colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge master into haskell-updates

Browse Source
This commit is contained in:
github-actions[bot] 2023-05-28 00:14:04 +00:00 committed by GitHub
commit 53e76520b9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
165 changed files with 1595 additions and 585 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/languages-frameworks/go.section.md
View File

@ -19,7 +19,7 @@ In the following is an example expression using `buildGoModule`, the following a
To avoid updating this field when dependencies change, run `go mod vendor` in your source repo and set `vendorHash = null;`
To obtain the actual hash, set `vendorHash = lib.fakeSha256;` and run the build ([more details here](#sec-source-hashes)).
- `proxyVendor`: Fetches (go mod download) and proxies the vendor directory. This is useful if your code depends on c code and go mod tidy does not include the needed sources to build or if any dependency has case-insensitive conflicts which will produce platform dependant `vendorHash` checksums.
- `proxyVendor`: Fetches (go mod download) and proxies the vendor directory. This is useful if your code depends on c code and go mod tidy does not include the needed sources to build or if any dependency has case-insensitive conflicts which will produce platform-dependent `vendorHash` checksums.
- `modPostBuild`: Shell commands to run after the build of the go-modules executes `go mod vendor`, and before calculating fixed output derivation's `vendorHash` (or `vendorSha256`). Note that if you change this attribute, you need to update `vendorHash` (or `vendorSha256`) attribute.
```nix

11
maintainers/maintainer-list.nix
View File

@ -9670,6 +9670,12 @@
githubId = 346094;
name = "Michael Alyn Miller";
};
mangoiv = {
email = "contact@mangoiv.com";
github = "mangoiv";
githubId = 40720523;
name = "MangoIV";
};
manojkarthick = {
email = "smanojkarthick@gmail.com";
github = "manojkarthick";
@ -11044,6 +11050,11 @@
githubId = 1009523;
name = "Ashijit Pramanik";
};
name-snrl = {
github = "name-snrl";
githubId = 72071763;
name = "Yusup Urazaev";
};
namore = {
email = "namor@hemio.de";
github = "namore";

6
nixos/doc/manual/release-notes/rl-2311.section.md
View File

@ -10,10 +10,16 @@
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- [river](https://github.com/riverwm/river), A dynamic tiling wayland compositor. Available as [programs.river](#opt-programs.river.enable).
## Backward Incompatibilities {#sec-release-23.11-incompatibilities}
- The latest version of `clonehero` now stores custom content in `~/.clonehero`. See the [migration instructions](https://clonehero.net/2022/11/29/v23-to-v1-migration-instructions.html). Typically, these content files would exist along side the binary, but the previous build used a wrapper script that would store them in `~/.config/unity3d/srylain Inc_/Clone Hero`.
- `etcd` has been updated to 3.5, you will want to read the [3.3 to 3.4](https://etcd.io/docs/v3.5/upgrades/upgrade_3_4/) and [3.4 to 3.5](https://etcd.io/docs/v3.5/upgrades/upgrade_3_5/) upgrade guides
## Other Notable Changes {#sec-release-23.11-notable-changes}
- A new option was added to the virtualisation module that enables specifying explicitly named network interfaces in QEMU VMs. The existing `virtualisation.vlans` is still supported for cases where the name of the network interface is irrelevant.
- `services.nginx` gained a `defaultListen` option at server-level with support for PROXY protocol listeners, also `proxyProtocol` is now exposed in `services.nginx.virtualHosts.<name>.listen` option. It is now possible to run PROXY listeners and non-PROXY listeners at a server-level, see [#213510](https://github.com/NixOS/nixpkgs/pull/213510/) for more details.

5
nixos/lib/test-driver/test_driver/driver.py
View File

@ -163,11 +163,6 @@ class Driver:
machine.wait_for_shutdown()
def create_machine(self, args: Dict[str, Any]) -> Machine:
rootlog.warning(
"Using legacy create_machine(), please instantiate the"
"Machine class directly, instead"
)
tmp_dir = get_tmp_dir()
if args.get("startCommand"):

4
nixos/lib/test-driver/test_driver/machine.py
View File

@ -369,8 +369,8 @@ class Machine:
@staticmethod
def create_startcommand(args: Dict[str, str]) -> StartCommand:
rootlog.warning(
"Using legacy create_startcommand(),"
"please use proper nix test vm instrumentation, instead"
"Using legacy create_startcommand(), "
"please use proper nix test vm instrumentation, instead "
"to generate the appropriate nixos test vm qemu startup script"
)
hda = None

7
nixos/modules/module-list.nix
View File

@ -241,7 +241,6 @@
./programs/starship.nix
./programs/steam.nix
./programs/streamdeck-ui.nix
./programs/sway.nix
./programs/sysdig.nix
./programs/system-config-printer.nix
./programs/systemtap.nix
@ -256,7 +255,9 @@
./programs/usbtop.nix
./programs/vim.nix
./programs/wavemon.nix
./programs/waybar.nix
./programs/wayland/river.nix
./programs/wayland/sway.nix
./programs/wayland/waybar.nix
./programs/weylus.nix
./programs/wireshark.nix
./programs/xastir.nix
@ -911,6 +912,7 @@
./services/networking/knot.nix
./services/networking/kresd.nix
./services/networking/lambdabot.nix
./services/networking/legit.nix
./services/networking/libreswan.nix
./services/networking/lldpd.nix
./services/networking/logmein-hamachi.nix
@ -1309,7 +1311,6 @@
./services/x11/window-managers/default.nix
./services/x11/window-managers/fluxbox.nix
./services/x11/window-managers/icewm.nix
./services/x11/window-managers/bspwm.nix
./services/x11/window-managers/katriawm.nix
./services/x11/window-managers/metacity.nix
./services/x11/window-managers/nimdow.nix

59
nixos/modules/programs/wayland/river.nix Normal file
View File

@ -0,0 +1,59 @@
{
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.programs.river;
in {
options.programs.river = {
enable = mkEnableOption (lib.mdDoc "river, a dynamic tiling Wayland compositor");
package = mkOption {
type = with types; nullOr package;
default = pkgs.river;
defaultText = literalExpression "pkgs.river";
description = lib.mdDoc ''
River package to use.
Set to `null` to not add any River package to your path.
This should be done if you want to use the Home Manager River module to install River.
'';
};
extraPackages = mkOption {
type = with types; listOf package;
default = with pkgs; [
swaylock
foot
dmenu
];
defaultText = literalExpression ''
with pkgs; [ swaylock foot dmenu ];
'';
example = literalExpression ''
with pkgs; [
termite rofi light
]
'';
description = lib.mdDoc ''
Extra packages to be installed system wide. See
[Common X11 apps used on i3 with Wayland alternatives](https://github.com/swaywm/sway/wiki/i3-Migration-Guide#common-x11-apps-used-on-i3-with-wayland-alternatives)
for a list of useful software.
'';
};
};
config =
mkIf cfg.enable (mkMerge [
{
environment.systemPackages = optional (cfg.package != null) cfg.package ++ cfg.extraPackages;
# To make a river session available if a display manager like SDDM is enabled:
programs.xwayland.enable = mkDefault true;
}
(import ./wayland-session.nix { inherit lib pkgs; })
]);
meta.maintainers = with lib.maintainers; [ GaetanLepage ];
}

63
nixos/modules/programs/sway.nix → nixos/modules/programs/wayland/sway.nix
View File

@ -123,41 +123,36 @@ in {
};
config = mkIf cfg.enable {
assertions = [
config = mkIf cfg.enable
(mkMerge [
{
assertion = cfg.extraSessionCommands != "" -> cfg.wrapperFeatures.base;
message = ''
The extraSessionCommands for Sway will not be run if
wrapperFeatures.base is disabled.
'';
}
];
environment = {
systemPackages = optional (cfg.package != null) cfg.package ++ cfg.extraPackages;
# Needed for the default wallpaper:
pathsToLink = optionals (cfg.package != null) [ "/share/backgrounds/sway" ];
etc = {
"sway/config.d/nixos.conf".source = pkgs.writeText "nixos.conf" ''
# Import the most important environment variables into the D-Bus and systemd
# user environments (e.g. required for screen sharing and Pinentry prompts):
exec dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP
'';
} // optionalAttrs (cfg.package != null) {
"sway/config".source = mkOptionDefault "${cfg.package}/etc/sway/config";
};
};
security.polkit.enable = true;
security.pam.services.swaylock = {};
hardware.opengl.enable = mkDefault true;
fonts.enableDefaultFonts = mkDefault true;
programs.dconf.enable = mkDefault true;
# To make a Sway session available if a display manager like SDDM is enabled:
services.xserver.displayManager.sessionPackages = optionals (cfg.package != null) [ cfg.package ];
programs.xwayland.enable = mkDefault true;
# For screen sharing (this option only has an effect with xdg.portal.enable):
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-wlr ];
};
assertions = [
{
assertion = cfg.extraSessionCommands != "" -> cfg.wrapperFeatures.base;
message = ''
The extraSessionCommands for Sway will not be run if
wrapperFeatures.base is disabled.
'';
}
];
environment = {
systemPackages = optional (cfg.package != null) cfg.package ++ cfg.extraPackages;
# Needed for the default wallpaper:
pathsToLink = optionals (cfg.package != null) [ "/share/backgrounds/sway" ];
etc = {
"sway/config.d/nixos.conf".source = pkgs.writeText "nixos.conf" ''
# Import the most important environment variables into the D-Bus and systemd
# user environments (e.g. required for screen sharing and Pinentry prompts):
exec dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP
'';
} // optionalAttrs (cfg.package != null) {
"sway/config".source = mkOptionDefault "${cfg.package}/etc/sway/config";
};
};
# To make a Sway session available if a display manager like SDDM is enabled:
services.xserver.displayManager.sessionPackages = optionals (cfg.package != null) [ cfg.package ]; }
(import ./wayland-session.nix { inherit lib pkgs; })
]);
meta.maintainers = with lib.maintainers; [ primeos colemickens ];
}

0
nixos/modules/programs/waybar.nix → nixos/modules/programs/wayland/waybar.nix
View File

23
nixos/modules/programs/wayland/wayland-session.nix Normal file
View File

@ -0,0 +1,23 @@
{ lib, pkgs, ... }: with lib; {
security = {
polkit.enable = true;
pam.services.swaylock = {};
};
hardware.opengl.enable = mkDefault true;
fonts.enableDefaultFonts = mkDefault true;
programs = {
dconf.enable = mkDefault true;
xwayland.enable = mkDefault true;
};
xdg.portal = {
enable = mkDefault true;
extraPortals = [
# For screen sharing
pkgs.xdg-desktop-portal-wlr
];
};
}

3
nixos/modules/services/matrix/mautrix-facebook.nix
View File

@ -29,6 +29,7 @@ in {
};
appservice = rec {
id = "facebook";
address = "http://${hostname}:${toString port}";
hostname = "localhost";
port = 29319;
@ -171,7 +172,7 @@ in {
services.mautrix-facebook = {
registrationData = {
id = "mautrix-facebook";
id = cfg.settings.appservice.id;
namespaces = {
users = [

6
nixos/modules/services/misc/etcd.nix
View File

@ -15,6 +15,8 @@ in {
type = types.bool;
};
package = mkPackageOptionMD pkgs "etcd" { };
name = mkOption {
description = lib.mdDoc "Etcd unique node name.";
default = config.networking.hostName;
@ -187,13 +189,13 @@ in {
serviceConfig = {
Type = "notify";
ExecStart = "${pkgs.etcd}/bin/etcd";
ExecStart = "${cfg.package}/bin/etcd";
User = "etcd";
LimitNOFILE = 40000;
};
};
environment.systemPackages = [ pkgs.etcd ];
environment.systemPackages = [ cfg.package ];
users.users.etcd = {
isSystemUser = true;

182
nixos/modules/services/networking/legit.nix Normal file
View File

@ -0,0 +1,182 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
literalExpression
mkEnableOption
mdDoc
mkIf
mkOption
mkPackageOptionMD
optionalAttrs
optional
types;
cfg = config.services.legit;
yaml = pkgs.formats.yaml { };
configFile = yaml.generate "legit.yaml" cfg.settings;
defaultStateDir = "/var/lib/legit";
defaultStaticDir = "${cfg.settings.repo.scanPath}/static";
defaultTemplatesDir = "${cfg.settings.repo.scanPath}/templates";
in
{
options.services.legit = {
enable = mkEnableOption (mdDoc "legit git web frontend");
package = mkPackageOptionMD pkgs "legit-web" { };
user = mkOption {
type = types.str;
default = "legit";
description = mdDoc "User account under which legit runs.";
};
group = mkOption {
type = types.str;
default = "legit";
description = mdDoc "Group account under which legit runs.";
};
settings = mkOption {
default = { };
description = mdDoc ''
The primary legit configuration. See the
[sample configuration](https://github.com/icyphox/legit/blob/master/config.yaml)
for possible values.
'';
type = types.submodule {
options.repo = {
scanPath = mkOption {
type = types.path;
default = defaultStateDir;
description = mdDoc "Directory where legit will scan for repositories.";
};
readme = mkOption {
type = types.listOf types.str;
default = [ ];
description = mdDoc "Readme files to look for.";
};
mainBranch = mkOption {
type = types.listOf types.str;
default = [ "main" "master" ];
description = mdDoc "Main branch to look for.";
};
ignore = mkOption {
type = types.listOf types.str;
default = [ ];
description = mdDoc "Repositories to ignore.";
};
};
options.dirs = {
templates = mkOption {
type = types.path;
default = "${pkgs.legit-web}/lib/legit/templates";
defaultText = literalExpression ''"''${pkgs.legit-web}/lib/legit/templates"'';
description = mdDoc "Directories where template files are located.";
};
static = mkOption {
type = types.path;
default = "${pkgs.legit-web}/lib/legit/static";
defaultText = literalExpression ''"''${pkgs.legit-web}/lib/legit/static"'';
description = mdDoc "Directories where static files are located.";
};
};
options.meta = {
title = mkOption {
type = types.str;
default = "legit";
description = mdDoc "Website title.";
};
description = mkOption {
type = types.str;
default = "git frontend";
description = mdDoc "Website description.";
};
};
options.server = {
name = mkOption {
type = types.str;
default = "localhost";
description = mdDoc "Server name.";
};
host = mkOption {
type = types.str;
default = "127.0.0.1";
description = mdDoc "Host address.";
};
port = mkOption {
type = types.port;
default = 5555;
description = mdDoc "Legit port.";
};
};
};
};
};
config = mkIf cfg.enable {
users.groups = optionalAttrs (cfg.group == "legit") {
"${cfg.group}" = { };
};
users.users = optionalAttrs (cfg.user == "legit") {
"${cfg.user}" = {
group = cfg.group;
isSystemUser = true;
};
};
systemd.services.legit = {
description = "legit git frontend";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
restartTriggers = [ configFile ];
serviceConfig = {
Type = "simple";
User = cfg.user;
Group = cfg.group;
ExecStart = "${cfg.package}/bin/legit -config ${configFile}";
Restart = "always";
WorkingDirectory = cfg.settings.repo.scanPath;
StateDirectory = [ ] ++
optional (cfg.settings.repo.scanPath == defaultStateDir) "legit" ++
optional (cfg.settings.dirs.static == defaultStaticDir) "legit/static" ++
optional (cfg.settings.dirs.templates == defaultTemplatesDir) "legit/templates";
# Hardening
CapabilityBoundingSet = [ "" ];
DeviceAllow = [ "" ];
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateTmp = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
ReadWritePaths = cfg.settings.repo.scanPath;
RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged" ];
UMask = "0077";
};
};
};
}

100
nixos/modules/services/web-servers/nginx/default.nix
View File

@ -309,36 +309,54 @@ let
onlySSL = vhost.onlySSL || vhost.enableSSL;
hasSSL = onlySSL || vhost.addSSL || vhost.forceSSL;
# First evaluation of defaultListen based on a set of listen lines.
mkDefaultListenVhost = listenLines:
