2IaM="; }; propagatedBuildInputs = [ From f224a023bab0aa924f0fab715f4a7f0c31c2db34 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 20:13:28 -0500 Subject: [PATCH 088/120] python3Packages.boto3: 1.16.44 -> 1.16.46 --- pkgs/development/python-modules/boto3/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/boto3/default.nix b/pkgs/development/python-modules/boto3/default.nix index f259ea6a7891..35017af08bd4 100644 --- a/pkgs/development/python-modules/boto3/default.nix +++ b/pkgs/development/python-modules/boto3/default.nix @@ -13,7 +13,7 @@ buildPythonPackage rec { pname = "boto3"; - version = "1.16.44"; # N.B: if you change this, change botocore too + version = "1.16.46"; # N.B: if you change this, change botocore too src = fetchPypi { inherit pname version; From 163f19bad8468882490477ae10bb0703517d3944 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 20:16:09 -0500 Subject: [PATCH 089/120] awscli: 1.18.204 -> 1.18.206 --- pkgs/tools/admin/awscli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/admin/awscli/default.nix b/pkgs/tools/admin/awscli/default.nix index 9c7f9936e592..2d995e6c1810 100644 --- a/pkgs/tools/admin/awscli/default.nix +++ b/pkgs/tools/admin/awscli/default.nix @@ -28,11 +28,11 @@ let in with py.pkgs; buildPythonApplication rec { pname = "awscli"; - version = "1.18.204"; # N.B: if you change this, change botocore to a matching version too + version = "1.18.206"; # N.B: if you change this, change botocore to a matching version too src = fetchPypi { inherit pname version; - sha256 = "sha256-YAyqRJbETCagcME63dt5b9WDRj6tq8Gdwk6qyAd86lE="; + sha256 = "sha256-+BEiIuhZ0L8WXNN0hkOMVH2eTojyAiuj3zahuiGkx7I="; }; postPatch = '' From f62c0b45f1ff9937dc857ab56dddfd7325341531 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Thu, 31 Dec 2020 01:21:28 +0000 Subject: [PATCH 090/120] =?UTF-8?q?oh-my-zsh:=202020-12-28=20=E2=86=92=202?= =?UTF-8?q?020-12-30?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pkgs/shells/zsh/oh-my-zsh/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/shells/zsh/oh-my-zsh/default.nix b/pkgs/shells/zsh/oh-my-zsh/default.nix index 4e377218b73b..0b7485385dc9 100644 --- a/pkgs/shells/zsh/oh-my-zsh/default.nix +++ b/pkgs/shells/zsh/oh-my-zsh/default.nix @@ -5,15 +5,15 @@ , nix, nixfmt, jq, coreutils, gnused, curl, cacert }: stdenv.mkDerivation rec { - version = "2020-12-28"; + version = "2020-12-30"; pname = "oh-my-zsh"; - rev = "4b2431e8b1c08a2dc14fe31bf07a5e5f08eaa87e"; + rev = "a4a79eaa8cdf39f35dcd1753b973e830ff7b00b8"; src = fetchFromGitHub { inherit rev; owner = "ohmyzsh"; repo = "ohmyzsh"; - sha256 = "09776acglph64lg9x1f1ypglbbhknrqidq47zk95vksd1in8l3is"; + sha256 = "4L0G1ECFkwg7iytIvg2WQionf48a4LLGIKobopgMm4g="; }; installPhase = '' From d4f876cf3060e3cdb1c7d1913ec98003e9e396bf Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 21:12:20 -0500 Subject: [PATCH 091/120] linux: 4.19.163 -> 4.19.164 --- pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index b542fab118ba..d37fa3c19144 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.19.163"; + version = "4.19.164"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1z65iwwyx2b01fncygckmhpxirzs52qfqmv3agirn4laxgjw9viy"; + sha256 = "1amafhydq934a04pizc5w4h4y4ny982zn33yrz7q0h2d6sskmyp5"; }; } // (args.argsOverride or {})) From 3785b180bab6a8170db6ef768bb4b616a4133700 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 21:15:02 -0500 Subject: [PATCH 092/120] linux: 5.10.3 -> 5.10.4 --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index 783e7cf2d968..abe28da81269 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.10.3"; + version = "5.10.4"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "09cml495fnf52lhlkjxjznw34q5s8arvq7shkb6wjq6fwlrk65gr"; + sha256 = "1v2nbpp21c3fkw23dgrrfznnnlvi0538kj8wrlb2m6g94rn3jklh"; }; } // (args.argsOverride or {})) From 685d4640a0a63b21eb65df4b67f93a01035d61d2 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 21:17:42 -0500 Subject: [PATCH 093/120] linux: 5.4.85 -> 5.4.86 --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index 0d504ff334a4..a5db9e7f6d1f 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.4.85"; + version = "5.4.86"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0220k327aa7gg48fqw171mcng8h717c4a1v14r3q36ksirnmiqqx"; + sha256 = "12qf7gza94s4f7smi3dk6i6hqcz0fbc64ghapan57fgpdvybadpb"; }; } // (args.argsOverride or {})) From 334018553b09fb81a2cb5ede287ce69ff18ce966 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 21:18:43 -0500 Subject: [PATCH 094/120] linux/hardened/patches/4.14: 4.14.212.a -> 4.14.213.a --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 0ea36ce8f440..2a236708f1f0 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,8 +1,8 @@ { "4.14": { - "name": "linux-hardened-4.14.212.a.patch", - "sha256": "068grrkygd6klv4zx3jghk987bl0v7g5g5911a2irllpsjv55rna", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.212.a/linux-hardened-4.14.212.a.patch" + "name": "linux-hardened-4.14.213.a.patch", + "sha256": "0lkjgg6cbsaiypxij7p00q3y094qf0h172hc2p7wgy39777b45a7", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.213.a/linux-hardened-4.14.213.a.patch" }, "4.19": { "name": "linux-hardened-4.19.163.a.patch", From 8ed3ba45f56eee1922f1b465a76eb4bfcef1ff97 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 21:18:46 -0500 Subject: [PATCH 095/120] linux/hardened/patches/4.19: 4.19.163.a -> 4.19.164.a --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 2a236708f1f0..568585738096 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -5,9 +5,9 @@ "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.213.a/linux-hardened-4.14.213.a.patch" }, "4.19": { - "name": "linux-hardened-4.19.163.a.patch", - "sha256": "0p8y9r1f3blsqrakxy4yp73sff0i0k43cwp5rg4ry3apnzfly1a4", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.163.a/linux-hardened-4.19.163.a.patch" + "name": "linux-hardened-4.19.164.a.patch", + "sha256": "0fzv2sjmf0dmhzp58yr4ggzi3pxbjjhbhmav46pv98rbdm2vjwvk", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.164.a/linux-hardened-4.19.164.a.patch" }, "5.4": { "name": "linux-hardened-5.4.85.a.patch", From 5f4c27eb77ae9bba38f81fb51ab3ce958d821006 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 21:18:49 -0500 Subject: [PATCH 096/120] linux/hardened/patches/5.10: init at 5.10.4.a --- pkgs/os-specific/linux/kernel/hardened/patches.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 568585738096..083f8521f165 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -9,6 +9,11 @@ "sha256": "0fzv2sjmf0dmhzp58yr4ggzi3pxbjjhbhmav46pv98rbdm2vjwvk", "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.164.a/linux-hardened-4.19.164.a.patch" }, + "5.10": { + "name": "linux-hardened-5.10.4.a.patch", + "sha256": "0apnmcis41vz5k74g1ssq0apwxzhl6zg31nyjbplilm3b068a1h4", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.4.a/linux-hardened-5.10.4.a.patch" + }, "5.4": { "name": "linux-hardened-5.4.85.a.patch", "sha256": "1ml9vpakhpxry29c4q0fz346ly7s3hwd7rasr4dzkgs71lm5a1sy", From 70a061bd6c5ff08c0f540e5f06cd1e91b717ce25 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Wed, 30 Dec 2020 21:18:51 -0500 Subject: [PATCH 097/120] linux/hardened/patches/5.4: 5.4.85.a -> 5.4.86.a --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 083f8521f165..00c0bb0d5d3c 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -15,9 +15,9 @@ "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.4.a/linux-hardened-5.10.4.a.patch" }, "5.4": { - "name": "linux-hardened-5.4.85.a.patch", - "sha256": "1ml9vpakhpxry29c4q0fz346ly7s3hwd7rasr4dzkgs71lm5a1sy", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.85.a/linux-hardened-5.4.85.a.patch" + "name": "linux-hardened-5.4.86.a.patch", + "sha256": "0j1wr6d42rbxd66vhsp9l3lp3nv0p1j0cpir9pxshd8w9zlbdy88", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.86.a/linux-hardened-5.4.86.a.patch" }, "5.9": { "name": "linux-hardened-5.9.16.a.patch", From fc086af382393e452ec663f3b0095443f6fe484d Mon Sep 17 00:00:00 2001 From: Michael Del Casino <64436441+asm-volatile@users.noreply.github.com> Date: Wed, 30 Dec 2020 21:35:22 -0500 Subject: [PATCH 098/120] Fix trailing whitespace --- pkgs/development/compilers/cudatoolkit/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkgs/development/compilers/cudatoolkit/default.nix b/pkgs/development/compilers/cudatoolkit/default.nix index b22d2b286713..b3b7b305fba6 100644 --- a/pkgs/development/compilers/cudatoolkit/default.nix +++ b/pkgs/development/compilers/cudatoolkit/default.nix @@ -145,12 +145,11 @@ in rec { gcc = gcc9; }; - + cudatoolkit_11_1 = common { version = "11.1.1"; url = "https://developer.download.nvidia.com/compute/cuda/11.1.1/local_installers/cuda_11.1.1_455.32.00_linux.run"; sha256 = "13yxv2fgvdnqqbwh1zb80x4xhyfkbajfkwyfpdg9493010kngbiy"; - gcc = gcc9; }; From f7c194204d3381bf35f06d70a1f04aad04a661c4 Mon Sep 17 00:00:00 2001 From: Evils Date: Thu, 31 Dec 2020 03:36:36 +0100 Subject: [PATCH 099/120] openocd: unstable-2020-11-11 -> 0.11.0-rc1 --- pkgs/development/tools/misc/openocd/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/misc/openocd/default.nix b/pkgs/development/tools/misc/openocd/default.nix index 5c8e95f7fd4b..bf50a380d1fc 100644 --- a/pkgs/development/tools/misc/openocd/default.nix +++ b/pkgs/development/tools/misc/openocd/default.nix @@ -10,12 +10,12 @@ stdenv.mkDerivation rec { pname = "openocd"; - version = "unstable-2020-11-11"; + version = "0.11.0-rc1"; src = fetchgit { url = "https://git.code.sf.net/p/openocd/code"; - rev = "06c7a53f1fff20bcc4be9e63f83ae98664777f34"; - sha256 = "0g0w7g94r88ylfpwswnhh8czlf5iqvd991ssn4gfcfd725lpdb01"; + rev = "v${version}"; + sha256 = "15g8qalyxhdp0imfrg8mxwnp0nimd836fc5laaavajw49gcm65m4"; fetchSubmodules = true; }; From 5b3e787c4e4c6743194607f361da94e2f5f92cdb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Wed, 30 Dec 2020 21:37:18 +0100 Subject: [PATCH 100/120] pythonPackages.pysvn: Fix python import check pysvn --- pkgs/development/python-modules/pysvn/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/pysvn/default.nix b/pkgs/development/python-modules/pysvn/default.nix index d56c10a9591e..0fca57cb2923 100644 --- a/pkgs/development/python-modules/pysvn/default.nix +++ b/pkgs/development/python-modules/pysvn/default.nix @@ -60,11 +60,11 @@ buildPythonPackage rec { sed -i "s|/bin/bash|${bash}/bin/bash|" ../Tests/test-*.sh make -C ../Tests + ${python.interpreter} -c "import pysvn" + runHook postCheck ''; - pythonImportCheck = [ "pysvn" ]; - installPhase = '' dest=$(toPythonPath $out)/pysvn mkdir -p $dest @@ -80,5 +80,4 @@ buildPythonPackage rec { homepage = "http://pysvn.tigris.org/"; license = licenses.asl20; }; - } From df2f2a6e82eb02b954c96b107e801489246ac13c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Wed, 30 Dec 2020 21:37:41 +0100 Subject: [PATCH 101/120] pythonPackages.vcver: Fix pythonImportsCheck --- pkgs/development/python-modules/vcver/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/vcver/default.nix b/pkgs/development/python-modules/vcver/default.nix index 74b44cddc464..a328cb104bc1 100644 --- a/pkgs/development/python-modules/vcver/default.nix +++ b/pkgs/development/python-modules/vcver/default.nix @@ -20,7 +20,7 @@ buildPythonPackage rec { # circular dependency on test tool uranium https://pypi.org/project/uranium/ doCheck = false; - pythonImportTests = [ "vcver" ]; + pythonImportsCheck = [ "vcver" ]; meta = with lib; { description = "Reference Implementation of vcver"; From 2ec3927c027c0071e2fe7ab44e2aacfd3cf291a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Wed, 30 Dec 2020 21:38:08 +0100 Subject: [PATCH 102/120] gospider: Avoid string conversion --- pkgs/tools/security/gospider/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/security/gospider/default.nix b/pkgs/tools/security/gospider/default.nix index 7211c65d536b..b7c94c940239 100644 --- a/pkgs/tools/security/gospider/default.nix +++ b/pkgs/tools/security/gospider/default.nix @@ -10,7 +10,7 @@ buildGoModule rec { src = fetchFromGitHub { owner = "jaeles-project"; repo = pname; - rev = "${version}"; + rev = version; sha256 = "03gl8y2047iwa6bhmayyds3li21wy3sw1x4hpp9zgqgi95039q86"; }; From 57993d0a9fe6cd06ae824e33d569d9a42e97eea8 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Wed, 30 Dec 2020 14:29:23 -0800 Subject: [PATCH 103/120] python3Packages.azure-mgmt-cdn: 5.2.0 -> 6.0.0 --- pkgs/development/python-modules/azure-mgmt-cdn/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/azure-mgmt-cdn/default.nix b/pkgs/development/python-modules/azure-mgmt-cdn/default.nix index 41d0387da2f4..b204add2b5e9 100644 --- a/pkgs/development/python-modules/azure-mgmt-cdn/default.nix +++ b/pkgs/development/python-modules/azure-mgmt-cdn/default.nix @@ -10,12 +10,12 @@ buildPythonPackage rec { pname = "azure-mgmt-cdn"; - version = "5.2.0"; + version = "6.0.0"; src = fetchPypi { inherit pname version; extension = "zip"; - sha256 = "3e470ba07918a4f97dadb6f50c6f64068da423b735fad38d31d9535c56f06881"; + sha256 = "590cd35c9f1556a2d93d93a88b5c5661f716de094f22db30f4d05dc58a131c84"; }; propagatedBuildInputs = [ From 5e73deb692205b8ecf1d646cb711d3b617c97a09 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Wed, 30 Dec 2020 14:29:23 -0800 Subject: [PATCH 104/120] python3Packages.azure-mgmt-loganalytics: 2.0.0 -> 7.0.0 --- .../python-modules/azure-mgmt-loganalytics/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/azure-mgmt-loganalytics/default.nix b/pkgs/development/python-modules/azure-mgmt-loganalytics/default.nix index 525a72a7009d..e6fd01f73478 100644 --- a/pkgs/development/python-modules/azure-mgmt-loganalytics/default.nix +++ b/pkgs/development/python-modules/azure-mgmt-loganalytics/default.nix @@ -7,16 +7,17 @@ , msrestazure , azure-common , azure-mgmt-nspkg +, azure-mgmt-core }: buildPythonPackage rec { pname = "azure-mgmt-loganalytics"; - version = "2.0.0"; + version = "7.0.0"; src = fetchPypi { inherit pname version; extension = "zip"; - sha256 = "947cada6e52fea6ecae7011d7532cf8edbe90250753a58749c473b863331fcc6"; + sha256 = "e603f9fc61b8d2f93d8814bcca012a8b425cf0c0320ddf1e84462929cf34d1af"; }; propagatedBuildInputs = [ @@ -24,6 +25,7 @@ buildPythonPackage rec { msrestazure azure-common azure-mgmt-nspkg + azure-mgmt-core ]; pythonNamespaces = [ "azure.mgmt" ]; From d22676f7ea2b0fe6a28957583412cd1065c89fb8 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Wed, 30 Dec 2020 14:29:23 -0800 Subject: [PATCH 105/120] python3Packages.azure-mgmt-recoveryservices: 0.5.0 -> 0.6.0 --- .../python-modules/azure-mgmt-recoveryservices/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/azure-mgmt-recoveryservices/default.nix b/pkgs/development/python-modules/azure-mgmt-recoveryservices/default.nix index 7f4de1a463b7..a0ee8f3ce9cd 100644 --- a/pkgs/development/python-modules/azure-mgmt-recoveryservices/default.nix +++ b/pkgs/development/python-modules/azure-mgmt-recoveryservices/default.nix @@ -10,12 +10,12 @@ buildPythonPackage rec { pname = "azure-mgmt-recoveryservices"; - version = "0.5.0"; + version = "0.6.0"; src = fetchPypi { inherit pname version; extension = "zip"; - sha256 = "3c90e6b2e358dbe6d5c6d7204955bdf52c3e977c6f8b727cbbb8811427d7fd52"; + sha256 = "203ebbd6b698a99975092a72d6d47285646a0264b9085fecef1e7b7c98c5d52e"; }; propagatedBuildInputs = [ From 6a8117d431d22a11ce610d87e6a53ebc3d0ac2e4 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Wed, 30 Dec 2020 14:29:23 -0800 Subject: [PATCH 106/120] python3Packages.azure-synapse-artifacts: 0.3.0 -> 0.4.0 --- .../python-modules/azure-synapse-artifacts/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/azure-synapse-artifacts/default.nix b/pkgs/development/python-modules/azure-synapse-artifacts/default.nix index 85ec70f704c7..f33df1fdbe8d 100644 --- a/pkgs/development/python-modules/azure-synapse-artifacts/default.nix +++ b/pkgs/development/python-modules/azure-synapse-artifacts/default.nix @@ -6,12 +6,12 @@ buildPythonPackage rec { pname = "azure-synapse-artifacts"; - version = "0.3.0"; + version = "0.4.0"; src = fetchPypi { inherit pname version; extension = "zip"; - sha256 = "0p43zmw96fh3wp75phf3fcqdfb36adqvxfc945yfda6fi555nw1a"; + sha256 = "09fd9cf8c25c901d2daf7e436062065ada866f212f371f9d66f394d39ccaa23b"; }; propagatedBuildInputs = [ From 48f33b78f34921354dbcee5f51ea005a94433799 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Wed, 30 Dec 2020 14:29:23 -0800 Subject: [PATCH 107/120] python3Packages.azure-synapse-spark: 0.3.0 -> 0.4.0 --- .../python-modules/azure-synapse-spark/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/azure-synapse-spark/default.nix b/pkgs/development/python-modules/azure-synapse-spark/default.nix index fb724e6dbfbc..571f3f9d08da 100644 --- a/pkgs/development/python-modules/azure-synapse-spark/default.nix +++ b/pkgs/development/python-modules/azure-synapse-spark/default.nix @@ -6,11 +6,11 @@ buildPythonPackage rec { pname = "azure-synapse-spark"; - version = "0.3.0"; + version = "0.4.0"; src = fetchPypi { inherit pname version; - sha256 = "fcfe559e30a2e159f07e371af28d18dc635dc55174fb3457be7210ce8e7e7559"; + sha256 = "7f5881fda4108363c8c6fdee0494fa067ba81e60f038883859d23fc197f5f286"; extension = "zip"; }; From 2d8d50a93a8df436b12905ec59481735b2ee2268 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Wed, 30 Dec 2020 14:45:12 -0800 Subject: [PATCH 108/120] python3Packages.azure-mgmt-databoxedge: init at 0.2.0 --- .../azure-mgmt-databoxedge/default.nix | 32 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 2 files changed, 34 insertions(+) create mode 100644 pkgs/development/python-modules/azure-mgmt-databoxedge/default.nix diff --git a/pkgs/development/python-modules/azure-mgmt-databoxedge/default.nix b/pkgs/development/python-modules/azure-mgmt-databoxedge/default.nix new file mode 100644 index 000000000000..317019844cb0 --- /dev/null +++ b/pkgs/development/python-modules/azure-mgmt-databoxedge/default.nix @@ -0,0 +1,32 @@ +{ lib, buildPythonPackage, fetchPypi +, msrestazure +, azure-common +}: + +buildPythonPackage rec { + pname = "azure-mgmt-databoxedge"; + version = "0.2.0"; + + src = fetchPypi { + inherit pname version; + extension = "zip"; + sha256 = "g8BtUpIGOse8Jrws48gQ/o7sgymlgX0XIxl1ThHS3XA="; + }; + + propagatedBuildInputs = [ + msrestazure + azure-common + ]; + + # no tests in pypi tarball + doCheck = false; + + pythonImportsCheck = [ "azure.mgmt.databoxedge" ]; + + meta = with lib; { + description = "Microsoft Azure Databoxedge Management Client Library for Python"; + homepage = "https://github.com/Azure/azure-sdk-for-python"; + license = licenses.mit; + maintainers = with maintainers; [ jonringer ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 9f1c6192bba9..cb5d8e784e9c 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -597,6 +597,8 @@ in { azure-mgmt-cosmosdb = callPackage ../development/python-modules/azure-mgmt-cosmosdb { }; + azure-mgmt-databoxedge = callPackage ../development/python-modules/azure-mgmt-databoxedge { }; + azure-mgmt-datafactory = callPackage ../development/python-modules/azure-mgmt-datafactory { }; azure-mgmt-datalake-analytics = callPackage ../development/python-modules/azure-mgmt-datalake-analytics { }; From 476a33da79c2c8257b1bcf3582da9a72ec0d5215 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Wed, 30 Dec 2020 14:33:08 -0800 Subject: [PATCH 109/120] azure-cli: 2.16.0 -> 2.17.0 --- pkgs/tools/admin/azure-cli/default.nix | 5 +++-- .../tools/admin/azure-cli/python-packages.nix | 20 +++++++++---------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/pkgs/tools/admin/azure-cli/default.nix b/pkgs/tools/admin/azure-cli/default.nix index 59b22f48f99e..4026effd6f67 100644 --- a/pkgs/tools/admin/azure-cli/default.nix +++ b/pkgs/tools/admin/azure-cli/default.nix @@ -1,12 +1,12 @@ { stdenv, lib, python3, fetchFromGitHub, installShellFiles }: let - version = "2.16.0"; + version = "2.17.0"; src = fetchFromGitHub { owner = "Azure"; repo = "azure-cli"; rev = "azure-cli-${version}"; - sha256 = "wuHPNpt5pizgAwxRxJpRBiX6keJpKRpHu6M5BpFUyeY="; + sha256 = "2QLPtZYZZ+W5xZH2hxFnjox31v3My3zocouqLWGWSYI="; }; # put packages that needs to be overriden in the py package scope @@ -67,6 +67,7 @@ py.pkgs.toPythonApplication (py.pkgs.buildAzureCliPackage { azure-mgmt-containerregistry azure-mgmt-containerservice azure-mgmt-cosmosdb + azure-mgmt-databoxedge azure-mgmt-datalake-analytics azure-mgmt-datalake-store azure-mgmt-datamigration diff --git a/pkgs/tools/admin/azure-cli/python-packages.nix b/pkgs/tools/admin/azure-cli/python-packages.nix index f5f661c8e9b9..ab417af8d445 100644 --- a/pkgs/tools/admin/azure-cli/python-packages.nix +++ b/pkgs/tools/admin/azure-cli/python-packages.nix @@ -125,8 +125,8 @@ let ''; }; - azure-batch = overrideAzureMgmtPackage super.azure-batch "9.0.0" "zip" - "112d73gxjqng348mcvi36ska6pxyg8qc3qswvhf5x4a0lr86zjj7"; + azure-batch = overrideAzureMgmtPackage super.azure-batch "10.0.0" "zip" + "83d7a2b0be42ca456ac2b56fa3dc6ce704c130e888d37d924072c1d3718f32d0"; azure-mgmt-apimanagement = overrideAzureMgmtPackage super.azure-mgmt-apimanagement "0.2.0" "zip" "0whx3s8ri9939r3pdvjf8iqcslas1xy6cnccidmp10r5ng0023vr"; @@ -158,8 +158,8 @@ let azure-mgmt-cognitiveservices = overrideAzureMgmtPackage super.azure-mgmt-cognitiveservices "6.3.0" "zip" "059lhbxqx1r1717s8xz5ahpxwphq5fgy0h7k6b63cahm818rs0hx"; - azure-mgmt-compute = overrideAzureMgmtPackage super.azure-mgmt-compute "14.0.0" "zip" - "0bvqv56plcgmnfyj0apphlbsn2vfm1a22idvy8y5npbfjz4zwja9"; + azure-mgmt-compute = overrideAzureMgmtPackage super.azure-mgmt-compute "18.0.0" "zip" + "34815c91193640ad8ff0c4dad7f2d997548c853d2e8b10250329ed516e55879e"; azure-mgmt-consumption = overrideAzureMgmtPackage super.azure-mgmt-consumption "2.0.0" "zip" "12ai4qps73ivawh0yzvgb148ksx02r30pqlvfihx497j62gsi1cs"; @@ -206,8 +206,8 @@ let azure-mgmt-loganalytics = overrideAzureMgmtPackage super.azure-mgmt-loganalytics "0.7.0" "zip" "18n2lqvrhq40gdqhlzzg8mc03571i02c7qq7jv771lc58rqpzysh"; - azure-mgmt-network = overrideAzureMgmtPackage super.azure-mgmt-network "13.0.0" "zip" - "02ac54fs4wqdwy986j9qyx6fbl5zmpkh1sykr9r6mqk1xx9l4jq8"; + azure-mgmt-network = overrideAzureMgmtPackage super.azure-mgmt-network "17.0.0" "zip" + "3694f2675e152afccb1588a6cc7bb4b4795d442a4e5d7082cdf1f4e32a779199"; azure-mgmt-media = overrideAzureMgmtPackage super.azure-mgmt-media "2.1.0" "zip" "1py0hch0wghzfxazdrrs7p0kln2zn9jh3fmkzwd2z8qggj38q6gm"; @@ -230,8 +230,8 @@ let azure-mgmt-search = overrideAzureMgmtPackage super.azure-mgmt-search "2.0.0" "zip" "14v8ja8har2xrb00v98610pqvakcdvnzw8hkd6wbr1np3f3dxi8f"; - azure-mgmt-security = overrideAzureMgmtPackage super.azure-mgmt-security "0.4.1" "zip" - "08gf401d40bd1kn9wmpxcjxqdh84cd9hxm8rdjd0918483sqs71r"; + azure-mgmt-security = overrideAzureMgmtPackage super.azure-mgmt-security "0.6.0" "zip" + "9f37d0151d730801222af111f0830905634795dbfd59ad1b89c35197421e74d3"; azure-mgmt-signalr = overrideAzureMgmtPackage super.azure-mgmt-signalr "0.4.0" "zip" "09n12ligh301z4xwixl50n8f1rgd2k6lpsxqzr6n6jvgkpdds0v5"; @@ -260,8 +260,8 @@ let azure-mgmt-cdn = overrideAzureMgmtPackage super.azure-mgmt-cdn "5.2.0" "zip" "10b8y1b5qlyr666x7yimnwis9386ciphrxdnmmyzk90qg6h0niry"; - azure-mgmt-containerregistry = overrideAzureMgmtPackage super.azure-mgmt-containerregistry "3.0.0rc15" "zip" - "1fnmdl3m7kdn6c2ws5vrm7nwadcbq9mgc6g5bg4s1a4xjb23q6vb"; + azure-mgmt-containerregistry = overrideAzureMgmtPackage super.azure-mgmt-containerregistry "3.0.0rc16" "zip" + "eT5gH0K4q2Qr1lEpuqjxQhOUrA6bEsAktj+PKsfMXTo="; azure-mgmt-monitor = overrideAzureMgmtPackage super.azure-mgmt-monitor "0.11.0" "zip" "05jhn66d4sl1qi6w34rqd8wl500jndismiwhdmzzmprdvn1zxqf6"; From d9c71767bd9c7c0f730c98f87f8a94b5f5b114c9 Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Wed, 30 Dec 2020 21:49:04 +0100 Subject: [PATCH 110/120] =?UTF-8?q?ocamlPackages.merlin:=203.4.0=20?