1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-13 16:15:30 +00:00
Commit graph

535 commits

Author SHA1 Message Date
freezeboy 209fbcb121 unarj: remove (broken since 2016, insecure since 2015) 2020-11-02 03:10:24 +01:00
Patrick Hilhorst f7e390e6d4 treewide: fix redirected urls (run 3)
Related:
 - 9fc5e7e473
 - 593e11fd94
 - 508ae42a0f

Since the last time I ran this script, the Repology API changed, so I had to
adapt the script used in the previous PR. The new API should be more robust, so
overall this is a positive (no more grepping the error messages for our relevant
data but just a nice json structure).

Here's the new script I used:

```sh
curl https://repology.org/api/v1/repository/nix_unstable/problems \
   | jq -r '.[] | select(.type == "homepage_permanent_https_redirect") | .data | "s@\(.url)@\(.target)@"' \
   | sort | uniq | tee script.sed
find -name '*.nix' | xargs -P4 -- sed -f script.sed -i
```

I will also add this script to `maintainers/scripts`.
2020-10-02 09:01:35 -07:00
R. RyanTM 2c58c24ef8 wimlib: 1.13.1 -> 1.13.2 2020-09-06 18:50:08 +02:00
Lassulus 8d01f0d48c
Merge pull request #89249 from david-sawatzke/maxcso-init
maxcso: init at 1.12.0
2020-08-22 16:28:53 +02:00
R. RyanTM 028853c3ef innoextract: 1.8 -> 1.9 2020-08-21 20:50:42 -07:00
Daniël de Kok fdc7e050b0
Merge pull request #95841 from prusnak/bomutils
bomutils: init at 0.2
2020-08-21 07:48:55 +02:00
Pavol Rusnak 96b6e5bc12
bomutils: init at 0.2 2020-08-20 20:45:45 +02:00
Matthew Bauer e57df5816d undmg: use file name instead of pipe
There’s some issue in really big files with pipes that doesn’t occur
in filename decompression.
2020-08-19 19:35:29 -05:00
Matthew Bauer 4694b671b1 undmg: 1.0.5 -> 1.1.0 2020-08-19 19:35:14 -05:00
Frederik Rietdijk 50c060d13d Merge master into staging-next 2020-08-01 19:37:20 +02:00
Matthew Bauer d0677e6d45 treewide: add warning comment to “boot” packages
This adds a warning to the top of each “boot” package that reads:

  Note: this package is used for bootstrapping fetchurl, and thus cannot
  use fetchpatch! All mutable patches (generated by GitHub or cgit) that
  are needed here should be included directly in Nixpkgs as files.

This makes it clear to maintainer that they may need to treat this
package a little differently than others. Importantly, we can’t use
fetchpatch here due to using <nix/fetchurl.nix>. To avoid having stale
hashes, we need to include patches that are subject to changing
overtime (for instance, gitweb’s patches contain a version number at
the bottom).
2020-07-31 08:56:53 +02:00
Matthew Bauer ec80ae2550 undmg: 1.0.3 -> 1.0.5 2020-07-28 16:42:35 -05:00
Matías Lang 410dbaa077 p7zip: fix build when enableUnfree is true
`chmod +x install.sh` was only being executed when enableUnfree was
false. Therefore, building p7zip with enableUnfree set to true would fail
because install.sh was not an executable file.
2020-07-18 17:40:14 -03:00
David Sawatzke d552a13571 maxcso: init at 1.12.0 2020-06-28 20:58:39 +02:00
Bart Brouns 955701709f p7zip: switch to maintained fork
This the fork that true-upstream seems to prefer, see:
https://www.7-zip.org/links.html
2020-06-11 17:16:23 +02:00
ajs124 27e5a3f6c3 unar: fix build with new gnustep-base
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230627 for reference
2020-05-22 21:01:46 +02:00
Martin Weinelt e24f5eab66
treewide: add CVE identifiers to patches
This allows tools like broken.sh to correctly identify the patched
status.
2020-05-06 23:18:09 +02:00
Peter Hoeg 5fda26c3d0
Merge pull request #86628 from peterhoeg/f/unar
unar: 1.10.1 -> 1.10.7
2020-05-03 20:51:29 +08:00
Peter Hoeg 991c4d48db unar: 1.10.1 -> 1.10.7 2020-05-03 12:45:08 +08:00
Keshav Kini 70b4e26403 afio: package has moved to GitHub
The old homepage and src URLs no longer exist.  The author of the package
confirms on GitHub that GitHub is now the official homepage (see
kholtman/afio#12).
2020-05-02 13:39:19 -07:00
Daniel Frank aa80b4780d
p7zip: mark as insecure 2020-05-01 14:26:21 +02:00
Daniel Frank dd16c3944c
p7zip: fix two CVEs 2020-05-01 14:26:18 +02:00
adisbladis 955e235da3
p7zip: Make unfree features (rar support) optional 2020-04-22 16:06:50 +01:00
Emily 95f82e2a45 p7zip: remove non-free RAR support
7-Zip's RAR implementation is built on the non-free UnRAR source code;
DOC/License.txt says:

