diff options
42 files changed, 1135 insertions, 344 deletions
diff --git a/lib/path/default.nix b/lib/path/default.nix index 075e2fc0d137..a4a08668ae62 100644 --- a/lib/path/default.nix +++ b/lib/path/default.nix @@ -15,6 +15,9 @@ let last genList elemAt + all + concatMap + foldl' ; inherit (lib.strings) @@ -190,6 +193,80 @@ in /* No rec! Add dependencies on this file at the top. */ { subpathInvalidReason value == null; + /* Join subpath strings together using `/`, returning a normalised subpath string. + + Like `concatStringsSep "/"` but safer, specifically: + + - All elements must be valid subpath strings, see `lib.path.subpath.isValid` + + - The result gets normalised, see `lib.path.subpath.normalise` + + - The edge case of an empty list gets properly handled by returning the neutral subpath `"./."` + + Laws: + + - Associativity: + + subpath.join [ x (subpath.join [ y z ]) ] == subpath.join [ (subpath.join [ x y ]) z ] + + - Identity - `"./."` is the neutral element for normalised paths: + + subpath.join [ ] == "./." + subpath.join [ (subpath.normalise p) "./." ] == subpath.normalise p + subpath.join [ "./." (subpath.normalise p) ] == subpath.normalise p + + - Normalisation - the result is normalised according to `lib.path.subpath.normalise`: + + subpath.join ps == subpath.normalise (subpath.join ps) + + - For non-empty lists, the implementation is equivalent to normalising the result of `concatStringsSep "/"`. + Note that the above laws can be derived from this one. + + ps != [] -> subpath.join ps == subpath.normalise (concatStringsSep "/" ps) + + Type: + subpath.join :: [ String ] -> String + + Example: + subpath.join [ "foo" "bar/baz" ] + => "./foo/bar/baz" + + # normalise the result + subpath.join [ "./foo" "." "bar//./baz/" ] + => "./foo/bar/baz" + + # passing an empty list results in the current directory + subpath.join [ ] + => "./." + + # elements must be valid subpath strings + subpath.join [ /foo ] + => <error> + subpath.join [ "" ] + => <error> + subpath.join [ "/foo" ] + => <error> + subpath.join [ "../foo" ] + => <error> + */ + subpath.join = + # The list of subpaths to join together + subpaths: + # Fast in case all paths are valid + if all isValid subpaths + then joinRelPath (concatMap splitRelPath subpaths) + else + # Otherwise we take our time to gather more info for a better error message + # Strictly go through each path, throwing on the first invalid one + # Tracks the list index in the fold accumulator + foldl' (i: path: + if isValid path + then i + 1 + else throw '' + lib.path.subpath.join: Element at index ${toString i} is not a valid subpath string: + ${subpathInvalidReason path}'' + ) 0 subpaths; + /* Normalise a subpath. Throw an error if the subpath isn't valid, see `lib.path.subpath.isValid` diff --git a/lib/path/tests/unit.nix b/lib/path/tests/unit.nix index a1a45173a909..61c4ab4d6f2e 100644 --- a/lib/path/tests/unit.nix +++ b/lib/path/tests/unit.nix @@ -107,6 +107,36 @@ let expected = true; }; + # Test examples from the lib.path.subpath.join documentation + testSubpathJoinExample1 = { + expr = subpath.join [ "foo" "bar/baz" ]; + expected = "./foo/bar/baz"; + }; + testSubpathJoinExample2 = { + expr = subpath.join [ "./foo" "." "bar//./baz/" ]; + expected = "./foo/bar/baz"; + }; + testSubpathJoinExample3 = { + expr = subpath.join [ ]; + expected = "./."; + }; + testSubpathJoinExample4 = { + expr = (builtins.tryEval (subpath.join [ /foo ])).success; + expected = false; + }; + testSubpathJoinExample5 = { + expr = (builtins.tryEval (subpath.join [ "" ])).success; + expected = false; + }; + testSubpathJoinExample6 = { + expr = (builtins.tryEval (subpath.join [ "/foo" ])).success; + expected = false; + }; + testSubpathJoinExample7 = { + expr = (builtins.tryEval (subpath.join [ "../foo" ])).success; + expected = false; + }; + # Test examples from the lib.path.subpath.normalise documentation testSubpathNormaliseExample1 = { expr = subpath.normalise "foo//bar"; diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index 97ac092c9a0b..b5e157cdb76e 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -71,6 +71,10 @@ In addition to numerous new and upgraded packages, this release has the followin - [nimdow](https://github.com/avahe-kellenberger/nimdow), a window manager written in Nim, inspired by dwm. +- [woodpecker-agent](https://woodpecker-ci.org/), a simple CI engine with great extensibility. Available as [services.woodpecker-agent](#opt-services.woodpecker-agent.enable). + +- [woodpecker-server](https://woodpecker-ci.org/), a simple CI engine with great extensibility. Available as [services.woodpecker-server](#opt-services.woodpecker-server.enable). + ## Backward Incompatibilities {#sec-release-23.05-incompatibilities} <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 60f3bbc98c0c..314d67419b7f 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -377,6 +377,8 @@ ./services/continuous-integration/jenkins/default.nix ./services/continuous-integration/jenkins/job-builder.nix ./services/continuous-integration/jenkins/slave.nix + ./services/continuous-integration/woodpecker/agent.nix + ./services/continuous-integration/woodpecker/server.nix ./services/databases/aerospike.nix ./services/databases/cassandra.nix ./services/databases/clickhouse.nix diff --git a/nixos/modules/services/continuous-integration/woodpecker/agent.nix b/nixos/modules/services/continuous-integration/woodpecker/agent.nix new file mode 100644 index 000000000000..1aedec81c965 --- /dev/null +++ b/nixos/modules/services/continuous-integration/woodpecker/agent.nix @@ -0,0 +1,99 @@ +{ config +, lib +, pkgs +, ... +}: + +let + cfg = config.services.woodpecker-agent; +in +{ + meta.maintainers = [ lib.maintainers.janik ]; + + options = { + services.woodpecker-agent = { + enable = lib.mkEnableOption (lib.mdDoc "the Woodpecker-Agent, Agents execute tasks generated by a Server, every install will need one server and at least one agent"); + package = lib.mkPackageOptionMD pkgs "woodpecker-agent" { }; + + environment = lib.mkOption { + default = { }; + type = lib.types.attrsOf lib.types.str; + example = lib.literalExpression '' + { + WOODPECKER_SERVER = "localhost:9000"; + WOODPECKER_BACKEND = "docker"; + DOCKER_HOST = "unix:///run/podman/podman.sock"; + } + ''; + description = lib.mdDoc "woodpecker-agent config envrionment variables, for other options read the [documentation](https://woodpecker-ci.org/docs/administration/agent-config)"; + }; + + extraGroups = lib.mkOption { + default = null; + type = lib.types.nullOr (lib.types.listOf lib.types.str); + example = [ "podman" ]; + description = lib.mdDoc '' + Additional groups for the systemd service. + ''; + }; + + environmentFile = lib.mkOption { + type = lib.types.nullOr lib.types.path; + default = null; + example = "/root/woodpecker-agent.env"; + description = lib.mdDoc '' + File to load environment variables + from. This is helpful for specifying secrets. + Example content of environmentFile: + ``` + WOODPECKER_AGENT_SECRET=your-shared-secret-goes-here + ``` + ''; + }; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services = { + woodpecker-agent = { + description = "Woodpecker-Agent Service"; + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + serviceConfig = { + DynamicUser = true; + SupplementaryGroups = lib.optionals (cfg.extraGroups != null) cfg.extraGroups; + EnvironmentFile = lib.optional (cfg.environmentFile != null) cfg.environmentFile; + ExecStart = "${cfg.package}/bin/woodpecker-agent"; + Restart = "on-failure"; + RestartSec = 15; + CapabilityBoundingSet = ""; + # Security + NoNewPrivileges = true; + # Sandboxing + ProtectSystem = "strict"; + PrivateTmp = true; + PrivateDevices = true; + PrivateUsers = true; + ProtectHostname = true; + ProtectClock = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectKernelLogs = true; + ProtectControlGroups = true; + RestrictAddressFamilies = [ "AF_UNIX AF_INET AF_INET6" ]; + LockPersonality = true; + MemoryDenyWriteExecute = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + PrivateMounts = true; + # System Call Filtering + SystemCallArchitectures = "native"; + SystemCallFilter = "~@clock @privileged @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @setuid @swap"; + }; + inherit (cfg) environment; + }; + }; + }; +} + diff --git a/nixos/modules/services/continuous-integration/woodpecker/server.nix b/nixos/modules/services/continuous-integration/woodpecker/server.nix new file mode 100644 index 000000000000..6b4e4732465c --- /dev/null +++ b/nixos/modules/services/continuous-integration/woodpecker/server.nix @@ -0,0 +1,98 @@ +{ config +, lib +, pkgs +, ... +}: + +let + cfg = config.services.woodpecker-server; +in +{ + meta.maintainers = [ lib.maintainers.janik ]; + + + options = { + services.woodpecker-server = { + enable = lib.mkEnableOption (lib.mdDoc "the Woodpecker-Server, a CI/CD application for automatic builds, deployments and tests"); + package = lib.mkPackageOptionMD pkgs "woodpecker-server" { }; + environment = lib.mkOption { + default = { }; + type = lib.types.attrsOf lib.types.str; + example = lib.literalExpression + '' + { + WOODPECKER_HOST = "https://woodpecker.example.com"; + WOODPECKER_OPEN = "true"; + WOODPECKER_GITEA = "true"; + WOODPECKER_GITEA_CLIENT = "ffffffff-ffff-ffff-ffff-ffffffffffff"; + WOODPECKER_GITEA_URL = "https://git.example.com"; + } + ''; + description = lib.mdDoc "woodpecker-server config envrionment variables, for other options read the [documentation](https://woodpecker-ci.org/docs/administration/server-config)"; + }; + environmentFile = lib.mkOption { + type = lib.types.nullOr lib.types.path; + default = null; + example = "/root/woodpecker-server.env"; + description = lib.mdDoc '' + File to load environment