diff options
46 files changed, 449 insertions, 144 deletions
diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index c39141b998cb..b3f297a6920e 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -14615,6 +14615,12 @@ githubId = 5737016; name = "Philipp Schuster"; }; + phlip9 = { + email = "philiphayes9@gmail.com"; + github = "phlip9"; + githubId = 918989; + name = "Philip Hayes"; + }; Phlogistique = { email = "noe.rubinstein@gmail.com"; github = "Phlogistique"; diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index 6197debfd56a..b6314776f2ec 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -57,6 +57,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - [ping_exporter](https://github.com/czerwonk/ping_exporter), a Prometheus exporter for ICMP echo requests. Available as [services.prometheus.exporters.ping](#opt-services.prometheus.exporters.ping.enable). +- [TigerBeetle](https://tigerbeetle.com/), a distributed financial accounting database designed for mission critical safety and performance. Available as [services.tigerbeetle](#opt-services.tigerbeetle.enable). + - [Clevis](https://github.com/latchset/clevis), a pluggable framework for automated decryption, used to unlock encrypted devices in initrd. Available as [boot.initrd.clevis.enable](#opt-boot.initrd.clevis.enable). - [TuxClocker](https://github.com/Lurkki14/tuxclocker), a hardware control and monitoring program. Available as [programs.tuxclocker](#opt-programs.tuxclocker.enable). diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index ff76aa16c1b5..041169f0b052 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -446,6 +446,7 @@ ./services/databases/postgresql.nix ./services/databases/redis.nix ./services/databases/surrealdb.nix + ./services/databases/tigerbeetle.nix ./services/databases/victoriametrics.nix ./services/desktops/accountsservice.nix ./services/desktops/ayatana-indicators.nix diff --git a/nixos/modules/services/databases/tigerbeetle.md b/nixos/modules/services/databases/tigerbeetle.md new file mode 100644 index 000000000000..47394d443059 --- /dev/null +++ b/nixos/modules/services/databases/tigerbeetle.md @@ -0,0 +1,33 @@ +# TigerBeetle {#module-services-tigerbeetle} + +*Source:* {file}`modules/services/databases/tigerbeetle.nix` + +*Upstream documentation:* <https://docs.tigerbeetle.com/> + +TigerBeetle is a distributed financial accounting database designed for mission critical safety and performance. + +To enable TigerBeetle, add the following to your {file}`configuration.nix`: +``` + services.tigerbeetle.enable = true; +``` + +When first started, the TigerBeetle service will create its data file at {file}`/var/lib/tigerbeetle` unless the file already exists, in which case it will just use the existing file. +If you make changes to the configuration of TigerBeetle after its data file was already created (for example increasing the replica count), you may need to remove the existing file to avoid conflicts. + +## Configuring {#module-services-tigerbeetle-configuring} + +By default, TigerBeetle will only listen on a local interface. +To configure it to listen on a different interface (and to configure it to connect to other replicas, if you're creating more than one), you'll have to set the `addresses` option. +Note that the TigerBeetle module won't open any firewall ports automatically, so if you configure it to listen on an external interface, you'll need to ensure that connections can reach it: + +``` + services.tigerbeetle = { + enable = true; + addresses = [ "0.0.0.0:3001" ]; + }; + + networking.firewall.allowedTCPPorts = [ 3001 ]; +``` + +A complete list of options for TigerBeetle can be found [here](#opt-services.tigerbeetle.enable). + diff --git a/nixos/modules/services/databases/tigerbeetle.nix b/nixos/modules/services/databases/tigerbeetle.nix new file mode 100644 index 000000000000..b90a0703175f --- /dev/null +++ b/nixos/modules/services/databases/tigerbeetle.nix @@ -0,0 +1,115 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.services.tigerbeetle; +in +{ + meta = { + maintainers = with lib.maintainers; [ danielsidhion ]; + doc = ./tigerbeetle.md; + buildDocsInSandbox = true; + }; + + options = { + services.tigerbeetle = with lib; { + enable = mkEnableOption (mdDoc "TigerBeetle server"); + + package = mkPackageOption pkgs "tigerbeetle" { }; + + clusterId = mkOption { + type = types.either types.ints.unsigned (types.strMatching "[0-9]+"); + default = 0; + description = lib.mdDoc '' + The 128-bit cluster ID used to create the replica data file (if needed). + Since Nix only supports integers up to 64 bits, you need to pass a string to this if the cluster ID can't fit in 64 bits. + Otherwise, you can pass the cluster ID as either an integer or a string. + ''; + }; + + replicaIndex = mkOption { + type = types.ints.unsigned; + default = 0; + description = lib.mdDoc '' + The index (starting at 0) of the replica in the cluster. + ''; + }; + + replicaCount = mkOption { + type = types.ints.unsigned; + default = 1; + description = lib.mdDoc '' + The number of replicas participating in replication of the cluster. + ''; + }; + + cacheGridSize = mkOption { + type = types.strMatching "[0-9]+(K|M|G)B"; + default = "1GB"; + description = lib.mdDoc '' + The grid cache size. + The grid cache acts like a page cache for TigerBeetle. + It is recommended to set this as large as possible. + ''; + }; + + addresses = mkOption { + type = types.listOf types.nonEmptyStr; + default = [ "3001" ]; + description = lib.mdDoc '' + The addresses of all replicas in the cluster. + This should be a list of IPv4/IPv6 addresses with port numbers. + Either the address or port number (but not both) may be omitted, in which case a default of 127.0.0.1 or 3001 will be used. + The first address in the list corresponds to the address for replica 0, the second address for replica 1, and so on. + ''; + }; + }; + }; + + config = lib.mkIf cfg.enable { + assertions = + let + numAddresses = builtins.length cfg.addresses; + in + [ + { + assertion = cfg.replicaIndex < cfg.replicaCount; + message = "the TigerBeetle replica index must fit the configured replica count"; + } + { + assertion = cfg.replicaCount == numAddresses; + message = if cfg.replicaCount < numAddresses then "TigerBeetle must not have more addresses than the configured number of replicas" else "TigerBeetle must be configured with the addresses of all replicas"; + } + ]; + + systemd.services.tigerbeetle = + let + replicaDataPath = "/var/lib/tigerbeetle/${builtins.toString cfg.clusterId}_${builtins.toString cfg.replicaIndex}.tigerbeetle"; + in + { + description = "TigerBeetle server"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + preStart = '' + if ! test -e "${replicaDataPath}"; then + ${lib.getExe cfg.package} format --cluster="${builtins.toString cfg.clusterId}" --replica="${builtins.toString cfg.replicaIndex}" --replica-count="${builtins.toString cfg.replicaCount}" "${replicaDataPath}" + fi + ''; + + serviceConfig = { + Type = "exec"; + + DynamicUser = true; + ProtectHome = true; + DevicePolicy = "closed"; + + StateDirectory = "tigerbeetle"; + StateDirectoryMode = 700; + + ExecStart = "${lib.getExe cfg.package} start --cache-grid=${cfg.cacheGridSize} --addresses=${lib.escapeShellArg (builtins.concatStringsSep "," cfg.addresses)} ${replicaDataPath}"; + }; + }; + + environment.systemPackages = [ cfg.package ]; + }; +} diff --git a/pkgs/applications/audio/monkeys-audio/default.nix b/pkgs/applications/audio/monkeys-audio/default.nix index f7952bc18c69..bee339aba1f7 100644 --- a/pkgs/applications/audio/monkeys-audio/default.nix +++ b/pkgs/applications/audio/monkeys-audio/default.nix @@ -5,13 +5,13 @@ }: stdenv.mkDerivation (finalAttrs: { - version = "10.40"; + version = "10.43"; pname = "monkeys-audio"; src = fetchzip { url = "https://monkeysaudio.com/files/MAC_${ builtins.concatStringsSep "" (lib.strings.splitString "." finalAttrs.version)}_SDK.zip"; - sha256 = "sha256-UHQSZM5AjODtgg0Pgi2N8tLKRI9Qg1CotPx2KoJk1wQ="; + sha256 = "sha256-Y1X0KWf87L8Qjx/G6/RV37iiN7enwXTAaqQ+45FfTT4="; stripRoot = false; }; nativeBuildInputs = [ diff --git a/pkgs/applications/audio/snapcast/default.nix b/pkgs/applications/audio/snapcast/default.nix index 2ce4bbee229f..d155afb99ba4 100644 --- a/pkgs/applications/audio/snapcast/default.nix +++ b/pkgs/applications/audio/snapcast/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, cmake, pkg-config +{ stdenv, lib, fetchFromGitHub, fetchpatch, cmake, pkg-config , alsa-lib, asio, avahi, boost179, flac, libogg, libvorbis, soxr , IOKit, AudioToolbox , aixlog, popl @@ -18,6 +18,15 @@ stdenv.mkDerivation rec { sha256 = "sha256-dlK1xQQqst4VQjioC7MZzqXwMC+JfqtvnD5lrOqGhYI="; }; + patches = [ + # Can be removed with next release after 0.27.0 + (fetchpatch { + name = "include-cstdint.patch"; + url = "https://github.com/badaix/snapcast/commit/481f08199ca31c60c9a3475f1064e6b06a503d12.patch"; + hash = "sha256-klpvmBpBAlBMtcgnNfW6X6vDbJFnOuOsPUDXcNf5tGc="; + }) + ]; + nativeBuildInputs = [ cmake pkg-config ]; # snapcast also supports building against tremor but as we have libogg, that's # not needed diff --git a/pkgs/applications/audio/sonobus/default.nix b/pkgs/applications/audio/sonobus/default.nix index f9b71a03623e..c99d3c4ca1e5 100644 --- a/pkgs/applications/audio/sonobus/default.nix +++ b/pkgs/applications/audio/sonobus/default.nix @@ -19,15 +19,15 @@ , webkitgtk }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "sonobus"; - version = "1.7.0"; + version = "1.7.2"; src = fetchFromGitHub { owner = "sonosaurus"; repo = "sonobus"; - rev = version; - sha256 = "sha256-zOPQK5X1E6t53DOjV7qSelyep4+m9aL4tRHqwyeuFQA="; + rev = finalAttrs.version; + hash = "sha256-NOdmHFKrV7lb8XbeG5GdLKYZ0c/vcz3fcqYj9JvE+/Q="; fetchSubmodules = true; }; @@ -56,6 +56,9 @@ stdenv.mkDerivation rec { libXrandr ]; + env.NIX_LDFLAGS = lib.optionalString stdenv.hostPlatform.isLinux "-rpath ${lib.makeLibraryPath (finalAttrs.runtimeDependencies)}"; + dontPatchELF = true; # needed or nix will try to optimize the binary by removing "useless" rpath + postPatch = lib.optionalString (stdenv.isLinux) '' # needs special setup on Linux, dunno if it can work on Darwin # https://github.com/NixOS/nixpkgs/issues/19098 @@ -80,4 +83,4 @@ stdenv.mkDerivation rec { platforms = platforms.unix; broken = stdenv.isDarwin; }; -} +}) diff --git a/pkgs/applications/emulators/bsnes/ares/002-fix-ruby.diff b/pkgs/applications/emulators/bsnes/ares/002-fix-ruby.diff index 86f548389259..ff9bda0d04b6 100644 --- a/pkgs/applications/emulators/bsnes/ares/002-fix-ruby.diff +++ b/pkgs/applications/emulators/bsnes/ares/002-fix-ruby.diff @@ -1,11 +1,11 @@ diff -Naur source-old/ruby/GNUmakefile source-new/ruby/GNUmakefile ---- source-old/ruby/GNUmakefile 1969-12-31 21:00:01.000000000 -0300 -+++ source-new/ruby/GNUmakefile 2022-11-13 22:43:09.700197748 -0300 -@@ -11,17 +11,9 @@ - ruby += audio.openal - ruby += input.quartz #input.carbon +--- source-old/ruby/GNUmakefile 2024-01-23 16:12:41.009951705 +0000 ++++ source-new/ruby/GNUmakefile 2024-01-23 16:13:54.619174062 +0000 +@@ -29,20 +29,9 @@ + ruby += input.sdl + endif else ifeq ($(platform),linux) -- pkg_check = $(if $(shell pkg-config $1 && echo 1),$2) +- pkg_check = $(if $(shell $(pkg_config) $1 && echo 1),$2) - ruby += video.glx video.glx2 video.xshm - ruby += $(call pkg_check,xv,video.xvideo) - ruby += audio.oss audio.alsa @@ -15,10 +15,13 @@ diff -Naur source-old/ruby/GNUmakefile source-new/ruby/GNUmakefile - ruby += $(call pkg_check,ao,audio.ao) - ruby += input.xlib - ruby += $(call pkg_check,libudev,input.udev) -- ruby += $(call pkg_check,sdl2,input.sdl) +- ifeq ($(sdl2),true) +- ruby += $(call pkg_check,sdl2,input.sdl) +- ruby += $(call pkg_check,sdl2,audio.sdl) +- endif + ruby += video.glx video.glx2 video.xshm video.xvideo + ruby += audio.oss audio.alsa audio.openal audio.pulseaudio audio.pulseaudiosimple audio.ao + ruby += input.xlib input.udev input.sdl else ifeq ($(platform),bsd) - pkg_check = $(if $(shell pkg-config $1 && echo 1),$2) + pkg_check = $(if $(shell $(pkg_config) $1 && echo 1),$2) ruby += video.glx video.glx2 video.xshm diff --git a/pkgs/applications/emulators/bsnes/ares/default.nix b/pkgs/applications/emulators/bsnes/ares/default.nix index 4f0e97d55f4a..25d2126ac34c 100644 --- a/pkgs/applications/emulators/bsnes/ares/default.nix +++ b/pkgs/applications/emulators/bsnes/ares/default.nix @@ -22,13 +22,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "ares"; - version = "133"; + version = "135"; src = fetchFromGitHub { owner = "ares-emulator"; repo = "ares"; rev = "v${finalAttrs.version}"; - hash = "sha256-KCpHiIdid5h5CU2uyMOo+p5h50h3Ki5/4mUpdTAPKQA="; + hash = "sha256-SZhsMKjNxmT2eHsXAZcyMGoMhwWGgvXpDeZGGVn58Sc="; }; patches = [ diff --git a/pkgs/applications/emulators/sameboy/default.nix b/pkgs/applications/emulators/sameboy/default.nix index 910a70de37f3..94c9b9562864 100644 --- a/pkgs/applications/emulators/sameboy/default.nix +++ b/pkgs/applications/emulators/sameboy/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "sameboy"; - version = "0.16.1"; + version = "0.16.2"; src = fetchFromGitHub { owner = "LIJI32"; repo = "SameBoy"; rev = "v${version}"; - sha256 = "sha256-0B9wN6CTx4T3P7RomOrz/bRdp/YGknPqmwWByAbGHvI="; + sha256 = "sha256-KEbwug/cwGLS/uhY1rKasLJWaKtiYYzdZvbAU2orfbI="; }; enableParallelBuilding = true; diff --git a/pkgs/applications/graphics/paraview/default.nix b/pkgs/applications/graphics/paraview/default.nix index 48b98b36d5c4..4fec6b2ad13c 100644 --- a/pkgs/applications/graphics/paraview/default.nix +++ b/pkgs/applications/graphics/paraview/default.nix @@ -6,23 +6,23 @@ }: let - version = "5.11.1"; + version = "5.11.2"; docFiles = [ (fetchurl { url = "https://www.paraview.org/paraview-downloads/download.php?submit=Download&version=v${lib.versions.majorMinor version}&type=data&os=Sources&downloadFile=ParaViewTutorial-${version}.pdf"; name = "Tutorial.pdf"; - sha256 = "1knpirjbz3rv8p8n03p39vv8vi5imvxakjsssqgly09g0cnsikkw"; + hash = "sha256-KIcd5GG+1L3rbj4qdLbc+eDa5Wy4+nqiVIxfHu5Tdpg="; }) (fetchurl { url = "https://www.paraview.org/paraview-downloads/download.php?submit=Download&version=v${lib.versions.majorMinor version}&type=data&os=Sources&downloadFile=ParaViewGettingStarted-${version}.pdf"; name = "GettingStarted.pdf"; - sha256 = "14xhlvg7s7d5amqf4qfyamx2a6b66zf4cmlfm3s7iw3jq01x1lx6"; + hash = "sha256-ptPQA8By8Hj0qI5WRtw3ZhklelXeYeJwVaUdfd6msJM="; }) (fetchurl { url = "https://www.paraview.org/paraview-downloads/download.php?submit=Download&version=v${lib.versions.majorMinor version}&type=data&os=Sources&downloadFile=ParaViewCatalystGuide-${version}.pdf"; name = "CatalystGuide.pdf"; - sha256 = "133vcfrbg2nh15igl51ns6gnfn1is20vq6j0rg37wha697pmcr4a"; + hash = "sha256-imRW70lGQX7Gy0AavIHQMVhnn9E2FPpiCdCKt7Jje4w="; }) ]; @@ -35,7 +35,7 @@ in stdenv.mkDerivation rec { owner = "paraview"; repo = "paraview"; rev = "v${version}"; - hash = "sha256-LatNHfiAqB2kqzERRnYae0WIXBb4nXQ79Be4kuh8NFQ="; + hash = "sha256-fe/4xxxlkal08vE971FudTnESFfGMYzuvSyAMS6HSxI="; fetchSubmodules = true; }; @@ -90,6 +90,8 @@ in stdenv.mkDerivation rec { ./dont-redefine-strlcat.patch ]; + env.CXXFLAGS = "-include cstdint"; + postInstall = let docDir = "$out/share/paraview-${lib.versions.majorMinor version}/doc"; in lib.optionalString withDocs '' mkdir -p ${docDir}; diff --git a/pkgs/applications/radio/urh/default.nix b/pkgs/applications/radio/urh/default.nix index 9a5d3c3cbbb1..6363670d56b7 100644 --- a/pkgs/applications/radio/urh/default.nix +++ b/pkgs/applications/radio/urh/default.nix @@ -6,13 +6,13 @@ python3Packages.buildPythonApplication rec { pname = "urh"; - version = "2.9.4"; + version = "2.9.6"; src = fetchFromGitHub { owner = "jopohl"; repo = pname; rev = "refs/tags/v${version}"; - sha256 = "sha256-Hi0VqBtGeaXMsibxbHk+2FN8mzfpmkuDr37JRW4Fp+s="; + sha256 = "sha256-4Fe2+BUdnVdNQHqZeftXLabn/vTzgyynOtqy0rAb0Rk="; }; nativeBuildInputs = [ qt5.wrapQtAppsHook ]; diff --git a/pkgs/applications/terminal-emulators/kitty/themes.nix b/pkgs/applications/terminal-emulators/kitty/themes.nix index 6ca522e4090f..1459642bc98a 100644 --- a/pkgs/applications/terminal-emulators/kitty/themes.nix +++ b/pkgs/applications/terminal-emulators/kitty/themes.nix @@ -5,13 +5,13 @@ stdenvNoCC.mkDerivation rec { pname = "kitty-themes"; - version = "unstable-2023-09-15"; + version = "unstable-2023-12-28"; src = fetchFromGitHub { owner = "kovidgoyal"; repo = "kitty-themes"; - rev = "c9c12d20f83b9536febb21e4b53e176c0ccccb51"; - hash = "sha256-dhzYTHaaTrbE5k+xEC01Y9jGb+ZmEyvWMb4a2WWKGCw="; + rev = "46d9dfe230f315a6a0c62f4687f6b3da20fd05e4"; + hash = "sha256-jlYim4YXByT6s6ce0TydZuhX0Y1ZDcAq2XKNONisSzE="; }; dontConfigure = true; diff --git a/pkgs/applications/video/shotcut/default.nix b/pkgs/applications/video/shotcut/default.nix index cb1a227dd060..d76f2cf98ee5 100644 --- a/pkgs/applications/video/shotcut/default.nix +++ b/pkgs/applications/video/shotcut/default.nix @@ -20,13 +20,13 @@ }: stdenv.mkDerivation rec { pname = "shotcut"; - version = "23.12.15"; + version = "24.01.13"; src = fetchFromGitHub { owner = "mltframework"; repo = "shotcut"; rev = "v${version}"; - hash = "sha256-wTFnf7YMFzFI+buAI2Cqy7+cfcdDS0O1vAwiIZZKWhU="; + hash = "sha256-a/PgwxD8MXItkxT4LTdEJrrExD3r9CUkxr/uhgJicD8="; }; nativeBuildInputs = [ pkg-config cmake wrapQtAppsHook ]; diff --git a/pkgs/by-name/du/dublin-traceroute/package.nix b/pkgs/by-name/du/dublin-traceroute/package.nix index fedb585fc6a2..5f559c4d97c4 100644 --- a/pkgs/by-name/du/dublin-traceroute/package.nix +++ b/pkgs/by-name/du/dublin-traceroute/package.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation { pname = "dublin-traceroute"; - version = "0.4.2-unstable-2023-04-12"; + version = "0.4.2-unstable-2024-01-09"; src = fetchFromGitHub { owner = "insomniacslk"; repo = "dublin-traceroute"; - rev = "2fb78ea05596dfdf8f7764b497eb8d3a812cb695"; - hash = "sha256-E1HYMd0wDTfAZ0TamQFazh8CPhMa2lNIbF4aEBf5qhk="; + rev = "b136db81cfbb30d5fd324dfccc97fca49a5ecee1"; + hash = "sha256-FsolpeQGaLDjDE5Yk58t2hFQJgM58zafIx6s5ejYKnY="; }; nativeBuildInputs = [ cmake pkg-config ]; diff --git a/pkgs/by-name/ri/ricochet-refresh/package.nix b/pkgs/by-name/ri/ricochet-refresh/package.nix new file mode 100644 index 000000000000..c90c6aabbd92 --- /dev/null +++ b/pkgs/by-name/ri/ricochet-refresh/package.nix @@ -0,0 +1,79 @@ +{ lib +, stdenv +, fetchFromGitHub +, qt5 +, openssl +, protobuf3_20 # https://github.com/blueprint-freespeech/ricochet-refresh/issues/178 +, pkg-config +, cmake +}: + +let + protobuf = protobuf3_20; +in +stdenv.mkDerivation (finalAttrs: { + pname = "ricochet-refresh"; + version = "3.0.18"; + + src = fetchFromGitHub { + owner = "blueprint-freespeech"; + repo = "ricochet-refresh"; + rev = "v${finalAttrs.version}-release"; + hash = "sha256-QN2cxcYWGoszPdrWv+4FoTGNjQViK/OwxbBC6uoDhfA="; + fetchSubmodules = true; + }; + + sourceRoot = "${finalAttrs.src.name}/src"; + + strictDeps = true; + + buildInputs = (with qt5; [ + qtbase + qttools + qtmultimedia + qtquickcontrols2 + qtwayland + ]) ++ [ + openssl + protobuf + ]; + + nativeBuildInputs = [ + pkg-config + cmake + qt5.wrapQtAppsHook + ]; + + enableParallelBuilding = true; + + # https://github.com/blueprint-freespeech/ricochet-refresh/blob/main/BUILDING.md + cmakeFlags = [ + (lib.cmakeFeature "CMAKE_BUILD_TYPE" "MinSizeRel") + (lib.cmakeBool "RICOCHET_REFRESH_INSTALL_DESKTOP" true) + (lib.cmakeBool "USE_SUBMODULE_FMT" true) + ]; + + meta = { + description = "Secure chat without DNS or WebPKI"; + longDescription = '' + Ricochet Refresh is a peer-to-peer messenger app that uses Tor + to connect clients. + + When you start Ricochet Refresh it creates a Tor hidden + service on your computer. The address of this hidden service + is your anonymous identity on the Tor network and how others + will be able to communicate with you. When you start a chat + with one of your contacts a Tor circuit is created between + your machine and the your contact's machine. + + The original Ricochet uses onion "v2" hashed-RSA addresses, + which are no longer supported by the Tor network. Ricochet + Refresh upgrades the original Ricochet protocol to use the + current onion "v3" ed25519 addresses. + ''; + homepage = "https://www.ricochetrefresh.net/"; + downloadPage = "https://github.com/blueprint-freespeech/ricochet-refresh/releases"; + license = lib.licenses.bsd3; + platforms = lib.platforms.unix; + }; +}) diff --git a/pkgs/by-name/to/toml-cli/package.nix b/pkgs/by-name/to/toml-cli/package.nix new file mode 100644 index 000000000000..42c9ca639337 --- /dev/null +++ b/pkgs/by-name/to/toml-cli/package.nix @@ -0,0 +1,33 @@ +{ lib, fetchCrate, rustPlatform, testers, toml-cli }: + +rustPlatform.buildRustPackage rec { + pname = "toml-cli"; + version = "0.2.3"; + + src = fetchCrate { + inherit version; + pname = "toml-cli"; + hash = "sha256-V/yMk/Zt3yvEx10nzRhY/7GYnQninGg9h63NSaQChSA="; + }; + + cargoHash = "sha256-v+GBn9mmiWcWnxmpH6JRPVz1fOSrsjWoY+l+bdzKtT4="; + + cargoTestFlags = [ + "--bin=toml" + # # The `CARGO_BIN_EXE_toml` build-time env doesn't appear to be resolving + # # correctly with buildRustPackage. Only run the unittests instead. + # "--test=integration" + ]; + + passthru.tests = { + version = testers.testVersion { package = toml-cli; }; + }; + + meta = { + description = "A simple CLI for editing and querying TOML files"; + homepage = "https://github.com/gnprice/toml-cli"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ phlip9 ]; + mainProgram = "toml"; + }; +} diff --git a/pkgs/data/documentation/man-pages/default.nix b/pkgs/data/documentation/man-pages/default.nix index 5b33714fc258..7befda407d48 100644 --- a/pkgs/data/documentation/man-pages/default.nix +++ b/pkgs/data/documentation/man-pages/default.nix @@ -2,14 +2,17 @@ stdenv.mkDerivation rec { pname = "man-pages"; - version = "5.13"; + version = "6.05.01"; src = fetchurl { url = "mirror://kernel/linux/docs/man-pages/${pname}-${version}.tar.xz"; - sha256 = "sha256-YU2uPv59/UgJhnY6KiqBeSFQMqWkUmwL5eiZol8Ja4s="; + sha256 = "sha256-uWq2tEpojJHRtXLlL+zlGeHP0rtMM/5wFPw/0e8/nK4="; }; makeFlags = [ "prefix=$(out)" ]; + + dontBuild = true; + postInstall = '' # conflict with shadow-utils rm $out/share/man/man5/passwd.5 \ @@ -21,6 +24,8 @@ stdenv.mkDerivation rec { ''; outputDocdev = "out"; + enableParallelInstalling = true; + meta = with lib; { description = "Linux development manual pages"; homepage = "https://www.kernel.org/doc/man-pages/"; diff --git a/pkgs/development/libraries/isa-l/default.nix b/pkgs/development/libraries/isa-l/default.nix index a8b0afa41d21..d81f1120742a 100644 --- a/pkgs/development/libraries/isa-l/default.nix +++ b/pkgs/development/libraries/isa-l/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "isa-l"; - version = "2.30.0"; + version = "2.31.0"; src = fetchFromGitHub { owner = "intel"; repo = "isa-l"; rev = "v${version}"; - sha256 = "sha256-AAuSdDQfDW4QFRu0jHwCZ+ZCSjoVqlQiSW1OOFye1Rs="; + sha256 = "sha256-xBBtpjtWyba0DogdLobtuWmiiAHTXMK4oRnjYuTUCNk="; }; nativeBuildInputs = [ nasm autoreconfHook ]; diff --git a/pkgs/development/libraries/ngtcp2/gnutls.nix b/pkgs/development/libraries/ngtcp2/gnutls.nix index f4760ea9e669..f8b31b703fcf 100644 --- a/pkgs/development/libraries/ngtcp2/gnutls.nix +++ b/pkgs/development/libraries/ngtcp2/gnutls.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "ngtcp2"; - version = "1.1.0"; + version = "1.2.0"; src = fetchFromGitHub { owner = "ngtcp2"; repo = "ngtcp2"; rev = "v${version}"; - hash = "sha256-z6lvtfO5XL/bZgbE+Sak+32QzjEhAdOnkpIO731h+bk="; + hash = "sha256-/lHsHkSySKyZZdjTTYCo0a6cwcMcbOWNvAEcO36/kEw="; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/libraries/pinocchio/default.nix b/pkgs/development/libraries/pinocchio/default.nix index 63ae2bcf62c9..add7ef6fde22 100644 --- a/pkgs/development/libraries/pinocchio/default.nix +++ b/pkgs/development/libraries/pinocchio/default.nix @@ -13,14 +13,14 @@ stdenv.mkDerivation (finalAttrs: { pname = "pinocchio"; - version = "2.6.21"; + version = "2.7.0"; src = fetchFromGitHub { owner = "stack-of-tasks"; repo = finalAttrs.pname; rev = "v${finalAttrs.version}"; fetchSubmodules = true; - hash = "sha256-IaWAXzdzhU/wov+9ChzUeCp9SFNFV2/vGToXC35dkb8="; + hash = "sha256-yhrG+MilGJkvwLUNTAgNhDqUWGjPswjrbg38yOLsmHc="; }; strictDeps = true; @@ -48,7 +48,7 @@ stdenv.mkDerivation (finalAttrs: { ] ++ lib.optionals pythonSupport [ "-DBUILD_WITH_LIBPYTHON=ON" ] ++ lib.optionals (pythonSupport && stdenv.isDarwin) [ - # AssertionError: '.' != '/tmp/nix-build-pinocchio-2.6.21.drv/sou[84 chars].dae' + # AssertionError: '.' != '/tmp/nix-build-pinocchio-2.7.0.drv/sou[84 chars].dae' "-DCMAKE_CTEST_ARGUMENTS='--exclude-regex;test-py-bindings_geometry_model_urdf'" ] ++ lib.optionals (!pythonSupport) [ "-DBUILD_PYTHON_INTERFACE=OFF" diff --git a/pkgs/development/libraries/rubberband/default.nix b/pkgs/development/libraries/rubberband/default.nix index d0d1a93ad462..7830e62ccb18 100644 --- a/pkgs/development/libraries/rubberband/default.nix +++ b/pkgs/development/libraries/rubberband/default.nix @@ -1,20 +1,26 @@ { lib, stdenv, fetchurl, pkg-config, libsamplerate, libsndfile, fftw +, lv2, jdk , vamp-plugin-sdk, ladspaH, meson, ninja, darwin }: stdenv.mkDerivation rec { pname = "rubberband"; - version = "3.1.0"; + version = "3.3.0"; src = fetchurl { url = "https://breakfastquay.com/files/releases/${pname}-${version}.tar.bz2"; - sha256 = "sha256-uVp22lzbOWZ3DGARXs2Dj4QGESD4hMO/3JBPdZMeyao="; + hash = "sha256-2e+J4rjvn4WxOsPC+uww4grPLJ86nIxFzmN/K8leV2w="; }; - nativeBuildInputs = [ pkg-config meson ninja ]; - buildInputs = [ libsamplerate libsndfile fftw vamp-plugin-sdk ladspaH ] ++ lib.optionals stdenv.isDarwin + nativeBuildInputs = [ pkg-config meson ninja jdk ]; + buildInputs = [ libsamplerate libsndfile fftw vamp-plugin-sdk ladspaH lv2 ] ++ lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [Accelerate CoreGraphics CoreVideo]); makeFlags = [ "AR:=$(AR)" ]; + # TODO: package boost-test, so we can run the test suite. (Currently it fails + # to find libboost_unit_test_framework.a.) + mesonFlags = [ "-Dtests=disabled" ]; + doCheck = false; + meta = with lib; { description = "High quality software library for audio time-stretching and pitch-shifting"; homepage = "https://breakfastquay.com/rubberband/"; diff --git a/pkgs/development/libraries/science/biology/htslib/default.nix b/pkgs/development/libraries/science/biology/htslib/default.nix index d89b6dbbe679..8b1aa7d01e81 100644 --- a/pkgs/development/libraries/science/biology/htslib/default.nix +++ b/pkgs/development/libraries/science/biology/htslib/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "htslib"; - version = "1.19"; + version = "1.19.1"; src = fetchurl { url = "https://github.com/samtools/htslib/releases/download/${version}/${pname}-${version}.tar.bz2"; - sha256 = "sha256-h1HEDE+n0fI6aGTFsgpzdE+L5oI5U1rncpxffTlNBzY="; + sha256 = "sha256-Ii1001dPtnsVjGmIyYDuqrqKBlb15P+3a1+lfwNZM+w="; }; # perl is only used during the check phase. diff --git a/pkgs/development/python-modules/eigenpy/default.nix b/pkgs/development/python-modules/eigenpy/default.nix index 93ec1fc59b50..d3edf6748300 100644 --- a/pkgs/development/python-modules/eigenpy/default.nix +++ b/pkgs/development/python-modules/eigenpy/default.nix @@ -9,14 +9,14 @@ stdenv.mkDerivation (finalAttrs: { pname = "eigenpy"; - version = "3.2.0"; + version = "3.3.0"; src = fetchFromGitHub { owner = "stack-of-tasks"; repo = finalAttrs.pname; rev = "v${finalAttrs.version}"; fetchSubmodules = true; - hash = "sha256-ApWz0La+weqczVj3EyBqTAFlTt8cylA3Dl0ZDP4/i5o="; + hash = "sha256-INOg1oL5APMI2YZDe4yOJadhMsG7b+NfEcSr9FsdqeU="; }; strictDeps = true; diff --git a/pkgs/development/python-modules/kaggle/default.nix b/pkgs/development/python-modules/kaggle/default.nix index e0b4ab4ef586..58098b37bf79 100644 --- a/pkgs/development/python-modules/kaggle/default.nix +++ b/pkgs/development/python-modules/kaggle/default.nix @@ -13,12 +13,12 @@ buildPythonPackage rec { pname = "kaggle"; - version = "1.6.1"; + version = "1.6.3"; format = "setuptools"; src = fetchPypi { inherit pname version; - sha256 = "sha256-AsdRYWbeG++zACCSVfnCPuy1hIdixLqNbxP0npmmabQ="; + sha256 = "sha256-J2FOzXJhO59Ya4cjE68WOK2MChfQx4rZ1KcYeb7NcuQ="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/lsprotocol/default.nix b/pkgs/development/python-modules/lsprotocol/default.nix index 06776c0eec3e..ce6e4eea44a3 100644 --- a/pkgs/development/python-modules/lsprotocol/default.nix +++ b/pkgs/development/python-modules/lsprotocol/default.nix @@ -14,7 +14,7 @@ buildPythonPackage rec { pname = "lsprotocol"; - version = "2023.0.0"; + version = "2023.0.1"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -23,7 +23,7 @@ buildPythonPackage rec { owner = "microsoft"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-K5jocKVxMNoUYYUi9YO2+N7hHWj0MFLprqGOzsg1QRs="; + hash = "sha256-PHjLKazMaT6W4Lve1xNxm6hEwqE3Lr2m5L7Q03fqb68="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/pomegranate/default.nix b/pkgs/development/python-modules/pomegranate/default.nix index 93c42374876c..0c07483b0711 100644 --- a/pkgs/development/python-modules/pomegranate/default.nix +++ b/pkgs/development/python-modules/pomegranate/default.nix @@ -1,5 +1,4 @@ -{ stdenv -, lib +{ lib , buildPythonPackage , fetchFromGitHub @@ -7,29 +6,25 @@ , setuptools # dependencies -, apricot-select -, networkx , numpy -, scikit-learn +, joblib +, networkx , scipy -, torch - -# tests -, pytestCheckHook +, pyyaml +, cython }: - buildPythonPackage rec { pname = "pomegranate"; - version = "1.0.0"; - format = "pyproject"; + version = "0.14.8"; + pyproject = true; src = fetchFromGitHub { repo = pname; owner = "jmschrei"; # no tags for recent versions: https://github.com/jmschrei/pomegranate/issues/974 rev = "refs/tags/v${version}"; - sha256 = "sha256-EnxKlRRfsOIDLAhYOq7bUSbI/NvPoSyYCZ9D5VCXFGQ="; + hash = "sha256-PoDAtNm/snq4isotkoCTVYUuwr9AKKwiXIojUFMH/YE="; }; nativeBuildInputs = [ @@ -37,20 +32,18 @@ buildPythonPackage rec { ]; propagatedBuildInputs = [ - apricot-select - networkx numpy - scikit-learn + joblib + networkx scipy - torch + pyyaml + cython ]; - nativeCheckInputs = [ - pytestCheckHook - ]; + # https://github.com/etal/cnvkit/issues/815 + passthru.skipBulkUpdate = true; meta = with lib; { - broken = stdenv.isDarwin; description = "Probabilistic and graphical models for Python, implemented in cython for speed"; homepage = "https://github.com/jmschrei/pomegranate"; license = licenses.mit; diff --git a/pkgs/development/python-modules/pontos/default.nix b/pkgs/development/python-modules/pontos/default.nix index 7166577d8c74..0ea724ed044b 100644 --- a/pkgs/development/python-modules/pontos/default.nix +++ b/pkgs/development/python-modules/pontos/default.nix @@ -17,7 +17,7 @@ buildPythonPackage rec { pname = "pontos"; - version = "23.12.1"; + version = "24.1.2"; pyproject = true; disabled = pythonOlder "3.9"; @@ -26,7 +26,7 @@ buildPythonPackage rec { owner = "greenbone"; repo = "pontos"; rev = "refs/tags/v${version}"; - hash = "sha256-N10Jn5jq/PktpmeRNlqZyN/rUyAeW+ghY3/RK9Aas7I="; + hash = "sha256-t8mfAi5EG/k5dXsEjC5IpBn/adpSOhqCIkpZ2IMzMkQ="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/publicsuffixlist/default.nix b/pkgs/development/python-modules/publicsuffixlist/default.nix index 3b94405d0445..52723e8560a1 100644 --- a/pkgs/development/python-modules/publicsuffixlist/default.nix +++ b/pkgs/development/python-modules/publicsuffixlist/default.nix @@ -10,14 +10,14 @@ buildPythonPackage rec { pname = "publicsuffixlist"; - version = "0.10.0.20240108"; + version = "0.10.0.20240124"; pyproject = true; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-LRUwHL70tezJv6R7OJWa9zNQkVdI1Esvkdsqj8O5jSQ="; + hash = "sha256-Z87qlGIL215R3Lqbx2f7AuY0Zhu2zpXD+tL5cxGm8Uw="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/pyenphase/default.nix b/pkgs/development/python-modules/pyenphase/default.nix index 05fccad3a89d..02c437298efc 100644 --- a/pkgs/development/python-modules/pyenphase/default.nix +++ b/pkgs/development/python-modules/pyenphase/default.nix @@ -18,7 +18,7 @@ buildPythonPackage rec { pname = "pyenphase"; - version = "1.17.0"; + version = "1.18.0"; pyproject = true; disabled = pythonOlder "3.11"; @@ -27,7 +27,7 @@ buildPythonPackage rec { owner = "pyenphase"; repo = "pyenphase"; rev = "refs/tags/v${version}"; - hash = "sha256-GNyhUk2/CSSdigrAJ0T2F1+49PkyPxMaec3nO9/cmNo="; + hash = "sha256-lnxHWEQ9nVWT7dK0Vz7cCN/ur9C/RfzJDh6AYpFHJds="; }; postPatch = '' diff --git a/pkgs/development/python-modules/pyfaidx/default.nix b/pkgs/development/python-modules/pyfaidx/default.nix index d16b02d1c3a4..ed7997a842ae 100644 --- a/pkgs/development/python-modules/pyfaidx/default.nix +++ b/pkgs/development/python-modules/pyfaidx/default.nix @@ -13,12 +13,12 @@ buildPythonPackage rec { pname = "pyfaidx"; - version = "0.7.2.2"; + version = "0.8.1.1"; format = "pyproject"; src = fetchPypi { inherit pname version; - hash = "sha256-O3aTwFLIJpEAD+SpJHXbgv/DtachoSsQ37yHEZxLTTA="; + hash = "sha256-bwSCNSYZ8sxWADyiIyG9sNB2S2VnlbweQGKx+psIaGs="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/regress/default.nix b/pkgs/development/python-modules/regress/default.nix index 4526c735a189..b70e52008778 100644 --- a/pkgs/development/python-modules/regress/default.nix +++ b/pkgs/development/python-modules/regress/default.nix @@ -1,7 +1,9 @@ { lib +, stdenv , fetchPypi , buildPythonPackage , rustPlatform +, libiconv }: buildPythonPackage rec { @@ -17,6 +19,8 @@ buildPythonPackage rec { nativeBuildInputs = with rustPlatform; [ cargoSetupHook maturinBuildHook ]; + buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [ libiconv ]; + cargoDeps = rustPlatform.fetchCargoTarball { inherit src; name = "${pname}-${version}"; diff --git a/pkgs/development/tools/semantic-release/default.nix b/pkgs/development/tools/semantic-release/default.nix index 87533c0e3359..ee550a7c1f7a 100644 --- a/pkgs/development/tools/semantic-release/default.nix +++ b/pkgs/development/tools/semantic-release/default.nix @@ -8,16 +8,16 @@ buildNpmPackage rec { pname = "semantic-release"; - version = "22.0.12"; + version = "23.0.0"; src = fetchFromGitHub { owner = "semantic-release"; repo = "semantic-release"; rev = "v${version}"; - hash = "sha256-enBfQapJdssMiwu07f3EZO80iTy+/XLot2W+rHfmN4I="; + hash = "sha256-UXh/3ziNuTvLjd54l7oUOZgbu0+Hy4+a5TUp9dEvAJw="; }; - npmDepsHash = "sha256-8m6j4OHupcrU21MHvePmqNAAx2ANEu5YVV96WnTxTL4="; + npmDepsHash = "sha256-RgqerFVG0qdJ52zTvsgtczGcdKw6taiIpgA2LHPELws="; dontNpmBuild = true; diff --git a/pkgs/games/path-of-building/default.nix b/pkgs/games/path-of-building/default.nix index a889b6f7ea74..9a14fef9fab1 100644 --- a/pkgs/games/path-of-building/default.nix +++ b/pkgs/games/path-of-building/default.nix @@ -2,13 +2,13 @@ let data = stdenv.mkDerivation(finalAttrs: { pname = "path-of-building-data"; - version = "2.38.4"; + version = "2.39.0"; src = fetchFromGitHub { owner = "PathOfBuildingCommunity"; repo = "PathOfBuilding"; rev = "v${finalAttrs.version}"; - hash = "sha256-fCKOmP0PxhK2trBA1lyE6kf128FrsuCmBrXMIGTIt0U="; + hash = "sha256-EoywWavbCuoWeA5wknteRb8NH0T6Ef8h6zQhkXb9bL4="; }; nativeBuildInputs = [ unzip ]; diff --git a/pkgs/games/shattered-pixel-dungeon/default.nix b/pkgs/games/shattered-pixel-dungeon/default.nix index 625fe5010833..47026485e9e6 100644 --- a/pkgs/games/shattered-pixel-dungeon/default.nix +++ b/pkgs/games/shattered-pixel-dungeon/default.nix @@ -5,13 +5,13 @@ callPackage ./generic.nix rec { pname = "shattered-pixel-dungeon"; - version = "2.2.1"; + version = "2.3.0"; src = fetchFromGitHub { owner = "00-Evan"; repo = "shattered-pixel-dungeon"; rev = "v${version}"; - hash = "sha256-0wSlCazsy3TYckWc2bQJL1xBVN2DuYsBIbb9Ajnfl7M="; + hash = "sha256-PUAHsFW8rb4SZlZKCIx6SO3U7I7uJgfUal2VXzUjQNs="; }; depsHash = "sha256-QfAV6LYD6S/8ptaqqKSDtOe4kStwp6LJp8WVc3sH8yc="; diff --git a/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix b/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix index 8f1d6579158f..a5ccc82ccda5 100644 --- a/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix +++ b/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix @@ -17,13 +17,13 @@ stdenv.mkDerivation rec { pname = "check_ssl_cert"; - version = "2.78.0"; + version = "2.79.0"; src = fetchFromGitHub { owner = "matteocorti"; repo = "check_ssl_cert"; rev = "refs/tags/v${version}"; - hash = "sha256-5a9mrRd3YqKuz/VG7/CheMWpy99PpnyPaA5/VFEvj3Y="; + hash = "sha256-2NraUEUGyvmEdWCQdzZ5kf+sx/CnSZ54N3zRcCSYhBA="; }; nativeBuildInputs = [ diff --git a/pkgs/servers/snappymail/default.nix b/pkgs/servers/snappymail/default.nix index d6de696d691d..e8120224990e 100644 --- a/pkgs/servers/snappymail/default.nix +++ b/pkgs/servers/snappymail/default.nix @@ -7,11 +7,11 @@ stdenv.mkDerivation rec { pname = "snappymail"; - version = "2.32.0"; + version = "2.33.0"; src = fetchurl { url = "https://github.com/the-djmaze/snappymail/releases/download/v${version}/snappymail-${version}.tar.gz"; - sha256 = "sha256-y77oFvVCE7eQoJbBWeyi+kldDDhAhAkoTNZ9CGWMvb8="; + sha256 = "sha256-71JgCkser7pGMVeSbiw97R2AoxQI76A6nPC7cTa2eow="; }; sourceRoot = "snappymail"; diff --git a/pkgs/tools/admin/stripe-cli/default.nix b/pkgs/tools/admin/stripe-cli/default.nix index 3dcf7d855715..9adb2d326e0b 100644 --- a/pkgs/tools/admin/stripe-cli/default.nix +++ b/pkgs/tools/admin/stripe-cli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "stripe-cli"; - version = "1.19.1"; + version = "1.19.2"; src = fetchFromGitHub { owner = "stripe"; repo = pname; rev = "v${version}"; - hash = "sha256-4xyJZKFkijgemNwGC8pi7zF9MgtwgSKIvDRZ8jJ2h8o="; + hash = "sha256-ohxTEHm5qGFQ1mJNL/Fh5qNc/De1TUtsEcuOIaJvGLc="; }; vendorHash = "sha256-DYA6cu2KzEBZ4wsT7wjcdY1endQQOZlj2aOwu6iGLew="; diff --git a/pkgs/tools/misc/rrdtool/default.nix b/pkgs/tools/misc/rrdtool/default.nix index 58070c3b1b1c..e852374e2a88 100644 --- a/pkgs/tools/misc/rrdtool/default.nix +++ b/pkgs/tools/misc/rrdtool/default.nix @@ -1,16 +1,33 @@ -{ fetchurl, lib, stdenv, gettext, perl, pkg-config, libxml2, pango, cairo, groff -, tcl, darwin }: +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, gettext +, perl +, pkg-config +, libxml2 +, pango +, cairo +, groff +, tcl +, darwin +}: perl.pkgs.toPerlModule (stdenv.mkDerivation rec { pname = "rrdtool"; - version = "1.7.2"; + version = "1.8.0"; - src = fetchurl { - url = "https://oss.oetiker.ch/rrdtool/pub/rrdtool-${version}.tar.gz"; - sha256 = "1nsqra0g2nja19akmf9x5y9hhgc35ml3w9dcdz2ayz7zgvmzm6d1"; + src = fetchFromGitHub { + owner = "oetiker"; + repo = "rrdtool-1.x"; + rev = "v${version}"; + hash = "sha256-a+AxU1+YpkGoFs1Iu/CHAEZ4XIkWs7Vsnr6RcfXzsBE="; }; - nativeBuildInputs = [ pkg-config ]; + nativeBuildInputs = [ + pkg-config + autoreconfHook + ]; buildInputs = [ gettext perl libxml2 pango cairo groff ] ++ lib.optionals stdenv.isDarwin [ tcl darwin.apple_sdk.frameworks.ApplicationServices ]; diff --git a/pkgs/tools/security/cnspec/default.nix b/pkgs/tools/security/cnspec/default.nix index 2eee5568fea4..0a8426c38a72 100644 --- a/pkgs/tools/security/cnspec/default.nix +++ b/pkgs/tools/security/cnspec/default.nix @@ -5,17 +5,17 @@ buildGoModule rec { pname = "cnspec"; - version = "9.14.0"; + version = "10.0.1"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnspec"; rev = "refs/tags/v${version}"; - hash = "sha256-9MIIxWfETi2DX1DYPALL+JoC4r3yKJpeSFIx+hrGKiM="; + hash = "sha256-CzTHEOQ6QTL5M6lS8BgRhf3OXBC/Pa+HabsRrlxQGcU="; }; proxyVendor = true; - vendorHash = "sha256-Yii2sDfYqIzQAUaMotT87Wa5g3skxWllq6yGlkPDbLg="; + vendorHash = "sha256-7Ro2qRU+ULLLrVT0VpJkwBOQ6EQSgMLiJRRK9IMuXZs="; subPackages = [ "apps/cnspec" diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index 0e2e74d0787f..a1dbd2ada9ed 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-12-22"; + version = "2024-01-24"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-NuukzG+l83YhIgVASLKCkE3FrS6+z8uURTxZyhT/RuA="; + hash = "sha256-3nwF/3xospyxxH6BvOU9DYBi8Fkw4oERGDZJPKMgSXM="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/graphw00f/default.nix b/pkgs/tools/security/graphw00f/default.nix index caa7586d37f6..7f1d5ede3e71 100644 --- a/pkgs/tools/security/graphw00f/default.nix +++ b/pkgs/tools/security/graphw00f/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "graphw00f"; - version = "1.1.8"; + version = "1.1.15"; format = "other"; src = fetchFromGitHub { owner = "dolevf"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-stTCUHt9UCu1QuxDPB8a26LsrHNttyoVd0tmS7e2t2Y="; + hash = "sha256-wAymwT2PRyX7m/yh6BAa8YNkH7pE69bKHKZ15phuUJo="; }; propagatedBuildInputs = with python3.pkgs; [ diff --git a/pkgs/tools/security/nitrokey-app2/default.nix b/pkgs/tools/security/nitrokey-app2/default.nix index 15e756a7053b..d56e882cb09e 100644 --- a/pkgs/tools/security/nitrokey-app2/default.nix +++ b/pkgs/tools/security/nitrokey-app2/default.nix @@ -1,21 +1,26 @@ { lib -, python3 +, buildPythonApplication , fetchFromGitHub -, wrapQtAppsHook +, pythonOlder +, pyside6 +, poetry-core +, pynitrokey +, pyudev +, qt-material }: -python3.pkgs.buildPythonApplication rec { +buildPythonApplication rec { pname = "nitrokey-app2"; - version = "2.1.4"; + version = "2.1.5"; pyproject = true; - disabled = python3.pythonOlder "3.9"; + disabled = pythonOlder "3.9"; src = fetchFromGitHub { owner = "Nitrokey"; repo = "nitrokey-app2"; rev = "v${version}"; - hash = "sha256-loOCa6XlLx1YEfqR0SUUalVIEPCoYsNEHFo2MIKexeA="; + hash = "sha256-mR13zUgCdNS09EnpGLrnOnoIn3p6ZM/0fHKg0OUMWj4="; }; # https://github.com/Nitrokey/nitrokey-app2/issues/152 @@ -23,36 +28,20 @@ python3.pkgs.buildPythonApplication rec { # pythonRelaxDepsHook does not work here, because it runs in postBuild and # only modifies the dependencies in the built distribution. postPatch = '' - substituteInPlace pyproject.toml --replace "pynitrokey ==" "pynitrokey >=" + substituteInPlace pyproject.toml --replace 'pynitrokey = "' 'pynitrokey = ">=' ''; - # The pyproject.toml file seems to be incomplete and does not generate - # resources (i.e. run pyrcc5 and pyuic5) but the Makefile does. - preBuild = '' - make build-ui - ''; - - nativeBuildInputs = with python3.pkgs; [ - flit-core - pyqt5 - wrapQtAppsHook + nativeBuildInputs = [ + poetry-core ]; - dontWrapQtApps = true; - - propagatedBuildInputs = with python3.pkgs; [ + propagatedBuildInputs = [ pynitrokey pyudev - pyqt5 - pyqt5-stubs + pyside6 qt-material ]; - preFixup = '' - wrapQtApp "$out/bin/nitrokeyapp" \ - --set-default CRYPTOGRAPHY_OPENSSL_NO_LEGACY 1 - ''; - pythonImportsCheck = [ "nitrokeyapp" ]; diff --git a/pkgs/tools/security/sn0int/default.nix b/pkgs/tools/security/sn0int/default.nix index 397f7eb832e7..66f89f77e8ea 100644 --- a/pkgs/tools/security/sn0int/default.nix +++ b/pkgs/tools/security/sn0int/default.nix @@ -1,10 +1,12 @@ { lib , fetchFromGitHub , rustPlatform -, libsodium , libseccomp -, sqlite +, libsodium , pkg-config +, pkgs +, sqlite +, stdenv }: rustPlatform.buildRustPackage rec { @@ -26,8 +28,11 @@ rustPlatform.buildRustPackage rec { buildInputs = [ libsodium - libseccomp sqlite + ] ++ lib.optionals stdenv.isLinux [ + libseccomp + ] ++ lib.optionals stdenv.isDarwin [ + pkgs.darwin.apple_sdk.frameworks.Security ]; # One of the dependencies (chrootable-https) tries to read "/etc/resolv.conf" @@ -40,6 +45,6 @@ rustPlatform.buildRustPackage rec { changelog = "https://github.com/kpcyrd/sn0int/releases/tag/v${version}"; license = with licenses; [ gpl3Plus ]; maintainers = with maintainers; [ fab xrelkd ]; - platforms = platforms.linux; + platforms = platforms.linux ++ platforms.darwin; }; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 79d1fb97cf1b..d9139d0d099b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -41647,7 +41647,7 @@ with pkgs; nitrokey-app = libsForQt5.callPackage ../tools/security/nitrokey-app { }; - nitrokey-app2 = libsForQt5.callPackage ../tools/security/nitrokey-app2 { }; + nitrokey-app2 = python3Packages.callPackage ../tools/security/nitrokey-app2 { }; fpm2 = callPackage ../tools/security/fpm2 { }; |