https://hydra.nixos.org/build/108321871https://hydra.nixos.org/build/108556036
Things done:
* SSE2 isn't available for the aarch64-target of GCC (the package builds
on aarch64 without those flags and works fine as well).
* Added missing darwin libraries.
* Applied a darwin-specific patch which disables i386 as target platform
(breaks at least on MacOS catalina otherwise).
Idea shamelessly stolen from 4e60b0efae.
I realized that I don't really know anymore where I'm listed as maintainer and what
I'm actually (co)-maintaining which means that I can't proactively take
care of packages I officially maintain.
As I don't have the time, energy and motivation to take care of stuff I
was interested in 1 or 2 years ago (or packaged for someone else in the
past), I decided that I make this explicit by removing myself from several
packages and adding myself in some other stuff I'm now interested in.
I've seen it several times now that people remove themselves from a
package without removing the package if it's unmaintained after that
which is why I figured that it's fine in my case as the affected pkgs
are rather low-prio and were pretty easy to maintain.
I removed the "propagatedbuildInputs" line because it's misspelled, and
so will never have worked. Nobody seems to have complained, so
presumably wasn't necessary.
The default pager for `bat` is `less -RF --no-init`. Overriding this to
`less -RF` in order to enable alternate screen behavior (e.g. page
up/down keys) causes the `-F` flag to behave badly in the version of
`less` shipped on macOS. The simplest way to fix this is to simply put
Nix's `less` into the `PATH` so it takes precedence.
Fails to build on Darwin:
clang++ -shared -s highlight_wrap.o -L../../src/ -lhighlight -L/nix/store/bi85dm5dqzjfm0i9qj3ijjj9w9xayy8w-lua-5.2.4/lib -llua -lm -o highlight.so
ld: warning: option -s is obsolete and being ignored
Undefined symbols for architecture x86_64:
"_PL_markstack_max", referenced from:
__wrap_DataDir_getLangPath in highlight_wrap.o
__wrap_DataDir_getThemePath in highlight_wrap.o
__wrap_DataDir_getFiletypesConfPath in highlight_wrap.o
__wrap_DataDir_getPluginPath in highlight_wrap.o
__wrap_DataDir_guessFileType in highlight_wrap.o
__wrap_SyntaxReader_initLuaState in highlight_wrap.o
__wrap_new_RegexElement in highlight_wrap.o
...
"_PL_markstack_ptr", referenced from:
__wrap_DataDir_assocByExtension_set in highlight_wrap.o
__wrap_DataDir_assocByExtension_get in highlight_wrap.o
__wrap_DataDir_assocByFilename_set in highlight_wrap.o
__wrap_DataDir_assocByFilename_get in highlight_wrap.o
__wrap_DataDir_assocByShebang_set in highlight_wrap.o
__wrap_DataDir_assocByShebang_get in highlight_wrap.o
__wrap_DataDir_initSearchDirectories in highlight_wrap.o
...
"_PL_stack_base", referenced from:
__wrap_DataDir_assocByExtension_set in highlight_wrap.o
__wrap_DataDir_assocByExtension_get in highlight_wrap.o
__wrap_DataDir_assocByFilename_set in highlight_wrap.o
__wrap_DataDir_assocByFilename_get in highlight_wrap.o
__wrap_DataDir_assocByShebang_set in highlight_wrap.o
__wrap_DataDir_assocByShebang_get in highlight_wrap.o
__wrap_DataDir_initSearchDirectories in highlight_wrap.o
...
"_PL_stack_sp", referenced from:
__wrap_DataDir_assocByExtension_set in highlight_wrap.o
__wrap_DataDir_assocByExtension_get in highlight_wrap.o
__wrap_DataDir_assocByFilename_set in highlight_wrap.o
__wrap_DataDir_assocByFilename_get in highlight_wrap.o
__wrap_DataDir_assocByShebang_set in highlight_wrap.o
__wrap_DataDir_assocByShebang_get in highlight_wrap.o
__wrap_DataDir_initSearchDirectories in highlight_wrap.o
...
