The following parameters are now available:
* hardeningDisable
To disable specific hardening flags
* hardeningEnable
To enable specific hardening flags
Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.
cc-wrapper supports the following flags:
* fortify
* stackprotector
* pie (disabled by default)
* pic
* strictoverflow
* format
* relro
* bindnow
- there were many easy merge conflicts
- cc-wrapper needed nontrivial changes
Many other problems might've been created by interaction of the branches,
but stdenv and a few other packages build fine now.
Should only affect cross-builds, however I didn't test whether
cross-building gettext actually works. But if it's broken now, it was
broken before as well and this at least unbreaks the non-cross-built
nixpkgs tarball job :-)
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
(My OCD kicked in today...)
Remove repeated package names, capitalize first word, remove trailing
periods and move overlong descriptions to longDescription.
I also simplified some descriptions as well, when they were particularly
long or technical, often based on Arch Linux' package descriptions.
I've tried to stay away from generated expressions (and I think I
succeeded).
Some specifics worth mentioning:
* cron, has "Vixie Cron" in its description. The "Vixie" part is not
mentioned anywhere else. I kept it in a parenthesis at the end of the
description.
* ctags description started with "Exuberant Ctags ...", and the
"exuberant" part is not mentioned elsewhere. Kept it in a parenthesis
at the end of description.
* nix has the description "The Nix Deployment System". Since that
doesn't really say much what it is/does (especially after removing
the package name!), I changed that to "Powerful package manager that
makes package management reliable and reproducible" (borrowed from
nixos.org).
* Tons of "GNU Foo, Foo is a [the important bits]" descriptions
is changed to just [the important bits]. If the package name doesn't
contain GNU I don't think it's needed to say it in the description
either.
Also some style cleanup.
Note that defining an empty-string variable *does* change the hash.
I would like to change this behaviour one day
(clean up attrs when compiling the derivation).
From https://lists.macosforge.org/pipermail/macports-dev/2011-July/015263.html:
5) Building with a compiler that doesn't support newer __builtins
If your port uses MacPorts compilers rather than the default compiler,
you may run into trouble with string functions. You'll see errors at
link time about undefined __builtin_* functions. If this happens, you
may want to compile with -D_FORTIFY_SOURCE=0 to tell the headers to
use unfortified versions which do not use compiler builtins.
