From 2924c3dcab29c51d22750089e1985838dc838685 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stanis=C5=82aw=20Pitucha?= Date: Tue, 5 Jul 2022 14:57:13 +1000 Subject: [PATCH 01/43] ejson2env: update script and strip --- pkgs/tools/admin/ejson2env/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/admin/ejson2env/default.nix b/pkgs/tools/admin/ejson2env/default.nix index e7ac6d7426da..fae0ce1f7b9a 100644 --- a/pkgs/tools/admin/ejson2env/default.nix +++ b/pkgs/tools/admin/ejson2env/default.nix @@ -1,4 +1,4 @@ -{ buildGoModule, fetchFromGitHub, lib }: +{ lib, buildGoModule, fetchFromGitHub, nix-update-script }: buildGoModule rec { pname = "ejson2env"; @@ -14,9 +14,15 @@ buildGoModule rec { vendorSha256 = "sha256-agWcD8vFNde1SCdkRovMNPf+1KODxV8wW1mXvE0w/CI="; ldflags = [ + "-s" + "-w" "-X main.version=${version}" ]; + passthru.updateScript = nix-update-script { + attrPath = pname; + }; + meta = with lib; { description = "A tool to simplify storing secrets that should be accessible in the shell environment in your git repo."; homepage = "https://github.com/Shopify/ejson2env"; From fa7fbe565ded463f2864f128e8d467d0fd53bdff Mon Sep 17 00:00:00 2001 From: Martin Puppe Date: Thu, 9 Feb 2023 22:36:39 +0100 Subject: [PATCH 02/43] nixos/paperless: apply nixpkgs-fmt --- nixos/modules/services/misc/paperless.nix | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/nixos/modules/services/misc/paperless.nix b/nixos/modules/services/misc/paperless.nix index 667f16d98f82..71ba8fd7075f 100644 --- a/nixos/modules/services/misc/paperless.nix +++ b/nixos/modules/services/misc/paperless.nix @@ -24,12 +24,14 @@ let lib.mapAttrs (_: toString) cfg.extraConfig ); - manage = let - setupEnv = lib.concatStringsSep "\n" (mapAttrsToList (name: val: "export ${name}=\"${val}\"") env); - in pkgs.writeShellScript "manage" '' - ${setupEnv} - exec ${pkg}/bin/paperless-ngx "$@" - ''; + manage = + let + setupEnv = lib.concatStringsSep "\n" (mapAttrsToList (name: val: "export ${name}=\"${val}\"") env); + in + pkgs.writeShellScript "manage" '' + ${setupEnv} + exec ${pkg}/bin/paperless-ngx "$@" + ''; # Secure the services defaultServiceConfig = { @@ -170,7 +172,7 @@ in extraConfig = mkOption { type = types.attrs; - default = {}; + default = { }; description = lib.mdDoc '' Extra paperless config options. From 5e86cc98d713ff8cf57cc0ae876922ca570aca44 Mon Sep 17 00:00:00 2001 From: Jeff Huffman Date: Wed, 15 Feb 2023 17:00:48 -0500 Subject: [PATCH 03/43] discord: disableBreakingUpdates: create settings.json when missing --- .../discord/disable-breaking-updates.py | 26 ++++++++++--------- 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/discord/disable-breaking-updates.py b/pkgs/applications/networking/instant-messengers/discord/disable-breaking-updates.py index a7217d0ad6e0..5413c93665fe 100644 --- a/pkgs/applications/networking/instant-messengers/discord/disable-breaking-updates.py +++ b/pkgs/applications/networking/instant-messengers/discord/disable-breaking-updates.py @@ -22,21 +22,23 @@ XDG_CONFIG_HOME = os.environ.get("XDG_CONFIG_HOME") or os.path.join( settings_path = Path(f"{XDG_CONFIG_HOME}/@configDirName@/settings.json") settings_path_temp = Path(f"{XDG_CONFIG_HOME}/@configDirName@/settings.json.tmp") -try: + +if os.path.exists(settings_path): with settings_path.open(encoding="utf-8") as settings_file: settings = json.load(settings_file) +else: + settings = {} - if settings.get("SKIP_HOST_UPDATE"): - print("[Nix] Disabling updates already done") - else: - skip_host_update = {"SKIP_HOST_UPDATE": True} - settings.update(skip_host_update) +if settings.get("SKIP_HOST_UPDATE"): + print("[Nix] Disabling updates already done") +else: + skip_host_update = {"SKIP_HOST_UPDATE": True} + settings.update(skip_host_update) - with settings_path_temp.open("w", encoding="utf-8") as settings_file_temp: - json.dump(settings, settings_file_temp, indent=2) + os.makedirs(os.path.dirname(settings_path), exist_ok=True) - settings_path_temp.rename(settings_path) - print("[Nix] Disabled updates") + with settings_path_temp.open("w", encoding="utf-8") as settings_file_temp: + json.dump(settings, settings_file_temp, indent=2) -except IOError: - print("[Nix] settings.json doesn't yet exist, can't disable it yet") + settings_path_temp.rename(settings_path) + print("[Nix] Disabled updates") From 857636b0327ad7e092ec6cbd71a7735c885cbebd Mon Sep 17 00:00:00 2001 From: Justinas Stankevicius Date: Sat, 18 Feb 2023 18:43:38 +0200 Subject: [PATCH 04/43] teleport: 11.3.4 -> 12.0.2 --- nixos/doc/manual/release-notes/rl-2305.section.md | 2 +- pkgs/servers/teleport/default.nix | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index d50438ddb611..fee0e51184f1 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -105,7 +105,7 @@ In addition to numerous new and upgraded packages, this release has the followin - The EC2 image module previously detected and automatically mounted ext3-formatted instance store devices and partitions in stage-1 (initramfs), storing `/tmp` on the first discovered device. This behaviour, which only catered to very specific use cases and could not be disabled, has been removed. Users relying on this should provide their own implementation, and probably use ext4 and perform the mount in stage-2. -- `teleport` has been upgraded to major version 11. Please see upstream [upgrade instructions](https://goteleport.com/docs/setup/operations/upgrading/) and [release notes](https://goteleport.com/docs/changelog/#1100). +- `teleport` has been upgraded from major version 10 to major version 12. Please see upstream [upgrade instructions](https://goteleport.com/docs/setup/operations/upgrading/) and release notes for versions [11](https://goteleport.com/docs/changelog/#1100) and [12](https://goteleport.com/docs/changelog/#1201). Note that Teleport does not officially support upgrades across more than one major version. It is recommended to first upgrade to an intermediate 11.x version using an overlay before upgrading to version 12. - The EC2 image module previously detected and activated swap-formatted instance store devices and partitions in stage-1 (initramfs). This behaviour has been removed. Users relying on this should provide their own implementation. diff --git a/pkgs/servers/teleport/default.nix b/pkgs/servers/teleport/default.nix index 52c21cb63674..5a714480db3b 100644 --- a/pkgs/servers/teleport/default.nix +++ b/pkgs/servers/teleport/default.nix @@ -27,13 +27,13 @@ let owner = "gravitational"; repo = "teleport"; rev = "v${version}"; - hash = "sha256-jJfOgcwKkNFO/5XHxMoapZxM8Tb0kEgKVA7SrMU7uW4="; + hash = "sha256-9RD4ETQEXnj3d5YID3f3BghwitdqfcDgNhsk8ixWTW4="; }; - version = "11.3.4"; + version = "12.0.2"; rdpClient = rustPlatform.buildRustPackage rec { pname = "teleport-rdpclient"; - cargoHash = "sha256-TSIwLCY01ygCWT73LR/Ch7NwPQA3a3r0PyL3hUzBNr4="; + cargoHash = "sha256-1ScU5ywq8vz1sWHW2idBsWcB1Xs+aylukBm96dKrwL4="; inherit version src; buildAndTestSubdir = "lib/srv/desktop/rdp/rdpclient"; @@ -56,7 +56,7 @@ let yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - hash = "sha256-MAGeWzA366yzpjdCY0+X6RV5MKcsHa/xD5CJu6ce1FU="; + hash = "sha256-ItRi5EkYrwNB1MIf9l3yyK1BX6vNpL2+H1BlN3Evibg="; }; webassets = stdenv.mkDerivation { @@ -95,7 +95,7 @@ buildGoModule rec { pname = "teleport"; inherit src version; - vendorHash = "sha256-NkiFLEHBNjxUOSuAlVugAV14yCCo3z6yhX7LZQFKhvA="; + vendorHash = "sha256-2sOELuMyg7w/rhnWvnwDiUOsjUfb56JdAbrTGKvGnjs="; proxyVendor = true; subPackages = [ "tool/tbot" "tool/tctl" "tool/teleport" "tool/tsh" ]; From ebdfdae156da6d3a94b3e5119f792e33334d6edb Mon Sep 17 00:00:00 2001 From: Martin Puppe Date: Thu, 9 Feb 2023 22:59:50 +0100 Subject: [PATCH 05/43] nixos/paperless: download NLTK data Since version 1.10.0 paperless-ngx depends on the NLTK library which is used to pre-process data for machine learning. NLTK needs certain data for stemming, stopword removal etc. This data has to be downloaded first. This commit introduces a new systemd service that does the downloading. --- nixos/modules/services/misc/paperless.nix | 30 +++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/nixos/modules/services/misc/paperless.nix b/nixos/modules/services/misc/paperless.nix index 71ba8fd7075f..4199e7713304 100644 --- a/nixos/modules/services/misc/paperless.nix +++ b/nixos/modules/services/misc/paperless.nix @@ -6,6 +6,7 @@ let pkg = cfg.package; defaultUser = "paperless"; + nltkDir = "/var/cache/paperless/nltk"; # Don't start a redis instance if the user sets a custom redis connection enableRedis = !hasAttr "PAPERLESS_REDIS" cfg.extraConfig; @@ -15,6 +16,7 @@ let PAPERLESS_DATA_DIR = cfg.dataDir; PAPERLESS_MEDIA_ROOT = cfg.mediaDir; PAPERLESS_CONSUMPTION_DIR = cfg.consumptionDir; + PAPERLESS_NLTK_DIR = nltkDir; GUNICORN_CMD_ARGS = "--bind=${cfg.address}:${toString cfg.port}"; } // optionalAttrs (config.time.timeZone != null) { PAPERLESS_TIME_ZONE = config.time.timeZone; @@ -49,6 +51,7 @@ let cfg.dataDir cfg.mediaDir ]; + CacheDirectory = "paperless"; CapabilityBoundingSet = ""; # ProtectClock adds DeviceAllow=char-rtc r DeviceAllow = ""; @@ -293,6 +296,33 @@ in }; }; + # Download NLTK corpus data + systemd.services.paperless-download-nltk-data = { + wantedBy = [ "paperless-scheduler.service" ]; + before = [ "paperless-scheduler.service" ]; + after = [ "network-online.target" ]; + serviceConfig = defaultServiceConfig // { + User = cfg.user; + Type = "oneshot"; + # Enable internet access + PrivateNetwork = false; + # Restrict write access + BindPaths = []; + BindReadOnlyPaths = [ + "/nix/store" + "-/etc/resolv.conf" + "-/etc/nsswitch.conf" + "-/etc/ssl/certs" + "-/etc/static/ssl/certs" + "-/etc/hosts" + "-/etc/localtime" + ]; + ExecStart = let pythonWithNltk = pkg.python.withPackages (ps: [ ps.nltk ]); in '' + ${pythonWithNltk}/bin/python -m nltk.downloader -d '${nltkDir}' punkt snowball_data stopwords + ''; + }; + }; + systemd.services.paperless-consumer = { description = "Paperless document consumer"; # Bind to `paperless-scheduler` so that the consumer never runs From 7be1ecb2dca7eb5e9119f406bdb8aacaff4dcd0d Mon Sep 17 00:00:00 2001 From: Martin Puppe Date: Sun, 12 Feb 2023 16:31:50 +0100 Subject: [PATCH 06/43] paperless-ngx: update homepage URL --- pkgs/applications/office/paperless-ngx/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/office/paperless-ngx/default.nix b/pkgs/applications/office/paperless-ngx/default.nix index 61c607c422e8..c9cd38a37bf7 100644 --- a/pkgs/applications/office/paperless-ngx/default.nix +++ b/pkgs/applications/office/paperless-ngx/default.nix @@ -317,7 +317,7 @@ python.pkgs.buildPythonApplication rec { meta = with lib; { description = "Tool to scan, index, and archive all of your physical documents"; - homepage = "https://paperless-ngx.readthedocs.io/"; + homepage = "https://docs.paperless-ngx.com/"; changelog = "https://github.com/paperless-ngx/paperless-ngx/releases/tag/v${version}"; license = licenses.gpl3Only; maintainers = with maintainers; [ lukegb gador erikarvstedt ]; From 477440f9d79294108d0437dbc9a3d354a42897d8 Mon Sep 17 00:00:00 2001 From: Vladimir Pouzanov Date: Mon, 27 Feb 2023 17:36:01 +0000 Subject: [PATCH 07/43] ali: init at 0.7.5 Adds ali, the HTTP benchmark tool that plots the results in real time. --- pkgs/tools/networking/ali/default.nix | 26 ++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 28 insertions(+) create mode 100644 pkgs/tools/networking/ali/default.nix diff --git a/pkgs/tools/networking/ali/default.nix b/pkgs/tools/networking/ali/default.nix new file mode 100644 index 000000000000..f65829c9906b --- /dev/null +++ b/pkgs/tools/networking/ali/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "ali"; + version = "0.7.5"; + + src = fetchFromGitHub { + owner = "nakabonne"; + repo = "ali"; + rev = "refs/tags/v${version}"; + hash = "sha256-/pdHlI20IzSTX2pnsbxPiJiWmOCbp13eJWLi0Tcsueg="; + }; + + vendorHash = "sha256-YWx9K04kTMaI0FXebwRQVCt0nxIwZ6xlbtI2lk3qp0M="; + + meta = with lib; { + description = "Generate HTTP load and plot the results in real-time"; + homepage = "https://github.com/nakabonne/ali"; + license = licenses.mit; + platforms = platforms.linux ++ platforms.darwin; + maintainers = with maintainers; [ farcaller ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 6c805f3ecd27..95c658e8df50 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -39320,4 +39320,6 @@ with pkgs; volantes-cursors = callPackage ../data/icons/volantes-cursors { }; gnss-share = callPackage ../servers/gnss-share { }; + + ali = callPackage ../tools/networking/ali { }; } From 8435101b6402b57bd29695d9fffa6afef3734fc8 Mon Sep 17 00:00:00 2001 From: Piper McCorkle Date: Mon, 27 Feb 2023 13:49:10 -0600 Subject: [PATCH 08/43] cloudflared: 2023.2.1 -> 2023.2.2 --- pkgs/applications/networking/cloudflared/default.nix | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/pkgs/applications/networking/cloudflared/default.nix b/pkgs/applications/networking/cloudflared/default.nix index 518a44232960..d17acc7fdb46 100644 --- a/pkgs/applications/networking/cloudflared/default.nix +++ b/pkgs/applications/networking/cloudflared/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "cloudflared"; - version = "2023.2.1"; + version = "2023.2.2"; src = fetchFromGitHub { owner = "cloudflare"; repo = "cloudflared"; rev = version; - hash = "sha256-vhcz/uk1sBt7XytXQYcPreoPfNz7fdPVE+j+FTH7tPc="; + hash = "sha256-qZ3h8KZLGSH+sqUs0wof5arKvcps1DdqBnT+coWEiys="; }; vendorSha256 = null; @@ -52,11 +52,6 @@ buildGoModule rec { substituteInPlace "ingress/icmp_posix_test.go" \ --replace "TestReuseFunnel" "SkipReuseFunnel" - # Workaround for: supervisor_test.go:49: - # Expected nil, but got: Could not lookup srv records on _us-v2-origintunneld._tcp.argotunnel.com: lookup _us-v2-origintunneld._tcp.argotunnel.com on [::1]:53: read udp [::1]:49342->[::1]:53: read: connection refused - substituteInPlace "supervisor/supervisor_test.go" \ - --replace "Test_Initialize_Same_Protocol" "Skip_Initialize_Same_Protocol" - # Workaround for: manager_test.go:197: # Should be false substituteInPlace "datagramsession/manager_test.go" \ From 6f1c82c7f84c97fd94630d3e8a60f3de6f4460cb Mon Sep 17 00:00:00 2001 From: Justinas Stankevicius Date: Thu, 23 Feb 2023 20:14:50 +0200 Subject: [PATCH 09/43] teleport_11: init at 11.3.5 --- pkgs/servers/teleport/11.nix | 8 ++++++++ pkgs/servers/teleport/12.nix | 8 ++++++++ .../teleport/{default.nix => generic.nix} | 16 +++++++++++----- pkgs/top-level/all-packages.nix | 6 +++++- 4 files changed, 32 insertions(+), 6 deletions(-) create mode 100644 pkgs/servers/teleport/11.nix create mode 100644 pkgs/servers/teleport/12.nix rename pkgs/servers/teleport/{default.nix => generic.nix} (92%) diff --git a/pkgs/servers/teleport/11.nix b/pkgs/servers/teleport/11.nix new file mode 100644 index 000000000000..ee6758053cc9 --- /dev/null +++ b/pkgs/servers/teleport/11.nix @@ -0,0 +1,8 @@ +{ callPackage, ... }@args: +callPackage ./generic.nix ({ + version = "11.3.5"; + hash = "sha256-/InWly0jCiPBlgM/qgS6ErMv7Hhg5PW9sldda1oaUIg="; + vendorHash = "sha256-NkiFLEHBNjxUOSuAlVugAV14yCCo3z6yhX7LZQFKhvA="; + cargoHash = "sha256-02qo6i6GuRAYKDKA7k2hDq2O6ayEQbeGhFS2g3b9Wuo="; + yarnHash = "sha256-kvnVmDZ/jISaaS97KM0WbPJU7Y8XWOeHrDLT0iXRyfc="; +} // builtins.removeAttrs args [ "callPackage" ]) diff --git a/pkgs/servers/teleport/12.nix b/pkgs/servers/teleport/12.nix new file mode 100644 index 000000000000..1182df971481 --- /dev/null +++ b/pkgs/servers/teleport/12.nix @@ -0,0 +1,8 @@ +{ callPackage, ... }@args: +callPackage ./generic.nix ({ + version = "12.0.2"; + hash = "sha256-9RD4ETQEXnj3d5YID3f3BghwitdqfcDgNhsk8ixWTW4="; + vendorHash = "sha256-2sOELuMyg7w/rhnWvnwDiUOsjUfb56JdAbrTGKvGnjs="; + cargoHash = "sha256-1ScU5ywq8vz1sWHW2idBsWcB1Xs+aylukBm96dKrwL4="; + yarnHash = "sha256-ItRi5EkYrwNB1MIf9l3yyK1BX6vNpL2+H1BlN3Evibg="; +} // builtins.removeAttrs args [ "callPackage" ]) diff --git a/pkgs/servers/teleport/default.nix b/pkgs/servers/teleport/generic.nix similarity index 92% rename from pkgs/servers/teleport/default.nix rename to pkgs/servers/teleport/generic.nix index 5a714480db3b..a811204e09ab 100644 --- a/pkgs/servers/teleport/default.nix +++ b/pkgs/servers/teleport/generic.nix @@ -20,6 +20,12 @@ , nixosTests , withRdpClient ? true + +, version +, hash +, vendorHash +, cargoHash +, yarnHash }: let # This repo has a private submodule "e" which fetchgit cannot handle without failing. @@ -27,13 +33,13 @@ let owner = "gravitational"; repo = "teleport"; rev = "v${version}"; - hash = "sha256-9RD4ETQEXnj3d5YID3f3BghwitdqfcDgNhsk8ixWTW4="; + inherit hash; }; - version = "12.0.2"; + inherit version; rdpClient = rustPlatform.buildRustPackage rec { pname = "teleport-rdpclient"; - cargoHash = "sha256-1ScU5ywq8vz1sWHW2idBsWcB1Xs+aylukBm96dKrwL4="; + inherit cargoHash; inherit version src; buildAndTestSubdir = "lib/srv/desktop/rdp/rdpclient"; @@ -56,7 +62,7 @@ let yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - hash = "sha256-ItRi5EkYrwNB1MIf9l3yyK1BX6vNpL2+H1BlN3Evibg="; + hash = yarnHash; }; webassets = stdenv.mkDerivation { @@ -95,7 +101,7 @@ buildGoModule rec { pname = "teleport"; inherit src version; - vendorHash = "sha256-2sOELuMyg7w/rhnWvnwDiUOsjUfb56JdAbrTGKvGnjs="; + inherit vendorHash; proxyVendor = true; subPackages = [ "tool/tbot" "tool/tctl" "tool/teleport" "tool/tsh" ]; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e10d2ee250f5..631da35aff00 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12515,9 +12515,13 @@ with pkgs; telegraf = callPackage ../servers/monitoring/telegraf { }; - teleport = callPackage ../servers/teleport { + teleport_11 = callPackage ../servers/teleport/11.nix { inherit (darwin.apple_sdk.frameworks) CoreFoundation Security AppKit; }; + teleport_12 = callPackage ../servers/teleport/12.nix { + inherit (darwin.apple_sdk.frameworks) CoreFoundation Security AppKit; + }; + teleport = teleport_12; telepresence = callPackage ../tools/networking/telepresence { pythonPackages = python3Packages; From 31b5597cbdf327340b361704f02768650de57f38 Mon Sep 17 00:00:00 2001 From: Justinas Stankevicius Date: Thu, 23 Feb 2023 20:15:12 +0200 Subject: [PATCH 10/43] nixos/teleport: add "package" option --- .../manual/release-notes/rl-2305.section.md | 2 +- .../modules/services/networking/teleport.nix | 12 ++- nixos/tests/teleport.nix | 82 +++++++++++-------- 3 files changed, 60 insertions(+), 36 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index fee0e51184f1..b02065e97221 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -105,7 +105,7 @@ In addition to numerous new and upgraded packages, this release has the followin - The EC2 image module previously detected and automatically mounted ext3-formatted instance store devices and partitions in stage-1 (initramfs), storing `/tmp` on the first discovered device. This behaviour, which only catered to very specific use cases and could not be disabled, has been removed. Users relying on this should provide their own implementation, and probably use ext4 and perform the mount in stage-2. -- `teleport` has been upgraded from major version 10 to major version 12. Please see upstream [upgrade instructions](https://goteleport.com/docs/setup/operations/upgrading/) and release notes for versions [11](https://goteleport.com/docs/changelog/#1100) and [12](https://goteleport.com/docs/changelog/#1201). Note that Teleport does not officially support upgrades across more than one major version. It is recommended to first upgrade to an intermediate 11.x version using an overlay before upgrading to version 12. +- `teleport` has been upgraded from major version 10 to major version 12. Please see upstream [upgrade instructions](https://goteleport.com/docs/setup/operations/upgrading/) and release notes for versions [11](https://goteleport.com/docs/changelog/#1100) and [12](https://goteleport.com/docs/changelog/#1201). Note that Teleport does not officially support upgrades across more than one major version at a time. If you're running Teleport server components, it is recommended to first upgrade to an intermediate 11.x version by setting `services.teleport.package = pkgs.teleport_11`. Afterwards, this option can be removed to upgrade to the default version (12). - The EC2 image module previously detected and activated swap-formatted instance store devices and partitions in stage-1 (initramfs). This behaviour has been removed. Users relying on this should provide their own implementation. diff --git a/nixos/modules/services/networking/teleport.nix b/nixos/modules/services/networking/teleport.nix index 6433554f87da..399af711c0e1 100644 --- a/nixos/modules/services/networking/teleport.nix +++ b/nixos/modules/services/networking/teleport.nix @@ -11,6 +11,14 @@ in services.teleport = with lib.types; { enable = mkEnableOption (lib.mdDoc "the Teleport service"); + package = mkOption { + type = types.package; + default = pkgs.teleport; + defaultText = lib.literalMD "pkgs.teleport"; + example = lib.literalMD "pkgs.teleport_11"; + description = lib.mdDoc "The teleport package to use"; + }; + settings = mkOption { type = settingsYaml.type; default = { }; @@ -74,14 +82,14 @@ in }; config = mkIf config.services.teleport.enable { - environment.systemPackages = [ pkgs.teleport ]; + environment.systemPackages = [ cfg.package ]; systemd.services.teleport = { wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; serviceConfig = { ExecStart = '' - ${pkgs.teleport}/bin/teleport start \ + ${cfg.package}/bin/teleport start \ ${optionalString cfg.insecure.enable "--insecure"} \ ${optionalString cfg.diag.enable "--diag-addr=${cfg.diag.addr}:${toString cfg.diag.port}"} \ ${optionalString (cfg.settings != { }) "--config=${settingsYaml.generate "teleport.yaml" cfg.settings}"} diff --git a/nixos/tests/teleport.nix b/nixos/tests/teleport.nix index 34bf1bc0c70d..49adb2dd4a41 100644 --- a/nixos/tests/teleport.nix +++ b/nixos/tests/teleport.nix @@ -1,18 +1,28 @@ { system ? builtins.currentSystem , config ? { } , pkgs ? import ../.. { inherit system config; } +, lib ? pkgs.lib }: with import ../lib/testing-python.nix { inherit system pkgs; }; let - minimal = { config, ... }: { - services.teleport.enable = true; + packages = with pkgs; { + "default" = teleport; + "11" = teleport_11; }; - client = { config, ... }: { + minimal = package: { services.teleport = { enable = true; + inherit package; + }; + }; + + client = package: { + services.teleport = { + enable = true; + inherit package; settings = { teleport = { nodename = "client"; @@ -37,9 +47,10 @@ let }]; }; - server = { config, ... }: { + server = package: { services.teleport = { enable = true; + inherit package; settings = { teleport = { nodename = "server"; @@ -64,36 +75,41 @@ let }; }; in -{ - minimal = makeTest { - # minimal setup should always work - name = "teleport-minimal-setup"; - meta.maintainers = with pkgs.lib.maintainers; [ ymatsiuk ]; - nodes = { inherit minimal; }; +lib.concatMapAttrs + (name: package: { + "minimal_${name}" = makeTest { + # minimal setup should always work + name = "teleport-minimal-setup"; + meta.maintainers = with pkgs.lib.maintainers; [ ymatsiuk ]; + nodes.minimal = minimal package; - testScript = '' - minimal.wait_for_open_port(3025) - minimal.wait_for_open_port(3080) - minimal.wait_for_open_port(3022) - ''; - }; + testScript = '' + minimal.wait_for_open_port(3025) + minimal.wait_for_open_port(3080) + minimal.wait_for_open_port(3022) + ''; + }; - basic = makeTest { - # basic server and client test - name = "teleport-server-client"; - meta.maintainers = with pkgs.lib.maintainers; [ ymatsiuk ]; - nodes = { inherit server client; }; + "basic_${name}" = makeTest { + # basic server and client test + name = "teleport-server-client"; + meta.maintainers = with pkgs.lib.maintainers; [ ymatsiuk ]; + nodes = { + server = server package; + client = client package; + }; - testScript = '' - with subtest("teleport ready"): - server.wait_for_open_port(3025) - client.wait_for_open_port(3022) + testScript = '' + with subtest("teleport ready"): + server.wait_for_open_port(3025) + client.wait_for_open_port(3022) - with subtest("check applied configuration"): - server.wait_until_succeeds("tctl get nodes --format=json | ${pkgs.jq}/bin/jq -e '.[] | select(.spec.hostname==\"client\") | .metadata.labels.role==\"client\"'") - server.wait_for_open_port(3000) - client.succeed("journalctl -u teleport.service --grep='DEBU'") - server.succeed("journalctl -u teleport.service --grep='Starting teleport in insecure mode.'") - ''; - }; -} + with subtest("check applied configuration"): + server.wait_until_succeeds("tctl get nodes --format=json | ${pkgs.jq}/bin/jq -e '.[] | select(.spec.hostname==\"client\") | .metadata.labels.role==\"client\"'") + server.wait_for_open_port(3000) + client.succeed("journalctl -u teleport.service --grep='DEBU'") + server.succeed("journalctl -u teleport.service --grep='Starting teleport in insecure mode.'") + ''; + }; + }) + packages From e831a3da9883a3bd813d1ab2accaa9a85841461c Mon Sep 17 00:00:00 2001 From: Justinas Stankevicius Date: Tue, 28 Feb 2023 13:08:24 +0200 Subject: [PATCH 11/43] nixos/tests/teleport: make justinas the maintainer --- nixos/tests/teleport.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/tests/teleport.nix b/nixos/tests/teleport.nix index 49adb2dd4a41..cdf762b12844 100644 --- a/nixos/tests/teleport.nix +++ b/nixos/tests/teleport.nix @@ -80,7 +80,7 @@ lib.concatMapAttrs "minimal_${name}" = makeTest { # minimal setup should always work name = "teleport-minimal-setup"; - meta.maintainers = with pkgs.lib.maintainers; [ ymatsiuk ]; + meta.maintainers = with pkgs.lib.maintainers; [ justinas ]; nodes.minimal = minimal package; testScript = '' @@ -93,7 +93,7 @@ lib.concatMapAttrs "basic_${name}" = makeTest { # basic server and client test name = "teleport-server-client"; - meta.maintainers = with pkgs.lib.maintainers; [ ymatsiuk ]; + meta.maintainers = with pkgs.lib.maintainers; [ justinas ]; nodes = { server = server package; client = client package; From c295a9fdce3650e157eb9503e10186b27d5db285 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Wed, 1 Mar 2023 04:20:00 +0000 Subject: [PATCH 12/43] pgformatter: fix uninitialized variable error --- pkgs/development/tools/pgformatter/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkgs/development/tools/pgformatter/default.nix b/pkgs/development/tools/pgformatter/default.nix index 9704788141c7..22e7116fb6cd 100644 --- a/pkgs/development/tools/pgformatter/default.nix +++ b/pkgs/development/tools/pgformatter/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, perlPackages, fetchFromGitHub, shortenPerlShebang }: +{ lib, stdenv, perlPackages, fetchFromGitHub, fetchpatch, shortenPerlShebang }: perlPackages.buildPerlPackage rec { pname = "pgformatter"; @@ -18,6 +18,14 @@ perlPackages.buildPerlPackage rec { # Avoid creating perllocal.pod, which contains a timestamp installTargets = [ "pure_install" ]; + patches = [ + # Fix an uninitialized variable error. Remove with the next release. + (fetchpatch { + url = "https://github.com/darold/pgFormatter/commit/c2622c47d48cee47effecbf58a588c3cd3a7bf1a.patch"; + sha256 = "sha256-WnQIOvfuzL2HrwtL0HaaYObrBxhXDu82jxGcqggQVhc="; + }) + ]; + # Makefile.PL only accepts DESTDIR and INSTALLDIRS, but we need to set more to make this work for NixOS. patchPhase = '' substituteInPlace pg_format \ From 432744c1ff880fcc619d81e8f8fb06b2c5ac04b2 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Wed, 1 Mar 2023 04:20:00 +0000 Subject: [PATCH 13/43] python310Packages.pglast: 5.0 -> 5.1 --- pkgs/development/python-modules/pglast/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pglast/default.nix b/pkgs/development/python-modules/pglast/default.nix index 7c0f38b525d6..81445ebdeded 100644 --- a/pkgs/development/python-modules/pglast/default.nix +++ b/pkgs/development/python-modules/pglast/default.nix @@ -8,14 +8,14 @@ buildPythonPackage rec { pname = "pglast"; - version = "5.0"; + version = "5.1"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-bR/e5pZCrnMCUt9zEszI0aVlqezTzwR3DIdpXv/6qGM="; + hash = "sha256-fHWJWgy/Ven5m2Cf81rG/ZKmFFWiLJsIPVxFe+rr+ms="; }; propagatedBuildInputs = [ From 99bbc28d2cca7e61810a14a53b1dff3ad1e3f393 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stanis=C5=82aw=20Pitucha?= Date: Tue, 28 Feb 2023 21:27:20 +1100 Subject: [PATCH 14/43] rubyPackages.libxml-ruby: fix darwin build --- pkgs/development/ruby-modules/gem-config/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/development/ruby-modules/gem-config/default.nix b/pkgs/development/ruby-modules/gem-config/default.nix index 9a0c93038b45..c9729649a616 100644 --- a/pkgs/development/ruby-modules/gem-config/default.nix +++ b/pkgs/development/ruby-modules/gem-config/default.nix @@ -403,6 +403,9 @@ in buildFlags = [ "--with-xml2-lib=${libxml2.out}/lib" "--with-xml2-include=${libxml2.dev}/include/libxml2" + ] ++ lib.optionals stdenv.isDarwin [ + "--with-iconv-dir=${libiconv}" + "--with-opt-include=${libiconv}/include" ]; }; From 4dbf6c0264f69605324503bbf7a1aa96f6a6f63e Mon Sep 17 00:00:00 2001 From: squalus Date: Wed, 1 Mar 2023 08:05:59 -0800 Subject: [PATCH 15/43] librewolf: 110.0-1 -> 110.0.1-1 --- .../networking/browsers/librewolf/src.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/networking/browsers/librewolf/src.json b/pkgs/applications/networking/browsers/librewolf/src.json index 009569f9c5c3..4739c7d5a37c 100644 --- a/pkgs/applications/networking/browsers/librewolf/src.json +++ b/pkgs/applications/networking/browsers/librewolf/src.json @@ -1,11 +1,11 @@ { - "packageVersion": "110.0-1", + "packageVersion": "110.0.1-1", "source": { - "rev": "110.0-1", - "sha256": "1fs8z7b1ly3asmgqc4lnidf8k5apaimc875rqm7rqg360bc1qg2p" + "rev": "110.0.1-1", + "sha256": "06k33gf2q77w3airgbqmki555pp2yv33cbkivbi4hgz80zl1m4i3" }, "firefox": { - "version": "110.0", - "sha512": "52a37a8f59a694c4790c0a14cd81fba9e2c982f64e00191afd0897c39ae1d5e25f24cff16f74d0a0b5cdf8e93a9a0974b6042b0de605cf1a533ef4e6a3c0dcf9" + "version": "110.0.1", + "sha512": "42c6a99a3874a0f60121188c43788fb35577734d9366c3f89ad41b8328cc542ce172ec81ca35b9ea551eaa698197ccdb43922ec3215d311e0770aaaa59625d21" } } From 93e07311528da088606a2e99945b6f7b75df11ad Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 1 Mar 2023 22:31:25 +0100 Subject: [PATCH 16/43] exploitdb: 2023-02-28 -> 2023-03-01 --- pkgs/tools/security/exploitdb/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index 46852f61e970..b5b4e1454c30 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-02-28"; + version = "2023-03-01"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-hEuOGnAWyX3oBfrUWBhT58WAjDWTWeLIYuyfUs3q0Jc="; + hash = "sha256-+1yu5R3JUmp6PylmkIWZlEXlq05fi9Lb1q36iBPWdso="; }; nativeBuildInputs = [ From 7a818c55bc379c23467f8bcd7304ae703b32197f Mon Sep 17 00:00:00 2001 From: Aaron VonderHaar Date: Wed, 1 Mar 2023 13:38:02 -0800 Subject: [PATCH 17/43] elm-format: 0.8.5 -> 0.8.6 --- pkgs/development/compilers/elm/default.nix | 70 +++++++++++-------- .../compilers/elm/packages/avh4-lib.nix | 14 ++-- .../compilers/elm/packages/elm-format-lib.nix | 24 +++---- .../elm/packages/elm-format-markdown.nix | 4 +- .../elm/packages/elm-format-test-lib.nix | 16 ++--- .../compilers/elm/packages/elm-format.nix | 28 ++++---- 6 files changed, 85 insertions(+), 71 deletions(-) diff --git a/pkgs/development/compilers/elm/default.nix b/pkgs/development/compilers/elm/default.nix index e5ccffc7e76a..1005bd27469a 100644 --- a/pkgs/development/compilers/elm/default.nix +++ b/pkgs/development/compilers/elm/default.nix @@ -7,7 +7,8 @@ let fetchElmDeps = pkgs.callPackage ./fetchElmDeps.nix { }; - hsPkgs = self: pkgs.haskell.packages.ghc810.override { + # Haskell packages that require ghc 8.10 + hs810Pkgs = self: pkgs.haskell.packages.ghc810.override { overrides = self: super: with pkgs.haskell.lib.compose; with lib; let elmPkgs = rec { elm = overrideCabal (drv: { @@ -31,20 +32,6 @@ let maintainers = with maintainers; [ domenkozar turbomack ]; }) (self.callPackage ./packages/elm.nix { }); - /* - The elm-format expression is updated via a script in the https://github.com/avh4/elm-format repo: - `package/nix/build.sh` - */ - elm-format = justStaticExecutables (overrideCabal (drv: { - jailbreak = true; - doCheck = assert (drv.version == "0.8.5"); false; # golden tests fail with optparse-applicative 0.17 - - description = "Formats Elm source code according to a standard set of rules based on the official Elm Style Guide"; - homepage = "https://github.com/avh4/elm-format"; - license = licenses.bsd3; - maintainers = with maintainers; [ avh4 turbomack ]; - }) (self.callPackage ./packages/elm-format.nix {})); - elmi-to-json = justStaticExecutables (overrideCabal (drv: { prePatch = '' substituteInPlace package.yaml --replace "- -Werror" "" @@ -84,23 +71,48 @@ let # aeson 2.0.3.0 does not build with attoparsec_0_13_2_5 aeson = self.aeson_1_5_6_0; - # Needed for elm-format + # elm-instrument needs this indents = self.callPackage ./packages/indents.nix {}; - bimap = self.callPackage ./packages/bimap.nix {}; + + # elm-instrument's tests depend on an old version of elm-format, but we set doCheck to false for other reasons above + elm-format = null; + }; + }; + + # Haskell packages that require ghc 9.2 + hs92Pkgs = self: pkgs.haskell.packages.ghc92.override { + overrides = self: super: with pkgs.haskell.lib.compose; with lib; + let elmPkgs = rec { + /* + The elm-format expression is updated via a script in the https://github.com/avh4/elm-format repo: + `package/nix/build.sh` + */ + elm-format = justStaticExecutables (overrideCabal (drv: { + jailbreak = true; + + description = "Formats Elm source code according to a standard set of rules based on the official Elm Style Guide"; + homepage = "https://github.com/avh4/elm-format"; + license = licenses.bsd3; + maintainers = with maintainers; [ avh4 turbomack ]; + }) (self.callPackage ./packages/elm-format.nix {})); + }; + in elmPkgs // { + inherit elmPkgs; + + # Needed for elm-format avh4-lib = doJailbreak (self.callPackage ./packages/avh4-lib.nix {}); elm-format-lib = doJailbreak (self.callPackage ./packages/elm-format-lib.nix {}); - # We need tasty-hspec < 1.1.7 and hspec-golden < 0.2 to build elm-format-lib - tasty-hspec = self.tasty-hspec_1_1_6; - hspec-golden = self.hspec-golden_0_1_0_3; - - # We need hspec hspec_core, hspec_discover < 2.8 for tasty-hspec == 1.1.6 - hspec = self.hspec_2_7_10; - hspec-core = self.hspec-core_2_7_10; - hspec-discover = self.hspec-discover_2_7_10; - hspec-meta = self.hspec-meta_2_7_8; - elm-format-test-lib = self.callPackage ./packages/elm-format-test-lib.nix {}; elm-format-markdown = self.callPackage ./packages/elm-format-markdown.nix {}; + + # elm-format requires text >= 2.0 + text = self.text_2_0_1; + # elm-format-lib requires hspec-golden < 0.2 + hspec-golden = self.hspec-golden_0_1_0_3; + # unorderd-container's tests indirectly depend on text < 2.0 + unordered-containers = overrideCabal (drv: { doCheck = false; }) super.unordered-containers; + # relude-1.1.0.0's tests depend on hedgehog < 1.2, which indirectly depends on text < 2.0 + relude = overrideCabal (drv: { doCheck = false; }) super.relude; }; }; @@ -122,7 +134,7 @@ in lib.makeScope pkgs.newScope (self: with self; { `patchNpmElm` function also defined in `packages/lib.nix`. */ elmLib = let - hsElmPkgs = hsPkgs self; + hsElmPkgs = hs810Pkgs self; in import ./packages/lib.nix { inherit lib; inherit (pkgs) writeScriptBin stdenv; @@ -141,7 +153,7 @@ in lib.makeScope pkgs.newScope (self: with self; { maintainers = [ maintainers.turbomack ]; }; }; -} // (hsPkgs self).elmPkgs // (with elmLib; with (hsPkgs self).elmPkgs; { +} // (hs810Pkgs self).elmPkgs // (hs92Pkgs self).elmPkgs // (with elmLib; with (hs810Pkgs self).elmPkgs; { elm-verify-examples = patchBinwrap [elmi-to-json] nodePkgs.elm-verify-examples // { meta = with lib; nodePkgs.elm-verify-examples.meta // { description = "Verify examples in your docs"; diff --git a/pkgs/development/compilers/elm/packages/avh4-lib.nix b/pkgs/development/compilers/elm/packages/avh4-lib.nix index cd3df7d67a96..96ee35af27c9 100644 --- a/pkgs/development/compilers/elm/packages/avh4-lib.nix +++ b/pkgs/development/compilers/elm/packages/avh4-lib.nix @@ -1,26 +1,26 @@ { mkDerivation, ansi-terminal, ansi-wl-pprint, array, base, bimap , binary, bytestring, containers, directory, fetchgit, filepath -, lib, mtl, process, relude, tasty, tasty-discover, tasty-hspec -, tasty-hunit, text +, lib, mtl, pooled-io, process, relude, tasty, tasty-discover +, tasty-hspec, tasty-hunit, text }: mkDerivation { pname = "avh4-lib"; version = "0.0.0.1"; src = fetchgit { url = "https://github.com/avh4/elm-format"; - sha256 = "0bcjkcs1dy1csz0mpk7d4b5wf93fsj9p86x8fp42mb0pipdd0bh6"; - rev = "80f15d85ee71e1663c9b53903f2b5b2aa444a3be"; + sha256 = "1aiq3mv2ycv6bal5hnz6k33bzmnnidzxxs5b6z9y6lvmr0lbf3j4"; + rev = "7e80dd48dd9b30994e43f4804b2ea7118664e8e0"; fetchSubmodules = true; }; postUnpack = "sourceRoot+=/avh4-lib; echo source root reset to $sourceRoot"; libraryHaskellDepends = [ ansi-terminal ansi-wl-pprint array base bimap binary bytestring - containers directory filepath mtl process relude text + containers directory filepath mtl pooled-io process relude text ]; testHaskellDepends = [ ansi-terminal ansi-wl-pprint array base bimap binary bytestring - containers directory filepath mtl process relude tasty tasty-hspec - tasty-hunit text + containers directory filepath mtl pooled-io process relude tasty + tasty-hspec tasty-hunit text ]; testToolDepends = [ tasty-discover ]; doHaddock = false; diff --git a/pkgs/development/compilers/elm/packages/elm-format-lib.nix b/pkgs/development/compilers/elm/packages/elm-format-lib.nix index 7beb52e8006e..255e43af6917 100644 --- a/pkgs/development/compilers/elm/packages/elm-format-lib.nix +++ b/pkgs/development/compilers/elm/packages/elm-format-lib.nix @@ -1,30 +1,30 @@ -{ mkDerivation, ansi-terminal, ansi-wl-pprint, array, avh4-lib -, base, bimap, binary, bytestring, containers, directory +{ mkDerivation, aeson, ansi-terminal, ansi-wl-pprint, array +, avh4-lib, base, bimap, binary, bytestring, containers, directory , elm-format-markdown, elm-format-test-lib, fetchgit, filepath -, indents, json, lib, mtl, optparse-applicative, parsec, process -, relude, split, tasty, tasty-discover, tasty-hspec, tasty-hunit -, text +, ghc-prim, hspec, lib, mtl, optparse-applicative, process, relude +, split, tasty, tasty-discover, tasty-hspec, tasty-hunit, text }: mkDerivation { pname = "elm-format-lib"; version = "0.0.0.1"; src = fetchgit { url = "https://github.com/avh4/elm-format"; - sha256 = "0bcjkcs1dy1csz0mpk7d4b5wf93fsj9p86x8fp42mb0pipdd0bh6"; - rev = "80f15d85ee71e1663c9b53903f2b5b2aa444a3be"; + sha256 = "1aiq3mv2ycv6bal5hnz6k33bzmnnidzxxs5b6z9y6lvmr0lbf3j4"; + rev = "7e80dd48dd9b30994e43f4804b2ea7118664e8e0"; fetchSubmodules = true; }; postUnpack = "sourceRoot+=/elm-format-lib; echo source root reset to $sourceRoot"; libraryHaskellDepends = [ - ansi-terminal ansi-wl-pprint array avh4-lib base bimap binary + aeson ansi-terminal ansi-wl-pprint array avh4-lib base bimap binary bytestring containers directory elm-format-markdown filepath - indents json mtl optparse-applicative parsec process relude text + ghc-prim mtl optparse-applicative process relude text ]; testHaskellDepends = [ - ansi-terminal ansi-wl-pprint array avh4-lib base bimap binary + aeson ansi-terminal ansi-wl-pprint array avh4-lib base bimap binary bytestring containers directory elm-format-markdown - elm-format-test-lib filepath indents json mtl optparse-applicative - parsec process relude split tasty tasty-hspec tasty-hunit text + elm-format-test-lib filepath ghc-prim hspec mtl + optparse-applicative process relude split tasty tasty-hspec + tasty-hunit text ]; testToolDepends = [ tasty-discover ]; doHaddock = false; diff --git a/pkgs/development/compilers/elm/packages/elm-format-markdown.nix b/pkgs/development/compilers/elm/packages/elm-format-markdown.nix index ae3b40347dbb..f5cc03c95326 100644 --- a/pkgs/development/compilers/elm/packages/elm-format-markdown.nix +++ b/pkgs/development/compilers/elm/packages/elm-format-markdown.nix @@ -4,8 +4,8 @@ mkDerivation { version = "0.0.0.1"; src = fetchgit { url = "https://github.com/avh4/elm-format"; - sha256 = "0bcjkcs1dy1csz0mpk7d4b5wf93fsj9p86x8fp42mb0pipdd0bh6"; - rev = "80f15d85ee71e1663c9b53903f2b5b2aa444a3be"; + sha256 = "1aiq3mv2ycv6bal5hnz6k33bzmnnidzxxs5b6z9y6lvmr0lbf3j4"; + rev = "7e80dd48dd9b30994e43f4804b2ea7118664e8e0"; fetchSubmodules = true; }; postUnpack = "sourceRoot+=/elm-format-markdown; echo source root reset to $sourceRoot"; diff --git a/pkgs/development/compilers/elm/packages/elm-format-test-lib.nix b/pkgs/development/compilers/elm/packages/elm-format-test-lib.nix index 729c2d678fce..6dd8598be32b 100644 --- a/pkgs/development/compilers/elm/packages/elm-format-test-lib.nix +++ b/pkgs/development/compilers/elm/packages/elm-format-test-lib.nix @@ -1,24 +1,24 @@ { mkDerivation, avh4-lib, base, containers, fetchgit, filepath -, hspec-core, hspec-golden, lib, mtl, split, tasty, tasty-discover -, tasty-hspec, tasty-hunit, text +, hspec, hspec-core, hspec-golden, lib, mtl, split, tasty +, tasty-discover, tasty-hspec, tasty-hunit, text }: mkDerivation { pname = "elm-format-test-lib"; version = "0.0.0.1"; src = fetchgit { url = "https://github.com/avh4/elm-format"; - sha256 = "0bcjkcs1dy1csz0mpk7d4b5wf93fsj9p86x8fp42mb0pipdd0bh6"; - rev = "80f15d85ee71e1663c9b53903f2b5b2aa444a3be"; + sha256 = "1aiq3mv2ycv6bal5hnz6k33bzmnnidzxxs5b6z9y6lvmr0lbf3j4"; + rev = "7e80dd48dd9b30994e43f4804b2ea7118664e8e0"; fetchSubmodules = true; }; postUnpack = "sourceRoot+=/elm-format-test-lib; echo source root reset to $sourceRoot"; libraryHaskellDepends = [ - avh4-lib base containers filepath hspec-core hspec-golden mtl split - tasty tasty-hspec tasty-hunit text + avh4-lib base containers filepath hspec hspec-core hspec-golden mtl + split tasty tasty-hspec tasty-hunit text ]; testHaskellDepends = [ - avh4-lib base containers filepath hspec-core hspec-golden mtl split - tasty tasty-hspec tasty-hunit text + avh4-lib base containers filepath hspec