"_PL_sv_immortals", referenced from:
__wrap_DataDir_getLangPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_1 in highlight_wrap.o
__wrap_DataDir_getSystemDataPath in highlight_wrap.o
__wrap_DataDir_getPluginPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_1 in highlight_wrap.o
SWIG_AsVal_bool(sv*, bool*) in highlight_wrap.o
...
"_Perl_croak", referenced from:
SWIG_croak_null() in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_1 in highlight_wrap.o
__wrap_DataDir_getLangPath in highlight_wrap.o
__wrap_DataDir_getSystemDataPath in highlight_wrap.o
__wrap_DataDir_getPluginPath__SWIG_0 in highlight_wrap.o
...
"_Perl_get_sv", referenced from:
__wrap_DataDir_assocByExtension_set in highlight_wrap.o
SWIG_croak_null() in highlight_wrap.o
__wrap_DataDir_assocByExtension_get in highlight_wrap.o
__wrap_DataDir_assocByFilename_set in highlight_wrap.o
__wrap_DataDir_assocByFilename_get in highlight_wrap.o
__wrap_DataDir_assocByShebang_set in highlight_wrap.o
__wrap_DataDir_assocByShebang_get in highlight_wrap.o
...
"_Perl_gv_add_by_type", referenced from:
SWIG_Perl_ConvertPtr(sv*, void**, swig_type_info*, int) in highlight_wrap.o
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_gv_init_pvn", referenced from:
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_hv_common", referenced from:
SWIG_Perl_ConvertPtr(sv*, void**, swig_type_info*, int) in highlight_wrap.o
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_hv_common_key_len", referenced from:
SWIG_Perl_ConvertPtr(sv*, void**, swig_type_info*, int) in highlight_wrap.o
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_markstack_grow", referenced from:
__wrap_DataDir_getLangPath in highlight_wrap.o
__wrap_DataDir_getThemePath in highlight_wrap.o
__wrap_DataDir_getFiletypesConfPath in highlight_wrap.o
__wrap_DataDir_getPluginPath in highlight_wrap.o
__wrap_DataDir_guessFileType in highlight_wrap.o
__wrap_SyntaxReader_initLuaState in highlight_wrap.o
__wrap_new_RegexElement in highlight_wrap.o
...
"_Perl_mg_find", referenced from:
SWIG_Perl_ConvertPtr(sv*, void**, swig_type_info*, int) in highlight_wrap.o
_boot_highlight in highlight_wrap.o
"_Perl_mg_get", referenced from:
SWIG_Perl_ConvertPtr(sv*, void**, swig_type_info*, int) in highlight_wrap.o
SWIG_AsVal_bool(sv*, bool*) in highlight_wrap.o
"_Perl_newRV_noinc", referenced from:
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_newSV", referenced from:
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_newSV_type", referenced from:
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_newSViv", referenced from:
__wrap_SyntaxReader_load in highlight_wrap.o
__wrap_SyntaxReader_getKeywordListGroup in highlight_wrap.o
__wrap_SyntaxReader_getPersistentSnippetsNum in highlight_wrap.o
__wrap_SyntaxReader_getOpenDelimiterID in highlight_wrap.o
__wrap_RegexElement_open_get in highlight_wrap.o
__wrap_RegexElement_end_get in highlight_wrap.o
__wrap_RegexElement_capturingGroup_get in highlight_wrap.o
...
"_Perl_newSVuv", referenced from:
__wrap_SyntaxReader_getRawStringPrefix in highlight_wrap.o
__wrap_SyntaxReader_getContinuationChar in highlight_wrap.o
__wrap_RegexElement_kwClass_get in highlight_wrap.o
__wrap_RegexElement_priority_get in highlight_wrap.o
__wrap_RegexElement_constraintLineNum_get in highlight_wrap.o
__wrap_ReGroup_length_get in highlight_wrap.o
__wrap_ReGroup_kwClass_get in highlight_wrap.o
...
