Merge master into staging-next
This commit is contained in:
commit
df61e678f2
|
@ -12,6 +12,9 @@ PICKABLE_BRANCHES=${PICKABLE_BRANCHES:-master staging release-??.?? staging-??.?
|
|||
problem=0
|
||||
|
||||
while read new_commit_sha ; do
|
||||
if [ -z "$new_commit_sha" ] ; then
|
||||
continue # skip empty lines
|
||||
fi
|
||||
if [ "$GITHUB_ACTIONS" = 'true' ] ; then
|
||||
echo "::group::Commit $new_commit_sha"
|
||||
else
|
||||
|
@ -57,6 +60,8 @@ while read new_commit_sha ; do
|
|||
|
||||
$range_diff_common --color
|
||||
|
||||
echo "Note this should not necessarily be treated as a hard fail, but a reviewer's attention should" \
|
||||
"be drawn to it and github actions have no way of doing that but to raise a 'failure'"
|
||||
problem=1
|
||||
else
|
||||
echo " ✔ $original_commit_sha highly similar to $new_commit_sha"
|
||||
|
|
|
@ -163,6 +163,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
|||
|
||||
- [Uni-Sync](https://github.com/EightB1ts/uni-sync), a synchronization tool for Lian Li Uni Controllers. Available as [hardware.uni-sync](#opt-hardware.uni-sync.enable)
|
||||
|
||||
- [prometheus-nats-exporter](https://github.com/nats-io/prometheus-nats-exporter), a Prometheus exporter for NATS. Available as [services.prometheus.exporters.nats](#opt-services.prometheus.exporters.nats.enable).
|
||||
|
||||
## Backward Incompatibilities {#sec-release-24.05-incompatibilities}
|
||||
|
||||
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
|
||||
|
|
|
@ -36,7 +36,7 @@ in
|
|||
};
|
||||
platforms = lib.mkOption {
|
||||
type = types.listOf types.raw;
|
||||
default = lib.platforms.linux ++ lib.platforms.darwin;
|
||||
default = lib.platforms.linux;
|
||||
description = ''
|
||||
Sets the [`meta.platforms`](https://nixos.org/manual/nixpkgs/stable/#var-meta-platforms) attribute on the [{option}`test`](#test-opt-test) derivation.
|
||||
'';
|
||||
|
|
|
@ -12,7 +12,7 @@ in
|
|||
enable = mkEnableOption (lib.mdDoc "Restic REST Server");
|
||||
|
||||
listenAddress = mkOption {
|
||||
default = ":8000";
|
||||
default = "8000";
|
||||
example = "127.0.0.1:8080";
|
||||
type = types.str;
|
||||
description = lib.mdDoc "Listen on a specific IP address and port.";
|
||||
|
@ -61,14 +61,19 @@ in
|
|||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = [{
|
||||
assertion = lib.substring 0 1 cfg.listenAddress != ":";
|
||||
message = "The restic-rest-server now uses systemd socket activation, which expects only the Port number: services.restic.server.listenAddress = \"${lib.substring 1 6 cfg.listenAddress}\";";
|
||||
}];
|
||||
|
||||
systemd.services.restic-rest-server = {
|
||||
description = "Restic REST Server";
|
||||
after = [ "network.target" ];
|
||||
after = [ "network.target" "restic-rest-server.socket" ];
|
||||
requires = [ "restic-rest-server.socket" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${cfg.package}/bin/rest-server \
|
||||
--listen ${cfg.listenAddress} \
|
||||
--path ${cfg.dataDir} \
|
||||
${optionalString cfg.appendOnly "--append-only"} \
|
||||
${optionalString cfg.privateRepos "--private-repos"} \
|
||||
|
@ -80,16 +85,40 @@ in
|
|||
Group = "restic";
|
||||
|
||||
# Security hardening
|
||||
ReadWritePaths = [ cfg.dataDir ];
|
||||
CapabilityBoundingSet = "";
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateNetwork = true;
|
||||
PrivateTmp = true;
|
||||
PrivateUsers = true;
|
||||
ProtectClock = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectProc = "invisible";
|
||||
ProtectSystem = "strict";
|
||||
ProtectKernelTunables = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectControlGroups = true;
|
||||
PrivateDevices = true;
|
||||
ReadWritePaths = [ cfg.dataDir ];
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = "none";
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = "@system-service";
|
||||
UMask = 027;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.sockets.restic-rest-server = {
|
||||
listenStreams = [ cfg.listenAddress ];
|
||||
wantedBy = [ "sockets.target" ];
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = mkIf cfg.privateRepos [
|
||||
"f ${cfg.dataDir}/.htpasswd 0700 restic restic -"
|
||||
];
|
||||
|
|
|
@ -66,7 +66,7 @@ let
|
|||
HideShells = "/run/current-system/sw/bin/nologin";
|
||||
};
|
||||
|
||||
X11 = {
|
||||
X11 = optionalAttrs xcfg.enable {
|
||||
MinimumVT = if xcfg.tty != null then xcfg.tty else 7;
|
||||
ServerPath = toString xserverWrapper;
|
||||
XephyrPath = "${pkgs.xorg.xorgserver.out}/bin/Xephyr";
|
||||
|
|
|
@ -55,6 +55,7 @@ let
|
|||
"modemmanager"
|
||||
"mongodb"
|
||||
"mysqld"
|
||||
"nats"
|
||||
"nextcloud"
|
||||
"nginx"
|
||||
"nginxlog"
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
{ config, lib, pkgs, options, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.prometheus.exporters.nats;
|
||||
|
||||
in
|
||||
{
|
||||
port = 7777;
|
||||
|
||||
extraOpts = {
|
||||
url = mkOption {
|
||||
type = types.str;
|
||||
default = "http://127.0.0.1:8222";
|
||||
description = ''
|
||||
NATS monitor endpoint to query.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
serviceOpts = {
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${pkgs.prometheus-nats-exporter}/bin/prometheus-nats-exporter \
|
||||
-addr ${cfg.listenAddress} \
|
||||
