From 7850178edc979935bb5f493d5fecf71ac2e181d4 Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Thu, 6 May 2021 02:53:01 +0000
Subject: [PATCH 01/20] ddccontrol: 0.5.1 -> 0.5.2
---
pkgs/tools/misc/ddccontrol/default.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/tools/misc/ddccontrol/default.nix b/pkgs/tools/misc/ddccontrol/default.nix
index 41f2bede9995..b7d0f2c3aad9 100644
--- a/pkgs/tools/misc/ddccontrol/default.nix
+++ b/pkgs/tools/misc/ddccontrol/default.nix
@@ -12,13 +12,13 @@
stdenv.mkDerivation rec {
pname = "ddccontrol";
- version = "0.5.1";
+ version = "0.5.2";
src = fetchFromGitHub {
owner = "ddccontrol";
repo = "ddccontrol";
- rev = "0.5.1";
- sha256 = "sha256-e6Rzzz5S+Um2ZBuUkfAJQA4V+zqCqsUHB0f1t/dTU2w=";
+ rev = "0.5.2";
+ sha256 = "sha256-kul0sjbwbCwadvrccG3KwL/fKWACFUg74QGvgfWE4FQ=";
};
nativeBuildInputs = [
From c234c5b16dc9a1a66d9bda38dcd8e1eb034e74a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= <me@danieldk.eu>
Date: Thu, 6 May 2021 19:32:51 +0200
Subject: [PATCH 02/20] fedora-backgrounds.f34: init at 34.0.1
---
pkgs/data/misc/fedora-backgrounds/default.nix | 11 +++++++++++
.../misc/fedora-backgrounds/f34-fix-xfce-path.patch | 13 +++++++++++++
2 files changed, 24 insertions(+)
create mode 100644 pkgs/data/misc/fedora-backgrounds/f34-fix-xfce-path.patch
diff --git a/pkgs/data/misc/fedora-backgrounds/default.nix b/pkgs/data/misc/fedora-backgrounds/default.nix
index 31bc28a9f9c1..3089e721a7c9 100644
--- a/pkgs/data/misc/fedora-backgrounds/default.nix
+++ b/pkgs/data/misc/fedora-backgrounds/default.nix
@@ -20,4 +20,15 @@ in {
# Fix broken symlinks in the Xfce background directory.
patches = [ ./f33-fix-xfce-path.patch ];
};
+
+ f34 = fedoraBackground rec {
+ version = "34.0.1";
+ src = fetchurl {
+ url = "https://github.com/fedoradesign/backgrounds/releases/download/v${version}/f${lib.versions.major version}-backgrounds-${version}.tar.xz";
+ hash = "sha256-0gotgQ4N0yE8WZbsu7B3jmUIZrycbqjEMxZl01JcJj4=";
+ };
+ # Fix broken symlinks in the Xfce background directory.
+ patches = [ ./f34-fix-xfce-path.patch ];
+ };
+
}
diff --git a/pkgs/data/misc/fedora-backgrounds/f34-fix-xfce-path.patch b/pkgs/data/misc/fedora-backgrounds/f34-fix-xfce-path.patch
new file mode 100644
index 000000000000..847927667133
--- /dev/null
+++ b/pkgs/data/misc/fedora-backgrounds/f34-fix-xfce-path.patch
@@ -0,0 +1,13 @@
+diff --git a/default/Makefile b/default/Makefile
+index 172d5d9..540a1c0 100644
+--- a/default/Makefile
++++ b/default/Makefile
+@@ -1,7 +1,7 @@
+ WP_NAME=f34
+ WP_BIGNAME=F34
+ WP_DIR=$(DESTDIR)/usr/share/backgrounds/$(WP_NAME)
+-WP_DIR_LN=/usr/share/backgrounds/$(WP_NAME)
++WP_DIR_LN=$(DESTDIR)/usr/share/backgrounds/$(WP_NAME)
+ GNOME_BG_DIR=$(DESTDIR)/usr/share/gnome-background-properties
+ KDE_BG_DIR=$(DESTDIR)/usr/share/wallpapers
+ MATE_BG_DIR=$(DESTDIR)/usr/share/mate-background-properties
From 8c934146d792272248b369220910d4fefae28eaa Mon Sep 17 00:00:00 2001
From: Michael Lingelbach <m.j.lbach@gmail.com>
Date: Thu, 6 May 2021 08:22:24 -0700
Subject: [PATCH 03/20] pythonPackages.python-socks: init at 1.2.4
---
.../python-modules/python-socks/default.nix | 22 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 ++
2 files changed, 24 insertions(+)
create mode 100644 pkgs/development/python-modules/python-socks/default.nix
diff --git a/pkgs/development/python-modules/python-socks/default.nix b/pkgs/development/python-modules/python-socks/default.nix
new file mode 100644
index 000000000000..dcf268808275
--- /dev/null
+++ b/pkgs/development/python-modules/python-socks/default.nix
@@ -0,0 +1,22 @@
+{ lib, buildPythonPackage, trio, curio, async-timeout, fetchPypi, pythonOlder }:
+
+buildPythonPackage rec {
