1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-01 10:00:56 +00:00
Commit graph

106779 commits

Author SHA1 Message Date
Kranium Gikos Mendoza 7dbab8b2ff leatherman: 0.10.1 -> 0.11.2 2017-04-30 21:12:47 +10:00
Kranium Gikos Mendoza a513a38066 cpp-hocon: 0.1.4 -> 0.1.5 2017-04-30 21:12:29 +10:00
Frederik Rietdijk e42792ad46 Merge pull request #25028 from armijnhemel/psycopg2
psycopg2: 2.6.1 -> 2.7.1
2017-04-30 13:03:55 +02:00
David Izquierdo b8463e97b6 pythonPackages.markupsafe: 0.23 -> 1.0 2017-04-30 12:56:38 +02:00
Michael Raskin ce9c7dd0d6 Merge pull request #21822 from rht/master
coq_HEAD: Update to the latest commit
2017-04-30 12:49:20 +02:00
Frederik Rietdijk b6cffb5d58 pythonPackages: comment explaining what's supposed to be in there 2017-04-30 12:45:52 +02:00
Peter Marheine 53c2f3c52e cherrypy: 3.2.2 -> 8.7.0 2017-04-30 12:28:46 +02:00
Peter Marheine 88d78f9d46 babelfish: 0.5.3 -> 0.5.5 2017-04-30 12:28:45 +02:00
Peter Marheine 5bd1ea51cb apscheduler: 3.0.4 -> 3.3.1 2017-04-30 12:28:45 +02:00
Michael Raskin b5c3586289 Merge pull request #25333 from zraexy/zraexy-nvidia-x11
nvidia-x11: switch download urls to https
2017-04-30 12:23:54 +02:00
Michael Raskin cd9ebdaa18 Merge pull request #25334 from volth/xfce4-dockbarx-plugin
xfce4-dockbarx-plugin: init at 0.5
2017-04-30 12:20:02 +02:00
Michael Raskin 689916b98f Merge pull request #25337 from benley/nm-dnsmasq
nixos: optional NetworkManager dnsmasq integration
2017-04-30 12:18:34 +02:00
Michael Raskin 56a90b2fbf Merge pull request #25338 from changlinli/upgrade-rstudio
RStudio: 0.98.110 -> 1.1.216
2017-04-30 12:17:46 +02:00
Peter Marheine 19629c4892 zerobin: disable tests because it doesn't have any
It does however contain a copy of cherrypy that doesn't get installed,
which fails tests when it tries to import from cherrypy and gets imports
from the version provided by Nix (which is probably not the same one as
is having its tests run).
2017-04-30 12:10:27 +02:00
Peter Marheine 2074d586a9 terminaltables: init at 3.1.0 2017-04-30 12:10:27 +02:00
Peter Marheine 7c25047677 safe: init at 0.4 2017-04-30 12:10:26 +02:00
Peter Marheine 4bd86e5c51 colorclass: init at 2.2.0 2017-04-30 12:10:25 +02:00
Peter Marheine 044b3c93e7 rebulk: init at 0.8.2 2017-04-30 12:10:25 +02:00
Peter Marheine fc71c626e7 flask-restplus: init at 0.8.6 2017-04-30 12:10:24 +02:00
Peter Marheine 3af5b60e27 flask-restful: init at 0.3.5 2017-04-30 12:10:24 +02:00
Peter Marheine 0f765d7807 flask-compress: init at 1.3.2 2017-04-30 12:10:23 +02:00
Peter Marheine 1bcc8d026c aniso8601: init at 1.2.0 2017-04-30 12:10:23 +02:00
Michael Raskin 71306c71c0 torbrowser: comment out the warning, as it got displayed in irrelevant contexts 2017-04-30 12:09:27 +02:00
Joachim Fasting 1dd3ba924b
nixos/hardened profile: disable hibernation
Recommended by KSPP
2017-04-30 12:06:11 +02:00
Joachim Fasting ffa83edf4a
nixos/tests: add tests for exercising various hardening features
This test exercises the linux_hardened kernel along with the various
hardening features (enabled via the hardened profile).

Move hidepid test from misc, so that misc can go back to testing a vanilla
configuration.
2017-04-30 12:05:42 +02:00
Joachim Fasting ab4fa1cce4
tree-wide: prune some dead grsec leaves
The beginning of pruning grsecurity/PaX from the tree.
2017-04-30 12:05:41 +02:00
Joachim Fasting 8c98e8ca2f
nixos/hardened profile: use the linux_hardened kernel 2017-04-30 12:05:40 +02:00
Joachim Fasting 62f2a1c2be
linux_hardened: init
The rationale for this is to have a place to enable hardening features
that are either too invasive or that may be speculative/yet proven to be
worthwhile for general-purpose kernels.
2017-04-30 12:05:39 +02:00
Joachim Fasting 6a5a5728ee
nixos/hardened profile: lock kernel modules 2017-04-30 12:05:38 +02:00
Joachim Fasting 878ad1ce6e
nixos: add option to lock kernel modules
Adds an option `security.lockKernelModules` that, when enabled, disables
kernel module loading once the system reaches its normal operating state.

