Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2021-11-01 00:02:05 +00:00 committed by GitHub
commit bef900528f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
119 changed files with 1128 additions and 942 deletions

View File

@ -10,13 +10,18 @@ jobs:
steps:
- uses: actions/checkout@v2
with:
# required to find all branches
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Create backport PRs
uses: zeebe-io/backport-action@v0.0.7
# should be kept in sync with `version`
uses: zeebe-io/backport-action@v0.0.5
with:
# Config README: https://github.com/zeebe-io/backport-action#backport-action
github_token: ${{ secrets.GITHUB_TOKEN }}
github_workspace: ${{ github.workspace }}
# should be kept in sync with `uses`
version: v0.0.5
pull_description: |-
Bot-based backport to `${target_branch}`, triggered by a label in #${pull_number}.

View File

@ -3271,6 +3271,7 @@
};
ekleog = {
email = "leo@gaspard.io";
matrix = "@leo:gaspard.ninja";
github = "ekleog";
githubId = 411447;
name = "Leo Gaspard";

View File

@ -114,7 +114,7 @@ async def check_changes(package: Dict, worktree: str, update_info: str):
changes[0]['newVersion'] = json.loads((await obtain_new_version_process.stdout.read()).decode('utf-8'))
if 'files' not in changes[0]:
changed_files_process = await check_subprocess('git', 'diff', '--name-only', stdout=asyncio.subprocess.PIPE, cwd=worktree)
changed_files_process = await check_subprocess('git', 'diff', '--name-only', 'HEAD', stdout=asyncio.subprocess.PIPE, cwd=worktree)
changed_files = (await changed_files_process.stdout.read()).splitlines()
changes[0]['files'] = changed_files

View File

@ -570,6 +570,17 @@ Superuser created successfully.
<link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>.
</para>
</listitem>
<listitem>
<para>
<literal>ihatemoney</literal> has been updated to version
5.1.1
(<link xlink:href="https://github.com/spiral-project/ihatemoney/blob/5.1.1/CHANGELOG.rst">release
notes</link>). If you serve ihatemoney by HTTP rather than
HTTPS, you must set
<link xlink:href="options.html#opt-services.ihatemoney.secureCookie">services.ihatemoney.secureCookie</link>
to <literal>false</literal>.
</para>
</listitem>
<listitem>
<para>
PHP 7.3 is no longer supported due to upstream not supporting

View File

@ -208,6 +208,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- `services.geoip-updater` was broken and has been replaced by [services.geoipupdate](options.html#opt-services.geoipupdate.enable).
- `ihatemoney` has been updated to version 5.1.1 ([release notes](https://github.com/spiral-project/ihatemoney/blob/5.1.1/CHANGELOG.rst)). If you serve ihatemoney by HTTP rather than HTTPS, you must set [services.ihatemoney.secureCookie](options.html#opt-services.ihatemoney.secureCookie) to `false`.
- PHP 7.3 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 21.11 release.
- Those making use of `buildBazelPackage` will need to regenerate the fetch hashes (preferred), or set `fetchConfigured = false;`.

View File

@ -42,6 +42,8 @@ in
}
];
environment.systemPackages = [ package ];
services.dbus.packages = [ package ];
services.udev.packages = [ package ];

View File

@ -13,7 +13,7 @@ in
{
###### interface
meta.maintainers = with maintainers; [ philandstuff rawkode ];
meta.maintainers = with maintainers; [ philandstuff rawkode jwoudenberg ];
options = {
@ -49,6 +49,12 @@ in
# yubikey-agent package
systemd.user.services.yubikey-agent = mkIf (pinentryFlavor != null) {
path = [ pkgs.pinentry.${pinentryFlavor} ];
wantedBy = [
(if pinentryFlavor == "tty" || pinentryFlavor == "curses" then
"default.target"
else
"graphical-session.target")
];
};
environment.extraInit = ''

View File

@ -33,11 +33,14 @@ let
then "sqlite:////var/lib/ihatemoney/ihatemoney.sqlite"
else "postgresql:///${db}"}'
SQLALCHEMY_TRACK_MODIFICATIONS = False
MAIL_DEFAULT_SENDER = ("${cfg.defaultSender.name}", "${cfg.defaultSender.email}")
MAIL_DEFAULT_SENDER = (r"${cfg.defaultSender.name}", r"${cfg.defaultSender.email}")
ACTIVATE_DEMO_PROJECT = ${toBool cfg.enableDemoProject}
ADMIN_PASSWORD = "${toString cfg.adminHashedPassword /*toString null == ""*/}"
ADMIN_PASSWORD = r"${toString cfg.adminHashedPassword /*toString null == ""*/}"
ALLOW_PUBLIC_PROJECT_CREATION = ${toBool cfg.enablePublicProjectCreation}
ACTIVATE_ADMIN_DASHBOARD = ${toBool cfg.enableAdminDashboard}
SESSION_COOKIE_SECURE = ${toBool cfg.secureCookie}
ENABLE_CAPTCHA = ${toBool cfg.enableCaptcha}
LEGAL_LINK = r"${toString cfg.legalLink}"
${cfg.extraConfig}
'';
@ -79,9 +82,20 @@ in
description = "The email of the sender of ihatemoney emails";
};
};
secureCookie = mkOption {
type = types.bool;
default = true;
description = "Use secure cookies. Disable this when ihatemoney is served via http instead of https";
};
enableDemoProject = mkEnableOption "access to the demo project in ihatemoney";
enablePublicProjectCreation = mkEnableOption "permission to create projects in ihatemoney by anyone";
enableAdminDashboard = mkEnableOption "ihatemoney admin dashboard";
enableCaptcha = mkEnableOption "a simplistic captcha for some forms";
legalLink = mkOption {
type = types.nullOr types.str;
default = null;
description = "The URL to a page explaining legal statements about your service, eg. GDPR-related information.";
};
extraConfig = mkOption {
type = types.str;
default = "";

View File

@ -26,13 +26,11 @@ in
agda = handleTest ./agda.nix {};
airsonic = handleTest ./airsonic.nix {};
amazon-init-shell = handleTest ./amazon-init-shell.nix {};
ammonite = handleTest ./ammonite.nix {};
apparmor = handleTest ./apparmor.nix {};
atd = handleTest ./atd.nix {};
atop = handleTest ./atop.nix {};
avahi = handleTest ./avahi.nix {};
avahi-with-resolved = handleTest ./avahi.nix { networkd = true; };
awscli = handleTest ./awscli.nix { };
babeld = handleTest ./babeld.nix {};
bazarr = handleTest ./bazarr.nix {};
bcachefs = handleTestOn ["x86_64-linux"] ./bcachefs.nix {}; # linux-4.18.2018.10.12 is unsupported on aarch64
@ -191,7 +189,7 @@ in
i3wm = handleTest ./i3wm.nix {};
icingaweb2 = handleTest ./icingaweb2.nix {};
iftop = handleTest ./iftop.nix {};
ihatemoney = handleTest ./ihatemoney.nix {};
ihatemoney = handleTest ./ihatemoney {};
incron = handleTest ./incron.nix {};
influxdb = handleTest ./influxdb.nix {};
initrd-network-openvpn = handleTest ./initrd-network-openvpn {};
@ -370,6 +368,7 @@ in
postgresql = handleTest ./postgresql.nix {};
postgresql-wal-receiver = handleTest ./postgresql-wal-receiver.nix {};
powerdns = handleTest ./powerdns.nix {};
power-profiles-daemon = handleTest ./power-profiles-daemon.nix {};
pppd = handleTest ./pppd.nix {};
predictable-interface-names = handleTest ./predictable-interface-names.nix {};
printing = handleTest ./printing.nix {};

View File

@ -1,20 +0,0 @@
import ./make-test-python.nix ({ pkgs, ...} : {
name = "ammonite";
meta = with pkgs.lib.maintainers; {
maintainers = [ nequissimus ];
};
nodes = {
amm =
{ pkgs, ... }:
{
environment.systemPackages = [ (pkgs.ammonite.override { jre = pkgs.jre8; }) ];
};
};
testScript = ''
start_all()
amm.succeed("amm -c 'val foo = 21; println(foo * 2)' | grep 42")
'';
})

View File

@ -1,17 +0,0 @@
import ./make-test-python.nix ({ pkgs, ...} : {
name = "awscli";
meta = with pkgs.lib.maintainers; {
maintainers = [ nequissimus ];
};
machine = { pkgs, ... }:
{
environment.systemPackages = [ pkgs.awscli ];
};
testScript =
''
assert "${pkgs.python3Packages.botocore.version}" in machine.succeed("aws --version")
assert "${pkgs.awscli.version}" in machine.succeed("aws --version")
'';
})

View File

@ -1,12 +0,0 @@
import ./make-test-python.nix ({ pkgs, ... }: {
name = "cifs-utils";
machine = { pkgs, ... }: { environment.systemPackages = [ pkgs.cifs-utils ]; };
testScript = ''
machine.succeed("smbinfo -h")
machine.succeed("smb2-quota -h")
assert "${pkgs.cifs-utils.version}" in machine.succeed("cifs.upcall -v")
assert "${pkgs.cifs-utils.version}" in machine.succeed("mount.cifs -V")
'';
})

View File

@ -1,22 +1,36 @@
{ system ? builtins.currentSystem,
config ? {},
pkgs ? import ../.. { inherit system config; }
pkgs ? import ../../.. { inherit system config; }
}:
let
inherit (import ../lib/testing-python.nix { inherit system pkgs; }) makeTest;
inherit (import ../../lib/testing-python.nix { inherit system pkgs; }) makeTest;
f = backend: makeTest {
name = "ihatemoney-${backend}";
machine = { lib, ... }: {
machine = { nodes, lib, ... }: {
services.ihatemoney = {
enable = true;
enablePublicProjectCreation = true;
secureCookie = false;
inherit backend;
uwsgiConfig = {
http = ":8000";
};
};
boot.cleanTmpDir = true;
# for exchange rates
security.pki.certificateFiles = [ ./server.crt ];
networking.extraHosts = "127.0.0.1 api.exchangerate.host";
services.nginx = {
enable = true;
virtualHosts."api.exchangerate.host" = {
addSSL = true;
# openssl req -x509 -newkey rsa:4096 -keyout server.key -out server.crt -days 1000000 -nodes -subj '/CN=api.exchangerate.host'
sslCertificate = ./server.crt;
sslCertificateKey = ./server.key;
locations."/".return = "200 '${builtins.readFile ./rates.json}'";
};
};
# ihatemoney needs a local smtp server otherwise project creation just crashes
services.opensmtpd = {
enable = true;
@ -30,11 +44,13 @@ let
testScript = ''
machine.wait_for_open_port(8000)
machine.wait_for_unit("uwsgi.service")
machine.wait_until_succeeds("curl http://localhost:8000")
machine.wait_until_succeeds("curl --fail https://api.exchangerate.host")
machine.wait_until_succeeds("curl --fail http://localhost:8000")
assert '"yay"' in machine.succeed(
"curl -X POST http://localhost:8000/api/projects -d 'name=yay&id=yay&password=yay&contact_email=yay@example.com'"
result = machine.succeed(
"curl --fail -X POST http://localhost:8000/api/projects -d 'name=yay&id=yay&password=yay&contact_email=yay@example.com&default_currency=XXX'"
)
assert '"yay"' in result, repr(result)
owner, timestamp = machine.succeed(
"stat --printf %U:%G___%Y /var/lib/ihatemoney/secret_key"
).split("___")
@ -47,13 +63,13 @@ let
machine.wait_for_unit("uwsgi.service")
with subtest("check that the database is really persistent"):
machine.succeed("curl --basic -u yay:yay http://localhost:8000/api/projects/yay")
machine.succeed("curl --fail --basic -u yay:yay http://localhost:8000/api/projects/yay")
with subtest("check that the secret key is really persistent"):
timestamp2 = machine.succeed("stat --printf %Y /var/lib/ihatemoney/secret_key")
assert timestamp == timestamp2
assert "ihatemoney" in machine.succeed("curl http://localhost:8000")
assert "ihatemoney" in machine.succeed("curl --fail http://localhost:8000")
'';
};
in {

View File

@ -0,0 +1,39 @@
{
"rates": {
"CAD": 1.3420055134,
"HKD": 7.7513783598,
"ISK": 135.9407305307,
"PHP": 49.3762922123,
"DKK": 6.4126464507,
"HUF": 298.9145416954,
"CZK": 22.6292212267,
"GBP": 0.7838128877,
"RON": 4.1630771881,
"SEK": 8.8464851826,
"IDR": 14629.5658166782,
"INR": 74.8328738801,
"BRL": 5.2357856651,
"RUB": 71.8416609235,
"HRK": 6.4757064094,
"JPY": 106.2715368711,
"THB": 31.7203652653,
"CHF": 0.9243625086,
"EUR": 0.8614748449,
"MYR": 4.2644727774,
"BGN": 1.6848725017,
"TRY": 6.8483804273,
"CNY": 7.0169710544,
"NOK": 9.213731909,
"NZD": 1.5080978635,
"ZAR": 16.7427636113,
"USD": 1,
"MXN": 22.4676085458,
"SGD": 1.3855099931,
"AUD": 1.4107512061,
"ILS": 3.4150585803,
"KRW": 1203.3339076499,
"PLN": 3.794452102
},
"base": "USD",
"date": "2020-07-24"
}

View File

@ -0,0 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIEvjCCAqYCCQDkTQrENPCZjjANBgkqhkiG9w0BAQsFADAgMR4wHAYDVQQDDBVh
cGkuZXhjaGFuZ2VyYXRlLmhvc3QwIBcNMjEwNzE0MTI1MzQ0WhgPNDc1OTA2MTEx
MjUzNDRaMCAxHjAcBgNVBAMMFWFwaS5leGNoYW5nZXJhdGUuaG9zdDCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBAL5zpwUYa/ySqvJ/PUnXYsl1ww5SNGJh
NujCRxC0Gw+5t5O7USSHRdz7Eb2PNFMa7JR+lliLAWdjHfqPXJWmP10X5ebvyxeQ
TJkR1HpDSY6TQQlJvwr/JNGryyoQYjXvnyeyVu4TS3U0TTI631OonDAj+HbFIs9L
gr/HfHzFmxRVLwaJ7hebanihc5RzoWTxgswiOwYQu5AivXQqcvUIxELeT7CxWwiw
be/SlalDgoezB/poqaa215FUuN2av+nTn+swH3WOi9kwePLgVKn9BnDMwyh8et13
yt27RWCSOcZagRSYsSbBaEJbClZvnuYvDqooJEy0GVbGBZpClKRKe92yd0PTf3ZJ
GupyNoCFQlGugY//WLrsPv/Q4WwP+qZ6t97sV0CdM+epKVde/LfPKn+tFMv86qIg
Q/uGHdDwUI8XH2EysAavhdlssSrovmpl4hyo9UkzTWfJgAbmOZY3Vba41wsq12FT
usDsswGLBD10MdXWltR/Hdk8OnosLmeJxfZODAv31KSfd+4b6Ntr9BYQvAQSO+1/
Mf7gEQtNhO003VKIyV5cpH4kVQieEcvoEKgq32NVBSKVf6UIPWIefu19kvrttaUu
Q2QW2Qm4Ph/4cWpxl0jcrN5rjmgaBtIMmKYjRIS0ThDWzfVkJdmJuATzExJAplLN
nYPBG3gOtQQpAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJzt/aN7wl88WrvBasVi
fSJmJjRaW2rYyBUMptQNkm9ElHN2eQQxJgLi8+9ArQxuGKhHx+D1wMGF8w2yOp0j
4atfbXDcT+cTQY55qdEeYgU8KhESHHGszGsUpv7hzU2cACZiXG0YbOmORFYcn49Z
yPyN98kW8BViLzNF9v+I/NJPuaaCeWKjXCqY2GCzddiuotrlLtz0CODXZJ506I1F
38vQgZb10yAe6+R4y0BK7sUlmfr9BBqVcDQ/z74Kph1aB32zwP8KrNitwG1Tyk6W
rxD1dStEQyX8uDPAspe2JrToMWsOMje9F5lotmuzyvwRJYfAav300EtIggBqpiHR
o0P/1xxBzmaCHxEUJegdoYg8Q27llqsjR2T78uv/BlxpX9Dv5kNex5EZThKqyz4a
Fn1VqiA3D9IsvxH4ud+8eDaP24u1yYObSTDIBsw9xDvoV8fV+NWoNNhcAL5GwC0P
Goh7/brZSHUprxGpwRB524E//8XmCsRd/+ShtXbi4gEODMH4xLdkD7fZIJC4eG1H
GOVc1MwjiYvbQlPs6MOcQ0iKQneSlaEJmyyO5Ro5OKiKj89Az/mLYX3R17AIsu0T
Q5pGcmhKVRyu0zXvkGfK352TLwoe+4vbmakDq21Pkkcy8V9M4wP+vpCfQkg1REQ1
+mr1Vg+SFya3mlCxpFTy3j8E
-----END CERTIFICATE-----

View File

@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC+c6cFGGv8kqry
fz1J12LJdcMOUjRiYTbowkcQtBsPubeTu1Ekh0Xc+xG9jzRTGuyUfpZYiwFnYx36
j1yVpj9dF+Xm78sXkEyZEdR6Q0mOk0EJSb8K/yTRq8sqEGI1758nslbuE0t1NE0y
Ot9TqJwwI/h2xSLPS4K/x3x8xZsUVS8Gie4Xm2p4oXOUc6Fk8YLMIjsGELuQIr10
KnL1CMRC3k+wsVsIsG3v0pWpQ4KHswf6aKmmtteRVLjdmr/p05/rMB91jovZMHjy
4FSp/QZwzMMofHrdd8rdu0VgkjnGWoEUmLEmwWhCWwpWb57mLw6qKCRMtBlWxgWa
QpSkSnvdsndD0392SRrqcjaAhUJRroGP/1i67D7/0OFsD/qmerfe7FdAnTPnqSlX
Xvy3zyp/rRTL/OqiIEP7hh3Q8FCPFx9hMrAGr4XZbLEq6L5qZeIcqPVJM01nyYAG
5jmWN1W2uNcLKtdhU7rA7LMBiwQ9dDHV1pbUfx3ZPDp6LC5nicX2TgwL99Skn3fu
G+jba/QWELwEEjvtfzH+4BELTYTtNN1SiMleXKR+JFUInhHL6BCoKt9jVQUilX+l
CD1iHn7tfZL67bWlLkNkFtkJuD4f+HFqcZdI3Kzea45oGgbSDJimI0SEtE4Q1s31
ZCXZibgE8xMSQKZSzZ2DwRt4DrUEKQIDAQABAoICAQCpwU465XTDUTvcH/vSCJB9
/2BYMH+OvRYDS7+qLM7+Kkxt+oWt6IEmIgfDDZTXCmWbSmXaEDS1IYzEG+qrXN6X
rMh4Gn7MxwrvWQwp2jYDRk+u5rPJKnh4Bwd0u9u+NZKIAJcpZ7tXgcHZJs6Os/hb
lIRP4RFQ8f5d0IKueDftXKwoyOKW2imB0m7CAHr4DajHKS+xDVMRe1Wg6IFE1YaS
D7O6S6tXyGKFZA+QKqN7LuHKmmW1Or5URM7uf5PV6JJfQKqZzu/qLCFyYvA0AFsw
SeMeAC5HnxIMp3KETHIA0gTCBgPJBpVWp+1D9AQPKhyJIHSShekcBi9SO0xgUB+s
h1UEcC2zf95Vson0KySX9zWRUZkrU8/0KYhYljN2/vdW8XxkRBC0pl3xWzq2kMgz
SscZqI/MzyeUHaQno62GRlWn+WKP2NidDfR0Td/ybge1DJX+aDIfjalfCEIbJeqm
BHn0CZ5z1RofatDlPj4p8+f2Trpcz/JCVKbGiQXi/08ZlCwkSIiOIcBVvAFErWop
GJOBDU3StS/MXhQVb8ZeCkPBz0TM24Sv1az/MuW4w8gavpQuBC4aD5zY/TOwG8ei
6S1sAZ0G2uc1A0FOngNvOyYYv+LImZKkWGXrLCRsqq6o/mh3M8bCHEY/lOZW8ZpL
FCsDOO8deVZl/OX1VtB0bQKCAQEA3qRWDlUpCAU8BKa5Z1oRUz06e5KD58t2HpG8
ndM3UO/F1XNB/6OGMWpL/XuBKOnWIB39UzsnnEtehKURTqqAsB1K3JQ5Q/FyuXRj
+o7XnNXe5lHBL5JqBIoESDchSAooQhBlQSjLSL2lg//igk0puv08wMK7UtajkV7U
35WDa6ks6jfoSeuVibfdobkTgfw5edirOBE2Q0U2KtGsnyAzsM6tRbtgI1Yhg7eX
nSIc4IYgq2hNLBKsegeiz1w4M6O4CQDVYFWKHyKpdrvj/fG7YZMr6YtTkuC+QPDK
mmQIEL/lj8E26MnPLKtnTFc06LQry2V3pLWNf4mMLPNLEupEXwKCAQEA2vyg8Npn
EZRunIr51rYScC6U6iryDjJWCwJxwr8vGU+bkqUOHTl3EqZOi5tDeYJJ+WSBqjfW
IWrPRFZzTITlAslZ02DQ5enS9PwgUUjl7LUEbHHh+fSNIgkVfDhsuNKFzcEaIM1X
Dl4lI2T8jEzmBep+k8f6gNmgKBgqlCf7XraorIM5diLFzy2G10zdOQTw5hW3TsVY
d968YpfC5j57/hCrf36ahIT7o1vxLD+L27Mm9Eiib45woWjaAR1Nc9kUjqY4yV7t
3QOw/Id9+/Sx5tZftOBvHlFyz23e1yaI3VxsiLDO9RxJwAKyA+KOvAybE2VU28hI
s5tAYOMV6BpEdwKCAQBqRIQyySERi/YOvkmGdC4KzhHJA7DkBXA2vRcLOdKQVjHW
ZPIeg728fmEQ90856QrkP4w3mueYKT1PEL7HDojoBsNBr5n5vRgmPtCtulpdqJOA
2YrdGwRxcDMFCRNgoECA7/R0enU1HhgPfiZuTUha0R6bXxcsPfjKnTn8EhAtZg1j
KhY8mi7BEjq+Q2l1RJ9mci2fUE/XIgTtwTCkrykc/jkkLICBvU234fyC6tJftIWJ
avpSzAL5KAXk9b55n25rFbPDDHEl1VSPsLTs8+GdfDKcgXz9gTouIwCBWreizwVS
bUW5LQIu7w0aGhHN9JlmtuK5glKsikmW9vVhbOH/AoIBAE//O7fgwQguBh5Psqca
CjBLBAFrQNOo1b/d27r95nHDoBx5CWfppzL75/Od+4825lkhuzB4h1Pb1e2r+yC3
54UWEydh1c43leYC+LdY/w1yrzQCgj+yc6A8W0nuvuDhnxmj8iyLdsL752s/p/aE
3P7KRAUuZ7eMSLJ86YkH9g8KgSHMKkCawVJG2lxqauI6iNo0kqtG8mOPzZfiwsMj
jl4ors27bSz9+4MYwkicyjWvA4r3wcco7MI6MHF5x+KLKbRWyqXddN1pTM1jncVe
BWNDauEDn/QeYuedxmsoW5Up/0gL9v6Zn+Nx2KAMsoHFxRzXxqEnUE+0Zlc+fbE1
b08CggEBAMiZmWtRmfueu9NMh6mgs+cmMA1ZHmbnIbtFpVjc37lrKUcjLzGF3tmp
zQl2wy8IcHpNv8F9aKhwAInxD49RUjyqvRD6Pru+EWN6gOPJIUVuZ6mvaf7BOxbn
Rve63hN5k4znQ1MOqGRiUkBxYSJ5wnFyQP0/8Y6+JM5uAuRUcKVNyoGURpfMrmB3
r+KHWltM9/5iIfiDNhwStFiuOJj1YBJVzrcAn8Zh5Q0+s1hXoOUs4doLcaPHTCTU
3hyX78yROMcZto0pVzxgQrYz31yQ5ocy9WcOYbPbQ5gdlnBEv8d7umNY1siz2wkI
NaEkKVO0D0jFtk37s/YqJpCsXg/B7yc=
-----END PRIVATE KEY-----

View File

@ -104,5 +104,6 @@ in
malcontent = callInstalledTest ./malcontent.nix {};
ostree = callInstalledTest ./ostree.nix {};
pipewire = callInstalledTest ./pipewire.nix {};
power-profiles-daemon = callInstalledTest ./power-profiles-daemon.nix {};
xdg-desktop-portal = callInstalledTest ./xdg-desktop-portal.nix {};
}

View File

@ -0,0 +1,9 @@
{ pkgs, lib, makeInstalledTest, ... }:
makeInstalledTest {
tested = pkgs.power-profiles-daemon;
testConfig = {
services.power-profiles-daemon.enable = true;
};
}

View File

@ -5,9 +5,9 @@ let
in
{
sublime4 = common {
buildVersion = "4113";
x64sha256 = "13679mnmigy1sgj355zs4si6gnx42rgjl4rn5d6gqgj5qq7zj3lh";
aarch64sha256 = "0hg6g3cichma1x82963m7xwazmpdvv5zmz8rpwxs337zq7j3dmb3";
buildVersion = "4121";
x64sha256 = "CE/PeUV8Mg1Z2h8OWMhaemOVa95B1k2wHsht8lVPxeY=";
aarch64sha256 = "eveEW0Aq6pim0lnQ6BfISRaBgogeofgLmOVylSVojwg=";
} {};
sublime4-dev = common {

View File

@ -16,13 +16,13 @@
mkDerivation rec {
pname = "qimgv";
version = "1.0.1";
version = "1.0.2";
src = fetchFromGitHub {
owner = "easymodo";
repo = pname;
rev = "v${version}";
sha256 = "1wybpmqvj7vj7cl6r4gif7mkrcdr6zpb939mmz46xsil5vb4pirh";
sha256 = "sha256-YlV/ysm7bdPverpKpanrL+jPVvMtP1paoAm0PREMaww=";
};
nativeBuildInputs = [

View File

@ -1,9 +1,9 @@
{ lib, stdenv
, fetchurl
{ stdenv
, lib
, fetchFromGitLab
, meson
, ninja
, pkg-config
, gnome
, desktop-file-utils
, gettext
, itstool
@ -17,17 +17,21 @@
, json-glib
, gnome-autoar
, gspell
, libcanberra }:
, libcanberra
, nix-update-script
}:
let
stdenv.mkDerivation rec {
pname = "gnome-recipes";
version = "2.0.2";
in stdenv.mkDerivation rec {
name = "${pname}-${version}";
version = "2.0.4";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "1yymii3yf823d9x28fbhqdqm1wa30s40j94x0am9fjj0nzyd5s8v";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "GNOME";
repo = "recipes";
rev = version;
fetchSubmodules = true;
sha256 = "GyFOwEYmipQdFLtTXn7+NvhDTzxBlOAghr3cZT4QpQw=";
};
nativeBuildInputs = [
@ -53,10 +57,6 @@ in stdenv.mkDerivation rec {
libcanberra
];
# https://github.com/NixOS/nixpkgs/issues/36468
# https://gitlab.gnome.org/GNOME/recipes/issues/76
NIX_CFLAGS_COMPILE = "-I${glib.dev}/include/gio-unix-2.0";
postPatch = ''
chmod +x src/list_to_c.py
patchShebangs src/list_to_c.py
@ -64,8 +64,8 @@ in stdenv.mkDerivation rec {
'';
passthru = {
updateScript = gnome.updateScript {
packageName = pname;
updateScript = nix-update-script {
attrPath = pname;
};
};
@ -73,7 +73,7 @@ in stdenv.mkDerivation rec {
description = "Recipe management application for GNOME";
homepage = "https://wiki.gnome.org/Apps/Recipes";
maintainers = teams.gnome.members;
license = licenses.gpl3;
license = licenses.gpl3Plus;
platforms = platforms.unix;
};
}

