https://lists.torproject.org/pipermail/tor-announce/2019-January/000171.html
FWIW, in the ChangeLog (in the source, sorry) it mentions:
As a reminder, the Tor 0.3.4 series will be supported until 10 June
2019. Some time between now and then, users should switch to the Tor
0.3.5 series, which will receive long-term support until at least 1
Feb 2022.
So we should consider moving to 0.3.5 "soon" :).
This introduces a dependency on xxHash. Unfortunately, hashcat's
build system wants to rebuild xxHash from the source code located
in `<hashcat source root>/deps/git/xxHash`, a Git submodule whose
contents are not included in the source tarball we currently
download.
This could be fixed by either using a recursive git clone instead
a tarball download, or patching the build files to use an existing
installation of xxHash (i.e. the one already provided by Nix). I
believe the latter is preferable since it avoids the situation in
which the xxHash version used by hashcat is different to the xxHash
version used by all other Nix packages.
Fortunately, this situation has been greatly improved [1] since
release 5.0.0; the next release of hashcat should drop usage of
git submodules and provide better support for using existing
installations of dependencies.
[1] 4177e1ee28
Undefined symbols for architecture x86_64:
"_OBJC_CLASS_$_NSData", referenced from:
objc-class-ref in _x002.o
"_OBJC_CLASS_$_NSDictionary", referenced from:
objc-class-ref in _x002.o
"_OBJC_CLASS_$_NSURL", referenced from:
objc-class-ref in _x002.o
ld: symbol(s) not found for architecture x86_64
Undefined symbols for architecture x86_64:
"_OBJC_CLASS_$_NSArray", referenced from:
objc-class-ref in GPGDefaults.o
"_OBJC_CLASS_$_NSDictionary", referenced from:
objc-class-ref in PinentryController.o
objc-class-ref in GPGDefaults.o
objc-class-ref in KeychainSupport.o
"_OBJC_CLASS_$_NSMutableDictionary", referenced from:
objc-class-ref in GPGDefaults.o
"_OBJC_CLASS_$_NSSet", referenced from:
objc-class-ref in GPGDefaults.o
"_OBJC_CLASS_$_NSUserDefaults", referenced from:
objc-class-ref in GPGDefaults.o
ld: symbol(s) not found for architecture x86_64
Presently, gnupg1compat only works with gnupg22. Without this change, the error
```
error: attribute 'version' missing, at .../nixpkgs/pkgs/tools/security/gnupg/1compat.nix:4:26
```
is emitted when evaluating
```
pkgs.gnupg1compat.override { gnupg = pkgs.gnupg20; }'
```
In a few cases it wasn't clear so I left them as-is.
While visiting these moved other things to nativeBuildInputs
when it was clear they were one of these cases:
* makeWrapper
* archive utilities (in order to unpack src)
* a few of these might no longer be needed but leaving for another day
This tool is necessary in order to update the firmware of the secoder.
The reason I've added this to a separate output "tools" is because it
clearly is not relevant for the PCSC driver itself and it's also very
rarely needed.
I've also verified wether the closure of the PCSC plugin env still only
contains the main output and that's the case.
There are also other tools - cjBingoTest and cjgeldkarte, where the
former doesn't compile due to cjeca32.h not being found and cjgeldkarte,
which does compile but tries to dlopen() the library and subsequently
fails.
Both of these tools however look like they're just performing tests and
are not very useful outside of development, so I opted to not include
them.
Signed-off-by: aszlig <aszlig@nix.build>
3.99.5_SP12:
* Add support for cyberJack one MF
3.99.5_SP11:
* Add support for cyberJack one
3.99.5_SP10:
* Add support for SHUReader and SISReader
* Update to the Reiner-SCT repository rev cyberJack@1305
Signed-off-by: aszlig <aszlig@nix.build>
Could be caused by our older 10.10.5 CoreFoundation.