hspec-core hspec-golden mtl + split tasty tasty-hspec tasty-hunit text ]; testToolDepends = [ tasty-discover ]; doHaddock = false; diff --git a/pkgs/development/compilers/elm/packages/elm-format.nix b/pkgs/development/compilers/elm/packages/elm-format.nix index 6b583a6edde2..1f88650bd3f6 100644 --- a/pkgs/development/compilers/elm/packages/elm-format.nix +++ b/pkgs/development/compilers/elm/packages/elm-format.nix @@ -1,33 +1,35 @@ -{ mkDerivation, ansi-wl-pprint, avh4-lib, base, bimap, cmark -, containers, elm-format-lib, elm-format-test-lib, fetchgit, json -, lib, mtl, optparse-applicative, parsec, QuickCheck, quickcheck-io -, relude, tasty, tasty-hspec, tasty-hunit, tasty-quickcheck, text +{ mkDerivation, aeson, ansi-wl-pprint, avh4-lib, base, bimap +, bytestring, containers, elm-format-lib, elm-format-test-lib +, fetchgit, hspec, lib, mtl, optparse-applicative, QuickCheck +, quickcheck-io, relude, tasty, tasty-hspec, tasty-hunit +, tasty-quickcheck, text }: mkDerivation rec { pname = "elm-format"; - version = "0.8.5"; + version = "0.8.6"; src = fetchgit { url = "https://github.com/avh4/elm-format"; - sha256 = "0bcjkcs1dy1csz0mpk7d4b5wf93fsj9p86x8fp42mb0pipdd0bh6"; - rev = "80f15d85ee71e1663c9b53903f2b5b2aa444a3be"; + sha256 = "1aiq3mv2ycv6bal5hnz6k33bzmnnidzxxs5b6z9y6lvmr0lbf3j4"; + rev = "7e80dd48dd9b30994e43f4804b2ea7118664e8e0"; fetchSubmodules = true; }; isLibrary = false; isExecutable = true; executableHaskellDepends = [ - ansi-wl-pprint avh4-lib base containers elm-format-lib json - optparse-applicative relude text + aeson ansi-wl-pprint avh4-lib base bytestring containers + elm-format-lib optparse-applicative relude text ]; testHaskellDepends = [ - ansi-wl-pprint avh4-lib base bimap cmark containers elm-format-lib - elm-format-test-lib json mtl optparse-applicative parsec QuickCheck - quickcheck-io relude tasty tasty-hspec tasty-hunit tasty-quickcheck - text + aeson ansi-wl-pprint avh4-lib base bimap bytestring containers + elm-format-lib elm-format-test-lib hspec mtl optparse-applicative + QuickCheck quickcheck-io relude tasty tasty-hspec tasty-hunit + tasty-quickcheck text ]; doHaddock = false; homepage = "https://elm-lang.org"; description = "A source code formatter for Elm"; license = lib.licenses.bsd3; + mainProgram = "elm-format"; postPatch = '' mkdir -p ./generated cat < ./generated/Build_elm_format.hs From e84920700d6eb775d7f9066ad8233c9b4cc4a8da Mon Sep 17 00:00:00 2001 From: figsoda Date: Wed, 1 Mar 2023 16:51:18 -0500 Subject: [PATCH 18/43] rust-motd: 1.0.0 -> 1.0.1 Diff: https://github.com/rust-motd/rust-motd/compare/v1.0.0...v1.0.1 Changelog: https://github.com/rust-motd/rust-motd/releases/tag/v1.0.1 --- pkgs/tools/misc/rust-motd/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/misc/rust-motd/default.nix b/pkgs/tools/misc/rust-motd/default.nix index b881d94438cd..7d2125a1e1ee 100644 --- a/pkgs/tools/misc/rust-motd/default.nix +++ b/pkgs/tools/misc/rust-motd/default.nix @@ -9,16 +9,16 @@ rustPlatform.buildRustPackage rec { pname = "rust-motd"; - version = "1.0.0"; + version = "1.0.1"; src = fetchFromGitHub { owner = "rust-motd"; repo = pname; rev = "v${version}"; - hash = "sha256-w984vvjjieSv4eM3jT8zJIIR7/7pmADhR3Esj+2dCTs="; + hash = "sha256-x3dx4PdYSYd7wA/GGj9QYC8rK33FWATs2SnaOagGE80="; }; - cargoHash = "sha256-L/QdFjSYm3PekKS3tdsUl8XBVyIBE044EHOIB+aEltI="; + cargoHash = "sha256-7YvzVG3c10EJET+659F1fwgZ0SmBKMdAWD6LeWnGrNI="; nativeBuildInputs = [ pkg-config From 7e98e1d9897c938a24bee5038aa81902196e2d6f Mon Sep 17 00:00:00 2001 From: figsoda Date: Wed, 1 Mar 2023 17:20:01 -0500 Subject: [PATCH 19/43] menyoki: 1.6.1 -> 1.7.0 Diff: https://github.com/orhun/menyoki/compare/v1.6.1...v1.7.0 Changelog: https://github.com/orhun/menyoki/blob/v1.7.0/CHANGELOG.md --- pkgs/applications/graphics/menyoki/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/graphics/menyoki/default.nix b/pkgs/applications/graphics/menyoki/default.nix index 1f25332e8526..e1b7087cf73b 100644 --- a/pkgs/applications/graphics/menyoki/default.nix +++ b/pkgs/applications/graphics/menyoki/default.nix @@ -13,16 +13,16 @@ rustPlatform.buildRustPackage rec { pname = "menyoki"; - version = "1.6.1"; + version = "1.7.0"; src = fetchFromGitHub { owner = "orhun"; repo = pname; rev = "v${version}"; - sha256 = "sha256-z0OpRnjVfU6vcyZsxkdD2x3l+a9GkDHZcFveGunDYww="; + sha256 = "sha256-owP3G1Rygraifdc4iPURQ1Es0msNhYZIlfrtj0CSU6Y="; }; - cargoSha256 = "sha256-uSoyfgPlsHeUwnTHE49ErrlB65wcfl5dxn/YrW5EKZw="; + cargoSha256 = "sha256-NtXjlGkX8AzSw98xHPymzdnTipMIunyDbpSr4eVowa0="; nativeBuildInputs = [ installShellFiles ] ++ lib.optional stdenv.isLinux pkg-config; From 7da88da0931bb0e310446517c6b98e1085876e72 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 1 Mar 2023 23:43:53 +0100 Subject: [PATCH 20/43] goaccess: 1.7 -> 1.7.1 Diff: https://github.com/allinurl/goaccess/compare/v1.7...v1.7.1 Changelog: https://github.com/allinurl/goaccess/raw/v1.7.1/ChangeLog --- pkgs/tools/misc/goaccess/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/goaccess/default.nix b/pkgs/tools/misc/goaccess/default.nix index 32e45bee9031..084afb857c05 100644 --- a/pkgs/tools/misc/goaccess/default.nix +++ b/pkgs/tools/misc/goaccess/default.nix @@ -10,14 +10,14 @@ }: stdenv.mkDerivation rec { - version = "1.7"; + version = "1.7.1"; pname = "goaccess"; src = fetchFromGitHub { owner = "allinurl"; repo = pname; rev = "v${version}"; - sha256 = "sha256-5lN+57HMxPfCop2sTSldhv1TBEIaowavXvniwqnesOQ="; + sha256 = "sha256-RJQyR6nTvDvR+outbVDYKFC1Tl99O0SZW94e/SbqAO0="; }; nativeBuildInputs = [ From 202260c583b93db457bfada0ff123733c2dc7942 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 2 Mar 2023 00:05:21 +0100 Subject: [PATCH 21/43] python310Packages.appthreat-vulnerability-db: 4.3.1 -> 5.0.1 Diff: https://github.com/AppThreat/vulnerability-db/compare/refs/tags/v4.3.1...v5.0.1 Changelog: https://github.com/AppThreat/vulnerability-db/releases/tag/v5.0.1 --- .../python-modules/appthreat-vulnerability-db/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/appthreat-vulnerability-db/default.nix b/pkgs/development/python-modules/appthreat-vulnerability-db/default.nix index 3fbd115edd4f..60a6f2872fe9 100644 --- a/pkgs/development/python-modules/appthreat-vulnerability-db/default.nix +++ b/pkgs/development/python-modules/appthreat-vulnerability-db/default.nix @@ -15,7 +15,7 @@ buildPythonPackage rec { pname = "appthreat-vulnerability-db"; - version = "4.3.1"; + version = "5.0.1"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -24,7 +24,7 @@ buildPythonPackage rec { owner = "AppThreat"; repo = "vulnerability-db"; rev = "refs/tags/v${version}"; - hash = "sha256-HZHHSY8a7xyJZAQLFeZ+5+CKixcquJcUkkjJTllFiyk="; + hash = "sha256-u5gI5agNm1RT0FzsdQaqivKwiY5k7G/mtlSWCNP4V10="; }; propagatedBuildInputs = [ From 43381120c651d33a5e93323041e1b4fdf2d7ef63 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 1 Mar 2023 23:18:14 +0000 Subject: [PATCH 22/43] vitess: 15.0.2 -> 16.0.0 --- pkgs/development/tools/database/vitess/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/database/vitess/default.nix b/pkgs/development/tools/database/vitess/default.nix index 211b20871eab..90e0613ac070 100644 --- a/pkgs/development/tools/database/vitess/default.nix +++ b/pkgs/development/tools/database/vitess/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "vitess"; - version = "15.0.2"; + version = "16.0.0"; src = fetchFromGitHub { owner = "vitessio"; repo = pname; rev = "v${version}"; - hash = "sha256-NkJqJYmUf92QiPazxRWNsxZh0Pvc73l35hP1gmk4Fv0="; + hash = "sha256-Gvk608nM7Uiazuf9qzmd0uzBP4vPSQfkpAWvnSeWm84="; }; - vendorHash = "sha256-+yCznSxv0EWoKiQIgFEQ/iUxrlQ5A1HYNkoMiRDG3ik="; + vendorHash = "sha256-3GqEMoFYm0TZihoPINf8mwCl3Ky6Lt+LxueYLoFDj2g="; buildInputs = [ sqlite ]; From 1c63793ac6a875e156b4348df17a7ba0e71a580b Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 1 Mar 2023 23:45:45 +0000 Subject: [PATCH 23/43] alertmanager-irc-relay: 0.5.0 -> 0.5.1 --- pkgs/servers/monitoring/alertmanager-irc-relay/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/monitoring/alertmanager-irc-relay/default.nix b/pkgs/servers/monitoring/alertmanager-irc-relay/default.nix index fdaf7bdcb21b..7b06eed72ce6 100644 --- a/pkgs/servers/monitoring/alertmanager-irc-relay/default.nix +++ b/pkgs/servers/monitoring/alertmanager-irc-relay/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "alertmanager-irc-relay"; - version = "0.5.0"; + version = "0.5.1"; src = fetchFromGitHub { owner = "google"; repo = "alertmanager-irc-relay"; rev = "v${version}"; - sha256 = "sha256-qE+cKwn/rqxL5/LUSirflmnFCow6IxjCcGvu2bbBmsk="; + sha256 = "sha256-Rl7o2QPa/IU1snlx/LiJxQok9pnkw9XANnJsu41vNlY="; }; - vendorSha256 = "sha256-VLG15IXS/fXFMTCJKEqGW6qZ9aOLPhazidVsOywG+w4="; + vendorHash = "sha256-KX+TR0n14+95lldF+0KUo5DbqOKpUDaZNuKMBf0KHFQ="; ldflags = [ "-s" "-w" ]; From 5193c3e1f47be5426423ffc369d113020d21c8ca Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 1 Mar 2023 23:52:57 +0000 Subject: [PATCH 24/43] libbraiding: 1.1 -> 1.2 --- .../libraries/science/math/libbraiding/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/science/math/libbraiding/default.nix b/pkgs/development/libraries/science/math/libbraiding/default.nix index cc5d3baf3442..2ee2e831f6e6 100644 --- a/pkgs/development/libraries/science/math/libbraiding/default.nix +++ b/pkgs/development/libraries/science/math/libbraiding/default.nix @@ -4,14 +4,14 @@ }: stdenv.mkDerivation rec { - version = "1.1"; + version = "1.2"; pname = "libbraiding"; src = fetchFromGitHub { owner = "miguelmarco"; repo = "libbraiding"; rev = version; - sha256 = "1n1j58y9jaiv0ya0y4fpfb3b05wv0h6k2babpnk2zifjw26xr366"; + sha256 = "sha256-cgg6rvlOvFqGjgbw6i7QXS+tqvfFd1MkPCEjnW/FyFs="; }; nativeBuildInputs = [ From b7b8e87b1d89fcb8982363cda3f2e135b01d414f Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 00:33:38 +0000 Subject: [PATCH 25/43] buildkite-agent: 3.43.1 -> 3.44.0 --- .../continuous-integration/buildkite-agent/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/continuous-integration/buildkite-agent/default.nix b/pkgs/development/tools/continuous-integration/buildkite-agent/default.nix index 7542ba0f94ff..3d1932f3eb04 100644 --- a/pkgs/development/tools/continuous-integration/buildkite-agent/default.nix +++ b/pkgs/development/tools/continuous-integration/buildkite-agent/default.nix @@ -3,16 +3,16 @@ nixosTests }: buildGoModule rec { pname = "buildkite-agent"; - version = "3.43.1"; + version = "3.44.0"; src = fetchFromGitHub { owner = "buildkite"; repo = "agent"; rev = "v${version}"; - sha256 = "sha256-gTtWfqz1XVvDPULHY4hKdhJlwEWY84VYUPloAX/9afY="; + sha256 = "sha256-iN6Q+HXaZgUt8kXDGG5e1hY0/g/JYSHQ768YYRwZsuw="; }; - vendorHash = "sha256-srzTHUqXxyZY2hFCx3FhhuixclXHskYrQ586W1dB334="; + vendorHash = "sha256-I+tjSBfAvRyE0bjVRloAkb5Jftb6dxoq8lNSgWHAcVk="; postPatch = '' substituteInPlace bootstrap/shell/shell.go --replace /bin/bash ${bash}/bin/bash From 6338d2eafbb9d0c870d309ad267a178fc2f98592 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 00:40:58 +0000 Subject: [PATCH 26/43] nfs-ganesha: 4.3 -> 4.4 --- pkgs/servers/nfs-ganesha/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/nfs-ganesha/default.nix b/pkgs/servers/nfs-ganesha/default.nix index 560853b5d959..d576f1f46d56 100644 --- a/pkgs/servers/nfs-ganesha/default.nix +++ b/pkgs/servers/nfs-ganesha/default.nix @@ -5,13 +5,13 @@ stdenv.mkDerivation rec { pname = "nfs-ganesha"; - version = "4.3"; + version = "4.4"; src = fetchFromGitHub { owner = "nfs-ganesha"; repo = "nfs-ganesha"; rev = "V${version}"; - sha256 = "sha256-MafP6kl3SmtT2/vLPDwy8U7+tE6hUBr/lWmiAcjsQNU="; + sha256 = "sha256-MEPy2TXVTegwCpuaIrMol7ag8anxxdcj11z5eYNkDqQ="; }; preConfigure = "cd src"; From 5d1d52b01ab5f643cd6cdd0a04f54d7baca6a466 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 00:59:09 +0000 Subject: [PATCH 27/43] codeql: 2.12.2 -> 2.12.3 --- pkgs/development/tools/analysis/codeql/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/analysis/codeql/default.nix b/pkgs/development/tools/analysis/codeql/default.nix index 0f560d0b3a15..e80ac3b8e830 100644 --- a/pkgs/development/tools/analysis/codeql/default.nix +++ b/pkgs/development/tools/analysis/codeql/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "codeql"; - version = "2.12.2"; + version = "2.12.3"; dontConfigure = true; dontBuild = true; @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { src = fetchzip { url = "https://github.com/github/codeql-cli-binaries/releases/download/v${version}/codeql.zip"; - sha256 = "sha256-n36x50rGA0fzvbwrUDpzWmF7XqwTTxnAfFtBL23gEOE="; + sha256 = "sha256-xBTL3atnLsw7HWhkWq32LdQmSBtsQ2ydK+8On8l+OcA="; }; nativeBuildInputs = [ From 1f1ebea0e4dd8e5f75503a630aef421ef3b888e7 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 01:22:19 +0000 Subject: [PATCH 28/43] kluctl: 2.19.0 -> 2.19.2 --- pkgs/applications/networking/cluster/kluctl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/cluster/kluctl/default.nix b/pkgs/applications/networking/cluster/kluctl/default.nix index 6a02127405d3..6df6b472a428 100644 --- a/pkgs/applications/networking/cluster/kluctl/default.nix +++ b/pkgs/applications/networking/cluster/kluctl/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "kluctl"; - version = "2.19.0"; + version = "2.19.2"; src = fetchFromGitHub { owner = "kluctl"; repo = "kluctl"; rev = "v${version}"; - hash = "sha256-2nAgJj/cMDiE5rw/YixNYQNCWnuC/8EX4BrnXN4Npao="; + hash = "sha256-7+hXjYaCqInhP3O8IS8IwkUTGhnmcIWRR1qqvA6UQoc="; }; vendorHash = "sha256-xBUrY8v4yHtWGaaRXHxQRGdZHzMGoJX2hFLL+0Vb1QY="; From 5c16cfc82492286dad0c12d1e218493baa990e1e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 01:36:07 +0000 Subject: [PATCH 29/43] zimfw: 1.11.2 -> 1.11.3 --- pkgs/shells/zsh/zimfw/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/shells/zsh/zimfw/default.nix b/pkgs/shells/zsh/zimfw/default.nix index 249cb1b5154d..3714f0ee364e 100644 --- a/pkgs/shells/zsh/zimfw/default.nix +++ b/pkgs/shells/zsh/zimfw/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "zimfw"; - version = "1.11.2"; + version = "1.11.3"; src = fetchFromGitHub { owner = "zimfw"; repo = "zimfw"; rev = "v${version}"; ## zim only needs this one file to be installed. sparseCheckout = [ "zimfw.zsh" ]; - sha256 = "sha256-FgTCdSSDp8pvscRUD4vVk/peoCI4e9FPoCuHP25wxXA="; + sha256 = "sha256-q3OSypjqAc+ul0kF6f3u+wnFyNEm4AKwyPBwQzlVzYU="; }; strictDeps = true; dontConfigure = true; From a3b98612425206a5313b1fa70adecd8e289a59c2 Mon Sep 17 00:00:00 2001 From: Arash Partow Date: Wed, 22 Feb 2023 14:19:37 +1100 Subject: [PATCH 30/43] exprtk: unstable-2021-12-31 -> 0.0.2 --- pkgs/development/libraries/exprtk/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/development/libraries/exprtk/default.nix b/pkgs/development/libraries/exprtk/default.nix index 3e109956c674..8dc4f7598abd 100644 --- a/pkgs/development/libraries/exprtk/default.nix +++ b/pkgs/development/libraries/exprtk/default.nix @@ -1,14 +1,14 @@ { lib, stdenv, fetchFromGitHub }: -stdenv.mkDerivation { +stdenv.mkDerivation rec { pname = "exprtk"; - version = "unstable-2021-12-31"; + version = "0.0.2"; src = fetchFromGitHub { owner = "ArashPartow"; - repo = "exprtk"; - rev = "806c519c91fd08ba4fa19380dbf3f6e42de9e2d1"; - hash = "sha256-5/k+y3gNJeggfwXmtAVqmaiV+BXX+WKtWwZWcQSrQDM="; + repo = pname; + rev = version; + hash = "sha256-ZV5nS6wEbKfzXhfXEtVlkwaEtxpTOYQaGlaxKx3FIvE="; }; dontBuild = true; From c9f0b578962970c5cc19ff235d10150ab4ab1938 Mon Sep 17 00:00:00 2001 From: Danil Suetin Date: Thu, 2 Mar 2023 09:02:16 +0700 Subject: [PATCH 31/43] ledger-live-desktop: 2.53.2 -> 2.54.0 --- .../blockchains/ledger-live-desktop/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/blockchains/ledger-live-desktop/default.nix b/pkgs/applications/blockchains/ledger-live-desktop/default.nix index 5aee9eaee9fe..819f14ce456f 100644 --- a/pkgs/applications/blockchains/ledger-live-desktop/default.nix +++ b/pkgs/applications/blockchains/ledger-live-desktop/default.nix @@ -2,11 +2,11 @@ let pname = "ledger-live-desktop"; - version = "2.53.2"; + version = "2.54.0"; src = fetchurl { url = "https://download.live.ledger.com/${pname}-${version}-linux-x86_64.AppImage"; - hash = "sha256-RGeJWUMZagXM/8SHHOpTpcnsz+BShnGp2yvt31qo5lI="; + hash = "sha256-3UCsMzpoHq4gD4bw/MT1qbl8AnXQnFJqpMi1mlPvv5w="; }; appimageContents = appimageTools.extractType2 { @@ -27,8 +27,8 @@ appimageTools.wrapType2 rec { ''; meta = with lib; { - description = "Wallet app for Ledger Nano S and Ledger Blue"; - homepage = "https://www.ledger.com/live"; + description = "App for Ledger hardware wallets"; + homepage = "https://www.ledger.com/ledger-live/"; license = licenses.mit; maintainers = with maintainers; [ andresilva thedavidmeister nyanloutre RaghavSood th0rgal WeebSorceress ]; platforms = [ "x86_64-linux" ]; From cefa675791ced0d3478c0c673d212f0c76db9eff Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 02:11:56 +0000 Subject: [PATCH 32/43] urbit: 1.21 -> 1.22 --- pkgs/misc/urbit/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/misc/urbit/default.nix b/pkgs/misc/urbit/default.nix index 211af0e6e485..8ae4df6409d5 100644 --- a/pkgs/misc/urbit/default.nix +++ b/pkgs/misc/urbit/default.nix @@ -10,15 +10,15 @@ let in stdenv.mkDerivation rec { pname = "urbit"; - version = "1.21"; + version = "1.22"; src = fetchzip { url = "https://github.com/urbit/vere/releases/download/vere-v${version}/${platform}.tgz"; sha256 = { - x86_64-linux = "sha256-zHxISUJo2Li1PRjGC9LLXsDhLOHeuYejC+IM+9uDSks="; - aarch64-linux = "sha256-6gVuACG+/XJrYNjxJ2FxtkaEJuI2Sd8uM2Tgt4vbgkQ="; - x86_64-darwin = "sha256-BVDGdueu18HzL9FmaJniQp+OLQAVpSYYxxyvjlHFv3I="; - aarch64-darwin = "sha256-kwRezLpi5AEyAQ+Kyd992fpCerunaHOzRB4Wvb3dlY0="; + x86_64-linux = "sha256-wYXFromLV1BCiSWlzphtCSBOWacQ3yC7i2kxxH4y88Y="; + aarch64-linux = "sha256-t3waCv2hwkchWPlfx1bsKKB6imp7F6scRnZUQSwS6fI="; + x86_64-darwin = "sha256-x5Gr6z5ma+0AF7DEXJpqG+yg3ym+w2ULTqfpdLjfHGo="; + aarch64-darwin = "sha256-vvGZoN+Yi6FZDblhxwDzRneVtWaFFaOjyRG7017BzZI="; }.${stdenv.hostPlatform.system} or (throw "unsupported system ${stdenv.hostPlatform.system}"); }; From 921421edb8c94a595be1bc22ef20cf203092f9ca Mon Sep 17 00:00:00 2001 From: Bruno Bigras Date: Wed, 1 Mar 2023 23:14:36 -0500 Subject: [PATCH 33/43] anytype: 0.30.0 -> 0.31.0 --- pkgs/applications/misc/anytype/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/anytype/default.nix b/pkgs/applications/misc/anytype/default.nix index 5ec64fc0a55e..fd0efc3f29f5 100644 --- a/pkgs/applications/misc/anytype/default.nix +++ b/pkgs/applications/misc/anytype/default.nix @@ -2,13 +2,13 @@ let pname = "anytype"; - version = "0.30.0"; + version = "0.31.0"; name = "Anytype-${version}"; nameExecutable = pname; src = fetchurl { url = "https://at9412003.fra1.digitaloceanspaces.com/Anytype-${version}.AppImage"; name = "Anytype-${version}.AppImage"; - sha256 = "sha256-LifJc5mLbnt5wBXGM1n1uice0B6mCY80LYf3kEFJy90="; + sha256 = "sha256-s8al0R9G478A+PymQcdcdRpw6tpKkG+WIZsXZYEvf/o="; }; appimageContents = appimageTools.extractType2 { inherit name src; }; in From 115f47a3c81f056902418f8d8912b3761f0c4453 Mon Sep 17 00:00:00 2001 From: Ashish SHUKLA Date: Thu, 2 Mar 2023 11:41:18 +0530 Subject: [PATCH 34/43] flyctl: 0.473 -> 0.474 --- pkgs/development/web/flyctl/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/web/flyctl/default.nix b/pkgs/development/web/flyctl/default.nix index 13c4bb5efa3b..d5ea945eef0d 100644 --- a/pkgs/development/web/flyctl/default.nix +++ b/pkgs/development/web/flyctl/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "flyctl"; - version = "0.0.473"; + version = "0.0.474"; src = fetchFromGitHub { owner = "superfly"; repo = "flyctl"; rev = "v${version}"; - hash = "sha256-bTOGrg+dM+FXNvbeJ3fx1aMlT/2sPVYwGOzZaZfHVm8="; + hash = "sha256-uBx5exEShAVVQ8dQTYvn12FbHDehAxEFOJ4HN6jipD4="; }; - vendorHash = "sha256-ExHzf4L0Ibb+tYfBV45hEaUJgSQhgpHk40QhHa5dpQ8="; + vendorHash = "sha256-m9n7687JjzOXqOTXPsBjD4jVeqlnUvoaxw7S9PGvn9M="; subPackages = [ "." ]; From 9722137ae7b34e361e4e74c461e2ddf67e8073ea Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 07:46:51 +0000 Subject: [PATCH 35/43] cargo-wasi: 0.1.26 -> 0.1.27 --- pkgs/development/tools/rust/cargo-wasi/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/development/tools/rust/cargo-wasi/default.nix b/pkgs/development/tools/rust/cargo-wasi/default.nix index e26474baa1ee..cbc1e419459a 100644 --- a/pkgs/development/tools/rust/cargo-wasi/default.nix +++ b/pkgs/development/tools/rust/cargo-wasi/default.nix @@ -9,15 +9,15 @@ rustPlatform.buildRustPackage rec { pname = "cargo-wasi"; - version = "0.1.26"; + version = "0.1.27"; src = fetchCrate { inherit version; pname = "cargo-wasi-src"; - sha256 = "sha256-/u5GKqGwJWS6Gzc1WZ7O5ZSHHGoqBVZ4jQDEIfAyciE="; + sha256 = "sha256-u6+Fn/j2cvpBqTIfyPC8jltcCKGimFcu4NiMFCAfmwg="; }; - cargoSha256 = "sha256-eF3HrulY7HrKseCYyZyC2EuWboFvmia2qLymBxvopKI="; + cargoHash = "sha256-Hi5Z5TmiHXp7YrqXfbwACKEximksQRhdoMGU1iLmXOk="; nativeBuildInputs = [ pkg-config ]; @@ -26,7 +26,7 @@ rustPlatform.buildRustPackage rec { # Checks need to be