Merge master into staging-next

20 files changed, 161 insertions, 180 deletions

diff --git a/pkgs/tools/X11/xidlehook/default.nix b/pkgs/tools/X11/xidlehook/default.nix
index 89aff817f50e..67c6a594db75 100644
--- a/pkgs/tools/X11/xidlehook/default.nix
+++ b/pkgs/tools/X11/xidlehook/default.nix
@@ -1,9 +1,9 @@
-{ lib, stdenv, rustPlatform, fetchFromGitLab
+{ lib, stdenv, rustPlatform, fetchFromGitLab, python3
 , xlibsWrapper, xorg, libpulseaudio, pkgconfig, patchelf, Security }:
 
 rustPlatform.buildRustPackage rec {
   pname = "xidlehook";
-  version = "0.7.1";
+  version = "0.8.0";
 
   doCheck = false;
 
@@ -12,14 +12,14 @@ rustPlatform.buildRustPackage rec {
     repo = "xidlehook";
     rev = version;
 
-    sha256 = "04bb81iwxznkr1zq1q8dql9qklzm9qy7837a71b02ywp3fc6v5b2";
+    sha256 = "127b20y86xs2wq5ka236057nyrh87fgzhjqbl6azf002afnbsn5m";
   };
 
   cargoBuildFlags = lib.optionals (!stdenv.isLinux) ["--no-default-features" "--features" "pulse"];
-  cargoSha256 = "0xnz2s8vh5njqs4a1qm98ydh8pywxvnnpym0z94fsifyfdjlsfm4";
+  cargoSha256 = "0jdkcxvlw7s8pz1ka3d2w97356a2axvlwfgyh2dz7nmfzpjx64x0";
 
   buildInputs = [ xlibsWrapper xorg.libXScrnSaver libpulseaudio ] ++ lib.optional stdenv.isDarwin Security;
-  nativeBuildInputs = [ pkgconfig patchelf ];
+  nativeBuildInputs = [ pkgconfig patchelf python3 ];
 
   postFixup = lib.optionalString stdenv.isLinux ''
     RPATH="$(patchelf --print-rpath $out/bin/xidlehook)"
diff --git a/pkgs/tools/admin/aws-google-auth/default.nix b/pkgs/tools/admin/aws-google-auth/default.nix
index 0fc001d5a19b..e878369f1770 100644
--- a/pkgs/tools/admin/aws-google-auth/default.nix
+++ b/pkgs/tools/admin/aws-google-auth/default.nix
@@ -19,7 +19,7 @@
 
 buildPythonApplication rec {
   pname = "aws-google-auth";
-  version = "0.0.32";
+  version = "0.0.33";
 
   # Pypi doesn't ship the tests, so we fetch directly from GitHub
   # https://github.com/cevoaustralia/aws-google-auth/issues/120
@@ -27,7 +27,7 @@ buildPythonApplication rec {
     owner = "cevoaustralia";
     repo = "aws-google-auth";
     rev = version;
-    sha256 = "0blsvdkb28g1s3c7f8brjjai7lq9ij76xqr5z6zlxxafc4qqwhh3";
+    sha256 = "07sisv7b17bpjwikmm9zpxn3l3xpzywsbxi4brri2hdjmjb6p7w7";
   };
 