# If this vhost has SSL or is a SSL rejection host.
# We enable a TLS variant for lines without explicit ssl or ssl = true.
optionals (hasSSL || vhost.rejectSSL)
(map (listen: { port = cfg.defaultSSLListenPort; ssl = true; } // listen)
(filter (listen: !(listen ? ssl) || listen.ssl) listenLines))
# If this vhost is supposed to serve HTTP
# We provide listen lines for those without explicit ssl or ssl = false.
++ optionals (!onlySSL)
(map (listen: { port = cfg.defaultHTTPListenPort; ssl = false; } // listen)
(filter (listen: !(listen ? ssl) || !listen.ssl) listenLines));
defaultListen =
if vhost.listen != [] then vhost.listen
else
if cfg.defaultListen != [] then mkDefaultListenVhost
# Cleanup nulls which will mess up with //.
# TODO: is there a better way to achieve this? i.e. mergeButIgnoreNullPlease?
(map (listenLine: filterAttrs (_: v: (v != null)) listenLine) cfg.defaultListen)
else
let addrs = if vhost.listenAddresses != [] then vhost.listenAddresses else cfg.defaultListenAddresses;
in optionals (hasSSL || vhost.rejectSSL) (map (addr: { inherit addr; port = cfg.defaultSSLListenPort; ssl = true; }) addrs)
++ optionals (!onlySSL) (map (addr: { inherit addr; port = cfg.defaultHTTPListenPort; ssl = false; }) addrs);
in mkDefaultListenVhost (map (addr: { inherit addr; }) addrs);
hostListen =
if vhost.forceSSL
then filter (x: x.ssl) defaultListen
else defaultListen;
listenString = { addr, port, ssl, extraParameters ? [], ... }:
listenString = { addr, port, ssl, proxyProtocol ? false, extraParameters ? [], ... }:
# UDP listener for QUIC transport protocol.
(optionalString (ssl && vhost.quic) ("
listen ${addr}:${toString port} quic "
+ optionalString vhost.default "default_server "
+ optionalString vhost.reuseport "reuseport "
+ optionalString (extraParameters != []) (concatStringsSep " " (
let inCompatibleParameters = [ "ssl" "proxy_protocol" "http2" ];
+ optionalString (extraParameters != []) (concatStringsSep " "
(let inCompatibleParameters = [ "ssl" "proxy_protocol" "http2" ];
isCompatibleParameter = param: !(any (p: p == param) inCompatibleParameters);
in filter isCompatibleParameter extraParameters))
+ ";"))
+ "
listen ${addr}:${toString port} "
+ optionalString (ssl && vhost.http2) "http2 "
+ optionalString ssl "ssl "
+ optionalString vhost.default "default_server "
+ optionalString vhost.reuseport "reuseport "
+ optionalString proxyProtocol "proxy_protocol "
+ optionalString (extraParameters != []) (concatStringsSep " " extraParameters)
+ ";";
@ -539,6 +557,49 @@ in
'';
};
defaultListen = mkOption {
type = with types; listOf (submodule {
options = {
addr = mkOption {
type = str;
description = lib.mdDoc "IP address.";
};
port = mkOption {
type = nullOr port;
description = lib.mdDoc "Port number.";
default = null;
};
ssl = mkOption {
type = nullOr bool;
default = null;
description = lib.mdDoc "Enable SSL.";
};
proxyProtocol = mkOption {
type = bool;
description = lib.mdDoc "Enable PROXY protocol.";
default = false;
};
extraParameters = mkOption {
type = listOf str;
description = lib.mdDoc "Extra parameters of this listen directive.";
default = [ ];
example = [ "backlog=1024" "deferred" ];
};
};
});
default = [];
example = literalExpression ''[
{ addr = "10.0.0.12"; proxyProtocol = true; ssl = true; }
{ addr = "0.0.0.0"; }
{ addr = "[::0]"; }
]'';
description = lib.mdDoc ''
If vhosts do not specify listen, use these addresses by default.
This option takes precedence over {option}`defaultListenAddresses` and
other listen-related defaults options.
'';
};
defaultListenAddresses = mkOption {
type = types.listOf types.str;
default = [ "0.0.0.0" ] ++ optional enableIPv6 "[::0]";
@ -546,6 +607,7 @@ in
example = literalExpression ''[ "10.0.0.12" "[2002:a00:1::]" ]'';
description = lib.mdDoc ''
If vhosts do not specify listenAddresses, use these addresses by default.
This is akin to writing `defaultListen = [ { addr = "0.0.0.0" } ]`.
'';
};
@ -1078,6 +1140,32 @@ in
which can be achieved by setting `services.nginx.package = pkgs.nginxQuic;`.
'';
}
{
# The idea is to understand whether there is a virtual host with a listen configuration
# that requires ACME configuration but has no HTTP listener which will make deterministically fail
# this operation.
# Options' priorities are the following at the moment:
# listen (vhost) > defaultListen (server) > listenAddresses (vhost) > defaultListenAddresses (server)
assertion =
let
hasAtLeastHttpListener = listenOptions: any (listenLine: if listenLine ? proxyProtocol then !listenLine.proxyProtocol else true) listenOptions;
hasAtLeastDefaultHttpListener = if cfg.defaultListen != [] then hasAtLeastHttpListener cfg.defaultListen else (cfg.defaultListenAddresses != []);
in
all (host:
let
hasAtLeastVhostHttpListener = if host.listen != [] then hasAtLeastHttpListener host.listen else (host.listenAddresses != []);
vhostAuthority = host.listen != [] || (cfg.defaultListen == [] && host.listenAddresses != []);
in
# Either vhost has precedence and we need a vhost specific http listener
# Either vhost set nothing and inherit from server settings
host.enableACME -> ((vhostAuthority && hasAtLeastVhostHttpListener) || (!vhostAuthority && hasAtLeastDefaultHttpListener))
) (attrValues virtualHosts);
message = ''
services.nginx.virtualHosts.<name>.enableACME requires a HTTP listener
to answer to ACME requests.
'';
}
] ++ map (name: mkCertOwnershipAssertion {
inherit (cfg) group user;
cert = config.security.acme.certs.${name};

37
nixos/modules/services/web-servers/nginx/vhost-options.nix
View File

@ -27,12 +27,35 @@ with lib;
};
listen = mkOption {
type = with types; listOf (submodule { options = {
addr = mkOption { type = str; description = lib.mdDoc "IP address."; };
port = mkOption { type = port; description = lib.mdDoc "Port number."; default = 80; };
ssl = mkOption { type = bool; description = lib.mdDoc "Enable SSL."; default = false; };
extraParameters = mkOption { type = listOf str; description = lib.mdDoc "Extra parameters of this listen directive."; default = []; example = [ "backlog=1024" "deferred" ]; };
}; });
type = with types; listOf (submodule {
options = {
addr = mkOption {
type = str;
description = lib.mdDoc "IP address.";
};
port = mkOption {
type = port;
description = lib.mdDoc "Port number.";
default = 80;
};
ssl = mkOption {
type = bool;
description = lib.mdDoc "Enable SSL.";
default = false;
};
proxyProtocol = mkOption {
type = bool;
description = lib.mdDoc "Enable PROXY protocol.";
default = false;
};
extraParameters = mkOption {
type = listOf str;
description = lib.mdDoc "Extra parameters of this listen directive.";
default = [ ];
example = [ "backlog=1024" "deferred" ];
};
};
});
default = [];
example = [
{ addr = "195.154.1.1"; port = 443; ssl = true; }
@ -45,7 +68,7 @@ with lib;
and `onlySSL`.
If you only want to set the addresses manually and not
the ports, take a look at `listenAddresses`
the ports, take a look at `listenAddresses`.
'';
};

2
nixos/modules/system/boot/networkd.nix
View File

@ -25,9 +25,11 @@ let
sectionDHCPv4 = checkUnitConfig "DHCPv4" [
(assertOnlyFields [
"ClientIdentifier"
"DUIDType"
"DUIDRawData"
])
(assertValueOneOf "ClientIdentifier" ["mac" "duid" "duid-only"])
];
sectionDHCPv6 = checkUnitConfig "DHCPv6" [

8
nixos/modules/virtualisation/qemu-vm.nix
View File

@ -893,7 +893,13 @@ in
The address must be in the default VLAN (10.0.2.0/24).
'';
}
]));
])) ++ [
{ assertion = pkgs.stdenv.hostPlatform.is32bit -> cfg.memorySize < 2047;
message = ''
virtualisation.memorySize is above 2047, but qemu is only able to allocate 2047MB RAM on 32bit max.
'';
}
];
warnings =
optional (

2
nixos/tests/all-tests.nix
View File

@ -278,6 +278,7 @@ in {
fsck = handleTest ./fsck.nix {};
fsck-systemd-stage-1 = handleTest ./fsck.nix { systemdStage1 = true; };
ft2-clone = handleTest ./ft2-clone.nix {};
legit = handleTest ./legit.nix {};
mimir = handleTest ./mimir.nix {};
garage = handleTest ./garage {};
gemstash = handleTest ./gemstash.nix {};
@ -521,6 +522,7 @@ in {
nginx-sandbox = handleTestOn ["x86_64-linux"] ./nginx-sandbox.nix {};
nginx-sso = handleTest ./nginx-sso.nix {};
nginx-variants = handleTest ./nginx-variants.nix {};
nginx-proxyprotocol = handleTest ./nginx-proxyprotocol {};
nifi = handleTestOn ["x86_64-linux"] ./web-apps/nifi.nix {};
nitter = handleTest ./nitter.nix {};
nix-ld = handleTest ./nix-ld.nix {};

25
nixos/tests/etcd-cluster.nix
View File

@ -53,7 +53,7 @@ import ./make-test-python.nix ({ pkgs, ... } : let
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = node1
@ -86,10 +86,13 @@ import ./make-test-python.nix ({ pkgs, ... } : let
};
environment.variables = {
ETCDCTL_CERT_FILE = "${etcd_client_cert}";
ETCDCTL_KEY_FILE = "${etcd_client_key}";
ETCDCTL_CA_FILE = "${ca_pem}";
ETCDCTL_PEERS = "https://127.0.0.1:2379";
ETCD_CERT_FILE = "${etcd_client_cert}";
ETCD_KEY_FILE = "${etcd_client_key}";
ETCD_CA_FILE = "${ca_pem}";
ETCDCTL_ENDPOINTS = "https://127.0.0.1:2379";
ETCDCTL_CACERT = "${ca_pem}";
ETCDCTL_CERT = "${etcd_cert}";
ETCDCTL_KEY = "${etcd_key}";
};
networking.firewall.allowedTCPPorts = [ 2380 ];
@ -134,21 +137,21 @@ in {
node2.start()
node1.wait_for_unit("etcd.service")
node2.wait_for_unit("etcd.service")
node2.wait_until_succeeds("etcdctl cluster-health")
node1.succeed("etcdctl set /foo/bar 'Hello world'")
node2.wait_until_succeeds("etcdctl endpoint status")
node1.succeed("etcdctl put /foo/bar 'Hello world'")
node2.succeed("etcdctl get /foo/bar | grep 'Hello world'")
with subtest("should add another member"):
node1.wait_until_succeeds("etcdctl member add node3 https://node3:2380")
node1.wait_until_succeeds("etcdctl member add node3 --peer-urls=https://node3:2380")
node3.start()
node3.wait_for_unit("etcd.service")
node3.wait_until_succeeds("etcdctl member list | grep 'node3'")
node3.succeed("etcdctl cluster-health")
node3.succeed("etcdctl endpoint status")
with subtest("should survive member crash"):
node3.crash()
node1.succeed("etcdctl cluster-health")
node1.succeed("etcdctl set /foo/bar 'Hello degraded world'")
node1.succeed("etcdctl endpoint status")
node1.succeed("etcdctl put /foo/bar 'Hello degraded world'")
node1.succeed("etcdctl get /foo/bar | grep 'Hello degraded world'")
'';
})

2
nixos/tests/etcd.nix
View File

@ -19,7 +19,7 @@ import ./make-test-python.nix ({ pkgs, ... } : {
node.wait_for_unit("etcd.service")
with subtest("should write and read some values to etcd"):
node.succeed("etcdctl set /foo/bar 'Hello world'")
node.succeed("etcdctl put /foo/bar 'Hello world'")
node.succeed("etcdctl get /foo/bar | grep 'Hello world'")
'';
})

54
nixos/tests/legit.nix Normal file
View File

@ -0,0 +1,54 @@
import ./make-test-python.nix ({ lib, pkgs, ... }:
let
port = 5000;
scanPath = "/var/lib/legit";
in
{
name = "legit-web";
meta.maintainers = [ lib.maintainers.ratsclub ];