-port ${toString cfg.port} \
|
||||
${concatStringsSep " \\\n " cfg.extraFlags} \
|
||||
${cfg.url}
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
|
@ -777,6 +777,7 @@ in {
|
|||
redis = handleTest ./redis.nix {};
|
||||
redmine = handleTest ./redmine.nix {};
|
||||
restartByActivationScript = handleTest ./restart-by-activation-script.nix {};
|
||||
restic-rest-server = handleTest ./restic-rest-server.nix {};
|
||||
restic = handleTest ./restic.nix {};
|
||||
retroarch = handleTest ./retroarch.nix {};
|
||||
rkvm = handleTest ./rkvm {};
|
||||
|
|
|
@ -0,0 +1,122 @@
|
|||
import ./make-test-python.nix (
|
||||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
remoteRepository = "rest:http://restic_rest_server:8001/";
|
||||
|
||||
backupPrepareCommand = ''
|
||||
touch /root/backupPrepareCommand
|
||||
test ! -e /root/backupCleanupCommand
|
||||
'';
|
||||
|
||||
backupCleanupCommand = ''
|
||||
rm /root/backupPrepareCommand
|
||||
touch /root/backupCleanupCommand
|
||||
'';
|
||||
|
||||
testDir = pkgs.stdenvNoCC.mkDerivation {
|
||||
name = "test-files-to-backup";
|
||||
unpackPhase = "true";
|
||||
installPhase = ''
|
||||
mkdir $out
|
||||
echo some_file > $out/some_file
|
||||
echo some_other_file > $out/some_other_file
|
||||
mkdir $out/a_dir
|
||||
echo a_file > $out/a_dir/a_file
|
||||
'';
|
||||
};
|
||||
|
||||
passwordFile = "${pkgs.writeText "password" "correcthorsebatterystaple"}";
|
||||
paths = [ "/opt" ];
|
||||
exclude = [ "/opt/excluded_file_*" ];
|
||||
pruneOpts = [
|
||||
"--keep-daily 2"
|
||||
"--keep-weekly 1"
|
||||
"--keep-monthly 1"
|
||||
"--keep-yearly 99"
|
||||
];
|
||||
in
|
||||
{
|
||||
name = "restic-rest-server";
|
||||
|
||||
nodes = {
|
||||
restic_rest_server = {
|
||||
services.restic.server = {
|
||||
enable = true;
|
||||
extraFlags = [ "--no-auth" ];
|
||||
listenAddress = "8001";
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 8001 ];
|
||||
};
|
||||
server = {
|
||||
services.restic.backups = {
|
||||
remotebackup = {
|
||||
inherit passwordFile paths exclude pruneOpts backupPrepareCommand backupCleanupCommand;
|
||||
repository = remoteRepository;
|
||||
initialize = true;
|
||||
timerConfig = null; # has no effect here, just checking that it doesn't break the service
|
||||
};
|
||||
remoteprune = {
|
||||
inherit passwordFile;
|
||||
repository = remoteRepository;
|
||||
pruneOpts = [ "--keep-last 1" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
restic_rest_server.start()
|
||||
server.start()
|
||||
restic_rest_server.wait_for_unit("restic-rest-server.socket")
|
||||
restic_rest_server.wait_for_open_port(8001)
|
||||
server.wait_for_unit("dbus.socket")
|
||||
server.fail(
|
||||
"restic-remotebackup snapshots",
|
||||
)
|
||||
server.succeed(
|
||||
# set up
|
||||
"cp -rT ${testDir} /opt",
|
||||
"touch /opt/excluded_file_1 /opt/excluded_file_2",
|
||||
|
||||
# test that remotebackup runs custom commands and produces a snapshot
|
||||
"timedatectl set-time '2016-12-13 13:45'",
|
||||
"systemctl start restic-backups-remotebackup.service",
|
||||
"rm /root/backupCleanupCommand",
|
||||
'restic-remotebackup snapshots --json | ${pkgs.jq}/bin/jq "length | . == 1"',
|
||||
|
||||
# test that restoring that snapshot produces the same directory
|
||||
"mkdir /tmp/restore-1",
|
||||
"restic-remotebackup restore latest -t /tmp/restore-1",
|
||||
"diff -ru ${testDir} /tmp/restore-1/opt",
|
||||
|
||||
# test that we can create four snapshots in remotebackup and rclonebackup
|
||||
"timedatectl set-time '2017-12-13 13:45'",
|
||||
"systemctl start restic-backups-remotebackup.service",
|
||||
"rm /root/backupCleanupCommand",
|
||||
|
||||
"timedatectl set-time '2018-12-13 13:45'",
|
||||
"systemctl start restic-backups-remotebackup.service",
|
||||
"rm /root/backupCleanupCommand",
|
||||
|
||||
"timedatectl set-time '2018-12-14 13:45'",
|
||||
"systemctl start restic-backups-remotebackup.service",
|
||||
"rm /root/backupCleanupCommand",
|
||||
|
||||
"timedatectl set-time '2018-12-15 13:45'",
|
||||
"systemctl start restic-backups-remotebackup.service",
|
||||
"rm /root/backupCleanupCommand",
|
||||
|
||||
"timedatectl set-time '2018-12-16 13:45'",
|
||||
"systemctl start restic-backups-remotebackup.service",
|
||||
"rm /root/backupCleanupCommand",
|
||||
|
||||
'restic-remotebackup snapshots --json | ${pkgs.jq}/bin/jq "length | . == 4"',
|
||||
|
||||
# test that remoteprune brings us back to 1 snapshot in remotebackup
|
||||
"systemctl start restic-backups-remoteprune.service",
|
||||
'restic-remotebackup snapshots --json | ${pkgs.jq}/bin/jq "length | . == 1"',
|
||||
)
|
||||
'';
|
||||
}
|
||||
)
|
|
@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
|
|||
cmake
|
||||
];
|
||||
|
||||
patchPhase = ''
|
||||
postPatch = ''
|
||||
runHook prePatch
|
||||
|
||||
substituteInPlace ./CMakeLists.txt \
|
||||
|
@ -37,12 +37,12 @@ stdenv.mkDerivation rec {
|
|||
# prevent inheriting permissions from /nix/store when copying
|
||||
substituteInPlace Converter/src/main.cpp --replace \
|
||||
'fs::copy(templateDir, pagedir, fs::copy_options::overwrite_existing | fs::copy_options::recursive)' 'string cmd = "cp --no-preserve=mode -r " + templateDir + " " + pagedir; system(cmd.c_str());'
|
||||
|
||||
runHook postPatch
|
||||
'';