   propagatedBuildInputs = [ 
diff --git a/pkgs/tools/admin/fbvnc/default.nix b/pkgs/tools/admin/fbvnc/default.nix
new file mode 100644
index 000000000000..ec32b5f0a268
--- /dev/null
+++ b/pkgs/tools/admin/fbvnc/default.nix
@@ -0,0 +1,30 @@
+{stdenv, fetchFromGitHub}:
+stdenv.mkDerivation rec {
+  name = "${pname}-${version}";
+  pname = "fbvnc";
+  version = "1.0.2";
+
+  src = fetchFromGitHub {
+    owner = "zohead";
+    repo = pname;
+    sha256 = "0lkr4j1wsa05av2g9w99rr9w4j4k7a21vp36x0a3h50y8bmgwgm1";
+    rev = "783204ff6c92afec33d6d36f7e74f1fcf2b1b601";
+  };
+
+  buildInputs = [];
+
+  installPhase = ''
+    mkdir -p "$out/bin"
+    cp fbvnc "$out/bin"
+    mkdir -p "$out/share/doc/${pname}"
+    cp README* "$out/share/doc/${pname}"
+  '';
+
+  meta = {
+    description = "Framebuffer VNC client";
+    license = stdenv.lib.licenses.bsd3;
+    maintainers = [stdenv.lib.maintainers.raskin];
+    platforms = stdenv.lib.platforms.linux;
+    homepage = "https://github.com/zohead/fbvnc/";
+  };
+}
diff --git a/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15678.patch b/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15678.patch
new file mode 100644
index 000000000000..cd65d2fb5dd9
--- /dev/null
+++ b/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15678.patch
@@ -0,0 +1,18 @@
+Adapted from https://github.com/LibVNC/libvncserver/commit/c5ba3fee85a7ecbbca1df5ffd46d32b92757bc2a
+diff --git a/vncviewer/rfbproto.c b/vncviewer/rfbproto.c
+index 04b0230..47a6863 100644
+--- a/vncviewer/rfbproto.c
++++ b/vncviewer/rfbproto.c
+@@ -1217,6 +1217,12 @@ HandleRFBServerMessage()
+     if (serverCutText)
+       free(serverCutText);
+ 
++    if (msg.sct.length > 1<<20) {
++      fprintf(stderr,"Ignoring too big cut text length sent by server: %u B > 1 MB\n",
++              (unsigned int)msg.sct.length);
++      return False;
++    }
++
+     serverCutText = malloc(msg.sct.length+1);
+ 
+     if (!ReadFromRFBServer(serverCutText, msg.sct.length))
diff --git a/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15679.patch b/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15679.patch
new file mode 100644
index 000000000000..6d7b3e89e0c4
--- /dev/null
+++ b/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15679.patch
@@ -0,0 +1,19 @@
+Adapted from https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7
+diff --git a/vncviewer/rfbproto.c b/vncviewer/rfbproto.c
+index 04b0230..bd11b54 100644
+--- a/vncviewer/rfbproto.c
++++ b/vncviewer/rfbproto.c
+@@ -303,7 +303,12 @@ InitialiseRFBConnection(void)
+   si.format.blueMax = Swap16IfLE(si.format.blueMax);
+   si.nameLength = Swap32IfLE(si.nameLength);
+ 
+-  /* FIXME: Check arguments to malloc() calls. */
++  if (si.nameLength > 1<<20) {
++    fprintf(stderr, "Too big desktop name length sent by server: %lu B > 1 MB\n",
++            (unsigned long)si.nameLength);
++    return False;
++  }
++
+   desktopName = malloc(si.nameLength + 1);
+   if (!desktopName) {
+     fprintf(stderr, "Error allocating memory for desktop name, %lu bytes\n",
diff --git a/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15680.patch b/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15680.patch
new file mode 100644
index 000000000000..7426a2b58b10
--- /dev/null
+++ b/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15680.patch
@@ -0,0 +1,16 @@
+diff --git a/vncviewer/zlib.c b/vncviewer/zlib.c
+index 80c4eee..76998d8 100644
+--- a/vncviewer/zlib.c
++++ b/vncviewer/zlib.c
+@@ -55,6 +55,11 @@ HandleZlibBPP (int rx, int ry, int rw, int rh)
+     raw_buffer_size = (( rw * rh ) * ( BPP / 8 ));
+     raw_buffer = (char*) malloc( raw_buffer_size );
+ 
++    if ( raw_buffer == NULL ) {
++      fprintf(stderr,
++              "couldn't allocate raw_buffer in HandleZlibBPP");
++      return False;
++    }
+   }
+ 
+   if (!ReadFromRFBServer((char *)&hdr, sz_rfbZlibHeader))
diff --git a/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-8287.patch b/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-8287.patch
new file mode 100644
index 000000000000..5bfd1b9ea87f
--- /dev/null
+++ b/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-8287.patch
@@ -0,0 +1,14 @@
+Adapted from https://github.com/LibVNC/libvncserver/commit/7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
+diff --git a/vncviewer/corre.c b/vncviewer/corre.c
+index c846a10..a4c272d 100644
+--- a/vncviewer/corre.c
++++ b/vncviewer/corre.c
+@@ -56,7 +56,7 @@ HandleCoRREBPP (int rx, int ry, int rw, int rh)
+     XChangeGC(dpy, gc, GCForeground, &gcv);
+     XFillRectangle(dpy, desktopWin, gc, rx, ry, rw, rh);
+ 
+-    if (!ReadFromRFBServer(buffer, hdr.nSubrects * (4 + (BPP / 8))))
++    if (hdr.nSubrects > BUFFER_SIZE / (4 + (BPP / 8)) || !ReadFromRFBServer(buffer, hdr.nSubrects * (4 + (BPP / 8))))
+ 	return False;
+ 
+     ptr = (CARD8 *)buffer;
diff --git a/pkgs/tools/admin/tightvnc/default.nix b/pkgs/tools/admin/tightvnc/default.nix
index 5a76b500d149..1a65c31102e9 100644
--- a/pkgs/tools/admin/tightvnc/default.nix
+++ b/pkgs/tools/admin/tightvnc/default.nix
@@ -9,6 +9,13 @@ stdenv.mkDerivation {
     sha256 = "f48c70fea08d03744ae18df6b1499976362f16934eda3275cead87baad585c0d";
   };
 
