diff options
| author | Matthew Bauer <mjbauer95@gmail.com> | 2018-07-05 20:13:47 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-07-05 20:13:47 -0400 |
| commit | 9cd122a2c4c0780dafc254b20f172151005f319d (patch) | |
| tree | 21bc97de1f7045afdb6fd176eda140cc5a36a9ee | |
| parent | f513d580b06c37ef516a9af18f68b7567e6a05fe (diff) | |
| parent | 2f523dd9a48112d878b65877c8ea923c63321fb4 (diff) | |
| download | nixlib-9cd122a2c4c0780dafc254b20f172151005f319d.tar nixlib-9cd122a2c4c0780dafc254b20f172151005f319d.tar.gz nixlib-9cd122a2c4c0780dafc254b20f172151005f319d.tar.bz2 nixlib-9cd122a2c4c0780dafc254b20f172151005f319d.tar.lz nixlib-9cd122a2c4c0780dafc254b20f172151005f319d.tar.xz nixlib-9cd122a2c4c0780dafc254b20f172151005f319d.tar.zst nixlib-9cd122a2c4c0780dafc254b20f172151005f319d.zip | |
Merge pull request #43088 from matthewbauer/misc
Get rid of 2 unneeded packages
68 files changed, 926 insertions, 639 deletions
diff --git a/doc/languages-frameworks/python.section.md b/doc/languages-frameworks/python.section.md index 8cdee6a3f00b..298920ce166b 100644 --- a/doc/languages-frameworks/python.section.md +++ b/doc/languages-frameworks/python.section.md @@ -436,7 +436,7 @@ Let's split the package definition from the environment definition. We first create a function that builds `toolz` in `~/path/to/toolz/release.nix` ```nix -{ pkgs, buildPythonPackage }: +{ lib, pkgs, buildPythonPackage }: buildPythonPackage rec { pname = "toolz"; @@ -447,7 +447,7 @@ buildPythonPackage rec { sha256 = "43c2c9e5e7a16b6c88ba3088a9bfc82f7db8e13378be7c78d6c14a5f8ed05afd"; }; - meta = { + meta = with lib; { homepage = "http://github.com/pytoolz/toolz/"; description = "List processing tools and functional utilities"; license = licenses.bsd3; diff --git a/lib/trivial.nix b/lib/trivial.nix index 0bcefcbc28de..fac0718a9e73 100644 --- a/lib/trivial.nix +++ b/lib/trivial.nix @@ -102,7 +102,7 @@ rec { # Pull in some builtins not included elsewhere. inherit (builtins) pathExists readFile isBool - isInt add sub lessThan + isInt isFloat add sub lessThan seq deepSeq genericClosure; inherit (lib.strings) fileContents; diff --git a/lib/types.nix b/lib/types.nix index 5aa09d33e9b3..cf6f2aa46e40 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -167,6 +167,13 @@ rec { # s32 = sign 32 4294967296; }; + float = mkOptionType rec { + name = "float"; + description = "floating point number"; + check = isFloat; + merge = mergeOneOption; + }; + str = mkOptionType { name = "str"; description = "string"; diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix index 24283e1d6165..361a7e869602 100644 --- a/nixos/modules/security/sudo.nix +++ b/nixos/modules/security/sudo.nix @@ -66,6 +66,9 @@ in security.sudo.extraRules = mkOption { description = '' Define specific rules to be in the <filename>sudoers</filename> file. + More specific rules should come after more general ones in order to + yield the expected behavior. You can use mkBefore/mkAfter to ensure + this is the case when configuration options are merged. ''; default = []; example = [ diff --git a/nixos/modules/services/misc/gpsd.nix b/nixos/modules/services/misc/gpsd.nix index 71de08609073..3bfcb636a3c6 100644 --- a/nixos/modules/services/misc/gpsd.nix +++ b/nixos/modules/services/misc/gpsd.nix @@ -53,6 +53,14 @@ in ''; }; + nowait = mkOption { + type = types.bool; + default = false; + description = '' + don't wait for client connects to poll GPS + ''; + }; + port = mkOption { type = types.int; default = 2947; @@ -99,7 +107,8 @@ in ExecStart = '' ${pkgs.gpsd}/sbin/gpsd -D "${toString cfg.debugLevel}" \ -S "${toString cfg.port}" \ - ${if cfg.readonly then "-b" else ""} \ + ${optionalString cfg.readonly "-b"} \ + ${optionalString cfg.nowait "-n"} \ "${cfg.device}" ''; }; diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index c4bd0e7f9eef..36f1dd8d2479 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -148,38 +148,42 @@ let ip46tables -A nixos-fw -m conntrack --ctstate ESTABLISHED,RELATED -j nixos-fw-accept # Accept connections to the allowed TCP ports. - ${concatMapStrings (port: + ${concatStrings (mapAttrsToList (iface: cfg: + concatMapStrings (port: '' - ip46tables -A nixos-fw -p tcp --dport ${toString port} -j nixos-fw-accept + ip46tables -A nixos-fw -p tcp --dport ${toString port} -j nixos-fw-accept ${optionalString (iface != "default") "-i ${iface}"} '' ) cfg.allowedTCPPorts - } + ) cfg.interfaces)} # Accept connections to the allowed TCP port ranges. - ${concatMapStrings (rangeAttr: + ${concatStrings (mapAttrsToList (iface: cfg: + concatMapStrings (rangeAttr: let range = toString rangeAttr.from + ":" + toString rangeAttr.to; in '' - ip46tables -A nixos-fw -p tcp --dport ${range} -j nixos-fw-accept + ip46tables -A nixos-fw -p tcp --dport ${range} -j nixos-fw-accept ${optionalString (iface != "default") "-i ${iface}"} '' ) cfg.allowedTCPPortRanges - } + ) cfg.interfaces)} # Accept packets on the allowed UDP ports. - ${concatMapStrings (port: + ${concatStrings (mapAttrsToList (iface: cfg: + concatMapStrings (port: '' - ip46tables -A nixos-fw -p udp --dport ${toString port} -j nixos-fw-accept + ip46tables -A nixos-fw -p udp --dport ${toString port} -j nixos-fw-accept ${optionalString (iface != "default") "-i ${iface}"} '' ) cfg.allowedUDPPorts - } + ) cfg.interfaces)} # Accept packets on the allowed UDP port ranges. - ${concatMapStrings (rangeAttr: + ${concatStrings (mapAttrsToList (iface: cfg: + concatMapStrings (rangeAttr: let range = toString rangeAttr.from + ":" + toString rangeAttr.to; in '' - ip46tables -A nixos-fw -p udp --dport ${range} -j nixos-fw-accept + ip46tables -A nixos-fw -p udp --dport ${range} -j nixos-fw-accept ${optionalString (iface != "default") "-i ${iface}"} '' ) cfg.allowedUDPPortRanges - } + ) cfg.interfaces)} # Accept IPv4 multicast. Not a big security risk since # probably nobody is listening anyway. @@ -254,106 +258,30 @@ let fi ''; -in - -{ - - ###### interface - - options = { - - networking.firewall.enable = mkOption { - type = types.bool; - default = true; - description = - '' - Whether to enable the firewall. This is a simple stateful - firewall that blocks connection attempts to unauthorised TCP - or UDP ports on this machine. It does not affect packet - forwarding. - ''; - }; - - networking.firewall.logRefusedConnections = mkOption { - type = types.bool; - default = true; - description = - '' - Whether to log rejected or dropped incoming connections. - ''; - }; - - networking.firewall.logRefusedPackets = mkOption { - type = types.bool; - default = false; - description = - '' - Whether to log all rejected or dropped incoming packets. - This tends to give a lot of log messages, so it's mostly - useful for debugging. - ''; - }; - - networking.firewall.logRefusedUnicastsOnly = mkOption { - type = types.bool; - default = true; - description = - '' - If <option>networking.firewall.logRefusedPackets</option> - and this option are enabled, then only log packets - specifically directed at this machine, i.e., not broadcasts - or multicasts. - ''; - }; - - networking.firewall.rejectPackets = mkOption { - type = types.bool; - default = false; - description = - '' - If set, refused packets are rejected rather than dropped - (ignored). This means that an ICMP "port unreachable" error - message is sent back to the client (or a TCP RST packet in - case of an existing connection). Rejecting packets makes - port scanning somewhat easier. - ''; - }; - - networking.firewall.trustedInterfaces = mkOption { - type = types.listOf types.str; - default = [ ]; - example = [ "enp0s2" ]; - description = - '' - Traffic coming in from these interfaces will be accepted - unconditionally. Traffic from the loopback (lo) interface - will always be accepted. - ''; - }; - - networking.firewall.allowedTCPPorts = mkOption { + commonOptions = { + allowedTCPPorts = mkOption { type = types.listOf types.int; default = [ ]; example = [ 22 80 ]; description = - '' + '' List of TCP ports on which incoming connections are accepted. ''; }; - networking.firewall.allowedTCPPortRanges = mkOption { + allowedTCPPortRanges = mkOption { type = types.listOf (types.attrsOf types.int); default = [ ]; example = [ { from = 8999; to = 9003; } ]; description = - '' + '' A range of TCP ports on which incoming connections are accepted. ''; }; - networking.firewall.allowedUDPPorts = mkOption { + allowedUDPPorts = mkOption { type = types.listOf types.int; default = [ ]; example = [ 53 ]; @@ -363,7 +291,7 @@ in ''; }; - networking.firewall.allowedUDPPortRanges = mkOption { + allowedUDPPortRanges = mkOption { type = types.listOf (types.attrsOf types.int); default = [ ]; example = [ { from = 60000; to = 61000; } ]; @@ -372,133 +300,226 @@ in Range of open UDP ports. ''; }; + }; - networking.firewall.allowPing = mkOption { - type = types.bool; - default = true; - description = - '' - Whether to respond to incoming ICMPv4 echo requests - ("pings"). ICMPv6 pings are always allowed because the - larger address space of IPv6 makes network scanning much - less effective. - ''; - }; +in - networking.firewall.pingLimit = mkOption { - type = types.nullOr (types.separatedString " "); - default = null; - example = "--limit 1/minute --limit-burst 5"; - description = - '' - If pings are allowed, this allows setting rate limits - on them. If non-null, this option should be in the form of - flags like "--limit 1/minute --limit-burst 5" - ''; - }; +{ - networking.firewall.checkReversePath = mkOption { - type = types.either types.bool (types.enum ["strict" "loose"]); - default = kernelHasRPFilter; - example = "loose"; - description = - '' - Performs a reverse path filter test on a packet. If a reply - to the packet would not be sent via the same interface that - the packet arrived on, it is refused. + ###### interface - If using asymmetric routing or other complicated routing, set - this option to loose mode or disable it and setup your own - counter-measures. + options = { - This option can be either true (or "strict"), "loose" (only - drop the packet if the source address is not reachable via any - interface) or false. Defaults to the value of - kernelHasRPFilter. + networking.firewall = { + enable = mkOption { + type = types.bool; + default = true; + description = + '' + Whether to enable the firewall. This is a simple stateful + firewall that blocks connection attempts to unauthorised TCP + or UDP ports on this machine. It does not affect packet + forwarding. + ''; + }; - (needs kernel 3.3+) - ''; - }; + logRefusedConnections = mkOption { + type = types.bool; + default = true; + description = + '' + Whether to log rejected or dropped incoming connections. + ''; + }; - networking.firewall.logReversePathDrops = mkOption { - type = types.bool; - default = false; - description = - '' - Logs dropped packets failing the reverse path filter test if - the option networking.firewall.checkReversePath is enabled. - ''; - }; + logRefusedPackets = mkOption { + type = types.bool; + default = false; + description = + '' + Whether to log all rejected or dropped incoming packets. + This tends to give a lot of log messages, so it's mostly + useful for debugging. + ''; + }; - networking.firewall.connectionTrackingModules = mkOption { - type = types.listOf types.str; - default = [ ]; - example = [ "ftp" "irc" "sane" "sip" "tftp" "amanda" "h323" "netbios_sn" "pptp" "snmp" ]; - description = - '' - List of connection-tracking helpers that are auto-loaded. - The complete list of possible values is given in the example. - - As helpers can pose as a security risk, it is advised to - set this to an empty list and disable the setting - networking.firewall.autoLoadConntrackHelpers unless you - know what you are doing. Connection tracking is disabled - by default. - - Loading of helpers is recommended to be done through the - CT target. More info: - https://home.regit.org/netfilter-en/secure-use-of-helpers/ - ''; - }; + logRefusedUnicastsOnly = mkOption { + type = types.bool; + default = true; + description = + '' + If <option>networking.firewall.logRefusedPackets</option> + and this option are enabled, then only log packets + specifically directed at this machine, i.e., not broadcasts + or multicasts. + ''; + }; - networking.firewall.autoLoadConntrackHelpers = mkOption { - type = types.bool; - default = false; - description = - '' - Whether to auto-load connection-tracking helpers. - See the description at networking.firewall.connectionTrackingModules + rejectPackets = mkOption { + type = types.bool; + default = false; + description = + '' + If set, refused packets are rejected rather than dropped + (ignored). This means that an ICMP "port unreachable" error + message is sent back to the client (or a TCP RST packet in + case of an existing connection). Rejecting packets makes + port scanning somewhat easier. + ''; + }; - (needs kernel 3.5+) - ''; - }; + trustedInterfaces = mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "enp0s2" ]; + description = + '' + Traffic coming in from these interfaces will be accepted + unconditionally. Traffic from the loopback (lo) interface + will always be accepted. + ''; + }; - networking.firewall.extraCommands = mkOption { - type = types.lines; - default = ""; - example = "iptables -A INPUT -p icmp -j ACCEPT"; - description = - '' - Additional shell commands executed as part of the firewall - initialisation script. These are executed just before the - final "reject" firewall rule is added, so they can be used - to allow packets that would otherwise be refused. - ''; - }; + allowPing = mkOption { + type = types.bool; + default = true; + description = + '' + Whether to respond to incoming ICMPv4 echo requests + ("pings"). ICMPv6 pings are always allowed because the + larger address space of IPv6 makes network scanning much + less effective. + ''; + }; - networking.firewall.extraPackages = mkOption { - type = types.listOf types.package; - default = [ ]; - example = literalExample "[ pkgs.ipset ]"; - description = - '' - Additional packages to be included in the environment of the system - as well as the path of networking.firewall.extraCommands. - ''; - }; + pingLimit = mkOption { + type = types.nullOr (types.separatedString " "); + default = null; + example = "--limit 1/minute --limit-burst 5"; + description = + '' + If pings are allowed, this allows setting rate limits + on them. If non-null, this option should be in the form of + flags like "--limit 1/minute --limit-burst 5" + ''; + }; - networking.firewall.extraStopCommands = mkOption { - type = types.lines; - default = ""; - example = "iptables -P INPUT ACCEPT"; - description = - '' - Additional shell commands executed as part of the firewall - shutdown script. These are executed just after the removal - of the NixOS input rule, or if the service enters a failed - state. - ''; - }; + checkReversePath = mkOption { + type = types.either types.bool (types.enum ["strict" "loose"]); + default = kernelHasRPFilter; + example = "loose"; + description = + '' + Performs a reverse path filter test on a packet. If a reply + to the packet would not be sent via the same interface that + the packet arrived on, it is refused. + + If using asymmetric routing or other complicated routing, set + this option to loose mode or disable it and setup your own + counter-measures. + + This option can be either true (or "strict"), "loose" (only + drop the packet if the source address is not reachable via any + interface) or false. Defaults to the value of + kernelHasRPFilter. + + (needs kernel 3.3+) + ''; + }; + + logReversePathDrops = mkOption { + type = types.bool; + default = false; + description = + '' + Logs dropped packets failing the reverse path filter test if + the option networking.firewall.checkReversePath is enabled. + ''; + }; + + connectionTrackingModules = mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "ftp" "irc" "sane" "sip" "tftp" "amanda" "h323" "netbios_sn" "pptp" "snmp" ]; + description = + '' + List of connection-tracking helpers that are auto-loaded. + The complete list of possible values is given in the example. + + As helpers can pose as a security risk, it is advised to + set this to an empty list and disable the setting + networking.firewall.autoLoadConntrackHelpers unless you + know what you are doing. Connection tracking is disabled + by default. + + Loading of helpers is recommended to be done through the + CT target. More info: + https://home.regit.org/netfilter-en/secure-use-of-helpers/ + ''; + }; + + autoLoadConntrackHelpers = mkOption { + type = types.bool; + default = false; + description = + '' + Whether to auto-load connection-tracking helpers. + See the description at networking.firewall.connectionTrackingModules + + (needs kernel 3.5+) + ''; + }; + + extraCommands = mkOption { + type = types.lines; + default = ""; + example = "iptables -A INPUT -p icmp -j ACCEPT"; + description = + '' + Additional shell commands executed as part of the firewall + initialisation script. These are executed just before the + final "reject" firewall rule is added, so they can be used + to allow packets that would otherwise be refused. + ''; + }; + + extraPackages = mkOption { + type = types.listOf types.package; + default = [ ]; + example = literalExample "[ pkgs.ipset ]"; + description = + '' + Additional packages to be included in the environment of the system + as well as the path of networking.firewall.extraCommands. + ''; + }; + + extraStopCommands = mkOption { + type = types.lines; + default = ""; + example = "iptables -P INPUT ACCEPT"; + description = + '' + Additional shell commands executed as part of the firewall + shutdown script. These are executed just after the removal + of the NixOS input rule, or if the service enters a failed + state. + ''; + }; + + interfaces = mkOption { + default = { + default = mapAttrs (name: value: cfg."${name}") commonOptions; + }; + type = with types; attrsOf (submodule [ { options = commonOptions; } ]); + description = + '' + Interface-specific open ports. Setting this value will override + all values of the <literal>networking.firewall.allowed*</literal> + options. + ''; + }; + } // commonOptions; }; diff --git a/nixos/modules/services/networking/murmur.nix b/nixos/modules/services/networking/murmur.nix index 5cd26b31533d..fcc813e6898f 100644 --- a/nixos/modules/services/networking/murmur.nix +++ b/nixos/modules/services/networking/murmur.nix @@ -248,7 +248,7 @@ in systemd.services.murmur = { description = "Murmur Chat Service"; wantedBy = [ "multi-user.target" ]; - after = [ "network.target "]; + after = [ "network-online.target "]; serviceConfig = { Type = "forking"; diff --git a/nixos/modules/services/system/kerberos.nix b/nixos/modules/services/system/kerberos.nix index 4f2e2fdf662b..d85dee089827 100644 --- a/nixos/modules/services/system/kerberos.nix +++ b/nixos/modules/services/system/kerberos.nix @@ -41,8 +41,8 @@ in flags = "REUSE NAMEINARGS"; protocol = "tcp"; user = "root"; - server = "${pkgs.tcp_wrappers}/sbin/tcpd"; - serverArgs = "${pkgs.heimdalFull}/sbin/kadmind"; + server = "${pkgs.tcp_wrappers}/bin/tcpd"; + serverArgs = "${pkgs.heimdalFull}/bin/kadmind"; }; systemd.services.kdc = { @@ -51,13 +51,13 @@ in preStart = '' mkdir -m 0755 -p ${stateDir} ''; - script = "${heimdalFull}/sbin/kdc"; + script = "${heimdalFull}/bin/kdc"; }; systemd.services.kpasswdd = { description = "Kerberos Password Changing daemon"; wantedBy = [ "multi-user.target" ]; - script = "${heimdalFull}/sbin/kpasswdd"; + script = "${heimdalFull}/bin/kpasswdd"; }; }; diff --git a/nixos/modules/tasks/filesystems/zfs.nix b/nixos/modules/tasks/filesystems/zfs.nix index bfcd81d62159..39f51c363673 100644 --- a/nixos/modules/tasks/filesystems/zfs.nix +++ b/nixos/modules/tasks/filesystems/zfs.nix @@ -58,6 +58,45 @@ let snapshotNames = [ "frequent" "hourly" "daily" "weekly" "monthly" ]; + # When importing ZFS pools, there's one difficulty: These scripts may run + # before the backing devices (physical HDDs, etc.) of the pool have been + # scanned and initialized. + # + # An attempted import with all devices missing will just fail, and can be + # retried, but an import where e.g. two out of three disks in a three-way + # mirror are missing, will succeed. This is a problem: When the missing disks + # are later discovered, they won't be automatically set online, rendering the + # pool redundancy-less (and far slower) until such time as the system reboots. + # + # The solution is the below. poolReady checks the status of an un-imported + # pool, to see if *every* device is available -- in which case the pool will be + # in state ONLINE, as opposed to DEGRADED, FAULTED or MISSING. + # + # The import scripts then loop over this, waiting until the pool is ready or a + # sufficient amount of time has passed that we can assume it won't be. In the + # latter case it makes one last attempt at importing, allowing the system to + # (eventually) boot even with a degraded pool. + importLib = {zpoolCmd, awkCmd, cfgZfs}: '' + poolReady() { + pool="$1" + state="$("${zpoolCmd}" import | "${awkCmd}" "/pool: $pool/ { found = 1 }; /state:/ { if (found == 1) { print \$2; exit } }; END { if (found == 0) { print \"MISSING\" } }")" + if [[ "$state" = "ONLINE" ]]; then + return 0 + else + echo "Pool $pool in state $state, waiting" + return 1 + fi + } + poolImported() { + pool="$1" + "${zpoolCmd}" list "$pool" >/dev/null 2>/dev/null + } + poolImport() { + pool="$1" + "${zpoolCmd}" import -d "${cfgZfs.devNodes}" -N $ZFS_FORCE "$pool" + } + ''; + in { @@ -339,19 +378,26 @@ in ;; esac done - ''] ++ (map (pool: '' + ''] ++ [(importLib { + # See comments at importLib definition. + zpoolCmd = "zpool"; + awkCmd = "awk"; + inherit cfgZfs; + })] ++ (map (pool: '' echo -n "importing root ZFS pool \"${pool}\"..." - trial=0 - until msg="$(zpool import -d ${cfgZfs.devNodes} -N $ZFS_FORCE '${pool}' 2>&1)"; do - sleep 0.25 - echo -n . - trial=$(($trial + 1)) - if [[ $trial -eq 60 ]]; then - break + # Loop across the import until it succeeds, because the devices needed may not be discovered yet. + if ! poolImported "${pool}"; then + for trial in `seq 1 60`; do + poolReady "${pool}" > /dev/null && msg="$(poolImport "${pool}" 2>&1)" && break + sleep 1 + echo -n . + done + echo + if [[ -n "$msg" ]]; then + echo "$msg"; fi - done - echo - if [[ -n "$msg" ]]; then echo "$msg"; fi + poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool. + fi ${lib.optionalString cfgZfs.requestEncryptionCredentials '' zfs load-key -a ''} @@ -395,10 +441,26 @@ in Type = "oneshot"; RemainAfterExit = true; }; - script = '' - zpool_cmd="${packages.zfsUser}/sbin/zpool" - ("$zpool_cmd" list "${pool}" >/dev/null) || "$zpool_cmd" import -d ${cfgZfs.devNodes} -N ${optionalString cfgZfs.forceImportAll "-f"} "${pool}" - ${optionalString cfgZfs.requestEncryptionCredentials "\"${packages.zfsUser}/sbin/zfs\" load-key -r \"${pool}\""} + script = (importLib { + # See comments at importLib definition. + zpoolCmd="${packages.zfsUser}/sbin/zpool"; + awkCmd="${pkgs.gawk}/bin/awk"; + inherit cfgZfs; + }) + '' + poolImported "${pool}" && exit + echo -n "importing ZFS pool \"${pool}\"..." + # Loop across the import until it succeeds, because the devices needed may not be discovered yet. + for trial in `seq 1 60`; do + poolReady "${pool}" && poolImport "${pool}" && break + sleep 1 + done + poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool. + if poolImported "${pool}"; then + ${optionalString cfgZfs.requestEncryptionCredentials "\"${packages.zfsUser}/sbin/zfs\" load-key -r \"${pool}\""} + echo "Successfully imported ${pool}" + else + exit 1 + fi ''; }; diff --git a/pkgs/applications/editors/android-studio/default.nix b/pkgs/applications/editors/android-studio/default.nix index 2e82216b7e5d..ed18d34e4a9c 100644 --- a/pkgs/applications/editors/android-studio/default.nix +++ b/pkgs/applications/editors/android-studio/default.nix @@ -13,9 +13,9 @@ let sha256Hash = "196yaswbxh2nd83gimjxr8ggr5xkdxq7n3xlh6ax73v59pj4hryq"; }; latestVersion = { - version = "3.3.0.0"; # "Android Studio 3.3 Canary 1" - build = "181.4861037"; - sha256Hash = "1abilixr386x65qzgp6pwdn41y1xi9h8yihgxhc1c97n90f5gab8"; + version = "3.3.0.1"; # "Android Studio 3.3 Canary 2" + build = "181.4869471"; + sha256Hash = "1v2v09gd5vxh4nzbnrjfh0blpzz71i3i7lq5bkjsfl0g82r8j512"; }; in rec { # Old alias diff --git a/pkgs/applications/editors/emacs-modes/icicles/default.nix b/pkgs/applications/editors/emacs-modes/icicles/default.nix index 2277ebef4ff0..884d1724ef8d 100644 --- a/pkgs/applications/editors/emacs-modes/icicles/default.nix +++ b/pkgs/applications/editors/emacs-modes/icicles/default.nix @@ -3,14 +3,14 @@ let modules = [ { name = "icicles.el"; sha256 = "0wxak7wh0rrb3h77ay2vypbb53skcfbrv71xkajhax0w12q6zpaj"; } - { name = "icicles-chg.el"; sha256 = "1kqlhisg5g9ycylzqiwxrmmgfw2jw599wisz26wvi48lac2icgg7"; } - { name = "icicles-cmd1.el"; sha256 = "17cpw798bl6p77cmjl7lwdnxa1qpw4z1wacjq2mdc8fh81cyw3am"; } + { name = "icicles-chg.el"; sha256 = "0qavq9vy566l3qi9n8akrqjcgy8n6k0j8d7vsc7p1jhqvvq812gh"; } + { name = "icicles-cmd1.el"; sha256 = "0lgk6ngl9090iqvvw1c227q7p37mr73cc6ap3ky6b0nv3ql8rkyi"; } { name = "icicles-cmd2.el"; sha256 = "15swxk7fr7wsqpf26xzbvyk12ikkvfcyh9w8wmnpc38dmpyq79rb"; } { name = "icicles-doc1.el"; sha256 = "04j5qvj7pqnjh8h2y2sdgi7x55czdp9xn7yysr3bzcmr1rq5p4bz"; } { name = "icicles-doc2.el"; sha256 = "1k8vfhi3fa4bzsxr074bw5q6srvq6z6hi61rzlxdw7pah6qf7hcz"; } { name = "icicles-face.el"; sha256 = "1pvygqzmh6ag0zhfjn1vhdvlhxybwxzj22ah2pc0ls80dlywhi4l"; } - { name = "icicles-fn.el"; sha256 = "1sn56z5rjsvqsy3vs7af7yai0c0qdjvcxvwwc59rhswrbi6zlxz5"; } - { name = "icicles-mac.el"; sha256 = "1wyvqzlpq5n70mggqijb8f5r5q9y1hxxngp64sixy0xszy5d12dk"; } + { name = "icicles-fn.el"; sha256 = "05v7sc2k2mjm1mbnlkpi01aaxnxnb40540y7g70dg534scjd7w36"; } + { name = "icicles-mac.el"; sha256 = "0nhbwswz6xz7q4g8flszgx12q4gi4nx1d3n4jgz6svr2kk2vmlb4"; } { name = "icicles-mcmd.el"; sha256 = "05dniz6337v9r15w8r2zad0n2h6jlygzjp7vw75vvq8mds0acmia"; } { name = "icicles-mode.el"; sha256 = "1xfv8nryf5y2gygg02naawzm5qhrkba3h84g43518r1xc6rgbpp6"; } { name = "icicles-opt.el"; sha256 = "10n4p999ylkapirs75y5fh33lpiyx42i3ajzl2zjfwyr1zksg1iz"; } @@ -20,7 +20,7 @@ let forAll = f: map f modules; in stdenv.mkDerivation rec { - version = "2018-04-16"; + version = "2018-07-02"; name = "icicles-${version}"; srcs = forAll ({name, sha256}: fetchurl { url = "http://www.emacswiki.org/emacs/download/${name}"; inherit sha256; }); diff --git a/pkgs/applications/editors/vscode/default.nix b/pkgs/applications/editors/vscode/default.nix index 4b1d26742d69..818657f25341 100644 --- a/pkgs/applications/editors/vscode/default.nix +++ b/pkgs/applications/editors/vscode/default.nix @@ -2,7 +2,7 @@ makeWrapper, libXScrnSaver, libxkbfile, libsecret }: let - version = "1.24.0"; + version = "1.24.1"; channel = "stable"; plat = { @@ -12,9 +12,9 @@ let }.${stdenv.system}; sha256 = { - "i686-linux" = "17dvyp31kf12mfs6z3cm8rxfrvrmbrk9gbsk3z7v284z64dry9vz"; - "x86_64-linux" = "11m50lb0hvnmvb3qdixgpvdzcljzm94qxl41240g4qh4a36qvr1j"; - "x86_64-darwin" = "1wm6h3f8b33rky5nlrvwx4qx0k9h72aabiz6sm27x1wrs486p3lf"; + "i686-linux" = "189chqdimijjzydb8sp3yyi19fijsivyxrdddy8raaj7qkwq0maa"; + "x86_64-linux" = "1944v54pfpfkq5jjnfrhndcwndsnvavd9qih1i2pq16mgaizmib2"; + "x86_64-darwin" = "09sn22j40hax9v6ai99pfj67ymzkk82yqf8j33bg8byk4fgrz9jg"; }.${stdenv.system}; archive_fmt = if stdenv.system == "x86_64-darwin" then "zip" else "tar.gz"; diff --git a/pkgs/applications/graphics/ImageMagick/7.0.nix b/pkgs/applications/graphics/ImageMagick/7.0.nix index fb390c0995e0..d8c11f33439a 100644 --- a/pkgs/applications/graphics/ImageMagick/7.0.nix +++ b/pkgs/applications/graphics/ImageMagick/7.0.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchFromGitHub, fetchpatch, pkgconfig, libtool , bzip2, zlib, libX11, libXext, libXt, fontconfig, freetype, ghostscript, libjpeg -, lcms2, openexr, libpng, librsvg, libtiff, libxml2, openjpeg, libwebp +, lcms2, openexr, libpng, librsvg, libtiff, libxml2, openjpeg, libwebp, libheif , ApplicationServices , buildPlatform, hostPlatform }: @@ -54,7 +54,7 @@ stdenv.mkDerivation rec { buildInputs = [ zlib fontconfig freetype ghostscript - libpng libtiff libxml2 + libpng libtiff libxml2 libheif ] ++ lib.optionals (!hostPlatform.isMinGW) [ openexr librsvg openjpeg ] diff --git a/pkgs/applications/graphics/ImageMagick/default.nix b/pkgs/applications/graphics/ImageMagick/default.nix index 3af6e19b7011..b767f11da00b 100644 --- a/pkgs/applications/graphics/ImageMagick/default.nix +++ b/pkgs/applications/graphics/ImageMagick/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchFromGitHub, fetchpatch, pkgconfig, libtool , bzip2, zlib, libX11, libXext, libXt, fontconfig, freetype, ghostscript, libjpeg -, lcms2, openexr, libpng, librsvg, libtiff, libxml2, openjpeg, libwebp, fftw +, lcms2, openexr, libpng, librsvg, libtiff, libxml2, openjpeg, libwebp, fftw, libheif, libde265 , ApplicationServices , buildPlatform, hostPlatform }: @@ -66,7 +66,7 @@ stdenv.mkDerivation rec { buildInputs = [ zlib fontconfig freetype ghostscript - libpng libtiff libxml2 + libpng libtiff libxml2 libheif libde265 ] ++ lib.optionals (!hostPlatform.isMinGW) [ openexr librsvg openjpeg ] diff --git a/pkgs/applications/graphics/gimp/default.nix b/pkgs/applications/graphics/gimp/default.nix index f92594f08e16..4acc7cf37583 100644 --- a/pkgs/applications/graphics/gimp/default.nix +++ b/pkgs/applications/graphics/gimp/default.nix @@ -2,7 +2,7 @@ , pango, cairo, freetype, fontconfig, lcms, libpng, libjpeg, poppler, poppler_data, libtiff , libmng, librsvg, libwmf, zlib, libzip, ghostscript, aalib, shared-mime-info , python2Packages, libexif, gettext, xorg, glib-networking, libmypaint, gexiv2 -, harfbuzz, mypaint-brushes, libwebp, libgudev, openexr +, harfbuzz, mypaint-brushes, libwebp, libheif, libgudev, openexr , AppKit, Cocoa, gtk-mac-integration }: let @@ -21,7 +21,7 @@ in stdenv.mkDerivation rec { buildInputs = [ babl gegl gtk2 glib gdk_pixbuf pango cairo gexiv2 harfbuzz isocodes freetype fontconfig lcms libpng libjpeg poppler poppler_data libtiff openexr - libmng librsvg libwmf zlib libzip ghostscript aalib shared-mime-info libwebp + libmng librsvg libwmf zlib libzip ghostscript aalib shared-mime-info libwebp libheif python pygtk libexif xorg.libXpm glib-networking libmypaint mypaint-brushes ] ++ stdenv.lib.optionals stdenv.isDarwin [ AppKit Cocoa gtk-mac-integration ] ++ stdenv.lib.optionals stdenv.isLinux [ libgudev ]; diff --git a/pkgs/applications/graphics/krita/default.nix b/pkgs/applications/graphics/krita/default.nix index 690253947a18..1fd19162a4f7 100644 --- a/pkgs/applications/graphics/krita/default.nix +++ b/pkgs/applications/graphics/krita/default.nix @@ -2,18 +2,19 @@ , karchive, kconfig, kwidgetsaddons, kcompletion, kcoreaddons , kguiaddons, ki18n, kitemmodels, kitemviews, kwindowsystem , kio, kcrash -, boost, libraw, fftw, eigen, exiv2, lcms2, gsl, openexr +, boost, libraw, fftw, eigen, exiv2, libheif, lcms2, gsl, openexr, giflib , openjpeg, opencolorio, vc, poppler_qt5, curl, ilmbase , qtmultimedia, qtx11extras +, python3 }: mkDerivation rec { name = "krita-${version}"; - version = "4.0.3"; + version = "4.1.0"; src = fetchurl { url = "https://download.kde.org/stable/krita/${version}/${name}.tar.gz"; - sha256 = "0zmn29dzqncc80pvy9ymgyzqw8x1ryq8b4x5mr4sz15iyj7xgspr"; + sha256 = "1mbyybc7h3sblbaklvz0cci3ys4zcyi616fgdn06p62v2vw2sybq"; }; nativeBuildInputs = [ cmake extra-cmake-modules ]; @@ -21,9 +22,10 @@ mkDerivation rec { buildInputs = [ karchive kconfig kwidgetsaddons kcompletion kcoreaddons kguiaddons ki18n kitemmodels kitemviews kwindowsystem kio kcrash - boost libraw fftw eigen exiv2 lcms2 gsl openexr + boost libraw fftw eigen exiv2 lcms2 gsl openexr libheif giflib openjpeg opencolorio vc poppler_qt5 curl ilmbase qtmultimedia qtx11extras + python3 ]; NIX_CFLAGS_COMPILE = [ "-I${ilmbase.dev}/include/OpenEXR" ]; diff --git a/pkgs/applications/misc/digitalbitbox/default.nix b/pkgs/applications/misc/digitalbitbox/default.nix index fbd9d47633a1..09b6db3abf9a 100644 --- a/pkgs/applications/misc/digitalbitbox/default.nix +++ b/pkgs/applications/misc/digitalbitbox/default.nix @@ -3,6 +3,7 @@ , curl , fetchFromGitHub , git +, libcap , libevent , libtool , libqrencode @@ -67,6 +68,8 @@ in stdenv.mkDerivation rec { ]; buildInputs = with stdenv.lib; [ + # TODO: remove libcap when pruneLibtoolFiles applies to pulseaudio. + libcap libevent libtool libudev @@ -112,6 +115,8 @@ in stdenv.mkDerivation rec { ${copyUdevRuleToOutput "52-hid-digitalbox.rules" udevRule52} ''; + enableParallelBuilding = true; + meta = with stdenv.lib; { description = "A QT based application for the Digital Bitbox hardware wallet"; longDescription = '' diff --git a/pkgs/applications/misc/ipmicfg/default.nix b/pkgs/applications/misc/ipmicfg/default.nix index af7d257eed6e..e150ab457e07 100644 --- a/pkgs/applications/misc/ipmicfg/default.nix +++ b/pkgs/applications/misc/ipmicfg/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { name = "ipmicfg-${version}"; - version = "1.27.1"; - buildVersion = "170901"; + version = "1.28.0"; + buildVersion = "180302"; src = fetchzip { url = "ftp://ftp.supermicro.com/utility/IPMICFG/IPMICFG_${version}_build.${buildVersion}.zip"; - sha256 = "11xhzw36pg4has8857pypf44cni8m2mg8qsqi1s4bfjbxlfgxgwk"; + sha256 = "0hw853cwaaxmxy1sa3m7l9gqalwpbbvp4ghk8inr7dzwxjljmr02"; extraPostFetch = "chmod u+rwX,go-rwx+X $out/"; }; diff --git a/pkgs/applications/misc/khard/default.nix b/pkgs/applications/misc/khard/default.nix index c626aaca66bd..075640f702cb 100644 --- a/pkgs/applications/misc/khard/default.nix +++ b/pkgs/applications/misc/khard/default.nix @@ -1,6 +1,22 @@ -{ stdenv, fetchurl, fetchFromGitHub, glibcLocales, python3Packages }: +{ stdenv, fetchurl, fetchFromGitHub, glibcLocales, python3 }: -python3Packages.buildPythonApplication rec { +let + python = python3.override { + packageOverrides = self: super: { + + # https://github.com/pimutils/khal/issues/780 + python-dateutil = super.python-dateutil.overridePythonAttrs (oldAttrs: rec { + version = "2.6.1"; + src = oldAttrs.src.override { + inherit version; + sha256 = "891c38b2a02f5bb1be3e4793866c8df49c7d19baabf9c1bad62547e0b4866aca"; + }; + }); + + }; + }; + +in with python.pkgs; buildPythonApplication rec { version = "0.12.2"; name = "khard-${version}"; namePrefix = ""; @@ -14,7 +30,7 @@ python3Packages.buildPythonApplication rec { LC_ALL = "en_US.UTF-8"; buildInputs = [ glibcLocales ]; - propagatedBuildInputs = with python3Packages; [ + propagatedBuildInputs = [ atomicwrites configobj vobject diff --git a/pkgs/applications/networking/browsers/firefox/packages.nix b/pkgs/applications/networking/browsers/firefox/packages.nix index f49bfa963189..2c11fb27232f 100644 --- a/pkgs/applications/networking/browsers/firefox/packages.nix +++ b/pkgs/applications/networking/browsers/firefox/packages.nix @@ -145,16 +145,16 @@ in rec { tor-browser-7-5 = common (rec { pname = "tor-browser"; - version = "7.5.5"; + version = "7.5.6"; isTorBrowserLike = true; # FIXME: fetchFromGitHub is not ideal, unpacked source is >900Mb src = fetchFromGitHub { owner = "SLNOS"; repo = "tor-browser"; - # branch "tor-browser-52.8.1esr-7.5-1-slnos" - rev = "08e246847f0ccbee42f61d9449344d461c886cf1"; - sha256 = "023k7427g2hqkpdsw1h384djlyy6jyidpssrrwzbs3qv4s13slah"; + # branch "tor-browser-52.9.0esr-7.5-2-slnos" + rev = "95bb92d552876a1f4260edf68fda5faa3eb36ad8"; + sha256 = "1ykn3yg4s36g2cpzxbz7s995c33ij8kgyvghx38z4i8siaqxdddy"; }; patches = nixpkgsPatches; diff --git a/pkgs/applications/networking/cluster/minikube/default.nix b/pkgs/applications/networking/cluster/minikube/default.nix index 217998bbf82a..7301e45a41f8 100644 --- a/pkgs/applications/networking/cluster/minikube/default.nix +++ b/pkgs/applications/networking/cluster/minikube/default.nix @@ -14,7 +14,7 @@ let in buildGoPackage rec { pname = "minikube"; name = "${pname}-${version}"; - version = "0.27.0"; + version = "0.28.0"; goPackagePath = "k8s.io/minikube"; @@ -22,7 +22,7 @@ in buildGoPackage rec { owner = "kubernetes"; repo = "minikube"; rev = "v${version}"; - sha256 = "00gj8x5p0vxwy0y0g5nnddmq049h7zxvhb73lb4gii5mghr9mkws"; + sha256 = "1gm61w0f33mdax6im42wckfmjgdr5pziiaw2n7yj6jfjrxjnmzmf"; }; buildInputs = [ go-bindata makeWrapper gpgme ] ++ stdenv.lib.optional hostPlatform.isDarwin vmnet; diff --git a/pkgs/applications/networking/newsreaders/quiterss/0001-Revert-change-WebKit-602.1-c2f.patch b/pkgs/applications/networking/newsreaders/quiterss/0001-Revert-change-WebKit-602.1-c2f.patch deleted file mode 100644 index d9b994d9b37c..000000000000 --- a/pkgs/applications/networking/newsreaders/quiterss/0001-Revert-change-WebKit-602.1-c2f.patch +++ /dev/null @@ -1,157 +0,0 @@ -Date: Wed, 6 Jun 2018 20:46:38 +0200 - -This reverts commit eceda92a16f1f4e5c5b584acd745398571df2bd6. ---- - src/application/mainapplication.cpp | 3 --- - src/application/mainwindow.cpp | 11 ----------- - src/application/mainwindow.h | 2 -- - src/newstabwidget.cpp | 6 +----- - src/newstabwidget.h | 2 +- - src/optionsdialog.cpp | 2 -- - src/webview/webpage.cpp | 13 +------------ - src/webview/webpage.h | 3 --- - 8 files changed, 3 insertions(+), 39 deletions(-) - -diff --git a/src/application/mainapplication.cpp b/src/application/mainapplication.cpp -index e93ec9c1..a5913bdf 100644 ---- a/src/application/mainapplication.cpp -+++ b/src/application/mainapplication.cpp -@@ -566,9 +566,6 @@ void MainApplication::c2fLoadSettings() - settings.beginGroup("ClickToFlash"); - c2fWhitelist_ = settings.value("whitelist", QStringList()).toStringList(); - c2fEnabled_ = settings.value("enabled", true).toBool(); --#if QT_VERSION >= 0x050900 -- c2fEnabled_ = false; --#endif - settings.endGroup(); - } - -diff --git a/src/application/mainwindow.cpp b/src/application/mainwindow.cpp -index 337a7c4e..42255d2c 100644 ---- a/src/application/mainwindow.cpp -+++ b/src/application/mainwindow.cpp -@@ -8140,14 +8140,3 @@ void MainWindow::createBackup() - QFile::copy(settings.fileName(), backupFileName); - } - } -- --void MainWindow::webViewFullScreen(bool on) --{ -- setFullScreen(); -- feedsWidget_->setVisible(!on); -- pushButtonNull_->setVisible(!on); -- tabBarWidget_->setVisible(!on); -- currentNewsTab->newsWidget_->setVisible(!on); -- pushButtonNull_->setVisible(!on); -- statusBar()->setVisible(!on); --} -diff --git a/src/application/mainwindow.h b/src/application/mainwindow.h -index 995f96dc..93b75c11 100644 ---- a/src/application/mainwindow.h -+++ b/src/application/mainwindow.h -@@ -271,8 +271,6 @@ public: - - AdBlockIcon *adBlockIcon() { return adblockIcon_; } - -- void webViewFullScreen(bool on); -- - public slots: - void restoreFeedsOnStartUp(); - void addFeed(); -diff --git a/src/newstabwidget.cpp b/src/newstabwidget.cpp -index 77d74d3b..c6c130f7 100644 ---- a/src/newstabwidget.cpp -+++ b/src/newstabwidget.cpp -@@ -1842,12 +1842,8 @@ void NewsTabWidget::loadNewspaper(int refresh) - *----------------------------------------------------------------------------*/ - void NewsTabWidget::slotSetHtmlWebView(const QString &html, const QUrl &baseUrl) - { -- QUrl url = baseUrl; --#if QT_VERSION >= 0x050900 -- url.setScheme(""); --#endif - webView_->history()->setMaximumItemCount(0); -- webView_->setHtml(html, url); -+ webView_->setHtml(html, baseUrl); - webView_->history()->setMaximumItemCount(100); - } - -diff --git a/src/newstabwidget.h b/src/newstabwidget.h -index 7f5c3957..8d1266ac 100644 ---- a/src/newstabwidget.h -+++ b/src/newstabwidget.h -@@ -127,7 +127,6 @@ public: - QToolBar *newsToolBar_; - QSplitter *newsTabWidgetSplitter_; - -- QWidget *newsWidget_; - WebView *webView_; - QToolBar *webToolBar_; - LocationBar *locationBar_; -@@ -199,6 +198,7 @@ private: - - MainWindow *mainWindow_; - QSqlDatabase db_; -+ QWidget *newsWidget_; - - FeedsModel *feedsModel_; - FeedsProxyModel *feedsProxyModel_; -diff --git a/src/optionsdialog.cpp b/src/optionsdialog.cpp -index 73136dec..c082bc30 100644 ---- a/src/optionsdialog.cpp -+++ b/src/optionsdialog.cpp -@@ -741,9 +741,7 @@ void OptionsDialog::createBrowserWidget() - browserWidget_ = new QTabWidget(); - browserWidget_->addTab(generalBrowserWidget, tr("General")); - browserWidget_->addTab(historyBrowserWidget_, tr("History")); --#if QT_VERSION < 0x050900 - browserWidget_->addTab(click2FlashWidget_, tr("Click to Flash")); --#endif - browserWidget_->addTab(downloadsWidget, tr("Downloads")); - } - -diff --git a/src/webview/webpage.cpp b/src/webview/webpage.cpp -index 6401ec87..0254a167 100644 ---- a/src/webview/webpage.cpp -+++ b/src/webview/webpage.cpp -@@ -51,10 +51,7 @@ WebPage::WebPage(QObject *parent) - this, SLOT(downloadRequested(QNetworkRequest))); - connect(this, SIGNAL(printRequested(QWebFrame*)), - mainApp->mainWindow(), SLOT(slotPrint(QWebFrame*))); --#if QT_VERSION >= 0x050900 -- connect(this, SIGNAL(fullScreenRequested(QWebFullScreenRequest)), -- this, SLOT(slotFullScreenRequested(QWebFullScreenRequest))); --#endif -+ - livingPages_.append(this); - } - -@@ -286,11 +283,3 @@ void WebPage::cleanBlockedObjects() - mainFrame()->scrollToAnchor(mainFrame()->url().fragment()); - } - } -- --#if QT_VERSION >= 0x050900 --void WebPage::slotFullScreenRequested(QWebFullScreenRequest fullScreenRequest) --{ -- fullScreenRequest.accept(); -- mainApp->mainWindow()->webViewFullScreen(fullScreenRequest.toggleOn()); --} --#endif -diff --git a/src/webview/webpage.h b/src/webview/webpage.h -index 5c376c50..91e72758 100644 ---- a/src/webview/webpage.h -+++ b/src/webview/webpage.h -@@ -68,9 +68,6 @@ private slots: - void downloadRequested(const QNetworkRequest &request); - void cleanBlockedObjects(); - void urlChanged(const QUrl &url); --#if QT_VERSION >= 0x050900 -- void slotFullScreenRequested(QWebFullScreenRequest fullScreenRequest); --#endif - - private: - NetworkManagerProxy *networkManagerProxy_; --- -2.16.2 - diff --git a/pkgs/applications/networking/newsreaders/quiterss/default.nix b/pkgs/applications/networking/newsreaders/quiterss/default.nix index 6bd42183d038..6df0817070c2 100644 --- a/pkgs/applications/networking/newsreaders/quiterss/default.nix +++ b/pkgs/applications/networking/newsreaders/quiterss/default.nix @@ -4,20 +4,15 @@ stdenv.mkDerivation rec { name = "quiterss-${version}"; - version = "0.18.11"; + version = "0.18.12"; src = fetchFromGitHub { owner = "QuiteRSS"; repo = "quiterss"; rev = "${version}"; - sha256 = "0n9byhibi2qpgrb7x08knvqnmyn5c7vm24cl6y3zcvz52pz8y2yc"; + sha256 = "0xav9qr8n6310636nfbgx4iix65fs3ya5rz2isxsf38bkjm7r3pa"; }; - # Revert this commit until qt5.qtwebkit (currently an older version) from - # nixpkgs supports it (the commit states WebKit 602.1 while the current - # version in nixos-unstable is 538.1) - patches = [ ./0001-Revert-change-WebKit-602.1-c2f.patch ]; - nativeBuildInputs = [ qmake pkgconfig ]; buildInputs = [ qtbase qttools qtwebkit sqlite.dev ]; diff --git a/pkgs/applications/office/zotero/default.nix b/pkgs/applications/office/zotero/default.nix index 2f9999ab856c..b070958b756b 100644 --- a/pkgs/applications/office/zotero/default.nix +++ b/pkgs/applications/office/zotero/default.nix @@ -34,6 +34,7 @@ fhsEnv = buildFHSUserEnv { targetPkgs = pkgs: with pkgs; with xorg; [ gtk3 dbus-glib libXt nss + libX11 ]; }; diff --git a/pkgs/applications/video/mpv/default.nix b/pkgs/applications/video/mpv/default.nix index 58628aa1f8e8..8cbf32d99f83 100644 --- a/pkgs/applications/video/mpv/default.nix +++ b/pkgs/applications/video/mpv/default.nix @@ -9,9 +9,10 @@ libXext ? null, libXxf86vm ? null -, waylandSupport ? false, - wayland ? null, - libxkbcommon ? null +, waylandSupport ? false + , wayland ? null + , wayland-protocols ? null + , libxkbcommon ? null , rubberbandSupport ? true, rubberband ? null , xineramaSupport ? true, libXinerama ? null @@ -47,7 +48,7 @@ let available = x: x != null; in assert x11Support -> all available [libGLU_combined libX11 libXext libXxf86vm]; -assert waylandSupport -> all available [wayland libxkbcommon]; +assert waylandSupport -> all available [wayland wayland-protocols libxkbcommon]; assert rubberbandSupport -> available rubberband; assert xineramaSupport -> x11Support && available libXinerama; assert xvSupport -> x11Support && available libXv; @@ -151,7 +152,7 @@ in stdenv.mkDerivation rec { ++ optional archiveSupport libarchive ++ optionals dvdnavSupport [ libdvdnav libdvdnav.libdvdread ] ++ optionals x11Support [ libX11 libXext libGLU_combined libXxf86vm ] - ++ optionals waylandSupport [ wayland libxkbcommon ] + ++ optionals waylandSupport [ wayland wayland-protocols libxkbcommon ] ++ optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ libiconv Cocoa CoreAudio ]); diff --git a/pkgs/data/icons/arc-icon-theme/default.nix b/pkgs/data/icons/arc-icon-theme/default.nix index 84bf45a52bbe..6529e5c571c2 100644 --- a/pkgs/data/icons/arc-icon-theme/default.nix +++ b/pkgs/data/icons/arc-icon-theme/default.nix @@ -20,7 +20,8 @@ stdenv.mkDerivation rec { description = "Arc icon theme"; homepage = https://github.com/horst3180/arc-icon-theme; license = licenses.gpl3; - platforms = platforms.all; + # moka-icon-theme dependency is restricted to linux + platforms = platforms.linux; maintainers = with maintainers; [ romildo ]; }; } diff --git a/pkgs/data/icons/faba-icon-theme/default.nix b/pkgs/data/icons/faba-icon-theme/default.nix index fdad4f0f46da..e9d9efcfcb02 100644 --- a/pkgs/data/icons/faba-icon-theme/default.nix +++ b/pkgs/data/icons/faba-icon-theme/default.nix @@ -1,25 +1,23 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, elementary-icon-theme, gtk3 }: +{ stdenv, fetchFromGitHub, meson, ninja, gtk3, elementary-icon-theme }: stdenv.mkDerivation rec { name = "${package-name}-${version}"; package-name = "faba-icon-theme"; - version = "2016-09-13"; + version = "4.3"; src = fetchFromGitHub { owner = "moka-project"; repo = package-name; - rev = "00431894bce5fb1b8caccaee064788996be228a7"; - sha256 = "0hif030pd4w3s851k0s65w0mf2pik10ha25ycpsv91gpbgarqcns"; + rev = "v${version}"; + sha256 = "0xh6ppr73p76z60ym49b4d0liwdc96w41cc5p07d48hxjsa6qd6n"; }; - nativeBuildInputs = [ autoreconfHook elementary-icon-theme gtk3 ]; + nativeBuildInputs = [ meson ninja gtk3 elementary-icon-theme ]; postPatch = '' - substituteInPlace Makefile.am --replace '$(DESTDIR)'/usr $out + patchShebangs meson/post_install.py ''; - postFixup = "gtk-update-icon-cache $out/share/icons/Faba"; - meta = with stdenv.lib; { description = "A sexy and modern icon theme with Tango influences"; homepage = https://snwh.org/moka; diff --git a/pkgs/data/icons/faba-mono-icons/default.nix b/pkgs/data/icons/faba-mono-icons/default.nix index bdb6f651e6a5..a4ffefe1f26d 100644 --- a/pkgs/data/icons/faba-mono-icons/default.nix +++ b/pkgs/data/icons/faba-mono-icons/default.nix @@ -24,7 +24,8 @@ stdenv.mkDerivation rec { description = "The full set of Faba monochrome panel icons"; homepage = https://snwh.org/moka; license = licenses.gpl3; - platforms = platforms.all; + # moka-icon-theme dependency is restricted to linux + platforms = platforms.linux; maintainers = with maintainers; [ romildo ]; }; } diff --git a/pkgs/data/icons/moka-icon-theme/default.nix b/pkgs/data/icons/moka-icon-theme/default.nix index f3180db54dcf..2b4bb5d67c3b 100644 --- a/pkgs/data/icons/moka-icon-theme/default.nix +++ b/pkgs/data/icons/moka-icon-theme/default.nix @@ -1,30 +1,29 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, faba-icon-theme, gtk3 }: +{ stdenv, fetchFromGitHub, meson, ninja, gtk3, faba-icon-theme }: stdenv.mkDerivation rec { name = "${pname}-${version}"; pname = "moka-icon-theme"; - version = "5.3.6"; + version = "5.4.0"; src = fetchFromGitHub { owner = "snwh"; repo = pname; rev = "v${version}"; - sha256 = "17f8k8z8xvib4hkxq0cw9j7bhdpqpv5frrkyc4sbyildcbavzzbr"; + sha256 = "015l02im4mha5z91dbchxf6xkp66d346bg3xskwg0rh3lglhjsrd"; }; - nativeBuildInputs = [ autoreconfHook faba-icon-theme gtk3 ]; + nativeBuildInputs = [ meson ninja gtk3 faba-icon-theme ]; postPatch = '' - substituteInPlace Makefile.am --replace '$(DESTDIR)'/usr $out + patchShebangs meson/post_install.py ''; - postFixup = "gtk-update-icon-cache $out/share/icons/Moka"; - meta = with stdenv.lib; { description = "An icon theme designed