git-crypt won't work if git and git-crypt are not in PATH. This surfaced
after dbb8958. Test like this:
```
PATH= $(nix-build --no-out-link '<nixpkgs>' --attr git-crypt)/bin/git-crypt unlock
```
The biggest benefit is that we no longer have to update the registry
package. This means that just about any cargo package can be built by
nix. No longer does `cargo update` need to be feared because it will
update to packages newer then what is available in nixpkgs.
Instead of fetching the cargo registry this bundles all the source code
into a "vendor/" folder.
This also uses the new --frozen and --locked flags which is nice.
Currently cargo-vendor only provides binaries for Linux and
macOS 64-bit. This can be solved by building it for the other
architectures and uploading it somewhere (like the NixOS cache).
This also has the downside that it requires a change to everyone's deps
hash. And if the old one is used because it was cached it will fail to
build as it will attempt to use the old version. For this reason the
attribute has been renamed to `cargoSha256`.
Authors:
* Kevin Cox <kevincox@kevincox.ca>
* Jörg Thalheim <Mic92@users.noreply.github.com>
* zimbatm <zimbatm@zimbatm.com>
This requires some small changes in the stdenv, then working around the
weird choice LLVM made to hardcode @rpath in its install name, and then
lets us remove a ton of annoying workaround hacks in many of our Go
packages. With any luck this will mean less hackery going forward.
* master: (81 commits)
Add NixOS 17.09 AMIs
gradle: 4.2 -> 4.2.1
maintainers.nix: use my GitHub handle as maintainer name
fcitx-engines.rime: init at 0.3.2
brise: init at 2017-09-16
librime: init at 1.2.9
marisa: init at 0.2.4
opencc: build shared library and programs
josm: 12712 -> 12914
exa: 0.7.0 -> 0.8.0
krb5: add deprecation date for old configuration
rustRegistry: 2017-09-10 -> 2017-10-03
go-ethereum: Fix libusb segmentation faults on Darwin
tor-browser-bundle-bin: 7.0.5 -> 7.0.6
libsodium: 1.0.13 -> 1.0.15
tor-browser-bundle: geoip support
tor-browser-bundle: support transports obfs2,obfs3
tor-browser-bundle: bump https-everywhere to 2017.9.12
tint2: limit platforms to Linux since macOS is not supported and fails the tests
eclipse-plugin-vrapper: init at 0.72.0
...
Some Git commands are implemented as Perl scripts. Some of these
scripts use Perl modules from CPAN. Without wrapping these programs to
set `GITPERLLIB`, these programs would not be fully functional because
some Perl libraries are found to be missing at runtime.
Fixes#29996
This was a problem when run inside a sandbox, e.g. via
"fetchRepoProject". The error message from repo seems unrelated:
fatal: Cannot get https://gerrit.googlesource.com/git-repo/clone.bundle
fatal: error no host given
But the exception is actually thrown due to missing certificates
(/etc/ssl/certs). It should be possible to provide another location via
environment variables (e.g. SSL_CERT_FILE, REQUESTS_CA_BUNDLE or
CURL_CA_BUNDLE) but apparently that doesn't actually work for some
reason (would have to study our Python packaging).
Now "fetchRepoProject" works without the "--no-clone-bundle" option.
The newer DEB packages have a setuid file, creating an error when
unpacking the source during the build phase.
As dpkg doesn't have a way to pass parameters to tar, dpkg is then
told to just extract the filesystem tar file and that is unpacked by
tar directly.
Fixes#28494
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances
Several git commands are implemented as shell scripts that run awk, sed, grep
and perl. There is some existing patching in the postinstall for perl to rewrite
it to an absolute reference to pkgs.perl, but several other packages are both
missing as a dependency and have no rewrite logic.
In particular git filter-branch depends on sed and grep.
Additionally, the perl logic also seds git-am, which is now a binary not a shell
script anymore (see <github.com/git/git/blob/master/builtin/am.c>), so this part
was obsolete.
I tested this by grepping all shell scripts for the relevant commands and then
comparing the diffs of the new version to what is produced in master. All
changes in the scripts seem good to me.