diff --git a/lib/systems/default.nix b/lib/systems/default.nix index a71ea9209cb8..83ed32ed3275 100644 --- a/lib/systems/default.nix +++ b/lib/systems/default.nix @@ -1,7 +1,25 @@ { lib }: - let inherit (lib.attrsets) mapAttrs; in -rec { +let + inherit (lib) + any + filterAttrs + foldl + hasInfix + isFunction + isList + isString + mapAttrs + optional + optionalAttrs + optionalString + removeSuffix + replaceStrings + toUpper + ; + + inherit (lib.strings) toJSON; + doubles = import ./doubles.nix { inherit lib; }; parse = import ./parse.nix { inherit lib; }; inspect = import ./inspect.nix { inherit lib; }; @@ -24,7 +42,7 @@ rec { both arguments have been `elaborate`-d. */ equals = - let removeFunctions = a: lib.filterAttrs (_: v: !builtins.isFunction v) a; + let removeFunctions = a: filterAttrs (_: v: !isFunction v) a; in a: b: removeFunctions a == removeFunctions b; /* List of all Nix system doubles the nixpkgs flake will expose the package set @@ -41,7 +59,7 @@ rec { # clearly preferred, and to prevent cycles. A simpler fixed point where the RHS # always just used `final.*` would fail on both counts. elaborate = args': let - args = if lib.isString args' then { system = args'; } + args = if isString args' then { system = args'; } else args'; # TODO: deprecate args.rustc in favour of args.rust after 23.05 is EOL. @@ -96,7 +114,7 @@ rec { then "lib64" else "lib" else null; - extensions = lib.optionalAttrs final.hasSharedLibraries { + extensions = optionalAttrs final.hasSharedLibraries { sharedLibrary = if final.isDarwin then ".dylib" else if final.isWindows then ".dll" @@ -134,9 +152,9 @@ rec { # uname -m processor = if final.isPower64 - then "ppc64${lib.optionalString final.isLittleEndian "le"}" + then "ppc64${optionalString final.isLittleEndian "le"}" else if final.isPower - then "ppc${lib.optionalString final.isLittleEndian "le"}" + then "ppc${optionalString final.isLittleEndian "le"}" else if final.isMips64 then "mips64" # endianness is *not* included on mips64 else final.parsed.cpu.name; @@ -202,8 +220,8 @@ rec { else if final.isS390 && !final.isS390x then null else if final.isx86_64 then "x86_64" else if final.isx86 then "i386" - else if final.isMips64n32 then "mipsn32${lib.optionalString final.isLittleEndian "el"}" - else if final.isMips64 then "mips64${lib.optionalString final.isLittleEndian "el"}" + else if final.isMips64n32 then "mipsn32${optionalString final.isLittleEndian "el"}" + else if final.isMips64 then "mips64${optionalString final.isLittleEndian "el"}" else final.uname.processor; # Name used by UEFI for architectures. @@ -259,7 +277,7 @@ rec { if pkgs.stdenv.hostPlatform.canExecute final then "${pkgs.runtimeShell} -c '\"$@\"' --" else if final.isWindows - then "${wine}/bin/wine${lib.optionalString (final.parsed.cpu.bits == 64) "64"}" + then "${wine}/bin/wine${optionalString (final.parsed.cpu.bits == 64) "64"}" else if final.isLinux && pkgs.stdenv.hostPlatform.isLinux && final.qemuArch != null then "${qemu-user}/bin/qemu-${final.qemuArch}" else if final.isWasi @@ -310,10 +328,10 @@ rec { let f = args.rustc.platform.target-family; in - if builtins.isList f then f else [ f ] + if isList f then f else [ f ] ) - else lib.optional final.isUnix "unix" - ++ lib.optional final.isWindows "windows"; + else optional final.isUnix "unix" + ++ optional final.isWindows "windows"; # https://doc.rust-lang.org/reference/conditional-compilation.html#target_vendor vendor = let @@ -337,13 +355,13 @@ rec { vendor_ = final.rust.platform.vendor; # TODO: deprecate args.rustc in favour of args.rust after 23.05 is EOL. in args.rust.rustcTarget or args.rustc.config - or "${cpu_}-${vendor_}-${kernel.name}${lib.optionalString (abi.name != "unknown") "-${abi.name}"}"; + or "${cpu_}-${vendor_}-${kernel.name}${optionalString (abi.name != "unknown") "-${abi.name}"}"; # The name of the rust target if it is standard, or the json file # containing the custom target spec. rustcTargetSpec = rust.rustcTargetSpec or ( /**/ if rust ? platform - then builtins.toFile (final.rust.rustcTarget + ".json") (builtins.toJSON rust.platform) + then builtins.toFile (final.rust.rustcTarget + ".json") (toJSON rust.platform) else final.rust.rustcTarget); # The name of the rust target if it is standard, or the @@ -352,7 +370,7 @@ rec { # # This is the name used by Cargo for target subdirectories. cargoShortTarget = - lib.removeSuffix ".json" (baseNameOf "${final.rust.rustcTargetSpec}"); + removeSuffix ".json" (baseNameOf "${final.rust.rustcTargetSpec}"); # When used as part of an environment variable name, triples are # uppercased and have all hyphens replaced by underscores: @@ -360,17 +378,17 @@ rec { # https://github.com/rust-lang/cargo/pull/9169 # https://github.com/rust-lang/cargo/issues/8285#issuecomment-634202431 cargoEnvVarTarget = - lib.strings.replaceStrings ["-"] ["_"] - (lib.strings.toUpper final.rust.cargoShortTarget); + replaceStrings ["-"] ["_"] + (toUpper final.rust.cargoShortTarget); # True if the target is no_std # https://github.com/rust-lang/rust/blob/2e44c17c12cec45b6a682b1e53a04ac5b5fcc9d2/src/bootstrap/config.rs#L415-L421 isNoStdTarget = - builtins.any (t: lib.hasInfix t final.rust.rustcTarget) ["-none" "nvptx" "switch" "-uefi"]; + any (t: hasInfix t final.rust.rustcTarget) ["-none" "nvptx" "switch" "-uefi"]; }; }; in assert final.useAndroidPrebuilt -> final.isAndroid; - assert lib.foldl + assert foldl (pass: { assertion, message }: if assertion final then pass @@ -378,4 +396,20 @@ rec { true (final.parsed.abi.assertions or []); final; + +in + +# Everything in this attrset is the public interface of the file. +{ + inherit + architectures + doubles + elaborate + equals + examples + flakeExposed + inspect + parse + platforms + ; } diff --git a/lib/systems/inspect.nix b/lib/systems/inspect.nix index c6a33781ae28..ebc7ab366876 100644 --- a/lib/systems/inspect.nix +++ b/lib/systems/inspect.nix @@ -1,10 +1,31 @@ { lib }: -with import ./parse.nix { inherit lib; }; -with lib.attrsets; -with lib.lists; -let abis_ = abis; in -let abis = lib.mapAttrs (_: abi: builtins.removeAttrs abi [ "assertions" ]) abis_; in +let + inherit (lib) + any + attrValues + concatMap + filter + hasPrefix + isList + mapAttrs + matchAttrs + recursiveUpdateUntil + toList + ; + + inherit (lib.strings) toJSON; + + inherit (lib.systems.parse) + kernels + kernelFamilies + significantBytes + cpuTypes + execFormats + ; + + abis = mapAttrs (_: abi: removeAttrs abi [ "assertions" ]) lib.systems.parse.abis; +in rec { # these patterns are to be matched against {host,build,target}Platform.parsed @@ -32,8 +53,8 @@ rec { isx86 = { cpu = { family = "x86"; }; }; isAarch32 = { cpu = { family = "arm"; bits = 32; }; }; isArmv7 = map ({ arch, ... }: { cpu = { inherit arch; }; }) - (lib.filter (cpu: lib.hasPrefix "armv7" cpu.arch or "") - (lib.attrValues cpuTypes)); + (filter (cpu: hasPrefix "armv7" cpu.arch or "") + (attrValues cpuTypes)); isAarch64 = { cpu = { family = "arm"; bits = 64; }; }; isAarch = { cpu = { family = "arm"; }; }; isMicroBlaze = { cpu = { family = "microblaze"; }; }; @@ -111,19 +132,19 @@ rec { let # patterns can be either a list or a (bare) singleton; turn # them into singletons for uniform handling - pat1 = lib.toList pat1_; - pat2 = lib.toList pat2_; + pat1 = toList pat1_; + pat2 = toList pat2_; in - lib.concatMap (attr1: + concatMap (attr1: map (attr2: - lib.recursiveUpdateUntil + recursiveUpdateUntil (path: subattr1: subattr2: if (builtins.intersectAttrs subattr1 subattr2) == {} || subattr1 == subattr2 then true else throw '' pattern conflict at path ${toString path}: - ${builtins.toJSON subattr1} - ${builtins.toJSON subattr2} + ${toJSON subattr1} + ${toJSON subattr2} '') attr1 attr2 @@ -132,7 +153,7 @@ rec { pat1; matchAnyAttrs = patterns: - if builtins.isList patterns then attrs: any (pattern: matchAttrs pattern attrs) patterns + if isList patterns then attrs: any (pattern: matchAttrs pattern attrs) patterns else matchAttrs patterns; predicates = mapAttrs (_: matchAnyAttrs) patterns; diff --git a/lib/systems/parse.nix b/lib/systems/parse.nix index b69ad669e187..191e9734b879 100644 --- a/lib/systems/parse.nix +++ b/lib/systems/parse.nix @@ -15,14 +15,45 @@ # systems that overlap with existing ones and won't notice something amiss. # { lib }: -with lib.lists; -with lib.types; -with lib.attrsets; -with lib.strings; -with (import ./inspect.nix { inherit lib; }).predicates; let - inherit (lib.options) mergeOneOption; + inherit (lib) + all + any + attrValues + elem + elemAt + hasPrefix + id + length + mapAttrs + mergeOneOption + optionalString + splitString + versionAtLeast + ; + + inherit (lib.strings) match; + + inherit (lib.systems.inspect.predicates) + isAarch32 + isBigEndian + isDarwin + isLinux + isPower64 + isWindows + ; + + inherit (lib.types) + enum + float + isType + mkOptionType + number + setType + string + types + ; setTypes = type: mapAttrs (name: value: @@ -33,10 +64,10 @@ let # regex `e?abi.*$` when determining the validity of a triple. In # other words, `i386-linuxabichickenlips` is a valid triple. removeAbiSuffix = x: - let match = builtins.match "(.*)e?abi.*" x; - in if match==null + let found = match "(.*)e?abi.*" x; + in if found == null then x - else lib.elemAt match 0; + else elemAt found 0; in @@ -76,7 +107,7 @@ rec { types.cpuType = enum (attrValues cpuTypes); - cpuTypes = with significantBytes; setTypes types.openCpuType { + cpuTypes = let inherit (significantBytes) bigEndian littleEndian; in setTypes types.openCpuType { arm = { bits = 32; significantByte = littleEndian; family = "arm"; }; armv5tel = { bits = 32; significantByte = littleEndian; family = "arm"; version = "5"; arch = "armv5t"; }; armv6m = { bits = 32; significantByte = littleEndian; family = "arm"; version = "6"; arch = "armv6-m"; }; @@ -166,7 +197,7 @@ rec { # Note: Since 22.11 the archs of a mode switching CPU are no longer considered # pairwise compatible. Mode switching implies that binaries built for A # and B respectively can't be executed at the same time. - isCompatible = a: b: with cpuTypes; lib.any lib.id [ + isCompatible = with cpuTypes; a: b: any id [ # x86 (b == i386 && isCompatible a i486) (b == i486 && isCompatible a i586) @@ -287,7 +318,10 @@ rec { types.kernel = enum (attrValues kernels); - kernels = with execFormats; with kernelFamilies; setTypes types.openKernel { + kernels = let + inherit (execFormats) elf pe wasm unknown macho; + inherit (kernelFamilies) bsd darwin; + in setTypes types.openKernel { # TODO(@Ericson2314): Don't want to mass-rebuild yet to keeping 'darwin' as # the normalized name for macOS. macos = { execFormat = macho; families = { inherit darwin; }; name = "darwin"; }; @@ -359,7 +393,7 @@ rec { The "gnu" ABI is ambiguous on 32-bit ARM. Use "gnueabi" or "gnueabihf" instead. ''; } - { assertion = platform: with platform; !(isPower64 && isBigEndian); + { assertion = platform: !(platform.isPower64 && platform.isBigEndian); message = '' The "gnu" ABI is ambiguous on big-endian 64-bit PowerPC. Use "gnuabielfv2" or "gnuabielfv1" instead. ''; @@ -480,7 +514,7 @@ rec { /**/ if args ? abi then getAbi args.abi else if isLinux parsed || isWindows parsed then if isAarch32 parsed then - if lib.versionAtLeast (parsed.cpu.version or "0") "6" + if versionAtLeast (parsed.cpu.version or "0") "6" then abis.gnueabihf else abis.gnueabi # Default ppc64 BE to ELFv2 @@ -491,7 +525,7 @@ rec { in mkSystem parsed; - mkSystemFromString = s: mkSystemFromSkeleton (mkSkeletonFromList (lib.splitString "-" s)); + mkSystemFromString = s: mkSystemFromSkeleton (mkSkeletonFromList (splitString "-" s)); kernelName = kernel: kernel.name + toString (kernel.version or ""); @@ -503,10 +537,10 @@ rec { tripleFromSystem = { cpu, vendor, kernel, abi, ... } @ sys: assert isSystem sys; let optExecFormat = - lib.optionalString (kernel.name == "netbsd" && + optionalString (kernel.name == "netbsd" && gnuNetBSDDefaultExecFormat cpu != kernel.execFormat) kernel.execFormat.name; - optAbi = lib.optionalString (abi != abis.unknown) "-${abi.name}"; + optAbi = optionalString (abi != abis.unknown) "-${abi.name}"; in "${cpu.name}-${vendor.name}-${kernelName kernel}${optExecFormat}${optAbi}"; ################################################################################ diff --git a/nixos/tests/nix-ld.nix b/nixos/tests/nix-ld.nix index 8733f5b0c397..9b851f88617a 100644 --- a/nixos/tests/nix-ld.nix +++ b/nixos/tests/nix-ld.nix @@ -1,17 +1,39 @@ -import ./make-test-python.nix ({ lib, pkgs, ...} : +{ system ? builtins.currentSystem, + config ? {}, + pkgs ? import ../.. { inherit system config; } +}: +let + inherit (import ../lib/testing-python.nix { inherit system pkgs; }) makeTest; + shared = + { config, pkgs, ... }: + { + programs.nix-ld.enable = true; + environment.systemPackages = [ + (pkgs.runCommand "patched-hello" { } '' + install -D -m755 ${pkgs.hello}/bin/hello $out/bin/hello + patchelf $out/bin/hello --set-interpreter $(cat ${config.programs.nix-ld.package}/nix-support/ldpath) + '') + ]; + }; +in { - name = "nix-ld"; - nodes.machine = { pkgs, ... }: { - programs.nix-ld.enable = true; - environment.systemPackages = [ - (pkgs.runCommand "patched-hello" {} '' - install -D -m755 ${pkgs.hello}/bin/hello $out/bin/hello - patchelf $out/bin/hello --set-interpreter $(cat ${pkgs.nix-ld}/nix-support/ldpath) - '') - ]; + nix-ld = makeTest { + name = "nix-ld"; + nodes.machine = shared; + testScript = '' + start_all() + machine.succeed("hello") + ''; }; - testScript = '' - start_all() - machine.succeed("hello") - ''; -}) + nix-ld-rs = makeTest { + name = "nix-ld-rs"; + nodes.machine = { + imports = [ shared ]; + programs.nix-ld.package = pkgs.nix-ld-rs; + }; + testScript = '' + start_all() + machine.succeed("hello") + ''; + }; +} diff --git a/nixos/tests/tracee.nix b/nixos/tests/tracee.nix index 3dadc0f9fdb3..1c241f3ec498 100644 --- a/nixos/tests/tracee.nix +++ b/nixos/tests/tracee.nix @@ -1,7 +1,13 @@ -import ./make-test-python.