+ pname = "python-socks";
+ version = "1.2.4";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "1n6xb18jy41ybgkmamakg6psp3qididd45qknxiggngaiibz43kx";
+ };
+
+ disabled = pythonOlder "3.6.1";
+
+ propagatedBuildInputs = [ trio curio async-timeout ];
+
+ meta = with lib; {
+ description = "Core proxy client (SOCKS4, SOCKS5, HTTP) functionality for Python";
+ homepage = "https://github.com/romis2012/python-socks";
+ license = licenses.asl20;
+ maintainers = with maintainers; [ mjlbach ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 33559777930e..34e2f79264e3 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -6634,6 +6634,8 @@ in {
python-socketio_4 = callPackage ../development/python-modules/python-socketio/4.nix { };
+ python-socks = callPackage ../development/python-modules/python-socks { };
+
python-sql = callPackage ../development/python-modules/python-sql { };
python-stdnum = callPackage ../development/python-modules/python-stdnum { };
From aa9f35493f772b91d9fc97fe7010e60b58ead82a Mon Sep 17 00:00:00 2001
From: Michael Lingelbach <m.j.lbach@gmail.com>
Date: Thu, 6 May 2021 10:50:55 -0700
Subject: [PATCH 04/20] pythonPackages.unpaddedbase64: 1.1.0 -> 2.1.0
---
.../python-modules/unpaddedbase64/default.nix | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/unpaddedbase64/default.nix b/pkgs/development/python-modules/unpaddedbase64/default.nix
index 96b27127cc60..b5ff5be20616 100644
--- a/pkgs/development/python-modules/unpaddedbase64/default.nix
+++ b/pkgs/development/python-modules/unpaddedbase64/default.nix
@@ -1,19 +1,25 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
+, poetry-core
}:
buildPythonPackage rec {
pname = "unpaddedbase64";
- version = "1.1.0";
+ version = "2.1.0";
+ format = "pyproject";
src = fetchFromGitHub {
owner = "matrix-org";
repo = "python-${pname}";
rev = "refs/tags/v${version}";
- sha256 = "0if3fjfxga0bwdq47v77fs9hrcqpmwdxry2i2a7pdqsp95258nxd";
+ sha256 = "1n6har8pxv0mqb96lanzihp1xf76aa17jw3977drb1fgz947pnmz";
};
+ nativeBuildInputs = [
+ poetry-core
+ ];
+
meta = with lib; {
homepage = "https://github.com/matrix-org/python-unpaddedbase64";
description = "Unpadded Base64";
From 9c220bb2e857212229fde7a6c153e12bf0ba8747 Mon Sep 17 00:00:00 2001
From: Michael Lingelbach <m.j.lbach@gmail.com>
Date: Thu, 6 May 2021 10:52:30 -0700
Subject: [PATCH 05/20] pythonPackages.aiohttp-socks: 0.3.9 -> 0.6.0
---
pkgs/development/python-modules/aiohttp-socks/default.nix | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/pkgs/development/python-modules/aiohttp-socks/default.nix b/pkgs/development/python-modules/aiohttp-socks/default.nix
index 7b0bfe80684a..4e75f56a8dab 100644
--- a/pkgs/development/python-modules/aiohttp-socks/default.nix
+++ b/pkgs/development/python-modules/aiohttp-socks/default.nix
@@ -1,16 +1,16 @@
-{ lib, fetchPypi, buildPythonPackage, pythonOlder, aiohttp, attrs }:
+{ lib, fetchPypi, buildPythonPackage, pythonOlder, aiohttp, python-socks, attrs }:
buildPythonPackage rec {
pname = "aiohttp-socks";
- version = "0.3.9";
+ version = "0.6.0";
src = fetchPypi {
inherit version;
pname = "aiohttp_socks";
- sha256 = "1mn2ng66951mri49f99zh3660j83kvqhr6dpx90s9fkjwk83hmjy";
+ sha256 = "04w010bvi719ifpc3sshav95k10hf9nq8czn9yglkj206yxcypdr";
};
- propagatedBuildInputs = [ aiohttp attrs ];
+ propagatedBuildInputs = [ aiohttp attrs python-socks ];
# Checks needs internet access
doCheck = false;
From 76269d59b3eef323bae5b634562db5da011763f2 Mon Sep 17 00:00:00 2001
From: Michael Lingelbach <m.j.lbach@gmail.com>
Date: Thu, 6 May 2021 10:53:39 -0700
Subject: [PATCH 06/20] pythonPackages.matrix-nio: 0.15.2 -> 0.18.0
---