nodes = {
server = { config, pkgs }: {
services.legit = {
enable = true;
settings = {
server.port = 5000;
repo = { inherit scanPath; };
};
};
environment.systemPackages = [ pkgs.git ];
};
};
testScript = { nodes, ... }:
let
strPort = builtins.toString port;
in
''
start_all()
server.wait_for_unit("network.target")
server.wait_for_unit("legit.service")
server.wait_until_succeeds(
"curl -f http://localhost:${strPort}"
)
server.succeed("${pkgs.writeShellScript "setup-legit-test-repo" ''
set -e
git init --bare -b master ${scanPath}/some-repo
git init -b master reference
cd reference
git remote add origin ${scanPath}/some-repo
date > date.txt
git add date.txt
git -c user.name=test -c user.email=test@localhost commit -m 'add date'
git push -u origin master
''}")
server.wait_until_succeeds(
"curl -f http://localhost:${strPort}/some-repo"
)
'';
})

20
nixos/tests/nginx-proxyprotocol/_.test.nix.cert.pem Normal file
View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDLjCCAhagAwIBAgIIP2+4GFxOYMgwDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UE
AxMVbWluaWNhIHJvb3QgY2EgNGU3NTJiMB4XDTIzMDEzMDAzNDExOFoXDTQzMDEz
MDAzNDExOFowFTETMBEGA1UEAwwKKi50ZXN0Lm5peDCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAMarJSCzelnzTMT5GMoIKA/MXBNk5j277uI2Gq2MCky/
DlBpx+tjSsKsz6QLBduKMF8OH5AgjrVAKQAtsVPDseY0Qcyx/5dgJjkdO4on+DFb
V0SJ3ZhYPKACrqQ1SaoG+Xup37puw7sVR13J7oNvP6fAYRcjYqCiFC7VMjJNG4dR
251jvWWidSc7v5CYw2AxrngtBgHeQuyG9QCJ1DRH8h6ioV7IeonwReN7noYtTWh8
NDjGnw9HH2nYMcL91E+DWCxWVmbC9/orvYOT7u0Orho0t1w9BB0/zzcdojwQpMCv
HahEmFQmdGbWTuI4caBeaDBJVsSwKlTcxLSS4MAZ0c8CAwEAAaN3MHUwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB8GA1UdIwQYMBaAFGyXySYI3gL88d7GHnGMU6wpiBf2MBUGA1UdEQQO
MAyCCioudGVzdC5uaXgwDQYJKoZIhvcNAQELBQADggEBAJ/DpwiLVBgWyozsn++f
kR4m0dUjnuCgpHo2EMoMZh+9og+OC0vq6WITXHaJytB3aBMxFOUTim3vwxPyWPXX
/vy+q6jJ6QMLx1J3VIWZdmXsT+qLGbVzL/4gNoaRsLPGO06p3yVjhas+OBFx1Fee
6kTHb82S/dzBojOJLRRo18CU9yw0FUXOPqN7HF7k2y+Twe6+iwCuCKGSFcvmRjxe
bWy11C921bTienW0Rmq6ppFWDaUNYP8kKpMN2ViAvc0tyF6wwk5lyOiqCR+pQHJR
H/J4qSeKDchYLKECuzd6SySz8FW/xPKogQ28zba+DBD86hpqiEJOBzxbrcN3cjUn
7N4=
-----END CERTIFICATE-----

27
nixos/tests/nginx-proxyprotocol/_.test.nix.key.pem Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAxqslILN6WfNMxPkYyggoD8xcE2TmPbvu4jYarYwKTL8OUGnH
62NKwqzPpAsF24owXw4fkCCOtUApAC2xU8Ox5jRBzLH/l2AmOR07iif4MVtXRInd
mFg8oAKupDVJqgb5e6nfum7DuxVHXcnug28/p8BhFyNioKIULtUyMk0bh1HbnWO9
ZaJ1Jzu/kJjDYDGueC0GAd5C7Ib1AInUNEfyHqKhXsh6ifBF43uehi1NaHw0OMaf
D0cfadgxwv3UT4NYLFZWZsL3+iu9g5Pu7Q6uGjS3XD0EHT/PNx2iPBCkwK8dqESY
VCZ0ZtZO4jhxoF5oMElWxLAqVNzEtJLgwBnRzwIDAQABAoIBAFuNGOH184cqKJGI
3RSVJ6kIGtJRKA0A4vfZyPd61nBBhx4lcRyXOCd4LYPCFKP0DZBwWLk5V6pM89gC
NnqMbxnPsRbcXBVtGJAvWXW0L5rHJfMOuVBwMRfnxIUljVnONv/264PlcUtwZd/h
o4lsJeBvNg7MnrG5nyVp1+T4RZxYm1P86HLp5zyT+fdj4Cr82b9j6QpxGXEfm1jV
QA1xr1ZkrV8fgETyaE0TBIKcdt6xNfv1mpI1RE5gaP/YzcCs/mL+G0kMar4l7pO/
6OHXTvHz+W3G6Xlha7Wq1ADoqYz2K7VoL/OgSQhIxRNujyWR6lir7eladVrKkCzu
uzFi/HECgYEA0vSNCIK3useSypMPHhYUVNbZ4hbK0WgqSAxfJQtL3nC7KviVMAXj
IKVR90xuzJB+ih88KCJpH84JH90paMpW0Gq1yEae90bnWa8Nj7ULLS/Zuj0WrelU
+DEGbx47IUPOtiLBxooxFKyIVhX3hWRwZ0pokSQzbgb5zYnlM6tqZ3cCgYEA8Rb2
wtt0XmqEQedFacs4fobJoVWMcETjpuxYp0m5Kje/4QkptZIbspXGBgNtPBBRGg51
AYSu8wYkGEueI77KiFDgY8AAkpOk2MrMVPszjOhUiO1oEfbT6ynOY5RDOuXcY6jo
8RpSk46VkfVxt6LVmappqcVFtVWcAjdGfXeSLmkCgYAWP7SgMSkvidzxgJEXmzyJ
th9EuSKq81GCR8vBHG/kBf+3iIAzkGtkBgufCXCmIpc1+hVeJkLwF8rekXTMmIqP
cLG7bbdWXSQJUW0cuvtyyJkuC0NZFELh6knDbmzOFVi33PKS/gAvLgMzER4J843n
VvGwXSEPeazfAKwrxuhyAQKBgQCOm5TPYlyNVNhy20h18d2zCivOoPn3luhKXtd5
7OP4kw2PIYpoesqjcnC2MeS1eLlgfli70y5hVqqXLHOYlUzcIWr51iMAkREbo6oG
QqkVmoAWlsfOiICGRC5vPM4f0sPwt4NCyt05p0fWFKd1hn5u7Ryfba90OfWUYfny
UX5IsQKBgQCswer4Qc3UepkiYxGwSTxgIh4kYlmamU2I00Kar4uFAr9JsCbk98f0
kaCUNZjrrvTwgRmdhwcpMDiMW/F4QkNk0I2unHcoAvzNop6c22VhHJU2XJhrQ57h
n1iPiw0NLXiA4RQwMUMjtt3nqlpLOTXGtsF8TmpWPcAN2QcTxOutzw==
-----END RSA PRIVATE KEY-----

20
nixos/tests/nginx-proxyprotocol/ca.cert.pem Normal file
View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDSzCCAjOgAwIBAgIITnUr3xFw4oEwDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UE
AxMVbWluaWNhIHJvb3QgY2EgNGU3NTJiMCAXDTIzMDEzMDAzNDExOFoYDzIxMjMw
MTMwMDM0MTE4WjAgMR4wHAYDVQQDExVtaW5pY2Egcm9vdCBjYSA0ZTc1MmIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1SrJT9k3zXIXApEyL5UDlw7F6
MMOqE5d+8ZwMccHbEKLu0ssNRY+j31tnNYQ/r5iCNeNgUZccKBgzdU0ysyw5n4tw
0y+MTD9fCfUXYcc8pJRPRolo6zxYO9W7WJr0nfJZ+p7zFRAjRCmzXdnZjKz0EGcg
x9mHwn//3SuLt1ItK1n3aZ6im9NlcVtunDe3lCSL0tRgy7wDGNvWDZMO49jk4AFU
BlMqScuiNpUzYgCxNaaGMuH3M0f0YyRAxSs6FWewLtqTIaVql7HL+3PcGAhvlKEZ
fvfaf80F9aWI88sbEddTA0s5837zEoDwGpZl3K5sPU/O3MVEHIhAY5ICG0IBAgMB
AAGjgYYwgYMwDgYDVR0PAQH/BAQDAgKEMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRsl8kmCN4C/PHe
xh5xjFOsKYgX9jAfBgNVHSMEGDAWgBRsl8kmCN4C/PHexh5xjFOsKYgX9jANBgkq
hkiG9w0BAQsFAAOCAQEAmvgpU+q+TBbz+9Y2rdiIeTfeDXtMNPf+nKI3zxYztRGC
MoKP6jCQaFSQra4BVumFLV38DoqR1pOV1ojkiyO5c/9Iym/1Wmm8LeqgsHNqSgyS
C7wvBcb/N9PzIBQFq/RiboDoC7bqK/0zQguCmBtGceH+AVpQyfXM+P78B1EkHozu
67igP8GfouPp2s4Vd5P2XGkA6vMgYCtFEnCbtmmo7C8B+ymhD/D9axpMKQ1OaBg9
jfqLOlk+Rc2nYZuaDjnUmlTkYjC6EwCNe9weYkSJgQ9QzoGJLIRARsdQdsp3C2fZ
l2UZKkDJ2GPrrc+TdaGXZTYi0uMmvQsEKZXtqAzorQ==
-----END CERTIFICATE-----

27
nixos/tests/nginx-proxyprotocol/ca.key.pem Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAtUqyU/ZN81yFwKRMi+VA5cOxejDDqhOXfvGcDHHB2xCi7tLL
DUWPo99bZzWEP6+YgjXjYFGXHCgYM3VNMrMsOZ+LcNMvjEw/Xwn1F2HHPKSUT0aJ
aOs8WDvVu1ia9J3yWfqe8xUQI0Qps13Z2Yys9BBnIMfZh8J//90ri7dSLStZ92me
opvTZXFbbpw3t5Qki9LUYMu8Axjb1g2TDuPY5OABVAZTKknLojaVM2IAsTWmhjLh
9zNH9GMkQMUrOhVnsC7akyGlapexy/tz3BgIb5ShGX732n/NBfWliPPLGxHXUwNL
OfN+8xKA8BqWZdyubD1PztzFRByIQGOSAhtCAQIDAQABAoIBAQCLeAWs1kWtvTYg
t8UzspC0slItAKrmgt//hvxYDoPmdewC8yPG+AbDOSfmRKOTIxGeyro79UjdHnNP
0yQqpvCU/AqYJ7/inR37jXuCG3TdUHfQbSF1F9N6xb1tvYKoQYKaelYiB8g8eUnj
dYYM+U5tDNlpvJW6/YTfYFUJzWRo3i8jj5lhbkjcJDvdOhVxMXNXJgJAymu1KysE
N1da2l4fzmuoN82wFE9KMyYSn+LOLWBReQQmXHZPP+2LjRIVrWoFoV49k2Ylp9tH
yeaFx1Ya/wVx3PRnSW+zebWDcc0bAua9XU3Fi42yRq5iXOyoXHyefDfJoId7+GAO
IF2qRw9hAoGBAM1O1l4ceOEDsEBh7HWTvmfwVfkXgT6VHeI6LGEjb88FApXgT+wT
1s1IWVVOigLl9OKQbrjqlg9xgzrPDHYRwu5/Oz3X2WaH6wlF+d+okoqls6sCEAeo
GfzF3sKOHQyIYjttCXE5G38uhIgVFFFfK97AbUiY8egYBr0zjVXK7xINAoGBAOIN
1pDBFBQIoKj64opm/G9lJBLUpWLBFdWXhXS6q2jNsdY1mLMRmu/RBaKSfGz7W1a/
a2WBedjcnTWJ/84tBsn4Qj5tLl8xkcXiN/pslWzg724ZnVsbyxM9KvAdXAma3F0g
2EsYq8mhvbAEkpE+aoM6jwOJBnMhTRZrNMKN2lbFAoGAHmZWB4lfvLG3H1FgmehO
gUVs9X0tff7GdgD3IUsF+zlasKaOLv6hB7R2xdLjTJqQMBwCyQ6zOYYtUD/oMHNg
0b+1HesgHbZybuUVorBrQmxWtjOP/BJABtWlrlkso/Zt1S7H/yPdlm9k4GF+qK3W
6RzFEcLTzvH/zXQcsV9jFuECgYEAhaX+1KiC0XFkY2OpaoCHAOlAUa3NdjyIRzcF
XUU8MINkgCxB8qUXAHCJL1wCGoDluL0FpwbM3m1YuR200tYGLIUNzVDJ2Ng6wk8E
H5fxJGU8ydB1Gzescdx5NWt2Tet0G89ecc/NSTHKL3YUnbDUUm/dvA5YdNscc4PA
tsIdc60CgYEArvU1MwqGQUTDKUmaM2t3qm70fbwmOViHfyTWpn4aAQR3sK16iJMm
V+dka62L/VYs5CIbzXvCioyugUMZGJi/zIwrViRzqJQbNnPADAW4lG88UxXqHHAH
q33ivjgd9omGFb37saKOmR44KmjUIDvSIZF4W3EPwAMEyl5mM31Ryns=
-----END RSA PRIVATE KEY-----

144
nixos/tests/nginx-proxyprotocol/default.nix Normal file
View File

@ -0,0 +1,144 @@
let
certs = import ./snakeoil-certs.nix;
in
import ../make-test-python.nix ({ pkgs, ... }: {
name = "nginx-proxyprotocol";
nodes = {
webserver = { pkgs, lib, ... }: {
environment.systemPackages = [ pkgs.netcat ];
security.pki.certificateFiles = [
certs.ca.cert
];
networking.extraHosts = ''
127.0.0.5 proxy.test.nix
127.0.0.5 noproxy.test.nix
127.0.0.3 direct-nossl.test.nix
127.0.0.4 unsecure-nossl.test.nix
127.0.0.2 direct-noproxy.test.nix
127.0.0.1 direct-proxy.test.nix
'';
services.nginx = {
enable = true;
defaultListen = [
{ addr = "127.0.0.1"; proxyProtocol = true; ssl = true; }
{ addr = "127.0.0.2"; }
{ addr = "127.0.0.3"; ssl = false; }
{ addr = "127.0.0.4"; ssl = false; proxyProtocol = true; }
];
commonHttpConfig = ''
log_format pcombined '(proxy_protocol=$proxy_protocol_addr) - (remote_addr=$remote_addr) - (realip=$realip_remote_addr) - (upstream=) - (remote_user=$remote_user) [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/access.log pcombined;
error_log /var/log/nginx/error.log;
'';
virtualHosts =
let
commonConfig = {
locations."/".return = "200 '$remote_addr'";
extraConfig = ''
set_real_ip_from 127.0.0.5/32;
real_ip_header proxy_protocol;
'';
};
in
{
"*.test.nix" = commonConfig // {
sslCertificate = certs."*.test.nix".cert;
sslCertificateKey = certs."*.test.nix".key;
forceSSL = true;
};
"direct-nossl.test.nix" = commonConfig;
"unsecure-nossl.test.nix" = commonConfig // {
extraConfig = ''
real_ip_header proxy_protocol;
'';
};
};
};
services.sniproxy = {
enable = true;
config = ''
error_log {
syslog daemon
}
access_log {
syslog daemon
}
listener 127.0.0.5:443 {
protocol tls
source 127.0.0.5
}
table {
^proxy\.test\.nix$ 127.0.0.1 proxy_protocol
^noproxy\.test\.nix$ 127.0.0.2
}
'';
};
};
};
testScript = ''
def check_origin_ip(src_ip: str, dst_url: str, failure: bool = False, proxy_protocol: bool = False, expected_ip: str | None = None):
check = webserver.fail if failure else webserver.succeed
if expected_ip is None:
expected_ip = src_ip
return check(f"curl {'--haproxy-protocol' if proxy_protocol else '''} --interface {src_ip} --fail -L {dst_url} | grep '{expected_ip}'")
webserver.wait_for_unit("nginx")
webserver.wait_for_unit("sniproxy")
# This should be closed by virtue of ssl = true;
webserver.wait_for_closed_port(80, "127.0.0.1")
# This should be open by virtue of no explicit ssl
webserver.wait_for_open_port(80, "127.0.0.2")
# This should be open by virtue of ssl = true;
webserver.wait_for_open_port(443, "127.0.0.1")
# This should be open by virtue of no explicit ssl
webserver.wait_for_open_port(443, "127.0.0.2")
# This should be open by sniproxy
webserver.wait_for_open_port(443, "127.0.0.5")
# This should be closed by sniproxy
webserver.wait_for_closed_port(80, "127.0.0.5")
# Sanity checks for the NGINX module
# direct-HTTP connection to NGINX without TLS, this checks that ssl = false; works well.
check_origin_ip("127.0.0.10", "http://direct-nossl.test.nix/")
# webserver.execute("openssl s_client -showcerts -connect direct-noproxy.test.nix:443")
# direct-HTTP connection to NGINX with TLS
check_origin_ip("127.0.0.10", "http://direct-noproxy.test.nix/")
check_origin_ip("127.0.0.10", "https://direct-noproxy.test.nix/")
# Well, sniproxy is not listening on 80 and cannot redirect
check_origin_ip("127.0.0.10", "http://proxy.test.nix/", failure=True)
check_origin_ip("127.0.0.10", "http://noproxy.test.nix/", failure=True)
# Actual PROXY protocol related tests
# Connecting through sniproxy should passthrough the originating IP address.
check_origin_ip("127.0.0.10", "https://proxy.test.nix/")
# Connecting through sniproxy to a non-PROXY protocol enabled listener should not pass the originating IP address.
check_origin_ip("127.0.0.10", "https://noproxy.test.nix/", expected_ip="127.0.0.5")
# Attack tests against spoofing
# Let's try to spoof our IP address by connecting direct-y to the PROXY protocol listener.
# FIXME(RaitoBezarius): rewrite it using Python + (Scapy|something else) as this is too much broken unfortunately.
# Or wait for upstream curl patch.
# def generate_attacker_request(original_ip: str, target_ip: str, dst_url: str):
# return f"""PROXY TCP4 {original_ip} {target_ip} 80 80
# GET / HTTP/1.1
# Host: {dst_url}
# """
# def spoof(original_ip: str, target_ip: str, dst_url: str, tls: bool = False, expect_failure: bool = True):
# method = webserver.fail if expect_failure else webserver.succeed
# port = 443 if tls else 80
# print(webserver.execute(f"cat <<EOF | nc {target_ip} {port}\n{generate_attacker_request(original_ip, target_ip, dst_url)}\nEOF"))
# return method(f"cat <<EOF | nc {target_ip} {port} | grep {original_ip}\n{generate_attacker_request(original_ip, target_ip, dst_url)}\nEOF")
# check_origin_ip("127.0.0.10", "http://unsecure-nossl.test.nix", proxy_protocol=True)
# spoof("1.1.1.1", "127.0.0.4", "direct-nossl.test.nix")
# spoof("1.1.1.1", "127.0.0.4", "unsecure-nossl.test.nix", expect_failure=False)
'';
})

30
nixos/tests/nginx-proxyprotocol/generate-certs.nix Normal file
View File

@ -0,0 +1,30 @@
# Minica can provide a CA key and cert, plus a key
# and cert for our fake CA server's Web Front End (WFE).
{
pkgs ? import <nixpkgs> {},
minica ? pkgs.minica,
runCommandCC ? pkgs.runCommandCC,
}:
let
conf = import ./snakeoil-certs.nix;
domain = conf.domain;
domainSanitized = pkgs.lib.replaceStrings ["*"] ["_"] domain;
in
runCommandCC "generate-tests-certs" {
buildInputs = [ (minica.overrideAttrs (old: {
postPatch = ''
sed -i 's_NotAfter: time.Now().AddDate(2, 0, 30),_NotAfter: time.Now().AddDate(20, 0, 0),_' main.go
'';
})) ];
} ''
minica \
--ca-key ca.key.pem \
--ca-cert ca.cert.pem \
--domains "${domain}"
mkdir -p $out
mv ca.*.pem $out/
mv ${domainSanitized}/key.pem $out/${domainSanitized}.key.pem
mv ${domainSanitized}/cert.pem $out/${domainSanitized}.cert.pem
''

14
nixos/tests/nginx-proxyprotocol/snakeoil-certs.nix Normal file
View File

@ -0,0 +1,14 @@
let
domain = "*.test.nix";
domainSanitized = "_.test.nix";
in {
inherit domain;
ca = {
cert = ./ca.cert.pem;
key = ./ca.key.pem;
};
"${domain}" = {
cert = ./. + "/${domainSanitized}.cert.pem";
key = ./. + "/${domainSanitized}.key.pem";
};
}

6
pkgs/applications/audio/go-musicfox/default.nix
View File

@ -9,18 +9,18 @@
buildGoModule rec {
pname = "go-musicfox";
version = "4.0.6";
version = "4.1.1";
src = fetchFromGitHub {
owner = "go-musicfox";
repo = pname;
rev = "v${version}";
hash = "sha256-ZqB3NL/pLIY1lHl3qMIOciqsOW9jNwjVQAq1j/ydDWs=";
hash = "sha256-A1+JDMT4mHUi10GE4/qV5IMuwNsm4EdBt9VC2ZvJzuU=";
};
deleteVendor = true;
vendorHash = "sha256-rJlyrPQS9UKinxIwGGo3EHlmWrzTKIm1jM1UDqnmVyg=";
vendorHash = "sha256-xzLUWqzDVT+Htw/BHygOJM16uQvWXopyxxHBZQKcOQ8=";
subPackages = [ "cmd/musicfox.go" ];

4
pkgs/applications/editors/jetbrains/linux.nix
View File

@ -1,6 +1,6 @@
{ stdenv, lib, makeDesktopItem, makeWrapper, patchelf, writeText
, coreutils, gnugrep, which, git, unzip, libsecret, libnotify, e2fsprogs
, vmopts ? null
, python3, vmopts ? null
}:
{ pname, product, productShort ? product, version, src, wmClass, jdk, meta, extraLdPath ? [], extraWrapperArgs ? [] }@args:
@ -71,7 +71,7 @@ with stdenv; lib.makeOverridable mkDerivation (rec {
item=${desktopItem}
makeWrapper "$out/$pname/bin/${loName}.sh" "$out/bin/${pname}" \
--prefix PATH : "$out/libexec/${pname}:${lib.makeBinPath [ jdk coreutils gnugrep which git ]}" \
--prefix PATH : "$out/libexec/${pname}:${lib.makeBinPath [ jdk coreutils gnugrep which git python3 ]}" \
--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath ([
# Some internals want libstdc++.so.6
stdenv.cc.cc.lib libsecret e2fsprogs

4
pkgs/applications/editors/orbiton/default.nix
View File

@ -4,13 +4,13 @@
buildGoModule rec {
pname = "orbiton";
version = "2.61.0";
version = "2.62.0";
src = fetchFromGitHub {
owner = "xyproto";
repo = "orbiton";
rev = "v${version}";
hash = "sha256-GknQXHwpdIRzSjIc1ITsoiaks4Vi5KmVqL7sHzmfnmQ=";
hash = "sha256-DmS0rn1v9zksSzO7FVl5YsIIXvhQ3zhSBC/i7tosdag=";
};
vendorHash = null;

4
pkgs/applications/graphics/gnome-decoder/default.nix
View File

@ -1,7 +1,6 @@
{ lib
, clangStdenv
, fetchFromGitLab
, libclang
, rustPlatform
, cargo
, meson
@ -50,6 +49,7 @@ clangStdenv.mkDerivation rec {
desktop-file-utils
cargo
rustc
rustPlatform.bindgenHook
rustPlatform.cargoSetupHook
];
@ -66,8 +66,6 @@ clangStdenv.mkDerivation rec {
gst-plugins-bad
];
LIBCLANG_PATH = "${libclang.lib}/lib";
meta = with lib; {
description = "Scan and Generate QR Codes";
homepage = "https://gitlab.gnome.org/World/decoder";

4
pkgs/applications/misc/cubiomes-viewer/default.nix
View File

@ -9,13 +9,13 @@
stdenv.mkDerivation rec {
pname = "cubiomes-viewer";
version = "3.2.1";
version = "3.3.0";
src = fetchFromGitHub {
owner = "Cubitect";
repo = pname;
rev = version;
sha256 = "sha256-67augXXZsriXdndrCFUFWZbL+rVKgTPAyqlbZua2Ul4=";
sha256 = "sha256-V6zPbL1/tP2B38wo4a05+vXCSjPE1YKpMR3zl/BbnY8=";
fetchSubmodules = true;
};

4
pkgs/applications/misc/gallery-dl/default.nix
View File

@ -2,13 +2,13 @@
buildPythonApplication rec {
pname = "gallery-dl";
version = "1.25.4";
version = "1.25.5";
format = "setuptools";
src = fetchPypi {
inherit version;
pname = "gallery_dl";
sha256 = "sha256-4x0XjXriEAJWSmbGjBWxZ5WJW9ruGE9wVrdZYTe6wE4=";
sha256 = "sha256-IFzKVHIuZZ2WLk23ZqyxvwxXF45f2O/VAqQ/j98x4ag=";
};
propagatedBuildInputs = [

14
pkgs/applications/misc/makeself/default.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchFromGitHub, which, zstd, pbzip2 }:
{ lib, stdenv, fetchFromGitHub, which, zstd, pbzip2, installShellFiles }:
stdenv.mkDerivation rec {
version = "2.4.5";
@ -12,6 +12,8 @@ stdenv.mkDerivation rec {
sha256 = "sha256-15lUtErGsbXF2Gn0f0rvA18mMuVMmkKrGO2poeYZU9g=";
};
nativeBuildInputs = [ installShellFiles ];
postPatch = "patchShebangs test";
# Issue #110149: our default /bin/sh apparently has 32-bit math only
@ -22,11 +24,11 @@ stdenv.mkDerivation rec {
nativeCheckInputs = [ which zstd pbzip2 ];
installPhase = ''
mkdir -p $out/{bin,share/{${pname}-${version},man/man1}}
cp makeself.lsm README.md $out/share/${pname}-${version}
cp makeself.sh $out/bin/makeself
cp makeself.1 $out/share/man/man1/
cp makeself-header.sh $out/share/${pname}-${version}
runHook preInstall
installManPage makeself.1
install -Dm555 makeself.sh $out/bin/makeself
install -Dm444 -t $out/share/${pname}/ makeself.lsm README.md makeself-header.sh
runHook postInstall
'';
fixupPhase = ''

25
pkgs/applications/misc/scli/default.nix
View File

@ -4,6 +4,8 @@
, dbus
, signal-cli
, xclip
, testers
, scli
}:
python3.pkgs.buildPythonApplication rec {
@ -26,24 +28,27 @@ python3.pkgs.buildPythonApplication rec {
dontBuild = true;
checkPhase = ''
# scli attempts to write to these directories, make sure they're writeable
export XDG_DATA_HOME=$(mktemp -d)
export XDG_CONFIG_HOME=$(mktemp -d)
./scli --help > /dev/null # don't spam nix-build log
test $? == 0
'';
installPhase = ''
mkdir -p $out/bin
runHook preInstall
patchShebangs scli
install -m755 -D scli $out/bin/scli
install -Dm555 scli -t $out/bin
echo "v$version" > $out/bin/VERSION
runHook postInstall
'';
makeWrapperArgs = [
"--prefix" "PATH" ":" (lib.makeBinPath [ dbus signal-cli xclip ])
];
passthru.tests = {
version = testers.testVersion {
package = scli;
command = "HOME=$(mktemp -d) scli --version";
};
};
meta = with lib; {
description = "Simple terminal user interface for Signal";
homepage = "https://github.com/isamert/scli";

4
pkgs/applications/misc/snapmaker-luban/default.nix
View File

@ -8,11 +8,11 @@
stdenv.mkDerivation rec {
pname = "snapmaker-luban";
version = "4.7.3";
version = "4.8.0";
src = fetchurl {
url = "https://github.com/Snapmaker/Luban/releases/download/v${version}/snapmaker-luban-${version}-linux-x64.tar.gz";
sha256 = "sha256-CPeTTnwykaa58tpA7Aznrvrs0DqxOKjspZjHrT+e9tw=";
sha256 = "sha256-uY8MlLIZrbds5/QdYZFTLSSis0BwRU19XfLiBX+2VCY=";
};
nativeBuildInputs = [

6
pkgs/applications/misc/system76-keyboard-configurator/default.nix
View File

@ -6,13 +6,13 @@
rustPlatform.buildRustPackage rec {
pname = "system76-keyboard-configurator";
version = "1.3.2";
version = "1.3.3";
src = fetchFromGitHub {
owner = "pop-os";
repo = "keyboard-configurator";
rev = "v${version}";
sha256 = "sha256-21cn43qyKg8jL6FF8D9H7dgcgSKggqaxb4cJVc0ljl0=";
sha256 = "sha256-8Mb07OlmYl/dNxCdBrAq7mgXZvi0oqtt76UX8TMWUPY=";
};
nativeBuildInputs = [
@ -28,7 +28,7 @@ rustPlatform.buildRustPackage rec {
udev
];
cargoHash = "sha256-9VjrDE/1VAgNrRmSYxCYKPrnilPQF+OXAYpFkF2lpAE=";
cargoHash = "sha256-3IAljoL4cabZ9rpgqPrgG7ofwETHS/9OlBKjxTwCDTU=";
meta = with lib; {
description = "Keyboard configuration application for System76 keyboards and laptops";

4
pkgs/applications/networking/cluster/argo-rollouts/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "argo-rollouts";
version = "1.5.0";
version = "1.5.1";
src = fetchFromGitHub {
owner = "argoproj";
repo = "argo-rollouts";
rev = "v${version}";
sha256 = "sha256-bOGC4RAeydPCvqyQZE+K0N01xRIGsoiwKJ4lMwVVgGk=";
sha256 = "sha256-ODcT7dc4xBHOKYTP2pUTq2z3GMUEpZ9OUKKxlbd+Vvk=";
};
vendorHash = "sha256-IxSLlRsOz/Xamguxm+7jy8qAAEZZFm/NHDIBjm5tnCs=";

4
pkgs/applications/networking/cluster/kaniko/default.nix
View File

@ -9,13 +9,13 @@
buildGoModule rec {
pname = "kaniko";
version = "1.9.2";
version = "1.10.0";
src = fetchFromGitHub {
owner = "GoogleContainerTools";
repo = "kaniko";
rev = "v${version}";
hash = "sha256-dXQ0/o1qISv+sjNVIpfF85bkbM9sGOGwqVbWZpMWfMY=";
hash = "sha256-SPHayFfYFpg1AOoe003xh7NGQLpvhd1C2k4IilgMqSw=";
