diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-12-01 19:00:09 +0100 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-12-01 19:00:09 +0100 |
commit | 9e9b07490d5bab5d115c66b80bdb10ff0c11ed8d (patch) | |
tree | 4368f9e4cb2d5b93a956c085337e45cb70f1e331 /nixpkgs/pkgs/build-support | |
parent | a9cbfb6941b47d6f50129e6e36927882392daed7 (diff) | |
parent | 2344fe1da14cb08b0c18743b207995f9b8597915 (diff) | |
download | nixlib-9e9b07490d5bab5d115c66b80bdb10ff0c11ed8d.tar nixlib-9e9b07490d5bab5d115c66b80bdb10ff0c11ed8d.tar.gz nixlib-9e9b07490d5bab5d115c66b80bdb10ff0c11ed8d.tar.bz2 nixlib-9e9b07490d5bab5d115c66b80bdb10ff0c11ed8d.tar.lz nixlib-9e9b07490d5bab5d115c66b80bdb10ff0c11ed8d.tar.xz nixlib-9e9b07490d5bab5d115c66b80bdb10ff0c11ed8d.tar.zst nixlib-9e9b07490d5bab5d115c66b80bdb10ff0c11ed8d.zip |
Merge https://github.com/NixOS/nixpkgs
Diffstat (limited to 'nixpkgs/pkgs/build-support')
22 files changed, 216 insertions, 85 deletions
diff --git a/nixpkgs/pkgs/build-support/build-graalvm-native-image/default.nix b/nixpkgs/pkgs/build-support/build-graalvm-native-image/default.nix index 6a5e82427f7b..e5fe1abe1d11 100644 --- a/nixpkgs/pkgs/build-support/build-graalvm-native-image/default.nix +++ b/nixpkgs/pkgs/build-support/build-graalvm-native-image/default.nix @@ -3,6 +3,7 @@ , glibcLocales # The GraalVM derivation to use , graalvmDrv +, removeReferencesTo , executable ? args.pname # JAR used as input for GraalVM derivation, defaults to src , jar ? args.src @@ -11,6 +12,7 @@ # except in special cases. In most cases, use extraNativeBuildArgs instead , nativeImageBuildArgs ? [ (lib.optionalString stdenv.isDarwin "-H:-CheckToolchain") + (lib.optionalString (stdenv.isLinux && stdenv.isAarch64) "-H:PageSize=64K") "-H:Name=${executable}" "-march=compatibility" "--verbose" @@ -37,12 +39,13 @@ let "buildPhase" "nativeBuildInputs" "installPhase" + "postInstall" ]; in stdenv.mkDerivation ({ inherit dontUnpack jar; - nativeBuildInputs = (args.nativeBuildInputs or [ ]) ++ [ graalvmDrv glibcLocales ]; + nativeBuildInputs = (args.nativeBuildInputs or [ ]) ++ [ graalvmDrv glibcLocales removeReferencesTo ]; nativeImageBuildArgs = nativeImageBuildArgs ++ extraNativeImageBuildArgs ++ [ graalvmXmx ]; @@ -62,6 +65,11 @@ stdenv.mkDerivation ({ runHook postInstall ''; + postInstall = '' + remove-references-to -t ${graalvmDrv} $out/bin/${executable} + ${args.postInstall or ""} + ''; + disallowedReferences = [ graalvmDrv ]; passthru = { inherit graalvmDrv; }; diff --git a/nixpkgs/pkgs/build-support/emacs/wrapper.nix b/nixpkgs/pkgs/build-support/emacs/wrapper.nix index 6c1383c53304..59a694286d09 100644 --- a/nixpkgs/pkgs/build-support/emacs/wrapper.nix +++ b/nixpkgs/pkgs/build-support/emacs/wrapper.nix @@ -36,8 +36,8 @@ in customEmacsPackages.withPackages (epkgs: [ epkgs.evil epkgs.magit ]) self: let inherit (self) emacs; - withNativeCompilation = emacs.withNativeCompilation or emacs.nativeComp or false; - withTreeSitter = emacs.withTreeSitter or emacs.treeSitter or false; + withNativeCompilation = emacs.withNativeCompilation or false; + withTreeSitter = emacs.withTreeSitter or false; in packagesFun: # packages explicitly requested by the user let diff --git a/nixpkgs/pkgs/build-support/fetchfossil/default.nix b/nixpkgs/pkgs/build-support/fetchfossil/default.nix index 7866c403ec42..3f3bf69db047 100644 --- a/nixpkgs/pkgs/build-support/fetchfossil/default.nix +++ b/nixpkgs/pkgs/build-support/fetchfossil/default.nix @@ -1,7 +1,15 @@ {stdenv, lib, fossil, cacert}: -{name ? null, url, rev, sha256}: +{ name ? null +, url +, rev +, sha256 ? "" +, hash ? "" +}: +if hash != "" && sha256 != "" then + throw "Only one of sha256 or hash can be set" +else stdenv.mkDerivation { name = "fossil-archive" + (lib.optionalString (name != null) "-${name}"); builder = ./builder.sh; @@ -11,9 +19,14 @@ stdenv.mkDerivation { # https://www.fossil-scm.org/index.html/doc/trunk/www/env-opts.md impureEnvVars = [ "http_proxy" ]; - outputHashAlgo = "sha256"; + outputHashAlgo = if hash != "" then null else "sha256"; outputHashMode = "recursive"; - outputHash = sha256; + outputHash = if hash != "" then + hash + else if sha256 != "" then + sha256 + else + lib.fakeSha256; inherit url rev; preferLocalBuild = true; diff --git a/nixpkgs/pkgs/build-support/fetchgitlab/default.nix b/nixpkgs/pkgs/build-support/fetchgitlab/default.nix index 146845e06a71..2ccb81335cc2 100644 --- a/nixpkgs/pkgs/build-support/fetchgitlab/default.nix +++ b/nixpkgs/pkgs/build-support/fetchgitlab/default.nix @@ -30,5 +30,5 @@ let }) // passthruAttrs // { inherit name; }; in -fetcher fetcherArgs // { meta.homepage = "${protocol}://${domain}/${slug}/"; inherit rev; } +fetcher fetcherArgs // { meta.homepage = "${protocol}://${domain}/${slug}/"; inherit rev owner repo; } ) diff --git a/nixpkgs/pkgs/build-support/kernel/make-initrd-ng/Cargo.lock b/nixpkgs/pkgs/build-support/kernel/make-initrd-ng/Cargo.lock index 8965b8793cca..c407d36d90f4 100644 --- a/nixpkgs/pkgs/build-support/kernel/make-initrd-ng/Cargo.lock +++ b/nixpkgs/pkgs/build-support/kernel/make-initrd-ng/Cargo.lock @@ -4,9 +4,9 @@ version = 3 [[package]] name = "eyre" -version = "0.6.8" +version = "0.6.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c2b6b5a29c02cdc822728b7d7b8ae1bab3e3b05d44522770ddd49722eeac7eb" +checksum = "80f656be11ddf91bd709454d15d5bd896fbaf4cc3314e69349e4d1569f5b46cd" dependencies = [ "indenter", "once_cell", @@ -95,9 +95,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.38" +version = "2.0.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e96b79aaa137db8f61e26363a0c9b47d8b4ec75da28b7d1d614c2303e232408b" +checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a" dependencies = [ "proc-macro2", "quote", diff --git a/nixpkgs/pkgs/build-support/kernel/modules-closure.sh b/nixpkgs/pkgs/build-support/kernel/modules-closure.sh index 74bc490eb15c..5f61bac751af 100644 --- a/nixpkgs/pkgs/build-support/kernel/modules-closure.sh +++ b/nixpkgs/pkgs/build-support/kernel/modules-closure.sh @@ -66,8 +66,8 @@ for module in $rootModules; do fi done -mkdir -p $out/lib/firmware -for module in $(cat closure); do +cd "$firmware" +for module in $(< ~-/closure); do # for builtin modules, modinfo will reply with a wrong output looking like: # $ modinfo -F firmware unix # name: unix @@ -78,16 +78,15 @@ for module in $(cat closure); do # # For now, the workaround is just to filter out the extraneous lines out # of its output. - for i in $(modinfo -b $kernel --set-version "$version" -F firmware $module | grep -v '^name:'); do - mkdir -p "$out/lib/firmware/$(dirname "$i")" + modinfo -b $kernel --set-version "$version" -F firmware $module | grep -v '^name:' | while read -r i; do echo "firmware for $module: $i" for name in "$i" "$i.xz" ""; do [ -z "$name" ] && echo "WARNING: missing firmware $i for module $module" - if cp "$firmware/lib/firmware/$name" "$out/lib/firmware/$name" 2>/dev/null; then + if cp -v --parents --no-preserve=mode