variables + from. This is helpful for specifying secrets. + Example content of environmentFile: + ``` + WOODPECKER_AGENT_SECRET=your-shared-secret-goes-here + WOODPECKER_GITEA_SECRET=gto_************************************** + ``` + ''; + }; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services = { + woodpecker-server = { + description = "Woodpecker-Server Service"; + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + serviceConfig = { + DynamicUser = true; + WorkingDirectory = "%S/woodpecker-server"; + StateDirectory = "woodpecker-server"; + StateDirectoryMode = "0700"; + UMask = "0007"; + ConfigurationDirectory = "woodpecker-server"; + EnvironmentFile = lib.optional (cfg.environmentFile != null) cfg.environmentFile; + ExecStart = "${cfg.package}/bin/woodpecker-server"; + Restart = "on-failure"; + RestartSec = 15; + CapabilityBoundingSet = ""; + # Security + NoNewPrivileges = true; + # Sandboxing + ProtectSystem = "strict"; + ProtectHome = true; + PrivateTmp = true; + PrivateDevices = true; + PrivateUsers = true; + ProtectHostname = true; + ProtectClock = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectKernelLogs = true; + ProtectControlGroups = true; + RestrictAddressFamilies = [ "AF_UNIX AF_INET AF_INET6" ]; + LockPersonality = true; + MemoryDenyWriteExecute = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + PrivateMounts = true; + # System Call Filtering + SystemCallArchitectures = "native"; + SystemCallFilter = "~@clock @privileged @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @setuid @swap"; + }; + inherit (cfg) environment; + }; + }; + }; +} + diff --git a/pkgs/applications/audio/listenbrainz-mpd/default.nix b/pkgs/applications/audio/listenbrainz-mpd/default.nix index 04216bdf09f6..b83150985499 100644 --- a/pkgs/applications/audio/listenbrainz-mpd/default.nix +++ b/pkgs/applications/audio/listenbrainz-mpd/default.nix @@ -5,25 +5,26 @@ , stdenv , openssl , libiconv +, sqlite , Security }: rustPlatform.buildRustPackage rec { pname = "listenbrainz-mpd"; - version = "2.0.2"; + version = "2.1.0"; src = fetchFromGitea { domain = "codeberg.org"; owner = "elomatreb"; repo = "listenbrainz-mpd"; rev = "v${version}"; - hash = "sha256-DO7YUqaJZyVWjiAZ9WIVNTTvOU0qdsI2ct7aT/6O5dQ="; + hash = "sha256-AalZTlizaw93KlVffFDjGNoKkCHUFQTiElZgJo64shs="; }; - cargoHash = "sha256-MiAalxe0drRHrST3maVvi8GM2y3d0z4Zl7R7Zx8VjEM="; + cargoHash = "sha256-n24P56ZrF8qEpM45uIFr7bJhlzuAexNr6siEsF219uA="; nativeBuildInputs = [ pkg-config ]; - buildInputs = if stdenv.isDarwin then [ libiconv Security ] else [ openssl ]; + buildInputs = [ sqlite ] ++ (if stdenv.isDarwin then [ libiconv Security ] else [ openssl ]); meta = with lib; { homepage = "https://codeberg.org/elomatreb/listenbrainz-mpd"; diff --git a/pkgs/applications/misc/databricks-sql-cli/default.nix b/pkgs/applications/misc/databricks-sql-cli/default.nix index be798894ba86..ae118501f47d 100644 --- a/pkgs/applications/misc/databricks-sql-cli/default.nix +++ b/pkgs/applications/misc/databricks-sql-cli/default.nix @@ -1,20 +1,10 @@ { lib -, buildPythonApplication , fetchFromGitHub , fetchpatch -, poetry-core -, pandas -, prompt-toolkit -, databricks-sql-connector -, pygments -, configobj -, sqlparse -, cli-helpers -, click -, pytestCheckHook +, python3 }: -buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "databricks-sql-cli"; version = "0.1.4"; format = "pyproject"; @@ -22,8 +12,8 @@ buildPythonApplication rec { src = fetchFromGitHub { owner = "databricks"; repo = "databricks-sql-cli"; - rev = "v${version}"; - sha256 = "sha256-gr7LJfnvIu2Jf1XgILqfZoi8CbXeQyq0g1wLEBa5TPM="; + rev = "refs/tags/v${version}"; + hash = "sha256-gr7LJfnvIu2Jf1XgILqfZoi8CbXeQyq0g1wLEBa5TPM="; }; patches = [ @@ -37,27 +27,32 @@ buildPythonApplication rec { postPatch = '' substituteInPlace pyproject.toml \ --replace 'python = ">=3.7.1,<4.0"' 'python = ">=3.8,<4.0"' \ - --replace 'pandas = "1.3.4"' 'pandas = "~1.4"' + --replace 'pandas = "1.3.4"' 'pandas = "~1.5"' ''; - nativeBuildInputs = [ poetry-core ]; + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; - propagatedBuildInputs = [ - prompt-toolkit - pandas + propagatedBuildInputs = with python3.pkgs; [ + cli-helpers + click + configobj databricks-sql-connector + pandas + prompt-toolkit pygments - configobj sqlparse - cli-helpers - click ]; - nativeCheckInputs = [ pytestCheckHook ]; + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; meta = with lib; { description = "CLI for querying Databricks SQL"; homepage = "https://github.com/databricks/databricks-sql-cli"; + changelog = "https://github.com/databricks/databricks-sql-cli/releases/tag/v${version}"; license = licenses.databricks; maintainers = with maintainers; [ kfollesdal ]; }; diff --git a/pkgs/applications/networking/cluster/eks-node-viewer/default.nix b/pkgs/applications/networking/cluster/eks-node-viewer/default.nix new file mode 100644 index 000000000000..b75f850f7378 --- /dev/null +++ b/pkgs/applications/networking/cluster/eks-node-viewer/default.nix @@ -0,0 +1,23 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "eks-node-viewer"; + version = "0.2.0"; + + src = fetchFromGitHub { + owner = "awslabs"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-utn0OJX3NLCyAV4F01GIkvh/KFPv7vfLQMwso7x7yCw"; + }; + + vendorSha256 = "sha256-28TKZYZM2kddXAusxmjhrKFy+ATU7kZM4Ad7zvP/F3A"; + + meta = with lib; { + description = "Tool to visualize dynamic node usage within a cluster"; + homepage = "https://github.com/awslabs/eks-node-viewer"; + changelog = "https://github.com/awslabs/eks-node-viewer/releases/tag/${version}"; + license = licenses.afl20; + maintainers = [ maintainers.ivankovnatsky ]; + }; +} diff --git a/pkgs/applications/qubes/qubes-core-vchan-xen/default.nix b/pkgs/applications/qubes/qubes-core-vchan-xen/default.nix index 3a1359ca573d..6ce255675b14 100644 --- a/pkgs/applications/qubes/qubes-core-vchan-xen/default.nix +++ b/pkgs/applications/qubes/qubes-core-vchan-xen/default.nix @@ -1,6 +1,6 @@ { lib, stdenv , fetchFromGitHub -, xen_4_10 +, xen }: stdenv.mkDerivation rec { @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { sha256 = "sha256:02l1vs5c2jfw22gxvl2fb66m0d99n8ya1i7rphsb5cxsljvxary0"; }; - buildInputs = [ xen_4_10 ]; + buildInputs = [ xen ]; buildPhase = '' make all PREFIX=/ LIBDIR="$out/lib" INCLUDEDIR="$out/include" diff --git a/pkgs/applications/virtualization/xen/0000-fix-install-python.patch b/pkgs/applications/virtualization/xen/0000-fix-install-python.4.10.patch index 53821c0d9c51..53821c0d9c51 100644 --- a/pkgs/applications/virtualization/xen/0000-fix-install-python.patch +++ b/pkgs/applications/virtualization/xen/0000-fix-install-python.4.10.patch diff --git a/pkgs/applications/virtualization/xen/0000-fix-install-python.4.15.patch b/pkgs/applications/virtualization/xen/0000-fix-install-python.4.15.patch new file mode 100644 index 000000000000..5fc5a6012ee3 --- /dev/null +++ b/pkgs/applications/virtualization/xen/0000-fix-install-python.4.15.patch @@ -0,0 +1,16 @@ +tools/python/install-wrap script brakes shebangs patching, disable + +diff --git a/tools/Rules.mk b/tools/Rules.mk +index 444e5bacdd..c99ea959ff 100644 +--- a/tools/Rules.mk ++++ b/tools/Rules.mk +@@ -135,8 +135,7 @@ CFLAGS += $(CFLAGS-y) + + CFLAGS += $(EXTRA_CFLAGS_XEN_TOOLS) + +-INSTALL_PYTHON_PROG = \ +- $(XEN_ROOT)/tools/python/install-wrap "$(PYTHON_PATH)" $(INSTALL_PROG) ++INSTALL_PYTHON_PROG = $(INSTALL_PROG) + + %.opic: %.c + $(CC) $(CPPFLAGS) -DPIC $(CFLAGS) $(CFLAGS_$*.opic) -fPIC -c -o $@ $< $(APPEND_CFLAGS) diff --git a/pkgs/applications/virtualization/xen/0000-fix-ipxe-src.patch b/pkgs/applications/virtualization/xen/0000-fix-ipxe-src.4.10.patch index 072338b87aba..072338b87aba 100644 --- a/pkgs/applications/virtualization/xen/0000-fix-ipxe-src.patch +++ b/pkgs/applications/virtualization/xen/0000-fix-ipxe-src.4.10.patch diff --git a/pkgs/applications/virtualization/xen/0000-fix-ipxe-src.4.15.patch b/pkgs/applications/virtualization/xen/0000-fix-ipxe-src.4.15.patch new file mode 100644 index 000000000000..08e9aa5ad2fb --- /dev/null +++ b/pkgs/applications/virtualization/xen/0000-fix-ipxe-src.4.15.patch @@ -0,0 +1,27 @@ +hack to make etherboot use prefetched ipxe + +diff --git a/tools/firmware/etherboot/Makefile b/tools/firmware/etherboot/Makefile +index ed9e11305f..979a3acea8 100644 +--- a/tools/firmware/etherboot/Makefile ++++ b/tools/firmware/etherboot/Makefile +@@ -16,6 +16,7 @@ IPXE_TARBALL_URL ?= $(XEN_EXTFILES_URL)/ipxe-git-$(IPXE_GIT_TAG).tar.gz + + D=ipxe + T=ipxe.tar.gz ++G=ipxe.git + + ROMS = $(addprefix $D/src/bin/, $(addsuffix .rom, $(ETHERBOOT_NICS))) + ROM = $D/src/bin/ipxe.bin +@@ -41,9 +42,9 @@ $T: + fi + mv _$T $T + +-$D/src/arch/i386/Makefile: $T Config +- rm -rf $D +- gzip -dc $T | tar xf - ++$D/src/arch/i386/Makefile: $G Config ++ mkdir $D ++ cp -a $G/* $D + for i in $$(cat patches/series) ; do \ + patch -d $D -p1 --quiet <patches/$$i || exit 1 ; \ + done diff --git a/pkgs/applications/virtualization/xen/0004-makefile-use-efi-ld.patch b/pkgs/applications/virtualization/xen/0004-makefile-use-efi-ld.4.10.patch index a103cb161710..a103cb161710 100644 --- a/pkgs/applications/virtualization/xen/0004-makefile-use-efi-ld.patch +++ b/pkgs/applications/virtualization/xen/0004-makefile-use-efi-ld.4.10.patch diff --git a/pkgs/applications/virtualization/xen/0004-makefile-use-efi-ld.4.15.patch b/pkgs/applications/virtualization/xen/0004-makefile-use-efi-ld.4.15.patch new file mode 100644 index 000000000000..c64ec52315c9 --- /dev/null +++ b/pkgs/applications/virtualization/xen/0004-makefile-use-efi-ld.4.15.patch @@ -0,0 +1,42 @@ +diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile +index b6567c4127..83defeee95 100644 +--- a/xen/arch/x86/Makefile ++++ b/xen/arch/x86/Makefile +@@ -124,11 +124,11 @@ ifneq ($(efi-y),) + export XEN_BUILD_EFI := $(shell $(CC) $(XEN_CFLAGS) -c efi/check.c -o efi/check.o 2>/dev/null && echo y) + # Check if the linker supports PE. + EFI_LDFLAGS = $(patsubst -m%,-mi386pep,$(XEN_LDFLAGS)) --subsystem=10 --strip-debug +-XEN_BUILD_PE := $(if $(XEN_BUILD_EFI),$(shell $(LD) $(EFI_LDFLAGS) -o efi/check.efi efi/check.o 2>/dev/null && echo y)) ++XEN_BUILD_PE := $(if $(XEN_BUILD_EFI),$(shell $(EFI_LD) $(EFI_LDFLAGS) -o efi/check.efi efi/check.o 2>/dev/null && echo y)) + CFLAGS-$(XEN_BUILD_EFI) += -DXEN_BUILD_EFI + # Check if the linker produces fixups in PE by default (we need to disable it doing so for now). + XEN_NO_PE_FIXUPS := $(if $(XEN_BUILD_EFI), \ +- $(shell $(LD) $(EFI_LDFLAGS) --disable-reloc-section -o efi/check.efi efi/check.o 2>/dev/null && \ ++ $(shell $(EFI_LD) $(EFI_LDFLAGS) --disable-reloc-section -o efi/check.efi efi/check.o 2>/dev/null && \ + echo --disable-reloc-section)) + endif + +@@ -217,20 +217,20 @@ note_file_option ?