};
vendorHash = null;

4
pkgs/applications/networking/cluster/kubeshark/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "kubeshark";
version = "40.2";
version = "40.5";
src = fetchFromGitHub {
owner = "kubeshark";
repo = "kubeshark";
rev = version;
sha256 = "sha256-E39Hr39fPiRKElploh2EEE35x0vnyAf2eWHr8Ifx0l0=";
sha256 = "sha256-Xm8Tx1m3k+Vz5GlSIGJw8W2PVkZav9U5A52X9HUJFno=";
};
vendorHash = "sha256-ckIjmrXkn1AVBQRwM6+wdRwwYHytxKm3rKEe+csORdU=";

16
pkgs/applications/networking/cluster/terraform-providers/default.nix
View File

@ -19,8 +19,8 @@ let
, rev
, spdx ? "UNSET"
, version ? lib.removePrefix "v" rev
, hash ? throw "use hash instead of sha256" # added 2202/09
, vendorHash ? throw "use vendorHash instead of vendorSha256" # added 2202/09
, hash
, vendorHash
, deleteVendor ? false
, proxyVendor ? false
, mkProviderFetcher ? fetchFromGitHub
@ -88,22 +88,10 @@ let
removed-providers =
let
archived = name: date: throw "the ${name} terraform provider has been archived by upstream on ${date}";
license = name: date: throw "the ${name} terraform provider removed from nixpkgs on ${date} because of unclear licensing";
removed = name: date: throw "the ${name} terraform provider removed from nixpkgs on ${date}";
in
lib.optionalAttrs config.allowAliases {
b2 = removed "b2" "2022/06";
checkpoint = removed "checkpoint" "2022/11";
dome9 = removed "dome9" "2022/08";
ksyun = removed "ksyun" "2023/04";
logicmonitor = license "logicmonitor" "2022/11";
ncloud = removed "ncloud" "2022/08";
nsxt = license "nsxt" "2022/11";
opc = archived "opc" "2022/05";
oraclepaas = archived "oraclepaas" "2022/05";
panos = removed "panos" "2022/05";
template = archived "template" "2022/05";
vercel = license "vercel" "2022/11";
};
# excluding aliases, used by terraform-full

32
pkgs/applications/networking/cluster/terraform-providers/providers.json
View File

@ -110,11 +110,11 @@
"vendorHash": null
},
"aws": {
"hash": "sha256-I0iGgrvgjdqjeoiRMzItg2FELC/X2ACP5qLW5HguP78=",
"hash": "sha256-eHU3dsu/aJ72BTwe4CAWhf29ZueUhyg10Ncs9yUxi80=",
"homepage": "https://registry.terraform.io/providers/hashicorp/aws",
"owner": "hashicorp",
"repo": "terraform-provider-aws",
"rev": "v5.0.0",
"rev": "v5.0.1",
"spdx": "MPL-2.0",
"vendorHash": "sha256-53BHSeRBgnT5LuSuTUA5R/bbeozd2gOxsXd/2tlrbYU="
},
@ -128,11 +128,11 @@
"vendorHash": null
},
"azurerm": {
"hash": "sha256-4gNXamhda8EyEyOQXnxYNy+S5SyGqtYaxRk/fAG7vvA=",
"hash": "sha256-GVxIr57y5tlOrZYtu09FI0IYG2cLkHkYMMofdqdCans=",
"homepage": "https://registry.terraform.io/providers/hashicorp/azurerm",
"owner": "hashicorp",
"repo": "terraform-provider-azurerm",
"rev": "v3.57.0",
"rev": "v3.58.0",
"spdx": "MPL-2.0",
"vendorHash": null
},
@ -665,13 +665,13 @@
"vendorHash": "sha256-4jAJf2FC83NdH4t1l7EA26yQ0pqteWmTIyrZDJdi7fg="
},
"linode": {
"hash": "sha256-4cUmKscy0KrhG3CbQo/Uz0BI3tq/MUyDtzNqeXwUtxg=",
"hash": "sha256-dVoITwVwvWX6gXNgNv8fpCT2d19nYN893L8CL/TvcPc=",
"homepage": "https://registry.terraform.io/providers/linode/linode",
"owner": "linode",
"repo": "terraform-provider-linode",
"rev": "v2.2.0",
"rev": "v2.3.0",
"spdx": "MPL-2.0",
"vendorHash": "sha256-MsVYFt8u9czVs1vGCqBrw3BZ5C4OFNrEuZZ57GEVBqE="
"vendorHash": "sha256-a8IjMAojj15yl1sh/6r5WJsuqzWqHeDZLEqib7xOCw0="
},
"linuxbox": {
"hash": "sha256-MzasMVtXO7ZeZ+qEx2Z+7881fOIA0SFzSvXVHeEROtg=",
@ -801,11 +801,11 @@
},
"nutanix": {
"deleteVendor": true,
"hash": "sha256-szqvEU1cxEIBKIeHmeqT6YAEsXZDvINxfDyp76qswzw=",
"hash": "sha256-kxLsQeseSncGRJCeh/1yD7oouS5OYwo5N5YorzwQdBs=",
"homepage": "https://registry.terraform.io/providers/nutanix/nutanix",
"owner": "nutanix",
"repo": "terraform-provider-nutanix",
"rev": "v1.8.1",
"rev": "v1.9.0",
"spdx": "MPL-2.0",
"vendorHash": "sha256-LRIfxQGwG988HE5fftGl6JmBG7tTknvmgpm4Fu1NbWI="
},
@ -864,11 +864,11 @@
"vendorHash": "sha256-2EuGZxHrpPwDicSrIf/Jx/c4LhOtE5HvTz9LkJ4xCSY="
},
"opsgenie": {
"hash": "sha256-vwHymj6kNTfxpqLEJixB55SeET1wtlkoN8RH8Uw0iPA=",
"hash": "sha256-fcQChRIwxAeAdYPTYC9rPSdbrmXaBIOotF7vQhO9Sl0=",
"homepage": "https://registry.terraform.io/providers/opsgenie/opsgenie",
"owner": "opsgenie",
"repo": "terraform-provider-opsgenie",
"rev": "v0.6.22",
"rev": "v0.6.23",
"spdx": "MPL-2.0",
"vendorHash": null
},
@ -1044,13 +1044,13 @@
"vendorHash": "sha256-NO1r/EWLgH1Gogru+qPeZ4sW7FuDENxzNnpLSKstnE8="
},
"spotinst": {
"hash": "sha256-fNJhshwaMX0w5SuL/B8MDMrUN/que8H8UXqiPfKuIVg=",
"hash": "sha256-VzIQqxEZl3+cRk19vxJGF0DbzutrfOWeP27TMat//Es=",
"homepage": "https://registry.terraform.io/providers/spotinst/spotinst",
"owner": "spotinst",
"repo": "terraform-provider-spotinst",
"rev": "v1.119.1",
"rev": "v1.120.0",
"spdx": "MPL-2.0",
"vendorHash": "sha256-VZlTrUcfE7ZoAU3wWrM31pZbKSsUc1Oph7b8wb6k8cY="
"vendorHash": "sha256-/sXd/qAChMpVTY/JN45fb2XFG0nsqc1ytC2FjXpva3c="
},
"stackpath": {
"hash": "sha256-7KQUddq+M35WYyAIAL8sxBjAaXFcsczBRO1R5HURUZg=",
@ -1098,11 +1098,11 @@
"vendorHash": "sha256-GNSKSlaFBj2P+z40U+0uwPSOuQBy+9vOVFfPe8p0A24="
},
"tencentcloud": {
"hash": "sha256-fHcEVQZLLmtaKsAaeFcnRxzPBcGv/UUZOpNHsB9VGXA=",
"hash": "sha256-2xyJ6rrgQKIhdtGNSnSYbL+fQhaqlEsWfGA2vYZeQBQ=",
"homepage": "https://registry.terraform.io/providers/tencentcloudstack/tencentcloud",
"owner": "tencentcloudstack",
"repo": "terraform-provider-tencentcloud",
"rev": "v1.81.1",
"rev": "v1.81.2",
"spdx": "MPL-2.0",
"vendorHash": null
},

6
pkgs/applications/networking/cluster/werf/default.nix
View File

@ -10,16 +10,16 @@
buildGoModule rec {
pname = "werf";
version = "1.2.235";
version = "1.2.238";
src = fetchFromGitHub {
owner = "werf";
repo = "werf";
rev = "v${version}";
hash = "sha256-fEo/hHVV+xv60VNe9AqjrP4JGzGXcM8yr/KjhRfOAhk=";
hash = "sha256-cMjekqIZnZMcDEEdeBs/jkPh/mqgox4gV+LkqP3IR5g=";
};
vendorHash = "sha256-1r32uT98I/pd6lxCb3bKy6uxJJodsaslwy9wynE4Pmg=";
vendorHash = "sha256-67J7AaS0kUu42BqFWMsC+ZXL2DnrBWwhz/oGmyMvpyo=";
proxyVendor = true;

4
pkgs/applications/networking/coreth/default.nix
View File

@ -6,13 +6,13 @@
buildGoModule rec {
pname = "coreth";
version = "0.12.1";
version = "0.12.2";
src = fetchFromGitHub {
owner = "ava-labs";
repo = pname;
rev = "v${version}";
hash = "sha256-Wf4abvBOX98A2IjALkMMOAqDvEtXtLddxhrV2LQM1dU=";
hash = "sha256-WkSZ+7ygg2dkotv3vwTrWaVsSQvgmPJ0xhPCqZdQit8=";
};
# go mod vendor has a bug, see: golang/go#57529

26
pkgs/applications/networking/flexget/default.nix
View File

@ -4,23 +4,9 @@
, fetchFromGitHub
}:
let
python = python3.override {
packageOverrides = self: super: {
sqlalchemy = super.sqlalchemy.overridePythonAttrs (old: rec {
version = "1.4.48";
src = fetchPypi {
pname = "SQLAlchemy";
inherit version;
hash = "sha256-tHvChwltmJoIOM6W99jpZpFKJNqHftQadTHUS1XNuN8=";
};
});
};
};
in
python.pkgs.buildPythonApplication rec {
python3.pkgs.buildPythonApplication rec {
pname = "flexget";
version = "3.7.0";
version = "3.7.2";
format = "pyproject";
# Fetch from GitHub in order to use `requirements.in`
@ -28,22 +14,18 @@ python.pkgs.buildPythonApplication rec {
owner = "Flexget";
repo = "Flexget";
rev = "refs/tags/v${version}";
hash = "sha256-H+R2NPHJbpQToKI1Op+DqPt82+w2xHxHC9NPpiF3aF0=";
hash = "sha256-K71nawQhFYLPRg79rcZKJ+US+3M5JAU0eg+ZiFwB6n8=";
};
postPatch = ''
# remove dependency constraints but keep environment constraints
sed 's/[~<>=][^;]*//' -i requirements.txt
# "zxcvbn-python" was renamed to "zxcvbn", and we don't have the former in
# nixpkgs. See: https://github.com/NixOS/nixpkgs/issues/62110
substituteInPlace requirements.txt --replace "zxcvbn-python" "zxcvbn"
'';
# ~400 failures
doCheck = false;
propagatedBuildInputs = with python.pkgs; [
propagatedBuildInputs = with python3.pkgs; [
# See https://github.com/Flexget/Flexget/blob/master/requirements.txt
apscheduler
beautifulsoup4

4
pkgs/applications/networking/instant-messengers/signal-cli/default.nix
View File

@ -2,12 +2,12 @@
stdenv.mkDerivation rec {
pname = "signal-cli";
version = "0.11.10";
version = "0.11.11";
# Building from source would be preferred, but is much more involved.
src = fetchurl {
url = "https://github.com/AsamK/signal-cli/releases/download/v${version}/signal-cli-${version}-Linux.tar.gz";
hash = "sha256-8iWUhneAialoEn3igxxTGJBmopbZHHqkvtJPZEESWM0=";
hash = "sha256-IKKWJBe6A3TVWIRTDyWbfRYMwgRNhSqSJK0ZRZNCVkA=";
};
buildInputs = lib.optionals stdenv.isLinux [ libmatthew_java dbus dbus_java ];

6
pkgs/applications/networking/netmaker/default.nix
View File

@ -10,16 +10,16 @@
buildGoModule rec {
pname = "netmaker";
version = "0.19.0";
version = "0.20.0";
src = fetchFromGitHub {
owner = "gravitl";
repo = pname;
rev = "v${version}";
hash = "sha256-wiexultPliYD3WrLVtWUdLs762OzLAmoH66phwjOuUw=";
hash = "sha256-pzU9MiUL5M7EkGIXjZ0VqJmk4qOlbgCLCg84iPIXG70=";
};
vendorHash = "sha256-Msvonap1soJExzBymouY8kZJnHT4SIwpfJjBgpkO2Rw=";
vendorHash = "sha256-euqQztEUEejCWy7WqtzMEIZrBDZpD/6dqnFsYhXajdE=";
inherit subPackages;

5
pkgs/applications/networking/remote/rustdesk/default.nix
View File

@ -20,7 +20,6 @@
, libyuv
, libopus
, libsciter
, llvmPackages
, wrapGAppsHook
, writeText
}:
@ -41,8 +40,6 @@ rustPlatform.buildRustPackage rec {
./fix-for-rust-1.65.diff
];
LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib";
cargoLock = {
lockFile = ./Cargo.lock;
outputHashes = {
@ -98,7 +95,7 @@ rustPlatform.buildRustPackage rec {
ln -s ${libyuv.out}/lib/* $VCPKG_ROOT/installed/${vcpkg_target}/lib/
'';
nativeBuildInputs = [ pkg-config cmake makeWrapper copyDesktopItems yasm nasm clang wrapGAppsHook ];
nativeBuildInputs = [ pkg-config cmake makeWrapper copyDesktopItems yasm nasm clang wrapGAppsHook rustPlatform.bindgenHook ];
buildInputs = [ alsa-lib pulseaudio libXfixes libxcb xdotool gtk3 libvpx libopus libXtst libyuv ];
