There was the usual crashing and a few icons missing.
@lethalman: I think it's best to start putting $XDG_ICON_DIRS into suffix
instead of prefix (as here), so user-installed icons take precedence.
/cc #7743.
This also merges pull request #8290 plus a few other fixes from
@ambrop72 and me.
The summary of changes is:
* Update all channels to latest upstream.
* Update GYP package and drop gyp_svn1977.
* Remove ICU from buildInputs to prevent build failure.
* Switch back to using --depth . to GYP instead of patching in the
absolute store paths.
* Don't symlink source code anymore, which might introduce a
regression on high I/O load on Hydra. As this is only a temporary
build fix, let's cross fingers and hope we don't hit it. See
c92dbffeac for an explanation.
* Use HTTPS for the bucket URL.
* Fix nix_plugin_paths patch for version 44 and higher.
Tested at: https://headcounter.org/hydra/eval/169134
The pepper effects plugin has been removed and migrated to NaCl, so I'm
just dropping the hunk of that patch.
Upstream reviow URL: https://codereview.chromium.org/1085393003
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Changes included:
- Update versions.
- Use gyp package not gyp_svn1977.
- Remove icu from buildInputs, since this causes a build error due to inferference with use_system_icu=false.
- Remove the hack that inserts the absolute path into gyp files, and pass `--depth .` to gyp. This resolves the `third_party/angle` gyp error.
- Do a normal copy of the source code not a symlink copy. This resolves some link error where the symlinks interfere with relative paths (seems like because gyp resolves symlinks first). Note, this used to be worked around with the absolute path insertion hack.
- Change the bucketURL in update.nix to https (for more secure updates).
Many (less easily automatically converted) old-style strings
remain.
Where there was any possible ambiguity about the exact version or
variant intended, nothing was changed. IANAL, nor a search robot.
Use `with stdenv.lib` wherever it makes sense.
Works around regression from a305e6855d.
We're also marking it lowPrio to make sure nobody will accidentally
reference it using nix-env -i.
Until we have fixed#7402, we're going to build with the old gyp version
to prevent being affected by https://crbug.com/462153.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Also set installFlags rather than call make install directly.
This release has a logic error which causes the newsbeuter cache to be
deleted on exit iff urls contains a single URL [1] (no problem for n > 1).
[1]: https://github.com/akrennmair/newsbeuter/pull/179
We shouldn't make assumptions on what is set by NIX_PATH in order to
make it easier to rename that Nix path reference.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
26-Apr-2015
- Fix: JSON output syntax during first day of newly created databases
(pull request by Stefan Merettig)
- Fix: field padding when using UTF-8 locale
- Add optional mode parameter to --json and --xml for limiting the output
to only selected information
After the pulseaudio refactor in NixOS/nixpkgs@a2a3508, libcap is no
longer propagated to chromium anymore. And we need to have libcap for
the renderer sandbox.
Build log: https://hydra.nixos.org/build/21689759/nixlog/1/raw
What makes me wonder is that given that this was propagated by
pulseaudio noone either seemed to have disabled pulseaudio support for
Chromium or just didn't report the build failure.
Half-assed testing done against all channels, because it builds the
sandbox and we can't break an already broken build twice (or maybe we
can, who knows...).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
That way sending mail with mutt works on NixOS too, without having to
manually change mutt's config on your system. sendmail will be found in
$PATH at runtime, and thus the setuid wrapper will be used, if
available.
Looks like this is the only way to do what 6258728318
was expected to do that doesn't break things and doesn't look like a complete hack.
The problem is that different `fetch`ers generate very different results (from
archive files to plain source trees) and allowing overriding `src` in top-level
derivation when there is a derived python package is no trivial matter.
This also removes qca2_ossl, because it's now bundled with the main QCA
package and we can now drop all those patches and build system fixes,
because they have switched from autotools to cmake.
Tested against a few builds like PSI and Tomahawk.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Also requires enabling iana-etc. I'm shooting for "unix" platforms which
seems reasonable. Not sure why this was restricted to linux originally --
the history doesn't tell.
This includes a slight refactor.
2014-11-24 - Snort 2.9.7.2
[*] New additions
* Application Identification Preprocessor, when used in conjunction with
open app ID detector content, that will identify application protocol,
client, server, and web applications (including those using SSL) and
include the info in Snort alert data. In addition, a new rule option
keyword 'appid' that can be used to constrain Snort rules based on one
or more applications that are identified for the connection.
See README.appid for details.
* A new protected_content rule option that is used to match against a content
that is hashed. It can be used to obscure the full context of the rule from
the administrator.
* Protocol Aware Flushing (PAF) improvements for SMTP, POP, and IMAP to
more accurately process different portions of email messages and file
attachments.
* Added ability to test normalization behavior without modifying network traffic.
When configured using na_policy_mode:inline-test, statistics will be gathered
on packet normalizations that would have occurred, allowing less disruptive
testing of inline deployments.
* The HTTP Inspection preprocessor now has the ability to decompress
DEFLATE and LZMA compressed flash content and DEFLATE compressed PDF
content from http responses when configured with the new decompress_swf
and decompress_pdf options. This enhancement can be used with existing rule
options that already match against decompressed equivalents.
