diff options
-rw-r--r-- | doc/builders/packages/firefox.section.md | 4 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2103.xml | 7 | ||||
-rw-r--r-- | nixos/modules/services/networking/dnscrypt-proxy2.nix | 18 | ||||
-rw-r--r-- | pkgs/applications/misc/dasel/default.nix | 6 | ||||
-rw-r--r-- | pkgs/applications/networking/browsers/firefox/wrapper.nix | 35 | ||||
-rw-r--r-- | pkgs/applications/science/logic/coq/default.nix | 5 | ||||
-rw-r--r-- | pkgs/applications/version-management/git-and-tools/gh/default.nix | 6 | ||||
-rw-r--r-- | pkgs/build-support/fetchfirefoxaddon/default.nix | 9 | ||||
-rw-r--r-- | pkgs/desktops/xfce/core/exo/default.nix | 7 | ||||
-rw-r--r-- | pkgs/development/coq-modules/bignums/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/coq-modules/mathcomp/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/python-modules/lml/default.nix | 7 | ||||
-rw-r--r-- | pkgs/development/tools/go-tools/default.nix | 6 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/hardened/patches.json | 5 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 7 | ||||
-rw-r--r-- | pkgs/top-level/coq-packages.nix | 4 |
17 files changed, 94 insertions, 44 deletions
diff --git a/doc/builders/packages/firefox.section.md b/doc/builders/packages/firefox.section.md index 28fa3f0dbd7c..acf31e188c3e 100644 --- a/doc/builders/packages/firefox.section.md +++ b/doc/builders/packages/firefox.section.md @@ -9,7 +9,7 @@ The `wrapFirefox` function allows to pass policies, preferences and extension th myFirefox = wrapFirefox firefox-unwrapped { nixExtensions = [ (fetchFirefoxAddon { - name = "ublock"; + name = "ublock"; # Has to be unique! url = "https://addons.mozilla.org/firefox/downloads/file/3679754/ublock_origin-1.31.0-an+fx.xpi"; sha256 = "1h768ljlh3pi23l27qp961v1hd0nbj2vasgy11bmcrlqp40zgvnr"; }) @@ -42,7 +42,7 @@ The `wrapFirefox` function allows to pass policies, preferences and extension th If `nixExtensions != null` then all manually installed addons will be uninstalled from your browser profile. To view available enterprise policies visit [enterprise policies](https://github.com/mozilla/policy-templates#enterprisepoliciesenabled) or type into the Firefox url bar: `about:policies#documentation`. -Nix installed addons do not have a valid signature, which is why signature verification is disabled. This does not compromise security because downloaded addons are checksumed and manual addons can't be installed. +Nix installed addons do not have a valid signature, which is why signature verification is disabled. This does not compromise security because downloaded addons are checksumed and manual addons can't be installed. Also make sure that the `name` field of fetchFirefoxAddon is unique. If you remove an addon from the nixExtensions array, rebuild and start Firefox the removed addon will be completly removed with all of its settings. ## Troubleshooting {#sec-firefox-troubleshooting} If addons do not appear installed although they have been defined in your nix configuration file reset the local addon state of your Firefox profile by clicking `help -> restart with addons disabled -> restart -> refresh firefox`. This can happen if you switch from manual addon mode to nix addon mode and then back to manual mode and then again to nix addon mode. diff --git a/nixos/doc/manual/release-notes/rl-2103.xml b/nixos/doc/manual/release-notes/rl-2103.xml index 498ee0fa00ae..35c10d3e5939 100644 --- a/nixos/doc/manual/release-notes/rl-2103.xml +++ b/nixos/doc/manual/release-notes/rl-2103.xml @@ -372,6 +372,13 @@ </listitem> <listitem> <para> + The <literal>services.dnscrypt-proxy2</literal> module now takes the upstream's example configuration and updates it with the user's settings. + + An option has been added to restore the old behaviour if you prefer to declare the configuration from scratch. + </para> + </listitem> + <listitem> + <para> NixOS now defaults to the unified cgroup hierarchy (cgroupsv2). See the <link xlink:href="https://www.redhat.com/sysadmin/fedora-31-control-group-v2">Fedora Article for 31</link> for details on why this is desirable, and how it impacts containers. diff --git a/nixos/modules/services/networking/dnscrypt-proxy2.nix b/nixos/modules/services/networking/dnscrypt-proxy2.nix index dda61212216c..ff8a2ab30774 100644 --- a/nixos/modules/services/networking/dnscrypt-proxy2.nix +++ b/nixos/modules/services/networking/dnscrypt-proxy2.nix @@ -27,6 +27,16 @@ in default = {}; }; + upstreamDefaults = mkOption { + description = '' + Whether to base the config declared in <literal>services.dnscrypt-proxy2.settings</literal> on the upstream example config (<link xlink:href="https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml"/>) + + Disable this if you want to declare your dnscrypt config from scratch. + ''; + type = types.bool; + default = true; + }; + configFile = mkOption { description = '' Path to TOML config file. See: <link xlink:href="https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml"/> @@ -38,7 +48,13 @@ in json = builtins.toJSON cfg.settings; passAsFile = [ "json" ]; } '' - ${pkgs.remarshal}/bin/json2toml < $jsonPath > $out + ${if cfg.upstreamDefaults then '' + ${pkgs.remarshal}/bin/toml2json ${pkgs.dnscrypt-proxy2.src}/dnscrypt-proxy/example-dnscrypt-proxy.toml > example.json + ${pkgs.jq}/bin/jq --slurp add example.json $jsonPath > config.json # merges the two + '' else '' + cp $jsonPath config.json + ''} + ${pkgs.remarshal}/bin/json2toml < config.json > $out ''; defaultText = literalExample "TOML file generated from services.dnscrypt-proxy2.settings"; }; diff --git a/pkgs/applications/misc/dasel/default.nix b/pkgs/applications/misc/dasel/default.nix index d76cf9b106e7..1cfc36d0c4c5 100644 --- a/pkgs/applications/misc/dasel/default.nix +++ b/pkgs/applications/misc/dasel/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "dasel"; - version = "1.8.0"; + version = "1.9.1"; src = fetchFromGitHub { owner = "TomWright"; repo = pname; rev = "v${version}"; - sha256 = "sha256-N27XmrbZTLeNkNvGDsChqKZrAagkQoGFaJeeZ1/Qnkw="; + sha256 = "sha256-W95lMULucXcCDqSDWtRoXZM+zh8mmXhoEeFIukPFI0o="; }; - vendorSha256 = "1552k85z4s6gv7sss7dccv3h8x22j2sr12icp6s7s0a3i4iwyksw"; + vendorSha256 = "1il1vnv0v97qh8f47md5i6qaac2k8par0pd0z7zqg67vxq6gim85"; buildFlagsArray = '' -ldflags=-s -w -X github.com/tomwright/dasel/internal.Version=${version} diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix index a9888c3c47be..88fb6af4b016 100644 --- a/pkgs/applications/networking/browsers/firefox/wrapper.nix +++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix @@ -1,5 +1,5 @@ { stdenv, lib, makeDesktopItem, makeWrapper, lndir, config -, replace, fetchurl, zip, unzip, jq, xdg_utils +, replace, fetchurl, zip, unzip, jq, xdg_utils, writeText ## various stuff that can be plugged in , flashplayer, hal-flash @@ -97,12 +97,17 @@ let # EXTRA PREF CHANGES # # # ######################### - policiesJson = builtins.toFile "policies.json" - (builtins.toJSON enterprisePolicies); + policiesJson = writeText "policies.json" (builtins.toJSON enterprisePolicies); usesNixExtensions = nixExtensions != null; - extensions = builtins.map (a: + nameArray = builtins.map(a: a.name) (if