Merge commit '63678e9f3d3afecfeafa0acead6239cdb447574c' into HEAD

Conflicts:
	nixpkgs/pkgs/build-support/rust/build-rust-package/default.nix

11 files changed, 58 insertions, 69 deletions

diff --git a/nixpkgs/pkgs/tools/security/bitwarden/default.nix b/nixpkgs/pkgs/tools/security/bitwarden/default.nix
index 41ce0d7e5e89..84ce6b59d787 100644
--- a/nixpkgs/pkgs/tools/security/bitwarden/default.nix
+++ b/nixpkgs/pkgs/tools/security/bitwarden/default.nix
@@ -1,9 +1,9 @@
 { lib
-, applyPatches
 , buildNpmPackage
 , cargo
+, copyDesktopItems
 , dbus
-, electron_24
+, electron_25
 , fetchFromGitHub
 , glib
 , gnome
@@ -26,36 +26,27 @@ let
   icon = "bitwarden";
 
   buildNpmPackage' = buildNpmPackage.override { nodejs = nodejs_18; };
-  electron = electron_24;
-
-  desktopItem = makeDesktopItem {
-    name = "bitwarden";
-    exec = "bitwarden %U";
-    inherit icon;
-    comment = description;
-    desktopName = "Bitwarden";
-    categories = [ "Utility" ];
-  };
+  electron = electron_25;
 in buildNpmPackage' rec {
   pname = "bitwarden";
-  version = "2023.9.0";
+  version = "2023.9.3";
 
   src = fetchFromGitHub {
     owner = "bitwarden";
     repo = "clients";
     rev = "desktop-v${version}";
-    hash = "sha256-8rNJmDpKLzTre5c2wktle7tthp1owZK5WAQP80/2R0g=";
+    hash = "sha256-NiMJmtCx+yD24BCyMgHLpRApNwoIJRps5qmmlVdB0G0=";
   };
 
   makeCacheWritable = true;
   npmWorkspace = "apps/desktop";
-  npmDepsHash = "sha256-0q3XoC87kfC2PYMsNse4DV8M8OXjckiLTdN3LK06lZY=";
+  npmDepsHash = "sha256-HQPxmATA9bUc4NTfvYsL6fGuicU9baySCmNHahs8EF4=";
 
   cargoDeps = rustPlatform.fetchCargoTarball {
     name = "${pname}-${version}";
     inherit src;
     sourceRoot = "${src.name}/${cargoRoot}";
-    hash = "sha256-YF3UHQWCSuWAg2frE8bo1XrLn44P6+1A7YUh4RZxwo0=";
+    hash = "sha256-mFxvK9cmSBRVnUwEbzADUa5W5TCL51wcUHxuR5JZwLE=";
   };
   cargoRoot = "apps/desktop/desktop_native";
 
@@ -63,6 +54,7 @@ in buildNpmPackage' rec {
 
   nativeBuildInputs = [
     cargo
+    copyDesktopItems
     jq
     makeWrapper
     moreutils
@@ -128,6 +120,8 @@ in buildNpmPackage' rec {
   '';
 
   installPhase = ''
+    runHook preInstall
+
     mkdir $out
 
     pushd apps/desktop/dist/linux-unpacked
@@ -141,9 +135,6 @@ in buildNpmPackage' rec {
       --set-default ELECTRON_IS_DEV 0 \
       --inherit-argv0
 
-    mkdir -p $out/share/applications
-    cp ${desktopItem}/share/applications/* $out/share/applications
-
     pushd apps/desktop/resources/icons
     for icon in *.png; do
       dir=$out/share/icons/hicolor/"''${icon%.png}"/apps
@@ -151,8 +142,21 @@ in buildNpmPackage' rec {
       cp "$icon" "$dir"/${icon}.png
     done
     popd
+
+    runHook postInstall
   '';
 
