diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/pinentry/mac.nix')
-rw-r--r-- | nixpkgs/pkgs/tools/security/pinentry/mac.nix | 79 |
1 files changed, 65 insertions, 14 deletions
diff --git a/nixpkgs/pkgs/tools/security/pinentry/mac.nix b/nixpkgs/pkgs/tools/security/pinentry/mac.nix index 27917ffbbf17..d824a816dc90 100644 --- a/nixpkgs/pkgs/tools/security/pinentry/mac.nix +++ b/nixpkgs/pkgs/tools/security/pinentry/mac.nix @@ -1,32 +1,83 @@ -{ lib, stdenv, fetchFromGitHub, xcbuildHook, libiconv, ncurses, Cocoa }: +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, libassuan +, libgpg-error +, libiconv +, texinfo +, common-updater-scripts +, writers +, Cocoa +}: -stdenv.mkDerivation { +stdenv.mkDerivation rec { pname = "pinentry-mac"; - version = "0.9.4"; + + # NOTE: Don't update manually. Use passthru.updateScript on a Mac with XCode + # installed. + version = "1.1.1.1"; src = fetchFromGitHub { - owner = "matthewbauer"; - repo = "pinentry-mac"; - rev = "6dfef256c8ea32d642fea847f27d800f024cf51e"; - sha256 = "0g75302697gqcxyf2hyqzvcbd5pyss1bl2xvfd40wqav7dlyvj83"; + owner = "GPGTools"; + repo = "pinentry"; + rev = "v${version}"; + sha256 = "sha256-QnDuqFrI/U7aZ5WcOCp5vLE+w59LVvDGOFNQy9fSy70="; }; - nativeBuildInputs = [ xcbuildHook ]; - buildInputs = [ libiconv ncurses Cocoa ]; + # use pregenerated nib files because generating them requires XCode + postPatch = '' + cp -r ${./mac/Main.nib} macosx/Main.nib + cp -r ${./mac/Pinentry.nib} macosx/Pinentry.nib + chmod -R u+w macosx/*.nib + ''; - preBuild = '' - # Only build for what we care about (also allows arm64) - substituteInPlace pinentry-mac.xcodeproj/project.pbxproj \ - --replace "i386 x86_64 ppc" "${stdenv.targetPlatform.darwinArch}" + # Unfortunately, PlistBuddy from xcbuild is not compatible enough pinentry-mac’s build process. + sandboxProfile = '' + (allow process-exec (literal "/usr/libexec/PlistBuddy")) ''; + nativeBuildInputs = [ autoreconfHook texinfo ]; + buildInputs = [ libassuan libgpg-error libiconv Cocoa ]; + + configureFlags = [ "--enable-maintainer-mode" "--disable-ncurses" ]; + installPhase = '' mkdir -p $out/Applications - mv Products/Release/pinentry-mac.app $out/Applications + mv macosx/pinentry-mac.app $out/Applications ''; + enableParallelBuilding = true; + passthru = { binaryPath = "Applications/pinentry-mac.app/Contents/MacOS/pinentry-mac"; + updateScript = writers.writeBash "update-pinentry-mac" '' + set -euxo pipefail + + main() { + tag="$(queryLatestTag)" + ver="$(expr "$tag" : 'v\(.*\)')" + + ${common-updater-scripts}/bin/update-source-version pinentry_mac "$ver" + + cd ${lib.escapeShellArg ./.} + rm -rf mac + mkdir mac + + srcDir="$(nix-build ../../../.. --no-out-link -A pinentry_mac.src)" + for path in "$srcDir"/macosx/*.xib; do + filename="''${path##*/}" + /usr/bin/ibtool --compile "mac/''${filename%.*}.nib" "$path" + done + } + + queryLatestTag() { + curl -sS https://api.github.com/repos/GPGTools/pinentry/tags \ + | jq -r '.[] | .name' | sort --version-sort | tail -1 + } + + main + ''; }; meta = { |