      Licenses for files are:
    
        1) CPP/7zip/Compress/Rar* files:  GNU LGPL + unRAR restriction
        2) All other files:  GNU LGPL
    
      The GNU LGPL + unRAR restriction means that you must follow both 
      GNU LGPL rules and unRAR restriction rules.
    
    ...
    
      unRAR restriction
      -----------------
    
        The decompression engine for RAR archives was developed using source 
        code of unRAR program.
        All copyrights to original unRAR code are owned by Alexander Roshal.
    
        The license for original unRAR code has the following restriction:
    
        The unRAR sources cannot be used to re-create the RAR compression algorithm, 
        which is proprietary. Distribution of modified unRAR sources in separate form 
        or as a part of other software is permitted, provided that it is clearly
        stated in the documentation and source comments that the code may
        not be used to develop a RAR (WinRAR) compatible archiver.

The unrar licensing is [infamously restrictive and non-free][fedora];
it's inappropriate for us to keep the RAR support while labelling the
package as free software (and indeed there's a commented-out line
pointing out that the current `meta.license` is false). Unfortunately,
the 7-Zip upstream seems uninterested in replacing the code with a
freely-licensed alternative (see [7-Zip ticket #1229][7zip]).

[fedora]: https://fedoraproject.org/wiki/Licensing:Unrar
[7zip]: https://sourceforge.net/p/sevenzip/feature-requests/1229/

An alternative solution would be to mark the p7zip package as non-free
instead; I decided not to because its other functionality (especially
`.7z` support) is freely-licensed and useful, and there are free
software alternatives for extracting RAR files (e.g. in nixpkgs there's
`archiver`, which is written in a memory-safe language, and `unar`,
which at least doesn't have two patches for CVEs that haven't been
addressed upstream...).

I checked that `7z(1)` fails gracefully on `.rar` files now:
    
    emily@renko ~/tmp> curl -L -O https://www.philippwinterberg.com/download/example.rar
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    100 5715k  100 5715k    0     0  6716k      0 --:--:-- --:--:-- --:--:-- 6716k
    emily@renko ~/tmp> 7z x example.rar
    
    7-Zip [64] 16.02 : Copyright (c) 1999-2016 Igor Pavlov : 2016-05-21
    p7zip Version 16.02 (locale=en_CA.UTF-8,Utf16=on,HugeFiles=on,64 bits,8 CPUs x64)
    
    Scanning the drive for archives:
    1 file, 5853119 bytes (5716 KiB)
    
    Extracting archive: example.rar
    ERROR: example.rar
    Can not open the file as archive
    
        
    Can't open as archive: 1
    Files: 0
    Size:       0
    Compressed: 0
2020-04-22 15:01:48 +00:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
R. RyanTM 233165ad0f unrar: 5.9.1 -> 5.9.2 2020-04-07 21:36:22 +00:00
Vladimír Čunát 48a997cd76
Merge #66528: glibc: 2.27 -> 2.30 (into staging)
Includes update of stdenv bootstap tools (for three main platforms)
and many package fixes with new glibc.
2020-02-05 13:41:09 +01:00
R. RyanTM a91faae4a6 unrar: 5.8.5 -> 5.9.1 2020-02-04 19:51:34 +00:00
Maximilian Bosch 6b0cd9ad47
Merge branch 'staging' into glibc230
Conflicts:
	pkgs/applications/misc/vit/default.nix
2020-01-28 14:54:51 +01:00
Silvan Mosberger 80a2740991
Merge pull request #78265 from Synthetica9/https-homepages
treewide: fix redirected urls
2020-01-27 15:00:53 +01:00
Michael Weiss 983f39cdab
unrar: Install all C++ header files into the "dev" output
This is e.g. required for the rar2fs build [0], which needs at least
version.hpp, rar.hpp, dllext.hpp, dll.hpp, and headers5.hpp.