"_Perl_newXS", referenced from:
_boot_highlight in highlight_wrap.o
"_Perl_sv_2bool_flags", referenced from:
SWIG_AsVal_bool(sv*, bool*) in highlight_wrap.o
"_Perl_sv_2iv_flags", referenced from:
SWIG_Perl_ConvertPtr(sv*, void**, swig_type_info*, int) in highlight_wrap.o
SWIG_AsVal_unsigned_SS_int(sv*, unsigned int*) in highlight_wrap.o
_boot_highlight in highlight_wrap.o
SWIG_AsVal_long(sv*, long*) in highlight_wrap.o
SWIG_AsVal_double(sv*, double*) in highlight_wrap.o
"_Perl_sv_2mortal", referenced from:
__wrap_SyntaxReader_load in highlight_wrap.o
__wrap_SyntaxReader_getRawStringPrefix in highlight_wrap.o
__wrap_SyntaxReader_getContinuationChar in highlight_wrap.o
__wrap_SyntaxReader_getKeywordListGroup in highlight_wrap.o
__wrap_SyntaxReader_getPersistentSnippetsNum in highlight_wrap.o
__wrap_SyntaxReader_getOpenDelimiterID in highlight_wrap.o
__wrap_RegexElement_open_get in highlight_wrap.o
...
"_Perl_sv_2nv_flags", referenced from:
SWIG_AsVal_double(sv*, double*) in highlight_wrap.o
"_Perl_sv_2pv_flags", referenced from:
SWIG_croak_null() in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_1 in highlight_wrap.o
__wrap_DataDir_getSystemDataPath in highlight_wrap.o
__wrap_DataDir_getPluginPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_1 in highlight_wrap.o
...
"_Perl_sv_2uv_flags", referenced from:
SWIG_AsVal_unsigned_SS_int(sv*, unsigned int*) in highlight_wrap.o
SWIG_AsVal_long(sv*, long*) in highlight_wrap.o
"_Perl_sv_bless", referenced from:
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_sv_free2", referenced from:
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_sv_isobject", referenced from:
SWIG_Perl_ConvertPtr(sv*, void**, swig_type_info*, int) in highlight_wrap.o
SWIG_croak_null() in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_1 in highlight_wrap.o
__wrap_DataDir_getSystemDataPath in highlight_wrap.o
__wrap_DataDir_getPluginPath__SWIG_0 in highlight_wrap.o
...
"_Perl_sv_magic", referenced from:
_boot_highlight in highlight_wrap.o
SWIG_Perl_MakePtr(sv*, void*, swig_type_info*, int) in highlight_wrap.o
"_Perl_sv_newmortal", referenced from:
__wrap_DataDir_assocByExtension_set in highlight_wrap.o
__wrap_DataDir_assocByExtension_get in highlight_wrap.o
__wrap_DataDir_assocByFilename_set in highlight_wrap.o
__wrap_DataDir_assocByFilename_get in highlight_wrap.o
__wrap_DataDir_assocByShebang_set in highlight_wrap.o
__wrap_DataDir_assocByShebang_get in highlight_wrap.o
__wrap_DataDir_initSearchDirectories in highlight_wrap.o
...
"_Perl_sv_setiv", referenced from:
_boot_highlight in highlight_wrap.o
"_Perl_sv_setpvf", referenced from:
__wrap_DataDir_assocByExtension_set in highlight_wrap.o
__wrap_DataDir_assocByExtension_get in highlight_wrap.o
__wrap_DataDir_assocByFilename_set in highlight_wrap.o
__wrap_DataDir_assocByFilename_get in highlight_wrap.o
__wrap_DataDir_assocByShebang_set in highlight_wrap.o
__wrap_DataDir_assocByShebang_get in highlight_wrap.o
__wrap_DataDir_initSearchDirectories in highlight_wrap.o
...
"_Perl_sv_setpvn", referenced from:
__wrap_DataDir_getLangPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_1 in highlight_wrap.o
__wrap_DataDir_getSystemDataPath in highlight_wrap.o
__wrap_DataDir_getPluginPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_1 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_2 in highlight_wrap.o
...