# github.com/segmentio/aws-okta/vendor/github.com/keybase/go-keychain
go/src/github.com/segmentio/aws-okta/vendor/github.com/keybase/go-keychain/corefoundation_go110.go:35:33: cannot use nil as type _Ctype_CFAllocatorRef in argument to _Cfunc_CFDataCreate
go/src/github.com/segmentio/aws-okta/vendor/github.com/keybase/go-keychain/corefoundation_go110.go:61: cannot use nil as type _Ctype_CFAllocatorRef in argument to func literal
go/src/github.com/segmentio/aws-okta/vendor/github.com/keybase/go-keychain/corefoundation_go110.go:98:41: cannot use nil as type _Ctype_CFAllocatorRef in argument to _Cfunc_CFStringCreateWithBytes
go/src/github.com/segmentio/aws-okta/vendor/github.com/keybase/go-keychain/corefoundation_go110.go:133: cannot use nil as type _Ctype_CFAllocatorRef in argument to func literal
/cc ZHF #45961
password-store on Darwin does not pass unit tests in sandboxed
builds:
- 'openssl base64' is used on Darwin to compute base64. Add openssl
to the environment of pass.
- t0200-edit-tests.sh tests 'pass edit', which uses hdid on Darwin.
However hdid is not available in the sandbox.
Since years I'm not maintaining anything of the list below other
than some updates when I needed them for some reason. Other people
is doing that maintenance on my behalf so I better take me out but
for very few packages. Finally!
The updated version brings selective whitelisting, i.e. when some CVEs
of a package are whitelisted and others are not, only the new CVEs are
reported.
Also correct license to match upstream BSD-3-Clause and clean up source.
This makes the command ‘nix-env -qa -f. --arg config '{skipAliases =
true;}'’ work in Nixpkgs.
Misc...
- qtikz: use libsForQt5.callPackage
This ensures we get the right poppler.
- rewrites:
docbook5_xsl -> docbook_xsl_ns
docbook_xml_xslt -> docbook_xsl
diffpdf: fixup
Not every package that needs xcbuild will want to use its build phase.
I have moved the xcbuild setup hook to the new attribute xcbuildHook.
This means that dontUseXcbuild is no longer needed. If you just need
to call xcbuild on its own you can just refer to xcbuild.
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/lynis/versions.
<details><summary>Version release notes (from GitHub)</summary>
## Lynis 2.6.6 (2018-07-06)
### Improvements
* New format of changelog (https://keepachangelog.com/en/1.0.0/)
* KRNL-5830 - improved log text about running kernel version
### Fixed
* Under some condition no hostid2 value was reported
* Solved 'extra operand' issue with tr command</details>
These checks were done:
- built on NixOS
- /nix/store/ds1yfrg5q01q8j64yggb3p5ib5crg26c-lynis-2.6.6/bin/lynis passed the binary check.
- /nix/store/ds1yfrg5q01q8j64yggb3p5ib5crg26c-lynis-2.6.6/bin/.lynis-wrapped passed the binary check.
- 2 of 2 passed binary check by having a zero exit code.
- 2 of 2 passed binary check by having the new version present in output.
- found 2.6.6 with grep in /nix/store/ds1yfrg5q01q8j64yggb3p5ib5crg26c-lynis-2.6.6
- directory tree listing: https://gist.github.com/1539c4e988dbc040136beb3577edd526
- du listing: https://gist.github.com/149b0c5b68a57473edf905b2bb6c03a8
* treewide: http -> https sources
This updates the source urls of all top-level packages from http to
https where possible.
* buildtorrent: fix url and tab -> spaces
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/eid-mw/versions.
These checks were done:
- built on NixOS
- Warning: no invocation of /nix/store/sis599r39a2g7kvnv1d09l6sy6kn45l0-eid-mw-4.4.3/bin/eid-viewer had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/sis599r39a2g7kvnv1d09l6sy6kn45l0-eid-mw-4.4.3/bin/.eid-viewer-wrapped had a zero exit code or showed the expected version
- /nix/store/sis599r39a2g7kvnv1d09l6sy6kn45l0-eid-mw-4.4.3/bin/beid-update-nssdb passed the binary check.
- /nix/store/sis599r39a2g7kvnv1d09l6sy6kn45l0-eid-mw-4.4.3/bin/eid-nssdb passed the binary check.
