Using a unreleased commit from upstream.
Also moved the derivation to mkLibsForQt5 to let
the application choose its Qt5 version.
Did not put an alias as previous version was broken
since ages.
As requested in #99553. Closes#99553.
Libraries that install python modules as part of the build are
problematic, because they either
- only support a single python version, because the input for
pythonPackages gets fixed in all-packages.nix, or
- need to be rebuild the underlying C code for *every* python version
resulting in libfoo-python37, libfoo-python38, and so on
We would prefer to use the second approach because it works correctly
for all versions of python. However, it creates duplicate copies of
libseccomp.so and that can be expensive. Instead we 'deduplicate' the
copies of libseccomp.so by
- attaching a new $pythonsrc output to the libseccomp deriv, and
- exposing a new 'seccomp' package in python-packages.nix using
libseccomp as input, and
- having a custom python.nix derivation that builds the cython
extension using libseccomp to get the python source and the
package version
This means we build 1 copy of the seccomp python package, one for each
version of python, but all of those packages refer to a single instance
of the libseccomp C library, giving us the best of both worlds.
NOTE: because this requires changing the postInstall of libseccomp, it
requires a mass rebuild.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
In [#100765] @vcunat pointed out that we could decouple cacert from the
NSS package to make it more rebuild friendly. Just rebuilding packages
that depend on NSS seems to be about ~100. Rebuilding all the packages
that depend on cacert is >9k as of this writing. This makes it much more
feasible to upgrade high-profile packages that are (rightfully) pedantic
on their NSS version like firefox and thunderbird.
[#100765]: https://github.com/NixOS/nixpkgs/pull/100765