"_Perl_sv_setref_pv", referenced from:
__wrap_DataDir_assocByExtension_get in highlight_wrap.o
__wrap_DataDir_assocByFilename_get in highlight_wrap.o
__wrap_DataDir_assocByShebang_get in highlight_wrap.o
__wrap_SyntaxReader_getKeywords in highlight_wrap.o
__wrap_SyntaxReader_getKeywordClasses in highlight_wrap.o
__wrap_SyntaxReader_getRegexElements in highlight_wrap.o
__wrap_SyntaxReader_getPersistentSnippets in highlight_wrap.o
...
"_Perl_sv_setsv_flags", referenced from:
__wrap_DataDir_getLangPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getLangPath__SWIG_1 in highlight_wrap.o
__wrap_DataDir_getSystemDataPath in highlight_wrap.o
__wrap_DataDir_getPluginPath__SWIG_0 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_1 in highlight_wrap.o
__wrap_DataDir_getThemePath__SWIG_2 in highlight_wrap.o
...
ld: symbol(s) not found for architecture x86_64
clang-7: error: linker command failed with exit code 1 (use -v to see invocation)
This change adds a checkInstallPhase which runs a couple of queries
to smoke-test the ripgrep-all adapters. The queries are intended to
ensure that the dependencies needed by the adapters are included in
the package's dependencies.
This addresses the following security issues:
* CVE-2019-14846 - Several Ansible plugins could disclose aws
credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
lookup/aws_account_attribute.py, and lookup/aws_secret.py,
lookup/aws_ssm.py use the boto3 library from the Ansible process. The
boto3 library logs credentials at log level DEBUG. If Ansible's
logging was enabled (by setting LOG_PATH to a value) Ansible would set
the global log level to DEBUG. This was inherited by boto and would
then log boto credentials to the file specified by LOG_PATH. This did
not affect aws ansible modules as those are executed in a separate
process. This has been fixed by switching to log level INFO
* Convert CLI provided passwords to text initially, to prevent unsafe
context being lost when converting from bytes->text during post
processing of PlayContext. This prevents CLI provided passwords from
being incorrectly templated (CVE-2019-14856)
* properly hide parameters marked with no_log in suboptions when
invalid parameters are passed to the module (CVE-2019-14858)
* resolves CVE-2019-10206, by avoiding templating passwords from
prompt as it is probable they have special characters.
* Handle improper variable substitution that was happening in
safe_eval, it was always meant to just do 'type enforcement' and have
Jinja2 deal with all variable interpolation. Also see CVE-2019-10156
Changelog: 9bdb89f740/changelogs/CHANGELOG-v2.6.rst
This fixes the following security issues:
* Ansible: Splunk and Sumologic callback plugins leak sensitive data
in logs (CVE-2019-14864)
* CVE-2019-14846 - Several Ansible plugins could disclose aws
credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
lookup/aws_account_attribute.py, and lookup/aws_secret.py,
lookup/aws_ssm.py use the boto3 library from the Ansible process. The
boto3 library logs credentials at log level DEBUG. If Ansible's
logging was enabled (by setting LOG_PATH to a value) Ansible would set
the global log level to DEBUG. This was inherited by boto and would
then log boto credentials to the file specified by LOG_PATH. This did
not affect aws ansible modules as those are executed in a separate
process. This has been fixed by switching to log level INFO
* Convert CLI provided passwords to text initially, to prevent unsafe
context being lost when converting from bytes->text during post
processing of PlayContext. This prevents CLI provided passwords from
being incorrectly templated (CVE-2019-14856)
* properly hide parameters marked with no_log in suboptions when invalid
parameters are passed to the module (CVE-2019-14858)
* resolves CVE-2019-10206, by avoiding templating passwords from
prompt as it is probable they have special characters.
* Handle improper variable substitution that was happening in
safe_eval, it was always meant to just do 'type enforcement' and have
Jinja2 deal with all variable interpolation. Also see CVE-2019-10156
Changelog: 0623dedf2d/changelogs/CHANGELOG-v2.7.rst (v2-7-15)