Fixes a number of CVEs:
- a DNS request hijacking vulnerability. (CVE-2017-0902)
- an ANSI escape sequence vulnerability. (CVE-2017-0899)
- a DoS vulnerability in the query command. (CVE-2017-0900)
- a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901)
While we tell pip not to fetch (with the `--no-index` option),
`setuptools` can do so itself. In the past we used a `distutils.cfg`
with `allow-hosts = None` to prevent setuptools from fetching itself.
This was removed when we started building wheels in
2562f94de4e4fd2ddc677187fa2e2848L69.
The `dist-utils.cfg` code was still there, and adding it to
`buildInputs` is sufficient.
Tested with python.pkgs.passlib by removing the `checkInputs` / `nose`.
This reverts commit 0a944b345e, reversing
changes made to 61733ed6cc.
I dislike these massive stdenv changes with unclear motivation,
especially when they involve gratuitous mass renames like NIX_CC ->
NIX_BINUTILS. The previous such rename (NIX_GCC -> NIX_CC) caused
months of pain, so let's not do that again.
It's now the default. /cc #19456
This makes a real build simplification, because in our current
bootstrapping+aliases, `gcc6` attribute is not the default compiler
but a derivation *built by* the default compiler.
nix-exec didn't build before this commit already
test.{support, regrtest} are the internal packages cpython
developers use to write tests.
Although they are not public and the API may change/break
some developers use these packages to write tests for their
(3rd party) software.
The derivations for cpython now only remove the actual tests
but leave the packages in place that are used to write them.
Discussion: https://github.com/NixOS/nixpkgs/pull/28540
* pgadmin: use https homepage
* msn-pecan: move homepage to github
google code is now unavailable
* pidgin-latex: use https for homepage
* pidgin-opensteamworks: use github for homepage
google code is unavailable
* putty: use https for homepage
* ponylang: use https for homepage
* picolisp: use https for homepage
* phonon: use https for homepage
* pugixml: use https for homepage
* pioneer: use https for homepage
* packer: use https for homepage
* pokerth: usee https for homepage
* procps-ng: use https for homepage
* pycaml: use https for homepage
* proot: move homepage to .github.io
* pius: use https for homepage
* pdfread: use https for homepage
* postgresql: use https for homepage
* ponysay: move homepage to new site
* prometheus: use https for homepage
* powerdns: use https for homepage
* pm-utils: use https for homepage
* patchelf: move homepage to https
* tesseract: move homepage to github
* quodlibet: move homepage from google code
* jbrout: move homepage from google code
* eiskaltdcpp: move homepage to github
* nodejs: use https to homepage
* nix: use https for homepage
* pdf2djvu: move homepage from google code
* game-music-emu: move homepage from google code
* vacuum: move homepae from google code
Symbolic links were added pointing to the executables that end with 3 as
part of the Python 2 to 3 migration. At some point I disabled ensurepip
but forgot to remove this symbolic link.
Symbolic links were added pointing to the executables that end with 3 as
part of the Python 2 to 3 migration. At some point I disabled ensurepip
but forgot to remove this symbolic link.
Symbolic links were added pointing to the executables that end with 3 as
part of the Python 2 to 3 migration. At some point I disabled ensurepip
but forgot to remove this symbolic link.
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances