From 6350d8d9b366fd6553dfe2160c4b43c28af97ac4 Mon Sep 17 00:00:00 2001 From: K900 Date: Sun, 12 Jun 2022 14:33:30 +0300 Subject: [PATCH 01/31] nixos/plasma5: add excludePackages option This is a pretty straightforward port of #151005. More things can probably be made optional, I've only added ones that I'm confident in. --- .../services/x11/desktop-managers/plasma5.nix | 212 ++++++++++-------- 1 file changed, 113 insertions(+), 99 deletions(-) diff --git a/nixos/modules/services/x11/desktop-managers/plasma5.nix b/nixos/modules/services/x11/desktop-managers/plasma5.nix index 3ca044ad5bc8..dada5f378ea4 100644 --- a/nixos/modules/services/x11/desktop-managers/plasma5.nix +++ b/nixos/modules/services/x11/desktop-managers/plasma5.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, utils, ... }: let xcfg = config.services.xserver; @@ -30,7 +30,7 @@ let inherit (libsForQt5) kdeGear kdeFrameworks plasma5; inherit (pkgs) writeText; inherit (lib) - getBin optionalString + getBin optionalString literalExpression mkRemovedOptionModule mkRenamedOptionModule mkDefault mkIf mkMerge mkOption types; @@ -192,6 +192,13 @@ in default = false; }; + excludePackages = mkOption { + description = "List of default packages to exclude from the configuration"; + type = types.listOf types.package; + default = []; + example = literalExpression "[ pkgs.plasma5Packages.oxygen ]"; + }; + # Internally allows configuring kdeglobals globally kdeglobals = mkOption { internal = true; @@ -263,89 +270,94 @@ in environment.systemPackages = with libsForQt5; with plasma5; with kdeGear; with kdeFrameworks; - [ - frameworkintegration - kactivities - kauth - kcmutils - kconfig - kconfigwidgets - kcoreaddons - kdoctools - kdbusaddons - kdeclarative - kded - kdesu - kdnssd - kemoticons - kfilemetadata - kglobalaccel - kguiaddons - kiconthemes - kidletime - kimageformats - kinit - kirigami2 # In system profile for SDDM theme. TODO: wrapper. - kio - kjobwidgets - knewstuff - knotifications - knotifyconfig - kpackage - kparts - kpeople - krunner - kservice - ktextwidgets - kwallet - kwallet-pam - kwalletmanager - kwayland - kwayland-integration - kwidgetsaddons - kxmlgui - kxmlrpcclient - plasma-framework - solid - sonnet - threadweaver + let + requiredPackages = [ + frameworkintegration + kactivities + kauth + kcmutils + kconfig + kconfigwidgets + kcoreaddons + kdoctools + kdbusaddons + kdeclarative + kded + kdesu + kdnssd + kemoticons + kfilemetadata + kglobalaccel + kguiaddons + kiconthemes + kidletime + kimageformats + kinit + kirigami2 # In system profile for SDDM theme. TODO: wrapper. + kio + kjobwidgets + knewstuff + knotifications + knotifyconfig + kpackage + kparts + kpeople + krunner + kservice + ktextwidgets + kwallet + kwallet-pam + kwalletmanager + kwayland + kwayland-integration + kwidgetsaddons + kxmlgui + kxmlrpcclient + plasma-framework + solid + sonnet + threadweaver - breeze-qt5 - kactivitymanagerd - kde-cli-tools - kdecoration - kdeplasma-addons - kgamma5 - khotkeys - kscreen - kscreenlocker - kwayland - kwin - kwrited - libkscreen - libksysguard - milou - plasma-browser-integration - plasma-integration - polkit-kde-agent + breeze-qt5 + kactivitymanagerd + kde-cli-tools + kdecoration + kdeplasma-addons + kgamma5 + khotkeys + kscreen + kscreenlocker + kwayland + kwin + kwrited + libkscreen + libksysguard + milou + plasma-integration + polkit-kde-agent - plasma-desktop - plasma-workspace - plasma-workspace-wallpapers + plasma-desktop + plasma-workspace + plasma-workspace-wallpapers - konsole - oxygen + breeze-icons + pkgs.hicolor-icon-theme - breeze-icons - pkgs.hicolor-icon-theme + kde-gtk-config + breeze-gtk - kde-gtk-config - breeze-gtk + qtvirtualkeyboard - qtvirtualkeyboard - - pkgs.xdg-user-dirs # Update user dirs as described in https://freedesktop.org/wiki/Software/xdg-user-dirs/ - ] + pkgs.xdg-user-dirs # Update user dirs as described in https://freedesktop.org/wiki/Software/xdg-user-dirs/ + ]; + optionalPackages = [ + plasma-browser-integration + konsole + oxygen + ]; + in + requiredPackages + ++ utils.removePackagesByName optionalPackages cfg.excludePackages # Phonon audio backend ++ lib.optional (cfg.phononBackend == "gstreamer") libsForQt5.phonon-backend-gstreamer @@ -457,27 +469,29 @@ in environment.systemPackages = with libsForQt5; with plasma5; with kdeGear; with kdeFrameworks; - [ - ksystemstats - kinfocenter - kmenuedit - plasma-systemmonitor - spectacle - systemsettings + let + requiredPackages = [ + ksystemstats + kinfocenter + kmenuedit + plasma-systemmonitor + spectacle + systemsettings - dolphin - dolphin-plugins - ffmpegthumbs - kdegraphics-thumbnailers - khelpcenter - kio-extras - print-manager - - elisa - gwenview - okular - ] - ; + dolphin + dolphin-plugins + ffmpegthumbs + kdegraphics-thumbnailers + kio-extras + ]; + optionalPackages = [ + elisa + gwenview + okular + khelpcenter + print-manager + ]; + in requiredPackages ++ utils.removePackagesByName optionalPackages cfg.excludePackages; systemd.user.services = { plasma-run-with-systemd = { From a5f11a6938a0cc475391e81c998f4439092a5d7b Mon Sep 17 00:00:00 2001 From: K900 Date: Sun, 12 Jun 2022 17:48:09 +0300 Subject: [PATCH 02/31] nixos/tests/plasma5: also test excludePackages works as expected --- nixos/tests/plasma5.