disabled here because the current test suite makes assumptions # about the surrounding environment that aren't Nix friendly. See these lines for specifics: - # https://github.com/bytecodealliance/cargo-wasi/blob/0.1.26/tests/tests/support.rs#L13-L18 + # https://github.com/bytecodealliance/cargo-wasi/blob/0.1.27/tests/tests/support.rs#L13-L18 doCheck = false; meta = with lib; { From b04834c267d1a4a7752f42156fe640a4de4955df Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 2 Mar 2023 08:53:00 +0100 Subject: [PATCH 36/43] ali: add changelog to meta --- pkgs/tools/networking/ali/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/tools/networking/ali/default.nix b/pkgs/tools/networking/ali/default.nix index f65829c9906b..53403b636785 100644 --- a/pkgs/tools/networking/ali/default.nix +++ b/pkgs/tools/networking/ali/default.nix @@ -19,6 +19,7 @@ buildGoModule rec { meta = with lib; { description = "Generate HTTP load and plot the results in real-time"; homepage = "https://github.com/nakabonne/ali"; + changelog = "https://github.com/nakabonne/ali/releases/tag/v${version}"; license = licenses.mit; platforms = platforms.linux ++ platforms.darwin; maintainers = with maintainers; [ farcaller ]; From a5e6496517ba0b13f57493aa118b8ae7ce96336e Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 2 Mar 2023 08:59:13 +0100 Subject: [PATCH 37/43] cloudflared: add changelog to meta --- pkgs/applications/networking/cloudflared/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/applications/networking/cloudflared/default.nix b/pkgs/applications/networking/cloudflared/default.nix index d17acc7fdb46..684451664ac9 100644 --- a/pkgs/applications/networking/cloudflared/default.nix +++ b/pkgs/applications/networking/cloudflared/default.nix @@ -65,6 +65,7 @@ buildGoModule rec { meta = with lib; { description = "Cloudflare Tunnel daemon, Cloudflare Access toolkit, and DNS-over-HTTPS client"; homepage = "https://www.cloudflare.com/products/tunnel"; + changelog = "https://github.com/cloudflare/cloudflared/releases/tag/${version}"; license = licenses.asl20; platforms = platforms.unix ++ platforms.windows; maintainers = with maintainers; [ bbigras enorris thoughtpolice piperswe ]; From f0a620bd289bfb6c848835f11a8f0a1353873909 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 2 Mar 2023 09:01:47 +0100 Subject: [PATCH 38/43] cloudflared: equalize --- .../networking/cloudflared/default.nix | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/cloudflared/default.nix b/pkgs/applications/networking/cloudflared/default.nix index 684451664ac9..88876e9f98ff 100644 --- a/pkgs/applications/networking/cloudflared/default.nix +++ b/pkgs/applications/networking/cloudflared/default.nix @@ -1,4 +1,9 @@ -{ lib, buildGoModule, fetchFromGitHub, stdenv, callPackage }: +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +, callPackage +}: buildGoModule rec { pname = "cloudflared"; @@ -7,13 +12,18 @@ buildGoModule rec { src = fetchFromGitHub { owner = "cloudflare"; repo = "cloudflared"; - rev = version; + rev = "refs/tags/${version}"; hash = "sha256-qZ3h8KZLGSH+sqUs0wof5arKvcps1DdqBnT+coWEiys="; }; vendorSha256 = null; - ldflags = [ "-s" "-w" "-X main.Version=${version}" "-X github.com/cloudflare/cloudflared/cmd/cloudflared/updater.BuiltForPackageManager=nixpkgs" ]; + ldflags = [ + "-s" + "-w" + "-X main.Version=${version}" + "-X github.com/cloudflare/cloudflared/cmd/cloudflared/updater.BuiltForPackageManager=nixpkgs" + ]; preCheck = '' # Workaround for: sshgen_test.go:74: mkdir /homeless-shelter/.cloudflared: no such file or directory From 14891ec0d92213e8873a5676d31db1bf78a0be14 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 08:53:02 +0000 Subject: [PATCH 39/43] cargo-insta: 1.26.0 -> 1.28.0 --- pkgs/development/tools/rust/cargo-insta/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/rust/cargo-insta/default.nix b/pkgs/development/tools/rust/cargo-insta/default.nix index b69c7968dcec..68b6e3779f61 100644 --- a/pkgs/development/tools/rust/cargo-insta/default.nix +++ b/pkgs/development/tools/rust/cargo-insta/default.nix @@ -2,17 +2,17 @@ rustPlatform.buildRustPackage rec { pname = "cargo-insta"; - version = "1.26.0"; + version = "1.28.0"; src = fetchFromGitHub { owner = "mitsuhiko"; repo = "insta"; rev = version; - sha256 = "sha256-h0jRuY3GSqK85NCeFqdqjyVdNTMbdtD70zU5G3w1STc="; + sha256 = "sha256-GqM3b2evjACNkTOyfA6N6TInuGo9f/1retkXVTgbJ3A="; }; sourceRoot = "source/cargo-insta"; - cargoHash = "sha256-GC2ggTJJV3Aww3qPfsnuND0eII1l3OBoZfi5RtvhO8I="; + cargoHash = "sha256-ZIS3O19N7w+sL+2IdoCw4/Hx9Jtjx7MYE7JcEu+PFRA="; buildInputs = lib.optionals stdenv.isDarwin [ libiconv ]; meta = with lib; { From 55da71c10edda3b85f84ab50a34143d760a708d4 Mon Sep 17 00:00:00 2001 From: Yureka Date: Thu, 2 Mar 2023 10:28:01 +0100 Subject: [PATCH 40/43] nixos/nftables: add checkRuleset option (#216531) * nixos/nftables: add checkRuleset option * lkl: 2022-05-18 -> 2023-01-27 --- .../modules/services/networking/nftables.nix | 51 ++- .../virtualization/lkl/default.nix | 6 +- .../lkl/lkl-defconfig-enable-nftables | 303 +++++++++++------- 3 files changed, 238 insertions(+), 122 deletions(-) diff --git a/nixos/modules/services/networking/nftables.nix b/nixos/modules/services/networking/nftables.nix index bd13e8c9929a..faff1dca89ba 100644 --- a/nixos/modules/services/networking/nftables.nix +++ b/nixos/modules/services/networking/nftables.nix @@ -28,6 +28,32 @@ in . ''; }; + + networking.nftables.checkRuleset = mkOption { + type = types.bool; + default = true; + description = lib.mdDoc '' + Run `nft check` on the ruleset to spot syntax errors during build. + Because this is executed in a sandbox, the check might fail if it requires + access to any environmental factors or paths outside the Nix store. + To circumvent this, the ruleset file can be edited using the preCheckRuleset + option to work in the sandbox environment. + ''; + }; + + networking.nftables.preCheckRuleset = mkOption { + type = types.lines; + default = ""; + example = lib.literalExpression '' + sed 's/skgid meadow/skgid nogroup/g' -i ruleset.conf + ''; + description = lib.mdDoc '' + This script gets run before the ruleset is checked. It can be used to + create additional files needed for the ruleset check to work, or modify + the ruleset for cases the build environment cannot cover. + ''; + }; + networking.nftables.ruleset = mkOption { type = types.lines; default = ""; @@ -105,13 +131,24 @@ in wantedBy = [ "multi-user.target" ]; reloadIfChanged = true; serviceConfig = let - rulesScript = pkgs.writeScript "nftables-rules" '' - #! ${pkgs.nftables}/bin/nft -f - flush ruleset - ${if cfg.rulesetFile != null then '' - include "${cfg.rulesetFile}" - '' else cfg.ruleset} - ''; + rulesScript = pkgs.writeTextFile { + name = "nftables-rules"; + executable = true; + text = '' + #! ${pkgs.nftables}/bin/nft -f + flush ruleset + ${if cfg.rulesetFile != null then '' + include "${cfg.rulesetFile}" + '' else cfg.ruleset} + ''; + checkPhase = lib.optionalString cfg.checkRuleset '' + cp $out ruleset.conf + ${cfg.preCheckRuleset} + export NIX_REDIRECTS=/etc/protocols=${pkgs.buildPackages.iana-etc}/etc/protocols:/etc/services=${pkgs.buildPackages.iana-etc}/etc/services + LD_PRELOAD="${pkgs.buildPackages.libredirect}/lib/libredirect.so ${pkgs.buildPackages.lklWithFirewall.lib}/lib/liblkl-hijack.so" \ + ${pkgs.buildPackages.nftables}/bin/nft --check --file ruleset.conf + ''; + }; in { Type = "oneshot"; RemainAfterExit = true; diff --git a/pkgs/applications/virtualization/lkl/default.nix b/pkgs/applications/virtualization/lkl/default.nix index 4a1514cd97a1..0247cd433b04 100644 --- a/pkgs/applications/virtualization/lkl/default.nix +++ b/pkgs/applications/virtualization/lkl/default.nix @@ -6,15 +6,15 @@ stdenv.mkDerivation rec { pname = "lkl"; - version = "2022-05-18"; + version = "2023-01-27"; outputs = [ "dev" "lib" "out" ]; src = fetchFromGitHub { owner = "lkl"; repo = "linux"; - rev = "10c7b5dee8c424cc2ab754e519ecb73350283ff9"; - sha256 = "sha256-D3HQdKzhB172L62a+8884bNhcv7vm/c941wzbYtbf4I="; + rev = "b00f0fbcd5ae24636a9315fea3af32f411cf93be"; + sha256 = "sha256-GZpnTVdcnS5uAUHsVre539+0Qlv36Fui0WGjOPwvWrE="; }; nativeBuildInputs = [ bc bison flex python3 ]; diff --git a/pkgs/applications/virtualization/lkl/lkl-defconfig-enable-nftables b/pkgs/applications/virtualization/lkl/lkl-defconfig-enable-nftables index 8f133938587f..d77cb4d20b74 100644 --- a/pkgs/applications/virtualization/lkl/lkl-defconfig-enable-nftables +++ b/pkgs/applications/virtualization/lkl/lkl-defconfig-enable-nftables @@ -1,71 +1,68 @@ +CONFIG_IP6_NF_FILTER=y +CONFIG_IP6_NF_IPTABLES=y +CONFIG_IP6_NF_MANGLE=y +CONFIG_IP6_NF_MATCH_AH=y +CONFIG_IP6_NF_MATCH_EUI64=y +CONFIG_IP6_NF_MATCH_FRAG=y +CONFIG_IP6_NF_MATCH_HL=y +CONFIG_IP6_NF_MATCH_IPV6HEADER=y +CONFIG_IP6_NF_MATCH_MH=y +CONFIG_IP6_NF_MATCH_OPTS=y +CONFIG_IP6_NF_MATCH_RPFILTER=y +CONFIG_IP6_NF_MATCH_RT=y +CONFIG_IP6_NF_MATCH_SRH=y +CONFIG_IP6_NF_NAT=y +CONFIG_IP6_NF_RAW=y +CONFIG_IP6_NF_SECURITY=y +CONFIG_IP6_NF_TARGET_HL=y +CONFIG_IP6_NF_TARGET_MASQUERADE=y +CONFIG_IP6_NF_TARGET_NPT=y +CONFIG_IP6_NF_TARGET_REJECT=y +CONFIG_IP6_NF_TARGET_SYNPROXY=y +CONFIG_IP_NF_ARPFILTER=y +CONFIG_IP_NF_ARP_MANGLE=y +CONFIG_IP_NF_ARPTABLES=y +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_IPTABLES=y +CONFIG_IP_NF_MANGLE=y +CONFIG_IP_NF_MATCH_AH=y +CONFIG_IP_NF_MATCH_ECN=y +CONFIG_IP_NF_MATCH_RPFILTER=y +CONFIG_IP_NF_MATCH_TTL=y +CONFIG_IP_NF_NAT=y +CONFIG_IP_NF_RAW=y +CONFIG_IP_NF_SECURITY=y +CONFIG_IP_NF_TARGET_CLUSTERIP=y +CONFIG_IP_NF_TARGET_ECN=y +CONFIG_IP_NF_TARGET_MASQUERADE=y +CONFIG_IP_NF_TARGET_NETMAP=y +CONFIG_IP_NF_TARGET_REDIRECT=y +CONFIG_IP_NF_TARGET_REJECT=y +CONFIG_IP_NF_TARGET_SYNPROXY=y +CONFIG_IP_NF_TARGET_TTL=y CONFIG_NETFILTER=y -CONFIG_NF_CONNTRACK=y -CONFIG_NF_LOG_NETDEV=y -CONFIG_NF_CONNTRACK_ZONES=y -CONFIG_NF_CONNTRACK_EVENTS=y -CONFIG_NF_CONNTRACK_TIMEOUT=y -CONFIG_NF_CONNTRACK_TIMESTAMP=y -CONFIG_NF_CONNTRACK_AMANDA=y -CONFIG_NF_CONNTRACK_FTP=y -CONFIG_NF_CONNTRACK_H323=y -CONFIG_NF_CONNTRACK_IRC=y -CONFIG_NF_CONNTRACK_NETBIOS_NS=y -CONFIG_NF_CONNTRACK_SNMP=y -CONFIG_NF_CONNTRACK_PPTP=y -CONFIG_NF_CONNTRACK_SANE=y -CONFIG_NF_CONNTRACK_SIP=y -CONFIG_NF_CONNTRACK_TFTP=y -CONFIG_NF_CT_NETLINK=y -CONFIG_NF_CT_NETLINK_TIMEOUT=y -CONFIG_NF_CT_NETLINK_HELPER=y +CONFIG_NETFILTER_ADVANCED=y +CONFIG_NETFILTER_CONNCOUNT=y +CONFIG_NETFILTER_EGRESS=y +CONFIG_NETFILTER_FAMILY_ARP=y +CONFIG_NETFILTER_FAMILY_BRIDGE=y +CONFIG_NETFILTER_INGRESS=y +CONFIG_NETFILTER_NETLINK_ACCT=y CONFIG_NETFILTER_NETLINK_GLUE_CT=y -CONFIG_NF_TABLES=y -CONFIG_NF_TABLES_INET=y -CONFIG_NF_TABLES_NETDEV=y -CONFIG_NFT_NUMGEN=y -CONFIG_NFT_CT=y -CONFIG_NFT_COUNTER=y -CONFIG_NFT_CONNLIMIT=y -CONFIG_NFT_LOG=y -CONFIG_NFT_LIMIT=y -CONFIG_NFT_MASQ=y -CONFIG_NFT_REDIR=y -CONFIG_NFT_NAT=y -CONFIG_NFT_TUNNEL=y -CONFIG_NFT_OBJREF=y -CONFIG_NFT_QUEUE=y -CONFIG_NFT_QUOTA=y -CONFIG_NFT_REJECT=y -CONFIG_NFT_COMPAT=y -CONFIG_NFT_HASH=y -CONFIG_NFT_FIB_INET=y -CONFIG_NFT_SOCKET=y -CONFIG_NFT_OSF=y -CONFIG_NFT_TPROXY=y -CONFIG_NFT_SYNPROXY=y -CONFIG_NFT_DUP_NETDEV=y -CONFIG_NFT_FWD_NETDEV=y -CONFIG_NFT_FIB_NETDEV=y -CONFIG_NF_FLOW_TABLE_INET=y -CONFIG_NF_FLOW_TABLE=y -CONFIG_NETFILTER_XT_TARGET_CHECKSUM=y -CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y -CONFIG_NETFILTER_XT_TARGET_CONNMARK=y -CONFIG_NETFILTER_XT_TARGET_DSCP=y -CONFIG_NETFILTER_XT_TARGET_HMARK=y -CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y -CONFIG_NETFILTER_XT_TARGET_LOG=y -CONFIG_NETFILTER_XT_TARGET_MARK=y -CONFIG_NETFILTER_XT_TARGET_NFLOG=y -CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y -CONFIG_NETFILTER_XT_TARGET_NOTRACK=y -CONFIG_NETFILTER_XT_TARGET_TEE=y -CONFIG_NETFILTER_XT_TARGET_TPROXY=y -CONFIG_NETFILTER_XT_TARGET_TRACE=y -CONFIG_NETFILTER_XT_TARGET_TCPMSS=y -CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y +CONFIG_NETFILTER_NETLINK_HOOK=y +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NETFILTER_NETLINK_OSF=y +CONFIG_NETFILTER_NETLINK_QUEUE=y +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_SKIP_EGRESS=y +CONFIG_NETFILTER_SYNPROXY=y +CONFIG_NETFILTER_XTABLES_COMPAT=y +CONFIG_NETFILTER_XTABLES=y +CONFIG_NETFILTER_XT_CONNMARK=y +CONFIG_NETFILTER_XT_MARK=y CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y CONFIG_NETFILTER_XT_MATCH_BPF=y +CONFIG_NETFILTER_XT_MATCH_CGROUP=y CONFIG_NETFILTER_XT_MATCH_CLUSTER=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y @@ -77,11 +74,14 @@ CONFIG_NETFILTER_XT_MATCH_CPU=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y +CONFIG_NETFILTER_XT_MATCH_ECN=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y +CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPCOMP=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y +CONFIG_NETFILTER_XT_MATCH_IPVS=y CONFIG_NETFILTER_XT_MATCH_L2TP=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y @@ -91,7 +91,9 @@ CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_NFACCT=y CONFIG_NETFILTER_XT_MATCH_OSF=y CONFIG_NETFILTER_XT_MATCH_OWNER=y +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y +CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y @@ -104,52 +106,129 @@ CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y -CONFIG_NFT_DUP_IPV4=y -CONFIG_NFT_FIB_IPV4=y -CONFIG_NF_TABLES_ARP=y -CONFIG_NF_FLOW_TABLE_IPV4=y -CONFIG_NF_LOG_ARP=y -CONFIG_IP_NF_IPTABLES=y -CONFIG_IP_NF_MATCH_AH=y -CONFIG_IP_NF_MATCH_ECN=y -CONFIG_IP_NF_MATCH_RPFILTER=y -CONFIG_IP_NF_MATCH_TTL=y -CONFIG_IP_NF_FILTER=y -CONFIG_IP_NF_TARGET_REJECT=y -CONFIG_IP_NF_TARGET_SYNPROXY=y -CONFIG_IP_NF_NAT=y -CONFIG_IP_NF_TARGET_MASQUERADE=y -CONFIG_IP_NF_TARGET_NETMAP=y -CONFIG_IP_NF_TARGET_REDIRECT=y -CONFIG_IP_NF_MANGLE=y -CONFIG_IP_NF_TARGET_CLUSTERIP=y -CONFIG_IP_NF_TARGET_ECN=y -CONFIG_IP_NF_TARGET_TTL=y -CONFIG_IP_NF_RAW=y -CONFIG_IP_NF_ARPTABLES=y -CONFIG_IP_NF_ARPFILTER=y -CONFIG_IP_NF_ARP_MANGLE=y -CONFIG_NFT_DUP_IPV6=y -CONFIG_NFT_FIB_IPV6=y -CONFIG_NF_FLOW_TABLE_IPV6=y -CONFIG_IP6_NF_IPTABLES=y -CONFIG_IP6_NF_MATCH_AH=y -CONFIG_IP6_NF_MATCH_EUI64=y -CONFIG_IP6_NF_MATCH_FRAG=y -CONFIG_IP6_NF_MATCH_OPTS=y -CONFIG_IP6_NF_MATCH_HL=y -CONFIG_IP6_NF_MATCH_IPV6HEADER=y -CONFIG_IP6_NF_MATCH_MH=y -CONFIG_IP6_NF_MATCH_RPFILTER=y -CONFIG_IP6_NF_MATCH_RT=y -CONFIG_IP6_NF_MATCH_SRH=y -CONFIG_IP6_NF_TARGET_HL=y -CONFIG_IP6_NF_FILTER=y -CONFIG_IP6_NF_TARGET_REJECT=y -CONFIG_IP6_NF_TARGET_SYNPROXY=y -CONFIG_IP6_NF_MANGLE=y -CONFIG_IP6_NF_RAW=y -CONFIG_IP6_NF_NAT=y -CONFIG_IP6_NF_TARGET_MASQUERADE=y -CONFIG_IP6_NF_TARGET_NPT=y +CONFIG_NETFILTER_XT_NAT=y +CONFIG_NETFILTER_XT_SET=y +CONFIG_NETFILTER_XT_TARGET_AUDIT=y +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=y +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y +CONFIG_NETFILTER_XT_TARGET_CONNMARK=y +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=y +CONFIG_NETFILTER_XT_TARGET_CT=y +CONFIG_NETFILTER_XT_TARGET_DSCP=y +CONFIG_NETFILTER_XT_TARGET_HL=y +CONFIG_NETFILTER_XT_TARGET_HMARK=y +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y +CONFIG_NETFILTER_XT_TARGET_LED=y +CONFIG_NETFILTER_XT_TARGET_LOG=y +CONFIG_NETFILTER_XT_TARGET_MARK=y +CONFIG_NETFILTER_XT_TARGET_MASQUERADE=y +CONFIG_NETFILTER_XT_TARGET_NETMAP=y +CONFIG_NETFILTER_XT_TARGET_NFLOG=y +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y +CONFIG_NETFILTER_XT_TARGET_NOTRACK=y +CONFIG_NETFILTER_XT_TARGET_RATEEST=y +CONFIG_NETFILTER_XT_TARGET_REDIRECT=y +CONFIG_NETFILTER_XT_TARGET_SECMARK=y +CONFIG_NETFILTER_XT_TARGET_TCPMSS=y +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y +CONFIG_NETFILTER_XT_TARGET_TEE=y +CONFIG_NETFILTER_XT_TARGET_TPROXY=y +CONFIG_NETFILTER_XT_TARGET_TRACE=y +CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_BRIDGE=y +CONFIG_NF_CONNTRACK_BROADCAST=y +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CONNTRACK_FTP=y +CONFIG_NF_CONNTRACK_H323=y +CONFIG_NF_CONNTRACK_IRC=y +CONFIG_NF_CONNTRACK_LABELS=y +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_NETBIOS_NS=y +CONFIG_NF_CONNTRACK_PPTP=y +CONFIG_NF_CONNTRACK_SANE=y +CONFIG_NF_CONNTRACK_SECMARK=y +CONFIG_NF_CONNTRACK_SIP=y +CONFIG_NF_CONNTRACK_SNMP=y +CONFIG_NF_CONNTRACK_TFTP=y +CONFIG_NF_CONNTRACK_TIMEOUT=y +CONFIG_NF_CONNTRACK_TIMESTAMP=y +CONFIG_NF_CONNTRACK=y +CONFIG_NF_CONNTRACK_ZONES=y +CONFIG_NF_CT_NETLINK_HELPER=y +CONFIG_NF_CT_NETLINK_TIMEOUT=y +CONFIG_NF_CT_NETLINK=y +CONFIG_NF_CT_PROTO_DCCP=y +CONFIG_NF_CT_PROTO_GRE=y +CONFIG_NF_CT_PROTO_SCTP=y +CONFIG_NF_CT_PROTO_UDPLITE=y +CONFIG_NF_DEFRAG_IPV4=y +CONFIG_NF_DEFRAG_IPV6=y +CONFIG_NF_DUP_IPV4=y +CONFIG_NF_DUP_IPV6=y +CONFIG_NF_DUP_NETDEV=y +CONFIG_NF_FLOW_TABLE_INET=y +CONFIG_NF_FLOW_TABLE=y +CONFIG_NF_LOG_ARP=y +CONFIG_NF_LOG_IPV4=y +CONFIG_NF_LOG_IPV6=y +CONFIG_NF_LOG_SYSLOG=y +CONFIG_NF_NAT_AMANDA=y +CONFIG_NF_NAT_FTP=y +CONFIG_NF_NAT_H323=y +CONFIG_NF_NAT_IRC=y +CONFIG_NF_NAT_MASQUERADE=y +CONFIG_NF_NAT_PPTP=y +CONFIG_NF_NAT_REDIRECT=y +CONFIG_NF_NAT_SIP=y +CONFIG_NF_NAT_SNMP_BASIC=y +CONFIG_NF_NAT_TFTP=y +CONFIG_NF_NAT=y +CONFIG_NF_REJECT_IPV4=y +CONFIG_NF_REJECT_IPV6=y +CONFIG_NF_SOCKET_IPV4=y +CONFIG_NF_SOCKET_IPV6=y +CONFIG_NF_TABLES_ARP=y +CONFIG_NF_TABLES_BRIDGE=y +CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_IPV4=y +CONFIG_NF_TABLES_IPV6=y +CONFIG_NF_TABLES_NETDEV=y +CONFIG_NF_TABLES=y +CONFIG_NFT_BRIDGE_META=y +CONFIG_NFT_BRIDGE_REJECT=y +CONFIG_NFT_COMPAT=y +CONFIG_NFT_CONNLIMIT=y +CONFIG_NFT_CT=y +CONFIG_NFT_DUP_IPV4=y +CONFIG_NFT_DUP_IPV6=y +CONFIG_NFT_DUP_NETDEV=y +CONFIG_NFT_FIB_INET=y +CONFIG_NFT_FIB_IPV4=y +CONFIG_NFT_FIB_IPV6=y +CONFIG_NFT_FIB_NETDEV=y +CONFIG_NFT_FIB=y +CONFIG_NFT_FLOW_OFFLOAD=y +CONFIG_NFT_FWD_NETDEV=y +CONFIG_NFT_HASH=y +CONFIG_NFT_LIMIT=y +CONFIG_NFT_LOG=y +CONFIG_NFT_MASQ=y +CONFIG_NFT_NAT=y +CONFIG_NFT_NUMGEN=y +CONFIG_NFT_OBJREF=y +CONFIG_NFT_OSF=y +CONFIG_NF_TPROXY_IPV4=y +CONFIG_NF_TPROXY_IPV6=y +CONFIG_NFT_QUEUE=y +CONFIG_NFT_QUOTA=y +CONFIG_NFT_REDIR=y +CONFIG_NFT_REJECT_INET=y +CONFIG_NFT_REJECT_IPV4=y +CONFIG_NFT_REJECT_IPV6=y +CONFIG_NFT_REJECT_NETDEV=y +CONFIG_NFT_REJECT=y +CONFIG_NFT_SOCKET=y +CONFIG_NFT_SYNPROXY=y +CONFIG_NFT_TPROXY=y +CONFIG_NFT_TUNNEL=y +CONFIG_NFT_XFRM=y From d37bb6f543920bc28e614f704a3f0c1a40fb4289 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 2 Mar 2023 10:49:44 +0100 Subject: [PATCH 41/43] cargo-insta: add changelog to meta --- pkgs/development/tools/rust/cargo-insta/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/development/tools/rust/cargo-insta/default.nix b/pkgs/development/tools/rust/cargo-insta/default.nix index 68b6e3779f61..fcf556a47d8d 100644 --- a/pkgs/development/tools/rust/cargo-insta/default.nix +++ b/pkgs/development/tools/rust/cargo-insta/default.nix @@ -18,6 +18,7 @@ rustPlatform.buildRustPackage rec { meta = with lib; { description = "A Cargo subcommand for snapshot testing"; homepage = "https://github.com/mitsuhiko/insta"; + changelog = "https://github.com/mitsuhiko/insta/blob/${version}/CHANGELOG.md"; license = licenses.asl20; maintainers = with lib.maintainers; [ oxalica ]; }; From 56022cba489c4bc7665ac587ece2fe5ac8750bfc Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 2 Mar 2023 09:51:02 +0000 Subject: [PATCH 42/43] ibm-plex: 6.1.1 -> 6.2.0 --- pkgs/data/fonts/ibm-plex/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/data/fonts/ibm-plex/default.nix b/pkgs/data/fonts/ibm-plex/default.nix index 0de1f38a0ff8..21321d83af34 100644 --- a/pkgs/data/fonts/ibm-plex/default.nix +++ b/pkgs/data/fonts/ibm-plex/default.nix @@ -2,11 +2,11 @@ stdenvNoCC.mkDerivation rec { pname = "ibm-plex"; - version = "6.1.1"; + version = "6.2.0"; src = fetchzip { url = "https://github.com/IBM/plex/releases/download/v${version}/OpenType.zip"; - hash = "sha256-PZ7KPtaXZFVD5uMc7i+GQMA4DU5PsspeAodiU/FrTpY="; + hash = "sha256-RvD/aeZrvltJiuAHqYMNaRsjLgTdcC1/5zqlcd4qKAA="; }; installPhase = '' From de7ee23095878327e08529cd272b4366da6ce20a Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 2 Mar 2023 10:51:06 +0100 Subject: [PATCH 43/43] cargo-insta: equalize --- .../tools/rust/cargo-insta/default.nix | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/pkgs/development/tools/rust/cargo-insta/default.nix b/pkgs/development/tools/rust/cargo-insta/default.nix index fcf556a47d8d..8c1b6d4a6514 100644 --- a/pkgs/development/tools/rust/cargo-insta/default.nix +++ b/pkgs/development/tools/rust/cargo-insta/default.nix @@ -1,4 +1,9 @@ -{ lib, rustPlatform, fetchFromGitHub, libiconv, stdenv }: +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, libiconv +}: rustPlatform.buildRustPackage rec { pname = "cargo-insta"; @@ -7,13 +12,17 @@ rustPlatform.buildRustPackage rec { src = fetchFromGitHub { owner = "mitsuhiko"; repo = "insta"; - rev = version; - sha256 = "sha256-GqM3b2evjACNkTOyfA6N6TInuGo9f/1retkXVTgbJ3A="; + rev = "refs/tags/${version}"; + hash = "sha256-GqM3b2evjACNkTOyfA6N6TInuGo9f/1retkXVTgbJ3A="; }; sourceRoot = "source/cargo-insta"; + cargoHash = "sha256-ZIS3O19N7w+sL+2IdoCw4/Hx9Jtjx7MYE7JcEu+PFRA="; - buildInputs = lib.optionals stdenv.isDarwin [ libiconv ]; + + buildInputs = lib.optionals stdenv.isDarwin [ + libiconv + ]; meta = with lib; { description = "A Cargo subcommand for snapshot testing";