with a minimal flat style using simple geometry and bright colours"; homepage = https://snwh.org/moka; license = with licenses; [ cc-by-sa-40 gpl3 ]; - platforms = platforms.all; + # darwin cannot deal with file names differing only in case + platforms = platforms.linux; maintainers = with maintainers; [ romildo ]; }; } diff --git a/pkgs/data/misc/hackage/default.nix b/pkgs/data/misc/hackage/default.nix index d25a165e40c4..2e603e22dfa7 100644 --- a/pkgs/data/misc/hackage/default.nix +++ b/pkgs/data/misc/hackage/default.nix @@ -1,6 +1,6 @@ { fetchurl }: fetchurl { - url = "https://github.com/commercialhaskell/all-cabal-hashes/archive/dc7b5d4f0ee056ec87a4a5069b3c68bdd316abd6.tar.gz"; - sha256 = "0llycqa2y6ng5bhzb19ya6p83k0chfycpivg9287gzsmj363j934"; + url = "https://github.com/commercialhaskell/all-cabal-hashes/archive/532d9c821a36f220c928be40465a6ace52bc3818.tar.gz"; + sha256 = "1yqn87r75cdf45wkbfa5vqxvsaxqsmypwjl4pw5w1g8qfrdilr18"; } diff --git a/pkgs/development/compilers/kotlin/default.nix b/pkgs/development/compilers/kotlin/default.nix index 342051230030..89c6151a186b 100644 --- a/pkgs/development/compilers/kotlin/default.nix +++ b/pkgs/development/compilers/kotlin/default.nix @@ -1,14 +1,14 @@ { stdenv, fetchurl, makeWrapper, jre, unzip }: let - version = "1.2.50"; + version = "1.2.51"; in stdenv.mkDerivation rec { inherit version; name = "kotlin-${version}"; src = fetchurl { url = "https://github.com/JetBrains/kotlin/releases/download/v${version}/kotlin-compiler-${version}.zip"; - sha256 = "1abis73ij334vfwn9k4s9rsa1va7h31a9g97g84i2rrp7cq2q1mw"; + sha256 = "0b7rlv4w3bqfxwp0sici8lraskavmx08qgf1jddjcgaxh0f72x4a"; }; propagatedBuildInputs = [ jre ] ; diff --git a/pkgs/development/compilers/lessc/default.nix b/pkgs/development/compilers/lessc/default.nix deleted file mode 100644 index 5caef5b3b66f..000000000000 --- a/pkgs/development/compilers/lessc/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ stdenv, fetchgit, nodejs }: - -stdenv.mkDerivation rec { - name = "lessc-${version}"; - version = "1.7.5"; # Upgrade to > 2.x breaks twitter-bootstrap - - src = fetchgit { - url = https://github.com/less/less.js.git; - rev = "refs/tags/v${version}"; - sha256 = "1af1xbh1pjpfsx0jp69syji6w9750nigk652yk46jrja3z1scb4s"; - }; - - phases = [ "installPhase" ]; - - installPhase = '' - mkdir -p $out/bin $out/lib - cp -r $src/bin/* $out/bin/ - cp -r $src/lib/* $out/lib/ - substituteInPlace $out/bin/lessc --replace "/usr/bin/env node" ${nodejs}/bin/node - ''; - - meta = with stdenv.lib; { - description = "LESS to CSS compiler"; - homepage = http://lesscss.org/; - license = licenses.asl20; - platforms = platforms.linux ++ platforms.darwin; - maintainers = with maintainers; [ pSub ]; - }; -} diff --git a/pkgs/development/libraries/SDL2/default.nix b/pkgs/development/libraries/SDL2/default.nix index 5e01a83b7c0c..7d8f5b2caee6 100644 --- a/pkgs/development/libraries/SDL2/default.nix +++ b/pkgs/development/libraries/SDL2/default.nix @@ -1,14 +1,14 @@ -{ stdenv, lib, fetchurl, pkgconfig, audiofile +{ stdenv, lib, fetchurl, pkgconfig, pruneLibtoolFiles , openglSupport ? false, libGL , alsaSupport ? true, alsaLib -, x11Support ? true, libICE, libXi, libXScrnSaver, libXcursor, libXinerama, libXext, libXxf86vm, libXrandr +, x11Support ? true, libX11, xproto, libICE, libXi, libXScrnSaver, libXcursor, libXinerama, libXext, libXxf86vm, libXrandr , waylandSupport ? true, wayland, wayland-protocols, libxkbcommon , dbusSupport ? false, dbus , udevSupport ? false, udev , ibusSupport ? false, ibus , pulseaudioSupport ? true, libpulseaudio , AudioUnit, Cocoa, CoreAudio, CoreServices, ForceFeedback, OpenGL -, libiconv +, audiofile, libiconv }: # NOTE: When editing this expression see if the same change applies to @@ -33,18 +33,26 @@ stdenv.mkDerivation rec { patches = [ ./find-headers.patch ]; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkgconfig pruneLibtoolFiles ]; - propagatedBuildInputs = [ libiconv ] + propagatedBuildInputs = dlopenPropagatedBuildInputs; + + dlopenPropagatedBuildInputs = [ ] + # Propagated for #include <GLES/gl.h> in SDL_opengles.h. + ++ optional openglSupport libGL + # Propagated for #include <X11/Xlib.h> and <X11/Xatom.h> in SDL_syswm.h. + ++ optionals x11Support [ libX11 xproto ]; + + dlopenBuildInputs = [ ] + ++ optional alsaSupport alsaLib ++ optional dbusSupport dbus + ++ optional pulseaudioSupport libpulseaudio ++ optional udevSupport udev - ++ optionals x11Support [ libICE libXi libXScrnSaver libXcursor libXinerama libXext libXrandr libXxf86vm ] ++ optionals waylandSupport [ wayland wayland-protocols libxkbcommon ] - ++ optional alsaSupport alsaLib - ++ optional pulseaudioSupport libpulseaudio; + ++ optionals x11Support [ libICE libXi libXScrnSaver libXcursor libXinerama libXext libXrandr libXxf86vm ]; - buildInputs = [ audiofile ] - ++ optional openglSupport libGL + buildInputs = [ audiofile libiconv ] + ++ dlopenBuildInputs ++ optional ibusSupport ibus ++ optionals stdenv.isDarwin [ AudioUnit Cocoa CoreAudio CoreServices ForceFeedback OpenGL ]; @@ -76,12 +84,13 @@ stdenv.mkDerivation rec { # SDL API that requires said libraries will fail to start. # # You can grep SDL sources with `grep -rE 'SDL_(NAME|.*_SYM)'` to - # confirm that they actually use most of the `propagatedBuildInputs` - # from above in this way. This is pretty weird. - postFixup = '' + # list the symbols used in this way. + postFixup = let + rpath = makeLibraryPath (dlopenPropagatedBuildInputs ++ dlopenBuildInputs); + in optionalString (stdenv.hostPlatform.extensions.sharedLibrary == ".so") '' for lib in $out/lib/*.so* ; do - if [[ -L "$lib" ]]; then - patchelf --set-rpath "$(patchelf --print-rpath $lib):${lib.makeLibraryPath propagatedBuildInputs}" "$lib" + if ! [[ -L "$lib" ]]; then + patchelf --set-rpath "$(patchelf --print-rpath $lib):${rpath}" "$lib" fi done ''; diff --git a/pkgs/development/libraries/libde265/default.nix b/pkgs/development/libraries/libde265/default.nix new file mode 100644 index 000000000000..07823072bad4 --- /dev/null +++ b/pkgs/development/libraries/libde265/default.nix @@ -0,0 +1,24 @@ +{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig }: + +stdenv.mkDerivation rec { + version = "1.0.3"; + name = "libde265-${version}"; + + src = fetchFromGitHub { + owner = "strukturag"; + repo = "libde265"; + rev = "v${version}"; + sha256 = "049g77f6c5sbk1h534zi9akj3y5h8zwnca5c9kqqjkn7f17irk10"; + }; + + nativeBuildInputs = [ autoreconfHook pkgconfig ]; + + meta = { + homepage = "https://github.com/strukturag/libde265"; + description = "Open h.265 video codec implementation"; + license = stdenv.lib.licenses.lgpl3; + platforms = stdenv.lib.platforms.unix; + maintainers = with stdenv.lib.maintainers; [ gebner ]; + }; + +} diff --git a/pkgs/development/libraries/libheif/default.nix b/pkgs/development/libraries/libheif/default.nix new file mode 100644 index 000000000000..cdc03c01a022 --- /dev/null +++ b/pkgs/development/libraries/libheif/default.nix @@ -0,0 +1,27 @@ +{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, pruneLibtoolFiles, libde265, x265, libpng, libjpeg }: + +stdenv.mkDerivation rec { + version = "1.3.2"; + name = "libheif-${version}"; + + src = fetchFromGitHub { + owner = "strukturag"; + repo = "libheif"; + rev = "v${version}"; + sha256 = "0hk8mzig2kp5f94j4jwqxzjrm7ffk16ffvxl92rf0afsh6vgnz7w"; + }; + + nativeBuildInputs = [ autoreconfHook pkgconfig pruneLibtoolFiles ]; + buildInputs = [ libde265 x265 libpng libjpeg ]; + + enableParallelBuilding = true; + + meta = { + homepage = "http://www.libheif.org/"; + description = "ISO/IEC 23008-12:2017 HEIF image file format decoder and encoder"; + license = stdenv.lib.licenses.lgpl3; + platforms = stdenv.lib.platforms.unix; + maintainers = with stdenv.lib.maintainers; [ gebner ]; + }; + +} diff --git a/pkgs/development/libraries/vapoursynth/default.nix b/pkgs/development/libraries/vapoursynth/default.nix index e45337c8cf5d..7344f3a7e2bb 100644 --- a/pkgs/development/libraries/vapoursynth/default.nix +++ b/pkgs/development/libraries/vapoursynth/default.nix @@ -35,6 +35,8 @@ stdenv.mkDerivation rec { (optionalString (!imwriSupport) "--disable-imwri") ]; + enableParallelBuilding = true; + meta = with stdenv.lib; { description = "A video processing framework with the future in mind"; homepage = http://www.vapoursynth.com/; diff --git a/pkgs/development/python-modules/asyncssh/default.nix b/pkgs/development/python-modules/asyncssh/default.nix index ef21cb001b49..76b863e24fb3 100644 --- a/pkgs/development/python-modules/asyncssh/default.nix +++ b/pkgs/development/python-modules/asyncssh/default.nix @@ -12,6 +12,9 @@ buildPythonPackage rec { sha256 = "a44736830741e2bb9c4e3992819288b77ac4af217a46d12f415bb57c18ed9c22"; }; + # See https://github.com/ronf/asyncssh/commit/6a92930e00f3bbc67d9cdf66816917e64f2450e9#r29559647 + patches = ./mock_getnameinfo.patch; + propagatedBuildInputs = [ bcrypt cryptography diff --git a/pkgs/development/python-modules/asyncssh/mock_getnameinfo.patch b/pkgs/development/python-modules/asyncssh/mock_getnameinfo.patch new file mode 100644 index 000000000000..5e8f475445e7 --- /dev/null +++ b/pkgs/development/python-modules/asyncssh/mock_getnameinfo.patch @@ -0,0 +1,159 @@ +diff --git a/tests/server.py b/tests/server.py +index fbd7e37..e7542dc 100644 +--- a/tests/server.py ++++ b/tests/server.py +@@ -208,12 +208,10 @@ class ServerTestCase(AsyncTestCase): + cls._server = yield from cls.start_server() + + sock = cls._server.sockets[0] +- cls._client_host, _ = yield from cls.loop.getnameinfo(('127.0.0.1', 0)) + cls._server_addr = '127.0.0.1' + cls._server_port = sock.getsockname()[1] + +- host = '[%s]:%d,%s ' % (cls._server_addr, cls._server_port, +- cls._client_host) ++ host = '[%s]:%d,localhost ' % (cls._server_addr, cls._server_port) + + with open('known_hosts', 'w') as known_hosts: + known_hosts.write(host) +diff --git a/tests/test_auth_keys.py b/tests/test_auth_keys.py +index 1d625ef..72a49f7 100644 +--- a/tests/test_auth_keys.py ++++ b/tests/test_auth_keys.py +@@ -13,13 +13,13 @@ + """Unit tests for matching against authorized_keys file""" + + import unittest +-from unittest.mock import patch + + import asyncssh + +-from .util import TempDirTestCase, x509_available ++from .util import TempDirTestCase, patch_getnameinfo, x509_available + + ++@patch_getnameinfo + class _TestAuthorizedKeys(TempDirTestCase): + """Unit tests for auth_keys module""" + +@@ -69,36 +69,22 @@ class _TestAuthorizedKeys(TempDirTestCase): + def match_keys(self, tests, x509=False): + """Match against authorized keys""" + +- def getnameinfo(sockaddr, flags): +- """Mock reverse DNS lookup of client address""" +- +- # pylint: disable=unused-argument +- +- host, port = sockaddr +- +- if host == '127.0.0.1': +- return ('localhost', port) +- else: +- return sockaddr +- +- with patch('socket.getnameinfo', getnameinfo): +- for keys, matches in tests: +- auth_keys = self.build_keys(keys, x509) +- for (msg, keynum, client_addr, +- cert_principals, match) in matches: +- with self.subTest(msg, x509=x509): +- if x509: +- result, trusted_cert = auth_keys.validate_x509( +- self.imported_certlist[keynum], client_addr) +- if (trusted_cert and trusted_cert.subject != +- self.imported_certlist[keynum].subject): +- result = None +- else: +- result = auth_keys.validate( +- self.imported_keylist[keynum], client_addr, +- cert_principals, keynum == 1) +- +- self.assertEqual(result is not None, match) ++ for keys, matches in tests: ++ auth_keys = self.build_keys(keys, x509) ++ for (msg, keynum, client_addr, cert_principals, match) in matches: ++ with self.subTest(msg, x509=x509): ++ if x509: ++ result, trusted_cert = auth_keys.validate_x509( ++ self.imported_certlist[keynum], client_addr) ++ if (trusted_cert and trusted_cert.subject != ++ self.imported_certlist[keynum].subject): ++ result = None ++ else: ++ result = auth_keys.validate( ++ self.imported_keylist[keynum], client_addr, ++ cert_principals, keynum == 1) ++ ++ self.assertEqual(result is not None, match) + + def test_matches(self): + """Test