Commit Graph

2291 Commits

Author SHA1 Message Date
John Ericson
c4ba2e3ef6 cc-wrapper: Remove stdenv.is* for targetPlatform.is*
Modify bootstrapping stdenvs to make sure `targetPlatform` also passed.
2017-06-22 17:52:27 -04:00
Franz Pletz
c3a8595276
cc-wrapper: fix darwin
Clang doesn't support -fstack-check=specific, only -fstack-check. Still a
noop, though.
2017-06-22 02:44:04 +02:00
Franz Pletz
4150f5e8ba
cc-wrapper: add stackcheck hardening (stack clash)
This fixes the Stack Clash issue rediscovered by Qualys. See
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
for more information on the topic, specifically section III.

We don't have the kernel mitigation available because it is a Grsecurity
feature which we don't support anymore. Other distributions like Gentoo
Hardened and Arch already have `-fstack-check` enabled by default.

See the Gentoo page on Stack Clash for more information on this solution:
https://wiki.gentoo.org/wiki/Hardened/Gentoo_Hardened_and_Stack_Clash

This unfortunately doesn't apply to clang because `-fstack-check` is a
noop there. Note that the GCC implementation also has problems that could
be exploited to circumvent these checks but it is still better than
keeping it disabled.
2017-06-22 00:41:53 +02:00
Franz Pletz
6338c50a84
Merge branch 'master' into staging 2017-06-22 00:41:25 +02:00
Domen Kožar
55616ad938 Merge pull request #26554 from orivej/rsp
Speed up parsing @args.rsp compiler arguments
2017-06-19 11:39:17 +02:00
Thomas Tuegel
be7b7d908f
Remove kdeWrapper 2017-06-18 08:43:39 -05:00
Thomas Tuegel
7b6f8dc77f
qt5: move kdeDerivation to qt5.mkDerivation 2017-06-18 08:42:19 -05:00
Orivej Desh
5413bfa8e3 Speed up parsing @args.rsp compiler arguments
Improves upon #25205

https://gist.github.com/pbogdan/9d6986bf931b58a70d75e14eb40ee8a1 parsing time is
reduced from one minute to one second
2017-06-14 18:56:44 +00:00
Profpatsch
79dd4deda5 Ultrastar (#26524)
* ultrastardx-beta: init at 1.3.5

* libbass, libbass_fx: init at 24

* ultrastar-creator: init at 2017-04-12

* buildSupport/plugins.nix: add diffPlugins

Helper function to compare expected plugin lists to the found plugins.

* ultrastar-manager: init at 2017-05-24

The plugins are built in their own derivations, speeding up (re-)compilation.
The `diffPlugins` function from `beets` is reused to test for changes in the
plugin list on updates.

* beets: switch to diffPlugins

The function is basically just extracted for better reusability.
2017-06-14 11:29:31 +02:00
Jörg Thalheim
557cc2cb63 Merge pull request #26372 from risicle/fetchsvn-unicode
fetchsvn: set LC_ALL in builder to allow svn to handle unicode filenames
2017-06-10 12:00:03 +01:00
Jörg Thalheim
e2197465c1
cc-wrapper: externalize default_cxx_stdlib_compile
This value is require to get c++ std include path for libclang based tools (vim plugins in my case).
I currently extract it this with this rather command:

```
eval echo $(nix-instantiate --eval --expr 'with (import <nixpkgs>) {}; clang.default_cxx_stdlib_compile')
```

it did not trigger any recompilation on my system.
2017-06-08 19:50:40 +01:00
Jan Malakhovski
d73ef2636f fetchurl: add some https ImageMagick mirrors 2017-06-07 15:27:03 +02:00
Eelco Dolstra
0996ea8a68
NixOS VM tests: Don't create a setgid group in vde_switch
Nix no longer allows this for security reasons.

http://hydra.nixos.org/build/53993125
2017-06-07 11:57:36 +02:00
Robert Scott
60dcb9cc01 fetchsvn: set LC_ALL in builder to allow svn to handle unicode filenames 2017-06-04 13:41:28 +01:00
Jörg Thalheim
ee22e3de08 Merge pull request #26358 from LnL7/fetchgit-postfetch
fetchgit: add postFetch argument
2017-06-04 11:14:03 +01:00
Joe Hermaszewski
a81f45386b fetchdarcs: Use NIX_SSL_CERT_FILE
`SSL_CERT_FILE` has been replaced with `NIX_SSL_CERT_FILE`.