= =?UTF-8?q?=E2=86=92=203.4.2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pkgs/development/tools/ocaml/merlin/default.nix | 2 +- pkgs/development/tools/ocaml/merlin/dot-merlin-reader.nix | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/ocaml/merlin/default.nix b/pkgs/development/tools/ocaml/merlin/default.nix index 34fcc9bb6c32..ce168084f2c6 100644 --- a/pkgs/development/tools/ocaml/merlin/default.nix +++ b/pkgs/development/tools/ocaml/merlin/default.nix @@ -4,7 +4,7 @@ buildDunePackage rec { pname = "merlin"; - inherit (dot-merlin-reader) src version; + inherit (dot-merlin-reader) src version useDune2; minimumOCamlVersion = "4.02.3"; diff --git a/pkgs/development/tools/ocaml/merlin/dot-merlin-reader.nix b/pkgs/development/tools/ocaml/merlin/dot-merlin-reader.nix index 7af1b4513a85..009998a3f851 100644 --- a/pkgs/development/tools/ocaml/merlin/dot-merlin-reader.nix +++ b/pkgs/development/tools/ocaml/merlin/dot-merlin-reader.nix @@ -4,13 +4,15 @@ with ocamlPackages; buildDunePackage rec { pname = "dot-merlin-reader"; - version = "3.4.0"; + version = "3.4.2"; + + useDune2 = true; minimumOCamlVersion = "4.02.1"; src = fetchurl { url = "https://github.com/ocaml/merlin/releases/download/v${version}/merlin-v${version}.tbz"; - sha256 = "048rkpbvayksv8mgmkgi17vv0y9xplv7v2ww4d1hs7bkm5zzsvg2"; + sha256 = "109ai1ggnkrwbzsl1wdalikvs1zx940m6n65jllxj68in6bvidz1"; }; buildInputs = [ yojson csexp result ]; From c2fca99f975c6656f7a7d1355ca098606380f2be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 31 Dec 2020 08:49:13 +0100 Subject: [PATCH 111/120] Revert "Merge branch 'master' into staging-next" This reverts commit f19b7b03a03b7f1d5beb44471eb9298de4b9e186, reversing changes made to 572a864d024b0c91ac39133f35364362b2376c07. Sorry. I pushed the wrong staging-next (the one that had my master merged in). This was not intended. --- nixos/doc/manual/man-nixos-rebuild.xml | 37 +- .../command-not-found/command-not-found.nix | 11 +- .../command-not-found/command-not-found.pl | 51 + .../programs/command-not-found/default.nix | 18 - .../command-not-found/rust/Cargo.lock | 131 -- .../command-not-found/rust/Cargo.toml | 10 - .../command-not-found/rust/src/main.rs | 52 - nixos/modules/services/databases/redis.nix | 6 +- .../modules/services/misc/home-assistant.nix | 28 - nixos/modules/services/misc/nix-daemon.nix | 7 +- nixos/modules/services/networking/privoxy.nix | 7 +- nixos/modules/services/security/tor.nix | 1398 +++++++---------- nixos/modules/services/system/nscd.nix | 41 +- .../services/web-servers/nginx/default.nix | 21 - .../activation/switch-to-configuration.pl | 11 +- nixos/modules/system/boot/stage-1.nix | 2 +- nixos/modules/tasks/filesystems.nix | 9 +- nixos/modules/virtualisation/amazon-image.nix | 2 +- nixos/tests/tor.nix | 2 +- .../0001-hardcode-json-file-path.patch | 35 - .../irc/weechat/scripts/wee-slack/default.nix | 8 +- .../wee-slack/hardcode-json-file-path.patch | 12 + pkgs/applications/video/iina/default.nix | 26 - .../python-modules/keystone/default.nix | 16 - .../python-modules/pyworld/default.nix | 31 - .../ruby-modules/with-packages/Gemfile | 13 + pkgs/os-specific/linux/sysdig/default.nix | 2 +- .../home-assistant/component-packages.nix | 2 +- .../home-assistant/parse-requirements.py | 6 - pkgs/servers/openafs/1.8/default.nix | 1 - pkgs/tools/audio/tts/default.nix | 13 - pkgs/tools/security/tor/default.nix | 16 - pkgs/tools/typesetting/tex/texlive/bin.nix | 6 +- .../tools/typesetting/tex/texlive/combine.nix | 2 +- .../tools/typesetting/tex/texlive/default.nix | 6 +- .../amazon-ec2-utils/default.nix | 42 - .../virtualization/ec2-utils/default.nix | 47 + pkgs/top-level/aliases.nix | 1 - pkgs/top-level/all-packages.nix | 4 +- pkgs/top-level/python-packages.nix | 6 - pkgs/top-level/ruby-packages.nix | 924 +++++------ 41 files changed, 1217 insertions(+), 1846 deletions(-) create mode 100644 nixos/modules/programs/command-not-found/command-not-found.pl delete mode 100644 nixos/modules/programs/command-not-found/default.nix delete mode 100644 nixos/modules/programs/command-not-found/rust/Cargo.lock delete mode 100644 nixos/modules/programs/command-not-found/rust/Cargo.toml delete mode 100644 nixos/modules/programs/command-not-found/rust/src/main.rs delete mode 100644 pkgs/applications/networking/irc/weechat/scripts/wee-slack/0001-hardcode-json-file-path.patch create mode 100644 pkgs/applications/networking/irc/weechat/scripts/wee-slack/hardcode-json-file-path.patch delete mode 100644 pkgs/applications/video/iina/default.nix delete mode 100644 pkgs/development/python-modules/keystone/default.nix delete mode 100644 pkgs/development/python-modules/pyworld/default.nix delete mode 100644 pkgs/tools/virtualization/amazon-ec2-utils/default.nix create mode 100644 pkgs/tools/virtualization/ec2-utils/default.nix diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index 4510fdd44225..d0ff81c1dbb3 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -112,18 +112,6 @@ path - - - - - - - - - - - - @@ -142,18 +130,6 @@ number - - - - - - - - - - - - @@ -591,19 +567,10 @@ In addition, nixos-rebuild accepts various Nix-related - flags: , / , + flags, including / , , , - , , and / - , , - , , - / , - / , - / and / + , , and / . See the Nix manual for details. - - The following Nix flags that are support by the upcoming nix 2.4 version: - , , , - , . See nix --help or nix build --help for details. diff --git a/nixos/modules/programs/command-not-found/command-not-found.nix b/nixos/modules/programs/command-not-found/command-not-found.nix index da09488d82c7..656c255fcb18 100644 --- a/nixos/modules/programs/command-not-found/command-not-found.nix +++ b/nixos/modules/programs/command-not-found/command-not-found.nix @@ -9,9 +9,17 @@ with lib; let cfg = config.programs.command-not-found; - commandNotFound = pkgs.callPackage ./. { + commandNotFound = pkgs.substituteAll { + name = "command-not-found"; + dir = "bin"; + src = ./command-not-found.pl; + isExecutable = true; + inherit (pkgs) perl; inherit (cfg) dbPath; + perlFlags = concatStrings (map (path: "-I ${path}/${pkgs.perl.libPrefix} ") + [ pkgs.perlPackages.DBI pkgs.perlPackages.DBDSQLite pkgs.perlPackages.StringShellQuote ]); }; + in { @@ -83,4 +91,5 @@ in environment.systemPackages = [ commandNotFound ]; }; + } diff --git a/nixos/modules/programs/command-not-found/command-not-found.pl b/nixos/modules/programs/command-not-found/command-not-found.pl new file mode 100644 index 000000000000..ab7aa204653c --- /dev/null +++ b/nixos/modules/programs/command-not-found/command-not-found.pl @@ -0,0 +1,51 @@ +#! @perl@/bin/perl -w @perlFlags@ + +use strict; +use DBI; +use DBD::SQLite; +use String::ShellQuote; +use Config; + +my $program = $ARGV[0]; + +my $dbPath = "@dbPath@"; + +my $dbh = DBI->connect("dbi:SQLite:dbname=$dbPath", "", "") + or die "cannot open database `$dbPath'"; +$dbh->{RaiseError} = 0; +$dbh->{PrintError} = 0; + +my $system = $ENV{"NIX_SYSTEM"} // $Config{myarchname}; + +my $res = $dbh->selectall_arrayref( + "select package from Programs where system = ? and name = ?", + { Slice => {} }, $system, $program); + +if (!defined $res || scalar @$res == 0) { + print STDERR "$program: command not found\n"; +} elsif (scalar @$res == 1) { + my $package = @$res[0]->{package}; + if ($ENV{"NIX_AUTO_INSTALL"} // "") { + print STDERR <{package}\n" foreach @$res; +} + +exit 127; diff --git a/nixos/modules/programs/command-not-found/default.nix b/nixos/modules/programs/command-not-found/default.nix deleted file mode 100644 index bbe949fa86a3..000000000000 --- a/nixos/modules/programs/command-not-found/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ stdenv, rustPlatform, pkgconfig, sqlite -, dbPath ? "/nix/var/nix/profiles/per-user/root/channels/nixos/programs.sqlite" }: - -rustPlatform.buildRustPackage { - name = "command-not-found"; - src = ./rust; - - DB_PATH = dbPath; - NIX_SYSTEM = stdenv.system; - - postInstall = '' - strip $out/bin/command-not-found - ''; - - buildInputs = [ sqlite ]; - nativeBuildInputs = [ pkgconfig ]; - cargoSha256 = "13q61bb4b1q40g424pbssyp3ln79q1a33vmyz9s9wlqnac34cibd"; -} diff --git a/nixos/modules/programs/command-not-found/rust/Cargo.lock b/nixos/modules/programs/command-not-found/rust/Cargo.lock deleted file mode 100644 index ce3a9358c5c2..000000000000 --- a/nixos/modules/programs/command-not-found/rust/Cargo.lock +++ /dev/null @@ -1,131 +0,0 @@ -# This file is automatically @generated by Cargo. -# It is not intended for manual editing. -[[package]] -name = "bitflags" -version = "1.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "command-not-found" -version = "0.1.0" -dependencies = [ - "rusqlite 0.23.1 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "fallible-iterator" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "fallible-streaming-iterator" -version = "0.1.9" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "libc" -version = "0.2.70" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "libsqlite3-sys" -version = "0.18.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)", - "vcpkg 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "linked-hash-map" -version = "0.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "lru-cache" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "linked-hash-map 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "memchr" -version = "2.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "pkg-config" -version = "0.3.17" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "rusqlite" -version = "0.23.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)", - "fallible-iterator 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", - "fallible-streaming-iterator 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)", - "libsqlite3-sys 0.18.0 (registry+https://github.com/rust-lang/crates.io-index)", - "lru-cache 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", - "memchr 2.3.3 (registry+https://github.com/rust-lang/crates.io-index)", - "smallvec 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", - "time 0.1.43 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "smallvec" -version = "1.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "time" -version = "0.1.43" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "libc 0.2.70 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "vcpkg" -version = "0.2.8" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "winapi" -version = "0.3.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "winapi-i686-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "winapi-x86_64-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[metadata] -"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" -"checksum fallible-iterator 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "4443176a9f2c162692bd3d352d745ef9413eec5782a80d8fd6f8a1ac692a07f7" -"checksum fallible-streaming-iterator 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)" = "7360491ce676a36bf9bb3c56c1aa791658183a54d2744120f27285738d90465a" -"checksum libc 0.2.70 (registry+https://github.com/rust-lang/crates.io-index)" = "3baa92041a6fec78c687fa0cc2b3fae8884f743d672cf551bed1d6dac6988d0f" -"checksum libsqlite3-sys 0.18.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1e704a02bcaecd4a08b93a23f6be59d0bd79cd161e0963e9499165a0a35df7bd" -"checksum linked-hash-map 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "8dd5a6d5999d9907cda8ed67bbd137d3af8085216c2ac62de5be860bd41f304a" -"checksum lru-cache 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "31e24f1ad8321ca0e8a1e0ac13f23cb668e6f5466c2c57319f6a5cf1cc8e3b1c" -"checksum memchr 2.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400" -"checksum pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)" = "05da548ad6865900e60eaba7f589cc0783590a92e940c26953ff81ddbab2d677" -"checksum rusqlite 0.23.1 (registry+https://github.com/rust-lang/crates.io-index)" = "45d0fd62e1df63d254714e6cb40d0a0e82e7a1623e7a27f679d851af092ae58b" -"checksum smallvec 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c7cb5678e1615754284ec264d9bb5b4c27d2018577fd90ac0ceb578591ed5ee4" -"checksum time 0.1.43 (registry+https://github.com/rust-lang/crates.io-index)" = "ca8a50ef2360fbd1eeb0ecd46795a87a19024eb4b53c5dc916ca1fd95fe62438" -"checksum vcpkg 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "3fc439f2794e98976c88a2a2dafce96b930fe8010b0a256b3c2199a773933168" -"checksum winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)" = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6" -"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" -"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" diff --git a/nixos/modules/programs/command-not-found/rust/Cargo.toml b/nixos/modules/programs/command-not-found/rust/Cargo.toml deleted file mode 100644 index f965c7df76a5..000000000000 --- a/nixos/modules/programs/command-not-found/rust/Cargo.toml +++ /dev/null @@ -1,10 +0,0 @@ -[package] -name = "command-not-found" -version = "0.1.0" -edition = "2018" - -[dependencies] -rusqlite = "0.*.*" - -[profile.release] -lto = true diff --git a/nixos/modules/programs/command-not-found/rust/src/main.rs b/nixos/modules/programs/command-not-found/rust/src/main.rs deleted file mode 100644 index b0af2871cc29..000000000000 --- a/nixos/modules/programs/command-not-found/rust/src/main.rs +++ /dev/null @@ -1,52 +0,0 @@ -use rusqlite::{params, Connection, Result}; -use std::env; -use std::process::exit; - -const NIX_SYSTEM: &str = env!("NIX_SYSTEM"); -const DB_PATH: &str = env!("DB_PATH"); - -fn query_packages(system: &str, program: &str) -> Result> { - Ok(Connection::open(DB_PATH)? - .prepare("select package from Programs where system = ? and name = ?;")? - .query_map(params![system, program], |row| row.get("package"))? - .collect::>>()?) -} - -fn run_app() -> i32 { - let args: Vec<_> = env::args().collect(); - if args.len() < 2 { - eprintln!("USAGE: {} PROGRAMNAME", args[0]); - return 1; - } - let program = &args[1]; - let system = env::var("NIX_SYSTEM").unwrap_or_else(|_| NIX_SYSTEM.to_string()); - let packages = match query_packages(&system, program) { - Ok(packages) => packages, - Err(err) => { - eprintln!("Failed to query package database: {}", err); - return 1; - } - }; - if packages.is_empty() { - eprintln!("{}: command not found", program); - } else { - let advice = if packages.len() > 1 { - "It is provided by several packages. You can install it by typing on of the of following commands:" - } else { - "You can install it by typing:" - }; - eprintln!( - "The program '{}' is currently not installed. {}", - program, advice - ); - for pkg in packages { - eprintln!(" nix-env -iA nixos.{}", pkg); - } - } - - 127 -} - -fn main() { - exit(run_app()); -} diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 9988f382a1b1..6b8853ae390b 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -12,7 +12,7 @@ let ${condOption "bind" cfg.bind} ${condOption "unixsocket" cfg.unixSocket} daemonize no - #supervised systemd + supervised systemd loglevel ${cfg.logLevel} logfile ${cfg.logfile} syslog-enabled ${redisBool cfg.syslog} @@ -242,9 +242,7 @@ in ExecStart = "${cfg.package}/bin/redis-server /run/redis/redis.conf"; RuntimeDirectory = "redis"; StateDirectory = "redis"; - TimeoutStartSec = "infinity"; - TimeoutStopSec = "infinity"; - Type = "simple"; + Type = "notify"; User = "redis"; Group = "redis"; }; diff --git a/nixos/modules/services/misc/home-assistant.nix b/nixos/modules/services/misc/home-assistant.nix index 16fff215e616..1f2e13f37325 100644 --- a/nixos/modules/services/misc/home-assistant.nix +++ b/nixos/modules/services/misc/home-assistant.nix @@ -62,17 +62,6 @@ let lovelace.mode = "yaml"; }; - #pythonScripts = pkgs.runCommand "python_scripts" { - # nativeBuildInputs = [ pkgs.python3 ]; - # scripts = cfg.pythonScripts; - #} '' - # mkdir $out - # for s in $scripts; do - # echo "checking syntax of $s" - # python -m py_compile "$s" - # ln -s "$s" "$out/$(basename $s" - # done - #''; in { meta.maintainers = with maintainers; [ dotlambda ]; @@ -225,17 +214,6 @@ in { ''; }; - pythonScripts = mkOption { - #default = []; - #type = types.listOf types.path; - default = null; - type = types.nullOr types.path; - description = '' - List of python scripts to use in the python_scripts integration. - Also see in the Homeassistant documentation - ''; - }; - openFirewall = mkOption { default = false; type = types.bool; @@ -246,12 +224,6 @@ in { config = mkIf cfg.enable { networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ]; - systemd.tmpfiles.rules = mkIf (cfg.pythonScripts != null) [ - "L+ ${cfg.configDir}/python_scripts - - - - ${cfg.pythonScripts}" - ]; - - services.home-assistant.config.python_script = mkIf (cfg.pythonScripts != null) {}; - systemd.services.home-assistant = { description = "Home Assistant"; after = [ "network.target" ]; diff --git a/nixos/modules/services/misc/nix-daemon.nix b/nixos/modules/services/misc/nix-daemon.nix index b0763c8d0de4..0eeff31d6c4d 100644 --- a/nixos/modules/services/misc/nix-daemon.nix +++ b/nixos/modules/services/misc/nix-daemon.nix @@ -11,7 +11,6 @@ let nixVersion = getVersion nix; isNix23 = versionAtLeast nixVersion "2.3pre"; - isNix24 = versionAtLeast nixVersion "2.4pre"; makeNixBuildUser = nr: { name = "nixbld${toString nr}"; @@ -41,11 +40,7 @@ let max-jobs = ${toString (cfg.maxJobs)} cores = ${toString (cfg.buildCores)} sandbox = ${if (builtins.isBool cfg.useSandbox) then boolToString cfg.useSandbox else cfg.useSandbox} - - ${optionalString (!isNix24) '' - extra-sandbox-paths = ${toString cfg.sandboxPaths} - ''} - + extra-sandbox-paths = ${toString cfg.sandboxPaths} substituters = ${toString cfg.binaryCaches} trusted-substituters = ${toString cfg.trustedBinaryCaches} trusted-public-keys = ${toString cfg.binaryCachePublicKeys} diff --git a/nixos/modules/services/networking/privoxy.nix b/nixos/modules/services/networking/privoxy.nix index 7caae3282032..e3b34cb0c616 100644 --- a/nixos/modules/services/networking/privoxy.nix +++ b/nixos/modules/services/networking/privoxy.nix @@ -16,7 +16,7 @@ let ${concatMapStrings (f: "actionsfile ${f}\n") cfg.actionsFiles} ${concatMapStrings (f: "filterfile ${f}\n") cfg.filterFiles} '' + optionalString cfg.enableTor '' - forward-socks5t / 127.0.0.1:9063 . + forward-socks4a / ${config.services.tor.client.socksListenAddressFaster} . toggle 1 enable-remote-toggle 0 enable-edit-actions 0 @@ -123,11 +123,6 @@ in serviceConfig.ProtectSystem = "full"; }; - services.tor.settings.SOCKSPort = mkIf cfg.enableTor [ - # Route HTTP traffic over a faster port (without IsolateDestAddr). - { addr = "127.0.0.1"; port = 9063; IsolateDestAddr = false; } - ]; - }; meta.maintainers = with lib.maintainers; [ rnhmjoj ]; diff --git a/nixos/modules/services/security/tor.nix b/nixos/modules/services/security/tor.nix index ececb633983c..1cceee065b1b 100644 --- a/nixos/modules/services/security/tor.nix +++ b/nixos/modules/services/security/tor.nix @@ -1,300 +1,297 @@ { config, lib, pkgs, ... }: -with builtins; with lib; let cfg = config.services.tor; - stateDir = "/var/lib/tor"; - runDir = "/run/tor"; - descriptionGeneric = option: '' - See torrc manual. - ''; - bindsPrivilegedPort = - any (p0: - let p1 = if p0 ? "port" then p0.port else p0; in - if p1 == "auto" then false - else let p2 = if isInt p1 then p1 else toInt p1; in - p1 != null && 0 < p2 && p2 < 1024) - (flatten [ - cfg.settings.ORPort - cfg.settings.DirPort - cfg.settings.DNSPort - cfg.settings.ExtORPort - cfg.settings.HTTPTunnelPort - cfg.settings.NATDPort - cfg.settings.SOCKSPort - cfg.settings.TransPort + torDirectory = "/var/lib/tor"; + torRunDirectory = "/run/tor"; + + opt = name: value: optionalString (value != null) "${name} ${value}"; + optint = name: value: optionalString (value != null && value != 0) "${name} ${toString value}"; + + isolationOptions = { + type = types.listOf (types.enum [ + "IsolateClientAddr" + "IsolateSOCKSAuth" + "IsolateClientProtocol" + "IsolateDestPort" + "IsolateDestAddr" ]); - optionBool = optionName: mkOption { - type = with types; nullOr bool; - default = null; - description = descriptionGeneric optionName; - }; - optionInt = optionName: mkOption { - type = with types; nullOr int; - default = null; - description = descriptionGeneric optionName; - }; - optionString = optionName: mkOption { - type = with types; nullOr str; - default = null; - description = descriptionGeneric optionName; - }; - optionStrings = optionName: mkOption { - type = with types; listOf str; default = []; - description = descriptionGeneric optionName; - }; - optionAddress = mkOption { - type = with types; nullOr str; - default = null; - example = "0.0.0.0"; - description = '' - IPv4 or IPv6 (if between brackets) address. - ''; - }; - optionUnix = mkOption { - type = with types; nullOr path; - default = null; - description = '' - Unix domain socket path to use. - ''; - }; - optionPort = mkOption { - type = with types; nullOr (oneOf [port (enum ["auto"])]); - default = null; - }; - optionPorts = optionName: mkOption { - type = with types; listOf port; - default = []; - description = descriptionGeneric optionName; - }; - optionIsolablePort = with types; oneOf [ - port (enum ["auto"]) - (submodule ({config, ...}: { - options = { - addr = optionAddress; - port = optionPort; - flags = optionFlags; - SessionGroup = mkOption { type = nullOr int; default = null; }; - } // genAttrs isolateFlags (name: mkOption { type = types.bool; default = false; }); - config = { - flags = filter (name: config.${name} == true) isolateFlags ++ - optional (config.SessionGroup != null) "SessionGroup=${toString config.SessionGroup}"; - }; - })) - ]; - optionIsolablePorts = optionName: mkOption { - default = []; - type = with types; either optionIsolablePort (listOf optionIsolablePort); - description = descriptionGeneric optionName; - }; - isolateFlags = [ - "IsolateClientAddr" - "IsolateClientProtocol" - "IsolateDestAddr" - "IsolateDestPort" - "IsolateSOCKSAuth" - "KeepAliveIsolateSOCKSAuth" - ]; - optionSOCKSPort = doConfig: let - flags = [ - "CacheDNS" "CacheIPv4DNS" "CacheIPv6DNS" "GroupWritable" "IPv6Traffic" - "NoDNSRequest" "NoIPv4Traffic" "NoOnionTraffic" "OnionTrafficOnly" - "PreferIPv6" "PreferIPv6Automap" "PreferSOCKSNoAuth" "UseDNSCache" - "UseIPv4Cache" "UseIPv6Cache" "WorldWritable" - ] ++ isolateFlags; - in with types; oneOf [ - port (submodule ({config, ...