|
||||
|
||||
# The upstream build system does not provide an install target.
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
mkdir -p $out/{bin,lib}
|
||||
mv liblaszip.so $out/lib
|
||||
mv PotreeConverter $out/bin
|
||||
|
@ -56,10 +56,8 @@ stdenv.mkDerivation rec {
|
|||
runHook postInstall
|
||||
'';
|
||||
|
||||
fixupPhase = ''
|
||||
runHook preFixup
|
||||
postFixup = ''
|
||||
ln -s $src/resources $out/bin/resources
|
||||
runHook postFixup
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
|
|
|
@ -9,16 +9,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "bpftop";
|
||||
version = "0.4.0";
|
||||
version = "0.4.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Netflix";
|
||||
repo = "bpftop";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-N5sszFVU1nMS6QQENa9JcgFKSSWs07bWn6usvV/QmX4=";
|
||||
hash = "sha256-OLPebPzb2FKiV1Gc8HTK3sXU2UDMyhFA/XLix/lWxgU=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-yVNql4fSU1HhLKy8HYUbNnMnxgr/gPuqKol5O0ZDQlY=";
|
||||
cargoHash = "sha256-UYCbNECsos71cwwE5avtaijPaPGhLEU7J9i84wPkObI=";
|
||||
|
||||
buildInputs = [
|
||||
elfutils
|
||||
|
|
|
@ -13,6 +13,7 @@ let
|
|||
haskellModifications =
|
||||
lib.flip lib.pipe [
|
||||
addCompletions
|
||||
haskell.lib.doJailbreak
|
||||
haskell.lib.justStaticExecutables
|
||||
];
|
||||
|
||||
|
|
|
@ -1,31 +1,27 @@
|
|||
{ lib
|
||||
, python3
|
||||
, fetchFromGitHub
|
||||
{
|
||||
lib,
|
||||
fetchFromGitHub,
|
||||
python3,
|
||||
}:
|
||||
|
||||
python3.pkgs.buildPythonApplication rec {
|
||||
pname = "dep-scan";
|
||||
version = "5.2.14";
|
||||
version = "5.3.2";
|
||||
pyproject = true;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "owasp-dep-scan";
|
||||
repo = "dep-scan";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-G8i/tGEDgjPnIP04nrbx4HseiaU6N1GJGSg78yhaqII=";
|
||||
hash = "sha256-2WV4f9vHdfnzoQWvwK/+lT9IS0v0sGBqnwDFHWG48G4=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace pytest.ini \
|
||||
--replace-fail " --cov-append --cov-report term --cov depscan" ""
|
||||
# Already fixed by upstream
|
||||
substituteInPlace pyproject.toml \
|
||||
--replace-fail "==5.6.4" ">=5.6.4"
|
||||
'';
|
||||
|
||||
build-system = with python3.pkgs; [
|
||||
setuptools
|
||||
];
|
||||
build-system = with python3.pkgs; [ setuptools ];
|
||||
|
||||
dependencies = with python3.pkgs; [
|
||||
appthreat-vulnerability-db
|
||||
|
@ -47,9 +43,7 @@ python3.pkgs.buildPythonApplication rec {
|
|||
pytestCheckHook
|
||||
];
|
||||
|
||||
pythonImportsCheck = [
|
||||
"depscan"
|
||||
];
|
||||
pythonImportsCheck = [ "depscan" ];
|
||||
|
||||
preCheck = ''
|
||||
export HOME=$(mktemp -d)
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchurl
|
||||
, fetchpatch
|
||||
, autoreconfHook
|
||||
, disarchive
|
||||
, git
|
||||
|
@ -43,6 +44,19 @@ stdenv.mkDerivation rec {
|
|||
hash = "sha256-Q8dpy/Yy7wVEmsH6SMG6FSwzSUxqvH5HE3u6eyFJ+KQ=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2024-27297_1.patch";
|
||||
url = "https://git.savannah.gnu.org/cgit/guix.git/patch/?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143";
|
||||
hash = "sha256-xKo1h2uckC2pYHt+memekagfL6dWcF8gOnTOOW/wJUU=";
|
||||
})
|
||||
(fetchpatch {
|
||||
name = "CVE-2024-27297_2.patch";
|
||||
url = "https://git.savannah.gnu.org/cgit/guix.git/patch/?id=ff1251de0bc327ec478fc66a562430fbf35aef42";
|
||||
hash = "sha256-f4KWDVrvO/oI+4SCUHU5GandkGtHrlaM1BWygM/Qlao=";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
sed nix/local.mk -i -E \
|
||||
-e "s|^sysvinitservicedir = .*$|sysvinitservicedir = $out/etc/init.d|" \
|
||||
|
|
|
@ -237,6 +237,7 @@ backendStdenv.mkDerivation rec {
|
|||
${lib.optionalString (lib.versionAtLeast version "10.1" && lib.versionOlder version "11") ''
|
||||
cd pkg/builds/cuda-toolkit
|
||||
mv * $out/
|
||||
rm -f $out/nsight-systems-*/host-linux-x64/libstdc++.so*
|
||||
''}
|
||||
${lib.optionalString (lib.versionAtLeast version "11") ''
|
||||
mkdir -p $out/bin $out/lib64 $out/include $doc
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ mkDerivation }:
|
||||
|
||||
mkDerivation {
|
||||
version = "24.3.4.16";
|
||||
sha256 = "sha256-oLfidJPgWTz7AsJz+C4adXnxcow8C/M828os6aB4Z/c=";
|
||||
version = "24.3.4.17";
|
||||
sha256 = "sha256-V26pZEyFo+c+ztDDkjDNFK6LTw5xzF8gQYepWGNlGKg=";
|
||||
}
|
||||
|
|
|
@ -24,13 +24,13 @@ let
|
|||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ctranslate2";
|
||||
version = "4.1.1";
|
||||
version = "4.2.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "OpenNMT";
|
||||
repo = "CTranslate2";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-vA1KnHRxIX0lYUfwXTbxjnrrBjFmqp2kwpxBNorVf0Y=";