At least Gentoo does this as well [1] but most other distributions only
install dll.hpp or no header files at all.

[0]: https://github.com/NixOS/nixpkgs/pull/78189
[1]: https://gitweb.gentoo.org/repo/gentoo.git/tree/app-arch/unrar/unrar-5.8.5.ebuild
2020-01-23 21:16:38 +01:00
Patrick Hilhorst 593e11fd94
treewide: fix redirected urls
According to https://repology.org/repository/nix_unstable/problems, we have a
lot of packages that have http links that redirect to https as their homepage.
This commit updates all these packages to use the https links as their
homepage.

The following script was used to make these updates:

```

curl https://repology.org/api/v1/repository/nix_unstable/problems \
    | jq '.[] | .problem' -r \
    | rg 'Homepage link "(.+)" is a permanent redirect to "(.+)" and should be updated' --replace 's@$1@$2@' \
    | sort | uniq > script.sed

find -name '*.nix' | xargs -P4 -- sed -f script.sed -i
```
2020-01-22 11:26:22 +01:00
Luka Blaskovic 89590eb7bf sharutils: fix build with glibc>=2.28 2020-01-14 08:26:59 +00:00
Robin Gloster 2157dcd141
treewide: installFlags is a list 2019-12-30 13:22:43 +01:00
Merijn Broeren 133103d709
treewide: replace make/build/configure/patchFlags with nix lists 2019-12-30 12:58:11 +01:00
Robin Gloster 76b774e89a
zip: *Flags are lists 2019-12-30 11:13:42 +01:00
Robin Gloster e49f0d4985
unzip: *Flags are lists 2019-12-30 11:13:42 +01:00
Nathan b0caf68bff
maintainer-list.nix: remove ndowens 2019-12-26 16:47:41 -05:00
R. RyanTM cb90c9da24 unrar: 5.8.4 -> 5.8.5 2019-12-24 13:51:50 -08:00
R. RyanTM a1937011b2 unrar: 5.8.3 -> 5.8.4 2019-11-29 22:32:18 +01:00
Frederik Rietdijk be7125dde7 Merge master into staging-next 2019-11-16 11:45:07 +01:00
c0bw3b 9367367dfd Treewide: fix URL permanent redirects
Permanent redirects on homepages and/or source URLs
as reported by Repology
2019-11-16 01:41:23 +01:00
Lancelot SIX fe758f5fa3 cpio: 2.12 -> 2.13
See https://lists.gnu.org/archive/html/info-gnu/2019-11/msg00002.html
for release information.

Fixes CVE-2019-14866
2019-11-12 14:46:08 +01:00
Vladimír Čunát 802c81efa4
Merge #71401: unzip: CVE-2019-13232 (into staging) 2019-11-09 15:29:58 +01:00
R. RyanTM a6294b53b7 unrar: 5.8.2 -> 5.8.3 2019-11-03 10:02:50 +01:00
R. RyanTM b78db667d2 unrar: 5.8.1 -> 5.8.2
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unrar/versions
2019-10-24 08:56:18 -07:00
Doron Behar a7077637f9
snzip: init at 1.0.4 2019-10-21 16:10:47 +02:00
Thorsten Weber 4d33b41d3d unzip: CVE-2019-13232 2019-10-20 21:03:49 +02:00
Jan Tojnar b3fcd9375d
Merge branch 'master' into staging-next 2019-10-03 01:47:08 +02:00
R. RyanTM d33e497b1b unrar: 5.7.5 -> 5.8.1
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unrar/versions
2019-10-02 23:52:53 +02:00