+  desktopItems = [
+    (makeDesktopItem {
+      name = "bitwarden";
+      exec = "bitwarden %U";
+      inherit icon;
+      comment = description;
+      desktopName = "Bitwarden";
+      categories = [ "Utility" ];
+    })
+  ];
+
   meta = {
     changelog = "https://github.com/bitwarden/clients/releases/tag/${src.rev}";
     inherit description;
diff --git a/nixpkgs/pkgs/tools/security/chain-bench/default.nix b/nixpkgs/pkgs/tools/security/chain-bench/default.nix
index 129c21b5d4b2..fef69399cc14 100644
--- a/nixpkgs/pkgs/tools/security/chain-bench/default.nix
+++ b/nixpkgs/pkgs/tools/security/chain-bench/default.nix
@@ -6,15 +6,15 @@
 
 buildGoModule rec {
   pname = "chain-bench";
-  version = "0.1.7";
+  version = "0.1.8";
 
   src = fetchFromGitHub {
     owner = "aquasecurity";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-UWP/S15s9k92RhH6xr0V544BHF4n9g+inN6Sdpja6uM=";
+    sha256 = "sha256-vQzxTOShxQGitZRCuR8izSxCkZdPWm2ohoXBOvAkwfw=";
   };
-  vendorHash = "sha256-R6V4dE2cNKcsBweSaUWjZHKnUQP/kADAbW2aTQc7TAg=";
+  vendorHash = "sha256-sAZIMJRx/E+l12Zyp/vKfuiaCMeaonRbEcsRIRXbXm8=";
 
   nativeBuildInputs = [ installShellFiles ];
 
diff --git a/nixpkgs/pkgs/tools/security/cnspec/default.nix b/nixpkgs/pkgs/tools/security/cnspec/default.nix
index 8d73e982e197..bcfadcc4da71 100644
--- a/nixpkgs/pkgs/tools/security/cnspec/default.nix
+++ b/nixpkgs/pkgs/tools/security/cnspec/default.nix
@@ -5,17 +5,17 @@
 
 buildGoModule rec {
   pname = "cnspec";
-  version = "8.23.2";
+  version = "9.2.3";
 
   src = fetchFromGitHub {
     owner = "mondoohq";
     repo = "cnspec";
     rev = "refs/tags/v${version}";
-    hash = "sha256-fqbqbKAj7NKtPXbL6iAI4o8Vpr7n6zp1WM72kQXj/H8=";
+    hash = "sha256-gCKmaioBko4UsfhPBcpVxHC7knhZGZU54HZFu/rHIbw=";
   };
 
   proxyVendor = true;
-  vendorHash = "sha256-+gTIBLNiXqcYXK0WGucwXXCBjkhkr5rrTjGKUuqn+mY=";
+  vendorHash = "sha256-YN1y+K/9EdZ7RlZRVWK/HEppZv/dX6XrkaqIlZVoC8c=";
 
   subPackages = [
     "apps/cnspec"
diff --git a/nixpkgs/pkgs/tools/security/cowpatty/default.nix b/nixpkgs/pkgs/tools/security/cowpatty/default.nix
index 934b31a35da6..2c6e0cfa414f 100644
--- a/nixpkgs/pkgs/tools/security/cowpatty/default.nix
+++ b/nixpkgs/pkgs/tools/security/cowpatty/default.nix
@@ -2,6 +2,7 @@
 , stdenv
 , clang
 , fetchFromGitHub
+, fetchpatch
 , installShellFiles
 , openssl
 , libpcap
@@ -18,6 +19,16 @@ stdenv.mkDerivation rec {
     sha256 = "0fvwwghhd7wsx0lw2dj9rdsjnirawnq3c6silzvhi0yfnzn5fs0s";
   };
 
+  patches = [
+    # Pull upstream fix for parallel builds:
+    #   https://github.com/joswr1ght/cowpatty/pull/5
+    (fetchpatch {
+      name = "fix-parallel.patch";
+      url = "https://github.com/joswr1ght/cowpatty/commit/9c8cc09c4fa90aebee44afcd0ad6a35539178478.patch";
+      hash = "sha256-k0Qht80HcjvPoxVPF6wAXwxN3d2mxBrEyeFGuU7w9eA=";
+    })
+  ];
+
   nativeBuildInputs = [
     clang
     installShellFiles
@@ -28,6 +39,8 @@ stdenv.mkDerivation rec {
     libpcap
   ];
 
