Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2020-12-03 12:18:48 +00:00 committed by GitHub
commit 03619d4f2b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
38 changed files with 1722 additions and 373 deletions

View File

@ -0,0 +1,40 @@
# Firefox
## Build wrapped Firefox with extensions and policies
The `wrapFirefox` function allows to pass policies, preferences and extension that are available to firefox. With the help of `fetchFirefoxAddon` this allows build a firefox version that already comes with addons pre-installed:
```nix
{
myFirefox = wrapFirefox firefox-unwrapped {
extraExtensions = [
(fetchFirefoxAddon {
name = "ublock";
url = "https://addons.mozilla.org/firefox/downloads/file/3679754/ublock_origin-1.31.0-an+fx.xpi";
sha256 = "1h768ljlh3pi23l27qp961v1hd0nbj2vasgy11bmcrlqp40zgvnr";
})
];
extraPolicies = {
CaptivePortal = false;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DisableFirefoxAccounts = true;
FirefoxHome = {
Pocket = false;
Snippets = false;
};
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
};
};
extraPrefs = ''
// Show more ssl cert infos
lockPref("security.identityblock.show_extended_validation", true);
'';
};
}
```

View File

@ -10,6 +10,7 @@
<xi:include href="eclipse.xml" />
<xi:include href="elm.xml" />
<xi:include href="emacs.section.xml" />
<xi:include href="firefox.section.xml" />
<xi:include href="ibus.xml" />
<xi:include href="kakoune.section.xml" />
<xi:include href="linux.section.xml" />

View File

@ -652,6 +652,12 @@
githubId = 56009;
name = "Arcadio Rubio García";
};
archseer = {
email = "blaz@mxxn.io";
github = "archseer";
githubId = 1372918;
name = "Blaž Hrastnik";
};
arcnmx = {
email = "arcnmx@users.noreply.github.com";
github = "arcnmx";

View File

@ -223,9 +223,10 @@ in
# Figure out device names for the boot device and root filesystem.
rootPart=$(${pkgs.util-linux}/bin/findmnt -n -o SOURCE /)
bootDevice=$(lsblk -npo PKNAME $rootPart)
partNum=$(lsblk -npo MAJ:MIN $rootPart | awk -F: '{print $2}')
# Resize the root partition and the filesystem to fit the disk
echo ",+," | sfdisk -N2 --no-reread $bootDevice
echo ",+," | sfdisk -N$partNum --no-reread $bootDevice
${pkgs.parted}/bin/partprobe
${pkgs.e2fsprogs}/bin/resize2fs $rootPart

View File

@ -23,15 +23,6 @@ in {
default = null;
description = "the thermald manual configuration file.";
};
adaptive = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable adaptive mode, only working on kernel versions greater than 5.8.
Thermald will detect this itself, safe to enable on kernel versions below 5.8.
'';
};
};
};
@ -48,8 +39,8 @@ in {
--no-daemon \
${optionalString cfg.debug "--loglevel=debug"} \
${optionalString (cfg.configFile != null) "--config-file ${cfg.configFile}"} \
${optionalString cfg.adaptive "--adaptive"} \
--dbus-enable
--adaptive
'';
};
};

View File

@ -51,29 +51,31 @@ in makeTest {
networking.hostName = "";
};
testScript = ''
machine.wait_for_unit("cloud-init.service")
machine.succeed("cat /tmp/cloudinit-write-file | grep -q 'cloudinit'")
# To wait until cloud-init terminates its run
unnamed.wait_for_unit("cloud-final.service")
unnamed.succeed("cat /tmp/cloudinit-write-file | grep -q 'cloudinit'")
# install snakeoil ssh key and provision .ssh/config file
machine.succeed("mkdir -p ~/.ssh")
machine.succeed(
unnamed.succeed("mkdir -p ~/.ssh")
unnamed.succeed(
"cat ${snakeOilPrivateKey} > ~/.ssh/id_snakeoil"
)
machine.succeed("chmod 600 ~/.ssh/id_snakeoil")
unnamed.succeed("chmod 600 ~/.ssh/id_snakeoil")
machine.wait_for_unit("sshd.service")
unnamed.wait_for_unit("sshd.service")
# we should be able to log in as the root user, as well as the created nixos user
machine.succeed(
unnamed.succeed(
"ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentityFile=~/.ssh/id_snakeoil root@localhost 'true'"
)
machine.succeed(
unnamed.succeed(
"ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentityFile=~/.ssh/id_snakeoil nixos@localhost 'true'"
)
# test changing hostname via cloud-init worked
assert (
machine.succeed(
unnamed.succeed(
"ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentityFile=~/.ssh/id_snakeoil nixos@localhost 'hostname'"
).strip()
== "test"

View File

@ -14,13 +14,13 @@
mkDerivation rec {
pname = "MellowPlayer";
version = "3.6.6";
version = "3.6.7";
src = fetchFromGitLab {
owner = "ColinDuquesnoy";
repo = "MellowPlayer";
rev = version;
sha256 = "14y175fl6wg04fz0fhx553r8z3nwqrs2lr3rdls70bhwx5x6lavw";
sha256 = "1p0z8hkbxaxrqjmknjwxb0mpf3xdssik3m5cwrsv1881k1x2x5qs";
};
nativeBuildInputs = [ cmake pkgconfig ];