pkgs/development/python-modules/matrix-nio/default.nix | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/matrix-nio/default.nix b/pkgs/development/python-modules/matrix-nio/default.nix
index 69774b58eb69..8615414f9b8a 100644
--- a/pkgs/development/python-modules/matrix-nio/default.nix
+++ b/pkgs/development/python-modules/matrix-nio/default.nix
@@ -2,9 +2,11 @@
, buildPythonPackage
, fetchFromGitHub
, git
+, poetry-core
, attrs
, future
, aiohttp
+, aiohttp-socks
, aiofiles
, h11
, h2
@@ -20,23 +22,26 @@
buildPythonPackage rec {
pname = "matrix-nio";
- version = "0.15.2";
+ version = "0.18.0";
+ format = "pyproject";
src = fetchFromGitHub {
owner = "poljar";
repo = "matrix-nio";
rev = version;
- sha256 = "190xw3cvk4amr9pl8ip2i7k3xdjd0231kn2zl6chny5axx22p1dv";
+ sha256 = "1rn5lz81y4bvgjhxzd57qhr0lmkm5xljl4bj9w10lnm4f7ls0xdi";
};
nativeBuildInputs = [
git
+ poetry-core
];
propagatedBuildInputs = [
attrs
future
aiohttp
+ aiohttp-socks
aiofiles
h11
h2
From 3f053cf4ab17d498b475e2fd270bd040e3c2ec51 Mon Sep 17 00:00:00 2001
From: Symphorien Gibol <symphorien+git@xlumurb.eu>
Date: Sat, 20 Mar 2021 18:54:15 +0100
Subject: [PATCH 07/20] python3.pkgs.matrix-nio: enable tests
---
.../python-modules/matrix-nio/default.nix | 22 ++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/pkgs/development/python-modules/matrix-nio/default.nix b/pkgs/development/python-modules/matrix-nio/default.nix
index 8615414f9b8a..9f10510d243b 100644
--- a/pkgs/development/python-modules/matrix-nio/default.nix
+++ b/pkgs/development/python-modules/matrix-nio/default.nix
@@ -18,6 +18,12 @@
, peewee
, cachetools
, atomicwrites
+, pytestCheckHook
+, faker
+, aioresponses
+, hypothesis
+, pytest-aiohttp
+, pytest-benchmark
}:
buildPythonPackage rec {
@@ -35,6 +41,7 @@ buildPythonPackage rec {
nativeBuildInputs = [
git
poetry-core
+ pytestCheckHook
];
propagatedBuildInputs = [
@@ -55,7 +62,20 @@ buildPythonPackage rec {
atomicwrites
];
- doCheck = false;
+ checkInputs = [
+ faker
+ aioresponses
+ hypothesis
+ pytest-aiohttp
+ pytest-benchmark
+ ];
+
+ disabledTests = [
+ # touches network
+ "test_connect_wrapper"
+ # time dependent and flaky
+ "test_transfer_monitor_callbacks"
+ ];
meta = with lib; {
description = "A Python Matrix client library, designed according to sans I/O principles";
From d7ba1c9cfd93aec87c561dbbdb5a6bf4cff790f7 Mon Sep 17 00:00:00 2001
From: Guillaume Girol <symphorien+git@xlumurb.eu>
Date: Fri, 7 May 2021 12:00:00 +0000
Subject: [PATCH 08/20] python3Packages.peewee: 0.13.3 -> 0.14.4
---
pkgs/development/python-modules/peewee/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/peewee/default.nix b/pkgs/development/python-modules/peewee/default.nix
index 6f5d8e262279..fd057d24d31e 100644
--- a/pkgs/development/python-modules/peewee/default.nix
+++ b/pkgs/development/python-modules/peewee/default.nix
@@ -12,14 +12,14 @@
buildPythonPackage rec {
pname = "peewee";
- version = "3.13.3";
+ version = "3.14.4";
# pypi release does not provide tests
src = fetchFromGitHub {
owner = "coleifer";
repo = pname;
rev = version;
- sha256 = "1r67hxb9m6v0xbnbqfnsw6dahmdr94pf81b4x51jfw6x9sa4izi4";
+ sha256 = "0x85swpaffysc05kka0mab87cnilzw1lpacfhcx5ayabh0i2qsh6";
};
From 7c8e33bbd46d208b69c2f9e248c36d64115a60cf Mon Sep 17 00:00:00 2001
From: Guillaume Girol <symphorien+git@xlumurb.eu>
Date: Fri, 7 May 2021 12:00:00 +0000
Subject: [PATCH 09/20] pantalaimon: 0.8.0 -> 0.9.2
fix build
---
.../instant-messengers/pantalaimon/default.nix | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/pkgs/applications/networking/instant-messengers/pantalaimon/default.nix b/pkgs/applications/networking/instant-messengers/pantalaimon/default.nix
index 9c99741823aa..dd46b64e4f64 100644
--- a/pkgs/applications/networking/instant-messengers/pantalaimon/default.nix