lib/firmware/$name "$out" 2>/dev/null; then break fi done - done + done || : done # copy module ordering hints for depmod diff --git a/nixpkgs/pkgs/build-support/make-hardcode-gsettings-patch/default.nix b/nixpkgs/pkgs/build-support/make-hardcode-gsettings-patch/default.nix index a1d2de21c4cb..820b003e3c6f 100644 --- a/nixpkgs/pkgs/build-support/make-hardcode-gsettings-patch/default.nix +++ b/nixpkgs/pkgs/build-support/make-hardcode-gsettings-patch/default.nix @@ -6,42 +6,61 @@ }: /* - Can be used as part of an update script to automatically create a patch - hardcoding the path of all GSettings schemas in C code. - For example: - passthru = { - hardcodeGsettingsPatch = makeHardcodeGsettingsPatch { - inherit src; - schemaIdToVariableMapping = { - ... + Creates a patch that replaces every instantiation of GSettings in a C project + with a code that loads a GSettings schema from a hardcoded path. + + This is useful so that libraries can find schemas even though Nix lacks + a standard location like /usr/share, where GSettings system could look for schemas. + The derivation is is somewhat dependency-heavy so it is best used as part of an update script. + + For each schema id referenced in the source code (e.g. org.gnome.evolution), + a variable name such as `EVOLUTION` must be provided. + It will end up in the generated patch as `@EVOLUTION@` placeholder, which should be replaced at build time + with a path to the directory containing a `gschemas.compiled` file that includes the schema. + + + Arguments: + - `src`: source to generate the patch for. + + - `schemaIdToVariableMapping`: attrset assigning schema ids to variable names. + All used schemas must be listed. + + For example, `{ "org.gnome.evolution" = "EVOLUTION_SCHEMA_PATH"; }` + hardcodes looking for `org.gnome.evolution` into `@EVOLUTION_SCHEMA_PATH@`. + + - `patches`: A list of patches to apply before generating the patch. + + Example: + passthru = { + hardcodeGsettingsPatch = makeHardcodeGsettingsPatch { + inherit (finalAttrs) src; + schemaIdToVariableMapping = { + ... + }; }; - }; - - updateScript = - let - updateSource = ...; - updatePatch = _experimental-update-script-combinators.copyAttrOutputToFile "evolution-ews.hardcodeGsettingsPatch" ./hardcode-gsettings.patch; - in - _experimental-update-script-combinators.sequence [ - updateSource - updatePatch - ]; - }; - } - takes as input a mapping from schema path to variable name. - For example `{ "org.gnome.evolution" = "EVOLUTION_SCHEMA_PATH"; }` - hardcodes looking for `org.gnome.evolution` into `@EVOLUTION_SCHEMA_PATH@`. - All schemas must be listed. + + updateScript = + let + updateSource = ...; + updatePatch = _experimental-update-script-combinators.copyAttrOutputToFile "evolution-ews.hardcodeGsettingsPatch" ./hardcode-gsettings.patch; + in + _experimental-update-script-combinators.sequence [ + updateSource + updatePatch + ]; + }; + } */ { src, + patches ? [ ], schemaIdToVariableMapping, }: runCommand "hardcode-gsettings.patch" { - inherit src; + inherit src patches; nativeBuildInputs = [ git coccinelle @@ -51,6 +70,7 @@ runCommand '' unpackPhase cd "''${sourceRoot:-.