View File

@ -2,26 +2,14 @@
, stdenv
, mkDerivation
, fetchurl
, ffmpeg_3
, freetype
, gdal_2
, glib
, libGL
, libGLU
, libICE
, libSM
, libXi
, libXv
, libav_12
, libXrender
, libXrandr
, libXfixes
, libXcursor
, libXinerama
, libXext
, libX11
, libXcomposite
, libxcb
, sqlite
@ -34,11 +22,8 @@
, dbus
, makeWrapper
, qtlocation
, qtwebkit
, qtx11extras
, qtsensors
, qtscript
, cups
, alsa-lib
, xkeyboardconfig
, autoPatchelfHook
@ -50,49 +35,34 @@ let
in
mkDerivation rec {
pname = "googleearth-pro";
version = "7.3.3.7786";
version = "7.3.4.8248";
src = fetchurl {
url = "https://dl.google.com/linux/earth/deb/pool/main/g/google-earth-pro-stable/google-earth-pro-stable_${version}-r0_${arch}.deb";
sha256 = "1s3cakwrgf702g33rh8qs657d8bl68wgg8k89rksgvswwpd2zbb3";
sha256 = "1pbapi267snlrjari5k93y6kbrjsqhqxgkxxqaqv4r25az00dx6d";
};
nativeBuildInputs = [ dpkg makeWrapper autoPatchelfHook ];
propagatedBuildInputs = [ xkeyboardconfig ];
buildInputs = [
dbus
ffmpeg_3
cups
fontconfig
freetype
gdal_2
glib
gst_all_1.gst-plugins-base
gst_all_1.gstreamer
libGL
libGLU
libICE
libSM
libX11
libXcomposite
libXcursor
libXext
libXfixes
libXi
libXinerama
libXrandr
libXrender
libXv
libav_12
libproxy
libxcb
libxml2
qtlocation
qtscript
qtsensors
qtwebkit
qtx11extras
sqlite
zlib
alsa-lib
];
doInstallCheck = true;
@ -131,17 +101,6 @@ mkDerivation rec {
runHook postInstall
'';
postInstall = ''
find "$out/opt/google/earth/pro" -name "*.so.*" | \
egrep -v 'libssl*|libcrypto*|libicu*' | \
xargs rm
find "$out/opt/google/earth/pro" -name "*.so" | \
egrep -v 'libgoogle*|libauth*|libbase*|libcommon*|libcommon_gui*|libcommon_platform*|libcommon_webbrowser*|libcomponentframework*|libgeobase*|libgeobaseutils*|libge_net*|libgdata*|libgoogleapi*|libmath*|libmoduleframework*|libmaps*|libport*|libprintmodule*|libprofile*|librender*|libreporting*|libsgutil*|libspatial*|libxsltransform*|libbase*|libport*|libport*|libbase*|libcomponentframework*|libIGCore*|libIGUtils*|libaction*|libapiloader*|libapiloader*|libIGCore*|libIGUtils*|libIGMath*|libfusioncommon*|libge_exif*|libaction*|libfusioncommon*|libapiloader*|liblayer*|libapiloader*|libIGAttrs*|libIGCore*|libIGGfx*|libIGMath*|libIGSg*|libIGUtils*|libwmsbase*|libwebbrowser*|libevllpro*|libalchemyext*|libge_cache*|libflightsim*|libnpgeinprocessplugin*|libmeasure*|libviewsync*|libcapture*|libtheme*|libgps*|libgisingest*|libsearchmodule*|libinput_plugin*|libnavigate*|libspnav*|libsearch*|libLeap*' | \
xargs rm
'';
autoPatchelfIgnoreMissingDeps=true;
installCheckPhase = ''
$out/bin/gpsbabel -V > /dev/null
'';
@ -159,5 +118,6 @@ mkDerivation rec {
license = licenses.unfree;
maintainers = with maintainers; [ friedelino shamilton ];
platforms = platforms.linux;
knownVulnerabilities = [ "Includes vulnerable bundled libraries." ];
};
}

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "ssh-tools";
version = "1.6";
version = "1.7";
src = fetchFromGitHub {
owner = "vaporup";
repo = pname;
rev = "v${version}";
sha256 = "0m0x9383p9ab4hdirncmrfha130iasa0v4cbif2y5nbxnxgh101r";
sha256 = "sha256-PDoljR/e/qraPhG9RRjHx1gBIMtTJ815TZDJws8Qg6o=";
};
installPhase = ''

View File

@ -2,7 +2,7 @@
(callPackage ./generic.nix { }) {
channel = "stable";
version = "2.11.0";
sha256 = "172in8vmr7c5sff111rrd5127lz2pv7bbh7p399xafnk8ri0fx2i";
version = "2.11.1";
sha256 = "09zwxcaqn537ls737js7rcsqarapw5k25gv41d844k73yvxm882c";
vendorSha256 = "sha256-c3EyVrblqtFuoP7+YdbyPN0DdN6TcQ5DTtFQ/frKM0Q=";
}

View File

@ -18,13 +18,13 @@ let
in stdenv.mkDerivation rec {
pname = "freerdp";
version = "2.4.0";
version = "2.4.1";
src = fetchFromGitHub {
owner = "FreeRDP";
repo = "FreeRDP";
rev = version;
sha256 = "sha256-o+9twuyH9keWJriCSNkR63+xZuuOmPjoWg+Jp616CsQ=";
sha256 = "sha256-0wwIuE6Gv8khhLAbWSHOBfHGrTUjR4f/C5bzYJpvWIQ=";
};
postPatch = ''

View File

@ -3,25 +3,25 @@
{
"kicad" = {
kicadVersion = {
version = "5.1.10";
version = "5.1.11";
src = {
rev = "88a1d61d58fdd62149bd1e00984e01540148ca1b";
sha256 = "10ix560bqy0lprnik1bprxw9ix4g8w2ipvyikx551ak9ryvgwjcc";
rev = "d6b7f2349bcdbc45b223e7fe0460d9f169343209";
sha256 = "03658kfd313lnvr4jihq1i72g2dfbzba8j1z2y4fxg3vrs54y7a0";
};
};
libVersion = {
version = "5.1.10";
version = "5.1.11";
libSources = {
i18n.rev = "f081afe79be4660d5c49a9d674e3cb666d76d4d0";
i18n.rev = "0b8cef6bd08818cc0360f240544733dce509da3f";
i18n.sha256 = "0y51l0r62cnxkvpc21732p3cx7pjvaqjih8193502hlv9kv1j9p6";
symbols.rev = "6dec5004b6a2679c19d4857bda2f90c5ab3a5726";
symbols.sha256 = "0n25rq32jwyigfw26faqraillwv6zbi2ywy26dkz5zqlf5xp56ad";
templates.rev = "1ccbaf3704e8ff4030d0915f71e051af621ef7d7";
templates.sha256 = "1a8xfcbdbb4ylrb5m7n2jjk9kwvgmlx1pmnn2cwj327a2b3m4jjs";
footprints.rev = "302ac78bac21825532f970fb92714fa5973ad79b";
footprints.sha256 = "0gyqxryda273hjn2rv8dha461j9bjh054y5dlpiw1wiha65lrf9i";
packages3d.rev = "7abe02f30fd79b8f4f66c01589861df7f8f72f04";
packages3d.sha256 = "1szcin52fcsyb55bj7xq7lz6ig187dpz3lk7blwab7b9c4dn3c3y";
symbols.rev = "7d4cbbddceafa1f69858449e16ac7229abef3c9a";
symbols.sha256 = "1zdajim409570xzis53kmrbdcf7000v2vmc90f49h214lrx2zhr2";
templates.rev = "f4c74f4130c8432399089c8b2dc21319b769bbe9";
templates.sha256 = "1fbhn1l3j2rwc29aida9b408wif55i23bp9ddcs7dvf83smjm05g";
footprints.rev = "e53d53ac4a30959b03ed3297d7659ea82244fb45";
footprints.sha256 = "0qpii55dgv2gxqg1qq0dngdnbb9din790qi5qv0l6qqrzx843h5s";
packages3d.rev = "be0ba9377b4ec0f11a4b9aceda150eed93027f72";
packages3d.sha256 = "12w7m5nbk9kcnlnlg4sk1sd7xgb9i2kxfi0jcbd0phs89qyl7wjr";
};
};
};

View File

@ -1,5 +1,4 @@
{ stdenv, lib, runCommand, patchelf, makeWrapper, pkg-config, curl
, fetchpatch
, openssl, gmp, zlib, fetchFromGitHub, rustPlatform, libiconv }:
let
@ -8,16 +7,16 @@ in
rustPlatform.buildRustPackage rec {
pname = "elan";
version = "1.1.0";
version = "1.2.0";
src = fetchFromGitHub {
owner = "leanprover";
repo = "elan";
rev = "v${version}";
sha256 = "0xmml81krr0i18b14dymfdq43szpzws7qj8k404qab51lkqxyxsb";
sha256 = "0q3gay0j45c6cmykbis14gmc7xm89d0gqyz7lnysl0pgr5k20j6b";
};
cargoSha256 = "sha256-xjJ39hoSDn0VUH0YcL+mQBXbzFcIvZ38dPjBxV/yVNc=";
cargoSha256 = "1cklpi40fbiwz8m9p0cknmslpj0vwpr0x8j02vam6sng9dsb50i9";
nativeBuildInputs = [ pkg-config makeWrapper ];
@ -41,11 +40,6 @@ rustPlatform.buildRustPackage rec {
--subst-var dynamicLinker \
--subst-var libPath
'')
# fix build, will be included in 1.1.1
(fetchpatch {
url = "https://github.com/leanprover/elan/commit/8d1dec09d67b2ac1768b111d24f1a1cabdd563fa.patch";
sha256 = "sha256-yMdnXqycu4VF9EKavZ85EuspvAqvzDSIm5894SB+3+A=";
})
];
postInstall = ''

View File

@ -4,13 +4,13 @@
stdenv.mkDerivation rec {
pname = "git-repo";
version = "2.17.2";
version = "2.17.3";
src = fetchFromGitHub {
owner = "android";
repo = "tools_repo";
rev = "v${version}";
sha256 = "sha256-JfT0jW6aUZAYESQI0tFfnITFv20Jk7DWbvz8Ipt4t1Y=";
sha256 = "sha256-ez+Egl9vvfEZbeIEx7hHmH2Lhyvl93UHRkvkHaG46RQ=";
};
# Fix 'NameError: name 'ssl' is not defined'

View File

@ -4,8 +4,8 @@ let
common = opts: callPackage (import ./common.nix opts);
in {
sublime-merge = common {
buildVersion = "2056";
sha256 = "08472214kazx9fdw7y8gy0bp63mqxcpa79myn2w95wdp0mrlr119";
buildVersion = "2063";
sha256 = "l6vxcOIQ3kQqNzLkf3PbuU3DpDfLh0tXCl/LnJsCt2k=";
} {};
sublime-merge-dev = common {

View File

@ -0,0 +1,125 @@
{ lib
, stdenv
, fetchFromGitLab
, cmake
, libxml2
, meson
, ninja
, perl
, python3
, pkgconf
, wrapGAppsHook
, at-spi2-core
, dbus
, elfutils
, epoxy
, gexiv2
, glib
, gobject-introspection
, gst-plugins-base
, gstreamer
, gtk3
, lcms2
, libdatrie
, libgphoto2
, libgudev
, libpeas
, libraw
, libselinux
, libsepol
, libthai
, libunwind
, libxkbcommon
, orc
, pcre
, udev
, util-linux
, xorg
}:
stdenv.mkDerivation rec {
pname = "entangle";
version = "3.0";
src = fetchFromGitLab {
owner = "entangle";
repo = "entangle";
rev = "v${version}";
sha256 = "hz2WSDOjriQSavFlDT+35x1X5MeInq80ZrSP1WR/td0=";
};
nativeBuildInputs = [
cmake
glib.dev
libxml2.bin # for xmllint
meson
ninja
perl # for pod2man and build scripts
python3 # for build scripts
pkgconf
wrapGAppsHook
];
buildInputs = [
at-spi2-core
dbus
epoxy
elfutils
gexiv2
glib
gobject-introspection
gst-plugins-base
gstreamer
gtk3
lcms2
libdatrie
libgphoto2
libgudev
libpeas
libraw
libselinux
libsepol
libthai
libunwind
libxkbcommon
orc
pcre
udev
util-linux
] ++ (with xorg; [
libXdmcp
libXtst
]);
dontUseCmakeConfigure = true;
# Disable building of doc/reference since it requires network connection to render XML to HTML
# Patch build script shebangs
postPatch = ''
sed -i "/subdir('reference')/d" "docs/meson.build"
patchShebangs --build build-aux meson_post_install.py
sed -i meson_post_install.py \
-e "/print('Update icon cache...')/d" \
-e "/gtk-update-icon-cache/d"
'';
postInstall = ''
substituteInPlace "$out/share/applications/org.entangle_photo.Manager.desktop" \
--replace "Exec=entangle" "Exec=$out/bin/entangle"
'';
meta = with lib; {
description = "Tethered camera control and capture";
longDescription = ''
Entangle uses GTK and libgphoto2 to provide a graphical interface
for tethered photography with digital cameras.
It includes control over camera shooting and configuration settings
and 'hands off' shooting directly from the controlling computer.
This app can also serve as a camera app for mobile devices.
'';
homepage = "https://gitlab.com/entangle/entangle";
license = licenses.gpl3Plus;
platforms = platforms.all;
maintainers = with maintainers; [ ShamrockLee ];
};
}

View File

@ -8,16 +8,16 @@
rustPlatform.buildRustPackage rec {
pname = "sub-batch";
version = "0.4.0";
version = "0.4.1";
src = fetchFromGitHub {
owner = "kl";
repo = pname;
rev = "v${version}";
sha256 = "sha256-5fDnSmnnVB1RGrNrnmp40OGFF+OAhppnhOjVgnYxXr0=";
sha256 = "sha256-WUW+lOGbZ82NJxmW+Ogxslf3COOp62aZ/08Yn26l4T0=";
};
cargoSha256 = "sha256-+ufa4Cgue8o9CTB3JDcQ38SlUq8PcRDyj+qNSAFpTas=";
cargoSha256 = "sha256-m9nBubmuuOcJyegmYGJizY/2b7oamBHKFNIaxOtikcA=";
nativeBuildInputs = [ makeWrapper ];

View File

@ -92,6 +92,11 @@ stdenv.mkDerivation rec {
sha256 = "09xz06g57wxbacic617pq9c0qb7nly42gif0raplldn5lw964xl2";
revert = true;
})
(fetchpatch {
name = "CVE-2021-3713.patch"; # remove with next release
url = "https://gitlab.com/qemu-project/qemu/-/commit/13b250b12ad3c59114a6a17d59caf073ce45b33a.patch";
sha256 = "0lkzfc7gdlvj4rz9wk07fskidaqysmx8911g914ds1jnczgk71mf";
})
] ++ lib.optional nixosTestRunner ./force-uid0-on-9p.patch
++ lib.optionals stdenv.hostPlatform.isMusl [
(fetchpatch {

View File

@ -23,14 +23,14 @@ let
buildType = "release";
# Use maintainers/scripts/update.nix to update the version and all related hashes or
# change the hashes in extpack.nix and guest-additions/default.nix as well manually.
version = "6.1.26";
version = "6.1.28";
in stdenv.mkDerivation {
pname = "virtualbox";
inherit version;
src = fetchurl {
url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2";
sha256 = "0212602eea878d6c9fd7f4a3e0182da3e4505f31d25f5539fb8f7b1fbe366195";
sha256 = "8d34993d8e9c0cf35e7bd44dd26c8c757f17a3b7d5a64052f945d00fd798ebfe";
};
outputs = [ "out" "modsrc" ];
@ -94,9 +94,6 @@ in stdenv.mkDerivation {
})
++ [
./qtx11extras.patch
# Temporary workaround for broken build
# https://www.virtualbox.org/pipermail/vbox-dev/2021-July/015670.html
./fix-configure-pkgconfig-qt.patch
# https://github.com/NixOS/nixpkgs/issues/123851
./fix-audio-driver-loading.patch
];
@ -202,11 +199,6 @@ in stdenv.mkDerivation {
done
''}
# https://github.com/NixOS/nixpkgs/issues/137104
${optionalString (enableHardening || headless) ''
rm $libexec/components/VBoxREM.so
''}
cp -rv out/linux.*/${buildType}/bin/src "$modsrc"
'';