# Checks require an active X display.

83
pkgs/applications/science/logic/sharpsat-td/default.nix Normal file
View File

@ -0,0 +1,83 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchzip
, cmake
, gmp
, mpfr
}:
let
satlib-bmc = fetchzip {
url = "https://www.cs.ubc.ca/~hoos/SATLIB/Benchmarks/SAT/BMC/bmc.tar.gz";
stripRoot = false;
sha256 = "sha256-F1Jfrj4iMMf/3LFCShIDMs4JfLkJ51Z4wkL1FDT9b/A=";
};
# needed for mpfr 4.2.0+ support
mpreal = fetchFromGitHub {
owner = "advanpix";
repo = "mpreal";
rev = "mpfrc++-3.6.9";
sha256 = "sha256-l61SKEx4pBocADrEGPVacQ6F2ep9IuvNZ8W08dKeZKg=";
};
in stdenv.mkDerivation rec {
pname = "sharpsat-td";
version = "unstable-2021-09-05";
src = fetchFromGitHub {
owner = "Laakeri";
repo = pname;
rev = "b9bb015305ea5d4e1ac7141691d0fe55ca983d31";
sha256 = "sha256-FE+DUd58eRr5w9RFw0fMHfjIiNDWIcG7XbyWJ/pI28U=";
};
postPatch = ''
# just say no to bundled binaries
rm bin/*
# ensure resultant build calls its own binaries
substituteInPlace src/decomposition.cpp \
--replace '"../../../flow-cutter-pace17/flow_cutter_pace17"' '"'"$out"'/bin/flow_cutter_pace17"'
substituteInPlace src/preprocessor/treewidth.cpp \
--replace '"./flow_cutter_pace17"' '"'"$out"'/bin/flow_cutter_pace17"'
# replace bundled version of mpreal/mpfrc++
rm -r src/mpfr
cp -r ${mpreal} src/mpfr
'';
nativeBuildInputs = [ cmake ];
buildInputs = [ gmp mpfr ];
installPhase = ''
runHook preInstall
mkdir -p $out/bin
install -Dm755 sharpSAT $out/bin/sharpSAT-td
install -Dm755 flow_cutter_pace17 $out/bin/flow_cutter_pace17
runHook postInstall
'';
doInstallCheck = true;
installCheckPhase = ''
runHook preInstallCheck
# "correct" answer from https://sites.google.com/site/marcthurley/sharpsat/benchmarks/collected-model-counts
$out/bin/sharpSAT-td -decot 1 -decow 100 -cs 3500 -tmpdir "$TMPDIR" \
${satlib-bmc}/bmc-ibm-1.cnf | grep -F 'c s exact arb int 7333984412904350856728851870196181665291102236046537207120878033973328441091390427157620940515935993557837912658856672133150412904529478729364681871717139154252602322050981277183916105207406949425074710972297902317183503443350157267211568852295978718386711142950559533715161449971311118966214098944000'
runHook postInstallCheck
'';
meta = {
description = "A fast solver for the #SAT model counting problem";
homepage = "https://github.com/Laakeri/sharpsat-td";
license = with lib.licenses; [ mit asl20 ];
maintainers = with lib.maintainers; [ ris ];
# uses clhash, which is non-portable
platforms = [ "x86_64-linux" "x86_64-darwin" ];
};
}

33
pkgs/applications/version-management/legit-web/default.nix Normal file
View File

@ -0,0 +1,33 @@
{ lib
, buildGoModule
, fetchFromGitHub
}:
buildGoModule rec {
pname = "legit";
version = "0.2.1";
src = fetchFromGitHub {
repo = "legit";
owner = "icyphox";
rev = "v${version}";
hash = "sha256-Y0lfbe4xBCj80z07mLFIiX+shvntYAHiW2Uw7h94jrE=";
};
vendorHash = "sha256-RAUSYCtP4rcJ2zIBXfPAEZWD1VSfr3d4MrmUMiPpjK8=";
postInstall = ''
mkdir -p $out/lib/legit/templates
mkdir -p $out/lib/legit/static
cp -r $src/templates/* $out/lib/legit/templates
cp -r $src/static/* $out/lib/legit/static
'';
meta = {
description = "Web frontend for git";
homepage = "https://github.com/icyphox/legit";
license = lib.licenses.mit;
maintainers = [ lib.maintainers.ratsclub ];
};
}

6
pkgs/applications/virtualization/flintlock/default.nix
View File

@ -10,16 +10,16 @@
buildGoModule rec{
pname = "flintlock";
version = "0.4.0";
version = "0.6.0";
src = fetchFromGitHub {
owner = "weaveworks";
repo = "flintlock";
rev = "v${version}";
sha256 = "sha256-kHrVpQ4E8b1YV+ofZwd4iGJ9ucVUUam6rxdpOGmvRR4=";
sha256 = "sha256-jZi58mewQ2hlH/9H4iAF4Mvf9UK4F7sUR0xcCEaLzX0=";
};
vendorSha256 = "sha256-A3LrikB2KrnSI+OREiLmlkTFpRKQWRB8w4OJ6ApX7oY=";
vendorHash = "sha256-IGfNMe1fQfAGAOVsxmn/oxleHfniqL1TJKllCwpuWOU=";
subPackages = [ "cmd/flintlock-metrics" "cmd/flintlockd" ];

69
pkgs/applications/window-managers/weston/default.nix
View File

@ -1,47 +1,58 @@
{ lib, stdenv, fetchurl
, meson, ninja, pkg-config, python3, wayland-scanner
, cairo, colord, dbus, lcms2, libGL, libXcursor, libdrm, libevdev, libinput
, libjpeg, seatd, libxcb, libxkbcommon, mesa, mtdev, pam, udev, wayland
, wayland-protocols
, pipewire ? null, pango ? null, libunwind ? null, freerdp ? null, vaapi ? null
, libva ? null, libwebp ? null, xwayland ? null
# beware of null defaults, as the parameters *are* supplied by callPackage by default
, buildDemo ? true
, buildRemoting ? true, gst_all_1
, cairo, dbus, lcms2, libdrm, libevdev, libinput, libjpeg, libxkbcommon, mesa
, seatd, wayland, wayland-protocols, xcbutilcursor
, demoSupport ? true
, hdrSupport ? true, libdisplay-info
, pangoSupport ? true, pango
, pipewireSupport ? true, pipewire
, rdpSupport ? true, freerdp
, remotingSupport ? true, gst_all_1
, vaapiSupport ? true, libva
, vncSupport ? true, aml, neatvnc, pam
, webpSupport ? true, libwebp
, xwaylandSupport ? true, libXcursor, xwayland
}:
stdenv.mkDerivation rec {
pname = "weston";
version = "11.0.2";
version = "12.0.1";
src = fetchurl {
url = "https://gitlab.freedesktop.org/wayland/weston/-/releases/${version}/downloads/weston-${version}.tar.xz";
hash = "sha256-ckB1LO8LfeYiuvi9U0jmP8axnwLvgklhsq3Rd9llKVI=";
hash = "sha256-sYWR6rJ4vBkXIPbAkVgEC3lecRivHV3cpqzZqOIDlTU=";
};
depsBuildBuild = [ pkg-config ];
nativeBuildInputs = [ meson ninja pkg-config python3 wayland-scanner ];
buildInputs = [
cairo colord dbus freerdp lcms2 libGL libXcursor libdrm libevdev libinput
libjpeg seatd libunwind libva libwebp libxcb libxkbcommon mesa mtdev pam
pango pipewire udev vaapi wayland wayland-protocols
] ++ lib.optionals buildRemoting [
gst_all_1.gstreamer
gst_all_1.gst-plugins-base
];
cairo lcms2 libdrm libevdev libinput libjpeg libxkbcommon mesa seatd
wayland wayland-protocols
] ++ lib.optional hdrSupport libdisplay-info
++ lib.optional pangoSupport pango
++ lib.optional pipewireSupport pipewire
++ lib.optional rdpSupport freerdp
++ lib.optionals remotingSupport [ gst_all_1.gstreamer gst_all_1.gst-plugins-base ]
++ lib.optional vaapiSupport libva
++ lib.optionals vncSupport [ aml neatvnc pam ]
++ lib.optional webpSupport libwebp
++ lib.optionals xwaylandSupport [ libXcursor xcbutilcursor xwayland ];
mesonFlags= [
"-Dbackend-drm-screencast-vaapi=${lib.boolToString (vaapi != null)}"
"-Dbackend-rdp=${lib.boolToString (freerdp != null)}"
"-Dxwayland=${lib.boolToString (xwayland != null)}" # Default is true!
(lib.mesonBool "remoting" buildRemoting)
"-Dpipewire=${lib.boolToString (pipewire != null)}"
"-Dimage-webp=${lib.boolToString (libwebp != null)}"
(lib.mesonBool "demo-clients" buildDemo)
"-Dsimple-clients="
"-Dtest-junit-xml=false"
] ++ lib.optionals (xwayland != null) [
"-Dxwayland-path=${xwayland.out}/bin/Xwayland"
(lib.mesonBool "backend-drm-screencast-vaapi" vaapiSupport)
(lib.mesonBool "backend-pipewire" pipewireSupport)
(lib.mesonBool "backend-rdp" rdpSupport)
(lib.mesonBool "backend-vnc" vncSupport)
(lib.mesonBool "demo-clients" demoSupport)
(lib.mesonBool "image-webp" webpSupport)
(lib.mesonBool "pipewire" pipewireSupport)
(lib.mesonBool "remoting" remotingSupport)
(lib.mesonOption "simple-clients" "")
(lib.mesonBool "test-junit-xml" false)
(lib.mesonBool "xwayland" xwaylandSupport)
] ++ lib.optionals xwaylandSupport [
(lib.mesonOption "xwayland-path" (lib.getExe xwayland))
];
passthru.providedSessions = [ "weston" ];
@ -61,6 +72,6 @@ stdenv.mkDerivation rec {
homepage = "https://gitlab.freedesktop.org/wayland/weston";
license = licenses.mit; # Expat version
platforms = platforms.linux;
maintainers = with maintainers; [ primeos ];
maintainers = with maintainers; [ primeos qyliss ];
};
}

15
pkgs/build-support/go/module.nix
View File

@ -54,7 +54,8 @@ assert (args' ? vendorHash && args' ? vendorSha256) -> throw "both `vendorHash`
let
args = removeAttrs args' [ "overrideModAttrs" "vendorSha256" "vendorHash" ];
go-modules = if (vendorHash != null) then stdenv.mkDerivation (let modArgs = {
go-modules = if (vendorHash == null) then "" else
(stdenv.mkDerivation {
name = "${name}-go-modules";
@ -138,13 +139,11 @@ let
'';
dontFixup = true;
}; in modArgs // (
{
outputHashMode = "recursive";
outputHash = vendorHash;
outputHashAlgo = if args' ? vendorSha256 || vendorHash == "" then "sha256" else null;
}
) // overrideModAttrs modArgs) else "";
outputHashMode = "recursive";
outputHash = vendorHash;
outputHashAlgo = if args' ? vendorSha256 || vendorHash == "" then "sha256" else null;
}).overrideAttrs overrideModAttrs;
package = stdenv.mkDerivation (args // {
nativeBuildInputs = [ go ] ++ nativeBuildInputs;

4
pkgs/data/themes/orchis-theme/default.nix
View File

@ -26,13 +26,13 @@ lib.checkListOfEnum "${pname}: theme tweaks" validTweaks tweaks
stdenvNoCC.mkDerivation
rec {
inherit pname;
version = "2023-04-08";
version = "2023-05-27";
src = fetchFromGitHub {
repo = "Orchis-theme";
owner = "vinceliuice";
rev = version;
hash = "sha256-/X4Hr2M/7pf6JxTUvPoG5VkQd+rweEPeTNe9glSLh78=";
hash = "sha256-I1a8y9dAJqFgnhyMqfupSdGvbbScf6tSYKlAhAzY4Dk=";
};
nativeBuildInputs = [ gtk3 sassc ];

2
pkgs/desktops/gnome/core/mutter/43/default.nix
View File

@ -74,7 +74,7 @@ stdenv.mkDerivation (finalAttrs: {
"-Dinstalled_tests=false" # TODO: enable these
"-Dwayland_eglstream=true"
"-Dprofiler=true"
"-Dxwayland_path=${xwayland}/bin/Xwayland"
"-Dxwayland_path=${lib.getExe xwayland}"
# This should be auto detected, but it looks like it manages a false
# positive.
"-Dxwayland_initfd=disabled"

2
pkgs/desktops/gnome/core/mutter/default.nix
View File

@ -81,7 +81,7 @@ stdenv.mkDerivation (finalAttrs: {
"-Dtests=false"
"-Dwayland_eglstream=true"
"-Dprofiler=true"
"-Dxwayland_path=${xwayland}/bin/Xwayland"
"-Dxwayland_path=${lib.getExe xwayland}"
# This should be auto detected, but it looks like it manages a false
# positive.
"-Dxwayland_initfd=disabled"

2
pkgs/desktops/plasma-5/kwin/default.nix
View File

@ -144,7 +144,7 @@ mkDerivation {
];
CXXFLAGS = [
''-DNIXPKGS_XWAYLAND=\"${lib.getBin xwayland}/bin/Xwayland\"''
''-DNIXPKGS_XWAYLAND=\"${lib.getExe xwayland}\"''
];
postInstall = ''

18
pkgs/development/compilers/dotnet/versions/7.0.nix
View File

@ -47,23 +47,23 @@
};
sdk_7_0 = buildNetSdk {
version = "7.0.203";
version = "7.0.302";
srcs = {
x86_64-linux = {
url = "https://download.visualstudio.microsoft.com/download/pr/ebfd0bf8-79bd-480a-9e81-0b217463738d/9adc6bf0614ce02670101e278a2d8555/dotnet-sdk-7.0.203-linux-x64.tar.gz";
sha512 = "ed1ae7cd88591ec52e1515c4a25d9a832eca29e8a0889549fea35a320e6e356e3806a17289f71fc0b04c36b006ae74446c53771d976c170fcbe5977ac7db1cb6";
url = "https://download.visualstudio.microsoft.com/download/pr/351400ef-f2e6-4ee7-9d1b-4c246231a065/9f7826270fb36ada1bdb9e14bc8b5123/dotnet-sdk-7.0.302-linux-x64.tar.gz";
sha512 = "9387bd804ed980ba1bc33093598ddbafa3a761e07d28916c94442cc329533d78a03bfc59d3066a1a861244302414e7e658b4e721b5bc825f623f8f908e748b7e";
};
aarch64-linux = {
url = "https://download.visualstudio.microsoft.com/download/pr/6cd2eaa7-4c06-4168-b90b-ee2d6bb40b10/4a8387eb07e17d262bfb9965f6d34462/dotnet-sdk-7.0.203-linux-arm64.tar.gz";
sha512 = "f5e1b5a63b51af664b852435fc5631ff3fbeafbfac9f34c025da016218b0e6fb9a24e816035a44f4b4a16f28bc696821b1aa6f181966754318bc45cde7f439bf";
url = "https://download.visualstudio.microsoft.com/download/pr/142603ad-0df5-4aef-bdc2-87b6140c90ed/2cce467e6c954d01024942b8370aaf70/dotnet-sdk-7.0.302-linux-arm64.tar.gz";
sha512 = "7f6372faa348c84560e3f1139605dc08d888b14b98c400724f628b52156fe31c20a50dc2a2f8673e29239d04ef06744e16c6f8bd8eb1756f99274c73eda74621";
};
x86_64-darwin = {
url = "https://download.visualstudio.microsoft.com/download/pr/de3e24bd-f677-4d9e-9717-859ce6659b5d/80c21bb06ca64d9408d11a32f858c7c6/dotnet-sdk-7.0.203-osx-x64.tar.gz";
sha512 = "a69ec597bc5b0a59ccfc9cc63c4883037eb9293600e98ea420c879242ec6c3fae6a81a3a08bf7d5d2ab93f750debffb224ad5628c9abd53bc44cfcb02ca77136";
url = "https://download.visualstudio.microsoft.com/download/pr/34ce4803-1444-48a2-9955-e2a9b9061b03/e18c978b55226240ca037cf8b1770064/dotnet-sdk-7.0.302-osx-x64.tar.gz";
sha512 = "cafb8e2839a8c91f58e8bda519d27f622a7a4062aea9247d743d64a3de3acad6ddd4f80d011fd416a3e3622f0ece8cd2e70e65f48331ae321b5ff23d282787b3";
};
aarch64-darwin = {
url = "https://download.visualstudio.microsoft.com/download/pr/ad0ad533-6970-4099-a0c6-ee1d089a381d/2d7ea966c6d032111389b7686ccc0d9a/dotnet-sdk-7.0.203-osx-arm64.tar.gz";
sha512 = "e41de76f6be00de587cedaed2b0c6e2c2871b2ebf03c89375b4c69cd3fdd14df0dc49b5fe83970868a25d14aa19deafbfe66ee6790383b77f7da3d8dea939664";
url = "https://download.visualstudio.microsoft.com/download/pr/fc7ed56d-3afe-4aa6-81bb-b4b0f5df56b5/d199f43f7421c6677ba25544b442b6b7/dotnet-sdk-7.0.302-osx-arm64.tar.gz";
sha512 = "28cc5fcc9651fc75f9b2f864672e5fdaead28feb262696c305d00a71c828004e46f0b9b4a6bb6b21b9ea475b1c601e1724df302eea4d63f604e4fcdc9c97dd63";
};
};
packages = { fetchNuGet }: [

25
pkgs/development/compilers/fleng/default.nix Normal file
View File

@ -0,0 +1,25 @@
{ lib
, stdenv
, fetchurl
}:
stdenv.mkDerivation (finalAttrs: {
pname = "fleng";
version = "14";
src = fetchurl {
url = "http://www.call-with-current-continuation.org/fleng/fleng-${finalAttrs.version}.tgz";
hash = "sha256-Js9bllX/399t9oeiRrqJNUFyYJwJVb/xSzwrcMrdi08=";
};
doCheck = true;
meta = {
homepage = "http://www.call-with-current-continuation.org/fleng/fleng.html";
description = "A low level concurrent logic programming language descended from Prolog";
license = lib.licenses.publicDomain;
maintainers = with lib.maintainers; [ AndersonTorres ];
platforms = lib.platforms.unix;
};
})
# TODO: bootstrap

20
pkgs/development/embedded/avrdude/default.nix
View File

@ -1,9 +1,7 @@
{ lib, stdenv, fetchFromGitHub, cmake, bison, flex, libusb-compat-0_1, libelf, libftdi1, readline
# docSupport is a big dependency, disabled by default
, docSupport ? false, texLive ? null, texinfo ? null, texi2html ? null
}:
assert docSupport -> texLive != null && texinfo != null && texi2html != null;
{ lib, stdenv, fetchFromGitHub, cmake, bison, flex, libusb-compat-0_1, libelf
, libftdi1, readline
# documentation building is broken on darwin
, docSupport ? (!stdenv.isDarwin), texlive, texinfo, texi2html, unixtools }:
stdenv.mkDerivation rec {
pname = "avrdude";
@ -16,10 +14,14 @@ stdenv.mkDerivation rec {
sha256 = "sha256-pGjOefWnf11kG/zFGwYGet1OjAhKsULNGgh6vqvIQ7c=";
};
nativeBuildInputs = [ cmake bison flex ];
nativeBuildInputs = [ cmake bison flex ] ++ lib.optionals docSupport [
unixtools.more
texlive.combined.scheme-medium
texinfo
texi2html
];
buildInputs = [ libusb-compat-0_1 libelf libftdi1 readline ]
++ lib.optionals docSupport [ texLive texinfo texi2html ];
buildInputs = [ libusb-compat-0_1 libelf libftdi1 readline ];
cmakeFlags = lib.optionals docSupport [
"-DBUILD_DOC=ON"

4
pkgs/development/embedded/stm32/stm32cubemx/default.nix
View File

@ -9,11 +9,11 @@ let
in
stdenv.mkDerivation rec {
pname = "stm32cubemx";
version = "6.8.0";
version = "6.8.1";
src = fetchzip {
url = "https://sw-center.st.com/packs/resource/library/stm32cube_mx_v${builtins.replaceStrings ["."] [""] version}-lin.zip";
sha256 = "sha256-jJeJTg2cCO6fqQ4vFq2dXsfsWmlN5ncZJWMoekJXkLQ=";
sha256 = "sha256-0WzdyRP09rRZzVZhwMOxA/SwHrQOYGBnv8UwvjMT22Q=";
stripRoot = false;
};

6
pkgs/development/interpreters/wasmtime/default.nix
View File

@ -2,17 +2,17 @@
rustPlatform.buildRustPackage rec {
pname = "wasmtime";
version = "9.0.1";
version = "9.0.2";
src = fetchFromGitHub {
owner = "bytecodealliance";
repo = pname;
rev = "v${version}";
hash = "sha256-6pZZawygFxE5rWkdJUaJLxTd5pZiC0o1Rvc5Zl6YJpw=";
hash = "sha256-Fnc3iepxHr7WjorFoabHE6ZM/zK1T5W/gkxL+AEcVgU=";
fetchSubmodules = true;
};
cargoHash = "sha256-GUYd5/1pekOHG1e0WBxjOe3/foZ5YdU2ovF0btZ6+ec=";
cargoHash = "sha256-7Q5aJU0sYzRLgjiSNLIrydYRJ3ozABjDo4VtmexS3po=";
cargoBuildFlags = [ "--package" "wasmtime-cli" "--package" "wasmtime-c-api" ];

11
pkgs/development/libraries/libb64/default.nix
View File

@ -19,6 +19,17 @@ stdenv.mkDerivation rec {
url = "https://github.com/libb64/libb64/commit/4fe47c052e9123da8f751545deb48be08c3411f6.patch";
sha256 = "18b3np3gpyzimqmk6001riqv5n70wfbclky6zzsrvj5zl1dj4ljf";
})
