Commit Graph

109534 Commits

Author SHA1 Message Date
Jörg Thalheim
f3b626cf4d Merge pull request #26770 from volth/jetbrains-update-script-2
jetbrains updater: use perlPackages.LWPProtocolhttps
2017-06-23 09:42:51 +01:00
Frederik Rietdijk
a807c96e20 Merge pull request #26752 from rnhmjoj/graphviz
pythonPackages.pygraphviz: fix build
2017-06-23 10:40:01 +02:00
Joachim F
8accb9cb1c Merge pull request #26773 from Moredread/patch-1
nixos: replaced "userns" with "user namespaces" for clarity
2017-06-23 07:30:13 +01:00
aszlig
63fb845fcf
virtualbox: Rebase hardened.patch on top of 5.1.22
The merge of the version bump in
6fb9f89238 didn't take care of our patch
for the hardening mode and thus enabling VirtualBox without also
force-disabling hardening mode will result in a build error.

While the patch is largely identical with the old version, I've removed
one particular change around the following code:

    if (pFsObjState->Stat.st_mode & S_IWOTH)
        return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo,
                                      "World writable: '", pszPath, "'");

In the old version of the patch we have checked whether the path is
within the Nix store and suppressed the error return if that's the case.

The reason why I did that in the first place was because we had a bunch
of symlinks which were writable.

In VirtualBox 5.1.22 the code specifically checks whether the file is a
symlink, so we can safely drop our change.

Tested via all of the "virtualbox" NixOS VM subtests and they now all
succeed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-23 05:48:54 +02:00
aszlig
fa6fd34fcc
github/pr-template: Add note about NixOS tests
On several occasions I've seen people bumping packages which have NixOS
tests but without actually running them.

While this probably won't prevent such occasions entirely, at least it
serves as an additional checklist item so contributors don't forget
about these tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-23 05:33:06 +02:00
Tim Steinbach
6fb9f89238 Merge pull request #25368 from bachp/virtualbox-5.1.22
virtualbox: 5.1.18 -> 5.1.22
2017-06-22 21:23:47 -04:00
Tim Steinbach
4e08459f9b
linux-hardened-copperhead: 4.11.6c -> 4.11.6d 2017-06-22 21:12:20 -04:00
Thomas Tuegel
0030c66103
kdeFrameworks, plasma5: fix setup hooks
The setup hooks for many kdeFrameworks and plasma5 packages were erroneously
running before $outputDev was set. This lead to .dev outputs being propagated
into the user environment.
2017-06-22 17:46:44 -05:00
John Ericson
f571ad4595 Merge pull request #26775 from obsidiansystems/ghc-head-docs
ghcHEAD: Actually split docs into their own output
2017-06-22 17:11:46 -04:00
John Ericson
8f970d09fe ghcHEAD: Actually split docs into their own output
I put `outputs = ...` in the wrong spot in the last PR, oops. Sorry
about that.
2017-06-22 16:56:58 -04:00
André-Patrick Bubel
d859769f26 nixos: replaced "userns" with "user namespaces" for clarity
"userns" wasn't introduces as an abbreviation elsewhere as far as I can see, and I wasn't sure what was meant at first.
2017-06-22 22:04:34 +02:00
Daiderd Jordan
aba574c4fa Merge pull request #26668 from gleber/fixpoint-erlang-packages
erlang: refactor: build packages per Erlang/OTP version.
2017-06-22 21:49:30 +02:00
Robert Hensing
86dc6469ba arelle: init at 2017-06-01 2017-06-22 21:37:15 +02:00
Robert Hensing
90b2d06268 maintainers: add roberth 2017-06-22 21:37:15 +02:00
Volth
a2605322c6 fixed regexp, it did not match the last block 2017-06-22 19:16:19 +00:00
Volth
7fa29f39d1 a little simpification (use File::Slurp) 2017-06-22 19:08:19 +00:00
aszlig
1f65182272
electrum: Unify protobuf dependencies
Since 9c57f3b5c0 bumped the protobuf
version because the new upstream requires it, electrum now gets
protobuf3_0 *and* protobuf3_2 instead of just one version.

