colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
630,775 Commits 125 Branches 0 Tags 3.4 GiB
efbc75c932
Commit Graph

46 Commits

Author SHA1 Message Date
Claudio Bley
cff95b1624 envoy: Update hash after bazel_6 upgrade 2024-04-26 20:57:53 +02:00
Malte Poll
975307f7ca envoy: 1.27.5 -> 1.30.1 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2024-04-24 15:08:11 +02:00
Paul Meyer
6debc2123a envoy: 1.27.3 -> 1.27.5 
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2024-04-22 15:40:15 +02:00
Thomas Gerbet
bc4dc452fa envoy: flag as vulnerable to CVE-2024-30255 
Envoy 1.27.4 [0] contains the fix but upgrading it is
not straightforward as the build of the current version
is already broken and only thanks to the caching of the deps
(seems to be the case since the removal of Go 1.20).

Fixing the build seems to require more Bazel knownledge than I have
and the the usual maintainer is currently not available.

[0] https://github.com/envoyproxy/envoy/releases/tag/v1.27.4
 2024-04-10 22:43:57 +02:00
stuebinm
ff1a94e523 treewide: add meta.mainProgram to packages with a single binary 
The nixpkgs-unstable channel's programs.sqlite was used to identify
packages producing exactly one binary, and these automatically added
to their package definitions wherever possible.
 2024-03-19 03:14:51 +01:00
Adam Stephens
238be6ca11
envoy: 1.27.2 -> 1.27.3 
https://github.com/envoyproxy/envoy/releases/tag/v1.27.3

Fixes:
https://github.com/envoyproxy/envoy/security/advisories/GHSA-gq3v-vvhj-96j6
https://github.com/envoyproxy/envoy/security/advisories/GHSA-5m7c-mrwr-pm26
https://github.com/envoyproxy/envoy/security/advisories/GHSA-6p83-mfmh-qv38
https://github.com/envoyproxy/envoy/security/advisories/GHSA-x278-4w4x-r7ch
https://github.com/envoyproxy/envoy/security/advisories/GHSA-4h5x-x9vh-m29j
 2024-02-13 21:58:04 -05:00
Adam Stephens
1ee4635ed3
envoy: 1.27.1 -> 1.27.2 2024-01-15 00:25:37 -05:00
Claudio Bley
7fa6816c0c envoy: Update hash after bazel_6 upgrade 2023-10-29 08:30:50 +01:00
Luke Granger-Brown
732fd4e0dd envoy: 1.26.4 -> 1.27.1 2023-10-13 23:17:11 +00:00
Adam Stephens
05c19a34df
envoy: fix another hash invalidator in fetcher 2023-09-15 14:41:44 -04:00
Adam Stephens
6df0facb7f
envoy: update broken deps hashes 2023-09-12 12:24:54 -04:00
Robert Scott
571ed5c7a1 envoy: 1.26.3 -> 1.26.4 2023-09-04 23:36:16 +01:00
Jacob Foard
2d9342b9be
fixup bazel_6 buildBazelPackage references 2023-08-18 11:07:52 -04:00
Thomas Gerbet
60d546a96d envoy: 1.26.1 -> 1.26.3 
Fixes CVE-2023-35945.

Changelog:
https://github.com/envoyproxy/envoy/releases/tag/v1.26.3
https://github.com/envoyproxy/envoy/releases/tag/v1.26.2
 2023-07-29 22:12:03 +02:00
divanorama
4d494b82de
Update pkgs/servers/http/envoy/default.nix 2023-05-12 22:04:55 +02:00
Dmitry Ivankov
5a14400712 bazel_6: 6.1.2 -> 6.2.0 
https://github.com/bazelbuild/bazel/releases/tag/6.2.0
 2023-05-12 15:33:48 +02:00
Luke Granger-Brown
23cd27508f envoy: 1.25.1 -> 1.26.1 2023-05-12 07:54:56 +00:00
Dmitry Ivankov
e0d1e77c23 bazel_5: 5.4.0->5.4.1 
Also update the updater script.

https://github.com/bazelbuild/bazel/releases/tag/5.4.1

- [X] recalculate fetchAttrs digest for packages built with bazel_5
 2023-05-10 16:09:19 +02:00
Thomas Gerbet
62b0017f86 envoy: mark with knownVulnerabilities 
Attempts to update `envoy` have not been successful.
Nobody with enough Bazel skills has step up to untangle
the build issues with the latest version.
 2023-05-04 23:10:57 +02:00
Uri Baghin
f8ee061247 buildBazelPackage: fix difference between linux and darwin deps 2023-04-06 11:42:46 +10:00
Uri Baghin
440b4de588 buildBazelPackage: support multiple targets 2023-04-05 12:59:54 +10:00
Luke Granger-Brown
22d9547ce3 envoy: 1.23.3 -> 1.25.1 2023-02-19 18:56:55 +00:00
Andreas Stührk
304c84ff10 envoy: build with noexecstack 2023-02-09 12:07:03 +01:00
Uri Baghin
5fe2aa39de
envoy: fix deps hashes 2023-01-12 11:15:49 +11:00
Dmitry Ivankov
c8bc2f2c0d bazel_5: 5.3.2 -> 5.4.0 2023-01-10 16:04:00 +01:00
Dmitry Ivankov
9a82a9b524 bazel: 5.2.0 -> 5.3.2 
https://blog.bazel.build/2022/08/23/bazel-5.3.html