- 2 of 4 passed binary check by having a zero exit code.
- 0 of 4 passed binary check by having the new version present in output.
- found 4.4.3 with grep in /nix/store/sis599r39a2g7kvnv1d09l6sy6kn45l0-eid-mw-4.4.3
- directory tree listing: https://gist.github.com/3bca8b9d321e62009daf1d388923ec47
- du listing: https://gist.github.com/64220a7b5b960cbd2ec3bb5f61c93a29
Adds a new package, saml2aws, a CLI tool for managaing AWS logins via
SAML. For more information see https://github.com/Versent/saml2aws.
* Add nix expression to build the package.
* Add myself as a maintainer.
gopass tries to write a version number to it's configuaration, even when
just generating the shell completion scripts. This fails, as
/homeless-shelter is read-only inside the sandbox.
As error messages are printed to stdout instead of stderr
(see https://github.com/gopasspw/gopass/issues/877), the error message
lands inside the completion script, thus breaking it.
Workaround that by setting GOPASS_CONFIG to `/dev/null`
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/gnupg/versions.
These checks were done:
- built on NixOS
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpgsplit passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpg passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpgv passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpg-zip passed the binary check.
- 4 of 4 passed binary check by having a zero exit code.
- 1 of 4 passed binary check by having the new version present in output.
- found 1.4.23 with grep in /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23
- directory tree listing: https://gist.github.com/37dc2e87340f0983866c3c125172de27
- du listing: https://gist.github.com/4a84db46e37bd6d372fe020cc7826838
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/stoken/versions.
These checks were done:
- built on NixOS
- /nix/store/hygpmiw7a636bsydqyrkh1rqiw5f36nh-stoken-0.92/bin/stoken passed the binary check.
- Warning: no invocation of /nix/store/hygpmiw7a636bsydqyrkh1rqiw5f36nh-stoken-0.92/bin/stoken-gui had a zero exit code or showed the expected version
- 1 of 2 passed binary check by having a zero exit code.
- 0 of 2 passed binary check by having the new version present in output.
- found 0.92 with grep in /nix/store/hygpmiw7a636bsydqyrkh1rqiw5f36nh-stoken-0.92
- directory tree listing: https://gist.github.com/4e9af90c5364e054183e3b51d2ec5d7a
- du listing: https://gist.github.com/7671604980c1e3ec7cb11d47ad4f521d
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/eid-mw/versions.
These checks were done:
- built on NixOS
- Warning: no invocation of /nix/store/fb82i287dxzdi7iymk84yyvrx5ph4x41-eid-mw-4.4.2/bin/eid-viewer had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/fb82i287dxzdi7iymk84yyvrx5ph4x41-eid-mw-4.4.2/bin/.eid-viewer-wrapped had a zero exit code or showed the expected version
- /nix/store/fb82i287dxzdi7iymk84yyvrx5ph4x41-eid-mw-4.4.2/bin/beid-update-nssdb passed the binary check.
- /nix/store/fb82i287dxzdi7iymk84yyvrx5ph4x41-eid-mw-4.4.2/bin/eid-nssdb passed the binary check.
- 2 of 4 passed binary check by having a zero exit code.
- 0 of 4 passed binary check by having the new version present in output.
- found 4.4.2 with grep in /nix/store/fb82i287dxzdi7iymk84yyvrx5ph4x41-eid-mw-4.4.2
- directory tree listing: https://gist.github.com/9bc7e47978cdc6d1c57b60a0cdf06ffc
- du listing: https://gist.github.com/8f3d2be711226cec456c9d62c6e114d6
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/opensc/versions.
These checks were done:
- built on NixOS
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/opensc-tool passed the binary check.
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/opensc-explorer had a zero exit code or showed the expected version
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/opensc-notify passed the binary check.
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/pkcs15-tool had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/pkcs15-crypt had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/pkcs11-tool had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/cardos-tool had a zero exit code or showed the expected version
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/eidenv passed the binary check.
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/openpgp-tool passed the binary check.