This leads to the following build errer:

Found duplicated packages in closure for dependency 'protobuf':
  protobuf 3.0.2 (...-python2.7-protobuf-3.0.2/lib/python2.7/site-packages)
  protobuf 3.2.0 (...-python2.7-protobuf-3.2.0/lib/python2.7/site-packages)

Using protobuf3_2 for keepkey and electrum fixes the build.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @np
2017-06-22 21:06:17 +02:00
Volth
00101eb7c9 jetbrains updater: use perlPackages.LWPProtocolhttps 2017-06-22 19:00:28 +00:00
Jörg Thalheim
9cc023a9b4 Merge pull request #26769 from volth/jetbrains-update-script
jetbrains: update script
2017-06-22 17:41:32 +01:00
Jörg Thalheim
d1eefba3a4 jetbrains: use nix-shell shebang in update script 2017-06-22 17:34:04 +01:00
Peter Hoeg
32ef253269 tmate: minor cleanup 2017-06-23 00:10:21 +08:00
Volth
1a87975910 update script for jetbrains products 2017-06-22 16:06:23 +00:00
Jörg Thalheim
c89efa3cbc Merge pull request #26753 from volth/jetbrains-update-2017.1.4
jetbrains.{ruby-mine,webstorm,datagrip,phpstorm}: 2017.1 -> 2017.1.4
2017-06-22 16:37:32 +01:00
Jörg Thalheim
dfeea018b6 Merge pull request #26768 from sifmelcara/fix/slock-cap
slock: Avoid chmod u+s
2017-06-22 16:27:30 +01:00
mingchuan
722d61c2f2 slock: Avoid chmod u+s (#26600) 2017-06-22 22:55:04 +08:00
Domen Kožar
05f94c8c13
hydra: 2017-06-21 -> 2017-06-22 2017-06-22 16:48:43 +02:00
aszlig
9c57f3b5c0
python-modules/trezor: Fix build
Regression introduced by 76beb08313.

With version 0.7.15 a few additional dependencies are needed by trezor,
mainly a newer version of protobuf bindings and requests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @np
2017-06-22 14:29:25 +02:00
Jörg Thalheim
5041df4411 doc/languages-frameworks/vim: add custom vimrc & packages 2017-06-22 13:25:03 +01:00
rnhmjoj
d8027bd9c4
pythonPackages.pygraphviz: fix build 2017-06-22 13:33:30 +02:00
Domen Kožar
bb9e23837a
haskellPackages: make configuration-{nix,common}.nix configurable
The motivation is to be able to get rid of common configuration
when initial packages differs since common configuration assumes
a very specific version set.

cc @jmitchell @peti
2017-06-22 13:25:53 +02:00
Joachim Schiele
3d52203ab2 sshd.nix: Added nixops usage warning of openssh.authorizedKeys.keys usage 2017-06-22 11:50:09 +02:00
Eric Bailey
505508a813 Update BEAM docs
Improve beam docs:
 * correct spelling
 * update per pandoc changes
 * capitalize titles
 * capitalize BEAM throughout and use "the BEAM" when referring to the virtual machine.
 * tweak grammar and phrasing
 * reformat build-tools-rebar3 section
 * add more links
 * re-wrap <para>s

Also update <programlisting>s
* normalize whitespace
* don't double quote homepage
* use $ in all shell snippets
2017-06-22 11:32:46 +02:00
Jörg Thalheim
f12006bd96 hound: 20160919 -> 20170324 2017-06-22 10:03:10 +01:00
Michael Raskin
a06c5123b3 Merge pull request #26759 from lsix/update_unifont
unifont: 9.0.06 -> 10.0.01
2017-06-22 09:28:00 +02:00
Michael Raskin
744bdac78e Re-add iolib subsystems 2017-06-22 09:31:41 +02:00
Jörg Thalheim
3e430a8ee5 dale: fix linking against llvm libs 2017-06-22 08:14:34 +01:00
Lancelot SIX
95c98b9bf5
unifont: 9.0.06 -> 10.0.01
See http://lists.gnu.org/archive/html/info-gnu/2017-06/msg00009.html
for release information
2017-06-22 09:03:23 +02:00
Frederik Rietdijk
f25720cacb python.pkgs.pylint: fix build on python2, fixes #26745 2017-06-22 07:46:30 +02:00
Frederik Rietdijk
8f45ee77ac Merge pull request #26751 from orivej/python-dogpile-cache
python-dogpile-cache: do not depend on dogpile_core
2017-06-22 07:24:19 +02:00
aszlig
bcaf2f6dbe
nixos/tests/sddm: Fix detecting login screen
Tesseract seems to have a hard time detecting the "ALICE FOOBAR" text,
so let's match on "Select your user and enter password" instead.