}: { - options = { - unix = optionUnix; - addr = optionAddress; - port = optionPort; - flags = optionFlags; - SessionGroup = mkOption { type = nullOr int; default = null; }; - } // genAttrs flags (name: mkOption { type = types.bool; default = false; }); - config = mkIf doConfig { # Only add flags in SOCKSPort to avoid duplicates - flags = filter (name: config.${name} == true) flags ++ - optional (config.SessionGroup != null) "SessionGroup=${toString config.SessionGroup}"; - }; - })) + example = [ + "IsolateClientAddr" + "IsolateSOCKSAuth" + "IsolateClientProtocol" + "IsolateDestPort" + "IsolateDestAddr" ]; - optionFlags = mkOption { - type = with types; listOf str; - default = []; - }; - optionORPort = optionName: mkOption { - default = []; - example = 443; - type = with types; oneOf [port (enum ["auto"]) (listOf (oneOf [ - port - (enum ["auto"]) - (submodule ({config, ...}: - let flags = [ "IPv4Only" "IPv6Only" "NoAdvertise" "NoListen" ]; - in { - options = { - addr = optionAddress; - port = optionPort; - flags = optionFlags; - } // genAttrs flags (name: mkOption { type = types.bool; default = false; }); - config = { - flags = filter (name: config.${name} == true) flags; - }; - })) - ]))]; - description = descriptionGeneric optionName; - }; - optionBandwith = optionName: mkOption { - type = with types; nullOr (either int str); - default = null; - description = descriptionGeneric optionName; - }; - optionPath = optionName: mkOption { - type = with types; nullOr path; - default = null; - description = descriptionGeneric optionName; + description = "Tor isolation options"; }; - mkValueString = k: v: - if v == null then "" - else if isBool v then - (if v then "1" else "0") - else if v ? "unix" && v.unix != null then - "unix:"+v.unix + - optionalString (v ? "flags") (" " + concatStringsSep " " v.flags) - else if v ? "port" && v.port != null then - optionalString (v ? "addr" && v.addr != null) "${v.addr}:" + - toString v.port + - optionalString (v ? "flags") (" " + concatStringsSep " " v.flags) - else if k == "ServerTransportPlugin" then - optionalString (v.transports != []) "${concatStringsSep "," v.transports} exec ${v.exec}" - else if k == "HidServAuth" then - concatMapStringsSep "\n${k} " (settings: settings.onion + " " settings.auth) v - else generators.mkValueStringDefault {} v; - genTorrc = settings: - generators.toKeyValue { - listsAsDuplicateKeys = true; - mkKeyValue = k: generators.mkKeyValueDefault { mkValueString = mkValueString k; } " " k; - } - (lib.mapAttrs (k: v: - # Not necesssary, but prettier rendering - if elem k [ "AutomapHostsSuffixes" "DirPolicy" "ExitPolicy" "SocksPolicy" ] - && v != [] - then concatStringsSep "," v - else v) - (lib.filterAttrs (k: v: !(v == null || v == "")) - settings)); - torrc = pkgs.writeText "torrc" ( - genTorrc cfg.settings + - concatStrings (mapAttrsToList (name: onion: - "HiddenServiceDir ${onion.path}\n" + - genTorrc onion.settings) cfg.relay.onionServices) - ); + + torRc = '' + User tor + DataDirectory ${torDirectory} + ${optionalString cfg.enableGeoIP '' + GeoIPFile ${cfg.package.geoip}/share/tor/geoip + GeoIPv6File ${cfg.package.geoip}/share/tor/geoip6 + ''} + + ${optint "ControlPort" cfg.controlPort} + ${optionalString cfg.controlSocket.enable "ControlPort unix:${torRunDirectory}/control GroupWritable RelaxDirModeCheck"} + '' + # Client connection config + + optionalString cfg.client.enable '' + SOCKSPort ${cfg.client.socksListenAddress} ${toString cfg.client.socksIsolationOptions} + SOCKSPort ${cfg.client.socksListenAddressFaster} + ${opt "SocksPolicy" cfg.client.socksPolicy} + + ${optionalString cfg.client.transparentProxy.enable '' + TransPort ${cfg.client.transparentProxy.listenAddress} ${toString cfg.client.transparentProxy.isolationOptions} + ''} + + ${optionalString cfg.client.dns.enable '' + DNSPort ${cfg.client.dns.listenAddress} ${toString cfg.client.dns.isolationOptions} + AutomapHostsOnResolve 1 + AutomapHostsSuffixes ${concatStringsSep "," cfg.client.dns.automapHostsSuffixes} + ''} + '' + # Explicitly disable the SOCKS server if the client is disabled. In + # particular, this makes non-anonymous hidden services possible. + + optionalString (! cfg.client.enable) '' + SOCKSPort 0 + '' + # Relay config + + optionalString cfg.relay.enable '' + ORPort ${toString cfg.relay.port} + ${opt "Address" cfg.relay.address} + ${opt "Nickname" cfg.relay.nickname} + ${opt "ContactInfo" cfg.relay.contactInfo} + + ${optint "RelayBandwidthRate" cfg.relay.bandwidthRate} + ${optint "RelayBandwidthBurst" cfg.relay.bandwidthBurst} + ${opt "AccountingMax" cfg.relay.accountingMax} + ${opt "AccountingStart" cfg.relay.accountingStart} + + ${if (cfg.relay.role == "exit") then + opt "ExitPolicy" cfg.relay.exitPolicy + else + "ExitPolicy reject *:*"} + + ${optionalString (elem cfg.relay.role ["bridge" "private-bridge"]) '' + BridgeRelay 1 + ServerTransportPlugin ${concatStringsSep "," cfg.relay.bridgeTransports} exec ${pkgs.obfs4}/bin/obfs4proxy managed + ExtORPort auto + ${optionalString (cfg.relay.role == "private-bridge") '' + ExtraInfoStatistics 0 + PublishServerDescriptor 0 + ''} + ''} + '' + # Hidden services + + concatStrings (flip mapAttrsToList cfg.hiddenServices (n: v: '' + HiddenServiceDir ${torDirectory}/onion/${v.name} + ${optionalString (v.version != null) "HiddenServiceVersion ${toString v.version}"} + ${flip concatMapStrings v.map (p: '' + HiddenServicePort ${toString p.port} ${p.destination} + '')} + ${optionalString (v.authorizeClient != null) '' + HiddenServiceAuthorizeClient ${v.authorizeClient.authType} ${concatStringsSep "," v.authorizeClient.clientNames} + ''} + '')) + + cfg.extraConfig; + + torRcFile = pkgs.writeText "torrc" torRc; + in { imports = [ - (mkRenamedOptionModule [ "services" "tor" "client" "dns" "automapHostsSuffixes" ] [ "services" "tor" "settings" "AutomapHostsSuffixes" ]) - (mkRemovedOptionModule [ "services" "tor" "client" "dns" "isolationOptions" ] "Use services.tor.settings.DNSPort instead.") - (mkRemovedOptionModule [ "services" "tor" "client" "dns" "listenAddress" ] "Use services.tor.settings.DNSPort instead.") - (mkRemovedOptionModule [ "services" "tor" "client" "privoxy" "enable" ] "Use services.privoxy.enable and services.privoxy.enableTor instead.") - (mkRemovedOptionModule [ "services" "tor" "client" "socksIsolationOptions" ] "Use services.tor.settings.SOCKSPort instead.") - (mkRemovedOptionModule [ "services" "tor" "client" "socksListenAddressFaster" ] "Use services.tor.settings.SOCKSPort instead.") - (mkRenamedOptionModule [ "services" "tor" "client" "socksPolicy" ] [ "services" "tor" "settings" "SocksPolicy" ]) - (mkRemovedOptionModule [ "services" "tor" "client" "transparentProxy" "isolationOptions" ] "Use services.tor.settings.TransPort instead.") - (mkRemovedOptionModule [ "services" "tor" "client" "transparentProxy" "listenAddress" ] "Use services.tor.settings.TransPort instead.") - (mkRenamedOptionModule [ "services" "tor" "controlPort" ] [ "services" "tor" "settings" "ControlPort" ]) - (mkRemovedOptionModule [ "services" "tor" "extraConfig" ] "Plese use services.tor.settings instead.") - (mkRenamedOptionModule [ "services" "tor" "hiddenServices" ] [ "services" "tor" "relay" "onionServices" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "accountingMax" ] [ "services" "tor" "settings" "AccountingMax" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "accountingStart" ] [ "services" "tor" "settings" "AccountingStart" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "address" ] [ "services" "tor" "settings" "Address" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "bandwidthBurst" ] [ "services" "tor" "settings" "BandwidthBurst" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "bandwidthRate" ] [ "services" "tor" "settings" "BandwidthRate" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "bridgeTransports" ] [ "services" "tor" "settings" "ServerTransportPlugin" "transports" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "contactInfo" ] [ "services" "tor" "settings" "ContactInfo" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "exitPolicy" ] [ "services" "tor" "settings" "ExitPolicy" ]) + (mkRemovedOptionModule [ "services" "tor" "client" "privoxy" "enable" ] '' + Use services.privoxy.enable and services.privoxy.enableTor instead. + '') + (mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "relay" "port" ]) (mkRemovedOptionModule [ "services" "tor" "relay" "isBridge" ] "Use services.tor.relay.role instead.") (mkRemovedOptionModule [ "services" "tor" "relay" "isExit" ] "Use services.tor.relay.role instead.") - (mkRenamedOptionModule [ "services" "tor" "relay" "nickname" ] [ "services" "tor" "settings" "Nickname" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "port" ] [ "services" "tor" "settings" "ORPort" ]) - (mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "settings" "ORPort" ]) ]; options = { services.tor = { - enable = mkEnableOption ''Tor daemon. - By default, the daemon is run without - relay, exit, bridge or client connectivity''; - - openFirewall = mkEnableOption "opening of the relay port(s) in the firewall"; + enable = mkOption { + type = types.bool; + default = false; + description = '' + Enable the Tor daemon. By default, the daemon is run without + relay, exit, bridge or client connectivity. + ''; + }; package = mkOption { type = types.package; default = pkgs.tor; defaultText = "pkgs.tor"; example = literalExample "pkgs.tor"; - description = "Tor package to use."; + description = '' + Tor package to use + ''; }; - enableGeoIP = mkEnableOption ''use of GeoIP databases. - Disabling this will disable by-country statistics for bridges and relays - and some client and third-party software functionality'' // { default = true; }; + enableGeoIP = mkOption { + type = types.bool; + default = true; + description = '' + Whenever to configure Tor daemon to use GeoIP databases. - controlSocket.enable = mkEnableOption ''control socket, - created in ${runDir}/control''; + Disabling this will disable by-country statistics for + bridges and relays and some client and third-party software + functionality. + ''; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + description = '' + Extra configuration. Contents will be added verbatim to the + configuration file at the end. + ''; + }; + + controlPort = mkOption { + type = types.nullOr (types.either types.int types.str); + default = null; + example = 9051; + description = '' + If set, Tor will accept connections on the specified port + and allow them to control the tor process. + ''; + }; + + controlSocket = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable Tor control socket. Control socket is created + in ${torRunDirectory}/control + ''; + }; + }; client = { - enable = mkEnableOption ''the routing of application connections. - You might want to disable this if you plan running a dedicated Tor relay''; - - transparentProxy.enable = mkEnableOption "transparent proxy"; - dns.enable = mkEnableOption "DNS resolver"; - - socksListenAddress = mkOption { - type = optionSOCKSPort false; - default = {addr = "127.0.0.1"; port = 9050; IsolateDestAddr = true;}; - example = {addr = "192.168.0.1"; port = 9090; IsolateDestAddr = true;}; + enable = mkOption { + type = types.bool; + default = false; description = '' - Bind to this address to listen for connections from - Socks-speaking applications. + Whether to enable Tor daemon to route application + connections. You might want to disable this if you plan + running a dedicated Tor relay. ''; }; - onionServices = mkOption { - description = descriptionGeneric "HiddenServiceDir"; - default = {}; - example = { - "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" = { - clientAuthorizations = ["/run/keys/tor/alice.prv.x25519"]; - }; + socksListenAddress = mkOption { + type = types.str; + default = "127.0.0.1:9050"; + example = "192.168.0.1:9100"; + description = '' + Bind to this address to listen for connections from + Socks-speaking applications. Provides strong circuit + isolation, separate circuit per IP address. + ''; + }; + + socksListenAddressFaster = mkOption { + type = types.str; + default = "127.0.0.1:9063"; + example = "192.168.0.1:9101"; + description = '' + Bind to this address to listen for connections from + Socks-speaking applications. Same as + but uses weaker + circuit isolation to provide performance suitable for a + web browser. + ''; + }; + + socksPolicy = mkOption { + type = types.nullOr types.str; + default = null; + example = "accept 192.168.0.0/16, reject *"; + description = '' + Entry policies to allow/deny SOCKS requests based on IP + address. First entry that matches wins. If no SocksPolicy + is set, we accept all (and only) requests from + . + ''; + }; + + socksIsolationOptions = mkOption (isolationOptions // { + default = ["IsolateDestAddr"]; + }); + + transparentProxy = { + enable = mkOption { + type = types.bool; + default = false; + description = "Whether to enable tor transparent proxy"; + }; + + listenAddress = mkOption { + type = types.str; + default = "127.0.0.1:9040"; + example = "192.168.0.1:9040"; + description = '' + Bind transparent proxy to this address. + ''; + }; + + isolationOptions = mkOption isolationOptions; + }; + + dns = { + enable = mkOption { + type = types.bool; + default = false; + description = "Whether to enable tor dns resolver"; + }; + + listenAddress = mkOption { + type = types.str; + default = "127.0.0.1:9053"; + example = "192.168.0.1:9053"; + description = '' + Bind tor dns to this address. + ''; + }; + + isolationOptions = mkOption isolationOptions; + + automapHostsSuffixes = mkOption { + type = types.listOf types.str; + default = [".onion" ".exit"]; + example = [".onion"]; + description = "List of suffixes to use with automapHostsOnResolve"; }; - type = types.attrsOf (types.submodule ({name, config, ...}: { - options.clientAuthorizations = mkOption { - description = '' - Clients' authorizations for a v3 hidden service, - as a list of files containing each one private key, in the format: - descriptor:x25519:<base32-private-key> - '' + descriptionGeneric "_client_authorization"; - type = with types; listOf path; - default = []; - example = ["/run/keys/tor/alice.prv.x25519"]; - }; - })); }; }; relay = { - enable = mkEnableOption ''relaying of Tor traffic for others. + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable relaying TOR traffic for others. - See - for details. + See + for details. - Setting this to true requires setting - - and - - options''; + Setting this to true requires setting + + and + + options. + ''; + }; role = mkOption { type = types.enum [ "exit" "relay" "bridge" "private-bridge" ]; @@ -313,13 +310,13 @@ in Running an exit relay may expose you to abuse complaints. See - + for more info. You can specify which services Tor users may access via - your exit relay using option. + your exit relay using option. @@ -372,14 +369,15 @@ in WARNING: THE FOLLOWING PARAGRAPH IS NOT LEGAL ADVICE. - Consult with your lawyer when in doubt. + Consult with your lawer when in doubt. This role should be safe to use in most situations (unless the act of forwarding traffic for others is a punishable offence under your local laws, which - would be pretty insane as it would make ISP illegal). + would be pretty insane as it would make ISP + illegal). @@ -406,7 +404,7 @@ in Use this if you want to run a private bridge, for - example because you'll give out your bridge addr + example because you'll give out your bridge address manually to your friends. @@ -428,393 +426,269 @@ in ''; }; - onionServices = mkOption { - description = descriptionGeneric "HiddenServiceDir"; - default = {}; - example = { - "example.org/www" = { - map = [ 80 ]; - authorizedClients = [ - "descriptor:x25519:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - ]; - }; - }; - type = types.attrsOf (types.submodule ({name, config, ...}: { - options.path = mkOption { - type = types.path; - description = '' - Path where to store the data files of the hidden service. - If the is null - this defaults to ${stateDir}/onion/$onion, - otherwise to ${runDir}/onion/$onion. - ''; - }; - options.secretKey = mkOption { - type = with types; nullOr path; - default = null; - example = "/run/keys/tor/onion/expyuzz4wqqyqhjn/hs_ed25519_secret_key"; - description = '' - Secret key of the onion service. - If null, Tor reuses any preexisting secret key (in ) - or generates a new one. - The associated public key and hostname are deterministically regenerated - from this file if they do not exist. - ''; - }; - options.authorizeClient = mkOption { - description = descriptionGeneric "HiddenServiceAuthorizeClient"; - default = null; - type = types.nullOr (types.submodule ({...}: { - options = { - authType = mkOption { - type = types.enum [ "basic" "stealth" ]; - description = '' - Either "basic" for a general-purpose authorization protocol - or "stealth" for a less scalable protocol - that also hides service activity from unauthorized clients. - ''; - }; - clientNames = mkOption { - type = with types; nonEmptyListOf (strMatching "[A-Za-z0-9+-_]+"); - description = '' - Only clients that are listed here are authorized to access the hidden service. - Generated authorization data can be found in ${stateDir}/onion/$name/hostname. - Clients need to put this authorization data in their configuration file using - . - ''; - }; - }; - })); - }; - options.authorizedClients = mkOption { - description = '' - Authorized clients for a v3 hidden service, - as a list of public key, in the format: - descriptor:x25519:<base32-public-key> - '' + descriptionGeneric "_client_authorization"; - type = with types; listOf str; - default = []; - example = ["descriptor:x25519:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"]; - }; - options.map = mkOption { - description = descriptionGeneric "HiddenServicePort"; - type = with types; listOf (oneOf [ - port (submodule ({...}: { - options = { - port = optionPort; - target = mkOption { - default = null; - type = nullOr (submodule ({...}: { - options = { - unix = optionUnix; - addr = optionAddress; - port = optionPort; - }; - })); - }; - }; - })) - ]); - apply = map (v: if isInt v then {port=v; target=null;} else v); - }; - options.version = mkOption { - description = descriptionGeneric "HiddenServiceVersion"; - type = with types; nullOr (enum [2 3]); - default = null; - }; - options.settings = mkOption { - description = '' - Settings of the onion service. - '' + descriptionGeneric "_hidden_service_options"; - default = {}; - type = types.submodule { - freeformType = with types; - (attrsOf (nullOr (oneOf [str int bool (listOf str)]))) // { - description = "settings option"; - }; - options.HiddenServiceAllowUnknownPorts = optionBool "HiddenServiceAllowUnknownPorts"; - options.HiddenServiceDirGroupReadable = optionBool "HiddenServiceDirGroupReadable"; - options.HiddenServiceExportCircuitID = mkOption { - description = descriptionGeneric "HiddenServiceExportCircuitID"; - type = with types; nullOr (enum ["haproxy"]); - default = null; - }; - options.HiddenServiceMaxStreams = mkOption { - description = descriptionGeneric "HiddenServiceMaxStreams"; - type = with types; nullOr (ints.between 0 65535); - default = null; - }; - options.HiddenServiceMaxStreamsCloseCircuit = optionBool "HiddenServiceMaxStreamsCloseCircuit"; - options.HiddenServiceNumIntroductionPoints = mkOption { - description = descriptionGeneric "HiddenServiceNumIntroductionPoints"; - type = with types; nullOr (ints.between 0 20); - default = null; - }; - options.HiddenServiceSingleHopMode = optionBool "HiddenServiceSingleHopMode"; - options.RendPostPeriod = optionString "RendPostPeriod"; - }; - }; - config = { - path = mkDefault ((if config.secretKey == null then stateDir else runDir) + "/onion/${name}"); - settings.HiddenServiceVersion = config.version; - settings.HiddenServiceAuthorizeClient = - if config.authorizeClient != null then - config.authorizeClient.authType + " " + - concatStringsSep "," config.authorizeClient.clientNames - else null; - settings.HiddenServicePort = map (p: mkValueString "" p.port + " " + mkValueString "" p.target) config.map; - }; - })); + bridgeTransports = mkOption { + type = types.listOf types.str; + default = ["obfs4"]; + example = ["obfs2" "obfs3" "obfs4" "scramblesuit"]; + description = "List of pluggable transports"; + }; + + nickname = mkOption { + type = types.str; + default = "anonymous"; + description = '' + A unique handle for your TOR relay. + ''; + }; + + contactInfo = mkOption { + type = types.nullOr types.str; + default = null; + example = "admin@relay.com"; + description = '' + Contact information for the relay owner (e.g. a mail + address and GPG key ID). + ''; + }; + + accountingMax = mkOption { + type = types.nullOr types.str; + default = null; + example = "450 GBytes"; + description = '' + Specify maximum bandwidth allowed during an accounting period. This + allows you to limit overall tor bandwidth over some time period. + See the AccountingMax option by looking at the + tor manual tor + 1 for more. + + Note this limit applies individually to upload and + download; if you specify "500 GBytes" + here, then you may transfer up to 1 TBytes of overall + bandwidth (500 GB upload, 500 GB download). + ''; + }; + + accountingStart = mkOption { + type = types.nullOr types.str; + default = null; + example = "month 1 1:00"; + description = '' + Specify length of an accounting period. This allows you to limit + overall tor bandwidth over some time period. See the + AccountingStart option by looking at the tor + manual tor + 1 for more. + ''; + }; + + bandwidthRate = mkOption { + type = types.nullOr types.int; + default = null; + example = 100; + description = '' + Specify this to limit the bandwidth usage of relayed (server) + traffic. Your own traffic is still unthrottled. Units: bytes/second. + ''; + }; + + bandwidthBurst = mkOption { + type = types.nullOr types.int; + default = cfg.relay.bandwidthRate; + example = 200; + description = '' + Specify this to allow bursts of the bandwidth usage of relayed (server) + traffic. The average usage will still be as specified in relayBandwidthRate. + Your own traffic is still unthrottled. Units: bytes/second. + ''; + }; + + address = mkOption { + type = types.nullOr types.str; + default = null; + example = "noname.example.com"; + description = '' + The IP address or full DNS name for advertised address of your relay. + Leave unset and Tor will guess. + ''; + }; + + port = mkOption { + type = types.either types.int types.str; + example = 143; + description = '' + What port to advertise for Tor connections. This corresponds to the + ORPort section in the Tor manual; see + tor + 1 for more details. + + At a minimum, you should just specify the port for the + relay to listen on; a common one like 143, 22, 80, or 443 + to help Tor users who may have very restrictive port-based + firewalls. + ''; + }; + + exitPolicy = mkOption { + type = types.nullOr types.str; + default = null; + example = "accept *:6660-6667,reject *:*"; + description = '' + A comma-separated list of exit policies. They're + considered first to last, and the first match wins. If you + want to _replace_ the default exit policy, end this with + either a reject *:* or an accept *:*. Otherwise, you're + _augmenting_ (prepending to) the default exit policy. + Leave commented to just use the default, which is + available in the man page or at + . + + Look at + + for issues you might encounter if you use the default + exit policy. + + If certain IPs and ports are blocked externally, e.g. by + your firewall, you should update your exit policy to + reflect this -- otherwise Tor users will be told that + those destinations are down. + ''; }; }; - settings = mkOption { + hiddenServices = mkOption { description = '' - See torrc manual - for documentation. + A set of static hidden services that terminate their Tor + circuits at this node. + + Every element in this set declares a virtual onion host. + + You can specify your onion address by putting corresponding + private key to an appropriate place in ${torDirectory}. + + For services without private keys in ${torDirectory} Tor + daemon will generate random key pairs (which implies random + onion addresses) on restart. The latter could take a while, + please be patient. + + + Hidden services can be useful even if you don't intend to + actually hide them, since they can + also be seen as a kind of NAT traversal mechanism. + + E.g. the example will make your sshd, whatever runs on + "8080" and your mail server available from anywhere where + the Tor network is available (which, with the help from + bridges, is pretty much everywhere), even if both client + and server machines are behind NAT you have no control + over. + ''; default = {}; - type = types.submodule { - freeformType = with types; - (attrsOf (nullOr (oneOf [str int bool (listOf str)]))) // { - description = "settings option"; - }; - options.Address = optionString "Address"; - options.AssumeReachable = optionBool "AssumeReachable"; - options.AccountingMax = optionBandwith "AccountingMax"; - options.AccountingStart = optionString "AccountingStart"; - options.AuthDirHasIPv6Connectivity = optionBool "AuthDirHasIPv6Connectivity"; - options.AuthDirListBadExits = optionBool "AuthDirListBadExits"; - options.AuthDirPinKeys = optionBool "AuthDirPinKeys"; - options.AuthDirSharedRandomness = optionBool "AuthDirSharedRandomness"; - options.AuthDirTestEd25519LinkKeys = optionBool "AuthDirTestEd25519LinkKeys"; - options.AuthoritativeDirectory = optionBool "AuthoritativeDirectory"; - options.AutomapHostsOnResolve = optionBool "AutomapHostsOnResolve"; - options.AutomapHostsSuffixes = optionStrings "AutomapHostsSuffixes" // { - default = [".onion" ".exit"]; - example = [".onion"]; + example = literalExample '' + { "my-hidden-service-example".map = [ + { port = 22; } # map ssh port to this machine's ssh + { port = 80; toPort = 8080; } # map http port to whatever runs on 8080 + { port = "sip"; toHost = "mail.example.com"; toPort = "imap"; } # because we can + ]; + } + ''; + type = types.attrsOf (types.submodule ({name, ...