|
||||
hash = "sha256-P/aXrzaCF6Rz99Pz9CkpR/FlWXCj04q/4swiAddcwKk=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
|
|
|
@ -1,26 +1,36 @@
|
|||
{ lib, pythonOlder, buildPythonPackage, fetchPypi, pytestCheckHook }:
|
||||
{
|
||||
lib,
|
||||
pythonOlder,
|
||||
buildPythonPackage,
|
||||
fetchPypi,
|
||||
pytestCheckHook,
|
||||
setuptools,
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "ajsonrpc";
|
||||
version = "1.2.0";
|
||||
format = "setuptools";
|
||||
pyproject = true;
|
||||
|
||||
disabled = pythonOlder "3.5";
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "791bac18f0bf0dee109194644f151cf8b7ff529c4b8d6239ac48104a3251a19f";
|
||||
hash = "sha256-eRusGPC/De4QkZRkTxUc+Lf/UpxLjWI5rEgQSjJRoZ8=";
|
||||
};
|
||||
|
||||
build-system = [ setuptools ];
|
||||
|
||||
nativeCheckInputs = [ pytestCheckHook ];
|
||||
|
||||
pythonImportsCheck = [ "ajsonrpc" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Async JSON-RPC 2.0 protocol + asyncio server";
|
||||
mainProgram = "async-json-rpc-server";
|
||||
description = "Async JSON-RPC 2.0 protocol and asyncio server";
|
||||
homepage = "https://github.com/pavlov99/ajsonrpc";
|
||||
changelog = "https://github.com/pavlov99/ajsonrpc/releases/tag/${version}";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ oxzi ];
|
||||
mainProgram = "async-json-rpc-server";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,23 +1,24 @@
|
|||
{ lib
|
||||
, appdirs
|
||||
, buildPythonPackage
|
||||
, cvss
|
||||
, fetchFromGitHub
|
||||
, httpx
|
||||
, msgpack
|
||||
, orjson
|
||||
, packageurl-python
|
||||
, pytestCheckHook
|
||||
, pythonOlder
|
||||
, pythonRelaxDepsHook
|
||||
, semver
|
||||
, setuptools
|
||||
, tabulate
|
||||
{
|
||||
lib,
|
||||
appdirs,
|
||||
buildPythonPackage,
|
||||
cvss,
|
||||
fetchFromGitHub,
|
||||
httpx,
|
||||
msgpack,
|
||||
orjson,
|
||||
packageurl-python,
|
||||
pytestCheckHook,
|
||||
pythonOlder,
|
||||
pythonRelaxDepsHook,
|
||||
semver,
|
||||
setuptools,
|
||||
tabulate,
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "appthreat-vulnerability-db";
|
||||
version = "5.6.6";
|
||||
version = "5.6.7";
|
||||
pyproject = true;
|
||||
|
||||
disabled = pythonOlder "3.10";
|
||||
|
@ -26,7 +27,7 @@ buildPythonPackage rec {
|
|||
owner = "AppThreat";
|
||||
repo = "vulnerability-db";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-wVl2C1AG9LbSh/p95fstJyJr6JnhZFIhNvq8mhpg13Q=";
|
||||
hash = "sha256-/QzK+su+g2ESZ81C0coxKf13WOUVz1GyfJbOrO7fS98=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
@ -39,13 +40,9 @@ buildPythonPackage rec {
|
|||
"semver"
|
||||
];
|
||||
|
||||
build-system = [
|
||||
setuptools
|
||||
];
|
||||
build-system = [ setuptools ];
|
||||
|
||||
nativeBuildInputs = [
|
||||
pythonRelaxDepsHook
|
||||
];
|
||||
nativeBuildInputs = [ pythonRelaxDepsHook ];
|
||||
|
||||
dependencies = [
|
||||
appdirs
|
||||
|
@ -58,9 +55,7 @@ buildPythonPackage rec {
|
|||
tabulate
|
||||
] ++ httpx.optional-dependencies.http2;
|
||||
|
||||
nativeCheckInputs = [
|
||||
pytestCheckHook
|
||||
];
|
||||
nativeCheckInputs = [ pytestCheckHook ];
|
||||
|
||||
preCheck = ''
|
||||
export HOME=$(mktemp -d);
|
||||
|
@ -72,9 +67,7 @@ buildPythonPackage rec {
|
|||
"test_download_recent"
|
||||
];
|
||||
|
||||
pythonImportsCheck = [
|
||||
"vdb"
|
||||
];
|
||||
pythonImportsCheck = [ "vdb" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm";
|
||||
|
|
|
@ -1,17 +1,19 @@
|
|||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, sqlite
|
||||
, isPyPy
|
||||
, python
|
||||
{
|
||||
lib,
|
||||
buildPythonPackage,
|
||||
fetchFromGitHub,
|
||||
python,
|
||||
pythonOlder,
|
||||
setuptools,
|
||||
sqlite,
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "apsw";
|
||||
version = "3.45.2.0";
|
||||
format = "setuptools";
|
||||
pyproject = true;
|
||||
|
||||
disabled = isPyPy;
|
||||
disabled = pythonOlder "3.8";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rogerbinns";
|
||||
|
@ -20,9 +22,9 @@ buildPythonPackage rec {
|
|||
hash = "sha256-tTi3/10W4OoGH6PQVhvPWc5o09on5BZrWoAvrfh4C/E=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
sqlite
|
||||
];
|
||||
build-system = [ setuptools ];
|
||||
|
||||
buildInputs = [ sqlite ];
|
||||
|
||||
# Project uses custom test setup to exclude some tests by default, so using pytest
|
||||
# requires more maintenance
|
||||
|
@ -31,13 +33,12 @@ buildPythonPackage rec {
|
|||
${python.interpreter} setup.py test
|
||||
'';
|
||||
|
||||
pythonImportsCheck = [
|
||||
"apsw"
|
||||
];
|
||||
pythonImportsCheck = [ "apsw" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "A Python wrapper for the SQLite embedded relational database engine";