View File

@ -1,4 +1,5 @@
{ stdenv, lib, makeDesktopItem, makeWrapper, lndir, config
, replace, fetchurl, zip, unzip, jq
## various stuff that can be plugged in
, flashplayer, hal-flash
@ -31,6 +32,16 @@ let
, forceWayland ? false
, useGlvnd ? true
, cfg ? config.${browserName} or {}
## Following options are needed for extra prefs & policies
# For more information about anti tracking (german website)
# visit https://wiki.kairaven.de/open/app/firefox
, extraPrefs ? ""
# For more information about policies visit
# https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
, extraPolicies ? {}
, firefoxLibName ? "firefox" # Important for tor package or the like
, extraExtensions ? [ ]
}:
assert forceWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
@ -81,6 +92,61 @@ let
++ pkcs11Modules;
gtk_modules = [ libcanberra-gtk2 ];
#########################
# #
# EXTRA PREF CHANGES #
# #
#########################
policiesJson = builtins.toFile "policies.json"
(builtins.toJSON enterprisePolicies);
extensions = builtins.map (a:
if ! (builtins.hasAttr "extid" a) then
throw "extraExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"
else
a
) extraExtensions;
enterprisePolicies =
{
policies = {
DisableAppUpdate = true;
} //
{
ExtensionSettings = {
"*" = {
blocked_install_message = "You can't have manual extension mixed with nix extensions";
installation_mode = "blocked";
};
} // lib.foldr (e: ret:
ret // {
"${e.extid}" = {
installation_mode = "allowed";
};
}
) {} extensions;
}
// extraPolicies;
};
mozillaCfg = builtins.toFile "mozilla.cfg" ''
// First line must be a comment
// Disables addon signature checking
// to be able to install addons that do not have an extid
// Security is maintained because only user whitelisted addons
// with a checksum can be installed
lockPref("xpinstall.signatures.required", false);
${extraPrefs}
'';
#############################
# #
# END EXTRA PREF CHANGES #
# #
#############################
in stdenv.mkDerivation {
inherit pname version;
@ -106,6 +172,7 @@ let
nativeBuildInputs = [ makeWrapper lndir ];
buildInputs = lib.optional (browser ? gtk3) browser.gtk3;
buildCommand = lib.optionalString stdenv.isDarwin ''
mkdir -p $out/Applications
cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications
@ -117,7 +184,66 @@ let
exit 1
fi
makeWrapper "$(readlink -v --canonicalize-existing "${browser}${browser.execdir or "/bin"}/${browserName}")" \
#########################
# #
# EXTRA PREF CHANGES #
# #
#########################
# Link the runtime. The executable itself has to be copied,
# because it will resolve paths relative to its true location.
# Any symbolic links have to be replicated as well.
cd "${browser}"
find . -type d -exec mkdir -p "$out"/{} \;
find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \;
find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do
cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f"
chmod a+rwx "$out/$f"
done
# fix links and absolute references
cd "${browser}"
find . -type l -print0 | while read -d $'\0' l; do
target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")"
ln -sfT "$target" "$out/$l"
done
# This will not patch binaries, only "text" files.
# Its there for the wrapper mostly.
cd "$out"
${replace}/bin/replace-literal -esfR -- "${browser}" "$out"
# create the wrapper
executablePrefix="$out${browser.execdir or "/bin"}"
executablePath="$executablePrefix/${browserName}"
if [ ! -x "$executablePath" ]
then
echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
exit 1
fi
if [ ! -L "$executablePath" ]
then
# Careful here, the file at executablePath may already be
# a wrapper. That is why we postfix it with -old instead
# of -wrapped.
oldExe="$executablePrefix"/".${browserName}"-old
mv "$executablePath" "$oldExe"
else
oldExe="$(readlink -v --canonicalize-existing "$executablePath")"
fi
if [ ! -x "${browser}${browser.execdir or "/bin"}/${browserName}" ]
then
echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
exit 1
fi
makeWrapper "$oldExe" \
"$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \
--suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \
--suffix LD_LIBRARY_PATH ':' "$libs" \
@ -137,6 +263,11 @@ let
--suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share'
''
}
#############################
# #
# END EXTRA PREF CHANGES #
# #
#############################
if [ -e "${browser}/share/icons" ]; then
mkdir -p "$out/share"
@ -166,6 +297,43 @@ let
# For manpages, in case the program supplies them
mkdir -p $out/nix-support
echo ${browser} > $out/nix-support/propagated-user-env-packages
#########################
# #
# EXTRA PREF CHANGES #
# #
#########################
# user customization
mkdir -p $out/lib/${firefoxLibName}
# creating policies.json
mkdir -p "$out/lib/${firefoxLibName}/distribution"
POL_PATH="$out/lib/${firefoxLibName}/distribution/policies.json"
rm -f "$POL_PATH"
cat ${policiesJson} >> "$POL_PATH"
# preparing for autoconfig
mkdir -p "$out/lib/${firefoxLibName}/defaults/pref"
cat > "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js" <<EOF
pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0);
EOF
cat > "$out/lib/${firefoxLibName}/mozilla.cfg" < ${mozillaCfg}
mkdir -p $out/lib/${firefoxLibName}/distribution/extensions
for i in ${toString extensions}; do
ln -s -t $out/lib/${firefoxLibName}/distribution/extensions $i/*
done
#############################
# #
# END EXTRA PREF CHANGES #
# #
#############################
'';
preferLocalBuild = true;

View File

@ -5,13 +5,13 @@ buildGoModule rec {
/* Do not use "dev" as a version. If you do, Tilt will consider itself
running in development environment and try to serve assets from the
source tree, which is not there once build completes. */
version = "0.17.12";
version = "0.17.13";
src = fetchFromGitHub {
owner = "tilt-dev";
repo = pname;
rev = "v${version}";
sha256 = "0l70nmxvk30h56bs46cgakddzdf3laj1y88d0jchij0yy7ixa61f";
sha256 = "sha256-x3U5OF8T3z9kHcYe7SwKVEKNiEsi8AEvA1rlOma4y+8=";
};
vendorSha256 = null;