authorized keys matching""" +diff --git a/tests/test_connection_auth.py b/tests/test_connection_auth.py +index 3da8a5b..ff3e3cc 100644 +--- a/tests/test_connection_auth.py ++++ b/tests/test_connection_auth.py +@@ -23,8 +23,8 @@ from asyncssh.packet import String + from asyncssh.public_key import CERT_TYPE_USER, CERT_TYPE_HOST + + from .server import Server, ServerTestCase +-from .util import asynctest, gss_available, patch_gss, make_certificate +-from .util import x509_available ++from .util import asynctest, gss_available, patch_getnameinfo, patch_gss ++from .util import make_certificate, x509_available + + + class _FailValidateHostSSHServerConnection(asyncssh.SSHServerConnection): +@@ -455,6 +455,7 @@ class _TestGSSFQDN(ServerTestCase): + yield from conn.wait_closed() + + ++@patch_getnameinfo + class _TestHostBasedAuth(ServerTestCase): + """Unit tests for host-based authentication""" + +@@ -579,7 +580,7 @@ class _TestHostBasedAuth(ServerTestCase): + """Test stripping of trailing dot from client host""" + + with (yield from self.connect(username='user', client_host_keys='skey', +- client_host=self._client_host + '.', ++ client_host='localhost.', + client_username='user')) as conn: + pass + +@@ -667,6 +668,7 @@ class _TestHostBasedAsyncServerAuth(_TestHostBasedAuth): + client_username='user') + + ++@patch_getnameinfo + class _TestLimitedHostBasedSignatureAlgs(ServerTestCase): + """Unit tests for limited host key signature algorithms""" + +diff --git a/tests/util.py b/tests/util.py +index 42bb596..4d92ec3 100644 +--- a/tests/util.py ++++ b/tests/util.py +@@ -84,6 +84,24 @@ def asynctest35(func): + return async_wrapper + + ++def patch_getnameinfo(cls): ++ """Decorator for patching socket.getnameinfo""" ++ ++ def getnameinfo(sockaddr, flags): ++ """Mock reverse DNS lookup of client address""" ++ ++ # pylint: disable=unused-argument ++ ++ host, port = sockaddr ++ ++ if host == '127.0.0.1': ++ return ('localhost', port) ++ else: ++ return sockaddr ++ ++ return patch('socket.getnameinfo', getnameinfo)(cls) ++ ++ + def patch_gss(cls): + """Decorator for patching GSSAPI classes""" diff --git a/pkgs/development/python-modules/boto3/default.nix b/pkgs/development/python-modules/boto3/default.nix index 042ad9cf7932..b3a15ba08682 100644 --- a/pkgs/development/python-modules/boto3/default.nix +++ b/pkgs/development/python-modules/boto3/default.nix @@ -13,13 +13,13 @@ buildPythonPackage rec { pname = "boto3"; - version = "1.7.9"; + version = "1.7.48"; src = fetchFromGitHub { owner = "boto"; repo = "boto3"; rev = version; - sha256 = "0yqym19nlayjm1qlh6vvinmk5xw0zskil971n2v9s65ray7sn5lv"; + sha256 = "0pag37yy6693k8xvlyx4f06asab52i89xljy2ip121i60ih3jfw4"; }; propagatedBuildInputs = [ botocore jmespath s3transfer ] ++ lib.optionals (!isPy3k) [ futures ]; diff --git a/pkgs/development/python-modules/botocore/default.nix b/pkgs/development/python-modules/botocore/default.nix index 68b5abd906d9..fada751968b3 100644 --- a/pkgs/development/python-modules/botocore/default.nix +++ b/pkgs/development/python-modules/botocore/default.nix @@ -11,11 +11,11 @@ buildPythonPackage rec { pname = "botocore"; - version = "1.10.9"; + version = "1.10.48"; src = fetchPypi { inherit pname version; - sha256 = "19vlf2w05h9818hrhx8al4r9ngfhvhf2pxcwka9s7bc51qnhx4xh"; + sha256 = "1432drc7482nwrppwkk1i6ars3wz9w2g9rsxkz5nlxmyf9qm260j"; }; propagatedBuildInputs = [ diff --git a/pkgs/development/r-modules/default.nix b/pkgs/development/r-modules/default.nix index 996e3932d2a2..dc8b4d1fb156 100644 --- a/pkgs/development/r-modules/default.nix +++ b/pkgs/development/r-modules/default.nix @@ -749,6 +749,10 @@ let patches = [ ./patches/BayesXsrc.patch ]; }); + rhdf5 = old.rhdf5.overrideDerivation (attrs: { + patches = [ ./patches/rhdf5.patch ]; + }); + rJava = old.rJava.overrideDerivation (attrs: { preConfigure = '' export JAVA_CPPFLAGS=-I${pkgs.jdk}/include/ diff --git a/pkgs/development/r-modules/patches/rhdf5.patch b/pkgs/development/r-modules/patches/rhdf5.patch new file mode 100644 index 000000000000..86ada84c722f --- /dev/null +++ b/pkgs/development/r-modules/patches/rhdf5.patch @@ -0,0 +1,12 @@ +diff --git a/configure b/configure +index e3e21e8..3d947b6 100755 +--- a/configure ++++ b/configure +@@ -2859,6 +2859,7 @@ fi; + + echo "building the bundled hdf5 library..."; + cd ${BASEPBNAME}; ++sed -i 's#/bin/mv#mv#' configure + ./configure --with-pic --enable-shared=no CXX="${CXX}" CXXFLAGS="${CXXFLAGS}" CC="${CC}" CFLAGS="${CFLAGS}" F77="${F77}" + $MAKE lib + cd ../../ diff --git a/pkgs/development/tools/build-managers/buildbot/default.nix b/pkgs/development/tools/build-managers/buildbot/default.nix index ed73d26768a4..3729abfe247d 100644 --- a/pkgs/development/tools/build-managers/buildbot/default.nix +++ b/pkgs/development/tools/build-managers/buildbot/default.nix @@ -14,11 +14,11 @@ let package = pythonPackages.buildPythonApplication rec { name = "${pname}-${version}"; pname = "buildbot"; - version = "1.1.1"; + version = "1.2.0"; src = pythonPackages.fetchPypi { inherit pname version; - sha256 = "1vcmanx3ma3cfyiddjcmsnx6qmxd3m5blqax04rcsiq2zq4dmzir"; + sha256 = "02gwmls8kgm6scy36hdy0bg645zs1pxlrgwkcn79wrl7cfmabcbv"; }; buildInputs = with pythonPackages; [ diff --git a/pkgs/development/tools/build-managers/buildbot/plugins.nix b/pkgs/development/tools/build-managers/buildbot/plugins.nix index c8a12c192647..430cdee3ca8c 100644 --- a/pkgs/development/tools/build-managers/buildbot/plugins.nix +++ b/pkgs/development/tools/build-managers/buildbot/plugins.nix @@ -11,7 +11,7 @@ src = pythonPackages.fetchPypi { inherit pname version format; - sha256 = "01v9w8iy9q6fwrmz6db7fanjixax7whn74k67bj0czrbjjkpfzvb"; + sha256 = "001kxjcyn5sxiq7m1izy4djj7alw6qpgaid4f518s9xgm4a8hwcb"; }; meta = with stdenv.lib; { @@ -29,7 +29,7 @@ src = pythonPackages.fetchPypi { inherit pname version; - sha256 = "1cwxkzpgwzk9b361rj980bbnmhzzsr46pgf94zqpg3na8xm6hpwj"; + sha256 = "11p9l9r9rh8cq0ihzjcdxfbi55n7inbsz45zqq67rkvqn5nhj5b6"; }; propagatedBuildInputs = with pythonPackages; [ buildbot-pkg ]; @@ -49,7 +49,7 @@ src = pythonPackages.fetchPypi { inherit pname version; - sha256 = "0ival58f50128315d0nck63pzya2zm7q6hvgmxfbjl0my8il9p2l"; + sha256 = "1yx63frfpbvwy4hfib1psyq5ad0wysyzfrla8d7lgbdaip021wzw"; }; propagatedBuildInputs = with pythonPackages; [ buildbot-pkg ]; @@ -69,7 +69,7 @@ src = pythonPackages.fetchPypi { inherit pname version; - sha256 = "0jiwfb699nqbmpcm88y187ig4ha6p7d4v98mjwa9blhm54dk8kh1"; + sha256 = "06my75hli3w1skdkx1qz6zqw2wckanhrcvlqm4inylj9v9pcrgv6"; }; propagatedBuildInputs = with pythonPackages; [ buildbot-pkg ]; @@ -89,7 +89,7 @@ src = pythonPackages.fetchPypi { inherit pname version; - sha256 = "00mfn24gbwr2p3n7nsijzv949l7hiksiafhma18nnh40r8f4l5f2"; + sha256 = "073gz44fa5k1p8k46k0ld9gg16j8zdj6sc297qfyqpiw28ybhc5s"; }; propagatedBuildInputs = with pythonPackages; [ buildbot-pkg ]; diff --git a/pkgs/development/tools/build-managers/buildbot/worker.nix b/pkgs/development/tools/build-managers/buildbot/worker.nix index b1cfb6aeaf2f..968411ca9cc5 100644 --- a/pkgs/development/tools/build-managers/buildbot/worker.nix +++ b/pkgs/development/tools/build-managers/buildbot/worker.nix @@ -3,11 +3,11 @@ pythonPackages.buildPythonApplication (rec { name = "${pname}-${version}"; pname = "buildbot-worker"; - version = "1.1.1"; + version = "1.2.0"; src = pythonPackages.fetchPypi { inherit pname version; - sha256 = "02xfzlcy3cnvc3cmpl9gs6209a3qm71yz5pahbws9jcyhv6fbrrm"; + sha256 = "0lcaga16zf75aa6ckl9ahjbrs3n3bw7nj6m8g03n77873cgh94x4"; }; buildInputs = with pythonPackages; [ setuptoolsTrial mock ]; diff --git a/pkgs/development/tools/build-managers/gradle/default.nix b/pkgs/development/tools/build-managers/gradle/default.nix index 7570c3be0679..f810f97ef497 100644 --- a/pkgs/development/tools/build-managers/gradle/default.nix +++ b/pkgs/development/tools/build-managers/gradle/default.nix @@ -52,12 +52,12 @@ rec { }; gradle_latest = gradleGen rec { - name = "gradle-4.8"; + name = "gradle-4.8.1"; nativeVersion = "0.14"; src = fetchurl { url = "http://services.gradle.org/distributions/${name}-bin.zip"; - sha256 = "1fpihf35nd2wqh3ghkk9x0x2nr1s4vx3dgrfn2q4xagsm299dqpk"; + sha256 = "0wgdf1iv0izi957hay1xfsk5xnl6s2vx5dammcwy8say9fclscxg"; }; }; diff --git a/pkgs/development/tools/build-managers/redo/default.nix b/pkgs/development/tools/build-managers/redo/default.nix index 8063b6747666..bd0562463fd7 100644 --- a/pkgs/development/tools/build-managers/redo/default.nix +++ b/pkgs/development/tools/build-managers/redo/default.nix @@ -1,10 +1,10 @@ {stdenv, fetchurl, perl }: stdenv.mkDerivation rec { - name = "redo-1.2"; + name = "redo-1.3"; src = fetchurl { url = "https://jdebp.eu./Repository/freebsd/${name}.tar.gz"; - sha256 = "0qr8plllxfn32r4rgnalzlhcs3b4l8a4ga8ig9v8i5iy1qnfhqnf"; + sha256 = "1yx7nd59s01j096hr1zbnbx6mvd6ljzd4vgawh7p2l644jgwj70r"; }; nativeBuildInputs = [ perl /* for pod2man */ ]; diff --git a/pkgs/games/ezquake/default.nix b/pkgs/games/ezquake/default.nix index 2684a56a8286..ff39d1b99650 100644 --- a/pkgs/games/ezquake/default.nix +++ b/pkgs/games/ezquake/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchFromGitHub, curl, expat -, jansson, libpng, libjpeg, libGLU_combined, pcre +, jansson, libpng, libjpeg, libGLU_combined, libXxf86vm, pcre , pkgconfig, SDL2, vimNox }: stdenv.mkDerivation rec { @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig ]; buildInputs = [ - expat curl jansson libpng libjpeg libGLU_combined pcre SDL2 vimNox + expat curl jansson libpng libjpeg libGLU_combined libXxf86vm pcre SDL2 vimNox ]; installPhase = with stdenv.lib; let @@ -28,6 +28,8 @@ stdenv.mkDerivation rec { mv ezquake-${sys}-${arch} $out/bin/ezquake ''; + enableParallelBuilding = true; + meta = with stdenv.lib; { homepage = http://ezquake.github.io/; description = "A modern QuakeWorld client focused on competitive online play."; diff --git a/pkgs/games/ivan/default.nix b/pkgs/games/ivan/default.nix index 3431be5359ea..3281c3d28d12 100644 --- a/pkgs/games/ivan/default.nix +++ b/pkgs/games/ivan/default.nix @@ -1,4 +1,4 @@ -{stdenv, fetchFromGitHub, libpng, cmake, SDL2, SDL2_mixer, pkgconfig, pcre}: +{ stdenv, fetchFromGitHub, cmake, pkgconfig, SDL2, SDL2_mixer, alsaLib, libpng, pcre }: stdenv.mkDerivation rec { @@ -12,12 +12,12 @@ stdenv.mkDerivation rec { sha256 = "1r3fcccgpjmzzkg0lfmq76igjapr01kh97vz671z60jg7gyh301b"; }; - buildInputs = [SDL2 SDL2_mixer libpng pcre]; + nativeBuildInputs = [ cmake pkgconfig ]; - nativeBuildInputs = [cmake pkgconfig]; + buildInputs = [ SDL2 SDL2_mixer alsaLib libpng pcre ]; hardeningDisable = ["all"]; - + # To store bone and high score files in ~/.ivan of the current user patches = [./homedir.patch]; diff --git a/pkgs/games/liberal-crime-squad/default.nix b/pkgs/games/liberal-crime-squad/default.nix index d6a2afb26cb8..fef6e11d9be9 100644 --- a/pkgs/games/liberal-crime-squad/default.nix +++ b/pkgs/games/liberal-crime-squad/default.nix @@ -1,4 +1,4 @@ -{ fetchFromGitHub, stdenv, ncurses, autoreconfHook, SDL2, SDL2_mixer }: +{ fetchFromGitHub, stdenv, autoreconfHook, libiconv, ncurses, SDL2, SDL2_mixer }: stdenv.mkDerivation rec { version = "2016-07-06"; @@ -12,7 +12,9 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ autoreconfHook ]; - buildInputs = [ ncurses SDL2 SDL2_mixer ]; + buildInputs = [ libiconv ncurses SDL2 SDL2_mixer ]; + + enableParallelBuilding = true; meta = with stdenv.lib; { description = "A humorous politically themed ncurses game"; diff --git a/pkgs/games/warzone2100/default.nix b/pkgs/games/warzone2100/default.nix index 6ed276c0695b..6165cacfdca5 100644 --- a/pkgs/games/warzone2100/default.nix +++ b/pkgs/games/warzone2100/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchurl, perl, unzip, zip, which, pkgconfig -, qtbase, qtscript, SDL2, libtheora, openal, glew, physfs, fribidi +, qtbase, qtscript, SDL2, libtheora, openal, glew, physfs, fribidi, libXrandr , withVideos ? false }: @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { sha256 = "10kmpr4cby95zwqsl1zwx95d9achli6khq7flv6xmrq30a39xazw"; }; - buildInputs = [ qtbase qtscript SDL2 libtheora openal glew physfs fribidi ]; + buildInputs = [ qtbase qtscript SDL2 libtheora openal glew physfs fribidi libXrandr ]; nativeBuildInputs = [ perl zip unzip pkgconfig ]; postPatch = '' diff --git a/pkgs/misc/uboot/default.nix b/pkgs/misc/uboot/default.nix index 9486a504ac39..bac766c7b722 100644 --- a/pkgs/misc/uboot/default.nix +++ b/pkgs/misc/uboot/default.nix @@ -155,6 +155,12 @@ in rec { ''; }; + ubootNovena = buildUBoot rec { + defconfig = "novena_defconfig"; + extraMeta.platforms = ["armv7l-linux"]; + filesToInstall = ["u-boot.bin" "SPL"]; + }; + ubootOdroidXU3 = buildUBoot rec { defconfig = "odroid-xu3_defconfig"; extraMeta.platforms = ["armv7l-linux"]; diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix index 5ae128741129..7e277617b61a 100644 --- a/pkgs/os-specific/linux/kernel/hardened-config.nix +++ b/pkgs/os-specific/linux/kernel/hardened-config.nix @@ -28,7 +28,9 @@ ${optionalString (stdenv.platform.kernelArch == "x86_64") '' # Reduce attack surface by disabling various emulations IA32_EMULATION n X86_X32 n - MODIFY_LDT_SYSCALL? n + ${optionalString (versionOlder version "4.17") '' + MODIFY_LDT_SYSCALL? n + ''} VMAP_STACK y # Catch kernel stack overflows diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index cf6b254ee858..a4cf1b3e32af 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.14.52"; + version = "4.14.53"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0448z0sdwazk2xrwq1zrinv881qhl33f5r2n3pqb07pxnb3jdlm5"; + sha256 = "1gqbm26j7sayl854mlfjmwjvjh3gis2w1l2rl7s53ibxz5r2apx8"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.17.nix b/pkgs/os-specific/linux/kernel/linux-4.17.nix index 166a8572cf7a..d7e363f59049 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.17.