View File

@ -12,7 +12,7 @@ fetchurl rec {
# Manually sha256sum the extensionPack file, must be hex!
# Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`.
# Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS
let value = "aaa1a1f8615d5bd2e08b158ce6f415262fbb595e169e2d415c5b1844ac258eee";
let value = "85d7858a95d802c41cb86e1b573dc501d782e5d040937e0d8505a37c29509774";
in assert (builtins.stringLength value) == 64; value;
meta = {

View File

@ -27,7 +27,7 @@ in stdenv.mkDerivation rec {
src = fetchurl {
url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso";
sha256 = "22d02ec417cd7723d7269dbdaa71c48815f580c0ca7a0606c42bd623f84873d7";
sha256 = "eab85206cfb9d7087982deb2635d19a4244a3c6783622a4817fb1a31e48e98e5";
};
KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";

View File

@ -1,8 +1,8 @@
diff --git a/include/iprt/mangling.h b/include/iprt/mangling.h
index c1daa8f..8618371 100644
index 25b918d1..1420ff1d 100644
--- a/include/iprt/mangling.h
+++ b/include/iprt/mangling.h
@@ -1440,6 +1440,7 @@
@@ -1695,6 +1695,7 @@
# define RTPathStripSuffix RT_MANGLER(RTPathStripSuffix)
# define RTPathStripFilename RT_MANGLER(RTPathStripFilename)
# define RTPathStripTrailingSlash RT_MANGLER(RTPathStripTrailingSlash)
@ -10,7 +10,7 @@ index c1daa8f..8618371 100644
# define RTPathTemp RT_MANGLER(RTPathTemp)
# define RTPathTraverseList RT_MANGLER(RTPathTraverseList)
# define RTPathUnlink RT_MANGLER(RTPathUnlink)
@@ -1478,6 +1479,7 @@
@@ -1734,6 +1735,7 @@
# define RTProcGetAffinityMask RT_MANGLER(RTProcGetAffinityMask)
# define RTProcGetExecutablePath RT_MANGLER(RTProcGetExecutablePath)
# define RTProcGetPriority RT_MANGLER(RTProcGetPriority)
@ -19,13 +19,14 @@ index c1daa8f..8618371 100644
# define RTProcQueryParent RT_MANGLER(RTProcQueryParent)
# define RTProcQueryUsername RT_MANGLER(RTProcQueryUsername)
diff --git a/include/iprt/path.h b/include/iprt/path.h
index 8bd42bc..2c23d3e 100644
index 99060e35..ccfbeb76 100644
--- a/include/iprt/path.h
+++ b/include/iprt/path.h
@@ -1064,6 +1064,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst,
@@ -1221,6 +1221,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, const char *p
*/
RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath);
/**
+/**
+ * Gets the path to the NixOS setuid wrappers directory.
+ *
+ * @returns iprt status code.
@ -34,18 +35,18 @@ index 8bd42bc..2c23d3e 100644
+ */
+RTDECL(int) RTPathSuidDir(char *pszPath, size_t cchPath);
+
+/**
/**
* Gets the user home directory.
*
* @returns iprt status code.
diff --git a/include/iprt/process.h b/include/iprt/process.h
index 043653e..1070280 100644
index f4f67dd4..ab882a19 100644
--- a/include/iprt/process.h
+++ b/include/iprt/process.h
@@ -327,6 +327,16 @@ RTR3DECL(const char *) RTProcShortName(void);
@@ -352,6 +352,16 @@ RTR3DECL(const char *) RTProcExecutablePath(void);
*/
RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath);
/**
+/**
+ * Gets the path to the NixOS setuid wrappers directory.
+ *
+ * @returns pszExecPath on success. NULL on buffer overflow or other errors.
@ -55,15 +56,14 @@ index 043653e..1070280 100644
+ */
+RTR3DECL(char *) RTProcGetSuidPath(char *pszExecPath, size_t cbExecPath);
+
+/**
/**
* Daemonize the current process, making it a background process.
*
* The way this work is that it will spawn a detached / backgrounded /
diff --git a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
index ce0f288..6193108 100644
index 75ff8572..18a077b7 100644
--- a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
+++ b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
@@ -1502,9 +1502,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
@@ -1531,9 +1531,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
bool fBad = !fRelaxed || pFsObjState->Stat.st_gid != 2 /*bin*/ || suplibHardenedStrCmp(pszPath, "/usr/lib/iconv");
# else
NOREF(fRelaxed);
@ -75,20 +75,46 @@ index ce0f288..6193108 100644
return supR3HardenedSetError3(VERR_SUPLIB_WRITE_NON_SYS_GROUP, pErrInfo,
"An unknown (and thus untrusted) group has write access to '", pszPath,
"' and we therefore cannot trust the directory content or that of any subdirectory");
diff --git a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
index 2991d3a7..d042a08b 100644
--- a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
+++ b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
@@ -90,7 +90,7 @@ int MachineLaunchVMCommonWorker(const Utf8Str &aNameOrId,
/* Get the path to the executable directory w/ trailing slash: */
char szPath[RTPATH_MAX];
- int vrc = RTPathAppPrivateArch(szPath, sizeof(szPath));
+ int vrc = RTStrCopy(szPath, sizeof(szPath) - 1, "/run/wrappers/bin");
AssertRCReturn(vrc, vrc);
size_t cbBufLeft = RTPathEnsureTrailingSeparator(szPath, sizeof(szPath));
AssertReturn(cbBufLeft > 0, VERR_FILENAME_TOO_LONG);
diff --git a/src/VBox/Main/src-server/NetworkServiceRunner.cpp b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
index 2e57690a..3272c840 100644
--- a/src/VBox/Main/src-server/NetworkServiceRunner.cpp
+++ b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
@@ -188,7 +188,7 @@ int NetworkServiceRunner::start(bool aKillProcessOnStop)
* ASSUME it is relative to the directory that holds VBoxSVC.
*/
char szExePath[RTPATH_MAX];
- AssertReturn(RTProcGetExecutablePath(szExePath, RTPATH_MAX), VERR_FILENAME_TOO_LONG);
+ AssertReturn(RTProcGetSuidPath(szExePath, RTPATH_MAX), VERR_FILENAME_TOO_LONG);
RTPathStripFilename(szExePath);
int vrc = RTPathAppend(szExePath, sizeof(szExePath), m->pszProcName);
AssertLogRelRCReturn(vrc, vrc);
diff --git a/src/VBox/Main/src-server/generic/NetIf-generic.cpp b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
index 98dc91a..43a819f 100644
index af155966..3b8e793d 100644
--- a/src/VBox/Main/src-server/generic/NetIf-generic.cpp
+++ b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
@@ -47,7 +47,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char
@@ -48,7 +48,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char
const char *args[] = { NULL, pcszIfName, pszAddr, pszOption, pszMask, NULL };
char szAdpCtl[RTPATH_MAX];
- int rc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
+ int rc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
if (RT_FAILURE(rc))
{
LogRel(("NetIfAdpCtl: failed to get program path, rc=%Rrc.\n", rc));
@@ -89,7 +89,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch
@@ -95,7 +95,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch
int NetIfAdpCtlOut(const char * pcszName, const char * pcszCmd, char *pszBuffer, size_t cBufSize)
{
char szAdpCtl[RTPATH_MAX];
@ -97,23 +123,23 @@ index 98dc91a..43a819f 100644
if (RT_FAILURE(rc))
{
LogRel(("NetIfAdpCtlOut: Failed to get program path, rc=%Rrc\n", rc));
@@ -201,7 +201,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox,
@@ -210,7 +210,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox,
progress.queryInterfaceTo(aProgress);
char szAdpCtl[RTPATH_MAX];
- int rc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " add"));
+ int rc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " add"));
if (RT_FAILURE(rc))
- vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " add"));
+ vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " add"));
if (RT_FAILURE(vrc))
{
progress->i_notifyComplete(E_FAIL,
diff --git a/src/VBox/Runtime/r3/path.cpp b/src/VBox/Runtime/r3/path.cpp
index 944848e..744a261 100644
index 4b1a0ada..7f6dd707 100644
--- a/src/VBox/Runtime/r3/path.cpp
+++ b/src/VBox/Runtime/r3/path.cpp
@@ -81,6 +81,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath)
}
+RTDECL(int) RTPathSuidDir(char *pszPath, size_t cchPath)
+{
+ return RTStrCopy(pszPath, cchPath, "/run/wrappers/bin");
@ -124,13 +150,13 @@ index 944848e..744a261 100644
{
#if !defined(RT_OS_WINDOWS) && defined(RTPATH_APP_PRIVATE)
diff --git a/src/VBox/Runtime/r3/process.cpp b/src/VBox/Runtime/r3/process.cpp
index 2aab645..9795f21 100644
index 5f7c7a87..59461cfa 100644
--- a/src/VBox/Runtime/r3/process.cpp
+++ b/src/VBox/Runtime/r3/process.cpp
@@ -111,6 +111,26 @@ RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath)
return NULL;
@@ -117,6 +117,25 @@ RTR3DECL(const char *) RTProcExecutablePath(void)
return g_szrtProcExePath;
}
+/*
+ * Note the / at the end! This is important, because the functions using this
+ * will cut off everything after the rightmost / as this function is analogous
@ -150,33 +176,6 @@ index 2aab645..9795f21 100644
+ AssertMsgFailed(("Buffer too small (%zu <= %zu)\n", cbExecPath, sizeof(SUIDDIR)));
+ return NULL;
+}
+
RTR3DECL(const char *) RTProcShortName(void)
{
diff --git a/src/VBox/Main/src-server/NetworkServiceRunner.cpp b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
index 2e57690..3272c84 100644
--- a/src/VBox/Main/src-server/NetworkServiceRunner.cpp
+++ b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
@@ -188,7 +188,7 @@ int NetworkServiceRunner::start(bool aKillProcessOnStop)
* ASSUME it is relative to the directory that holds VBoxSVC.
*/
char szExePath[RTPATH_MAX];
- AssertReturn(RTProcGetExecutablePath(szExePath, RTPATH_MAX), VERR_FILENAME_TOO_LONG);
+ AssertReturn(RTProcGetSuidPath(szExePath, RTPATH_MAX), VERR_FILENAME_TOO_LONG);
RTPathStripFilename(szExePath);
int vrc = RTPathAppend(szExePath, sizeof(szExePath), m->pszProcName);
AssertLogRelRCReturn(vrc, vrc);
diff --git a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
index 2991d3a7..d042a08b 100644
--- a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
+++ b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
@@ -90,7 +90,7 @@ int MachineLaunchVMCommonWorker(const Utf8Str &aNameOrId,
/* Get the path to the executable directory w/ trailing slash: */
char szPath[RTPATH_MAX];
- int vrc = RTPathAppPrivateArch(szPath, sizeof(szPath));
+ int vrc = RTStrCopy(szPath, sizeof(szPath) - 1, "/run/wrappers/bin");
AssertRCReturn(vrc, vrc);
size_t cbBufLeft = RTPathEnsureTrailingSeparator(szPath, sizeof(szPath));
AssertReturn(cbBufLeft > 0, VERR_FILENAME_TOO_LONG);

View File

@ -7,11 +7,11 @@
stdenv.mkDerivation rec {
pname = "i3";
version = "4.19.2";
version = "4.20";
src = fetchurl {
url = "https://i3wm.org/downloads/${pname}-${version}.tar.xz";
sha256 = "sha256-im7hd2idzyKWTSC2CTAU7k+gQZNF0/1RXVUS2ZgLsnk=";
sha256 = "sha256-jPTxdPbPVU84VjOAaBq+JYaOmVWIN5HgmG7NicU6wyI=";
};
nativeBuildInputs = [

View File

@ -1,26 +1,27 @@
{ lib, fetchurl, libarchive }:
let
version = "0.32.9";
version = "0.34.7";
in fetchurl {
name = "sarasa-gothic-${version}";
url = "https://github.com/be5invis/Sarasa-Gothic/releases/download/v${version}/sarasa-gothic-ttc-${version}.7z";
sha256 = "0mwaj9dq26f36ddywjm7m0is1jml2kpmqm46b16c8avvr97c65z5";
url = "https://github.com/be5invis/Sarasa-Gothic/releases/download/v${version}/sarasa-gothic-ttf-${version}.7z";
sha256 = "094sl6gklrdv9pk4r6451dvz0fjyjmwys7i81qrz4ik1km5dfq9b";
recursiveHash = true;
downloadToTemp = true;
postFetch = ''
mkdir -p $out/share/fonts
${libarchive}/bin/bsdtar -xf $downloadedFile -C $out/share/fonts
mkdir -p $out/share/fonts/truetype
${libarchive}/bin/bsdtar -xf $downloadedFile -C $out/share/fonts/truetype
'';
meta = with lib; {
description = "SARASA GOTHIC is a Chinese & Japanese programming font based on Iosevka and Source Han Sans";
description = "A CJK programming font based on Iosevka and Source Han Sans";
homepage = "https://github.com/be5invis/Sarasa-Gothic";
license = licenses.ofl;
maintainers = [ maintainers.ChengCat ];
hydraPlatforms = [ ]; # disabled from hydra because it's so big
platforms = platforms.all;
};
}

View File

@ -2,7 +2,7 @@
let
pname = "source-han-code-jp";
version = "2.011R";
version = "2.012R";
in fetchzip {
name = "${pname}-${version}";
@ -13,7 +13,7 @@ in fetchzip {
unzip -j $downloadedFile \*.otf -d $out/share/fonts/opentype
'';
sha256 = "184vrjkymcm29k1cx00cdvjchzqr1w17925lmh85f0frx7vwljcd";
sha256 = "16y5as1k864ghy3vzp8svr3q0sw57rv53za3f48700ksvxz5pwry";
meta = {
description = "A monospaced Latin font suitable for coding";