}" + patchPhase set -x cp ${builtins.toFile "glib-schema-to-var.json" (builtins.toJSON schemaIdToVariableMapping)} ./glib-schema-to-var.json git init diff --git a/nixpkgs/pkgs/build-support/make-hardcode-gsettings-patch/hardcode-gsettings.cocci b/nixpkgs/pkgs/build-support/make-hardcode-gsettings-patch/hardcode-gsettings.cocci index a265f5fac384..e916d74fd1f5 100644 --- a/nixpkgs/pkgs/build-support/make-hardcode-gsettings-patch/hardcode-gsettings.cocci +++ b/nixpkgs/pkgs/build-support/make-hardcode-gsettings-patch/hardcode-gsettings.cocci @@ -1,11 +1,14 @@ /** - * Since Nix does not have a standard location like /usr/share, - * where GSettings system could look for schemas, we need to point the software to a correct location somehow. + * Since Nix does not have a standard location like /usr/share where GSettings system + * could look for schemas, we need to point the software to a correct location somehow. * For executables, we handle this using wrappers but this is not an option for libraries like e-d-s. - * Instead, we hardcode the schema path when creating the settings. - * A schema path (ie org.gnome.evolution) can be replaced by @EVOLUTION_SCHEMA_ID@ - * which is then replaced at build time by substituteAll. - * The mapping is provided in a json file ./glib-schema-to-var.json + * Instead, we patch the source code to look for the schema in a schema source + * through a hardcoded path to the schema. + * + * For each schema id referenced in the source code (e.g. org.gnome.evolution), + * a variable name such as `EVOLUTION` must be provided in the ./glib-schema-to-var.json JSON file. + * It will end up in the resulting patch as `@EVOLUTION@` placeholder, which should be replaced at build time + * with a path to the directory containing a `gschemas.compiled` file that includes the schema. */ @initialize:python@ diff --git a/nixpkgs/pkgs/build-support/node/build-npm-package/default.nix b/nixpkgs/pkgs/build-support/node/build-npm-package/default.nix index eecea8b76758..42c6a9c065b2 100644 --- a/nixpkgs/pkgs/build-support/node/build-npm-package/default.nix +++ b/nixpkgs/pkgs/build-support/node/build-npm-package/default.nix @@ -21,6 +21,9 @@ # Whether to force the usage of Git dependencies that have install scripts, but not a lockfile. # Use with care. , forceGitDeps ? false + # Whether to force allow an empty dependency cache. + # This can be enabled if there are truly no remote dependencies, but generally an empty cache indicates something is wrong. +, forceEmptyCache ? false # Whether to make the cache writable prior to installing dependencies. # Don't set this unless npm tries to write to the cache directory, as it can slow down the build. , makeCacheWritable ? false @@ -42,7 +45,7 @@ , npmWorkspace ? null , nodejs ? topLevelArgs.nodejs , npmDeps ? fetchNpmDeps { - inherit forceGitDeps src srcs sourceRoot prePatch patches postPatch; + inherit forceGitDeps forceEmptyCache src srcs sourceRoot prePatch patches postPatch; name = "${name}-npm-deps"; hash = npmDepsHash; } diff --git a/nixpkgs/pkgs/build-support/node/fetch-npm-deps/default.nix b/nixpkgs/pkgs/build-support/node/fetch-npm-deps/default.nix index 67a4c337c0d2..cfa3366491f2 100644 --- a/nixpkgs/pkgs/build-support/node/fetch-npm-deps/default.nix +++ b/nixpkgs/pkgs/build-support/node/fetch-npm-deps/default.nix @@ -36,8 +36,8 @@ ''; }; - makeTest = { name, src, hash, forceGitDeps ? false }: testers.invalidateFetcherByDrvHash fetchNpmDeps { - inherit name hash forceGitDeps; + makeTest = { name, src, hash, forceGitDeps ? false, forceEmptyCache ? false }: testers.invalidateFetcherByDrvHash fetchNpmDeps { + inherit name hash forceGitDeps forceEmptyCache; src = makeTestSrc { inherit name src; }; }; @@ -98,6 +98,20 @@ hash = "sha256-VzQhArHoznYSXUT7l9HkJV4yoSOmoP8eYTLel1QwmB4="; }; + # This