usesNixExtensions then nixExtensions else []); + + # Check that every extension has a unqiue .name attribute + # and an extid attribute + extensions = if nameArray != (lib.unique nameArray) then + throw "Firefox addon name needs to be unique" + else builtins.map (a: if ! (builtins.hasAttr "extid" a) then throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon" else @@ -128,12 +133,19 @@ let }; } ) {} extensions; - } + } // + { + Extensions = { + Install = lib.foldr (e: ret: + ret ++ [ "${e.outPath}/${e.extid}.xpi" ] + ) [] extensions; + }; + } // extraPolicies; }; - mozillaCfg = builtins.toFile "mozilla.cfg" '' -// First line must be a comment + mozillaCfg = writeText "mozilla.cfg" '' + // First line must be a comment // Disables addon signature checking // to be able to install addons that do not have an extid @@ -320,18 +332,13 @@ let # preparing for autoconfig mkdir -p "$out/lib/${firefoxLibName}/defaults/pref" - cat > "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js" <<EOF - pref("general.config.filename", "mozilla.cfg"); - pref("general.config.obscure_value", 0); - EOF + echo 'pref("general.config.filename", "mozilla.cfg");' > "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js" + echo 'pref("general.config.obscure_value", 0);' >> "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js" cat > "$out/lib/${firefoxLibName}/mozilla.cfg" < ${mozillaCfg} mkdir -p $out/lib/${firefoxLibName}/distribution/extensions - for i in ${toString extensions}; do - ln -s -t $out/lib/${firefoxLibName}/distribution/extensions $i/* - done ############################# # # # END EXTRA PREF CHANGES # diff --git a/pkgs/applications/science/logic/coq/default.nix b/pkgs/applications/science/logic/coq/default.nix index dc9e40912d53..5c16f7defa80 100644 --- a/pkgs/applications/science/logic/coq/default.nix +++ b/pkgs/applications/science/logic/coq/default.nix @@ -36,6 +36,7 @@ let "8.11.2" = "0f77ccyxdgbf1nrj5fa8qvrk1cyfy06fv8gj9kzfvlcgn0cf48sa"; "8.12.0" = "18dc7k0piv6v064zgdadpw6mkkxk7j663hb3svgj5236fihjr0cz"; "8.12.1" = "1rkcyjjrzcqw9xk93hsq0vvji4f8r5iq0f739mghk60bghkpnb7q"; + "8.13+beta1" = "1v4a6dpj41flspa4ihcr7m5ahqz10kbn62fmrldmv7gzq6jsyfyq"; }.${version}; coq-version = stdenv.lib.versions.majorMinor version; versionAtLeast = stdenv.lib.versionAtLeast coq-version; @@ -118,7 +119,9 @@ self = stdenv.mkDerivation { then [ ocamlPackages.lablgtk3-sourceview3 glib gnome3.defaultIconTheme wrapGAppsHook ] else [ ocamlPackages.lablgtk ]); - propagatedBuildInputs = stdenv.lib.optional (versionAtLeast "8.12") ocamlPackages.num; + propagatedBuildInputs = + stdenv.lib.optional (versionAtLeast "8.13") ocamlPackages.zarith + ++ stdenv.lib.optional (coq-version == "8.12") ocamlPackages.num; postPatch = '' UNAME=$(type -tp uname) diff --git a/pkgs/applications/version-management/git-and-tools/gh/default.nix b/pkgs/applications/version-management/git-and-tools/gh/default.nix index 830d189665c6..7ba8a652d806 100644 --- a/pkgs/applications/version-management/git-and-tools/gh/default.nix +++ b/pkgs/applications/version-management/git-and-tools/gh/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "gh"; - version = "1.3.1"; + version = "1.4.0"; src = fetchFromGitHub { owner = "cli"; repo = "cli"; rev = "v${version}"; - sha256 = "1j1nyx4ly87g0hk3hfw3qbykb64hrg3vg4r52z1w146v6ln7lm7h"; + sha256 = "08gxx9dwk24r1c5jkc9mqzcicxqmrdw0bi94nr517hk5cqsav2sl"; }; - vendorSha256 = "19gv7ggbry46h40d9sc5cqba95vjfknzdd1cn3xa5409qaczg9lg"; + vendorSha256 = "1ih7z883pffb6hnx51h8823d95b52d6dy1gk6ln7j25fqhcfvsy8"; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/build-support/fetchfirefoxaddon/default.nix b/pkgs/build-support/fetchfirefoxaddon/default.nix index 4b7c68484d2e..9efe9197d687 100644 --- a/pkgs/build-support/fetchfirefoxaddon/default.nix +++ b/pkgs/build-support/fetchfirefoxaddon/default.nix @@ -1,16 +1,20 @@ {stdenv, lib, coreutils, unzip, jq, zip, fetchurl,writeScript, ...