From d75f9285f735e06462bab3dd149cc99bbbe691c4 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Fri, 28 Jul 2023 19:58:28 +0100 Subject: [PATCH 01/95] taglib: 0.13.0 -> 0.13.1 Changes: https://github.com/taglib/taglib/releases/tag/v1.13.1 --- pkgs/development/libraries/taglib/default.nix | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/taglib/default.nix b/pkgs/development/libraries/taglib/default.nix index 0fb207e4e0f7..6eaab9623417 100644 --- a/pkgs/development/libraries/taglib/default.nix +++ b/pkgs/development/libraries/taglib/default.nix @@ -7,20 +7,26 @@ stdenv.mkDerivation rec { pname = "taglib"; - version = "1.13"; + version = "1.13.1"; src = fetchFromGitHub { owner = "taglib"; repo = "taglib"; rev = "v${version}"; - sha256 = "sha256-DRALRH+/7c2lBvCpLp8hop3Xxsf76F1q8L7F9qehqQA="; + hash = "sha256-QX0EpHGT36UsgIfRf5iALnwxe0jjLpZvCTbk8vSMFF4="; }; nativeBuildInputs = [ cmake ]; buildInputs = [ zlib ]; - cmakeFlags = [ "-DBUILD_SHARED_LIBS=ON" ]; + cmakeFlags = [ + "-DBUILD_SHARED_LIBS=ON" + # Workaround unconditional ${prefix} until upstream is fixed: + # https://github.com/taglib/taglib/issues/1098 + "-DCMAKE_INSTALL_LIBDIR=lib" + "-DCMAKE_INSTALL_INCLUDEDIR=include" + ]; meta = with lib; { homepage = "https://taglib.org/"; From b60fb55a38c021ec8f8c545fd59c6ef279ce6e6c Mon Sep 17 00:00:00 2001 From: Colin Date: Sun, 30 Jul 2023 00:24:38 +0000 Subject: [PATCH 02/95] perlPackages.FileBaseDir: 0.08 -> 0.09 --- pkgs/top-level/perl-packages.nix | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 55c88c176b12..2ed373b4d9bc 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -9171,19 +9171,15 @@ with self; { }; }; - FileBaseDir = buildPerlModule { - version = "0.08"; + FileBaseDir = buildPerlPackage { + version = "0.09"; pname = "File-BaseDir"; src = fetchurl { - url = "mirror://cpan/authors/id/K/KI/KIMRYAN/File-BaseDir-0.08.tar.gz"; - hash = "sha256-wGX80+LyKudpk3vMlxuR+AKU1QCfrBQL+6g799NTBeM="; + url = "mirror://cpan/authors/id/P/PL/PLICEASE/File-BaseDir-0.09.tar.gz"; + hash = "sha256-bab3KBVirI8R7xo69q7bUcQRgrYPHxIs7QB579kpZ9k="; }; - configurePhase = '' - runHook preConfigure - perl Build.PL PREFIX="$out" prefix="$out" - ''; propagatedBuildInputs = [ IPCSystemSimple ]; - buildInputs = [ FileWhich ]; + nativeCheckInputs = [ FileWhich ]; meta = { description = "Use the Freedesktop.org base directory specification"; license = with lib.licenses; [ artistic1 gpl1Plus ]; From 1b64bc6920d009c3f2a6f73aef413a41bd64f41e Mon Sep 17 00:00:00 2001 From: Colin Date: Sun, 30 Jul 2023 22:32:58 +0000 Subject: [PATCH 03/95] perlPackages.TestFile: 1.443 -> 1.993 --- pkgs/top-level/perl-packages.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 2ed373b4d9bc..86d430f5f361 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -24105,12 +24105,11 @@ with self; { TestFile = buildPerlPackage { pname = "Test-File"; - version = "1.443"; + version = "1.993"; src = fetchurl { - url = "mirror://cpan/authors/id/B/BD/BDFOY/Test-File-1.443.tar.gz"; - hash = "sha256-YbSmq49hfIx7WXUWTPYZRo3DBLa6quo1J4KShvpYvNU="; + url = "mirror://cpan/authors/id/B/BD/BDFOY/Test-File-1.993.tar.gz"; + hash = "sha256-7y/+Gq7HtC2HStQR7GR1R7m5vC9fuT5J4zmUiEVq/Ho="; }; - buildInputs = [ Testutf8 ]; meta = { description = "Test file attributes"; homepage = "https://github.com/briandfoy/test-file"; From fce5f0a11411d638ce466aeead5089dd0a10f654 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Fri, 4 Aug 2023 07:26:48 +0100 Subject: [PATCH 04/95] autoconf-archive: 2022.09.03 -> 2023.02.20 --- pkgs/development/tools/misc/autoconf-archive/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/misc/autoconf-archive/default.nix b/pkgs/development/tools/misc/autoconf-archive/default.nix index 9b5ca5de570f..3fbfabcee265 100644 --- a/pkgs/development/tools/misc/autoconf-archive/default.nix +++ b/pkgs/development/tools/misc/autoconf-archive/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "autoconf-archive"; - version = "2022.09.03"; + version = "2023.02.20"; src = fetchurl { url = "mirror://gnu/autoconf-archive/autoconf-archive-${version}.tar.xz"; - sha256 = "sha256-4HRU8A2MrnkHvtQtB0d5iSeAmUdoTZTDcgek1joy9CM="; + hash = "sha256-cdQEhHmuKPH1eUYZw9ct+cAd9JscYo74X943WW3DGjM="; }; strictDeps = true; From f01288ec4ee16d0410ab32e2a72bfbc3966b6bd7 Mon Sep 17 00:00:00 2001 From: Emily Date: Fri, 4 Aug 2023 06:57:38 +0100 Subject: [PATCH 05/95] inputplug: mark broken on Darwin --- pkgs/tools/X11/inputplug/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/tools/X11/inputplug/default.nix b/pkgs/tools/X11/inputplug/default.nix index 031b73994b62..e6bf334cf4c0 100644 --- a/pkgs/tools/X11/inputplug/default.nix +++ b/pkgs/tools/X11/inputplug/default.nix @@ -4,6 +4,7 @@ , libbsd , pkg-config , rustPlatform +, stdenv }: rustPlatform.buildRustPackage rec { @@ -29,6 +30,9 @@ rustPlatform.buildRustPackage rec { description = "Monitor XInput events and run arbitrary scripts on hierarchy change events"; homepage = "https://github.com/andrewshadura/inputplug"; license = licenses.mit; + platforms = platforms.unix; + # `daemon(3)` is deprecated on macOS and `pidfile-rs` needs updating + broken = stdenv.isDarwin; maintainers = with maintainers; [ jecaro ]; }; } From c3bd98051b7c0e5e88740b85dd5e2f4c63504b6e Mon Sep 17 00:00:00 2001 From: Emily Date: Thu, 3 Aug 2023 23:57:13 +0100 Subject: [PATCH 06/95] libmd: 1.0.4 -> 1.1.0 The symbol alias macros now support macOS, so the patch can be dropped. --- pkgs/development/libraries/libmd/default.nix | 25 +++++++------------- 1 file changed, 9 insertions(+), 16 deletions(-) diff --git a/pkgs/development/libraries/libmd/default.nix b/pkgs/development/libraries/libmd/default.nix index ad3d8f0cce40..4b546bb6e608 100644 --- a/pkgs/development/libraries/libmd/default.nix +++ b/pkgs/development/libraries/libmd/default.nix @@ -1,35 +1,28 @@ { lib, stdenv, fetchurl, fetchpatch, autoreconfHook }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "libmd"; - version = "1.0.4"; + version = "1.1.0"; src = fetchurl { urls = [ - "https://archive.hadrons.org/software/libmd/libmd-${version}.tar.xz" - "https://libbsd.freedesktop.org/releases/libmd-${version}.tar.xz" + "https://archive.hadrons.org/software/libmd/libmd-${finalAttrs.version}.tar.xz" + "https://libbsd.freedesktop.org/releases/libmd-${finalAttrs.version}.tar.xz" ]; - sha256 = "sha256-9RySEELjS+3e3tS3VVdlZVnPWx8kSAM7TB7sEcB+Uw8="; + sha256 = "sha256-G9aqQidTE68xQcfPLluWTosf1IgCXK8vlx9DsAd2szI="; }; - patches = [ - # Drop aliases for SHA384 functions, because such aliases are not supported on Darwin. - (fetchpatch { - url = "https://github.com/macports/macports-ports/raw/8332f5dbcaf05a02bc31fbd4ccf735e7d5c9a5b0/devel/libmd/files/patch-symbol-alias.diff"; - sha256 = "sha256-py5hMpKYKwtBzhWn01lFc2a6+OZN72YCYXyhg1qe6rg="; - extraPrefix = ""; - }) - ]; + enableParallelBuilding = true; nativeBuildInputs = [ autoreconfHook ]; meta = with lib; { - homepage = "https://www.hadrons.org/software/${pname}/"; - changelog = "https://archive.hadrons.org/software/libmd/libmd-${version}.announce"; + homepage = "https://www.hadrons.org/software/libmd/"; + changelog = "https://archive.hadrons.org/software/libmd/libmd-${finalAttrs.version}.announce"; # Git: https://git.hadrons.org/cgit/libmd.git description = "Message Digest functions from BSD systems"; license = with licenses; [ bsd3 bsd2 isc beerware publicDomain ]; maintainers = with maintainers; [ primeos ]; platforms = platforms.unix; }; -} +}) From 898a23d41482caa7ec52c8a680750495e48177e7 Mon Sep 17 00:00:00 2001 From: Emily Date: Fri, 4 Aug 2023 08:47:15 +0100 Subject: [PATCH 07/95] libmd: enable tests --- pkgs/development/libraries/libmd/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/libraries/libmd/default.nix b/pkgs/development/libraries/libmd/default.nix index 4b546bb6e608..bf156fb1c55d 100644 --- a/pkgs/development/libraries/libmd/default.nix +++ b/pkgs/development/libraries/libmd/default.nix @@ -14,6 +14,8 @@ stdenv.mkDerivation (finalAttrs: { enableParallelBuilding = true; + doCheck = true; + nativeBuildInputs = [ autoreconfHook ]; meta = with lib; { From e6e8e254fe4d936dbc5339bc5bc1334bc73069b2 Mon Sep 17 00:00:00 2001 From: Emily Date: Thu, 3 Aug 2023 23:57:13 +0100 Subject: [PATCH 08/95] libbsd: 0.11.7 -> unstable-2023-04-29 The current Git revision has had a lot of work done to it to better support macOS and lets us drop the huge patch we were using before. More macOS fixes are apparently on the way, so hopefully the two that are still required can be dropped on the next release. --- .../libbsd/darwin-fix-libbsd.sym.patch | 15 + .../development/libraries/libbsd/darwin.patch | 309 ------------------ pkgs/development/libraries/libbsd/default.nix | 45 ++- 3 files changed, 49 insertions(+), 320 deletions(-) create mode 100644 pkgs/development/libraries/libbsd/darwin-fix-libbsd.sym.patch delete mode 100644 pkgs/development/libraries/libbsd/darwin.patch diff --git a/pkgs/development/libraries/libbsd/darwin-fix-libbsd.sym.patch b/pkgs/development/libraries/libbsd/darwin-fix-libbsd.sym.patch new file mode 100644 index 000000000000..de40da981623 --- /dev/null +++ b/pkgs/development/libraries/libbsd/darwin-fix-libbsd.sym.patch @@ -0,0 +1,15 @@ +diff --git a/src/Makefile.am b/src/Makefile.am +index 9d22b00..c6848fc 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -198,7 +198,9 @@ libbsd_ctor_a_SOURCES = \ + # Generate a simple libtool symbol export list to be used as a fallback if + # there is no version script support. + libbsd.sym: libbsd.map +- $(AM_V_GEN) $(SED) -ne 's/^[[:space:]]\{1,\}\([A-Za-z0-9_]\{1,\}\);/\1/p' libbsd.map > $@ ++ $(AM_V_GEN) $(SED) -ne 's/^[[:space:]]\{1,\}\([A-Za-z0-9_]\{1,\}\);/\1/p' libbsd.map \ ++ | grep -Ev '(group_from_gid|user_from_uid|nlist|__fdnlist|bsd_getopt)' \ ++ > $@ + + if NEED_TRANSPARENT_LIBMD + TRANSPARENT_LIBMD_DEPENDS = format.ld diff --git a/pkgs/development/libraries/libbsd/darwin.patch b/pkgs/development/libraries/libbsd/darwin.patch deleted file mode 100644 index c52c64f35aee..000000000000 --- a/pkgs/development/libraries/libbsd/darwin.patch +++ /dev/null @@ -1,309 +0,0 @@ -diff --git a/configure.ac b/configure.ac -index 5b6d22b..98c449b 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -145,7 +145,7 @@ AS_CASE([$host_os], - AM_CONDITIONAL([OS_WINDOWS], [test "x$is_windows" = "xyes"]) - - # Checks for header files. --AC_CHECK_HEADERS([sys/ndir.h sys/dir.h ndir.h dirent.h pwd.h grp.h]) -+AC_CHECK_HEADERS([sys/ndir.h sys/dir.h ndir.h dirent.h pwd.h grp.h nlist.h]) - - # Checks for typedefs, structures, and compiler characteristics. - AC_C_INLINE -@@ -245,7 +245,9 @@ AC_LINK_IFELSE( - - AC_CHECK_FUNCS([clearenv dirfd fopencookie __fpurge \ - getauxval getentropy getexecname getline \ -- pstat_getproc sysconf]) -+ pstat_getproc sysconf \ -+ strlcpy strlcat strnstr strmode fpurge \ -+ user_from_uid group_from_gid]) - AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = "xtrue"]) - - AC_SUBST([MD5_LIBS]) -diff --git a/include/bsd/grp.h b/include/bsd/grp.h -index b2705e5..c9423a2 100644 ---- a/include/bsd/grp.h -+++ b/include/bsd/grp.h -@@ -44,8 +44,10 @@ - __BEGIN_DECLS - int - gid_from_group(const char *, gid_t *); -+#if !HAVE_GROUP_FROM_GID - const char * - group_from_gid(gid_t, int); -+#endif - __END_DECLS - - #endif -diff --git a/include/bsd/pwd.h b/include/bsd/pwd.h -index 798af4b..6ae5244 100644 ---- a/include/bsd/pwd.h -+++ b/include/bsd/pwd.h -@@ -44,8 +44,10 @@ - __BEGIN_DECLS - int - uid_from_user(const char *, uid_t *); -+#if !HAVE_USER_FROM_UID - const char * - user_from_uid(uid_t, int); -+#endif - __END_DECLS - - #endif -diff --git a/include/bsd/string.h b/include/bsd/string.h -index f987fee..a1e17ed 100644 ---- a/include/bsd/string.h -+++ b/include/bsd/string.h -@@ -41,10 +41,21 @@ - #include - - __BEGIN_DECLS -+#if !HAVE_STRLCPY - size_t strlcpy(char *dst, const char *src, size_t siz); -+#endif -+ -+#if !HAVE_STRLCAT - size_t strlcat(char *dst, const char *src, size_t siz); -+#endif -+ -+#if !HAVE_STRNSTR - char *strnstr(const char *str, const char *find, size_t str_len); -+#endif -+ -+#if !HAVE_STRMODE - void strmode(mode_t mode, char *str); -+#endif - - #if !defined(__GLIBC__) || \ - (defined(__GLIBC__) && (!__GLIBC_PREREQ(2, 25) || !defined(_GNU_SOURCE))) -diff --git a/src/fpurge.c b/src/fpurge.c -index 350f364..ff7f01e 100644 ---- a/src/fpurge.c -+++ b/src/fpurge.c -@@ -26,9 +26,10 @@ - - #include - #include --#include - - #ifdef HAVE___FPURGE -+#include -+ - int - fpurge(FILE *fp) - { -@@ -41,6 +42,36 @@ fpurge(FILE *fp) - - return 0; - } -+/* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin 1.7 */ -+#elif HAVE_FPURGE -+int -+fpurge(FILE *fp) -+{ -+ if (fp == NULL || fileno(fp) < 0) { -+ errno = EBADF; -+ return EOF; -+ } -+ -+ /* Call the system's fpurge function. */ -+#undef fpurge -+#if !HAVE_DECL_FPURGE -+ extern int fpurge (FILE *); -+#endif -+ int result = fpurge (fp); -+/* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin */ -+#if defined(__sferror) || defined(__DragonFly__) -+ if (result == 0) -+ /* Correct the invariants that fpurge broke. -+ on BSD systems says: -+ "The following always hold: if _flags & __SRD, _w is 0." -+ If this invariant is not fulfilled and the stream is read-write but -+ currently reading, subsequent putc or fputc calls will write directly -+ into the buffer, although they shouldn't be allowed to. */ -+ if ((fp->_flags & __SRD) != 0) -+ fp->_w = 0; -+#endif -+ return result; -+} - #else - #error "Function fpurge() needs to be ported." - #endif -diff --git a/src/funopen.c b/src/funopen.c -index 1e6f43a..3a3af6a 100644 ---- a/src/funopen.c -+++ b/src/funopen.c -@@ -143,6 +143,7 @@ funopen(const void *cookie, - * they will not add the needed support to implement it. Just ignore this - * interface there, as it has never been provided anyway. - */ -+#elif defined(__MACH__) - #else - #error "Function funopen() needs to be ported or disabled." - #endif -diff --git a/src/local-link.h b/src/local-link.h -index 6782d9a..fb76098 100644 ---- a/src/local-link.h -+++ b/src/local-link.h -@@ -29,6 +29,12 @@ - - #include - -+#ifdef __MACH__ -+#define libbsd_link_warning(symbol, msg) -+#define libbsd_symver_default(alias, symbol, version) -+#define libbsd_symver_variant(alias, symbol, version) -+#define libbsd_symver_weak(alias, symbol, version) -+#else - #define libbsd_link_warning(symbol, msg) \ - static const char libbsd_emit_link_warning_##symbol[] \ - __attribute__((__used__,__section__(".gnu.warning." #symbol))) = msg -@@ -68,3 +74,4 @@ - #endif - - #endif -+#endif -diff --git a/src/nlist.c b/src/nlist.c -index 1cb9d18..b476f1e 100644 ---- a/src/nlist.c -+++ b/src/nlist.c -@@ -41,6 +41,7 @@ - #include - #include - -+#if !HAVE_NLIST_H - #include "local-elf.h" - - /* Note: This function is used by libkvm0, so we need to export it. -@@ -277,3 +278,4 @@ nlist(const char *name, struct nlist *list) - (void)close(fd); - return (n); - } -+#endif -diff --git a/src/pwcache.c b/src/pwcache.c -index d54daa0..74fde9f 100644 ---- a/src/pwcache.c -+++ b/src/pwcache.c -@@ -191,6 +191,7 @@ grptb_start(void) - return 0; - } - -+#if !HAVE_USER_FROM_UID - /* - * user_from_uid() - * caches the name (if any) for the uid. If noname clear, we always -@@ -251,7 +252,9 @@ user_from_uid(uid_t uid, int noname) - } - return ptr->name; - } -+#endif - -+#if !HAVE_USER_FROM_UID - /* - * group_from_gid() - * caches the name (if any) for the gid. If noname clear, we always -@@ -312,6 +315,7 @@ group_from_gid(gid_t gid, int noname) - } - return ptr->name; - } -+#endif - - /* - * uid_from_user() -diff --git a/src/readpassphrase.c b/src/readpassphrase.c -index f9f6195..2bc5fb4 100644 ---- a/src/readpassphrase.c -+++ b/src/readpassphrase.c -@@ -36,6 +36,14 @@ - #define TCSASOFT 0 - #endif - -+#ifndef _SIGMAX -+#define _SIGMAX 64 -+#endif -+ -+#ifndef _NSIG -+#define _NSIG (_SIGMAX + 1) -+#endif -+ - static volatile sig_atomic_t signo[_NSIG]; - - static void handler(int); -diff --git a/src/setproctitle.c b/src/setproctitle.c -index d3e1087..0e5f64c 100644 ---- a/src/setproctitle.c -+++ b/src/setproctitle.c -@@ -33,6 +33,10 @@ - #include - #include "local-link.h" - -+#ifdef __MACH__ -+extern char **environ; -+#endif -+ - static struct { - /* Original value. */ - const char *arg0; -@@ -291,7 +295,8 @@ libbsd_symver_default(setproctitle, setproctitle_impl, LIBBSD_0.5); - * in 0.5, make the implementation available in the old version as an alias - * for code linking against that version, and change the default to use the - * new version, so that new code depends on the implemented version. */ --#ifdef HAVE_TYPEOF -+#ifdef __MACH__ -+#elif defined(HAVE_TYPEOF) - extern __typeof__(setproctitle_impl) - setproctitle_stub - __attribute__((__alias__("setproctitle_impl"))); -diff --git a/src/strlcat.c b/src/strlcat.c -index 14c53a1..5961c17 100644 ---- a/src/strlcat.c -+++ b/src/strlcat.c -@@ -26,6 +26,7 @@ - * Returns strlen(src) + MIN(dsize, strlen(initial dst)). - * If retval >= dsize, truncation occurred. - */ -+#if !HAVE_STRLCAT - size_t - strlcat(char *dst, const char *src, size_t dsize) - { -@@ -53,3 +54,4 @@ strlcat(char *dst, const char *src, size_t dsize) - - return(dlen + (src - osrc)); /* count does not include NUL */ - } -+#endif -diff --git a/src/strlcpy.c b/src/strlcpy.c -index e9a7fe4..5137acb 100644 ---- a/src/strlcpy.c -+++ b/src/strlcpy.c -@@ -24,6 +24,7 @@ - * chars will be copied. Always NUL terminates (unless dsize == 0). - * Returns strlen(src); if retval >= dsize, truncation occurred. - */ -+#if !HAVE_STRLCPY - size_t - strlcpy(char *dst, const char *src, size_t dsize) - { -@@ -48,3 +49,4 @@ strlcpy(char *dst, const char *src, size_t dsize) - - return(src - osrc - 1); /* count does not include NUL */ - } -+#endif -diff --git a/src/strmode.c b/src/strmode.c -index e6afde5..da680c9 100644 ---- a/src/strmode.c -+++ b/src/strmode.c -@@ -32,6 +32,7 @@ - #include - #include - -+#if !HAVE_STRMODE - void - strmode(mode_t mode, char *p) - { -@@ -141,3 +142,4 @@ strmode(mode_t mode, char *p) - *p++ = ' '; /* will be a '+' if ACL's implemented */ - *p = '\0'; - } -+#endif diff --git a/pkgs/development/libraries/libbsd/default.nix b/pkgs/development/libraries/libbsd/default.nix index 0c8040010e72..1925d60f960b 100644 --- a/pkgs/development/libraries/libbsd/default.nix +++ b/pkgs/development/libraries/libbsd/default.nix @@ -1,28 +1,51 @@ { lib , stdenv -, fetchurl +, fetchFromGitLab +, fetchpatch , autoreconfHook , libmd , gitUpdater }: -stdenv.mkDerivation rec { - pname = "libbsd"; - version = "0.11.7"; +# Run `./get-version` for the new value when bumping the Git revision. +let gitVersion = "0.11.7-55-g73b2"; in - src = fetchurl { - url = "https://libbsd.freedesktop.org/releases/${pname}-${version}.tar.xz"; - hash = "sha256-m6oYYFnrvyXAYwjp+ZH9ox9xg8DySTGCbYOqar2KAmE="; +stdenv.mkDerivation { + pname = "libbsd"; + version = "unstable-2023-04-29"; + + src = fetchFromGitLab { + domain = "gitlab.freedesktop.org"; + owner = "libbsd"; + repo = "libbsd"; + rev = "73b25a8f871b3a20f6ff76679358540f95d7dbfd"; + hash = "sha256-LS28taIMjRCl6xqg75eYOIrTDl8PzSa+OvrdiEOP1+U="; }; outputs = [ "out" "dev" "man" ]; - # darwin changes configure.ac which means we need to regenerate - # the configure scripts + enableParallelBuilding = true; + nativeBuildInputs = [ autoreconfHook ]; propagatedBuildInputs = [ libmd ]; - patches = [ ./darwin.patch ]; + patches = [ + # Fix `{get,set}progname(3bsd)` conditionalization + # https://gitlab.freedesktop.org/libbsd/libbsd/-/issues/24 + (fetchpatch { + url = "https://github.com/emilazy/libbsd/commit/0381f8d92873c5a19ced3ff861ee8ffe7825953e.patch"; + hash = "sha256-+RMg5eHLgC4gyX9zXM0ttNf7rd9E3UzJX/7UVCYGXx4="; + }) + ] ++ lib.optionals stdenv.isDarwin [ + # Temporary build system hack from upstream maintainer + # https://gitlab.freedesktop.org/libbsd/libbsd/-/issues/19#note_2017684 + ./darwin-fix-libbsd.sym.patch + ]; + + postPatch = '' + substituteInPlace configure.ac \ + --replace 'm4_esyscmd([./get-version])' '[${gitVersion}]' + ''; passthru.updateScript = gitUpdater { # No nicer place to find latest release. @@ -33,7 +56,7 @@ stdenv.mkDerivation rec { description = "Common functions found on BSD systems"; homepage = "https://libbsd.freedesktop.org/"; license = with licenses; [ beerware bsd2 bsd3 bsdOriginal isc mit ]; - platforms = platforms.linux ++ platforms.darwin; + platforms = platforms.unix; maintainers = with maintainers; [ matthewbauer ]; }; } From 935c3fe4062fbf52f70b0ddc263f70d1a37c5edb Mon Sep 17 00:00:00 2001 From: Emily Date: Fri, 4 Aug 2023 08:47:23 +0100 Subject: [PATCH 09/95] libbsd: enable tests --- pkgs/development/libraries/libbsd/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/libraries/libbsd/default.nix b/pkgs/development/libraries/libbsd/default.nix index 1925d60f960b..5943d697f6f1 100644 --- a/pkgs/development/libraries/libbsd/default.nix +++ b/pkgs/development/libraries/libbsd/default.nix @@ -26,6 +26,8 @@ stdenv.mkDerivation { enableParallelBuilding = true; + doCheck = true; + nativeBuildInputs = [ autoreconfHook ]; propagatedBuildInputs = [ libmd ]; From a227fd1fe78ec19e7d823ef808830e86a705fc12 Mon Sep 17 00:00:00 2001 From: Colin Date: Sun, 30 Jul 2023 00:25:25 +0000 Subject: [PATCH 10/95] xdg-utils: enable cross compilation native build produces binaries with `#!${bash}/bin/sh` as shebang. seems to be a consequence of nixpkgs using bash in the builder, and `patchShebangs` sees that. OTOH cross builds would get `#!/bin/sh` because the builder's bash isn't eligible as a runtime shebang. i can't say which is most "correct" in the context of this tool, but shipping bash in `buildInputs` where `patchShebangs` can see it at least gets us *consistency*. --- pkgs/tools/X11/xdg-utils/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/X11/xdg-utils/default.nix b/pkgs/tools/X11/xdg-utils/default.nix index 35557ce447f1..ed8b1363d5f8 100644 --- a/pkgs/tools/X11/xdg-utils/default.nix +++ b/pkgs/tools/X11/xdg-utils/default.nix @@ -2,6 +2,7 @@ , file, libxslt, docbook_xml_dtd_412, docbook_xsl, xmlto , w3m, gnugrep, gnused, coreutils, xset, perlPackages , mimiSupport ? false, gawk +, bash , glib , withXdgOpenUsePortalPatch ? true }: @@ -48,6 +49,9 @@ stdenv.mkDerivation rec { # just needed when built from git nativeBuildInputs = [ libxslt docbook_xml_dtd_412 docbook_xsl xmlto w3m ]; + # explicitly provide a runtime shell so patchShebangs is consistent across build platforms + buildInputs = [ bash ]; + postInstall = lib.optionalString mimiSupport '' cp ${mimisrc}/xdg-open $out/bin/xdg-open '' + '' @@ -83,6 +87,5 @@ stdenv.mkDerivation rec { license = if mimiSupport then licenses.gpl2 else licenses.free; maintainers = [ maintainers.eelco ]; platforms = platforms.all; - broken = !(stdenv.buildPlatform.canExecute stdenv.hostPlatform); }; } From 5ee69670071f583bdffe2718dc46763fa1698f92 Mon Sep 17 00:00:00 2001 From: Colin Date: Mon, 7 Aug 2023 07:29:03 +0000 Subject: [PATCH 11/95] gtk3: compile schemas even when cross compiling without this applications won't locate gtk3's schemas even if they're on XDG_DATA_DIRS. this patch solves runtime errors of the form: ``` Settings schema 'org.gtk.Settings.FileChooser' is not installed ``` --- pkgs/development/libraries/gtk/3.x.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/gtk/3.x.nix b/pkgs/development/libraries/gtk/3.x.nix index a527faf5a8be..792f305a83ba 100644 --- a/pkgs/development/libraries/gtk/3.x.nix +++ b/pkgs/development/libraries/gtk/3.x.nix @@ -24,6 +24,7 @@ , gobject-introspection , buildPackages , withIntrospection ? stdenv.hostPlatform.emulatorAvailable buildPackages +, compileSchemas ? stdenv.hostPlatform.emulatorAvailable buildPackages , fribidi , xorg , libepoxy @@ -110,7 +111,7 @@ stdenv.mkDerivation (finalAttrs: { gtk-doc # For xmllint libxml2 - ] ++ lib.optionals (withIntrospection && !stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ + ] ++ lib.optionals ((withIntrospection || compileSchemas) && !stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ mesonEmulatorHook ] ++ lib.optionals waylandSupport [ wayland-scanner @@ -183,6 +184,10 @@ stdenv.mkDerivation (finalAttrs: { substituteInPlace meson.build \ --replace "x11_enabled = false" "" + # this conditional gates the installation of share/gsettings-schemas/.../glib-2.0/schemas/gschemas.compiled. + substituteInPlace meson.build \ + --replace 'if not meson.is_cross_build()' 'if ${lib.boolToString compileSchemas}' + files=( build-aux/meson/post-install.py demos/gtk-demo/geninclude.py From 7a1c5e3a5d1ff82c8afa659c7f903d5309d5de6a Mon Sep 17 00:00:00 2001 From: Colin Date: Mon, 7 Aug 2023 07:50:25 +0000 Subject: [PATCH 12/95] gtk4: compile schemas even when cross compiling --- pkgs/development/libraries/gtk/4.x.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/development/libraries/gtk/4.x.nix b/pkgs/development/libraries/gtk/4.x.nix index b7e8c13ccca6..0503ac199f90 100644 --- a/pkgs/development/libraries/gtk/4.x.nix +++ b/pkgs/development/libraries/gtk/4.x.nix @@ -1,5 +1,6 @@ { lib , stdenv +, buildPackages , substituteAll , fetchurl , pkg-config @@ -7,6 +8,7 @@ , graphene , gi-docgen , meson +, mesonEmulatorHook , ninja , python3 , makeWrapper @@ -45,6 +47,7 @@ , wayland-scanner , xineramaSupport ? stdenv.isLinux , cupsSupport ? stdenv.isLinux +, compileSchemas ? stdenv.hostPlatform.emulatorAvailable buildPackages , cups , AppKit , Cocoa @@ -99,6 +102,8 @@ stdenv.mkDerivation rec { sassc gi-docgen libxml2 # for xmllint + ] ++ lib.optionals (compileSchemas && !stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ + mesonEmulatorHook ] ++ lib.optionals waylandSupport [ wayland-scanner ] ++ setupHooks; @@ -190,6 +195,10 @@ stdenv.mkDerivation rec { }; postPatch = '' + # this conditional gates the installation of share/gsettings-schemas/.../glib-2.0/schemas/gschemas.compiled. + substituteInPlace meson.build \ + --replace 'if not meson.is_cross_build()' 'if ${lib.boolToString compileSchemas}' + files=( build-aux/meson/gen-demo-header.py demos/gtk-demo/geninclude.py From e647b4f55cd2f93fd09f8a08ff2a4e778e747bbd Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 8 Aug 2023 21:12:22 +0000 Subject: [PATCH 13/95] libksba: 1.6.3 -> 1.6.4 --- pkgs/development/libraries/libksba/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libksba/default.nix b/pkgs/development/libraries/libksba/default.nix index d7f5aa24c155..9b1716ecc6df 100644 --- a/pkgs/development/libraries/libksba/default.nix +++ b/pkgs/development/libraries/libksba/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "libksba"; - version = "1.6.3"; + version = "1.6.4"; src = fetchurl { url = "mirror://gnupg/libksba/libksba-${version}.tar.bz2"; - hash = "sha256-P3LGjbMJceu/FDZ1J3GUI/Ck1fgQP8n0ocAan6RA3lw="; + hash = "sha256-u7Q/AyuRZNhseB/+QiE6g79PL+6RRV7fpGVFIbiwO2s="; }; outputs = [ "out" "dev" "info" ]; From 81d8fdb6ab4790adc7d85c70e4c58c2a56b0ac93 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Mon, 14 Aug 2023 04:20:00 +0000 Subject: [PATCH 14/95] protobuf: use nixpkgs gtest protobuf>3.20 allows to use the system GTest. Therefore, we can safely remove the logic to use third_party/gmock from `generic-v3-cmake.nix` because it's used only for protobuf>=3.21. --- .../libraries/protobuf/generic-v3-cmake.nix | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix index 384d2d0decb4..1ad4bc8a11b3 100644 --- a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix +++ b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix @@ -31,17 +31,7 @@ let inherit sha256; }; - # re-create submodule logic - postPatch = '' - rm -rf gmock - cp -r ${gtest.src}/googlemock third_party/gmock - cp -r ${gtest.src}/googletest third_party/ - chmod -R a+w third_party/ - - ln -s ../googletest third_party/gmock/gtest - ln -s ../gmock third_party/googletest/googlemock - ln -s $(pwd)/third_party/googletest third_party/googletest/googletest - '' + lib.optionalString stdenv.isDarwin '' + postPatch = lib.optionalString stdenv.isDarwin '' substituteInPlace src/google/protobuf/testing/googletest.cc \ --replace 'tmpnam(b)' '"'$TMPDIR'/foo"' ''; @@ -68,6 +58,7 @@ let ]; buildInputs = [ + gtest zlib ]; @@ -75,8 +66,11 @@ let abseil-cpp ]; + strictDeps = true; + cmakeDir = if lib.versionOlder version "3.22" then "../cmake" else null; cmakeFlags = [ + "-Dprotobuf_USE_EXTERNAL_GTEST=ON" "-Dprotobuf_ABSL_PROVIDER=package" ] ++ lib.optionals (!stdenv.targetPlatform.isStatic) [ "-Dprotobuf_BUILD_SHARED_LIBS=ON" @@ -87,8 +81,7 @@ let (stdenv.targetPlatform.is32bit && lib.versionOlder version "3.22") "-Dprotobuf_BUILD_TESTS=OFF"; - # unfortunately the shared libraries have yet to been patched by nix, thus tests will fail - doCheck = false; + doCheck = true; passthru = { tests = { From 2cd0ae83117083951d7c197a33152b9307e5cb2b Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Mon, 14 Aug 2023 04:20:00 +0000 Subject: [PATCH 15/95] protobuf: use finalAttrs pattern --- .../libraries/protobuf/generic-v3-cmake.nix | 141 +++++++++--------- 1 file changed, 70 insertions(+), 71 deletions(-) diff --git a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix index 1ad4bc8a11b3..0c15dd6a55cf 100644 --- a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix +++ b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix @@ -13,43 +13,44 @@ , version , sha256 -# downstream dependencies + # downstream dependencies , python3 , ... }: -let - self = stdenv.mkDerivation { - pname = "protobuf"; - inherit version; +stdenv.mkDerivation (finalAttrs: { + pname = "protobuf"; + inherit version; - src = fetchFromGitHub { - owner = "protocolbuffers"; - repo = "protobuf"; - rev = "v${version}"; - inherit sha256; - }; + src = fetchFromGitHub { + owner = "protocolbuffers"; + repo = "protobuf"; + rev = "v${version}"; + inherit sha256; + }; - postPatch = lib.optionalString stdenv.isDarwin '' - substituteInPlace src/google/protobuf/testing/googletest.cc \ - --replace 'tmpnam(b)' '"'$TMPDIR'/foo"' - ''; + postPatch = lib.optionalString stdenv.isDarwin '' + substituteInPlace src/google/protobuf/testing/googletest.cc \ + --replace 'tmpnam(b)' '"'$TMPDIR'/foo"' + ''; - patches = lib.optionals (lib.versionOlder version "3.22") [ - # fix protobuf-targets.cmake installation paths, and allow for CMAKE_INSTALL_LIBDIR to be absolute - # https://github.com/protocolbuffers/protobuf/pull/10090 - (fetchpatch { - url = "https://github.com/protocolbuffers/protobuf/commit/a7324f88e92bc16b57f3683403b6c993bf68070b.patch"; - sha256 = "sha256-SmwaUjOjjZulg/wgNmR/F5b8rhYA2wkKAjHIOxjcQdQ="; - }) - ] ++ lib.optionals stdenv.hostPlatform.isStatic [ - ./static-executables-have-no-rpath.patch - ]; + patches = lib.optionals (lib.versionOlder version "3.22") [ + # fix protobuf-targets.cmake installation paths, and allow for CMAKE_INSTALL_LIBDIR to be absolute + # https://github.com/protocolbuffers/protobuf/pull/10090 + (fetchpatch { + url = "https://github.com/protocolbuffers/protobuf/commit/a7324f88e92bc16b57f3683403b6c993bf68070b.patch"; + sha256 = "sha256-SmwaUjOjjZulg/wgNmR/F5b8rhYA2wkKAjHIOxjcQdQ="; + }) + ] ++ lib.optionals stdenv.hostPlatform.isStatic [ + ./static-executables-have-no-rpath.patch + ]; - nativeBuildInputs = let + nativeBuildInputs = + let protobufVersion = "${lib.versions.major version}_${lib.versions.minor version}"; - in [ + in + [ cmake ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ # protoc of the same version must be available for build. For non-cross builds, it's able to @@ -57,55 +58,53 @@ let buildPackages."protobuf${protobufVersion}" ]; - buildInputs = [ - gtest - zlib - ]; + buildInputs = [ + gtest + zlib + ]; - propagatedBuildInputs = [ - abseil-cpp - ]; + propagatedBuildInputs = [ + abseil-cpp + ]; - strictDeps = true; + strictDeps = true; - cmakeDir = if lib.versionOlder version "3.22" then "../cmake" else null; - cmakeFlags = [ - "-Dprotobuf_USE_EXTERNAL_GTEST=ON" - "-Dprotobuf_ABSL_PROVIDER=package" - ] ++ lib.optionals (!stdenv.targetPlatform.isStatic) [ - "-Dprotobuf_BUILD_SHARED_LIBS=ON" - ] - # Tests fail to build on 32-bit platforms; fixed in 3.22 - # https://github.com/protocolbuffers/protobuf/issues/10418 - ++ lib.optional - (stdenv.targetPlatform.is32bit && lib.versionOlder version "3.22") - "-Dprotobuf_BUILD_TESTS=OFF"; + cmakeDir = if lib.versionOlder version "3.22" then "../cmake" else null; + cmakeFlags = [ + "-Dprotobuf_USE_EXTERNAL_GTEST=ON" + "-Dprotobuf_ABSL_PROVIDER=package" + ] ++ lib.optionals (!stdenv.targetPlatform.isStatic) [ + "-Dprotobuf_BUILD_SHARED_LIBS=ON" + ] + # Tests fail to build on 32-bit platforms; fixed in 3.22 + # https://github.com/protocolbuffers/protobuf/issues/10418 + ++ lib.optionals (stdenv.targetPlatform.is32bit && lib.versionOlder version "3.22") [ + "-Dprotobuf_BUILD_TESTS=OFF" + ]; - doCheck = true; + doCheck = true; - passthru = { - tests = { - pythonProtobuf = python3.pkgs.protobuf.override(_: { - protobuf = self; - }); - }; - - inherit abseil-cpp; + passthru = { + tests = { + pythonProtobuf = python3.pkgs.protobuf.override (_: { + protobuf = finalAttrs.finalPackage; + }); }; - meta = { - description = "Google's data interchange format"; - longDescription = '' - Protocol Buffers are a way of encoding structured data in an efficient - yet extensible format. Google uses Protocol Buffers for almost all of - its internal RPC protocols and file formats. - ''; - license = lib.licenses.bsd3; - platforms = lib.platforms.unix; - homepage = "https://developers.google.com/protocol-buffers/"; - maintainers = with lib.maintainers; [ jonringer ]; - mainProgram = "protoc"; - }; + inherit abseil-cpp; }; -in - self + + meta = { + description = "Google's data interchange format"; + longDescription = '' + Protocol Buffers are a way of encoding structured data in an efficient + yet extensible format. Google uses Protocol Buffers for almost all of + its internal RPC protocols and file formats. + ''; + license = lib.licenses.bsd3; + platforms = lib.platforms.unix; + homepage = "https://developers.google.com/protocol-buffers/"; + maintainers = with lib.maintainers; [ jonringer ]; + mainProgram = "protoc"; + }; +}) From 301b33cd74a7f48e713ec69d0954ba1f4c492726 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Mon, 14 Aug 2023 04:20:00 +0000 Subject: [PATCH 16/95] protobuf: add grpc as reverse dependency to passthru.tests --- pkgs/development/libraries/protobuf/generic-v3-cmake.