package has no resolved deps whatsoever, which will not actually work but does test the forceEmptyCache option. + emptyCache = makeTest { + name = "empty-cache"; + + src = fetchurl { + url = "https://raw.githubusercontent.com/bufbuild/protobuf-es/v1.2.1/package-lock.json"; + hash = "sha256-UdBUEb4YRHsbvyjymIyjemJEiaI9KQRirqt+SFSK0wA="; + }; + + hash = "sha256-Cdv40lQjRszzJtJydZt25uYfcJVeJGwH54A+agdH9wI="; + + forceEmptyCache = true; + }; + # This package contains both hosted Git shorthand, and a bundled dependency that happens to override an existing one. etherpadLite1818 = makeTest { name = "etherpad-lite-1.8.18"; @@ -124,6 +138,7 @@ { name ? "npm-deps" , hash ? "" , forceGitDeps ? false + , forceEmptyCache ? false , ... } @ args: let @@ -136,6 +151,7 @@ }; forceGitDeps_ = lib.optionalAttrs forceGitDeps { FORCE_GIT_DEPS = true; }; + forceEmptyCache_ = lib.optionalAttrs forceEmptyCache { FORCE_EMPTY_CACHE = true; }; in stdenvNoCC.mkDerivation (args // { inherit name; @@ -174,5 +190,5 @@ else "/no-cert-file.crt"; outputHashMode = "recursive"; - } // hash_ // forceGitDeps_); + } // hash_ // forceGitDeps_ // forceEmptyCache_); } diff --git a/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/cacache.rs b/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/cacache.rs index b7efedac59bd..75133b1b03ea 100644 --- a/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/cacache.rs +++ b/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/cacache.rs @@ -43,6 +43,13 @@ impl Cache { Cache(path) } + pub fn init(&self) -> anyhow::Result<()> { + fs::create_dir_all(self.0.join("content-v2"))?; + fs::create_dir_all(self.0.join("index-v5"))?; + + Ok(()) + } + pub fn put( &self, key: String, diff --git a/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/main.rs b/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/main.rs index 9d86bd8091a7..2b28e290ad51 100644 --- a/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/main.rs +++ b/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/main.rs @@ -234,9 +234,14 @@ fn main() -> anyhow::Result<()> { (out_tempdir.path(), true) }; - let packages = parse::lockfile(&lock_content, env::var("FORCE_GIT_DEPS").is_ok())?; + let packages = parse::lockfile( + &lock_content, + env::var("FORCE_GIT_DEPS").is_ok(), + env::var("FORCE_EMPTY_CACHE").is_ok(), + )?; let cache = Cache::new(out.join("_cacache")); + cache.init()?; packages.into_par_iter().try_for_each(|package| { eprintln!("{}", package.name); diff --git a/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/parse/mod.rs b/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/parse/mod.rs index 86e9120de02f..880a972e80e9 100644 --- a/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/parse/mod.rs +++ b/nixpkgs/pkgs/build-support/node/fetch-npm-deps/src/parse/mod.rs @@ -14,7 +14,11 @@ use crate::util; pub mod lock; -pub fn lockfile(content: &str, force_git_deps: bool) -> anyhow::Result<Vec<Package>> { +pub fn lockfile( + content: &str, + force_git_deps: bool, + force_empty_cache: bool, +) -> anyhow::Result<Vec<Package>> { let mut packages = lock::packages(content) .context("failed to extract packages from lockfile")? .into_par_iter() @@ -25,6 +29,10 @@ pub fn lockfile(content: &str, force_git_deps: bool) -> anyhow::Result<Vec<Packa }) .collect::<anyhow::Result<Vec<_>>>()?; + if packages.is_empty() && !force_empty_cache { + bail!