3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

956 commits

Author SHA1 Message Date
Martin Weinelt 1c7ad58742
apt-cacher-ng: 3.2 → 3.5
Fixes: CVE-2017-7443, CVE-2020-5202
2020-05-06 19:09:31 +02:00
Izorkin ca2145bdfc nixos/tests: add unit-php test 2020-05-06 13:21:59 +03:00
Izorkin dc0260f7da unit: add php 7.4 2020-05-06 12:27:13 +03:00
Izorkin 866f6dd677 unit: 1.16.0 -> 1.17.0 2020-05-06 12:27:12 +03:00
Izorkin f87bc13930 unit: remove drop capabilites patch 2020-05-06 12:27:12 +03:00
Aaron Andersen 9218a3599a tomcat-native: 1.2.23 -> 1.2.24 2020-05-03 20:49:02 -04:00
R. RyanTM bc74bdedae jetty: 9.4.25.v20191220 -> 9.4.26.v20200117 2020-05-02 10:15:25 +02:00
Elis Hirwing 27b9b7b3af
Merge pull request #85026 from talyz/php_buildenv_override
php.buildEnv: Make the exported php package overridable, improve handling of currently enabled extensions, etc
2020-04-29 19:57:37 +02:00
talyz 5cad1b4aff
php: Get rid of the phpXXbase attributes, update docs
Since the introduction of php.unwrapped there's no real need for the
phpXXbase attributes, so let's remove them to lessen potential
confusion and clutter. Also update the docs to make it clear how to
get hold of an unwrapped PHP if needed.
2020-04-29 13:45:48 +02:00
Aaron Andersen 92d9d07c61
Merge pull request #82762 from aanderse/tomcat-native
tomcat-native: init at 1.2.23
2020-04-26 19:48:22 -04:00
talyz 72636bc2f6
php: Get rid of all config.php parameters
Since all options controlled by the config.php parameters can now be
overridden directly, there's no reason to keep them around.
2020-04-26 16:43:23 +02:00
Aaron Andersen 6b3506458e tomcat-native: init at 1.2.23 2020-04-26 09:12:41 -04:00
Izorkin cbfe203da7 nginxMainline: 1.17.9 -> 1.18.0 2020-04-23 14:34:21 +03:00
Izorkin 2e6cd807d7 nginxStable: 1.16.1 -> 1.18.0 2020-04-23 14:34:13 +03:00
Jan Tojnar 3d8e436917
Merge branch 'master' into staging-next 2020-04-16 10:09:43 +02:00
Maximilian Bosch 401e07d419
Merge pull request #84551 from gnprice/pr-stripDebugList
treewide: Fix types of stripDebugList attrs (and fix doc)
2020-04-14 15:54:52 +02:00
Jan Tojnar a04625379a
Merge branch 'master' into staging-next 2020-04-13 18:50:35 +02:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Jan Tojnar 1ab03c3a76
Merge branch 'master' into staging-next 2020-04-10 12:12:56 +02:00
Milan 3847ec0e35
nginxMainline: 1.17.8 -> 1.17.9 (#84743) 2020-04-08 21:19:35 +02:00
Samuel Leathers 72cb7f81fd
Merge pull request #81442 from manveru/bundler-2.1.4
bundler: 1.17.3 -> 2.1.4
2020-04-08 12:44:54 -04:00
talyz 472d5c187b
php.buildEnv: Don't inherit dev from the original php
mkDerivation uses the dev output in buildInputs if it exits, hence the
php-with-extensions package was never built or put into the path of
packages dependent on it during build. With this fix, the php packages
built with buildEnv or withExtensions don't have any dev outputs;
packages which need the dev output can refer to the phpXXbase packages
instead.
2020-04-08 15:13:07 +02:00
Greg Price 7547cf9dfc treewide: Fix up stripDebugList attrs to be lists.
The documentation says this should be a list, and it already is in
about half the expressions that set it.

The difference doesn't matter at present, because these values are all
space-free literals.  But it will in a future with __structuredAttrs .

(The similar attr stripAllList has no users in the nixpkgs tree, so
there's nothing to do to fix any of those up.)
2020-04-06 21:26:52 -07:00
Michael Fellinger f92600b406
update versions in Gemfile.lock 2020-04-06 15:02:13 +02:00
Frederik Rietdijk 2420184727 Merge staging into staging-next 2020-04-06 08:54:28 +02:00
Elis Hirwing 3b6539896b
Merge pull request #83896 from etu/slim-down-default-php-v3
PHP: Make the default package more sane [v3]
2020-04-05 20:00:03 +02:00
Aaron Andersen d757d810d0
Merge pull request #84045 from r-ryantm/auto-update/apache-httpd
apacheHttpd: 2.4.41 -> 2.4.43
2020-04-04 19:22:17 -04:00
Elis Hirwing a5f77d6ea2
php-unit: Drop the declaration of the php-unit attributes since they aren't used 2020-04-03 10:11:11 +02:00
R. RyanTM f26b2afb93 apacheHttpd: 2.4.41 -> 2.4.43 2020-04-01 22:33:24 +00:00
Elis Hirwing 1983417a2f
unit: Make unit use phpbase packages 2020-03-31 22:06:56 +02:00
Frederik Rietdijk 46ec52f329 buildPython*: use pname 2020-03-30 17:07:41 +02:00
aszlig e1d63ada02
nginx: Fix ETag patch to ignore realpath(3) error
While our ETag patch works pretty fine if it comes to serving data off
store paths, it unfortunately broke something that might be a bit more
common, namely when using regexes to extract path components of
location directives for example.