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/nixos/tests/plasma5.nix b/nixos/tests/plasma5.nix index 3358a72570e8..b3836cf641d4 100644 --- a/nixos/tests/plasma5.nix +++ b/nixos/tests/plasma5.nix @@ -13,7 +13,10 @@ import ./make-test-python.nix ({ pkgs, ...} : services.xserver.enable = true; services.xserver.displayManager.sddm.enable = true; services.xserver.displayManager.defaultSession = "plasma"; - services.xserver.desktopManager.plasma5.enable = true; + services.xserver.desktopManager.plasma5 = { + enable = true; + excludePackages = [ pkgs.plasma5Packages.elisa ]; + }; services.xserver.displayManager.autoLogin = { enable = true; user = "alice"; @@ -40,6 +43,9 @@ import ./make-test-python.nix ({ pkgs, ...} : with subtest("Check that logging in has given the user ownership of devices"): machine.succeed("getfacl -p /dev/snd/timer | grep -q ${user.name}") + with subtest("Ensure Elisa is not installed"): + machine.fail("which elisa") + with subtest("Run Dolphin"): machine.execute("su - ${user.name} -c 'DISPLAY=:0.0 dolphin >&2 &'") machine.wait_for_window(" Dolphin") From 08626ff9d165cc0d884d924d45bce8f18294c204 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 6 Jul 2022 21:31:18 +0000 Subject: [PATCH 03/31] python310Packages.numpyro: 0.9.2 -> 0.10.0 --- pkgs/development/python-modules/numpyro/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/numpyro/default.nix b/pkgs/development/python-modules/numpyro/default.nix index d9a1273c33e9..5e2a8e2bb859 100644 --- a/pkgs/development/python-modules/numpyro/default.nix +++ b/pkgs/development/python-modules/numpyro/default.nix @@ -12,14 +12,14 @@ buildPythonPackage rec { pname = "numpyro"; - version = "0.9.2"; + version = "0.10.0"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit version pname; - hash = "sha256-TbzyIt17/z56juc8kH1L8rTkvSgcsT5ah6xmvWTo6tM="; + hash = "sha256-UCgFGHNLQunZgXGgmLWiH9GPEpRMIoSCqJryGIDHTdo="; }; propagatedBuildInputs = [ From ea78ceef64ef76bbe99922c9de429dc6604cfcc7 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 7 Jul 2022 13:48:07 +0000 Subject: [PATCH 04/31] extremetuxracer: 0.8.1 -> 0.8.2 --- pkgs/games/extremetuxracer/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/games/extremetuxracer/default.nix b/pkgs/games/extremetuxracer/default.nix index d114ed848000..416a3ac913ea 100644 --- a/pkgs/games/extremetuxracer/default.nix +++ b/pkgs/games/extremetuxracer/default.nix @@ -5,12 +5,12 @@ }: stdenv.mkDerivation rec { - version = "0.8.1"; + version = "0.8.2"; pname = "extremetuxracer"; src = fetchurl { url = "mirror://sourceforge/extremetuxracer/etr-${version}.tar.xz"; - sha256 = "sha256-ktqWPtMqub/xJjRu37lUnocdfDzsdT9KxQmODVPDg0E="; + sha256 = "sha256-HIdJZeniSVM78VwI2rxh5gwFuz/VeJF4gBF/+KkQzU4="; }; buildInputs = [ From 1a37a30af7f7141df8a52972cb80557342fe9bc5 Mon Sep 17 00:00:00 2001 From: Atemu Date: Thu, 30 Jun 2022 00:40:01 +0200 Subject: [PATCH 05/31] libstrangle: use direct nix store path in layer json This allows you to load libstrangle without setting LD_LIBRARY_PATH to include it. Only ENABLE_VK_LAYER_TORKEL104_libstrangle=1 is required now, as expected of an implicit layer. Previously, you were required to run your VK app via the wrapper: STRANGLE_FPS=30 strangle vkcube Now you can control it via simple environment variables alone: ENABLE_VK_LAYER_TORKEL104_libstrangle=1 STRANGLE_FPS=30 vkcube --- pkgs/tools/X11/libstrangle/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/tools/X11/libstrangle/default.nix b/pkgs/tools/X11/libstrangle/default.nix index 64992a9b5ee8..e0d28dfde329 100644 --- a/pkgs/tools/X11/libstrangle/default.nix +++ b/pkgs/tools/X11/libstrangle/default.nix @@ -23,6 +23,10 @@ stdenv.mkDerivation rec { substituteAllInPlace src/strangle.sh substituteAllInPlace src/stranglevk.sh ''; + postInstall = '' + substituteInPlace $out/share/vulkan/implicit_layer.d/libstrangle_vk.json \ + --replace "libstrangle_vk.so" "$out/lib/libstrangle/lib64/libstrangle_vk.so" + ''; meta = with lib; { homepage = "https://gitlab.com/torkel104/libstrangle"; From 5194de18eed275df9cec6635cf2435ffe0940b37 Mon Sep 17 00:00:00 2001 From: Atemu Date: Thu, 7 Jul 2022 18:33:27 +0200 Subject: [PATCH 06/31] libstrangle: support 32bit via implicit layer --- pkgs/tools/X11/libstrangle/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/tools/X11/libstrangle/default.nix b/pkgs/tools/X11/libstrangle/default.nix index e0d28dfde329..037c878bd12e 100644 --- a/pkgs/tools/X11/libstrangle/default.nix +++ b/pkgs/tools/X11/libstrangle/default.nix @@ -24,6 +24,8 @@ stdenv.mkDerivation rec { substituteAllInPlace src/stranglevk.sh ''; postInstall = '' + substitute $out/share/vulkan/implicit_layer.d/libstrangle_vk.json $out/share/vulkan/implicit_layer.d/libstrangle_vk.x86.json \ + --replace "libstrangle_vk.so" "$out/lib/libstrangle/lib32/libstrangle_vk.so" substituteInPlace $out/share/vulkan/implicit_layer.d/libstrangle_vk.json \ --replace "libstrangle_vk.so" "$out/lib/libstrangle/lib64/libstrangle_vk.so" ''; From f0238d60982b865fef8097908e8d62b59f744bb8 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:19:28 +0200 Subject: [PATCH 07/31] linux: 4.14.286 -> 4.14.287 --- pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 1b34cd3c9052..f730fd372b75 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.286"; + version = "4.14.287"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1x26fys9c2zai69wvvwpcxhdbbl02vijn4h7g6k6nq4y36fvkfyx"; + sha256 = "05pnz2wch5b430j82sjqhxyfbpln4p1569avj2qkk62x4164kdbq"; }; } // (args.argsOverride or {})) From 83b4ead7e10597afc12a60d8bc42299e9016028c Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:19:34 +0200 Subject: [PATCH 08/31] linux: 4.19.250 -> 4.19.251 --- pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index dd97b186506b..a158767af436 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.250"; + version = "4.19.251"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0p3mnl49708inhnrh461s6cnyn20qsqb9dw541h7crgsyd30mqvf"; + sha256 = "1x6ag81wzcynfa4l819mamk9k11fxgq5m1gain93avparjnwi1rp"; }; } // (args.argsOverride or {})) From eb59a193b9a42ee53bed78517c8bd857a7be3c44 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:19:45 +0200 Subject: [PATCH 09/31] linux: 4.9.321 -> 4.9.322 --- pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index d0c68d854d90..2bc24b6d1bae 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.321"; + version = "4.9.322"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1kb976lgikv1qa2pd7spdhmf1l97ip5i1k1kw7j6r7y8f7bwnznl"; + sha256 = "02g4lkiq6y5i6vrrk2i9h6dxka6mfjpk9dz3517adw5qf79ph6b2"; }; } // (args.argsOverride or {})) From 8e9ad03cbf82b40a90040591577edeb2246250e6 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:19:59 +0200 Subject: [PATCH 10/31] linux: 5.10.128 -> 5.10.129 --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index ffec97e631fe..60604adac7ea 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.128"; + version = "5.10.129"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0jyk3is94c3xin48saqywfr66iwqvzqq1rs5px4zkpfp139fjngc"; + sha256 = "1zlw89m7wpy02rnk8mizng43i77hrkwzl280sivqz1c05c2jzrxa"; }; } // (args.argsOverride or {})) From 736108063578e2b350486d8f079c05843d390acf Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:20:14 +0200 Subject: [PATCH 11/31] linux: 5.15.52 -> 5.15.53 --- pkgs/os-specific/linux/kernel/linux-5.15.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.15.nix b/pkgs/os-specific/linux/kernel/linux-5.15.nix index fd9ff278a54e..df40fd3bd41c 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.15.52"; + version = "5.15.53"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "01bdmgbl31nm0wg5mrzn6xgls4h5gig96mjrmn790npjm5fhls7l"; + sha256 = "01vvyw6sjkkjs7l4cy04yv19d9f3wmpy5gqfm763y7q58dr73apk"; }; } // (args.argsOverride or { })) From 525e5cd3b39a66459fb48dfe28b0bda6dd4f747d Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:20:27 +0200 Subject: [PATCH 12/31] linux: 5.18.9 -> 5.18.10 --- pkgs/os-specific/linux/kernel/linux-5.18.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.18.nix b/pkgs/os-specific/linux/kernel/linux-5.18.nix index b872f57ded8e..f1f0a8c84136 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.18.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.18.