+  enableParallelBuilding = true;
+
   makeFlags = [
     "DESTDIR=$(out)"
     "BINDIR=/bin"
diff --git a/nixpkgs/pkgs/tools/security/exploitdb/default.nix b/nixpkgs/pkgs/tools/security/exploitdb/default.nix
index 014b39f87c92..73a297548e70 100644
--- a/nixpkgs/pkgs/tools/security/exploitdb/default.nix
+++ b/nixpkgs/pkgs/tools/security/exploitdb/default.nix
@@ -6,13 +6,13 @@
 
 stdenv.mkDerivation rec {
   pname = "exploitdb";
-  version = "2023-10-21";
+  version = "2023-10-24";
 
   src = fetchFromGitLab {
     owner = "exploit-database";
     repo = pname;
     rev = "refs/tags/${version}";
-    hash = "sha256-Un8Wnctd8943JXA9GlKlaR2b6mP8BfcYLHSjxpysg3U=";
+    hash = "sha256-F3UPg7wBpm1iK2hZ9YOC4bRsvGHn7j4U5y4w7qpF+tM=";
   };
 
   nativeBuildInputs = [
diff --git a/nixpkgs/pkgs/tools/security/gau/default.nix b/nixpkgs/pkgs/tools/security/gau/default.nix
index 41c858ba9797..1a67b89855f9 100644
--- a/nixpkgs/pkgs/tools/security/gau/default.nix
+++ b/nixpkgs/pkgs/tools/security/gau/default.nix
@@ -5,16 +5,16 @@
 
 buildGoModule rec {
   pname = "gau";
-  version = "2.1.2";
+  version = "2.2.0";
 
   src = fetchFromGitHub {
     owner = "lc";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-z8JmMMob12wRTdpFoVbRHTDwet9AMXet49lHEDVVAnw=";
+    sha256 = "sha256-09Mf6KmTO3gper7txhvPZ/lb/cFOTDWicpu7+JrNrbo=";
   };
 
-  vendorHash = "sha256-HQATUCzYvhhlqe4HhNu9H4CqmY2IGLNJ9ydt3/igSmQ=";
+  vendorHash = "sha256-nhsGhuX5AJMHg+zQUt1G1TwVgMCxnuJ2T3uBrx7bJNs=";
 
   meta = with lib; {
     description = "Tool to fetch known URLs";
diff --git a/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix b/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix
index 778d3d786625..68c6a7dba953 100644
--- a/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix
+++ b/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix
@@ -5,14 +5,14 @@
 
 python3.pkgs.buildPythonApplication rec {
   pname = "ospd-openvas";
-  version = "22.6.0";
+  version = "22.6.1";
   format = "pyproject";
 
   src = fetchFromGitHub {
     owner = "greenbone";
     repo = "ospd-openvas";
     rev = "refs/tags/v${version}";
-    hash = "sha256-1538XMNnerhfV3xQ8/TyoztCfWnkRvy0p6QtKMQb2p4=";
+    hash = "sha256-Qm6TTS9yLqQHXsz19yJR3Ccyc+syxkrTJ7upSTXdXSE=";
   };
 
   pythonRelaxDeps = [
diff --git a/nixpkgs/pkgs/tools/security/pretender/default.nix b/nixpkgs/pkgs/tools/security/pretender/default.nix
index 9ea3918b3699..91452f34d62b 100644
--- a/nixpkgs/pkgs/tools/security/pretender/default.nix
+++ b/nixpkgs/pkgs/tools/security/pretender/default.nix
@@ -5,16 +5,16 @@
 
 buildGoModule rec {
   pname = "pretender";
-  version = "1.1.1";
+  version = "1.2.0";
 
   src = fetchFromGitHub {
     owner = "RedTeamPentesting";
     repo = pname;
     rev = "refs/tags/v${version}";
-    hash = "sha256-3i7zNzwURSNSleiW+KBkxdqBv9yshtBu1hLKtjWe9OE=";
+    hash = "sha256-adWdUlsReRptSgRAjNH9bWy9dpwpuAWtVxlbDL2pMmk=";
   };
 
-  vendorHash = "sha256-uw3mpf27OH5uNKmvCFcTw+YFoxVEqT4Fz/CSl9Wjbv0=";
+  vendorHash = "sha256-kDHRjd3Y90ocBGSJ0B2jAM9tO+iDSXoUOzLEWX2G0J4=";
 