# Fix i686-linux build failure.
(fetchpatch {
name = "elif.patch";
url = "https://github.com/libb64/libb64/commit/819e43c8b34261ea3ee694bdc27865a033966083.patch";
hash = "sha256-r2jI6Q3rWDtArLlkAuyy7vcjsuRvX+2fBd5yk8XOMcc";
})
(fetchpatch {
name = "size_t.patch";
url = "https://github.com/libb64/libb64/commit/b5edeafc89853c48fa41a4c16393a1fdc8638ab6.patch";
hash = "sha256-+bqfOOlT/t0FLQEMHuxW1BxJcx9rk0yYM3wD43mcymo";
})
] ++ lib.optional (stdenv.buildPlatform != stdenv.hostPlatform) (fetchpatch {
name = "0001-example-Do-not-run-the-tests.patch";
url = "https://cgit.openembedded.org/meta-openembedded/plain/meta-oe/recipes-support/libb64/libb64/0001-example-Do-not-run-the-tests.patch?id=484e0de1e4ee107f21ae2a5c5f976ed987978baf";

4
pkgs/development/libraries/libcpr/default.nix
View File

@ -1,6 +1,6 @@
{ lib, stdenv, fetchFromGitHub, cmake, curl }:
let version = "1.10.3"; in
let version = "1.10.4"; in
stdenv.mkDerivation {
pname = "libcpr";
inherit version;
@ -11,7 +11,7 @@ stdenv.mkDerivation {
owner = "libcpr";
repo = "cpr";
rev = version;
hash = "sha256-NueZPBiICrh8GXXdCqNtVaB7PfqwtQ0WolvRij8SYbE=";
hash = "sha256-8qRNlZgBB71t/FSFPnxFhr02OuD2erLVeoc6wAx3LKk=";
};
nativeBuildInputs = [ cmake ];

2
pkgs/development/libraries/libwacom/default.nix
View File

@ -41,7 +41,7 @@ stdenv.mkDerivation rec {
libgudev
];
doCheck = stdenv.hostPlatform == stdenv.buildPlatform;
doCheck = stdenv.hostPlatform == stdenv.buildPlatform && lib.meta.availableOn stdenv.hostPlatform valgrind;
mesonFlags = [
"-Dtests=${if doCheck then "enabled" else "disabled"}"

36
pkgs/development/mobile/fdroidcl/default.nix Normal file
View File

@ -0,0 +1,36 @@
{ lib
, buildGoModule
, fetchFromGitHub
, android-tools
}:
buildGoModule rec {
pname = "fdroidcl";
version = "0.7.0";
src = fetchFromGitHub {
owner = "mvdan";
repo = "fdroidcl";
rev = "v${version}";
hash = "sha256-tqhs3b/DHfnGOm9qcM56NSzt1GJflJfbemkp7+nXbug=";
};
patches = [ ./go_mod_version_update.patch ];
vendorHash = "sha256-BWbwhHjfmMjiRurrZfW/YgIzJUH/hn+7qonD0BcTLxs=";
postPatch = ''
substituteInPlace adb/{server,device}.go \
--replace 'exec.Command("adb"' 'exec.Command("${android-tools}/bin/adb"'
'';
# TestScript/search attempts to connect to fdroid
doCheck = false;
meta = with lib; {
description = "F-Droid command line interface written in Go";
homepage = "https://github.com/mvdan/fdroidcl";
license = licenses.bsd3;
maintainers = with maintainers; [ aleksana ];
};
}

47
pkgs/development/mobile/fdroidcl/go_mod_version_update.patch Normal file
View File

@ -0,0 +1,47 @@
diff --git a/go.mod b/go.mod
index a482585..5c836dd 100644
--- a/go.mod
+++ b/go.mod
@@ -1,10 +1,19 @@
module mvdan.cc/fdroidcl
-go 1.16
+go 1.18
require (
github.com/kr/pretty v0.3.0
github.com/rogpeppe/go-internal v1.9.0
github.com/schollz/progressbar/v3 v3.13.0
- gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
+)
+
+require (
+ github.com/kr/text v0.2.0 // indirect
+ github.com/mattn/go-runewidth v0.0.14 // indirect
+ github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect
+ github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e // indirect
+ github.com/rivo/uniseg v0.4.3 // indirect
+ golang.org/x/sys v0.4.0 // indirect
+ golang.org/x/term v0.4.0 // indirect
)
diff --git a/go.sum b/go.sum
index 7befc16..d8523cb 100644
--- a/go.sum
+++ b/go.sum
@@ -23,8 +23,6 @@ github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJ
github.com/rivo/uniseg v0.4.3 h1:utMvzDsuh3suAEnhH0RdHmoPbU648o6CvXxTx4SBMOw=
github.com/rivo/uniseg v0.4.3/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg=
-github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
github.com/schollz/progressbar/v3 v3.13.0 h1:9TeeWRcjW2qd05I8Kf9knPkW4vLM/hYoa6z9ABvxje8=
@@ -38,7 +36,4 @@ golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.4.0 h1:O7UWfv5+A2qiuulQk30kVinPoMtoIPeVaKLEgLpVkvg=
golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
-gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/errgo.v2 v2.1.0 h1:0vLT13EuvQ0hNvakwLuFZ/jYrLp5F3kcWHXdRggjCE8=
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=

4
pkgs/development/python-modules/acquire/default.nix
View File

@ -17,7 +17,7 @@
buildPythonPackage rec {
pname = "acquire";
version = "3.5";
version = "3.6";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -26,7 +26,7 @@ buildPythonPackage rec {
owner = "fox-it";
repo = "acquire";
rev = "refs/tags/${version}";
hash = "sha256-F0kKydFDL2XafK7A66qn3Ad/mGZU8x3UKtXtKpxHZqU=";
hash = "sha256-oH+uxu61+d6qEQmT7joxwlyfpv7mF8ug6OzHmyUa95Y=";
};
SETUPTOOLS_SCM_PRETEND_VERSION = version;

6
pkgs/development/python-modules/adafruit-pureio/default.nix
View File

@ -7,15 +7,15 @@
buildPythonPackage rec {
pname = "adafruit-pureio";
version = "1.1.10";
format = "setuptools";
version = "1.1.11";
format = "pyproject";
disabled = pythonOlder "3.7";
src = fetchPypi {
pname = "Adafruit_PureIO";
inherit version;
hash = "sha256-EgaIN1PAlmMJ5tAtqXBnbpvHtQO7Sib3NuAXOfVqZLk=";
hash = "sha256-xM+7NlcxlC0fEJKhFvR9/a4K7xjFsn8QcrWCStXqjHw=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/aliyun-python-sdk-config/default.nix
View File

@ -7,14 +7,14 @@
buildPythonPackage rec {
pname = "aliyun-python-sdk-config";
version = "2.2.8";
version = "2.2.9";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-0rGI2YMT78gstfHmQD63hdvICQ3WlKgkx8unsDegaXw=";
hash = "sha256-5uRiOJAxq1zcJX+CyDnTG5BG1eFcJ43HdfpWUoZ5FSM=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/dominate/default.nix
View File

@ -7,14 +7,14 @@
buildPythonPackage rec {
pname = "dominate";
version = "2.7.0";
version = "2.8.0";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-UgEBNgiS6/nQVT9n0341n/kkA9ih4zgUAwUDCIoF2kk=";
hash = "sha256-TJDDvvr4jmErcfSzmve8vviXes+oVc7JVyJaj79QQAc=";
};
nativeCheckInputs = [

6
pkgs/development/python-modules/faraday-plugins/default.nix
View File

@ -6,6 +6,7 @@
, fetchFromGitHub
, html2text
, lxml
, markdown
, pytestCheckHook
, python-dateutil
, pythonOlder
@ -17,7 +18,7 @@
buildPythonPackage rec {
pname = "faraday-plugins";
version = "1.11.0";
version = "1.12.0";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -26,7 +27,7 @@ buildPythonPackage rec {
owner = "infobyte";
repo = "faraday_plugins";
rev = "refs/tags/${version}";
hash = "sha256-rbmD+UeMzsccYq7AzANziUZCgKtShRe/fJersODMrF8=";
hash = "sha256-dtSGNLQUG4Co+p/sPBgKxMhB7drZAMxUas+eH6g/cS8=";
};
postPatch = ''
@ -40,6 +41,7 @@ buildPythonPackage rec {
colorama
html2text
lxml
markdown
python-dateutil
pytz
requests

6
pkgs/development/python-modules/fenics/default.nix
View File

@ -73,6 +73,12 @@ let
rm test/unit/test_quadrature.py
rm test/unit/test_reference_element.py
rm test/unit/test_fiat.py
# Fix `np.float` deprecation in Numpy 1.20
grep -lr 'np.float(' test/ | while read -r fn; do
substituteInPlace "$fn" \
--replace "np.float(" "np.float64("
done
'';
checkPhase = ''
runHook preCheck

5
pkgs/development/python-modules/johnnycanencrypt/default.nix
View File

@ -3,7 +3,6 @@
, fetchFromGitHub
, buildPythonPackage
, rustPlatform
, llvmPackages
, pkg-config
, pcsclite
, nettle
@ -35,16 +34,14 @@ buildPythonPackage rec {
format = "pyproject";
LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib";
propagatedBuildInputs = [
httpx
];
nativeBuildInputs = [
llvmPackages.clang
pkg-config
] ++ (with rustPlatform; [
bindgenHook
cargoSetupHook
maturinBuildHook
]);

4
pkgs/development/python-modules/miniaudio/default.nix
View File

@ -12,7 +12,7 @@
buildPythonPackage rec {
pname = "miniaudio";
version = "1.57";
version = "1.58";
disabled = pythonOlder "3.6";
@ -22,7 +22,7 @@ buildPythonPackage rec {
owner = "irmen";
repo = "pyminiaudio";
rev = "refs/tags/v${version}";
hash = "sha256-jAGJEXNDclcGHnoDYMjQXz5ZS9U9pmIWEHzgYKp49/o=";
hash = "sha256-uIjQerxMU4hMCJtpqYPt2kicql3s7jyho9r6/kRHTbk=";
};
postPatch = ''

4
pkgs/development/python-modules/nbsphinx/default.nix
View File

@ -12,14 +12,14 @@
buildPythonPackage rec {
pname = "nbsphinx";
version = "0.9.1";
version = "0.9.2";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-Wbv7e8Z2pmR4Bfs8qDSQM4rn+WwWdKnl5wfwVcJyxZ0=";
hash = "sha256-VA239AZjR/I9BlDEro59hTNMaa33SeAwr2TBLplv+I4=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/onvif-zeep-async/default.nix
View File

@ -9,14 +9,14 @@
buildPythonPackage rec {
pname = "onvif-zeep-async";
version = "3.1.7";
version = "3.1.8";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-ra/1qKKmuWWvJCrr1uTCU5Awv5+GShgDHlHw0igLc4c=";
hash = "sha256-UiONj4ANsB5l2/ypWWfUK5ELoLsnUuyrFeldgITwIo4=";
};
propagatedBuildInputs = [

6
pkgs/development/python-modules/pyatv/default.nix
View File

@ -23,7 +23,7 @@
buildPythonPackage rec {
pname = "pyatv";
version = "0.11.0";
version = "0.12.0";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -31,8 +31,8 @@ buildPythonPackage rec {
src = fetchFromGitHub {
owner = "postlund";
repo = pname;
rev = "v${version}";
hash = "sha256-HWr+Pu/tMuCDFC2mV3R/Wqe0PfVw/DDgEIYBRnfYx/I=";
rev = "refs/tags/v${version}";
hash = "sha256-t7H4ut4atc2XDnpBzV03Q/OrCHMVmZk38r/iWcLKL7Q=";
};
postPatch = ''

4
pkgs/development/python-modules/pydeps/default.nix
View File

@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "pydeps";
version = "1.12.7";
version = "1.12.8";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -20,7 +20,7 @@ buildPythonPackage rec {
owner = "thebjorn";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-D57IO+1KS/budIjScEjVKP/5IbEx9KSDS46URuymC4s=";
hash = "sha256-6NxI67K1gw6VRO10T2o+5pwMsvCqIgMnHueLbg88XSQ=";
};
buildInputs = [

4
pkgs/development/python-modules/pysigma-backend-insightidr/default.nix
View File

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "pysigma-backend-insightidr";
version = "0.1.8";
version = "0.1.9";
format = "pyproject";
disabled = pythonOlder "3.8";
@ -19,7 +19,7 @@ buildPythonPackage rec {
owner = "SigmaHQ";
repo = "pySigma-backend-insightidr";
rev = "refs/tags/v${version}";