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.18.9"; + version = "5.18.10"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0g69ylrdb3khjnnz3v4m6xng49fzjlnvxfaqq77krznwrrpy50iq"; + sha256 = "1qyyfdfp8qn8a6brgly0h72jvz9s0wp2pjyrcpknzvmqvc0kv7pr"; }; } // (args.argsOverride or { })) From 4a5a4a0ff278761965b92faa94cda30d6bc5339c Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:20:41 +0200 Subject: [PATCH 13/31] linux: 5.4.203 -> 5.4.204 --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index 70061fb46d7f..045daa8b3a00 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.203"; + version = "5.4.204"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "12kr55nf6pmb0d52x5r3ilfssyqng9s8cpnbm9aglv062ddkz4zw"; + sha256 = "0ivsfdw55mysihylk5n46r7limf1rqddipap17mkfnyq345b3hgx"; }; } // (args.argsOverride or {})) From 50815fdf17214741a58d8e0e8152c1aaee82693a Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:21:52 +0200 Subject: [PATCH 14/31] linux/hardened/patches/4.14: 4.14.285-hardened1 -> 4.14.286-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index e60cfeaec7fb..250915a9fe17 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,12 +2,12 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.285-hardened1.patch", - "sha256": "1s7dzzb9aj4xbabddq5jcbd2aci3zxqwryjnmzrhzrdw6j8wszwx", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.285-hardened1/linux-hardened-4.14.285-hardened1.patch" + "name": "linux-hardened-4.14.286-hardened1.patch", + "sha256": "00vcsd4w2agvsd057k8m95cg9li81awi17hjb50207nx3g8hdrka", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.286-hardened1/linux-hardened-4.14.286-hardened1.patch" }, - "sha256": "0ynkcq2cm0q2qcmll1jg76msfa2a186xy5rv81ahfvylbjdkijfs", - "version": "4.14.285" + "sha256": "1x26fys9c2zai69wvvwpcxhdbbl02vijn4h7g6k6nq4y36fvkfyx", + "version": "4.14.286" }, "4.19": { "patch": { From b4fb4a07cf88c6be94dee8cc108df8ab4426c716 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:22:01 +0200 Subject: [PATCH 15/31] linux/hardened/patches/4.19: 4.19.249-hardened1 -> 4.19.250-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 250915a9fe17..59422eb008ce 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -12,12 +12,12 @@ "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.249-hardened1.patch", - "sha256": "0n2q0vwqxvzkkxn4mdaiqyx7ry8k4cr3hx3czcr3wbqvwh2bbnbz", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.249-hardened1/linux-hardened-4.19.249-hardened1.patch" + "name": "linux-hardened-4.19.250-hardened1.patch", + "sha256": "121pivhdlvkx8vblxdi6w39xwa16liq700hblsw8r0kba6jhzkhm", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.250-hardened1/linux-hardened-4.19.250-hardened1.patch" }, - "sha256": "14aiypira32hsw7wy9bhdw9rvfn705r0sb4415n9pfvi091bsjyf", - "version": "4.19.249" + "sha256": "0p3mnl49708inhnrh461s6cnyn20qsqb9dw541h7crgsyd30mqvf", + "version": "4.19.250" }, "5.10": { "patch": { From b01bc117d41bfe093e31e5f24c66eadc3051db4d Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:22:11 +0200 Subject: [PATCH 16/31] linux/hardened/patches/5.10: 5.10.127-hardened1 -> 5.10.128-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 59422eb008ce..00e28903e1bf 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -22,12 +22,12 @@ "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.127-hardened1.patch", - "sha256": "0lmsmmj1f0zqm5plb3c4sfqkq70msa24l1hcsrynavmzys8hndmq", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.127-hardened1/linux-hardened-5.10.127-hardened1.patch" + "name": "linux-hardened-5.10.128-hardened1.patch", + "sha256": "14pjxnk1p9fqmbxq4p45gc6p1cz86qg3x4ac5qa17rhdnaxm7pk7", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.128-hardened1/linux-hardened-5.10.128-hardened1.patch" }, - "sha256": "100m4b6w1kbc1lc3gwlmkp8xl42xai0v5wdbx0mxrq8y1gp374j1", - "version": "5.10.127" + "sha256": "0jyk3is94c3xin48saqywfr66iwqvzqq1rs5px4zkpfp139fjngc", + "version": "5.10.128" }, "5.15": { "patch": { From 287f104a1573755416703e4105440e39c0be42b1 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:22:20 +0200 Subject: [PATCH 17/31] linux/hardened/patches/5.15: 5.15.51-hardened1 -> 5.15.52-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 00e28903e1bf..8538e738adc5 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -32,12 +32,12 @@ "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.51-hardened1.patch", - "sha256": "0rfj0ypag0wn0ja77c920ppbqbik07i9yfrlhjanrz66vdip0z1r", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.51-hardened1/linux-hardened-5.15.51-hardened1.patch" + "name": "linux-hardened-5.15.52-hardened1.patch", + "sha256": "03shqi5lcsvrgklm2qgggwkxww0fs8bs25xc0l6mmiqa3sabws63", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.52-hardened1/linux-hardened-5.15.52-hardened1.patch" }, - "sha256": "1229m4r4n61n5l8anp2pcqdhajkwmavhr1z00n8gvx3yn9w4ifhz", - "version": "5.15.51" + "sha256": "01bdmgbl31nm0wg5mrzn6xgls4h5gig96mjrmn790npjm5fhls7l", + "version": "5.15.52" }, "5.18": { "patch": { From cc7d3f92284261c2abfa6266de88e9ac428d583f Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 7 Jul 2022 21:22:29 +0200 Subject: [PATCH 18/31] linux/hardened/patches/5.4: 5.4.202-hardened1 -> 5.4.203-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 8538e738adc5..c183b871ef8d 