View File

@ -0,0 +1,37 @@
{stdenv, lib, coreutils, unzip, jq, zip, fetchurl,writeScript, ...}:
{ name
, url
, md5 ? ""
, sha1 ? ""
, sha256 ? ""
, sha512 ? ""
}:
stdenv.mkDerivation rec {
inherit name;
extid = "${src.outputHash}@${name}";
passthru = {
exitd=extid;
};
builder = writeScript "xpibuilder" ''
source $stdenv/setup
header "firefox addon $name into $out"
UUID="${extid}"
mkdir -p "$out/$UUID"
unzip -q ${src} -d "$out/$UUID"
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}, "browser_specific_settings":{"gecko":{"id": "${extid}"}}}' "$out/$UUID/manifest.json")
echo "$NEW_MANIFEST" > "$out/$UUID/manifest.json"
cd "$out/$UUID"
zip -r -q -FS "$out/$UUID.xpi" *
rm -r "$out/$UUID"
'';
src = fetchurl {
url = url;
inherit md5 sha1 sha256 sha512;
};
nativeBuildInputs = [ coreutils unzip zip jq ];
}

View File

@ -74,6 +74,12 @@ let
inherit (hsPkgs.elmPkgs) elm;
};
elmRustPackages = {
elm-json = import ./packages/elm-json.nix {
inherit rustPlatform fetchurl openssl stdenv pkg-config;
};
};
elmNodePackages = with elmLib;
let
nodePkgs = import ./packages/node-composition.nix {
@ -110,6 +116,9 @@ let
create-elm-app = patchNpmElm (patchBinwrap [elmi-to-json]
nodePkgs.create-elm-app);
elm-review = patchBinwrap [elmRustPackages.elm-json]
nodePkgs.elm-review;
elm-language-server = nodePkgs."@elm-tooling/elm-language-server";
elm-optimize-level-2 = nodePkgs."elm-optimize-level-2";
@ -117,9 +126,6 @@ let
inherit (nodePkgs) elm-doc-preview elm-live elm-upgrade elm-xref elm-analyse;
};
in hsPkgs.elmPkgs // elmNodePackages // {
elm-json = import ./packages/elm-json.nix {
inherit rustPlatform fetchurl openssl stdenv pkg-config;
};
in hsPkgs.elmPkgs // elmNodePackages // elmRustPackages // {
lib = elmLib;
}

View File

@ -10,4 +10,6 @@ $(nix-build $ROOT -A nodePackages.node2nix --no-out-link)/bin/node2nix \
-i node-packages.json \
-o node-packages.nix \
-c node-composition.nix \
--no-copy-node-env -e ../../../node-packages/node-env.nix
# TODO: Switch to the commented out version once nodejs package set gets updated to new node2nix
-e node-env.nix
# --no-copy-node-env -e ../../../node-packages/node-env.nix

View File

@ -5,8 +5,8 @@
}, system ? builtins.currentSystem, nodejs ? pkgs."nodejs-12_x"}:
let
nodeEnv = import ../../../node-packages/node-env.nix {
inherit (pkgs) stdenv python2 util-linux runCommand writeTextFile;
nodeEnv = import ./node-env.nix {
inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile;
inherit nodejs;
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
};

