all: update from 4.6.0 to 4.7.2
keybase:
- added gnupg as a dependency and patch fix-patch-keybase.patch
kbfs:
- added fuse as a dependency and patch fix-patch-kbfs.patch
There were two issues:
* builtins.getEnv was called deep into the nixpkgs tree making it hard
to discover. This is solved by moving the call into
pkgs/top-level/impure.nix
* when the config was explicitly set by the user to false, it would
still try and load the environment variable. This meant that it was
not possible to guarantee the same outcome on two different systems.
* acme-client: 0.1.16 -> 0.2.3 (#71853)
The upstream acme-client that used to be at [1] has now been integrated
into OpenBSD, and the portable version that it links to at [2] is marked
as unmaintained. However, letsencrypt.org links to [3] for a portable
version, and indeed, that repository contains a version that has recent
activity, so I switched over to that.
It is hard to tell what the difference is between the OpenBSD version
and what is on Github, and even if that would be easy, there are a lot
of Linux-specific changes. This program is dealing with certificates, so
I feel it is important to at least check that thare are no obviously
unintended differences between the previous version and the new, but I
don't know of a good way of doing that at this point. I will continue
to investigate before I open a pull request.
[1]: https://kristaps.bsd.lv/acme-client/
[2]: https://github.com/kristapsdz/acme-client-portable
[3]: https://github.com/graywolf/acme-client-portable
* acme-client: fix Linux build of new upstream
The new source does not include a configure script in the repository,
but we can generate it with automake. Also, the new acme-client-portable
has an OpenSSL compatibility layer, but that actually breaks building
against LibreSSL. Avoid this issue by patching the compatibility layer
to be less eager to define things when linking against LibreSSL. I will
also submit a pull request for that upstream.
I don't expect this to work on Darwin, and the current package suggests
it does, but if the upstream (portable) version is no longer maintained,
for Darwin, perhaps we should just drop support for it. But maybe it
will just work, CI or somebody with a Darwin system will have to try.
* acme-client: 0.2.3 -> 0.2.4
My LibreSSL compatibility patch has been merged upstream into
acme-client-portable, and version 0.2.4 that includes it has been
released, so we can remove the patch here.
* acme-client: address review feedback
* Replace the manual autoreconf invocation with autoreconfHook.
* Remove DEFAULT_CA_FILE, which no longer affects the build.
Apparently this option trades compression time for size,
and explicitly does so without increasing resources needed in decomp.
Doesn't make tarball creation unbearable, so add it to options!
The patch prevents the following error:
[2/7] Generating manpages with a custom command.
../sshfs.rst:210: (ERROR/3) Unexpected indentation.
../sshfs.rst:211: (WARNING/2) Block quote ends without a blank line; unexpected unindent.