Recently, @devhell has reported a bug with a nginx location directive
like this:

  location ~^/\~([a-z0-9_]+)(/.*)?$" {
    alias /home/$1/public_html$2;
  }

While this might look harmless at first glance, it does however cause
issues with our ETag patch. The alias directive gets broken up by nginx
like this:

  *2 http script copy: "/home/"
  *2 http script capture: "foo"
  *2 http script copy: "/public_html/"
  *2 http script capture: "bar.txt"

In our patch however, we use realpath(3) to get the canonicalised path
from ngx_http_core_loc_conf_s.root, which returns the *configured* value
from the root or alias directive. So in the example above, realpath(3)
boils down to the following syscalls:

  lstat("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
  lstat("/home/$1", 0x7ffd08da6f60) = -1 ENOENT (No such file or directory)

During my review[1] of the initial patch, I didn't actually notice that
what we're doing here is returning NGX_ERROR if the realpath(3) call
fails, which in turn causes an HTTP 500 error.

Since our patch actually made the canonicalisation (and thus additional
syscalls) necessary, we really shouldn't introduce an additional error
so let's - at least for now - silently skip return value if realpath(3)
has failed.

However since we're using the unaltered root from the config we have
another issue, consider this root:

  /nix/store/...-abcde/$1

Calling realpath(3) on this path will fail (except if there's a file
called "$1" of course), so even this fix is not enough because it
results in the ETag not being set to the store path hash.

While this is very ugly and we should fix this very soon, it's not as
serious as getting HTTP 500 errors for serving static files.

I added a small NixOS VM test, which uses the example above as a
regression test.

It seems that my memory is failing these days, since apparently I *knew*
about this issue since digging for existing issues in nixpkgs, I found
this similar pull request which I even reviewed:

https://github.com/NixOS/nixpkgs/pull/66532

However, since the comments weren't addressed and the author hasn't
responded to the pull request, I decided to keep this very commit and do
a follow-up pull request.

[1]: https://github.com/NixOS/nixpkgs/pull/48337

Signed-off-by: aszlig <aszlig@nix.build>
Reported-by: @devhell
Acked-by: @7c6f434c
Acked-by: @yorickvP
Merges: https://github.com/NixOS/nixpkgs/pull/80671
Fixes: https://github.com/NixOS/nixpkgs/pull/66532
2020-03-28 02:57:21 +01:00
Emily 7be86f3b3c openresty: 1.15.8.2 -> 1.15.8.3 2020-03-24 11:37:44 -05:00
Aaron Andersen 6283b00f4f
Merge pull request #82319 from aanderse/tomcat-update
tomcat: 7.0.92 -> 7.0.100, 8.5.42 -> 8.5.51, 9.0.21 -> 9.0.31
2020-03-16 15:46:48 -04:00
R. RyanTM 79586e1b74 tomcat_connectors: 1.2.46 -> 1.2.48 2020-03-14 14:30:51 +01:00
Mario Rodas 34914fce19
Merge pull request #82290 from helsinki-systems/upd/ngx_fastcgi_cache_purge
nginxModules.fastcgi-cache-purge: 2.3 -> 2.5
2020-03-13 08:44:44 -05:00
Izorkin 5dbe01af5b unit: 1.15.0 -> 1.16.0 2020-03-12 19:53:13 +00:00
Aaron Andersen 46e7580f24 tomcat9: 9.0.21 -> 9.0.31 2020-03-11 07:51:04 -04:00
Aaron Andersen 22f24f7859 tomcat8: 8.5.42 -> 8.5.51 2020-03-11 07:51:04 -04:00
Aaron Andersen 78b0222cb2 tomcat7: 7.0.92 -> 7.0.100 2020-03-11 07:51:04 -04:00
ajs124 0aec2cdd08 nginxModules.fastcgi-cache-purge: 2.3 -> 2.5
switch to a fork that seems sort of alive
2020-03-10 23:35:15 +01:00
Aaron Andersen fc7efd51d6
Merge pull request #80182 from dirkx/Redwax-0.22-update
redwax-modules: 0.2.1 -> 0.2.2/0.2.3
2020-02-22 19:03:21 -05:00
Dirk-Willem van Gulik 928c365a1b redwax-modules: 0.2.1 -> 0.2.2/0.2.3 2020-02-21 12:00:00 +01:00
R. RyanTM 56debabe34 mod_wsgi: 4.7.0 -> 4.7.1 2020-02-19 08:54:38 +00:00
Frederik Rietdijk 1a6c3cb06b Merge staging into staging-next 2020-02-11 07:59:53 +01:00
zimbatm bcdc90a3a7 ruby_2_4: remove
According to https://endoflife.software/programming-languages/server-side-scripting/ruby
ruby 2.4 will go end-of-life in march, where the new release of nixpkgs
will be cut. We won't be able to support it for security updates.

Remove all references to ruby_2_4 and add ruby_2_7 instead where
missing.

Mark packages that depend on ruby 2.4 as broken:
* chefdk
* sonic-pi
2020-02-10 13:23:35 -05:00
R. RyanTM 3815de80c0 unit: 1.14.0 -> 1.15.0 2020-02-10 14:47:35 +00:00
Frederik Rietdijk 03755ed59a Merge master into staging-next 2020-02-09 09:17:51 +01:00
R. RyanTM fa84aa8adb lighttpd: 1.4.54 -> 1.4.55 2020-02-08 18:13:10 +01:00
Vladimír Čunát 48a997cd76
Merge #66528: glibc: 2.27 -> 2.30 (into staging)
Includes update of stdenv bootstap tools (for three main platforms)
and many package fixes with new glibc.
2020-02-05 13:41:09 +01:00