+++ b/pkgs/applications/networking/instant-messengers/pantalaimon/default.nix
@@ -1,7 +1,7 @@
{ lib, stdenv, buildPythonApplication, fetchFromGitHub, pythonOlder,
attrs, aiohttp, appdirs, click, keyring, Logbook, peewee, janus,
prompt_toolkit, matrix-nio, dbus-python, pydbus, notify2, pygobject3,
- setuptools,
+ setuptools, fetchpatch,
pytest, faker, pytest-aiohttp, aioresponses,
@@ -10,7 +10,7 @@
buildPythonApplication rec {
pname = "pantalaimon";
- version = "0.8.0";
+ version = "0.9.2";
disabled = pythonOlder "3.6";
@@ -19,9 +19,17 @@ buildPythonApplication rec {
owner = "matrix-org";
repo = pname;
rev = version;
- sha256 = "0n86cdpw85qzlcr1ynvar0f0zbphmdz1jia9r75lmj07iw4r5hk9";
+ sha256 = "11dfv5b2slqybisq6npmrqxrzslh4bjs4093vrc05s94046d9d9n";
};
+ patches = [
+ # accept newer matrix-nio versions
+ (fetchpatch {
+ url = "https://github.com/matrix-org/pantalaimon/commit/73f68c76fb05037bd7fe71688ce39eb1f526a385.patch";
+ sha256 = "0wvqcfan8yp67p6khsqkynbkifksp2422b9jy511mvhpy51sqykl";
+ })
+ ];
+
propagatedBuildInputs = [
aiohttp
appdirs
From 9317570735b68b744004ca6ac9c2fb7b175ff131 Mon Sep 17 00:00:00 2001
From: Laurynas Alekna <laurynas@alekna.org>
Date: Fri, 7 May 2021 20:46:21 +0100
Subject: [PATCH 10/20] nixos/docker: ensure ipv4 forwarding is enabled
Fixes #118656
---
nixos/modules/virtualisation/docker.nix | 4 ++++
nixos/tests/docker.nix | 3 +++
2 files changed, 7 insertions(+)
diff --git a/nixos/modules/virtualisation/docker.nix b/nixos/modules/virtualisation/docker.nix
index 3eb0de3a8559..954e33ff24a3 100644
--- a/nixos/modules/virtualisation/docker.nix
+++ b/nixos/modules/virtualisation/docker.nix
@@ -150,6 +150,10 @@ in
config = mkIf cfg.enable (mkMerge [{
boot.kernelModules = [ "bridge" "veth" ];
+ boot.kernel.sysctl = {
+ "net.ipv4.conf.all.forwarding" = mkOverride 99 true;
+ "net.ipv4.conf.default.forwarding" = mkOverride 99 true;
+ };
environment.systemPackages = [ cfg.package ]
++ optional cfg.enableNvidia pkgs.nvidia-docker;
users.groups.docker.gid = config.ids.gids.docker;
diff --git a/nixos/tests/docker.nix b/nixos/tests/docker.nix
index 58e33535ed31..dee7480eb4a9 100644
--- a/nixos/tests/docker.nix
+++ b/nixos/tests/docker.nix
@@ -45,5 +45,8 @@ import ./make-test-python.nix ({ pkgs, ...} : {
# Must match version 4 times to ensure client and server git commits and versions are correct
docker.succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "4" ]')
+ docker.succeed("systemctl restart systemd-sysctl")
+ docker.succeed("grep 1 /proc/sys/net/ipv4/conf/all/forwarding")
+ docker.succeed("grep 1 /proc/sys/net/ipv4/conf/default/forwarding")
'';
})
From 5624aa9f812aeccc6b70de9812a28df28996545a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= <dev@schuetz-co.de>
Date: Wed, 5 May 2021 13:09:45 +0200
Subject: [PATCH 11/20] nixos/sudo: add option execWheelOnly
By setting the executable's group to wheel and permissions to 4510, we
make sure that only members of the wheel group can execute sudo.
---
nixos/modules/security/sudo.nix | 28 +++++++++++++++++++++++++---
nixos/tests/sudo.nix | 21 ++++++++++++++++++++-
2 files changed, 45 insertions(+), 4 deletions(-)
diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix
index cc3ff3d11b91..2e73f8f4f311 100644
--- a/nixos/modules/security/sudo.nix
+++ b/nixos/modules/security/sudo.nix
@@ -61,6 +61,17 @@ in
'';
};
+ security.sudo.execWheelOnly = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Only allow members of the <code>wheel</code> group to execute sudo by
+ setting the executable's permissions accordingly.
+ This prevents users that are not members of <code>wheel</code> from
+ exploiting vulnerabilities in sudo such as CVE-2021-3156.