|
||||
homepage = "https://github.com/rogerbinns/apsw";
|
||||
changelog = "https://github.com/rogerbinns/apsw/releases/tag/${version}";
|
||||
license = licenses.zlib;
|
||||
maintainers = with maintainers; [ gador ];
|
||||
};
|
||||
|
|
|
@ -365,14 +365,14 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "boto3-stubs";
|
||||
version = "1.34.79";
|
||||
version = "1.34.81";
|
||||
pyproject = true;
|
||||
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
hash = "sha256-UP1wsnsoa/ennFbbdOdFR5tN8YalggjCFAsyWITOQ+A=";
|
||||
hash = "sha256-ajcieN11ogwfWJgk4CcshHmuVay6KbRWMfG1h9pkoiM=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -1,19 +1,36 @@
|
|||
{ lib, buildPythonPackage, fetchPypi, cryptography, boto3, pyyaml, docutils, pytest, fetchpatch }:
|
||||
{
|
||||
lib,
|
||||
boto3,
|
||||
buildPythonPackage,
|
||||
cryptography,
|
||||
docutils,
|
||||
fetchFromGitHub,
|
||||
fetchpatch,
|
||||
pytestCheckHook,
|
||||
pythonOlder,
|
||||
pyyaml,
|
||||
setuptools,
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "credstash";
|
||||
version = "1.17.1";
|
||||
format = "setuptools";
|
||||
pyproject = true;
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "6c04e8734ef556ab459018da142dd0b244093ef176b3be5583e582e9a797a120";
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "fugue";
|
||||
repo = "credstash";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-a6OzffGt5piHgi0AWEXJED0R/+8RETh/9hYJi/lUVu0=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# setup_requires -> tests_requires for pytest
|
||||
(fetchpatch {
|
||||
url = "https://github.com/fugue/credstash/commit/9c02ee43ed6e37596cafbca2fe80c532ec19d2d8.patch";
|
||||
sha256 = "dlybrpfLK+PqwWWhH9iXgXHYysZGmcZAFGWNOwsG0xA=";
|
||||
hash = "sha256-dlybrpfLK+PqwWWhH9iXgXHYysZGmcZAFGWNOwsG0xA=";
|
||||
})
|
||||
];
|
||||
# The install phase puts an executable and a copy of the library it imports in
|
||||
|
@ -24,17 +41,29 @@ buildPythonPackage rec {
|
|||
# file ensures that Python imports the module from site-packages library.
|
||||
postInstall = "rm $out/bin/credstash.py";
|
||||
|
||||
nativeBuildInputs = [ pytest ];
|
||||
build-system = [ setuptools ];
|
||||
|
||||
propagatedBuildInputs = [ cryptography boto3 pyyaml docutils ];
|
||||
dependencies = [
|
||||
boto3
|
||||
cryptography
|
||||
docutils
|
||||
pyyaml
|
||||
];
|
||||
|
||||
# No tests in archive
|
||||
doCheck = false;
|
||||
nativeBuildInputs = [ pytestCheckHook ];
|
||||
|
||||
disabledTestPaths = [
|
||||
# Tests require a region
|
||||
"integration_tests/test_credstash_lib.py"
|
||||
"tests/key_service_test.py"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "A utility for managing secrets in the cloud using AWS KMS and DynamoDB";
|
||||
mainProgram = "credstash";
|
||||
homepage = "https://github.com/LuminalOSS/credstash";
|
||||
changelog = "https://github.com/fugue/credstash/releases/tag/v${version}";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ ];
|
||||
mainProgram = "credstash";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -15,9 +15,11 @@
|
|||
, pytestCheckHook
|
||||
, python-dateutil
|
||||
, pythonOlder
|
||||
, pythonRelaxDepsHook
|
||||
, requests
|
||||
, setuptools
|
||||
, shapely
|
||||
, strenum
|
||||
, tqdm
|
||||
, typeguard
|
||||
, typing-extensions
|
||||
|
@ -25,36 +27,49 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "labelbox";
|
||||
version = "3.65";
|
||||
version = "3.67.0";
|
||||
pyproject = true;
|
||||
|
||||
disabled = pythonOlder "3.7";
|
||||
disabled = pythonOlder "3.8";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Labelbox";
|
||||
repo = "labelbox-python";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-i0hbVxGrb2C/bMcVPNzaPBxhKm+5r3o1GlToZvIS35k=";
|
||||
rev = "refs/tags/v.${version}";
|
||||
hash = "sha256-JQTjmYxPBS8JC4HQTtbQ7hb80LPLYE4OEj1lFA6cZ1Y=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace pytest.ini \
|
||||
--replace "--reruns 5 --reruns-delay 10" ""
|
||||
--replace-fail "--reruns 2 --reruns-delay 10 --durations=20 -n 10" ""
|
||||
|
||||
# disable pytest_plugins which requires `pygeotile`
|
||||
substituteInPlace tests/conftest.py \
|
||||
--replace-fail "pytest_plugins" "_pytest_plugins"
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
pythonRelaxDepsHook
|
||||
];
|
||||
|
||||
pythonRelaxDeps = [
|
||||
"python-dateutil"
|
||||
];
|
||||
|
||||
build-system = [
|
||||
setuptools
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
dependencies = [
|
||||
google-api-core
|
||||
pydantic
|
||||
python-dateutil
|
||||
requests
|