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -52,11 +52,11 @@ "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.202-hardened1.patch", - "sha256": "1gkgipw7ic0l3gh6haylcyss46wbph7zhx91fdp4na20jy4dxrzv", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.202-hardened1/linux-hardened-5.4.202-hardened1.patch" + "name": "linux-hardened-5.4.203-hardened1.patch", + "sha256": "1wjh14vh929vjgw4kkcyvyc1w0c7v0mlv2ywycj6zv1klwxzfnbh", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.203-hardened1/linux-hardened-5.4.203-hardened1.patch" }, - "sha256": "0gak58h5l2d8rmbmjw48460bgqi73yf1m7swsbbhfsmbkvhvr8aw", - "version": "5.4.202" + "sha256": "12kr55nf6pmb0d52x5r3ilfssyqng9s8cpnbm9aglv062ddkz4zw", + "version": "5.4.203" } } From a379d2bbc0d73b92ea8d3c2a23878f8469328695 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 8 Jul 2022 05:08:52 +0000 Subject: [PATCH 19/31] cdk-go: 1.0.6 -> 1.2.0 --- pkgs/tools/security/cdk-go/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/cdk-go/default.nix b/pkgs/tools/security/cdk-go/default.nix index 88fd089cb68b..b65b51b87244 100644 --- a/pkgs/tools/security/cdk-go/default.nix +++ b/pkgs/tools/security/cdk-go/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "cdk-go"; - version = "1.0.6"; + version = "1.2.0"; src = fetchFromGitHub { owner = "cdk-team"; repo = "CDK"; rev = "v${version}"; - sha256 = "sha256-XzUSiE03ZbP75ewwBJFwZE0aKNlOFprezeD26japLD8="; + sha256 = "sha256-0RDCg0UYCj0hlCM3BgOzKfuOulQVI/C9Mz6g5TJ5B1Y="; }; - vendorSha256 = "sha256-mP49DmOHvS8ewQG7I1J5OEmAOkHEFJfAsEPeiaRBpWc="; + vendorSha256 = "sha256-fEGU8egsEAYStsYiTi1SFyBY3qBrrOiPuZn1eZ+YCVM="; # At least one test is outdated doCheck = false; From a6ae0af01ed2e266bf65950871f81ca22d2fd1b9 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 8 Jul 2022 05:27:18 +0000 Subject: [PATCH 20/31] checkip: 0.38.0 -> 0.38.5 --- pkgs/tools/networking/checkip/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/checkip/default.nix b/pkgs/tools/networking/checkip/default.nix index 35bdcf7e4a24..8871f4081e77 100644 --- a/pkgs/tools/networking/checkip/default.nix +++ b/pkgs/tools/networking/checkip/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "checkip"; - version = "0.38.0"; + version = "0.38.5"; src = fetchFromGitHub { owner = "jreisinger"; repo = pname; rev = "v${version}"; - sha256 = "sha256-F+Sc3t1GYpGR+EEP+9GpzfaiWNQVpDivzpS66E7Li3A="; + sha256 = "sha256-ZwrwBWhji/moT1dQBCkMP5DI+xEfE6dGtZerFubobjc="; }; - vendorSha256 = "sha256-aiqnJ1PjrwSC6YtixNvyTxgbs8z2radcETNhKHGlPk0="; + vendorSha256 = "sha256-cahrJvPSemlEpaQ1s4bbi1yp0orTDGOoanqXDVVIpjQ="; # Requires network doCheck = false; From 7afeac6b5b5f725a977fa887ff49f04c7c54cf25 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 8 Jul 2022 06:20:47 +0000 Subject: [PATCH 21/31] cloudlist: 1.0.0 -> 1.0.1 --- pkgs/tools/security/cloudlist/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/cloudlist/default.nix b/pkgs/tools/security/cloudlist/default.nix index 203b044a6ded..fb9a420e3680 100644 --- a/pkgs/tools/security/cloudlist/default.nix +++ b/pkgs/tools/security/cloudlist/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "cloudlist"; - version = "1.0.0"; + version = "1.0.1"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = pname; rev = "v${version}"; - sha256 = "sha256-o5xJwbdYeFF3jWTy/zvswB9dFp/fxtgZB5a+c7cc2OQ="; + sha256 = "sha256-CYEQ+hHFKSHuW2U//59g+oHkxRzVOZzipkOB6KueHvA="; }; - vendorSha256 = "sha256-rzbf/au2qrdoBowsw7DbeCcBbF42bqJDnuKC1sSFxho="; + vendorSha256 = "sha256-pZsRpvSDGpfEVgszB52cZS5Kk+REeLnw3qsyGGVZoa0="; meta = with lib; { description = "Tool for listing assets from multiple cloud providers"; From e245411416c633cf7f4df8200c963686907e3c79 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 8 Jul 2022 07:52:50 +0000 Subject: [PATCH 22/31] dismap: 0.3 -> 0.4 --- pkgs/tools/security/dismap/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/dismap/default.nix b/pkgs/tools/security/dismap/default.nix index 57f3795db808..41d00a96cfa6 100644 --- a/pkgs/tools/security/dismap/default.nix +++ b/pkgs/tools/security/dismap/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "dismap"; - version = "0.3"; + version = "0.4"; src = fetchFromGitHub { owner = "zhzyker"; repo = pname; rev = "v${version}"; - sha256 = "sha256-WaQdDcBvv4mHdPFAB+spC64YeT3jlfyMYNsTjBILjwA="; + sha256 = "sha256-YjjiS6iLIQvrPS378v2nyrgwWBJ9YtDeNTPz0ze05mU="; }; vendorSha256 = "sha256-GnchyE2TswvjYlehhMYesZruTTwyTorfR+17K0RXXFY="; From d61e62804a5aba5ebda9a3a173fb68f23591172e Mon Sep 17 00:00:00 2001 From: ajs124 Date: Thu, 7 Jul 2022 03:04:31 +0200 Subject: [PATCH 23/31] pdnsd: fix build --- pkgs/tools/networking/pdnsd/default.nix | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/pdnsd/default.nix b/pkgs/tools/networking/pdnsd/default.nix index d797833618cc..605168493e6a 100644 --- a/pkgs/tools/networking/pdnsd/default.nix +++ b/pkgs/tools/networking/pdnsd/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl }: +{ lib, stdenv, fetchurl, fetchpatch }: stdenv.mkDerivation rec { pname = "pdnsd"; @@ -9,7 +9,16 @@ stdenv.mkDerivation rec { sha256 = "0yragv5zk77a1hfkpnsh17vvsw8b14d6mzfng4bb7i58rb83an5v"; }; - patchPhase = '' + patches = + # fix build with linux headers >= 5.13 + lib.optional stdenv.isLinux + (fetchpatch { + name = "fix-build-linux-headers-gte-5.13.patch"; + url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/net-dns/pdnsd/files/pdnsd-1.2.9a-linux-5.13_build_fix.patch?id=7ce35657f269c3b7016e8940ad36e59cf06e12a4"; + hash = "sha256-Sh/0ZyiQpDvFZOWE9OCQ9+ocXurjzJvrE4WNWaGwAwk="; + }); + + postPatch = '' sed -i 's/.*(cachedir).*/:/' Makefile.in ''; From 0a5a747b65d58a99fd1024e40260781936ceec43 Mon Sep 17 00:00:00 2001 From: K900 Date: Fri, 8 Jul 2022 17:48:11 +0300 Subject: [PATCH 24/31] python3Packages.poetry: 1.1.12 -> 1.1.14 --- pkgs/development/python-modules/poetry/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/poetry/default.nix b/pkgs/development/python-modules/poetry/default.nix index 5efbe56ac5bd..22de7d71bcc8 100644 --- a/pkgs/development/python-modules/poetry/default.nix +++ b/pkgs/development/python-modules/poetry/default.nix @@ -32,7 +32,7 @@ buildPythonPackage rec { pname = "poetry"; - version = "1.1.12"; + version = "1.1.14"; format = "pyproject"; disabled = pythonOlder "3.6"; @@ -41,7 +41,7 @@ buildPythonPackage rec { owner = "python-poetry"; repo = pname; rev = version; - sha256 = "1fm4yj6wxr24v7b77gmf63j7xsgszhbhzw2i9fvlfi0p9l0q34pm"; + sha256 = "sha256-n/GZOUoIMxWlULDqOe59Gt7Hz/+Mc4QcZT+1+HtQovs="; }; postPatch = '' From bb4d58bcda60e1428313138411aaab9c73c566f0 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 8 Jul 2022 17:29:45 +0000 Subject: [PATCH 25/31] python310Packages.dvc-render: 0.0.6 -> 0.0.7 --- pkgs/development/python-modules/dvc-render/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/dvc-render/default.nix b/pkgs/development/python-modules/dvc-render/default.nix index dc7792485a8c..adb19cf85029 100644 --- a/pkgs/development/python-modules/dvc-render/default.nix +++ b/pkgs/development/python-modules/dvc-render/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "dvc-render"; - version = "0.0.6"; + version = "0.0.7"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "iterative"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-l0efiCLoOVuSYoHWYYyu8FT1yosdFl6BeogzJyNKltw="; + hash = "sha256-QUrXUfvxQ2XZPTWXXuYBJpzFGNb8KeqpMh47WdCQu04="; }; SETUPTOOLS_SCM_PRETEND_VERSION = version; From 2c71278a2395d6d8c4e06d1ebe4de1ffdae727c7 Mon Sep 17 00:00:00 2001 From: Varun Sharma Date: Fri, 8 Jul 2022 10:53:38 -0700 Subject: [PATCH 26/31] ci: Add GitHub token permissions for workflows Signed-off-by: Varun Sharma --- .github/workflows/backport.yml | 6 ++++++ .github/workflows/basic-eval.yml | 3 +++ .github/workflows/direct-push.yml | 5 +++++ .github/workflows/pending-clear.yml | 5 +++++ .github/workflows/pending-set.yml | 5 +++++ .github/workflows/periodic-merge-24h.yml | 6 ++++++ .github/workflows/periodic-merge-6h.yml | 6 ++++++ 7 files changed, 36 insertions(+) diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 4ee5adfaac1e..53066456f98d 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -8,8 +8,14 @@ on: # the GitHub repository. This means that it should not evaluate user input in a # way that allows code injection. +permissions: + contents: read + jobs: backport: + permissions: + contents: write # for zeebe-io/backport-action to create branch + pull-requests: write # for zeebe-io/backport-action to create PR to backport name: Backport Pull Request if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name)) runs-on: ubuntu-latest diff --git a/.github/workflows/basic-eval.yml b/.github/workflows/basic-eval.yml index 9a196923cf4a..2d31392caf45 100644 --- a/.github/workflows/basic-eval.yml +++ b/.github/workflows/basic-eval.yml @@ -10,6 +10,9 @@ on: # branches: # - master # - release-** +permissions: + contents: read + jobs: tests: runs-on: ubuntu-latest diff --git a/.github/workflows/direct-push.yml b/.github/workflows/direct-push.yml index 082a4806e619..167253ac6db6 100644 --- a/.github/workflows/direct-push.yml +++ b/.github/workflows/direct-push.yml @@ -4,8 +4,13 @@ on: branches: - master - release-** +permissions: + contents: read + jobs: build: + permissions: + contents: write # for peter-evans/commit-comment to comment on commit runs-on: ubuntu-latest if: github.repository_owner == 