("No cacheable dependencies were found. Please inspect the upstream `package-lock.json` file and ensure that remote dependencies have `resolved` URLs and `integrity` hashes. If the lockfile is missing this data, attempt to get upstream to fix it via a tool like <https://github.com/jeslie0/npm-lockfile-fix>. If generating an empty cache is intentional and you would like to do it anyways, set `forceEmptyCache = true`."); + } + let mut new = Vec::new(); for pkg in packages @@ -64,7 +72,13 @@ pub fn lockfile(content: &str, force_git_deps: bool) -> anyhow::Result<Vec<Packa } if let Ok(lockfile_contents) = lockfile_contents { - new.append(&mut lockfile(&lockfile_contents, force_git_deps)?); + new.append(&mut lockfile( + &lockfile_contents, + force_git_deps, + // force_empty_cache is turned on here since recursively parsed lockfiles should be + // allowed to have an empty cache without erroring by default + true, + )?); } } diff --git a/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/default.nix b/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/default.nix index 49c2f6cbfc98..e837f7457d17 100644 --- a/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/default.nix +++ b/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/default.nix @@ -62,8 +62,9 @@ in { dontUnpack = src == null; dontInstall = true; - nativeBuildInputs = [ prefetch-yarn-deps ]; + nativeBuildInputs = [ prefetch-yarn-deps cacert ]; GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + NODE_EXTRA_CA_CERTS = "${cacert}/etc/ssl/certs/ca-bundle.crt"; buildPhase = '' runHook preBuild diff --git a/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/index.js b/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/index.js index de2a09ee9041..e60fdeb54330 100755 --- a/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/index.js +++ b/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/index.js @@ -88,10 +88,17 @@ const isGitUrl = pattern => { } const downloadPkg = (pkg, verbose) => { - const [ name, spec ] = pkg.key.split('@', 2); - if (spec.startsWith('file:')) { - console.info(`ignoring relative file:path dependency "${spec}"`) + const fileMarker = '@file:' + const split = pkg.key.split(fileMarker) + if (split.length == 2) { + console.info(`ignoring lockfile entry "${split[0]}" which points at path "${split[1]}"`) return + } else if (split.length > 2) { + throw new Error(`The lockfile entry key "${pkg.key}" contains "${fileMarker}" more than once. Processing is not implemented.`) + } + + if (pkg.resolved === undefined) { + throw new Error(`The lockfile entry with key "${pkg.key}" cannot be downloaded because it is missing the "resolved" attribute, which should contain the URL to download from. The lockfile might be invalid.`) } const [ url, hash ] = pkg.resolved.split('#') @@ -133,19 +140,10 @@ const performParallel = tasks => { const prefetchYarnDeps = async (lockContents, verbose) => { const lockData = lockfile.parse(lockContents) - const tasks = Object.values( + await performParallel( Object.entries(lockData.object) - .map(([key, value]) => { - return { key, ...value } - }) - .reduce((out, pkg) => { - out[pkg.resolved] = pkg - return out - }, {}) + .map(([key, value]) => () => downloadPkg({ key, ...value }, verbose)) ) - .map(pkg => () => downloadPkg(pkg, verbose)) - - await performParallel(tasks) await fs.promises.writeFile('yarn.lock', lockContents) if (verbose) console.log('Done') } diff --git a/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/tests/default.nix b/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/tests/default.nix