opentoonz: refactor
This commit is contained in:
Naxdy
parent
f96aa0d22f
commit
40be4427ba
|
|
@ -1,12 +1,93 @@
|
|||
{ boost, cmake, fetchFromGitHub, freeglut, freetype, glew, libjpeg, libmypaint
|
||||
, libpng, libtiff, libusb1, lz4, xz, lzo, openblas, opencv, pkg-config, qtbase
|
||||
, qtmultimedia, qtscript, qtserialport, lib, stdenv, superlu, wrapQtAppsHook, }:
|
||||
let source = import ./source.nix { inherit fetchFromGitHub; };
|
||||
in stdenv.mkDerivation rec {
|
||||
inherit (source) src;
|
||||
{ boost
|
||||
, cmake
|
||||
, fetchFromGitHub
|
||||
, freeglut
|
||||
, freetype
|
||||
, glew
|
||||
, libjpeg
|
||||
, libmypaint
|
||||
, libpng
|
||||
, libusb1
|
||||
, lz4
|
||||
, xz
|
||||
, lzo
|
||||
, openblas
|
||||
, opencv
|
||||
, pkg-config
|
||||
, qtbase
|
||||
, qtmultimedia
|
||||
, qtscript
|
||||
, qtserialport
|
||||
, lib
|
||||
, stdenv
|
||||
, superlu
|
||||
, wrapQtAppsHook
|
||||
, libtiff
|
||||
, zlib
|
||||
}:
|
||||
let
|
||||
libtiff-ver = "4.0.3"; # The version in thirdparty/tiff-*
|
||||
opentoonz-ver = "1.7.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "opentoonz";
|
||||
repo = "opentoonz";
|
||||
rev = "v${opentoonz-ver}";
|
||||
hash = "sha256-5iXOvh4QTv+G0fjEHU62u7QCee+jbvKhK0+fQXbdJis=";
|
||||
};
|
||||
|
||||
opentoonz-opencv = opencv.override {
|
||||
inherit libtiff;
|
||||
};
|
||||
|
||||
opentoonz-libtiff = stdenv.mkDerivation {
|
||||
pname = "libtiff";
|
||||
version = "${libtiff-ver}-opentoonz";
|
||||
|
||||
inherit src;
|
||||
outputs = [ "bin" "dev" "out" "man" "doc" ];
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
propagatedBuildInputs = [ zlib libjpeg xz ];
|
||||
|
||||
postUnpack = ''
|
||||
sourceRoot="$sourceRoot/thirdparty/tiff-${libtiff-ver}"
|
||||
'';
|
||||
|
||||
# opentoonz uses internal libtiff headers
|
||||
postInstall = ''
|
||||
cp libtiff/{tif_config,tif_dir,tiffiop}.h $dev/include
|
||||
'';
|
||||
|
||||
meta = libtiff.meta // {
|
||||
knownVulnerabilities = [
|
||||
''
|
||||
Do not open untrusted files with Opentoonz:
|
||||
Opentoonz uses an old custom fork of tibtiff from 2012 that is known to
|
||||
be affected by at least these 50 vulnerabilities:
|
||||
CVE-2012-4564 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2014-8127
|
||||
CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2015-1547
|
||||
CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2015-8870
|
||||
CVE-2016-3620 CVE-2016-3621 CVE-2016-3623 CVE-2016-3624 CVE-2016-3625
|
||||
CVE-2016-3631 CVE-2016-3632 CVE-2016-3633 CVE-2016-3634 CVE-2016-3658
|
||||
CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5102 CVE-2016-5314
|
||||
CVE-2016-5315 CVE-2016-5316 CVE-2016-5318 CVE-2016-5319 CVE-2016-5321
|
||||
CVE-2016-5322 CVE-2016-5323 CVE-2016-6223 CVE-2016-9453 CVE-2016-9532
|
||||
CVE-2017-9935 CVE-2017-9937 CVE-2018-10963 CVE-2018-5360
|
||||
CVE-2019-14973 CVE-2019-17546 CVE-2020-35521 CVE-2020-35522
|
||||
CVE-2020-35523 CVE-2020-35524
|
||||
More info at https://github.com/opentoonz/opentoonz/issues/4193
|
||||
''
|
||||
];
|
||||
maintainers = with lib.maintainers; [ chkno ];
|
||||
};
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
inherit src;
|
||||
|
||||
pname = "opentoonz";
|
||||
version = source.versions.opentoonz;
|
||||
version = opentoonz-ver;
|
||||
|
||||
nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ];
|
||||
|
||||
|
|
@ -18,13 +99,13 @@ in stdenv.mkDerivation rec {
|
|||
libjpeg
|
||||
libmypaint
|
||||
libpng
|
||||
libtiff
|
||||
opentoonz-libtiff
|
||||
libusb1
|
||||
lz4
|
||||
xz
|
||||
lzo
|
||||
openblas
|
||||
opencv
|
||||
opentoonz-opencv
|
||||
qtbase
|
||||
qtmultimedia
|
||||
qtscript
|
||||
|
|
@ -37,9 +118,9 @@ in stdenv.mkDerivation rec {
|
|||
cmakeDir = "../sources";
|
||||
cmakeFlags = [
|
||||
"-DCMAKE_SKIP_BUILD_RPATH=ON"
|
||||
"-DTIFF_INCLUDE_DIR=${libtiff.dev}/include"
|
||||
"-DTIFF_LIBRARY=${libtiff.out}/lib/libtiff.so"
|
||||
"-DCMAKE_SKIP_BUILD_RPATH=ON"
|
||||
"-DTIFF_INCLUDE_DIR=${opentoonz-libtiff.dev}/include"
|
||||
"-DTIFF_LIBRARY=${opentoonz-libtiff.out}/lib/libtiff.so"
|
||||
(lib.cmakeBool "CMAKE_SKIP_BUILD_RPATH" true)
