Updates VirtualBox from version 5.0.12 to 5.0.14.
Upstream changes are (without bug IDs):
* GUI: properly limit the number of VCPUs to the number of physical cores
on Mac OS X
* Audio: fixed a bug which prevented loading a saved state of a saved
guests with HDA emulation (5.0.12 regression)
* Audio: don't crash if the backend is unable to initialize
* Audio: fixed audio capture on Mac OS X
* Storage: fixed a possible crash when attaching the same ISO image
multiple times to the same VM
* BIOS: properly report if two floppy drives are attached
* USB: fixed a problem with filters which would not capture the device
under certain circumstances (5.0.10 regression)
* ExtPack: black-list Extension Packs older than 4.3.30 due to
incompatible changes not being properly handled in the past
* Windows hosts: fixed a regression which caused robocopy to fail
* Linux hosts: properly create the /sbin/rcvboxdrv symbolic link (5.0.12
regression)
* Mac OS X hosts: several fixes for USB on El Capitan
* Linux Additions: fixes for Linux 4.5
Full upstream changelog with bug IDs can be found at:
https://www.virtualbox.org/wiki/Changelog
The reason I was reluctant to merge this before were these symbol lookup
errors:
vboxsf: Unknown symbol VBoxGuest_RTMemTmpFree (err 0)
vboxsf: Unknown symbol VBoxGuestIDCCall (err 0)
vboxsf: Unknown symbol VBoxGuest_RTSemFastMutexRequest (err 0)
vboxsf: Unknown symbol VBoxGuest_RTSemFastMutexRelease (err 0)
vboxsf: Unknown symbol VBoxGuest_RTLogRelGetDefaultInstanceEx (err 0)
vboxsf: Unknown symbol VBoxGuest_RTErrConvertToErrno (err 0)
vboxsf: Unknown symbol VBoxGuest_RTSemFastMutexCreate (err 0)
vboxsf: Unknown symbol VBoxGuest_RTSemFastMutexDestroy (err 0)
vboxsf: Unknown symbol VBoxGuest_RTMemContFree (err 0)
vboxsf: Unknown symbol VBoxGuest_RTSemMutexRelease (err 0)
vboxsf: Unknown symbol VBoxGuestIDCOpen (err 0)
vboxsf: Unknown symbol VBoxGuest_RTAssertShouldPanic (err 0)
vboxsf: Unknown symbol VBoxGuest_RTMemContAlloc (err 0)
vboxsf: Unknown symbol VBoxGuest_RTSemMutexRequest (err 0)
vboxsf: Unknown symbol VBoxGuest_RTSemMutexCreate (err 0)
vboxsf: Unknown symbol VBoxGuest_RTMemTmpAllocTag (err 0)
vboxsf: Unknown symbol VBoxGuest_RTSemMutexDestroy (err 0)
vboxsf: Unknown symbol VBoxGuest_RTAssertMsg1Weak (err 0)
vboxsf: Unknown symbol VBoxGuestIDCClose (err 0)
vboxsf: Unknown symbol VBoxGuest_RTAssertMsg2Weak (err 0)
However, after testing it against 5.0.12, the same errors occur there as
well, so it is likely related to our VM tests.
stdenv.system should be almost always used instead of builtins.currentSystem
or cross-evaluation (e.g. evaluating a i686 NixOS system on a 64-bit nix)
will be subtly broken.
This makes pythonPackages.sqlalchemy the most up to date revision (it
was called sqlalchemy_1_0 before), and maintains the various “legacy”
versions available as pythonPackages.sqlalchemyX for X in {7,8,9}.
All derivations that required `sqlalchemy_1_0` now require `sqlalchemy`
while those that required `sqlalchemy` now require `sqlalchemy7`.
The derivations are not changed, only the attribute names they are
bound to.
No changes in functionality, but to make future source updates a bit
easier on the eyes when viewing the diff.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The update.sh shell script now is only a call to nix-build, which does
all the hard work of updating the Chromium source channels and the
plugins. It results in a store path with the new sources.nix that
replaces the already existing sources.nix.
Along the way, this has led to a quite massive workaround, which abuses
MD5 collisions to detect whether an URL is existing, because something
like builtins.tryEval (builtins.fetchurl url) unfortunately doesn't
work. Further explanations and implementation details are documented in
the actual implementation.
The drawback of this is that we don't have nice status messages anymore,
but on the upside we have a more robust generation of the sources.nix
file, which now also should work properly on missing upstream
sources/binaries.
This also makes it much easier to implement fetching non-GNU/Linux
versions of Chromium and we have all values from omahaproxy available as
an attribute set (see the csv2nix and channels attributes in the update
attribute).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This fixes the previous attempt (in commit 46d1dd5) to make ctags' ctags
override emacs' ctags. The higher the value of the priority attribute,
the higher the priority (see the definition of `buildEnv`).
As stated in the parent commit, the 32bit Chrome package is not
available upstream, so let's at least provide the SHA256 hash for the
64bit package.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Until now, if we have a failure to fetch either the 32bit Debian package
or the 64bit Debian package, neither of these will be put into
sources.nix.
Unfortunately the beta/dev channels do not have a 32bit Debian package,
so even though there is a 64bit Debian package available we don't get
plugins *at* *all*.
This also introduces a nicer error message rather than just failing with
an assertion in fetchurl because we did not provide url/urls.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Updates gitlab to the current stable version and fixes a lot of features that
were broken, at least with the current version and our configuration.
Quite a lot of sweat and tears has gone into testing nearly all features and
reading/patching the Gitlab source as we're about to deploy gitlab for our
whole company.
Things to note:
* The gitlab config is now written as a nix attribute set and will be
converted to JSON. Gitlab uses YAML but JSON is a subset of YAML.
The `extraConfig` opition is also an attribute set that will be merged
with the default config. This way *all* Gitlab options are supported.
* Some paths like uploads and configs are hardcoded in rails (at least
after my study of the Gitlab source). This is why they are linked from
the Gitlab root to /run/gitlab and then linked to the configurable
`statePath`.
* Backup & restore should work out of the box from another Gitlab instance.
* gitlab-git-http-server has been replaced by gitlab-workhorse upstream.
Push & pull over HTTPS works perfectly. Communication to gitlab is done
over unix sockets. An HTTP server is required to proxy requests to
gitlab-workhorse over another unix socket at
`/run/gitlab/gitlab-workhorse.socket`.
* The user & group running gitlab are now configurable. These can even be
changed for live instances.
* The initial email address & password of the root user can be configured.
Fixes#8598.
By default all plugins from pkgs.gimpPlugins set are enabled.
Default location of plugins changed from $out/${gimp.name} to
$out/lib/gimp/${majorVersion}. Resulting derivation for gimp+plugins
is set as search path for plugins by default (additional tweaking in
gimprc done for old plugin scheme should be removed)
From the debian security mailing list:
Several vulnerabilities have been discovered in the chromium web browser.
CVE-2016-1622
It was discovered that a maliciously crafted extension could bypass
the Same Origin Policy.
CVE-2016-1623
Mariusz Mlynski discovered a way to bypass the Same Origin Policy.
CVE-2016-1624
lukezli discovered a buffer overflow issue in the Brotli library.
CVE-2016-1625
Jann Horn discovered a way to cause the Chrome Instant feature to
navigate to unintended destinations.
CVE-2016-1626
An out-of-bounds read issue was discovered in the openjpeg library.
CVE-2016-1627
It was discovered that the Developer Tools did not validate URLs.
CVE-2016-1628
An out-of-bounds read issue was discovered in the pdfium library.
CVE-2016-1629
A way to bypass the Same Origin Policy was discovered in Blink/WebKit,
along with a way to escape the chromium sandbox.
A better implementation of 5273dbf530
Fixes https://github.com/NixOS/nixpkgs/issues/13150
The attached patch removes a whole swath of unnecessary runtime gettext
detection. It also adds gettext on the PATH so that git-rebase can find it.
They're still enabled by default, but now can be disabled.
Python has not been made optional due to the additional complexity of:
- python2 vs python3
- pync support on Darwin
Making Python support optional should be revisited at another time.