index 8ffe103a9548..8057d05ba72c 100644 --- a/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/tests/default.nix +++ b/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/tests/default.nix @@ -1,6 +1,10 @@ { testers, fetchYarnDeps, ... }: { + file = testers.invalidateFetcherByDrvHash fetchYarnDeps { + yarnLock = ./file.lock; + sha256 = "sha256-BPuyQVCbdpFL/iRhmarwWAmWO2NodlVCOY9JU+4pfa4="; + }; simple = testers.invalidateFetcherByDrvHash fetchYarnDeps { yarnLock = ./simple.lock; sha256 = "sha256-FRrt8BixleILmFB2ZV8RgPNLqgS+dlH5nWoPgeaaNQ8="; diff --git a/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/tests/file.lock b/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/tests/file.lock new file mode 100644 index 000000000000..4881d83a7de9 --- /dev/null +++ b/nixpkgs/pkgs/build-support/node/fetch-yarn-deps/tests/file.lock @@ -0,0 +1,9 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +"@org/somepack@file:vendor/orgpacks/somepack/assets": + version "1.0.0" + +"otherpack@file:vendor/otherpack": + version "1.0.0" diff --git a/nixpkgs/pkgs/build-support/prefer-remote-fetch/default.nix b/nixpkgs/pkgs/build-support/prefer-remote-fetch/default.nix index a1f2d0c56cff..3257e7000fe3 100644 --- a/nixpkgs/pkgs/build-support/prefer-remote-fetch/default.nix +++ b/nixpkgs/pkgs/build-support/prefer-remote-fetch/default.nix @@ -11,9 +11,16 @@ # $ echo 'self: super: super.prefer-remote-fetch self super' > ~/.config/nixpkgs/overlays/prefer-remote-fetch.nix # self: super: { - fetchurl = args: super.fetchurl ({ preferLocalBuild = false; } // args); + binary-cache = args: super.binary-cache ({ preferLocalBuild = false; } // args); + buildenv = args: super.buildenv ({ preferLocalBuild = false; } // args); + fetchfossil = args: super.fetchfossil ({ preferLocalBuild = false; } // args); + fetchdocker = args: super.fetchdocker ({ preferLocalBuild = false; } // args); fetchgit = args: super.fetchgit ({ preferLocalBuild = false; } // args); + fetchgx = args: super.fetchgx ({ preferLocalBuild = false; } // args); fetchhg = args: super.fetchhg ({ preferLocalBuild = false; } // args); - fetchsvn = args: super.fetchsvn ({ preferLocalBuild = false; } // args); fetchipfs = args: super.fetchipfs ({ preferLocalBuild = false; } // args); + fetchrepoproject = args: super.fetchrepoproject ({ preferLocalBuild = false; } // args); + fetchs3 = args: super.fetchs3 ({ preferLocalBuild = false; } // args); + fetchsvn = args: super.fetchsvn ({ preferLocalBuild = false; } // args); + fetchurl = args: super.fetchurl ({ preferLocalBuild = false; } // args); } diff --git a/nixpkgs/pkgs/build-support/release/default.nix b/nixpkgs/pkgs/build-support/release/default.nix index d09f6c8568be..1cc6a5812f1f 100644 --- a/nixpkgs/pkgs/build-support/release/default.nix +++ b/nixpkgs/pkgs/build-support/release/default.nix @@ -88,7 +88,8 @@ rec { preferLocalBuild = true; _hydraAggregate = true; - phases = [ "unpackPhase" "patchPhase" "installPhase" ]; + dontConfigure = true; + dontBuild = true; patchPhase = lib.optionalString isNixOS '' touch .update-on-nixos-rebuild diff --git a/nixpkgs/pkgs/build-support/replace-secret/replace-secret.nix b/nixpkgs/pkgs/build-support/replace-secret/replace-secret.nix index 4881ba25f5d2..41f5cb042558 100644 --- a/nixpkgs/pkgs/build-support/replace-secret/replace-secret.nix +++ b/nixpkgs/pkgs/build-support/replace-secret/replace-secret.nix @@ -32,5 +32,6 @@ stdenv.mkDerivation { Since the secret is read from a file, it won't be leaked through '/proc/<pid>/cmdline', unlike when 'sed' or 'replace' is used. ''; + mainProgram = "replace-secret"; }; } diff --git a/nixpkgs/pkgs/build-support/singularity-tools/default.nix b/nixpkgs/pkgs/build-support/singularity-tools/default.nix index 9689e4124590..8d7ad9e742a1 100644 --- a/nixpkgs/pkgs/build-support/singularity-tools/default.nix +++ b/nixpkgs/pkgs/build-support/singularity-tools/default.nix @@ -111,7 +111,7 @@ rec { touch .