Before this change using `fetchdarcs` resulted in an error message like:

```
Identifying repository http://hub.darcs.net/scravy/easyplot inventory

darcs failed:  Not a repository: http://hub.darcs.net/scravy/easyplot (Peer certificate cannot be authenticated with given CA certificates)

HINT: Do you have the right URI for the repository?

builder for ‘/nix/store/imyvcs6lvb5yva66krc5wk39931sam8v-fetchdarcs.drv’ failed with exit code 2
```
2017-06-03 20:35:37 +01:00
Daiderd Jordan
7567c5c1ee
fetchgit: add postFetch argument 2017-06-03 20:51:01 +02:00
Rodney Lorrimar
9e56cddf13 emacsWithPackages: support installing larger packages
I was getting the following error building tide from Melpa:

    nix-build  -E '(import <nixpkgs> {}).emacs25WithPackages (p: [p.melpaPackages.tide])'

    File tide-20170509.1134.tar is large (10.2M), really open? (y or n) Error reading from stdin
    builder for ‘/nix/store/gs9ik7yf8iilsikkfing74i70m0diax3-emacs-tide-20170509.1134.drv’ failed with exit code 255
    cannot build derivation ‘/nix/store/m3p080aani4rw82llp8nqk93cw2nvirk-emacs-with-packages-25.2.drv’: 1 dependencies couldn't be built

Solution was to disable the large file warning threshold when
installing packages.
2017-05-29 12:56:09 +01:00
Ryan Trinkle
0916c26ed6 symlinkJoin: eliminate lndir spam
By default lndir outputs the name of each subdirectory as it descends into it; this commit gives it the -silent flag to disable this behavior
2017-05-27 16:19:34 -04:00
Jaka Hudoklin
112f5229d8 Merge pull request #26131 from matejc/pkgs/build-support/docker/pull
docker tools: fix pull image function
2017-05-27 12:44:34 +02:00
Matej Cotman
8d3cb0af9e docker tools: fix pull image function 2017-05-26 18:48:16 +02:00
Vladimír Čunát
00672dec8a
Merge older staging
This still causes some uncached rebuilds, but master(!) and staging
move too fast forward rebuild-wise, so Hydra might never catch up.
(There are also other occasional problems.)
Therefore I merge at this point where the rebuild isn't that bad.
2017-05-26 15:45:43 +02:00
Eelco Dolstra
dc4e2cd70f Merge pull request #26062 from cleverca22/libredirect
libredirect: allow null paths
2017-05-24 18:09:55 +02:00
Mateusz Naściszewski
00572d595c
ipfs: 0.4.6 -> 0.4.9 2017-05-24 16:31:17 +02:00
michael bishop
5677ce2008
libredirect: allow null paths 2017-05-24 11:29:06 -03:00
Vladimír Čunát
8004e79415
Merge branch 'master' into staging 2017-05-24 03:24:06 +02:00
Benno Fünfstück
19d3cf81d3 rust: fix fetch-cargo-deps for git dependencies
We need to make sure that `$revs` ends with a space, since files must always
end with newlines. The previous code ignored the last entry in `$revs`, because
read already returns non-zero exit code for the last entry, as it does not end
with a space.
2017-05-23 10:01:33 +02:00
Frederik Rietdijk
99cfab07b9 Merge remote-tracking branch 'upstream/master' into HEAD 2017-05-22 09:21:40 +02:00
Matthew Bauer
2c0006521b
emacsWithPackages: wrap MacOS app
fixes #22893
2017-05-20 18:51:32 -05:00
Shea Levy
b71b7ee622 fetchFromGitHub: Allow private repos, hosted githubs 2017-05-19 15:38:01 -04:00
Vladimír Čunát
8b01ec9a9e
Merge branch 'master' into staging 2017-05-10 00:54:53 +02:00
Eelco Dolstra
31c2d20621
debian: 8.7 -> 8.8 2017-05-08 16:02:38 +02:00
Eelco Dolstra
94d164dd7f
Add a setup hook for detecting $TMPDIR references in RPATHs and wrapper scripts 2017-05-04 20:23:57 +02:00
Linus Heckemann
33962a4420 stdenv: fix "grep: invalid range" 2017-05-04 16:54:01 +01:00
Frederik Rietdijk
c520e79842 Merge remote-tracking branch 'upstream/master' into HEAD 2017-05-03 09:59:49 +02:00
Vladimír Čunát
1bcd56b6e6
Merge branch 'master' into staging
There's been a very large rebuild on master, unfortunately.
pytestcov conflict: I'm not really sure what should be propagated.
2017-05-02 16:01:48 +02:00
Utku Demir
5a78bed2bb Fix documentation of emacsWithPackages
After [this change](901a778c77), it should be `overrideScope` instead of `override`.
2017-05-02 09:52:04 +12:00
Michael Raskin
f3b45f83b5 Merge pull request #25205 from orivej/rsp
Fix parsing @args.rsp compiler arguments
2017-05-01 18:48:11 +02:00
Shea Levy
8a1707ad0d nixBufferBuilders: Add haskellMonoRepo builder 2017-05-01 11:44:21 -04:00
rht
5628cebcf0 /bin/sh -> ${stdenv.shell} 2017-04-30 17:01:07 +02:00
Thomas Tuegel
4e0d21edd1 Merge pull request #25285 from ttuegel/qt--fix-plugin-paths
Qt: purify plugin paths, unify Linux and Darwin builders
2017-04-30 07:33:50 -05:00
Joachim Fasting
ab4fa1cce4
tree-wide: prune some dead grsec leaves
The beginning of pruning grsecurity/PaX from the tree.
2017-04-30 12:05:41 +02:00
Peter Simons
d1008a9a5f Merge pull request #25299 from ahmedtd/fix-wrap-gapps-hook
wrapGAppsHook: Correct `wrapProgram` invocations
2017-04-29 10:33:52 +02:00
Taahir Ahmed
2cd342cfb3 wrapGAppsHook: Correct wrapProgram invocations
This change fixes several defects in the way `wrapGAppsHook` selected
the executable to wrap.