+  patches = [
+    ./1.3.10-CVE-2019-15678.patch
+    ./1.3.10-CVE-2019-15679.patch
+    ./1.3.10-CVE-2019-15680.patch
+    ./1.3.10-CVE-2019-8287.patch
+  ];
+
   # for the builder script
   inherit fontDirectories;
 
diff --git a/pkgs/tools/audio/acoustid-fingerprinter/default.nix b/pkgs/tools/audio/acoustid-fingerprinter/default.nix
index acd205a30de1..7b92b973df4c 100644
--- a/pkgs/tools/audio/acoustid-fingerprinter/default.nix
+++ b/pkgs/tools/audio/acoustid-fingerprinter/default.nix
@@ -13,7 +13,7 @@ stdenv.mkDerivation rec {
   nativeBuildInputs = [ pkgconfig ];
   buildInputs = [ cmake qt4 taglib chromaprint ffmpeg ];
 
-  cmakeFlags = [ "-DTAGLIB_MIN_VERSION=${(builtins.parseDrvName taglib.name).version}" ];
+  cmakeFlags = [ "-DTAGLIB_MIN_VERSION=${stdenv.lib.getVersion taglib}" ];
 
   patches = [
     (fetchpatch {
diff --git a/pkgs/tools/filesystems/dislocker/default.nix b/pkgs/tools/filesystems/dislocker/default.nix
index 81faed5bfa8d..cf87f9ca98e0 100644
--- a/pkgs/tools/filesystems/dislocker/default.nix
+++ b/pkgs/tools/filesystems/dislocker/default.nix
@@ -1,14 +1,14 @@
-{ stdenv, fetchFromGitHub
+{ stdenv
+, fetchFromGitHub
 , cmake
-, polarssl , fuse
+, mbedtls
+, fuse
 }:
-with stdenv.lib;
-let
-  version = "0.7.1";
-in
-stdenv.mkDerivation {
+
+
+stdenv.mkDerivation rec {
   pname = "dislocker";
-  inherit version;
+  version = "0.7.1";
 
   src = fetchFromGitHub {
     owner = "aorimn";
@@ -17,9 +17,10 @@ stdenv.mkDerivation {
     sha256 = "1crh2sg5x1kgqmdrl1nmrqwxjykxa4zwnbggcpdn97mj2gvdw7sb";
   };
 
-  buildInputs = [ cmake fuse polarssl ];
+  nativeBuildInputs = [ cmake ];
+  buildInputs = [ fuse mbedtls ];
 
-  meta = {
+  meta = with stdenv.lib; {
     description = "Read BitLocker encrypted partitions in Linux";
     homepage    = https://github.com/aorimn/dislocker;
     license     = licenses.gpl2;
diff --git a/pkgs/tools/inputmethods/ibus/wrapper.nix b/pkgs/tools/inputmethods/ibus/wrapper.nix
index 3196c5b4e8ac..1b14629d2830 100644
--- a/pkgs/tools/inputmethods/ibus/wrapper.nix
+++ b/pkgs/tools/inputmethods/ibus/wrapper.nix
@@ -3,7 +3,7 @@
 }:
 
 let
-  name = "ibus-with-plugins-" + (builtins.parseDrvName ibus.name).version;
+  name = "ibus-with-plugins-" + stdenv.lib.getVersion ibus;
   env = {
     buildInputs = [ ibus ] ++ plugins;
     nativeBuildInputs = [ lndir makeWrapper ];
diff --git a/pkgs/tools/misc/bandwidth/default.nix b/pkgs/tools/misc/bandwidth/default.nix
index 3b5e72c89f7f..b4cbc747b1dc 100644
--- a/pkgs/tools/misc/bandwidth/default.nix
+++ b/pkgs/tools/misc/bandwidth/default.nix
@@ -11,11 +11,11 @@ let
 in
 stdenv.mkDerivation rec {
   pname = "bandwidth";
-  version = "1.5.1";
+  version = "1.9.3";
 
