includes fixes for:
* CVE-2021-29503: Improper Neutralization of Script-Related HTML Tags in Notes
* a potential XSS-vector in the handling of usernames and profile pictures
https://github.com/hedgedoc/hedgedoc/releases/tag/1.8.2
This seems like a good idea in general and will at least make it easier
to get screen sharing to work (but still requires a proper NixOS
configuration including xdg-desktop-portal-wlr).
Note: It isn't necessary to set XDG_SESSION_TYPE=wayland as wlroots
already takes care of it (currently at least for the logind and libseat
session backends, the next wlroots release will require libseat):
4839664a92/backend/session/session.c (L80)
Fully enable pycairo support by exporting PYCAIRO=true and using
pkg-config to locate the pycairo library (with included patch).
The patch restores the use of pkg-config to find pycairo. This code was
present upstream, but commented out; it has been re-enabled and
modified to support both pycairo and py3cairo (the python3 version
of pycairo).
This commit provides three minor improvements:
1. Fix missing proj support. Fixes#91889.
2. Fix missing libxml2 support.
3. Improve build time with parallel build.
Fix missing proj support:
-------------------------
The 2019-07-09 update to proj version 6.1.1 in nixpkgs
commit d55cba68ff caused two problems for mapnik:
1. The separation of the dev output was not reflected in the mapnik
expression. Since proj support is optional in the mapnik build,
the build succeeded but no longer included proj support.
See build log for: https://hydra.nixos.org/build/96274475.
2. Even if the mapnik expression was updated to use the separate
dev output, it would still have dropped proj support because mapnik
has not been updated for the proj 6 API.
This commit fixes the PROJ_INCLUDES to use the correct dev output and
also makes the PROJ_LIBS output explicit. In addition, it defines
ACCEPT_USE_OF_DEPRECATED_PROJ_API_H=1 since mapnik still does not have
a tagged release that supports the proj 6 api.
Looking to the future, it appears that the mapnik master branch includes
proj 6 support, so some checks were included to help insure that this
workaround gets removed once it is no longer required.
Fix missing libxml2 support:
----------------------------
Configure with "XMLPARSER=libxml2" to get libxml2 support. This has been
needed since mapnik 3.0.2. Remove XML2_INCLUDES and XML2_LIBS which
trigger a bug in the supplied SConstruct script (when used with
"XMLPARSER=libxml2.
In addition, libxml2 needs to be a propagatedBuildInput to avoid
errors building apacheHttpdPackages.mod_tile, python-mapnik, and
possibly other packages.
Enable parallel build:
----------------------
Setting enableParallelBuild does not result in a parallel build
with mapnik. However, setting JOBS=$(NIX_BUILD_CORES) in buildFlags
works and significantly reduces the build time.