View File

@ -0,0 +1,542 @@
# This file originates from node2nix
{stdenv, nodejs, python2, utillinux, libtool, runCommand, writeTextFile}:
let
python = if nodejs ? python then nodejs.python else python2;
# Create a tar wrapper that filters all the 'Ignoring unknown extended header keyword' noise
tarWrapper = runCommand "tarWrapper" {} ''
mkdir -p $out/bin
cat > $out/bin/tar <<EOF
#! ${stdenv.shell} -e
$(type -p tar) "\$@" --warning=no-unknown-keyword --delay-directory-restore
EOF
chmod +x $out/bin/tar
'';
# Function that generates a TGZ file from a NPM project
buildNodeSourceDist =
{ name, version, src, ... }:
stdenv.mkDerivation {
name = "node-tarball-${name}-${version}";
inherit src;
buildInputs = [ nodejs ];
buildPhase = ''
export HOME=$TMPDIR
tgzFile=$(npm pack | tail -n 1) # Hooks to the pack command will add output (https://docs.npmjs.com/misc/scripts)
'';
installPhase = ''
mkdir -p $out/tarballs
mv $tgzFile $out/tarballs
mkdir -p $out/nix-support
echo "file source-dist $out/tarballs/$tgzFile" >> $out/nix-support/hydra-build-products
'';
};
includeDependencies = {dependencies}:
stdenv.lib.optionalString (dependencies != [])
(stdenv.lib.concatMapStrings (dependency:
''
# Bundle the dependencies of the package
mkdir -p node_modules
cd node_modules
# Only include dependencies if they don't exist. They may also be bundled in the package.
if [ ! -e "${dependency.name}" ]
then
${composePackage dependency}
fi
cd ..
''
) dependencies);
# Recursively composes the dependencies of a package
composePackage = { name, packageName, src, dependencies ? [], ... }@args:
builtins.addErrorContext "while evaluating node package '${packageName}'" ''
DIR=$(pwd)
cd $TMPDIR
unpackFile ${src}
# Make the base dir in which the target dependency resides first
mkdir -p "$(dirname "$DIR/${packageName}")"
if [ -f "${src}" ]
then
# Figure out what directory has been unpacked
packageDir="$(find . -maxdepth 1 -type d | tail -1)"
# Restore write permissions to make building work
find "$packageDir" -type d -exec chmod u+x {} \;
chmod -R u+w "$packageDir"
# Move the extracted tarball into the output folder
mv "$packageDir" "$DIR/${packageName}"
elif [ -d "${src}" ]
then
# Get a stripped name (without hash) of the source directory.
# On old nixpkgs it's already set internally.
if [ -z "$strippedName" ]
then
strippedName="$(stripHash ${src})"
fi
# Restore write permissions to make building work
chmod -R u+w "$strippedName"
# Move the extracted directory into the output folder
mv "$strippedName" "$DIR/${packageName}"
fi
# Unset the stripped name to not confuse the next unpack step
unset strippedName
# Include the dependencies of the package
cd "$DIR/${packageName}"
${includeDependencies { inherit dependencies; }}
cd ..
${stdenv.lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
'';
pinpointDependencies = {dependencies, production}:
let
pinpointDependenciesFromPackageJSON = writeTextFile {
name = "pinpointDependencies.js";
text = ''
var fs = require('fs');
var path = require('path');
function resolveDependencyVersion(location, name) {
if(location == process.env['NIX_STORE']) {
return null;
} else {
var dependencyPackageJSON = path.join(location, "node_modules", name, "package.json");
if(fs.existsSync(dependencyPackageJSON)) {
var dependencyPackageObj = JSON.parse(fs.readFileSync(dependencyPackageJSON));
if(dependencyPackageObj.name == name) {
return dependencyPackageObj.version;
}
} else {
return resolveDependencyVersion(path.resolve(location, ".."), name);
}
}
}
function replaceDependencies(dependencies) {
if(typeof dependencies == "object" && dependencies !== null) {
for(var dependency in dependencies) {
var resolvedVersion = resolveDependencyVersion(process.cwd(), dependency);
if(resolvedVersion === null) {
process.stderr.write("WARNING: cannot pinpoint dependency: "+dependency+", context: "+process.cwd()+"\n");
} else {
dependencies[dependency] = resolvedVersion;
}
}
}
}
/* Read the package.json configuration */
var packageObj = JSON.parse(fs.readFileSync('./package.json'));
/* Pinpoint all dependencies */
replaceDependencies(packageObj.dependencies);
if(process.argv[2] == "development") {
replaceDependencies(packageObj.devDependencies);
}
replaceDependencies(packageObj.optionalDependencies);
/* Write the fixed package.json file */
fs.writeFileSync("package.json", JSON.stringify(packageObj, null, 2));
'';
};
in
''
node ${pinpointDependenciesFromPackageJSON} ${if production then "production" else "development"}
${stdenv.lib.optionalString (dependencies != [])
''
if [ -d node_modules ]
then
cd node_modules
${stdenv.lib.concatMapStrings (dependency: pinpointDependenciesOfPackage dependency) dependencies}
cd ..
fi
''}
'';
# Recursively traverses all dependencies of a package and pinpoints all
# dependencies in the package.json file to the versions that are actually
# being used.
pinpointDependenciesOfPackage = { packageName, dependencies ? [], production ? true, ... }@args:
''
if [ -d "${packageName}" ]
then
cd "${packageName}"
${pinpointDependencies { inherit dependencies production; }}
cd ..
${stdenv.lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
fi
'';
# Extract the Node.js source code which is used to compile packages with
# native bindings
nodeSources = runCommand "node-sources" {} ''
tar --no-same-owner --no-same-permissions -xf ${nodejs.src}
mv node-* $out
'';
# Script that adds _integrity fields to all package.json files to prevent NPM from consulting the cache (that is empty)
addIntegrityFieldsScript = writeTextFile {
name = "addintegrityfields.js";
text = ''
var fs = require('fs');
var path = require('path');
function augmentDependencies(baseDir, dependencies) {
for(var dependencyName in dependencies) {
var dependency = dependencies[dependencyName];
// Open package.json and augment metadata fields
var packageJSONDir = path.join(baseDir, "node_modules", dependencyName);
var packageJSONPath = path.join(packageJSONDir, "package.json");
if(fs.existsSync(packageJSONPath)) { // Only augment packages that exist. Sometimes we may have production installs in which development dependencies can be ignored
console.log("Adding metadata fields to: "+packageJSONPath);
var packageObj = JSON.parse(fs.readFileSync(packageJSONPath));
if(dependency.integrity) {
packageObj["_integrity"] = dependency.integrity;
} else {
packageObj["_integrity"] = "sha1-000000000000000000000000000="; // When no _integrity string has been provided (e.g. by Git dependencies), add a dummy one. It does not seem to harm and it bypasses downloads.
}
if(dependency.resolved) {
packageObj["_resolved"] = dependency.resolved; // Adopt the resolved property if one has been provided
} else {
packageObj["_resolved"] = dependency.version; // Set the resolved version to the version identifier. This prevents NPM from cloning Git repositories.
}
if(dependency.from !== undefined) { // Adopt from property if one has been provided
packageObj["_from"] = dependency.from;
}
fs.writeFileSync(packageJSONPath, JSON.stringify(packageObj, null, 2));
}
// Augment transitive dependencies
if(dependency.dependencies !== undefined) {
augmentDependencies(packageJSONDir, dependency.dependencies);
}
}
}
if(fs.existsSync("./package-lock.json")) {
var packageLock = JSON.parse(fs.readFileSync("./package-lock.json"));
if(packageLock.lockfileVersion !== 1) {
process.stderr.write("Sorry, I only understand lock file version 1!\n");
process.exit(1);
}
if(packageLock.dependencies !== undefined) {
augmentDependencies(".", packageLock.dependencies);
}
}
'';
};
# Reconstructs a package-lock file from the node_modules/ folder structure and package.json files with dummy sha1 hashes
reconstructPackageLock = writeTextFile {
name = "addintegrityfields.js";
text = ''
var fs = require('fs');
