colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge master into staging-next

Browse Source
This commit is contained in:
github-actions[bot] 2022-03-02 06:11:13 +00:00 committed by GitHub
commit cd1f27794e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
28 changed files with 323 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/backport.yml vendored
View File

@ -8,7 +8,7 @@ jobs:
if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name))
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
with:
# required to find all branches
fetch-depth: 0

2
.github/workflows/basic-eval.yml vendored
View File

@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
# we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v16
# explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset
- run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin" ]'

2
.github/workflows/editorconfig.yml vendored
View File

@ -24,7 +24,7 @@ jobs:
- name: print list of changed files
run: |
cat "$HOME/changed_files"
- uses: actions/checkout@v2
- uses: actions/checkout@v3
with:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge

2
.github/workflows/labels.yml vendored
View File

@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
if: github.repository_owner == 'NixOS'
steps:
- uses: actions/labeler@v3
- uses: actions/labeler@v4
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
sync-labels: true

2
.github/workflows/manual-nixos.yml vendored
View File

@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
if: github.repository_owner == 'NixOS'
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
with:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge

2
.github/workflows/manual-nixpkgs.yml vendored
View File

@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
if: github.repository_owner == 'NixOS'
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
with:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge

2
.github/workflows/nixos-manual.yml vendored
View File

@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest
if: github.repository_owner == 'NixOS'
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
with:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge

2
.github/workflows/periodic-merge-24h.yml vendored
View File

@ -38,7 +38,7 @@ jobs:
into: staging-21.11
name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
uses: devmasx/merge-branch@1.4.0

2
.github/workflows/periodic-merge-6h.yml vendored
View File

@ -32,7 +32,7 @@ jobs:
into: staging
name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
uses: devmasx/merge-branch@1.4.0

2
.github/workflows/update-terraform-providers.yml vendored
View File

@ -10,7 +10,7 @@ jobs:
if: github.repository_owner == 'NixOS' && github.ref == 'refs/heads/master' # ensure workflow_dispatch only runs on master
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v16
- name: setup
id: setup

4
pkgs/applications/misc/whalebird/default.nix
View File

@ -3,11 +3,11 @@
stdenv.mkDerivation rec {
pname = "whalebird";
version = "4.5.1";
version = "4.5.2";
src = fetchurl {
url = "https://github.com/h3poteto/whalebird-desktop/releases/download/${version}/Whalebird-${version}-linux-x64.deb";
sha256 = "sha256-70fCyxiM4CiNuG4Lqr4Tq0FHak3wDcp8G93EKYj+0kc=";
sha256 = "sha256-4ksKXVeUGICHfx014s5g9mapS751dbexBjzyqNvk02M=";
};
nativeBuildInputs = [

4
pkgs/applications/networking/instant-messengers/teamspeak/client.nix
View File

@ -1,6 +1,6 @@
{ lib, stdenv, fetchurl, makeWrapper, makeDesktopItem, zlib, glib, libpng, freetype, openssl
, xorg, fontconfig, qtbase, qtwebengine, qtwebchannel, qtsvg, qtwebsockets, xkeyboard_config
, alsa-lib, libpulseaudio ? null, libredirect, quazip, which, unzip, llvmPackages, writeShellScriptBin
, alsa-lib, libpulseaudio ? null, libredirect, quazip, which, unzip, llvmPackages_10, writeShellScriptBin
}:
let
@ -13,7 +13,7 @@ let
[ zlib glib libpng freetype xorg.libSM xorg.libICE xorg.libXrender openssl
xorg.libXrandr xorg.libXfixes xorg.libXcursor xorg.libXinerama
xorg.libxcb fontconfig xorg.libXext xorg.libX11 alsa-lib qtbase qtwebengine qtwebchannel qtsvg
qtwebsockets libpulseaudio quazip llvmPackages.libcxx llvmPackages.libcxxabi
qtwebsockets libpulseaudio quazip llvmPackages_10.libcxx llvmPackages_10.libcxxabi # llvmPackages_11 and higher crash https://github.com/NixOS/nixpkgs/issues/161395
];
desktopItem = makeDesktopItem {