'NixOS' env: diff --git a/.github/workflows/pending-clear.yml b/.github/workflows/pending-clear.yml index d06b1e2143f1..7e8960597e5c 100644 --- a/.github/workflows/pending-clear.yml +++ b/.github/workflows/pending-clear.yml @@ -4,8 +4,13 @@ on: check_suite: types: [ completed ] +permissions: + contents: read + jobs: action: + permissions: + statuses: write runs-on: ubuntu-latest steps: - name: clear pending status diff --git a/.github/workflows/pending-set.yml b/.github/workflows/pending-set.yml index b15e4847e67c..0dc3031d87c0 100644 --- a/.github/workflows/pending-set.yml +++ b/.github/workflows/pending-set.yml @@ -8,8 +8,13 @@ on: # the GitHub repository. This means that it should not evaluate user input in a # way that allows code injection. +permissions: + contents: read + jobs: action: + permissions: + statuses: write runs-on: ubuntu-latest steps: - name: set pending status diff --git a/.github/workflows/periodic-merge-24h.yml b/.github/workflows/periodic-merge-24h.yml index a6a5ff3af2b7..2eec69f65257 100644 --- a/.github/workflows/periodic-merge-24h.yml +++ b/.github/workflows/periodic-merge-24h.yml @@ -14,8 +14,14 @@ on: # Merge every 24 hours - cron: '0 0 * * *' +permissions: + contents: read + jobs: periodic-merge: + permissions: + contents: write # for devmasx/merge-branch to merge branches + issues: write # for peter-evans/create-or-update-comment to create or update comment if: github.repository_owner == 'NixOS' runs-on: ubuntu-latest strategy: diff --git a/.github/workflows/periodic-merge-6h.yml b/.github/workflows/periodic-merge-6h.yml index 5588d216ea03..bcc9f4883588 100644 --- a/.github/workflows/periodic-merge-6h.yml +++ b/.github/workflows/periodic-merge-6h.yml @@ -14,8 +14,14 @@ on: # Merge every 6 hours - cron: '0 */6 * * *' +permissions: + contents: read + jobs: periodic-merge: + permissions: + contents: write # for devmasx/merge-branch to merge branches + issues: write # for peter-evans/create-or-update-comment to create or update comment if: github.repository_owner == 'NixOS' runs-on: ubuntu-latest strategy: From 44fbd03e79d43023381c1c583c24cccc6f9862fe Mon Sep 17 00:00:00 2001 From: Soham S Gumaste Date: Wed, 6 Jul 2022 09:27:11 -0500 Subject: [PATCH 27/31] maintainers: Add SohamG --- maintainers/maintainer-list.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 796caa7bfc62..a5fc1fd799e9 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -14600,6 +14600,14 @@ github = "snpschaaf"; githubId = 105843013; }; + SohamG = { + email = "sohamg2@gmail.com"; + name = "Soham S Gumaste"; + github = "SohamG"; + keys = [{ + fingerprint = "E067 520F 5EF2 C175 3F60 50C0 BA46 725F 6A26 7442"; + }]; + }; jali-clarke = { email = "jinnah.ali-clarke@outlook.com"; name = "Jinnah Ali-Clarke"; From 23b48c638c3362b7a4fbaddd42296cd78878849c Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 8 Jul 2022 04:35:19 +0000 Subject: [PATCH 28/31] gnome.gnome-boxes: 42.2 -> 42.3 --- pkgs/desktops/gnome/apps/gnome-boxes/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome/apps/gnome-boxes/default.nix b/pkgs/desktops/gnome/apps/gnome-boxes/default.nix index ebf80a2ab504..557243e2be5f 100644 --- a/pkgs/desktops/gnome/apps/gnome-boxes/default.nix +++ b/pkgs/desktops/gnome/apps/gnome-boxes/default.nix @@ -54,11 +54,11 @@ stdenv.mkDerivation rec { pname = "gnome-boxes"; - version = "42.2"; + version = "42.3"; src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz"; - sha256 = "98K8oU3K4oONsR+iyA4jQI41SBeK+GGg1NDcxql4ABU="; + sha256 = "Vu/3+vgwD6oc4U+An468Knu02RWvx7EnNxKXkWBbYNM="; }; patches = [ From 1087880e0b8f022cabbc9a8129ca7a2aa8f16bc6 Mon Sep 17 00:00:00 2001 From: Soham S Gumaste Date: Tue, 5 Jul 2022 22:31:09 -0500 Subject: [PATCH 29/31] ocs-url: init at 3.1.0 This package is used by DE store pages to one click install themes/fonts and other assets. Signed-off-by: Soham S Gumaste --- maintainers/maintainer-list.nix | 1 + pkgs/tools/misc/ocs-url/default.nix | 43 +++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 3 files changed, 46 insertions(+) create mode 100644 pkgs/tools/misc/ocs-url/default.nix diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index a5fc1fd799e9..b10c15775ed6 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -14604,6 +14604,7 @@ email = "sohamg2@gmail.com"; name = "Soham S Gumaste"; github = "SohamG"; + githubId = 7116239; keys = [{ fingerprint = "E067 520F 5EF2 C175 3F60 50C0 BA46 725F 6A26 7442"; }]; diff --git a/pkgs/tools/misc/ocs-url/default.nix b/pkgs/tools/misc/ocs-url/default.nix new file mode 100644 index 000000000000..c5748d6ee4b3 --- /dev/null +++ b/pkgs/tools/misc/ocs-url/default.nix @@ -0,0 +1,43 @@ +{ lib, stdenv, fetchgit, libsForQt5 }: + +stdenv.mkDerivation