var path = require('path');
var packageObj = JSON.parse(fs.readFileSync("package.json"));
var lockObj = {
name: packageObj.name,
version: packageObj.version,
lockfileVersion: 1,
requires: true,
dependencies: {}
};
function augmentPackageJSON(filePath, dependencies) {
var packageJSON = path.join(filePath, "package.json");
if(fs.existsSync(packageJSON)) {
var packageObj = JSON.parse(fs.readFileSync(packageJSON));
dependencies[packageObj.name] = {
version: packageObj.version,
integrity: "sha1-000000000000000000000000000=",
dependencies: {}
};
processDependencies(path.join(filePath, "node_modules"), dependencies[packageObj.name].dependencies);
}
}
function processDependencies(dir, dependencies) {
if(fs.existsSync(dir)) {
var files = fs.readdirSync(dir);
files.forEach(function(entry) {
var filePath = path.join(dir, entry);
var stats = fs.statSync(filePath);
if(stats.isDirectory()) {
if(entry.substr(0, 1) == "@") {
// When we encounter a namespace folder, augment all packages belonging to the scope
var pkgFiles = fs.readdirSync(filePath);
pkgFiles.forEach(function(entry) {
if(stats.isDirectory()) {
var pkgFilePath = path.join(filePath, entry);
augmentPackageJSON(pkgFilePath, dependencies);
}
});
} else {
augmentPackageJSON(filePath, dependencies);
}
}
});
}
}
processDependencies("node_modules", lockObj.dependencies);
fs.writeFileSync("package-lock.json", JSON.stringify(lockObj, null, 2));
'';
};
prepareAndInvokeNPM = {packageName, bypassCache, reconstructLock, npmFlags, production}:
let
forceOfflineFlag = if bypassCache then "--offline" else "--registry http://www.example.com";
in
''
# Pinpoint the versions of all dependencies to the ones that are actually being used
echo "pinpointing versions of dependencies..."
source $pinpointDependenciesScriptPath
# Patch the shebangs of the bundled modules to prevent them from
# calling executables outside the Nix store as much as possible
patchShebangs .
# Deploy the Node.js package by running npm install. Since the
# dependencies have been provided already by ourselves, it should not
# attempt to install them again, which is good, because we want to make
# it Nix's responsibility. If it needs to install any dependencies
# anyway (e.g. because the dependency parameters are
# incomplete/incorrect), it fails.
#
# The other responsibilities of NPM are kept -- version checks, build
# steps, postprocessing etc.
export HOME=$TMPDIR
cd "${packageName}"
runHook preRebuild
${stdenv.lib.optionalString bypassCache ''
${stdenv.lib.optionalString reconstructLock ''
if [ -f package-lock.json ]
then
echo "WARNING: Reconstruct lock option enabled, but a lock file already exists!"
echo "This will most likely result in version mismatches! We will remove the lock file and regenerate it!"
rm package-lock.json
else
echo "No package-lock.json file found, reconstructing..."
fi
node ${reconstructPackageLock}
''}
node ${addIntegrityFieldsScript}
''}
npm ${forceOfflineFlag} --nodedir=${nodeSources} ${npmFlags} ${stdenv.lib.optionalString production "--production"} rebuild
if [ "''${dontNpmInstall-}" != "1" ]
then
# NPM tries to download packages even when they already exist if npm-shrinkwrap is used.
rm -f npm-shrinkwrap.json
npm ${forceOfflineFlag} --nodedir=${nodeSources} ${npmFlags} ${stdenv.lib.optionalString production "--production"} install
fi
'';
# Builds and composes an NPM package including all its dependencies
buildNodePackage =
{ name
, packageName
, version
, dependencies ? []
, buildInputs ? []
, production ? true
, npmFlags ? ""
, dontNpmInstall ? false
, bypassCache ? false
, reconstructLock ? false
, preRebuild ? ""
, dontStrip ? true
, unpackPhase ? "true"
, buildPhase ? "true"
, ... }@args:
let
extraArgs = removeAttrs args [ "name" "dependencies" "buildInputs" "dontStrip" "dontNpmInstall" "preRebuild" "unpackPhase" "buildPhase" ];
in
stdenv.mkDerivation ({
name = "node_${name}-${version}";
buildInputs = [ tarWrapper python nodejs ]
++ stdenv.lib.optional (stdenv.isLinux) utillinux
++ stdenv.lib.optional (stdenv.isDarwin) libtool
++ buildInputs;
inherit nodejs;
inherit dontStrip; # Stripping may fail a build for some package deployments
inherit dontNpmInstall preRebuild unpackPhase buildPhase;
compositionScript = composePackage args;
pinpointDependenciesScript = pinpointDependenciesOfPackage args;
passAsFile = [ "compositionScript" "pinpointDependenciesScript" ];
installPhase = ''
# Create and enter a root node_modules/ folder
mkdir -p $out/lib/node_modules
cd $out/lib/node_modules
# Compose the package and all its dependencies
source $compositionScriptPath
${prepareAndInvokeNPM { inherit packageName bypassCache reconstructLock npmFlags production; }}
# Create symlink to the deployed executable folder, if applicable
if [ -d "$out/lib/node_modules/.bin" ]
then
ln -s $out/lib/node_modules/.bin $out/bin
fi
# Create symlinks to the deployed manual page folders, if applicable
if [ -d "$out/lib/node_modules/${packageName}/man" ]
then
mkdir -p $out/share
for dir in "$out/lib/node_modules/${packageName}/man/"*
do
mkdir -p $out/share/man/$(basename "$dir")
for page in "$dir"/*
do
ln -s $page $out/share/man/$(basename "$dir")
done
done
fi
# Run post install hook, if provided
runHook postInstall
'';
} // extraArgs);
# Builds a development shell
buildNodeShell =
{ name
, packageName
, version
, src
, dependencies ? []
, buildInputs ? []
, production ? true
, npmFlags ? ""
, dontNpmInstall ? false
, bypassCache ? false
, reconstructLock ? false
, dontStrip ? true
, unpackPhase ? "true"
, buildPhase ? "true"
, ... }@args:
let
extraArgs = removeAttrs args [ "name" "dependencies" "buildInputs" ];
nodeDependencies = stdenv.mkDerivation ({
name = "node-dependencies-${name}-${version}";
buildInputs = [ tarWrapper python nodejs ]
++ stdenv.lib.optional (stdenv.isLinux) utillinux
++ stdenv.lib.optional (stdenv.isDarwin) libtool
++ buildInputs;
inherit dontStrip; # Stripping may fail a build for some package deployments
inherit dontNpmInstall unpackPhase buildPhase;
includeScript = includeDependencies { inherit dependencies; };
pinpointDependenciesScript = pinpointDependenciesOfPackage args;
passAsFile = [ "includeScript" "pinpointDependenciesScript" ];
installPhase = ''
mkdir -p $out/${packageName}
cd $out/${packageName}
source $includeScriptPath
# Create fake package.json to make the npm commands work properly
cp ${src}/package.json .
chmod 644 package.json
${stdenv.lib.optionalString bypassCache ''
if [ -f ${src}/package-lock.json ]
then
cp ${src}/package-lock.json .
fi
''}
# Go to the parent folder to make sure that all packages are pinpointed
cd ..
${stdenv.lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
${prepareAndInvokeNPM { inherit packageName bypassCache reconstructLock npmFlags production; }}
# Expose the executables that were installed
cd ..
${stdenv.lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
mv ${packageName} lib
ln -s $out/lib/node_modules/.bin $out/bin
'';
} // extraArgs);
in
stdenv.mkDerivation {
name = "node-shell-${name}-${version}";
buildInputs = [ python nodejs ] ++ stdenv.lib.optional (stdenv.isLinux) utillinux ++ buildInputs;
buildCommand = ''
mkdir -p $out/bin
cat > $out/bin/shell <<EOF
#! ${stdenv.shell} -e
$shellHook
exec ${stdenv.shell}
EOF
chmod +x $out/bin/shell
'';
# Provide the dependencies in a development shell through the NODE_PATH environment variable
inherit nodeDependencies;
shellHook = stdenv.lib.optionalString (dependencies != []) ''
export NODE_PATH=${nodeDependencies}/lib/node_modules
export PATH="${nodeDependencies}/bin:$PATH"
'';
};
in
{
buildNodeSourceDist = stdenv.lib.makeOverridable buildNodeSourceDist;
buildNodePackage = stdenv.lib.makeOverridable buildNodePackage;
buildNodeShell = stdenv.lib.makeOverridable buildNodeShell;
}