View File

@ -1,14 +1,10 @@
{ lib, fetchFromGitHub }:
{ lib, fetchzip }:
let
pname = "victor-mono";
version = "1.4.1";
in fetchFromGitHub rec {
name = "${pname}-${version}";
owner = "rubjo";
repo = pname;
rev = "v${version}";
version = "1.5.0";
in
fetchzip {
name = "victor-mono-${version}";
# Upstream prefers we download from the website,
# but we really insist on a more versioned resource.
@ -17,23 +13,21 @@ in fetchFromGitHub rec {
# so we extract it from the tagged release.
# Both methods produce the same file, but this way
# we can safely reason about what version it is.
url = "https://github.com/rubjo/victor-mono/raw/v${version}/public/VictorMonoAll.zip";
postFetch = ''
tar xvf $downloadedFile --strip-components=2 ${pname}-${version}/public/VictorMonoAll.zip
mkdir -p $out/share/fonts/{true,open}type/${pname}
unzip -j VictorMonoAll.zip \*.ttf -d $out/share/fonts/truetype/${pname}
unzip -j VictorMonoAll.zip \*.otf -d $out/share/fonts/opentype/${pname}
mkdir -p $out/share/fonts/
unzip -j $downloadedFile \*.otf -d $out/share/fonts/opentype
unzip -j $downloadedFile \*.ttf -d $out/share/fonts/truetype
'';
sha256 = "1g3jjrqd2fiw2hdifhff2fn20p5a0xfma3964f67ibdyri976zq5";
sha256 = "1x3dnkq8awn5zniywap78qwp5nxmf14bq8snzsywk70ah0jmbawi";
meta = with lib; {
description = "Free programming font with cursive italics and ligatures";
homepage = "https://rubjo.github.io/victor-mono";
license = with licenses; [ mit ];
license = licenses.ofl;
maintainers = with maintainers; [ jpotier dtzWill ];
platforms = platforms.all;
};
}

View File

@ -29,11 +29,11 @@
stdenv.mkDerivation rec {
pname = "gnome-maps";
version = "41.0";
version = "41.1";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz";
sha256 = "sha256-G0CC22wHDp3LCFJZ6+PIpCG44eiyezKEq2BXULudjJI=";
sha256 = "sha256-XtyUpXlHDO1HztKSxUq6Z8vnBIGOF0BsCQwB1Dlb4a0=";
};
doCheck = true;

View File

@ -22,11 +22,11 @@
stdenv.mkDerivation rec {
pname = "gnome-remote-desktop";
version = "41.0";
version = "41.1";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz";
hash = "sha256-apvIscaHRvSjqsH+dMRKcuJqi7S+HxynMCdwWstlK14=";
hash = "sha256-wOiJsO2BGxGAm777FzOElNj1L/USC+bj/9O65angX98=";
};
nativeBuildInputs = [

View File

@ -27,11 +27,11 @@
stdenv.mkDerivation rec {
pname = "gnome-terminal";
version = "3.42.0";
version = "3.42.1";
src = fetchurl {
url = "mirror://gnome/sources/gnome-terminal/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "tQ6eVmQjDmyikLzziBKltl4LqsZqSG7iEIlM9nX3Lgs=";
sha256 = "wxmxQFUBuMdpPmFvSOztQWldLnhhSMpfnie8fZj0rrE=";
};
nativeBuildInputs = [

View File

@ -34,13 +34,13 @@
stdenv.mkDerivation rec {
pname = "nautilus";
version = "41.0";
version = "41.1";
outputs = [ "out" "dev" ];
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz";
sha256 = "+blBrcEEcAxn6kB2YiMV8fa3fc7BVMN/PUwLKDlQoeU=";
sha256 = "PmMwmIU3EaPpaxL+kiizIBgW5VSygj8WHn2QGoiAWC8=";
};
patches = [

View File

@ -19,14 +19,14 @@
stdenv.mkDerivation rec {
pname = "aisleriot";
version = "3.22.17";
version = "3.22.19";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "GNOME";
repo = pname;
rev = version;
sha256 = "sha256-14z/EdEz1XFDrQZlpoeHW73G187XuZX/uQXp+bAUsmI=";
sha256 = "sha256-YY0/HkafcbbW0xuE9RmjYMHN50lM0o0zugOyTefT0bE=";
};
nativeBuildInputs = [

View File

@ -19,11 +19,11 @@
stdenv.mkDerivation rec {
pname = "gnome-chess";
version = "41.0";
version = "41.1";
src = fetchurl {
url = "mirror://gnome/sources/gnome-chess/${lib.versions.major version}/${pname}-${version}.tar.xz";
sha256 = "8MKVFSLw5YX6aDdipBk9q2ujLtjOiSB/gIJ7VgRVaO8=";
sha256 = "62GYhlljlrQDOj8oo8LjAEtU6+Gzi0DWQiwXufLMF9A=";
};
nativeBuildInputs = [

View File

@ -20,11 +20,11 @@
stdenv.mkDerivation rec {
pname = "tali";
version = "40.3";
version = "40.4";
src = fetchurl {
url = "mirror://gnome/sources/tali/${lib.versions.major version}/${pname}-${version}.tar.xz";
sha256 = "neLxCreZjHprLKYvs3nBgby8HtYqp6gkG8VVHVF4/iE=";
sha256 = "AsrMdvTuQjD2eqAK2hlOnFSPidJ6DnLyANi9U67nGhc=";
};
nativeBuildInputs = [

View File

@ -1,7 +1,6 @@
{ stdenv
, lib
, fetchurl
, fetchpatch
, meson
, ninja
, pkg-config
@ -15,28 +14,15 @@
stdenv.mkDerivation rec {
pname = "gnome-autoar";
version = "0.4.0";
version = "0.4.1";
outputs = [ "out" "dev" ];
src = fetchurl {
url = "mirror://gnome/sources/gnome-autoar/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "6oxtUkurxxKsWeHQ46yL8BN0gtrfM8lP6RE3lKG8RHQ=";
sha256 = "ZGvVDrrZLZHBvokJehU2QVYVdELKwUcd7X7LJ9mpFQ4=";
};
patches = [
# Make compatible with older Meson.
# https://gitlab.gnome.org/GNOME/gnome-autoar/-/merge_requests/26
(fetchpatch {
url = "https://gitlab.gnome.org/GNOME/gnome-autoar/-/commit/2d90da6174c03aad546802234a3d77fa0b714e6b.patch";
sha256 = "CysDpBJmVPm4gOSV2h041MY2yApfAy8+4QC7Jlka1xE=";
})
(fetchpatch {
url = "https://gitlab.gnome.org/GNOME/gnome-autoar/-/commit/ac21bd0c50584a1905a0da65d4bf9a6926ecd483.patch";
sha256 = "aTu6eKFSKjljk0TYkhFjPcD8eJCIk8TR0YhZYO9JE1k=";
})
];
nativeBuildInputs = [
gobject-introspection
meson

View File

@ -14,11 +14,11 @@
stdenv.mkDerivation rec {
pname = "libgnome-games-support";
version = "1.8.1";
version = "1.8.2";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "0gs1k88wwafn5cdyb5yq1cxpi9azachb0ysxgwh15sx77g6plyy3";
sha256 = "KENGBKewOHMawCMXMTiP8QT1ZbsjMMwk54zaBM/T730=";
};
nativeBuildInputs = [

View File

@ -17,11 +17,11 @@
mkXfceDerivation {
category = "apps";
pname = "xfdashboard";
version = "0.9.4";
version = "0.9.5";
rev-prefix = "";
odd-unstable = false;
sha256 = "sha256-ZDrBLSfRBw5/nIs/x1jJQCVgNJer85b8Hm1kkX1Dk3s=";
sha256 = "sha256-nb1zY78MUjEOJF59MYIOY1rxo3JFmzH9yTJVUGsOwOA=";
buildInputs = [
clutter

View File

@ -20,7 +20,7 @@ stdenv.mkDerivation rec {
disallowedReferences = [ stdenv.cc.cc ];
postFixup = ''
remove-references-to -t ${stdenv.cc.cc} "$(readlink -f $out/share/perl6/runtime/dynext/libperl6_ops_moar.so)"
remove-references-to -t ${stdenv.cc.cc} "$(readlink -f $out/share/perl6/runtime/dynext/libperl6_ops_moar${stdenv.hostPlatform.extensions.sharedLibrary})"
'';
meta = with lib; {

View File

@ -18,13 +18,13 @@
stdenv.mkDerivation rec {
pname = "dleyna-renderer";
version = "0.7.1";
version = "0.7.2";
src = fetchFromGitHub {
owner = "phako";
repo = pname;
rev = "v${version}";
sha256 = "EaTE5teMkVDHoJuTLdqcsIL7OyM+tOz85T5D9V3KDoo=";
sha256 = "sha256-bGasT3XCa7QHV3D7z59TSHoqWksNSIgaO0z9zYfHHuw=";
};
nativeBuildInputs = [

View File

@ -16,13 +16,13 @@
stdenv.mkDerivation rec {
pname = "dleyna-server";
version = "0.7.1";
version = "0.7.2";
src = fetchFromGitHub {
owner = "phako";
repo = pname;
rev = "v${version}";
sha256 = "bScgwJGPrCaLrw67WnvSpINgq5Vv9LJ/I0MUP9BeO2E=";
sha256 = "sha256-jlF9Lr/NG+Fsy/bB7aLb7xOLqel8GueJK5luo9rsDME=";
};
nativeBuildInputs = [

View File

@ -9,13 +9,13 @@
stdenv.mkDerivation rec {
pname = "drogon";
version = "1.7.2";
version = "1.7.3";
src = fetchFromGitHub {
owner = "drogonframework";
repo = "drogon";
rev = "v${version}";
sha256 = "0g2fm8xb2gi7qaib6mxvg6k6y4g2d0a2jg4k5qvsjbd0n7j8746j";
sha256 = "0j7bnc6l5hbcf0l7pjzw82i9z1rbh57ni60wpa50q10gwbm4waxn";
fetchSubmodules = true;
};

View File

@ -8,11 +8,11 @@
buildPythonPackage rec {
pname = "aenum";
version = "3.1.0";
version = "3.1.1";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-h/Dp70+ChXirBq8w5NeUQEO/Ts0/S3vRy+N+IXPN6Uo=";
sha256 = "75b96aa148e1335eae6c12015563989a675fcbd0bcbd0ae7ce5786329278929b";
};
checkInputs = [

View File

@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "aiounifi";
version = "28";
version = "29";
disabled = pythonOlder "3.7";
@ -19,7 +19,7 @@ buildPythonPackage rec {
owner = "Kane610";
repo = pname;
rev = "v${version}";
sha256 = "1r86pk80sa1la2s7c6v9svh5cpkci6jcw1xziz0h09jdvv5j5iff";
sha256 = "sha256-A2+jLxKpha7HV1m3uzy00o8tsjwx0Uuwn5x3DO9daTI=";
};
propagatedBuildInputs = [

View File

@ -2,29 +2,32 @@
, buildPythonPackage
, fetchFromGitHub
, stdenv
, darwin
, AudioToolbox
, AudioUnit
, CoreServices
}:
buildPythonPackage rec {
pname = "audiotools";
version = "3.1.1";
buildInputs = lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [
buildInputs = lib.optionals stdenv.isDarwin [
AudioToolbox
AudioUnit
CoreServices
]);
];
src = fetchFromGitHub {
owner = "tuffy";
repo = "python-audio-tools";
rev = "v3.1.1";
rev = "v${version}";
sha256 = "sha256-y+EiK9BktyTWowOiJvOb2YjtbPa7R62Wb5zinkyt1OM=";
};
meta = {
meta = with lib; {
description = "Utilities and Python modules for handling audio";
homepage = "http://audiotools.sourceforge.net/";
license = lib.licenses.gpl2Plus;
license = licenses.gpl2Plus;
maintainers = with maintainers; [ ];
};
}

View File

@ -9,12 +9,12 @@
buildPythonPackage rec {
pname = "base58";
version = "2.1.0";
version = "2.1.1";
disabled = pythonOlder "3.5";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-FxpUe0o8YeGuOAciSm967HXjZMQ5XnViZJ1zNXaAAaI=";
sha256 = "c5d0cb3f5b6e81e8e35da5754388ddcc6d0d14b6c6a132cb93d69ed580a7278c";
};
checkInputs = [

View File

@ -4,11 +4,11 @@
buildPythonPackage rec {
pname = "django-storages";
version = "1.12.2";
version = "1.12.3";
src = fetchPypi {
inherit pname version;
sha256 = "0013ebe4904521e2fa28f33591a03a7210304d73363e7eadd7cdcf81c12ba003";
sha256 = "a475edb2f0f04c4f7e548919a751ecd50117270833956ed5bd585c0575d2a5e7";
};
propagatedBuildInputs = [ django ];

View File

@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "flask-paginate";
version = "2021.10.26";
version = "2021.10.29";
src = fetchPypi {
inherit pname version;
sha256 = "f124390664b2cfd835c54cc884d67fdaa550782a0783576f719fec2379cad193";
sha256 = "660ba1451e4cb168d3a42ed63914fe507bb5c0b30c26a6286b923077bba2362b";
};
propagatedBuildInputs = [ flask ];

View File

@ -0,0 +1,36 @@
{ lib
, buildPythonPackage
, fetchPypi
, flask
, six
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "flask-talisman";
version = "0.8.1";
src = fetchPypi {
inherit pname version;
sha256 = "11gjgqkpj2yqydb0pfhjyx56iy4l9szgz33vg5d7bw8vqp02wl2x";
};
buildInputs = [
flask
];
propagatedBuildInputs = [
six
];
nativeBuildInputs = [
pytestCheckHook
];
meta = with lib; {
description = "HTTP security headers for Flask";
homepage = "https://github.com/wntrblm/flask-talisman";
license = licenses.asl20;
maintainers = [ lib.maintainers.symphorien ];
};
}

View File

@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "google-cloud-audit-log";
version = "0.1.1";
version = "0.2.0";
src = fetchPypi {
inherit pname version;
sha256 = "a87fdf3c393b830b35c8f7db09094790d0d7babb35068736bea64e1618d286fe";
sha256 = "d0852f525ad65705f9fbff6288be4493e1449a7906fb5e01bd71c8d1e424d1fc";
};
propagatedBuildInputs = [ googleapis-common-protos protobuf ];

View File

@ -11,11 +11,11 @@
buildPythonPackage rec {
pname = "google-cloud-dataproc";
version = "3.0.0";
version = "3.1.0";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-a81HBeNoLXSpJJJ0BBqJz24ls0TFMwiHJgkkNyHZGvo=";
sha256 = "c2cf9be1c8f7cb7b4b58323aff98730e89fa462f4801bf70ae984933fa8a92d1";
};
propagatedBuildInputs = [ google-api-core libcst proto-plus ];

View File

@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "google-cloud-os-config";
version = "1.6.0";
version = "1.7.0";
src = fetchPypi {
inherit pname version;
sha256 = "204ecbe480e5e5abc17752ac2ac17877e0325f31ed7e57f019724c3041ecc1fa";
sha256 = "d9eed9290f6601682524ab7ce40c0805432e9aeb39268a6891bc631f367158f0";
};
propagatedBuildInputs = [ google-api-core libcst proto-plus ];