   # Tests require network access
   doCheck = false;
diff --git a/nixpkgs/pkgs/tools/security/steamguard-cli/default.nix b/nixpkgs/pkgs/tools/security/steamguard-cli/default.nix
deleted file mode 100644
index 643a5ad07ef9..000000000000
--- a/nixpkgs/pkgs/tools/security/steamguard-cli/default.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ lib
-, rustPlatform
-, fetchFromGitHub
-}:
-
-rustPlatform.buildRustPackage rec {
-  pname = "steamguard-cli";
-  version = "0.12.2";
-
-  src = fetchFromGitHub {
-    owner = "dyc3";
-    repo = pname;
-    rev = "v${version}";
-    hash = "sha256-p3v7XiOXWH6F1oIiARr0K3sYOXCcNS97+THIG7k72wk=";
-  };
-
-  cargoHash = "sha256-qQA7UdtFqGPyCRHdV+FfbQFiPaOeW4rT4dYC3BeHDw0=";
-
-  meta = with lib; {
-    changelog = "https://github.com/dyc3/steamguard-cli/releases/tag/v${version}";
-    description = "A linux utility for generating 2FA codes for Steam and managing Steam trade confirmations.";
-    homepage = "https://github.com/dyc3/steamguard-cli";
-    license = with licenses; [ gpl3Only ];
-    mainProgram = "steamguard";
-    maintainers = with maintainers; [ surfaceflinger ];
-    platforms = platforms.linux;
-  };
-}
diff --git a/nixpkgs/pkgs/tools/security/trufflehog/default.nix b/nixpkgs/pkgs/tools/security/trufflehog/default.nix
index 2381638cd2e4..de2ec7dfb05a 100644
--- a/nixpkgs/pkgs/tools/security/trufflehog/default.nix
+++ b/nixpkgs/pkgs/tools/security/trufflehog/default.nix
@@ -7,16 +7,16 @@
 
 buildGoModule rec {
   pname = "trufflehog";
-  version = "3.60.1";
+  version = "3.60.3";
 
   src = fetchFromGitHub {
     owner = "trufflesecurity";
     repo = "trufflehog";
     rev = "refs/tags/v${version}";
-    hash = "sha256-aZA/nIntTiYXvZE6sAjYyWfkm842+O6pwPFUKfnDrY4=";
+    hash = "sha256-864bq0LK2lRWmbQ7JTGc9gtMsTnoKMLkjyEdTNUBFRg=";
   };
 
-  vendorHash = "sha256-axB0JcvGeiqz1dBKHknNqW3XzQWaLCHk6gsB9QV3PN8=";
+  vendorHash = "sha256-TNxZatI9l+dX2WI7SnTH975yrgyuB4VjTJOkaSr5mxc=";
 
   ldflags = [
     "-s"
diff --git a/nixpkgs/pkgs/tools/security/webanalyze/default.nix b/nixpkgs/pkgs/tools/security/webanalyze/default.nix
index cfce48228b57..3b49b496f62e 100644
--- a/nixpkgs/pkgs/tools/security/webanalyze/default.nix
+++ b/nixpkgs/pkgs/tools/security/webanalyze/default.nix
@@ -5,16 +5,16 @@
 
 buildGoModule rec {
   pname = "webanalyze";
-  version = "0.3.8";
+  version = "0.3.9";
 
   src = fetchFromGitHub {
     owner = "rverton";
     repo = pname;
     rev = "refs/tags/v${version}";
-    hash = "sha256-1z4hi9a/OzBXIMBk1f0JpPMV/kRgBnTQAEygIZqV+1w=";
+    hash = "sha256-uDf0p4zw23+AVftMmrKfno+FbMZfGC1B5zvutj8qnPg=";
   };
 
-  vendorHash = "sha256-kXtWYGsZUUhBNvkTOah3Z+ta118k6PXfpBx6MLr/pq0=";
+  vendorHash = "sha256-XPOsC+HoLytgv1fhAaO5HYSvuOP6OhjLyOYTfiD64QI=";
 
   meta = with lib; {
     description = "Tool to uncover technologies used on websites";