rec { + name = "ocs-url"; + version = "3.1.0"; + + srcs = [ + (fetchgit { + url = "https://www.opencode.net/dfn2/ocs-url.git"; + rev = "release-${version}"; + sha256 = "RvbkcSj8iUAHAEOyETwfH+3XnCCY/p8XM8LgVrZxrws="; + }) + + (fetchgit { + url = "https://github.com/akiraohgaki/qtil"; + rev = "v0.4.0"; + sha256 = "XRSp0F7ggfkof1RNAnQU3+O9DcXDy81VR7NakITOXrw="; + }) + ]; + + sourceRoot = "ocs-url"; + + buildInputs = with libsForQt5.qt5; [ + qtbase + qtsvg + qtquickcontrols + qmake + wrapQtAppsHook + ]; + + # We are NOT in $sourceRoot here + postUnpack = '' + mkdir -p $sourceRoot/lib/qtil + cp -r qtil/* $sourceRoot/lib/qtil/ + ''; + + meta = with lib; { + description = "Open Collaboration System for use with DE store websites"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ SohamG ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 7d327ea986ea..1489ef9761ee 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1244,6 +1244,8 @@ with pkgs; nominatim = callPackage ../servers/nominatim { }; + ocs-url = libsForQt5.callPackage ../tools/misc/ocs-url { }; + pferd = callPackage ../tools/misc/pferd {}; qFlipper = libsForQt515.callPackage ../tools/misc/qflipper { }; From 1e12b9292c63207eb169ebcbaaee5b99a918d115 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Fri, 8 Jul 2022 19:44:22 +0000 Subject: [PATCH 30/31] nixosTests.mjolnir: fix eval This was broken by a bad merge, where the same attribute was added separately in two different places. Fixes: ef895f6b434 ("Merge pull request #173239 from jojosch/mjolnir-update") --- nixos/tests/matrix/mjolnir.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/tests/matrix/mjolnir.nix b/nixos/tests/matrix/mjolnir.nix index 3864f0ff2bb6..cb843e2e9e3e 100644 --- a/nixos/tests/matrix/mjolnir.nix +++ b/nixos/tests/matrix/mjolnir.nix @@ -45,7 +45,6 @@ import ../make-test-python.nix ( enable_registration = true; enable_registration_without_verification = true; registration_shared_secret = "supersecret-registration"; - enable_registration_without_verification = true; listeners = [ { # The default but tls=false From 9cd306c9eb5b47a44c3a76971eca0938ecfead15 Mon Sep 17 00:00:00 2001 From: Yaya Date: Fri, 8 Jul 2022 23:43:07 +0200 Subject: [PATCH 31/31] gitlab: 15.1.1 -> 15.1.2 (#180258) https://about.gitlab.com/releases/2022/07/04/gitlab-15-1-2-released/ --- pkgs/applications/version-management/gitlab/data.json | 10 +++++----- .../version-management/gitlab/gitaly/default.nix | 4 ++-- .../gitlab/gitlab-workhorse/default.nix | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/pkgs/applications/version-management/gitlab/data.json b/pkgs/applications/version-management/gitlab/data.json index c9d03868bfde..dce348e9f2d0 100644 --- a/pkgs/applications/version-management/gitlab/data.json +++ b/pkgs/applications/version-management/gitlab/data.json @@ -1,14 +1,14 @@ { - "version": "15.1.1", - "repo_hash": "sha256-wCO0Ksi5c8kgerpK/O3IkI6CJARQbQj9nWmnxBVhBIM=", + "version": "15.1.2", + "repo_hash": "sha256-gZCKI2OXKQZzRe3T/nbnRC0qFHnOBVOAST+ky0qmJDc=", "yarn_hash": "19df16gk0vpvdi1idqaakaglf11cic93i5njw0x4m2cnsznhpvz4", "owner": "gitlab-org", "repo": "gitlab", - "rev": "v15.1.1-ee", + "rev": "v15.1.2-ee", "passthru": { - "GITALY_SERVER_VERSION": "15.1.1", + "GITALY_SERVER_VERSION": "15.1.2", "GITLAB_PAGES_VERSION": "1.59.0", "GITLAB_SHELL_VERSION": "14.7.4", - "GITLAB_WORKHORSE_VERSION": "15.1.1" + "GITLAB_WORKHORSE_VERSION": "15.1.2" } } diff --git a/pkgs/applications/version-management/gitlab/gitaly/default.nix b/pkgs/applications/version-management/gitlab/gitaly/default.nix index 22cbc267c6bb..44068644cc6c 100644 --- a/pkgs/applications/version-management/gitlab/gitaly/default.nix +++ b/pkgs/applications/version-management/gitlab/gitaly/default.nix @@ -11,7 +11,7 @@ let gemdir = ./.; }; - version = "15.1.1"; + version = "15.1.2"; package_version = "v${lib.versions.major version}"; gitaly_package = "gitlab.com/gitlab-org/gitaly/${package_version}"; in @@ -24,7 +24,7 @@ buildGoModule { owner = "gitlab-org"; repo = "gitaly"; rev = "v${version}"; - sha256 = "sha256-JMKB6lrmQBbBgXSKinL2shlXRXhZrf4QwoJrm+VpKdE="; + sha256 = "sha256-g/SlrE/NVMYqZaEgKncMLjsfI8jAE0xfyy6rpShsi2Q="; }; vendorSha256 = "sha256-0JWJ2mpf79gJdnNRdlQLi0oDvnj6VmibkW2XcPnaCww="; diff --git a/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix b/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix index 99860d3fc36f..ec0a2f8e99ee 100644 --- a/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix +++ b/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix @@ -5,7 +5,7 @@ in buildGoModule rec { pname = "gitlab-workhorse"; - version = "15.1.1"; + version = "15.1.2"; src = fetchFromGitLab { owner = data.owner;