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix index 0c15dd6a55cf..d84540b8620e 100644 --- a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix +++ b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix @@ -15,6 +15,7 @@ # downstream dependencies , python3 +, grpc , ... }: @@ -89,6 +90,7 @@ stdenv.mkDerivation (finalAttrs: { pythonProtobuf = python3.pkgs.protobuf.override (_: { protobuf = finalAttrs.finalPackage; }); + inherit grpc; }; inherit abseil-cpp; From 9e5fabaf13e8d3f6c6f9c756e37bc803164d5a82 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Mon, 14 Aug 2023 04:20:00 +0000 Subject: [PATCH 17/95] protobuf: update meta --- pkgs/development/libraries/protobuf/generic-v3-cmake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix index d84540b8620e..5b5ab87bfcd5 100644 --- a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix +++ b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix @@ -104,8 +104,8 @@ stdenv.mkDerivation (finalAttrs: { its internal RPC protocols and file formats. ''; license = lib.licenses.bsd3; - platforms = lib.platforms.unix; - homepage = "https://developers.google.com/protocol-buffers/"; + platforms = lib.platforms.all; + homepage = "https://protobuf.dev/"; maintainers = with lib.maintainers; [ jonringer ]; mainProgram = "protoc"; }; From 8708ae0e37084d44dfc2d89e5d14731382f82236 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Sat, 19 Aug 2023 07:53:39 +0100 Subject: [PATCH 18/95] bash: disable `bash-malloc` everywhere, not just on `musl` TIme to time I bump into pathological behaviour of `bash` memory allocator. Today's example: $ time { ls /nix/store/ > /dev/null; } real 0m0,965s user 0m0,876s sys 0m0,087s $ time { echo /nix/store/* > /dev/null; } real 2m18,287s user 2m17,946s sys 0m0,125s $ time { echo /nix/store/* > /dev/null; } real 0m1,764s user 0m1,712s sys 0m0,048s Note how initial `echo` takes alsmot 2 minutes to finish. Let's rely on system's allocator instead. After the change initial run is fast again: $ time { echo /nix/store/* > /dev/null; } real 0m1,328s user 0m1,264s sys 0m0,063s --- pkgs/shells/bash/5.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkgs/shells/bash/5.nix b/pkgs/shells/bash/5.nix index 00b4a707ed08..7e815751ef72 100644 --- a/pkgs/shells/bash/5.nix +++ b/pkgs/shells/bash/5.nix @@ -64,6 +64,12 @@ stdenv.mkDerivation rec { ]; configureFlags = [ + # At least on Linux bash memory allocator has pathological performance + # in scenarios involving use of larger memory: + # https://lists.gnu.org/archive/html/bug-bash/2023-08/msg00052.html + # Various distributions default to system allocator. Let's nixpkgs + # do the same. + "--without-bash-malloc" (if interactive then "--with-installed-readline" else "--disable-readline") ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "bash_cv_job_control_missing=nomissing" @@ -77,7 +83,6 @@ stdenv.mkDerivation rec { "bash_cv_dev_fd=standard" "bash_cv_termcap_lib=libncurses" ] ++ lib.optionals (stdenv.hostPlatform.libc == "musl") [ - "--without-bash-malloc" "--disable-nls" ]; From 2f755a79da0689887154a5c582308808456753b2 Mon Sep 17 00:00:00 2001 From: OPNA2608 Date: Tue, 22 Aug 2023 06:42:07 +0200 Subject: [PATCH 19/95] libsForQt5.qtwayland: Fix cross Build needs to run wayland-scanner, so needs a native wayland. --- pkgs/development/libraries/qt-5/modules/qtwayland.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/qt-5/modules/qtwayland.nix b/pkgs/development/libraries/qt-5/modules/qtwayland.nix index edb15b0b48b1..0faabf3752a2 100644 --- a/pkgs/development/libraries/qt-5/modules/qtwayland.nix +++ b/pkgs/development/libraries/qt-5/modules/qtwayland.nix @@ -1,10 +1,10 @@ -{ qtModule, qtbase, qtquickcontrols, wayland, pkg-config }: +{ qtModule, qtbase, qtquickcontrols, wayland, wayland-scanner, pkg-config }: qtModule { pname = "qtwayland"; qtInputs = [ qtbase qtquickcontrols ]; buildInputs = [ wayland ]; - nativeBuildInputs = [ pkg-config ]; + nativeBuildInputs = [ pkg-config wayland-scanner ]; outputs = [ "out" "dev" "bin" ]; patches = [ # NixOS-specific, ensure that app_id is correctly determined for From b9a010e21350218264ece5757f0bea1a2c1760d4 Mon Sep 17 00:00:00 2001 From: Randy Eckenrode Date: Sun, 16 Jul 2023 12:10:49 -0600 Subject: [PATCH 20/95] gperf_3_0: fix build with clang 16 * Apply the patch used for gperf 3.1 in 58f559cdb0de5c88f75b397f9ed7229bec898034; and * Include `string.h` unconditionally in `lib/getopt.c`. --- pkgs/development/tools/misc/gperf/3.0.x.nix | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/pkgs/development/tools/misc/gperf/3.0.x.nix b/pkgs/development/tools/misc/gperf/3.0.x.nix index f83b245417ee..8a2fdf6ec4b3 100644 --- a/pkgs/development/tools/misc/gperf/3.0.x.nix +++ b/pkgs/development/tools/misc/gperf/3.0.x.nix @@ -10,7 +10,18 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ autoreconfHook ]; - patches = [ ./gperf-ar-fix.patch ]; + patches = [ + ./gperf-ar-fix.patch + # Clang 16 defaults to C++17, which does not allow `register` as a storage class specifier. + ./gperf-c++17-register-fix.patch + ]; + + # Replace the conditional inclusion of `string.h` on VMS with unconditional inclusion on all + # platforms. Otherwise, clang 16 fails to build gperf due to use of undeclared library functions. + postPatch = '' + sed '/#ifdef VMS/{N;N;N;N;N;s/.*/#include /}' -i lib/getopt.c + ''; + meta = { description = "Perfect hash function generator"; From dfc00b41c6ddaa64fb12f790ebb866fb752cc741 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 1 Sep 2023 02:45:41 +0000 Subject: [PATCH 21/95] imlib2: 1.11.1 -> 1.12.0 --- pkgs/development/libraries/imlib2/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/imlib2/default.nix b/pkgs/development/libraries/imlib2/default.nix index 4f3c956a440d..21a5fccac30a 100644 --- a/pkgs/development/libraries/imlib2/default.nix +++ b/pkgs/development/libraries/imlib2/default.nix @@ -29,11 +29,11 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "imlib2"; - version = "1.11.1"; + version = "1.12.0"; src = fetchurl { url = "mirror://sourceforge/enlightenment/${finalAttrs.pname}-${finalAttrs.version}.tar.xz"; - hash = "sha256-9xK2u53K1G2Lj0rVJhDcu667TMgLX9EvkxJNOjgPpr8="; + hash = "sha256-lf9dTMF92fk0wuetFRw2DzCIgKCnhJpspDt8e5pLshY="; }; buildInputs = [ From 29055efa16064eb88d8d46bcc69b18e9c25768bb Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 1 Sep 2023 03:47:53 +0000 Subject: [PATCH 22/95] unixODBC: 2.3.11 -> 2.3.12 --- pkgs/development/libraries/unixODBC/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/unixODBC/default.nix b/pkgs/development/libraries/unixODBC/default.nix index 90398e5aef25..8587ad6d2c3c 100644 --- a/pkgs/development/libraries/unixODBC/default.nix +++ b/pkgs/development/libraries/unixODBC/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "unixODBC"; - version = "2.3.11"; + version = "2.3.12"; src = fetchurl { urls = [ "ftp://ftp.unixodbc.org/pub/unixODBC/${pname}-${version}.tar.gz" "https://www.unixodbc.org/${pname}-${version}.tar.gz" ]; - sha256 = "sha256-2eVcjnEYNH48ZshzOIVtrRUWtJD7fHVsFWKiwmfHO1w="; + sha256 = "sha256-8hBQFEXOIb9ge6Ue+MEl4Q4i3/3/7Dd2RkYt9fAZFew="; }; configureFlags = [ "--disable-gui" "--sysconfdir=/etc" ]; From 57446b6d132355abce314bfe7e557cabd7312ca3 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Sat, 2 Sep 2023 04:20:00 +0000 Subject: [PATCH 23/95] imlib2: update changelog --- pkgs/development/libraries/imlib2/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/libraries/imlib2/default.nix b/pkgs/development/libraries/imlib2/default.nix index 21a5fccac30a..f85ec4d96b39 100644 --- a/pkgs/development/libraries/imlib2/default.nix +++ b/pkgs/development/libraries/imlib2/default.nix @@ -84,7 +84,7 @@ stdenv.mkDerivation (finalAttrs: { ''; homepage = "https://docs.enlightenment.org/api/imlib2/html"; - changelog = "https://git.enlightenment.org/legacy/imlib2.git/plain/ChangeLog?h=v${version}"; + changelog = "https://git.enlightenment.org/old/legacy-imlib2/raw/tag/v${finalAttrs.version}/ChangeLog"; license = licenses.imlib2; pkgConfigModules = [ "imlib2" ]; platforms = platforms.unix; From 718d63a44a7634867a837d09156629317ef05114 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Thu, 31 Aug 2023 16:07:21 +0100 Subject: [PATCH 24/95] linuxHeaders: 6.4 -> 6.5 --- pkgs/os-specific/linux/kernel-headers/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index b1c0d3ba50db..ff40e585b1d8 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -111,12 +111,12 @@ let in { inherit makeLinuxHeaders; - linuxHeaders = let version = "6.4"; in + linuxHeaders = let version = "6.5"; in makeLinuxHeaders { inherit version; src = fetchurl { url = "mirror://kernel/linux/kernel/v${lib.versions.major version}.x/linux-${version}.tar.xz"; - hash = "sha256-j6BYjwws7KRMrHeg45ukjJ8AprncaXYcAqXT76yNp/M="; + hash = "sha256-eldLvCCALqdrUsp/rwcmf3IEXoYbGJFcUnKpjCer+IQ="; }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms From a25d6143c6517218a470298cf826737ef623fab3 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Tue, 5 Sep 2023 09:24:28 +0100 Subject: [PATCH 25/95] which: enable 64-bit API on 32-bit systems Without the change `which` fails to find programs on filesystems with 64-bit inodes when `which` itself is 32-bit. In my case it is `btrfs` and `i686-linux`. `bison` is in the PATH: $ dev>bison bison: missing operand Try 'bison --help' for more information. But `which` fails to find it: $ which bison which: no bison in ... `bison` is a file with an inode number that overflows 2^31 limit: $ stat ~/bin/bison File: ~/bin/bison Size: 674260 Blocks: 1320 IO Block: 4096 regular file Device: 0,29 Inode: 4384368825 Links: 2 Access: (0555/-r-xr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2023-09-05 04:48:43.000000000 +0100 Modify: 1970-01-01 01:00:01.000000000 +0100 Change: 2023-09-05 04:48:43.821566578 +0100 Birth: 2023-09-05 04:48:43.772565733 +0100 The change fixes `which` run. --- pkgs/tools/system/which/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkgs/tools/system/which/default.nix b/pkgs/tools/system/which/default.nix index aecf68e8c7fa..82316541f4c7 100644 --- a/pkgs/tools/system/which/default.nix +++ b/pkgs/tools/system/which/default.nix @@ -12,6 +12,13 @@ stdenv.mkDerivation rec { strictDeps = true; enableParallelBuilding = true; + env.NIX_CFLAGS_COMPILE = toString ( + # Enable 64-bit file API. Otherwise `which` fails to find tools + # on filesystems with 64-bit inodes (like `btrfs`) when running + # binaries from 32-bit systems (like `i686-linux`). + lib.optional stdenv.hostPlatform.is32bit "-D_FILE_OFFSET_BITS=64" + ); + meta = with lib; { homepage = "https://www.gnu.org/software/which/"; description = "Shows the full path of (shell) commands"; From 047f87f3859d82a1f793fbfe08873a23d7f4df3e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 5 Sep 2023 18:20:37 +0000 Subject: [PATCH 26/95] libavif: 0.11.1 -> 1.0.1 --- pkgs/development/libraries/libavif/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libavif/default.nix b/pkgs/development/libraries/libavif/default.nix index 3042dad31e17..27aaef546433 100644 --- a/pkgs/development/libraries/libavif/default.nix +++ b/pkgs/development/libraries/libavif/default.nix @@ -19,13 +19,13 @@ in stdenv.mkDerivation rec { pname = "libavif"; - version = "0.11.1"; + version = "1.0.1"; src = fetchFromGitHub { owner = "AOMediaCodec"; repo = pname; rev = "v${version}"; - sha256 = "sha256-mUi0DU99XV3FzUZ8/9uJZU+W3fc6Bk6+y6Z78IRZ9Qs="; + sha256 = "sha256-3zNhKl8REWsRlblXIFD7zn7qvrc/pa4wHZI0oEc3pKE="; }; # reco: encode libaom slowest but best, decode dav1d fastest From db8f2d6e5830630f9600e7bb9b904c2ad943bb7d Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 5 Sep 2023 23:24:38 +0000 Subject: [PATCH 27/95] maturin: 1.2.2 -> 1.2.3 --- pkgs/development/tools/rust/maturin/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/rust/maturin/default.nix b/pkgs/development/tools/rust/maturin/default.nix index 8780b8892fa1..4b66ecfa4674 100644 --- a/pkgs/development/tools/rust/maturin/default.nix +++ b/pkgs/development/tools/rust/maturin/default.nix @@ -9,16 +9,16 @@ rustPlatform.buildRustPackage rec { pname = "maturin"; - version = "1.2.2"; + version = "1.2.3"; src = fetchFromGitHub { owner = "PyO3"; repo = "maturin"; rev = "v${version}"; - hash = "sha256-uaDTL6dfH+zqjMbLtgLaZRe91mDuyKA0afw+3LFF+1U="; + hash = "sha256-hxtT5cL1PTXkTXGB0nVPhMI8Vlqrk4q2MHW0KGosFwc="; }; - cargoHash = "sha256-DF8O3YrHr0tBStnmnUUUF4QaZcoXYCCweZoEig4etQA="; + cargoHash = "sha256-IZWh/Bp9TdB+flc1PXVkwrIdOr83TFk6X6O5M0FVaO4="; buildInputs = lib.optionals stdenv.isDarwin [ Security libiconv ]; From 57e995b37696119a23726c122a1c4928cf214058 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 6 Sep 2023 02:15:05 +0000 Subject: [PATCH 28/95] re2: 2023-08-01 -> 2023-09-01 --- pkgs/development/libraries/re2/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/re2/default.nix b/pkgs/development/libraries/re2/default.nix index adaef49976a7..c5f74854f77c 100644 --- a/pkgs/development/libraries/re2/default.nix +++ b/pkgs/development/libraries/re2/default.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { pname = "re2"; - version = "2023-08-01"; + version = "2023-09-01"; src = fetchFromGitHub { owner = "google"; repo = "re2"; rev = version; - hash = "sha256-RexwqNR/Izf2Rzu1cvMw+le6C4EmL4CeWCOc+vXUBZQ="; + hash = "sha256-dCEkwjIs8ITVUZ4N0+qeGoShGNqKkdvJ88teyGKN6pg="; }; outputs = [ "out" "dev" ]; From f2e1dad58bb2a441e062420990e9a3cdaf963550 Mon Sep 17 00:00:00 2001 From: Randy Eckenrode Date: Tue, 5 Sep 2023 21:13:38 -0400 Subject: [PATCH 29/95] ffmpeg_4: fix crash with clang 16 ffmpeg_4 crashes in `ff_seek_frame_binary` due to UB and optimizations clang 16 performs. This is fixed upstream in ffmpeg_5, but the patch can be made to apply to ffmpeg_4. --- pkgs/development/libraries/ffmpeg/4.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pkgs/development/libraries/ffmpeg/4.nix b/pkgs/development/libraries/ffmpeg/4.nix index 905e93de7a7f..5e380a1fc08d 100644 --- a/pkgs/development/libraries/ffmpeg/4.nix +++ b/pkgs/development/libraries/ffmpeg/4.nix @@ -7,5 +7,17 @@ import ./generic.nix rec { url = "https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/031f1561cd286596cdb374da32f8aa816ce3b135"; hash = "sha256-mSnmAkoNikDpxcN+A/hpB7mUbbtcMvm4tG6gZFuroe8="; } + # The upstream patch isn’t for ffmpeg 4, but it will apply with a few tweaks. + # Fixes a crash when built with clang 16 due to UB in ff_seek_frame_binary. + { + name = "utils-fix_crash_in_ff_seek_frame_binary.patch"; + url = "https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/ab792634197e364ca1bb194f9abe36836e42f12d"; + hash = "sha256-UxZ4VneZpw+Q/UwkEUDNdb2nOx1QnMrZ40UagspNTxI="; + postFetch = '' + substituteInPlace "$out" \ + --replace libavformat/seek.c libavformat/utils.c \ + --replace 'const AVInputFormat *const ' 'const AVInputFormat *' + ''; + } ]; } From 9db1e83c07dd7006889deb839ceb83e8b0102101 Mon Sep 17 00:00:00 2001 From: Randy Eckenrode Date: Tue, 5 Sep 2023 18:57:08 -0400 Subject: [PATCH 30/95] libmodplug: fix build with clang 16 Remove usage of the register storage class, which is not allowed in C++17 (the default for clang 16). --- pkgs/development/libraries/libmodplug/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkgs/development/libraries/libmodplug/default.nix b/pkgs/development/libraries/libmodplug/default.nix index 69c36dc718cb..334dfa9d8015 100644 --- a/pkgs/development/libraries/libmodplug/default.nix +++ b/pkgs/development/libraries/libmodplug/default.nix @@ -9,6 +9,11 @@ stdenv.mkDerivation rec { sha256 = "1pnri98a603xk47smnxr551svbmgbzcw018mq1k6srbrq6kaaz25"; }; + # Unfortunately, upstream appears inactive and the patches from the fork don’t apply cleanly. + # Modify `src/fastmix.cpp` to remove usage of the register storage class, which is + # not allowed in C++17 and is an error in clang 16. + prePatch = "substituteInPlace src/fastmix.cpp --replace 'register ' ''"; + outputs = [ "out" "dev" ]; preConfigure = '' From 7fc80bcd4e5b1a5fb314d08a9a9a054e4ec875bd Mon Sep 17 00:00:00 2001 From: Randy Eckenrode Date: Mon, 4 Sep 2023 22:22:42 -0400 Subject: [PATCH 31/95] python3Packages.scipy: support for disabling tests Adapt the logic from pytestCheckHook to the custom check phase used by scipy. Co-authored-by: Doron Behar --- .../python-modules/scipy/default.nix | 39 +++++++++++++++++-- 1 file changed, 36 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/scipy/default.nix b/pkgs/development/python-modules/scipy/default.nix index e58a165f5cca..79d5a6688bb0 100644 --- a/pkgs/development/python-modules/scipy/default.nix +++ b/pkgs/development/python-modules/scipy/default.nix @@ -14,7 +14,7 @@ , pythran , wheel , nose -, pytest +, pytestCheckHook , pytest-xdist , numpy , pybind11 @@ -107,7 +107,11 @@ in buildPythonPackage { __darwinAllowLocalNetworking = true; - nativeCheckInputs = [ nose pytest pytest-xdist ]; + nativeCheckInputs = [ + nose + pytestCheckHook + pytest-xdist + ]; doCheck = !(stdenv.isx86_64 && stdenv.isDarwin); @@ -145,9 +149,38 @@ in buildPythonPackage { checkPhase = '' runHook preCheck + + # Adapted from pytestCheckHook because scipy uses a custom check phase. + # It needs to pass `$args` as a Python list to `scipy.test` rather than as + # arguments to pytest on the command-line. + args="" + if [ -n "$disabledTests" ]; then + disabledTestsString=$(_pytestComputeDisabledTestsString "''${disabledTests[@]}") + args+="'-k','$disabledTestsString'" + fi + + if [ -n "''${disabledTestPaths-}" ]; then + eval "disabledTestPaths=($disabledTestPaths)" + fi + + for path in ''${disabledTestPaths[@]}; do + if [ ! -e "$path" ]; then + echo "Disabled tests path \"$path\" does not exist. Aborting" + exit 1 + fi + args+="''${args:+,}'--ignore=\"$path\"'" + done + args+="''${args:+,}$(printf \'%s\', "''${pytestFlagsArray[@]}")" + args=''${args%,} + pushd "$out" export OMP_NUM_THREADS=$(( $NIX_BUILD_CORES / 4 )) - ${python.interpreter} -c "import scipy, sys; sys.exit(scipy.test('fast', verbose=10, parallel=$NIX_BUILD_CORES) != True)" + ${python.interpreter} -c "import scipy, sys; sys.exit(scipy.test( + 'fast', + verbose=10, + extra_argv=[$args], + parallel=$NIX_BUILD_CORES + ) != True)" popd runHook postCheck ''; From 422ef0420f6fe2183b9c20084662a2d9090386b5 Mon Sep 17 00:00:00 2001 From: Randy Eckenrode Date: Mon, 4 Sep 2023 22:24:46 -0400 Subject: [PATCH 32/95] python3Packages.scipy: disable failing tests on aarch64-darwin Some tests fail on aarch64-darwin when SciPy is built with a newer compiler (such as clang 16). This is not yet fixed upstream, so disable them until they work again. See https://github.com/scipy/scipy/issues/18308 --- pkgs/development/python-modules/scipy/default.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pkgs/development/python-modules/scipy/default.nix b/pkgs/development/python-modules/scipy/default.nix index 79d5a6688bb0..7312e53ed413 100644 --- a/pkgs/development/python-modules/scipy/default.nix +++ b/pkgs/development/python-modules/scipy/default.nix @@ -113,6 +113,17 @@ in buildPythonPackage { pytest-xdist ]; + # The following tests are broken on aarch64-darwin with newer compilers and library versions. + # See https://github.com/scipy/scipy/issues/18308 + disabledTests = lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [ + "test_a_b_neg_int_after_euler_hypergeometric_transformation" + "test_dst4_definition_ortho" + "test_load_mat4_le" + "hyp2f1_test_case47" + "hyp2f1_test_case3" + "test_uint64_max" + ]; + doCheck = !(stdenv.isx86_64 && stdenv.isDarwin); preConfigure = '' From b998eaa96e6539cffd86057bba3fe8aed1b37470 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 8 Sep 2023 05:02:56 +0000 Subject: [PATCH 33/95] hwdata: 0.373 -> 0.374 --- pkgs/os-specific/linux/hwdata/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/hwdata/default.nix b/pkgs/os-specific/linux/hwdata/default.nix index 6c7afffd9cec..a64a0574d8ff 100644 --- a/pkgs/os-specific/linux/hwdata/default.nix +++ b/pkgs/os-specific/linux/hwdata/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "hwdata"; - version = "0.373"; + version = "0.374"; src = fetchFromGitHub { owner = "vcrhonek"; repo = "hwdata"; rev = "v${version}"; - hash = "sha256-KXZodSvY4Szt/gp0iRkx+ngziCaUYvkjnkvjwPj3OwI="; + hash = "sha256-RvjYd8iD6JkGhh6TDy/Qo+UzLxbhPvIJvhl/Rw14lbk="; }; postPatch = '' From 87e5a14f18fde5feda74c9232a010964d89d227f Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 8 Sep 2023 08:01:53 +0000 Subject: [PATCH 34/95] s2n-tls: 1.3.48 -> 1.3.50 --- pkgs/development/libraries/s2n-tls/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/s2n-tls/default.nix b/pkgs/development/libraries/s2n-tls/default.nix index 678aac37e898..c1483f90c433 100644 --- a/pkgs/development/libraries/s2n-tls/default.nix +++ b/pkgs/development/libraries/s2n-tls/default.nix @@ -8,13 +8,13 @@ stdenv.mkDerivation rec { pname = "s2n-tls"; - version = "1.3.48"; + version = "1.3.50"; src = fetchFromGitHub { owner = "aws"; repo = pname; rev = "v${version}"; - sha256 = "sha256-7C1syZAhMv0N+AuE/SuXqhatKhlzDOix4ZDxLRyuWOs="; + sha256 = "sha256-B+znuvQ7TTl2u4rw64ylPywfpr066Yf8Wg0qrdByGRE="; }; nativeBuildInputs = [ cmake ]; From 3eac04a72c45b511054997f3f289721d46885aa9 Mon Sep 17 00:00:00 2001 From: Gaetan Lepage Date: Fri, 8 Sep 2023 11:00:45 +0200 Subject: [PATCH 35/95] protobuf: 3.24.2 -> 3.24.3 --- pkgs/development/libraries/protobuf/3.24.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/protobuf/3.24.nix b/pkgs/development/libraries/protobuf/3.24.nix index 2deb155444ec..60ad747194df 100644 --- a/pkgs/development/libraries/protobuf/3.24.nix +++ b/pkgs/development/libraries/protobuf/3.24.nix @@ -1,6 +1,6 @@ { callPackage, ... } @ args: callPackage ./generic-v3-cmake.nix ({ - version = "3.24.2"; - sha256 = "sha256-yVLszyVtsz1CCzeOkioL4O3mWTFKKVBUyOhwDbC5UqE="; + version = "3.24.3"; + sha256 = "sha256-wXGQW/o674DeLXX2IlyZskl5OrBcSRptOMoJqLQGm94="; } // args) From d9b1d8cfcf8555516ac732e9c8b10c4ed52ffee0 Mon Sep 17 00:00:00 2001 From: Pierre Bourdon Date: Fri, 8 Sep 2023 14:09:03 +0200 Subject: [PATCH 36/95] python310Packages.mypy: ignore broken test on i686 The tests in question rely on specific floating point accuracy and break on Hydra on i686-linux. The test disabling pattern is maybe overly broad, but I couldn't find a better one to cover the three broken checks. --- pkgs/development/python-modules/mypy/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/development/python-modules/mypy/default.nix b/pkgs/development/python-modules/mypy/default.nix index 0528aeaec52b..90fafe527bd7 100644 --- a/pkgs/development/python-modules/mypy/default.nix +++ b/pkgs/development/python-modules/mypy/default.nix @@ -119,6 +119,9 @@ buildPythonPackage rec { "mypyc/test/test_commandline.py" # fails to find hatchling "mypy/test/testpep561.py" + ] ++ lib.optionals stdenv.hostPlatform.isi686 [ + # https://github.com/python/mypy/issues/15221 + "mypyc/test/test_run.py" ]; meta = with lib; { From fccf04b6200b711977dbfe9a59e3356bfe768932 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sun, 23 Jul 2023 23:45:18 +0200 Subject: [PATCH 37/95] treewide: replace -DCMAKE_BUILD_TYPE in cmakeFlags with cmakeBuildType --- pkgs/applications/audio/giada/default.nix | 1 - pkgs/applications/audio/sfizz/default.nix | 2 +- pkgs/applications/audio/spotify-qt/default.nix | 2 +- pkgs/applications/blockchains/aeon/default.nix | 1 - pkgs/applications/blockchains/haven-cli/default.nix | 1 - pkgs/applications/blockchains/monero-cli/default.nix | 1 - pkgs/applications/blockchains/oxen/default.nix | 1 - pkgs/applications/editors/rstudio/default.nix | 1 - pkgs/applications/emulators/vbam/default.nix | 1 - pkgs/applications/graphics/brlcad/default.nix | 1 - pkgs/applications/graphics/krita/generic.nix | 3 ++- pkgs/applications/graphics/paraview/default.nix | 1 - pkgs/applications/misc/huggle/default.nix | 3 ++- pkgs/applications/misc/keyleds/default.nix | 4 +--- pkgs/applications/misc/opentrack/default.nix | 1 - pkgs/applications/networking/qv2ray/default.nix | 1 - pkgs/applications/radio/soapysdr/default.nix | 4 +--- pkgs/applications/science/biology/sortmerna/default.nix | 1 - pkgs/applications/science/electronics/kicad/base.nix | 3 ++- .../science/electronics/openboardview/default.nix | 1 - pkgs/applications/science/logic/cvc4/default.nix | 5 ++--- pkgs/applications/science/logic/cvc5/default.nix | 3 ++- pkgs/applications/science/logic/klee/default.nix | 3 ++- pkgs/applications/video/hyperion-ng/default.nix | 1 - pkgs/applications/video/jellyfin-media-player/default.nix | 1 - pkgs/applications/video/plex-media-player/default.nix | 4 +++- .../window-managers/hyprwm/hyprpicker/default.nix | 2 +- .../kwin-decorations/sierra-breeze-enhanced/default.nix | 1 - pkgs/development/compilers/ldc/generic.nix | 1 - pkgs/development/compilers/llvm/10/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/11/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/12/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/13/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/14/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/15/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/16/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/5/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/6/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/7/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/8/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/9/llvm/default.nix | 3 ++- pkgs/development/compilers/llvm/git/llvm/default.nix | 3 ++- pkgs/development/libraries/flatcc/default.nix | 1 - pkgs/development/libraries/libyang/default.nix | 1 - pkgs/development/libraries/muparserx/default.nix | 4 ---- pkgs/development/libraries/onnxruntime/default.nix | 1 - pkgs/development/libraries/phonon/backends/gstreamer.nix | 4 +--- pkgs/development/libraries/phonon/backends/vlc.nix | 4 +--- pkgs/development/libraries/phonon/default.nix | 4 +--- pkgs/development/libraries/reproc/default.nix | 1 - pkgs/development/libraries/rnnoise-plugin/default.nix | 2 -- pkgs/development/libraries/sentry-native/default.nix | 3 ++- pkgs/development/python-modules/gudhi/default.nix | 1 - pkgs/development/tools/wasmedge/default.nix | 1 - pkgs/games/etlegacy/default.nix | 1 - pkgs/games/lzwolf/default.nix | 1 - pkgs/games/nanosaur/default.nix | 2 -- pkgs/games/nanosaur2/default.nix | 2 -- pkgs/games/openmw/tes3mp.nix | 1 - pkgs/games/otto-matic/default.nix | 2 -- pkgs/misc/drivers/epsonscan2/default.nix | 1 - pkgs/misc/dumb/default.nix | 1 - pkgs/servers/domoticz/default.nix | 1 - pkgs/servers/nosql/arangodb/default.nix | 3 ++- pkgs/servers/tarantool/default.nix | 3 ++- pkgs/tools/graphics/astc-encoder/default.nix | 3 ++- pkgs/tools/misc/aspcud/default.nix | 1 - pkgs/tools/misc/calamares/default.nix | 1 - pkgs/tools/misc/clipboard-jh/default.nix | 3 ++- pkgs/tools/networking/ebpf-verifier/default.nix | 2 -- pkgs/tools/security/sirikali/default.nix | 1 - pkgs/tools/system/nvtop/default.nix | 1 - 72 files changed, 59 insertions(+), 92 deletions(-) diff --git a/pkgs/applications/audio/giada/default.nix b/pkgs/applications/audio/giada/default.nix index d2ccb6d47472..b277175ec102 100644 --- a/pkgs/applications/audio/giada/default.nix +++ b/pkgs/applications/audio/giada/default.nix @@ -41,7 +41,6 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DCMAKE_INSTALL_BINDIR=bin" - "-DCMAKE_BUILD_TYPE=Release" ]; nativeBuildInputs = [ diff --git a/pkgs/applications/audio/sfizz/default.nix b/pkgs/applications/audio/sfizz/default.nix index 05957bf38f2b..4f203a77dc86 100644 --- a/pkgs/applications/audio/sfizz/default.nix +++ b/pkgs/applications/audio/sfizz/default.nix @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { --replace '/usr/bin/zenity' '${gnome.zenity}/bin/zenity' ''; - cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" "-DSFIZZ_TESTS=ON" ]; + cmakeFlags = [ "-DSFIZZ_TESTS=ON" ]; doCheck = true; diff --git a/pkgs/applications/audio/spotify-qt/default.nix b/pkgs/applications/audio/spotify-qt/default.nix index 65a921ed5bf2..d302643eb47d 100644 --- a/pkgs/applications/audio/spotify-qt/default.nix +++ b/pkgs/applications/audio/spotify-qt/default.nix @@ -22,7 +22,7 @@ mkDerivation rec { nativeBuildInputs = [ cmake ]; - cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" "-DCMAKE_INSTALL_PREFIX=" ]; + cmakeFlags = [ "-DCMAKE_INSTALL_PREFIX=" ]; installFlags = [ "DESTDIR=$(out)" ]; diff --git a/pkgs/applications/blockchains/aeon/default.nix b/pkgs/applications/blockchains/aeon/default.nix index 13928c856b99..7928a63b8264 100644 --- a/pkgs/applications/blockchains/aeon/default.nix +++ b/pkgs/applications/blockchains/aeon/default.nix @@ -26,7 +26,6 @@ stdenv.mkDerivation { ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DBUILD_GUI_DEPS=ON" "-DReadline_ROOT_DIR=${readline.dev}" ]; diff --git a/pkgs/applications/blockchains/haven-cli/default.nix b/pkgs/applications/blockchains/haven-cli/default.nix index 2bc3a683ef50..066bbde363ac 100644 --- a/pkgs/applications/blockchains/haven-cli/default.nix +++ b/pkgs/applications/blockchains/haven-cli/default.nix @@ -45,7 +45,6 @@ stdenv.mkDerivation rec { ++ lib.optionals trezorSupport [ libusb1 protobuf python3 ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DUSE_DEVICE_TREZOR=ON" "-DBUILD_GUI_DEPS=ON" "-DReadline_ROOT_DIR=${readline.dev}" diff --git a/pkgs/applications/blockchains/monero-cli/default.nix b/pkgs/applications/blockchains/monero-cli/default.nix index 8322a67dd5a1..2f508897821c 100644 --- a/pkgs/applications/blockchains/monero-cli/default.nix +++ b/pkgs/applications/blockchains/monero-cli/default.nix @@ -58,7 +58,6 @@ stdenv.mkDerivation rec { ++ lib.optionals trezorSupport [ libusb1 protobuf python3 ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DUSE_DEVICE_TREZOR=ON" "-DBUILD_GUI_DEPS=ON" "-DReadline_ROOT_DIR=${readline.dev}" diff --git a/pkgs/applications/blockchains/oxen/default.nix b/pkgs/applications/blockchains/oxen/default.nix index a8948d7df5a1..0136bc910da9 100644 --- a/pkgs/applications/blockchains/oxen/default.nix +++ b/pkgs/applications/blockchains/oxen/default.nix @@ -47,7 +47,6 @@ stdenv.mkDerivation rec { ] ++ lib.optionals trezorSupport [ libusb1 protobuf python3 ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" # "-DUSE_DEVICE_TREZOR=ON" # "-DBUILD_GUI_DEPS=ON" "-DReadline_ROOT_DIR=${readline.dev}" diff --git a/pkgs/applications/editors/rstudio/default.nix b/pkgs/applications/editors/rstudio/default.nix index e854291310b8..a619c636cd53 100644 --- a/pkgs/applications/editors/rstudio/default.nix +++ b/pkgs/applications/editors/rstudio/default.nix @@ -115,7 +115,6 @@ in cmakeFlags = [ "-DRSTUDIO_TARGET=${if server then "Server" else "Desktop"}" - "-DCMAKE_BUILD_TYPE=Release" "-DRSTUDIO_USE_SYSTEM_SOCI=ON" "-DRSTUDIO_USE_SYSTEM_BOOST=ON" "-DRSTUDIO_USE_SYSTEM_YAML_CPP=ON" diff --git a/pkgs/applications/emulators/vbam/default.nix b/pkgs/applications/emulators/vbam/default.nix index 2b252f0f10de..32f3c98fd0ef 100644 --- a/pkgs/applications/emulators/vbam/default.nix +++ b/pkgs/applications/emulators/vbam/default.nix @@ -44,7 +44,6 @@ stdenv.mkDerivation rec { ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE='Release'" "-DENABLE_FFMPEG='true'" "-DENABLE_LINK='true'" "-DSYSCONFDIR=etc" diff --git a/pkgs/applications/graphics/brlcad/default.nix b/pkgs/applications/graphics/brlcad/default.nix index 2a0853fb2212..f30a6acbbbee 100644 --- a/pkgs/applications/graphics/brlcad/default.nix +++ b/pkgs/applications/graphics/brlcad/default.nix @@ -34,7 +34,6 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DBRLCAD_ENABLE_STRICT=OFF" - "-DCMAKE_BUILD_TYPE=Release" ]; meta = with lib; { diff --git a/pkgs/applications/graphics/krita/generic.nix b/pkgs/applications/graphics/krita/generic.nix index 4f16661cedb1..4a946ef8c159 100644 --- a/pkgs/applications/graphics/krita/generic.nix +++ b/pkgs/applications/graphics/krita/generic.nix @@ -47,10 +47,11 @@ mkDerivation rec { --replace 'PYTHONPATH=''${_krita_python_path}' 'PYTHONPATH=${pythonPath}' ''; + cmakeBuildType = "RelWithDebInfo"; + cmakeFlags = [ "-DPYQT5_SIP_DIR=${python3Packages.pyqt5}/${python3Packages.python.sitePackages}/PyQt5/bindings" "-DPYQT_SIP_DIR_OVERRIDE=${python3Packages.pyqt5}/${python3Packages.python.sitePackages}/PyQt5/bindings" - "-DCMAKE_BUILD_TYPE=RelWithDebInfo" ]; preInstall = '' diff --git a/pkgs/applications/graphics/paraview/default.nix b/pkgs/applications/graphics/paraview/default.nix index c50a0ebb7490..14c86082e671 100644 --- a/pkgs/applications/graphics/paraview/default.nix +++ b/pkgs/applications/graphics/paraview/default.nix @@ -45,7 +45,6 @@ in stdenv.mkDerivation rec { ''; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DPARAVIEW_ENABLE_FFMPEG=ON" "-DPARAVIEW_ENABLE_GDAL=ON" "-DPARAVIEW_ENABLE_MOTIONFX=ON" diff --git a/pkgs/applications/misc/huggle/default.nix b/pkgs/applications/misc/huggle/default.nix index a136f1f678ae..3a6f25ede695 100644 --- a/pkgs/applications/misc/huggle/default.nix +++ b/pkgs/applications/misc/huggle/default.nix @@ -40,9 +40,10 @@ stdenv.mkDerivation rec { substituteInPlace src/CMakeLists.txt --replace '@libirc_includes@' '${libirc.out}' ''; + cmakeBuildType = "None"; + cmakeFlags = [ "-S" "/build/source/src" - "-DCMAKE_BUILD_TYPE=None" "-DINSTALL_DATA_DIR=bin" "-DQT5_BUILD=ON" "-DWEB_ENGINE=ON" diff --git a/pkgs/applications/misc/keyleds/default.nix b/pkgs/applications/misc/keyleds/default.nix index c48b30b34dc9..a759b8e393e9 100644 --- a/pkgs/applications/misc/keyleds/default.nix +++ b/pkgs/applications/misc/keyleds/default.nix @@ -52,9 +52,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=MinSizeRel" - ]; + cmakeBuildType = "MinSizeRel"; meta = { homepage = "https://github.com/keyleds/keyleds"; diff --git a/pkgs/applications/misc/opentrack/default.nix b/pkgs/applications/misc/opentrack/default.nix index b4c455c0ce04..84edbc567b41 100644 --- a/pkgs/applications/misc/opentrack/default.nix +++ b/pkgs/applications/misc/opentrack/default.nix @@ -46,7 +46,6 @@ in dontWrapQtApps = true; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=RELEASE" "-DSDK_ARUCO_LIBPATH=${aruco}/lib/libaruco.a" "-DSDK_XPLANE=${xplaneSdk}" ]; diff --git a/pkgs/applications/networking/qv2ray/default.nix b/pkgs/applications/networking/qv2ray/default.nix index bb9bb957f3d3..038d904f453b 100644 --- a/pkgs/applications/networking/qv2ray/default.nix +++ b/pkgs/applications/networking/qv2ray/default.nix @@ -42,7 +42,6 @@ mkDerivation rec { }; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DQV2RAY_DISABLE_AUTO_UPDATE=on" "-DQV2RAY_USE_V5_CORE=on" "-DQV2RAY_TRANSLATION_PATH=${placeholder "out"}/share/qv2ray/lang" diff --git a/pkgs/applications/radio/soapysdr/default.nix b/pkgs/applications/radio/soapysdr/default.nix index e11e2af401b9..201a5055e601 100644 --- a/pkgs/applications/radio/soapysdr/default.nix +++ b/pkgs/applications/radio/soapysdr/default.nix @@ -38,9 +38,7 @@ in stdenv.mkDerivation (finalAttrs: { propagatedBuildInputs = lib.optional usePython python.pkgs.numpy; - cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" - ] ++ lib.optional usePython "-DUSE_PYTHON_CONFIG=ON"; + cmakeFlags = lib.optional usePython "-DUSE_PYTHON_CONFIG=ON"; # https://github.com/pothosware/SoapySDR/issues/352 postPatch = '' diff --git a/pkgs/applications/science/biology/sortmerna/default.nix b/pkgs/applications/science/biology/sortmerna/default.nix index 6884e1955f75..a529867aaa74 100644 --- a/pkgs/applications/science/biology/sortmerna/default.nix +++ b/pkgs/applications/science/biology/sortmerna/default.nix @@ -15,7 +15,6 @@ stdenv.mkDerivation rec { buildInputs = [ zlib rocksdb rapidjson ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DPORTABLE=off" "-DRAPIDJSON_HOME=${rapidjson}" "-DROCKSDB_HOME=${rocksdb}" diff --git a/pkgs/applications/science/electronics/kicad/base.nix b/pkgs/applications/science/electronics/kicad/base.nix index fa9b77037038..3403e410cf85 100644 --- a/pkgs/applications/science/electronics/kicad/base.nix +++ b/pkgs/applications/science/electronics/kicad/base.nix @@ -104,7 +104,6 @@ stdenv.mkDerivation rec { "-DKICAD_BUILD_QA_TESTS=OFF" ] ++ optionals (debug) [ - "-DCMAKE_BUILD_TYPE=Debug" "-DKICAD_STDLIB_DEBUG=ON" "-DKICAD_USE_VALGRIND=ON" ] @@ -115,6 +114,8 @@ stdenv.mkDerivation rec { "-DKICAD_SANITIZE_THREADS=ON" ]; + cmakeBuildType = if debug then "Debug" else "Release"; + nativeBuildInputs = [ cmake doxygen diff --git a/pkgs/applications/science/electronics/openboardview/default.nix b/pkgs/applications/science/electronics/openboardview/default.nix index 715a99cf4897..a750001d05db 100644 --- a/pkgs/applications/science/electronics/openboardview/default.nix +++ b/pkgs/applications/science/electronics/openboardview/default.nix @@ -39,7 +39,6 @@ stdenv.mkDerivation rec { ''; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DGLAD_REPRODUCIBLE=On" ]; diff --git a/pkgs/applications/science/logic/cvc4/default.nix b/pkgs/applications/science/logic/cvc4/default.nix index e9f04d2044dc..1513c7477985 100644 --- a/pkgs/applications/science/logic/cvc4/default.nix +++ b/pkgs/applications/science/logic/cvc4/default.nix @@ -35,9 +35,8 @@ stdenv.mkDerivation rec { preConfigure = '' patchShebangs ./src/ ''; - cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Production" - ]; + + cmakeBuildType = "Production"; meta = with lib; { description = "A high-performance theorem prover and SMT solver"; diff --git a/pkgs/applications/science/logic/cvc5/default.nix b/pkgs/applications/science/logic/cvc5/default.nix index 24bcb16df9d9..9a540f5b5507 100644 --- a/pkgs/applications/science/logic/cvc5/default.nix +++ b/pkgs/applications/science/logic/cvc5/default.nix @@ -21,8 +21,9 @@ stdenv.mkDerivation rec { patchShebangs ./src/ ''; + cmakeBuildType = "Production"; + cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Production" "-DBUILD_SHARED_LIBS=1" "-DANTLR3_JAR=${antlr3_4}/lib/antlr/antlr-3.4-complete.jar" ]; diff --git a/pkgs/applications/science/logic/klee/default.nix b/pkgs/applications/science/logic/klee/default.nix index 401b2f48a6ea..68f68355f816 100644 --- a/pkgs/applications/science/logic/klee/default.nix +++ b/pkgs/applications/science/logic/klee/default.nix @@ -72,10 +72,11 @@ in stdenv.mkDerivation rec { (lit.override { python = kleePython; }) ]; + cmakeBuildType = if debug then "Debug" else if !debug && includeDebugInfo then "RelWithDebInfo" else "MinSizeRel"; + cmakeFlags = let onOff = val: if val then "ON" else "OFF"; in [ - "-DCMAKE_BUILD_TYPE=${if debug then "Debug" else if !debug && includeDebugInfo then "RelWithDebInfo" else "MinSizeRel"}" "-DKLEE_RUNTIME_BUILD_TYPE=${if debugRuntime then "Debug" else "Release"}" "-DLLVMCC=${clang}/bin/clang" "-DLLVMCXX=${clang}/bin/clang++" diff --git a/pkgs/applications/video/hyperion-ng/default.nix b/pkgs/applications/video/hyperion-ng/default.nix index a1eb4086e89c..43bd337ae500 100644 --- a/pkgs/applications/video/hyperion-ng/default.nix +++ b/pkgs/applications/video/hyperion-ng/default.nix @@ -49,7 +49,6 @@ stdenv.mkDerivation rec { '' ; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DENABLE_DEPLOY_DEPENDENCIES=OFF" "-DUSE_SYSTEM_FLATBUFFERS_LIBS=ON" "-DUSE_SYSTEM_PROTO_LIBS=ON" diff --git a/pkgs/applications/video/jellyfin-media-player/default.nix b/pkgs/applications/video/jellyfin-media-player/default.nix index 5c26d20eda98..47afaef81a63 100644 --- a/pkgs/applications/video/jellyfin-media-player/default.nix +++ b/pkgs/applications/video/jellyfin-media-player/default.nix @@ -72,7 +72,6 @@ mkDerivation rec { ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DQTROOT=${qtbase}" "-GNinja" ] ++ lib.optionals (!withDbus) [ diff --git a/pkgs/applications/video/plex-media-player/default.nix b/pkgs/applications/video/plex-media-player/default.nix index 34b6eb9c2862..6a686d9d2c2a 100644 --- a/pkgs/applications/video/plex-media-player/default.nix +++ b/pkgs/applications/video/plex-media-player/default.nix @@ -34,7 +34,9 @@ in mkDerivation rec { ln -s ${webClientTv} build/dependencies/web-client-tv-${webClientTvBuildId}.tar.xz ''; - cmakeFlags = [ "-DCMAKE_BUILD_TYPE=RelWithDebInfo" "-DQTROOT=${qtbase}" ]; + cmakeBuildType = "RelWithDebInfo"; + + cmakeFlags = [ "-DQTROOT=${qtbase}" ]; # plexmediaplayer currently segfaults under wayland qtWrapperArgs = [ "--set" "QT_QPA_PLATFORM" "xcb" ]; diff --git a/pkgs/applications/window-managers/hyprwm/hyprpicker/default.nix b/pkgs/applications/window-managers/hyprwm/hyprpicker/default.nix index 73db7f0353fc..17f53883424c 100644 --- a/pkgs/applications/window-managers/hyprwm/hyprpicker/default.nix +++ b/pkgs/applications/window-managers/hyprwm/hyprpicker/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation (finalAttrs: { hash = "sha256-k+rG5AZjz47Q6bpVcTK7r4s7Avg3O+1iw+skK+cn0rk="; }; - cmakeFlags = lib.optional debug "-DCMAKE_BUILD_TYPE=Debug"; + cmakeBuildType = if debug then "Debug" else "Release"; nativeBuildInputs = [ cmake diff --git a/pkgs/data/themes/kwin-decorations/sierra-breeze-enhanced/default.nix b/pkgs/data/themes/kwin-decorations/sierra-breeze-enhanced/default.nix index 6e9db943c91c..46d6af5f24c4 100644 --- a/pkgs/data/themes/kwin-decorations/sierra-breeze-enhanced/default.nix +++ b/pkgs/data/themes/kwin-decorations/sierra-breeze-enhanced/default.nix @@ -23,7 +23,6 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DCMAKE_INSTALL_PREFIX=$out" - "-DCMAKE_BUILD_TYPE=Release" "-DBUILD_TESTING=OFF" "-DKDE_INSTALL_USE_QT_SYS_PATHS=ON" ]; diff --git a/pkgs/development/compilers/ldc/generic.nix b/pkgs/development/compilers/ldc/generic.nix index f88f4484cfd1..130dcecf1201 100644 --- a/pkgs/development/compilers/ldc/generic.nix +++ b/pkgs/development/compilers/ldc/generic.nix @@ -68,7 +68,6 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DD_FLAGS=-d-version=TZDatabaseDir;-d-version=LibcurlPath;-J${pathConfig}" - "-DCMAKE_BUILD_TYPE=Release" ]; postConfigure = '' diff --git a/pkgs/development/compilers/llvm/10/llvm/default.nix b/pkgs/development/compilers/llvm/10/llvm/default.nix index 6f8ef0b57512..c4e6f2827e82 100644 --- a/pkgs/development/compilers/llvm/10/llvm/default.nix +++ b/pkgs/development/compilers/llvm/10/llvm/default.nix @@ -204,6 +204,8 @@ in stdenv.mkDerivation (rec { ln -sv $PWD/lib $out ''; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -219,7 +221,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/11/llvm/default.nix b/pkgs/development/compilers/llvm/11/llvm/default.nix index a5078ef3b76d..01e6483ad640 100644 --- a/pkgs/development/compilers/llvm/11/llvm/default.nix +++ b/pkgs/development/compilers/llvm/11/llvm/default.nix @@ -212,6 +212,8 @@ in stdenv.mkDerivation (rec { # E.g. mesa.drivers use the build-id as a cache key (see #93946): LDFLAGS = optionalString (enableSharedLibraries && !stdenv.isDarwin) "-Wl,--build-id=sha1"; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -227,7 +229,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/12/llvm/default.nix b/pkgs/development/compilers/llvm/12/llvm/default.nix index 3c724e07bd16..97d8f27672e3 100644 --- a/pkgs/development/compilers/llvm/12/llvm/default.nix +++ b/pkgs/development/compilers/llvm/12/llvm/default.nix @@ -202,6 +202,8 @@ in stdenv.mkDerivation (rec { # E.g. mesa.drivers use the build-id as a cache key (see #93946): LDFLAGS = optionalString (enableSharedLibraries && !stdenv.isDarwin) "-Wl,--build-id=sha1"; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -217,7 +219,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/13/llvm/default.nix b/pkgs/development/compilers/llvm/13/llvm/default.nix index 827e528581cf..2a7c1c1867cb 100644 --- a/pkgs/development/compilers/llvm/13/llvm/default.nix +++ b/pkgs/development/compilers/llvm/13/llvm/default.nix @@ -164,6 +164,8 @@ in stdenv.mkDerivation (rec { # E.g. mesa.drivers use the build-id as a cache key (see #93946): LDFLAGS = optionalString (enableSharedLibraries && !stdenv.isDarwin) "-Wl,--build-id=sha1"; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -179,7 +181,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/14/llvm/default.nix b/pkgs/development/compilers/llvm/14/llvm/default.nix index 06b549983527..081c84c04e06 100644 --- a/pkgs/development/compilers/llvm/14/llvm/default.nix +++ b/pkgs/development/compilers/llvm/14/llvm/default.nix @@ -162,6 +162,8 @@ in stdenv.mkDerivation (rec { # E.g. mesa.drivers use the build-id as a cache key (see #93946): LDFLAGS = optionalString (enableSharedLibraries && !stdenv.isDarwin) "-Wl,--build-id=sha1"; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -177,7 +179,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/15/llvm/default.nix b/pkgs/development/compilers/llvm/15/llvm/default.nix index 7742fc0a186c..e6f339ff6d6d 100644 --- a/pkgs/development/compilers/llvm/15/llvm/default.nix +++ b/pkgs/development/compilers/llvm/15/llvm/default.nix @@ -298,6 +298,8 @@ in stdenv.mkDerivation (rec { # E.g. mesa.drivers use the build-id as a cache key (see #93946): LDFLAGS = optionalString (enableSharedLibraries && !stdenv.isDarwin) "-Wl,--build-id=sha1"; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -313,7 +315,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/16/llvm/default.nix b/pkgs/development/compilers/llvm/16/llvm/default.nix index 8e676f5ad46d..c70f9d37a562 100644 --- a/pkgs/development/compilers/llvm/16/llvm/default.nix +++ b/pkgs/development/compilers/llvm/16/llvm/default.nix @@ -286,6 +286,8 @@ in # E.g. mesa.drivers use the build-id as a cache key (see #93946): LDFLAGS = optionalString (enableSharedLibraries && !stdenv.isDarwin) "-Wl,--build-id=sha1"; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -301,7 +303,6 @@ in "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/5/llvm/default.nix b/pkgs/development/compilers/llvm/5/llvm/default.nix index 219ae190e955..74523490244f 100644 --- a/pkgs/development/compilers/llvm/5/llvm/default.nix +++ b/pkgs/development/compilers/llvm/5/llvm/default.nix @@ -141,6 +141,8 @@ stdenv.mkDerivation (rec { ln -sv $PWD/lib $out ''; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -156,7 +158,6 @@ stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/6/llvm/default.nix b/pkgs/development/compilers/llvm/6/llvm/default.nix index 1c75660c20f5..72e43ba8d1fa 100644 --- a/pkgs/development/compilers/llvm/6/llvm/default.nix +++ b/pkgs/development/compilers/llvm/6/llvm/default.nix @@ -161,6 +161,8 @@ stdenv.mkDerivation (rec { ln -sv $PWD/lib $out ''; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -176,7 +178,6 @@ stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/7/llvm/default.nix b/pkgs/development/compilers/llvm/7/llvm/default.nix index 7bfaef7d00b0..97ac428a7f55 100644 --- a/pkgs/development/compilers/llvm/7/llvm/default.nix +++ b/pkgs/development/compilers/llvm/7/llvm/default.nix @@ -179,6 +179,8 @@ in stdenv.mkDerivation (rec { ln -sv $PWD/lib $out ''; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -194,7 +196,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/8/llvm/default.nix b/pkgs/development/compilers/llvm/8/llvm/default.nix index f95cefb9addd..8a0fea85e260 100644 --- a/pkgs/development/compilers/llvm/8/llvm/default.nix +++ b/pkgs/development/compilers/llvm/8/llvm/default.nix @@ -178,6 +178,8 @@ in stdenv.mkDerivation (rec { ln -sv $PWD/lib $out ''; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -193,7 +195,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/9/llvm/default.nix b/pkgs/development/compilers/llvm/9/llvm/default.nix index b7259ac19150..526030d6b34d 100644 --- a/pkgs/development/compilers/llvm/9/llvm/default.nix +++ b/pkgs/development/compilers/llvm/9/llvm/default.nix @@ -193,6 +193,8 @@ in stdenv.mkDerivation (rec { ln -sv $PWD/lib $out ''; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -208,7 +210,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/compilers/llvm/git/llvm/default.nix b/pkgs/development/compilers/llvm/git/llvm/default.nix index 634cd7829533..66b0a7438cef 100644 --- a/pkgs/development/compilers/llvm/git/llvm/default.nix +++ b/pkgs/development/compilers/llvm/git/llvm/default.nix @@ -283,6 +283,8 @@ in stdenv.mkDerivation (rec { # E.g. mesa.drivers use the build-id as a cache key (see #93946): LDFLAGS = optionalString (enableSharedLibraries && !stdenv.isDarwin) "-Wl,--build-id=sha1"; + cmakeBuildType = if debugVersion then "Debug" else "Release"; + cmakeFlags = with stdenv; let # These flags influence llvm-config's BuildVariables.inc in addition to the # general build. We need to make sure these are also passed via @@ -298,7 +300,6 @@ in stdenv.mkDerivation (rec { "-DLLVM_LINK_LLVM_DYLIB=ON" ]; in flagsForLlvmConfig ++ [ - "-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}" "-DLLVM_INSTALL_UTILS=ON" # Needed by rustc "-DLLVM_BUILD_TESTS=${if doCheck then "ON" else "OFF"}" "-DLLVM_ENABLE_FFI=ON" diff --git a/pkgs/development/libraries/flatcc/default.nix b/pkgs/development/libraries/flatcc/default.nix index a65ad5c6fe37..1f487955b3f3 100644 --- a/pkgs/development/libraries/flatcc/default.nix +++ b/pkgs/development/libraries/flatcc/default.nix @@ -18,7 +18,6 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DFLATCC_INSTALL=on" - "-DCMAKE_BUILD_TYPE=Release" ]; env.NIX_CFLAGS_COMPILE = toString [ diff --git a/pkgs/development/libraries/libyang/default.nix b/pkgs/development/libraries/libyang/default.nix index 9102286746b6..88fdfcca03ca 100644 --- a/pkgs/development/libraries/libyang/default.nix +++ b/pkgs/development/libraries/libyang/default.nix @@ -36,7 +36,6 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DCMAKE_INSTALL_LIBDIR=lib" "-DCMAKE_INSTALL_INCLUDEDIR=include" - "-DCMAKE_BUILD_TYPE:String=Release" ]; passthru.updateScript = gitUpdater { diff --git a/pkgs/development/libraries/muparserx/default.nix b/pkgs/development/libraries/muparserx/default.nix index 2b3d2853d132..8a7d2c8f3646 100644 --- a/pkgs/development/libraries/muparserx/default.nix +++ b/pkgs/development/libraries/muparserx/default.nix @@ -16,10 +16,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ]; - cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" - ]; - doCheck = true; checkPhase = '' echo "***Muparserx self-test***" diff --git a/pkgs/development/libraries/onnxruntime/default.nix b/pkgs/development/libraries/onnxruntime/default.nix index 1b955b57de42..4a9ee61f5614 100644 --- a/pkgs/development/libraries/onnxruntime/default.nix +++ b/pkgs/development/libraries/onnxruntime/default.nix @@ -133,7 +133,6 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DABSL_ENABLE_INSTALL=ON" - "-DCMAKE_BUILD_TYPE=RELEASE" "-DFETCHCONTENT_FULLY_DISCONNECTED=ON" "-DFETCHCONTENT_QUIET=OFF" "-DFETCHCONTENT_SOURCE_DIR_ABSEIL_CPP=${abseil-cpp.src}" diff --git a/pkgs/development/libraries/phonon/backends/gstreamer.nix b/pkgs/development/libraries/phonon/backends/gstreamer.nix index fc0afbe2184c..a94234aec41b 100644 --- a/pkgs/development/libraries/phonon/backends/gstreamer.nix +++ b/pkgs/development/libraries/phonon/backends/gstreamer.nix @@ -58,9 +58,7 @@ stdenv.mkDerivation rec { qttools ]; - cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=${if debug then "Debug" else "Release"}" - ]; + cmakeBuildType = if debug then "Debug" else "Release"; meta = with lib; { homepage = "https://phonon.kde.org/"; diff --git a/pkgs/development/libraries/phonon/backends/vlc.nix b/pkgs/development/libraries/phonon/backends/vlc.nix index 42923d4f026b..a50a07dde1a1 100644 --- a/pkgs/development/libraries/phonon/backends/vlc.nix +++ b/pkgs/development/libraries/phonon/backends/vlc.nix @@ -28,9 +28,7 @@ stdenv.mkDerivation rec { dontWrapQtApps = true; - cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=${if debug then "Debug" else "Release"}" - ]; + cmakeBuildType = if debug then "Debug" else "Release"; meta = with lib; { homepage = "https://community.kde.org/Phonon"; diff --git a/pkgs/development/libraries/phonon/default.nix b/pkgs/development/libraries/phonon/default.nix index 59d9e19556aa..dc95b4ed8266 100644 --- a/pkgs/development/libraries/phonon/default.nix +++ b/pkgs/development/libraries/phonon/default.nix @@ -52,9 +52,7 @@ stdenv.mkDerivation rec { env.NIX_CFLAGS_COMPILE = "-fPIC"; - cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=${if debug then "Debug" else "Release"}" - ]; + cmakeBuildType = if debug then "Debug" else "Release"; dontWrapQtApps = true; diff --git a/pkgs/development/libraries/reproc/default.nix b/pkgs/development/libraries/reproc/default.nix index 2083a6a7af4d..680455d4cb5a 100644 --- a/pkgs/development/libraries/reproc/default.nix +++ b/pkgs/development/libraries/reproc/default.nix @@ -15,7 +15,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DCMAKE_INSTALL_LIBDIR=lib" "-DBUILD_SHARED_LIBS=ON" "-DREPROC++=ON" diff --git a/pkgs/development/libraries/rnnoise-plugin/default.nix b/pkgs/development/libraries/rnnoise-plugin/default.nix index d5f5268ac8eb..39a8f1a4b6a6 100644 --- a/pkgs/development/libraries/rnnoise-plugin/default.nix +++ b/pkgs/development/libraries/rnnoise-plugin/default.nix @@ -49,8 +49,6 @@ stdenv.mkDerivation rec { simd ]; - cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" ]; - meta = with lib; { description = "A real-time noise suppression plugin for voice based on Xiph's RNNoise"; homepage = "https://github.com/werman/noise-suppression-for-voice"; diff --git a/pkgs/development/libraries/sentry-native/default.nix b/pkgs/development/libraries/sentry-native/default.nix index 9f6ac99c6f02..09989fb7bddf 100644 --- a/pkgs/development/libraries/sentry-native/default.nix +++ b/pkgs/development/libraries/sentry-native/default.nix @@ -28,8 +28,9 @@ stdenv.mkDerivation rec { breakpad ]; + cmakeBuildType = "RelWithDebInfo"; + cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=RelWithDebInfo" "-DSENTRY_BREAKPAD_SYSTEM=On" ]; diff --git a/pkgs/development/python-modules/gudhi/default.nix b/pkgs/development/python-modules/gudhi/default.nix index 6fbba605da99..1e0932e62867 100644 --- a/pkgs/development/python-modules/gudhi/default.nix +++ b/pkgs/development/python-modules/gudhi/default.nix @@ -38,7 +38,6 @@ buildPythonPackage rec { nativeCheckInputs = [ pytest ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DWITH_GUDHI_PYTHON=ON" "-DPython_ADDITIONAL_VERSIONS=3" ]; diff --git a/pkgs/development/tools/wasmedge/default.nix b/pkgs/development/tools/wasmedge/default.nix index 741a610c8907..6ebbe75a15bb 100644 --- a/pkgs/development/tools/wasmedge/default.nix +++ b/pkgs/development/tools/wasmedge/default.nix @@ -41,7 +41,6 @@ stdenv.mkDerivation (finalAttrs: { ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DWASMEDGE_BUILD_TESTS=OFF" # Tests are downloaded using git ] ++ lib.optionals stdenv.isDarwin [ "-DWASMEDGE_FORCE_DISABLE_LTO=ON" diff --git a/pkgs/games/etlegacy/default.nix b/pkgs/games/etlegacy/default.nix index ee5d31874c68..befbbc5ed291 100644 --- a/pkgs/games/etlegacy/default.nix +++ b/pkgs/games/etlegacy/default.nix @@ -100,7 +100,6 @@ stdenv.mkDerivation { ''; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DCROSS_COMPILE32=0" "-DBUILD_SERVER=1" "-DBUILD_CLIENT=1" diff --git a/pkgs/games/lzwolf/default.nix b/pkgs/games/lzwolf/default.nix index 7598022f31b1..37bcc7fc8e06 100644 --- a/pkgs/games/lzwolf/default.nix +++ b/pkgs/games/lzwolf/default.nix @@ -38,7 +38,6 @@ stdenv.mkDerivation rec { ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DGPL=ON" ]; diff --git a/pkgs/games/nanosaur/default.nix b/pkgs/games/nanosaur/default.nix index 5460d3d87e02..4ec59b726ee3 100644 --- a/pkgs/games/nanosaur/default.nix +++ b/pkgs/games/nanosaur/default.nix @@ -20,8 +20,6 @@ stdenv.mkDerivation rec { SDL2 ]; - cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" ]; - installPhase = '' runHook preInstall mkdir -p "$out/bin" diff --git a/pkgs/games/nanosaur2/default.nix b/pkgs/games/nanosaur2/default.nix index 423d40e71c6c..7ab77623e653 100644 --- a/pkgs/games/nanosaur2/default.nix +++ b/pkgs/games/nanosaur2/default.nix @@ -20,8 +20,6 @@ stdenv.mkDerivation rec { SDL2 ]; - cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" ]; - installPhase = '' runHook preInstall mkdir -p "$out/bin" diff --git a/pkgs/games/openmw/tes3mp.nix b/pkgs/games/openmw/tes3mp.nix index f236bc8cd5e5..8b6c96c5286f 100644 --- a/pkgs/games/openmw/tes3mp.nix +++ b/pkgs/games/openmw/tes3mp.nix @@ -26,7 +26,6 @@ let }; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DCRABNET_ENABLE_DLL=OFF" ]; diff --git a/pkgs/games/otto-matic/default.nix b/pkgs/games/otto-matic/default.nix index 800b97b2b86e..c56db251a1b0 100644 --- a/pkgs/games/otto-matic/default.nix +++ b/pkgs/games/otto-matic/default.nix @@ -21,8 +21,6 @@ stdenv.mkDerivation rec { SDL2 ]; - cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" ]; - installPhase = '' runHook preInstall diff --git a/pkgs/misc/drivers/epsonscan2/default.nix b/pkgs/misc/drivers/epsonscan2/default.nix index 325cbbd8707c..69c4c03b95e6 100644 --- a/pkgs/misc/drivers/epsonscan2/default.nix +++ b/pkgs/misc/drivers/epsonscan2/default.nix @@ -97,7 +97,6 @@ stdenv.mkDerivation { ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" # The non-free (Debian) packages uses this directory structure so do the same when compiling # from source so we can easily merge them. "-DCMAKE_INSTALL_LIBDIR=lib/${system}-gnu" diff --git a/pkgs/misc/dumb/default.nix b/pkgs/misc/dumb/default.nix index 2a554d99b287..f80dea534a67 100644 --- a/pkgs/misc/dumb/default.nix +++ b/pkgs/misc/dumb/default.nix @@ -15,7 +15,6 @@ stdenv.mkDerivation rec { }; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE='Release'" "-DBUILD_EXAMPLES='OFF'" ]; diff --git a/pkgs/servers/domoticz/default.nix