The rationale for this over simply setting the sysctl knob is to allow
some legitmate kernel module loading to occur; the naive solution breaks
too much to be useful.

The benefit to the user is to help ensure the integrity of the kernel
runtime: only code loaded as part of normal system initialization will be
available in the kernel for the duration of the boot session.  This helps
prevent injection of malicious code or unexpected loading of legitimate
but normally unused modules that have exploitable bugs (e.g., DCCP use
after free CVE-2017-6074, n_hldc CVE-2017-2636, XFRM framework
CVE-2017-7184, L2TPv3 CVE-2016-10200).

From an aestethic point of view, enabling this option helps make the
configuration more "declarative".

Closes https://github.com/NixOS/nixpkgs/pull/24681
2017-04-30 12:05:37 +02:00
Changlin Li d6f602c247 RStudio: 0.98.110 -> 1.1.216
This fixes incompatibilities introduced by a new R version in
d16c38a260

It also fixes #25315 as a result.
2017-04-30 05:47:33 -04:00
Vladimír Čunát 7ee05dff30
Merge: efl: 1.18.x -> 1.19.0 (close #25095)
I used a setupHook instead of patching expressions for individual
reverse dependencies (four were broken).
2017-04-30 11:36:36 +02:00
Vladimír Čunát 18a7f7d4a5
efl: set $HOME for reverse dependencies 2017-04-30 11:35:59 +02:00
Vladimír Čunát aa044dd105
efl: wrap the first line
It was >400 chars long!
2017-04-30 11:35:30 +02:00
Jörg Thalheim fa5196e47e Merge pull request #25005 from Lassulus/copytoram
nixos/stage1: add copytoram support
2017-04-30 11:22:45 +02:00
Frederik Rietdijk dce7ebbd9b pythonPackages.basemap: build wheel, fixes #24621 2017-04-30 10:37:04 +02:00
Frederik Rietdijk a4aaf5adfd pyside: fix on Python 3.x, closes #25328
Pyside requires several tools that do not provide Python modules. They
therefore do not need to be build Python-version dependent and so we
move them out of `python-packages.nix`.

Furthermore, shiboken needs libxml2 and libxslt libraries but not their
Python bindings.
2017-04-30 10:33:19 +02:00
Michael Raskin d729a25a3e Merge pull request #21321 from rardiol/worldengine
Worldengine
2017-04-30 10:28:40 +02:00
Alexey Lebedeff 4ae18e0463 apitrace: 7.1 -> git (#24829)
After upgrade `qapitrace` have working "Buffers" tab where the data
can be inspected (it was always empty before).

There is no tags after `7.1`, but I think that fixing pretty important
piece of functionality warrants an upgrade to current `master` tip.
2017-04-30 10:27:17 +02:00
Frederik Rietdijk 3425c37ac6 Merge pull request #25336 from matthewbauer/nix-bundle
nix-bundle: v0.1.1 -> v0.1.3
2017-04-30 09:58:18 +02:00
Benjamin Staffin 9827d5f95c
nixos: optional NetworkManager dnsmasq integration 2017-04-30 00:44:19 -07:00
Matthew Bauer 8b5854e260 nix-bundle: 0.1.2 -> 0.1.3 2017-04-30 02:23:31 -05:00
Peter Hoeg 03f939ebf7 kirigami2: 1.90.0 -> 2.1.0
Also use a generic builder.
2017-04-30 14:07:45 +08:00
Guillaume Maudoux 92f53af64d factorio-demo: init at 0.14.23 (#25265) 2017-04-30 02:51:07 +01:00
Shea Levy 99c28df9e5 hackage-packages.nix: automatic Haskell package set update
This update was generated by hackage2nix v2.1.1-8-g19ebdb9 from Hackage revision
3fcb79c182.
2017-04-29 21:31:34 -04:00
Michael Raskin 9031c35b6c julia_05: 0.5.0 -> 0.5.1 2017-04-30 01:13:44 +02:00
John Ericson f71456ac24 Merge pull request #25301 from matthewbauer/impure-cross
impure.nix: add crossSystem as arg
2017-04-29 23:19:52 +01:00
Volth f17a0fcdba xfce4-dockbarx-plugin: init at 0.5 2017-04-29 22:15:40 +00:00
Jan Malakhovski 48ec680ddb torbrowser: rename to tor-browser-bundle-bin 2017-04-30 00:08:21 +02:00
SLNOS 00a0b8a574 firefoxPackages: tor-browser: init at 6.5.2 2017-04-30 00:08:19 +02:00