   src = fetchurl {
     url = "https://zsmith.co/archives/${pname}-${version}.tar.gz";
-    sha256 = "1v9k1a2ilkbhc3viyacgq88c9if60kwsd1fy6rn84317qap4i7ib";
+    sha256 = "0zpv2qgkbak0llw47qcakhyh2z3zv4d69kasldmpdlpqryd9za84";
   };
 
   buildInputs = [ nasm ];
diff --git a/pkgs/tools/misc/bibutils/default.nix b/pkgs/tools/misc/bibutils/default.nix
index d84c6ebaabc6..d099a8aba9b0 100644
--- a/pkgs/tools/misc/bibutils/default.nix
+++ b/pkgs/tools/misc/bibutils/default.nix
@@ -2,11 +2,11 @@
 
 stdenv.mkDerivation rec {
   pname = "bibutils";
-  version = "6.7";
+  version = "6.8";
 
   src = fetchurl {
     url = "mirror://sourceforge/bibutils/bibutils_${version}_src.tgz";
-    sha256 = "072cmhv692nk1lfcwmaqid5gpg8q4jc4vai5ss8lj72zms32p882";
+    sha256 = "1n28fjrl7zxjxvcqzmrc9xj8ly6nkxviimxbzamj8dslnkzpzqw1";
   };
 
   configureFlags = [ "--dynamic" "--install-dir" "$(out)/bin" "--install-lib" "$(out)/lib" ];
diff --git a/pkgs/tools/misc/calamares/default.nix b/pkgs/tools/misc/calamares/default.nix
index 4adadbf47071..1fd76eb4db64 100644
--- a/pkgs/tools/misc/calamares/default.nix
+++ b/pkgs/tools/misc/calamares/default.nix
@@ -6,12 +6,12 @@
 
 mkDerivation rec {
   pname = "calamares";
-  version = "3.2.15";
+  version = "3.2.16";
 
   # release including submodule
   src = fetchurl {
     url = "https://github.com/${pname}/${pname}/releases/download/v${version}/${pname}-${version}.tar.gz";
-    sha256 = "0m2z34vgcqaf1yfa2919v3mz9b0q43mihz6di5kg62h6swaaanxd";
+    sha256 = "0ygmw03n8knczq9a9whslxcpmgyz0ksqwl0k8f7hyf96b9n8inc2";
   };
 
   buildInputs = [
diff --git a/pkgs/tools/misc/diffoscope/default.nix b/pkgs/tools/misc/diffoscope/default.nix
index 1e15d9f0fe08..29d3e40eee47 100644
--- a/pkgs/tools/misc/diffoscope/default.nix
+++ b/pkgs/tools/misc/diffoscope/default.nix
@@ -9,11 +9,11 @@
 # Note: when upgrading this package, please run the list-missing-tools.sh script as described below!
 python3Packages.buildPythonApplication rec {
   pname = "diffoscope";
-  version = "129";
+  version = "131";
 
   src = fetchurl {
     url    = "https://diffoscope.org/archive/diffoscope-${version}.tar.bz2";
-    sha256 = "11llxk3nwz38ildypvi3djip650a3pd7m3c74mpgvi8v00rs1ca9";
+    sha256 = "1lqzm523pzxqj6xfm00z61d263w714d90sn6rfyh2npb8q95gfdn";
   };
 
   patches = [
diff --git a/pkgs/tools/misc/mongodb-compass/default.nix b/pkgs/tools/misc/mongodb-compass/default.nix
index 25d7eaba55ed..95c87cb35fc6 100644
--- a/pkgs/tools/misc/mongodb-compass/default.nix
+++ b/pkgs/tools/misc/mongodb-compass/default.nix
@@ -1,6 +1,6 @@
 { stdenv, fetchurl, dpkg
 , alsaLib, atk, cairo, cups, curl, dbus, expat, fontconfig, freetype, glib
-, gnome2, gnome3, libnotify, libxcb, nspr, nss, systemd, xorg }:
+, gnome2, gnome3, libnotify, libxcb, nspr, nss, systemd, xorg, wrapGAppsHook }:
 
 let
 
@@ -57,7 +57,7 @@ in stdenv.mkDerivation {
 
   inherit src;
 