${projectName}.d/env/94-appsbase.sh cd .. - mkdir -p /var/lib/${projectName}/mnt/{container,final,overlay,session,source} + mkdir -p /var/lib/${projectName}/mnt/session echo "root:x:0:0:System administrator:/root:/bin/sh" > /etc/passwd echo > /etc/resolv.conf TMPDIR=$(pwd -P) ${projectName} build $out ./img diff --git a/nixpkgs/pkgs/build-support/vm/default.nix b/nixpkgs/pkgs/build-support/vm/default.nix index 4ec5531192dc..1184d43ccb2c 100644 --- a/nixpkgs/pkgs/build-support/vm/default.nix +++ b/nixpkgs/pkgs/build-support/vm/default.nix @@ -1034,24 +1034,46 @@ rec { }; debian11i386 = { - name = "debian-11.6-bullseye-i386"; - fullName = "Debian 11.6 Bullseye (i386)"; + name = "debian-11.8-bullseye-i386"; + fullName = "Debian 11.8 Bullseye (i386)"; packagesList = fetchurl { - url = "https://snapshot.debian.org/archive/debian/20230131T034648Z/dists/bullseye/main/binary-i386/Packages.xz"; - hash = "sha256-z9eG7RlvelEnZAaeCfIO+XxTZVL3d+zTA7ShU43l/pw="; + url = "https://snapshot.debian.org/archive/debian/20231124T031419Z/dists/bullseye/main/binary-i386/Packages.xz"; + hash = "sha256-0bKSLLPhEC7FB5D1NA2jaQP0wTe/Qp1ddiA/NDVjRaI="; }; - urlPrefix = "https://snapshot.debian.org/archive/debian/20230131T034648Z"; + urlPrefix = "https://snapshot.debian.org/archive/debian/20231124T031419Z"; packages = commonDebianPackages; }; debian11x86_64 = { - name = "debian-11.6-bullseye-amd64"; - fullName = "Debian 11.6 Bullseye (amd64)"; + name = "debian-11.8-bullseye-amd64"; + fullName = "Debian 11.8 Bullseye (amd64)"; packagesList = fetchurl { - url = "https://snapshot.debian.org/archive/debian/20230131T034648Z/dists/bullseye/main/binary-amd64/Packages.xz"; - hash = "sha256-mz0eCWdn6uWt40OxsSPheHzEnMeLE52yR/vpb48/VF0="; + url = "https://snapshot.debian.org/archive/debian/20231124T031419Z/dists/bullseye/main/binary-amd64/Packages.xz"; + hash = "sha256-CYPsGgQgJZkh3JmbcAQkYDWP193qrkOADOgrMETZIeo="; }; - urlPrefix = "https://snapshot.debian.org/archive/debian/20230131T034648Z"; + urlPrefix = "https://snapshot.debian.org/archive/debian/20231124T031419Z"; + packages = commonDebianPackages; + }; + + debian12i386 = { + name = "debian-12.2-bookworm-i386"; + fullName = "Debian 12.2 Bookworm (i386)"; + packagesList = fetchurl { + url = "https://snapshot.debian.org/archive/debian/20231124T031419Z/dists/bookworm/main/binary-i386/Packages.xz"; + hash = "sha256-OeN9Q2HFM3GsPNhOa4VhM7qpwT66yUNwC+6Z8SbGEeQ="; + }; + urlPrefix = "https://snapshot.debian.org/archive/debian/20231124T031419Z"; + packages = commonDebianPackages; + }; + + debian12x86_64 = { + name = "debian-12.2-bookworm-amd64"; + fullName = "Debian 12.2 Bookworm (amd64)"; + packagesList = fetchurl { + url = "https://snapshot.debian.org/archive/debian/20231124T031419Z/dists/bookworm/main/binary-amd64/Packages.xz"; + hash = "sha256-SZDElRfe9BlBwDlajQB79Qdn08rv8whYoQDeVCveKVs="; + }; + urlPrefix = "https://snapshot.debian.org/archive/debian/20231124T031419Z"; packages = commonDebianPackages; }; }; |