Previously, it would wrap any top-level files in the target `/bin` and
`/libexec` directories, including directories and non-executable
files.  In addition, it failed to wrap files in subdirectories.

Now, it uses `find` to iterate over these directory hierarchies,
selecting only executable files for wrapping.
2017-04-28 15:24:50 -05:00
Peter Simons
5c25c33a05 wrapGAppsHook: Revert "Correct wrapProgram invocations"
This reverts commit 8b9f153bb9 of
https://github.com/NixOS/nixpkgs/pull/25183 because it breaks builds of
packages that don't install both a "bin" and a "libexec" directory. See
https://github.com/NixOS/nixpkgs/pull/25183#issuecomment-298064769 for more
details.
2017-04-28 20:01:33 +02:00
Thomas Tuegel
394885daec
kdeWrapper: prefix Qt search paths 2017-04-28 05:54:20 -05:00
Peter Simons
edcff000d4 Merge pull request #25183 from ahmedtd/fix-wrap-gapps-hook
wrapGAppsHook: Correct `wrapProgram` invocations
2017-04-28 11:13:12 +02:00
Renzo Carbonara
d3bf2afc54 fetchdarcs: add SSL_CERT_FILE environment variable 2017-04-26 22:23:00 +02:00
Dan Peebles
9e764af72f fetchs3: init simple S3 downloader 2017-04-25 22:01:32 -04:00
Orivej Desh
e9adf383e6 Fix parsing @args.rsp compiler arguments 2017-04-25 13:29:43 +00:00
Taahir Ahmed
8b9f153bb9 wrapGAppsHook: Correct wrapProgram invocations
This change fixes several defects in the way `wrapGAppsHook` selected
the executable to wrap.

Previously, it would wrap any top-level files in the target `/bin` and
`/libexec` directories, including directories and non-executable
files.  In addition, it failed to wrap files in subdirectories.

Now, it uses `find` to iterate over these directory hierarchies,
selecting only executable files for wrapping.
2017-04-24 10:56:53 -05:00
Frederik Rietdijk
4fc9b1852a Merge remote-tracking branch 'upstream/master' into HEAD 2017-04-23 11:26:47 +02:00
Benno Fünfstück
bd78749d33 rust: improve fetch-cargo-deps determinism for non-sandboxed builds
When not using sandboxing, /usr/share/git-core/templates may leak into the
nix build through the libgit2 hardcoded default template search path. We now
explictly set the templatedir to avoid this problem.