}: { + options = { + + name = mkOption { + type = types.str; + description = '' + Name of this tor hidden service. + + This is purely descriptive. + + After restarting Tor daemon you should be able to + find your .onion address in + ${torDirectory}/onion/$name/hostname. + ''; + }; + + map = mkOption { + default = []; + description = "Port mapping for this hidden service."; + type = types.listOf (types.submodule ({config, ...}: { + options = { + + port = mkOption { + type = types.either types.int types.str; + example = 80; + description = '' + Hidden service port to "bind to". + ''; + }; + + destination = mkOption { + internal = true; + type = types.str; + description = "Forward these connections where?"; + }; + + toHost = mkOption { + type = types.str; + default = "127.0.0.1"; + description = "Mapping destination host."; + }; + + toPort = mkOption { + type = types.either types.int types.str; + example = 8080; + description = "Mapping destination port."; + }; + + }; + + config = { + toPort = mkDefault config.port; + destination = mkDefault "${config.toHost}:${toString config.toPort}"; + }; + })); + }; + + authorizeClient = mkOption { + default = null; + description = "If configured, the hidden service is accessible for authorized clients only."; + type = types.nullOr (types.submodule ({...}: { + + options = { + + authType = mkOption { + type = types.enum [ "basic" "stealth" ]; + description = '' + Either "basic" for a general-purpose authorization protocol + or "stealth" for a less scalable protocol + that also hides service activity from unauthorized clients. + ''; + }; + + clientNames = mkOption { + type = types.nonEmptyListOf (types.strMatching "[A-Za-z0-9+-_]+"); + description = '' + Only clients that are listed here are authorized to access the hidden service. + Generated authorization data can be found in ${torDirectory}/onion/$name/hostname. + Clients need to put this authorization data in their configuration file using HidServAuth. + ''; + }; + }; + })); + }; + + version = mkOption { + default = null; + description = "Rendezvous service descriptor version to publish for the hidden service. Currently, versions 2 and 3 are supported. (Default: 2)"; + type = types.nullOr (types.enum [ 2 3 ]); + }; }; - options.BandwidthBurst = optionBandwith "BandwidthBurst"; - options.BandwidthRate = optionBandwith "BandwidthRate"; - options.BridgeAuthoritativeDir = optionBool "BridgeAuthoritativeDir"; - options.BridgeRecordUsageByCountry = optionBool "BridgeRecordUsageByCountry"; - options.BridgeRelay = optionBool "BridgeRelay" // { default = false; }; - options.CacheDirectory = optionPath "CacheDirectory"; - options.CacheDirectoryGroupReadable = optionBool "CacheDirectoryGroupReadable"; # default is null and like "auto" - options.CellStatistics = optionBool "CellStatistics"; - options.ClientAutoIPv6ORPort = optionBool "ClientAutoIPv6ORPort"; - options.ClientDNSRejectInternalAddresses = optionBool "ClientDNSRejectInternalAddresses"; - options.ClientOnionAuthDir = mkOption { - description = descriptionGeneric "ClientOnionAuthDir"; - default = null; - type = with types; nullOr path; + + config = { + name = mkDefault name; }; - options.ClientPreferIPv6DirPort = optionBool "ClientPreferIPv6DirPort"; # default is null and like "auto" - options.ClientPreferIPv6ORPort = optionBool "ClientPreferIPv6ORPort"; # default is null and like "auto" - options.ClientRejectInternalAddresses = optionBool "ClientRejectInternalAddresses"; - options.ClientUseIPv4 = optionBool "ClientUseIPv4"; - options.ClientUseIPv6 = optionBool "ClientUseIPv6"; - options.ConnDirectionStatistics = optionBool "ConnDirectionStatistics"; - options.ConstrainedSockets = optionBool "ConstrainedSockets"; - options.ContactInfo = optionString "ContactInfo"; - options.ControlPort = mkOption rec { - description = descriptionGeneric "ControlPort"; - default = []; - example = [{port = 9051;}]; - type = with types; oneOf [port (enum ["auto"]) (listOf (oneOf [ - port (enum ["auto"]) (submodule ({config, ...}: let - flags = ["GroupWritable" "RelaxDirModeCheck" "WorldWritable"]; - in { - options = { - unix = optionUnix; - flags = optionFlags; - addr = optionAddress; - port = optionPort; - } // genAttrs flags (name: mkOption { type = types.bool; default = false; }); - config = { - flags = filter (name: config.${name} == true) flags; - }; - })) - ]))]; - }; - options.ControlPortFileGroupReadable= optionBool "ControlPortFileGroupReadable"; - options.ControlPortWriteToFile = optionPath "ControlPortWriteToFile"; - options.ControlSocket = optionPath "ControlSocket"; - options.ControlSocketsGroupWritable = optionBool "ControlSocketsGroupWritable"; - options.CookieAuthFile = optionPath "CookieAuthFile"; - options.CookieAuthFileGroupReadable = optionBool "CookieAuthFileGroupReadable"; - options.CookieAuthentication = optionBool "CookieAuthentication"; - options.DataDirectory = optionPath "DataDirectory" // { default = stateDir; }; - options.DataDirectoryGroupReadable = optionBool "DataDirectoryGroupReadable"; - options.DirPortFrontPage = optionPath "DirPortFrontPage"; - options.DirAllowPrivateAddresses = optionBool "DirAllowPrivateAddresses"; - options.DormantCanceledByStartup = optionBool "DormantCanceledByStartup"; - options.DormantOnFirstStartup = optionBool "DormantOnFirstStartup"; - options.DormantTimeoutDisabledByIdleStreams = optionBool "DormantTimeoutDisabledByIdleStreams"; - options.DirCache = optionBool "DirCache"; - options.DirPolicy = mkOption { - description = descriptionGeneric "DirPolicy"; - type = with types; listOf str; - default = []; - example = ["accept *:*"]; - }; - options.DirPort = optionORPort "DirPort"; - options.DirReqStatistics = optionBool "DirReqStatistics"; - options.DisableAllSwap = optionBool "DisableAllSwap"; - options.DisableDebuggerAttachment = optionBool "DisableDebuggerAttachment"; - options.DisableNetwork = optionBool "DisableNetwork"; - options.DisableOOSCheck = optionBool "DisableOOSCheck"; - options.DNSPort = optionIsolablePorts "DNSPort"; - options.DoSCircuitCreationEnabled = optionBool "DoSCircuitCreationEnabled"; - options.DoSConnectionEnabled = optionBool "DoSConnectionEnabled"; # default is null and like "auto" - options.DoSRefuseSingleHopClientRendezvous = optionBool "DoSRefuseSingleHopClientRendezvous"; - options.DownloadExtraInfo = optionBool "DownloadExtraInfo"; - options.EnforceDistinctSubnets = optionBool "EnforceDistinctSubnets"; - options.EntryStatistics = optionBool "EntryStatistics"; - options.ExitPolicy = optionStrings "ExitPolicy" // { - default = ["reject *:*"]; - example = ["accept *:*"]; - }; - options.ExitPolicyRejectLocalInterfaces = optionBool "ExitPolicyRejectLocalInterfaces"; - options.ExitPolicyRejectPrivate = optionBool "ExitPolicyRejectPrivate"; - options.ExitPortStatistics = optionBool "ExitPortStatistics"; - options.ExitRelay = optionBool "ExitRelay"; # default is null and like "auto" - options.ExtORPort = mkOption { - description = descriptionGeneric "ExtORPort"; - default = null; - type = with types; nullOr (oneOf [ - port (enum ["auto"]) (submodule ({...}: { - options = { - addr = optionAddress; - port = optionPort; - }; - })) - ]); - apply = p: if isInt p || isString p then { port = p; } else p; - }; - options.ExtORPortCookieAuthFile = optionPath "ExtORPortCookieAuthFile"; - options.ExtORPortCookieAuthFileGroupReadable = optionBool "ExtORPortCookieAuthFileGroupReadable"; - options.ExtendAllowPrivateAddresses = optionBool "ExtendAllowPrivateAddresses"; - options.ExtraInfoStatistics = optionBool "ExtraInfoStatistics"; - options.FascistFirewall = optionBool "FascistFirewall"; - options.FetchDirInfoEarly = optionBool "FetchDirInfoEarly"; - options.FetchDirInfoExtraEarly = optionBool "FetchDirInfoExtraEarly"; - options.FetchHidServDescriptors = optionBool "FetchHidServDescriptors"; - options.FetchServerDescriptors = optionBool "FetchServerDescriptors"; - options.FetchUselessDescriptors = optionBool "FetchUselessDescriptors"; - options.ReachableAddresses = optionStrings "ReachableAddresses"; - options.ReachableDirAddresses = optionStrings "ReachableDirAddresses"; - options.ReachableORAddresses = optionStrings "ReachableORAddresses"; - options.GeoIPFile = optionPath "GeoIPFile"; - options.GeoIPv6File = optionPath "GeoIPv6File"; - options.GuardfractionFile = optionPath "GuardfractionFile"; - options.HidServAuth = mkOption { - description = descriptionGeneric "HidServAuth"; - default = []; - type = with types; listOf (oneOf [ - (submodule { - options = { - onion = mkOption { - type = strMatching "[a-z2-7]{16}(\\.onion)?"; - description = "Onion address."; - example = "xxxxxxxxxxxxxxxx.onion"; - }; - auth = mkOption { - type = strMatching "[A-Za-z0-9+/]{22}"; - description = "Authentication cookie."; - }; - }; - }) - ]); - }; - options.HiddenServiceNonAnonymousMode = optionBool "HiddenServiceNonAnonymousMode"; - options.HiddenServiceStatistics = optionBool "HiddenServiceStatistics"; - options.HSLayer2Nodes = optionStrings "HSLayer2Nodes"; - options.HSLayer3Nodes = optionStrings "HSLayer3Nodes"; - options.HTTPTunnelPort = optionIsolablePorts "HTTPTunnelPort"; - options.IPv6Exit = optionBool "IPv6Exit"; - options.KeyDirectory = optionPath "KeyDirectory"; - options.KeyDirectoryGroupReadable = optionBool "KeyDirectoryGroupReadable"; - options.LogMessageDomains = optionBool "LogMessageDomains"; - options.LongLivedPorts = optionPorts "LongLivedPorts"; - options.MainloopStats = optionBool "MainloopStats"; - options.MaxAdvertisedBandwidth = optionBandwith "MaxAdvertisedBandwidth"; - options.MaxCircuitDirtiness = optionInt "MaxCircuitDirtiness"; - options.MaxClientCircuitsPending = optionInt "MaxClientCircuitsPending"; - options.NATDPort = optionIsolablePorts "NATDPort"; - options.NewCircuitPeriod = optionInt "NewCircuitPeriod"; - options.Nickname = optionString "Nickname"; - options.ORPort = optionORPort "ORPort"; - options.OfflineMasterKey = optionBool "OfflineMasterKey"; - options.OptimisticData = optionBool "OptimisticData"; # default is null and like "auto" - options.PaddingStatistics = optionBool "PaddingStatistics"; - options.PerConnBWBurst = optionBandwith "PerConnBWBurst"; - options.PerConnBWRate = optionBandwith "PerConnBWRate"; - options.PidFile = optionPath "PidFile"; - options.ProtocolWarnings = optionBool "ProtocolWarnings"; - options.PublishHidServDescriptors = optionBool "PublishHidServDescriptors"; - options.PublishServerDescriptor = mkOption { - description = descriptionGeneric "PublishServerDescriptor"; - type = with types; nullOr (enum [false true 0 1 "0" "1" "v3" "bridge"]); - default = null; - }; - options.ReducedExitPolicy = optionBool "ReducedExitPolicy"; - options.RefuseUnknownExits = optionBool "RefuseUnknownExits"; # default is null and like "auto" - options.RejectPlaintextPorts = optionPorts "RejectPlaintextPorts"; - options.RelayBandwidthBurst = optionBandwith "RelayBandwidthBurst"; - options.RelayBandwidthRate = optionBandwith "RelayBandwidthRate"; - #options.RunAsDaemon - options.Sandbox = optionBool "Sandbox"; - options.ServerDNSAllowBrokenConfig = optionBool "ServerDNSAllowBrokenConfig"; - options.ServerDNSAllowNonRFC953Hostnames = optionBool "ServerDNSAllowNonRFC953Hostnames"; - options.ServerDNSDetectHijacking = optionBool "ServerDNSDetectHijacking"; - options.ServerDNSRandomizeCase = optionBool "ServerDNSRandomizeCase"; - options.ServerDNSResolvConfFile = optionPath "ServerDNSResolvConfFile"; - options.ServerDNSSearchDomains = optionBool "ServerDNSSearchDomains"; - options.ServerTransportPlugin = mkOption { - description = descriptionGeneric "ServerTransportPlugin"; - default = null; - type = with types; nullOr (submodule ({...}: { - options = { - transports = mkOption { - description = "List of pluggable transports."; - type = listOf str; - example = ["obfs2" "obfs3" "obfs4" "scramblesuit"]; - }; - exec = mkOption { - type = types.str; - description = "Command of pluggable transport."; - }; - }; - })); - }; - options.SocksPolicy = optionStrings "SocksPolicy" // { - example = ["accept *:*"]; - }; - options.SOCKSPort = mkOption { - description = descriptionGeneric "SOCKSPort"; - default = if cfg.settings.HiddenServiceNonAnonymousMode == true then [{port = 0;}] else []; - example = [{port = 9090;}]; - type = types.listOf (optionSOCKSPort true); - }; - options.TestingTorNetwork = optionBool "TestingTorNetwork"; - options.TransPort = optionIsolablePorts "TransPort"; - options.TransProxyType = mkOption { - description = descriptionGeneric "TransProxyType"; - type = with types; nullOr (enum ["default" "TPROXY" "ipfw" "pf-divert"]); - default = null; - }; - #options.TruncateLogFile - options.UnixSocksGroupWritable = optionBool "UnixSocksGroupWritable"; - options.UseDefaultFallbackDirs = optionBool "UseDefaultFallbackDirs"; - options.UseMicrodescriptors = optionBool "UseMicrodescriptors"; - options.V3AuthUseLegacyKey = optionBool "V3AuthUseLegacyKey"; - options.V3AuthoritativeDirectory = optionBool "V3AuthoritativeDirectory"; - options.VersioningAuthoritativeDirectory = optionBool "VersioningAuthoritativeDirectory"; - options.VirtualAddrNetworkIPv4 = optionString "VirtualAddrNetworkIPv4"; - options.VirtualAddrNetworkIPv6 = optionString "VirtualAddrNetworkIPv6"; - options.WarnPlaintextPorts = optionPorts "WarnPlaintextPorts"; - }; + })); }; }; }; @@ -822,217 +696,79 @@ in config = mkIf cfg.enable { # Not sure if `cfg.relay.role == "private-bridge"` helps as tor # sends a lot of stats - warnings = optional (cfg.settings.BridgeRelay && - flatten (mapAttrsToList (n: o: o.map) cfg.relay.onionServices) != []) + warnings = optional (cfg.relay.enable && cfg.hiddenServices != {}) '' Running Tor hidden services on a public relay makes the presence of hidden services visible through simple statistical analysis of publicly available data. - See https://trac.torproject.org/projects/tor/ticket/8742 You can safely ignore this warning if you don't intend to actually hide your hidden services. In either case, you can always create a container/VM with a separate Tor daemon instance. - '' ++ - flatten (mapAttrsToList (n: o: - optional (o.settings.HiddenServiceVersion == 2) [ - (optional (o.settings.HiddenServiceExportCircuitID != null) '' - HiddenServiceExportCircuitID is used in the HiddenService: ${n} - but this option is only for v3 hidden services. - '') - ] ++ - optional (o.settings.HiddenServiceVersion != 2) [ - (optional (o.settings.HiddenServiceAuthorizeClient != null) '' - HiddenServiceAuthorizeClient is used in the HiddenService: ${n} - but this option is only for v2 hidden services. - '') - (optional (o.settings.RendPostPeriod != null) '' - RendPostPeriod is used in the HiddenService: ${n} - but this option is only for v2 hidden services. - '') - ] - ) cfg.relay.onionServices); + ''; users.groups.tor.gid = config.ids.gids.tor; users.users.tor = { description = "Tor Daemon User"; createHome = true; - home = stateDir; + home = torDirectory; group = "tor"; uid = config.ids.uids.tor; }; - services.tor.settings = mkMerge [ - (mkIf cfg.enableGeoIP { - GeoIPFile = "${cfg.package.geoip}/share/tor/geoip"; - GeoIPv6File = "${cfg.package.geoip}/share/tor/geoip6"; - }) - (mkIf cfg.controlSocket.enable { - ControlPort = [ { unix = runDir + "/control"; GroupWritable=true; RelaxDirModeCheck=true; } ]; - }) - (mkIf cfg.relay.enable ( - optionalAttrs (cfg.relay.role != "exit") { - ExitPolicy = mkForce ["reject *:*"]; - } // - optionalAttrs (elem cfg.relay.role ["bridge" "private-bridge"]) { - BridgeRelay = true; - ExtORPort.port = mkDefault "auto"; - ServerTransportPlugin.transports = mkDefault ["obfs4"]; - ServerTransportPlugin.exec = mkDefault "${pkgs.obfs4}/bin/obfs4proxy managed"; - } // optionalAttrs (cfg.relay.role == "private-bridge") { - ExtraInfoStatistics = false; - PublishServerDescriptor = false; - } - )) - (mkIf (!cfg.relay.enable) { - # Avoid surprises when leaving ORPort/DirPort configurations in cfg.settings, - # because it would still enable Tor as a relay, - # which can trigger all sort of problems when not carefully done, - # like the blocklisting of the machine's IP addresses - # by some hosting providers... - DirPort = mkForce []; - ORPort = mkForce []; - PublishServerDescriptor = mkForce false; - }) - (mkIf cfg.client.enable ( - { SOCKSPort = [ cfg.client.socksListenAddress ]; - } // optionalAttrs cfg.client.transparentProxy.enable { - TransPort = [{ addr = "127.0.0.1"; port = 9040; }]; - } // optionalAttrs cfg.client.dns.enable { - DNSPort = [{ addr = "127.0.0.1"; port = 9053; }]; - AutomapHostsOnResolve = true; - AutomapHostsSuffixes = cfg.client.dns.automapHostsSuffixes; - } // optionalAttrs (flatten (mapAttrsToList (n: o: o.clientAuthorizations) cfg.client.onionServices) != []) { - ClientOnionAuthDir = runDir + "/ClientOnionAuthDir"; - } - )) - ]; - - networking.firewall = mkIf cfg.openFirewall { - allowedTCPPorts = - concatMap (o: optional (isInt o && o > 0 || o ? "port" && isInt o.port && o.port > 0) o.port) - (flatten [ - cfg.settings.ORPort - cfg.settings.DirPort - ]); - }; - - systemd.services.tor = { - description = "Tor Daemon"; - path = [ pkgs.tor ]; - - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - restartTriggers = [ torrc ]; - - serviceConfig = { - Type = "simple"; - User = "tor"; - Group = "tor"; - ExecStartPre = [ - "${cfg.package}/bin/tor -f ${torrc} --verify-config" - # DOC: Appendix G of https://spec.torproject.org/rend-spec-v3 - ("+" + pkgs.writeShellScript "ExecStartPre" (concatStringsSep "\n" (flatten (["set -eu"] ++ - mapAttrsToList (name: onion: - optional (onion.authorizedClients != []) '' - rm -rf ${escapeShellArg onion.path}/authorized_clients - install -d -o tor -g tor -m 0700 ${escapeShellArg onion.path} ${escapeShellArg onion.path}/authorized_clients - '' ++ - imap0 (i: pubKey: '' - echo ${pubKey} | - install -o tor -g tor -m 0400 /dev/stdin ${escapeShellArg onion.path}/authorized_clients/${toString i}.auth - '') onion.authorizedClients ++ - optional (onion.secretKey != null) '' - install -d -o tor -g tor -m 0700 ${escapeShellArg onion.path} - key="$(cut -f1 -d: ${escapeShellArg onion.secretKey})" - case "$key" in - ("== ed25519v"*"-secret") - install -o tor -g tor -m 0400 ${escapeShellArg onion.secretKey} ${escapeShellArg onion.path}/hs_ed25519_secret_key;; - (*) echo >&2 "NixOS does not (yet) support secret key type for onion: ${name}"; exit 1;; - esac - '' - ) cfg.relay.onionServices ++ - mapAttrsToList (name: onion: imap0 (i: prvKeyPath: - let hostname = removeSuffix ".onion" name; in '' - printf "%s:" ${escapeShellArg hostname} | cat - ${escapeShellArg prvKeyPath} | - install -o tor -g tor -m 0700 /dev/stdin \ - ${runDir}/ClientOnionAuthDir/${escapeShellArg hostname}.${toString i}.auth_private - '') onion.clientAuthorizations) - cfg.client.onionServices - )))) - ]; - ExecStart = "${cfg.package}/bin/tor -f ${torrc}"; - ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; - KillSignal = "SIGINT"; - TimeoutSec = 30; - Restart = "on-failure"; - LimitNOFILE = 32768; - RuntimeDirectory = [ - # g+x allows access to the control socket - "tor" - "tor/root" - # g+x can't be removed in ExecStart=, but will be removed by Tor - "tor/ClientOnionAuthDir" - ]; - RuntimeDirectoryMode = "0710"; - StateDirectoryMode = "0700"; - StateDirectory = [ - "tor" - "tor/onion" - ] ++ - flatten (mapAttrsToList (name: onion: - optional (onion.secretKey == null) "tor/onion/${name}" - ) cfg.relay.onionServices); - # The following options are only to optimize: - # systemd-analyze security tor - RootDirectory = runDir + "/root"; - RootDirectoryStartOnly = true; - #InaccessiblePaths = [ "-+${runDir}/root" ]; - UMask = "0066"; - BindPaths = [ stateDir ]; - BindReadOnlyPaths = [ storeDir "/etc" ]; - AmbientCapabilities = [""] ++ lib.optional bindsPrivilegedPort "CAP_NET_BIND_SERVICE"; - CapabilityBoundingSet = [""] ++ lib.optional bindsPrivilegedPort "CAP_NET_BIND_SERVICE"; - # ProtectClock= adds DeviceAllow=char-rtc r - DeviceAllow = ""; - LockPersonality = true; - MemoryDenyWriteExecute = true; - NoNewPrivileges = true; - PrivateDevices = true; - PrivateMounts = true; - PrivateNetwork = mkDefault false; - PrivateTmp = true; - # Tor cannot currently bind privileged port when PrivateUsers=true, - # see https://gitlab.torproject.org/legacy/trac/-/issues/20930 - PrivateUsers = !bindsPrivilegedPort; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProtectSystem = "strict"; - RemoveIPC = true; - RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ]; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - # See also the finer but experimental option settings.Sandbox - SystemCallFilter = [ - "@system-service" - # Groups in @system-service which do not contain a syscall listed by: - # perf stat -x, 2>perf.log -e 'syscalls:sys_enter_*' tor - # in tests, and seem likely not necessary for tor. - "~@aio" "~@chown" "~@keyring" "~@memlock" "~@resources" "~@setuid" "~@timer" - ]; - SystemCallArchitectures = "native"; - SystemCallErrorNumber = "EPERM"; + # We have to do this instead of using RuntimeDirectory option in + # the service below because systemd has no way to set owners of + # RuntimeDirectory and putting this into the service below + # requires that service to relax it's sandbox since this needs + # writable /run + systemd.services.tor-init = + { description = "Tor Daemon Init"; + wantedBy = [ "tor.service" ]; + script = '' + install -m 0700 -o tor -g tor -d ${torDirectory} ${torDirectory}/onion + install -m 0750 -o tor -g tor -d ${torRunDirectory} + ''; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + }; + + systemd.services.tor = + { description = "Tor Daemon"; + path = [ pkgs.tor ]; + + wantedBy = [ "multi-user.target" ]; + after = [ "tor-init.service" "network.target" ]; + restartTriggers = [ torRcFile ]; + + serviceConfig = + { Type = "simple"; + # Translated from the upstream contrib/dist/tor.service.in + ExecStartPre = "${cfg.package}/bin/tor -f ${torRcFile} --verify-config"; + ExecStart = "${cfg.package}/bin/tor -f ${torRcFile}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + KillSignal = "SIGINT"; + TimeoutSec = 30; + Restart = "on-failure"; + LimitNOFILE = 32768; + + # Hardening + # this seems to unshare /run despite what systemd.exec(5) says + PrivateTmp = mkIf (!cfg.controlSocket.enable) "yes"; + PrivateDevices = "yes"; + ProtectHome = "yes"; + ProtectSystem = "strict"; + InaccessiblePaths = "/home"; + ReadOnlyPaths = "/"; + ReadWritePaths = [ torDirectory torRunDirectory ]; + NoNewPrivileges = "yes"; + + # tor.service.in has this in, but this line it fails to spawn a namespace when using hidden services + #CapabilityBoundingSet = "CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE"; + }; }; - }; environment.systemPackages = [ cfg.package ]; }; - - meta.maintainers = with lib.maintainers; [ julm ]; } diff --git a/nixos/modules/services/system/nscd.nix b/nixos/modules/services/system/nscd.nix index 43b05c5b14d1..d720f254b813 100644 --- a/nixos/modules/services/system/nscd.nix +++ b/nixos/modules/services/system/nscd.nix @@ -50,19 +50,9 @@ in systemd.services.nscd = { description = "Name Service Cache Daemon"; - environment = { LD_LIBRARY_PATH = nssModulesPath; }; + wantedBy = [ "nss-lookup.target" "nss-user-lookup.target" ]; - # We need system users to be resolveable in late-boot. nscd is the proxy between - # nss-modules in NixOS and thus if you have nss-modules providing system users - # (e.g. when using DynamicUser) then nscd needs to be available before late-boot is ready - # We add a dependency of sysinit.target to nscd to ensure - # these units are started after nscd is fully started. - unitConfig.DefaultDependencies = false; - wantedBy = [ "sysinit.target" ]; - before = [ "sysinit.target" "shutdown.target" ]; - conflicts = [ "shutdown.target" ]; - wants = [ "local-fs.target" ]; - after = [ "local-fs.target" ]; + environment = { LD_LIBRARY_PATH = nssModulesPath; }; restartTriggers = [ config.environment.etc.hosts.source @@ -76,19 +66,20 @@ in # privileges after all the NSS modules have read their configuration # files. So prefix the ExecStart command with "!" to prevent systemd # from dropping privileges early. See ExecStart in systemd.service(5). - serviceConfig = { - ExecStart = "!@${nscd}/sbin/nscd nscd"; - Type = "forking"; - DynamicUser = true; - RuntimeDirectory = "nscd"; - PIDFile = "/run/nscd/nscd.pid"; - Restart = "always"; - ExecReload = [ - "${nscd}/sbin/nscd --invalidate passwd" - "${nscd}/sbin/nscd --invalidate group" - "${nscd}/sbin/nscd --invalidate hosts" - ]; - }; + serviceConfig = + { ExecStart = "!@${nscd}/sbin/nscd nscd"; + Type = "forking"; + DynamicUser = true; + RuntimeDirectory = "nscd"; + PIDFile = "/run/nscd/nscd.pid"; + Restart = "always"; + ExecReload = + [ "${nscd}/sbin/nscd --invalidate passwd" + "${nscd}/sbin/nscd --invalidate group" + "${nscd}/sbin/nscd --invalidate hosts" + ]; + }; }; + }; } diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 2bde2a68a6bc..62671e9d7484 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -179,12 +179,6 @@ let ${cfg.httpConfig} }''} - ${optionalString (cfg.streamConfig != "") '' - stream { - ${cfg.streamConfig} - } - ''} - ${cfg.appendConfig} ''; @@ -458,21 +452,6 @@ in "; }; - streamConfig = mkOption { - type = types.lines; - default = ""; - example = '' - server { - listen 127.0.0.1:53 udp reuseport; - proxy_timeout 20s; - proxy_pass 192.168.0.1:53535; - } - ''; - description = " - Configuration lines to be set inside the stream block. - "; - }; - eventsConfig = mkOption { type = types.lines; default = ""; diff --git a/nixos/modules/system/activation/switch-to-configuration.pl b/nixos/modules/system/activation/switch-to-configuration.pl index c774be2ec542..b82d69b3bb85 100644 --- a/nixos/modules/system/activation/switch-to-configuration.pl +++ b/nixos/modules/system/activation/switch-to-configuration.pl @@ -346,11 +346,10 @@ sub filterUnits { return @res; } -my $startNscd = delete $unitsToStart{"nscd.service"}; - my @unitsToStopFiltered = filterUnits(\%unitsToStop); my @unitsToStartFiltered = filterUnits(\%unitsToStart); + # Show dry-run actions. if ($action eq "dry-activate") { print STDERR "would stop the following units: ", join(", ", @unitsToStopFiltered), "\n" @@ -360,7 +359,6 @@ if ($action eq "dry-activate") { print STDERR "would restart systemd\n" if $restartSystemd; print STDERR "would restart the following units: ", join(", ", sort(keys %unitsToRestart)), "\n" if scalar(keys %unitsToRestart) > 0; - print STDERR "would start nscd\n" if $startNscd; print STDERR "would start the following units: ", join(", ", @unitsToStartFiltered), "\n" if scalar @unitsToStartFiltered; print STDERR "would reload the following units: ", join(", ", sort(keys %unitsToReload)), "\n" @@ -420,13 +418,6 @@ close $listActiveUsers; print STDERR "setting up tmpfiles\n"; system("@systemd@/bin/systemd-tmpfiles", "--create", "--remove", "--exclude-prefix=/dev") == 0 or $res = 3; -# We need to start nscd before any other service, since they might need -# to resolve users/groups only exposed by nss modules (i.e. DynamicUser via nss_systemd) -if ($startNscd) { - print STDERR "starting nscd\n"; - system("@systemd@/bin/systemctl", "start", "nscd.service") == 0 or $res = 4; -} - # Reload units that need it. This includes remounting changed mount # units. if (scalar(keys %unitsToReload) > 0) { diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index e133a357bb76..86bfde6349c3 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -366,7 +366,7 @@ let } trap cleanup EXIT - tmp=$(mktemp -d ''${TMPDIR:-/tmp}/initrd-secrets.XXXXXXXXXX) + tmp=$(mktemp -d initrd-secrets.XXXXXXXXXX) ${lib.concatStringsSep "\n" (mapAttrsToList (dest: source: let source' = if source == null then dest else toString source; in diff --git a/nixos/modules/tasks/filesystems.nix b/nixos/modules/tasks/filesystems.nix index 5388fc738e31..a055072f9c96 100644 --- a/nixos/modules/tasks/filesystems.nix +++ b/nixos/modules/tasks/filesystems.nix @@ -7,9 +7,8 @@ let addCheckDesc = desc: elemType: check: types.addCheck elemType check // { description = "${elemType.description} (with check: ${desc})"; }; - - isNonEmpty = s: (builtins.match ".*[^ \t]+.*" s) != null; - nonEmptyStr = addCheckDesc "non-empty" types.str isNonEmpty; + nonEmptyStr = addCheckDesc "non-empty" types.str + (x: x != "" && ! (all (c: c == " " || c == "\t") (stringToCharacters x))); fileSystems' = toposort fsBefore (attrValues config.fileSystems); @@ -29,10 +28,10 @@ let coreFileSystemOpts = { name, config, ... }: { options = { + mountPoint = mkOption { example = "/mnt/usb"; - type = addCheckDesc "non-empty without trailing slash" types.str - (s: isNonEmpty s && (builtins.match "(/|/.*[^/])" s) != null); + type = nonEmptyStr; description = "Location of the mounted the file system."; }; diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix index 4f83d72901c2..26297a7d0f1f 100644 --- a/nixos/modules/virtualisation/amazon-image.nix +++ b/nixos/modules/virtualisation/amazon-image.nix @@ -137,7 +137,7 @@ in services.openssh.permitRootLogin = "prohibit-password"; # Creates symlinks for block device names. - services.udev.packages = [ pkgs.amazon-ec2-utils ]; + services.udev.packages = [ pkgs.ec2-utils ]; # Force getting the hostname from EC2. networking.hostName = mkDefault ""; diff --git a/nixos/tests/tor.nix b/nixos/tests/tor.nix index c061f59226cf..ad07231557c3 100644 --- a/nixos/tests/tor.nix +++ b/nixos/tests/tor.nix @@ -17,7 +17,7 @@ rec { environment.systemPackages = with pkgs; [ netcat ]; services.tor.enable = true; services.tor.client.enable = true; - services.tor.settings.ControlPort = 9051; + services.tor.controlPort = 9051; }; testScript = '' diff --git a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/0001-hardcode-json-file-path.patch b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/0001-hardcode-json-file-path.patch deleted file mode 100644 index 45e620db258d..000000000000 --- a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/0001-hardcode-json-file-path.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 5dd2593369645b11a9dc03e1930617d2f5dbd039 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= -Date: Wed, 11 Nov 2020 11:48:49 +0100 -Subject: [PATCH] hardcode json file path -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Jörg Thalheim ---- - wee_slack.py | 8 +------- - 1 file changed, 1 insertion(+), 7 deletions(-) - -diff --git a/wee_slack.py b/wee_slack.py -index a3d779c..5942289 100644 ---- a/wee_slack.py -+++ b/wee_slack.py -@@ -5136,13 +5136,7 @@ def create_slack_debug_buffer(): - - def load_emoji(): - try: -- weechat_dir = w.info_get('weechat_dir', '') -- weechat_sharedir = w.info_get('weechat_sharedir', '') -- local_weemoji, global_weemoji = ('{}/weemoji.json'.format(path) -- for path in (weechat_dir, weechat_sharedir)) -- path = (global_weemoji if os.path.exists(global_weemoji) and -- not os.path.exists(local_weemoji) else local_weemoji) -- with open(path, 'r') as ef: -+ with open('@out@/share/wee-slack/weemoji.json', 'r') as ef: - emojis = json.loads(ef.read()) - if 'emoji' in emojis: - print_error('The weemoji.json file is in an old format. Please update it.') --- -2.29.0 - diff --git a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix index 4be611eb71ff..9650f903ed6b 100644 --- a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix +++ b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "wee-slack"; - version = "8bd734c8e9a6b133a65548672f8a11ee3b3ce677"; + version = "2.6.0"; src = fetchFromGitHub { repo = "wee-slack"; owner = "wee-slack"; - rev = version; - sha256 = "0p48cpaqfqja9i68dqyladwif7x8c19ii8v27p9cxz5y9impc9qk"; + rev = "v${version}"; + sha256 = "0s4qd1z40c1bczkvc840jwjmzbv7nyj06xqs1si9v54qmkh4gaq4"; }; patches = [ @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { paths = with python3Packages; [ websocket_client six ]; }}/${python3Packages.python.sitePackages}"; }) - ./0001-hardcode-json-file-path.patch + ./hardcode-json-file-path.patch ]; postPatch = '' diff --git a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/hardcode-json-file-path.patch b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/hardcode-json-file-path.patch new file mode 100644 index 000000000000..7413a9229ce6 --- /dev/null +++ b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/hardcode-json-file-path.patch @@ -0,0 +1,12 @@ +--- a/wee_slack.py ++++ b/wee_slack.py +@@ -4560,8 +4560,7 @@ + + def load_emoji(): + try: +- DIR = w.info_get('weechat_dir', '') +- with open('{}/weemoji.json'.format(DIR), 'r') as ef: ++ with open('@out@/share/wee-slack/weemoji.json', 'r') as ef: + emojis = json.loads(ef.read()) + if 'emoji' in emojis: + print_error('The weemoji.json file is in an old format. Please update it.') diff --git a/pkgs/applications/video/iina/default.nix b/pkgs/applications/video/iina/default.nix deleted file mode 100644 index f0abed2d93d6..000000000000 --- a/pkgs/applications/video/iina/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ stdenv, fetchurl, undmg }: - -stdenv.mkDerivation { - pname = "iina"; - version = "1.1.2"; - - src = fetchurl { - url = "https://github.com/iina/iina/releases/download/v1.0.7-beta2/IINA.v1.0.7-beta2.dmg"; - sha256 = "1w0l3b1kar9zglqkildcqhlwara6zy2p3x79kqa2d0b43nqka82n"; - }; - - buildInputs = [ undmg ]; - installPhase = '' - mkdir -p "$out/Applications/IINA.app" - cp -R . "$out/Applications/IINA.app" - chmod +x "$out/Applications/IINA.app/Contents/MacOS/IINA" - ''; - - meta = with stdenv.lib; { - description = "The modern video player for macOS."; - homepage = "http://https://iina.io/"; - license = licenses.gpl3; - platforms = platforms.darwin; - maintainers = with maintainers; [ mic92 ]; - }; -} diff --git a/pkgs/development/python-modules/keystone/default.nix b/pkgs/development/python-modules/keystone/default.nix deleted file mode 100644 index c98af6ea4d7d..000000000000 --- a/pkgs/development/python-modules/keystone/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ lib -, buildPythonPackage -, keystone -}: - -buildPythonPackage rec { - inherit (keystone) pname src version buildInputs nativeBuildInputs; - - dontUseCmakeConfigure = 1; - preBuild = "cd bindings/python"; - - meta = with lib; { - inherit (keystone.meta) description license homepage; - maintainers = [ maintainers.mic92 ]; - }; -} diff --git a/pkgs/development/python-modules/pyworld/default.nix b/pkgs/development/python-modules/pyworld/default.nix deleted file mode 100644 index 92a91f766be7..000000000000 --- a/pkgs/development/python-modules/pyworld/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, numpy -, cython -}: - -buildPythonPackage rec { - pname = "pyworld"; - version = "0.2.12"; - - src = fetchPypi { - inherit pname version; - sha256 = "896c910696975855578d855f490f94d7a57119e0a75f7f15e11fdf58ba891627"; - }; - - nativeBuildInputs = [ - cython - ]; - - propagatedBuildInputs = [ - numpy - ]; - - meta = with lib; { - description = "PyWorld is a Python wrapper for WORLD vocoder"; - homepage = https://github.com/JeremyCCHsu/Python-Wrapper-for-World-Vocoder; - license = licenses.mit; - maintainers = [ maintainers.mic92 ]; - }; -} diff --git a/pkgs/development/ruby-modules/with-packages/Gemfile b/pkgs/development/ruby-modules/with-packages/Gemfile index dda0f69c35cc..3454ce3df74b 100644 --- a/pkgs/development/ruby-modules/with-packages/Gemfile +++ b/pkgs/development/ruby-modules/with-packages/Gemfile @@ -14,9 +14,13 @@ source 'https://rubygems.org' do gem 'cocoapods' gem 'cocoapods-acknowledgements' gem 'cocoapods-art' + gem 'cocoapods-bin' gem 'cocoapods-browser' + gem 'cocoapods-bugsnag' + gem 'cocoapods-check' gem 'cocoapods-clean' gem 'cocoapods-clean_build_phases_scripts' + gem 'cocoapods-core' gem 'cocoapods-coverage' gem 'cocoapods-deintegrate' gem 'cocoapods-dependencies' @@ -27,9 +31,18 @@ source 'https://rubygems.org' do gem 'cocoapods-generate' gem 'cocoapods-git_url_rewriter' gem 'cocoapods-keys' + gem 'cocoapods-no-dev-schemes' gem 'cocoapods-open' + gem 'cocoapods-packager' + gem 'cocoapods-playgrounds' gem 'cocoapods-plugins' + gem 'cocoapods-prune-localizations' + gem 'cocoapods-rome' gem 'cocoapods-search' + gem 'cocoapods-sorted-search' + gem 'cocoapods-static-swift-framework' + gem 'cocoapods-stats' + gem 'cocoapods-tdfire-binary' gem 'cocoapods-testing' gem 'cocoapods-trunk' gem 'cocoapods-try' diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix index 5f4d638dfece..0f8702eb6e01 100644 --- a/pkgs/os-specific/linux/sysdig/default.nix +++ b/pkgs/os-specific/linux/sysdig/default.nix @@ -65,7 +65,7 @@ stdenv.mkDerivation rec { description = "A tracepoint-based system tracing tool for Linux (with clients for other OSes)"; license = with licenses; [ asl20 gpl2 mit ]; maintainers = [maintainers.raskin]; - platforms = [ "x86_64-linux" "aarch64-linux" ] ++ platforms.darwin; + platforms = ["x86_64-linux"] ++ platforms.darwin; broken = kernel != null && versionOlder kernel.version "4.14"; homepage = "https://sysdig.com/opensource/"; downloadPage = "https://github.com/draios/sysdig/releases"; diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index 429f140f738f..9135ea549f34 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -243,7 +243,7 @@ "familyhub" = ps: with ps; [ ]; # missing inputs: python-family-hub-local "fan" = ps: with ps; [ ]; "fastdotcom" = ps: with ps; [ ]; # missing inputs: fastdotcom - "feedreader" = ps: with ps; [ feedparser]; + "feedreader" = ps: with ps; [ ]; # missing inputs: feedparser-homeassistant "ffmpeg" = ps: with ps; [ ha-ffmpeg ]; "ffmpeg_motion" = ps: with ps; [ ha-ffmpeg ]; "ffmpeg_noise" = ps: with ps; [ ha-ffmpeg ]; diff --git a/pkgs/servers/home-assistant/parse-requirements.py b/pkgs/servers/home-assistant/parse-requirements.py index 3d25dfeaf847..4fa4b8a48ee4 100755 --- a/pkgs/servers/home-assistant/parse-requirements.py +++ b/pkgs/servers/home-assistant/parse-requirements.py @@ -41,10 +41,6 @@ PKG_PREFERENCES = { "tensorflow-build_2": "tensorflow", } -# packages we have a different name for or we want to replace -PKG_SUBSTITUTES = { - "feedparser-homeassistant": "feedparser" -} def run_mypy() -> None: cmd = ["mypy", "--ignore-missing-imports", __file__] @@ -160,8 +156,6 @@ def main() -> None: # Therefore, if there's a "#" in the line, only take the part after it req = req[req.find("#") + 1 :] name = req.split("==")[0] - name = PKG_SUBSTITUTES.get(name, name) - attr_path = name_to_attr_path(name, packages) if attr_path is not None: # Add attribute path without "python3Packages." prefix diff --git a/pkgs/servers/openafs/1.8/default.nix b/pkgs/servers/openafs/1.8/default.nix index 1f475d7440fa..c26f8d3a23c5 100644 --- a/pkgs/servers/openafs/1.8/default.nix +++ b/pkgs/servers/openafs/1.8/default.nix @@ -100,7 +100,6 @@ in stdenv.mkDerivation { homepage = "https://www.openafs.org"; license = licenses.ipl10; platforms = platforms.linux; - broken = with kernel; kernelOlder "3.18" || isHardened; maintainers = [ maintainers.maggesi maintainers.spacefrogg ]; }; } diff --git a/pkgs/tools/audio/tts/default.nix b/pkgs/tools/audio/tts/default.nix index 1634bfa5b307..770e898f2eec 100644 --- a/pkgs/tools/audio/tts/default.nix +++ b/pkgs/tools/audio/tts/default.nix @@ -61,18 +61,6 @@ python3Packages.buildPythonApplication rec { url = "https://github.com/mozilla/TTS/commit/36fee428b9f3f4ec1914b090a2ec9d785314d9aa.patch"; sha256 = "sha256-pP0NxiyrsvQ0A7GEleTdT87XO08o7WxPEpb6Bmj66dc="; }) - (fetchpatch { - url = "https://github.com/Mic92/TTS/commit/5bf62009e8c19e8c1627d1f7aa54e11bc5fa91d7.patch"; - sha256 = "sha256-ZxDytieD0zoP0/RXzG0bbVnl0oE+DF8iUVpHb8+2TqM="; - }) - (fetchpatch { - url = "https://github.com/mozilla/TTS/commit/3000647e542fce9773f4c5da082630befa5525f1.patch"; - sha256 = "sha256-dl8Zy0dEw9z4ZZFcuP1WHzCVh2+nn0jDKOncoCK+syM="; - }) - (fetchpatch { - url = "https://github.com/mozilla/TTS/commit/fe86a076bb1c7e18078718be0aa36da427f325bd.patch"; - sha256 = "sha256-cT5HYkLFzmSMwAHLOHgpG+v9HGKIbUxwS8Dt9SKHm+8="; - }) ]; preBuild = '' @@ -107,7 +95,6 @@ python3Packages.buildPythonApplication rec { inflect gdown pysbd - pyworld ]; postInstall = '' diff --git a/pkgs/tools/security/tor/default.nix b/pkgs/tools/security/tor/default.nix index e46fd4790a31..04bf598d132a 100644 --- a/pkgs/tools/security/tor/default.nix +++ b/pkgs/tools/security/tor/default.nix @@ -1,6 +1,5 @@ { stdenv, fetchurl, pkgconfig, libevent, openssl, zlib, torsocks , libseccomp, systemd, libcap, lzma, zstd, scrypt, nixosTests -, writeShellScript # for update.nix , writeScript @@ -13,21 +12,7 @@ , gnused , nix }: -let - tor-client-auth-gen = writeShellScript "tor-client-auth-gen" '' - PATH="${stdenv.lib.makeBinPath [coreutils gnugrep openssl]}" - pem="$(openssl genpkey -algorithm x25519)" - printf private_key=descriptor:x25519: - echo "$pem" | grep -v " PRIVATE KEY" | - base64 -d | tail --bytes=32 | base32 | tr -d = - - printf public_key=descriptor:x25519: - echo "$pem" | openssl pkey -in /dev/stdin -pubout | - grep -v " PUBLIC KEY" | - base64 -d | tail --bytes=32 | base32 | tr -d = - ''; -in stdenv.mkDerivation rec { pname = "tor"; version = "0.4.4.6"; @@ -67,7 +52,6 @@ stdenv.mkDerivation rec { mkdir -p $geoip/share/tor mv $out/share/tor/geoip{,6} $geoip/share/tor rm -rf $out/share/tor - ln -s ${tor-client-auth-gen} $out/bin/tor-client-auth-gen ''; passthru = { diff --git a/pkgs/tools/typesetting/tex/texlive/bin.nix b/pkgs/tools/typesetting/tex/texlive/bin.nix index 4df486a25117..030ac1b43aae 100644 --- a/pkgs/tools/typesetting/tex/texlive/bin.nix +++ b/pkgs/tools/typesetting/tex/texlive/bin.nix @@ -2,7 +2,7 @@ , texlive , zlib, libiconv, libpng, libX11 , freetype, gd, libXaw, icu, ghostscript, libXpm, libXmu, libXext -, perl, perlPackages, python3Packages, pkgconfig +, perl, perlPackages, python2Packages, pkgconfig , poppler, libpaper, graphite2, zziplib, harfbuzz, potrace, gmp, mpfr , brotli, cairo, pixman, xorg, clisp, biber, woff2, xxHash , makeWrapper, shortenPerlShebang @@ -321,13 +321,13 @@ latexindent = perlPackages.buildPerlPackage rec { }; -pygmentex = python3Packages.buildPythonApplication rec { +pygmentex = python2Packages.buildPythonApplication rec { pname = "pygmentex"; inherit (src) version; src = stdenv.lib.head (builtins.filter (p: p.tlType == "run") texlive.pygmentex.pkgs); - propagatedBuildInputs = with python3Packages; [ pygments chardet ]; + propagatedBuildInputs = with python2Packages; [ pygments chardet ]; dontBuild = true; diff --git a/pkgs/tools/typesetting/tex/texlive/combine.nix b/pkgs/tools/typesetting/tex/texlive/combine.nix index 33633433575b..0625fe16090a 100644 --- a/pkgs/tools/typesetting/tex/texlive/combine.nix +++ b/pkgs/tools/typesetting/tex/texlive/combine.nix @@ -27,7 +27,7 @@ let [ "de-macro" "pythontex" "dviasm" "texliveonfly" ]; pkgNeedsRuby = pkg: pkg.tlType == "run" && pkg.pname == "match-parens"; extraInputs = - lib.optional (lib.any pkgNeedsPython splitBin.wrong) python3 + lib.optional (lib.any pkgNeedsPython splitBin.wrong) python ++ lib.optional (lib.any pkgNeedsRuby splitBin.wrong) ruby; }; diff --git a/pkgs/tools/typesetting/tex/texlive/default.nix b/pkgs/tools/typesetting/tex/texlive/default.nix index 0c7dadc150b0..c2e6399ab864 100644 --- a/pkgs/tools/typesetting/tex/texlive/default.nix +++ b/pkgs/tools/typesetting/tex/texlive/default.nix @@ -4,7 +4,7 @@ */ { stdenv, lib, fetchurl, runCommand, writeText, buildEnv , callPackage, ghostscriptX, harfbuzz, poppler_min -, makeWrapper, python3, ruby, perl +, makeWrapper, python, ruby, perl , useFixedHashes ? true , recurseIntoAttrs }: @@ -25,7 +25,7 @@ let # function for creating a working environment from a set of TL packages combine = import ./combine.nix { inherit bin combinePkgs buildEnv lib makeWrapper writeText - stdenv python3 ruby perl; + stdenv python ruby perl; ghostscript = ghostscriptX; # could be without X, probably, but we use X above }; @@ -110,7 +110,7 @@ let #"ftp://tug.org/texlive/historic/2019/tlnet-final/archive" # Daily snapshots hosted by one of the texlive release managers - "https://texlive.info/tlnet-archive/2020/10/09/tlnet/archive" + https://texlive.info/tlnet-archive/2020/10/09/tlnet/archive ]; src = fetchurl { inherit urls sha512; }; diff --git a/pkgs/tools/virtualization/amazon-ec2-utils/default.nix b/pkgs/tools/virtualization/amazon-ec2-utils/default.nix deleted file mode 100644 index d7dd6ad0b1e3..000000000000 --- a/pkgs/tools/virtualization/amazon-ec2-utils/default.