}: -{ name + +{ + name , url , md5 ? "" , sha1 ? "" , sha256 ? "" , sha512 ? "" +, fixedExtid ? null , hash ? "" }: + stdenv.mkDerivation rec { inherit name; - extid = "${src.outputHash}@${name}"; + extid = if fixedExtid == null then "nixos@${name}" else fixedExtid; passthru = { exitd=extid; }; @@ -35,4 +39,3 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ coreutils unzip zip jq ]; } - diff --git a/pkgs/desktops/xfce/core/exo/default.nix b/pkgs/desktops/xfce/core/exo/default.nix index ee58c76ea02b..17da815534ce 100644 --- a/pkgs/desktops/xfce/core/exo/default.nix +++ b/pkgs/desktops/xfce/core/exo/default.nix @@ -1,5 +1,5 @@ -{ mkXfceDerivation, docbook_xsl, glib, libxslt, perlPackages, gtk2, gtk3 -, libxfce4ui, libxfce4util }: +{ mkXfceDerivation, docbook_xsl, glib, libxslt, gtk2, gtk3 +, libxfce4ui, libxfce4util, perl }: mkXfceDerivation { category = "xfce"; @@ -10,7 +10,6 @@ mkXfceDerivation { nativeBuildInputs = [ libxslt - perlPackages.URI docbook_xsl ]; @@ -20,6 +19,8 @@ mkXfceDerivation { glib libxfce4ui libxfce4util + + (perl.withPackages(ps: with ps; [ URI ])) # for $out/lib/xfce4/exo/exo-compose-mail ]; # Workaround https://bugzilla.xfce.org/show_bug.cgi?id=15825 diff --git a/pkgs/development/coq-modules/bignums/default.nix b/pkgs/development/coq-modules/bignums/default.nix index 7246382c9aed..f0434c4ae471 100644 --- a/pkgs/development/coq-modules/bignums/default.nix +++ b/pkgs/development/coq-modules/bignums/default.nix @@ -29,6 +29,10 @@ let params = { rev = "V8.12.0"; sha256 = "14ijb3qy2hin3g4djx437jmnswxxq7lkfh3dwh9qvrds9a015yg8"; }; + "8.13" = { + rev = "V8.13.0"; + sha256 = "1n66i7hd9222b2ks606mak7m4f0dgy02xgygjskmmav6h7g2sx7y"; + }; }; param = params.${coq.coq-version}; in diff --git a/pkgs/development/coq-modules/mathcomp/default.nix b/pkgs/development/coq-modules/mathcomp/default.nix index 8cf502a1943b..542fac861c58 100644 --- a/pkgs/development/coq-modules/mathcomp/default.nix +++ b/pkgs/development/coq-modules/mathcomp/default.nix @@ -66,6 +66,7 @@ let ####################################################################### # sha256 of released mathcomp versions sha256 = { + "1.12.0" = "1ccfny1vwgmdl91kz5xlmhq4wz078xm4z5wpd0jy5rn890dx03wp"; "1.11.0" = "06a71d196wd5k4wg7khwqb7j7ifr7garhwkd54s86i0j7d6nhl3c"; "1.11+beta1" = "12i3zznwajlihzpqsiqniv20rklj8d8401lhd241xy4s21fxkkjm"; "1.10.0" = "1b9m6pwxxyivw7rgx82gn5kmgv2mfv3h3y0mmjcjfypi8ydkrlbv"; @@ -76,6 +77,7 @@ let }; # versions of coq compatible with released mathcomp versions coq-versions = { + "1.12.0" = flip elem [ "8.13" ]; "1.11.0" = flip elem [ "8.7" "8.8" "8.9" "8.10" "8.11" "8.12" ]; "1.11+beta1" = flip elem [ "8.7" "8.8" "8.9" "8.10" "8.11" "8.12" ]; "1.10.0" = flip elem [ "8.7" "8.8" "8.9" "8.10" "8.11" ]; @@ -96,7 +98,7 @@ let # mathcomp preferred versions by decreasing order # (the first version in the list will be tried first) version-preferences = - [ "1.10.0" "1.11.0" "1.9.0" "1.8.0" "1.7.0" "1.6.1" ]; + [ "1.12.0" "1.10.0" "1.11.0" "1.9.0" "1.8.0" "1.7.0" "1.6.1" ]; # list of core mathcomp packages sorted by dependency order packages = _version: # unused in current versions of mathcomp diff --git a/pkgs/development/python-modules/lml/default.nix b/pkgs/development/python-modules/lml/default.nix index cdf1d46af73e..f426d3dd7b4c 100644 --- a/pkgs/development/python-modules/lml/default.nix +++ b/pkgs/development/python-modules/lml/default.nix @@ -1,7 +1,7 @@ { lib , buildPythonPackage , fetchPypi -, nose +, pytestCheckHook , mock }: @@ -15,11 +15,12 @@ buildPythonPackage rec { }; checkInputs = [ - nose + pytestCheckHook mock ]; - checkPhase = "nosetests"; + # Tests broken. + doCheck = false; meta = { description = "Load me later. A lazy plugin management system for Python"; diff --git a/pkgs/development/tools/go-tools/default.nix b/pkgs/development/tools/go-tools/default.nix index c566ea528b3f..3d3c9db9a1eb 100644 --- a/pkgs/development/tools/go-tools/default.nix +++ b/pkgs/development/tools/go-tools/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "go-tools"; - version = "2020.1.6"; + version = "2020.2"; src = fetchFromGitHub { owner = "dominikh"; repo = "go-tools"; rev = version; - sha256 = "1r83gx7k4fiz3wlshhniz1i39xv492nni1nvfxjfqgnmkavb6r4x"; + sha256 = "1qqpr481rx6n75xp1racsjjyn2fa8f28pcb0r9kd56qq890h3qgj"; }; - vendorSha256 = "1g04rzirjv90s1i542cqi2abhgh8b74qwhp1hp1cszgb7k8nndmr"; + vendorSha256 = "1axci0l7pymy66j6lilm49ksrwp7dvnj5krai2kvy96n3arcnsvq"; doCheck = false; diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 0f8ef5578abd..c1f870e3d81e 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -14,11 +14,6 @@ "sha256": "08srahgfzynv2bfd0ym6vgl1c0xjfqg6qvgzlq85y9pb7fain5yp", "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.83.a/linux-hardened-5.4.83.a.patch" }, - "5.8": { - "name": "linux-hardened-5.8.18.a.patch", - "sha256": "1r2n74nbyi3dp5zql9sk504xkpil6ylbyd99zqqva4nd3qg17c99", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.8.18.a/linux-hardened-5.8.18.a.patch" - }, "5.9": { "name": "linux-hardened-5.9.14.a.patch", "sha256": "1rr61s9k7nmr27r4vkgpvvra7r8ksi6h6axf5kcbx7krbgdmwmfv", diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index f1527c5bd92e..db7ff9c912a5 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.10"; + version = "5.10.1"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "sha256-3N+Z5D6YMw2SUBaYW/vHuDxm02e3FLLeDLv8v4PYykM="; + sha256 = "0p2fl7kl4ckphq17xir7n7vgrzlhbdqmyd2yyp4yilwvih9625pd"; }; } // (args.argsOverride or {})) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d0d95209df27..4708a273c333 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -16801,6 +16801,12 @@ in perlcritic = perlPackages.PerlCritic; + sqitchMysql = callPackage ../development/tools/misc/sqitch { + name = "sqitch-mysql"; + databaseModule = perlPackages.DBDmysql; + sqitchModule = perlPackages.AppSqitch; + }; + sqitchPg = callPackage ../development/tools/misc/sqitch { name = "sqitch-pg"; databaseModule = perlPackages.DBDPg; @@ -26995,6 +27001,7 @@ in coqPackages_8_10 coq_8_10 coqPackages_8_11 coq_8_11 coqPackages_8_12 coq_8_12 + coqPackages_8_13 coq_8_13 coqPackages coq ; diff --git a/pkgs/top-level/coq-packages.nix b/pkgs/top-level/coq-packages.nix index 46b7094cb3a4..35f384a46c6e 100644 --- a/pkgs/top-level/coq-packages.nix +++ b/pkgs/top-level/coq-packages.nix @@ -125,6 +125,9 @@ in rec { coq_8_12 = callPackage ../applications/science/logic/coq { version = "8.12.1"; }; + coq_8_13 = callPackage ../applications/science/logic/coq { + version = "8.13+beta1"; + }; coqPackages_8_5 = mkCoqPackages coq_8_5; coqPackages_8_6 = mkCoqPackages coq_8_6; @@ -134,6 +137,7 @@ in rec { coqPackages_8_10 = mkCoqPackages coq_8_10; coqPackages_8_11 = mkCoqPackages coq_8_11; coqPackages_8_12 = mkCoqPackages coq_8_12; + coqPackages_8_13 = mkCoqPackages coq_8_13; coqPackages = recurseIntoAttrs (lib.mapDerivationAttrset lib.dontDistribute coqPackages_8_11 ); |