Also updates xcbuild version.
This changes the raw string expressions into nix expressions that are
then converted into json by builtins.toJSON. Then, converted to Plist
XML by Apple's plutil. Sadly, xcbuild does not support using raw JSON
but Apple's plutil does so we just convert the file from JSON to XML
using Apple's plutil. The result is not ideal but it looks like all OS X
systems have working plutil's.
- set mac version to 10.10
- add setup hook.
Currently autobuild failed to build in both master and release-16.03. The
error message is
mv: cannot stat '/nix/store/a4jzlkrhd4b4nr5760caj3rrjxhyg4z3-autobuild-5.3/bin/abput-sourceforge': No such file or directory
builder for ‘/nix/store/l19vywq8zvbarswby5h7vl4iq1c1pvq7-autobuild-5.3.drv’ failed with exit code 1
It happens in post install script
postInstall = ''
wrapProgram $out/bin/ab{put,build}-sourceforge \
--prefix PATH ":" "${stdenv.lib.makeBinPath [ openssh rsync ]}"
'';
The problem is that in autobuild 5.0 the ab{put,build}-sourceforge were removed
* Version 5.0 (released 2008-11-25)
...
** abput, abput-sourceforge, abput-testdrive: Remove.
** abbuild, abbuild-sourceforge: Remove.
Both the SourceForge and TestDrive systems have been shutdown. The
scripts were of questionable value anyway.
Possibly the bug was introduced in commit
8c4fcc87f8320004e924f53bbaee29ae3b7b4692: autobuild: 3.5 -> 5.3.
As the package doesn't contain these programs there is no need in wrapping
them. This commit just remove the postInstall section of corresponding
package.
This brings in the new stable version 54 which also introduces a lot of
security fixes:
CVE-2016-5198: Out of bounds memory access in V8
CVE-2016-5181: Universal XSS in Blink
CVE-2016-5182: Heap overflow in Blink
CVE-2016-5183: Use after free in PDFium
CVE-2016-5184: Use after free in PDFium
CVE-2016-5185: Use after free in Blink
CVE-2016-5187: URL spoofing
CVE-2016-5188: UI spoofing
CVE-2016-5192: Cross-origin bypass in Blink
CVE-2016-5189: URL spoofing
CVE-2016-5186: Out of bounds read in DevTools
CVE-2016-5191: Universal XSS in Bookmarks
CVE-2016-5190: Use after free in Internals
CVE-2016-5193: Scheme bypass
Detailed announcements about these changes can be found here (latest to
oldest):
https://googlechromereleases.blogspot.de/2016/11/stable-channel-update-for-desktop.htmlhttps://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop_20.htmlhttps://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop.html
The update process of Chromium has been a bit bumpy on our side, because
version 54 also did the switch from GYP to GN so it wasn't just a matter
of updating the upstream-info file.
I've tested the Flash plugin (which runs fine) and WideVine manually,
although I couldn't get WideVine to work (I was running this within a VM
though).
So if people want to use WideVine they need to use Chrome instead until
we got this sorted out.
VM test results along with builds for all platforms can be found here:
https://headcounter.org/hydra/eval/339328
I'm going to backport these changes to stable as soon as the
tests/builds succeed there as well.
Closes: #19565Closes: #20120