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ stdenv, lib, fetchFromGitHub, python3, installShellFiles }: - -stdenv.mkDerivation rec { - pname = "amazon-ec2-utils"; - version = "1.3"; - - src = fetchFromGitHub { - owner = "aws"; - repo = "amazon-ec2-utils"; - rev = version; - sha256 = "sha256-uxKnbdKGhS32kY3mA7YYtDRwKcEjNZPJUYQExZTqtxE="; - }; - - buildInputs = [ python3 ]; - # TODO next version will have manpages - #nativeBuildInputs = [ installShellFiles ]; - - installPhase = '' - # https://github.com/aws/amazon-ec2-utils/blob/8eb2effb1aea2280264d66ae58b3e156e6d429f9/amazon-ec2-utils.spec#L74 - install -D --target $out/etc/udev/rules.d *.rules - install -D --target $out/bin ec2-metadata ebsnvme-id ec2udev-vbd ec2udev-vcpu - install -D --target $out/lib/udev/ ec2nvme-nsid - # TODO next version will have manpages - #installManPage doc/* - ''; - - postFixup = '' - for i in $out/etc/udev/rules.d/*.rules; do - substituteInPlace "$i" \ - --replace '/sbin' "$out/bin" - done - substituteInPlace "$out/etc/udev/rules.d/70-ec2-nvme-devices.rules" \ - --replace 'ec2nvme-nsid' "$out/lib/udev/ec2nvme-nsid" - ''; - - meta = { - description = "A set of tools for running in EC2"; - homepage = "https://aws.amazon.com/amazon-linux-ami/"; - license = lib.licenses.asl20; - maintainers = with lib.maintainers; [ thefloweringash ]; - }; -} diff --git a/pkgs/tools/virtualization/ec2-utils/default.nix b/pkgs/tools/virtualization/ec2-utils/default.nix new file mode 100644 index 000000000000..1605bcfa43b6 --- /dev/null +++ b/pkgs/tools/virtualization/ec2-utils/default.nix @@ -0,0 +1,47 @@ +{ stdenv, lib, rpmextract, fetchurl, python2, tree }: + +stdenv.mkDerivation { + name = "ec2-utils"; + version = "0.5.1"; + + # The url can be determined by booting an "Amazon Linux 2" and running: + # > yumdownloader --urls ec2-utils + src = fetchurl { + url = "http://amazonlinux.ap-northeast-1.amazonaws.com/blobstore/a3b4d2c35c2300518fe10381a05b3bd7936ff5cdd3d351143a11bf84073d9e00/ec2-utils-0.5-1.amzn2.0.1.noarch.rpm"; + sha256 = "004y7l3q9gqi78a53lykrpsnz4yp7dds1083w67m2013bk1x5d53"; + }; + + nativeBuildInputs = [ rpmextract ]; + + buildInputs = [ python2 ]; + + unpackPhase = '' + mkdir source + cd source + rpmextract "$src" + ''; + + installPhase = '' + mkdir $out + + mv --target-directory $out \ + etc sbin usr/bin usr/lib + ''; + + postFixup = '' + for i in $out/etc/udev/rules.d/*.rules; do + substituteInPlace "$i" \ + --replace '/sbin' "$out/bin" + done + + substituteInPlace "$out/etc/udev/rules.d/70-ec2-nvme-devices.rules" \ + --replace 'ec2nvme-nsid' "$out/lib/udev/ec2nvme-nsid" + ''; + + meta = { + description = "A set of tools for running in EC2"; + homepage = "https://aws.amazon.com/amazon-linux-ami/"; + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ thefloweringash ]; + }; +} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 793b58ac46da..6e5da1bf34ec 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -138,7 +138,6 @@ mapAliases ({ draftsight = throw "draftsight has been removed, no longer available as freeware"; # added 2020-08-14 dvb_apps = throw "dvb_apps has been removed."; # added 2020-11-03 dwarf_fortress = dwarf-fortress; # added 2016-01-23 - ec2-utils = amazon-ec2-utils; # added 2020-12-06 emacsPackagesGen = emacsPackagesFor; # added 2018-08-18 emacsPackagesNgGen = emacsPackagesFor; # added 2018-08-18 emacsPackagesNgFor = emacsPackagesFor; # added 2019-08-07 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 974686337180..dd9a10067758 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1005,7 +1005,7 @@ in ec2_ami_tools = callPackage ../tools/virtualization/ec2-ami-tools { }; - amazon-ec2-utils = callPackage ../tools/virtualization/amazon-ec2-utils { }; + ec2-utils = callPackage ../tools/virtualization/ec2-utils { }; exoscale-cli = callPackage ../tools/admin/exoscale-cli { }; @@ -21305,8 +21305,6 @@ in icesl = callPackage ../applications/misc/icesl { }; - iina = callPackage ../applications/video/iina { }; - keepassx = callPackage ../applications/misc/keepassx { }; keepassx2 = callPackage ../applications/misc/keepassx/2.0.nix { }; keepassxc = libsForQt5.callPackage ../applications/misc/keepassx/community.nix { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 5a9a58d1b260..7ba80903ccd5 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3312,10 +3312,6 @@ in { keyrings-alt = callPackage ../development/python-modules/keyrings-alt { }; - keystone = callPackage ../development/python-modules/keystone { - inherit (pkgs) keystone; - }; - keyutils = callPackage ../development/python-modules/keyutils { inherit (pkgs) keyutils; }; kicad = disabledIf isPy27 (toPythonModule (pkgs.kicad.override { python3 = python; }).src); @@ -6220,8 +6216,6 @@ in { }); in if isPy3k then pyxattr' else pyxattr_2; - pyworld = callPackage ../development/python-modules/pyworld { }; - pyx = callPackage ../development/python-modules/pyx { }; pyxdg = callPackage ../development/python-modules/pyxdg { }; diff --git a/pkgs/top-level/ruby-packages.nix b/pkgs/top-level/ruby-packages.nix index 33a50e232d0e..ef82be30b620 100644 --- a/pkgs/top-level/ruby-packages.nix +++ b/pkgs/top-level/ruby-packages.nix @@ -1,36 +1,14 @@ { - actioncable = { - dependencies = ["actionpack" "nio4r" "websocket-driver"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0y3aa0965cdsqamxk8ac6brcvijl1zv4pvqils6xy3pbcrv0ljid"; - type = "gem"; - }; - version = "6.0.3.4"; - }; - actionmailbox = { - dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "10vb9s4frq22h5j6gyw2598k1jc29lg2czm95hf284l3mi4qly6a"; - type = "gem"; - }; - version = "6.0.3.4"; - }; actionmailer = { dependencies = ["actionpack" "actionview" "activejob" "mail" "rails-dom-testing"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ykn5qkwdlcv5aa1gjhhmrxpjccwa7df6n4amvkmvxv5lggyma52"; + sha256 = "18wwlj4f7jffv3vxm80d2z36nwza95l5xfcqc401hvvrls4xzhsy"; type = "gem"; }; - version = "6.0.3.4"; + version = "4.2.11.1"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -38,32 +16,21 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fbjpnh5hrihc9l35q9why6ip0hcdj42axzbp6b4j1xcy1v1bicj"; + sha256 = "0rmldsk3a4lwxk0lrp6x1nz1v1r2xmbm3300l4ghgfygv3grdwjh"; type = "gem"; }; - version = "6.0.3.4"; - }; - actiontext = { - dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0r0j0m76ynjspmvj5qbzl06kl9i920v269iz62y62009xydv6rqz"; - type = "gem"; - }; - version = "6.0.3.4"; + version = "4.2.11.1"; }; actionview = { - dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; + dependencies = ["activesupport" "builder" "erubis" "rails-dom-testing" "rails-html-sanitizer"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gdz31cq08nrqq6bxqim2qcbzv0fr34z6ycl73dmawpafj33wdkj"; + sha256 = "0x7vjn8q6blzyf7j3kwg0ciy7vnfh28bjdkd1mp9k4ghp9jn0g9p"; type = "gem"; }; - version = "6.0.3.4"; + version = "4.2.11.1"; }; activejob = { dependencies = ["activesupport" "globalid"]; @@ -71,54 +38,43 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0d0p8gjplrgym38dmchyzhv7lrrxngz0yrxl6xyvwxfxm1hgdk2k"; + sha256 = "0jy1c1r6syjqpa0sh9f1p4iaxzvp6qg4n6zs774j9z27q7h407mj"; type = "gem"; }; - version = "6.0.3.4"; + version = "4.2.11.1"; }; activemodel = { - dependencies = ["activesupport"]; + dependencies = ["activesupport" "builder"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00jj8namy5niq7grl5lrsr4y351rxpj1b69k1i9gvb1hnpghl099"; + sha256 = "1c1x0rd6wnk1f0gsmxs6x3gx7yf6fs9qqkdv7r4hlbcdd849in33"; type = "gem"; }; - version = "6.0.3.4"; + version = "4.2.11.1"; }; activerecord = { - dependencies = ["activemodel" "activesupport"]; + dependencies = ["activemodel" "activesupport" "arel"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06qvvp73z8kq9sd2mhw6p9124q5pfkswjga2fidz4c73zbr79r3g"; + sha256 = "07ixiwi0zzs9skqarvpfamsnay7npfswymrn28ngxaf8hi279q5p"; type = "gem"; }; - version = "6.0.3.4"; - }; - activestorage = { - dependencies = ["actionpack" "activejob" "activerecord" "marcel"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0q734331wb7cfsh4jahj3lphpxvglzb17yvibwss1ml4g01xxm52"; - type = "gem"; - }; - version = "6.0.3.4"; + version = "4.2.11.1"; }; activesupport = { - dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; + dependencies = ["i18n" "minitest" "thread_safe" "tzinfo"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1axidc4mikgi4yxs0ynw2c54jyrs5lxprxmzv6m3aayi9rg6rk5j"; + sha256 = "1vbq7a805bfvyik2q3kl9s3r418f5qzvysqbz2cwy4hr7m2q4ir6"; type = "gem"; }; - version = "6.0.3.4"; + version = "4.2.11.1"; }; addressable = { dependencies = ["public_suffix"]; @@ -131,15 +87,36 @@ }; version = "2.7.0"; }; + algoliasearch = { + dependencies = ["httpclient" "json"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ayg8j3819ay2d8618jv32ca16fh8qsgjsiq9j32yd016c170nkj"; + type = "gem"; + }; + version = "1.27.1"; + }; + arel = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nfcrdiys6q6ylxiblky9jyssrw2xj96fmxmal7f4f0jj3417vj4"; + type = "gem"; + }; + version = "6.0.4"; + }; ast = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1l3468czzjmxl93ap40hp7z94yxp4nbag0bxqs789bm30md90m2a"; + sha256 = "184ssy3w93nkajlz2c70ifm79jp3j737294kbc5fjw69v1w0n9x7"; type = "gem"; }; - version = "2.4.1"; + version = "2.4.0"; }; atk = { dependencies = ["glib2"]; @@ -147,10 +124,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05brc25pfvak610mdwgjsc64di29yff9i9g72m6hyc21pdjwfy3n"; + sha256 = "0a8q9a1f6x4gy55p8cf52a22bnpjgn18ad9n959x0f4gybbhs948"; type = "gem"; }; - version = "3.4.3"; + version = "3.4.1"; }; atomos = { groups = ["default"]; @@ -197,10 +174,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nx3yjf4xzdgb8jkmk2344081gqr22pgjqnmjg2q64mj5d6r9194"; + sha256 = "1mmkls9n56l4gx2k0dnyianwz36z2zgpxli5bpsbr7jbw7hn2x6j"; type = "gem"; }; - version = "11.1.3"; + version = "11.0.1"; }; cairo = { dependencies = ["native-package-installer" "pkg-config"]; @@ -208,10 +185,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00hiy6anibkjq9w77hg0lpgnkkbcxrfbz8wxv44jfzqbab8910wb"; + sha256 = "0yvv2lcbsybzbw1nrmfivmln23da4rndrs3av6ymjh0x3ww5h7p8"; type = "gem"; }; - version = "1.16.6"; + version = "1.16.4"; }; cairo-gobject = { dependencies = ["cairo" "glib2"]; @@ -219,10 +196,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "136aa800dgq6bmr0lb59mfj5q72r712wwp5wy5qxnp48adjw1k2h"; + sha256 = "0gkxdfslcvrwrs48giilji3bgxd5bwijwq33p9h00r10jzfg2028"; type = "gem"; }; - version = "3.4.3"; + version = "3.4.1"; }; camping = { dependencies = ["mab" "rack"]; @@ -240,10 +217,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ia09r8bj3bjhcfiyr3vlk9zx7vahfypbs2lyrxix9x1jx3lfzq4"; + sha256 = "1825ll26p28swjiw8n3x2pnh5ygsmg83spf82fnzcjn2p87vc5lf"; type = "gem"; }; - version = "3.0.3"; + version = "3.0.2"; }; charlock_holmes = { groups = ["default"]; @@ -270,10 +247,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08m0syh06bhx8dqn560ivjg96l5cs5s3l9jh2szsnlcdcyl9jsjg"; + sha256 = "0dka8f3hwzz7p558kiyyrdabljvwp71cbzk46akb3kvnvhcyjx89"; type = "gem"; }; - version = "1.3.2"; + version = "1.3.1"; }; cld3 = { dependencies = ["ffi"]; @@ -281,42 +258,53 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04hwr44m7x7vv55lc4vk5zcd6zq98c2asvzl3dh2adg1fhpk29nr"; + sha256 = "06p4jgrr0zixqnflmg5dcrbmhlnmll85j7vxkrjmnng293cwvzgw"; type = "gem"; }; - version = "3.3.0"; + version = "3.2.4"; }; cocoapods = { - dependencies = ["activesupport" "claide" "cocoapods-core" "cocoapods-deintegrate" "cocoapods-downloader" "cocoapods-plugins" "cocoapods-search" "cocoapods-stats" "cocoapods-trunk" "cocoapods-try" "colored" "escape" "fourflusher" "molinillo" "nap" "xcodeproj"]; + dependencies = ["activesupport" "claide" "cocoapods-core" "cocoapods-deintegrate" "cocoapods-downloader" "cocoapods-plugins" "cocoapods-search" "cocoapods-stats" "cocoapods-trunk" "cocoapods-try" "colored2" "escape" "fourflusher" "gh_inspector" "molinillo" "nap" "ruby-macho" "xcodeproj"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rnxjwrfk3yz34xx11hh61j7p57l6vwh8b86jvjivzlgrj4a025r"; + sha256 = "007ssx75588ji2d8l8s6c95dng1c7b6yacng8nngpy7maijzjgzc"; type = "gem"; }; - version = "1.0.1"; + version = "1.8.4"; }; cocoapods-acknowledgements = { - dependencies = ["cocoapods" "redcarpet" "xcodeproj"]; + dependencies = ["activesupport" "redcarpet"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04gaijs4djjkynan06wyaxxz48db0czzfrhh95jn3r201k2ypa7k"; + sha256 = "07n638ijlc4y5vfzs5ykzhmwwsng7njb2nnwn4ravydqqxqgv13m"; type = "gem"; }; - version = "1.3.0"; + version = "1.1.3"; }; cocoapods-art = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ljsx1inbbzj8njpk4sb40kdis6pjwpgcpy3677dm45bxw21dmkv"; + sha256 = "0vkcpwjp7hzby60hq0pxn9zdiz7snf7siq02bckkmd84n27hlz3w"; type = "gem"; }; - version = "1.0.5"; + version = "1.0.4"; + }; + cocoapods-bin = { + dependencies = ["cocoapods" "cocoapods-generate" "parallel"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dzbv7bfyw8a0iyi4nqw8a74wrdhf3absnpdb3i46rpbkanxw7hy"; + type = "gem"; + }; + version = "0.1.24"; }; cocoapods-browser = { dependencies = ["cocoapods"]; @@ -329,6 +317,28 @@ }; version = "0.1.5"; }; + cocoapods-bugsnag = { + dependencies = ["cocoapods"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1r34h66rqswsyhanx69qnhhr02xsqy2y1zp5265gl6m76nyqq5wa"; + type = "gem"; + }; + version = "2.0.1"; + }; + cocoapods-check = { + dependencies = ["cocoapods"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "17wb5xzhjvrqllsjqqbm00w8gnsrwcb6k7wsb36ykbcp0aiagvaf"; + type = "gem"; + }; + version = "1.1.0"; + }; cocoapods-clean = { groups = ["default"]; platforms = []; @@ -350,15 +360,15 @@ version = "0.0.2"; }; cocoapods-core = { - dependencies = ["activesupport" "fuzzy_match" "nap"]; + dependencies = ["activesupport" "algoliasearch" "concurrent-ruby" "fuzzy_match" "nap"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1bh69sbljlf3hvg98y2zssx0ch51lllz1k1lc8xysn43dm3ahaa5"; + sha256 = "0zcisqb404828n5d3lbk9y2yyx8v2yr6rk1l8y9a4i1hp743fiad"; type = "gem"; }; - version = "1.0.1"; + version = "1.8.4"; }; cocoapods-coverage = { dependencies = ["cocoapods-testing" "slather"]; @@ -417,10 +427,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1j03hxvz3m82fwgx3jayw0y2iqm7zpacn88r6nfj2arkbjxmvjwz"; + sha256 = "08vn0pgcyn6w6fq5xjd7szv2h9s5rzl17kyidnd7fl5qdmzc9c54"; type = "gem"; }; - version = "1.4.0"; + version = "1.3.0"; }; cocoapods-expert-difficulty = { groups = ["default"]; @@ -448,10 +458,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0324y1fm93ri54c5015rh81zqakjmzh15v969ipg0p0xinfpv7ki"; + sha256 = "17nqdhdjjg3919h3sz7jkqqhxsi6nyqgfyd7y4ci6fvb7pz79pdh"; type = "gem"; }; - version = "2.0.1"; + version = "1.6.0"; }; cocoapods-git_url_rewriter = { groups = ["default"]; @@ -469,10 +479,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "153cxxsi77dygc4qrij6qs44dbvc7dw31jx06cmf0ajrhv9qjnxl"; + sha256 = "14jmfibzvhqxhvhphj3g83d70ya16p7s4i43wir48hnaxkaqrm85"; type = "gem"; }; - version = "2.2.1"; + version = "2.1.0"; + }; + cocoapods-no-dev-schemes = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14w8yqs3r6pg06zpv58mc9vzfxhp3ka4mfhnc2p7vmyhy4nmcdza"; + type = "gem"; + }; + version = "1.0.1"; }; cocoapods-open = { groups = ["default"]; @@ -484,6 +504,39 @@ }; version = "0.0.8"; }; + cocoapods-packager = { + dependencies = ["cocoapods"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1083zv9pyqyqal6dk3kvfxdmylbll6078z5zw03m4j5jcz3m8nbm"; + type = "gem"; + }; + version = "1.5.0"; + }; + cocoapods-packager-pro = { + dependencies = ["cocoapods"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1sjnlnqrc3fvc33c3lg3h6y8n969isjswxg2jdc1kfc3x0cakawl"; + type = "gem"; + }; + version = "1.5.4"; + }; + cocoapods-playgrounds = { + dependencies = ["cocoapods"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0jsc489j6dh3mczzs880vc6jvzd8yjqrszmbbnkz9azndak3mhln"; + type = "gem"; + }; + version = "1.2.2"; + }; cocoapods-plugins = { dependencies = ["nap"]; groups = ["default"]; @@ -495,6 +548,27 @@ }; version = "1.0.0"; }; + cocoapods-prune-localizations = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1hvpl56rnblmdbj40sysvk56j5hx5kdpqry00raw2p184sb5k4cf"; + type = "gem"; + }; + version = "0.3.1"; + }; + cocoapods-rome = { + dependencies = ["cocoapods" "fourflusher"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1z5z49m5aww7q301bn5dzb6fzq6lcj6fvqibpg5ys1r0c41lsj0l"; + type = "gem"; + }; + version = "1.0.1"; + }; cocoapods-search = { groups = ["default"]; platforms = []; @@ -505,6 +579,28 @@ }; version = "1.0.0"; }; + cocoapods-sorted-search = { + dependencies = ["cocoapods" "hashie" "osx_keychain" "ruby-progressbar" "typhoeus"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1da86mjq4spfsx6xjk7qylvj5423ai9y39g9xxfl9r6h8i54dmpp"; + type = "gem"; + }; + version = "0.2.4"; + }; + cocoapods-static-swift-framework = { + dependencies = ["cocoapods"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "12hhh25bj5dyz6rwc5jgarlld35vmgn43qk5lq9kfrpcli2ynhp2"; + type = "gem"; + }; + version = "0.5"; + }; cocoapods-stats = { groups = ["default"]; platforms = []; @@ -515,6 +611,17 @@ }; version = "1.1.0"; }; + cocoapods-tdfire-binary = { + dependencies = ["cocoapods" "cocoapods-bin" "cocoapods-packager-pro"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "10idp7yr2zni6zhpj1pqkj4wkk5g48f5iizjb20i8minj52l64m0"; + type = "gem"; + }; + version = "2.0.9"; + }; cocoapods-testing = { dependencies = ["xctasks"]; groups = ["default"]; @@ -532,20 +639,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "12c6028bmdwrbqcb49mr5qj1p3vcijnjqbsbzywfx1isp44j9mv5"; + sha256 = "0vrwsgaq3nf7v3pwksgqy0mhswrp3ipczrc96vl3ii2pcc9ilwkw"; type = "gem"; }; - version = "1.5.0"; + version = "1.4.1"; }; cocoapods-try = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1znyp625rql37ivb5rk9fk9564cmax8icxfr041ysivpdrn98nql"; + sha256 = "1gf2zjmcjhh9psq15yfy82wz5jnlihf5bcw79f8hlv4cnqyspncj"; type = "gem"; }; - version = "1.2.0"; + version = "1.1.0"; }; cocoapods-try-release-fix = { groups = ["default"]; @@ -593,10 +700,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jvxqxzply1lwp7ysn94zjhh57vc14mcshw1ygw14ib8lhc00lyw"; + sha256 = "15vav4bhcc2x3jmi3izb11l4d9f3xv8hp2fszb7iqmpsccv1pz4y"; type = "gem"; }; - version = "1.1.3"; + version = "1.1.2"; }; colorator = { groups = ["default"]; @@ -608,16 +715,6 @@ }; version = "1.1.0"; }; - colored = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0b0x5jmsyi0z69bm6sij1k89z7h0laag3cb4mdn7zkl9qmxb90lx"; - type = "gem"; - }; - version = "1.2"; - }; colored2 = { groups = ["default"]; platforms = []; @@ -633,30 +730,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vnxrbhi7cq3p4y2v9iwd10v1c7l15is4var14hwnb2jip4fyjzz"; + sha256 = "1x07r23s7836cpp5z9yrlbpljcxpax14yw4fy4bnp6crhr6x24an"; type = "gem"; }; - version = "1.1.7"; + version = "1.1.5"; }; crass = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0pfl5c0pyqaparxaqxi6s4gfl21bdldwiawrc0aknyvflli60lfw"; + sha256 = "030sc98kjrb36rh7g21qsbdfxrj6knsjkx0mn3b7gig8zknwhp2f"; type = "gem"; }; - version = "1.0.6"; + version = "1.0.5"; }; curb = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1q7kqswm780vx1fannnrprbfbsp166smgyszgip5q7b859mk89wp"; + sha256 = "0s27g4nkdf8wipzyxx87nnw43ps8xqg30sqz86ay7dvmmpkd786k"; type = "gem"; }; - version = "0.9.11"; + version = "0.9.10"; }; curses = { groups = ["default"]; @@ -694,20 +791,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09frwp3np5c64y8g5rnbl46n7riknmdjprhndsh6zzajkjr9m3xj"; + sha256 = "1nff0nai8h8786xix92f3k5wjb51gqd9gkibmah2bvrcwyn9qiw5"; type = "gem"; }; - version = "1.3.5"; + version = "1.3.1"; }; diff-lcs = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0m925b8xc6kbpnif9dldna24q1szg4mk0fvszrki837pfn46afmz"; + sha256 = "18w22bjz424gzafv6nzv98h0aqkwz3d9xhm7cbr1wfbyas8zayza"; type = "gem"; }; - version = "1.4.4"; + version = "1.3"; }; digest-sha3 = { groups = ["default"]; @@ -756,10 +853,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0iym172c5337sm1x2ykc2i3f961vj3wdclbyg1x6sxs3irgfsl94"; + sha256 = "17hkd62ig9b0czv192kqdfq7gw0a8hgq07yclri6myc8y5lmfin5"; type = "gem"; }; - version = "2.7.6"; + version = "2.7.5"; }; em-websocket = { dependencies = ["eventmachine" "http_parser.rb"]; @@ -767,20 +864,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mg1mx735a0k1l8y14ps2mxdwhi5r01ikydf34b0sp60v66nvbkb"; + sha256 = "1bsw8vjz0z267j40nhbmrvfz7dvacq4p0pagvyp17jif6mj6v7n3"; type = "gem"; }; - version = "0.5.2"; + version = "0.5.1"; }; - erubi = { + erubis = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09l8lz3j00m898li0yfsnb6ihc63rdvhw3k5xczna5zrjk104f2l"; + sha256 = "1fj827xqjs91yqsydf0zmfyw9p4l2jz5yikg3mppz6d7fi8kyrb3"; type = "gem"; }; - version = "1.10.0"; + version = "2.7.0"; }; escape = { groups = ["default"]; @@ -818,31 +915,31 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16ij8617v3js03yj1zd32mmrf7kpi9l96bid5mpqk30c4mzai55r"; + sha256 = "0nn8wk7j22ly4lzdp5pnm7qsrjxbgspiyxkw70g1qf9bn6pslmxr"; type = "gem"; }; - version = "0.78.1"; + version = "0.71.1"; }; faraday = { - dependencies = ["multipart-post" "ruby2_keywords"]; + dependencies = ["multipart-post"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16dapwi5pivrl25r4lkr1mxjrzkznj4wlcb08fzkmxnj4g5c6y35"; + sha256 = "1gggz3vvvkdrxil2fwpaaslv1z5bxzwra4wnybf20np58v1iv9w8"; type = "gem"; }; - version = "1.1.0"; + version = "0.17.1"; }; ffi = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10ay35dm0lkcqprsiya6q2kwvyid884102ryipr4vrk790yfp8kd"; + sha256 = "0j8pzj8raxbir5w5k6s7a042sb5k02pg0f8s4na1r5lan901j00p"; type = "gem"; }; - version = "1.11.3"; + version = "1.10.0"; }; ffi-compiler = { dependencies = ["ffi" "rake"]; @@ -872,10 +969,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bwqm9n69y5y0a5iickr358z7w4hml3flqwfz8b7cnj1ldabhnjn"; + sha256 = "1s1jxlrbq4jhwkiy5gq429v87m1l602b2gppw0ikbax7rnv30s9x"; type = "gem"; }; - version = "2.2.3"; + version = "2.2.0"; }; fog-dnsimple = { dependencies = ["fog-core" "fog-json"]; @@ -924,10 +1021,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0yp0pxj6xsd84h2barwh3z5w289p1a6lqib309m7sbzh643qx3zz"; + sha256 = "1afabh3g3gwj0ad53fs62waks815xcckf7pkci76l6vrghffcg8v"; type = "gem"; }; - version = "0.3.2"; + version = "2.3.1"; }; fuzzy_match = { groups = ["default"]; @@ -945,10 +1042,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0hslcfns2ysvjyj21hjvp4hghrafw1sdl627fm0nj0wsncs94m67"; + sha256 = "0194gzn0kialfh0j7crllvp808r64sg6dh297x69b0av21ar5pam"; type = "gem"; }; - version = "3.4.3"; + version = "3.4.1"; + }; + gh_inspector = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0f8r9byajj3bi2c7c5sqrc7m0zrv3nblfcd4782lw5l73cbsgk04"; + type = "gem"; + }; + version = "1.1.3"; }; gio2 = { dependencies = ["gobject-introspection"]; @@ -956,20 +1063,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1l30xsr1dgnzqfmln17arnqi8iga97ldf6zgbqrfby6a94v3ammd"; + sha256 = "1l3jpgbdvb55xhcmpkcqgwx5068dfyi8kijfvzhbqh96ng0p1m7g"; type = "gem"; }; - version = "3.4.3"; + version = "3.4.1"; }; gitlab-markup = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xnlra517pfj3hx07kasbqlcw51ix4xajr6bsd3mwg8bc92dlwy7"; + sha256 = "0rqf3jmyn78r3ysy3bjyx7s4yv3xipxlmqlmbyrbksna19rrx08d"; type = "gem"; }; - version = "1.7.1"; + version = "1.7.0"; }; glib2 = { dependencies = ["native-package-installer" "pkg-config"]; @@ -977,10 +1084,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0l46ymdf7azpd137xq4rarbaq54hxs9rgfry0r6b0ywj74rmw9ih"; + sha256 = "18clyn0fp0h5alnkf9i2bqd6wvl78h468pdbzs1csqnba8vw4q1c"; type = "gem"; }; - version = "3.4.3"; + version = "3.4.1"; }; globalid = { dependencies = ["activesupport"]; @@ -999,10 +1106,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "11gas9hzq36a2bwqi7h5c6p6jihanbhsarwhv5fw53dxap4iwj25"; + sha256 = "1a3x8qiisbax3x0izj8l5w66r53ba5ma53ax2jhdbhbvaxx3d02n"; type = "gem"; }; - version = "3.4.3"; + version = "3.4.1"; }; gpgme = { dependencies = ["mini_portile2"]; @@ -1010,10 +1117,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xbgh9d8nbvsvyzqnd0mzhz0nr9hx4qn025kmz6d837lry4lc6gw"; + sha256 = "0jbqajngi5ndqfarw9dxkhbphva0j71jav5wfym3fsiisvk5gg6p"; type = "gem"; }; - version = "2.0.20"; + version = "2.0.19"; }; gtk2 = { dependencies = ["atk" "gdk_pixbuf2" "pango"]; @@ -1021,20 +1128,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0v1ag6irp52asm0yaxa7s533czy7yzhanhgn1v0cndqpzqk8icfz"; + sha256 = "17az8g0n1yzz90kdbjg2hpabi04qccda7v6lin76bs637ivfg2md"; type = "gem"; }; - version = "3.4.3"; + version = "3.4.1"; }; hashie = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02bsx12ihl78x0vdm37byp78jjw2ff6035y7rrmbd90qxjwxr43q"; + sha256 = "0drkv8a70akprcnbxvd08hzp2bgd5g4s5g752f8599ks1g6a7wj1"; type = "gem"; }; - version = "4.1.0"; + version = "4.0.0"; }; highline = { groups = ["default"]; @@ -1123,10 +1230,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "153sx77p16vawrs4qpkv7qlzf9v5fks4g7xqcj1dwk40i6g7rfzk"; + sha256 = "038qvz7kd3cfxk8bvagqhakx68pfbnmghpdkx7573wbf0maqp9a3"; type = "gem"; }; - version = "1.8.5"; + version = "0.9.5"; }; iconv = { groups = ["default"]; @@ -1148,16 +1255,26 @@ }; version = "0.1.0"; }; + jaro_winkler = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1y8l6k34svmdyqxya3iahpwbpvmn3fswhwsvrz0nk1wyb8yfihsh"; + type = "gem"; + }; + version = "1.5.4"; + }; jbuilder = { dependencies = ["activesupport"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02llgsg30jz9kpxs8jzv6rvzaylw7948xj2grp4vsfg54z20cwbm"; + sha256 = "03adzsc2hfd0lvprm45s52bkxpnpnw8r9prcx8zx1aw2a8lzp9r7"; type = "gem"; }; - version = "2.10.1"; + version = "2.9.1"; }; jekyll = { dependencies = ["addressable" "colorator" "em-websocket" "i18n" "jekyll-sass-converter" "jekyll-watch" "kramdown" "kramdown-parser-gfm" "liquid" "mercenary" "pathutil" "rouge" "safe_yaml" "terminal-table"]; @@ -1165,10 +1282,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "192k1ggw99slpqpxb4xamcvcm2pdahgnmygl746hmkrar0i3xa5r"; + sha256 = "0fpckw5nf4hfr5vhhdlmaxxp5lkdmc1vyqnmijwvy9fmjn4c87aa"; type = "gem"; }; - version = "4.1.1"; + version = "4.0.0"; }; jekyll-sass-converter = { dependencies = ["sassc"]; @@ -1176,10 +1293,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04ncr44wrilz26ayqwlg7379yjnkb29mvx4j04i62b7czmdrc9dv"; + sha256 = "0xjzqpp35qr2vnf2zpak0srn773mp21glcq81a0iqpnrva7h80m3"; type = "gem"; }; - version = "2.1.0"; + version = "2.0.1"; }; jekyll-watch = { dependencies = ["listen"]; @@ -1207,31 +1324,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "158fawfwmv2sq4whqqaksfykkiad2xxrrj0nmpnc6vnlzi1bp7iz"; + sha256 = "0nrmw2r4nfxlfgprfgki3hjifgrcrs3l5zvm3ca3gb4743yr25mn"; type = "gem"; }; - version = "2.3.1"; + version = "2.3.0"; }; jwt = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14ynyq1q483spj20ffl4xayfqx1a8qr761mqjfxczf8lwlap392n"; + sha256 = "01zg1vp3lyl3flyjdkrcc93ghf833qgfgh2p1biqfhkzz11r129c"; type = "gem"; }; - version = "2.2.2"; + version = "2.2.1"; }; kramdown = { - dependencies = ["rexml"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vmw752c26ny2jwl0npn0gbyqwgz4hdmlpxnsld9qi9xhk5b1qh7"; + sha256 = "1dl840bvx8d9nq6lg3mxqyvbiqnr6lk3jfsm6r8zhz7p5srmd688"; type = "gem"; }; - version = "2.3.0"; + version = "2.1.0"; }; kramdown-parser-gfm = { dependencies = ["kramdown"]; @@ -1249,20 +1365,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0317sr3nrl51sp844bps71smkrwim3fjn47wdfpbycixnbxspivm"; + sha256 = "1jivcckillfvd4n2jnsnnlf93z3gpvqbwsczs0fvv9hc90zpj7yh"; type = "gem"; }; - version = "8.4.255.0"; + version = "7.3.492.27.1"; }; libxml-ruby = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0w2pw08b6pc9pm51ix7413jcllaisc06dvwzq0191ag1jsysv220"; + sha256 = "1r7m7zipkpam8ns4ys4qyh7yj3is3dy7ky6qwnw557pvpgx0aqrd"; type = "gem"; }; - version = "3.2.1"; + version = "3.1.0"; }; liquid = { groups = ["default"]; @@ -1280,10 +1396,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zpcgha7g33wvy2xbbc663cbjyvg9l1325lg3gzgcn3baydr9rha"; + sha256 = "1w923wmdi3gyiky0asqdw5dnh3gcjs2xyn82ajvjfjwh6sn0clgi"; type = "gem"; }; - version = "3.3.3"; + version = "3.2.1"; }; loofah = { dependencies = ["crass" "nokogiri"]; @@ -1291,10 +1407,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ndimir6k3kfrh8qrb7ir1j836l4r3qlwyclwjh88b86clblhszh"; + sha256 = "1g7ps9m3s14cajhxrfgbzahv9i3gy47s4hqrv3mpybpj5cyr0srn"; type = "gem"; }; - version = "2.8.0"; + version = "2.4.0"; }; mab = { groups = ["default"]; @@ -1328,17 +1444,6 @@ }; version = "2.7.1"; }; - marcel = { - dependencies = ["mimemagic"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1nxbjmcyg8vlw6zwagf17l9y2mwkagmmkg95xybpn4bmf3rfnksx"; - type = "gem"; - }; - version = "0.3.3"; - }; markaby = { dependencies = ["builder"]; groups = ["default"]; @@ -1355,20 +1460,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0f2i827w4lmsizrxixsrv2ssa3gk1b7lmqh8brk8ijmdb551wnmj"; + sha256 = "10la0xw82dh5mqab8bl0dk21zld63cqxb1g16fk8cb39ylc4n21a"; type = "gem"; }; - version = "0.4.0"; + version = "0.3.6"; }; method_source = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pnyh44qycnf9mzi1j6fywd5fkskv3x7nmsqrrws0rjn5dd4ayfp"; + sha256 = "1pviwzvdqd90gn6y7illcdd9adapw8fczml933p5vl739dkvl3lq"; type = "gem"; }; - version = "1.0.0"; + version = "0.9.2"; }; mime-types = { dependencies = ["mime-types-data"]; @@ -1386,30 +1491,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ipjyfwn9nlvpcl8knq3jk4g5f12cflwdbaiqxcq1s7vwfwfxcag"; + sha256 = "18x61fc36951vw7f74gq8cyybdpxvyg5d0azvqhrs82ddw3v16xh"; type = "gem"; }; - version = "3.2020.1104"; - }; - mimemagic = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1qfqb9w76kmpb48frbzbyvjc0dfxh5qiw1kxdbv2y2kp6fxpa1kf"; - type = "gem"; - }; - version = "0.3.5"; + version = "3.2019.1009"; }; mini_magick = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1aj604x11d9pksbljh0l38f70b558rhdgji1s9i763hiagvvx2hs"; + sha256 = "0qy09qrd5bwh8mkbj514n5vcw9ni73218h9s3zmvbpmdwrnzi8j4"; type = "gem"; }; - version = "4.11.0"; + version = "4.9.5"; }; mini_mime = { groups = ["default"]; @@ -1436,40 +1531,40 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "170y2cvx51gm3cm3nhdf7j36sxnkh6vv8ls36p90ric7w8w16h4v"; + sha256 = "0w16p7cvslh3hxd3cia8jg4pd85z7rz7xqb16vh42gj4rijn8rmi"; type = "gem"; }; - version = "5.14.2"; + version = "5.13.0"; }; molinillo = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0msabpxiyhlbgayrvr01316alaxrxwh6h8yzqz6p36v1zhqgddw4"; + sha256 = "1hh40z1adl4lw16dj4hxgabx4rr28mgqycih1y1d91bwww0jjdg6"; type = "gem"; }; - version = "0.4.5"; + version = "0.6.6"; }; msgpack = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lva6bkvb4mfa0m3bqn4lm4s4gi81c40jvdcsrxr6vng49q9daih"; + sha256 = "1qr2mkm2i3m76zarvy7qgjl9596hmvjrg7x6w42vx8cfsbf5p0y1"; type = "gem"; }; - version = "1.3.3"; + version = "1.3.1"; }; multi_json = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z"; + sha256 = "0xy54mjf7xg41l8qrg1bqri75agdqmxap9z466fjismc1rn2jwfr"; type = "gem"; }; - version = "1.15.0"; + version = "1.14.1"; }; multipart-post = { groups = ["default"]; @@ -1481,17 +1576,6 @@ }; version = "2.1.1"; }; - mustermann = { - dependencies = ["ruby2_keywords"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0ccm54qgshr1lq3pr1dfh7gphkilc19dp63rw6fcx7460pjwy88a"; - type = "gem"; - }; - version = "1.1.1"; - }; mysql2 = { groups = ["default"]; platforms = []; @@ -1507,10 +1591,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xi36h3f7nm8bc2k0b6svpda1lyank2gf872lxjbhw3h95hdrbma"; + sha256 = "0ajfyaqjw3dzykk612yw8sm21savfqy292hgps8h8l4lvxww1lz6"; type = "gem"; }; - version = "0.3.0"; + version = "0.2.6"; }; nap = { groups = ["default"]; @@ -1548,20 +1632,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0b4h3ip8d1gkrc0znnw54hbxillk73mdnaf5pz330lmrcl1wiilg"; + sha256 = "0nkf3my587f0izqw0dl3zl24c3lnrw9y5xrq9vb0lhgymmgcav9g"; type = "gem"; }; - version = "3.0.0"; + version = "2.0.0"; }; net-ssh = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jp3jgcn8cij407xx9ldb5h9c6jv13jc4cf6kk2idclz43ww21c9"; + sha256 = "101wd2px9lady54aqmkibvy4j62zk32w0rjz4vnigyg974fsga40"; type = "gem"; }; - version = "6.1.0"; + version = "5.2.0"; }; netrc = { groups = ["default"]; @@ -1578,10 +1662,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1cbwp1kbv6b2qfxv8sarv0d0ilb257jihlvdqj8f5pdm0ksq1sgk"; + sha256 = "0gnmvbryr521r135yz5bv8354m7xn6miiapfgpg1bnwsvxz8xj6c"; type = "gem"; }; - version = "2.5.4"; + version = "2.5.2"; }; nokogiri = { dependencies = ["mini_portile2"]; @@ -1589,10 +1673,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xmf60nj5kg9vaj5bysy308687sgmkasgx06vbbnf94p52ih7si2"; + sha256 = "0r0qpgf80h764k176yr63gqbs2z0xbsp8vlvs2a79d5r9vs83kln"; type = "gem"; }; - version = "1.10.10"; + version = "1.10.7"; }; opus-ruby = { dependencies = ["ffi"]; @@ -1622,10 +1706,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zlk3bksiwrdvb7j0r5av7w280kigl7947wa7w4kbwqz3snaxl3m"; + sha256 = "09lb0a9y4q7946jaf53li1v4cb6ksfb5bq5wb15yn8ja6wf9n427"; type = "gem"; }; - version = "4.4.0"; + version = "4.3.0"; }; pango = { dependencies = ["cairo-gobject" "gobject-introspection"]; @@ -1633,20 +1717,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05smxn2jank7wqih59lhr30ab8f4qxdsdiiag5v7a0gjgzkmbi7f"; + sha256 = "1d0cn50qgpifrcv8qx72wi6l9xalw3ryngbfmm9xpg9vx5rl1qbp"; type = "gem"; }; - version = "3.4.3"; + version = "3.4.1"; }; parallel = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0055br0mibnqz0j8wvy20zry548dhkakws681bhj3ycb972awkzd"; + sha256 = "12jijkap4akzdv11lm08dglsc8jmc87xcgq6947i1s3qb69f4zn2"; type = "gem"; }; - version = "1.20.1"; + version = "1.19.1"; }; parser = { dependencies = ["ast"]; @@ -1654,10 +1738,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1f7gmm60yla325wlnd3qkxs59qm2y0aan8ljpg6k18rwzrrfil6z"; + sha256 = "10siyp14d88jwcfj45kkk3nwl4wyr2r5ajb7vy4iwh1gxmhvi727"; type = "gem"; }; - version = "2.7.2.0"; + version = "2.7.0.0"; }; pathutil = { dependencies = ["forwardable-extended"]; @@ -1695,20 +1779,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "13mfrysrdrh8cka1d96zm0lnfs59i5x2g6ps49r2kz5p3q81xrzj"; + sha256 = "15pa9qy7ngig21zgnvzwaxiy4rc7wbibna5050jjpgal9drgvpyy"; type = "gem"; }; - version = "1.2.3"; + version = "1.2.0"; }; pkg-config = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "068sf963n2zk47kqcckj624g5pxmk68mm76h02piphfyh9x4zmi3"; + sha256 = "1cxdpr2wlz9b587avlq04a1da5fz1vdw8jvr6lx23mcq7mqh2xcx"; type = "gem"; }; - version = "1.4.4"; + version = "1.4.0"; }; polyglot = { groups = ["default"]; @@ -1726,10 +1810,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0iyw4q4an2wmk8v5rn2ghfy2jaz9vmw2nk8415nnpx2s866934qk"; + sha256 = "00rm71x0r1jdycwbs83lf9l6p494m99asakbvqxh8rz7zwnlzg69"; type = "gem"; }; - version = "0.13.1"; + version = "0.12.2"; }; pry-byebug = { dependencies = ["byebug" "pry"]; @@ -1737,10 +1821,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "096y5vmzpyy4x9h4ky4cs4y7d19vdq9vbwwrqafbh5gagzwhifiv"; + sha256 = "1aqz4gz8z44k6svpvcsfrqbigcpjd2kwvfm77yq3v8yzkhjrx0zi"; type = "gem"; }; - version = "3.9.0"; + version = "3.7.0"; }; pry-doc = { dependencies = ["pry" "yard"]; @@ -1748,20 +1832,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xrf2whjycv4sd7qvf5m6zdpk0lhf1p63v66w9ha146fc7rcjkc1"; + sha256 = "14lwb5dxfibcqbjygzvnf8ry0mayx48fk20qhg06214sll0sp0kv"; type = "gem"; }; - version = "1.1.0"; + version = "1.0.0"; }; public_suffix = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xqcgkl7bwws1qrlnmxgh8g4g9m10vg60bhlw40fplninb3ng6d9"; + sha256 = "0ww6577yhgszvc0p33qg9nb7n03fyadvl14v2kbpm4rpf0q4i6gz"; type = "gem"; }; - version = "4.0.6"; + version = "4.0.2"; }; puma = { dependencies = ["nio4r"]; @@ -1769,20 +1853,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fl2bgw1lh1712qpzl5m5vi4cc1bcw336bh1dbp28fkmss9yysma"; + sha256 = "0v6zai6sinw5r1lchm278mm3dr8x5vi8pwmybwv9lz1kz02fk2g3"; type = "gem"; }; - version = "5.1.0"; + version = "4.3.1"; }; rack = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0i5vs0dph9i5jn8dfc6aqd6njcafmb20rwqngrf759c9cvmyff16"; + sha256 = "1riq0z408dwvqcqrpq05bp2w879l4sjxzb4cbrbx55kpi6h2g1cj"; type = "gem"; }; - version = "2.2.3"; + version = "1.6.12"; }; rack-protection = { dependencies = ["rack"]; @@ -1790,10 +1874,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "159a4j4kragqh0z0z8vrpilpmaisnlz3n7kgiyf16bxkwlb3qlhz"; + sha256 = "0my0wlw4a5l3hs79jkx2xzv7djhajgf8d28k8ai1ddlnxxb0v7ss"; type = "gem"; }; - version = "2.1.0"; + version = "1.5.5"; }; rack-test = { dependencies = ["rack"]; @@ -1801,32 +1885,43 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rh8h376mx71ci5yklnpqqn118z3bl67nnv5k801qaqn1zs62h8m"; + sha256 = "0h6x5jq24makgv2fq5qqgjlrk74dxfy62jif9blk43llw8ib2q7z"; type = "gem"; }; - version = "1.1.0"; + version = "0.6.3"; }; rails = { - dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" "sprockets-rails"]; + dependencies = ["actionmailer" "actionpack" "actionview" "activejob" "activemodel" "activerecord" "activesupport" "railties" "sprockets-rails"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vs4kfgp5pr5032nnhdapq60ga6karann06ilq1yjx8qck87cfxg"; + sha256 = "1ywvis59dd3v8qapi9ix6743zgk07l21x1cd6nb1ddpahxhm7dml"; type = "gem"; }; - version = "6.0.3.4"; + version = "4.2.11.1"; + }; + rails-deprecated_sanitizer = { + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qxymchzdxww8bjsxj05kbf86hsmrjx40r41ksj0xsixr2gmhbbj"; + type = "gem"; + }; + version = "1.0.3"; }; rails-dom-testing = { - dependencies = ["activesupport" "nokogiri"]; + dependencies = ["activesupport" "nokogiri" "rails-deprecated_sanitizer"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lfq2a7kp2x64dzzi5p4cjcbiv62vxh9lyqk2f0rqq3fkzrw8h5i"; + sha256 = "0wssfqpn00byhvp2372p99mphkcj8qx6pf6646avwr9ifvq0q1x6"; type = "gem"; }; - version = "2.0.3"; + version = "1.0.9"; }; rails-html-sanitizer = { dependencies = ["loofah"]; @@ -1840,15 +1935,15 @@ version = "1.3.0"; }; railties = { - dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor"]; + dependencies = ["actionpack" "activesupport" "rake" "thor"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0x28620cvfja8r06lk6f90pw5lvijz9qi4bjsa4z1d1rkr3v4r3w"; + sha256 = "1bjf21z9maiiazc1if56nnh9xmgbkcqlpznv34f40a1hsvgk1d1m"; type = "gem"; }; - version = "6.0.3.4"; + version = "4.2.11.1"; }; rainbow = { groups = ["default"]; @@ -1875,10 +1970,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1k9bsj7ni0g2fd7scyyy1sk9dy2pg9akniahab0iznvjmhn54h87"; + sha256 = "1lm1k7wpz69jx7jrc92w3ggczkjyjbfziq5mg62vjnxmzs383xx8"; type = "gem"; }; - version = "0.10.4"; + version = "0.10.3"; }; rb-inotify = { dependencies = ["ffi"]; @@ -1907,20 +2002,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0y8yzianlkc9w6sbqy8iy8l0yym0y6x7p5rjflkfixq76fqmhvzk"; + sha256 = "0lvz1vk2l3chnz6zdp4xmh6w2z75rndhgbravbxgvw8ff4snsxa7"; type = "gem"; }; - version = "7.1.1"; + version = "7.1.0"; }; re2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16q71cc9wx342c697q18pkz19ym4ncjd97hcw4v6f1mgflkdv400"; + sha256 = "00wf9k1hkv3z3nfkrnfyyfq9ah0l7k14awqys3h2hqz4c21pqd2i"; type = "gem"; }; - version = "1.2.0"; + version = "1.1.1"; }; redcarpet = { groups = ["default"]; @@ -1937,10 +2032,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15x2sr6h094rjbvg8pkq6m3lcd5abpyx93aifvfdz3wv6x55xa48"; + sha256 = "08v2y91q1pmv12g9zsvwj66w3s8j9d82yrmxgyv4y4gz380j3wyh"; type = "gem"; }; - version = "4.2.5"; + version = "4.1.3"; }; redis-rack = { dependencies = ["rack" "redis-store"]; @@ -1948,10 +2043,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nblbxg1f051dn83jp92lz3lc1wxm18nviglrabv2l0vz6rd0pkb"; + sha256 = "1pa19ydbk0l6wilwbxcjn6knfs4ffgj0rhaaldrlhf76pjgkaiqb"; type = "gem"; }; - version = "2.1.3"; + version = "2.0.6"; }; redis-store = { dependencies = ["redis"]; @@ -1959,20 +2054,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cpzbf2svnk4j5awb24ncl0mih45zkbdrd7q23jdg1r8k3q7mdg6"; + sha256 = "1isqzzds9kszc2nn8jiy8ikry01qspn7637ba9z2k6sk7vky46d9"; type = "gem"; }; - version = "1.9.0"; - }; - regexp_parser = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1racz3w9s4w0ls32bvjypfifk4a7qxngm2cv1rh16jyz0c1wjd70"; - type = "gem"; - }; - version = "2.0.0"; + version = "1.8.1"; }; rest-client = { dependencies = ["http-accept" "http-cookie" "mime-types" "netrc"]; @@ -1985,35 +2070,25 @@ }; version = "2.1.0"; }; - rexml = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1mkvkcw9fhpaizrhca0pdgjcrbns48rlz4g6lavl5gjjq3rk2sq3"; - type = "gem"; - }; - version = "3.2.4"; - }; rmagick = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ajn6aisf9hh3x5zrs7n02pg5xy3m8x38gh9cn7b3klzgp3djla5"; + sha256 = "06ya2zpz2g3g4c90bmd1z11qkajls3srq5b7cswrjq8ima568ja0"; type = "gem"; }; - version = "4.1.2"; + version = "4.0.0"; }; rouge = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0yvcv901lrh5rfnk1h4h56hf2m6n9pd6w8n96vag74aakgz3gaxn"; + sha256 = "0k5jrp0qc9p61mfcwyn1a7dajmkw04z6y76wa8a0axh1v2wrw8ld"; type = "gem"; }; - version = "3.25.0"; + version = "3.14.0"; }; rpam2 = { groups = ["default"]; @@ -2031,10 +2106,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dwai7jnwmdmd7ajbi2q0k0lx1dh88knv5wl7c34wjmf94yv8w5q"; + sha256 = "1hzsig4pi9ybr0xl5540m1swiyxa74c8h09225y5sdh2rjkkg84h"; type = "gem"; }; - version = "3.10.0"; + version = "3.9.0"; }; rspec-core = { dependencies = ["rspec-support"]; @@ -2042,10 +2117,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0n2rdv8f26yw8c6asymc0mgddyr5d2b5n6mfvpd3n6lnpf1jdyv2"; + sha256 = "0gppalb2ynj0xk7vp8kk5pwzihmiqc8l4prpy4n9spclq7iqkspq"; type = "gem"; }; - version = "3.10.0"; + version = "3.9.0"; }; rspec-expectations = { dependencies = ["diff-lcs" "rspec-support"]; @@ -2053,10 +2128,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0j37dvnvfbjwj8dqx27yfvz0frl7f2jc1abqg99h0ppriz9za6dc"; + sha256 = "1gjqfb39da6gywdcp4h77738r7khbrn2v4y45589z25bj4z9paf0"; type = "gem"; }; - version = "3.10.0"; + version = "3.9.0"; }; rspec-mocks = { dependencies = ["diff-lcs" "rspec-support"]; @@ -2064,64 +2139,52 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pz89y1522i6f8wzrg72ykmch3318ih87nlpl0y1ghsrs5hqymw3"; + sha256 = "0q9f8nrxhs4k2vl3bnm3pi5s44v9pnvjwirjnwji3sxzf68c2xjf"; type = "gem"; }; - version = "3.10.0"; + version = "3.9.0"; }; rspec-support = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0j0n28i6zci5j7gg370bdy87dy43hlwx6dw428d9kamf5a0i2klz"; + sha256 = "18080h06kqayyr6dpw4c62l0wav09ihkd6skinsln13kmq0cv0mx"; type = "gem"; }; - version = "3.10.0"; + version = "3.9.0"; }; rubocop = { - dependencies = ["parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; + dependencies = ["jaro_winkler" "parallel" "parser" "rainbow" "ruby-progressbar" "unicode-display_width"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0k246mahr4737rlvazll5vfvq1307b0z9pmhlnp5ynknl31fclp5"; + sha256 = "1p1bhsfscasp57l5di9hsx8jl325kfjswhd2mlzq74hj3gdws4x0"; + type = "gem"; + }; + version = "0.78.0"; + }; + rubocop-performance = { + dependencies = ["rubocop"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1fk9nd3b24avgsqp726hy2pl1iyfjrh6jni97wkky6kqy0lq6zq2"; type = "gem"; }; version = "1.5.2"; }; - rubocop-ast = { - dependencies = ["parser"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1z9253d7hwdlqr3g7rwx6x6n0qwv8niq6r2ppgry2lbfvb4czypm"; - type = "gem"; - }; - version = "1.3.0"; - }; - rubocop-performance = { - dependencies = ["rubocop" "rubocop-ast"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0zfc0wvx4jw0apn86jbz5za8pjmb7k0j58ndap3kwarkznxk2ad1"; - type = "gem"; - }; - version = "1.9.1"; - }; ruby-graphviz = { - dependencies = ["rexml"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "010m283gk4qgzxkgrldlnrglh8d5fn6zvrzm56wf5abd7x7b8aqw"; + sha256 = "1jzbs0jhaz77azsc30gsfg89fy44vsr565jcj4axhc65n1fmhs90"; type = "gem"; }; - version = "1.2.5"; + version = "1.2.4"; }; ruby-libvirt = { groups = ["default"]; @@ -2143,6 +2206,16 @@ }; version = "1.2.3"; }; + ruby-macho = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lhdjn91jkifsy2hzq2hgcm0pp8pbik87m58zmw1ifh6hkp9adjb"; + type = "gem"; + }; + version = "1.4.0"; + }; ruby-progressbar = { groups = ["default"]; platforms = []; @@ -2169,20 +2242,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lk124dixshf8mmrjpsy9avnaygni3cwki25g8nm5py4d2f5fwwa"; + sha256 = "14hzfsbx7n0jsm6bxif99kbhlmxr4s7g6xvml6xbqphlqbmy5d43"; type = "gem"; }; - version = "2.0.17"; - }; - ruby2_keywords = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "17pcc0wgvh3ikrkr7bm3nx0qhyiqwidd13ij0fa50k7gsbnr2p0l"; - type = "gem"; - }; - version = "0.0.2"; + version = "2.0.16"; }; RubyInline = { dependencies = ["ZenTest"]; @@ -2200,20 +2263,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0590m2pr9i209pp5z4mx0nb1961ishdiqb28995hw1nln1d1b5ji"; + sha256 = "1gz0ri0pa2xr7b6bf66yjc2wfvk51f4gi6yk7bklwl1nr65zc4gz"; type = "gem"; }; - version = "2.3.0"; + version = "2.0.0"; }; rugged = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04aq913plcxjw71l5r62qgz3bx3466p0wvgyfqahg5n3nybmcwqy"; + sha256 = "0rdidxgpk1b6y1jq9v77lcx5khq0s9q0s253lr8x57d3hk43iskx"; type = "gem"; }; - version = "1.1.0"; + version = "0.28.4.1"; }; safe_yaml = { groups = ["default"]; @@ -2231,10 +2294,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gpqv48xhl8mb8qqhcifcp0pixn206a7imc07g48armklfqa4q2c"; + sha256 = "09bnid7r5z5hcin5hykvpvv8xig27wbbckxwis60z2aaxq4j9siz"; type = "gem"; }; - version = "2.4.0"; + version = "2.2.1"; }; scrypt = { dependencies = ["ffi-compiler"]; @@ -2252,20 +2315,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yz6pqdr8p5dv5qkza5kqn6il6m4vcl5hvry6k108axc12zf6hrb"; + sha256 = "0wxkmgjnb8nskvqqwxihhbc1x8dhbbrcq70zxwqbyy5hvf4dh88f"; type = "gem"; }; - version = "0.10.6"; + version = "0.10.0"; }; sequel = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0k4ybmzrf79j9hgcl4m0hiaibf6m8apll99hml9rdjxvkprw51in"; + sha256 = "0vrbwwxvmdb7q1sdc0jnhlf826l74n9880xy5li1qabr0hyrmf1j"; type = "gem"; }; - version = "5.39.0"; + version = "5.27.0"; }; sequel_pg = { dependencies = ["pg" "sequel"]; @@ -2273,52 +2336,42 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0mkbnc96bfpl5wqacblzwiwqywbx4vqrvkz57fj1h2f0bn635nk6"; + sha256 = "1y010rfdgpkw1yspqchjqdp7n8yahscyw98g3l2pw56nzbqipjb8"; type = "gem"; }; - version = "1.14.0"; + version = "1.12.2"; }; simplecov = { - dependencies = ["docile" "simplecov-html" "simplecov_json_formatter"]; + dependencies = ["docile" "json" "simplecov-html"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mm20dvd64w46l5k11il9z5sjgdpp0bknml76glcngvl2w03k3cb"; + sha256 = "1135k46nik05sdab30yxb8264lqiz01c8v000g16cl9pjc4mxrdw"; type = "gem"; }; - version = "0.20.0"; + version = "0.17.1"; }; simplecov-html = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0yx01bxa8pbf9ip4hagqkp5m0mqfnwnw2xk8kjraiywz4lrss6jb"; + sha256 = "1lihraa4rgxk8wbfl77fy9sf0ypk31iivly8vl3w04srd7i0clzn"; type = "gem"; }; - version = "0.12.3"; - }; - simplecov_json_formatter = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0cl3j7p3b5q7sxsx1va63c8imc5x6g99xablz08qrmqhpi0d6g6j"; - type = "gem"; - }; - version = "0.1.2"; + version = "0.10.2"; }; sinatra = { - dependencies = ["mustermann" "rack" "rack-protection" "tilt"]; + dependencies = ["rack" "rack-protection" "tilt"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dd53rzpkxgs697pycbhhgc9vcnxra4ly4xar8ni6aiydx2f88zk"; + sha256 = "0byxzl7rx3ki0xd7aiv1x8mbah7hzd8f81l65nq8857kmgzj1jqq"; type = "gem"; }; - version = "2.1.0"; + version = "1.4.8"; }; slather = { dependencies = ["CFPropertyList" "activesupport" "clamp" "nokogiri" "xcodeproj"]; @@ -2326,30 +2379,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nqyam74izmbczwb406bsmgdzjz5r91d4lywlvdbxx5sl4g4256a"; + sha256 = "0v4wll10mwmynj2v2g71kgr1psck3qglhz2mnrw2n281v30jxyyn"; type = "gem"; }; - version = "2.6.0"; + version = "2.4.7"; }; slop = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05d1xv8r9cmd0mmlqpa853yzd7xhcyha063w1g8dpf84scxbxmd3"; + sha256 = "0hv64fpbdwyswqhnq8bia66vlsz72yjqm00lvlhh4dnjjivdjcy5"; type = "gem"; }; - version = "4.8.2"; + version = "4.7.0"; }; snappy = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1x0r1dnavg3skyp7b1nkiwd5qrrkvp9zwgfls3i2rzybq8ahx4lb"; + sha256 = "00zzs25sm78zs3rifc02z54cp3f03r9dq5ilzykyq1ykvbv65vw4"; type = "gem"; }; - version = "0.1.0"; + version = "0.0.17"; }; sprockets = { dependencies = ["concurrent-ruby" "rack"]; @@ -2357,10 +2410,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ikgwbl6jv3frfiy3xhg5yxw9d0064rgzghar1rg391xmrc4gm38"; + sha256 = "0jm37zpvvm1arxjwrd6am0wrdbfhrhc5y0l4p2i3p11z04bsvgap"; type = "gem"; }; - version = "4.0.2"; + version = "4.0.0"; }; sprockets-rails = { dependencies = ["actionpack" "activesupport" "sprockets"]; @@ -2368,10 +2421,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0mwmz36265646xqfyczgr1mhkm1hfxgxxvgdgr4xfcbf2g72p1k2"; + sha256 = "0ab42pm8p5zxpv3sfraq45b9lj39cz9mrpdirm30vywzrwwkm5p1"; type = "gem"; }; - version = "3.2.2"; + version = "3.2.1"; }; sqlite3 = { groups = ["default"]; @@ -2388,10 +2441,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1g7398sn8syybz3nbf3dqwa8q8v3s3s444i24xl5q9pzx4g4nkf1"; + sha256 = "0r8g7zdncc6243d000jn0grc1n70rn9mx16vggy3q7c4wgsa37xi"; type = "gem"; }; - version = "1.0.1"; + version = "0.7.1"; }; terminal-table = { dependencies = ["unicode-display_width"]; @@ -2429,10 +2482,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08076cmdx0g51yrkd7dlxlr45nflink3jhdiq7006ljc2pc3212q"; + sha256 = "02p107kwx7jnkh6fpdgvaji0xdg6xkaarngkqjml6s4zny4m8slv"; type = "gem"; }; - version = "0.13.0"; + version = "0.11.0.0"; }; tilt = { groups = ["default"]; @@ -2449,10 +2502,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0hy3kbcb6nwydy312rhjm4b30yavmayszzzyjpfdv6p0s8d9mfvb"; + sha256 = "0z2n1qwad86zkcmmq883bw8rgidjsqjphrbqf1mwyfi5y22jhxfp"; type = "gem"; }; - version = "2.1.3"; + version = "2.1.2"; }; treetop = { dependencies = ["polyglot"]; @@ -2460,10 +2513,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0697qz1akblf8r3wi0s2dsjh468hfsd57fb0mrp93z35y2ni6bhh"; + sha256 = "0g31pijhnv7z960sd09lckmw9h8rs3wmc8g4ihmppszxqm99zpv7"; type = "gem"; }; - version = "1.6.11"; + version = "1.6.10"; }; typhoeus = { dependencies = ["ethon"]; @@ -2471,10 +2524,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1m22yrkmbj81rzhlny81j427qdvz57yk5wbcf3km0nf3bl6qiygz"; + sha256 = "0cni8b1idcp0dk8kybmxydadhfpaj3lbs99w5kjibv8bsmip2zi5"; type = "gem"; }; - version = "1.4.0"; + version = "1.3.1"; }; tzinfo = { dependencies = ["thread_safe"]; @@ -2482,10 +2535,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0skr6ih9cr3pwp8l84f0z7fy3q9kiq8hw0sg3zqw0hpbbyj05743"; + sha256 = "04f18jdv6z3zn3va50rqq35nj3izjpb72fnf21ixm7vanq6nc4fp"; type = "gem"; }; - version = "1.2.8"; + version = "1.2.6"; }; unf = { dependencies = ["unf_ext"]; @@ -2503,20 +2556,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wc47r23h063l8ysws8sy24gzh74mks81cak3lkzlrw4qkqb3sg4"; + sha256 = "1ll6w64ibh81qwvjx19h8nj7mngxgffg7aigjx11klvf5k2g4nxf"; type = "gem"; }; - version = "0.0.7.7"; + version = "0.0.7.6"; }; unicode-display_width = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06i3id27s60141x6fdnjn5rar1cywdwy64ilc59cz937303q3mna"; + sha256 = "08kfiniak1pvg3gn5k6snpigzvhvhyg7slmm0s2qx5zkj62c1z2w"; type = "gem"; }; - version = "1.7.0"; + version = "1.6.0"; }; uuid4r = { groups = ["default"]; @@ -2528,36 +2581,15 @@ }; version = "0.2.0"; }; - websocket-driver = { - dependencies = ["websocket-extensions"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1i3rs4kcj0jba8idxla3s6xd1xfln3k8b4cb1dik2lda3ifnp3dh"; - type = "gem"; - }; - version = "0.7.3"; - }; - websocket-extensions = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0hc2g9qps8lmhibl5baa91b4qx8wqw872rgwagml78ydj8qacsqw"; - type = "gem"; - }; - version = "0.1.5"; - }; whois = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ch19amq0spj5dc240mv6s8hh245w7nis2h070qr3jm15r4jb21m"; + sha256 = "177qbah62yhy2q7znlrs49jwabw7vpd9frv6hw6mm0bxj5fn7prg"; type = "gem"; }; - version = "5.0.1"; + version = "5.0.0"; }; xcodeproj = { dependencies = ["CFPropertyList" "atomos" "claide" "colored2" "nanaimo"]; @@ -2565,10 +2597,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1411j6sfnz0cx4fiw52f0yqx4bgcn8cmpgi3i5rwmmahayyjz2fn"; + sha256 = "1h9iba53mrb663qdqzpfbdwkwzqv7hndd0df71yr2kj2hzwjmkvb"; type = "gem"; }; - version = "1.19.0"; + version = "1.14.0"; }; xctasks = { dependencies = ["nokogiri" "rake"]; @@ -2586,20 +2618,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "126m49mvh4lbvlvrprq7xj2vjixbq3xqr8dwr089vadvs0rkn4rd"; + sha256 = "0rxqwry3h2hjz069f0kfr140wgx1khgljnqf112dk5x9rm4l0xny"; type = "gem"; }; - version = "0.9.25"; - }; - zeitwerk = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1746czsjarixq0x05f7p3hpzi38ldg6wxnxxw74kbjzh1sdjgmpl"; - type = "gem"; - }; - version = "2.4.2"; + version = "0.9.20"; }; ZenTest = { groups = ["default"]; From 6ede08353b9734943de20d6cab0bf266af37e4f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Thu, 31 Dec 2020 09:00:25 +0100 Subject: [PATCH 112/120] python3Packages.boto3: Fix hash --- pkgs/development/python-modules/boto3/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/boto3/default.nix b/pkgs/development/python-modules/boto3/default.nix index 35017af08bd4..b5ee857cadeb 100644 --- a/pkgs/development/python-modules/boto3/default.nix +++ b/pkgs/development/python-modules/boto3/default.nix @@ -17,7 +17,7 @@ buildPythonPackage rec { src = fetchPypi { inherit pname version; - sha256 = "sha256-4/EO1tnKmEFf3sFcheUKiew41iKbzj+v1eeWWxbE68U="; + sha256 = "0qlcmzpgmcp9cwrwni750yw9jlhzm407fs428bwkpxnhsxpix6fn"; }; propagatedBuildInputs = [ botocore jmespath s3transfer ] ++ lib.optionals (!isPy3k) [ futures ]; From d6e3307291bc93dcccd99d476efefe4ed59ffe2b Mon Sep 17 00:00:00 2001 From: Ryan Burns Date: Wed, 30 Dec 2020 19:10:54 -0800 Subject: [PATCH 113/120] llvmPackages_8.llvm: fix build with gcc 10 --- pkgs/development/compilers/llvm/8/llvm.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/development/compilers/llvm/8/llvm.nix b/pkgs/development/compilers/llvm/8/llvm.nix index 0f6179c2d310..fb928b67ad54 100644 --- a/pkgs/development/compilers/llvm/8/llvm.nix +++ b/pkgs/development/compilers/llvm/8/llvm.nix @@ -1,5 +1,6 @@ { stdenv , fetch +, fetchpatch , cmake , python3 , libffi @@ -55,6 +56,14 @@ in stdenv.mkDerivation ({ propagatedBuildInputs = [ ncurses zlib ]; + patches = [ + # Fix missing includes for GCC 10 + (fetchpatch { + url = "https://bugs.gentoo.org/attachment.cgi?id=612792"; + sha256 = "0rwx6jpqq4xnf4mvfm8v2d4r34y1yi05am0mx5k2d5bha9j64lqg"; + }) + ]; + postPatch = optionalString stdenv.isDarwin '' substituteInPlace cmake/modules/AddLLVM.cmake \ --replace 'set(_install_name_dir INSTALL_NAME_DIR "@rpath")' "set(_install_name_dir)" \ From 7115040e19fa4cd20028f8b4a37ba44a993029af Mon Sep 17 00:00:00 2001 From: Ryan Burns Date: Wed, 30 Dec 2020 19:00:32 -0800 Subject: [PATCH 114/120] mesa: fix build on darwin Latest mesa requires macOS SDK 10.13 - this applies an upstream patch for compatibility with 10.13 Applied on darwin only to avoid linux rebuilds in staging-next - left a note that this can be done unconditionally as it has no effect on non-darwin platforms, if this would be considered more robust. --- pkgs/development/libraries/mesa/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkgs/development/libraries/mesa/default.nix b/pkgs/development/libraries/mesa/default.nix index 0e18164e6f2f..c96d1edfadfe 100644 --- a/pkgs/development/libraries/mesa/default.nix +++ b/pkgs/development/libraries/mesa/default.nix @@ -65,6 +65,13 @@ stdenv.mkDerivation { url = "https://gitlab.freedesktop.org/mesa/mesa/commit/aebbf819df6d1e.patch"; sha256 = "17248hyzg43d73c86p077m4lv1pkncaycr3l27hwv9k4ija9zl8q"; }) + ] ++ stdenv.lib.optionals stdenv.isDarwin [ + # Fix for pre macOS SDK 10.13 + # TODO(r-burns) can be applied unconditionally, at the cost of a mass linux rebuild + (fetchpatch { + url = "https://gitlab.freedesktop.org/mesa/mesa/-/commit/f4403f70fe5bf2ec41af5546122f0d78caffa984.patch"; + sha256 = "03j2aj255m7ms848nkb41vj3s3yb72zb5rz3w3fzp5l9wzzargw5"; + }) ]; postPatch = '' From f6514239ee9b0739a6e884ba28e9302c0102f8c0 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Thu, 31 Dec 2020 09:30:44 +0100 Subject: [PATCH 115/120] hidapi: fix cross build --- pkgs/development/libraries/hidapi/default.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/hidapi/default.nix b/pkgs/development/libraries/hidapi/default.nix index c42a35282233..80f7aa150c43 100644 --- a/pkgs/development/libraries/hidapi/default.nix +++ b/pkgs/development/libraries/hidapi/default.nix @@ -1,5 +1,7 @@ { stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, udev, libusb1 -, darwin }: +, darwin +, gnum4 +}: stdenv.mkDerivation rec { pname = "hidapi"; @@ -12,7 +14,13 @@ stdenv.mkDerivation rec { sha256 = "1nr4z4b10vpbh3ss525r7spz4i43zim2ba5qzfl15dgdxshxxivb"; }; - nativeBuildInputs = [ autoreconfHook pkgconfig ]; + nativeBuildInputs = [ + autoreconfHook + pkgconfig + ] ++ stdenv.lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ + # Could be added always, but added conditionally here to avoid large rebuild + gnum4 + ]; buildInputs = [ ] ++ stdenv.lib.optionals stdenv.isLinux [ libusb1 udev ]; From e816a6034902b452e1f0bf1621205aa6d732a93a Mon Sep 17 00:00:00 2001 From: Emery Hemingway Date: Sat, 26 Dec 2020 19:53:40 +0100 Subject: [PATCH 116/120] ocamlPackages.mirage-block-unix: init at 2.12.1 --- .../mirage-block-unix/default.nix | 29 +++++++++++++++++++ pkgs/top-level/ocaml-packages.nix | 2 ++ 2 files changed, 31 insertions(+) create mode 100644 pkgs/development/ocaml-modules/mirage-block-unix/default.nix diff --git a/pkgs/development/ocaml-modules/mirage-block-unix/default.nix b/pkgs/development/ocaml-modules/mirage-block-unix/default.nix new file mode 100644 index 000000000000..a24c4c9e821f --- /dev/null +++ b/pkgs/development/ocaml-modules/mirage-block-unix/default.nix @@ -0,0 +1,29 @@ +{ lib, fetchurl, buildDunePackage, cstruct-lwt, diet, io-page-unix, logs +, mirage-block, ounit, rresult, uri }: + +buildDunePackage rec { + pname = "mirage-block-unix"; + version = "2.12.1"; + + useDune2 = true; + + src = fetchurl { + url = + "https://github.com/mirage/mirage-block-unix/releases/download/v${version}/mirage-block-unix-v${version}.tbz"; + sha256 = "4fc0ccea3c06c654e149c0f0e1c2a6f19be4e3fe1afd293c6a0dba1b56b3b8c4"; + }; + + minimumOCamlVersion = "4.06"; + + propagatedBuildInputs = [ cstruct-lwt logs mirage-block rresult uri ]; + + doCheck = true; + checkInputs = [ diet io-page-unix ounit ]; + + meta = with lib; { + description = "MirageOS disk block driver for Unix"; + homepage = "https://github.com/mirage/mirage-block-unix"; + license = licenses.isc; + maintainers = with maintainers; [ ehmry ]; + }; +} diff --git a/pkgs/top-level/ocaml-packages.nix b/pkgs/top-level/ocaml-packages.nix index 06ca7b01fae7..9f4603099f8e 100644 --- a/pkgs/top-level/ocaml-packages.nix +++ b/pkgs/top-level/ocaml-packages.nix @@ -579,6 +579,8 @@ let mirage-block-ramdisk = callPackage ../development/ocaml-modules/mirage-block-ramdisk { }; + mirage-block-unix = callPackage ../development/ocaml-modules/mirage-block-unix { }; + mirage-bootvar-unix = callPackage ../development/ocaml-modules/mirage-bootvar-unix { }; mirage-channel = callPackage ../development/ocaml-modules/mirage-channel { }; From 67a10c88bbf0d359d71485decd002c6303351f2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= Date: Sun, 8 Nov 2020 08:47:12 +0100 Subject: [PATCH 117/120] buildRustPackage: add `cargoHash` for SRI hashes of vendored deps `buildRustPackage` currently accepts `cargoSha256` as a hash for vendored dependencies. This change adds `cargoHash` which accepts SRI hashes, setting `outputHashAlgo` to `null`. The hash mismatch message still uses `cargoSha256` as an example, which it probably should until we completely switch to SRI hashes. --- pkgs/build-support/rust/default.nix | 13 ++++++++++--- pkgs/build-support/rust/fetchCargoTarball.nix | 15 ++++++++++----- pkgs/tools/misc/broot/default.nix | 2 +- 3 files changed, 21 insertions(+), 9 deletions(-) diff --git a/pkgs/build-support/rust/default.nix b/pkgs/build-support/rust/default.nix index 8e47a2b0bf25..9e8e32035d0d 100644 --- a/pkgs/build-support/rust/default.nix +++ b/pkgs/build-support/rust/default.nix @@ -15,7 +15,13 @@ }: { name ? "${args.pname}-${args.version}" -, cargoSha256 ? "unset" + + # SRI hash +, cargoHash ? "" + + # Legacy hash +, cargoSha256 ? "" + , src ? null , srcs ? null , unpackPhase ? null @@ -46,7 +52,7 @@ , buildAndTestSubdir ? null , ... } @ args: -assert cargoVendorDir == null -> cargoSha256 != "unset"; +assert cargoVendorDir == null -> !(cargoSha256 == "" && cargoHash == ""); assert buildType == "release" || buildType == "debug"; let @@ -54,6 +60,7 @@ let cargoDeps = if cargoVendorDir == null then fetchCargoTarball ({ inherit name src srcs sourceRoot unpackPhase cargoUpdateHook; + hash = cargoHash; patches = cargoPatches; sha256 = cargoSha256; } // depsExtraArgs) @@ -61,7 +68,7 @@ let # If we have a cargoSha256 fixed-output derivation, validate it at build time # against the src fixed-output derivation to check consistency. - validateCargoDeps = cargoSha256 != "unset"; + validateCargoDeps = !(cargoHash == "" && cargoSha256 == ""); # Some cargo builds include build hooks that modify their own vendor # dependencies. This copies the vendor directory into the build tree and makes diff --git a/pkgs/build-support/rust/fetchCargoTarball.nix b/pkgs/build-support/rust/fetchCargoTarball.nix index dff5d99da9eb..0726e5cfa5a1 100644 --- a/pkgs/build-support/rust/fetchCargoTarball.nix +++ b/pkgs/build-support/rust/fetchCargoTarball.nix @@ -22,11 +22,17 @@ in , srcs ? [] , patches ? [] , sourceRoot -, sha256 +, hash ? "" +, sha256 ? "" , cargoUpdateHook ? "" , ... } @ args: -stdenv.mkDerivation ({ + +let hash_ = + if hash != "" then { outputHashAlgo = null; outputHash = hash; } + else if sha256 != "" then { outputHashAlgo = "sha256"; outputHash = sha256; } + else throw "fetchCargoTarball requires a hash for ${name}"; +in stdenv.mkDerivation ({ name = "${name}-vendor.tar.gz"; nativeBuildInputs = [ cacert git cargo-vendor-normalise cargo ]; @@ -40,7 +46,7 @@ stdenv.mkDerivation ({ echo echo "ERROR: The Cargo.lock file doesn't exist" echo - echo "Cargo.lock is needed to make sure that cargoSha256 doesn't change" + echo "Cargo.lock is needed to make sure that cargoHash/cargoSha256 doesn't change" echo "when the registry is updated." echo @@ -72,8 +78,7 @@ stdenv.mkDerivation ({ -czf $out $name ''; - outputHashAlgo = "sha256"; - outputHash = sha256; + inherit (hash_) outputHashAlgo outputHash; impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; } // (builtins.removeAttrs args [ diff --git a/pkgs/tools/misc/broot/default.nix b/pkgs/tools/misc/broot/default.nix index 4e40a4a336d4..e4561c382280 100644 --- a/pkgs/tools/misc/broot/default.nix +++ b/pkgs/tools/misc/broot/default.nix @@ -18,7 +18,7 @@ rustPlatform.buildRustPackage rec { sha256 = "04nidx43w4nnccgbrw30wg9ai8p7hbklxpn1gc6gr2325yhqvwhl"; }; - cargoSha256 = "1bzq0dsdnmxniwnb6989wlhih28c4lyd11sci821whs11lhlfpz0"; + cargoHash = "sha256-4F9HIQ1BQx4EikyH0DwlDAkYIeUJJbMsj7ZX23QD+K8="; nativeBuildInputs = [ makeWrapper From b6728fa15c540b02fb6a336e1f6f6bb9d287f298 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= Date: Thu, 3 Dec 2020 09:39:39 +0100 Subject: [PATCH 118/120] docs/rust: describe cargoHash --- doc/languages-frameworks/rust.section.md | 35 +++++++++++++++++++----- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/doc/languages-frameworks/rust.section.md b/doc/languages-frameworks/rust.section.md index 0230993d3f08..fe394b662bb6 100644 --- a/doc/languages-frameworks/rust.section.md +++ b/doc/languages-frameworks/rust.section.md @@ -27,16 +27,16 @@ Rust applications are packaged by using the `buildRustPackage` helper from `rust ``` rustPlatform.buildRustPackage rec { pname = "ripgrep"; - version = "11.0.2"; + version = "12.1.1"; src = fetchFromGitHub { owner = "BurntSushi"; repo = pname; rev = version; - sha256 = "1iga3320mgi7m853la55xip514a3chqsdi1a1rwv25lr9b1p7vd3"; + sha256 = "1hqps7l5qrjh9f914r5i6kmcz6f1yb951nv4lby0cjnp5l253kps"; }; - cargoSha256 = "17ldqr3asrdcsh4l29m3b5r37r5d0b3npq1lrgjmxb6vlx6a36qh"; + cargoSha256 = "03wf9r2csi6jpa7v5sw5lpxkrk4wfzwmzx7k3991q3bdjzcwnnwp"; meta = with stdenv.lib; { description = "A fast line-oriented regex search tool, similar to ag and ack"; @@ -47,10 +47,31 @@ rustPlatform.buildRustPackage rec { } ``` -`buildRustPackage` requires a `cargoSha256` attribute which is computed over -all crate sources of this package. Currently it is obtained by inserting a -fake checksum into the expression and building the package once. The correct -checksum can then be taken from the failed build. +`buildRustPackage` requires either the `cargoSha256` or the +`cargoHash` attribute which is computed over all crate sources of this +package. `cargoHash256` is used for traditional Nix SHA-256 hashes, +such as the one in the example above. `cargoHash` should instead be +used for [SRI](https://www.w3.org/TR/SRI/) hashes. For example: + +``` + cargoHash = "sha256-l1vL2ZdtDRxSGvP0X/l3nMw8+6WF67KPutJEzUROjg8="; +``` + +Both types of hashes are permitted when contributing to nixpkgs. The +Cargo hash is obtained by inserting a fake checksum into the +expression and building the package once. The correct checksum can +then be taken from the failed build. A fake hash can be used for +`cargoSha256` as follows: + +``` + cargoSha256 = stdenv.lib.fakeSha256; +``` + +For `cargoHash` you can use: + +``` + cargoHash = stdenv.lib.fakeHash; +``` Per the instructions in the [Cargo Book](https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html) best practices guide, Rust applications should always commit the `Cargo.lock` From 0f839ed5508ad96906153a76d9462408df02af4f Mon Sep 17 00:00:00 2001 From: Matthias Beyer Date: Thu, 31 Dec 2020 11:33:55 +0100 Subject: [PATCH 119/120] mutt: 2.0.3 -> 2.0.4 --- pkgs/applications/networking/mailreaders/mutt/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/mailreaders/mutt/default.nix b/pkgs/applications/networking/mailreaders/mutt/default.nix index 0596cd350dfb..f7b1b990acb8 100644 --- a/pkgs/applications/networking/mailreaders/mutt/default.nix +++ b/pkgs/applications/networking/mailreaders/mutt/default.nix @@ -27,11 +27,11 @@ with stdenv.lib; stdenv.mkDerivation rec { pname = "mutt"; - version = "2.0.3"; + version = "2.0.4"; src = fetchurl { url = "http://ftp.mutt.org/pub/mutt/${pname}-${version}.tar.gz"; - sha256 = "1vf1ab3mnx7p4s4n4pssajj211s3zr4730bwgsjx9gxcnyppqclw"; + sha256 = "1m4ig69qw4g3lhm4351snmy5i0ch65fqc9vqqdybr6jy21w7w225"; }; patches = optional smimeSupport (fetchpatch { From 6fb9dd842c7a38fa0f22ac0a658639be59eaceb7 Mon Sep 17 00:00:00 2001 From: Markus Kowalewski Date: Thu, 31 Dec 2020 12:33:07 +0100 Subject: [PATCH 120/120] snapper: 0.8.14 -> 0.8.15 --- pkgs/tools/misc/snapper/default.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/misc/snapper/default.nix b/pkgs/tools/misc/snapper/default.nix index 177580c099b6..3843f16f6a86 100644 --- a/pkgs/tools/misc/snapper/default.nix +++ b/pkgs/tools/misc/snapper/default.nix @@ -1,17 +1,18 @@ { stdenv, fetchFromGitHub , autoreconfHook, pkgconfig, docbook_xsl, libxslt, docbook_xml_dtd_45 , acl, attr, boost, btrfs-progs, dbus, diffutils, e2fsprogs, libxml2 -, lvm2, pam, python, util-linux, fetchpatch, json_c, nixosTests }: +, lvm2, pam, python, util-linux, fetchpatch, json_c, nixosTests +, ncurses }: stdenv.mkDerivation rec { pname = "snapper"; - version = "0.8.14"; + version = "0.8.15"; src = fetchFromGitHub { owner = "openSUSE"; repo = "snapper"; rev = "v${version}"; - sha256 = "1q687bjwy668klxnhsrc2rlhisa59j8bhmh1jw220rq7z0hm2khr"; + sha256 = "1rqv1qfxr02qbkix1mpx91s4827irxryxkhby3ii0fdkm3ympsas"; }; nativeBuildInputs = [ @@ -20,7 +21,7 @@ stdenv.mkDerivation rec { ]; buildInputs = [ acl attr boost btrfs-progs dbus diffutils e2fsprogs libxml2 - lvm2 pam python util-linux json_c + lvm2 pam python util-linux json_c ncurses ]; passthru.tests.snapper = nixosTests.snapper;