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.17.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.17.3"; + version = "4.17.4"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1z8zja786x5dxwm69zgfkwsvfwjfznwbclf76301c2fd4wjancmg"; + sha256 = "0n5by04hshjdc8mh86yg4zkq9y6hhvjx78ialda9ysv2ac63gmk6"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 307276d04e70..b4a8ce5c8e04 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.4.138"; + version = "4.4.139"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1vn45hvwk49cfm283yg4j76k7dnn351rg5zy28z3bfp02x7cdyg6"; + sha256 = "0igdsv9ihblmxfsgj646xac5n2bdawmwsr9hwyz6yjld43a5aq5n"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index 287d8c9cf37d..1ef58aecdbcf 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.9.110"; + version = "4.9.111"; extraMeta.branch = "4.9"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0ypaqj9vs2jc4qiss5yyplx09rk55fa3hrlzdkm0x7x7f0x196ip"; + sha256 = "1par6wjpr05k00nj0laxnjr02z75szpzvwv66wb0yn6wb64marjr"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix index 5e8059bb4655..4af7647a1a5c 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -1,13 +1,13 @@ { stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, libelf, utillinux, ... } @ args: buildLinux (args // rec { - version = "4.18-rc2"; - modDirVersion = "4.18.0-rc2"; + version = "4.18-rc3"; + modDirVersion = "4.18.0-rc3"; extraMeta.branch = "4.18"; src = fetchurl { url = "https://git.kernel.org/torvalds/t/linux-${version}.tar.gz"; - sha256 = "04vflzj14wvvkj3lsbabsw0239y58cdd8g5kciqz1ydhdlgifpza"; + sha256 = "1kr9bhvcdp792micjmhl2hwhs5iid1srb4ia8hm4cpy1lnzdgrih"; }; # Should the testing kernels ever be built on Hydra? diff --git a/pkgs/servers/dns/knot-resolver/default.nix b/pkgs/servers/dns/knot-resolver/default.nix index e2db0b860f4c..6ebd642ee35a 100644 --- a/pkgs/servers/dns/knot-resolver/default.nix +++ b/pkgs/servers/dns/knot-resolver/default.nix @@ -12,11 +12,11 @@ inherit (stdenv.lib) optional optionals optionalString concatStringsSep; unwrapped = stdenv.mkDerivation rec { name = "knot-resolver-${version}"; - version = "2.3.0"; + version = "2.4.0"; src = fetchurl { url = "https://secure.nic.cz/files/knot-resolver/${name}.tar.xz"; - sha256 = "2d19c5daf8440bd3d2acd1886b9ede65f04f7753c6fd4618a92a1a4ba3b27a9b"; + sha256 = "8c88c73dd50dad6f371bfc170f49cd374022e59f8005ac1fa6cd99764f72b4d1"; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/servers/foundationdb/default.nix b/pkgs/servers/foundationdb/default.nix index 5ebb510be467..ecefc1d8fabd 100644 --- a/pkgs/servers/foundationdb/default.nix +++ b/pkgs/servers/foundationdb/default.nix @@ -1,17 +1,42 @@ -{ stdenv, fetchurl, fetchFromGitHub +{ stdenv49 +, lib, fetchurl, fetchFromGitHub + , which, findutils, m4, gawk -, python, openjdk, mono58, libressl_2_6 -, boost16x +, python, openjdk, mono58, libressl }: let + # hysterical raisins dictate a version of boost this old. however, + # we luckily do not need to build anything, we just need the header + # files. + boost152 = stdenv49.mkDerivation rec { + name = "boost-headers-1.52.0"; + + src = fetchurl { + url = "mirror://sourceforge/boost/boost_1_52_0.tar.bz2"; + sha256 = "14mc7gsnnahdjaxbbslzk79rc0d12h1i681cd3srdwr3fzynlar2"; + }; + + configurePhase = ":"; + buildPhase = ":"; + installPhase = "mkdir -p $out/include && cp -R boost $out/include/"; + }; + makeFdb = { version , branch - , rev, sha256 + , sha256 + + # the revision can be inferred from the fdb tagging policy + , rev ? "refs/tags/${version}" - # fdb 6.0+ support boost 1.6x+, so default to it - , boost ? boost16x + # in theory newer versions of fdb support newer compilers, but they + # don't :( maybe one day + , stdenv ? stdenv49 + + # in theory newer versions of fdb support newer boost versions, but they + # don't :( maybe one day + , boost ? boost152 }: stdenv.mkDerivation rec { name = "foundationdb-${version}"; inherit version; @@ -23,14 +48,20 @@ let }; nativeBuildInputs = [ gawk which m4 findutils mono58 ]; - buildInputs = [ python openjdk libressl_2_6 boost ]; + buildInputs = [ python openjdk libressl boost ]; patches = - [ ./fix-scm-version.patch - ./ldflags.patch - ]; + [ # For 5.2+, we need a slightly adjusted patch to fix all the ldflags + (if lib.versionAtLeast version "5.2" + then ./ldflags.patch + else ./ldflags-5.1.patch) + ] ++ + # for 6.0+, we do NOT need to apply this version fix, since we can specify + # it ourselves. see configurePhase + (lib.optional (!lib.versionAtLeast version "6.0") ./fix-scm-version.patch); postPatch = '' + # note: this does not do anything for 6.0+ substituteInPlace ./build/scver.mk \ --subst-var-by NIXOS_FDB_VERSION_ID "${rev}" \ --subst-var-by NIXOS_FDB_SCBRANCH "${branch}" @@ -51,7 +82,13 @@ let enableParallelBuilding = true; makeFlags = [ "all" "fdb_c" "fdb_java" "KVRELEASE=1" ]; - configurePhase = ":"; + # on 6.0 and later, we can specify all this information manually + configurePhase = lib.optionalString (lib.versionAtLeast version "6.0") '' + export SOURCE_CONTROL=GIT + export SCBRANCH="${branch}" + export VERSION_ID="${rev}" + ''; + installPhase = '' mkdir -vp $out/{bin,libexec/plugins} $lib/{lib,share/java} $dev/include/foundationdb @@ -85,45 +122,24 @@ let }; }; - # hysterical raisins dictate a version of boost this old. however, - # we luckily do not need to build anything, we just need the header - # files. - boost152 = stdenv.mkDerivation rec { - name = "boost-headers-1.52.0"; - - src = fetchurl { - url = "mirror://sourceforge/boost/boost_1_52_0.tar.bz2"; - sha256 = "14mc7gsnnahdjaxbbslzk79rc0d12h1i681cd3srdwr3fzynlar2"; - }; - - configurePhase = ":"; - buildPhase = ":"; - installPhase = "mkdir -p $out/include && cp -R boost $out/include/"; - }; - in with builtins; { - foundationdb51 = makeFdb { + foundationdb51 = makeFdb rec { version = "5.1.7"; branch = "release-5.1"; - rev = "9ad8d02386d4a6a5efecf898df80f2747695c627"; sha256 = "1rc472ih24f9s5g3xmnlp3v62w206ny0pvvw02bzpix2sdrpbp06"; - boost = boost152; }; foundationdb52 = makeFdb rec { - version = "5.2.0pre1488_${substring 0 8 rev}"; - branch = "master"; - rev = "18f345487ed8d90a5c170d813349fa625cf05b4e"; - sha256 = "0mz30fxj6q99cvjzg39s5zm992i6h2l2cb70lc58bdhsz92dz3vc"; - boost = boost152; + version = "5.2.5"; + branch = "release-5.2"; + sha256 = "00csr4v9cwl9y8r63p73grc6cvhlqmzcniwrf80i0klxv5asg7q7"; }; foundationdb60 = makeFdb rec { - version = "6.0.0pre1636_${substring 0 8 rev}"; + version = "6.0.0pre2227_${substring 0 8 rev}"; branch = "master"; - rev = "1265a7b6d5e632dd562b3012e70f0727979806bd"; - sha256 = "0z1i5bkbszsbn8cc48rlhr29m54n2s0gq3dln0n7f97gf58mi5yf"; + rev = "8caa6eaecf1eeec0298fc77db334761b0c1d1523"; + sha256 = "1q200rpsphl5fzwzp2vk7ifgsnqh95k0xfiicfi1c8253ylnsgll"; }; - } diff --git a/pkgs/servers/foundationdb/ldflags-5.1.patch b/pkgs/servers/foundationdb/ldflags-5.1.patch new file mode 100644 index 000000000000..4d523a7ecdd3 --- /dev/null +++ b/pkgs/servers/foundationdb/ldflags-5.1.patch @@ -0,0 +1,90 @@ +diff --git a/FDBLibTLS/local.mk b/FDBLibTLS/local.mk +index 0b6eac8..b1891ca 100644 +--- a/FDBLibTLS/local.mk ++++ b/FDBLibTLS/local.mk +@@ -1,6 +1,5 @@ + FDBLibTLS_CFLAGS := -fPIC -I/usr/local/include -I$(BOOSTDIR) +-FDBLibTLS_STATIC_LIBS := -ltls -lssl -lcrypto +-FDBLibTLS_LDFLAGS := -L/usr/local/lib -static-libstdc++ -static-libgcc -lrt ++FDBLibTLS_LDFLAGS := -L/usr/local/lib -static-libstdc++ -static-libgcc -lrt -ltls -lssl -lcrypto + FDBLibTLS_LDFLAGS += -Wl,-soname,FDBLibTLS.so -Wl,--version-script=FDBLibTLS/FDBLibTLS.map + + # The plugin isn't a typical library, so it feels more sensible to have a copy +diff --git a/bindings/c/local.mk b/bindings/c/local.mk +index 44f0c31..7aea5a4 100644 +--- a/bindings/c/local.mk ++++ b/bindings/c/local.mk +@@ -29,8 +29,8 @@ fdb_c_tests_HEADERS := -Ibindings/c + CLEAN_TARGETS += fdb_c_tests_clean + + ifeq ($(PLATFORM),linux) +- fdb_c_LIBS += lib/libstdc++.a -lm -lpthread -lrt -ldl +- fdb_c_LDFLAGS += -Wl,--version-script=bindings/c/fdb_c.map -static-libgcc -Wl,-z,nodelete ++ fdb_c_LIBS += lib/libstdc++.a ++ fdb_c_LDFLAGS += -Wl,--version-script=bindings/c/fdb_c.map -static-libgcc -Wl,-z,nodelete -lm -lpthread -lrt -ldl + fdb_c_tests_LIBS += -lpthread + endif + +diff --git a/bindings/flow/tester/local.mk b/bindings/flow/tester/local.mk +index 2ef4fcb..6e59625 100644 +--- a/bindings/flow/tester/local.mk ++++ b/bindings/flow/tester/local.mk +@@ -35,8 +35,7 @@ _fdb_flow_tester_clean: + @rm -rf bindings/flow/bin + + ifeq ($(PLATFORM),linux) +- fdb_flow_tester_LIBS += -ldl -lpthread -lrt +- fdb_flow_tester_LDFLAGS += -static-libstdc++ -static-libgcc ++ fdb_flow_tester_LDFLAGS += -static-libstdc++ -static-libgcc -ldl -lpthread -lrt + else ifeq ($(PLATFORM),osx) + fdb_flow_tester_LDFLAGS += -lc++ + endif +diff --git a/fdbbackup/local.mk b/fdbbackup/local.mk +index 033fe7d..865fc92 100644 +--- a/fdbbackup/local.mk ++++ b/fdbbackup/local.mk +@@ -25,8 +25,7 @@ fdbbackup_LDFLAGS := $(fdbrpc_LDFLAGS) + fdbbackup_LIBS := lib/libfdbclient.a lib/libfdbrpc.a lib/libflow.a + + ifeq ($(PLATFORM),linux) +- fdbbackup_LIBS += -ldl -lpthread -lrt +- fdbbackup_LDFLAGS += -static-libstdc++ -static-libgcc ++ fdbbackup_LDFLAGS += -static-libstdc++ -static-libgcc -ldl -lpthread -lrt + + # GPerfTools profiler (uncomment to use) + # fdbbackup_CFLAGS += -I/opt/gperftools/include -DUSE_GPERFTOOLS=1 +diff --git a/fdbcli/local.mk b/fdbcli/local.mk +index 81a4a42..892c079 100644 +--- a/fdbcli/local.mk ++++ b/fdbcli/local.mk +@@ -22,14 +22,13 @@ + + fdbcli_CFLAGS := $(fdbclient_CFLAGS) + fdbcli_LDFLAGS := $(fdbrpc_LDFLAGS) +-fdbcli_LIBS := lib/libfdbclient.a lib/libfdbrpc.a lib/libflow.a -ldl ++fdbcli_LIBS := lib/libfdbclient.a lib/libfdbrpc.a lib/libflow.a + fdbcli_STATIC_LIBS := + + fdbcli_GENERATED_SOURCES += versions.h + + ifeq ($(PLATFORM),linux) +- fdbcli_LDFLAGS += -static-libstdc++ -static-libgcc +- fdbcli_LIBS += -lpthread -lrt ++ fdbcli_LDFLAGS += -static-libstdc++ -static-libgcc -lpthread -lrt -ldl + else ifeq ($(PLATFORM),osx) + fdbcli_LDFLAGS += -lc++ + endif +diff --git a/fdbserver/local.mk b/fdbserver/local.mk +index 78cad1b..36f2c0f 100644 +--- a/fdbserver/local.mk ++++ b/fdbserver/local.mk +@@ -25,8 +25,7 @@ fdbserver_LDFLAGS := $(fdbrpc_LDFLAGS) + fdbserver_LIBS := lib/libfdbclient.a lib/libfdbrpc.a