View File

@ -9,5 +9,6 @@
"elm-verify-examples",
"elm-xref",
"create-elm-app",
"elm-optimize-level-2"
"elm-optimize-level-2",
"elm-review"
]

File diff suppressed because it is too large Load Diff

View File

@ -1,12 +1,12 @@
{ fetchurl, stdenv, zlib, openssl, libuuid, pkgconfig }:
stdenv.mkDerivation rec {
version = "20171104";
version = "20201129";
pname = "libewf";
src = fetchurl {
url = "https://github.com/libyal/libewf/releases/download/${version}/libewf-experimental-${version}.tar.gz";
sha256 = "0h7036gpj5cryvh17aq6i2cpnbpwg5yswmfydxbbwvd9yfxd6dng";
sha256 = "168k1az9hm0lajh57zlbknsq5m8civ1rzp81zz4sd7v64xilzxdk";
};
nativeBuildInputs = [ pkgconfig ];

View File

@ -1,6 +1,5 @@
{ stdenv
, fetchFromGitLab
, fetchpatch
, meson
, ninja
, pkg-config
@ -9,25 +8,16 @@
stdenv.mkDerivation rec {
pname = "libslirp";
version = "4.3.1";
version = "4.4.0";
src = fetchFromGitLab {
domain = "gitlab.freedesktop.org";
owner = "slirp";
repo = pname;
rev = "v${version}";
sha256 = "0pzgjj2x2vrjshrzrl2x39xp5lgwg4b4y9vs8xvadh1ycl10v3fv";
sha256 = "0abh337jvij664w65zszjql42n720zzfap0ab0amr4qcvkzw7bjx";
};
patches = [
# remove >4.3.1
(fetchpatch {
name = "CVE-2020-29129_CVE-2020-29130.patch";
url = "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f.patch";
sha256 = "01vbjqgnc0kp881l5p6b31cyyirhwhavm6x36hlgkymswvl3wh9w";
})
];
nativeBuildInputs = [ meson ninja pkg-config ];
buildInputs = [ glib ];
@ -41,6 +31,6 @@ stdenv.mkDerivation rec {
homepage = "https://gitlab.freedesktop.org/slirp/libslirp";
license = licenses.bsd3;
maintainers = with maintainers; [ orivej ];
platforms = platforms.linux;
platforms = platforms.unix;
};
}

View File

@ -1,7 +1,7 @@
{ stdenv, fetchzip, netcdf, netcdfcxx4, gsl, udunits, antlr, which, curl, flex, coreutils }:
stdenv.mkDerivation rec {
version = "4.9.5";
version = "4.9.6";
pname = "nco";
nativeBuildInputs = [ flex which ];
@ -9,7 +9,7 @@ stdenv.mkDerivation rec {
src = fetchzip {
url = "https://github.com/nco/nco/archive/${version}.tar.gz";
sha256 = "0xp377rsamn2hwhzaf0ih70wd5274flpz74grys1b7rpbvbyf1bw";
sha256 = "0f8vf66700dcr48jqd371bbldc61xkrilby13xp8j5l9q4xal808";
};
prePatch = ''