View File

@ -11,11 +11,11 @@
buildPythonPackage rec {
pname = "google-cloud-resource-manager";
version = "1.2.0";
version = "1.3.0";
src = fetchPypi {
inherit pname version;
sha256 = "7f519bdf1ed5bfedc4bdcd237c5d3cfa50ef37dd92cf14db123ff80ac99950e0";
sha256 = "fa2d8af734676145f816bd123265220a3d144b7780231dd612f6b906e07f97c3";
};
propagatedBuildInputs = [ google-api-core google-cloud-core grpc-google-iam-v1 proto-plus ];

View File

@ -54,7 +54,6 @@ buildPythonPackage rec {
"tests/system/test_bucket.py"
"tests/system/test_fileio.py"
"tests/system/test_kms_integration.py"
"tests/conformance/test_conformance.py" # requires docker
];
preCheck = ''

View File

@ -12,11 +12,11 @@
buildPythonPackage rec {
pname = "google-cloud-tasks";
version = "2.6.0";
version = "2.7.0";
src = fetchPypi {
inherit pname version;
sha256 = "fd9fe318063ec0f7e4e1780aca81a798d3e90e8def1c24b6f450ea1a8c131c0a";
sha256 = "8d770a0f0d1297868af20bd73182a11a7318c6543defb98cc9b0a4e550fb08d0";
};
propagatedBuildInputs = [ google-api-core grpc-google-iam-v1 libcst proto-plus ];

View File

@ -11,11 +11,11 @@
buildPythonPackage rec {
pname = "google-cloud-texttospeech";
version = "2.6.0";
version = "2.7.0";
src = fetchPypi {
inherit pname version;
sha256 = "d24dec1ee71bb63a7f6805b2d78923b2325de59407b4688978b7769bbafc3eb8";
sha256 = "50c49005c7a807950eed730faa386fcef1dc6f5c4c351c6d6470fd211f23f973";
};
propagatedBuildInputs = [ libcst google-api-core proto-plus ];

View File

@ -12,11 +12,11 @@
buildPythonPackage rec {
pname = "google-cloud-trace";
version = "1.4.0";
version = "1.5.0";
src = fetchPypi {
inherit pname version;
sha256 = "5955faf99478b4e3c2b2550949e94ec8e2915979e8ef5549044d2d91ced03716";
sha256 = "bae81c127520af3c03183822e9a3c30aa90b030f2b8e66f64485abf7f2af8ff9";
};
propagatedBuildInputs = [ google-api-core google-cloud-core proto-plus ];

View File

@ -11,11 +11,11 @@
buildPythonPackage rec {
pname = "google-cloud-videointelligence";
version = "2.4.0";
version = "2.5.0";
src = fetchPypi {
inherit pname version;
sha256 = "92dd4f1e87b02ab414ad744eefa321e079358527cb8c352e1054ae1dab5f1055";
sha256 = "535773e58f731597f24b88cee51ece1a1528ae4106ce2ea2be9ac8274115a73f";
};
propagatedBuildInputs = [ google-api-core proto-plus ];

View File

@ -11,11 +11,11 @@
buildPythonPackage rec {
pname = "google-cloud-vision";
version = "2.5.0";
version = "2.6.1";
src = fetchPypi {
inherit pname version;
sha256 = "e56e35fa647d794429c6fc1595b2ebf5f4d627f0b3d6499a000b54be343ea37e";
sha256 = "028ac69d380fb08425174825a2310c04cc14102fdbafe9be02c083c7d920f13f";
};
propagatedBuildInputs = [ libcst google-api-core proto-plus];

View File

@ -12,11 +12,11 @@
buildPythonPackage rec {
pname = "google-resumable-media";
version = "2.0.3";
version = "2.1.0";
src = fetchPypi {
inherit pname version;
sha256 = "b4b4709d04a6a03cbec746c2b5cb18f1f9878bf1ef3cd61908842a3d94c20471";
sha256 = "725b989e0dd387ef2703d1cc8e86217474217f4549593c477fd94f4024a0f911";
};
propagatedBuildInputs = [ google-auth google-crc32c requests ];

View File

@ -1,14 +1,13 @@
{ buildPythonPackage
, lib
, fetchFromGitHub
, isPy27
, nixosTests
, fetchpatch
, fetchPypi
, alembic
, aniso8601
, Babel
, blinker
, cachetools
, click
, dnspython
, email_validator
@ -19,6 +18,7 @@
, flask_migrate
, flask-restful
, flask_sqlalchemy
, flask-talisman
, flask_wtf
, debts
, idna
@ -28,6 +28,7 @@
, markupsafe
, python-dateutil
, pytz
, requests
, six
, sqlalchemy
, sqlalchemy-utils
@ -43,17 +44,6 @@
# ihatemoney is not really a library. It will only ever be imported
# by the interpreter of uwsgi. So overrides for its depencies are fine.
let
# fixed in next release, but patches don't apply
# https://github.com/spiral-project/ihatemoney/issues/567
pinned_wtforms = wtforms.overridePythonAttrs (old: rec {
pname = "WTForms";
version = "2.2.1";
src = fetchPypi {
inherit pname version;
sha256 = "0q9vkcq6jnnn618h27lx9sas6s9qlg2mv8ja6dn0hy38gwzarnqc";
};
});
# sqlalchemy-continuum requires sqlalchemy < 1.4
pinned_sqlalchemy = sqlalchemy.overridePythonAttrs (
old: rec {
@ -70,43 +60,20 @@ in
buildPythonPackage rec {
pname = "ihatemoney";
version = "4.2";
version = "5.1.1";
src = fetchFromGitHub {
owner = "spiral-project";
repo = pname;
rev = version;
sha256 = "0d4vc6m0jkwlz9ly0hcjghccydvqbldh2jb8yzf94jrgkd5fd7k1";
src = fetchPypi {
inherit pname version;
sha256 = "0gsqba9qbs1dpmfys8qpiahy4pbn4khcc6mgmdnhssmkjsb94sx6";
};
disabled = isPy27;
patches = [
# fix migration on postgresql
# remove on next release
(fetchpatch {
url = "https://github.com/spiral-project/ihatemoney/commit/6129191b26784b895e203fa3eafb89cee7d88b71.patch";
sha256 = "0yc24gsih9x3pnh2mhj4v5i71x02dq93a9jd2r8b1limhcl4p1sw";
})
(fetchpatch {
name = "CVE-2020-15120.patch";
url = "https://github.com/spiral-project/ihatemoney/commit/8d77cf5d5646e1d2d8ded13f0660638f57e98471.patch";
sha256 = "0y855sk3qsbpq7slj876k2ifa1lccc2dccag98pkyaadpz5gbabv";
})
# backported from current master
# remove dependency on flask-script, which removed support on some features ihm used to need
./remove_flask_script.patch
];
postPatch = ''
# remove draconian pinning
sed -i 's/==.*$//' setup.cfg
'';
propagatedBuildInputs = [
aniso8601
Babel
blinker
cachetools
click
dnspython
email_validator
@ -125,7 +92,8 @@ buildPythonPackage rec {
}
)
flask-restful
(flask_wtf.override { wtforms = pinned_wtforms; })
flask-talisman
flask_wtf
idna
itsdangerous
jinja2
@ -133,6 +101,7 @@ buildPythonPackage rec {
markupsafe
python-dateutil
pytz
requests
six
(
(
@ -158,7 +127,7 @@ buildPythonPackage rec {
)
)
werkzeug
pinned_wtforms
wtforms
psycopg2
debts
];
@ -168,10 +137,10 @@ buildPythonPackage rec {
pytestCheckHook
];
pytestFlagsArray = [ "--pyargs ihatemoney.tests.tests" ];
disabledTests = [
"test_notifications" # requires running service.
"test_invite" # requires running service.
"test_invitation_email_failure" # requires dns resolution
];
passthru.tests = {

View File

@ -1,284 +0,0 @@
commit 4d831ba2316d54f4916fb9d1160ec7a3856b47d4
Author: Glandos <bugs-github@antipoul.fr>
Date: Sun Jun 6 14:30:52 2021 +0200
remove usage of Flask-Script
Use flask.cli instead with compatibility layer for existing commands,
such as "runserver".
cherry-pick from 74e222f1a1cbfc2fac102fefc1115e9d0a6586dc
diff --git a/Makefile b/Makefile
index a681709..90ab1bb 100644
--- a/Makefile
+++ b/Makefile
@@ -38,7 +38,7 @@ update: remove-install-stamp install ## Update the dependencies
.PHONY: serve
serve: install ## Run the ihatemoney server
@echo 'Running ihatemoney on http://localhost:5000'
- $(PYTHON) -m ihatemoney.manage runserver
+ $(PYTHON) -m ihatemoney.manage run
.PHONY: test
test: install-dev ## Run the tests
diff --git a/docs/installation.rst b/docs/installation.rst
index 4994499..4df70a2 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -59,7 +59,7 @@ Test it
Once installed, you can start a test server::
- ihatemoney runserver
+ ihatemoney run
And point your browser at `http://localhost:5000 <http://localhost:5000>`_.
diff --git a/ihatemoney/manage.py b/ihatemoney/manage.py
index a192844..805a07f 100755
--- a/ihatemoney/manage.py
+++ b/ihatemoney/manage.py
@@ -5,8 +5,8 @@ import os
import random
import sys
-from flask_migrate import Migrate, MigrateCommand
-from flask_script import Command, Manager, Option
+import click
+from flask.cli import FlaskGroup
from werkzeug.security import generate_password_hash
from ihatemoney.models import Project, db
@@ -14,31 +14,48 @@ from ihatemoney.run import create_app
from ihatemoney.utils import create_jinja_env
-class GeneratePasswordHash(Command):
+@click.group(cls=FlaskGroup, create_app=create_app)
+def cli():
+ """IHateMoney Management script"""
- """Get password from user and hash it without printing it in clear text."""
- def run(self):
- password = getpass.getpass(prompt="Password: ")
- print(generate_password_hash(password))
-
-
-class GenerateConfig(Command):
- def get_options(self):
- return [
- Option(
- "config_file",
- choices=[
- "ihatemoney.cfg",
- "apache-vhost.conf",
- "gunicorn.conf.py",
- "supervisord.conf",
- "nginx.conf",
- ],
- )
+@cli.command(
+ context_settings={"ignore_unknown_options": True, "allow_extra_args": True}
+)
+@click.pass_context
+def runserver(ctx):
+ """Deprecated, use the "run" command instead"""
+ click.secho(
+ '"runserver" is deprecated, please use the standard "run" flask command',
+ fg="red",
+ )
+ run = cli.get_command(ctx, "run")
+ ctx.forward(run)
+
+
+@click.command(name="generate_password_hash")
+def password_hash():
+ """Get password from user and hash it without printing it in clear text."""
+ password = getpass.getpass(prompt="Password: ")
+ print(generate_password_hash(password))
+
+
+@click.command()
+@click.argument(
+ "config_file",
+ type=click.Choice(
+ [
+ "ihatemoney.cfg",
+ "apache-vhost.conf",
+ "gunicorn.conf.py",
+ "supervisord.conf",
+ "nginx.conf",
]
+ ),
+)
+def generate_config(config_file):
+ """Generate front-end server configuration"""
- @staticmethod
def gen_secret_key():
return "".join(
[
@@ -49,59 +66,33 @@ class GenerateConfig(Command):
]
)
- def run(self, config_file):
- env = create_jinja_env("conf-templates", strict_rendering=True)
- template = env.get_template("%s.j2" % config_file)
+ env = create_jinja_env("conf-templates", strict_rendering=True)
+ template = env.get_template(f"{config_file}.j2")
- bin_path = os.path.dirname(sys.executable)
- pkg_path = os.path.abspath(os.path.dirname(__file__))
+ bin_path = os.path.dirname(sys.executable)
+ pkg_path = os.path.abspath(os.path.dirname(__file__))
- print(
- template.render(
- pkg_path=pkg_path,
- bin_path=bin_path,
- sys_prefix=sys.prefix,
- secret_key=self.gen_secret_key(),
- )
+ print(
+ template.render(
+ pkg_path=pkg_path,
+ bin_path=bin_path,
+ sys_prefix=sys.prefix,
+ secret_key=gen_secret_key(),
)
-
-
-class DeleteProject(Command):
- def run(self, project_name):
- demo_project = Project.query.get(project_name)
- db.session.delete(demo_project)
+ )
+
+
+@cli.command()
+@click.argument("project_name")
+def delete_project(project_name):
+ """Delete a project"""
+ project = Project.query.get(project_name)
+ if project is None:
+ click.secho(f'Project "{project_name}" not found', fg="red")
+ else:
+ db.session.delete(project)
db.session.commit()
-def main():
- QUIET_COMMANDS = ("generate_password_hash", "generate-config")
-
- exception = None
- backup_stderr = sys.stderr
- # Hack to divert stderr for commands generating content to stdout
- # to avoid confusing the user
- if len(sys.argv) > 1 and sys.argv[1] in QUIET_COMMANDS:
- sys.stderr = open(os.devnull, "w")
-
- try:
- app = create_app()
- Migrate(app, db)
- except Exception as e:
- exception = e
-
- # Restore stderr
- sys.stderr = backup_stderr
-
- if exception:
- raise exception
-
- manager = Manager(app)
- manager.add_command("db", MigrateCommand)
- manager.add_command("generate_password_hash", GeneratePasswordHash)
- manager.add_command("generate-config", GenerateConfig)
- manager.add_command("delete-project", DeleteProject)
- manager.run()
-
-
if __name__ == "__main__":
- main()
+ cli()
diff --git a/ihatemoney/tests/tests.py b/ihatemoney/tests/tests.py
index b27fafc..23f19a6 100644
--- a/ihatemoney/tests/tests.py
+++ b/ihatemoney/tests/tests.py
@@ -15,7 +15,7 @@ from sqlalchemy import orm
from werkzeug.security import check_password_hash, generate_password_hash
from ihatemoney import history, models, utils
-from ihatemoney.manage import DeleteProject, GenerateConfig, GeneratePasswordHash
+from ihatemoney.manage import delete_project, generate_config, password_hash
from ihatemoney.run import create_app, db, load_configuration
from ihatemoney.versioning import LoggingMode
@@ -2157,28 +2157,24 @@ class CommandTestCase(BaseTestCase):
- raise no exception
- produce something non-empty
"""
- cmd = GenerateConfig()
- for config_file in cmd.get_options()[0].kwargs["choices"]:
- with patch("sys.stdout", new=io.StringIO()) as stdout:
- cmd.run(config_file)
- print(stdout.getvalue())
- self.assertNotEqual(len(stdout.getvalue().strip()), 0)
+ runner = self.app.test_cli_runner()
+ for config_file in generate_config.params[0].type.choices:
+ result = runner.invoke(generate_config, config_file)
+ self.assertNotEqual(len(result.output.strip()), 0)
def test_generate_password_hash(self):
- cmd = GeneratePasswordHash()
- with patch("sys.stdout", new=io.StringIO()) as stdout, patch(
- "getpass.getpass", new=lambda prompt: "secret"
- ): # NOQA
- cmd.run()
- print(stdout.getvalue())
- self.assertEqual(len(stdout.getvalue().strip()), 189)
+ runner = self.app.test_cli_runner()
+ with patch("getpass.getpass", new=lambda prompt: "secret"):
+ result = runner.invoke(password_hash)
+ print(result.output.strip())
+ self.assertEqual(len(result.output.strip()), 102)
def test_demo_project_deletion(self):
self.create_project("demo")
self.assertEquals(models.Project.query.get("demo").name, "demo")
- cmd = DeleteProject()
- cmd.run("demo")
+ runner = self.app.test_cli_runner()
+ runner.invoke(delete_project, "demo")
self.assertEqual(len(models.Project.query.all()), 0)
diff --git a/setup.cfg b/setup.cfg
index d493717..48e447c 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -31,7 +31,6 @@ install_requires =
Flask-Mail==0.9.1
Flask-Migrate==2.5.3
Flask-RESTful==0.3.8
- Flask-Script==2.0.6
Flask-SQLAlchemy==2.4.1
Flask-WTF==0.14.3
WTForms==2.2.1
@@ -51,8 +50,12 @@ dev =
zest.releaser==6.20.1
[options.entry_points]
+flask.commands =
+ generate_password_hash = ihatemoney.manage:password_hash
+ generate-config = ihatemoney.manage:generate_config
+
console_scripts =
- ihatemoney = ihatemoney.manage:main
+ ihatemoney = ihatemoney.manage:cli
paste.app_factory =
main = ihatemoney.run:main

View File

@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "impacket";
version = "0.9.23";
version = "0.9.24";
src = fetchPypi {
inherit pname version;
sha256 = "1c1be8a50cdbe3cffc566ba64f552b1b28bcc79b7a406b833956b49c56d77184";
sha256 = "18d557d387f4914fafa739813b9172bc3f8bd9c036e93bf589a8e0ebb7304bba";
};
propagatedBuildInputs = [ flask ldapdomaindump pycryptodomex pyasn1 pyopenssl chardet setuptools ];

View File

@ -11,25 +11,34 @@
buildPythonPackage rec {
pname = "importlib-resources";
version = "5.2.2";
version = "5.4.0";
src = fetchPypi {
pname = "importlib_resources";
inherit version;
sha256 = "sha256-pliCpND+X79wInNFa6LOdP5EiSwl5C4FespSa3AqbUs=";
sha256 = "sha256-11bi+F3U3iuom+CyHboqO77C6HGkKjoWcZJYoR+HUGs=";
};
nativeBuildInputs = [ setuptools-scm ];
nativeBuildInputs = [
setuptools-scm
];
propagatedBuildInputs = [
importlib-metadata
] ++ lib.optional (pythonOlder "3.4") singledispatch
++ lib.optional (pythonOlder "3.5") typing
;
] ++ lib.optional (pythonOlder "3.4") [
singledispatch
] ++ lib.optional (pythonOlder "3.5") [
typing
];
checkPhase = ''
${python.interpreter} -m unittest discover
'';
pythonImportsCheck = [
"importlib_resources"
];
meta = with lib; {
description = "Read resources from Python packages";
homepage = "https://importlib-resources.readthedocs.io/";

View File

@ -2,16 +2,20 @@
, fetchFromGitHub
, buildPythonPackage
, pytestCheckHook
, pythonOlder
}:
buildPythonPackage rec {
pname = "iso3166";
version = "1.0.1";
version = "2.0.2";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchFromGitHub {
owner = "deactivated";
repo = "python-iso3166";
rev = "v${version}";
rev = version;
sha256 = "0zs9za9dr2nl5srxir08yibmp6nffcapmzala0fgh8ny7y6rafrx";
};
@ -19,11 +23,13 @@ buildPythonPackage rec {
pytestCheckHook
];
pythonImportsCheck = [ "iso3166" ];
pythonImportsCheck = [
"iso3166"
];
meta = with lib; {
homepage = "https://github.com/deactivated/python-iso3166";
description = "Self-contained ISO 3166-1 country definitions";
homepage = "https://github.com/deactivated/python-iso3166";
license = licenses.mit;
maintainers = with maintainers; [ zraexy ];
};

View File

@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "libtmux";
version = "0.10.1";
version = "0.10.2";
src = fetchPypi {
inherit pname version;
sha256 = "c8bc81499616ba899538704e419463a1c83ba7ca21e53b1efc6abbe98eb26b61";
sha256 = "a0e958b85ec14cdaabecfa738a0dd51846f05e5c5e9d6749a2bf5160b9f7e1d2";
};
checkInputs = [ pytest ];

View File

@ -6,14 +6,14 @@
}:
buildPythonPackage rec {
version = "1.5.2";
pname = "livestreamer-curses";
version = "1.5.2";
disabled = isPyPy;
src = fetchFromGitHub {
owner = "gapato";
repo = "livestreamer-curses";
rev = "v1.5.2";
rev = "v${version}";
sha256 = "sha256-Pi0PIOUhMMAWft9ackB04IgF6DyPrXppNqyVjozIjN4=";
};
@ -23,6 +23,6 @@ buildPythonPackage rec {
homepage = "https://github.com/gapato/livestreamer-curses";
description = "Curses frontend for livestreamer";
license = licenses.mit;
maintainers = with maintainers; [ ];
};
}

View File

@ -1,42 +1,37 @@
{ lib
, buildPythonPackage
, pkgs
, fetchFromGitHub
, isPyPy
, makeWrapper
, rtmpdump
, pycrypto
, requests
, singledispatch ? null
, futures ? null
, isPy27
}:
buildPythonPackage rec {
version = "1.12.2";
pname = "livestreamer";
version = "1.12.2";
disabled = isPyPy;
src = fetchFromGitHub {
owner = "chrippa";
repo = "livestreamer";
rev = "v1.12.2";
rev = "v${version}";
sha256 = "sha256-PqqyBh+oMmu7Ynly3fqx/+6mQYX+6SpI0Okj2O+YLz0=";
};
nativeBuildInputs = [ pkgs.makeWrapper ];
nativeBuildInputs = [ makeWrapper ];
propagatedBuildInputs = [ pkgs.rtmpdump pycrypto requests ]
++ lib.optionals isPy27 [ singledispatch futures ];
propagatedBuildInputs = [ rtmpdump pycrypto requests ];
postInstall = ''
wrapProgram $out/bin/livestreamer --prefix PATH : ${pkgs.rtmpdump}/bin
wrapProgram $out/bin/livestreamer --prefix PATH : ${lib.makeBinPath [ rtmpdump ]}
'';
meta = with lib; {
homepage = "http://livestreamer.tanuki.se";
description = ''
Livestreamer is CLI program that extracts streams from various
services and pipes them into a video player of choice.
'';
description = "Livestreamer is CLI program that extracts streams from various services and pipes them into a video player of choice";
license = licenses.bsd2;
maintainers = with maintainers; [ ];
};

View File

@ -3,13 +3,13 @@
}:
buildPythonPackage rec {
pname = "netCDF4";
version = "1.5.7";
version = "1.5.8";
disabled = isPyPy;
src = fetchPypi {
inherit pname version;
sha256 = "d145f9c12da29da3922d8b8aafea2a2a89501bcb28a219a46b7b828b57191594";
sha256 = "ca3d468f4812c0999df86e3f428851fb0c17ac34ce0827115c246b0b690e4e84";
};
checkInputs = [ pytest ];

View File

@ -1,4 +1,5 @@
{ lib, buildPythonPackage, fetchFromGitHub, pytest, mock }:
{ lib, buildPythonPackage, fetchFromGitHub, pytestCheckHook, mock }:
buildPythonPackage rec {
pname = "pep257";
version = "0.7.0";
@ -6,20 +7,17 @@ buildPythonPackage rec {
src = fetchFromGitHub {
owner = "GreenSteam";
repo = "pep257";
rev = "0.7.0";
rev = version;
sha256 = "sha256-RkE9kkNkRTmZ8zJVwQzMsxU1hcjlxX6UA+ehnareynQ=";
};
checkInputs = [ pytest mock ];
checkPhase = ''
py.test
'';
checkInputs = [ pytestCheckHook mock ];
meta = with lib; {
homepage = "https://github.com/GreenSteam/pep257/";
description = "Python docstring style checker";
longDescription = "Static analysis tool for checking compliance with Python PEP 257.";
license = licenses.mit;
maintainers = with maintainers; [ ];
};
}

View File

@ -19,6 +19,6 @@ buildPythonPackage rec {
description = "A module provides basic functions for parsing mime-type names and matching them against a list of media-ranges";
homepage = "https://github.com/dbtsai/python-mimeparse";
license = licenses.mit;
maintainers = with maintainers; [ ];
};
}

View File

@ -7,11 +7,11 @@
buildPythonPackage rec {
pname = "scikit-fmm";
version = "2021.9.23";
version = "2021.10.29";
src = fetchPypi {
inherit pname version;
sha256 = "94808e6d747143cc9d50aa946cf5b1e61dbd4d8bc6229a7a5f57db6cedf38a47";
sha256 = "799f36e918a2b64ed8434d6c4fef3a1a47757055955c240fba0d4aadccca26b2";
};
propagatedBuildInputs = [

View File

@ -15,11 +15,11 @@
buildPythonPackage rec {
pname = "scikit-survival";
version = "0.15.0.post0";
version = "0.16.0";
src = fetchPypi {
inherit pname version;
sha256 = "572c3ac6818a9d0944fc4b8176eb948051654de857e28419ecc5060bcc6fbf37";
sha256 = "d3573eb1df9d516c75994a8a82108b6c7a5ca7ea8a9af60b38f3f65c3e227fa7";
};
nativeBuildInputs = [

View File

@ -16,11 +16,11 @@
buildPythonPackage rec {
pname = "skorch";
version = "0.10.0";
version = "0.11.0";
src = fetchPypi {
inherit pname version;
sha256 = "9910f97339e654c8d38e0075d87b735e69e5eb11db59c527fb36705b30c8d0a4";
sha256 = "b35cb4e50045742f0ffcfad33044af691d5d36b50212573753a804483a947ca9";
};
propagatedBuildInputs = [ numpy pytorch scikit-learn scipy tabulate tqdm ];

View File

@ -2,7 +2,7 @@
, buildPythonPackage
, fetchPypi
, pbr
, python_mimeparse
, python-mimeparse
, extras
, unittest2
, traceback2
@ -18,7 +18,7 @@ buildPythonPackage rec {
sha256 = "57c13433d94f9ffde3be6534177d10fb0c1507cc499319128958ca91a65cb23f";
};
propagatedBuildInputs = [ pbr python_mimeparse extras unittest2 ];
propagatedBuildInputs = [ pbr python-mimeparse extras unittest2 ];
buildInputs = [ traceback2 ];
# testscenarios has a circular dependency on testtools

View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, jre, nixosTests, writeScript, common-updater-scripts
{ lib, stdenv, fetchurl, jre, writeScript, common-updater-scripts
, git, nixfmt, nix, coreutils, gnused, disableRemoteLogging ? true }:
with lib;
@ -28,7 +28,6 @@ let
'';
passthru = {
tests = { inherit (nixosTests) ammonite; };
updateScript = writeScript "update.sh" ''
#!${stdenv.shell}
@ -58,6 +57,15 @@ let
'';
};
doInstallCheck = true;
installCheckPhase = ''
runHook preInstallCheck
$out/bin/amm -c 'val foo = 21; println(foo * 2)' | grep 42
runHook postInstallCheck
'';
meta = {
description = "Improved Scala REPL";
longDescription = ''

View File

@ -1,14 +1,14 @@
{ lib, gcc9Stdenv, fetchFromGitHub, cmake, libpfm, zlib, pkg-config, python3Packages, which, procps, gdb, capnproto }:
gcc9Stdenv.mkDerivation rec {
version = "5.4.0";
version = "5.5.0";
pname = "rr";
src = fetchFromGitHub {
owner = "mozilla";
repo = "rr";
rev = version;
sha256 = "1sfldgkkmsdyaqa28i5agcykc63gwm3zjihd64g86i852w8al2w6";
sha256 = "sha256-ZZhkmDWGNWejwXZEcFO9p9NG1dopK7kXRj7OrkJCPR0=";
};
postPatch = ''

View File

@ -2,32 +2,45 @@
, stdenv
, fetchgit
, wrapLisp
, sbcl_2_0_9
, sbcl
, openssl
}:
stdenv.mkDerivation rec {
pname = "clpm";
version = "0.3.6";
version = "0.4.1";
src = fetchgit {
url = "https://gitlab.common-lisp.net/clpm/clpm";
rev = "v${version}";
fetchSubmodules = true;
sha256 = "04w46yhv31p4cfb84b6qvyfw7x5nx6lzyd4yzhd9x6qvb7p5kmfh";
sha256 = "sha256-UhaLmbdsIPj6O+s262HUMxuz/5t43JR+TlOjq8Y2CDs=";
};
buildInputs = [
(wrapLisp sbcl_2_0_9)
(wrapLisp sbcl)
];
propagatedBuildInputs = [
openssl
];
postPatch = ''
# patch cl-plus-ssl to ensure that it finds libssl and libcrypto
sed 's|libssl.so|${openssl.out}/lib/libssl.so|' -i ext/cl-plus-ssl/src/reload.lisp
sed 's|libcrypto.so|${openssl.out}/lib/libcrypto.so|' -i ext/cl-plus-ssl/src/reload.lisp
# patch dexador to avoid error due to dexador being loaded multiple times
sed -i 's/defpackage/uiop:define-package/g' ext/dexador/src/dexador.lisp
'';
buildPhase = ''
runHook preBuild
ln -s ${openssl.out}/lib/libcrypto*${stdenv.hostPlatform.extensions.sharedLibrary}* .
ln -s ${openssl.out}/lib/libssl*${stdenv.hostPlatform.extensions.sharedLibrary}* .
common-lisp.sh --script scripts/build.lisp
# exporting home to avoid using /homeless-shelter/.cache/ as this will cause
# ld to complaing about `impure path used in link`.
export HOME=$TMP
common-lisp.sh --script scripts/build-release.lisp
runHook postBuild
'';
@ -35,7 +48,8 @@ stdenv.mkDerivation rec {
installPhase = ''
runHook preInstall
INSTALL_ROOT=$out sh install.sh
cd build/release-staging/dynamic/clpm-${version}*/
INSTALL_ROOT=$out/ bash install.sh
runHook postInstall
'';
@ -48,6 +62,6 @@ stdenv.mkDerivation rec {
homepage = "https://www.clpm.dev/";
license = licenses.bsd2;
maintainers = [ maintainers.petterstorvik ];
platforms = platforms.all;
platforms = [ "i686-linux" "x86_64-linux" ];
};
}

View File

@ -1,6 +1,5 @@
{ stdenv
, tree-sitter
, libcxx
, lib
}:
@ -16,42 +15,46 @@
, location ? null
}:
stdenv.mkDerivation {
stdenv.mkDerivation rec {
pname = "${language}-grammar";
inherit version;
src =
if location == null
then
source
else
"${source}/${location}"
;
src = if location == null then source else "${source}/${location}";
NIX_CFLAGS_COMPILE = lib.optionalString stdenv.isDarwin "-I${lib.getDev libcxx}/include/c++/v1";
buildInputs = [ tree-sitter ];
dontUnpack = true;
dontConfigure = true;
CFLAGS = [ "-I${src}/src" "-O2" ];
CXXFLAGS = [ "-I${src}/src" "-O2" ];
# When both scanner.{c,cc} exist, we should not link both since they may be the same but in
# different languages. Just randomly prefer C++ if that happens.
buildPhase = ''
runHook preBuild
scanner_cc="$src/src/scanner.cc"
if [ ! -f "$scanner_cc" ]; then
scanner_cc=""
if [[ -e "$src/src/scanner.cc" ]]; then
$CXX -c "$src/src/scanner.cc" -o scanner.o $CXXFLAGS
elif [[ -e "$src/src/scanner.c" ]]; then
$CC -c "$src/src/scanner.c" -o scanner.o $CFLAGS
fi
scanner_c="$src/src/scanner.c"
if [ ! -f "$scanner_c" ]; then
scanner_c=""
fi
$CC -I$src/src/ -shared -o parser -Os $src/src/parser.c $scanner_cc $scanner_c -lstdc++
$CC -c "$src/src/parser.c" -o parser.o $CFLAGS
$CXX -shared -o parser *.o
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir $out
mv parser $out/
runHook postInstall
'';
# Auto strip cannot detect files missing extension.
fixupPhase = ''
runHook preFixup
strip -s $out/parser
runHook postFixup
'';
}

View File

@ -13,11 +13,11 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-make";
version = "0.35.0";
version = "0.35.5";
src = fetchCrate {
inherit pname version;
sha256 = "sha256-pC3iX5jAPBArxs+YECDyUW5+MP+/f2HMLZNjo+BoKOE=";
sha256 = "sha256-hW3W+k6S/pWYTCHkFcWPgCNM36U6smMhOZDlxC/R3sQ=";
};
nativeBuildInputs = [ pkg-config ];
@ -25,7 +25,7 @@ rustPlatform.buildRustPackage rec {
buildInputs = [ openssl ]
++ lib.optionals stdenv.isDarwin [ Security SystemConfiguration libiconv ];
cargoSha256 = "sha256-Zp2LoeCnpYupi/QY3Ft1VQ+O/y3I96UaouEFs9QpbLg=";
cargoSha256 = "sha256-3NzBVt+dTASSXEOs3QEQje2D9Qoupf9tNzqwsihcyi8=";
# Some tests fail because they need network access.
# However, Travis ensures a proper build.

View File

@ -11,14 +11,14 @@
stdenv.mkDerivation rec {
pname = "SHADERed";
version = "1.4.1";
version = "1.5.6";
src = fetchFromGitHub {
owner = "dfranx";
repo = pname;
rev = "v${version}";
fetchSubmodules = true;
sha256 = "ivOd4NJgx5KWSDnXSBQLMrdvBuOm8NRzcb2S4lvOrms=";
sha256 = "0drf8wwx0gcmi22jq2yyjy7ppxynfq172wqakchscm313j248fjr";
};
nativeBuildInputs = [
@ -34,6 +34,10 @@ stdenv.mkDerivation rec {
sfml
];
patches = [
./install_path_fix.patch
];
NIX_CFLAGS_COMPILE = "-Wno-error=format-security";
meta = with lib; {

View File

@ -0,0 +1,13 @@
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 55eb05c..18f7fc3 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -234,7 +234,7 @@ endif()
set(BINARY_INST_DESTINATION "bin")
set(RESOURCE_INST_DESTINATION "share/shadered")
-install(PROGRAMS bin/SHADERed DESTINATION "${BINARY_INST_DESTINATION}" RENAME shadered)
+install(PROGRAMS ${CMAKE_CURRENT_BINARY_DIR}/bin/SHADERed DESTINATION "${BINARY_INST_DESTINATION}" RENAME shadered)
install(DIRECTORY bin/data bin/templates bin/themes bin/plugins DESTINATION "${RESOURCE_INST_DESTINATION}")
if (UNIX AND NOT APPLE)

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "uftrace";
version = "0.10";
version = "0.11";
src = fetchFromGitHub {
owner = "namhyung";
repo = "uftrace";
rev = "v${version}";
sha256 = "sha256-T3HFhFKHsUcOOCXaA1NG3aDE0k5frnhqjCI8aV18EjQ=";
sha256 = "sha256-uRtMJIZJKGQTGqs8QX60FCeXg3j5hv/V/qw4m8eGYD4=";
};
postUnpack = ''

View File

@ -2866,6 +2866,18 @@ final: prev:
meta.homepage = "https://github.com/Yggdroot/LeaderF/";
};
lean-nvim = buildVimPluginFrom2Nix {
pname = "lean.nvim";
version = "2021-10-30";
src = fetchFromGitHub {
owner = "Julian";
repo = "lean.nvim";
rev = "e586b463cb0ac841556e53f5b71e3ef109007378";
sha256 = "0caq2vab9hn2i39f5848zk1d3fl1zfpcadnqnm4gwnzga3cnfpbz";
};
meta.homepage = "https://github.com/Julian/lean.nvim/";
};
lean-vim = buildVimPluginFrom2Nix {
pname = "lean.vim";
version = "2021-09-29";

View File

@ -302,6 +302,7 @@ jreybert/vimagit
jsfaint/gen_tags.vim
JuliaEditorSupport/deoplete-julia
JuliaEditorSupport/julia-vim
Julian/lean.nvim@main
Julian/vim-textobj-variable-segment
juliosueiras/vim-terraform-completion
junegunn/fzf.vim

View File

@ -4,8 +4,10 @@
, meson
, ninja
, fetchFromGitLab
, fetchpatch
, libgudev
, glib
, polkit
, gobject-introspection
, gettext
, gtk-doc
@ -14,24 +16,47 @@
, libxml2
, libxslt
, upower
, umockdev
, systemd
, python3
, wrapGAppsNoGuiHook
, nixosTests
}:
let
testPythonPkgs = ps: with ps; [
pygobject3
dbus-python
python-dbusmock
];
testTypelibPath = lib.makeSearchPathOutput "lib" "lib/girepository-1.0" [ umockdev ];
in
stdenv.mkDerivation rec {
pname = "power-profiles-daemon";
version = "0.8.1";
version = "0.10.1";
outputs = [ "out" "devdoc" ];
outputs = [ "out" "devdoc" "installedTests" ];
src = fetchFromGitLab {
domain = "gitlab.freedesktop.org";
owner = "hadess";
repo = "power-profiles-daemon";
rev = version;
sha256 = "sha256-OnCUr7KWVPpYGDseBUcJD/PdOobvFnyNA97NhnKbTKY=";
sha256 = "sha256-sQWiCHc0kEELdmPq9Qdk7OKDUgbM5R44639feC7gjJc=";
};
patches = [
# Enable installed tests.
# https://gitlab.freedesktop.org/hadess/power-profiles-daemon/-/merge_requests/92
(fetchpatch {
url = "https://gitlab.freedesktop.org/hadess/power-profiles-daemon/-/commit/3c64d9e1732eb6425e33013c452f1c4aa7a26f7e.patch";
sha256 = "din5VuZZwARNDInHtl44yJK8pLmlxr5eoD4iMT4a8HA=";
})
# Install installed tests to separate output.
./installed-tests-path.patch
];
nativeBuildInputs = [
pkg-config
meson
@ -43,6 +68,11 @@ stdenv.mkDerivation rec {
libxml2 # for xmllint for stripping GResources
libxslt # for xsltproc for building docs
gobject-introspection
wrapGAppsNoGuiHook
python3.pkgs.wrapPython
# For finding tests.
(python3.withPackages testPythonPkgs)
];
buildInputs = [
@ -50,19 +80,89 @@ stdenv.mkDerivation rec {
systemd
upower
glib
(python3.withPackages (ps: with ps; [ ps.pygobject3 ])) # for cli tool
polkit
python3 # for cli tool
];
strictDeps = true;
# for cli tool
pythonPath = [
python3.pkgs.pygobject3
];
mesonFlags = [
"-Dinstalled_test_prefix=${placeholder "installedTests"}"
"-Dsystemdsystemunitdir=${placeholder "out"}/lib/systemd/system"
"-Dgtk_doc=true"
];
PKG_CONFIG_POLKIT_GOBJECT_1_POLICYDIR = "${placeholder "out"}/share/polkit-1/actions";
# Avoid double wrapping
dontWrapGApps = true;
postPatch = ''
patchShebangs tests/unittest_inspector.py
'';
preConfigure = ''
# For finding tests.
GI_TYPELIB_PATH_original=$GI_TYPELIB_PATH
addToSearchPath GI_TYPELIB_PATH "${testTypelibPath}"
'';
postConfigure = ''
# Restore the original value to prevent the program from depending on umockdev.
export GI_TYPELIB_PATH=$GI_TYPELIB_PATH_original
unset GI_TYPELIB_PATH_original
'';
preInstall = ''
# We have pkexec on PATH so Meson will try to use it when installation fails
# due to being unable to write to e.g. /etc.
# Lets pretend we already ran pkexec
# the pkexec on PATH would complain it lacks setuid bit,
# obscuring the underlying error.
# https://github.com/mesonbuild/meson/blob/492cc9bf95d573e037155b588dc5110ded4d9a35/mesonbuild/minstall.py#L558
export PKEXEC_UID=-1
'';
postFixup = ''
# Avoid double wrapping
makeWrapperArgs+=("''${gappsWrapperArgs[@]}")
# Make Python libraries available
wrapPythonProgramsIn "$out/bin" "$pythonPath"
# Make Python libraries available for installed tests
makeWrapperArgs+=(
--prefix GI_TYPELIB_PATH : "${testTypelibPath}"
--prefix PATH : "${lib.makeBinPath [ umockdev ]}"
# Vala does not use absolute paths in typelibs
# https://github.com/NixOS/nixpkgs/issues/47226
# Also umockdev binaries use relative paths for LD_PRELOAD.
--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ umockdev ]}"
# dbusmock calls its templates using exec so our regular patching of Python scripts
# to add package directories to site will not carry over.
# https://github.com/martinpitt/python-dbusmock/blob/2254e69279a02fb3027b500ed7288b77c7a80f2a/dbusmock/mockobject.py#L51
# https://github.com/martinpitt/python-dbusmock/blob/2254e69279a02fb3027b500ed7288b77c7a80f2a/dbusmock/__main__.py#L60-L62
--prefix PYTHONPATH : "${lib.makeSearchPath python3.sitePackages (testPythonPkgs python3.pkgs)}"
)
wrapPythonProgramsIn "$installedTests/libexec/installed-tests" "$pythonPath ${lib.concatStringsSep " " (testPythonPkgs python3.pkgs)}"
'';
passthru = {
tests = {
nixos = nixosTests.power-profiles-daemon;
installed-tests = nixosTests.installed-tests.power-profiles-daemon;
};
};
meta = with lib; {
homepage = "https://gitlab.freedesktop.org/hadess/power-profiles-daemon";
description = "Makes user-selected power profiles handling available over D-Bus";
platforms = platforms.linux;
license = licenses.gpl3Plus;
maintainers = with maintainers; [ mvnetbiz ];
maintainers = with maintainers; [ jtojnar mvnetbiz ];
};
}

View File

@ -0,0 +1,37 @@
diff --git a/meson_options.txt b/meson_options.txt
index 7e89619..76497db 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -1,3 +1,4 @@
+option('installed_test_prefix', type: 'string', description: 'Prefix for installed tests')
option('systemdsystemunitdir',
description: 'systemd unit directory',
type: 'string',
diff --git a/tests/meson.build b/tests/meson.build
index b306a7f..7670e1b 100644
--- a/tests/meson.build
+++ b/tests/meson.build
@@ -2,8 +2,8 @@ envs = environment()
envs.set ('top_builddir', meson.build_root())
envs.set ('top_srcdir', meson.source_root())
-installed_test_bindir = libexecdir / 'installed-tests' / meson.project_name()
-installed_test_datadir = datadir / 'installed-tests' / meson.project_name()
+installed_test_bindir = get_option('installed_test_prefix') / 'libexec' / 'installed-tests' / meson.project_name()
+installed_test_datadir = get_option('installed_test_prefix') / 'share' / 'installed-tests' / meson.project_name()
python3 = find_program('python3')
unittest_inspector = find_program('unittest_inspector.py')
diff --git a/tests/integration-test.py b/tests/integration-test.py
index 22dc42c..0f92b76 100755
--- a/tests/integration-test.py
+++ b/tests/integration-test.py
@@ -67,7 +67,7 @@ class Tests(dbusmock.DBusTestCase):
print('Testing binaries from JHBuild (%s)' % cls.daemon_path)
else:
cls.daemon_path = None
- with open('/usr/lib/systemd/system/power-profiles-daemon.service') as f:
+ with open('/run/current-system/sw/lib/systemd/system/power-profiles-daemon.service') as f:
for line in f:
if line.startswith('ExecStart='):
cls.daemon_path = line.split('=', 1)[1].strip()

View File

@ -2,13 +2,13 @@
python3Packages.buildPythonPackage rec {
pname = "heisenbridge";
version = "1.4.0";
version = "1.4.1";
# Use the release tarball because it has the version set correctly using the
# version.txt file.
src = fetchurl {
url = "https://github.com/hifi/heisenbridge/releases/download/v${version}/heisenbridge-${version}.tar.gz";
sha256 = "sha256-Br+7ykTtVYC7KIhikmgS9wbQdJFHFezlVre8cUBzAx8=";
sha256 = "sha256-+FnpECMDu7d7IM6vmiqP2mA/WJx2WVSzI01tLzkrvpk=";
};
propagatedBuildInputs = with python3Packages; [

Some files were not shown because too many files have changed in this diff Show More