See https://github.com/bennofs/nix-index/issues/2#issuecomment-296268983 for
an example case of nondeterminism.
2017-04-21 23:26:46 +02:00
Sven Slootweg
fa8adf2c47 fetchurl: fixed typo in error message
This typo was likely introduced by copy-pasting the error message from elsewhere and forgetting to change the text, during the MD5 deprecation process (#4491).
2017-04-21 16:41:09 +02:00
Frederik Rietdijk
e0abe74baf Merge remote-tracking branch 'upstream/master' into HEAD 2017-04-18 11:25:43 +02:00
Tim Stewart
5ca1646bb0 docker: improve reproducibility of layers
This patch fixes file modification times to $SOURCE_DATE_EPOCH, and
ensures that files originating from the store are owned by root:root.
Both changes improve reproducibility, and the latter allows proper
building on a host where the store is owned by a non-root user.
2017-04-16 22:46:24 -04:00
Jörg Thalheim
e8d5af0bd8
buildRustPackage: only copy executables to bin
in newer rust versions also *.rlib files are put into this directory
2017-04-15 13:26:51 +02:00
Jörg Thalheim
be70c02461
buildRustPackage: add standard package hooks
when overriding build phases also the standard hooks should be called
2017-04-15 13:26:51 +02:00
Jörg Thalheim
33cfee8177
buildRustPackage: add cargoBuildFlags 2017-04-15 13:26:50 +02:00
John Ericson
3bff114d95 Merge pull request #24871 from elitak/cross-staging
Various small crossDrv fixes
2017-04-15 01:27:05 -04:00
Vladimír Čunát
f7a4f146c9
Merge branch 'master' into staging
This includes a fix for a bad merge.
2017-04-14 19:22:02 +02:00
Vladimír Čunát
aeb0560959
Merge #24858: Smart wrapProgram 2017-04-14 12:24:33 +02:00
Eric Litak
bd45ec6416 buildEnv: use buildPackages.perl so crossDrv works 2017-04-14 02:00:08 -07:00
Nikolay Amiantov
e7c76d3c25 makeWrapper: search for free unwrapped file name 2017-04-12 18:12:16 +03:00
Nikolay Amiantov
54bbf91479 buildFHSEnv: add ACLOCAL_PATH
Fixes #24620.
2017-04-12 14:43:08 +03:00
Christian Kauhaus
09f24f628b buildRustPackage: Fix "warning: file ... may be generated" (#24471)
Every Rust derivation used to emit a warning like the following:

```
setting SOURCE_DATE_EPOCH to timestamp 1490877042 of file cargo-6e0c18c/Cargo.lock
warning: file cargo-6e0c18c/Cargo.lock may be generated; SOURCE_DATE_EPOCH may be non-deterministic
```

The reason is that the dependencies are copied without preserving
timestamps. Changing the build script to timestamp-preserving copy
removes the warning.
2017-03-30 15:15:49 +02:00
Michael Raskin
8a919af23b Merge pull request #24347 from spacekitteh/fetchGitRepo
fetchRepoProject: fixes; more options
2017-03-28 02:33:35 +02:00
Nikolay Amiantov
50adc53207 buildDotnetPackage: don't depend on invalid quoting in makeWrapper
Fixes #24387.
2017-03-27 18:24:08 +03:00
Sophie Taylor
50d964d105 fetchRepoProject: typo 2017-03-27 15:04:02 +10:00
Sophie Taylor
69055ecb51 fetchRepoProject: fixup 2017-03-26 21:55:41 +10:00
Sophie Taylor
f3b6a0b14c fetchRepoProject: typo 2017-03-26 21:50:46 +10:00
Sophie Taylor
62e115af5b Merge branch 'master' into fetchGitRepo 2017-03-26 20:17:03 +10:00
Sophie Taylor
1f545f01bb
fetchRepoProject: fixes; more options 2017-03-26 20:05:59 +10:00
Shea Levy
f087b75941 nix-buffer support: Make process-environment changes actually local 2017-03-25 11:13:25 -04:00
Daiderd Jordan
7dc489d95a Merge pull request #24275 from spacekitteh/fetchFromGitRepo
fetchRepoProject: Fix buildCommand
2017-03-25 09:45:11 +01:00
Daiderd Jordan
00f472a563
fetchrepoproject: cleanup extra flags 2017-03-25 00:35:20 +01:00
Sophie Taylor
2078c34dad fetchRepoProject: Fix buildCommand 2017-03-25 00:24:43 +01:00
Shea Levy
9a777013d1 Add setupSystemdUnits function.
Allows setting up and managing a set of systemd units on any systemd distribution.
2017-03-24 15:47:51 -04:00
Daiderd Jordan
f6669da3cf
fetchrepoproject: fix evaluation 2017-03-24 08:40:16 +01:00
Daniel Peebles
a9644fb1f0 Merge pull request #24239 from spacekitteh/fetchFromGitRepo
Added fetchRepoProject
2017-03-23 23:30:07 -04:00
Sophie Taylor
76e095c6c5
fetchRepoProject: init.
Added to grab projects added by git-repo.