b/pkgs/servers/domoticz/default.nix index 869971d8fb89..6e50b4754438 100644 --- a/pkgs/servers/domoticz/default.nix +++ b/pkgs/servers/domoticz/default.nix @@ -51,7 +51,6 @@ stdenv.mkDerivation rec { ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DUSE_BUILTIN_MQTT=false" "-DUSE_BUILTIN_LUA=false" "-DUSE_BUILTIN_SQLITE=false" diff --git a/pkgs/servers/nosql/arangodb/default.nix b/pkgs/servers/nosql/arangodb/default.nix index 74d832803b1d..36c978e364fe 100644 --- a/pkgs/servers/nosql/arangodb/default.nix +++ b/pkgs/servers/nosql/arangodb/default.nix @@ -62,10 +62,11 @@ gcc10Stdenv.mkDerivation rec { patchShebangs utils ''; + cmakeBuildType = "RelWithDebInfo"; + cmakeFlags = [ "-DUSE_MAINTAINER_MODE=OFF" "-DUSE_GOOGLE_TESTS=OFF" - "-DCMAKE_BUILD_TYPE=RelWithDebInfo" # avoid reading /proc/cpuinfo for feature detection "-DTARGET_ARCHITECTURE=${targetArch}" diff --git a/pkgs/servers/tarantool/default.nix b/pkgs/servers/tarantool/default.nix index bdb36a7f10ad..80b2e96d2d6d 100644 --- a/pkgs/servers/tarantool/default.nix +++ b/pkgs/servers/tarantool/default.nix @@ -38,8 +38,9 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ]; + cmakeBuildType = "RelWithDebInfo"; + cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=RelWithDebInfo" "-DENABLE_DIST=ON" "-DTARANTOOL_VERSION=${version}.builtByNix" # expects the commit hash as well ]; diff --git a/pkgs/tools/graphics/astc-encoder/default.nix b/pkgs/tools/graphics/astc-encoder/default.nix index 5e63038e67db..4403ab255dd3 100644 --- a/pkgs/tools/graphics/astc-encoder/default.nix +++ b/pkgs/tools/graphics/astc-encoder/default.nix @@ -40,8 +40,9 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ]; + cmakeBuildType = "RelWithDebInfo"; + cmakeFlags = isaFlags ++ [ - "-DCMAKE_BUILD_TYPE=RelWithDebInfo" "-DASTCENC_UNIVERSAL_BUILD=OFF" ]; diff --git a/pkgs/tools/misc/aspcud/default.nix b/pkgs/tools/misc/aspcud/default.nix index e3f75693803c..cd290d5e085e 100644 --- a/pkgs/tools/misc/aspcud/default.nix +++ b/pkgs/tools/misc/aspcud/default.nix @@ -27,7 +27,6 @@ stdenv.mkDerivation rec { buildInputs = [ boost clingo re2c ]; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=Release" "-DASPCUD_GRINGO_PATH=${clingo}/bin/gringo" "-DASPCUD_CLASP_PATH=${clingo}/bin/clasp" ]; diff --git a/pkgs/tools/misc/calamares/default.nix b/pkgs/tools/misc/calamares/default.nix index 00a06b857b0d..a82d62aed0df 100644 --- a/pkgs/tools/misc/calamares/default.nix +++ b/pkgs/tools/misc/calamares/default.nix @@ -51,7 +51,6 @@ mkDerivation rec { "-DPYTHON_LIBRARY=${python}/lib/lib${python.libPrefix}.so" "-DPYTHON_INCLUDE_DIR=${python}/include/${python.libPrefix}" "-DCMAKE_VERBOSE_MAKEFILE=True" - "-DCMAKE_BUILD_TYPE=Release" "-DWITH_PYTHONQT:BOOL=ON" ]; diff --git a/pkgs/tools/misc/clipboard-jh/default.nix b/pkgs/tools/misc/clipboard-jh/default.nix index 9cebe31dd7b8..fe4f18eea8d2 100644 --- a/pkgs/tools/misc/clipboard-jh/default.nix +++ b/pkgs/tools/misc/clipboard-jh/default.nix @@ -42,8 +42,9 @@ stdenv.mkDerivation rec { darwin.apple_sdk.frameworks.AppKit ]; + cmakeBuildType = "MinSizeRel"; + cmakeFlags = [ - "-DCMAKE_BUILD_TYPE='MinSizeRel'" "-Wno-dev" "-DINSTALL_PREFIX=${placeholder "out"}" ]; diff --git a/pkgs/tools/networking/ebpf-verifier/default.nix b/pkgs/tools/networking/ebpf-verifier/default.nix index 972c72c4e57f..8605db55bba8 100644 --- a/pkgs/tools/networking/ebpf-verifier/default.nix +++ b/pkgs/tools/networking/ebpf-verifier/default.nix @@ -39,8 +39,6 @@ stdenv.mkDerivation { yaml-cpp ]; - cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" ]; - installPhase = '' runHook preInstall diff --git a/pkgs/tools/security/sirikali/default.nix b/pkgs/tools/security/sirikali/default.nix index a3e67a2b76a5..6ae689d95fd4 100644 --- a/pkgs/tools/security/sirikali/default.nix +++ b/pkgs/tools/security/sirikali/default.nix @@ -71,7 +71,6 @@ stdenv.mkDerivation rec { doCheck = true; cmakeFlags = [ - "-DCMAKE_BUILD_TYPE=RELEASE" "-DINTERNAL_LXQT_WALLET=false" "-DNOKDESUPPORT=${if withKWallet then "false" else "true"}" "-DNOSECRETSUPPORT=${if withLibsecret then "false" else "true"}" diff --git a/pkgs/tools/system/nvtop/default.nix b/pkgs/tools/system/nvtop/default.nix index 1ab520cefac4..e47291207f08 100644 --- a/pkgs/tools/system/nvtop/default.nix +++ b/pkgs/tools/system/nvtop/default.nix @@ -38,7 +38,6 @@ stdenv.mkDerivation rec { }; cmakeFlags = with lib; [ - "-DCMAKE_BUILD_TYPE=Release" "-DBUILD_TESTING=ON" "-DUSE_LIBUDEV_OVER_LIBSYSTEMD=ON" ] ++ optional nvidia "-DNVML_INCLUDE_DIRS=${cudatoolkit}/include" From ab1957d1daf248b29de1db21ea3349bda56c8c92 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Thu, 17 Aug 2023 08:55:59 +0100 Subject: [PATCH 38/95] libhwy: 1.0.5 -> 1.0.7 Changes: https://github.com/google/highway/releases/tag/1.0.6 Changes: https://github.com/google/highway/releases/tag/1.0.7 --- pkgs/development/libraries/libhwy/default.nix | 22 +++++++++---------- 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/pkgs/development/libraries/libhwy/default.nix b/pkgs/development/libraries/libhwy/default.nix index 4373f7474339..b2f32cbe7252 100644 --- a/pkgs/development/libraries/libhwy/default.nix +++ b/pkgs/development/libraries/libhwy/default.nix @@ -1,23 +1,21 @@ -{ lib, stdenv, cmake, ninja, gtest, fetchFromGitHub, fetchpatch }: +{ lib +, stdenv +, cmake +, ninja +, gtest +, fetchFromGitHub +}: stdenv.mkDerivation rec { pname = "libhwy"; - version = "1.0.5"; + version = "1.0.7"; src = fetchFromGitHub { owner = "google"; repo = "highway"; rev = version; - hash = "sha256-Gym2iHq5ws9kuG4HWSQndD8hVugV4USZt6dUFnEkLwY="; + hash = "sha256-Z+mAR9nSAbCskUvo6oK79Yd85bu0HtI2aR5THS1EozM="; }; - patches = [ - # backport for compilation issue on aarch64 - # https://github.com/google/highway/issues/1613 - (fetchpatch { - url = "https://github.com/google/highway/commit/7ad89efa911cb906ccf3f78fe510db415e921801.diff"; - hash = "sha256-hTSkeCh2QLMqeIKG/CAqJXaPqD/66Z02gjGXk591f+U="; - }) - ]; nativeBuildInputs = [ cmake ninja ]; @@ -53,7 +51,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "Performance-portable, length-agnostic SIMD with runtime dispatch"; homepage = "https://github.com/google/highway"; - license = licenses.asl20; + license = with licenses; [ asl20 bsd3 ]; platforms = platforms.unix; maintainers = with maintainers; [ zhaofengli ]; }; From 2ce1ae2cfd73efbc24d7575baa71773b1331f1f3 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Thu, 7 Sep 2023 23:22:19 +0200 Subject: [PATCH 39/95] ffmpeg: re-enable video4linux2 support This is useful in some application like mpv to view the webcam stream. It was enabled before ffmpeg and ffmpeg-full got merged in #211834. --- pkgs/development/libraries/ffmpeg/generic.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/libraries/ffmpeg/generic.nix b/pkgs/development/libraries/ffmpeg/generic.nix index 6bde5aa776ba..afd67d19637b 100644 --- a/pkgs/development/libraries/ffmpeg/generic.nix +++ b/pkgs/development/libraries/ffmpeg/generic.nix @@ -80,7 +80,7 @@ , withSvtav1 ? withHeadlessDeps && !stdenv.isAarch64 # AV1 encoder/decoder (focused on speed and correctness) , withTensorflow ? false # Tensorflow dnn backend support , withTheora ? withHeadlessDeps # Theora encoder -, withV4l2 ? withFullDeps && !stdenv.isDarwin # Video 4 Linux support +, withV4l2 ? withHeadlessDeps && !stdenv.isDarwin # Video 4 Linux support , withV4l2M2m ? withV4l2 , withVaapi ? withHeadlessDeps && (with stdenv; isLinux || isFreeBSD) # Vaapi hardware acceleration , withVdpau ? withSmallDeps # Vdpau hardware acceleration From dde4c871e1d39b7eac25a69e427ab8c050b35fb1 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Sat, 9 Sep 2023 02:20:22 +0100 Subject: [PATCH 40/95] shadow: 4.13 -> 4.14.0 Changes: https://github.com/shadow-maint/shadow/releases/tag/4.14.0 --- pkgs/os-specific/linux/shadow/default.nix | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index f0e2c281aa56..746f9b17a698 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -1,9 +1,9 @@ { lib, stdenv, fetchFromGitHub -, runtimeShell, nixosTests, fetchpatch +, runtimeShell, nixosTests , autoreconfHook, bison, flex , docbook_xml_dtd_45, docbook_xsl -, itstool , libxml2, libxslt -, libxcrypt +, itstool, libbsd, libxml2, libxslt +, libxcrypt, pkg-config , glibcCross ? null , pam ? null , withTcb ? lib.meta.availableOn stdenv.hostPlatform tcb, tcb @@ -17,13 +17,13 @@ in stdenv.mkDerivation rec { pname = "shadow"; - version = "4.13"; + version = "4.14.0"; src = fetchFromGitHub { owner = "shadow-maint"; repo = pname; rev = version; - sha256 = "sha256-L54DhdBYthfB9436t/XWXiqKhW7rfd0GLS7pYGB32rA="; + hash = "sha256-zopJevCv7ot8RLp/rSQGKO05eF4FjkLaOEMo9aq9Afo="; }; outputs = [ "out" "su" "dev" "man" ]; @@ -34,9 +34,10 @@ stdenv.mkDerivation rec { autoreconfHook bison flex docbook_xml_dtd_45 docbook_xsl itstool libxml2 libxslt + pkg-config ]; - buildInputs = [ libxcrypt ] + buildInputs = [ libbsd libxcrypt ] ++ lib.optional (pam != null && stdenv.isLinux) pam ++ lib.optional withTcb tcb; @@ -46,11 +47,6 @@ stdenv.mkDerivation rec { ./respect-xml-catalog-files-var.patch ./runtime-shell.patch ./fix-install-with-tcb.patch - # Fix HAVE_SHADOWGRP configure check - (fetchpatch { - url = "https://github.com/shadow-maint/shadow/commit/a281f241b592aec636d1b93a99e764499d68c7ef.patch"; - sha256 = "sha256-GJWg/8ggTnrbIgjI+HYa26DdVbjTHTk/IHhy7GU9G5w="; - }) ]; # The nix daemon often forbids even creating set[ug]id files. From 05c541d09a5d4f3486c534b6bf5ecacded3129d2 Mon Sep 17 00:00:00 2001 From: OPNA2608 Date: Sat, 9 Sep 2023 13:50:07 +0200 Subject: [PATCH 41/95] pipewire: Make ldacbt support optional based on availability Because ldacbt doesn't support non-little-endian platforms. --- pkgs/development/libraries/pipewire/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index fdc514c286b7..28bbcb4a8890 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -42,10 +42,11 @@ , bluez , sbc , libfreeaptx -, ldacbt , liblc3 , fdk_aac , libopus +, ldacbtSupport ? bluezSupport && lib.meta.availableOn stdenv.hostPlatform ldacbt +, ldacbt , nativeHspSupport ? true , nativeHfpSupport ? true , nativeModemManagerSupport ? true @@ -70,6 +71,9 @@ , ffado }: +# Bluetooth codec only makes sense if general bluetooth enabled +assert ldacbtSupport -> bluezSupport; + let mesonEnableFeature = b: if b then "enabled" else "disabled"; @@ -144,7 +148,8 @@ let ++ lib.optionals gstreamerSupport [ gst_all_1.gst-plugins-base gst_all_1.gstreamer ] ++ lib.optionals libcameraSupport [ libcamera libdrm ] ++ lib.optional ffmpegSupport ffmpeg - ++ lib.optionals bluezSupport [ bluez libfreeaptx ldacbt liblc3 sbc fdk_aac libopus ] + ++ lib.optionals bluezSupport [ bluez libfreeaptx liblc3 sbc fdk_aac libopus ] + ++ lib.optional ldacbtSupport ldacbt ++ lib.optional nativeModemManagerSupport modemmanager ++ lib.optional pulseTunnelSupport libpulseaudio ++ lib.optional zeroconfSupport avahi @@ -184,6 +189,7 @@ let # source code is not easily obtainable "-Dbluez5-codec-lc3plus=disabled" "-Dbluez5-codec-lc3=${mesonEnableFeature bluezSupport}" + "-Dbluez5-codec-ldac=${mesonEnableFeature ldacbtSupport}" "-Dsysconfdir=/etc" "-Dpipewire_confdata_dir=${placeholder "lib"}/share/pipewire" "-Draop=${mesonEnableFeature raopSupport}" From 0b72a1e93de66e0e17949b860a057c4cbfcecd7e Mon Sep 17 00:00:00 2001 From: Leona Maroni Date: Sun, 3 Sep 2023 16:44:44 +0200 Subject: [PATCH 42/95] ell: 0.57 -> 0.58 --- pkgs/os-specific/linux/ell/default.nix | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/ell/default.nix b/pkgs/os-specific/linux/ell/default.nix index bde39a41b525..bef36ac4a121 100644 --- a/pkgs/os-specific/linux/ell/default.nix +++ b/pkgs/os-specific/linux/ell/default.nix @@ -3,18 +3,20 @@ , autoreconfHook , pkg-config , dbus +, fetchpatch +, sysctl }: stdenv.mkDerivation rec { pname = "ell"; - version = "0.57"; + version = "0.58"; outputs = [ "out" "dev" ]; src = fetchgit { url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; rev = version; - sha256 = "sha256-9d9WMCByQ1TKWpzWe5msts1LG+BKKqwCgaMBbD74/+4="; + hash = "sha256-CwUwwvyT541aIvypVMqRhHkVJLna121Cme+v7c0FLWo="; }; nativeBuildInputs = [ @@ -24,8 +26,18 @@ stdenv.mkDerivation rec { nativeCheckInputs = [ dbus + # required as the sysctl test works on some machines + sysctl ]; + patches = [ + # /proc/sys/net/core/somaxconn doesn't always exist in the nix build environment + (fetchpatch { + name = "skip-sysctl-test-if-sysfs-not-available.patch"; + url = "https://patchwork.kernel.org/project/ell/patch/526DA75D-01AB-4D85-BF5C-5F25E5C39480@kloenk.dev/raw/"; + hash = "sha256-YYGYWQ67cbMLt6RnqZmHt+tpvVIDKPbSCqPIouk6alU="; + }) + ]; enableParallelBuilding = true; # tests sporadically fail on musl From c95192b9962b2b72bc4c9af5d9c3821de49b8a9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Na=C3=AFm=20Favier?= Date: Tue, 1 Aug 2023 10:41:06 +0200 Subject: [PATCH 43/95] jq: 1.6 -> 1.7 https://github.com/jqlang/jq/releases/tag/jq-1.7 --- pkgs/development/tools/jq/default.nix | 25 ++++++------ ...when-building-without-regex-supports.patch | 38 ------------------- pkgs/games/dwarf-fortress/update.sh | 2 +- 3 files changed, 15 insertions(+), 50 deletions(-) delete mode 100644 pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch diff --git a/pkgs/development/tools/jq/default.nix b/pkgs/development/tools/jq/default.nix index 3c6d85e8ddcc..4a57c0f5a0c3 100644 --- a/pkgs/development/tools/jq/default.nix +++ b/pkgs/development/tools/jq/default.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchurl +, removeReferencesTo , autoreconfHook , bison , onigurumaSupport ? true @@ -9,18 +10,14 @@ stdenv.mkDerivation rec { pname = "jq"; - version = "1.6"; + version = "1.7"; # Note: do not use fetchpatch or fetchFromGitHub to keep this package available in __bootPackages src = fetchurl { - url = "https://github.com/stedolan/jq/releases/download/jq-${version}/jq-${version}.tar.gz"; - sha256 = "sha256-XejI4pqqP7nMa0e7JymfJxNU67clFOOsytx9OLW7qnI="; + url = "https://github.com/jqlang/jq/releases/download/jq-${version}/jq-${version}.tar.gz"; + hash = "sha256-QCoNaXXZRub05ITRqEMgQUoP+Ots9J0sEdFE1NNE22I="; }; - patches = [ - ./fix-tests-when-building-without-regex-supports.patch - ]; - outputs = [ "bin" "doc" "man" "dev" "lib" "out" ]; # Upstream script that writes the version that's eventually compiled @@ -39,7 +36,7 @@ stdenv.mkDerivation rec { ''; buildInputs = lib.optionals onigurumaSupport [ oniguruma ]; - nativeBuildInputs = [ autoreconfHook bison ]; + nativeBuildInputs = [ removeReferencesTo autoreconfHook bison ]; # Darwin requires _REENTRANT be defined to use functions like `lgamma_r`. # Otherwise, configure will detect that they’re in libm, but the build will fail @@ -59,6 +56,12 @@ stdenv.mkDerivation rec { # jq is linked to libjq: ++ lib.optional (!stdenv.isDarwin) "LDFLAGS=-Wl,-rpath,\\\${libdir}"; + # Break the dependency cycle: $dev refers to $bin via propagated-build-outputs, and + # $bin refers to $dev because of https://github.com/jqlang/jq/commit/583e4a27188a2db097dd043dd203b9c106bba100 + postFixup = '' + remove-references-to -t "$dev" "$bin/bin/jq" + ''; + doInstallCheck = true; installCheckTarget = "check"; @@ -71,11 +74,11 @@ stdenv.mkDerivation rec { meta = with lib; { description = "A lightweight and flexible command-line JSON processor"; - homepage = "https://stedolan.github.io/jq/"; + homepage = "https://jqlang.github.io/jq/"; license = licenses.mit; - maintainers = with maintainers; [ raskin globin artturin ]; + maintainers = with maintainers; [ raskin artturin ncfavier ]; platforms = platforms.unix; - downloadPage = "https://stedolan.github.io/jq/download/"; + downloadPage = "https://jqlang.github.io/jq/download/"; mainProgram = "jq"; }; } diff --git a/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch b/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch deleted file mode 100644 index ac7614ed80b2..000000000000 --- a/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch +++ /dev/null @@ -1,38 +0,0 @@ -From f6a69a6e52b68a92b816a28eb20719a3d0cb51ae Mon Sep 17 00:00:00 2001 -From: Dmitry Bogatov -Date: Sat, 27 Mar 2021 00:00:00 +0000 -Subject: [PATCH] Disable some tests when building without regex support - ---- - Makefile.am | 5 ++++- - configure.ac | 1 + - 2 files changed, 5 insertions(+), 1 deletion(-) - -diff --git a/Makefile.am b/Makefile.am -index f5c1db594..f3f44bb9e 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -130,7 +130,10 @@ endif - - ### Tests (make check) - --TESTS = tests/optionaltest tests/mantest tests/jqtest tests/onigtest tests/shtest tests/utf8test tests/base64test -+TESTS = tests/optionaltest tests/jqtest tests/shtest tests/utf8test tests/base64test -+if WITH_ONIGURUMA -+TESTS += tests/mantest tests/onigtest -+endif - TESTS_ENVIRONMENT = NO_VALGRIND=$(NO_VALGRIND) - - # This is a magic make variable that causes it to treat tests/man.test as a -diff --git a/configure.ac b/configure.ac -index 0441d4a2c..987d94e0a 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -278,6 +278,7 @@ AC_SUBST(onig_CFLAGS) - AC_SUBST(onig_LDFLAGS) - - AM_CONDITIONAL([BUILD_ONIGURUMA], [test "x$build_oniguruma" = xyes]) -+AM_CONDITIONAL([WITH_ONIGURUMA], [test "x$with_oniguruma" = xyes]) - AC_SUBST([BUNDLER], ["$bundle_cmd"]) - - AC_CONFIG_MACRO_DIR([config/m4]) diff --git a/pkgs/games/dwarf-fortress/update.sh b/pkgs/games/dwarf-fortress/update.sh index 0ef9a40c7a5d..5b99dff8aa77 100755 --- a/pkgs/games/dwarf-fortress/update.sh +++ b/pkgs/games/dwarf-fortress/update.sh @@ -38,5 +38,5 @@ done | jq --slurp --raw-input \ # Append $tmp1 to game.json. There should be a better way to handle # this but all other attempts failed for me. -jq -M --argfile a "$tmp1" '. + $a' < "$(dirname "$0")/game.json" > "$tmp2" +jq -M --slurpfile a "$tmp1" '. + $a[]' < "$(dirname "$0")/game.json" > "$tmp2" cat "$tmp2" > "$(dirname "$0")/game.json" From 147359540a678898fe0eaff47f8e0437bd74a54b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Na=C3=AFm=20Favier?= Date: Sun, 10 Sep 2023 10:27:34 +0200 Subject: [PATCH 44/95] yq: 3.2.2 -> 3.2.3 https://github.com/kislyuk/yq/releases/tag/v3.2.3 --- pkgs/development/python-modules/yq/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/yq/default.nix b/pkgs/development/python-modules/yq/default.nix index 5b652910ea14..c730725581ac 100644 --- a/pkgs/development/python-modules/yq/default.nix +++ b/pkgs/development/python-modules/yq/default.nix @@ -13,11 +13,11 @@ buildPythonPackage rec { pname = "yq"; - version = "3.2.2"; + version = "3.2.3"; src = fetchPypi { inherit pname version; - hash = "sha256-jbt6DJN92/w90XXmR49AlgwUDT6LHxoDFd52OE1mZQo="; + hash = "sha256-Kcj+HTa09kFj9NATFMauIXU5hw9hAhbe5gJd+16vr7E="; }; patches = [ From 37f76d36c5e2c716a2276e5755fcd0464193911d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Na=C3=AFm=20Favier?= Date: Sun, 10 Sep 2023 12:10:34 +0200 Subject: [PATCH 45/95] python3Packages.jq: 1.4.1 -> 1.5.0, apply patch for jq 1.7 --- pkgs/development/python-modules/jq/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/jq/default.nix b/pkgs/development/python-modules/jq/default.nix index 335b6e92781d..d7dc37b06852 100644 --- a/pkgs/development/python-modules/jq/default.nix +++ b/pkgs/development/python-modules/jq/default.nix @@ -2,6 +2,7 @@ , buildPythonPackage , cython , fetchFromGitHub +, fetchpatch , jq , pytestCheckHook , pythonOlder @@ -9,7 +10,7 @@ buildPythonPackage rec { pname = "jq"; - version = "1.4.1"; + version = "1.5.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -18,12 +19,17 @@ buildPythonPackage rec { owner = "mwilliamson"; repo = "jq.py"; rev = "refs/tags/${version}"; - hash = "sha256-prH3yUFh3swXGsxnoax09aYAXaiu8o2M21ZbOp9HDJY="; + hash = "sha256-mITk5y2AdUc9kZ/WrsnHxS1GRRmO4FDbPRgTtV2gIXI="; }; patches = [ # Removes vendoring ./jq-py-setup.patch + (fetchpatch { + url = "https://github.com/mwilliamson/jq.py/commit/805705dde4beb9db9a1743663d415198fb02eb1a.patch"; + includes = [ "tests/*" ]; + hash = "sha256-AgdpwmtOTeJ4nSbM6IknKaIVqqtWkpxTTtblXjlbWeA="; + }) ]; nativeBuildInputs = [ From 405e6eea236ded7d89e868d7a2c722c4d4d77ebd Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Mon, 11 Sep 2023 11:10:53 +0100 Subject: [PATCH 46/95] brotli: 1.0.9 -> 1.1.0 Changes: https://github.com/google/brotli/releases/tag/v1.1.0 --- pkgs/tools/compression/brotli/default.nix | 23 ++--------------------- 1 file changed, 2 insertions(+), 21 deletions(-) diff --git a/pkgs/tools/compression/brotli/default.nix b/pkgs/tools/compression/brotli/default.nix index 3d15cbd395c4..244b46f44e58 100644 --- a/pkgs/tools/compression/brotli/default.nix +++ b/pkgs/tools/compression/brotli/default.nix @@ -2,7 +2,6 @@ , stdenv , fetchFromGitHub , cmake -, fetchpatch , staticOnly ? stdenv.hostPlatform.isStatic , testers }: @@ -11,24 +10,17 @@ stdenv.mkDerivation (finalAttrs: { pname = "brotli"; - version = "1.0.9"; + version = "1.1.0"; src = fetchFromGitHub { owner = "google"; repo = "brotli"; rev = "v${finalAttrs.version}"; - sha256 = "z6Dhrabav1MDQ4rAcXaDv0aN+qOoh9cvoXZqEWBB13c="; + hash = "sha256-MvceRcle2dSkkucC2PlsCizsIf8iv95d8Xjqew266wc="; }; nativeBuildInputs = [ cmake ]; - patches = lib.optional staticOnly (fetchpatch { - # context from https://github.com/google/brotli/pull/655 - # updated patch from https://github.com/google/brotli/pull/655 - url = "https://github.com/google/brotli/commit/47a554804ceabb899ae924aaee54df806053d0d1.patch"; - sha256 = "sOeXNVsCaBSD9i82GRUDrkyreGeQ7qaJWjjy/uLL0/0="; - }); - cmakeFlags = lib.optional staticOnly "-DBUILD_SHARED_LIBS=OFF"; outputs = [ "out" "dev" "lib" ]; @@ -37,17 +29,6 @@ stdenv.mkDerivation (finalAttrs: { checkTarget = "test"; - # This breaks on Darwin because our cmake hook tries to make a build folder - # and the wonderful bazel BUILD file is already there (yay case-insensitivity?) - prePatch = '' - rm BUILD - - # Upstream fixed this reference to runtime-path after the release - # and with this references g++ complains about invalid option -R - sed -i 's/ -R''${libdir}//' scripts/libbrotli*.pc.in - cat scripts/libbrotli*.pc.in - ''; - # Don't bother with "man" output for now, # it currently only makes the manpages hard to use. postInstall = '' From e8cc4e54ce3acd408ef566e2ac4861038e10e874 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Wed, 6 Sep 2023 01:17:50 +0100 Subject: [PATCH 47/95] sqlite, sqlite-analyzer: 3.42.0 -> 3.43.1 While at it added trivial updater. Changes: https://sqlite.org/releaselog/3_43_0.html Changes: https://sqlite.org/releaselog/3_43_1.html --- pkgs/development/libraries/sqlite/default.nix | 21 ++++++++++++++----- pkgs/development/libraries/sqlite/tools.nix | 4 ++-- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/pkgs/development/libraries/sqlite/default.nix b/pkgs/development/libraries/sqlite/default.nix index cc26df385a5c..441dfa99c37a 100644 --- a/pkgs/development/libraries/sqlite/default.nix +++ b/pkgs/development/libraries/sqlite/default.nix @@ -7,6 +7,8 @@ , interactive ? false # TODO: can be removed since 3.36 since it is the default now. , enableDeserialize ? false + +, gitUpdater }: let @@ -15,13 +17,13 @@ in stdenv.mkDerivation rec { pname = "sqlite${lib.optionalString interactive "-interactive"}"; - version = "3.42.0"; + version = "3.43.1"; # nixpkgs-update: no auto update # NB! Make sure to update ./tools.nix src (in the same directory). src = fetchurl { url = "https://sqlite.org/2023/sqlite-autoconf-${archiveVersion version}.tar.gz"; - hash = "sha256-erz9FhxuJ0LKXGwIldH4U8lA8gMwSgtJ2k4eyl0IjKY="; + hash = "sha256-RtsvEPMG4WPkVxuJdNRM03B4quBClbvwiyU2Vd8yZfQ="; }; outputs = [ "bin" "dev" "out" ]; @@ -87,9 +89,18 @@ stdenv.mkDerivation rec { doCheck = false; # fails to link against tcl - passthru.tests = { - inherit (python3Packages) sqlalchemy; - inherit sqldiff sqlite-analyzer tracker; + passthru = { + tests = { + inherit (python3Packages) sqlalchemy; + inherit sqldiff sqlite-analyzer tracker; + }; + + updateScript = gitUpdater { + # No nicer place to look for patest version. + url = "https://github.com/sqlite/sqlite.git"; + # Expect tags like "version-3.43.0". + rev-prefix = "version-"; + }; }; meta = with lib; { diff --git a/pkgs/development/libraries/sqlite/tools.nix b/pkgs/development/libraries/sqlite/tools.nix index c30ce8d45d9a..31207ad9edf9 100644 --- a/pkgs/development/libraries/sqlite/tools.nix +++ b/pkgs/development/libraries/sqlite/tools.nix @@ -4,12 +4,12 @@ let archiveVersion = import ./archive-version.nix lib; mkTool = { pname, makeTarget, description, homepage, mainProgram }: stdenv.mkDerivation rec { inherit pname; - version = "3.42.0"; + version = "3.43.1"; # nixpkgs-update: no auto update src = assert version == sqlite.version; fetchurl { url = "https://sqlite.org/2023/sqlite-src-${archiveVersion version}.zip"; - hash = "sha256-OMpWoxe+N/sAvZK8KA2bkgm9QAiyl9SDxB7B9geb+20="; + hash = "sha256-IunC70n+b4otvJPE09zgnG1qT1Y95SsKgXGtSajHKRc="; }; nativeBuildInputs = [ unzip ]; From a0d5d8ec475e9198663f938f80f8eb625ed66a1e Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Tue, 12 Sep 2023 04:20:00 +0000 Subject: [PATCH 48/95] libimagequant: 4.2.0 -> 4.2.1 Diff: https://github.com/ImageOptim/libimagequant/compare/4.2.0...4.2.1 --- .../libraries/libimagequant/Cargo.lock | 70 +++++++++---------- .../libraries/libimagequant/default.nix | 4 +- 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/pkgs/development/libraries/libimagequant/Cargo.lock b/pkgs/development/libraries/libimagequant/Cargo.lock index d85dfcde626f..8823a070b81b 100644 --- a/pkgs/development/libraries/libimagequant/Cargo.lock +++ b/pkgs/development/libraries/libimagequant/Cargo.lock @@ -21,9 +21,9 @@ dependencies = [ [[package]] name = "arrayvec" -version = "0.7.2" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6" +checksum = "96d30a06541fbafbc7f82ed10c06164cfbd2c401138f6addd8404629c4b16711" [[package]] name = "autocfg" @@ -33,15 +33,15 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "bitflags" -version = "1.3.2" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" [[package]] name = "bytemuck" -version = "1.13.1" +version = "1.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17febce684fd15d89027105661fec94afb475cb995fbc59d2865198446ba2eea" +checksum = "374d28ec25809ee0e23827c2ab573d729e293f281dfe393500e7ad618baa61c6" [[package]] name = "c_test" @@ -53,9 +53,12 @@ dependencies = [ [[package]] name = "cc" -version = "1.0.79" +version = "1.0.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" +checksum = "f1174fb0b6ec23863f8b971027804a42614e347eafb0a95bf0b12cdae21fc4d0" +dependencies = [ + "libc", +] [[package]] name = "cfg-if" @@ -95,9 +98,9 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.14" +version = "0.9.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46bd5f3f85273295a9d14aedfb86f6aadbff6d8f5295c4a9edb08e819dcf5695" +checksum = "ae211234986c545741a7dc064309f67ee1e5ad243d0e48335adc0484d960bcc7" dependencies = [ "autocfg", "cfg-if", @@ -108,33 +111,33 @@ dependencies = [ [[package]] name = "crossbeam-utils" -version = "0.8.15" +version = "0.8.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c063cd8cc95f5c377ed0d4b49a4b21f632396ff690e8470c29b3359b346984b" +checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" dependencies = [ "cfg-if", ] [[package]] name = "either" -version = "1.8.1" +version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fcaabb2fef8c910e7f4c7ce9f67a1283a1715879a7c230ca9d6d1ae31f16d91" +checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" [[package]] name = "fallible_collections" -version = "0.4.7" +version = "0.4.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9acf77205554f3cfeca94a4b910e159ad9824e8c2d164de02b3f12495cc1074d" +checksum = "a88c69768c0a15262df21899142bc6df9b9b823546d4b4b9a7bc2d6c448ec6fd" dependencies = [ "hashbrown", ] [[package]] name = "flate2" -version = "1.0.26" +version = "1.0.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743" +checksum = "c6c98ee8095e9d1dcbf2fcc6d95acccb90d1c81db1e44725c6a984b1dbdfb010" dependencies = [ "crc32fast", "miniz_oxide", @@ -151,16 +154,13 @@ dependencies = [ [[package]] name = "hermit-abi" -version = "0.2.6" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7" -dependencies = [ - "libc", -] +checksum = "443144c8cdadd93ebf52ddb4056d257f5b52c04d3c804e657d19eb73fc33668b" [[package]] name = "imagequant" -version = "4.2.0" +version = "4.2.1" dependencies = [ "arrayvec", "lodepng", @@ -173,7 +173,7 @@ dependencies = [ [[package]] name = "imagequant-sys" -version = "4.0.1" +version = "4.0.2" dependencies = [ "bitflags", "imagequant", @@ -182,9 +182,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.142" +version = "0.2.147" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a987beff54b60ffa6d51982e1aa1146bc42f19bd26be28b0586f252fccf5317" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" [[package]] name = "lodepng" @@ -201,9 +201,9 @@ dependencies = [ [[package]] name = "memoffset" -version = "0.8.0" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d61c719bcfbcf5d62b3a09efa6088de8c54bc0bfcd3ea7ae39fcc186108b8de1" +checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c" dependencies = [ "autocfg", ] @@ -219,9 +219,9 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.15.0" +version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fac9e2da13b5eb447a6ce3d392f23a29d8694bff781bf03a16cd9ac8697593b" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" dependencies = [ "hermit-abi", "libc", @@ -229,9 +229,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.17.1" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "rayon" @@ -266,9 +266,9 @@ dependencies = [ [[package]] name = "scopeguard" -version = "1.1.0" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "thread_local" diff --git a/pkgs/development/libraries/libimagequant/default.nix b/pkgs/development/libraries/libimagequant/default.nix index 088936115076..9041b373edff 100644 --- a/pkgs/development/libraries/libimagequant/default.nix +++ b/pkgs/development/libraries/libimagequant/default.nix @@ -5,13 +5,13 @@ let in rustPlatform.buildRustPackage rec { pname = "libimagequant"; - version = "4.2.0"; + version = "4.2.1"; src = fetchFromGitHub { owner = "ImageOptim"; repo = pname; rev = version; - hash = "sha256-51xTCymZKLuw1Xeje6EyKqHdbmqBV1Fdhx+OsO3bZ6Q="; + hash = "sha256-a5TztgNFRV9BVERpHI33ZEYwfOR46F9FzmbquzwGq3k="; }; cargoLock = { From ed9e2bdc72a6ea91514085564fe56555bfc7342b Mon Sep 17 00:00:00 2001 From: Henri Rosten Date: Tue, 12 Sep 2023 07:53:06 +0300 Subject: [PATCH 49/95] vim: 9.0.1811 -> 9.0.1897 Signed-off-by: Henri Rosten --- pkgs/applications/editors/vim/common.