-  buildInputs = [ dpkg ];
+  buildInputs = [ dpkg wrapGAppsHook gnome3.gtk ];
   dontUnpack = true;
 
   buildCommand = ''
@@ -76,6 +76,7 @@ in stdenv.mkDerivation {
       patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" "$file" || true
       patchelf --set-rpath ${rpath}:$out/share/mongodb-compass "$file" || true
     done
+    wrapGAppsHook $out/bin/mongodb-compass
   '';
 
   meta = with stdenv.lib; {
diff --git a/pkgs/tools/misc/tensorman/default.nix b/pkgs/tools/misc/tensorman/default.nix
new file mode 100644
index 000000000000..97912b3c5fa1
--- /dev/null
+++ b/pkgs/tools/misc/tensorman/default.nix
@@ -0,0 +1,24 @@
+{ pkgconfig, stdenv, rustPlatform, rustc, cargo, docker, openssl, fetchFromGitHub }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "tensorman";
+  version = "0.1.0";
+
+  src = fetchFromGitHub {
+    owner = "pop-os";
+    repo = "tensorman";
+    rev = version;
+    sha256 = "0ywb53snvymmwh10hm6whckz7dwmpqa4rxiggd24y178jdfrm2ns";
+  };
+
+  buildInputs = [ pkgconfig openssl ];
+  cargoSha256 = "1gh5w6zzrvjk60bqaf355fagijy723rvmqjh4laksd96pmzdfwn9";
+
+  meta = with stdenv.lib; {
+    description = "Utility for easy management of Tensorflow containers";
+    homepage = "https://github.com/pop-os/tensorman/";
+    license = stdenv.lib.licenses.gpl3;
+    platforms =  [ "x86_64-linux" ];
+    maintainers = with maintainers; [ thefenriswolf ];
+  };
+}
diff --git a/pkgs/tools/networking/iperf/3.nix b/pkgs/tools/networking/iperf/3.nix
index 4e2c27e2d409..c59eb09f4c5c 100644
--- a/pkgs/tools/networking/iperf/3.nix
+++ b/pkgs/tools/networking/iperf/3.nix
@@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
     homepage = http://software.es.net/iperf/;
     description = "Tool to measure IP bandwidth using UDP or TCP";
     platforms = platforms.unix;
-    license = "as-is";
+    license = licenses.bsd3;
     maintainers = with maintainers; [ fpletz ];
   };
 }
diff --git a/pkgs/tools/security/afl/libdislocator.nix b/pkgs/tools/security/afl/libdislocator.nix
index 47e74573b81f..415fa82f2ec6 100644
--- a/pkgs/tools/security/afl/libdislocator.nix
+++ b/pkgs/tools/security/afl/libdislocator.nix
@@ -1,7 +1,7 @@
 { stdenv, afl}:
 
 stdenv.mkDerivation {
-  version = (builtins.parseDrvName afl.name).version;
+  version = stdenv.lib.getVersion afl;
   pname = "libdislocator";
 