* Added improved XFF support to HttpInspect. It is now possible to specify custom
HTTP headers to use in place of 'X-Fowarded-For'. In situations where traffic may
contain multiple XFF-like headers, it is possible to specify which headers hold
precedence.
* Added control socket command to dump packets.
* The Stream5 preprocessor functionality is now split between the new Session and Stream preprocessors.
* Added decoding capaiblity for Cisco FabricPath
[*] Improvements
* Update active response to allow for responses of 1500+ bytes that span
multiple TCP packets.
* Check limits of multiple configurations to not exceed a maximum ID of 4095.
* Updated the error output of byte_test, byte_jump, byte_extract to
including details on offending options for a given rule.
* Update build and install scripts to install preprocessor and engine libraries
into user specified libdir.
* Improved performance of IP Reputation preprocessor.
* The control socket will now report success when reloading empty IP Reputation whitelists/blacklists.
* All TCP normalizations can now be enabled individually. See README.normalize for details on using
the new options. For consistency with other options, the "urp" tcp normalization keyword now
enables the normalization instead of disabling it.
* Lowered memory demand of Unicode -> ASCII mapping in HttpInspect.
* Updated profiler output to remove duplicate results when using multiple configurations.
* Improved performance of FTP reassembly.
Changes include:
* 16 colour support
* UI preferences included in themes (http://www.profanity.im/themes.html)
* Roster panel in console window
* Word wrapping
* Configure time display in main window
* Set default account for /connect
* Contact presence and resource displayed in titlebar
* Ability to override resource when sending messages
* Chat session handling in line with http://xmpp.org/rfcs/rfc6121.html#message-chat
* Lower CPU usage during periods of inactivity
* Keychain/keyring integration using account eval_password property
* Fixed remote code execution bug on OSX when desktop notifications configured to show message text
Most new UI features are enabled by default but can be disabled with the relevant preference command.
make it easily possible to extend current buildInputs using override function.
eg.:
weechat.override { extraBuildInputs = [ pythonPackages.pync ]; }
i've removed pync since its plugin dependency which can now be added via
extraBuildInputs.
This reverts commit 0696b0ef78.
Okay, now finally, let's get this straight. We actually *want*
preferLocalBuild, *because* we have improved the source splitup in
c92dbffeac.
The idea is to use local builds in order to prevent the source being
pushed to a remote machine, splitted up there (and thus copied again)
and then being copied *again* FROM the remote machine.
"DOH!" - as @edolstra or @rbvermaa would call it... and good d^Hnight.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This reverts commit 26f024626c.
I actually wasn't reading the "remove" in the commit message, so sorry
for the brainfart/noise.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This reverts commit fdb5cf8107.
The reason I'm reverting this is that the implications this had on the
IO load of Hydra are fixed by c92dbffeac.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
So far we've done the source code split up by using the generic
unpackPhase and copying it all over into the different outputs.
However, this had the problem of generating the I/O load of about three
times the size of the source tree: First at fetchurl of the tarball
(although it's not as much because it's compressed), second at
unpackPhase and third at installPhase.
Now we don't use installPhase anymore and directly unpack into the
output paths, which unfortunately becomes quite a bit more complex
because we need to transform the paths of the tar file on the fly.
I've also tried using GNU Tar's --to-command option to even untar *and*
patch it at the same time, but forking for every single file in the
tarball gets REALLY slow and also gets even more complex than this two
stage approach because you need to make sure that the patch file is
applied correctly, for example for files that don't yet exist but are to
be created by the patch file.
We're using --anchored and --no-wildcards-match-slash here to prevent
accidentally excluding files we don't want to exclude. One example is
something like v8/tools/gyp/v8.gyp.
So the current approach is some compromise between complexity and speed
and should hopefully get rid of the Hydra build timeouts by lowering I/O
load.
See here for examples of builds having this issue:
http://hydra.nixos.org/build/19045023http://hydra.nixos.org/build/19044973http://hydra.nixos.org/build/19044968http://hydra.nixos.org/build/19045019
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Overview of the updated versions:
stable: 40.0.2214.91 -> 40.0.2214.115
beta: 41.0.2272.16 -> 41.0.2272.64
dev: 41.0.2272.16 -> 42.0.2305.3
Introduces 42.0.2305.3 as the new dev version, which no longer requires
our user namespaces sandbox patch. Thanks to everyone participating in
https://crbug.com/312380 for finally having this upstream.
In the course of supporting the official namespace sandbox (that's what
the user namespace sandbox is called), a few things needed to be fixed
for version 42:
* Add an updated nix_plugin_paths.patch, because the old
one tries to patch the path for libpdf, which is now natively included
in Chromium.
* Don't copy libpdf.so to libexec path for version 42, it's no longer
needed as it's completely built-in now.
* Disable SUID sandbox directly in the source instead of going the easy
route of passing --disable-setuid-sandbox. The reason is that with
the command line flag a nasty nagbar will appear.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