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/editors/vim/common.nix b/pkgs/applications/editors/vim/common.nix index 0abb7db9d99d..0179dabe3945 100644 --- a/pkgs/applications/editors/vim/common.nix +++ b/pkgs/applications/editors/vim/common.nix @@ -1,12 +1,12 @@ { lib, fetchFromGitHub }: rec { - version = "9.0.1811"; + version = "9.0.1897"; src = fetchFromGitHub { owner = "vim"; repo = "vim"; rev = "v${version}"; - hash = "sha256-b/fATWaHcIZIvkmr/UQ4R45ii9N0kWJMb7DerF/JYIA="; + hash = "sha256-ywxJ9evXWbqZ6o6EqDIQWK16J05McAdvPl0Y9cW5Zvc="; }; enableParallelBuilding = true; From 80422d2aab525f8cf0363c991e80398edfe19078 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Tue, 12 Sep 2023 08:19:08 +0100 Subject: [PATCH 50/95] polkit: 122 -> 123 Changes: https://gitlab.freedesktop.org/polkit/polkit/-/compare/122...123 --- pkgs/development/libraries/polkit/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/polkit/default.nix b/pkgs/development/libraries/polkit/default.nix index a00b6bb07a54..b6de5b02c091 100644 --- a/pkgs/development/libraries/polkit/default.nix +++ b/pkgs/development/libraries/polkit/default.nix @@ -39,7 +39,7 @@ let in stdenv.mkDerivation rec { pname = "polkit"; - version = "122"; + version = "123"; outputs = [ "bin" "dev" "out" ]; # small man pages in $bin @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { owner = "polkit"; repo = "polkit"; rev = version; - sha256 = "fLY8i8h4McAnwVt8dLOqbyHM7v3SkbWqATz69NkUudU="; + hash = "sha256-/kjWkh6w2FYgtYWzw3g3GlWJKKpkJ3cqwfE0iDqJctw="; }; patches = [ From aa6dafe3d657c4162d0d84f3c2f77041281bb2c9 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Tue, 12 Sep 2023 08:32:21 +0100 Subject: [PATCH 51/95] cracklib: 2.9.8 -> 2.9.11 Changes: https://github.com/cracklib/cracklib/releases/tag/v2.9.9 https://github.com/cracklib/cracklib/releases/tag/v2.9.10 https://github.com/cracklib/cracklib/releases/tag/v2.9.11 --- pkgs/development/libraries/cracklib/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/cracklib/default.nix b/pkgs/development/libraries/cracklib/default.nix index 484af3337a09..ba5d96a95182 100644 --- a/pkgs/development/libraries/cracklib/default.nix +++ b/pkgs/development/libraries/cracklib/default.nix @@ -1,8 +1,8 @@ -let version = "2.9.8"; in +let version = "2.9.11"; in { stdenv, lib, buildPackages, fetchurl, zlib, gettext , wordlists ? [ (fetchurl { url = "https://github.com/cracklib/cracklib/releases/download/v${version}/cracklib-words-${version}.gz"; - hash = "sha256-WLOCTIDdO6kIsMytUdbhZx4woj/u1gf7jmORR2i8T4U="; + hash = "sha256-popxGjE1c517Z+nzYLM/DU7M+b1/rE0XwNXkVqkcUXo="; }) ] }: @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://github.com/${pname}/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2"; - hash = "sha256-H500OF6jqnzXwH+jiNwlgQrqnTwz4mDHE6Olhz1w44Y="; + hash = "sha256-yosEmjwtOyIloejRXWE3mOvHSOOVA4jtomlN5Qe6YCA="; }; nativeBuildInputs = lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) buildPackages.cracklib; From 706ffe10a1748a253cfa3e1e62d5b5d0629f37b2 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Tue, 12 Sep 2023 08:43:01 +0100 Subject: [PATCH 52/95] libGLU: 9.0.2 -> 9.0.3 While at it added trivial updater. Changes: https://cgit.freedesktop.org/mesa/glu/log/?h=glu-9.0.3 --- .../libraries/mesa-glu/default.nix | 22 ++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/pkgs/development/libraries/mesa-glu/default.nix b/pkgs/development/libraries/mesa-glu/default.nix index b583eb93153a..dac12db94b62 100644 --- a/pkgs/development/libraries/mesa-glu/default.nix +++ b/pkgs/development/libraries/mesa-glu/default.nix @@ -1,19 +1,22 @@ -{ lib, stdenv, fetchurl, pkg-config, libGL, ApplicationServices +{ lib, stdenv, fetchurl +, meson, ninja +, pkg-config, libGL, ApplicationServices , testers +, gitUpdater }: stdenv.mkDerivation (finalAttrs: { pname = "glu"; - version = "9.0.2"; + version = "9.0.3"; src = let inherit (finalAttrs) pname version; in fetchurl { url = "https://mesa.freedesktop.org/archive/${pname}/${pname}-${version}.tar.xz"; - sha256 = "sha256-bnKA/1hcah2d/N8vykiSUWNLM3e/wzwp5AAkZqONAtQ="; + hash = "sha256-vUP+EvN0sRkusV/iDkX/RWubwmq1fw7ukZ+Wyg+KMw8="; }; - nativeBuildInputs = [ pkg-config ]; + nativeBuildInputs = [ meson ninja pkg-config ]; propagatedBuildInputs = [ libGL ] ++ lib.optional stdenv.isDarwin ApplicationServices; @@ -21,7 +24,16 @@ stdenv.mkDerivation (finalAttrs: { enableParallelBuilding = true; - passthru.tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; + passthru = { + tests = { + pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; + }; + updateScript = gitUpdater { + # No nicer place to find latest release. + url = "https://gitlab.freedesktop.org/mesa/glu"; + rev-prefix = "glu-"; + }; + }; meta = { description = "OpenGL utility library"; From 72ea0d15d10bb00312cd9240acf1fd4d81a8e7d7 Mon Sep 17 00:00:00 2001 From: 6t8k <58048945+6t8k@users.noreply.github.com> Date: Tue, 12 Sep 2023 20:15:55 +0200 Subject: [PATCH 53/95] libpng: 1.6.39 -> 1.6.40 https://github.com/glennrp/libpng/blob/v1.6.40/CHANGES#L6124 --- pkgs/development/libraries/libpng/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/development/libraries/libpng/default.nix b/pkgs/development/libraries/libpng/default.nix index b757d20b71d5..f8ae5b828c25 100644 --- a/pkgs/development/libraries/libpng/default.nix +++ b/pkgs/development/libraries/libpng/default.nix @@ -3,20 +3,20 @@ assert zlib != null; let - patchVersion = "1.6.39"; + patchVersion = "1.6.40"; patch_src = fetchurl { url = "mirror://sourceforge/libpng-apng/libpng-${patchVersion}-apng.patch.gz"; - hash = "sha256-SsS26roAzeISxI22XLlCkQc/68oixcef2ocJFQLoDP0="; + hash = "sha256-CjykZIKTjY1sciZivtLH7gxlobViRESzztIa2NNW2y8="; }; whenPatched = lib.optionalString apngSupport; in stdenv.mkDerivation rec { pname = "libpng" + whenPatched "-apng"; - version = "1.6.39"; + version = "1.6.40"; src = fetchurl { url = "mirror://sourceforge/libpng/libpng-${version}.tar.xz"; - hash = "sha256-H0aWznC07l+F8eFiPcEimyEAKfpLeu5XPfPiunsDaTc="; + hash = "sha256-U1tHmyRn/yMaPsbZKlJZBvuO8nl4vk9m2+BdPzoBs6E="; }; postPatch = whenPatched "gunzip < ${patch_src} | patch -Np1"; @@ -32,7 +32,7 @@ in stdenv.mkDerivation rec { meta = with lib; { description = "The official reference implementation for the PNG file format" + whenPatched " with animation patch"; homepage = "http://www.libpng.org/pub/png/libpng.html"; - changelog = "https://github.com/glennrp/libpng/blob/v1.6.39/CHANGES"; + changelog = "https://github.com/glennrp/libpng/blob/v1.6.40/CHANGES"; license = licenses.libpng2; platforms = platforms.all; maintainers = with maintainers; [ vcunat ]; From c57e6b692ab0d27b9573d700f72b0c71eab771e9 Mon Sep 17 00:00:00 2001 From: DavHau Date: Mon, 11 Sep 2023 13:49:53 +0200 Subject: [PATCH 54/95] python3.pkgs.pypaBuildHook: fix conflicts This modifies the pypaBuildHook to not propagate its own python dependencies into the build environment. This prevents package conflicts. - modify pypa-build-hook.sh to call pyproject-build via an absolute path. This removes the need of putting the dependencies inside the hook's propagatedBuildInputs - remove the hook's dependencies from propagatedBuildInputs - add a passthru test to the hook testing for the fix --- .../interpreters/python/hooks/default.nix | 14 +++++++- .../python/hooks/pypa-build-hook-test.nix | 32 ++++++++++++++++++ .../python/hooks/pypa-build-hook.sh | 2 +- .../bootstrap/build/default.nix | 33 +++++++++++++++---- 4 files changed, 73 insertions(+), 8 deletions(-) create mode 100644 pkgs/development/interpreters/python/hooks/pypa-build-hook-test.nix diff --git a/pkgs/development/interpreters/python/hooks/default.nix b/pkgs/development/interpreters/python/hooks/default.nix index 306c33a91fdd..5deb3cf97b8e 100644 --- a/pkgs/development/interpreters/python/hooks/default.nix +++ b/pkgs/development/interpreters/python/hooks/default.nix @@ -66,7 +66,19 @@ in { pypaBuildHook = callPackage ({ makePythonHook, build, wheel }: makePythonHook { name = "pypa-build-hook.sh"; - propagatedBuildInputs = [ build wheel ]; + propagatedBuildInputs = [ wheel ]; + substitutions = { + inherit build; + }; + # A test to ensure that this hook never propagates any of its dependencies + # into the build environment. + # This prevents false positive alerts raised by catchConflictsHook. + # Such conflicts don't happen within the standard nixpkgs python package + # set, but in downstream projects that build packages depending on other + # versions of this hook's dependencies. + passthru.tests = import ./pypa-build-hook-tests.nix { + inherit pythonForBuild runCommand; + }; } ./pypa-build-hook.sh) { inherit (pythonForBuild.pkgs) build; }; diff --git a/pkgs/development/interpreters/python/hooks/pypa-build-hook-test.nix b/pkgs/development/interpreters/python/hooks/pypa-build-hook-test.nix new file mode 100644 index 000000000000..d909e34241f1 --- /dev/null +++ b/pkgs/development/interpreters/python/hooks/pypa-build-hook-test.nix @@ -0,0 +1,32 @@ +{ pythonForBuild, runCommand }: { + dont-propagate-conflicting-deps = let + # customize a package so that its store paths differs + mkConflict = pkg: pkg.overrideAttrs { some_modification = true; }; + # minimal pyproject.toml for the example project + pyprojectToml = builtins.toFile "pyproject.toml" '' + [project] + name = "my-project" + version = "1.0.0" + ''; + # the source of the example project + projectSource = runCommand "my-project-source" {} '' + mkdir -p $out/src + cp ${pyprojectToml} $out/pyproject.toml + touch $out/src/__init__.py + ''; + in + # this build must never triger conflicts + pythonForBuild.pkgs.buildPythonPackage { + pname = "dont-propagate-conflicting-deps"; + version = "0.0.0"; + src = projectSource; + format = "pyproject"; + propagatedBuildInputs = [ + # At least one dependency of `build` should be included here to + # keep the test meaningful + (mkConflict pythonForBuild.pkgs.tomli) + # setuptools is also needed to build the example project + pythonForBuild.pkgs.setuptools + ]; + }; +} diff --git a/pkgs/development/interpreters/python/hooks/pypa-build-hook.sh b/pkgs/development/interpreters/python/hooks/pypa-build-hook.sh index 5d77613bf565..dd49d935bcee 100644 --- a/pkgs/development/interpreters/python/hooks/pypa-build-hook.sh +++ b/pkgs/development/interpreters/python/hooks/pypa-build-hook.sh @@ -6,7 +6,7 @@ pypaBuildPhase() { runHook preBuild echo "Creating a wheel..." - pyproject-build --no-isolation --outdir dist/ --wheel $pypaBuildFlags + @build@/bin/pyproject-build --no-isolation --outdir dist/ --wheel $pypaBuildFlags echo "Finished creating a wheel..." runHook postBuild diff --git a/pkgs/development/python-modules/bootstrap/build/default.nix b/pkgs/development/python-modules/bootstrap/build/default.nix index 639d2e3292cb..f4e49bd65605 100644 --- a/pkgs/development/python-modules/bootstrap/build/default.nix +++ b/pkgs/development/python-modules/bootstrap/build/default.nix @@ -7,12 +7,15 @@ , packaging , pyproject-hooks , tomli +, makeWrapper }: let buildBootstrapPythonModule = basePackage: attrs: stdenv.mkDerivation ({ pname = "${python.libPrefix}-bootstrap-${basePackage.pname}"; inherit (basePackage) version src meta; + nativeBuildInputs = [ makeWrapper ]; + buildPhase = '' runHook preBuild @@ -38,12 +41,30 @@ let bootstrap-pyproject-hooks = buildBootstrapPythonModule pyproject-hooks {}; bootstrap-tomli = buildBootstrapPythonModule tomli {}; + + sitePkgs = python.sitePackages; in buildBootstrapPythonModule build { - propagatedBuildInputs = [ - bootstrap-packaging - bootstrap-pyproject-hooks - ] ++ lib.optionals (python.pythonOlder "3.11") [ - bootstrap-tomli - ]; + # like the installPhase above, but wrapping the pyproject-build command + # to set up PYTHONPATH with the correct dependencies. + # This allows using `pyproject-build` without propagating its dependencies + # into the build environment, which is necessary to prevent + # pythonCatchConflicts from raising false positive alerts. + # This would happen whenever the package to build has a dependency on + # another version of a package that is also a dependency of pyproject-build. + installPhase = '' + runHook preInstall + + PYTHONPATH="${installer}/${python.sitePackages}" \ + ${python.interpreter} -m installer \ + --destdir "$out" --prefix "" dist/*.whl + + wrapProgram $out/bin/pyproject-build \ + --prefix PYTHONPATH : "$out/${sitePkgs}" \ + --prefix PYTHONPATH : "${bootstrap-pyproject-hooks}/${sitePkgs}" \ + --prefix PYTHONPATH : "${bootstrap-packaging}/${sitePkgs}" \ + --prefix PYTHONPATH : "${bootstrap-tomli}/${sitePkgs}" + + runHook postInstall + ''; } From ad1eacd27921118f800e8ddccdb73a5b40f00f2b Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 13 Sep 2023 01:28:10 +0000 Subject: [PATCH 55/95] qpdf: 11.5.0 -> 11.6.1 --- pkgs/development/libraries/qpdf/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/qpdf/default.nix b/pkgs/development/libraries/qpdf/default.nix index 838657f48bbe..d80309f2b16b 100644 --- a/pkgs/development/libraries/qpdf/default.nix +++ b/pkgs/development/libraries/qpdf/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "qpdf"; - version = "11.5.0"; + version = "11.6.1"; src = fetchFromGitHub { owner = "qpdf"; repo = "qpdf"; rev = "v${version}"; - hash = "sha256-lojvsCgBsT7wVRLWfkeOduEYUG7ztI/uryM0WueWiL0="; + hash = "sha256-QXRzvSMi6gKISJo44KIjTYENNqxh1yDhUUhEZa8uz6Q="; }; nativeBuildInputs = [ cmake perl ]; From 18b500811c2676bb2da63594403e581c7c899206 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Mon, 19 Jun 2023 02:39:30 +0200 Subject: [PATCH 56/95] systemdMinimal: expose `withRepart` flag and disable it systemd-repart relies on cryptsetup to perform LUKS operations, therefore, it's not suitable for systemdMinimal. --- pkgs/os-specific/linux/systemd/default.nix | 3 +++ pkgs/top-level/all-packages.nix | 1 + 2 files changed, 4 insertions(+) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 338f0c7463c0..ca04180cbcb8 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -92,6 +92,7 @@ , withCompression ? true # adds bzip2, lz4, xz and zstd , withCoredump ? true , withCryptsetup ? true +, withRepart ? true , withDocumentation ? true , withEfi ? stdenv.hostPlatform.isEfi , withFido2 ? true @@ -146,6 +147,7 @@ assert withCoredump -> withCompression; assert withHomed -> withCryptsetup; assert withHomed -> withPam; assert withUkify -> withEfi; +assert withRepart -> withCryptsetup; let wantCurl = withRemote || withImportd; @@ -498,6 +500,7 @@ stdenv.mkDerivation (finalAttrs: { "-Dlibidn2=${lib.boolToString withLibidn2}" "-Dfirstboot=${lib.boolToString withFirstboot}" "-Dsysusers=${lib.boolToString withSysusers}" + "-Drepart=${lib.boolToString withRepart}" "-Dquotacheck=false" "-Dldconfig=false" "-Dsmack=true" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8daf93956be1..bbfc1c4662c7 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -28973,6 +28973,7 @@ with pkgs; withCompression = false; withCoredump = false; withCryptsetup = false; + withRepart = false; withDocumentation = false; withEfi = false; withFido2 = false; From fe6e29938174d1548bdcf02e0100824b272442ed Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Mon, 19 Jun 2023 02:40:27 +0200 Subject: [PATCH 57/95] systemd: 253.5 -> 254-rc1 This is an early preparation for systemd v254 which causes some patch reflows and EFI-related cleanups to their new build system with elf2efi, requiring pyelftools as a Python packge. --- nixos/modules/system/boot/systemd/initrd.nix | 1 - ...ts-for-uninitialised-encrypted-devic.patch | 2 +- ...on-t-try-to-unmount-nix-or-nix-store.patch | 32 +++++++------ .../systemd/0003-Fix-NixOS-containers.patch | 6 +-- ...some-NixOS-specific-unit-directories.patch | 26 ++++++----- ...f-a-useless-message-in-user-sessions.patch | 4 +- ...d-timedated-disable-methods-that-cha.patch | 20 ++++---- ...e-usr-share-zoneinfo-to-etc-zoneinfo.patch | 28 +++++------ ...calectl-use-etc-X11-xkb-for-list-x11.patch | 2 +- ...te-statedir-and-don-t-touch-prefixdi.patch | 4 +- ...1-add-rootprefix-to-lookup-dir-paths.patch | 4 +- ...-execute-scripts-in-etc-systemd-syst.patch | 4 +- ...ecute-scripts-in-etc-systemd-system-.patch | 4 +- ...-placeholder-for-DEFAULT_PATH_NORMAL.patch | 4 +- ...-environment-when-calling-generators.patch | 6 +-- ...017-core-don-t-taint-on-unmerged-usr.patch | 4 +- ...ontext_init-fix-driver-name-checking.patch | 4 +- ...nt-efi-files-not-owned-by-systemd-in.patch | 46 ------------------- pkgs/os-specific/linux/systemd/default.nix | 32 +++++-------- 19 files changed, 94 insertions(+), 139 deletions(-) delete mode 100644 pkgs/os-specific/linux/systemd/0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch diff --git a/nixos/modules/system/boot/systemd/initrd.nix b/nixos/modules/system/boot/systemd/initrd.nix index 5d9fca7a605e..b20b0168e40f 100644 --- a/nixos/modules/system/boot/systemd/initrd.nix +++ b/nixos/modules/system/boot/systemd/initrd.nix @@ -57,7 +57,6 @@ let "systemd-ask-password-console.service" "systemd-fsck@.service" "systemd-halt.service" - "systemd-hibernate-resume@.service" "systemd-journald-audit.socket" "systemd-journald-dev-log.socket" "systemd-journald.service" diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index a5cb7ba6bf78..104a9dad959a 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -13,7 +13,7 @@ unit. (However, this ignores the fsck unit, so it's not perfect...) 1 file changed, 4 deletions(-) diff --git a/rules.d/99-systemd.rules.in b/rules.d/99-systemd.rules.in -index 3dbba1f850..40d367d1c8 100644 +index c0defc31de..8f80235731 100644 --- a/rules.d/99-systemd.rules.in +++ b/rules.d/99-systemd.rules.in @@ -20,10 +20,6 @@ SUBSYSTEM=="block", TAG+="systemd" diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index 138823ec68f5..dda8524c498d 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,21 +1,23 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Eelco Dolstra -Date: Fri, 12 Apr 2013 13:16:57 +0200 +From: Raito Bezarius +Date: Mon, 19 Jun 2023 02:11:35 +0200 Subject: [PATCH] Don't try to unmount /nix or /nix/store They'll still be remounted read-only. https://github.com/NixOS/nixos/issues/126 + +Original-Author: Eelco Dolstra --- src/shared/fstab-util.c | 2 ++ - src/shutdown/umount.c | 2 ++ - 2 files changed, 4 insertions(+) + src/shutdown/umount.c | 6 ++++-- + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/shared/fstab-util.c b/src/shared/fstab-util.c -index 164e71a150..68e0766594 100644 +index 4ffec25c75..b99031c54e 100644 --- a/src/shared/fstab-util.c +++ b/src/shared/fstab-util.c -@@ -41,6 +41,8 @@ bool fstab_is_extrinsic(const char *mount, const char *opts) { +@@ -43,6 +43,8 @@ bool fstab_is_extrinsic(const char *mount, const char *opts) { /* Don't bother with the OS data itself */ if (PATH_IN_SET(mount, "/", @@ -25,15 +27,19 @@ index 164e71a150..68e0766594 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index 61bd9d2601..a6243da417 100644 +index 1586c2e214..fcae95f824 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -531,6 +531,8 @@ static int delete_md(MountPoint *m) { - +@@ -170,8 +170,10 @@ int mount_points_list_get(const char *mountinfo, MountPoint **head) { static bool nonunmountable_path(const char *path) { - return path_equal(path, "/") + assert(path); + +- return PATH_IN_SET(path, "/", "/usr") || +- path_startswith(path, "/run/initramfs"); ++ return PATH_IN_SET(path, "/", "/usr") + || path_equal(path, "/nix") + || path_equal(path, "/nix/store") - #if ! HAVE_SPLIT_USR - || path_equal(path, "/usr") - #endif ++ || path_startswith(path, "/run/initramfs"); + } + + static void log_umount_blockers(const char *mnt) { diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 08499a228344..2d86d1e6957a 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -10,10 +10,10 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 3dabe12672..e5aa4feb1e 100644 +index e170958fc5..898a674631 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -5638,6 +5638,7 @@ static int run(int argc, char *argv[]) { +@@ -5648,6 +5648,7 @@ static int run(int argc, char *argv[]) { goto finish; } } else { @@ -21,7 +21,7 @@ index 3dabe12672..e5aa4feb1e 100644 _cleanup_free_ char *p = NULL; if (arg_pivot_root_new) -@@ -5652,6 +5653,7 @@ static int run(int argc, char *argv[]) { +@@ -5662,6 +5663,7 @@ static int run(int argc, char *argv[]) { "Directory %s doesn't look like it has an OS tree (/usr/ directory is missing). Refusing.", arg_directory); goto finish; } diff --git a/pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch index b4a0da30c8f6..c905a4d812af 100644 --- a/pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch @@ -1,6 +1,6 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Eelco Dolstra -Date: Fri, 19 Dec 2014 14:46:17 +0100 +From: Raito Bezarius +Date: Mon, 19 Jun 2023 02:13:42 +0200 Subject: [PATCH] Add some NixOS-specific unit directories Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for @@ -8,13 +8,15 @@ units provided by packages installed into the default profile via `nix-env -iA nixos.$package`. Also, remove /usr and /lib as these don't exist on NixOS. + +Original-Author: Eelco Dolstra --- src/basic/path-lookup.c | 17 ++--------------- src/core/systemd.pc.in | 8 ++++---- 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c -index c99e9d8786..b9f85d1f8c 100644 +index 7d158a8295..f9bd62b631 100644 --- a/src/basic/path-lookup.c +++ b/src/basic/path-lookup.c @@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { @@ -62,35 +64,37 @@ index c99e9d8786..b9f85d1f8c 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -808,7 +799,6 @@ char **generator_binary_paths(LookupScope scope) { - case LOOKUP_SCOPE_SYSTEM: +@@ -808,7 +799,6 @@ char **generator_binary_paths(RuntimeScope scope) { + case RUNTIME_SCOPE_SYSTEM: add = strv_new("/run/systemd/system-generators", "/etc/systemd/system-generators", - "/usr/local/lib/systemd/system-generators", SYSTEM_GENERATOR_DIR); break; -@@ -816,7 +806,6 @@ char **generator_binary_paths(LookupScope scope) { - case LOOKUP_SCOPE_USER: +@@ -816,7 +806,6 @@ char **generator_binary_paths(RuntimeScope scope) { + case RUNTIME_SCOPE_USER: add = strv_new("/run/systemd/user-generators", "/etc/systemd/user-generators", - "/usr/local/lib/systemd/user-generators", USER_GENERATOR_DIR); break; -@@ -855,12 +844,10 @@ char **env_generator_binary_paths(bool is_system) { - if (is_system) +@@ -855,14 +844,12 @@ char **env_generator_binary_paths(RuntimeScope runtime_scope) { + case RUNTIME_SCOPE_SYSTEM: add = strv_new("/run/systemd/system-environment-generators", "/etc/systemd/system-environment-generators", - "/usr/local/lib/systemd/system-environment-generators", SYSTEM_ENV_GENERATOR_DIR); - else + break; + + case RUNTIME_SCOPE_USER: add = strv_new("/run/systemd/user-environment-generators", "/etc/systemd/user-environment-generators", - "/usr/local/lib/systemd/user-environment-generators", USER_ENV_GENERATOR_DIR); + break; - if (!add) diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in index 693433b34b..5932a21b5b 100644 --- a/src/core/systemd.pc.in diff --git a/pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch index e9f73d7c7726..0a80d5ac4e83 100644 --- a/pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -13,10 +13,10 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 4bc8a06bd2..342892490e 100644 +index 22ec6e79b1..771e8e7f16 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -1486,7 +1486,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { +@@ -1559,7 +1559,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { if (!unit_is_bound_by_inactive(u, &culprit)) continue; diff --git a/pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch index 2c4c3f6564e1..abc6c24dbf51 100644 --- a/pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -11,10 +11,10 @@ Subject: [PATCH] hostnamed, localed, timedated: disable methods that change 3 files changed, 25 insertions(+) diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c -index 36ab0148b9..7d458d196d 100644 +index 9ef45f8e75..99b1ec2e36 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c -@@ -1028,6 +1028,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ +@@ -1053,6 +1053,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ if (r < 0) return r; @@ -24,7 +24,7 @@ index 36ab0148b9..7d458d196d 100644 name = empty_to_null(name); context_read_etc_hostname(c); -@@ -1091,6 +1094,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess +@@ -1116,6 +1119,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess if (r < 0) return r; @@ -35,10 +35,10 @@ index 36ab0148b9..7d458d196d 100644 context_read_machine_info(c); diff --git a/src/locale/localed.c b/src/locale/localed.c -index 841e5e3e91..a21e34430b 100644 +index f544a73580..ce00c262cc 100644 --- a/src/locale/localed.c +++ b/src/locale/localed.c -@@ -264,6 +264,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er +@@ -229,6 +229,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er use_localegen = locale_gen_check_available(); @@ -48,7 +48,7 @@ index 841e5e3e91..a21e34430b 100644 /* If single locale without variable name is provided, then we assume it is LANG=. */ if (strv_length(l) == 1 && !strchr(l[0], '=')) { if (!locale_is_valid(l[0])) -@@ -382,6 +385,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro +@@ -347,6 +350,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro if (r < 0) return bus_log_parse_error(r); @@ -57,8 +57,8 @@ index 841e5e3e91..a21e34430b 100644 + vc_context_empty_to_null(&in); - FOREACH_STRING(name, in.keymap ?: in.toggle, in.keymap ? in.toggle : NULL) { -@@ -607,6 +613,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err + r = vc_context_verify_and_warn(&in, LOG_ERR, error); +@@ -465,6 +471,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err if (r < 0) return bus_log_parse_error(r); @@ -67,9 +67,9 @@ index 841e5e3e91..a21e34430b 100644 + x11_context_empty_to_null(&in); - if (!x11_context_is_safe(&in)) + r = x11_context_verify_and_warn(&in, LOG_ERR, error); diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c -index ad483301ef..31ed86955b 100644 +index ad1d492d6b..331af34505 100644 --- a/src/timedate/timedated.c +++ b/src/timedate/timedated.c @@ -665,6 +665,10 @@ static int method_set_timezone(sd_bus_message *m, void *userdata, sd_bus_error * diff --git a/pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 300906be04d9..3150d97be2e1 100644 --- a/pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -35,10 +35,10 @@ index e486474c44..5f373d0723 100644 Etc/UTC. The resulting link should lead to the corresponding binary diff --git a/src/basic/time-util.c b/src/basic/time-util.c -index 0bea149324..4b16115d43 100644 +index 1db630003a..31744c3e68 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c -@@ -1283,7 +1283,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { +@@ -1350,7 +1350,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { assert(ret); @@ -47,16 +47,16 @@ index 0bea149324..4b16115d43 100644 if (!f) return -errno; -@@ -1322,7 +1322,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { - _cleanup_strv_free_ char **zones = NULL; - int r; +@@ -1391,7 +1391,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { + + assert(ret); - f = fopen("/usr/share/zoneinfo/tzdata.zi", "re"); + f = fopen("/etc/zoneinfo/tzdata.zi", "re"); if (!f) return -errno; -@@ -1434,7 +1434,7 @@ int verify_timezone(const char *name, int log_level) { +@@ -1503,7 +1503,7 @@ int verify_timezone(const char *name, int log_level) { if (p - name >= PATH_MAX) return -ENAMETOOLONG; @@ -65,7 +65,7 @@ index 0bea149324..4b16115d43 100644 fd = open(t, O_RDONLY|O_CLOEXEC); if (fd < 0) -@@ -1492,7 +1492,7 @@ int get_timezone(char **ret) { +@@ -1563,7 +1563,7 @@ int get_timezone(char **ret) { if (r < 0) return r; /* returns EINVAL if not a symlink */ @@ -75,23 +75,23 @@ index 0bea149324..4b16115d43 100644 return -EINVAL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c -index 9e79f84691..1a1c75718c 100644 +index 1956ab3b13..9ef356f8af 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c -@@ -512,7 +512,7 @@ static int process_timezone(void) { +@@ -630,7 +630,7 @@ static int process_timezone(int rfd) { if (isempty(arg_timezone)) return 0; - e = strjoina("../usr/share/zoneinfo/", arg_timezone); + e = strjoina("zoneinfo/", arg_timezone); - (void) mkdir_parents(etc_localtime, 0755); - r = symlink_atomic(e, etc_localtime); + r = symlinkat_atomic_full(e, pfd, f, /* make_relative= */ false); + if (r < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index e5aa4feb1e..a7a8fae860 100644 +index 898a674631..c41a416e04 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -1918,8 +1918,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid +@@ -1924,8 +1924,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid static const char *timezone_from_path(const char *path) { return PATH_STARTSWITH_SET( path, @@ -103,7 +103,7 @@ index e5aa4feb1e..a7a8fae860 100644 static bool etc_writable(void) { diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c -index 31ed86955b..8db8d8c288 100644 +index 331af34505..722c4b5b4f 100644 --- a/src/timedate/timedated.c +++ b/src/timedate/timedated.c @@ -282,7 +282,7 @@ static int context_read_data(Context *c) { diff --git a/pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch index fac9916cf3b4..c0f6afd7fc7b 100644 --- a/pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -10,7 +10,7 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index fb83881cc7..c47a33134a 100644 +index d8db9d9d22..4601bb5431 100644 --- a/src/locale/localectl.c +++ b/src/locale/localectl.c @@ -297,7 +297,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { diff --git a/pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index eec57111b913..b8f97308acfb 100644 --- a/pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -8,10 +8,10 @@ Subject: [PATCH] build: don't create statedir and don't touch prefixdir 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index b1f5477836..1a39484855 100644 +index 395eca1943..082cd748bb 100644 --- a/meson.build +++ b/meson.build -@@ -4278,9 +4278,6 @@ install_data('LICENSE.GPL2', +@@ -4707,9 +4707,6 @@ install_data('LICENSE.GPL2', install_subdir('LICENSES', install_dir : docdir) diff --git a/pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch index 6e07928d5fbd..fa201126ae27 100644 --- a/pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch @@ -12,10 +12,10 @@ files that I might have missed. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/basic/constants.h b/src/basic/constants.h -index 5d68cc6332..33c06c1f65 100644 +index 3f96786da9..6e8fb40c08 100644 --- a/src/basic/constants.h +++ b/src/basic/constants.h -@@ -73,13 +73,15 @@ +@@ -74,13 +74,15 @@ "/run/" n "\0" \ "/usr/local/lib/" n "\0" \ "/usr/lib/" n "\0" \ diff --git a/pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index 9d0565a6e767..fde1e2b276c5 100644 --- a/pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -10,10 +10,10 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c -index 5dee1b3a92..c08cf80548 100644 +index 8395bb429d..14fbc85bb4 100644 --- a/src/shutdown/shutdown.c +++ b/src/shutdown/shutdown.c -@@ -339,6 +339,7 @@ static void init_watchdog(void) { +@@ -334,6 +334,7 @@ static void init_watchdog(void) { int main(int argc, char *argv[]) { static const char* const dirs[] = { SYSTEM_SHUTDOWN_PATH, diff --git a/pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 5fa3fb14f1ff..d91150cfc490 100644 --- a/pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -9,10 +9,10 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c -index 288fa4ae84..07deb19d7c 100644 +index de1f6c7ec1..d0cdebd80a 100644 --- a/src/sleep/sleep.c +++ b/src/sleep/sleep.c -@@ -186,6 +186,7 @@ static int execute( +@@ -224,6 +224,7 @@ static int execute( }; static const char* const dirs[] = { SYSTEM_SLEEP_PATH, diff --git a/pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index b3d1db340ef8..13dec1070ffc 100644 --- a/pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -10,10 +10,10 @@ systemd itself uses extensively. 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 56f01f41d8..f9b8627388 100644 +index 97175bee11..3839704901 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h -@@ -24,11 +24,11 @@ +@@ -25,11 +25,11 @@ # define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x) #endif diff --git a/pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch index 0f67abe795c3..d6640c87454a 100644 --- a/pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 8 insertions(+) diff --git a/src/core/manager.c b/src/core/manager.c -index 342892490e..1117251fe0 100644 +index 771e8e7f16..acf3ead8d7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -3771,9 +3771,17 @@ static int build_generator_environment(Manager *m, char ***ret) { +@@ -3899,9 +3899,17 @@ static int build_generator_environment(Manager *m, char ***ret) { * adjust generated units to that. Let's pass down some bits of information that are easy for us to * determine (but a bit harder for generator scripts to determine), as environment variables. */ @@ -35,5 +35,5 @@ index 342892490e..1117251fe0 100644 return -ENOMEM; +#endif - r = strv_env_assign(&nl, "SYSTEMD_SCOPE", MANAGER_IS_SYSTEM(m) ? "system" : "user"); + r = strv_env_assign(&nl, "SYSTEMD_SCOPE", runtime_scope_to_string(m->runtime_scope)); if (r < 0) diff --git a/pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch b/pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch index f509eb39ece5..73b237a29602 100644 --- a/pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch +++ b/pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch @@ -17,10 +17,10 @@ See also: https://github.com/systemd/systemd/issues/24191 1 file changed, 4 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 1117251fe0..bf5600a6cf 100644 +index acf3ead8d7..bdbab16829 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -4617,10 +4617,6 @@ char* manager_taint_string(const Manager *m) { +@@ -4754,10 +4754,6 @@ char* manager_taint_string(const Manager *m) { if (m->taint_usr) stage[n++] = "split-usr"; diff --git a/pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch b/pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch index 8d6eab5ed847..6de01a0ae802 100644 --- a/pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch +++ b/pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch @@ -27,10 +27,10 @@ filename_is_valid with path_is_valid. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c -index 4345b95106..424a334df1 100644 +index ae8a8bc073..c284b244f8 100644 --- a/src/shared/tpm2-util.c +++ b/src/shared/tpm2-util.c -@@ -176,7 +176,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) { +@@ -582,7 +582,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) { fn = strjoina("libtss2-tcti-", driver, ".so.0"); /* Better safe than sorry, let's refuse strings that cannot possibly be valid driver early, before going to disk. */ diff --git a/pkgs/os-specific/linux/systemd/0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch b/pkgs/os-specific/linux/systemd/0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch deleted file mode 100644 index 84fc6528b984..000000000000 --- a/pkgs/os-specific/linux/systemd/0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch +++ /dev/null @@ -1,46 +0,0 @@ -From bc0f378a1149b59e88e9345e579d62fec7f50cdf Mon Sep 17 00:00:00 2001 -From: Arian van Putten -Date: Wed, 31 May 2023 13:27:13 +0200 -Subject: [PATCH] bootctl: also print efi files not owned by systemd in status - -We should not skip over unknown entries in EFI/BOOT/ but -also print them out in status so people are aware that they are there. - -(cherry picked from commit a680d4fb87bad829989949e5ea4fc6db90453456) ---- - src/boot/bootctl-status.c | 11 +++++------ - 1 file changed, 5 insertions(+), 6 deletions(-) - -diff --git a/src/boot/bootctl-status.c b/src/boot/bootctl-status.c -index 2e2bf1f7e1..f1ac4a9c8a 100644 ---- a/src/boot/bootctl-status.c -+++ b/src/boot/bootctl-status.c -@@ -225,9 +225,8 @@ static int enumerate_binaries( - return log_error_errno(errno, "Failed to open file '%s' for reading: %m", filename); - - r = get_file_version(fd, &v); -- if (r == -ESRCH) /* Not the file we are looking for. */ -- continue; -- if (r < 0) -+ -+ if (r < 0 && r != -ESRCH) - return r; - - if (*previous) { /* Let's output the previous entry now, since now we know that there will be -@@ -242,10 +241,10 @@ static int enumerate_binaries( - /* Do not output this entry immediately, but store what should be printed in a state - * variable, because we only will know the tree glyph to print (branch or final edge) once we - * read one more entry */ -- if (r > 0) -- r = asprintf(previous, "/%s/%s (%s%s%s)", path, de->d_name, ansi_highlight(), v, ansi_normal()); -- else -+ if (r == -ESRCH) /* No systemd-owned file but still interesting to print */ - r = asprintf(previous, "/%s/%s", path, de->d_name); -+ else /* if (r >= 0) */ -+ r = asprintf(previous, "/%s/%s (%s%s%s)", path, de->d_name, ansi_highlight(), v, ansi_normal()); - if (r < 0) - return log_oom(); - --- -2.39.2 (Apple Git-143) - diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index ca04180cbcb8..4bd30a29ddc7 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -55,7 +55,6 @@ , e2fsprogs , elfutils , linuxHeaders ? stdenv.cc.libc.linuxHeaders -, gnu-efi , iptables , withSelinux ? false , libselinux @@ -117,6 +116,7 @@ , withNss ? !stdenv.hostPlatform.isMusl , withOomd ? true , withPam ? true +, withPasswordQuality ? false , withPCRE2 ? true , withPolkit ? true , withPortabled ? !stdenv.hostPlatform.isMusl @@ -152,7 +152,7 @@ assert withRepart -> withCryptsetup; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "253.6"; + version = "254-rc1"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -167,9 +167,9 @@ stdenv.mkDerivation (finalAttrs: { # This has proven to be less error-prone than the previous systemd fork. src = fetchFromGitHub { owner = "systemd"; - repo = "systemd-stable"; - rev = "v${version}"; - hash = "sha256-LZs6QuBe23W643bTuz+MD2pzHiapsBJBHoFXi/QjzG4="; + repo = "systemd"; + rev = "v254-rc1"; + hash = "sha256-66moj7uYOaI+PHkl5HX/RrwfupCR1bAWlQ6z6+sMhRk="; }; # On major changes, or when otherwise required, you *must* reformat the patches, @@ -196,7 +196,6 @@ stdenv.mkDerivation (finalAttrs: { ./0016-inherit-systemd-environment-when-calling-generators.patch ./0017-core-don-t-taint-on-unmerged-usr.patch ./0018-tpm2_context_init-fix-driver-name-checking.patch - ./0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { @@ -231,16 +230,9 @@ stdenv.mkDerivation (finalAttrs: { postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" - substituteInPlace src/boot/efi/meson.build \ - --replace \ - "run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()" \ - "'${stdenv.cc.bintools.targetPrefix}objcopy'" '' + lib.optionalString withLibBPF '' substituteInPlace meson.build \ --replace "find_program('clang'" "find_program('${stdenv.cc.targetPrefix}clang'" - # BPF does not work with stack protector - substituteInPlace src/core/bpf/meson.build \ - --replace "clang_flags = [" "clang_flags = [ '-fno-stack-protector'," '' + lib.optionalString withUkify '' substituteInPlace src/ukify/ukify.py \ --replace \ @@ -327,6 +319,9 @@ stdenv.mkDerivation (finalAttrs: { # Support for PKCS#11 in systemd-cryptsetup, systemd-cryptenroll and systemd-homed { name = "libp11-kit.so.0"; pkg = opt (withHomed || withCryptsetup) p11-kit; } + + # Password quality support + { name = "libpasswdqc.so.1"; pkg = opt withPasswordQuality null; } ]; patchDlOpen = dl: @@ -397,7 +392,7 @@ stdenv.mkDerivation (finalAttrs: { docbook_xml_dtd_42 docbook_xml_dtd_45 bash - (buildPackages.python3Packages.python.withPackages (ps: with ps; [ lxml jinja2 ])) + (buildPackages.python3Packages.python.withPackages (ps: with ps; [ lxml jinja2 ] ++ lib.optional withEfi ps.pyelftools)) ] ++ lib.optionals withLibBPF [ bpftools @@ -424,7 +419,6 @@ stdenv.mkDerivation (finalAttrs: { ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] ++ lib.optional withCoredump elfutils ++ lib.optional withCryptsetup (lib.getDev cryptsetup.dev) - ++ lib.optional withEfi gnu-efi ++ lib.optional withKexectools kexec-tools ++ lib.optional withKmod kmod ++ lib.optional withLibidn2 libidn2 @@ -540,12 +534,9 @@ stdenv.mkDerivation (finalAttrs: { "-Dman=true" "-Defi=${lib.boolToString withEfi}" - "-Dgnu-efi=${lib.boolToString withEfi}" + "-Dbootloader=${lib.boolToString withEfi}" "-Dukify=${lib.boolToString withUkify}" - ] ++ lib.optionals withEfi [ - "-Defi-libdir=${toString gnu-efi}/lib" - "-Defi-includedir=${toString gnu-efi}/include/efi" ] ++ lib.optionals (withShellCompletions == false) [ "-Dbashcompletiondir=no" "-Dzshcompletiondir=no" @@ -589,6 +580,7 @@ stdenv.mkDerivation (finalAttrs: { where = [ "man/systemd-analyze.xml" "man/systemd.service.xml" + "man/systemd-run.xml" "src/analyze/test-verify.c" "src/test/test-env-file.c" "src/test/test-fileio.c" @@ -598,7 +590,7 @@ stdenv.mkDerivation (finalAttrs: { { search = "/bin/cat"; replacement = "${coreutils}/bin/cat"; - where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; + where = [ "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; } { search = "/usr/lib/systemd/systemd-fsck"; From ded7958b99cb525987bf8db736c07db8f9c53c12 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Sat, 15 Jul 2023 13:09:48 +0200 Subject: [PATCH 58/95] systemd: 254-rc1 -> 254-rc2 --- pkgs/os-specific/linux/systemd/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 4bd30a29ddc7..12ab5088b42b 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -152,7 +152,7 @@ assert withRepart -> withCryptsetup; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "254-rc1"; + version = "254-rc2"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -168,8 +168,8 @@ stdenv.mkDerivation (finalAttrs: { src = fetchFromGitHub { owner = "systemd"; repo = "systemd"; - rev = "v254-rc1"; - hash = "sha256-66moj7uYOaI+PHkl5HX/RrwfupCR1bAWlQ6z6+sMhRk="; + rev = "v254-rc2"; + hash = "sha256-vJJKwUn4Qa2P71+4ZeLHAYH+kJMrDCuiV9dERqZW6js="; }; # On major changes, or when otherwise required, you *must* reformat the patches, From bf993ea3cb2c89a32c9d0fdf49432374ec51a56b Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Tue, 25 Jul 2023 00:17:55 +0200 Subject: [PATCH 59/95] systemd: 254-rc2 -> 254-rc3 https://github.com/systemd/systemd/commit/739bbc58693473b6daa5ab4302f123d2c5fd04ce --- pkgs/os-specific/linux/systemd/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 12ab5088b42b..464188116861 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -152,7 +152,7 @@ assert withRepart -> withCryptsetup; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "254-rc2"; + version = "254-rc3"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -168,8 +168,8 @@ stdenv.mkDerivation (finalAttrs: { src = fetchFromGitHub { owner = "systemd"; repo = "systemd"; - rev = "v254-rc2"; - hash = "sha256-vJJKwUn4Qa2P71+4ZeLHAYH+kJMrDCuiV9dERqZW6js="; + rev = "v254-rc3"; + hash = "sha256-7f2yP2tJ15JRasq8JtDL8IFOOFiAJEuKzW5lKScdInM="; }; # On major changes, or when otherwise required, you *must* reformat the patches, From 202da6443bdc7c245bbd931efe2becdfafdcd8a8 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Fri, 28 Jul 2023 18:57:08 +0200 Subject: [PATCH 60/95] systemd: 254-rc3 -> 254 --- pkgs/os-specific/linux/systemd/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 464188116861..633c98dbb16e 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -152,13 +152,13 @@ assert withRepart -> withCryptsetup; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "254-rc3"; + version = "254"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: # $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \ # jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime' - releaseTimestamp = "1676488940"; + releaseTimestamp = "1690536449"; in stdenv.mkDerivation (finalAttrs: { inherit pname version; @@ -168,8 +168,8 @@ stdenv.mkDerivation (finalAttrs: { src = fetchFromGitHub { owner = "systemd"; repo = "systemd"; - rev = "v254-rc3"; - hash = "sha256-7f2yP2tJ15JRasq8JtDL8IFOOFiAJEuKzW5lKScdInM="; + rev = "v254"; + hash = "sha256-Im+sUChxaZZ8gm9itsU+hUlVbqUqIeuWuuJDr9pHvPU="; }; # On major changes, or when otherwise required, you *must* reformat the patches, From 1ea060a2b843eb171d371db7e28694fce24f608e Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Fri, 28 Jul 2023 20:46:45 +0200 Subject: [PATCH 61/95] systemd: introduce `withBootloader` for sd-boot, sd-stub, sd-addon Instead of relying blindly on `withEfi` which may not always be relevant. --- pkgs/os-specific/linux/systemd/default.nix | 4 +++- pkgs/top-level/all-packages.nix | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 633c98dbb16e..d342cbb2a95d 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -88,6 +88,7 @@ , withAnalyze ? true , withApparmor ? true , withAudit ? true +, withBootloader ? true # compiles systemd-boot, assumes EFI is available. , withCompression ? true # adds bzip2, lz4, xz and zstd , withCoredump ? true , withCryptsetup ? true @@ -148,6 +149,7 @@ assert withHomed -> withCryptsetup; assert withHomed -> withPam; assert withUkify -> withEfi; assert withRepart -> withCryptsetup; +assert withBootloader -> withEfi; let wantCurl = withRemote || withImportd; @@ -534,7 +536,7 @@ stdenv.mkDerivation (finalAttrs: { "-Dman=true" "-Defi=${lib.boolToString withEfi}" - "-Dbootloader=${lib.boolToString withEfi}" + "-Dbootloader=${lib.boolToString withBootloader}" "-Dukify=${lib.boolToString withUkify}" ] ++ lib.optionals (withShellCompletions == false) [ diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index bbfc1c4662c7..95cefc28c902 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -29001,6 +29001,7 @@ with pkgs; withTpm2Tss = false; withUserDb = false; withUkify = false; + withBootloader = false; }; systemdStage1 = systemdMinimal.override { pname = "systemd-stage-1"; From 2696e44c42293568fd9ecd30f7d77c37ed6699da Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Fri, 28 Jul 2023 20:47:12 +0200 Subject: [PATCH 62/95] systemd: make `systemd-sysupdate` optional via `withSysupdate` Disable it in `systemdMinimal` --- pkgs/os-specific/linux/systemd/default.nix | 2 ++ pkgs/top-level/all-packages.nix | 1 + 2 files changed, 3 insertions(+) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index d342cbb2a95d..cf53bc7d874b 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -125,6 +125,7 @@ , withResolved ? true , withShellCompletions ? true , withSysusers ? false # conflicts with the NixOS user management +, withSysupdate ? true , withTimedated ? true , withTimesyncd ? true , withTpm2Tss ? true @@ -497,6 +498,7 @@ stdenv.mkDerivation (finalAttrs: { "-Dfirstboot=${lib.boolToString withFirstboot}" "-Dsysusers=${lib.boolToString withSysusers}" "-Drepart=${lib.boolToString withRepart}" + "-Dsysupdate=${lib.boolToString withSysupdate}" "-Dquotacheck=false" "-Dldconfig=false" "-Dsmack=true" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 95cefc28c902..2829a8130439 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -28996,6 +28996,7 @@ with pkgs; withRemote = false; withResolved = false; withShellCompletions = false; + withSysupdate = false; withTimedated = false; withTimesyncd = false; withTpm2Tss = false; From b2aaa2bfd80f2368109f00a2366963945f96b403 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Fri, 28 Jul 2023 20:49:41 +0200 Subject: [PATCH 63/95] systemd: make `withPasswordQuality` always disabled It is not possible currently to compile systemd with it because passwdqc is not packaged. --- pkgs/os-specific/linux/systemd/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index cf53bc7d874b..d858e68f31b1 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -151,6 +151,8 @@ assert withHomed -> withPam; assert withUkify -> withEfi; assert withRepart -> withCryptsetup; assert withBootloader -> withEfi; +# passwdqc is not packaged in nixpkgs yet, if you want to fix this, please submit a PR. +assert !withPasswordQuality; let wantCurl = withRemote || withImportd; From 8d368314fd2f90b9fb81acd7242928cd63ec6efb Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Thu, 3 Aug 2023 17:39:34 +0200 Subject: [PATCH 64/95] python3Packages.systemd: add raitobezarius as a maintainer It is pretty important package and no one seems to care about it anymore. :) --- pkgs/development/python-modules/systemd/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/systemd/default.nix b/pkgs/development/python-modules/systemd/default.nix index ed8eb472dc50..a0599b01781b 100644 --- a/pkgs/development/python-modules/systemd/default.nix +++ b/pkgs/development/python-modules/systemd/default.nix @@ -51,6 +51,6 @@ buildPythonPackage rec { homepage = "https://www.freedesktop.org/software/systemd/python-systemd/"; changelog = "https://github.com/systemd/python-systemd/blob/v${version}/NEWS"; license = licenses.lgpl21Plus; - maintainers = with maintainers; [ ]; + maintainers = with maintainers; [ raitobezarius ]; }; } From 5a638b0cbd674bde8da2b284aaed17ebb3a61b0f Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Thu, 3 Aug 2023 17:40:10 +0200 Subject: [PATCH 65/95] python3Packages.systemd: ignore tests that uses a direct system open call for /etc/machine-id systemd recommends anyway to ignore them too. --- pkgs/development/python-modules/systemd/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/systemd/default.nix b/pkgs/development/python-modules/systemd/default.nix index a0599b01781b..da81905fca37 100644 --- a/pkgs/development/python-modules/systemd/default.nix +++ b/pkgs/development/python-modules/systemd/default.nix @@ -36,7 +36,9 @@ buildPythonPackage rec { export NIX_REDIRECTS=/etc/machine-id=$(realpath machine-id) \ LD_PRELOAD=${libredirect}/lib/libredirect.so - pytest $out/${python.sitePackages}/systemd + # Those tests assume /etc/machine-id to be available + # But our redirection technique does not work apparently + pytest $out/${python.sitePackages}/systemd -k 'not test_get_machine and not test_get_machine_app_specific and not test_reader_this_machine' ''; pythonImportsCheck = [ From 79c3740ee55133a0fd24e862a3ccf31804cbd657 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Tue, 22 Aug 2023 04:08:52 +0200 Subject: [PATCH 66/95] nixos/console: use systemd-vconsole-setup.service from upstream for sd initrd This fixes a bug where the vconsole was not working as intended in systemd stage 1 with systemd v254. udev rules are now starting with this service instead of whatever happened before. --- nixos/modules/config/console.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/modules/config/console.nix b/nixos/modules/config/console.nix index 1e8bb78f302d..d06ec0051c4d 100644 --- a/nixos/modules/config/console.nix +++ b/nixos/modules/config/console.nix @@ -168,6 +168,9 @@ in # ...but only the keymaps if we don't "/etc/kbd/keymaps" = lib.mkIf (!cfg.earlySetup) { source = "${consoleEnv config.boot.initrd.systemd.package.kbd}/share/keymaps"; }; }; + boot.initrd.systemd.additionalUpstreamUnits = [ + "systemd-vconsole-setup.service" + ]; boot.initrd.systemd.storePaths = [ "${config.boot.initrd.systemd.package}/lib/systemd/systemd-vconsole-setup" "${config.boot.initrd.systemd.package.kbd}/bin/setfont" From 97ee93da1036db7425a5cefd00085fcf8c813504 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Tue, 22 Aug 2023 04:14:36 +0200 Subject: [PATCH 67/95] systemd: apply upstream patch for tmpfiles This fixes notably the fact that /dev/zfs was not usable anymore as a user, and potentially other things. Tracked in systemd upstream under issue number 28653, 28765. --- nixos/modules/system/boot/systemd.nix | 1 + ...systemd-tmpfiles-setup-dev-early.ser.patch | 249 ++++++++++++++++++ pkgs/os-specific/linux/systemd/default.nix | 3 + 3 files changed, 253 insertions(+) create mode 100644 pkgs/os-specific/linux/systemd/0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index b6c3085c4f16..8e38072b4c6d 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -48,6 +48,7 @@ let "rescue.service" # Udev. + "systemd-tmpfiles-setup-dev-early.service" "systemd-udevd-control.socket" "systemd-udevd-kernel.socket" "systemd-udevd.service" diff --git a/pkgs/os-specific/linux/systemd/0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch b/pkgs/os-specific/linux/systemd/0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch new file mode 100644 index 000000000000..18d008f5c1b5 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch @@ -0,0 +1,249 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sat, 12 Aug 2023 07:54:32 +0900 +Subject: [PATCH] units: introduce systemd-tmpfiles-setup-dev-early.service + +This makes tmpfiles, sysusers, and udevd invoked in the following order: +1. systemd-tmpfiles-setup-dev-early.service + Create device nodes gracefully, that is, create device nodes anyway + by ignoring unknown users and groups. +2. systemd-sysusers.service + Create users and groups, to make later invocations of tmpfiles and + udevd can resolve necessary users and groups. +3. systemd-tmpfiles-setup-dev.service + Adjust owners of previously created device nodes. +4. systemd-udevd.service + Process all devices. Especially to make block devices active and can + be mountable. +5. systemd-tmpfiles-setup.service + Setup basic filesystem. + +Follow-up for b42482af904ae0b94a6e4501ec595448f0ba1c06. + +Fixes #28653. +Replaces #28681 and #28732. +--- + man/systemd-tmpfiles.xml | 3 + + test/TEST-17-UDEV/test.sh | 4 ++ + test/units/testsuite-17.00.sh | 57 +++++++++++++++++++ + units/kmod-static-nodes.service.in | 2 +- + units/meson.build | 5 ++ + units/systemd-sysusers.service | 2 + + .../systemd-tmpfiles-setup-dev-early.service | 25 ++++++++ + units/systemd-tmpfiles-setup-dev.service | 3 +- + units/systemd-tmpfiles-setup.service | 2 +- + 9 files changed, 100 insertions(+), 3 deletions(-) + create mode 100755 test/units/testsuite-17.00.sh + create mode 100644 units/systemd-tmpfiles-setup-dev-early.service + +diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml +index decd66d5c6..0db2a4b03b 100644 +--- a/man/systemd-tmpfiles.xml ++++ b/man/systemd-tmpfiles.xml +@@ -19,6 +19,7 @@ + + systemd-tmpfiles + systemd-tmpfiles-setup.service ++ systemd-tmpfiles-setup-dev-early.service + systemd-tmpfiles-setup-dev.service + systemd-tmpfiles-clean.service + systemd-tmpfiles-clean.timer +@@ -35,6 +36,7 @@ + + System units: + systemd-tmpfiles-setup.service ++systemd-tmpfiles-setup-dev-early.service + systemd-tmpfiles-setup-dev.service + systemd-tmpfiles-clean.service + systemd-tmpfiles-clean.timer +@@ -64,6 +66,7 @@ + searched for a matching file and the file found that has the highest priority is executed. + + System services (systemd-tmpfiles-setup.service, ++ systemd-tmpfiles-setup-dev-early.service, + systemd-tmpfiles-setup-dev.service, + systemd-tmpfiles-clean.service) invoke systemd-tmpfiles to create + system files and to perform system wide cleanup. Those services read administrator-controlled +diff --git a/test/TEST-17-UDEV/test.sh b/test/TEST-17-UDEV/test.sh +index 6b8f08fc32..f7a9075496 100755 +--- a/test/TEST-17-UDEV/test.sh ++++ b/test/TEST-17-UDEV/test.sh +@@ -8,5 +8,9 @@ TEST_NO_NSPAWN=1 + # shellcheck source=test/test-functions + . "${TEST_BASE_DIR:?}/test-functions" + ++test_append_files() { ++ instmods snd_seq snd_timer tun ++ generate_module_dependencies ++} + + do_test "$@" +diff --git a/test/units/testsuite-17.00.sh b/test/units/testsuite-17.00.sh +new file mode 100755 +index 0000000000..d2aec60b13 +--- /dev/null ++++ b/test/units/testsuite-17.00.sh +@@ -0,0 +1,57 @@ ++#!/usr/bin/env bash ++# SPDX-License-Identifier: LGPL-2.1-or-later ++set -ex ++set -o pipefail ++ ++# shellcheck source=test/units/util.sh ++. "$(dirname "$0")"/util.sh ++ ++# Tests for issue #28588 and #28653. ++ ++# On boot, services need to be started in the following order: ++# 1. systemd-tmpfiles-setup-dev-early.service ++# 2. systemd-sysusers.service ++# 3. systemd-tmpfiles-setup-dev.service ++# 4. systemd-udevd.service ++ ++output="$(systemctl show --property After --value systemd-udevd.service)" ++assert_in "systemd-tmpfiles-setup-dev-early.service" "$output" ++assert_in "systemd-sysusers.service" "$output" ++assert_in "systemd-tmpfiles-setup-dev.service" "$output" ++ ++output="$(systemctl show --property After --value systemd-tmpfiles-setup-dev.service)" ++assert_in "systemd-tmpfiles-setup-dev-early.service" "$output" ++assert_in "systemd-sysusers.service" "$output" ++ ++output="$(systemctl show --property After --value systemd-sysusers.service)" ++assert_in "systemd-tmpfiles-setup-dev-early.service" "$output" ++ ++check_owner_and_mode() { ++ local dev=${1?} ++ local user=${2?} ++ local group=${3?} ++ local mode=${4:-} ++ ++ if [[ -e "$dev" ]]; then ++ assert_in "$user" "$(stat --format=%U "$dev")" ++ assert_in "$group" "$(stat --format=%G "$dev")" ++ if [[ -n "$mode" ]]; then ++ assert_in "$mode" "$(stat --format=%#0a "$dev")" ++ fi ++ fi ++ ++ return 0 ++} ++ ++# Check owner and access mode specified in static-nodes-permissions.conf ++check_owner_and_mode /dev/snd/seq root audio 0660 ++check_owner_and_mode /dev/snd/timer root audio 0660 ++check_owner_and_mode /dev/loop-control root disk 0660 ++check_owner_and_mode /dev/net/tun root root 0666 ++check_owner_and_mode /dev/fuse root root 0666 ++check_owner_and_mode /dev/vfio/vfio root root 0666 ++check_owner_and_mode /dev/kvm root kvm ++check_owner_and_mode /dev/vhost-net root kvm ++check_owner_and_mode /dev/vhost-vsock root kvm ++ ++exit 0 +diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in +index 777e82d16b..70605d997e 100644 +--- a/units/kmod-static-nodes.service.in ++++ b/units/kmod-static-nodes.service.in +@@ -10,7 +10,7 @@ + [Unit] + Description=Create List of Static Device Nodes + DefaultDependencies=no +-Before=sysinit.target systemd-tmpfiles-setup-dev.service ++Before=sysinit.target systemd-tmpfiles-setup-dev-early.service + ConditionCapability=CAP_SYS_MODULE + ConditionFileNotEmpty=/lib/modules/%v/modules.devname + +diff --git a/units/meson.build b/units/meson.build +index 5161ec5029..dc7966a772 100644 +--- a/units/meson.build ++++ b/units/meson.build +@@ -544,6 +544,11 @@ units = [ + 'conditions' : ['ENABLE_TMPFILES'], + 'symlinks' : ['timers.target.wants/'], + }, ++ { ++ 'file' : 'systemd-tmpfiles-setup-dev-early.service', ++ 'conditions' : ['ENABLE_TMPFILES'], ++ 'symlinks' : ['sysinit.target.wants/'], ++ }, + { + 'file' : 'systemd-tmpfiles-setup-dev.service', + 'conditions' : ['ENABLE_TMPFILES'], +diff --git a/units/systemd-sysusers.service b/units/systemd-sysusers.service +index 84fd66de37..de6c71a038 100644 +--- a/units/systemd-sysusers.service ++++ b/units/systemd-sysusers.service +@@ -16,6 +16,8 @@ ConditionCredential=|sysusers.extra + + DefaultDependencies=no + After=systemd-remount-fs.service ++After=systemd-tmpfiles-setup-dev-early.service ++Before=systemd-tmpfiles-setup-dev.service + Before=sysinit.target systemd-update-done.service + Conflicts=shutdown.target initrd-switch-root.target + Before=shutdown.target initrd-switch-root.target +diff --git a/units/systemd-tmpfiles-setup-dev-early.service b/units/systemd-tmpfiles-setup-dev-early.service +new file mode 100644 +index 0000000000..0d6f0daaae +--- /dev/null ++++ b/units/systemd-tmpfiles-setup-dev-early.service +@@ -0,0 +1,25 @@ ++# SPDX-License-Identifier: LGPL-2.1-or-later ++# ++# This file is part of systemd. ++# ++# systemd is free software; you can redistribute it and/or modify it ++# under the terms of the GNU Lesser General Public License as published by ++# the Free Software Foundation; either version 2.1 of the License, or ++# (at your option) any later version. ++ ++[Unit] ++Description=Create Static Device Nodes in /dev gracefully ++Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) ++ ++DefaultDependencies=no ++Before=sysinit.target local-fs-pre.target systemd-udevd.service ++Wants=local-fs-pre.target ++Conflicts=shutdown.target initrd-switch-root.target ++Before=shutdown.target initrd-switch-root.target ++ ++[Service] ++Type=oneshot ++RemainAfterExit=yes ++ExecStart=systemd-tmpfiles --prefix=/dev --create --boot --graceful ++SuccessExitStatus=DATAERR CANTCREAT ++ImportCredential=tmpfiles.* +diff --git a/units/systemd-tmpfiles-setup-dev.service b/units/systemd-tmpfiles-setup-dev.service +index acaa9510aa..3016b49749 100644 +--- a/units/systemd-tmpfiles-setup-dev.service ++++ b/units/systemd-tmpfiles-setup-dev.service +@@ -12,6 +12,7 @@ Description=Create Static Device Nodes in /dev + Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) + + DefaultDependencies=no ++After=systemd-tmpfiles-setup-dev-early.service + Before=sysinit.target local-fs-pre.target systemd-udevd.service + Wants=local-fs-pre.target + Conflicts=shutdown.target initrd-switch-root.target +@@ -20,6 +21,6 @@ Before=shutdown.target initrd-switch-root.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart=systemd-tmpfiles --prefix=/dev --create --boot --graceful ++ExecStart=systemd-tmpfiles --prefix=/dev --create --boot + SuccessExitStatus=DATAERR CANTCREAT + ImportCredential=tmpfiles.