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: rec { name = "tracee-integration"; meta.maintainers = pkgs.tracee.meta.maintainers; + passthru.hello-world-builder = pkgs: pkgs.dockerTools.buildImage { + name = "hello-world"; + tag = "latest"; + config.Cmd = [ "${pkgs.hello}/bin/hello" ]; + }; + nodes = { machine = { config, pkgs, ... }: { # EventFilters/trace_only_events_from_new_containers and @@ -12,57 +18,48 @@ import ./make-test-python.nix ({ pkgs, ... }: { environment.systemPackages = with pkgs; [ # required by Test_EventFilters/trace_events_from_ls_and_which_binary_in_separate_scopes which - # build the go integration tests as a binary - (tracee.overrideAttrs (oa: { - pname = oa.pname + "-integration"; - postPatch = oa.postPatch or "" + '' - # prepare tester.sh (which will be embedded in the test binary) - patchShebangs tests/integration/tester.sh - - # fix the test to look at nixos paths for running programs - substituteInPlace tests/integration/integration_test.go \ - --replace "bin=/usr/bin/" "comm=" \ - --replace "binary=/usr/bin/" "comm=" \ - --replace "/usr/bin/dockerd" "dockerd" \ - --replace "/usr/bin" "/run/current-system/sw/bin" - ''; - nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ makeWrapper ]; - buildPhase = '' - runHook preBuild - # just build the static lib we need for the go test binary - make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf-core ./dist/btfhub - - # then compile the tests to be ran later - CGO_LDFLAGS="$(pkg-config --libs libbpf)" go test -tags core,ebpf,integration -p 1 -c -o $GOPATH/tracee-integration ./tests/integration/... - runHook postBuild - ''; - doCheck = false; - outputs = [ "out" ]; - installPhase = '' - mkdir -p $out/bin - mv $GOPATH/tracee-integration $out/bin/ - ''; - doInstallCheck = false; - - meta = oa.meta // { - outputsToInstall = []; - }; - })) + # the go integration tests as a binary + tracee.passthru.tests.integration-test-cli ]; }; }; - testScript = '' - machine.wait_for_unit("docker.service") + testScript = + let + skippedTests = [ + # these comm tests for some reason do not resolve. + # something about the test is different as it works fine if I replicate + # the policies and run tracee myself but doesn't work in the integration + # test either with the automatic run or running the commands by hand + # while it's searching. + "Test_EventFilters/comm:_event:_args:_trace_event_set_in_a_specific_policy_with_args_from_ls_command" + "Test_EventFilters/comm:_event:_trace_events_set_in_two_specific_policies_from_ls_and_uname_commands" - with subtest("run integration tests"): - # EventFilters/trace_only_events_from_new_containers also requires a container called "alpine" - machine.succeed('tar c -C ${pkgs.pkgsStatic.busybox} . | docker import - alpine --change "ENTRYPOINT [\"sleep\"]"') + # worked at some point, seems to be flakey + "Test_EventFilters/pid:_event:_args:_trace_event_sched_switch_with_args_from_pid_0" + ]; + in + '' + with subtest("prepare for integration tests"): + machine.wait_for_unit("docker.service") + machine.succeed('which bash') - # Test_EventFilters/trace_event_set_in_a_specific_scope expects to be in a dir that includes "integration" - print(machine.succeed( - 'mkdir /tmp/integration', - 'cd /tmp/integration && tracee-integration -test.v' - )) - ''; + # EventFilters/trace_only_events_from_new_containers also requires a container called "hello-world" + machine.succeed('docker load < ${passthru.hello-world-builder pkgs}') + + # exec= needs fully resolved paths + machine.succeed( + 'mkdir /tmp/testdir', + 'cp $(which who) /tmp/testdir/who', + 'cp $(which uname) /tmp/testdir/uname', + ) + + with subtest("run integration tests"): + # Test_EventFilters/trace_event_set_in_a_specific_scope expects to be in a dir that includes "integration" + # tests must be ran with 1 process + print(machine.succeed( + 'mkdir /tmp/integration', + 'cd /tmp/integration && export PATH="/tmp/testdir:$PATH" && integration.test -test.v -test.parallel 1 -test.skip="^${builtins.concatStringsSep "$|^" skippedTests}$"' + )) + ''; }) diff --git a/pkgs/applications/audio/tidal-hifi/default.nix b/pkgs/applications/audio/tidal-hifi/default.nix index bb3986dd88aa..d9d14b9670db 100644 --- a/pkgs/applications/audio/tidal-hifi/default.nix +++ b/pkgs/applications/audio/tidal-hifi/default.nix @@ -36,11 +36,11 @@ stdenv.mkDerivation (finalAttrs: { pname = "tidal-hifi"; - version = "5.9.0"; + version = "5.10.0"; src = fetchurl { url = "https://github.com/Mastermindzh/tidal-hifi/releases/download/${finalAttrs.version}/tidal-hifi_${finalAttrs.version}_amd64.deb"; - sha256 = "sha256-t79GNCqY99JfCT+4wO3CTtLXFdKQudMw4pZNiJzOufo="; + sha256 = "sha256-+sRXpRAtbLpQlyJUhbc1Cuzh6aV8HRvYH/ja9sfvKoA="; }; nativeBuildInputs = [ autoPatchelfHook dpkg makeWrapper ]; diff --git a/pkgs/applications/audio/waylyrics/Cargo.lock b/pkgs/applications/audio/waylyrics/Cargo.lock index 2c87d54dd27a..601514f02cf9 100644 --- a/pkgs/applications/audio/waylyrics/Cargo.lock +++ b/pkgs/applications/audio/waylyrics/Cargo.lock @@ -126,6 +126,12 @@ version = "0.21.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" +[[package]] +name = "base64" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" + [[package]] name = "bitflags" version = "1.3.2" @@ -431,17 +437,6 @@ dependencies = [ "powerfmt", ] -[[package]] -name = "derivative" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" -dependencies = [ - "proc-macro2", - "quote 1.0.35", - "syn 1.0.109", -] - [[package]] name = "derive_is_enum_variant" version = "0.1.1" @@ -964,9 +959,9 @@ dependencies = [ [[package]] name = "h2" -version = "0.3.24" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb2c4422095b67ee78da96fbb51a4cc413b3b25883c7717ff7ca1ab31022c9c9" +checksum = "51ee2dd2e4f378392eeff5d51618cd9a63166a2513846bbc55f21cfacd9199d4" dependencies = [ "bytes", "fnv", @@ -1034,9 +1029,9 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" [[package]] name = "http" -version = "0.2.11" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8947b1a6fad4393052c7ba1f4cd97bed3e953a95c79c92ad9b051a04611d9fbb" +checksum = "21b9ddb458710bc376481b842f5da65cdf31522de232c1ca8146abce2a358258" dependencies = [ "bytes", "fnv", @@ -1045,12 +1040,24 @@ dependencies = [ [[package]] name = "http-body" -version = "0.4.6" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" +checksum = "1cac85db508abc24a2e48553ba12a996e87244a0395ce011e62b37158745d643" dependencies = [ "bytes", "http", +] + +[[package]] +name = "http-body-util" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0475f8b2ac86659c21b64320d5d653f9efe42acd2a4e560073ec61a155a34f1d" +dependencies = [ + "bytes", + "futures-core", + "http", + "http-body", "pin-project-lite", ] @@ -1060,47 +1067,60 @@ version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" -[[package]] -name = "httpdate" -version = "1.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" - [[package]] name = "hyper" -version = "0.14.28" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf96e135eb83a2a8ddf766e426a841d8ddd7449d5f00d34ea02b41d2f19eef80" +checksum = "186548d73ac615b32a73aafe38fb4f56c0d340e110e5a200bcadbaf2e199263a" dependencies = [ "bytes", "futures-channel", - "futures-core", "futures-util", "h2", "http", "http-body", "httparse", - "httpdate", "itoa", "pin-project-lite", - "socket2", + "smallvec", "tokio", - "tower-service", - "tracing", "want", ] [[package]] name = "hyper-tls" -version = "0.5.0" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" +checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0" dependencies = [ "bytes", + "http-body-util", "hyper", + "hyper-util", "native-tls", "tokio", "tokio-native-tls", + "tower-service", +] + +[[package]] +name = "hyper-util" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca38ef113da30126bbff9cd1705f9273e15d45498615d138b0c20279ac7a76aa" +dependencies = [ + "bytes", + "futures-channel", + "futures-util", + "http", + "http-body", + "hyper", + "pin-project-lite", + "socket2", + "tokio", + "tower", + "tower-service", + "tracing", ] [[package]] @@ -1328,9 +1348,9 @@ dependencies = [ [[package]] name = "mio" -version = "0.8.10" +version = "0.8.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09" +checksum = "a4a650543ca06a924e8b371db273b2756685faae30f8487da1b56505a8f78b0c" dependencies = [ "libc", "wasi", @@ -1371,9 +1391,9 @@ dependencies = [ [[package]] name = "ncmapi" version = "0.1.13" -source = "git+https://github.com/waylyrics/ncmapi-rs.git?rev=51b4d121#51b4d121235823e8040feb3a9c9052da0559fe75" +source = "git+https://github.com/waylyrics/ncmapi-rs.git?rev=590f280#590f280458e1826df0af0f0f624c2222448a7dee" dependencies = [ - "base64", + "base64 0.22.0", "cookie 0.18.0", "hex", "openssl", @@ -1638,6 +1658,26 @@ dependencies = [ "siphasher", ] +[[package]] +name = "pin-project" +version = "1.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6bf43b791c5b9e34c3d182969b4abb522f9343702850a2e57f460d00d09b4b3" +dependencies = [ + "pin-project-internal", +] + +[[package]] +name = "pin-project-internal" +version = "1.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" +dependencies = [ + "proc-macro2", + "quote 1.0.35", + "syn 2.0.50", +] + [[package]] name = "pin-project-lite" version = "0.2.13" @@ -1871,11 +1911,11 @@ dependencies = [ [[package]] name = "reqwest" -version = "0.11.24" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c6920094eb85afde5e4a138be3f2de8bbdf28000f0029e72c45025a56b042251" +checksum = "58b48d98d932f4ee75e541614d32a7f44c889b72bd9c2e04d95edd135989df88" dependencies = [ - "base64", + "base64 0.21.7", "bytes", "cookie 0.17.0", "cookie_store", @@ -1885,8 +1925,10 @@ dependencies = [ "h2", "http", "http-body", + "http-body-util", "hyper", "hyper-tls", + "hyper-util", "ipnet", "js-sys", "log", @@ -2000,7 +2042,7 @@ version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" dependencies = [ - "base64", + "base64 0.21.7", ] [[package]] @@ -2535,6 +2577,28 @@ dependencies = [ "winnow 0.6.2", ] +[[package]] +name = "tower" +version = "0.4.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" +dependencies = [ + "futures-core", + "futures-util", + "pin-project", + "pin-project-lite", + "tokio", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "tower-layer" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c20c8dbed6283a09604c3e69b4b7eeb54e298b8a600d4d5ecb5ad39de609f1d0" + [[package]] name = "tower-service" version = "0.3.2" @@ -2547,6 +2611,7 @@ version = "0.1.40" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" dependencies = [ + "log", "pin-project-lite", "tracing-attributes", "tracing-core", @@ -2788,14 +2853,13 @@ checksum = "4f186bd2dcf04330886ce82d6f33dd75a7bfcf69ecf5763b89fcde53b6ac9838" [[package]] name = "waylyrics" -version = "0.2.12" +version = "0.2.13" dependencies = [ "anyhow", "async-channel", "async-trait", "dbus", "dbus-dummy", - "derivative", "documented", "gettext-rs", "glib-macros", diff --git a/pkgs/applications/audio/waylyrics/default.nix b/pkgs/applications/audio/waylyrics/default.nix index 9f55645a56bb..d698b4b6f016 100644 --- a/pkgs/applications/audio/waylyrics/default.nix +++ b/pkgs/applications/audio/waylyrics/default.nix @@ -9,19 +9,19 @@ rustPlatform.buildRustPackage rec { pname = "waylyrics"; - version = "0.2.12"; + version = "0.2.13"; src = fetchFromGitHub { owner = "poly000"; repo = "waylyrics"; rev = "v${version}"; - hash = "sha256-sUhFT3Vq/IjbMir7/AVCU8FyfmoNiZsn2zkqdJkOMFo="; + hash = "sha256-522NdpGj0oh2SbWa4GFCFpqNFRhqQxfZ1ZRuS9jUj7Y="; }; cargoLock = { lockFile = ./Cargo.lock; outputHashes = { - "ncmapi-0.1.13" = "sha256-NxgF1TV+3hK5oE/DfJnWyc+XmPX3U1UeD+xTkcvDzIA="; + "ncmapi-0.1.13" = "sha256-qu89qf4IPM14V+oE4QQr/SsXSTx3vQbyfzD+Pihcd3E="; "qqmusic-rs-0.1.0" = "sha256-woLsO0n+m3EBUI+PRLio7iLp0UPQSliWK0djCSZEaZc="; }; }; @@ -51,6 +51,14 @@ rustPlatform.buildRustPackage rec { # Install icons install -d $out/share/icons cp -vr res/icons/hicolor $out/share/icons/hicolor + # Install translations + pushd locales + for po in $(find . -type f -name '*.po') + do + install -d $(dirname "$out/share/locale/$po") + msgfmt -o $out/share/locale/''${po%.po}.mo $po + done + popd ''; meta = with lib; { diff --git a/pkgs/applications/blockchains/trezor-suite/default.nix b/pkgs/applications/blockchains/trezor-suite/default.nix index 328e423535f3..a633694df2e0 100644 --- a/pkgs/applications/blockchains/trezor-suite/default.nix +++ b/pkgs/applications/blockchains/trezor-suite/default.nix @@ -53,6 +53,9 @@ appimageTools.wrapType2 rec { ''; meta = with lib; { + # trezor-suite fails to detect a connected hardware wallet + # ref: https://github.com/NixOS/nixpkgs/issues/281975 + broken = true; description = "Trezor Suite - Desktop App for managing crypto"; homepage = "https://suite.trezor.io"; changelog = "https://github.com/trezor/trezor-suite/releases/tag/v${version}"; diff --git a/pkgs/applications/editors/gedit/default.nix b/pkgs/applications/editors/gedit/default.nix index d7e5ac0ba1eb..eb985016b178 100644 --- a/pkgs/applications/editors/gedit/default.nix +++ b/pkgs/applications/editors/gedit/default.nix @@ -4,6 +4,7 @@ , mesonEmulatorHook , fetchurl , python3 +, python3Packages , pkg-config , gtk3 , gtk-mac-integration @@ -53,6 +54,7 @@ stdenv.mkDerivation rec { perl pkg-config python3 + python3Packages.wrapPython vala wrapGAppsHook gtk-doc @@ -85,6 +87,16 @@ stdenv.mkDerivation rec { # Reliably fails to generate gedit-file-browser-enum-types.h in time enableParallelBuilding = false; + pythonPath = with python3Packages; [ + # https://github.com/NixOS/nixpkgs/issues/298716 + pycairo + ]; + + postFixup = '' + buildPythonPath "$pythonPath" + patchPythonScript $out/lib/gedit/plugins/snippets/document.py + ''; + passthru = { updateScript = gnome.updateScript { packageName = "gedit"; diff --git a/pkgs/applications/misc/gramps/check-locale-hasattr-textdomain.patch b/pkgs/applications/misc/gramps/check-locale-hasattr-textdomain.patch new file mode 100644 index 000000000000..e1573ba5de33 --- /dev/null +++ b/pkgs/applications/misc/gramps/check-locale-hasattr-textdomain.patch @@ -0,0 +1,19 @@ +diff --git a/gramps/gen/utils/grampslocale.py b/gramps/gen/utils/grampslocale.py +index f25030e..59c1c90 100644 +--- a/gramps/gen/utils/grampslocale.py ++++ b/gramps/gen/utils/grampslocale.py +@@ -370,8 +370,12 @@ class GrampsLocale: + ) + else: + # bug12278, _build_popup_ui() under linux and macOS +- locale.textdomain(self.localedomain) +- locale.bindtextdomain(self.localedomain, self.localedir) ++ if hasattr(locale, 'textdomain'): ++ locale.textdomain(self.localedomain) ++ locale.bindtextdomain(self.localedomain, self.localedir) ++ else: ++ gettext.textdomain(self.localedomain) ++ gettext.bindtextdomain(self.localedomain, self.localedir) + + self.rtl_locale = False + if