+ '';
+ };
+
security.sudo.configFile = mkOption {
type = types.lines;
# Note: if syntax errors are detected in this file, the NixOS
@@ -216,9 +227,20 @@ in
${cfg.extraConfig}
'';
- security.wrappers = {
- sudo.source = "${cfg.package.out}/bin/sudo";
- sudoedit.source = "${cfg.package.out}/bin/sudoedit";
+ security.wrappers = let
+ owner = "root";
+ group = if cfg.execWheelOnly then "wheel" else "root";
+ setuid = true;
+ permissions = if cfg.execWheelOnly then "u+rx,g+x" else "u+rx,g+x,o+x";
+ in {
+ sudo = {
+ source = "${cfg.package.out}/bin/sudo";
+ inherit owner group setuid permissions;
+ };
+ sudoedit = {
+ source = "${cfg.package.out}/bin/sudoedit";
+ inherit owner group setuid permissions;
+ };
};
environment.systemPackages = [ sudo ];
diff --git a/nixos/tests/sudo.nix b/nixos/tests/sudo.nix
index 2a85c490665a..4885d6e17b82 100644
--- a/nixos/tests/sudo.nix
+++ b/nixos/tests/sudo.nix
@@ -10,7 +10,7 @@ in
maintainers = [ lschuermann ];
};
- machine =
+ nodes.machine =
{ lib, ... }:
with lib;
{
@@ -48,6 +48,19 @@ in
};
};
+ nodes.strict = { ... }: {
+ users.users = {
+ admin = { isNormalUser = true; extraGroups = [ "wheel" ]; };
+ noadmin = { isNormalUser = true; };
+ };
+
+ security.sudo = {
+ enable = true;
+ wheelNeedsPassword = false;
+ execWheelOnly = true;
+ };
+ };
+
testScript =
''
with subtest("users in wheel group should have passwordless sudo"):
@@ -79,5 +92,11 @@ in
with subtest("users in group 'barfoo' should not be able to keep their environment"):
machine.fail("sudo -u test3 sudo -n -E -u root true")
+
+ with subtest("users in wheel should be able to run sudo despite execWheelOnly"):
+ strict.succeed('su - admin -c "sudo -u root true"')
+
+ with subtest("non-wheel users should be unable to run sudo thanks to execWheelOnly"):
+ strict.fail('su - noadmin -c "sudo --help"')
'';
})
From 41e2941fc29de4e6fe158d17e7ae6228adbb67a5 Mon Sep 17 00:00:00 2001
From: "Robert T. McGibbon" <rmcgibbo@gmail.com>
Date: Sat, 8 May 2021 12:01:02 -0400
Subject: [PATCH 12/20] python3Packages.mlrose: fix build
---
.../python-modules/mlrose/default.nix | 34 ++++++++++++++++---
1 file changed, 29 insertions(+), 5 deletions(-)
diff --git a/pkgs/development/python-modules/mlrose/default.nix b/pkgs/development/python-modules/mlrose/default.nix
index 40e3b6ce0953..b17b56b8f9ee 100644
--- a/pkgs/development/python-modules/mlrose/default.nix
+++ b/pkgs/development/python-modules/mlrose/default.nix
@@ -1,21 +1,45 @@
-{ lib, isPy27, buildPythonPackage, fetchPypi, scikitlearn }:
+{ lib
+, isPy27
+, buildPythonPackage
+, fetchFromGitHub
+, fetchpatch
+, scikitlearn
+, pytestCheckHook
+, pytest-randomly
+}:
buildPythonPackage rec {
pname = "mlrose";
version = "1.3.0";
disabled = isPy27;
- src = fetchPypi {
- inherit pname version;
- sha256 = "cec83253bf6da67a7fb32b2c9ae13e9dbc6cfbcaae2aa3107993e69e9788f15e";
+ src = fetchFromGitHub {
+ owner = "gkhayes";
+ repo = "mlrose";
+ rev = "v${version}";
+ sha256 = "1dn43k3rcypj58ymcj849b37w66jz7fphw8842v6mlbij3x0rxfl";
};
+ patches = [
+ # Fixes compatibility with scikit-learn 0.24.1
+ (fetchpatch {
+ url = "https://github.com/gkhayes/mlrose/pull/55/commits/19caf8616fc194402678aa67917db334ad02852a.patch";
+ sha256 = "1nivz3bn21nd21bxbcl16a6jmy7y5j8ilz90cjmd0xq4v7flsahf";
+ })
+ ];
+
propagatedBuildInputs = [ scikitlearn ];
+ checkInputs = [ pytest-randomly pytestCheckHook ];
postPatch = ''
- sed -i 's,sklearn,scikit-learn,g' setup.py
+ substituteInPlace setup.py --replace sklearn scikit-learn
'';
+ pythonImportsCheck = [ "mlrose" ];
+
+ # Fix random seed during tests
+ pytestFlagsArray = [ "--randomly-seed 0" ];
+
meta = with lib; {
description = "Machine Learning, Randomized Optimization and SEarch";
homepage = "https://github.com/gkhayes/mlrose";