View File

@ -3,7 +3,7 @@
buildDunePackage rec {
pname = "mirage-runtime";
version = "3.9.0";
version = "3.10.0";
useDune2 = true;
@ -11,7 +11,7 @@ buildDunePackage rec {
src = fetchurl {
url = "https://github.com/mirage/mirage/releases/download/v${version}/mirage-v${version}.tbz";
sha256 = "1hznh49v1jlkwww6xi9f2f4yjzlh9qfvdrrdzvddnwsh3g00flla";
sha256 = "01nq358bilsvvwrvyavc5gik1csjljn4rb3k8yx94gxvbj5vx4h2";
};
propagatedBuildInputs = [ ipaddr functoria-runtime fmt logs ocaml_lwt ];

View File

@ -0,0 +1,13 @@
{ lib, buildDunePackage, mirage-types
}:
buildDunePackage {
pname = "mirage-types-lwt";
inherit (mirage-types) version src useDune2;
propagatedBuildInputs = [ mirage-types ];
meta = mirage-types.meta // {
description = "Lwt module type definitions for MirageOS applications";
};
}

View File

@ -0,0 +1,19 @@
{ lib, buildDunePackage, mirage
, mirage-block, mirage-channel, mirage-clock, mirage-console, mirage-device
, mirage-flow, mirage-fs, mirage-kv, mirage-net, mirage-protocols, mirage-random
, mirage-stack, mirage-time
}:
buildDunePackage {
pname = "mirage-types";
inherit (mirage) src version useDune2;
propagatedBuildInputs = [ mirage-block mirage-channel mirage-clock
mirage-console mirage-device mirage-flow mirage-fs mirage-kv mirage-net
mirage-protocols mirage-random mirage-stack mirage-time
];
meta = mirage.meta // {
description = "Module type definitions for MirageOS applications";
};
}

View File

@ -1,14 +1,14 @@
{ mkDerivation, fetchurl, pkgs, lib, php }:
let
pname = "phpstan";
version = "0.12.57";
version = "0.12.58";
in
mkDerivation {
inherit pname version;
src = pkgs.fetchurl {
url = "https://github.com/phpstan/phpstan/releases/download/${version}/phpstan.phar";
sha256 = "0i1ycfmi638myl9840k4rl0z9klk0q25l8ykkkfg20kx5mdidvgc";
sha256 = "1509z783rhrnlx32a3yg58sy81971dv1sf8nzs8am2m9qnpmdcll";
};
phases = [ "installPhase" ];

View File

@ -3,8 +3,8 @@
buildPecl {
pname = "yaml";
version = "2.1.0";
sha256 = "0rmn2irzny24ivzc09ss46s2s48i0zy2cww7ikphljqbfx6zdjss";
version = "2.2.0";
sha256 = "1d65cf5vnr7brhxmy1pi2axjiyvdhmpcnq0qlx5spwlgkv6hnyml";
configureFlags = [ "--with-yaml=${pkgs.libyaml}" ];

View File

@ -8,11 +8,11 @@
buildPythonPackage rec {
pname = "sphinx_rtd_theme";
version = "0.5.0";
version = "0.4.3";
src = fetchPypi {
inherit pname version;
sha256 = "22c795ba2832a169ca301cd0a083f7a434e09c538c70beb42782c073651b707d";
sha256 = "728607e34d60456d736cc7991fd236afb828b21b82f956c5ea75f94c8414040a";
};
propagatedBuildInputs = [ sphinx ];

View File

@ -0,0 +1,41 @@
{ stdenv, fetchFromGitHub, bash, installShellFiles }:
stdenv.mkDerivation rec {
pname = "rbenv";
version = "1.1.2";
nativeBuildInputs = [ installShellFiles ];
src = fetchFromGitHub {
owner = "rbenv";
repo = "rbenv";
rev = "v${version}";
sha256 = "12i050vs35iiblxga43zrj7xwbaisv3mq55y9ikagkr8pj1vmq53";
};
postPatch = ''
patchShebangs src/configure
pushd src
'';
installPhase = ''
popd
mkdir -p $out/bin
mv libexec $out
ln -s $out/libexec/rbenv $out/bin/rbenv
installShellCompletion completions/rbenv.{bash,zsh}
'';
meta = with stdenv.lib; {
description = "Groom your apps Ruby environment";
longDescription = ''
Use rbenv to pick a Ruby version for your application and guarantee that your development environment matches production.
Put rbenv to work with Bundler for painless Ruby upgrades and bulletproof deployments.
'';
homepage = "https://github.com/rbenv/rbenv";
license = licenses.mit;
maintainers = with maintainers; [ fzakaria ];
platforms = platforms.all;
};
}

View File

@ -108,6 +108,10 @@ stdenv.mkDerivation rec {
sfml
];
postInstall = lib.optionalString stdenv.hostPlatform.isLinux ''
install -D $src/Data/51-usb-device.rules $out/etc/udev/rules.d/51-usb-device.rules
'';
meta = with lib; {
homepage = "https://dolphin-emu.org/";
description = "Gamecube/Wii/Triforce emulator for x86_64 and ARMv8";

View File

@ -71,6 +71,8 @@ in stdenv.mkDerivation rec {
postInstall = ''
cp -r ${desktopItem}/share/applications $out/share
ln -sf $out/bin/dolphin-emu $out/bin/dolphin-emu-master
'' + lib.optionalString stdenv.hostPlatform.isLinux ''
install -D $src/Data/51-usb-device.rules $out/etc/udev/rules.d/51-usb-device.rules
'';
meta = with lib; {