= $(note_file) + ifeq ($(XEN_BUILD_PE),y) + $(TARGET).efi: prelink-efi.o $(note_file) efi.lds efi/relocs-dummy.o efi/mkreloc + $(foreach base, $(VIRT_BASE) $(ALT_BASE), \ +- $(LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< efi/relocs-dummy.o \ ++ $(EFI_LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< efi/relocs-dummy.o \ + $(BASEDIR)/common/symbols-dummy.o $(note_file_option) -o $(@D)/.$(@F).$(base).0 &&) : + efi/mkreloc $(foreach base,$(VIRT_BASE) $(ALT_BASE),$(@D)/.$(@F).$(base).0) >$(@D)/.$(@F).0r.S + $(NM) -pa --format=sysv $(@D)/.$(@F).$(VIRT_BASE).0 \ + | $(BASEDIR)/tools/symbols $(all_symbols) --sysv --sort >$(@D)/.$(@F).0s.S + $(MAKE) -f $(BASEDIR)/Rules.mk $(@D)/.$(@F).0r.o $(@D)/.$(@F).0s.o + $(foreach base, $(VIRT_BASE) $(ALT_BASE), \ +- $(LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< \ ++ $(EFI_LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< \ + $(@D)/.$(@F).0r.o $(@D)/.$(@F).0s.o $(note_file_option) -o $(@D)/.$(@F).$(base).1 &&) : + efi/mkreloc $(foreach base,$(VIRT_BASE) $(ALT_BASE),$(@D)/.$(@F).$(base).1) >$(@D)/.$(@F).1r.S + $(NM) -pa --format=sysv $(@D)/.$(@F).$(VIRT_BASE).1 \ + | $(BASEDIR)/tools/symbols $(all_symbols) --sysv --sort >$(@D)/.$(@F).1s.S + $(MAKE) -f $(BASEDIR)/Rules.mk $(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o +- $(LD) $(call EFI_LDFLAGS,$(VIRT_BASE)) -T efi.lds -N $< \ ++ $(EFI_LD) $(call EFI_LDFLAGS,$(VIRT_BASE)) -T efi.lds -N $< \ + $(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o $(note_file_option) -o $@ + $(NM) -pa --format=sysv $(@D)/$(@F) \ + | $(BASEDIR)/tools/symbols --all-symbols --xensyms --sysv --sort >$(@D)/$(@F).map diff --git a/pkgs/applications/virtualization/xen/0005-makefile-fix-efi-mountdir-use.patch b/pkgs/applications/virtualization/xen/0005-makefile-fix-efi-mountdir-use.4.10.patch index 11989e86c770..11989e86c770 100644 --- a/pkgs/applications/virtualization/xen/0005-makefile-fix-efi-mountdir-use.patch +++ b/pkgs/applications/virtualization/xen/0005-makefile-fix-efi-mountdir-use.4.10.patch diff --git a/pkgs/applications/virtualization/xen/0005-makefile-fix-efi-mountdir-use.4.15.patch b/pkgs/applications/virtualization/xen/0005-makefile-fix-efi-mountdir-use.4.15.patch new file mode 100644 index 000000000000..8f07c1a8e29f --- /dev/null +++ b/pkgs/applications/virtualization/xen/0005-makefile-fix-efi-mountdir-use.4.15.patch @@ -0,0 +1,37 @@ +EFI_MOUNTPOINT is conventionally /boot/efi or /boot/EFI or something +like that, and (on my machine) has directories within that called +{Boot, nixos, gummiboot}. + +This patch does two things: + +1) Xen apparently wants to put files in +$(EFI_MOUNTPOINT)/efi/$(EFI_VENDOR) - we remove the duplicate 'efi' name +because I can't see why we have it + +2) Ensures the said directory exists + + +diff --git a/xen/Makefile b/xen/Makefile +index acb2d28891..d0763fbbe7 100644 +--- a/xen/Makefile ++++ b/xen/Makefile +@@ -289,7 +289,9 @@ _install: $(TARGET)$(CONFIG_XEN_INSTALL_SUFFIX) + ln -sf $(T)-$(XEN_FULLVERSION).efi $(D)$(EFI_DIR)/$(T)-$(XEN_VERSION).efi; \ + ln -sf $(T)-$(XEN_FULLVERSION).efi $(D)$(EFI_DIR)/$(T).efi; \ + if [ -n '$(EFI_MOUNTPOINT)' -a -n '$(EFI_VENDOR)' ]; then \ +- $(INSTALL_DATA) $(TARGET).efi $(D)$(EFI_MOUNTPOINT)/efi/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi; \ ++ [ -d $(D)$(EFI_MOUNTPOINT)/$(EFI_VENDOR) ] || \ ++ $(INSTALL_DIR) $(D)$(EFI_MOUNTPOINT)/$(EFI_VENDOR) ;\ ++ $(INSTALL_DATA) $(TARGET).efi $(D)$(EFI_MOUNTPOINT)/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi; \ + elif [ "$(D)" = "$(patsubst $(shell cd $(XEN_ROOT) && pwd)/%,%,$(D))" ]; then \ + echo 'EFI installation only partially done (EFI_VENDOR not set)' >&2; \ + fi; \ +@@ -319,7 +321,7 @@ _uninstall: + rm -f $(D)$(DEBUG_DIR)/$(T)-$(XEN_FULLVERSION).efi.map + rm -f $(D)$(EFI_DIR)/$(T)-$(XEN_VERSION).efi + rm -f $(D)$(EFI_DIR)/$(T).efi +- rm -f $(D)$(EFI_MOUNTPOINT)/efi/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi ++ rm -f $(D)$(EFI_MOUNTPOINT)/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi + + .PHONY: _debug + _debug: diff --git a/pkgs/applications/virtualization/xen/4.10.nix b/pkgs/applications/virtualization/xen/4.10.nix index 57fd03361305..4e4df3976fc1 100644 --- a/pkgs/applications/virtualization/xen/4.10.nix +++ b/pkgs/applications/virtualization/xen/4.10.nix @@ -8,6 +8,9 @@ , withOVMF ? false, OVMF , withLibHVM ? true +# xen +, lvm2, ncurses, python2Packages + # qemu , udev, pciutils, xorg, SDL, pixman, acl, glusterfs, spice-protocol, usbredir , alsa-lib, glib, python2 @@ -165,7 +168,21 @@ callPackage (import ./generic.nix (rec { "-Wno-error=zero-length-bounds" ]; + patches = [ + ./0000-fix-ipxe-src.4.10.patch + ./0000-fix-install-python.4.10.patch + ./0004-makefile-use-efi-ld.4.10.patch + ./0005-makefile-fix-efi-mountdir-use.4.10.patch + ]; + postPatch = '' + substituteInPlace tools/blktap2/lvm/lvm-util.c \ + --replace /usr/sbin/vgs ${lvm2}/bin/vgs \ + --replace /usr/sbin/lvs ${lvm2}/bin/lvs + + substituteInPlace tools/xenstat/Makefile \ + --replace /usr/include/curses.h ${ncurses.dev}/include/curses.h + # Avoid a glibc >= 2.25 deprecation warnings that get fatal via -Werror. sed 1i'#include <sys/sysmacros.h>' \ -i tools/blktap2/control/tap-ctl-allocate.c \ @@ -181,4 +198,7 @@ callPackage (import ./generic.nix (rec { else throw "this xen has no qemu builtin"; }; -})) ({ ocamlPackages = ocaml-ng.ocamlPackages_4_05; } // args) +})) ({ + ocamlPackages = ocaml-ng.ocamlPackages_4_05; + pythonPackages = python2Packages; +} // args) diff --git a/pkgs/applications/virtualization/xen/4.15.nix b/pkgs/applications/virtualization/xen/4.15.nix new file mode 100644 index 000000000000..c5c02f7e9181 --- /dev/null +++ b/pkgs/applications/virtualization/xen/4.15.nix @@ -0,0 +1,184 @@ +{ lib, callPackage, fetchurl, fetchpatch, fetchgit +, ocaml-ng +, withInternalQemu ? true +, withInternalTraditionalQemu ? true +, withInternalSeabios ? true +, withSeabios ? !withInternalSeabios, seabios ? null +, withInternalOVMF ? false # FIXME: tricky to build +, withOVMF ? false, OVMF +, withLibHVM ? false + +# xen +, python3Packages + +# qemu +, udev, pciutils, xorg, SDL, pixman, acl, glusterfs, spice-protocol, usbredir +, alsa-lib, glib, python3 +, ... } @ args: + +assert withInternalSeabios -> !withSeabios; +assert withInternalOVMF -> !withOVMF; +assert !withLibHVM; + +with lib; + +# Patching XEN? Check the XSAs at +# https://xenbits.xen.org/xsa/ +# and try applying all the ones we don't have yet. + +let + xsa = import ./xsa-patches.nix { inherit fetchpatch; }; + + qemuMemfdBuildFix = fetchpatch { + name = "xen-4.8-memfd-build-fix.patch"; + url = "https://github.com/qemu/qemu/commit/75e5b70e6b5dcc4f2219992d7cffa462aa406af0.patch"; + sha256 = "0gaz93kb33qc0jx6iphvny0yrd17i8zhcl3a9ky5ylc2idz0wiwa"; + }; + + qemuDeps = [ + udev pciutils xorg.libX11 SDL pixman acl glusterfs spice-protocol usbredir + alsa-lib glib python3 + ]; +in + +callPackage (import ./generic.nix (rec { + version = "4.15.1"; + + src = fetchurl { + url = "https://downloads.xenproject.org/release/xen/${version}/xen-${version}.tar.gz"; + sha256 = "1rmc7gb72xwhr3h9rc3bkac41s8kjjzz45miwdq6yalyq7j7vss5"; + }; + + # Sources needed to build tools and firmwares. + xenfiles = optionalAttrs withInternalQemu { + qemu-xen = { + src = fetchgit { + url = "https://xenbits.xen.org/git-http/qemu-xen.git"; + # rev = "refs/tags/qemu-xen-${version}"; + # use revision hash - reproducible but must be updated with each new version + rev = "e2af2d050338c99e8436e251ad67aafb3ebbd501"; + sha256 = "sha256-gVykPtzAA7tmpe6iVvnulaW+b0jD3gwL1JXC5yeIA7M="; + }; + buildInputs = qemuDeps; + postPatch = '' + # needed in build but /usr/bin/env is not available in sandbox + substituteInPlace scripts/tracetool.py \ + --replace "/usr/bin/env python" "${python3}/bin/python" + ''; + meta.description = "Xen's fork of upstream Qemu"; + }; + } // optionalAttrs withInternalTraditionalQemu { + # TODO 4.15: something happened with traditional in this release? + qemu-xen-traditional = { + src = fetchgit { + url = "https://xenbits.xen.org/git-http/qemu-xen-traditional.git"; + # rev = "refs/tags/xen-${version}"; + # use revision hash - reproducible but must be updated with each new version + rev = "3d273dd05e51e5a1ffba3d98c7437ee84e8f8764"; + sha256 = "1dc6dhjp4y2irmi9yiyw1kzmm1habyy8j1s2zkf6qyak850krqj7"; + }; + buildInputs = qemuDeps; + patches = [ + ]; + postPatch = '' + substituteInPlace xen-hooks.mak \ + --replace /usr/include/pci ${pciutils}/include/pci + ''; + meta.description = "Xen's fork of upstream Qemu that uses old device model"; + }; + } // optionalAttrs withInternalSeabios { + "firmware/seabios-dir-remote" = { + src = fetchgit { + url = "https://xenbits.xen.org/git-http/seabios.git"; + rev = "155821a1990b6de78dde5f98fa5ab90e802021e0"; + sha256 = "sha256-F3lzr00CMAObJtpz0eZFT/rwjFx+bvlI37/JtHXP5Eo="; + }; + patches = [ ./0000-qemu-seabios-enable-ATA_DMA.patch ]; + meta.description = "Xen's fork of Seabios"; + }; + } // optionalAttrs withInternalOVMF { + "firmware/ovmf-dir-remote" = { + src = fetchgit { + url = "https://xenbits.xen.org/git-http/ovmf.git"; + rev = "a3741780fe3535e19e02efa869a7cac481891129"; + sha256 = "0000000000000000000000000000000000000000000000000000"; + }; + meta.description = "Xen's fork of OVMF"; + }; + } // { + # TODO: patch Xen to make this optional? + "firmware/etherboot/ipxe.git" = { + src = fetchgit { + url = "https://git.ipxe.org/ipxe.git"; + rev = "988d2c13cdf0f0b4140685af35ced70ac5b3283c"; + sha256 = "1pkf1n1c0rdlzfls8fvjvi1sd9xjd9ijqlyz3wigr70ijcv6x8i9"; + }; + meta.description = "Xen's fork of iPXE"; + }; + }; + + configureFlags = [] + ++ optional (!withInternalQemu) "--with-system-qemu" # use qemu from PATH + ++ optional (withInternalTraditionalQemu) "--enable-qemu-traditional" + ++ optional (!withInternalTraditionalQemu) "--disable-qemu-traditional" + + ++ optional (withSeabios) "--with-system-seabios=${seabios}" + ++ optional (!withInternalSeabios && !withSeabios) "--disable-seabios" + + ++ optional (withOVMF) "--with-system-ovmf=${OVMF.fd}/FV/OVMF.fd" + ++ optional (withInternalOVMF) "--enable-ovmf"; + + NIX_CFLAGS_COMPILE = toString [ + # TODO 4.15: drop unneeded ones + # Fix build on Glibc 2.24. + "-Wno-error=deprecated-declarations" + # Fix build with GCC 8 + "-Wno-error=maybe-uninitialized" + "-Wno-error=stringop-truncation" + "-Wno-error=format-truncation" + "-Wno-error=array-bounds" + # Fix build with GCC 9 + "-Wno-error=address-of-packed-member" + "-Wno-error=format-overflow" + "-Wno-error=absolute-value" + # Fix build with GCC 10 + "-Wno-error=enum-conversion" + "-Wno-error=zero-length-bounds" + # Fix build with GCC 12 + # xentoollog_stubs.c:57: error: "Some_val" redefined [-Werror] + "-Wno-error" + ]; + + patches = with xsa; flatten [ + ./0000-fix-ipxe-src.4.15.patch + ./0000-fix-install-python.4.15.patch + ./0004-makefile-use-efi-ld.4.15.patch + ./0005-makefile-fix-efi-mountdir-use.4.15.patch + + XSA_386 + ]; + + postPatch = '' + # Avoid a glibc >= 2.25 deprecation warnings that get fatal via -Werror. + sed 1i'#include <sys/sysmacros.h>' \ + -i tools/libs/light/libxl_device.c + + # Fix missing pkg-config dir + mkdir -p tools/pkg-config + ''; + + preBuild = '' + # PKG_CONFIG env var collides with variables used in tools Makefiles. + unset PKG_CONFIG + ''; + + passthru = { + qemu-system-i386 = if withInternalQemu + then "lib/xen/bin/qemu-system-i386" + else throw "this xen has no qemu builtin"; + }; + +})) ({ + ocamlPackages = ocaml-ng.ocamlPackages_4_05; + pythonPackages = python3Packages; +} // args) diff --git a/pkgs/applications/virtualization/xen/generic.nix b/pkgs/applications/virtualization/xen/generic.nix index 234d72e46828..2631c6ea44c2 100644 --- a/pkgs/applications/virtualization/xen/generic.nix +++ b/pkgs/applications/virtualization/xen/generic.nix @@ -4,9 +4,8 @@ config: # Xen , bison, bzip2, checkpolicy, dev86, figlet, flex, gettext, glib , acpica-tools, libaio, libiconv, libuuid, ncurses, openssl, perl -, python2Packages -# python2Packages.python , xz, yajl, zlib +, pythonPackages # Xen Optional , ocamlPackages @@ -14,10 +13,10 @@ config: # Scripts , coreutils, gawk, gnused, gnugrep, diffutils, multipath-tools , iproute2, inetutils, iptables, bridge-utils, openvswitch, nbd, drbd -, lvm2, util-linux, procps, systemd +, util-linux, procps, systemd # Documentation -# python2Packages.markdown +# pythonPackages.markdown , fig2dev, ghostscript, texinfo, pandoc , binutils-unwrapped @@ -72,16 +71,16 @@ stdenv.mkDerivation (rec { # Xen bison bzip2 checkpolicy dev86 figlet flex gettext glib acpica-tools libaio - libiconv libuuid ncurses openssl perl python2Packages.python xz yajl zlib + libiconv libuuid ncurses openssl perl pythonPackages.python xz yajl zlib # oxenstored ocamlPackages.findlib ocamlPackages.ocaml systemd # Python fixes - python2Packages.wrapPython + pythonPackages.wrapPython # Documentation - python2Packages.markdown fig2dev ghostscript texinfo pandoc + pythonPackages.markdown fig2dev ghostscript texinfo pandoc # Others ] ++ (concatMap (x: x.buildInputs or []) (attrValues config.xenfiles)) @@ -133,10 +132,6 @@ stdenv.mkDerivation (rec { ''; patches = [ - ./0000-fix-ipxe-src.patch - ./0000-fix-install-python.patch - ./0004-makefile-use-efi-ld.patch - ./0005-makefile-fix-efi-mountdir-use.patch ] ++ (config.patches or []); postPatch = '' @@ -156,10 +151,6 @@ stdenv.mkDerivation (rec { substituteInPlace tools/libfsimage/common/fsimage_plugin.c \ --replace /usr $out - substituteInPlace tools/blktap2/lvm/lvm-util.c \ - --replace /usr/sbin/vgs ${lvm2}/bin/vgs \ - --replace /usr/sbin/lvs ${lvm2}/bin/lvs - substituteInPlace tools/misc/xenpvnetboot \ --replace /usr/sbin/mount ${util-linux}/bin/mount \ --replace /usr/sbin/umount ${util-linux}/bin/umount @@ -167,9 +158,6 @@ stdenv.mkDerivation (rec { substituteInPlace tools/xenmon/xenmon.py \ --replace /usr/bin/pkill ${procps}/bin/pkill - substituteInPlace tools/xenstat/Makefile \ - --replace /usr/include/curses.h ${ncurses.dev}/include/curses.h - ${optionalString (builtins.compareVersions config.version "4.8" >= 0) '' substituteInPlace tools/hotplug/Linux/launch-xenstore.in \ --replace /bin/mkdir mkdir @@ -209,6 +197,10 @@ stdenv.mkDerivation (rec { makeFlags = [ "PREFIX=$(out) CONFIG_DIR=/etc" "XEN_SCRIPT_DIR=/etc/xen/scripts" ] ++ (config.makeFlags or []); + preBuild = '' + ${config.preBuild or ""} + ''; + buildFlags = [ "xen" "tools" ]; postBuild = '' diff --git a/pkgs/applications/virtualization/xen/packages.nix b/pkgs/applications/virtualization/xen/packages.nix index 5ff263dc8ff2..722551461946 100644 --- a/pkgs/applications/virtualization/xen/packages.nix +++ b/pkgs/applications/virtualization/xen/packages.nix @@ -52,8 +52,53 @@ rec { }; }; + xen_4_15-vanilla = callPackage ./4.15.nix { + meta = { + description = "vanilla"; + longDescription = '' + Vanilla version of Xen. Uses forks of Qemu and Seabios bundled + with Xen. This gives vanilla experince, but wastes space and + build time: typical NixOS setup that runs lots of VMs will + build three different versions of Qemu when using this (two + forks and upstream). + ''; + }; + }; + + xen_4_15-slim = xen_4_15-vanilla.override { + withInternalQemu = false; + withInternalTraditionalQemu = true; + withInternalSeabios = false; + withSeabios = true; + + meta = { + description = "slim"; + longDescription = '' + Slimmed-down version of Xen that reuses nixpkgs packages as + much as possible. Different parts may get out of sync, but + this builds faster and uses less space than vanilla. Use with + `qemu_xen` from nixpkgs. + ''; + }; + }; + + xen_4_15-light = xen_4_15-vanilla.override { + withInternalQemu = false; + withInternalTraditionalQemu = false; + withInternalSeabios = false; + withSeabios = true; + + meta = { + description = "light"; + longDescription = '' + Slimmed-down version of Xen without `qemu-traditional` (you + don't need it if you don't know what it is). Use with + `qemu_xen-light` from nixpkgs. + ''; + }; + }; + xen-vanilla = xen_4_10-vanilla; xen-slim = xen_4_10-slim; xen-light = xen_4_10-light; - } diff --git a/pkgs/applications/virtualization/xen/xsa-patches.nix b/pkgs/applications/virtualization/xen/xsa-patches.nix index b1d1d7783c24..d789697a5599 100644 --- a/pkgs/applications/virtualization/xen/xsa-patches.nix +++ b/pkgs/applications/virtualization/xen/xsa-patches.nix @@ -485,4 +485,9 @@ in { sha256 = "0lc94cx271z09r0mhxaypyd9d4740051p28idf5calx5228dqjgm"; }) ]; + + XSA_386 = (xsaPatch { + name = "386"; + sha256 = "sha256-pAuLgt3sDeL73NSDqZCWxRGZk1tWaYlDbh7cUcJ4s+w="; + }); } diff --git a/pkgs/build-support/writers/default.nix b/pkgs/build-support/writers/default.nix index 88da1ca54a97..ca0184beeb0c 100644 --- a/pkgs/build-support/writers/default.nix +++ b/pkgs/build-support/writers/default.nix @@ -76,6 +76,11 @@ let passAsFile = [ "content" ]; } else { contentPath = content; + } // lib.optionalAttrs (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64) { + # post-link-hook expects codesign_allocate to be in PATH + # https://github.com/NixOS/nixpkgs/issues/154203 + # https://github.com/NixOS/nixpkgs/issues/148189 + nativeBuildInputs = [ stdenv.cc.bintools ]; }) '' ${compileScript} ${lib.optionalString strip diff --git a/pkgs/desktops/plasma-5/fetch.sh b/pkgs/desktops/plasma-5/fetch.sh index feb1a5d3a80b..9040a5d3bf76 100644 --- a/pkgs/desktops/plasma-5/fetch.sh +++ b/pkgs/desktops/plasma-5/fetch.sh @@ -1 +1 @@ -WGET_ARGS=( https://download.kde.org/stable/plasma/5.27.2/ -A '*.tar.xz' ) +WGET_ARGS=( https://download.kde.org/stable/plasma/5.27.3/ -A '*.tar.xz' ) diff --git a/pkgs/desktops/plasma-5/srcs.nix b/pkgs/desktops/plasma-5/srcs.nix index caa9494e7dbc..b056b1766739 100644 --- a/pkgs/desktops/plasma-5/srcs.nix +++ b/pkgs/desktops/plasma-5/srcs.nix @@ -4,483 +4,483 @@ { aura-browser = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/aura-browser-5.27.2.tar.xz"; - sha256 = "0ri1zv3xbd2wivnfi404zv8baf0h2a7wclmnbqjn0z5i898icmsr"; - name = "aura-browser-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/aura-browser-5.27.3.tar.xz"; + sha256 = "00ysfwf4r9x5csyxws7c7fazvcpr6240f8wshrg9dqsp5bwd86bl"; + name = "aura-browser-5.27.3.tar.xz"; }; }; bluedevil = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/bluedevil-5.27.2.tar.xz"; - sha256 = "0v3nq4yiqiyh3crizv3nilriqxvhajm5hghhqdrgabw9a7svp001"; - name = "bluedevil-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/bluedevil-5.27.3.tar.xz"; + sha256 = "1n8v2vdjp3mby2p9dpf53rjzsjwgw5z63s4lhm17090a152jwc1b"; + name = "bluedevil-5.27.3.tar.xz"; }; }; breeze = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/breeze-5.27.2.tar.xz"; - sha256 = "1ajr8ljn5nias0smjr3wlqwisgb59qzmmkmm4yc5il21ib20lp8l"; - name = "breeze-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/breeze-5.27.3.tar.xz"; + sha256 = "12krg073i08dly13zhy8jxpw6asdl7cc1dvafp48gr4irsygar3p"; + name = "breeze-5.27.3.tar.xz"; }; }; breeze-grub = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/breeze-grub-5.27.2.tar.xz"; - sha256 = "1fr84vylyvpba1z81sf6qj46ya7s853l7a2lflzrjrg41k84q7g4"; - name = "breeze-grub-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/breeze-grub-5.27.3.tar.xz"; + sha256 = "0mpjvll5ca0rg4nxsplqynrnc6bmlwg9m2xdvgbljpa7yiwymw06"; + name = "breeze-grub-5.27.3.tar.xz"; }; }; breeze-gtk = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/breeze-gtk-5.27.2.tar.xz"; - sha256 = "00k5b2cmz9b5l0mabj47pjaw5wn13laga2z3m5p2dz4y6m8gm3f1"; - name = "breeze-gtk-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/breeze-gtk-5.27.3.tar.xz"; + sha256 = "0ydz7xrmjfwq4nmdrazhyzm8n0jlqi3p8srydk2ivcjaq24v3f9p"; + name = "breeze-gtk-5.27.3.tar.xz"; }; }; breeze-plymouth = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/breeze-plymouth-5.27.2.tar.xz"; - sha256 = "1zbkj0mjpzkgbkl47zbrg9cxfk68245jm5i5p3194sqbw9l104mx"; - name = "breeze-plymouth-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/breeze-plymouth-5.27.3.tar.xz"; + sha256 = "0kqls4ss7m0dxzhqm747b2wig4nfbwcj1fi7qdwqy4lf1fw3r4sm"; + name = "breeze-plymouth-5.27.3.tar.xz"; }; }; discover = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/discover-5.27.2.tar.xz"; - sha256 = "0bcnm1ccvwhhvcdz8a44canrzfjl03hkrqfjwrr89y0mxiws46rc"; - name = "discover-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/discover-5.27.3.tar.xz"; + sha256 = "1nqav8zh6290c5jxjs1vfgxxbq5szzln7skhqvx0v0mkd1889i48"; + name = "discover-5.27.3.tar.xz"; }; }; drkonqi = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/drkonqi-5.27.2.tar.xz"; - sha256 = "0fwjz7qxal0dixrh1wjb17vpr6jx8fki91xxbbdfnr8ykixfsx56"; - name = "drkonqi-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/drkonqi-5.27.3.tar.xz"; + sha256 = "1p1mv0qbnbpj640sv4w965jry4w9179w0mvq1avv2hkpj6mx7jy3"; + name = "drkonqi-5.27.3.tar.xz"; }; }; flatpak-kcm = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/flatpak-kcm-5.27.2.tar.xz"; - sha256 = "0rrw6v8vwgxj78v16wwa3d4gamymjvgpi27lmcqmf9588chnn8xf"; - name = "flatpak-kcm-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/flatpak-kcm-5.27.3.tar.xz"; + sha256 = "1zjv7p8r3bic9jkla629n9a1g347d7mv22w0znpiah4xcdzci49n"; + name = "flatpak-kcm-5.27.3.tar.xz"; }; }; kactivitymanagerd = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kactivitymanagerd-5.27.2.tar.xz"; - sha256 = "1ni2yqk51qf23ck6j4kbli6pqhbnlix2w51la4af45ma8wr2gvix"; - name = "kactivitymanagerd-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kactivitymanagerd-5.27.3.tar.xz"; + sha256 = "097fx3rqilqihgs4miylgx7vwgmrrwac7c1g9l7ydc20ihx4l434"; + name = "kactivitymanagerd-5.27.3.tar.xz"; }; }; kde-cli-tools = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kde-cli-tools-5.27.2.tar.xz"; - sha256 = "189n92i79yxj6v2rwawg3grav4k5kdazh9fgnhijkwg2s6m7pdfm"; - name = "kde-cli-tools-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kde-cli-tools-5.27.3.tar.xz"; + sha256 = "191sz7v39fzhhpf81hjdxhw08p45fx83s1mfyyd3w39bfmv038m1"; + name = "kde-cli-tools-5.27.3.tar.xz"; }; }; kde-gtk-config = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kde-gtk-config-5.27.2.tar.xz"; - sha256 = "1m4qzv6haa9vq8z0m9v6i2y05syagazpg6inrgf6bvyrwh0zwbfa"; - name = "kde-gtk-config-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kde-gtk-config-5.27.3.tar.xz"; + sha256 = "04bix5d6n480qwfkhihss3nqpra3kcp939ppa4kws5ry1s759b5a"; + name = "kde-gtk-config-5.27.3.tar.xz"; }; }; kdecoration = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kdecoration-5.27.2.tar.xz"; - sha256 = "0xds1xx6jj6qy7jrl9wsnpcm1w4qd4im1bl21b9g1gmz7m53zvdm"; - name = "kdecoration-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kdecoration-5.27.3.tar.xz"; + sha256 = "1nzym6qf7pqsk03qs3583lisf9vzcy13mwwhcjpri0bng57ih3h7"; + name = "kdecoration-5.27.3.tar.xz"; }; }; kdeplasma-addons = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kdeplasma-addons-5.27.2.tar.xz"; - sha256 = "1fr0fnw1k9jm55dhk22wxfxl4asyk7712gmyrmc8w93i1lnnwd19"; - name = "kdeplasma-addons-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kdeplasma-addons-5.27.3.tar.xz"; + sha256 = "17rvsxg1fsbm5vyrm4sq4q0x720wj2y89i9n5w4v41fygarbia8w"; + name = "kdeplasma-addons-5.27.3.tar.xz"; }; }; kgamma5 = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kgamma5-5.27.2.tar.xz"; - sha256 = "03drd26nmy4q1vdw4kyzj6dvyfydzjybbzffyjdnnfc3yflhc32g"; - name = "kgamma5-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kgamma5-5.27.3.tar.xz"; + sha256 = "0z5ngivlg9zz844k55m2sxvzpjdivlggml38l0rzcqpzdqaab2fy"; + name = "kgamma5-5.27.3.tar.xz"; }; }; khotkeys = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/khotkeys-5.27.2.tar.xz"; - sha256 = "02fv67x68dlxk9q80qpfkyjrd4bgwqhzi6c6jari5f24ajl2kfqp"; - name = "khotkeys-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/khotkeys-5.27.3.tar.xz"; + sha256 = "1sq6p22bikjdxbb43l9s8rgzamyl83h00y5ksp281287k3swn6z6"; + name = "khotkeys-5.27.3.tar.xz"; }; }; kinfocenter = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kinfocenter-5.27.2.tar.xz"; - sha256 = "1v10xfqcrj16ljasz8v0f0isjrc2brdmblfq6il4f4nckb23qmmw"; - name = "kinfocenter-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kinfocenter-5.27.3.tar.xz"; + sha256 = "12wqryghhvs1a1l80k7zmwldyclvp3c2cdaaank7xwy3nyrnnzw4"; + name = "kinfocenter-5.27.3.tar.xz"; }; }; kmenuedit = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kmenuedit-5.27.2.tar.xz"; - sha256 = "1v6147x23rbp9nfmznbwf550ycml8zh6xa85vjj8gw7dma0zfx97"; - name = "kmenuedit-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kmenuedit-5.27.3.tar.xz"; + sha256 = "126wcw38abnwpfcapkbhk8xi2m5gp7qshvayzh23xdajg0lkh47p"; + name = "kmenuedit-5.27.3.tar.xz"; }; }; kpipewire = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kpipewire-5.27.2.tar.xz"; - sha256 = "1w15w49ali3v8sf3ahcsbbaynd20an5jy5305diza0g5ivyz0xh9"; - name = "kpipewire-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kpipewire-5.27.3.tar.xz"; + sha256 = "0b95jjkfpkvc2ld3x6p7nw6kn6fkqba9q7x95ywvgag2b00jdb56"; + name = "kpipewire-5.27.3.tar.xz"; }; }; kscreen = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kscreen-5.27.2.tar.xz"; - sha256 = "0xfj57xszxyrfpn2wq9sbmy6psxk81zirwz5x85sdlbzdz9cz28w"; - name = "kscreen-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kscreen-5.27.3.tar.xz"; + sha256 = "0ddxd0rmzq6bp00nw65z854pc8dsgiqdvwhkfrs9cprjdprnf3n1"; + name = "kscreen-5.27.3.tar.xz"; }; }; kscreenlocker = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kscreenlocker-5.27.2.tar.xz"; - sha256 = "0683rr6jg6zf12h00hypwb2hsvbngfq3vpf08qms0lcl78r5c41s"; - name = "kscreenlocker-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kscreenlocker-5.27.3.tar.xz"; + sha256 = "0m48bjrq95psmd11hny15nwqb4ypbfp7sik40hzzx216pqs9ma8s"; + name = "kscreenlocker-5.27.3.tar.xz"; }; }; ksshaskpass = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/ksshaskpass-5.27.2.tar.xz"; - sha256 = "1ianh4zqdym9a8r2rzffryyn1bwv6v8fbcha5ac2qi57mdkhk5fr"; - name = "ksshaskpass-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/ksshaskpass-5.27.3.tar.xz"; + sha256 = "0bgnxx0k62a26pkq2alvb8r9kqyd80wnxci3sxa7rppdx8z3ahd5"; + name = "ksshaskpass-5.27.3.tar.xz"; }; }; ksystemstats = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/ksystemstats-5.27.2.tar.xz"; - sha256 = "1wm3xf4h3y7cz8gpmyz3nm6lrdz31v7hf7cah9hzsk6i8ahc8bpr"; - name = "ksystemstats-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/ksystemstats-5.27.3.tar.xz"; + sha256 = "0rk34pav5zkw01h51m97i7jhq2wslhzap3wdp32v1xgsgmjlhs22"; + name = "ksystemstats-5.27.3.tar.xz"; }; }; kwallet-pam = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kwallet-pam-5.27.2.tar.xz"; - sha256 = "04krmcvkbpm8m0yx7gr1n53w0j9ifi1yl4p3b9z5ammkbrw7xrb8"; - name = "kwallet-pam-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kwallet-pam-5.27.3.tar.xz"; + sha256 = "1nqzx8pxk9yqqxpmra3mi8m61b7vl03vjpmnyrlh7krzynfjj672"; + name = "kwallet-pam-5.27.3.tar.xz"; }; }; kwayland-integration = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kwayland-integration-5.27.2.tar.xz"; - sha256 = "00qwrihgy2xxjpcshkhygvq15wyclsn4s9hl0m29y6d34j1m4awn"; - name = "kwayland-integration-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kwayland-integration-5.27.3.tar.xz"; + sha256 = "0jkgkzh9zp1yb72npzgfbhq79zmgwzf7vzw8xxbz3vsmk3rih0fd"; + name = "kwayland-integration-5.27.3.tar.xz"; }; }; kwin = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kwin-5.27.2.tar.xz"; - sha256 = "1xanx9yx0gzn75mkns5dpp65hlvijr85lxapac0rj8nw1hkfrcnh"; - name = "kwin-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kwin-5.27.3.tar.xz"; + sha256 = "1ry0mwah77ly1b4ywhiprjq5aqrb0njawqik11997q0k720i4b78"; + name = "kwin-5.27.3.tar.xz"; }; }; kwrited = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/kwrited-5.27.2.tar.xz"; - sha256 = "12sb6g4dj5188iq7yv37js65999api8r60vcqcap3gjzsrxn1ilw"; - name = "kwrited-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/kwrited-5.27.3.tar.xz"; + sha256 = "1m2qcqnsq3nbqa00y0fa0bnya8j7741pp3zgn58hjvhfbrh52262"; + name = "kwrited-5.27.3.tar.xz"; }; }; layer-shell-qt = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/layer-shell-qt-5.27.2.tar.xz"; - sha256 = "1zq82q035wf9dfs8imk2dbkxczjihlm23gc6pbnkpn1c3g7q1a1s"; - name = "layer-shell-qt-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/layer-shell-qt-5.27.3.tar.xz"; + sha256 = "1rvjkw11nxcj0fl9b45hfv20xaqq87jvfrxz72xkmixnsv3wv70f"; + name = "layer-shell-qt-5.27.3.tar.xz"; }; }; libkscreen = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/libkscreen-5.27.2.tar.xz"; - sha256 = "1kr9nkxsa3a3d4pdwlv89rw9c8rqhh9wcr3ii4hh791179v82wkb"; - name = "libkscreen-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/libkscreen-5.27.3.tar.xz"; + sha256 = "0py6x6l0bc64wakd3x6j4lmcnqzjxx0a4qr2p3i94rrx68b73mw5"; + name = "libkscreen-5.27.3.tar.xz"; }; }; libksysguard = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/libksysguard-5.27.2.tar.xz"; - sha256 = "01ksfg07a2q6f1jisfrfk3j4zvcvpspc8xakc9a14dpzkib7ifnn"; - name = "libksysguard-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/libksysguard-5.27.3.tar.xz"; + sha256 = "07xvs6pr605p9mjm6s8f5x53lyv2mscxvm4xfa0y056ngipvpwiz"; + name = "libksysguard-5.27.3.tar.xz"; }; }; milou = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/milou-5.27.2.tar.xz"; - sha256 = "1qxsnqdxw3y3jpdnx1wz0q17ll3gwqq4jrx2sddz887yf8kmbhsk"; - name = "milou-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/milou-5.27.3.tar.xz"; + sha256 = "07vf2mi6jnmw28r8bw5qj7f7467ja5mhsdp1k8hb32ivls92sv7b"; + name = "milou-5.27.3.tar.xz"; }; }; oxygen = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/oxygen-5.27.2.tar.xz"; - sha256 = "0gz03yskna0sjf4mpzpgh8s8xy9vxk2rp3w5d2vwvq798yqj4i36"; - name = "oxygen-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/oxygen-5.27.3.tar.xz"; + sha256 = "1drmjf8bgzm9gzpy887wbyi4zd71vlilhx7057qr8df6sbnzh4ch"; + name = "oxygen-5.27.3.tar.xz"; }; }; oxygen-sounds = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/oxygen-sounds-5.27.2.tar.xz"; - sha256 = "0v0rdcd08fhjbh5lhl7n77pady278lxb6sid4486ip050wzgmdhk"; - name = "oxygen-sounds-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/oxygen-sounds-5.27.3.tar.xz"; + sha256 = "1kppckhyll3v973jg2csp5z3ryxbipp9jpg6hfqrw1rqkv83rf8d"; + name = "oxygen-sounds-5.27.3.tar.xz"; }; }; plank-player = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plank-player-5.27.2.tar.xz"; - sha256 = "1zksd833sm4khjm7qaaxf2zlg1lscf2mdcqqcgxa590kb6cdk4g7"; - name = "plank-player-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plank-player-5.27.3.tar.xz"; + sha256 = "0iv26dics4w89j9xfms9bi4fs9b1cq4wnjgz1jv5w6834imvplrw"; + name = "plank-player-5.27.3.tar.xz"; }; }; plasma-bigscreen = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-bigscreen-5.27.2.tar.xz"; - sha256 = "1ap6w8s8lzsk4qlkjbig5vaq2kkghg4jc4rmmrmh55qb5805d29j"; - name = "plasma-bigscreen-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-bigscreen-5.27.3.tar.xz"; + sha256 = "0vp1n2048d9f15hnfiz2jkkk209n6zn6z45s9xa4a622xrqbvr3x"; + name = "plasma-bigscreen-5.27.3.tar.xz"; }; }; plasma-browser-integration = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-browser-integration-5.27.2.tar.xz"; - sha256 = "0cj46jsd8piy773qdamhpihywdl9qk2qpiigyyhbnsbwxcvl4fbw"; - name = "plasma-browser-integration-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-browser-integration-5.27.3.tar.xz"; + sha256 = "10ivly31xb2s1d2cizjppm805qxdh8lij8cry46fbgg51r5w1qnd"; + name = "plasma-browser-integration-5.27.3.tar.xz"; }; }; plasma-desktop = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-desktop-5.27.2.tar.xz"; - sha256 = "0dsic9had0nihw5k8a6vw5svdxsysa2kphk295kirf6k9qm2k2v5"; - name = "plasma-desktop-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-desktop-5.27.3.tar.xz"; + sha256 = "1q9lyc213fyvrjv816mhm0b0dzsjqy2m2hli9a70cy5i36id3pg2"; + name = "plasma-desktop-5.27.3.tar.xz"; }; }; plasma-disks = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-disks-5.27.2.tar.xz"; - sha256 = "0mapi9bclsnn6mv3gl5c87jxygm3pr3cc6ksvkpwqah46c76mmi3"; - name = "plasma-disks-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-disks-5.27.3.tar.xz"; + sha256 = "0m9wdqf1k346kbpc6c2d5z2xiqiyp598k1973g06jr1af0b2pi9f"; + name = "plasma-disks-5.27.3.tar.xz"; }; }; plasma-firewall = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-firewall-5.27.2.tar.xz"; - sha256 = "0vi64wkc9vxrfc2h1m4f8q8sqc2wl6s610ajs12r0sf8c4297fv1"; - name = "plasma-firewall-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-firewall-5.27.3.tar.xz"; + sha256 = "0qd40ihgd60znxmsr6s7vpr9af8r5dbasm4yjld4p7250pjvvn01"; + name = "plasma-firewall-5.27.3.tar.xz"; }; }; plasma-integration = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-integration-5.27.2.tar.xz"; - sha256 = "1220f4f2ykmrrxngmlc8xdjip63fidlhh42vslgy9bll6ag0qkys"; - name = "plasma-integration-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-integration-5.27.3.tar.xz"; + sha256 = "13lrg0r4zq71wvfah8brm53v9cbsn7zpknafi948nq3smbd1h196"; + name = "plasma-integration-5.27.3.tar.xz"; }; }; plasma-mobile = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-mobile-5.27.2.tar.xz"; - sha256 = "0v0cli1fyhzv80vhav4nablss0p9mzflll48f6lvx2sdqpiypcgq"; - name = "plasma-mobile-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-mobile-5.27.3.tar.xz"; + sha256 = "0rf09rqc2avcma61r6ngc6bc1lmrivrvi7rkv73mrw8klnh3vf9f"; + name = "plasma-mobile-5.27.3.tar.xz"; }; }; plasma-nano = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-nano-5.27.2.tar.xz"; - sha256 = "1lk7pg2j6fkvys849qfvd0crxkalrvmvqxl6ifw12d7kvdmz91nx"; - name = "plasma-nano-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-nano-5.27.3.tar.xz"; + sha256 = "11ivbr03dv75ryp0lcmj9iyw7y2x7pplybglpavmfz2ryq2vsy93"; + name = "plasma-nano-5.27.3.tar.xz"; }; }; plasma-nm = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-nm-5.27.2.tar.xz"; - sha256 = "15lh7nxryvv66hbf43bwarfw38jzr6405waf1z8dsvn5wckp093v"; - name = "plasma-nm-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-nm-5.27.3.tar.xz"; + sha256 = "02646jl8qq28b11hgxg73xycb2biy6girxkgpxnpdb1gxmfmfnvn"; + name = "plasma-nm-5.27.3.tar.xz"; }; }; plasma-pa = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-pa-5.27.2.tar.xz"; - sha256 = "0imwyv0w6xkbcyafhqsg4h3w56sclfaxnjfjkjbzn1hgmizx7n7k"; - name = "plasma-pa-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-pa-5.27.3.tar.xz"; + sha256 = "177hwsr75xif0r36hib1gh6bjyljnilb4s9zyzvr5z1lwiz10y91"; + name = "plasma-pa-5.27.3.tar.xz"; }; }; plasma-remotecontrollers = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-remotecontrollers-5.27.2.tar.xz"; - sha256 = "1ash4z6fi0kzdysnnlbh7vxpdwbfi0xyyyg845pmvhwhv6i82c7y"; - name = "plasma-remotecontrollers-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-remotecontrollers-5.27.3.tar.xz"; + sha256 = "04am5shh882k86yic1ca42j60l2rnqn9487i30k0332kzd0wir1w"; + name = "plasma-remotecontrollers-5.27.3.tar.xz"; }; }; plasma-sdk = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-sdk-5.27.2.tar.xz"; - sha256 = "1p68hfa884jym5mb22lrssxg5xwdnwsichdvmmqfy50szsv2n7mf"; - name = "plasma-sdk-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-sdk-5.27.3.tar.xz"; + sha256 = "0rsz846x3rldz950zm31aj8192b0h5d33fvizmgxnxjibxxf2q24"; + name = "plasma-sdk-5.27.3.tar.xz"; }; }; plasma-systemmonitor = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-systemmonitor-5.27.2.tar.xz"; - sha256 = "1kl9xjfkwy36nzva1hkq5pabczl174w29lxkzhim3q8laap6dql6"; - name = "plasma-systemmonitor-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-systemmonitor-5.27.3.tar.xz"; + sha256 = "122rw8nfzhk0808d1bk54ld41b45616fg3hca9jg4ib6k7nka367"; + name = "plasma-systemmonitor-5.27.3.tar.xz"; }; }; plasma-tests = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-tests-5.27.2.tar.xz"; - sha256 = "0q5qb4c1lbd7jpww382h86h74llvpm1zdnjb8a66x1nfnnws7db3"; - name = "plasma-tests-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-tests-5.27.3.tar.xz"; + sha256 = "1ijh1lfr81bwdw8nla55n6snxkmmz95qf3j8wbf61v64r9n3w2zp"; + name = "plasma-tests-5.27.3.tar.xz"; }; }; plasma-thunderbolt = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-thunderbolt-5.27.2.tar.xz"; - sha256 = "0aml4xx3bdnyx367lz3crnd21f08w239ps77wy41a0pdp47i5nfd"; - name = "plasma-thunderbolt-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-thunderbolt-5.27.3.tar.xz"; + sha256 = "17hs1mrr7lkd9nkxs9269bs3hs4c8qxg3ksirksrgnbz4zas1m55"; + name = "plasma-thunderbolt-5.27.3.tar.xz"; }; }; plasma-vault = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-vault-5.27.2.tar.xz"; - sha256 = "0hqxjmm236bivvlhivrzcypsa0kki4pc44l46jzvm5a0dsljv827"; - name = "plasma-vault-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-vault-5.27.3.tar.xz"; + sha256 = "0ilpkdd0nfg9z2klyf5s02npmqr1ypb0wgm584zi27q048hnicls"; + name = "plasma-vault-5.27.3.tar.xz"; }; }; plasma-welcome = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-welcome-5.27.2.tar.xz"; - sha256 = "06g8hnqnja2g17cx3vwx21zlrywmhiqb6zk0d72c02avr67px3gn"; - name = "plasma-welcome-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-welcome-5.27.3.tar.xz"; + sha256 = "1m6mpzbcyy7cimhcsbbmk1v86pibcrp86b22dh7pwgrg309ihsm4"; + name = "plasma-welcome-5.27.3.tar.xz"; }; }; plasma-workspace = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-workspace-5.27.2.tar.xz"; - sha256 = "19hlbp2ihblw5ynk44lasfgr4nk5z2mqm3gza5zvf08zpzwc437i"; - name = "plasma-workspace-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-workspace-5.27.3.tar.xz"; + sha256 = "0g710y1l2hpxnjg6r1k60dkvn6gf98fg5yhx72wa2y1in3nkglzl"; + name = "plasma-workspace-5.27.3.tar.xz"; }; }; plasma-workspace-wallpapers = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plasma-workspace-wallpapers-5.27.2.tar.xz"; - sha256 = "1x4mxs6b90z0rz3lacxr20ii8ihjq3z36vi2y9rllhcdzvpcbzy6"; - name = "plasma-workspace-wallpapers-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plasma-workspace-wallpapers-5.27.3.tar.xz"; + sha256 = "1ppsi5ic6yp9wnqwmz37jsmjs3l5jxafjarxa0xasalg69k10k4c"; + name = "plasma-workspace-wallpapers-5.27.3.tar.xz"; }; }; plymouth-kcm = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/plymouth-kcm-5.27.2.tar.xz"; - sha256 = "1nkxz8jmqwm8js16j9pcbbhjns7vhs98k70lsj0mc7mgh3y5bdf6"; - name = "plymouth-kcm-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/plymouth-kcm-5.27.3.tar.xz"; + sha256 = "09p6ii29lq08h8999zb1ddbaa4l7piykcr5xmhwir75pi7gnnacg"; + name = "plymouth-kcm-5.27.3.tar.xz"; }; }; polkit-kde-agent = { - version = "1-5.27.2"; + version = "1-5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/polkit-kde-agent-1-5.27.2.tar.xz"; - sha256 = "0pz7dnrh10lzxlxnfsg06k012wb3qlqgvn0wwv7xb76yis75jmi4"; - name = "polkit-kde-agent-1-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/polkit-kde-agent-1-5.27.3.tar.xz"; + sha256 = "1axgqg07xm12qrrww8jvbh8yvhi7pf2x4ssq65qja0zz9kxiahcx"; + name = "polkit-kde-agent-1-5.27.3.tar.xz"; }; }; powerdevil = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/powerdevil-5.27.2.tar.xz"; - sha256 = "1awrfwki1ldmvwamdss4vkb5mlclw58zijpg6ip732ripiawhx1x"; - name = "powerdevil-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/powerdevil-5.27.3.tar.xz"; + sha256 = "16bcnm56g5amwygzkdz0sy396dfn47n6wiynnvr7nfhpzbfx81y8"; + name = "powerdevil-5.27.3.tar.xz"; }; }; qqc2-breeze-style = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/qqc2-breeze-style-5.27.2.tar.xz"; - sha256 = "0j2dy64sr0giagyi3yw9c40lnjmn1wsdi5vmj6cakvglhklnwl5w"; - name = "qqc2-breeze-style-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/qqc2-breeze-style-5.27.3.tar.xz"; + sha256 = "13hd2f08cb6gjdyns1qfszq7sn1ckr78l3lhl6g6yiab3jn1v6b4"; + name = "qqc2-breeze-style-5.27.3.tar.xz"; }; }; sddm-kcm = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/sddm-kcm-5.27.2.tar.xz"; - sha256 = "1lnciz566iz7alpz51j27cvdpkxnv88v5nnfjlql80d8a74gq3vs"; - name = "sddm-kcm-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/sddm-kcm-5.27.3.tar.xz"; + sha256 = "0hicpzsyym1r3amd6crz964gk19rhg5z9g87fr6i77r77iavb1ds"; + name = "sddm-kcm-5.27.3.tar.xz"; }; }; systemsettings = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/systemsettings-5.27.2.tar.xz"; - sha256 = "1qdj18plsi4l3z4hlm4c41gz3xmv9rkishs9a45kib2avd0sxvnd"; - name = "systemsettings-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/systemsettings-5.27.3.tar.xz"; + sha256 = "0gjh9hny0h2x5cqqsn5scm1k9hjfl3vgpmsjqqc66hb1ac8a9g04"; + name = "systemsettings-5.27.3.tar.xz"; }; }; xdg-desktop-portal-kde = { - version = "5.27.2"; + version = "5.27.3"; src = fetchurl { - url = "${mirror}/stable/plasma/5.27.2/xdg-desktop-portal-kde-5.27.2.tar.xz"; - sha256 = "05rjm8h375bmmsslpm6nl1m7zsd8f7n3vm15nq4771hnlv8dml4p"; - name = "xdg-desktop-portal-kde-5.27.2.tar.xz"; + url = "${mirror}/stable/plasma/5.27.3/xdg-desktop-portal-kde-5.27.3.tar.xz"; + sha256 = "0d47kx9y4bfylmn3q4s11vg6fzz1yjlcbxmpgpd9al8nils2ifnd"; + name = "xdg-desktop-portal-kde-5.27.3.tar.xz"; }; }; } diff --git a/pkgs/development/interpreters/bats/default.nix b/pkgs/development/interpreters/bats/default.nix index 00aada39652d..97a209f20841 100644 --- a/pkgs/development/interpreters/bats/default.nix +++ b/pkgs/development/interpreters/bats/default.nix @@ -22,13 +22,13 @@ resholve.mkDerivation rec { pname = "bats"; - version = "1.8.2"; + version = "1.9.0"; src = fetchFromGitHub { owner = "bats-core"; repo = "bats-core"; rev = "v${version}"; - sha256 = "sha256-Kitlx26cK2RiAC+PdRIdDLF5crorg6UB6uSzbKCrDHE="; + sha256 = "sha256-nKBNbqJYRd/3tO85E6KrOh32yOaNKpLXxz5gQ5Uvmcc="; }; patchPhase = '' @@ -91,6 +91,8 @@ resholve.mkDerivation rec { "$pre_command" = true; "$BATS_TEST_NAME" = true; "${placeholder "out"}/libexec/bats-core/bats-exec-test" = true; + "$BATS_LINE_REFERENCE_FORMAT" = "comma_line"; + "$BATS_LOCKING_IMPLEMENTATION" = "${flock}/bin/flock"; }; execer = [ /* @@ -136,8 +138,15 @@ resholve.mkDerivation rec { setup() { bats_load_library bats-support bats_load_library bats-assert + bats_load_library bats-file bats_require_minimum_version 1.5.0 + + TEST_TEMP_DIR="$(temp_make --prefix 'nixpkgs-bats-test')" + } + + teardown() { + temp_del "$TEST_TEMP_DIR" } @test echo_hi { @@ -150,10 +159,17 @@ resholve.mkDerivation rec { assert_line --index 0 "cp: missing file operand" assert_line --index 1 "Try 'cp --help' for more information." } + + @test file_exists { + echo "hi" > "$TEST_TEMP_DIR/hello.txt" + assert_file_exist "$TEST_TEMP_DIR/hello.txt" + run cat "$TEST_TEMP_DIR/hello.txt" + assert_output "hi" + } ''; passAsFile = [ "testScript" ]; } '' - ${bats.withLibraries (p: [ p.bats-support p.bats-assert ])}/bin/bats "$testScriptPath" + ${bats.withLibraries (p: [ p.bats-support p.bats-assert p.bats-file ])}/bin/bats "$testScriptPath" touch "$out" ''; diff --git a/pkgs/development/interpreters/bats/libraries.nix b/pkgs/development/interpreters/bats/libraries.nix index ef0b40c31b7c..9e60a4dc992c 100644 --- a/pkgs/development/interpreters/bats/libraries.nix +++ b/pkgs/development/interpreters/bats/libraries.nix @@ -1,12 +1,12 @@ { lib, stdenv, fetchFromGitHub }: { - bats-assert = stdenv.mkDerivation { + bats-assert = stdenv.mkDerivation rec { pname = "bats-assert"; - version = "2.0.0"; + version = "2.1.0"; src = fetchFromGitHub { owner = "bats-core"; repo = "bats-assert"; - rev = "v2.0.0"; - sha256 = "sha256-whSbAj8Xmnqclf78dYcjf1oq099ePtn4XX9TUJ9AlyQ="; + rev = "v${version}"; + sha256 = "sha256-opgyrkqTwtnn/lUjMebbLfS/3sbI2axSusWd5i/5wm4="; }; dontBuild = true; installPhase = '' @@ -23,13 +23,13 @@ }; }; - bats-file = stdenv.mkDerivation { + bats-file = stdenv.mkDerivation rec { pname = "bats-file"; version = "0.3.0"; src = fetchFromGitHub { owner = "bats-core"; repo = "bats-file"; - rev = "v0.3.0"; + rev = "v${version}"; sha256 = "sha256-3xevy0QpwNZrEe+2IJq58tKyxQzYx8cz6dD2nz7fYUM="; }; dontBuild = true; @@ -47,13 +47,13 @@ }; }; - bats-support = stdenv.mkDerivation { + bats-support = stdenv.mkDerivation rec { pname = "bats-support"; version = "0.3.0"; src = fetchFromGitHub { owner = "bats-core"; repo = "bats-support"; - rev = "v0.3.0"; + rev = "v${version}"; sha256 = "sha256-4N7XJS5XOKxMCXNC7ef9halhRpg79kUqDuRnKcrxoeo="; }; dontBuild = true; diff --git a/pkgs/development/python-modules/argcomplete/default.nix b/pkgs/development/python-modules/argcomplete/default.nix index 12fd0fbd5a3e..9725d8b92bd8 100644 --- a/pkgs/development/python-modules/argcomplete/default.nix +++ b/pkgs/development/python-modules/argcomplete/default.nix @@ -1,16 +1,20 @@ -{ buildPythonPackage +{ lib +, buildPythonPackage , fetchPypi -, lib , pexpect +, pythonOlder }: buildPythonPackage rec { pname = "argcomplete"; version = "2.1.1"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - sha256 = "sha256-cuCDQIUtMlREWcDBmq0bSKosOpbejG5XQkVrT1OMpS8="; + hash = "sha256-cuCDQIUtMlREWcDBmq0bSKosOpbejG5XQkVrT1OMpS8="; }; postPatch = '' @@ -19,19 +23,22 @@ buildPythonPackage rec { --replace " + lint_require" "" ''; - # tries to build and install test packages which fails - doCheck = false; - propagatedBuildInputs = [ pexpect ]; - pythonImportsCheck = [ "argcomplete" ]; + # tries to build and install test packages which fails + doCheck = false; + + pythonImportsCheck = [ + "argcomplete" + ]; meta = with lib; { description = "Bash tab completion for argparse"; homepage = "https://kislyuk.github.io/argcomplete/"; - maintainers = [ maintainers.womfoo ]; - license = [ licenses.asl20 ]; + changelog = "https://github.com/kislyuk/argcomplete/blob/v${version}/Changes.rst"; + license = licenses.asl20; + maintainers = with maintainers; [ womfoo ]; }; } diff --git a/pkgs/development/python-modules/databricks-sql-connector/default.nix b/pkgs/development/python-modules/databricks-sql-connector/default.nix index cf112788e63e..278d7c15faa1 100644 --- a/pkgs/development/python-modules/databricks-sql-connector/default.nix +++ b/pkgs/development/python-modules/databricks-sql-connector/default.nix @@ -1,15 +1,18 @@ { lib , buildPythonPackage , fetchFromGitHub +, alembic , lz4 , numpy , oauthlib +, openpyxl , pandas , poetry-core , pyarrow , pytestCheckHook , pythonOlder , pythonRelaxDepsHook +, sqlalchemy , thrift }: @@ -38,11 +41,14 @@ buildPythonPackage rec { ]; propagatedBuildInputs = [ + alembic lz4 numpy oauthlib + openpyxl pandas pyarrow + sqlalchemy thrift ]; diff --git a/pkgs/development/python-modules/easyenergy/default.nix b/pkgs/development/python-modules/easyenergy/default.nix index bb2191d706b4..99a6a72d499b 100644 --- a/pkgs/development/python-modules/easyenergy/default.nix +++ b/pkgs/development/python-modules/easyenergy/default.nix @@ -13,7 +13,7 @@ buildPythonPackage rec { pname = "easyenergy"; - version = "0.2.0"; + version = "0.2.1"; format = "pyproject"; disabled = pythonOlder "3.9"; @@ -22,7 +22,7 @@ buildPythonPackage rec { owner = "klaasnicolaas"; repo = "python-easyenergy"; rev = "refs/tags/v${version}"; - hash = "sha256-EhpZKwoayT53lhyuM/DlyLQ/1OSGuiAaiBdjM0UTZ8E="; + hash = "sha256-FjqkePMD55LWLwL6ZWzKwCI0tcYACPdRuci5fy6n02s="; }; postPatch = '' diff --git a/pkgs/development/python-modules/rflink/default.nix b/pkgs/development/python-modules/rflink/default.nix index a22f435717d7..fc829a40e5c8 100644 --- a/pkgs/development/python-modules/rflink/default.nix +++ b/pkgs/development/python-modules/rflink/default.nix @@ -1,37 +1,29 @@ { lib , buildPythonPackage , fetchFromGitHub -, fetchpatch , async-timeout , docopt , pyserial , pyserial-asyncio , setuptools , pytestCheckHook -, pythonAtLeast +, pythonOlder }: buildPythonPackage rec { pname = "rflink"; - version = "0.0.63"; + version = "0.0.65"; format = "setuptools"; + disabled = pythonOlder "3.7"; + src = fetchFromGitHub { owner = "aequitas"; repo = "python-rflink"; rev = "refs/tags/${version}"; - hash = "sha256-BNKcXtsBB90KQe4HXmfJ7H3yepk1dEkozSEy5v8KSAA="; + hash = "sha256-DUnhuA84nkmYkREa7vUiyLg7JUdEEeLewg3vFFlcar8="; }; - patches = [ - # https://github.com/aequitas/python-rflink/pull/70 - (fetchpatch { - name = "python311-compat.patch"; - url = "https://github.com/aequitas/python-rflink/commit/ba807ddd2fde823b8d50bc50bb500a691d9e331f.patch"; - hash = "sha256-4Wh7b7j8qsvzYKdFwaY+B5Jd8EkyjAe1awlY0BDu2YA="; - }) - ]; - propagatedBuildInputs = [ async-timeout docopt @@ -44,11 +36,6 @@ buildPythonPackage rec { pytestCheckHook ]; - disabledTestPaths = lib.optionals (pythonAtLeast "3.10") [ - # https://github.com/aequitas/python-rflink/issues/65 - "tests/test_proxy.py" - ]; - postPatch = '' substituteInPlace setup.py \ --replace "version=version_from_git()" "version='${version}'" @@ -61,6 +48,7 @@ buildPythonPackage rec { meta = with lib; { description = "Library and CLI tools for interacting with RFlink 433MHz transceiver"; homepage = "https://github.com/aequitas/python-rflink"; + changelog = "https://github.com/aequitas/python-rflink/releases/tag/${version}"; license = licenses.mit; maintainers = with maintainers; [ dotlambda ]; }; diff --git a/pkgs/development/python-modules/ulid-transform/default.nix b/pkgs/development/python-modules/ulid-transform/default.nix index d53281f5f062..171b1dc499a9 100644 --- a/pkgs/development/python-modules/ulid-transform/default.nix +++ b/pkgs/development/python-modules/ulid-transform/default.nix @@ -10,7 +10,7 @@ buildPythonPackage rec { pname = "ulid-transform"; - version = "0.4.0"; + version = "0.4.2"; format = "pyproject"; disabled = pythonOlder "3.9"; @@ -19,7 +19,7 @@ buildPythonPackage rec { owner = "bdraco"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-JuTIE8FAVZkfn+byJ1z9/ep9Oih1uXpz/QTB2OfM0WU="; + hash = "sha256-eRLmA/8fKfG0qEl0QbX6FziEviU34uU7SP0iyZmbku8="; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index db966722f70e..156bb150c5f7 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -71,6 +71,22 @@ rec { sha256_64bit = "sha256-Xagqf4x254Hn1/C+e3mNtNNE8mvU+s+avPPHHHH+dkA="; settingsSha256 = "sha256-ryUSiI8PsY3knkJLg0k1EmyYW5OWkhuZma/hmXNuojw="; persistencedSha256 = "sha256-/2h90Gq9NQd9Q+9eLVE6vrxXmINXxlLcSNOHxKToOEE="; + + prePatch = "pushd kernel"; + postPatch = "popd"; + + patches = [ + # source: https://gist.github.com/joanbm/963906fc6772d8955faf1b9cc46c6b04 + (fetchpatch { + url = "https://gist.github.com/joanbm/963906fc6772d8955faf1b9cc46c6b04/raw/0f99aa10d47b524aa0e6e3845664deac3a1ad9d9/nvidia-470xx-fix-linux-6.2.patch"; + hash = "sha256-5n5/4ivK8od8EJNJf0PI9ZZ4U5RjOw+h4HakA+lmW1c="; + }) + # source: https://gist.github.com/joanbm/d10e9cbbbb8e245b6e7e27b2db338faf + (fetchpatch { + url = "https://gist.github.com/joanbm/d10e9cbbbb8e245b6e7e27b2db338faf/raw/f5d5238bdbaa16cd4008658a0f82b9dd84f1b38f/nvidia-470xx-fix-linux-6.3.patch"; + hash = "sha256-mR+vXDHgVhWC0JeLgGlbNVCH8XTs7XnhEJS6BV75tI8="; + }) + ]; }; # Last one supporting x86 diff --git a/pkgs/os-specific/linux/nvidia-x11/generic.nix b/pkgs/os-specific/linux/nvidia-x11/generic.nix index ea9dbcabd0e9..e56318deca96 100644 --- a/pkgs/os-specific/linux/nvidia-x11/generic.nix +++ b/pkgs/os-specific/linux/nvidia-x11/generic.nix @@ -13,6 +13,7 @@ , settings32Bit ? false , prePatch ? "" +, postPatch ? null , patches ? [] , broken ? false , brokenOpen ? broken @@ -68,7 +69,7 @@ let else throw "nvidia-x11 does not support platform ${stdenv.hostPlatform.system}"; patches = if libsOnly then null else patches; - inherit prePatch; + inherit prePatch postPatch; inherit version useGLVND useProfiles; inherit (stdenv.hostPlatform) system; inherit i686bundled; diff --git a/pkgs/servers/matrix-synapse/matrix-appservice-slack/default.nix b/pkgs/servers/matrix-synapse/matrix-appservice-slack/default.nix index 19ddce8cc855..21e49c9b1e04 100644 --- a/pkgs/servers/matrix-synapse/matrix-appservice-slack/default.nix +++ b/pkgs/servers/matrix-synapse/matrix-appservice-slack/default.nix @@ -47,7 +47,7 @@ mkYarnPackage rec { meta = with lib; { description = "A Matrix <--> Slack bridge"; - maintainers = with maintainers; [ beardhatcode ]; + maintainers = with maintainers; [ beardhatcode chvp ]; license = licenses.asl20; }; } diff --git a/pkgs/servers/matrix-synapse/matrix-appservice-slack/package.json b/pkgs/servers/matrix-synapse/matrix-appservice-slack/package.json index dd5c93989c8d..aa3225725df3 100644 --- a/pkgs/servers/matrix-synapse/matrix-appservice-slack/package.json +++ b/pkgs/servers/matrix-synapse/matrix-appservice-slack/package.json @@ -1,6 +1,6 @@ { "name": "matrix-appservice-slack", - "version": "2.1.0", + "version": "2.1.1", "description": "A Matrix <--> Slack bridge", "engines": { "node": ">=16 <=18" @@ -42,7 +42,7 @@ "axios": "^0.27.2", "classnames": "^2.3.2", "escape-string-regexp": "^4.0.0", - "matrix-appservice-bridge": "^8.1.0", + "matrix-appservice-bridge": "^8.1.1", "matrix-widget-api": "^1.1.1", "minimist": "^1.2.6", "nedb": "^1.8.0", diff --git a/pkgs/servers/matrix-synapse/matrix-appservice-slack/pin.json b/pkgs/servers/matrix-synapse/matrix-appservice-slack/pin.json index 06d4e4b14266..7a9f4b44e263 100644 --- a/pkgs/servers/matrix-synapse/matrix-appservice-slack/pin.json +++ b/pkgs/servers/matrix-synapse/matrix-appservice-slack/pin.json @@ -1,5 +1,5 @@ { - "version": "2.1.0", - "srcHash": "qAmbW/aDeBWTi1czQtrsb6d5TEYw9gYJ4lpJbaX9nb0=", - "yarnHash": "1r5fqw7y8fzgjnl5xlr8djfmmkm8kqw5p3w12ffll6irwz90wajx" + "version": "2.1.1", + "srcHash": "+NO/V3EyqdxavnSTBU7weJnueL6+aCH3UWkqclpsId0=", + "yarnHash": "1pqv7g3xbfs4zhmyxy5p216kq2jwjfjzxw2dv2a7hl0qwk6igyki" } diff --git a/pkgs/tools/networking/amass/default.nix b/pkgs/tools/networking/amass/default.nix index a9da1417c9fa..4666cdf97bd9 100644 --- a/pkgs/tools/networking/amass/default.nix +++ b/pkgs/tools/networking/amass/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "amass"; - version = "3.22.0"; + version = "3.22.1"; src = fetchFromGitHub { owner = "OWASP"; repo = "Amass"; rev = "v${version}"; - hash = "sha256-ph5SYN91/ibZdAAA/SZt7lecZCC93uotjfzkI4erzgU="; + hash = "sha256-hkYN28M2t8SXmIrSEQEWM5ndCx1xgpHThNg0UFzQqLU="; }; vendorHash = "sha256-fZd++VsLcs3MzcM23zE3AVaDPXf+cuLdJp8hsCeEZ1Y="; diff --git a/pkgs/tools/package-management/nix-eval-jobs/default.nix b/pkgs/tools/package-management/nix-eval-jobs/default.nix index 3d42d4907e79..0ec3f8603d37 100644 --- a/pkgs/tools/package-management/nix-eval-jobs/default.nix +++ b/pkgs/tools/package-management/nix-eval-jobs/default.nix @@ -11,12 +11,12 @@ }: stdenv.mkDerivation rec { pname = "nix-eval-jobs"; - version = "2.13.0"; + version = "2.14.0"; src = fetchFromGitHub { owner = "nix-community"; repo = pname; rev = "v${version}"; - hash = "sha256-O0Ro9vwf2kDhGFs32puQIeW/rSSduC9sD5zV8e/GtvA="; + hash = "sha256-fpksS7lbaYwjf7NuPFE44wvyGcT5d+ERBCJmZoKXaWA="; }; buildInputs = [ boost diff --git a/pkgs/tools/security/slsa-verifier/default.nix b/pkgs/tools/security/slsa-verifier/default.nix new file mode 100644 index 000000000000..188052452db2 --- /dev/null +++ b/pkgs/tools/security/slsa-verifier/default.nix @@ -0,0 +1,43 @@ +{ lib +, fetchFromGitHub +, buildGoModule +}: + +buildGoModule rec { + pname = "slsa-verifier"; + version = "2.0.1"; + + src = fetchFromGitHub { + owner = "slsa-framework"; + repo = "slsa-verifier"; + rev = "v${version}"; + hash = "sha256-Gef8TQSd6bTWIzFOQ9xjqB49We7IKBu9p/Lb426nNbc="; + }; + + vendorHash = "sha256-1syIEjvqYHCiOLf8Fc2vghFKfN6ADM05By11jGNZODs="; + + CGO_ENABLED = 0; + GO111MODULE = "on"; + GOFLAGS = "-trimpath"; + + subPackages = [ "cli/slsa-verifier" ]; + + tags = [ "netgo" ]; + + ldflags = [ + "-s" + "-w" + "-buildid=" + "-X sigs.k8s.io/release-utils/version.gitVersion=${version}" + ]; + + doCheck = false; + + meta = { + homepage = "https://github.com/slsa-framework/slsa-verifier"; + changelog = "https://github.com/slsa-framework/slsa-verifier/releases/tag/v${version}"; + description = "Verify provenance from SLSA compliant builders"; + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ developer-guy mlieberman85 ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index afaafff73280..4aa82d43ea54 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6764,6 +6764,8 @@ with pkgs; driftctl = callPackage ../applications/networking/cluster/driftctl { }; + eks-node-viewer = callPackage ../applications/networking/cluster/eks-node-viewer { }; + drill = callPackage ../tools/networking/drill { inherit (darwin.apple_sdk.frameworks) Security; }; @@ -12153,6 +12155,8 @@ with pkgs; slowlorust = callPackage ../tools/networking/slowlorust { }; + slsa-verifier = callPackage ../tools/security/slsa-verifier { }; + slsnif = callPackage ../tools/misc/slsnif { }; slstatus = callPackage ../applications/misc/slstatus { @@ -26828,6 +26832,8 @@ with pkgs; qemu_xen-light = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xen-light; }); qemu_xen_4_10 = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xen_4_10-slim; }); qemu_xen_4_10-light = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xen_4_10-light; }); + qemu_xen_4_15 = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xen_4_15-slim; }); + qemu_xen_4_15-light = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xen_4_15-light; }); qemu_test = lowPrio (qemu.override { hostCpuOnly = true; nixosTestRunner = true; }); @@ -34535,6 +34541,10 @@ with pkgs; xen_4_10-slim = xenPackages.xen_4_10-slim; xen_4_10-light = xenPackages.xen_4_10-light; + xen_4_15 = xenPackages.xen_4_15-vanilla; + xen_4_15-slim = xenPackages.xen_4_15-slim; + xen_4_15-light = xenPackages.xen_4_15-light; + xkbset = callPackage ../tools/X11/xkbset { }; xkbmon = callPackage ../applications/misc/xkbmon { }; @@ -38311,7 +38321,9 @@ with pkgs; dnadd = callPackage ../tools/nix/dnadd { }; - nix-eval-jobs = callPackage ../tools/package-management/nix-eval-jobs { }; + nix-eval-jobs = callPackage ../tools/package-management/nix-eval-jobs { + nix = nixVersions.nix_2_14; + }; nix-doc = callPackage ../tools/package-management/nix-doc { }; |