From c6f9eceb3dd6518cd0b82fddf74a1d177eb976c3 Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Sun, 9 May 2021 02:18:51 +0000
Subject: [PATCH 13/20] clash: 1.5.0 -> 1.6.0
---
pkgs/tools/networking/clash/default.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/tools/networking/clash/default.nix b/pkgs/tools/networking/clash/default.nix
index 9cad36c68a63..61e529dc8729 100644
--- a/pkgs/tools/networking/clash/default.nix
+++ b/pkgs/tools/networking/clash/default.nix
@@ -2,16 +2,16 @@
buildGoModule rec {
pname = "clash";
- version = "1.5.0";
+ version = "1.6.0";
src = fetchFromGitHub {
owner = "Dreamacro";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-I4qpcHsN8WGt7YLNXO08BJypilhMSVmZjqECDjlEqXU=";
+ sha256 = "sha256-XG/nci8Sj0vfa/SFPpJwl1Zmt/23LfKxocejplZtS0E=";
};
- vendorSha256 = "sha256-Nfzk7p52msGxTPDbs4g9KuRPFxp4Npt0QXkdVOZvipc=";
+ vendorSha256 = "sha256-WR1CpjEMHRkpd0/iqrOm0oVXvyQO+r6GyeP0L0zx8aA=";
doCheck = false;
From bedbf2c81c2e8cf29cc11df4b3b7eaeae326c119 Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Sun, 9 May 2021 04:45:59 +0000
Subject: [PATCH 14/20] fselect: 0.7.4 -> 0.7.5
---
pkgs/tools/misc/fselect/default.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/tools/misc/fselect/default.nix b/pkgs/tools/misc/fselect/default.nix
index d60e68a0e320..eaddc8790e94 100644
--- a/pkgs/tools/misc/fselect/default.nix
+++ b/pkgs/tools/misc/fselect/default.nix
@@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec {
pname = "fselect";
- version = "0.7.4";
+ version = "0.7.5";
src = fetchFromGitHub {
owner = "jhspetersson";
repo = "fselect";
rev = version;
- sha256 = "sha256-gwFX5c5y4bL+KhPDnvCbDco1ORYyqZYFsetMrmOATZU=";
+ sha256 = "sha256-6/mcGq6qKYmcBcNndYYJB3rnHr6ZVpEcVjJBz7NEJEw=";
};
- cargoSha256 = "sha256-gWCiaAgb7hBenbp1kogCoB6vctYfDZccRW9li2yxJaU=";
+ cargoSha256 = "sha256-W6YmFsTlU3LD3tvhLuA/3k/269gR2RLLOo86BQC5x98=";
nativeBuildInputs = [ installShellFiles ];
buildInputs = lib.optional stdenv.isDarwin libiconv;
From 438b60f3f72725aceecf0e1a3eab0b02d56101c6 Mon Sep 17 00:00:00 2001
From: fortuneteller2k <lythe1107@gmail.com>
Date: Sun, 9 May 2021 13:42:12 +0800
Subject: [PATCH 15/20] openrazer: 3.0.0 -> 3.0.1, mark broken for kernels <
4.19
---
pkgs/development/python-modules/openrazer/common.nix | 6 +++---
pkgs/os-specific/linux/openrazer/driver.nix | 8 +++++++-
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/pkgs/development/python-modules/openrazer/common.nix b/pkgs/development/python-modules/openrazer/common.nix
index 35655b207a59..985d4e199e18 100644
--- a/pkgs/development/python-modules/openrazer/common.nix
+++ b/pkgs/development/python-modules/openrazer/common.nix
@@ -1,16 +1,16 @@
{ lib
, fetchFromGitHub
}: rec {
- version = "3.0.0";
+ version = "3.0.1";
src = fetchFromGitHub {
owner = "openrazer";
repo = "openrazer";
rev = "v${version}";
- sha256 = "sha256-gw6Qt9BntPcF3zw19PXftDbhoCeBr8hwrujy51rb5Fc=";
+ sha256 = "sha256-ptB0jP0kp1Liynkfz0B0OMw6xNQG1s8IvxhgNAdEytM=";
};
meta = with lib; {
homepage = "https://openrazer.github.io/";
- license = licenses.gpl2;
+ license = licenses.gpl2Only;
maintainers = with maintainers; [ roelvandijk evanjs ];
platforms = platforms.linux;
};
diff --git a/pkgs/os-specific/linux/openrazer/driver.nix b/pkgs/os-specific/linux/openrazer/driver.nix
index 4745ba818a90..07113e628625 100644
--- a/pkgs/os-specific/linux/openrazer/driver.nix
+++ b/pkgs/os-specific/linux/openrazer/driver.nix
@@ -10,7 +10,8 @@ let
common = import ../../../development/python-modules/openrazer/common.nix { inherit lib fetchFromGitHub; };
in
stdenv.mkDerivation (common // {
- name = "openrazer-${common.version}-${kernel.version}";
+ pname = "openrazer";
+ version = "${common.version}-${kernel.version}";
nativeBuildInputs = kernel.moduleBuildDependencies;
@@ -19,6 +20,8 @@ stdenv.mkDerivation (common // {
];
installPhase = ''