lib/libflow.a + + ifeq ($(PLATFORM),linux) +- fdbserver_LIBS += -ldl -lpthread -lrt +- fdbserver_LDFLAGS += -static-libstdc++ -static-libgcc ++ fdbserver_LDFLAGS += -static-libstdc++ -static-libgcc -ldl -lpthread -lrt + + # GPerfTools profiler (uncomment to use) + # fdbserver_CFLAGS += -I/opt/gperftools/include -DUSE_GPERFTOOLS=1 diff --git a/pkgs/servers/foundationdb/ldflags.patch b/pkgs/servers/foundationdb/ldflags.patch index 4d523a7ecdd3..ee5911e495f8 100644 --- a/pkgs/servers/foundationdb/ldflags.patch +++ b/pkgs/servers/foundationdb/ldflags.patch @@ -1,9 +1,9 @@ diff --git a/FDBLibTLS/local.mk b/FDBLibTLS/local.mk -index 0b6eac8..b1891ca 100644 +index 5e6b9cfb..73f4e5f3 100644 --- a/FDBLibTLS/local.mk +++ b/FDBLibTLS/local.mk @@ -1,6 +1,5 @@ - FDBLibTLS_CFLAGS := -fPIC -I/usr/local/include -I$(BOOSTDIR) + FDBLibTLS_CFLAGS := -fPIC -I/usr/local/include -I$(BOOSTDIR) -Ifdbrpc -FDBLibTLS_STATIC_LIBS := -ltls -lssl -lcrypto -FDBLibTLS_LDFLAGS := -L/usr/local/lib -static-libstdc++ -static-libgcc -lrt +FDBLibTLS_LDFLAGS := -L/usr/local/lib -static-libstdc++ -static-libgcc -lrt -ltls -lssl -lcrypto @@ -11,7 +11,7 @@ index 0b6eac8..b1891ca 100644 # The plugin isn't a typical library, so it feels more sensible to have a copy diff --git a/bindings/c/local.mk b/bindings/c/local.mk -index 44f0c31..7aea5a4 100644 +index 44f0c31b..7aea5a4f 100644 --- a/bindings/c/local.mk +++ b/bindings/c/local.mk @@ -29,8 +29,8 @@ fdb_c_tests_HEADERS := -Ibindings/c @@ -26,7 +26,7 @@ index 44f0c31..7aea5a4 100644 endif diff --git a/bindings/flow/tester/local.mk b/bindings/flow/tester/local.mk -index 2ef4fcb..6e59625 100644 +index 2ef4fcb7..6e59625c 100644 --- a/bindings/flow/tester/local.mk +++ b/bindings/flow/tester/local.mk @@ -35,8 +35,7 @@ _fdb_flow_tester_clean: @@ -40,7 +40,7 @@ index 2ef4fcb..6e59625 100644 fdb_flow_tester_LDFLAGS += -lc++ endif diff --git a/fdbbackup/local.mk b/fdbbackup/local.mk -index 033fe7d..865fc92 100644 +index 033fe7d4..865fc923 100644 --- a/fdbbackup/local.mk +++ b/fdbbackup/local.mk @@ -25,8 +25,7 @@ fdbbackup_LDFLAGS := $(fdbrpc_LDFLAGS) @@ -54,7 +54,7 @@ index 033fe7d..865fc92 100644 # GPerfTools profiler (uncomment to use) # fdbbackup_CFLAGS += -I/opt/gperftools/include -DUSE_GPERFTOOLS=1 diff --git a/fdbcli/local.mk b/fdbcli/local.mk -index 81a4a42..892c079 100644 +index 81a4a42e..892c079c 100644 --- a/fdbcli/local.mk +++ b/fdbcli/local.mk @@ -22,14 +22,13 @@ @@ -75,7 +75,7 @@ index 81a4a42..892c079 100644 fdbcli_LDFLAGS += -lc++ endif diff --git a/fdbserver/local.mk b/fdbserver/local.mk -index 78cad1b..36f2c0f 100644 +index 78cad1bf..36f2c0f7 100644 --- a/fdbserver/local.mk +++ b/fdbserver/local.mk @@ -25,8 +25,7 @@ fdbserver_LDFLAGS := $(fdbrpc_LDFLAGS) diff --git a/pkgs/servers/mail/rspamd/default.nix b/pkgs/servers/mail/rspamd/default.nix index 3e3132798068..4de63d694667 100644 --- a/pkgs/servers/mail/rspamd/default.nix +++ b/pkgs/servers/mail/rspamd/default.nix @@ -6,29 +6,25 @@ in stdenv.mkDerivation rec { name = "rspamd-${version}"; - version = "1.6.6"; + version = "1.7.3"; src = fetchFromGitHub { owner = "vstakhov"; repo = "rspamd"; rev = version; - sha256 = "04jqrki7rlxywdig264kavy1h5882rspi2drkbdzrk35jjq8rh3h"; + sha256 = "1gb4zg8i1nj337f65s434h299ad19c0d7jyawb2glvv3n4cshm97"; }; nativeBuildInputs = [ cmake pkgconfig perl ]; - buildInputs = [ glib gmime libevent libmagic luajit openssl pcre sqlite ragel icu libfann]; + buildInputs = [ glib gmime libevent libmagic luajit openssl pcre sqlite ragel icu libfann ]; - postPatch = '' - substituteInPlace conf/common.conf --replace "\$CONFDIR/rspamd.conf.local" "/etc/rspamd/rspamd.conf.local" - substituteInPlace conf/common.conf --replace "\$CONFDIR/rspamd.conf.local.override" "/etc/rspamd/rspamd.conf.local.override" - ''; - - cmakeFlags = '' - -DDEBIAN_BUILD=ON - -DRUNDIR=/var/run/rspamd - -DDBDIR=/var/lib/rspamd - -DLOGDIR=/var/log/rspamd - ''; + cmakeFlags = [ + "-DDEBIAN_BUILD=ON" + "-DRUNDIR=/var/run/rspamd" + "-DDBDIR=/var/lib/rspamd" + "-DLOGDIR=/var/log/rspamd" + "-DLOCAL_CONFDIR=/etc/rspamd" + ]; meta = with stdenv.lib; { homepage = https://github.com/vstakhov/rspamd; diff --git a/pkgs/tools/admin/awscli/default.nix b/pkgs/tools/admin/awscli/default.nix index 4e7e2d402e90..b7d41ac7a960 100644 --- a/pkgs/tools/admin/awscli/default.nix +++ b/pkgs/tools/admin/awscli/default.nix @@ -19,11 +19,11 @@ let in py.pkgs.buildPythonApplication rec { pname = "awscli"; - version = "1.15.10"; + version = "1.15.49"; src = py.pkgs.fetchPypi { inherit pname version; - sha256 = "0nwpanbfx5h0bad8wwvvbhpjf9r6n885bbv2w8mw7vijdgclkq8x"; + sha256 = "1rn1d274vg2zq93cswh6w5ybgqw6gk2pgiqxhsyd04f2v4smr98i"; }; # No tests included diff --git a/pkgs/tools/compression/zstd/default.nix b/pkgs/tools/compression/zstd/default.nix index 8fa2d181de5e..edb771b5b3ec 100644 --- a/pkgs/tools/compression/zstd/default.nix +++ b/pkgs/tools/compression/zstd/default.nix @@ -4,10 +4,10 @@ stdenv.mkDerivation rec { name = "zstd-${version}"; - version = "1.3.4"; + version = "1.3.5"; src = fetchFromGitHub { - sha256 = "090ba7dnv5z2v4vlb8b275b0n7cqsdzjqvr3b6a0w65z13mgy2nw"; + sha256 = "0fpv8k16s14g0r552mhbh0mkr716cqy41d2znyrvks6qfphkgir4"; rev = "v${version}"; repo = "zstd"; owner = "facebook"; diff --git a/pkgs/tools/misc/asciinema/default.nix b/pkgs/tools/misc/asciinema/default.nix index 0808704ecb78..c1cca25c576e 100644 --- a/pkgs/tools/misc/asciinema/default.nix +++ b/pkgs/tools/misc/asciinema/default.nix @@ -1,10 +1,10 @@ -{ lib, python3Packages, fetchFromGitHub }: +{ lib, python3Packages, fetchFromGitHub, glibcLocales }: let pythonPackages = python3Packages; in pythonPackages.buildPythonApplication rec { name = "asciinema-${version}"; - version = "2.0.0"; + version = "2.0.1"; buildInputs = with pythonPackages; [ nose ]; propagatedBuildInputs = with pythonPackages; [ requests ]; @@ -13,7 +13,7 @@ in pythonPackages.buildPythonApplication rec { owner = "asciinema"; repo = "asciinema"; rev = "v${version}"; - sha256 = "1f92hv9w58jf1f7igspjxvrxqn3n21kgya2zb56spqyydr4jzwdk"; + sha256 = "09m9agkslrbm36y8pjqhg5nmyz9hppjyhafhzpglnadhfgwqzznr"; }; patchPhase = '' @@ -21,8 +21,10 @@ in pythonPackages.buildPythonApplication rec { rm tests/pty_recorder_test.py ''; + checkInputs = [ glibcLocales ]; + checkPhase = '' - nosetests + LC_ALL=en_US.UTF-8 nosetests ''; meta = { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 43044273edac..2306b536a0c6 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2505,14 +2505,16 @@ with pkgs; fuseiso = callPackage ../tools/filesystems/fuseiso { }; - fdbPackages = callPackage ../servers/foundationdb { stdenv = overrideCC stdenv gcc49; }; + fdbPackages = callPackage ../servers/foundationdb { + stdenv49 = overrideCC stdenv gcc49; + }; inherit (fdbPackages) foundationdb51 foundationdb52 foundationdb60; - foundationdb = callPackage ../servers/foundationdb { stdenv = overrideCC stdenv gcc49; }; + foundationdb = foundationdb52; fuse-7z-ng = callPackage ../tools/filesystems/fuse-7z-ng { }; @@ -5395,7 +5397,7 @@ with pkgs; torsocks = callPackage ../tools/security/tor/torsocks.nix { }; - toxvpn = callPackage ../tools/networking/toxvpn { libtoxcore = libtoxcore_0_1; }; + toxvpn = callPackage ../tools/networking/toxvpn { }; tpmmanager = callPackage ../applications/misc/tpmmanager { }; @@ -6763,7 +6765,7 @@ with pkgs; fpc = fpc; }; - lessc = callPackage ../development/compilers/lessc { }; + lessc = nodePackages.less; liquibase = callPackage ../development/tools/database/liquibase { }; @@ -9998,6 +10000,8 @@ with pkgs; inherit (darwin.apple_sdk.frameworks) CoreServices; }; + libde265 = callPackage ../development/libraries/libde265 {}; + libdevil = callPackage ../development/libraries/libdevil { inherit (darwin.apple_sdk.frameworks) OpenGL; }; @@ -10212,6 +10216,8 @@ with pkgs; libhdhomerun = callPackage ../development/libraries/libhdhomerun { }; + libheif = callPackage ../development/libraries/libheif {}; + libhttpseverywhere = callPackage ../development/libraries/libhttpseverywhere { }; libHX = callPackage ../development/libraries/libHX { }; @@ -13630,14 +13636,6 @@ with pkgs; modDirVersionArg = linux_4_14.modDirVersion + "-hardened"; }); - linux_copperhead_stable = (linux_4_16.override { - kernelPatches = linux_4_16.kernelPatches ++ [ - kernelPatches.copperhead_4_16 - kernelPatches.tag_hardened - ]; - modDirVersionArg = linux_4_16.modDirVersion + "-hardened"; - }); - # linux mptcp is based on the 4.4 kernel linux_mptcp = callPackage ../os-specific/linux/kernel/linux-mptcp.nix { kernelPatches = @@ -13693,17 +13691,6 @@ with pkgs; ]; }; - linux_4_16 = callPackage ../os-specific/linux/kernel/linux-4.16.nix { - kernelPatches = - [ kernelPatches.bridge_stp_helper - # See pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/README.md - # when adding a new linux version - # kernelPatches.cpu-cgroup-v2."4.11" - kernelPatches.modinst_arg_list_too_long - kernelPatches.bcm2835_mmal_v4l2_camera_driver # Only needed for 4.16! - ]; - }; - linux_4_17 = callPackage ../os-specific/linux/kernel/linux-4.17.nix { kernelPatches = [ kernelPatches.bridge_stp_helper @@ -13918,7 +13905,6 @@ with pkgs; linuxPackages_4_4 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_4); linuxPackages_4_9 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_9); linuxPackages_4_14 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_14); - linuxPackages_4_16 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_16); linuxPackages_4_17 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_17); # Don't forget to update linuxPackages_latest! @@ -13971,7 +13957,6 @@ with pkgs; linuxPackages_latest_xen_dom0_hardened = recurseIntoAttrs (hardenedLinuxPackagesFor (pkgs.linux_latest.override { features.xen_dom0=true; })); linuxPackages_copperhead_lts = recurseIntoAttrs (hardenedLinuxPackagesFor pkgs.linux_copperhead_lts); - linuxPackages_copperhead_stable = recurseIntoAttrs (hardenedLinuxPackagesFor pkgs.linux_copperhead_stable); # Samus kernels linuxPackages_samus_4_12 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_samus_4_12); @@ -14353,6 +14338,7 @@ with pkgs; ubootClearfog ubootGuruplug ubootJetsonTK1 + ubootNovena ubootOdroidXU3 ubootOrangePiPc ubootPcduino3Nano @@ -16638,6 +16624,8 @@ with pkgs; libxml2 = null; openjpeg = null; libwebp = null; + libheif = null; + libde265 = null; }; imagemagick = callPackage ../applications/graphics/ImageMagick { @@ -16665,6 +16653,7 @@ with pkgs; libxml2 = null; openjpeg = null; libwebp = null; + libheif = null; }); imagemagick7 = lowPrio (imagemagick7Big.override { @@ -18599,8 +18588,6 @@ with pkgs; flags = [ "python" "X11" ]; # only flag "X11" by now }); - xxd = callPackage ../tools/misc/xxd { }; - vimNox = lowPrio (vim_configurable.override { source = "vim-nox"; lua = pkgs.lua5_1; # vimNox source is from 2012, requires older lua @@ -21825,7 +21812,7 @@ with pkgs; unixtools = recurseIntoAttrs (callPackages ./unix-tools.nix { }); inherit (unixtools) hexdump ps logger eject umount mount wall hostname more sysctl getconf - getent locale killall; + getent locale killall xxd; fts = if hostPlatform.isMusl then netbsd.fts else null; diff --git a/pkgs/top-level/unix-tools.nix b/pkgs/top-level/unix-tools.nix index a46d2897f4ed..cc6a8e0592a8 100644 --- a/pkgs/top-level/unix-tools.nix +++ b/pkgs/top-level/unix-tools.nix @@ -16,6 +16,7 @@ let singleBinary = cmd: providers: let provider = "${lib.getBin providers.${hostPlatform.parsed.kernel.name}}/bin/${cmd}"; + manpage = "${lib.getOutput "man" providers.${hostPlatform.parsed.kernel.name}}/share/man/man1/${cmd}.1.gz"; in runCommand "${cmd}-${version}" { meta.platforms = map (n: { kernel.name = n; }) (pkgs.lib.attrNames providers); } '' @@ -25,6 +26,10 @@ let fi install -D "${provider}" "$out/bin/${cmd}" + + if [ -f "${manpage}" ]; then + install -D "${manpage}" $out/share/man/man1/${cmd}.1.gz + fi ''; # more is unavailable in darwin @@ -147,6 +152,10 @@ let linux = pkgs.utillinux; darwin = pkgs.darwin.basic_cmds; }; + xxd = { + linux = pkgs.vim; + darwin = pkgs.vim; + }; }; makeCompat = name': value: buildEnv { |