29
pkgs/build-support/make-darwin-bundle/write-darwin-bundle.nix
View File

@ -4,33 +4,34 @@ let
pListText = lib.generators.toPlist { } {
CFBundleDevelopmentRegion = "English";
CFBundleExecutable = "$name";
CFBundleIconFiles = [ "$iconPlistArray" ];
CFBundleIconFile = "$icon";
CFBundleIdentifier = "org.nixos.$name";
CFBundleInfoDictionaryVersion = "6.0";
CFBundleName = "$name";
CFBundlePackageType = "APPL";
CFBundleSignature = "???";
};
# The generation of the CFBundleIconFiles array is a bit of a hack, since we
# will always end up with an empty first element (<string></string>) but macOS
# appears to ignore this which allows us to use the nix PList generator.
in writeScriptBin "write-darwin-bundle" ''
shopt -s nullglob
readonly prefix="$1"
readonly name="$2"
readonly exec="$3"
iconPlistArray=""
readonly prefix=$1
readonly name=$2
readonly exec=$3
readonly icon=$4.icns
readonly squircle=''${5:-1}
readonly plist=$prefix/Applications/$name.app/Contents/Info.plist
for icon in "$prefix/Applications/$name.app/Contents/Resources"/*; do
iconPlistArray="$iconPlistArray</string><string>"$(basename "$icon")""
done
cat > "$prefix/Applications/$name.app/Contents/Info.plist" <<EOF
cat > "$plist" <<EOF
${pListText}
EOF
if [[ $squircle != 0 && $squircle != "false" ]]; then
sed "
s|CFBundleIconFile|CFBundleIconFiles|;
s|<string>$icon</string>|<array><string>$icon</string></array>|
" -i "$plist"
fi
cat > "$prefix/Applications/$name.app/Contents/MacOS/$name" <<EOF
#!/bin/bash
exec $prefix/bin/$exec