||||
strenum
|
||||
tqdm
|
||||
];
|
||||
|
||||
passthru.optional-dependencies = {
|
||||
optional-dependencies = {
|
||||
data = [
|
||||
shapely
|
||||
geojson
|
||||
|
@ -74,13 +89,7 @@ buildPythonPackage rec {
|
|||
nbconvert
|
||||
nbformat
|
||||
pytestCheckHook
|
||||
] ++ passthru.optional-dependencies.data;
|
||||
|
||||
# disable pytest_plugins which requires `pygeotile`
|
||||
preCheck = ''
|
||||
substituteInPlace tests/conftest.py \
|
||||
--replace "pytest_plugins" "_pytest_plugins"
|
||||
'';
|
||||
] ++ optional-dependencies.data;
|
||||
|
||||
disabledTestPaths = [
|
||||
# Requires network access
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "llama-index-vector-stores-qdrant";
|
||||
version = "0.1.6";
|
||||
version = "0.2.0";
|
||||
pyproject = true;
|
||||
|
||||
disabled = pythonOlder "3.8";
|
||||
|
@ -19,7 +19,7 @@ buildPythonPackage rec {
|
|||
src = fetchPypi {
|
||||
pname = "llama_index_vector_stores_qdrant";
|
||||
inherit version;
|
||||
hash = "sha256-MKmtxcHUqF3CzakGNXxvXy3jemoJNbdkCaqrgZ5Rtyo=";
|
||||
hash = "sha256-eYgp2S4KubjyL0bgaL7nRCyFhvTuLU7c7vjw4tJ+9wA=";
|
||||
};
|
||||
|
||||
build-system = [ poetry-core ];
|
||||
|
|
|
@ -563,6 +563,7 @@ let
|
|||
apsimx = [ pkgs.which ];
|
||||
cairoDevice = [ pkgs.pkg-config ];
|
||||
chebpol = [ pkgs.pkg-config ];
|
||||
eds = [ pkgs.zlib.dev ];
|
||||
fftw = [ pkgs.pkg-config ];
|
||||
gdtools = [ pkgs.pkg-config ];
|
||||
archive = [ pkgs.libarchive];
|
||||
|
@ -976,6 +977,7 @@ let
|
|||
"DuoClustering2018"
|
||||
"FieldEffectCrc"
|
||||
"GenomicDistributionsData"
|
||||
"hpar"
|
||||
"HDCytoData"
|
||||
"HMP16SData"
|
||||
"PANTHER_db"
|
||||
|
|
|
@ -1,53 +0,0 @@
|
|||
{ lib
|
||||
, fetchFromGitHub
|
||||
, python3
|
||||
}:
|
||||
|
||||
python3.pkgs.buildPythonApplication rec {
|
||||
pname = "appthreat-depscan";
|
||||
version = "3.6.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "AppThreat";
|
||||
repo = "dep-scan";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-U8vHwdL1O54X0jPhcjTN/J1U7dKQgFEMfc6lbXe2Ff0=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = with python3.pkgs; [
|
||||
appthreat-vulnerability-db
|
||||
defusedxml
|
||||
pyyaml
|
||||
rich
|
||||
];
|
||||
|
||||
nativeCheckInputs = with python3.pkgs; [
|
||||
pytestCheckHook
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace pytest.ini \
|
||||
--replace " --cov-append --cov-report term --cov depscan" ""
|
||||
'';
|
||||
|
||||
preCheck = ''
|
||||
export HOME=$(mktemp -d);
|
||||
'';
|
||||
|
||||
disabledTests = [
|
||||
# Assertion Error
|
||||
"test_query_metadata2"
|
||||
];
|
||||
|
||||
pythonImportsCheck = [
|
||||
"depscan"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Tool to audit dependencies based on known vulnerabilities and advisories";
|
||||
homepage = "https://github.com/AppThreat/dep-scan";
|
||||
changelog = "https://github.com/AppThreat/dep-scan/releases/tag/v${version}";
|
||||
license = with licenses; [ mit ];
|
||||
maintainers = with maintainers; [ fab ];
|
||||
};
|
||||
}
|
|
@ -9,6 +9,7 @@
|
|||
, yarn
|
||||
, prefetch-yarn-deps
|
||||
, nodejs
|
||||
, stdenv
|
||||
, server-mode ? true
|
||||
}:
|
||||
|
||||
|
@ -44,6 +45,17 @@ let
|
|||
hash = yarnHash;
|
||||
};
|
||||
|
||||
# don't bother to test kerberos authentication
|
||||
# skip tests on macOS which fail due to an error in keyring, see https://github.com/NixOS/nixpkgs/issues/281214
|
||||
skippedTests = builtins.concatStringsSep "," (
|
||||
[ "browser.tests.test_kerberos_with_mocking" ]
|
||||
++ lib.optionals stdenv.isDarwin [
|
||||
"browser.server_groups.servers.tests.test_all_server_get"
|
||||
"browser.server_groups.servers.tests.test_check_connect"
|
||||
"browser.server_groups.servers.tests.test_check_ssh_mock_connect"
|
||||
"browser.server_groups.servers.tests.test_is_password_saved"
|
||||
]
|
||||
);
|
||||
in
|
||||
|
||||
pythonPackages.buildPythonApplication rec {
|
||||
|
@ -228,9 +240,7 @@ pythonPackages.buildPythonApplication rec {
|
|||
substituteInPlace regression/runtests.py --replace-fail "builtins.SERVER_MODE = None" "builtins.SERVER_MODE = False"
|
||||
|
||||
## Browser test ##
|
||||
|
||||
# don't bother to test kerberos authentication
|
||||
python regression/runtests.py --pkg browser --exclude browser.tests.test_kerberos_with_mocking
|
||||
python regression/runtests.py --pkg browser --exclude ${skippedTests}
|
||||
|
||||
## Reverse engineered SQL test ##
|
||||
|
||||
|
@ -250,7 +260,7 @@ pythonPackages.buildPythonApplication rec {
|
|||
This should NOT be used in combination with the `pgadmin4-desktopmode` package as they will interfere.