* +diff --git a/units/systemd-tmpfiles-setup.service b/units/systemd-tmpfiles-setup.service +index 6c5e3de8fd..6cae32850f 100644 +--- a/units/systemd-tmpfiles-setup.service ++++ b/units/systemd-tmpfiles-setup.service +@@ -21,7 +21,7 @@ RefuseManualStop=yes + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart=systemd-tmpfiles --create --remove --boot ++ExecStart=systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev + SuccessExitStatus=DATAERR CANTCREAT + ImportCredential=tmpfiles.* + ImportCredential=login.motd diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index d858e68f31b1..f6ba3cb2b857 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -201,6 +201,9 @@ stdenv.mkDerivation (finalAttrs: { ./0016-inherit-systemd-environment-when-calling-generators.patch ./0017-core-don-t-taint-on-unmerged-usr.patch ./0018-tpm2_context_init-fix-driver-name-checking.patch + # Remove when https://github.com/systemd/systemd/pull/28784 lands + # as a point release. + ./0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { From c56ec54ba53abac3d9328db542f2d4def47fdc0f Mon Sep 17 00:00:00 2001 From: nikstur Date: Tue, 12 Sep 2023 10:00:16 +0200 Subject: [PATCH 68/95] systemd: 254 -> 254.3 --- ...systemd-tmpfiles-setup-dev-early.ser.patch | 249 ------------------ pkgs/os-specific/linux/systemd/default.nix | 18 +- 2 files changed, 5 insertions(+), 262 deletions(-) delete mode 100644 pkgs/os-specific/linux/systemd/0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch diff --git a/pkgs/os-specific/linux/systemd/0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch b/pkgs/os-specific/linux/systemd/0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch deleted file mode 100644 index 18d008f5c1b5..000000000000 --- a/pkgs/os-specific/linux/systemd/0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch +++ /dev/null @@ -1,249 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sat, 12 Aug 2023 07:54:32 +0900 -Subject: [PATCH] units: introduce systemd-tmpfiles-setup-dev-early.service - -This makes tmpfiles, sysusers, and udevd invoked in the following order: -1. systemd-tmpfiles-setup-dev-early.service - Create device nodes gracefully, that is, create device nodes anyway - by ignoring unknown users and groups. -2. systemd-sysusers.service - Create users and groups, to make later invocations of tmpfiles and - udevd can resolve necessary users and groups. -3. systemd-tmpfiles-setup-dev.service - Adjust owners of previously created device nodes. -4. systemd-udevd.service - Process all devices. Especially to make block devices active and can - be mountable. -5. systemd-tmpfiles-setup.service - Setup basic filesystem. - -Follow-up for b42482af904ae0b94a6e4501ec595448f0ba1c06. - -Fixes #28653. -Replaces #28681 and #28732. ---- - man/systemd-tmpfiles.xml | 3 + - test/TEST-17-UDEV/test.sh | 4 ++ - test/units/testsuite-17.00.sh | 57 +++++++++++++++++++ - units/kmod-static-nodes.service.in | 2 +- - units/meson.build | 5 ++ - units/systemd-sysusers.service | 2 + - .../systemd-tmpfiles-setup-dev-early.service | 25 ++++++++ - units/systemd-tmpfiles-setup-dev.service | 3 +- - units/systemd-tmpfiles-setup.service | 2 +- - 9 files changed, 100 insertions(+), 3 deletions(-) - create mode 100755 test/units/testsuite-17.00.sh - create mode 100644 units/systemd-tmpfiles-setup-dev-early.service - -diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml -index decd66d5c6..0db2a4b03b 100644 ---- a/man/systemd-tmpfiles.xml -+++ b/man/systemd-tmpfiles.xml -@@ -19,6 +19,7 @@ - - systemd-tmpfiles - systemd-tmpfiles-setup.service -+ systemd-tmpfiles-setup-dev-early.service - systemd-tmpfiles-setup-dev.service - systemd-tmpfiles-clean.service - systemd-tmpfiles-clean.timer -@@ -35,6 +36,7 @@ - - System units: - systemd-tmpfiles-setup.service -+systemd-tmpfiles-setup-dev-early.service - systemd-tmpfiles-setup-dev.service - systemd-tmpfiles-clean.service - systemd-tmpfiles-clean.timer -@@ -64,6 +66,7 @@ - searched for a matching file and the file found that has the highest priority is executed. - - System services (systemd-tmpfiles-setup.service, -+ systemd-tmpfiles-setup-dev-early.service, - systemd-tmpfiles-setup-dev.service, - systemd-tmpfiles-clean.service) invoke systemd-tmpfiles to create - system files and to perform system wide cleanup. Those services read administrator-controlled -diff --git a/test/TEST-17-UDEV/test.sh b/test/TEST-17-UDEV/test.sh -index 6b8f08fc32..f7a9075496 100755 ---- a/test/TEST-17-UDEV/test.sh -+++ b/test/TEST-17-UDEV/test.sh -@@ -8,5 +8,9 @@ TEST_NO_NSPAWN=1 - # shellcheck source=test/test-functions - . "${TEST_BASE_DIR:?}/test-functions" - -+test_append_files() { -+ instmods snd_seq snd_timer tun -+ generate_module_dependencies -+} - - do_test "$@" -diff --git a/test/units/testsuite-17.00.sh b/test/units/testsuite-17.00.sh -new file mode 100755 -index 0000000000..d2aec60b13 ---- /dev/null -+++ b/test/units/testsuite-17.00.sh -@@ -0,0 +1,57 @@ -+#!/usr/bin/env bash -+# SPDX-License-Identifier: LGPL-2.1-or-later -+set -ex -+set -o pipefail -+ -+# shellcheck source=test/units/util.sh -+. "$(dirname "$0")"/util.sh -+ -+# Tests for issue #28588 and #28653. -+ -+# On boot, services need to be started in the following order: -+# 1. systemd-tmpfiles-setup-dev-early.service -+# 2. systemd-sysusers.service -+# 3. systemd-tmpfiles-setup-dev.service -+# 4. systemd-udevd.service -+ -+output="$(systemctl show --property After --value systemd-udevd.service)" -+assert_in "systemd-tmpfiles-setup-dev-early.service" "$output" -+assert_in "systemd-sysusers.service" "$output" -+assert_in "systemd-tmpfiles-setup-dev.service" "$output" -+ -+output="$(systemctl show --property After --value systemd-tmpfiles-setup-dev.service)" -+assert_in "systemd-tmpfiles-setup-dev-early.service" "$output" -+assert_in "systemd-sysusers.service" "$output" -+ -+output="$(systemctl show --property After --value systemd-sysusers.service)" -+assert_in "systemd-tmpfiles-setup-dev-early.service" "$output" -+ -+check_owner_and_mode() { -+ local dev=${1?} -+ local user=${2?} -+ local group=${3?} -+ local mode=${4:-} -+ -+ if [[ -e "$dev" ]]; then -+ assert_in "$user" "$(stat --format=%U "$dev")" -+ assert_in "$group" "$(stat --format=%G "$dev")" -+ if [[ -n "$mode" ]]; then -+ assert_in "$mode" "$(stat --format=%#0a "$dev")" -+ fi -+ fi -+ -+ return 0 -+} -+ -+# Check owner and access mode specified in static-nodes-permissions.conf -+check_owner_and_mode /dev/snd/seq root audio 0660 -+check_owner_and_mode /dev/snd/timer root audio 0660 -+check_owner_and_mode /dev/loop-control root disk 0660 -+check_owner_and_mode /dev/net/tun root root 0666 -+check_owner_and_mode /dev/fuse root root 0666 -+check_owner_and_mode /dev/vfio/vfio root root 0666 -+check_owner_and_mode /dev/kvm root kvm -+check_owner_and_mode /dev/vhost-net root kvm -+check_owner_and_mode /dev/vhost-vsock root kvm -+ -+exit 0 -diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 777e82d16b..70605d997e 100644 ---- a/units/kmod-static-nodes.service.in -+++ b/units/kmod-static-nodes.service.in -@@ -10,7 +10,7 @@ - [Unit] - Description=Create List of Static Device Nodes - DefaultDependencies=no --Before=sysinit.target systemd-tmpfiles-setup-dev.service -+Before=sysinit.target systemd-tmpfiles-setup-dev-early.service - ConditionCapability=CAP_SYS_MODULE - ConditionFileNotEmpty=/lib/modules/%v/modules.devname - -diff --git a/units/meson.build b/units/meson.build -index 5161ec5029..dc7966a772 100644 ---- a/units/meson.build -+++ b/units/meson.build -@@ -544,6 +544,11 @@ units = [ - 'conditions' : ['ENABLE_TMPFILES'], - 'symlinks' : ['timers.target.wants/'], - }, -+ { -+ 'file' : 'systemd-tmpfiles-setup-dev-early.service', -+ 'conditions' : ['ENABLE_TMPFILES'], -+ 'symlinks' : ['sysinit.target.wants/'], -+ }, - { - 'file' : 'systemd-tmpfiles-setup-dev.service', - 'conditions' : ['ENABLE_TMPFILES'], -diff --git a/units/systemd-sysusers.service b/units/systemd-sysusers.service -index 84fd66de37..de6c71a038 100644 ---- a/units/systemd-sysusers.service -+++ b/units/systemd-sysusers.service -@@ -16,6 +16,8 @@ ConditionCredential=|sysusers.extra - - DefaultDependencies=no - After=systemd-remount-fs.service -+After=systemd-tmpfiles-setup-dev-early.service -+Before=systemd-tmpfiles-setup-dev.service - Before=sysinit.target systemd-update-done.service - Conflicts=shutdown.target initrd-switch-root.target - Before=shutdown.target initrd-switch-root.target -diff --git a/units/systemd-tmpfiles-setup-dev-early.service b/units/systemd-tmpfiles-setup-dev-early.service -new file mode 100644 -index 0000000000..0d6f0daaae ---- /dev/null -+++ b/units/systemd-tmpfiles-setup-dev-early.service -@@ -0,0 +1,25 @@ -+# SPDX-License-Identifier: LGPL-2.1-or-later -+# -+# This file is part of systemd. -+# -+# systemd is free software; you can redistribute it and/or modify it -+# under the terms of the GNU Lesser General Public License as published by -+# the Free Software Foundation; either version 2.1 of the License, or -+# (at your option) any later version. -+ -+[Unit] -+Description=Create Static Device Nodes in /dev gracefully -+Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) -+ -+DefaultDependencies=no -+Before=sysinit.target local-fs-pre.target systemd-udevd.service -+Wants=local-fs-pre.target -+Conflicts=shutdown.target initrd-switch-root.target -+Before=shutdown.target initrd-switch-root.target -+ -+[Service] -+Type=oneshot -+RemainAfterExit=yes -+ExecStart=systemd-tmpfiles --prefix=/dev --create --boot --graceful -+SuccessExitStatus=DATAERR CANTCREAT -+ImportCredential=tmpfiles.* -diff --git a/units/systemd-tmpfiles-setup-dev.service b/units/systemd-tmpfiles-setup-dev.service -index acaa9510aa..3016b49749 100644 ---- a/units/systemd-tmpfiles-setup-dev.service -+++ b/units/systemd-tmpfiles-setup-dev.service -@@ -12,6 +12,7 @@ Description=Create Static Device Nodes in /dev - Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) - - DefaultDependencies=no -+After=systemd-tmpfiles-setup-dev-early.service - Before=sysinit.target local-fs-pre.target systemd-udevd.service - Wants=local-fs-pre.target - Conflicts=shutdown.target initrd-switch-root.target -@@ -20,6 +21,6 @@ Before=shutdown.target initrd-switch-root.target - [Service] - Type=oneshot - RemainAfterExit=yes --ExecStart=systemd-tmpfiles --prefix=/dev --create --boot --graceful -+ExecStart=systemd-tmpfiles --prefix=/dev --create --boot - SuccessExitStatus=DATAERR CANTCREAT - ImportCredential=tmpfiles.* -diff --git a/units/systemd-tmpfiles-setup.service b/units/systemd-tmpfiles-setup.service -index 6c5e3de8fd..6cae32850f 100644 ---- a/units/systemd-tmpfiles-setup.service -+++ b/units/systemd-tmpfiles-setup.service -@@ -21,7 +21,7 @@ RefuseManualStop=yes - [Service] - Type=oneshot - RemainAfterExit=yes --ExecStart=systemd-tmpfiles --create --remove --boot -+ExecStart=systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev - SuccessExitStatus=DATAERR CANTCREAT - ImportCredential=tmpfiles.* - ImportCredential=login.motd diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index f6ba3cb2b857..d7f0245b3a1c 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -157,7 +157,7 @@ assert !withPasswordQuality; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "254"; + version = "254.3"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -172,9 +172,9 @@ stdenv.mkDerivation (finalAttrs: { # This has proven to be less error-prone than the previous systemd fork. src = fetchFromGitHub { owner = "systemd"; - repo = "systemd"; - rev = "v254"; - hash = "sha256-Im+sUChxaZZ8gm9itsU+hUlVbqUqIeuWuuJDr9pHvPU="; + repo = "systemd-stable"; + rev = "v${version}"; + hash = "sha256-ObnsAiKwhwEb4ti611eS/wGpg3Sss/pUy/gANPAbXbs="; }; # On major changes, or when otherwise required, you *must* reformat the patches, @@ -201,9 +201,6 @@ stdenv.mkDerivation (finalAttrs: { ./0016-inherit-systemd-environment-when-calling-generators.patch ./0017-core-don-t-taint-on-unmerged-usr.patch ./0018-tpm2_context_init-fix-driver-name-checking.patch - # Remove when https://github.com/systemd/systemd/pull/28784 lands - # as a point release. - ./0019-units-introduce-systemd-tmpfiles-setup-dev-early.ser.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { @@ -246,11 +243,6 @@ stdenv.mkDerivation (finalAttrs: { --replace \ "'readelf'" \ "'${targetPackages.stdenv.cc.bintools.targetPrefix}readelf'" - # The objcopy dependency is removed in v254 - substituteInPlace src/ukify/ukify.py \ - --replace \ - "'objcopy'" \ - "'${targetPackages.stdenv.cc.bintools.targetPrefix}objcopy'" '' + ( let # The following patches references to dynamic libraries to ensure that @@ -376,7 +368,7 @@ stdenv.mkDerivation (finalAttrs: { # when cross-compiling. + '' shopt -s extglob - patchShebangs tools test src/!(rpm|kernel-install|ukify) src/kernel-install/test-kernel-install.sh + patchShebangs tools test src/!(rpm|ukify) src/kernel-install/test-kernel-install.sh ''; outputs = [ "out" "man" "dev" ]; From f902c6a1b93cc368c81b870029fb9653b219a9d4 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Tue, 12 Sep 2023 15:31:33 +0200 Subject: [PATCH 69/95] systemd: add release notes for v254 We add information for 23.11 regarding the v254 release. This information may be modified before the actual release. --- nixos/doc/manual/release-notes/rl-2311.section.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index a2041db2a874..1d790d016f4a 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -10,6 +10,12 @@ - The `nixos-rebuild` command has been given a `list-generations` subcommand. See `man nixos-rebuild` for more details. +- [systemd](https://systemd.io) has been updated from v253 to v254, see [the release notes](https://github.com/systemd/systemd/blob/v254/NEWS#L3-L659) for more information on the changes. + - `boot.resumeDevice` **must be specified** when hibernating if not in EFI mode. + - systemd may warn your system about the permissions of your ESP partition (often `/boot`), this warning can be ignored for now, we are looking + into a satisfying solution regarding this problem. + - Updating with `nixos-rebuild boot` and rebooting is recommended, since in some rare cases the `nixos-rebuild switch` into the new generation on a live system might fail due to missing mount units. + ## New Services {#sec-release-23.11-new-services} - [MCHPRS](https://github.com/MCHPR/MCHPRS), a multithreaded Minecraft server built for redstone. Available as [services.mchprs](#opt-services.mchprs.enable). From e2699cd256e560c72faf0c65d32205b8e7edb52b Mon Sep 17 00:00:00 2001 From: nikstur Date: Wed, 13 Sep 2023 11:58:33 +0200 Subject: [PATCH 70/95] nixos/image: fix for systemd 254 --- nixos/modules/image/repart.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nixos/modules/image/repart.nix b/nixos/modules/image/repart.nix index 4a0021e9a56e..e567485c9d34 100644 --- a/nixos/modules/image/repart.nix +++ b/nixos/modules/image/repart.nix @@ -188,6 +188,7 @@ in nativeBuildInputs = [ cfg.package pkgs.fakeroot + pkgs.util-linux ] ++ fileSystemTools; } '' amendedRepartDefinitions=$(${amendRepartDefinitions} ${partitions} ${definitionsDirectory}) @@ -195,7 +196,7 @@ in mkdir -p $out cd $out - fakeroot systemd-repart \ + unshare --map-root-user fakeroot systemd-repart \ --dry-run=no \ --empty=create \ --size=auto \ From 57365d224ca3142e1d95f340e71f50ce0d6ea3c5 Mon Sep 17 00:00:00 2001 From: nikstur Date: Wed, 13 Sep 2023 11:58:39 +0200 Subject: [PATCH 71/95] systemdStage1: re-include repart --- pkgs/top-level/all-packages.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 2829a8130439..8b4b3f12b040 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -29011,6 +29011,7 @@ with pkgs; withFido2 = true; withKmod = true; withTpm2Tss = true; + withRepart = true; }; systemdStage1Network = systemdStage1.override { pname = "systemd-stage-1-network"; From 0d2fb0062482b577df24b757833e6195a9fc2fba Mon Sep 17 00:00:00 2001 From: Yaya Date: Wed, 13 Sep 2023 13:45:20 +0000 Subject: [PATCH 72/95] curl: Fix github src url --- pkgs/tools/networking/curl/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index c15325a49e4d..6a1ceaccdf44 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -52,7 +52,7 @@ stdenv.mkDerivation (finalAttrs: { src = fetchurl { urls = [ "https://curl.haxx.se/download/curl-${finalAttrs.version}.tar.xz" - "https://github.com/curl/curl/releases/download/curl-${finalAttrs.version}/curl-${finalAttrs.version}.tar.xz" + "https://github.com/curl/curl/releases/download/curl-${builtins.replaceStrings [ "." ] [ "_" ] finalAttrs.version}/curl-${finalAttrs.version}.tar.xz" ]; hash = "sha256-3TIva9CiDmzr39OI9p6Yw9GDvteSz0cTyKfvSYy6SJQ="; }; From a68ceade950265539c38acbb52f5773ca82e3bc1 Mon Sep 17 00:00:00 2001 From: Yaya Date: Wed, 13 Sep 2023 13:16:04 +0000 Subject: [PATCH 73/95] curl: 8.2.1 -> 8.3.0 - https://curl.se/changes.html#8_3_0 - https://curl.se/docs/CVE-2023-38039.html Fixes CVE-2023-38039 --- .../curl/7.79.1-darwin-no-systemconfiguration.patch | 13 +++++++------ pkgs/tools/networking/curl/default.nix | 4 ++-- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/pkgs/tools/networking/curl/7.79.1-darwin-no-systemconfiguration.patch b/pkgs/tools/networking/curl/7.79.1-darwin-no-systemconfiguration.patch index 2c732621d925..2d97338a1fe9 100644 --- a/pkgs/tools/networking/curl/7.79.1-darwin-no-systemconfiguration.patch +++ b/pkgs/tools/networking/curl/7.79.1-darwin-no-systemconfiguration.patch @@ -27,13 +27,13 @@ autoconf in the bootstrap loop just to regenerate a patched configure.ac. curl_includes_winsock2="\ diff --git a/lib/curl_setup.h b/lib/curl_setup.h -index 727d123e5..f78d8be4a 100644 +index b43714da7..7674778b7 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h -@@ -250,19 +250,6 @@ - +@@ -250,20 +250,6 @@ + #include - + -/* - * Use getaddrinfo to resolve the IPv4 address literal. If the current network - * interface doesn't support IPv4, but supports IPv6, NAT64, and DNS64, @@ -42,8 +42,9 @@ index 727d123e5..f78d8be4a 100644 -#if defined(__APPLE__) && !defined(USE_ARES) -#include -#define USE_RESOLVE_ON_IPS 1 --# if !defined(TARGET_OS_OSX) || TARGET_OS_OSX --# define CURL_OSX_CALL_COPYPROXIES 1 +-# if TARGET_OS_MAC && !(defined(TARGET_OS_IPHONE) && TARGET_OS_IPHONE) && \ +- defined(ENABLE_IPV6) +-# define CURL_MACOS_CALL_COPYPROXIES 1 -# endif -#endif - diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 6a1ceaccdf44..aced6d6653a9 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -47,14 +47,14 @@ assert !((lib.count (x: x) [ gnutlsSupport opensslSupport wolfsslSupport rustlsS stdenv.mkDerivation (finalAttrs: { pname = "curl"; - version = "8.2.1"; + version = "8.3.0"; src = fetchurl { urls = [ "https://curl.haxx.se/download/curl-${finalAttrs.version}.tar.xz" "https://github.com/curl/curl/releases/download/curl-${builtins.replaceStrings [ "." ] [ "_" ] finalAttrs.version}/curl-${finalAttrs.version}.tar.xz" ]; - hash = "sha256-3TIva9CiDmzr39OI9p6Yw9GDvteSz0cTyKfvSYy6SJQ="; + hash = "sha256-N21id2fWxPBRBattSXsNmrpxEXcN2dmVIlR4IJw36mM="; }; patches = [ From b8400a7134fed120c7a3d8b0b2942c06580ffcb5 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Wed, 13 Sep 2023 19:48:24 +0100 Subject: [PATCH 74/95] sqlite: fix hash for 3.43.1 (was for 3.43.0) Reported by Martin Weinelt as: error: hash mismatch in fixed-output derivation '/nix/store/cw7dg9xzddwcivfp0yv3k0wpz30l7ivl-sqlite-autoconf-3430100.tar.gz.drv': specified: sha256-RtsvEPMG4WPkVxuJdNRM03B4quBClbvwiyU2Vd8yZfQ= got: sha256-ORFslOdmMPItVM2Cw86jCFZfFxX3FtGyUn8cnJabpNk= --- pkgs/development/libraries/sqlite/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/libraries/sqlite/default.nix b/pkgs/development/libraries/sqlite/default.nix index 441dfa99c37a..f51ce3a50005 100644 --- a/pkgs/development/libraries/sqlite/default.nix +++ b/pkgs/development/libraries/sqlite/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { # NB! Make sure to update ./tools.nix src (in the same directory). src = fetchurl { url = "https://sqlite.org/2023/sqlite-autoconf-${archiveVersion version}.tar.gz"; - hash = "sha256-RtsvEPMG4WPkVxuJdNRM03B4quBClbvwiyU2Vd8yZfQ="; + hash = "sha256-ORFslOdmMPItVM2Cw86jCFZfFxX3FtGyUn8cnJabpNk="; }; outputs = [ "bin" "dev" "out" ]; From 99176f9cd585dd5e2b8429afada60b512f00756b Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Thu, 14 Sep 2023 02:04:12 +0200 Subject: [PATCH 75/95] python310Packages.django_4: 4.2.4 -> 4.2.5 https://docs.djangoproject.com/en/4.2/releases/4.2.5/ Fixes: CVE-2023-41164 --- pkgs/development/python-modules/django/4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/django/4.nix b/pkgs/development/python-modules/django/4.nix index c3df9cf4aef0..d694ff7fb033 100644 --- a/pkgs/development/python-modules/django/4.nix +++ b/pkgs/development/python-modules/django/4.nix @@ -42,14 +42,14 @@ buildPythonPackage rec { pname = "Django"; - version = "4.2.4"; + version = "4.2.5"; format = "pyproject"; disabled = pythonOlder "3.10"; src = fetchPypi { inherit pname version; - hash = "sha256-fkIl7AZeDzVMz3NJoi0gneCcwcB0gyvp64TFHBeZxDI="; + hash = "sha256-XlwclUj/t3lrSopHgumi5aPfNhUln8G/0+vHO2RhRsE="; }; patches = [ From 6cb2474327e3941c31f170de34d8a97c9871ea4f Mon Sep 17 00:00:00 2001 From: ajs124 Date: Thu, 14 Sep 2023 13:51:18 +0200 Subject: [PATCH 76/95] libwebp: 1.3.1 -> 1.3.2 fixes CVE-2023-4863, which allows us to drop the patch --- .../libraries/libwebp/CVE-2023-4863.patch | 361 ------------------ .../development/libraries/libwebp/default.nix | 12 +- 2 files changed, 2 insertions(+), 371 deletions(-) delete mode 100644 pkgs/development/libraries/libwebp/CVE-2023-4863.patch diff --git a/pkgs/development/libraries/libwebp/CVE-2023-4863.patch b/pkgs/development/libraries/libwebp/CVE-2023-4863.patch deleted file mode 100644 index c01b8a486675..000000000000 --- a/pkgs/development/libraries/libwebp/CVE-2023-4863.patch +++ /dev/null @@ -1,361 +0,0 @@ -From 4de93ac70c3292fc944e4587101a52a29f8b0c9c Mon Sep 17 00:00:00 2001 -From: Vincent Rabaud -Date: Thu, 7 Sep 2023 21:16:03 +0200 -Subject: [PATCH] Fix OOB write in BuildHuffmanTable. - -First, BuildHuffmanTable is called to check if the data is valid. -If it is and the table is not big enough, more memory is allocated. - -This will make sure that valid (but unoptimized because of unbalanced -codes) streams are still decodable. - -Bug: chromium:1479274 -Change-Id: I31c36dbf3aa78d35ecf38706b50464fd3d375741 -(cherry picked from commit 902bc9190331343b2017211debcec8d2ab87e17a) ---- - src/dec/vp8l_dec.c | 46 ++++++++++--------- - src/dec/vp8li_dec.h | 2 +- - src/utils/huffman_utils.c | 97 +++++++++++++++++++++++++++++++-------- - src/utils/huffman_utils.h | 27 +++++++++-- - 4 files changed, 129 insertions(+), 43 deletions(-) - -diff --git a/src/dec/vp8l_dec.c b/src/dec/vp8l_dec.c -index c0ea0181..7995313f 100644 ---- a/src/dec/vp8l_dec.c -+++ b/src/dec/vp8l_dec.c -@@ -253,11 +253,11 @@ static int ReadHuffmanCodeLengths( - int symbol; - int max_symbol; - int prev_code_len = DEFAULT_CODE_LENGTH; -- HuffmanCode table[1 << LENGTHS_TABLE_BITS]; -+ HuffmanTables tables; - -- if (!VP8LBuildHuffmanTable(table, LENGTHS_TABLE_BITS, -- code_length_code_lengths, -- NUM_CODE_LENGTH_CODES)) { -+ if (!VP8LHuffmanTablesAllocate(1 << LENGTHS_TABLE_BITS, &tables) || -+ !VP8LBuildHuffmanTable(&tables, LENGTHS_TABLE_BITS, -+ code_length_code_lengths, NUM_CODE_LENGTH_CODES)) { - goto End; - } - -@@ -277,7 +277,7 @@ static int ReadHuffmanCodeLengths( - int code_len; - if (max_symbol-- == 0) break; - VP8LFillBitWindow(br); -- p = &table[VP8LPrefetchBits(br) & LENGTHS_TABLE_MASK]; -+ p = &tables.curr_segment->start[VP8LPrefetchBits(br) & LENGTHS_TABLE_MASK]; - VP8LSetBitPos(br, br->bit_pos_ + p->bits); - code_len = p->value; - if (code_len < kCodeLengthLiterals) { -@@ -300,6 +300,7 @@ static int ReadHuffmanCodeLengths( - ok = 1; - - End: -+ VP8LHuffmanTablesDeallocate(&tables); - if (!ok) dec->status_ = VP8_STATUS_BITSTREAM_ERROR; - return ok; - } -@@ -307,7 +308,8 @@ static int ReadHuffmanCodeLengths( - // 'code_lengths' is pre-allocated temporary buffer, used for creating Huffman - // tree. - static int ReadHuffmanCode(int alphabet_size, VP8LDecoder* const dec, -- int* const code_lengths, HuffmanCode* const table) { -+ int* const code_lengths, -+ HuffmanTables* const table) { - int ok = 0; - int size = 0; - VP8LBitReader* const br = &dec->br_; -@@ -362,8 +364,7 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize, - VP8LMetadata* const hdr = &dec->hdr_; - uint32_t* huffman_image = NULL; - HTreeGroup* htree_groups = NULL; -- HuffmanCode* huffman_tables = NULL; -- HuffmanCode* huffman_table = NULL; -+ HuffmanTables* huffman_tables = &hdr->huffman_tables_; - int num_htree_groups = 1; - int num_htree_groups_max = 1; - int max_alphabet_size = 0; -@@ -372,6 +373,10 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize, - int* mapping = NULL; - int ok = 0; - -+ // Check the table has been 0 initialized (through InitMetadata). -+ assert(huffman_tables->root.start == NULL); -+ assert(huffman_tables->curr_segment == NULL); -+ - if (allow_recursion && VP8LReadBits(br, 1)) { - // use meta Huffman codes. - const int huffman_precision = VP8LReadBits(br, 3) + 2; -@@ -434,16 +439,15 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize, - - code_lengths = (int*)WebPSafeCalloc((uint64_t)max_alphabet_size, - sizeof(*code_lengths)); -- huffman_tables = (HuffmanCode*)WebPSafeMalloc(num_htree_groups * table_size, -- sizeof(*huffman_tables)); - htree_groups = VP8LHtreeGroupsNew(num_htree_groups); - -- if (htree_groups == NULL || code_lengths == NULL || huffman_tables == NULL) { -+ if (htree_groups == NULL || code_lengths == NULL || -+ !VP8LHuffmanTablesAllocate(num_htree_groups * table_size, -+ huffman_tables)) { - dec->status_ = VP8_STATUS_OUT_OF_MEMORY; - goto Error; - } - -- huffman_table = huffman_tables; - for (i = 0; i < num_htree_groups_max; ++i) { - // If the index "i" is unused in the Huffman image, just make sure the - // coefficients are valid but do not store them. -@@ -468,19 +472,20 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize, - int max_bits = 0; - for (j = 0; j < HUFFMAN_CODES_PER_META_CODE; ++j) { - int alphabet_size = kAlphabetSize[j]; -- htrees[j] = huffman_table; - if (j == 0 && color_cache_bits > 0) { - alphabet_size += (1 << color_cache_bits); - } -- size = ReadHuffmanCode(alphabet_size, dec, code_lengths, huffman_table); -+ size = -+ ReadHuffmanCode(alphabet_size, dec, code_lengths, huffman_tables); -+ htrees[j] = huffman_tables->curr_segment->curr_table; - if (size == 0) { - goto Error; - } - if (is_trivial_literal && kLiteralMap[j] == 1) { -- is_trivial_literal = (huffman_table->bits == 0); -+ is_trivial_literal = (htrees[j]->bits == 0); - } -- total_size += huffman_table->bits; -- huffman_table += size; -+ total_size += htrees[j]->bits; -+ huffman_tables->curr_segment->curr_table += size; - if (j <= ALPHA) { - int local_max_bits = code_lengths[0]; - int k; -@@ -515,14 +520,13 @@ static int ReadHuffmanCodes(VP8LDecoder* const dec, int xsize, int ysize, - hdr->huffman_image_ = huffman_image; - hdr->num_htree_groups_ = num_htree_groups; - hdr->htree_groups_ = htree_groups; -- hdr->huffman_tables_ = huffman_tables; - - Error: - WebPSafeFree(code_lengths); - WebPSafeFree(mapping); - if (!ok) { - WebPSafeFree(huffman_image); -- WebPSafeFree(huffman_tables); -+ VP8LHuffmanTablesDeallocate(huffman_tables); - VP8LHtreeGroupsFree(htree_groups); - } - return ok; -@@ -1358,7 +1362,7 @@ static void ClearMetadata(VP8LMetadata* const hdr) { - assert(hdr != NULL); - - WebPSafeFree(hdr->huffman_image_); -- WebPSafeFree(hdr->huffman_tables_); -+ VP8LHuffmanTablesDeallocate(&hdr->huffman_tables_); - VP8LHtreeGroupsFree(hdr->htree_groups_); - VP8LColorCacheClear(&hdr->color_cache_); - VP8LColorCacheClear(&hdr->saved_color_cache_); -@@ -1673,7 +1677,7 @@ int VP8LDecodeImage(VP8LDecoder* const dec) { - - if (dec == NULL) return 0; - -- assert(dec->hdr_.huffman_tables_ != NULL); -+ assert(dec->hdr_.huffman_tables_.root.start != NULL); - assert(dec->hdr_.htree_groups_ != NULL); - assert(dec->hdr_.num_htree_groups_ > 0); - -diff --git a/src/dec/vp8li_dec.h b/src/dec/vp8li_dec.h -index 72b2e861..32540a4b 100644 ---- a/src/dec/vp8li_dec.h -+++ b/src/dec/vp8li_dec.h -@@ -51,7 +51,7 @@ typedef struct { - uint32_t* huffman_image_; - int num_htree_groups_; - HTreeGroup* htree_groups_; -- HuffmanCode* huffman_tables_; -+ HuffmanTables huffman_tables_; - } VP8LMetadata; - - typedef struct VP8LDecoder VP8LDecoder; -diff --git a/src/utils/huffman_utils.c b/src/utils/huffman_utils.c -index 90c2fbf7..cf73abd4 100644 ---- a/src/utils/huffman_utils.c -+++ b/src/utils/huffman_utils.c -@@ -177,21 +177,24 @@ static int BuildHuffmanTable(HuffmanCode* const root_table, int root_bits, - if (num_open < 0) { - return 0; - } -- if (root_table == NULL) continue; - for (; count[len] > 0; --count[len]) { - HuffmanCode code; - if ((key & mask) != low) { -- table += table_size; -+ if (root_table != NULL) table += table_size; - table_bits = NextTableBitSize(count, len, root_bits); - table_size = 1 << table_bits; - total_size += table_size; - low = key & mask; -- root_table[low].bits = (uint8_t)(table_bits + root_bits); -- root_table[low].value = (uint16_t)((table - root_table) - low); -+ if (root_table != NULL) { -+ root_table[low].bits = (uint8_t)(table_bits + root_bits); -+ root_table[low].value = (uint16_t)((table - root_table) - low); -+ } -+ } -+ if (root_table != NULL) { -+ code.bits = (uint8_t)(len - root_bits); -+ code.value = (uint16_t)sorted[symbol++]; -+ ReplicateValue(&table[key >> root_bits], step, table_size, code); - } -- code.bits = (uint8_t)(len - root_bits); -- code.value = (uint16_t)sorted[symbol++]; -- ReplicateValue(&table[key >> root_bits], step, table_size, code); - key = GetNextKey(key, len); - } - } -@@ -211,25 +214,83 @@ static int BuildHuffmanTable(HuffmanCode* const root_table, int root_bits, - ((1 << MAX_CACHE_BITS) + NUM_LITERAL_CODES + NUM_LENGTH_CODES) - // Cut-off value for switching between heap and stack allocation. - #define SORTED_SIZE_CUTOFF 512 --int VP8LBuildHuffmanTable(HuffmanCode* const root_table, int root_bits, -+int VP8LBuildHuffmanTable(HuffmanTables* const root_table, int root_bits, - const int code_lengths[], int code_lengths_size) { -- int total_size; -+ const int total_size = -+ BuildHuffmanTable(NULL, root_bits, code_lengths, code_lengths_size, NULL); - assert(code_lengths_size <= MAX_CODE_LENGTHS_SIZE); -- if (root_table == NULL) { -- total_size = BuildHuffmanTable(NULL, root_bits, -- code_lengths, code_lengths_size, NULL); -- } else if (code_lengths_size <= SORTED_SIZE_CUTOFF) { -+ if (total_size == 0 || root_table == NULL) return total_size; -+ -+ if (root_table->curr_segment->curr_table + total_size >= -+ root_table->curr_segment->start + root_table->curr_segment->size) { -+ // If 'root_table' does not have enough memory, allocate a new segment. -+ // The available part of root_table->curr_segment is left unused because we -+ // need a contiguous buffer. -+ const int segment_size = root_table->curr_segment->size; -+ struct HuffmanTablesSegment* next = -+ (HuffmanTablesSegment*)WebPSafeMalloc(1, sizeof(*next)); -+ if (next == NULL) return 0; -+ // Fill the new segment. -+ // We need at least 'total_size' but if that value is small, it is better to -+ // allocate a big chunk to prevent more allocations later. 