157
pkgs/build-support/setup-hooks/desktop-to-darwin-bundle.sh
View File

@ -10,31 +10,156 @@ getDesktopParam() {
awk -F "=" "/${pattern}/ {print \$2}" "${file}"
}
# Convert a freedesktop.org icon theme for a given app to a .icns file. When possible, missing
# icons are synthesized from SVG or rescaled from existing ones (when within the size threshold).
convertIconTheme() {
local -r out=$1
local -r sharePath=$2
local -r iconName=$3
local -r theme=${4:-hicolor}
local -ra iconSizes=(16 32 48 128 256 512)
local -ra scales=([1]="" [2]="@2")
# Based loosely on the algorithm at:
# https://specifications.freedesktop.org/icon-theme-spec/icon-theme-spec-latest.html#icon_lookup
# Assumes threshold = 2 for ease of implementation.
function findIcon() {
local -r iconSize=$1
local -r scale=$2
local scaleSuffix=${scales[$scale]}
local exactSize=${iconSize}x${iconSize}${scaleSuffix}
if [[ $exactSize = '48x48@2' ]]; then
# macOS does not support a 2x scale variant of 48x48 icons
# See: https://en.wikipedia.org/wiki/Apple_Icon_Image_format#Icon_types
echo "unsupported"
return 0
fi
local -a validSizes=(
${exactSize}
$((iconSize + 1))x$((iconSize + 1))${scaleSuffix}
$((iconSize + 2))x$((iconSize + 2))${scaleSuffix}
$((iconSize - 1))x$((iconSize - 1))${scaleSuffix}
$((iconSize - 2))x$((iconSize - 2))${scaleSuffix}
)
for iconIndex in "${!candidateIcons[@]}"; do
for maybeSize in "${validSizes[@]}"; do
icon=${candidateIcons[$iconIndex]}
if [[ $icon = */$maybeSize/* ]]; then
if [[ $maybeSize = $exactSize ]]; then
echo "fixed $icon"
else
echo "threshold $icon"
fi
return 0
fi
done
done
echo "scalable"
}
function resizeIcon() {
local -r in=$1
local -r out=$2
local -r iconSize=$3
local -r scale=$4
local density=$((72 * scale))x$((72 * scale))
local dim=$((iconSize * scale))
magick convert -scale "${dim}x${dim}" -density "$density" -units PixelsPerInch "$in" "$out"
}
function synthesizeIcon() {
local -r in=$1
local -r out=$2
local -r iconSize=$3
local -r scale=$4
if [[ $in != '-' ]]; then
local density=$((72 * scale))x$((72 * scale))
local dim=$((iconSize * scale))
rsvg-convert --keep-aspect-ratio --width "$dim" --height "$dim" "$in" --output "$out"
magick convert -density "$density" -units PixelsPerInch "$out" "$out"
else
return 1
fi
}
function getIcons() {
local -r sharePath=$1
local -r iconname=$2
local -r theme=$3
local -r resultdir=$(mktemp -d)
local -ar candidateIcons=(
"${sharePath}/icons/${theme}/"*"/${iconname}.png"
"${sharePath}/icons/${theme}/"*"/${iconname}.xpm"
)
local -a scalableIcon=("${sharePath}/icons/${theme}/scalable/${iconname}.svg"*)
if [[ ${#scalableIcon[@]} = 0 ]]; then
scalableIcon=('-')
fi
for iconSize in "${iconSizes[@]}"; do
for scale in "${!scales[@]}"; do
local iconResult=$(findIcon $iconSize $scale)
local type=${iconResult%% *}
local icon=${iconResult#* }
local scaleSuffix=${scales[$scale]}
local result=${resultdir}/${iconSize}x${iconSize}${scales[$scale]}${scaleSuffix:+x}.png
case $type in
fixed)
local density=$((72 * scale))x$((72 * scale))
magick convert -density "$density" -units PixelsPerInch "$icon" "$result"
;;
threshold)
# Synthesize an icon of the exact size if a scalable icon is available
# instead of scaling one and ending up with a fuzzy icon.
if ! synthesizeIcon "${scalableIcon[0]}" "$result" "$iconSize" "$scale"; then
resizeIcon "$icon" "$result" "$iconSize" "$scale"
fi
;;
scalable)
synthesizeIcon "${scalableIcon[0]}" "$result" "$iconSize" "$scale" || true
;;
*)
;;
esac
done
done
echo "$resultdir"
}
iconsdir=$(getIcons "$sharePath" "apps/${iconName}" "$theme")
if [[ ! -z "$(ls -1 "$iconsdir/"*)" ]]; then
icnsutil compose "$out/${iconName}.icns" "$iconsdir/"*
else
echo "Warning: no icons were found. Creating an empty icon for ${iconName}.icns."
touch "$out/${iconName}.icns"
fi
}
# For a given .desktop file, generate a darwin '.app' bundle for it.
convertDesktopFile() {
local -r file="$1"
local -r file=$1
local -r sharePath=$(dirname "$(dirname "$file")")
local -r name=$(getDesktopParam "${file}" "^Name")
local -r exec=$(getDesktopParam "${file}" "Exec")
local -r iconName=$(getDesktopParam "${file}" "Icon")
local -r iconFiles=$(find "$out/share/icons/" -name "${iconName}.*" 2>/dev/null);
local -r pixMaps=$(find "$out/share/pixmaps/" -name "${iconName}.xpm" 2>/dev/null);
local -r iconName=$(getDesktopParam "${file}" "^Icon")
local -r squircle=$(getDesktopParam "${file}" "X-macOS-SquircleIcon")
mkdir -p "$out/Applications/${name}.app/Contents/MacOS"
mkdir -p "$out/Applications/${name}.app/Contents/Resources"
local i=0;
for icon in $iconFiles; do
ln -s "$icon" "$out/Applications/${name}.app/Contents/Resources/$i-$(basename "$icon")"
(( i +=1 ));
done
convertIconTheme "$out/Applications/${name}.app/Contents/Resources" "$sharePath" "$iconName"
for pixmap in $pixMaps; do
local newIconName="$i-$(basename "$pixmap")";
convert "$pixmap" "$out/Applications/${name}.app/Contents/Resources/${newIconName%.xpm}.png"
(( i +=1 ));
done
write-darwin-bundle "$out" "$name" "$exec"
write-darwin-bundle "$out" "$name" "$exec" "$iconName" "$squircle"
}
convertDesktopFiles() {

12
pkgs/desktops/pantheon/apps/appcenter/default.nix
View File

@ -7,6 +7,7 @@
, desktop-file-utils
, elementary-icon-theme
, fetchFromGitHub
, fetchpatch
, flatpak
, gettext
, glib
@ -38,6 +39,17 @@ stdenv.mkDerivation rec {
sha256 = "sha256-xktIHQHmz5gh72NEz9UQ9fMvBlj1BihWxHgxsHmTIB0=";
};
patches = [
# Fix AppStream.PoolFlags being renamed
# Though the API break has been fixed in latest appstream,
# let's use the non-deprecated version anyway.
# https://github.com/elementary/appcenter/pull/1794
(fetchpatch {
url = "https://github.com/elementary/appcenter/commit/84bc6400713484aa9365f0ba73f59c495da3f08b.patch";
sha256 = "sha256-HNRCJ/5mRbEVjCq9nrXtdQOOk1Jj5jalApkghD8ecpk=";
})
];
nativeBuildInputs = [
appstream-glib
dbus # for pkg-config