hash = "sha256-3Tr6WvYuHddc0vGb8li6hZLk2GgfXr67/T2AnYQ7qeo=";
hash = "sha256-/oHwWe8EcE1CS/hOmzJm9smfRLS/wShfbSGqOuvp8rU=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/python-otbr-api/default.nix
View File

@ -12,7 +12,7 @@
buildPythonPackage rec {
pname = "python-otbr-api";
version = "1.1.0";
version = "1.2.0";
format = "pyproject";
disabled = pythonOlder "3.9";
@ -21,7 +21,7 @@ buildPythonPackage rec {
owner = "home-assistant-libs";
repo = pname;
rev = "refs/tags/${version}";
hash = "sha256-0JPniehl4cnoTWgqmq1fMZwU8FFl2Zx4CF81az6iaxQ=";
hash = "sha256-IPglUB+Xla+IjWzHhfG+SDHY/jucg46ppnhHBHKTEiE=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/reolink-aio/default.nix
View File

@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "reolink-aio";
version = "0.5.15";
version = "0.5.16";
format = "setuptools";
disabled = pythonOlder "3.9";
@ -20,7 +20,7 @@ buildPythonPackage rec {
owner = "starkillerOG";
repo = "reolink_aio";
rev = "refs/tags/${version}";
hash = "sha256-YTBx0tMWSyy6A1OuTBmfEpRnZE4gHLIY5qFH9YL+YEo=";
hash = "sha256-FyrTZqp4h4GOCxld+y3wDEfLOl6a6dCgs/LJetjmr8I=";
};
postPatch = ''

4
pkgs/development/python-modules/subarulink/default.nix
View File

@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "subarulink";
version = "0.7.6";
version = "0.7.6-1";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -20,7 +20,7 @@ buildPythonPackage rec {
owner = "G-Two";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-D2nwzj7uYL/v5Ew2+LfJBLH904Htam4Fa3Gs6t8Hbyo=";
hash = "sha256-/VaGiOnPyTHSwkxlQtwyIZohD3QK897kapmM3S8bHtM=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/textual/default.nix
View File

@ -22,7 +22,7 @@
buildPythonPackage rec {
pname = "textual";
version = "0.24.1";
version = "0.26.0";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -31,7 +31,7 @@ buildPythonPackage rec {
owner = "Textualize";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-nFio45LxoVQK/IzVo2ZHGYzG6bHHr3yvA7P3kMZOUso=";
hash = "sha256-l4zSSROeI55hFnf0C64bbAB+1cATUkS59Uybf7ZmSfs=";
};
nativeBuildInputs = [

21
pkgs/development/python-modules/torrent_parser/default.nix Normal file
View File

@ -0,0 +1,21 @@
{ buildPythonPackage, lib, fetchFromGitHub }:
buildPythonPackage rec {
pname = "torrent_parser";
version = "0.4.1";
# No tarballs on Pypi
src = fetchFromGitHub {
owner = "7sDream";
repo = "torrent_parser";
rev = "v${version}";
sha256 = "sha256-zM738r3o9dGZYoWLN7fM4E06m6YPcAODEkgDS6wU/Sc=";
};
meta = {
description = "A .torrent file parser and creator for both Python 2 and 3";
homepage = "https://github.com/7sDream/torrent_parser";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

6
pkgs/development/python-modules/uptime-kuma-api/default.nix
View File

@ -7,15 +7,15 @@
buildPythonPackage rec {
pname = "uptime-kuma-api";
version = "0.13.0";
version = "1.0.1";
format = "setuptools";
disabled = pythonOlder "3.6";
disabled = pythonOlder "3.7";
src = fetchPypi {
pname = "uptime_kuma_api";
inherit version;
hash = "sha256-MoHE6Y7x1F1l70tuCHNIPt+vpqfJ00EUIMHnE4476Co=";
hash = "sha256-6Cwo71pgwBk5B6MaFFs9XlbocJLL/s4+7m7Gi13ddlM=";
};
propagatedBuildInputs = [

4
pkgs/development/tools/build-managers/rebar3/default.nix
View File

@ -3,7 +3,7 @@
writeScript, common-updater-scripts, coreutils, git, gnused, nix, rebar3-nix }:
let
version = "3.21.0";
version = "3.22.0";
owner = "erlang";
deps = import ./rebar-deps.nix { inherit fetchFromGitHub fetchgit fetchHex; };
rebar3 = stdenv.mkDerivation rec {
@ -16,7 +16,7 @@ let
inherit owner;
repo = pname;
rev = version;
sha256 = "QRQlqzYxRD4W63CawXBQ9ysPHzHQ5JrfjPqAivFyJAM=";
sha256 = "OCd9wGwnwOuv/Ojf1S4ALLn73AGKuXlRtukIiTSE2rs=";
};
buildInputs = [ erlang ];

7
pkgs/development/tools/continuous-integration/agola/default.nix
View File

@ -4,7 +4,7 @@
}:
let
version = "0.7.0";
version = "0.8.0";
in
buildGoModule {
@ -15,12 +15,13 @@ buildGoModule {
owner = "agola-io";
repo = "agola";
rev = "v${version}";
sha256 = "sha256-AiD7mVogWk/TOYy7Ed1aT31h1kbrRwseue5qc3wLOCI=";
hash = "sha256-nU04MVkUC+m6Ga4qDUH9KrA0zbYmttAicpvdxbaBG0Y=";
};
vendorSha256 = "sha256-Y3ck7Qdo9uq3YuLzZUe+RZkKQqWpSko3q+f4bfkSz6g=";
vendorHash = "sha256-k3Sip9CqTGRTWxr3RzZf0jCrm4AfUrpY/wSTmHy+yik=";
ldflags = [
"-s"
"-w"
"-X agola.io/agola/cmd.Version=${version}"
];

7
pkgs/development/tools/database/surrealdb-migrations/default.nix
View File

@ -24,13 +24,6 @@ rustPlatform.buildRustPackage rec {
cargoSha256 = "sha256-1+cvOhDeH9vx/8J1RwKLPdkBmqBKFmbNXv3H44pZfj0=";
# nativeBuildInputs = [
# pkg-config
# # needed on top of LIBCLANG_PATH to compile rquickjs
# llvmPackages.clang
# ];
buildInputs = [ ]
++ lib.optionals stdenv.isDarwin [ Security ];

4
pkgs/development/tools/dtools/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "dtools";
version = "2.095.1";
version = "2.103.1";
src = fetchFromGitHub {
owner = "dlang";
repo = "tools";
rev = "v${version}";
sha256 = "sha256:0rdfk3mh3fjrb0h8pr8skwlq6ac9hdl1fkrkdl7n1fa2806b740b";
sha256 = "sha256-XM4gUxcarQCOBR8W/o0iWAI54PyLDkH6CsDce22Cnu4=";
name = "dtools";
};

6
pkgs/development/tools/frugal/default.nix
View File

@ -2,18 +2,18 @@
buildGoModule rec {
pname = "frugal";
version = "3.16.19";
version = "3.16.21";
src = fetchFromGitHub {
owner = "Workiva";
repo = pname;
rev = "v${version}";
sha256 = "sha256-PEWjZeFIEfnAGVsv+oyF4R08FI+LzKBWlrlBmiXhJCQ=";
sha256 = "sha256-iNj3E5JtvOHAiEC+81KnAb32TWi+Zq8Av24oLm01ty4=";
};
subPackages = [ "." ];
vendorHash = "sha256-OnPQZk+VpOx97mSNRx9lGtC03OXGGz9JwUSZYX0Ofkc=";
vendorHash = "sha256-29LwvekhevOn/1zrtQEZWqeQMEAN2xPxSRzas/5EhVM=";
meta = with lib; {
description = "Thrift improved";

6
pkgs/development/tools/ginkgo/default.nix
View File

@ -2,15 +2,15 @@
buildGoModule rec {
pname = "ginkgo";
version = "2.9.4";
version = "2.9.5";
src = fetchFromGitHub {
owner = "onsi";
repo = "ginkgo";
rev = "v${version}";
sha256 = "sha256-groih0LxtmB8k4/vfw2Ivtzm+SOyQqK1o7XASNplFvQ=";
sha256 = "sha256-1Hb8pCvPs/L5UU280XwwEOnQ1CjJjgw0+GdCbtLkIpg=";
};
vendorHash = "sha256-Rm5fpiTZMo/B9+yIpmEniJVRfKgHjpFIagELEjgFYwc=";
vendorHash = "sha256-IxyPRUS7aqkfZ+hjtuopCd95dgiTgVdg1thSiTBZArg=";
# integration tests expect more file changes
# types tests are missing CodeLocation

6
pkgs/development/tools/go-toml/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "go-toml";
version = "2.0.7";
version = "2.0.8";
src = fetchFromGitHub {
owner = "pelletier";
repo = pname;
rev = "v${version}";
sha256 = "sha256-bGLJSzSwcoKRMRwLSmGEWoQaC9NVwcKyFKpcEw+/Nag=";
sha256 = "sha256-pMy/cYyB9ncOuYysX0a9PmTuJdIrMcKL///57bniixI=";
};
vendorHash = "sha256-MMCyFKqsL9aSQqK9VtPzUbgfLTFpzD5g8QYx8qIwktg=";
vendorHash = "sha256-44mxDswHIfVfAyvtyDHS4MnHCTPRlUvdhzHALICUJR4=";
excludedPackages = [ "cmd/gotoml-test-decoder" "cmd/tomltestgen" ];

4
pkgs/development/tools/godot/4/default.nix
View File

@ -53,13 +53,13 @@ let
in
stdenv.mkDerivation rec {
pname = "godot";
version = "4.0.2-stable";
version = "4.0.3-stable";
src = fetchFromGitHub {
owner = "godotengine";
repo = "godot";
rev = version;
hash = "sha256-kFIpY8kHa8ds/JgYWcUMB4RhwcJDebfeWFnI3BkFWiI=";
hash = "sha256-g9+CV3HsiJqiSJpZvK0N7BqKzp2Pvi6otjRLsFdmWGk=";
};
nativeBuildInputs = [

6
pkgs/development/tools/ls-lint/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "ls-lint";
version = "1.11.2";
version = "2.0.0";
src = fetchFromGitHub {
owner = "loeffel-io";
repo = "ls-lint";
rev = "v${version}";
sha256 = "sha256-mt1SvRHtAA0lChZ//8XIQGDPg1l1EOMkPIAe8YKhMSs=";
sha256 = "sha256-eEP/l3vdObdxUYIp8eSSCn3W0ypcmykbwQTDP083MVE=";
};
vendorSha256 = "sha256-OEwN9kj1npI+H7DY+e3tl5TIY/qr4y2CgAV5fwNA9l4=";
vendorHash = "sha256-nSHhU6z3ItCKBZy8ENBcAkXqSVo3DU6hAyezQczKShM=";
meta = with lib; {
description = "An extremely fast file and directory name linter";

6
pkgs/development/tools/misc/terracognita/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "terracognita";
version = "0.8.3";
version = "0.8.4";
src = fetchFromGitHub {
owner = "cycloidio";
repo = pname;
rev = "v${version}";
hash = "sha256-ipPJMh88R9Ddo1QzN+No9H2bBsLSPARUI2HRaYvK6jc=";
hash = "sha256-pPY8y+pQdk9/F7dnUBz/y4lvcR1k/EClywcZATArZVA=";
};
vendorHash = "sha256-7fGqChud9dcgA9BXyJysUgvvG7zI+ByA0oFlSMd+rps=";
vendorHash = "sha256-ApnJH0uIClXbfXK+k4t9Tcayc2mfndoG9iMqZY3iWys=";
doCheck = false;

8
pkgs/development/tools/ocaml/opam/default.nix
View File

@ -71,13 +71,13 @@ let
sha256 = "0jnqsv6pqp5b5g7lcjwgd75zqqvcwcl5a32zi03zg1kvj79p5gxs";
};
opam = fetchurl {
url = "https://github.com/ocaml/opam/archive/2.1.4.zip";
sha256 = "0zp8sb75pw1kyqlm7bsiagfwq46mv41mxh5q2prn2cwg6xri2wrg";
url = "https://github.com/ocaml/opam/archive/2.1.5.zip";
sha256 = "0s8r5gfs2zsyfn3jzqnvns3g0rkik3pw628n0dik55fwq3zjgg4a";
};
};
in stdenv.mkDerivation {
pname = "opam";
version = "2.1.4";
version = "2.1.5";
strictDeps = true;
@ -144,4 +144,4 @@ in stdenv.mkDerivation {
platforms = platforms.all;
};
}
# Generated by: ./opam.nix.pl -v 2.1.4 -p opam-shebangs.patch
# Generated by: ./opam.nix.pl -v 2.1.5 -p opam-shebangs.patch

4
pkgs/development/tools/okteto/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "okteto";
version = "2.15.2";
version = "2.15.3";
src = fetchFromGitHub {
owner = "okteto";
repo = "okteto";
rev = version;
hash = "sha256-PxCVBi/GMzyTs9GfIAAPHNbinexw4guSO8ZsyZIOmr4=";
hash = "sha256-BzyKmM5Yp9zdNonkDZoJBAmy8jSDwt85Wr9/1nbD7V8=";
};
vendorHash = "sha256-dZ6gzW5R5na5qcHFQqQvKfYb0Bu0kVvVMOaRdtTgkhE=";

4
pkgs/development/tools/parinfer-rust/default.nix
View File

@ -13,9 +13,7 @@ rustPlatform.buildRustPackage rec {
cargoSha256 = "1lam4gwzcj6w0pyxf61l2cpbvvf5gmj2gwi8dangnhd60qhlnvrx";
nativeBuildInputs = [ llvmPackages.clang ];
buildInputs = [ llvmPackages.libclang ];
LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib";
nativeBuildInputs = [ llvmPackages.clang rustPlatform.bindgenHook ];
postInstall = ''
mkdir -p $out/share/kak/autoload/plugins

Some files were not shown because too many files have changed in this diff Show More