Fixes: #12840
Related to: 61042a561042a5 changes the replaced token from $something to @something@. This
commit repeats that change in one additional location used by the
WideVine plugin
We don't need to wrap twice, because we can actually pass the additional
XDG_DATA_DIRS via makeWrapperArgs.
The reason why I'm doing this within the patchPhase is because we can't
add shell variables from the current builder to makeWrapperArgs as that
content is going to end up in the wrapper verbatim.
In addition to this, gpodder was trying to search for its own directory
using the current program name, which I guess was another reason for the
double-wrap. We fix this now by setting gpodder_dir explicitly in the
main script.
Another main change is that we no longer set the "pythonX.Y-" prefix, so
the derivation name now is just "gpodder-3.9.0".
Last but not least, we enable the unit tests for gpodder in checkPhase.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @svenkeidel
Changes in 3.8.5 (without bug IDs):
* vimeo: Fix vimeo feed discovery
* vimeo: Allow both http and https URLs
* youtube: Improve channel migration code
* youtube: Fix cover art downloading
* Make the YouTube key button link to the gPodder Wiki
* Add pattern to YouTube feed URL list
* CLI: Cleanup old downloads on CLI startup
* Gtk UI: Fix model column data types
* Device sync: Handle sync failure when no space left
* model: Limit filenames to 120 characters for eCryptFS
* rename_download: Add add_sortdate and add_podcast_title option
* Remove the unused 'pipe' IPC module
* Fix coverage usage
* Use Travis CI for running basic sanity tests
* Various small code improvements and fixes
Release announcement for 3.8.5:
http://blog.gpodder.org/2015/12/gpodder-385-casting-agents-and-cowgirls.html
Changes in 3.9.0 (without bug IDs):
* Added Korean translation
* Device sync: Only fail if we can determine free disk space
* Enqueue episodes after download
* Ubuntu AppIndicator extension: 'visible' config option
* gpodder.download: Ignore non-ASCII content-disposition header
* Win32-launcher: Remove download feature (works around Norton warning)
* Remove WebUI, QML UI and MeeGo 1.2 Harmattan support
* Remove broken Flattr integration (use gpodder.net's Flattr support)
* Redesign about dialog
* Preferences: Move video services to separate tab
* Vimeo: Fix Vimeo integration
Release announcement for 3.9.0:
http://blog.gpodder.org/2016/02/gpodder-390-helium-levitator-released.html
Built and tested locally on my machine.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @svenkeidel
My accounts are stored in the DBI backend (SQLite, specifically).
Before the present change, GnuCash would be compiled without DBI
support (`--disable-dbi` flag), so I could only use the XML backend.
Now I can use either backend.
I made the change only for 2.6. It looks like 2.4 works the same way,
so maybe I'll enable DBI for that one later.
Making nix packages is delightful! It might replace my accounting hobby!
Extract the rsync source fetching into its own expression and use that
expression to fetch the same source for rsync and rrsync.
rrsync is just copied from the support folder of rsync, no configure or build
needed. Also none of the rsync patches are needed. Only the path to rsync needs
to be patched into rrsync.
Built and tested locally.
From the changelog:
```
Version 0.7.82, 2016-01-27
+ Matroska: CRC-32 validation
+ Matroska: support of padding/junk at the start of a segment
+ Matroska: trace is activated for all elements (but report is still
based on the first element met)
+ Matroska: add an intermediate level in the trace for the raw stream
parser
x FLV: potential infinite loop fixed
x #B966, DTS: DTS-HD HR 3840 not detected anymore
x AC-3: wrong sample rate with 32 kHz streams
x #B948, EBUCore 1.6: invalid output due to position of
containerEncoding element
x #B957, MPEG-7 output: No XML encoded value output
```
Some of the original URLs were broken now.
It seems that set of mirrors is preferred and faster than the others.
In the x264 case the source isn't there so http://download.videolan.org
is used instead.
changes by @globin:
* added pulseaudio support
* 06-02-2016 -> 2016-02-06 to ensure correct version sorting
* cli_visualizer -> cli-visualizer
closes#12853
Signed-off-by: Robin Gloster <mail@glob.in>