15
pkgs/desktops/pantheon/desktop/elementary-greeter/default.nix
View File

@ -1,7 +1,6 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, linkFarm
, substituteAll
@ -31,13 +30,13 @@
stdenv.mkDerivation rec {
pname = "elementary-greeter";
version = "6.0.1";
version = "6.0.2";
src = fetchFromGitHub {
owner = "elementary";
repo = "greeter";
rev = version;
sha256 = "1f606ds56sp1c58q8dblfpaq9pwwkqw9i4gkwksw45m2xkwlbflq";
sha256 = "sha256-0chBM8JuCYgZXHneiSxSICZwBVm2Vgx+bas9wUjbnyg=";
};
patches = [
@ -47,15 +46,6 @@ stdenv.mkDerivation rec {
src = ./hardcode-fallback-background.patch;
default_wallpaper = "${nixos-artwork.wallpapers.simple-dark-gray.gnomeFilePath}";
})
# https://github.com/NixOS/nixpkgs/issues/151609
# https://github.com/elementary/greeter/issues/578#issuecomment-1030746697
./fix-crash.patch
# Fix build with meson 0.61
# https://github.com/elementary/greeter/pull/590
(fetchpatch {
url = "https://github.com/elementary/greeter/commit/a4b25244058fce794a9f13f6b22a8ff7735ebde9.patch";
sha256 = "sha256-qPXhdvmYG8YMDU/CjbEkfZ0glgRzxnu0TsOPtvWHxLY=";
})
];
nativeBuildInputs = [
@ -80,7 +70,6 @@ stdenv.mkDerivation rec {
libhandy
lightdm
mutter
wingpanel-with-indicators
];
mesonFlags = [

21
pkgs/desktops/pantheon/desktop/elementary-greeter/fix-crash.patch
View File

@ -1,21 +0,0 @@
diff --git a/src/Cards/UserCard.vala b/src/Cards/UserCard.vala
index 83df22c..8cd917e 100644
--- a/src/Cards/UserCard.vala
+++ b/src/Cards/UserCard.vala
@@ -42,6 +42,7 @@ public class Greeter.UserCard : Greeter.BaseCard {
private Gtk.Stack login_stack;
private Greeter.PasswordEntry password_entry;
+ private SelectionCheck logged_in;
private unowned Gtk.StyleContext logged_in_context;
private weak Gtk.StyleContext main_grid_style_context;
private weak Gtk.StyleContext password_entry_context;
@@ -214,7 +215,7 @@ public class Greeter.UserCard : Greeter.BaseCard {
};
avatar_overlay.add (avatar);
- var logged_in = new SelectionCheck () {
+ logged_in = new SelectionCheck () {
halign = Gtk.Align.END,
valign = Gtk.Align.END
};

31
pkgs/development/python-modules/icnsutil/default.nix Normal file
View File

@ -0,0 +1,31 @@
{ lib
, python
, fetchFromGitHub
, buildPythonPackage
}:
buildPythonPackage rec {
pname = "icnsutil";
version = "1.0.1";
src = fetchFromGitHub {
owner = "relikd";
repo = pname;
rev = "v${version}";
sha256 = "sha256-TfQvAbP7iCpRQg2G+ejl245NCYo9DpYwMgiwY2BuJnY=";
};
doCheck = true;
checkPhase = ''
${python.interpreter} tests/test_icnsutil.py
${python.interpreter} tests/test_cli.py
'';
meta = {
homepage = "https://github.com/relikd/icnsutil";
description = "Create and extract .icns files.";
license = lib.licenses.mit;
maintainers = [ lib.maintainers.reckenrode ];
};
}

5
pkgs/development/python-modules/jschema-to-python/default.nix
View File

@ -15,13 +15,10 @@ buildPythonPackage rec {
sha256 = "76ff14fe5d304708ccad1284e4b11f96a658949a31ee7faed9e0995279549b91";
};
nativeBuildInputs = [
pbr
];
propagatedBuildInputs = [
attrs
jsonpickle
pbr
];
checkInputs =[