self.language[0] in _RTL_LOCALES: diff --git a/pkgs/applications/misc/gramps/default.nix b/pkgs/applications/misc/gramps/default.nix index bd0690b381a9..a24cff0942e1 100644 --- a/pkgs/applications/misc/gramps/default.nix +++ b/pkgs/applications/misc/gramps/default.nix @@ -1,5 +1,4 @@ { lib -, fetchpatch , fetchFromGitHub , gtk3 , pythonPackages @@ -10,8 +9,8 @@ , gobject-introspection , wrapGAppsHook , gettext -, # Optional packages: - enableOSM ? true + # Optional packages: +, enableOSM ? true , osm-gps-map , glib-networking , enableGraphviz ? true @@ -21,13 +20,29 @@ }: let - inherit (pythonPackages) python buildPythonApplication; + inherit (pythonPackages) buildPythonApplication pythonOlder; in buildPythonApplication rec { - version = "5.1.6"; + version = "5.2.0"; pname = "gramps"; pyproject = true; + disabled = pythonOlder "3.8"; + + src = fetchFromGitHub { + owner = "gramps-project"; + repo = "gramps"; + rev = "v${version}"; + hash = "sha256-8iQcaWLiBegVjcV16TfZbp8/4N/9f5pEl7mdV78CeEY="; + }; + + patches = [ + # textdomain doesn't exist as a property on locale when running on Darwin + ./check-locale-hasattr-textdomain.patch + # disables the startup warning about bad GTK installation + ./disable-gtk-warning-dialog.patch + ]; + nativeBuildInputs = [ wrapGAppsHook intltool @@ -38,6 +53,7 @@ buildPythonApplication rec { nativeCheckInputs = [ glibcLocales + pythonPackages.unittestCheckHook pythonPackages.jsonschema pythonPackages.mock pythonPackages.lxml @@ -52,55 +68,25 @@ buildPythonApplication rec { ++ lib.optional enableGhostscript ghostscript ; - src = fetchFromGitHub { - owner = "gramps-project"; - repo = "gramps"; - rev = "v${version}"; - hash = "sha256-BerkDXdFYfZ3rV5AeMo/uk53IN2U5z4GFs757Ar26v0="; - }; - - pythonPath = with pythonPackages; [ + propagatedBuildInputs = with pythonPackages; [ bsddb3 pyicu pygobject3 pycairo ]; - patches = [ - # fix for running tests with a temporary home - remove next release - # https://gramps-project.org/bugs/view.php?id=12577 - (fetchpatch { - url = "https://github.com/gramps-project/gramps/commit/1e95d8a6b5193d655d8caec1e6ab13628ad123db.patch"; - hash = "sha256-2riWB13Yl+tk9+Tuo0YDLoxY2Rc0xrJKfb+ZU7Puzxk="; - }) - ]; - - # Same installPhase as in buildPythonApplication but without --old-and-unmanageble - # install flag. - installPhase = '' - runHook preInstall - - mkdir -p "$out/${python.sitePackages}" - - export PYTHONPATH="$out/${python.sitePackages}:$PYTHONPATH" - - ${python}/bin/${python.executable} setup.py install \ - --install-lib=$out/${python.sitePackages} \ - --prefix="$out" - - eapth="$out/${python.sitePackages}/easy-install.pth" - if [ -e "$eapth" ]; then - # move colliding easy_install.pth to specifically named one - mv "$eapth" $(dirname "$eapth")/${pname}-${version}.pth - fi - - rm -f "$out/${python.sitePackages}"/site.py* - - runHook postInstall - ''; preCheck = '' - export HOME=$TMPDIR + export HOME=$(mktemp -d) + mkdir .git # Make gramps think that it's not in an installed state + ''; + + dontWrapGApps = true; + + preFixup = '' + makeWrapperArgs+=( + "''${gappsWrapperArgs[@]}" + ) ''; # https://github.com/NixOS/nixpkgs/issues/149812 @@ -111,8 +97,8 @@ buildPythonApplication rec { description = "Genealogy software"; mainProgram = "gramps"; homepage = "https://gramps-project.org"; - maintainers = with maintainers; [ jk pinpox ]; - changelog = "https://github.com/gramps-project/gramps/blob/v${version}/ChangeLog"; + maintainers = with maintainers; [ jk pinpox tomasajt ]; + changelog = "https://github.com/gramps-project/gramps/blob/${src.rev}/ChangeLog"; longDescription = '' Every person has their own story but they are also part of a collective family history. Gramps gives you the ability to record the many details of diff --git a/pkgs/applications/misc/gramps/disable-gtk-warning-dialog.patch b/pkgs/applications/misc/gramps/disable-gtk-warning-dialog.patch new file mode 100644 index 000000000000..c97fe9dde9f4 --- /dev/null +++ b/pkgs/applications/misc/gramps/disable-gtk-warning-dialog.patch @@ -0,0 +1,14 @@ +diff --git a/gramps/gui/grampsgui.py b/gramps/gui/grampsgui.py +index 0c0d4c3..522f65a 100644 +--- a/gramps/gui/grampsgui.py ++++ b/gramps/gui/grampsgui.py +@@ -573,9 +573,6 @@ class Gramps: + dbstate = DbState() + self._vm = ViewManager(app, dbstate, config.get("interface.view-categories")) + +- if lin() and glocale.lang != "C" and not gettext.find(GTK_GETTEXT_DOMAIN): +- _display_gtk_gettext_message(parent=self._vm.window) +- + _display_translator_message(parent=self._vm.window) + + self._vm.init_interface() diff --git a/pkgs/applications/misc/nwg-displays/default.nix b/pkgs/applications/misc/nwg-displays/default.nix index f2d4461d4c08..66bc1d838de1 100644 --- a/pkgs/applications/misc/nwg-displays/default.nix +++ b/pkgs/applications/misc/nwg-displays/default.nix @@ -14,13 +14,13 @@ python310Packages.buildPythonApplication rec { pname = "nwg-displays"; - version = "0.3.14"; + version = "0.3.16"; src = fetchFromGitHub { owner = "nwg-piotr"; repo = "nwg-displays"; rev = "refs/tags/v${version}"; - hash = "sha256-jSL+ig1mNJrnHli8B+BqvEG8jcC0gnxzbukiYgt3nP0="; + hash = "sha256-rnaBYDGEsc8oGw4yZ60NQFbNf+L0tmHYDYf+UDoDmSI="; }; nativeBuildInputs = [ diff --git a/pkgs/applications/networking/cluster/civo/default.nix b/pkgs/applications/networking/cluster/civo/default.nix index d2f913a765ed..cacdf46f74c3 100644 --- a/pkgs/applications/networking/cluster/civo/default.nix +++ b/pkgs/applications/networking/cluster/civo/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "civo"; - version = "1.0.76"; + version = "1.0.77"; src = fetchFromGitHub { owner = "civo"; repo = "cli"; rev = "v${version}"; - sha256 = "sha256-Bk0YfW9KDliaJIqpVxCXTy7EiGGJPZTXcn6SFEmywRE="; + sha256 = "sha256-W9CJAFLGarDG/Y8g2Whoh4v9hxqb8txuLfAkooW8PNM="; }; - vendorHash = "sha256-22n+ks1D65Gk2acCMHxgj19VHDf4B23ivqHfo3J45j0="; + vendorHash = "sha256-Uh2/4qdJQfqQdjXbOBkUVv2nF1AN+QRKRI0+yta+G5Q="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/applications/networking/instant-messengers/beeper/default.nix b/pkgs/applications/networking/instant-messengers/beeper/default.nix index ce49c9e8c29a..f36dd6b82966 100644 --- a/pkgs/applications/networking/instant-messengers/beeper/default.nix +++ b/pkgs/applications/networking/instant-messengers/beeper/default.nix @@ -11,11 +11,11 @@ }: let pname = "beeper"; - version = "3.100.26"; + version = "3.101.24"; name = "${pname}-${version}"; src = fetchurl { - url = "https://download.todesktop.com/2003241lzgn20jd/beeper-3.100.26-build-240314pjsp57xom-x86_64.AppImage"; - hash = "sha256-KYjB7ZfjoVf6UoXQvmtAqtD23JNQGqboNzXekAiJF7k="; + url = "https://download.todesktop.com/2003241lzgn20jd/beeper-3.101.24-build-240322frr3t3orv-x86_64.AppImage"; + hash = "sha256-yfkWvPYQhI8cfXfmmyi2LoSro1jxJRWy9phycv5TUL8="; }; appimage = appimageTools.wrapType2 { inherit version pname src; diff --git a/pkgs/applications/networking/trayscale/default.nix b/pkgs/applications/networking/trayscale/default.nix index 023b72b88837..329491fd8230 100644 --- a/pkgs/applications/networking/trayscale/default.nix +++ b/pkgs/applications/networking/trayscale/default.nix @@ -11,16 +11,16 @@ buildGoModule rec { pname = "trayscale"; - version = "0.10.4"; + version = "0.11.0"; src = fetchFromGitHub { owner = "DeedleFake"; repo = "trayscale"; rev = "v${version}"; - hash = "sha256-/31QKCyMeEdpP59B+iXS5hL9W5sWz7R/I2nxBtj+0s4="; + hash = "sha256-qSrt94hEJosdvs2N6rbcJLpjqvMPkY20dIKV3jtjFlg="; }; - vendorHash = "sha256-xYBiO6Zm32Do19I/cm4T6fubXY++Bhkn+RNAmKzM5cY="; + vendorHash = "sha256-eIakjEYfVp2wfXu0oqBmd5hJZTp0xgYKNNbtpRBnT2w="; subPackages = [ "cmd/trayscale" ]; diff --git a/pkgs/applications/radio/qlog/default.nix b/pkgs/applications/radio/qlog/default.nix index a752592d412d..48116beb3e3b 100644 --- a/pkgs/applications/radio/qlog/default.nix +++ b/pkgs/applications/radio/qlog/default.nix @@ -16,13 +16,13 @@ stdenv.mkDerivation rec { pname = "qlog"; - version = "0.33.1"; + version = "0.34.0"; src = fetchFromGitHub { owner = "foldynl"; repo = "QLog"; rev = "v${version}"; - hash = "sha256-stPzkCLcjzQT0n1NRGT7YN625RPYhJ9FuMkjtFZwtbA="; + hash = "sha256-zPIGqVfpd7Gkm3Ify+AwiCSWQ67ybv9BmuolSu9WzHM="; fetchSubmodules = true; }; diff --git a/pkgs/applications/video/obs-studio/plugins/obs-source-clone.nix b/pkgs/applications/video/obs-studio/plugins/obs-source-clone.nix index 7850d0229f24..bc27eca43d03 100644 --- a/pkgs/applications/video/obs-studio/plugins/obs-source-clone.nix +++ b/pkgs/applications/video/obs-studio/plugins/obs-source-clone.nix @@ -5,22 +5,22 @@ , obs-studio }: -stdenv.mkDerivation rec { +stdenv.mkDerivation { pname = "obs-source-clone"; - version = "0.1.4"; + version = "0.1.4-unstable-2024-02-19"; src = fetchFromGitHub { owner = "exeldro"; repo = "obs-source-clone"; - rev = version; - sha256 = "sha256-E2pHJO3cdOXmSlTVGsz4tncm9fMaa8Rhsq9YZDNidjs="; + rev = "d1524d5d932d6841a1fbd6061cc4a0033fb615b7"; + hash = "sha256-W9IIIGQdreI2FQGii5NUB5tVHcqsiYAKTutOHEPCyms="; }; nativeBuildInputs = [ cmake ]; buildInputs = [ obs-studio ]; cmakeFlags = [ - "-DBUILD_OUT_OF_TREE=On" + (lib.cmakeBool "BUILD_OUT_OF_TREE" true) ]; postInstall = '' @@ -32,6 +32,6 @@ stdenv.mkDerivation rec { homepage = "https://github.com/exeldro/obs-source-clone"; maintainers = with maintainers; [ flexiondotorg ]; license = licenses.gpl2Plus; - platforms = [ "x86_64-linux" "i686-linux" ]; + platforms = platforms.linux; }; } diff --git a/pkgs/build-support/build-fhsenv-bubblewrap/default.nix b/pkgs/build-support/build-fhsenv-bubblewrap/default.nix index 56dce551870e..e06fb51dd4b6 100644 --- a/pkgs/build-support/build-fhsenv-bubblewrap/default.nix +++ b/pkgs/build-support/build-fhsenv-bubblewrap/default.nix @@ -133,6 +133,8 @@ let ro_mounts=() symlinks=() etc_ignored=() + + # loop through all entries of root in the fhs environment, except its /etc. for i in ${fhsenv}/*; do path="/''${i##*/}" if [[ $path == '/etc' ]]; then @@ -146,6 +148,7 @@ let fi done + # loop through the entries of /etc in the fhs environment. if [[ -d ${fhsenv}/etc ]]; then for i in ${fhsenv}/etc/*; do path="/''${i##*/}" @@ -154,7 +157,11 @@ let if [[ $path == '/fonts' || $path == '/ssl' ]]; then continue fi - ro_mounts+=(--ro-bind "$i" "/etc$path") + if [[ -L $i ]]; then + symlinks+=(--symlink "$i" "/etc$path") + else + ro_mounts+=(--ro-bind "$i" "/etc$path") + fi etc_ignored+=("/etc$path") done fi @@ -166,6 +173,7 @@ let ro_mounts+=(--ro-bind /etc /.host-etc) fi + # link selected etc entries from the actual root for i in ${escapeShellArgs etcBindEntries}; do if [[ "''${etc_ignored[@]}" =~ "$i" ]]; then continue diff --git a/pkgs/by-name/bi/bibata-cursors/package.nix b/pkgs/by-name/bi/bibata-cursors/package.nix new file mode 100644 index 000000000000..d3749c14a6c2 --- /dev/null +++ b/pkgs/by-name/bi/bibata-cursors/package.nix @@ -0,0 +1,58 @@ +{ lib +, stdenvNoCC +, fetchFromGitHub +, fetchzip +, clickgen +}: + +stdenvNoCC.mkDerivation rec { + pname = "bibata-cursors"; + version = "2.0.6"; + + src = fetchFromGitHub { + owner = "ful1e5"; + repo = "Bibata_Cursor"; + rev = "v${version}"; + hash = "sha256-iLBgQ0reg8HzUQMUcZboMYJxqpKXks5vJVZMHirK48k="; + }; + + bitmaps = fetchzip { + url = "https://github.com/ful1e5/Bibata_Cursor/releases/download/v${version}/bitmaps.zip"; + hash = "sha256-8ujkyqby5sPcnscIPkay1gvd/1CH4R9yMJs1nH/mx8M="; + }; + + nativeBuildInputs = [ + clickgen + ]; + + buildPhase = '' + runHook preBuild + + ctgen build.toml -p x11 -d $bitmaps/Bibata-Modern-Amber -n 'Bibata-Modern-Amber' -c 'Yellowish and rounded edge bibata cursors.' + ctgen build.toml -p x11 -d $bitmaps/Bibata-Modern-Classic -n 'Bibata-Modern-Classic' -c 'Black and rounded edge Bibata cursors.' + ctgen build.toml -p x11 -d $bitmaps/Bibata-Modern-Ice -n 'Bibata-Modern-Ice' -c 'White and rounded edge Bibata cursors.' + + ctgen build.toml -p x11 -d $bitmaps/Bibata-Original-Amber -n 'Bibata-Original-Amber' -c 'Yellowish and sharp edge Bibata cursors.' + ctgen build.toml -p x11 -d $bitmaps/Bibata-Original-Classic -n 'Bibata-Original-Classic' -c 'Black and sharp edge Bibata cursors.' + ctgen build.toml -p x11 -d $bitmaps/Bibata-Original-Ice -n 'Bibata-Original-Ice' -c 'White and sharp edge Bibata cursors.' + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + install -dm 0755 $out/share/icons + cp -rf themes/* $out/share/icons/ + + runHook postInstall + ''; + + meta = { + description = "Material Based Cursor Theme"; + homepage = "https://github.com/ful1e5/Bibata_Cursor"; + license = lib.licenses.gpl3Only; + platforms = lib.platforms.linux; + maintainers = with lib.maintainers; [ rawkode AdsonCicilioti ]; + }; +} diff --git a/pkgs/by-name/br/bruno/package.nix b/pkgs/by-name/br/bruno/package.nix index 9c4069b41bc8..6cfc191f895f 100644 --- a/pkgs/by-name/br/bruno/package.nix +++ b/pkgs/by-name/br/bruno/package.nix @@ -16,6 +16,7 @@ , npm-lockfile-fix , overrideSDK , darwin +, fetchpatch }: let @@ -24,23 +25,31 @@ let buildNpmPackage.override { stdenv = if stdenv.isDarwin then overrideSDK stdenv "11.0" else stdenv; }; + # update package-lock to fix build errors. this will be resolved in the + # next patch version of Bruno at which point the patch can be removed entirely. + # upstream PR: https://github.com/usebruno/bruno/pull/1894 + brunoLockfilePatch_1_12_2 = fetchpatch { + url = "https://github.com/usebruno/bruno/pull/1894/commits/e3bab23446623315ee674283285a86e210778fe7.patch"; + hash = "sha256-8rYBvgu9ZLXjb9AFyk4yMBVjcyFPmlNi66YEaQGQaKw="; + }; in buildNpmPackage' rec { pname = "bruno"; - version = "1.11.0"; + version = "1.12.2"; src = fetchFromGitHub { owner = "usebruno"; repo = "bruno"; rev = "v${version}"; - hash = "sha256-Urskhzs00OEucoR17NDXNtnrcXk9h75E806Re0HvYyw="; + hash = "sha256-C/WeEloUGF0PEfeanm6lHe/MgpcF+g/ZY2tnqXFl9LA="; postFetch = '' + patch -d $out <${brunoLockfilePatch_1_12_2} ${lib.getExe npm-lockfile-fix} $out/package-lock.json ''; }; - npmDepsHash = "sha256-48xzx7dTalceXzjFBHIkkUS83pqP/OQ0L2tnMESpHII="; + npmDepsHash = "sha256-Zt5cVB1S86iPYKOUj7FwyR97lwmnFz6sZ+S3Ms/b9+o="; npmFlags = [ "--legacy-peer-deps" ]; nativeBuildInputs = [ diff --git a/pkgs/by-name/de/devenv/Cargo.lock b/pkgs/by-name/de/devenv/Cargo.lock index c7c39688f5c7..37df5751911b 100644 --- a/pkgs/by-name/de/devenv/Cargo.lock +++ b/pkgs/by-name/de/devenv/Cargo.lock @@ -385,7 +385,7 @@ dependencies = [ [[package]] name = "devenv" -version = "1.0.1" +version = "1.0.2" dependencies = [ "ansiterm", "clap 4.5.1", diff --git a/pkgs/by-name/de/devenv/package.nix b/pkgs/by-name/de/devenv/package.nix index 17755df44b31..21877f043c00 100644 --- a/pkgs/by-name/de/devenv/package.nix +++ b/pkgs/by-name/de/devenv/package.nix @@ -25,7 +25,7 @@ let doInstallCheck = false; }); - version = "1.0.1"; + version = "1.0.2"; in rustPlatform.buildRustPackage { pname = "devenv"; inherit version; @@ -34,7 +34,7 @@ in rustPlatform.buildRustPackage { owner = "cachix"; repo = "devenv"; rev = "v${version}"; - hash = "sha256-9LnGe0KWqXj18IV+A1panzXQuTamrH/QcasaqnuqiE0="; + hash = "sha256-JCxjmWr2+75KMPOoVybNZhy9zhhrg9BAKA8D+J6MNBc="; }; cargoLock = { diff --git a/pkgs/by-name/di/disko/package.nix b/pkgs/by-name/di/disko/package.nix index 0d03005736a5..20048c763bdc 100644 --- a/pkgs/by-name/di/disko/package.nix +++ b/pkgs/by-name/di/disko/package.nix @@ -9,12 +9,12 @@ stdenvNoCC.mkDerivation (finalAttrs: { name = "disko"; - version = "1.4.1"; + version = "1.5.0"; src = fetchFromGitHub { owner = "nix-community"; repo = "disko"; rev = "v${finalAttrs.version}"; - hash = "sha256-HeWFrRuHpnAiPmIr26OKl2g142HuGerwoO/XtW53pcI="; + hash = "sha256-5DUNQl9BSmLxgGLbF05G7hi/UTk9DyZq8AuEszhQA7Q="; }; nativeBuildInputs = [ makeWrapper ]; buildInputs = [ bash ]; diff --git a/pkgs/by-name/fr/frankenphp/package.nix b/pkgs/by-name/fr/frankenphp/package.nix index 90d10fc87f40..e6ce4c97d2b0 100644 --- a/pkgs/by-name/fr/frankenphp/package.nix +++ b/pkgs/by-name/fr/frankenphp/package.nix @@ -26,13 +26,13 @@ let pieBuild = stdenv.hostPlatform.isMusl; in buildGoModule rec { pname = "frankenphp"; - version = "1.1.0"; + version = "1.1.2"; src = fetchFromGitHub { owner = "dunglas"; repo = "frankenphp"; rev = "v${version}"; - hash = "sha256-tQ35GZuw7Ag1YfmOUarVY45yk4yugNLJetEV4m2w3GE="; + hash = "sha256-r6BMlcjvRbVnBHsfRhJyMiyZzH2Z+FLOYz6ik4I8p+A="; }; sourceRoot = "${src.name}/caddy"; @@ -40,7 +40,7 @@ in buildGoModule rec { # frankenphp requires C code that would be removed with `go mod tidy` # https://github.com/golang/go/issues/26366 proxyVendor = true; - vendorHash = "sha256-sv3IcNj1rjolgF0HZZnJ3dLV9+QeRw3ItRguz6Un9CY="; + vendorHash = "sha256-gxBD2KPkWtAM0MsaQ9Ed4QDjJCg1uJQpXvnCOnAsZTw="; buildInputs = [ phpUnwrapped brotli ] ++ phpUnwrapped.buildInputs; nativeBuildInputs = [ makeBinaryWrapper ] ++ lib.optionals stdenv.isDarwin [ pkg-config darwin.cctools darwin.autoSignDarwinBinariesHook ]; diff --git a/pkgs/by-name/ko/kor/package.nix b/pkgs/by-name/ko/kor/package.nix index 7fe5937dfba8..ee9d43af7c59 100644 --- a/pkgs/by-name/ko/kor/package.nix +++ b/pkgs/by-name/ko/kor/package.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "kor"; - version = "0.3.6"; + version = "0.3.7"; src = fetchFromGitHub { owner = "yonahd"; repo = pname; rev = "v${version}"; - hash = "sha256-Q2VUc91ecBRr/m9DGYWwuSsH2prB+EKmBoQrekgPvTE="; + hash = "sha256-wjq4IkF3agmculIH+WfBAGd0ciJBX9aj4EsmUvje9Aw="; }; - vendorHash = "sha256-DRbwM6fKTIlefD0rUmNLlUXrK+t3vNCl4rxHF7m8W10="; + vendorHash = "sha256-UN3Zf8eo6kMNNzkGsnqyDVMgE2QXRn4wg+XULu/uBGE="; preCheck = '' HOME=$(mktemp -d) diff --git a/pkgs/by-name/li/libisoburn/package.nix b/pkgs/by-name/li/libisoburn/package.nix index 03db8b4d39f4..cc870b72a8a8 100644 --- a/pkgs/by-name/li/libisoburn/package.nix +++ b/pkgs/by-name/li/libisoburn/package.nix @@ -1,12 +1,16 @@ { lib -, stdenv -, fetchFromGitea , acl , attr , autoreconfHook +, bzip2 +, fetchFromGitea , libburn +, libcdio +, libiconv , libisofs , pkg-config +, readline +, stdenv , zlib }: @@ -28,13 +32,19 @@ stdenv.mkDerivation (finalAttrs: { ]; buildInputs = [ - attr + bzip2 + libcdio + libiconv + readline zlib libburn libisofs + ] ++ lib.optionals stdenv.isLinux [ + acl + attr ]; - propagatedBuildInputs = [ + propagatedBuildInputs = lib.optionals stdenv.isLinux [ acl ]; diff --git a/pkgs/by-name/ll/llama-cpp/package.nix b/pkgs/by-name/ll/llama-cpp/package.nix index 43ff55742ca1..ca2f4d5149d6 100644 --- a/pkgs/by-name/ll/llama-cpp/package.nix +++ b/pkgs/by-name/ll/llama-cpp/package.nix @@ -16,6 +16,8 @@ , clblast , blasSupport ? builtins.all (x: !x) [ cudaSupport metalSupport openclSupport rocmSupport vulkanSupport ] +, blas + , pkg-config , metalSupport ? stdenv.isDarwin && stdenv.isAarch64 && !openclSupport , vulkanSupport ? false @@ -91,9 +93,10 @@ effectiveStdenv.mkDerivation (finalAttrs: { buildInputs = optionals effectiveStdenv.isDarwin darwinBuildInputs ++ optionals cudaSupport cudaBuildInputs - ++ optionals mpiSupport mpi + ++ optionals mpiSupport [ mpi ] ++ optionals openclSupport [ clblast ] ++ optionals rocmSupport rocmBuildInputs + ++ optionals blasSupport [ blas ] ++ optionals vulkanSupport vulkanBuildInputs; cmakeFlags = [ @@ -128,8 +131,7 @@ effectiveStdenv.mkDerivation (finalAttrs: { # Should likely use `rocmPackages.clr.gpuTargets`. "-DAMDGPU_TARGETS=gfx803;gfx900;gfx906:xnack-;gfx908:xnack-;gfx90a:xnack+;gfx90a:xnack-;gfx940;gfx941;gfx942;gfx1010;gfx1012;gfx1030;gfx1100;gfx1101;gfx1102" ] - ++ optionals metalSupport [ (cmakeFeature "CMAKE_C_FLAGS" "-D__ARM_FEATURE_DOTPROD=1") ] - ++ optionals blasSupport [ (cmakeFeature "LLAMA_BLAS_VENDOR" "OpenBLAS") ]; + ++ optionals metalSupport [ (cmakeFeature "CMAKE_C_FLAGS" "-D__ARM_FEATURE_DOTPROD=1") ]; # upstream plans on adding targets at the cmakelevel, remove those # additional steps after that diff --git a/pkgs/by-name/ni/nix-ld-rs/package.nix b/pkgs/by-name/ni/nix-ld-rs/package.nix new file mode 100644 index 000000000000..d6514033741a --- /dev/null +++ b/pkgs/by-name/ni/nix-ld-rs/package.nix @@ -0,0 +1,54 @@ +{ + stdenv, + fetchFromGitHub, + nixosTests, + rustPlatform, + lib, +}: + +rustPlatform.buildRustPackage { + name = "nix-ld-rs"; + + src = fetchFromGitHub { + owner = "nix-community"; + repo = "nix-ld-rs"; + rev = "f7154a6aedba4917c8cc72b805b79444b5bfafca"; + sha256 = "sha256-tx6gO6NR4BnYVhoskyvQY9l6/8sK0HwoDHvsYcvIlgo="; + }; + + cargoHash = "sha256-4IDu5qAgF4Zq4GOsimuy8NiRCN9PXM+8oVzD2GO3QmM="; + + hardeningDisable = [ "stackprotector" ]; + + NIX_SYSTEM = stdenv.system; + RUSTC_BOOTSTRAP = "1"; + + preCheck = '' + export NIX_LD=${stdenv.cc.bintools.dynamicLinker} + ''; + + postInstall = '' + mkdir -p $out/libexec + ln -s $out/bin/nix-ld-rs $out/libexec/nix-ld-rs + ln -s $out/bin/nix-ld-rs $out/libexec/nix-ld + + mkdir -p $out/nix-support + + ldpath=/${stdenv.hostPlatform.libDir}/$(basename ${stdenv.cc.bintools.dynamicLinker}) + echo "$ldpath" > $out/nix-support/ldpath + mkdir -p $out/lib/tmpfiles.d/ + cat > $out/lib/tmpfiles.d/nix-ld.conf < $out/nix-support/ldpath mkdir -p $out/lib/tmpfiles.d/ cat > $out/lib/tmpfiles.d/nix-ld.conf < set != null; buildNpmPackage rec { pname = "Iosevka${toString set}"; - version = "28.1.0"; + version = "29.0.3"; src = fetchFromGitHub { owner = "be5invis"; repo = "iosevka"; rev = "v${version}"; - hash = "sha256-cYnGJ7Z0PDRZtC/vz8hX/+mqk7iVkajFTfNGgRW+edQ="; + hash = "sha256-7vNfmrQ/B+T9hF5/ikIU1RvBcSRStnEmOY7VPbrll6s="; }; - npmDepsHash = "sha256-bzQ7dc7UiC++0DxnQHusu6Ym7rd7GgeA6bGSnnla1nk="; + npmDepsHash = "sha256-FGGhuMlDhXd97AY23/ZPlrcrmirZIooAYJaskn2aM6w="; nativeBuildInputs = [ remarshal @@ -110,7 +110,7 @@ buildNpmPackage rec { buildPhase = '' export HOME=$TMPDIR runHook preBuild - npm run build --no-update-notifier -- --jCmd=$NIX_BUILD_CORES --verbose=9 ttf::$pname + npm run build --no-update-notifier --targets ttf::$pname -- --jCmd=$NIX_BUILD_CORES --verbose=9 runHook postBuild ''; diff --git a/pkgs/data/fonts/material-icons/default.nix b/pkgs/data/fonts/material-icons/default.nix index f03e8683e509..993e25ba2cd3 100644 --- a/pkgs/data/fonts/material-icons/default.nix +++ b/pkgs/data/fonts/material-icons/default.nix @@ -1,25 +1,33 @@ -{ lib, stdenvNoCC, fetchFromGitHub }: +{ lib, stdenvNoCC, fetchFromGitHub, nix-update-script }: -stdenvNoCC.mkDerivation rec { +stdenvNoCC.mkDerivation (finalAttrs: { pname = "material-icons"; - version = "3.0.1"; + version = "4.0.0"; src = fetchFromGitHub { owner = "google"; repo = "material-design-icons"; - rev = version; - hash = "sha256-4FphNJCsaLWzlVR4TmXnDBid0EVj39fkeoh5j1leBZ8="; + rev = finalAttrs.version; + hash = "sha256-wX7UejIYUxXOnrH2WZYku9ljv4ZAlvgk8EEJJHOCCjE="; }; + dontConfigure = true; + dontBuild = true; + installPhase = '' runHook preInstall mkdir -p $out/share/fonts/truetype - cp iconfont/*.ttf $out/share/fonts/truetype + cp font/*.ttf $out/share/fonts/truetype + + mkdir -p $out/share/fonts/opentype + cp font/*.otf $out/share/fonts/opentype runHook postInstall ''; + passthru.updateScript = nix-update-script { }; + meta = with lib; { description = "System status icons by Google, featuring material design"; homepage = "https://material.io/icons"; @@ -27,4 +35,4 @@ stdenvNoCC.mkDerivation rec { platforms = platforms.all; maintainers = with maintainers; [ mpcsh ]; }; -} +}) diff --git a/pkgs/data/icons/bibata-cursors/default.nix b/pkgs/data/icons/bibata-cursors/default.nix deleted file mode 100644 index 06c8becd64e5..000000000000 --- a/pkgs/data/icons/bibata-cursors/default.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ lib -, stdenvNoCC -, fetchFromGitHub -, fetchurl -, clickgen -, attrs -}: - -stdenvNoCC.mkDerivation rec { - pname = "bibata-cursors"; - version = "2.0.3"; - - src = fetchFromGitHub { - owner = "ful1e5"; - repo = "Bibata_Cursor"; - rev = "v${version}"; - sha256 = "zCk7qgPeae0BfzhxxU2Dk1SOWJQOxiWyJuzH/ri+Gq4="; - }; - - buildInputs = [ clickgen attrs ]; - - buildPhase = '' - ctgen build.toml -p x11 -d 'bitmaps/Bibata-Modern-Amber' -n 'Bibata-Modern-Amber' -c 'Yellowish and rounded edge bibata cursors.' - ctgen build.toml -p x11 -d 'bitmaps/Bibata-Modern-Classic' -n 'Bibata-Modern-Classic' -c 'Black and rounded edge Bibata cursors.' - ctgen build.toml -p x11 -d 'bitmaps/Bibata-Modern-Ice' -n 'Bibata-Modern-Ice' -c 'White and rounded edge Bibata cursors.' - - ctgen build.toml -p x11 -d 'bitmaps/Bibata-Original-Amber' -n 'Bibata-Original-Amber' -c 'Yellowish and sharp edge Bibata cursors.' - ctgen build.toml -p x11 -d 'bitmaps/Bibata-Original-Classic' -n 'Bibata-Original-Classic' -c 'Black and sharp edge Bibata cursors.' - ctgen build.toml -p x11 -d 'bitmaps/Bibata-Original-Ice' -n 'Bibata-Original-Ice' -c 'White and sharp edge Bibata cursors.' - ''; - - installPhase = '' - install -dm 0755 $out/share/icons - cp -rf themes/* $out/share/icons/ - ''; - - meta = with lib; { - description = "Material Based Cursor Theme"; - homepage = "https://github.com/ful1e5/Bibata_Cursor"; - license = licenses.gpl3; - platforms = platforms.linux; - maintainers = with maintainers; [ rawkode AdsonCicilioti ]; - }; -} diff --git a/pkgs/desktops/budgie/budgie-desktop/default.nix b/pkgs/desktops/budgie/budgie-desktop/default.nix index 71e69a5223e4..50068621be34 100644 --- a/pkgs/desktops/budgie/budgie-desktop/default.nix +++ b/pkgs/desktops/budgie/budgie-desktop/default.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchFromGitHub +, fetchpatch2 , accountsservice , alsa-lib , budgie-screensaver @@ -49,6 +50,27 @@ stdenv.mkDerivation (finalAttrs: { patches = [ ./plugins.patch + + # Fix workspace applet window icon click not performing workspace switch + # https://github.com/BuddiesOfBudgie/budgie-desktop/issues/524 + (fetchpatch2 { + url = "https://github.com/BuddiesOfBudgie/budgie-desktop/commit/9b775d613ad0c324db628ed5a32d3fccc90f82d6.patch"; + hash = "sha256-QtPviPW7pJYZIs28CYwE3N8vcDswqnjD6d0WVPFchL4="; + }) + + # Work around even more SNI noncompliance + # https://github.com/BuddiesOfBudgie/budgie-desktop/issues/539 + (fetchpatch2 { + url = "https://github.com/BuddiesOfBudgie/budgie-desktop/commit/84269e2fcdcac6d737ee5100881e8b306eaae570.patch"; + hash = "sha256-1Uj+6GZ9/oDQOt+5P8UYiVP3P0BrsJe3HqXVLkWCkAM="; + }) + + # vapi: Update libxfce4windowing to 4.19.3 + # https://github.com/BuddiesOfBudgie/budgie-desktop/issues/546 + (fetchpatch2 { + url = "https://github.com/BuddiesOfBudgie/budgie-desktop/commit/a040ccb96094f1d3a1ee81a6733c9434722bdf6c.patch"; + hash = "sha256-9eMYB5Zyn3BDYvAwORXTHaPGYDP7LnqHAwp+6Wy6XLk="; + }) ]; nativeBuildInputs = [ diff --git a/pkgs/desktops/xfce/core/libxfce4windowing/default.nix b/pkgs/desktops/xfce/core/libxfce4windowing/default.nix index 621115616e5c..d18419968b2c 100644 --- a/pkgs/desktops/xfce/core/libxfce4windowing/default.nix +++ b/pkgs/desktops/xfce/core/libxfce4windowing/default.nix @@ -1,14 +1,35 @@ -{ lib, mkXfceDerivation, gobject-introspection, glib, gtk3, libwnck, wayland }: +{ lib +, mkXfceDerivation +, gobject-introspection +, wayland-scanner +, glib +, gtk3 +, libwnck +, libX11 +, wayland +, wlr-protocols +}: mkXfceDerivation { category = "xfce"; pname = "libxfce4windowing"; - version = "4.19.2"; + version = "4.19.3"; - sha256 = "sha256-mXxxyfwZB/AJFVVGFAAXLqC5p7pZAeqmhljQym55hyM="; + sha256 = "sha256-nsobRyGeagUq1WHzYBq6vd9g5A65KEQC4cX+m7w0pqg="; - nativeBuildInputs = [ gobject-introspection ]; - buildInputs = [ glib gtk3 libwnck wayland ]; + nativeBuildInputs = [ + gobject-introspection + wayland-scanner + ]; + + buildInputs = [ + glib + gtk3 + libwnck + libX11 + wayland + wlr-protocols + ]; meta = { description = "Windowing concept abstraction library for X11 and Wayland"; diff --git a/pkgs/development/compilers/openjdk/22.nix b/pkgs/development/compilers/openjdk/22.nix new file mode 100644 index 000000000000..bef62b6755a2 --- /dev/null +++ b/pkgs/development/compilers/openjdk/22.nix @@ -0,0 +1,260 @@ +{ stdenv +, lib +, fetchurl +, fetchpatch +, fetchFromGitHub +, bash +, pkg-config +, autoconf +, cpio +, file +, which +, unzip +, zip +, perl +, cups +, freetype +, alsa-lib +, libjpeg +, giflib +, libpng +, zlib +, lcms2 +, libX11 +, libICE +, libXrender +, libXext +, libXt +, libXtst +, libXi +, libXinerama +, libXcursor +, libXrandr +, fontconfig +, openjdk22-bootstrap +, ensureNewerSourcesForZipFilesHook +, setJavaClassPath + # TODO(@sternenseemann): gtk3 fails to evaluate in pkgsCross.ghcjs.buildPackages + # which should be fixable, this is a no-rebuild workaround for GHC. +, headless ? stdenv.targetPlatform.isGhcjs +, enableJavaFX ? false +, openjfx +, enableGnome2 ? true +, gtk3 +, gnome_vfs +, glib +, GConf +}: + +let + version = { + feature = "22"; + interim = ""; + build = "36"; + }; + + # when building a headless jdk, also bootstrap it with a headless jdk + openjdk-bootstrap = openjdk22-bootstrap.override { gtkSupport = !headless; }; + + openjdk = stdenv.mkDerivation { + pname = "openjdk" + lib.optionalString headless "-headless"; + version = "${version.feature}${version.interim}+${version.build}"; + + src = fetchFromGitHub { + owner = "openjdk"; + repo = "jdk${version.feature}u"; + rev = "jdk-${version.feature}${version.interim}+${version.build}"; + hash = "sha256-itjvIedPwJl/l3a2gIVpNMs1zkbrjioVqbCj1Z1nCJE="; + }; + + nativeBuildInputs = [ pkg-config autoconf unzip ensureNewerSourcesForZipFilesHook ]; + buildInputs = [ + cpio + file + which + zip + perl + zlib + cups + freetype + alsa-lib + libjpeg + giflib + libpng + zlib + lcms2 + libX11 + libICE + libXrender + libXext + libXtst + libXt + libXtst + libXi + libXinerama + libXcursor + libXrandr + fontconfig + openjdk-bootstrap + ] ++ lib.optionals (!headless && enableGnome2) [ + gtk3 + gnome_vfs + GConf + glib + ]; + + patches = [ + ./fix-java-home-jdk21.patch + ./read-truststore-from-env-jdk10.patch + ./currency-date-range-jdk10.patch + ./increase-javadoc-heap-jdk13.patch + ./ignore-LegalNoticeFilePlugin-jdk18.patch + + # -Wformat etc. are stricter in newer gccs, per + # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79677 + # so grab the work-around from + # https://src.fedoraproject.org/rpms/java-openjdk/pull-request/24 + (fetchurl { + url = "https://src.fedoraproject.org/rpms/java-openjdk/raw/06c001c7d87f2e9fe4fedeef2d993bcd5d7afa2a/f/rh1673833-remove_removal_of_wformat_during_test_compilation.patch"; + sha256 = "082lmc30x64x583vqq00c8y0wqih3y4r0mp1c4bqq36l22qv6b6r"; + }) + + # Fix build for gnumake-4.4.1: + # https://github.com/openjdk/jdk/pull/12992 + (fetchpatch { + name = "gnumake-4.4.1"; + url = "https://github.com/openjdk/jdk/commit/9341d135b855cc208d48e47d30cd90aafa354c36.patch"; + hash = "sha256-Qcm3ZmGCOYLZcskNjj7DYR85R4v07vYvvavrVOYL8vg="; + }) + ] ++ lib.optionals (!headless && enableGnome2) [ + ./swing-use-gtk-jdk13.patch + ]; + + postPatch = '' + chmod +x configure + patchShebangs --build configure + ''; + + # JDK's build system attempts to specifically detect + # and special-case WSL, and we don't want it to do that, + # so pass the correct platform names explicitly + configurePlatforms = [ "build" "host" ]; + + + # https://openjdk.org/groups/build/doc/building.html + configureFlags = [ + "--with-boot-jdk=${openjdk-bootstrap.home}" + "--with-version-build=${version.build}" + "--with-version-opt=nixos" + "--with-version-pre=" + "--enable-unlimited-crypto" + "--with-native-debug-symbols=internal" + "--with-libjpeg=system" + "--with-giflib=system" + "--with-libpng=system" + "--with-zlib=system" + "--with-lcms=system" + "--with-stdc++lib=dynamic" + ] + ++ lib.optional headless "--enable-headless-only" + ++ lib.optional (!headless && enableJavaFX) "--with-import-modules=${openjfx}"; + + separateDebugInfo = true; + + env.NIX_CFLAGS_COMPILE = "-Wno-error"; + + NIX_LDFLAGS = toString (lib.optionals (!headless) [ + "-lfontconfig" + "-lcups" + "-lXinerama" + "-lXrandr" + "-lmagic" + ] ++ lib.optionals (!headless && enableGnome2) [ + "-lgtk-3" + "-lgio-2.0" + "-lgnomevfs-2" + "-lgconf-2" + ]); + + # -j flag is explicitly rejected by the build system: + # Error: 'make -jN' is not supported, use 'make JOBS=N' + # Note: it does not make build sequential. Build system + # still runs in parallel. + enableParallelBuilding = false; + + buildFlags = [ "images" ]; + + installPhase = '' + mkdir -p $out/lib + + mv build/*/images/jdk $out/lib/openjdk + + # Remove some broken manpages. + rm -rf $out/lib/openjdk/man/ja* + + # Mirror some stuff in top-level. + mkdir -p $out/share + ln -s $out/lib/openjdk/include $out/include + ln -s $out/lib/openjdk/man $out/share/man + + # IDEs use the provided src.zip to navigate the Java codebase (https://github.com/NixOS/nixpkgs/pull/95081) + ln -s $out/lib/openjdk/lib/src.zip $out/lib/src.zip + + # jni.h expects jni_md.h to be in the header search path. + ln -s $out/include/linux/*_md.h $out/include/ + + # Remove crap from the installation. + rm -rf $out/lib/openjdk/demo + ${lib.optionalString headless '' + rm $out/lib/openjdk/lib/{libjsound,libfontmanager}.so + ''} + + ln -s $out/lib/openjdk/bin $out/bin + ''; + + preFixup = '' + # Propagate the setJavaClassPath setup hook so that any package + # that depends on the JDK has $CLASSPATH set up properly. + mkdir -p $out/nix-support + #TODO or printWords? cf https://github.com/NixOS/nixpkgs/pull/27427#issuecomment-317293040 + echo -n "${setJavaClassPath}" > $out/nix-support/propagated-build-inputs + + # Set JAVA_HOME automatically. + mkdir -p $out/nix-support + cat < $out/nix-support/setup-hook + if [ -z "\''${JAVA_HOME-}" ]; then export JAVA_HOME=$out/lib/openjdk; fi + EOF + ''; + + postFixup = '' + # Build the set of output library directories to rpath against + LIBDIRS="" + for output in $(getAllOutputNames); do + if [ "$output" = debug ]; then continue; fi + LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort -u | tr '\n' ':'):$LIBDIRS" + done + # Add the local library paths to remove dependencies on the bootstrap + for output in $(getAllOutputNames); do + if [ "$output" = debug ]; then continue; fi + OUTPUTDIR=$(eval echo \$$output) + BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) + echo "$BINLIBS" | while read i; do + patchelf --set-rpath "$LIBDIRS:$(patchelf --print-rpath "$i")" "$i" || true + patchelf --shrink-rpath "$i" || true + done + done + ''; + + disallowedReferences = [ openjdk-bootstrap ]; + + pos = builtins.unsafeGetAttrPos "feature" version; + meta = import ./meta.nix lib version.feature; + + passthru = { + architecture = ""; + home = "${openjdk}/lib/openjdk"; + inherit gtk3; + }; + }; +in +openjdk diff --git a/pkgs/development/compilers/openjdk/openjfx/22.nix b/pkgs/development/compilers/openjdk/openjfx/22.nix new file mode 100644 index 000000000000..89908779c909 --- /dev/null +++ b/pkgs/development/compilers/openjdk/openjfx/22.nix @@ -0,0 +1,126 @@ +{ stdenv +, lib +, fetchFromGitHub +, fetchpatch +, writeText +, openjdk21_headless +, gradle +, pkg-config +, perl +, cmake +, gperf +, gtk2 +, gtk3 +, libXtst +, libXxf86vm +, glib +, alsa-lib +, ffmpeg_4 +, python3 +, ruby +, icu68 +, withMedia ? true +, withWebKit ? false +}: + +let + major = "22"; + update = ""; + build = "+30"; + repover = "${major}${update}${build}"; + + makePackage = args: stdenv.mkDerivation ({ + version = "${major}${update}${build}"; + + src = fetchFromGitHub { + owner = "openjdk"; + repo = "jfx"; + rev = repover; + hash = "sha256-sZF7ZPC0kgTTxWgtkxmGtOlfroGPGVZcMw0/wSTJUxQ="; + }; + + buildInputs = [ gtk2 gtk3 libXtst libXxf86vm glib alsa-lib ffmpeg_4 icu68 ]; + nativeBuildInputs = [ gradle perl pkg-config cmake gperf python3 ruby ]; + + dontUseCmakeConfigure = true; + + config = writeText "gradle.properties" ('' + CONF = Release + JDK_HOME = ${openjdk21_headless.home} + '' + args.gradleProperties or ""); + + buildPhase = '' + runHook preBuild + + export NUMBER_OF_PROCESSORS=$NIX_BUILD_CORES + export GRADLE_USER_HOME=$(mktemp -d) + ln -s $config gradle.properties + export NIX_CFLAGS_COMPILE="$(pkg-config --cflags glib-2.0) $NIX_CFLAGS_COMPILE" + gradle --no-daemon $gradleFlags sdk + + runHook postBuild + ''; + } // args); + + # Fake build to pre-download deps into fixed-output derivation. + # We run nearly full build because I see no other way to download everything that's needed. + # Anyone who knows a better way? + deps = makePackage { + pname = "openjfx-deps"; + + # perl code mavenizes pathes (com.squareup.okio/okio/1.13.0/a9283170b7305c8d92d25aff02a6ab7e45d06cbe/okio-1.13.0.jar -> com/squareup/okio/okio/1.13.0/okio-1.13.0.jar) + installPhase = '' + find $GRADLE_USER_HOME -type f -regex '.*/modules.*\.\(jar\|pom\)' \ + | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/$x/$3/$4/$5" #e' \ + | sh + rm -rf $out/tmp + ''; + + outputHashAlgo = "sha256"; + outputHashMode = "recursive"; + outputHash = "sha256-2I7LvYcudlB4DKJ/wEiTjY6nICUxUY52euosUqOA+Bs="; + }; + +in +makePackage { + pname = "openjfx-modular-sdk"; + + gradleProperties = '' + COMPILE_MEDIA = ${lib.boolToString withMedia} + COMPILE_WEBKIT = ${lib.boolToString withWebKit} + ''; + + preBuild = '' + swtJar="$(find ${deps} -name org.eclipse.swt\*.jar)" + substituteInPlace build.gradle \ + --replace 'mavenCentral()' 'mavenLocal(); maven { url uri("${deps}") }' \ + --replace 'name: SWT_FILE_NAME' "files('$swtJar')" + ''; + + installPhase = '' + cp -r build/modular-sdk $out + ''; + + stripDebugList = [ "." ]; + + postFixup = '' + # Remove references to bootstrap. + export openjdkOutPath='${openjdk21_headless.outPath}' + find "$out" -name \*.so | while read lib; do + new_refs="$(patchelf --print-rpath "$lib" | perl -pe 's,:?\Q$ENV{openjdkOutPath}\E[^:]*,,')" + patchelf --set-rpath "$new_refs" "$lib" + done + ''; + + disallowedReferences = [ openjdk21_headless openjdk21_headless ]; + + passthru.deps = deps; + + meta = with lib; { + homepage = "https://openjdk.org/projects/openjfx/"; + license = licenses.gpl2Classpath; + description = "The next-generation Java client toolkit"; + maintainers = with maintainers; [ abbradar ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/development/compilers/zulu/22.nix b/pkgs/development/compilers/zulu/22.nix new file mode 100644 index 000000000000..96b0e6805a5a --- /dev/null +++ b/pkgs/development/compilers/zulu/22.nix @@ -0,0 +1,42 @@ +{ callPackage +, enableJavaFX ? false +, ... +}@args: + +callPackage ./common.nix ({ + # Details from https://www.azul.com/downloads/?version=java-22-lts&package=jdk + # Note that the latest build may differ by platform + dists = { + x86_64-linux = { + zuluVersion = "22.28.91"; + jdkVersion = "22.0.0"; + hash = + if enableJavaFX then "sha256-HvMiODsz+puu1xtxG2RRXH/PWCk91PGNZ7UcOd9orqQ=" + else "sha256-HvMiODsz+puu1xtxG2RRXH/PWCk91PGNZ7UcOd9orqQ="; + }; + + aarch64-linux = { + zuluVersion = "22.28.91"; + jdkVersion = "22.0.0"; + hash = + if enableJavaFX then throw "JavaFX is not available for aarch64-linux" + else "sha256-3RLNNEbMk5wAZsQmbQj/jpx9iTL/yr9N3wL4t7m6c+s="; + }; + + x86_64-darwin = { + zuluVersion = "22.28.91"; + jdkVersion = "22.0.0"; + hash = + if enableJavaFX then "sha256-Y6PSNQjHRXukwux2sVbvpTIqT+Cg+KeG1C0iSEwyKZw=" + else "sha256-Y6PSNQjHRXukwux2sVbvpTIqT+Cg+KeG1C0iSEwyKZw="; + }; + + aarch64-darwin = { + zuluVersion = "22.28.91"; + jdkVersion = "22.0.0"; + hash = + if enableJavaFX then "sha256-o0VkWB4+PzBmNNWy+FZlyjTgukBTe6owfydb3YNfEE0=" + else "sha256-o0VkWB4+PzBmNNWy+FZlyjTgukBTe6owfydb3YNfEE0="; + }; + }; +} // builtins.removeAttrs args [ "callPackage" ]) diff --git a/pkgs/development/python-modules/aiopvpc/default.nix b/pkgs/development/python-modules/aiopvpc/default.nix index 853d01257740..19baf29f55c5 100644 --- a/pkgs/development/python-modules/aiopvpc/default.nix +++ b/pkgs/development/python-modules/aiopvpc/default.nix @@ -14,7 +14,7 @@ buildPythonPackage rec { pname = "aiopvpc"; - version = "4.3.0"; + version = "4.3.1"; pyproject = true; disabled = pythonOlder "3.8"; @@ -23,7 +23,7 @@ buildPythonPackage rec { owner = "azogue"; repo = "aiopvpc"; rev = "refs/tags/v${version}"; - hash = "sha256-8CNmrE3EMFg/bCrdI+K/8f0MRzKtGI74ILFMuSg1Ivo="; + hash = "sha256-1xeXfhoXRfJ7vrpRPeYmwcAGjL09iNCOm/f4pPvuZLU="; }; postPatch = '' @@ -31,11 +31,11 @@ buildPythonPackage rec { --replace-fail " --cov --cov-report term --cov-report html" "" ''; - nativeBuildInputs = [ + build-system = [ poetry-core ]; - propagatedBuildInputs = [ + dependencies = [ aiohttp async-timeout ] ++ lib.optionals (pythonOlder "3.9") [ diff --git a/pkgs/development/python-modules/app-model/default.nix b/pkgs/development/python-modules/app-model/default.nix index a3af5ba33b86..7dc1c65349ea 100644 --- a/pkgs/development/python-modules/app-model/default.nix +++ b/pkgs/development/python-modules/app-model/default.nix @@ -14,7 +14,7 @@ buildPythonPackage rec { pname = "app-model"; - version = "0.2.5"; + version = "0.2.6"; pyproject = true; disabled = pythonOlder "3.8"; @@ -23,7 +23,7 @@ buildPythonPackage rec { owner = "pyapp-kit"; repo = "app-model"; rev = "refs/tags/v${version}"; - hash = "sha256-lnsaplJJk+c0hdHyQPH98ssppxBXqj/O0K6xlRfk+Oc="; + hash = "sha256-EMlxY9Xna9e3kWJ7X8oRuLHEmivwVFcEXRDvZfN2rNY="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/django-auth-ldap/default.nix b/pkgs/development/python-modules/django-auth-ldap/default.nix index 3fa84658b6d0..3983cf3f3661 100644 --- a/pkgs/development/python-modules/django-auth-ldap/default.nix +++ b/pkgs/development/python-modules/django-auth-ldap/default.nix @@ -17,14 +17,14 @@ buildPythonPackage rec { pname = "django-auth-ldap"; - version = "4.6.0"; + version = "4.7.0"; format = "pyproject"; disabled = isPy27; src = fetchPypi { inherit pname version; - hash = "sha256-muK/h/m2Nnts/ZSgRRiWy8co5UAO2By/vVjOdDwJCaI="; + hash = "sha256-jeplN2uLL6G+7lI0h2DjCC5kKTmlA4y+iBpeY4G2W4o="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/findpython/default.nix b/pkgs/development/python-modules/findpython/default.nix index a405ab3d6ec0..78875b6db2c8 100644 --- a/pkgs/development/python-modules/findpython/default.nix +++ b/pkgs/development/python-modules/findpython/default.nix @@ -15,7 +15,7 @@ let pname = "findpython"; - version = "0.4.1"; + version = "0.5.1"; in buildPythonPackage { inherit pname version; @@ -25,7 +25,7 @@ buildPythonPackage { src = fetchPypi { inherit pname version; - hash = "sha256-19AUVYaBs3YdV6WyNCpxOovzAvbB/J2Z+Budi9FoGwQ="; + hash = "sha256-UGSjA5PFLvyMajV5DDdbiwAF1vdPFykDW0tCZHNH4T0="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/rapidfuzz/default.nix b/pkgs/development/python-modules/rapidfuzz/default.nix index 60900c8ce178..5a1a6296b48d 100644 --- a/pkgs/development/python-modules/rapidfuzz/default.nix +++ b/pkgs/development/python-modules/rapidfuzz/default.nix @@ -18,7 +18,7 @@ buildPythonPackage rec { pname = "rapidfuzz"; - version = "3.6.2"; + version = "3.7.0"; pyproject = true; disabled = pythonOlder "3.7"; @@ -27,7 +27,7 @@ buildPythonPackage rec { owner = "maxbachmann"; repo = "RapidFuzz"; rev = "refs/tags/v${version}"; - hash = "sha256-rezyw0v1VijMe78ip3U+Jd+NQExW+gQXjs8qkcPNcUk="; + hash = "sha256-BwU9Ti35Dsaa+kT78h3lsjw4sI1RQdhukTPTeJDyBw0="; }; postPatch = '' diff --git a/pkgs/development/python-modules/tencentcloud-sdk-python/default.nix b/pkgs/development/python-modules/tencentcloud-sdk-python/default.nix index 34ce22a46136..7e34e8b17a2d 100644 --- a/pkgs/development/python-modules/tencentcloud-sdk-python/default.nix +++ b/pkgs/development/python-modules/tencentcloud-sdk-python/default.nix @@ -9,7 +9,7 @@ buildPythonPackage rec { pname = "tencentcloud-sdk-python"; - version = "3.0.1114"; + version = "3.0.1115"; pyproject = true; disabled = pythonOlder "3.9"; @@ -18,14 +18,14 @@ buildPythonPackage rec { owner = "TencentCloud"; repo = "tencentcloud-sdk-python"; rev = "refs/tags/${version}"; - hash = "sha256-OqkXHnXoQE2BF2Lon9+3pPVvqXK9YQnoDewoQ13Aa1Q="; + hash = "sha256-3tkkLB27R4trvS3LY0tRv0+q37SfT7S6gr9i1OWaNUU="; }; - nativeBuildInputs = [ + build-system = [ setuptools ]; - propagatedBuildInputs = [ + dependencies = [ requests ]; diff --git a/pkgs/development/tools/algolia-cli/default.nix b/pkgs/development/tools/algolia-cli/default.nix index a7216cbfbe31..c00a01ac02f1 100644 --- a/pkgs/development/tools/algolia-cli/default.nix +++ b/pkgs/development/tools/algolia-cli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "algolia-cli"; - version = "1.6.3"; + version = "1.6.5"; src = fetchFromGitHub { owner = "algolia"; repo = "cli"; rev = "v${version}"; - hash = "sha256-xRGWPJx4AVdUT9f7L2B5SHEOneuIlscFTHIk7XtPzS8="; + hash = "sha256-bS/xSrb1vCeYuDZj8NwEyclbYMXlejAxIoItEX8YnOs="; }; vendorHash = "sha256-cNuBTH7L2K4TgD0H9FZ9CjhE5AGXADaniGLD9Lhrtrk="; diff --git a/pkgs/development/tools/analysis/checkov/default.nix b/pkgs/development/tools/analysis/checkov/default.nix index c1732d180d5a..5e5a4a0b5a24 100644 --- a/pkgs/development/tools/analysis/checkov/default.nix +++ b/pkgs/development/tools/analysis/checkov/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "checkov"; - version = "3.2.43"; + version = "3.2.44"; pyproject = true; src = fetchFromGitHub { owner = "bridgecrewio"; repo = "checkov"; rev = "refs/tags/${version}"; - hash = "sha256-XzkMhI/+dOU0NJs9XW+jwbI6fZfC6cHFq0xFNw57kc8="; + hash = "sha256-/5kT+msrsiz9NuqEjeJNEdX/qbt8Ohuz2RNNYK6eqpw="; }; patches = [ @@ -39,12 +39,12 @@ python3.pkgs.buildPythonApplication rec { "pycep-parser" ]; - nativeBuildInputs = with python3.pkgs; [ + build-system = with python3.pkgs; [ pythonRelaxDepsHook setuptools-scm ]; - propagatedBuildInputs = with python3.pkgs; [ + dependencies = with python3.pkgs; [ aiodns aiohttp aiomultiprocess diff --git a/pkgs/development/tools/analysis/tflint-plugins/tflint-ruleset-google.nix b/pkgs/development/tools/analysis/tflint-plugins/tflint-ruleset-google.nix index 646cb81d102d..a1382df1c4f0 100644 --- a/pkgs/development/tools/analysis/tflint-plugins/tflint-ruleset-google.nix +++ b/pkgs/development/tools/analysis/tflint-plugins/tflint-ruleset-google.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "tflint-ruleset-google"; - version = "0.26.0"; + version = "0.27.1"; src = fetchFromGitHub { owner = "terraform-linters"; repo = pname; rev = "v${version}"; - hash = "sha256-VQm7pvZCfkZR54UeaPuKogEqhQOy5BAV7WkfwCW3C7c="; + hash = "sha256-APdAm7gBEA6LHYV3u7j3HtFmzkUqeABqOj5q3rwPO40="; }; - vendorHash = "sha256-C52b11cJE2Bu785SNlTsbgNR6Wt/YeY8l1U/9anXrMo="; + vendorHash = "sha256-n+nnftyNvCGVgEkYQIfVL7TS2QP8WpKb7l9jfeutJxw="; # upstream Makefile also does a go test $(go list ./... | grep -v integration) preCheck = '' diff --git a/pkgs/development/tools/nufmt/default.nix b/pkgs/development/tools/nufmt/default.nix new file mode 100644 index 000000000000..e753c134d1ab --- /dev/null +++ b/pkgs/development/tools/nufmt/default.nix @@ -0,0 +1,27 @@ + +{ + lib, + fetchFromGitHub, + rustPlatform, + ... +}: +rustPlatform.buildRustPackage rec { + pname = "nufmt"; + version = "unstable-2023-09-25"; + + src = fetchFromGitHub { + owner = "nushell"; + repo = "nufmt"; + rev = "796ee834c1e31ead4c5479bf2827a4339c5d61d1"; + hash = "sha256-BwKLl8eMCrqVt9PA5SHAXxu3ypP2ePcSuljKL+wSkvw="; + }; + + cargoSha256 = "sha256-16Z20opeZpoa7h258um+grL3ktPmY4P0M/tqMTr5hYc="; + + meta = with lib; { + description = "The nushell formatter"; + homepage = "https://github.com/nushell/nufmt"; + license = licenses.mit; + maintainers = with maintainers; [iogamaster]; + }; +} diff --git a/pkgs/development/tools/pscale/default.nix b/pkgs/development/tools/pscale/default.nix index ec8e0c644732..189d7eea042e 100644 --- a/pkgs/development/tools/pscale/default.nix +++ b/pkgs/development/tools/pscale/default.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "pscale"; - version = "0.185.0"; + version = "0.186.0"; src = fetchFromGitHub { owner = "planetscale"; repo = "cli"; rev = "v${version}"; - sha256 = "sha256-UzNfNuOt6ZmzxVx/H8aEmQL6b4PPyNkQzxSqhBtoLT8="; + sha256 = "sha256-LXUvVctOFreDlIozA17pfDblZ6QugVA/dJ+IKE3fBeY="; }; - vendorHash = "sha256-oENe7OGAW/i5LJbqPn7PJDemdxfSsLwmpER28R6zza4="; + vendorHash = "sha256-ubMr2gm4t0731niC2Mx1Lcmdl48SUVjfoIWbtgt3X+I="; ldflags = [ "-s" "-w" diff --git a/pkgs/development/tools/rust/cargo-mutants/default.nix b/pkgs/development/tools/rust/cargo-mutants/default.nix index ba54eeb56bd7..33204d80b9d2 100644 --- a/pkgs/development/tools/rust/cargo-mutants/default.nix +++ b/pkgs/development/tools/rust/cargo-mutants/default.nix @@ -7,16 +7,16 @@ rustPlatform.buildRustPackage rec { pname = "cargo-mutants"; - version = "24.2.1"; + version = "24.3.0"; src = fetchFromGitHub { owner = "sourcefrog"; repo = "cargo-mutants"; rev = "v${version}"; - hash = "sha256-sZI3Y4wsToDt1fF8ZT494V3q5LwHZ+7uU6of7LOWu3M="; + hash = "sha256-FlD2bSCNToyXLiMb4c2tJYJxHN4QORMJPeFPuFpjMEM="; }; - cargoHash = "sha256-zCuNvhZ2CvsdG1CiQJ9fXFBTQxybqz/lk85lX5WrpG4="; + cargoHash = "sha256-GJFUSOAY6F0ZmqF/9SHOGMNFssfHUdFIcsgz6JwZuqE="; buildInputs = lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.SystemConfiguration diff --git a/pkgs/development/tools/semantic-release/default.nix b/pkgs/development/tools/semantic-release/default.nix index 7f55da0e2ff7..9aa371c07e32 100644 --- a/pkgs/development/tools/semantic-release/default.nix +++ b/pkgs/development/tools/semantic-release/default.nix @@ -8,16 +8,16 @@ buildNpmPackage rec { pname = "semantic-release"; - version = "23.0.5"; + version = "23.0.6"; src = fetchFromGitHub { owner = "semantic-release"; repo = "semantic-release"; rev = "v${version}"; - hash = "sha256-/VOa/V6kly92JjhW5a0b9xNdxVYCPYRJx5IiwmQ2d1U="; + hash = "sha256-saWKx7OnKRT1zonaSRaLXUoL7XI6YaeKogdTuxDN6eo="; }; - npmDepsHash = "sha256-CG2LcIAfX5dfJz0oSMwt83ra804U/qLpnNDilSEgRSI="; + npmDepsHash = "sha256-OvH568kJP0tdK6y2TmMRAyVZ4LgY9+Y4AF39jXk4dq4="; dontNpmBuild = true; diff --git a/pkgs/development/tools/sqldef/default.nix b/pkgs/development/tools/sqldef/default.nix index 4141cd4f9176..aa93085f7c0b 100644 --- a/pkgs/development/tools/sqldef/default.nix +++ b/pkgs/development/tools/sqldef/default.nix @@ -2,18 +2,18 @@ buildGoModule rec { pname = "sqldef"; - version = "0.16.15"; + version = "0.17.1"; src = fetchFromGitHub { owner = "k0kubun"; repo = "sqldef"; rev = "v${version}"; - hash = "sha256-srwCSALP+xtccMnIOpsErn4hk83grXyOMEA2Hwsvjv0="; + hash = "sha256-S2hXwIQU9iKSN9nYG6KacO+bZtgNtMnPQoQaS6DNH30="; }; proxyVendor = true; - vendorHash = "sha256-VM50tJxChGU1lGol4HUKB5Zp0c2F8D9+NhrW6XK7i+g="; + vendorHash = "sha256-8fKJxnjLIWzWsLx/p9tRb/un63/QgJJzMb4/Y4DSZdY="; ldflags = [ "-s" "-w" "-X main.version=${version}" ]; diff --git a/pkgs/games/path-of-building/default.nix b/pkgs/games/path-of-building/default.nix index 88c52fbf166f..2e996f975487 100644 --- a/pkgs/games/path-of-building/default.nix +++ b/pkgs/games/path-of-building/default.nix @@ -2,13 +2,13 @@ let data = stdenv.mkDerivation(finalAttrs: { pname = "path-of-building-data"; - version = "2.40.1"; + version = "2.41.0"; src = fetchFromGitHub { owner = "PathOfBuildingCommunity"; repo = "PathOfBuilding"; rev = "v${finalAttrs.version}"; - hash = "sha256-ZrnD3KX8pn14sKB3FzhNhxHChAKA5pHkWdn7576XjwE="; + hash = "sha256-XoRoKvlfBtlKyur1AZ+VjYc5URyX2/fof05h6Vs+vok="; }; nativeBuildInputs = [ unzip ]; diff --git a/pkgs/os-specific/darwin/yabai/default.nix b/pkgs/os-specific/darwin/yabai/default.nix index fa8067d8d478..052e064276a6 100644 --- a/pkgs/os-specific/darwin/yabai/default.nix +++ b/pkgs/os-specific/darwin/yabai/default.nix @@ -1,6 +1,5 @@ { lib , stdenv -, stdenvNoCC , fetchFromGitHub , fetchzip , installShellFiles @@ -8,23 +7,90 @@ , yabai , xxd , xcodebuild - # These all need to be from SDK 11.0 or later starting with yabai 5.0.0 , Carbon , Cocoa , ScriptingBridge , SkyLight }: -let +stdenv.mkDerivation (finalAttrs: { pname = "yabai"; version = "7.0.2"; - test-version = testers.testVersion { - package = yabai; - version = "yabai-v${version}"; + src = + # Unfortunately compiling yabai from source on aarch64-darwin is a bit complicated. We use the precompiled binary instead for now. + # See the comments on https://github.com/NixOS/nixpkgs/pull/188322 for more information. + if stdenv.isAarch64 then + (fetchzip { + url = "https://github.com/koekeishiya/yabai/releases/download/v${finalAttrs.version}/yabai-v${finalAttrs.version}.tar.gz"; + hash = "sha256-FeNiJJM5vdzFT9s7N9cTjLYxKEfzZnKE9br13lkQhJo="; + }) + else if stdenv.isx86_64 then + (fetchFromGitHub { + owner = "koekeishiya"; + repo = "yabai"; + rev = "v${finalAttrs.version}"; + hash = "sha256-/MOAKsY7MlRWdvUQwHeITTeGJbCUdX7blZZAl2zXuic="; + }) + else (throw "Unsupported system: ${stdenv.hostPlatform.system}"); + + env = { + # silence service.h error + NIX_CFLAGS_COMPILE = "-Wno-implicit-function-declaration"; }; - _meta = with lib; { + nativeBuildInputs = [ + installShellFiles + ] + ++ lib.optionals stdenv.isx86_64 [ + xcodebuild + xxd + ]; + + buildInputs = [ ] ++ lib.optionals stdenv.isx86_64 [ + Carbon + Cocoa + ScriptingBridge + SkyLight + ]; + + dontConfigure = true; + dontBuild = stdenv.isAarch64; + enableParallelBuilding = true; + + installPhase = '' + runHook preInstall + + mkdir -p $out/{bin,share/icons/hicolor/scalable/apps} + + cp ./bin/yabai $out/bin/yabai + ${lib.optionalString stdenv.isx86_64 "cp ./assets/icon/icon.svg $out/share/icons/hicolor/scalable/apps/yabai.svg"} + installManPage ./doc/yabai.1 + + runHook postInstall + ''; + + postPatch = lib.optionalString stdenv.isx86_64 /* bash */ '' + # aarch64 code is compiled on all targets, which causes our Apple SDK headers to error out. + # Since multilib doesnt work on darwin i dont know of a better way of handling this. + substituteInPlace makefile \ + --replace "-arch arm64e" "" \ + --replace "-arch arm64" "" \ + --replace "clang" "${stdenv.cc.targetPrefix}clang" + + # `NSScreen::safeAreaInsets` is only available on macOS 12.0 and above, which frameworks arent packaged. + # When a lower OS version is detected upstream just returns 0, so we can hardcode that at compiletime. + # https://github.com/koekeishiya/yabai/blob/v4.0.2/src/workspace.m#L109 + substituteInPlace src/workspace.m \ + --replace 'return screen.safeAreaInsets.top;' 'return 0;' + ''; + + passthru.tests.version = testers.testVersion { + package = yabai; + version = "yabai-v${finalAttrs.version}"; + }; + + meta = { description = "A tiling window manager for macOS based on binary space partitioning"; longDescription = '' yabai is a window management utility that is designed to work as an extension to the built-in @@ -33,119 +99,22 @@ let using skhd and other third-party software. ''; homepage = "https://github.com/koekeishiya/yabai"; - changelog = "https://github.com/koekeishiya/yabai/blob/v${version}/CHANGELOG.md"; - license = licenses.mit; - platforms = platforms.darwin; + changelog = "https://github.com/koekeishiya/yabai/blob/v${finalAttrs.version}/CHANGELOG.md"; + license = lib.licenses.mit; + platforms = lib.platforms.darwin; mainProgram = "yabai"; - maintainers = with maintainers; [ + maintainers = with lib.maintainers; [ cmacrae shardy ivar khaneliman ]; - }; -in -{ - # Unfortunately compiling yabai from source on aarch64-darwin is a bit complicated. We use the precompiled binary instead for now. - # See the comments on https://github.com/NixOS/nixpkgs/pull/188322 for more information. - aarch64-darwin = stdenvNoCC.mkDerivation { - inherit pname version; - - src = fetchzip { - url = "https://github.com/koekeishiya/yabai/releases/download/v${version}/yabai-v${version}.tar.gz"; - hash = "sha256-FeNiJJM5vdzFT9s7N9cTjLYxKEfzZnKE9br13lkQhJo="; - }; - - nativeBuildInputs = [ - installShellFiles + sourceProvenance = with lib.sourceTypes; [ ] + ++ lib.optionals stdenv.isx86_64 [ + fromSource + ] ++ lib.optionals stdenv.isAarch64 [ + binaryNativeCode ]; - - dontConfigure = true; - dontBuild = true; - - installPhase = '' - runHook preInstall - - mkdir -p $out - cp -r ./bin $out - installManPage ./doc/yabai.1 - - runHook postInstall - ''; - - passthru.tests.version = test-version; - - meta = _meta // { - sourceProvenance = with lib.sourceTypes; [ - binaryNativeCode - ]; - }; }; +}) - x86_64-darwin = stdenv.mkDerivation { - inherit pname version; - - src = fetchFromGitHub { - owner = "koekeishiya"; - repo = "yabai"; - rev = "v${version}"; - hash = "sha256-/MOAKsY7MlRWdvUQwHeITTeGJbCUdX7blZZAl2zXuic="; - }; - - nativeBuildInputs = [ - installShellFiles - xcodebuild - xxd - ]; - - buildInputs = [ - Carbon - Cocoa - ScriptingBridge - SkyLight - ]; - - dontConfigure = true; - enableParallelBuilding = true; - - env = { - # silence service.h error - NIX_CFLAGS_COMPILE = "-Wno-implicit-function-declaration"; - }; - - postPatch = '' - # aarch64 code is compiled on all targets, which causes our Apple SDK headers to error out. - # Since multilib doesnt work on darwin i dont know of a better way of handling this. - substituteInPlace makefile \ - --replace "-arch arm64e" "" \ - --replace "-arch arm64" "" \ - --replace "clang" "${stdenv.cc.targetPrefix}clang" - - # `NSScreen::safeAreaInsets` is only available on macOS 12.0 and above, which frameworks arent packaged. - # When a lower OS version is detected upstream just returns 0, so we can hardcode that at compiletime. - # https://github.com/koekeishiya/yabai/blob/v4.0.2/src/workspace.m#L109 - substituteInPlace src/workspace.m \ - --replace 'return screen.safeAreaInsets.top;' 'return 0;' - ''; - - installPhase = '' - runHook preInstall - - mkdir -p $out/{bin,share/icons/hicolor/scalable/apps} - - cp ./bin/yabai $out/bin/yabai - cp ./assets/icon/icon.svg $out/share/icons/hicolor/scalable/apps/yabai.svg - installManPage ./doc/yabai.1 - - runHook postInstall - ''; - - passthru.tests.version = test-version; - - meta = _meta // { - sourceProvenance = with lib.sourceTypes; [ - fromSource - ]; - }; - }; -}.