Ran the test on x86_64-linux and it now succeeds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-22 06:26:08 +02:00
aszlig
4007ee974c
vlock: Don't try to install setuid binary
With newer Nix it's (fortunately) no longer possible to create a file
with setuid bits, even though the permissions are fixed later the build
will fail during installPhase already.

I've verified whether the contents of the output path are the same as
before this change and the contents match.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-22 04:01:27 +02:00
aszlig
7a99036cef
nixos/release-combined: Add keymap tests
We really want to break channel updates whenever we break something like
this, because this actually will hit machines out there and can be very
much annoying (we had broken keymaps a few times which is why I
introduced these tests in the first place).

Just to be sure I don't break channel updates with this commit, I ran
all of the keymap tests and they all succeeded.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-22 03:33:35 +02:00
aszlig
44c64fef16
nixos/xserver: Improve checking keyboard layout
Enumerating the symbols directory doesn't include variants, so we're now
basically doing what "localectl list-x11-keymap-layouts" does but we use
sed instead.

The reason I'm not using localectl directly is because the path to
rules/base.lst is hardcoded in the systemd source.

Of course, the XKB specification allows for much more complicated rules,
but at least this should cover the most basic ones including variants.

So the sed expression itself is just for listing the available layouts
and variants and we use a grep with -xF to match only full lines without
interpreting regular expressions.

This should again allow to set "dvorak" as the layout option.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @lheckemann
Fixes: #25526
2017-06-22 03:24:28 +02:00
aszlig
7c0f6f4be5
pyopenssl: 16.2.0 -> 17.0.0 and fix tests
Upstream changes:

 * Added OpenSSL.X509Store.set_time() to set a custom verification time
   when verifying certificate chains. pyca/pyopenssl#567
 * Added a collection of functions for working with OCSP stapling. None
   of these functions make it possible to validate OCSP assertions, only
   to staple them into the handshake and to retrieve the stapled
   assertion if provided. Users will need to write their own code to
   handle OCSP assertions. We specifically added:
   Context.set_ocsp_server_callback, Context.set_ocsp_client_callback,
   and Connection.request_ocsp. pyca/pyopenssl#580
 * Changed the SSL module's memory allocation policy to avoid zeroing
   memory it allocates when unnecessary. This reduces CPU usage and
   memory allocation time by an amount proportional to the size of the
   allocation. For applications that process a lot of TLS data or that
   use very lage allocations this can provide considerable performance
   improvements. pyca/pyopenssl#578
 * Automatically set SSL_CTX_set_ecdh_auto() on OpenSSL.SSL.Context.
   pyca/pyopenssl#575
 * Fix empty exceptions from OpenSSL.crypto.load_privatekey().
   pyca/pyopenssl#581

The full upstream changelog can be found at:

https://pyopenssl.readthedocs.io/en/17.0.0/changelog.html

I've also added a patch from pyca/pyopenssl#637 in order to fix the
tests, which was the main reason for the version bump because that patch
won't apply for 16.2.0.

According to the upstream changelog there should be no
backwards-incompatible changes, but I've tested building against some of
the packages depending on pyopenssl anyway. Regardless of this, the
build for pyopenssl fails right now anyway, so the worst that could
happen via this commit would be that we break something that's already
broken.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-22 01:30:10 +02:00
Profpatsch
5cbc6ca9bb lib/generators: put more information in toPretty lambdas
With `builtins.functionArgs` we can get some information if the first argument
is an attrset and whether the contained fields have default values. Encode that
into the pretty-printed lambda.
2017-06-22 00:58:59 +02:00
Profpatsch
feb8cbdc38 lib/debug: traceSeqN & traceSeqValN
Strict trace functions that only go down to a specified depth.
Handy to get a better picture and prevent infinite recursions.
2017-06-22 00:58:59 +02:00
Profpatsch
b1ffe5e4c0 lib/generators: toPretty
`toPretty` implements a pretty printer for nix values.
2017-06-22 00:58:59 +02:00
Franz Pletz
dd3f2e648a
linux_hardened_copperhead: init at 4.11.6.c 2017-06-21 23:49:00 +02:00
Franz Pletz
febe37a24a
webkitgtk: 2.16.3 -> 2.16.4 for multiple CVEs
Fixes:

  * CVE-2017-2538
  * CVE-2017-2424

See https://webkitgtk.org/security/WSA-2017-0005.html
2017-06-21 23:49:00 +02:00
Daiderd Jordan
7469eb9fed
stress: enable on darwin 2017-06-21 23:26:43 +02:00