4
pkgs/development/python-modules/mypy-boto3-builder/default.nix
View File

@ -16,7 +16,7 @@
buildPythonPackage rec {
pname = "mypy-boto3-builder";
version = "7.1.2";
version = "7.2.1";
format = "pyproject";
disabled = pythonOlder "3.10";
@ -25,7 +25,7 @@ buildPythonPackage rec {
owner = "vemel";
repo = "mypy_boto3_builder";
rev = version;
hash = "sha256-p81Dk6Kv0MzHvexhM8Su5/yIpB+ZGBFqOtm0D18l26s=";
hash = "sha256-jovvSNw2ahCwhA+9zOrn9bR2siXJetZPymQVG4EC9Us=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/pex/default.nix
View File

@ -6,12 +6,12 @@
buildPythonPackage rec {
pname = "pex";
version = "2.1.68";
version = "2.1.69";
format = "flit";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-IuYEDKK4sQQ9xVBfHWtya/t9pLNX2gYcXMBpn72FDyo=";
sha256 = "sha256-JbQ8yn/uALjjVSRgqKXsQOC4rOCGkMPxb50KqWg89kM=";
};
nativeBuildInputs = [

4
pkgs/development/tools/continuous-integration/github-runner/default.nix
View File

@ -43,13 +43,13 @@ let
in
stdenv.mkDerivation rec {
pname = "github-runner";
version = "2.288.0";
version = "2.288.1";
src = fetchFromGitHub {
owner = "actions";
repo = "runner";
rev = "v${version}";
hash = "sha256-vl8p+isoK+yczmsMO2YjnmJQW/k0jLgCUbhQa/wG650=";
hash = "sha256-bP+6aAKnu6PxN9eppFXsqOSVSGQ6Lv+gEF2MdEz52WE=";
};
nativeBuildInputs = [

6
pkgs/development/tools/rust/rust-analyzer/default.nix
View File

@ -11,14 +11,14 @@
rustPlatform.buildRustPackage rec {
pname = "rust-analyzer-unwrapped";
version = "2022-02-22";
cargoSha256 = "sha256-5PhmDiYC566KM0PfAaRdMpc0CAzDdez4uuLqBNBrma8=";
version = "2022-02-28";
cargoSha256 = "sha256-dTw6xp99uGtGp6YuqAX3r3GDD6Wto3KHTaO2DUUE2FA=";
src = fetchFromGitHub {
owner = "rust-analyzer";
repo = "rust-analyzer";
rev = version;
sha256 = "sha256-O9onJrAJY0TWxEZZcTWuF7SGPypRtSo0ZbpzDLC5+os=";
sha256 = "sha256-GQ1cPO4povnozLl0MTFs0ZXpmBn+AZeFWQVnxHHWf9g=";
};
patches = [

32
pkgs/os-specific/darwin/dockutil/default.nix Normal file
View File

@ -0,0 +1,32 @@
{ lib, stdenv, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "dockutil";
version = "2.0.5";
src = fetchFromGitHub {
owner = "kcrawford";
repo = "dockutil";
rev = version;
sha256 = "sha256-8tDkueCTCtvxc7owp3K9Tsrn4hL79CM04zBNv7AcHgA=";
};
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/bin
install -Dm755 scripts/dockutil -t $out/bin
runHook postInstall
'';
meta = with lib; {
description = "Tool for managing dock items";
homepage = "https://github.com/kcrawford/dockutil";
license = licenses.asl20;
maintainers = with maintainers; [ tboerger ];
platforms = platforms.darwin;
};
}

30
pkgs/tools/misc/staruml/default.nix
View File

@ -1,5 +1,6 @@
{ stdenv, lib, fetchurl, makeWrapper
, dpkg, patchelf
{ stdenv, lib, fetchurl
, dpkg, patchelf, wrapGAppsHook
, hicolor-icon-theme
, gtk3, glib, systemd
, xorg, nss, nspr
, atk, at-spi2-atk, dbus
@ -30,7 +31,8 @@ stdenv.mkDerivation rec {
sha256 = "sha256-CUOdpR8RExMLeOX8469egENotMNuPU4z8S1IGqA21z0=";
};
nativeBuildInputs = [ makeWrapper dpkg ];
nativeBuildInputs = [ wrapGAppsHook dpkg ];
buildInputs = [ glib hicolor-icon-theme ];
unpackPhase = ''
mkdir pkg
@ -39,8 +41,14 @@ stdenv.mkDerivation rec {
'';
installPhase = ''
mkdir $out
mv opt/StarUML $out/bin
mkdir -p $out/bin
mv opt $out
mv usr/share $out
rm -rf $out/share/doc
substituteInPlace $out/share/applications/staruml.desktop \
--replace "/opt/StarUML/staruml" "$out/bin/staruml"
mkdir -p $out/lib
ln -s ${stdenv.cc.cc.lib}/lib/libstdc++.so.6 $out/lib/
@ -48,9 +56,15 @@ stdenv.mkDerivation rec {
patchelf \
--interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
$out/bin/staruml
wrapProgram $out/bin/staruml \
--prefix LD_LIBRARY_PATH : $out/lib:${LD_LIBRARY_PATH}
$out/opt/StarUML/staruml
ln -s $out/opt/StarUML/staruml $out/bin/staruml
'';
preFixup = ''
gappsWrapperArgs+=(
--prefix LD_LIBRARY_PATH ':' $out/lib:${LD_LIBRARY_PATH}
)
'';
meta = with lib; {