|
||||
'' else ''
|
||||
This version is build with SERVER_MODE set to False. It will require access to `~/.pgadmin/`. This version is suitable
|
||||
for single-user deployment or where access to `/var/lib/pgadmin` cannot be granted or the NixOS module cannot be used.
|
||||
for single-user deployment or where access to `/var/lib/pgadmin` cannot be granted or the NixOS module cannot be used (e.g. on MacOS).
|
||||
This should NOT be used in combination with the NixOS module `pgadmin` as they will interfere.
|
||||
''}
|
||||
'';
|
||||
|
@ -259,5 +269,6 @@ pythonPackages.buildPythonApplication rec {
|
|||
changelog = "https://www.pgadmin.org/docs/pgadmin4/latest/release_notes_${lib.versions.major version}_${lib.versions.minor version}.html";
|
||||
maintainers = with maintainers; [ gador ];
|
||||
mainProgram = "pgadmin4";
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,27 +1,26 @@
|
|||
{ lib
|
||||
, buildGoModule
|
||||
, fetchFromGitHub
|
||||
, installShellFiles
|
||||
, qovery-cli
|
||||
, testers
|
||||
{
|
||||
lib,
|
||||
buildGoModule,
|
||||
fetchFromGitHub,
|
||||
installShellFiles,
|
||||
qovery-cli,
|
||||
testers,
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "qovery-cli";
|
||||
version = "0.86.2";
|
||||
version = "0.87.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Qovery";
|
||||
repo = "qovery-cli";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-AUrN5T6Z4T0WLsBwv/zXb9CSrwGCAV5nh+42MktRxvo=";
|
||||
hash = "sha256-JUyhVq3xMPV9s4OCfkKgCnSMjztYDPJgS4A+jJOZofE=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-Lwg3PFmSipaaYtu88c1qI/Ws50TQOqEu4mSuxcpx3zI=";
|
||||
|
||||
nativeBuildInputs = [
|
||||
installShellFiles
|
||||
];
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
postInstall = ''
|
||||
installShellCompletion --cmd ${pname} \
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
{ lib, buildGoModule, fetchFromGitHub, nixosTests }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "restic-rest-server";
|
||||
|
@ -13,6 +13,8 @@ buildGoModule rec {
|
|||
|
||||
vendorHash = "sha256-tD5ffIYULMBqu99l1xCL0RnLB9zNpwNPs1qVFqezUc8=";
|
||||
|
||||
passthru.tests.restic = nixosTests.restic-rest-server;
|
||||
|
||||
meta = with lib; {
|
||||
changelog = "https://github.com/restic/rest-server/blob/${src.rev}/CHANGELOG.md";
|
||||
description = "A high performance HTTP server that implements restic's REST backend API";
|
||||
|
|
|
@ -1145,7 +1145,7 @@ dependencies = [
|
|||
"aws-smithy-types",
|
||||
"bytes 1.5.0",
|
||||
"fastrand 2.0.1",
|
||||
"h2 0.3.24",
|
||||
"h2 0.3.26",
|
||||
"http 0.2.9",
|
||||
"http-body 0.4.5",
|
||||
"hyper 0.14.28",
|
||||
|
@ -3747,9 +3747,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "h2"
|
||||
version = "0.3.24"
|
||||
version = "0.3.26"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "bb2c4422095b67ee78da96fbb51a4cc413b3b25883c7717ff7ca1ab31022c9c9"
|
||||
checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8"
|
||||
dependencies = [
|
||||
"bytes 1.5.0",
|
||||
"fnv",
|
||||
|
@ -3766,9 +3766,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "h2"
|
||||
version = "0.4.3"
|
||||
version = "0.4.4"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "51ee2dd2e4f378392eeff5d51618cd9a63166a2513846bbc55f21cfacd9199d4"
|
||||
checksum = "816ec7294445779408f36fe57bc5b7fc1cf59664059096c65f905c1c61f58069"
|
||||
dependencies = [
|
||||
"bytes 1.5.0",
|
||||
"fnv",
|
||||
|
@ -4210,14 +4210,14 @@ dependencies = [
|
|||
"futures-channel",
|
||||
"futures-core",
|
||||
"futures-util",
|
||||
"h2 0.3.24",
|
||||
"h2 0.3.26",
|
||||
"http 0.2.9",
|
||||
"http-body 0.4.5",
|
||||
"httparse",
|
||||
"httpdate",
|
||||
"itoa",
|
||||
"pin-project-lite",
|
||||
"socket2 0.5.6",
|
||||
"socket2 0.4.10",
|
||||
"tokio",
|
||||
"tower-service",
|
||||
"tracing 0.1.40",
|
||||
|
@ -7515,7 +7515,7 @@ dependencies = [
|
|||
"encoding_rs",
|
||||
"futures-core",
|
||||
"futures-util",
|
||||
"h2 0.3.24",
|
||||
"h2 0.3.26",
|
||||
"http 0.2.9",
|
||||
"http-body 0.4.5",
|
||||
"hyper 0.14.28",
|
||||
|
@ -9371,7 +9371,7 @@ dependencies = [
|
|||
"base64 0.21.7",
|
||||
"bytes 1.5.0",
|
||||
"flate2",
|
||||