+ runHook preInstall
+
binDir="$out/lib/modules/${kernel.modDirVersion}/kernel/drivers/hid"
mkdir -p "$binDir"
cp -v driver/*.ko "$binDir"
@@ -32,9 +35,12 @@ stdenv.mkDerivation (common // {
--replace /usr/bin/logger ${util-linux}/bin/logger \
--replace chgrp ${coreutils}/bin/chgrp \
--replace "PATH='/sbin:/bin:/usr/sbin:/usr/bin'" ""
+
+ runHook postInstall
'';
meta = common.meta // {
description = "An entirely open source Linux driver that allows you to manage your Razer peripherals on GNU/Linux";
+ broken = kernel.kernelOlder "4.19";
};
})
From 16a600d29e03751e0a025bfc212f0621778013ab Mon Sep 17 00:00:00 2001
From: freezeboy <freezeboy@users.noreply.github.com>
Date: Sun, 9 May 2021 09:35:15 +0200
Subject: [PATCH 16/20] tuir: unbreak adding six dependency
---
pkgs/applications/misc/tuir/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/applications/misc/tuir/default.nix b/pkgs/applications/misc/tuir/default.nix
index c086cdb9503b..fb1a85b1e491 100644
--- a/pkgs/applications/misc/tuir/default.nix
+++ b/pkgs/applications/misc/tuir/default.nix
@@ -21,7 +21,7 @@ buildPythonApplication rec {
checkInputs = [ coverage coveralls docopt mock pylint pytest vcrpy ];
- propagatedBuildInputs = [ beautifulsoup4 decorator kitchen requests ];
+ propagatedBuildInputs = [ beautifulsoup4 decorator kitchen requests six ];
meta = with lib; {
description = "Browse Reddit from your Terminal (fork of rtv)";
From d3ed0f5028bf29c1ccee82bb815deaf40d337a51 Mon Sep 17 00:00:00 2001
From: erictapen <justin.humm@posteo.de>
Date: Sun, 9 May 2021 10:40:10 +0200
Subject: [PATCH 17/20] ghostwriter: 2.0.0-rc5 -> 2.0.0 (#122268)
---
pkgs/applications/editors/ghostwriter/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/editors/ghostwriter/default.nix b/pkgs/applications/editors/ghostwriter/default.nix
index 2249009af777..4d6eafaa0f0d 100644
--- a/pkgs/applications/editors/ghostwriter/default.nix
+++ b/pkgs/applications/editors/ghostwriter/default.nix
@@ -2,13 +2,13 @@
mkDerivation rec {
pname = "ghostwriter";
- version = "2.0.0-rc5";
+ version = "2.0.0";
src = fetchFromGitHub {
owner = "wereturtle";
repo = pname;
rev = version;
- sha256 = "sha256-Gc0/AHxxJd5Cq3dBQ0Xy2TF78CBmQFYUzm4s7q1aHEE=";
+ sha256 = "sha256-5O2W7ZQeDkNzwi6t9MfNbv4fmNvak1AcMnzJTE1F9L8=";
};
nativeBuildInputs = [ qmake pkg-config qttools ];
From fb8b11917e12d52287de10c52506ba2376123188 Mon Sep 17 00:00:00 2001
From: pacien <pacien.trangirard@pacien.net>
Date: Sun, 9 May 2021 10:49:52 +0200
Subject: [PATCH 18/20] visidata: 2.2.1 -> 2.4
---
pkgs/applications/misc/visidata/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/misc/visidata/default.nix b/pkgs/applications/misc/visidata/default.nix
index fc609b280f99..ad49a1b291e2 100644
--- a/pkgs/applications/misc/visidata/default.nix
+++ b/pkgs/applications/misc/visidata/default.nix
@@ -15,13 +15,13 @@
}:
buildPythonApplication rec {
pname = "visidata";
- version = "2.2.1";
+ version = "2.4";
src = fetchFromGitHub {
owner = "saulpw";
repo = "visidata";
rev = "v${version}";
- sha256 = "1gkvnywjg0n3n7d855ivclsj3d8mzihhkgv9a18srcszkmyix903";
+ sha256 = "0mvf2603d9b0s6rh7sl7mg4ipbh0nk05xgh1078mwvx31qjsmq1i";
};
propagatedBuildInputs = [
From c0a998de58a89ed92a4657871d0b9e24f38fd92a Mon Sep 17 00:00:00 2001
From: DavHau <hsngrmpf+github@gmail.com>
Date: Sun, 9 May 2021 14:42:02 +0700
Subject: [PATCH 19/20] python3Packages.pyexcel-xls: unbreak
---
pkgs/development/python-modules/pyexcel-xls/default.nix | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/pkgs/development/python-modules/pyexcel-xls/default.nix b/pkgs/development/python-modules/pyexcel-xls/default.nix
index 7e09a21e3627..29d6df409a60 100644
--- a/pkgs/development/python-modules/pyexcel-xls/default.nix
+++ b/pkgs/development/python-modules/pyexcel-xls/default.nix