42
pkgs/tools/security/witness/default.nix
View File

@ -1,25 +1,57 @@
{ lib, buildGoModule, fetchFromGitHub }:
{ lib, buildGoModule, fetchFromGitHub, installShellFiles }:
buildGoModule rec {
pname = "witness";
version = "0.1.1";
version = "0.1.6";
src = fetchFromGitHub {
owner = "testifysec";
repo = pname;
rev = "v${version}";
sha256 = "sha256-NnDsiDUTCdjsHVA/mHnB8WRnvwFTzETkWUOd7IgMIWE=";
sha256 = "sha256-/35hIA6Wm/F5hwyLZbt4JXpwWISWbzVAWrX29r6pejY=";
};
vendorSha256 = "sha256-zkLparWJsuqrhOQxxV37dBqt6fwpSinTO+paJkbl+sM=";
vendorSha256 = "sha256-vXDsHHJknw9hsHx1mJA2c0CWwFbRXjCjitNWPh6V4yw=";
nativeBuildInputs = [ installShellFiles ];
# We only want the witness binary, not the helper utilities for generating docs.
subPackages = [ "cmd/witness" ];
ldflags = [
"-s"
"-w"
"-X github.com/testifysec/witness/cmd/witness/cmd.Version=v${version}"
];
# Feed in all tests for testing
# This is because subPackages above limits what is built to just what we
# want but also limits the tests
preCheck = ''
unset subPackages
'';
postInstall = ''
installShellCompletion --cmd witness \
--bash <($out/bin/witness completion bash) \
--fish <($out/bin/witness completion fish) \
--zsh <($out/bin/witness completion zsh)
'';
meta = with lib; {
description = "A pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target";
longDescription = ''
Witness prevents tampering of build materials and verifies the integrity
of the build process from source to target. It works by wrapping commands
executed in a continuous integration process. Its attestation system is
pluggable and offers support out of the box for most major CI and
infrastructure providers. Verification of Witness metadata and a secure
PKI distribution system will mitigate against many software supply chain
attack vectors and can be used as a framework for automated governance.
'';
homepage = "https://github.com/testifysec/witness";
changelog = "https://github.com/testifysec/witness/releases/tag/v${version}";
license = licenses.asl20;
maintainers = with maintainers; [ fkautz ];
maintainers = with maintainers; [ fkautz jk ];
};
}

7
pkgs/top-level/all-packages.nix
View File

@ -830,8 +830,9 @@ with pkgs;
writeDarwinBundle = callPackage ../build-support/make-darwin-bundle/write-darwin-bundle.nix { };
desktopToDarwinBundle = makeSetupHook { deps = [ writeDarwinBundle imagemagick ]; }
../build-support/setup-hooks/desktop-to-darwin-bundle.sh;
desktopToDarwinBundle = makeSetupHook {
deps = [ writeDarwinBundle librsvg imagemagick python3Packages.icnsutil ];
} ../build-support/setup-hooks/desktop-to-darwin-bundle.sh;
keepBuildTree = makeSetupHook { } ../build-support/setup-hooks/keep-build-tree.sh;
@ -33025,6 +33026,8 @@ with pkgs;
dell-530cdn = callPackage ../misc/drivers/dell-530cdn {};
dockutil = callPackage ../os-specific/darwin/dockutil { };
dosbox = callPackage ../applications/emulators/dosbox { };
dosbox-staging = callPackage ../applications/emulators/dosbox-staging { };

2
pkgs/top-level/python-packages.nix
View File

@ -3912,6 +3912,8 @@ in {
icmplib = callPackage ../development/python-modules/icmplib { };
icnsutil = callPackage ../development/python-modules/icnsutil { };
ics = callPackage ../development/python-modules/ics { };
idasen = callPackage ../development/python-modules/idasen { };