to supersede https://github.com/NixOS/nixpkgs/pull/187943

re-reverts https://github.com/NixOS/nixpkgs/pull/199458 with more hash updates
 2022-12-25 16:47:03 +01:00
Peter Woodman
44b25a639f envoy: 1.23.1 -> 1.23.3 2022-12-20 15:00:02 -05:00
Luke Granger-Brown
0a087095ac envoy: remove remaining nix store references from deps 
To do this, this commit does several things:

* Move the set-interpreter patching to outside the fixed-output
  derivation
* Patch base_pip3/BUILD.bazel, which ends up getting Python's full path
* Drop local_jdk, which contains symlinks to our jdk input
* Drop bazel_gazelle_go_repository_tools, which contains built artifacts
  using our go

...and updates the FOD hash to match. Checked that this appears to
remove the currently obvious FOD problems by checking out an older
nixpkgs commit and applying this on top, and verifying that the FOD hash
doesn't change between that older glibc and the current tip-of-tree.

This also disables tcmalloc on ARM because I couldn't get this to build
properly otherwise.
 2022-09-11 04:58:53 +01:00
Luke Granger-Brown
16215285cd envoy: 1.21.5 -> 1.23.1 2022-09-05 00:54:39 +01:00
Morgan Helton
4d7f8b50d2 envoy: 1.21.4 -> 1.21.5 2022-08-23 19:47:27 -05:00
Luke Granger-Brown
da111dc41e envoy: 1.21.1 -> 1.21.4 2022-06-19 19:18:12 +00:00
Artturin
b3caa2f1fe treewide: extraPostFetch -> postFetch 2022-05-23 17:18:50 +03:00
Luke Granger-Brown
69c4a08072 envoy: fix sha256 for aarch64-linux 2022-05-10 19:12:05 +02:00
Rick van Schijndel
9d9b4dc64b envoy: fix sha256 for x86_64-linux 2022-05-10 07:30:10 +02:00
Luke Granger-Brown
defb2298de envoy: fix builds for x86_64-linux and aarch64-linux 
* Bumps brotli version to incorporate a fix for some GCC warnings which
  get promoted to errors.
* Switches from wee8 to WAMR because it's easier to make it build
  sensibly on a range of GCC versions that aren't just "whatever ships
  with Ubuntu LTS".
* Adds a patch for WAMR's build in Envoy because it won't build properly
  under Linux aarch64, since WAMR doesn't detect aarch64 unless it's on
  macOS.
 2022-05-09 00:51:26 +00:00
Luke Granger-Brown
b23255a51c envoy: add fetch hash for aarch64-linux 2022-04-15 09:17:48 +00:00
Cameron Nemo
1b4b16e1bd nixos/envoy: init 2022-04-07 14:43:53 +00:00
ajs124
5b272a024e envoy: 1.19.1 -> 1.21.1 2022-02-28 18:58:35 +01:00
ajs124
24288c9b35 envoy: drop patches forgotten in 00e54055e1 2022-02-28 18:36:56 +01:00
Luke Granger-Brown
637d735ad5 envoy: 1.17.3 -> 1.19.1 
This now uses gn1924 to allow v8 to build properly.
 2021-12-07 13:41:03 +00:00
Luke Granger-Brown
00e54055e1 envoy: 1.16.2 -> 1.17.3 2021-06-07 20:58:56 +00:00
Pavol Rusnak
29bb19258a
treewide: use https for github URIs 2021-04-17 17:59:08 +02:00
Luke Granger-Brown
f081b0c9bb envoy, pomerium: add Pomerium NixOS test to passthru.tests 2021-03-29 10:41:41 +00:00
Claudio Bley
6d8c431eb0 bazel: 3.7.1 -> 3.7.2 
* update sha256 for gvisor, tensorflow{,WithCuda}, bazel-watcher, bazel-remote
  and envoy
 2021-02-03 10:44:07 +01:00
Pavol Rusnak
90f7338112
treewide: stdenv.lib -> lib 2021-01-24 01:49:49 +01:00
Luke Granger-Brown
6e684ca91e envoy: init at 1.16.2 2021-01-14 12:26:11 +00:00