'segment_size' is -+ // therefore chosen (any other arbitrary value could be chosen). -+ next->size = total_size > segment_size ? total_size : segment_size; -+ next->start = -+ (HuffmanCode*)WebPSafeMalloc(next->size, sizeof(*next->start)); -+ if (next->start == NULL) { -+ WebPSafeFree(next); -+ return 0; -+ } -+ next->curr_table = next->start; -+ next->next = NULL; -+ // Point to the new segment. -+ root_table->curr_segment->next = next; -+ root_table->curr_segment = next; -+ } -+ if (code_lengths_size <= SORTED_SIZE_CUTOFF) { - // use local stack-allocated array. - uint16_t sorted[SORTED_SIZE_CUTOFF]; -- total_size = BuildHuffmanTable(root_table, root_bits, -- code_lengths, code_lengths_size, sorted); -- } else { // rare case. Use heap allocation. -+ BuildHuffmanTable(root_table->curr_segment->curr_table, root_bits, -+ code_lengths, code_lengths_size, sorted); -+ } else { // rare case. Use heap allocation. - uint16_t* const sorted = - (uint16_t*)WebPSafeMalloc(code_lengths_size, sizeof(*sorted)); - if (sorted == NULL) return 0; -- total_size = BuildHuffmanTable(root_table, root_bits, -- code_lengths, code_lengths_size, sorted); -+ BuildHuffmanTable(root_table->curr_segment->curr_table, root_bits, -+ code_lengths, code_lengths_size, sorted); - WebPSafeFree(sorted); - } - return total_size; - } -+ -+int VP8LHuffmanTablesAllocate(int size, HuffmanTables* huffman_tables) { -+ // Have 'segment' point to the first segment for now, 'root'. -+ HuffmanTablesSegment* const root = &huffman_tables->root; -+ huffman_tables->curr_segment = root; -+ // Allocate root. -+ root->start = (HuffmanCode*)WebPSafeMalloc(size, sizeof(*root->start)); -+ if (root->start == NULL) return 0; -+ root->curr_table = root->start; -+ root->next = NULL; -+ root->size = size; -+ return 1; -+} -+ -+void VP8LHuffmanTablesDeallocate(HuffmanTables* const huffman_tables) { -+ HuffmanTablesSegment *current, *next; -+ if (huffman_tables == NULL) return; -+ // Free the root node. -+ current = &huffman_tables->root; -+ next = current->next; -+ WebPSafeFree(current->start); -+ current->start = NULL; -+ current->next = NULL; -+ current = next; -+ // Free the following nodes. -+ while (current != NULL) { -+ next = current->next; -+ WebPSafeFree(current->start); -+ WebPSafeFree(current); -+ current = next; -+ } -+} -diff --git a/src/utils/huffman_utils.h b/src/utils/huffman_utils.h -index 13b7ad1a..98415c53 100644 ---- a/src/utils/huffman_utils.h -+++ b/src/utils/huffman_utils.h -@@ -43,6 +43,29 @@ typedef struct { - // or non-literal symbol otherwise - } HuffmanCode32; - -+// Contiguous memory segment of HuffmanCodes. -+typedef struct HuffmanTablesSegment { -+ HuffmanCode* start; -+ // Pointer to where we are writing into the segment. Starts at 'start' and -+ // cannot go beyond 'start' + 'size'. -+ HuffmanCode* curr_table; -+ // Pointer to the next segment in the chain. -+ struct HuffmanTablesSegment* next; -+ int size; -+} HuffmanTablesSegment; -+ -+// Chained memory segments of HuffmanCodes. -+typedef struct HuffmanTables { -+ HuffmanTablesSegment root; -+ // Currently processed segment. At first, this is 'root'. -+ HuffmanTablesSegment* curr_segment; -+} HuffmanTables; -+ -+// Allocates a HuffmanTables with 'size' contiguous HuffmanCodes. Returns 0 on -+// memory allocation error, 1 otherwise. -+int VP8LHuffmanTablesAllocate(int size, HuffmanTables* huffman_tables); -+void VP8LHuffmanTablesDeallocate(HuffmanTables* const huffman_tables); -+ - #define HUFFMAN_PACKED_BITS 6 - #define HUFFMAN_PACKED_TABLE_SIZE (1u << HUFFMAN_PACKED_BITS) - -@@ -78,9 +101,7 @@ void VP8LHtreeGroupsFree(HTreeGroup* const htree_groups); - // the huffman table. - // Returns built table size or 0 in case of error (invalid tree or - // memory error). --// If root_table is NULL, it returns 0 if a lookup cannot be built, something --// > 0 otherwise (but not the table size). --int VP8LBuildHuffmanTable(HuffmanCode* const root_table, int root_bits, -+int VP8LBuildHuffmanTable(HuffmanTables* const root_table, int root_bits, - const int code_lengths[], int code_lengths_size); - - #ifdef __cplusplus --- -2.41.0 - diff --git a/pkgs/development/libraries/libwebp/default.nix b/pkgs/development/libraries/libwebp/default.nix index 287c0b6b18be..2605dabf125a 100644 --- a/pkgs/development/libraries/libwebp/default.nix +++ b/pkgs/development/libraries/libwebp/default.nix @@ -27,23 +27,15 @@ stdenv.mkDerivation rec { pname = "libwebp"; - version = "1.3.1"; + version = "1.3.2"; src = fetchFromGitHub { owner = "webmproject"; repo = pname; rev = "v${version}"; - hash = "sha256-Q94avvKjPdwdGt5ADo30cf2V4T7MCTubDHJxTtbG4xQ="; + hash = "sha256-UYO2Fmm8nzQR8VBC26wEwWd3qZTD+6MHKcmKBoNcpEE="; }; - patches = [ - # Commit 902bc919 from upstream, mangled slightly to apply onto 1.3.1. - # There is currently (2023-09-12) no confirmation that this is the fix for - # CVE-2023-4863, but it is linked to the right crbug, and matches the - # description of that (critical sev, exploited in the wild) CVE. - ./CVE-2023-4863.patch - ]; - configureFlags = [ (lib.enableFeature threadingSupport "threading") (lib.enableFeature openglSupport "gl") From 19bdef92254ab32924a291abea1c9ac2017d1f00 Mon Sep 17 00:00:00 2001 From: K900 Date: Thu, 14 Sep 2023 15:01:09 +0300 Subject: [PATCH 77/95] webrtc-audio-processing_1: 1.0 -> 1.3, cleanup - use fetchFromGitLab instead of fetchurl - remove old workarounds - propagate abseil as it's required to link --- .../webrtc-audio-processing/default.nix | 28 +++++++++---------- pkgs/top-level/all-packages.nix | 7 +---- 2 files changed, 14 insertions(+), 21 deletions(-) diff --git a/pkgs/development/libraries/webrtc-audio-processing/default.nix b/pkgs/development/libraries/webrtc-audio-processing/default.nix index f78d8b35e2a8..6eabc9e19c96 100644 --- a/pkgs/development/libraries/webrtc-audio-processing/default.nix +++ b/pkgs/development/libraries/webrtc-audio-processing/default.nix @@ -1,36 +1,34 @@ -{ lib, stdenv, fetchurl +{ lib, stdenv, fetchFromGitLab , darwin , abseil-cpp , meson , ninja +, pkg-config }: stdenv.mkDerivation rec { pname = "webrtc-audio-processing"; - version = "1.0"; + version = "1.3"; - src = fetchurl { - url = "https://gitlab.freedesktop.org/pulseaudio/webrtc-audio-processing/-/archive/v${version}/webrtc-audio-processing-v${version}.tar.gz"; - sha256 = "sha256-dqRy1OfOG9TX2cgCD8cowU44zVanns/nPYZrilPfuiU="; + src = fetchFromGitLab { + domain = "gitlab.freedesktop.org"; + owner = "pulseaudio"; + repo = "webrtc-audio-processing"; + rev = "v${version}"; + hash = "sha256-8CDt4kMt2Owzyv22dqWIcFuHeg4Y3FxB405cLw3FZ+g="; }; nativeBuildInputs = [ meson ninja + pkg-config ]; - buildInputs = [ + propagatedBuildInputs = [ abseil-cpp - ] ++ lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ ApplicationServices ]); + ]; - patchPhase = '' - # this is just incorrect upstream - # see https://gitlab.freedesktop.org/pulseaudio/webrtc-audio-processing/-/issues/4 - substituteInPlace meson.build \ - --replace "absl_flags_registry" "absl_flags_reflection" - '' + lib.optionalString stdenv.hostPlatform.isMusl '' - substituteInPlace webrtc/base/checks.cc --replace 'defined(__UCLIBC__)' 1 - ''; + buildInputs = lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ ApplicationServices ]); meta = with lib; { homepage = "https://www.freedesktop.org/software/pulseaudio/webrtc-audio-processing"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 66eda8f1c5fb..3ec31c1d46d2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -25774,12 +25774,7 @@ with pkgs; wfa2-lib = callPackage ../development/libraries/wfa2-lib { }; - webrtc-audio-processing_1 = callPackage ../development/libraries/webrtc-audio-processing { - stdenv = gcc10StdenvCompat; - abseil-cpp = abseil-cpp.override { - cxxStandard = "14"; - }; - }; + webrtc-audio-processing_1 = callPackage ../development/libraries/webrtc-audio-processing { }; webrtc-audio-processing_0_3 = callPackage ../development/libraries/webrtc-audio-processing/0.3.nix { }; # bump when majoring of packages have updated webrtc-audio-processing = webrtc-audio-processing_0_3; From d3f95211ad0ebe92af43362ee450ad0c9748e943 Mon Sep 17 00:00:00 2001 From: K900 Date: Thu, 14 Sep 2023 15:05:44 +0300 Subject: [PATCH 78/95] pipewire: 0.3.79 -> 0.3.80 --- pkgs/development/libraries/pipewire/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index 28bbcb4a8890..e01c2ed6485c 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -22,7 +22,7 @@ , libsndfile , vulkan-headers , vulkan-loader -, webrtc-audio-processing +, webrtc-audio-processing_1 , ncurses , readline # meson can't find <7 as those versions don't have a .pc file , lilv @@ -79,7 +79,7 @@ let self = stdenv.mkDerivation rec { pname = "pipewire"; - version = "0.3.79"; + version = "0.3.80"; outputs = [ "out" @@ -97,7 +97,7 @@ let owner = "pipewire"; repo = "pipewire"; rev = version; - sha256 = "sha256-pqs991pMqz3IQE+NUk0VNzZS4ExwfoZqBQDWBSGdWcs="; + sha256 = "sha256-6Ka83Bqd/nsfp8rv0GTBerpGP226MeZvC5u/j62FzP0="; }; patches = [ @@ -142,7 +142,7 @@ let udev vulkan-headers vulkan-loader - webrtc-audio-processing + webrtc-audio-processing_1 tinycompress ] ++ (if enableSystemd then [ systemd ] else [ eudev ]) ++ lib.optionals gstreamerSupport [ gst_all_1.gst-plugins-base gst_all_1.gstreamer ] From f38a57f07241c01dbba370e5b718e24169741f17 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Thu, 14 Sep 2023 10:47:24 +0000 Subject: [PATCH 79/95] ffmpeg-full: fix cross --- pkgs/development/libraries/ffmpeg/generic.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/ffmpeg/generic.nix b/pkgs/development/libraries/ffmpeg/generic.nix index afd67d19637b..bbdf154c6a29 100644 --- a/pkgs/development/libraries/ffmpeg/generic.nix +++ b/pkgs/development/libraries/ffmpeg/generic.nix @@ -545,7 +545,8 @@ stdenv.mkDerivation (finalAttrs: { in "remove-references-to ${lib.concatStringsSep " " (map (o: "-t ${o}") toStrip)} config.h"; - nativeBuildInputs = [ removeReferencesTo addOpenGLRunpath perl pkg-config texinfo yasm ]; + nativeBuildInputs = [ removeReferencesTo addOpenGLRunpath perl pkg-config texinfo yasm ] + ++ optionals withCudaLLVM [ clang ]; # TODO This was always in buildInputs before, why? buildInputs = optionals withFullDeps [ libdc1394 ] @@ -559,7 +560,6 @@ stdenv.mkDerivation (finalAttrs: { ++ optionals withBzlib [ bzip2 ] ++ optionals withCaca [ libcaca ] ++ optionals withCelt [ celt ] - ++ optionals withCudaLLVM [ clang ] ++ optionals withDav1d [ dav1d ] ++ optionals withDrm [ libdrm ] ++ optionals withFdkAac [ fdk_aac ] From c147fe79a57283f06a2e1f792edba49d2c5ecb80 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Thu, 14 Sep 2023 10:48:03 +0000 Subject: [PATCH 80/95] ffmpeg: set strictDeps This will hopefully prevent cross compilation regressions. --- pkgs/development/libraries/ffmpeg/generic.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/libraries/ffmpeg/generic.nix b/pkgs/development/libraries/ffmpeg/generic.nix index bbdf154c6a29..31c93c52fb13 100644 --- a/pkgs/development/libraries/ffmpeg/generic.nix +++ b/pkgs/development/libraries/ffmpeg/generic.nix @@ -545,6 +545,8 @@ stdenv.mkDerivation (finalAttrs: { in "remove-references-to ${lib.concatStringsSep " " (map (o: "-t ${o}") toStrip)} config.h"; + strictDeps = true; + nativeBuildInputs = [ removeReferencesTo addOpenGLRunpath perl pkg-config texinfo yasm ] ++ optionals withCudaLLVM [ clang ]; From b234bbff0f6884d868495dfd574b9b8a46771bdb Mon Sep 17 00:00:00 2001 From: nikstur Date: Thu, 14 Sep 2023 20:37:36 +0200 Subject: [PATCH 81/95] systemd: re-exclude kernel-install from patchShebangs Even though kernel-install was rewritten in C and is thus not a script anymore that needs to be patched, there are still .install scripts in the kernel-install directory that need to be patchd. --- pkgs/os-specific/linux/systemd/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index d7f0245b3a1c..a938a98f2417 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -368,7 +368,7 @@ stdenv.mkDerivation (finalAttrs: { # when cross-compiling. + '' shopt -s extglob - patchShebangs tools test src/!(rpm|ukify) src/kernel-install/test-kernel-install.sh + patchShebangs tools test src/!(rpm|kernel-install|ukify) src/kernel-install/test-kernel-install.sh ''; outputs = [ "out" "man" "dev" ]; From 09e3d7d7e41731e44024d019443b3ee7c5c2bf70 Mon Sep 17 00:00:00 2001 From: Artturin Date: Mon, 11 Sep 2023 21:21:09 +0300 Subject: [PATCH 82/95] jq: add a release note --- nixos/doc/manual/release-notes/rl-2311.section.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index d4fa6e941e57..43cb071fefc8 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -187,6 +187,8 @@ - New options were added to `services.searx` for better SearXNG support, including options for the built-in rate limiter and bot protection and automatically configuring a local redis server. +- `jq` was updated to 1.7, its [first release in 5 years](https://github.com/jqlang/jq/releases/tag/jq-1.7). + - A new option was added to the virtualisation module that enables specifying explicitly named network interfaces in QEMU VMs. The existing `virtualisation.vlans` is still supported for cases where the name of the network interface is irrelevant. - DocBook option documentation is no longer supported, all module documentation now uses markdown. From e7ffffce821ab8e50a347069e50b908d8a0177e0 Mon Sep 17 00:00:00 2001 From: Leona Maroni Date: Sun, 3 Sep 2023 17:41:49 +0200 Subject: [PATCH 83/95] iwd: 2.7 -> 2.8 --- pkgs/os-specific/linux/iwd/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/iwd/default.nix b/pkgs/os-specific/linux/iwd/default.nix index 792fef69cbd2..1b983bb90e1e 100644 --- a/pkgs/os-specific/linux/iwd/default.nix +++ b/pkgs/os-specific/linux/iwd/default.nix @@ -12,12 +12,12 @@ stdenv.mkDerivation rec { pname = "iwd"; - version = "2.7"; + version = "2.8"; src = fetchgit { url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; rev = version; - sha256 = "sha256-UsyJYQB6YzwcL6H1nyCW8ZTpBzacZMAp39mCfsZqwHY="; + sha256 = "sha256-i+2R8smgLXooApj0Z5e03FybhYgw1X/kIsJkrDzW8y4="; }; outputs = [ "out" "man" "doc" ] From b485dd0036f316fecbb304430e2ca9518e5c0b4f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20=C5=BDlender?= Date: Fri, 2 Jun 2023 00:09:11 +0200 Subject: [PATCH 84/95] deterministic-uname: fix default output --- .../deterministic-uname.sh | 35 +++++++++---------- 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/pkgs/build-support/deterministic-uname/deterministic-uname.sh b/pkgs/build-support/deterministic-uname/deterministic-uname.sh index 5272bb5b3fe1..31772aeee3cc 100644 --- a/pkgs/build-support/deterministic-uname/deterministic-uname.sh +++ b/pkgs/build-support/deterministic-uname/deterministic-uname.sh @@ -38,6 +38,10 @@ processor=0 hardware_platform=0 operating_system=0 +# With no OPTION, same as -s. +if [[ $# -eq 0 ]]; then + kernel_name=1 +fi @getopt@/bin/getopt --test > /dev/null && rc=$? || rc=$? if [[ $rc -ne 4 ]]; then @@ -54,11 +58,6 @@ else eval set -- "$PARSED" fi -# With no OPTION, same as -s. -if [[ $# -eq 0 ]]; then - kernel_name=1 -fi - # Process each argument, and set the appropriate flag if we recognize it. while [[ $# -ge 1 ]]; do case "$1" in @@ -132,44 +131,44 @@ fi # Darwin *nodename* 22.1.0 Darwin Kernel Version 22.1.0: Sun Oct 9 20:14:30 PDT 2022; root:xnu-8792.41.9~2/RELEASE_ARM64_T8103 arm64 arm Darwin # NixOS: # Linux *nodename* 6.0.13 #1-NixOS SMP PREEMPT_DYNAMIC Wed Dec 14 10:41:06 UTC 2022 x86_64 GNU/Linux +output=() if [[ "$all" = "1" ]]; then - echo -n "$KERNEL_NAME_VAL $NODENAME_VAL $KERNEL_RELEASE_VAL $KERNEL_VERSION_VAL $MACHINE_VAL " + output+=("$KERNEL_NAME_VAL" "$NODENAME_VAL" "$KERNEL_RELEASE_VAL" "$KERNEL_VERSION_VAL" "$MACHINE_VAL") # in help: except omit -p and -i if unknown. - #echo -n "$PROCESSOR_VAL $HARDWARE_PLATFORM_VAL\n" - echo -n "$OPERATING_SYSTEM_VAL" + # output+=($PROCESSOR_VAL $HARDWARE_PLATFORM_VAL) + output+=("$OPERATING_SYSTEM_VAL") fi if [[ "$kernel_name" = "1" ]]; then - echo -n "$KERNEL_NAME_VAL" + output+=("$KERNEL_NAME_VAL") fi if [[ "$nodename" = "1" ]]; then - echo -n "$NODENAME_VAL" + output+=("$NODENAME_VAL") fi if [[ "$kernel_release" = "1" ]]; then - echo -n "$KERNEL_RELEASE_VAL" + output+=("$KERNEL_RELEASE_VAL") fi if [[ "$kernel_version" = "1" ]]; then - echo -n "$KERNEL_VERSION_VAL" + output+=("$KERNEL_VERSION_VAL") fi if [[ "$machine" = "1" ]]; then - echo -n "$MACHINE_VAL" + output+=("$MACHINE_VAL") fi if [[ "$processor" = "1" ]]; then - echo -n "$PROCESSOR_VAL" + output+=("$PROCESSOR_VAL") fi if [[ "$hardware_platform" = "1" ]]; then - echo -n "$HARDWARE_PLATFORM_VAL" + output+=("$HARDWARE_PLATFORM_VAL") fi if [[ "$operating_system" = "1" ]]; then - echo -n "$OPERATING_SYSTEM_VAL" + output+=("$OPERATING_SYSTEM_VAL") fi -# for newline. -echo +echo "${output[@]}" From 25afc4a9101a34a405b4e18ed7262c930e93fe7a Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Sun, 17 Sep 2023 10:39:26 +0100 Subject: [PATCH 85/95] brotli: revert upstream fix for rpath on darwin Fixed `aarch64-darwin` built of `curl` reported by Martin Weinelt of form: curl-aarch64-darwin> checking run-time libs availability... failed curl-aarch64-darwin> configure: error: one or more libs available at link-time are not available run-time. Libs used at link-time: -lnghttp2 -lidn2 -lssh2 -lssh2 -lssl -lcrypto -lssl -lcrypto -lgssapi_krb5 -lresolv -lzstd -lzstd -lbrotlidec -lbrotlidec -lz I think we are embedding wrong runpath. Let's rely on `nixpkgs`'s infrastructure until the failure is better understood. --- pkgs/tools/compression/brotli/default.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pkgs/tools/compression/brotli/default.nix b/pkgs/tools/compression/brotli/default.nix index 244b46f44e58..263478e4ba3c 100644 --- a/pkgs/tools/compression/brotli/default.nix +++ b/pkgs/tools/compression/brotli/default.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchFromGitHub +, fetchpatch , cmake , staticOnly ? stdenv.hostPlatform.isStatic , testers @@ -19,6 +20,17 @@ stdenv.mkDerivation (finalAttrs: { hash = "sha256-MvceRcle2dSkkucC2PlsCizsIf8iv95d8Xjqew266wc="; }; + patches = [ + # revert runpath change, breaks curl on darwin: + # https://github.com/NixOS/nixpkgs/pull/254532#issuecomment-1722337476 + (fetchpatch { + name = "revert-runpath.patch"; + url = "https://github.com/google/brotli/commit/f842c1bcf9264431cd3b15429a72b7dafbe80509.patch"; + hash = "sha256-W3LY3EjoHP74YsKOOcYQrzo+f0HbooOvEbnOibtN6TM="; + revert = true; + }) + ]; + nativeBuildInputs = [ cmake ]; cmakeFlags = lib.optional staticOnly "-DBUILD_SHARED_LIBS=OFF"; From 02c62932808d5f3af6bf23018e865637a72b924e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Sun, 17 Sep 2023 16:23:40 +0200 Subject: [PATCH 86/95] lmdb: don't attempt the .so if static, as it would fail --- pkgs/development/libraries/lmdb/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkgs/development/libraries/lmdb/default.nix b/pkgs/development/libraries/lmdb/default.nix index 21f07337fab4..99296b63a727 100644 --- a/pkgs/development/libraries/lmdb/default.nix +++ b/pkgs/development/libraries/lmdb/default.nix @@ -17,6 +17,11 @@ stdenv.mkDerivation rec { patches = [ ./hardcoded-compiler.patch ./bin-ext.patch ]; patchFlags = [ "-p3" ]; + # Don't attempt the .so if static, as it would fail. + postPatch = lib.optionalString stdenv.hostPlatform.isStatic '' + sed 's/^ILIBS\>.*/ILIBS = liblmdb.a/' -i Makefile + ''; + outputs = [ "bin" "out" "dev" ]; buildInputs = lib.optional stdenv.hostPlatform.isWindows windows.pthreads; From 319c4c18124b692918c6567b10197ba1d3cd17ed Mon Sep 17 00:00:00 2001 From: K900 Date: Mon, 18 Sep 2023 11:10:09 +0300 Subject: [PATCH 87/95] webrtc-audio-processing: don't mark broken, instead mark not available --- .../libraries/webrtc-audio-processing/default.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/webrtc-audio-processing/default.nix b/pkgs/development/libraries/webrtc-audio-processing/default.nix index 6eabc9e19c96..2c1e15bfbef3 100644 --- a/pkgs/development/libraries/webrtc-audio-processing/default.nix +++ b/pkgs/development/libraries/webrtc-audio-processing/default.nix @@ -35,9 +35,7 @@ stdenv.mkDerivation rec { description = "A more Linux packaging friendly copy of the AudioProcessing module from the WebRTC project"; license = licenses.bsd3; # https://gitlab.freedesktop.org/pulseaudio/webrtc-audio-processing/-/blob/master/webrtc/rtc_base/system/arch.h - platforms = intersectLists platforms.unix (platforms.aarch64 ++ platforms.mips ++ platforms.riscv ++ platforms.x86); - # attempts to inline 256bit AVX instructions on x86 - # https://gitlab.freedesktop.org/pulseaudio/webrtc-audio-processing/-/issues/5 - broken = stdenv.isx86_32; + # x86-32 disabled due to https://gitlab.freedesktop.org/pulseaudio/webrtc-audio-processing/-/issues/5 + platforms = intersectLists platforms.unix (platforms.aarch64 ++ platforms.mips ++ platforms.riscv ++ platforms.x86_64); }; } From eedc27d96e07c72ee1447d2017bf0522c208a838 Mon Sep 17 00:00:00 2001 From: K900 Date: Mon, 18 Sep 2023 11:10:22 +0300 Subject: [PATCH 88/95] pipewire: backport patch to build with webrtc-audio-processing 0.3, use it where 1.x isn't available --- pkgs/development/libraries/pipewire/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index e01c2ed6485c..1e66d1573fc5 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -22,6 +22,7 @@ , libsndfile , vulkan-headers , vulkan-loader +, webrtc-audio-processing , webrtc-audio-processing_1 , ncurses , readline # meson can't find <7 as those versions don't have a .pc file @@ -115,6 +116,12 @@ let ./0090-pipewire-config-template-paths.patch # Place SPA data files in lib output to avoid dependency cycles ./0095-spa-data-dir.patch + + # backport fix for building with webrtc-audio-processing 0.3 on platforms where we don't have 1.x + (fetchpatch { + url = "https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/1f1c308c9766312e684f0b53fc2d1422c7414d31.patch"; + hash = "sha256-ECM7/84G99yzXsg5A2DkFnXFGJSV9lz3vD0IRSzR8vU="; + }) ]; strictDeps = true; @@ -142,9 +149,9 @@ let udev vulkan-headers vulkan-loader - webrtc-audio-processing_1 tinycompress ] ++ (if enableSystemd then [ systemd ] else [ eudev ]) + ++ (if lib.meta.availableOn stdenv.hostPlatform webrtc-audio-processing_1 then [ webrtc-audio-processing_1 ] else [ webrtc-audio-processing ]) ++ lib.optionals gstreamerSupport [ gst_all_1.gst-plugins-base gst_all_1.gstreamer ] ++ lib.optionals libcameraSupport [ libcamera libdrm ] ++ lib.optional ffmpegSupport ffmpeg From 2f2a55e67581a1b0dde3af4401496827e4556ae3 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Tue, 19 Sep 2023 04:20:00 +0000 Subject: [PATCH 89/95] nodejs_18: 18.17.1 -> 18.18.0 Changelog: https://github.com/nodejs/node/releases/tag/v18.18.0 --- pkgs/development/web/nodejs/v18.nix | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/pkgs/development/web/nodejs/v18.nix b/pkgs/development/web/nodejs/v18.nix index 0eb1ab4ce3f6..13a50dc12db3 100644 --- a/pkgs/development/web/nodejs/v18.nix +++ b/pkgs/development/web/nodejs/v18.nix @@ -8,20 +8,13 @@ let in buildNodejs { inherit enableNpm; - version = "18.17.1"; - sha256 = "sha256-8hXPA9DwDwesC2dMaBn4BMFULhbxUtoEmAAirsz15lo="; + version = "18.18.0"; + sha256 = "sha256-5NTbrDY02Z+JLwDbR9p4+YSTwzlYLoqV+y3Vn1z+D5A="; patches = [ ./disable-darwin-v8-system-instrumentation.patch ./bypass-darwin-xcrun-node16.patch ./revert-arm64-pointer-auth.patch ./node-npm-build-npm-package-logic.patch ./trap-handler-backport.patch - # Fixes target toolchain arguments being passed to the host toolchain when - # cross-compiling. For example, -m64 is not available on aarch64. - (fetchpatch { - name = "common-gypi-cross.patch"; - url = "https://github.com/nodejs/node/pull/48597.patch"; - hash = "sha256-FmHmwlTxPw5mTW6t4zuy9vr4FxopjU4Kx+F1aqabG1s="; - }) ]; } From 15caf7f787dc4d472ba36f1619bee7d9e3ff01ae Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Tue, 19 Sep 2023 04:20:00 +0000 Subject: [PATCH 90/95] nodejs: 20.6.1 -> 20.7.0 Changelog: https://github.com/nodejs/node/releases/tag/v20.7.0 --- pkgs/development/web/nodejs/v20.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/web/nodejs/v20.nix b/pkgs/development/web/nodejs/v20.nix index 7c4b390cc66b..749358f5e464 100644 --- a/pkgs/development/web/nodejs/v20.nix +++ b/pkgs/development/web/nodejs/v20.nix @@ -8,8 +8,8 @@ let in buildNodejs { inherit enableNpm; - version = "20.6.1"; - sha256 = "sha256-Ouxeco2qOIAMNDsSkiHTSIBkolKaObtUZ7xVviJsais="; + version = "20.7.0"; + sha256 = "sha256-P8/c0FxGFRdIBZZZZnTfhbNc/OWX3QrjP1QW/E3xK+o="; patches = [ ./revert-arm64-pointer-auth.patch ./disable-darwin-v8-system-instrumentation-node19.patch From 8ef0db39e552f4405c407d1be6ee34cb40251f23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Sat, 23 Sep 2023 10:38:07 +0200 Subject: [PATCH 91/95] protobuf: downgrade default to 3.21 on darwin Feel free to find a better solution. This is just a simple mass-regression stop-gap, as noone seems to care about the failure. --- pkgs/top-level/all-packages.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a4f94518f762..ba2e580101ff 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -24753,7 +24753,9 @@ with pkgs; prospector = callPackage ../development/tools/prospector { }; - protobuf = protobuf3_24; + # 3.24 and 3.23 tests crash on Hydra for *-darwin: + # https://hydra.nixos.org/build/235677717/nixlog/4/tail + protobuf = if stdenv.isDarwin then protobuf3_21 else protobuf3_24; protobuf3_24 = callPackage ../development/libraries/protobuf/3.24.nix { }; protobuf3_23 = callPackage ../development/libraries/protobuf/3.23.nix { }; From 47f278a93631dfb050fca039041646d0377b36b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Sat, 23 Sep 2023 11:37:39 +0200 Subject: [PATCH 92/95] dig: tiny code cleanup https://github.com/NixOS/nixpkgs/pull/252097#issuecomment-1697244637 --- pkgs/top-level/all-packages.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ba2e580101ff..3c2c1223f874 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -26453,11 +26453,7 @@ with pkgs; bind = callPackage ../servers/dns/bind { }; dnsutils = bind.dnsutils; - dig = bind.dnsutils // { - meta = bind.dnsutils.meta // { - mainProgram = "dig"; - }; - }; + dig = lib.addMetaAttrs { mainProgram = "dig"; } bind.dnsutils; bird = callPackage ../servers/bird { }; From b9f372ba3b71185386aef37d6974ff27fb338e21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Sun, 24 Sep 2023 09:20:50 +0200 Subject: [PATCH 93/95] protobuf: avoid the failing tests on darwin abseil-cpp version hell makes it hard to switch versions (as I feared) https://hydra.nixos.org/build/236112673/nixlog/1/tail So let's avoid tests instead, until someone really investigates this. --- pkgs/development/libraries/protobuf/generic-v3-cmake.nix | 5 ++++- pkgs/top-level/all-packages.nix | 4 +--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix index 5b5ab87bfcd5..27a5b70bddb0 100644 --- a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix +++ b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix @@ -83,7 +83,10 @@ stdenv.mkDerivation (finalAttrs: { "-Dprotobuf_BUILD_TESTS=OFF" ]; - doCheck = true; + # FIXME: investigate. 3.24 and 3.25 have different errors. + # At least some of it is not reproduced on some other machine; example: + # https://hydra.nixos.org/build/235677717/nixlog/4/tail + doCheck = !(stdenv.isDarwin && lib.versionAtLeast version "3.24"); passthru = { tests = { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 2062453ac7f1..90f1baa4973c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -24740,9 +24740,7 @@ with pkgs; prospector = callPackage ../development/tools/prospector { }; - # 3.24 and 3.23 tests crash on Hydra for *-darwin: - # https://hydra.nixos.org/build/235677717/nixlog/4/tail - protobuf = if stdenv.isDarwin then protobuf3_21 else protobuf3_24; + protobuf = protobuf3_24; protobuf3_24 = callPackage ../development/libraries/protobuf/3.24.nix { }; protobuf3_23 = callPackage ../development/libraries/protobuf/3.23.nix { }; From 83ab82d09a92d9ccad5e7f2ed73a4e46b7c675fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Sun, 24 Sep 2023 09:32:08 +0200 Subject: [PATCH 94/95] protobuf: off-by-one error in failing tests Really, I was careless. But at least the default version had it right. --- pkgs/development/libraries/protobuf/generic-v3-cmake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix index 27a5b70bddb0..53cbfab1fb24 100644 --- a/pkgs/development/libraries/protobuf/generic-v3-cmake.nix +++ b/pkgs/development/libraries/protobuf/generic-v3-cmake.nix @@ -83,10 +83,10 @@ stdenv.mkDerivation (finalAttrs: { "-Dprotobuf_BUILD_TESTS=OFF" ]; - # FIXME: investigate. 3.24 and 3.25 have different errors. + # FIXME: investigate. 3.24 and 3.23 have different errors. # At least some of it is not reproduced on some other machine; example: # https://hydra.nixos.org/build/235677717/nixlog/4/tail - doCheck = !(stdenv.isDarwin && lib.versionAtLeast version "3.24"); + doCheck = !(stdenv.isDarwin && lib.versionAtLeast version "3.23"); passthru = { tests = { From c564a122a65edafd67aa75625e04198fda45664f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Wed, 27 Sep 2023 14:19:37 +0200 Subject: [PATCH 95/95] oq: fix tests with jq-1.7 https://hydra.nixos.org/build/235683565/nixlog/3/tail https://github.com/Blacksmoke16/oq/pull/119 --- pkgs/development/tools/oq/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pkgs/development/tools/oq/default.nix b/pkgs/development/tools/oq/default.nix index 3c2a0223dd41..8e23e72912b0 100644 --- a/pkgs/development/tools/oq/default.nix +++ b/pkgs/development/tools/oq/default.nix @@ -1,5 +1,6 @@ { lib , fetchFromGitHub +, fetchpatch , crystal , jq , libxml2 @@ -17,6 +18,13 @@ crystal.buildCrystalPackage rec { sha256 = "sha256-W0iGE1yVOphooiab689AFT3rhGGdXqEFyYIhrx11RTE="; }; + patches = [ + (fetchpatch { + url = "https://github.com/Blacksmoke16/oq/commit/4f9ef2a73770465bfe2348795461fc8a90a7b9b0.diff"; + hash = "sha256-Ljvf2+1vsGv6wJHl27T7DufI9rTUCY/YQZziOWpW8Do="; + }) + ]; + nativeBuildInputs = [ makeWrapper ]; buildInputs = [ libxml2 ]; nativeCheckInputs = [ jq ];