${stdenv.hostPlatform.system} or (throw "Unsupported platform ${stdenv.hostPlatform.system}") diff --git a/pkgs/servers/keycloak/default.nix b/pkgs/servers/keycloak/default.nix index c0c93f2cf736..a7e7b3d8c077 100644 --- a/pkgs/servers/keycloak/default.nix +++ b/pkgs/servers/keycloak/default.nix @@ -18,11 +18,11 @@ let ''; in stdenv.mkDerivation rec { pname = "keycloak"; - version = "24.0.1"; + version = "24.0.2"; src = fetchzip { url = "https://github.com/keycloak/keycloak/releases/download/${version}/keycloak-${version}.zip"; - hash = "sha256-d7bITeukqoLwEPQrUn01arXf8j7L8gM47wzHMsBvz2M="; + hash = "sha256-YC/fa1yxm3lMmEOZXcTOMX2F7Y5yolLKm89cGfEagH4="; }; nativeBuildInputs = [ makeWrapper jre ]; diff --git a/pkgs/servers/monitoring/prometheus/gitlab-ci-pipelines-exporter.nix b/pkgs/servers/monitoring/prometheus/gitlab-ci-pipelines-exporter.nix index 8e86aa10b671..42cb8e2e0db2 100644 --- a/pkgs/servers/monitoring/prometheus/gitlab-ci-pipelines-exporter.nix +++ b/pkgs/servers/monitoring/prometheus/gitlab-ci-pipelines-exporter.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "gitlab-ci-pipelines-exporter"; - version = "0.5.6"; + version = "0.5.7"; src = fetchFromGitHub { owner = "mvisonneau"; repo = pname; rev = "v${version}"; - sha256 = "sha256-SbFaB808Xa7XvHR8ruu9wADVPUVwe5ogA+L+PSYb7kQ="; + sha256 = "sha256-zJCvjgymwFUDOl3ubrTdaX0KpzzR+fzUIiCkRmZNUOE="; }; subPackages = [ "cmd/${pname}" ]; @@ -17,7 +17,7 @@ buildGoModule rec { "-X main.version=v${version}" ]; - vendorHash = "sha256-qZ9Ph8YZBBGS3dFlk3zTynU9WuRUHl2fVSPtd7hUB8E="; + vendorHash = "sha256-Wnn2KIz4XtdJ6JoYLkGnykgc+MLstHS7s8MegSAQbiQ="; doCheck = true; meta = with lib; { diff --git a/pkgs/servers/nosql/apache-jena/binary.nix b/pkgs/servers/nosql/apache-jena/binary.nix index 2b7e3c04735d..a991f3fa40e7 100644 --- a/pkgs/servers/nosql/apache-jena/binary.nix +++ b/pkgs/servers/nosql/apache-jena/binary.nix @@ -2,10 +2,10 @@ stdenv.mkDerivation rec { pname = "apache-jena"; - version = "4.10.0"; + version = "5.0.0"; src = fetchurl { url = "mirror://apache/jena/binaries/apache-jena-${version}.tar.gz"; - hash = "sha256-G2kCh5F2WfrSOCr+fEO02mlOSVfV2Oy3uZGNEarLR+M="; + hash = "sha256-Se47rsgp8V6Ypv0QHrwjIXrDPchM1nSl/GmUWMEvLIo="; }; nativeBuildInputs = [ makeWrapper diff --git a/pkgs/servers/roadrunner/default.nix b/pkgs/servers/roadrunner/default.nix index 0f47c6ebeb3a..c1754e3ac958 100644 --- a/pkgs/servers/roadrunner/default.nix +++ b/pkgs/servers/roadrunner/default.nix @@ -6,12 +6,12 @@ buildGoModule rec { pname = "roadrunner"; - version = "2023.3.10"; + version = "2023.3.12"; src = fetchFromGitHub { repo = "roadrunner"; owner = "roadrunner-server"; rev = "v${version}"; - hash = "sha256-8wcZWnRi+wIg78VdGV/38Oldwjry7QXxmdacjYfe3sw="; + hash = "sha256-d/GXZ0rQ8prkOgvkx8/TBwP2zwISef5ClMGy1pkW7g4="; }; nativeBuildInputs = [ @@ -44,7 +44,7 @@ buildGoModule rec { --replace "127.0.0.1:0" "127.0.0.1:55554" ''; - vendorHash = "sha256-xAzZdElu0rzoWnEQbhMO7DhQx3P7241yMy/Gvk9jnCA="; + vendorHash = "sha256-GNWd+SFjAeIkIkPSh+UtQwoWfQ9lUATXfnkWbqwQfsY="; meta = { changelog = "https://github.com/roadrunner-server/roadrunner/blob/v${version}/CHANGELOG.md"; diff --git a/pkgs/servers/sslh/default.nix b/pkgs/servers/sslh/default.nix index ba02f33cee62..49610ddd9bc1 100644 --- a/pkgs/servers/sslh/default.nix +++ b/pkgs/servers/sslh/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "sslh"; - version = "2.1.0"; + version = "2.1.1"; src = fetchFromGitHub { owner = "yrutschle"; repo = pname; rev = "v${version}"; - hash = "sha256-fIKiUrpHn2VcUFH6WblZDDpa+AenC2qtgrQ6uUUIyoQ="; + hash = "sha256-NCjLqYSPHukY11URQ/n+33Atzl4DhPDbNOEDaP6bQlg="; }; postPatch = "patchShebangs *.sh"; diff --git a/pkgs/servers/web-apps/pict-rs/default.nix b/pkgs/servers/web-apps/pict-rs/default.nix index fdd975e3682c..9d710b6f7895 100644 --- a/pkgs/servers/web-apps/pict-rs/default.nix +++ b/pkgs/servers/web-apps/pict-rs/default.nix @@ -13,17 +13,17 @@ rustPlatform.buildRustPackage rec { pname = "pict-rs"; - version = "0.5.9"; + version = "0.5.10"; src = fetchFromGitea { domain = "git.asonix.dog"; owner = "asonix"; repo = pname; rev = "v${version}"; - sha256 = "sha256-ZRT382ClImnlwvWyA1w7ZIIF4PXr3rWmeIsqJYngkfM="; + sha256 = "sha256-SxGgj4yRtMcRKIQMVhRaeK2NudU581RDYLmAecWyxak="; }; - cargoHash = "sha256-FTb8VoQJFS55CKlQvoWkBQEBUCvUnFaUAxIW22zEIHI="; + cargoHash = "sha256-T8L6geDOF8qBZYABtJX+MBhwYFyZwT7PCMigk0vuuDc="; # needed for internal protobuf c wrapper library PROTOC = "${protobuf}/bin/protoc"; diff --git a/pkgs/shells/hishtory/default.nix b/pkgs/shells/hishtory/default.nix index 83b719164123..8f3f8ddde564 100644 --- a/pkgs/shells/hishtory/default.nix +++ b/pkgs/shells/hishtory/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "hishtory"; - version = "0.277"; + version = "0.282"; src = fetchFromGitHub { owner = "ddworken"; repo = pname; rev = "v${version}"; - hash = "sha256-Gb2E9IlXU+3WuEDIh/McwoHPEUqVAxMeaGVmers5Hvw="; + hash = "sha256-vuIeNa2Kr19L2lHTtsamjvnMsNNPQYU0yOPXXtXAOvA="; }; - vendorHash = "sha256-qWKLYGDbL5LL3CjD2yz9CjwAM6lL9Pjnbk+ERCmW94c="; + vendorHash = "sha256-MUE6cq3mTRUcxO+lhAWr73wAzSYv9eMmv9Twpq/QHTc="; ldflags = [ "-X github.com/ddworken/hishtory/client/lib.Version=${version}" ]; diff --git a/pkgs/tools/backup/zfs-replicate/default.nix b/pkgs/tools/backup/zfs-replicate/default.nix index 0c9e2b0998a8..5a377d8cae28 100644 --- a/pkgs/tools/backup/zfs-replicate/default.nix +++ b/pkgs/tools/backup/zfs-replicate/default.nix @@ -11,12 +11,12 @@ buildPythonApplication rec { pname = "zfs_replicate"; - version = "3.2.10"; + version = "3.2.11"; pyproject = true; src = fetchPypi { inherit pname version; - hash = "sha256-LEBCdrJZLddJm2nz2JLfwskU8roN/MZlr79exFEWnRI="; + hash = "sha256-8u65Ht7s2RqBYetKf/3erb6B2+/iZgnqHBogYa4J/rs="; }; postPatch = '' diff --git a/pkgs/tools/misc/cf-terraforming/default.nix b/pkgs/tools/misc/cf-terraforming/default.nix index d27230906157..5ec67c40f1d8 100644 --- a/pkgs/tools/misc/cf-terraforming/default.nix +++ b/pkgs/tools/misc/cf-terraforming/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "cf-terraforming"; - version = "0.18.0"; + version = "0.19.0"; src = fetchFromGitHub { owner = "cloudflare"; repo = "cf-terraforming"; rev = "v${version}"; - sha256 = "sha256-U6xYJWVf1O/DLtC6J3b+DL97QYUW6ObRh/9EKXhi/j4="; + sha256 = "sha256-eGfPk3qptNf6QfVKDT4MwJav7z+ri+eEiB7KHGRxzOE="; }; - vendorHash = "sha256-r5qlnY3gIigjbFUj9ZVY9WTQM4aYNlTv3HHpc2r/+Rw="; + vendorHash = "sha256-cWFCEC20D2nhVeW7P/w5YSt1tQbWTPDWF/eaxEvWoLo="; ldflags = [ "-X github.com/cloudflare/cf-terraforming/internal/app/cf-terraforming/cmd.versionString=${version}" ]; # The test suite insists on downloading a binary release of Terraform from diff --git a/pkgs/tools/security/tracee/default.nix b/pkgs/tools/security/tracee/default.nix index c1615c1ddf56..315ec08116af 100644 --- a/pkgs/tools/security/tracee/default.nix +++ b/pkgs/tools/security/tracee/default.nix @@ -12,22 +12,28 @@ , nixosTests , testers , tracee +, makeWrapper }: buildGoModule rec { pname = "tracee"; - version = "0.13.1"; + version = "0.20.0"; src = fetchFromGitHub { owner = "aquasecurity"; repo = pname; - rev = "v${version}"; - hash = "sha256-YO5u/hE5enoqh8niV4Zi+NFUsU+UXCCxdqvxolZImGk="; + # project has branches and tags of the same name + rev = "refs/tags/v${version}"; + hash = "sha256-OnOayDxisvDd802kDKGctaQc5LyoyFfdfvC+2JpRjHY="; }; - vendorHash = "sha256-swMvJe+Dz/kwPIStPlQ7d6U/UwXSMcJ3eONxjzebXCc="; + vendorHash = "sha256-26sAKTJQ7Rf5KRlu7j5XiZVr6CkAC6fm60Pam7KH0uA="; patches = [ ./use-our-libbpf.patch + # can not vendor dependencies with old pyroscope + # remove once https://github.com/aquasecurity/tracee/pull/3927 + # makes it to a release + ./update-pyroscope.patch ]; enableParallelBuilding = true; @@ -47,7 +53,7 @@ buildGoModule rec { buildPhase = '' runHook preBuild mkdir -p ./dist - make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf-core all + make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf all runHook postBuild ''; @@ -63,29 +69,20 @@ buildGoModule rec { mkdir -p $out/bin $lib/lib/tracee $share/share/tracee - mv ./dist/tracee $out/bin/ - mv ./dist/tracee.bpf.core.o $lib/lib/tracee/ + mv ./dist/{tracee,signatures} $out/bin/ + mv ./dist/tracee.bpf.o $lib/lib/tracee/ mv ./cmd/tracee-rules/templates $share/share/tracee/ runHook postInstall ''; - doInstallCheck = true; - installCheckPhase = '' - runHook preInstallCheck - - $out/bin/tracee --help - $out/bin/tracee --version | grep "v${version}" - - runHook postInstallCheck - ''; - passthru.tests = { integration = nixosTests.tracee; + integration-test-cli = import ./integration-tests.nix { inherit lib tracee makeWrapper; }; version = testers.testVersion { package = tracee; version = "v${version}"; - command = "tracee --version"; + command = "tracee version"; }; }; diff --git a/pkgs/tools/security/tracee/integration-tests.nix b/pkgs/tools/security/tracee/integration-tests.nix new file mode 100644 index 000000000000..fd3feb69f564 --- /dev/null +++ b/pkgs/tools/security/tracee/integration-tests.nix @@ -0,0 +1,42 @@ +{ lib, tracee, makeWrapper }: +tracee.overrideAttrs (oa: { + pname = oa.pname + "-integration"; + postPatch = oa.postPatch or "" + '' + # fix the test to look at nixos paths for running programs + # --replace-fail '"integration.tes"' '"tracee-integrat"' \ + substituteInPlace tests/integration/event_filters_test.go \ + --replace-fail "exec=/usr/bin/dockerd" "comm=dockerd" \ + --replace-fail "exec=/usr/bin" "exec=/tmp/testdir" \ + --replace-fail "/usr/bin/tee" "tee" \ + --replace-fail "/usr/bin" "/run/current-system/sw/bin" \ + --replace-fail 'syscallerAbsPath := filepath.Join("..", "..", "dist", "syscaller")' "syscallerAbsPath := filepath.Join(\"$out/bin/syscaller\")" + substituteInPlace tests/integration/exec_test.go \ + --replace-fail "/usr/bin" "/run/current-system/sw/bin" + ''; + nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ makeWrapper ]; + buildPhase = '' + runHook preBuild + # copy existing built object to dist + mkdir -p dist/btfhub + touch dist/btfhub/.placeholder + cp ${lib.getOutput "lib" tracee}/lib/tracee/tracee.bpf.o ./dist/ + + # then compile the tests to be ran later + mkdir -p $GOPATH/tracee-integration + CGO_LDFLAGS="$(pkg-config --libs libbpf)" go build -o $GOPATH/tracee-integration/syscaller ./tests/integration/syscaller/cmd + CGO_LDFLAGS="$(pkg-config --libs libbpf)" go test -tags core,ebpf,integration -c -o $GOPATH/tracee-integration/ ./tests/integration/... + runHook postBuild + ''; + doCheck = false; + installPhase = '' + mkdir -p $out/bin + mv $GOPATH/tracee-integration/{integration.test,syscaller} $out/bin/ + # cp -r ${tracee}/bin/signatures $out/bin/ + ''; + doInstallCheck = false; + + outputs = [ "out" ]; + meta = oa.meta // { + outputsToInstall = [ "out" ]; + }; +}) diff --git a/pkgs/tools/security/tracee/update-pyroscope.patch b/pkgs/tools/security/tracee/update-pyroscope.patch new file mode 100644 index 000000000000..17f27e6b88dd --- /dev/null +++ b/pkgs/tools/security/tracee/update-pyroscope.patch @@ -0,0 +1,229 @@ +diff --git a/go.mod b/go.mod +index 8288d7d0a..0ac753fa1 100644 +--- a/go.mod ++++ b/go.mod +@@ -16,6 +16,7 @@ require ( + github.com/docker/docker v24.0.7+incompatible + github.com/golang/protobuf v1.5.3 + github.com/google/gopacket v1.1.19 ++ github.com/grafana/pyroscope-go v1.1.1 + github.com/hashicorp/golang-lru v0.5.4 + github.com/hashicorp/golang-lru/v2 v2.0.2 + github.com/mennanov/fmutils v0.2.0 +@@ -23,7 +24,6 @@ require ( + github.com/mitchellh/mapstructure v1.5.0 + github.com/open-policy-agent/opa v0.52.0 + github.com/prometheus/client_golang v1.16.0 +- github.com/pyroscope-io/pyroscope v0.37.2 + github.com/sashabaranov/go-gpt3 v1.4.0 + github.com/spf13/cobra v1.7.0 + github.com/spf13/viper v1.15.0 +@@ -57,15 +57,14 @@ require ( + github.com/go-logr/logr v1.2.4 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/go-logr/zapr v1.2.4 // indirect +- github.com/go-ole/go-ole v1.2.6 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.22.3 // indirect + github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/gofuzz v1.2.0 // indirect ++ github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26 // indirect + github.com/gorilla/websocket v1.5.0 // indirect +- github.com/hashicorp/errwrap v1.1.0 // indirect +- github.com/hashicorp/go-multierror v1.1.1 // indirect ++ github.com/grafana/pyroscope-go/godeltaprof v0.1.6 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/josharian/intern v1.0.0 // indirect +@@ -73,24 +72,18 @@ require ( + github.com/magiconair/properties v1.8.7 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/mattn/go-runewidth v0.0.10 // indirect +- github.com/mitchellh/go-ps v1.0.0 // indirect + github.com/moby/sys/sequential v0.5.0 // indirect + github.com/moby/term v0.5.0 // indirect ++ github.com/morikuni/aec v1.0.0 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/pelletier/go-toml/v2 v2.0.7 // indirect + github.com/philhofer/fwd v1.1.2 // indirect +- github.com/pyroscope-io/dotnetdiag v1.2.1 // indirect + github.com/rivo/uniseg v0.2.0 // indirect +- github.com/shirou/gopsutil v3.21.11+incompatible // indirect + github.com/spf13/afero v1.9.5 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + github.com/subosito/gotenv v1.4.2 // indirect + github.com/tinylib/msgp v1.1.8 // indirect +- github.com/tklauser/go-sysconf v0.3.11 // indirect +- github.com/tklauser/numcpus v0.6.0 // indirect +- github.com/valyala/bytebufferpool v1.0.0 // indirect +- github.com/yusufpapurcu/wmi v1.2.2 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 // indirect + go.opentelemetry.io/otel v1.19.0 // indirect + go.opentelemetry.io/otel/metric v1.19.0 // indirect +@@ -145,7 +138,7 @@ require ( + github.com/huandu/xstrings v1.4.0 // indirect + github.com/imdario/mergo v0.3.15 // indirect + github.com/json-iterator/go v1.1.12 // indirect +- github.com/klauspost/compress v1.16.5 // indirect ++ github.com/klauspost/compress v1.17.3 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect +diff --git a/go.sum b/go.sum +index 2ecdafafc..598416eeb 100644 +--- a/go.sum ++++ b/go.sum +@@ -53,7 +53,6 @@ github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0 + github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= + github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= + github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= +-github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= + github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= + github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= + github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8= +@@ -144,8 +143,6 @@ github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCv + github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= + github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= + github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +-github.com/felixge/fgprof v0.9.1 h1:E6FUJ2Mlv043ipLOCFqo8+cHo9MhQ203E2cdEK/isEs= +-github.com/felixge/fgprof v0.9.1/go.mod h1:7/HK6JFtFaARhIljgP2IV8rJLIoHDoOYoUphsnGvqxE= + github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= + github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= + github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= +@@ -169,8 +166,6 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= + github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= + github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= + github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +-github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= +-github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= + github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= + github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= + github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +@@ -266,11 +261,10 @@ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5m + github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= + github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= + github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +-github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +-github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +-github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +-github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +-github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= ++github.com/grafana/pyroscope-go v1.1.1 h1:PQoUU9oWtO3ve/fgIiklYuGilvsm8qaGhlY4Vw6MAcQ= ++github.com/grafana/pyroscope-go v1.1.1/go.mod h1:Mw26jU7jsL/KStNSGGuuVYdUq7Qghem5P8aXYXSXG88= ++github.com/grafana/pyroscope-go/godeltaprof v0.1.6 h1:nEdZ8louGAplSvIJi1HVp7kWvFvdiiYg3COLlTwJiFo= ++github.com/grafana/pyroscope-go/godeltaprof v0.1.6/go.mod h1:Tk376Nbldo4Cha9RgiU7ik8WKFkNpfds98aUzS8omLE= + github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= + github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= + github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= +@@ -300,8 +294,8 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1 + github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= + github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= + github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +-github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI= +-github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= ++github.com/klauspost/compress v1.17.3 h1:qkRjuerhUU1EmXLYGkSH6EZL+vPSxIrYjLNAK4slzwA= ++github.com/klauspost/compress v1.17.3/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= + github.com/klauspost/cpuid/v2 v2.2.3 h1:sxCkb+qR91z4vsqw4vGGZlDgPz3G7gjaLyK3V8y70BU= + github.com/klauspost/cpuid/v2 v2.2.3/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= + github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +@@ -331,8 +325,6 @@ github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5 + github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= + github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= + github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= +-github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc= +-github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg= + github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= + github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= + github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +@@ -397,10 +389,6 @@ github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO + github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= + github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= + github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= +-github.com/pyroscope-io/dotnetdiag v1.2.1 h1:3XEMrfFJnZ87BiEhozyQKmCUAuMd/Spq7KChPuD2Cf0= +-github.com/pyroscope-io/dotnetdiag v1.2.1/go.mod h1:eFUEHCp4eD1TgcXMlJihC+R4MrqGf7nTRdWxNADbDHA= +-github.com/pyroscope-io/pyroscope v0.37.2 h1:MOgLU/oO7VfV6jWqb0xoFH/YPSVbWD5pGsX+tZVGh98= +-github.com/pyroscope-io/pyroscope v0.37.2/go.mod h1:r4wq4ajJvN7g1OeXGyNvmwzBfQ+Tm5alYvmxqEQSTsc= + github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM= + github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= + github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +@@ -414,13 +402,10 @@ github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf + github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= + github.com/sashabaranov/go-gpt3 v1.4.0 h1:UqHYdXgJNtNvTtbzDnnQgkQ9TgTnHtCXx966uFTYXvU= + github.com/sashabaranov/go-gpt3 v1.4.0/go.mod h1:BIZdbwdzxZbCrcKGMGH6u2eyGe1xFuX9Anmh3tCP8lQ= +-github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI= +-github.com/shirou/gopsutil v3.21.11+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA= + github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= + github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= + github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= + github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +-github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= + github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= + github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= + github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +@@ -456,14 +441,8 @@ github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BG + github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= + github.com/tinylib/msgp v1.1.8 h1:FCXC1xanKO4I8plpHGH2P7koL/RzZs12l/+r7vakfm0= + github.com/tinylib/msgp v1.1.8/go.mod h1:qkpG+2ldGg4xRFmx+jfTvZPxfGFhi64BcnL9vkCm/Tw= +-github.com/tklauser/go-sysconf v0.3.11 h1:89WgdJhk5SNwJfu+GKyYveZ4IaJ7xAkecBo+KdJV0CM= +-github.com/tklauser/go-sysconf v0.3.11/go.mod h1:GqXfhXY3kiPa0nAXPDIQIWzJbMCB7AmcWpGR8lSZfqI= +-github.com/tklauser/numcpus v0.6.0 h1:kebhY2Qt+3U6RNK7UqpYNA+tJ23IBEGKkB7JQBfDYms= +-github.com/tklauser/numcpus v0.6.0/go.mod h1:FEZLMke0lhOUG6w2JadTzp0a+Nl8PF/GFkQ5UVIcaL4= + github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M= + github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= +-github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= +-github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= + github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= + github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= + github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +@@ -476,8 +455,6 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de + github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= + github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= + github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +-github.com/yusufpapurcu/wmi v1.2.2 h1:KBNDSne4vP5mbSWnJbO+51IMOXJB67QiYCSBrubbPRg= +-github.com/yusufpapurcu/wmi v1.2.2/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= + go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= + go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= + go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +@@ -629,7 +606,6 @@ golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7w + golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= + golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= + golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +-golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= + golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= + golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= + golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +diff --git a/pkg/server/http/server.go b/pkg/server/http/server.go +index 898344591..85ccc68ed 100644 +--- a/pkg/server/http/server.go ++++ b/pkg/server/http/server.go +@@ -7,7 +7,7 @@ import ( + "net/http/pprof" + + "github.com/prometheus/client_golang/prometheus/promhttp" +- "github.com/pyroscope-io/pyroscope/pkg/agent/profiler" ++ "github.com/grafana/pyroscope-go" + + "github.com/aquasecurity/tracee/pkg/logger" + ) +@@ -17,7 +17,7 @@ type Server struct { + hs *http.Server + mux *http.ServeMux // just an exposed copy of hs.Handler + metricsEnabled bool +- pyroProfiler *profiler.Profiler ++ pyroProfiler *pyroscope.Profiler + } + + // New creates a new server +@@ -90,8 +90,8 @@ func (s *Server) EnablePProfEndpoint() { + // EnablePyroAgent enables pyroscope agent in golang push mode + // TODO: make this configurable + func (s *Server) EnablePyroAgent() error { +- p, err := profiler.Start( +- profiler.Config{ ++ p, err := pyroscope.Start( ++ pyroscope.Config{ + ApplicationName: "tracee", + ServerAddress: "http://localhost:4040", + }, diff --git a/pkgs/tools/security/tracee/use-our-libbpf.patch b/pkgs/tools/security/tracee/use-our-libbpf.patch index 00d91ca6e3b3..4f6dc5957a77 100644 --- a/pkgs/tools/security/tracee/use-our-libbpf.patch +++ b/pkgs/tools/security/tracee/use-our-libbpf.patch @@ -1,8 +1,8 @@ diff --git a/Makefile b/Makefile -index d7596a1a..dd7b97b6 100644 +index 29be1ae71..b88f31cba 100644 --- a/Makefile +++ b/Makefile -@@ -50,6 +50,7 @@ CMD_STATICCHECK ?= staticcheck +@@ -54,6 +54,7 @@ CMD_CONTROLLER_GEN ?= controller-gen # libs # @@ -10,26 +10,26 @@ index d7596a1a..dd7b97b6 100644 LIB_ELF ?= libelf LIB_ZLIB ?= zlib -@@ -279,8 +280,6 @@ OUTPUT_DIR = ./dist +@@ -299,8 +300,6 @@ OUTPUT_DIR = ./dist $(OUTPUT_DIR): # @$(CMD_MKDIR) -p $@ -- @$(CMD_MKDIR) -p $@/libbpf -- @$(CMD_MKDIR) -p $@/libbpf/obj +- $(CMD_MKDIR) -p $@/libbpf +- $(CMD_MKDIR) -p $@/libbpf/obj # # embedded btfhub -@@ -418,7 +417,6 @@ TRACEE_EBPF_OBJ_CORE_HEADERS = $(shell find pkg/ebpf/c -name *.h) - bpf-core: $(OUTPUT_DIR)/tracee.bpf.core.o +@@ -353,7 +352,6 @@ TRACEE_EBPF_OBJ_HEADERS = $(shell find pkg/ebpf/c -name *.h) + bpf: $(OUTPUT_DIR)/tracee.bpf.o - $(OUTPUT_DIR)/tracee.bpf.core.o: \ + $(OUTPUT_DIR)/tracee.bpf.o: \ - $(OUTPUT_DIR)/libbpf/libbpf.a \ $(TRACEE_EBPF_OBJ_SRC) \ - $(TRACEE_EBPF_OBJ_CORE_HEADERS) + $(TRACEE_EBPF_OBJ_HEADERS) # -@@ -453,8 +451,8 @@ ifeq ($(STATIC), 1) - GO_TAGS_EBPF := $(GO_TAGS_EBPF),netgo - endif +@@ -391,8 +389,8 @@ endif + TRACEE_SRC_DIRS = ./cmd/ ./pkg/ ./signatures/ + TRACEE_SRC = $(shell find $(TRACEE_SRC_DIRS) -type f -name '*.go' ! -name '*_test.go') -CUSTOM_CGO_CFLAGS = "-I$(abspath $(OUTPUT_DIR)/libbpf)" -CUSTOM_CGO_LDFLAGS = "$(shell $(call pkg_config, $(LIB_ELF))) $(shell $(call pkg_config, $(LIB_ZLIB))) $(abspath $(OUTPUT_DIR)/libbpf/libbpf.a)" @@ -38,11 +38,11 @@ index d7596a1a..dd7b97b6 100644 GO_ENV_EBPF = GO_ENV_EBPF += GOOS=linux -@@ -474,6 +472,7 @@ $(OUTPUT_DIR)/tracee-ebpf: \ - $(TRACEE_EBPF_SRC) \ - ./embedded-ebpf.go \ +@@ -437,6 +435,7 @@ $(OUTPUT_DIR)/tracee: \ + $(OUTPUT_DIR)/tracee.bpf.o \ + $(TRACEE_SRC) \ | .checkver_$(CMD_GO) \ + .checklib_$(LIB_BPF) \ .checklib_$(LIB_ELF) \ .checklib_$(LIB_ZLIB) \ - btfhub + btfhub \ diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 4162f018b100..b682c3501ecd 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14954,6 +14954,8 @@ with pkgs; boost = boost179; }; + xorriso = libisoburn; + xurls = callPackage ../tools/text/xurls { }; xxv = callPackage ../tools/misc/xxv { }; @@ -16251,7 +16253,7 @@ with pkgs; hugs = callPackage ../development/interpreters/hugs { }; - inherit (javaPackages) openjfx11 openjfx15 openjfx17 openjfx19 openjfx20 openjfx21; + inherit (javaPackages) openjfx11 openjfx15 openjfx17 openjfx19 openjfx20 openjfx21 openjfx22; openjfx = openjfx17; openjdk8-bootstrap = javaPackages.compiler.openjdk8-bootstrap; @@ -16291,6 +16293,11 @@ with pkgs; jdk21 = openjdk21; jdk21_headless = openjdk21_headless; + openjdk22 = javaPackages.compiler.openjdk22; + openjdk22_headless = javaPackages.compiler.openjdk22.headless; + jdk22 = openjdk22; + jdk22_headless = openjdk22_headless; + /* default JDK */ jdk = jdk21; jdk_headless = jdk21_headless; @@ -28574,7 +28581,6 @@ with pkgs; bgnet = callPackage ../data/documentation/bgnet { }; - bibata-cursors = callPackage ../data/icons/bibata-cursors { attrs = python3Packages.attrs; }; bibata-extra-cursors = callPackage ../data/icons/bibata-cursors/extra.nix { }; bibata-cursors-translucent = callPackage ../data/icons/bibata-cursors/translucent.nix { }; @@ -33420,8 +33426,6 @@ with pkgs; nixos-shell = callPackage ../tools/virtualization/nixos-shell { }; - nix-ld = callPackage ../os-specific/linux/nix-ld { }; - noaa-apt = callPackage ../applications/radio/noaa-apt { }; node-problem-detector = callPackage ../applications/networking/cluster/node-problem-detector { }; @@ -41295,6 +41299,8 @@ with pkgs; treefmt = callPackage ../development/tools/treefmt { }; + nufmt = callPackage ../development/tools/nufmt { }; + bottom = darwin.apple_sdk_11_0.callPackage ../tools/system/bottom { }; cagebreak = callPackage ../applications/window-managers/cagebreak { diff --git a/pkgs/top-level/java-packages.nix b/pkgs/top-level/java-packages.nix index 6cfd785de1f7..1028c2f62bae 100644 --- a/pkgs/top-level/java-packages.nix +++ b/pkgs/top-level/java-packages.nix @@ -9,9 +9,10 @@ let openjfx19 = callPackage ../development/compilers/openjdk/openjfx/19.nix { }; openjfx20 = callPackage ../development/compilers/openjdk/openjfx/20.nix { }; openjfx21 = callPackage ../development/compilers/openjdk/openjfx/21.nix { }; + openjfx22 = callPackage ../development/compilers/openjdk/openjfx/22.nix { }; in { - inherit openjfx11 openjfx15 openjfx17 openjfx19 openjfx20 openjfx21; + inherit openjfx11 openjfx15 openjfx17 openjfx19 openjfx20 openjfx21 openjfx22; compiler = let @@ -221,6 +222,14 @@ in { openjfx = openjfx21; }; + openjdk22 = mkOpenjdk + ../development/compilers/openjdk/22.nix + ../development/compilers/zulu/22.nix + { + openjdk22-bootstrap = temurin-bin.jdk-21; + openjfx = openjfx22; + }; + temurin-bin = recurseIntoAttrs (callPackage ( if stdenv.isLinux then ../development/compilers/temurin-bin/jdk-linux.nix