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "postsrsd";
version = "1.6";
version = "1.7";
src = fetchFromGitHub {
owner = "roehling";
repo = "postsrsd";
rev = version;
sha256 = "1dza22f0zlzsvr2dpnmsg8m8mj9rgdk0pzm1wvxrcfwyi8899ggm";
sha256 = "11yr557m60a62m4wxi20lr8kmagjrgndmnwlxzr241bwb20ba96x";
};
cmakeFlags = [ "-DGENERATE_SRS_SECRET=OFF" "-DINIT_FLAVOR=systemd" ];

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "pounce";
version = "2.0";
version = "2.1p1";
src = fetchzip {
url = "https://git.causal.agency/pounce/snapshot/pounce-${version}.tar.gz";
sha256 = "0vr42s8l617k6893zq7qn9wz7kcdchmr99ivbkrmvd38qrhsa02l";
sha256 = "1gphia45swj4ws6nrklqg1hvjrc6yw921v0pf29cvjhwrfl6dl0h";
};
buildInputs = [ libressl ];

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "oil";
version = "0.8.4";
version = "0.8.5";
src = fetchurl {
url = "https://www.oilshell.org/download/oil-${version}.tar.xz";
sha256 = "0ydqwyghnkgbpsdi49vnrx2khs3y0d0bzdzcvjjr999ycmnirz88";
sha256 = "1z0p08q4808h78bp6nwdszpfavhr4y7n313bp0gg5qdbssnciq1v";
};
postPatch = ''

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "playerctl";
version = "2.2.1";
version = "2.3.1";
src = fetchFromGitHub {
owner = "acrisci";
repo = "playerctl";
rev = "v${version}";
sha256 = "17hi33sw3663qz5v54bqqil31sgkrlxkb2l5bgqk87pac6x2wnbz";
sha256 = "00z5c6amlxd3q42l7x8i0ngl627dxglgg5vikbbhjp9ms34xbxdn";
};
nativeBuildInputs = [ meson ninja pkgconfig gtk-doc docbook_xsl gobject-introspection ];

View File

@ -1,11 +1,12 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
name = "mtools-4.0.25";
pname = "mtools";
version = "4.0.26";
src = fetchurl {
url = "mirror://gnu/mtools/${name}.tar.bz2";
sha256 = "059cirrarizvcxv8zyp6ykaz45rymljpgdkdjc9kvadp7gn1w5px";
url = "mirror://gnu/mtools/${pname}-${version}.tar.bz2";
sha256 = "06pabnjc4r2vv3dzfm6q97g6jbp2k5bhmcdwv2cf25ka8y5ir7sk";
};
patches = stdenv.lib.optional stdenv.isDarwin ./UNUSED-darwin.patch;

View File

@ -1,15 +1,15 @@
{ stdenv, fetchCrate, rustPlatform }:
rustPlatform.buildRustPackage rec {
version = "4.0.1";
version = "4.0.2";
pname = "oxipng";
src = fetchCrate {
inherit version pname;
sha256 = "0mgd33cb112yg1bz8jhsbk2w8p2gdiw510bfv4z82b2mg6pl6b9r";
sha256 = "0m36af9w1l6pc71fjbgyzcsszizwayvcv5d750zz2bnj23c77m69";
};
cargoSha256 = "01g3qansrvvv85b1kxg4609lnj3bizavg3r7651hn03cnlychj2n";
cargoSha256 = "16fby8ncdq0dyg9r0glrqwi04sja34br306c5sj22cq1dm3bb64q";
doCheck = !stdenv.isAarch64 && !stdenv.isDarwin;

View File

@ -11,13 +11,13 @@
stdenv.mkDerivation rec {
pname = "slirp4netns";
version = "1.1.7";
version = "1.1.8";
src = fetchFromGitHub {
owner = "rootless-containers";
repo = "slirp4netns";
rev = "v${version}";
sha256 = "1zvmsin7pgfwafj5qr8fcixg01xfq1xhjd93klyxhmacfxirhkgw";
sha256 = "06813k8a1gpakgykz5h75qpdlhrci9r39309n3qqh34ynbjil468";
};
nativeBuildInputs = [ autoreconfHook pkg-config ];

View File

@ -18,7 +18,7 @@
stdenv.mkDerivation rec {
pname = "thermald";
version = "2.3";
version = "2.4.1";
outputs = [ "out" "devdoc" ];
@ -26,7 +26,7 @@ stdenv.mkDerivation rec {
owner = "intel";
repo = "thermal_daemon";
rev = "v${version}";
sha256 = "0cisaca2c2z1x9xvxc4lr6nl6yqx5bww6brh73m0p1n643jgq1dl";
sha256 = "0rlac7v1b59m7gh767hkd8a0r4p001nd24786fnmryygbxynd2s6";
};
nativeBuildInputs = [

View File

@ -365,6 +365,8 @@ in
fetchhg = callPackage ../build-support/fetchhg { };
fetchFirefoxAddon = callPackage ../build-support/fetchfirefoxaddon {};
# `fetchurl' downloads a file from the network.
fetchurl = if stdenv.buildPlatform != stdenv.hostPlatform
then buildPackages.fetchurl # No need to do special overrides twice,
@ -10705,6 +10707,8 @@ in
solargraph = callPackage ../development/ruby-modules/solargraph { };
rbenv = callPackage ../development/ruby-modules/rbenv { };
inherit (callPackage ../development/interpreters/ruby {
inherit (darwin) libiconv libobjc libunwind;
inherit (darwin.apple_sdk.frameworks) Foundation;

View File

@ -599,6 +599,10 @@ let
mirage-time-unix = callPackage ../development/ocaml-modules/mirage-time/unix.nix { };
mirage-types = callPackage ../development/ocaml-modules/mirage/types.nix { };
mirage-types-lwt = callPackage ../development/ocaml-modules/mirage/types-lwt.nix { };
mirage-unix = callPackage ../development/ocaml-modules/mirage-unix { };
mlgmp = callPackage ../development/ocaml-modules/mlgmp { };