"h2 0.3.24",
|
||||
"h2 0.3.26",
|
||||
"http 0.2.9",
|
||||
"http-body 0.4.5",
|
||||
"hyper 0.14.28",
|
||||
|
@ -10017,7 +10017,7 @@ checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191"
|
|||
|
||||
[[package]]
|
||||
name = "vector"
|
||||
version = "0.37.0"
|
||||
version = "0.37.1"
|
||||
dependencies = [
|
||||
"apache-avro",
|
||||
"approx",
|
||||
|
@ -10083,7 +10083,7 @@ dependencies = [
|
|||
"governor",
|
||||
"greptimedb-client",
|
||||
"grok",
|
||||
"h2 0.4.3",
|
||||
"h2 0.4.4",
|
||||
"hash_hasher",
|
||||
"hashbrown 0.14.3",
|
||||
"headers",
|
||||
|
|
|
@ -37,7 +37,7 @@
|
|||
|
||||
let
|
||||
pname = "vector";
|
||||
version = "0.37.0";
|
||||
version = "0.37.1";
|
||||
in
|
||||
rustPlatform.buildRustPackage {
|
||||
inherit pname version;
|
||||
|
@ -46,16 +46,13 @@ rustPlatform.buildRustPackage {
|
|||
owner = "vectordotdev";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-v93ZsNGoswPpey409V7qKqsBsfRt5pgY5PxGti4MlDg=";
|
||||
hash = "sha256-wRXwgy+UY2z5fIWpQbDxRti54GE357WMGWXM/xKjz18=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Enable LTO to bring down binary size
|
||||
(fetchpatch {
|
||||
name = "vector-20034-lto.patch";
|
||||
url = "https://patch-diff.githubusercontent.com/raw/vectordotdev/vector/pull/20034.diff";
|
||||
hash = "sha256-X6YWnW0x5WpKAgyqIaLjKF1F1/G4JgvmNhAHtozXrPQ=";
|
||||
})
|
||||
# Adapted from https://github.com/vectordotdev/vector/pull/20034
|
||||
./vector-lto.patch
|
||||
];
|
||||
|
||||
cargoLock = {
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
--- ./Cargo.toml 2024-04-10 00:01:12.033806583 +0100
|
||||
+++ ./Cargo.toml 2024-04-10 00:01:48.324228125 +0100
|
||||
@@ -45,7 +45,8 @@ path = "tests/e2e/mod.rs"
|
||||
# This results in roughly a 5% reduction in performance when compiling locally vs when
|
||||
# compiled via the CI pipeline.
|
||||
[profile.release]
|
||||
-debug = false # Do not include debug symbols in the executable.
|
||||
+lto = true
|
||||
+codegen-units = 1
|
||||
|
||||
[profile.bench]
|
||||
debug = true
|
|
@ -6,13 +6,13 @@
|
|||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "vtm";
|
||||
version = "0.9.76";
|
||||
version = "0.9.77";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "netxs-group";
|
||||
repo = "vtm";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-F1ia1xyg2/Jnm/lsSn7bKNJ7cXIJuvEhNTEZWiYxGAo=";
|
||||
hash = "sha256-usY8JvoTtGfA8nnl6w7r1sft8F/19fHeSl9kMWM60i4=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "nixdoc";
|
||||
version = "3.0.2";
|
||||
version = "3.0.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "nix-community";
|
||||
repo = "nixdoc";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-V3MAvbdYk3DL064UYcJE9HmwfQBwpMxVXWiAKX6honA=";
|
||||
sha256 = "sha256-K4esnYD/fc4i2To9lccoZ5GUgRI75vjzNLMrFSdZzik=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-RFxTjLiJCEc42Mb8rcayOFHkYk2GfpgsO3+hAaRwHgs=";
|
||||
cargoHash = "sha256-Ag6n0inWpBJ9U49fJ1JmwpnZdokJ0WS5fnlVBMN7VXM=";
|
||||
|
||||
buildInputs = lib.optionals stdenv.isDarwin [ darwin.Security ];
|
||||
|
||||
|
|
|
@ -76,6 +76,7 @@ mapAliases ({
|
|||
ansible_2_13 = throw "Ansible 2.13 goes end of life in 2023/11"; # Added 2023-12-30
|
||||
apacheAnt_1_9 = throw "Ant 1.9 has been removed since it's not used in nixpkgs anymore"; # Added 2023-11-12
|
||||
antimicroX = antimicrox; # Added 2021-10-31
|
||||
appthreat-depscan = dep-scan; # Added 2024-04-10
|
||||
arcanPackages = throw "arcanPackages was removed and its sub-attributes were promoted to top-level"; # Added 2023-11-26
|
||||
archiveopteryx = throw "archiveopteryx depended on an unsupported version of OpenSSL and was unmaintained"; # Added 2024-01-03
|
||||
ardour_6 = throw "ardour_6 has been removed in favor of newer versions"; # Added 2023-10-13
|
||||
|
|
|
@ -299,8 +299,6 @@ with pkgs;
|
|||
|
||||
melange = callPackage ../development/tools/melange { };
|
||||
|
||||
appthreat-depscan = callPackage ../development/tools/appthreat-depscan { };
|
||||
|
||||
activate-linux = callPackage ../applications/misc/activate-linux { };
|
||||
|
||||
ansi = callPackage ../development/tools/ansi { };
|
||||
|
|
Loading…
Reference in New Issue