@@ -30,7 +30,11 @@ buildPythonPackage rec {
mock
];
- checkPhase = "nosetests";
+ postPatch = ''
+ substituteInPlace setup.py --replace "xlrd<2" "xlrd<3"
+ '';
+
+ checkPhase = "nosetests --exclude test_issue_151";
meta = {
description = "A wrapper library to read, manipulate and write data in xls using xlrd and xlwt";
From ca365f6946d6349a5e2fb70ceaff126772169691 Mon Sep 17 00:00:00 2001
From: Michael Raskin <7c6f434c@mail.ru>
Date: Sun, 9 May 2021 00:10:23 +0200
Subject: [PATCH 20/20] monotone: 1.1 -> 1.1-unstable-2021-05-01 to move from
insecure botan 1
---
.../version-management/monotone/default.nix | 40 ++++++++++++++-----
pkgs/top-level/all-packages.nix | 1 -
2 files changed, 30 insertions(+), 11 deletions(-)
diff --git a/pkgs/applications/version-management/monotone/default.nix b/pkgs/applications/version-management/monotone/default.nix
index f20d827dc5ff..48af459260df 100644
--- a/pkgs/applications/version-management/monotone/default.nix
+++ b/pkgs/applications/version-management/monotone/default.nix
@@ -1,10 +1,11 @@
-{ lib, stdenv, fetchurl, boost, zlib, botan, libidn
-, lua, pcre, sqlite, perl, pkg-config, expect
+{ lib, stdenv, fetchurl, fetchFromGitHub, boost, zlib, botan2, libidn
+, lua, pcre, sqlite, perl, pkg-config, expect, less
, bzip2, gmp, openssl
+, autoreconfHook, texinfo
}:
let
- version = "1.1";
+ version = "1.1-unstable-2021-05-01";
perlVersion = lib.getVersion perl;
in
@@ -14,22 +15,41 @@ stdenv.mkDerivation rec {
pname = "monotone";
inherit version;
- src = fetchurl {
- url = "http://monotone.ca/downloads/${version}/monotone-${version}.tar.bz2";
- sha256 = "124cwgi2q86hagslbk5idxbs9j896rfjzryhr6z63r6l485gcp7r";
+ # src = fetchurl {
+ # url = "http://monotone.ca/downloads/${version}/monotone-${version}.tar.bz2";
+ # sha256 = "124cwgi2q86hagslbk5idxbs9j896rfjzryhr6z63r6l485gcp7r";
+ # };
+
+ # My mirror of upstream Monotone repository
+ # Could fetchmtn, but circular dependency; snapshot requested
+ # https://lists.nongnu.org/archive/html/monotone-devel/2021-05/msg00000.html
+ src = fetchFromGitHub {
+ owner = "7c6f434c";
+ repo = "monotone-mirror";
+ rev = "b30b0e1c16def043d2dad57d1467d5bfdecdb070";
+ hash = "sha256:1hfy8vaap3184cd7h3qhz0da7c992idkc6q2nz9frhma45c5vgmd";
};
patches = [ ./monotone-1.1-Adapt-to-changes-in-pcre-8.42.patch ];
- nativeBuildInputs = [ pkg-config ];
- buildInputs = [ boost zlib botan libidn lua pcre sqlite expect
- openssl gmp bzip2 ];
+ postPatch = ''
+ sed -e 's@/usr/bin/less@${less}/bin/less@' -i src/unix/terminal.cc
+ '';
+
+ nativeBuildInputs = [ pkg-config autoreconfHook texinfo ];
+ buildInputs = [ boost zlib botan2 libidn lua pcre sqlite expect
+ openssl gmp bzip2 perl ];
postInstall = ''
mkdir -p $out/share/${pname}-${version}
cp -rv contrib/ $out/share/${pname}-${version}/contrib
mkdir -p $out/${perl.libPrefix}/${perlVersion}
cp -v contrib/Monotone.pm $out/${perl.libPrefix}/${perlVersion}
+
+ patchShebangs "$out/share/monotone"
+ patchShebangs "$out/share/${pname}-${version}"
+
+ find "$out"/share/{doc/monotone,${pname}-${version}}/contrib/ -type f | xargs sed -e 's@! */usr/bin/@!/usr/bin/env @; s@! */bin/bash@!/usr/bin/env bash@' -i
'';
#doCheck = true; # some tests fail (and they take VERY long)
@@ -38,6 +58,6 @@ stdenv.mkDerivation rec {
description = "A free distributed version control system";
maintainers = [ maintainers.raskin ];
platforms = platforms.unix;
- license = licenses.gpl2;
+ license = licenses.gpl2Plus;
};
}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 2bbc2ca4957a..29c8b530ac5b 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -24717,7 +24717,6 @@ in
monotone = callPackage ../applications/version-management/monotone {
lua = lua5;
- botan = botan.override (x: { openssl = null; });
};
monotoneViz = callPackage ../applications/version-management/monotone-viz {