   src = afl.src;
diff --git a/pkgs/tools/system/osquery/default.nix b/pkgs/tools/system/osquery/default.nix
deleted file mode 100644
index c34b53c1e62d..000000000000
--- a/pkgs/tools/system/osquery/default.nix
+++ /dev/null
@@ -1,149 +0,0 @@
-{ stdenv, lib, fetchFromGitHub, pkgconfig, cmake, python
-, udev, audit, aws-sdk-cpp, cryptsetup, lvm2, libgcrypt, libarchive
-, libgpgerror, libuuid, iptables, dpkg, lzma, bzip2, rpm
-, beecrypt, augeas, libxml2, sleuthkit, yara, lldpd, gflags
-, thrift, boost, rocksdb_lite, glog, gbenchmark, snappy
-, openssl, file, doxygen
-, gtest, fpm, zstd, rdkafka, rapidjson, fetchgit, fetchurl, libelfin
-, smartmontools, which, git, cscope, ctags, ssdeep
-}:
-
-let
-  overrides = {
-    # use older `lvm2` source for osquery, the 2.03 sourcetree
-    # will break osquery due to the lacking header `lvm2app.h`.
-    #
-    # https://github.com/NixOS/nixpkgs/pull/51756#issuecomment-446035295
-    lvm2 = lvm2.overrideAttrs (old: rec {
-      name = "lvm2-${version}";
-      version = "2.02.183";
-      src = fetchgit {
-        url = "git://sourceware.org/git/lvm2.git";
-        rev = "v${version}";
-        sha256 = "1ny3srcsxd6kj59zq1cman5myj8kzw010wbyc6mrpk4kp823r5nx";
-      };
-    });
-
-    # use smartmontools fork to programatically retrieve SMART information.
-    # https://github.com/facebook/osquery/pull/4133
-    smartmontools = smartmontools.overrideAttrs (old: rec {
-      name = "smartmontools-${version}";
-      version = "0.3.1";
-      src = fetchFromGitHub {
-        owner = "allanliu";
-        repo = "smartmontools";
-        rev = "v${version}";
-        sha256 = "1i72fk2ranrky02h7nh9l3va4kjzj0lx1gr477zkxd44wf3w0pjf";
-      };
-
-      # Apple build fix doesn't apply here and isn't needed as we
-      # only support `osquery` on Linux.
-      patches = [];
-    });
-
-    # dpkg 1.19.2 dropped api in `<dpkg/dpkg-db.h>` which breaks compilation.
-    dpkg = dpkg.overrideAttrs (old: rec {
-      name = "dpkg-${version}";
-      version = "1.19.0.5";
-      src = fetchurl {
-        url = "mirror://debian/pool/main/d/dpkg/dpkg_${version}.tar.xz";
-        sha256 = "1dc5kp3fqy1k66fly6jfxkkg7w6d0jy8szddpfyc2xvzga94d041";
-      };
-    });
-
-    # filter out static linking configuration to avoid that the library will
-    # be linked both statically and dynamically.
-    gflags = gflags.overrideAttrs (old: {
-      cmakeFlags = stdenv.lib.filter (f: (builtins.match ".*STATIC.*" f) == null) old.cmakeFlags;
-    });
-  };
-in
-
-stdenv.mkDerivation rec {
-  pname = "osquery";
-  version = "3.3.2";
-
-  # this is what `osquery --help` will show as the version.
-  OSQUERY_BUILD_VERSION = version;
-  OSQUERY_PLATFORM = "NixOS;";
-
-  src = fetchFromGitHub {
-    owner = "facebook";
-    repo = pname;
-    rev = version;
-    sha256 = "0nrwmzmbziacs3y0nljyc73bibr3w68myjpfwkicg9zgkq4qihij";
-  };
-
-  patches = [ ./0001-Fix-CMake-configuration-for-Nix.patch ];
-
-  NIX_CFLAGS_COMPILE = [
-    "-I${libxml2.dev}/include/libxml2"
-  ];
-
-  nativeBuildInputs = [ python which git cscope ctags cmake pkgconfig doxygen fpm ]
-    ++ (with python.pkgs; [ jinja2 ]);
-
-  buildInputs = [
-    udev
-    audit
-    (aws-sdk-cpp.override {
-      apis = [ "firehose" "kinesis" "sts" "ec2" ];
-      customMemoryManagement = false;
-    })
-    overrides.lvm2
-    libgcrypt
-    libarchive
-    libgpgerror
-    libuuid
-    iptables
-    overrides.dpkg
-    lzma
-    bzip2
-    rpm
-    beecrypt
-    augeas
-    libxml2
-    sleuthkit
-    yara
-    lldpd
-    overrides.gflags
-    thrift
-    boost
-    glog
-    gbenchmark
-    snappy
-    openssl
-    file
-    cryptsetup
-    gtest
-    zstd
-    rdkafka
-    rapidjson
-    rocksdb_lite
-    libelfin
-    ssdeep
-    overrides.smartmontools
-  ];
-
-  cmakeFlags = [ "-DSKIP_TESTS=1" ];
-
-  preConfigure = ''
-    cp -r ${fetchFromGitHub {
-      owner = "osquery";
-      repo = "third-party";
-      rev = "32e01462fbea75d3b1904693f937dfd62eaced15";
-      sha256 = "0va24gmgk43a1lyjs63q9qrhvpv8gmqjzpjr5595vhr16idv8wyf";
-    }}/* third-party
-
-    chmod +w -R third-party
-  '';
-
-  meta = with lib; {
-    description = "SQL powered operating system instrumentation, monitoring, and analytics";
-    homepage = https://osquery.io/;
-    license = licenses.bsd3;
-    platforms = platforms.linux;
-    maintainers = with maintainers; [ cstrahan ma27 ];
-    broken = true;
-  };
-}