Contains some problems still reguarding purity and clone.bundle,
but good enough for now.
2017-03-24 13:28:23 +10:00
Nikolay Amiantov
a40b7d07e9 makeQtWrapper, kdeWrapper: add GTK3 dependencies 2017-03-22 20:15:32 +03:00
HeeL
cd2627da0d Fix mkdir for fetchgx to not throw an exception 2017-03-21 16:04:00 +01:00
Robin Gloster
f57185db95
fetch-*: remove md5 support
fixes #4491
2017-03-20 22:23:41 +01:00
Vladimír Čunát
3ca0990da1
fetchsvn: fixup name guessing after #23851
I can't see any unfixed differences due to that PR,
at least in nix-env -qa output for the four Hydra platforms.
2017-03-19 10:55:16 +01:00
Nikolay Amiantov
7ff6eec5fd makeWrapper: quote paths
Fixes https://github.com/NixOS/nixpkgs/pull/22962#commitcomment-21144939

Also run ShellCheck.
2017-03-16 15:16:33 +01:00
Vladimír Čunát
e99bc64552
Merge branch 'master' into staging
More larger rebuilds from master, unfortunately.
2017-03-15 19:09:56 +01:00
Daniel Peebles
38a03817b0 Merge pull request #22571 from LnL7/darwin-frameworks-hook
add setup-hook to fix darwin frameworks
2017-03-15 11:33:23 -04:00
Tuomas Tynkkynen
aba0b45b86 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
      pkgs/development/libraries/qt-5/5.7/qtbase/default.nix
2017-03-14 00:49:22 +02:00
Arseniy Alekseyev
6a51b55af6 fetchSvn: Add support for --ignore-keywords flag
This is a flag that disables subversion keyword substitution.
Keyword substitution inserts metadata into the files being checked
out, and is therefore somewhat at odds with build reproducibility.

In particular, it can become a problem if you're trying to switch
between svn and a git export of the same thing (keyword substitutions
are normally not exported into git).
2017-03-13 03:43:39 +00:00
Daiderd Jordan
04fa8e006c
darwin: add setup-hook to fix CF references 2017-03-12 15:19:03 +01:00
Linus Heckemann
603b799bcb Add removeReferencesTo for removing specific refs
This allows for a less blanket approach than nuke-refs, targetting specific
references that we know we don't want rather than all references that we don't
know we want.
2017-03-09 12:01:55 +00:00
Shea Levy
d39be63a10 stripDirs: Silence annoying 'File format not recognized' errors 2017-03-08 14:25:06 -05:00
Anders Papitto
095cf1b903 Revert "buildRustPackage: fix deprecated use of registry.index config key"
This reverts commit e8aa8cc94be45103fcd32b5f0bfee4a55eae4080.
2017-03-02 13:40:19 +01:00
Shea Levy
bae77363c3 nixBufferBuilders.withPackages: Fix buffer count logic 2017-03-01 11:05:50 -05:00
Vladimír Čunát
b43614a6bb
Merge branch 'staging'
(Truly, this time :-)
2017-03-01 11:34:44 +01:00
Daniel Peebles
1f779398c9 Merge pull request #20444 from NeQuissimus/java_packages
Java packages
2017-02-27 20:04:56 -05:00
Vladimír Čunát
a1919db7cd
Merge branch 'master' into staging 2017-02-27 20:15:27 +01:00
Vladimír Čunát
20ffc3cd73
compress-man-pages: skip compressed manpages
Because of bash 4.4 the semantics GLOBIGNORE changed.
This resulted in already compressed manpages to be compressed twice.
Also be careful about symlinks to fix #21777, e.g. the ledger example.
2017-02-27 20:03:45 +01:00
Thomas Tuegel
68e0bc38a2
Move kdeWrapper out of kdeFrameworks 2017-02-27 11:49:21 -06:00