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
|
|
|
|||
|
|
@ -1,56 +0,0 @@
|
|||
# Per https://github.com/opentoonz/opentoonz/blob/master/doc/how_to_build_linux.md ,
|
||||
# opentoonz requires its own modified version of libtiff. We still build it as
|
||||
# a separate package
|
||||
# 1. For visibility for tools like vulnix, and
|
||||
# 2. To avoid a diamond-dependency problem with opencv linking the normal libtiff
|
||||
# and opentoonz linking opencv and this modified libtiff, we build an opencv
|
||||
# against this modified libtiff as well.
|
||||
#
|
||||
# We use a separate mkDerivation rather than a minimal libtiff.overrideAttrs
|
||||
# because the main libtiff builds with cmake and this version of libtiff was
|
||||
# forked before libtiff gained CMake build capability (added in libtiff-4.0.5).
|
||||
|
||||
{ lib, fetchFromGitHub, stdenv, pkg-config, zlib, libjpeg, xz, libtiff, }:
|
||||
|
||||
let source = import ./source.nix { inherit fetchFromGitHub; };
|
||||
|
||||
in stdenv.mkDerivation {
|
||||
pname = "libtiff";
|
||||
version = source.versions.libtiff + "-opentoonz";
|
||||
|
||||
inherit (source) src;
|
||||
outputs = [ "bin" "dev" "out" "man" "doc" ];
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
propagatedBuildInputs = [ zlib libjpeg xz ];
|
||||
|
||||
postUnpack = ''
|
||||
sourceRoot="$sourceRoot/thirdparty/tiff-${source.versions.libtiff}"
|
||||
'';
|
||||
|
||||
# opentoonz uses internal libtiff headers
|
||||
postInstall = ''
|
||||
cp libtiff/{tif_config,tif_dir,tiffiop}.h $dev/include
|
||||
'';
|
||||
|
||||
meta = libtiff.meta // {
|
||||
knownVulnerabilities = [''
|
||||
Do not open untrusted files with Opentoonz:
|
||||
Opentoonz uses an old custom fork of tibtiff from 2012 that is known to
|
||||
be affected by at least these 50 vulnerabilities:
|
||||
CVE-2012-4564 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2014-8127
|
||||
CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2015-1547
|
||||
CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2015-8870
|
||||
CVE-2016-3620 CVE-2016-3621 CVE-2016-3623 CVE-2016-3624 CVE-2016-3625
|
||||
CVE-2016-3631 CVE-2016-3632 CVE-2016-3633 CVE-2016-3634 CVE-2016-3658
|
||||
CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5102 CVE-2016-5314
|
||||
CVE-2016-5315 CVE-2016-5316 CVE-2016-5318 CVE-2016-5319 CVE-2016-5321
|
||||
CVE-2016-5322 CVE-2016-5323 CVE-2016-6223 CVE-2016-9453 CVE-2016-9532
|
||||
CVE-2017-9935 CVE-2017-9937 CVE-2018-10963 CVE-2018-5360
|
||||
CVE-2019-14973 CVE-2019-17546 CVE-2020-35521 CVE-2020-35522
|
||||
CVE-2020-35523 CVE-2020-35524
|
||||
More info at https://github.com/opentoonz/opentoonz/issues/4193
|
||||
''];
|
||||
maintainers = with lib.maintainers; [ chkno ];
|
||||
};
|
||||
}
|
||||
|
|
@ -1,16 +0,0 @@
|
|||
# opentoonz's source archive contains both opentoonz's source and a modified
|
||||
# version of libtiff that opentoonz requires.
|
||||
|
||||
{ fetchFromGitHub }: rec {
|
||||
versions = {
|
||||
opentoonz = "1.7.1";
|
||||
libtiff = "4.0.3"; # The version in thirdparty/tiff-*
|
||||
};
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "opentoonz";
|
||||
repo = "opentoonz";
|
||||
rev = "v${versions.opentoonz}";
|
||||
hash = "sha256-5iXOvh4QTv+G0fjEHU62u7QCee+jbvKhK0+fQXbdJis=";
|
||||
};
|
||||
}
|
||||
|
|
@ -33868,12 +33868,7 @@ with pkgs;
|
|||
|
||||
opentimestamps-client = python3Packages.callPackage ../tools/misc/opentimestamps-client { };
|
||||
|
||||
opentoonz = let
|
||||
opentoonz-libtiff = callPackage ../applications/graphics/opentoonz/libtiff.nix { };
|
||||
in qt5.callPackage ../applications/graphics/opentoonz {
|
||||
libtiff = opentoonz-libtiff;
|
||||
opencv = opencv.override { libtiff = opentoonz-libtiff; };
|
||||
};
|
||||
opentoonz = libsForQt5.callPackage ../applications/graphics/opentoonz { };
|
||||
|
||||
opentabletdriver = callPackage ../tools/X11/opentabletdriver { };
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue