Merge master into staging-next

This commit is contained in:
github-actions[bot] 2021-03-19 12:26:52 +00:00 committed by GitHub
commit c804f22a81
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
30 changed files with 231 additions and 147 deletions

View File

@ -68,15 +68,16 @@
Security fixes are submitted in the same way as other changes and thus the same guidelines apply. Security fixes are submitted in the same way as other changes and thus the same guidelines apply.
If the security fix comes in the form of a patch and a CVE is available, then the name of the patch should be the CVE identifier, so e.g. `CVE-2019-13636.patch` in the case of a patch that is included in the Nixpkgs tree. If a patch is fetched the name needs to be set as well, e.g.: - If a new version fixing the vulnerability has been released, update the package;
- If the security fix comes in the form of a patch and a CVE is available, then add the patch to the Nixpkgs tree, and apply it to the package.
```nix The name of the patch should be the CVE identifier, so e.g. `CVE-2019-13636.patch`; If a patch is fetched the name needs to be set as well, e.g.:
(fetchpatch { ```nix
name = "CVE-2019-11068.patch"; (fetchpatch {
url = "https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch"; name = "CVE-2019-11068.patch";
sha256 = "0pkpb4837km15zgg6h57bncp66d5lwrlvkr73h0lanywq7zrwhj8"; url = "https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch";
}) sha256 = "0pkpb4837km15zgg6h57bncp66d5lwrlvkr73h0lanywq7zrwhj8";
``` })
```
If a security fix applies to both master and a stable release then, similar to regular changes, they are preferably delivered via master first and cherry-picked to the release branch. If a security fix applies to both master and a stable release then, similar to regular changes, they are preferably delivered via master first and cherry-picked to the release branch.

View File

@ -0,0 +1,45 @@
# Vulnerability Roundup {#chap-vulnerability-roundup}
## Issues {#vulnerability-roundup-issues}
Vulnerable packages in Nixpkgs are managed using issues.
Currently opened ones can be found using the following:
[github.com/NixOS/nixpkgs/issues?q=is:issue+is:open+"Vulnerability+roundup"](https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+%22Vulnerability+roundup%22)
Each issue correspond to a vulnerable version of a package; As a consequence:
- One issue can contain several CVEs;
- One CVE can be shared across several issues;
- A single package can be concerned by several issues.
A "Vulnerability roundup" issue usually respects the following format:
```txt
<link to relevant package search on search.nix.gsc.io>, <link to relevant files in Nixpkgs on GitHub>
<list of related CVEs, their CVSS score, and the impacted NixOS version>
<list of the scanned Nixpkgs versions>
<list of relevant contributors>
```
Note that there can be an extra comment containing links to previously reported (and still open) issues for the same package.
## Triaging and Fixing {#vulnerability-roundup-triaging-and-fixing}
**Note**: An issue can be a "false positive" (i.e. automatically opened, but without the package it refers to being actually vulnerable).
If you find such a "false positive", comment on the issue an explanation of why it falls into this category, linking as much information as the necessary to help maintainers double check.
If you are investigating a "true positive":
- Find the earliest patched version or a code patch in the CVE details;
- Is the issue already patched (version up-to-date or patch applied manually) in Nixpkgs's `master` branch?
- **No**:
- [Submit a security fix](#submitting-changes-submitting-security-fixes);
- Once the fix is merged into `master`, [submit the change to the vulnerable release branch(es)](https://nixos.org/manual/nixpkgs/stable/#submitting-changes-stable-release-branches);
- **Yes**: [Backport the change to the vulnerable release branch(es)](https://nixos.org/manual/nixpkgs/stable/#submitting-changes-stable-release-branches).
- When the patch has made it into all the relevant branches (`master`, and the vulnerable releases), close the relevant issue(s).

View File

@ -35,6 +35,7 @@
<xi:include href="contributing/quick-start.xml" /> <xi:include href="contributing/quick-start.xml" />
<xi:include href="contributing/coding-conventions.xml" /> <xi:include href="contributing/coding-conventions.xml" />
<xi:include href="contributing/submitting-changes.chapter.xml" /> <xi:include href="contributing/submitting-changes.chapter.xml" />
<xi:include href="contributing/vulnerability-roundup.chapter.xml" />
<xi:include href="contributing/reviewing-contributions.xml" /> <xi:include href="contributing/reviewing-contributions.xml" />
<xi:include href="contributing/contributing-to-documentation.xml" /> <xi:include href="contributing/contributing-to-documentation.xml" />
</part> </part>

View File

@ -155,6 +155,7 @@
./programs/nm-applet.nix ./programs/nm-applet.nix
./programs/npm.nix ./programs/npm.nix
./programs/oblogout.nix ./programs/oblogout.nix
./programs/partition-manager.nix
./programs/plotinus.nix ./programs/plotinus.nix
./programs/proxychains.nix ./programs/proxychains.nix
./programs/qt5ct.nix ./programs/qt5ct.nix

View File

@ -0,0 +1,19 @@
{ config, lib, pkgs, ... }:
with lib;
{
meta.maintainers = [ maintainers.oxalica ];
###### interface
options = {
programs.partition-manager.enable = mkEnableOption "KDE Partition Manager";
};
###### implementation
config = mkIf config.programs.partition-manager.enable {
services.dbus.packages = [ pkgs.libsForQt5.kpmcore ];
# `kpmcore` need to be installed to pull in polkit actions.
environment.systemPackages = [ pkgs.libsForQt5.kpmcore pkgs.partition-manager ];
};
}

View File

@ -182,18 +182,7 @@ in rec {
# upstream unit. # upstream unit.
for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do
fn=$(basename $i/*) fn=$(basename $i/*)
if [ -e $out/$fn ]; then
case $fn in
# if file name is a template specialization, use the template's name
*@?*.service)
# remove @foo.service and replace it with @.service
ofn="''${fn%@*.service}@.service"
;;
*)
ofn="$fn"
esac
if [ -e $out/$ofn ]; then
if [ "$(readlink -f $i/$fn)" = /dev/null ]; then if [ "$(readlink -f $i/$fn)" = /dev/null ]; then
ln -sfn /dev/null $out/$fn ln -sfn /dev/null $out/$fn
else else

View File

@ -1,41 +0,0 @@
import ./make-test-python.nix {
name = "systemd-template-override";
machine = { pkgs, lib, ... }: let
touchTmp = pkgs.writeTextFile {
name = "touch-tmp@.service";
text = ''
[Service]
Type=oneshot
ExecStart=${pkgs.coreutils}/bin/touch /tmp/%I
'';
destination = "/etc/systemd/system/touch-tmp@.service";
};
in {
systemd.packages = [ touchTmp ];
systemd.services."touch-tmp@forbidden" = {
serviceConfig.ExecStart = [ "" ''
${pkgs.coreutils}/bin/true
''];
};
systemd.services."touch-tmp@intercept" = {
serviceConfig.ExecStart = [ "" ''
${pkgs.coreutils}/bin/touch /tmp/renamed
''];
};
};
testScript = ''
machine.wait_for_unit("default.target")
machine.succeed("systemctl start touch-tmp@normal")
machine.succeed("systemctl start touch-tmp@forbbidden")
machine.succeed("systemctl start touch-tmp@intercept")
machine.succeed("[ -e /tmp/normal ]")
machine.succeed("[ ! -e /tmp/forbidden ]")
machine.succeed("[ -e /tmp/renamed ]")
'';
}

View File

@ -5,11 +5,11 @@
mkDerivation rec { mkDerivation rec {
pname = "samplv1"; pname = "samplv1";
version = "0.9.18"; version = "0.9.20";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/samplv1/${pname}-${version}.tar.gz"; url = "mirror://sourceforge/samplv1/${pname}-${version}.tar.gz";
sha256 = "ePhM9OTLJp1Wa2D9Y1Dqq/69WlEhEp3ih9yNUIJU5Y4="; sha256 = "sha256-9tm72lV9i/155TVweNwO2jpPsCJkh6r82g7Z1wCI1ho=";
}; };
nativeBuildInputs = [ qttools pkg-config ]; nativeBuildInputs = [ qttools pkg-config ];

View File

@ -31,15 +31,15 @@
} }
}, },
"dev": { "dev": {
"version": "91.0.4442.4", "version": "91.0.4449.6",
"sha256": "0cmm2pimkghb6s956bkqf2k77lj69dz51nlydgkqbvw0sc8n784k", "sha256": "1y6z7p64fi4dxyrxrnlmg0wwczgw58cinrsywhnrpl2wp2y3v6m3",
"sha256bin64": "1hbfx8n51p7dwwz1vbp94jdmlb96vvxrbql2af4kmvx1bmzr2ism", "sha256bin64": "1baxra0hg981awinyyvm1x46rlskjmhs2m1h0zf72l11y1jyj5vc",
"deps": { "deps": {
"gn": { "gn": {
"version": "2021-02-09", "version": "2021-03-12",
"url": "https://gn.googlesource.com/gn", "url": "https://gn.googlesource.com/gn",
"rev": "dfcbc6fed0a8352696f92d67ccad54048ad182b3", "rev": "64b3b9401c1c3ed5f3c43c1cac00b91f83597ab8",
"sha256": "1941bzg37c4dpsk3sh6ga3696gpq6vjzpcw9rsnf6kdr9mcgdxvn" "sha256": "14whk4gyx21cqxy1560xm8p1mc1581dh9g7xy120g8vvcylknjlm"
} }
} }
}, },

View File

@ -2,12 +2,12 @@
let let
pname = "deltachat-electron"; pname = "deltachat-electron";
version = "1.15.2"; version = "1.15.3";
name = "${pname}-${version}"; name = "${pname}-${version}";
src = fetchurl { src = fetchurl {
url = "https://download.delta.chat/desktop/v${version}/DeltaChat-${version}.AppImage"; url = "https://download.delta.chat/desktop/v${version}/DeltaChat-${version}.AppImage";
sha256 = "sha256-iw2tU8qqXWbtEdLGlW8HNBHx8F2CgnCGCBUWpM407us="; sha256 = "sha256-cYb0uruuWpNr1jF5WZ48quBZRIVXiHr99mLPLKMOX5M=";
}; };
appimageContents = appimageTools.extract { inherit name src; }; appimageContents = appimageTools.extract { inherit name src; };

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "pidgin-carbons"; pname = "pidgin-carbons";
version = "0.2.2"; version = "0.2.3";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "gkdr"; owner = "gkdr";
repo = "carbons"; repo = "carbons";
rev = "v${version}"; rev = "v${version}";
sha256 = "1aq9bwgpmbwrigq6ywf0pjkngqcm0qxncygaj1fi57npjhcjs6ln"; sha256 = "sha256-qiyIvmJbRmCrAi/93UxDVtO76nSdtzUVfT/sZGxxAh8=";
}; };
makeFlags = [ "PURPLE_PLUGIN_DIR=$(out)/lib/pidgin" ]; makeFlags = [ "PURPLE_PLUGIN_DIR=$(out)/lib/pidgin" ];

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "gtkwave"; pname = "gtkwave";
version = "3.3.107"; version = "3.3.108";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/gtkwave/${pname}-gtk3-${version}.tar.gz"; url = "mirror://sourceforge/gtkwave/${pname}-gtk3-${version}.tar.gz";
sha256 = "0ma30jyc94iid3v3m8aw4i2lyiqfxkpsdvdmmaibynk400cbzivl"; sha256 = "sha256-LtlexZKih+Si/pH3oQpWdpzfZ6j+41Otgfx7nLMfFSQ=";
}; };
nativeBuildInputs = [ pkg-config wrapGAppsHook ]; nativeBuildInputs = [ pkg-config wrapGAppsHook ];

View File

@ -5,10 +5,10 @@
mkDerivation rec { mkDerivation rec {
pname = "clipgrab"; pname = "clipgrab";
version = "3.9.5"; version = "3.9.6";
src = fetchurl { src = fetchurl {
sha256 = "1p8pqa5s70basdm2zpmahc54shsxrr0fr7chvv425n5a9sqba4dh"; sha256 = "sha256-1rQu2Gh9PKSbC0tuQxLwFhzy280z4obpa+eXvDBzDW0=";
# The .tar.bz2 "Download" link is a binary blob, the source is the .tar.gz! # The .tar.bz2 "Download" link is a binary blob, the source is the .tar.gz!
url = "https://download.clipgrab.org/${pname}-${version}.tar.gz"; url = "https://download.clipgrab.org/${pname}-${version}.tar.gz";
}; };

View File

@ -4,13 +4,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "cutelyst"; pname = "cutelyst";
version = "2.14.0"; version = "2.14.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "cutelyst"; owner = "cutelyst";
repo = "cutelyst"; repo = "cutelyst";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-RidUZqDnzRrgW/7LVF+BF01zNcf1cJ/kS7OF/t1Q65c="; sha256 = "sha256-JUffOeUTeaZvEssP5hfSGipeRuQ7FzLF4bOizCFhe5o=";
}; };
nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ]; nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ];

View File

@ -1,25 +1,38 @@
{ stdenv, lib, fetchurl, extra-cmake-modules { stdenv, lib, fetchurl, fetchpatch, extra-cmake-modules
, qtbase, kio , qca-qt5, kauth, kio, polkit-qt, qtbase
, libatasmart, parted , util-linux
, util-linux }: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "kpmcore"; pname = "kpmcore";
version = "3.3.0"; # NOTE: When changing this version, also change the version of `partition-manager`.
version = "4.2.0";
src = fetchurl { src = fetchurl {
url = "mirror://kde/stable/${pname}/${version}/src/${pname}-${version}.tar.xz"; url = "mirror://kde/stable/${pname}/${version}/src/${pname}-${version}.tar.xz";
sha256 = "0s6v0jfrhjg31ri5p6h9n4w29jvasf5dj954j3vfpzl91lygmmmq"; hash = "sha256-MvW0CqvFZtzcJlya6DIpzorPbKJai6fxt7nKsKpJn54=";
}; };
patches = [
# Fix build with `kcoreaddons` >= 5.77.0
(fetchpatch {
url = "https://github.com/KDE/kpmcore/commit/07e5a3ac2858e6d38cc698e0f740e7a693e9f302.patch";
sha256 = "sha256-LYzea888euo2HXM+acWaylSw28iwzOdZBvPBt/gjP1s=";
})
# Fix crash when `fstab` omits mount options.
(fetchpatch {
url = "https://github.com/KDE/kpmcore/commit/eea84fb60525803a789e55bb168afb968464c130.patch";
sha256 = "sha256-NJ3PvyRC6SKNSOlhJPrDDjepuw7IlAoufPgvml3fap0=";
})
];
buildInputs = [ buildInputs = [
qtbase qca-qt5
libatasmart kauth
parted # we only need the library
kio kio
polkit-qt
util-linux # needs blkid (note that this is not provided by util-linux-compat) util-linux # Needs blkid in configure script (note that this is not provided by util-linux-compat)
]; ];
nativeBuildInputs = [ extra-cmake-modules ]; nativeBuildInputs = [ extra-cmake-modules ];
@ -27,8 +40,11 @@ stdenv.mkDerivation rec {
dontWrapQtApps = true; dontWrapQtApps = true;
meta = with lib; { meta = with lib; {
maintainers = with lib.maintainers; [ peterhoeg ]; description = "KDE Partition Manager core library";
homepage = "https://invent.kde.org/system/kpmcore";
license = with licenses; [ cc-by-40 cc0 gpl3Plus mit ];
maintainers = with maintainers; [ peterhoeg oxalica ];
# The build requires at least Qt 5.14: # The build requires at least Qt 5.14:
broken = lib.versionOlder qtbase.version "5.14"; broken = versionOlder qtbase.version "5.14";
}; };
} }

View File

@ -2,7 +2,7 @@
buildDunePackage rec { buildDunePackage rec {
pname = "bitstring"; pname = "bitstring";
version = "4.0.1"; version = "4.1.0";
useDune2 = true; useDune2 = true;
@ -10,7 +10,7 @@ buildDunePackage rec {
owner = "xguerin"; owner = "xguerin";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "1z7jmgljvp52lvn3ml2cp6gssxqp4sikwyjf6ym97cycbcw0fjjm"; sha256 = "0mghsl8b2zd2676mh1r9142hymhvzy9cw8kgkjmirxkn56wbf56b";
}; };
propagatedBuildInputs = [ stdlib-shims ]; propagatedBuildInputs = [ stdlib-shims ];

View File

@ -3,6 +3,10 @@
, ounit , ounit
}: }:
if !lib.versionAtLeast ppxlib.version "0.18.0"
then throw "ppx_bitstring is not available with ppxlib-${ppxlib.version}"
else
buildDunePackage rec { buildDunePackage rec {
pname = "ppx_bitstring"; pname = "ppx_bitstring";
inherit (bitstring) version useDune2 src; inherit (bitstring) version useDune2 src;

View File

@ -1,27 +1,28 @@
{ lib, fetchurl, buildDunePackage, ocaml { lib, fetchurl, buildDunePackage
, ounit, ppx_deriving, ppx_tools_versioned , ppx_tools_versioned
, ppxlib, ocaml-migrate-parsetree , ocaml-migrate-parsetree
, ounit, ppx_deriving, ppxlib
}: }:
buildDunePackage rec { buildDunePackage rec {
pname = "ppx_import"; pname = "ppx_import";
version = "1.7.1"; version = "1.8.0";
useDune2 = true; useDune2 = true;
minimumOCamlVersion = "4.04"; minimumOCamlVersion = "4.04";
src = fetchurl { src = fetchurl {
url = "https://github.com/ocaml-ppx/ppx_import/releases/download/v${version}/ppx_import-v${version}.tbz"; url = "https://github.com/ocaml-ppx/ppx_import/releases/download/v${version}/ppx_import-${version}.tbz";
sha256 = "16dyxfb7syz659rqa7yq36ny5vzl7gkqd7f4m6qm2zkjc1gc8j4v"; sha256 = "0zqcj70yyp4ik4jc6jz3qs2xhb94vxc6yq9ij0d5cyak28klc3gv";
}; };
propagatedBuildInputs = [ propagatedBuildInputs = [
ppxlib ppx_tools_versioned ocaml-migrate-parsetree ppx_tools_versioned ocaml-migrate-parsetree
]; ];
doCheck = true; doCheck = true;
checkInputs = [ ounit ppx_deriving ]; checkInputs = [ ounit ppx_deriving ppxlib ];
meta = { meta = {
description = "A syntax extension that allows to pull in types or signatures from other compiled interface files"; description = "A syntax extension that allows to pull in types or signatures from other compiled interface files";

View File

@ -9,11 +9,11 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "databricks-cli"; pname = "databricks-cli";
version = "0.14.2"; version = "0.14.3";
src = fetchPypi { src = fetchPypi {
inherit pname version; inherit pname version;
sha256 = "9e956f0efb7aad100d9963f223db986392cf2dc3e9922f2f83e55d372e84ef16"; sha256 = "bdf89a3917a3f8f8b99163e38d40e66dc478c7408954747f145cd09816b05e2c";
}; };
checkInputs = [ checkInputs = [

View File

@ -7,11 +7,11 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "gradient"; pname = "gradient";
version = "1.4.2"; version = "1.4.3";
src = fetchPypi { src = fetchPypi {
inherit pname version; inherit pname version;
sha256 = "2ed10db306d4c8632b7d04d71d44a04331a6e80e5ebab7296a98e67e8a50fb71"; sha256 = "a8fa91669c97440049132119019e90d0a9cf09e96352cf43c7c6ca244894bd4e";
}; };
postPatch = '' postPatch = ''

View File

@ -10,11 +10,11 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "jenkins-job-builder"; pname = "jenkins-job-builder";
version = "3.8.0"; version = "3.9.0";
src = fetchPypi { src = fetchPypi {
inherit pname version; inherit pname version;
sha256 = "sha256-uRyeRP1y3GS7tXb0kHLBi7+trJRme/Ke3xgOY+LqZ6k="; sha256 = "4a53e146843d567c375c2e61e70a840d75a412402fd78c1dd3da5642a6aaa375";
}; };
postPatch = '' postPatch = ''

View File

@ -2,7 +2,7 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "cproto"; pname = "cproto";
version = "4.7q"; version = "4.7r";
src = fetchurl { src = fetchurl {
urls = [ urls = [
@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
# No version listings and apparently no versioned tarball over http(s). # No version listings and apparently no versioned tarball over http(s).
"ftp://ftp.invisible-island.net/cproto/cproto-${version}.tgz" "ftp://ftp.invisible-island.net/cproto/cproto-${version}.tgz"
]; ];
sha256 = "138n5j6lkanbbdcs63irzxny4nfgp0zk66z621xjbnybf920svpk"; sha256 = "sha256-bgRg2yVZXHobUz8AUaV4ZKBkp2KjP+2oXbDXmPTUX8U=";
}; };
# patch made by Joe Khoobyar copied from gentoo bugs # patch made by Joe Khoobyar copied from gentoo bugs

View File

@ -1,14 +1,14 @@
{ stdenv, lib, fetchFromGitLab, ncurses, pkg-config, nix-update-script }: { stdenv, lib, fetchFromGitLab, ncurses, pkg-config, nix-update-script }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "1.0.1"; version = "1.0.4";
pname = "cbonsai"; pname = "cbonsai";
src = fetchFromGitLab { src = fetchFromGitLab {
owner = "jallbrit"; owner = "jallbrit";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-UTjbc0kGHOQse4sZF94p4LAwMk9vsZg1QHq8iuDcTDk="; sha256 = "sha256-5yyvisExf4Minyr1ApJQ2SoctfjhdU6kEbgBGgHDtCg=";
}; };
nativeBuildInputs = [ pkg-config ]; nativeBuildInputs = [ pkg-config ];

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "pax-utils"; pname = "pax-utils";
version = "1.2.6"; version = "1.2.8";
src = fetchurl { src = fetchurl {
url = "http://distfiles.gentoo.org/distfiles/${pname}-${version}.tar.xz"; url = "http://distfiles.gentoo.org/distfiles/${pname}-${version}.tar.xz";
sha256 = "08bzvgv1z3371sqf7zlm9i0b1y3wdymj2dqdvzvf192k3nix4hlp"; sha256 = "sha256-urTIhG4dLMNmnPqSMdIdszWEHX1Y+eGc0Jn+bOYmsVc=";
}; };
makeFlags = [ "PREFIX=$(out)" ]; makeFlags = [ "PREFIX=$(out)" ];

View File

@ -2,7 +2,7 @@
buildGoModule rec { buildGoModule rec {
pname = "matterbridge"; pname = "matterbridge";
version = "1.21.0"; version = "1.22.0";
vendorSha256 = null; vendorSha256 = null;
@ -10,7 +10,7 @@ buildGoModule rec {
src = fetchurl { src = fetchurl {
url = "https://github.com/42wim/matterbridge/archive/v${version}.tar.gz"; url = "https://github.com/42wim/matterbridge/archive/v${version}.tar.gz";
sha256 = "sha256-ehn6KdPpDpfdyWCVfLuZLq2dDmZXc6InlnovqNsdG6Y="; sha256 = "sha256-jwatqxQh4t4tgNiOEjS9vxIM+9XtnH8QNch887+xDnI=";
}; };
meta = with lib; { meta = with lib; {

View File

@ -1,7 +1,7 @@
{ lib, stdenv, fetchurl, fetchFromGitHub, buildGoPackage, buildEnv }: { lib, stdenv, fetchurl, fetchFromGitHub, buildGoPackage, buildEnv }:
let let
version = "5.25.3"; version = "5.32.1";
mattermost-server = buildGoPackage rec { mattermost-server = buildGoPackage rec {
pname = "mattermost-server"; pname = "mattermost-server";
@ -11,7 +11,7 @@ let
owner = "mattermost"; owner = "mattermost";
repo = "mattermost-server"; repo = "mattermost-server";
rev = "v${version}"; rev = "v${version}";
sha256 = "03xcwlbb9ff5whsdn2m3kqskxpwpfciikjjndbhksc8k8963z07j"; sha256 = "BssrTfkIxUbXYXIfz9i+5b4rEYSzBim+/riK78m8Bxo=";
}; };
goPackagePath = "github.com/mattermost/mattermost-server"; goPackagePath = "github.com/mattermost/mattermost-server";
@ -29,7 +29,7 @@ let
src = fetchurl { src = fetchurl {
url = "https://releases.mattermost.com/${version}/mattermost-${version}-linux-amd64.tar.gz"; url = "https://releases.mattermost.com/${version}/mattermost-${version}-linux-amd64.tar.gz";
sha256 = "1p1qxzrd6rj1i43vj18ysknrw2v02s7llx94nrdd5lk10ayzmg63"; sha256 = "kRerl3fYRTrotj86AIFSor3GpjhABkCmego1ms9HmkQ=";
}; };
installPhase = '' installPhase = ''

View File

@ -2,7 +2,7 @@
buildGoModule rec { buildGoModule rec {
pname = "grafana"; pname = "grafana";
version = "7.4.3"; version = "7.4.5";
excludedPackages = [ "release_publisher" ]; excludedPackages = [ "release_publisher" ];
@ -10,15 +10,15 @@ buildGoModule rec {
rev = "v${version}"; rev = "v${version}";
owner = "grafana"; owner = "grafana";
repo = "grafana"; repo = "grafana";
sha256 = "sha256-FPQa6q1ks9Lpod5sI29YBnGZvVRU12hTiw6GR85/mEs="; sha256 = "10pnwd4d19ry7w2x46acc3j8gjn73b45fzc579gz1hc8hx2b3s0s";
}; };
srcStatic = fetchurl { srcStatic = fetchurl {
url = "https://dl.grafana.com/oss/release/grafana-${version}.linux-amd64.tar.gz"; url = "https://dl.grafana.com/oss/release/grafana-${version}.linux-amd64.tar.gz";
sha256 = "sha256-idbG+K9NVnNhEB0f7DfP7iaEnHMf59ieQtYnmT6CvVM="; sha256 = "1x9jx3ww37cn6r6cn6gqlavmllxydks23vm8w4934bv8zppj1zwz";
}; };
vendorSha256 = "sha256-LL+EkDZbbaNo/fPMGlPsB8jgBYHoe6SdkBbQoW5y4EU="; vendorSha256 = "0ig0f9pa3l0nj2fs8yz8h42y1j07xi9imk7kzmla6vav6s889grc";
postPatch = '' postPatch = ''
substituteInPlace pkg/cmd/grafana-server/main.go \ substituteInPlace pkg/cmd/grafana-server/main.go \

View File

@ -1,6 +1,7 @@
{ lib, stdenv { lib, stdenv
, go , go
, fetchurl , fetchurl
, redo-apenwarr
, curl , curl
, perl , perl
, genericUpdater , genericUpdater
@ -9,24 +10,33 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "nncp"; pname = "nncp";
version = "5.3.3"; version = "6.2.0";
src = fetchurl { src = fetchurl {
url = "http://www.nncpgo.org/download/${pname}-${version}.tar.xz"; url = "http://www.nncpgo.org/download/${pname}-${version}.tar.xz";
sha256 = "1l35ndzrvpfim29jn1p0bwmc8w892z44nsrdnay28k229r9dhz3h"; sha256 = "1zj0v82zqigcxhpc50mvafvi1ihs92ck35vjfrwb7wzzd7nysb17";
}; };
nativeBuildInputs = [ go ]; nativeBuildInputs = [ go redo-apenwarr ];
preConfigure = '' buildPhase = ''
runHook preBuild
export GOCACHE=$PWD/.cache export GOCACHE=$PWD/.cache
export CFGPATH=/etc/nncp.hjson
export SENDMAIL=sendmail # default value for generated config file
redo ''${enableParallelBuilding:+-j''${NIX_BUILD_CORES}}
runHook postBuild
''; '';
makeFlags = [ installPhase = ''
"PREFIX=${placeholder "out"}" runHook preInstall
"CFGPATH=/etc/nncp.hjson" export PREFIX=$out
"SENDMAIL=/run/wrappers/bin/sendmail" rm -f INSTALL # work around case insensitivity
]; redo install
runHook postInstall
'';
enableParallelBuilding = true;
passthru.updateScript = genericUpdater { passthru.updateScript = genericUpdater {
inherit pname version; inherit pname version;
@ -54,7 +64,7 @@ stdenv.mkDerivation rec {
transmission exists. transmission exists.
''; '';
homepage = "http://www.nncpgo.org/"; homepage = "http://www.nncpgo.org/";
license = licenses.gpl3; license = licenses.gpl3Only;
platforms = platforms.all; platforms = platforms.all;
maintainers = [ maintainers.woffs ]; maintainers = [ maintainers.woffs ];
}; };

View File

@ -1,30 +1,66 @@
{ mkDerivation, fetchurl, lib { mkDerivation, fetchurl, lib, makeWrapper
, extra-cmake-modules, kdoctools, wrapGAppsHook, wrapQtAppsHook , extra-cmake-modules, kdoctools, wrapGAppsHook, wrapQtAppsHook
, kconfig, kcrash, kinit, kpmcore , kconfig, kcrash, kinit, kpmcore
, eject, libatasmart , util-linux, qtbase , cryptsetup, lvm2, mdadm, smartmontools, systemdMinimal, util-linux
, btrfs-progs, dosfstools, e2fsprogs, exfat, f2fs-tools, fatresize, hfsprogs
, jfsutils, nilfs-utils, ntfs3g, reiser4progs, reiserfsprogs, udftools, xfsprogs, zfs
}: }:
let let
pname = "partitionmanager"; # External programs are resolved by `partition-manager` and then
# invoked by `kpmcore_externalcommand` from `kpmcore` as root.
# So these packages should be in PATH of `partition-manager`.
# https://github.com/KDE/kpmcore/blob/06f15334ecfbe871730a90dbe2b694ba060ee998/src/util/externalcommand_whitelist.h
runtimeDeps = lib.makeBinPath [
cryptsetup
lvm2
mdadm
smartmontools
systemdMinimal
util-linux
btrfs-progs
dosfstools
e2fsprogs
exfat
f2fs-tools
fatresize
hfsprogs
jfsutils
nilfs-utils
ntfs3g
reiser4progs
reiserfsprogs
udftools
xfsprogs
zfs
# FIXME: Missing command: tune.exfat hfsck hformat fsck.nilfs2 {fsck,mkfs,debugfs,tunefs}.ocfs2
];
in mkDerivation rec { in mkDerivation rec {
name = "${pname}-${version}"; pname = "partitionmanager";
version = "3.3.1"; # NOTE: When changing this version, also change the version of `kpmcore`.
version = "4.2.0";
src = fetchurl { src = fetchurl {
url = "mirror://kde/stable/${pname}/${version}/src/${name}.tar.xz"; url = "mirror://kde/stable/${pname}/${version}/src/${pname}-${version}.tar.xz";
sha256 = "0jhggb4xksb0k0mj752n6pz0xmccnbzlp984xydqbz3hkigra1si"; hash = "sha256-6Qlt1c47Eek6TkWWBzTyBZYJ1jfhtwsC9X5q5h6IhPg=";
}; };
nativeBuildInputs = [ extra-cmake-modules kdoctools wrapGAppsHook wrapQtAppsHook ]; nativeBuildInputs = [ extra-cmake-modules kdoctools wrapGAppsHook wrapQtAppsHook makeWrapper ];
# refer to kpmcore for the use of eject
buildInputs = [ eject libatasmart util-linux ];
propagatedBuildInputs = [ kconfig kcrash kinit kpmcore ]; propagatedBuildInputs = [ kconfig kcrash kinit kpmcore ];
postFixup = ''
wrapProgram $out/bin/partitionmanager \
--prefix PATH : "${runtimeDeps}"
'';
meta = with lib; { meta = with lib; {
description = "KDE Partition Manager"; description = "KDE Partition Manager";
license = licenses.gpl2; license = with licenses; [ cc-by-40 cc0 gpl3Plus lgpl3Plus mit ];
homepage = "https://www.kde.org/applications/system/kdepartitionmanager/"; homepage = "https://www.kde.org/applications/system/kdepartitionmanager/";
maintainers = with maintainers; [ peterhoeg ]; maintainers = with maintainers; [ peterhoeg oxalica ];
}; };
} }

View File

@ -929,7 +929,9 @@ let
ppx_bap = callPackage ../development/ocaml-modules/ppx_bap { }; ppx_bap = callPackage ../development/ocaml-modules/ppx_bap { };
ppx_bitstring = callPackage ../development/ocaml-modules/bitstring/ppx.nix { }; ppx_bitstring = callPackage ../development/ocaml-modules/bitstring/ppx.nix {
ppxlib = ppxlib.override { version = "0.22.0"; };
};
ppxfind = callPackage ../development/ocaml-modules/ppxfind { }; ppxfind = callPackage ../development/ocaml-modules/ppxfind { };