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/iasecc-tool had a zero exit code or showed the expected version
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/egk-tool passed the binary check.
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/opensc-asn1 passed the binary check.
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/cryptoflex-tool had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/pkcs15-init had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/netkey-tool had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/piv-tool had a zero exit code or showed the expected version
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/westcos-tool passed the binary check.
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/sc-hsm-tool passed the binary check.
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/dnie-tool had a zero exit code or showed the expected version
- /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/gids-tool passed the binary check.
- Warning: no invocation of /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0/bin/npa-tool had a zero exit code or showed the expected version
- 9 of 21 passed binary check by having a zero exit code.
- 3 of 21 passed binary check by having the new version present in output.
- found 0.18.0 with grep in /nix/store/4dhwvyjqklvgf9a1mgdw1grkg8vlswv5-opensc-0.18.0
- directory tree listing: https://gist.github.com/1276953ac55af68ec597ce6744192684
- du listing: https://gist.github.com/b02c245b9a13433013450fc258e41a01
This commit adds the python3 application truffleHog, which is a stand-alone tool
that scans a git repo for unencrypted passwords.
This depends on a newer GitPython, which depends on a new major version of
gitdb, which depends on a new major version of smmap, so I've packaged those
as well in the preceding commits.
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/lynis/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/6z5szmm4m9jix1062zrp1m556g75lbwf-lynis-2.6.4/bin/lynis -V’ and found version 2.6.4
- ran ‘/nix/store/6z5szmm4m9jix1062zrp1m556g75lbwf-lynis-2.6.4/bin/lynis --version’ and found version 2.6.4
- ran ‘/nix/store/6z5szmm4m9jix1062zrp1m556g75lbwf-lynis-2.6.4/bin/.lynis-wrapped -V’ and found version 2.6.4
- ran ‘/nix/store/6z5szmm4m9jix1062zrp1m556g75lbwf-lynis-2.6.4/bin/.lynis-wrapped --version’ and found version 2.6.4
- found 2.6.4 with grep in /nix/store/6z5szmm4m9jix1062zrp1m556g75lbwf-lynis-2.6.4
- directory tree listing: https://gist.github.com/bb3a08cde57013b3af4f2511af3cc77c
This is another dependency needed when invoked with "gopass -c".
I opted for xclip instead of xsel, because xclip is tried first in
order.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @andir, @suvash, @mkaito
Urgent version bump as tax season is coming and 4.1.19 is not compatible
with firefox anymore.
eid-viewer was merged upstream with eid-mw, so it is included here now.
Urgent version bump as tax season is coming and 4.1.19 is not compatible
with firefox anymore.
eid-viewer was merged upstream with eid-mw, so it is included here now.
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/sudo/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23/bin/cvtsudoers -h’ got 0 exit code
- ran ‘/nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23/bin/cvtsudoers --help’ got 0 exit code
- ran ‘/nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23/bin/sudoreplay -h’ got 0 exit code
- ran ‘/nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23/bin/sudoreplay --help’ got 0 exit code
- ran ‘/nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23/bin/sudoreplay -V’ and found version 1.8.23
- ran ‘/nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23/bin/sudoreplay --version’ and found version 1.8.23
- ran ‘/nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23/bin/visudo -h’ got 0 exit code
- ran ‘/nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23/bin/visudo --help’ got 0 exit code
- found 1.8.23 with grep in /nix/store/d2g0ybmppcar8k38jjiqqdz8s3knwrrm-sudo-1.8.23
- directory tree listing: https://gist.github.com/4d6cfc75cde31a340e8a41bf3d969564
"platforms.gnu" has been linux-only since at least 17.03:
$ nix eval -f channel:nixos-17.03 lib.platforms.gnu
[ "i686-linux" "x86_64-linux" "armv5tel-linux" "armv6l-linux" "armv7l-linux" "aarch64-linux" "mips64el-linux" ]
Unlike platforms.linux, platforms.gnu indicates "must use glibc"
which for the most part is not intended.
Replacing platforms.gnu with platforms.linux would be the same "today"
but let's err on preserving existing behavior and be optimistic
about platforms these packages work on.